Commit graph

12698 commits

Author SHA1 Message Date
Nickolay Ledovskikh
13ab314b0b comgt: add support of using device symlinks.
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:35 +01:00
Yousong Zhou
cf62a17710 hostapd: remove never-used Package/<name>/Description
The build system only accepts Package/<name>/description and since the
typoed version virtually has the same content as the TITLE field, remove
them altogether

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2016-12-20 09:35:35 +01:00
John Crispin
ef94b9d08e mdns: bump to latest git HEAD
be8ae8d cmake: Search for libjson-c
1fa9077 Fix IPv6 read
846369c Revert "mdnsd: interface: enable looped back messages"

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 09:35:35 +01:00
John Crispin
f145a64fb6 mountd: update to latest git HEAD
dd5799c mountd: Add static qualifier to missing variable declarations.
bc4a6dd mountd: Fix fgets check.
3dd115b cmake: Really look for uci.h

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 09:35:35 +01:00
Felix Fietkau
dea6baf8fa usbutils: fix download filename
The name needs to include the revision, otherwise it is not
automatically re-downloaded on updates.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-19 18:34:25 +01:00
Felix Fietkau
a032940bfb Revert "ath9k: Add airtime fairness scheduler"
Accidentally pushed to the wrong branch

This reverts commit 47bc081e76.
2016-12-19 14:08:02 +01:00
Toke Høiland-Jørgensen
47bc081e76 ath9k: Add airtime fairness scheduler
This adds a patch that introduces airtime fairness scheduling to ath9k,
which can significantly improve network efficiency in mixed-rate
environments.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-19 13:59:32 +01:00
Christian Lamparter
b3a871dd3d mac80211: backport "cfg80211: limit scan results cache size"
The patch commit states:
"It's possible to make scanning consume almost arbitrary amounts
of memory, e.g. by sending beacon frames with random BSSIDs at
high rates while somebody is scanning.

Limit the number of BSS table entries we're willing to cache to
1000, limiting maximum memory usage to maybe 4-5MB, but lower
in practice - that would be the case for having both full-sized
beacon and probe response frames for each entry; this seems not
possible in practice, so a limit of 1000 entries will likely be
closer to 0.5 MB."

Signed-off-by: Johannes Berg <johannes.berg@intel.com>"

This patch was added in 4.4.36. But because LEDE backports
cfg80211, mac80211 and the wifi drivers separately, it needs
to be added manually for now. It can be dropped later as it
will be part of the next mac80211 refresh.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2016-12-19 13:51:21 +01:00
Felix Fietkau
00bc7f0357 mac80211: merge a number of minstrel/minstrel_ht performance and memory usage improvements
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-19 13:51:21 +01:00
Hans Dedecker
6f77b8d510 odhcpd: Bump to git HEAD version (various fixes)
e055530 Don't print non bound assignments in the state file
3af23ad config: Fix RA interface config being overwritten
41b5268 dhcpv6-ia : Fix static DHCPv6 assignments becoming non static
be6c515 dhcpv6-ia: Fix assignment of static DHCPv6 leases
374dc3f cmake: Find libubox/uloop.h
01c919c odhcpd: Display infinite valid lifetime as -1
2016-12-17 22:23:49 +01:00
Felix Fietkau
180e93ba8b build: add CHECK_ALL variable to allow make download/check to include not selected packages
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-17 10:36:52 +01:00
Felix Fietkau
7a315b0b5d build: implement make check and make package/X/check
This is intended to be used for a wide array of package sanity checks.

The first check that is implemented is for the hash of downloaded files.
It checks:
  - Missing hash
  - Use of SHA256 instead of MD5
  - dl/<file> hash not matching hash in makefile
  - deprecated MD5SUM variable

The deprecated MD5SUM variable check is skipped for feeds/ until OpenWrt
is updated as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-17 10:36:25 +01:00
Felix Fietkau
720b99215d treewide: clean up download hashes
Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 22:39:22 +01:00
Ben Greear
4921760a45 ath10k-ct: Update to latest CT ath10k driver.
This works around deadlock and/or memory corruption during
firmware crash and improves ability to configure number of
tids in firmware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-12-16 22:37:59 +01:00
Hans Dedecker
7d760284a7 odhcp6c: Pass parameters to user dhcpv6 script
Pass all the parameters like device, dhcpv6 state to user script

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-16 18:49:56 +01:00
Florian Fainelli
44ac4adb34 map: Have cmake find libubus.h
Update CMakeList.txt to look for libubus.h since we depend on it.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-16 18:46:27 +01:00
Felix Fietkau
f3b866f93a ath10k-firmware: fix typo
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 15:08:57 +01:00
Felix Fietkau
3a1e3b4e0d package/kernel/linux: only access kernel config if DUMP is unset
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 14:44:08 +01:00
Felix Fietkau
7747fac375 ath10k-firmware: untangle CT firmware filenames, fix conflicts
CT firmware files use the same filename with a different URL for
different chips. Since all files end up in dl/, filenames need to be
unique as well.
Add a chip prefix to the output filename to fix this issue.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 14:42:12 +01:00
John Crispin
93227e4d3f dnsmasq: fix service reload
The SIGHUP also got sent to the reload script making it bail out
with an error

Revert "dnsmasq: reload config if host name is modified"
This reverts commit 854459a2f9.

Reported-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
2016-12-16 10:40:10 +01:00
Felix Fietkau
fb237477fd mt76: update to the latest version, fixes a build error on some platforms
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-15 13:02:31 +01:00
Hauke Mehrtens
fb74550bdf odhcpd: update sha256sum
The sha256sum was not updated in the last commit.

Fixes: a7c231027 [odhcpd: Fix dnsmasq re-reading hostfile]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-14 21:43:58 +01:00
Jo-Philipp Wich
e0b8b24cfb base-files: fix CONFIG_VERSION_DIST default
Fix the default value of CONFIG_VERSION_DIST to use uppercase "LEDE".

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 19:55:20 +01:00
Jo-Philipp Wich
a4232cd4bf build: use SNAPSHOT instead of CURRENT to designate untagged branch builds
Calling a build ##.##-CURRENT might mislead users into thinking that this
build is the most current release of a branch.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 18:43:49 +01:00
Jo-Philipp Wich
3494ca66c5 linux: do not autoload sdhci.ko as sdhci-pltfm.ko already depends on it
Currently, installing kmod-sdhci fails with "sdhci is already loaded" since
"sdhci.ko" is inserted explicitely first, the implicitely loaded again when
"sdhci-pltfm.ko" is inserted as the latter depends on the former.

Remove the explicit autoprobe of "sdhci.ko" to fix the postinstall script.

Acked-by: John Crispin <john@phrozen.org>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 18:41:21 +01:00
Felix Fietkau
970dd4dd58 kernel: netfilter: split out iptable_raw into a separate package
This will avoid loading it in the default configuration, which reduces
image size a bit, and (more importantly) improves performance by
avoiding some unnecessary netfilter hooks

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:14 +01:00
Felix Fietkau
e82c8d6e20 swconfig: replace the shared library with a static one
Reduces binary size

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:13 +01:00
Felix Fietkau
e175a4d4f1 ppp: use --gc-sections to save a tiny bit of space
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:13 +01:00
p-wassi
4297f4f901 libs/libpcap: update to 1.8.1
Update libpcap to upstream release 1.8.1
Change the name from libpcap.so.1.3 to libpcap.so.1
Remove parts of patch 201 which moved code among src files.
Import patch 204 from Debian to update the USB path.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix parallel build bug]
2016-12-14 12:13:13 +01:00
Felix Fietkau
28f6951600 ath10k: fix a soft-lockup on firmware restart
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:13 +01:00
Felix Fietkau
7dcccacb98 ath10k: fix a bug on sending null-func frames
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:04:52 +01:00
Alberto Bursi
70011393a9 ath10k-firmware: removed broken submenu
this package references an undefined variable for its submenu.
Remove this NOP variable assignment.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-12-14 11:05:54 +01:00
Alberto Bursi
1e15d92de1 kernel: add a missing submenu
this kernel module currently does not set submenu.
Fix this by adding it to the "Others" submenu

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-12-14 11:05:41 +01:00
Matti Laakso
5bd3b9dfc0 comgt-ncm: Add support for specifying profile index
Add support for specifying a call profile index instead of APN. A
specific index different from 1 must be used for some service
provider and modem combinations.

In addition, change the manufacturer detection to use the standard
AT+CGMI command, which produces more predictable output than ATI,
remove the redundant ipv6 option, since it is less ambiguous to
directly specify the PDP context type with mobile connections, and
fix missing device during teardown when using ncm through the wwan
proto.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
2016-12-14 10:37:01 +01:00
Matti Laakso
2e2748b053 uqmi: Add support for specifying profile index
Update uqmi to latest version, which brings about support for
specifying a call profile index instead of APN. A specific index
different from 1 must be used for some service provider and modem
combinations.

Also change option dhcp to dhcpv6, since IPv4 now always uses DHCP,
replace option ipv6 with pdptype, which is less ambiguous, and
make autoconnect optional and default it to off for IPv6 due to it
not working with statically configured IPv6.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
2016-12-14 10:37:01 +01:00
Dario Ernst
866b7bad00 dropbear: clean up default PATH handling in makefile
Harmonise handling of DEFAULT_PATH by removing the patch introducing #ifndef
guards around the path, and only using one means to set the path in the
makefile.

Signed-off-by: Dario Ernst <Dario.Ernst@riverbed.com>
2016-12-14 10:37:01 +01:00
Jo-Philipp Wich
b22a20af45 procd: add support for service signals
Update procd to latest HEAD in order to introduce support for services signals:

- Adds a new service.signal ubus call to send a kill() signal to one or all
  running instances of a given service

- Adds a new "reload_signal" property which allows service init scripts to
  request procd to send a specific kill() signal on reload, instead of
  stopping and restarting running processes

Also fixes some potential memory leaks reported by cppcheck and an environment
variable corruption in the trace command.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:14:08 +01:00
Jo-Philipp Wich
e2f8d200f5 netfilter: drop proprietary xt_id match
The xt_id match was used by the firewall3 package to track its own rules but
the approach has been changed to use xt_comment instead now, so we can drop
this nonstandard extension.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:05:06 +01:00
Jo-Philipp Wich
2daab45cae firewall3: drop support for automatic NOTRACK rules
Update to current HEAD in order to drop automatic generation of per-zone
NOTRACK rules.

The NOTRACK rules used to provide a little performance improvement but the
later introduction of the netfilter conntrack cache made those rules largely
unnecessary. Additionally, those rules caused various issues which broke
stateful firewalling in some scenarios.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:05:06 +01:00
Hauke Mehrtens
a6781ef4c1 kernel: kmod-hwmon-tmp102: add dependency to kmod-thermal
Depend on the kmod-thermal package when it is activated, this fixes
compile problems on some targets.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-14 00:15:33 +01:00
Hans Dedecker
a7c2310278 odhcpd: Fix dnsmasq re-reading hostfile
Depending on the dhcp uci config pidof dnsmasq can return
multiple pids. Fix re-reading of the hostfile by dnsmasq in
such case by sending SIGHUP signal to each of the returned
pids.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-13 23:32:57 +01:00
Hans Dedecker
942904f7b9 dnsmasq: Specify directory /tmp/hosts as argument for --addn-hosts
Let dnsmasq read all hosts files in /tmp/hosts directory by specifying
/tmp/hosts as argument of --addn-host

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-13 23:32:20 +01:00
Felix Fietkau
66482e179b ath10k: fix DMA allocation issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-13 12:44:57 +01:00
Felix Fietkau
57f7f91f0c mac80211: refresh all patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-13 12:34:13 +01:00
Felix Fietkau
4872c36c55 ath9k: add a RCU related bugfix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-13 12:34:12 +01:00
Kevin Darbyshire-Bryant
88f8c8d7eb iproute2: support latest cake & restore DSCP washing
Support new packet overhead passing paradigm in cake qdisc, also restore
DSCP wash/nowash keywords.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-12 16:42:06 +01:00
Kevin Darbyshire-Bryant
1f0ff783f0 kmod-sched-cake: update & restore DSCP washing
Track upstream changes, incl changes in packet overhead accounting
(automatically taking care of linux' packet sizing knowledge),
improvements to triple isolated DRR handling (new flow dominance),
statistics tweak & allow more packet drops in stressed conditions.

Under tests this has significantly improved latency control under
'many flows to one' scenarious as is typical of bittorrent and MS
Windows update.

I also restored 'DSCP washing' functionality in my repo which follows
upstream closely (like a hawk!) with tc keywords 'wash/nowash'.  This
allows cake to limit/control packets in bands determined by a packet's
DSCP but to clear those DSCP bits on qdisc egress.  This functionality
was originally removed as part of an attempt to push cake into the
kernel, which hasn't actually happened as yet.

A matching commit is required to iproute2/tc to support the new overhead
handling, keyword changes as well as the 'wash/nowash' tweak.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-12 16:42:06 +01:00
Felix Fietkau
b305b8c386 mt76: update to the latest version, fixes dfs issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:54:47 +01:00
Felix Fietkau
b9ddf3098b tcpdump: reduce size of -mini by removing more infrequently used protocols
This removes:
- BGP
- CDP
- SCTP

MIPS binary .ipk size is reduced from ~150k to ~130k

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:20 +01:00
p-wassi
a4a00d794f net/utils/tcpdump: update to 4.8.1
Update tcpdump to upstream release 4.8.1

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-12-12 10:22:19 +01:00
Felix Fietkau
64590f3c7e mbedtls: tune config to reduce size and improve performance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:19 +01:00
Felix Fietkau
732c24a0ca mbedtls: sync with polarssl config
One of those changes is re-enabling blowfish support to make
openvpn-mbedtls compatible with common configurations

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:19 +01:00
Magnus Kroken
a456dd96e7 openvpn: quote parameters to --push in openvpn config file
OpenVPN requires arguments to --push to be enclosed in double quotes.
One set of quotes is stripped when the UCI config is parsed.
Change append_params() of openvpn.init to enclose push parameters in
double quotes.

Unquoted push parameters do not cause errors in OpenVPN 2.3,
but OpenVPN 2.4 fails to start with unquoted push parameters.

Fixes: FS#290.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-12 10:22:19 +01:00
Magnus Kroken
4b8c69258e mbedtls: enable MBEDTLS_DHM_C
This option is required by OpenVPN, and OpenVPN 2.4 uses mbedTLS 2.x.
DHM_C is also already enabled in the PolarSSL 1.3.x config.h.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-12 10:22:19 +01:00
Felix Fietkau
441ee62931 ar71xx: remove AP83 reference design board support
This board is very old and unlikely to still be relevant today. Support
for it contains a significant amount of device specific baggage which is
worth getting rid of.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:18 +01:00
Piotr Dymacz
c40477519e uboot-envtools: add support for YunCore SR3200 and XD3200
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-12 09:57:40 +01:00
Christian Schoenebeck
6ae71708c9 ca-certificates: update to version 20161130
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2016-12-12 09:57:40 +01:00
Yutang Jiang
ad907e1c03 layerscape: add 64b/32b target for ls1046ardb device
Add support for NXP layerscape ls1046ardb 64b/32b Dev board.

LS1046ARDB Specification:
-------------------------
Memory subsystem:
* 8GByte DDR4 SDRAM (64bit bus)
* 512 Mbyte NAND flash
* Two 64 Mbyte high-speed SPI flash
* SD connector to interface with the SD memory card
* On-board 4G eMMC
Ethernet:
* Two XFI 10G ports
* Two SGMII ports
* Two RGMII ports
PCIe:
* PCIe1 (SerDes2 Lane0) to miniPCIe slot
* PCIe2 (SerDes2 Lane1) to x2 PCIe slot
* PCIe3 (SerDes2 Lane2) to x4 PCIe slot

* USB 3.0: one super speed USB 3.0 type A port, one Micro-AB port
* UART: supports two UARTs up to 115200 bps for console

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-12-12 09:57:40 +01:00
Yutang Jiang
76fa771a78 layerscape: fman-ucode: prefer github over git.freescale.com
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-12-12 09:57:40 +01:00
Yutang Jiang
d5fc7430ca layerscape: uboot-layerscape: prefer github over git.freescale.com
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-12-12 09:57:40 +01:00
Julian Labus
b0ac825884 base-files: Changed UCI variable name for GPIO value from 'default' to 'value'
This changes the UCI variable for the GPIO value from system.$cfg.default back
to system.$cfg.value as it was before the change from uci-defaults [1] to board.d.
/etc/init.d/gpio_switch [2] still expects the value to be in system.$cfg.value.

[1] d65916047b/package/base-files/files/lib/functions/uci-defaults.sh (L197)
[2] https://github.com/lede-project/source/blob/master/package/base-files/files/etc/init.d/gpio_switch#L17

Signed-off-by: Julian Labus <julian@labus-online.de>
2016-12-12 09:57:40 +01:00
Hauke Mehrtens
4dbdba36f8 kernel: add TI tmp102 and tmp103 temperature sensors
This just adds the kmods for these kernel modules.
This is found on some Lantiq / Intel reference boards.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-10 16:06:40 +01:00
Jo-Philipp Wich
9791fb2ac2 build: support adding version code to file names (FS#323)
Now that the VERSION_NUMBER variable holds the human friendly name and not
the commit ID anymore, we need to support adding the revision ID as well.

Introduce a new config variable CONFIG_VERSION_CODE_FILENAMES which, if set,
causes the resulting file names to contain a commit ID designation as printed
by scripts/getver.sh.

Also sanitize the input variables to ensure that the resulting strings are
lowercased and no not contain spaces.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-09 17:16:43 +01:00
Arjen de Korte
4fbd3aa278 dnsmasq: Fix splitting hostid for DHCPv6 static leases
Correct splitting the 32-bit 'hostid' value to two 16-bit hexadecimal
values. Previously, the lower 16-bit value was truncated to an 8-bit
value, which would result in hostid values 100 and 200 both to be set
to [::0:0] instead of [::0:100] and [::0:200] respectively.

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
2016-12-06 07:55:07 +01:00
Florian Eckert
854459a2f9 dnsmasq: reload config if host name is modified
If the hostname in /etc/config/system is modified the dnsmasq will not
reread the update host file under /tmp/hosts/dhcp.$cfg.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-12-04 15:56:04 +01:00
Álvaro Fernández Rojas
4257f6548b brcm2708-gpu-fw: update to latest version
Also switches hases to SHA256

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-12-04 12:32:02 +01:00
Alexandru Ardelean
8cb476c853 libs: libnetfilter-queue: update to a newer version in git repo
Last release of libnetfilter-queue was in 2012.
There don't seem to be any release tarballs since then.

This updates it to a more recent version, pointing to the git repo.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-04 11:41:53 +01:00
Pierre Lebleu
898857f77a ppp: Split the ppp-up for the IPv6 part
Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
2016-12-04 11:41:53 +01:00
Florian Fainelli
5763e438f6 kernel: add kernel package for the rs5c372a rtc module
This RTC is used on the Buffalo Terastation Pro II/Live devices.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Felix Fietkau
81b5e8e5d2 base-files: add a hint in sysupgrade that shows what to do when the image metadata check fails
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Hauke Mehrtens
abedd718aa cyassl: update to wolfssl version 3.9.10
This fixes the following security problems:
CVE-2016-7440: Software AES table lookups do not properly consider cache-bank access times
CVE-2016-7439: Software RSA does not properly consider cache-bank monitoring
CVE-2016-7438: Software ECC does not properly consider cache-bank monitoring
SWEET32 Attack

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:35:35 +01:00
Hauke Mehrtens
7e6c53dac9 valgrind: update to 3.12.0
Support for MIPS toolchains without FPU support was added upstream,
so remove our patch.

patches/310-mips-link-tool.patch was a backport form this version of valgrind
src/abort.c is not referenced anywhere

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:03:56 +01:00
Hauke Mehrtens
4e07167eff curl: update to version 7.51.0
This fixes the following security problems:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:44 +01:00
Hauke Mehrtens
99ea26883b mbedtls: update to version 2.4.0
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:20 +01:00
Hauke Mehrtens
280fdac18f polarssl: update to version 1.3.18
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:36:34 +01:00
Jo-Philipp Wich
5f3c96c285 build: adjust version number handling
Move the revision info to the VERSION_CODE variable and default VERSION_NUMBER
to CURRENT for master branch builds.

Also introduce a new menuconfig option CONFIG_VERSION_CODE which allows users
to override the revision value put into VERSION_CODE and adjust the template
files used by the base-files package to accomodate for the changed semantics.

While we're at it, also adjust the various URLs to match the current web site.

After this commit, the relevent files will look like the examples given below:

    # cat /etc/openwrt_version
    r2398+1

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='CURRENT'
    DISTRIB_REVISION='r2398+1'
    DISTRIB_CODENAME='reboot'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Reboot CURRENT r2398+1'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="CURRENT, Reboot"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Reboot CURRENT"
    VERSION_ID="current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2398+1"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Reboot CURRENT r2398+1"

On a release branch, those files would look like:

    # cat /etc/openwrt_version
    r2399

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='16.12-CURRENT'
    DISTRIB_REVISION='r2399'
    DISTRIB_CODENAME='test_release'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Test Release 16.12-CURRENT r2399'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="16.12-CURRENT, Test Release"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Test Release 16.12-CURRENT"
    VERSION_ID="16.12-current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2399"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Test Release 16.12-CURRENT r2399"

On a release tag, those files would look like:

    # cat /etc/openwrt_version
    r2500

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='17.02.1'
    DISTRIB_REVISION='r2500'
    DISTRIB_CODENAME='mighty_unicorn'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Mighty Unicorn 17.02.1 r2500'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="17.02.1, Mighty Unicorn"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Mighty Unicorn 17.02.1"
    VERSION_ID="17.02.1"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2500"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Mighty Unicorn 17.02.1 r2500"

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 16:02:02 +01:00
Felix Fietkau
1947cf36ba procd: update to the latest version, fixes killing jailed processes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 13:55:23 +01:00
Felix Fietkau
a2e197d972 libubox: update to the latest version
- Improves C++ compatibility
- Adds static initializers for the kvlist API

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 20:14:52 +01:00
Felix Fietkau
4d448cf720 xtables-addons: add CONFIG_NF_CONNTRACK_MARK=y to all kmod-* packages
Not all kmod packages depends on kmod-ipt-compat-xtables, but this
kernel config option is required for building the whole package

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 14:24:03 +01:00
Jo-Philipp Wich
4596f9b5ac e2fsprogs: avoid picking up incompatible libcom_err.so
Commit 2728512 ("e2fsprogs: List all libraries explicitly") forced the
e2fsprogs build system to link libcom_err.so in various places.

Unfortunately, the krb5 package also ships a libcom_err.so with a totally
different ABI and puts it into the global staging directory which causes
e2fsprogs to pick up this wrong library, leading to the following failure:

    	LD blkid
    ../lib/libext2fs.so: undefined reference to `_et_list'
    collect2: error: ld returned 1 exit status
    Makefile:504: recipe for target 'blkid' failed

Change the SYSLIBS specification to explicitely link libcom_err.so.0.0
which in order to work around the problem.

In the long run, the libcom_err clash between e2fsprogs and krb5 needs to
be solved properly.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-30 23:32:17 +01:00
Felix Fietkau
f2010b0929 rtc-rv5c386a: fix include path for bcm47xx_nvram.h
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-30 12:47:25 +01:00
Alberto Bursi
d52676d1ea base-files: add a wrapper for init scripts in profile
"service" is a simple wrapper that will allow to call init.d scripts

current method:     #  /etc/init.d/network reload
with the wrapper:   #  service network reload

If the wrapper is called without arguments or with a wrong init script name, it will print an error and list the content of /etc/init.d/ folder

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-29 21:12:08 +01:00
Mathias Kresin
36148d923b uboot-lantiq: Add BT Home Hub 5A support
Based on the submission to the uboot-lantiq repo by Martin Blumenstingl.

Use the ddr_settings.h from the GPL tarball. The NAND boot optimized
one (with memory tuning enabled) doesn't work for the UART boot image.

Use the same mtd layout as the stock u-boot. Add add UBI support.

Use the leds to indicate boot status like it is done with the stock
u-boot. Switch on the red power led if kernel image can't be loaded.
Otherwise switch the green led on.

Make only the ramboot u-boot available. Only this image is required for
the first installation of LEDE.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-29 21:40:16 +01:00
Martin Blumenstingl
448b9b67e1 kernel: mac80211: disable ath9k bands via device tree
These properties allow overriding the settings from the EEPROM
which indicate whether a band is enabled or not.
Setting this property is only needed when the RF circuit does not
support the 2.4GHz or 5GHz band while it is enabled nevertheless in the
EEPROM.

These patches will be replaced with a future upstream version which
will introduces an ieee80211 device tree property to disable bands.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-11-29 21:40:16 +01:00
Martin Blumenstingl
3f889418a5 kernel: mac80211: add pending ath9k EEPROM swapping patches
There are two types of swapping the EEPROM data in the ath9k driver.
Before this series one type of swapping could not be used without the
other.

The first type of swapping looks at the "magic bytes" at the start of
the EEPROM data and performs swab16 on the EEPROM contents if needed.
The second type of swapping is EEPROM format specific and swaps
specific fields within the EEPROM itself (swab16, swab32 - depends on
the EEPROM format).

With this series the second part now looks at the EEPMISC register
inside the EEPROM, which uses a bit to indicate if the EEPROM data
is Big Endian (this is also done by the FreeBSD kernel).
This has a nice advantage: currently there are some out-of-tree hacks
(in OpenWrt and LEDE) where the EEPROM has a Big Endian header on a
Big Endian system (= no swab16 is performed) but the EEPROM itself
indicates that it's data is Little Endian. Until now the out-of-tree
code simply did a swab16 before passing the data to ath9k, so ath9k
first did the swab16 - this also enabled the format specific swapping.
These out-of-tree hacks are still working with the new logic, but it
is recommended to remove them. This implementation is based on a
discussion with Arnd Bergmann who raised concerns about the
robustness and portability of the swapping logic in the original OF
support patch review, see [0].

After a second round of patches (= v1 of this series) neither Arnd
Bergmann nor I were really happy with the complexity of the EEPROM
swapping logic. Based on a discussion (see [1] and [2]) we decided
that ath9k should use a defined format (specifying the endianness
of the data - I went with __le16 and __le32) when accessing the
EEPROM fields. A benefit of this is that we enable the EEPMISC based
swapping logic by default, just like the FreeBSD driver, see [3]. On
the devices which I have tested (see below) ath9k now works without
having to specify the "endian_check" field in ath9k_platform_data (or
a similar logic which could provide this via devicetree) as ath9k now
detects the endianness automatically. Only EEPROMs which are mangled
by some out-of-tree code still need the endian_check flag (or one can
simply remove that mangling from the out-of-tree code).

[0] http://www.spinics.net/lists/linux-wireless/msg152634.html
[1] https://marc.info/?l=linux-wireless&m=147250597503174&w=2
[2] https://marc.info/?l=linux-wireless&m=147254388611344&w=2
[3] 50719b56d9/sys/dev/ath/ath_hal/ah_eeprom_9287.c (L351)

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-11-29 21:40:16 +01:00
Martin Blumenstingl
1847248fc1 kernel: mac80211: backport ath9k device tree support patches
These patches add support for configuring ath9k based devices via
devicetree. This was tested on PCI(e) based devices. This should work
for AHB based devices as well (adding more AHB specific properties may
still be needed) as soon as the ath79 platform is ready to populate the
ath9k wmac via devicetree.
This patchset was accepted upstream, more information can be found on
the linux-wireless list:
https://www.spinics.net/lists/linux-wireless/msg155474.html

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-11-29 21:40:16 +01:00
Stijn Tintel
9f109876ea kernel: have kmod-ipsec depend on kmod-crypto-echainiv
The ESP algorithms in CBC mode require echainiv, so have kmod-ipsec
depend on kmod-crypto-echainiv.

See upstream commit 32b6170ca59ccf07d0e394561e54b2cd9726038c.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-11-29 12:19:22 +01:00
Rafał Miłecki
e8fe83e1be iw: drop TX power patch that is part of upstream version now
Applying it again was resulting in duplicated TX info like:
Interface wlan0
        ifindex 6
        wdev 0x1
        addr 00:23:6a:a3:7d:00
        ssid LEDE2
        type AP
        wiphy 0
        channel 11 (2462 MHz), width: 20 MHz, center1: 2462 MHz
        txpower 31.00 dBm
        txpower 31.00 dBm

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-29 08:39:57 +01:00
Mathias Kresin
57d36e5bdd ltq-hcd: drop package
Since ffd7c15500 it isn't used anymore on
any supported target.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-27 15:34:23 +01:00
Mathias Kresin
d561b2f5ce gpio-button-hotplug: add more buttons
The keycodes are used by some boards.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-27 15:34:23 +01:00
Julian Kornberger
04a76da1ae ipset: Add InstallDev to provide libipset as library 2016-11-26 22:39:27 +01:00
Avi H. D
bbdb20f649 kernel: fix typo in input-gpio-encoder package title
Line 115, 'rotary' was misspelled as 'rotay'

Signed off by: Avinash Duduskar <strykar@hotmail.com>
2016-11-26 22:00:30 +01:00
Felix Fietkau
23a55102df kernel: remove another redundant KCONFIG entry in virt.mk
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-24 13:41:10 +01:00
Felix Fietkau
d5c3a7b1ab kernel: fix virtualization kmod dependencies and kconfig symbols
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-24 13:29:05 +01:00
Felix Fietkau
e57bed5bc3 kernel: remove kmod-vhost_net, fixes build breakage
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-24 13:26:04 +01:00
Florian Fainelli
a9dce48b22 libnl-tiny: Remove GENL_ID_GENERATE
This constant was always defined to 0, and recently got removed in
upstream commit a07ea4d9941af5a0c6f0be2a71b51ac9c083c5e5 ("genetlink: no
longer support using static family IDs")

Fixes libnl-tiny builds with latest upstream kernels.

Fixes: d723f2573a ("libnl-tiny: remove include/linux overrides to fix various build issues")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-11-24 12:53:19 +01:00
Yousong Zhou
d206dfdf35 package: add kernel packages for kvm virtualization
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2016-11-24 12:53:18 +01:00
Paul Wassi
4081333084 package/utils/fuse: update to 2.9.7
Update fuse+libfuse to upstream 2.9.7. Drop the patch for CVE-2015-3202,
which is already integrated in the newer version. Rework the other patches.
Also switch PKG_SOURCE from @SF to libfuse's github releases.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-11-24 12:53:17 +01:00
Eddi De Pieri
9720185820 uboot-envtools: make it not shared
uboot-envtools have some stuff related to the cpu.

This should fix following error on lantiq soc:

Downloading http://downloads.lede-project.org/snapshots/packages/mips_24kc/base/uboot-envtools_2015.10-1_mips_24kc.ipk.
Configuring uboot-envtools.
//usr/lib/opkg/info/uboot-envtools.postinst: .: line 10: can't open '/lib/ar71xx.sh'

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
2016-11-23 10:17:55 +01:00
Eddi De Pieri
ea12a80276 uboot-lantiq: vgv7519 fix tftp loading of big kernel/image size
On my board:
Bytes transferred = 7084442 (6c199a hex)
   Image Name:   MIPS OpenWrt Linux-3.10.49
   Created:      2014-11-11  17:40:00 UTC
   Image Type:   MIPS Linux Kernel Image (lzma compressed)
   Data Size:    7084378 Bytes = 6.8 MiB
   Load Address: 80002000
   Entry Point:  80002000
   Verifying Checksum ... OK
   Uncompressing Kernel Image ... LZMA: uncompress or overwrite error
7 - must RESET b
ROM VER: 1.0.5
CFG 01

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
2016-11-23 08:43:49 +01:00