Commit graph

12910 commits

Author SHA1 Message Date
Stijn Tintel
388681fe53 hostapd: enable SHA256-based algorithms
Enable support for stronger SHA256-based algorithms in hostapd and
wpa_supplicant when using WPA-EAP or WPA-PSK with 802.11w enabled.

We cannot unconditionally enable it, as it requires hostapd to be
compiled with 802.11w support, which is disabled in the -mini variants.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>
2017-01-03 20:53:49 +01:00
Stijn Tintel
30f14f6198 hostapd: add function to handle wpa_key_mgmt
Now that wpa_key_mgmt handling for hostapd and wpa_supplicant are
consistent, we can move parts of it to a dedicated function.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>
2017-01-03 20:53:48 +01:00
Stijn Tintel
bdcffb9bb6 wpa_supplicant: rework wpa_key_mgmt handling
Rework wpa_key_mgmt handling for wpa_supplicant to be consistent with
how it is done for hostapd.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>
2017-01-03 20:53:48 +01:00
Stijn Tintel
b13e103d71 ath5k: select 802.11w support
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-01-03 20:53:48 +01:00
Roger Pueyo Centelles
c6d3a62919 gre: add different per-protocol prefixes to GRE-TAP IPv4/6 tunnel interfaces.
This commit modifies the /lib/netifd/proto/gre.sh script so that, when
GRE-TAP tunnels are created, either IPv4 or IPv6, the prefix before the chosen
interface name contains the "tap" substring, to differentiate them from non-TAP
GRE tunnels.

Right now, both GRE and GRE-TAP tunnel (either IPv4 or IPv6) interfaces defined
in /etc/config/network are named equally ("gre-"+$ifname or "grev6"+$ifname)
upon creation. For instance, the following tunnels:

        config interface 'tuna'
                option peeraddr '172.30.22.1'
                option proto 'gre'

        config interface 'tunb'
                option peeraddr '192.168.233.4'
                option proto 'gretap'

        config interface 'tunc'
                option peer6addr 'fdc5:7c9e:e93d:45af::1'
                option proto 'grev6'

        config interface 'tund'
                option peer6addr 'fdc0:6071:1348:31ff::2'
                option proto 'grev6tap'

are named, respectively, "gre-tuna", "gre-tunb", "grev6-tunc" and "grev6-tund".

The current change makes that each GRE tunnel interface of the four different
types available (gre, gretap, grev6 and grev6tap) gets a different prefix.
Therefore, the abovementioned tunnels will be named, respectively:
"gre4-tuna", "gre4t-tunb", "gre6-tunc" and "gre6t-tund".

This is coherent with other types of virtual interfaces (i.e. PPP, PPPoE, PPPoA)
where the whole protocol name is used. For instance, a PPPoA interface named
"p1" and a PPPoE interface named "p2" will respectively appear as "pppoa-p1"
and "pppoe-p2", not as "ppp-p1" and "ppp-p2").

Since Linux interfaces names are limited to 15 characters, these prefixes leave,
for the worst case (TAP tunnels), 9 characters for the actual name.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
2017-01-03 14:36:37 +01:00
Luiz Angelo Daros de Luca
0bb474652e elfutils: bump to 0.168
Other changes:
- Project moved to sourceware.org
- musl patch where cleaned up and submitted upstream
- TEMP_FAILURE_RETRY macro fixed and submitted upstream

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
[Jo-Philipp Wich: add missing .patch extension to 007-fix_TEMP_FAILURE_RETRY]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-03 14:32:35 +01:00
Rosen Penev
558680012d curl: Remove PolarSSL and adjust default to mbedTLS
luci-ssl has already made the switch since mainline support for PolarSSL is
almost over (2016).

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-01-03 14:26:41 +01:00
Daniel Engberg
0050b39fd4 gmp: Update to 6.1.2
Update GMP to 6.1.2

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-01-03 14:24:33 +01:00
Daniel Engberg
6099f22097 zlib: Update to 1.2.9
Update zlib to 1.2.9 and switch to XZ tarballs for download.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-01-03 14:24:33 +01:00
Daniel Engberg
bb4afdc8bc libusb: Update to 1.0.21
Update libusb to 1.0.21

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-01-03 14:24:33 +01:00
Florian Fainelli
1618c4abdb rpcd: Update to 2016-12-03
Brings in the following changes:

0577cfc1acdb cmake: Find libubox/blobmsg_json.h
26c98ec94d7a sys: Check return values of chdir and write
f4089654a399 cmake: Find libubus.h

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-01-02 21:06:14 +01:00
Florian Fainelli
9bf2bc7587 fstools: Update to 2016-12-04
Brings in the following changes:
84b530a732b1 libfstools: Check return values for fread and system

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-01-02 21:06:14 +01:00
Florian Fainelli
55209a9df9 uclient: Update to 2016-12-09
Brings in the following changes:

52d955fd802a remove obsolete mac os x /opt/local include/library search path
a4e49b4163b2 Fix unused results warnings
48cfff3fbec9 uclient-http: send correct "Host:" header if port is set

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-01-02 21:06:13 +01:00
Mathias Kresin
8c822ec4ca uboot-lantiq: fix boot of images larger than 8MB
Increasing CONFIG_SYS_BOOTM_LEN from 8 MB to 16 MB is necessary to
support uncompressing images larger than 8 MB when using the bootm
command.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-01-02 19:16:54 +01:00
Mathias Kresin
cfe1c6debe uboot-lantiq: fix build with gcc6
Backport u-boot commit 9b2c282b348dfe966bbba967dc7a45ce817cce50 to fix
compile with gcc5 and gcc6.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-01-02 19:16:54 +01:00
Alexis Green
fd718c5025 mac80211: Allow HT/VHT rates when running unencrypted mesh.
Signed-off-by: Alexis Green <agreen@cococorp.com>
2017-01-02 16:47:59 +01:00
Alberto Bursi
8496659eb4 base-files: fix message of initscript wrapper
currently (after blogic's edit to my commit) it prints like this:

root@lede:/# service aa
aa does not exist. the following services are available :adblock       dnsmasq       gpio_switch   rpcd          system
boot          done          led           sqm           uhttpd
crelay        dropbear      log           sysctl        umount
cron          firewall      network       sysfixtime    urandom_seed
ddns          fstab         odhcpd        sysntpd

which looks pretty bad, and is even worse if someone writes only "service" without arguments, as it will print " does not exist. " which is confusing.

with this commit it looks like this:

root@lede:/# service
service "" not found, the following services are available:
adblock       dnsmasq       gpio_switch   rpcd          system
boot          done          led           sqm           uhttpd
crelay        dropbear      log           sysctl        umount
cron          firewall      network       sysfixtime    urandom_seed
ddns          fstab         odhcpd        sysntpd

Yes there is some play with " and ', it is to display "name" or just "" if no service name is entered (like in the example).

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-01-02 16:47:59 +01:00
George Amanakis
5639e45614 generic: package Broadcom BNX2 driver
bnx2 driver support for the x86 architecture. Includes module and
firmware for Broadcom BCM5706/5708/5709/5716 ethernet adapters.

Signed-off-by: George Amanakis <g_amanakis@yahoo.com>
2017-01-02 16:47:59 +01:00
Hauke Mehrtens
1436e15488 curl: update to version 7.52.1
This fixes the folowing security problems:

CVE-2016-9586: printf floating point buffer overflow
CVE-2016-9952: Win CE schannel cert wildcard matches too much
CVE-2016-9953: Win CE schannel cert name out of buffer read
CVE-2016-9594: unititialized random

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-02 13:07:10 +01:00
Hannu Nyman
b7677f05d6 ustream-ssl: remove extra DEFAULT_VARIANT from libustream-polarssl
Currently both libustream-polarssl and libustream-mbedtls
variants define themselves as the DEFAULT_VARIANT

Remove extra DEFAULT_VARIANT from libustream-polarssl.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-12-30 17:38:39 +01:00
Magnus Kroken
39d3a4117b openvpn: update to 2.4.0
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-30 13:07:41 +01:00
Magnus Kroken
8ed11ebf7d mbedtls: enable DHE-RSA key exchange
Later OpenVPN 2.3-openssl versions only enable
TLS cipher suites with perfect forward secrecy, i.e. DHE and ECDHE
cipher suites. ECDHE key exchange is not supported by
OpenVPN 2.3-openssl, enable DHE key exchange to allow LEDE
OpenVPN 2.4-mbedtls clients to connect to such servers.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Reported-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Reported-by: Lucian Cristian <luci@createc.ro>
2016-12-30 13:06:43 +01:00
Magnus Kroken
ca963bbf5f mbedtls: enable secp384r1 elliptic curve support
Secp384r1 is the default curve for OpenVPN 2.4+. Enable this to
make OpenVPN-mbedtls clients able to perform ECDHE key exchange
with remote OpenVPN 2.4-openssl servers that use the default
OpenVPN curve.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-30 13:06:25 +01:00
Felix Fietkau
ae37f2310b mbedtls: enable support for external private RSA keys to fix openvpn build issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-28 22:56:36 +01:00
Felix Fietkau
c9c68c7177 ath9k: fix issues with external reset on AR913x
An external reset patch for AR955x accidentally led to external reset
being issued twice on AR913x, once before the RTC reset and once after.
This may be causing some stability issues.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-27 20:55:35 +01:00
Felix Fietkau
6b524fe5b8 relayd: fix expiry time handling
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-27 13:21:42 +01:00
Felix Fietkau
3f20fd4ee0 relayd: fix reload / interface restart issues
- replace the hotplug script with an interface trigger
- add netdev params to procd to trigger restart

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-27 13:20:33 +01:00
Felix Fietkau
f04b651453 ath5k: drop bogus warning on drv_set_key with unsupported cipher (FS#334)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-27 12:18:36 +01:00
Felix Fietkau
00ad43f047 ath9k: remove old rx dma stop check optimization
This commit was added to improve reset time on old SoC devices that run
into chip hangs more frequently. However with the more recent addition
of full WMAC reset on these chips, it could be problematic.
Drop this patch to ensure that DMA activity is really stopped before the
chip reset is issued

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-27 12:18:36 +01:00
Stijn Tintel
1b5640be33 odhcpd: bump to git HEAD
8dc2a59 Revert "Respect interface "ignore" settings as documented."
93ab25b router: skip parse_routes when ra_default > 1

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-12-27 10:50:29 +01:00
Jo-Philipp Wich
e1d1c31890 opkg: vfork external gzip command to uncompress data
Opkg's builtin decompression code is unsuitable to process nested archives as
it uses a single shared state and relies on undefined seek behaviour for pipes.

Rework the extraction logic to use the external gzip command as I/O filter for
decompressing data and remove the builtin inflate code entirely.

This shrinks the final opkg binary by about 4KB and results in less runtime
memory consumption due to efficient use of vfork() and less copy-on-write
operations in the forked child.

Rework by Felix: create a thread that relays data to the gzip process
instead of using a fragile poll loop

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-27 09:50:00 +01:00
Stijn Tintel
dc5f496a0d Revert "opkg: vfork external gzip command to uncompress data"
This reverts commit 0090adcd5c.
It breaks reading package list in /tmp/opkg-lists, making it impossible
to install packages from feeds in snapshots.
2016-12-27 04:41:30 +01:00
Hans Dedecker
bdd2b67414 odhcpd: Use procd_send_signal in reload_service
Replace killall HUP by procd_send_signal in reload_service to trigger
an odhcpd config reload

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-26 22:32:38 +01:00
Felix Fietkau
d3489d899a opkg: add missing dependency on libpthread
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-26 15:52:00 +01:00
Gabe Rodriguez
94030e86d5 mwlwifi: Update to latest source
-MAC register revisions for 8864 firmware

Tested on WRT1900ACv1 (mvebu). No regressions

Signed-off-by: Gabe Rodriguez <lifehacksback@gmail.com>
2016-12-26 11:17:33 +01:00
Alberto Bursi
c24172cad1 package/Makefile & ipkg-make-index.sh: add full package data list
The external script used to generate the package lists for the
LEDE wiki's table of packages [1] and package indexes [2] requires
a "Source:" field in the package lists to find package makefiles.
The package makefiles are used to read the package's Category and Submenu.

The "Source:" field was removed in commit
b4aa3c899c
to reduce package list sizes and lessen opkg issues in low ram devices.

Add a separate package list file with full data to be used by the wiki's script.
It's called Packages.manifest and isn't compressed as it's not necessary.

1. https://lede-project.org/packages/start
2. https://lede-project.org/packages/index/start

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-12-26 11:17:33 +01:00
Jo-Philipp Wich
0090adcd5c opkg: vfork external gzip command to uncompress data
Opkg's builtin decompression code is unsuitable to process nested archives as
it uses a single shared state and relies on undefined seek behaviour for pipes.

Rework the extraction logic to use the external gzip command as I/O filter for
decompressing data and remove the builtin inflate code entirely.

This shrinks the final opkg binary by about 4KB and results in less runtime
memory consumption due to efficient use of vfork() and less copy-on-write
operations in the forked child.

Rework by Felix: create a thread that relays data to the gzip process
instead of using a fragile poll loop

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-26 11:17:32 +01:00
Felix Fietkau
d109d03198 kernel: split kmod-lib-zlib into two packages to keep it in sync with kernel dependencies
Fixes build error on default config + selecting kmod-fs-isofs

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-26 11:11:49 +01:00
Hans Dedecker
2e41b2c37a netifd: Upstep to git HEAD version
64a655d proto: allow configuring deprecated static IPv6 addresses
c99182e remove obsolete /opt/local prefix on Mac OS X
0249d5f system-linux: Don't set gre tunnel ttl by default to 64 (#FS312)
edc15ca ubus: Display the IPv6 prefix assigned address

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-25 21:01:02 +01:00
Hans Dedecker
4c9d2c04ba gre: Remove ttl default value assignment (FS#312)
Don't assign a default ttl of 64 for gre tunnels as
netifd takes care of the default ttl assignment

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-25 21:00:44 +01:00
Hauke Mehrtens
4af4f21492 ltq-vmmc: mark VOICE_CPE_VMMC_PMC as broken
We do not have the needed platform support for VOICE_CPE_VMMC_PMC. The
vmmc driver will not compile with this option activated.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-25 18:43:55 +01:00
Hauke Mehrtens
9c49c937ab kmod-sched-cake: do not build on kernel 3.18
kmod-sched-cake does not build on kernel 3.18, so add the dependency to
not even try.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-25 15:15:55 +01:00
Felix Fietkau
236bf83bb6 brcmfmac: select 802.11ac support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-24 12:10:37 +01:00
Zefir Kurtisi
16725e2db0 libpcap: Fix build when PACKAGECONFIG ipv6 is not enabled
Add patches provided upstream [1] by Fabio Berton to fix error:

> ./gencode.c: In function 'pcap_compile':
> ./gencode.c:693:8: error: 'compiler_state_t {aka struct _compiler_state}' has no member named 'ai'
>   cstate.ai = NULL;
>         ^
> ./gencode.c: In function 'gen_gateway':
> ./gencode.c:4914:13: error: 'cstate' undeclared (first use in this function)
>    bpf_error(cstate, "direction applied to 'gateway'");
>              ^

[1] https://github.com/the-tcpdump-group/libpcap/pull/541

Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Tested-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
2016-12-24 11:59:42 +01:00
Felix Fietkau
0d5ba94088 orion: enable SoC drivers in the kernel config
Clean up packaged modules

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-24 09:40:46 +01:00
Felix Fietkau
9a1f441ac8 kirkwood: enable SoC drivers in the kernel config
Clean up packaged modules

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-24 09:40:46 +01:00
Felix Fietkau
c9e4cf2299 kirkwood: convert iconnect, ib62x0 and pogoplug_e02 to the new image build code
Update the correspoding u-boot configs to stop relying on
kernel-in-rootfs, which was removed a while back

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-24 09:40:46 +01:00
Florian Fainelli
8bf69ee78c kernel: Add kmod-ethoc
Add the kernel module package for the Opencores.org Ethernet MAC,
depends on PHYLIB.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-24 06:55:19 +01:00
dibdot
08db3e1b85 dnsmasq: add log facility option
add possibility to set the facility to which dnsmasq will send syslog entries, i.e. set it to '/dev/null' to mute dnsmasq output at all.

Signed-off-by: Dirk Brenken dev@brenken.org
2016-12-23 10:46:56 +01:00
Felix Fietkau
43855793ca ncurses: rename libncursesw to libncurses (more common name)
provide libncursesw via PROVIDES instead

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 21:10:43 +01:00
Felix Fietkau
47cf238779 uhttpd: drop uhttpd-mod-tls, it has been useless for years
Before the rewrite, uhttpd-mod-tls used to contain a tls plugin.
Afterwards it was left in for compatibility reasons, but given how much
has changed, and that we're about to change the default SSL
implementation again, it's better to just drop this now

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 16:46:01 +01:00
Felix Fietkau
c7c1cf5618 treewide: clean up and unify PKG_VERSION for git based downloads
Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 16:42:21 +01:00
Felix Fietkau
43c09f2885 Revert "linux-firmware: Add mirrors"
This reverts commit 0d4f02dfd6, which was
obviously untested. git downloads cannot handle multiple URLs at the
moment.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 16:42:20 +01:00
Gabe Rodriguez
24e58c3f72 mwlwifi: Update to latest source
- Source updated to fix noise level, DTS
- Added support for BB and RF

Tested working on WRT1900ACv1 (mamba) kernel 4.4.38. No regressions found.

Signed-off-by: Gabe Rodriguez <lifehacksback@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix mirror hash]
2016-12-22 16:42:20 +01:00
Pavel Kubelun
0ee964f284 ath10k-firmware: update qca9984 firmware
A new firmware that is available on code-aurora repository is newer
than in Kvalo's repo.

Taking into account that firmwares that are in Kvalo's repo are considered
to be tested by internal QCA team, this one seems to be more stable
and fixes this bug:
ath10k_pci 0000:01:00.0: received unexpected tx_fetch_ind event: in
push mode

At least i havent faced it for a while in contradiction to current version.

Thus switching firmware source for qca9984 until it or a newer version
gets into Kvalo's repo.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-12-22 16:42:20 +01:00
Alexandru Ardelean
acfb067835 gettext-full: enforce only static lib on the host build
Sometimes I'm getting error on the host-side build:
```
/usr/lib64/gcc/x86_64-suse-linux/4.8/../../../../x86_64-suse-linux/bin/ld: /home/sandu/work/lede/staging_dir/host/lib/liblzma.a(liblzma_la-common.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC
/home/sandu/work/lede/staging_dir/host/lib/liblzma.a: error adding symbols: Bad value
collect2: error: ld returned 1 exit status
Makefile:2847: recipe for target 'libgettextlib.la' failed
make[9]: *** [libgettextlib.la] Error 1
make[9]: Leaving directory '/home/sandu/work/lede/build_dir/target-x86_64_musl-1.1.15/host/gettext-0.19.8.1/gettext-tools/gnulib-lib'
Makefile:2597: recipe for target 'all' failed
```

Disabling the shared-lib build, seems to fix this.

This is when building glib2 on the host-side.
glib2 is required by newer QEMU package [which is in the feeds].

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-22 16:42:20 +01:00
Toke Høiland-Jørgensen
528f46d082 ath9k: Add airtime fairness scheduler
This adds a patch that introduces airtime fairness scheduling to ath9k,
which can significantly improve network efficiency in mixed-rate
environments.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 16:42:19 +01:00
Felix Fietkau
600b824087 openvpn: use conditional dependencies to avoid pulling in unused ssl libraries
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 16:42:19 +01:00
Felix Fietkau
2bc747aaea openvpn: reduce binary size using --gc-sections on linking
Saves around 9kb gzipped on MIPS

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 16:42:19 +01:00
Felix Fietkau
e6871ab925 openvpn: fix disabling DES support in mbedtls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-22 16:42:19 +01:00
Magnus Kroken
13592c1454 openvpn: update to 2.4_rc2
OpenVPN 2.4 builds with mbedTLS 2.x, rename openvpn-polarssl
variant to openvpn-mbedtls.

Some feature highlights:
* Data channel cipher negotiation
* AEAD cipher support for data channel encryption (currently only
* AES-GCM)
* ECDH key exchange for control channel
* LZ4 compression support

See https://github.com/OpenVPN/openvpn/blob/master/Changes.rst
for additional change notes.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-22 16:42:18 +01:00
Alexandru Ardelean
f67867adb0 vti: add empty install rules for vtiv4 & vtiv6
Same as for grev4 & grev6

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-22 16:33:28 +01:00
Alexandru Ardelean
5ab258e57a gre: add empty install rules for grev4 & grev6
Build seems to fail with:

```
Collected errors:
 * satisfy_dependencies_for: Cannot satisfy the following dependencies for X:
 * grev4 *
 * opkg_install_cmd: Cannot install package X
```

After adding an empty install rule, the failure goes away.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-22 16:33:27 +01:00
Florian Eckert
6c82f8a483 uqmi: add plmn set functionality for netifd proto handler
uqmi has the possibility to allow the modem to start a regsitration
process only to this specified plmn

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-12-22 15:03:58 +01:00
Henryk Heisig
363c3e68ac adb: new package "Android Debug Bridge"
Signed-off-by: Henryk Heisig <hyniu@o2.pl>
2016-12-22 15:03:31 +01:00
Cezary Jackiewicz
83eca5d8b7 comgt-ncm: fix typo Fix typo in ncm.sh. Resolves:
Wed Dec 21 09:55:54 2016 daemon.notice netifd: wan (4455): ./ncm.sh: eval: line 1: =IP: not found

Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
2016-12-22 15:02:35 +01:00
Felix Fietkau
87b0747263 ath10k-firmware: fix missing variable renames (FS#341)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 14:30:04 +01:00
Hans Dedecker
00dbfa1764 odhcpd: Use procd_send_signal in odhcpd-update file
Let dnsmasq reread the leasefile by using procd_send_signal
which triggers procd to send SIGHUP kill signal by default
if signal is not specified

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-21 20:35:49 +01:00
Koen Vandeputte
05abcf518d hostapd: update to version 2016-12-19
Update to latest upstream HEAD:

- Refreshed all
- Fixes 2 regressions:
--> PeerKey: Fix STK 4-way handshake regression
--> PeerKey: Fix EAPOL-Key processing

Compile tested Full & Mini configs
Run-tested Mini config

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2016-12-20 21:35:56 +01:00
Felix Fietkau
e5e98d58f7 ncurses: set ABI_VERSION to avoid running into rebuild issues
When the version changes, this will force rebuild of packages depending
on it.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 17:07:58 +01:00
Felix Fietkau
4e138663c6 Revert mirror hash fixes
They are based on obsolete download tarballs

Revert "usign: fix mirror hash" (4f874423fd)
Revert "ubox: fix mirror hash" (9ee74b5753)
Revert "opkg: fix mirror hash" (bf6f4bfad1)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:32:08 +01:00
Kevin Darbyshire-Bryant
8515deb60a ath10k-firmware: bump qca988x version
Bump qca988x firmware to firmware-5.bin_10.2.4.70.59-2

Run tested: Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-20 16:24:22 +01:00
Andy Strohman
7acb7dc3db ath10k-ct: Enable DFS when "Enable DFS support" is set for kmod-ath
This allows users of this package to configure DFS channels.
It mimics the behaviour of the ath10k module included in
package mac80211

Signed-off-by: Andy Strohman <andrew@andrewstrohman.com>
2016-12-20 16:24:22 +01:00
Felix Fietkau
4344eb62bf mwlwifi: select 802.11ac support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:22 +01:00
Felix Fietkau
2d4c42ad49 mt76: select 802.11ac support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:22 +01:00
Alexis Green
84daeb2e14 ath10k-ct: ath10k-ct specifies that it supports 802.11ac mode
Signed-off-by: Alexis Green <agreen@cococorp.com>
2016-12-20 16:24:22 +01:00
Alexis Green
8f3d8c0022 mac80211: ath10k specifies that it supports 802.11ac mode
Signed-off-by: Alexis Green <agreen@cococorp.com>
2016-12-20 16:24:22 +01:00
Alexis Green
77ece30eb9 hostapd: Add ability to specify that that wireless driver supports 802.11ac
Signed-off-by: Alexis Green <agreen@cococorp.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [make more generic]
2016-12-20 16:24:22 +01:00
Felix Fietkau
842ed8448d kexec-tools: remove useless CONFIG_KEXEC_TOOLS_TARGET_NAME indirection
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:22 +01:00
Felix Fietkau
fe4fe3edf2 kexec-tools: build by default, even if CONFIG_KERNEL_KEXEC is unset
Helps find build issues and makes the package available on snapshot
builds

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:22 +01:00
Felix Fietkau
ff47fb0dd9 kexec-tools: enable support for x86_64
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:22 +01:00
Felix Fietkau
1a071115d6 kexec-tools: update to 2.0.14-rc1, fix build errors
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 16:24:21 +01:00
Gilles Mazoyer
364ec6e0e0 kexec-tools: fix compile error
When compiling file vmcore-dmesg.c, several errors "unknown type name 'loff_t'"

Signed-off-by: Gilles Mazoyer <mazoyer.gilles@omega.ovh>
2016-12-20 16:24:21 +01:00
Alexandru Ardelean
65c8f2890c grub2: upgrade to 2.02-beta3 (3 years newer than previous)
'100-musl-compat.patch' does not seem to be required anymore.
'210-fix_serial_rtscts.patchi' is superseeded by:
http://git.savannah.gnu.org/cgit/grub.git/commit/?id=bac5d1a64ab4191058a8fd4c05f6b3b339e249e7

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 16:24:21 +01:00
Alexandru Ardelean
77812cdfec grub2: disable 'check-macro-version' build rule in 'po' build
This seems to occur when gettext-full is built on the host-side
and the autoreconf stuff re-generates some of the build files,
except for the po/Makefile.in.in

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 16:24:21 +01:00
Alexandru Ardelean
2b54fa4dff grub2: do not generate mkfonts at build time
Even though these fonts may not be installed, they seem to be
generated at build time.

Seems that the configure script re-generated from configure.ac
is a bit more annoying than it has to be.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 16:24:21 +01:00
Alexandru Ardelean
b33845b2da grub2: add PKG_FIXUP:=autoreconf
Reboot of: a0ea22ac43
Reverted: 3c52cbfa53

The host-side build of grub2 requires this sometimes.
This will re-generate the ./configure script from configure.ac.
I don't know the conditions of how this reproduces, it just
sometimes appears, and sometimes doesn't.

Build error
```
<lede-dir>/build_dir/target-x86_64_musl-1.1.15_yogi/host/grub-2.02~beta2/build-aux/missing: line 81: aclocal-1.14: command not found
WARNING: 'aclocal-1.14' is missing on your system.
         You should only need it if you modified 'acinclude.m4' or
         'configure.ac' or m4 files included by 'configure.ac'.
         The 'aclocal' program is part of the GNU Automake package:
         <http://www.gnu.org/software/automake>
         It also requires GNU Autoconf, GNU m4 and Perl in order to run:
         <http://www.gnu.org/software/autoconf>
         <http://www.gnu.org/software/m4/>
         <http://www.perl.org/>
Makefile:3962: recipe for target 'aclocal.m4' failed
```

Adding PKG_FIXUP adds sanity (i.e. autoreconf is used for host & target
builds) over just using HOST_FIXUP.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 16:24:21 +01:00
Koen Vandeputte
f628d0e0e9 hostapd: update to version 2016-12-15
Update to latest upstream HEAD:

- Refreshed all
- Delete patches and parts which made it upstream

Compile tested Full & Mini configs
Run-tested Mini config

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [another update, remove broken patch]
2016-12-20 16:24:21 +01:00
John Crispin
4f874423fd usign: fix mirror hash
Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 13:43:30 +01:00
John Crispin
9ee74b5753 ubox: fix mirror hash
Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 13:43:29 +01:00
John Crispin
bf6f4bfad1 opkg: fix mirror hash
Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 13:43:29 +01:00
Felix Fietkau
cbca3ae92e libs/cyassl: re-enable the stunnel flag
This partially reverts commit 15734b023b.
--enable-stunnel was actually important and properly described in
commit 9b118cde89. Removing it broke ustream-cyassl

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 10:42:23 +01:00
Hans Dedecker
bbe825c74d procd: update procd.sh to support sending kill signal to a service
Add procd_send_signal which allows to send an optional specified
kill signal to one specified  or all instances of a given service.
By default SIGHUP is sent if no signal is specified

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-20 09:35:54 +01:00
Rafał Miłecki
b522292405 base-files: add support for overlaying rootfs content
This adds support for install-overlay define. When used in package it
allows installing files to a special directory that gets copied to the
root when installing it.
It allows overwriting files provided by other packages.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-12-20 09:35:36 +01:00
Alexandru Ardelean
3c1f20d0bb libnl-tiny: define _GNU_SOURCE if not defined
If _GNU_SOURCE was added as part of a package's TARGET_CFLAGS,
then compilation would fail for that module (especially if
warnings get treated as errors).

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 09:35:36 +01:00
Kevin Darbyshire-Bryant
4e1f7ad56e kmod-sched-cake: diffserv3 & change defaults
Follow upstream cake:

diffserv3: a simple 3 tin classifier more in line with sqm-scripts
defaults for other qdisc algorithms.

defaults: default qdisc options are now diffserv3 and triple-isolate.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-20 09:35:36 +01:00
Kevin Darbyshire-Bryant
197b11f325 iproute2: tc - update cake support
Update tc to track upstream cake changes:

diffserv3 - a simple 3 tin classifier

Also make diffserv3 and triple-isolate default

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-20 09:35:36 +01:00
Daniel Engberg
15734b023b libs/cyassl: Enable multithreading, drop stunnel
More and more platforms are multicore SoCs, don't enforce singlethreading.
Drop stunnel option as stunnel code isn't available for download from upstream website.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-12-20 09:35:36 +01:00
p-wassi
6a902108a8 libs/ncurses: update to 6.0
Update libncurses to upstream release 6.0

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
6b08a47263 kernel: add support for Option Fusion+ PCMCIA card
New package kmod-pcmcia-nozomi to suppot Option Fusion+ HSDPA PCMCIA
modem.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
d2da2c2cb3 kernel: add support for PD6729 PCMCIA bridge
New package kmod-pcmcia-pd6729 to support Cirrus Logic PD6729
PCI-to-PCMCIA bridge.

Signen-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
04f29eef37 firmware: add support for PCMCIA Aircard's
Add .cis firmware for Sierra Wireless Aircard GPRS/3G PCMCIA modems:

 - Aircard 555
 - Aircards 7xx
 - Aircards 8x0

There is a package named sierra-pcmcia in obsoleted repository for
packages at git.openwrt.org but there's no reason to reintroduce it in
current packages repo because these files are part of upstream
linux-firmware.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
676a11d710 kernel: enable CONFIG_PCMCIA_LOAD_CIS
Allow to load .cis firmware updates from userspace. Some of PCMCIA cards
need to update Card Information Structure (CIS) to work properly.

Signen-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
87bc410f7c kernel: declare AddDepends in pcmcia.mk
Stack repeated definitions to easy further additions.

Signen-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Tomasz Maciej Nowak
a7cacc9735 kernel: don't load pcmcia_rsrc in kmod-pcmcia-yenta
Kmod-pcmcia-yenta already depends on kmod-pcmcia-rsrc so there is no
need to load it second time.

Signen-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2016-12-20 09:35:36 +01:00
Piotr Dymacz
1599a14b32 uboot-envtools: drop executable file attribute from files/ipq
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-20 09:35:36 +01:00
Piotr Dymacz
a9ce2ba31c uboot-envtools: fix Edimax BR-6425 board name
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-20 09:35:36 +01:00
Piotr Dymacz
35ed3be59f uboot-envtools: fix code formatting style in uci-defaults files
Few minor code formatting style fixes, including:

- keep one board per line
- always use "|\" (for consistency)
- remove redundant double quotes and empty lines

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-20 09:35:36 +01:00
Piotr Dymacz
f70a2adca1 uboot-envtools: keep boards in alphabetical order
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-20 09:35:36 +01:00
Nickolay Ledovskikh
600d648a0d uqmi: Prevent 'POLICY MISMATH' error.
Add uqmi 'sync' command call to release stalled cid when preparing to
setup new connection. As a result it prevents 'POLICY MISMATCH' errors.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:36 +01:00
John Crispin
4146047eaf uqmi: bump to latest git HEAD
8ceeab6 uqmi: Change returned value to QMI_CMD_REQUEST for 'sync' command.
1dc7be1 uqmi: Add sync command to release all cids.

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 09:35:35 +01:00
Nickolay Ledovskikh
6439e39677 uqmi: add support of using device symlinks.
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:35 +01:00
Nickolay Ledovskikh
13ab314b0b comgt: add support of using device symlinks.
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:35 +01:00
Yousong Zhou
cf62a17710 hostapd: remove never-used Package/<name>/Description
The build system only accepts Package/<name>/description and since the
typoed version virtually has the same content as the TITLE field, remove
them altogether

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2016-12-20 09:35:35 +01:00
John Crispin
ef94b9d08e mdns: bump to latest git HEAD
be8ae8d cmake: Search for libjson-c
1fa9077 Fix IPv6 read
846369c Revert "mdnsd: interface: enable looped back messages"

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 09:35:35 +01:00
John Crispin
f145a64fb6 mountd: update to latest git HEAD
dd5799c mountd: Add static qualifier to missing variable declarations.
bc4a6dd mountd: Fix fgets check.
3dd115b cmake: Really look for uci.h

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 09:35:35 +01:00
Felix Fietkau
dea6baf8fa usbutils: fix download filename
The name needs to include the revision, otherwise it is not
automatically re-downloaded on updates.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-19 18:34:25 +01:00
Felix Fietkau
a032940bfb Revert "ath9k: Add airtime fairness scheduler"
Accidentally pushed to the wrong branch

This reverts commit 47bc081e76.
2016-12-19 14:08:02 +01:00
Toke Høiland-Jørgensen
47bc081e76 ath9k: Add airtime fairness scheduler
This adds a patch that introduces airtime fairness scheduling to ath9k,
which can significantly improve network efficiency in mixed-rate
environments.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-19 13:59:32 +01:00
Christian Lamparter
b3a871dd3d mac80211: backport "cfg80211: limit scan results cache size"
The patch commit states:
"It's possible to make scanning consume almost arbitrary amounts
of memory, e.g. by sending beacon frames with random BSSIDs at
high rates while somebody is scanning.

Limit the number of BSS table entries we're willing to cache to
1000, limiting maximum memory usage to maybe 4-5MB, but lower
in practice - that would be the case for having both full-sized
beacon and probe response frames for each entry; this seems not
possible in practice, so a limit of 1000 entries will likely be
closer to 0.5 MB."

Signed-off-by: Johannes Berg <johannes.berg@intel.com>"

This patch was added in 4.4.36. But because LEDE backports
cfg80211, mac80211 and the wifi drivers separately, it needs
to be added manually for now. It can be dropped later as it
will be part of the next mac80211 refresh.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2016-12-19 13:51:21 +01:00
Felix Fietkau
00bc7f0357 mac80211: merge a number of minstrel/minstrel_ht performance and memory usage improvements
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-19 13:51:21 +01:00
Hans Dedecker
6f77b8d510 odhcpd: Bump to git HEAD version (various fixes)
e055530 Don't print non bound assignments in the state file
3af23ad config: Fix RA interface config being overwritten
41b5268 dhcpv6-ia : Fix static DHCPv6 assignments becoming non static
be6c515 dhcpv6-ia: Fix assignment of static DHCPv6 leases
374dc3f cmake: Find libubox/uloop.h
01c919c odhcpd: Display infinite valid lifetime as -1
2016-12-17 22:23:49 +01:00
Felix Fietkau
180e93ba8b build: add CHECK_ALL variable to allow make download/check to include not selected packages
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-17 10:36:52 +01:00
Felix Fietkau
7a315b0b5d build: implement make check and make package/X/check
This is intended to be used for a wide array of package sanity checks.

The first check that is implemented is for the hash of downloaded files.
It checks:
  - Missing hash
  - Use of SHA256 instead of MD5
  - dl/<file> hash not matching hash in makefile
  - deprecated MD5SUM variable

The deprecated MD5SUM variable check is skipped for feeds/ until OpenWrt
is updated as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-17 10:36:25 +01:00
Felix Fietkau
720b99215d treewide: clean up download hashes
Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 22:39:22 +01:00
Ben Greear
4921760a45 ath10k-ct: Update to latest CT ath10k driver.
This works around deadlock and/or memory corruption during
firmware crash and improves ability to configure number of
tids in firmware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-12-16 22:37:59 +01:00
Hans Dedecker
7d760284a7 odhcp6c: Pass parameters to user dhcpv6 script
Pass all the parameters like device, dhcpv6 state to user script

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-16 18:49:56 +01:00
Florian Fainelli
44ac4adb34 map: Have cmake find libubus.h
Update CMakeList.txt to look for libubus.h since we depend on it.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-16 18:46:27 +01:00
Felix Fietkau
f3b866f93a ath10k-firmware: fix typo
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 15:08:57 +01:00
Felix Fietkau
3a1e3b4e0d package/kernel/linux: only access kernel config if DUMP is unset
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 14:44:08 +01:00
Felix Fietkau
7747fac375 ath10k-firmware: untangle CT firmware filenames, fix conflicts
CT firmware files use the same filename with a different URL for
different chips. Since all files end up in dl/, filenames need to be
unique as well.
Add a chip prefix to the output filename to fix this issue.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 14:42:12 +01:00
John Crispin
93227e4d3f dnsmasq: fix service reload
The SIGHUP also got sent to the reload script making it bail out
with an error

Revert "dnsmasq: reload config if host name is modified"
This reverts commit 854459a2f9.

Reported-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
2016-12-16 10:40:10 +01:00
Felix Fietkau
fb237477fd mt76: update to the latest version, fixes a build error on some platforms
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-15 13:02:31 +01:00
Hauke Mehrtens
fb74550bdf odhcpd: update sha256sum
The sha256sum was not updated in the last commit.

Fixes: a7c231027 [odhcpd: Fix dnsmasq re-reading hostfile]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-14 21:43:58 +01:00
Jo-Philipp Wich
e0b8b24cfb base-files: fix CONFIG_VERSION_DIST default
Fix the default value of CONFIG_VERSION_DIST to use uppercase "LEDE".

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 19:55:20 +01:00
Jo-Philipp Wich
a4232cd4bf build: use SNAPSHOT instead of CURRENT to designate untagged branch builds
Calling a build ##.##-CURRENT might mislead users into thinking that this
build is the most current release of a branch.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 18:43:49 +01:00
Jo-Philipp Wich
3494ca66c5 linux: do not autoload sdhci.ko as sdhci-pltfm.ko already depends on it
Currently, installing kmod-sdhci fails with "sdhci is already loaded" since
"sdhci.ko" is inserted explicitely first, the implicitely loaded again when
"sdhci-pltfm.ko" is inserted as the latter depends on the former.

Remove the explicit autoprobe of "sdhci.ko" to fix the postinstall script.

Acked-by: John Crispin <john@phrozen.org>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 18:41:21 +01:00
Felix Fietkau
970dd4dd58 kernel: netfilter: split out iptable_raw into a separate package
This will avoid loading it in the default configuration, which reduces
image size a bit, and (more importantly) improves performance by
avoiding some unnecessary netfilter hooks

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:14 +01:00
Felix Fietkau
e82c8d6e20 swconfig: replace the shared library with a static one
Reduces binary size

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:13 +01:00
Felix Fietkau
e175a4d4f1 ppp: use --gc-sections to save a tiny bit of space
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:13 +01:00
p-wassi
4297f4f901 libs/libpcap: update to 1.8.1
Update libpcap to upstream release 1.8.1
Change the name from libpcap.so.1.3 to libpcap.so.1
Remove parts of patch 201 which moved code among src files.
Import patch 204 from Debian to update the USB path.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix parallel build bug]
2016-12-14 12:13:13 +01:00
Felix Fietkau
28f6951600 ath10k: fix a soft-lockup on firmware restart
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:13:13 +01:00
Felix Fietkau
7dcccacb98 ath10k: fix a bug on sending null-func frames
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 12:04:52 +01:00
Alberto Bursi
70011393a9 ath10k-firmware: removed broken submenu
this package references an undefined variable for its submenu.
Remove this NOP variable assignment.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-12-14 11:05:54 +01:00
Alberto Bursi
1e15d92de1 kernel: add a missing submenu
this kernel module currently does not set submenu.
Fix this by adding it to the "Others" submenu

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-12-14 11:05:41 +01:00
Matti Laakso
5bd3b9dfc0 comgt-ncm: Add support for specifying profile index
Add support for specifying a call profile index instead of APN. A
specific index different from 1 must be used for some service
provider and modem combinations.

In addition, change the manufacturer detection to use the standard
AT+CGMI command, which produces more predictable output than ATI,
remove the redundant ipv6 option, since it is less ambiguous to
directly specify the PDP context type with mobile connections, and
fix missing device during teardown when using ncm through the wwan
proto.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
2016-12-14 10:37:01 +01:00
Matti Laakso
2e2748b053 uqmi: Add support for specifying profile index
Update uqmi to latest version, which brings about support for
specifying a call profile index instead of APN. A specific index
different from 1 must be used for some service provider and modem
combinations.

Also change option dhcp to dhcpv6, since IPv4 now always uses DHCP,
replace option ipv6 with pdptype, which is less ambiguous, and
make autoconnect optional and default it to off for IPv6 due to it
not working with statically configured IPv6.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
2016-12-14 10:37:01 +01:00
Dario Ernst
866b7bad00 dropbear: clean up default PATH handling in makefile
Harmonise handling of DEFAULT_PATH by removing the patch introducing #ifndef
guards around the path, and only using one means to set the path in the
makefile.

Signed-off-by: Dario Ernst <Dario.Ernst@riverbed.com>
2016-12-14 10:37:01 +01:00
Jo-Philipp Wich
b22a20af45 procd: add support for service signals
Update procd to latest HEAD in order to introduce support for services signals:

- Adds a new service.signal ubus call to send a kill() signal to one or all
  running instances of a given service

- Adds a new "reload_signal" property which allows service init scripts to
  request procd to send a specific kill() signal on reload, instead of
  stopping and restarting running processes

Also fixes some potential memory leaks reported by cppcheck and an environment
variable corruption in the trace command.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:14:08 +01:00
Jo-Philipp Wich
e2f8d200f5 netfilter: drop proprietary xt_id match
The xt_id match was used by the firewall3 package to track its own rules but
the approach has been changed to use xt_comment instead now, so we can drop
this nonstandard extension.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:05:06 +01:00
Jo-Philipp Wich
2daab45cae firewall3: drop support for automatic NOTRACK rules
Update to current HEAD in order to drop automatic generation of per-zone
NOTRACK rules.

The NOTRACK rules used to provide a little performance improvement but the
later introduction of the netfilter conntrack cache made those rules largely
unnecessary. Additionally, those rules caused various issues which broke
stateful firewalling in some scenarios.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:05:06 +01:00
Hauke Mehrtens
a6781ef4c1 kernel: kmod-hwmon-tmp102: add dependency to kmod-thermal
Depend on the kmod-thermal package when it is activated, this fixes
compile problems on some targets.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-14 00:15:33 +01:00
Hans Dedecker
a7c2310278 odhcpd: Fix dnsmasq re-reading hostfile
Depending on the dhcp uci config pidof dnsmasq can return
multiple pids. Fix re-reading of the hostfile by dnsmasq in
such case by sending SIGHUP signal to each of the returned
pids.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-13 23:32:57 +01:00
Hans Dedecker
942904f7b9 dnsmasq: Specify directory /tmp/hosts as argument for --addn-hosts
Let dnsmasq read all hosts files in /tmp/hosts directory by specifying
/tmp/hosts as argument of --addn-host

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-13 23:32:20 +01:00
Felix Fietkau
66482e179b ath10k: fix DMA allocation issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-13 12:44:57 +01:00
Felix Fietkau
57f7f91f0c mac80211: refresh all patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-13 12:34:13 +01:00
Felix Fietkau
4872c36c55 ath9k: add a RCU related bugfix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-13 12:34:12 +01:00
Kevin Darbyshire-Bryant
88f8c8d7eb iproute2: support latest cake & restore DSCP washing
Support new packet overhead passing paradigm in cake qdisc, also restore
DSCP wash/nowash keywords.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-12 16:42:06 +01:00
Kevin Darbyshire-Bryant
1f0ff783f0 kmod-sched-cake: update & restore DSCP washing
Track upstream changes, incl changes in packet overhead accounting
(automatically taking care of linux' packet sizing knowledge),
improvements to triple isolated DRR handling (new flow dominance),
statistics tweak & allow more packet drops in stressed conditions.

Under tests this has significantly improved latency control under
'many flows to one' scenarious as is typical of bittorrent and MS
Windows update.

I also restored 'DSCP washing' functionality in my repo which follows
upstream closely (like a hawk!) with tc keywords 'wash/nowash'.  This
allows cake to limit/control packets in bands determined by a packet's
DSCP but to clear those DSCP bits on qdisc egress.  This functionality
was originally removed as part of an attempt to push cake into the
kernel, which hasn't actually happened as yet.

A matching commit is required to iproute2/tc to support the new overhead
handling, keyword changes as well as the 'wash/nowash' tweak.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-12 16:42:06 +01:00
Felix Fietkau
b305b8c386 mt76: update to the latest version, fixes dfs issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:54:47 +01:00
Felix Fietkau
b9ddf3098b tcpdump: reduce size of -mini by removing more infrequently used protocols
This removes:
- BGP
- CDP
- SCTP

MIPS binary .ipk size is reduced from ~150k to ~130k

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:20 +01:00
p-wassi
a4a00d794f net/utils/tcpdump: update to 4.8.1
Update tcpdump to upstream release 4.8.1

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-12-12 10:22:19 +01:00
Felix Fietkau
64590f3c7e mbedtls: tune config to reduce size and improve performance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:19 +01:00
Felix Fietkau
732c24a0ca mbedtls: sync with polarssl config
One of those changes is re-enabling blowfish support to make
openvpn-mbedtls compatible with common configurations

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:19 +01:00
Magnus Kroken
a456dd96e7 openvpn: quote parameters to --push in openvpn config file
OpenVPN requires arguments to --push to be enclosed in double quotes.
One set of quotes is stripped when the UCI config is parsed.
Change append_params() of openvpn.init to enclose push parameters in
double quotes.

Unquoted push parameters do not cause errors in OpenVPN 2.3,
but OpenVPN 2.4 fails to start with unquoted push parameters.

Fixes: FS#290.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-12 10:22:19 +01:00
Magnus Kroken
4b8c69258e mbedtls: enable MBEDTLS_DHM_C
This option is required by OpenVPN, and OpenVPN 2.4 uses mbedTLS 2.x.
DHM_C is also already enabled in the PolarSSL 1.3.x config.h.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-12 10:22:19 +01:00
Felix Fietkau
441ee62931 ar71xx: remove AP83 reference design board support
This board is very old and unlikely to still be relevant today. Support
for it contains a significant amount of device specific baggage which is
worth getting rid of.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:18 +01:00
Piotr Dymacz
c40477519e uboot-envtools: add support for YunCore SR3200 and XD3200
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-12-12 09:57:40 +01:00
Christian Schoenebeck
6ae71708c9 ca-certificates: update to version 20161130
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2016-12-12 09:57:40 +01:00
Yutang Jiang
ad907e1c03 layerscape: add 64b/32b target for ls1046ardb device
Add support for NXP layerscape ls1046ardb 64b/32b Dev board.

LS1046ARDB Specification:
-------------------------
Memory subsystem:
* 8GByte DDR4 SDRAM (64bit bus)
* 512 Mbyte NAND flash
* Two 64 Mbyte high-speed SPI flash
* SD connector to interface with the SD memory card
* On-board 4G eMMC
Ethernet:
* Two XFI 10G ports
* Two SGMII ports
* Two RGMII ports
PCIe:
* PCIe1 (SerDes2 Lane0) to miniPCIe slot
* PCIe2 (SerDes2 Lane1) to x2 PCIe slot
* PCIe3 (SerDes2 Lane2) to x4 PCIe slot

* USB 3.0: one super speed USB 3.0 type A port, one Micro-AB port
* UART: supports two UARTs up to 115200 bps for console

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-12-12 09:57:40 +01:00
Yutang Jiang
76fa771a78 layerscape: fman-ucode: prefer github over git.freescale.com
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-12-12 09:57:40 +01:00
Yutang Jiang
d5fc7430ca layerscape: uboot-layerscape: prefer github over git.freescale.com
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-12-12 09:57:40 +01:00
Julian Labus
b0ac825884 base-files: Changed UCI variable name for GPIO value from 'default' to 'value'
This changes the UCI variable for the GPIO value from system.$cfg.default back
to system.$cfg.value as it was before the change from uci-defaults [1] to board.d.
/etc/init.d/gpio_switch [2] still expects the value to be in system.$cfg.value.

[1] d65916047b/package/base-files/files/lib/functions/uci-defaults.sh (L197)
[2] https://github.com/lede-project/source/blob/master/package/base-files/files/etc/init.d/gpio_switch#L17

Signed-off-by: Julian Labus <julian@labus-online.de>
2016-12-12 09:57:40 +01:00
Hauke Mehrtens
4dbdba36f8 kernel: add TI tmp102 and tmp103 temperature sensors
This just adds the kmods for these kernel modules.
This is found on some Lantiq / Intel reference boards.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-10 16:06:40 +01:00
Jo-Philipp Wich
9791fb2ac2 build: support adding version code to file names (FS#323)
Now that the VERSION_NUMBER variable holds the human friendly name and not
the commit ID anymore, we need to support adding the revision ID as well.

Introduce a new config variable CONFIG_VERSION_CODE_FILENAMES which, if set,
causes the resulting file names to contain a commit ID designation as printed
by scripts/getver.sh.

Also sanitize the input variables to ensure that the resulting strings are
lowercased and no not contain spaces.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-09 17:16:43 +01:00
Arjen de Korte
4fbd3aa278 dnsmasq: Fix splitting hostid for DHCPv6 static leases
Correct splitting the 32-bit 'hostid' value to two 16-bit hexadecimal
values. Previously, the lower 16-bit value was truncated to an 8-bit
value, which would result in hostid values 100 and 200 both to be set
to [::0:0] instead of [::0:100] and [::0:200] respectively.

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
2016-12-06 07:55:07 +01:00
Florian Eckert
854459a2f9 dnsmasq: reload config if host name is modified
If the hostname in /etc/config/system is modified the dnsmasq will not
reread the update host file under /tmp/hosts/dhcp.$cfg.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-12-04 15:56:04 +01:00
Álvaro Fernández Rojas
4257f6548b brcm2708-gpu-fw: update to latest version
Also switches hases to SHA256

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-12-04 12:32:02 +01:00
Alexandru Ardelean
8cb476c853 libs: libnetfilter-queue: update to a newer version in git repo
Last release of libnetfilter-queue was in 2012.
There don't seem to be any release tarballs since then.

This updates it to a more recent version, pointing to the git repo.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-04 11:41:53 +01:00
Pierre Lebleu
898857f77a ppp: Split the ppp-up for the IPv6 part
Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
2016-12-04 11:41:53 +01:00
Florian Fainelli
5763e438f6 kernel: add kernel package for the rs5c372a rtc module
This RTC is used on the Buffalo Terastation Pro II/Live devices.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Felix Fietkau
81b5e8e5d2 base-files: add a hint in sysupgrade that shows what to do when the image metadata check fails
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Hauke Mehrtens
abedd718aa cyassl: update to wolfssl version 3.9.10
This fixes the following security problems:
CVE-2016-7440: Software AES table lookups do not properly consider cache-bank access times
CVE-2016-7439: Software RSA does not properly consider cache-bank monitoring
CVE-2016-7438: Software ECC does not properly consider cache-bank monitoring
SWEET32 Attack

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:35:35 +01:00
Hauke Mehrtens
7e6c53dac9 valgrind: update to 3.12.0
Support for MIPS toolchains without FPU support was added upstream,
so remove our patch.

patches/310-mips-link-tool.patch was a backport form this version of valgrind
src/abort.c is not referenced anywhere

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:03:56 +01:00
Hauke Mehrtens
4e07167eff curl: update to version 7.51.0
This fixes the following security problems:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:44 +01:00
Hauke Mehrtens
99ea26883b mbedtls: update to version 2.4.0
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:20 +01:00
Hauke Mehrtens
280fdac18f polarssl: update to version 1.3.18
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:36:34 +01:00
Jo-Philipp Wich
5f3c96c285 build: adjust version number handling
Move the revision info to the VERSION_CODE variable and default VERSION_NUMBER
to CURRENT for master branch builds.

Also introduce a new menuconfig option CONFIG_VERSION_CODE which allows users
to override the revision value put into VERSION_CODE and adjust the template
files used by the base-files package to accomodate for the changed semantics.

While we're at it, also adjust the various URLs to match the current web site.

After this commit, the relevent files will look like the examples given below:

    # cat /etc/openwrt_version
    r2398+1

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='CURRENT'
    DISTRIB_REVISION='r2398+1'
    DISTRIB_CODENAME='reboot'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Reboot CURRENT r2398+1'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="CURRENT, Reboot"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Reboot CURRENT"
    VERSION_ID="current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2398+1"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Reboot CURRENT r2398+1"

On a release branch, those files would look like:

    # cat /etc/openwrt_version
    r2399

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='16.12-CURRENT'
    DISTRIB_REVISION='r2399'
    DISTRIB_CODENAME='test_release'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Test Release 16.12-CURRENT r2399'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="16.12-CURRENT, Test Release"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Test Release 16.12-CURRENT"
    VERSION_ID="16.12-current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2399"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Test Release 16.12-CURRENT r2399"

On a release tag, those files would look like:

    # cat /etc/openwrt_version
    r2500

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='17.02.1'
    DISTRIB_REVISION='r2500'
    DISTRIB_CODENAME='mighty_unicorn'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Mighty Unicorn 17.02.1 r2500'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="17.02.1, Mighty Unicorn"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Mighty Unicorn 17.02.1"
    VERSION_ID="17.02.1"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2500"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Mighty Unicorn 17.02.1 r2500"

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 16:02:02 +01:00
Felix Fietkau
1947cf36ba procd: update to the latest version, fixes killing jailed processes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 13:55:23 +01:00
Felix Fietkau
a2e197d972 libubox: update to the latest version
- Improves C++ compatibility
- Adds static initializers for the kvlist API

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 20:14:52 +01:00
Felix Fietkau
4d448cf720 xtables-addons: add CONFIG_NF_CONNTRACK_MARK=y to all kmod-* packages
Not all kmod packages depends on kmod-ipt-compat-xtables, but this
kernel config option is required for building the whole package

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 14:24:03 +01:00
Jo-Philipp Wich
4596f9b5ac e2fsprogs: avoid picking up incompatible libcom_err.so
Commit 2728512 ("e2fsprogs: List all libraries explicitly") forced the
e2fsprogs build system to link libcom_err.so in various places.

Unfortunately, the krb5 package also ships a libcom_err.so with a totally
different ABI and puts it into the global staging directory which causes
e2fsprogs to pick up this wrong library, leading to the following failure:

    	LD blkid
    ../lib/libext2fs.so: undefined reference to `_et_list'
    collect2: error: ld returned 1 exit status
    Makefile:504: recipe for target 'blkid' failed

Change the SYSLIBS specification to explicitely link libcom_err.so.0.0
which in order to work around the problem.

In the long run, the libcom_err clash between e2fsprogs and krb5 needs to
be solved properly.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-30 23:32:17 +01:00
Felix Fietkau
f2010b0929 rtc-rv5c386a: fix include path for bcm47xx_nvram.h
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-30 12:47:25 +01:00
Alberto Bursi
d52676d1ea base-files: add a wrapper for init scripts in profile
"service" is a simple wrapper that will allow to call init.d scripts

current method:     #  /etc/init.d/network reload
with the wrapper:   #  service network reload

If the wrapper is called without arguments or with a wrong init script name, it will print an error and list the content of /etc/init.d/ folder

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-29 21:12:08 +01:00
Mathias Kresin
36148d923b uboot-lantiq: Add BT Home Hub 5A support
Based on the submission to the uboot-lantiq repo by Martin Blumenstingl.

Use the ddr_settings.h from the GPL tarball. The NAND boot optimized
one (with memory tuning enabled) doesn't work for the UART boot image.

Use the same mtd layout as the stock u-boot. Add add UBI support.

Use the leds to indicate boot status like it is done with the stock
u-boot. Switch on the red power led if kernel image can't be loaded.
Otherwise switch the green led on.

Make only the ramboot u-boot available. Only this image is required for
the first installation of LEDE.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-29 21:40:16 +01:00
Martin Blumenstingl
448b9b67e1 kernel: mac80211: disable ath9k bands via device tree
These properties allow overriding the settings from the EEPROM
which indicate whether a band is enabled or not.
Setting this property is only needed when the RF circuit does not
support the 2.4GHz or 5GHz band while it is enabled nevertheless in the
EEPROM.

These patches will be replaced with a future upstream version which
will introduces an ieee80211 device tree property to disable bands.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-11-29 21:40:16 +01:00
Martin Blumenstingl
3f889418a5 kernel: mac80211: add pending ath9k EEPROM swapping patches
There are two types of swapping the EEPROM data in the ath9k driver.
Before this series one type of swapping could not be used without the
other.

The first type of swapping looks at the "magic bytes" at the start of
the EEPROM data and performs swab16 on the EEPROM contents if needed.
The second type of swapping is EEPROM format specific and swaps
specific fields within the EEPROM itself (swab16, swab32 - depends on
the EEPROM format).

With this series the second part now looks at the EEPMISC register
inside the EEPROM, which uses a bit to indicate if the EEPROM data
is Big Endian (this is also done by the FreeBSD kernel).
This has a nice advantage: currently there are some out-of-tree hacks
(in OpenWrt and LEDE) where the EEPROM has a Big Endian header on a
Big Endian system (= no swab16 is performed) but the EEPROM itself
indicates that it's data is Little Endian. Until now the out-of-tree
code simply did a swab16 before passing the data to ath9k, so ath9k
first did the swab16 - this also enabled the format specific swapping.
These out-of-tree hacks are still working with the new logic, but it
is recommended to remove them. This implementation is based on a
discussion with Arnd Bergmann who raised concerns about the
robustness and portability of the swapping logic in the original OF
support patch review, see [0].

After a second round of patches (= v1 of this series) neither Arnd
Bergmann nor I were really happy with the complexity of the EEPROM
swapping logic. Based on a discussion (see [1] and [2]) we decided
that ath9k should use a defined format (specifying the endianness
of the data - I went with __le16 and __le32) when accessing the
EEPROM fields. A benefit of this is that we enable the EEPMISC based
swapping logic by default, just like the FreeBSD driver, see [3]. On
the devices which I have tested (see below) ath9k now works without
having to specify the "endian_check" field in ath9k_platform_data (or
a similar logic which could provide this via devicetree) as ath9k now
detects the endianness automatically. Only EEPROMs which are mangled
by some out-of-tree code still need the endian_check flag (or one can
simply remove that mangling from the out-of-tree code).

[0] http://www.spinics.net/lists/linux-wireless/msg152634.html
[1] https://marc.info/?l=linux-wireless&m=147250597503174&w=2
[2] https://marc.info/?l=linux-wireless&m=147254388611344&w=2
[3] 50719b56d9/sys/dev/ath/ath_hal/ah_eeprom_9287.c (L351)

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-11-29 21:40:16 +01:00
Martin Blumenstingl
1847248fc1 kernel: mac80211: backport ath9k device tree support patches
These patches add support for configuring ath9k based devices via
devicetree. This was tested on PCI(e) based devices. This should work
for AHB based devices as well (adding more AHB specific properties may
still be needed) as soon as the ath79 platform is ready to populate the
ath9k wmac via devicetree.
This patchset was accepted upstream, more information can be found on
the linux-wireless list:
https://www.spinics.net/lists/linux-wireless/msg155474.html

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-11-29 21:40:16 +01:00
Stijn Tintel
9f109876ea kernel: have kmod-ipsec depend on kmod-crypto-echainiv
The ESP algorithms in CBC mode require echainiv, so have kmod-ipsec
depend on kmod-crypto-echainiv.

See upstream commit 32b6170ca59ccf07d0e394561e54b2cd9726038c.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-11-29 12:19:22 +01:00
Rafał Miłecki
e8fe83e1be iw: drop TX power patch that is part of upstream version now
Applying it again was resulting in duplicated TX info like:
Interface wlan0
        ifindex 6
        wdev 0x1
        addr 00:23:6a:a3:7d:00
        ssid LEDE2
        type AP
        wiphy 0
        channel 11 (2462 MHz), width: 20 MHz, center1: 2462 MHz
        txpower 31.00 dBm
        txpower 31.00 dBm

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-29 08:39:57 +01:00