Commit graph

12303 commits

Author SHA1 Message Date
Jonas Gorski
780ccbf9f1 base-files: board_detect: allow specifying the generated file
Allow passing a filename to change the location of the generated
board.json.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:51 +02:00
Jonas Gorski
e934a129f0 base-files: let config_generate call board_detect
Instead of board_detect generating the config as a side effect, let
config_generate call board_detect as needed.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:46 +02:00
Jo-Philipp Wich
4e8c6f3407 dropbear: security update to 2016.74
- Security: Message printout was vulnerable to format string injection.

  If specific usernames including "%" symbols can be created on a system
  (validated by getpwnam()) then an attacker could run arbitrary code as root
  when connecting to Dropbear server.

  A dbclient user who can control username or host arguments could potentially
  run arbitrary code as the dbclient user. This could be a problem if scripts
  or webpages pass untrusted input to the dbclient program.

- Security: dropbearconvert import of OpenSSH keys could run arbitrary code as
  the local dropbearconvert user when parsing malicious key files

- Security: dbclient could run arbitrary code as the local dbclient user if
  particular -m or -c arguments are provided. This could be an issue where
  dbclient is used in scripts.

- Security: dbclient or dropbear server could expose process memory to the
  running user if compiled with DEBUG_TRACE and running with -v

  The security issues were reported by an anonymous researcher working with
  Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-12 11:45:47 +02:00
Imre Kaloz
f76f83de71 mwlwifi: upgrade to 10.3.0.18-20160804
adds support for the Linksys WRT1900ACSv2 and WRT1200ACv2

Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
2016-08-11 21:04:42 +02:00
Felix Fietkau
08a27b99a2 kernel: add missing config symbol
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-11 18:33:02 +02:00
Ben Greear
4d39726b21 ath10k-firmware: Update to latest 99X0 CT firmware.
Among other things, this compiles out support for peer caching.
The feature did not seem to work well in my testing of AP mode,
and totally breaks my own special use of station mode.

Briefly tested on ea8500.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-11 10:55:22 +02:00
Ben Greear
f85c12e07d ath10k-ct: Fix loading 9980 firmware.
ath10k-ct driver was using bad defaults for 9980 if user
had not specified a fwcfg file to over-ride them.

Also, support configurable station-kickout-threshold,
which might work around issues with flakey connections.

Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix PKG_VERSION]
2016-08-11 10:54:50 +02:00
Matteo Croce
1645abffea kernel: add plan 9 fs package
9pfs is used by kvm to share files between host and guest,
add proper config option to enable it.

Signed-off-by: Matteo Croce <matteo.croce@canonical.com>
2016-08-11 10:45:33 +02:00
Petko Bordjukov
dff6df9625 hostapd: Allow RADIUS accounting without 802.1x
RADIUS accounting can be used even when RADIUS authentication is not
used. Move the accounting configuration outside of the EAP-exclusive
sections.

Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
2016-08-11 10:45:33 +02:00
Mathias Kresin
5fadd4397b preinit: use only the image config options
The pi_* variables and the fs_failsafe_wait_timeout variable are set by
the CONFIG_TARGET_PREINIT_* config options. No need to maintain the same
values twice.

All other fs_ variables were never used.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-10 03:04:08 +02:00
Mathias Kresin
14e0f057c8 ltq-hcd: fix xway dependency
Due to missing parameter the package wasn't build for the xway target.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-10 03:04:08 +02:00
Felix Fietkau
7ee9222770 openssl: re-enable CMAC support
Needed by a few packages

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-09 07:18:03 +02:00
Jo-Philipp Wich
27dffa0b0c uclient: change SSL support error message
Change the error message about missing SSL support to be more explicit by
mentioning required package names.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-08 12:20:15 +02:00
Petko Bordjukov
b34ccf45df mac80211: Update the regdb to master-2016-06-10
Changes include:

* Higher maximum transmit power in the 5170-5250 band of the BG
  regdomain
* Introduction of the CU regdomain
* Introduction of the 5725-5875 band (short-range devices) in the DE
  regdomain
* Introduction of 60 GHz channels 1-4 in the KR regdomain
* Introduction of the 5725-5875 band (short-range devices) in the NL
  regdomain

Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
2016-08-07 23:55:38 +03:00
Felix Fietkau
51e70267bd hostapd: remove unused hostapd-common-old package
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-05 11:02:57 +02:00
Felix Fietkau
ac642a7514 ath9k: improve powersave filter handling
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 23:10:41 +02:00
Felix Fietkau
4701fd3190 ath9k: improve performance in tx status handling
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 23:10:41 +02:00
Felix Fietkau
1b9dbb8532 Revert "kernel: remove long obsolete gpio spi controller driver patch"
This reverts commit 9e62a7668c.
2016-08-04 23:10:15 +02:00
Felix Fietkau
7c874d18f5 kernel: mark compression modules as hiddden to obsolete the compressor kconfig hack
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau
93fb6ce05b kernel: mark kmod-udptunnel as hiddden to replace the NET_UDP_TUNNEL kconfig hack
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau
577f873daf kernel: remove unused morse led trigger driver
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau
9e62a7668c kernel: remove long obsolete gpio spi controller driver patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau
56cf1adc50 kernel: remove esfq qdisc
It has been obsolete for years now

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 18:27:54 +02:00
Mathias Kresin
3004298e62 sysupgrade: unmount filesystems before reboot
sysupgrade immediately reboots after flashing an image and doesn't
allow to unmount filesystems. At least in case the image used for
sysupgrade is stored on a FAT formatted usb flash drive, the following
warning is printed during the next mount of the flash drive:

FAT-fs (sda1): Volume was not properly unmounted. Some data may be
corrupt. Please run fsck.

Although a data corruption during read operations is unlikely, there is
no need to scare the users.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-04 18:19:46 +02:00
Daniel Golle
877168993a base-files: remove dead code
/etc/init.d/boot tried to create /dev/root based on the kernel's
cmdline which won't work on any recent targets. Remove that code now
that fstools can detect the mounted rootfs based on
/proc/self/mountinfo and /dev/root was long gone anyway.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-08-04 18:19:46 +02:00
Felix Fietkau
fa85ee1d4e kernel: modularize bridge netfilter support a bit further to get rid of some kernel bloat
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-03 19:16:32 +02:00
Felix Fietkau
a5c32a1f19 kernel: remove switch driver kmod packages
Targets that need switch drivers should select them in their kernel
config. This prevents some bloat from creeping into targets that don't
need switchdev/dsa

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-03 19:16:32 +02:00
Lucian Cristian
6e68a5dd11 linux/modules: Add SCH5627 Super I/O chips
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2016-08-03 15:30:13 +02:00
John Crispin
2feb9433e2 rtc-rv5c386a: package does not build inside the SDK
the packages failed to build inside the SDK due to missing header
files.

Signed-off-by: John Crispin <john@phrozen.org>
2016-08-03 15:30:13 +02:00
John Crispin
10f9ea0bc6 uboot-lantiq: package does not build inside the SDK
the packages failed to build inside the SDK due to missing ethernet
firmware files.

Signed-off-by: John Crispin <john@phrozen.org>
2016-08-03 15:30:13 +02:00
Felix Fietkau
2f8c355850 mkelfimage: remove package, it is a host tool that has been unused for years
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-02 13:54:56 +02:00
Felix Fietkau
cc7029f8a9 uboot-ar71xx: fix default selection for NBG460N/550N/550NH
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-02 13:50:43 +02:00
Felix Fietkau
0cd13c53c1 mac80211: fix minor memleak on AP restart / warning on driver unload
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-02 13:08:05 +02:00
Felix Fietkau
18373e24cf ath9k: fix sta initialization bug leading to stability issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-02 13:07:59 +02:00
Hauke Mehrtens
2694d43b05 gdb: fix build with gcc 4.1.2 as host compiler
The additional warnings are causing compile errors on gcc version 4.1.2
as a host compiler.

cc -c  -Wall -Wdeclaration-after-statement -Wpointer-arith
-Wpointer-sign -Wno-unused -Wunused-value -Wunused-function -Wno-switch
-Wno-char-subscripts -Wmissing-prototypes -Wdeclaration-after-statement
-Wempty-body -Wmissing-parameter-type -Wold-style-declaration -Wold-
style-definition -Wformat-nonliteral  -I. -I. -I./../../include
filter_host.c
cc1: error: unrecognized command line option "-Wempty-body"
cc1: error: unrecognized command line option "-Wmissing-parameter-type"
cc1: error: unrecognized command line option "-Wold-style-declaration"
cc1: error: unrecognized command line option "-Wempty-body"
cc1: error: unrecognized command line option "-Wmissing-parameter-type"
cc1: error: unrecognized command line option "-Wold-style-declaration"

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-08-01 22:25:54 +02:00
Felix Fietkau
5c9cc7b7f8 base-files: increase vm.min_free_kbytes
Network drivers typically allocate memory in atomic context. For that to
be reliable, there needs to be enough free memory. Set the value
heuristically based on the total amount of system RAM.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-01 14:53:27 +02:00
Florian Eckert
109c55aea1 uqmi: add metric option to interface config
It is now possible to add an metric option for the qmi proto in dhcp mode.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-07-26 08:39:36 +02:00
Florian Eckert
15867deac8 uqmi: fix option ipv6
If option ist not set then ipv6 is still enabled on this Interface.
Check if variable is zero will fix this issue.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-07-26 08:39:36 +02:00
Felix Fietkau
180465c38f build: create a package feed directory containing all packages
Needed for proper dependency handling for per-device rootfs

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-01 11:13:38 +02:00
Felix Fietkau
5e41c1d447 perf: prevent build from within the sdk and mark as nonshared
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-31 12:25:25 +02:00
Felix Fietkau
9201e88f51 kernel: remove hostap driver
It has been marked as broken for well over a month now and nobody has
complained.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-31 12:25:24 +02:00
Felix Fietkau
b2ddfbc1c7 dnsmasq: drop --interface and --except-interface options when the interface cannot be found
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 20:58:14 +02:00
Felix Fietkau
009d6d6024 netifd: update to the latest version, adds an event handling fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 19:51:31 +02:00
Felix Fietkau
5cd88f4812 dnsmasq: remove use of uci state for getting network ifname
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 19:48:22 +02:00
Felix Fietkau
a1681ce39b dnsmasq: replace the iface hotplug script with a procd trigger
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Felix Fietkau
6916ca8d33 dnsmasq: make the check for existing DHCP servers more reliable
If there is no carrier yet, wait for 2 seconds (STP forwarding delay)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Ulrich Weber
712b6fdc5c dnsmasq: write atomic config file
multiple invocation of dnsmasq script (e.g. by procd and hotplugd)
might cause procd to restart dnsmasq with an incomplete config file.
Config file generation might take quite a long time on larger configs
due ubus calls for each listening interface...

Signed-off-by: Ulrich Weber <ulrich.weber@riverbed.com>
2016-07-29 16:41:09 +02:00
Felix Fietkau
d9ff187003 netifd: update to the latest version
Emits an initial event after the first link-up of a force_link
interface. This is needed for making the dnsmasq dhcp check more
reliable

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Felix Fietkau
f88e3a4c0a procd: add default timeout for reload trigger actions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Felix Fietkau
c02f41c1d2 igmpproxy: remove procd_open_trigger/procd_close_trigger calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Felix Fietkau
8299737428 dropbear: remove procd_open_trigger/procd_close_trigger calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Felix Fietkau
88304ea6e5 sysntpd: remove procd_open_trigger/procd_close_trigger calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Felix Fietkau
8891d941e0 procd: rework trigger handling
Open/close triggers array around service_triggers call to make using
multiple triggers easier to deal with.
The API was quite confusing, because some functions contained implicit
trigger open/close calls and some didn't.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Felix Fietkau
eed30bc869 procd: update to the latest version
Fixes a long standing design issue in handling of delayed triggers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Felix Fietkau
11d47e615b libubox: update to the latest version, adds a few utility functions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Felix Fietkau
731b166528 build: add template for getting opkg package files from package names
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 10:18:26 +02:00
Felix Fietkau
5d30bf8303 build: rework opkg command invocation
Drop included $(XARGS), add support for passing target dir via parameter

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 10:18:26 +02:00
Felix Fietkau
7dffc32ffa build: rework prepare_rootfs to pass target dir via parameter
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 10:18:26 +02:00
Felix Fietkau
973e6e1d71 build: move rootfs processing code to include/rootfs.mk so it can be reused later
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 10:18:26 +02:00
Álvaro Fernández Rojas
c58ed54d8c brcmfmac43430-firmware: update to v7.45.41.26
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-07-28 15:17:48 +02:00
Merlijn Wajer
4a0c4d8151 netifd: Use -x hostname:$hostname instead of -H
Passing the hostname is currently broken in since the shipped busybox includes this commit:
https://git.busybox.net/busybox/commit/networking/udhcp/dhcpc.c?id=2017d48c0d70bef8768efb42909e605ea8eb5a21

Before:

    Sun Jan 31 18:11:32 2016 daemon.notice netifd: Interface 'wan' is now down
    Sun Jan 31 18:11:32 2016 daemon.notice netifd: Interface 'wan' is setting up now
    Sun Jan 31 18:11:32 2016 daemon.notice netifd: wan (18158): udhcpc: option -h NAME is deprecated, use -x hostname:NAME
    Sun Jan 31 18:11:32 2016 daemon.notice netifd: wan (18158): udhcpc: malformed hex string 'WR150'

After:

    Sun Jan 31 18:11:33 2016 daemon.notice netifd: wan (18169): udhcpc (v1.23.2) started
    Sun Jan 31 18:11:33 2016 daemon.notice netifd: wan (18169): Sending discover...
    Sun Jan 31 18:11:33 2016 daemon.notice netifd: wan (18169): Sending select for xxx.yyy.zzz.xyz...
    Sun Jan 31 18:11:33 2016 daemon.notice netifd: wan (18169): Lease of xxx.yyy.zzz.xyz obtained, lease time 600

Signed-off-by: Merlijn Wajer <merlijn@wizzup.org>
2016-07-24 06:59:55 +02:00
Conn O'Griofa
e1406cd31a base-files: sysupgrade: fix pseudobridge upgrades
Treat 'relayd' as an essential service to avoid connection interruptions during sysupgrade on devices configured as a pseudobridge.

Signed-off-by: Conn O'Griofa <connogriofa@gmail.com>
2016-07-24 06:54:40 +02:00
John Crispin
30d35181cd mountd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-24 06:38:30 +02:00
John Crispin
74766f4c4f firewall3: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-24 06:38:30 +02:00
John Crispin
b15f41d4d6 ugps: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-24 06:38:30 +02:00
Felix Fietkau
da328f2865 hostapd: backport mesh/ibss HT20/HT40 related fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-27 17:22:39 +02:00
Daniel Golle
86c0a569f4 fstools: update to latest HEAD
Fixes duplicate ubiblock entries being listed and improves
find_mount_point to also match against a block device's
major:minor numbers (needed e.g. for /dev/root).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-07-27 01:25:07 +02:00
Etienne CHAMPETIER
35e423ca41 base-files: use procd init for urandom_seed
Previous implementation was blocking the init and
breaking halt/reboot/sysupgrade (reported by Daniel Golle)

v2: use procd logging, use set -e + trap for error handling

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Tested-by: Daniel Golle <daniel@makrotopia.org>
2016-07-27 01:24:54 +02:00
Felix Fietkau
5fd2eabeb2 base-files: remove support of profile-specific base-files
It is incompatible with multi-profile builds and has not been used
in-tree anyway.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-26 08:26:24 +02:00
Felix Fietkau
776ca66261 ath9k: fix warning in client mode (GH#195)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-26 08:26:05 +02:00
Felix Fietkau
04a6984319 ath9k: remove intermediate queueing patch until it is fixed properly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-24 22:41:20 +02:00
Hauke Mehrtens
bafeb90745 iperf3: update to version 3.1.3
old size:
iperf3_3.0.11-1_mips_34kc_dsp.ipk       30147

new size:
iperf3_3.1.3-1_mips_34kc_dsp.ipk        33640

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:05:50 +02:00
Hauke Mehrtens
9cbb51ff8c iperf: update to version 2.0.9
old size:
iperf_2.0.8-1_mips_34kc_dsp.ipk 27911

new size:
iperf_2.0.9-1_mips_34kc_dsp.ipk 28681

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:05:33 +02:00
Hauke Mehrtens
bdf9243c1b cyassl: update to wolfssl version 3.9.6
Changelog: https://www.wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html

old size:
libcyassl_3.9.0-1_mips_34kc_dsp.ipk     147552

new size:
libcyassl_3.9.6-1_mips_34kc_dsp.ipk     150087

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:05:03 +02:00
Hauke Mehrtens
7d38128f6a curl: update to version 7.50.0
Changelog: https://curl.haxx.se/changes.html

old sizes:
libcurl_7.49.0-1_mips_34kc_dsp.ipk      97569
curl_7.49.0-1_mips_34kc_dsp.ipk         37925

new sizes:
libcurl_7.50.0-1_mips_34kc_dsp.ipk      97578
curl_7.50.0-1_mips_34kc_dsp.ipk         38017

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:04:13 +02:00
Felix Fietkau
cd91f384ac openssl: re-enable NPN by default
Several packages rely on it

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-24 14:43:44 +02:00
Felix Fietkau
cb8f322d93 openssl: add back the CAST cipher by default
At least netatalk and some ipsec packages use it

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-24 14:42:18 +02:00
Felix Fietkau
600fd467d8 openssl: revert the no-ripemd change, openssh needs that cipher
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-23 19:03:47 +02:00
Ben Greear
164a405a48 ath10k: Support installing CT firmware for QCA9984 NICs.
This firmware has been lightly tested on non LEDE system
to date, and will be undergoing further testing and development.
Allow users to easily install this on their LEDE system as
they prefer.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-07-23 12:28:48 +02:00
Ben Greear
9971ab0457 ath10k-ct-firmware: Update to latest 9880 firmware.
Fixes some issues with AES encryption and macbooks.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-07-23 12:28:33 +02:00
Ben Greear
eb8ffbebf8 ath10k-ct: Update to latest ath10k-ct driver.
Adds support for 9984 NICs, and an upstream bugfix or two.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-07-23 12:28:25 +02:00
Dirk Feytons
3ad8bc4366 openssl: add option to disable SRP support
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 12:10:41 +02:00
Dirk Feytons
057b116e09 openssl: add --gc-sections
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 12:10:08 +02:00
Dirk Feytons
41da31ac2c openssl: remove some unneeded functionality and algorithms
The patch needed for this commit has been sent upstream:
https://github.com/openssl/openssl/pull/1155

Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [add back bf and srp]
2016-07-23 12:09:51 +02:00
Dirk Feytons
f16fc21675 openssl: add option to disable PSK support
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:31 +02:00
Dirk Feytons
0099748fd6 openssl: add option for NPN support
NPN has been superseded by ALPN so NPN is disabled by default
The patch has been sent to OpenSSL for inclusion, see
https://github.com/openssl/openssl/pull/1100

Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:31 +02:00
Dirk Feytons
eb4fc91a81 openssl: add option to disable compression support
By default it's disabled. After the CRIME attack it seems the use of
compression is discouraged.

Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:31 +02:00
Dirk Feytons
db11695aa6 openssl: add option to omit deprecated APIs
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:30 +02:00
Christian Lamparter
39f3408732 ppc4xx: remove booke-wdt watchdog package
This patch gets rid of the booke watchdog kmod package.
Instead the affected boards will enable it in their
kernel configs.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-07-22 09:48:12 +02:00
Matthias Schiffer
b82c8ddf8c
libpcap: fix dependency of install-shared-so make target
There seems to be a situation in which a rebuild of libpcap.so is triggered
in the install step of the libpcap Makefile. libpcap.so is the wrong
target, leading to the build failure reported in [1].

Fix the dependency of install-shared-so to $(SHAREDLIB) so the build can
succeed in this case.

[1] https://dev.openwrt.org/ticket/19894

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-07-21 17:57:17 +02:00
Felix Fietkau
c7a5bb5a7e samba36: avoid picking up a dependency on libunwind (fixes GH #212)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-21 17:33:17 +02:00
Felix Fietkau
ca6375ac51 hostapd: fix an error on parsing radius_das_client
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-21 16:58:50 +02:00
Felix Fietkau
14eb09d5c0 ath10k: add NAPI support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-21 16:17:08 +02:00
Felix Fietkau
467d15b73d mac80211: add a mesh related fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-21 16:16:49 +02:00
Zhao Gang
d963ddf042 ar71xx: add support for gl-ar300m
This add initial support for gl-ar300m router.
Product page: http://www.gl-inet.com/ar300m/

Signed-off-by: Zhao Gang <gang.zhao.42@gmail.com>
2016-07-20 00:21:48 +02:00
Felix Fietkau
6c2651566c ath9k: switch to using mac80211 intermediate software queues
Provides a nice latency reduction under load, due to mac80211's fq_codel
support.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-19 14:27:08 +02:00
Felix Fietkau
122a7021a9 ubox: update to the latest version, fixes lsmod output
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-19 13:59:04 +02:00
Felix Fietkau
6b654ab741 uboot-oxnas: fix build error on non-linux systems
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-19 12:48:28 +02:00
Hauke Mehrtens
9b05d3aa8e strace: update to version 1.12
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-18 23:25:30 +02:00
Felix Fietkau
56f686b710 samba36: disable local browse master by default
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-18 13:37:12 +02:00
Felix Fietkau
75329fc161 hostapd: fix VLAN support in full wpad builds
Suppress -DCONFIG_NO_VLAN if CONFIG_IBSS_RSN is enabled

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-18 13:37:10 +02:00
Felix Fietkau
7cdb51e046 ath10k: fix stack traces from a-msdu rx reporting issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-17 12:53:30 +02:00
Felix Fietkau
207338c78e ath9k: implement temperature compensation support for AR93xx and newer
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:19:22 +02:00
Felix Fietkau
98e4b504b4 ath9k: use external reset on AR91xx and QCA955x to improve stability
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:19:13 +02:00
Felix Fietkau
b948c9371b uclibc++: fix build with gcc 6.1.0, which defaults to using C++14 ABI
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:18:01 +02:00
Felix Fietkau
3273267c2b ath9k: fix spectral scan on AR9285 and newer AR92xx chipsets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:15:34 +02:00
Felix Fietkau
9edb651094 ath9k: merge a fix for the minimum CCA threshold on 5 GHz
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:15:31 +02:00
Felix Fietkau
55761205ef mac80211: fix a harmless uninitialized variable warning
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-14 13:32:00 +02:00
Ben Greear
1c52826010 add ath10k-ct: Candela-Tech ath10k out-of-tree driver.
This lets one use the CT ath10k driver instead of the built-in
ath10k driver from the upstream kernel (or backports).

This should be a drop-in replacement, as well as enabling
better CT firmware support.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-07-14 12:45:06 +02:00
Hauke Mehrtens
d43075710b mbedtls: fix missing mbedtls_time_t bug in mbedtls 2.3.0
This backports a commit from mbedtls current git which adds missing
include for platform.h.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-14 09:19:56 +02:00
Hauke Mehrtens
05cc72944c mbedtls: update to version 2.3.0
This fixes 3 minor security problems.
SSLv3 is deactivated by default now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-13 23:03:03 +02:00
Hauke Mehrtens
bd20cb272e polarssl: update to version 1.3.17
This fixes 3 minor security problems.
SSLv3 is deactivated by default now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-13 23:03:02 +02:00
Piotr Dymacz
14ee2b0642 uboot-envtools: add support for jjPlus JWAP230
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-07-13 20:03:10 +02:00
Piotr Dymacz
c30fd5e87d uboot-envtools: add support for Wallys DR531
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-07-13 20:03:10 +02:00
Felix Fietkau
4952469ff9 mac80211: disable fq until performance issues have been found and fixed
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-12 15:05:26 +02:00
Hans Dedecker
99e5bec2c6 netifd: quote vendorid and hostname variables in dhcp script
Quote hostname and vendorid variables in dhcp script so they can
hold strings having white spaces

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-07-12 14:33:49 +02:00
Felix Fietkau
cef1f4ef2b ath9k: explicitly clear gpio chip owner
The core can set it based on the parent device on register

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-11 15:53:48 +02:00
Felix Fietkau
5b07e8731b ath9k: remove gpio chip owner field to fix module unloading
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-11 15:46:42 +02:00
Felix Fietkau
5ce2341a03 mac80211: fix a powersave issue in the intermediate queueing code
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-11 15:46:35 +02:00
Felix Fietkau
4f106d6c07 Revert "ath9k: switch to using mac80211 intermediate software queues"
This reverts commit 31e5ed4152.
I've noticed some weird powersave related issues with this commit.
Revert until they've been fixed.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-11 14:55:22 +02:00
John Crispin
9352603fff mtd-utils: merge ubi/nand-utils into one package
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-11 14:19:47 +02:00
Kevin Darbyshire-Bryant
17f4d3967e samba: update smb template socket options defaults
Removed socket options = TCP_NODELAY IPTOS_LOWDELAY

TCP_NODELAY (disables Nagle algorithm) is default since samba2.
IPTOS_LOWDELAY sets DSCP 0x10 coding (CS2)
The alternate IPTOS_THROUGHPUT sets DSCP 0x08 coding (CS1)

CS1 is a scavenger class, whilst CS2 is more OAM/interactive
(SNMP,SSH,syslog)

Using CS2 is definitely an abuse of DSCP classification, CS1 less so
however even if the ISP takes note of DSCP codings having a default that
sets traffic to CS2 is wrong.  Better to use the default Best Effort
class.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-07-11 14:19:47 +02:00
Kevin Darbyshire-Bryant
3dded42f05 iftop: fix mac address display
iftop would display portions of mac address with large ffffff prefixes.
Make if_hw_addr type consistent.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-07-11 14:19:47 +02:00
John Crispin
ef3c0cf590 procd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-11 14:19:47 +02:00
Kevin Darbyshire-Bryant
527696674a igmpproxy: logging options - make work & improve
Move logging command line option to uci:
option verbose [0]/1/2 - mono-syllabic/verbose/noisy

Previously handled as 'OPTIONS' in .init script however variable
was ignored so never worked.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-07-11 14:19:47 +02:00
Felix Fietkau
31e5ed4152 ath9k: switch to using mac80211 intermediate software queues
Provides a nice latency reduction under load, due to mac80211's fq_codel
support.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-11 10:16:49 +02:00
Felix Fietkau
916aebb300 ath10k: fix a compiler warning
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-09 19:42:26 +02:00
Felix Fietkau
73dd59546b ath10k: fix #if vs #ifdef in led trigger patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-09 19:42:22 +02:00
Felix Fietkau
78ae53ff2f mac80211: make package ath9k-common hidden
It cannot be selected independently of ath9k and ath9k-htc

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-09 19:38:49 +02:00
Álvaro Fernández Rojas
f4293e476d brcm2708-gpu-fw: update to latest version
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-07-09 16:29:19 +02:00
Rafał Miłecki
c729fe0269 mac80211: backport brcmfmac changes from 2016-07-08
To work correctly hostapd requires wireless driver to allow interfaces
removal. It was working with brcmfmac only partially. Firmware for
BCM43602 got some special hack (feature?) that allowed removing all
interfaces by disabling mbss mode. It wasn't working with BCM4366
firmware and remaining interfaces were preventing hostapd from starting
again.

Those patches add support for "interface_remove" firmware method which
works with BCM4366 firmware and they make it finally possible to use
BCM4366 & brcmfmac & multiple interfaces.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-07-08 18:21:04 +02:00
Felix Fietkau
d98409edbc mt76: update to the latest version, fixes powersave issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-08 10:41:45 +02:00
Gabe Rodriguez
07e8cfed8a mwlwifi: Update to latest version
Signed-off-by: Gabe Rodriguez <lifehacksback@gmail.com>
2016-07-07 10:57:45 +02:00
Felix Fietkau
bcb1d9399f valgrind: update to the latest version, fix build issues on ARM
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-07 10:57:45 +02:00
Christian Lamparter
c1c49d9456 prism54-firmware: change prism54/p54-firmware package versioning
There are multiple prism54/p54 firmware versions for different
drivers and devices. Therefore, assigning the package version
of all the different firmware packages on the old prism54
firmware could break if any of the p54 firmwares are updated
and we need to roll out new packages.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[removed PKG_VERSION]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-07 00:02:18 +02:00
Rafał Miłecki
8d95b665e8 mac80211: backport brcmfmac changes from 2016-06-29
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-07-06 10:34:19 +02:00
Felix Fietkau
ad430c1080 hostapd: add a WDS AP fix for reconnecting clients
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-06 10:12:37 +02:00
neheb
a3e7d5e7ae samba: Update smb.conf.template
Removed some options which are default anyway and added bind interfaces
only which causes the interfaces line to actually have an effect. Can be
verified with netstat.

Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-07-05 22:59:14 +02:00
John Crispin
9a4345069f procd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:14 +02:00
John Crispin
21fa645f7a uci: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:14 +02:00
John Crispin
cbf6bc296f usign: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:14 +02:00
John Crispin
d643ee0260 umbim: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:13 +02:00
John Crispin
1a06dc6dc2 libubox: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:13 +02:00
Daniel Dickinson
a7f6dc9f8b px5g: Create mbedtls variant
px5g has been listed as a blocker for switching to new mbedtls
as the default, therefore make and mbedtls variant of px5g so
that an new mbedtls-only image can be created.

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-07-05 22:59:12 +02:00
Zoltan HERPAI
df2889c709 packages: fix bmp085-spi typo
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2016-07-05 13:36:36 +02:00
Felix Fietkau
bd7289af38 uclient: update to the latest version, fixes HTTP redirect support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-05 12:40:30 +02:00
Felix Fietkau
92d856f50a ath9k: add beacon related stability fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-05 10:45:17 +02:00
Felix Fietkau
71753a8286 Revert "ustream-ssl: Fix recursive dependency"
This reverts commit abf0768131.
The description is wrong, there is no recursive dependency here. The
conditions were added intentionally to avoid bogus build dependencies.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-04 16:47:56 +02:00
Jo-Philipp Wich
dd9afb8207 iwinfo: fix nl80211 phy lookup without platform prefix
Commit d9b20a6f35 (SVN r48426) changed the
mac80211 phy lookup logic to strip the platform/ directory component from
the phy path specification.

Fix iwinfo to follow that logic by trying to lookup phys both with and
without "platform/" prefix.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-07-04 16:26:38 +02:00
Jo-Philipp Wich
70b4e46804 e2fsprogs: fix build on OS X systems
On OS X systems, the compilation of e2fsprogs fails at subst.c due to a
missing sys/stat.h include:

    subst.c:333:14: error: variable has incomplete type 'struct stat'
            struct stat stbuf;
                        ^
    subst.c:333:9: note: forward declaration of 'struct stat'
            struct stat stbuf;
                   ^
    subst.c:392:8: warning: implicit declaration of function 'fstat' is invalid in C99
          [-Wimplicit-function-declaration]
                            if (fstat(fd, &stbuf) == 0) {
                                ^
    subst.c:438:12: warning: implicit declaration of function 'fchmod' is invalid in C99
          [-Wimplicit-function-declaration]
                                    (void) fchmod(ofd, 0444);
                                           ^
    2 warnings and 1 error generated.
    make[3]: *** [subst.o] Error 1

Declare the nescessary HAVE_SYS_STAT_H macro to include the required header in
order to avoid the undeclared stat structure.

Tested-By: David Thornley <david.thornley@touchstargroup.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-07-04 16:26:26 +02:00
Daniel Dickinson
abf0768131 ustream-ssl: Fix recursive dependency
Two variants incorrectly include themselves in
conditional depends on ssl libraries, which results
in a recursive dependency.

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-07-04 10:51:41 +02:00
Felix Fietkau
f5088dc13f kernel: fix duplicate drivers for the PC speaker in one package
Only use the ALSA capable one, it supports regular beeps as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-03 19:35:43 +02:00
Felix Fietkau
f226d5879e mac80211: move include statements for skb_get_hash_perturb() to prevent issues with newer kernels
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-03 18:13:11 +02:00
Felix Fietkau
b174832159 mac80211: backport skb_get_hash_perturb() for 4.1 and older
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-03 17:56:53 +02:00
Martin Blumenstingl
70afc0bdd1 kernel: mac80211: set the parent of the ath9k gpio_chip
This allows gpiolib to re-use ath9k's devicetree node as GPIO
controller.
Example:

ath9k: ath9k@0 {
	#gpio-cells = <2>;
	gpio-controller;
}

Now the ath9k node can be used just like any other GPIO controller:
	gpios = <&ath9k 1 GPIO_ACTIVE_HIGH>;

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-07-02 19:34:50 +02:00
Martin Blumenstingl
7b7ea91e24 kernel: mac80211: enable the gpio controller for all ath9k devices
This enables ath9k's built-in GPIO controller for all chip versions
(instead of an explicit whitelist). This also allows us to get rid of
some duplicate code between hw.c and gpio.c because hw.c already
determines the number of GPIOs.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-07-02 19:34:50 +02:00
Martin Blumenstingl
3ce71eaedd kernel: mac80211: fold the AR9280 GPIO patch into the ath9k GPIO patch
This folds 550-ath9k_add_ar9280_gpio_chip.patch into
548-ath9k_enable_gpio_chip.patch because the former patch only extends
code which is introduced in the latter.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-07-02 19:34:50 +02:00
Mathias Kresin
cbfeb7796e mac80211: refresh patches
Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-07-02 19:34:50 +02:00
Felix Fietkau
76d09dcb01 ath10k: fix tx performance regression on older chipsets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-02 19:34:50 +02:00
Felix Fietkau
d002aee42c mac80211: enable STBC and LDPC for VHT rates
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-02 19:34:50 +02:00
Felix Fietkau
898fff8253 ath10k-firmware: add symlink for QCA9984 board.bin
Use first caldata for devices without OTP. The driver uses the caldata
instead of the board.bin data anyway

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-02 19:34:50 +02:00
Felix Fietkau
67a7daa938 mac80211: update to wireless-testing 2016-06-20
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-02 19:34:50 +02:00
John Crispin
2a8bb46294 jsonfilter: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-02 10:16:18 +02:00
neheb
8a83ffbefd procd: Set /dev/kmsg to 600
Small cleanup. I initially though /dev/kmsg was used for dmsg(and journald
on desktops) but this seems not to be the case. dmsg is still accessible
as non-root(gives output) which begs the question what does this do? Some
googling reveals that permissions are set to 600 for some embedded systems
while 644 for others. I can't find any justification for the latter. Might
as well err on the side of caution.

Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-07-02 10:16:18 +02:00
John Crispin
bb00c0a33c fstools: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-02 10:16:18 +02:00
John Crispin
a74f593647 procd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-02 10:16:18 +02:00
John Crispin
c5a2713929 ubox: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-02 10:16:17 +02:00
John Crispin
1e9c066595 ustream-ssl: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-02 10:16:17 +02:00
John Crispin
25275bcc24 ubus: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-02 10:16:17 +02:00
Sergey Sergeev
3fbadd624a nand-utile: add package
This package is a custom build(like ubi-utils) of mtd-utils from infradead.org
It is required to work with Mikrotik NAND based devices

Signed-off-by: Sergey Sergeev <adron@yapic.net>
2016-07-02 10:16:17 +02:00
Hauke Mehrtens
f28502a485 libnl-tiny: Generic Netlink multicast groups support
This adds this commit from normal libnl to libnl-tiny:
2dbc1ca76c

commit 2dbc1ca76c5b82c40749e609eb83877418abb006
Author: dima <dima.ky@gmail.com>
Date:   Wed Oct 13 17:53:34 2010 +0300

    Generic Netlink multicast groups support

    I have a patch against commit d378220c96c3c8b6f27dca33e7d8ba03318f9c2d
    extending libnl with a facility to receive generic netlink messages sent
    to multicast groups.

    Essentially it add one new function genl_ctrl_resolve_grp which
    prototype looks like this
    int genl_ctrl_resolve_grp(struct nl_sock *sk, const char *family_name,
            const char *grp_name)
    It resolves  the family name and the group name to group id. Then
    the returned id can be used in nl_socket_add_membership to subscribe
    to multicast messages.

    Besides that it adds two more functions

    uint32_t nl_socket_get_peer_groups(struct nl_sock *sk)
    void nl_socket_set_peer_groups(struct nl_sock *sk, uint32_t groups)

    allowing to modify the socket peer groups field. So it's possible to
    multicast messages from the user space using the legacy interface.
    Looks like there is no way (or I was not able to find one?) to modify
    the netlink socket destination group from the user space, when the
    group id is greater then 32.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cosmetic style fix]
2016-07-02 10:12:04 +02:00
John Crispin
97c90557a9 spidev_test: copy the source code into the package folder
Signed-off-by: John Crispin <john@phrozen.org>
2016-06-30 22:48:39 +02:00
Stephen Walker
66b67b743f kernel: other.mk: add pps-ldisc support
The pps-ldisc kernel module supports Pulse-Per-Second connected with the CD (Carrier Detect) pin.

Signed-off-by: Stephen Walker <stephendwalker+github@gmail.com>
2016-06-30 22:48:39 +02:00
John Crispin
9597675d8e procd: change /dev/{gpio,hvc*} perms to 0600
Signed-off-by: John Crispin <john@phrozen.org>
2016-06-30 22:48:39 +02:00
neheb
c6cef6dde7 procd: adjust /dev entries to desktop distro defaults
This changes the default permissions for /dev entries to be more similar to
a desktop distro. Taken from the defaults of Arch Linux and Ubuntu. Also
changed some that were nonsensical. For example, all 660 permissions on
desktop distros were of the form root:x where x is something other than
root. As such, 660 is useless for LEDE where the specific group is missing.
audio seems to be the only group that isn't.

Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-06-30 22:48:39 +02:00
Etienne CHAMPETIER
3946a55291 base-files: seed /dev/urandom
This commit:
1) seed /dev/urandom with the saved seeds as early as possible
   (see /lib/preinit/81_urandom_seed)
2) save a seed at /etc/urandom.seed if it doesn't exists
3) save a new seed each boot at "system.@system[0].urandom_seed"
   (see /etc/init.d/urandom_seed)

We use getrandom() so we are sure /dev/urandom pool is initialized

Seed size is 512 bytes (ie /proc/sys/kernel/random/poolsize / 8)
it's the same size as in ubuntu 14.04 and all systemd systems

Seeding /dev/urandom doesn't change entropy estimation, so we still have
"random: ubus urandom read with 4 bits of entropy available"
messages in the logs, but we can now ignore them if
after "urandom-seed: Seeding with ..." message

Saving a new seed on each boot is disabled by default to avoid too much
writes without user consent

v2: log preinit messages to /dev/kmsg
v3: use non generic function name for logging, as /lib/preinit/ files
    are all sourced together in /etc/preinit
v4: after a lot of discussion on the ML, use a uci config param
v5: config param is now the path of the seed

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-06-30 22:48:39 +02:00
Daniel Dickinson
3ee278c5c9 package/kernel: Enable XATTR by default
OpenWrt enables XATTR support pretty much universally, therefore
for filesystems that a loaded as modules also enable XATTR support
so that there are no unexpected missing capabilities.

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-06-30 22:48:39 +02:00
Hauke Mehrtens
ffcae8b494 prism54-firmware: add also other p54 firmware to own package
Extract the other p54 firmware files into the prism54-firmware package.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2016-06-30 19:42:59 +02:00
Hauke Mehrtens
37fa64a6c5 firmware: extract prism54-firmware into own package
Instead of downloading the firmware for prism54 devices in the
wireless.mk do it in an extra package Makefile. To ship the complete
source code Intel ships our modified OpenWrt/LEDE + the content of the
dl directory. We do not want to have any files in the dl/ directory
which are not needed to build our images. The prism54 gets downloaded
every time independently of building kmod-net-prism54 or not. When it
is in a own package it only gets downloaded when the firmware package
is selected.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2016-06-30 19:21:02 +02:00
Hans Dedecker
ecbc138343 odhcp6c: Upstep to latest version
Following fixes are included in the latest version:
    -Script is launched with incorrect action
    -Possible buffer overflows
    -Lots of minor bugfixes

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-06-30 14:53:21 +02:00
Kevin Darbyshire-Bryant
0b208a7de1 kmod-sched-cake: Switch to COBALT algorithm
COBALT is a hybrid codel/blue algo combining best elements of both.
Exhibits improved behaviour in presence of abuse from unresponsive flows
handled by 'blue', whereas responsive flows are still handled by codel.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-30 00:43:03 +02:00
Kevin Darbyshire-Bryant
6d7f54ccdb iproute2: cake AQM prepare tc for COBALT algorithm
Cake AQM is experimenting with a codel/blue hybrid AQM COBALT instead
of just using codel alone. This patch updates tc to cope with some new
stats produced by COBALT.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-30 00:43:03 +02:00
Hans Dedecker
c2bd469521 dnsmasq: Add broken realtime clock build switch in full variant
By default dnsmasq uses the time function; which returns the time since
Epoch; to retrieve the current time. On boards which have no realtime
clock this can lead to side effects when the time is synced via ntp
as the "time wrap" forces dhcp leases to be considered as expired.
By enabling the broken realtime clock build switch dnsmasq uses the
times utility which returns the number of clock tick.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
[Jo-Philipp Wich: change symbol name, add sym to PKG_CONFIG_DEPENDS]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-30 00:42:46 +02:00
Jo-Philipp Wich
95d9330d57 rpcd: iwinfo plugin fixes
- Expose supported HT rate information in info call
 - Zero out ccode buffer when listing countries

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-30 00:42:02 +02:00
Alexander Couzens
19aae09f5f kmod-bmp085: add dependency on !LINUX_3_18 !LINUX_4_1
93d5629a introduced a build failure on older platforms (<4.4)
because bmp085 is a boolean and not a tristate.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2016-06-29 02:46:48 +02:00
Dirk Neukirchen
93d5629a27 modules: add BMP085 pressure sensor
add BMP085 and BMP180 pressure sensors
this driver supports the SPI and I2C and
older chips (BMP280 is supported by iio subsystem)

issue found when cleaning up omap/config

found while writing this patch that a
similar patch was submitted in June/July 2014 but not integrated

only compile tested

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-06-29 00:42:19 +02:00
Jo-Philipp Wich
1e03998e2b mac80211: fix skb size calculation in 4addr mode (FS#24)
The PDU length of incoming LLC frames is set to the total skb payload size
in __ieee80211_data_to_8023() of net/wireless/util.c which incorrectly
includes the length of the IEEE 802.11 header.

The resulting LLC frame header has a too large PDU length, causing the
llc_fixup_skb() function of net/llc/llc_input.c to reject the incoming
skb, effectively breaking STP.

Solve the problem by properly substracting the IEEE 802.11 frame header size
from the PDU length, allowing the LLC processor to pick up the incoming
control messages.

Special thanks to Gerry Rozema for tracking down the regression and proposing
a suitable patch.

Fixes FS#24.

References:
https://bugs.lede-project.org/index.php?do=details&task_id=24

Reported-by: Gerry Rozema <gerryr@rozeware.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-28 22:43:22 +02:00
Jo-Philipp Wich
8d51706616 base-files: use LEDE NTP vendor pool
The vendor NTP pool for the LEDE project got approved, so switch to it now.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-28 19:14:31 +02:00
Jo-Philipp Wich
f98f4601de openvpn: fix missing cipher list for polarssl in v2.3.11
Upstream OpenSSL hardening work introduced a change in shared code that
causes polarssl / mbedtls builds to break when no --tls-cipher is specified.

Import the upstream fix commit as patch until the next OpenVPN release gets
released and packaged.

Reported-by: Sebastian Koch <seb@metafly.info>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-28 10:47:22 +02:00
Daniel Dickinson
4a3b8e0596 lldpd: Use /etc/os-release instead of /etc/openwrt_*
With the addition of /etc/os-release patching lldpd to use
/etc/openwrt_release and to have the initscript use
/etc/openwrt_release and/or /etc/openwrt_version becomes
unnecessary.

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-06-27 15:16:01 +02:00
Alin Năstac
86a2702a00 libnetfilter_queue: fix checksum computation
There are 2 issues fixed by this patch:
  - UDP checksum is computed incorrectly, the used pseudo IP header
    contains transport protocol 6 iso 17
  - on big endian arches the UDP/TCP checksum is incorrectly
    computed when payload length is odd

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [refresh patch]
2016-06-26 16:09:48 +02:00
Hauke Mehrtens
9493613e94 linux-firmware: fix md5sum
The copy on the mirror has a different md5sum as specified in this
package Makefile. The content of the file on the mirror is the same as
in the checkout so just update our md5sum.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-25 19:20:16 +02:00
Hauke Mehrtens
2ca4fa5feb rtl8192su-firmware: move firmware to own package
Instead of downloading the firmware from some website take it from
linux-firmware package and do not download it separately any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-25 19:20:16 +02:00
Hauke Mehrtens
d2a372c4fc rtl8192se-firmware: fix package build
The package did not pack the firmware because of a problem which looks
like a copy and past error.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-25 19:20:16 +02:00
Jo-Philipp Wich
cb7aa4b1fe ebtables: fix segmentation fault due to uninitialized extension data
The ebtables code relies on the `-nostartfiles` linker argument to execute the
extension modules' `_init()` functions automatically which is not working
reliably across all supported targets and gcc versions.

Running an ebtables executable linked this way just crashes with a segmentation
fault at runtime on program startup, e.g. on ARM architectures.

In order to fix the issue ...
 - remove the use of the -nostartfiles linker flag
 - rename the init procedures to a generic name without implicit semantics
 - explicitely annotate those init procedures as constructors

The patch has been taken from the Alpine Linux distribution at
http://git.alpinelinux.org/cgit/aports/tree/main/ebtables/fix-extension-init.patch

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-24 15:59:36 +02:00
Kevin Darbyshire-Bryant
d4ede1c118 base-files: sysfixtime no longer exclude dnsmasq.time
dnsmasq's dnssec time checking method now uses a ntp hotplug mechanism,
therefore dnsmasq.time is redudant and no longer needs to be explicitly
excluded from sysfixtime.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-24 13:56:30 +02:00
Kevin Darbyshire-Bryant
5acfe55d71 dnsmasq: dnssec time handling uses ntpd hotplug
Change dnsmasq's dnssec time check handling to use time validity
indicated by ntpd rather than maintaining a cross boot/upgrade
/etc/dnsmasq.time timestamp file.  This saves flash device wear.

If ntpd client is configured in uci and you're using dnssec, then
dnsmasq will not check dnssec timestamp validity until ntpd hotplug
indicates sync via a stratum change. The ntpd hotplug leaves a status
flag file to indicate to dnsmasq.init that time is valid and that it
should now start in 'check dnssec timestamp valid' mode.

If ntpd client is not configured and you're using dnssec, then it is
presumed you're using an alternate time sync mechanism and that time is
correct, thus dnsmasq checks dnssec timestamps are valid from 1st start.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

V2 - stratum & step ntp changes indicate time is valid
V3 - on initial flag file step signal dnsmasq with SIGHUP if running
V4 - only accept step ntp changes. Accepting both stratum & step could
result in unpleasant script race conditions
V5 - Actually only accepting stratum is the correct thing to do after
further testing
V6 - improve handling of non busybox ntpd
if sysntpd not executable
  dnsmasq checks dnssec timestamps
else
  sysntp script disabled - look for timestamp file - allows external mechanism to use hotplug flag file
  sysntp script enabled & uci ntp enabled  - look for timestamp file
  sysntp script enabled & uci ntp disabled - dnsmasq checks dnssec
timestamps
fi
2016-06-24 13:53:39 +02:00
Daniel Dickinson
f954f4337b base-files: Add standard os-release file
/etc/os-release is the standard distribution release information
file, therefore add it (and image configuration options for
fields not previously present in LEDE).  Once it is deemed
reasonable the non-standard openwrt_release, openwrt_version,
and device_info files could be removed (that is with this patch
we consider them deprecated in favour of the standard file).

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-06-24 13:52:53 +02:00
John Crispin
27493e82f9 mountd: update to latest git HEAD
adds HFS+ support

Signed-off-by: John Crispin <john@phrozen.org>
2016-06-22 19:32:06 +02:00
Hauke Mehrtens
3f38356893 packages: prefer http over git for git protocol
In company networks everything except the http and https protocol is
often causes problems, because the network administrators try to block
everything else. To make it easier to use LEDE in company networks use
the https/http protocol for git access when possible.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-22 19:32:06 +02:00