Commit graph

36651 commits

Author SHA1 Message Date
Jo-Philipp Wich
113544dccf firewall: update to fix FS#31, FS#73, FS#154, FS#248
Update to latest Git head in order to import several fixes and enhancements.

- Disable drop invalid by default (FS#73, FS#154)

  Instead of dropping packets with conntrack state INVALID, only allow streams
  with explicit NEW or UNTRACKED conntrack state.

  This change gives user defined rules the chance to accept traffic like ICMPv6
  multicast which would be filtered away by the very early ctstate INVALID drop
  rule otherwise.

  The old behaviour can be restored by explicitely setting "drop_invalid" to 1
  in the global firewall config section.

- Fix re-initialization of loadable iptables extensions on musl (FS#31)

  Since musl does not implement actual dlclose() semantics, it is impossible to
  re-run initializers on subsequent dlopen() calls.

  The firewall3 executable now intercepts the extension registration calls
  instead in order to be able to re-call them when needed.

  This also allowed us to switch to libxtables' builtin extension loader as a
  positive side-effect.

- Fix masquerade rules for multiple negated IP addresses (FS#248)

  When building MASQUERADE rules for zones which specify multiple negated
  addresses in masq_src or masq_dest, emit -j RETURN rules which jump out of
  the masquerading chain instead of creating multiple rules with inverted "-s"
  arguments.

- Tag own rules using comments

  Instead of relying on the nonstandard xt_id match, use the xt_comment match
  to mark own rules. Existing comments are prefixed with "!fw3: " while
  uncommented rules are marked with a sole "!fw3" string.

  This allows removing the xt_id match entirely in a later commit.

- Make missing ubus connection nonfatal

  Technically, firewall3 is able to operate without ubus just fine as long as
  the zones are declared using "option device" or "option subnet" instead of
  "option network" so do not abort execution if ubus could not be connected or
  of no network namespace is exported in ubus.

  This allows running firewall3 on ordinary Linux systems.

- Fix conntrack requirement detection for indirectly connected zones

  The current code fails to apply the conntrack requirement flag recursively to
  zones, leading to stray NOTRACK rules which break conntrack based traffic
  policing.

  Change the implementation to iteratively reapply the conntrack fixup logic
  until no more zones had been changed in order to ensure that all directly and
  indirectly connected zones receive the conntrack requirement flag.

- Add support for iptables 1.6.x

  Adds support for the xtables version 11 api in order to allow building
  against iptables 1.6.x

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-08 11:35:50 +01:00
Christian Lamparter
9c91335dc7 iperf3: update to version 3.1.4
"This release fixes a few minor bugs, including a
(non-security-impacting) buffer overflow fix ported
from upstream cjson."
<http://software.es.net/iperf/news.html#iperf-3-1-4-released>

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-08 11:17:11 +01:00
Rafał Miłecki
0a6439154a scripts/feeds: use git rev-parse for getting revision
It provides simpler output so we don't need extra head and cut commands.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-08 11:17:11 +01:00
Rafał Miłecki
4f7947dab8 scripts/feeds: display "X" as revision of uninitialized feeds
So far we were displaying "local" which could be misinterpreted. It
wasn't possible e.g. to say if src-link feed was initialized or not.
Hopefully "X" makes (a bit) more sense.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-08 11:17:11 +01:00
Mathias Kresin
4f7a0601e6 mac80211: rt2x00: add mtd-eeprom swab function
Most of the lantiq devices with ralink wifi have the EEPROM stored
in big endian byte order in flash, but the driver expects the EEPROM to
be in little endian.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-08 11:17:11 +01:00
Mathias Kresin
7f235df571 mac80211: rt2x00: remove eeprom filename dependency from mtd-eeprom
The ralink,mtd-eeprom device tree property doesn't require the
ralink,eeprom property to work.

Rework the error handling and user notification as well. Do not log an
error if the mtd-eeprom parameter isn't used. It could be intentional
and should not scare the user.

Check if the number of bytes read from the mtd devices matches the
requested number of bytes.

In case of an mtd read error, give a hint to the user which partition
was tried to read from.

In case everything is fine, notify the user as well.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-08 11:17:10 +01:00
Mathias Kresin
2516c0572e mac80211: rt2x00: improve eeprom_file property handling
Call the rt2x00lib_get_eeprom_file_name only once and from the function
where the EEPROM filename is required.

Error only out if an EEPROM file is mandatory. Use the
REQUIRE_EEPROM_FILE bit to determine if it is mandatory.

Do not set the REQUIRE_EEPROM_FILE bit while requesting an EEPROM file.
It should be (and is) set before requesting an EEPROM file.

Do not redirect users to upstream while using a function of a custom
patch.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-08 11:17:10 +01:00
Christian Lamparter
b5638bb64e apm821xx: redo WAN green and yellow LEDs
Because the WAN port is handled by the internal AR8327N switch, the
device should use swconfig_leds trigger to handle the link activity
of the WAN LED. This has the added bonus that the WAN LED will now
go dark if there's no ethernet cable connected to the WAN port.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-08 11:17:10 +01:00
Pavel Kubelun
524d7a7cde ipq806x: fix pcie reset gpios
Fix perst-gpios property in accordance to the driver, so it stops spamming that it can't parse it.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-11-08 11:17:10 +01:00
Henryk Heisig
4ad68fa0a2 ar71xx: tl-wpa8630: Fix kernel lenght
Signed-off-by: Henryk Heisig <hyniu@o2.pl>
2016-11-08 11:17:10 +01:00
Henryk Heisig
1b2b3cb8be ar71xx: wpa8630: change board name to tl-wpa8630
Signed-off-by: Henryk Heisig <hyniu@o2.pl>
2016-11-08 11:17:10 +01:00
Roger Pueyo Centelles
5f6e948551 ramips: Add support for Wavlink WL-WN575A3
This commit adds support for the Wavlink WL-WN575A3, a dual-band wall-plug
wireless router with the following specifications:

 - CPU: MediaTek MT7628AN 580MHz
 - Flash: 8MB
 - RAM: 64MB
 - Ethernet: 2x 10/100 Mbps (switched)
 - 2.4 GHz: 802.11b/g/n SoC, MIMO 2x2, 20 dBm
 - 5 GHz: 802.11a/n/ac MT7612E, MIMO 2x2, 20 dBm
 - Antennas: 4x external (2 per radio), non-detachable
 - LEDs: 4 programmable + LAN, WAN, POWER
 - Buttons: reset, WPS

Flashing instructions:

Factory U-boot launches a TFTP client if WPS button is pressed during power-on.
Rename the sysupgrade file and configure a TFTP as follows:

 - Client (WL-WN575A3) IP: 192.168.10.101
 - Server IP: 192.168.10.100
 - Filename: firmware.bin

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
2016-11-08 11:17:10 +01:00
Hans Dedecker
a50243ea1f dnsmasq: Support add-mac option
Adds the mac address of the DNS requestor to DNS queries which
are forwarded upstream and can be used to do filtering by the
upstream servers. This only works if the requestor is on the
same subnet as the dnsmasq server

The addmac parameter can hold the following values:
	0 : mac address is not added
	1 : mac address is added in binary format
	base64 : mac address is added base64 encoded
	text: : mac address is added in human readable format
		as hex and colons

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-11-08 11:17:10 +01:00
BangLang Huang
bc4109845d ramips: fix Newifi D1 profile
the images were generated for the wrong flash size.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
2016-11-08 11:17:10 +01:00
Alberto Bursi
2cb4b267bd mdadm: move to Disc submenu
As in Disc there is also lvm2 and other hard drive tools in the Openwrt package feeds.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
decf6b3314 yamonenv: move to Boot Loaders submenu
Boot Loaders submenu is the place where all other boot loaders are.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
e4fef72244 comgt: move to WWAN submenu, fixed link
moving comgt and its modules to WWAN submenu to join uqmi as both are tools for WWAN modems.

I replaced the link with comgt's ubuntu manpage because the old link isn't working anymore.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
9abdeee0b7 uqmi: moved to WWAN submenu
Moving uqmi to WWAN submenu

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Felix Fietkau
64c386c566 build: remove stale .ipk files if package dir changes
If a package nonshared status is changed, a stale .ipk file might still
be present in the old package directory. Remove the .ipk file from all
package directories when building a new one (or explicitly running
clean)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-08 10:49:51 +01:00
Christian Schoenebeck
7ee661def6 ca-certificates: update to version 20161102
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2016-11-08 10:49:51 +01:00
Florian Larysch
dfc14bd145 kernel: add kernel module package for the DS1374 RTC
Package the driver for the DS1374 chip present on the T4240RDB.

Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix missing symbol]
2016-11-08 10:49:40 +01:00
Florian Larysch
51b1d76f16 kernel: package module for the W83793 hwmon chips
Package the driver for the W83793 hwmon chip present on the T4240RDB.

Signed-off-by: Florian Larysch <fl@n621.de>
2016-11-08 05:49:58 +01:00
Alexandru Ardelean
519a199cbc devel/strace: fix build on mpc85xx target
builbot faillog:
https://downloads.lede-project.org/snapshots/faillogs/powerpc_8540/base/strace/compile.txt

Seems that for PPC, the <linux/ptrace.h> header [from uapi] collides
with musl's <sys/user.h>, for the pt_regs struct.

Seems I tried to upstream this patch a while back:
https://lists.openwrt.org/pipermail/openwrt-devel/2016-April/041093.html

It seems to work on current LEDE trunk too.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-11-08 05:49:58 +01:00
Cezary Jackiewicz
862e7fb7b3 gcom: Fix 'mode' option for ncm
For Huawei devices like E3372 proper command for set lte mode is:

AT^SYSCFGEX="03",3fffffff,2,4,7fffffffffffffff,,

Eval is required for proper quotation.

Without this fix:

Fri Nov  4 19:07:49 2016 daemon.notice netifd: Interface 'wan' is setting up now
Fri Nov  4 19:07:52 2016 daemon.notice netifd: wan (2060): sending -> AT
Fri Nov  4 19:07:52 2016 daemon.notice netifd: wan (2060): sending -> ATZ
Fri Nov  4 19:07:53 2016 daemon.notice netifd: wan (2060): sending -> ATQ0
Fri Nov  4 19:07:53 2016 daemon.notice netifd: wan (2060): sending -> ATV1
Fri Nov  4 19:07:54 2016 daemon.notice netifd: wan (2060): sending -> ATE1
Fri Nov  4 19:07:55 2016 daemon.notice netifd: wan (2060): sending -> ATS0=0
Fri Nov  4 19:07:55 2016 daemon.notice netifd: wan (2060): sending -> AT+CGDCONT=1,"IP","internet"
Fri Nov  4 19:07:57 2016 daemon.notice netifd: wan (2060): sending -> AT^SYSCFGEX=\"03\",3fffffff,2,4,7fffffffffffffff,,
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2060): Error running AT-command
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2060): Failed to set operating mode
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2092): Stopping network
...

With this fix:

Fri Nov  4 19:10:59 2016 daemon.notice netifd: Interface 'wan' is setting up now
Fri Nov  4 19:11:01 2016 daemon.notice netifd: wan (2539): sending -> AT
Fri Nov  4 19:11:01 2016 daemon.notice netifd: wan (2539): sending -> ATZ
Fri Nov  4 19:11:02 2016 daemon.notice netifd: wan (2539): sending -> ATQ0
Fri Nov  4 19:11:03 2016 daemon.notice netifd: wan (2539): sending -> ATV1
Fri Nov  4 19:11:03 2016 daemon.notice netifd: wan (2539): sending -> ATE1
Fri Nov  4 19:11:04 2016 daemon.notice netifd: wan (2539): sending -> ATS0=0
Fri Nov  4 19:11:05 2016 daemon.notice netifd: wan (2539): sending -> AT+CGDCONT=1,"IP","internet"
Fri Nov  4 19:11:06 2016 daemon.notice netifd: wan (2539): sending -> AT^SYSCFGEX="03",3fffffff,2,4,7fffffffffffffff,,
Fri Nov  4 19:11:07 2016 daemon.notice netifd: wan (2539): sending -> AT^NDISDUP=1,1,"internet"
Fri Nov  4 19:11:08 2016 daemon.notice netifd: wan (2539): Connected, starting DHCP on wwan0
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan' is now up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Network device 'wwan0' link is up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Network alias 'wwan0' link is up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' is enabled
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' has link connectivity
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' is setting up now
...

Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
2016-11-08 05:49:58 +01:00
Rafał Miłecki
e2a65f4aa5 bgmac: backport small DMA fix
It's supposed to significantly improve performance but doesn't seem to
affect Northstar unfortunately. It seems only some other platforms were
limited because of this DMA setup mistake.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-07 14:42:58 +01:00
Rafał Miłecki
4fae9db765 kernel: fix bgmac regression causing BCM47186B0 SoC hangs
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-07 14:30:32 +01:00
Mathias Kresin
578f7b9c59 kernel: fix kmod-sound-core build error
Fix build error introduced with 2ab6aac.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-05 22:24:25 +01:00
Dmitry Sutyagin
2ab6aaca4d kernel: add SND_PCM_TIMER to kmod-sound-core
FS#256

Fix audio not working due to unset SND_PCM_TIMER. CONFIG_SND_PCM_TIMER
is required for ALSA to work (at least for some audio devices),
otherwise applications using sound may fail. Can be reproduced by
installing "alsa-utils-tests" and running "speaker-test":

...
ALSA lib pcm_direct.c:1159:(snd1_pcm_direct_initialize_poll_fd) unable to open timer 'hw:CLASS=3,SCLASS=0,CARD=0,DEV=0,SUBDEV=0'
ALSA lib pcm_dmix.c:1106:(snd_pcm_dmix_open) unable to initialize poll_fd
Playback open error: -19,No such device

The kernel size does not increase, only the size of the kernel module
increases.

Signed-off-by: Dmitry Sutyagin <f3flight@gmail.com>
2016-11-05 22:03:42 +01:00
Jo-Philipp Wich
95ac6906aa arm64: switch boot-wrapper to working repository
The original repo in this Makefile disappeared from the internet so use another
copy of this repository on kernel.org. Also switch from git:// to https://
while being at it.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-05 16:10:05 +01:00
Koen Vandeputte
347884b345 cns3xxx: fix UART resource overlap
Port 1 registers the same IO resources as port 2 in the kernel resource
tree, which is wrong.
Fix this by using it's own resources as indicated in the overview
(cns3xxx.h).

Compiled & Tested on several GW2388-4 laguna boards which utilizes all 3
ports.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2016-11-05 10:18:27 +01:00
Felix Fietkau
fb504e8799 Revert "mt76: update to the latest version, adds a tx queue configuration fix"
This reverts commit 32867540ea.
A report indicates that this causes a tx/rx throughput regression

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-05 10:16:53 +01:00
Jo-Philipp Wich
5a37d0601a sdk: depend on linux/install
Since commit 484cb91 "sdk: bundle required firmware files" there is an
implicit dependency of the SDK on a prior Kernel compilation.

Change target/Makefile to make this dependency explicit to avoid race
conditions with parallel builds.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-04 16:14:51 +01:00
Felix Fietkau
17ecd879b8 Revert "mwl8k: remove synchronous device init hack"
This reverts commit cb037d1842.
See 6aa07b8202 for more information

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 13:23:07 +01:00
Florian Fainelli
57fb5c08f5 include: Cortex-A53 is also an AArch64 CPU
Specifying a mtune option with cortex-a53 is also valid for an aarch64
toolchain

Fixes: SVN 48964
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-11-04 13:11:00 +01:00
Felix Fietkau
3616666126 ipq806x: fix zyxel image build error
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 13:06:35 +01:00
Felix Fietkau
fcf90318c5 ipq806x: clean up the kernel config and reduce kernel image size by disabling some unnecessary code
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 13:06:35 +01:00
Felix Fietkau
fddd532612 ipq806x: fix a kconfig issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 13:06:35 +01:00
Felix Fietkau
6aa07b8202 Revert "mac80211: remove ath10k delayed initialization hack"
This reverts commit efd9dec319.

ath10k can take a long time to probe, long enough for netifd to fail to
initialize already configured wireless devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 12:58:52 +01:00
Daniel Engberg
9f61ccd9e3 target/sdk: Switch to xz compression instead of bz2
Switch to xz compression instead of using bz2.
This makes a considerable difference in size, ar71xx SDK from 60M to 35M.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-11-04 11:38:19 +01:00
Christian Lamparter
8f2c2f94cf apm821xx: add back end-of-UBI marker for the WNDR4700 and MR24
The patch "build: drop UBI EOF marker from images by default"
(commit d27bce8d28) removed the
end-of-UBI marker. Without this marker, the boards will panic
during boot:

[    1.683458] ubi0: attaching mtd4
[    1.696181] ubi0 warning: scan_peb: valid VID header but corrupted EC header at PEB 31
[    1.704367] ubi0 error: scan_peb: bad image sequence number 549886691 in PEB 32, expected 184585623
[    1.713377] Erase counter header dump:
[    1.717110]  magic          0x55424923
[    1.720843]  version        1
[    1.723797]  ec             0
[    1.726752]  vid_hdr_offset 512
[    1.729880]  data_offset    2048
[    1.733094]  image_seq      549886691
[    1.736740]  hdr_crc        0x92ba8130
[    1.740472] erase counter header hexdump:
[    1.744493] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd4, error -22
[    1.751528] UBI error: cannot attach mtd4
[    1.755373] hctosys: unable to open rtc device (rtc0)
[    1.761130] VFS: Cannot open root device "(null)" or unknown-block(0,0): error -6
[    1.768604] Please append a correct "root=" boot option; here are the available partitions:
[...]
[    1.856992] Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)
[    1.866519] Rebooting in 1 seconds..Auto calibration ---

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-04 11:11:34 +01:00
Felix Fietkau
32867540ea mt76: update to the latest version, adds a tx queue configuration fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 10:32:51 +01:00
Felix Fietkau
cae688544d mac80211: fix A-MSDU tx aggregation (FS#174)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 10:32:05 +01:00
Felix Fietkau
db82db3203 mac80211: minor cleanup
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 10:31:42 +01:00
Felix Fietkau
5c11a4b311 mac80211: fix a tx A-MPDU aggregation issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-04 10:31:27 +01:00
Mathias Kresin
3db1a5c8fa lantiq: use external pci clock on ARV7506PW11
Fixes a ralink wireless driver related kernel crash as soon as a lot of
data is tranfered via wireless.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-03 19:00:28 +01:00
Mathias Kresin
112cf52d45 lantiq: cleanup dts files
- remove not existing properties
- remove properties having the same values as the included dtsi
- remove nodes which are disabled in the included dtsi and not enabled
  in dts
- replace the deprecated pinctrl-* compatible strings
- use the same labels for nodes as the included dtsi
- move common used vr9 pci properties to vr9.dtsi
- remove the unused stp node from HomeHub 2B devcie tree source file
- fix spaces vs. tabs and remove superfluous linebreaks

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-03 19:00:28 +01:00
Felix Fietkau
12bd0f2820 mac80211: replace the previous fix with a revert of the faulty upstream commit
This avoids potential breakage in rt2x00usb

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 12:13:50 +01:00
Luiz Angelo Daros de Luca
e2fd98793e elfutils: bump to 0.167
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2016-11-03 11:08:02 +01:00
Felix Fietkau
cb037d1842 mwl8k: remove synchronous device init hack
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 11:08:01 +01:00
Mathias Kresin
efd9dec319 mac80211: remove ath10k delayed initialization hack
LEDE no longer requires all PHYs to be initialized to
create the configuration files during bootup. This patch
removes the now obsolete ath10k patch.

Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-03 11:08:01 +01:00