Commit Graph

42027 Commits

Author SHA1 Message Date
Hans Dedecker
b1cc8c8ef2 netifd: update to latest git HEAD
4b83102 treewide: switch to C-code style comments
70506bf treewide: make some functions static
d9872db interface: fix removal of dynamic interfaces
2f7ef7d interface: rework code to get rid of interface_set_dynamic

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from 8e409f476b)
2018-12-18 17:22:04 +01:00
Hans Dedecker
0ca423d595 netifd: update to latest git HEAD
841b5d1 system-linux: enable by default ignore encaplimit for grev6 tunnels
125cbee system-linux: fix a typo in gre tunnel data parsing logic

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from db6f9d5598)
2018-12-18 17:22:04 +01:00
Felix Fietkau
46fa2453fd hostapd: expose device taxonomy signature via ubus
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from 7d8681ccb9)
2018-12-18 17:22:04 +01:00
Felix Fietkau
c1a856b18b hostapd: add support for client taxonomy in the full config
This can be used to fingerprint clients to try to identify the exact
model

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from 23c1827e34)
2018-12-18 17:22:04 +01:00
Jo-Philipp Wich
8bf1a35eda hostapd: fix MAC filter related log spam
Backport two upstream fixes to address overly verbose logging of MAC ACL
rejection messages.

Fixes: FS#1468
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from 3e633bb370)
2018-12-18 17:22:04 +01:00
Felix Fietkau
0439280c2f kernel: support gcc-optimized inlining on all architectures
Optimized inlining was disabled by default when gcc 4 was still
relatively new. By now, all gcc versions handle this well and there
seems to be no real reason to keep it x86-only.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from 1e8882585c)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 17:22:04 +01:00
Hauke Mehrtens
a29fe94e8c kernel: Add missing config option for NFSDv4
This configuration option is not set when building the
layerscape/armv8_64b target.

Fixes: 92aa21497b ("kernel: build support for NFSv4 in nfsd")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from 99e1a12fd0)
2018-12-18 17:22:04 +01:00
W. Michael Petullo
c1e53d2c82 kernel: build support for NFSv4 in nfsd
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(backported from 92aa21497b)
2018-12-18 17:22:04 +01:00
Hauke Mehrtens
1a3c129967 kernel: add missing dependency to regmap to kmod-gpio-mcp23s08
This fixes a build problem recently introduced.

Fixes: a904003b9b ("kernel: fix kmod-gpio-mcp23s08 for linux 4.14")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from e882e63f1e)
2018-12-18 17:22:03 +01:00
Petr Štetiar
9885d3aec1 build: Introduce building of artifacts
We currently could (ab)use IMAGES for this task, but the downside is,
that the filenames has filesystem tied to the filename, which might be
confusing as the artifact itself don't has to be used with that specific
filesystem. Another downside is, that the artifacts built with IMAGES
target are build for every FILESYSTEMS filesystem.

Consider following use case:

 define Device/apalis
   ...
   FILESYSTEMS := ext4 squashfs
   IMAGES := spl-uboot.bin recovery.scr
   IMAGE/spl-uboot.bin := append-uboot-spl | pad-to 68k | append-uboot
   IMAGE/recovery.scr := recovery-scr
 endef

Where we would get target binaries with following filenames:

 openwrt-imx6-apalis-squashfs.recovery.scr
 openwrt-imx6-apalis-squashfs.spl-uboot.bin
 openwrt-imx6-apalis-ext4.recovery.scr
 openwrt-imx6-apalis-ext4.spl-uboot.bin

With proposed patch, we could now just do:

 define Device/apalis
   ...
   ARTIFACTS := spl-uboot.bin recovery.scr
   ARTIFACT/spl-uboot.bin := append-uboot-spl | pad-to 68k | append-uboot
   ARTIFACT/recovery.scr := recovery-scr
 endef

Which would produce target binaries with following filenames:

 openwrt-imx6-apalis-recovery.scr
 openwrt-imx6-apalis-spl-uboot.bin

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from 493c9a3551)
2018-12-18 17:22:03 +01:00
Thorsten Glaser
16f4057188 build: fix libressl build on x32 (amd64ilp32) host
disable use of assembly code since x32 gets misdetected as amd64

Signed-off-by: Thorsten Glaser <tg@mirbsd.org>
(backported from a395563f68)
2018-12-18 17:22:03 +01:00
Christian Lamparter
8b07cd6000 build: remove obsolete -rc kernel testing rewrites
The -rcX "testing" kernels are no longer hosted on
cdn.kernel.org file servers directly in a "testing"
directory. Therefore the logic that tested for "-rc"
can be removed.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(backported from 92bcd08989)
2018-12-18 17:22:03 +01:00
Felix Fietkau
868a4cf69f build: insert blank line after KernelPackage template to allow chaining calls to it
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from b7855230a3)
2018-12-18 17:22:03 +01:00
Felix Fietkau
ca05fd5ebf build: fix kernel headers install for uml
The kernel headers makefile needs to override LINUX_KARCH

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from c3a0102195)
2018-12-18 17:22:03 +01:00
Koen Vandeputte
2f11a9ed68 cns3xxx: fix writing to wrong PCI registers
Originally, cns3xxx used it's own functions for mapping, reading and writing registers.

Upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
removed the internal PCI config write function in favor of the generic one:

cns3xxx_pci_write_config() --> pci_generic_config_write()

cns3xxx_pci_write_config() expected aligned addresses, being produced by cns3xxx_pci_map_bus()
while the generic one pci_generic_config_write() actually expects the real address
as both the function and hardware are capable of byte-aligned writes.

This currently leads to pci_generic_config_write() writing
to the wrong registers on some ocasions.

First issue seen due to this:

- driver ath9k gets loaded
- The driver wants to write value 0xA8 to register PCI_LATENCY_TIMER, located at 0x0D
- cns3xxx_pci_map_bus() aligns the address to 0x0C
- pci_generic_config_write() effectively writes 0xA8 into register 0x0C (CACHE_LINE_SIZE)

This seems to cause some slight instability when certain PCI devices are used.

Another issue example caused by this this is the PCI bus numbering,
where the primary bus is higher than the secondary, which is impossible.

Before:

00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
    Flags: bus master, fast devsel, latency 0, IRQ 255
    Bus: primary=02, secondary=01, subordinate=ff, sec-latency=0

After fix:

00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
    Flags: bus master, fast devsel, latency 0, IRQ 255
    Bus: primary=00, secondary=01, subordinate=02, sec-latency=0

And very likely some more ..

Fix all by omitting the alignment being done in the mapping function.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-18 15:12:06 +01:00
Koen Vandeputte
7b0e1d28e8 kernel: bump 4.14 to 4.14.89
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-18 15:12:06 +01:00
Koen Vandeputte
386a57dc59 kernel: bump 4.9 to 4.9.146
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-18 15:12:06 +01:00
Hauke Mehrtens
217219ee1d kernel: Activate VDSO on MIPS again
The cache coloring problem on MIPS CPUs was fixed with kernel 4.9.129 of
the kernel 4.9 branch. Activate VDSO support for MIPS again.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from 91a71804f8)
2018-12-18 11:28:15 +01:00
Kevin Darbyshire-Bryant
fbce302088 wireguard: bump to 0.0.20180925
33523a5 version: bump snapshot
0759480 curve25519-hacl64: reduce stack usage under KASAN
b9ab0fc chacha20: add bounds checking to selftests
2e99d19 chacha20-mips32r2: reduce stack and branches in loop, refactor jumptable handling
d6ac367 qemu: bump musl
28d8b7e crypto: make constant naming scheme consistent
56c4ea9 hchacha20: keep in native endian in words
0c3c0bc chacha20-arm: remove unused preambles
3dcd246 chacha20-arm: updated scalar code from Andy
6b9d5ca poly1305-mips64: remove useless preprocessor error
3ff3990 crypto-arm: rework KERNEL_MODE_NEON handling again
dd2f91e crypto: flatten out makefile
67a3cfb curve25519-fiat32: work around m68k compiler stack frame bug
9aa2943 allowedips: work around kasan stack frame bug in selftest
317b318 chacha20-arm: use new scalar implementation
b715e3b crypto-arm: rework KERNEL_MODE_NEON handling
77b07d9 global: reduce stack frame size
ddc2bd6 chacha20: add chunked selftest and test sliding alignments and hchacha20
2eead02 chacha20-mips32r2: reduce jumptable entry size and stack usage
a0ac620 chacha20-mips32r2: use simpler calling convention
09247c0 chacha20-arm: go with Ard's version to optimize for Cortex-A7
a329e0a chacha20-mips32r2: remove reorder directives
3b22533 chacha20-mips32r2: fix typo to allow reorder again
d4ac6bb poly1305-mips32r2: remove all reorder directives
197a30c global: put SPDX identifier on its own line
305806d ratelimiter: disable selftest with KASAN
4e06236 crypto: do not waste space on selftest items
5e0fd08 netlink: reverse my christmas trees
a61ea8b crypto: explicitly dual license
b161aff poly1305: account for simd being toggled off midway
470a0c5 allowedips: change from BUG_ON to WARN_ON
aa9e090 chacha20: prefer crypto_xor_cpy to avoid memmove
1b0adf5 poly1305: no need to trick gcc 8.1
a849803 blake2s: simplify final function
073f3d1 poly1305: better module description

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from 37961f12ba)
2018-12-18 11:28:15 +01:00
Jason A. Donenfeld
113dadc6dd wireguard: bump to 0.0.20180918
* blake2s-x86_64: fix whitespace errors
* crypto: do not use compound literals in selftests
* crypto: make sure UML is properly disabled
* kconfig: make NEON depend on CPU_V7
* poly1305: rename finish to final
* chacha20: add constant for words in block
* curve25519-x86_64: remove useless define
* poly1305: precompute 5*r in init instead of blocks
* chacha20-arm: swap scalar and neon functions
* simd: add __must_check annotation
* poly1305: do not require simd context for arch
* chacha20-x86_64: cascade down implementations
* crypto: pass simd by reference
* chacha20-x86_64: don't activate simd for small blocks
* poly1305-x86_64: don't activate simd for small blocks
* crypto: do not use -include trick
* crypto: turn Zinc into individual modules
* chacha20poly1305: relax simd between sg chunks
* chacha20-x86_64: more limited cascade
* crypto: allow for disabling simd in zinc modules
* poly1305-x86_64: show full struct for state
* chacha20-x86_64: use correct cut off for avx512-vl
* curve25519-arm: only compile if symbols will be used
* chacha20poly1305: add __init to selftest helper functions
* chacha20: add independent self test

Tons of improvements all around the board to our cryptography library,
including some performance boosts with how we handle SIMD for small packets.

* send/receive: reduce number of sg entries

This quells a powerpc stack usage warning.

* global: remove non-essential inline annotations

We now allow the compiler to determine whether or not to inline certain
functions, while still manually choosing so for a few performance-critical
sections.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
(backported from f07a94da50)
2018-12-18 11:28:15 +01:00
Jason A. Donenfeld
9f9f8db138 wireguard: bump to 0.0.20180910
* curve25519: arm: do not modify sp directly
* compat: support neon.h on old kernels
* compat: arch-namespace certain includes
* compat: move simd.h from crypto to compat since it's going upstream

This fixes a decent amount of compat breakage and thumb2-mode breakage
introduced by our move to Zinc.

* crypto: use CRYPTOGAMS license

Rather than using code from OpenSSL, use code directly from AndyP.

* poly1305: rewrite self tests from scratch
* poly1305: switch to donna

This makes our C Poly1305 implementation a bit more intensely tested and also
faster, especially on 64-bit systems. It also sets the stage for moving to a
HACL* implementation when that's ready.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
(backported from a54f492d0c)
2018-12-18 11:28:14 +01:00
Jason A. Donenfeld
686f707293 wireguard: bump to 0.0.20180904
* Kconfig: use new-style help marker
* global: run through clang-format
* uapi: reformat
* global: satisfy check_patch.pl errors
* global: prefer sizeof(*pointer) when possible
* global: always find OOM unlikely

Tons of style cleanups.

* crypto: use unaligned helpers

We now avoid unaligned accesses for generic users of the crypto API.

* crypto: import zinc

More style cleanups and a rearrangement of the crypto routines to fit how this
is going to work upstream. This required some fairly big changes to our build
system, so there may be some build errors we'll have to address in subsequent
snapshots.

* compat: rng_is_initialized made it into 4.19

We therefore don't need it in the compat layer anymore.

* curve25519-hacl64: use formally verified C for comparisons

The previous code had been proved in Z3, but this new code from upstream
KreMLin is directly generated from the F*, which is preferable. The
assembly generated is identical.

* curve25519-x86_64: let the compiler decide when/how to load constants

Small performance boost.

* curve25519-arm: reformat
* curve25519-arm: cleanups from lkml
* curve25519-arm: add spaces after commas
* curve25519-arm: use ordinary prolog and epilogue
* curve25519-arm: do not waste 32 bytes of stack
* curve25519-arm: prefix immediates with #

This incorporates ASM nits from upstream review.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
(backported from 4ccbe7de6c)
2018-12-18 11:28:14 +01:00
Jason A. Donenfeld
b920285883 wireguard: bump to 0.0.20180809
* send: switch handshake stamp to an atomic

Rather than abusing the handshake lock, we're much better off just using
a boring atomic64 for this. It's simpler and performs better. Also, while
we're at it, we set the handshake stamp both before and after the
calculations, in case the calculations block for a really long time waiting
for the RNG to initialize.

* compat: better atomic acquire/release backport

This should fix compilation and correctness on several platforms.

* crypto: move simd context to specific type

This was a suggestion from Andy Lutomirski on LKML.

* chacha20poly1305: selftest: use arrays for test vectors

We no longer have lines so long that they're rejected by SMTP servers.

* qemu: add easy git harness

This makes it a bit easier to use our qemu harness for testing our mainline
integration tree.

* curve25519-x86_64: avoid use of r12

This causes problems with RAP and KERNEXEC for PaX, as r12 is a
reserved register.

* chacha20: use memmove in case buffers overlap

A small correctness fix that we never actually hit in WireGuard but is
important especially for moving this into a general purpose library.

* curve25519-hacl64: simplify u64_eq_mask
* curve25519-hacl64: correct u64_gte_mask

Two bitmath fixes from Samuel, which come complete with a z3 script proving
their correctness.

* timers: include header in right file

This fixes compilation in some environments.

* netlink: don't start over iteration on multipart non-first allowedips

Matt Layher found a bug where a netlink dump of peers would never terminate in
some circumstances, causing wg(8) to keep trying forever. We now have a fix as
well as a unit test to mitigate this, and we'll be looking to create a fuzzer
out of Matt's nice library.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
(backported from 42dc0e2594)
2018-12-18 11:28:14 +01:00
Jason A. Donenfeld
4e165fbc29 wireguard: bump to 0.0.20180802
Changelog taken from the version announcement

> == Changes ==
>
>   * chacha20poly1305: selftest: split up test vector constants
>
>   The test vectors are encoded as long strings -- really long strings -- and
>   apparently RFC821 doesn't like lines longer than 998.
>   https://cr.yp.to/smtp/message.html
>
>   * queueing: keep reference to peer after setting atomic state bit
>
>   This fixes a regression introduced when preparing the LKML submission.
>
>   * allowedips: prevent double read in kref
>   * allowedips: avoid window of disappeared peer
>   * hashtables: document immediate zeroing semantics
>   * peer: ensure resources are freed when creation fails
>   * queueing: document double-adding and reference conditions
>   * queueing: ensure strictly ordered loads and stores
>   * cookie: returned keypair might disappear if rcu lock not held
>   * noise: free peer references on failure
>   * peer: ensure destruction doesn't race
>
>   Various fixes, as well as lots of code comment documentation, for a
>   small variety of the less obvious aspects of object lifecycles,
>   focused on correctness.
>
>   * allowedips: free root inside of RCU callback
>   * allowedips: use different macro names so as to avoid confusion
>
>   These incorporate two suggestions from LKML.
>
> This snapshot contains commits from: Jason A. Donenfeld and Jann Horn.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(backported from 68e2ebe64a)
2018-12-18 11:28:14 +01:00
Rosy Song
b3cc304e45 iptables: fix dependency for libip6tc on IPV6
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from 2dc1f54b12)
2018-12-18 11:28:14 +01:00
Rosy Song
468a4b5b62 netifd: do not validate relevant section when ipv6 is not supported
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from a6add47869)
2018-12-18 11:28:14 +01:00
Florian Eckert
0ccf009b62 base-files: add network_get_metric() to /lib/functions/network.sh
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(backported from 61a5994900)
2018-12-18 11:28:14 +01:00
Andy Walsh
d5b045b52b ncurses: use default host install
* just use default host/install, so libs/headers get properly generated/installed

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(backported from e0196152eb)
2018-12-18 11:28:14 +01:00
Andy Walsh
38e99cb379 gettext-full: host compile with -fpic
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(backported from 2bbc9376c6)
2018-12-18 11:28:14 +01:00
David Yang
9a01ff5c03 dante: disable sched_getscheduler() - not implemented in musl
musl doesn't come with an valid implementation of `sched_getscheduler()`;
it simply returns -ENOSYS for it. Without this option (and compile dante
with `sched_getscheduler()` enabled), you will get

    error: serverinit(): sched_getscheduler(2): failed to retrieve current
    cpuscheduling policy: Function not implemented

and dante won't start at all.

Ref: http://lists.alpinelinux.org/alpine-devel/3932.html
Ref: http://lists.alpinelinux.org/alpine-devel/3936.html
Signed-off-by: David Yang <mmyangfl@gmail.com>
[slightly reword commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from aaf46a8fe2)
2018-12-18 11:28:14 +01:00
Kevin Darbyshire-Bryant
991e43c894 kernel: re-enable MIPS VDSO
kernel upstream commit 9efcaa7c4afba5628f2650a76f69c798f47eeb18 to 4.14
itself a backport of 0f02cfbc3d9e413d450d8d0fd660077c23f67eff has
resolved the cache line issues that led to us disabling VDSO by default
on MIPS.

Remove our force disable patch:

pending-4.14/206-mips-disable-vdso.patch

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from 8ee7a80d19)
2018-12-18 11:28:14 +01:00
Tony Ambardar
85c77301d4 base-files: fix postinstall uci-defaults removal
Commit 7f694582 introduced a bug where default_postinst() often fails to
remove a uci-defaults script after application, leaving it to run again
after a reboot.
(Note: commit 7f694582 also introduced FS#1021, now fixed by 73c745f6)

The subtle problem arises from the shell logical chain:
[ -f "$i" ] && . "$i" && rm -f "$i"

Most uci-defaults scripts contain a terminal 'exit 0' statement which,
when sourced, results in the logic chain exiting before executing 'rm -f'.
This was observed while testing upgrades of 'luci-app-sqm'.

The solution is to wrap the shell sourcing in a subshell relative to the
command 'rm -f':
( [ -f "$i" ] && . "$i" ) && rm -f "$i"

Revert to using 'grep' to prefilter the list of entries from the control
file, which yields the full path of uci-defaults scripts. This allows
keeping the existence check, directory change and script sourcing inside
the subshell, with the script removal correctly outside.

This approach avoids adding a second subshell only around the "." (source)
command. The change also preserves the fix FS#1021, since the full path is
used to source the script, which is POSIX-portable irrespective of PATH
variable or reference to the CWD.

Run Tested on: LEDE 17.01.4 running ar71xx, while tracing installation of
package luci-app-sqm with its associated /etc/uci-defaults/luci-sqm file.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(backported from 4097ab6a97)
2018-12-18 11:28:14 +01:00
Konstantin Demin
6bcafab581 rules.mk: add ESED command
ESED is SED with extended regular expressions turned on.
Command line and usage are the same as for SED.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(backported from d3b43f49ac)
2018-12-18 11:28:13 +01:00
Jo-Philipp Wich
a3446cb0d2 lldpd: inhibit linking of libbsd on !GLIBC
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from 4f277eb640)
2018-12-18 11:28:13 +01:00
Hauke Mehrtens
63b867aded kernel: fix build of nftables
Backport an additional patch from 4.16 for nftables.
This fixes a build problem recently introduced.

Fixes: f57806b56e ("kernel: generic: Fix nftables inet table breakage")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from efffba3409)
2018-12-18 11:28:13 +01:00
Brett Mastbergen
69d6da1de6 kernel: generic: Fix nftables inet table breakage
Commit b7265c59ab ("kernel: backport a series of netfilter cleanup
patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use-
multihook-infrast.patch.  That patch switches the netfilter core in the
kernel to use the new native NFPROTO_INET support.  Unfortunately, the
new native NFPROTO_INET support does not exist in 4.14 and was not
backported along with this patchset.  As such, nftables inet tables never
see any traffic.

As an example the following nft counter rule should increment for every
packet coming into the box, but never will:

nft add table inet foo
nft add chain inet foo bar { type filter hook input priority 0\; }
nft add rule inet foo bar counter

This commit pulls in the required backport patches to add the new
native NFPROTO_INET support, and thus restore nftables inet table
functionality.

Tested on Turris Omnia (mvebu)

Fixes: b7265c59ab ("kernel: backport a series of netfilter cleanup ...")
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
(backported from f57806b56e)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 11:28:13 +01:00
Jonathan Lancett
bbc0c4d9cb mwlwifi: driver version to 10.3.8.0-20180920
Signed-off-by: Jonathan Lancett <j.lancett@ntlworld.com>
[minor tweak to commit title]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from 95b3f8ec8d)
2018-12-18 11:28:13 +01:00
Hans Dedecker
6f50d5ccf3 map: drop default encaplimit value
Setting encaplimit to a numerical value results into the value being
included as tunnel encapsulation limit in the destination option header
for tunneled packets.
Several users have reported interop issues as not all ISPs support the
destination option header containing the tunnel encapsulation limit
resulting into broken map connectivity.
Therefore drop the default encaplimit value for map tunnels so
no destination option header is included by default.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from d9691b66e2)
2018-12-18 11:28:13 +01:00
Hans Dedecker
f6eab3c3de ds-lite: drop default encaplimit value
Setting encaplimit to a numerical value results into the value being
included as tunnel encapsulation limit in the destination option header
for tunneled packets.
Several users have reported interop issues as not all ISPs support the
destination option header containing the tunnel encapsulation limit
resulting into broken ds-lite connectivity.
Therefore drop the default encaplimit value for ds-lite tunnels so
no destination option header is included by default.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from 1241707b40)
2018-12-18 11:28:13 +01:00
Rosy Song
d9f845f761 odhcpd: enable ipv6 server mode only when it is supported
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from 918ec4d549)
2018-12-18 11:28:13 +01:00
Marko Ratkaj
15a023a458 tools/expat: fix docbook2man error on some systems
On some systems (Gentoo) configure stage fails because of docbook2man
working with SGML rather than with XML. We don't need xmlwf man pages so
we disable this.

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
(backported from 6e80dd58bb)
2018-12-18 11:28:13 +01:00
Andy Walsh
4b5e062bd3 base-files: /etc/services: add missing 'rpcbind' alias
* add missing 'rpcbind' alias to /etc/services

Allows rpcbind to open its 111 port and be reachable via lan, this is the default behaviour.

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(backported from 4549ab46a8)
2018-12-18 11:28:13 +01:00
Rosen Penev
376e9294c7 usbutils: Update usb.ids to 0.315
Referencing the version instead of revision should fix uscan.

Tested on Turria Omnia.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported from a9aa25c8b6)
2018-12-18 11:28:13 +01:00
Rosen Penev
3dbdd404a8 hostapd: Fix compile with OpenSSL 1.1.0 + no deprecated APIs
Patch was accepted upsteam:

https://w1.fi/cgit/hostap/commit/?id=373c796948599a509bad71695b5b72eef003f661

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported from f78e07ad2a)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 11:28:13 +01:00
Yousong Zhou
fa3805f2b6 scripts/ipkg-build: quash error messages when conffiles.resolved is empty
When Package/xx/conffiles only contains directories that are empty at
package time, conffiles.resolved will be missing and the following
error messages will appear in the build log.

	/home/yousong/git-repo/openwrt/openwrt/scripts/ipkg-build -c -o 0 -g 0 /home/yousong/git-repo/openwrt/openwrt/build_dir/target-mips_24kc_musl/linux-malta_be/openvswitch-2.10.0/ipkg-mips_24kc/openvswitch-common /home/yousong/git-repo/openwrt/openwrt/bin/packages/mips_24kc/packages
	mv: cannot stat 'CONTROL/conffiles.resolved': No such file or directory
	chmod: cannot access 'CONTROL/conffiles': No such file or directory

It will not break the ipkg-build process.  The change is merely cosmetic
to not cause confusion when reading logs

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(backported from 9e58c20ec9)
2018-12-18 11:28:12 +01:00
Yousong Zhou
f5cf9b265f scripts/metadata.pm: avoid adding dup names in provides list
The need arises from building Open vSwitch kernel datapath modules, e.g.

 - kmod-openvswitch from Linux upstream
 - kmod-openvswitch-intree from openvswitch source code

where both provides virtual package "kmod-openvswitch" for userspace
packages to select and depend on

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(backported from 204081670b)
2018-12-18 11:28:12 +01:00
Stijn Tintel
0dbafc3a3a strace: fix build on aarch64
As of version 4.21, strace enforces mpers by default. The current
implementation of aarch64 compat in strace assumes it's identical to
ARMv7 EABI and therefore tries to enable m32 personality support. As
there is no -m32 support on aarch64, this causes the build to fail.

Restore previous strace behavior to fix build on aarch64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Karl Palsson <karlp@tweak.net.au>
(backported from 067e2f5f1d)
2018-12-18 11:28:12 +01:00
Hans Dedecker
8cac88af4b odhcpd: bump to git HEAD (detect broken hostnames)
881f66b odhcpd: detect broken hostnames
3e17fd9 config: fix odhcpd_attrs array size

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from ecc3165cbc)
2018-12-18 11:28:12 +01:00
Alexander Couzens
69f28f3a20 hostapd: fix build of wpa-supplicant-p2p
VARIANT:= got removed by accident.

Fixes: 3838b16943 ("hostapd: fix conflicts hell")
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(backported from 967d6460c0)
2018-12-18 11:28:12 +01:00
Felix Fietkau
42dafa0ac5 build: add support for enabling the rootfs/boot partition size option via target feature
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from 00f030a9c6)
2018-12-18 11:28:12 +01:00