Commit graph

12281 commits

Author SHA1 Message Date
Felix Fietkau
dbbd5eef58 f2fs-tools: import from packages, clean up, and update to latest
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-08 15:28:38 +02:00
Kevin Darbyshire-Bryant
03cd416795 dnsmasq: Don't expose *.bind data incl version
Don't expose dnsmasq version & other data to clients via the *.bind
pseudo domain.  This uses a new 'NO_ID' compile time option which has been
discussed and submitted upstream.

This is an alternate to replacing version with 'unknown' which affects
the version reported to syslog and 'dnsmasq --version'

Run time tested with & without NO_ID on Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-08 15:28:38 +02:00
Felix Fietkau
c4bfb119d8 mac80211: remove the fq-disable hack, now that reordering is fixed
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-08 15:28:38 +02:00
Felix Fietkau
a194ffd4a8 mac80211: fix packet loss on fq reordering
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-08 15:28:38 +02:00
Felix Fietkau
859d940c79 hostapd: update to version 2016-09-05
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-08 15:28:38 +02:00
Florian Fainelli
2728512e15 e2fsprogs: List all libraries explicitly
e2fsprogs would fail linking with external toolchains which would not be able
to find several dependencies, explicit them.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-09-08 13:40:03 +02:00
Florian Fainelli
9a2f2f32cf e2fsprogs: Honor the global verbose flag
Look for OPENWRT_VERBOSE and pass it down to the e2fsprogs entry-point
Makefile.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-09-08 13:40:03 +02:00
Kevin Darbyshire-Bryant
9209f4304b dnsmasq: fix remove pidfile on shutdown regression
Regression introduced by 3481d0d dnsmasq: run as dedicated UID/GID

dnsmasq is unable to remove its own pidfile as /var/run/dnsmasq is owned
by root and now dnsmasq runs as dnsmasq:dnsmasq.  Change directory
ownership to match.

dnsmasq initially starts as root, creates the pidfile, then drops to
requested non-root user.  Until this fix dnsmasq had insufficient
privilege to remove its own pidfile.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-06 11:26:05 +02:00
Petko Bordjukov
c5913264e7 mwlwifi: Expose the IEEE 802.11w support to hostapd
Add a dependency on DRIVER_11W_SUPPORT in order to enable the IEEE
802.11w functionality in hostapd.

Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
2016-09-05 19:24:37 +02:00
Johannes Römer
e8cb7d30e9 hostapd: fix typo and indentation in ap_sta_support.patch
Signed-off-by: Johannes Römer <jroemer@posteo.net>
2016-09-05 18:03:24 +02:00
Alexis Green
aeea251fad ath10k-ct: fix missing symbols if ath9k is not selected
Require kernel to compile with CONFIG_RELAY=y

Signed-off-by: Alexis Green <alexis@cessp.it>
2016-09-05 18:01:59 +02:00
Felix Fietkau
49a6f67c39 mac80211: backport new register bitfield macros
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-05 17:46:26 +02:00
Felix Fietkau
9cf0444768 mac80211: add a tx sequence number allocation fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-05 14:02:34 +02:00
Karl Palsson
a4dc9ff934 dropbear: mdns flag is a bool, not integer
Effectively the same for most purposes, but more accurate.

Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-09-05 07:27:16 +02:00
Karl Palsson
ad8d197b82 base-files: support oneshot leds properly.
oneshot trigger configurations for LEDs are created, but the on/off
timing configurations are ignored.  generate_config is correctly creating
oneshot configs, but the later led script doesn't recognise the trigger
details.

Fixes: c0c3f2d4c9 leds: support oneshot as well as timer triggers
Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-09-05 07:27:15 +02:00
John Crispin
b5f7221afa fstools: fix logic bug in extroot verification code
Signed-off-by: John Crispin <john@phrozen.org>
2016-09-05 07:27:15 +02:00
John Crispin
81b779d4d9 ugps: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-09-05 07:27:15 +02:00
Conn O'Griofa
f362dc154d zram-swap: CONFIG_PROCD_ZRAM_TMPFS compatibility
Enable CONFIG_PROCD_ZRAM_TMPFS compatibility via two changes to list_cpu_idx():
* detect if /tmp is being used by /dev/zram0; if yes, offset initial value by 1 to skip first zram device.
* hot-add /dev/zram1, if not already present.

Signed-off-by: Conn O'Griofa >connogriofa@gmail.com>
2016-09-05 07:12:00 +02:00
Tim Harvey
232893037a generic: add NET3380 UDC support
Add a patch to backport 5185c91385d73cdf79836eb8548e4726e43ae831
from Linux 4.8 adding USB2380 support to the NET2280 driver and
create an OpenWrt menu option to select it as a module.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2016-09-04 13:36:10 +02:00
Tim Harvey
a4b86b292a boot: kobs-ng: update kobs-ng for newer kernels
This allows kobs-ng to flash the SPL successfully on the 4.4 kernel used by
the Gateworks IMX boards supporting NAND. The previous version of kobs-ng
worked with the 3.14 kernel but will brick a board making its SPL unbootable
for the 4.4 kernel.

See http://trac.gateworks.com/wiki/ventana/bootloader#nandspl for instructions
on updating the SPL from Linux.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2016-09-04 13:36:09 +02:00
Felix Fietkau
dbc9ee5b72 ath9k: fix regression in tx queueing patch
power save response frames can go through the old tx path, and the tid
needs to be set for sequence numbers to be assigned correctly.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-02 14:43:53 +02:00
Felix Fietkau
7130833a27 mvebu: fix boot script for booting from mmc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-02 14:43:53 +02:00
Zhao Gang
28a2901cba ath10k-firmware: add QCA9887 firmware
QCA9887 is experimentally supported in compat-wireless-2016-06-20.

Signed-off-by: Zhao Gang <gang.zhao.42@gmail.com>
2016-09-02 14:43:52 +02:00
Gabe Rodriguez
2d418381bb mwlwifi: Updated to latest source
This commit updates the mwlwifi driver to the latest version provided in the repo.

Signed-off-by: Gabe Rodriguez <lifehacksback@gmail.com>
2016-09-02 14:43:52 +02:00
Felix Fietkau
a894a535ff mac80211: add fixes for dealing with unexpected BlockAck frames
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-02 14:43:52 +02:00
Felix Fietkau
372d0fea29 ath9k: add a bunch of powersave handling fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-02 14:43:51 +02:00
Felix Fietkau
1e72d1bf16 mac80211: add a powersave handling fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-02 14:43:51 +02:00
Felix Fietkau
00a1056c3f openssl: re-enable ARM assembly
The original reason for disabling it seems to have been fixed
Related discussion: https://github.com/lede-project/source/pull/307

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-31 13:57:05 +02:00
Felix Fietkau
8e0cb8f582 ebtables: fix build with glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 12:12:34 +02:00
Felix Fietkau
18c7d1c626 dante: remove -D_GNU_SOURCE to fix build errors with current glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 12:12:34 +02:00
Felix Fietkau
98206cb9c6 iperf: add -lm to fix build with newer glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 10:51:21 +02:00
Felix Fietkau
b0dcb6bfed iperf: drop PKG_BUILD_DIR override
No longer necessary since the removal of build variants

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 10:51:21 +02:00
Jo-Philipp Wich
bba8a1a9ba Revert "opkg: use vfork on gz_open by default (FS#120)"
This reverts commit 763f5d7873.

Currently the vfork() code path in opkg is broken and relies on unsupported
ftello() / fseeko() operations on pipes - we need to restructure the code
before we can reconsider this approach.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-28 23:03:13 +02:00
Jo-Philipp Wich
d0b88b6067 Revert "opkg: disable the use of vfork for the host build"
This reverts commit 02e3c718e9.

Currently the vfork() code path in opkg is broken and relies on unsupported
ftello() / fseeko() operations on pipes - we need to restructure the code
before we can reconsider this approach.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-28 23:03:13 +02:00
Ben Greear
2ca0cdb7bf ath10k-firmware: Update to latest ath10k-ct 9984 firmware.
Tested briefly on Netgear r7800.  Firmware failed to load on first
boot, but then it worked after that and I could not reproduce the
failure.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-28 20:59:23 +02:00
Felix Fietkau
02e3c718e9 opkg: disable the use of vfork for the host build
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-28 14:34:40 +02:00
Felix Fietkau
763f5d7873 opkg: use vfork on gz_open by default (FS#120)
Reduces memory consumption and binary size

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-28 14:18:54 +02:00
Felix Fietkau
3e4d0e3e77 ath9k: revert temperature compensation support patch (FS#111)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-28 14:08:49 +02:00
Felix Fietkau
4530ca3c11 kernel: remove obsolete legacy ide kernel module packages
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-28 13:51:42 +02:00
Ben Greear
545d86490c ct-bugcheck: Add tools to poll for and report ath10k firmware crashes.
This tool can periodically check for ath10k firmware crashes.
If it finds a crash, it will package up the binary crash dump,
some OS level things like dmesg, lspci, etc into a tar file.

It then notifies the user about the crash and asks them to report
the bug to the appropriate email address.

This is most useful when used with ath10k-ct driver and
CT ath10k firmware, but it should also report issues with stock
ath10k driver and firmware in case one has appropriate contacts
to debug them.

This tool could be extended later for other modules/bugs/etc.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-28 13:51:41 +02:00
Ben Greear
d66db35a1d ath10k-ct: Remove useless WARNING for 10.4 firmware.
Removes a useless splat in ath10k, and adds some safety code
around setting keys in the firmware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-28 13:51:41 +02:00
Ben Greear
3a2d142a3a ath10k-fw: Update to latest 9980 CT firmware.
This fixes a nasty memory corruption bug, among other things.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-28 13:51:41 +02:00
Jo-Philipp Wich
885910225d iwinfo: mark as nonshared
The iwinfo library might get compiled with different backends, depending on
the driver selection of the current target, so mark it as nonshared to avoid
broken libiwinfo support on other targets with same cpu architecture but
different wireless driver types.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-25 16:51:57 +02:00
Felix Fietkau
acffa62d12 mt76: update to the latest version
Adds client + ad-hoc mode fixes and some initial TPC preparation work

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-25 13:00:10 +02:00
Felix Fietkau
2b0a1292f8 uqmi: update to the latest version, adds QMI-in-MBIM support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-24 15:16:01 +02:00
Magnus Kroken
2653a12c4d openvpn: update to 2.3.12
300-upstream-fix-polarssl-mbedtls-builds.patch has been applied upstream.
Replaced 101-remove_polarssl_debug_call.patch with upstream backport.

Changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.12

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-08-24 00:33:08 +02:00
Ralph Sennhauser
012873074f perf: drop sched_getcpu wrapper
Current musl already provides sched_getcpu

Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
2016-08-23 22:47:43 +02:00
Ralph Sennhauser
91362e7aa4 strace: bump to 4.13
Fixes broken btrfs support in 4.12

Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
2016-08-23 22:47:43 +02:00
Toke Høiland-Jørgensen
e58c20aac3 ath9k: Set ATH9K_STATION_STATISTICS when enabling debugging
The ATH9K_STATION_STATISTICS kernel config variable enables some extra
statistics that are useful for debugging (in particular with the airtime
fairness patches enabled). This adds that kernel config when selecting
ath9k debugging.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-08-23 13:30:59 +02:00
Felix Fietkau
d41f56864c ubus: update to the latest version, adds object remove fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-23 13:30:04 +02:00
Felix Fietkau
223c124db8 ubox: move logd into ubox package
Preparation for further build rework

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-23 12:19:23 +02:00
Ash Benz
798cd261ab hostapd: use printf to improve portability.
Signed-off-by: Ash Benz <ash.benz@bk.ru>
2016-08-23 12:15:41 +02:00
Ben Greear
4c451ae0a7 ath10k-ct: Update to latest ath10k-ct driver.
This uses GFP_DMA32 for firmware swap.  Fixes issue on x86-64 with
QCA 9984 chipset when host system does not have vt-d enabled.

Also tested on linksys ea8500 with 9980 chipset.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-23 11:55:32 +02:00
Felix Fietkau
c487bde9e4 netifd: update to the latest version
Adds fixes for wireless device error handling
Adds link state fixes for shell proto handlers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-23 11:08:35 +02:00
Andreas Schultz
277f85c21a cyassl: make CyaSSL/WolfSSL more configurable
The default configuration might not be suitable for
every use case. Add options to enable/disable additional
options.

Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2016-08-22 17:30:35 +02:00
Daniel Golle
d7e040f8bc kernel: add fake users for udptunnel and iptunnel modules
Without any in-tree users enabled the Kernel's build process doesn't
actually build those modules. Enable some potential in-tree users
during Kernel build, so out-of-tree modules can depend on them.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-08-22 17:23:05 +02:00
Martin Schiller
070edfd92f ltq-deu: fix cra_priority
With the default priority of 0, the DEU algos would be overlapped
by the generic algos (if available).

To fix this, set the cra_priority of the hardware algos to the
recommended value of 300/400.

Signed-off-by: Martin Schiller <mschiller@tdt.de>
2016-08-20 05:33:09 +02:00
Martin Schiller
9391661394 ltq-deu: fix handling of data blocks with sizes != AES/DES block size
This fix is a backport from the lantiq UGW-6.1.1-MR1

Signed-off-by: Martin Schiller <mschiller@tdt.de>
2016-08-20 05:32:56 +02:00
Martin Schiller
8dba24cfc2 ltq-deu: fix aes initialization vector handling
This fix is a backport from the lantiq UGW-6.1.1-MR1

Signed-off-by: Martin Schiller <mschiller@tdt.de>
2016-08-20 05:32:44 +02:00
Jo-Philipp Wich
b91e58e606 busybox: enable sha256sum by default
Now that snapshot builds are only publishing SHA-256 checksums, it makes
sense to ship an appropriate utility for verification.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-18 15:09:06 +02:00
Hans Dedecker
d7c249fa1c ppp: Extend uci datamodel with persistency sypport
PPP daemon can be put into persist mode meaning the
daemon will not exit after a connection gets terminated
but will instead try to reopen the connection.
The re-initiation after the link has been terminated
can be controlled via holdoff; this is helpfull in
scenarios where a BRAS is in denial of service mode
due to link setup requests after a BRAS has gone down

Following uci parameters have been added :
persist (boolean) : Puts the ppp daemon in persist mode
maxfail (integer) : Number of consecutive fail attempts which
puts the PPP daemon in exit mode
holdoff (interget) : Specifies how many seconds to wait
before re-initiating link setup after it has been terminated

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-08-18 09:49:18 +02:00
Josua Mayer
1e71fca777 mtd: fix building with glibc
src/linksys_bootcount.c misses to include stdint.h.
Apparently musl doesn't mind and includes this header by default,
but glibc does not and causes the build to fail.

Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2016-08-18 09:49:18 +02:00
Josua Mayer
c8580f51ba u-boot-envtools: fix building with glibc
tools/env/fw_env.c misses to include stdint.h.
Apparently musl doesn't mind and includes this header by default,
but glibc does not and causes the build to fail.

Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2016-08-18 09:49:18 +02:00
John Crispin
5e563262f1 ubox: fixes segfault inside kmodloader
null pointer deref when no modules folder was present

Signed-off-by: John Crispin <john@phrozen.org>
2016-08-18 09:49:18 +02:00
Felix Fietkau
fe7fdd3bb4 ath9k: switch to using mac80211 intermediate software queues
Provides a nice latency reduction under load, due to mac80211's fq_codel
support.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-17 07:02:54 +02:00
John Crispin
99a1888287 swconfig: revert the portmapping patches, they seem to cause a segfault
Revert "kernel/swconfig: remove obsolete portmapping feature from swconfig"

This reverts commit 675407baa4.

Revert "swconfig: remove obsolete portmapping feature"

This reverts commit fca1eb349e.

Signed-off-by: John Crispin <john@phrozen.org>
2016-08-16 10:20:01 +02:00
Matteo Croce
2ebb4733e1 kernel: add kmod-squashfs
add kernel package to build squashfs as module when it's not the root filesystem

Signed-off-by: Matteo Croce <matteo.croce@canonical.com>
2016-08-15 15:32:38 +02:00
Hannu Nyman
a77ce8ba96 libs/gmp: update to 6.1.1
Update libgmp to 6.1.1

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-08-15 15:32:38 +02:00
Hannu Nyman
785cdc3cf2 package/devel/gdb: Update to 7.11.1
Update gdb to version 7.11.1 to match the version in toolchain.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-08-15 15:32:37 +02:00
John Crispin
fca1eb349e swconfig: remove obsolete portmapping feature
Signed-off-by: John Crispin <john@phrozen.org>
2016-08-15 15:32:36 +02:00
Conn O'Griofa
63f6fc5c16 samba: add file/interface reload triggers & filter interfaces
* Only parse interfaces that are up during init_config (as the
  script depends on this to determine the proper IP/subnet range)
* Add reload interface triggers for samba-designated interfaces
* Force full service restart upon config change to ensure Samba
  binds to new interfaces (sending HUP signal doesn't work)
* Rename "interface" variable to "samba_iface" and move into
  global scope

Needed to fix Samba connectivity for clients connecting from a
different LAN subnet (e.g. pseudobridge configurations) due to the
'bind interfaces only' setting.

Signed-off-by: Conn O'Griofa <connogriofa@gmail.com>
2016-08-15 15:18:35 +02:00
John Crispin
40b8cbc2af procd: update to latest git HEAD
adds O_PATH define

Signed-off-by: John Crispin <john@phrozen.org>
2016-08-15 15:16:42 +02:00
Jo-Philipp Wich
d36c5152ef ncurses: change handling of PKG_CONFIG_LIBDIR
When PKG_CONFIG_LIBDIR was unset in the environment, the configure
script was deducing the PKG_CONFIG_LIBDIR from the location of the
pkg-config binary, which doesn't make a lot of sense, and isn't done
by other autotools based packages.

Patch imported from the Buildroot project:
https://github.com/buildroot/buildroot/blob/master/package/ncurses/0001-fixup-pkg-config-handling.patch

Also refresh patches while we're at.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-15 13:34:17 +02:00
Jonas Gorski
30352e72ff base-files: set pi_ifname in board.d case to fix deconfig
Due to an empty pi_ifname in the generic failsafe setup, the deconfig
never removed the failsafe networking interface, causing broken
networking later on.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-14 23:10:17 +02:00
Jonas Gorski
6c9588ddf5 base-files: configure switch in failsafe
Also configure the switch based on the failsafe config, and create the
failsafe interface as tagged if necessary.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:50:15 +02:00
Jonas Gorski
072cf26729 base-files: allow failsafe to configure vlans
In preparation of properly setting up vlans and switches, add
support for configuring failsafe on a vlan tagged interface.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:50:06 +02:00
Jonas Gorski
c18edcec45 base-files: add preinit ifname detection based on board.json
Make use of the existing board.d to autodetect lan ifname in a generic way.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:50:00 +02:00
Jonas Gorski
0f1ae840c9 base-files: split out preinit interface config
Move preinit interface and ip config to its own function to allow
calling it from more than one place.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:56 +02:00
Jonas Gorski
780ccbf9f1 base-files: board_detect: allow specifying the generated file
Allow passing a filename to change the location of the generated
board.json.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:51 +02:00
Jonas Gorski
e934a129f0 base-files: let config_generate call board_detect
Instead of board_detect generating the config as a side effect, let
config_generate call board_detect as needed.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:46 +02:00
Jo-Philipp Wich
4e8c6f3407 dropbear: security update to 2016.74
- Security: Message printout was vulnerable to format string injection.

  If specific usernames including "%" symbols can be created on a system
  (validated by getpwnam()) then an attacker could run arbitrary code as root
  when connecting to Dropbear server.

  A dbclient user who can control username or host arguments could potentially
  run arbitrary code as the dbclient user. This could be a problem if scripts
  or webpages pass untrusted input to the dbclient program.

- Security: dropbearconvert import of OpenSSH keys could run arbitrary code as
  the local dropbearconvert user when parsing malicious key files

- Security: dbclient could run arbitrary code as the local dbclient user if
  particular -m or -c arguments are provided. This could be an issue where
  dbclient is used in scripts.

- Security: dbclient or dropbear server could expose process memory to the
  running user if compiled with DEBUG_TRACE and running with -v

  The security issues were reported by an anonymous researcher working with
  Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-12 11:45:47 +02:00
Imre Kaloz
f76f83de71 mwlwifi: upgrade to 10.3.0.18-20160804
adds support for the Linksys WRT1900ACSv2 and WRT1200ACv2

Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
2016-08-11 21:04:42 +02:00
Felix Fietkau
08a27b99a2 kernel: add missing config symbol
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-11 18:33:02 +02:00
Ben Greear
4d39726b21 ath10k-firmware: Update to latest 99X0 CT firmware.
Among other things, this compiles out support for peer caching.
The feature did not seem to work well in my testing of AP mode,
and totally breaks my own special use of station mode.

Briefly tested on ea8500.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-11 10:55:22 +02:00
Ben Greear
f85c12e07d ath10k-ct: Fix loading 9980 firmware.
ath10k-ct driver was using bad defaults for 9980 if user
had not specified a fwcfg file to over-ride them.

Also, support configurable station-kickout-threshold,
which might work around issues with flakey connections.

Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix PKG_VERSION]
2016-08-11 10:54:50 +02:00
Matteo Croce
1645abffea kernel: add plan 9 fs package
9pfs is used by kvm to share files between host and guest,
add proper config option to enable it.

Signed-off-by: Matteo Croce <matteo.croce@canonical.com>
2016-08-11 10:45:33 +02:00
Petko Bordjukov
dff6df9625 hostapd: Allow RADIUS accounting without 802.1x
RADIUS accounting can be used even when RADIUS authentication is not
used. Move the accounting configuration outside of the EAP-exclusive
sections.

Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
2016-08-11 10:45:33 +02:00
Mathias Kresin
5fadd4397b preinit: use only the image config options
The pi_* variables and the fs_failsafe_wait_timeout variable are set by
the CONFIG_TARGET_PREINIT_* config options. No need to maintain the same
values twice.

All other fs_ variables were never used.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-10 03:04:08 +02:00
Mathias Kresin
14e0f057c8 ltq-hcd: fix xway dependency
Due to missing parameter the package wasn't build for the xway target.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-10 03:04:08 +02:00
Felix Fietkau
7ee9222770 openssl: re-enable CMAC support
Needed by a few packages

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-09 07:18:03 +02:00
Jo-Philipp Wich
27dffa0b0c uclient: change SSL support error message
Change the error message about missing SSL support to be more explicit by
mentioning required package names.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-08 12:20:15 +02:00
Petko Bordjukov
b34ccf45df mac80211: Update the regdb to master-2016-06-10
Changes include:

* Higher maximum transmit power in the 5170-5250 band of the BG
  regdomain
* Introduction of the CU regdomain
* Introduction of the 5725-5875 band (short-range devices) in the DE
  regdomain
* Introduction of 60 GHz channels 1-4 in the KR regdomain
* Introduction of the 5725-5875 band (short-range devices) in the NL
  regdomain

Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
2016-08-07 23:55:38 +03:00
Felix Fietkau
51e70267bd hostapd: remove unused hostapd-common-old package
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-05 11:02:57 +02:00
Felix Fietkau
ac642a7514 ath9k: improve powersave filter handling
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 23:10:41 +02:00
Felix Fietkau
4701fd3190 ath9k: improve performance in tx status handling
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 23:10:41 +02:00
Felix Fietkau
1b9dbb8532 Revert "kernel: remove long obsolete gpio spi controller driver patch"
This reverts commit 9e62a7668c.
2016-08-04 23:10:15 +02:00
Felix Fietkau
7c874d18f5 kernel: mark compression modules as hiddden to obsolete the compressor kconfig hack
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau
93fb6ce05b kernel: mark kmod-udptunnel as hiddden to replace the NET_UDP_TUNNEL kconfig hack
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau
577f873daf kernel: remove unused morse led trigger driver
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau
9e62a7668c kernel: remove long obsolete gpio spi controller driver patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00