Commit Graph

35274 Commits

Author SHA1 Message Date
Jo-Philipp Wich
f98f4601de openvpn: fix missing cipher list for polarssl in v2.3.11
Upstream OpenSSL hardening work introduced a change in shared code that
causes polarssl / mbedtls builds to break when no --tls-cipher is specified.

Import the upstream fix commit as patch until the next OpenVPN release gets
released and packaged.

Reported-by: Sebastian Koch <seb@metafly.info>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-28 10:47:22 +02:00
Daniel Dickinson
4a3b8e0596 lldpd: Use /etc/os-release instead of /etc/openwrt_*
With the addition of /etc/os-release patching lldpd to use
/etc/openwrt_release and to have the initscript use
/etc/openwrt_release and/or /etc/openwrt_version becomes
unnecessary.

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-06-27 15:16:01 +02:00
Jo-Philipp Wich
6ee66ae075 ar71xx: further legacy image build fixes
- Add missing macro to trigger the generation of 64k padded squashfs images
- Revert Zcomax image generation to use the prepared 64k squashfs image

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-27 15:15:49 +02:00
Felix Fietkau
2270fc5947 Revert "lantiq: enable SMP for XRX200"
This reverts commit cc3bfdb62f.

Apparently the ethernet driver is not SMP safe, as reported in
https://bugs.lede-project.org/index.php?do=details&task_id=27

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-27 13:06:56 +02:00
Felix Fietkau
be08fdd007 ar71xx: disable pdata->use_flow_control for QCA9558
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-27 12:12:40 +02:00
Felix Fietkau
75b2105cd3 ar71xx: rename ethernet pdata->builtin_switch to use_flow_control
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-27 12:12:40 +02:00
Jo-Philipp Wich
8d1218ca73 ar71xx: merge profiles into image building code
- Remove old style device profiles and convert them to device definitions
  within the image building code

- Fix the legacy build macros for the changed eval depth in the legacy
  image build wrapper

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-27 11:10:15 +02:00
Hauke Mehrtens
dc140e00a9 kernel: fix missing break in ubi auto-mounting patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Jo-Philipp Wich <jo@mein.io>
2016-06-27 08:10:36 +02:00
Hauke Mehrtens
459a8afff1 kernel: remove igb: Fix Null-pointer dereference patch
This patch is already included in the Linux mainline kernel since
v3.15, remove it from LEDE, see the lines directly before this patch.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-26 18:47:29 +02:00
Hauke Mehrtens
bf32177a1d kernel: remove full cache flush in fuse_copy_do() for MIPS
This patch was introduced in commit r16412 for the brcm47xx target only
and then moved to generic in commit r32395. It was initially added
because of ticket #5186 and should fix some problems with fuse file
systems and MIPS caches. The commit comment in r32395 says that this a
generic problem in MIPS CPUs, but does not name any specifics about
that. There was a fix added to kernel 2.6.21 in commit commit
7575a49f20 "[MIPS] Implement flush_anon_page()." that should fix this
problem, but that was already available before both commits were done
to OpenWrt.

I just tested fuse with ntfs.3g without this patch on a BCM4704
(BMIPS3300 V0.6) SoC and haven't seen any problems. Someone reported
that removing this patch improves some fuse operations by 5 times on
some modern MIPS cores.
My test was only a simple "dd if=/dev/zero of=/mnt/zero bs=5000" to an
USB stick.

This patch removes the patch to OpenWrt, because I assume that it is
not needed any more and Felix, the orginal author, also thinks so.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-26 18:22:23 +02:00
Hauke Mehrtens
2abb02419d kernel: remove one of two patches deactivating broken vdso support on mips
The patch target/linux/generic/patches-4.4/206-mips-disable-vdso.patch
should be sufficient.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-26 18:22:23 +02:00
Hauke Mehrtens
84d489f64f kernel: update to version 4.4.14
Changelog: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.14

Some manual changes to target/linux/generic/patches-4.4/610-
netfilter_match_bypass_default_checks.patch were needed.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-26 18:20:37 +02:00
Felix Fietkau
3bf3512673 Revert "ar71xx: prevent spurious ethernet resets from dma hang check false positives"
This reverts commit 3d58d7f053.
2016-06-26 16:53:11 +02:00
Alin Năstac
86a2702a00 libnetfilter_queue: fix checksum computation
There are 2 issues fixed by this patch:
  - UDP checksum is computed incorrectly, the used pseudo IP header
    contains transport protocol 6 iso 17
  - on big endian arches the UDP/TCP checksum is incorrectly
    computed when payload length is odd

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [refresh patch]
2016-06-26 16:09:48 +02:00
Sergey Sergeev
e6b9330343 build: Adds the ability to disable personal initramfs build for target device
If KERNEL_INITRAMFS := in the target/linux/*/image/Makefile->Device/%NAME% section is set to ''
then personal initramfs file for this target device will not be created.
This var is similar to the Device/Build/kernel KERNEL_INSTALL :=

Signed-off-by: Sergey Sergeev <adron@yapic.net>
2016-06-26 13:06:36 +02:00
Felix Fietkau
3d58d7f053 ar71xx: prevent spurious ethernet resets from dma hang check false positives
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-26 11:21:17 +02:00
Felix Fietkau
26b8db2537 ar71xx: enable flow control for ethernet MACs with built-in switch
Should fix LAN speed issues on some devices. This is an updated version
of the previously reverted commit with the same name.
It improves the check for MACs connected to a built-in switch

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-26 11:21:17 +02:00
Hauke Mehrtens
9493613e94 linux-firmware: fix md5sum
The copy on the mirror has a different md5sum as specified in this
package Makefile. The content of the file on the mirror is the same as
in the checkout so just update our md5sum.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-25 19:20:16 +02:00
Hauke Mehrtens
2ca4fa5feb rtl8192su-firmware: move firmware to own package
Instead of downloading the firmware from some website take it from
linux-firmware package and do not download it separately any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-25 19:20:16 +02:00
Hauke Mehrtens
d2a372c4fc rtl8192se-firmware: fix package build
The package did not pack the firmware because of a problem which looks
like a copy and past error.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-25 19:20:16 +02:00
John Crispin
3874773503 Revert "ar71xx: fix legacy image building"
This reverts commit 59e98b27c9.

and

Revert "ar71xx: merge profiles into image building code"

This reverts commit 636089ead6.

these are still causing issues

Signed-off-by: John Crispin <john@phrozen.org>
2016-06-23 19:33:31 +02:00
Jo-Philipp Wich
cb7aa4b1fe ebtables: fix segmentation fault due to uninitialized extension data
The ebtables code relies on the `-nostartfiles` linker argument to execute the
extension modules' `_init()` functions automatically which is not working
reliably across all supported targets and gcc versions.

Running an ebtables executable linked this way just crashes with a segmentation
fault at runtime on program startup, e.g. on ARM architectures.

In order to fix the issue ...
 - remove the use of the -nostartfiles linker flag
 - rename the init procedures to a generic name without implicit semantics
 - explicitely annotate those init procedures as constructors

The patch has been taken from the Alpine Linux distribution at
http://git.alpinelinux.org/cgit/aports/tree/main/ebtables/fix-extension-init.patch

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-24 15:59:36 +02:00
Kevin Darbyshire-Bryant
d4ede1c118 base-files: sysfixtime no longer exclude dnsmasq.time
dnsmasq's dnssec time checking method now uses a ntp hotplug mechanism,
therefore dnsmasq.time is redudant and no longer needs to be explicitly
excluded from sysfixtime.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-24 13:56:30 +02:00
Kevin Darbyshire-Bryant
5acfe55d71 dnsmasq: dnssec time handling uses ntpd hotplug
Change dnsmasq's dnssec time check handling to use time validity
indicated by ntpd rather than maintaining a cross boot/upgrade
/etc/dnsmasq.time timestamp file.  This saves flash device wear.

If ntpd client is configured in uci and you're using dnssec, then
dnsmasq will not check dnssec timestamp validity until ntpd hotplug
indicates sync via a stratum change. The ntpd hotplug leaves a status
flag file to indicate to dnsmasq.init that time is valid and that it
should now start in 'check dnssec timestamp valid' mode.

If ntpd client is not configured and you're using dnssec, then it is
presumed you're using an alternate time sync mechanism and that time is
correct, thus dnsmasq checks dnssec timestamps are valid from 1st start.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

V2 - stratum & step ntp changes indicate time is valid
V3 - on initial flag file step signal dnsmasq with SIGHUP if running
V4 - only accept step ntp changes. Accepting both stratum & step could
result in unpleasant script race conditions
V5 - Actually only accepting stratum is the correct thing to do after
further testing
V6 - improve handling of non busybox ntpd
if sysntpd not executable
  dnsmasq checks dnssec timestamps
else
  sysntp script disabled - look for timestamp file - allows external mechanism to use hotplug flag file
  sysntp script enabled & uci ntp enabled  - look for timestamp file
  sysntp script enabled & uci ntp disabled - dnsmasq checks dnssec
timestamps
fi
2016-06-24 13:53:39 +02:00
Daniel Dickinson
f954f4337b base-files: Add standard os-release file
/etc/os-release is the standard distribution release information
file, therefore add it (and image configuration options for
fields not previously present in LEDE).  Once it is deemed
reasonable the non-standard openwrt_release, openwrt_version,
and device_info files could be removed (that is with this patch
we consider them deprecated in favour of the standard file).

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-06-24 13:52:53 +02:00
Jo-Philipp Wich
59e98b27c9 ar71xx: fix legacy image building
After the conversion from legacy device profiles to the newer profile
information embedded in the image building code, the legacy recipes got
triggered twice with different eval depths, leading to shell syntax errors
when processing certain images.

The double processing was caused by the remaining Image/Build macro in
legacy.mk which serves as main entry point for the new style image build code
in conjunction with the newly introduced LegacyDevice/* macros which caused
the legacy image build fallback code to kick in.

In order to fix the issue, rework all legacy macros to work under the legacy
image build wrapper and remove the Image/Build macro of legacy.mk to prevent
legacy profiles getting executed in the context of the new build code.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-24 13:43:40 +02:00
Kevin Darbyshire-Bryant
819cf75c40 tools: e2fsprogs: bump to 1.43.1
Bump e2fsprogs to v1.43.1 & refresh patches

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-22 19:32:07 +02:00
John Crispin
636089ead6 ar71xx: merge profiles into image building code
Signed-off-by: John Crispin <john@phrozen.org>
2016-06-22 19:32:06 +02:00
Roger Pueyo Centelles
5fba0f0c0c ramips: add suport for ZBT APE522II
The ZBT APE522II is a dual-radio outdoor CPE based on the MT7620a SoC. It has
64 MB RAM, 8 MB flash, 2 Fast Ethernet ports via internal switch (one with
802.3af 48V PoE support), a 802.11b/g/n SoC 2.4 GHz radio and an 802.11a/n/ac
MT7612E-based 5 GHz radio.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
2016-06-22 19:32:06 +02:00
John Crispin
27493e82f9 mountd: update to latest git HEAD
adds HFS+ support

Signed-off-by: John Crispin <john@phrozen.org>
2016-06-22 19:32:06 +02:00
Adrian Panella
184087f4f1 ipq806x: enable ieee80211 phy hotplug and patch macaddress
Calibration data for QCA99x0 in this device has bogus macaddress.
The data cannot be modified directly, as it breaks checksum control.
Instead change the macaddress from phy add hotplug event.

Signed-off-by: Adrian Panella <ianchi74@outlook.com>
2016-06-22 19:32:06 +02:00
Hauke Mehrtens
f97ad870e1 squashfs4: use upstream xz compression header format
In the upstream kernel and the upstream squashfs4 tools the xz
compression header looks the following:
struct disk_comp_opts {
        __le32 dictionary_size;
        __le32 flags;
};

We added some other members and also moved some existing members. Place
the members which are already in upstream header at the same position
as in that kernel and add our own at the end. The kernel should not
have a problem when there are some additional members and just ignore
them.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-22 19:32:06 +02:00
Mathias Kresin
f080cfab72 lantiq: fix network in failsafe
So far the network in failsafe is setup only for one board. Use the
eth0 interface as lan interface for all boards for now.

If a board has its lan interface(s) on another eth, a special
handling based on the board name can be added.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-06-22 19:32:06 +02:00
Alexey Brodkin
acd41539d6 linux: arc: disable kernel unwinding to fix modules loading
With update of binutils for ARC (this is now based on upstream 2.26)
we noticed issues with loadable kernel modules.

Something like that was happening:
--------------------->8-------------------
mbcache: unknown relocation: 49
insmod: can't insert './mbcache.ko': invalid module format
--------------------->8-------------------

More details could be found in that discussion in binutils mailing list:
http://thread.gmane.org/gmane.comp.gnu.binutils/74662

As of now the simplest work-around is to disable in-kernel unwinder
for now. That will at least allow us to use modules again.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: John Crispin <john@phrozen.org>
2016-06-22 19:32:06 +02:00
Sven Eckelmann
776613eeba ipq806x: Fix typo in Qualcomm device names
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2016-06-22 19:32:06 +02:00
Hauke Mehrtens
3f38356893 packages: prefer http over git for git protocol
In company networks everything except the http and https protocol is
often causes problems, because the network administrators try to block
everything else. To make it easier to use LEDE in company networks use
the https/http protocol for git access when possible.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-22 19:32:06 +02:00
Mathias Kresin
b32eb40210 uboot-lantiq: Add Arcadyan ARV7506PW11 support
Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-06-22 19:32:06 +02:00
Oswald Buddenhagen
9759fde40a lantiq: add support for ARV7506PW11 (Alice/O2 IAD 4421)
Ethernet, ADSL2+ and LEDs are fully functional.

Supporting the two TAE ports and SIP gateway was not attempted.

The WiFi is unreliable, due to experimental support for rt35xx family
devices by the rt2800pci driver.

Signed-off-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de>
[rebase to LEDE HEAD]
[switch to normal image instead of brnboot image]
[remove not required pinmux child nodes keys, leds, ebu, exin, pci_in and pci_out]
[remove switch_rst pinmux child node (no support for hw reset in driver/setting a default GPIO value in DT]
[enable usage of the wireless LED]
[fixup mac address configuration]
Sgned-off-by: Mathias Kresin <dev@kresin.me>
2016-06-22 19:32:06 +02:00
Yousong Zhou
b67066b8fa ar71xx: hiwifi-hc6361: lift size limit on kernel and rootfs parts
The patch has been run-tested and the relevant dmsg logs are as the
following

    [    0.762447] Creating 5 MTD partitions on "spi0.0":
    [    0.767217] 0x000000000000-0x000000010000 : "u-boot"
    [    0.775139] 0x000000010000-0x000000020000 : "bdinfo"
    [    0.781014] 0x000000020000-0x000000fe0000 : "firmware"
    [    0.810558] 2 uimage-fw partitions found on MTD device firmware
    [    0.815043] 0x000000020000-0x000000170000 : "kernel"
    [    0.821925] 0x000000170000-0x000000fe0000 : "rootfs"
    [    0.827587] mtd: device 4 (rootfs) set to be root filesystem
    [    0.831937] 1 squashfs-split partitions found on MTD device rootfs
    [    0.837983] 0x0000005c0000-0x000000fe0000 : "rootfs_data"
    [    0.845621] 0x000000fe0000-0x000000ff0000 : "backup"
    [    0.851445] 0x000000ff0000-0x000001000000 : "art"

While at it, convert to new build method

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2016-06-22 19:32:06 +02:00
Ben Whitten
b7baaaf782 kernel: Move append-dtb to common image-commands
This build step is used by various targets, move it to a common section.

Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
2016-06-22 19:32:06 +02:00
Daniel Gimpelevich
7385f754b1 lantiq: Correct ADSL race condition
puts br2684ctl init after ADSL init instead of before, so that the ESI
is set at the right time, and for consistency with the PTM driver.

Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
2016-06-22 19:32:06 +02:00
Daniel Gimpelevich
34fdfbf328 lantiq: Slow down SPI flash on the DGN3500
The bootloader uses 30 MHz as the SPI frequency for flash on the Germany and
North America models, and 50 MHz for it on the worldwide model, but the Lantiq
SPI driver in OpenWrt and LEDE may access the flash differently such that
writes are capped at 20 MHz, leading to read errors reported on the worldwide
model at 30 MHz.

Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
Acked-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-22 19:32:06 +02:00
John Crispin
f054e82bdc lantiq: remove gr7000 support
this seems to have never worked as the wrong SoC is selected

Signed-off-by: John Crispin <john@phrozen.org>
2016-06-22 19:32:06 +02:00
Pavel Kubelun
823242185b ipq806x: add initial support for Netgear R7800
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-06-22 19:32:06 +02:00
Pavel Kubelun
9bf3ddcb2a ipq806x: move ath10k firmware selection into device profiles
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-06-22 19:32:06 +02:00
Pavel Kubelun
4cd67a4f21 ipq806x: move smb208 nodes into a regulator subnode
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-06-22 19:32:05 +02:00
Hauke Mehrtens
84b3d92180 lantiq: make EASY80920 work with both chip versions
The EASY80920 is available with the A1X and the A2X chip version
depending on the board version. Add both firmware versions to device
tree and make the driver load the correct version depending on the chip
version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-21 21:58:59 +02:00
Hauke Mehrtens
7f5b8cc376 lantiq: use new partition layout for EASY80920NAND
This matches the EASY80920NAND boards with UGW.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-21 21:58:59 +02:00
Hauke Mehrtens
8bfa230e9f lantiq: build fullimage.img for EASY80920NAND
This image format is used by Lantiq's / Intel's UGW version 6.1 to 7.1.
These images can be flashed onto a board with the SoC vendor boot
loader as a replacement for the vendor firmware.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-21 21:58:59 +02:00
Hauke Mehrtens
ecdfbeae85 lantiq: remove patch adding support for building without reset controller
The lantiq kernel arch code selects CONFIG_RESET_CONTROLLER always, so
it is always selected when the lantiq target is build. we do not need
support for unselected CONFIG_RESET_CONTROLLER option.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-06-21 21:58:59 +02:00