Skip to content

Commit

Permalink
Merge branch 'lede-17.01' into release
Browse files Browse the repository at this point in the history
  • Loading branch information
dsteinmetzer committed Jan 7, 2019
2 parents b58ea02 + 834bd86 commit f844a0e
Show file tree
Hide file tree
Showing 252 changed files with 5,826 additions and 1,303 deletions.
6 changes: 4 additions & 2 deletions include/download.mk
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,10 @@
# See /LICENSE for more information.
#

OPENWRT_GIT = http://git.openwrt.org
LEDE_GIT = https://git.lede-project.org
PROJECT_GIT = https://git.openwrt.org

OPENWRT_GIT = $(PROJECT_GIT)
LEDE_GIT = $(PROJECT_GIT)

ifdef PKG_SOURCE_VERSION
PKG_VERSION ?= $(if $(PKG_SOURCE_DATE),$(PKG_SOURCE_DATE)-)$(call version_abbrev,$(PKG_SOURCE_VERSION))
Expand Down
4 changes: 2 additions & 2 deletions include/kernel-version.mk
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@
LINUX_RELEASE?=1

LINUX_VERSION-3.18 = .43
LINUX_VERSION-4.4 = .140
LINUX_VERSION-4.4 = .167

LINUX_KERNEL_HASH-3.18.43 = 1236e8123a6ce537d5029232560966feed054ae31776fe8481dd7d18cdd5492c
LINUX_KERNEL_HASH-4.4.140 = 184c8f3cde0caca0d2a15ee2b6ce47e3a5b57038bc15a65e631d6b340886c7bb
LINUX_KERNEL_HASH-4.4.167 = 33ca4c28a565404fc7b07f9d6b734c291035f7e7e46c280131494b04e3953edf

ifdef KERNEL_PATCHVER
LINUX_VERSION:=$(KERNEL_PATCHVER)$(strip $(LINUX_VERSION-$(KERNEL_PATCHVER)))
Expand Down
1 change: 1 addition & 0 deletions package/base-files/files/etc/rc.common
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ reload() {
restart() {
trap '' TERM
stop "$@"
trap - TERM
start "$@"
}

Expand Down
15 changes: 10 additions & 5 deletions package/base-files/files/lib/functions.sh
Original file line number Diff line number Diff line change
Expand Up @@ -165,22 +165,27 @@ insert_modules() {

default_prerm() {
local root="${IPKG_INSTROOT}"
local name
local pkgname="$(basename ${1%.*})"
local ret=0

name=$(basename ${1%.*})
[ -f "$root/usr/lib/opkg/info/${name}.prerm-pkg" ] && . "$root/usr/lib/opkg/info/${name}.prerm-pkg"
if [ -f "$root/usr/lib/opkg/info/${pkgname}.prerm-pkg" ]; then
( . "$root/usr/lib/opkg/info/${pkgname}.prerm-pkg" )
ret=$?
fi

local shell="$(which bash)"
for i in `cat "$root/usr/lib/opkg/info/${name}.list" | grep "^/etc/init.d/"`; do
for i in $(grep -s "^/etc/init.d/" "$root/usr/lib/opkg/info/${pkgname}.list"); do
if [ -n "$root" ]; then
${shell:-/bin/sh} "$root/etc/rc.common" "$root$i" disable
else
if [ "$PKG_UPGRADE" != "1" ]; then
"$i" disable
fi
"$i" stop || /bin/true
"$i" stop
fi
done

return $ret
}

add_group_and_user() {
Expand Down
2 changes: 1 addition & 1 deletion package/boot/grub2/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk

PKG_NAME:=grub
PKG_VERSION:=2.02
PKG_RELEASE:=1
PKG_RELEASE:=2

PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNU/grub
Expand Down
40 changes: 40 additions & 0 deletions package/boot/grub2/patches/300-CVE-2015-8370.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hector Marco-Gisbert <[email protected]>
Date: Fri, 13 Nov 2015 16:21:09 +0100
Subject: [PATCH] Fix security issue when reading username and password

This patch fixes two integer underflows at:
* grub-core/lib/crypto.c
* grub-core/normal/auth.c

Resolves: CVE-2015-8370

Signed-off-by: Hector Marco-Gisbert <[email protected]>
Signed-off-by: Ismael Ripoll-Ripoll <[email protected]>
---
grub-core/lib/crypto.c | 2 +-
grub-core/normal/auth.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)

--- a/grub-core/lib/crypto.c
+++ b/grub-core/lib/crypto.c
@@ -468,7 +468,7 @@ grub_password_get (char buf[], unsigned
break;
}

- if (key == '\b')
+ if (key == '\b' && cur_len)
{
if (cur_len)
cur_len--;
--- a/grub-core/normal/auth.c
+++ b/grub-core/normal/auth.c
@@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned
break;
}

- if (key == '\b')
+ if (key == '\b' && cur_len)
{
if (cur_len)
{
4 changes: 2 additions & 2 deletions package/firmware/amd64-microcode/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk

PKG_NAME:=amd64-microcode
PKG_VERSION:=20171205
PKG_VERSION:=20180524
PKG_RELEASE:=1

PKG_SOURCE:=amd64-microcode_3.$(PKG_VERSION).$(PKG_RELEASE).tar.xz
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/non-free/a/amd64-microcode/
PKG_HASH:=a38bc072f535a3d3c1bf4e9e545197aa5114e979e94ef7e4a67e615df2f853a7
PKG_HASH:=7c389c357c242e7161f6872bf4e12011a71e4c0683f06fb1bcfad650a78bf0a9
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-3.$(PKG_VERSION).$(PKG_RELEASE)

PKG_LICENSE_FILE:=LICENSE.amd-ucode
Expand Down
12 changes: 6 additions & 6 deletions package/firmware/intel-microcode/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk

PKG_NAME:=intel-microcode
PKG_VERSION:=20180312
PKG_RELEASE:=1
PKG_VERSION:=20180703
PKG_RELEASE:=2

PKG_SOURCE:=intel-microcode_3.$(PKG_VERSION).$(PKG_RELEASE).tar.xz
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/non-free/i/intel-microcode/
PKG_HASH:=6ccb295d23961c7b96a69280e30fdce939e1d905147b22b8428886b173812d52
PKG_HASH:=26dfaa47100ce3d06f968edefa7539da10de7b96d5d8e26ee8174a040ee5cdae
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-3.$(PKG_VERSION).$(PKG_RELEASE)

PKG_BUILD_DEPENDS:=iucode-tool/host
Expand All @@ -36,14 +36,14 @@ endef

define Build/Compile
IUCODE_TOOL=$(STAGING_DIR)/../host/bin/iucode_tool $(MAKE) -C $(PKG_BUILD_DIR)
mkdir $(PKG_BUILD_DIR)/intel-ucode
mkdir $(PKG_BUILD_DIR)/intel-ucode-ipkg
$(STAGING_DIR)/../host/bin/iucode_tool -q \
--write-firmware=$(PKG_BUILD_DIR)/intel-ucode $(PKG_BUILD_DIR)/$(MICROCODE).bin
--write-firmware=$(PKG_BUILD_DIR)/intel-ucode-ipkg $(PKG_BUILD_DIR)/$(MICROCODE).bin
endef

define Package/intel-microcode/install
$(INSTALL_DIR) $(1)/lib/firmware/intel-ucode
$(INSTALL_DATA) $(PKG_BUILD_DIR)/intel-ucode/* $(1)/lib/firmware/intel-ucode
$(INSTALL_DATA) $(PKG_BUILD_DIR)/intel-ucode-ipkg/* $(1)/lib/firmware/intel-ucode
endef

$(eval $(call BuildPackage,intel-microcode))
7 changes: 4 additions & 3 deletions package/kernel/kmod-sched-cake/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,10 @@ PKG_RELEASE:=1

PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/dtaht/sch_cake.git
PKG_SOURCE_DATE:=2018-01-07
PKG_SOURCE_VERSION:=568ed96467f41aad37556b0db11fc008e05941e9
PKG_MIRROR_HASH:=8f3f962824826d07b1029379d91e01bf97fe0bfce1233af5cfa7a54cb1c3632c
PKG_SOURCE_DATE:=2018-07-16
PKG_SOURCE_VERSION:=f39ab9a402ad51d7c17d4cde18ca15b2b7022030
PKG_MIRROR_HASH:=fc22fc6eb7a24f4595c2777f33758ebcf9a2a404c16d00aa37ae389cd7f9c78f
PKG_MAINTAINER:=Kevin Darbyshire-Bryant <[email protected]>

include $(INCLUDE_DIR)/package.mk

Expand Down
2 changes: 1 addition & 1 deletion package/kernel/mac80211/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=mac80211

PKG_VERSION:=2017-01-31
PKG_RELEASE:=5
PKG_RELEASE:=14
PKG_SOURCE_URL:=http://mirror2.openwrt.org/sources
PKG_BACKPORT_VERSION:=
PKG_HASH:=75e6d39e34cf156212a2509172a4a62b673b69eb4a1d9aaa565f7fa719fa2317
Expand Down
4 changes: 4 additions & 0 deletions package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,10 @@ MP_CONFIG_INT="mesh_retry_timeout mesh_confirm_timeout mesh_holding_timeout mesh
MP_CONFIG_BOOL="mesh_auto_open_plinks mesh_fwding"
MP_CONFIG_STRING="mesh_power_mode"

iw() {
command iw $@ || logger -t mac80211 "Failed command: iw $@"
}

drv_mac80211_init_device_config() {
hostapd_common_add_device_config

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
From d77facb88448cdeaaa3adba5b9704a48ac2ac8d6 Mon Sep 17 00:00:00 2001
From: Arend Van Spriel <[email protected]>
Date: Tue, 28 Mar 2017 09:11:30 +0100
Subject: [PATCH] brcmfmac: use local iftype avoiding use-after-free of virtual
interface

A use-after-free was found using KASAN. In brcmf_p2p_del_if() the virtual
interface is removed using call to brcmf_remove_interface(). After that
the virtual interface instance has been freed and should not be referenced.
Solve this by storing the nl80211 iftype in local variable, which is used
in a couple of places anyway.

Cc: [email protected] # 4.10.x, 4.9.x
Reported-by: Daniel J Blueman <[email protected]>
Reviewed-by: Hante Meuleman <[email protected]>
Reviewed-by: Pieter-Paul Giesberts <[email protected]>
Reviewed-by: Franky Lin <[email protected]>
Signed-off-by: Arend van Spriel <[email protected]>
Signed-off-by: Kalle Valo <[email protected]>
---
drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)

--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
@@ -2240,14 +2240,16 @@ int brcmf_p2p_del_vif(struct wiphy *wiph
struct brcmf_cfg80211_info *cfg = wiphy_priv(wiphy);
struct brcmf_p2p_info *p2p = &cfg->p2p;
struct brcmf_cfg80211_vif *vif;
+ enum nl80211_iftype iftype;
bool wait_for_disable = false;
int err;

brcmf_dbg(TRACE, "delete P2P vif\n");
vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);

+ iftype = vif->wdev.iftype;
brcmf_cfg80211_arm_vif_event(cfg, vif);
- switch (vif->wdev.iftype) {
+ switch (iftype) {
case NL80211_IFTYPE_P2P_CLIENT:
if (test_bit(BRCMF_VIF_STATUS_DISCONNECTING, &vif->sme_state))
wait_for_disable = true;
@@ -2277,7 +2279,7 @@ int brcmf_p2p_del_vif(struct wiphy *wiph
BRCMF_P2P_DISABLE_TIMEOUT);

err = 0;
- if (vif->wdev.iftype != NL80211_IFTYPE_P2P_DEVICE) {
+ if (iftype != NL80211_IFTYPE_P2P_DEVICE) {
brcmf_vif_clear_mgmt_ies(vif);
err = brcmf_p2p_release_p2p_if(vif);
}
@@ -2293,7 +2295,7 @@ int brcmf_p2p_del_vif(struct wiphy *wiph
brcmf_remove_interface(vif->ifp, true);

brcmf_cfg80211_arm_vif_event(cfg, NULL);
- if (vif->wdev.iftype != NL80211_IFTYPE_P2P_DEVICE)
+ if (iftype != NL80211_IFTYPE_P2P_DEVICE)
p2p->bss_idx[P2PAPI_BSSCFG_CONNECTION].vif = NULL;

return err;
Loading

0 comments on commit f844a0e

Please sign in to comment.