Commit Graph

16730 Commits

Author SHA1 Message Date
Magnus Kroken
02fcbe2f3d mbedtls: update to 2.16.6
Security fixes for:
* CVE-2020-10932
* a potentially remotely exploitable buffer overread in a DTLS client
* bug in DTLS handling of new associations with the same parameters

Full release announement:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2020-04-17 23:43:01 +02:00
Daniel Golle
0495324b9b mac80211: make sure existing iface belongs to correct (fullmac) phy
Some FullMAC cfg80211 wireless devices do not support virtual
interfaces, hence there is script logic to keep the existing network
device. Improve this to support renaming the interface if needed and
make sure the existing interface actually belongs to the right phy.
Change calls to 'iw' to avoid outputing warnings and errors to not
confuse users of such devices.

Also bump PKG_RELEASE which has been forgotten in the previous two
mac80211 changes.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-17 13:31:58 +01:00
Lucian Cristian
16ad4de2c0 elfutils: aarch64 fix build on musl
aarch64_initreg.c: In function 'aarch64_set_initial_registers_tid':
aarch64_initreg.c:85:37: error: invalid operands to binary & (have 'long double' and 'unsigned int')
     dwarf_fregs[r] = fregs.vregs[r] & 0xFFFFFFFF;
                      ~~~~~~~~~~~~~~ ^

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2020-04-17 13:43:34 +02:00
Petr Štetiar
8e99bbda19 uboot-sunxi: bump to 2020.04 relase
Refreshed patches, removed upstreamed patch:

 260-configs-a64-olinuxino-emmc-add-eMMC-boot-part-config.patch

Boot tested on a64-olinuxino-emmc.

Cc: Zoltan HERPAI <wigyori@uid0.hu>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-17 13:43:34 +02:00
Petr Štetiar
260a225ba4 uboot-imx6: bump to 2020.04 release
Refreshed all patches, run tested on apalis.

Cc: Vladimir Vid <vladimir.vid@sartura.hr>
Cc: Tim Harvey <tharvey@gateworks.com>
Cc: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-17 13:43:34 +02:00
David Bauer
0f1b5ce2f5 mac80211: drop data frames without key on encrypted links
If we know that we have an encrypted link (based on having had
a key configured for TX in the past) then drop all data frames
in the key selection handler if there's no key anymore.

This fixes an issue with mac80211 internal TXQs - there we can
buffer frames for an encrypted link, but then if the key is no
longer there when they're dequeued, the frames are sent without
encryption. This happens if a station is disconnected while the
frames are still on the TXQ.

Detecting that a link should be encrypted based on a first key
having been configured for TX is fine as there are no use cases
for a connection going from with encryption to no encryption.
With extended key IDs, however, there is a case of having a key
configured for only decryption, so we can't just trigger this
behaviour on a key being configured.

Cc: stable@vger.kernel.org
Reported-by: Jouni Malinen <j@w1.fi>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
2020-04-17 13:27:40 +02:00
Daniel Golle
99d567a83d mac80211: fix detecting existing interface
Instead of using the actual interface name, a hard-coded 'wlan0' has
slipped into the script. Replace it.

Fixes: ccf2aa9d4b ("mac80211: detect existing interface before adding")
Reported-by: John Crispin <john@phrozen.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-17 11:36:35 +01:00
Daniel Golle
7c2e0fa586 procd: jail fixes and improvements
32c717e jail: only mess with rootfs if CLONE_NEWNS was set
 b275a62 instance: harmonize instance API
 511fd97 jail: make /proc more secure
 4953b7c jail: mount /sys read-only
 a4d6442 jail: replace /etc/resolv.conf with symlink in extroot+overlay
 a4cc165 jail: always mount /dev as additional tmpfs

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 16:16:06 +01:00
Daniel Golle
e23de62845 netifd: clean up netns functionality
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 13:53:11 +01:00
Kevin Darbyshire-Bryant
9fd36f54f5 Revert "kmod-sched: add act_police"
This reverts commit 1b973b54ea.

It turns out act_police is included in the kmod-sched package so this
package turns out to be superfluous and causes file provision conflicts.

Ooooops!  Best revert it then.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-14 08:48:33 +01:00
Daniel Golle
a5a90a94ce netifd: fix jail ifdown and jails without jail_ifname
The previous commit introduced a regression for netns jails without
jail_ifname set. Fix that.

Fixes: 4e4f7c6d2d ("netifd: network namespace jail improvements")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 00:55:02 +01:00
Daniel Golle
4e4f7c6d2d netifd: network namespace jail improvements
aaaca2e interface: allocate and free memory for jail name
 d93126d interface: allow renaming interface when moving to jail netns

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 00:22:21 +01:00
Daniel Golle
a66efbf916 mac80211: adapt for single-instance wpad
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 00:22:21 +01:00
Daniel Golle
f37d634236 hostapd: reduce to a single instance per service
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 00:22:21 +01:00
Rosen Penev
d27623b542 elfutils: update to 0.179
Removed sys/cdefs usage. The header is deprecated.

Removed canonicalize_file_name define. It's already fixed upstream.

Added --disable-debuginfod. Seems to be needed.

Modified patch 005 to build more stuff. It was failing before. It still
only builds libraries.

Modified patch 100 to use strerror under non-glibc. It is used under
glibc as strerror is not thread safe. It is under musl and uClibc-ng.
strerror_l is not available under uClibc-ng.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-04-13 22:40:19 +02:00
Rosen Penev
76d22fc24b hostapd: backport usleep patch
Optionally fixes compilation with uClibc-ng.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-04-13 22:40:19 +02:00
Kirill Lukonin
dce97df740 wpa_supplicant: disable CONFIG_WRITE functionality
CONFIG_WRITE functionality is not used and could be removed.
Looks helpful for devices with small flash because wpad is also affected.

Little testing shows that about 6 KB could be saved.

Signed-off-by: Kirill Lukonin <klukonin@gmail.com>
2020-04-13 22:40:06 +02:00
Jose Olivera
93a8cdf5d8 mwlwifi: Update the 88W8964's firmware to 9.3.2.12 and fix backports version detection
Updates the 88W8964 firmware used in the Linksys WRT3200ACM and WRT32X
[v9.3.2.6 -> v9.3.2.12]

Removes 0c43219 ("mwlwifi: Fix loading with backports v5.3")
as it has been merged upstream.

Unfortunately, there is a bug wherein Kaloz's repo, the version
detection mechanism for fixing vendor commands doesn't work.

It pulls in the Linux kernel version, which as of this time is
"4.14.y" or "4.19.y"

However, the proper behaviour is that it should pull in the mac80211
backports version which as of now is "5.4.27"

The included patch works around this using a backports define found
only on versions >5.3, "VENDOR_CMD_RAW_DATA".

Signed-off-by: Jose Olivera <oliverajeo@gmail.com>
2020-04-13 22:11:26 +02:00
Lucian Cristian
8f342a39de kernel: hwmon: add dme1737 driver
SMSC DME1737, SCH3112, SCH3114, SCH3116, SCH5027 monitoring support

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2020-04-13 22:11:22 +02:00
Álvaro Fernández Rojas
97c5fb4709 cypress-firmware: update to v5.4.18-2020_0402
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-04-13 10:14:48 +02:00
Daniel Golle
0aa2ecf5b2 base-files: don't ship local build key when on buildbot
Including the local build key in /etc/opkg/keys isn't feasible when
building on the buildbot: The included key collides with its copy
already in openwrt-keyring which breaks the ImageBuilder.
Not including a locally generated key also makes the base-files package
more reproducible.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-12 20:35:00 +01:00
Chuanhong Guo
f017f617ae base-files: preinit: also config switch when no port roles defined
current preinit code in base-files doesn't config switch when there are
no port roles defined. But this kind of configuration exists on single
port devices where switch vlan is simply disabled.
configure reset and enable_vlan property when a switch node exist.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-12 22:29:02 +08:00
Kevin Darbyshire-Bryant
4f34e430ed dnsmasq: bump to v2.81
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-12 15:04:48 +01:00
Adrian Schmutzler
ae636effd2 base-files: source functions.sh in /lib/functions/system.sh
The file /lib/functions/system.sh depends on find_mtd_index() and
find_mtd_part() located in /lib/function.sh, so let's source that
file.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-04-12 14:16:57 +02:00
Adrian Schmutzler
282e817350 base-files: do not source system.sh in functions.sh
The default_postinst() function in /lib/functions.sh sources
/lib/functions/system.sh before cycling through uci-defaults files.

This creates a pseudo-cyclic dependency as system.sh also uses
functions that are located in functions.sh. Despite that, there
is actually only one uci-defaults file in the entire repo that needs
system.sh, and this one contains an explicit source for system.sh
anyway.

Consequently, this patch removes the sourcing of system.sh in
functions.sh. There are no relevant uses in packages, routing and
luci repositories.
This may require adjustments for downstream, though.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-04-12 14:16:54 +02:00
Adrian Schmutzler
23d3fafd87 broadcom-wl: fix compilation with kernel 5.4
This adds two fixes for compilation with kernel 5.4:

1. dev_open from include/linux/netdevice.h needs a second parameter
   since kernel 5.0:
   00f54e68924e ("net: core: dev: Add extack argument to dev_open()")
2. get_ds() macro definition has been dropped since kernel 5.1:
   736706bee329 ("get rid of legacy 'get_ds()' function")
   Since get_ds() has been just a macro before, replace it in
   the driver instead of creating a version switch.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-04-12 12:41:12 +02:00
Adrian Schmutzler
d761b9f211 broadcom-wl: fix compilation with kernel >= 4.15
Since kernel 4.15, init_timer is not available anymore, and has been
replaced by timer_setup. The fixes compilation of wl_linuc.c, which
returned the following errors beforehand (line-wrapped manually):

.../broadcom-wl-5.10.56.27.3/driver/wl_linux.c: In function 'wl_init_timer':
.../broadcom-wl-5.10.56.27.3/driver/wl_linux.c:2576:2: error: implicit
	declaration of function 'init_timer'; did you mean 'init_timers'?
	[-Werror=implicit-function-declaration]
  init_timer(&t->timer);
  ^~~~~~~~~~
  init_timers
.../broadcom-wl-5.10.56.27.3/driver/wl_linux.c:2577:10: error:
	'struct timer_list' has no member named 'data'
  t->timer.data = (ulong) t;
          ^
.../broadcom-wl-5.10.56.27.3/driver/wl_linux.c:2578:20: error: assignment
	to 'void (*)(struct timer_list *)' from incompatible pointer type
	'void (*)(ulong)' {aka 'void (*)(long unsigned int)'}
	[-Werror=incompatible-pointer-types]
  t->timer.function = wl_timer;

This should fix build of several devices on bcm63xx with testing
kernel (4.19).

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-04-12 12:35:37 +02:00
Hans Dedecker
8d9e26457c iproute2: update to 5.6.0
Update iproute2 to latest stable 5.6.0; for the changes see https://lwn.net/Articles/816778/

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-04-11 21:02:26 +02:00
Pawel Dembicki
c30220d458 ipq40xx: add support for Cell C RTL30VW
Cell C RTL30VW is a LTE router with tho gigabit ethernets and integrated
QMI mPCIE modem.

This is stripped version of ASKEY RTL0030VW.

Hardware:

Specification:
-CPU: IPQ4019
-RAM: 256MB
-Flash: NAND 128MB + NOR 16MB
-WiFi: Integrated bgn/ac
-LTE: mPCIe card (Modem chipset MDM9230)
-LAN: 2 Gigabit Ports
-USB: 2x USB2.0
-Serial console: RJ-45 115200 8n1
-Unsupported VoIP

Known issues:

None so far.

Instruction install:

There are two methods: Factory web-gui and serial + tftp.

Web-gui:
1. Apply factory image via stock web-gui.

Serial + initramfs:
1. Rename OpenWrt initramfs image to "image"
2. Connect serial console (115200,8n1)
3. Set IP to different than 192.168.1.11, but 24 bit mask, eg. 192.168.1.4.

4. U-Boot commands:
sf probe && sf read 0x80000000 0x180000 0x10000
setenv serverip 192.168.1.4
set fdt_high 0x85000000
tftpboot 0x84000000 image
bootm 0x84000000

5. Install sysupgrade image via "sysupgrade -n"

Back to stock:

All is needed is swap 0x4c byte in mtd8 from 0 to 1 or 1 to 0,
do firstboot and factory reset with OFW:

1. read mtd8:
dd if=/dev/mtd8 of=/tmp/mtd8
2. go to tmp:
cd /tmp/
3. write first part of partition:
dd if=mtd8 of=mtd8.new bs=1 count=76
4. check which layout uses bootloader:
cat /proc/mtd
5a. If first are kernel_1 and rootfs_1 write 0:
echo -n -e '\x00' >> mtd8.new
5b. If first are kernel and rootfs write 1:
echo -n -e '\x01' >> mtd8.new
6. fill with rest of data:
dd if=mtd8 bs=1 skip=77 >> mtd8.new
7. CHECK IF mtd8.new HAVE CHANGED ONLY ONE BYTE! e.g with:
hexdump mtd8.new
8. write new mtd8 to flash:
mtd write mtd8.new /dev/mtd8
9. do firstboot
10.reboot
11. Do back to factory defaults in OFW GUI.

Based on work: Cezary Jackiewicz <cezary@eko.one.pl>

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2020-04-10 15:22:26 +02:00
DENG Qingfang
a30abb1b6b ipq40xx: add support for MobiPromo CM520-79F
MobiPromo CM520-79F is an AC1300 dual band router based on IPQ4019

Specification:

SoC/Wireless: QCA IPQ4019
RAM: 512MiB
Flash: 128MiB SLC NAND
Ethernet PHY: QCA8075
Ethernet ports: 1x WAN, 2x LAN
LEDs: 7 LEDs
      2 (USB, CAN) are GPIO
      other 5 (2.4G, 5G, LAN1, LAN2, WAN) are connected to a shift register
Button: Reset

Flash instruction:
Disassemble the router, connect UART pins like this:
 GND TX    RX
  [x x . . x .]
  [. . . . . .]

(QCA8075 and IPQ4019 below)
Baud-rate: 115200

Set up TFTP server: IP 192.168.1.188/24
Power on the router and interrupt the booting with UART console
env backup (in case you want to go back to stock and need it there):
	printenv
	(Copy the output to somewhere save)
Set bootenv:
	setenv set_ubi 'set mtdids nand0=nand0; set mtdparts mtdparts=nand0:0x7480000@0xb80000(fs); ubi part fs'
	setenv bootkernel 'ubi read 0x84000000 kernel; bootm 0x84000000#config@1'
	setenv cm520_boot 'run set_ubi; run bootkernel'
	setenv bootcmd 'run cm520_boot'
	setenv bootargs
	saveenv
Boot initramfs from TFTP:
	tftpboot openwrt-ipq40xx-generic-mobipromo_cm520-79f-initramfs-fit-zImage.itb
	bootm
After initramfs image is booted, backup rootfs partition in case of reverting to stock image
	cat /dev/mtd12 > /tmp/mtd12.bin
Then fetch it via SCP

Upload nand-factory.ubi to /tmp via SCP, then run
	mtd erase rootfs
	mtd write /tmp/*nand-factory.ubi rootfs
	reboot

To revert to stock image, restore default bootenv in uboot UART console
	setenv bootcmd 'bootipq'
	printenv
use the saved dump you did back when you installed OpenWrt to verify that
there are no other differences from back in the day.
	saveenv
upload the backed up mtd12.bin and run
	tftpboot mtd12.bin
	nand erase 0xb80000 0x7480000
	nand write 0x84000000 0xb80000 0x7480000
The BOOTCONFIG may have been configured to boot from alternate partition (rootfs_1) instead
In case of this, set it back to rootfs:
	cd /tmp
	cat /dev/mtd7 > mtd7.bin
	echo -ne '\x0b' | dd of=mtd7.bin conv=notrunc bs=1 count=1 seek=4
	for i in 28 48 68 108; do
		dd if=/dev/zero of=mtd7.bin conv=notrunc bs=1 count=1 seek=$i
	done
	mtd write mtd7.bin BOOTCONFIG
	mtd write mtd7.bin BOOTCONFIG1

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
[renamed volume to ubi to support autoboot,
as per David Lam's test in PR#2432]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-04-10 15:22:26 +02:00
Kevin Darbyshire-Bryant
1b973b54ea kmod-sched: add act_police
"Whoop whoop, sound of da police"

Add an ingress capable traffic policer module configurable with tc.

From the man page:

The police action allows to limit bandwidth of traffic matched by the
filter it is attached to. Basically there are two different algorithms
available to measure the packet rate: The first one uses an internal
dual token bucket and is configured using the rate, burst, mtu,
peakrate, overhead and linklayer parameters. The second one uses an
in-kernel sampling mechanism. It can be fine-tuned using the estimator
filter parameter.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-10 12:26:31 +01:00
Daniel Engberg
cb511ceb45 e2fsprogs: Update to 1.45.6
Update e2fsprogs to 1.45.6

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-04-09 22:08:16 +02:00
Daniel Golle
de63466364 exfat-utils: add exFAT File System utilities package
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-09 15:11:44 +01:00
Daniel Golle
02a1914585 procd: bump to latest HEAD
2188d81 jail: add support for launching extroot containers
 6f3dbd2 jail: add support for userns and cgroupsns
 28a06e5 jail: add support for (ram-)overlayfs

Add handling for extroot, overlaydir and tmpoverlaysize as well as
jail flags for userns and cgroupsns to OpenWrt's shell script to
allow their use in init scripts.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-09 13:07:22 +01:00
Eneas U de Queiroz
1da014fcca busybox: quote 'source' filenames in Config.in
Newer versions of the kconfig program requires quoting the arguments of
the 'source' directive.  These are the last ones not using them.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-04-09 12:51:10 +02:00
Eneas U de Queiroz
2e6b6f9fca kernel: add @IPV6 dependency to ipv6 modules
IPv6 modules should all depend on @IPV6, to avoid circular dependencies
problems, especially if they select a module that depends on IPV6 as
well.  In theory, if a package A depends on IPV6, any package doing
'select A' (DEPENDS+= A) should also depend on IPV6; otherwise selecting
A will fail.  Sometimes the build system is forgiving this, but
eventually, and unexpectedly, it may blow up on some other commit.

Alternatively one can conditionally add IPv6 dependencies only if
CONFIG_IPV6 is selected: (DEPENDS+= +IPV6:package6).

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-04-09 12:51:10 +02:00
Norbert van Bolhuis
9aa3d5b345 linux-atm: Include linux/sockios.h for SIOCGSTAMP
Since linux kernel commit 0768e17073dc527ccd18ed5f96ce85f9985e9115
(2019-04-19) the asm-generic/sockios.h header no longer defines
SIOCGSTAMP. Instead it provides only SIOCGSTAMP_OLD.

The linux/sockios.h header now defines SIOCGSTAMP using either
SIOCGSTAMP_OLD or SIOCGSTAMP_NEW as appropriate. This linux only
header file is not included so we get a build failure.

Signed-off-by: Norbert van Bolhuis <nvbolhuis@aimvalley.nl>
2020-04-09 00:12:46 +02:00
Florian Eckert
91c61aae20 base-files: add enabled commands to service rc.common
Add missing enbaled command help output.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2020-04-08 22:07:18 +02:00
Pawel Dembicki
5a5a9b7a75 packages: mt76: add 14c3:7610 pci id to list
This commit add patch with 14c3:7610 pci id addition.

It was sent upstream.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
[bumped PKG_RELEASE]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-08 14:05:29 +01:00
Rosen Penev
d8bde3687a iproute2: add kmod-netlink-diag for ss
Allows proper usage of the ss tool. Otherwise, several errors and bad
data gets thrown:

Cannot open netlink socket: Protocol not supported
Cannot open netlink socket: Protocol not supported
Cannot open netlink socket: Protocol not supported
Cannot open netlink socket: Protocol not supported
Cannot open netlink socket: Protocol not supported
Cannot open netlink socket: Protocol not supported
Cannot open netlink socket: Protocol not supported

Originally reported here: https://github.com/openwrt/packages/issues/8232

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-04-07 20:40:03 +02:00
Rosen Penev
92792ead34 kmod: add netlink-diag package
This is used by the ss utility from iproute2.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-04-07 20:39:47 +02:00
Hans Dedecker
ae06a650d6 ppp: update to version 2.4.8.git-2020-03-21
Use upstream latest git HEAD as it allows to remove the patches
700-radius-Prevent-buffer-overflow-in-rc_mksid,
701-pppd-Fix-bounds-check-in-EAP-code and
702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP and
take in other fixes.

41a7323 pppd: Fixed spelling 'unkown' => 'unknown' (#141)
6b014be pppd: Print version information to stdout instead of stderr (#133)
cba2736 pppd: Add RFC1990 (Multilink) to the See Also section of the man page
f2f9554 pppd: Add mppe.h to the list of headers to install if MPPE is defined
ae54fcf pppd: Obfuscate password argument string
8d45443 pppd: Ignore received EAP messages when not doing EAP
8d7970b pppd: Fix bounds check in EAP code
858976b radius: Prevent buffer overflow in rc_mksid()

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-04-06 20:42:45 +02:00
Tan Zien
02f07c6401 kernel: netdev: add missing config for mlx5 driver
The mlk5 kmod lacks all necessary build symbols
for kernel 4.14 (again).

Add missing symbols to avoid build failure on these targets.

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
[rewrite commit message - reorder symbols]
Signed-off-by: David Bauer <mail@david-bauer.net>
2020-04-06 12:39:00 +02:00
Kevin Darbyshire-Bryant
4540c3c3bf dnsmasq: bump to 2.81rc5
Bump to 2.81rc5 and re-work ipset-remove-old-kernel-support.

More runtime kernel version checking is done in 2.81rc5 in various parts
of the code, so expand the ipset patch' scope to inlude those new areas
and rename to something a bit more generic.:wq

Upstream changes from rc4

532246f Tweak to DNSSEC logging.
8caf3d7 Fix rare problem allocating frec for DNSSEC.
d162bee Allow overriding of ubus service name.
b43585c Fix nameserver list in auth mode.
3f60ecd Fixed resource leak on ubus_init failure.
0506a5e Handle old kernels that don't do NETLINK_NO_ENOBUFS.
e7ee1aa Extend stop-dns-rebind to reject IPv6 LL and ULA addresses. We also reject the loopback address if rebind-localhost-ok is NOT set.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-06 09:30:45 +01:00
Peter Stadler
5c1d88a83f netifd: fix 14_migrate-dhcp-release script
prepend 'uci' to 'commit network'

Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
2020-04-05 18:54:22 +02:00
Kevin Darbyshire-Bryant
82df192a01 dropbear: backport add ip address to exit without auth messages
201e359 Handle early exit when addrstring isn't set
fa4c464 Improve address logging on early exit messages (#83)

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-05 10:56:52 +01:00
Kevin Darbyshire-Bryant
1c6143e4a0 hostapd: Move hostapd variants to WirelessAPD menu
It seemed very confusing when trying to select the different variants of
hostapd which are somewhat scattered about under the menu 'Network'.
Moving all hostapd variants under a common submenu helps avoid
confusion.

Inspired-by: Kevin Mahoney <kevin.mahoney@zenotec.net>
[Fixup badly formatted patch, change menu name]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-05 10:41:49 +01:00
Kevin Darbyshire-Bryant
22ae8bd50e umdns: update to the version 2020-04-05
ab7a39a umdns: fix unused error
45c4953 dns: explicitly endian-convert all fields in header and question

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-05 09:24:22 +01:00
Tan Zien
d24e43a7f6 kernel: Fix miss config and module for mlx driver
Missing config symbols could lead to build failures on kernel
4.14/4.19.

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
[rephrase commit message - reorder symbols]
Signed-off-by: David Bauer <mail@david-bauer.net>
2020-04-04 17:12:43 +02:00
Kevin Darbyshire-Bryant
02640f0147 umdns: suppress address-of-packed-member warning
gcc 8 & 9 appear to be more picky with regards access alignment to
packed structures, leading to this warning in dns.c:

dns.c:261:2: error: converting a packed ‘struct dns_question’ pointer
(alignment 1) to a ‘uint16_t’ {aka ‘short unsigned int’} pointer
(alignment 2) may result in an unaligned pointer value
[-Werror=address-of-packed-member]

261 |  uint16_t *swap = (uint16_t *) q;

Work around what I think is a false positive by turning the warning off.
Not ideal, but not quite as not ideal as build failure.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-04 11:28:18 +01:00