Commit graph

42233 commits

Author SHA1 Message Date
Hauke Mehrtens
b19622044d mbedtls: Activate deterministic ECDSA
With deterministic ECDSA the value k needed for the ECDSA signature is
not randomly generated any more, but generated from a hash over the
private key and the message to sign. If the value k used in a ECDSA
signature or the relationship between the two values k used in two
different ECDSA signatures over the same content is know to an attacker
he can derive the private key pretty easily. Using deterministic ECDSA
as defined in the RFC6979 removes this problem by deriving the value k
deterministically from the private key and the content which gets
signed.

The resulting signature is still compatible to signatures generated not
deterministic.

This increases the size of the ipk on mips 24Kc by about 2 KByte.
old:
166.240 libmbedtls_2.11.0-1_mips_24kc.ipk
new:
167.811 libmbedtls_2.11.0-1_mips_24kc.ipk

This does not change the ECDSA performance in a measurable way.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-07-07 18:33:53 +02:00
Daniel Engberg
5a078180d0 mbedtls: Disable MBEDTLS_SHA256_SMALLER implementation
Disable MBEDTLS_SHA256_SMALLER implementation, not enabled by default in
upstream and reduces performance by quite a bit.

Source: include/mbedtls/config.h

Enable an implementation of SHA-256 that has lower ROM footprint but also
lower performance.

The default implementation is meant to be a reasonnable compromise between
performance and size. This version optimizes more aggressively for size at
the expense of performance. Eg on Cortex-M4 it reduces the size of
mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of
about 30%.

The size of mbedtls increased a little bit:
ipkg for mips_24kc before:
164.382 Bytes
ipkg for mips_24kc after:
166.240 Bytes

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-07-07 18:31:13 +02:00
Daniel Engberg
10554cfcc1 mbedtls: Update to 2.11.0
Update mbed TLS to 2.11.0

Disable OFB block mode and XTS block cipher mode, added in 2.11.0.
The soVersion of mbedtls changed, bump PKG_RELEASE for packages that use mbedTLS
This is to avoid having a mismatch between packages when upgrading.

The size of mbedtls increased a little bit:
ipkg for mips_24kc before:
163.846 Bytes
ipkg for mips_24kc after:
164.382 Bytes

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-07-07 18:29:14 +02:00
Daniel Engberg
f15f3286e3 mbedtls: cleanup config patch
Clean up patch, use "//" consistently.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-07-07 18:19:39 +02:00
Daniel Engberg
3accbc6aac sunxi: Enable SD block devices
USB storage support is however SCSI Disk block device support isn't
meaning that connected devices wont enumerate.
Enable CONFIG_BLK_DEV_SD by default to fix it.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-07-07 18:19:39 +02:00
Alexandru Ardelean
7de50d1917 brcm2708: platform.sh: fix tar directory directive
BusyBox's `tar` command does not support the `--directory` directive, which
is essentially `-C` in short-form option.
BusyBox's `tar` command supports `-C`.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2018-07-07 18:19:39 +02:00
Enrico Mioso
231b0177fb libconfig: update to version 1.7.2
The previous link did not work here.

Compile-tested on: bcm47xx
Runtime-tested on: bcm47xx

Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
2018-07-07 18:19:39 +02:00
Luis Araneda
8f60c3d571 kernel: remove DEVMEM and DEVKMEM from target's config
These options are handled by generic configuration

Targets that need these options should select KERNEL_DEVMEM
and/or KERNEL_DEVKMEM options on OpenWRT's config

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
2018-07-07 18:19:39 +02:00
Tim Small
e97aaf483c WDR4900v1 remove dt node for absent hw crypto.
The WDR4900v1 uses the P1040 SoC, so the device tree pulls in the
definition for the related P1010 SoC.  However, the P1040 lacks the
CAAM/SEC4 hardware crypto accelerator which the P1010 device tree
defines.  If left defined, this causes the CAAM drivers (if present) to
attempt to use the non-existent device, making various crypto-related
operations (e.g. macsec and ipsec) fail.

This commit overrides the incorrect dt node definition in the included
file.

See also:
 - https://bugs.openwrt.org/index.php?do=details&task_id=1262
 - https://community.nxp.com/thread/338432#comment-474107

Signed-off-by: Tim Small <tim@seoss.co.uk>
2018-07-07 18:19:39 +02:00
Yousong Zhou
191078e83d ca-certificates: ca-bundle: add symlink for openssl default setting
OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem.  This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation

Fixes openwrt/packages#6152

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-07-07 18:19:39 +02:00
Antti Seppälä
9f451ec698 kernel: usb: dwc2 DMA alignment fixes
Add two patches submitted for upstream review that significantly improve
the dwc2 driver on openwrt from kernel stability and performance
perspectives.

Fixes: FS#1367

Signed-off-by: Antti Seppälä <a.seppala@gmail.com>
2018-07-07 18:19:39 +02:00
Florian Eckert
c79ef6fbe3 linux: update license tag to use correct SPDX tag
Use SPDX tag.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-07-07 16:12:03 +02:00
Felix Fietkau
d3a7587eb9 toolchain/nasm: fix missing AR/RANLIB variables
Fixes build on macOS

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-07 14:53:26 +02:00
Felix Fietkau
bf136c637c perf: remove linux 4.4 workarounds
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-07 14:53:26 +02:00
Felix Fietkau
c3bdb89e61 kernel: remove linux 4.4 support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-07 14:53:26 +02:00
Felix Fietkau
1e6c30690c libubox: update to the latest version
3c1b33b utils: add const_* byteswapping functions

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-07 14:53:26 +02:00
Zoltan HERPAI
10e393262c firmware: amd64-microcode: update to 20180524
* New microcode update packages from AMD upstream:
    + New Microcodes:
      sig 0x00800f12, patch id 0x08001227, 2018-02-09
    + Updated Microcodes:
      sig 0x00600f12, patch id 0x0600063e, 2018-02-07
      sig 0x00600f20, patch id 0x06000852, 2018-02-06
  * Adds Spectre v2 (CVE-2017-5715) microcode-based mitigation support,
    plus other unspecified fixes/updates.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2018-07-07 12:23:00 +02:00
Kevin Darbyshire-Bryant
4bd4ece9ea kmod-sched-cake: bump to latest 20180706
Fixes a potential infinite loop bug when in unlimited (ie not using
built in shaper) mode.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-07-07 11:10:59 +01:00
Hannu Nyman
7ec931b7f0 tools/ccache: update to 3.4.2
update version and refresh patch

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2018-07-06 17:50:30 +02:00
Hannu Nyman
55fa8068c4 tools/cmake: update to 3.11.4
Update cmake and refresh patches.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2018-07-06 17:50:19 +02:00
Ted Hess
0f543883cd toolchain: Replace YASM with NASM
Packages libx264 and ffmpeg are built with ASM options on x86 platforms.
The current libx264 version no longer builds with YASM and requires NASM.
ffmpeg 3.x can be built with either YASM or NASM however, furture 4.x versions
will require NASM.

Signed-off-by: Ted Hess <thess@kitschensync.net>
Acked-by: Rosen Penev <rosenp@gmail.com>
2018-07-05 10:17:06 -04:00
Yousong Zhou
9009efa18b download.mk: enable DownloadMethod/github_archive
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-07-05 01:30:57 +08:00
Yousong Zhou
04b9f85873 scripts/dl_github_archive.py: rename from download.py
- Make the code more GitHub-specific
 - Requires mirror hash to work with .gitattributes
 - Use different API depending on whether PKG_SOURCE_VERSION is a
   complete commit id or other ref types like tags
 - Fix removing symbolic link
 - pre-clean dir_untar for possible leftovers from previous run

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-07-05 01:30:57 +08:00
Yousong Zhou
e48ea13b3b download.mk: add more comments
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-07-05 01:30:57 +08:00
Yousong Zhou
eb6759cc78 fixup-makefile.pl: fixup when PKG_SOURCE is defined elsewhere
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-07-05 01:30:57 +08:00
Luiz Angelo Daros de Luca
b724443f9f elfutils: bump to 0.173
- Removed hacks to use standalone argp as upstream now detects it nicely.
- As we are already installing files, use files from PKG_INSTALL_DIR and
  not PKG_BUILD_DIR
- Only changes Makefile.am as PKG_FIXUP:=autoreconf is in use

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2018-07-04 16:18:08 +02:00
Koen Vandeputte
d0839e020d kernel: bump 4.14 to 4.14.53
Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-07-04 14:16:37 +02:00
Koen Vandeputte
01ca20cdfd kernel: bump 4.9 to 4.9.111
Refreshed all patches

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-07-04 14:16:37 +02:00
Christoph Krapp
8722c52b41 ath79: remove bs-partition ro-flag for UniFi AC devices
This removes the read-only flag from the bs (bootselect) partition
on UniFi AC devices. This allows to correct the indicator from which
partition the device is booting its kernel from.

See also:
 - freifunk-gluon/gluon#1301
 - https://bugs.lede-project.org/index.php?do=details&task_id=662

Signed-off-by: Christoph Krapp <achterin@googlemail.com>
2018-07-04 01:20:03 +02:00
Aleksandr V. Piskunov
63c9081c77 ath79: swap TP-Link Archer C7 v2 USB port LED and GPIO names
TP-Link Archer C7 v2 USB port LED and GPIO names are in incorrect order,
i.e. in order to match actual user visible labels, usb1 should be usb2,
and vice versa.
This patch swaps LED and GPIO power control node names.

Signed-off-by: Aleksandr V. Piskunov <aleksandr.v.piskunov@gmail.com>
2018-07-04 01:20:03 +02:00
Mathias Kresin
31aa62c5ec ath79: drop mv88e6063 switch driver
Due do a missing KCONFIG isn't selectable nor enabled in the target
kernel config. Drop it for now and enable/add the driver at the time it
is required.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-07-04 01:20:02 +02:00
Aleksandr V. Piskunov
36fea5a7b9 ipq806x: fix numbering for Netgear R7800 LAN ports
Netgear R7800 switch LAN ports are numbered backwards in LuCI,
i.e. numbering is not corresponding to the actual physical port labels,
patch fixes that.

Signed-off-by: Aleksandr V. Piskunov <aleksandr.v.piskunov@gmail.com>
[merged with existing board using the same config]
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2018-07-04 01:20:02 +02:00
Romain MARIADASSOU
ce31bdc20c ramips: add support for TL-WA801ND v5
Specification:

- System-On-Chip: MediaTek MT7628NN
- CPU/Speed: 580 MHz
- Flash-Chip: ELM Technology GD25Q64
- Flash size: 8192 KiB
- RAM: 64 MiB
- Wireless No1: SoC-integrated: MT7628N 2.4GHz 802.11bgn

Currently the only method to install openwrt for the first time is via
TFTP recovery. After first install you can use regular updates.

Flash instructions:

1) To flash the recovery image, start a TFTP server with IP address
   192.168.0.66 and serve the recovery image named tp_recovery.bin.
2) Connect your device to the LAN port, then press the WPS and Reset
   button and power it up. Keep pressing the WPS/Reset button for
   10 seconds or until the lock LED is lighting up.
   It will try to download the recovery image and flash it.

It can take up to 2-3 minutes to finish. When it reaches 100%, the
router will reboot itself.

Signed-off-by: Romain MARIADASSOU <roms2000@free.fr>
2018-07-04 01:20:02 +02:00
Maxim Anisimov
7d07bc96b7 ramips: add support for ZyXEL Keenetic Extra II
Specification:
- System-On-Chip: MT7628N/N
- CPU/Speed: 580 MHz
- Flash-Chip: Winbond w25q256
- Flash size: 32768 KiB
- RAM: 128 MiB
- 5x 10/100 Mbps Ethernet
- 4x external, non-detachable antennas
- UART (J1) header on PCB (57600 8n1)
- Wireless No1 (2T2R): SoC-integrated: MT7628N 2.4GHz 802.11bgn
- Wireless No2 (2T2R): On-board chip: MT7612EN 5GHz 802.11ac
- USB: Yes 1 x 2.0
- 4x LED, 3x button

The device supports dual boot mode. So we use only first half of flash.

Flash instruction:

The only way to flash OpenWrt image is to use
tftp recovery mode in U-Boot:

1. Configure PC with static IP 192.168.1.2/24 and tftp server.
2. Rename "openwrt-ramips-mt76x8-zyxel_keenetic-extra-ii-squashfs-factory.bin"
   to "kextra2_recovery.bin" and place it in tftp server directory.
3. Connect PC with one of LAN ports, press the reset button, power up
   the router and keep button pressed until power led start blinking.
4. Router will download file from server, write it to flash and reboot.

Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
2018-07-04 01:20:02 +02:00
Maxim Anisimov
9e2c28472c ramips: move zyimage define to common Makefile
Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
2018-07-04 01:20:02 +02:00
Tobias Schramm
faf64056dd ramips: add support for MikroTik RouterBOARD RBM11g
This commit adds support for the MikroTik RouterBOARD RBM11g.

=Hardware=

The RBM11g is a mt7621 based device featuring one GbE port and one
miniPCIe slot with a sim card socket and USB 2.0.

==Switch==

The single onboard Ethernet port is connected the CPU directly.
The internal switch of the mt7621 SoC is disabled.

==Flash==

The device has one spi nor flash chip. It is a 128 Mbit winbond 25Q128FVS
connected to CS0.

==PCIe==

The board features a single miniPCIe slot. It has a dedicated mini SIM
socket and a USB 2.0 port. Power to the miniPCIe slot is controlled via
GPIO9.

==USB==

There are no external USB ports.

==Power==

The board can accept both, passive PoE and external power via a 2.1 mm
barrel jack (center-positive). The input voltage range is 11-32 V.

==Serial port==

The device does have an onboard UART on an unpopulated header next to the
flash chip:

GND: pin 2
 TX: pin 7
 RX: pin 6

Settings: 115200, 8N1

See below illustration for positioning of the header.

0 = screw hole
* = some pin
T = TX  pin
R = RX  pin
G = GND pin

Pinout:
+---------------
|O
|             __
|            /  \
|            \__/
|
|
|
|               +---+
|               |RAM|
| +--+          |   |
| |**|  <- unpopulated header with UART
| |*T|          +---+
| |R*|        +--------+
| |**|        |        |
| |G*|        |  CPU   |
| +--+        |        |
|    +--+     |        |
|    |  |     +--------+
|    +--+  <- flash chip
|O
|       +-----+
|       |     |
|+--+   |     |
||  |   |     |
+---------------------

=Installation=

To install an OpenWRT image to the device two components must be built:

1. A openwrt initramfs image
2. A openwrt sysupgrade image

===initramfs & sysupgrade image===

Select target devices "Mikrotik RBM11G" in
openwrt menuconfig and build the images. This will create the images
"openwrt-ramips-mt7621-mikrotik_rbm11g-initramfs-kernel.bin" and
"openwrt-ramips-mt7621-mikrotik_rbm11g-squashfs-sysupgrade.bin" in the
output directory.

==Installing==

**Make sure to back up your RouterOS license in case you do ever want to
go back to RouterOS using "/system license output" and back up the
created license file.**

When rebooted the board will try booting via ethernet first. If your
board does not boot via ethernet automatically you will have to attach
to the serial port and set ethernet as boot device within RouterBOOT.

1. Set up a dhcp server that points the bootfile to tftp server serving
   the "openwrt-ramips-mt7621-mikrotik_rbm11g-initramfs-kernel.bin"
   initramfs image
2. Connect to ethernet port on board
3. Power on the board
4. Wait for OpenWrt to boot

Right now OpenWrt will be running with a SSH server listening. Now
OpenWrt must be flashed to the devices flash:

1. Copy "openwrt-ramips-mt7621-mikrotik_rbm11g-squashfs-sysupgrade.bin"
   to the device using scp.
2. Write openwrt to flash using "sysupgrade
   openwrt-ramips-mt7621-mikrotik_rbm11g-squashfs-sysupgrade.bin"

Once the flashing completes the board will reboot. Disconnect from the
devices ethernet port or stop the DHCP/TFTP server to prevent the device
from booting via ethernet again.
The device should now boot straight to OpenWrt.

Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
2018-07-04 01:20:02 +02:00
Michael Kuron
d0b89e48d7 lantiq: enlarge AVM Fritz!Box 3370 flash
Increase the available flash memory size in AVM Fritz!Box 3370 by
incorporating the unused extra partitions located after the ubi partition.

Note that users upgrading from a previous OpenWRT version need to
re-install from the boot loader to pick up the new partition layout.

Available flash space for rootfs+overlay increases from 48MB to 124MB.

Reverting to the OEM firmware is still possible (via the recovery utility
provided by AVM) as the OEM firmware appears to reformat the config and
nand-filesystem partitions upon first boot if necessary. The
reserved-kernel and reserved-filesystem partitions are overwritten by the
OEM firmware when installing an update, so their contents do not matter.

Boot loader and device-specific information (MAC addresses, calibration
data, etc.) are not located in NAND flash and remain unharmed by this
changed.

Tested with OEM firmware 06.54 on device with HWRevision 5 and Micron
flash chip.

Signed-off-by: Michael Kuron <m.kuron@gmx.de>
2018-07-04 01:20:02 +02:00
Mathias Kresin
f72605f70e lantiq: backport stp-xway get callback implementation
To keep the status of a LED connected to the stp during boot, the get
callback is required. If the callback is missing and the LED default
state is set to keep in the devicetree, the gpio led driver errors out
during load.

Fixes: FS#1620

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-07-04 01:20:01 +02:00
Hyeonsik Song
c2766270ef firmware-utils: tplink-safeloader: add calloc error handling
Signed-off-by: Hyeonsik Song <blogcin@naver.com>
2018-07-04 01:20:01 +02:00
Mathias Kresin
eccde89aa4 kernel: fix AT8032 PHY phy id mask
Don't mask bit 4 of the AT8022 phy id. If bit 4 of the AT8022 phy id
(0x004dd023) is masked, it will match the phy id of the AR8327 switch
(0x004dd033) as well.

It results in applied at803x driver settings/callbacks, which will at
least limit the AR8327 phys to 100MBit operation instead of the possible
1000MBit.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-07-04 01:19:05 +02:00
Kevin Darbyshire-Bryant
89b59994eb build: ASLR hardening use $(FPIC)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-07-03 14:19:10 +01:00
Kevin Darbyshire-Bryant
900d86766b toolchain: gdb: enable TUI
The GDB Text User Interface (TUI) is a terminal interface
which uses the curses library to show the source file,
the assembly output, the program registers and GDB
commands in separate text windows.

In other words it's a friendlier interface for idiots like me!

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-07-03 14:19:10 +01:00
Kevin Darbyshire-Bryant
fbf475403b dnsmasq: bump to latest patches on 2.80rc2
Refresh patches and backport upstream to current HEAD:

a997ca0 Fix sometimes missing DNSSEC RRs when DNSSEC validation not enabled.
51e4eee Fix address-dependent domains for IPv6.
05ff659 Fix stupid infinite loop introduced by preceding commit.
db0f488 Handle some corner cases in RA contructed interfaces with addresses changing interface.
7dcca6c Warn about the impact of cache-size on performance.
090856c Allow zone transfer in authoritative mode whenever auth-peer is specified.
cc5cc8f Sane error message when pcap file header is wrong.
c488b68 Handle standard and contructed dhcp-ranges on the same interface.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-07-03 13:58:55 +01:00
Kevin Darbyshire-Bryant
abeae38dbb kmod-sched-cake: bump to latest cake
This bumps to the latest & possibly greatest cake, sadly it's still
inedible but from an SQM point of view quite tasty :-)

Main tweaks since previous bump, improved ack_filter, some extra stats,
support for 64bit netlink parameters (higher rates/byte counters)

0520a6c Fix NAT option handling
8da93e1 Make sure we always call qdisc_watchdog_init() in cake_init()
f65daf6 Fix mismatched parenthesis
51d4ab3 Change flag handling to be safe even when mixing with non-eligible ACKs
f2ea091 ack_filter: protect DCTCP with stricter filtering of ECE marks
28b4560 ACK filter: Handle wrapping sequence numbers and DSACKs
73f62d9 Use the right PAD attribute for options
5969c14 Use 32 for tin backlog
e289f31 Move all the u64 netlink attributes together
36180a0 Check ACK seqno before parsing SACKs
91bbc01 Merge branch 'mine' into cobalt
58c55ec Rework SACK check to compare the ranges of two SACKs
9a5d593 ack_filter: Add proper handling of SACKs
eca95d4 ack_filter: short-circuit TCP flag check
d50a246 compat: backport some ktime functions
7b7ad11 compat: define tcpopt_fastopen for pre-4.1 kernels
ca54cdb Fix ktime compare
9d7dcc0 ack filter: Parse TCP options and only drop safe ones
b119882 Return EOPNOTSUPP on NAT option if conntrack is not available
842d7f0 Don't try to pad stats with tin_stats padding
bd46dc2 Use 64-bit divide helper
8e41bf0 Make sure we never drop SACKs when filtering ACKs
66e5d60 Avoid comparing ktime_t to scalar values
7fab017 Actually commit the ktime_t changes
fca6d13 Switch to ktime_t and get rid of cobalt.h
6f7e5af Can't use do_div with 64-bit divisors

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-07-03 11:40:18 +01:00
Kevin Darbyshire-Bryant
a2165f936e iproute2: tc: update support for cake
Bump iproute2/tc support of cake.

Add support for cake's change to u64 attribute passing for certain
attributes (rate & byte counts)

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-07-03 11:40:18 +01:00
Kevin Darbyshire-Bryant
3698b34a00 kernel: gen_stats: Fix netlink stats dumping in the presence of padding
Backport hot off the press upstream netlink patch.  Fixes stats display
from CAKE qdisc on MIPS allowing us to bump CAKE to latest version.

The gen_stats facility will add a header for the toplevel nlattr of type
TCA_STATS2 that contains all stats added by qdisc callbacks. A reference
to this header is stored in the gnet_dump struct, and when all the
per-qdisc callbacks have finished adding their stats, the length of the
containing header will be adjusted to the right value.

However, on architectures that need padding (i.e., that don't set
CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS), the padding nlattr is added
before the stats, which means that the stored pointer will point to the
padding, and so when the header is fixed up, the result is just a very
big padding nlattr. Because most qdiscs also supply the legacy TCA_STATS
struct, this problem has been mostly invisible, but we exposed it with
the netlink attribute-based statistics in CAKE.

Fix the issue by fixing up the stored pointer if it points to a padding
nlattr.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-07-03 11:40:18 +01:00
Felix Fietkau
09b6755946 ramips: limit dictionary size for lzma compression
In some cases, recent builds fail to boot from flash with at least some
MT7621 based devices. The error message is:
"LZMA ERROR 1 - must RESET board to recover"
Booting the same kernel via TFTP works for some reason.

Through testing I figured out that limiting the LZMA dictionary size
seems to prevent these errors

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-03 11:18:39 +02:00
Jo-Philipp Wich
b54bef2058 uhttpd: update to latest Git head
db86175 lua: honour size argument in recv() function
d3b9560 utils: add uh_htmlescape() helper
8109b95 file: escape strings in HTML output
393b59e proc: expose HTTP Origin header in process environment
796d42b client: flush buffered SSL output when tearing down client ustream

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-03 06:59:13 +02:00
Hans Dedecker
afac2a2dd6 ebtables: update to latest git 2018-06-27
48cff25 build: drop install -o/-g root
53d7e7a extensions: ebt_string: take action if snprintf discards data

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-07-02 17:33:55 +02:00
Hans Dedecker
e705342bf8 toolchain/glibc: update to latest 2.26 commit
74d16a57a3 Check length of ifname before copying it into to ifreq structure.
3aaf8bda00 getifaddrs: Don't return ifa entries with NULL names [BZ #21812]
f958b45d52 Use _STRUCT_TIMESPEC as guard in <bits/types/struct_timespec.h> [BZ #23349]
81b994bd83 Fix parameter type in C++ version of iseqsig (bug 23171)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-07-02 14:31:18 +02:00