1. 20 Apr, 2019 2 commits
  2. 18 Apr, 2019 2 commits
  3. 06 Mar, 2019 1 commit
    • Rafał Miłecki's avatar
      kernel: fix refcnt leak in LED netdev trigger on interface rename · 981f5f7e
      Rafał Miłecki authored
      
      
      Renaming a netdev-trigger-tracked interface was resulting in an
      unbalanced dev_hold().
      
      Example:
      > iw phy phy0 interface add foo type __ap
      > echo netdev > trigger
      > echo foo > device_name
      > ip link set foo name bar
      > iw dev bar del
      [  237.355366] unregister_netdevice: waiting for bar to become free. Usage count = 1
      [  247.435362] unregister_netdevice: waiting for bar to become free. Usage count = 1
      [  257.545366] unregister_netdevice: waiting for bar to become free. Usage count = 1
      
      Above problem was caused by trigger checking a dev->name which obviously
      changes after renaming an interface. It meant missing all further events
      including the NETDEV_UNREGISTER which is required for calling dev_put().
      
      This change fixes that by:
      1) Comparing device struct *address* for notification-filtering purposes
      2) Dropping unneeded NETDEV_CHANGENAME code (no behavior change)
      Signed-off-by: default avatarRafał Miłecki <rafal@milecki.pl>
      (cherry picked from commit eea53820)
      981f5f7e
  4. 26 Feb, 2019 1 commit
  5. 25 Feb, 2019 1 commit
  6. 11 Feb, 2019 1 commit
    • Rafał Miłecki's avatar
      mac80211: brcmfmac: fix a possible NULL pointer dereference · f3f21b3d
      Rafał Miłecki authored
      
      
      This fixes a possible crash in the brcmf_fw_request_nvram_done():
      [   31.687293] Backtrace:
      [   31.689760] [<c004fb4c>] (__wake_up_common) from [<c004fc38>] (__wake_up_locked+0x1c/0x24)
      [   31.698043]  r10:c6794000 r9:00000009 r8:00000001 r7:bf54dda0 r6:a0000013 r5:c78e7d38
      [   31.705928]  r4:c78e7d3c r3:00000000
      [   31.709528] [<c004fc1c>] (__wake_up_locked) from [<c00502a8>] (complete+0x3c/0x4c)
      [   31.717148] [<c005026c>] (complete) from [<bf54590c>] (brcmf_fw_request_nvram_done+0x5c8/0x6a4 [brcmfmac])
      [   31.726818]  r7:bf54dda0 r6:c6794000 r5:00001990 r4:c6782380
      [   31.732544] [<bf545344>] (brcmf_fw_request_nvram_done [brcmfmac]) from [<c0204e40>] (request_firmware_work_func+0x38/0x60)
      [   31.743607]  r10:00000008 r9:c6bdd700 r8:00000000 r7:c72c3cd8 r6:c67f4300 r5:c6bda300
      [   31.751493]  r4:c67f4300
      [   31.754046] [<c0204e08>] (request_firmware_work_func) from [<c0034458>] (process_one_work+0x1e0/0x318)
      [   31.763365]  r4:c72c3cc0
      [   31.765913] [<c0034278>] (process_one_work) from [<c0035234>] (worker_thread+0x2f4/0x448)
      [   31.774107]  r10:00000008 r9:00000000 r8:c6bda314 r7:c72c3cd8 r6:c6bda300 r5:c6bda300
      [   31.781993]  r4:c72c3cc0
      [   31.784545] [<c0034f40>] (worker_thread) from [<c003984c>] (kthread+0x100/0x114)
      [   31.791949]  r10:00000000 r9:00000000 r8:00000000 r7:c0034f40 r6:c72c3cc0 r5:00000000
      [   31.799836]  r4:c735dc00 r3:c79ed540
      [   31.803438] [<c003974c>] (kthread) from [<c00097d0>] (ret_from_fork+0x14/0x24)
      [   31.810672]  r7:00000000 r6:00000000 r5:c003974c r4:c735dc00
      [   31.816378] Code: e5b53004 e1a07001 e1a06002 e243000c (e5934000)
      [   31.822487] ---[ end trace a0ffbb07a810d503 ]---
      Signed-off-by: default avatarRafał Miłecki <rafal@milecki.pl>
      (cherry picked from commit 83bcacb5)
      f3f21b3d
  7. 30 Jan, 2019 1 commit
    • Sven Roederer's avatar
      openssl: bump to 1.0.2q · 6c14b29b
      Sven Roederer authored
      
      
      This fixes the following security problems:
       * CVE-2018-5407: Microarchitecture timing vulnerability in ECC scalar multiplication
       * CVE-2018-0734: Timing vulnerability in DSA signature generation
       * Resolve a compatibility issue in EC_GROUP handling with the FIPS Object Module
      Signed-off-by: default avatarSven Roederer <freifunk@it-solutions.geroedel.de>
      (backport of commit 98906047)
      6c14b29b
  8. 22 Jan, 2019 5 commits
    • Jo-Philipp Wich's avatar
      opkg: update to latest Git head · 009ecf31
      Jo-Philipp Wich authored
      
      
      d217daf libopkg: fix replacelist parsing and writing
      9dd9a07 libopkg: fix segmentation fault when traversing conflicts
      34571ba libopkg: consider provided packages in pkg_vec_mark_if_matches()
      18740e6 opkg_download: print error when fork() fails
      e3d7330 libopkg: don't print unresolved dependencies twice
      3b417b9 opkg_download: decode file:/ URLs
      71c27cb file_util: implement urldecode_path()
      d1fe095 file_util: consolidate hex/unhex routines
      ebdfc12 add opkg option http_timeout
      9f003e3 opkg: encode archive filenames while constructing download URLs
      73e6c81 file_util: implement urlencode_path() helper
      468158f libopkg: fix SHA256 calculation for big endian system
      4bd8601 pkg_parse: fix segfault when parsing descriptions with leading newlines
      52fc006 pkg_alternatives: pass if the desired symlink already exists
      c668fce opkg: add --no-check-certificate argument
      04e279e pkg_alternatives: use ERROR level for symlink failure
      546bc72 pkg: alternatives support
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      (backported from commit 1bd18f2b)
      009ecf31
    • Jo-Philipp Wich's avatar
      opkg: switch source url to git.openwrt.org · f0115b50
      Jo-Philipp Wich authored
      
      
      As LEDE is rebranding to OpenWrt now, adjust the Git source references
      accordingly.
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      (backported from commit da95c9aa)
      f0115b50
    • Jonas Gorski's avatar
      opkg: drop argument from check_signature in opkg.conf · 99e5ba32
      Jonas Gorski authored
      check_signature is a bool option and doesn't take any arguments. The
      presence of the 1 falsely suggests setting it to 0 disables the check,
      while the option actually needs to be removed or commented out to be
      disabled. So remove the argument to make it more clear.
      
      Fixes: beca028b
      
       ("build: add integration for managing opkg package feed keys")
      Signed-off-by: default avatarJonas Gorski <jonas.gorski@gmail.com>
      (backported from commit d3bf5ff9)
      99e5ba32
    • Tony Ambardar's avatar
      base-files: install missing /etc/iproute2/ematch_map · 0c8e8e2d
      Tony Ambardar authored
      
      
      This file is needed to properly use the tc ematch modules present in
      kmod-sched-core and kmod-sched. It is a read-only index file of ematch
      methods used only by tc.
      Signed-off-by: default avatarTony Ambardar <itugrok@yahoo.com>
      [cherry picked from commit 10a2ccb7]
      0c8e8e2d
    • Tony Ambardar's avatar
      base-files: fix postinstall uci-defaults removal · 484117b4
      Tony Ambardar authored
      Commit 7f694582 introduced a bug where default_postinst() often fails to
      remove a uci-defaults script after application, leaving it to run again
      after a reboot.
      (Note: commit 7f694582 also introduced FS#1021, now fixed by 73c745f6
      
      )
      
      The subtle problem arises from the shell logical chain:
      [ -f "$i" ] && . "$i" && rm -f "$i"
      
      Most uci-defaults scripts contain a terminal 'exit 0' statement which,
      when sourced, results in the logic chain exiting before executing 'rm -f'.
      This was observed while testing upgrades of 'luci-app-sqm'.
      
      The solution is to wrap the shell sourcing in a subshell relative to the
      command 'rm -f':
      ( [ -f "$i" ] && . "$i" ) && rm -f "$i"
      
      Revert to using 'grep' to prefilter the list of entries from the control
      file, which yields the full path of uci-defaults scripts. This allows
      keeping the existence check, directory change and script sourcing inside
      the subshell, with the script removal correctly outside.
      
      This approach avoids adding a second subshell only around the "." (source)
      command. The change also preserves the fix FS#1021, since the full path is
      used to source the script, which is POSIX-portable irrespective of PATH
      variable or reference to the CWD.
      
      Run Tested on: LEDE 17.01.4 running ar71xx, while tracing installation of
      package luci-app-sqm with its associated /etc/uci-defaults/luci-sqm file.
      Signed-off-by: default avatarTony Ambardar <itugrok@yahoo.com>
      (backported from 4097ab6a)
      484117b4
  9. 15 Jan, 2019 1 commit
    • Koen Vandeputte's avatar
      cns3xxx: use actual size reads for PCIe · e0959274
      Koen Vandeputte authored
      
      
      upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
      reimplemented cns3xxx_pci_read_config() using pci_generic_config_read32(),
      which preserved the property of only doing 32-bit reads.
      
      It also replaced cns3xxx_pci_write_config() with pci_generic_config_write(),
      so it changed writes from always being 32 bits to being the actual size,
      which works just fine.
      
      Due to:
      - The documentation does not mention that only 32 bit access is allowed.
      - Writes are already executed using the actual size
      - Extensive testing shows that 8b, 16b and 32b reads work as intended
      
      It makes perfectly sense to also swap 32 bit reading in favor of actual size.
      Signed-off-by: default avatarKoen Vandeputte <koen.vandeputte@ncentric.com>
      e0959274
  10. 08 Jan, 2019 1 commit
  11. 01 Jan, 2019 1 commit
    • Christian Lamparter's avatar
      apm821xx: switch MX60(W)'s recovery images to multi-image method · 834bd864
      Christian Lamparter authored
      In the past, the MX60(W)'s recovery images always had problems
      with the size restriction and never really worked without manual
      intervention. This patch reworks the initramfs, which allows the
      device to ease up on the impossible tight kernel size requirements
      for the initramfs image.
      
      This new initramfs can be loaded through the MX60(W) U-boot
      in the following way:
      
      => setenv bootargs console=ttyS0,$baudrate
      => tftpboot $meraki_loadaddr meraki_mx60-initramfs-kernel.bin
         [...]
         Load address: 0x800000
          Loading: ################################################ [...]
          done
         [...]
      
      => bootm $fileaddr
         \## Booting kernel from Legacy Image at 00800000 ...
          ...
      
      For more information and the latest flashing guide:
      please visit the OpenWrt Wiki Page for the MX60(W):
      <https://openwrt.org/toh/meraki/mx60#flashing
      
      >
      Signed-off-by: default avatarChris Blake <chrisrblake93@gmail.com>
      Signed-off-by: default avatarChristian Lamparter <chunkeey@gmail.com>
      (cherry picked from commit 36c19c9f)
      834bd864
  12. 27 Dec, 2018 1 commit
    • Freddy Leitner's avatar
      apm821xx: MBL: load kernel/dtb from SATA 0:1 first · 459a40fc
      Freddy Leitner authored
      
      
      This remedies an issue with the MBL Duo if both disks are inserted
      and contain OpenWrt. kernel and dtb would be loaded from SATA 1:1
      while rootfs (/dev/sda2) would be mounted on SATA 0:1.
      
      Such a mix&match would obviously only work if both OpenWrt versions/
      builds are identical, and especially fail after sysupgrade upgraded
      the system disk on SATA 0:1.
      
      The fallback to SATA 1:1 needs to be kept for MBL Single (only has
      SATA 1:1) and MBL Duo with one disk inserted on SATA 1:1. To speed
      up booting in those cases, the unneccesarily doubled "sata init"
      will only be called once. (In theory it could be omitted completely
      since the on-flash boot script already initializes SATA to load the
      on-disk boot script.)
      
      Tested on MBL Duo (all possible combination of disks) and MBL Single
      Signed-off-by: default avatarFreddy Leitner <hello@square.wf>
      459a40fc
  13. 18 Dec, 2018 2 commits
    • Koen Vandeputte's avatar
      cns3xxx: fix writing to wrong PCI registers · 202c3ceb
      Koen Vandeputte authored
      
      
      Originally, cns3xxx used it's own functions for mapping, reading and writing registers.
      
      Upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
      removed the internal PCI config write function in favor of the generic one:
      
      cns3xxx_pci_write_config() --> pci_generic_config_write()
      
      cns3xxx_pci_write_config() expected aligned addresses, being produced by cns3xxx_pci_map_bus()
      while the generic one pci_generic_config_write() actually expects the real address
      as both the function and hardware are capable of byte-aligned writes.
      
      This currently leads to pci_generic_config_write() writing
      to the wrong registers on some ocasions.
      
      First issue seen due to this:
      
      - driver ath9k gets loaded
      - The driver wants to write value 0xA8 to register PCI_LATENCY_TIMER, located at 0x0D
      - cns3xxx_pci_map_bus() aligns the address to 0x0C
      - pci_generic_config_write() effectively writes 0xA8 into register 0x0C (CACHE_LINE_SIZE)
      
      This seems to cause some slight instability when certain PCI devices are used.
      
      Another issue example caused by this this is the PCI bus numbering,
      where the primary bus is higher than the secondary, which is impossible.
      
      Before:
      
      00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
          Flags: bus master, fast devsel, latency 0, IRQ 255
          Bus: primary=02, secondary=01, subordinate=ff, sec-latency=0
      
      After fix:
      
      00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
          Flags: bus master, fast devsel, latency 0, IRQ 255
          Bus: primary=00, secondary=01, subordinate=02, sec-latency=0
      
      And very likely some more ..
      
      Fix all by omitting the alignment being done in the mapping function.
      Signed-off-by: default avatarKoen Vandeputte <koen.vandeputte@ncentric.com>
      202c3ceb
    • Koen Vandeputte's avatar
      kernel: bump 4.4 to 4.4.167 · 65044a50
      Koen Vandeputte authored
      
      
      Refreshed all patches.
      
      Removed upstreamed:
      - 203-MIPS-ath79-fix-restart.patch
      - 330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch
      - 051-0001-ovl-rename-is_merge-to-is_lowest.patch
      - 051-0002-ovl-override-creds-with-the-ones-from-the-superblock.patch
      - 051-0005-ovl-proper-cleanup-of-workdir.patch
      
      Altered patches:
      - 201-extra_optimization.patch
      - 304-mips_disable_fpu.patch
      
      Compile-tested on: ar71xx, cns3xxx, imx6, mpc85xx
      Runtime-tested on: ar71xx, cns3xxx, imx6, mpc85xx
      Signed-off-by: default avatarKoen Vandeputte <koen.vandeputte@ncentric.com>
      65044a50
  14. 12 Dec, 2018 1 commit
    • Jo-Philipp Wich's avatar
      rpcd: update to latest Git head · 26b80696
      Jo-Philipp Wich authored
      
      
      3aa81d0 file: access exec timeout via daemon ops structure
      7235f34 plugin: store pointer to exec timeout value in the ops structure
      ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout
      c79ef22 main: fix logic bug when not specifying a timeout option
      2cc4b99 file: use global exec timeout instead of own hardcoded limit
      ecd1660 exec: increase maximum execution time to 120s
      41333ab uci: tighten uci reorder operation error handling
      f91751b uci: tighten uci delete operation error handling
      c2c612b uci: tighten uci set operation error handling
      948bb51 uci: tighten uci add operation error handling
      51980c6 uci: reject invalid section and option names
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      26b80696
  15. 11 Dec, 2018 1 commit
  16. 29 Nov, 2018 4 commits
  17. 28 Nov, 2018 1 commit
    • Jo-Philipp Wich's avatar
      uhttpd: update to latest Git head · 6cf22507
      Jo-Philipp Wich authored
      
      
      cdfc902 cgi: escape url in 403 error output
      0bba1ce uhttpd: fix building without TLS and Lua support
      2ed3341 help: document -A option
      fa5fd45 file: fix CPP syntax error
      77b774b build: avoid redefining _DEFAULT_SOURCE
      b741dec lua: support multiple Lua prefixes
      952bf9d build: use _DEFAULT_SOURCE
      30a18cb uhttpd: recognize PATCH, PUT and DELETE HTTP methods
      796d42b client: flush buffered SSL output when tearing down client ustream
      393b59e proc: expose HTTP Origin header in process environment
      8109b95 file: escape strings in HTML output
      d3b9560 utils: add uh_htmlescape() helper
      db86175 lua: honour size argument in recv()
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      6cf22507
  18. 24 Nov, 2018 1 commit
  19. 22 Nov, 2018 1 commit
    • Linus Kardell's avatar
      base-files: fix unkillable processes after restart · 0f47ce81
      Linus Kardell authored
      
      
      When restart is run on an init script, the script traps SIGTERM. This is
      done as a workaround for scripts named the same name as the program they
      start. In that case, the init script process will have the same name as
      the program process, and so when the init script runs killall, it will
      kill itself. So SIGTERM is trapped to make the init script unkillable.
      
      However, the trap is retained when the init script runs start, and thus
      processes started by restart will not respond to SIGTERM, and will thus
      be unkillable unless you use SIGKILL. This fixes that by removing the
      trap before running start.
      Signed-off-by: default avatarLinus Kardell <linus@telliq.com>
      (cherry picked from commit 2ac1a576)
      0f47ce81
  20. 16 Nov, 2018 1 commit
  21. 09 Nov, 2018 1 commit
  22. 07 Nov, 2018 4 commits
  23. 12 Sep, 2018 1 commit
  24. 02 Sep, 2018 2 commits
  25. 30 Aug, 2018 2 commits