| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
| |
Add a patch to revert upstream commit 9aed02feae57bf7a40cb04ea0e3017cb7a998db4
which introduces syntax errors.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following 41 security problems:
+ CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
+ CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
+ CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
+ CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
+ CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
+ CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
+ CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
+ CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
+ CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
+ CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
+ CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
+ CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
+ CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
+ CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
+ CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
+ CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
+ CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
+ CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
+ CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
+ CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
+ CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
+ CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
+ CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
+ CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
+ CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
+ CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
+ CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
+ CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
lightweight resolver protocol, PIM).
+ CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
+ CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
+ CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
+ CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
+ CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
+ CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
+ CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
+ CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
print-ether.c:ether_print().
+ CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
+ CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
+ CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
+ CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
+ CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().
The size of the package is only incread very little:
new size:
306430 tcpdump_4.9.0-1_mips_24kc.ipk
130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk
old size:
302782 tcpdump_4.8.1-1_mips_24kc.ipk
129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches for all targets that support kernel 4.4.
Compile-tested on all targets that use kernel 4.4 and aren't marked
broken, except arc770 and arch38 due to broken toolchain.
Runtime-tested on ar71xx, octeon, ramips and x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit d2c4041f0266cc93447998ddd67c7d6b6a4c2ee3)
Conflicts:
include/kernel-version.mk
target/linux/ramips/patches-4.4/997-ralink-Introduce-fw_passed_dtb-to-arch-mips-ralink.patch
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed patches for all supported targets.
Compile-tested on ar71xx, cns3xxx, imx6, mt7621, oxnas and x86/64.
Run-tested on ar71xx, cns3xxx, imx6 and mt7621.
Tested-by: Stijn Segers <francesco.borromini@inventati.org>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 3becadd56cddfb8abff50cdb0ef1cb3f90b0809a)
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed patches for all supported targets.
Compiled & tested on cns3xxx & imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 4d1515070baeca64fedaca957b6b4156976f3b3a)
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Conflicts:
target/linux/ar71xx/patches-4.4/920-usb-chipidea-AR933x-platform-support.patch
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bump kernel to 4.4.44. Compile-tested on ar71xx, ramips/mt7621 and x86/64.
.44 has been run-tested on the 17.01 branch here on ar71xx and mt7621.
Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
(cherry picked from commit 20996edd68b8a0b139bdb36b3aafa29c037d4bda)
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Conflicts:
target/linux/ar71xx/patches-4.4/920-usb-chipidea-AR933x-platform-support.patch
target/linux/ar71xx/patches-4.4/930-chipidea-pullup.patch
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
| |
It just makes code consistent. This trivial change may be a 17.01
candidate to provide simpler backporting experience.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
| |
We dont't build officialy images for them yet due to partitioning
issues.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I needed a moment to figure out relation between this patchset and the
nl80211: fix validation of scheduled scan info for wowlan netdetect
It appears nl80211 commit will go on top of brcmfmac changes so it's
safe to backport these patches.
One patch that was excluded is commit 2a2a5d1835b6 ("brcmfmac: add
.update_connect_params() callback") as it depends on missing commit
088e8df82f91 ("cfg80211: Add support to update connection parameters").
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
| |
This includes memory leak fix in initialization path.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
| |
There are more patches to backport that should go before these.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
| |
This is a pure rename without any changes. It makes maintaining bgmac
simpler and will hopefully make adding new kernel a bit easier.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
| |
Some debugging/error messages are printed using wpa_printf and this
change allows finally reading them out of the syslog.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
| |
This will allow starting hostapd with the new -s parameter and finally
read all (error) messages from the syslog.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It wasn't possible to read hostapd wpa_printf messages unless running
hostapd manually. It was because hostapd was printing them using vprintf
and not directly to the syslog.
We were trying to workaround this problem by redirecting STDIN_FILENO
and STDOUT_FILENO but it was working only for the initialization phase.
As soon as hostapd did os_daemonize our solution stopped working.
Please note despite the subject this change doesn't affect debug level
messages only but just everything printed by hostapd with wpa_printf
including MSG_ERROR-s. This makes it even more important as reading
error messages can be quite useful for debugging.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The factory image can't be bigger than 3328 KByte. If the image is
bigger than that, the gemtek-header tool throws an error and breaks
the build.
Make sure the output file to which the gemtek header should be added
exists and wasn't removed during the check-size step because of it
size. This will prevent hard errors in case the factory image is to big
similar to what is done for sysupgrade images.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 71a39b8 ("ipq806x: Fix wireless support for Netgear Nighthawk X4S
D7800") added a trailing TAB char after the backslash which prevents
the assignment of the correct MACs for wifi devices.
Fixes: FS#451
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
[reworded commit message]
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
|
|
|
| |
After analyzing numerous NVRAMs and vendor firmwares it seems the base
MAC address is used for LAN interface. WAN interface has different one
which sometimes is set directly in NVRAM and sometines needs to be
calculated.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The setting mmc-ddr-1_8v in the platform dts leads to read errors. The
device is unusable and system reboots in a loop. Because NBG6817 is the
only mmc device, I removed it in base dts.
The second change removes settings now present in base dts.
The third change references was a wrong conversion of constants in the switch settings.
Switch now initializes again.
Signed-off-by: André Valentin <avalentin@marcant.net>
|
|
|
|
|
|
|
|
|
|
|
|
| |
samba.org has started to enforce https and
currently plain http downloads with curl/wget fail,
so convert samba.org download links to use https.
Modernise links at the same time.
Also convert samba.org URL fields to have https.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
|
|
|
|
|
| |
This backports upstream commit 62e13097c46c ("net: phy: broadcom: rehook
BCM54612E specific init")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates musl to 1.1.16+ [0] and removes all the
backported patches. This is a major release and tagged as such.
For more information visit musl-libc.org or read the WHATSNEW.
Furthermore, this patch also changes musl to download directly
from git. This makes it easier to update musl in the future.
The patch custom Add-format-attribute-to-some-function-declarations.patch
was assigned a new 400- number. This should avoid confusion
since 0xx numbers are usually assigned to backports.
[0] <http://git.musl-libc.org/cgit/musl/commit/?id=769f53598e781ffc89191520f3f8a93cb58db91f>
Cc: Hannu Nyman <hannu.nyman@iki.fi>
Cc: Koen Vandeputte <koen.vandeputte@ncentric.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
|
|
|
|
| |
Signed-off-by: Qian Zheng <sotux82@gmail.com>
|
|
|
|
|
|
| |
Signed-off-by: Qian Zheng <sotux82@gmail.com>
[Jo-Philipp Wich: fix alphabetical order after merging with gl-ar300 case]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
| |
Signed-off-by: Qian Zheng <sotux82@gmail.com>
[Jo-Philipp Wich: fix alphabetical order]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All mvebu boards have three USB LEDs. The first one is used for the
USB1 port.
There are two LEDs related to the second USB port. The top (bar) LED
gets bright in case any USB device is connected to the second USB port.
If the connected device is an USB 3 (SuperSpeed) device, the small dot
LED bellow the "bar" LED gets also bright.
While at it, use a name for the USB LEDs that matches the names printed
on the case.
Fixes: FS#423, FS#425
Signed-off-by: Kabuli Chana <newtownbuild@gmail.com>
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
| |
Signed-off-by: Hans Geiblinger <cybrnook2002yahoo.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup]
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds the sp5100_tco driver as a kernel module for the x86
target. Specifically, this can be used by the PCEngines APU2/APU3. The
reason for having this as a kernel module is to allow users to
load/unload it on demand, as the I2C interface on the APU2/APU3 will not
work while this module is loaded. More info can be found on GitHub at
https://github.com/riptidewave93/LEDE-APU2/pull/5#issuecomment-255667736
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the following patches to the x86 target:
sp5100_tco: Add AMD Mullins platform support
sp5100_tco: Add AMD Carrizo platform support
sp5100_tco: fix the device check for SB800 and later chipsets
watchdog: sp5100_tco: properly check for new register layouts
With these added, the sp5100_tco driver can then be used on newer AMD
platforms, such as the PCEngines APU2/APU3 boards.
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
|
|
|
|
|
|
|
|
|
| |
erlite mtdparts exposes boot0, boot1 and eeprom regions
as read/write.
this patch adds readonly flags, so these regions can't be
modified. same as it is already for ER profile.
Signed-off-by: Jiri Kastner <cz172638@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
D7800 has a simular hardware to R7800 and uses dual QCA9980 for both 2.4GHz and 5GHz band.
However there is no proper initialization for them, which causes a kernel panic due to failed firmware loading.
This patch adds d7800 to ath10k caldata extraction list.
I can get two functional wireless bands after making change to it.
Signed-off-by: Zhang Jingye <934526987@qq.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the base-files package is not selected, we will fail executing the
very first postinst script:
make[3]: Leaving directory `/local/users/fainelli/openwrt/trunk'
cp -fpR
/local/users/fainelli/openwrt/trunk/build_dir/target-arm_xscale_musl-1.1.15_eabi/root-orion
/local/users/fainelli/openwrt/trunk/build_dir/target-arm_xscale_musl-1.1.15_eabi/root.orig-orion
./usr/lib/opkg/info/busybox.postinst: line 3:
/local/users/fainelli/openwrt/trunk/build_dir/target-arm_xscale_musl-1.1.15_eabi/root-orion/lib/functions.sh:
No such file or directory
./usr/lib/opkg/info/busybox.postinst: line 4: default_postinst: command
not found
postinst script ./usr/lib/opkg/info/busybox.postinst has failed with
exit code 127
make[2]: *** [package/install] Error 1
Check for the existence of lib/functions.sh, and if it does not exist,
just bail out gracefully.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
|
|
|
|
| |
Signed-off-by: Wilco Baan Hofman <wilco@baanhofman.nl>
|
|
|
|
|
|
|
| |
Updated cake's tc patch to match the official cake repository
formatting.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
|
|
| |
wash, mpu & some memory optimisation have now made it to the official
cake repository.
Point LEDE to the official repository.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The libtool target package stages its files into the host staging directory
and moves the libltdl library parts from there into the target staging
directory afterwards.
By doing so, the package essentially renders the host libtool infrastructure
unusable, leading to the below error in subsequent package builds:
libtoolize: $pkgltdldir is not a directory: `.../hostpkg/share/libtool`
Prevent this problem by using a dedicated libltdl install prefix in order to
avoid overwriting and moving away preexisting files belonging to tools/libtool.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
| |
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
| |
Inspired/adapted from `package-defaults.mk` MAKE_VARS.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
The final semantic is the same, but this is a bit more correct.
Build tested on Windows 10 (yes, there is some
Ubuntu mode for Windows 10, and I've been also building LEDE
on it for a few weeks).
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|