Commit Graph

40006 Commits

Author SHA1 Message Date
Hauke Mehrtens
b3f95490b9 kernel: generic: Add kernel 4.14 support
This adds initial support for kernel 4.14 based on the patches for
kernel 4.9.

In the configuration I deactivated some of the new possible security
features like:
CONFIG_REFCOUNT_FULL
CONFIG_SLAB_FREELIST_HARDENED
CONFIG_SOFTLOCKUP_DETECTOR
CONFIG_WARN_ALL_UNSEEDED_RANDOM

And these overlay FS options are also deactivated:
CONFIG_OVERLAY_FS_INDEX
CONFIG_OVERLAY_FS_REDIRECT_DIR

I activated this:
CONFIG_FORTIFY_SOURCE
CONFIG_POSIX_TIMERS
CONFIG_SLAB_MERGE_DEFAULT
CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED

I am not sure if I did the porting correct for the following patches:
target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
target/linux/generic/hack-4.14/220-gc_sections.patch
target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
target/linux/generic/pending-4.14/305-mips_module_reloc.patch
target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:11:19 +01:00
Hauke Mehrtens
a362df6f25 x86: refresh configuration
Just refresh the kernel configuration, some options are removed because
they are now in the generic kernel configuration.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:11:05 +01:00
Hauke Mehrtens
0402c48cba kernel: generic: add some more 4.9 configure options
These are taken from the x86 target and should make support kernel 4.9
and 4.14 in the x86 target easier.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:10:48 +01:00
Hauke Mehrtens
c0160f01ae xtables-addons: update to version 2.14
This includes a compile fix needed for kernel 4.14.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:10:21 +01:00
Lucian Cristian
342d748eaf netdevices.mk: add Sun Neptune 10Gbit Ethernet
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2017-12-16 14:41:37 +01:00
Jo-Philipp Wich
ea5d9f5f72 kernel: tune e1000e module parameters
The default e1000e parameters (interrupt throttling rate, MSI/MSI-X
mode) are optimized for desktop and server computers to optimize
user-space execution (i.e. what's typically referred to as "useful"
work).  This assumption breaks on a router under load where most of
the "useful" work actually takes place either in hardware interrupt
handlers (IRQ) or at software IRQ (swirq) modes, so we try to reflect
that by overriding these parameters with more appropriate values.

Patch-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-12-16 14:41:37 +01:00
Philip Prindeville
f96085b35d x86: add on-chip thermal sensors and cpuid support
Cover temperature sensors for all mainstream 64-bit processors, including
AMD 10h and 15h families, Intel iCore, Xeon, Atom, and Via Nano.  Also
add CPUID support for user-space applications to detect CPU type.

Include the on-chip sensors for 64-bit CPU's in the generic profile
in case someone builds a 32-bit kernel to run on a Xeon SoC, etc.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-12-16 14:41:37 +01:00
Philip Prindeville
9868eba5a0 x86: refresh settings for 4.9.59
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-12-16 14:41:37 +01:00
Daniel Engberg
3be10e3a30 tools/expat: Update to 2.2.5
Update (lib)expat to 2.2.5

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-12-16 14:41:37 +01:00
Jonas Gorski
054c0d4e31 brcm63xx: backport mdio-bus reset gpio support
Backport the mdio-bus reset gpio support from 4.12 and use it instead
of toggling the reset ourself.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-16 12:57:06 +01:00
Jonas Gorski
49c3b1c455 brcm63xx: backport enet cleanup patches
Align with upstream version, mostly non-fixes and small clean ups.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-16 12:57:05 +01:00
Jonas Gorski
aba4e29ead brcm63xx: register serial through device tree
Register serial consoles through device tree instead of through board
data.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-16 12:57:05 +01:00
Jonas Gorski
a3384088a2 brcm63xx: add uart nodes
Now that we can register uarts through device-tree, add them to the dtsi
files.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-16 12:57:05 +01:00
Jonas Gorski
5c69047aaf brcm63xx: add clkdev lookup support
Add clockdev lookup support for easier providing of clocks for
devices.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-16 12:57:05 +01:00
Daniel Gonzalez Cabanelas
e12c72bb52 brcm63xx: Add Sercomm AD1018 support
Add support for the Sercomm AD1018 router

This a BCM6328 based board, 128 MB RAM, 128 MiB NAND flash,
with an onboard BCM43217 wifi, 4 ethernet ports and 1 USB
host port (not soldered). The board also has an FXS chip (Si32177)
connected via SPI (SS2#), without support in LEDE.

Since NAND flash chips aren't still supported in brcm63xx, the
support is for now added to work only with SPI flash chips. Therefore
hardware modding, soldering a new SPI flash chip, is required
to make the board work with LEDE (tested and working OK).
The flash at dts is intentionally left without partitioning to let
the user choose a NOR chip of any size (8, 16 or 32 MB).

Signed-off-by: Daniel Gonzalez Cabanelas <dgcbueu@gmail.com>
[jonas.gorski: renamed ad1018 to ad1018-nor to signify the modification]
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-16 12:57:05 +01:00
Sandeep Sheriker Mallikarjun
085967f774 at91: create sdcard image for sama5
create sdcard image using gen_at91_sdcard_img.sh for sama5 platform
and sdcard image partition layout is:
  P0: Boot (fat32) - contains(at91bootstrap,u-boot,zImage & dtb)
  p1: Rootfs (ext4)

Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
2017-12-16 00:02:14 +01:00
Gabor Juhos
665bb27499 ar71xx: fix invalid pointer dereference in rb95x_nand_scan_fixup()
Since Linux 4.6, mtd->priv no longer points to the NAND specific
structure. Under 4.9 it contains NULL, thus using it to access
chip->options causes an invalid pointer dereference (FS#1200).

Update the code to use the mtd_to_nand() helper under 4.9 to obtain
the address of the chip specific data.

Fixes: 7bbf4117c6 ("ar71xx: Add kernel 4.9 support")
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
2017-12-16 00:00:25 +01:00
Gabor Juhos
2ecc413107 ar71xx: fix invalid pointer dereference in c60_nand_scan_fixup()
Since Linux 4.6, mtd->priv no longer points to the NAND specific
structure. Under 4.9 it contains NULL, thus using it to access
the fields of the nand_chip structure causes an invalid pointer
dereference.

Update the code to use the mtd_to_nand() helper under 4.9 to obtain
the address of the chip specific data.

Compile tested only.

Fixes: 7bbf4117c6 ("ar71xx: Add kernel 4.9 support")
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
Tested-by: Christian Lamparter <chunkeey@gmail.com>
2017-12-15 23:57:41 +01:00
Gabor Juhos
c13b4ef2c8 kernel: fix compiler warning in mtdsplit_minor.c under 4.4
When mtdsplit_minor.c is compiled under Linux 4.4, the compiler
drops the following warning:

    CC      drivers/mtd/mtdsplit/mtdsplit_minor.o
  drivers/mtd/mtdsplit/mtdsplit_minor.c:106:14: warning: initialization from incompatible pointer type [-Wincompatible-pointer-types]
    .parse_fn = mtdsplit_parse_minor,
                ^
  drivers/mtd/mtdsplit/mtdsplit_minor.c:106:14: note: (near initialization for 'mtdsplit_minor_parser.parse_fn')

The second parameter of the parser function must not have a 'const'
qualifier in 4.4. The 001-mtdsplit_backport.patch removes the qualifier
from other partition parsers. Update it to handle mtdsplit_minor.c as
well.

Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
2017-12-15 23:57:09 +01:00
Kevin Darbyshire-Bryant
a9940ca2d7 iproute2: cake: support new operating modes
There has been recent significant activity with the cake qdisc of late
Some of that effort is related to upstreaming to kernel & iproute2
mainline but we're not quite there yet.  This commit teaches tc how to
activate and interprete the latest cake operating modes, namely:

ingress mode: Instead of only counting packets that make it past the
shaper, include packets we've decided to drop as well, since they did
arrive with us on the link and took link capacity.
This mode is more suitable for shaping the ingress of a link
(e.g. from ISP) rather than the more normal egress.

ack-filter/ack-filter-aggressive: Filter excessive TCP ACKS.  Useful in
highly assymetric links (downstream v upstream capacity) where the
majority of upstream link capacity is occupied with ACKS for downstream
traffic.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-15 23:54:51 +01:00
Kevin Darbyshire-Bryant
0589979f7b kmod-sched-cake: bump to latest bake of cake
There has been recent significant activity with the cake qdisc of late
but in the cobalt branch.  Some of that effort is related to upstreaming
to kernel & iproute2 mainline but we're not quite there yet.  Relevant
feature changes:

ingress mode: Instead of only counting packets that make it past the
shaper, include packets we've decided to drop as well, since they did
arrive with us on the link and took link capacity.
This mode is more suitable for shaping the ingress of a link
(e.g. from ISP) rather than the more normal egress.

ptm mode: Minor optimisation in packet overhead calculation.

dual-src/dsthost/triple-isolate: Optimise only calculating src or dst
host hashes only if required.

ack-filter/ack-filter-aggressive: Filter excessive TCP ACKS.  Useful in
highly assymetric links (downstream v upstream capacity) where the
majority of upstream link capacity is occupied with ACKS for downstream
traffic.

A separate iproute2 patch to teach it about Cake's new features will
follow.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-15 23:54:05 +01:00
kyson Lok
e776b6ed0b ar71xx: fix LED name typo for GL-AR300M
It shouldn't use double colon characters.

Signed-off-by: kyson Lok <kysonlok@gmail.com>
2017-12-15 23:50:21 +01:00
Hans Dedecker
7f029c3924 netifd: update to latest git HEAD
4268193 interface-ip: harden eui64 IPv6 prefix address generation
81ff6d1 interface-ip: fix race condition in IPv6 prefix address generation
d3a5df0 handler: replace is_error() helper with NULL check

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-12-15 17:44:50 +01:00
Hans Dedecker
5d6f2a2764 uhttpd: fix PKG_CONFIG_DEPENDS (FS#1189)
Remove PACKAGE_uhttpd_debug config as this is an unused leftover
Add CONFIG_uhttpd_lua to PKG_CONFIG_DEPENDS

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-12-15 17:44:42 +01:00
John Crispin
9f8d28285d Revert "ar71xx: TL-WR1043N v4/v5: add orange WAN LED support"
This reverts commit 256990cbc0.

this commit caused a compile error

"TL_WR1043_V5_GPIO_LED_WANORANGE" is undefined.

Signed-off-by: John Crispin <john@phrozen.org>
2017-12-14 11:00:11 +01:00
Rafał Miłecki
d2e96d55ab opkg: fix PKG_CONFIG_DEPENDS to include version.mk entries
Including version.mk sets PKG_CONFIG_DEPENDS to config entries used for
VERSION_SED command. We should keep these configs to make sure package
gets refreshed when needed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-12-14 09:39:40 +01:00
Jo-Philipp Wich
f4b9d9d6f1 base-files: allow skipping of hash verification
When calling a download target, hash verification is now completely
skipped if we set PKG_HASH=skip.

This allows to easily bump package version:

$ make package/<mypackage>/download PKG_HASH=skip V=s
$ make package/<mypackage>/check FIXUP=1 V=s

This will download the new version of the package, and then automatically
update PKG_HASH with the hash of the new version.  Of course, it is still
the responsibility of the packager to ensure that the new tarball is
legitimate, because it is downloaded from a possibly untrusted source.

Fixes: b30ba14e ("scripts/download.pl: fail loudly if provided hash is unsupported")
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: John Crispin <john@phrozen.org>
2017-12-14 09:29:31 +01:00
Tim Thorpe
256990cbc0 ar71xx: TL-WR1043N v4/v5: add orange WAN LED support
Add missing definitions for the orange WAN LED on the TL-WR1043N(D) v4 and
v5. Minor format correction on a constant for consistency.

Signed-off-by: Tim Thorpe <tim@tfthorpe.net>
2017-12-14 09:29:31 +01:00
Henryk Heisig
85c1644a86 ar71xx: generate BR region-code factory image for TP-Link TL-WR940N
Signed-off-by: Henryk Heisig <hyniu@o2.pl>
2017-12-14 09:29:30 +01:00
Henryk Heisig
3083cc6acf firmware-utils: mktplinkfw: add support for BR region code
Signed-off-by: Henryk Heisig <hyniu@o2.pl>
2017-12-14 09:29:30 +01:00
Lucian Cristian
1044723ec9 busybox: enable find -newer needed for shorewall firewall, no size increase on binary
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2017-12-14 09:29:30 +01:00
Sergey Ryazanov
1a51241cb1 firmware-utils: mktplinkfw: fix JFFS2 EOF markers
mktplinkfw/mktplinkfw2 utilities put JFFS2 EOF market only at 64KB
boundary, this could lead to current device configuration lost during
the sysupgrade on a device, which is equpped with flash with the 4KB
erase block size (e.g. TP-Link Archer C20).

This happens when 64KB and 4KB alignments do not match, so the JFFS2
data is written not exactly at the partition beginnig and startup
scripts can not find the JFFS2 during the first boot just after the
sysupgrade.

Fix this by placing additional JFFS2 EOF marker at a 4KB boundary. Also
keep the marker at 64KB intact, so the utilities will produce images
suitable for devices with both 4KB and 64KB erase blocks.

Fixes: 29a2c2ea80 (add ability to put
jffs2 eof marker into the image)

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2017-12-14 09:29:30 +01:00
João Chaínho
4d8a8c80d9 ar71xx: Fix switch port numbering on MIkrotik RB951Ui-2nD and RB493G
This patch fixes the switch port numbering on Mikrotik RB951Ui-2nD (hAP).
Also fixes the switch port numbering shown on LuCI for Mikrotik RB493G.

Signed-off-by: João Chaínho <joaochainho@gmail.com>
2017-12-14 09:29:30 +01:00
Luiz Angelo Daros de Luca
3e98674bcf base-files: fix sysupgrade -b/-l when -c is used
Since /overlay/upper appeared, -b ignored -c silently (cause it was
still checking for /overlay/etc). Now, if /overlay/upper is absent,
sysupgrade -c will fail and exit verbosely.

Fix -l to consider -c (it never did).

Clean up to always use /overlay/upper/xxx instead of still checking
for /overlay/xxx.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2017-12-14 09:29:30 +01:00
Christian Lamparter
cb02a376b3 apm821xx: use x86's upgrade scripts for MyBook Live
Advantages:
 - preserves existing partition layout. On the hard-drive.
   Only the boot and rootfs partition will be overwritten.

Disadvantages:
 - The upgrade process takes much longer to run.
   from 2-3 seconds to 15-25 seconds.

Please note that sysupgrade will refuse to upgrade, if the existing
installation has an incompatible partition layout. Future changes
to the bootfs and/or rootfs partition size will likely cause breakage
to the sysupgrade procedure. In these cases, the ext4-rootfs.img.gz
has to be written manually onto the disk. Please don't forget to backup
your configuration in this cases.

Note2: This patch requires
"base-files: upgrade: make get_partitions() endian agnostic"

Note3: If your current installation does not host the two
changes, sysupgrading will wipe the existing partition
layout. Don't forget to backup your data!

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2017-12-14 09:29:30 +01:00
Rosen Penev
06f8b4ddbd e2fsprogs: Update to 1.43.7
Compiled and tested on ramips with no noticeable problems.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-12-14 09:29:30 +01:00
Christian Lamparter
0cad9f09be apm821xx: MyBook Live convert to DT PHY
Changes MyBook Live to use DT PHY probing and the broadcom phy driver.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2017-12-14 09:29:30 +01:00
Christian Lamparter
6ad56fb34c apm821xx: convert to dt based diag LED script
Please note that users with a Netgear WNDR4700
will need to update the device-tree partition
manually.

For instructions, please refere to commit 49856a4bb5
("apm821xx: make it possible to update the dtb partition on the WNDR4700")

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2017-12-14 09:29:30 +01:00
Christian Lamparter
da6fdce365 base-files: unify get_dt_led helper function
Lantiq and IPQ806X (which includes IPQ40XX) both define the
same custom function {ipq806x|lantiq}_get_dt_led.

This patch moves the function into the base-file package at
lib/functions/leds.sh to make it more accessible for other
targets as well.

Cc: Mathias Kresin <dev@kresin.me>
Cc: John Crispin <john@phrozen.org>
Cc: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2017-12-14 09:29:30 +01:00
Jonas Gorski
a8d3d517d0 brcm63xx: fix an OOPS when accessing the basemode register on 6368
The bcm6368 pinctrl driver passed the wrong variable to
devm_regmap_field_alloc, causing it to blow up when later trying to
access the field.

Fixes #1211.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-13 16:40:47 +01:00
Jonas Gorski
ef1f6092e0 base-files: make including distfeeds.conf optional
To not clutter the system when building an opkg free image, generate the
distfeeds.conf only if CLEAN_IPKG is unset.

Since opkg is now a shared package, we can't rely on PACKAGE_opkg, but
since opkg is not reasonably usable without the status information, we
can tie the distfeeds.conf to it.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-13 14:59:07 +01:00
Jonas Gorski
5538b4df7f base-files: create /etc/opkg before generating distfeeds.conf
Ensure /etc/opkg exists before trying to write there. This fixes a build
failure if SIGNED_PACKAGES is disabled.

Reported-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-13 14:46:37 +01:00
Jonas Gorski
1cfbd50ff4 package: move distfeeds.conf from opkg to base-files
All the relevant options used for distfeeds.conf are part of base-files,
so it makes more sense to move the file there as well.

This has the added benefit that the we can share the opkg package again,
reducing the amount of target specific packages.

Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-13 13:38:19 +01:00
Jonas Gorski
eeeee885fb ar71xx: fix lzma-loader build with glibc
For an unknown reason gcc tries to link in crti.o when building with a
glibc toolchain (this does not happen with other targets). Prevent this
by telling gcc explicitly to not do that.

Fixes the following build error:

/home/jonas/git/lede/staging_dir/toolchain-mips_24kc_gcc-5.5.0_glibc/lib/gcc/mips-openwrt-linux-gnu/5.5.0/../../../../mips-openwrt-linux-gnu/lib/crti.o: In function `_init':
(.init+0x18): relocation truncated to fit: R_MIPS_GOT16 against `__gmon_start__'
/home/jonas/git/lede/staging_dir/toolchain-mips_24kc_gcc-5.5.0_glibc/lib/gcc/mips-openwrt-linux-gnu/5.5.0/../../../../mips-openwrt-linux-gnu/lib/crti.o: In function `_init':
(.init+0x28): relocation truncated to fit: R_MIPS_CALL16 against `__gmon_start__'
collect2: error: ld returned 1 exit status

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-13 11:34:51 +01:00
Kevin Darbyshire-Bryant
30e18c8d64 wireguard: bump to 20171211
Bump to latest WireGuard snapshot release:

44f8e4d version: bump snapshot
bbe2f94 chacha20poly1305: wire up avx512vl for skylake-x
679e53a chacha20: avx512vl implementation
10b1232 poly1305: fix avx512f alignment bug
5fce163 chacha20poly1305: cleaner generic code
63a0031 blake2s-x86_64: fix spacing
d2e13a8 global: add SPDX tags to all files
d94f3dc chacha20-arm: fix with clang -fno-integrated-as.
3004f6b poly1305: update x86-64 kernel to AVX512F only
d452d86 tools: no need to put this on the stack
0ff098f tools: remove undocumented unused syntax
b1aa43c contrib: keygen-html for generating keys in the browser
e35e45a kernel-tree: jury rig is the more common spelling
210845c netlink: rename symbol to avoid clashes
fcf568e device: clear last handshake timer on ifdown
d698467 compat: fix 3.10 backport
5342867 device: do not clear keys during sleep on Android
88624d4 curve25519: explictly depend on AS_AVX
c45ed55 compat: support RAP in assembly
7f29cf9 curve25519: modularize dispatch

Refresh patches.

Compile-test-for: ar71xx
Run-tested-on: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-12 22:24:26 +01:00
Martin Schiller
65d62b5f4f dropbear: disable MD5 HMAC and switch to sha1 fingerprints
As MD5 is known weak for many years and more and more
penetration test tools complain about enabled MD5 HMAC
I think it's time to drop it.

By disabling the MD5 HMAC support dropbear  will also
automatically use SHA1 for fingerprints.
This shouldn't be a problem too.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2017-12-12 22:24:17 +01:00
Luis Araneda
575178e462 treewide: add only one device when appending to TARGET_DEVICES
This will avoid some conflicts when doing a git rebase or merge,
specially when adding support to a new device.

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
[drop brcm47xx changes which rename the images]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-12-12 18:47:26 +01:00
Jo-Philipp Wich
72051f7036 rules.mk: export TMPDIR
Set TMPDIR to the same value as the existing TMP_DIR variable in order to
let gcc and various other utilities use the local temporary directory
instead of the system-wide one.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-12-12 17:44:01 +01:00
Jo-Philipp Wich
902961c148 wolfssl: update to 3.12.2 (1 CVE)
Update wolfssl to the latest release v3.12.2 and backport an upstream
pending fix for CVE-2017-13099 ("ROBOT vulnerability").

Ref: https://github.com/wolfSSL/wolfssl/pull/1229
Ref: https://robotattack.org/

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-12-12 17:39:52 +01:00
Felix Fietkau
905bbc96ef build: allow PKG_PREPARED_DEPENDS and PKG_CONFIG_DEPENDS to be changed after including package.mk
Reverts commit a9c96ef0ac and replaces it
with a different approach

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-12-12 12:45:28 +01:00