By default USB LEDs are associated with usbdev trigger. However,
not all devices which have USB LEDs have kmod-ledtrig-usbdev in their
list of default packages. Add it to the relevant devices.
Signed-off-by: Matti Laakso <matti.laakso@outlook.com>
With an own DMA TX channel for each network device (eth0 + eth1) there
won't be any "tx ring full" errors any more.
This patch also move the spinlocks to the channel level instead of locking
the whole xrx200_hw structure.
Signed-off-by: Martin Schiller <mschiller@tdt.de>
* Only parse interfaces that are up during init_config (as the
script depends on this to determine the proper IP/subnet range)
* Add reload interface triggers for samba-designated interfaces
* Force full service restart upon config change to ensure Samba
binds to new interfaces (sending HUP signal doesn't work)
* Rename "interface" variable to "samba_iface" and move into
global scope
Needed to fix Samba connectivity for clients connecting from a
different LAN subnet (e.g. pseudobridge configurations) due to the
'bind interfaces only' setting.
Signed-off-by: Conn O'Griofa <connogriofa@gmail.com>
The mw4530r-v1 profile in tp-link.mk is for Mercury MW4530R.
There is no such a device called TL-WDR4530.
Also change MERCURY to Mercury in /lib/ar71xx.sh
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
When PKG_CONFIG_LIBDIR was unset in the environment, the configure
script was deducing the PKG_CONFIG_LIBDIR from the location of the
pkg-config binary, which doesn't make a lot of sense, and isn't done
by other autotools based packages.
Patch imported from the Buildroot project:
https://github.com/buildroot/buildroot/blob/master/package/ncurses/0001-fixup-pkg-config-handling.patch
Also refresh patches while we're at.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Move the "which svn" and "which git" calls next to the timestamp commands
using those tools to not prematurely fail on systems where svn or git are
not present.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The bootmem area reserved for crashlog might be smaller than CRASHLOG_OFFSET
bytes, leading to an integer underflow when calculating the memory address
in crashlog_set_addr() which subsequently causes the kernel to crash when
attempting to vmap() the crashlog pages.
Change the logic to only consider the offset when the size of the used memory
area is sufficient.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
It adds and uses ILP clock that requires some other work (in progress)
for upstreaming it. Other than that it adds a quick fix for bcma to add
serial flash before trying to read SPROM.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
It wasn't accepted upstream as there was a discusson on Northstar vs.
BCM53573. Once we get a new ARM arch Kconfig entry it should be
possible to upstream it.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Due to an empty pi_ifname in the generic failsafe setup, the deconfig
never removed the failsafe networking interface, causing broken
networking later on.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Update make_ext4fs to latest git head in order to support creating empty
filesystem images by making the source directory argument optional.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Instead of introducing a fake filesystem type, move the tar generation step
directly into the image build step.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The previous image building code rework removed the rootfs.tar.gz with embedded
kernel and dtb build artifact which is required to build suitable SD images.
Reintroduce a .tar.gz artifact locally which embeds kernel and dtb, similar to
how the old code handled it.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Yue Cao claims that current host rate limiting of challenge ACKS
(RFC 5961) could leak enough information to allow a patient attacker
to hijack TCP sessions. He will soon provide details in an academic
paper.
Backports upstream commit 75ff39ccc1bd5d3c455b6822ab09e533c551f758
to the used LEDE kernel versions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Also configure the switch based on the failsafe config, and create the
failsafe interface as tagged if necessary.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
In preparation of properly setting up vlans and switches, add
support for configuring failsafe on a vlan tagged interface.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Move preinit interface and ip config to its own function to allow
calling it from more than one place.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Instead of board_detect generating the config as a side effect, let
config_generate call board_detect as needed.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Should fix parser data containing uninitialized values for of probed
physmap flashes, which could break e.g. the redboot parser.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Similar how we fix the file times in the filesystems, fix the build time
of the kernel, and make the build number static. This should allow the
kernel build to be reproducable when combined with setting the
KERNEL_BUILD_USER and _DOMAIN in case of different machines.
The reproducability only applies to non-initramfs kernels, those still
require additional changes.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
- Security: Message printout was vulnerable to format string injection.
If specific usernames including "%" symbols can be created on a system
(validated by getpwnam()) then an attacker could run arbitrary code as root
when connecting to Dropbear server.
A dbclient user who can control username or host arguments could potentially
run arbitrary code as the dbclient user. This could be a problem if scripts
or webpages pass untrusted input to the dbclient program.
- Security: dropbearconvert import of OpenSSH keys could run arbitrary code as
the local dropbearconvert user when parsing malicious key files
- Security: dbclient could run arbitrary code as the local dbclient user if
particular -m or -c arguments are provided. This could be an issue where
dbclient is used in scripts.
- Security: dbclient or dropbear server could expose process memory to the
running user if compiled with DEBUG_TRACE and running with -v
The security issues were reported by an anonymous researcher working with
Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html
Signed-off-by: Jo-Philipp Wich <jo@mein.io>