Commit graph

13382 commits

Author SHA1 Message Date
Ansuel Smith
e783f588eb mwlwifi: update to the latest version
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-05-30 13:59:38 +02:00
Felix Fietkau
6773561748 mt76: update to the latest version, fixes a mt7603 beacon issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-30 08:52:00 +02:00
Matthias Schiffer
df5e80eb26
procd: update to latest git HEAD
e7bb2c8 upgraded: define __GNU_SOURCE

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-30 07:29:25 +02:00
Matthias Schiffer
a5428244d9
base-files: add support for staged sysupgrades from failsafe mode
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
b2adb9a7b5
base-files: sysupgrade cleanup
Some functions only used by stage2 are moved there from common.sh.

One piece that could still use more cleanup is platform_pre_upgrade: many
targets reference files from there are aren't available in the ramfs, so
we need to evaluate it before the switch; conversely, flash writes happen
in that function on some targets. Targets that do the latter should be
fixed eventually to use platform_do_upgrade for that purpose.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
218af1957e
fstools: snapshot: handle jffs2 conversion using upgraded
We can reuse the kill_remaining and run_ramfs facilities of the stage2 run
by upgraded.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
6bbb3a2b0a
fstools: clean up trailing whitespace in snapshot script
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
30f61a34b4
base-files: always use staged sysupgrade
Support for the -d and -p options is dropped; it may be added again at some
point by adding these flags to the ubus sysupgrade call.

A downside of this is that we get a lot less information about the progress
of the upgrade: as soon as the actual upgrade starts, all shell sessions
are killed to allow unmounting the root filesystem.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:32 +02:00
Matthias Schiffer
393817df5d
procd: remove procd-nand package
We always want to support staged upgrades now, so it's better to include
upgraded into the main package. /lib/upgrade/nand.sh is moved to
base-files.

The procd-nand-firstboot package is removed for now, it may return later
as a separate package.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:32 +02:00
Matthias Schiffer
8008765f1f
procd: update to latest git HEAD
992b796 rcS: add missing fcntl.h include
63789e5 init: add support for sysupgrades triggered from preinit
5b1fb35 Remove code that has become unnecessary after sysupgrade changes
5918b6d upgraded: add support for passing a "command" argument to stage2
056d8dd upgraded: link dynamically, chroot during exec
7c6cf55 system: always support staged sysupgrade
d42b21e procd/rcS: Use /dev/null as stdin
e0098d4 service/instance: add an auto start option
1247db1 procd: Log initscript output prefixed with script name
8d720b2 procd: Don't use syslog before its initialization
2555474 procd: Add missing \n in debug message

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:49:50 +02:00
Matthias Schiffer
49328cecdf
procd: prepare NAND sysupgrade for making upgraded dynamically linked
Use install_bin to copy upgraded with all dependencies. The old name
/tmp/upgraded is temporarily retained as a symlink to avoid breaking
things.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:08:32 +02:00
Matthias Schiffer
25d1a24e58
procd: clean up trailing whitespace in nand.sh
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:08:22 +02:00
Felix Fietkau
aaeb42b3e2 mt76: update to the latest version, improves mt7603/7628 stability
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-29 14:42:49 +02:00
Jo-Philipp Wich
61eb18d3f7 firewall: fix stray continue statement
The previous commit introduced a faulty continue statement which might
lead to faulty rules not getting freed or reported.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-27 16:16:15 +02:00
Hans Dedecker
1422dab66e netifd: fix 6rd regression (FS#812)
08f1875 system-linux: fix 6rd regression

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-27 13:26:39 +02:00
Jo-Philipp Wich
6e46f6edc4 firewall: extend ubus support, exception handling, parse fixes
Update to latest Git HEAD in order to import a number of fixes and other
improvements:

3d2c18a options: improve handling of negations when parsing space separated values
0e5dd73 iptables: support -i, -o, -s and -d in option extra
4cb06c7 ubus: increase ubus network interface dump timeout
e5dfc82 iptables: add exception handling
f625954 firewall3: add check_snat() function
7d3d9dc firewall3: display the section type for UBUS rules
53ef9f1 firewall3: add UBUS support for include scripts
5cd4af4 firewall3: add UBUS support for ipset sections
02d6832 firewall3: add UBUS support for forwarding sections
0a7d36d firewall3: add UBUS support for redirect sections
d44f418 firewall3: add fw3_attr_parse_name_type() function
e264c8e firewall3: replace warn_rule() by warn_section()
6039c7f firewall3: check the return value of fw3_parse_options()

Fixes FS#548, FS#806, FS#811.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-27 12:19:48 +02:00
Jo-Philipp Wich
52e36cf80a samba: bump PKG_RELEASE
The previous CVE bugfix commit did not adjust PKG_RELEASE, therefor the
fixed samba package does not appear as opkg update.

Bump the PKG_RELEASE to signify upgrades to downstream users.

Ref: https://forum.lede-project.org/t/sambacry-are-lede-devices-affected/3972/4

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-27 12:17:40 +02:00
Filip Moc
43e4e1f4a5 Move enablemodem from ramips to new package adb-enablemodem and make it used also by TL-MR6400
Signed-off-by: Filip Moc <lede@moc6.cz>
2017-05-27 07:54:40 +02:00
Julian Labus
a9206ac26c usbmode: update usb-modeswitch-data to 20170205
add support for new hardware

Signed-off-by: Julian Labus <julian@labus-online.de>
2017-05-27 07:01:39 +02:00
Julian Labus
b09ee2dc01 usbmode: update to latest version
453da8e convert-modeswitch.pl: fix message indices

Signed-off-by: Julian Labus <julian@labus-online.de>
2017-05-27 07:01:39 +02:00
Florian Fainelli
484f768dfa elfutils: Pass -Wno-unused-result to silence warnings as errors
elfutils turns on -Werror by default, and patch 100-musl-compat.patch
changes how strerror_r is used and we no longer use the function's
return value. This causes the following build error/warning to occur
with glibc-based toolchains:

dwfl_error.c: In function 'dwfl_errmsg':
dwfl_error.c:158:18: error: ignoring return value of 'strerror_r',
declared with attribute warn_unused_result [-Werror=unused-result]
       strerror_r (error & 0xffff, s, sizeof(s));
                  ^
cc1: all warnings being treated as errors

Fixing this would be tricky as there are two possible signatures for
strerror_r (XSI and GNU), just turn off unused-result warnings instead.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-05-26 15:42:03 -07:00
Nick Brassel
b32689afd6 dnsmasq: add dhcp-script hook for other packages
Adds a script which acts as a hook for when dnsmasq creates/destroys a
lease, or completes a TFTP file transfer. The hook loops through scripts
in appropriate directories inside '/etc/hotplug.d', executing each one with
the same arguments supplied by dnsmasq.

In case dnsmasq is jailed by ujail the dhcp-script hook will not work as
expected as ujail does not yet support executing a script within a jail.

Signed-off-by: Nick Brassel <nick@tzarc.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-26 21:28:30 +02:00
Jo-Philipp Wich
361c8b4ee4 Revert "sysupgrade: run only one instance at a time."
This reverts commit e96a9a9af8.

The change breaks sysupgrade through LuCI and two-stage sysupgrade on
NAND targets. There is also a mismatch of file paths in lock and unlock
operations.

This commit was apparently neither properly tested, nor reviewed, so
drop it for now.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-26 14:49:08 +02:00
Felix Fietkau
c2dc7321d7 iptables: fix typos in 600-shared-libext.patch (FS#711)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:30:36 +02:00
Giuseppe Lippolis
4ba2f4dc63 DWR-512: adding wwan support for the dwr-512 3G modem
This PR allow the 3G modem embedded in the DWR-512 to be managed
by the wwan-ncm scripts. The modem will use the usb-option and
usb-cdc-ether drivers.
The DWR-512 DT is updated accordingly.

Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
2017-05-25 19:01:08 +02:00
Felix Fietkau
3c7a99ea90 xfsprogs: update to 4.11.0
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:01:07 +02:00
Felix Fietkau
e6d4235ae5 json-c: disable implicit fallthrough warning (gcc 7)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:01:07 +02:00
Felix Fietkau
60241e52db firewall: update to the latest version, fixes a gcc7 build error
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:01:07 +02:00
Yousong Zhou
a76cbc0d7e kernel: fix autoloading arch-specific modules
Fixes FS#745

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-25 22:52:07 +08:00
Yousong Zhou
e250acab26 backlight-pwm: fix module description
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-25 22:52:06 +08:00
Kenneth Johansson
e96a9a9af8 sysupgrade: run only one instance at a time.
Things do not work well if running multiple instances of
upgrade at the same time.

Signed-off-by: Kenneth Johansson <kenneth.johansson@inteno.se>
2017-05-25 09:22:43 +02:00
Roman Spychała
855f2ae4da kernel: add kmod-usb-net-pl package
Kernel support for Prolific PL-2301/2302/25A1 based cables

Signed-off-by: Roman Spychała <roed@onet.eu>
2017-05-25 09:22:42 +02:00
Stijn Tintel
423a7a6b75 lldpd: bump to 0.9.7
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-05-24 14:56:22 +02:00
Stijn Tintel
3f0d3d12da samba: fix CVE-2017-7494
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-05-24 14:44:03 +02:00
Hans Dedecker
43cc399871 dnsmasq: bump to 2.77rc5
Some small tweaks and improvements :

9828ab1 Fix compiler warning.
f77700a Fix compiler warning.
0fbd980 Fix compiler warning.
43cdf1c Remove automatic IDN support when building i18n.
ff19b1a Fix &/&& confusion.
2aaea18 Add .gitattributes to substitute VERSION on export.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-22 23:08:06 +02:00
Hans Dedecker
c0a9a73393 6rd: add 6rd specific settings as nested json object
Add 6rd specific settings prefix, relay-prefix as a nested data json object

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-22 21:40:19 +02:00
Hans Dedecker
5f2408dbc5 netifd: update to git HEAD version
7573880 system-linux: parse 6rd specific settings as nested json data object
a063705 system-linux: remove redundant check for strtoul() return value
e6ebe0b build: disable unknown warning option error in clang
08d8f47 interface: add new "ifup-failed" hotplug event
20a1bac bridge: reset primary only after marking the member not present
6b9c267 build: suppress format truncation warnings to avoid errors with gcc7

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-22 21:40:19 +02:00
Rafał Miłecki
aaabf47ede umdns: update to the version 2017-05-22
This includes following changes:
0e8b948 Support specifying instance name in JSON file
49fdb9f Support PTR queries for a specific service
26ce7dc Allow filtering with instance name in service_reply
920c62a Store instance name in the struct service
ff09d9a Rename service_name function to the service_instance_name
64f78f1 Rename mdns_hostname variable to the umdns_host_label

Previous package update pulled commit 70c66fbbcde86 ("Fix sending
replies to PTR questions") which introduced a regression which this
update fixes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-05-22 12:04:01 +02:00
Felix Fietkau
65a3dc277f fstools: update to the latest version
88d48d5 libfstools: silence mkfs.{ext4,f2fs}
a19f2b3 build: disable the format-truncation warning error to fix gcc 7 build errors
633a8d0 libfstools: fix multiple volume_identify usages with the same volume
c43ae11 fstools: use -Wno-format-truncation instead of -Wno-error=format-truncation

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-22 11:12:36 +02:00
Yousong Zhou
5d48dc1146 libunwind: update to 1.2
Addresses CVE-2015-3239: Off-by-one error in the dwarf_to_unw_regnum
function in include/dwarf_i.h in libunwind 1.1 allows local users to
have unspecified impact via invalid dwarf opcodes.

Upstream stable-v1.2 fixed the missing unwind_i.h issue but no new
tarball is released yet

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-22 11:07:40 +08:00
Kevin Darbyshire-Bryant
6e10fc74fd dropbear: bump to 2017.75
- Security: Fix double-free in server TCP listener cleanup A double-free
in the server could be triggered by an authenticated user if dropbear is
running with -a (Allow connections to forwarded ports from any host)
This could potentially allow arbitrary code execution as root by an
authenticated user.  Affects versions 2013.56 to 2016.74. Thanks to Mark
Shepard for reporting the crash.
CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c

- Security: Fix information disclosure with ~/.ssh/authorized_keys
symlink.  Dropbear parsed authorized_keys as root, even if it were a
symlink.  The fix is to switch to user permissions when opening
authorized_keys

A user could symlink their ~/.ssh/authorized_keys to a root-owned file
they couldn't normally read. If they managed to get that file to contain
valid authorized_keys with command= options it might be possible to read
other contents of that file.
This information disclosure is to an already authenticated user.
Thanks to Jann Horn of Google Project Zero for reporting this.
CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123

Refresh patches, rework 100-pubkey_path.patch to work with new
authorized_keys validation.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-05-21 23:56:17 +02:00
Hans Ulli Kroll
ce7681d328 mac80211: add support for rtl8821ae pcie adapter
Add support for Realtek RTL8821AE/RTL8812AE PCIe adapter.
This device supports 802.11ac and bluetooth

testet on PC Engines APU with AP and STA mode

Signed-off-by: Hans Ulli Kroll <ulli.kroll@googlemail.com>
2017-05-21 23:51:21 +02:00
Hans Ulli Kroll
fd7b2559e2 linux-firmware: add firmware for rtl8821ae support
Add needed firmware to support rtl8821ae pcie adapter

Signed-off-by: Hans Ulli Kroll <ulli.kroll@googlemail.com>
2017-05-21 23:51:08 +02:00
Alexandru Ardelean
c7ee30d53a base-files: fix default procd reload
Bug introduced with 6713694.

I did not count on procd handling reload as mentioned
in this doc:
https://wiki.openwrt.org/inbox/procd-init-scripts

```
procd_set_param file /var/etc/your_service.conf # /etc/init.d/your_service reload will restart the daemon if these files have changed
procd_set_param netdev dev # likewise, except if dev's ifindex changes.
procd_set_param data name=value ... # likewise, except if this data changes.
```

The service would be restarted regardless of any of those params.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-05-20 20:43:45 +02:00
Daniel Engberg
ec987e59c4 f2fs-tools: Switch to gz tarball
At some point kernel.org decided to drop xz generated tarballs, switch to gz which they still provide.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-05-18 14:23:26 +02:00
Daniel Golle
5e5499c612 mac80211: rt2x00: remove unneccessary code
Use chanreg and dccal helpers to reduce the size of ePA code.

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: fixed white-space so patch applies]
2017-05-18 13:51:28 +02:00
Alexandru Ardelean
ce8bfa9407 lldpd: drop specific respawn params [use system-wide]
I think I added these respawn params [a while back],
when I did the conversion to procd init script format.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-05-18 08:14:26 +02:00
Luiz Angelo Daros de Luca
ccc54b2935 elfutils: bump to 0.169
Removed patches (now upstream):
- 004-maybe-uninitialized.patch
- 007-fix_TEMP_FAILURE_RETRY.patch

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2017-05-18 07:59:56 +02:00
Ben Greear
e00cc98045 ath10k-ct-firmware: Add support for QCA9886/QCA9888 firmware.
This firmware shoul have the same general feature set as the
rest of the 10.4 CT firmware (9984, 9980, etc).  Build-tested
only in LEDE, but firmware has been tested with ath10k-ct driver
on other OSs, so likely works just fine.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-05-18 07:59:33 +02:00
Ben Greear
7a343dafbb ath10k-ct-firmware: Update to latest.
The 988x and 9887 firmwares include a bugfix for a case where blockack
did not work sometimes, and many fixes for compiler warnings detected
by newer gcc compilers.

The 9980 and 9984 firmware includes a large backport of upstream QCA
firmware changes to bring it up to date.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-05-18 07:59:31 +02:00