Commit graph

12704 commits

Author SHA1 Message Date
Jo-Philipp Wich
113544dccf firewall: update to fix FS#31, FS#73, FS#154, FS#248
Update to latest Git head in order to import several fixes and enhancements.

- Disable drop invalid by default (FS#73, FS#154)

  Instead of dropping packets with conntrack state INVALID, only allow streams
  with explicit NEW or UNTRACKED conntrack state.

  This change gives user defined rules the chance to accept traffic like ICMPv6
  multicast which would be filtered away by the very early ctstate INVALID drop
  rule otherwise.

  The old behaviour can be restored by explicitely setting "drop_invalid" to 1
  in the global firewall config section.

- Fix re-initialization of loadable iptables extensions on musl (FS#31)

  Since musl does not implement actual dlclose() semantics, it is impossible to
  re-run initializers on subsequent dlopen() calls.

  The firewall3 executable now intercepts the extension registration calls
  instead in order to be able to re-call them when needed.

  This also allowed us to switch to libxtables' builtin extension loader as a
  positive side-effect.

- Fix masquerade rules for multiple negated IP addresses (FS#248)

  When building MASQUERADE rules for zones which specify multiple negated
  addresses in masq_src or masq_dest, emit -j RETURN rules which jump out of
  the masquerading chain instead of creating multiple rules with inverted "-s"
  arguments.

- Tag own rules using comments

  Instead of relying on the nonstandard xt_id match, use the xt_comment match
  to mark own rules. Existing comments are prefixed with "!fw3: " while
  uncommented rules are marked with a sole "!fw3" string.

  This allows removing the xt_id match entirely in a later commit.

- Make missing ubus connection nonfatal

  Technically, firewall3 is able to operate without ubus just fine as long as
  the zones are declared using "option device" or "option subnet" instead of
  "option network" so do not abort execution if ubus could not be connected or
  of no network namespace is exported in ubus.

  This allows running firewall3 on ordinary Linux systems.

- Fix conntrack requirement detection for indirectly connected zones

  The current code fails to apply the conntrack requirement flag recursively to
  zones, leading to stray NOTRACK rules which break conntrack based traffic
  policing.

  Change the implementation to iteratively reapply the conntrack fixup logic
  until no more zones had been changed in order to ensure that all directly and
  indirectly connected zones receive the conntrack requirement flag.

- Add support for iptables 1.6.x

  Adds support for the xtables version 11 api in order to allow building
  against iptables 1.6.x

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-08 11:35:50 +01:00
Christian Lamparter
9c91335dc7 iperf3: update to version 3.1.4
"This release fixes a few minor bugs, including a
(non-security-impacting) buffer overflow fix ported
from upstream cjson."
<http://software.es.net/iperf/news.html#iperf-3-1-4-released>

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-08 11:17:11 +01:00
Mathias Kresin
4f7a0601e6 mac80211: rt2x00: add mtd-eeprom swab function
Most of the lantiq devices with ralink wifi have the EEPROM stored
in big endian byte order in flash, but the driver expects the EEPROM to
be in little endian.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-08 11:17:11 +01:00
Mathias Kresin
7f235df571 mac80211: rt2x00: remove eeprom filename dependency from mtd-eeprom
The ralink,mtd-eeprom device tree property doesn't require the
ralink,eeprom property to work.

Rework the error handling and user notification as well. Do not log an
error if the mtd-eeprom parameter isn't used. It could be intentional
and should not scare the user.

Check if the number of bytes read from the mtd devices matches the
requested number of bytes.

In case of an mtd read error, give a hint to the user which partition
was tried to read from.

In case everything is fine, notify the user as well.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-08 11:17:10 +01:00
Mathias Kresin
2516c0572e mac80211: rt2x00: improve eeprom_file property handling
Call the rt2x00lib_get_eeprom_file_name only once and from the function
where the EEPROM filename is required.

Error only out if an EEPROM file is mandatory. Use the
REQUIRE_EEPROM_FILE bit to determine if it is mandatory.

Do not set the REQUIRE_EEPROM_FILE bit while requesting an EEPROM file.
It should be (and is) set before requesting an EEPROM file.

Do not redirect users to upstream while using a function of a custom
patch.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-08 11:17:10 +01:00
Hans Dedecker
a50243ea1f dnsmasq: Support add-mac option
Adds the mac address of the DNS requestor to DNS queries which
are forwarded upstream and can be used to do filtering by the
upstream servers. This only works if the requestor is on the
same subnet as the dnsmasq server

The addmac parameter can hold the following values:
	0 : mac address is not added
	1 : mac address is added in binary format
	base64 : mac address is added base64 encoded
	text: : mac address is added in human readable format
		as hex and colons

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-11-08 11:17:10 +01:00
Alberto Bursi
2cb4b267bd mdadm: move to Disc submenu
As in Disc there is also lvm2 and other hard drive tools in the Openwrt package feeds.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
decf6b3314 yamonenv: move to Boot Loaders submenu
Boot Loaders submenu is the place where all other boot loaders are.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
e4fef72244 comgt: move to WWAN submenu, fixed link
moving comgt and its modules to WWAN submenu to join uqmi as both are tools for WWAN modems.

I replaced the link with comgt's ubuntu manpage because the old link isn't working anymore.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
9abdeee0b7 uqmi: moved to WWAN submenu
Moving uqmi to WWAN submenu

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Christian Schoenebeck
7ee661def6 ca-certificates: update to version 20161102
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2016-11-08 10:49:51 +01:00
Florian Larysch
dfc14bd145 kernel: add kernel module package for the DS1374 RTC
Package the driver for the DS1374 chip present on the T4240RDB.

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix missing symbol]
2016-11-08 10:49:40 +01:00
Florian Larysch
51b1d76f16 kernel: package module for the W83793 hwmon chips
Package the driver for the W83793 hwmon chip present on the T4240RDB.

Signed-off-by: Florian Larysch <fl@n621.de>
2016-11-08 05:49:58 +01:00
Alexandru Ardelean
519a199cbc devel/strace: fix build on mpc85xx target
builbot faillog:
https://downloads.lede-project.org/snapshots/faillogs/powerpc_8540/base/strace/compile.txt

Seems that for PPC, the <linux/ptrace.h> header [from uapi] collides
with musl's <sys/user.h>, for the pt_regs struct.

Seems I tried to upstream this patch a while back:
https://lists.openwrt.org/pipermail/openwrt-devel/2016-April/041093.html

It seems to work on current LEDE trunk too.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-11-08 05:49:58 +01:00
Cezary Jackiewicz
862e7fb7b3 gcom: Fix 'mode' option for ncm
For Huawei devices like E3372 proper command for set lte mode is:

AT^SYSCFGEX="03",3fffffff,2,4,7fffffffffffffff,,

Eval is required for proper quotation.

Without this fix:

Fri Nov  4 19:07:49 2016 daemon.notice netifd: Interface 'wan' is setting up now
Fri Nov  4 19:07:52 2016 daemon.notice netifd: wan (2060): sending -> AT
Fri Nov  4 19:07:52 2016 daemon.notice netifd: wan (2060): sending -> ATZ
Fri Nov  4 19:07:53 2016 daemon.notice netifd: wan (2060): sending -> ATQ0
Fri Nov  4 19:07:53 2016 daemon.notice netifd: wan (2060): sending -> ATV1
Fri Nov  4 19:07:54 2016 daemon.notice netifd: wan (2060): sending -> ATE1
Fri Nov  4 19:07:55 2016 daemon.notice netifd: wan (2060): sending -> ATS0=0
Fri Nov  4 19:07:55 2016 daemon.notice netifd: wan (2060): sending -> AT+CGDCONT=1,"IP","internet"
Fri Nov  4 19:07:57 2016 daemon.notice netifd: wan (2060): sending -> AT^SYSCFGEX=\"03\",3fffffff,2,4,7fffffffffffffff,,
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2060): Error running AT-command
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2060): Failed to set operating mode
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2092): Stopping network
...

With this fix:

Fri Nov  4 19:10:59 2016 daemon.notice netifd: Interface 'wan' is setting up now
Fri Nov  4 19:11:01 2016 daemon.notice netifd: wan (2539): sending -> AT
Fri Nov  4 19:11:01 2016 daemon.notice netifd: wan (2539): sending -> ATZ
Fri Nov  4 19:11:02 2016 daemon.notice netifd: wan (2539): sending -> ATQ0
Fri Nov  4 19:11:03 2016 daemon.notice netifd: wan (2539): sending -> ATV1
Fri Nov  4 19:11:03 2016 daemon.notice netifd: wan (2539): sending -> ATE1
Fri Nov  4 19:11:04 2016 daemon.notice netifd: wan (2539): sending -> ATS0=0
Fri Nov  4 19:11:05 2016 daemon.notice netifd: wan (2539): sending -> AT+CGDCONT=1,"IP","internet"
Fri Nov  4 19:11:06 2016 daemon.notice netifd: wan (2539): sending -> AT^SYSCFGEX="03",3fffffff,2,4,7fffffffffffffff,,
Fri Nov  4 19:11:07 2016 daemon.notice netifd: wan (2539): sending -> AT^NDISDUP=1,1,"internet"
Fri Nov  4 19:11:08 2016 daemon.notice netifd: wan (2539): Connected, starting DHCP on wwan0
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan' is now up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Network device 'wwan0' link is up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Network alias 'wwan0' link is up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' is enabled
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' has link connectivity
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' is setting up now
...

Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
2016-11-08 05:49:58 +01:00
Mathias Kresin
578f7b9c59 kernel: fix kmod-sound-core build error
Fix build error introduced with 2ab6aac.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-05 22:24:25 +01:00
Dmitry Sutyagin
2ab6aaca4d kernel: add SND_PCM_TIMER to kmod-sound-core
FS#256

Fix audio not working due to unset SND_PCM_TIMER. CONFIG_SND_PCM_TIMER
is required for ALSA to work (at least for some audio devices),
otherwise applications using sound may fail. Can be reproduced by
installing "alsa-utils-tests" and running "speaker-test":

...
ALSA lib pcm_direct.c:1159:(snd1_pcm_direct_initialize_poll_fd) unable to open timer 'hw:CLASS=3,SCLASS=0,CARD=0,DEV=0,SUBDEV=0'
ALSA lib pcm_dmix.c:1106:(snd_pcm_dmix_open) unable to initialize poll_fd
Playback open error: -19,No such device

The kernel size does not increase, only the size of the kernel module
increases.

Signed-off-by: Dmitry Sutyagin <f3flight@gmail.com>
2016-11-05 22:03:42 +01:00
Felix Fietkau
fb504e8799 Revert "mt76: update to the latest version, adds a tx queue configuration fix"
This reverts commit 32867540ea.
A report indicates that this causes a tx/rx throughput regression

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-05 10:16:53 +01:00
Felix Fietkau
17ecd879b8 Revert "mwl8k: remove synchronous device init hack"
This reverts commit cb037d1842.
See 6aa07b8202 for more information

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 13:23:07 +01:00
Felix Fietkau
6aa07b8202 Revert "mac80211: remove ath10k delayed initialization hack"
This reverts commit efd9dec319.

ath10k can take a long time to probe, long enough for netifd to fail to
initialize already configured wireless devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 12:58:52 +01:00
Felix Fietkau
32867540ea mt76: update to the latest version, adds a tx queue configuration fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 10:32:51 +01:00
Felix Fietkau
cae688544d mac80211: fix A-MSDU tx aggregation (FS#174)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 10:32:05 +01:00
Felix Fietkau
db82db3203 mac80211: minor cleanup
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 10:31:42 +01:00
Felix Fietkau
5c11a4b311 mac80211: fix a tx A-MPDU aggregation issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 10:31:27 +01:00
Felix Fietkau
12bd0f2820 mac80211: replace the previous fix with a revert of the faulty upstream commit
This avoids potential breakage in rt2x00usb

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 12:13:50 +01:00
Luiz Angelo Daros de Luca
e2fd98793e elfutils: bump to 0.167
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2016-11-03 11:08:02 +01:00
Felix Fietkau
cb037d1842 mwl8k: remove synchronous device init hack
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 11:08:01 +01:00
Mathias Kresin
efd9dec319 mac80211: remove ath10k delayed initialization hack
LEDE no longer requires all PHYs to be initialized to
create the configuration files during bootup. This patch
removes the now obsolete ath10k patch.

Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-03 11:08:01 +01:00
Christian Lamparter
5f8f8a3661 base-files, mac80211, broadcom-wl: wifi detection and configuration
Currently, the wifi detection script is executed as part of
the (early) boot process. Pluggable wifi USB devices, which
are inserted at a later time are not automatically
detected and therefore they don't show up in LuCI.

A user has to deal with wifi detection manually, or restart
the router.

However, the current "sleep 1" window - which the boot
process waits for wifi devices to "settle down" - is too
short to detect wifi devices for some routers anyway.

For example, this can happen with USB WLAN devices on the
WNDR4700. This is because the usb controller needs to load
its firmware from UBI and initialize, before it can operate.

The issue can be seen on a BT HomeHub 5A as well as soon as
the caldata are on an ubi volume. This is because the ath9k
card has to be initialized by owl-loader first. Which has to
wait for the firmware extraction script to retrieve the pci
initialization values inside the caldata.

This patch moves the wifi configuration to hotplug scripts.
For mac80211, the wifi configuration will now automatically
run any time a "ieee80211" device is added. Likewise
broadcom-wl's script checks for new "net" devices which
have the "wl$NUMBER" moniker.

Issues with spawning multiple interface configuration - in
case the detection script is run concurrently - have been
resolved by using a named section for the initial
configuration. Concurrent configuration scripts will now
simply overwrite the same existing configuration.

A workaround which preserves the "sleep 1" window for just
the first boot has been added. This allows the existing
brcm47xx boot and mvebu uci-default scripts to correctly
setup the initial mac addresses and regulatory domain.

And finally, the patch renames the "wifi detect" into
"wifi config". As the script no longer produces any output
that has to be redirected or appended to the configuration
file.

Thanks to Martin Blumenstingl for helping with the implementation
and testing of the patch.

Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 11:08:01 +01:00
Christian Lamparter
5e35b4562f base-files, mac80211, broadcom-wl: use uci to populate wireless config
Previously, wifi detect simply dumped its generated wireless
configuration to STDOUT. A second step was needed to append
the configuration to /etc/config/wireless (or create it, if
it didn't exist).

With this patch, The wifi detection script will now use uci
to update the wireless configuration directly.

This patch also makes the initially created wifi-iface a
named section ('default_radio$X' for mac80211 and
'default_wl$X' for broadcom). With this change, uci will
not print the cfgHASH to STDOUT (which would now corrupt
the wireless configuration). It will also prevent adding
duplicated wifi interface configurations, if the wifi
configuration is run concurrently.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-03 11:08:01 +01:00
Mathias Kresin
ba3540db62 base-files: generate /etc/config/wireless, if it doesn't exist
This patch adds a check in "wifi detect" to test if the wireless
configuration file does exist. If it doesn't exist, an empty
/etc/config/wireless file will be created.

This is necessary because uci doesn't create new files,
instead the tool just exits with "uci: Entry not found".

Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-03 11:08:01 +01:00
Felix Fietkau
f78405f500 mac80211: fix regdomain change issues with CONFIG_ATH_USER_REGD
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 11:04:57 +01:00
Felix Fietkau
69ace0824f mac80211: fix a minor issue in the header padding patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 11:04:54 +01:00
Felix Fietkau
4dfc0be07b mac80211: fix AP powersave issues introduced in the last wireless-testing update (FS#241)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 11:04:30 +01:00
Alberto Bursi
08279810ed uboot-envtools: move to Boot Loaders submenu
Boot Loaders submenu is where other bootloader tools (fconfig and grub2-editenv) are.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-03 08:21:47 +01:00
Karl Palsson
df1804b75c dnsmasq: support log-dhcp option
Helpful when trying to resolve issues with quirky dhcp client devices.

Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-11-02 10:25:44 +01:00
Jo-Philipp Wich
eb10b13f16 iproute2: rename ip to ip-tiny and let both ip-tiny and ip-full provide "ip"
Rename the "ip" package declaration to "ip-tiny" and let both "ip-tiny" and
"ip-full" provide the virtual "ip" package. This allows users to freely choose
the "ip" command variant while other packages can continue to depend on "ip"
without needing to enforce a specific variant.

Note that this commit does not add busybox as "ip" provider due to
the following reasons:

 - The builtin Busybox ip applet cannot be added or removed at runtime
 - Both "ip-tiny" and "ip-full" are able to install without file clashes even
   if the busybox applet is enabled
 - The system is preferring full "ip-tiny" and "ip-full" at runtime, even
   if Busybox ip is still present.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-02 02:33:30 +01:00
Jo-Philipp Wich
7a58972680 uboot-sunxi: fix default config for OLIMEX A13 SOM (FS#239)
The current uboot default config for the A13 SOM erroneously enables support
for the AXP209 power regulator IC which is not present on the board.

This superfluous support module sets an incorrect initial clock frequency and
confuses the kernel, ultimately leading to a boot failure later on.

Properly disable the PMIC support and enable the EHCI support by translating
the deprecated SYS_EXTRA_OPTIONS values into proper SUNXI_NO_PMIC and
USB_EHCI_HCD symbols respectively.

Also rename 002-add-olimex-a13-som.diff to 002-add-olimex-a13-som.patch and
refresh the remaining patches of the series while we're at it.

Reported-by: Mario Fischer <mario-fischer@web.de>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-02 02:11:19 +01:00
Jo-Philipp Wich
5e0441aaf0 base-files: uci-defaults: support requesting untagged switch port configuration
Introduce support for a new [0-9]u@netdev syntax to ucidev_add_switch() to let
board.d network files request default network switch configurations which do
not use tagged CPU ports.

This commit itself has no effect on generated configurations at the moment
since we still emit untagged configurations by default but it allows boards to
opt-out from default tagged configs in case we start emitting tagged settings
by default.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-02 01:06:29 +01:00
Jo-Philipp Wich
fb58cd2fed fstools: add build-depends on util-linux
The libblkid probe support in fstools git head requires blkid/blkid.h for
compilation, so add a build dependency on util-linux which provides libblkid.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-01 09:52:03 +01:00
Yutang Jiang
15a14cf166 layerscape: add 64b/32b target for ls1012ardb device
The QorIQ LS1012A processor, optimized for battery-backed or
USB-powered, integrates a single ARM Cortex-A53 core with a hardware
packet forwarding engine and high-speed interfaces to deliver
line-rate networking performance.
QorIQ LS1012A Reference Design System (LS1012ARDB) is a high-performance
development platform, with a complete debugging environment.
The LS1012ARDB board supports the QorIQ LS1012A processor and is
optimized to support the high-bandwidth DDR3L memory and
a full complement of high-speed SerDes ports.

LEDE/OPENWRT will auto strip executable program file while make. So we
need select CONFIG_NO_STRIP=y while make menuconfig to avoid the ppfe network
fiemware be destroyed, then run make to build ls1012ardb firmware.

The fsl-quadspi flash with jffs2 fs is unstable and arise some failed message.
This issue have noticed the IP owner for investigate, hope he can solve it
earlier. So the ls1012ardb now also provide a xx-firmware.ext4.bin as default
firmware, and the uboot bootcmd will run wrtboot_ext4rfs for "rootfstype=ext4"
bootargs.

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-10-31 17:00:10 +01:00
Yutang Jiang
c6c731fe31 layerscape: add 64b/32b target for ls1043ardb device
Add support for NXP layerscape ls1043ardb 64b/32b Dev board.

LS1043a is an SoC with 4x64-bit up to 1.6 GHz ARMv8 A53 cores.
ls1043ardb support features as: 2GB DDR4, 128MB NOR/512MB NAND, USB3.0, eSDHC,
I2C, GPIO, PCIe/Mini-PCIe, 6x1G/1x10G network port, etc.

64b/32b ls1043ardb target is using 4.4 kernel, and rcw/u-boot/fman images from
NXP QorIQ SDK release.

All of 4.4 kernel patches porting from SDK release or upstream.

QorIQ SDK ISOs can be downloaded from this location:
http://www.nxp.com/products/software-and-tools/run-time-software/linux-sdk/linux-sdk-for-qoriq-processors:SDKLINUX

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-10-31 17:00:10 +01:00
Stefan Koch
a7672fa5b4 lantiq: added xrx200 as plattform for ltqvmmc
Signed-off-by: Stefan Koch <stefan.koch10@gmail.com>
2016-10-31 16:51:33 +01:00
Stefan Koch
8c08ccc937 lantiq: added xrx200 as plattform for ltqtapi
Signed-off-by: Stefan Koch <stefan.koch10@gmail.com>
2016-10-31 16:51:33 +01:00
Stefan Koch
04cf9443c5 lantiq: fix vmmc build
(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>

(cherry picked from commit 47b1ff965b0cb57013b40fbe2bcd7f3c6eb6b606)

Modified after cherry-pick:
FW_MD5SUM in Makefile

Signed-off-by: Stefan Koch <stefan.koch10@gmail.com>
2016-10-31 16:51:29 +01:00
Stefan Koch
29367aac42 lantiq: ltq-vmmc add support for ar9-vr9
(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>

(cherry picked from commit ea9e61b8eb61a2e362a50541f03466dc7d087947)
Signed-off-by: Stefan Koch <stefan.koch10@gmail.com>
2016-10-31 16:49:55 +01:00
John Crispin
d15dc7e85d fstools: update to latest git HEAD
adds f2fs support

Signed-off-by: John Crispin <john@phrozen.org>
2016-10-31 16:38:26 +01:00
Petr Štetiar
9e8e8b7253 base-files: sysfixtime: Keep RTC time in UTC timezone
We need to tell hwclock with -u commandline option, that we would like
to keep our RTC clock in UTC timezone. Linux kernel expects RTC in UTC
timezone anyway.

In current state of things, we don't tell hwclock to load/store time
from/to RTC in UTC timezone so it uses the timezone from the system
time. If it's set to different timezone then UTC, sysfixtime is going to
screw the time in RTC.

I've following in the setup script:

  uci set system.@system[0].timezone='CET-1CEST,M3.5.0,M10.5.0/3'
  uci set system.@system[0].zonename='Europe/Prague'

I've this RTC setup (rtc1 is RTC on i.MX6 SoC, rtc0 is battery backed RTC mcp7941x):

  rtc-ds1307 3-006f: rtc core: registered mcp7941x as rtc0
  snvs_rtc 20cc000.snvs:snvs-rtc-lp: rtc core: registered 20cc000.snvs:snvs-r as rtc1

Then we can experience following (current time is 10:15am):

	$ date
	Fri Oct 21 10:15:07 CEST 2016

	$ hwclock -r -f /dev/rtc0
	Fri Oct 21 08:14:46 2016  0.000000 seconds

	$ hwclock -u -r -f /dev/rtc0
	Fri Oct 21 10:14:46 2016  0.000000 seconds

And after current broken sysfixtime:

	$ /etc/init.d/sysfixtime stop

	$ date
	Fri Oct 21 10:15:25 CEST 2016

	$ hwclock -r -f /dev/rtc0
	Fri Oct 21 10:15:31 2016  0.000000 seconds

Now we've time in our battery backed RTC in CEST timezone instead of
UTC.  Then once again, but with this patch applied to sysfixtime, where
hwclock is using correctly the -u parameter:

	$ /etc/init.d/sysfixtime stop

	$ date
	Fri Oct 21 10:15:53 CEST 2016

	$ hwclock -r -f /dev/rtc0
	Fri Oct 21 08:15:55 2016  0.000000 seconds

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-10-31 16:33:19 +01:00
Alexis Green
12f0d5402c hostapd: properly package wpa-supplicant-mesh
Ensure that selecting the wpa-supplicant-mesh package actually packages the
wpa_supplicant binary with SAE support and add missing dependency on OpenSSL.

Signed-off-by: Alexis Green <alexis@cessp.it>
[Jo-Philipp Wich: slightly reword commit message for clarity]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-31 13:46:01 +01:00
Petr Konecny
6797a10fa1 hostapd support for VLANs through a file in addition to Radius.
Signed-off-by: Petr Konecny <pekon@google.com>
2016-10-31 13:24:58 +01:00
Daniel Dickinson
98c86e2970 uhttpd: Add Basic Auth config
We add an 'httpauth' section type that contains the options:

prefix: What virtual or real URL is being protected
username: The username for the Basic Auth dialogue
password: Hashed (crypt()) or plaintext password for the Basic Auth dialogue

httpauth section names are given included as list
items to the instances to which they are to be applied.

Further any existing httpd.conf file (really whatever
is configured in the instance, but default of
/etc/httpd.conf) is appended to the per-instance httpd.conf

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2016-10-31 13:22:51 +01:00
Alexandru Ardelean
b7fadb12b7 lldpd: freeze execution of lldpd during reload
During reload, we could send invalid information to the other
side and confuse it.

That's why, during reload we'll pause execution, do the reconfig
and resume + update when reload is done.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-31 12:51:15 +01:00
Alexandru Ardelean
909f063066 lldpd: fix reload function for when interfaces change
The problem is that interfaces are specified at start as
command line arguments, making them unchange-able via reload.

That means, we have to move (since lldpd allows this) the
interfaces-match-pattern option to be in a config file and reload
the configuration.
It's either that, or do a 'restart'.

Since we're generating the lldpd.conf file, we'll have to
move the 'sysconfdir' of lldpd to /tmp, where the files will
get written ; this will prevent any unncessary flash writes.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-31 12:51:15 +01:00
Pavel Kubelun
ccf0648e72 ath10k-firmware: update qca9984 firmware
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
[Jo-Philipp Wich: add mirror sha256 sum]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-31 12:49:57 +01:00
John Crispin
1e3c4f763c openvpn: cacert does not exist
cacert is really called ca and already in the script

Signed-off-by: John Crispin <john@phrozen.org>
2016-10-27 19:53:01 +02:00
John Crispin
168adaefc2 linux/modules: drop ledtrig-netfilter
this is a duplicate of kmod-ipt-led

Signed-off-by: John Crispin <john@phrozen.org>
2016-10-27 15:29:36 +02:00
John Crispin
0ec48b883c openvpn: add handling for capath and cafile
Signed-off-by: John Crispin <john@phrozen.org>
2016-10-27 15:19:59 +02:00
Daniel Engberg
dc8605b7f7 package/network/utils/ipset: Update to 6.30
Updates to 6.30

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-27 13:16:50 +02:00
Alberto Bursi
a8b9fbee24 util-linux: disc -> Disc and moved some packages
Capitalized "disc" submenu name as all submenu names are capitalized (apart from "database", but I'll fix that
later).

moved "swap-utils" to Filesystem submenu as it is "formatting" a partition as swap so it looks out of place in Disc.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-27 12:45:05 +02:00
Ben Greear
6408ea0486 ath10k-ct: Add QCA9888/9886 support, fix compat issue.
This should fix problems with latest backports, and also adds
driver support for QCA9888 chipset.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-10-27 12:45:05 +02:00
Chris Blake
b745bfa6dc base-files: Ensure reset only works if an overlay exists
Currently the reset script will try to run jffs2reset on boards that are
running a rw rootfs, such as ext4. This will cause jffs2reset to fail
and the board to never reboot while the LED blinks until a manual
reboot.

This commit does two different things:
1. Disables reset on boards that do not have an overlay mount
2. Disables the Blinking LED after 5 seconds if the board does not
support reset

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2016-10-27 12:45:05 +02:00
John Crispin
83ece71d63 netifd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-10-27 12:45:05 +02:00
Paul Wassi
776aa91b0f uboot-kirkwood: fix default bootcmd for Seagate Dockstar
Fix the default value for the 'bootcmd' environment variable.
Therefore make the default bootcmd work for buildbot's images.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-10-27 12:45:02 +02:00
Paul Wassi
705240eeb5 uboot-kirkwood: bump to upstream 2016.09.01
Bump U-Boot for Kirkwood to upstream 2016.09.01. Local patches
cleaned up and reworked.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-10-27 12:44:54 +02:00
Stijn Tintel
e3875350f3 ar71xx: add support for D-Link DAP-2695 rev. A1
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2016-10-27 01:50:42 +03:00
Stijn Tintel
9dfed03c35 mtd: add fixwrgg command
Based on fixseama.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2016-10-27 01:50:42 +03:00
Stijn Tintel
dec29082e0 mtd: fix endianness detection on musl
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2016-10-27 01:50:42 +03:00
Hans Dedecker
a35f9bbc43 dnsmasq: Multiple dnsmasq instances support
Adds support in uci for configuring multiple dnsmasq instances via
multiple dnsmasq sections.
The uci sections host, boot, mac, tag, vendorclass, userclass,
circuitid, ... will refer to a dnsmasq instance via the instance
parameter defined in the section; if the instance parameter is
not specified backwards compatibility is preserved.

Start/Stopping a dnsmasq instance can be achieved by passing the
dnsmasq instance name as argument to start/stop via the init script.

Multiple dnsmasq instances is usefull in scenarios where you want to
bind a dnsmasq instance to an interface in order to isolate networks.

This patch is a rework of a multiple dnsmasq instance patch by Daniel Dickinson

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-10-26 17:53:53 +02:00
Jo-Philipp Wich
f2752f4735 grub2: add missing SECTION variable and remove non breaking space
Fix metadata scan failure in the grub2 package by removing an unexpected
invisible space character and by adding back the missing SECTION variable
which was removed with d140648.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-26 17:53:53 +02:00
Hans Dedecker
311682905e ipip: Support fqdn as remote tunnel endpoint
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-10-26 17:53:53 +02:00
Hannu Nyman
9097dc5ad8 uhttpd: create self-signed certificates with unique subjects
Add a partially random O= item to the certificate subject in order
to make the automatically generated certificates' subjects unique.

Firefox has problems when several self-signed certificates
with CA:true attribute and identical subjects have been
seen (and stored) by the browser. Reference to upstream bugs:
https://bugzilla.mozilla.org/show_bug.cgi?id=1147544
https://bugzilla.mozilla.org/show_bug.cgi?id=1056341
https://bugzilla.redhat.com/show_bug.cgi?id=1204670#c34

Certificates created by the OpenSSL one-liner fall into that category.

Avoid identical certificate subjects by including a new 'O=' item
with CommonName + a random part (8 chars). Example:
/CN=LEDE/O=LEDEb986be0b/L=Unknown/ST=Somewhere/C=ZZ

That ensures that the browser properly sees the accumulating
certificates as separate items and does not spend time
trying to form a trust chain from them.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-10-26 15:16:52 +02:00
Hannu Nyman
82132540a3 uhttpd: prefer px5g for certificate creation
Prefer the old default 'px5g' for certificate creation
as Firefox seems to dislike OpenSSL-created certs.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-10-26 15:16:51 +02:00
Baptiste Jonglez
89817614bb netifd: Request DHCP option 121 (classless route) by default
This option, defined by RFC3442, allows a DHCP server to send static
routes to a client.  But the client has to request this option
explicitely.

Static routes are useful when the gateway configured by DHCP cannot be
in the same subnet as the client.  This happens, for instance, when
using DHCP to hand out addresses in /32 subnets.

A new configuration option "classlessroute" is available, allowing
users to disable this feature (the option defaults to true).

Other DHCP clients already request this option by default (dhcpcd, for
instance, and possibly Windows).  If a DHCP server does not support
this option, it will simply ignore it.

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
2016-10-26 15:16:51 +02:00
Simon Hailes
86c6b07e15 wwan: rename data files
This is to ensure that git can be cloned onto a windows drive without failing.

Signed-off-by: Simon Hailes <btsimonh@googlemail.com>
2016-10-26 15:16:51 +02:00
Simon Hailes
a2361eebfd usbmode: rename data files
This is to ensure that git can be cloned onto a windows drive without failing.

Signed-off-by: Simon Hailes <btsimonh@googlemail.com>
2016-10-26 15:16:51 +02:00
Alberto Bursi
9275964e1d px5g-standalone: move to Encryption submenu and fix Title
moved px5g-standalone to Encryption submenu of Utilities.
Fixed title by removing the first "standalone" word from title.
The name is now consistent with other px5g packages, it is also shorter and will be shown in make menuconfig.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 14:06:52 +02:00
Alberto Bursi
7fa89d7f3c px5g: move to Encryption submenu
moved px5g to Encryption submenu of Utilities, in an effort to tidy up a bit the Utilities section of make menuconfig.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 14:06:48 +02:00
André Valentin
ebd7e565c7 package/uboot-envtools: Add support for ZyXEL NBG6817
Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
André Valentin
783875f18b package/basefiles: add mkfs.ext4 and losetup binaries to ramfs list
mkfs.ext4 und losetup are needed for sysupgrade support on mmc devices
with automatic rootfs split (loopback device usage).

Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
Daniel Engberg
91b518512d strace: Update to 4.14
Update to version 4.14

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
85fbffd74b qmi: add metric, defaultroute and peerdns options for qmi protocol
Adds generic network options for qmi protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

IPv6-related code taken from Bruno's patch https://patchwork.ozlabs.org/patch/584816.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
Signed-off-by: Bruno Randolf <br1@einfach.org>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
35129469ca mbim: add metric, defaultroute and peerdns options for mbim protocol
Adds generic network options for mbim protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
72eb2b8e22 comgt: add metric, defaultroute and peerdns options for directip protocol
Adds generic network options for directip protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
c560d25d19 comgt: add metric, defaultroute and peerdns options for ncm protocol
Adds generic network options for ncm protocol dynamic interfaces
as suggested by Felix in
http://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Yutang Jiang
e7dc511e64 uboot-zynq: fix compile error for be short of dtc
While enable zynq uboot:
CONFIG_PACKAGE_uboot-zynq-zc702
CONFIG_PACKAGE_uboot-zynq-zed
CONFIG_PACKAGE_uboot-zynq-zybo

make will arise dtc error:
./scripts/dtc-version.sh: line 17: dtc: command not found
./scripts/dtc-version.sh: line 18: dtc: command not found
*** Your dtc is too old, please upgrade to dtc 1.4 or newer
make[4]: *** [checkdtc] Error 1

Pass the kernel dtc to uboot for compile.

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-10-26 12:37:46 +02:00
Alberto Bursi
d140648622 grub2: move to Boot Loaders category
because boot loaders are in Boot Loaders, not in Utilities -> Boot Loaders

Also moved brub2-editenv in Utilities -> Boot Loaders

Part of a wider housekeeping effort on the packages repository.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 12:37:45 +02:00
Alberto Bursi
f9ed2bc92f fconfig: move to Boot Loaders submenu of Utilities
Boot Loaders submenu of Utilities is the most logical place to find fconfig and other bootloader tools.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 12:37:45 +02:00
Alberto Bursi
762928a13e rbcfg: move to Boot Loaders submenu of Utilities
Boot Loaders submenu of Utilities is the most logical place to find rbcfg and other bootloader tools.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 12:37:45 +02:00
Paul Wassi
da1b33fc4d package/system/mtd: fix usage message
Minor fix in the usage message on the explanation of the -p option.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-10-26 12:37:45 +02:00
John Crispin
7b9ac39afa ugps: update to latest git HEAD
* fixes a few error that uClibc users were seeing
* add switch to disable time adjustment

Signed-off-by: John Crispin <john@phrozen.org>
2016-10-26 12:37:40 +02:00
Jo-Philipp Wich
81b256ee00 uhttpd: fix handling of special "/" prefix when matching handlers
The special prefix of "/" should match any url by definition but the final
assertion which ensures that the matched prefix ends in '\0' or '/' is causing
matches against the "/" prefix to fail.

Update to current HEAD in order to fix this particular case.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-25 16:38:50 +02:00
Imre Kaloz
3764caa934 mvebu: add support for the Linksys WRT3200ACM (Rango)
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-10-24 08:45:06 +02:00
Imre Kaloz
5da412bf80 mwlwifi: upgrade to 10.3.2.0-20161013
Also install the 88W8964 firmware.

Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
2016-10-24 08:45:06 +02:00
Rafał Miłecki
2187f57db6 base-files: add ucidef_set_led_usbport for full usbport support
This helper allows using usbport trigger directly. It requires usbport
compatible syntax and supports specifying multiple USB ports, e.g.:
ucidef_set_led_usbport "usb" "USB" "devicename:colour:function" "usb1-port1" "usb2-port1"

This adds a proper object to the board.json, e.g.
"usb": {
	"name": "USB",
	"type": "usbport",
	"sysfs": "devicename:colour:function",
	"ports": [
		"usb1-port1",
		"usb2-port1"
	]
}
and supports translating it into uci section.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-22 11:16:01 +02:00
Hannu Nyman
66d604d4a8 busybox: adjust download mirror
* Adjust download locations:
  - use https as busybox.net permanently redirects http to https
  - gentoo mirror has neither 1.25.0 nor 1.25.1 available, so drop it
    in favor of buildroot.net that has 1.25.1

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-10-21 15:49:01 +03:00
Felix Fietkau
70af3bfd57 libreadline: set ABI_VERSION to force rebuild of dependent packages
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-19 20:26:54 +02:00
Felix Fietkau
0c3de24d92 procd: update to the latest version, fixes a few minor service handling issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-19 15:33:41 +02:00
Rafał Miłecki
d0b50c2770 kernel: drop usbdev LED trigger
It was LEDE's trigger that was replaced by upstream usbport one.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-19 12:09:45 +02:00
Rafał Miłecki
0658527e1e switch to the new usbport LED trigger
This makes init.d script handle existing UCI entries using the new
trigger. It also switches all targets to use its package.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-19 12:09:45 +02:00
Ben Greear
1ffb7e47be Latest ath10k CT 988X firmware (beta-18).
*  Backport much of the 10.2 firmware features from upstream QCA driver.
     This includes ANI support, adaptive CCA, tx-hang workarounds,
     and lots of other things.
     Not all of this may be enabled at this point, and more code waits to
     be backported as time and motivation allows.

  *  Fix some rate-control issues where ath10k in station mode (at least), would
     sometimes get stuck at low rates.  This appeared to be a probe related
     state machine issue in the firmware, so I added some timeout logic to kick
     the state machine if it gets stuck.  This signicantly improves throughput
     tests with many stations.

  *  Support configuring WMI WD timeout using SET_SPECIAL API.

  *  Properly configure the rx-mask on bootup to work around problem found
     by Mr. Kazior.  This should remove the need to add the driver hack he
     posted.

  *  Allow configuring pdev failed-retry threshold.  This is how many consecutive
     tx failures the firmware will allow before resetting the wifi chip (not a full
     firmware crash).

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-10-19 11:13:15 +02:00
Ben Greear
536420647a ath10k-ct: Update to latest 4.7 CT ath10k driver.
Adds Sebastian's 160Mhz support (un-tested), remove DMA32 change that
broke some x86 systems, allow setting 10.1 CT firmware keepalive watchdog
timeout, support QCA 9887 hardware, and some other tweaks.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-10-19 11:13:11 +02:00
Rafał Miłecki
81fd64df81 kernel: add package for usbport LED trigger
This is upstream alternative for LEDE's ledtrig-usbdev. It's main
advantages are:
1) Support for assigning more than 1 USB port to the LED
2) Setting proper state when activating with device already connected
3) FWIW it's an upstream driver

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-18 14:27:14 +02:00
Pierre Lebleu
6bb11d52f3 procd: Allow initscripts to start one daemon instance at a time
Signed-off-by: Pierre Lebleu <pierre.lebleu@technicolor.com>
2016-10-18 08:53:38 +02:00
Alberto Bursi
5c96200dab xfsprogs: install path consistent with fs tools
changed install path from /sbin to /usr/sbin to be consistent with other filesystem tools
ext2-3-4 and f2fs tools are in /usr/sbin, for example

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-18 08:51:46 +02:00
Felix Fietkau
b7b223be41 mac80211: backport some upstream a-msdu tx fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-17 12:18:25 +02:00
Felix Fietkau
be7f2abb60 iperf: used an updated renamed tarball instead of main upstream URL
iperf upstream added some bugfixes to the already released 2.0.9 version
without changing the filename. This conflicts with old mirrored files
and the hash that we previously used.
To avoid conflict, use a renamed tarball from mirror2.openwrt.org
containing the new upstream changes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-17 11:16:31 +02:00
Felix Fietkau
5f9598a432 mac80211: fix build error in ath10k with hwmon enabled
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-17 11:01:37 +02:00
Stijn Tintel
39f8e46bb4 busybox: add upstream patch to fix send_to_from
This fixes ntpd when queries are sent to secondary IPv4 IP addresses.
See https://bugs.busybox.net/show_bug.cgi?id=9146

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-10-15 20:45:10 +03:00
Stijn Tintel
859d30d521 busybox: update to version 1.25.1
Dropped upstream patches:
000-busybox-1.25.0-gzip.patch
000-busybox-1.25.0-ip.patch
000-busybox-1.25.0-ntpd.patch

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-10-15 20:45:10 +03:00
Hauke Mehrtens
7b6fca0e32 procd: update sha256sum
Commit f5c741b5e0 updated procd to a more recent version, but did not
change the hash of the tar. Update it to the one matching the file on
the download servers.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-10-15 17:56:23 +02:00
Mathias Kresin
18bb1c9391 ltq-adsl-mei: fix build error
The file to patch doesn't exists. Due to the fact that a src directory
exists, the patch was never applied.

With 28502a9 the behaviour was changed and revealed the issue.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-10-15 16:46:42 +02:00
John Crispin
f5c741b5e0 procd: update to latest git HEAD revision
Signed-off-by: John Crispin <john@phrozen.org>
2016-10-15 11:36:53 +02:00
Alexandru Ardelean
5b607bd8d8 boot/rbcfg: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:53 +02:00
Alexandru Ardelean
ba7cba95f2 kernel/wrt55agv2-spidevs: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:53 +02:00
Alexandru Ardelean
8fe09409da kernel/w1-gpio-custom: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:53 +02:00
Alexandru Ardelean
e09ff19752 kernel/trelay: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:53 +02:00
Alexandru Ardelean
9168abe8b5 kernel/spi-gpio-custom: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:53 +02:00
Alexandru Ardelean
7b3ba5a3a9 kernel/rtc-rv5c386a: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:53 +02:00
Alexandru Ardelean
ca599bb2a7 kernel/rotary-gpio-custom: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:53 +02:00
Alexandru Ardelean
28502a928c kernel/lantiq/ltq-*: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:53 +02:00
Alexandru Ardelean
f56f749d30 kernel/i2c-gpio-custom: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
a1236a30a0 kernel/gpio-button-hotplug: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
4f9c6c5235 kernel/button-hotplug: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
9f5770b81f kernel/avila-wdt: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
a24442c4f3 network/utils/maccalc: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
0af93f8f30 network/utils/rssileds: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
808a618bc4 network/utils/resolveip: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
964f8bc4e5 network/utils/owipcalc: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
d0345c6bb6 network/ipv6/map: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
3f8598feaf network/utils/iwcap: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
598722956b network/services/ead: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
8cf08b6783 network/ipv6/6rd: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
b8135a5b96 network/config/swconfig: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
8ecf7443a4 system/mtd: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
fb789c4821 libs/gettext: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
9f2ce12fff utils/spidev_test: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
ce2c6e5d24 utils/otrx: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
2b0b5824ef utils/usbreset: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
d679afa37d utils/px5g-standalone: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
8df2122cdd utils/oseama: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
4786484afd utils/nvram: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
9270ef06c6 utils/fbtest: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:51 +02:00
Alexandru Ardelean
832cd7ceb5 libs/libiconv: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:51 +02:00
Alexandru Ardelean
ab20b679f6 libs/libnl-tiny: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:51 +02:00
Alexandru Ardelean
58cf9a2476 network/services/hostapd: move whole files outside of patches and drop Build/Prepare rule in favor of default one
This more of a demo for the previous commit that comes with
this one, where I added support for copying source from 'src' to
the build dir(s).

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:51 +02:00
Jan-Tarek Butt
02d5f9477b busybox: prevent globbing, word splitting
Double quote to prevent globbing and word splitting.

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>
2016-10-15 11:36:51 +02:00
Dirk Neukirchen
054f3fd57b uboot-ar71xx: make reproducible
OpenWrt uses ancient u-boot thats not reproducible.

There are multiple upstream changes that introduce
reproducible builds like:
859e92b775fd8ebcfacc591eaf621b677c95b6f7
(not used here - the CMD_DATE/TIMESTAMP functionality
seems to be disabled by config)

70d39f57146a6cb94736db39c770c3d95e07bedb
f3f431a712729a1af94d01bd1bfde17a252ff02c
2d9efa1227262249d381ed5d9d341cbdba76e62d

Instead of changing the Makefile too much
this changeset just tries to use the
changes in Makefile from current upstream git f5fd45f

*Should* fix issue reported by reproducible lede page:
https://tests.reproducible-builds.org/lede/lede.html

Compile tested only
(verified w. hexdump & md5sum)

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-10-15 11:36:51 +02:00
David Woodhouse
8a2a20e71e ltq-ptm: Support 1508-byte MTU for RFC4638
Tested with VDSL on TP-Link WD8970, I see full 1500-byte PPP data
frames, which end up being 1526 byte Ethernet frames (including
Ethernet+VLAN headers) on the wire.

Fixes: FS#210

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2016-10-15 11:36:51 +02:00
Daniel Engberg
195d2de867 package/libs/libreadline: Update to 7.0
Update libreadline to 7.0

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
9e87d6bdc8 package/libs/libconfig: Update to 1.5
Update libconfig to 1.5

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
192bf087d4 package/utils/e2fsprogs: Update to 1.43.3
Updates e2fsprogs to 1.43.3

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
6e5de6e07b package/libs/libnftnl: Update to 1.0.6
Update libnftnl to 1.0.6

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
49ee771e6b package/network/services/lldpd: Update to 0.9.5
Updates lldpd to 0.9.5

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
1d7af1a296 package/libs/libtool: Switch to xz tarball
Switch to xz tarball, there's no point pulling two different tarballs of the same source code (tools/libtool uses xz).

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
f23a44173e package/libs/nettle: Update to 3.3
Update to 3.3

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
913609a9b1 package/libs/libnl: Update to 3.2.28
Update to 3.2.28
Remove patch as its in upstream

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
Daniel Engberg
d41e54fb02 package/libs/libmnl: Update to 1.0.4
* Update to 1.0.4
* Remove patch as it's upstreamed

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
Daniel Engberg
3a136f5c56 packages/network/utils/wpan-tools: Update to 0.7
* Updates to 0.7
* Switches tarball to xz

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
Daniel Engberg
87002c0646 package/network/utils/ipset: Update to 6.29
Updates to 6.29

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
Daniel Engberg
eb16168dc7 usbutils: Switch to xz tarball, update db to 2016-07-21
Switch to xz tarball
Update USB ID-database to snapshot 2016-07-21

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
John Crispin
c66658441b mtd: fix up error messages
remove the "Error fixing up TRX header" message which is misleading.

Signed-off-by: John Crispin <john@phrozen.org>
2016-10-15 11:36:50 +02:00
Kevin Darbyshire-Bryant
c5e48abcc6 mbedtls: enable NIST curves optimisation.
luci using ustream-mbedtls is extremely slow vs ustream-polarssl.
polarssl alias mbedtls v1 is configured to use NIST prime speed
optimisation, so no longer disable the default optimisation for
mbedtls v2.

Compile & run tested: Archer C7v2

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
[Jo-Philipp Wich: refresh patch to use common format]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-13 20:25:42 +02:00
Dirk Neukirchen
f14b3705de gettext-full: update to 0.19.8.1
- unify configs of host/target
- disable stuff to decrease build time
- disable interactive gettextize: see
http://lists.busybox.net/pipermail/buildroot/2014-April/093394.html

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-10-13 20:25:42 +02:00
Dirk Neukirchen
d42521fa07 gettext: fix whitespace
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-10-13 20:25:42 +02:00
Felix Fietkau
ad51e09fd1 mac80211: update to wireless-testing 2016-10-08
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-13 17:06:03 +02:00
diizzyy
4379bcb1b4 package/devel/binutils: Update to 2.27
Updates binutils to 2.27

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-13 17:05:28 +02:00
Hans Dedecker
1341b88732 odhcpd: Upstep to git HEAD version
Adds per-host leasetime support
Various bugfixes :
	-Prioritize ifname resolving via ubus
	-Free interface if ifindex cannot be resolved
	-...

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [update mirror sha256]
2016-10-13 17:05:21 +02:00
daniel
4104613fae kernel: ext4: Add missing kmod-crypto-crc32c dependency
This fixes the following error when mounting a ext4 filesystem
----
[  166.240000] EXT4-fs (sda1): Cannot load crc32c driver.
----

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
2016-10-13 17:04:28 +02:00
Felix Fietkau
8869dd47ca ubus: update to the latest version, adds a race fix for wait_for
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-12 20:02:28 +02:00
Felix Fietkau
db47363ff7 uqmi: re-enable autoconnect which was dropped without explanation
Fixes a regression in commit 8f24ee6382:
"uqmi: Add proper IPv6 support"

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-12 11:58:59 +02:00
Felix Fietkau
3b9b963e6e uqmi: always use DHCP for IPv4
Commit 8f24ee6382 ("uqmi: Add proper IPv6 support") changed the code
to fetch the IPv4 address via QMI by default instead of using DHCP to
make it consistent with the IPv6 codepath.
This breaks on at least some Sierra Wireless cards, where data exchanges
fail to work until the host has fetched a DHCP lease.
Leave v6 as it is, but always use DHCP for v4.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-12 11:58:57 +02:00
Mathias Kresin
e6b2880276 netfilter: remove nf_tproxy_core references
nf_tproxy_core was removed during 3.12 development with kernel commit
fd158d79d33d3c8b693e3e2d8c0e3068d529c2dc. The code was moved
to xt_TPROXY.c.

Fixes FS#212

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-10-11 09:03:12 +02:00
Felix Fietkau
175b59c59b uhttpd: update to the latest version, adds a small json handler fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-08 13:50:54 +02:00
Álvaro Fernández Rojas
757228b137 mac80211: update rtl8xxxu patches
Adds the latest patches from Jes Sorensen for rtl8xxxu, which improve
rtl8732bu, rtl8192eu and rtl8188eu support.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-10-08 09:41:26 +02:00
Daniel Engberg
9edfe7dd13 source: Switch to xz for packages and tools where possible
* Change git packages to xz
* Update mirror checksums in packages where they are used
* Change a few source tarballs to xz if available upstream
* Remove unused lines in packages we're touching, requested by jow- and blogic
* We're relying more on xz-utils so add official mirror as primary source, master site as secondary.
* Add SHA256 checksums to multiple git tarball packages

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-06 12:16:56 +02:00
Hans Dedecker
34528c4807 dslite: Quote resolveip hostname argument
Quote resolveip hostname argument to avoid bad shell injections.
While at it fix pattern match logic in case multiple IPv6 addresses
are returned for a hostname as they're seperated by newline by
resolveip and not a white space

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-10-06 12:16:12 +02:00
Ben Whitten
6b31c4cb38 package: Add U-Boot for at91
Adds u-boot for the at91 platform and a couple of boards.
The build honours COPTS to benefit from fortify source et al.

Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
2016-10-06 12:15:13 +02:00
Jo-Philipp Wich
eb75b6ac1f uhttpd: rename certificate defaults section
Now that the uhttpd init script can generate certificates using openssl as
well, update the section name and related comment to be more generic.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-06 11:29:24 +02:00
Felix Fietkau
73c87a3cad hostapd: make -mesh and -p2p variants depend on the cfg80211 symbol
Avoids build failures when the nl80211 driver is disabled

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-05 23:02:13 +02:00
Koen Vandeputte
0f27096100 base-files: also generate configs when current is empty (FS#193)
Before a configuration is generated, an empty file is created to store
it in. (required by UCI)

If something happens during config generation
(power cut, interruption, ..) an empty file exists and it is never
regenerated again, causing some daemons to fail starting
(NTPD, logread, ..)

Fix this by also generating new configs if a critical file
is empty.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2016-10-05 19:59:11 +02:00
Jo-Philipp Wich
4855fa35e3 kernel: fix kmod-sound-hda-core on Linux 3.18
The kmod-sound-hda-core module attempts to package snd-hda-core.ko which
does not exist in Linux 3.18, therfore only use it for kernels >= 4.1

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-05 01:38:13 +02:00
Hannu Nyman
3c4858eeb2 uhttpd: support using OpenSSL for certificate generation
Support the usage of the OpenSSL command-line tool for generating
the SSL certificate for uhttpd. Traditionally 'px5g' based on
PolarSSL (or mbedTLS in LEDE), has been used for the creation.

uhttpd init script is enhanced by adding detection of an installed
openssl command-line binary (provided by 'openssl-util' package),
and if found, the tool is used for certificate generation.

Note: After this patch the script prefers to use the OpenSSL tool
if both it and px5g are installed.

This enables creating a truly OpenSSL-only version of LuCI
without dependency to PolarSSL/mbedTLS based px5g.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-10-05 00:48:19 +02:00
Jo-Philipp Wich
8462ec3134 kernel: add missing snd-hda-intel module for Linux 3.18 and 4.1
Prior to kernel 4.4, the hda-intel module depends on the hda-controller
utility submodule so bundle it for the older kernel versions.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-05 00:45:12 +02:00
Felix Fietkau
46f2ca9a8f kernel: move kmod-owl-loader to the right .mk file
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-04 16:01:42 +02:00
Felix Fietkau
4a5bab78a2 kernel: fix sound-hda-core dependency
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-04 16:01:42 +02:00
Hans Dedecker
a79f3d11b3 gre: Support fqdn as remote tunnel endpoint
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-10-04 11:50:51 +02:00
Kevin Darbyshire-Bryant
4ef1144958 iproute2: tc cake qdisc add nat, docsis & ptm modes
Add cake nat de-masquerading mode: nat, nonat.
Also docsis & ptm overhead related keywords: nat, nonat,
ptm, docsis-downstream-ip, docsis-downstream, docsis-upstream-ip
& docsis-upstream.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-10-04 11:50:48 +02:00
Kevin Darbyshire-Bryant
de8e032385 kmod-sched-cake: update to 161002 version
Implement IPv4 de-masquerading. *
Implement PTM (VDSL2) overhead 65/64 compensation. *
Update diffserv4 priorities.

*Requires corresponding update to iproute2/tc for user/kernel space
handling.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-10-04 11:50:48 +02:00
Christian Lamparter
5a8a986dd5 base-files: remove non-working filter option for wifi detect
This patch removes the non-working wifi driver filter for
the wifi detection script.

I figured that rather than replacing ${2:-$DRIVERS} with
${1:-$DRIVERS}, it would be better to remove it. Nobody
needed it in the previous years.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-10-04 11:50:48 +02:00
Daniel Dickinson
d0f17fe682 linux/modules/fs: Fix missing vfat dependencies
vfat filesystem fails to mount due to missing codepages with
factory-formatted flash drives.  Depend on cp437 iso8559-1 and
utf8 nls modules as this covers most factory-formatted vfat
filesystems.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2016-10-04 11:50:48 +02:00
diizzyy
1fff7f2dbc package/devel/trace-cmd: Update to 2.6
Update to 2.6

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-04 11:50:48 +02:00
Daniel Dickinson
8a542b8516 kernel/sound: Add support for PCI HD Audio devices
This patch set adds support for PCI Intel HD Audio
sound devices.  This is useful for multimedia packages
in the packages feed that one may use to create audio
servers.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2016-10-04 11:50:47 +02:00
John Crispin
a51a11931b mountd: update to latest git HEAD
adds a cmake fix

Signed-off-by: John Crispin <john@phrozen.org>
2016-10-04 11:50:46 +02:00
Hauke Mehrtens
b8d802fe9f valgrind: improve mips support
We have to remove the FPU check, it will run in an endless loop on LEDE
when compile without FPU emulation support.
The second patch fixes this problem: valgrind: mmap(0x400000, 303104)
failed in UME with error 22 (Invalid argument).

valgrind still does not support mips16, build LEDE without mips16 support.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-10-03 17:18:33 +02:00
Hauke Mehrtens
90a4f2ec6d valgrind: remove 110-add_a_out_h.patch
This patch is not needed any more, valgrind is not using a.out.h any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-10-03 16:22:28 +02:00
Matthias Schiffer
cea09329e5
netfilter: fix file conflicts between kmod-ipt- and kmod-nft- packages
The nf_reject_* and nf_nat_masquerade_* modules are moved into the
corresponding kmod-nf- packages. Appropriate dependencies are added to the
kmod-nft- packages.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-30 23:32:05 +02:00
Matthias Schiffer
c50ba61caf
kernel: fix module dependency checking
Since the kernel makefile is using .ONESHELL, we need to add -e to
.SHELLFLAGS so errors are not ignored.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-30 23:32:04 +02:00
Felix Fietkau
fc88eb3fdf ath9k: remove patch causing stability issues with powersave devices (FS#176)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-30 10:50:20 +02:00
Kevin Darbyshire-Bryant
34c2726ca7 iproute2: fix no fortify build failure
Fix rt_names build failure when FORTIFY_SOURCE disabled.
Include limits.h which otherwise gets automatically included
by fortify headers.

Solves FS #194

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-30 10:15:28 +02:00
Álvaro Fernández Rojas
c3d3111831 brcmfmac43430-firmware: remove package and switch to linux-firmware
Now that the firmware for BCM43430 has been submitted to linux-firmware use it
and remove RPiDistro package.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-29 21:24:45 +02:00
Felix Fietkau
31e0f0aec0 kernel: do not enable the unpackaged rfkill-gpio driver
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-29 18:25:49 +02:00
John Crispin
72e9d19f6e mac80211: fix rfkill dependency
Signed-off-by: John Crispin <john@phrozen.org>
2016-09-29 11:39:41 +02:00
Álvaro Fernández Rojas
c795794eef mac80211: use upstream patches for rtl8xxxu
Also improves rtl8188eu support.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-29 10:32:41 +02:00
John Crispin
97c38e7f22 procd: update to latest git HEAD
this adds 2 new inittab handlers
* askconsolelate
* respawnlate

Signed-off-by: John Crispin <john@phrozen.org>
2016-09-28 12:07:47 +02:00
Felix Fietkau
76af0eff3f netifd: update to the latest version, adds various fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-28 09:56:32 +02:00
Stijn Segers
fb586939cc ath10k-firmware: move to firmware section in buildroot
This patch moves the ath10k firmware packages to the firmware submenu
in the buildroot, where it belongs.

Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
2016-09-28 08:39:01 +02:00
Martin Blumenstingl
3fbd235fb5 ath10k-firmware: update the qca988x firmware to 10.2.4.70.54
Use firmware version 10.2.4.70.54 from kvalo's git repository. The old
version (even though it's version number is greater) is an old version
from September 2015.
Using only the firmware versions from kvalo's git repo is recommended,
because those are tested by QCA's internal QCA.

The QCA988X directory received a small reorganization as a "hw2.0"
subdirectory was added - this patch also takes care of that as
board.bin was moved to that subdirectory.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-09-28 08:39:01 +02:00
Florian Fainelli
493b0f3f57 toolchain: Force installation into /lib
For 64-bit capable systems, a symbolic link is set up for /lib64 to point to
/lib, so make sure the installation goes into /lib, irrespective of where the C
library files come from in an external toolchain.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-09-28 08:39:00 +02:00
John Crispin
986ec56507 rfkill: add fake rfkill support
allow building of modules depending on RFKILL even if RFKILL is not enabled.

Signed-off-by: John Crispin <john@phrozen.org>
2016-09-27 20:27:26 +02:00
Matthias Schiffer
376944c0ab
perf: fix build with musl on PowerPC
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-28 06:26:35 +02:00
Matthias Schiffer
82aa061251
kernel: remove echainiv.ko from kmod-crypto-iv
There is a separate package kmod-crypto-echainiv for echainiv.ko. Selecting
both packages led to a conflict, so remove the file from kmod-crypto-iv.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-28 02:39:18 +02:00
Rafał Miłecki
a0ce6982d8 mac80211: backport brcmfmac changes from 2016-09-27
This fixes bug that could cause WARNING on every add_key/del_key call.
It also replaces WARNING with a simple message. They may still occur
e.g. on station going out of range and A-MPDU stall in the firmware.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-09-27 18:23:53 +02:00
Magnus Kroken
b1f39d3d7e openssl: update to 1.0.2j
A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0
but was omitted from OpenSSL 1.0.2i. As a result any attempt to use
CRLs in OpenSSL 1.0.2i will crash with a null pointer exception.

Patches applied upstream:
* 301-fix_no_nextprotoneg_build.patch
* 302-Fix_typo_introduced_by_a03f81f4.patch

Security advisory: https://www.openssl.org/news/secadv/20160926.txt

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-09-27 17:50:22 +02:00
diizzyy
0d4f02dfd6 linux-firmware: Add mirrors
Adds Google's mirrors as primary source and kernel.org as fallback.
Discussed in #lede-dev on Freenode

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-09-27 17:50:22 +02:00
Rosen Penev
c0b15b3072 openssl: Make DTLS configurable.
Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-09-27 17:50:22 +02:00
Rosen Penev
aaa067ab0b openssl: Remove J-PAKE. Nothing uses it.
Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-09-27 17:50:22 +02:00
Kevin Darbyshire-Bryant
78ae7d8efd busybox: v1.25.0 upstream patches
Include upstream patches for gzip, ip & ntpd.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-27 17:50:22 +02:00
Daniel Engberg
edbc8fec8a libjson-c: Update to 0.12.1
Updates libjson-c and removes backport patch.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-09-27 17:50:21 +02:00
diizzyy
509708889c libunwind: use url alias
Use alias instead of hardcoded URL

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-09-27 17:50:21 +02:00
Jo-Philipp Wich
875cddd94c iwinfo: fix WPA cipher reporting
Within the Lua binding, use the same logic as the command line interface for
reporting the used WPA ciphers. Instead of printing the intersection of
pairwise and group ciphers, report both group and pairwise ciphers.

This fixes a case where a connection which uses CCMP for pairwise and TKIP
as groupwise cipher is getting reported as using the NONE cipher.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-27 16:23:48 +02:00
Jo-Philipp Wich
8badcba229 iproute: properly support high routing table IDs
The Linux kernel uses two distinct fields to denote the routing table ID in
use by network routes; the 8 bit `rtm_table` member of `struct rtmsg` and the
32 bit `RTA_TABLE` netlink attribute.

If a routing table ID is larger than 255, the `RT_TABLE` attribute must be used
and the `rtm_table` field has to be set to the special `RT_TABLE_UNSPEC` value.

This commit adds a patch which...
 - switches the *_n2a() and *_a2n() functions of rt_names.c to use dynamically
   sized, name-sorted arrays instead of fixed arrays limited to 1024 slots in
   order to support IDs up to 65535
 - adds proper handling of high table IDs to iprule.c and iproute.c when
   adding, removing and dumping ip rules and network routes

After this change, the Busybox ip applet fully supports IP rules with high ID
numbers, using the same logic as the full iproute2.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-27 16:23:06 +02:00
Jo-Philipp Wich
864b2d113a 6in4: fix invalid local variable declaration (FS#188)
Remove an invalid local variable declaration in the tunnel update subshell
invocation. Local declarations outside of function scopes are illegal since
the Busybox update to version 1.25.0 .

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-27 16:23:06 +02:00
Rafał Miłecki
45b73af7f6 mac80211: backport brcmfmac changes from 2016-09-26
All these patches are in wireless-drirvers-next. There is support for
hidden SSID, few new devices and many fixes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-09-27 07:00:53 +02:00
Matthias Schiffer
26b4216f95
base-files: make default_prerm work offline
IPKG_INSTROOT must be respected for offline removal (used for per-device
rootfs).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-26 17:57:57 +02:00
Matthias Schiffer
6c1542787d
base-files: fix check for empty password warning
Now that we know that the password is in /etc/shadow and not in
/etc/passwd, we can properly fix the logic for the empty password check.
Only 'root::' is an empty password, 'root' and 'root:!:' allow no
password login at all.

This fixes the empty password warning still showing after the root password
has been locked using 'passwd -l root' (e.g. to allow public-key auth
only).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-26 17:57:56 +02:00
Matthias Schiffer
77f54eae45
config: enable shadow passwords unconditionally
Configurations without shadow passwords have been broken since the removal
of telnet: as the default entry in /etc/passwd is not empty (but rather
unset), there will be no way to log onto such a system by default. As
disabling shadow passwords is not useful anyways, remove this configuration
option.

The config symbol is kept (for a while), as packages from feeds depend on
it.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-26 17:57:56 +02:00
Felix Fietkau
da4e81960d mac80211: fix crash in mac80211_hwsim
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-26 16:19:58 +02:00
Jonas Gorski
c4823622d8 uboot-mvebu: reset the 88E1512 PHY to make the wan port work
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-09-26 13:03:18 +02:00
Jonas Gorski
d8075b15d0 uboot-mvebu: make hidden and be m for clearfog to fix IB failing to add it
Uboot-mvebu isn't a real package, which will break the image builder
when it tries to install it during the packing step. Instead of cleafog
selecting it through its default packages, make it default to m if the
clearfog profile is selected.

This will ensure it is always build, but never added to the rootfs. This
fixes creating images for clearfog with IB.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-09-26 12:48:18 +02:00
Jonas Gorski
bc1f006b4e uboot-mvebu: also install into KDIR to ensure it packaged in IB
The clearfog image requires u-boot, so package it into KDIR to make sure
it is available in imageBuilder.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-09-26 12:47:36 +02:00
Matthias Schiffer
b3dd642584
fstools: mark as nonshared and add missing PKG_CONFIG_DEPENDS
The fstools build depends on the CONFIG_NAND_SUPPORT flag, which is
target-specific.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-25 23:26:25 +02:00
Matthias Schiffer
663145e419
image: fix CONFIG_CLEAN_IPKG with CONFIG_TARGET_PER_DEVICE_ROOTFS
Running prepare_rootfs on TARGET_DIR deletes the opkg state when
CONFIG_CLEAN_IPKG is enabled, making the per-device rootfs package install
fail.

To avoid this, create a copy of the TARGET_DIR before prepare_rootfs is run
and use this as basis for per-device rootfs generation.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-25 09:30:55 +02:00
Matthias Schiffer
ce89535bce
kernel: remove duplicate br-netfilter file and Kconfig symbol from kmod-ebtables
br_netfilter.ko and the corresponding Kconfig symbol are already provided
by kmod-br-netfilter, which is a dependency of kmod-ebtables.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-24 23:37:54 +02:00
Hauke Mehrtens
ea288126db openssl: backport build fix when hardware support is used
This fix added to the openssl 1.0.2 branch.
In addition add the header for the existing backport.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-24 19:53:00 +02:00
Jo-Philipp Wich
1c09849f6c treewide: remove bad local shell variable declarations
Local variable declarations outside of functions are illegal since the Busybox
update to v1.25.0, therfore remove them from the appropriate places.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-24 14:38:20 +02:00
Hauke Mehrtens
df9efc9497 curl: update to version 7.50.3
This fixes the following security problems:
7.50.1:
 CVE-2016-5419 TLS session resumption client cert bypass
 CVE-2016-5420 Re-using connections with wrong client cert
 CVE-2016-5421 use of connection struct after free
7.50.2:
 CVE-2016-7141 Incorrect reuse of client certificates
7.50.3:
 CVE-2016-7167 curl escape and unescape integer overflows

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-24 13:48:05 +02:00
Magnus Kroken
6926325829 openssl: update to 1.0.2i
Drop 302-fix_no_cmac_build.patch, it has been applied upstream.

Security fixes:
* (Severity: High) OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
* (Severity: Moderate) SSL_peek() hang on empty record (CVE-2016-6305)
* 10 Low severity issues

Security advisory: https://www.openssl.org/news/secadv/20160922.txt
Changelog: https://www.openssl.org/news/cl102.txt

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-24 13:28:59 +02:00
Jo-Philipp Wich
4f272dd032 linux-firmware: update to current Git head
Update the linux-firmware package in order to force the buildbots to fetch the
proper mirrored version.

Currently each builder has its own copy of the linux-firmware checkout staged
in its own dl/, since the package was updated before the mirrored copy has
been uploaded. The builders then subsequently uploaded their own copy instead,
leading to md5sum mismatches since each clone produces different tarballs.

By bumping the package to a new version and uploading the mirrored archive
with the proper md5sum beforehand, the builders will fetch that instead and
not upload their own copies.

To properly solve that problem in the future we need to ensure that packed
checkouts become reproducable.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-23 12:11:06 +02:00
Felix Fietkau
175237e7df kernel: fix broken dependency of kmod-owl-loader on kmod-ath9k
It messes up the build order of package/kernel/linux vs
package/kernel/mac80211

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-22 20:09:20 +02:00
Jo-Philipp Wich
a84d51c85d linux-firmware: update md5sum
Since the md5sum of the mirrored Git clone archive has been set in the Makefile
before that particular archive was uploaded to the source mirror, the buildbots
uploaded their own, different copy instead invalidating the mirror md5sum for
anyone else.

In order to fix the mismatch, update the md5sum to reflect the archive being
present on the download server.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-22 10:47:57 +02:00
Hauke Mehrtens
7b472f7c21 busybox: fix md5sum
The md5sum was not updated in commit 06fa1c46fc "busybox: update
to version 1.25.0"

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-20 22:56:47 +02:00
Hauke Mehrtens
e59bbb6fe2 ltq-vdsl-app: update to version 4.17.18.6
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2016-09-20 22:43:43 +02:00
Hauke Mehrtens
7ecbc27951 ltq-vdsl: update to version 4.17.18.6
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2016-09-20 22:43:43 +02:00
Hauke Mehrtens
3a4db8548f ltq-vdsl-mei: update mei driver to version 1.5.17.6
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2016-09-20 22:43:43 +02:00
Hauke Mehrtens
909ed82b10 dsl-vrx200-firmware-xdsl: update to more recent versions
The Annex A firmware will be updated to:
05.08.01.08.01.06_05.08.00.0B.01.01_osc

The Annex B firmware will be updated to:
05.07.09.09.00.06_05.07.04.04.00.02_osc

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2016-09-20 22:43:43 +02:00
Hauke Mehrtens
06fa1c46fc busybox: update to version 1.25.0
The following patches were removed:
010-networking-fix-uninitialized-memory-when-displaying-.patch
  https://git.busybox.net/busybox/commit/?id=f2c043acfcf9dad9fd3d65821b81f89986bbe54e

030-ip-fix-problem-on-mips64-n64-big-endian-musl-systems.patch
  https://git.busybox.net/busybox/commit/?id=4ab372d49a6e82b0bf097dedb96d26330c5f2d5f

204-udhcpc_src_ip_rebind.patch
  https://git.busybox.net/busybox/commit/?id=abe8f7515aded80889d78c2c1c8947997918cf90

230-ntpd_delayed_resolve.patch
  https://git.busybox.net/busybox/commit/?id=c8641962e4cbde48108ddfc1c105e3320778190d
  https://git.busybox.net/busybox/commit/?id=e4caf1dd9ce8569371a0eeb77ccf02a572dc0f11

260-arping_missing_includes.patch
  Not needed any more, still builds with musl for me.
  Add in 92fd6e6f1a "busybox: fix arping applet building on musl"

The Kconfig files were updated with these commands:
cd config
../convert_menuconfig.pl .../build_dir/target-*/busybox-1.25.0
cd ..
./convert_defaults.pl < .../build_dir/target-*/busybox-1.25.0/.config > Config-defaults.in

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-20 22:37:02 +02:00
Florian Fainelli
ef64c8694b base-files: Allow subtargets to define base-files.mk
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-09-19 19:42:10 +02:00
Christian Lamparter
e9401a2335 kernel: owl-loader for delayed Atheros ath9k fixup
Some devices (like the Cisco Meraki Z1 Cloud Managed Teleworker Gateway)
need to be able to initialize the PCIe wifi device. Normally, this is done
during the early stages of booting linux, because the necessary init code
is read from the memory mapped SPI and passed to pci_enable_ath9k_fixup.
However,this isn't possible for devices which have the init code for the
Atheros chip stored on NAND in an UBI volume. Hence, this module can be
used to initialze the chip when the user-space is ready to extract the
init code.

Martin Blumenstingl made a few fixes and added support for lantiq:
kernel: owl-loader: add support for OWL emulation PCI devices
kernel: owl-loader: don't re-scan the bus when ath9k_pci_fixup failed
kernel: owl-loader: use dev_* instead of pr_* logging functions
kernel: owl-loader: auto-generate the eeprom filename as fallback
kernel: owl-loader: add a debug message when swapping the eeprom data
kernel: owl-loader: add missing newlines in log messages
kernel: owl-loader: add support for the lantiq platform

These patches have been integrated. Thanks!

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2016-09-19 19:32:35 +02:00
John Crispin
edf5b2955e cyassl: remove duplicate submenu level
Signed-off-by: John Crispin <john@phrozen.org>
2016-09-19 16:07:58 +02:00
Andreas Schultz
b9e3e38e79 cyassl: make CyaSSL/WolfSSL more configurable
The default configuration might not be suitable for
every use case. Add options to enable/disable additional
options.

Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2016-09-19 15:30:32 +02:00