Commit graph

37416 commits

Author SHA1 Message Date
Jo-Philipp Wich
920170a27f firewall: fix forwarding local subnet traffic
Packets which are merely forwarded by the router and which are neither
involved in any DNAT/SNAT nor originate locally, are considered INVALID
from a conntrack point of view, causing them to get dropped in the
zone_*_dest_ACCEPT chains, since those only allow stream with state NEW
or UNTRACKED.

Remove the ctstate restriction on dest accept chains to properly pass-
through unrelated 3rd party traffic.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-13 18:31:36 +01:00
Paul Wassi
9641ceea0c mvebu: simplify etc/board.d/02_network
Unify switch configuration on Linksys WRTxx00AC series.
LAN = eth0, WAN = eth1

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
[Álvaro]: also change WAN LEDs
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2017-01-13 17:12:40 +01:00
Imre Kaloz
f24ffb901e mvsw61xx: add support for MV88E6352
MV88E6352 is used on Linksys WRT3200ACM

Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
2017-01-13 17:12:40 +01:00
Álvaro Fernández Rojas
89ecfa7556 mvebu: several fixes for Linksys WRT3200ACM
- Fix WLAN LEDs definition.
- Fix USB pinctrl definition.
- Remove SDHCI definition.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2017-01-13 17:12:40 +01:00
Felix Fietkau
8935689a8e mxs: gzip ext4 images
Significantly reduces disk usage

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 16:59:28 +01:00
Felix Fietkau
515d012e6d arc770: gzip rootfs image to save some space
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 16:59:28 +01:00
Felix Fietkau
113dd45092 archs38: gzip rootfs image to save some space
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 16:59:28 +01:00
Felix Fietkau
8af5e5751d image.mk: add generic function for gzipping images if enabled
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 16:59:28 +01:00
Felix Fietkau
6f57e32f95 mvebu: remove the clearfog-bundle
It is obsoleted by proper SD card image support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 16:59:28 +01:00
Felix Fietkau
87b668765e image: when using the new image build code, gzip ext4 images by default
This reduces the amount of hacks in the makefile code.

Remove the apm821xx code to do the same - it was broken and left both
compressed and uncompressed images in $(BIN_DIR)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 16:59:28 +01:00
Kevin Darbyshire-Bryant
c914fa04a3 dnsmasq: use ubus signalling in ntp hotplug script
Use ubus process signalling instead of 'kill pidof dnsmasq' for
SIGHUP signalling to dnsmasq when ntp says time is valid.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-13 16:08:22 +01:00
Felix Fietkau
749918911d x86: disable crashlog
It could cause crashes with some forms of virtualization, and it is
unlikely to work properly with most systems.
It's safer to just disable it.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 15:15:09 +01:00
Felix Fietkau
e38fd1eced x86: disable a workaround for a buggy glibc version
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 15:13:59 +01:00
Felix Fietkau
27fbf54147 octeon: disable ext4 images
They're pretty large and squashfs images tend to be more useful anyway

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 14:54:12 +01:00
Felix Fietkau
402fea62c4 netifd: update to the latest version
This disables IGMP snooping by default, which was causing various issues
over time, like FS#95

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 14:54:12 +01:00
Ian Pozella
859693509f image.mk: use LINUX_KARCH rather than ARCH for mkits
The generated 'its' is passed to mkimage which expects linux arch
strings rather than the full arch (e.g. mips not mipsel).

It currently works in some cases where LINUX_KARCH == ARCH but
otherwise you get an unknown arch build error.

Signed-off-by: Ian Pozella <Ian.Pozella@imgtec.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 14:54:11 +01:00
Felix Fietkau
f44663c673 uqmi: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:09 +01:00
Felix Fietkau
185b06f04a umbim: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Felix Fietkau
1ca31b0931 comgt: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Felix Fietkau
bd68ddbda4 polarssl: remove package
The mbedTLS 1.3 branch has been EOL since end of 2016 and now all
remaining users have been converted.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Felix Fietkau
dcd8357365 armvirt: add kernel config change missing from 0d44f0cb
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 11:05:32 +01:00
Felix Fietkau
d6c77b9d99 ar71xx: default to external USB power on RB-912UAG
There's a GPIO that can switch between power to USB pins for the
internal MiniPCIe slot or the external USB port.
People are more likely to use the external one so enable it by default.
Existing configurations should be unaffected

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 10:53:05 +01:00
Felix Fietkau
5919cc2dc4 build: let make check warn about use of legacy PKG_MD5SUM variable in feeds
The variable rename change has been merged in OpenWrt now, so it's
possible to convert the feeds as well.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 10:23:43 +01:00
Felix Fietkau
6f9011f089 cmake: properly pass host cflags/ldflags to the build
This should hopefully fix build issues where libraries that we ship in
tools/ were accidentally picked up from other places on the system, e.g.
/usr/local

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 10:23:43 +01:00
Felix Fietkau
7969770100 cmake: support verbose build that shows compiler commands
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 10:23:43 +01:00
Felix Fietkau
d6de31310c cmake: restore parallel build support for bootstrap
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 10:23:43 +01:00
Felix Fietkau
83eef37400 x86/64: enable the fusion scsi driver
Is it used by VMware Fusion by default. This allows images to boot
without further config changes in VMware.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 10:23:42 +01:00
Felix Fietkau
2b6284f5a8 mac80211: fix broken spatial multiplexing defaults
Most mac80211 drivers leave the SMPS field in the HT capabilities
uninitialized (unfortunately defaults to static SMPS), which leads to
some devices limiting themselves to single-stream rates in some modes
(mostly mesh and IBSS).

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 10:22:22 +01:00
Ben Greear
544dee575d ath10k-fw: Update to latest CT firmware
For 988X, 9980, 9984 CT firmware.

This should allow IBSS + RSN on at least the 988X firmware,
and includes recent stability fixes for all firmware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-01-13 10:22:20 +01:00
Ben Greear
5c09d7f23d ath10k-ct: Update to latest CT 4.7 ath10k driver.
This at least makes it harder to hit some txq related
crashes on firmware restart, a potential memory leak,
and some other fixes.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-01-13 10:22:20 +01:00
Felix Fietkau
0d44f0cbbc armvirt: enable the USB feature flag
USB devices can be passed through from the host to the guest

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 09:15:09 +01:00
Felix Fietkau
627b0d3559 mountd: drop USB related dependencies
That way we can avoid making it nonshared

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 09:12:19 +01:00
Yo Abe
29097b95ba ramips: fix WLI-TX4-AG300N boot and network
Partition label "linux" prevents the root file system to be mounted at
boot time leading to a kernel panic. After changing it to "firmware",
the 2 uimage partitions "kernel", "rootfs" and squashfs "rootfs_data"
are correctly recognized.

The attached IP175C 10/100 MBit switch cannot connect to a link with
fixed 1000Mbit speed. The correct link speed is 100MBit. The switch
is detected and can be configured via mdio bus and should allow two
separable VLANs to be configured for the 4 available ports.

Signed-off-by: Yo Abe <abe.geel@gmail.com>
[picked from openwrt/PR#330]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-01-13 08:32:35 +01:00
Andrew Yong
3f31029b19 ramips: add support for VoCore2
This patch adds support for the VoCore VoCore2 and its complementary
"ultimate" dock.

Specifications:
- SoC: MediaTek MT7628AN (580MHz, ramips)
- RAM: 128MB DDR2 166MHz
- Storage: 16MB NOR SPI flash onboard + microSD slot on dock
- Wireless: Built into MT7628AN (mt76) with 1T1R firmware on VoCore2
            boards with onboard 1x chip antenna
- Ethernet: 1x100M (port0) on dock, 1x100M (port2) on PCB header
- Dock hardware:
  - USB 2.0 socket
  - MicroSD socket
  - 100Mbps Ethernet x1
  - 3.5mm headphone jack (TRRS) connected to Everest Semi ES8388 I2S
    DAC/ADC (support WIP)
  - Micro USB for power and console (UART2)

Initial installation:
- VoCore2 comes preinstalled with a fork of OpenWrt CC and AP on
  SSID "VoCore2"
- Connect to VoCore2 by Ethernet or Wi-Fi
- `ssh root@192.168.1.1` (password is "vocore")
- scp/wget/etc. LEDE sysupgrade.bin to VoCore2
- `sysupgrade -n <your image>.bin` (don't keep old config, as the
  original firmware uses Ralink SDK Wi-Fi drivers and not
  mt76+mac80211)
- after sysupgrade completes, Wi-Fi will be disabled by default so use
  Ethernet or the micro USB console to configure Wi-Fi again

Signed-off-by: Andrew Yong <me@ndoo.sg>
2017-01-13 08:32:35 +01:00
David Varga
d7fd1a0f8d ar71xx: enable serial console on Mikrotik RB411/RB433
This patch adds support for serial console on Mikrotik RB411 and RB433
series devices.

Signed-off-by: David Varga <duvi@duvinet.hu>
[picked from FS#377]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-01-13 08:32:20 +01:00
Daniel Golle
287283e6e3 ramips: rt3883: fix typo in pinctrl lna_g_func
Spotted by forum users
https://forum.openwrt.org/viewtopic.php?pid=347439#p347439

Reported-by: Tom Psyborg <pozega.tomislav@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-01-13 05:44:06 +01:00
Hans Dedecker
d1daf3f38d map: take over maintainership
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2017-01-12 12:15:17 +01:00
Hans Dedecker
0d49f9f4b4 odhcp6c: take over maintainership
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2017-01-12 12:15:01 +01:00
Hans Dedecker
5303d4bedb odhcpd: take over maintainership
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2017-01-12 12:14:46 +01:00
Hans Dedecker
ec63e3bf13 Revert "dnsmasq: change 'add_local_hostname' to use dnsmasq '--interface-name'"
This causes problem when a FQDN is configured in /etc/config/system. The
domain name will appear twice in reverse DNS.

Next to that, there seems to be a bug in dnsmasq. From the manual page:

--interface-name=<name>,<interface>[/4|/6]
Return  a  DNS  record  associating  the  name  with  the primary address
on the given interface. This flag specifies an A or AAAA record for the
given name in the same way as an /etc/hosts line, except that the address
is not constant, but taken from the given interface. The interface may be
followed by "/4" or "/6" to specify  that  only  IPv4  or  IPv6 addresses
of the interface should be used. If the interface is down, not configured
or non-existent, an empty record is returned. The matching PTR record is
also created, mapping the interface address to the name. More than one name
may be associated with an interface address by repeating the flag; in that
case the first instance is used for  the  reverse address-to-name mapping.

It does not just create an A/AAAA record for the primary address, it creates
one for all addresses. And what is worse, it seems to actually resolve to the
non-primary address first. This is quite annoying when you use floating IP
addresses (e.g. VRRP), because when the floating IP is on the other device,
SSH failes due to incorrect entry in the known hosts file.

I know that this is not a common setup, but it would be nice if there was an
option to restore the previous behaviour, rather than just forcing this new
feature on everybody.

Reported-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-12 12:14:20 +01:00
Hans Dedecker
bb8e9c51ab map: delete map-t device when tearing down map interface
Delete the map-t device when tearing down the map-t interface; as such
there's no conflict when the map-t interface comes up again when trying
to add the map-t device as the map-t device was still present
(Can not add: device 'map-wan6_4' already exists!).

Only call ifdown in teardown for map-e and lw6o4 map interfaces types
in order to suppress the trace "wan6_4 (6652): Interface wan6_4_ not found"

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-12 11:41:11 +01:00
Felix Fietkau
1ad30be982 Revert the recent dependency and metadata scanning rework
This reverts the following commits:
fbe522d120
278ad007ee
863888e44f
96daf6352f
cfd83555fc

This seems to trigger some mconf bugs when built with all feeds
packages, so I will try to find a less intrusive solution before the
release.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 19:48:09 +01:00
Felix Fietkau
fbe522d120 comgt: allow build without USB_SUPPORT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:40 +01:00
Felix Fietkau
278ad007ee umbim: allow build without USB_SUPPORT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:40 +01:00
Felix Fietkau
863888e44f uqmi: allow build without USB_SUPPORT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:40 +01:00
Felix Fietkau
96daf6352f mountd: allow build without USB_SUPPORT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:40 +01:00
Felix Fietkau
cfd83555fc scripts/package-metadata.pl: fix overriding conditional dependencies with conditional select
Conditional dependencies use the '(!cond) || dep' syntax, whereas
conditional select uses 'dep if cond'.
Add an extra check to suppress emitting a conditional if an equal
conditional select already exists.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:39 +01:00
Felix Fietkau
90f0ca0ddc arc770: build dtb files in Image/Prepare so that they are available for Device/*
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 16:35:03 +01:00
Felix Fietkau
b9713ad630 archs38: build dtb files in Image/Prepare so that they are available for Device/*
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 16:35:03 +01:00
Rafał Miłecki
4ce3c41696 bcm53xx: backport upstream bcm53xx spi driver changes
One replaces our local patch and another is just for keeping driver in
sync (license change).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-01-11 15:33:47 +01:00