commit 961c0eacea ('x86: fix lifting kernel CPU requirements and always
enable PAE') broke some older geode boards such as Soekris net4826.
Hence disable PAE on x86/legacy again in order to still support those
very old non-PAE capable CPUs.
Fixes FS#773 - PAE broke Soekris net4826
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This PR allow the 3G modem embedded in the DWR-512 to be managed
by the wwan-ncm scripts. The modem will use the usb-option and
usb-cdc-ether drivers.
The DWR-512 DT is updated accordingly.
Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
These drivers are in many reference-design Xeon, iCore, or
Atom64 based server boards.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
This causes various issues in other places that assume that host
binaries are staged in STAGING_DIR_HOST.
Since all the right places use HOST_BUILD_PREFIX, override that instead.
This fixes some issues with quilt on toolchain dirs
Signed-off-by: Felix Fietkau <nbd@nbd.name>
When using external or git cloned kernels, any kind of modifications
will alter KERNELRELEASE. LEDE still tries to stage modules in
lib/modules/$(LINUX_UNAME_VERSION) and LINUX_UNAME_VERSION is based on
KERNEL_PATCHVER (indirectly) so this does not work, and we lose all
kinds of automatic modules loading.
To remedy that, just cat $(LINUX_DIR)/include/config/kernel.release
which is late enough the kernel has prepared this file, and is correctly
tracking changes done throughout the kernel.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
In case we use external and/or git cloned kernels, let the kernel
determine the appropriate KERNELRELEASE. We cannot used
LINUX_UNAME_VERSION because that one gets determined at a later time,
when the kernel is already built proper.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
This reverts commit 0df2c6563a since it
gets in the way of identifying properly which kernel we are running.
This is particularly important if LEDE is using external kernels/git
cloned kernels. We want to make sure we only load modules from that
specific kernel.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
This change is required to make the GBit switch work on my Mikrotik Routerboard RB2011UiAS-RM, and I assume that the other RB2011 variants are exactly the same in terms of the switch. I have tested the board without and with the patch and confirm that the GBit ports are not supported at all (i.e. no communication works) with the current version in trunk and that everything works with the patch applied. The test box has been running for a few days with the patch applied, and does not show any performance problems in a test setting. I have not used it with LEDE in production so far, but with a previous turnk version of OpenWRT for many years - with the same patch applied. I therefore have good indication that it is stable.
For the record, the switch chip on my test box is identified as
switch0: Atheros AR8327 rev. 4 switch registered on ag71xx-mdio.0
The value 0x6f000000 has been taken from the table at https://wiki.openwrt.org/toh/mikrotik/rb2011uias with the previous discussion thread still online at https://lists.openwrt.org/pipermail/openwrt-devel/2014-December/029949.html.
One definite improvement from the older OpenWRT trunk version I have been running in production and current LEDE trunk is that the SFP interface can be kept in the default configuration without excessive kernel messages about it constantly going up and down. I have not yet tested an actual SFP module, though.
Performance seems to be reasonable. Routing between two GBit ports on that switch separated by different VLANs with the default firewall ruleset (and one additional rule two allow traffic between the VLANs), but without NAT, iperf3 results are:
[ ID] Interval Transfer Bandwidth Retr
[ 4] 0.00-10.00 sec 508 MBytes 426 Mbits/sec 102 sender
[ 4] 0.00-10.00 sec 506 MBytes 425 Mbits/sec receiver
With a connection going through NAT (also 2 ports on the same GBit switch, same ruleset, but NAT active), routing performance drops to around 250 MBit/s.
(Note that RouterOS achieves beyond 900 MBit/s on the same hardware with the default rule set and the FastTrack rule active even for NAT, see https://wiki.mikrotik.com/index.php?title=Manual:IP/Fasttrack and http://www.mikrotik.com/download/share/FastTrack.pdf).
Summarizing, I strongly recommend to apply this patch in trunk, so that the GBit switch chip rev. 4 can be supported upstream in the next LEDE release (hopefully soon).
Signed-off-by: René Mayrhofer <rene@mayrhofer.eu.org>
changes the image version from hardcoded OpenWrt to
$VERSION_DIST. AirOS shows a notification with the image version
during a firmware upgrade.
fixes#582
Signed-off-by: Matthias Fritzsche <txt.file@txtfile.eu>
With cpufreq disabled, the CPU stays locked at the frequency set by the
bootloader. This severely degrades performance as the bootloader sets
the CPU at the lowest frequency by default.
Enable cpufreq for all subtargets and use the ondemand governor.
Tested bcm2708 on RPi0W. Tested bcm2709 and bcm2710 on RPi3.
Reported-by: Bryan Mayland <bmayland@capnbry.net>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Some small tweaks and improvements :
9828ab1 Fix compiler warning.
f77700a Fix compiler warning.
0fbd980 Fix compiler warning.
43cdf1c Remove automatic IDN support when building i18n.
ff19b1a Fix &/&& confusion.
2aaea18 Add .gitattributes to substitute VERSION on export.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7573880 system-linux: parse 6rd specific settings as nested json data object
a063705 system-linux: remove redundant check for strtoul() return value
e6ebe0b build: disable unknown warning option error in clang
08d8f47 interface: add new "ifup-failed" hotplug event
20a1bac bridge: reset primary only after marking the member not present
6b9c267 build: suppress format truncation warnings to avoid errors with gcc7
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This includes following changes:
0e8b948 Support specifying instance name in JSON file
49fdb9f Support PTR queries for a specific service
26ce7dc Allow filtering with instance name in service_reply
920c62a Store instance name in the struct service
ff09d9a Rename service_name function to the service_instance_name
64f78f1 Rename mdns_hostname variable to the umdns_host_label
Previous package update pulled commit 70c66fbbcde86 ("Fix sending
replies to PTR questions") which introduced a regression which this
update fixes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
88d48d5 libfstools: silence mkfs.{ext4,f2fs}
a19f2b3 build: disable the format-truncation warning error to fix gcc 7 build errors
633a8d0 libfstools: fix multiple volume_identify usages with the same volume
c43ae11 fstools: use -Wno-format-truncation instead of -Wno-error=format-truncation
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Addresses CVE-2015-3239: Off-by-one error in the dwarf_to_unw_regnum
function in include/dwarf_i.h in libunwind 1.1 allows local users to
have unspecified impact via invalid dwarf opcodes.
Upstream stable-v1.2 fixed the missing unwind_i.h issue but no new
tarball is released yet
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
- Security: Fix double-free in server TCP listener cleanup A double-free
in the server could be triggered by an authenticated user if dropbear is
running with -a (Allow connections to forwarded ports from any host)
This could potentially allow arbitrary code execution as root by an
authenticated user. Affects versions 2013.56 to 2016.74. Thanks to Mark
Shepard for reporting the crash.
CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c
- Security: Fix information disclosure with ~/.ssh/authorized_keys
symlink. Dropbear parsed authorized_keys as root, even if it were a
symlink. The fix is to switch to user permissions when opening
authorized_keys
A user could symlink their ~/.ssh/authorized_keys to a root-owned file
they couldn't normally read. If they managed to get that file to contain
valid authorized_keys with command= options it might be possible to read
other contents of that file.
This information disclosure is to an already authenticated user.
Thanks to Jann Horn of Google Project Zero for reporting this.
CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123
Refresh patches, rework 100-pubkey_path.patch to work with new
authorized_keys validation.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Add support for Realtek RTL8821AE/RTL8812AE PCIe adapter.
This device supports 802.11ac and bluetooth
testet on PC Engines APU with AP and STA mode
Signed-off-by: Hans Ulli Kroll <ulli.kroll@googlemail.com>
The generic SPI code calculates how long the issued transfer would take
and adds 100ms in addition to the timeout as tolerance. On my 500 MHz
Lantiq Mips SoC I am getting timeouts from the SPI like this when the
system boots up:
m25p80 spi32766.4: SPI transfer timed out
blk_update_request: I/O error, dev mtdblock3, sector 2
SQUASHFS error: squashfs_read_data failed to read block 0x6e
After increasing the tolerance for the timeout to 200ms I haven't seen
these SPI transfer time outs any more.
The Lantiq SPI driver in use here has an extra work queue in between,
which gets triggered when the controller send the last word and the
hardware FIFOs used for reading and writing are only 8 words long.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Refresh patches. A number of patches have landed upstream & hence are no
longer required locally:
062-[1-6]-MIPS-* series
042-0004-mtd-bcm47xxpart-fix-parsing-first-block
Reintroduced lantiq/patches-4.4/0050-MIPS-Lantiq-Fix-cascaded-IRQ-setup
as it was incorrectly included upstream thus dropped from LEDE.
As it has now been reverted upstream it needs to be included again for
LEDE.
Run tested ar71xx Archer C7 v2 and lantiq.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
[update from 4.4.68 to 4.4.69]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This model also contains few partitions non-discoverable partitions we
need to "protect". Othen than that it uses non-deprecated serial entry
in DTS that doesn't work with LEDE so we need to workaround it as well.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Bug introduced with 6713694.
I did not count on procd handling reload as mentioned
in this doc:
https://wiki.openwrt.org/inbox/procd-init-scripts
```
procd_set_param file /var/etc/your_service.conf # /etc/init.d/your_service reload will restart the daemon if these files have changed
procd_set_param netdev dev # likewise, except if dev's ifindex changes.
procd_set_param data name=value ... # likewise, except if this data changes.
```
The service would be restarted regardless of any of those params.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
While we have CRASHLOG on MIPS it makes sense to support 'classic'
kexec-based CRASH_DUMP on x86 and arm platforms.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Teltonika RUT900 is a Router with LTE dual SIM, WiFi, 4x Ethernet
ports, I/O, RS232, RS485, GPS.
The device ist based on a Atheros AR9344 rev 3,
Specifications:
- 560/450/225 MHz (CPU/DDR/AHB)
- 128 MB of RAM
- 16 MB of FLASH
- Serial Console header on a Card Board edge connector
- 4x 10/100 Mbps Ethernet (3x LAN, 1x WAN)
- 2.4 GHz Wifi
- 2x external, detachable Wifi antennas
- LTE Modem Huawei ME909u-521 (Also other Modem seen)
- 2x LTE antennas
- 1x GPS antenna
- 7x LED, 1x button
- 1x USB Connector
- 1x Serial RS232
- 1x Serial RS485
- 1x MicroSD Card
The GPL sources of the device are available at www.teltonika.lt/gpl/
and are based on OpenWRT Barrier Breaker (14.07)
Running from tftp:
The Router starts into the uboot Webupdater if the Button ist pressed
more than 3 seconds, if no Network cable is attached it starts the
uboot serial console, from there the router loads the firmware image
via tftpboot from 192.168.1.2:firmware.bin (the router has the
192.168.1.1). With bootm the loaded image will be booted.
Signed-off-by: Steffen Weinreich <steve@weinreich.org>
At some point kernel.org decided to drop xz generated tarballs, switch to gz which they still provide.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>