ieee80211w support is only activated in hostapd when at least one
capable driver is build into the image. Many drivers which are capable
of ieee80211 (MFP) and have the MFP_CAPABLE set in the driver are still
missing the DRIVER_11W_SUPPORT dependency. Add this to more driver
capable of ieee80211w.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
b514490 iwinfo: add device id for MediaTek MT7603E
e9e1400 iwinfo: more Ralink and MediaTek WiSoC and PCIe chips
cb108c5 iwinfo: fix capitalization of vendor name
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Contains the following change
eeef7b5 blobmsg_json: blobmsg_format_string: do not escape '/'
Resolves FS#2147
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The change was made with the following commands
cd package/utils/busybox/config
../convert_menuconfig.pl ~/git-repo/openwrt/openwrt/build_dir/target-mips_24kc_musl/busybox-1.30.1
convert_defaults.pl has no changes other than overwriting defaults for
BUSYBOX_DEFAULT_FEATURE_IPV6
Resolves FS#2146
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This is to align with upstream change 72089cf ("config: deindent all
help texts") and to make the follow-up change syncing Config.in files
with current busybox version more reviewable
It was made with the following commands
cd package/utils/busybox/config
find . -name 'Config.in' | xargs sed -ir -e 's/^\t \([^ ]\)/\t\1/'
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
consolidate patch 651-rt2x00-remove-unneccesary-code.patch.
fixup the most obvious whitespace problems in RXIQ and TX-LOFT code.
always backup registers bbpr1, bbpr4, bbpr241 and bbpr242 to avoid
compiler warning about them being potentially uninitialized.
no functional changes (intended)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Use tested values on shuttle,kd20 and assumed values for
mitrastar,stg-212 and cloudengines,pogoplug*.
akitio users have yet to report back stock flash layout to support
vendor bootloader environment there as well.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
ar has a deterministic (-D) and non-deterministic (-U) mode.
OpenWrt is already using the deterministic mode by default,
but ncurses' configure script force this to be non-deterministic.
Since autoreconf fails to generate a new configure, the configure script
is directly modified.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Hardware
--------
CPU: Qualcomm IPQ4019
RAM: 256M
FLASH: 128M NAND
ETH: QCA8075
VDSL: Intel/Lantiq VRX518 PCIe attached
currently not supported
DECT: Dialog SC14448
currently not supported
WiFi2: IPQ4019 2T2R 2SS b/g/n
WiFi5: IPQ4019 2T2R 2SS n/ac
LED: - Power/DSL green
- WLAN green
- FON/DECT green
- Connect/WPS green
- Info green
- Info red
BTN: - WLAN
- FON
- WPS/Connect
UART: 115200n8 3.3V (located under the Dialog chip)
VCC - RX - TX - GND (Square is VCC)
Installation
------------
1. Grab the uboot for the Device from the 'u-boot-fritz7530'
subdirectory. Place it in the same directory as the 'eva_ramboot.py'
script. It is located in the 'scripts/flashing' subdirectory of the
OpenWRT tree.
2. Assign yourself the IP address 192.168.178.10/24. Connect your
Computer to one of the boxes LAN ports.
3. Connect Power to the Box. As soon as the LAN port of your computer
shows link, load the U-Boot to the box using following command.
> ./eva_ramboot.py --offset 0x85000000 192.168.178.1 uboot-fritz7530.bin
4. The U-Boot will now start. Now assign yourself the IP address
192.168.1.70/24. Copy the OpenWRT initramfs (!) image to a TFTP
server root directory and rename it to 'FRITZ7530.bin'.
5. The Box will now boot OpenWRT from RAM. This can take up to two
minutes.
6. Copy the U-Boot and the OpenWRT sysupgrade (!) image to the Box using
scp. SSH into the Box and first write the Bootloader to both previous
kernel partitions.
> mtd write /path/to/uboot-fritz7530.bin uboot0
> mtd write /path/to/uboot-fritz7530.bin uboot1
7. Remove the AVM filesystem partitions to make room for our kernel +
rootfs + overlayfs.
> ubirmvol /dev/ubi0 --name=avm_filesys_0
> ubirmvol /dev/ubi0 --name=avm_filesys_1
8. Flash OpenWRT peristently using sysupgrade.
> sysupgrade -n /path/to/openwrt-sysupgrade.bin
Signed-off-by: David Bauer <mail@david-bauer.net>
[removed pcie-dts range node, refreshed on top of AP120-AC/E2600AC]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Adds support for the AVM FRITZ!Box 7530.
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [PKG_RELEASE]
Qxwlan E2600AC C1 based on IPQ4019
Specifications:
SOC: Qualcomm IPQ4019
DRAM: 256 MiB
FLASH: 32 MiB Winbond W25Q256
ETH: Qualcomm QCA8075
WLAN: 5G + 5G/2.4G
* 2T2R 2.4/5 GHz
- QCA4019 hw1.0 (SoC)
* 2T2R 5 GHz
- QCA4019 hw1.0 (SoC)
INPUT: Reset buutton
LED: 1x Power ,6 driven by gpio
SERIAL: UART (J5)
UUSB: USB3.0
POWER: 1x DC jack for main power input (9-24 V)
SLOT: Pcie (J25), sim card (J11), SD card (J51)
Flash instruction (using U-Boot CLI and tftp server):
- Configure PC with static IP 192.168.1.10 and tftp server.
- Rename "sysupgrade" filename to "firmware.bin" and place it in tftp
server directory.
- Connect PC with one of RJ45 ports, power up the board and press
"enter" key to access U-Boot CLI.
- Use the following command to update the device to OpenWrt: "run lfw".
Flash instruction (using U-Boot web-based recovery):
- Configure PC with static IP 192.168.1.xxx(2-254)/24.
- Connect PC with one of RJ45 ports, press the reset button, power up
the board and keep button pressed for around 6-7 seconds, until LEDs
start flashing.
- Open your browser and enter 192.168.1.1, select "sysupgrade" image
and click the upgrade button.
Qxwlan E2600AC C2 based on IPQ4019
Specifications:
SOC: Qualcomm IPQ4019
DRAM: 256 MiB
NOR: 16 MiB Winbond W25Q128
NAND: 128MiB Micron MT29F1G08ABAEAWP
ETH: Qualcomm QCA8075
WLAN: 5G + 5G/2.4G
* 2T2R 2.4/5 GHz
- QCA4019 hw1.0 (SoC)
* 2T2R 5 GHz
- QCA4019 hw1.0 (SoC)
INPUT: Reset buutton
LED: 1x Power, 6 driven by gpio
SERIAL: UART (J5)
USB: USB3.0
POWER: 1x DC jack for main power input (9-24 V)
SLOT: Pcie (J25), sim card (J11), SD card (J51)
Flash instruction (using U-Boot CLI and tftp server):
- Configure PC with static IP 192.168.1.10 and tftp server.
- Rename "ubi" filename to "ubi-firmware.bin" and place it in tftp
server directory.
- Connect PC with one of RJ45 ports, power up the board and press
"enter" key to access U-Boot CLI.
- Use the following command to update the device to OpenWrt: "run lfw".
Flash instruction (using U-Boot web-based recovery):
- Configure PC with static IP 192.168.1.xxx(2-254)/24.
- Connect PC with one of RJ45 ports, press the reset button, power up
the board and keep button pressed for around 6-7 seconds, until LEDs
start flashing.
- Open your browser and enter 192.168.1.1, select "ubi" image
and click the upgrade button.
Signed-off-by: 张鹏 <sd20@qxwlan.com>
[ added rng node. whitespace fixes, ported 02_network,
ipq-wifi Makefile, misc dts fixes, trivial message changes ]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* wg-quick: freebsd: allow loopback to work
FreeBSD adds a route for point-to-point destination addresses. We don't
really want to specify any destination address, but unfortunately we
have to. Before we tried to cheat by giving our own address as the
destination, but this had the unfortunate effect of preventing
loopback from working on our local ip address. We work around this with
yet another kludge: we set the destination address to 127.0.0.1. Since
127.0.0.1 is already assigned to an interface, this has the same effect
of not specifying a destination address, and therefore we accomplish the
intended behavior. Note that the bad behavior is still present in Darwin,
where such workaround does not exist.
* tools: remove unused check phony declaration
* highlighter: when subtracting char, cast to unsigned
* chacha20: name enums
* tools: fight compiler slightly harder
* tools: c_acc doesn't need to be initialized
* queueing: more reasonable allocator function convention
Usual nits.
* systemd: wg-quick should depend on nss-lookup.target
Since wg-quick(8) calls wg(8) which does hostname lookups, we should
probably only run this after we're allowed to look up hostnames.
* compat: backport ALIGN_DOWN
* noise: whiten the nanoseconds portion of the timestamp
This mitigates unrelated sidechannel attacks that think they can turn
WireGuard into a useful time oracle.
* hashtables: decouple hashtable allocations from the main device allocation
The hashtable allocations are quite large, and cause the device allocation in
the net framework to stall sometimes while it tries to find a contiguous
region that can fit the device struct. To fix the allocation stalls, decouple
the hashtable allocations from the device allocation and allocate the
hashtables with kvmalloc's implicit __GFP_NORETRY so that the allocations fall
back to vmalloc with little resistance.
* chacha20poly1305: permit unaligned strides on certain platforms
The map allocations required to fix this are mostly slower than unaligned
paths.
* noise: store clamped key instead of raw key
This causes `wg show` to now show the right thing. Useful for doing
comparisons.
* compat: ipv6_stub is sometimes null
On ancient kernels, ipv6_stub is sometimes null in cases where IPv6 has
been disabled with a command line flag or other failures.
* Makefile: don't duplicate code in install and modules-install
* Makefile: make the depmod path configurable
* queueing: net-next has changed signature of skb_probe_transport_header
A 5.1 change. This could change again, but for now it allows us to keep this
snapshot aligned with our upstream submissions.
* netlink: don't remove allowed ips for new peers
* peer: only synchronize_rcu_bh and traverse trie once when removing all peers
* allowedips: maintain per-peer list of allowedips
This is a rather big and important change that makes it much much faster to do
operations involving thousands of peers. Batch peer/allowedip addition and
clearing is several orders of magnitude faster now.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This is bugfix release that incorporated all of the devcrypto engine
patches currently in the tree.
The cleaning procedure in Package/Configure was not removing the
dependency files, causing linking errors during a rebuild with
different options. It was replaced by a simple make clean.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
omcproxy's configuration is lost on every update or installation.
Avoid it by defining the configuration file.
Signed-off-by: David Santamaría Rogado <howl.nsp@gmail.com>
After update to 5.0.1 iw-full package failed to display command list on
ipq40xx arch. Root cause was found to be LTO reordering causing
incorrect detection of command struct size in:
iw.c:552
cmd_size = labs((long)&__section_set - (long)&__section_get);
This reverts commit ef16a394d2.
Signed-off-by: Mantas Pucka <mantas@8devices.com>
If no mcast_rate is set for the wifi-iface then there is no rate_idx (0)
set for the bss. This can break for example 5GHz meshpoint interfaces
because 0 maps to a CCK rate (11Mbit/s).
It must also be avoided that the ath10k-ct internal state for the rates is
not synced with the mac80211 rates state. Otherwise, the user specified
rate (e.g. a wifi-iface mcast_rate for a meshpoint interface) will only be
set on startup. And a short while after that, ath10k-ct specific code in
ath10k_check_apply_special_rates is missing a valid rate in its own
structures and is then recalculating a new default rate. This default rate
is in most situations not the requested rate.
Fixes: 4df3c71cd4 ("ath10k-ct: Update to 2018-12-11 and use version based on 4.19")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
If no mcast_rate is set for the wifi-iface then there is no rate_idx (0)
set for the bss. This breaks for example 5GHz meshpoint interfaces because
0 maps to a CCK rate (11Mbit/s).
Fixes: db90c243a0 ("mac80211: update to version based on 4.19-rc4")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
This should fix the WDS / 4addr mode with ath10k and probably other
devices.
This patch was found here: https://patchwork.kernel.org/patch/10692383/
Fixes: d9eefa7a70 ("mac80211: rebase ontop of v4.18.5")
Reported-by: Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Fix crash due to passing invalid r2x00dev->eeprom_file pointer to
release_firmware(). Since we copy eeprom data with EEPROM_SIZE
in rt2800_read_eeprom() we can use eeprom_file->size as marker
if the file was crated by request_firmware().
Acked-by: Kristian Evensen <kristian.evensen@gmail.com>
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
On targets that don't have input support enabled in the kernel config,
building kmod-input-touchscreen-ads7846 fails due to a missing
dependency on kmod-input-core. Add the dependency to fix this.
Fixes: 77a54bbf13 ("kernel: add kmod-input-touchscreen-ads7846")
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
max_ttl - limit the ttl in the dns answer if greater as $max_ttl
min_cache_ttl - force caching of dns answers even the ttl in the answer
is lower than the $min_cache_ttl
max_cache_ttl - cache only dns answer for $max_cache_ttl.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
This module adds support for ADS7846 based touchscreens used in devices
like the WaveShare 3.5" and 4" LCD displays designed for Raspberry Pi.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This module adds support for the ILI9486 LCD controller used in devices
like the Waveshare 3.5" and 4" LCD displays designed for Raspberry Pi.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This module adds support for small TFT LCD display modules. While this
module also exists in the 4.9 kernel, we are not going to support this
kernel in the next major release, so don't make it available for 4.9.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The kernel modules that provide support for framebuffers in system RAM
are currently included in the kmod-drm-imx package. Move them to a
separate package, so that other modules can depend on them.
Increase the autoload order of the drm-imx* packages to load the modules
after loading the fb modules they depend on.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This makes it clear that localuse when explicitly specified in the
config will have its final say on whether or not the initscript should
touch /etc/resolv.conf, no matter whatever the result of previous
guesswork would be
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This commit updates the file "board-linksys_ea6359v3".
Without this commit, the Linksys EA6350v3 will experience poor wireless
performance in both bands. With this patch, wireless performace will be
comparable to the performance of the stock firmware.
Signed-off-by: Oever González <notengobattery@gmail.com>
The board-files are specific to the target and device. Hence
they need to be set as nonshared. Otherwise they do not show
up on the package repository. This causes problems for
imagebuilder, if it needs to build a image for a specific
device that hasn't had the time to have get its boardfile
upstream.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Apparently this modem replies differently to attempted --get-pin-status
which makes the script fail if a pincode is set. Fix this.
Manufacturer: Sierra Wireless, Incorporated
Model: MC7455
Revision: SWI9X30C_02.24.05.06 r7040 CARMD-EV-FRMWR2 2017/05/19 06:23:09
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Cherry-pick Multi-AP commits from uptream:
9c06f0f6a hostapd: Add Multi-AP protocol support
5abc7823b wpa_supplicant: Add Multi-AP backhaul STA support
a1debd338 tests: Refactor test_multi_ap
bfcdac1c8 Multi-AP: Don't reject backhaul STA on fronthaul BSS
cb3c156e7 tests: Update multi_ap_fronthaul_on_ap to match implementation
56a2d788f WPS: Add multi_ap_subelem to wps_build_wfa_ext()
83ebf5586 wpa_supplicant: Support Multi-AP backhaul STA onboarding with WPS
66819b07b hostapd: Support Multi-AP backhaul STA onboarding with WPS
8682f384c hostapd: Add README-MULTI-AP
b1daf498a tests: Multi-AP WPS provisioning
Add support for Multi-AP to the UCI configuration. Every wifi-iface gets
an option 'multi_ap'. For APs, its value can be 0 (multi-AP support
disabled), 1 (backhaul AP), 2 (fronthaul AP), or 3 (fronthaul + backhaul
AP). For STAs, it can be 0 (not a backhaul STA) or 1 (backhaul STA, can
only associate with backhaul AP).
Also add new optional parameter to wps_start ubus call of
wpa_supplicant to indicate that a Multi-AP backhaul link is required.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Those have by now been merged into wireless-drivers-next:
17ae2acd1a6f rt2x00: remove unneeded check
5991a2ecd070 rt2x00: remove confusing AGC register
9ad3b5565445 rt2800: enable TX_PIN_CFG_LNA_PE_ bits per band
7aca14885ede rt2800: enable TX_PIN_CFG_RFRX_EN only for MT7620
c7ff1bfeaf1c rt2800: comment and simplify AGC init for RT6352
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Currently these kernel packages only work on x86, restrict them to that
target.
Fixes: 2f239c02a0 ("x86: video: add amdgpu DRM kernel package")
Fixes: 2f6918ee9b ("x86: video: add radeon DRM module support")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This reverts commit e6d84fa886 as it breaks the
installation of the iproute2 utilities ip-bridge, ss, nstat, devlink and rdma
for the ip-full variant
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This reverts commit 26681fa6a6 as it breaks the
installation of the iproute2 utilities ip-bridge, ss, nstat, devlink and rdma
for the ip-full variant
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This reverts commit fc80ef3613 as it breaks the
installation of the iproute2 utilities ip-bridge, ss, nstat, devlink and
rdma for the ip-full variant
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This reverts commit 248797834b as it breaks the
installation of the iproute2 utilities ip-bridge, ss, nstat, devlink and rdma
for the ip-full variant
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Currently it seems impossible to configure /etc/config/dhcp to achieve
the following use case
- run dnsmasq with no-resolv
- re-generate /etc/resolv.conf with "nameserver 127.0.0.1"
Before this change, we have to set resolvfile to /tmp/resolv.conf.auto
to achive the 2nd effect above, but setting resolvfile requires noresolv
being false.
A new boolean option "localuse" is added to indicate that we intend to
use dnsmasq as the local dns resolver. It's false by default and to
align with old behaviour it will be true automatically if resolvfile is
set to /tmp/resolv.conf.auto
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
backport from wireless-drivers-next, replacing some existing patches in
our tree (marked with '=' are those which were already present):
f483039cf51a rt2x00: use simple_read_from_buffer()
=5c656c71b1bf rt2800: move usb specific txdone/txstatus routines to rt2800lib
=0b0d556e0ebb rt2800mmio: use txdone/txstatus routines from lib
=5022efb50f62 rt2x00: do not check for txstatus timeout every time on tasklet
=adf26a356f13 rt2x00: use different txstatus timeouts when flushing
=0240564430c0 rt2800: flush and txstatus rework for rt2800mmio
6eba8fd22352 rt2x00: rt2400pci: mark expected switch fall-through
10bb92217747 rt2x00: rt2500pci: mark expected switch fall-through
916e6bbcfcff rt2x00: rt2800lib: mark expected switch fall-throughs
641dd8068ecb rt2x00: rt61pci: mark expected switch fall-through
750afb08ca71 cross-tree: phase out dma_zalloc_coherent()
=c2e28ef7711f rt2x00: reduce tx power to nominal level on RT6352
a4296994eb80 rt2x00: Work around a firmware bug with shared keys
2587791d5758 rt2x00: no need to check return value of debugfs_create functions
pending on linux-wireless:
rt2x00: remove unneeded check
rt2x00: remove confusing AGC register
rt2800: enable TX_PIN_CFG_LNA_PE_ bits per band
rt2800: enable TX_PIN_CFG_RFRX_EN only for MT7620
rt2800: comment and simplify AGC init for RT6352
rt2x00: do not print error when queue is full
rt2800: partially restore old mmio txstatus behaviour
rt2800: new flush implementation for SoC devices
rt2800: move txstatus pending routine
rt2800mmio: fetch tx status changes
rt2800mmio: use timer and work for handling tx statuses timeouts
rt2x00: remove last_nostatus_check
rt2x00: remove not used entry field
rt2x00mmio: remove legacy comment
While at it also rename some existing patches now that there are
separate folders with patches for each driver to make things a bit
nicer to handle.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This applies to kernel 4.10 and newer.
See 8db4c5be88
The above commit added to kernel 4.10 added new dependency
for building the NETFILTER_XT_MATCH_SOCKET (xt_socket.ko)
module. The NF_SOCKET_IPVx options (both of them) need to
be enabled in order to build the NETFILTER_XT_MATCH_SOCKET
module. Without the change the module is not built.
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
These two dependencies are mutual exclusive and it is only possible to
select one of them, change the select to a chose so it is only possible
to select one of them in OpenWrt menu config.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Applies a patch from https://github.com/openssl/openssl/pull/8213
that fixes an error where open /dev/crypto sessions were not closed.
Thanks to Ansuel Smith for reporting it.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
VBoxManage is not used and the image is created with proper permisions:
0f5d0f6 image: use internal qemu-img for vmdk and vdi images drop host
dependencies on qemu-utils and VirtualBox
Unreachable config symbols:
9e0759e x86: merge all geode based subtargets into one
No need to define those symbols since x86_64 is subtarget of x86:
196fb76 x86: make x86_64 a subtarget instead of a standalone target
Unreachable config symbols, so remove GRUB_ROOT:
371b382 x86: remove the xen_domu subtarget
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
This updates mac80211 to backports version 4.19.23-1 which includes all
the stable fixes from kernel 4.19.23.
The removed patches are included in this version.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Opkg treats text after a version number as higher than without:
~# opkg compare-versions "2.80rc1" "<<" "2.80"; echo $?
1
~# opkg compare-versions "2.80rc1" ">>" "2.80"; echo $?
0
This causes opkg not offering final release as upgradable version, and
even refusing to update, since it thinks the installed version is
higher.
This can be mitigated by adding ~ between the version and the text, as ~
will order as less than everything except itself. Since 'r' < 't', to
make sure that test will be treated as lower than rc we add a second ~
before the test tag. That way, the ordering becomes
2.80~~test < 2.80~rc < 2.80
which then makes opkg properly treat prerelease versions as lower.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
It was already enabled for wpad builds and since commit 6a15077e2d
the script relies on it. Size impact is minimal (2 kb on MIPS .ipk).
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Minor bugfix release. Fixes for
* bc/dc
* sed (backslash parsing for 'w' command)
* ip (vlan fixes)
* grep (fixes for -x -v)
* ls (-i compat)
No need to refresh patches or config defaults
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SoC: Qualcomm IPQ4019 (Dakota) 717 MHz, 4 cores
RAM: 256 MiB (Nanya NT5CC128M16IP-DI)
FLASH: 128 MiB (Macronix NAND)
WiFi0: Qualcomm IPQ4019 b/g/n 2x2
WiFi1: Qualcomm IPQ4019 a/n/ac 2x2
WiFi2: Qualcomm Atheros QCA9886 a/n/ac
BT: Atheros AR3012
IN: WPS Button, Reset Button
OUT: RGB-LED via TI LP5523 9-channel Controller
UART: Front of Device - 115200 N-8
Pinout 3.3v - RX - TX - GND (Square is VCC)
Installation:
1. Transfer OpenWRT-initramfs image to the device via SSH to /tmp.
Login credentials are identical to the Web UI.
2. Login to the device via SSH.
3. Flash the initramfs image using
> mtd-write -d linux -i openwrt-image-file
4. Power-cycle the device and wait for OpenWRT to boot.
5. From there flash the OpenWRT-sysupgrade image.
Ethernet-Ports: Although labeled identically, the port next to
the power socket is the LAN port and the other one is WAN. This
is the same behavior as in the stock firmware.
Signed-off-by: Marius Genheimer <mail@f0wl.cc>
[Dropped setup_mac 02_network in favour of 05_set_iface_mac_ipq40xx.sh,
reorderd 02_network entries, added board.bin WA for the QCA9886 from ath79,
minor dts touchup, added rng to 4.19 dts]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
- Add the /etc/ssl/openssl.cnf as a separate package, to avoid breaking
the transitional mechanism, allowing libopenssl_1.0* and
libopenssl_1.1* to coexist.
- Remove the (selecting) dependency on @KERNEL_AIO
- Use global SOURCE_DATE_EPOCH
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Add a patch to enable the option to change the default ciphersuite list
ordering to prefer ChaCha20 over AES-GCM. This is used by default for
all platforms, except for x86_64 and aarch64. The assumption is that
only the latter have AES-specific CPU instructions and asm code that
uses them in openssl. Chacha20Poly1305 is 3x faster than AES-256 in
systems without AES instructions, with an equivalent strength.
Disable error messages by default except for devices with small flash or
RAM, to aid debugging.
Disable ASM by default on arm platform with small flash. Size
difference on mips and powerpc, the other platforms with small flash
devices, are not really relevant (using 100K as a threshold). All of
the affected platforms are source-only anyway.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
This version adds the following functionality:
* TLS 1.3
* AFALG engine support for hardware accelleration
* x25519 ECC curve support
* CRIME protection: disable use of compression by default
* Support for ChaCha20 and Poly1305
Patches fixing bugs in the /dev/crypto engine were applied, from
https://github.com/openssl/openssl/pull/7585
This increses the size of the ipk binray on MIPS32 by about 32%:
old:
693.941 bin/packages/mips_24kc/base/libopenssl1.0.0_1.0.2q-2_mips_24kc.ipk
193.827 bin/packages/mips_24kc/base/openssl-util_1.0.2q-2_mips_24kc.ipk
new:
912.493 bin/packages/mips_24kc/base/libopenssl1.1_1.1.1a-2_mips_24kc.ipk
239.316 bin/packages/mips_24kc/base/openssl-util_1.1.1a-2_mips_24kc.ipk
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Adds the following configuration options:
* using optimized assembler code (was always on before)
* use of x86 SSE2 instructions
* dyanic engine support
* include error messages
* Camellia, Gost, Idea, MDC2, Seed & Whirlpool algorithms
* RFC3779, CMS protocols
* VIA padlock hardware acceleration engine
Installs openssl.cnf with the library as it is used by engines
independent of the openssl util.
Fixes DTLS option that was innefective before.
Disables insecure SSL3 protocol and SHA0.
Adds openwrt-specific targets to Configure script, including asm support
for i386, ppc and mips64.
Strips building dirs from CFLAGS shown in binary.
Skips the fuzz directory during build.
Removed include/crypto/devcrypto.h that was included here, to use the
cryptodev-linux package, now that it was been moved from the packages
feed to the main openwrt repository.
This decreses the size of the ipk binray on MIPS32 by about 3.3%:
old:
706.957 bin/packages/mips_24kc/base/libopenssl1.0.0_1.0.2q-2_mips_24kc.ipk
199.294 bin/packages/mips_24kc/base/openssl-util_1.0.2q-2_mips_24kc.ipk
new:
693.941 bin/packages/mips_24kc/base/libopenssl1.0.0_1.0.2q-2_mips_24kc.ipk
193.827 bin/packages/mips_24kc/base/openssl-util_1.0.2q-2_mips_24kc.ipk
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
ucert needs to check the firmware part with metadata, but without the signature.
Use the new fwtool mode to extract that without altering the firmware image inside
the check
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This allows extracing the firmware + metadata from a signed firmware without
altering the original image file
Signed-off-by: Felix Fietkau <nbd@nbd.name>
In the case of SHARED_LIBS=y, don't use -export-dynamic to place *all*
symbols into the dynamic symbol table. Instead, use --dynamic-list to
export a smaller set of symbols similar to that defined in static-syms.h
in the case of SHARED_LIBS=n, avoiding an 11 KB tc package size increase.
Also increment PKG_RELEASE.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
This enables using the tc module m_xt.so, which uses the act_ipt kernel
module to allow tc actions based on iptables targets. e.g.
tc filter add dev eth0 parent 1: prio 10 protocol ip \
u32 match u32 0 0 action xt -j DSCP --set-dscp-class BE
Make the SHARED_LIBS parameter configurable and based on tc package
selection.
Fix a problem using the tc m_xt.so plugin as also described in
https://bugs.debian.org/868059:
Sync include/xtables.h from iptables to make sure the right offset is
used when accessing structure members defined in libxtables. One could
get “Extension does not know id …” otherwise. (See also: #868059)
Patch to sync the included xtables.h with system iptables 1.6.x. This
continues to work with iptables 1.8.2.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Simplify build and runtime dependencies on libelf, which allows tc and ip
to load BPF and XDP object files respectively.
Preserve optionality of libelf by having configuration script follow the
HAVE_ELF environment variable, used similarly to the HAVE_MNL variable.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Replace the old 'tc' with a singleton package variant which will be used
to enable additional functionality and limit it only to tc. Non-variant
packages will only be installed during 'tiny' variant builds, hence will
be configured without extra features, thus preserving previously limited
functionality and reduced package sizes.
Also set ip-tiny as the default variant, and install 'tiny' versions of
development libraries.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Compile-based feature detection (e.g. xtables, ipset support) was broken
due to silent compilation errors in the configure script, caused by a
Makefile variable KERNEL_INCLUDE referring to kernel build headers. Use
userspace headers by setting the same "user_headers" kernel include path
as used for the iptables build.
Remove redundant or unused Build/Configure definitions from package
Makefile, including KERNEL_INCLUDE, LIBC_INCLUDE and DBM includes.
Don't pass LDFLAGS within MAKE_FLAGS as this interferes with LDFLAGS in
tc/Makefile and masks a link parameter ("-Wl,-export-dynamic"). Instead,
use standard TARGET_LDFLAGS.
Replace EXTRA_CCOPTS in MAKE_FLAGS with cleaner TARGET_CPPFLAGS, and also
drop now unneeded patch 150-extra-ccopts.patch.
Enable defining XT_LIB_DIR from Makefile, needed to set the iptables
modules directory to something other than /lib/xtables, and also add
libxtables dependency. Both are needed with working xtables detection.
Note that libxtables is also pulled in by iptables, firewall or luci, so
this change has no size impact in most cases.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Since v4.13, iproute2 switched to a config.mk file with greater use of
pkg-config for library/feature detection. Replace the old Config patch
with one modifying the configure script but enabling the same changes:
- explicitly disable TC_CONFIG_ATM
- rely on feature detection for IP_CONFIG_SETNS and TC_CONFIG_XT
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Add the test_bpf module that runs various test vectors against the BPF
interpreter or BPF JIT compiler. The module must be manually loaded, as
with the kmod-crypto-test module which serves a similar purpose.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Add em_ipset module to support tc filter classification by IP set. Build
as a standalone package to help avoid pulling in rest of kmod-sched and
isolate new dependency on kmod-ipt-ipset.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Add act_pedit, act_csum, act_gact and act_simple modules for additional
tc action support. Module act_simple helps with debug and logging, similar
to iptables LOG target, while act_gact provides common generic actions.
Modules act_pedit and act_csum support general packet mangling, and have
been the subject of feature requests and forum discussions (e.g. DSCP),
as well as being added to the Turris OS fork of OpenWrt ~2 years ago.
Also select dependency kmod-lib-crc32c to support act_csum.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
All tc ematch modules, including those in kmod-sched-core and kmod-sched,
use cls_basic as a core dependency. Relocate cls_basic from kmod-sched to
kmod-sched-core to avoid requiring kmod-sched unnecessarily.
This change is also backwards compatible since any past tc ematch users
will have had to install both kmod-sched-core and kmod-sched anyway.
Add the matchall kernel module cls_matchall introduced in kernel 4.8. The
matchall classifier matches every packet and allows the user to apply
actions on it. It is a simpler, more efficient replacement for the common
but cryptic tc classifier idiom "u32 match u32 0 0".
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Issues a wmi command to firmware when multicast rate change is received with the
new BSS_CHANGED_MCAST_RATE flag. Also fixes the incorrect fixed_rate setting
for CCK rates which got introduced with addition of ath10k_rates_rev2 enum.
By default the firmware uses 1Mbps and 6Mbps rate for management packets
in 2G and 5G bands respectively. But when the user selects different
basic rates from the userspace, we need to send the management
packets at the lowest basic rate selected by the user.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
By default the firmware uses 1Mbps and 6Mbps rate for management packets
in 2G and 5G bands respectively. But when the user selects different
basic rates from the userspace, we need to send the management
packets at the lowest basic rate selected by the user.
This change makes use of WMI_VDEV_PARAM_MGMT_RATE param for configuring the
management packets rate to the firmware.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Release notes since last time:
2019-02-08:
Fix rate-ctrl assert related to bad logic that tried to guess
that lower bandwidth probes were automatically successful if
higher was. The NSS mismatch that can happen here caused the
assert. Just comment out the offending code
(per comment from original QCA code). This is bug 69.
2019-02-10:
Fix bssid mis-alignment that broke 4-addr vlan mode (bug 67).
Original buggy commit was
commit 2bf89e70ecd1 ("dev-ds: Better packing of wal_vdev struct.")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Same reasoning as in bdedb798150a58ad7ce3c4741f2f31df97e84c3f; don't set
default firewall zone to wan as the firewall zone for the vti interface
can be configured in the firewall config or it makes it impossible not to
specify a firewall zone for the vti interface.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Same reasoning as in bdedb798150a58ad7ce3c4741f2f31df97e84c3f; don't set
default firewall zone to wan as the firewall zone for the ipip interface
can be configured in the firewall config or it makes it impossible not to
specify a firewall zone for the ipip interface.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Remove 980-rt2x00-reduce-power-consumption-on-mt7620.patch which in
combination with the most recently added patch reportedly causes TX
power to be too weak.
"without patches rssi on receiver is ~ -23dBm with 980 about -35dBm,
with both patches drops below -40dBm. with 987 only ~-28dBm"
We may need to reconsider this once we have implemented TSSI.
Fixes: cdb58b2bfe ("mac80211: rt2x00: reduce tx power to nominal level on RT6352")
Reported-by: Tomislav Požega <pozega.tomislav@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Fixed CVEs:
CVE-2018-16890
CVE-2019-3822
CVE-2019-3823
For other changes in version 7.64.0 see https://curl.haxx.se/changes.html#7_64_0
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Current implementation of RT6352 support provides too high tx power
at least on iPA/eLNA devices. Reduce amplification of variable gain
amplifier by 6dB to match board target power of 17dBm.
Transmited signal strength with this patch is similar to that of
stock firmware or pandorabox firmware. Throughput measured with iperf
improves. Device tested: Xiaomi Miwifi Mini.
Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
There are two problems with this behaviour that the zone is set to wan
if no zone config option is defined in the interface section.
* The zone for the interface is "normally" specified in the firewall
config file. So if we have defined "no" zone for this interface zone
option is set now to "wan" additonaly if we add the interface in the firewall
config section to the "lan" zone, the interface is added to lan and wan at once.
iptables-save | grep <iface>
This is not what I expect.
* If I do not want to set a zone to this interface it is not possible.
Remove the default assigment to wan if no zone option is defined.
If some one need the option it stil possible to define this option.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
The package hash does not match the one of the package found on the
mirrors and which is generated when I do the git clone.
Fixes: 4856fa30a6 ("nat46: import for routing, add myself as maintainer")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* Jan 2, 2019
Rebase patches to make 9980 bisectable.
* Jan 2, 2019
Fix scheduling related assert when wal-peer is deleted with pending
tx buffers (bug 54, and others)
* Jan 7, 2019:
Fix specifying retransmits for AMPDU frames. It was previously ignored
since it is a 'software' retransmit instead of a hardware retransmit.
* Jan 9, 2019
Fix potential way to get zero rates selected (and then assert)
* Jan 18, 2019
pfsched has specific work-around to just return if we find invalid flags AND
if we are in an out-of-order situation. Maybe this is last of the pfsched
related issues (bug 54 and similar).
* Jan 24, 2019
The rcSibUpdate method can be called concurrently with IRQ tx-completion callback,
and that could potentially allow the tx-completion callback to see invalid state
and assert or otherwise mess up the rate-ctrl logic. So, disable IRQs in
rcSibUpdate to prevent this. Related to bug 58.
* Jan 28, 2019
Ensure that cached config is applied to ratectrl objects when fetched from
the cache. This should fix part of bug 58.
* Jan 28, 2019
Ensure that ratectrl objects from cachemgr are always initialized. This fixes
another part of bug 58.
* Jan 30, 2019
Better use of temporary rate-ctrl object. Make sure it is initialized, simplify
code path. This finishes up porting forward similar changes I made for wave-1
firmware long ago, and fixes another potential way to hit bug-58 issues.
* Jan 30, 2019
Cachemgr did not have a callback for when memory was logically freed. This means
that peers could keep stale references to rate-ctrl objects that were in process
of being DMA'd into to load a different peer's rate-ctrl state. This was causing
the bugcheck logic to fail early and often, and I suspect it might be a root cause
of bug 58 as well. The fix is to add a callback and set any 'deleted' memory references
to NULL so that we cannot access it accidentally. Thanks to excellent logs and patience
from the bug-58 reporter!
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
a9d4c0e mt76: mt76x2: avoid running DPD calibration if tx is blocked
4d7e13f mt76: explicitly disable energy detect cca during scan
e3c1aad mt76: run MAC work every 100ms
4e8766a mt76: clear CCA timer stats in mt76x02_edcca_init
e301f23 mt76: measure the time between mt76x02_edcca_check runs
74075ef mt76: increase ED/CCA tx block threshold
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Package kmod-drm is missing dependencies for the following libraries:
drm_panel_orientation_quirks.ko
It seems, that since Linux 4.15-rc2 drm depends on drm_panel_orientation_quirks.ko
commit 8d70f395e6cbece665b12b4bf6dbc48d12623014
Author: Hans de Goede <j.w.r.degoede@gmail.com>
Date: Sat Nov 25 20:35:49 2017 +0100
drm: Add support for a panel-orientation connector property, v6
On some devices the LCD panel is mounted in the casing in such a way that
the up/top side of the panel does not match with the top side of the
device (e.g. it is mounted upside-down).
This commit adds the necessary infra for lcd-panel drm_connector-s to
have a "panel orientation" property to communicate how the panel is
orientated vs the casing.
Userspace can use this property to check for non-normal orientation and
then adjust the displayed image accordingly by rotating it to compensate.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
a4ec45c mt7603: fix LED support (copy CFLAGS from main Makefile)
edda5c5 mt76x02: use mask for vifs
dd52191 mt76x02: use commmon add interface for mt76x2u
a80acaf mt76x02: initialize mutli bss mode when set up address
38e832d mt76x02: minor beaconing init changes
171adaf mt76x02: init beacon config for mt76x2u
dcab682 mt76: beaconing fixes for USB
ff81de1 mt76x02: enable support for IBSS and MESH
8027b5d mt7603: remove copyright headers
e747e80 mt76: fix software encryption issues
2afa0d7 mt7603: remove WCID override for software encrypted frames
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Host "gd.tuwien.ac.at" does not exists anymore, so we replace it by "ftp.pca.dfn.de" from the official list of mirrors.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
d4ba162 libopkg: only perform size check when information is available
Fixes: e079591b84 ("opkg: update to latest Git head")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
c3da1aa mt7603: trigger beacon stuck detection faster
7a53138 mt7603: trigger watchdog reset if flushing CAB queue fails
6eef33b mt7603: remove mt7603_txq_init
ae30c30 mt76: add driver callback for when a sta is associated
0db925f mt7603: update HT/VHT capabilities after assoc
b5ac8e4 mt7603: initialize LED callbacks only if CONFIG_MT76_LEDS is set
c989bac mt76x0: eeprom: fix chan_vs_power map in mt76x0_get_power_info
24bd2c0 mt76x0: phy: report target_power in debugfs
bc7ce2a mt76x0: init: introduce mt76x0_init_txpower routine
Signed-off-by: Felix Fietkau <nbd@nbd.name>
When config_get is called as "config_get section option" the option
is unexpectedly globbed by the shell which differs from the way options
are read to a variable with "config_get variable section option".
Add another layer of double quotes to fix it.
Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
If a user finds that logd is too barebone for their needs and wishes
to have more control over syslog, the user presently has an option
to enable CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOG and configure syslog
with settings in /etc/syslog.conf.
Presently /etc/syslog.conf silently disappears on sysupgrade. This
patch prevents such unwanted behaviour if busybox syslog is enabled
via CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOG.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
This fixes the following security problems:
* CVE-2018-5407: Microarchitecture timing vulnerability in ECC scalar multiplication
* CVE-2018-0734: Timing vulnerability in DSA signature generation
* Resolve a compatibility issue in EC_GROUP handling with the FIPS Object Module
Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
As the usage of libbsd is no longer limited to glibc, prevent libbsd
being picked up by removing the dependency on libbsd.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This introduces a new Kconfig option to switch on/off mbedtls' support
for debug functions.
The idea behind is to inspect TLS traffic with Wireshark for debug
purposes. At the moment, there is no native or 'nice' support for
this, but at
68aea15833
an example implementation can be found which uses the debug functions
of the library. However, this requires to have this debug stuff enabled
in the library, but at the moment it is staticly patched out.
So this patch removes the static part from the configuration patch
and introduces a dynamic config file editing during build.
When enabled, this heavily increases the library size, so I added
a warning in the Kconfig help section.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This reduces the needed modifications to the mainline Linux kernel and
also makes the regmap package work with an out of tree kernel which
does not have these modifications.
The regmap-core is only added when it is really build as a module.
The regmap-core is normally bool so it cannot be built as a module in an
unmodified kernel. When it is selected by on other kernel module it will
always be selected as build in and it also does not show up in
$(LINUX_DIR)/modules.builtin as it is not supposed to be a kernel module.
When it is not in $(LINUX_DIR)/modules.builtin the build system expects
it to be built as a .ko file.
Just check if the module is really there and only add it in that case.
This splits the regmap package into multiple packages, one for each bus type.
This way only the bus maps which are really needed have to be added.
This also splits the I2C, SPI and MMIO regmap into separate packages to not
require all these subsystems to build them, on an unmodified upstream kernel
this also causes problems in some situations.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Added e4crypt tool for encrypting files and directories. To work properly
requires kernel and work on keyutils. That will be done in a future commit
Some top-level reorganization for consistency between packages.
Tested on GnuBee PC1 (mt7621).
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Add support for passing additional parameters to mtd called during
sysupgrade. It will be required to toggle the "recovery moe" flag
supported by recent tp-link boards.
Signed-off-by: David Bauer <mail@david-bauer.net>
[split code from board support patch; add commit message]
Signed-off-by: Mathias Kresin <dev@kresin.me>
This adds an option to set the recovery flag of newer TP-Link MediaTek
boards and remove it after a successful write.
To make use of this feature, add the '-t' option to mtd-write.
The '-t' option takes the mtd partition containing the recovery flag
(usually 'romfile') as an argument. Make sure this partition is not
flagged as read-only!
Example:
> mtd -t romfile write owrt.bin firmware
This command writes the recovery-flag before it begins writing the image
to the firmware partition. After the image-write has been successful,
the recovery flag is removed.
This way, the TP-Link web-recovery is automatically enabled on an
unsucessful flash (e.g. power loss).
This option is only available if the mtd package is compiled for the
ramips target.
Signed-off-by: David Bauer <mail@david-bauer.net>
This commit adds the object 'linksys_bootcount_fix.o' to the ipq40xx
target.
This is needed for the Linksys EA6350v3 device. Without this patch, the
device will switch-back between the current and the last flashed firmware
every 3 (three) reboots. With this patch, the device works as expected.
Signed-off-by: Ryan Pannell <ryan@osukl.com>
Signed-off-by: Oever González <notengobattery@gmail.com>
This commit adds support for the Linksys EA6350v3 device in the ipq40xx
target.
This is needed for uboot-envtools to access the environment. Without this
patch, the Linksys EA6350v3 will not be able to access the uboot
environment. As a side effect, the feature auto_recovery will make the
device unstable by switching between the latest and the current firmware.
Signed-off-by: Ryan Pannell <ryan@osukl.com>
Signed-off-by: Oever González <notengobattery@gmail.com>
This commit adds support for the Linksys EA6350v3 device in the ipq-wifi
target.
Without this patch, the Linksys EA6350v3 won't be hable to have fully
functional wireless interfaces. This is not permanent: the board data has
already been sent to ath10k _at_ lists _dot_ infradead _dot_ org
Signed-off-by: Ryan Pannell <ryan@osukl.com>
Signed-off-by: Oever González <notengobattery@gmail.com>
This patch adds several country codes to the regd.h and regd_common.h
files in order to support devices whose country codes are not present in
the original list.
Without this patch, all devices whose manufacturer programmed any of these
code in their EEPROM will run without wireless interfaces.
Signed-off-by: Oever González <notengobattery@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [matched signed-off]
CPU: FSL P1020 (2x 800MHz E500 PPC)
RAM: 1GB DDR3
FLASH: 256MiB NAND
WiFi: 2x Atheros AR9382 2x2:2 abgn
ETH: 2x BCM54616S - 1x BCM53128 8-port switch
LED: 5x LEDs (Power, WiFi1, WiFi2, N/D, SYS)
BTN: 1x RESET
Installation
------------
1. Download initrams kernel image, dtb binary and sysupgrade image.
2. Place initramfs kernel into tftp root directory. Rename to
"panda-uimage-factory".
3. Place dtb binary into tftp root directory. Rename to "panda.fdt".
4. Start tftp server on 192.168.100.8/24.
5. Power up the device with the reset button pressed. It will download
the initrams and dtb via tftp and boot into OpenWRT in RAM.
6. SSH into the device and remove the factory partitions.
> ubirmvol /dev/ubi0 --name=kernel1
> ubirmvol /dev/ubi0 --name=rootfs1
> ubirmvol /dev/ubi0 --name=devicetree1
You will have around 60 MiB of free space with that.
You can also delete "kernel2", "devicetree2", "rootfs2" and "storage"
respectively in case you do not want to go back to the vendor firmware.
7. Modify the U-Boot bootcmd to allow for booting OpenWRT
> fw_setenv bootcmd_owrt "ubi part ubi && ubi read 0x1000000 kernel
&& bootm 0x1000000"
> fw_setenv bootargs_owrt "setenv bootargs console=ttyS0,115200
ubi.mtd=3,2048"
> fw_setenv bootcmd "run bootargs_owrt; run bootcmd_owrt"
8. Transfer the sysupgrade image via scp into the /tmp directory.
9. Upgrade the device
> sysupgrade -n /tmp/<imagename>
Signed-off-by: David Bauer <mail@david-bauer.net>
The library has an usual shared object file name, which caused the
install glob pattern to miss the actual so.
Fixes: #2082
Fixes; 0e70f69a35 ("treewide: revise library packaging")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This bumps ppp to latest git version.
There is one upstream commit, which changes DES encryption calls from
libcrypt / glibc to openssl.
As long as we don't use glibc-2.28, revert this commit.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Initially this patch was introduced as a quick fix following
the removal of 936-ath10k_skip_otp_check.patch which caused
multiple ath10k pcie devices in various ipq806x and ar71xx/ath79
targets to malfunction.
Thankfully, the affected devices have been updated to utilize
the pre-caldata method. And finally with the switch to ath10k-ct,
which never had the patch or any reports of similar issues, I
think it's time to remove this patch since it is no longer needed.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The ABI_VERSION:=1 tag will take care of transforming the binary
library package basename.
Add a virtual PROVIDES:=libelf1 for packages still having libelf1
in their DEPENDS:=... lists.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Last incompatible change appeared to be 4924411
("http: add proper error handling to uclient_http_redirect()") which
changed the return value of uclient_http_redirect() from bool to int.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* tools: curve25519: handle unaligned loads/stores safely
This should fix sporadic crashes with `wg pubkey` on certain architectures.
* netlink: auth socket changes against namespace of socket
In WireGuard, the underlying UDP socket lives in the namespace where the
interface was created and doesn't move if the interface is moved. This
allows one to create the interface in some privileged place that has
Internet access, and then move it into a container namespace that only
has the WireGuard interface for egress. Consider the following
situation:
1. Interface created in namespace A. Socket therefore lives in namespace A.
2. Interface moved to namespace B. Socket remains in namespace A.
3. Namespace B now has access to the interface and changes the listen
port and/or fwmark of socket. Change is reflected in namespace A.
This behavior is arguably _fine_ and perhaps even expected or
acceptable. But there's also an argument to be made that B should have
A's cred to do so. So, this patch adds a simple ns_capable check.
* ratelimiter: build tests with !IPV6
Should reenable building in debug mode for systems without IPv6.
* noise: replace getnstimeofday64 with ktime_get_real_ts64
* ratelimiter: totalram_pages is now a function
* qemu: enable FP on MIPS
Linux 5.0 support.
* keygen-html: bring back pure javascript implementation
Benoît Viguier has proofs that values will stay well within 2^53. We
also have an improved carry function that's much simpler. Probably more
constant time than emscripten's 64-bit integers.
* contrib: introduce simple highlighter library
This is the highlighter library being used in:
- https://twitter.com/EdgeSecurity/status/1085294681003454465
- https://twitter.com/EdgeSecurity/status/1081953278248796165
It's included here as a contrib example, so that others can paste it into
their own GUI clients for having the same strictly validating highlighting.
* netlink: use __kernel_timespec for handshake time
This readies us for Y2038. See https://lwn.net/Articles/776435/ for more info.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Update to the latest version of iproute2; see https://lwn.net/Articles/776174/
for a full overview of the changes in 4.20.
Remove upstream patch 001-fix-print_0xhex-on-32-bit.patch and 002-tc-fix-xtables-incorrect-usage-of-LDFLAGS.patch
Introduce a patch to include <linux/limits.h> for XATTR_SIZE_MAX in tc
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
On musl based distributions, u-boot 2010.03 fails to build with:
u-boot-2010.03/include/u-boot/crc.h:29:50: error: unknown type name 'uint'
uint32_t crc32 (uint32_t, const unsigned char *, uint);
The issue was fixed in the newer u-boot-2018.03 version, this commit
backports the change to the older version used by ar71xx/ath79.
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
[add commit message from PR description]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The crypt(3) function is allowed to fail with either EINVAL or ENOSYS when
the given salt is either invalid or when the requested algorithm is not
implemented.
In such a case, libbb's pw_encrypt() function will silently convert the
crypt() NULL return value into an empty string which is then processed
without further errors by utilities such as chpasswd or passwd, causing
them to set an empty password when an unsupported cipher is requested.
Patch the relevant users of pw_encrypt() to abort in case an empty hash
is returned by pw_encrypt() in order to mitigate the problem.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Since readline/host links ncurses/host now, we need to ensure that the
libncursesw.so host library is built with -fPIC.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This may be useful if you don't entirely trust your flash and want to be able
to check for corruptions.
Signed-off-by: Michal Hrusecky <Michal@Hrusecky.net>
This adds a wrapper (uci_load_validate) for uci_validate_section() that
allows callers (through a callback function) to access the values set by
uci_validate_section(), without having to manually declare a
(potentially long) list of local variables.
The callback function receives two arguments when called, the config
section name and the return value of uci_validate_section().
If no callback function is given, then the wrapper exits with the value
returned by uci_validate_section().
This also updates several init scripts to use the new wrapper function.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
these utilities need to run with uid 0 to be useful. Thus,
install them setuid root like other distros do, too.
Signed-off-by: Carsten Wolff <carsten@wolffcarsten.de>
[use INSTALL_SUID macro]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Linux kernel has a polling mechanism that can be activated by changing
the parameter /sys/module/block/parameters/events_dfl_poll_msecs which
is deactivated by default or the /sys/block/[device]/events_poll_msecs
for one device.
This patch set the events_poll_msecs when a disk is inserted.
Once the media disk change event is sent by the kernel then we force a
re-read of the devices using /sbin/block info.
With this patch, insertion and ejection of sd card will automatically
generate partition devices in /dev.
Signed-off-by: Matthias Badaire <mbadaire@gmail.com>
[rewrap commit message, fix bashisms, fix non-matching condition,
bump pkg release]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Also fix the libxxxw.so* -> libxxx.so* linking to actually work, the
prevsious code failed to properly symlink the versioned .so files.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update (lib)readline to 8.0
Remove autoreconf
Remove blankspace at the end of the lines in description
Remove --enable-shared and --enable-static as they're enabled by default
Remove TARGET_CPPFLAGS
Simplify install sections
Install readline.pc (pkgconfig)
Add patch for linking (lib)ncurses
Source:
https://git.buildroot.net/buildroot/plain/package/readline/0000-curses-link.patch
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
In order to prepare the switch from librpc to libtirpc, we need to relocate
conntrack-tools to the packages feed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
d273ddd mt7603: fix number of frames limit in .release_buffered_frames
63bf183 mt76: add channel switch announcement support
e45db12 mt7603: fix tx status info
9d11596 mt7603: discard bogus tx status data
4bcb2f9 mt7603: fix txd q_idx field value
4206db7 mt76: set IEEE80211_HW_NEEDS_UNIQUE_STA_ADDR flag
c4e4982 mt7603: set IEEE80211_HW_TX_STATUS_NO_AMPDU_LEN
702f557 mt7603: use maximum tx count for buffered multicast packets
158529d mt7603: fix PSE reset retry sequence
fc31457 mt7603: implement support for SMPS
Signed-off-by: Felix Fietkau <nbd@nbd.name>
e7e8ee5f Update bash_completion
b3b4e335 Update manual pages
bd93d90a Don't treat text as option if it matches -[0-9]
ea69c84b Bump up version number to 1.36.0
783b649b Update AUTHORS
eb21e6f8 Merge branch 'update-http-parser'
ab2aa567 Fix test failure
ff87a542 Use http-parser 0d0a24e19eb5ba232d2ea8859aba2a7cc6c42bc4
439dbce6 Merge branch 'nghttpx-h1-connection-pool-per-addr'
e9c9838c nghttpx: Pool h1 backend connection per address
803d4ba9 Merge branch 'nghttpx-randomize-roundrobin-order'
732245e5 make clang-format
9e8d5433 Use clang-format-7
fdcdb21c nghttpx: Randomize backend address round robin order per thread
11d0533c nghttpx: Ensure that cert serial does not exceed 20 bytes
dbb5f00d Merge pull request #1287 from rckclmbr/fix_serial_size
9cc412e2 Merge pull request #1285 from staticinvocation/master
5b2efc0a Fix getting long serial numbers for openssl < 1.1
7e4c48a4 Disable shared library if ENABLE_SHARED_LIB is OFF
082e162f Merge pull request #1282 from alagoutte/travis
7cc7c06c .travis(.yml): no longer need llvm-toolchain-trusty-7
12ebeb30 .travis(.yml): Update to Xenial
c78abbe1 Update mruby to 2.0.0
124c7848 nghttpx: Add missing return
ce9667c4 Merge branch 'nghttpx-fix-trailing-slash-handling'
f3f40840 nghttpx: Fix broken trailing slash handling
302abf1b h2load: Fix compile error with gcc
089a03be h2load: Write log file with write(2)
de4fe728 Merge branch 'pyos-master'
d1b3a83f h2load: add an option to write per-request logs
eb679253 Merge branch 'puscas-port_in_use'
6800d317 added access to the number of the current server port
c98362ea Bump up version number to 1.36.0-DEV
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Add the ABI_VERSION source makefile variable to the binary package basename
and resolve source dependencies on packages with ABI_VERSION set to such
expanded names.
If for example a package specifies DEPENDS:=libopenssl while the OpenSSL
Makefile specifies ABI_VERSION:=1.0.0, the resulting ipk control data
dependency will be "Depends: libopenssl1.0.0" and the libopenssl ipk file
will be called "libopenssl1.0.0_<version>_<arch>.ipk".
The next time a library such as OpenSSL is updated to an incompatible
version, the ABI_VERSION shall be changed accordingly to prevent opkg from
simply upgrading to an incompatible library without considering the
dependencies of already installed packages.
Also introduce another "SourceName" control field which is required by
the newly introduced "scritps/ipkg-remove" to determine the proper related
.ipk files to delete upon buildroot package clean operations.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
In the case of upstream libraries, set the ABI_VERSION variable to the
soname value of the first version version after the last backwards
incompatible change.
For custom OpenWrt libraries, set the ABI_VERSION to the date of the
last Git commit doing backwards incompatible changes to the source,
such as changing function singatures or dropping exported symbols.
The soname values have been determined by either checking
https://abi-laboratory.pro/index.php?view=tracker or - in the case
of OpenWrt libraries - by carefully reviewing the changes made to
header files thorough the corresponding Git history.
In the future, the ABI_VERSION values must be bumped whenever the
library is updated to an incpompatible version but not with every
package update, in order to reduce the dependency churn in the
binary package repository.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This update fixes some cosmetical issues and a number of segmentation
faults when parsing lists having Conflicts or Replaces tags.
d217daf libopkg: fix replacelist parsing and writing
9dd9a07 libopkg: fix segmentation fault when traversing conflicts
34571ba libopkg: consider provided packages in pkg_vec_mark_if_matches()
18740e6 opkg_download: print error when fork() fails
e3d7330 libopkg: don't print unresolved dependencies twice
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
f52bb5b fix previous commit
18eac67 Fix entries in /etc/hosts disabling static leases.
f8c77ed Fix removal of DHCP_CLIENT_MAC options from DHCPv6 relay replies.
4bf62f6 Tidy cache_blockdata_free()
9c0d445 Fix e7bfd556c079c8b5e7425aed44abc35925b24043 to actually work.
2896e24 Check for not(DS or DNSKEY) in is_outdated_cname_pointer()
a90f09d Fix crash freeing negative SRV cache entries.
5b99eae Cache SRV records.
2daca52 Fix typo in ra-param man page section.
2c59473 File logic bug in cache-marshalling code. Introduced a couple of commits back.
cc921df Remove nested struct/union in cache records and all_addr.
ab194ed Futher address union tidying.
65a01b7 Tidy address-union handling: move class into explicit argument.
bde4647 Tidy all_addr union, merge log and rcode fields.
e7bfd55 Alter DHCP address selection after DECLINE in consec-addr mode. Avoid offering the same address after a recieving a DECLINE message to stop an infinite protocol loop. This has long been done in default address allocation mode: this adds similar behaviour when allocaing addresses consecutively.
The most relevant fix for openwrt is 18eac67 (& my own local f52bb5b
which fixes a missing bracket silly) To quote the patch:
It is possible for a config entry to have one address family specified by a
dhcp-host directive and the other added from /etc/hosts. This is especially
common on OpenWrt because it uses odhcpd for DHCPv6 and IPv6 leases are
imported into dnsmasq via a hosts file.
To handle this case there need to be separate *_HOSTS flags for IPv4 and IPv6.
Otherwise when the hosts file is reloaded it will clear the CONFIG_ADDR(6) flag
which was set by the dhcp-host directive.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
7abbed4 dhcpv6: add setting to choose IA_NA, IA_PD or both
dd1aefd router: add syslog tracing for skipped routes
0314d58 router: filter route information option
5e99738 router: make announcing DNS info configurable (FS#2020)
1fe77f3 router: check return code of odhcpd_get_interface_dns_addr()
8f49804 config: check for invalid DNS addresses
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
331ac70 Correctly update parent qlen when splitting GSO packets
581967c Makefile: Hook into Kbuild/Kconfig infrastructure
The parent qlen change is relevant if using cake as a leaf qdisc,
the makefile is a no-op.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
4ea9a2db164c Update upload-release.sh script and po files.
a01938d584b9 libelf: Mark both fsize and msize with const attribute.
c338a0541663 libebl: Don't update w, t and len unnecessarily in ebl_object_note_type_name.
422b549007f6 Prepare for 0.175
22ec8efc1dd8 elflint: Allow PT_GNU_EH_FRAME segment to match SHT_X86_64_UNWIND section.
cf10453f8252 libelf: Correctly setup alignment of SHF_COMPRESSED section data.
d3e6266754b9 strip: Also handle gnu compressed debug sections with --reloc-debug-sections
72e30c2e0cb4 Handle GNU Build Attribute ELF Notes.
7a3f6fe60b85 Recognize NT_VERSION notes.
cff53f1784c9 libcpu: Recognize bpf jump variants BPF_JLT, BPF_JLE, BPF_JSLT and BPF_JSLE
ecbe3120cddb libdwelf: New function dwelf_elf_begin.
4b0342b85b5b backends: Add x86_64 section_type_name for SHT_X86_64_UNWIND.
825e48c4e942 Also find CFI in sections of type SHT_X86_64_UNWIND
4789e0fb92b0 libelf: Explicitly update section data after (de)compression.
1628254ba215 strip: Add --reloc-debug-sections-only option.
f2d59180b90b strip: Extract code to update shdrstrndx into new common function.
f6ae0ab9350e strip: Split out debug section relocation into separate helper functions.
b15ee95bcee4 strip: Always copy over any phdrs if there are any.
e574889d92b1 unstrip: Add ELF_CHECK to make sure gelf_getehdr () doesn't return NULL.
5199e15870e0 Recognize and parse GNU Property notes.
b75ff1bbd060 addr2line: Use elf_getshdrstrndx not Ehdr field to print section name.
35197ea4c43e readelf: Use shstrndx to lookup section names.
9a74c190a2b3 backends: ppc use define instead of const for size of dwarf_regs array.
72d023b35f36 readelf: Make sure readp is smaller than cieend in print_debug_frame_section.
dce0b3b63ba0 readelf: Make sure readp is smaller than cieend in print_debug_frame_section.
1e7c230b277b Check sh_entsize is not zero.
22d2d082d57a size: Handle recursive ELF ar files.
2b16a9be6993 arlib: Check that sh_entsize isn't zero.
4cdb0fd0d3b4 ar: Assume epoch if ar_date is bogus.
577511f66842 findtextrel: Check that sh_entsize isn't zero.
20f9de9b5f70 libdwfl: Sanity check partial core file data reads.
2f4a040fab52 readelf: Handle multiple .debug_macro sections and decode header flag.
eee4269e5315 unstrip: Renumber the group section indexes.
c06ab0bbb476 strip, unstrip: Handle SHT_GROUP correctly.
2876b3b648f6 Handle ADD/SUB relocations
69d6e67eee30 tests: backtrace-dwarf.c improve error handling in test framework.
Originally-produced--by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Commit 3f0eb71dae added ALTERNATIVES for wget but not in correct
alphabetical order; increase PKG_RELEASE as well.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Don't symlink uclient-fetch anymore to /bin/wget but rather use
the ALTERNATIVES support for wget to install it as /usr/bin/wget.
Let uclient-fetch provide wget
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Busybox wget applet conflicts with the version from uclient.
Fix this by using ALTERNATIVE support for wget in busybox.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The Detection pin is at PF6 and not at PH13 like defined before. I
checked the schematics and now I am am not seeing this error message any
more:
Loading Environment from FAT... Card did not respond to voltage select!
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Disable the PMIC on Olimex A13 Olinuxino, as the SPL cannot set the
core voltage correctly, which causes the board to freeze later at
kernel if CPU throttling is enabled (see below). This will almost
certainly kill the VGA output (which requires LDO3 to be set), but
this is still a better option than to disable CPU throttling for
all Cortex-A8 based devices.
[ 2.485632] cpufreq: cpufreq_online: CPU0: Running at unlisted freq: 384000 KHz
[ 2.525698] cpufreq: cpufreq_online: CPU0: Unlisted initial frequency changed to: 432000 KHz
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Instead of using a fork of the ARM trusted firmware specifically for the
Allwinner SoCs, use the official version from ARM now, this version
supports the Allwinner SoCs now and the older ATF repository is
deprecated.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This updates the uboot for the sunxi target to version 2018.11
The removed patches are applied upstream and not needed any more.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes two build problems introduced with the recently added new
kernel module package.
Fixes: ed2839ac41 ("kernel/modules: add kmod-pmbus-zl6100 module")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This patch adds the kmod packaging for the Intersil / Zilker Labs
ZL6100 and compatible digital DC-DC controllers as well as the
core kernel module for the Power Management Bus.
Add:
kmod-pmbus-core
kmod-pmbus-zl6100
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
This fixes compilation of gdb on arm64.
The kernel defines "struct sigcontext" in asm/sigcontext.h and musl libc
defines it in signal.h, which collides.
Kernel 4.14 misses the definitions of struct user_sve_header so we still
have to use the aarch64-sve-linux-sigcontext.h header file which also
provides that and make sure aarch64-sve-linux-sigcontext.h does not
provide the same headers as the kernel or musl.
Fixes: FS#2040
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Set the LDFLAGS otherwise it will not get the target hardening flags or
any other generic flags provided in the LDFLAGS
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
d2e247d odhcp6c: align further with RFC8415
ce83a23 dhcpv6: avoid parsing unncessary IAs
b079733 dhcpv6: set cnt to correct IOV enum
41494da dhcpv6: get rid of request_prefix
f7437e4 dhcpv6: sanitize option request list
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The new samba36-hotplug package provides a hotplug.d script for the
"mount" subsystem. It automatically shares every mounted block device.
It works by updating /var/run/config/samba file which:
1) Is read by procd init script
2) Gets wiped on reboot providing a consistent state
3) Can be safely updated without flash wearing or conflicting with user
changes being made in /etc/config/samba
Cc: Rosy Song <rosysong@rosinson.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This will allow automation/hotplug.d scripts to store runtime shares in
the /var/run/config/samba. It's useful e.g. for USB drives that user
wants to be automatically shared.
Using /var/run/config/ provides:
1) Automated cleaning on reboots
It's important for consistency (to avoid sharing non-existing drives)
2) Safety for user non-commited changes
Automated scripts should never call "uci [foo] commit" as that could
flush incomplete config.
Another minor gain is avoiding flash wearing for runtime setup.
Cc: Rosy Song <rosysong@rosinson.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This fixes:
1) Getting STA info with newer firmwares
2) Getting DMI / UEFI / OF data
3) Possible memory corruption in firmware loading code
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
1) Using fwctx variable after brcmf_fw_request_done() was executed meant
accessing freed memory.
2) Using fwctx->completion for the wait_for_completion_timeout() call
could reuslt in NULL pointer dereference on fw loading error or if
brcmf_fw_request_done() was executed quickly enough.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Copy U-Boot to STAGING_DIR_IMAGE (and append it to the EVA-image from
there) to fix image generation using the image-builder.
Also remove the bootloader from DEVICE_PACKAGES and instead use the
BUILD_DEVICES directive from within the U-Boot makefile.
This fixes eva-image generation using the OpenWRT image-builder.
Signed-off-by: David Bauer <mail@david-bauer.net>
This patch deprecates the kmod-ptp-gianfar package and
introduces kmod-ptp-qoriq for 4.19+ in its place. This
has become necessary due to the linux kernel commit
ceefc71d4c05 ("ptp: rework gianfar_ptp as QorIQ common PTP driver")
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [reworded commit]
Currently busybox find and xargs conflict with the versions from
findutils package. Fix this by using ALTERNATIVES in busybox
and the related findutils (from packages feed) commit.
The conflict is due to the binaries being in the the same place
in rootfs and opkg not being happy about that.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
It seems, that since Linux 4.18-rc1 rtc-ds1307 depends on hwmon-core.
commit 6b583a64fd1e019fd01626b46892ebf2361951c5
Author: Heiner Kallweit <hkallweit1@gmail.com>
Date: Wed Sep 27 22:41:26 2017 +0200
rtc: ds1307: simplify hwmon config
We don't have to define an extra config symbol, IS_REACHABLE does
what we need. And having this config symbol just to save the few
bytes of hwmon support on non-DS3231 chips isn't worth it IMO
(especially as the symbol is set per default).
While at it, use the same dependency check for `kmod-regmap` as well, so
it's future proof as well.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
70f8785 zones: add zone identifying local traffic in raw OUTPUT chain
6920de7 utils: Free args in __fw3_command_pipe()
6ba9105 options: redirects: Fix possible buffer overflows
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This commit adds the nescessary settings to allow reading the uboot environment variables on the GL.iNet GL-B1300 board.
Signed-off-by: Ibrahim Tachijian <barhom@netsat.se>
This updates hostapd to version the git version from 2018-12-02 which
matches the 2.7 release.
The removed patches were are already available in the upstream code, one
additional backport is needed to fix a compile problem.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is a big block(d) cleanup with new feature of generating "mount"
hotplug.d events.
It's an important update for those who were using mountd in the
pre-18.06 releases. Due to the mountd being replaced with blockd a
support for "mountd" hotplug.d events has been lost. It broke all kind
of shell scripts that were e.g. managing services depending on an
external USB drive availability.
This basically (re-)adds support for calling /etc/hotplug.d/mount/
scripts with ACTION ("add" or "remove") and DEVICE set.
af93f4b block(d): improve hotplug.d "mount" events for the autofs
3bb3352 blockd: unmount device explicitly when it disappears
28753b3 block: remove target directory after unmounting
c8c7ca5 block: cleanup handling "start" action of the "autofs" command
f1bb762 block: make blockd_notify() return an int instead of void
71c2bde block: generate hotplug.d mount events
30f5096 block: validate amount of arguments for the "autofs" command
dc6a462 blockd: don't reparse blob msg in the vlist callbacks
f6a9686 blockd: don't unmount device when removing it from the list
1913fea block: don't duplicate unmounting code in the mount_action()
6b445fa block: make umount_device() function more generic
a778468 block: don't duplicate mounting code in the mount_device()
5dc631d block: simplify code picking mount target directory
2971779 block: move blockd_notify() call out of the conditional blocks
b86bd6e block: fix formatting & indent in the mount_device()
e12c0d6 fstools: use EXIT_FAILURE when indicating error on exit
091aa3d fstools: guard usage of WEXITSTATUS
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This commit allows to use non-standard UBI volume name as the rootfs
volume in sysupgrade.
ex.:
The U-Boot on Buffalo WXR-2533DHP checks existence and checksum of
"ubi_rootfs" volume when booting, so this name is required.
OpenWrt currently provides several patches:
490-ubi-auto-attach-mtd-device-named-ubi-or-data-on-boot.patch
491-ubi-auto-create-ubiblock-device-for-rootfs.patch
492-try-auto-mounting-ubi0-rootfs-in-init-do_mounts.c.patch
to facilitate ubi rootfs automount. However the upstream kernel
also supports the means of booting from a fully custom ubi
partition name and ubi volume name via bootargs/kernel's cmdline
parameters:
ubi.mtd=mtd_partition_name
ubi.block=rootfs_volume_name
root=/dev/ubiblock$X_$Y
For more information and examples visit the wiki over at linux-mtd:
<http://www.linux-mtd.infradead.org/faq/ubifs.html>
<http://www.linux-mtd.infradead.org/doc/ubi.html>
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [reworded commit]
Update busybox to 1.30.0.
Refresh patches.
Leave new features disabled by default.
Config refreshed via:
cd package/utils/busybox/config/
../convert_menuconfig.pl ../../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-1.30.0
make package/busybox/compile
cd package/utils/busybox
./convert_defaults.pl < ../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-1.30.0/.config > Config-defaults.in
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
This device is called GL-AR300M, therefore rename the board(s)
to 'gl-ar300m-nor' and 'gl-ar300m-nand'
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
[change boardname in uboot envtools as well, don't use wildcards for
boardname]
Signed-off-by: Mathias Kresin <dev@kresin.me>
check_signature is a bool option and doesn't take any arguments. The
presence of the 1 falsely suggests setting it to 0 disables the check,
while the option actually needs to be removed or commented out to be
disabled. So remove the argument to make it more clear.
Fixes: beca028bd6 ("build: add integration for managing opkg package feed keys")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Before installing an interface triggger check if an interface
trigger for the interface is already in place.
This avoids installing identical interface triggers for a given
interface
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
omcproxy will not start up if either the downlink or uplink interface is
not up at boottime as the interface triggers are not correctly
installed.
Further rework omcproxy init to make use of network functions defined
in network.sh; set proper family and proto options in procd firewall
rules.
Signed-off-by: David Santamaría Rogado <howl.nsp@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
dd508af iwinfo: fix QCA9984 vendor id
0eaabf1 iwinfo: add device id for Atheros AR9287
6e998ec iwinfo: add device id for MediaTek MT7612E
5aa8c54 libiwinfo: nl80211: add mesh stats on assoclist.
77a9e98 iwinfo: Add Mikrotik R11e-2HPnD and R11e-5HacT to hardware list
Signed-off-by: Mathias Kresin <dev@kresin.me>
This reverts commit fd569e5e9d.
After an extra review & discussion few concerns were raised regarding
that feature:
1) It reacts to hotplug.d "block" events instead of more accurate (but
currently unavailable) "mount" events.
2) It requires *something* to mount block device before samba hotplug.d
gets fired. Otherwise samba_add_section() will just return.
3) It doesn't reload Samba which some users may expect
4) It operates on /etc/ which is not a right place for autogenerated
ephemeral config.
5) It doesn't include any cleanup for non-existing shares.
Cc: Rosy Song <rosysong@rosinson.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
417ab77 mt7603: improve recovery from PSE reset failure
fea7ad8 mt76: move mt76x02_phy_get_min_avg_rssi to mt76 core
9d009be mt7603: add dynamic sensitivity tuning based on false CCA events
2c8e9ac mt7603: initialize channel maximum power from eeprom data
b2cc29b mt76: move mt76x02_get_txpower to mt76 core
6203d46 mt7603: add support for setting transmit power
294e095 mt7603: reset DMA scheduler on MT7628
8178f0d mt7603: apply efuse data only when it exists
e67e551 mt76: dma: remove napi from mt76_dma_rx_fill signature
0490bd2 mt76: usb: do not build the skb if reported len does not fit in buf_size
eb076ae mt76: Add missing include of linux/module.h
1d2819e mt76: fix typo in mt76x02_check_mac_err routine
9c9fae3 mt76: mac: run mt76x02_mac_work routine atomically
6be90b6 mt76: usb: avoid queue/status spinlocks while passing tx status to mac80211
40dad32 mt76x0: pci: fix ACS support
d94e9c4 mt76x02: do not set protection on set_rts_threshold callback
0d83d73 mt76x02: fixup MT_PROT_RATE_* defines
628f8d7 mt76x02: set protection according to ht operation element
f7d8c17 mt76x0: configure MT_VHT_HT_FBK_CFG1
10f57cf mt76x2: add static qualifier to mt76x2_init_hardware
37b2ad3 mt76: dfs: run mt76x02_dfs_set_domain atomically
51b6daf mt76x2: init: set default value for MT_TX_LINK_CFG
9661da4 mt76: add energy detect CCA support to mt76x{0,2}e drivers
876d0e9 mt76: mac: minor optimizations in mt76x02_mac_tx_rate_val
c78e317 mt76: dma: do not build skb if reported len does not fit in buf_size
3598046 mt76: mmio: introduce mt76x02_check_tx_hang watchdog
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Since kernel 4.18 support for Qualcomm glue layer was
moved from DWC3 OF Simple to a separate DWC3 QCOM module.
So lets add it and make it depend on 4.19 kernel and make
sure that DWC3 OF Simple is not included if 4.19 is used.
Signed-off-by: Robert Marko <robimarko@gmail.com>
This version removes a lot of unusefull warnings that would quickly overflow the dmesg.
Warnings like this:
ath10k_ahb a800000.wifi: Invalid legacy rate 26 peer stats
ath10k_ahb a000000.wifi: Invalid VHT mcs 15 peer stats
On this version I only had 2 warnings at all.
Tested on 8devices Jalapeno.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Based on the process of discovery in
https://github.com/openwrt/openwrt/pull/1613, it has become clear
that (at least) the PowerCloud System CR5000 was unable to get
working 5GHz wireless (PCIe) because AH_USE_EEPROM was unconditionally
masked out, not only when qca,noeeprom was in the DTS.
This patch moves mask AH_USE_EEPROM into the if ... qca,noeeprom
OF test.
Thanks to Christian Lampartar (@chunkeey) for the heavy lifting and help.
Patch has been prepared for upstream and will be submitted after review
by @chunkeey and @xdarklight.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
GCC 8.0+ <https://gcc.gnu.org/gcc-8/changes.html> introduces a new
warning about unsafe macros expanding to multiple statements used
as a body of a statement such as if, else, while, switch, or for.
In combination with -Werror this can cause the compilation to fail:
|In file included from xmalloc.c:37:
|xmalloc.c: In function 'xmalloc':
|system.h:39:2: error: macro expands to multiple statements [-Werror=multistatement-macros]
| fflush(stdout); \
| ^~~~~~
|xmalloc.c:52:5: note: in expansion of macro 'error'
| error (EXIT_FAILURE, 0, _("memory exhausted"));
| ^~~~~
|xmalloc.c:51:3: note: some parts of macro expansion are not guarded by this 'if' clause
| if (p == NULL)
| ^~
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
67ce93e Fix compile error on kernel 4.15+
c1345bb Change driver version to 10.3.8.0-20181210.
9cb815b Upgrade 88W8997 firmware to 8.4.4.6.
433fc6d Fix non-backport use of nla_parse before 4.12.0
3b36e21 Use wiphy_to_ieee80211_hw() instead of wiphy_priv()
97ebcfa Change driver version to 10.3.8.0-20181120.
f000953 Upgrade 88W8997 firmware to 8.4.4.4.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Depending on the global nls support configuration in the buildroot, the
linked libelf.so library might depend on libintl.so.
Import the nls.mk helper to set library prefixes and flags accordingly
in this case.
Ref: https://github.com/openwrt/packages/issues/7728#issuecomment-448760140
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When building with full lagnuage support, libelf.so will depend on and
link with libintl.so so we need to change the pkg-config template to
reflect this library dependency.
Also change the Makefile to only pass --disable-nls to configure when
the full nls support is actually disabled in the buildroot config.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The iproute2 build system links libelf support to every utility while only
the tc program actually requires libelf specific functionality.
Unfortunately the BPF ELF functionality is not confined into an own
compilation unit but added to the existing bpf.c sources of the shared
static libutil.a, causing every iproute2 applet to pick up an implicit
libelf.so dependency.
In order to avoid this requirement, patch the iproute2 build system to
create both a libutil.a and a libutil-elf.a, with the former being built
without libelf functionality and to only link the tc applet with the libelf
enabled libutil.
Finally, make the tc package depend on libelf to solve compilation errors.
Ref: https://github.com/openwrt/packages/issues/7728
Fixes: FS#2011
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Support other packages using pkg-config to query existence and details of
libelf and libdw libraries at build time.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
This file is needed to properly use the tc ematch modules present in
kmod-sched-core and kmod-sched. It is a read-only index file of ematch
methods used only by tc.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
The LS1021A-IoT gateway reference design based on the
QorIQ LS1021A processor is a purpose-built, small
footprint hardware platform with a wide array of
high-speed connectivity and low-speed serial interfaces
to support secure delivery of IoT services for home,
business or other commercial location.
- Combines standards-based, open source software with a
feature-rich IoT gateway design to establish a common,
open framework for secured IoT service delivery and
management.
- Provides a wide assortment of high-speed and serial-based
connectivity in a compact, highly secure design.
- High efficiency through the use of the Arm-based QorIQ
LS1021A embedded processor.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: Biwen Li <biwen.li@nxp.com>
It seems, that since Linux 4.18-rc2 ci_hdrc depends on ulpi.
commit a930d8bd94d8db7715d1af74299f710b1fb22fc8
Author: Fabio Estevam <fabio.estevam@nxp.com>
Date: Wed Jul 4 10:09:58 2018 -0300
usb: chipidea: Always build ULPI code
Commit 03e6275ae381 ("usb: chipidea: Fix ULPI on imx51") causes a kernel
hang on imx51 systems that use the ULPI interface and do not select the
CONFIG_USB_CHIPIDEA_ULPI option.
In order to avoid such potential misuse, let's always build the
chipidea ULPI code into the final ci_hdrc object.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
After changing board names to DT compat string, we also need to
adjust the script which generates uboot-env configuration files.
Fixes: e880a30549 ("mxs: use generic sysinfo board detection")
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
According to https://github.com/openwrt/openwrt/pull/1527, support
for the Buffalo BHR-4GRV2 in ath79 requires repartitioning from
an initramfs image, make this easier by supporting uboot-envtools
support out of the box.
Build tested, but not runtime tested.
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Port support for the Buffalo WZR-HP-AG300H from the ar71xx target to
ath79 as well.
Build- and runtime tested on the Buffalo WZR-HP-AG300H.
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Interface triggers are installed by the dropbear init script in case an
interface is configured for a given dropbear uci section.
As dropbear is started after network the interface trigger event can be
missed during a small window; this is especially the case if lan is
specified as interface.
Fix this by starting dropbear before network so no interface trigger
is missed. As dropbear is started earlier than netifd add a boot function
to avoid the usage of network.sh functions as call to such functions will
fail at boottime.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
In the upstream netdev led trigger the one mode file was replaced by 3
files named rx, tx and link. Fix the netdev trigger configuration code
to use the modified API.
Fixes: aa3b6a08c5 ("kernel: Replace ledtrig-netdev with upstream backport")
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This reverts commit 216397b812.
Due to:
Package ip-tiny is missing dependencies for the following libraries:
libelf.so.1
Makefile:187: recipe for target '/var/lib/buildbot/slaves/slave-lede-builds4/mips_24kc/build/sdk/bin/packages/mips_24kc/base/ip-tiny_4.19.0-6_mips_24kc.ipk' failed
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
The eapol-test application also uses the code with the newly activated
ubus support, add the missing dependency.
Fixes: f5753aae23 ("hostapd: add support for WPS pushbutton station")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
mbedtls uses some instructions introduced in ARMv6 which are not
available in older architectures.
Fixes: 3f7dd06fd8 ("mbedtls: Update to 2.14.1")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Update mbedtls to 2.14.1
This fixes:
* CVE-2018-19608: Local timing attack on RSA decryption
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
[Update to 2.14.1]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Fixes these warnings:
swlib.c:455:18: warning: implicit declaration of function 'isspace'
swlib.c:461:9: warning: implicit declaration of function 'isdigit'
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Added two upstream mailing list patches that fix behavior under big endian
systems. Issue was present since version 1.11.0.
Tested on Turris Omnia.
Original discussion: https://github.com/openwrt/openwrt/pull/1575
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Use a forked version of the rtl8812au driver that works better
with OpenWRT (fix compile bugs, fix phy MAC address, etc)
Signed-off-by: Ben Greear <greearb@candelatech.com>
[update to 2018-11-16, replace rtw_byteorder.h, rename folder]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This updates the ath10k-ct driver to the version from 2018-12-11 and
selects the ath10k-ct version based on kernel 4.19 by default.
CONFIG_ATH10K_CE was introduced between kernel 4.16 and 4.19 and is a
mandatory option.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
In mainline kernel commit 02c7b25e5f5 ("netfilter: nf_tables: build-in
filter chain type") all chain filters were merged into one file and into
one kernel module to save some memory. The code protected by these
configuration options CONFIG_NF_TABLES_BRIDGE, CONFIG_NF_TABLES_IPV4,
CONFIG_NF_TABLES_ARP, CONFIG_NF_TABLES_IPV6, CONFIG_NF_TABLES_NETDEV and
CONFIG_NF_TABLES_INET was merged into the nft_chain_filter.c file which
is now always compiled into the nf_tables.ko file.
This only happened in kernel 4.19 and OpenWrt has to select these as
modules in older kennel versions. Mark them as build-in in the kernel
4.19 specific kernel configuration file which will then not be
overwritten by the package specific settings which try to make them
modular again.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
CONFIG_HW_RANDOM_TPM does not activate a separate kernel module any
more, but it only activates the random code in the tpm.ko.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The video-videobuf2 kernel modules were moved to a new folder in kernel
4.19. videobuf2-v4l2.ko is only available since kernel 4.4, blacklist
this kmod completely on kernel 3.18.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The x86 optimized cryptographic algorithm kernel modules now mostly use
crypto_simd.ko instead of lrw.ko in kernel 4.19. Add the new module to
the kmod-crypto-misc package.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The asn1_decoder.ko module is needed by the kmod-nf-nathelper-extra
package in kernel 4.19, extract it and add the missing dependencies.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Kernel interface changed with kernel 4.19, it does not accept raw GPIO
numbers any more. Deactivate these drivers on kernel 4.19 for now.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The r8169 driver uses the phy lib with the realtek phy driver in kernel
4.19 instead of integrating the phy driver into the mac driver.
Add the new phy driver and add this missing dependency.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The ledtrig-netdev was added to upstream Linux kernel 4.16, replace our
own version with the patch based on the upstream version.
This will remove the ledtrig-netdev support from kernel 3.18, because I
not want to spend time on backporting it to 3.18. This will make it
easier to use the upstream version with kernel 4.19, by just not
applying this patch.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
63843750 Update manual pages
27801e98 Bump up version number to 1.35.1
60e020a8 nghttpx: Fix broken trailing slash handling
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The above options were incorrectly changed to required tags. Make them
optional again.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Backport upstream patch fixing incorrect passing of -lxtables to
LDFLAGS instead of LDLIBS in the tc/Makefile
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This updates the backports package used in mac80211 to version 4.19.7-1
which is based on kernel 4.19.7. This integrates all the stable fixes
introduces in this kernel version.
The deleted patches are not needed any more because they are either
included in the upstream Linux kernel 4.19.7 or in backports 4.19.7-1.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
In hack/904-debloat_dma_buf.patch, DMA_SHARED_BUFFER is changed from
bool to tristate. As this patch is not applied to external kernel
sources, build fails if kmod-dma-buf is enabled. Fix this by only
including the module file if CONFIG_EXTERNAL_KERNEL_TREE and
CONFIG_KERNEL_GIT_CLONE_URI are not enabled.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
3aa81d0 file: access exec timeout via daemon ops structure
7235f34 plugin: store pointer to exec timeout value in the ops structure
ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
During upstream removal of conditional ipv6 support an order swap error
was made in a ternary operator usage.
This patch sent upstream.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
The argument to print_0xhex is converted to unsigned long long
so the format string give for normal printout has to be some
variant of %llx. Backport the patch as otherwise, bogus values
will be printed on 32 bit platforms.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This partitialy reverts commit ccab68f2d3.
Registering the GPIO chip without a parent device completely breaks the
ath9k GPIOs for device tree targets.
As long as boards using the devicetree don't have the gpio-controller
property set for the ath9k node, the unloading of the driver works as
expected.
Register the GPIO chip with the ath9k device as parent only for OF
targets to find a trade-off between the needs of driver developers and
the broken LEDs and buttons seen by users.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Beside one exception, no one took care of these two remaining boards
still using the legacy image build code during the last two years.
Since OpenWrt 14.07 the ALLNET ALL0239-3G image building is broken.
The Sitecom WL-341 v3 image build code looks pretty hackish and broken.
It's questionable if the legacy image works as all.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Support other packages using pkg-config to query existence and details of
libelf and libdw libraries at build time.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
similar to hostapd, also add a ubus interface for wpa_supplicant
which will allow handling WPS push-button just as it works for hostapd.
In order to have wpa_supplicant running without any network
configuration (so you can use it to retrieve credentials via WPS),
configure wifi-iface in /etc/config/wireless:
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'wwan'
option mode 'sta'
option encryption 'wps'
This section will automatically be edited if credentials have
successfully been acquired via WPS.
Size difference (mips_24kc): roughly +4kb for the 'full' variants of
wpa_supplicant and wpad which do support WPS.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This patch updates the uboot-fritz4040 package to the latest version.
The portability and private-libgcc patches, as well as the
upload-to-f4040.sh script have been added to the upstream repository.
Furthermore, the upload-to-f4040 has been updated to take the first
parameter as the file it is supposed to flash, otherwise it defaults
to the previous "uboot-fritz4040.bin". Furthermore the error messages
have been improved and ftp will now dump some "progress information"
to the user's console.
Also included is support for gcc 8+ and a fix for the obnoxous error
that currently breaks the builders:
| fritz/src/lzma2eva.c:23:30: fatal error: zlib.h: No such file or directory
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Backport upstream commits. Most interesting 122392e which changes how
SERVFAIL is handled especially in event of genuine server down/failure
scenarios with multiple servers. a799ca0 also interesting in that
answered received via TCP are now cached, DNSSEC typically using TCP
meant until now answers weren't cached, hence reducing performance.
59e4703 Free config file values on parsing errors.
48d12f1 Remove the NO_FORK compile-time option, and support for uclinux.
122392e Revert 68f6312d4bae30b78daafcd6f51dc441b8685b1e
3a5a84c Fix Makefile lines generating UBUS linker config.
24b8760 Do not rely on dead code elimination, use array instead. Make options bits derived from size and count. Use size of option bits and last supported bit in computation. No new change would be required when new options are added. Just change OPT_LAST constant.
6f7812d Fix spurious AD flags in some DNS replies from local config.
cbb5b17 Fix logging in cf5984367bc6a949e3803a576512c5a7bc48ebab
cf59843 Don't forward *.bind/*.server queries upstream
ee87504 Remove ability to compile without IPv6 support.
a220545 Ensure that AD bit is reset on answers from --address=/<domain>/<address>.
a799ca0 Impove cache behaviour for TCP connections.
Along with an additional patch to fix compilation without DHCPv6, sent
upstream.
I've been running this for aaaages without obvious issue hence brave
step of opening to wider openwrt community.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
This reverts commit a6a8fe0be5.
buildbot found an error
option.c: In function 'dhcp_context_free':
option.c:1042:15: error: 'struct dhcp_context' has no member named 'template_interface'
free(ctx->template_interface);
revert for the moment
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Backport upstream commits. Most interesting 122392e which changes how
SERVFAIL is handled especially in event of genuine server down/failure
scenarios with multiple servers. a799ca0 also interesting in that
answered received via TCP are now cached, DNSSEC typically using TCP
meant until now answers weren't cached, hence reducing performance.
59e4703 Free config file values on parsing errors.
48d12f1 Remove the NO_FORK compile-time option, and support for uclinux.
122392e Revert 68f6312d4bae30b78daafcd6f51dc441b8685b1e
3a5a84c Fix Makefile lines generating UBUS linker config.
24b8760 Do not rely on dead code elimination, use array instead. Make options bits derived from size and count. Use size of option bits and last supported bit in computation. No new change would be required when new options are added. Just change OPT_LAST constant.
6f7812d Fix spurious AD flags in some DNS replies from local config.
cbb5b17 Fix logging in cf5984367bc6a949e3803a576512c5a7bc48ebab
cf59843 Don't forward *.bind/*.server queries upstream
ee87504 Remove ability to compile without IPv6 support.
a220545 Ensure that AD bit is reset on answers from --address=/<domain>/<address>.
a799ca0 Impove cache behaviour for TCP connections.
I've been running this for aaaages without obvious issue hence brave
step of opening to wider openwrt community.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Openwrt no longer uses and has not used since 5acfe55d71 Jun 2016 the
timestamp file (/etc/dnsmasq.time) method of resolving the dnssec/ntp
dnslookup chicken/egg problem, having used signals from ntp since that
change.
Drop the 'dnssec-improve-timestamp-heuristic' patch since it is neither
used nor sent upstream. One less thing to refresh & maintain.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
When '-k' is used, sysupgrade inserts into backup a new file
/etc/backup/installed_packages.txt which contains pkgname and origin (rom,
overlay, unknown) without touching rootfs.
It's mainly used to reinstall all extra packages:
# opkg update
# grep "\toverlay" /etc/backup/installed_packages.txt | cut -f1 | xargs -r opkg install
# rm /etc/backup/installed_packages.txt
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Add sysupgrade '-o' option in order to include all overlay files in
backup, except for those that are from packages but including files
listed in conffiles, sysupgrade.conf or /lib/upgrade/keep.d.
With '-u' option, it will skip files equals to /rom and conffiles that
were not changed.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
With '-u', for a file /aaa/bbb/ccc enlisted for backup,
it will only get into backup if /rom/aaa/bbb/ccc does not
exist or /aaa/bbb/ccc is different from /rom/aaa/bbb/ccc.
It also works with '-c', but only effective for files touched
but not modified.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Renamed add_uci_conffiles to add_conffiles as it includes
any conffiles listed, not only UCI ones.
Make do_save_conffiles arg mandatory
Allow other options after -l (like -c)
Do not use stdout for error messages (fixes backup to stdout)
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
This now matches what was generated locally on my PC and the file on the
mirror server.
Fixes: 575d0240f9 ("ath10k-firmware: update board-2.bin for community firmwares")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Drop 030-extensions-libxt_bpf-Fix-build-with-old-kernel-versi.patch as pushed upstream
Added patches :
001-extensions_format-security_fixes_in_libip.patch
002-include_fix_build_with_kernel_headers_before_4_2.patch
101-remove-register-check.patch
The first and the second patch are upsteam fixes for compilation errors.
The third patch remove check if one target lib is already registred; this is caused by
shared libs that are loaded before the iptables execution.
Iptables changelog:
bba6bc6 (tag: v1.8.2) configure: bump versions for 1.8.2 release
61d6c38 xtables: add 'printf' attribute to xlate_add
5edb249 libxtables: xlate: init buffer to zero
9afd2a6 tests: shell: fix expected arptables-save output
6387941 arptables: fix --version info
d703c1f arptables: ignore --table argument.
d5754e3 arptables: make uni/multicast mac masks static
1b63e66 arptables: add test cases
5aecb2d arptables: pre-init hlen and ethertype
9677ed1 arptables: fix src/dst mac handling
ab0b6d5 arptables: fix target ip offset
c0c75ce arptables: fix -s/-d handling for negation and mask
3ac65af arptables: add basic test infra for arptables-nft
e31564f arptables: fix rule deletion/compare
2345ff6 arptables: remove code that is also commented-out in original arptables
50c2397 arptables-save: add -c option, like xtables-save
d9a518e arptables: use ->save for arptables-save, like xtables
5a52e6a extensions: test protocol and interface negation
85d7df9 xtables: Fix error return code in nft_chain_user_rename()
3ccb443 xtables: Clarify error message when deleting by index
95db364 xtables: Fix typo in do_command() error message
5f508b7 ebtables: use extrapositioned negation consistently
583b27e ebtables-save: add -c option, using xtables-style counters
e6723ab nft: add NFT_TABLE_* enumeration
21ec111 nft: replace nft_chain_dump() by nft_chain_list_get()
05947c8 iptables-nft: fix -f fragment option
7bd9feb libxtables: add and use mac print helpers
a10eb88 extensions: libebt_ip: fix tos negation
9b127b7 extensions: libebt_ip6: fix ip6-dport negation
c59ba1b xtables-nft: make -Z option work
1bf4a13 nft: add missing error string
a9f9377 iptables-tests: add % to run iptables commands
b81c8da iptables-tests: do not append xtables-multi to external commands
edf2b7c ebtables-nft: add arpreply target
2d1372e ebtables: add redirect test case
c3e8dbd ebtables: add test cases
cd90cef ebtables: relax -t table restriction, add snat/dnat test cases
fd95f1f ebtables: fix -j CONTINUE handling for add/delete
fb747f8 tests: add basic ebtables test support
d4bc5a3 iptables-nft: fix bogus handling of zero saddr/daddr
9ff9915 iptables-test: fix netns test
8c918db xtables: Fix for matching rules with wildcard interfaces
b2fc2a3 extensions: limit: unbreak build without libnftnl
682f39a xtables: Fix for spurious errors from iptables-translate
90f7dc3 (tag: v1.8.1) configure: bump versions for 1.8.1 release
0123183 iptables-test: add -N option to exercise netns removal path
abae556 libxtables: expose new etherdb lookup function through libxtables API
c2d9ed9 libxtables: prefix exported new functions for etherdb lookups
5a44360 Revert "extensions: libxt_quota: Allow setting the remaining quota"
2673faf xtables: Remove target_maxnamelen field
8ca3436 extensions: cgroup: fix option parsing for v2
0a8f2bc extensions: libxt_quota: Allow setting the remaining quota
b373a91 nft-shared: Use xtables_calloc()
5a40961 arptables: Use the shared nft_ipv46_parse_target()
9f07503 Combine parse_target() and command_jump() implementations
7373297 Combine command_match() implementations
a76ba54 libiptc: NULL-terminate errorname
a3716cc libxtables: Check extension real_name length
0195b64 iptables: Gitignore xtables-{legacy, nft}-multi scripts
671e40a xtables: Drop pointless check
7c9a152 arptables: Fix incorrect strcmp() in nft_arp_rule_find()
11e91a4 xtables: Don't read garbage in nft_ipv4_parse_payload()
d95c1e8 libxtables: Use posix_spawn() instead of vfork()
7e50eba Fix a few cases of pointless assignments
f40ce2d extensions: libebt_ip{, 6}: Drop pointless error checking
47fb86c nft-arp: Drop ineffective conditional
80aae9b iptables: Use print_ifaces() from xtables
8da04ff Share print_ipv{4,6}_addr() from xtables
b686594 iptables-apply: Replace signal numbers by names
f175dee iptables-apply: Quote strings passed to echo
52aa150 nfnl_osf: Replace deprecated nfnl_talk() by nfnl_query()
61ebf3f libxtables: Don't read garbage in xtables_strtoui()
ab639f2 libxtables: Avoid calling memcpy() with NULL source
22ef371 libiptc: Simplify alloc_handle() function signature
6b7145f libxt_time: Drop initialization of variable 'year'
749d3c2 libxt_ipvs: Avoid potential buffer overrun
8e798e0 libxt_conntrack: Avoid potential buffer overrun
74eb239 libxt_conntrack: Version 0 does not support XT_CONNTRACK_DIRECTION
d0c1f1b libxt_LED: Avoid string overrun while parsing led-trigger-id
23ef6f0 xtables: Remove unused variable in nft_is_table_compatible()
4e499d5 ip{, 6}tables-restore: Fix for uninitialized array 'curtable'
1788f54 Mark fall through cases in switch() statements
31f1434 libxtables: Integrate getethertype.c from xtables core
7ae4fb1 xtables: Fix for wrong assert() in __nft_table_flush()
8c786a3 nfnl_osf: Drop pointless check in xt_osf_strchr()
6fc7762 libxt_string: Fix array out of bounds check
2a68be1 xtables-save: Ignore uninteresting tables
f9efc8c extensions: add cgroup revision 2
9b8cb16 extensions: REJECT: Merge reject tables
56d7ab4 libxt_string: Avoid potential array out of bounds access
bfd41c8 ebtables: Fix for potential array boundary overstep
e6f9867 libiptc: Avoid side-effect in memset() calls
4144571 libxtables: Fix potential array overrun in xtables_option_parse()
9242b5d xtables: Accept --wait in iptables-nft-restore
c9f4f04 xtables: Don't check all rules for being compatible
15606f2 doc: Improve layout of u32 instructions
7345037 xtables-restore: Fix flushing referenced custom chains
7df11d1 xtables: Drop use of IP6T_F_PROTO
b6a06c1 xtables: Align return codes with legacy iptables
3bb497c xtables: Fix for deleting rules with comment
0800d9b ip6tables-translate: Fix libip6t_mh.txlate test
4cf650c ebtables-translate: Fix for libebt_limit.txlate
783e9c2 xtables: Add missing deinitialization
9771d06 ebtables: Review match/target lookup once more
85ed1ab extensions: libebt_mark: Drop mark_supplied check
6a46ca0 xtables: Add a few missing exit calls
acde6be ebtables-translate: Fix segfault while parsing extension options
2c4e4d2 ebtables: trivial: Leverage C99-style initializers a bit more
9f5b28a xlate-test: Fix for calling wrong command name
1a878a7 extensions: AUDIT: Provide translation
5ee03e6 xtables: Use meta l4proto for -p match
37b68b2 xtables: Fix for segfault when registering hashlimit extension
92f7b04 xtables: Fix for segfault in iptables-nft
294f9ef ebtables: Fix entries count in chain listing
6f29aa8 xtables: Make 'iptables -S nonexisting' return non-zero
7bccf30 ebtables: Fix for listing of non-existent chains
3d9a13d xtables: Fix for no output in iptables-nft -S
a33c6fd arptables: Drop extensions/libxt_mangle.c
02b8097 ebtables: Merge libebt_limit.c into libxt_limit.c
5de8dcf xtables: Use native nftables limit expression
514de48 ebtables: Remove flags misinterpretations
528cbf9 xtables: Fix for wrong counter format in -S output
9ca32c4 xtables: Don't pass full invflags to add_compat()
e055aeb xtables: Improve xtables-monitor first impression
b925733 tests: Fix skipping for recent nft-only tests
277f374 xtables: Spelling fixes in xtables-monitor
a9d9f64 xtables: Fix potential segfault in nft_rule_append()
fbf0bf7 tests: Add ebtables-{save,restore} testcases
f1d8508 tests: Add arptables-{save,restore} testcases
63c3dae xtables: Implement arptables-{save,restore}
aa7fb04 ebtables: Review match/target lookup
3f123dc ebtables-restore: Use xtables_restore_parse()
295d5a8 xtables-restore: Make COMMIT support configurable
1679b2c xtables-restore: Improve user-defined chain detection
2ce9f65 xtables: Match verbose ip{,6}tables output with legacy
cd79556 xtables: Reserve space for 'opt' column in ip6tables output
0357254 xtables: Print error when listing non-existent chains
206033e xtables: Fix for no output on first iptables-nft invocation
a0698de xtables: Do not count rules as chain references
d11b6b8 arptables: Fix jumps into user-defined chains
3f27955 arptables: Fix opcode printing in numeric output
f988fe4 xtables: Fix symlinks/names for ebtables-{save, restore}
3319c61 ebtables: Support --init-table command
3ec8aac arptables: Print policy only for base chains
83bc189 arptables: Fix for trailing spaces in output
aaed1b6 arptables: Fix memleaks in do_commandarp()
d67d85d ebtables: Print non-standard target parameters
2e478e9 ebtables: Fix match_list insertion
a192f03 ebtables: Fix for wrong program name in error messages
a2ed880 xshared: Consolidate argv construction routines
1cc0918 xshared: Consolidate parse_counters()
78b9d43 Consolidate DEBUGP macros
14ad525 xtables: Fix program name in xtables_error()
f7bbdb0 xtables: Use correct built-in chain count
ae574b2 xtables: Fix compilation with NLDEBUG defined
82d278c xtables: Free chains in NFT_COMPAT_CHAIN_ADD jobs
c2895ea xtables: Free chains in NFT_COMPAT_CHAIN_USER_DEL jobs
89d3443 xtables: Fix for nft_rule_flush() returning garbage
c259447 xtables: Allocate rule cache just once
ed30b93 nft: don't print rule counters unless verbose
31e4b59 iptables-restore: free the table lock when skipping a table
f8e29a1 xtables: avoid bogus 'is incompatible' warning
6ea7579 nft: decode meta l4proto
922508e xtables: implement ebtables-{save,restore}
25ef908 xtables: introduce nft_init_eb()
de8574a xtables: parameter to add_argv() may be const
6f60f22 xtables: pass format to nft_rule_save()
f3b772c xtables: introduce save_chain callback
fa1681f xtables: rename {print,save}_rule functions
444d581 xtables: get rid of nft_ipv{4,6}_save_counters()
34e1e23 xtables: eliminate nft_ipv{4,6}_rule_find()
de782e8 xtables: merge nft_ipv{4,6}_parse_target()
ae8eece xtables: get rid of nft_ipv{4,6}_print_header()
2687794 xtables: arp: make rule_to_cs callback private
1bf73c4 xtables: Use new callbacks in nft_rule_print_save()
1866625 xtables: introduce rule_to_cs/clear_cs callbacks
0589457 xtables: simplify struct nft_xt_ctx
d9c6a5d xtables: merge {ip,arp}tables_command_state structs
87b5b9e iptables: replace memset by c99-style initializers
907da5c xtables: fix crash if nft_rule_list_get() fails
565a223 xtables: Support nft suffix for arptables and ebtables
c468f01 tests: check iptables retval, not echo
47d1484 iptables: tests: add test for iptables-save and iptables-restore
e4e0704 extensions: don't bother to build libebt/libarp extensions if nft backend was disabled
17c66a5 iptables: tests: shell: Add README
6c2118c (tag: v1.8.0) configure: bump version and libnftnl dependency
7b66fc2 man: clarify translate tools do not modify any state
f7fec51 xtables-monitor: add --version option
b470b8e xtables-legacy: fix argv0 name for ip6tables-legacy
2028e54 xtables: display legacy/nf_tables flavor in error messages, too
fd8d7d7 ebtables-nft: add stp match
f15639b tests: add script that mimics firewalld startup
27f7db2 tests: fix variable name to multi-binary
2a89ec5 tests: add a few simple tests for list/new/delete
37d9d5b ebtables-nft: make -L, -X CHAINNAME work
816bd1f ebtables-nft: remove exec_style
b81708f ebtables-nft: don't crash on ebtables -X
de02a75 doc: fix some spellos and the dash escape
dcf4529 tests: add firewalld default ruleset from fedora 27
f23abd5 tests: add another ipv4 only ruleset
ed9cfe1 tests: add initial save/restore test cases
9933dc5 tests: adapt test suite to run with legacy+nftables based binaries
be70918 xtables: rename xt-multi binaries to -nft, -legacy
d49ba50 xtables-restore: init table before processing policies
344c6eb doc: Fix spelling error in hashlimit section
e063873 tests: make duplicate test work
d26c538 xtables: add xtables-monitor
db84371 xtables: translate nft meta trace set 1 to -j TRACE
20eac2a xtables: warn in case old-style (set/getsockopt) tables exist
c9f5e18 xtables: add nf_tables vs. legacy postfix to version strings
e5fed16 iptables8.in: Update coreteam names
672accf include: update kernel netfilter header files
856a875 xtables: silence two compiler warnings
ae6e159 xtables: remove dead code inherited from ebtables
107b7eb configure: add -Wlogical-op warning to cflags
bc7f49d ebtables-translate: remove --change-counters code
38b4166 iptables: tests: shell: add shell test-suite
1e6427a xtables-compat: skip invalid tables
cb368b6 xtables: more error printing fixes
b1b828f xtables: homogenize error message
4caa559 xtables: initialize basechains for rule flush command too
9b89622 xtables: rework rule cache logic
01e25e2 xtables: add chain cache
8d190e9 xtables: initialize basechains only once on ruleset restore
0a86351 xtables-compat: ignore '+' interface name
125d1ce xtables-compat: append all errors into single line
437746c xtables: extended error reporting
d1c79cd xtables: allocate struct xt_comment_info for comments
4e20209 xtables: use libnftnl batch API
49709e2 xtables-compat: remove nft_is_ruleset_compatible
03e1377 xtables: allow dumping of chains in specific table
94fd83d xtables: inconsistent error reporting for -X and no empty chain
c4f1622 ebtables-compat: add arp match extension
24ce746 ebtables-compat: add redirect match extension
84c04e3 ebtables-compat: add nat match extensions
14ec998 xtables-compat: ebtables: prefer snprintf to strncpy
5e2b473 xtables-compat: extend generic tests for masks and wildcards
1a696c9 libxtables: store all requested match types
bb436ce xtables-compat: ip6table-save: fix save of ip6 address masks
6454d7d ebtables-translate: suppress redundant protocols
07f4ca9 xtables-compat: ebtables: allow checking for zero-mac
0ca2d2a xtables-compat: ebtables: add helpers to print interface and mac addresses
3d9f300 xtables-compat: ebtables: remove interface masks from ebt_entry struct
20e2758 xtables-compat: ebtables: fix logical interface negation
2682bb0 xtables-compat: ebtables: add and use helper to parse all interface names
564862d xtables-compat: ebtables: split match/target print from nft_bridge_print_firewall
0ae81d0 xtables-compat: ebtables: kill ebtables_command_state
651cfee xtables-compat: pass correct table skeleton
652b98e xtables-compat: fix wildcard detection
49f4993 extensions: libip6t_srh.t: Add test cases for psid, nsid, and lsid
429143b extensions: libxt_CONNMARK: incorrect translation after v2
db7b4e0 extensions: libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark
155e1c0 extensions: libip6t_srh: support matching previous, next and last SID
f4ffda1 extensions: libipt_DNAT: tests added for shifted portmap range
6a9ffb1 xtables-compat-restore: flush table and its content with no -n
07ae37c xtables-compat: fix bogus error with -X and no user-defined chains
df3d92b xtables-compat-restore: flush user-defined chains with -n
ca16584 xtables-compat-restore: flush rules and delete user-defined chains
ac1e85a extensions: libipt_DNAT: use size of nf_nat_range2 for rev2
e25d99a xtables-compat: pass larger socket buffer
838746e xtables-compat: xtables-save: don't return 1
2211679 xtables-compat: ebtables: support concurrent option
a77a7d8 iptables-test: fix bug with rateest
de87405 xtables-compat: fix ipv4 frag (-f)
c7b2fd6 xtables-compat: also check tg2->userspacesize
5685938 xtables-compat: avoid unneeded bitwise ops
b9d7b49 xtables-compat: restore: sync options with iptables-restore
c0ef861 extensions: add xlate test for ipables -f
d79a7f1 xtables-compat: output -s,d first during save, just like iptables
d1eb4d5 iptables-compat: chains are purge out already from table flush
09f0d47 iptables-compat: do not fail on restore if user chain exists
8798eb8 iptables-compat: remove non-batching routines
b633ef9 xtables.conf: fix hook skeletons
7af2178 xtables-compat: fall back to comment match in case name is too long
e9aeecf xlate-test: use locally installed xlate tools
0ab58e3 xtables-compat: ebtables: handle mac masks properly
734ad40 xtables-compat: nft-arp: fix warning wrt. sprintf-out-of-bounds
fb7ae9f xtables-compat: truncate comments to 254 bytes
36976c4 extensions: libipt_DNAT: support shifted portmap ranges
d7ac61b iptables-test: add nft switch and test binaries from git
992e17d xtables-compat: only fetch revisions for ip/ip6
12a52ff xtables: Fix rules print/save after iptables update
1197c5e xtables: Register all match/target revisions supported by us and kernel
e3bb24c xtables: Check match/target size vs XT_ALIGN(size) at register time
3b2530c xtables: Do not register matches/targets with incompatible revision
d3f1437 xtables: Introduce and use common function to print val[/mask] arguments
29b1d97 xtables: Introduce and use common function to parse val[/mask] arguments
56aadc0 extensions: Initialize linear mapping of symbols in _init() of extension
79c2da9 extensions: ULOG: remove test
a0956ce ebtables-translate: turn off useless compat queries
9840869 nft: arptables: remove obsolete forward hook definition
7a37d14 iptables-compat: statify nft_restart()
a3aac1d iptables-compat: handle netlink dump EINTR errors
a567dc3 ebtables-compat: add 'vlan' match extension
7564bba ebtables-compat: add 'pkttype' match extension
4d40904 ebtables-translate: update table name on -t
5c8ce9c ebtables-compat: add 'ip6' match extension
8a85a14 libebt_ip: fix translations for tos and icmp
b6f0bec libebt_ip: add icmp support
f38ed1e xt-translate: quote interface names in translated output
71a6e37 icmp: split icmp type printing to header file
e67c088 ebtables-translate: add initial test cases
207dd5e xt-compat: add ebtables-translate
d988274 xlate-translate: split common parts into helper
1650806 xtables-eb: export 3 functions
6b2041c nft-bridge: add eb-translate backend functions
3063c37 nft-bridge: fix mac address printing
394a400 nft: fix crash when getprotobynumber() returns 0
6a1dbdf ebtables-compat: support intra-positioned negations
3e94f0a nft-bridge: add forward declaration for struct nftnl_rule
5024efe libebt_limit: print 'minute' and 'seconds', not 'min' and 'secs'
ce3c780 nft: make nft_init self-contained
cb151d5 xtables-translate: rm duplicate includes
69c089b xt-compat: constify a few struct members
03ecffe ebtables-compat: add initial translations
57af67d iptables: constify option struct
88231c4 ebtables-compat: load mark target
6b4e167 ebtables-compat: don't make failing extension load fatal
24110b5 libxt_comment: silence truncation warning
98fc8ce xtables-compat: only validate the xtables builtin tables
9d9b724 xtables-compat: skip unsupported tables
59d15cf xtables-compat: also validate priorities and hook points match expected values
eb35854 xtables-compat: fix snprintf truncation warnings
fc04c8a extensions: CLUSTERIP: do not allow --local-node 0
eb2c052 extensions: CLUSTERIP: add tests
ca3c397 iptables: add xtables-translate.8 manpage
5beb158 extensions: libxt_bpf: Fix build with old kernel versions
147a891 extenstions: ecn: add tcp ecn/cwr translation
ed928a8 extensions: add tests for comp match options
632ace7 xtables-compat-multi.c: Allow symlink of ebtables
d7ccc68 iptables: add xtables-compat.8 manpage
043da5b extensions: connmark: remove non-working translation
a93b502 extensions: prefer plain 'set' over 'set mark and'
577b7e2 xtables-compat-restore: use correct hook priorities
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
I wanted to add status LEDs support to my imx6 based board and have
found out, that I could use diag.sh script found in ramips platform,
which seems to be also shared in a few other platforms:
4801276bc2078c5bcf03003c831e3b0a target/linux/ramips/base-files/etc/diag.sh
4801276bc2078c5bcf03003c831e3b0a target/linux/ipq40xx/base-files/etc/diag.sh
4801276bc2078c5bcf03003c831e3b0a target/linux/ath79/base-files/etc/diag.sh
So I've extended the base diag.sh in a way, that if it detects any of
the DTS LED aliases, then it would use the generic DTS set_led_state
code.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
SOC: IPQ4018 / QCA Dakota
CPU: Quad-Core ARMv7 Processor rev 5 (v7l) Cortex-A7
DRAM: 256 MiB
NOR: 32 MiB
ETH: Qualcomm Atheros QCA8072
WLAN1: Qualcomm Atheros QCA4018 2.4GHz 802.11bgn 2:2x2
WLAN2: Qualcomm Atheros QCA4018 5GHz 802.11a/n/ac 2:2x2
INPUT: RESET Button
LEDS: Power, LAN, MESH, WLAN 2.4GHz, WLAN 5GHz
1. Load Ramdisk via U-Boot
To set up the flash memory environment, do the following:
a. As a preliminary step, ensure that the board console port is connected to the PC using these RS232 parameters:
* 115200bps
* 8N1
b. Confirm that the PC is connected to the board using one of the Ethernet ports. Set a static ip 192.168.99.8 for Ethernet that connects to board. The PC must have a TFTP server launched and listening on the interface to which the board is connected. At this stage power up the board and, after a few seconds, press 4 and then any key during the countdown.
U-BOOT> set serverip 192.168.99.8 && set ipaddr 192.168.99.9 && tftpboot 0x84000000 openwrt.itb && bootm
2. Load image via GUI
a. Upgrade EAP1300 to FW v3.5.3.2
In the GUI, System Manager > Firmware > Firmware Upgrade, to do upgrade.
b. Transfer to OpenWrt from EnGenius.
In Firmware Upgrade page, to upgrade yours openwrt-ipq40xx-engenius_eap1300-squashfs-sysupgrade.bin.
3. Revert to EnGenius EAP1300
To flash openwrt-ipq40xx-engenius_eap1300-squashfs-factory.bin by using sysupgrade command and "DO NOT" keep configuration.
$ sysupgrade –n openwrt-ipq40xx-engenius_eap1300-squashfs-factory.bin
Signed-off-by: Steven Lin <steven.lin@senao.com>
To be able to use the camera module, start_x=1 has to be set in
config.txt. This will cause the bootloader to load the GPU firmware that
contain the extra video codecs. Install these firmware files.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
An upstream change broke brcmfmac when loaded with modparam roamoff=1.
As we are carrying a patch that enables roamoff by default on the
brcm2708 target to improve stability, wireless is currently broken
there. Add a patch to fix brcmfmac with roamoff=1.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
For the parameters tls-cipher and ncp-ciphers more than one option can
be used in the OpenVPN configuration, separated by a colon, which should
be implemented as a list in order to configure it more clearly. By
adding the new OPENVPN_LIST option to the openvpn.options file with the
tls-cipher and ncp-cipher parameters, uci can now add this option as a
"list" and the init script will generate the appropriate OpenVPN
configuration from it.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
This is actually a build dependency for /dev/crypto support in openssl.
Since it is a kernel module, it belongs here anyway.
- Removed Nikos Mavrogiannopoulos as maintainer.
- Streamlined make flags
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
This reverts commit 41770add03.
The fwtool_check_image() procedure is used by `sysupgrade --test` which must
not alter the image under test in any way.
Currently, when the LuCI ui or any other sysupgrade wrapper first invokes
sysupgrade --test to verify the compatibility of the image and then calculates
the sha256sum over it, the resulting checksum will differ from the original
image since the test invocation will implicitely strip the metadata trailer.
To properly fix the underlying issue, the combined image checksumming code
must be modified to skip the metadata trailer.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The return value of a package prerm script is discarded and not returned
correctly by default_prerm(). This allows other operations like service
shutdown to "leak" their return value, prompting workarounds like commit
48cfc826 which do not address the root cause.
Preserve a package prerm script return value for use by default_prerm(),
sharing the corresponding code from default_postinst() for consistency.
Also use consistent code for handling of /etc/init.d/ scripts.
Run Tested on: LEDE 17.01.4 running ar71xx.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Update the OpenVPN package to version 2.4.6, refresh patches and drop
menuconfig options which are not supported upstream anymore.
Also fix the x509-alt-username configure flag - it is not supported
by mbedtls and was syntactically wrong in the Makefile - and the
port-share option which has been present in menuconfig but not been
used in the Makefile.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
dfa4ede interface: fix return code of __interface_add()
a82a8f6 netifd: fix resource leak on error in netifd_add_dynamic()
fa2403d config: fix resource leaks on error in config_parse_interface()
85de9de interface: fix memory leak on error in __interface_add()
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
As automatic helper assignment is disabled in recent Linux kernels,
explicit rules must be added to the raw table for each helper.
While commit f50a524 in the firewall3 project added a set of default
rules and other additional related functionality, both this and the
alternative manual methods of defining these rules require kmod-ipt-raw.
Signed-off-by: Steven Honson <steven@honson.id.au>
This patch adds support for the Netgear WNDAP620 and WNDAP660,
they are similar devices, but due to the LAN LED configuration,
the switch setup and WIFI configuration each gets a different
device target.
Hardware Highlights WNDAP620:
CPU: AMCC PowerPC APM82181 at 1000 MHz
DRAM: 128 MB, 2 x 64 MiB DDR2 Hynix H5PS5162GF
CPU: AMCC PowerPC APM82181 at 1000 MHz
FLASH: 32 MiB, NAND SLC, Hynix HY27US08561A
Ethernet: RealTek RTL8363SB 2x2-Port Switch PHY - Only 1 GBit Port (POE)
Wifi: Atheros AR9380 minipcie - Dual-Band - 3x3:3
Serial: console port with RJ45 Interface (9600-N-8-1)
LEDS: Power, LAN-Activity, dual color LAN-Linkspeed, 2.4GHz, 5GHz LEDs
Button: Soft Reset Button
Antennae: 3 internal dual-band antennae + 3 x RSMA for external antennaes
Hardware Highlights WNDAP660:
CPU: AMCC PowerPC APM82181 at 1000 MHz + 2 Heatsinks
DRAM: 256 MB, 2 x 128 MiB DDR2
FLASH: 32 MiB, NAND SLC, Hynix HY27US08561A
Ethernet: RealTek RTL8363SB 2x2-Port Switch PHY (POE)
Wifi1: Atheros AR9380 minipcie - Dual-Band - 3x3:3
Wifi2: Atheros AR9380 minipcie - Dual-Band - 3x3:3
Serial: console port with RJ45 Interface (9600-N-8-1)
LEDS: Power, LAN-Activity, 2x dual color LAN-Linkspeed, 2.4GHz, 5GHz LEDs
Button: Soft Reset Button
Antennae: 6 internal dual-band antennae + 3 x RSMA for external antennaes
Flashing requirements:
- needs a tftp server at 192.168.1.10/serverip.
- special 8P8C(aka RJ45)<->D-SUB9 Console Cable
("Cisco Console Cable"). Note: Both WNDAP6x0 have
a MAX3232 transceivers, hence no need for any separate
CMOS/TTL level shifters.
External Antenna:
The antennae mux is controlled by GPIO 11 and GPIO14. Valid Configurations:
= Config# = | = GPIO 11 = | = GPIO 14 = | ===== Description =====
1. | 1 / High | 0 / Low | Use the internal antennae (default)
2. | 0 / Low | 1 / High | Use the external antennae
The external antennaes are only meant for the 2.4 GHz band.
One-way Flashing instructions via u-boot:
0. connect the serial cable to the RJ45 Console Port
Note: This requires a poper RS232 and not a TTL/USB adaptor.
1. power up the AP and interrupt the u-boot process at
'Hit any key to stop autoboot'
2. setup serverip and ipaddr env settings
Enter the following commands into the u-boot shell
# setenv ipaddr 192.168.1.1
# setenv serverip 192.168.1.10
3. download the factory.img image to the AP
Enter the following commands into the u-boot shell
# tftp ${kernel_addr_r} openwrt-apm821xx-nand-netgear_wndap660-squashfs-factory.img
4. verfiy image integrity
Enter the following commands into the u-boot shell
# crc32 $fileaddr $filesize
If the calculated crc32 checksum does not match, go back to step 3.
5. flash the image
Enter the following commands into the u-boot shell
# nand erase 0x110000 0x1bd0000
# nand write ${kernel_addr_r} 0x110000 ${filesize}
6. setup uboot environment
Enter the following commands into the u-boot shell
# setenv bootargs
# setenv fileaddr
# setenv filesize
# setenv addroot 'setenv bootargs ${bootargs} root=/dev/ubiblock0_0'
# setenv owrt_boot 'nboot ${kernel_addr_r} nand0 0x110000; run addroot; run addtty; bootm ${kernel_addr_r}'
# setenv bootcmd 'run owrt_boot'
# saveenv
7. boot
# run bootcmd
Booting initramfs instructions via u-boot:
Follow steps 0 - 2 from above.
3. boot initramfs
Enter the following commands into the u-boot shell
# tftp ${kernel_addr_r} openwrt-apm821xx-nand-netgear_wndap660-initramfs-kernel.bin
# run addtty
# bootm ${kernel_addr_r}
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This patch adds u-boot environment access to the MX60(W) target.
"The environment size is one NAND block (128KiB on Buckminster).
We allocate four NAND blocks to deal with bad blocks which may
exist in the saved environment"
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
All apm821xx devices use u-boot and most of them have
an accessible u-boot environment. This patch adds the
necessary template file, but does not add the
uboot-envtools package to any of the targets.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
If I create following image:
define Device/engenius-m36
IMAGE/sysupgrade.bin := combined-image | append-metadata
endef
Sysupgrade then errors out:
Invalid image. Contents do not match checksum (image:cd285595eaf297370404ae0e2815ec1a calculated:2cf9a2286fb6b01af3ea189128017d44)
Image check 'platform_check_image' failed.
By removing the metadata from the image I get combined-image checksum
working again and sysupgrade works.
Signed-off-by: Petr Štetiar <ynezz@true.cz>