Syrone Wong [Sun, 7 May 2017 11:39:12 +0000 (19:39 +0800)]
tools/isl: update to 0.18
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
(cherry picked from commit
a0f4b4b3a2cd4db1a2b9bab3c06970361192368f)
Stijn Tintel [Wed, 24 May 2017 12:56:22 +0000 (14:56 +0200)]
lldpd: bump to 0.9.7
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
423a7a6b752d4780f7f61722443ed5f4f50e3bda)
Yousong Zhou [Mon, 22 May 2017 02:35:10 +0000 (10:35 +0800)]
libunwind: update to 1.2
Addresses CVE-2015-3239: Off-by-one error in the dwarf_to_unw_regnum
function in include/dwarf_i.h in libunwind 1.1 allows local users to
have unspecified impact via invalid dwarf opcodes.
Upstream stable-v1.2 fixed the missing unwind_i.h issue but no new
tarball is released yet
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
5d48dc1146171520445c43ee894d9dfce09ae4e2)
Hauke Mehrtens [Sun, 21 May 2017 19:20:44 +0000 (21:20 +0200)]
lantiq: spi: double time out tolerance
The generic SPI code calculates how long the issued transfer would take
and adds 100ms in addition to the timeout as tolerance. On my 500 MHz
Lantiq Mips SoC I am getting timeouts from the SPI like this when the
system boots up:
m25p80 spi32766.4: SPI transfer timed out
blk_update_request: I/O error, dev mtdblock3, sector 2
SQUASHFS error: squashfs_read_data failed to read block 0x6e
After increasing the tolerance for the timeout to 200ms I haven't seen
these SPI transfer time outs any more.
The Lantiq SPI driver in use here has an extra work queue in between,
which gets triggered when the controller send the last word and the
hardware FIFOs used for reading and writing are only 8 words long.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
6153248052b2e067df9596c2d619345261b1d3f7)
Alexandru Ardelean [Fri, 19 May 2017 13:19:20 +0000 (16:19 +0300)]
base-files: fix default procd reload
Bug introduced with
6713694.
I did not count on procd handling reload as mentioned
in this doc:
https://wiki.openwrt.org/inbox/procd-init-scripts
```
procd_set_param file /var/etc/your_service.conf # /etc/init.d/your_service reload will restart the daemon if these files have changed
procd_set_param netdev dev # likewise, except if dev's ifindex changes.
procd_set_param data name=value ... # likewise, except if this data changes.
```
The service would be restarted regardless of any of those params.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit
c7ee30d53af12ea725296cc323f68e8fe04e532c)
Michael Lee [Thu, 27 Apr 2017 01:04:31 +0000 (09:04 +0800)]
ramips: support jumbo frame on mt7621 up to 2k
Signed-off-by: Michael Lee <igvtee@gmail.com>
(cherry picked from commit
eee09bfe01e8cc2db1501f82dde7b9b6bb424faf)
Alexandru Ardelean [Thu, 4 May 2017 11:13:40 +0000 (14:13 +0300)]
lldpd: drop specific respawn params [use system-wide]
I think I added these respawn params [a while back],
when I did the conversion to procd init script format.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit
ce8bfa9407bc1518107a99edc8568a59fe269fa5)
Luiz Angelo Daros de Luca [Fri, 5 May 2017 23:05:56 +0000 (20:05 -0300)]
elfutils: bump to 0.169
Removed patches (now upstream):
- 004-maybe-uninitialized.patch
- 007-fix_TEMP_FAILURE_RETRY.patch
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit
ccc54b29352a7d30762b84761414aa1798ce1183)
Daniel Engberg [Wed, 10 May 2017 09:19:46 +0000 (11:19 +0200)]
devel/trace-cmd: Update to 2.6.1
Update trace-cmd to version 2.6.1
Switch to tarball download
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
b295966f8767ff84b55e547ae5c2967772c3ede2)
Giuseppe Lippolis [Tue, 9 May 2017 18:23:35 +0000 (20:23 +0200)]
comgt-3g: enable modem before to setpin
some modems needs to be enabled with CFUN=1 before to set the pin
Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
(cherry picked from commit
db776c01e1202307b78a4bb757f78db5ea48e27e)
Daniel Engberg [Sat, 13 May 2017 11:21:11 +0000 (13:21 +0200)]
devel/strace: Update to 4.16
Update strace to 4.16
Refresh patch
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
4b0a2ca9a47ce30f08161b5b12991f15d590938c)
Daniel Engberg [Sat, 13 May 2017 11:25:16 +0000 (13:25 +0200)]
network/utils/ipset: Update to 6.32
Update ipset to 6.32
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
ea2927e1eaa321033b28f08db0ec59e7df5f7806)
Jo-Philipp Wich [Sun, 14 May 2017 17:47:07 +0000 (19:47 +0200)]
mac80211: gracefully handle preexisting VIF
Gracefully handle cases where the to-be-created wireless interface already
exists on the system which might commonly happen with non-multi-SSID capable
wireless drivers.
This fixes commit
8301e613655c2d95fa5430a1a57d92d966fdc70b which caused
previously ignored "Too many open files in system (-23)" errors to fail the
wireless setup procedure.
With the updated approach we'll still try recreating the vif after one
second if the first attempt to do so failed with ENFILE but we will now
consider the operation successfull if a second attempt still yields ENFILE
with the requested ifname already existing on the system.
Fixes FS#664, FS#704.
Suggested-by: Vittorio Gambaletta <openwrt@vittgam.net>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
4a033475453b63d0d5ae41489e7c395882567698)
Florian Fainelli [Tue, 4 Apr 2017 02:04:24 +0000 (19:04 -0700)]
scripts: Probe external toolchains for libthread-db
libthread-db is a package that can be configured for external
toolchains, so let's have the script probe for it.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
6704410b158b47aecf507971ad2ee5e3db840e3a)
Sergey Ryazanov [Sun, 7 May 2017 17:19:13 +0000 (20:19 +0300)]
build: new fixes for symlinked .config handling
When running "make {config|defconfig|oldconfig}" with symlinked .config
(e.g. to env/.config) it renames symlink to .config.old, creates new
.config file, and writes the updated configuration into it.
This breaks the desired workflow when changes in the configuration can
be checked using "scripts/env diff" and commited using "scripts/env
save". Since the env/.config file is not updated.
The things become even worse when working with feeds, since feeds script
quite often silently invokes "make {oldconfig|defconfig}" and breaks the
symlink.
Fix this issue by exporting KCONFIG_OVERWRITECONFIG=1, which forces
mconf to overwrite the .config content, instead of renaming it and
creating a new file. This variable is set only if .config is a symlink,
otherwise the variable is not exported and the old behaviour is
preserved.
This change uses the same behaviour as "make menucofig", which has
already been fixed in commit
5bf98b1acc3b6b178f8954c5075a58e1e6a99d6a.
Also make a tiny cosmetic update to the "make menuconfig" target code
layout to make it look like other config handling targets.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit
e06d8f0f6f041c8ac1acba810eea96c32dc983e4)
Felix Fietkau [Fri, 5 May 2017 11:12:23 +0000 (13:12 +0200)]
build: allow val.% targets to bypass the prepare steps
Significantly reduces time spent processing those targets and should
also silence some log clutter which could confuse buildbot
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
ddbb036bbb8a1030dd8f6fae0004d390b5f2b8a5)
Daniel Golle [Fri, 5 May 2017 03:56:10 +0000 (05:56 +0200)]
x86: keep /boot mounted for kexec
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
63571cb56c7ff2692b5c9aa78133c3f4996e2ac5)
Abhilash Tuse [Thu, 23 Mar 2017 06:04:32 +0000 (11:34 +0530)]
hostapd: fix reload frequency change patch
When sta is configured, hostapd receives 'stop' and 'update' command from
wpa_supplicant. In the update command, hostapd gets sta parameters with
which it configures ap.
Problem is, with the default wireless configuration:
mode:11g freq:2.4GHz channel:1
If sta is connected to 5GHz network, then ap does not work. Ideally with
340-reload_freq_change.patch hostapd should reload the frequency changes
and start ap in 5GHz, but ap becomes invisible in the network.
This issue can be reproduced with following /etc/config/wireless:
config wifi-device radio0
option type mac80211
option channel 1
option hwmode 11g
option path 'virtual/uccp420/uccwlan'
option htmode 'none'
config wifi-iface 'ap'
option device 'radio0'
option encryption 'none'
option mode 'ap'
option network 'ap'
option ssid 'MyTestNet'
option encryption none
config wifi-iface 'sta'
option device radio0
option network sta
option mode sta
option ssid TestNet-5G
option encryption psk2
option key 12345
This change updates current_mode structure based on configured hw_mode
received from wpa_supplicant. Also prepare rates table after frequency
selection.
Signed-off-by: Abhilash Tuse <Abhilash.Tuse@imgtec.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup, patch refresh]
(cherry picked from commit
41feba8c4aa33ca3c6fa7c1a6c3224aae02440a7)
Bastian Köcher [Mon, 27 Mar 2017 15:21:12 +0000 (17:21 +0200)]
build: remove absolute path to perl and replace with /usr/bin/env perl
Signed-off-by: Bastian Köcher <git@kchr.de>
(cherry picked from commit
5378c856779c590e26910639e28b95a22aa2b9f5)
Felix Fietkau [Wed, 12 Apr 2017 07:15:38 +0000 (09:15 +0200)]
kernel: allow selecting RTC drivers on targets without explicit RTC support
Keep them disabled by default to avoid pulling in extra kernel bloat
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
5afe9a054cbcb1630a42200f3ac799432522a87d)
Hans Dedecker [Wed, 26 Apr 2017 14:44:02 +0000 (16:44 +0200)]
dropbear: fix procd interface trigger install
Install procd interface triggers only for interfaces which are enabled
so dropbear instances running on (an) enabled interface(s) are not
restarted due to an interface trigger of an interface which is disabled.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
e5bbead1a83944293fccc27679ba9846d133374e)
Daniel Engberg [Fri, 21 Apr 2017 08:23:20 +0000 (10:23 +0200)]
include/packages-defaults.mk: Remove LARGEFILE option
Remove LARGEFILE option, support was removed back in 2011 (OpenWrt rev 25208).
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
edda8ecd79b181e338e82331ecb45eaeff0f57af)
Hans Dedecker [Fri, 21 Apr 2017 09:44:57 +0000 (11:44 +0200)]
netifd: return error status in reload_service
Based on a patch by Alexandru Ardelean.
netifd ubus reload call returns the actual reload error status;
return error status as well in reload_service
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
4b195a611fe146969e813ce77ecf74ce5f9c176b)
Alif M. Ahmad [Wed, 22 Mar 2017 14:29:12 +0000 (21:29 +0700)]
grub2: update to 2.02~rc2
Update to version 2.02~rc2.
Signed-off-by: Alif M. Ahmad <alive4ever@live.com>
(cherry picked from commit
ffd055d5bbc1a223c80eb5bbc03a6465d0ac0bb4)
Alexandru Ardelean [Fri, 31 Mar 2017 06:44:19 +0000 (09:44 +0300)]
base-files: use restart if no reload hook for service
This was also working before, with a slightly
different semantic.
[ Original semantic ]
If no reload hooks was implemented, the default one would
kick in, it would return fail, and restart would happen.
This would happen also in the case where a reload hook
would be implemented, it would fail, and it would restart
the service.
[ New semantic ]
The default reload hook calls restart.
Services can implement their own reload.
If reload fails, then the '/etc/init.d/<service> reload'
would return a non-zero code, and the caller can choose
a way to handle this.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit
6713694fe4377f0988e2d558a6cd9b05ca9b18f1)
Hans Dedecker [Sat, 8 Apr 2017 18:40:56 +0000 (20:40 +0200)]
iproute2: add libgenl.h and ll_map.h to InstallDev section
Commit
f4e312ddf855375667f43c842c7187934b8aca92 adds libnetlink to
staging dir but did not add the header files libgenl.h and ll_map.h
which define functions belonging to libnetlink lib
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
fc859fb44b4e7a38a1f1825b05b72b81e80f82a8)
Felix Fietkau [Tue, 4 Apr 2017 13:05:11 +0000 (15:05 +0200)]
busybox: fix installation of cron and ntpd scripts in the default config
Fixes:
0b24850e9778 ("busybox: don't install NTP scripts if NTP isn't configured")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
3169a6a7ada17e2ea8ef4641edee68134c04b92b)
Rafał Miłecki [Mon, 27 Mar 2017 09:03:01 +0000 (11:03 +0200)]
kernel: move initramfs's init script out of base-files
Keeping it in base-files was resulting in adding it to the base-files
package. This file is meant to be included manually for initramfs
images only.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
f6433eede79db4f6276b68e815bb17a9364292c7)
Philip Prindeville [Wed, 4 Jan 2017 01:15:15 +0000 (18:15 -0700)]
target.mk: check that CPU_TYPE has known CPU_CFLAGS mapping
If someone creates a target and indicates a CPU_TYPE, but there's
no corresponding support for that CPU_TYPE's flags in include/target.mk
then that should probably be indicated rather than silently ignored.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit
d3bc11857af788e185e8a3ece26ce40757cf3965)
Felix Fietkau [Tue, 4 Apr 2017 09:44:22 +0000 (11:44 +0200)]
scripts/download.pl: fix error message on hash mismatch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
2fd15033783a9dfa84d2a43fb81ff222ab865407)
Hans Dedecker [Sun, 2 Apr 2017 19:13:08 +0000 (21:13 +0200)]
netifd: fix fw3 warnings in dhcp script
Fix fw3 warnings in dhcp script in case fw3 is not enabled
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
20e40db524fb6c391f47619b18bf36bf7932478a)
Philip Prindeville [Tue, 7 Feb 2017 03:33:36 +0000 (20:33 -0700)]
build: allow specifying flow-control to grub on serial console
On the more sophisticated (i.e. deeper FIFO) serial controllers,
flow-control might be needed to avoid dropping output.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit
7fe5963be023fd59a11652ecfb065d3405a91c48)
Philip Prindeville [Wed, 22 Mar 2017 03:55:23 +0000 (21:55 -0600)]
kexec-tools: get kexec running on MUSL and x86 hardware
Couple of important upstream patches (slated for 2.0.15) that
are necessary for kexec to run on MUSL and on x86 hardware.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit
dfacdc6a99757fcf7804b38784fc24f9fad30650)
Philip Prindeville [Mon, 6 Feb 2017 22:26:49 +0000 (15:26 -0700)]
busybox: don't install NTP scripts if NTP isn't configured
If you're using Chrony or NTPD you don't want the busybox NTP server
as well. Make it's installation truly conditional.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [simplify]
(cherry picked from commit
0b24850e97789818fadcbce4b8de4abc429fd9f2)
Vittorio Gambaletta [Sun, 26 Mar 2017 08:08:20 +0000 (10:08 +0200)]
ar8327: Add workarounds for AR8337 switch.
RGMII RX delay setting needs to be always specified for AR8337 to
avoid port 5 RX hang on high traffic / flood conditions.
Also, the HOL registers that set per-port and per-packet-priority
buffer sizes are updated with the reduced values suggested by the
QCA switch team.
Finally, AR8327 reserved register fixups are disabled for the AR8337.
This patch is adapted from the Code Aurora QSDK, but with magic
values mapped to proper defines.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
(cherry picked from commit
967b6be118e3217e8d6a28df9c615d3255e7b1ae)
Felix Fietkau [Wed, 22 Mar 2017 19:16:15 +0000 (20:16 +0100)]
build: fix STAMP_PREPARED with quilt
quilt.mk needs to be included first, to ensure that STAMP_PREPARED does
not include the hash if quilt is used.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
89118da865a34ed9537a088196d81ca9e37cb983)
Felix Fietkau [Fri, 17 Mar 2017 15:21:49 +0000 (16:21 +0100)]
lantiq: remove lantiq_board_model, it is unused
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
fd93f81fd85e964a697a5f550f7f162e3ec1ca05)
Felix Fietkau [Fri, 17 Mar 2017 15:21:30 +0000 (16:21 +0100)]
lantiq: remove lantiq_board_name, use the generic function instead
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
7e798dab56546d6f8e2fe0f913ff41e8f010af51)
Felix Fietkau [Fri, 17 Mar 2017 15:17:42 +0000 (16:17 +0100)]
lantiq: move lantiq_board_detect() to 03_preinit_board.sh
It is only used there
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
aa95d6cd20f7e08420562b9747c197c2eac1d2e2)
Felix Fietkau [Fri, 17 Mar 2017 15:12:27 +0000 (16:12 +0100)]
base-files: add generic board_name function to functions.sh
This will be used to replace all those nasty board specific scripts
that do basically the same thing
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
ec991424749b9eed37d01bc8adb9fb22fb0c98a7)
Vittorio Gambaletta [Tue, 14 Mar 2017 13:45:15 +0000 (14:45 +0100)]
mac80211: Fix race condition leading to wifi interfaces not coming up at boot sometimes.
In the drv_mac80211_setup function, mac80211_interface_cleanup
is called to ask the kernel to delete all existing interfaces
for the phy that is being configured via netlink.
Later in the first function, mac80211_prepare_vif is called to
set up the new interfaces as required.
But sometimes, when mac80211_prepare_vif (and so the relevant
`iw phy x interface add y` command) runs, the kernel might still
be cleaning up the old interface with the same ifname. It usually
takes very few time to do that; possibly a few milliseconds of
sleep in the script after detecting this error condition could be
enough, but the busybox sh does not support sub-second sleep
intervals.
When this happens, iw obviously fails to create the new interface;
and the following message is printed in the system log, followed by
subsequent failure messages from hostapd in case this would have been
an AP interface.
Tue Mar 14 04:21:57 2017 daemon.notice netifd: radio1 (2767): command failed: Too many open files in system (-23)
This was a long-standing issue existing since at least OpenWrt Backfire,
and today I finally managed to debug and (hopefully) solve it.
It was happening very few times on most devices; but it was happening
a lot more frequently on fast platforms with multiple radios, such as
the powerpc-based dual-ath9k-radio tl-wdr4900-v1.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
(cherry picked from commit
8301e613655c2d95fa5430a1a57d92d966fdc70b)
Hauke Mehrtens [Tue, 14 Mar 2017 17:55:02 +0000 (18:55 +0100)]
scripts: only generate config from feature flag if fully match
Without this change the code checked if the string was contained in the
feature option and not if the string matches the complete word. This only
removes the nand option from the omap24xx target, the other changes are
only removing options which were added twice.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
(cherry picked from commit
d5a770f2c139a335e7602bec60dbeabd4add1e8b)
Daniel Engberg [Sun, 12 Mar 2017 18:43:50 +0000 (19:43 +0100)]
lzo: Update to 2.10
Update lzo to 2.10
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
cc5721c3b8e399126a270fd46f5ac4dffc9b3319)
Daniel Engberg [Tue, 14 Mar 2017 06:53:38 +0000 (07:53 +0100)]
tools/coreutils: Update to 8.27
Update coreutils to 8.27
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
80246ce67ec2a30dda51e3e4e135eab2ff249ccb)
Daniel Engberg [Tue, 14 Mar 2017 06:46:39 +0000 (07:46 +0100)]
tools/libressl: Update to 2.5.1
Update libressl to 2.5.1
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
e45ee66149688747a337a470a19beb182ce4dd61)
Daniel Engberg [Tue, 14 Mar 2017 07:23:10 +0000 (08:23 +0100)]
tools/dosfstools: Update to 4.1
Update to 4.1
Remove 0001-mkfs-Default-to-64-32-heads-sectors-for-targets-smal.patch
as it's included in upstream repo.
Refresh patch
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
49ded28027e5bba3ce623a8205aac0e8e70e250a)
Daniel Engberg [Wed, 15 Mar 2017 07:52:29 +0000 (08:52 +0100)]
tools/sed: Update to 4.4
Update sed to 4.4
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
65d2800bd648a73a6814de2d42c074db1d290521)
Stijn Tintel [Wed, 15 Mar 2017 07:30:26 +0000 (08:30 +0100)]
lldpd: bump to 0.9.6
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
b03b293079ef3e6cd5488ea7f58a43a1b545c3ef)
Rafał Miłecki [Sun, 12 Mar 2017 17:46:59 +0000 (18:46 +0100)]
x86: image: drop duplicated copy of bzImage into vmlinuz
It's already done once few lines earlier in the Image/Build/iso.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
425f958830428f989d7381ddda3a8f503e587c5c)
Alexey Brodkin [Mon, 13 Mar 2017 09:47:45 +0000 (12:47 +0300)]
libnl: Fix building with uClibc
uClibc doesn't implement strerror_l() and thus libnl starting from
3.2.29 couldn't be compiled with it any longer, see
https://github.com/thom311/libnl/commit/
6c2d111177e91184073c44f83d4a6182aaba06d7
To work-around that problem we'll just do a check on strerror_l()
availability during configuration and if it's not there just fall back
to locale-less strerror().
Patch for libnl is alreadfy merged upstream, see
https://github.com/thom311/libnl/commit/
e15966ac7f3b43df2acf869f98089762807d0568
and once the next libnl release happens this one must be removed from
Lede/OpenWrt.
Signed-off-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
Cc: Felix Fietkau <nbd@nbd.name>
Cc: John Crispin <john@phrozen.org>
Cc: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
51d9ac61c711e7e00f8f2eaf5b3503238864508a)
Hauke Mehrtens [Tue, 14 Mar 2017 18:18:57 +0000 (19:18 +0100)]
toolchain: add musl libc.so to external toolchain
musl provides a /lib/libc.so file which should be integrated into the libc
package when the external toolchain with musl is used.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
b6a8b43dd2771d4d237256417218bed862545ef4)
Felix Fietkau [Thu, 9 Mar 2017 07:53:52 +0000 (08:53 +0100)]
iwcap: fix handling kill signal during dump
Do not run another loop iteration before checking the stop flag
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
2f09a1e3c950c9b2993ae52d1b0e78317c344470)
Rafał Miłecki [Sat, 11 Mar 2017 22:03:12 +0000 (23:03 +0100)]
x86: image: drop unneeded grub call
It appears there isn't any Image/Build/grub/* define so this step looks
redundant.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
f5d403488ed62bb7f0e0017b02890b4d72240a55)
Rafał Miłecki [Sat, 11 Mar 2017 22:03:11 +0000 (23:03 +0100)]
x86: image: drop unused ROOTDELAY variable
It's unused since commit
742700719303 ("x86: remove the olpc subtarget,
it has been unmaintained for a long time").
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
9a267e6a4b08d1fa2a98523e5eb9f2325c9506e2)
Kevin Darbyshire-Bryant [Fri, 3 Mar 2017 11:49:06 +0000 (11:49 +0000)]
ccache: update to 3.3.4
Update from 3.3.2 to 3.3.4 & refresh patches.
Remove 110-disable-assembler-support as ccache now understands the
'.incbin' directive.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
(cherry picked from commit
2cf00b640dce3ee9b09b41f2f1486a6a50bca45b)
Lucian Cristian [Sat, 4 Mar 2017 13:24:44 +0000 (15:24 +0200)]
base-files: add submission service port
prevent postfix start failure fatal: 0.0.0.0:submission: Unrecognized service
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit
8e75efc0fb52d02a0cdc13a5ad819b380de6f3da)
Claudiu Brasovean [Tue, 28 Feb 2017 09:51:01 +0000 (11:51 +0200)]
procd.sh: use parameterized respawn values
continue work started here: http://patchwork.ozlabs.org/patch/520859
Extend /etc/config/system with parameters to set the default respawn treshold and respawn timeout
for procd launched services that have respawn enabled.
This results in cleaner init scripts, while making sure services have respawn parameters set.
Signed-off-by: Claudiu Brasovean <cbrasho@gmail.com>
(cherry picked from commit
c70c6ac070223114ee8c9f33e5e416edb005ca83)
Florian Fainelli [Thu, 2 Mar 2017 19:37:29 +0000 (11:37 -0800)]
toolchain: Allow external toolchains to specify libthread-db
We need to let external toolchains be able to specify the path and
specification file to the libthread-db POSIX thread debugging shared
libraries.
This fixes GDB not being able to be installed because it is depending on
libthread-db:
Collected errors:
* satisfy_dependencies_for: Cannot satisfy the following dependencies
* for gdb:
* libthread-db *
* opkg_install_cmd: Cannot install package gdb.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
7f0c95a7dfff8aa0b6f5e3e78263cab108245e4c)
Florian Fainelli [Mon, 13 Feb 2017 02:34:53 +0000 (18:34 -0800)]
rssileds: Fix build with external toolchains
Pass down TARGET_CPPFLAGS for path to header files, and append the
libraries we depend on in TARGET_LDFLAGS. Put TARGET_LDFLAGS at the end
of the command line as is required by modern GCC/binutils.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
30159b3886849f94cd065ecece7ac988bfb89548)
Florian Fainelli [Mon, 13 Feb 2017 02:29:53 +0000 (18:29 -0800)]
adb: Also pass TARGET_CPPFLAGS
Fixes build issues with external toolchains that do not have STAGING_DIR
in their default search path.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
4aa1560de3ce7e1ce813f450025ee0c55ab868eb)
Florian Fainelli [Sun, 12 Feb 2017 22:10:12 +0000 (14:10 -0800)]
swconfig: Link with libubox
Fixes linking failures observed with external toolchains:
/home/florian/dev/toolchains/stbgcc-4.8-1.5/bin/../lib/gcc/mipsel-linux-gnu/4.8.5/../../../../mipsel-linux-gnu/bin/ld:
warning: libubox.so, needed by
/home/florian/dev/openwrt/trunk/staging_dir/target-mipsel-unknown-linux-gnu_glibc/usr/lib/libuci.so,
not found (try using -rpath or -rpath-link)
/home/florian/dev/openwrt/trunk/staging_dir/target-mipsel-unknown-linux-gnu_glibc/usr/lib/libuci.so:
undefined reference to `blobmsg_open_nested'
/home/florian/dev/openwrt/trunk/staging_dir/target-mipsel-unknown-linux-gnu_glibc/usr/lib/libuci.so:
undefined reference to `blobmsg_parse'
/home/florian/dev/openwrt/trunk/staging_dir/target-mipsel-unknown-linux-gnu_glibc/usr/lib/libuci.so:
undefined reference to `blob_nest_end'
/home/florian/dev/openwrt/trunk/staging_dir/target-mipsel-unknown-linux-gnu_glibc/usr/lib/libuci.so:
undefined reference to `blobmsg_add_field'
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
fe8618a8fe0db1bc8f343c0f75082ff96e9991ab)
Florian Fainelli [Sun, 12 Feb 2017 22:07:36 +0000 (14:07 -0800)]
px5g: Fix TARGET_LDFLAGS and add TARGET_CPPFLAGS
Make sure we pass down TARGET_CPPFLAGS to let toolchains with no default
search paths to find the mbdetls headers, and override TARGET_LDFLAGS to
include libraries we are linking against.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
306ee6436170d4c3c0c677653e9a20a8ee116cf7)
Florian Fainelli [Sun, 12 Feb 2017 22:05:17 +0000 (14:05 -0800)]
omcproxy: Update to latest HEAD
Brings the following change:
1fe6f48f8a50 Cmake: Find libubox/list.h
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
4c02435b9b985a10d33bc195acddd31c8545a277)
Florian Fainelli [Sun, 12 Feb 2017 21:21:01 +0000 (13:21 -0800)]
bsdiff: Also pass down TARGET_CPPFLAGS
Fixes build with external toolchains not having STAGING_DIR in their
default search path(s).
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
562ebe798255a2bb71c6a621d6a70662dfbd63c4)
Florian Fainelli [Sun, 5 Feb 2017 04:57:34 +0000 (20:57 -0800)]
thc-ipv6: Allow overriding CFLAGS
thc-ipv6 did not allow an external environment to override CFLAGS, which
would lead to our CFLAGS not being passed properly (relro,
optimizations, etc...)
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
9b2321f42d075a12e73a81b89bd49b8696d3700f)
Etienne Haarsma [Sun, 12 Feb 2017 15:50:07 +0000 (16:50 +0100)]
tools/m4: update 1.4.18
Patch 100-fix-gets-removal.patch is removed because it's included in the new version.
Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
(cherry picked from commit
d90abebd06bbb004fc7957c39fe89202fbdca9f2)
Felix Fietkau [Mon, 20 Feb 2017 12:03:49 +0000 (13:03 +0100)]
build: get rid of FIND_L from host.mk
This was added for Mac OS X many years ago, but recent versions also
support find -L
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
be206eba3a57128695a00f490767e5c136e43ab7)
Thomas Reifferscheid [Mon, 20 Feb 2017 16:48:50 +0000 (17:48 +0100)]
build: unsilence move command
The @ sign in front of the "mv" command was significantly suppressing
output to stdout. When reviewing the make/build logs it was tricking
me a whole lot and it mad me lose time. Removing the @ sign will get
stdout and logs right about what happened when.
Signed-off-by: Thomas Reifferscheid <thomas@reifferscheid.org>
(cherry picked from commit
1d49b534f5b74676f30f2ee1ba78d9e02d59f0bc)
Felix Fietkau [Wed, 15 Feb 2017 11:34:52 +0000 (12:34 +0100)]
build: skip headers install and config on make target/linux/prepare
This simplifies working with quilt on the kernel tree
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
dce6eeccc09339c7101a5b6b3fdba8b4d8f41247)
Felix Fietkau [Thu, 9 Feb 2017 12:34:21 +0000 (13:34 +0100)]
build: make Host/Install/Default use Host/Compile/Default with an extra argument
Allows parallelizing compile steps that might be necessary during install
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
fe1e3622a271386ea0413c97d9884e9935e17f11)
Michal Sojka [Thu, 2 Feb 2017 11:13:03 +0000 (12:13 +0100)]
build: Pass -iremap gcc option as a single argument
Passing -iremap argument separately causes problems with projects that
use scons and its ParseFlags function. Consider this SConscript
example:
env = Environment()
d = env.ParseFlags("-iremap one:two")
ParseFlags will interpret one:two as a file name and the returned dict
d will contain only "-iremap". When the -iremap is passed to the
compiler without an argument, compilation obviously fails.
Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
(cherry picked from commit
202ae4cc6a910dec2441c45dfdf5814ac4d82518)
Felix Fietkau [Thu, 9 Feb 2017 12:35:07 +0000 (13:35 +0100)]
toolchain/gcc: parallelize make install
If the staging dir was deleted, the build needs to recompile some files.
This change speeds up this corner case significantly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
0f5d17a7e6acceb18867fd951b231bfb6c4d8946)
Felix Fietkau [Thu, 9 Feb 2017 12:35:51 +0000 (13:35 +0100)]
toolchain/musl: parallelize make install
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
43332f513baf35e2bcd3285d7c93d592001943f6)
Jo-Philipp Wich [Mon, 1 Aug 2016 16:26:05 +0000 (18:26 +0200)]
imagebuilder: make submake invocations less verbose
Use silent make invocations for sub-makes like build_image or checksum to
avoid bloating the IB output with non-status info.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
0d1765b4ba2575ad7dbfbea5e5d04ba1224cdc0a)
Felix Fietkau [Wed, 1 Feb 2017 07:22:27 +0000 (08:22 +0100)]
gcc: remove obsolete uclibc patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
70973dd30d29c9d7e4402578da1d36e05e3d142d)
Felix Fietkau [Wed, 1 Feb 2017 07:29:06 +0000 (08:29 +0100)]
toolchain/gcc: reduce source directory size by about 420 MB
Remove gcc testsuite, ada and libjava (if not selected)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
f204e0fc4619c7c64d0d99b87b0ddd802338d78a)
Felix Fietkau [Mon, 30 Jan 2017 10:46:08 +0000 (11:46 +0100)]
bcm53xx: suppress osafeloader info error messages during flashing
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
727e244faec8ec8e0004a2b772d1a9424f0c9d5d)
Florian Fainelli [Sun, 1 Jan 2017 00:13:35 +0000 (16:13 -0800)]
toolchain: Broaden the executable loader pattern
Some toolchains will produce executables with an interpreter that is e.g:
ld.so.1 (typically a symbolic link). Due to our current LIBC_SPEC_FILE value,
we would not be able to copy this symbolic link/file over to the rootfs and
executables would fail to load. Extend the search pattern to include all
ld*.so* files that could be needed.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
200d932322f3d8c436a67c53f4fbca87f0aab8af)
Florian Fainelli [Sun, 15 Jan 2017 04:04:38 +0000 (20:04 -0800)]
build: Suffix build directory with _$(LIBC) for external toolchains
For external toolchain, we also know the type of C library used, and the
toolchain triplet may not always be reflective of that, therefore make
$(TARGET_DIR_NAME) suffixed with _$(LIBC).
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
57657a72376000b5843367e627098f09fe9c3647)
Rosen Penev [Thu, 23 Nov 2017 21:18:07 +0000 (13:18 -0800)]
tools/sstrip: Fix compile under standard linux.
bswap32 undefined is the issue. Added the proper header. Also fixed a few format/conversion warnings that clang complained about without -Wall or -Wextra.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
d6e34b735201805ae9112a7997f15b80f5926942)
Peter Wagner [Fri, 8 Dec 2017 05:23:26 +0000 (06:23 +0100)]
openssl: update to 1.0.2n
add no-ssl3-method again as 1.0.2n compiles without the ssl3-method(s)
Fixes CVEs: CVE-2017-3737, CVE-2017-3738
Signed-off-by: Peter Wagner <tripolar@gmx.at>
(backported from commit
55e70c8b72dbb8e812ceb790bf08543d69fce86e)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Christian Lamparter [Sun, 19 Nov 2017 16:19:21 +0000 (17:19 +0100)]
base-files: upgrade: make get_partitions() endian agnostic
This patch fixes two issues with the current get_partitions()
function.
First: "Invalid partition table on $disk" will pop up on
legitimate images on big endian system.
This is because the little-endian representation of "55 AA" is
assumed in the context of little-endian architectures. On these
comparing it to the 16-bit word 0xAA55 does work as intented.
Whereas on big-endian systems, this would have to be 0x55AA.
This patch fixes the issue by replacing the integer conversion
and value match check with just a string comparision.
Second: The extraction of the type, start LBA and LBA num from
the partition table has the same endianness issue. This has been
fixed by using the new hex_le32_to_cpu() function. This function
will translate the stored little-endian data to the correct
byte-order if necessary.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
4e3f6dae04fb526a78e613db6c65aee584403d36)
Jo-Philipp Wich [Tue, 12 Dec 2017 16:30:34 +0000 (17:30 +0100)]
cyassl: update to wolfssl 3.12.2 (1 CVE)
Update wolfssl to the latest release v3.12.2 and backport an upstream
pending fix for CVE-2017-13099 ("ROBOT vulnerability").
Ref: https://github.com/wolfSSL/wolfssl/pull/1229
Ref: https://robotattack.org/
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit
902961c148b1f6d06a6159090366250281d801d7)
Jo-Philipp Wich [Fri, 27 Oct 2017 01:25:29 +0000 (03:25 +0200)]
mdadm: fix parameter quoting
Ensure that path defines are passed quoted to the compiler in order
to avoid cpp syntax errors.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
d4e7af52788fe6a5495064606e674ed6897a69cb)
Rosen Penev [Tue, 17 Oct 2017 16:28:39 +0000 (09:28 -0700)]
mdadm: Fix config generation
The init script generated something like "DEVICE=/dev/sda" when it should
have been generating "DEVICE /dev/sda". mdadm errors on this. Patch by jow.
Also changed the default sendmail path to /usr/sbin/sendmail. No package
in LEDE provides /sbin/sendmail. msmtp provides /usr/sbin/sendmail so use
that.
Also add a patch to fix file paths for mdadm runtime files. mdadm currently
errors on them since /run is missing. Once /run is added to stock LEDE, this
patch can be removed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[rewrap commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
8eadec40bdc205568e34e19b07b2a3035c9223fb)
Florian Fainelli [Wed, 31 May 2017 21:39:12 +0000 (14:39 -0700)]
mdadm: Do not check RUN_DIR
Fixes build failure on hosts that do not have mdadm
installed/configured:
make[3]: Entering directory
`/local/users/fainelli/openwrt/trunk/build_dir/target-mipsel-linux-gnu_glibc/mdadm-4.0'
***** Parent of /run/mdadm does not exist. Maybe set different RUN_DIR=
***** e.g. make RUN_DIR=/dev/.mdadm
***** or set CHECK_RUN_DIR=0
make[3]: *** [check_rundir] Error 1
make[3]: Leaving directory
`/local/users/fainelli/openwrt/trunk/build_dir/target-mipsel-linux-gnu_glibc/mdadm-4.0'
make[2]: ***
[/local/users/fainelli/openwrt/trunk/build_dir/target-mipsel-linux-gnu_glibc/mdadm-4.0/.built]
Error 2
make[2]: Leaving directory
`/local/users/fainelli/openwrt/trunk/package/utils/mdadm'
make[1]: *** [package/utils/mdadm/compile] Error 2
make[1]: Leaving directory `/local/users/fainelli/openwrt/trunk'
make: *** [package/mdadm/compile] Error 2
Fixes:
980c41f8e04f ("utils/mdadm: Update to 4.0")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit
5229c453630c0b023c3d65ef6005adbe48062bbb)
Felix Fietkau [Wed, 12 Apr 2017 07:35:14 +0000 (09:35 +0200)]
kernel: remove out of tree direct-io disable hack
Direct-IO support has to be enabled for the release build anyway, so
this hack is not worth keeping
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from commit
0b7ed65cec8084bb98ae0e2758b7aca6c447cd4b)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Daniel Engberg [Fri, 24 Mar 2017 11:17:24 +0000 (12:17 +0100)]
utils/mdadm: Update to 4.0
Update mdadm to 4.0
Remove 000-compile.patch as it's fixed upstream
Refresh patches
Add mdadm.h-Undefine-dprintf-before-redefining.patch
Source: http://git.openembedded.org/openembedded-core/tree/meta/recipes-extended/mdadm/files
Add RAID 0,1 and 10 as depends to make mdadm usable.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
980c41f8e04f5586731e84492001971eb8371590)
Jo-Philipp Wich [Thu, 9 Feb 2017 12:22:47 +0000 (13:22 +0100)]
mdadm: extend uci config support
Extend the mdadm package to allow to explicitely configure arrays as
well as device list entries.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
813efe57e434037fb58bd3e16ebd3a1cfd6ceb82)
Matthias Schiffer [Fri, 24 Feb 2017 11:16:33 +0000 (12:16 +0100)]
rules.mk: make PKG_CONFIG_DEPENDS properly track string values
The confvar macro is adjusted to not only consider if a variable has a
value or not, but also the value itself. Instead of creating a string of
'y' and 'n' characters, all variable names and values are concatenated
and hashed.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit
5ef0854b1109ba2dbd1dd3d9f87ce5801002d0ba)
Etienne Haarsma [Fri, 1 Dec 2017 17:26:40 +0000 (18:26 +0100)]
kernel: bump 4.4 to 4.4.103 for 17.01
Refreshed all patches.
Removed upstream ramips patches:
0101-MIPS-ralink-Fix-MT7628-pinmux.patch
0102--MIPS-ralink-Fix-typo-in-mt7628-pinmux-function.patch
Compile-tested: ar71xx
Run-tested: ar71xx
Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
Koen Vandeputte [Tue, 24 Oct 2017 14:20:21 +0000 (16:20 +0200)]
uqmi: also try newer pin verification
Newer devices tend to only support the newer version of the pin
verification command, so also try that one.
Fixes PIN issues with modems like the Sierra Wireless MC7455
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Rafał Miłecki [Fri, 8 Dec 2017 12:57:46 +0000 (13:57 +0100)]
opkg: bump to version 2017-12-08
This updates package to the latest commit from the lede-17.01 branch. It
contains few fixes backported from the master:
1) SHA256 fix
2) URL encoding which allows hosting packages on some more picky servers
Changes:
9f61f7a opkg_download: decode file:/ URLs
3c46c88 file_util: implement urldecode_path()
79908c2 file_util: consolidate hex/unhex routines
793fbac opkg: encode archive filenames while constructing download URLs
a6bb5cb file_util: implement urlencode_path() helper
098e774 libopkg: fix SHA256 calculation for big endian system
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Timo Sigurdsson [Tue, 14 Nov 2017 20:41:30 +0000 (21:41 +0100)]
hostapd: backport fix for wnm_sleep_mode=0
wpa_disable_eapol_key_retries can't prevent attacks against the Wireless
Network Management (WNM) Sleep Mode handshake. Currently, hostapd
processes WNM Sleep Mode requests from clients regardless of the setting
wnm_sleep_mode. Backport Jouni Malinen's upstream patch
114f2830 in
order to ignore such requests by clients when wnm_sleep_mode is disabled
(which is the default).
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
[rewrite commit subject (<= 50 characters), bump PKG_RELEASE]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
bd45e15d0afe64dfed5a02a50a634f7947b50144
fixed PKG_RELEASE and renumbered patch)
Conflicts:
package/network/services/hostapd/Makefile
Timo Sigurdsson [Tue, 14 Nov 2017 20:41:29 +0000 (21:41 +0100)]
hostapd: Expose the tdls_prohibit option to UCI
wpa_disable_eapol_key_retries can't prevent attacks against the
Tunneled Direct-Link Setup (TDLS) handshake. Jouni Malinen suggested
that the existing hostapd option tdls_prohibit can be used to further
complicate this possibility at the AP side. tdls_prohibit=1 makes
hostapd advertise that use of TDLS is not allowed in the BSS.
Note: If an attacker manages to lure both TDLS peers into a fake
AP, hiding the tdls_prohibit advertisement from them, it might be
possible to bypass this protection.
Make this option configurable via UCI, but disabled by default.
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
(cherry picked from commit
6515887ed9b3f312635409702113dca7c14043e5)
Hans Dedecker [Wed, 6 Dec 2017 13:22:59 +0000 (14:22 +0100)]
dnsmasq: backport infinite dns retries fix
If all configured dns servers return refused in response to a query in
strict mode; dnsmasq will end up in an infinite loop retransmitting the
dns query resulting into high CPU load.
Problem is fixed by checking for the end of a dns server list iteration
in strict mode.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Stijn Segers [Sun, 3 Dec 2017 11:09:20 +0000 (12:09 +0100)]
curl: apply CVE 2017-8816 and 2017-8817 security patches
This commit adds the upstream patches for CVE 2017-8816 and 2017-8817 to the 17.01
Curl package.
Compile-tested on ar71xx, ramips and x86.
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Felix Fietkau [Fri, 17 Nov 2017 07:57:13 +0000 (08:57 +0100)]
mt76: update to the latest version
Significant performance/stability improvements for MT76x2 and MT7603.
Adds LED support.
Changes:
2895775 mt76x2: mcu: remove unused parameter in mt76x2_mcu_msg_alloc signature
1dae8f0 mt7603: mcu: remove unused parameter in mt7603_mcu_msg_alloc() signature
5e49aa9 Fix errors found by cppcheck
1b8c8a0 mt7603: add LED definition registers
4d83561 mt76x2: add LED register definitions
2f40e4a mt76x2: Support using PCI ID as chip ID
27c64bc mt76: add led support using mac80211 led framework
dfd64fc mt76x2: init: add ma80211 led callbacks
215edf1 mt7603: init: add ma80211 led callbacks
9d36ff2 mt76x2: Add PCI identifier for MT7602
0b7984e mt7603: remove unnecessary mcu register read function
f5498d2 debugfs: add support for changing the LED pin
8e453b3 mac80211: move DT led configuration to the "led" child node
8f1673a mt76x2: limit client WCID entries to 0-127
f9d9c22 mt76x2: clear drop flag for all WCIDs on init
0dd8b68 mt76x2: clear per-WCID tx rate lookup register
3e5afe7 mt76x2: add helper function for setting drop mask
941555b mt76x2: clear drop mask when sending a PS response
7dfb354 mt76: increase rx ring size for mt76x2
73902dc mt76x2: add rx statistics registers
fe79816 mt76x2: fix LNA gain register annotation
cc588c5 mt76x2: sync channel gain value with latest reference driver
60a4d67 mt76x2: implement dynamic AGC tuning based on false packet detection count
4bc9aa9 mt76x2: add more gain tuning based on the latest reference driver
0a0d16f mt76x2: sync tx power related values with reference driver
8c821aa mac80211: add missing include
82acc85 mt7603: add missing include required on newer kernels
2c1a77c mt76x2: fix transmission of encrypted management frames
0532315 mt76x2: increase OFDM SIFS time
1acde21 mt76x2: add channel argument to eeprom tx power functions
58364a2 mt76x2: initialize channel power limits
c2bd89e mt76x2: convert between per-chain tx power and combined output
e7eaa7c mt7603: rename mt7603_mac_reset to mt7603_pse_reset
ea4c2a1 mt7603: rename MT_PSE_RESET register
c86c3a0 mt7603: remove watchdog reset on interface stop
4490f93 mt7603: remove WARN_ON_ONCE for workaround checks
3075059 mt7603: simplify PSE reset
4ed7e07 mt7603: warn if PSE reset fails
7dc8db1 mt7603: clean up dma debug reads
41e6a04 mt7603: make mt7603_mac_watchdog_reset() static
dc7a351 mt7603: clear wtbl PS bit for powersave responses
123acf2 mt7603: set tx-skip flag for powersave clients
7dd2a9e mt7603: initialize wtbl ps flag on station add
86ddef3 mt76x2: remove some harmless WARN_ONs in tx status and rx path
e326bc2 mt7603: remove some harmless WARN_ONs in rx path
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Ryan Mounce [Thu, 3 Aug 2017 11:07:58 +0000 (20:37 +0930)]
tools: patch various gnu tools for macOS 10.13
These host tools compile but may crash at runtime when building on
macOS 10.13 (High Sierra). Backport upstream gnulib patch until new
releases of affected tools.
https://lists.gnu.org/archive/html/bug-gnulib/2017-07/msg00056.html
https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=
c41f233c4c38e84023a16339782ee306f03e7f59
Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
Felix Fietkau [Mon, 4 Dec 2017 08:56:32 +0000 (09:56 +0100)]
samba36: backport an upstream fix for an information leak (CVE-2017-15275)
Signed-off-by: Felix Fietkau <nbd@nbd.name>