Commit graph

12842 commits

Author SHA1 Message Date
Koen Vandeputte
05abcf518d hostapd: update to version 2016-12-19
Update to latest upstream HEAD:

- Refreshed all
- Fixes 2 regressions:
--> PeerKey: Fix STK 4-way handshake regression
--> PeerKey: Fix EAPOL-Key processing

Compile tested Full & Mini configs
Run-tested Mini config

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2016-12-20 21:35:56 +01:00
Felix Fietkau
e5e98d58f7 ncurses: set ABI_VERSION to avoid running into rebuild issues
When the version changes, this will force rebuild of packages depending
on it.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 17:07:58 +01:00
Felix Fietkau
4e138663c6 Revert mirror hash fixes
They are based on obsolete download tarballs

Revert "usign: fix mirror hash" (4f874423fd)
Revert "ubox: fix mirror hash" (9ee74b5753)
Revert "opkg: fix mirror hash" (bf6f4bfad1)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:32:08 +01:00
Kevin Darbyshire-Bryant
8515deb60a ath10k-firmware: bump qca988x version
Bump qca988x firmware to firmware-5.bin_10.2.4.70.59-2

Run tested: Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-20 16:24:22 +01:00
Andy Strohman
7acb7dc3db ath10k-ct: Enable DFS when "Enable DFS support" is set for kmod-ath
This allows users of this package to configure DFS channels.
It mimics the behaviour of the ath10k module included in
package mac80211

Signed-off-by: Andy Strohman <andrew@andrewstrohman.com>
2016-12-20 16:24:22 +01:00
Felix Fietkau
4344eb62bf mwlwifi: select 802.11ac support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:22 +01:00
Felix Fietkau
2d4c42ad49 mt76: select 802.11ac support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:22 +01:00
Alexis Green
84daeb2e14 ath10k-ct: ath10k-ct specifies that it supports 802.11ac mode
Signed-off-by: Alexis Green <agreen@cococorp.com>
2016-12-20 16:24:22 +01:00
Alexis Green
8f3d8c0022 mac80211: ath10k specifies that it supports 802.11ac mode
Signed-off-by: Alexis Green <agreen@cococorp.com>
2016-12-20 16:24:22 +01:00
Alexis Green
77ece30eb9 hostapd: Add ability to specify that that wireless driver supports 802.11ac
Signed-off-by: Alexis Green <agreen@cococorp.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [make more generic]
2016-12-20 16:24:22 +01:00
Felix Fietkau
842ed8448d kexec-tools: remove useless CONFIG_KEXEC_TOOLS_TARGET_NAME indirection
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:22 +01:00
Felix Fietkau
fe4fe3edf2 kexec-tools: build by default, even if CONFIG_KERNEL_KEXEC is unset
Helps find build issues and makes the package available on snapshot
builds

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:22 +01:00
Felix Fietkau
ff47fb0dd9 kexec-tools: enable support for x86_64
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:22 +01:00
Felix Fietkau
1a071115d6 kexec-tools: update to 2.0.14-rc1, fix build errors
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:21 +01:00
Gilles Mazoyer
364ec6e0e0 kexec-tools: fix compile error
When compiling file vmcore-dmesg.c, several errors "unknown type name 'loff_t'"

Signed-off-by: Gilles Mazoyer <mazoyer.gilles@omega.ovh>
2016-12-20 16:24:21 +01:00
Alexandru Ardelean
65c8f2890c grub2: upgrade to 2.02-beta3 (3 years newer than previous)
'100-musl-compat.patch' does not seem to be required anymore.
'210-fix_serial_rtscts.patchi' is superseeded by:
http://git.savannah.gnu.org/cgit/grub.git/commit/?id=bac5d1a64ab4191058a8fd4c05f6b3b339e249e7

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 16:24:21 +01:00
Alexandru Ardelean
77812cdfec grub2: disable 'check-macro-version' build rule in 'po' build
This seems to occur when gettext-full is built on the host-side
and the autoreconf stuff re-generates some of the build files,
except for the po/Makefile.in.in

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 16:24:21 +01:00
Alexandru Ardelean
2b54fa4dff grub2: do not generate mkfonts at build time
Even though these fonts may not be installed, they seem to be
generated at build time.

Seems that the configure script re-generated from configure.ac
is a bit more annoying than it has to be.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 16:24:21 +01:00
Alexandru Ardelean
b33845b2da grub2: add PKG_FIXUP:=autoreconf
Reboot of: a0ea22ac43
Reverted: 3c52cbfa53

The host-side build of grub2 requires this sometimes.
This will re-generate the ./configure script from configure.ac.
I don't know the conditions of how this reproduces, it just
sometimes appears, and sometimes doesn't.

Build error
```
<lede-dir>/build_dir/target-x86_64_musl-1.1.15_yogi/host/grub-2.02~beta2/build-aux/missing: line 81: aclocal-1.14: command not found
WARNING: 'aclocal-1.14' is missing on your system.
         You should only need it if you modified 'acinclude.m4' or
         'configure.ac' or m4 files included by 'configure.ac'.
         The 'aclocal' program is part of the GNU Automake package:
         <http://www.gnu.org/software/automake>
         It also requires GNU Autoconf, GNU m4 and Perl in order to run:
         <http://www.gnu.org/software/autoconf>
         <http://www.gnu.org/software/m4/>
         <http://www.perl.org/>
Makefile:3962: recipe for target 'aclocal.m4' failed
```

Adding PKG_FIXUP adds sanity (i.e. autoreconf is used for host & target
builds) over just using HOST_FIXUP.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 16:24:21 +01:00
Koen Vandeputte
f628d0e0e9 hostapd: update to version 2016-12-15
Update to latest upstream HEAD:

- Refreshed all
- Delete patches and parts which made it upstream

Compile tested Full & Mini configs
Run-tested Mini config

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [another update, remove broken patch]
2016-12-20 16:24:21 +01:00
John Crispin
4f874423fd usign: fix mirror hash
Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 13:43:30 +01:00
John Crispin
9ee74b5753 ubox: fix mirror hash
Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 13:43:29 +01:00
John Crispin
bf6f4bfad1 opkg: fix mirror hash
Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 13:43:29 +01:00
Felix Fietkau
cbca3ae92e libs/cyassl: re-enable the stunnel flag
This partially reverts commit 15734b023b.
--enable-stunnel was actually important and properly described in
commit 9b118cde89. Removing it broke ustream-cyassl

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 10:42:23 +01:00
Hans Dedecker
bbe825c74d procd: update procd.sh to support sending kill signal to a service
Add procd_send_signal which allows to send an optional specified
kill signal to one specified  or all instances of a given service.
By default SIGHUP is sent if no signal is specified

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-20 09:35:54 +01:00
Rafał Miłecki
b522292405 base-files: add support for overlaying rootfs content
This adds support for install-overlay define. When used in package it
allows installing files to a special directory that gets copied to the
root when installing it.
It allows overwriting files provided by other packages.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-12-20 09:35:36 +01:00
Alexandru Ardelean
3c1f20d0bb libnl-tiny: define _GNU_SOURCE if not defined
If _GNU_SOURCE was added as part of a package's TARGET_CFLAGS,
then compilation would fail for that module (especially if
warnings get treated as errors).

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 09:35:36 +01:00
Kevin Darbyshire-Bryant
4e1f7ad56e kmod-sched-cake: diffserv3 & change defaults
Follow upstream cake:

diffserv3: a simple 3 tin classifier more in line with sqm-scripts
defaults for other qdisc algorithms.

defaults: default qdisc options are now diffserv3 and triple-isolate.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-20 09:35:36 +01:00
Kevin Darbyshire-Bryant
197b11f325 iproute2: tc - update cake support
Update tc to track upstream cake changes:

diffserv3 - a simple 3 tin classifier

Also make diffserv3 and triple-isolate default

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-20 09:35:36 +01:00
Daniel Engberg
15734b023b libs/cyassl: Enable multithreading, drop stunnel
More and more platforms are multicore SoCs, don't enforce singlethreading.
Drop stunnel option as stunnel code isn't available for download from upstream website.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-12-20 09:35:36 +01:00
p-wassi
6a902108a8 libs/ncurses: update to 6.0
Update libncurses to upstream release 6.0

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
6b08a47263 kernel: add support for Option Fusion+ PCMCIA card
New package kmod-pcmcia-nozomi to suppot Option Fusion+ HSDPA PCMCIA
modem.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
d2da2c2cb3 kernel: add support for PD6729 PCMCIA bridge
New package kmod-pcmcia-pd6729 to support Cirrus Logic PD6729
PCI-to-PCMCIA bridge.

Signen-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
04f29eef37 firmware: add support for PCMCIA Aircard's
Add .cis firmware for Sierra Wireless Aircard GPRS/3G PCMCIA modems:

 - Aircard 555
 - Aircards 7xx
 - Aircards 8x0

There is a package named sierra-pcmcia in obsoleted repository for
packages at git.openwrt.org but there's no reason to reintroduce it in
current packages repo because these files are part of upstream
linux-firmware.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
676a11d710 kernel: enable CONFIG_PCMCIA_LOAD_CIS
Allow to load .cis firmware updates from userspace. Some of PCMCIA cards
need to update Card Information Structure (CIS) to work properly.

Signen-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
87bc410f7c kernel: declare AddDepends in pcmcia.mk
Stack repeated definitions to easy further additions.

Signen-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
a7cacc9735 kernel: don't load pcmcia_rsrc in kmod-pcmcia-yenta
Kmod-pcmcia-yenta already depends on kmod-pcmcia-rsrc so there is no
need to load it second time.

Signen-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Piotr Dymacz
1599a14b32 uboot-envtools: drop executable file attribute from files/ipq
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-20 09:35:36 +01:00
Piotr Dymacz
a9ce2ba31c uboot-envtools: fix Edimax BR-6425 board name
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-20 09:35:36 +01:00
Piotr Dymacz
35ed3be59f uboot-envtools: fix code formatting style in uci-defaults files
Few minor code formatting style fixes, including:

- keep one board per line
- always use "|\" (for consistency)
- remove redundant double quotes and empty lines

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-20 09:35:36 +01:00
Piotr Dymacz
f70a2adca1 uboot-envtools: keep boards in alphabetical order
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-20 09:35:36 +01:00
Nickolay Ledovskikh
600d648a0d uqmi: Prevent 'POLICY MISMATH' error.
Add uqmi 'sync' command call to release stalled cid when preparing to
setup new connection. As a result it prevents 'POLICY MISMATCH' errors.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:36 +01:00
John Crispin
4146047eaf uqmi: bump to latest git HEAD
8ceeab6 uqmi: Change returned value to QMI_CMD_REQUEST for 'sync' command.
1dc7be1 uqmi: Add sync command to release all cids.

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 09:35:35 +01:00
Nickolay Ledovskikh
6439e39677 uqmi: add support of using device symlinks.
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:35 +01:00
Nickolay Ledovskikh
13ab314b0b comgt: add support of using device symlinks.
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:35 +01:00
Yousong Zhou
cf62a17710 hostapd: remove never-used Package/<name>/Description
The build system only accepts Package/<name>/description and since the
typoed version virtually has the same content as the TITLE field, remove
them altogether

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2016-12-20 09:35:35 +01:00
John Crispin
ef94b9d08e mdns: bump to latest git HEAD
be8ae8d cmake: Search for libjson-c
1fa9077 Fix IPv6 read
846369c Revert "mdnsd: interface: enable looped back messages"

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 09:35:35 +01:00
John Crispin
f145a64fb6 mountd: update to latest git HEAD
dd5799c mountd: Add static qualifier to missing variable declarations.
bc4a6dd mountd: Fix fgets check.
3dd115b cmake: Really look for uci.h

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 09:35:35 +01:00
Felix Fietkau
dea6baf8fa usbutils: fix download filename
The name needs to include the revision, otherwise it is not
automatically re-downloaded on updates.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-19 18:34:25 +01:00
Felix Fietkau
a032940bfb Revert "ath9k: Add airtime fairness scheduler"
Accidentally pushed to the wrong branch

This reverts commit 47bc081e76.
2016-12-19 14:08:02 +01:00
Toke Høiland-Jørgensen
47bc081e76 ath9k: Add airtime fairness scheduler
This adds a patch that introduces airtime fairness scheduling to ath9k,
which can significantly improve network efficiency in mixed-rate
environments.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-19 13:59:32 +01:00
Christian Lamparter
b3a871dd3d mac80211: backport "cfg80211: limit scan results cache size"
The patch commit states:
"It's possible to make scanning consume almost arbitrary amounts
of memory, e.g. by sending beacon frames with random BSSIDs at
high rates while somebody is scanning.

Limit the number of BSS table entries we're willing to cache to
1000, limiting maximum memory usage to maybe 4-5MB, but lower
in practice - that would be the case for having both full-sized
beacon and probe response frames for each entry; this seems not
possible in practice, so a limit of 1000 entries will likely be
closer to 0.5 MB."

Signed-off-by: Johannes Berg <johannes.berg@intel.com>"

This patch was added in 4.4.36. But because LEDE backports
cfg80211, mac80211 and the wifi drivers separately, it needs
to be added manually for now. It can be dropped later as it
will be part of the next mac80211 refresh.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2016-12-19 13:51:21 +01:00
Felix Fietkau
00bc7f0357 mac80211: merge a number of minstrel/minstrel_ht performance and memory usage improvements
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-19 13:51:21 +01:00
Hans Dedecker
6f77b8d510 odhcpd: Bump to git HEAD version (various fixes)
e055530 Don't print non bound assignments in the state file
3af23ad config: Fix RA interface config being overwritten
41b5268 dhcpv6-ia : Fix static DHCPv6 assignments becoming non static
be6c515 dhcpv6-ia: Fix assignment of static DHCPv6 leases
374dc3f cmake: Find libubox/uloop.h
01c919c odhcpd: Display infinite valid lifetime as -1
2016-12-17 22:23:49 +01:00
Felix Fietkau
180e93ba8b build: add CHECK_ALL variable to allow make download/check to include not selected packages
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-17 10:36:52 +01:00
Felix Fietkau
7a315b0b5d build: implement make check and make package/X/check
This is intended to be used for a wide array of package sanity checks.

The first check that is implemented is for the hash of downloaded files.
It checks:
  - Missing hash
  - Use of SHA256 instead of MD5
  - dl/<file> hash not matching hash in makefile
  - deprecated MD5SUM variable

The deprecated MD5SUM variable check is skipped for feeds/ until OpenWrt
is updated as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-17 10:36:25 +01:00
Felix Fietkau
720b99215d treewide: clean up download hashes
Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 22:39:22 +01:00
Ben Greear
4921760a45 ath10k-ct: Update to latest CT ath10k driver.
This works around deadlock and/or memory corruption during
firmware crash and improves ability to configure number of
tids in firmware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-12-16 22:37:59 +01:00
Hans Dedecker
7d760284a7 odhcp6c: Pass parameters to user dhcpv6 script
Pass all the parameters like device, dhcpv6 state to user script

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-16 18:49:56 +01:00
Florian Fainelli
44ac4adb34 map: Have cmake find libubus.h
Update CMakeList.txt to look for libubus.h since we depend on it.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-16 18:46:27 +01:00
Felix Fietkau
f3b866f93a ath10k-firmware: fix typo
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 15:08:57 +01:00
Felix Fietkau
3a1e3b4e0d package/kernel/linux: only access kernel config if DUMP is unset
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 14:44:08 +01:00
Felix Fietkau
7747fac375 ath10k-firmware: untangle CT firmware filenames, fix conflicts
CT firmware files use the same filename with a different URL for
different chips. Since all files end up in dl/, filenames need to be
unique as well.
Add a chip prefix to the output filename to fix this issue.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 14:42:12 +01:00
John Crispin
93227e4d3f dnsmasq: fix service reload
The SIGHUP also got sent to the reload script making it bail out
with an error

Revert "dnsmasq: reload config if host name is modified"
This reverts commit 854459a2f9.

Reported-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
2016-12-16 10:40:10 +01:00
Felix Fietkau
fb237477fd mt76: update to the latest version, fixes a build error on some platforms
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-15 13:02:31 +01:00
Hauke Mehrtens
fb74550bdf odhcpd: update sha256sum
The sha256sum was not updated in the last commit.

Fixes: a7c231027 [odhcpd: Fix dnsmasq re-reading hostfile]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-14 21:43:58 +01:00
Jo-Philipp Wich
e0b8b24cfb base-files: fix CONFIG_VERSION_DIST default
Fix the default value of CONFIG_VERSION_DIST to use uppercase "LEDE".

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 19:55:20 +01:00
Jo-Philipp Wich
a4232cd4bf build: use SNAPSHOT instead of CURRENT to designate untagged branch builds
Calling a build ##.##-CURRENT might mislead users into thinking that this
build is the most current release of a branch.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 18:43:49 +01:00
Jo-Philipp Wich
3494ca66c5 linux: do not autoload sdhci.ko as sdhci-pltfm.ko already depends on it
Currently, installing kmod-sdhci fails with "sdhci is already loaded" since
"sdhci.ko" is inserted explicitely first, the implicitely loaded again when
"sdhci-pltfm.ko" is inserted as the latter depends on the former.

Remove the explicit autoprobe of "sdhci.ko" to fix the postinstall script.

Acked-by: John Crispin <john@phrozen.org>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 18:41:21 +01:00
Felix Fietkau
970dd4dd58 kernel: netfilter: split out iptable_raw into a separate package
This will avoid loading it in the default configuration, which reduces
image size a bit, and (more importantly) improves performance by
avoiding some unnecessary netfilter hooks

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:14 +01:00
Felix Fietkau
e82c8d6e20 swconfig: replace the shared library with a static one
Reduces binary size

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:13 +01:00
Felix Fietkau
e175a4d4f1 ppp: use --gc-sections to save a tiny bit of space
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:13 +01:00
p-wassi
4297f4f901 libs/libpcap: update to 1.8.1
Update libpcap to upstream release 1.8.1
Change the name from libpcap.so.1.3 to libpcap.so.1
Remove parts of patch 201 which moved code among src files.
Import patch 204 from Debian to update the USB path.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix parallel build bug]
2016-12-14 12:13:13 +01:00
Felix Fietkau
28f6951600 ath10k: fix a soft-lockup on firmware restart
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:13 +01:00
Felix Fietkau
7dcccacb98 ath10k: fix a bug on sending null-func frames
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:04:52 +01:00
Alberto Bursi
70011393a9 ath10k-firmware: removed broken submenu
this package references an undefined variable for its submenu.
Remove this NOP variable assignment.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-12-14 11:05:54 +01:00
Alberto Bursi
1e15d92de1 kernel: add a missing submenu
this kernel module currently does not set submenu.
Fix this by adding it to the "Others" submenu

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-12-14 11:05:41 +01:00
Matti Laakso
5bd3b9dfc0 comgt-ncm: Add support for specifying profile index
Add support for specifying a call profile index instead of APN. A
specific index different from 1 must be used for some service
provider and modem combinations.

In addition, change the manufacturer detection to use the standard
AT+CGMI command, which produces more predictable output than ATI,
remove the redundant ipv6 option, since it is less ambiguous to
directly specify the PDP context type with mobile connections, and
fix missing device during teardown when using ncm through the wwan
proto.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
2016-12-14 10:37:01 +01:00
Matti Laakso
2e2748b053 uqmi: Add support for specifying profile index
Update uqmi to latest version, which brings about support for
specifying a call profile index instead of APN. A specific index
different from 1 must be used for some service provider and modem
combinations.

Also change option dhcp to dhcpv6, since IPv4 now always uses DHCP,
replace option ipv6 with pdptype, which is less ambiguous, and
make autoconnect optional and default it to off for IPv6 due to it
not working with statically configured IPv6.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
2016-12-14 10:37:01 +01:00
Dario Ernst
866b7bad00 dropbear: clean up default PATH handling in makefile
Harmonise handling of DEFAULT_PATH by removing the patch introducing #ifndef
guards around the path, and only using one means to set the path in the
makefile.

Signed-off-by: Dario Ernst <Dario.Ernst@riverbed.com>
2016-12-14 10:37:01 +01:00
Jo-Philipp Wich
b22a20af45 procd: add support for service signals
Update procd to latest HEAD in order to introduce support for services signals:

- Adds a new service.signal ubus call to send a kill() signal to one or all
  running instances of a given service

- Adds a new "reload_signal" property which allows service init scripts to
  request procd to send a specific kill() signal on reload, instead of
  stopping and restarting running processes

Also fixes some potential memory leaks reported by cppcheck and an environment
variable corruption in the trace command.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:14:08 +01:00
Jo-Philipp Wich
e2f8d200f5 netfilter: drop proprietary xt_id match
The xt_id match was used by the firewall3 package to track its own rules but
the approach has been changed to use xt_comment instead now, so we can drop
this nonstandard extension.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:05:06 +01:00
Jo-Philipp Wich
2daab45cae firewall3: drop support for automatic NOTRACK rules
Update to current HEAD in order to drop automatic generation of per-zone
NOTRACK rules.

The NOTRACK rules used to provide a little performance improvement but the
later introduction of the netfilter conntrack cache made those rules largely
unnecessary. Additionally, those rules caused various issues which broke
stateful firewalling in some scenarios.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:05:06 +01:00
Hauke Mehrtens
a6781ef4c1 kernel: kmod-hwmon-tmp102: add dependency to kmod-thermal
Depend on the kmod-thermal package when it is activated, this fixes
compile problems on some targets.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-14 00:15:33 +01:00
Hans Dedecker
a7c2310278 odhcpd: Fix dnsmasq re-reading hostfile
Depending on the dhcp uci config pidof dnsmasq can return
multiple pids. Fix re-reading of the hostfile by dnsmasq in
such case by sending SIGHUP signal to each of the returned
pids.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-13 23:32:57 +01:00
Hans Dedecker
942904f7b9 dnsmasq: Specify directory /tmp/hosts as argument for --addn-hosts
Let dnsmasq read all hosts files in /tmp/hosts directory by specifying
/tmp/hosts as argument of --addn-host

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-13 23:32:20 +01:00
Felix Fietkau
66482e179b ath10k: fix DMA allocation issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-13 12:44:57 +01:00
Felix Fietkau
57f7f91f0c mac80211: refresh all patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-13 12:34:13 +01:00
Felix Fietkau
4872c36c55 ath9k: add a RCU related bugfix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-13 12:34:12 +01:00
Kevin Darbyshire-Bryant
88f8c8d7eb iproute2: support latest cake & restore DSCP washing
Support new packet overhead passing paradigm in cake qdisc, also restore
DSCP wash/nowash keywords.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-12 16:42:06 +01:00
Kevin Darbyshire-Bryant
1f0ff783f0 kmod-sched-cake: update & restore DSCP washing
Track upstream changes, incl changes in packet overhead accounting
(automatically taking care of linux' packet sizing knowledge),
improvements to triple isolated DRR handling (new flow dominance),
statistics tweak & allow more packet drops in stressed conditions.

Under tests this has significantly improved latency control under
'many flows to one' scenarious as is typical of bittorrent and MS
Windows update.

I also restored 'DSCP washing' functionality in my repo which follows
upstream closely (like a hawk!) with tc keywords 'wash/nowash'.  This
allows cake to limit/control packets in bands determined by a packet's
DSCP but to clear those DSCP bits on qdisc egress.  This functionality
was originally removed as part of an attempt to push cake into the
kernel, which hasn't actually happened as yet.

A matching commit is required to iproute2/tc to support the new overhead
handling, keyword changes as well as the 'wash/nowash' tweak.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-12 16:42:06 +01:00
Felix Fietkau
b305b8c386 mt76: update to the latest version, fixes dfs issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:54:47 +01:00
Felix Fietkau
b9ddf3098b tcpdump: reduce size of -mini by removing more infrequently used protocols
This removes:
- BGP
- CDP
- SCTP

MIPS binary .ipk size is reduced from ~150k to ~130k

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:20 +01:00
p-wassi
a4a00d794f net/utils/tcpdump: update to 4.8.1
Update tcpdump to upstream release 4.8.1

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-12-12 10:22:19 +01:00
Felix Fietkau
64590f3c7e mbedtls: tune config to reduce size and improve performance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:19 +01:00
Felix Fietkau
732c24a0ca mbedtls: sync with polarssl config
One of those changes is re-enabling blowfish support to make
openvpn-mbedtls compatible with common configurations

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:19 +01:00
Magnus Kroken
a456dd96e7 openvpn: quote parameters to --push in openvpn config file
OpenVPN requires arguments to --push to be enclosed in double quotes.
One set of quotes is stripped when the UCI config is parsed.
Change append_params() of openvpn.init to enclose push parameters in
double quotes.

Unquoted push parameters do not cause errors in OpenVPN 2.3,
but OpenVPN 2.4 fails to start with unquoted push parameters.

Fixes: FS#290.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-12 10:22:19 +01:00
Magnus Kroken
4b8c69258e mbedtls: enable MBEDTLS_DHM_C
This option is required by OpenVPN, and OpenVPN 2.4 uses mbedTLS 2.x.
DHM_C is also already enabled in the PolarSSL 1.3.x config.h.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-12 10:22:19 +01:00
Felix Fietkau
441ee62931 ar71xx: remove AP83 reference design board support
This board is very old and unlikely to still be relevant today. Support
for it contains a significant amount of device specific baggage which is
worth getting rid of.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:18 +01:00
Piotr Dymacz
c40477519e uboot-envtools: add support for YunCore SR3200 and XD3200
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-12 09:57:40 +01:00
Christian Schoenebeck
6ae71708c9 ca-certificates: update to version 20161130
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2016-12-12 09:57:40 +01:00
Yutang Jiang
ad907e1c03 layerscape: add 64b/32b target for ls1046ardb device
Add support for NXP layerscape ls1046ardb 64b/32b Dev board.

LS1046ARDB Specification:
-------------------------
Memory subsystem:
* 8GByte DDR4 SDRAM (64bit bus)
* 512 Mbyte NAND flash
* Two 64 Mbyte high-speed SPI flash
* SD connector to interface with the SD memory card
* On-board 4G eMMC
Ethernet:
* Two XFI 10G ports
* Two SGMII ports
* Two RGMII ports
PCIe:
* PCIe1 (SerDes2 Lane0) to miniPCIe slot
* PCIe2 (SerDes2 Lane1) to x2 PCIe slot
* PCIe3 (SerDes2 Lane2) to x4 PCIe slot

* USB 3.0: one super speed USB 3.0 type A port, one Micro-AB port
* UART: supports two UARTs up to 115200 bps for console

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-12-12 09:57:40 +01:00
Yutang Jiang
76fa771a78 layerscape: fman-ucode: prefer github over git.freescale.com
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-12-12 09:57:40 +01:00
Yutang Jiang
d5fc7430ca layerscape: uboot-layerscape: prefer github over git.freescale.com
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-12-12 09:57:40 +01:00
Julian Labus
b0ac825884 base-files: Changed UCI variable name for GPIO value from 'default' to 'value'
This changes the UCI variable for the GPIO value from system.$cfg.default back
to system.$cfg.value as it was before the change from uci-defaults [1] to board.d.
/etc/init.d/gpio_switch [2] still expects the value to be in system.$cfg.value.

[1] d65916047b/package/base-files/files/lib/functions/uci-defaults.sh (L197)
[2] https://github.com/lede-project/source/blob/master/package/base-files/files/etc/init.d/gpio_switch#L17

Signed-off-by: Julian Labus <julian@labus-online.de>
2016-12-12 09:57:40 +01:00
Hauke Mehrtens
4dbdba36f8 kernel: add TI tmp102 and tmp103 temperature sensors
This just adds the kmods for these kernel modules.
This is found on some Lantiq / Intel reference boards.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-10 16:06:40 +01:00
Jo-Philipp Wich
9791fb2ac2 build: support adding version code to file names (FS#323)
Now that the VERSION_NUMBER variable holds the human friendly name and not
the commit ID anymore, we need to support adding the revision ID as well.

Introduce a new config variable CONFIG_VERSION_CODE_FILENAMES which, if set,
causes the resulting file names to contain a commit ID designation as printed
by scripts/getver.sh.

Also sanitize the input variables to ensure that the resulting strings are
lowercased and no not contain spaces.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-09 17:16:43 +01:00
Arjen de Korte
4fbd3aa278 dnsmasq: Fix splitting hostid for DHCPv6 static leases
Correct splitting the 32-bit 'hostid' value to two 16-bit hexadecimal
values. Previously, the lower 16-bit value was truncated to an 8-bit
value, which would result in hostid values 100 and 200 both to be set
to [::0:0] instead of [::0:100] and [::0:200] respectively.

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
2016-12-06 07:55:07 +01:00
Florian Eckert
854459a2f9 dnsmasq: reload config if host name is modified
If the hostname in /etc/config/system is modified the dnsmasq will not
reread the update host file under /tmp/hosts/dhcp.$cfg.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-12-04 15:56:04 +01:00
Álvaro Fernández Rojas
4257f6548b brcm2708-gpu-fw: update to latest version
Also switches hases to SHA256

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-12-04 12:32:02 +01:00
Alexandru Ardelean
8cb476c853 libs: libnetfilter-queue: update to a newer version in git repo
Last release of libnetfilter-queue was in 2012.
There don't seem to be any release tarballs since then.

This updates it to a more recent version, pointing to the git repo.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-04 11:41:53 +01:00
Pierre Lebleu
898857f77a ppp: Split the ppp-up for the IPv6 part
Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
2016-12-04 11:41:53 +01:00
Florian Fainelli
5763e438f6 kernel: add kernel package for the rs5c372a rtc module
This RTC is used on the Buffalo Terastation Pro II/Live devices.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Felix Fietkau
81b5e8e5d2 base-files: add a hint in sysupgrade that shows what to do when the image metadata check fails
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Hauke Mehrtens
abedd718aa cyassl: update to wolfssl version 3.9.10
This fixes the following security problems:
CVE-2016-7440: Software AES table lookups do not properly consider cache-bank access times
CVE-2016-7439: Software RSA does not properly consider cache-bank monitoring
CVE-2016-7438: Software ECC does not properly consider cache-bank monitoring
SWEET32 Attack

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:35:35 +01:00
Hauke Mehrtens
7e6c53dac9 valgrind: update to 3.12.0
Support for MIPS toolchains without FPU support was added upstream,
so remove our patch.

patches/310-mips-link-tool.patch was a backport form this version of valgrind
src/abort.c is not referenced anywhere

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:03:56 +01:00
Hauke Mehrtens
4e07167eff curl: update to version 7.51.0
This fixes the following security problems:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:44 +01:00
Hauke Mehrtens
99ea26883b mbedtls: update to version 2.4.0
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:20 +01:00
Hauke Mehrtens
280fdac18f polarssl: update to version 1.3.18
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:36:34 +01:00
Jo-Philipp Wich
5f3c96c285 build: adjust version number handling
Move the revision info to the VERSION_CODE variable and default VERSION_NUMBER
to CURRENT for master branch builds.

Also introduce a new menuconfig option CONFIG_VERSION_CODE which allows users
to override the revision value put into VERSION_CODE and adjust the template
files used by the base-files package to accomodate for the changed semantics.

While we're at it, also adjust the various URLs to match the current web site.

After this commit, the relevent files will look like the examples given below:

    # cat /etc/openwrt_version
    r2398+1

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='CURRENT'
    DISTRIB_REVISION='r2398+1'
    DISTRIB_CODENAME='reboot'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Reboot CURRENT r2398+1'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="CURRENT, Reboot"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Reboot CURRENT"
    VERSION_ID="current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2398+1"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Reboot CURRENT r2398+1"

On a release branch, those files would look like:

    # cat /etc/openwrt_version
    r2399

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='16.12-CURRENT'
    DISTRIB_REVISION='r2399'
    DISTRIB_CODENAME='test_release'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Test Release 16.12-CURRENT r2399'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="16.12-CURRENT, Test Release"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Test Release 16.12-CURRENT"
    VERSION_ID="16.12-current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2399"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Test Release 16.12-CURRENT r2399"

On a release tag, those files would look like:

    # cat /etc/openwrt_version
    r2500

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='17.02.1'
    DISTRIB_REVISION='r2500'
    DISTRIB_CODENAME='mighty_unicorn'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Mighty Unicorn 17.02.1 r2500'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="17.02.1, Mighty Unicorn"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Mighty Unicorn 17.02.1"
    VERSION_ID="17.02.1"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2500"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Mighty Unicorn 17.02.1 r2500"

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 16:02:02 +01:00
Felix Fietkau
1947cf36ba procd: update to the latest version, fixes killing jailed processes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 13:55:23 +01:00
Felix Fietkau
a2e197d972 libubox: update to the latest version
- Improves C++ compatibility
- Adds static initializers for the kvlist API

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 20:14:52 +01:00
Felix Fietkau
4d448cf720 xtables-addons: add CONFIG_NF_CONNTRACK_MARK=y to all kmod-* packages
Not all kmod packages depends on kmod-ipt-compat-xtables, but this
kernel config option is required for building the whole package

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 14:24:03 +01:00
Jo-Philipp Wich
4596f9b5ac e2fsprogs: avoid picking up incompatible libcom_err.so
Commit 2728512 ("e2fsprogs: List all libraries explicitly") forced the
e2fsprogs build system to link libcom_err.so in various places.

Unfortunately, the krb5 package also ships a libcom_err.so with a totally
different ABI and puts it into the global staging directory which causes
e2fsprogs to pick up this wrong library, leading to the following failure:

    	LD blkid
    ../lib/libext2fs.so: undefined reference to `_et_list'
    collect2: error: ld returned 1 exit status
    Makefile:504: recipe for target 'blkid' failed

Change the SYSLIBS specification to explicitely link libcom_err.so.0.0
which in order to work around the problem.

In the long run, the libcom_err clash between e2fsprogs and krb5 needs to
be solved properly.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-30 23:32:17 +01:00
Felix Fietkau
f2010b0929 rtc-rv5c386a: fix include path for bcm47xx_nvram.h
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-30 12:47:25 +01:00
Alberto Bursi
d52676d1ea base-files: add a wrapper for init scripts in profile
"service" is a simple wrapper that will allow to call init.d scripts

current method:     #  /etc/init.d/network reload
with the wrapper:   #  service network reload

If the wrapper is called without arguments or with a wrong init script name, it will print an error and list the content of /etc/init.d/ folder

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-29 21:12:08 +01:00
Mathias Kresin
36148d923b uboot-lantiq: Add BT Home Hub 5A support
Based on the submission to the uboot-lantiq repo by Martin Blumenstingl.

Use the ddr_settings.h from the GPL tarball. The NAND boot optimized
one (with memory tuning enabled) doesn't work for the UART boot image.

Use the same mtd layout as the stock u-boot. Add add UBI support.

Use the leds to indicate boot status like it is done with the stock
u-boot. Switch on the red power led if kernel image can't be loaded.
Otherwise switch the green led on.

Make only the ramboot u-boot available. Only this image is required for
the first installation of LEDE.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-29 21:40:16 +01:00
Martin Blumenstingl
448b9b67e1 kernel: mac80211: disable ath9k bands via device tree
These properties allow overriding the settings from the EEPROM
which indicate whether a band is enabled or not.
Setting this property is only needed when the RF circuit does not
support the 2.4GHz or 5GHz band while it is enabled nevertheless in the
EEPROM.

These patches will be replaced with a future upstream version which
will introduces an ieee80211 device tree property to disable bands.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-11-29 21:40:16 +01:00
Martin Blumenstingl
3f889418a5 kernel: mac80211: add pending ath9k EEPROM swapping patches
There are two types of swapping the EEPROM data in the ath9k driver.
Before this series one type of swapping could not be used without the
other.

The first type of swapping looks at the "magic bytes" at the start of
the EEPROM data and performs swab16 on the EEPROM contents if needed.
The second type of swapping is EEPROM format specific and swaps
specific fields within the EEPROM itself (swab16, swab32 - depends on
the EEPROM format).

With this series the second part now looks at the EEPMISC register
inside the EEPROM, which uses a bit to indicate if the EEPROM data
is Big Endian (this is also done by the FreeBSD kernel).
This has a nice advantage: currently there are some out-of-tree hacks
(in OpenWrt and LEDE) where the EEPROM has a Big Endian header on a
Big Endian system (= no swab16 is performed) but the EEPROM itself
indicates that it's data is Little Endian. Until now the out-of-tree
code simply did a swab16 before passing the data to ath9k, so ath9k
first did the swab16 - this also enabled the format specific swapping.
These out-of-tree hacks are still working with the new logic, but it
is recommended to remove them. This implementation is based on a
discussion with Arnd Bergmann who raised concerns about the
robustness and portability of the swapping logic in the original OF
support patch review, see [0].

After a second round of patches (= v1 of this series) neither Arnd
Bergmann nor I were really happy with the complexity of the EEPROM
swapping logic. Based on a discussion (see [1] and [2]) we decided
that ath9k should use a defined format (specifying the endianness
of the data - I went with __le16 and __le32) when accessing the
EEPROM fields. A benefit of this is that we enable the EEPMISC based
swapping logic by default, just like the FreeBSD driver, see [3]. On
the devices which I have tested (see below) ath9k now works without
having to specify the "endian_check" field in ath9k_platform_data (or
a similar logic which could provide this via devicetree) as ath9k now
detects the endianness automatically. Only EEPROMs which are mangled
by some out-of-tree code still need the endian_check flag (or one can
simply remove that mangling from the out-of-tree code).

[0] http://www.spinics.net/lists/linux-wireless/msg152634.html
[1] https://marc.info/?l=linux-wireless&m=147250597503174&w=2
[2] https://marc.info/?l=linux-wireless&m=147254388611344&w=2
[3] 50719b56d9/sys/dev/ath/ath_hal/ah_eeprom_9287.c (L351)

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-11-29 21:40:16 +01:00
Martin Blumenstingl
1847248fc1 kernel: mac80211: backport ath9k device tree support patches
These patches add support for configuring ath9k based devices via
devicetree. This was tested on PCI(e) based devices. This should work
for AHB based devices as well (adding more AHB specific properties may
still be needed) as soon as the ath79 platform is ready to populate the
ath9k wmac via devicetree.
This patchset was accepted upstream, more information can be found on
the linux-wireless list:
https://www.spinics.net/lists/linux-wireless/msg155474.html

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-11-29 21:40:16 +01:00
Stijn Tintel
9f109876ea kernel: have kmod-ipsec depend on kmod-crypto-echainiv
The ESP algorithms in CBC mode require echainiv, so have kmod-ipsec
depend on kmod-crypto-echainiv.

See upstream commit 32b6170ca59ccf07d0e394561e54b2cd9726038c.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-11-29 12:19:22 +01:00
Rafał Miłecki
e8fe83e1be iw: drop TX power patch that is part of upstream version now
Applying it again was resulting in duplicated TX info like:
Interface wlan0
        ifindex 6
        wdev 0x1
        addr 00:23:6a:a3:7d:00
        ssid LEDE2
        type AP
        wiphy 0
        channel 11 (2462 MHz), width: 20 MHz, center1: 2462 MHz
        txpower 31.00 dBm
        txpower 31.00 dBm

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-29 08:39:57 +01:00
Mathias Kresin
57d36e5bdd ltq-hcd: drop package
Since ffd7c15500 it isn't used anymore on
any supported target.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-27 15:34:23 +01:00
Mathias Kresin
d561b2f5ce gpio-button-hotplug: add more buttons
The keycodes are used by some boards.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-27 15:34:23 +01:00
Julian Kornberger
04a76da1ae ipset: Add InstallDev to provide libipset as library 2016-11-26 22:39:27 +01:00
Avi H. D
bbdb20f649 kernel: fix typo in input-gpio-encoder package title
Line 115, 'rotary' was misspelled as 'rotay'

Signed off by: Avinash Duduskar <strykar@hotmail.com>
2016-11-26 22:00:30 +01:00
Felix Fietkau
23a55102df kernel: remove another redundant KCONFIG entry in virt.mk
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-24 13:41:10 +01:00
Felix Fietkau
d5c3a7b1ab kernel: fix virtualization kmod dependencies and kconfig symbols
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-24 13:29:05 +01:00
Felix Fietkau
e57bed5bc3 kernel: remove kmod-vhost_net, fixes build breakage
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-24 13:26:04 +01:00
Florian Fainelli
a9dce48b22 libnl-tiny: Remove GENL_ID_GENERATE
This constant was always defined to 0, and recently got removed in
upstream commit a07ea4d9941af5a0c6f0be2a71b51ac9c083c5e5 ("genetlink: no
longer support using static family IDs")

Fixes libnl-tiny builds with latest upstream kernels.

Fixes: d723f2573a ("libnl-tiny: remove include/linux overrides to fix various build issues")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-11-24 12:53:19 +01:00
Yousong Zhou
d206dfdf35 package: add kernel packages for kvm virtualization
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2016-11-24 12:53:18 +01:00
Paul Wassi
4081333084 package/utils/fuse: update to 2.9.7
Update fuse+libfuse to upstream 2.9.7. Drop the patch for CVE-2015-3202,
which is already integrated in the newer version. Rework the other patches.
Also switch PKG_SOURCE from @SF to libfuse's github releases.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-11-24 12:53:17 +01:00
Eddi De Pieri
9720185820 uboot-envtools: make it not shared
uboot-envtools have some stuff related to the cpu.

This should fix following error on lantiq soc:

Downloading http://downloads.lede-project.org/snapshots/packages/mips_24kc/base/uboot-envtools_2015.10-1_mips_24kc.ipk.
Configuring uboot-envtools.
//usr/lib/opkg/info/uboot-envtools.postinst: .: line 10: can't open '/lib/ar71xx.sh'

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
2016-11-23 10:17:55 +01:00
Eddi De Pieri
ea12a80276 uboot-lantiq: vgv7519 fix tftp loading of big kernel/image size
On my board:
Bytes transferred = 7084442 (6c199a hex)
   Image Name:   MIPS OpenWrt Linux-3.10.49
   Created:      2014-11-11  17:40:00 UTC
   Image Type:   MIPS Linux Kernel Image (lzma compressed)
   Data Size:    7084378 Bytes = 6.8 MiB
   Load Address: 80002000
   Entry Point:  80002000
   Verifying Checksum ... OK
   Uncompressing Kernel Image ... LZMA: uncompress or overwrite error
7 - must RESET b
ROM VER: 1.0.5
CFG 01

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
2016-11-23 08:43:49 +01:00
Ben Greear
4592067a24 ath10k-ct-firmware: Update to latest firmwares.
The 10.1 includes a good many stability fixes related to the effort of
backporting upstream 10.2 firmware.  Also enables 802.1q vlan support.
Successfully tested on apu2.

The 10.4 firmwares including new backported code as well as stability
fixes.  10.4 has been tested on Fedora x86-64 platforms, but not on LEDE
specifically since I had issues compiling LEDE for my 9980/9984 AP hardware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-11-22 10:50:59 +01:00
Ben Greear
f94bee8c02 ath10k-ct: Update to latest.
Fixes locking issue, quietens some potential message floods.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-11-22 10:50:51 +01:00
Felix Fietkau
4da8bde638 netifd: update to the latest version
Fixes config reload on bridge MAC address changes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-22 10:48:41 +01:00
Jonas Gorski
48cfc826eb base-files: ignore failure of stopping services on removal
Packages that do a killall <cmd> with the same name as the init script
will fail the prerm step when the service isn't running. Do make them
removable without having to restart the service, ignore the return code.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-11-21 18:40:15 +01:00
Jonas Gorski
88a14bfd1d opkg: run prerm scripts for the old version also on upgrade
To make sure we properly restart services on upgrade we need to
call the prerm script of the old package, in case the init script
changes (or vanishes).

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-11-21 18:40:15 +01:00
Jonas Gorski
afaa34ccd7 base-files: don't modify enabled state of service on upgrade
Properly stop/start services on upgrade, but don't change the enabled
state.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-11-21 18:40:15 +01:00
Jonas Gorski
a58f176ef2 opkg: set PKG_UPGRADE also when running scripts for the old package
Allow scripts from the package to be upgraded to be aware of being
upgraded.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-11-21 18:40:15 +01:00
John Crispin
3c52cbfa53 Revert "grub2: add PKG_FIXUP:=autoreconf"
this caused build errors on x86

This reverts commit a0ea22ac43.

Signed-off-by: John Crispin <john@phrozen.org>
2016-11-21 16:49:54 +01:00
Alexandru Ardelean
a0ea22ac43 grub2: add PKG_FIXUP:=autoreconf
The host-side build of grub2 requires this sometimes.
This will re-generate the ./configure script from configure.ac.
I don't know the conditions of how this reproduces, it just
sometimes appears, and sometimes doesn't.

Build error
```
<lede-dir>/build_dir/target-x86_64_musl-1.1.15_yogi/host/grub-2.02~beta2/build-aux/missing: line 81: aclocal-1.14: command not found
WARNING: 'aclocal-1.14' is missing on your system.
         You should only need it if you modified 'acinclude.m4' or
         'configure.ac' or m4 files included by 'configure.ac'.
         The 'aclocal' program is part of the GNU Automake package:
         <http://www.gnu.org/software/automake>
         It also requires GNU Autoconf, GNU m4 and Perl in order to run:
         <http://www.gnu.org/software/autoconf>
         <http://www.gnu.org/software/m4/>
         <http://www.perl.org/>
Makefile:3962: recipe for target 'aclocal.m4' failed
```

Adding PKG_FIXUP adds sanity (i.e. autoreconf is used for host & target
builds) over just using HOST_FIXUP.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-11-21 12:54:24 +01:00
John Crispin
320d8fa3bc odhcpd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-11-21 12:16:55 +01:00
John Crispin
41164ba2dc odhcpd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-11-21 12:04:23 +01:00
Magnus Kroken
a74394be00 openvpn: update to 2.3.13
Changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.13

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-11-21 10:11:53 +01:00
Paul Wassi
d6e8b1f841 uboot-envtools: add 'dockstar' for kirkwood
Add board 'dockstar' to known fw_env-configurations.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-11-21 10:10:38 +01:00
Piotr Dymacz
d86f08cc94 uboot-envtools: add support for YunCore CPE830
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-11-21 10:05:40 +01:00
Piotr Dymacz
dcceea4fd3 uboot-envtools: add support for YunCore CPE870
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-11-21 10:05:40 +01:00
Piotr Dymacz
9ee8257cc7 uboot-envtools: add support for YunCore AP90Q
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-11-21 10:05:40 +01:00
Felix Fietkau
cc853810a4 base-files: validate metadata of sysupgrade images
Use fwtool to extract it, only require metadata to be present if the
platform sysupgrade script sets REQUIRE_IMAGE_METADATA=1

Image metadata is in JSON format and contains a list of supported
devices, along with version information that could be displayed by a UI
later before the actual upgrade happens.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-19 11:24:09 +01:00
Felix Fietkau
929641fa1f fwtool: add utility for appending and extracting firmware metadata/signatures
This will be used to append extra information to images which allows the
system to verify if an image is compatible with the system.

The extra data is appended to the end of the image, where it will be
ignored when upgrading from systems that do not process this data yet:

If the image is a squashfs or jffs2 image, the extra data will land
after the end-of-filesystem marker, where it will be overwritten once
the system boots for the first timee.

If the image is a sysupgrade tar file, tar will simply ignore the extra
data when unpacking.

The layout of the metadata/signature chunks is constructed in a way
that the last part contains just a magic and size information, so that
the tool can quickly check if any valid data is present without having
to do a pattern search throughout the full image.

Chunks also contain CRC32 information to detect file corruption, even
when the image is not signed.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-19 11:24:09 +01:00
Rafał Miłecki
1c6fd8c1ee osafeloader: new util for extracting partitions from SafeLoader
SafeLoader is image format used by some TP-LINK devices. This tool
allows extracting selected partitions out of it. It can be used for
sysupgrade.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-19 07:58:25 +01:00
Vitaly Chekryzhev
4545a60edb kernel/modules: add kmod-switch-rtl8367b
Add build option for RTL8367R/VB switches.

Signed-off-by: Vitaly Chekryzhev <13hakta@gmail.com>
2016-11-17 20:01:21 +01:00
Felix Fietkau
d723f2573a libnl-tiny: remove include/linux overrides to fix various build issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-17 13:36:09 +01:00
Matthias Schiffer
c18bf14dab
hostapd: fix PKG_CONFIG_DEPENDS for CONFIG_WPA_SUPPLICANT_*
These symbols don't affect wpa-supplicant only, but also wpad.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-11-16 20:59:17 +01:00
Alexandru Ardelean
c437a67152 devel/strace: fix build only on powerpc arch
Reboot of 519a199cbc
Which broke other builds.

This time, added compile flags to build only for POWERPC archs

Tested on mpc85xx, ar71xx and bcm2708.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-11-16 11:03:25 +01:00
Yutang Jiang
4a6f9fc633 layerscape: uboot: using perl script:byte_swap.pl to replace tcl script:byte_swap.tcl
Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-11-16 10:58:09 +01:00
dpeddi
4649a92901 lantiq: disable VMMC_COEF for non FALCON device
Signed-off-by: Eddi De Pieri <eddi@depieri.net>
2016-11-16 10:57:48 +01:00
Daniel Engberg
d5e84ca30f package/firmware/fman-ucode: Use HTTPS
Change URL to use HTTPS instead of HTTP

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-11-16 10:54:33 +01:00
Daniel Engberg
1531c9d340 package/devel/trace-cmd: Add mirror
Adds Google's mirror as primary source and kernel.org as fallback.
Same as commit 0d4f02dfd6

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-11-16 10:54:33 +01:00
Alexey Brodkin
84d57fc485 mac80211: Make wlcore platform-independent
TI wl18xx and wl12xx are Wi-Fi/Bluetooth combo modules
that could be found on different existing boards.

But it is possible to get those modules as a separate
component and use with existing boards as well as
new boards equipped with either module may appear so we
remove dependency on OMAP instead we add dependency on MMC
because this Wi-Fi module uses SDIO interface.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Cc: Felix Fietkau <nbd@nbd.name>
Cc: Imre Kaloz <kaloz@openwrt.org>
Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
2016-11-16 10:54:33 +01:00
Matthias Schiffer
fa845e9978
ath9k: add support for the HSR tuner of the Ubiquiti UAP Outdoor+
Without setting the HSR to the selected channel, the WLAN of the UAP
Outdoor+ will exhibit high packet loss in RX.

Based-on-patch-by: Stefan Rompf <stefan@loplof.de>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-11-15 18:54:06 +01:00
Matthias Schiffer
a250556d27
ath9k: fix ath9k_hw_gpio_get() to return 0 or 1 on success
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-11-15 18:54:05 +01:00
Hans Dedecker
e58f3f515f odhcpd: Add reload support
odhcpd daemon has hitless config reload support by means of the
sighup signal; add reload_service function which uses sighup
signal to reload the config

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-11-14 20:35:13 +01:00
Felix Fietkau
913219e6fe ubox: update to the latest version
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-14 19:55:53 +01:00
Ralph Sennhauser
32cfd3bd50 arptables: bump to 2015-05-20
This fixes building with musl and drops the dependency on the OpenWrt
kernel-header patches:

  270-uapi-kernel.h-glibc-specific-inclusion-of-sysinfo.h.patch
  271-uapi-libc-compat.h-do-not-rely-on-__GLIBC__.patch
  272-uapi-if_ether.h-prevent-redefinition-of-struct-ethhd.patch

Use the new upstream location at netfilter.org and use a define instead
of a patch to "optimize".

See also: https://git.netfilter.org/arptables/log/

Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
[Jo-Philipp Wich: add mirror SHA256 sum]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-14 13:14:30 +01:00
Jo-Philipp Wich
dc7c9f590a conntrack-tools: update to v1.4.4
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-14 13:03:53 +01:00
Jo-Philipp Wich
32f8b36d59 libnetfilter-conntrack: update to v1.0.6
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-14 13:03:53 +01:00
Nikos Mavrogiannopoulos
00e0a7d600 nettle: enable fat build
This allows to include optimizations such as ARM neon which
are detected on run-time.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
[Jo-Philipp Wich: picked from openwrt#191 and rebased onto LEDE master]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-14 13:03:53 +01:00
Rafał Miłecki
fc93494066 iw: fix build error caused by redeclaration of NL80211_ATTR_PAD
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Fixes: 7aff00ab19 ("iw: update to version 4.9")
2016-11-12 16:30:06 +01:00
Rafał Miłecki
7aff00ab19 iw: update to version 4.9
This adds support for "channels" command which displays more details
about channels. It includes e.g. info about available widths.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-12 16:09:19 +01:00
Rafał Miłecki
7305b55588 iw: update to version 4.7
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-12 16:04:16 +01:00
Marek Lindner
9978a3e2ca base-files: Prefer busybox arp over /proc/net/arp alias
A firmware compiled with BUSYBOX_CONFIG_ARP should also use by default the
arp binary from busybox. Otherwise the extra functionality the user
requested can only be used when running arp with the path to the binary.

Signed-off-by: Marek Lindner <marek.lindner@open-mesh.com>
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2016-11-10 16:12:52 +01:00
Mathias Kresin
b6832817eb mac80211: rt2x00: add support for mac addr from device tree
Backport upstream accepted patch which allows to override the EEPROM
mac address with one from device tree.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-09 20:02:18 +01:00
Mathias Kresin
e7c019c24d mac80211: rt2x00: fold patches
The patch 615-rt2x00-fix_20mhz_clk.patch fixes code introduced by
611-rt2x00-rf_vals-rt3352-xtal20.patch and makes the the platform data
property clk_is_20mhz obsolete.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-09 20:02:18 +01:00
Jo-Philipp Wich
6649a172f2 Revert "devel/strace: fix build on mpc85xx target"
This reverts commit 519a199cbc.

Multiple users have reported building failures on ARM architectures, e.g.:

    In file included from defs.h:42:0,
                     from process.c:37:
    process.c:51:22: error: 'struct user_regs' has no member named 'ARM_r0'
     #define uoff(member) offsetof(struct user, member)
                          ^
    ./linux/arm/userent.h:1:3: note: in expansion of macro 'uoff'
     { uoff(regs.ARM_r0), "r0" },
       ^

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-08 20:00:42 +01:00
Felix Fietkau
36cccbb283 kernel: select kmod-phy-bcm-ns-usb* from kmod-usb* for bcm53xx
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-08 14:25:07 +01:00
Jo-Philipp Wich
113544dccf firewall: update to fix FS#31, FS#73, FS#154, FS#248
Update to latest Git head in order to import several fixes and enhancements.

- Disable drop invalid by default (FS#73, FS#154)

  Instead of dropping packets with conntrack state INVALID, only allow streams
  with explicit NEW or UNTRACKED conntrack state.

  This change gives user defined rules the chance to accept traffic like ICMPv6
  multicast which would be filtered away by the very early ctstate INVALID drop
  rule otherwise.

  The old behaviour can be restored by explicitely setting "drop_invalid" to 1
  in the global firewall config section.

- Fix re-initialization of loadable iptables extensions on musl (FS#31)

  Since musl does not implement actual dlclose() semantics, it is impossible to
  re-run initializers on subsequent dlopen() calls.

  The firewall3 executable now intercepts the extension registration calls
  instead in order to be able to re-call them when needed.

  This also allowed us to switch to libxtables' builtin extension loader as a
  positive side-effect.

- Fix masquerade rules for multiple negated IP addresses (FS#248)

  When building MASQUERADE rules for zones which specify multiple negated
  addresses in masq_src or masq_dest, emit -j RETURN rules which jump out of
  the masquerading chain instead of creating multiple rules with inverted "-s"
  arguments.

- Tag own rules using comments

  Instead of relying on the nonstandard xt_id match, use the xt_comment match
  to mark own rules. Existing comments are prefixed with "!fw3: " while
  uncommented rules are marked with a sole "!fw3" string.

  This allows removing the xt_id match entirely in a later commit.

- Make missing ubus connection nonfatal

  Technically, firewall3 is able to operate without ubus just fine as long as
  the zones are declared using "option device" or "option subnet" instead of
  "option network" so do not abort execution if ubus could not be connected or
  of no network namespace is exported in ubus.

  This allows running firewall3 on ordinary Linux systems.

- Fix conntrack requirement detection for indirectly connected zones

  The current code fails to apply the conntrack requirement flag recursively to
  zones, leading to stray NOTRACK rules which break conntrack based traffic
  policing.

  Change the implementation to iteratively reapply the conntrack fixup logic
  until no more zones had been changed in order to ensure that all directly and
  indirectly connected zones receive the conntrack requirement flag.

- Add support for iptables 1.6.x

  Adds support for the xtables version 11 api in order to allow building
  against iptables 1.6.x

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-08 11:35:50 +01:00
Christian Lamparter
9c91335dc7 iperf3: update to version 3.1.4
"This release fixes a few minor bugs, including a
(non-security-impacting) buffer overflow fix ported
from upstream cjson."
<http://software.es.net/iperf/news.html#iperf-3-1-4-released>

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-08 11:17:11 +01:00
Mathias Kresin
4f7a0601e6 mac80211: rt2x00: add mtd-eeprom swab function
Most of the lantiq devices with ralink wifi have the EEPROM stored
in big endian byte order in flash, but the driver expects the EEPROM to
be in little endian.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-08 11:17:11 +01:00
Mathias Kresin
7f235df571 mac80211: rt2x00: remove eeprom filename dependency from mtd-eeprom
The ralink,mtd-eeprom device tree property doesn't require the
ralink,eeprom property to work.

Rework the error handling and user notification as well. Do not log an
error if the mtd-eeprom parameter isn't used. It could be intentional
and should not scare the user.

Check if the number of bytes read from the mtd devices matches the
requested number of bytes.

In case of an mtd read error, give a hint to the user which partition
was tried to read from.

In case everything is fine, notify the user as well.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-08 11:17:10 +01:00
Mathias Kresin
2516c0572e mac80211: rt2x00: improve eeprom_file property handling
Call the rt2x00lib_get_eeprom_file_name only once and from the function
where the EEPROM filename is required.

Error only out if an EEPROM file is mandatory. Use the
REQUIRE_EEPROM_FILE bit to determine if it is mandatory.

Do not set the REQUIRE_EEPROM_FILE bit while requesting an EEPROM file.
It should be (and is) set before requesting an EEPROM file.

Do not redirect users to upstream while using a function of a custom
patch.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-08 11:17:10 +01:00
Hans Dedecker
a50243ea1f dnsmasq: Support add-mac option
Adds the mac address of the DNS requestor to DNS queries which
are forwarded upstream and can be used to do filtering by the
upstream servers. This only works if the requestor is on the
same subnet as the dnsmasq server

The addmac parameter can hold the following values:
	0 : mac address is not added
	1 : mac address is added in binary format
	base64 : mac address is added base64 encoded
	text: : mac address is added in human readable format
		as hex and colons

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-11-08 11:17:10 +01:00
Alberto Bursi
2cb4b267bd mdadm: move to Disc submenu
As in Disc there is also lvm2 and other hard drive tools in the Openwrt package feeds.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
decf6b3314 yamonenv: move to Boot Loaders submenu
Boot Loaders submenu is the place where all other boot loaders are.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
e4fef72244 comgt: move to WWAN submenu, fixed link
moving comgt and its modules to WWAN submenu to join uqmi as both are tools for WWAN modems.

I replaced the link with comgt's ubuntu manpage because the old link isn't working anymore.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
9abdeee0b7 uqmi: moved to WWAN submenu
Moving uqmi to WWAN submenu

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Christian Schoenebeck
7ee661def6 ca-certificates: update to version 20161102
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2016-11-08 10:49:51 +01:00
Florian Larysch
dfc14bd145 kernel: add kernel module package for the DS1374 RTC
Package the driver for the DS1374 chip present on the T4240RDB.

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix missing symbol]
2016-11-08 10:49:40 +01:00