Commit graph

41611 commits

Author SHA1 Message Date
Matthias Schiffer
643850f568
inclue/image.mk: fix package installation for per-device rootfs
Fixes FS#1421.

Fixes: 2fbf669730 ("imagebuilder: reuse rootfs preparation from rootfs.mk")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-09 08:18:54 +01:00
Hans Dedecker
332b736a3e ebtables: update to latest git 2018-01-17
068ba95 Fix locking if LOCKDIR does not exist

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-03-08 21:16:24 +01:00
Florian Fainelli
30d42f85ae uml: Remove 4.4 patches
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2018-03-08 11:44:26 -08:00
Stijn Tintel
7cc9914aae firewall: bump to git HEAD
392811a ubus: let fw3_ubus_address() return the number of resolved addresses
359adcf options: emit an empty address item when resolving networks fails
503db4a zones: disable masq when resolving of all masq_src or masq_dest items failed
f50a524 helpers: implement explicit CT helper assignment support
a3ef503 zones: allow per-table log control
8ef12cb iptables: fix possible NULL pointer access on constructing rule masks

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-03-08 02:40:30 +02:00
Matthias Schiffer
057369ae1f
base-files: tune fragment queue thresholds for available system memory
The default fragment low/high thresholds are 3 and 4 MB. On devices with
only 32MB RAM, these settings may lead to OOM when many fragments that
cannot be reassembled are received. Decrease fragment low/high thresholds
to 384 and 512 kB on devices with less than 64 MB RAM.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-07 19:14:22 +01:00
Rafał Miłecki
6c194078db bcm53xx: include patch adding WZR-900DHP LEDs support
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-03-07 17:01:07 +01:00
Matthias Schiffer
359273d7f6
include/package-defaults.mk: fix default Build/Prepare with empty ./src
Copying ./src/* would fail when src exists, but is empty or only contains
hidden files.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-07 09:59:08 +01:00
Matthias Schiffer
f505fb07f3
include/image.mk: base package-list manifest on unprepared rootfs
With CONFIG_CLEAN_IPKG, the prepared rootfs does not have a full opkg
status file.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-07 09:59:08 +01:00
Matthias Schiffer
a02a69d5f8
imagebuilder: remove split patch dirs from imagebuilder archive
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-07 09:59:08 +01:00
Matthias Schiffer
2fbf669730
imagebuilder: reuse rootfs preparation from rootfs.mk
In addition to removing redundant code, this fixes various issues in
IB-generated images that have been fixed in prepare_rootfs before,
including better handling of CONFIG_CLEAN_IPKG and enabling of initscripts
from FILES.

We also reuse the opkg macro and remove --force-... flags that have been
removed from rootfs.mk as well.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-07 09:59:08 +01:00
Matthias Schiffer
cf1c7c0f17
include/rootfs.mk: pass additional files dir to prepare_rootfs as an argument
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-07 09:59:07 +01:00
Matthias Schiffer
6ab50bb10d
include/rootfs.mk: retain list of conffiles with CONFIG_CLEAN_IPKG
/usr/lib/opkg/status must not be removed completely, otherwise the
packages' conffile lists will be missing. Replace it with a reduced version
only containing the conffile entries.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-07 09:58:50 +01:00
Matthias Schiffer
d2daaf8f40
include/rootfs.mk: do not remove opkg prerm scripts during rootfs preparation
When a user removes a preinstalled opkg package, the package's prerm script
(and in particular our default_prerm) should run.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-07 08:49:45 +01:00
Matthias Schiffer
6ed389da85
base-files: sysupgrade: do not rely on opkg to list changed conffiles
Many packages use the opkg conffiles field to list configuration files that
are to be retained on upgrades. Make this work on systems without opkg.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-07 08:49:39 +01:00
Martin Schiller
d84ac78d6a lantiq/xrx200: add usif support to dts files
The Lantiq XRX200 aka VR9 doesn't have an asc0. Instead,
there is an USIF module which can either be an UART or a
SPI Controller.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2018-03-06 19:49:06 +01:00
Mathias Kresin
cde4f9008a lantiq: ltq-adsl: deactivate ASLR support
The package still leaks some user space linker options into the kernel
space. This breaks the build when ASLR is activated, deactivate it for
now.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-03-06 19:49:06 +01:00
Giuseppe Lippolis
aa5014dd1a ramips: mt7620n: enable port 4 as EPHY by default
According to the datasheet the mt7620n have a fixed switch configuration
with 5 ephy (10/100) port. No RGMII configuration is possible.

Drop the mdio node as well. Without RGMII, the mdio node doesn't make any
sense

Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
[drop mdio node, enable port4 by default]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-03-06 19:49:06 +01:00
Pawel Dembicki
39b5218434 ramips: mt7620: power up ephy port 4
In some boards port 4 of mt7620 switch is powered down in bootloader
configuration as lan/wan package leak mitigation.

Reset ephy port 4 to default settings to power up the port.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
[clarify issue in commit message]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-03-06 19:49:05 +01:00
Jason A. Donenfeld
b562c0c91b wireguard: bump to 20180304
7c0d711 version: bump snapshot
b6a5cc0 contrib: add extract-handshakes kprobe example
37dc953 wg-quick: if resolvconf/run/iface exists, use it
1f9be19 wg-quick: if resolvconf/interface-order exists, use it
4d2d395 noise: align static_identity keys
14395d2 compat: use correct -include path
38c6d8f noise: fix function prototype
302d0c0 global: in gnu code, use un-underscored asm
ff4e06b messages: MESSAGE_TOTAL is unused
ea81962 crypto: read only after init
e35f409 Kconfig: require DST_CACHE explicitly
9d5baf7 Revert "contrib: keygen-html: rewrite in pure javascript"
6e09a46 contrib: keygen-html: rewrite in pure javascript
e0af0f4 compat: workaround netlink refcount bug
ec65415 contrib: embedded-wg-library: add key generation functions
06099b8 allowedips: fix comment style
ce04251 contrib: embedded-wg-library: add ability to add and del interfaces
7403191 queueing: skb_reset: mark as xnet

Changes:

* queueing: skb_reset: mark as xnet

This allows cgroups to classify packets.

* contrib: embedded-wg-library: add ability to add and del interfaces
* contrib: embedded-wg-library: add key generation functions

The embeddable library gains a few extra tricks, for people implementing
plugins for various network managers.

* crypto: read only after init
* allowedips: fix comment style
* messages: MESSAGE_TOTAL is unused
* global: in gnu code, use un-underscored asm
* noise: fix function prototype

Small cleanups.

* compat: workaround netlink refcount bug

An upstream refcounting bug meant that in certain situations it became
impossible to unload the module. So, we work around it in the compat code. The
problem has been fixed in 4.16.

* contrib: keygen-html: rewrite in pure javascript
* Revert "contrib: keygen-html: rewrite in pure javascript"

We nearly moved away from emscripten'ing the fiat32 code, but the resultant
floating point javascript was just too terrifying.

* Kconfig: require DST_CACHE explicitly

Required for certain frankenkernels.

* compat: use correct -include path

Fixes certain out-of-tree build systems.

* noise: align static_identity keys

Gives us better alignment of private keys.

* wg-quick: if resolvconf/interface-order exists, use it
* wg-quick: if resolvconf/run/iface exists, use it

Better compatibility with Debian's resolvconf.

* contrib: add extract-handshakes kprobe example

Small utility for extracting ephemeral key data from the kernel's memory.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (git log --oneline description)
2018-03-06 08:52:13 +01:00
Hans Dedecker
5cbd22bb0f nghttp2: bump to 1.31.0
6e744662 Update bash_completion
478eac09 Update manual pages
88e2029e Bump up version number to 1.31.0, LT revision to 30:0:16
45d76cf5 nghttpx: Close listening socket on graceful shutdown
54573f28 Merge pull request #1137 from nghttp2/session-set-user-data
17793e99 Add nghttp2_session_set_user_data() public API function
5eac3c90 Update manual pages
e70195ae nghttpx: Update doc
fe51e7fa Merge pull request #1130 from nghttp2/avoid-inet_pton-macro
eb951c2c src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro
39f0ce7c Merge pull request #1126 from nghttp2/nghttpx-expired-client-cert
65157811 Merge pull request #1123 from nghttp2/mruby-client-cert-not-before-after
e8af7afc nghttpx: Add an option to accept expired client certificate
38abfd18 nghttpx: Add mruby tls_client_not_before, and tls_client_not_after
ff3edc09 nghttpx: Fix potential memory leak
0bb15406 Bump up version number to 1.31.0-DEV

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-03-05 10:44:20 +01:00
Felix Fietkau
606cea8f1b mt76: update to the latest version
cda627f mt76: add missing VHT maximum A-MPDU length capability
ffa2069 mt76: fix potential sleep in atomic context

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-04 19:40:29 +01:00
Felix Fietkau
97c624631a kernel: remove an old kernel compatibility line from module packaging
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-04 19:37:22 +01:00
Felix Fietkau
83ddc3bfc2 ar71xx: fix mii bus irq assignment
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-04 19:37:20 +01:00
Felix Fietkau
f62d2b9549 ar71xx: remove pdata->fifo_cfg*
The values are the same for all chipsets that use it

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-04 19:37:20 +01:00
Felix Fietkau
11d70f0600 mac80211: avoid sampling rates that are too slow, improves throughput
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-03 18:51:53 +01:00
Stijn Segers
e72b2464b1 kernel: bump 4.4 to 4.4.119
This bumps the 4.4. kernel in master to 4.4.119.
Includes more Meltdown & Spectre mitigation.

* Refresh patches.
* Refresh x86/config for RETPOLINE.
* Deleted 8049-PCI-layerscape-Add-fsl-ls2085a-pcie-compatible-ID.patch (accepted upstream)
* Deleted 8050-PCI-layerscape-Fix-MSG-TLP-drop-setting.patch (accepted upstream)
* Deleted 650-pppoe_header_pad.patch (does not apply anymore (code was replaced)).

Bumps from 4.4.112 to 4.4.115 were handled by Kevin Darbyshire-Bryant.

Compile-tested on: ar71xx & oxnas.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Rosen Penev <rosenp@gmail.com>
2018-03-03 12:58:56 +01:00
Magnus Kroken
5af85dab22 kernel: bump 4.9 to 4.9.85
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2018-03-03 12:58:55 +01:00
Hauke Mehrtens
45ae5c2de3 lantiq: Deactivate ASLR support for some applications
The lantiq components still leak some user space linker options into the
kernel space. This breaks with build when ASLR is activated, deactivate
it for now on these packages.

Fixes: FS#1391
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-03 12:58:55 +01:00
Hauke Mehrtens
d67b3d0df8 lantiq: ltq-vmmc: Do not leak user space CFLAGS into kernel space
Do not leak the user space CFLAGS into the kernel space any more, this
allows us to activate the MIPS16 build.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-03 12:58:55 +01:00
Hauke Mehrtens
58ad312755 lantiq: ltq-tapi: Do not leak user space CFLAGS into kernel space
Do not leak the user space CFLAGS into the kernel space any more, this
allows us to activate the MIPS16 build.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-03 12:58:55 +01:00
Hauke Mehrtens
4d90887496 lantiq: ltq-adsl: Do not leak user space CFLAGS into kernel space
Do not leak the user space CFLAGS into the kernel space any more, this
allows us to activate the MIPS16 build.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-03 12:58:55 +01:00
Hauke Mehrtens
b5c5f7d203 lantiq: ltq-vdsl: Do not leak user space CFLAGS into kernel space
Do not leak the user space CFLAGS into the kernel space any more, this
allows us to activate the MIPS16 build.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-03 12:58:55 +01:00
Hauke Mehrtens
13639e76dd lantiq: ltq-vdsl-mei: Do not leak user space CFLAGS into kernel space
Do not leak the user space CFLAGS into the kernel space any more, this
allows us to activate the MIPS16 build.

This decreases the size of the ipk file from 87589 bytes to 81267 bytes.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-03 00:53:35 +01:00
Hauke Mehrtens
c8abbf1e22 lantiq: ltq-ifxos: Do not force O3 build any more
Do not force to build with O3 optimization any more, but take what was
selected by the OpenWrt build system.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-03 00:53:35 +01:00
Hauke Mehrtens
c6162fdc50 lantiq: ltq-ifxos: activate build with mips16
The build process does not leak the user space cflags into the kernel
build process any more, this allows to activate MIPS16 builds.
This was fixed with some update of ifxos.

This decreases size of the  libifxos.a and the ltq-vdsl-app
old:
78320 libifxos.a
44383 ltq-vdsl-app_4.17.18.6-2_mips_24kc.ipk

new:
66852 libifxos.a
43506 ltq-vdsl-app_4.17.18.6-2_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-03 00:35:26 +01:00
Hauke Mehrtens
45fdb12258 kernel: generic: Add kernel configuration options
These options are needed for the mvebu arm64 target.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-02 23:15:28 +01:00
Stijn Segers
b5469b38cd kernel: bump 4.14 to 4.14.23
This patch bumps the 4.14 kernel to .23.
- Refreshed patches.
- Deleted bcm53xx/patches-4.14/089-PCI-iproc-Fix-NULL-pointer-dereference-for-BCMA.patch. Has been accepted upstream.
- Deleted generic/pending-4.14/821-usb-Remove-annoying-warning-about-bogus-URB.patch. The upstream URB code was changed,
  the patch no longer applies. I discussed this with the patch author and removed it for now, we'll see how it goes.

Compile-tested on: ramips/mt7621, x86/64
Run-tested on: ramips/mt7621, x86/64

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
2018-03-02 21:33:08 +01:00
Tomasz Maciej Nowak
844bdf94e4 mvebu: base-files: moving on from net-tools
Remove dependency on net-tools, replacing calls to ifconfig with iproute
equivalent, in functions changing interface MAC addresses.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2018-03-02 21:33:08 +01:00
Tomasz Maciej Nowak
d29a2814b7 mvebu: rename clearfog sysupgrade script and functions
Cosmetic name change of ClearFog sysupgrade script and its functions to
more generic sdcard. This way it won't be confusing for other future
device additions.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2018-03-02 21:33:08 +01:00
Tomasz Maciej Nowak
b1317a10f7 mvebu: remove fs declaration in mount commands
Allows to have other file system for boot partition without breaking
sysupgrade.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2018-03-02 21:33:08 +01:00
Tomasz Maciej Nowak
0ef28ea387 mvebu: unify boot.scr creation
Unify boot.scr generation so Makefile for device image generation won't
grow without a reason. Also make boot-scr step optional.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2018-03-02 21:33:08 +01:00
Tomasz Maciej Nowak
e4fa22397f mvebu: make sdcard bootloader option configurable
Remove the necessity for boot loader from SD card image creation process
and make it configurable.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2018-03-02 21:33:07 +01:00
Tomasz Maciej Nowak
e10ea566cc mvebu: fix partition type and signature for sdcard
Previously the partition signature was assigned from provided type. Now
both are corrected wherein signature is always generated from
SOURCE_DATE_EPOCH. With that the root file system can be identified
by PARTUUID string, without relying on static declaration of device node.
This commit also does some cosmetics, removing trailing whitespace and
replacing spaces with tab.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2018-03-02 21:33:07 +01:00
Tomasz Maciej Nowak
652a13e920 mvebu: remove redefinition of image name for clearfog
The IMAGE_NAME redefinition causes overwriting of generated SD card
image when multiple root file system types are selected. In result only
single SD card image is generated. This commit fixes this behaviour.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2018-03-02 21:33:07 +01:00
Josua Mayer
9a82076592 mvebu: clearfog: use partition uuid for root= bootarg
U-Boot already knows where it found the boot.scr, and
figuring out the partition UUID becomes trivial at this point.
This change allows booting OpenWrt from whatever storage it has been
flashed to: SD card, eMMC, USB disk or SATA disk.

Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
[replace lede with openwrt, redact commit message]
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2018-03-02 21:33:07 +01:00
Hauke Mehrtens
98aa44ce79 mvebu: Use kernel 4.14 by default
I am not aware of any regressions in kernel 4.14 compared to kernel 4.9.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-02 21:33:07 +01:00
Hauke Mehrtens
e54f937f51 mvebu: activate more workarounds for ARM erratas
The Armada XP uses a Marvell PJ4Bv7 Processor for which already one
workaround for an errata is activated.
The Armada 285 uses a Cortex A9 r4p1 for which the Linux kernel provides
a workaround for ERRATA_764369, activate this.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-02 21:33:07 +01:00
Kabuli Chana
0a3df09cd1 mwlwifi: Update to version 10.3.4.0-20180226
move to latest version, address vfs_write issue

Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
2018-03-02 21:33:07 +01:00
Hauke Mehrtens
6734ffb851 kernel: generic: Move config option to generic
This is deactivated in all targets using the DSA switch driver with
kernel 4.14.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-02 21:32:19 +01:00
Hans Dedecker
694f0bb5af gre: squash grev4 and grev6 packages into gre (FS#1399)
The split-up into packages gre, grev4 and grev6 causes confusion for the
users as reported in FS#1399.
As IPv4 and IPv6 are considered now as bundled; squash the grev4 and grev6
packages into the gre package and let gre provide both grev4 and grev6.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-03-02 15:58:09 +01:00