Commit Graph

14049 Commits

Author SHA1 Message Date
Felix Fietkau
afe83f6151 linux-firmware: fix intel wireless-n 100 firmware package name
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-09-28 22:57:46 +02:00
Felix Fietkau
79216243d7 hostapd: add support for accessing 802.11k neighbor report elements via ubus
This API can be used to distribute neighbor report entries across
multiple APs on the same LAN.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-09-28 22:46:26 +02:00
Felix Fietkau
9f5f5d250e hostapd: add support for specifying device config options directly in uci
This is useful for tuning some more exotic parameters where it doesn't
make sense to attempt to cover everything in uci directly

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-09-28 22:45:59 +02:00
Marcin Jurkowski
a816e1eac7 dropbear: make ssh compression support configurable
Adds config option to enable compression support which is usefull
when using a terminal sessions over a slow link. Impact on binary
size is negligible but additional 60 kB (uncompressed) is needed for
a shared zlib library.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2017-09-28 21:47:16 +02:00
John Crispin
00e9a7aacb umdns: update to latest git HEAD
b84fdac Add debug output for service_timeout
8f7e3bc Remove incorrect comma in http service json config
9f40133 Remove ttl==255 restriction for queries

Signed-off-by: John Crispin <john@phrozen.org>
2017-09-28 09:29:31 +02:00
Michal Sojka
1a5bf778fb procd: Install seccomp-trace symlink
Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
2017-09-28 09:22:02 +02:00
John Crispin
3398e8e94d procd: update to latest git HEAD
ee582d1 instance: properly compare and reload respawn config
260a4cd utrace: Start the tracee only after uloop initialization
520ad3c utrace: Switch all logging to ulog
1c48104 utrace: Support non-contiguous syscall numbers
582cf97 utrace: Forward SIGTERM to the traced process
32534f7 utrace: Report ptrace errors
ccde3fb seccomp: Improve error message
7f9b174 preload-seccomp: Use proper log level for error messages
e3c4302 Start seccomp-enabled services via seccomp-trace
5e4ad02 seccomp: Log seccomp violations with utrace
2661b2f utrace: Use PTHREAD_SEIZE instead of PTHREAD_TRACEME
b5d53c6 utrace: Deliver signals to traced processes
b416ed9 utrace: Support tracing multi-threaded processes and vfork
8b7d47a utrace: Trace processes across forks
c6b6ec6 utrace: Sort syscalls by number of invocations
592c532 Update trace attribute
c8faedc Do not disable seccomp when configuration is not found
017f3a1 utrace: Fix off-by-one errors
5acaf15 utrace: Fix environment initialization

Signed-off-by: John Crispin <john@phrozen.org>
2017-09-28 09:22:02 +02:00
Kevin Darbyshire-Bryant
f2107fc328 ramips: improve Xiaomi Mi Router 3G support
This commit improves support for the Xiaomi Mi Router 3G originally
added in commit 6e283cdc0d

Improvements:

- Remove software watchdog as hardware watchdog now working as per
  commit 3fbf3ab44f for all mt7621
  devices.

- Reset button polarity corrected - length of press determines reboot
  (short press) vs. reset to defaults (long press) behaviour.

- Enable GPIO amber switch port LEDs on board rear - lit indicates 1Gbit
  link and blink on activity.  Green LEDs driven directly by switch
  indicating any link speed and tx activity.

- USB port power on/off GPIO exposed as 'usbpower'

- Add access to uboot environment settings for checking/setting uboot
  boot order preference from user space.

Changes:

- Front LED indicator is physically made of independent Yellow/Amber,
  Red & Blue LEDs combined via a plastic 'lightpipe' to a front panel
  indicator, hence the colour behaviour is similar to an RGB LED. RGB
  LEDs are not supported at this time because they produce colour results
  that do not then match colour labels, e.g. enabling 'mir3g:red' and
  'mir3g:blue' would result in a purple indicator and we have no such
  label for purple.
  The yellow, red & blue LEDs have been split out as individual yellow,
  red & blue status LEDs, with yellow being the default status LED as
  before and with red's WAN and blue's USB default associations removed.

- Swapped order of vlan interfaces (eth0.1 & eth0.2) to match stock vlan
  layout. eth0.1 is LAN, eth0.2 is WAN

- Add 'lwlll' vlan layout to mt7530 switch driver to prevent packet
  leakage between kernel switch init and uci swconfig

uboot behaviour & system 'recovery'

uboot expects to find bootable kernels at nand addresses 0x200000 &
0x600000 known by uboot as "system 1" and "system 2" respectively.
uboot chooses which system to hand control to based on 3 environment
variables: flag_last_success, flag_try_sys1_failed & flag_try_sys2_failed

last_success represents a preference for a particular system and is set
to 0 for system 1, set to 1 for system 2.  last_success is considered *if*
and only if both try_sys'n'_failed flags are 0 (ie. unset) If *either*
failed flags are set then uboot will attempt to hand control to the
non failed system. If both failed flags are set then uboot will check
the uImage CRC of system 1 and hand control to it if ok.  If the uImage
CRC of system is not ok, uboot will hand control to system 2
irrespective of system 2's uImage CRC.

NOTE: uboot only ever sets failed flags, it *never* clears them. uboot
sets a system's failed flag if that system's was selected for boot but
the uImage CRC is incorrect.

Fortunately with serial console access, uboot provides the ability to
boot an initramfs image transferred via tftp, similarly an image may
be flashed to nand however it will flash to *both* kernels so a backup
of stock kernel image is suggested. Note that the suggested install
procedure below set's system 1's failed flag (stock) thus uboot ignores
the last_success preference and boots LEDE located in system 2.

Considerable thought has gone into whether LEDE should replace both
kernels, only one (and which one) etc. LEDE kernels do not include a
minimal rootfs and thus unlike the stock kernel cannot include a
method of controlling uboot environment variables in the event of
rootfs mount failure. Similarly uboot fails to provide an external
mechanism for indicating boot system failure.

Installation - from stock.

Installation through telnet/ssh:
- copy lede-ramips-mt7621-mir3g-squashfs-kernel1.bin and
  lede-ramips-mt7621-mir3g-squashfs-rootfs0.bin to usb disk or wget it
  from LEDE download site to /tmp
- switch to /extdisks/sda1/ (if copied to USB drive) or to /tmp if
  wgetted from LEDE download site
- run: mtd write lede-ramips-mt7621-mir3g-squashfs-kernel1.bin kernel1
- run: mtd write lede-ramips-mt7621-mir3g-squashfs-rootfs0.bin rootfs0
- run: nvram set flag_try_sys1_failed=1
- run: nvram commit
- run: reboot

Recovery - to stock.

Assuming you used the above installation instructions you will have a
stock kernel image in system 1. If it can be booted then it may be used
to perform a stock firmware recovery, thus erasing LEDE completely. From
a 'working' LEDE state (even failsafe)

Failsafe only:
- run: mount_root
- run: sh /etc/uci-defaults/30_uboot-envtools
Then do the steps for 'All'

All:
- run: fw_setenv flag_try_sys2_failed 1
- run: reboot

The board will reboot into system 1 (stock basic kernel) and wait with
system red light slowly blinking for a FAT formatted usb stick with a
recovery image to be inserted.  Press and hold the reset button for
around 1 second. Status LED will turn yellow during recovery and blue
when recovery complete.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-09-28 09:20:36 +02:00
Mathias Kresin
36fd53f9a9 ltq-vdsl-mei: disable optimized firmware download
With ltq-vdsl-mei 1.5.17.6 an optimized firmware download was added and
enabled by default. As soon as the optimized firmware download is
enabled, a watchdog based reboot is trigger between 24h to 48h of
uptime if the board isn't connected to a xdsl line.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-09-28 07:23:18 +02:00
Martin Schiller
f1ae982f8d ltq-vdsl: fix PM thread suspend and resume handling
This is a backport form drv_dsl_cpe_api-4.18.10 and fixes some PM
thread handling issues which lead to high system load and watchdog
trigger within 1h of uptime for boards not connected to a xdsl line.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2017-09-28 07:23:18 +02:00
Magnus Kroken
a9a37526a9 openvpn: update to 2.4.4
Fixes CVE-2017-12166: out of bounds write in key-method 1.

Remove the mirror that was temporarily added during the
2.4.3 release.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2017-09-28 04:05:44 +03:00
Lorenzo Santina
c14cc531e5 hostapd: update wpa_supplicant p2p config
Update the config file to the latest version.

Added CONFIG_EAP_FAST=y because it was the only
missing flag about EAP compared to full config.

Removed NEED_80211_COMMON flag because it is not part
of config file, it is set by the hostapd upstream Makefile.

Other flags are the same as before.

Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
[add punctuation to commit msg]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-28 00:27:36 +03:00
Lorenzo Santina
1cde4395d0 hostapd: update wpa_supplicant mini config
Update the config file to the latest version.
Enabled flags are the same as before.

Removed NEED_80211_COMMON flag because it is not part
of config file, it is set by the hostapd upstream Makefile.

Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
[add punctuation to commit msg]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-28 00:27:26 +03:00
Lorenzo Santina
65113799d7 hostapd: update wpa_supplicant full config
Update the config file to the latest version.
Enabled flags are the same as before.

Commented CONFIG_IEEE80211W=y flag because it is
set in the Makefile, only if the driver supports it.

Removed NEED_80211_COMMON flag because it is not part
of config file, it is set by the hostapd upstream Makefile.

Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
[add punctuation to commit msg]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-28 00:27:14 +03:00
Lorenzo Santina
70ade53692 hostapd: update hostapd mini config
Update the config file to the latest version.
Enabled flags are the same as before.

Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
[add punctuation to commit msg]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-28 00:27:01 +03:00
Lorenzo Santina
7865e86b0e hostapd: update hostapd full config
Update the config file to the latest version.
Enabled flags are the same as before.

Removed flag CONFIG_WPS2 because it is no more
needed due to this changelog (2014-06-04 - v2.2):
"remove WPS 1.0 only support, i.e., WSC 2.0
support is now enabled whenever CONFIG_WPS=y is set".

Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
[add punctuation to commit msg]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-28 00:26:11 +03:00
Hans Dedecker
754659ddb5 curl: fix disable threaded resolver
Bump to 7.55.1 broke the disable threaded resolver feature as reported
in https://github.com/curl/curl/issues/1784.
As a result curl is always compiled with the threaded resolver feature
enabled which causes a dependency issue on pthread for uclibc.
Fix this issue by backporting the upstream curl commit which fixes
disable threaded resolver.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-27 17:33:48 +02:00
Stijn Tintel
456de21297 ipset: replace patch that was reverted upstream
Use the correct prefix for backports while at it.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-26 18:18:44 +03:00
Marko Ratkaj
56348c95e9 uboot-mvebu: add OpenSSL compat patches
Fixes the following build issue: "undefined reference to `EVP_MD_CTX_create'"

From: Jelle van der Waa <jelle@vdwaa.nl>

The rsa_st struct has been made opaque in 1.1.x, add forward compatible
code to access the n, e, d members of rsa_struct.

EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be
called to reinitialise an already created structure.

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-09-25 23:08:33 +02:00
Marko Ratkaj
49e6e9ca39 uboot-mvebu: fix SETEXPR redefinition warning
Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-09-25 23:08:32 +02:00
Marko Ratkaj
ad0e107c23 uboot-mvebu: add missing UBOOT_MAKE_FLAGS variable
This patch removes "/bin/sh: HOSTCPPFLAGS: command not found" errors douring build.

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-09-25 22:38:29 +02:00
Stijn Tintel
b0f8b13331 samba36: add Package/samba/Default
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-25 22:53:59 +03:00
Stijn Tintel
7e58392bcb ipset: bump to 6.34
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-25 22:52:46 +03:00
Stijn Tintel
d9beae9b9e curl: bump to 7.55.1
Update 200-no_docs_tests.patch.
Refresh patches.

Fixes the following CVEs:
- CVE-2017-1000099
- CVE-2017-1000100
- CVE-2017-1000101

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-25 07:42:34 +03:00
Stijn Tintel
2ad649d134 iperf: bump to 2.0.10
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-25 07:42:34 +03:00
Lucian Cristian
a7465f375a sunxi: add Olimex A20-OLinuXino-LIME2-eMMC
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
[replaced u-boot patch with original version from u-boot git]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-24 16:28:28 +02:00
James Christopher Adduono
82739648c0 kernel: kmod-usb-storage-uas
This will allow you to build and package the uas.ko module.
With more routers supporting USB 3.0 host this could help
speed up activities like DLNA and Samba, as well as reduce
CPU utilization over BOT mass storage drivers.

Signed-off-by: James Christopher Adduono <jc@adduono.com>
2017-09-22 19:16:54 +02:00
Adrian Panella
ab26fc6c8d uhttp: update to latest version
3fd58e9 2017-08-19 uhttpd: add manifest support
88c0b4b 2017-07-09 file: fix basic auth regression
99957f6 2017-07-02 file: remove unused "auth" member from struct
path_info
c0a569d 2017-07-02 proc: expose HTTP_AUTH_USER and HTTP_AUTH_PASS
ad93be7 2017-07-02 auth: store parsed username and password
fa51d7f 2017-07-02 proc: do not declare empty process variables
a8bf9c0 2017-01-26 uhttpd: Add TCP_FASTOPEN support
e6cfc91 2016-10-25 lua: ensure that PATH_INFO starts with a slash

Signed-off-by: Adrian Panella <ianchi74@outlook.com>
2017-09-21 23:03:46 +02:00
Hans Dedecker
47f3645930 libubox: fix uloop race condition
7a10576 uloop: Fix race condition in SIGCHLD handling

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-21 23:03:36 +02:00
Stijn Tintel
6c32e05218 arm-trusted-firmware-sunxi: depend on sunxi target
The arm-trusted-firmware-sunxi package is only used by the Allwinner
A64, so only make it selectable for its subtarget sunxi/cortexa53.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-09-20 23:49:36 +03:00
Sandeep Sheriker Mallikarjun
670448a002 at91bootstrap: New package at91bootstrap
at91bootstrap is a second-level bootloader for Microchip(Atmel AT91) SoCs.
It provides a set of algorithms to manage the hardware initialization and
to download the main application or a third-level bootloader(i.e. uboot)
from specified boot media to main memory and execute it.

Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
2017-09-20 09:01:46 +02:00
Sandeep Sheriker Mallikarjun
5b9cff921e uboot-at91: Add support for SAMA5D4 Xplained board
Add support for SAMA5D4 Xplained board and options to select & build
u-boot configs for different media storage.

Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
2017-09-20 09:01:38 +02:00
Sandeep Sheriker Mallikarjun
dacab6472d uboot-at91: Add support for SAMA5D2 Xplained board
Add support for SAMA5D2 Xplained board and options to select & build
u-boot configs for different media storage.

Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
2017-09-20 09:01:31 +02:00
Sandeep Sheriker Mallikarjun
8f1764b98a uboot-at91: Add support for SAMA5D3 Xplained board
Add support for SAMA5D3 Xplained board and options to select & build
u-boot configs for different media storage.

Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
2017-09-20 09:01:24 +02:00
Sandeep Sheriker Mallikarjun
71a93a22fd uboot-at91: move BUILD_SUBTARGET from U-Boot/Default to devices
currenlty U-Boot/Default supports only at91 legacy devices.To add
sama5 support, moving BUILD_SUBTARGET from U-Boot/Default to target
devices.

Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
2017-09-20 09:01:16 +02:00
Chen Minqiang
40fd77fd10 ipq-wifi: fix missing define of PKG_NAME
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2017-09-20 08:49:49 +02:00
Philip Prindeville
3008fc9a7b usbutils: avoid duplicating the git revision
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-09-20 02:08:09 +02:00
Sven Roederer
ce53c0e718 openvpn: add "extra-certs" option
This option is used to specify a file containing PEM certs, to complete the
local certificate chain. Which is quite usefull for "split-CA" setups.

Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-09-19 20:05:57 +08:00
Lucian Cristian
f295db6e46 sunxi: add Olimex A20-OlinuXino-LIME2
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2017-09-18 21:29:16 +02:00
Lorenzo Santina
b0d2c4ac41 hostapd: ft_over_ds support
Add support for ft_over_ds flag in ieee80211r

Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
2017-09-18 21:24:10 +02:00
Lorenzo Santina
70593acdd5 hostapd: ft_psk_generate_local support
Add support for ft_psk_generate_local flag in ieee80211r

Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
[original author]
Signed-off-by: Sergio <mailbox@sergio.spb.ru>
2017-09-18 21:23:35 +02:00
Hauke Mehrtens
2a2b32a77f ath10k-firmware: use firmware from git instead of extra download
Instead of manually downloading the files again we can also take the
same files directly from the ath10k-firmware git which was cloned
before.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-18 20:56:56 +02:00
Hauke Mehrtens
e080a7ce07 uboot-sunxi: build A64 SoC and pine64 U-Boot
This creates a U-Boot for the aarch64 SoC A64 on the pine64 board.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-18 18:36:27 +02:00
Hauke Mehrtens
ea46d386e0 arm-trusted-firmware-sunxi: add new package
This is needed for the Boot loader of the A64 SoC.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-18 18:36:26 +02:00
Hauke Mehrtens
41e7d2e2e8 sunxi: split into cortex A8 and A7 subtarget
Now we can activate some compiler optimizations for the cortex A7.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-18 18:36:26 +02:00
Hauke Mehrtens
b9a35920bf uboot-sunxi: revert the usage of binman
This will avoid the usage of swig.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-18 18:36:26 +02:00
Hauke Mehrtens
85b7d780c5 uboot-sunxi: do not depend on dtc being install on host
make mkimage check the DTC environment variable first.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-18 18:36:26 +02:00
Hauke Mehrtens
1422d4435b uboot-sunxi: update to version 2017.07
The deleted patches are already integrated in the upstream U-Boot
version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-18 18:36:26 +02:00
Marcin Jurkowski
feab5fa51e dnsmasq: fix dhcp "ignore" option on wwan interfaces
Init script won't append --no-dhcp-interface option if interface
protocol is one of: ncm, directip, qmi, mbim.
This is caused by IP address assigned to dynamically created netifd
interfaces. As a result there's no netmask assigned to the main
interface and dhcp_add() function returns prematurely.

By moving network subnet check we can ensure that --no-dhcp-interface is
properly generated for wwan interfaces.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase; move network checks]
2017-09-18 10:14:34 +02:00
Hans Dedecker
400c5f03c3 base-files: fix wan6 interface config generation for pppoe
Setting ipv6 to auto in case of a pppoe interface will trigger the
creation of a dynamic wan_6 interface meaning two IPv6 interfaces
(wan6 and wan_6) will be active on top of the pppoe interface.
This leads to unpredictable behavior in the network; therefore set
ipv6 to 1 which will prevent the dynamic creation of the wan_6
interface.
Further alias the wan6 interface on top of the wan interface for pppoe
as the wan6 interface can only be started when the link local address is
ready. In case of pppoe the link local address is negotiated during the
Internet Protocol Control Protocol when the PPP link is setup meaning
all the IP address info is only available when the wan interface is up.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-18 09:57:34 +02:00
Stijn Tintel
2375e279a7 tcpdump: noop commit to refer CVEs fixed in 4.9.2
When bumping tcpdump from 4.9.1 to 4.9.2, I did not include the fixed
CVEs in the commit message. As the list of fixed CVEs is quite long,
we should probably mention them in the changelogs of the releases to
come. This commit will make sure this happens.

The following CVEs were fixed in 21014d9708:

CVE-2017-11541
CVE-2017-11541
CVE-2017-11542
CVE-2017-11542
CVE-2017-11543
CVE-2017-11543
CVE-2017-12893
CVE-2017-12894
CVE-2017-12895
CVE-2017-12896
CVE-2017-12897
CVE-2017-12898
CVE-2017-12899
CVE-2017-12900
CVE-2017-12901
CVE-2017-12902
CVE-2017-12985
CVE-2017-12986
CVE-2017-12987
CVE-2017-12988
CVE-2017-12989
CVE-2017-12990
CVE-2017-12991
CVE-2017-12992
CVE-2017-12993
CVE-2017-12994
CVE-2017-12995
CVE-2017-12996
CVE-2017-12997
CVE-2017-12998
CVE-2017-12999
CVE-2017-13000
CVE-2017-13001
CVE-2017-13002
CVE-2017-13003
CVE-2017-13004
CVE-2017-13005
CVE-2017-13006
CVE-2017-13007
CVE-2017-13008
CVE-2017-13009
CVE-2017-13010
CVE-2017-13011
CVE-2017-13012
CVE-2017-13013
CVE-2017-13014
CVE-2017-13015
CVE-2017-13016
CVE-2017-13017
CVE-2017-13018
CVE-2017-13019
CVE-2017-13020
CVE-2017-13021
CVE-2017-13022
CVE-2017-13023
CVE-2017-13024
CVE-2017-13025
CVE-2017-13026
CVE-2017-13027
CVE-2017-13028
CVE-2017-13029
CVE-2017-13030
CVE-2017-13031
CVE-2017-13032
CVE-2017-13033
CVE-2017-13034
CVE-2017-13035
CVE-2017-13036
CVE-2017-13037
CVE-2017-13038
CVE-2017-13039
CVE-2017-13040
CVE-2017-13041
CVE-2017-13042
CVE-2017-13043
CVE-2017-13044
CVE-2017-13045
CVE-2017-13046
CVE-2017-13047
CVE-2017-13048
CVE-2017-13049
CVE-2017-13050
CVE-2017-13051
CVE-2017-13052
CVE-2017-13053
CVE-2017-13054
CVE-2017-13055
CVE-2017-13687
CVE-2017-13688
CVE-2017-13689
CVE-2017-13690
CVE-2017-13725

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-18 01:33:40 +03:00
Hauke Mehrtens
45d0b88e44 mac80211: make iwlwifi select AC support
Some NICs supported by this driver support ieee80211 AC.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-17 15:08:53 +02:00
Hauke Mehrtens
aa00d11526 linux-firmware: pack Intel iwl FW separately
Do not create one big package with all the Intel firmware files
supported by the iwlwifi driver, but use a separate package for each
chip.

This also updates some 7000 and 8000 series firmware files to more
recent version. The older versions shipped are not supported by the
current driver any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-17 15:08:52 +02:00
Hauke Mehrtens
1b2c93988f mac80211: add dev_coredumpm() function
dev_coredumpm() was added with kernel 4.7, but it is used by iwlwifi.
When the dev coredump framework form compat-wireless is used this is not
a problem because it already contains this, but this is deactivated if
the build system finds out that it is already included in the kernel we
compile against. This option was now activated by the bluetooth driver
btmrvl. Having dev coredump in the kernel adds about 400 bytes to the
lzma compressed kernel for brcm47xx.

This is copied from a more recent backports version to add the
dev_coredumpm() function when the internal core devdump is not used.

Fixes: a5922f6 ("kernel: bluetooth: add marvell sdio bluetooth module")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-17 14:54:28 +02:00
Daniel Engberg
692aa82981 kernel: kmod-btmrvl: Add kmod-mmc as dependency
This fixes the build of this module and should fix the build bots.

Fixes: a5922f6 ("kernel: bluetooth: add marvell sdio bluetooth module")
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
[removed mveub dependency and update commit comment]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-17 10:42:07 +02:00
Florian Fainelli
ef485bb23d dnsmasq: Pass TARGET_CPPFLAGS to Makefile
With the introduction of the ubus notifications, we would now fail building
dnsmasq with external toolchains that don't automatically search for headers.
Pass TARGET_CPPFLAGS to the Makefile to resolve that.

Fixes: 34a206bc11 ("dnsmasq: add ubus notifications for new leases")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-09-16 16:38:19 -07:00
Henryk Heisig
a5922f6c46 kernel: bluetooth: add marvell sdio bluetooth module
This commit add support for Marvell bluetooth with SDIO interface.

Signed-off-by: Henryk Heisig <hyniu@o2.pl>
[Fix KCONFIG and FILES option]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-17 00:59:55 +02:00
Henryk Heisig
8637110189 linux-firmware: update to the commit from 2017-09-06
update firmware mrvl/sd8887_uapsta.bin

Signed-off-by: Henryk Heisig <hyniu@o2.pl>
[update to version 2017-09-06]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-09-17 00:59:41 +02:00
Daniel Engberg
5b1660a538 utils/e2fsprogs: Update to 1.43.6
Update e2fsprogs to 1.43.6
Disable compilation of fuse2fs (we don't package it)
Disable thread support (only affects fuse2fs)
Enable linking with libblkid instead of using private (included) version.
The libblkid is ~210KBytes in size, but with using the shared library
the binaries are ~25KBytes smaller. This also brings it in sync with
most other Linux distributions.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-09-17 00:26:52 +02:00
Philip Prindeville
344fde35e3 kernel: add packaging for Xeon iTCO watchdog timer
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-09-17 00:08:00 +02:00
Kabuli Chana
010cddc2b0 mwlwifi: update to version 10.3.4.0 / 2017-08-10
Update mwlwifi

Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
2017-09-17 00:07:36 +02:00
Alexandru Ardelean
7bc80364b7 libs/wolfssl: bump to version 3.12.0 ; add myself as maintainer
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-09-17 00:00:12 +02:00
Alexandru Ardelean
41706d05b9 libs/wolfssl: adjust symbol defaults against libwolfssl defaults
Some symbols have been renamed.
Some are default enabled/disabled, so we need
to adjust semantics against that.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-09-17 00:00:12 +02:00
Alexandru Ardelean
8334a23679 libs/wolfssl: disable hardening check in settings.h
This seems to cause a false-positive warning/error
while building `libwebsockets-cyassl`.

```
make[6]: Leaving directory '/home/sandu/work/lede/build_dir/target-x86_64_musl/libwebsockets-cyassl/libwebsockets-2.2.1'
make[6]: Entering directory '/home/sandu/work/lede/build_dir/target-x86_64_musl/libwebsockets-cyassl/libwebsockets-2.2.1'
[  2%] Building C object CMakeFiles/websockets.dir/lib/base64-decode.c.o
In file included from /home/sandu/work/lede/staging_dir/target-x86_64_musl/usr/include/wolfssl/ssl.h:31:0,
                 from /home/sandu/work/lede/staging_dir/target-x86_64_musl/usr/include/cyassl/ssl.h:33,
                 from /home/sandu/work/lede/staging_dir/target-x86_64_musl/usr/include/cyassl/openssl/ssl.h:30,
                 from /home/sandu/work/lede/build_dir/target-x86_64_musl/libwebsockets-cyassl/libwebsockets-2.2.1/lib/private-libwebsockets.h:256,
                 from /home/sandu/work/lede/build_dir/target-x86_64_musl/libwebsockets-cyassl/libwebsockets-2.2.1/lib/base64-decode.c:43:
/home/sandu/work/lede/staging_dir/target-x86_64_musl/usr/include/wolfssl/wolfcrypt/settings.h:1642:14: error: #warning "For timing resistance / side-channel attack prevention consider using harden options" [-Werror=cpp]
             #warning "For timing resistance / side-channel attack prevention consider using harden options"

```

Hardening is enabled by default in libwolfssl at build-time.

However, the `settings.h` header is exported (along with other headers)
for build (via Build/InstallDev).

This looks like a small bug/issue with wolfssl.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-09-17 00:00:12 +02:00
Alexandru Ardelean
d03c23c8d4 cyassl,curl,libustream-ssl: rename every cyassl to wolfssl
This is to eliminate any ambiguity about the cyassl/wolfssl lib.

The rename happened some time ago (~3+ years).
As time goes by, people will start to forget cyassl and
start to get confused about the wolfSSL vs cyassl thing.

It's a good idea to keep up with the times (moving forward).

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-09-17 00:00:12 +02:00
Alexandru Ardelean
560b7334ec libs/wolfssl: add libcysassl to PROVIDES field (for backwards compat)
Until other packages from feeds decide to rename the
dependency of `+libcyassl` to `+libwolfssl`, this allows
for a bit of backwards compatibility with those packages.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-09-17 00:00:12 +02:00
Alexandru Ardelean
ad510c4d62 wwan: json format in some modem definitions
Method used:
```
cd package/network/utils/wwan/files/data
sed -e 's/}}/}/g' -i *
sed -e 's/}\t"acm": 1/\t"acm": 1/g' -i *
sed -e 's/}\t"generic": 1/\t"generic": 1/g' -i *
```

Manually adjusted commas.
Validated with
```
for f in `ls` ; do echo $f ; python -m json.tool < $f || break ; done
```

Thanks to @lynxis for pointing out the commas.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-09-16 23:04:46 +02:00
Karl Palsson
ae57675bba odhcpd: don't enable server mode on non-static lan port
Instead of blindly enabling the odhcpd v6 server and RA server on the
lan port, only do that if the lan port protocol is "static"

This prevents the unhelpful case of a device being a dhcpv4 client and
v6 server on the same ethernet port.

Signed-off-by: Karl Palsson <karlp@etactica.com>
[PKG_SOURCE_DATE increase; odhcpd.defaults script cleanup]
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-16 09:37:50 +02:00
Hans Dedecker
c88770c766 odhcpd: update to git HEAD version
f0bce9c dhcpv4: fix memset compile issue
0ba3278 dhcpv4: rework assignment lookup
e3b49f3 dhcpv4: cleanup dhcpv4_test usage
47fe122 dhcpv4: rework lease expire handling logic
028ab85 dhcpv4: force renew nonce authentication support
a827fca dhcpv4: avoid segfault when there's no IPv4 prefix
bea088b ndp: detect ifindex changes via interface netlink events
f66103e ubus: display accept reconf status for DHCPv6 assignments
f0e354b treewide: replace RELAYD prefix naming in macros
1a313f9 dhcpv4: fix possible segfault when lease is not created
e2d6eb4 dhcpv4: dhcpv4: move interface lease list insertion out of dhcpv4_assign

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-13 22:32:52 +02:00
Lorenzo Santina
fd84ecda7d treewide: fix shellscript syntax errors/typos
Fix multiple syntax errors in shelscripts (of packages only)
These errors were causing many conditions to not working properly

Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
[increase PKG_RELEASE, drop command substitution from directip.sh]
Signed-off-by: Mathias Kresin <dev@kresin.em>
2017-09-13 08:07:54 +02:00
Kevin Darbyshire-Bryant
7765e442d0 basefiles: allow suid coredumps
Set sysctl fs.suid_dumpable = 2

This allows suid processes to dump core according to kernel.core_pattern
setting.  LEDE typically uses suid to drop root priviledge rather than
gain it but without this setting any suid process would be unable to
produce coredumps (e.g. dnsmasq)

Processes still need to set a non zero core file process limit ('ulimit
-c unlimited' or if procd used 'procd_set_param limits
core="unlimited"') in order to produce a core.  This setting removes an
obscure stumbling block along the way.

>From https://www.kernel.org/doc/Documentation/sysctl/fs.txt

suid_dumpable:

This value can be used to query and set the core dump mode for setuid
or otherwise protected/tainted binaries. The modes are

0 - (default) - traditional behaviour. Any process which has changed
	privilege levels or is execute only will not be dumped.
1 - (debug) - all processes dump core when possible. The core dump is
	owned by the current user and no security is applied. This is
	intended for system debugging situations only. Ptrace is unchecked.
	This is insecure as it allows regular users to examine the memory
	contents of privileged processes.
2 - (suidsafe) - any binary which normally would not be dumped is dumped
	anyway, but only if the "core_pattern" kernel sysctl is set to
	either a pipe handler or a fully qualified path. (For more details
	on this limitation, see CVE-2006-2451.) This mode is appropriate
	when administrators are attempting to debug problems in a normal
	environment, and either have a core dump pipe handler that knows
	to treat privileged core dumps with care, or specific directory
	defined for catching core dumps. If a core dump happens without
	a pipe handler or fully qualifid path, a message will be emitted
	to syslog warning about the lack of a correct setting.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
2017-09-12 22:18:45 +02:00
Toke Høiland-Jørgensen
76c3a033f6 ath10k: Re-enable intermediate softqueues for all devices
The upstream ath10k driver disables the intermediate softqueues for some
devices. This patch reverts that behaviour and always enables the
softqueues (and associated bufferbloat fixes). We have had reports of people
running this with good results:
https://lists.bufferbloat.net/pipermail/make-wifi-fast/2017-September/001497.html

This also refreshes mac80211 patches.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2017-09-11 17:16:17 +02:00
Stijn Tintel
c11762e435 strace: bump to 4.19
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-11 01:56:14 +02:00
Kevin Darbyshire-Bryant
69ac637fbb mbedtls: update to 2.6.0 CVE-2017-14032
Fixed an authentication bypass issue in SSL/TLS. When the TLS
authentication mode was set to 'optional',
mbedtls_ssl_get_verify_result() would incorrectly return 0 when the
peer's X.509 certificate chain had more than
MBEDTLS_X509_MAX_INTERMEDIATE_CA intermediates (default: 8), even when
it was not trusted. This could be triggered remotely on both the client
and server side. (Note, with the authentication mode set by
mbedtls_ssl_conf_authmode()to be 'required' (the default), the handshake
was correctly aborted).

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Tested-by: Magnus Kroken <mkroken@gmail.com>
2017-09-11 01:56:14 +02:00
Stijn Tintel
21014d9708 tcpdump: bump to 4.9.2
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-11 01:56:14 +02:00
Stijn Tintel
910e3bed12 lldpd: bump to 0.9.8
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-11 01:56:14 +02:00
Lorenzo Santina
bd24d53ea2 hostapd: fix iapp_interface option
ifname variable were not assigned due to syntax error
causing the hostapd config file to have an empty iapp_interface= option

Signed-off-by: Lorenzo Santina <lorenzo.santina.dev@gmail.com>
2017-09-10 08:30:32 +02:00
Kevin Darbyshire-Bryant
5629904ea8 dnsmasq: backport arcount edns0 fix
Don't return arcount=1 if EDNS0 RR won't fit in the packet.

Omitting the EDNS0 RR but setting arcount gives a malformed packet.
Also, don't accept UDP packet size less than 512 in received EDNS0.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-09-08 10:07:04 +02:00
Kevin Darbyshire-Bryant
9a753c49ea dnsmasq: backport official fix for CVE-2017-13704
Remove LEDE partial fix for CVE-2017-13704.

Backport official fix from upstream.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (PKG_RELEASE increase)
2017-09-07 08:09:54 +02:00
Matthias Schiffer
f12a5b8f6d
uclient: update to 2017-09-06
24d6eded73de uclient-http: fix Host: header for literal IPv6 addresses
83ce236dab86 uclient-fetch: read_data_cb: fix a potential buffer overflow

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-09-06 15:46:03 +02:00
Hans Dedecker
995193ccdb odhcp6c: add workaround for broken extendprefix scenario
Extendprefix is typically used to extend an IPv6 RA prefix from a mobile
wan link to the LAN; such scenario requires correct RA prefix settings
like the on link flag not being set.
However some mobile manufacter set the RA prefix on link flag which breaks
basic IPv6 routing.
Work around this issue by filtering out the route being equal to the
extended prefix.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-05 14:46:18 +02:00
John Crispin
5117911d91 ramips: fix mt76x8 dependencies
The commit merging mt7628 and mt7688 failed to update some
dependencies.

Signed-off-by: John Crispin <john@phrozen.org>
2017-09-05 08:08:36 +02:00
Hans Dedecker
05c3647d35 odhcp6c: add ra_holdoff config option and update to git HEAD version (FS#964)
51733a6 ra: align RA update interval with RFC4861 (FS#964)

Add ra_holdoff config option which allows to configure the RA minimum
update interval which is by default 3 seconds as stated in RFC4861.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-03 21:34:48 +02:00
Stijn Tintel
ef255fc57e base-files: add /etc/profile.d to conffiles
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-03 01:27:46 +03:00
Stijn Tintel
8446d3de05 base-files: order conffiles alphabetically
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-03 01:27:46 +03:00
Hans Dedecker
80e2ee3e64 ubox: update to git HEAD version
b1bc8d5 kmodloader: log error message in case of out of memory
f346111 kmodloader: lift restriction on module alias info
f1ef2c3 kmodloader: fix possible segfaults
9cb63df kmodloader: fix endianess check
2cff779 kmodloader: Check module endian before loading
d54f38a kmodloader/get_module_info: initialized aliases to make it more clean
a0b6fef kmodloader: insmod: fix a memoryleak in error case
278c4c4 kmodloader/get_module_name: null-terminate the string
16f7e16 syslog: remove unnecessary sizeof struct between messages

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-01 16:05:59 +02:00
Karl Palsson
7a423c389a procd: mdns: Support txt values with spaces
Properly quote the arguments so that you can register a service with TXT
entries that contains spaces.

Example:
   procd_add_mdns myservice tcp 9999 "key=descriptive text field 1" \
         "another=something equally verbose"

Output before:
$ avahi-browse -r -v _myservice._tcp
_myservice._tcp      local
   hostname = [blah.local]
   address = [192.168.255.74]
   port = [9999]
   txt = ["verbose" "equally" "another=something" "1" "field" "text" "key=descriptive"]

Output now:
$ avahi-browse -r -v _myservice._tcp
_myservice._tcp      local
   hostname = [blah.local]
   address = [192.168.255.74]
   port = [9999]
   txt = ["another=something equally verbose" "key=descriptive text field 1"]

Signed-off-by: Karl Palsson <karlp@etactica.com>
2017-09-01 08:58:09 +02:00
John Crispin
12930fc045 Revert "dropbear: Link ssh and scp command to /bin instead of /usr/bin"
This reverts commit f7528ed0a8.

Signed-off-by: John Crispin <john@phrozen.org>
2017-08-31 21:09:13 +02:00
Rosen Penev
f7528ed0a8 dropbear: Link ssh and scp command to /bin instead of /usr/bin
ssh and scp commands interfere with OpenSSH when installed in /usr/bin .

One use case is when installing dropbear to get root access when only OpenSSH is available (OpenSSH disallows root password logins). Once dropbear installs, it replaces OpenSSH's executables, even when removed with opkg. OpenSSH must be reinstalled to get them back.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-08-31 19:14:43 +02:00
Magnus Kroken
89f8a01dab busybox: update to 1.27.2
Refresh patches, delete patches backported from upstream.

This fixes ntpd sync issues (ntpd would not sync if the first provided
peer address was unreachable).

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-08-30 22:34:41 +02:00
Ram Chandra Jangir
9adfeccd84 uboot-envtools: Add support for IPQ806x AP148 and DB149
IPQ806x AP148 and DB149 boards didn't have the UCI ubootenv
section initialized, so the usage of fw_printenv required manual
configuration. With this change, the "fw_printenv" and "fw_setenv"
command will automatically work on NOR and NAND based platforms.

Signed-off-by: Ram Chandra Jangir <rjangir@codeaurora.org>
2017-08-30 18:12:48 +02:00
Daniel Golle
a3c0d5f70a busybox: move passwd applet to /bin
busybox currently installs passwd into /usr/bin which prevents its
'full' shadow-utils variant from being installed.
Move the passwd applet to /bin to avoid that collision.
shadow also provides /usr/bin/login which doesn't collide with busybox
as the busybox login applet is installed at /bin/login.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-08-30 18:12:48 +02:00
Daniel Golle
a63eb74bce busybox: move traceroute applets to /bin
busybox currently installs traceroute and traceroute6 into /usr/bin
which prevents their 'full' iputils variants from being installed.
Move those applets to /bin so they can coexist with their iputils
siblings using the same PATH convention already applied for coreutils
and other drop-in 'full' versions.
Refresh existing patch while at it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-08-30 18:12:48 +02:00
Rosen Penev
343e3d2ba8 samba36: Remove syslog and load printers lines.
printer support is removed using 200-remove_printer_support.patch. the syslog parameter requires samba to be compiled with --with-syslog. Currently samba does not log to syslog and probably has not for a long time.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-08-30 18:12:48 +02:00
Rosen Penev
b2f60e6a72 samba36: Don't resolve interfaces.
It's redundant and also buggy. IPv6 link local addresses and ::1 are not resolved for example. Doesn't matter since lo and br-lan for example, resolve to them.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-08-30 17:05:10 +02:00
Rosen Penev
ccb79a310c samba36: Remove guest ok since LuCI configures it.
guest ok is set per share and as such, don't override it. also, fix an error introduced in the last commit.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-08-30 17:05:10 +02:00
Kevin Darbyshire-Bryant
ca79337306 dnsmasq: forward.c: fix CVE-2017-13704
Fix SIGSEGV in rfc1035.c answer_request() line 1228 where memset()
is called with header & limit pointing at the same address and thus
tries to clear memory from before the buffer begins.

answer_request() is called with an invalid edns packet size provided by
the client.  Ensure the udp_size provided by the client is bounded by
512 and configured maximum as per RFC 6891 6.2.3 "Values lower than 512
MUST be treated as equal to 512"

The client that exposed the problem provided a payload udp size of 0.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-30 17:05:10 +02:00
Hans Dedecker
7a9410618d netifd: update to git HEAD version
7d94ede system-linux: parse map-e fmrs parameters as nested data json object

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-29 21:19:29 +02:00
Hans Dedecker
1b3ded7225 map: use nested json data object to store map-e fmrs parameters
Replace the string array containing the fmrs parameters by a nested data
json object holding an array of fmrs parameters

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-29 21:10:39 +02:00
Daniel Golle
289d190f66 lantiq: ltq-ptm: fix ADSL showtime handler
commit 2d6c7c2526 introduced a reference to g_xdata_addr which isn't
defined in that context. Use xdata_addr here instead.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-08-29 02:20:45 +02:00
Hans Dedecker
4b3ffecf2b map: fix boolean argument passed to blobmsg_check_attr in mapcalc
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-26 23:34:14 +02:00
Hans Dedecker
6c9e2d4a68 dnsmasq: fix indentation
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-25 14:29:19 +02:00
Kuang Rufan
1e6e37c4f6 dnsmasq: add support for multiple tags for each host.
Currently, dnsmasq support assigning multiple tags to a host record
(--dhcp-host), but we only support only 1 tag for a host. The commit
makes the following config to be valid:

  config host
      option name 'computer'
      option mac '00:11:22:33:44:55'
      option ip '192.168.1.100'
      list tag 'vendor_class'
      list tag 'vendor_id'

  config tag 'vendor_class'
      list dhcp_option 'option:vendor-class,00:...<omitted>'

  config tag 'vendor_id'
      option force '1'
      list dhcp_option 'option:vendor-id-encap,00:...<omitted>'

Signed-off-by: Kuang Rufan <kuangrufan@pset.suntec.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-25 14:28:49 +02:00
Stijn Tintel
cdb494fdc2 f2fs-tools: fix mkfs.f2fs on big-endian systems
Fixes: FS#749

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-08-25 10:19:06 +03:00
Stijn Tintel
252c8ddf14 f2fs-tools: drop musl compat patch
It is no longer needed since version 1.4.1.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-08-25 10:19:06 +03:00
Stijn Tintel
d87f27af54 f2fs-tools: drop patch in favour of CONFIGURE_VARS
Override the failing check in configure with CONFIGURE_VARS instead of
carrying a patch that's unlikely to be accepted by upstream.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2017-08-25 10:19:06 +03:00
Hans Dedecker
7a8909411c map: add ealen as configurable uci parameter
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-24 20:56:07 +02:00
Koen Vandeputte
f47c41cff9 xtables-addons: update to version 2.13
Changes:

89d1b80 xt_condition: namespace support #2
c839e87 xt_geoip: check for allocation overflow
a587f95 compat_xtables: use more accurate printf format for NIPQUAD
1874fcd xt_DNETMAP: fix a buffer overflow
21ea7b7 xt_LOGMARK: resolve new gcc7 warnings
ee8da2b build: support for Linux 4.12
19a4359 xt_condition: add support for namespaces
1b37966 xt_psd: resolve compiler warning

Tested on cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2017-08-24 08:38:39 +02:00
John Crispin
d99c52765d Revert "iputils: switch to new upstream"
This reverts commit 77d3ac8e3e.
This reverts commit e665b3df2a.

Signed-off-by: John Crispin <john@phrozen.org>
2017-08-24 08:09:14 +02:00
Philip Prindeville
fc48aebdc1 iperf3: add SSL variant for iperf_auth feature
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-08-23 20:35:16 +02:00
Philip Prindeville
d55fff4ae7 iperf3: update to 3.2
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-08-23 20:35:16 +02:00
John Crispin
e665b3df2a iputils: update sha256sum
Signed-off-by: John Crispin <john@phrozen.org>
2017-08-23 19:34:24 +02:00
Philip Prindeville
5c2c0f8a32 util-linux: don't need to build NLS support
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-08-23 18:36:22 +02:00
Andreas Ziegler
b69705b38a ath10k-firmware: update qca9887 firmware to 10.2.4-1.0-00029
Signed-off-by: Andreas Ziegler <github@andreas-ziegler.de>
2017-08-23 16:34:21 +02:00
John Crispin
77d3ac8e3e iputils: switch to new upstream
Signed-off-by: John Crispin <john@phrozen.org>
2017-08-23 16:31:35 +02:00
Ansuel Smith
f099803eb5 samba36-net: new package
Samba could also be usefull for sending commands to windows pc (like shoutdown command). This new package add the bin to include this kind of command to the samba package.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-08-23 15:08:39 +02:00
Jo-Philipp Wich
4fce22e88f util-linux: add missing dependencies
Commit e505f59bd9 "utils/util-linux: Update to 2.30.1" bumped util-linux
without properly adjusting the dependencies of all applets.

Add missing ncursesw dependencies to sfdisk and dmesg applets to fix
packaging issues.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-08-23 11:34:25 +02:00
Rafał Miłecki
8de57c9746 iwinfo: update to the latest git HEAD
c1a03e8 nl80211: request split information about frequencies
5638567 nl80211: store info about freq being not available for some bandwidths
ce51cb8 Allow storing more info about each frequency
5c10efa nl80211: support receiving split frequencies
335967c nl80211: improve error handling
ab089dd nl80211: propagate netlink errors to callers
7bba117 nl80211: handle netlink errors in nl80211_wait()
d22c64c iwinfo: add device id for Ubiquiti NanoStation Loco M2

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-08-23 11:19:28 +02:00
Jo-Philipp Wich
0168ba2e07 Revert "busybox: ash/hush fix for read-builtin command"
Revert this commit as it introduces a patchfile at a wrong location.
Since the patch was never effective, we can assume that this particular
commit was not properly tested.

This reverts commit dde9da46c1.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-08-23 10:58:10 +02:00
John Crispin
4cac13f8e2 Revert "xtables-addons: fix nathelper-rtsp dependencies"
This reverts commit e2ef80130e.

Signed-off-by: John Crispin <john@phrozen.org>
2017-08-23 09:54:53 +02:00
Philip Prindeville
e2ef80130e xtables-addons: fix nathelper-rtsp dependencies
Both nf_conntrack and nf_nat need to be called out.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-08-22 21:31:39 +02:00
John Crispin
6b44d9785f procd: update to latest git HEAD
54b46a3 procd: send ubus notify when a config file has changed

Signed-off-by: John Crispin <john@phrozen.org>
2017-08-22 21:31:39 +02:00
John Crispin
34a206bc11 dnsmasq: add ubus notifications for new leases
Signed-off-by: John Crispin <john@phrozen.org>
2017-08-22 21:31:39 +02:00
John Crispin
d18e0dc7d1 hostapd: add additional ubus notifications
Signed-off-by: John Crispin <john@phrozen.org>
2017-08-22 21:31:39 +02:00
BangLang Huang
69da83d9f1 nvram: add help message for nvram magic not found
The program would failed if nvram magic not found
in specific partition.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
2017-08-22 14:31:32 +02:00
BangLang Huang
c7e2a6fe92 nvram: improve argument check when program start
print help message when argument count is less
than 2.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
2017-08-22 14:31:32 +02:00
BangLang Huang
2a253e7cdb nvram: add usage() function
Merge the help message into a single function,
so that we can use it somewhere else.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
2017-08-22 14:31:32 +02:00
BangLang Huang
1948d8e08c nvram: fix memory leak
Fix memory leak on nvram_open() and nvram_open_rdonly().

For nvram_open(), the 'fd' should be closed on error, and
mmap_area should be unmap when nvram magic can not be found.

For nvram_open_rdonly(), the 'file' variable should free before
return. Once nvram_find_mtd() return successfully, it will allocate
memory to save mtd device string.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
2017-08-22 14:31:32 +02:00
John Crispin
e622b30730 netifd: update to latest git HEAD
b5731bf allow setting rps/xps defualt values via uci
2a29d1a system: remove unused 6rd tunnel attributes
e627542 netifd: allow negative neighlocktime values
e41382c system-linux: parse ipv6 specific tunnel settings as nested data json object

Signed-off-by: John Crispin <john@phrozen.org>
2017-08-22 09:17:14 +02:00
Furong Xu
5a22df69e4 gpio-button-hotplug: leave platform_device.dev.platform_data untouched
get platform_data from gpio_keys_button_dev.pdata, and fix a illegal pointer
dereference like this:

[   51.143776] gpio-keys-polled gpio-keys-polled: missing poll_interval value
[   51.150852] gpio-keys-polled: probe of gpio-keys-polled failed with error -22
[  828.159993] gpio-keys-polled gpio-keys-polled: no memory for button data
[  828.166821] gpio-keys-polled: probe of gpio-keys-polled failed with error -12

Signed-off-by: Furong Xu <xfr@outlook.com>
2017-08-21 21:29:52 +02:00
Daniel Engberg
e505f59bd9 utils/util-linux: Update to 2.30.1
Refresh patch

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-08-21 21:29:45 +02:00
Carl-Daniel Hailfinger
3e6d303d61 uboot-lantiq: Enable TFTP PUT support for backups
Backing up the current firmware from U-Boot over serial can take hours.
Booting a working Linux image for backup purposes is not always an option.
Using the tftpput command in U-Boot is the fastest and easiest way.

tftpput will upload the contents of a memory region to the TFTP server.
The IP address of the server is stored in the serverip variable.

Usage:
tftpput <memaddr> <length> <filename>

Example for a complete flash backup of an o2 Box 6431 (VGV7510KW22):
VGV7510KW22 # tftpput 0xB0000000 0x1000000 o2boxbackup.bin

Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@gmx.net>
2017-08-18 18:47:27 +02:00
Christian Schoenebeck
a2a226e6e8 ca-certificates: Update to 20170717
Update to 20170717

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2017-08-18 18:44:38 +02:00
Florian Eckert
5209cfa534 procd: fix hotplug.json syntax
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2017-08-18 18:43:54 +02:00
Florian Eckert
a307480e2d procd: fix hotplug-preinit.json syntax
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2017-08-18 18:43:54 +02:00
Hans Dedecker
736950e947 odhcpd: update to latest git HEAD
94e65ee ndp: use IPv4 address list when comparing IPv4 addresses
ff5020d dhcpv6-ia: rework reconfigure accept logic

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-16 21:25:16 +02:00
Stijn Tintel
e7373e489d wpa_supplicant: log to syslog instead of stdout
While debugging an issue with a client device, wpa_supplicant did not
seem to log anything at all. Make wpa_supplicant log to syslog instead
of stdout, to make debugging easier and to be consistent with hostapd.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-08-10 16:35:53 +02:00
Stijn Tintel
3e9c06d78c brcm2708-gpu-fw: update to latest version
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-08-10 16:34:15 +02:00
Rafał Miłecki
1e13c6f77f base-files: drop unused preinit_echo function
It isn't used for years since the old 99_10_run_init has been dropped.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-08-09 23:23:06 +02:00
Hauke Mehrtens
779227d5ee nftables: remove date from version
We are using the normal 0.7 version of nftables, do not add an
additional date to the version number.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-08-09 23:20:56 +02:00
Daniel Engberg
10c443728d utils/e2fsprogs: Update to 1.43.5
Update e2fsprogs to 1.43.5

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-08-09 23:20:56 +02:00
Rafał Miłecki
f41dd32722 base-files: don't setup network in preinit if failsafe is disabled
With failsafe disabled there is no point in early network setup. We
don't send announcement over UDP and there is no way to ssh to the
device.

A side effect of this is avoiding a possibly incorrect network config
(only with failsafe disabled). This problem is related to possible
changes made by user in /etc/config/network.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-08-09 23:18:59 +02:00
Hans Dedecker
0b7f7606dd procd: update to the latest git HEAD
a17e1e8 watchdog: fix inline watchdog_get_magicclose function prototype

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-08 14:52:56 +02:00
Martin Schiller
2da6c85c80 ltq-vdsl-app: add support for auto xfer_mode and auto line_mode
If xfer_mode is set to auto the vdsl_cpe_control daemon assumes that
ATM should be used for ADSL and PTM for VDSL.

xfer_mode and line_mode can be set to fixed value independantly from
each other.

The syntax for the tc_layer argument of vdsl_cpe_control is as follow:

-T<TcADSL>:<TcCfgUsADSL>:<TcCfgDsADSL>_<TcVDSL>:<TcCfgUsVDSL>:<TcCfgDsVDSL>

where TcADSL and TcVDSL can be: 1=ATM, 2=PTM/EFM, 4=Auto TC-Layer

and TcCfgUsADSL, TcCfgUsVDSL, TcCfgDsADSL, TcCfgDsVDSL can be:
1=64/65-octet encapsulation supported
2=64/65-octet encapsulation with pre-emption
3=64/65-octet encapsulation with short packets

Default: In case of no '-T' option is given, ADSL will be configured
in ATM and VDSL in PTM/EFM: -T1:0x1:0x1_2:0x1:0x1

The '-M' argument of dsl_cpe_control defines the initial DSL mode
(NextMode) for ADSL/VDSL multimode handling.

Possible Values: 0=API-default, 1=ADSL, 2=VDSL

Default: In case of no '-M' option is given, '0' (API-default) will
be selected.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2017-08-06 09:22:03 +02:00
Martin Schiller
f6254a215e ltq-vdsl-app: mask out ADSL bits when VDSL is requested
If the line_mode is fixed configured to vdsl, than only G.993 VDSL
should be used.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2017-08-06 09:22:03 +02:00
Martin Schiller
c6504327d1 ltq-vdsl-app: use notification based ATM/PTM driver load
This patch removes the fixed atm/ptm driver loading and
switches to notification based driver loading.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2017-08-06 09:22:03 +02:00
Martin Schiller
2d6c7c2526 lantiq: ltq-atm/ltq-ptm: fix showtime handling on driver load
This is needed to be able to load the ltq-atm/ltq-ptm driver
from a notify script during synchronization, because the line can
reach showtime state before the driver is fully loaded.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2017-08-06 09:22:03 +02:00
Mathias Kresin
a94555ce24 ltq-xdsl-app: drop esi call
The esi call was added to workaround a race condition between applying
a configured mac address to the wan interface and starting the protocol
(handler) as it was observed in a DHCP over ATM bridge configuration.

Martin Schiller, TDT GmbH was so kind to test with their local
infrastructure if the race condition still exists. The provided package
dumps captured behind the DSLAM shows that it doesn't. It was most
likely fixed with adding carrier support to the lantiq ptm/atm driver.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-08-06 09:22:03 +02:00
Florian Eckert
c31f0421ce base-files: suppress uci not found output in login.sh
Fix "uci: Entry not found" output if "ttylogin" is not set in
"etc/config/system"

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2017-08-04 23:11:19 +02:00
Hans Dedecker
fea89fa25b odhcpd: update to latest git HEAD (FS#402, FS#524)
296b4a0 dhcpv6: assign all viable DHCPv6 addresses by default (FS#402, FS#524)
f4d38e0 treewide: reflect managed mode is related to RA

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-03 21:25:32 +02:00
Mathias Kresin
60f6c2b2eb ramips: drop Edimax BR-6425 support
Code to build an image for the Edimax BR-6425 never existed.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-08-03 00:07:56 +02:00
John Crispin
d0fb048b0e procd: update to latest git HEAD
f062b30 procd: Do not leak pipe file descriptors to children

Signed-off-by: John Crispin <john@phrozen.org>
2017-07-31 19:20:16 +02:00
John Crispin
0c1420b3fe fstools: update to latest git HEAD
8ab4fda fstools: add btrfs support

Signed-off-by: John Crispin <john@phrozen.org>
2017-07-31 19:16:39 +02:00
Lucian Cristian
b90fb5ffe1 openssl: update to version 1.0.2l
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2017-07-28 23:07:17 +02:00
Daniel Engberg
911331ad0f tcpdump: Update to 4.9.1
Update tcpdump to 4.9.1

Fixes:
 * CVE-2017-11108: Fix bounds checking for STP.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-07-28 23:07:00 +02:00
Jo-Philipp Wich
eb43a817f7 opkg: bump to version 2017-07-28
Commits since last 2017-07-11:

4bd8601 pkg_parse: fix segfault when parsing descriptions with leading newlines

Fixes FS#933.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-28 13:21:30 +02:00
Uwe Arnold
ecfca0eda2 kernel: netfilter: fix nf-nathelper(-extra) description
The tftp and irc netfilter modules are provided by nf-nathelper-extra
and not by nf-nathelper.

Signed-off-by: Uwe Arnold <donvipre@gmail.com>
[move the irc module as well]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-07-25 21:02:53 +02:00
Felix Fietkau
ea72f22bdf ath9k: fix regression in multicast buffering fix
Update the more data flag on the last frame, but tx from the first frame
on.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-07-25 19:48:18 +02:00
Felix Fietkau
35868234e7 ath9k: fix typo in US tx power reduction fix
Use max_t instead of min_t to prevent the value from going below zero

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-07-25 09:14:05 +02:00
Felix Fietkau
22a74ed310 ath9k: fix more-data flag for buffered multicast packets
The flag needs to be cleared for the last packet in the list, not the
first one. Fixes some issues with multicast packet loss for powersave
clients connected to an ath9k AP.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-07-24 10:48:26 +02:00
Felix Fietkau
9b6585b11a ath9k: adjust tx power reduction for US regulatory domain
FCC regulatory rules allow for up to 3 dBi antenna gain. Account for
this in the EEPROM based tx power reduction code.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-07-24 10:47:55 +02:00
Piotr Dymacz
8223dac99a uboot-envtools: add support for ALFA Network AP121F
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-07-22 23:14:06 +02:00
Rosen Penev
9dcb3fe7eb samba36: Remove legacy options
Browseable is now set through LuCI per share, so remove it. Same with
writeable (inverted synonym for read only). domain master and preferred
master seem to be legacy settings for Windows 9x. encrypt passwords
defaults to yes. Probably should not be disabled either.

Also reordered alphabetically.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[rewrap commit message, fix SoB, fix author, bump pkg revsion]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-22 16:55:01 +02:00
Jo-Philipp Wich
636dc8750b mwlwifi: update to version 10.3.4.0 / 2017-07-13
Ref: https://github.com/lede-project/source/pull/1217
Reported-by: Kabuli Chana <newtownBuild@gmail.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-22 16:19:00 +02:00
Stijn Tintel
97eb8abec0 netifd: update to git HEAD
d397e8c netifd: Fix printf calls + function declarations.
34afb76 system-linux: fix GRE ikey/okey endianness

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-07-21 22:00:37 +02:00
Felix Fietkau
e3d135ab56 mt76: update to the latest version, fixes stability issues
8a649c3 mt7603: mac: code optimization
8dee788 mt7603: mac: stop netdev queues during watchdog reset
3c4c9a6 tx: move state check in mt76_txq_send_burst()

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-07-21 18:53:56 +02:00
Alexandru Ardelean
d9f7ae6cdb ipset: split libipset as a subpackage
Intent is to link against it, and have the option to
not install the ipset utility (if needed).

One example/use-case is keepalived (from package)
feeds, where it would be nice to just depend on a
`libipset` (sub)package.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-07-21 15:12:48 +02:00
Jo-Philipp Wich
d0f6a514b1 dnsmasq: introduce config support for forced DHCP options
Introduce a new UCI list setting `list dhcp_option_force` which is available
in sections of type `dnsmasq` and `dhcp`.

The `dhcp_option_force` setting has the same semantics as `dhcp_option` but
generates `dhcp-option-force` directives instead of `dhcp-option` ones in
emitted native configuration.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-21 08:09:45 +02:00
Matthias Schiffer
1ab227d688
base-files: upgrade: don't loop forever trying to kill processes
When processes don't die on SIGKILL (usually because of kernel bugs), it's
better to give up instead of looping forever.

upgraded will trigger a reboot in this case (and if this fails, a hardware
watchdog will eventually time out and reset the system, if present).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-20 21:41:33 +02:00
Matthias Schiffer
ae30673b10
procd: update to latest version
17026f4 system: return ubus error when sysupgrade_exec_upgraded() has failed
13f252f upgraded: Check chroot() return value
85ccb95 init: Check chroot return value in sysupgrade_exec_upgraded()
76dcbee upgraded: improve error handling
d749b2a upgraded: register stage2 process in uloop as intended

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-20 21:41:06 +02:00
Evgeniy Didin
8647f4f018 toolchain/arc: update to the most recent release arc-2017.03
arc-2017.03 is the most recent release toolchain for ARC cores
and it is based on upstream Binutils 2.28 and GCC 6.3.0

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: John Crispin <john@phrozen.org>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
2017-07-18 23:23:27 +02:00
Hans Dedecker
6f133a4402 dnsmasq: backport remove ping check of configured dhcp address
Remove ping check in DHCPDISCOVER case as too many buggy clients leave
an interface in configured state causing the ping check to fail.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-07-18 23:17:37 +02:00
Daniel Golle
cb2a3911e1
fstools: update to latest
0dfe61a block: support /dev/xvd* nodes
f038a61 libfstools: fix matching device name

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-07-16 22:32:46 +02:00
Mathias Kresin
f12a32630f treewide: use the generic board_name function
Use the generic function instead ot the target specific ones.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-07-15 23:13:34 +02:00
Mathias Kresin
ac3e05c5d7 treewide: populate boardname and model earlier
For targets using the generic board detection and board specific
settings in diag.sh, the board name is still unset at the time the
set_state() provided by diag.sh is called by 10_indicate_preinit.

Change the execution order to ensure the boardname is populated before
required the first time. Do the target specific board detection as
early as possible, directly followed by the generic one to allow a
seamless switch to the generic function for populating /tmp/sysinfo/.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-07-15 23:13:34 +02:00
Kevin Darbyshire-Bryant
c7f8bcede6 kmod-sched-cake: drop maintainer
Drop myself from maintainership of 'cake'.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-07-15 22:07:05 +02:00
Nick Brassel
eaf6f1532d nftables: Update to 0.7
Updated nftables to latest.

Signed-off-by: Nick Brassel <nick@tzarc.org>
2017-07-15 00:17:49 +02:00
Stijn Tintel
462ca4e059 zlib: use default Build/Configure rule
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-07-14 08:45:55 +02:00
Stijn Tintel
b3cba687a4 lzo: use default Build/Configure rule
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-07-14 08:45:40 +02:00
Alif M. Ahmad
683e73735e
curl: bump to version 7.54.1
Upgrade the curl package to latest version. Patches refreshed.

Signed-off-by: Alif M. Ahmad <alive4ever@live.com>
2017-07-14 03:10:38 +02:00
Yousong Zhou
254f0da6d2 opkg: bump to version 2017-07-11
Commits since last 2017-05-03

    52fc006 pkg_alternatives: pass if the desired symlink already exists
    c668fce opkg: add --no-check-certificate argument

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-07-12 11:18:24 +08:00
Alin Nastac
d8748e537f netfilter: add iptables-mod-rpfilter package
Unlike /proc/sys/net/ipv4/conf/INTF/rp_filter flag, rule iptables -t raw
-I PREROUTING -m rpfilter --invert -j DROP prevents conntrack table to
become full when a packet flood with randomly selected source IP addresses
is received from the lan side.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
2017-07-11 22:09:57 +02:00
Hans Dedecker
a35a27e8ef uci: update to the latest version
c4df32b file: remove redundant NULL check on return value of uci_realloc()
5d08b7f build: fix BUILD_STATIC
49ec6ef Fix skipping directories in uci_list_config_files
c203c2f Revert "mandatory anonymous section identifier"
0a1a2fc uci/lua: add explicit close() method
7daf942 uci/lua: add list_configs() function
fe45f97 test: adjust for auto-naming anonymous sections
2eb9c09 cli: remove now-defunct UCI_FLAG_EXPORT_NAME support
df72af4 mandatory anonymous section identifier

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-07-11 22:09:57 +02:00
Matthias Schiffer
438dcbfe74
base-files: automatically handle paths and symlinks for RAMFS_COPY_BIN
Depending on busybox applet selection, paths of basic utiilties may differ,
and may not work as symlinks to busybox. Simply using whatever binary is
found in PATH and detecting symlinks automatically is more robust and
easier to maintain.

The list of binaries is also slightly cleaned up and duplicates are
removed.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:26:32 +02:00
Matthias Schiffer
73f675415c
bcm53xx: upgrade: fix RAMFS_COPY_*
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:19:23 +02:00
Matthias Schiffer
7a29e44f90
base-files: upgrade: correctly handle nand_do_upgrade argument passed from preupgrade
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:19:23 +02:00
Jo-Philipp Wich
a89c36b508 dnsmasq: restore ability to include/exclude raw device names
Commit 5cd88f4 "dnsmasq: remove use of uci state for getting network ifname"
broke the ability to specify unmanaged network device names for inclusion
and exclusion in the uci configuration.

Restore support for raw device names by falling back to the input value
when "network_get_device" yields no result.

Fixes FS#876.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-10 11:02:27 +02:00
Daniel Golle
2be603783b ncurses: add libnucrses-dev package
It's needed to use the SDK and IB on an OpenWrt/LEDE host.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-07-08 23:19:31 +02:00
Matthias Schiffer
a81a082f5b
mtd-utils: use source package name for lzo in PKG_BUILD_DEPENDS
PKG_BUILD_DEPENDS should always refer to source package names.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-08 22:51:34 +02:00
Mathias Kresin
0b493ede1e acx-mac80211: remove cobalt reference
The cobalt target was removed with 22b38f145d.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-07-07 08:29:41 +02:00
Mathias Kresin
ad02f5618d acx-mac80211: disable for kernel 4.9+
Due to changes in the PCI subsystem this driver doesn't compile with
kernel 4.9.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-07-07 08:27:23 +02:00
Thomas Nixon
08cd5b769d lantiq: set up DSL front-end GPIOs if they exist
This is necessary for devices using the PSB80108/VRX220LD front-end
(currently only known on the Netgear DM200).

Signed-off-by: Thomas Nixon <tom@tomn.co.uk>
2017-07-07 07:13:24 +02:00
Hans Dedecker
e227bade26 odhcpd: update to the latest version
f0d78e7 ndp: optimize check_addr6_updates code
94afe3b ndp: fix syslog tracing for netlink neigbor and address events
18df6cc treewide: rework logic to retrieve IPv6 interface addresses
803b83e router: use enum to specify order and index of iov struct
5dad295 treewide: rework code to get rid of fixed IPv6 address arrays
3e4c8ad config: rework code to get rid of IFNAMSIZ usage
ab7813e treewide: use angle-brackets to include libubox header files

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-07-06 19:19:13 +02:00
Felix Fietkau
05d6e92594 mt76: update to the latest version
Fixes mt7603 stablity and performance issues

af32615 mt7603: change auto rate control register initialization
01fb9ba mt7603: fix control/status retries count estimation
cf4ba12 mt7603: avoid tx rate sampling using no retransmissions
32eab50 mt7603: set wtbl entry vif index
c4e3dea mt7603: use the real vif index in txwi header for normal tx.
e90a81a mt7603: fix channel width fall back in TXWI

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-07-05 20:30:30 +02:00
Daniel Golle
eb7c14d512 bzip2: add symlink to binary
Other distributions incl. the OpenWrt ImageBuilder and SDK
expect to find the bzip2 executable in /bin.
Create a symlink at that location for compatibility.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-07-05 16:27:40 +02:00
DUPONCHEEL Sébastien
f3ae0f80bd dnsmasq: dnsmasq --rev-server support
This is functionally the same as --server, but provides some syntactic sugar to
make specifying address-to-name queries easier.

For example --rev-server=1.2.3.0/24,192.168.0.1 is exactly equivalent to
--server=/3.2.1.in-addr.arpa/192.168.0.1

Signed-off-by: DUPONCHEEL Sébastien <sebastien.duponcheel@corp.ovh.com>
2017-07-03 22:08:21 +02:00
Camille Bilodeau
bdd3c94872 uboot-envtools: add Arduino Yun support
Signed-off-by: Camille Bilodeau <camille.bilodeau@protonmail.com>
2017-06-29 10:37:36 +02:00
Hans Dedecker
1d45ec2784 dhcpv6: add missing dollar sign in dhcpv6 script (FS#874)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-06-29 09:56:19 +02:00
Hans Dedecker
7d31fe6068 dnsmasq: backport patch fixing DNS failover (FS#841)
Backport upstream dnsmasq patch fixing DNS failover when first servers
returns REFUSED in strict mode; fixes issue FS#841.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-06-28 11:33:42 +02:00
Stijn Tintel
6371159b4a dropbear: add option to set max auth tries
Add a uci option to set the new max auth tries paramater in dropbear.
Set the default to 3, as 10 seems excessive.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-06-28 02:18:20 +02:00
Kevin Darbyshire-Bryant
9aaf3d3501 dropbear: server support option '-T' max auth tries
Add support for '-T n' for a run-time specification for maximum number
of authentication attempts where 'n' is between 1 and compile time
option MAX_AUTH_TRIES.

A default number of tries can be specified at compile time using
'DEFAULT_AUTH_TRIES' which itself defaults to MAX_AUTH_TRIES for
backwards compatibility.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-06-28 02:18:20 +02:00
Yury Shvedov
37c1513b1f hostapd: configure NAS ID regardless of encryption
RADIUS protocol could be used not only for authentication but for
accounting too. Accounting could be configured for any type of networks.
However there is no way to configure NAS Identifier for non-WPA
networks without this patch.

Signed-off-by: Yury Shvedov <yshvedov@wimarksystems.com>
[cleanup commit message]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-06-28 02:18:20 +02:00
Yury Shvedov
0e7bbcd43b hostapd: add acct_interval option
Make an ability to configure Accounting-Interim-Interval via UCI

Signed-off-by: Yury Shvedov <yshvedov@wimarksystems.com>
[add hostapd prefix, cleanup commit message]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-06-28 02:18:20 +02:00
John Crispin
6da4f03f02 ath10k-firmware: add qca9888 firmware
ath10k-firmware: add qca9888 firmware

the firmware files for qca9888 were previously not packaged. add the meta
information for doing so.

Signed-off-by: John Crispin <john@phrozen.org>
2017-06-27 11:47:07 +02:00
Hans Dedecker
f33de80232 dnsmasq: backport tweak ICMP ping logic for DHCPv4
Don't start ping-check of address in DHCP discover if there already
exists a lease for the address. It has been reported under some
circumstances android and netbooted windows devices can reply to
ICMP pings if they have a lease and thus block the allocation of
the IP address the device already has during boot.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-06-26 10:49:13 +02:00
Jo-Philipp Wich
2c5f16ecac procd: support term_timeout parameter
Expose "term_timeout" parameter in procd.sh to allow init scripts to
request a longer termination timeout.

This is required to fix FS#859 in a later commit.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-26 10:02:20 +02:00
Jo-Philipp Wich
124ab1dc0a procd: assign /dev/tty* nodes to "tty" group
Adjust default permissions and ownership of /dev/tty* nodes from
0600/root:root to 0660/root:tty in order to support granting
unprivileged user access when needed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-26 10:02:20 +02:00
Jo-Philipp Wich
5523ee3459 base-files: add "tty" user group
This is needed for an upcoming change to the hotplug default rules which
will cause /dev/tty* nodes to get assigned to the "tty" group in order
to support unprivileged user access when needed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-26 10:02:20 +02:00
Magnus Kroken
45f4f6649a openvpn: update to 2.4.3
Fixes for security and other issues. See security announcement for more details:
https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243

* Remotely-triggerable ASSERT() on malformed IPv6 packet (CVE-2017-7508)
* Pre-authentication remote crash/information disclosure for clients (CVE-2017-7520)
* Potential double-free in --x509-alt-username (CVE-2017-7521)
* Remote-triggerable memory leaks (CVE-2017-7512)
* Post-authentication remote DoS when using the --x509-track option (CVE-2017-7522)
* Null-pointer dereference in establish_http_proxy_passthru()
* Restrict --x509-alt-username extension types
* Fix potential 1-byte overread in TCP option parsing
* Fix mbedtls fingerprint calculation
* openssl: fix overflow check for long --tls-cipher option
* Ensure option array p[] is always NULL-terminated
* Pass correct buffer size to GetModuleFileNameW() (Quarkslabs finding 5.6)

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2017-06-26 09:56:07 +02:00
Magnus Kroken
329f6a96b7 mbedtls: update to 2.5.1
Fixes some security issues (no remote exploits), and introduces
some changes. See release notes for details:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.5.1-2.1.8-and-1.3.20-released

* Fixes an unlimited overread of heap-based buffers in mbedtls_ssl_read()
* Adds exponent blinding to RSA private operations
* Wipes stack buffers in RSA private key operations (rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt())
* Removes SHA-1 and RIPEMD-160 from the default hash algorithms for certificate verification.
* Fixes offset in FALLBACK_SCSV parsing that caused TLS server to fail to detect it sometimes.
* Tighten parsing of RSA PKCS#1 v1.5 signatures, to avoid a potential Bleichenbacher/BERserk-style attack.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2017-06-26 09:56:07 +02:00
Florian Eckert
4482063c34 treewide: add license tags
Add licence tags where missing.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2017-06-24 22:36:38 +02:00
Mathias Kresin
7e12863252 fritz_tffs_read: get tffs size from input file
Use the size of the input file as maximum tffs size instead of a fixed
value. The tffs on a AVM Fritz 300E can be up to 512KByte for example.

Fixes a read error for the AVM Fritz 3370 where the tffs partition size
is 64Kbyte and smaller than the former default value of 256KByte.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-06-24 22:36:38 +02:00
Daniel Golle
04063820e8 libreadline: add host-build
Also make sure that the PKG_NAME and folder name are equal.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-06-24 14:38:14 +02:00
Luiz Angelo Daros de Luca
991899cc54 valgrind: bump to 3.13.0
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2017-06-24 14:11:06 +02:00
Christian Schoenebeck
7d7356df64 ca-certificates: Update to version 20161130+nmu1
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2017-06-24 14:11:06 +02:00
Bastian Bittorf
dde9da46c1 busybox: ash/hush fix for read-builtin command
this is a cherrypick from busybox-git HEAD:
f5470419404d643070db99d058405b714695b817

and can be removed when upgrading to
next busybox release. discussion here:
http://lists.busybox.net/pipermail/busybox/2017-May/085439.html

Signed-off-by: Bastian Bittorf <bb@npl.de>
2017-06-24 13:11:19 +02:00
Kevin Darbyshire-Bryant
4ed40be3e3 hostapd: add support for acs_chan_bias option
During auto channel selection we may wish to prefer certain channels
over others.

e.g. we can just squeeze 4 channels into europe so '1:0.8 5:0.8 9:0.8
13:0.8' does that.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-06-24 13:11:19 +02:00
Stefan Tomanek
de6ff15129 busybox: backport 'ip rule suppress_{prefixlength, ifgroup}'
This is a backport from the busybox repository
(192dce4b84fb32346ebc5194de7daa5da3b8d1b4); it enables the use of the
suppress_{prefixlength,ifgroup} flags for policy routing rules.

Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
2017-06-24 13:11:19 +02:00
Hans Dedecker
a1c1f6ea7b procd: update to latest version
e5e99c4 watchdog: add support for starting/stopping kernel watchdog

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-06-23 22:48:04 +02:00
Rafał Miłecki
b91a38d647 base-files: fix PKG_CONFIG_DEPENDS to include version.mk entries
Including version.mk sets PKG_CONFIG_DEPENDS to config entries used for
VERSION_SED command. We should keep these configs to make sure package
gets refreshed when needed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-06-22 10:05:23 +02:00
Grégoire Delattre
680a5c5d3e dnsmasq: add dhcp-range tags configuration
dnsmasq can match tags in its dhcp-range configuration, this commit adds
the option to configure it in the dhcp section

uci configuration:
config dhcp 'lan'
        option interface 'lan'
        list tag 'blue'
        list tag '!red'
        option start '10'
        option limit '150'
        option leasetime '12h'

generated dnsmasq configuration:
dhcp-range=tag:blue,tag:!red,set:lan,192.168.1.10,192.168.1.159,255.255.255.0,12h

Signed-off-by: Grégoire Delattre <gregoire.delattre@gmail.com>
2017-06-20 22:33:41 +02:00
Daniel Golle
e3d09e7898 procd: update to latest git HEAD
453116e system: introduce new attribute board_name
e5b963a preinit: define _GNU_SOURCE
e5ff8ca upgraded: cmake: Find and include uloop.h
f367ec6 hotplug: fix a memory leak in handle_button_complete()
796ba3b service/service_stopped(): fix a use-after-free
79bbe6d system: return legacy board name

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-06-19 22:12:51 +02:00
Yousong Zhou
77dc6a2ae7 libunwind: update to version 1.2.1
Changes since 1.2

    a77b0cd Bump version to v1.2.1
    5f354cb mips/tilegx: Add missing unwind_i.h header file
    620d1c3 Add aarch64 getcontext functionality.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-06-19 14:43:09 +08:00
Hans Dedecker
c885482080 netifd: update to the latest version
ef5f7a0 ubus: remove superfluous error check in netifd_add_dynamic
5a68693 iprule: coding style line up
90e2e2c iprule: Add option to suppress unspecific routing lookups

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-06-18 22:22:03 +02:00
Yousong Zhou
f334a0cdb8 base-files: allocate uid/gid starting from 65536
There already exist static assignment of uid/gid 65533 in packages feed
and we have nobody/nogroup taking 65534 as their ids.  Let's change the
pid of dynamic assignment to start from 65536 so that the two assignment
scheme will not collide with each other

While at it, fix the scan command checking existence of uid/gid

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-06-18 10:39:35 +08:00
Mathias Kresin
4cdbf4014b base-files: make ucidef_set_led_rssi offset and factor optional
The offset and factor are only related for LEDs which can have
different brightness values. But binary LEDs are more common and don't
require any further configuation than setting the factor to 1.

Use offset = 0 and factor = 1 in case nothing else is specified.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-06-17 15:38:19 +02:00
Felix Fietkau
77a64e8bff mt76: update to the latest version, fixes rate control issues
Should improve performance considerably in many cases

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-06-17 12:17:33 +02:00
Felix Fietkau
98634205fd libubox: update to the latest version, fixes a runqueue use-after-free bug
7237302 md5: add "const" qualifier to the "file" argument
fa9937c json_script: enable custom expr handler callback
368fd26 uloop: allow specifying a timeout for uloop_run()
6a7fb7d runqueue: fix use-after-free bug
4bc3dec uloop: fix a regression in timeout handling
fd57eea uloop: allow passing 0 as timeout to uloop_run

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-06-17 11:51:41 +02:00
Felix Fietkau
45572fe831 mac80211: refresh patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-06-17 11:51:41 +02:00
Pavel Kubelun
189239ade3 ipq806x: qca99xx: fix wifi calibration
As of now OTP is being correctly parsed and the driver requires to parse pre-caldata to follow corresponding routine.

Rename cal file into pre-calfile so the board initialized correctly with API 2 board data (board-2.bin).

Also remove the now unneeded for qca9984 board.bin symlink to 5GHz calfile.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2017-06-17 11:51:41 +02:00
Pavel Kubelun
025cb640cd ath10k: increase bmi timeout to fix OTP on qca99xx boards and add bmi identification through pre-cal file
Backporting upstream patches.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [refresh, rename patches]
2017-06-17 11:51:41 +02:00
Kevin Darbyshire-Bryant
8f4085e2fd dropbear: fix service trigger syntax error
The classic single '&' when double '&&' conditional was meant.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-06-16 12:05:25 +02:00
Hans Dedecker
8180bbac7c Revert "dnsmasq: manage resolv.conf if when listening on 127.0.0.1#53"
This reverts commit a53f8ba677.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-06-14 22:51:08 +02:00
Paul Oranje
a53f8ba677 dnsmasq: manage resolv.conf if when listening on 127.0.0.1#53
With this patch the dnsmasq init script manages resolv.conf if and only if
when dnsmasq will listen on 127.0.0.1#53 (is main resolver instance).
Also, resolvfile is now set irrespective of the value of noresolv.

Fixes (partially) FS#785

Signed-off-by: Paul Oranje <por@xs4all.nl>
2017-06-12 11:08:21 +02:00
Kevin Darbyshire-Bryant
16a905b322 dnsmasq: make bind-dynamic 'non-wildcard' interfaces default
'non-wildcard' interfaces enables dnsmasq's '--bind-dynamic' mode.  This
binds to interfaces rather than wildcard addresses *and* keeps track of
interface comings/goings via a unique Linux api.

Quoting dnsmasq's author "bind-dynamic (bind individual addresses, keep
up with changes in interface config) ... On linux, there's actually no
sane reason not to use --bind-dynamic, and it's only not the default for
historical reasons."

Let's change history, well on LEDE at least, and change the default!

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-06-11 14:50:04 +02:00
Jonas Gorski
fd952c7a83 base-files: board.json's switch reset means existence, not argument
Don't pass the value unconditionally to swconfig as a parameter but
instead only call reset if it is 1.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-06-11 12:50:14 +02:00
Daniel Golle
5e4bb476c0 kexec-tools: bump version and add support for crashdump kernel
split kexec-tools into two packages, kexec and kdump.
* kexec to simply execute a new kernel
* kdump is for loading and collecting debris of a crashed kernel with
  support for kdump forensics.

In order to properly support booting into a crashkernel, an init script
as well as UCI configuration has been added.
As modifying the kernel cmdline is required for this to work in x86
platforms use an uci-defaults script to modify /boot/grub/grub.cfg.

To test collecting crash information, use the 'c' sysrq-trigger, ie.
echo c > /proc/sysrq-trigger

This should result in the crash kernel being executed and (depending
on the configution) dmesg and/or vmcore getting saved.

To check if the crash kernel was loaded properly, use the 'status'
command of the kdump init script.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-06-09 22:21:25 +02:00
Hans Dedecker
8b486ec2b5 dnsmasq: add dhcp-script hook conditionally
Commit b32689afd6 added support for dhcp-script hook.
Adding dhcp-script config option results into two instances of dnsmasq being run
which triggered oom issues on platforms having low memory.

The dnsmasq dhcp-script config option will now only be added if at least one of the
dhcp, tftp, neigh hotplug dirs has a regular hotplug file or if the dhcpscript uci
config option is specified.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-06-09 16:44:04 +02:00
Jo-Philipp Wich
6426e4edef base-files: network.sh: fix a number of IPv6 logic flaws
* Change network_get_subnet6() to sensibly guess a suitable prefix

  Attempt to return the first non-linklocal, non-ula range, then attempt
  to return the first non-linklocal range and finally fall back to the
  previous behaviour of simply returning the first found item.

* Fix network_get_ipaddrs_all()

  Instead of replicating the flawed logic appending a fixed ":1" suffix
  to IPv6 addresses, rely on network_get_ipaddrs() and network_get_ipaddrs6()
  to build a single list of all interface addresses.

* Fix network_get_subnets6()

  Instead of replicating the flawed logic appending a fixed ":1" suffix
  to IPv6 addresses, rely on the ipv6-prefix-assignment.local-address
  field to figure out the proper network address.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-08 20:12:52 +02:00
Jo-Philipp Wich
d264464404 mwlwifi: update to version 10.3.4.0 / 2017-06-06
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-08 19:56:12 +02:00
Jo-Philipp Wich
7f91cabd0d base-files: network.sh: properly report local IPv6 addresses
Rework the network_get_ipaddr6() and network_get_ipaddrs6() functions to
fetch the effective local IPv6 address of delegated prefix from the
"local-address" field instead of naively hardcoding ":1" as static suffix.

Fixes FS#829.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-08 12:06:01 +02:00
Alexandru Ardelean
079d57b0f2 gdb: disable simulator ; it's broken on ppc
Error is:
```
ompile-loc2c.o compile-c-support.o inflow.o    init.o \
	  ../sim/ppc/libsim.a -lreadline ../opcodes/libopcodes.a ../bfd/libbfd.a -L./../zlib -lz  ../libiberty/libiberty.a ../libdecnumber/libdecnumber.a    -lncurses -lm     ../libiberty/libiberty.a  build-gnulib/import/libgnu.a  -ldl -Wl,--dynamic-list=./proc-service.list
../sim/ppc/libsim.a(idecode.o): In function `update_time_from_event':
idecode.c:(.text+0x170): undefined reference to `error'
../sim/ppc/libsim.a(idecode.o): In function `event_queue_tick':
idecode.c:(.text+0x1cc): undefined reference to `error'
idecode.c:(.text+0x28c): undefined reference to `error'
idecode.c:(.text+0x318): undefined reference to `error'
../sim/ppc/libsim.a(idecode.o): In function `cpu_halt.constprop.6':
idecode.c:(.text+0x398): undefined reference to `error'
../sim/ppc/libsim.a(idecode.o):idecode.c:(.text+0x4e4): more undefined references to `error' follow
collect2: error: ld returned 1 exit status
Makefile:1420: recipe for target 'gdb' failed
make[5]: *** [gdb] Error 1
```

Seems others are running into this as well.
The problem seems to be that some code may be built
as C++ and not C, which may explain the linker error.

On this thread reply:
   https://sourceware.org/ml/gdb/2016-11/msg00045.html
it mentions that the simulator should not call GDB's
"error" function directly, but rather use the "host_callback"
struct.

I have no idea about the use of the GDB simulator within
the OpenWrt/LEDE community.

So, I took the easier route, which is to disable the simulator.
(Also suggested here: https://sourceware.org/ml/gdb/2016-11/msg00047.html )

If needed, I can make an effort to fix the simulator for PPC.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-06-07 18:31:10 +02:00
Alexandru Ardelean
ab485383fa gdb: remove Build/Compile rule ; default one works
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-06-07 18:31:10 +02:00
Alif M. Ahmad
415c47de79 package/grub2: update to 2.02
Update to version 2.02

Signed-off-by: Alif M. Ahmad <alive4ever@live.com>
2017-06-07 18:31:10 +02:00
Felix Fietkau
c6c1f6a548 mac80211: use KERNEL_MAKEOPTS
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-06-07 18:31:10 +02:00
Felix Fietkau
0aed054bec build: add KERNEL_MAKE and KERNEL_MAKE_FLAGS variables and move to kernel.mk
This allows packages to use kernel make options without the forced
-C $(LINUX_DIR). It also makes it more clear that it to be called from
kernel module packages directly.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-06-07 18:31:10 +02:00
Florian Fainelli
f50079985c perf: Depend on KERNEL_PERF_EVENTS
The kernel needs to have PERF_EVENTS built otherwise we will run into
the following:

root@(none):/# perf top
perf_event_open(..., PERF_FLAG_FD_CLOEXEC) failed with unexpected error
89 (Function not implemented)
perf_event_open(..., 0) failed unexpectedly with error 89 (Function not
implemented)
Error:
The sys_perf_event_open() syscall returned with 89 (Function not
implemented) for event (cycles).
/bin/dmesg may provide additional information.
No CONFIG_PERF_EVENTS=y kernel support configured?

Make sure this functional dependency is captured.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-06-05 12:30:05 -07:00
Florian Fainelli
5229c45363 mdadm: Do not check RUN_DIR
Fixes build failure on hosts that do not have mdadm
installed/configured:

make[3]: Entering directory
`/local/users/fainelli/openwrt/trunk/build_dir/target-mipsel-linux-gnu_glibc/mdadm-4.0'
***** Parent of /run/mdadm does not exist.  Maybe set different RUN_DIR=
*****  e.g. make RUN_DIR=/dev/.mdadm
***** or set CHECK_RUN_DIR=0
make[3]: *** [check_rundir] Error 1
make[3]: Leaving directory
`/local/users/fainelli/openwrt/trunk/build_dir/target-mipsel-linux-gnu_glibc/mdadm-4.0'
make[2]: ***
[/local/users/fainelli/openwrt/trunk/build_dir/target-mipsel-linux-gnu_glibc/mdadm-4.0/.built]
Error 2
make[2]: Leaving directory
`/local/users/fainelli/openwrt/trunk/package/utils/mdadm'
make[1]: *** [package/utils/mdadm/compile] Error 2
make[1]: Leaving directory `/local/users/fainelli/openwrt/trunk'
make: *** [package/mdadm/compile] Error 2

Fixes: 980c41f8e0 ("utils/mdadm: Update to 4.0")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-06-05 12:24:01 -07:00
Tino Reichardt
5ca2033d33 lantiq: fix lantiq_mei.c and amazonse.dsti for adsl modem firmware
The ltq-adsl-mei package is used for 3 lantiq device types:
danube, amazon-se and ar9.

These different SoC's need also different definitions.

Signed-off-by: Tino Reichardt <milky-lede@mcmilk.de>
[fix LTQ_USB_OC_INT for AR9 to match documentation]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-06-03 21:34:59 +02:00
Tino Reichardt
743be70d5b lantiq: fix ifxmips_atm_amazon_se.c
Remove 6 defines, which were defined already some lines above.

Signed-off-by: Tino Reichardt <milky-lede@mcmilk.de>
2017-06-03 21:14:07 +02:00
Daniel Golle
aef39358e6 kernel: properly package 8250 serial PCI module
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-06-03 20:45:50 +02:00
Andrea Merello
860e053b29 Lantiq: make possible to tweak DSL SRN from UCI
This patch makes possible to tweak the downstream SNR margin on
Lantiq DSL devices.

The UCI parameter 'network.dsl.ds_snr_offset' is used to set the SNR
margin offset. It accepts values in range -50 to +50 in 0.1 dB units.

The SNR margin can thus be modified in range -5.0 to +5.0 dB in 0.1 dB
steps.

Currently this should only affect ADSL (not VDSL). It should be very
easy to make this work also on VDSL lines, but since I couldn't test
on VDSL lines this patch does not do that yet.

I have also a patch for LUCI about this, that I could submit.

Tested on FB3370 (Lantiq VR9) and Telecom Italia ADSL2+ line.

Signed-off-by: Andrea Merello <andrea.merello@gmail.com>
2017-06-03 17:48:57 +02:00
Jo-Philipp Wich
6db1d13084 umdns: remove superfluous include in init script
The umdns init script includes function/network.sh globally, outside of any
service procedure. This causes init script activation to fail in buildroot
and IB context if umdns is set to builtin.

Additionally, the network.sh helper is not actually used.

Drop the entire include in order to repair init script activation in build
host context. Fixes FS#658.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-02 01:29:32 +02:00
Kevin Darbyshire-Bryant
1fe41c4089 dnsmasq: bump to 2.77
Bump to the 2.77 release after quite a few test & release candidates.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-06-01 23:50:52 +02:00
Matthias Schiffer
5654a03768
mvebu: fix sysupgrade
mvebu was modifying RAMFS_COPY_BIN and RAMFS_COPY_DATA from a
sysupgrade_pre_upgrade hook. As the ramfs is created from stage2, this
did not have an effect anymore after the staged sysupgrade changes.

As it doesn't really hurt to copy fw_printenv and fw_setenv
unconditionally, simply add them in /lib/upgrade/platform.sh, so stage2
will see them.

Config copying is moved to a function called by platform_copy_config, where
it belongs.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: FS#821
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"
2017-06-01 20:41:19 +02:00
Hans Dedecker
21f25bc4a3 ppp: propagate master firewall zone to dynamic slave interface
Assign the virtual DHCPv6 interface the firewall zone of the parent interface
so fw3 knows the zone to which the virtual DHCPv6 interface belongs.
This guarantees the firewall settings are applied correctly for the virtual
DHCPv6 interface and allows to query the zone to which the virtual DHCPv6
interface belongs via the fw3 network option.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-31 16:49:59 +02:00
Julian Labus
b757de65b3 usbmode: remove devices with unsupported modes
remove files which include the following mode options
BlackberryMode OptionMode PantechMode QuantaMode

Signed-off-by: Julian Labus <julian@labus-online.de>
2017-05-31 09:55:08 +02:00
Christian Lamparter
7783f31359 base-files: nand: use CI_KERNPART whenever the kernel volume is needed
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
This patch is in continuation of: commit 93aa860405
"procd: nand: make it possible to configure kernel and ubi partition"

The $CI_KERNPART variable should be used in place
of the fixed "kernel" partition name. This allows
targets to specifiy alternate names for the kernel
partition.

Cc: Chris Blake <chrisrblake93@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2017-05-31 09:55:01 +02:00
Martin Schiller
d189fe62cd uboot-lantiq/spl: fixed uninitialized variable len in spl_uncompress_lzo
This fix is taken from uboot-lantiq v2014.07 (Daniel Schwierzeck)

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2017-05-31 08:41:31 +02:00
Martin Schiller
bbb27b1b22 uboot-lantiq: Support newer versions of the PEF7071 ethernet
This fix is taken from uboot-lantiq v2014.07 (Daniel Schwierzeck)

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2017-05-31 08:41:16 +02:00
Luiz Angelo Daros de Luca
b4f463d969 openvpn-easy-rsa: update to 3.0.1
easy-rsa v3 is now a single script. It expects a 'vars'
configuration file which path can be set using easy-rsa
options, environment variables or just looking in the
current directory.

The default usage would be:

 # cd /etc/easy-rsa
 # easy-rsa COMMAND [command-options]

Following upstream changes, /etc/easy-rsa/pki replaces
/etc/easy-rsa/keys directory.

The default /etc/easy-rsa/pki dir is marked to be kept during
upgrade (WARN: priv keys are saved in the system backup)
/etc/easy-rsa/openssl.1.0.cnf is now marked as config file while
index and serial got removed.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2017-05-31 00:28:26 +02:00
Felix Fietkau
09c2f4a176 mt76: update mirror hash after tar portablity fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-30 15:40:51 +02:00
Marty Plummer
558d86923e ar71xx: add support for EnGenius ENS202EXT
EnGenius ENS202EXT is an outdoor wireless access point with
2-port 10/100 switch, detachable antennas and proprietery PoE.

The device is based on Qualcomm/Atheros AR9341 v1.

Specifications:
- 535/400/200 MHz (CPU/DDR/AHB)
- 64 MB of RAM
- 16 MB of FLASH
- UART (J1) header on PCB (unpopulated)
- 2x 10/100 Mbps Ethernet
- 2.4 GHz, up to 26dBm
- 2x external, detachable antennas
- 7x LED, 1x button

Flash instructions:

You have three options:

- Use the vendor firmware upgrade page on the web interface and give
it the factory.img. This is the easiest way to go about it.

- If you have serial access during u-boot, interrupt the normal boot
(any key before timeout) and run 'run failsafe_boot'; this will bring
you to a minimal openwrt luci image on ip 192.168.1.1 useful if you've
bricked the normal firmware.

- Use the vendor's management cli, which can be accessed via telnet
with the same credentials as the web login (default admin:admin), then
issue the following commands:

*** Hi admin, welcome to use cli(V-1.6.7) ***
---========= Commands Help =========---
      stat -- Status
       sys -- System
    wless2 -- 2.4G-Wireless
      mgmt -- Management
      tree -- Tree
      help -- Help
    reboot -- Reboot
ens202ext>mgmt
  Management
---========= Commands Help =========---
     admin -- Administration
     mvlan -- Management VLAN settings
      snmp -- SNMP settings
    backup -- Backup/Restore settings
    autorb -- Auto reboot settings
   fwgrade -- Firmware upgrade
      time -- Time settings
   wifisch -- Wifi schedule
       log -- Log
      diag -- Diagnostics
      disc -- Device Discovery
    logout -- Logout
      help -- Help
      exit -- Exit
ens202ext/mgmt>fwgrade
  Management --> Firmware upgrade
---========= Commands Help =========---
      fwup -- Firmware upgrade
      help -- Help
      exit -- Exit
ens202ext/mgmt/fwgrade>fwup http://web.server/lede-ar71xx-generic-ens202ext-squashfs-factory.bin

Signed-off-by: Marty Plummer <ntzrmtthihu777@gmail.com>
2017-05-30 14:15:25 +02:00
Kevin Darbyshire-Bryant
a4198f8c8d iproute2: bump to 4.11
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-05-30 14:00:31 +02:00
Josua Mayer
e2814f6416 u-boot-mvebu: clearfog: enable setexpr command
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2017-05-30 14:00:30 +02:00
Josua Mayer
c4f9474059 u-boot-mvebu: clearfog: implement distro-boot
Add a patchfile that implements distro-boot and is meant to go upstream
Also make the other patches git-am'able for easier maintenance.

Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2017-05-30 14:00:30 +02:00
Josua Mayer
86c4144571 u-boot-mvebu: update to 2017.03
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2017-05-30 14:00:30 +02:00
Ansuel Smith
e783f588eb mwlwifi: update to the latest version
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-05-30 13:59:38 +02:00
Felix Fietkau
6773561748 mt76: update to the latest version, fixes a mt7603 beacon issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-30 08:52:00 +02:00
Matthias Schiffer
df5e80eb26
procd: update to latest git HEAD
e7bb2c8 upgraded: define __GNU_SOURCE

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-30 07:29:25 +02:00
Matthias Schiffer
a5428244d9
base-files: add support for staged sysupgrades from failsafe mode
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
b2adb9a7b5
base-files: sysupgrade cleanup
Some functions only used by stage2 are moved there from common.sh.

One piece that could still use more cleanup is platform_pre_upgrade: many
targets reference files from there are aren't available in the ramfs, so
we need to evaluate it before the switch; conversely, flash writes happen
in that function on some targets. Targets that do the latter should be
fixed eventually to use platform_do_upgrade for that purpose.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
218af1957e
fstools: snapshot: handle jffs2 conversion using upgraded
We can reuse the kill_remaining and run_ramfs facilities of the stage2 run
by upgraded.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
6bbb3a2b0a
fstools: clean up trailing whitespace in snapshot script
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
30f61a34b4
base-files: always use staged sysupgrade
Support for the -d and -p options is dropped; it may be added again at some
point by adding these flags to the ubus sysupgrade call.

A downside of this is that we get a lot less information about the progress
of the upgrade: as soon as the actual upgrade starts, all shell sessions
are killed to allow unmounting the root filesystem.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:32 +02:00
Matthias Schiffer
393817df5d
procd: remove procd-nand package
We always want to support staged upgrades now, so it's better to include
upgraded into the main package. /lib/upgrade/nand.sh is moved to
base-files.

The procd-nand-firstboot package is removed for now, it may return later
as a separate package.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:32 +02:00
Matthias Schiffer
8008765f1f
procd: update to latest git HEAD
992b796 rcS: add missing fcntl.h include
63789e5 init: add support for sysupgrades triggered from preinit
5b1fb35 Remove code that has become unnecessary after sysupgrade changes
5918b6d upgraded: add support for passing a "command" argument to stage2
056d8dd upgraded: link dynamically, chroot during exec
7c6cf55 system: always support staged sysupgrade
d42b21e procd/rcS: Use /dev/null as stdin
e0098d4 service/instance: add an auto start option
1247db1 procd: Log initscript output prefixed with script name
8d720b2 procd: Don't use syslog before its initialization
2555474 procd: Add missing \n in debug message

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:49:50 +02:00
Matthias Schiffer
49328cecdf
procd: prepare NAND sysupgrade for making upgraded dynamically linked
Use install_bin to copy upgraded with all dependencies. The old name
/tmp/upgraded is temporarily retained as a symlink to avoid breaking
things.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:08:32 +02:00
Matthias Schiffer
25d1a24e58
procd: clean up trailing whitespace in nand.sh
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:08:22 +02:00
Felix Fietkau
aaeb42b3e2 mt76: update to the latest version, improves mt7603/7628 stability
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-29 14:42:49 +02:00
Jo-Philipp Wich
61eb18d3f7 firewall: fix stray continue statement
The previous commit introduced a faulty continue statement which might
lead to faulty rules not getting freed or reported.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-27 16:16:15 +02:00
Hans Dedecker
1422dab66e netifd: fix 6rd regression (FS#812)
08f1875 system-linux: fix 6rd regression

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-27 13:26:39 +02:00
Jo-Philipp Wich
6e46f6edc4 firewall: extend ubus support, exception handling, parse fixes
Update to latest Git HEAD in order to import a number of fixes and other
improvements:

3d2c18a options: improve handling of negations when parsing space separated values
0e5dd73 iptables: support -i, -o, -s and -d in option extra
4cb06c7 ubus: increase ubus network interface dump timeout
e5dfc82 iptables: add exception handling
f625954 firewall3: add check_snat() function
7d3d9dc firewall3: display the section type for UBUS rules
53ef9f1 firewall3: add UBUS support for include scripts
5cd4af4 firewall3: add UBUS support for ipset sections
02d6832 firewall3: add UBUS support for forwarding sections
0a7d36d firewall3: add UBUS support for redirect sections
d44f418 firewall3: add fw3_attr_parse_name_type() function
e264c8e firewall3: replace warn_rule() by warn_section()
6039c7f firewall3: check the return value of fw3_parse_options()

Fixes FS#548, FS#806, FS#811.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-27 12:19:48 +02:00
Jo-Philipp Wich
52e36cf80a samba: bump PKG_RELEASE
The previous CVE bugfix commit did not adjust PKG_RELEASE, therefor the
fixed samba package does not appear as opkg update.

Bump the PKG_RELEASE to signify upgrades to downstream users.

Ref: https://forum.lede-project.org/t/sambacry-are-lede-devices-affected/3972/4

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-27 12:17:40 +02:00
Filip Moc
43e4e1f4a5 Move enablemodem from ramips to new package adb-enablemodem and make it used also by TL-MR6400
Signed-off-by: Filip Moc <lede@moc6.cz>
2017-05-27 07:54:40 +02:00
Julian Labus
a9206ac26c usbmode: update usb-modeswitch-data to 20170205
add support for new hardware

Signed-off-by: Julian Labus <julian@labus-online.de>
2017-05-27 07:01:39 +02:00
Julian Labus
b09ee2dc01 usbmode: update to latest version
453da8e convert-modeswitch.pl: fix message indices

Signed-off-by: Julian Labus <julian@labus-online.de>
2017-05-27 07:01:39 +02:00
Florian Fainelli
484f768dfa elfutils: Pass -Wno-unused-result to silence warnings as errors
elfutils turns on -Werror by default, and patch 100-musl-compat.patch
changes how strerror_r is used and we no longer use the function's
return value. This causes the following build error/warning to occur
with glibc-based toolchains:

dwfl_error.c: In function 'dwfl_errmsg':
dwfl_error.c:158:18: error: ignoring return value of 'strerror_r',
declared with attribute warn_unused_result [-Werror=unused-result]
       strerror_r (error & 0xffff, s, sizeof(s));
                  ^
cc1: all warnings being treated as errors

Fixing this would be tricky as there are two possible signatures for
strerror_r (XSI and GNU), just turn off unused-result warnings instead.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-05-26 15:42:03 -07:00
Nick Brassel
b32689afd6 dnsmasq: add dhcp-script hook for other packages
Adds a script which acts as a hook for when dnsmasq creates/destroys a
lease, or completes a TFTP file transfer. The hook loops through scripts
in appropriate directories inside '/etc/hotplug.d', executing each one with
the same arguments supplied by dnsmasq.

In case dnsmasq is jailed by ujail the dhcp-script hook will not work as
expected as ujail does not yet support executing a script within a jail.

Signed-off-by: Nick Brassel <nick@tzarc.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-26 21:28:30 +02:00
Jo-Philipp Wich
361c8b4ee4 Revert "sysupgrade: run only one instance at a time."
This reverts commit e96a9a9af8.

The change breaks sysupgrade through LuCI and two-stage sysupgrade on
NAND targets. There is also a mismatch of file paths in lock and unlock
operations.

This commit was apparently neither properly tested, nor reviewed, so
drop it for now.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-26 14:49:08 +02:00
Felix Fietkau
c2dc7321d7 iptables: fix typos in 600-shared-libext.patch (FS#711)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:30:36 +02:00
Giuseppe Lippolis
4ba2f4dc63 DWR-512: adding wwan support for the dwr-512 3G modem
This PR allow the 3G modem embedded in the DWR-512 to be managed
by the wwan-ncm scripts. The modem will use the usb-option and
usb-cdc-ether drivers.
The DWR-512 DT is updated accordingly.

Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
2017-05-25 19:01:08 +02:00
Felix Fietkau
3c7a99ea90 xfsprogs: update to 4.11.0
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:01:07 +02:00
Felix Fietkau
e6d4235ae5 json-c: disable implicit fallthrough warning (gcc 7)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:01:07 +02:00
Felix Fietkau
60241e52db firewall: update to the latest version, fixes a gcc7 build error
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:01:07 +02:00
Yousong Zhou
a76cbc0d7e kernel: fix autoloading arch-specific modules
Fixes FS#745

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-25 22:52:07 +08:00
Yousong Zhou
e250acab26 backlight-pwm: fix module description
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-25 22:52:06 +08:00
Kenneth Johansson
e96a9a9af8 sysupgrade: run only one instance at a time.
Things do not work well if running multiple instances of
upgrade at the same time.

Signed-off-by: Kenneth Johansson <kenneth.johansson@inteno.se>
2017-05-25 09:22:43 +02:00
Roman Spychała
855f2ae4da kernel: add kmod-usb-net-pl package
Kernel support for Prolific PL-2301/2302/25A1 based cables

Signed-off-by: Roman Spychała <roed@onet.eu>
2017-05-25 09:22:42 +02:00
Stijn Tintel
423a7a6b75 lldpd: bump to 0.9.7
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-05-24 14:56:22 +02:00
Stijn Tintel
3f0d3d12da samba: fix CVE-2017-7494
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-05-24 14:44:03 +02:00
Hans Dedecker
43cc399871 dnsmasq: bump to 2.77rc5
Some small tweaks and improvements :

9828ab1 Fix compiler warning.
f77700a Fix compiler warning.
0fbd980 Fix compiler warning.
43cdf1c Remove automatic IDN support when building i18n.
ff19b1a Fix &/&& confusion.
2aaea18 Add .gitattributes to substitute VERSION on export.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-22 23:08:06 +02:00
Hans Dedecker
c0a9a73393 6rd: add 6rd specific settings as nested json object
Add 6rd specific settings prefix, relay-prefix as a nested data json object

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-22 21:40:19 +02:00
Hans Dedecker
5f2408dbc5 netifd: update to git HEAD version
7573880 system-linux: parse 6rd specific settings as nested json data object
a063705 system-linux: remove redundant check for strtoul() return value
e6ebe0b build: disable unknown warning option error in clang
08d8f47 interface: add new "ifup-failed" hotplug event
20a1bac bridge: reset primary only after marking the member not present
6b9c267 build: suppress format truncation warnings to avoid errors with gcc7

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-22 21:40:19 +02:00
Rafał Miłecki
aaabf47ede umdns: update to the version 2017-05-22
This includes following changes:
0e8b948 Support specifying instance name in JSON file
49fdb9f Support PTR queries for a specific service
26ce7dc Allow filtering with instance name in service_reply
920c62a Store instance name in the struct service
ff09d9a Rename service_name function to the service_instance_name
64f78f1 Rename mdns_hostname variable to the umdns_host_label

Previous package update pulled commit 70c66fbbcde86 ("Fix sending
replies to PTR questions") which introduced a regression which this
update fixes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-05-22 12:04:01 +02:00
Felix Fietkau
65a3dc277f fstools: update to the latest version
88d48d5 libfstools: silence mkfs.{ext4,f2fs}
a19f2b3 build: disable the format-truncation warning error to fix gcc 7 build errors
633a8d0 libfstools: fix multiple volume_identify usages with the same volume
c43ae11 fstools: use -Wno-format-truncation instead of -Wno-error=format-truncation

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-22 11:12:36 +02:00
Yousong Zhou
5d48dc1146 libunwind: update to 1.2
Addresses CVE-2015-3239: Off-by-one error in the dwarf_to_unw_regnum
function in include/dwarf_i.h in libunwind 1.1 allows local users to
have unspecified impact via invalid dwarf opcodes.

Upstream stable-v1.2 fixed the missing unwind_i.h issue but no new
tarball is released yet

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-22 11:07:40 +08:00
Kevin Darbyshire-Bryant
6e10fc74fd dropbear: bump to 2017.75
- Security: Fix double-free in server TCP listener cleanup A double-free
in the server could be triggered by an authenticated user if dropbear is
running with -a (Allow connections to forwarded ports from any host)
This could potentially allow arbitrary code execution as root by an
authenticated user.  Affects versions 2013.56 to 2016.74. Thanks to Mark
Shepard for reporting the crash.
CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c

- Security: Fix information disclosure with ~/.ssh/authorized_keys
symlink.  Dropbear parsed authorized_keys as root, even if it were a
symlink.  The fix is to switch to user permissions when opening
authorized_keys

A user could symlink their ~/.ssh/authorized_keys to a root-owned file
they couldn't normally read. If they managed to get that file to contain
valid authorized_keys with command= options it might be possible to read
other contents of that file.
This information disclosure is to an already authenticated user.
Thanks to Jann Horn of Google Project Zero for reporting this.
CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123

Refresh patches, rework 100-pubkey_path.patch to work with new
authorized_keys validation.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-05-21 23:56:17 +02:00
Hans Ulli Kroll
ce7681d328 mac80211: add support for rtl8821ae pcie adapter
Add support for Realtek RTL8821AE/RTL8812AE PCIe adapter.
This device supports 802.11ac and bluetooth

testet on PC Engines APU with AP and STA mode

Signed-off-by: Hans Ulli Kroll <ulli.kroll@googlemail.com>
2017-05-21 23:51:21 +02:00
Hans Ulli Kroll
fd7b2559e2 linux-firmware: add firmware for rtl8821ae support
Add needed firmware to support rtl8821ae pcie adapter

Signed-off-by: Hans Ulli Kroll <ulli.kroll@googlemail.com>
2017-05-21 23:51:08 +02:00
Alexandru Ardelean
c7ee30d53a base-files: fix default procd reload
Bug introduced with 6713694.

I did not count on procd handling reload as mentioned
in this doc:
https://wiki.openwrt.org/inbox/procd-init-scripts

```
procd_set_param file /var/etc/your_service.conf # /etc/init.d/your_service reload will restart the daemon if these files have changed
procd_set_param netdev dev # likewise, except if dev's ifindex changes.
procd_set_param data name=value ... # likewise, except if this data changes.
```

The service would be restarted regardless of any of those params.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-05-20 20:43:45 +02:00
Daniel Engberg
ec987e59c4 f2fs-tools: Switch to gz tarball
At some point kernel.org decided to drop xz generated tarballs, switch to gz which they still provide.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-05-18 14:23:26 +02:00
Daniel Golle
5e5499c612 mac80211: rt2x00: remove unneccessary code
Use chanreg and dccal helpers to reduce the size of ePA code.

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: fixed white-space so patch applies]
2017-05-18 13:51:28 +02:00
Alexandru Ardelean
ce8bfa9407 lldpd: drop specific respawn params [use system-wide]
I think I added these respawn params [a while back],
when I did the conversion to procd init script format.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-05-18 08:14:26 +02:00
Luiz Angelo Daros de Luca
ccc54b2935 elfutils: bump to 0.169
Removed patches (now upstream):
- 004-maybe-uninitialized.patch
- 007-fix_TEMP_FAILURE_RETRY.patch

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2017-05-18 07:59:56 +02:00
Ben Greear
e00cc98045 ath10k-ct-firmware: Add support for QCA9886/QCA9888 firmware.
This firmware shoul have the same general feature set as the
rest of the 10.4 CT firmware (9984, 9980, etc).  Build-tested
only in LEDE, but firmware has been tested with ath10k-ct driver
on other OSs, so likely works just fine.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-05-18 07:59:33 +02:00
Ben Greear
7a343dafbb ath10k-ct-firmware: Update to latest.
The 988x and 9887 firmwares include a bugfix for a case where blockack
did not work sometimes, and many fixes for compiler warnings detected
by newer gcc compilers.

The 9980 and 9984 firmware includes a large backport of upstream QCA
firmware changes to bring it up to date.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-05-18 07:59:31 +02:00
Ben Greear
1fc0a45558 ath10k-ct: Update to latest ath10k-ct driver.
Supports disabling firmware hex logging that many found too verbose.

Increase BMI timer so system works more often with 9888 Compex NIC
(and maybe others).

Allow configuring a specific board-file per NIC using fwcfg file.

Maybe fix a scan-busy problem when using CT firmware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-05-18 07:59:26 +02:00
Daniel Engberg
b295966f87 devel/trace-cmd: Update to 2.6.1
Update trace-cmd to version 2.6.1
Switch to tarball download

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-05-18 07:58:59 +02:00
Giuseppe Lippolis
db776c01e1 comgt-3g: enable modem before to setpin
some modems needs to be enabled with CFUN=1 before to set the pin

Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
2017-05-18 07:07:00 +02:00
Philip Prindeville
0dcc36fc7d kernel: add hwmon for W83627EHF and family
Remove support for NCT6775/6 from W83627EHF driver so the NCT6775
driver will still be used for those chips.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-05-17 00:06:52 +02:00
Arjen de Korte
070a46121d dnsmasq: add IPv6 nameserver configuration in server mode
When in ra server mode, configure nameservers passed in router
announcements from the dns value (which is already used by odhcpd).

This also fixes FS#677 by using the global IPv6 address of the router
instead of the link local address (if no nameservers are configured).

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
2017-05-16 22:27:02 +02:00
Daniel Engberg
74395d97a9 libs/libnftnl: Update to 1.0.7
Update libnftnl to 1.0.7

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-05-16 17:22:58 +02:00
Daniel Engberg
89807b627f network/utils/curl: Update to 7.54.0
Update curl to 7.54.0
Update and fresh patches

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-05-16 16:58:15 +02:00
Daniel Engberg
4b0a2ca9a4 devel/strace: Update to 4.16
Update strace to 4.16
Refresh patch

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-05-16 16:58:11 +02:00
Daniel Engberg
ea2927e1ea network/utils/ipset: Update to 6.32
Update ipset to 6.32

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-05-16 16:58:07 +02:00
Ansuel Smith
324ec18615 uhttpd: Enable integrated Lua by default
We enabled lua interpreter by default as it doesn't make any problem in the uhttpd config file and we modify the index page to use it.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-05-16 16:57:01 +02:00
Bjørn Mork
a131b892ea kernel: add Digi Edgeport USB serial driver package
Signed-off-by: Bjørn Mork <bjorn@mork.no>
2017-05-16 12:10:39 +02:00
Mantas Pucka
cd9d0f9e97 uboot-envtools: add support for 8devices Rambutan
Signed-off-by: Mantas Pucka <mantas@8devices.com>
2017-05-15 22:43:33 +02:00
Steffen Weinreich
04e91631e0 om-watchdog: add support for Teltonika RUT5xx (ramips)
Add rut5xx GPIO PIN selection to om-package startup script.

Testet on a RUT500 device, the timeout value of the hardware watchdog
is about 280 sec.

Signed-off-by: Steffen Weinreich <steve@weinreich.org>
[split into two commits, bump PKG_RELEASE]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-05-15 22:43:33 +02:00
Piotr Dymacz
08ab3fda01 om-watchdog: cosmetic code style fixes
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-05-15 22:43:33 +02:00
Piotr Dymacz
f7e84a4a2e om-watchdog: cleanup Makefile
Drop redundant Build/Prepare, empty lines and duplicated Build/Compile.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-05-15 22:43:33 +02:00
Hans Dedecker
6d7cb5337e odhcpd: update to git HEAD version
93abe6f config: fix invalid hoplimit in RA message
2ae08d1 config: fix invalid retranstime in RA message
0005cb4 config: fix invalid reachabletime in RA message
5683dd2 config: limit ra_mtu to 65535
f8d40a5 router: fix interface mtu read error
f8f4b87 config: limit ra_retranstime to 60000
a2d8bf6 dhcpv4: display two hex digits per octet in syslog
a9e9bc4 config: make RA retransTime configurable via uci
2cb6b48 config: make RA reachableTime configurable via uci
e4504db config: make RA curHopLimit configurable via uci
9dd5316 config: make RA mtu configurable via UCI
29cb2ff config: fix dhcpv4 server being started
0ef74ec ndp.c: add switch/case fallthrough comments

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-15 22:30:39 +02:00
Alberto Bursi
4242ddf8f2 base-files: add led functions to uci-defaults.sh
uci_set_leds_ataport() allows to set a led to show activity
on a specific (s)ata port, which is needed for devices that have
a Sata led for each sata port.
The led trigger is from the 834-ledtrig-libata.patch LEDE kernel patch.

uci_set_leds_usbhost() allows to set a led to show total usb activity.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
[Jo-Philipp Wich: use a single underscore to denote private functions]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-14 21:45:50 +02:00
Alberto Bursi
b06a286a48 base-files: cleanup led functions in uci-defaults.sh
create a function with code common to all led functions,
create another function with code common to functions setting
a simple led trigger, restore alphabetical order in function names.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
[Jo-Philipp Wich: use a single underscore to denote private functions]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-14 21:45:50 +02:00
Jo-Philipp Wich
4a03347545 mac80211: gracefully handle preexisting VIF
Gracefully handle cases where the to-be-created wireless interface already
exists on the system which might commonly happen with non-multi-SSID capable
wireless drivers.

This fixes commit 8301e61365 which caused
previously ignored "Too many open files in system (-23)" errors to fail the
wireless setup procedure.

With the updated approach we'll still try recreating the vif after one
second if the first attempt to do so failed with ENFILE but we will now
consider the operation successfull if a second attempt still yields ENFILE
with the requested ifname already existing on the system.

Fixes FS#664, FS#704.

Suggested-by: Vittorio Gambaletta <openwrt@vittgam.net>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-14 21:43:11 +02:00
Marko Ratkaj
ee1cee2cac mvebu: add ClearFog Base support
Add support for SolidRun ClearFog Base board.

The base model is a smaller version of ClearFog Pro without
the DSA switch, replacing it with a second copper gigabit
port, and only one PCIe socket.

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-05-14 00:34:03 +02:00
Marko Ratkaj
ec4a8c6dee mvebu: ClearFog renamed upstream to ClearFog Pro
The conventional model is now known as the "Clearfog Pro"

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-05-14 00:34:03 +02:00
Matthias Schiffer
1a16cb9c67
mac80211, hostapd: always explicitly set beacon interval
One of the latest mac80211 updates added sanity checks, requiring the
beacon intervals of all VIFs of the same radio to match. This often broke
AP+11s setups, as these modes use different default intervals, at least in
some configurations (observed on ath9k).

Instead of relying on driver or hostapd defaults, change the scripts to
always explicitly set the beacon interval, defaulting to 100. This also
applies the beacon interval to 11s interfaces, which had been forgotten
before. VIF-specific beacon_int setting is removed from hostapd.sh.

Fixes FS#619.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-13 17:12:54 +02:00
Matthias Schiffer
5e481881d7
hostapd: remove unused variable declarations in hostapd.sh
None of the variables in this "local" declaration are actually set in
wpa_supplicant_add_network().

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-13 16:27:22 +02:00
Kevin Darbyshire-Bryant
deef71375c dnsmasq: bump to 2.77rc3
Fix [FS#766] Intermittent SIGSEGV crash of dnsmasq-full

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-05-12 21:30:56 +02:00
Jo-Philipp Wich
e66f17ac1e openvpn: update to v2.4.2
Update to version 2.4.2 in order to address two potential Denial-of-Service
vectors in OpenVPN.

CVE-2017-7478 - Don't assert out on receiving too-large control packets
CVE-2017-7479 - Drop packets instead of assert out if packet id rolls over

Ref: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.2
Ref: https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-12 11:54:48 +02:00
Florian Fainelli
c258bc781f toolchain: Package libgomp
Some external toolchains may be configured to enable OpenMP. Provide a
package for these libraries which can be used by other packages.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-05-11 13:42:55 -07:00
Florian Fainelli
83814856fe fritz-tools: Find zlib.h header file
Add the necessary changes to CMakeLists.txt to search zlib.h. Fixes
build issues with external toolchains that don't have STAGING_DIR in the
default search path.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-05-11 13:42:39 -07:00
Valentin Spreckels
6f01abf5de fritz_tffs_read: fix parsing of size argument
The parameter specification missed that -s takes an argument.

Signed-off-by: Valentin Spreckels <Valentin.Spreckels@Informatik.Uni-Oldenburg.DE>
2017-05-11 00:53:05 +02:00
Alexey Brodkin
5dc76a4258 perf: Disable perf for ARC770 only, enable for ARC HS38
Toolchain built for ARCv1 (read for ARC700 cores) by default has
disabled atomic ops (-mno-atomic). When we build Linux kernel for ARC770
which has LL/SC instructions and thus may handle normally atomic ops we
explicitly add "-matomic" in CFLAGS. But since user-space perf utility has
no way to extract CPU config options from Kconfig/defconfig it uses
compiler default settings.

In case of ARCv2 (read ARC HS38) atomics are enabled by default and so
perf builds perfectly fine thus reenabling perf for ARC HS38 (actually
for non-ARC700 targets).

Signed-off-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
2017-05-11 00:53:05 +02:00
Arjen de Korte
44da45a881 dnsmasq: don't propagate DUID from one host to another
If no DUID is set for a host, it should be empty, not the last one set for a previous host.

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
2017-05-11 00:53:05 +02:00
Hans Dedecker
54ea0f45c8 dnsmasq: use append_interface_name when using option --interface-name
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-09 10:01:07 +02:00
Daniel Danzberger
eb99f8912a dnsmasq: add interface-name uci list.
This patch adds the interface-name option for each dhcp config
in /etc/config/dhcp.

With the interface_name option users can define a DNS name for each dhcp section
that will be resolved by dnsmasq with the underlaying interface address.

For example:
config dhcp 'lan'
	option interface 'lan'
	...
	list interface_name 'home.lan'
	...

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
2017-05-09 10:00:49 +02:00
Alberto Bursi
7296767639 dnsmasq: make tftp root if not existing
If there's a TFTP root directory configured, create it with mkdir -p
(which does not throw an error if the folder exists already)
before starting dnsmasq. This is useful for TFTP roots in /tmp, for example.

Originally submitted by nfw user aka Nathaniel Wesley Filardo

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-05-04 23:10:09 +02:00
Hans Dedecker
cd5cd7c859 dnsmasq: fix dhcp_option usage warning
Don't display unnecessary dhcp_option usage warning in case
dhcp_option is empty

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-04 22:42:49 +02:00
Nick Lowe
ed62d91f4b hostapd: add legacy_rates option to disable 802.11b data rates.
Setting legacy_rates to 0 disables 802.11b data rates.
Setting legacy_rates to 1 enables 802.11b data rates. (Default)

The basic_rate option and supported_rates option are filtered based on this.

The rationale for the change, stronger now than in 2014, can be found in:

https://mentor.ieee.org/802.11/dcn/14/11-14-0099-00-000m-renewing-2-4ghz-band.pptx

The balance of equities between compatibility with b clients and the
detriment to the 2.4 GHz ecosystem as a whole strongly favors disabling b
rates by default.

Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup, defaults change]
2017-05-03 13:58:23 +02:00
Abhilash Tuse
41feba8c4a hostapd: fix reload frequency change patch
When sta is configured, hostapd receives 'stop' and 'update' command from
wpa_supplicant. In the update command, hostapd gets sta parameters with
which it configures ap.

Problem is, with the default wireless configuration:
mode:11g freq:2.4GHz channel:1
If sta is connected to 5GHz network, then ap does not work. Ideally with
340-reload_freq_change.patch hostapd should reload the frequency changes
and start ap in 5GHz, but ap becomes invisible in the network.

This issue can be reproduced with following /etc/config/wireless:
config wifi-device  radio0
        option type     mac80211
        option channel  1
        option hwmode   11g
        option path     'virtual/uccp420/uccwlan'
        option htmode   'none'

config wifi-iface 'ap'
        option device 'radio0'
        option encryption 'none'
        option mode 'ap'
        option network 'ap'
        option ssid 'MyTestNet'
        option encryption none

config wifi-iface 'sta'
       option device radio0
       option network sta
       option mode sta
       option ssid TestNet-5G
       option encryption psk2
       option key 12345

This change updates current_mode structure based on configured hw_mode
received from wpa_supplicant. Also prepare rates table after frequency
selection.

Signed-off-by: Abhilash Tuse <Abhilash.Tuse@imgtec.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup, patch refresh]
2017-05-03 13:58:23 +02:00
Jo-Philipp Wich
65de093c18 base-files: implement ucidef_set_hostname(), ucidef_set_ntpserver()
Commit 2036ae4 (base-files: support hostname and ntp servers through board.d)
was supposed to implement these procedures but lacked the required changes
to uci-defaults.sh.

Add the missing procedures now to fix config generation on targets relying
on hostname or NTP server presetting.

Fixes FS#754.

Reported-by: Cristian Morales Vega <cristian@samknows.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-03 13:47:57 +02:00
Yousong Zhou
0c3fe281e3 opkg: alternatives: use ERROR level for symlink failure
Changes since last version

    04e279e pkg_alternatives: use ERROR level for symlink failure

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-03 17:40:47 +08:00
Yousong Zhou
cf75fb5e14 busybox: alternatives: accomodate CONFIG_BUSYBOX_CUSTOM=y
When busybox customisation is enabled, we should depend on config
symbols CONFIG_BUSYBOX_CONFIG_xxx to form alternatives specs

Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-03 17:40:47 +08:00
Kevin Darbyshire-Bryant
b65c619d02 dnsmasq: bump to 2.77test5
A number of small tweaks & improvements on the way to a final release.
Most notable:

Improve DHCPv4 address-in-use check.
Remove the recently introduced RFC-6842 (Client-ids in DHCP replies)
support as it turns out some clients are getting upset.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-05-02 22:32:14 +02:00
Yousong Zhou
fa3649d97e busybox: add alternatives specs for those also provided by procps-ng
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-03 00:53:44 +08:00
Yousong Zhou
9b4c41524f iproute2: bump PKG_RELEASE
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:45:42 +08:00
Yousong Zhou
cfa5865187 iproute2: add ip-tiny, ip-full as alternatives of /sbin/ip
They will not be in conflict anymore ;)

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:42:36 +08:00
Yousong Zhou
8b1b094fef busybox: add as an alternative of /sbin/ip
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:42:36 +08:00
Yousong Zhou
fc9361e60e opkg: alternatives support
Changes since last version

    546bc72 pkg: alternatives support
    7a96972 libbb: xreadlink: fix memory leak on failure case
    3f13edd pkg_run_script: use pkg->dest in half installed case

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:42:35 +08:00
Yousong Zhou
dac629f710 build: cleanup tmp/ dir of target rootfs
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:10:50 +08:00
Alexey Brodkin
34e8393019 toolchain/arc: update to the most recent release arc-2016.09
arc-2016.09 is the most recent toolchain for ARC cores and
it is based on top of upstream Binutils 2.27 and GCC 6.2.1.

With updated major version of GCC we copied all GCC 6.x patches
for ARC as well as Bintils 2.27 patches.

Note that toochain sports ARCv4 ABI and so must be used
with 4.8+ Linux kernels. Even though it will build v4.4 kernel
perfectly fine on attempt to run user-space apps they won't
work with older kernel. That said previuosly sent RFC patches with
Linux kernel update are required:
 [1] https://patchwork.ozlabs.org/patch/726686/
 [2] https://patchwork.ozlabs.org/patch/726687/

Signed-off-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
2017-05-02 15:17:30 +02:00
Felix Fietkau
c13f943d2a perf: disable build for ARC, it is currently broken
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-02 15:17:29 +02:00
Felix Fietkau
5afe9a054c kernel: allow selecting RTC drivers on targets without explicit RTC support
Keep them disabled by default to avoid pulling in extra kernel bloat

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-02 14:33:58 +02:00
Alexander Couzens
21c2e93e67
uboot-omap: rename patch to 101-disable-thumb-omap3.patch
It's disabling thumb for the whole omap3 family.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-30 12:19:07 +02:00
Alexander Couzens
ca8988614c uboot-omap: enable thumb for overo
Even it's unknown if it's booting with thumb, because the lack of hardware.
Enable it for now, so the build succeed, because without thumb it can not fit
into spl.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-30 12:17:30 +02:00
Hans Dedecker
c45ef702ff odhcpd: update to git HEAD version (FS#656,FS#595)
9268ca6 ndp: don't trigger IPv6 ping when neighbor entry is invalid
2b3355f ndp: fix adding proxy neighbor entries
7dff5b4 ndp: fix wrong interface name in syslog message
a54afb5 dhcpv6-ia: Fix segfault when writing DHCPv4 leases in state file
c0e9dbf ubus: don't segfault when there're no leases

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-28 21:59:29 +02:00
Hans Dedecker
9412fc2949 dnsmasq: support dhcp_option config as a list
Configuring dhcp_option as an option does not allow the usage of white
spaces in the option value; fix this by supporting dhcp_option as a list
config while still supporting the option config to maintain backwards
compatibility

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-27 22:04:29 +02:00
Jo-Philipp Wich
76871a8dbb busybox: nslookup_lede: mimic output format of old Busybox applet
When invoking "nslookup_lede" with a domain argument and without explicit
query type, issue both A and AAAA queries and display the resulting IP
addresses in a numbered list style, similar to how the old BusyBox nslookup
used to output the records.

This is required for compatibility with certain scripts.

Ref: https://forum.lede-project.org/t/nslookup-ipv6-in-lede-17-01-1

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-04-27 10:44:28 +02:00
Jo-Philipp Wich
f1e3285461 busybox: nslookup_lede: fix compatibility with v1.25
The ":*" optstring syntax was only recently introduced with BusyBox v1.26,
older versions need a corresponding hint in the "opt_complementary" variable
to denote flag values that should be stored as llist entries.

Add the required opt_complementary entry to fix random SIGBUS, SIGILL or
SIGSEGV related crashes on BusyBox 1.25.x when attempting to use the "-q"
flag of the "nslookup_lede" applet.

Ref: https://forum.lede-project.org/t/nslookup-ipv6-in-lede-17-01-1

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-04-27 10:44:28 +02:00
Hans Dedecker
e5bbead1a8 dropbear: fix procd interface trigger install
Install procd interface triggers only for interfaces which are enabled
so dropbear instances running on (an) enabled interface(s) are not
restarted due to an interface trigger of an interface which is disabled.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-26 21:29:16 +02:00
Daniel Engberg
dca2966b77 busybox: Enable sendfile by default
Enable sendfile system call by default.
http://lists.busybox.net/pipermail/busybox-cvs/2014-November/034831.html

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-04-26 13:40:37 +02:00
Chris Blake
ad0c1d3a31 mac80211: Backport AR934x OTP Patch
Merged upstream in https://patchwork.kernel.org/patch/9572541/, this
patch fixes the OTP offset used by the AR934x and AR955X to properly
enable reading from the OTP.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2017-04-26 10:29:45 +02:00
Felix Fietkau
0b7ed65cec kernel: remove out of tree direct-io disable hack
Direct-IO support has to be enabled for the release build anyway, so
this hack is not worth keeping

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-26 10:27:45 +02:00
Daniel Engberg
980c41f8e0 utils/mdadm: Update to 4.0
Update mdadm to 4.0
Remove 000-compile.patch as it's fixed upstream
Refresh patches
Add mdadm.h-Undefine-dprintf-before-redefining.patch
Source: http://git.openembedded.org/openembedded-core/tree/meta/recipes-extended/mdadm/files
Add RAID 0,1 and 10 as depends to make mdadm usable.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-04-26 10:27:45 +02:00
Hans Dedecker
4b195a611f netifd: return error status in reload_service
Based on a patch by Alexandru Ardelean.
netifd ubus reload call returns the actual reload error status;
return error status as well in reload_service

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-24 18:51:10 +02:00
Hans Dedecker
8e37d5b584 netifd: update to git HEAD version
11cb9cf ubus: add interface method to trigger renew event
4375d1b system-linux: allow "throw" route type
5fbd904 netifd: propagate error code on netifd_reload()
6e0acec interface-ip: fix device name for IPv6 link-local DNS server

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-24 18:50:36 +02:00
Hans Dedecker
6fd6582014 odhcpd: update to git HEAD version
570069d ubus: rework dumping IPv6 and IPv4 leases
4e579c4 dhcpv6-ia: simplify logic to write statefile and dhcpv6 logging

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-24 18:50:25 +02:00
Alexander Couzens
23fc55e723 package/uboot-omap: add am335x_boneblack
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-24 18:03:31 +02:00
Alexander Couzens
a5eb9c6370 package/uboot-omap: add default uEnv to boot via mmc card
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-24 18:03:31 +02:00
Alexander Couzens
147e18bdbd package/uboot-omap: re-introduce patches dropped by update to v2017.01
The beagleboard doesn't boot with Thumb enabled, but without Thumb the
SPL (first stage bootloader) is too big to fit into SRAM.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-24 18:03:31 +02:00
Alexander Couzens
e2caa74a2f package/uboot-omap: install image to STAGING_DIR_IMAGE
to use them later by image/Makefile to create full working sdcard images

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-24 18:03:31 +02:00
Alexander Couzens
4ac4148cc4 package/uboot-omap: assign BUILD_DEVICES most boards
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-24 18:03:31 +02:00
Daniel Golle
61cfc8075b mac80211: rt2x00: add incomplete support for external PA on MT7620
Do as the vendor driver does -- however, some devices apparently
patched support for external PA into the driver similar to how it was
done on Rt3352, using EEPROM_NIC_CONF1 rather than EEPROM_NIC_CONF2,
hence we check for both fields. Somehow the vendor driver also no
longer offers the option of only one of the TX paths having an external
PA (which was probably to weird to ever be implemented in practise,
though it doesn't seem like a particularly bad idea to me). Do the same
in rt2x00 and enable support for external PA on both TX paths whenever
it is set for TX0 in EEPROM.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-04-24 16:33:51 +02:00
Daniel Golle
3d71d1d9a9 mac80211: rt2x00: reorder patches and prepare for MT7620 external PA
Import change to make external PA capability consistent with the
vendor driver instead of having the logic inverted.
While at it, apply patches in the same order as they got merged
upstream.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-04-24 16:33:34 +02:00
Ansuel Smith
e80a041348 iptables: fix wrong depends for nftables support (FS#707)
The dep for the nftables support was wrong, if someone actually enable
that option gain a compilation error. This fix this problem.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-04-22 21:33:46 +02:00
Jo-Philipp Wich
8ed5c6d3b1 busybox: fix build of nslookup_lede applet without IPv6 (#728)
Protect any IPv6 related with appropriate guards to fix compilation with
disabled IPv6 support in Busybox.

Fixes #728.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-04-21 13:20:24 +02:00
Mathias Kresin
18618695ae ramips: dont replace the board name
Use fixed led names and add each board variant instead of manipulating
the board name.

It makes the ramips board name function less different to the one used
in other targets and allows to merge them with a common function.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-04-21 07:47:59 +02:00
Tomislav Požega
e209988a17 mac80211: rt2800: fix mt7620 E2 channel registers
update RF register 47 and 54 values according to vendor driver

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: moved changes into a separate patch]
2017-04-18 12:00:51 +02:00
Tomislav Požega
d2f864f7bf mac80211: rt2800: fix mt7620 vco calibration registers
Use register values from init LNA function instead of the ones from
restore LNA function. Apply register values based on rx path
configuration.

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: moved changes into a separate patch]
2017-04-18 11:24:58 +02:00
Felix Fietkau
00b32b8326 mac80211: fix kconfig recursive dependency warning
Make brcmfmac depend on !TARGET_uml.
Technically, brcmfmac could be built for uml because only SDIO support
won't work on that target. However, selectively avoiding the dependency
propagation of !TARGET_uml from kmod-mmc to avoid including a reference
to BRCMFMAC_SDIO doesn't work.

In practice, brcmfmac is completely useless on uml, so let's just
disable it there.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-18 09:45:18 +02:00
Daniel Golle
97d1c49cac mac80211: rt2x00: fix MT7620 LNA gain and VCO-after-ALC
This should fix issues with bad RX as well as AP not coming up and/or
scanning failing.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-04-17 21:38:32 +02:00
Bastian Bittorf
56457dbcb7 dnsmasq: fix uninitialized varname in init-script
minor/cosmetic: fixes the following misleading message:

root@box:~ /etc/init.d/dnsmasq restart
sh: out of range

Signed-off-by: Bastian Bittorf <bb@npl.de>
2017-04-17 13:10:31 +02:00
Florian Fainelli
7ae58bebc8 busybox: Move libresolv detection to LEDE Makefile
Since the LEDE nslookup applet is already specific to LEDE, move the
libresolv detection into the busybox Makefile that LEDE uses.

This fixes builds with external toolchains that don't automatically
search for headers and/or libraries without being told so.

Fixes: de5b8e5d2f ("busybox: add musl compatible nslookup replacement")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-04-12 09:12:18 -07:00
Jonas Gorski
7d4147d869 mac80211: add rt2x00 debug symbols to PKG_CONFIG_DEPENDS
Chaning these symbols require a recompilation of the modules, so make the
system aware of it.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-04-12 12:48:35 +02:00
Jonas Gorski
5ba8185866 mac80211: manually apply dependencies to prevent a recoursive one
Apply the !UML dependency to both the symbol and the DEPENDS so there is
no recursive dependency anymore.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-04-12 12:48:35 +02:00
Alif M. Ahmad
ffd055d5bb grub2: update to 2.02~rc2
Update to version 2.02~rc2.

Signed-off-by: Alif M. Ahmad <alive4ever@live.com>
2017-04-12 11:24:57 +02:00
Matthias Fritzsche
796629207b mac80211: conistent wireless.wiki.kernel.org
Change all the URLs to wireless.wiki.kernel.org to have
the same protocol, domain and path.

Signed-off-by: Matthias Fritzsche <txt.file@txtfile.eu>
2017-04-12 10:57:54 +02:00
Felix Fietkau
5e2d15b4a6 iptables: set ABI_VERSION to force rebuild of dependent packages
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-12 10:51:36 +02:00
Ansuel Smith
98e43b13a7 iptables: bump to 1.6.1
Switch to git repo
Removed musl patch
Refreshed existing patch

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup]
2017-04-12 10:51:29 +02:00
Hauke Mehrtens
efb22b6f06 binutils: fix build with host gcc < 4.9
binutils 2.27 checks if the target compiler supports -Wstack-
usage=262144, and also uses this setting for the host compiler. If the
host compiler is gcc < 4.9 binutils build will fail. This backports 2
commits which are fixing this problem for binutils 2.28.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-04-12 09:54:39 +02:00
Alexandru Ardelean
6713694fe4 base-files: use restart if no reload hook for service
This was also working before, with a slightly
different semantic.

[ Original semantic ]
If no reload hooks was implemented, the default one would
kick in, it would return fail, and restart would happen.

This would happen also in the case where a reload hook
would be implemented, it would fail, and it would restart
the service.

[ New semantic ]
The default reload hook calls restart.
Services can implement their own reload.

If reload fails, then the '/etc/init.d/<service> reload'
would return a non-zero code, and the caller can choose
a way to handle this.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-04-12 09:54:21 +02:00
Pavel Kubelun
a124f0739b ath10k-firmware: update to latest version
Kvalo's repo has a newer version of qca9984 firmware. Use it instead.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2017-04-12 09:53:41 +02:00
Felix Fietkau
a7f8564b0f openvpn: add myself as maintainer
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-12 09:52:59 +02:00
Daniel Engberg
210e96d4cf OpenVPN: Update to 2.4.1
Update OpenVPN to 2.4.1
Remove 200-small_build_enable_occ.patch as it's included upstream.
Refresh patches
Add mirror and switch to HTTPS

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-04-12 09:52:57 +02:00
Jo-Philipp Wich
de5b8e5d2f busybox: add musl compatible nslookup replacement
Add an alternative nslookup applet implementation which is compatible with
musl libc wrt. name server selection and which supports a number of additional
features such as query type selection.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-04-10 13:19:54 +02:00
Jonas Gorski
ac388ad83a kernel: make kmod-mmc unavailable on UML
MMC requires IOMEM support, which UML doesn't have.

Fixes mac80211 build, as mwifiex-sdio depends on MMC support.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-04-10 11:23:51 +02:00
Hans Dedecker
fc859fb44b iproute2: add libgenl.h and ll_map.h to InstallDev section
Commit f4e312ddf8 adds libnetlink to
staging dir but did not add the header files libgenl.h and ll_map.h
which define functions belonging to libnetlink lib

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-08 20:53:44 +02:00
Daniel Golle
1c42598b7d dnsmasq: peacefully coexist with ISC DHCPd
Similar to odhcpd, allow using ISC DHCPd instead of dnsmasq.
Disable DHCP and/or DHCP6 in case ISC DHCP is present and
enabled.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-04-08 17:11:54 +02:00
Mathias Kresin
4a4c00e7c4 ath9k: drop obsolete patch
Now that the wireless LEDs are added via platform leds this patch isn't
required any longer.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-04-08 14:30:00 +02:00
Mathias Kresin
b06559e5b7 ath9k: ignore led_pin if ath9k GPIO controller is used with DT
Don't setup the default led pin if the ath9k GPIO controller is used
via device tree to prevent collision. In case any of the pins exposed
by the ath9k is used, the phyNtpt trigger needs to be set in userspace.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-04-08 14:30:00 +02:00
Mathias Kresin
20b45df7eb ath9k: enable GPIO chip only if requested via DT
In case that the atheros device tree binding is used, enable access to
the GPIO chip only if the gpio-controller device tree parameter is used
for the ath9k node.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-04-08 14:30:00 +02:00
Mathias Kresin
192f0a3db8 ath9k: unset the default LED pin if used by platform leds
Unset the default LED gpio pin if the same gpio pin is used by a LED
defined via platform LED. This prevents that the default led trigger
gets assigned to this LED and the GPIO value gets changed on
wifi up/down in case the led is not used for signaling the wifi state.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-04-08 14:30:00 +02:00
Mathias Kresin
8b3fa168b4 firmware: rework fritz-tools package
Split the fritz-tools into subpackages. fritz_tffs_read is usefull for
all Fritz boards where fritz-cal_extract is only required for the
Fritz 4040 at the moment.

Rename the tffs related binary to the more catchy name fritz_tffs and
move the whole package to utilities since the package doesn't really
provide a firmware file.

Make the fritz-tools available for all targets and build them shared.
The tffs is used by avm on lantiq and ar71xx as well.

Tested-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-04-08 14:30:00 +02:00
Jo-Philipp Wich
813efe57e4 mdadm: extend uci config support
Extend the mdadm package to allow to explicitely configure arrays as
well as device list entries.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-04-08 14:20:19 +02:00
Jo-Philipp Wich
1449b52f02 opkg: backport upstream fixes, code cleanups
Update to latest Git in order to import the following fixes:

1d0263b check_data_file_clashes_change: remove duplicated offline root in paths
a00a6a9 buildReplaces: do not add duplicated replacees
9fbedd8 opkg: compare-versions doesn't need any state
45b54f6 opkg_cmd: fix segmentation fault in opkg_compare_versions_cmd()
93de62b opkg_cmd: fix return of opkg compare-versions
51275a8 pkg_src_list_push: remove unused function
947d3d4 pkg_src_list_pop: remove unused function
980cfb2 str_list_push: remove unused function
52c31c1 str_list_prev: remove unused function
7d24212 str_list_last: remove unused function
48142a3 conffile_list_pop: remove unused function
46c5de5 pkg_dest_list_push: remove unused functions
368bb62 nv_pair_list_prev: remove unused function
2985c00 nv_pair_list_last: remove unused function
f5082ac conffile_list_pop: remove unused function
89bf8b9 conffile_list_push: remove unused function
23d31fb active_list_sort: remove unused function
7fe45f2 active_list_add_depend: remove unused function
86b584d pkg_dependence_satisfied: remove unused function
816d330 Fix typo in pkg_hash_fetch_best_installation_candidate.
07f3b02 set_flags_from_control: remove function

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-04-08 14:20:19 +02:00
Philip Prindeville
43d06ec2c7 kernel: add thermal monitor for nct6775/6776
Support for the nct6775/6776 hwmon chips, and other compatibles
in the family as well as the Intel on-chip thermal sensors.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-04-07 17:41:21 +02:00
Felix Fietkau
8b8ce566d9 uboot-ar71xx: fix build error
The HOSTCFLAGS override only works on newer u-boot versions

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-06 16:25:08 +02:00
Felix Fietkau
9613d97b29 mt76: ensure that the metapackage gets built as .ipk
Fixes errors during the image builder run

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-05 23:39:03 +02:00
Felix Fietkau
3169a6a7ad busybox: fix installation of cron and ntpd scripts in the default config
Fixes: 0b24850e97 ("busybox: don't install NTP scripts if NTP isn't configured")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-04 15:06:14 +02:00
Felix Fietkau
68139cc0e8 u-boot.mk: pass HOSTCC and HOST_CFLAGS into the build
Cuts build time on Mac OS X in half by avoiding repeated $(shell) calls
from the build system

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-04 12:34:23 +02:00
Changmin Jang
a1afee24a6 ath10k-firmware: update the qca988x firmware to 10.2.4-1.0-00029
update the qca988x firmware to firmware-5.bin_10.2.4-1.0-00029.
According to LEDE Forum, the new firmware supports mesh mode.
Also, it seems to have several improvements.

Signed-off-by: Changmin Jang <ckdalsdk12@gmail.com>
2017-04-04 12:33:44 +02:00
Felix Fietkau
2526d150dc uboot-lantiq: fix build error on mac os x
asm/* includes are not safe for the host build

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-04 12:33:34 +02:00
Felix Fietkau
cffeb31107 mac80211: backport an upstream fix for queue start/stop handling
Fixes issues with 802.11s

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-03 15:12:06 +02:00
Hans Dedecker
20e40db524 netifd: fix fw3 warnings in dhcp script
Fix fw3 warnings in dhcp script in case fw3 is not enabled

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-03 10:36:21 +02:00
Felix Fietkau
6411a12de2 build: move PKG_CONFIG_DEPENDS from feeds.mk to opkg
Normal packages don't rely on the feed configuration variables for the
build step

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-03 08:51:33 +02:00
Philip Prindeville
dfacdc6a99 kexec-tools: get kexec running on MUSL and x86 hardware
Couple of important upstream patches (slated for 2.0.15) that
are necessary for kexec to run on MUSL and on x86 hardware.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-04-03 08:50:57 +02:00
Philip Prindeville
0b24850e97 busybox: don't install NTP scripts if NTP isn't configured
If you're using Chrony or NTPD you don't want the busybox NTP server
as well.  Make it's installation truly conditional.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [simplify]
2017-04-03 08:49:16 +02:00
Ye Tao
7a5257654c modules: Add kmod-igbvf kernel module for Intel(R) 82576 Virtual Function Ethernet adapters
Intel(R) 82576 is an adapter which supports SR-IOV. Thus the host can
assign Virtual Functions (VFs) to different VMs by the PCI-E Passthrough
(e.g. VFIO for KVM), to gain different advantages (performance, VF to VF
communications, host kernel offload, etc.).

The driver of the passthroughed VFs is the igbvf (igb is NOT
compatible).

This is essential for VM guests, to enable them to utilize this feature.

Signed-off-by: Ye Tao <tydus@hongo.wide.ad.jp>
2017-04-03 08:48:12 +02:00
Hans Dedecker
15ca327954 odhcpd: update to git HEAD version (FS#635)
3d9f406 rework IPv6 dns address selection (FS#635)
bc6c3ac ndp: keep an exact copy of IPv6 interface addresses
6eb1e01 ndp: code cleanup
eea7d03 rework IPv6 address dump logic
24d21c7 ndp: add syslog debug tracing

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-01 14:00:46 +02:00
Daniel Golle
399d5cf532 mac80211: rt2x00: import upstream changes and rebase our patches
Some of our local patches have been accepted upstream. And there are
some more relevant changes (mostly for rt2800usb). Import them and
rebase our remaining local patches on top.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-03-30 18:31:02 +02:00
Karl Vogel
5d4aecee3e dnsmasq: use logical interface name for dhcp relay config
The relay section should use the logical interface name and
not the linux network device name directly. This to be
consistent with other sections of the dnsmasq config where
'interface' means the logical interface.

Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
2017-03-29 21:04:35 +02:00
John Crispin
4f5776932b fstools: update to latest git HEAD
20c16fc cmake: Make blockd link against libjson-c
92b4c2c libfstools: add basic documentation of mount functions

Signed-off-by: John Crispin <john@phrozen.org>
2017-03-29 09:19:59 +02:00
Philip Prindeville
513dff3cca kernel: add w83627hf-wdt watchdog timer module
This is a 3rd party chipset which is not present on all Intel
reference designs, so make it a module rather than baked in (this
will also alleviate conflicts with drivers which also detect some
of the same chipsets).

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-03-29 08:21:09 +02:00
Philip Prindeville
22ee675f04 kernel: kmod packaging for Intel 10G ethernet ixgbe driver
A lot of Ivybridge and Haswell servers have the 82598/82599 Ethernet
controllers.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-03-29 08:00:14 +02:00
Yousong Zhou
8fb39f1682 firewall: document rules for IPSec ESP/ISAKMP with 'name' option
These are recommended practices by REC-22 and REC-24 of RFC6092:
"Recommended Simple Security Capabilities in Customer Premises Equipment
(CPE) for Providing Residential IPv6 Internet Service"

Fixes FS#640

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-03-28 17:43:58 +08:00
Hannu Nyman
c69a89fe23 mac80211: ath10k: allow failure getting board id via otp
ath10k tries to fetch board id via otp, but that fails for many chips
like QCA988x, QCA9984 etc. Recent commit cc189c0b7f removed the earlier
hack that had allowed QCA radios to work, as that hack was incompatible
with the new wifi chips being introduced to the source tree.

Restore functionality for the existing wifi chips by modifying the
return value of the 'board id via otp' function to a value that is recognised
as a harmless error, so that name evaluation continues by using the board file.

Patch originally suggested by Christian Lamparter in forum discussion.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-03-28 08:50:18 +02:00
Shane Peelar
8f2e52b7bc kernel: Fix F2FS module dependencies
F2FS depends on the crc32_generic module (NOT crc32c_generic)

Signed-off-by: Shane Peelar <lookatyouhacker@gmail.com>
2017-03-27 08:11:20 +02:00
Shane Peelar
89765693a0 kernel: Add kmod-crypto-crc32 (crc32_generic.ko)
This is needed for F2FS support (it depends on crc32_generic,
not crc32c_generic).

Signed-off-by: Shane Peelar <lookatyouhacker@gmail.com>
2017-03-27 08:10:28 +02:00
Paul Wassi
55920643b1 package/boot/uboot-kirkwood: fix build errors for nsa310 and nsa325
With upstream changes, the last update to U-Boot 2017.03
broke the nsa310 and nsa325 targets. Also fix some redefines.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2017-03-27 08:09:00 +02:00
Stefan Koch
49acec5b5f lantiq: align falcon code with ar9-vr9 code
Signed-off-by: Stefan Koch <stefan.koch10@gmail.com>
2017-03-27 08:05:53 +02:00
Stefan Koch
001a50d314 lantiq: cleanup code ar9-vr9 parts
- remove unused code within 500-ar9_vr9.patch
- fixed return of IFX_ERROR (solves SIGSEGV in asterisk at failure)
- align it a bit with 400-falcon.patch
- remove 600-kernel-4.9.patch since changed parts
  are removed during cleanup

Signed-off-by: Stefan Koch <stefan.koch10@gmail.com>
2017-03-27 08:05:53 +02:00
Matthias Schiffer
ea1855949b
iw: enable MESH ID in scan output
Make scan output useful for 802.11s meshes. The common print_ssid function
is used, so this doesn't add any additional code.

Based-on-patch-by: Jan-Tarek Butt <tarek@ring0.de>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-03-25 13:46:21 +01:00
Yousong Zhou
f3474ca130 busybox: vi: backporting patches to fix ZZ and :x command
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-03-25 13:18:10 +08:00
Stefan Koch
aadd629c07 lantiq: remove residual watchdog parts from ltq-vmmc
modify 500-ar9_vr9.patch from
commit 29367aac42 ("lantiq: ltq-vmmc add support for ar9-vr9")

- remove unused dependencies to external watchdog functions
  (wdog setup is already disabled)
- using header file from kernel (asm/vpe.h) instead patched file (vpe.h)
- cleanup whitspace warning

Signed-off-by: Stefan Koch <stefan.koch10@gmail.com>
2017-03-24 08:09:39 +01:00
Mathias Kresin
e3c88f4964 ath10k-firmware: do not select the qca988x by default
Do not select the qca988x by default as soon as kmod-ath10k is
selected. We do support more ath10k chips than the qca988x in the
meantime, so this dependency doesn't make sense any longer.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-03-24 08:09:39 +01:00
Yousong Zhou
46e390322a gdb: fix invalid sigprocmask call
Fixes FS#637

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-03-24 11:10:22 +08:00
Hans Dedecker
4d5b5c82e1 odhcp6c: update to git HEAD version
0463b05 dhcpv6: rebind capability support in reconfigure message (rfc6644)
53767fc dhcpv6: respect renew end point when handling reconfigure message
dd892e2 dhcpv6: calculate T1, T2 and T3 in a more sane manner
8a6ca6e md5: use libubox md5 library as local implementation
89822de dhcpv6: don't return renew msg in case of invalid msg type in reconfigure msg
4160c0e treewide: align coding style

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-03-22 21:59:29 +01:00