Commit graph

13039 commits

Author SHA1 Message Date
Ulrich Weber
d5221d5a41 ppp: honor ip6table for IPv6 PPP interfaces
as we do for IPv4 PPP interfaces. When we create the
dynamic IPv6 interface we should inherit ip6table from
main interface.

Signed-off-by: Ulrich Weber <ulrich.weber@riverbed.com>
2017-02-13 18:48:33 +01:00
Florian Eckert
bb9d2aa868 ppp: add pppoe-discovery to an independent package
pppoe-discovery performs the same discovery process as pppoe, but does
not initiate a session

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-13 18:45:34 +01:00
David Pinilla Caparrós
a896611acd base-files: Added a deprecation notice on wifi detect
When running wifi detect, the user will be told on error output that
wifi detect is deprecated, that wifi config must be used instead. Also
the commit that changes it is referenced for further info.

Signed-off-by: David Pinilla Caparrós <dpinitux@gmail.com>
2017-02-13 10:24:32 +01:00
David Pinilla Caparrós
f6d3ea8c8a base-files: Add wifi config to wifi command usage
Since commit 5f8f8a3661 wifi detect does
not longer work and wifi config it's used to configure not yet
configured wireless devices.

This commit changes command usage to reflect that change.

Signed-off-by: David Pinilla Caparrós <dpinitux@gmail.com>
2017-02-13 10:24:32 +01:00
Hans Dedecker
4c09f99605 netifd: update to git HEAD version
f107656 netifd: Add option to configure locktime for each device
cdc0e80 interface: add prefix assignment priority support
6397f5e device: add veth support
6228d0f wireless: fix _wireless_add_process
7cc2f10 treewide: fix white space errors

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-12 18:12:47 +01:00
Felix Fietkau
f28eef4460 mac80211: refresh patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-12 15:57:37 +01:00
Koen Vandeputte
75216a76b0 mac80211: backport upstream fix for CSA in IBSS mode
Allows to change channels on-the-fly using CSA when using IBSS.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2017-02-12 15:57:37 +01:00
Felix Fietkau
764cd09dd8 ath9k: fix various issues in the airtime-fairness implementation
Effects of the bugs could include memory corruption, tx hangs, kernel
crahes, possibly other things as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-12 14:27:41 +01:00
Hauke Mehrtens
5c651b029e kernel: fix kmod-rxrpc with kernel 4.9
rxkad will be build into af-rxrpc now and is of type boolean.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-02-12 13:55:45 +01:00
Hauke Mehrtens
2eed1179be ltq-ptm: use netif_trans_update() only for kernel >= 4.7
This fixes a bug introduced in commit c7ce9908bd
"ltq-ptm: fix build with kernel 4.9"

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-02-12 01:26:33 +01:00
Hauke Mehrtens
ca9b9969fb ltq-vmmc: fix build with kernel 4.9
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-02-11 23:31:47 +01:00
Hauke Mehrtens
c7ce9908bd ltq-ptm: fix build with kernel 4.9
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-02-11 23:31:47 +01:00
Alberto Bursi
add1dd0081 uboot-kirkwood: add Zyxel NSA325 uboot
add uboot for NSA325

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-02-11 21:16:28 +01:00
Alberto Bursi
760185972f uboot-envtools: add nsa325 envs
adding nsa325 envs for consistency with other kirkwoods

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-02-11 21:16:28 +01:00
Felix Fietkau
9827c3e9b9 gdb: update to version 7.12.1, fix glibc 2.25 build issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-11 20:34:33 +01:00
Felix Fietkau
dc4844b18b pppd: fix compile issues with glibc 2.25
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-11 19:33:35 +01:00
Felix Fietkau
412e0bbf25 perf: avoid picking up a dependency on libunwind
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-11 18:07:37 +01:00
Felix Fietkau
9859a1d953 ugps: update to the latest version, fixes build error with glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-11 18:07:32 +01:00
Felix Fietkau
c22255e50e tcpdump: fix tcpdump-mini build on glibc 2.25
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-11 18:07:24 +01:00
Felix Fietkau
de07a99447 fstools: update to the latest version
Fixes compatibility issues with glibc 2.25

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-11 18:07:18 +01:00
Felix Fietkau
2ffb80bc9f procd: update to the latest version
Fixes compatibility issues with glibc 2.25

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-11 18:07:11 +01:00
Alexey Brodkin
a3408a5271 toolchain/uclibc: Bump version to 1.0.22
Important change was made in 1.0.18: all sub-libs were merged
in one and only libc similarly to musl.

See [1] for more details.

To support that we had to remove refences to those sub-libs like
libpthread, libcrypt, libdl, libm, libutil etc.

[1] http://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/commit/?id=29ff9055c80efe77a7130767a9fcb3ab8c67e8ce

Signed-off-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
2017-02-11 15:38:39 +01:00
Tim Harvey
092f2c14bd imx6: move to Linux 4.9 kernel
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-11 15:38:11 +01:00
Joseph C. Sible
0bf85ef048 dropbear: enable SHA256 HMACs
The only HMACs currently available use MD5 and SHA1, both of which have known
weaknesses. We already compile in the SHA256 code since we use Curve25519
by default, so there's no significant size penalty to enabling this.

Signed-off-by: Joseph C. Sible <josephcsible@users.noreply.github.com>
2017-02-10 11:05:57 +01:00
Rafał Miłecki
368cc8ef47 mac80211: update brcmfmac backporting brcmf_err cleanups
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-10 00:40:49 +01:00
Hans Dedecker
be4842f5de odhcpd: update to git HEAD version (FS#396)
8df4253 ndp: harden netlink event socket error handling
b02f3e6 ndp: close proc file descriptor also during error handling
8a615ad npd: rework IPv6 relay logic (FS#396)
0129f79 config: restore interface defaults when cleaning interface

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-09 21:20:44 +01:00
Felix Fietkau
7096ed58fd kernel: remove kmod packages for bridge, stp, llc and 8021q
Remove CONFIG_VLAN_8021Q overrides for two targets
These features are built into the kernel image for all targets

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-09 14:49:34 +01:00
Felix Fietkau
66a63d25c4 mac80211: fix build on linux 3.18
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-09 14:22:26 +01:00
Felix Fietkau
d826af2cbb build: make <subdir>/install opt-in, use it for target/ only
Fixes buildbot errors on running make target/install or
toolchain/install

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-09 13:51:35 +01:00
Ben Kelly
da0b9110fc uclibc++: patch bugfix erase() on derived __base_associative
When calling erase() on a containers derived from __base_associative
(e.g. multimap) and providing a pair of iterators a segfault will
occur.

Example code to reproduce:

	typedef std::multimap<int, int> testmap;
	testmap t;
	t.insert(std::pair<int, int>(1, 1));
	t.insert(std::pair<int, int>(2, 1));
	t.insert(std::pair<int, int>(3, 1));
	t.erase(t.begin(), t.end());

Signed-off-by: Ben Kelly <ben@benjii.net>
2017-02-09 12:26:55 +01:00
Alberto Bursi
a9d347c11c uboot-kirkwood: fix goflexhome/net bootcommand
Goflexhome/net use uImage, and to boot an uImage the u-boot
must use bootm command, not bootz.

Fixes the "i cannot boot LEDE with this u-boot" issue that I
found out myself with my goflexnet.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-02-09 12:26:48 +01:00
Alberto Bursi
a6ef5933f8 uboot-kirkwood: remove obsolete patches
all patches for CONFIG_SYS_GENERIC_BOARD are obsolete for
uboot 2016 sources.

Run-tested with the uboot of goflexnet, also the md5sum of
all other uboots is the same with or without these patches.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-02-09 12:26:42 +01:00
Daniel Engberg
2faa1edd91 iperf3: Update to 3.1.6
Update to 3.1.6

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-02-09 12:26:36 +01:00
Daniel Engberg
0af460b38c utils/e2fsprogs: Update to 1.43.4
* Update to 1.43.4
* Use xz tarball which saves about 2Mbyte in size

Changelog: http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.43.4

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [use @KERNEL instead of hardcoded URL]
2017-02-09 12:26:25 +01:00
John Crispin
1f3de99547 procd: update to latest git HEAD
cdc3dab ujail: fix signal forwarding

Signed-off-by: John Crispin <john@phrozen.org>
2017-02-09 09:14:45 +01:00
Daniel Golle
9eacb9d7fc rt2x00: mt7620: lots of improvements
This commit combines all the changes I've made on my staging tree
into a single commit fixing many issues with our patch for MT7620.

First of all, checkpatch.pl revealed numerous code style issues with
the patch, so fix all the white-space and commets. Also use
usleep_range instead of legacy timing and relax timing for VCO
calibration just like the vendor driver does.

Several line programming registers were commented out in the patch.
Originally this came from the features present but disabled by default
in the vendor's driver (RTMP_TEMPERATURE_CALIBRATION and
ADJUST_POWER_CONSUMPTION_SUPPORT). Remove the dead code for now, it can
easily be re-added if we actually intend to support those features.

Move values from mt7620_freqconfig type into the existing rf_channel
struct, this shouldn't be a new typedef and it is possible to use the
existing struct because rf_channel got 4 32-bit fields, so two of the
8-bit values from mt7620_freqconfig can easily be stored in the same
32-bit field.

Map values such that
Rdiv -> rf1
N    -> rf2
K    -> rf3[0:7]
D    -> rf3[8:15]
Ksd  -> rf4

This makes the channel switching logic already look a bit more like
what we are used to in rt2x00... Probably many of the read-modify-write
calls could still be replaced by macros intended for that.

iq calibration seems to be identical to RT5592, so just enable it.
Test shows that this improves things quite a lot, datarates went up
by a couple of megabits when running iperf, signal quality seems jumpy
in the first few seconds once a station connencts, the stabelizes on a
value significantly better than what it was before.

Add description to the patch and reference the original OpenWrt commit
by which it was added.

The patch now passes checkpatch.pl and can thus be discussed with the
upstream authors of the rt2x00 driver.

Funded-by: https://www.kickstarter.com/projects/1327597961/better-support-for-mt7620a-n-in-openwrt-lede/

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-02-08 22:21:26 +01:00
Hans Dedecker
b516b38f2f odhcp6c: update to GIT head version
cfd986c odhcp6c: fix possible stack corruption when parsing proc if_inet6

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-08 11:12:39 +01:00
Álvaro Fernández Rojas
fd94fa61a7 mac80211: brcmfmac: update Raspberry Pi patches for linux 4.9
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2017-02-07 23:16:26 +01:00
Álvaro Fernández Rojas
6b5c3fd055 kernel: of-mdio: add missing dependency for linux 4.9
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2017-02-07 23:00:13 +01:00
Álvaro Fernández Rojas
deb15cb23c brcmfmac: improve Raspberry Pi 3 stability
- Really disable power management (wrong config flags).
- Disable internal roaming engine.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2017-02-07 15:17:44 +01:00
Felix Fietkau
2a4d2e4519 mac80211: fix ath9k kernel crash with linux 4.9
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-07 11:38:54 +01:00
Hauke Mehrtens
985c90d102 tcpdump: update to version 4.9.0
This fixes the following 41 security problems:
 + CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
 + CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
 + CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
 + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
 + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
 + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
 + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
 + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
 + CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
 + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
 + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
 + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
 + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
 + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
 + CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
 + CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
 + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
 + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
 + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
 + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
 + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
 + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
 + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
 + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
 + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
 + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
 + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
 + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
      buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
      lightweight resolver protocol, PIM).
 + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
 + CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
 + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
 + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
 + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
 + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
 + CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
 + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
      OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
      print-ether.c:ether_print().
 + CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
 + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
 + CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
 + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
 + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().

The size of the package is only incread very little:
new size:
306430 tcpdump_4.9.0-1_mips_24kc.ipk
130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk

old size:
302782 tcpdump_4.8.1-1_mips_24kc.ipk
129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-02-06 22:33:58 +01:00
Álvaro Fernández Rojas
196509b489 brcm2708-gpu-fw: update to latest version
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2017-02-06 22:24:57 +01:00
Felix Fietkau
649e766a64 mac80211: update to wireless-testing 2017-01-31
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-06 12:27:12 +01:00
Kevin Darbyshire-Bryant
3bef96ef18 dnsmasq: update to dnsmasq 2.77test1
Bump to dnsmasq 2.77test1 - this includes a number of fixes since 2.76
and allows dropping of 2 LEDE carried patches.

Notable fix in rrfilter code when talking to Nominum's DNS servers
especially with DNSSEC.

A patch to switch dnsmasq back to 'soft fail' for SERVFAIL responses
from dns servers is also included.  This mean dnsmasq tries all
configured servers before giving up.

A 'localise queries' enhancement has also been backported (it will
appear in test2/rc'n') this is especially important if using the
recently imported to LEDE 'use dnsmasq standalone' feature 9525743c

I have been following dnsmasq HEAD ever since 2.76 release.
Compile & Run tested: ar71xx, Archer C7 v2

Tested-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-02-05 22:26:23 +01:00
Eric Luehrsen
f9f6a21c81 dnsmasq: fix instances in dhcp_add()
ref commit 9525743c07
dnsmasq: make DHCPv6 viable for standalone dnsmasq install
Above commit broke instancing by missing filter_dnsmasq()
as part of the dhcp_add() execution.

Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
2017-02-05 22:26:22 +01:00
Arjen de Korte
07d5fc7ada dnsmasq: honor quietdhcp option for DHCPv6
Do not spam the syslog with DHCPv6 lease info if quietdhcp option
is selected. This already works for DHCPv4, make it work in the same
way for DHCPv6.

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
[Originally written by Arjen de Korte on GitHub but had issues providing
a SoB in correct format.]
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-02-05 20:57:39 +01:00
Felix Fietkau
785f2a70da ubus: update to the latest version
Adds the following fixes:

91acde6 libubus: do not modify uloop_cancelled
763b9b2 libubus: reset ctx->sock.eof to fix reconnect issues

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-04 10:42:30 +01:00
Felix Fietkau
da93c15fd2 libubox: update to the latest version
Adds the following changes:

de3f14b uloop: add uloop_cancelling function
3b6181b utils: fix build on Mac OS X 10.12
7f671b1 blobmsg: add support for double
0fe1374 utils: add helper functions useful for allocating a ring buffer
8fc1c30 libubox: replace strtok with _r version.
4a9f74f libubox: allow reading out the pid of uloop process in lua
372e1e6 uloop: remove useless epoll data assignment
f9db1cb libubox: allow reading out the remaining time of a uloop timer in Lua

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-04 10:19:15 +01:00
Felix Fietkau
a5990b1a39 mt76: update to the latest version, fixes a MAC address handling regression
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-04 10:17:42 +01:00