Commit graph

37393 commits

Author SHA1 Message Date
Alexandru Ardelean
8cb476c853 libs: libnetfilter-queue: update to a newer version in git repo
Last release of libnetfilter-queue was in 2012.
There don't seem to be any release tarballs since then.

This updates it to a more recent version, pointing to the git repo.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-04 11:41:53 +01:00
Pierre Lebleu
898857f77a ppp: Split the ppp-up for the IPv6 part
Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
2016-12-04 11:41:53 +01:00
Felix Fietkau
1a63b81965 orion: make image size errors non-fatal
Fixes build errors on the generic subtarget

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:53 +01:00
Florian Fainelli
0917999396 orion: Enable CONFIG_MV_XOR
This is helpful for Orion-based NAS boxes that have the XOR engine enabled
since it provides faster software RAID.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:53 +01:00
Florian Fainelli
2cb90461c8 orion: Add uboot-envtools in the default package list
Makes sense since most, if not all orion platforms use this bootloader.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:53 +01:00
Florian Fainelli
7e38cd7a8d kernel: Add missing kernel config symbol
Add CONFIG_DW_DMAC_PCI

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:52 +01:00
Florian Fainelli
0d5097036e orion: Set appropriate DEVICE_TYPE for harddisk target
The harddisk target is for NAS boxes, so set the DEVICE_TYPE accordingly so we
get a sensible default package selection.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:52 +01:00
Florian Fainelli
3043a4f520 orion: Switch to kernel 4.4
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:52 +01:00
Florian Fainelli
01bda7f05f orion: Advertise support for RTC
Otherwise, we can't select RTC_SUPPORT and the corresponding kmod-rtc-*
packages.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:52 +01:00
Florian Fainelli
3ca46aa257 orion: Make sub-targets augment FEATURES, not re-define it
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:52 +01:00
Florian Fainelli
5763e438f6 kernel: add kernel package for the rs5c372a rtc module
This RTC is used on the Buffalo Terastation Pro II/Live devices.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Florian Fainelli
a909a5d676 orion: Build images for Buffalo Terastation Pro II/Live
Enable support for this machine in the kernel and also produce valid image
files with the correct machine id.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Florian Fainelli
da5155b1a5 orion: Add support for 4.4 kernel
Patches and configuration apply just fine on the Marvell Orion target.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Florian Fainelli
cec7e661e7 orion: Fold DT2 setup files into patch
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Florian Fainelli
9a08c0ba80 include/kernel: Switch to git download method
Utilize the existing git download logic from include/download.mk and migrate
the kernel download over to it. This avoids repeatedly cloning kernel sources
after a make target/linux/clean for instance.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix build error]
2016-12-04 11:41:51 +01:00
Florian Fainelli
b9aab34eb4 include/download.mk: Allow specify DownloadMethod specific options
This is going to be used to migrate the hand rolled git clone for the kernel
into using the git download method. The kernel uses custom options that we may
have to pass down.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Felix Fietkau
832fb99da2 kernel: Add check to of_scan_flat_dt() before accessing initial_boot_params
Fixes a bug that affects rt288x

Signed-off-by: Tobias Wolf <dev-NTEO@vplace.de>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:50 +01:00
Felix Fietkau
b3c5db79eb kernel: Fix alloc_node_mem_map with ARCH_PFN_OFFSET
Fixes a bug that affects rt288x

Signed-off-by: Tobias Wolf <github-NTEO@vplace.de>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:50 +01:00
Felix Fietkau
2135e54c00 ar71xx: set GPIO reset line for Ubiquiti NanoStation Loco XW
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:50 +01:00
Felix Fietkau
106a4605c8 ar71xx: add support for configuring at803x PHY GPIO reset via platform data
Needed to work around ethernet hang issues on Ubiquiti NanoStation Loco XW,
because ar71xx is not converted to device tree yet.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:50 +01:00
Felix Fietkau
feb25f1a5b kernel: add support for the AT8032 PHY
This PHY is used on the Ubiquiti Networks NanoStation Loco XW

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:50 +01:00
Felix Fietkau
06a21e12ee kernel: backport some upstream at803x fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Felix Fietkau
566de813c3 ramips: prevent packet forwarding on mt7620 between switch ports during init (FS#103)
By default, forwarding between all ports is allowed on init. This is
problematic in cases where some ports are supposed to be isolated from
each other, most commonly LAN/WAN separation.

REG_ESW_PORT_PCR(port) has a destination mask for a particular port,
controlling what other ports it is allowed to send packets to.
Instead of initializing all to 0xff (all ports), allow each physical
port to send to the CPU port, and the CPU port to send to all other
ports.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Felix Fietkau
81b5e8e5d2 base-files: add a hint in sysupgrade that shows what to do when the image metadata check fails
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Yong-hyu, Ban
377eac0ceb ramips: fix LAN port order of WeVO W2914NS v2
Signed-off-by: Yong-hyu, Ban <perillamint@gentoo.moe>
2016-12-04 08:22:07 +01:00
BangLang Huang
23b58f8acb ramips: fix PBR-D1 button definition
Due to the product specification, the button on PBR-D1 should be
reset, not wps.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
2016-12-04 07:03:17 +01:00
Tobias Wolf
2e020e2cef ramips: add support for PCI based OHCI/EHCI support for F5D8235 V1
This router uses an PCI attached NEC EHCI controller to support the single USB port.

Signed-off-by: Tobias Wolf <github-NTEO@vplace.de>
2016-12-04 07:03:17 +01:00
Tobias Wolf
13c0d208b2 ramips: introduce CONFIG_PCI and CONFIG_OF_*PCI for rt288x
This is a prerequisite for F5D8235 V1 to use PCI based OHCI/EHCI.

Signed-off-by: Tobias Wolf <github-NTEO@vplace.de>
2016-12-04 07:03:17 +01:00
Tobias Wolf
c2ed721e89 ramips: improve F5D8235 V1 support
This fixes the partition name for the firmware splitter, the cfi
address and adds the mtd-eeprom address for wmac. It adds additional
LEDs and make use of them in diag.sh and 01_leds.

Please note that the ":blue:wired" LED is used because the
":blue:router" behaviour is unpredictable for failsafe indication. The
issue with the router LED is that you have two states only.
"off" is steady on and "on" blinks. Therefore the wired LED is more
suitable.

Furthermore it reuses the correct switch configuration definition to
reflect the device ports and numbering. Additionally fixes the issue
that the default configuration is not applied as no port 6 exists on
this device.

Signed-off-by: Tobias Wolf <github-NTEO@vplace.de>
2016-12-04 07:03:17 +01:00
Vignesh Balasubramaniam
62e4c915ee mvebu: fix sysupgrade for Linksys WRT3200ACM
sysupgrade command fails due to missing U-Boot environment-processing
binaries on sysupgrade ramdisk. The missing binaries result in the
following output:

Switching to ramdisk...
	Performing system upgrade...
	ash: /usr/sbin/fw_printenv: not found
	ash: fw_setenv: not found
	ash: touch: not found
	cannot find target partition

Signed-off-by: Vignesh Balasubramaniam <vigneshb.hp@gmail.com>
2016-12-04 07:03:17 +01:00
Mathias Kresin
c95e4e715d mvebu: fix image validation error
The name from the Device define will be used in the metadata. Due to
typo/different spelling, this name might not match the one exported in
/lib/mvebu.sh.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-12-04 07:03:17 +01:00
Mathias Kresin
d9d838bc97 lantiq: fix image validation errors
The boards did not have the name set that is expected during metadata
validation on sysupgrade.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-12-04 07:03:17 +01:00
Hauke Mehrtens
abedd718aa cyassl: update to wolfssl version 3.9.10
This fixes the following security problems:
CVE-2016-7440: Software AES table lookups do not properly consider cache-bank access times
CVE-2016-7439: Software RSA does not properly consider cache-bank monitoring
CVE-2016-7438: Software ECC does not properly consider cache-bank monitoring
SWEET32 Attack

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:35:35 +01:00
Hauke Mehrtens
7e6c53dac9 valgrind: update to 3.12.0
Support for MIPS toolchains without FPU support was added upstream,
so remove our patch.

patches/310-mips-link-tool.patch was a backport form this version of valgrind
src/abort.c is not referenced anywhere

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:03:56 +01:00
Hauke Mehrtens
4e07167eff curl: update to version 7.51.0
This fixes the following security problems:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:44 +01:00
Hauke Mehrtens
99ea26883b mbedtls: update to version 2.4.0
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:20 +01:00
Hauke Mehrtens
280fdac18f polarssl: update to version 1.3.18
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:36:34 +01:00
Jo-Philipp Wich
a642a11fac scripts: getver.sh: append Git short hash to revision
Change getver.sh to append a short Git commit hash to the end of the artifical
revision number. This way we still have order- and comparable commit numbers
but also a direct relation to the Git commit.

The new output format will look like "r2400+2-882472e" for dirty trees or like
"r2402-882472e" for clean ones.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-02 16:38:55 +01:00
Jo-Philipp Wich
5f3c96c285 build: adjust version number handling
Move the revision info to the VERSION_CODE variable and default VERSION_NUMBER
to CURRENT for master branch builds.

Also introduce a new menuconfig option CONFIG_VERSION_CODE which allows users
to override the revision value put into VERSION_CODE and adjust the template
files used by the base-files package to accomodate for the changed semantics.

While we're at it, also adjust the various URLs to match the current web site.

After this commit, the relevent files will look like the examples given below:

    # cat /etc/openwrt_version
    r2398+1

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='CURRENT'
    DISTRIB_REVISION='r2398+1'
    DISTRIB_CODENAME='reboot'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Reboot CURRENT r2398+1'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="CURRENT, Reboot"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Reboot CURRENT"
    VERSION_ID="current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2398+1"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Reboot CURRENT r2398+1"

On a release branch, those files would look like:

    # cat /etc/openwrt_version
    r2399

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='16.12-CURRENT'
    DISTRIB_REVISION='r2399'
    DISTRIB_CODENAME='test_release'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Test Release 16.12-CURRENT r2399'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="16.12-CURRENT, Test Release"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Test Release 16.12-CURRENT"
    VERSION_ID="16.12-current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2399"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Test Release 16.12-CURRENT r2399"

On a release tag, those files would look like:

    # cat /etc/openwrt_version
    r2500

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='17.02.1'
    DISTRIB_REVISION='r2500'
    DISTRIB_CODENAME='mighty_unicorn'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Mighty Unicorn 17.02.1 r2500'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="17.02.1, Mighty Unicorn"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Mighty Unicorn 17.02.1"
    VERSION_ID="17.02.1"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2500"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Mighty Unicorn 17.02.1 r2500"

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 16:02:02 +01:00
Felix Fietkau
1947cf36ba procd: update to the latest version, fixes killing jailed processes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 13:55:23 +01:00
Felix Fietkau
a2e197d972 libubox: update to the latest version
- Improves C++ compatibility
- Adds static initializers for the kvlist API

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 20:14:52 +01:00
John Crispin
7c809f1687 ramips: fix sdhci support on mt7621
the IRQ level was wrong. refresh the patch while at it.

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-01 18:30:41 +01:00
Jo-Philipp Wich
0b3b8c83c0 tools: cmake: fix compatibility with LibreSSL as well
Sadly, LibreSSL claims to be OpenSSL v2.0.0 while not providing the new
interfaces introduced with OpenSSL v1.1.x, so extend the pre-OpenSSL 1.1.x
compat checks to consider LibreSSL as well.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-01 16:49:24 +01:00
Andrew Yong
07b571a435 ramips: RB750Gr3: Add pwr LED and buzzer to DTS
use pwr LED in diag.sh
Expose unused pinmux pins as GPIOs
export power LED and buzzer pins
Use rb750gr3:blue:pwr LED in diag.sh for boot status instead of rb750gr3:green:usr

Signed-off-by: Andrew Yong <me@ndoo.sg>
2016-12-01 16:17:55 +01:00
dissent1
fef6a96d9e ipq806x: add thermal sensor driver
Allows to check cpu temperature.

Huge thanks to @hnyman for valuable assistance!

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-12-01 15:47:43 +01:00
Pavel Kubelun
2b71f958b1 ipq806x: increase coherent dma pool size
Cherry-picked and rebased from
https://source.codeaurora.org/quic/qsdk/system/openwrt/tree/?h=korg/linux-3.4.y/release/arugula_bb_cs

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-12-01 15:47:43 +01:00
Pavel Kubelun
8fca99266e ipq806x: add enable reg and masks for PRNG
Cherry-picked from https://source.codeaurora.org/quic/qsdk/system/openwrt/tree/?h=korg/linux-3.4.y/release/arugula_bb_cs

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-12-01 15:47:43 +01:00
Pavel Kubelun
94e4ee5395 net: ar8327: modify some configuration of switch
Imported from https://source.codeaurora.org/quic/qsdk/system/openwrt/commit/?h=korg/linux-3.4.y/release/arugula_bb_cs&id=2be4f8a8b205ae1a37db44839864451ebe893e6e
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>

Enable flow control of LAN and WAN ports to
get better performance.
Setup pvid as 0 for all ports during initialisation
to avoid confusion during system or switch INIT.
Disable PORT MAC before config MAC to avoid it work abnormal.
This change is for IR-054144, IR-057315.

Change-Id: I345f3dffa59ad3f97150e09692723da12a7b1067
Signed-off-by: Zou Shunxiang <shunxian@codeaurora.org>
Signed-off-by: xiaofeis <xiaofeis@codeaurora.org>
2016-12-01 15:47:43 +01:00
Pavel Kubelun
5a69f59602 net: ar8216: address security vulnerabilities in swconfig & ar8216
Imported from e1aaf7ec00%5E%21/#F0
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>

CHROMIUM: net: ar8216: address security vulnerabilities in swconfig & ar8216

This patch does the following changes:
*address the security vulnerabilities in both swconfig framework and in
 ar8216 driver (many bound check additions, and turned swconfig structure
 signed element into unsigned when applicable)
*address a couple of whitespaces and indendation issues

BUG=chrome-os-partner:33096
TEST=none

Change-Id: I94ea78fcce8c1932cc584d1508c6e3b5dfb93ce9
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
Reviewed-on: https://chromium-review.googlesource.com/236490
Reviewed-by: Toshi Kikuchi <toshik@chromium.org>
Commit-Queue: Toshi Kikuchi <toshik@chromium.org>
Tested-by: Toshi Kikuchi <toshik@chromium.org>
2016-12-01 15:47:43 +01:00
Pavel Kubelun
a3454d1929 net: ar8216: prevent device duplication in ar8xxx_dev_list
Import from fd7b89dd46%5E%21/#F0
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>

CHROMIUM: drivers: ar8216: prevent device duplication in ar8xxx_dev_list

If probe is called twice, once for PHY0 and a second time for PHY4,
the same switch device will be added twice to ar8xxx_dev_list, while
supposedly this list should have one element per hardware switch present
in the system.

While no negative impact have been observed, it does happen if a
platform instanciates these two PHYs from device-tree, as an example.

Change-Id: Iddcbdf7d4adacb0af01975b73f8e56b4582e894e
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
Reviewed-on: https://chromium-review.googlesource.com/234790
Reviewed-by: Matthias Kaehlcke <mka@chromium.org>
Reviewed-by: Toshi Kikuchi <toshik@chromium.org>
Tested-by: Toshi Kikuchi <toshik@chromium.org>
2016-12-01 15:47:43 +01:00