44014 Commits

Author SHA1 Message Date
Mathias Kresin
0013c94025 gemini: use dts compatible based image filenames
Use an output image filename based on the compatible string from the dts
files. This way it is way easier to get for which board an image is
intended.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 15:23:37 +01:00
Mathias Kresin
b9c6862d9d gemini: drop unnecessary image build default variables
They are either not required, set to an earlier set default value or
defined due to target features.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 15:23:37 +01:00
Mathias Kresin
7f17f3b418 gemini: drop unnecessary images
The root filesystem is already part of the factory image and most likely
not required at all.

The same applies to the kernel images.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 15:23:37 +01:00
Mathias Kresin
b010519f1e gemini: all images are factory images
There is no support for sysupgrade in gemini, hence all images are only
suitable for an installation via bootloader or oem firmware.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 15:23:37 +01:00
Mathias Kresin
10dab9b098 gemini: follow common pattern for temp dir naming
For temporary directories <imagename>.tmp is a common pattern in image
build code across the tree. Use it for the nas4220b/sq201 recipe as
well.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 15:23:37 +01:00
Mathias Kresin
98c2261ac2 gemini: use existing build code where possible
Use the existing image build recipes in favour of introducing deplicate
shell code.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 15:23:36 +01:00
Mathias Kresin
1e606edce6 gemini: make all tar files more reproducible
Force a fixed sorting and use the parameters to create reproducible
archives for all tar invocations.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 15:23:36 +01:00
Mathias Kresin
6491643df4 gemini: build images in temporary directories
Create files in temporary directories within the build directory
instead manipulating files in the (final) output directory.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 15:23:36 +01:00
Mathias Kresin
0ffa6bae0a gemini: don't hardcode image filenames
Use the existing image build code mechanisms to specify the image output
filename.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 15:23:36 +01:00
Mathias Kresin
ec0d58ede4 gemini: fix parallel build
Due to the missing PROFILES all images are build, regardless of the
selected (or currently processed in case of a multi profile build).

Because of the race condition builds with eight parallel jobs fail,
which can be seen on the build bots as well.

Add the PROFILES variable for now, till the root cause is identified.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 15:23:36 +01:00
Tomasz Maciej Nowak
650df59e8a mvebu: remove default profile
When using Image Builder and building image for Cortex A53 or
A72 subtargets, it'll fail with following message:

Collected errors:
 * opkg_install_cmd: Cannot install package mwlwifi-firmware-88w8864.
 * opkg_install_cmd: Cannot install package mwlwifi-firmware-88w8964.
make[2]: *** [Makefile:153: package_install] Error 255
make[1]: *** [Makefile:114: _call_image] Error 2

This is beacuse both packages are available only for Cortex A9 subtarget
and are included in PACKAGES array in default profile. Instead patching
this, let's remove profiles completely, since all necessary packages are
specified in DEVICE_PACKAGES array for each device.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2019-01-26 10:45:34 +01:00
David Bauer
25eb02ae8e ipq40xx: remove misplaced MR33 UCI definition
This removes the misplaced UCI-network configuration for the MR33. The
LAN port is set in 01_leds while it is already correctly defined in
02_network.

This was most likely an oversight as no network configuration belongs
into 01_leds.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-01-26 10:45:34 +01:00
Robert Resch
53c25fa2c4 lantiq: Add support for 2nd USB port on Fritz!Box 7320 and 7330
Enable support for 2nd USB port, which is available on Fritz!Box 7320
and 7330. It was run-tested on 7320 and 7330 as well.

Signed-off-by: Robert Resch <openwrt@webnmail.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-01-26 10:42:19 +01:00
David Bauer
d4ba7bab25 lantiq: make AVM FRITZ!Box naming consistent
This commit changes the model string and device title of all AVM boards
to fit the naming of the manufacturer.

Drop all provider-specific titles as they are re-used for every device
generation by 1&1. The original AVM model name is printed on the bottom
of every devices.

Exception applies for boards which are only supported by a specific
sub-revision.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-01-26 10:41:26 +01:00
David Bauer
915fbd4e31 ramips: adjust Netgear R6120 model name
Adjust the model string and device title to match other Netgear routers
in the ramips target.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-01-26 10:41:03 +01:00
Jeff Kletsky
ee3120a9db ath79: fix GL.iNet AR300M family GPIOs/LEDs
Change the "status" LED to proper GPIO 12 and "red" naming.

Remove GPIO 2 from definition as a USB LED.

GPIO 2 is used to control power to the USB socket, not an LED.
As such, PWM on the line or typical LED triggers are inappropriate.

Users who wish to control the USB power for custom applications
can manipulate the GPIO through code, or for example, export it
through /sys/class/gpio/export.

Runtime-tested:  GL.iNet AR300M-Lite

Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
2019-01-26 10:40:06 +01:00
Felix Fietkau
0465e41e05 mt76: update to the latest version
3e9a7d5 Revert "mt7603: fix txd q_idx field value"
815fd03 mt7603: fix CCA timing values
b35cc8e mt7603: set timing on channel change before starting MAC
79b337c mt7603: move CF-End rate update to mt7603_mac_set_timing
3df341d mt7603: avoid redundant MAC timing updates
1c751f3 mt76: avoid scheduling tx queues for powersave stations
2efa389 mt7603: limit station power save queue length to 64
63a79ff mt76: do not report out-of-range rx nss
fe30bd3 mt7603: issue PSE reset on tx hang
ce8cc5d mt7603: issue PSE client reset on init
e342cc5 mt7603: fix buffered multicast count register
aa470d8 mt7603: fix buffered multicast queue flush
b4ee01f mt76: fix tx status timeout processing
7d00d58 mt76x02: fix per-chain signal strength reporting
64abb35 mt76: fix corrupted software generated tx CCMP PN
0b939dc mt76: fix resetting software IV flag on key delete

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-01-25 23:50:17 +01:00
Jo-Philipp Wich
f4d6e8f98f libelf: fix library packaging
The library has an usual shared object file name, which caused the
install glob pattern to miss the actual so.

Fixes: #2082
Fixes; 0e70f69a35 ("treewide: revise library packaging")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-25 18:59:46 +01:00
Martin Schiller
eaaee181d1 ppp: update to version 2.4.7.git-2018-06-23
This bumps ppp to latest git version.

There is one upstream commit, which changes DES encryption calls from
libcrypt / glibc to openssl.

As long as we don't use glibc-2.28, revert this commit.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2019-01-25 14:55:46 +01:00
Jo-Philipp Wich
f01044e85c kernel: fix sdhci-msm build error
A missing upstream stable backport leads to the following build error:

     CC      drivers/mmc/host/sdhci-msm.o
    drivers/mmc/host/sdhci-msm.c:1158:3: error: 'const struct sdhci_ops' has no member named 'write_w'
      .write_w = sdhci_msm_write_w,
       ^~~~~~~
    drivers/mmc/host/sdhci-msm.c:1158:13: warning: excess elements in struct initializer
      .write_w = sdhci_msm_write_w,
                 ^~~~~~~~~~~~~~~~~
    drivers/mmc/host/sdhci-msm.c:1158:13: note: (near initialization for 'sdhci_msm_ops')
    scripts/Makefile.build:326: recipe for target 'drivers/mmc/host/sdhci-msm.o' failed

Solve the issue by backporting commit
99d570da30 ("mmc: Kconfig: Enable CONFIG_MMC_SDHCI_IO_ACCESSORS")
from linux-stable.

Ref: 528508ae8b (commitcomment-32049231)
Fixes: 528508ae8b ("kernel: bump 4.14 to 4.14.95")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-25 09:23:33 +01:00
Hans Dedecker
e906a75e67 procd: update to latest git HEAD
e2b055e hotplug.c: Make sure hotplug buffer is NULL terminated

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-01-24 22:54:13 +01:00
Hauke Mehrtens
e61061a088 toolchain: Include hardening.mk for toolchain build
This adds the hardening options also to the toolchain build.
With this change the /usr/lib/libstdc++.so.6.0.24 library will have
stack canaries and the /lib/libgcc_s.so.1 library will have Full RELRO.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-01-24 21:52:39 +01:00
Christian Lamparter
5bac623895 gemini: unify and fix ib-nas4220b and sq201 image creation
Both Build/sq201-images and Build/nas4220b-images scripts
are very similar. This patch unifies both methods at the
cost of renaming the produced sysupgrade file names, but
with the benifit of creating better reproducible files.

The patch also fixes a race in parallel builds in which case
the ImageInfo of one device could end up in both sysupgrade
files.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-01-24 15:53:04 +01:00
Christian Lamparter
de07a0a29a gemini: lazy set IMAGE_NAME
Currently, IMAGE_NAME is expanded at declaration time
and this causes strange filename in the builder's logs:

|cp: cannot stat '[...]/openwrt-gemini-dlink-dns-313-.': No such file or directory
|cp: cannot stat '[...]/openwrt-gemini-nas4220b-.': No such file or directory
|[...]

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-01-24 15:53:04 +01:00
Petr Štetiar
71cf3eab25 layerscape: dts: Unify naming of gpio-keys nodes
In DTS Checklist[1] we're now demanding proper generic node names, as
the name of a node should reflect the function of the device and use
generic name for that[2]. Everybody seems to be copy&pasting from DTS
files available in the repository today, so let's unify that naming
there as well and provide proper examples.

1. https://openwrt.org/submitting-patches#dts_checklist
2. https://github.com/devicetree-org/devicetree-specification/blob/master/source/devicetree-basics.rst#generic-names-recommendation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [split up]
2019-01-24 15:53:04 +01:00
Petr Štetiar
9292822023 oxnas: dts: Unify naming of gpio-led nodes
In DTS Checklist[1] we're now demanding proper generic node names, as
the name of a node should reflect the function of the device and use
generic name for that[2]. Everybody seems to be copy&pasting from DTS
files available in the repository today, so let's unify that naming
there as well and provide proper examples.

1. https://openwrt.org/submitting-patches#dts_checklist
2. https://github.com/devicetree-org/devicetree-specification/blob/master/source/devicetree-basics.rst#generic-names-recommendation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [split up]
2019-01-24 15:53:04 +01:00
Petr Štetiar
4a954e8620 oxnas: dts: Unify naming of gpio-keys nodes
In DTS Checklist[1] we're now demanding proper generic node names, as
the name of a node should reflect the function of the device and use
generic name for that[2]. Everybody seems to be copy&pasting from DTS
files available in the repository today, so let's unify that naming
there as well and provide proper examples.

1. https://openwrt.org/submitting-patches#dts_checklist
2. https://github.com/devicetree-org/devicetree-specification/blob/master/source/devicetree-basics.rst#generic-names-recommendation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [split up]
2019-01-24 15:53:03 +01:00
Christian Lamparter
b5f6ede3c4 kernel: 4.19: use upstream usbport led trigger fix
This patch replaces the current hack with a better
version of the RFC patch has been accepted upstream.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-01-24 15:53:03 +01:00
Petr Štetiar
6928d06a7e ipq806x: dts: Unify naming of gpio-led nodes
In DTS Checklist[1] we're now demanding proper generic node names, as
the name of a node should reflect the function of the device and use
generic name for that[2]. Everybody seems to be copy&pasting from DTS
files available in the repository today, so let's unify that naming
there as well and provide proper examples.

1. https://openwrt.org/submitting-patches#dts_checklist
2. https://github.com/devicetree-org/devicetree-specification/blob/master/source/devicetree-basics.rst#generic-names-recommendation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [split up]
2019-01-24 15:53:03 +01:00
Petr Štetiar
93c30bef7c ipq806x: dts: Unify naming of gpio-keys nodes
In DTS Checklist[1] we're now demanding proper generic node names, as
the name of a node should reflect the function of the device and use
generic name for that[2]. Everybody seems to be copy&pasting from DTS
files available in the repository today, so let's unify that naming
there as well and provide proper examples.

1. https://openwrt.org/submitting-patches#dts_checklist
2. https://github.com/devicetree-org/devicetree-specification/blob/master/source/devicetree-basics.rst#generic-names-recommendation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [split up]
2019-01-24 15:53:03 +01:00
Petr Štetiar
540a7d1ecc ipq40xx: dts: Unify naming of gpio-led nodes
In DTS Checklist[1] we're now demanding proper generic node names, as
the name of a node should reflect the function of the device and use
generic name for that[2]. Everybody seems to be copy&pasting from DTS
files available in the repository today, so let's unify that naming
there as well and provide proper examples.

1. https://openwrt.org/submitting-patches#dts_checklist
2. https://github.com/devicetree-org/devicetree-specification/blob/master/source/devicetree-basics.rst#generic-names-recommendation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [split up]
2019-01-24 15:53:03 +01:00
Petr Štetiar
98c6c8cdfe ipq40xx: dts: Unify naming of gpio-keys nodes
In DTS Checklist[1] we're now demanding proper generic node names, as
the name of a node should reflect the function of the device and use
generic name for that[2]. Everybody seems to be copy&pasting from DTS
files available in the repository today, so let's unify that naming
there as well and provide proper examples.

1. https://openwrt.org/submitting-patches#dts_checklist
2. https://github.com/devicetree-org/devicetree-specification/blob/master/source/devicetree-basics.rst#generic-names-recommendation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [split up]
2019-01-24 15:53:03 +01:00
Christian Lamparter
f932137385 apm821xx: dts overhaul
- remove stray #address-cells / #size-cells

 - fix partition unit-addresses in wd-mybooklive.dts

 - remove index from MBL's gpio node name

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-01-24 15:53:03 +01:00
Petr Štetiar
cbb44f6ed7 apm821xx: dts: Unify naming of gpio-led nodes
In DTS Checklist[1] we're now demanding proper generic node names, as
the name of a node should reflect the function of the device and use
generic name for that[2]. Everybody seems to be copy&pasting from DTS
files available in the repository today, so let's unify that naming
there as well and provide proper examples.

1. https://openwrt.org/submitting-patches#dts_checklist
2. https://github.com/devicetree-org/devicetree-specification/blob/master/source/devicetree-basics.rst#generic-names-recommendation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [split up]
2019-01-24 15:53:03 +01:00
Petr Štetiar
a692eecda1 apm821xx: dts: Unify naming of gpio-keys nodes
In DTS Checklist[1] we're now demanding proper generic node names, as
the name of a node should reflect the function of the device and use
generic name for that[2]. Everybody seems to be copy&pasting from DTS
files available in the repository today, so let's unify that naming
there as well and provide proper examples.

1. https://openwrt.org/submitting-patches#dts_checklist
2. https://github.com/devicetree-org/devicetree-specification/blob/master/source/devicetree-basics.rst#generic-names-recommendation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [split up]
2019-01-24 15:53:03 +01:00
Petr Štetiar
87dcf24548 at91: dts: Unify naming of gpio-keys nodes
In DTS Checklist[1] we're now demanding proper generic node names, as
the name of a node should reflect the function of the device and use
generic name for that[2]. Everybody seems to be copy&pasting from DTS
files available in the repository today, so let's unify that naming
there as well and provide proper examples.

1. https://openwrt.org/submitting-patches#dts_checklist
2. https://github.com/devicetree-org/devicetree-specification/blob/master/source/devicetree-basics.rst#generic-names-recommendation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [split up]
2019-01-24 15:53:02 +01:00
Christian Lamparter
13251aa92b mac80211: ath10k: remove "ath10k: fix otp failure result" patch
Initially this patch was introduced as a quick fix following
the removal of 936-ath10k_skip_otp_check.patch which caused
multiple ath10k pcie devices in various ipq806x and ar71xx/ath79
targets to malfunction.

Thankfully, the affected devices have been updated to utilize
the pre-caldata method. And finally with the switch to ath10k-ct,
which never had the patch or any reports of similar issues, I
think it's time to remove this patch since it is no longer needed.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-01-24 15:53:02 +01:00
Christian Lamparter
1aa00f9d13 brcm2708: boot-part feature integration
This patch adds the boot-part feature which enables the brcm2708
target move from the custom boot partition size config option to
the generic CONFIG_TARGET_KERNEL_PARTSIZE.

Note:
For people using custom images: Just like with
CONFIG_TARGET_ROOTFS_PARTSIZE changing the value
can cause sysupgrade to repartition the device!
Make sure to have a backup in this case.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-01-24 15:53:02 +01:00
Jo-Philipp Wich
b1781d5841 iproute2: replace libelf1 dependency with libelf
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-24 12:56:31 +01:00
Jo-Philipp Wich
8d13529536 perf: replace libelf1 dependency with libelf
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-24 12:56:11 +01:00
Jo-Philipp Wich
d7bf0898a8 elfutils: rename libelf1 to libelf
The ABI_VERSION:=1 tag will take care of transforming the binary
library package basename.

Add a virtual PROVIDES:=libelf1 for packages still having libelf1
in their DEPENDS:=... lists.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-24 12:52:23 +01:00
Jo-Philipp Wich
790bce92ad build: formatting fixes for per-provide ABI_VERSION suffixes
- Filter out potential duplicates with the package name
   (e.g. when renaming libfoo1 w/ ABI_VERSION:=1 to libfoo)
 - Use the GetABISuffix macro to properly separate the suffix
   with a dash in case the basename ends with a number

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-24 12:51:39 +01:00
Jo-Philipp Wich
0e70f69a35 treewide: revise library packaging
- Annotate versionless libraries (such as libubox, libuci etc.) with a fixed
  ABI_VERSION resembling the source date of the last incompatible change
- Annotate packages shipping versioned library objects with ABI_VERSION
- Stop shipping unversioned library symlinks for packages with ABI_VERSION

Ref: https://openwrt.org/docs/guide-developer/package-policies#shared_libraries
Ref: https://github.com/KanjiMonster/maintainer-tools/blob/master/check-abi-versions.pl
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-24 10:39:30 +01:00
Jo-Philipp Wich
60558790a2 build: extend ABI_VERSION suffixing to provides
When a library package specifies additional provides, e.g. libncurses
which provides libncursesw, we should also append the abi version
suffix to each provide, since there may be more than one package
providing the virtual library.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-24 10:39:29 +01:00
Jo-Philipp Wich
68b29a7a95 uclient: set fixed ABI_VERSION on libuclient
Last incompatible change appeared to be 4924411
("http: add proper error handling to uclient_http_redirect()") which
changed the return value of uclient_http_redirect() from bool to int.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-24 10:39:29 +01:00
Koen Vandeputte
528508ae8b kernel: bump 4.14 to 4.14.95
Refreshed all patches.

Removed superseded patches:
- 0400-Revert-MIPS-smp-mt-Use-CPU-interrupt-controller-IPI-.patch

Compile-tested on: ar71xx, cns3xxx, imx6, lantiq (xrx200, AVM 3370), x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6, lantiq (xrx200, AVM 3370)

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Mathias Kresin <dev@kresin.me>
Tested-by: Robert Resch <openwrt@webnmail.de>
2019-01-24 10:10:45 +01:00
Koen Vandeputte
ed6322a7f8 kernel: bump 4.9 to 4.9.152
Refreshed all patches.

Compile-tested on: ar7
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-01-24 10:10:45 +01:00
Jason A. Donenfeld
bbcd0634f8 wireguard: bump to 0.0.20190123
* tools: curve25519: handle unaligned loads/stores safely

This should fix sporadic crashes with `wg pubkey` on certain architectures.

* netlink: auth socket changes against namespace of socket

In WireGuard, the underlying UDP socket lives in the namespace where the
interface was created and doesn't move if the interface is moved. This
allows one to create the interface in some privileged place that has
Internet access, and then move it into a container namespace that only
has the WireGuard interface for egress. Consider the following
situation:

1. Interface created in namespace A. Socket therefore lives in namespace A.
2. Interface moved to namespace B. Socket remains in namespace A.
3. Namespace B now has access to the interface and changes the listen
port and/or fwmark of socket. Change is reflected in namespace A.

This behavior is arguably _fine_ and perhaps even expected or
acceptable. But there's also an argument to be made that B should have
A's cred to do so. So, this patch adds a simple ns_capable check.

* ratelimiter: build tests with !IPV6

Should reenable building in debug mode for systems without IPv6.

* noise: replace getnstimeofday64 with ktime_get_real_ts64
* ratelimiter: totalram_pages is now a function
* qemu: enable FP on MIPS

Linux 5.0 support.

* keygen-html: bring back pure javascript implementation

Benoît Viguier has proofs that values will stay well within 2^53. We
also have an improved carry function that's much simpler. Probably more
constant time than emscripten's 64-bit integers.

* contrib: introduce simple highlighter library

This is the highlighter library being used in:
- https://twitter.com/EdgeSecurity/status/1085294681003454465
- https://twitter.com/EdgeSecurity/status/1081953278248796165

It's included here as a contrib example, so that others can paste it into
their own GUI clients for having the same strictly validating highlighting.

* netlink: use __kernel_timespec for handshake time

This readies us for Y2038. See https://lwn.net/Articles/776435/ for more info.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-23 18:06:49 +01:00
Deng Qingfang
752bd72668 iproute2: update to 4.20.0
Update to the latest version of iproute2; see https://lwn.net/Articles/776174/
for a full overview of the changes in 4.20.
Remove upstream patch 001-fix-print_0xhex-on-32-bit.patch and 002-tc-fix-xtables-incorrect-usage-of-LDFLAGS.patch
Introduce a patch to include <linux/limits.h> for XATTR_SIZE_MAX in tc

Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-01-23 17:55:21 +01:00
HsiuWen Yen
fe7d965ea9 ramips: fix two-way hash and auto ageout on MT7621
Current code directly writes the FOE entry to hash_val+1 position
when hash collision occurs. However, it is found that this behavior
will cause the cache and the hardware FOE table to be inconsistent.

For example, there are three flows, and their hashed values are all
equal to 100. The first flow is written to the position of 100. The
second flow is written to the position of 100+1. Then, the logic of
the current code will also write the third flow to 100+1.

At this time, the cache has flow 1 and 2; and the hardware FOE table
has flow 1 and 3, where these two parts store different contents.
So it is necessary to check whether the hash_val+1 is also occupied
before writing. If hash_val+1 is also occupied, we won’t bind th
third flow to the FOE table.

Addition to that, we also cancel the processing of foe_entry removal
because the hardware has auto age-out ability. The hardware will
periodically iterate through the FOE table to find out the time-out
entry and set it as INVALID.

Signed-off-by: HsiuWen Yen <y.hsiuwen@gmail.com>
2019-01-23 09:27:30 +01:00