Commit graph

13965 commits

Author SHA1 Message Date
Yangbo Lu
5741835ed4 layerscape: fix PKG_BUILD_DIR for packages
PKG_BUILD_DIR was defined with quoting PKG_VERSION in
layerscape package makefiles. Now PKG_VERSION has been
removed from these makefiles. When PKG_BUILD_DIR quotes
PKG_VERSION, '=' should be used instead ':=' to make
sure PKG_VERSION has been defined in common makefile.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
2017-12-26 23:30:59 +01:00
Philip Prindeville
60c4f9ce56 kernel: add i2c-smbus module package
Intel motherboards (as well as the Cavium ThunderX SoC) use a
superset of the I2C protocol called SMBus.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-12-26 20:13:43 +01:00
Hans Dedecker
67c1c145f0 nghttp2: bump to 1.29.0
439b9b6c (tag: v1.29.0) Update manual pages
48498452 Bump up version number to v1.29.0, LT revision to 29:1:15
d30f3816 Update manual pages
4d1139f6 Remove SPDY
48f57407 nghttpx: Update doc
c1f14d73 Update manual pages
216f4dad nghttpx: Remove redundant check
a4e27d76 Revert "nghttpx: Use an existing h2 backend connection as much as possible"
2365f12e Fix CMAKE_MODULE_PATH
03f7ec0f nghttpx: Write API request body in temporary file
2056e812 nghttpx: Increase api-max-request-body
1ebb6810 nghttpx: Faster configuration loading with lots of backends
a3ebeeaf nghttpx: Fix crash with --backend-http-proxy-uri option
422ad1be Use NGHTTP2_REFUSED_STREAM for streams which are closed by GOAWAY
97f1735c Bump up version number to 1.29.0

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-12-24 17:06:16 +01:00
John Crispin
5bbd493e66 usbmode: update to latest git HEAD
f40f84c support PantechMode
d8dc335 support Quanta and Blackberry modes
333e486 fix support for Option modems

Signed-off-by: John Crispin <john@phrozen.org>
2017-12-24 09:03:01 +01:00
Kevin Darbyshire-Bryant
edf5ae2026 wireguard: bump to 20171221
7e945a8 version: bump snapshot
f2168aa compat: kernels < 3.13 modified genl_ops
52004fd crypto: compile on UML
6b69b65 wg-quick: dumber matching for default routes
aa35d9d wg-quick: add the "Table" config option
037c389 keygen-html: remove prebuilt file

No patch refresh required.

Compile-test-for: ar71xx
Run-tested-on: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-23 22:08:12 +01:00
Hans Dedecker
0fca474e70 uci: update to latest git HEAD (FS#1182)
25fd142 list: remove unncessary increment of n_section (FS#1182)
021fd65 file: remove unnecessary uci_fixup_section calls

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-12-22 18:30:59 +01:00
Hans Dedecker
d3ba3963c1 odhcpd: update to latest git HEAD
7aa2594 odhcpd: Replace strerror(errno) with %m format
750e457 Support muliple RAs on single interface

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-12-22 18:30:33 +01:00
Hauke Mehrtens
dda2229c52 layerscape: fix package download
The git hash was changed for multiple layerscape packages without
changing the version number. The LEDE build system will not download the
packages again if the old version is already there and so some people
and the build bots are using wrong version of some packages. Use
PKG_SOURCE_DATE instead of PKG_VERSION to generate packages with the
date and the first charterers of the git hash. This will change the file
name and make the build system download them again, also if in future
the git hash is changed the file name will change and trigger a new
download.

This should fix a problem spotted by build bot.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-21 10:02:16 +01:00
Mathias Kresin
224d4a96dd ramips: drop LinkIt Smart 7688 Duo userspace support
The  LinkIt Smart 7688/LinkIt Smart 7688 Duo are identical beside the
extra ATmega32U4 - accessible via UART - on the the Duo.

Since all relevant hardware is identical, drop the Duo special handling
in userspace.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-12-21 01:05:16 +01:00
Hauke Mehrtens
8e03eea875 uboot-layerscape-armv8_32b: fix package download
In commit 2b1ec44dbd ("layerscape: add ls1012afrdm device support")
The git revision and the mirror hash for this package was updated to a
version which includes ls1012afrdm-uboot.bin, but the file name at
dl/uboot-layerscape-armv8_32b-2017.09.tar.xz staid the same. This way
most user did not download the new version but used the old file.
Convert this package to the normal git clone parameters by using
PKG_SOURCE_DATE instated of PKG_VERSION, now the file name in dl also
contains the git hash and should change every time the git hash is
updated.

This should fix a problem spotted by build bot.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-20 21:54:18 +01:00
Hauke Mehrtens
b80b0e14c9 kernel: kmod-crypto-hw-talitos: fix dependencies
With the updated to kernel 4.9.70 in commit f704b643b9 ("kernel:
Update kernel 4.9 to 4.9.70"), the talitos.ko kernel module got a
new dependency to kmod-crypto-des in this upstream commit:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=552f74cbd6ec806ab5ce45336a26cae1e015dbe2

This fixes a build problem found by built bot.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-20 20:57:13 +01:00
Jake Staehle
e80ab48777 libiconv-full: fix compile-time linking error GCC7
LEDE Flyspray Task 1091:
Fix libiconv-full 'undefined reference' compile linker error using GCC7 Musl
Tested with targets x86 (i386 and x86_64)
Addition of CFLAGS "std=gnu89" fixes the linker issues, credit to harrylwc
Issue found with 'minidlna' package, which depends on 'libiconv-full'
Error in compile log:
../lib/.libs/libiconv.so: undefined reference to `aliases_lookup'
../lib/.libs/libiconv.so: undefined reference to `aliases2_lookup'
collect2: error: ld returned 1 exit status
Makefile:64: recipe for target 'iconv_no_i18n' failed

Signed-off-by: Jake Staehle <jacob@staehle.us>
2017-12-19 22:23:42 +01:00
Felix Fietkau
a428d9229e mt76: update to the latest version, reverts MAC address changes causing performance regressions
cf4a5ce mt76: fix memcpy to potential null pointer on failed allocation
ca5ca8c mt76x2: fix possible NULL pointer dereferencing in mt76x2_ampdu_action()
2d4b8f5 mt76x2: mac: fix possible NULL pointer dereferencing in mt76x2_mac_write_txwi()
4ca8bba mt76x2: eeprom: fix typo in mt76x2_get_power_info_5g()
00f7e60 mt7603: fix configuration for HT40
31e9bdb mt7603: main: fix possible NULL pointer dereferencing in mt7603_ampdu_action()
bf90dd2 mt7603: mcu: fix potential NULL pointer dereferencing on failed allocation
860b185 Revert "mt76x2: init: disable APCLI by default"
bcd576e Revert "mt76x2: drop wiphy->addresses"
bdc6f2f Revert "mt76x2: clean up MAC/BSSID address initialization"
d242650 Revert "mt76x2: remove MAC address limitation for multi-vif setups"
68b0cf1 mt76x2: add functions for setting extended MAC address registers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-12-17 12:44:18 +01:00
Mathias Kresin
4a4d957d1a lantiq: sync image filename with boardname
Use <manufacturer>_<modelname> as image name.

Use the BOARD_NAME variable to ensure that the former used boardname is
still used as the subdirectory name for the sysupgrade-tar image, to
not break sysupgrade from earlier versions.

While at it, normalise the image filenames by using only lower case
characters and bin as file extension for sysupgrade images.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-12-16 23:33:56 +01:00
Mathias Kresin
63d7f7fc92 lantiq: use the compatible string as board name
Use the first compatible string as board name in userspace. Add the new
board name as well as the former used board name to the image metadata
to keep compatibilty with already deployed installations.

Don't add the former used boardname for boards which exists only in
master or evaluation boards.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-12-16 23:33:56 +01:00
Hauke Mehrtens
712e1b36f4 kernel: add missing dependencies to kmod-crypto-acompress
kmod-lib-lzo and kmod-lib-lz4 depend in kernel 4.14 on
kmod-crypto-acompress, add this missing dependency.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:15:14 +01:00
Hauke Mehrtens
e387d9b0ca kernel: kmod-rtc-ds1307: add dependency to regmap
In kernel 4.14 kmod-rtc-ds1307 depends on regmap-i2c, add this missing
dependency.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:15:08 +01:00
Hauke Mehrtens
b0b9ec8e54 kernel: kmod-iio-bmp280: allow compile with kernel 4.14
This package also compiles with kernel 4.14.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:15:02 +01:00
Hauke Mehrtens
36f83dbc41 kernel: kmod-zram: deactivate CONFIG_ZRAM_WRITEBACK for kernel 4.14
This new option was introduced in kernel 4.14 and should be deactivated
by default.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:14:54 +01:00
Hauke Mehrtens
436fe56485 xtables-addons: fix compile with kernel 4.14
This fixes a compile problems seen with kernel 4.14.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:14:49 +01:00
Hauke Mehrtens
9572bae5b8 kernel: kmod-fbcon: deactivate for kernel 4.14
CONFIG_FRAMEBUFFER_CONSOLE does not activate new modules any more in
kernel 4.14, but CONFIG_FRAMEBUFFER_CONSOLE is now a boolean option
which change the kmod-fb package. kmod-fbcon should be split up.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:14:35 +01:00
Hauke Mehrtens
228da879fc kernel: kmod-sound-core: handle moved snd-seq-device.ko
The snd-seq-device.ko kernel module was moved with kernel 4.13.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:14:25 +01:00
Hauke Mehrtens
5c9cc1e73b kernel: kmod-mmc: handle moved mmc_block.ko
mmc_block.ko was moved with kernel 4.10.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:14:20 +01:00
Hauke Mehrtens
ac27f3867a kernel: kmod-rxrpc: handle renamed kernel module
The kernel module was renamed with kernel 4.11, handle that in the
package definition.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:14:12 +01:00
Hauke Mehrtens
b0d7fcdc49 kernel: deactivate some new network features
This deactivates the following options which were introduced between
kernel 4.9 and 4.14 in some kernel packages:
CONFIG_INET_ESP_OFFLOAD
CONFIG_INET6_ESP_OFFLOAD
CONFIG_LWTUNNEL_BPF
CONFIG_NET_9P_XEN

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:14:02 +01:00
Hauke Mehrtens
876191d428 kernel: unset CONFIG_CIFS_SMB311 in kmod-fs-cifs
Do not activate the experimental feature CONFIG_CIFS_SMB311.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:13:56 +01:00
Hauke Mehrtens
199273324e kernel: add kmod-crypto-ecdh
In kernel 4.14 kmod-bluetooth depends on kmod-crypto-ecdh, add
kmod-crypto-ecdh to LEDE.
Both packages also depend on the kmod-crypto-kpp package. To build this
we have to fix the dependency of CRYPTO_ECDH which has a typo.
This patch is already accepted upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:13:04 +01:00
Hauke Mehrtens
f1e839dd33 kernel: add kmod-crypto-rsa
In kernel 4.14 kmod-crypto-hw-ccp depends on kmod-crypto-rsa, add it.
kmod-crypto-rsa also packages the ASN1 parser and some other code which
is currently only used by this module.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:12:46 +01:00
Hauke Mehrtens
1ea5f86437 kernel: add kmod-crypto-acompress
In kernel 4.14 kmod-crypto-deflate depends on kmod-crypto-acompress.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:12:40 +01:00
Hauke Mehrtens
00b5df832f kernel: add kmod-lib-zstd
In kernel 4.14 kmod-fs-btrfs depends on the zstd compression libraries,
add it to the package system.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:12:32 +01:00
Hauke Mehrtens
38be62b97e kernel: add kmod-dax
In kernel 4.14 kmod-dm depends on kmod-dax.
Add DAX: "Direct access to differentiated memory" to LEDE.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:12:24 +01:00
Hauke Mehrtens
efd1854050 kernel: tg3: deactivate hwmon for kernel 4.14
In kernel 4.14 hwmon support can be deactivated for the tg3 driver,
deactivate it by default to save some space.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:11:58 +01:00
Hauke Mehrtens
c0160f01ae xtables-addons: update to version 2.14
This includes a compile fix needed for kernel 4.14.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:10:21 +01:00
Lucian Cristian
342d748eaf netdevices.mk: add Sun Neptune 10Gbit Ethernet
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2017-12-16 14:41:37 +01:00
Jo-Philipp Wich
ea5d9f5f72 kernel: tune e1000e module parameters
The default e1000e parameters (interrupt throttling rate, MSI/MSI-X
mode) are optimized for desktop and server computers to optimize
user-space execution (i.e. what's typically referred to as "useful"
work).  This assumption breaks on a router under load where most of
the "useful" work actually takes place either in hardware interrupt
handlers (IRQ) or at software IRQ (swirq) modes, so we try to reflect
that by overriding these parameters with more appropriate values.

Patch-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-12-16 14:41:37 +01:00
Kevin Darbyshire-Bryant
a9940ca2d7 iproute2: cake: support new operating modes
There has been recent significant activity with the cake qdisc of late
Some of that effort is related to upstreaming to kernel & iproute2
mainline but we're not quite there yet.  This commit teaches tc how to
activate and interprete the latest cake operating modes, namely:

ingress mode: Instead of only counting packets that make it past the
shaper, include packets we've decided to drop as well, since they did
arrive with us on the link and took link capacity.
This mode is more suitable for shaping the ingress of a link
(e.g. from ISP) rather than the more normal egress.

ack-filter/ack-filter-aggressive: Filter excessive TCP ACKS.  Useful in
highly assymetric links (downstream v upstream capacity) where the
majority of upstream link capacity is occupied with ACKS for downstream
traffic.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-15 23:54:51 +01:00
Kevin Darbyshire-Bryant
0589979f7b kmod-sched-cake: bump to latest bake of cake
There has been recent significant activity with the cake qdisc of late
but in the cobalt branch.  Some of that effort is related to upstreaming
to kernel & iproute2 mainline but we're not quite there yet.  Relevant
feature changes:

ingress mode: Instead of only counting packets that make it past the
shaper, include packets we've decided to drop as well, since they did
arrive with us on the link and took link capacity.
This mode is more suitable for shaping the ingress of a link
(e.g. from ISP) rather than the more normal egress.

ptm mode: Minor optimisation in packet overhead calculation.

dual-src/dsthost/triple-isolate: Optimise only calculating src or dst
host hashes only if required.

ack-filter/ack-filter-aggressive: Filter excessive TCP ACKS.  Useful in
highly assymetric links (downstream v upstream capacity) where the
majority of upstream link capacity is occupied with ACKS for downstream
traffic.

A separate iproute2 patch to teach it about Cake's new features will
follow.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-15 23:54:05 +01:00
Hans Dedecker
7f029c3924 netifd: update to latest git HEAD
4268193 interface-ip: harden eui64 IPv6 prefix address generation
81ff6d1 interface-ip: fix race condition in IPv6 prefix address generation
d3a5df0 handler: replace is_error() helper with NULL check

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-12-15 17:44:50 +01:00
Hans Dedecker
5d6f2a2764 uhttpd: fix PKG_CONFIG_DEPENDS (FS#1189)
Remove PACKAGE_uhttpd_debug config as this is an unused leftover
Add CONFIG_uhttpd_lua to PKG_CONFIG_DEPENDS

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-12-15 17:44:42 +01:00
Rafał Miłecki
d2e96d55ab opkg: fix PKG_CONFIG_DEPENDS to include version.mk entries
Including version.mk sets PKG_CONFIG_DEPENDS to config entries used for
VERSION_SED command. We should keep these configs to make sure package
gets refreshed when needed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-12-14 09:39:40 +01:00
Lucian Cristian
1044723ec9 busybox: enable find -newer needed for shorewall firewall, no size increase on binary
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2017-12-14 09:29:30 +01:00
Luiz Angelo Daros de Luca
3e98674bcf base-files: fix sysupgrade -b/-l when -c is used
Since /overlay/upper appeared, -b ignored -c silently (cause it was
still checking for /overlay/etc). Now, if /overlay/upper is absent,
sysupgrade -c will fail and exit verbosely.

Fix -l to consider -c (it never did).

Clean up to always use /overlay/upper/xxx instead of still checking
for /overlay/xxx.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2017-12-14 09:29:30 +01:00
Rosen Penev
06f8b4ddbd e2fsprogs: Update to 1.43.7
Compiled and tested on ramips with no noticeable problems.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-12-14 09:29:30 +01:00
Christian Lamparter
da6fdce365 base-files: unify get_dt_led helper function
Lantiq and IPQ806X (which includes IPQ40XX) both define the
same custom function {ipq806x|lantiq}_get_dt_led.

This patch moves the function into the base-file package at
lib/functions/leds.sh to make it more accessible for other
targets as well.

Cc: Mathias Kresin <dev@kresin.me>
Cc: John Crispin <john@phrozen.org>
Cc: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2017-12-14 09:29:30 +01:00
Jonas Gorski
ef1f6092e0 base-files: make including distfeeds.conf optional
To not clutter the system when building an opkg free image, generate the
distfeeds.conf only if CLEAN_IPKG is unset.

Since opkg is now a shared package, we can't rely on PACKAGE_opkg, but
since opkg is not reasonably usable without the status information, we
can tie the distfeeds.conf to it.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-13 14:59:07 +01:00
Jonas Gorski
5538b4df7f base-files: create /etc/opkg before generating distfeeds.conf
Ensure /etc/opkg exists before trying to write there. This fixes a build
failure if SIGNED_PACKAGES is disabled.

Reported-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-13 14:46:37 +01:00
Jonas Gorski
1cfbd50ff4 package: move distfeeds.conf from opkg to base-files
All the relevant options used for distfeeds.conf are part of base-files,
so it makes more sense to move the file there as well.

This has the added benefit that the we can share the opkg package again,
reducing the amount of target specific packages.

Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-13 13:38:19 +01:00
Kevin Darbyshire-Bryant
30e18c8d64 wireguard: bump to 20171211
Bump to latest WireGuard snapshot release:

44f8e4d version: bump snapshot
bbe2f94 chacha20poly1305: wire up avx512vl for skylake-x
679e53a chacha20: avx512vl implementation
10b1232 poly1305: fix avx512f alignment bug
5fce163 chacha20poly1305: cleaner generic code
63a0031 blake2s-x86_64: fix spacing
d2e13a8 global: add SPDX tags to all files
d94f3dc chacha20-arm: fix with clang -fno-integrated-as.
3004f6b poly1305: update x86-64 kernel to AVX512F only
d452d86 tools: no need to put this on the stack
0ff098f tools: remove undocumented unused syntax
b1aa43c contrib: keygen-html for generating keys in the browser
e35e45a kernel-tree: jury rig is the more common spelling
210845c netlink: rename symbol to avoid clashes
fcf568e device: clear last handshake timer on ifdown
d698467 compat: fix 3.10 backport
5342867 device: do not clear keys during sleep on Android
88624d4 curve25519: explictly depend on AS_AVX
c45ed55 compat: support RAP in assembly
7f29cf9 curve25519: modularize dispatch

Refresh patches.

Compile-test-for: ar71xx
Run-tested-on: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-12 22:24:26 +01:00
Martin Schiller
65d62b5f4f dropbear: disable MD5 HMAC and switch to sha1 fingerprints
As MD5 is known weak for many years and more and more
penetration test tools complain about enabled MD5 HMAC
I think it's time to drop it.

By disabling the MD5 HMAC support dropbear  will also
automatically use SHA1 for fingerprints.
This shouldn't be a problem too.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2017-12-12 22:24:17 +01:00
Jo-Philipp Wich
902961c148 wolfssl: update to 3.12.2 (1 CVE)
Update wolfssl to the latest release v3.12.2 and backport an upstream
pending fix for CVE-2017-13099 ("ROBOT vulnerability").

Ref: https://github.com/wolfSSL/wolfssl/pull/1229
Ref: https://robotattack.org/

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-12-12 17:39:52 +01:00