Commit Graph

44625 Commits

Author SHA1 Message Date
Jason A. Donenfeld
a1210f8888 wireguard: bump to 0.0.20190531
* tools: add wincompat layer to wg(8)

Consistent with a lot of the Windows work we've been doing this last cycle,
wg(8) now supports the WireGuard for Windows app by talking through a named
pipe. You can compile this as `PLATFORM=windows make -C src/tools` with mingw.
Because programming things for Windows is pretty ugly, we've done this via a
separate standalone wincompat layer, so that we don't pollute our pretty *nix
utility.

* compat: udp_tunnel: force cast sk_data_ready

This is a hack to work around broken Android kernel wrapper scripts.

* wg-quick: freebsd: workaround SIOCGIFSTATUS race in FreeBSD kernel

FreeBSD had a number of kernel race conditions, some of which we can vaguely
work around. These are in the process of being fixed upstream, but probably
people won't update for a while.

* wg-quick: make darwin and freebsd path search strict like linux

Correctness.

* socket: set ignore_df=1 on xmit

This was intended from early on but didn't work on IPv6 without the ignore_df
flag. It allows sending fragments over IPv6.

* qemu: use newer iproute2 and kernel
* qemu: build iproute2 with libmnl support
* qemu: do not check for alignment with ubsan

The QEMU build system has been improved to compile newer versions. Linking
against libmnl gives us better error messages. As well, enabling the alignment
check on x86 UBSAN isn't realistic.

* wg-quick: look up existing routes properly
* wg-quick: specify protocol to ip(8), because of inconsistencies

The route inclusion check was wrong prior, and Linux 5.1 made it break
entirely. This makes a better invocation of `ip route show match`.

* netlink: use new strict length types in policy for 5.2
* kbuild: account for recent upstream changes
* zinc: arm64: use cpu_get_elf_hwcap accessor for 5.2

The usual churn of changes required for the upcoming 5.2.

* timers: add jitter on ack failure reinitiation

Correctness tweak in the timer system.

* blake2s,chacha: latency tweak
* blake2s: shorten ssse3 loop

In every odd-numbered round, instead of operating over the state
    x00 x01 x02 x03
    x05 x06 x07 x04
    x10 x11 x08 x09
    x15 x12 x13 x14
we operate over the rotated state
    x03 x00 x01 x02
    x04 x05 x06 x07
    x09 x10 x11 x08
    x14 x15 x12 x13
The advantage here is that this requires no changes to the 'x04 x05 x06 x07'
row, which is in the critical path. This results in a noticeable latency
improvement of roughly R cycles, for R diagonal rounds in the primitive. As
well, the blake2s AVX implementation is now SSSE3 and considerably shorter.

* tools: allow setting WG_ENDPOINT_RESOLUTION_RETRIES

System integrators can now specify things like
WG_ENDPOINT_RESOLUTION_RETRIES=infinity when building wg(8)-based init
scripts and services, or 0, or any other integer.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-05-31 21:01:33 +02:00
Jan Hoffmann
085f66de9a ramips: create R6220 dtsi and improve WNDR3700v5 support
The R6220 and WNDR3700v5 are identical apart from using NAND/NOR flash and
having a different casing. This adds a new cleaned up R6220.dtsi with the
common bits for both devices. Both devices now have feature parity.

Performed cleanup:
 * generic DTS node names
 * regulator for usb power
 * added missing pinctrl groups
 * use switch port instead of VLAN as trigger for WAN LED

Fixes for WNDR3700v5:
 * all LEDS work
 * correct ethernet MAC addresses

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2019-05-31 11:21:22 +02:00
Markus Scheck
5ff5c9bce6 ramips: add support for Xiaomi Mi Router 4A (100M Edition)
- SoC:      MediaTek MT7628AN
- Flash:    16MB (Winbond W25Q128JV)
- RAM:      64MB
- Serial:   As marked on PCB, 3V3 logic, baudrate is 115200
- Ethernet: 3x 10/100 Mbps (switched, 2x LAN + WAN)
- WIFI0:    MT7628AN 2.4GHz 802.11b/g/n
- WIFI1:    MT7612EN 5GHz 802.11ac
- Antennas: 4x external (2 per radio), non-detachable
- LEDs:     Programmable power-LED (two-colored, yellow/blue)
            Non-programmable internet-LED (shows WAN-activity)
- Buttons:  Reset

INSTALLATION:

1. Connect to the serial port of the router and power it up.
   If you get a prompt asking for boot-mode, go to step 3.
2. Unplug the router after
       > Erasing SPI Flash...
       > raspi_erase: offs:20000 len:10000
   occurs on the serial port. Plug the router back in.
3. At the prompt select option 2 (Load system code then
   write to Flash via TFTP.)
4. Enter 192.168.1.1 as the device IP and 192.168.1.2 as the
   Server-IP.
5. Connect your computer to LAN1 and assign it as 192.168.1.2/24.
6. Rename the sysupgrade image to test.bin and serve it via TFTP.
7. Enter test.bin on the serial console and press enter.

Signed-off-by: Markus Scheck <markus@mscheck.de>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[added mt76 compatible]
2019-05-31 11:21:22 +02:00
Eneas U de Queiroz
a41f474d17 build: add support to && in DEPENDS
Adds support to && operand in DEPENDS.  Also, fixes generation of ||
dependencies by scripts/package-metadata.pl.

The precedence order from higher to lower is && then ||.  Use of
parentheses to change the order is not supported. As before, they are
silently ignored.  Use them for readability only.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [DMARC removal]
2019-05-31 11:21:22 +02:00
Eneas U de Queiroz
f22ef1f1de openssl: update to version 1.1.1c
Highlights of this version:
 - Prevent over long nonces in ChaCha20-Poly1305 (CVE-2019-1543)
 - Fix OPENSSL_config bug (patch removed)
 - Change the default RSA, DSA and DH size to 2048 bit instead of 1024.
 - Enable SHA3 pre-hashing for ECDSA and DSA

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [DMARC removal]
2019-05-31 11:21:22 +02:00
David Santamaría Rogado
4d6da05683 ath79: add leds migrations for archer-c7-v2 and v4
In ar71xx v2 has blue color defined because the same mach-*.c is also used
for TL-WDR4900 model with blue leds. ath79 v2 dts defines them as green.

For v4 the situation is the same as v5 so the conversion is identical only
v4 instead v5.

So now upgrading from ar71xx to ath79 should be also smoother for v2 and v4.

Signed-off-by: David Santamaría Rogado <howl.nsp@gmail.com>
2019-05-31 11:21:22 +02:00
Davide Fioravanti
7c91144ae6 ramips: add CUDY WR1000 support
Cudy WR1200 is an AC1200 AP with 3-port FE and 2 non-detachable antennas

Specifications:

MT7628 (580 MHz)
64 MB of RAM (DDR2)
8 MB of FLASH
2T2R 2.4 GHz (MT7628)
2T2R 5 GHz (MT7612E)
3x 10/100 Mbps Ethernet (2 LAN + 1 WAN)
2x external, non-detachable antennas (5dbi)
UART header on PCB (57600 8n1)
7x LED, 2x button

Known issues:
The Power LED is always ON, probably because it is connected
directly to power.

Flash instructions
------------------
Load the ...-factory.bin image via the stock web interface.

Openwrt upgrade instructions
----------------------------
Use the ...-sysupgrade.bin image for future upgrades.

Revert to stock FW
------------------
Warning! This tutorial will work only with the following OEM FW:
  WR1000_EU_92.122.2.4987.201806261618.bin
  WR1000_US_92.122.2.4987.201806261609.bin
If in the future these firmwares will not be available anymore,
you have to find the new XOR key.

1) Download the original FW from the Cudy website.

   (For example WR1000_EU_92.122.2.4987.201806261618.bin)

2) Remove the header.

   dd if="WR1000_EU_92.122.2.4987.201806261618.bin" of="WR1000_EU_92.122.2.4987.201806261618.bin.mod" skip=8 bs=64

3) XOR the new file with the region key.

   FOR EU: 7B76741E67594351555042461D625F4545514B1B03050208000603020803000D
   FOR US: 7B76741E675943555D5442461D625F454555431F03050208000603060007010C

   You can use OpenWrt's tools/firmware-utils/src/xorimage.c tool for this:

   xorimage -i WR1000..bin.mod -o stock-firmware.bin -x -p 7B767..

   Or, you can use this tool (CHANGE THE XOR KEY ACCORDINGLY!):
   https://gchq.github.io/CyberChef/#recipe=XOR(%7B'option':'Hex','string':''%7D,'',false)

4) Check the resulting decrypted image.

   Check if bytes from 0x20 to 0x3f are:
   4C 69 6E 75 78 20 4B 65 72 6E 65 6C 20 49 6D 61 67 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00

   Alternatively, you can use u-boot's tool dumpimage tool to check
   if the decryption was successful. It should look like:

   # dumpimage -l stock-firmware.bin
   Image Name:   Linux Kernel Image
   Created:      Tue Jun 26 10:24:54 2018
   Image Type:   MIPS Linux Kernel Image (lzma compressed)
   Data Size:    4406635 Bytes = 4303.35 KiB = 4.20 MiB
   Load Address: 80000000
   Entry Point:  8000c150

5) Flash it via forced firmware upgrade and don't "Keep Settings"

   CLI: sysupgrade -F -n stock-firmware.bin

   LuCI: make sure to click on the "Keep settings" checkbox
         to disable it. You'll need to do this !TWICE! because
         on the first try, LuCI will refuse the image and reset
	 the "Keep settings" to enable. However a new
         "Force upgrade" checkbox will appear as well.
         Make sure to do this very carefully!

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[added wifi compatible, spiffed-up the returned to stock instructions]
2019-05-31 10:36:36 +02:00
Davide Fioravanti
62ce6d58f2 ramips: unify JCG helper command definition
This patch makes the JCG helper command definition available
for every rampis target

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
2019-05-31 10:30:03 +02:00
Davide Fioravanti
d95dff162a firmware-utils: jcgimage: add support for 4MiB+ images
The first version of this script allowed just 4Mb factory images.
With this patch is possible to set the maximum size of the payload.

For an 8Mb flash, the corresponding maxsize is:
8 * 1024 * 1024 - 5 * 64 * 1024 = 8388608 - 327680 = 8060928

If the -m argument is not set, the default maximum size will be
used for backward compatibility.

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
2019-05-31 10:30:03 +02:00
Davide Fioravanti
1bbd524e84 firmware-utils: jcgimage: fix style and compiler warnings
Fixed some compilation warnings.

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
2019-05-31 10:30:03 +02:00
Christian Lamparter
bd83592fc4 apm821xx: wndr4700: interrupt-driven gpio-keys
This patch fixes the active_low setting and
converts all of the physical keys on the wndr4700
to utilize the interrupt-driven gpio-keys driver
over the polled version.

The sdcard-insertion hack has been removed since the
block-subsystem will now be polling the device instead.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-05-31 10:30:03 +02:00
Christian Lamparter
afc056d7dc gpio-button-hotplug: support interrupt properties
Upstream Linux's input gpio-keys driver supports
specifying a external interrupt for a gpio via the
'interrupts' properties as well as having support
for software debounce.

This patch ports these features to OpenWrt's event
version. Only the "pure" interrupt-driven support is
left behind, since this goes a bit against the "gpio"
in the "gpio-keys" and I don't have a real device to
test this with.

This patch also silences the generated warnings showing
up since 4.14 due to the 'constification' of the
struct gpio_keys_button *buttons variable in the
upstream struct gpio_keys_platform_data declaration.

gpio-button-hotplug.c: In function 'gpio_keys_get_devtree_pdata':
gpio-button-hotplug.c:392:10: warning: assignment discards 'const'
	qualifier from pointer target type [-Wdiscarded-qualifiers]
   button = &pdata->buttons[i++];
          ^
gpio-button-hotplug.c: In function 'gpio_keys_button_probe':
gpio-button-hotplug.c:537:12: warning: assignment discards 'const'
	qualifier from pointer target type [-Wdiscarded-qualifiers]
   bdata->b = &pdata->buttons[i];
            ^
gpio-button-hotplug.c: In function 'gpio_keys_probe':
gpio-button-hotplug.c:563:37: warning: initialization discards 'const'
	qualifier from pointer target type [-Wdiscarded-qualifiers]
   struct gpio_keys_button *button = &pdata->buttons[i];
                                   ^
Acked-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-05-31 10:30:03 +02:00
Hans Dedecker
678ee30ee4 ppp: add config options to tune discovery timeout and attempts
Upstream PPP project has added in commit 8e77984 options to tune discovery
timeout and attempts in the rp-pppoe plugin.

Expose these options in the uci datamodel for pppoe:
	padi_attempts: Number of discovery attempts
	padi_timeout: Initial timeout for discovery packets in seconds

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-31 09:43:10 +02:00
Hans Dedecker
42977978e2 ppp: update to version 2.4.7.git-2019-05-25
8e77984 rp-pppoe plugin: Add options to tune discovery timeout and number of attempts

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-31 09:43:03 +02:00
Fabian Bläse
0f8b9addfc gre: introduce 'nohostroute' option
It is not always necessary to add a host route for the gre peer address.

This introduces a new config option 'nohostroute' (similar to the
option introduced for wireguard in d8e2e19) to allow to disable
the creation of those routes explicitely.

Signed-off-by: Fabian Bläse <fabian@blaese.de>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
2019-05-31 09:42:32 +02:00
Yousong Zhou
cf463159df uclient: bump to version 2019-05-30
This version bump contains the following commit to fix FS#2222

	3b3e368 uclient-http: set data_eof when content-length is 0

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-05-30 12:13:31 +00:00
Yousong Zhou
1e5f4dcd66 libunwind: requires glibc if arch in powerpc
libunwind for powerpc depends on getcontext() from libc which musl-libc
does not provide because this API and its friends are supposed to be
"obsolescent" [1,2]

 [1] Subject: Re: setcontext/getcontext/makecontext missing?
     https://www.openwall.com/lists/musl/2016/02/04/5
 [2] http://pubs.opengroup.org/onlinepubs/009695399/functions/makecontext.html

Refs: https://github.com/openwrt/packages/issues/8548#issuecomment-497200058
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-05-30 10:30:45 +00:00
Sandeep Sheriker M
a765a2178c at91:renaming subtraget legacy to sam9x
renaming subtraget legacy to sam9x for adding new sam9 soc's

Signed-off-by: Sandeep Sheriker M <sandeep.sheriker@microchip.com>
2019-05-30 12:12:57 +02:00
Hauke Mehrtens
ab629543c0 gemini: Activate Realtek and vitesse DSA driver again
This activates the wrongly removed DSA drivers again.

Fixes 9ab4d74b5f ("kernel: Move some DSA config options to generic config")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reported-by: Linus Walleij <linus.walleij@linaro.org>
2019-05-30 12:12:37 +02:00
Hauke Mehrtens
ed224b1880 at91: Update kernel to version 4.14
This adds support for kernel 4.14 to the target and directly make it the
default kernel version to use.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Sandeep Sheriker <sandeepsheriker.mallikarjun@microchip.com>
2019-05-30 12:12:37 +02:00
Hauke Mehrtens
aff084adf3 at91: Merge SAMA5 subtargets
Instead of maintaining 3 very similar subtargets merge them into one.
This does not use the Arm NEON extension any more, because the SAMA5D3
does not support NEON.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Sandeep Sheriker <sandeepsheriker.mallikarjun@microchip.com>
2019-05-30 12:12:37 +02:00
Hauke Mehrtens
28e00650a5 at91: Clean up kernel configuration
This removes some settings which are normally set by the generic
configuration and should not be changed.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Sandeep Sheriker <sandeepsheriker.mallikarjun@microchip.com>
2019-05-30 12:12:37 +02:00
Hauke Mehrtens
bf0e4cb13f at91: Refresh kernel configuration
The configuration of the sama5d4 subtarget was used as the default
configuration and then the subtarget configurations were adapted.

The resulting kernel configuration without any extra modules selected is
still the same.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Sandeep Sheriker <sandeepsheriker.mallikarjun@microchip.com>
2019-05-30 12:12:37 +02:00
Alan Swanson
e7bd254ed9 lantiq: BTHOMEHUBV5A: don't power off with restart button
The restart button is currently assigned to KEY_POWER power script but
an easily accessible button immediately powering off the device is
undesirable. Switch to using new KEY_POWER2 reboot script with 5 second
seen delay.

Fixes: FS#1965
Signed-off-by: Alan Swanson <reiver@improbability.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [long line wrap]
2019-05-30 11:55:50 +02:00
Alan Swanson
5422fed787 gpio-button-hotplug: add KEY_POWER2 handling
For devices such as BTHOMEHUBV5A with both reset and restart buttons,
its easily accessible restart button has been assigned to KEY_POWER
power script to poweroff preventing accidental (or malicious) factory
resets by KEY_RESTART reset script. However an easily accessible button
immediately powering off the device is also undesirable.

As KEY_RESTART is already used for reset script (and there's no
KEY_REBOOT in Linux input events), use KEY_POWER2 for rebooting via new
reboot script with 5 second seen delay.

Fixes: FS#1965
Signed-off-by: Alan Swanson <reiver@improbability.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [long line wrap]
2019-05-30 11:55:50 +02:00
Alan Swanson
a46259787d button-hotplug: add KEY_POWER2 handling
For devices such as BTHOMEHUBV5A with both reset and restart buttons,
its easily accessible restart button has been assigned to KEY_POWER
power script to poweroff preventing accidental (or malicious) factory
resets by KEY_RESTART reset script. However an easily accessible button
immediately powering off the device is also undesirable.

As KEY_RESTART is already used for reset script (and there's no
KEY_REBOOT in Linux input events), use KEY_POWER2 for rebooting via new
reboot script with 5 second seen delay.

Fixes: FS#1965
Signed-off-by: Alan Swanson <reiver@improbability.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [long line wrap]
2019-05-30 11:55:50 +02:00
Alan Swanson
70c7a0c33e base-files: add reboot only button handler
For devices such as BTHOMEHUBV5A with both reset and restart buttons,
its easily accessible restart button has been assigned to KEY_POWER
power script to poweroff preventing accidental (or malicious) factory
resets by KEY_RESTART reset script. However an easily accessible button
immediately powering off the device is also undesirable.

Fixes: FS#1965
Signed-off-by: Alan Swanson <reiver@improbability.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [long line wrap]
2019-05-30 11:55:49 +02:00
Petr Štetiar
6a92eb5b38 procd: update to latest git HEAD
ade00ca585a4 container: fix .dockerenv stat check
 385b904b2f0a hotplug: improve error message during group ownership change

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-05-30 08:03:02 +02:00
Paul Spooren
62940df3a9 procd: update to latest git HEAD
7f0f6b2 procd: add docker support

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-05-29 17:57:35 +02:00
Mikael Magnusson
8128a7e4fc busybox: fix: ip addr flush hangs when run by non-root user
Add upstream patch from:
https://git.busybox.net/busybox/commit/?id=028c5aa18b5273c029f0278232d922ee1a164de6

The patch fixes a problem with an infinite loop causing 100% CPU usage
when running the following command /lib/preinit/10_indicate_preinit
without the CAP_NET_ADMIN capability (such as in Docker):
  ip -4 address flush dev $pi_ifname

Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [refresh patch]
2019-05-28 13:18:58 +02:00
Koen Vandeputte
b97d44af67 kernel: bump 4.19 to 4.19.45
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-05-28 11:02:42 +02:00
Koen Vandeputte
35551e58db kernel: bump 4.14 to 4.14.121
Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-05-28 11:02:42 +02:00
Koen Vandeputte
bcb6fc2f84 kernel: bump 4.9 to 4.9.178
Refreshed all patches.

Compile-tested on: ar7
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-05-28 11:02:42 +02:00
Hans Dedecker
6636171bed netifd: fix missing ip rules after network reload (FS#2296)
beb810d iprule: fix missing ip rules after a reload (FS#2296)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-28 10:21:02 +02:00
Petr Štetiar
99c52251cc ath79: ecb1750: additional dts fixes
This patch fixes following missing bits:

 - add missing 'compatible' property on firmware partition
 - set vendor partition 'userconfig' read-only

Fixes: 30dcbc741d ("ath79: add support for EnGenius ECB1750")
Signed-off-by: Sven Friedmann <sf.openwrt@okay.ms>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-05-27 22:44:08 +02:00
Ryan Mounce
6d6985ff0e ath79: add support for WD My Net N750
SoC: AR9344
RAM: 128MB
Flash: 16MiB Winbond 25Q128BVFG SPI NOR
5GHz WiFi: AR9380 PCIe 3x3:3 802.11n
2.4GHz WiFi: AR9344 (SoC) AHB 2x2:2 802.11n

5x Gigabit ethernet via AR8327N switch (green + amber LEDs)
2x USB 2.0 via GL850G hub
4x front LEDs from SoC GPIO
1x front WPS button from SoC GPIO
1x bottom reset button from SoC GPIO

Known issues:
AR8327N LEDs only have default functionality, not presented in sysfs.
This is a regression from ar71xx.

UART header JP1, 115200 no parity 1 stop
TX
GND
VCC
(N/P)
RX

See https://openwrt.org/toh/wd/n750 for flashing detail.
Procedures unchanged from ar71xx.

Tested sysupgrade + factory flash from WD Emergency Recovery

Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
2019-05-27 22:44:08 +02:00
Hans Dedecker
7d77879236 curl: bump to 7.65.0
For changes in 7.65.0; see https://curl.haxx.se/changes.html#7_65_0

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-26 21:51:04 +02:00
Hans Dedecker
f54611b06d map: don't set default firewall zone to wan
Don't set the default firewall zone to wan if not specified to keep the
behavior aligned with other tunnel protocols like gre and 6rd.
If the interface zone is not specified try to get it from the firewall config
when constructing the procd firewall rule.
While at it only add procd inbound/outbound firewall rules if a zone is specified.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-26 09:44:37 +02:00
Hans Dedecker
470f5b31e3 464xlat: don't set default firewall zone to wan
Don't set the default firewall zone to wan if not specified to keep the
behavior aligned with other tunnel protocols like gre and 6rd.
If the interface zone is not specified try to get it from the firewall config
when constructing the procd firewall rule.
While at it only add a procd inbound firewall rule if a zone is specified.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-26 09:43:57 +02:00
Petr Štetiar
ace241014c ethtool: bump to 5.1
* Feature: Add support for 200Gbps (50Gbps per lane) link mode
 * Feature: simplify handling of PHY tunable downshift
 * Feature: add support for PHY tunable Fast Link Down
 * Feature: add PHY Fast Link Down tunable to man page
 * Feature: Add a 'start N' option when specifying the Rx flow hash indirection table.
 * Feature: Add bash-completion script
 * Feature: add 10000baseR_FEC link mode name
 * Fix: qsfp: fix special value comparison
 * Feature: move option parsing related code into function
 * Feature: move cmdline_coalesce out of do_scoalesce
 * Feature: introduce new ioctl for per-queue settings
 * Feature: support per-queue sub command --show-coalesce
 * Feature: support per-queue sub command --coalesce
 * Fix: fix up dump_coalesce output to match actual option names
 * Feature: fec: add pretty dump

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-05-25 13:44:43 +02:00
Alexander Couzens
c4abaa345c
Revert "base-files: add console to inittab"
This reverts commit cde52cb486.
When using OpenWrt in qemu, the shell is unsuable

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2019-05-25 08:13:20 +02:00
Hans Dedecker
0293aa72d1 uci: fix heap use after free (FS#2288)
f199b96 uci: fix options list of section after type change

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-23 22:05:40 +02:00
Hans Dedecker
f21c8577bb glibc: update to latest 2.27 commit (BZ #24531)
54ba8bcd423 Fix tcache count maximum (BZ #24531)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-23 14:17:21 +02:00
Linus Walleij
8a83f17b24 gemini: Support sysupgrade on DIR-685
This makes sysupgrade work on the D-Link DIR-685 after
initial factory install.

We create the platform.sh script to support sysupgrade
on more targets as we move on with sysupgrade support.

Cc: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[cleanup in platform.sh, removed superfluous SUPPORTED_DEVICES]
2019-05-23 10:19:52 +02:00
Liangbin Lian
4bb9af48ca lua: lnum: fix strtoul based number parsing
Lua's LNUM patch currently doesn't parse properly certain numbers as
it's visible from the following simple tests.

On x86_64 host (stock Lua 5.1.5, expected output):

 $ /usr/bin/lua -e 'print(0x80000000); print(0x80000000000); print(0x100000000)'

  2147483648
  8796093022208
  4294967296

On x86_64 host:

 $ staging_dir/hostpkg/bin/lua -e 'print(0x80000000); print(0x80000000000); print(0x100000000)'

  -2147483648
  0
  0

On x86_64 target:

 $ lua -e 'print(0x80000000); print(0x80000000000); print(0x100000000)'

  -2147483648
  0
  0

On ath79 target:

 $ lua -e 'print(0x80000000); print(0x80000000000); print(0x100000000)'

  -2147483648
  8796093022208
  4294967296

It's caused by two issues fixed in this patch, first issue is caused by
unhadled strtoul overflow and second one is caused by the cast of
unsigned to signed Lua integer when parsing from hex literal.

Run tested on:

 * Zidoo Z9S with RTD1296 CPU (aarch64_cortex-a53)
 * qemu/x86_64
 * qemu/armvirt_64
 * ath79

Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
[commit subject/message touches, fixed From to match SOB, fixed another
 unhandled case in luaO_str2i, host Lua, package bump]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-05-23 10:19:52 +02:00
Hans Dedecker
33b81b5721 Revert "bc: update to 1.07.1"
This reverts commit 0111b86f1d as it
breaks on Linux distributions without ed support

./fix-libmath_h: line 1: ed: command not found

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-22 21:27:44 +02:00
Deng Qingfang
0111b86f1d bc: update to 1.07.1
Update bc to 1.07.1
Use GNU mirror

Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-05-22 13:13:06 +02:00
Paul Spooren
cde52cb486
base-files: add console to inittab
When running OpenWrt inside an LXC container no shell is opend as LXC
defaults to a virtual /dev/console.

This patch allows to enter a shell after starting the container via
`lxc-start`, without it is only posible to access a shell on tty1 via
`lxc-console`.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-05-21 14:54:15 +02:00
Alexander Couzens
8357b8131c
ar71xx: wr940 v4/v6: correct lan interface mac address
The vendor firmware only uses two mac addresses, the mac address on the
label and the label + 1. While checking multiple devices, all labels have
even mac addresses. Concluding only 2 address are assigned to a device.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2019-05-21 14:53:45 +02:00
Koen Vandeputte
4da5ba4a6b iwinfo: update to latest git HEAD
073a838891e5 iwinfo: Complete device IDs for Ubiquiti airOS XM/XW devices
04f5a7d3a431 iwinfo: Add Mikrotik R11e-5HnD
c2cfe9d96c9a iwinfo: Fix 802.11ad channel to frequency

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-05-21 14:24:18 +02:00