[OpenWrt-Devel] [PATCH] openvpn: update to 2.4.8
Backport two upstream commits that allow building
openvpn-openssl without OpenSSLs deprecated APIs.
Full changelog:
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.8
Signed-off-by: Magnus Kroken
---
Runtime-tested openvpn-mbedtls and openvpn-openssl on x86_64.
openvpn-openssl was tested against libopenssl built with and without
deprecated APIs.
This patch can be cherry-picked to openwrt-19.07.
package/network/services/openvpn/Makefile | 8 +--
...l-dont-use-deprecated-ssleay-symbols.patch | 58 +
...enssl-add-missing-include-statements.patch | 65 +++
.../210-build_always_use_internal_lz4.patch | 2 +-
.../openvpn/patches/220-disable_des.patch | 2 +-
5 files changed, 129 insertions(+), 6 deletions(-)
create mode 100644
package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch
create mode 100644
package/network/services/openvpn/patches/111-openssl-add-missing-include-statements.patch
diff --git a/package/network/services/openvpn/Makefile
b/package/network/services/openvpn/Makefile
index aed9f43f80..baa8c1d07e 100644
--- a/package/network/services/openvpn/Makefile
+++ b/package/network/services/openvpn/Makefile
@@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openvpn
-PKG_VERSION:=2.4.7
-PKG_RELEASE:=2
+PKG_VERSION:=2.4.8
+PKG_RELEASE:=1
PKG_SOURCE_URL:=\
https://build.openvpn.net/downloads/releases/ \
https://swupdate.openvpn.net/community/releases/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=a42f53570f669eaf10af68e98d65b531015ff9e12be7a62d9269ea684652f648
+PKG_HASH:=fb8ca66bb7807fff595fbdf2a0afd085c02a6aa47715c9aa3171002f9f1a3f91
PKG_MAINTAINER:=Felix Fietkau
@@ -44,7 +44,7 @@ else
endif
endef
-Package/openvpn-openssl=$(call
Package/openvpn/Default,openssl,OpenSSL,+PACKAGE_openvpn-openssl:libopenssl
+@OPENSSL_WITH_DEPRECATED)
+Package/openvpn-openssl=$(call
Package/openvpn/Default,openssl,OpenSSL,+PACKAGE_openvpn-openssl:libopenssl)
Package/openvpn-mbedtls=$(call
Package/openvpn/Default,mbedtls,mbedTLS,+PACKAGE_openvpn-mbedtls:libmbedtls)
Package/openvpn-nossl=$(call Package/openvpn/Default,nossl,plaintext (no SSL))
diff --git
a/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch
b/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch
new file mode 100644
index 00..7e9931f0f3
--- /dev/null
+++
b/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch
@@ -0,0 +1,58 @@
+From 17a476fd5c8cc49f1d103a50199e87ede76b1b67 Mon Sep 17 00:00:00 2001
+From: Steffan Karger
+Date: Sun, 26 Nov 2017 16:04:00 +0100
+Subject: [PATCH] openssl: don't use deprecated SSLEAY/SSLeay symbols
+
+Compiling our current master against OpenSSL 1.1 with
+-DOPENSSL_API_COMPAT=0x1010L screams bloody murder. This patch fixes
+the errors about the deprecated SSLEAY/SSLeay symbols and defines.
+
+Signed-off-by: Steffan Karger
+Acked-by: Gert Doering
+Message-Id: <20171126150401.28565-1-stef...@karger.me>
+URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15934.html
+Signed-off-by: Gert Doering
+---
+ configure.ac | 1 +
+ src/openvpn/openssl_compat.h | 8
+ src/openvpn/ssl_openssl.c| 2 +-
+ 3 files changed, 10 insertions(+), 1 deletion(-)
+
+--- a/configure.ac
b/configure.ac
+@@ -904,6 +904,7 @@ if test "${enable_crypto}" = "yes" -a "$
+ EVP_MD_CTX_free \
+ EVP_MD_CTX_reset \
+ EVP_CIPHER_CTX_reset \
++ OpenSSL_version \
+ SSL_CTX_get_default_passwd_cb \
+ SSL_CTX_get_default_passwd_cb_userdata \
+ SSL_CTX_set_security_level \
+--- a/src/openvpn/openssl_compat.h
b/src/openvpn/openssl_compat.h
+@@ -689,6 +689,14 @@ EC_GROUP_order_bits(const EC_GROUP *grou
+ #endif
+
+ /* SSLeay symbols have been renamed in OpenSSL 1.1 */
++#ifndef OPENSSL_VERSION
++#define OPENSSL_VERSION SSLEAY_VERSION
++#endif
++
++#ifndef HAVE_OPENSSL_VERSION
++#define OpenSSL_version SSLeay_version
++#endif
++
+ #if !defined(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT)
+ #define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT
+ #endif
+--- a/src/openvpn/ssl_openssl.c
b/src/openvpn/ssl_openssl.c
+@@ -1977,7 +1977,7 @@ get_highest_preference_tls_cipher(char *
+ const char *
+ get_ssl_library_version(void)
+ {
+-return SSLeay_version(SSLEAY_VERSION);
++return OpenSSL_version(OPENSSL_VERSION);
+ }
+
+ #endif /* defined(ENABLE_CRYPTO) && defined(ENABLE_CRYPTO_OPENSSL) */
diff --git
a/package/network/services/openvpn/patches/111-openssl-add-missing-include-statements.patch
b/package/network/services/openvpn/patches/111-openssl-add-missing-include-statements.patch
new file mode 100644
index 00..6a62b16500
--- /dev/null
Re: [OpenWrt-Devel] [PATCH 2/4] mtd: Activate LTO compile option
On Fri, Nov 1, 2019 at 1:55 PM Hauke Mehrtens wrote: > > This decreases the size of the mtd application by 25% on MIPS BE. > > old: > 20,597 /sbin/mtd > > new: > 16,421 /sbin/mtd > > Signed-off-by: Hauke Mehrtens > --- > package/system/mtd/Makefile | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/package/system/mtd/Makefile b/package/system/mtd/Makefile > index 2347b8b723..166bb33281 100644 > --- a/package/system/mtd/Makefile > +++ b/package/system/mtd/Makefile > @@ -36,7 +36,8 @@ endef > target=$(firstword $(subst -, ,$(BOARD))) > > MAKE_FLAGS += TARGET="$(target)" > -TARGET_CFLAGS := $(TARGET_CFLAGS) -Dtarget_$(target)=1 -Wall > +TARGET_CFLAGS += -Dtarget_$(target)=1 -Wall -flto I don't think Wall is necessary here. > +TARGET_LDFLAGS += -flto=jobserver > > ifdef CONFIG_MTD_REDBOOT_PARTS >MAKE_FLAGS += FIS_SUPPORT=1 > -- > 2.20.1 > > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 1/4] dnsmasq: Activate LTO
On Fri, Nov 1, 2019 at 1:55 PM Hauke Mehrtens wrote: > > This decreases the binary size when PIE ASLR is activated by 8% on MIPS BE. A small note on LTO: These packages do not generate libraries, but sometimes, LTO messes up dynamic linking (static even more so). For example: https://github.com/openwrt/packages/blob/master/libs/libwangle/Makefile#L31 is missing -flto specifically because a package that depends on it (openr, not in the packages feed yet) fails to link libwangle when -flto is specified for libwangle (a specific function was optimized out of the library). > > old: > 202,020 /usr/sbin/dnsmasq > > new: > 185,676 /usr/sbin/dnsmasq > > Signed-off-by: Hauke Mehrtens > --- > package/network/services/dnsmasq/Makefile | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/package/network/services/dnsmasq/Makefile > b/package/network/services/dnsmasq/Makefile > index 5c114eb1c6..e86b031e3f 100644 > --- a/package/network/services/dnsmasq/Makefile > +++ b/package/network/services/dnsmasq/Makefile > @@ -127,8 +127,8 @@ endef > Package/dnsmasq-dhcpv6/conffiles = $(Package/dnsmasq/conffiles) > Package/dnsmasq-full/conffiles = $(Package/dnsmasq/conffiles) > > -TARGET_CFLAGS += -ffunction-sections -fdata-sections > -TARGET_LDFLAGS += -Wl,--gc-sections I am curious why these were removed. > +TARGET_CFLAGS += -flto > +TARGET_LDFLAGS += -flto=jobserver > > COPTS = -DHAVE_UBUS \ > $(if $(CONFIG_IPV6),,-DNO_IPV6) > -- > 2.20.1 > > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 2/4] mtd: Activate LTO compile option
This decreases the size of the mtd application by 25% on MIPS BE. old: 20,597 /sbin/mtd new: 16,421 /sbin/mtd Signed-off-by: Hauke Mehrtens --- package/system/mtd/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/package/system/mtd/Makefile b/package/system/mtd/Makefile index 2347b8b723..166bb33281 100644 --- a/package/system/mtd/Makefile +++ b/package/system/mtd/Makefile @@ -36,7 +36,8 @@ endef target=$(firstword $(subst -, ,$(BOARD))) MAKE_FLAGS += TARGET="$(target)" -TARGET_CFLAGS := $(TARGET_CFLAGS) -Dtarget_$(target)=1 -Wall +TARGET_CFLAGS += -Dtarget_$(target)=1 -Wall -flto +TARGET_LDFLAGS += -flto=jobserver ifdef CONFIG_MTD_REDBOOT_PARTS MAKE_FLAGS += FIS_SUPPORT=1 -- 2.20.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 1/4] dnsmasq: Activate LTO
This decreases the binary size when PIE ASLR is activated by 8% on MIPS BE. old: 202,020 /usr/sbin/dnsmasq new: 185,676 /usr/sbin/dnsmasq Signed-off-by: Hauke Mehrtens --- package/network/services/dnsmasq/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile index 5c114eb1c6..e86b031e3f 100644 --- a/package/network/services/dnsmasq/Makefile +++ b/package/network/services/dnsmasq/Makefile @@ -127,8 +127,8 @@ endef Package/dnsmasq-dhcpv6/conffiles = $(Package/dnsmasq/conffiles) Package/dnsmasq-full/conffiles = $(Package/dnsmasq/conffiles) -TARGET_CFLAGS += -ffunction-sections -fdata-sections -TARGET_LDFLAGS += -Wl,--gc-sections +TARGET_CFLAGS += -flto +TARGET_LDFLAGS += -flto=jobserver COPTS = -DHAVE_UBUS \ $(if $(CONFIG_IPV6),,-DNO_IPV6) -- 2.20.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 3/4] swconfig: Activate LTO compile option
This decreases the size of the swconfig application by 25% on MIPS BE. old: 16,916 /sbin/swconfig new: 12,565 /sbin/swconfig Signed-off-by: Hauke Mehrtens --- package/network/config/swconfig/Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/package/network/config/swconfig/Makefile b/package/network/config/swconfig/Makefile index 8b1d6cd64a..4d3e572d82 100644 --- a/package/network/config/swconfig/Makefile +++ b/package/network/config/swconfig/Makefile @@ -23,6 +23,9 @@ define Package/swconfig TITLE:=Switch configuration utility endef +TARGET_CFLAGS += -flto +TARGET_LDFLAGS += -flto=jobserver + TARGET_CPPFLAGS := \ -D_GNU_SOURCE \ -I$(STAGING_DIR)/usr/include/libnl-tiny \ -- 2.20.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 4/4] usign: Activate LTO compile option
This decreases the size of the usign application by 16% on MIPS BE. old: 24,597 /usr/bin/usign new: 20,501 /usr/bin/usign Signed-off-by: Hauke Mehrtens --- package/system/usign/Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/package/system/usign/Makefile b/package/system/usign/Makefile index 836b1524d3..ab7fda33a3 100644 --- a/package/system/usign/Makefile +++ b/package/system/usign/Makefile @@ -30,6 +30,9 @@ define Package/usign TITLE:=OpenWrt signature verification utility endef +TARGET_CFLAGS += -flto +TARGET_LDFLAGS += -flto=jobserver + CMAKE_OPTIONS += \ -DUSE_LIBUBOX=on -- 2.20.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] rules.mk: remove "$(STAGING_DIR)/include"
On Fri, Nov 1, 2019 at 12:21 PM Sebastian Kemper wrote: > > On Fri, Nov 01, 2019 at 12:06:39PM -0700, Rosen Penev wrote: > > Would it also make sense to remove $(STAGING_DIR)/lib ? Locally, it > > seems libpam gets installed there (probably a bug). > > Quoting FHS 3.0 regarding /lib's purpose: "The /lib directory contains > those shared library images needed to boot the system and run the > commands in the root filesystem, ie. by binaries in /bin and /sbin." > > I think /lib should stay. OTOH, many modern distros just symlink everything to /usr. Anyway, Acked-by: Rosen Penev > > Regards, > Seb ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] rules.mk: remove "$(STAGING_DIR)/include"
On Fri, Nov 01, 2019 at 12:06:39PM -0700, Rosen Penev wrote: > Would it also make sense to remove $(STAGING_DIR)/lib ? Locally, it > seems libpam gets installed there (probably a bug). Quoting FHS 3.0 regarding /lib's purpose: "The /lib directory contains those shared library images needed to boot the system and run the commands in the root filesystem, ie. by binaries in /bin and /sbin." I think /lib should stay. Regards, Seb ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] rules.mk: remove "$(STAGING_DIR)/include"
On Fri, Nov 1, 2019 at 2:21 AM Jo-Philipp Wich wrote: > > Hi, > > [...] > > > Removing this directory from TARGET_CPPFLAGS will cut down the log noise > > a bit. Not only will CPPFLAGS be shorter, there will be less warnings > > set off by "-Wmissing-include-dirs" (or even failures when paired with > > "-Werror"). After all the directory does not even _exist_ in the SDKs, > > which are used on the build bots when building packages (see [1] and > > [2]). Would it also make sense to remove $(STAGING_DIR)/lib ? Locally, it seems libpam gets installed there (probably a bug). > > [...] > > > Signed-off-by: Sebastian Kemper > > Acked-by: Jo-Philipp Wich > > > I wanted to look into this for a long time but never had the motivation > to actually do comprehensive tests of the impacts of the removal. > > So, thanks for looking into that - its fine from my side. > > ~ Jo > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH procd 2/2] instance: Warn about unexpected number of parameters
Warn when the number of allocated parameters for the jail argv does not
match the number of used parameters. This normally leads to a buffer
overflow.
Signed-off-by: Hauke Mehrtens
---
service/instance.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/service/instance.c b/service/instance.c
index 4bb2207..3098ff3 100644
--- a/service/instance.c
+++ b/service/instance.c
@@ -337,8 +337,12 @@ instance_run(struct service_instance *in, int _stdout, int
_stderr)
ULOG_WARN("Seccomp support for %s::%s not available\n",
in->srv->name, in->name);
#endif
- if (in->has_jail)
+ if (in->has_jail) {
argc = jail_run(in, argv);
+ if (argc != in->jail.argc)
+ ULOG_WARN("expected %i jail params, used %i for
%s::%s\n",
+ in->jail.argc, argc, in->srv->name, in->name);
+ }
blobmsg_for_each_attr(cur, in->command, rem)
argv[argc++] = blobmsg_data(cur);
--
2.20.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH procd 1/2] instance: ujail: Fix allocated size for no_new_privs parameter
When the no_new_privs parameter is given, thei size of the array which
contains the argv pointers is not increased in instance_jail_parse()
which causes a buffer overflow. Fix this by requesting one more entry in
instance_jail_parse() for the allocation.
Fixes: dfd5816bcbef ("instance, ujail: wire no_new_privs (-c) option")
Cc: Etienne CHAMPETIER
Signed-off-by: Hauke Mehrtens
---
service/instance.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/service/instance.c b/service/instance.c
index b4284e7..4bb2207 100644
--- a/service/instance.c
+++ b/service/instance.c
@@ -829,6 +829,9 @@ instance_jail_parse(struct service_instance *in, struct
blob_attr *attr)
if (in->seccomp)
jail->argc += 2;
+ if (in->no_new_privs)
+ jail->argc++;
+
return 1;
}
--
2.20.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH uci 1/2] util: Fix error path
Unlock and close the stream in case some file operations in uci_open_stream() fail. Signed-off-by: Hauke Mehrtens --- util.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/util.c b/util.c index 12aec9b..8572e81 100644 --- a/util.c +++ b/util.c @@ -221,17 +221,21 @@ __private FILE *uci_open_stream(struct uci_context *ctx, const char *filename, c ret = flock(fd, (write ? LOCK_EX : LOCK_SH)); if ((ret < 0) && (errno != ENOSYS)) - goto error; + goto error_close; ret = lseek(fd, 0, pos); if (ret < 0) - goto error; + goto error_unlock; file = fdopen(fd, (write ? "w+" : "r")); if (file) goto done; +error_unlock: + flock(fd, LOCK_UN); +error_close: + close(fd); error: UCI_THROW(ctx, UCI_ERR_IO); done: -- 2.20.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH uci 2/2] build: Add -Wclobbered to detect problems with longjmp
When we jump back to a save point in UCI_THROW() with longjmp all the
registers will be reset to the old values when we called UCI_TRAP_SAVE()
last time, but the memory is not restored. This will revert all the
variables which are stored in registers, but not the variables stored on
the stack.
Mark all the variables which the compiler could put into a register as
volatile to store them safely on the stack and make sure they have the
defined current values also after longjmp was called.
This also activates a compiler warning which should warn us in such
cases.
This could fix some potential problem in error paths like the one
reported in CVE-2019-15513.
Signed-off-by: Hauke Mehrtens
---
CMakeLists.txt | 2 +-
delta.c| 20 ++--
file.c | 11 ++-
list.c | 4 ++--
4 files changed, 19 insertions(+), 18 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 170eb0b..578c021 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -3,7 +3,7 @@ cmake_minimum_required(VERSION 2.6)
PROJECT(uci C)
SET(CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "")
-ADD_DEFINITIONS(-Os -Wall -Werror --std=gnu99 -g3 -I.
-DUCI_PREFIX="${CMAKE_INSTALL_PREFIX}")
+ADD_DEFINITIONS(-Os -Wall -Werror -Wclobbered --std=gnu99 -g3 -I.
-DUCI_PREFIX="${CMAKE_INSTALL_PREFIX}")
OPTION(UCI_DEBUG "debugging support" OFF)
OPTION(UCI_DEBUG_TYPECAST "typecast debugging support" OFF)
diff --git a/delta.c b/delta.c
index 386167d..52ebe3b 100644
--- a/delta.c
+++ b/delta.c
@@ -100,7 +100,7 @@ int uci_set_savedir(struct uci_context *ctx, const char
*dir)
{
char *sdir;
struct uci_element *e, *tmp;
- bool exists = false;
+ volatile bool exists = false;
UCI_HANDLE_ERR(ctx);
UCI_ASSERT(ctx, dir != NULL);
@@ -259,7 +259,7 @@ error:
static int uci_parse_delta(struct uci_context *ctx, FILE *stream, struct
uci_package *p)
{
struct uci_parse_context *pctx;
- int changes = 0;
+ volatile int changes = 0;
/* make sure no memory from previous parse attempts is leaked */
uci_cleanup(ctx);
@@ -294,8 +294,8 @@ error:
/* returns the number of changes that were successfully parsed */
static int uci_load_delta_file(struct uci_context *ctx, struct uci_package *p,
char *filename, FILE **f, bool flush)
{
- FILE *stream = NULL;
- int changes = 0;
+ FILE *volatile stream = NULL;
+ volatile int changes = 0;
UCI_TRAP_SAVE(ctx, done);
stream = uci_open_stream(ctx, filename, NULL, SEEK_SET, flush, false);
@@ -317,8 +317,8 @@ __private int uci_load_delta(struct uci_context *ctx,
struct uci_package *p, boo
{
struct uci_element *e;
char *filename = NULL;
- FILE *f = NULL;
- int changes = 0;
+ FILE *volatile f = NULL;
+ volatile int changes = 0;
if (!p->has_delta)
return 0;
@@ -419,9 +419,9 @@ done:
int uci_revert(struct uci_context *ctx, struct uci_ptr *ptr)
{
- char *package = NULL;
- char *section = NULL;
- char *option = NULL;
+ char *volatile package = NULL;
+ char *volatile section = NULL;
+ char *volatile option = NULL;
UCI_HANDLE_ERR(ctx);
uci_expand_ptr(ctx, ptr, false);
@@ -463,7 +463,7 @@ error:
int uci_save(struct uci_context *ctx, struct uci_package *p)
{
- FILE *f = NULL;
+ FILE *volatile f = NULL;
char *filename = NULL;
struct uci_element *e, *tmp;
struct stat statbuf;
diff --git a/file.c b/file.c
index 7333e48..321b66b 100644
--- a/file.c
+++ b/file.c
@@ -721,10 +721,10 @@ static void uci_file_commit(struct uci_context *ctx,
struct uci_package **packag
{
struct uci_package *p = *package;
FILE *f1, *f2 = NULL;
- char *name = NULL;
- char *path = NULL;
+ char *volatile name = NULL;
+ char *volatile path = NULL;
char *filename = NULL;
- bool do_rename = false;
+ volatile bool do_rename = false;
int fd;
if (!p->path) {
@@ -881,12 +881,13 @@ static char **uci_list_config_files(struct uci_context
*ctx)
return configs;
}
-static struct uci_package *uci_file_load(struct uci_context *ctx, const char
*name)
+static struct uci_package *uci_file_load(struct uci_context *ctx,
+const char *volatile name)
{
struct uci_package *package = NULL;
char *filename;
bool confdir;
- FILE *file = NULL;
+ FILE *volatile file = NULL;
switch (name[0]) {
case '.':
diff --git a/list.c b/list.c
index 78efbaf..41a8702 100644
--- a/list.c
+++ b/list.c
@@ -623,8 +623,8 @@ int uci_add_list(struct uci_context *ctx, struct uci_ptr
*ptr)
{
/* NB: UCI_INTERNAL use means without delta tracking */
bool internal = ctx && ctx->internal;
- struct uci_option *prev = NULL;
- const char *value2 = NULL;
+ struct uci_option *volatile prev = NULL;
+
Re: [OpenWrt-Devel] v5.4 as next kernel / ipq806x
On 11/1/19 2:12 AM, Andre Valentin wrote: Hello, I also did several tests on the 4.19 ipq806x (NBG6817). I noticed that VPN throuput (IPsec Performance) dropped to 30% with exactly the same config (kernel and openwrt), kernel crypto and arm crypto stuff tested. Also the whole system feels a bit slowier. Timers (clock, ddr) in dts have been compared, also checked in the running system. I'm a fan of 419, but this needs be solved before and I have no clue where to look. Any ideas? There has been some discussion on the forum around IPSec performance and kmod-crypto-ctr for the similar ipq40xx. It may provide insight. https://forum.openwrt.org/t/ipsec-differences-between-devices-is-kmod-crypto-ctr-the-problem/44461?u=jeff https://github.com/openwrt/openwrt/pull/2518 I haven't been following it very closely, but as I was surprised that the IPQ4019-based EA8300's OpenVPN throughput was only about 50% better than that of a QCA9558 or QCA9563, I put catching up on the topic on my list. Jeff ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 3/4] mediatek: cosmetic fixes for mt7629-lynx-rfb
On Fri, Nov 1, 2019 at 3:10 PM wrote:
>
> Hi,
>
> > @@ -75,6 +76,7 @@
> > gmac0: mac@0 {
> > compatible = "mediatek,eth-mac";
> > reg = <0>;
> > + mtd-mac-address = < 0x2a>;
>
> Strange indent here ...
Ouch...This entire eth node uses spaces for indentation, and the tab
width in my editor is 4 spaces...
Fixed in my staging tree:
https://git.openwrt.org/?p=openwrt/staging/981213.git;a=shortlog;h=refs/heads/mt7629_target
Regards,
Chuanhong Guo
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] iwinfo: add several QC/A device ids
Add device ids for AR9462, QCA9862, QCA9880 v1 mPCIe cards and Ubiquiti branded QCA9880 v2 PCI wifi found in LiteBeam 5ac. Signed-off-by: Tomislav Požega --- --- a/hardware.txt +++ b/hardware.txt @@ -1,6 +1,7 @@ # libiwinfo hardware database # vendor id | device id | subsystem vendor id | subsystem device id | # txpower offset | frequency offset | "vendor name" | "device name" +0x0777 0x11ac 0x0777 0xe7f90 0 "Ubiquiti" "LiteBeam 5AC" 0x 0x 0x 0xb1020 0 "Ubiquiti" "PowerStation2 (18V)" 0x 0x 0x 0xb2020 0 "Ubiquiti" "PowerStation2 (16D)" 0x 0x 0x 0xb3020 0 "Ubiquiti" "PowerStation2 (EXT)" @@ -152,7 +153,10 @@ 0x168c 0x0033 0x19b6 0xd0140 0 "MikroTik" "R11e-5HnD" 0x168c 0x0033 0x19b6 0xd0570 0 "MikroTik" "R11e-5HnDr2" 0x168c 0x0033 0x19b6 0xd0160 0 "MikroTik" "R11e-2HPnD" +0x168c 0x0034 0x17aa 0x32140 0 "Atheros" "AR9462" 0x168c 0x003c 0x 0x0 0 "Qualcomm Atheros" "QCA9880" +0x168c 0x003c 0x168c 0x32230 0 "Qualcomm Atheros" "QCA9880" +0x168c 0x003c 0x1a56 0x14200 0 "Qualcomm Atheros" "QCA9862" 0x168c 0x003c 0x19b6 0xd03c0 0 "Mikrotik" "R11e-5HacT" 0x168c 0x0046 0x168c 0xcafe0 0 "Qualcomm Atheros" "QCA9984" 0x168c 0x0050 0x 0x0 0 "Qualcomm Atheros" "QCA9887" ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] CVE-2019-15513 analysis
Hi,
At the prpl Summit 2019 I saw a slide with 4 CVEs which are filled
against OpenWrt and there was one listed I was not aware of at that
time, CVE-2019-15513.
According to the CVE details page it was filled against OpenWrt on
23.8.2019 and OpenWrt was not informed before or after this was filled
against OpenWrt, we only saw this by luck.
https://www.cvedetails.com/cve/CVE-2019-15513/
The details are "described" in this pdf file which is partly in Mandarin:
https://github.com/TeamSeri0us/pocs/blob/master/iot/morouter/motorola%E8%B7%AF%E7%94%B1%E5%99%A8%E6%96%87%E4%BB%B6%E8%A7%A3%E9%94%81%E6%BC%8F%E6%B4%9E.pdf
This paper only looks at the disassembled binary even when the source is
open source.
Petr (ynezz) tried to reproduce this, but was not able to do so with a
recent OpenWrt. Later we found that this problem was fixed in OpenWrt
15.05.1 and later more than 4 years ago.
The problem was already reported here, but not as a security problem:
https://github.com/openwrt/packages/issues/1231
This problem was fixed by Yousong in this commits over 4 years ago:
https://git.openwrt.org/?p=project/uci.git;a=commitdiff;h=19e29ffc15dbd958e8e6a648ee0982c68353516f
This commit allows longer lines:
https://git.openwrt.org/?p=project/uci.git;a=commitdiff;h=4b52bdbdbec3c84afeab5c3167e69f7c6012b2f3
The problem was that uci_open_stream() opens the given filename and also
locks it with flock() so that other processes can not use it. In this
case the lock on the file is not released which causes a dead lock in
uci and something hangs, no code executing or something similar
possible, just one process hangs. This can normally only be called by root.
UCI makes use of setjmp() and longjmp() for error handling. When an
error occurs it jumps back to the save point. This is encapsulated in
UCI_TRAP_SAVE() and UCI_THROW(). longjmp() saves all the registers, so
variables which are stored in memory are not restored, but variables
stored in registers are restored to their old values.
When uci_getln() is called with a string of more than 4096 bytes it runs
into an error case and calls UCI_THROW() which jumps back to the last
save point, in this case to uci_load_delta_file(). In this description
it gets called in this way:
uci_load_delta_file() -> uci_parse_delta() -> uci_getln()
uci_load_delta_file() looked liked this:
---
/* returns the number of changes that were successfully parsed */
static int uci_load_delta_file(struct uci_context *ctx, struct
uci_package *p, char *filename, FILE **f, bool flush)
{
FILE *stream = NULL;
int changes = 0;
UCI_TRAP_SAVE(ctx, done);
stream = uci_open_stream(ctx, filename, NULL, SEEK_SET, flush, false);
if (p)
changes = uci_parse_delta(ctx, stream, p);
UCI_TRAP_RESTORE(ctx);
done:
if (f)
*f = stream;
else if (stream)
uci_close_stream(stream);
return changes;
}
---
https://git.openwrt.org/?p=project/uci.git;a=blob;f=delta.c;h=459d2c7ddfd5d4443c24c02a76952d40319bb871;hb=556215152a216c179fe2ca7db9b1de7036ceda60#l289
When uci_parse_delta() calls UCI_THROW() it jumps to done. The problem
is that stream is stored in a register and not on the stack because the
compiler thinks this is ok. Then stream will be restored to the original
value which is NULL and we loose the reference to the original stream
file pointer. uci_close_stream() will not be called and the file pointer
is not unlocked and also not closed.
This problem was fixed in OpenWrt 15.05.1.
The CVE says it does not need authentication, as far as I understand
this root permissions are needed to exploit this problem, it could also
be possible over Luci.
It could be that these Motorola CX2L MWR04L and MWR03 devices where this
problem was found use UCI in a different way in their vendor FW which
forked OpenWrt, but I do not have these devices, the source code or the
binaries of these devices.
If you find a security problem in OpenWrt please get in contact with us
at cont...@openwrt.org preferable before publishing it, but at least
after you published it. I do not like it, when a CVE is just filled
without informing us. Do not assume that some random vendor in which
firmware you found this problem reports the problem back to us, normally
they only fork OpenWrt and do not care about upstream OpenWrt. If you
find a problem in OpenWrt please talk to OpenWrt!
If you see a CVE against OpenWrt and there is no communication on the
normal OpenWrt mailings about it, please ask on the public mailling list
if someone knows about this, this is already the 2. CVE filled against
OpenWrt where we did not got informed at all.
Hauke
signature.asc
Description: OpenPGP digital signature
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
[OpenWrt-Devel] [PATCH 1/1] ipq40xx: ipq4019: Add new device Compex WPJ419
This device contains 2 flash devices. One NOR (32M) and one NAND (128M).
U-boot and caldata are on the NOR, the firmware on the NAND.
SoC:IPQ4019
CPU:4x 710MHz ARMv7
RAM:256MB
FLASH: NOR:32MB NAND:128MB
ETH:2x GMAC Gigabit
POE:802.3 af/at POE, IEEE802.3af/IEEE802.3at(48-56V)
WIFI: 1x 2.4Ghz Atheros qca4019 2x2 MU-MIMO
1x 5.0Ghz Atheros qca4019 2x2 MU-MIMO
USB:1x 3.0
PCI:1x Mini PCIe
SIM:1x Slot
SD: 1x MicroSD slot
BTN:Reset
LED:- Power
- Ethernet
UART: 1x Serial Port 4 Pin Connector (UART)
1x Serial Port 6 Pin Connector (High Speed UART)
POWER: 12V 2A
Installation
Initial flashing can only be done via u-boot using the following commands:
tftpboot openwrt-ipq40xx-generic-compex_wpj419-squashfs-nand-factory.ubi
nand erase.chip; nand write ${fileaddr} 0x0 ${filesize}
res
Signed-off-by: Daniel Danzberger
---
.../ipq40xx/base-files/etc/board.d/02_network | 1 +
.../etc/hotplug.d/firmware/11-ath10k-caldata | 2 +
.../base-files/lib/upgrade/platform.sh| 3 +
.../arch/arm/boot/dts/qcom-ipq4019-wpj419.dts | 374 ++
target/linux/ipq40xx/image/Makefile | 14 +
.../901-arm-boot-add-dts-files.patch | 3 +-
6 files changed, 396 insertions(+), 1 deletion(-)
create mode 100644
target/linux/ipq40xx/files-4.19/arch/arm/boot/dts/qcom-ipq4019-wpj419.dts
diff --git a/target/linux/ipq40xx/base-files/etc/board.d/02_network
b/target/linux/ipq40xx/base-files/etc/board.d/02_network
index 25402b7eb4..dafd83234e 100755
--- a/target/linux/ipq40xx/base-files/etc/board.d/02_network
+++ b/target/linux/ipq40xx/base-files/etc/board.d/02_network
@@ -48,6 +48,7 @@ ipq40xx_setup_interfaces()
ucidef_set_interface_lan "eth0"
;;
avm,fritzrepeater-3000|\
+ compex,wpj419|\
compex,wpj428)
ucidef_set_interface_lan "eth0 eth1"
;;
diff --git
a/target/linux/ipq40xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata
b/target/linux/ipq40xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata
index 2336ef3c7b..d4e4cc49ec 100644
--- a/target/linux/ipq40xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata
+++ b/target/linux/ipq40xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata
@@ -70,6 +70,7 @@ case "$FIRMWARE" in
/usr/bin/fritz_cal_extract -i 1 -s 0x3C800 -e 0x207 -l 12064 -o
/lib/firmware/$FIRMWARE $(find_mtd_chardev "urlader1") || \
/usr/bin/fritz_cal_extract -i 1 -s 0x3D000 -e 0x207 -l 12064 -o
/lib/firmware/$FIRMWARE $(find_mtd_chardev "urlader1")
;;
+ compex,wpj419 |\
compex,wpj428 |\
engenius,eap1300 |\
openmesh,a42 |\
@@ -133,6 +134,7 @@ case "$FIRMWARE" in
/usr/bin/fritz_cal_extract -i 1 -s 0x3D000 -e 0x208 -l 12064 -o
/lib/firmware/$FIRMWARE $(find_mtd_chardev "urlader1") || \
/usr/bin/fritz_cal_extract -i 1 -s 0x3C000 -e 0x208 -l 12064 -o
/lib/firmware/$FIRMWARE $(find_mtd_chardev "urlader1")
;;
+ compex,wpj419 |\
compex,wpj428 |\
engenius,eap1300 |\
openmesh,a42 |\
diff --git a/target/linux/ipq40xx/base-files/lib/upgrade/platform.sh
b/target/linux/ipq40xx/base-files/lib/upgrade/platform.sh
index 3445f2b50f..96f865c67e 100644
--- a/target/linux/ipq40xx/base-files/lib/upgrade/platform.sh
+++ b/target/linux/ipq40xx/base-files/lib/upgrade/platform.sh
@@ -73,6 +73,9 @@ platform_do_upgrade() {
CI_KERNPART="linux"
nand_do_upgrade "$1"
;;
+ compex,wpj419)
+ nand_do_upgrade "$1"
+ ;;
linksys,ea6350v3 |\
linksys,ea8300)
platform_do_upgrade_linksys "$1"
diff --git
a/target/linux/ipq40xx/files-4.19/arch/arm/boot/dts/qcom-ipq4019-wpj419.dts
b/target/linux/ipq40xx/files-4.19/arch/arm/boot/dts/qcom-ipq4019-wpj419.dts
new file mode 100644
index 00..b6eb99278b
--- /dev/null
+++ b/target/linux/ipq40xx/files-4.19/arch/arm/boot/dts/qcom-ipq4019-wpj419.dts
@@ -0,0 +1,374 @@
+/* Copyright (c) 2015, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2019, Nguyen Dinh Phi
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE
[OpenWrt-Devel] [PATCH 0/1] ipq40xx: Add new device Compex WPJ419
Changes since the last PR: - previous 2 patches have been dropped. - spi-nand flash driver is used instead of the old mt29f. - reboot hang problem is fixed by using the 'broken-flash-reset' dts property. - u-boot-env partition is no longer read-only. - bootargs are appended in the dts file and no longer need to be set in the bootloader. - style and naming issues have been resovled. - drop msm bus header and dts file. - fix sysupgrade, add nand flash handler for wpj419 - Use only 64MB of the nand flash, because the bootloader expects the ubi part to be only 64MB. This is due to the old mt29f driver, whcih detected the flash with only 64MB instread of 128MB. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [openwrt] Patch notification: 1 patch updated
Hello, The following patch (submitted by you) has been updated in Patchwork: * openwrt: [OpenWrt-Devel,v2] hostapd: add IEEE 802.11k support - http://patchwork.ozlabs.org/patch/1187712/ - for: OpenWrt development was: New now: Superseded This email is a notification only - you do not need to respond. Happy patchworking. -- This is an automated mail sent by the Patchwork system at patchwork.ozlabs.org. To stop receiving these notifications, edit your mail settings at: http://patchwork.ozlabs.org/mail/ ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] rules.mk: remove "$(STAGING_DIR)/include"
Hi, [...] > Removing this directory from TARGET_CPPFLAGS will cut down the log noise > a bit. Not only will CPPFLAGS be shorter, there will be less warnings > set off by "-Wmissing-include-dirs" (or even failures when paired with > "-Werror"). After all the directory does not even _exist_ in the SDKs, > which are used on the build bots when building packages (see [1] and > [2]). [...] > Signed-off-by: Sebastian Kemper Acked-by: Jo-Philipp Wich I wanted to look into this for a long time but never had the motivation to actually do comprehensive tests of the impacts of the removal. So, thanks for looking into that - its fine from my side. ~ Jo signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] rules.mk: remove "$(STAGING_DIR)/include"
"$(STAGING_DIR)/include" was carried over from buildroot-ng to OpenWrt in commit 60c1f0f64d23003a19a07d6b9638542130f6641d. buildroot has dropped this directory a long time ago. In OpenWrt the directory is still created by the PrepareStaging macro and is part of the default TARGET_CPPFLAGS. But nothing at all installs headers into this directory, nor should anything be installed under this path. Removing this directory from TARGET_CPPFLAGS will cut down the log noise a bit. Not only will CPPFLAGS be shorter, there will be less warnings set off by "-Wmissing-include-dirs" (or even failures when paired with "-Werror"). After all the directory does not even _exist_ in the SDKs, which are used on the build bots when building packages (see [1] and [2]). make[8]: Entering directory '/builder/shared-workdir/build/sdk/build_dir/target-aarch64_generic_musl/libmbim-1.20.0/src/common' CC libmbim_common_la-mbim-common.lo cc1: error: /builder/shared-workdir/build/sdk/staging_dir/target-aarch64_generic_musl/include: No such file or directory [-Werror=missing-include-dirs] cc1: all warnings being treated as errors [1] https://github.com/openwrt/packages/issues/10377 [2] https://github.com/openwrt/packages/pull/10378 Signed-off-by: Sebastian Kemper --- rules.mk | 2 +- tools/Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/rules.mk b/rules.mk index fbf42f725d..66ddea2883 100644 --- a/rules.mk +++ b/rules.mk @@ -174,7 +174,7 @@ TARGET_CFLAGS:=$(TARGET_OPTIMIZATION)$(if $(CONFIG_DEBUG), -g3) $(call qstrip,$( TARGET_CXXFLAGS = $(TARGET_CFLAGS) TARGET_ASFLAGS_DEFAULT = $(TARGET_CFLAGS) TARGET_ASFLAGS = $(TARGET_ASFLAGS_DEFAULT) -TARGET_CPPFLAGS:=-I$(STAGING_DIR)/usr/include -I$(STAGING_DIR)/include +TARGET_CPPFLAGS:=-I$(STAGING_DIR)/usr/include TARGET_LDFLAGS:=-L$(STAGING_DIR)/usr/lib -L$(STAGING_DIR)/lib ifneq ($(CONFIG_EXTERNAL_TOOLCHAIN),) LIBGCC_S_PATH=$(realpath $(wildcard $(call qstrip,$(CONFIG_LIBGCC_ROOT_DIR))/$(call qstrip,$(CONFIG_LIBGCC_FILE_SPEC diff --git a/tools/Makefile b/tools/Makefile index 23671cba91..2f57d25525 100644 --- a/tools/Makefile +++ b/tools/Makefile @@ -123,7 +123,7 @@ define PrepareStaging $(if $(QUIET),,set -x;) \ mkdir -p "$$dir"; \ cd "$$dir"; \ - mkdir -p bin lib include stamp; \ + mkdir -p bin lib stamp; \ ); done endef -- 2.23.0 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] v5.4 as next kernel / ipq806x
Hello, I also did several tests on the 4.19 ipq806x (NBG6817). I noticed that VPN throuput (IPsec Performance) dropped to 30% with exactly the same config (kernel and openwrt), kernel crypto and arm crypto stuff tested. Also the whole system feels a bit slowier. Timers (clock, ddr) in dts have been compared, also checked in the running system. I'm a fan of 419, but this needs be solved before and I have no clue where to look. Any ideas? Kind regards, André Am 30.10.19 um 22:16 schrieb Stefan Lippers-Hollmann: > Hi > > On 2019-10-30, Adrian Schmutzler wrote: >> 1. We currently have work-in-progress 4.19 support PRs for ramips, >> ipq806x and bcm63xx, still with considerable work to do at least for >> the first two (IIRC). > > Kernel 4.19 has been working fine on ipq806x (nbg6817) for me so far, > I've been using it a for couple of months now and the pending pull > request[0] is functional. Yes, there might be further optimization steps > possible, but none of that is necessary to switch ipq806x from v4.14 to > v4.19 now'ish (routing throughput is already significantly better in > v4.19, jumbo frames no longer crash stmmac, so I do consider the current > state of the v4.19 patches for ipq806x to be an improvement over v4.14). > > Regards > Stefan Lippers-Hollmann > > [0] https://github.com/openwrt/openwrt/pull/2472 > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel > smime.p7s Description: S/MIME Cryptographic Signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 3/4] mediatek: cosmetic fixes for mt7629-lynx-rfb
Hi,
> @@ -75,6 +76,7 @@
> gmac0: mac@0 {
> compatible = "mediatek,eth-mac";
> reg = <0>;
> + mtd-mac-address = < 0x2a>;
Strange indent here ...
> phy-mode = "sgmii";
> fixed-link {
> speed = <1000>; @@ -86,6 +88,7 @@
> gmac1: mac@1 {
> compatible = "mediatek,eth-mac";
> reg = <1>;
> + mtd-mac-address = < 0x24>;
... and here.
Best
Adrian
openpgp-digital-signature.asc
Description: PGP signature
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
