Commit graph

12945 commits

Author SHA1 Message Date
Hauke Mehrtens
12db207e9b openssl: update to version 1.0.2k
This fixes the following security problems:
CVE-2017-3731: Truncated packet could crash via OOB read
CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64
CVE-2016-7055: Montgomery multiplication may produce incorrect results

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-27 23:38:17 +01:00
Felix Fietkau
9f7fc2376d kernel: mark nvmem as hidden, it is only used as a library for other modules
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-27 16:54:30 +01:00
Jo-Philipp Wich
475da81ec0 ixp4xx: put apex images into image staging directory
Do not put the apex images into the kernel build directory as this directory
might get removed after kernel updates while the apex packages InstallDev
recipe is not getting re-executed because it is still considered current,
leading to image build failures later on due to missing images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Jo-Philipp Wich
e0579aecf8 mxs: put u-boot images into image staging directory
Do not put the u-boot images into the kernel build directory as this directory
might get removed after kernel updates while the u-boot packages InstallDev
recipe is not getting re-executed because it is still considered current,
leading to image build failures later on due to missing images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Jo-Philipp Wich
7f9d537f21 oxnas: put u-boot images into image staging directory
Do not put the u-boot images into the kernel build directory as this directory
might get removed after kernel updates while the u-boot packages InstallDev
recipe is not getting re-executed because it is still considered current,
leading to image build failures later on due to missing images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Jo-Philipp Wich
cf3d1b61bf sunxi: put u-boot images into image staging directory
Do not put the u-boot images into the kernel build directory as this directory
might get removed after kernel updates while the u-boot packages InstallDev
recipe is not getting re-executed because it is still considered current,
leading to image build failures later on due to missing images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Jo-Philipp Wich
c6502ce3bb layerscape: put u-boot and ucode images into image staging directory
Do not put the u-boot and ucode images into the kernel build directory as this
directory might get removed after kernel updates while the u-boot packages
InstallDev recipe is not getting re-executed because it is still considered
current, leading to image build failures later on due to missing images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Jo-Philipp Wich
237bd36135 mvebu: put u-boot images into image staging directory
Do not put the u-boot images into the kernel build directory as this directory
might get removed after kernel updates while the u-boot packages InstallDev
recipe is not getting re-executed because it is still considered current,
leading to image build failures later on due to missing u-boot images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Felix Fietkau
82d580e8b5 ath9k: fix up a refcount imbalance error in the IRQ related fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-27 15:43:28 +01:00
Chris Blake
fe12d51cd4 leds-apu2: Add PC Engines APU2 LED driver
This adds support for the PCB LEDs and Reset Button found on the PC
Engines APU2/APU3 embedded boards.

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2017-01-27 11:18:27 +01:00
Felix Fietkau
9ed108e98b kernel: update kmod-* packaging and dependencies for linux 4.9
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-27 11:18:27 +01:00
Felix Fietkau
28af0f2fbd kernel: make kmod package dependencies forward compatible
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-27 11:18:27 +01:00
Magnus Kroken
33f8f6c4d8 openvpn: add support for various new 2.4 configuration options
Updates to openvpn.init were included in early OpenVPN 2.4 patch
series, but got lost along the way and were never merged.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2017-01-27 11:18:27 +01:00
Koen Vandeputte
71f4d8a095 netfilter: re-enable TEE support for kernel 4.4
It got disabled in commit 4454a3fb63
but works nicely these days.

Tested on cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2017-01-27 11:18:27 +01:00
Toke Høiland-Jørgensen
d45f81d7b1 kmod-sched-core: Add HTB and TBF traffic shapers
HTB and TBF are the basic traffic shapers used by sqm-scripts. Moving
these into kmod-sched-core enables sqm-scripts to downgrade its
dependency from kmod-sched to kmod-sched-core, potentially making it
useful on devices with smaller flash sizes.

This adds around 30k to the size of kmod-sched-core (20k for sch_htb.ko
and 10k for sch_tbf.ko).

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2017-01-27 11:18:27 +01:00
Chris Blake
a5eee54fd3 gpio-nct5104d: Add nct5104d driver package
This adds support for the SuperIO chip nct5104d found on the PC Engines
APU boards, which allows for a handful of additional ports, such as 2x
additional UART pinouts, enabling an external watchdog (no driver for
this functionality yet), and 16 GPIO pins. More info can be found at
https://pcengines.ch/ht_gpio.htm

Thanks to @feckert for helping package this.

Cc: Florian Eckert <Eckert.Florian@googlemail.com>

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2017-01-27 11:18:27 +01:00
Hans Dedecker
2ef3810f9e odhcpd: update to git HEAD version
c4f9ace odhcpd: decrease default log level to LOG_INFO
a6eadd7 odhcpd: rework IPv6 interface address dump
44965f1 odhcpd: extra syslog tracing

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-26 21:38:26 +01:00
Hans Dedecker
1b8fcd0135 netifd: update to git HEAD version
650758b interface-ip: route proto config support (FS#170)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-26 21:38:05 +01:00
Yousong Zhou
034bed3707 base-files: uppercase default hostname: LEDE
The name will appear in shell prompt and LuCI page title.  Uppercase
letters seem to be more vigorous

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-01-26 18:10:10 +01:00
Jo-Philipp Wich
453343a834 ubox: import kmodloader fixes
Update ubox to latest Git head in order to import the following fixes:

14839f0 kmodloader: make insert_module() idempotent
6e3c6dc kmodloader: add module alias awareness
9371411 kmodloader: fix out-of-bound access when parsing .modinfo
a62c946 kmodloader: modprobe: skip possible command line arguments
46a4b5f kmodloader: log to kmsg when loading directories of modules
eacc426 kmodloader: remove redundant glob wildcard char
8488bb5 ubox: Initialize conditionally uninitialized variable
db070f1 ubox: Fix some memory leaks
acc48b5 kmodloader: Fix typo in error message

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-26 18:07:37 +01:00
Yousong Zhou
81aeba9b7f ubox: install kernel module utilities to /sbin directory
This is how other Linux distributions are doing and kernel
modprobe_path[] of request_module() also has a default value of
/sbin/modprobe

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-01-26 18:07:37 +01:00
Bastian Bittorf
b54cbad6ef procd: update procd.sh to disallow signal-numbers, enforce signal-names
A given signal-name is now converted to the corresonding number. In general
it's good style to use names (readability) and it's more portable: signal
numbers can be architecture-dependent, so we are more safe giving names.

A real world example is signal 10, which is BUS on ramips and USR1 on PPC.

All users of 'procd_send_signal' must change their code to reflect this.

Signed-off-by: Bastian Bittorf <bb@npl.de>
2017-01-26 18:07:37 +01:00
Sven Roederer
c7a7e7c94e openvpn: ssl-enabled variants also provide a virtual openvpn-crypto package
When relying on x.509 certs for auth and / or encryption of traffic you can't
use package openvpn-nossl.
Just have your package depend on openvpn-crypto to have SSL-encryption and
X.509-support enabled in OpenVPN. If encryption / X.509 is not a must, use
virtual packge openvpn, which is provided by all OpenVPN-variants.

Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
2017-01-26 18:07:37 +01:00
Matthias Schiffer
0c50ea6289
procd: update to latest git HEAD
0f58977 init: fix /tmp permissions on zram

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-26 16:19:45 +01:00
Kevin Darbyshire-Bryant
a40f3f90d6 iproute2: cake: add 'mpu' minimum packet length support
Add 'mpu' minimum length packet size parameter for scheduling/bandwidth
accounting.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-26 15:46:01 +01:00
Kevin Darbyshire-Bryant
e38bafb65a kmod-sched-cake: add 'mpu' minimum packet length support
Add 'mpu' minimum packet length for scheduling/bandwidth accounting
purposes.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-26 15:46:01 +01:00
Steven Honson
c0ed04ce45 hostapd: default to wps_independent 1
Signed-off-by: Steven Honson <steven@honson.id.au>
2017-01-26 14:41:31 +01:00
Steven Honson
c0345d93a2 hostapd: expose wps_independent and ap_setup_locked as uci options
ap_setup_locked is named wps_ap_setup_locked in uci for consistency with other
wps related uci options.

Signed-off-by: Steven Honson <steven@honson.id.au>
2017-01-26 14:41:31 +01:00
Gabe Rodriguez
7ba589085a mwlwifi: Fixes rewritten history hash and latest version
The author of the upstream mwlwifi edited the history of the previous commit.
This commit not only fixes the updated hash but also sends in the latest
commits he made to the code which are mainly testing.

Signed-off-by: Gabe Rodriguez <lifehacksback@gmail.com>
2017-01-26 13:53:57 +01:00
Wilco Baan Hofman
fa0ac030f5 Fix dependency for hostapd
Signed-off-by: Wilco Baan Hofman <wilco@baanhofman.nl>
2017-01-26 11:38:21 +01:00
Hannu Nyman
7ba2062744 opkg: clarify messages and errors related to downloads
Clarify opkg's messages related to downloads:

* more visible error message for package list download failure
* separate error message for signature file download error
* if wget returns 4, signal the network error more clearly
* remove '.' from end of filenames and URLs

* try signature check only if the package list was downloaded ok.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-01-26 11:38:20 +01:00
Felix Fietkau
b94177e10f ath9k: add stability fixes for long standing hang issues (FS#13, #34, #373, #383)
The radio would stop communicating completely. This issue was easiest to
trigger on AR913x devices, e.g. the TP-Link TL-WR1043ND, but other
hardware was occasionally affected as well.

The most critical issue was a race condition in disabling/enabling IRQs
between the IRQ handler and the IRQ processing tasklet

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-25 16:25:48 +01:00
Felix Fietkau
4cacc1c5f5 mac80211: refresh patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-25 16:25:48 +01:00
Mathias Kresin
b52932e773 uboot-lantiq: mark SPL variants as broken
All SPL variants are lzo compressed. The lzop binary is used for
compression but is not available in tools.

Additionally at least the NAND SPL support is broken and doesn't create
working bootloaders.

The fb3370 SPI NOR SPL enabled u-boot isn't required for LEDE since the
LEDE images are targeting the pre-installed EVA bootloader.

Mark these u-boot variants as well as the SPL variants for the
reference boards as broken till the lzma issues are fixed upstream and
we can use lzma instead of lzo compression.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-01-25 09:35:04 +01:00
Felix Fietkau
d974e5a235 uboot-lantiq: fix a tool portability issue
Use the standard off_t type instead of loff_t

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-25 08:29:16 +01:00
Felix Fietkau
07c9bde0da mxs: fix image build issues
stage u-boot images in KERNEL_BUILD_DIR for building images
always select uboot-mxs

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-25 07:48:43 +01:00
Matthias Schiffer
86ccaf4c18
base-files: fix user creation on sysupgrade with few opkg control files
If only a single opkg control file exists (which can happen with
CONFIG_CLEAN_IPKG), grep would not print the file name by default. Instead
of forcing it using -H, we just switch to -l (print only file names) and
get rid of the cut.

Add -s to suppress an error message when no control files exist.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-24 19:08:41 +01:00
Rafał Miłecki
4376e69473 mac80211: brcmfmac: don't use uninitialize mem for country codes
There was a bug in brcmfmac patch that could result in treating random
memory as source of country codes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-01-24 16:55:21 +01:00
Felix Fietkau
6b013019f9 Add back the commit "ath9k: Add airtime fairness scheduler"
This reverts commit c296ba834d.
According to several reports, the issues with the airtime fairness
changes are gone in current versions.
It's time to re-apply the patch now.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:25 +01:00
Alberto Bursi
55ecceb84e uboot-envtools: add nsa310b envs
accessing the u-boot's envs on this device is required to read the mac address.
These are the envs of the new u-boot, not of the stock one.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-01-24 16:21:25 +01:00
Felix Fietkau
317bd88973 uboot-zynq: switch to u-boot.mk
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:25 +01:00
Felix Fietkau
e018c4d7ab uboot-sunxi: clean up, switch to u-boot.mk
Instead of referencing u-boot packages from device profiles and having a
-all metapackage, make the u-boot packages hidden (they don't install to
bin/ anyway), and name the files in KERNEL_BUILD_DIR appropriately

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:25 +01:00
Felix Fietkau
9913c4eae4 uboot-pxa: remove package
support for pxa has been gone for a long time now

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:25 +01:00
Felix Fietkau
bb88ec947f uboot-oxnas: switch to u-boot.mk
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:25 +01:00
Felix Fietkau
12bfa1c425 uboot-omap: switch to u-boot.mk
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:24 +01:00
Felix Fietkau
ce997eb591 uboot-mxs: switch to u-boot.mk
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:24 +01:00
Felix Fietkau
366c33962c uboot-mvebu: switch to u-boot.mk
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:24 +01:00
Felix Fietkau
608d36e423 uboot-layerscape-32b: simplify the package, it does not build anything
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:24 +01:00
Felix Fietkau
0dbdc2a98d uboot-layerscape: switch to u-boot.mk
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:24 +01:00
Felix Fietkau
605a03dade uboot-imx6: switch to u-boot.mk
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:24 +01:00