Commit Graph

42441 Commits

Author SHA1 Message Date
Dmitry Tunin
de3e415a2e igmpproxy: add a silent logging option
[0-3](none, minimal[default], more, maximum)

It is not 100% backward compatible, because now 0 disables logging

Signed-off-by: Dmitry Tunin <hanipouspilot@gmail.com>
(backported from 7a6b2badfa)
2018-12-18 10:13:37 +01:00
Rafał Miłecki
81541d9159 bcm53xx: exit if writing kernel during sysupgrade fails
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(backported from 93cc44c433)
2018-12-18 10:09:11 +01:00
Christo Nedev
8dd91b56be brcm2708: Update brcm2708-gpu-fw package
Problem - rapsberry pi 3 b/b+ does not boot with bcm2710 images!

How Raspberry Pi boots Actualy?

When Raspberry is switched on GPU is activated.
1. GPU execute First stage bootloader from ROM.
First stage bootloader mount the FAT boot partition on the SD card
and execute second stage bootloader (bootcode.bin).
2. Second stage bootloader (bootcode.bin) activate SDRAM.
Load the GPU firmware (start.elf).
3. GPU firmware (start.elf)
  a) display Rainbow splash.
  b) read firmware configuration file config.txt and
     split the RAM using fixup.dat.
  c) loads a cmdline.txt
  d) enables the CPU.
  e) loads the kernel image configurable via config.txt

In your target/linux/brcm2708/image/config.txt
 493 ## kernel (string)
 494 ##     Alternative name to use when loading kernel.
 495 ##
 496 #kernel=""
it is not configured!

But in your target/linux/brcm2708/image/Makefile
  75   KERNEL_IMG := kernel8.img
  76   DEVICE_TITLE := Raspberry Pi 3B/3B+
you have kernel8.img

GPU Firmware search order by default for a PI 3 is:
kernel8.img if found boot in 64 bit mode
kernel8-32.img if found boot in 32 bit mode
kernel7.img if found boot in 32 bit mode
kernel.img if found boot in 32 bit mode

But a PI 2 will start the search from kernel7.img and
a PI 1 only looks for kernel.img.

Оbviously the kernel has been found.
But something goes wrong and the device is restarted.

In your package/kernel/brcm2708-gpu-fw/Makefile
  11 PKG_NAME:=brcm2708-gpu-fw
  12 PKG_VERSION:=2017-08-08
  13 PKG_RELEASE:=e7ba7ab135f5a68b2c00a919ea9ac8d5528a5d5b
boot loader is 10 monts old.

In conclusion, the best way to solve the problem is
to update the boot loader!

Fixup_cd.dat and start_cd.elf files are not necessary.
These are used when GPU memory is set to 16 MB, which disables
some GPU features.
I did not remove them just in case!

cheers

Signed-off-by: Christo Nedev <christo.nedev@gmail.com>
(backported from c335649629)
2018-12-18 10:08:24 +01:00
Mathias Kresin
031d5cf248 kernel: don't auto attach ubi on read error
With a10a204aab ("kernel: make ubi auto-attach check for a tar file
magic") the check for the magic was added without considering a failing
mtd_read(). If the read fails, no check is done and the mount code is
called straight away.

Failing with an error message for such cases seems to me the cleaner way,
as it would allow to spot hidden/workaround issues.

Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 3716b5e4e6)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:50:54 +01:00
Mathias Kresin
e694526264 kernel: handle bad blocks in ubi auto attach code
The first block(s) of the ubi mtd device might be bad. We need to take
care on our own to skip the bad block(s) and read the next one(s).

Don't treat recoverable read errors as fatal and check for the UBI magic
if the data of a block could be recovered using ECC or similar.

Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 0ac91d82ed)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:50:51 +01:00
Mathias Kresin
edc2af2be9 kernel: improve ubi auto attach code readability
Move the put_mtd_device() called on multiple error conditions to a goto
label to use it later for more error conditions.

The early return on failed open of the mtd device and mismatching mtd
type allows to get rid of one level of indentation. By jumping to the
cleanup code, a refcount bug is fixed for the wrong flash type condition.

While at it, make clear that we only check for the UBI magic if the read
from flash was successful.

Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from fdf6760cda)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:50:47 +01:00
Jo-Philipp Wich
c0673db23f build: do not override CCACHE_DIR when ccache is disabled
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from 991c7a4f69)
2018-12-18 09:50:20 +01:00
Jo-Philipp Wich
f8750b1a43 build: prereq-build.mk: fix gcc/g++ SetupHostCommand invocation
A missing comma caused the first command option to be considered part of
the error message.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from a6f4c7bce8)
2018-12-18 09:50:02 +01:00
Felix Fietkau
e5c46a112b hostapd: remove unused struct hostapd_ubus_iface
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from f0ac9afe69)
2018-12-18 09:49:40 +01:00
Luiz Angelo Daros de Luca
aa3e4d56c6 base-files: fix wrong sysctl parameter order
Restarting service sysctl echos multiple errors like:

  sysctl: -e: No such file or directory

After the first filename, all remaining arguments are treated
as files.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(backported from 4c42887286)
2018-12-18 09:49:06 +01:00
Mathias Kresin
4e4d124b27 hostapd: fix conflicts hell
Add each variant to the matching PROVIDERS variables after evaluating
the respective hostapd*, wpad* and wpa* variant.

Each package providing the same feature will automatically conflict with
all prior packages providing the same feature.

This way we can handle the conflicts automatically without introducing
recursive dependencies.

Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 3838b16943)
2018-12-18 09:48:11 +01:00
Mathias Kresin
775473cf8d hostapd: cleanup package definition
Move common variables and/or values to the package (variant) default.
Add additional values in variant packages if necessary. Remove further
duplicates by introducing new templates.

Remove the ANY_[HOSTAPD|SUPPLICANT_PROVIDERS]_PROVIDERS. The are the
same as the variables without the any prefix. No need to maintain both
variables.

Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 8af8ceb1c8)
2018-12-18 09:48:11 +01:00
Jo-Philipp Wich
0282d04a85 openvpn: increase procd termination timeout to 15s
Increase the termination timeout to 15s to let OpenVPN properly tear down
its connections, especially when weak links or complex down scripts are
involved.

Fixes FS#859.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from 28d3a1b54b)
2018-12-18 09:47:39 +01:00
Peter Wagner
fa112bc46a librpc: add host build to install h files needed for nfs-kernel-server to get compiled
Signed-off-by: Peter Wagner <tripolar@gmx.at>
(backported from d8d2133c35)
2018-12-18 09:47:29 +01:00
李国
6d5a6c5c9b verbose.mk: quote SUBMAKE options
build openwrt on centos 6 I should use devtoolset-3 to get gcc 4.9, but
it fail when make menuconfig. so I have to give option HOSTCC='gcc
-Wl,--copy-dt-needed-entries' to make. But it passed to sub make to
HOSTCC=gcc as micro SUBMAKE expand to HOSTCC=gcc
-Wl,--copy-dt-needed-entries. This patch fix this issue.

make -C build menuconfig HOSTCC='gcc -Wl,--copy-dt-needed-entries' V='1'
make: Entering directory `/work/openwrt/openwrt/build'
/opt/rh/devtoolset-3/root/usr/libexec/gcc/x86_64-redhat-linux/4.9.2/ld:
lxdialog/checklist.o: undefined reference to symbol 'acs_map'
//lib64/libtinfo.so.5: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
make[1]: *** [mconf] Error 1
make -s -C scripts/config all CC=gcc -Wl,--copy-dt-needed-entries: build
failed. Please re-run make with -j1 V=s to see what's going on
make: *** [scripts/config/mconf] Error 1
make: Leaving directory `/work/openwrt/openwrt/build'

Signed-off-by: 李国 <uxgood.org@gmail.com>
(backported from 671999157d)
2018-12-18 09:46:22 +01:00
Felix Fietkau
e68e498ff3 kernel: replace bridge port isolate hack with upstream patch backport on 4.14
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from 21ee8ce9b5)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:45:59 +01:00
Felix Fietkau
b06665b205 kernel: adjust bridge port isolate patch to match upstream attribute naming
Newer kernels have a patch that implements compatible functionality
directly. Adjust the attribute of our own patch in preparation for
dropping it later

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from 41a1c1af4b)
2018-12-18 09:45:59 +01:00
Hannu Nyman
0291b76af9 tools/ccache: update to 3.4.2
update version and refresh patch

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(backported from 7ec931b7f0)
2018-12-18 09:44:05 +01:00
Hannu Nyman
bc6c4fcd2d tools/cmake: update to 3.11.4
Update cmake and refresh patches.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(backported from 55fa8068c4)
2018-12-18 09:44:04 +01:00
Yousong Zhou
24bf0c63dc fixup-makefile.pl: fixup when PKG_SOURCE is defined elsewhere
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(backported from eb6759cc78)
2018-12-18 09:44:04 +01:00
Kevin Darbyshire-Bryant
becdd2b28e build: ASLR hardening use $(FPIC)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from 89b59994eb)
2018-12-18 09:44:04 +01:00
Kevin Darbyshire-Bryant
f5e33b9839 toolchain: gdb: enable TUI
The GDB Text User Interface (TUI) is a terminal interface
which uses the curses library to show the source file,
the assembly output, the program registers and GDB
commands in separate text windows.

In other words it's a friendlier interface for idiots like me!

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from 900d86766b)
2018-12-18 09:44:04 +01:00
Hans Dedecker
3341376e0b ebtables: update to latest git 2018-06-27
48cff25 build: drop install -o/-g root
53d7e7a extensions: ebt_string: take action if snprintf discards data

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from afac2a2dd6)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:44:03 +01:00
Lev
b1c42ef115 ramips: fix wizfi630a swapped lan/wan port
The order of the Ethernet ports were mixed up.
This commit fixes the order to be aligned with the physical layout.

Signed-off-by: Lev <leventelist@gmail.com>
(backported from 3d6f57f3c6)
2018-12-18 09:44:03 +01:00
Rosen Penev
3e3b286fa1 usbutils: Switch to Fedora usbutils
The Gentoo GitHub mirror went down. One benefit of Fedora's usb.ids file
is that it's versioned.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported from f23271f3b4)
2018-12-18 09:44:03 +01:00
Rosen Penev
66353bdf5a samba36: Disable external libtdb and libtevent
This was causing issues recently as samba36 is not API compatible with the
libtdb in the packages repo. It shouldn't be using it anyway. Nor tevent.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported from 1f2612a4dd)
2018-12-18 09:44:02 +01:00
Alexander Couzens
e89126d5d2 swconfig: swlib_map_settings(): change return type to void
The return value of the function isn't used anywhere.
Fixes missing return value, CID 1329717.

Found-by: Coverity
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(backported from b06c447c5f)
2018-12-18 09:44:02 +01:00
Alexander Couzens
c388a92d61 swconfig: fix un-initialized return value
Fix CID 1330844

Found-by: Coverity
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(backported from e37ad4e5ca)
2018-12-18 09:44:02 +01:00
Jo-Philipp Wich
3b9bfe8328 build: include package directory in sha256sums when running on buildbot
In order to be able to better compare files to sync in the future, include
all BIN_DIR subdirectories in the checksum calculation.

To not break existing applications, restrict the recursive checksumming to
CONFIG_BUILDBOT for now.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from 681e825f8f)
2018-12-18 09:44:01 +01:00
Mathias Kresin
ef7a6a4d72 base-files: add menuconfig option for HOME_URL
Add a menuconfig option to set the HOME_URL exposed in
/usr/lib/os-release independent from the
LEDE_DEVICE_MANUFACTURER_URL.

Fixes: FS#1123

Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 52a9edb1bf)
2018-12-18 09:44:01 +01:00
Alin Nastac
7408cdaa31 netfilter: add bpf match support
Add xt_bpf modules to {kmod-ipt,iptables-mod}-filter.

Match using Linux Socket Filter. Expects a BPF program in decimal
format. This is the format generated by the nfbpf_compile utility.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
(backported from ab07ae2f27)
2018-12-18 09:44:01 +01:00
Yousong Zhou
9f8f5d4d14 dropbear: let opkg manage symlinks of ssh, scp
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(backported from c4aadbdaf6)
2018-12-18 09:44:00 +01:00
Hans Dedecker
32b18f6e21 busybox: udhcpc: replace udhcpc_no_msg_dontroute patch by upstream fix
Replace 204-udhcpc_no_msg_dontroute patch by the upstream busybox fix
which removes the code which requires the server ID to be on local
network

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from c6e50075f2)
2018-12-18 09:44:00 +01:00
Magnus Kroken
fe19336987 busybox: update to 1.28.4
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(backported from ccc728a0e2)
2018-12-18 09:44:00 +01:00
Rosy Song
6d59535b6a nftables: bump to version 0.9.0
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from 1ee98fdef3)
2018-12-18 09:44:00 +01:00
Rosy Song
cd116c6d5c libnftnl: bump to version 1.1.1
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from 9d6a0352e7)
2018-12-18 09:43:59 +01:00
Rafał Miłecki
21bcc90b10 base-files: exit if mtd write command fails during sysupgrade
It avoids confusing situations like:
> Could not get image magic
> Image check failed.
> Upgrade completed
> Rebooting system...

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(backported from 5b2e20807d)
2018-12-18 09:43:59 +01:00
Mathias Kresin
b81774cff8 ramips: mt7621: fix mtu setting with kernel 4.14
Since kernel 4.10 commit 61e84623ace3 ("net: centralize net_device
min/max MTU checking"), the range of mtu is [min_mtu, max_mtu], which
is [68, 1500] by default.

It's necessary to set a max_mtu if a mtu > 1500 is supported.

Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 5da2c68d00)
2018-12-18 09:43:59 +01:00
Felix Fietkau
3a507b2f9b kernel: avoid flow offload for connections with xfrm on the dst entry (should fix IPSec)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from b560c1748a)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:43:59 +01:00
Denton Gentry
1e0db693df hostapd: make cli treat UNKNOWN COMMAND as failing
Avoid infinite loop at 100% CPU when running hostapd_cli
if CONFIG_CTRL_IFACE_MIB is not defined.

  _newselect(4, [3], NULL, NULL, ...)
  recvfrom(3, "UNKNOWN COMMAND\n", 4095, 0, NULL, NULL) = 16
  sendto(3, "STA-NEXT UNKNOWN COMMAND", 24, 0, NULL, 0) = 24

Signed-off-by: Denton Gentry <denny@geekhold.com>
(backported from a84962ea35)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:43:58 +01:00
Daniel Golle
cc7fa7fcec ramips: fix reboot with W25Q256 with 4-address-mode enabled
Some board vendors actually changed the loader to expect the chip
to come up in 4-address-mode and flipped the ADP bit in the flash
chip's configuration register which makes it come up in 4-address-mode.
Hence it doesn't make sense to avoid switching to 4-address-mode on
those boards but the opposite as otherwise reboot hangs eg. on the
WrtNode2 boards. Fix this by checking the ADP register and only using
SPI_NOR_4B_READ_OP on chips which have ADP==0 (come up in 3-byte mode).

See also datasheet section 7.1.11 Power Up Address Mode (ADP)

Fixes: 22d982ea0 ("ramips: add support for switching between 3-byte and 4-byte addressing on w25q256 flash")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 8796680277)
2018-12-18 09:43:58 +01:00
Hans Dedecker
a6b561dd01 ebtables: update to latest git 2018-06-06
5699354 extensions: fix build failure on fc28
e6359ee build: update ebtables.h from kernel and drop local unused copy

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from 1bbe813db0)
2018-12-18 09:43:58 +01:00
Ted Hess
2b51cac21a scripts: Replace obsolete POSIX tmpnam in slugimage.pl with File::Temp function
Signed-off-by: Ted Hess <thess@kitschensync.net>
(backported from 7590c3c58f)
2018-12-18 09:43:57 +01:00
Ivan Shapovalov
fc0907bc25 netifd: drop conflicting 'device' interface property
Do not set device runtime property on interfaces in the hotplug handler
and in fixup_interfaces(). This property conflicts with device option
in several proto handlers (mainly QMI and other WWAN/3G protos) and does
not seem to be used anywhere.

Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(backported from 91b5b2e20d)
2018-12-18 09:43:57 +01:00
Kevin Darbyshire-Bryant
b7beb89b58 nettle: bump to 3.4
3.4 is mainly a bug fix/maintenance release.

3KB increase in ipk lib size on mips.

Compile tested for: ar71xx, ramips
Run tested on: ar71xx Archer C7 v2, ramips mir3g

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from 1ee5051f20)
2018-12-18 09:43:57 +01:00
Yousong Zhou
3e02d19655 ca-certificates: ca-bundle: add symlink for openssl default setting
OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem.  This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation

Fixes openwrt/packages#6152

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(backported from 191078e83d)
2018-12-18 09:43:56 +01:00
Rosen Penev
60b29c9c17 curl: Add ca-bundle dependency
While building, curl complains that the path specified is missing.
Also, without ca-bundle, something like 'curl https://www.google.com'
does not work due to a certificate verify error.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported from 7a20c7a05d)
2018-12-18 09:11:40 +01:00
Rosen Penev
0d3bdf7b59 curl: Use ca-bundle for all TLS libraries.
It simplifies the Makefile a bit. In addition, using ca-bundle
saves some space as well.

It also fixes an issue with at least transmission, which has a dependency
on ca-bundle, but currently libcurl with OpenSSL or GnuTLS cause it not
to work.

This has been tested on mt7621 with OpenSSL and GnuTLS just by running
'curl https://www.google.com' and seeing if there's a verify error.
The rest are already using ca-bundle and therefore work fine.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from f97946c496)
2018-12-18 09:11:40 +01:00
Rosen Penev
31f935edaf ath10k-firmware: Fix QCA6174 support
Currently when installing the firmware, a bunch of files and directories
that the ath10k driver does not look for are created.

The package now installs firmware for both hw 2.1 and 3.0 devices.
2.1 is abandonware but may be useful to keep.

3.0 firmware was tested on a Killer 1535 to be relatively stable with
802.11w disabled. 802.11w causes multiple firmware crashes but that's true
of other ath10k firmwares as well.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported and squashed from
 27eab4fa57,
 d0fbe1956b,
 e191c7ee79)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:11:03 +01:00
Daniel Golle
5826efd18c hostapd: properly build hostapd-only SSL variants
Make sure hostapd-openssl is actually build against OpenSSL, same
for wolfSSL.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 987900f2de)
2018-12-18 09:06:02 +01:00