| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
It's needed for macaddr_add.
Fixes: 50efd403e67c ("bcm53xx: set WAN MAC address to don't share one with LAN interface")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
| |
Add missing parentheses.
Fixes kernel build issue when using this driver.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
| |
Compiled & tested on cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
| |
After "73d923e base-files: emit tagged switch configuration by default"
some default network configurations are broken because the lan and wan
ifnames are forcibly set to untagged netdevs.
Adjust the offending set_interfaces_lan_wan() calls to use the proper
tagged device names.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
| |
Add a patch to revert upstream commit 9aed02feae57bf7a40cb04ea0e3017cb7a998db4
which introduces syntax errors.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following 41 security problems:
+ CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
+ CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
+ CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
+ CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
+ CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
+ CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
+ CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
+ CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
+ CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
+ CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
+ CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
+ CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
+ CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
+ CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
+ CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
+ CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
+ CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
+ CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
+ CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
+ CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
+ CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
+ CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
+ CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
+ CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
+ CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
+ CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
+ CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
+ CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
lightweight resolver protocol, PIM).
+ CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
+ CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
+ CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
+ CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
+ CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
+ CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
+ CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
+ CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
print-ether.c:ether_print().
+ CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
+ CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
+ CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
+ CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
+ CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().
The size of the package is only incread very little:
new size:
306430 tcpdump_4.9.0-1_mips_24kc.ipk
130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk
old size:
302782 tcpdump_4.8.1-1_mips_24kc.ipk
129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
| |
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
|
|
|
|
|
|
|
|
| |
n
As usual these patches were extracted and rebased from the raspberry pi repo:
https://github.com/raspberrypi/linux/tree/rpi-4.4.y
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
| |
It just makes code consistent. This trivial change may be a 17.01
candidate to provide simpler backporting experience.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
| |
This reverts commit dde5c729ec92cbb11cf6367d93887e634b0ac756.
The uClibc update was completely untested, does not build with Kernel 4.4 and
did not adjust the configuration to predeclare new config symbols.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
For backward 4.4 compatibility I added patch reverting my changes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
| |
In kernel 4.9 it's already present so we don't want to overwite it (with
older & API incompatible version).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
| |
We dont't build officialy images for them yet due to partitioning
issues.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches for all targets that support kernel 4.4.
Compile-tested on all targets that use kernel 4.4 and aren't marked
broken, except arc770 and arch38 due to broken toolchain.
Runtime-tested on ar71xx, octeon, ramips and x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bump to dnsmasq 2.77test1 - this includes a number of fixes since 2.76
and allows dropping of 2 LEDE carried patches.
Notable fix in rrfilter code when talking to Nominum's DNS servers
especially with DNSSEC.
A patch to switch dnsmasq back to 'soft fail' for SERVFAIL responses
from dns servers is also included. This mean dnsmasq tries all
configured servers before giving up.
A 'localise queries' enhancement has also been backported (it will
appear in test2/rc'n') this is especially important if using the
recently imported to LEDE 'use dnsmasq standalone' feature 9525743c
I have been following dnsmasq HEAD ever since 2.76 release.
Compile & Run tested: ar71xx, Archer C7 v2
Tested-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
|
|
| |
ref commit 9525743c076393336cd2129539c974f8a01c7894
dnsmasq: make DHCPv6 viable for standalone dnsmasq install
Above commit broke instancing by missing filter_dnsmasq()
as part of the dhcp_add() execution.
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Sanlinking Technologies D240
(http://www.sanlinking.com/en/29-dual-4g-wifi-router.html) is basically the same
device as the ZBT WE826, so adding support for it in LEDE is straight forward.
The differences is that the D240 has two mini-PCIe slots (instead of one), blue
LEDs and supports PoE.
Specification:
* CPU: MT7620A
* 1x 10/100Mbps POE (802.3af/802.3at) Ethernet, 4x 10/100Mbps.
* 16 MB Flash.
* 128 MB RAM.
* 1x USB 2.0 port.
* 2x mini-PCIe slots.
* 2x SIM slots.
* 1x 2.4Ghz WIFI.
* 1x button.
Wifi, USB, switch and both mini-PCIe slots are working. I have not been able to
test the SD card reader.
The device comes pre-installed with an older version of OpenWRT, including Luci.
In order to install LEDE, you need to follow the existing procedure for updating
OpenWRT/LEDE using Luci. I.e., you need to access the UI and update the firmware
using the sysupgrade-image. Remember to select that you do not want to keep
existing settings. The default router address is 192.168.10.1 and
username/password admin/root (at least on my devices).
If you brick the device, the procedure for recovery is the same as for the
WE826. Please see the wiki page for that device for instructions.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
| |
Do not spam the syslog with DHCPv6 lease info if quietdhcp option
is selected. This already works for DHCPv4, make it work in the same
way for DHCPv6.
Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
[Originally written by Arjen de Korte on GitHub but had issues providing
a SoB in correct format.]
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Tim Harvey <tharvey@gateworks.com> [fixes]
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch moves the fakeroot code required by some devices to
`image-commands.mk`.
Create the fakeroot on the fly by using the undocumented -s (skip copy)
parameter of mkimage.
Signed-off-by: Joseph C. Lehner <joseph.c.lehner@gmail.com>
[remove unused NETGEAR_KERNEL_MAGIC, remove workarounds to have a dummy
rootfs for mkimage]
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
| |
Gemtek is the ODM but the board was sold by Airlink101.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The factory image can't be bigger than 3328 KByte. If the image is
bigger than that, the gemtek-header tool throws an error and breaks
the build.
Make sure the output file to which the gemtek header should be added
exists and wasn't removed during the check-size step because of it
size. This will prevent hard errors in case the factory image is to big
similar to what is done for sysupgrade images.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
|
|
|
| |
Adds the following fixes:
91acde6 libubus: do not modify uloop_cancelled
763b9b2 libubus: reset ctx->sock.eof to fix reconnect issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds the following changes:
de3f14b uloop: add uloop_cancelling function
3b6181b utils: fix build on Mac OS X 10.12
7f671b1 blobmsg: add support for double
0fe1374 utils: add helper functions useful for allocating a ring buffer
8fc1c30 libubox: replace strtok with _r version.
4a9f74f libubox: allow reading out the pid of uloop process in lua
372e1e6 uloop: remove useless epoll data assignment
f9db1cb libubox: allow reading out the remaining time of a uloop timer in Lua
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 71a39b8 ("ipq806x: Fix wireless support for Netgear Nighthawk X4S
D7800") added a trailing TAB char after the backslash which prevents
the assignment of the correct MACs for wifi devices.
Fixes: FS#451
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
[reworded commit message]
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
| |
add backport patches for older kernels
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
add backport patches for older kernels
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
| |
After analyzing numerous NVRAMs and vendor firmwares it seems the base
MAC address is used for LAN interface. WAN interface has different one
which sometimes is set directly in NVRAM and sometines needs to be
calculated.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
| |
Be consistent with form and format of the vendor names.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
|
|
|
|
| |
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
|
|
|
|
| |
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
|
|
|
|
|
|
| |
Disable all devices which do not belong to the mikrotik subtarget.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
|
|
|
|
|
|
| |
Disable all devices which do not belong to the nand subtarget.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
|
|
|
|
| |
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
|
|
|
|
|
|
|
|
| |
Added the missing audio pcm interface in the .dtsi file for the rt5350
device. The update has been verified from the data get from the datasheet
and is very similar to the mt7620a.dtsi
Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
|
|
|
|
|
|
| |
key_direction shows up as an openvpn option in the user-interface but does not end up in the /var/etc/openvpn*.conf file. Adding it to the list here fixed the issue for me.
Signed-off-by: Brandon Koepke <bdkoepke@fastmail.com>
|
|
|
|
|
|
|
| |
Use a vendor prefix as it has to be for all not core driver. Update the
compatible string in the device tree files accordingly.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
|
| |
The Sercomm NA930 is not a mt7620a evaluation board and shouldn't use
the eval board compatible string.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|