Commit Graph

16277 Commits

Author SHA1 Message Date
Eneas U de Queiroz
ab19627ecc wolfssl: allow building with hw-crytpo and AES-CCM
Hardware acceleration was disabled when AES-CCM was selected as a
workaround for a build failure.  This applies a couple of upstream
patches fixing this.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-09-20 20:54:10 +02:00
Magnus Kroken
49d96ffc5c mbedtls: update to 2.16.3
Remove 300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch,
the issue has been fixed upstream.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2019-09-20 19:32:04 +02:00
Rosen Penev
977a8fc5fc uClibc++: Remove faulty patch
This patch was originally added to fix compilation with v4l2rtspserver.
Turns out it was v4l2rtspserver that was broken, not uClibc++. This now
causes issues with a different package where the arguments are being
split.

Note that with this patch, shellcheck throws an error:

SC2068: Double quote array expansions to avoid re-splitting elements.

More: https://github.com/openwrt/packages/pull/9972#discussion_r324878373

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-09-20 19:30:51 +02:00
Jo-Philipp Wich
d6bd3fd5c4 iwinfo: update to latest Git HEAD
02112f9 cli: fix reporting of mixed WPA2/WPA3 versions
7faeaea nl80211: properly detect WEP encryption in wpa_supp scan results
629b5ff nl80211: do not confuse open connections with WEP ones
3d47ddd nl80211: rework hostapd and wpa_supplicant wpa suite parsing

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-20 13:32:49 +02:00
Jo-Philipp Wich
abb4f4075e hostapd: mirror ieee80211w ap mode defaults in station mode
For AP mode, OpenWrt automatically sets ieee80211w to either 1 or 2, depending
on whether the encryption is set to sae-mixed, or sae/owe/eap suite-b.

Mirror the same defaults for client mode connections, in order to allow an
OpenWrt station to associate to an OpenWrt ap with SAE, OWE or Suite-B encryption
without the need to manually specify "option ieee80211w" on the station.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-20 13:27:28 +02:00
Jo-Philipp Wich
4209b28d23 hostapd: fix OWE settings in client mode
This changes fixes the generation of the wpa_supplicant client configuration
in WPA3 OWE client mode. Instead of incorrectly emitting key_mgmt=NONE, use
the proper key_mgmt=OWE setting instead.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-20 13:27:21 +02:00
Alberto Bursi
827f47749b kernel: add module for Emulex OneConnect 10Gbit
add module to support Emulex OneConnect
common in 10Gbit SFP+ cards by Dell/HP/IBM
supports OneConnect OCe10xxx OCe11xxx OCe14xxx, 
LightPulse LPe12xxx

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2019-09-19 23:43:27 +02:00
Leon M. George
f974f8213b hostapd: declare struct wpa_bss early
wps_supplicant.h assumes that 'struct wpa_bss' is forward declared if
CONFIG_WPS is not defined.  With the later inclusion of
600-ubus_support, the issue manifests in warnings like these:

wps_supplicant.h:113:15: warning: 'struct wpa_bss' declared inside parameter list will not be visible outside of this definition or declaration
        struct wpa_bss *bss)
               ^~~~~~~

This patch forward declares 'struct wpa_bss' regardless.

Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-09-19 23:43:27 +02:00
Leon M. George
a123df2758 hostapd: revert signature change in patch
The original wpa_hexdump uses a 'void *' for the payload.  With patch
410-limit_debug_messages, the signature changes and compiler warnings
occur at various places.  One such warning is:

 wpa_debug.h:106:20: note: expected 'const u8 * {aka const unsigned char *}' but argument is of type 'struct wpa_eapol_key *'

Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-09-19 23:43:27 +02:00
Adrian Schmutzler
469e347f19 base-files: provide option to specify label MAC address in board.d
For many devices, MAC addresses cannot be retrieved via the
device tree alias.

To still provide the label MAC address for those, this implements
a second mechanism that will put the address into uci config.
Note that this stores the actual MAC address, whereas in DTS
we reference the bearing device.

This is based on the work of Rosy Song <rosysong@rosinson.com>

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-09-19 23:43:27 +02:00
Adrian Schmutzler
0340718863 base-files: add function to retrieve label MAC address
To refer to the MAC address on a device's label, one can
specify the alias label-mac-device in the DTS which should
point to the bearer of the corresponding MAC address.

With the function get_mac_label, the user can retrieve then
retrieve this address and use it as a value that uniquely
identifies his device.

This is severely helpful for several downstream functionalities,
e.g. define MAC addresses of custom netifs or change the SSID to
be easily recognizable.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-09-19 23:43:27 +02:00
Hans Dedecker
71cf4a272c curl: bump to 7.66.0
Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0

Fixes CVEs:
    CVE-2019-5481
    CVE-2019-5482

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-19 22:23:01 +02:00
Eneas U de Queiroz
d868d0a5d7 openssl: bump to 1.1.1d
This version fixes 3 low-severity vulnerabilities:

- CVE-2019-1547: ECDSA remote timing attack
- CVE-2019-1549: Fork Protection
- CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and
		 CMS_decrypt_set1_pkey

Patches were refreshed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-09-19 21:28:53 +02:00
Álvaro Fernández Rojas
b400179ca6 brcm2708-gpu-fw: update to latest firmware
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-09-19 17:37:43 +02:00
Jo-Philipp Wich
c933b6d224 procd: fix invalid JSON filter expression in procd_running()
Since service and instance names may contain characters which are not allowed
in JSON path labels, such as dashes or spaces, change the filter expression
to array square bracket notation to properly match these cases as well.

Fixes: 2c3dd70741 ("procd: add procd_running() helper for checking running state")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-19 07:20:32 +02:00
Jo-Philipp Wich
5ef9e4f107 firewall: update to latest Git HEAD
383eb58 ubus: do not overwrite ipset name attribute

Ref: https://forum.openwrt.org/t/fw3-ipset-procd-objects/44044
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-18 10:51:24 +02:00
Rafał Miłecki
04e912d217 procd: update to the latest git HEAD
62dc8c0 system: sysupgrade: send reply on error
2710c65 system: refuse sysupgrade with backup if it's unsupported

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-18 07:33:41 +02:00
Rafał Miłecki
f39f4b2f6d mac80211: brcmfmac: backport the last 5.4 changes
This makes brcmfmac use the same wiphy after PCIe reset to help user
space handle corner cases (e.g. firmware crash).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-16 08:37:06 +02:00
Petr Štetiar
2cf209ce91 firewall: update to latest git HEAD
c26f8907d1d2 firewall3: fix typo that affects ICMPv6 rules with numeric icmp_type

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-09-15 22:56:09 +02:00
Robert Marko
3fe30b28ae ath10k-ct: update to version 2019-09-09
Update the ath10k-ct driver version to 5e8cd86f90dac966d12df6ece84ac41458d0e95f
to enable dynamic VLANs to work. Patches refreshed during the bump.

Signed-off-by: Robert Marko <robimarko@gmail.com>
[commit description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-09-15 22:56:09 +02:00
Robert Marko
7c930990af ath10k-firmware: update Candela Tech firmware images
This enables a feature flag in the wave-2 firmware wmi-services indicating it can send
software-encrypted raw frames.  This should in turn allow the AP-VLAN feature to work.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2019-09-15 22:56:09 +02:00
Petr Štetiar
296e1f253c netifd,lldpd,rpcd,log: use generic service_running
commit eb204d14f75c ("base-files: implement generic service_running")
introduced generic service_running so it's not needed to copy&paste same
3 lines over and over again.

I've removed service_running from netifd/network init script as well,
because it was not working properly, looked quite strange and I didn't
understand the intention:

 $ /etc/init.d/network stop
 $ service network running && echo "yes" || echo "nope"
     ( have to wait for 30s )
 Command failed: Request timed out
 yes

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-09-15 22:53:01 +02:00
Luiz Angelo Daros de Luca
7519a36774 base-files,procd: add generic service status
Adds a default status action for init.d scripts.

procd "service status" will return:

 0) for loaded services (even if disabled by conf or dead)
 3) for inactive services
 4) when filtering a non-existing instance

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
[rebased, cleaned up]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-09-15 22:53:01 +02:00
Petr Štetiar
ed5b9129d7 base-files: implement generic service_running
DRY is good, otherwise we're going to suffer with a copy&paste disease
in the init scripts.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-09-15 20:58:30 +02:00
Hans Dedecker
a33d60c896 odhcpd: update to latest git HEAD
1d24009 netlink: rename netlink callback handlers
91a28e4 ndp: answer global-addressed NS manually
fd93e36 dhcpv6: retry failed PD assignments on addrlist change

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-15 20:43:14 +02:00
Hans Dedecker
ce6311d301 odhcpd: fix update to git HEAD
Fixes commit 7ff5b12e90

e73bf11 config: ra_management compatibility support
d818380 odhcpd: router: Fix out of scope memory access
94a1c94 dhcpv6-ia: free assignment when validity timer expires
752fc2c router: speed up initial router advertisements
09aa022 router: close socket upon NETEV_IFINDEX_CHANGE fixed
79eb160 router: fix previous commit
6034b5c router: close socket upon NETEV_IFINDEX_CHANGE
000182f router: fix lingering uloop socket descriptor
f6c2242 router: support ra_lifetime being 0

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-12 22:37:54 +02:00
Ingo Feinerer
ca0ad9e0e9 umbim: update to latest git HEAD
184b707 umbim: add home provider query support

Signed-off-by: Ingo Feinerer <feinerer@logic.at>
2019-09-12 22:29:47 +02:00
Hans Dedecker
7ff5b12e90 odhcpd: update to latest git HEAD (FS#2019)
e73bf11 config: ra_management compatibility support
d818380 odhcpd: router: Fix out of scope memory access
94a1c94 dhcpv6-ia: free assignment when validity timer expires
752fc2c router: speed up initial router advertisements
09aa022 router: close socket upon NETEV_IFINDEX_CHANGE fixed
79eb160 router: fix previous commit
6034b5c router: close socket upon NETEV_IFINDEX_CHANGE
000182f router: fix lingering uloop socket descriptor
f6c2242 router: support ra_lifetime being 0
d111809 router: make RA flags configurable (FS#2019)

Update odhcpd defaults according to the new RA flags implementation

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-12 22:22:29 +02:00
Felix Fietkau
8176431963 mt76: probe load mt7615 driver asynchronously
It can take a long time to load the firmware

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-09-12 17:16:44 +02:00
David Bauer
7db2f1a71f iwinfo: update to latest Git HEAD
a88fb42 iwinfo: add device id for Qualcomm Atheros QCA9886
1b69d86 iwinfo: add device id for Qualcomm Atheros QCA9887

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-09-12 15:38:08 +02:00
Rafał Miłecki
a858db3136 treewide: sysupgrade: use $UPGRADE_BACKUP to check for backup
Now that $UPGRADE_BACKUP is set conditionally there is no need to check
the $UPGRADE_OPT_SAVE_CONFIG anymore. All conditions can be simplified.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-11 09:05:35 +02:00
Rafał Miłecki
9785a9121d procd: update to the latest git HEAD
b8238df sysupgrade: support "backup" attribute

This update requires "sysupgrade" method callers to pass "backup"
attribute if $UPGRADE_BACKUP is used in the project.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-11 09:03:36 +02:00
Rafał Miłecki
c5223b26a4 base-files: sysupgrade: pass "backup" ubus attribute
This explicitly tells procd what backup file should be used during
sysupgrade (if any). It's much more generic this way compared to the
magic /tmp/sysupgrade.tgz file that had to be created before a call.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-11 08:57:24 +02:00
Hauke Mehrtens
7bed9bf10f hostapd: SAE/EAP-pwd side-channel attack update
Fixes this security problem:
* SAE/EAP-pwd side-channel attack update
https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-10 21:51:41 +02:00
Hauke Mehrtens
9f34bf51d6 hostapd: Fix security problem
This fixes:
CVE-2019-11555 "EAP-pwd message reassembly issue with unexpected fragment"
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt

This shouöld not affect OpenWrt in the default settings as we do not use
EAP-pwd.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-10 21:51:26 +02:00
Jo-Philipp Wich
d6a405280f rpcd: update to latest Git HEAD
e2a7bc4 iwinfo: add WPA3 support

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-10 15:25:12 +02:00
Rafał Miłecki
681acdcc54 mac80211: brcmfmac: backport more kernel 5.4 changes
Patch getting RAM info got upstreamed. A debugging fs entry for testing
reset feature was added.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-09 09:38:55 +02:00
Jo-Philipp Wich
2f9f8769e3 rpcd: update to latest Git HEAD
69eeb1b file: refactor message parsing and permission checking
f65527a iwinfo: expose all rate info fields in assoclist reply
7fec636 sys: fix symbol redeclaration
27c24c7 rpcd: sys: actually move timespec declaration
345363b file: add remove operation
604db20 rpcd: Switch to nanosleep

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-08 18:48:15 +02:00
Hauke Mehrtens
359bff6052 firewall: update to latest git HEAD
487bd0d utils: Fix string format message

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-08 18:39:13 +02:00
Rafał Miłecki
1c510fe298 base-files: validate firmware for compatibility with backup
This allows platform code to check if firmware image can be used with
preserving a backup. It may be used e.g. when installing vendor
firmwares that won't restore appended backup archive.

Suggested-by: Luis Araneda <luaraneda@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-08 09:10:30 +02:00
Hans Dedecker
7db6559914 firewal: update to latest git HEAD
4d0c703 firewall3: Fix some format string problems
8c404ef iptables.c: lock the xtables.lock
c1d3a4d utils: implement fw3_lock_path() & fw3_unlock_path()

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-07 21:23:43 +02:00
Hans Dedecker
1855c23794 odhcp6c: update to latest git HEAD
e199804 dhcpv6: sanitize oro options

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-07 13:11:53 +02:00
Yousong Zhou
40e3f660c1 uboot-fritz4040: build with ipq40xx "generic" subtarget
Fixes: 853e4dd3 ("ipqx0xx: add Generic subtarget")
Ref: https://forum.openwrt.org/t/ipq40xx-snapshot-not-updated-since-22nd-august/44126
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-09-06 08:33:30 +00:00
Rafał Miłecki
641f6b6c26 treewide: use new procd sysupgrade $UPGRADE_BACKUP variable
It's a variable set by procd that should replace hardcoded
/tmp/sysupgrade.tgz.

This change requires the most recent procd with the commit 0f3c136
("sysupgrade: set UPGRADE_BACKUP env variable").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 23:33:19 +02:00
Rafał Miłecki
e8dcbbc865 procd: update to the latest git HEAD
0f3c136 sysupgrade: set UPGRADE_BACKUP env variable
0bcbbbf system: fix uninitialized variables in firmware validation code

This update includes a fix for uninitialized variable usage.

Fixes: 7290963d09 ("procd: update to the latest git HEAD")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 23:16:54 +02:00
Adrian Schmutzler
45600124fc base-files: use get_mac_binary() in mtd_get_mac_binary_ubi()
The actual retrieval of the MAC address in mtd_get_mac_binary_ubi()
is the same as in get_mac_binary(). Thus, use the latter function
in the former to reduce duplicate code.

This will also allow to benefit from the enhanced path check there
and bring mtd_get_mac_binary_ubi() more in line with the similar
mtd_get_mac_binary().

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-09-05 20:42:08 +02:00
David Bauer
4c060228cb base-files: fix mtd_get_mac_text not accepting hex offsets
The mtd_get_mac_text helper method did not support hexadecimal offset
values, resulting them to break after 75bfc393ba ("treewide:
convert MAC address location offsets to hexadecimal")

This commit fixes this by evaluating the hexadecimal input,
converting them to decimal.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-09-05 20:31:56 +02:00
Rafał Miłecki
bf39047872 treewide: don't hardcode "sysupgrade.tgz" file name
1) Add BACKUP_FILE and use it when copying an archive to be restored
   after sysupgrade (on the next preinit).
2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 14:33:19 +02:00
Hauke Mehrtens
1184e1f2b6 uboot-envtools: Update to U-Boot version 2019.07
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-04 22:35:22 +02:00
Álvaro Fernández Rojas
da3f5b2196 brcm2708-gpu-fw: update to latest firmware
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-09-04 18:09:34 +02:00
Rafał Miłecki
7290963d09 procd: update to the latest git HEAD
34ac88c system: reject sysupgrade of invalid firmware images by default
f55c235 system: reject sysupgrade of broken firmware images
e990e21 system: add "validate_firmware_image" ubus method

This update changes "sysupgrade" ubus method API. It's now required to
pass "force" attribute whenever invalid firmware is meant to be
installed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-04 11:17:06 +02:00
Rafał Miłecki
b71962da16 base-files: pass "force" parameter to the "sysupgrade" call
This makes sysupgrade work with the most recent procd that validates
firmware before proceeding.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-04 11:07:41 +02:00
Hauke Mehrtens
6aa962a622 uci: update to latest Git HEAD
415f9e4 uci/file: replace mktemp() with mkstemp()

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-01 19:53:30 +02:00
Hauke Mehrtens
6658447534 iwinfo: update to latest Git HEAD
f599a8d iwinfo: Fix rate buffer size
71ec9be iwinfo: Fix buffer size
f8ef450 iwinfo: Add support for WPA3

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-01 19:48:43 +02:00
Tomasz Maciej Nowak
3fa0f32a68 grub2: bump to 2.04
* GCC 8 and 9 support.
* Gnulib integration overhaul.
* RISC-V support.
* Xen PVH support.
* Native UEFI secure boot support.
* UEFI TPM driver.
* New IEEE 1275 obdisk driver.
* Btrfs RAID 5 and RIAD 6 support.
* bootin from F2FS support.
* PARTUUID support.
* VLAN support.
* Native DHCP support.
* Many ARM and ARM64 fixes.
* Many SPARC fixes.
* Many IEEE 1275 fixes.
* ...and tons of other fixes and cleanups...

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2019-09-01 18:38:05 +02:00
Luis Araneda
5ca243153b uboot-zynq: update to 2019.07
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
2019-09-01 18:38:05 +02:00
Konstantin Demin
b74f1f335a nftables: bump to version 0.9.2
- exclude Python-related stuff from build
- drop patches:
  * 010-uclibc-ng.patch, applied upstream

ipkg size decrease by 2.8%:
old:
194.851 nftables_0.9.0-2_arm_cortex-a7_neon-vfpv4.ipk
new:
189.581 nftables_0.9.2-1_arm_cortex-a7_neon-vfpv4.ipk

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2019-09-01 18:38:04 +02:00
Konstantin Demin
699955a684 libnftnl: bump to version 1.1.4
ABI version is same.

The ipkg size increase by about 2.2%:
old:
47.909 libnftnl11_1.1.3-1_arm_cortex-a7_neon-vfpv4.ipk
new:
48.985 libnftnl11_1.1.4-1_arm_cortex-a7_neon-vfpv4.ipk

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2019-09-01 18:38:04 +02:00
Jo-Philipp Wich
02169bd3f8 rpcd: update to latest Git HEAD
821045f file: add path based read/write/exec ACL checks
fb337e5 file: add stat() information to directory listings

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-01 18:33:21 +02:00
Eneas U de Queiroz
7f2b230b3b uhttpd: add support to generate EC keys
This adds the key_type and ec_curve options to enable the generation of
EC keys during initialization, using openssl or the new options added to
px5g.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-09-01 00:35:11 +02:00
Eneas U de Queiroz
a552ababd4 px5g: support EC keys
This adds an 'eckey' command to generate an EC key, with an optional
curve name argument, with P-256 as default.

For the 'selfsigned' command, it adds an 'ec' algorithm argument to the
'-newkey' option, and a '-pkeyopt ec_paramgen_curve:<curvename>' option,
mirroring the way openssl specifies the curve name.

Notice that curve names are not necessarily the same in mbedtls and
openssl.  In particular, secp256r1 works for mbedtls, but openssl uses
prime256v1 instead. px5g uses mbedtls, but short NIST curve names P-256
and P-384 are specifically supported.

Package size increased by about 900 bytes (arm).

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-09-01 00:34:30 +02:00
Eneas U de Queiroz
f40262697f openssl: always build with EC support
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-09-01 00:16:08 +02:00
Rosen Penev
926157c2cc libnfnetlink: Avoid passing both -fPIC and -fpic
Instead, instruct the configure script to use $(FPIC) only.

Mixing -fPIC and -fpic can cause issues on some platforms like PPC.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-08-31 12:08:23 +02:00
Rosen Penev
e2ecf39e8e ncurses: Do not pass both -fPIC and -fpic
The configure scripts matches Linux with -fPIC, which is not exactly what
is desired. Since we are already passing $(FPIC), added a CONFIGURE_VAR to
avoid passing -fPIC.

Removed PKG_BUILD_DIR as it is already the default value.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-08-31 12:08:23 +02:00
David Bauer
9b0ce1789b lua: create lua symlink for host installation
Since the binaries for both lua as well as lua5.3 contain the version
number, invocations of the "lua" binary are failing, as it's not created
anymore for the host package.

Fixes: fe59b46 ("lua: include version number in installed files")
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-08-31 10:31:00 +02:00
Rafał Miłecki
f522047958 base-files: use JSON for storing firmware validation info
So far firmware validation result was binary limited: it was either
successful or not. That meant various limitations, e.g.:
1) Lack of proper feedback on validation problems
2) No way of marking firmware as totally broken (impossible to install)

This change introduces JSON for storing detailed validation info. It
provides a list of performed validation tests and their results. It
allows marking firmware as non-forceable (broken image that can't be
even forced to install).
Example:
{
        "tests": {
                "fwtool_signature": true,
                "fwtool_device_match": true
        },
        "valid": true,
        "forceable": true
}

Implementation is based on *internal* check_image bash script that:
1) Uses existing validation functions
2) Provides helpers for setting extra validation info

This allows e.g. platform_check_image() to call notify_check_broken()
when needed & prevent user from bricking a device.

Right now the new JSON info is used by /sbin/sysupgrade only. It still
doesn't make use of "forceable" as that is planned for later
development.

Further plans for this feature are:
1) Expose firmware validation using some new ubus method
2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus
   method so:
   a) It's possible to safely sysupgrade using ubus only
   b) /sbin/sysupgrade can be more like just a CLI

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-08-30 08:34:10 +02:00
John Crispin
63c722c0be linux-firmware: add mediatek BT firmware
Signed-off-by: John Crispin <john@phrozen.org>
2019-08-30 07:27:51 +02:00
Daniel Golle
a58bfb7377 mac80211: rt2x00: revert commit causing regression in 5GHz band
From: Stanislaw Gruszka <sgruszka@redhat.com>
This reverts commit 9ad3b55654455258a9463384edb40077439d879f.

As reported by Sergey:

"I got some problem after upgrade kernel to 5.2 version (debian testing
linux-image-5.2.0-2-amd64). 5Ghz client  stopped to see AP.
Some tests with 1metre distance between client-AP: 2.4Ghz  -22dBm, for
5Ghz - 53dBm !, for longer distance (8m + walls) 2.4 - 61dBm, 5Ghz not
visible."

It was identified that rx signal level degradation was caused by
9ad3b5565445 ("rt2800: enable TX_PIN_CFG_LNA_PE_ bits per band").
So revert this commit.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-08-29 22:29:54 +02:00
Hans Dedecker
6e45ba4699 procd: fix compile issue with glibc (FS#2469)
0430252 sysupgrade: add missing _GNU_SOURCE define (FS#2469)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-28 15:30:40 +02:00
Koen Vandeputte
5cc942a80e ath9k: backport dynack improvements
Close cooperation with Lorenzo Bianconi resulted
in these patches which fix all remaining seen issues
when using dynack.

Fix link losses when:
- Late Ack's are not seen or not present
- switching from too low static coverage class to dynack on a live link

These are fixed by setting the Ack Timeout/Slottime to
the max possible value for the currently used channel width when
a new station has been discovered.

When traffic flows, dynack is able to adjust to optimal values
within a few packets received (typically < 1 second)

These changes have been thoroughly tested on ~60 offshore devices
all interconnected using mesh over IBSS and dynack enabled on all.

Distances between devices varied from <100m up to ~35km

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
2019-08-28 13:08:21 +02:00
Jo-Philipp Wich
517cb0b70b fstools: update to latest Git HEAD
6a61b9a probe: fallback to libblkid.so.1 when libblkid.so does not exist

Also remove deprecation notices from init script while we're at it.

Fixes: FS#2274
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-08-28 12:46:18 +02:00
Jo-Philipp Wich
b13f3300d5 iwinfo: update to latest Git HEAD
a9f9557 nl80211: support reading hardware id from phy directly
c586cd3 iwinfo: add device id for MediaTek MT7612E
d4382dd iwinfo: add device id for Atheros AR9390

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-08-28 12:09:14 +02:00
Álvaro Fernández Rojas
cb3c4c713d brcm2708-gpu-fw: update to latest firmware
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-08-27 15:20:20 +02:00
DENG Qingfang
79f235abef mtd-utils: update to 2.1.1
Removed upstream patch
Compile and run tested on mvebu

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-08-27 10:32:44 +02:00
Koen Vandeputte
bd926fdde5 ath10k-firmware: update Candela Tech firmware images
This should fix a problem with 1560 MTU, 160Mhz on DFS channels,
some other small issues on < 5.2 kernels, and for 5.2 driver,
it pulls in some upstream stable fixes.

wave-1 firmware changes since last update:

  *  June 24, 2019: Try allocating low-priority WMI msgs if high-prio are not available.

  *  June 24, 2019: Init rate-ctrl to start at lowest rate instead of in the middle.  Hoping
                    this helps DHCP when station connects from a long distance.

wave-2:

  *  June 24, 2019  Start rate-ctrl at minimal values to help DHCP work better for far-away peers.

  *  July 24, 2019  Fix old regression that made /a (and probably /b/g) perform poorly, at least on
                    diet-compiled images.

  *  Aug 8, 2019  Improve a/b/g rate-ctrl by damping the PER swings caused by the all-or-nothing logic
                  of transmitting non-block-ack frames one at a time.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-27 10:32:44 +02:00
Felix Fietkau
c3a78955f3 kernel: move crypto-arc4 into a module
It is no longer required by wireless drivers, so we can save some space here

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-26 18:21:13 +02:00
Felix Fietkau
0e22e14b6c mt76: update to the latest version
fb0f432834c0 mt76: stop rx aggregation on station removal
76aada563b66 mt76: dma: reset q->rx_buf on rx reset
3245ca8b8aeb mt76: check of_get_mac_address for NULL as well to restore old kernel compat
8e495245ab3d mt76: mt7615: move mt7615_mac_get_key_info in mac.c
e4f48a8df6aa mt76: mt7615: add mt7615_mac_wtbl_addr routine
e8c95e5a41f0 mt76: mt7615: introduce mt7615_mac_wtbl_set_key routine
d998b90c4bed mt76: mt7615: remove wtbl_sec_key definition
60d279ec2762 mt76: mt7615: add set_key_cmd and mt76_wcid to mt7615_mac_wtbl_set_key signature
4947ad4eab6a mt76: introduce mt76_mmio_read_copy routine
4d9001b8ab1d mt76: mt7615: fix MT7615_WATCHDOG_TIME definition
3d6796b867b6 mt76: mt7603: fix watchdog rescheduling in mt7603_set_channel
8d7a48030005 mt76: mt7615: add 4 WMM sets support
ae0f11149248 mt76: mt7615: update cw_min/max related settings
8b7bbd017654 mt76: mt7603: fix some checkpatch warnings
e6045467848d mt76: mt7615: fix some checkpatch warnings
c415c676e255 mt76: mt76x02: fix some checkpatch warnings
f625afcedc9b mt76: switch to SPDX tag instead of verbose boilerplate text
4d57f1cee4aa mt76: mt7615: rework locking scheme for mt7615_set_channel
2becd13be766 mt76: mt7615: add Smart Carrier Sense support
20f0c196722a mt76: mt76x02: introduce mt76x02_pre_tbtt_enable and mt76x02_beacon_enable macros
ae83a05b1050 mt76: mt76x02: do not copy beacon skb in mt76x02_mac_set_beacon_enable
92fa62ace198 mt76: mt76x02u: enable multi-vif support
c6dabfe953af mt76: mt76x02u: enable survey support
1f44159b41ff mt76: mt7603: move survey_time in mt76_dev
9657e6304322 mt76: mt7615: enable survey support
af860c0decb1 mt76: move mt76_tx_tasklet in mt76 module
a9d2a28b39fc mt76: mt7603: remove unnecessary mcu queue initialization
281b10fc1fe6 mt76: mt7615: add BIP_CMAC_128 cipher support
37673a4181e4 mt76: fix some checkpatch warnings
a7fa32603981 mt76: add default implementation for mt76_sw_scan/mt76_sw_scan_complete
5c35bdf057af mt7615: apply calibration-free data from OTP
0e3baf0213c9 mt76: fix a leaked reference by adding a missing of_node_put
2d5928fef23d net: Remove dev_err() usage after platform_get_irq()
a0824197ab00 mt76: mt76x0e: disable 5GHz band for MT7630E
4d8a9f20610f mt76: do not send BAR frame on tx aggregation flush stop
2a0edbb4473b mt76: remove offchannel check in tx scheduling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-26 18:21:02 +02:00
Christian Lamparter
e1dcfe02b2 mac80211: refresh patches
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-08-24 23:23:31 +02:00
Christian Lamparter
5ef3fe614c openssl: refresh patches
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-08-24 23:23:31 +02:00
Christian Lamparter
8036345225 fstools: update to HEAD of 2019-07-01 - 1539b5
Update fstools to commit 1539b535ac327a3bc599d1ca871e14fd0dc3bba1

git log --pretty=oneline --abbrev-commit ff1ded63..1539b535

1539b53 libblkid-tiny: increment label size to 256
d563f3c libblkid-tiny: fix wrong btrfs label length
3957dd3 block: prevent mount point confusion
9b36dc2 libfstools: avoid false positives when matching devices and volumes

Created with the help of the make-package-update-commit.sh script.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-08-24 23:23:31 +02:00
Christian Lamparter
e9d875a537 ath10k-ct: update to HEAD of 2019-08-14 - 9e5ab2
Update ath10k-ct to commit 9e5ab25027e0971fa24ccf93373324c08c4e992d

git log --pretty=oneline --abbrev-commit f0aa8130..9e5ab250

9e5ab25 ath10k-ct:  Update to latest 5.2 upstream, support bigger mtu, 160Mhz

Created with the help of the make-package-update-commit.sh script
and refresh patches.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-08-24 23:22:10 +02:00
Vladimir Vid
7dff6a8c89 mvebu: uDPU: add sysupgrade support
This patch adds sysupgrade, uboot-env and networking support
for Methode uDPU device.

Device features 4 partitions:

-----------------------------------------
|  boot   | recovery  | rootfs |  misc  |
| (ext4)  |  (ext4)   | (fsf2) | (f2fs) |
_________________________________________

Idea was to use f2fs only but the u-boot currently lacks support
so first 2 partition are ext4 to be u-boot readable, and this was
a reason why custom build and sysupgrade sections were required.

On the sysupgrade, boot and rootfs partitions are updated, firmare
image and user configuration is saved on the misc partition and if
the upgrade was successfull, recovery partition will be updated on
after the reboot from preinit script. If the sysupgrade fails for any
reason, device will fallback to recovery initramfs image.

Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
2019-08-24 23:11:15 +02:00
Vladimir Vid
52cbe6b9c0 kernel: add i2c-pxa driver
Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
2019-08-24 23:11:15 +02:00
DENG Qingfang
bd098231ba iproute2: update to 5.2.0
Remove upstream patches

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-08-24 21:58:13 +02:00
Felix Fietkau
f0992d7a30 mac80211: fix a regression in the minstrel_ht improvement patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-24 12:47:00 +02:00
Daniel Golle
4346de8d34 mac80211: rt2x00: import pending patches
https://patchwork.kernel.org/patch/11111605/
https://patchwork.kernel.org/patch/11110703/

Fixes: 91c84e87c2 ("mac80211: rt2x00: clear IV's on start to fix AP mode regression")
Fixes: 0b2c42ced2 ("mac80211: Update to version 5.2-rc7")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-08-23 18:10:47 +02:00
Rafał Miłecki
b6f4cd57e1 treewide: sysupgrade: pass "save_partitions" option to the "sysupgrade" method
This explicitly lets stage2 know if partitions should be preserved. No
more "touch /tmp/sysupgrade.always.overwrite.bootdisk.partmap" hack.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-08-22 13:47:51 +02:00
Rafał Miłecki
b534ba9611 base-files: pass "save_config" option to the "sysupgrade" method
This explicitly lets stage2 know if config should be preserved.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-08-22 13:47:47 +02:00
Rafał Miłecki
2b1a6d263c procd: update to latest git HEAD
9558031 system: support passing "options" to the "sysupgrade" ubus method

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-08-22 13:46:53 +02:00
Kevin Darbyshire-Bryant
bd01346bb4 firewall: update to latest git HEAD
bf29c1e firewall3: ipset: Handle reload_set properly

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-08-22 09:31:57 +01:00
Felix Fietkau
0441edfb7f mac80211: backport support for the IEEE80211_KEY_FLAG_GENERATE_MMIE flag
Required for an upcoming mt76 update

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-21 14:59:21 +02:00
Felix Fietkau
a0637718d5 mac80211: add new minstrel_ht patches to improve probing on mt76x2
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-21 14:59:18 +02:00
Felix Fietkau
a886a0ecc8 mac80211: renumber subsys patches after update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-21 14:59:10 +02:00
Felix Fietkau
032e08a011 mac80211: remove TX_NEEDS_ALIGNED4_SKBS patch
The intended performance benefit could not be reliably reproduced, and the
patch was not accepted upstream

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-21 14:59:05 +02:00
Luiz Angelo Daros de Luca
0851ce4ff9 elfutils: bump to 0.177
200-uclibc-ng-compat.patch is upstream now.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2019-08-19 22:10:35 +02:00
Daniel Golle
91c84e87c2 mac80211: rt2x00: clear IV's on start to fix AP mode regression
To do not brake HW restart we should keep initialization vectors data.
I assumed that on start the data is already initialized to zeros, but
that not true on some scenarios and we should clear it. So add
additional flag to check if we are under HW restart and clear IV's
data if we are not.

Patch fixes AP mode regression.

Patch pending on linux-wireless and imported from patchwork.

Fixes: 0b2c42ced2 ("mac80211: Update to version 5.2-rc7")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-08-19 13:46:00 +02:00
Hauke Mehrtens
9cdb4753be linux-firmware: intel: Use recent version of wifi firmware
iwlwifi from the new backports also supports more recent FW versions,
update to the most recent versions for already supported devices.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-18 22:17:35 +02:00
Hauke Mehrtens
2ceee0e023 mac80211: ath10k: Fix crashes of QCA9984 when station connects
This fixes a bug introduced in backports from kernel 5.1 which makes
ath10k crash on QCA9984 when a station connects. The FW sends a airtime
report, but this station is not yet fully registered and a NULL pointer
is used.

Fixes: 0b2c42ced2 ("mac80211: Update to version 5.2-rc7")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-18 21:18:36 +02:00
Christian Lamparter
8f757d427c ipq-wifi: drop upstreamed custom board-2.bin
The BDFs for the:
	ALFA Network AP120C-AC
	ASUS Lyra
	AVM FRITZ!Box 7530
	AVM FRITZ!Repeater 3000
	EnGenius EAP1300
	EnGenius ENS620EXT
	Netgear Orbi Pro SRK60

boards were upstreamed to the ath10k-firmware repository
and linux-firmware.git.

Furthermore the BDFs for the:
	OpenMesh A42 specific BDFs
	OpenMesh A62 specific BDFs
	Linksys EA6350v3
have been updated.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-08-18 20:56:41 +02:00
Christian Lamparter
4d34216ea5 linux-firmware: update to 20190815
Update linux-firmware to 20190815

git log --pretty=oneline --abbrev-commit 20190815..20190815

07b925b Install only listed firmware files
5621bfc rtw88: add a README file
7e431c5 rtw88: RTL8822C: add WoW firmware v7.3
2dc7023 rtw88: RTL8822C: update rtw8822c_fw.bin to v7.3
d3d000d Merge branch 'ath10k-20190808' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/linux-firmware
d3e17e9 Merge branch 'for-upstream' of git://git.chelsio.net/pub/git/linux-firmware
d3f7234 Merge commit '70af908f4ad7aa8bc65032253f99a0a4fbe1e6c3' of https://github.com/Netronome/linux-firmware
1f0a99f ath10k: QCA9984 hw1.0: update board-2.bin
49c1187 ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00046
1031f01 ath10k: QCA988X hw2.0: update firmware-5.bin to 10.2.4-1.0-00045
cf714a2 ath10k: QCA9888 hw2.0: update board-2.bin
81e2e77 ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00040
8dc2dfb ath10k: QCA9887 hw1.0: update firmware-5.bin to 10.2.4-1.0-00045
1bd3ef2 ath10k: QCA6174 hw3.0: update firmware-6.bin to WLAN.RM.4.4.1-00140-QCARMSWPZ-1
e043109 ath10k: QCA4019 hw1.0: update board-2.bin
b1e26aa cxgb4: update firmware to revision 1.24.3.0
70af908 nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.10.A.38
dff98c6 Merge branch 'master' of git://github.com/skeggsb/linux-firmware
580b076 Merge branch 'nxp_mc' of https://github.com/NXP/linux-firmware
f9b0071 Merge tag 'iwlwifi-fw-2019-07-20' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware
2a3b75d nvidia: add missing entries in WHENCE
6fc1eb1 linux-firmware: Update NXP Management Complex firmware to version 10.16.2
cd6cb7b iwlwifi: update -48 FWs for Qu and cc
b5f09bb iwlwifi: update FWs for 3168, 7265D, 9000, 9260, 8000, 8265 and cc
bf13a71 Merge branch 'guc_v33' of git://anongit.freedesktop.org/drm/drm-firmware
d52556e linux-firmware: Update firmware file for Intel Bluetooth AX201
dbcc2fb linux-firmware: Update firmware file for Intel Bluetooth 22161
a5ee415 linux-firmware: Update firmware file for Intel Bluetooth 9560
7444ca4 linux-firmware: Update firmware file for Intel Bluetooth 9260
3d1e553 amdgpu: update vega10 VCE firmware
5d4e3cc amdgpu: update picasso vcn firmware
6a45d9e amdgpu: update raven vcn firmware
9c8161f amdgpu: update tonga to latest 19.20 firmware
7b6c49c amdgpu: update vega12 to latest 19.20 firmware
4f7b71b amdgpu: partially revert 2579167548be33afb1fe2a9a5c141561ee5a8bbe
fd3cc24 amdgpu: update vega10 to latest 19.20 firmware
c190efa amdgpu: update polaris12 to latest 19.20 firmware
f42b54e amdgpu: update raven2 to latest 19.20 firmware
fc89ce8 amdgpu: update raven to latest 19.20 firmware
3bebb5a amdgpu: update picasso to latest 19.20 firmware
05dbae6 drm/i915/firmware: Add v33 of GuC for ICL
786f17a drm/i915/firmware: Add v33 of GuC for KBL
aae0eb5 drm/i915/firmware: Add v33 of GuC for SKL
9cf240f drm/i915/firmware: Add v33 of GuC for GLK
8a0a6a6 drm/i915/firmware: Add v33 of GuC for BXT
70e4394 linux-firmware: rsi: add firmware image for redpine 9116 chipset
fd69a5d linux-firmware: Add firmware file for Intel Bluetooth AX201
7ae3a09 Merge tag 'iwlwifi-fw-2019-06-20' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware
90e6845 iwlwifi: add new firmwares for integrated 22000 series
71ef30c iwlwifi: update FW for 22000 to Core45-96
e58cbf7 iwlwifi: update FWs for 9000 series to Core45-96
b443218 iwlwifi: update Core45 FWs for 22260, 9000 and 9260
5157165 iwlwifi: udpate -36 firmware for 8000 series

This commit was created with the help of the make-package-update-commit.sh script.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-08-18 20:56:41 +02:00
Christian Lamparter
cfd0748497 iftop: update to HEAD of 2018-10-03 - 77901c
Update iftop to commit 77901c8c53e01359d83b8090aacfe62214658183

git log --pretty=oneline --abbrev-commit 949ed0f7..77901c8c

77901c8 Support scales beyond 1Gbps

Created with the help of the make-package-update-commit.sh script.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-08-18 20:56:41 +02:00
Jo-Philipp Wich
d1f207ecc9 uhttpd: update to latest Git HEAD
6b03f96 ubus: increase maximum ubus request size to 64KB

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-08-18 20:00:06 +02:00
Hans Dedecker
58f929077f nghttp2: bump to 1.39.2
957abacf Bump up version number to 1.39.2, LT revision to 32:0:18
83d362c6 Don't read too greedily
a76d0723 Add nghttp2_option_set_max_outbound_ack
db2f612a nghttpx: Fix request stall

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-18 18:58:16 +02:00
Yousong Zhou
f0f5cb26cb ltq-ifxos: refer to https://bugs.openwrt.org
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-08-18 15:23:49 +00:00
Yousong Zhou
26615ededc ct-bugcheck: report to https://openwrt.org by default
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-08-18 15:23:25 +00:00
Alin Nastac
a6da3f9ef7 iproute2: add libcap support, enabled in ip-full
Preserve optionality of libcap by having configuration script follow the
HAVE_CAP environment variable, used similarly to the HAVE_ELF variable.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase/refresh patches]
2019-08-18 14:44:10 +02:00
James Taylor
eff6e10604 lua: add lua.hpp to InstallDev
This is necessary to build PowerDNS authoritative and recursor against
OpenWRT, and may avoid packages depending on lua/host unnecessarily.

Signed-off-by: James Taylor <james@jtaylor.id.au>
2019-08-18 14:06:24 +02:00
Hauke Mehrtens
397faa6e7c rtl8812au-ct: Add vendor command policy
Fixes: 928e893a11 ("mac80211: Update to version 5.3-rc4-1")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-18 14:06:24 +02:00
Boris Krasnovskiy
0c43219a35 mwlwifi: Fix loading with backports v5.3
This adds a vendor command policy which is enforced since mac80211 from
kernel 5.3

Fixes: 928e893a11 ("mac80211: Update to version 5.3-rc4-1")
Signed-off-by: Boris Krasnovskiy <boris.krasnovskiy@lairdtech.com>
2019-08-18 14:06:14 +02:00
Sandeep Sheriker M
0b7c66c93b at91bootstrap: add sama5d27_som1_eksd1_uboot as default defconfig
Signed-off-by: Sandeep Sheriker M <sandeep.sheriker@microchip.com>
2019-08-17 23:08:44 +02:00
Sandeep Sheriker M
8ff5d69734 at91bootstrap: add support for at91sam9x5ek
Signed-off-by: Sandeep Sheriker M <sandeep.sheriker@microchip.com>
2019-08-17 23:08:38 +02:00
Sandeep Sheriker M
f9c7ca84bc at91bootstrap: bump v3.8.10 to v3.8.12
Signed-off-by: Sandeep Sheriker M <sandeep.sheriker@microchip.com>
2019-08-17 23:08:31 +02:00
Sandeep Sheriker M
b39dc6e550 uboot-at91: fix -Wformat-security
add patch to fix -Wformat-security warnings.

Signed-off-by: Sandeep Sheriker M <sandeep.sheriker@microchip.com>
2019-08-17 23:08:10 +02:00
Sandeep Sheriker M
adc69febc0 uboot-at91: changed som1 ek default defconfigs
replaced som1 ek spi flash with qspi defconfig and mmc with mmc1
defconfig.

Signed-off-by: Sandeep Sheriker M <sandeep.sheriker@microchip.com>
2019-08-17 23:08:05 +02:00
Sandeep Sheriker M
4fe08476ce uboot-at91: add at91sam9x5ek soc
add support to build u-boot binaries for at91sam9x5ek socs.

Signed-off-by: Sandeep Sheriker M <sandeep.sheriker@microchip.com>
2019-08-17 23:08:00 +02:00
Sandeep Sheriker M
8309a3c8b1 uboot-at91: bump linux4sam_5.8 to linux4sam_6.0
Signed-off-by: Sandeep Sheriker M <sandeep.sheriker@microchip.com>
2019-08-17 23:07:53 +02:00
Hauke Mehrtens
ced2b7bb98 ustream-ssl: update to latest git HEAD
e8f9c22 Revise supported ciphersuites
7e9e269 wolfssl, openssl: use TLS 1.3, set ciphersuites

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-17 17:09:42 +02:00
Luiz Angelo Daros de Luca
0d0617ff14 musl: ldso/dlsym: fix mips returning undef dlsym
This happens only the second time a library is loaded by dlopen().
After lib1 is loaded, dlsym(lib1,"undef1") correctly resolves the undef
symbol from lib1 dependencies. After the second library is loaded,
dlsym(lib2,"undef1") was returning the address of "undef1" in lib2
instead of searching lib2 dependencies.

Using upstream fix which now uses the same logic for relocation time
and dlsym.

Fixes openwrt/packages#9297

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2019-08-17 16:57:32 +02:00
Eneas U de Queiroz
77e0e99d31 wolfssl: bump to 4.1.0-stable
Always build AES-GCM support.
Unnecessary patches were removed.

This includes two vulnerability fixes:

CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.

CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-08-17 16:43:23 +02:00
Rosen Penev
1673041013 bzip2: Update to 1.0.8
It seems bzip2 was abandoned by the author and adopted by the sourceware
people. The last release of bzip2 was from 2010.

Several security bugs were fixed as well as others.

Fixed up PKG_LICENSE to be compatible with SPDX.

Changed URLs to point to the new home.

Added patch that gets rid of deprecated utime function and switches it to
utimensat.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-08-17 16:43:22 +02:00
Hauke Mehrtens
928e893a11 mac80211: Update to version 5.3-rc4-1
The removed patches were applied upstream.
The type of the RT2X00_LIB_EEPROM config option was changed to bool,
because boolean is an invalid value and the new kconfig system
complained about this.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-17 13:41:16 +02:00
Hauke Mehrtens
742505ef09 mac80211: Update to version 5.2.8-1
This contains multiple fixes from the upstream kernel.
The removed patch was merged upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-17 13:39:14 +02:00
Hauke Mehrtens
ebbec2fdc6 mdadm: Use upstream fix for musl 1.1.23 compile
Fixes: ba8aeb02ea ("mdadm: Fix compile with musl 1.1.23")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-17 00:30:52 +02:00
Hauke Mehrtens
1d4df52c21 hostapd: Allow CONFIG_IEEE80211W for all but mini variant
This commit will activate CONFIG_IEEE80211W for all, but the mini
variant when at least one driver supports it. This will add ieee80211w
support for the mesh variant for example.

Fixes: FS#2397
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-17 00:16:08 +02:00
Hauke Mehrtens
f34e825834 hostapd: Remove ROBO switch support
The driver was removed from OpenWrt a long time ago.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-17 00:16:08 +02:00
Colby Whitney
762fa36b6f lua5.3: include hpp header
The install was missing the hpp header.  Adding that in.

Signed-off-by: Colby Whitney <colby.whitney@luxul.com>
2019-08-16 22:53:06 +02:00
Kevin Darbyshire-Bryant
51ffce0694 firewall: improve ipset support
Bump to latest git HEAD

509e673 firewall3: Improve ipset support

The enabled option did not work properly for ipsets, as it was not
checked on create/destroy of a set. After this commit, sets are only
created/destroyed if enabled is set to true.

Add support for reloading, or recreating, ipsets on firewall reload.  By
setting "reload_set" to true, the set will be destroyed and then
re-created when the firewall is reloaded.

Add support for the counters and comment extensions. By setting
"counters" or "comment" to true, then counters or comments are added to
the set.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-08-16 11:27:24 +01:00
Paul Spooren
454021581f build: add buildinfo files for reproducibility
generate feeds.buildinfo and version.buildinfo in build dir after
containing the feed revisions (via ./scripts/feeds list -sf) as well as
the current revision of buildroot (via ./scripts/getver.sh).

With this information it should be possible to reproduce any build,
especially the release builds.

Usage would be to move feeds.buildinfo to feeds.conf and git checkout the
revision hash of version.buildinfo.

Content of feeds.buildinfo would look similar to this:

    src-git routing https://git.openwrt.org/feed/routing.git^bf475d6
    src-git telephony https://git.openwrt.org/feed/telephony.git^470eb8e
    ...

Content of version.buildinfo would look similar to this:

    r10203+1-c12bd3a21b

Without the exact feed revision it is not possible to determine
installed package versions.

Also rename config.seed to config.buildinfo to follow the recommended
style of https://reproducible-builds.org/docs/recording/

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-08-13 10:40:36 +02:00
Felix Fietkau
7ec092e641 Revert faulty tree push
Revert "mac80211: add new minstrel_ht patches to improve probing on mt76x2" (9861050b85)
Revert "kernel: use bulk free in kfree_skb_list to improve performance" (98b654de2e)
Revert "ramips: add preliminary support for WIO ONE" (085141dc5b)
Revert "ramips: add preliminary support for SGE AP-MTKH7-0006 developer board" (b1db6d0539)
Revert "build: use config.site generated by autoconf-lean, drop hardcoded sitefiles" (363ce4329d)
Revert "toolchain: add autoconf-lean" (fdb30eed03)
Revert "build: allow overriding the filename on the remote server when downloading" (6fa0e07758)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-12 12:27:06 +02:00
Felix Fietkau
9861050b85 mac80211: add new minstrel_ht patches to improve probing on mt76x2
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-12 11:43:39 +02:00
Hans Dedecker
63ced14048 dnsmasq: use nettle ecc_curve access functions
Fixes compile issues with nettle 3.5.1

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-09 21:40:13 +02:00
Daniel Engberg
9e489b41b5 nettle: Update to 3.5.1
Update (lib)nettle to 3.5.1
Bump ABI_VERSION

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-08-09 21:40:13 +02:00
Vincent Wiemann
ccb4b96b8a comgt-ncm: add driver dependencies again
In the commit 623716dd43 ("comgt-ncm: Fix NCM protocol")
the dependencies to vendor NCM drivers were removed, because:

> comgt-ncm should not depend on the USB-serial-related kernel modules,
> as the cdc-wdm control device works without them. There is also no need
> to depend on kmod-huawei-cdc-ncm, since other manufacturers (like
> Ericsson and Samsung) which use other kernel modules should also be
> supported.

From a user-perspective this does not make sense, as installing comgt-ncm
(or luci-proto-ncm) should install all needed dependencies for using such
a device.

Furthermore depending on kmod-huawei-cdc-ncm does not mean that Ericsson
and Samsung devices can't be supported. By the way it seems that Ericsson
and Samsung devices never used NCM, but act as serial modems.

Thus this commit adds the dependencies again.

Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
[fixed title capitalization, formatted commit message,
renamed Sony-Ericsson to Ericsson]
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-08-08 21:33:34 +02:00
Chuanhong Guo
11182349e1 gpio-button-hotplug: add volume button handling
This is used by PISEN WMB001N.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2019-08-08 21:00:59 +08:00
Hans Dedecker
d9364c1cbc procd: update to latest git HEAD (FS#2425)
8323690 state: fix shutdown when running in a container (FS#2425)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-07 13:56:53 +02:00
Hans Dedecker
d70a35c365 netifd: update to latest git HEAD
5e02f94 system-linux: fix resource leak

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-07 13:55:52 +02:00
Jo-Philipp Wich
e1f588e446 packages: apply usign padding workarounds to package indexes if needed
Since usign miscalculates SHA-512 digests for input sizes of exactly
64 + N * 128 + 110 or 64 + N * 128 + 111 bytes, we need to apply some
white space padding to avoid triggering the hashing edge case.

While usign itself has been fixed already, there is still many firmwares
in the wild which use broken usign versions to verify current package
indexes so we'll need to carry this workaround in the forseeable future.

Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Ref: https://git.openwrt.org/5a52b379902471cef495687547c7b568142f66d2
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-08-07 07:15:07 +02:00
Jo-Philipp Wich
f565f276e2 config: introduce separate CONFIG_SIGNATURE_CHECK option
Introduce a new option CONFIG_SIGNATURE_CHECK which defaults to the value
of CONFIG_SIGNED_PACKAGES and thus is enabled by default.

This option is needed to support building target opkg with enabled
signature verification while having the signed package lists disabled.

Our buildbots currently disable package signing globally in the
buildroot and SDK to avoid the need to ship private signing keys to
the build workers and to prevent the triggering of random key generation
on the worker nodes since package signing happens off-line on the master
nodes.

As unintended side-effect, updated opkg packages will get built with
disabled signature verification, hence the need for a new override option.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-08-06 21:22:27 +02:00
Jo-Philipp Wich
991dd5a893 usign: update to latest Git HEAD
This update fixes usign signature verification on files with certain
file sizes triggering a bug in the shipped SHA-512 implementation.

5a52b37 sha512: fix bad hardcoded constant in sha512_final()
3e6648b README: replace unicode character
716c3f2 README: add reference to OpenBSD signify
86d3668 README: provide reference for ed25519 algorithm
939ec35 usign: main.c: describe necessary arguments for -G

Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-08-06 20:57:37 +02:00
Petr Štetiar
79596f782e adb: fix build breakage on recent musl
Fix build breakage as upstream has removed implicit include of
sys/sysmacros.h from sys/types.h:

 remove implicit include of sys/sysmacros.h from sys/types.h

 this reverts commit f552c792c7ce5a560f214e1104d93ee5b0833967, which
 exposed the sysmacros.h macros (device major/minor calculations) for
 BSD and GNU profiles to mimic an unintentional glibc behavior some
 code depended on. glibc has deprecated and since removed them as the
 resolution to bug #19239, so it makes no sense for us to keep this
 behavior. affected code should all have been fixed by now, and if it's
 not yet fixed it needs to be for use with modern glibc anyway.

Ref: https://git.musl-libc.org/cgit/musl/commit/include/sys/types.h?id=a31a30a0076c284133c0f4dfa32b8b37883ac930
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-08-06 00:09:48 +02:00
Rosen Penev
1b1c47577b linux-atm: Add missing headers
This fixes compilation with -Werror=implicit-function-declaration.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-08-05 23:22:26 +02:00
Tomasz Maciej Nowak
d6b585eb4e kernel: drop mvebu support in kmod-usb3
This is already enabled as kernel built-in feature in mvebu target and
none other target will use it.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2019-08-05 23:22:26 +02:00
Jeffery To
e545fac8d9 build: include BUILD_VARIANT in PKG_BUILD_DIR
This changes the default PKG_BUILD_DIR to take BUILD_VARIANT into
account (if set), so that packages do not need to manually override
PKG_BUILD_DIR just to handle variants.

This also updates most base packages with variants to use the updated
default PKG_BUILD_DIR.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2019-08-05 23:22:26 +02:00
Hans Dedecker
018395392c ethtool: bump to 5.2
379c096 Release version 5.2.
2bce6d9 ethtool: Add 100BaseT1 and 1000BaseT1 link modes
67ffbf5 ethtool: sync ethtool-copy.h with linux-next from 30/05/2019
687152b ethtool.spec: Use standard file location macros

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-05 21:04:44 +02:00
Hans Dedecker
efb7b7a12a firewall: update to latest git HEAD
de94097 utils: coverity resource leak warning

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-05 14:18:27 +02:00
DENG Qingfang
edd9b39fab ipset: update to 7.3
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-08-05 09:42:09 +02:00
Petr Štetiar
b6bae4a2c9 wireless-regdb: fix build when python2 from package feeds exists
wireless-regdb fails to build if there is python2 installed from package
feeds, as staging_dir/hostpkg/bin/python is python2 and
staging_dir/hostpkg/bin takes precedence over staging_dir/host/bin
(proper place with python -> python3 symlink) which leads to the build
failure of wireless-regdb, so this patch makes it explicit which python
should be used.

Reported-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Russell Senior <russell@personaltelco.net>
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-08-04 22:09:20 +02:00
Kevin Darbyshire-Bryant
fc5d46dc62 Revert "dnsmasq: backport latest patches"
This reverts commit e9eec39aac.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-08-03 20:55:52 +01:00
Kevin Darbyshire-Bryant
a275466729 Revert "dnsmasq: improve insecure DS warning"
This reverts commit cd91f2327f.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-08-03 20:55:45 +01:00
Hauke Mehrtens
ba8aeb02ea mdadm: Fix compile with musl 1.1.23
This adds missing includes for sys/sysmacros.h which are needed with
musl libc 1.1.23.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-03 11:29:40 +02:00
Álvaro Fernández Rojas
a56d2e9d1b brcm27xx-armstub: remove package
Apparently, latest RPi firmware doesn't need this to boot RPi 4
64 bit kernels.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-08-03 09:03:30 +02:00
Álvaro Fernández Rojas
b0b5424378 linux-firmware: fix RPi 4 NVRAM
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-08-03 08:16:10 +02:00
Álvaro Fernández Rojas
bf6e79db8b brcm27xx-armstub: add new package
This package is needed for RPi 4B AARCH64 support

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-08-02 20:35:08 +02:00
Álvaro Fernández Rojas
6d79e097e9 brcm2708-gpu-fw: update to latest firmware
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-08-02 19:02:01 +02:00
Piotr Dymacz
bc1ad40991 uboot-envtools: ath79: add support for ALFA Network AP121F
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2019-07-31 08:38:06 +02:00
Piotr Dymacz
d99206b375 uboot-envtools: ath79: fix indent and alphabetical order
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2019-07-31 08:38:06 +02:00
Kevin Darbyshire-Bryant
12840674d0 wireless-regdb: fix patch fuzz
Refresh patches to tidy up some fuzz warnings

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-30 09:42:05 +01:00
John Crispin
8562e77953 wireless-regdb: fix Makefile indentation
Signed-off-by: John Crispin <john@phrozen.org>
2019-07-30 00:33:12 +02:00
Kevin Darbyshire-Bryant
4bc02a421f iptables: fix connmark savedscp build
Add <strings.h> for ffs() definition.

Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-29 20:23:13 +01:00
Kevin Darbyshire-Bryant
4dcef8263e Revert "kmod-sched-cake: drop out of tree package, use kernel version"
This reverts commit 5c094ff660.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-29 16:12:42 +01:00
Kevin Darbyshire-Bryant
5c661f5aaa Revert "netsupport: move out sch_cake from kmod-sched"
This reverts commit b31f9190c3.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-29 16:11:39 +01:00
Rafał Miłecki
6a7b201b6c mac80211: brcm: improve brcmfmac debugging of firmware crashes
This provides a complete console messages dump.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-28 14:10:37 +02:00
Rafał Miłecki
8e466fb7e3 mac80211: brcm: update brcmfmac 5.4 patches
Use commits from wireless-drivers-next.git.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-28 14:10:19 +02:00
Biwen Li
83d5ca2186 tfa-layerscape: fix create_pbl and byte_swap host build
- make create_pbl and byte_swap as host tools

- fix a bug that maybe use the cross compiler
to compile create_pbl and byte_swap:

	# -a option appends the image for Chassis 3 devices in case of non secure boot
	aarch64-openwrt-linux-musl-gcc -Wall -Werror -pedantic -std=c99 -O2
	 -DVERSION=v1.5(release):reboot-10604-ge9216b3336 -D_GNU_SOURCE -D_XOPEN_SOURCE=700
	 -c -o create_pbl.o create_pbl.c
	cc1: note: someone does not honour COPTS correctly, passed 0 times
	  LD      create_pbl
	/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
	/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
	/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
	create_pbl.o: error adding symbols: File in wrong format
	collect2: error: ld returned 1 exit status
	Makefile:43: recipe for target create_pbl failed
	make[4]: *** [create_pbl] Error 1
	plat/nxp/tools/pbl_ch2.mk:45: recipe for target pbl failed
	make[3]: *** [pbl] Error 2

- add tfa- prefix to all tools in order to avoid future clashes with
  other toolnames

Signed-off-by: Biwen Li <biwen.li@nxp.com>
[added missing HOST_CFLAGS, added tfa- prefix to the tools]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-26 15:21:58 +02:00
Petr Štetiar
57d1c05ec9 wireless-regdb: set PKGARCH:=all
As it's an architecture-independent binary file.

Ref: https://github.com/openwrt/openwrt/pull/1521#issuecomment-514687053
Suggested-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-26 08:09:16 +02:00
Petr Štetiar
d3853d17a3 wireless-regdb: prefer python provided by make variable
Usage of predefined make variables is preferred.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-26 08:09:16 +02:00
Zachary Riedlshah
ef3f868da0 wireless-regdb: update to 2019.06.03
Fixes build issues on a python3 host (issues with the print statement
formatting in the current build).

Includes 100-regdb-write-firmware-file-format-version-code-20.patch and
other fixes.

Closes bugs.openwrt.org/index.php?do=details&task_id=1605.

Uses the tarball as requested.

Signed-off-by: Zachary Riedlshah <git@zacharyrs.me>
2019-07-26 08:09:16 +02:00
Yangbo Lu
df0d555ea5 layerscape: convert to python3 for rcw
Python 2.7 will not be maintained past 2020. Let's convert
to python3 for rcw. Also drop byte swapping since TF-A had
been already used which handled byte swapping instead.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
2019-07-26 08:09:16 +02:00
Jo-Philipp Wich
e9216b3336 openwrt-keyring: update to Git HEAD
8080ef3 usign: add 19.07 release build pubkey
e24fe0d usign: use distro agnostic comments
251ded7 usign: fix filename of Stijn's usign key
14f0efc gpg: update snapshots public signing key
14f845b gpg: replace my public GPG key
4f735b8 gpg: add OpenWrt 19.07 signing key
228f8da gpg: add OpenWrt 18.06 v2 signing key
36057d9 gpg: update LEDE 17.01 public signing key
f2989ab Add my public GPG and usign key

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-07-25 19:39:51 +02:00
Kevin Darbyshire-Bryant
cd91f2327f dnsmasq: improve insecure DS warning
Log the failing domain in the insecure DS warning.

Patch has been sent upstream.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-25 12:29:08 +01:00
Kevin Darbyshire-Bryant
e9eec39aac dnsmasq: backport latest patches
Backport upstream patches pre 2.81rc for testing purposes.

Let's see what falls out!

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-25 12:23:46 +01:00
Kevin Darbyshire-Bryant
1aad1d17ed iptables: add connmark savedscp support
iptables: connmark - add savedscp option

Naive user space front end to xt_connmark 'savedscp' option.

e.g.

iptables -A QOS_MARK_eth0 -t mangle -j CONNMARK --savedscp-mark 0xfc000000/0x01000000

Will save DSCP into the top 6 bits and OR 0x01 (ie set) the least
significant bit of most significant byte.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-25 10:18:23 +01:00
Petr Štetiar
b8249cef9f tfa-layerscape: fix fiptool host build
fiptool is a host tool, used in a firmware generation pipeline, but it's
not treated as such, leading to the build breakage on the hosts which
don't have {Open,Libre}SSL dev package installed:

 In file included from fiptool.h:16:0,
                 from fiptool.c:19:
		 fiptool_platform.h:18:27: fatal error: openssl/sha.h:
		 No such file or directory
		  #  include <openssl/sha.h>

So this patch promotes fiptool into the host tool with proper host
include and library paths under STAGING_DIR.

Ref: https://github.com/openwrt/openwrt/pull/2267
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-25 07:48:10 +02:00
Petr Štetiar
09c33df76f mt76: fix kernel Oops by updating to the latest version
75656a4590a3 net: wireless: support of_get_mac_address new ERR_PTR error

Ref: https://github.com/openwrt/mt76/issues/299
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-24 14:08:32 +02:00
Hans Dedecker
11617bcb3b netifd: update to latest git HEAD
899f168 system-linux: Coverity fixes

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-07-22 21:48:34 +02:00
Rafał Miłecki
790692dde2 base-files: drop support for the platform_nand_pre_upgrade()
No target uses it anymore. All code from that callback was moved into
the platform_do_upgrade().

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-22 14:27:37 +02:00
Hans Dedecker
fc2df4f705 curl: update to 7.65.3
For changes in 7.65.3; see https://curl.haxx.se/changes.html#7_65_3

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-07-21 23:30:27 +02:00
Rafał Miłecki
db8e08a5a4 mac80211: brcm: backport first set of 5.4 brcmfmac changes
This doesn't include 9ff8614a3dbe ("brcmfmac: use separate Kconfig file
for brcmfmac") due to a few conflicts with backports changes.

An important change is:
[PATCH 2/7] brcmfmac: change the order of things in brcmf_detach()
which fixes a rmmod crash in the brcmf_txfinalize().

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-21 11:26:06 +02:00
Hauke Mehrtens
9c0c1c4401 ath10k-ct: Revert back to version 4.19
Version 5.2 shows a error when registering the devive for me.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-18 00:22:04 +02:00
Hauke Mehrtens
bc5b2bcd9c ath10k-ct: switch to version 5.2
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-18 00:22:04 +02:00
Hauke Mehrtens
10fe5ca362 ath10k-ct: remove patches for old versions
the ath10k-ct package ships multiple versions of the ath10k-ct driver,
OpenWrt currently only uses the version 4.19, but we still ship some
patches for older versions. Remove all patches only touching older
versions and also remove the patch for older versions from patches which
do the same changes to multiple versions of ath10k-ct.

This removes some unneeded patches, the end binary should stay the same.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-18 00:22:04 +02:00
Hauke Mehrtens
8f61b4cac4 ath10k-ct: update to version 2019-06-13
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-18 00:22:04 +02:00
Hauke Mehrtens
0b2c42ced2 mac80211: Update to version 5.2-rc7
This updates mac80211 to version 5.2-rc7, this contains all the changes
to the wireless subsystem up to Linux 5.2-rc7.

* The removed patches are applied upstream
* b43 now uses kmod-lib-cordic
* Update the nl80211.h file in iw to match backports version.
* Remove the two backports from kernel 4.9, they were needed for mt76,
  but that can use the version from backports now, otherwise they
  collide and cause compile errors.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-18 00:22:04 +02:00
Petr Štetiar
d6198d8625 mtd: cleanup unused code and variables in fis.c
While compile checking mtd changes in PR#1359 I've noticed following
compiler warnings and cleaned them up:

 fis.c: In function 'fis_remap':
 fis.c:143:25: warning: variable 'redboot' set but not used [-Wunused-but-set-variable]
   struct fis_image_desc *redboot = NULL;
                         ^~~~~~~
 fis.c:142:25: warning: variable 'fisdir' set but not used [-Wunused-but-set-variable]
   struct fis_image_desc *fisdir = NULL;
                         ^~~~~~

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-17 23:06:02 +02:00
Daniel Gimpelevich
fd104daa2f mtd: add CRC signature to RedBoot partition map
The code for calculating the CRC32 signatures for RedBoot FIS partitions
was already included, but for unknown reasons, it was never invoked. Some
bootloaders enforce checking these for loaded kernels, so they should be
written. This patch does so.

Tested-by: Brian Gonyer <bgonyer@gmail.com>
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
2019-07-17 22:59:29 +02:00
Martin Schiller
261df949fa openvpn: add new list option tls_ciphersuites
To configure the list of allowable TLS 1.3 ciphersuites, the option
tls_ciphersuites is used instead of tls_ciphers.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2019-07-17 22:59:29 +02:00
Petr Štetiar
16ac5c4fbd perf: simplify the build process
Redirect the build output to PKG_BUILD_DIR instead of copying over
complete source code.

Build tested on following targets:

 x86/64 ar7/generic ipq40xx/generic imx6/generic ar71xx/generic
 ramips/mt7621 ramips/mt7620 sunxi/cortexa7

Run tested on imx6/apalis.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-17 12:16:29 +02:00
Felix Fietkau
4c46bbbd93 mt76: update to the latest version
3d7f738 mt76: mt7615: add missing register initialization

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-07-17 09:36:44 +02:00
Felix Fietkau
8650201f10 mac80211: add config tweak for tx bursting when using VHT
By default, set BE tx queue TXOP limit to 1.0 in the hostapd config
Many vendor drivers are doing similar things to boost throughput.
On MT7612 under ideal conditions, it improves tx throughput from 470 Mbit/s
to about 570 Mbit/s.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-07-17 09:36:44 +02:00
Rafał Miłecki
3f4c785a6b base-files: don't set ARGV and ARGC
Those are not used by any image check function anymore.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-17 08:10:40 +02:00
Chuanhong Guo
e2cd70d6b1 package: mtd: add fixseama command for ath79
This is needed by Qihoo C301.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2019-07-16 20:14:02 +08:00
Chuanhong Guo
a9360452f0 ath79: add support for Qihoo C301
Specifications:
- SoC: AR9344
- RAM: 128MB
- Flash: 2 * 16MB (MX25L12845)
- Ethernet: 2 * FE LAN & 1 * FE WAN
- WiFi: 2.4G: AR9344 5G: QCA9882

Flash instruction:
1. Hold reset and power up the router
2. Set your IP to 192.168.1.x
3. Open 192.168.1.1 and upload the generated *factory* firmware

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2019-07-16 09:51:03 +08:00
Rafał Miłecki
430d65c544 libroxml: bump to the 3.0.2 version
* Fix for memory leak regression
* Support for (un)escaping

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-15 21:35:56 +02:00
Eneas U de Queiroz
c47eff0df3 libs/toolchain: remove eglibc remnant file
This removes package/libs/toolchain/eglibc-files/etc/nsswitch.conf.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-07-15 19:29:07 +02:00
Rafał Miłecki
1b937cb141 ubox: implement service_running() in log init.d script
It allows checking if service is running.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-15 16:21:56 +02:00
Rafał Miłecki
285c83a004 rpcd: implement service_running() in init.d script
It allows checking if service is running.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-15 16:21:56 +02:00
Petr Štetiar
cbae306815 fstools: add direct dependencies on libblobmsg-json and libjson-c
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefore add all libraries linked by
block-mount and blockd as direct dependencies to the corresponding
binary package definition.

This ensures that block-mount and blockd is automatically rebuilt and
relinked if any of these libraries has its ABI_VERSION updated in the
future.

Fixes: FS#2373
[jow: similar fix for procd and 98.42% of commit message]
Signed-off-by: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-15 00:38:24 +02:00
David Bauer
27f3f493de gpio-button-hotplug: unify polled and interrupt code
This patch unifies the polled and interrupt-driven gpio_keys code
paths as well implements consistent handling of the debounce
interval set for the GPIO buttons and switches.

Hotplug events will only be fired if

1. The input changes its state and remains stable for the duration
   of the debounce interval (default is 5 ms).

2. In the initial stable (no state-change for duration of the
   debounce interval) state once the driver module gets loaded.

   Switch type inputs will always report their stable state.
   Unpressed buttons will not trigger an event for the initial
   stable state. Whereas pressed buttons will trigger an event.
   This is consistent with upstream's gpio-key driver that uses
   the input subsystem (and dont use autorepeat).

Prior to this patch, this was handled inconsistently for interrupt-based
an polled gpio-keys. Hence this patch unifies the shared logic into the
gpio_keys_handle_button() function and modify both implementations to
handle the initial state properly.

The changes described in 2. ) . can have an impact on the
failsafe trigger. Up until now, the script checked for button
state changes. On the down side, this allowed to trigger the
failsafe by releasing a held button at the right time. On the
plus side, the button's polarity setting didn't matter.

Now, the failsafe will only engage when a button was pressed
at the right moment (same as before), but now it can
theoretically also trigger when the button was pressed the
whole time the kernel booted and well into the fast-blinking
preinit phase. However, the chances that this can happen are
really small. This is because the gpio-button module is usually
up and ready even before the preinit state is entered. So, the
initial pressed button event gets lost and most devices behave
as before.

Bisectors: If this patch causes a device to permanently go into
failsafe or experience weird behavior due to inputs, please
check the following:
 - the GPIO polarity setting for the button
 - the software-debounce value

Run-tested for 'gpio-keys' and 'gpio-keys-polled' on

 - devolo WiFi pro 1200e
 - devolo WiFi pro 1750c
 - devolo WiFi pro 1750x
 - Netgear WNDR4700
 - Meraki MR24
 - RT-AC58U

Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [further
cleanups, simplification and unification]
2019-07-14 14:02:20 +02:00
Álvaro Fernández Rojas
9e8932c17f brcm2708: switch to linux-firmware SDIO NVRAM
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-07-14 12:44:14 +02:00
Álvaro Fernández Rojas
aa00ac44d9 linux-firmware: add RPi SDIO NVRAM packages
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-07-14 12:44:14 +02:00
Álvaro Fernández Rojas
6c3e7d5ea0 brcm2708-gpu-fw: add support for Raspberry Pi 4
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-07-14 12:44:14 +02:00
Felix Fietkau
f1875e902d mt76: revert an accidental leftover debug change
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-07-13 16:01:51 +02:00
Hans Dedecker
9a72e7f601 procd: update to latest git HEAD
31f0765 procd: check strchr() result before using it

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-07-13 13:28:18 +02:00
Felix Fietkau
ba5878f056 mt76: update to the latest version
8fc3e6e mt76: mt7615: fix using VHT STBC rates
b21b991 mt76: mt7615: fix PS buffering of action frames
3d43dd8 mt76: mt7615: fix invalid fallback rates
0ce4682 mt76: mt7603: fix invalid fallback rates
3b08966 Revert "mt76: usb: use full intermediate buffer in mt76u_copy"
48800e7 Revert "mt76: usb: remove unneeded {put,get}_unaligned"
439354d Revert "mt76: usb: fix endian in mt76u_copy"
8c1da93 mt76: usb: fix endian in mt76u_copy
307be50 mt76: usb: remove unneeded {put,get}_unaligned
5d29829 mt76: mt76x02: use params->ssn value directly
f74d117 mt76: mt7603: use params->ssn value directly
649f2e8 mt76: mt7615: use params->ssn value directly
b647180 mt76: mt7615: unlock dfs bands

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-07-12 16:12:01 +02:00
Hauke Mehrtens
e05310b9b8 mac80211: Do not build b43legacy on BRCM47xx mips74 subtarget
b43legacy needs ssb support and we do not compile the mips74 subtarget
of the brcm47xx target with SSB support. This causes a build failure in
the mac80211 package and only some of the kernel modules are being
created.

I am not aware of any device with a BRCM47xx mips74 CPU which uses a
b43legacy compatible device.

Fixes: FS#2334
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-12 01:15:50 +02:00
Colby Whitney
c52ca08d40 lua5.3: build shared library
Update the lua5.3 package to build a shared object just like the old lua
package. Ported / recreated the same patch number as the other lua
package. Built and tested library / interpreter on BCM5301X.

Signed-off-by: Colby Whitney <colby.whitney@luxul.com>
2019-07-11 18:38:51 +02:00
Rafał Miłecki
f7edd94a65 base-files: move stage2 upgrade to separated file
do_upgrade_stage2() isn't really any common code. It isn't used anywhere
except for /sbin/sysupgrade that passes it to the stage2.

Moving its code to separated file also simplifies COMMAND variable.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-11 17:05:20 +02:00
Adrian Schmutzler
b4588c8538 kernel/om-watchdog: Apply device renames from ramips
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-07-10 17:36:29 +02:00
Adrian Schmutzler
1096d1b697 uboot-envtools: Apply ramips device renames
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-07-10 17:36:29 +02:00
Adrian Schmutzler
6ed3349308 base-files: Fix path check in get_mac_binary
Logic was inverted when changing from string check to file check.
Fix it.

Fixes: 8592602d0a ("base-files: Really check path in get_mac_binary")
Reported-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-07-09 23:05:51 +02:00
Kevin Darbyshire-Bryant
b31f9190c3 netsupport: move out sch_cake from kmod-sched
Fix file installation clash between kmod-sched & kmod-sched-cake as both
try to install sch_cake.ko

Remove cake from kmod-sched package as cake is supposed to be the
optional qdisc.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-09 13:54:24 +01:00
Rosen Penev
653e05d27f usbreset: Add missing header
Fixes undefined reference to strtoul

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-07-08 17:01:54 +02:00
Konstantin Demin
5dc7d63d0a netsupport: move out mqprio from kmod-sched
Currently, there's unable to install "kmod-sched-mqprio" after
"kmod-sched" (or vice versa), because "sch_mqprio.ko" is
shipped in both packages.

Fixes: f83522fa63 ("linux: Add kmod-sched-mqprio")
Fixes: 6af639e0bf ("linux: Add kmod-sched-act-vlan")
Fixes: 72c7e2dc46 ("linux: Add kmod-sched-flower")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
[Add cls_flower and act_vlan]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-08 16:42:26 +02:00
Daniel Engberg
d51f53b5ba util-linux: Update to 2.34
Update util-linux to 2.34
Refresh patch

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-07-08 16:42:26 +02:00
DENG Qingfang
42b3a3a89b iperf3: update to 3.7
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-07-08 16:28:47 +02:00
Kevin Darbyshire-Bryant
5c094ff660 kmod-sched-cake: drop out of tree package, use kernel version
CAKE made it to kernel 4.19 and since OpenWrt now at kernel 4.19 we can
drop the out of tree cake package in base repository.

Add kmod-sched-cake to netsupport so package dependencies are still met.
Similarly CAKE is retained as an optional qdisc module to avoid base
scheduler package size implications.

Backport upstream patches from k5.1 to address some small bugs and
support fwmark usage.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-08 11:05:43 +01:00
Rafał Miłecki
ea4e1dac71 base-files: drop support for NAND upgrade in platform_pre_upgrade()
With bcm53xx switched to the new procedure there is no more need for
keeping that backward compatibility code.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-08 07:38:51 +02:00
Rafał Miłecki
f58ca6ee57 base-files: drop unused jffs2_copy_config()
Its last usage was dropped back in 2013 in the commit b95bdc8ab5
("kernel/base-files: clean up old code related to refreshing mtd
partitions, it is no longer used anywhere").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-08 07:38:06 +02:00
Hauke Mehrtens
7c640c2960 ath10k-firmware: Fix mirror hash
Fixes: 7f79882d44 ("ath10k-firmware: update board-2.bin for community firmwares")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-07 17:37:06 +02:00
Emil Muratov
a9deed62af zram-swap: Add extra commands for status/compaction
This patch adds two new commands:
  zram status - shows memory stats for all zram swaps
  zram compaction - trigger compaction for all zram swaps

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-07-07 13:02:06 +02:00
Emil Muratov
afa5ce2493 busybox: enable swapon/off by default to make it consistent with mkswap
No size increase on busybox binary.
  Since busybox mkswap is already enabled by default it seems reasonable
  to enable swapon/off too. For ex. this obsoletes installing block-mount
  dependency for zram-swap.

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
2019-07-07 13:02:06 +02:00
Emil Muratov
b062c90f47 zram-swap: Add zram compaction and statistics info output
Executing '/etc/init.d/zram start' during runtime (with a swap being already
mounted) triggers zram device compaction and prints out nice stats info about
zram memory usage

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [use IEC's MiB unit]
2019-07-07 13:02:06 +02:00
Emil Muratov
c0d93432f2 zram-swap: Fix busybox dependency check
- fix dependency on BUSYBOX_CONFIG_SWAPONOFF (removed in 84da2a6)
   - add busybox defaults checking (fix zram-swap always installs swap-utils
     and libblkid as dependency, even if busybox includes mkswap by default)

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
2019-07-07 13:02:06 +02:00
Konstantin Demin
ce8027ed29 libnftnl: bump to version 1.1.3
bump ABI version accordingly (thanks to Jo-Philipp Wich).

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2019-07-07 13:02:06 +02:00
Adrian Schmutzler
8592602d0a base-files: Really check path in get_mac_binary
Currently, path argument is only checked for being not empty.

This changes behavior to actually check whether path exists.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-07-07 13:02:05 +02:00
Eneas U de Queiroz
94d131332b hostapd: adjust removed wolfssl options
This edjusts the selection of recently removed wolfssl options which
have always been built into the library even in their abscence.
Also remove the selection of libwolfssl itself, allowing the library to
be built as a module.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-07-07 13:02:05 +02:00
Eneas U de Queiroz
ff69364ad8 wolfssl: update to 4.0.0-stable
Removed options that can't be turned off because we're building with
--enable-stunnel, some of which affect hostapd's Config.in.
Adjusted the title of OCSP option, as OCSP itself can't be turned off,
only the stapling part is selectable.
Mark options turned on when wpad support is selected.
Add building options for TLS 1.0, and TLS 1.3.
Add hardware crypto support, which due to a bug, only works when CCM
support is turned off.
Reorganized option conditionals in Makefile.
Add Eneas U de Queiroz as maintainer.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-07-07 13:02:05 +02:00
Eneas U de Queiroz
2792daab5a wolfssl: update to 3.15.7, fix Makefile
This includes a fix for a medium-level potential cache attack with a
variant of Bleichenbacher’s attack.  Patches were refreshed.
Increased FP_MAX_BITS to allow 4096-bit RSA keys.
Fixed poly1305 build option, and some Makefile updates.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-07-07 13:02:05 +02:00
Christian Lamparter
7f79882d44 ath10k-firmware: update board-2.bin for community firmwares
This patch updates the board-2.bin for the default
IPQ4019, QCA9984 and QCA9888 ath10k-firmware-xyz-ct
and -ct-htt firmwares.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-07-07 13:02:05 +02:00
Rosen Penev
243765e389 gdb-arc: Remove
Normal GDB has supported ARC since 8.0

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-07-07 13:02:05 +02:00
Rosen Penev
787922682a gdb: Remove !arc dependency
Supported since 8.0.

Added uClibc-ng patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-07-07 13:02:05 +02:00
Deng Qingfang
917eeaf26b iproute2: update to 5.1.0
Update iproute2 to 5.1.0
Remove upstream patch 010-cake-fwmark.patch
Backport a patch to fix struct sysinfo redefinition error

Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-07-04 21:40:12 +02:00
Felix Fietkau
92f83abc5e mt76: update to the latest version
6cafaca mt7603: use READ_ONCE instead of ACCESS_ONCE
9e2e0b8 mt76: round up length on mt76_wr_copy
e378ef1 mt76: mt7615: fix sparse warnings: warning: restricted __le16 degrades to integer
7991dd7 mt76: mt7615: introduce mt7615_regd_notifier
901a4c7 mt76: mt7615: add hw dfs pattern detector support
57c600e mt76: mt7615: do not perform txcalibration before cac is complited
6afc952 mt76: mt7615: add csa support
8919516 mt76: mt7615: add radar pattern test knob to debugfs
3be723c mt76: mt7615: clean up FWDL TXQ during/after firmware upload
47fe37e mt76: mt7615: fall back to sw encryption for unsupported ciphers
bc5e041 mt76: mt7603: enable hardware rate up/down selection
ae760db mt76: mt7615: move mt7615_mcu_set_rates to mac.c
2ae01f7 mt76: mt7615: reset rate index/counters on rate table update
6f98378 mt76: mt7615: sync with mt7603 rate control changes
edbe88e mt76: usb: fix endian in mt76u_copy
f43b622 mt76: usb: remove unneeded {put,get}_unaligned
5e1e5b7 mt76: usb: use full intermediate buffer in mt76u_copy
017d0ff mt76: mt76u: fix typo in mt76u_fill_rx_sg
2c0ccf1 mt76: mt7615: always release sem in mt7615_load_patch
0c6f1a2 mt76: mt7615: introduce mt7615_mcu_send_ram_firmware routine
3dfc1ee mt76: mt7615: fix sparse warnings: incorrect type in assignment (different base types)
9475320 mt76: mt7603: fix sparse warnings: warning: incorrect type in assignment (different base types)
e07451d mt76: mt7615: fix sparse warnings: warning: cast from restricted __le16
b973bef mt7603: do not use tssi-off power value for mt7628

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-07-04 20:15:00 +02:00
Martin Blumenstingl
bf21b6e44d lantiq: ltq-tapi: fix compatibility with Linux 4.15+
Linux 4.15 removes the init_timer() API. It's replaced by two functions:
- timer_setup() is used instead of init_timer() and also replaces the
  timer "function" (callback) setup.
- from_timer() has to be used to obtain the use-case specific data from
  a struct timer_list, which is now passed to the timer callback.

Update the timer API to be compatible with Linux 4.15+ so it compiles
with the upcoming Linux 4.19 kernel update.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2019-07-04 08:29:13 +02:00
Matt Merhar
1d4c4cbd20 openvpn: fix handling of list options
This addresses an issue where the list option specified in
/etc/config/openvpn i.e. 'tls_cipher' would instead show up in the
generated openvpn-<name>.conf as 'ncp-ciphers'. For context,
'ncp_ciphers' appears after 'tls_cipher' in OPENVPN_LIST from
openvpn.options.

Also, the ordering of the options in the UCI config file is now
preserved when generating the OpenVPN config. The two currently
supported list options deal with cipher preferences.

Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
2019-07-03 07:45:00 +02:00
Florian Eckert
313444a79e comgt: add delay option for 3g proto
All protos for wwan (ncm,qmi,mbim) do have a delay option.
To standardize that add also the missing delay option to the 3g proto.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2019-07-03 07:45:00 +02:00
Karel Kočí
537b801c54 base-files: supress service restart of umount
Restart is in default implemented so it calls stop and start. This is
pretty unsafe to call on umount service. This service should not do
anything on restart the same way as on start. Only use of this service
is on stop.

Signed-off-by: Karel Kočí <cynerd@email.cz>
2019-07-03 07:45:00 +02:00
Florian Eckert
c06f2a2dcb uqmi: fix indentation style and boundary
Fix indentation style and boundary.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2019-07-03 07:45:00 +02:00
Florian Eckert
8eb63cb7df uqmi: add mtu config option possibility
There are mobile carrier who have different MTU size in their network.
With this change it is now possible to configure this with the qmi
proto handler.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2019-07-03 07:45:00 +02:00
Jo-Philipp Wich
47a984477b lua5.3: stage Lua headers in proper location
Fix wrong paths in InstallDev which cause Lua 5.3 headers to be staged
in /usr/include/, overwriting Lua 5.1 headers and leading to widespread
build failures in all Lua related packages.

Fixes: FS#2348
Fixes: 6b161bb8d5 ("lua5.3: package Lua 5.3 version")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-07-03 07:21:52 +02:00
Jason A. Donenfeld
7c23f741e9 wireguard: bump to 0.0.20190702
* curve25519: not all linkers support bmi2 and adx

This should allow WireGuard to build on older toolchains.

* global: switch to coarse ktime

Our prior use of fast ktime before meant that sometimes, depending on how
broken the motherboard was, we'd wind up calling into the HPET slow path. Here
we move to coarse ktime which is always super speedy. In the process we had to
fix the resolution of the clock, as well as introduce a new interface for it,
landing in 5.3. Older kernels fall back to a fast-enough mechanism based on
jiffies.

https://lore.kernel.org/lkml/tip-e3ff9c3678b4d80e22d2557b68726174578eaf52@git.kernel.org/
https://lore.kernel.org/lkml/20190621203249.3909-3-Jason@zx2c4.com/

* netlink: cast struct over cb->args for type safety

This follow recent upstream changes such as:

https://lore.kernel.org/lkml/20190628144022.31376-1-Jason@zx2c4.com/

* peer: use LIST_HEAD macro

Style nit.

* receive: queue dead packets to napi queue instead of empty rx_queue

This mitigates a WARN_ON being triggered by the workqueue code. It was quite
hard to trigger, except sporadically, or reliably with a PC Engines ALIX, an
extremely slow board with an AMD LX800 that Ryan Whelan of Axatrax was kind
enough to mail me.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-07-02 22:06:42 +02:00
Deng Qingfang
299f6cb2da iptables: update to 1.8.3
Update iptables to 1.8.3

ChangeLog:
  https://netfilter.org/projects/iptables/files/changes-iptables-1.8.3.txt

Removed upstream patches:
- 001-extensions_format-security_fixes_in_libip.patch
- 002-include_fix_build_with_kernel_headers_before_4_2.patch
- 003-ebtables-vlan-fix_userspace_kernel_headers_collision.patch

Altered patches:
- 200-configurable_builtin.patch
- 600-shared-libext.patch

No notable size changes

Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [lipibtc ABI_VERSION fix]
2019-07-02 21:50:54 +02:00
Rafał Miłecki
17ae3eb9ff lua5.3: drop unwanted & unneeded PROVIDES
The plan for packaging Lua is to have "lua5.1" and "lua5.3" packages
with only the first one having "lua" alias (PROVIDES) for backward
compatibility with existing packages.

Putting PROVIDES in lua5.3 was a copy & paste mistake.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-06-30 10:16:08 +02:00
Florian Eckert
9e780ed5f7 base-files: add network_get_uptime() to /lib/functions/network.sh
Add missing ubus api call for uptime value.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2019-06-29 21:00:58 +02:00
Vladimir Vid
026714613d u-boot-mvebu: bump to 2019.04
Some devices and packages require newer version of u-boot to work
properly, update u-boot to keep up with 4.19 kernel.

Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
[re-added missing commit message]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-06-28 21:43:27 +02:00
Rafał Miłecki
1cd46d2e4f lua5.3: fix build with MacOS's make
It apparently requires passing V variable explicitly.

Fixes: 6b161bb8d5 ("lua5.3: package Lua 5.3 version")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-06-28 12:04:16 +02:00
Rafał Miłecki
24645c0ee1 lua: fix build with MacOS's make
It apparently requires passing V variable explicitly.

Fixes: fe59b46ca7 ("lua: include version number in installed files")
Reported-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-06-28 11:40:08 +02:00
Rafał Miłecki
6b161bb8d5 lua5.3: package Lua 5.3 version
This package provides an interpreter and compiler for Lua 5.3.5. It has
been decided to use separated package due to a backward incompatibility
of Lua 5.2 and 5.3.

This package/version:
1) Does not include lnum patch as its author didn't decide to port it to
   the new version.
2) Does not provide shared library as the old patch doesn't apply
   anymore. It can be added later if needed.
3) Does not come with examples package as tests were dropped by upstream
   developers.

That said there is definitely a room for improvement and any further
work is highly appreciated. It works however and can be safely pushed as
a basic/early package release.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-06-28 09:25:59 +02:00
Rafał Miłecki
fe59b46ca7 lua: include version number in installed files
This will allow installing Lua 5.1 and newer versions at the same time.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-06-28 09:25:59 +02:00
Rafał Miłecki
c0c5c63514 lua: clean up host patch fuzz
Refresh host patches to match target changes from the commit
4e800716ac ("lua: clean up patch fuzz").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-06-28 09:25:59 +02:00