oweals/openwrt.git
6 years agogrub2: disable building platform code for target utility
Felix Fietkau [Thu, 22 Feb 2018 08:29:54 +0000 (09:29 +0100)]
grub2: disable building platform code for target utility

It is not used and it was causing a build error with GCC 7.3

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agotoolchain/gcc: use version 7.x for x86 by default
Felix Fietkau [Wed, 21 Feb 2018 19:31:05 +0000 (20:31 +0100)]
toolchain/gcc: use version 7.x for x86 by default

This is needed for retpoline support, which mitigates the spectre
attacks.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agotoolchain/gcc: remove unused config symbol
Felix Fietkau [Wed, 21 Feb 2018 19:29:57 +0000 (20:29 +0100)]
toolchain/gcc: remove unused config symbol

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agokernel: avoid stripping retpoline flag with CONFIG_MODULE_STRIPPED
Felix Fietkau [Wed, 21 Feb 2018 19:55:10 +0000 (20:55 +0100)]
kernel: avoid stripping retpoline flag with CONFIG_MODULE_STRIPPED

Fixes kernel warning when loading modules

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agonetfilter: add a xt_FLOWOFFLOAD target for NAT/routing offload support
Felix Fietkau [Tue, 20 Feb 2018 14:58:42 +0000 (15:58 +0100)]
netfilter: add a xt_FLOWOFFLOAD target for NAT/routing offload support

This makes it possible to add an iptables rule that offloads routing/NAT
packet processing to a software fast path. This fast path is much
quicker than running packets through the regular tables/chains.

Requires Linux 4.14

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agokernel: backport netfilter NAT offload support to 4.14
Felix Fietkau [Mon, 5 Feb 2018 12:35:24 +0000 (13:35 +0100)]
kernel: backport netfilter NAT offload support to 4.14

This only works with nftables for now, iptables support will be added
later. Includes a number of related upstream nftables improvements to
simplify backporting follow-up changes

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agokernel: backport a series of netfilter cleanup patches to 4.14
Felix Fietkau [Mon, 5 Feb 2018 12:02:34 +0000 (13:02 +0100)]
kernel: backport a series of netfilter cleanup patches to 4.14

Preparation for backporting upstream NAT offload support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agonftables: update to 0.8.2, backport flowtable support
Felix Fietkau [Mon, 5 Feb 2018 13:02:13 +0000 (14:02 +0100)]
nftables: update to 0.8.2, backport flowtable support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agolibnftnl: backport flowtable support
Felix Fietkau [Mon, 5 Feb 2018 12:58:17 +0000 (13:58 +0100)]
libnftnl: backport flowtable support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agomac80211: add minstrel improvements/fixes
Felix Fietkau [Mon, 12 Feb 2018 20:38:30 +0000 (21:38 +0100)]
mac80211: add minstrel improvements/fixes

- Simplify debugfs code
- Reduce size
- Fix handling of CCK rates

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agohostapd: add support for sending 802.11v disassoc imminent notifications to clients...
Felix Fietkau [Sun, 11 Feb 2018 16:02:28 +0000 (17:02 +0100)]
hostapd: add support for sending 802.11v disassoc imminent notifications to clients via ubus

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agohostapd: add support for issuing 802.11k beacon measurement requests via ubus
Felix Fietkau [Sat, 10 Feb 2018 23:28:03 +0000 (00:28 +0100)]
hostapd: add support for issuing 802.11k beacon measurement requests via ubus

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agohostapd: expose client 802.11k capabilities via ubus
Felix Fietkau [Sat, 10 Feb 2018 18:42:12 +0000 (19:42 +0100)]
hostapd: expose client 802.11k capabilities via ubus

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agohostapd: return with 80211 codes in handle event function
Nick Hainke [Sun, 14 Jan 2018 00:26:13 +0000 (01:26 +0100)]
hostapd: return with 80211 codes in handle event function

If the auth or assoc request was denied the reason
was always WLAN_STATUS_UNSPECIFIED_FAILURE.
That's why for example the wpa supplicant was always
trying to reconnect to the AP.
Now it's possible to give reasoncodes why the auth
or assoc was denied.

Signed-off-by: Nick Hainke <vincent@systemli.org>
6 years agohostapd: add IEEE 802.11v support
Lorenzo Santina [Sat, 30 Sep 2017 11:01:11 +0000 (13:01 +0200)]
hostapd: add IEEE 802.11v support

Add Wireless Network Management (IEEE 802.11v)
support to:
- hostapd-full
- wpa_supplicant-full

It must be enabled at runtime via UCI with:
- option ieee80211v '1'

Add UCI support for:
- time_advertisement
- time_zone
- wnm_sleep_mode
- bss_transition

Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
6 years agohostapd: add support for turning on 802.11k/v features via ubus
Felix Fietkau [Sat, 10 Feb 2018 14:32:34 +0000 (15:32 +0100)]
hostapd: add support for turning on 802.11k/v features via ubus

Neighbor reports are enabled implicitly on use, beacon reports and BSS
transition management need to be enabled explicitly

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agomac80211: round up tx status headroom
Felix Fietkau [Sat, 10 Feb 2018 12:26:42 +0000 (13:26 +0100)]
mac80211: round up tx status headroom

Fixes unaligned access exceptions in mt76 when transmitting beacons

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agoramips: fix MT7621 switch driver IRQ storm on init with linux 4.14
Felix Fietkau [Wed, 21 Feb 2018 13:45:48 +0000 (14:45 +0100)]
ramips: fix MT7621 switch driver IRQ storm on init with linux 4.14

The hardware emits some interrupts while initializing and handling them
can mess up the state or cause infinite loops.
Fix this by disabling IRQs during init and re-enabling them afterwards

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agokernel: fix MIPS GIC clock source counter width (affects MT7621)
Felix Fietkau [Wed, 21 Feb 2018 12:54:35 +0000 (13:54 +0100)]
kernel: fix MIPS GIC clock source counter width (affects MT7621)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agoramips: fix MT7621 PCI driver on 4.14
Felix Fietkau [Wed, 21 Feb 2018 12:10:44 +0000 (13:10 +0100)]
ramips: fix MT7621 PCI driver on 4.14

The .map_irq hook can now be called after init.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agokernel: fix return value of usb_xhci_needs_pci_reset
Felix Fietkau [Tue, 20 Feb 2018 21:29:30 +0000 (22:29 +0100)]
kernel: fix return value of usb_xhci_needs_pci_reset

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agokernel: fix disabling common usb quirks on 4.14
Felix Fietkau [Tue, 20 Feb 2018 21:16:27 +0000 (22:16 +0100)]
kernel: fix disabling common usb quirks on 4.14

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agoubox: fix PKG_MIRROR_HASH
John Crispin [Tue, 20 Feb 2018 20:35:14 +0000 (21:35 +0100)]
ubox: fix PKG_MIRROR_HASH

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoramips: add support for Tama W06
INAGAKI Hiroshi [Mon, 19 Feb 2018 05:35:42 +0000 (14:35 +0900)]
ramips: add support for Tama W06

Tama Electric Axing W06 is a 2.4 GHz band 11n router, based on Mediatek
MT7688AN.

Specification:

- MT7688AN (575 MHz)
- 64 MB of RAM (DDR2 SDRAM)
- 16 MB of Flash (SPI)
- 1T1R 2.4 GHz
- 1x 10/100/1000 Mbps Ethernet
- 4x LEDs (GPIO connected: 3), 1x button
- 1x USB 2.0 Type-A (host)
- UART header on PCB (GND, RX, TX, Vcc from RJ45 side)

Flash instruction using sysupgrade image:
1. Connect micro-USB cable for power supply into W06 and turn on the
router
2. Connect to wifi with SSID "tama-*" with password. Complete SSID and
password are listed on the back of the router
3. Access to 192.168.1.1 and login with user name "admin" and password
empty
4. In firmware update(ファームウェア更新) page, click "参照" button
and click "ブラウザー" button to open file browser, select the
sysupgrade image and press OK button
5. Wait ~150 seconds to complete flashing

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
6 years agoramips: improve GnuBee Personal Cloud Two support
Mathias Kresin [Sat, 17 Feb 2018 08:54:57 +0000 (09:54 +0100)]
ramips: improve GnuBee Personal Cloud Two support

Use the generic board detection for the GnuBee Personal Cloud Two
instead of the target specific one as all recent additions are doing.

Fixup the pinmux to set all pins used as GPIO to the function GPIO.
Request pins where used.

Drop the i2c from the dts. There is nothing connected. While at it fix an
indentation issue and use references instead of duplicating the whole
node path.

Use the same switch config as for the GB-PC1 and drop the led trigger for
the not supported IP1001 phy connected to second rgmii.

Fixes: c60a21532bc9 ("ramips: Add support for the GnuBee Personal Cloud Two")
Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agoramips: use generic board detection for D-Link DAP-1522 A1
Mathias Kresin [Sat, 17 Feb 2018 08:18:09 +0000 (09:18 +0100)]
ramips: use generic board detection for D-Link DAP-1522 A1

Use the generic board detection for the D-Link DAP-1522 A1 instead of the
target specific one as all recent additions are doing.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agolantiq: kernel 4.14: update dts files
Hauke Mehrtens [Mon, 13 Nov 2017 21:39:01 +0000 (22:39 +0100)]
lantiq: kernel 4.14: update dts files

Updated the devicetree source files to make use of the following
upstreamed drivers:

 - xrx200 ethernet phy
 - reset controller unit
 - dwc2
 - fpi

Use our custom xrx200 ethernet phy compatible to support boards, which
have switched the vr9 revision during lifetime, with a single devicetree
source file.

By switching to the dwc2 driver + usb phy framework, we don't need to used
our custom gpio power patch and can use a fixed regulator instead.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agolantiq: kernel 4.14: cleanup dts files
Mathias Kresin [Mon, 1 Jan 2018 16:58:30 +0000 (17:58 +0100)]
lantiq: kernel 4.14: cleanup dts files

Move common used parts to dtsi. Add labels to nodes and reference nodes
via labels in dts files.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agolantiq: kernel 4.14: fix usb
Mathias Kresin [Sat, 20 Jan 2018 13:38:40 +0000 (14:38 +0100)]
lantiq: kernel 4.14: fix usb

On danube the USB0 registers are at 1e101000 similar to all other lantiq
SoCs.

On Danube and AR9 the USB core is connected to the AHB bus, hence we need
to enable the AHB Bus as well.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agolantiq: kernel 4.14: autoselect matching vr9 rev firmware
Mathias Kresin [Fri, 19 Jan 2018 19:19:06 +0000 (20:19 +0100)]
lantiq: kernel 4.14: autoselect matching vr9 rev firmware

Add a custom xrx200 ethernet phy compatible to load the firmware matching
the vr9 revision without specifing an expected revision.

We have quite a few boards in the tree were later produced ones are using
a more recent vr9. It is impossible to distinguish which revision of the
vr9 is used without opening the case and removing a heatsink for some of
them.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agolantiq: kernel 4.14: don't use CPU interrupt controller IPI IRQ domain support
Mathias Kresin [Mon, 8 Jan 2018 22:04:57 +0000 (23:04 +0100)]
lantiq: kernel 4.14: don't use CPU interrupt controller IPI IRQ domain support

This reverts kernel commit 1eed40043579 ("MIPS: smp-mt: Use CPU interrupt
controller IPI IRQ domain support"). With the patch applied, the kernel
hangs during boot if SMP is active.

The Lantiq IRQ controller gets registered first and it directly handles
the MIPS native SW1/2 and HW0 - HW5 IRQs. It looks like this controller
already registers IRQ 0 - 7 and the generic driver only gets the following
IRQs starting later.

The upstream discussion can be found at
https://www.linux-mips.org/archives/linux-mips/2017-05/msg00059.html.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agolantiq: kernel 4.14: select MFD SYSCON for ase
Mathias Kresin [Tue, 23 Jan 2018 21:14:28 +0000 (22:14 +0100)]
lantiq: kernel 4.14: select MFD SYSCON for ase

Enable syscon to use it for the RCU MFD on Amazon SE as well.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agolantiq: kernel 4.14: update patches and config
Hauke Mehrtens [Sun, 12 Nov 2017 22:06:30 +0000 (23:06 +0100)]
lantiq: kernel 4.14: update patches and config

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agolantiq: kernel 4.14: copy patches, config and dts files
Hauke Mehrtens [Sun, 12 Nov 2017 21:27:14 +0000 (22:27 +0100)]
lantiq: kernel 4.14: copy patches, config and dts files

This just copies the patches, configuration and dts files into the
directories hich are used for kernel 4.14.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agolantiq: fix lantiq applications kernel 4.14 compatiblity
Hauke Mehrtens [Mon, 13 Nov 2017 21:18:00 +0000 (22:18 +0100)]
lantiq: fix lantiq applications kernel 4.14 compatiblity

This is fixing multiple compile problems with kernel 4.14 and updates the
code to take care of changes introduced between kernel 4.9 and 4.14.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agolantiq: make dts files and kernel config kernel version specific
Mathias Kresin [Sun, 31 Dec 2017 11:11:57 +0000 (12:11 +0100)]
lantiq: make dts files and kernel config kernel version specific

Move the devicetree source files to a kernel specific directory in
preparation of adding kernel 4.14 support.

Rename the subtarget kernel config files to match a specific kernel
version.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agolantiq: rename gphy firmware
Mathias Kresin [Sun, 31 Dec 2017 10:48:15 +0000 (11:48 +0100)]
lantiq: rename gphy firmware

Rename the gphy firmware to match the name requested by kernel 4.14 and
update the devicetree source files to use the new name.

Update the u-boot lantiq Makefile to be compatible with the new names as
well.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agokernel: enable CONFIG_USB_PCI for PCI usb modules
Mathias Kresin [Sat, 20 Jan 2018 09:09:07 +0000 (10:09 +0100)]
kernel: enable CONFIG_USB_PCI for PCI usb modules

With upstream commit 2c93e790e825 ("usb: add CONFIG_USB_PCI for system
have both PCI HW and non-PCI based USB HW") the CONFIG_USB_PCI was
introduced.

The option is disabled by default in our generic kernel 4.14 config, hence
we need to set the option for all related kernel modules.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agoppp: fix build with kernel 4.14.9+
Mathias Kresin [Tue, 2 Jan 2018 00:01:33 +0000 (01:01 +0100)]
ppp: fix build with kernel 4.14.9+

With a9772285a724 ("linux/compiler.h: Split into compiler.h and
compiler_types.h") compiler.h was refactored and most its content was
moved to compiler_types.h. Both files are required to build ppp-mod-pppoa.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agoodhcpd: fix interop with wide DHCPv6 client (FS#1377)
Hans Dedecker [Tue, 20 Feb 2018 15:16:25 +0000 (16:16 +0100)]
odhcpd: fix interop with wide DHCPv6 client (FS#1377)

96033e9 dhcpv6-ia: don't always send reconf accept option (FS#1377)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agomodules: iio-mxs-lradc: build on mxs only
Zoltan HERPAI [Tue, 20 Feb 2018 14:01:00 +0000 (15:01 +0100)]
modules: iio-mxs-lradc: build on mxs only

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agomodules: gpio-mcp23s08: fully depend on i2c-core
Zoltan HERPAI [Tue, 20 Feb 2018 13:13:20 +0000 (14:13 +0100)]
modules: gpio-mcp23s08: fully depend on i2c-core

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agomxs: drop support for 4.9
Michael Heimpold [Mon, 19 Feb 2018 12:36:09 +0000 (13:36 +0100)]
mxs: drop support for 4.9

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
6 years agokernel: add kmod-iio-mxs-lradc
Michael Heimpold [Sun, 11 Feb 2018 13:19:15 +0000 (14:19 +0100)]
kernel: add kmod-iio-mxs-lradc

This adds support for the Freescale i.MX23/28 SoC's Low-Resolution ADC.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
6 years agomxs: enable LRADC driver
Michael Heimpold [Sun, 11 Feb 2018 10:33:32 +0000 (11:33 +0100)]
mxs: enable LRADC driver

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
6 years agomxs: bump to use 4.14 by default
Zoltan HERPAI [Mon, 8 Jan 2018 22:50:26 +0000 (23:50 +0100)]
mxs: bump to use 4.14 by default

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agomxs: add support for 4.14
Zoltan HERPAI [Mon, 8 Jan 2018 22:50:01 +0000 (23:50 +0100)]
mxs: add support for 4.14

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agokernel: ar83xx: remove stray leading space
John Crispin [Tue, 20 Feb 2018 09:32:58 +0000 (10:32 +0100)]
kernel: ar83xx: remove stray leading space

Signed-off-by: John Crispin <john@phrozen.org>
6 years agokernel: ar83xx: add support to configure per port VLAN priority
Tan Hong Hui [Sat, 27 Jan 2018 02:14:57 +0000 (10:14 +0800)]
kernel: ar83xx: add support to configure per port VLAN priority

Add support to allow for per switch port VLAN priority (PCP) bits
for the ar8327/8337 chip using the swconfig utility.

Tested on Netgear R7800

Signed-off-by: Tan Hong Hui <hhtan72@yahoo.com>
6 years agouqmi: ensure CID is a numeric value before proceeding
Koen Vandeputte [Mon, 19 Feb 2018 10:02:45 +0000 (11:02 +0100)]
uqmi: ensure CID is a numeric value before proceeding

The current implementation only checked if uqmi itself executed
correctly which is also the case when the returned value is actually
an error.

Rework this, checking that CID is a numeric value, which can only
be true if uqmi itself also executed correctly.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: backport pcie enumeration fix to kernel 4.9
Koen Vandeputte [Mon, 19 Feb 2018 09:46:14 +0000 (10:46 +0100)]
kernel: backport pcie enumeration fix to kernel 4.9

This issue is also present in kernel 4.9 starting from 4.9.71
Adapted the patch, as the fixed function is in another location here.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agobuild: add --force option to gzip in Build/gzip
Stijn Tintel [Mon, 19 Feb 2018 22:03:00 +0000 (23:03 +0100)]
build: add --force option to gzip in Build/gzip

When using pigz, a parallel gzip implementation, the gzip step in the
image build for some targets fails, because the image filename already
has the .gz extension. This results in an emtpy image file. Fix this by
adding the --force option to gzip in the Build/gzip macro.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Martin Schleier <drahemmaps@gmx.net>
6 years agoRevert "brcm2708: fix sdcard image"
Stijn Tintel [Mon, 19 Feb 2018 21:39:12 +0000 (22:39 +0100)]
Revert "brcm2708: fix sdcard image"

This reverts commit 6c2e1ff80f52b939405fe0c14577c584602ae432.

GNU gzip does not fail when the image filename already contains the .gz
extension, this is a problem specific to pigz. Revert the commit, as we
now gzip the image twice.

Reported-by: Martin Schleier <drahemmaps@gmx.net>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
6 years agokernel: backport patches simplifying mtd_device_parse_register code
Rafał Miłecki [Mon, 19 Feb 2018 14:40:42 +0000 (15:40 +0100)]
kernel: backport patches simplifying mtd_device_parse_register code

These 2 patches were recently queued for 4.17.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agokernel: order mtd backported patches by kernel release
Rafał Miłecki [Mon, 19 Feb 2018 14:27:47 +0000 (15:27 +0100)]
kernel: order mtd backported patches by kernel release

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agoimx6: remove support for 4.9
Tim Harvey [Thu, 15 Feb 2018 16:34:38 +0000 (08:34 -0800)]
imx6: remove support for 4.9

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoimx6: switch to Linux 4.14
Tim Harvey [Thu, 15 Feb 2018 16:34:37 +0000 (08:34 -0800)]
imx6: switch to Linux 4.14

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoimx6: add support for Linux 4.14
Tim Harvey [Thu, 15 Feb 2018 16:34:36 +0000 (08:34 -0800)]
imx6: add support for Linux 4.14

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: backport dwc pci enumeration fix
Tim Harvey [Thu, 15 Feb 2018 16:34:35 +0000 (08:34 -0800)]
kernel: backport dwc pci enumeration fix

Backport of:  http://patchwork.ozlabs.org/patch/860701/

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: add missing symbols for v4.14
John Crispin [Mon, 19 Feb 2018 08:31:59 +0000 (09:31 +0100)]
kernel: add missing symbols for v4.14

Signed-off-by: John Crispin <john@phrozen.org>
6 years agodnsmasq: bump to 2.79rc1
Kevin Darbyshire-Bryant [Thu, 15 Feb 2018 10:45:38 +0000 (10:45 +0000)]
dnsmasq: bump to 2.79rc1

1721453 Remove special handling of A-for-A queries.
499d8dd Fix boundary for test introduced in 3e3f1029c9ec6c63e430ff51063a6301d4b2262
6f1cbfd Fix debian/readme typo.
55ecde7 Inotify: Ignore backup files created by editors
6b54d69 Make failure to chown() pidfile a warning.
246a31c Change ownership of pid file, to keep systemd happy.
83e4b73 Remove confusion between --user and --script-user.
6340ca7 Tweak heuristic for initial DNSSEC memory allocation.
baf553d Default min-port to 1024 to avoid reserved ports.
486bcd5 Simplify and correct bindtodevice().
be9a74d Close Debian bug for CVE-2017-15107.
ffcbc0f Example config typo fixes.
a969ba6 Special case NSEC processing for root DS record, to avoid spurious BOGUS.
f178172 Add homepage to Debian control file.
cd7df61 Fix DNSSEC validation errors introduced in 4fe6744a220eddd3f1749b40cac3dfc510787de6
c1a4e25 Try to be a little more clever at falling back to smaller DNS packet sizes.
4fe6744 DNSSEC fix for wildcard NSEC records. CVE-2017-15107 applies.
3bd4c47 Remove limit on length of command-line options.
98196c4 Typo fix.
22cd860  Allow more than one --bridge-interface option to refer to an interface.
3c973ad Use SIGINT (instead of overloading SIGHUP) to turn on DNSSEC time validation.
faaf306 Spelling fixes.
c7e6aea Change references to gPXE to iPXE. Development of EtherBoot gPXE was always development of iPXE core developer Michael Brown.
e541245 Handle duplicate RRs in DNSSEC validation.
84a01be Bump year in Debian copyright notice.
d1ced3a Update copyrights to 2018.
a6cee69 Fix exit code from dhcp_release6.
0039920 Severely fix code formating of contrib/lease-tools/dhcp_release6.c
39d8550 Run Debian startup regex in "C" locale.
ef3d137 Fix infinite retries in strict-order mode.
8c707e1 Make 373e91738929a3d416e6292e65824184ba8428a6 compile without DNSSEC.
373e917 Fix a6004d7f17687ac2455f724d0b57098c413f128d to cope with >256 RRs in answer section.
74f0f9a Commment language tweaks.
ed6bdb0 Man page typos.
c88af04 Modify doc.html to mention git-over-http is now available.
ae0187d Fix trust-anchor regexp in Debian init script.
0c50e3d Bump version in Debian package.
075366a Open inotify socket only when used.
8e8b2d6 Release notes update.
087eb76 Always return a SERVFAIL response to DNS queries with RD=0.
ebedcba Typo in printf format string added in 22dee512f3738f87539a79aeb52b9e670b3bd104
0954a97 Remove RSA/MD5 DNSSEC algorithm.
b77efc1 Tidy DNSSEC algorithm table use.
3b0cb34 Fix manpage which said ZSK but meant KSK.
aa6f832 Add a few DNS RRs to the table.
ad9c6f0 Add support for Ed25519 DNSSEC signature algorithm.
a6004d7 Fix caching logic for validated answers.
c366717 Tidy up add_resource_record() buffer size checks.
22dee51 Log DNS server max packet size reduction.
6fd5d79 Fix logic on EDNS0 headers.
9d6918d Use IP[V6]_UNICAST_IF socket option instead of SO_BINDTODEVICE for DNS.
a49c5c2 Fix search_servers() segfault with DNSSEC.
30858e3 Spaces in CNAME options break parsing.

Refresh patches.
Remove upstreamed patches:
250-Fix-infinite-retries-in-strict-order-mode.patch
260-dnssec-SIGINT.patch
270-dnssec-wildcards.patch

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agobrcm2708: Fix compile after adding kernel 4.9.82
Hauke Mehrtens [Sun, 18 Feb 2018 18:46:42 +0000 (19:46 +0100)]
brcm2708: Fix compile after adding kernel 4.9.82

Fixes: f621b539512e ("kernel: bump 4.9 to 4.9.82")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agox86: Use kernel 4.14 by default
Hauke Mehrtens [Sat, 17 Feb 2018 15:02:02 +0000 (16:02 +0100)]
x86: Use kernel 4.14 by default

Support for kernel 4.14 was added 2 months ago, make it now the default
kernel to use for the x86 target.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stijn Segers <francesco.borromini@inventati.org>
6 years agokernel: add missing config symbols
Stijn Tintel [Sun, 18 Feb 2018 13:14:06 +0000 (14:14 +0100)]
kernel: add missing config symbols

They were introduced for arm64 in 4.14.20.

Fixes: 88ba41453dbc ("kernel: bump 4.14 to 4.14.20")

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
6 years agokernel: add missing symbol
John Crispin [Sun, 18 Feb 2018 08:20:38 +0000 (09:20 +0100)]
kernel: add missing symbol

this caused v4.14.20 based builds so fail on aarch64

Signed-off-by: John Crispin <john@phrozen.org>
6 years agokernel: bump 4.9 to 4.9.82
Stijn Tintel [Sun, 18 Feb 2018 00:43:25 +0000 (01:43 +0100)]
kernel: bump 4.9 to 4.9.82

Refresh patches.
Remove upstreamed patches:
- ar7/002-MIPS-AR7-ensure-the-port-type-s-FCR-value-is-used.patch
- backport/040-crypto-fix-typo-in-KPP-dependency-of-CRYPTO_ECDH.patch
Remove layerscape/819-Revert-dmaengine-dmatest-move-callback-wait-queue-to.patch,
it is superseded by upstream commit 297c7cc4b5651b174a62925b6c961085f04979fd.
Remove pending/650-pppoe_header_pad.patch, it is superseded by
upstream commit 1bd21b158e07e0b8c5a2ce832305a0ebfe42c480.
Update patches that no longer apply:
- ar71xx/004-register_gpio_driver_earlier.patch
- hack/204-module_strip.patch
- pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch

Fixes CVE-2017-8824.

Compile-tested: ar71xx.
Runtime-tested: ar71xx.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
6 years agodropbear: add option to set receive window size
Stijn Tintel [Sun, 18 Feb 2018 00:15:58 +0000 (01:15 +0100)]
dropbear: add option to set receive window size

The default receive window size in dropbear is hardcoded to 24576 byte
to limit memory usage. This value was chosen for 100Mbps networks, and
limits the throughput of scp on faster networks. It also severely limits
scp throughput on high-latency links.

Add an option to set the receive window size so that people can improve
performance without having to recompile dropbear.

Setting the window size to the highest value supported by dropbear
improves throughput from my build machine to an APU2 on the same LAN
from 7MB/s to 7.9MB/s, and to an APU2 over a link with ~65ms latency
from 320KB/s to 7.5MB/s.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
6 years agokernel: bump 4.14 to 4.14.20
Stijn Tintel [Sat, 17 Feb 2018 21:59:07 +0000 (22:59 +0100)]
kernel: bump 4.14 to 4.14.20

Refresh patches.
Remove upstreamed patches:
- backport/080-v4.15-0001-arch-define-weak-abort.patch
- backport/081-v4.15-0002-kernel-exit.c-export-abort-to-modules.patch
Update patch that no longer applies:
pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch

Fixes CVE-2017-8824.

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
6 years agobrcm2708: fix sdcard image
Stijn Tintel [Sat, 17 Feb 2018 20:00:34 +0000 (21:00 +0100)]
brcm2708: fix sdcard image

The gzip step in the sdcard image build fails because the image filename
already has the gzip extension. This results in an empty image file, to
which the metadata is finally appended.

Remove the .gz extension from the image filename to fix this.

Fixes: e79b096ee175 ("brcm2708: convert to metadata")

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
6 years agoiperf3: update to 3.4
Philip Prindeville [Wed, 14 Feb 2018 23:58:54 +0000 (16:58 -0700)]
iperf3: update to 3.4

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
6 years agoarchs38: add HSDK board to network configure scripts
Evgeniy Didin [Thu, 15 Feb 2018 17:26:04 +0000 (20:26 +0300)]
archs38: add HSDK board to network configure scripts

In the initial patch which adds HSDK board there were no update
of network configuration scripts. Without it by default static IP
is set for br-lan and there is no access to internet.
This patch fixes the issue.

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
CC: Alexey Brodkin <abrodkin@synopsys.com>
CC: Hauke Mehrtens <hauke@hauke-m.de>
CC: John Crispin <john@phrozen.org>
6 years agoopenvpn: fix interface with mbedtls_sha256
Russell Senior [Fri, 16 Feb 2018 12:39:00 +0000 (04:39 -0800)]
openvpn: fix interface with mbedtls_sha256

Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions
were deprecated in favor of functions returning an int error code.  Use
the new function mbedtls_sha256_ret().

Signed-off-by: Russell Senior <russell@personaltelco.net>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agocurl: fix interface with mbedtls_sha256
Russell Senior [Fri, 16 Feb 2018 12:15:21 +0000 (04:15 -0800)]
curl: fix interface with mbedtls_sha256

Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions
were deprecated in favor of functions returning an int error code.  Use
the new function mbedtls_sha256_ret().

Signed-off-by: Russell Senior <russell@personaltelco.net>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agosunxi: Add Xunlong Orange Pi Zero Plus
Hauke Mehrtens [Sat, 27 Jan 2018 22:46:50 +0000 (23:46 +0100)]
sunxi: Add Xunlong Orange Pi Zero Plus

This is based on a patch from armbian:
https://github.com/armbian/build/blob/master/patch/kernel/sunxi-next/sunxi-add-orangepi-zero-plus.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agouboot-sunxi: Add Xunlong Orange Pi Zero Plus
Hauke Mehrtens [Sat, 27 Jan 2018 22:46:32 +0000 (23:46 +0100)]
uboot-sunxi: Add Xunlong Orange Pi Zero Plus

This is based on a patch from armbian:
https://github.com/armbian/build/blob/master/patch/u-boot/u-boot-sunxi/add-orangepi-zeroplus.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agosunxi: Add Realtek PHY driver or ARM64 devices
Hauke Mehrtens [Sun, 28 Jan 2018 00:14:42 +0000 (01:14 +0100)]
sunxi: Add Realtek PHY driver or ARM64 devices

The Orange Pi Zero Plus uses a RTL8211E, add the driver for this PHY.
This is probably used on more boards with a Allwinner SoC.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agosunxi: add support for NanoPi NEO Plus2 board
Antony Antony [Thu, 28 Dec 2017 17:21:15 +0000 (18:21 +0100)]
sunxi: add support for NanoPi NEO Plus2 board

arm64: allwinner: h5: NanoPi NEO Plus2 DT support
Add initial DT for NanoPi NEO Plus2 by FriendlyARM
    - Allwinner quad core H5 Cortex A53 with an ARM Mali-450MP GPU
    - 1 GB DDR3 RAM
    - 8GB eMMC flash (Samsung KLM8G1WEPD-B031)
    - micro SD card slot
    - Gigabit Ethernet (external RTL8211E-VB-CG chip)
    - 802.11 b/g/n WiFi, Bluetooth 4.0 (Ampak AP6212A module)
    - 2x USB 2.0 host ports & 2x USB via headers

Signed-off-by: Antony Antony <antony@phenome.org>
6 years agosunxi: add kernel DT for NanoPi NEO Plus2 board
Antony Antony [Thu, 28 Dec 2017 17:21:18 +0000 (18:21 +0100)]
sunxi: add kernel DT for NanoPi NEO Plus2 board

Linux Kernel upstream commit d73413058

Signed-off-by: Antony Antony <antony@phenome.org>
6 years agouboot-sunxi: add u-boot DT for NanoPi NEO Plus2 board
Antony Antony [Thu, 28 Dec 2017 17:21:16 +0000 (18:21 +0100)]
uboot-sunxi: add u-boot DT for NanoPi NEO Plus2 board

u-boot upstream commit 6130b1f6bc23

Signed-off-by: Antony Antony <antony@phenome.org>
6 years agouboot-sunxi: dts: Update orange Pi R1 integration
Hauke Mehrtens [Mon, 1 Jan 2018 23:37:26 +0000 (00:37 +0100)]
uboot-sunxi: dts: Update orange Pi R1 integration

This syncs the Orange Pi R1 device tree files with the one from the
upstream kernel and also uses the default configuration from the Orange
Pi Zero.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agoar71xx: fix sysupgrade syntax error
Mathias Kresin [Fri, 16 Feb 2018 21:56:56 +0000 (22:56 +0100)]
ar71xx: fix sysupgrade syntax error

Fix syntax error introduced with 188328111b46 ("treewide: move
nand_do_upgrade call to platform_do_upgrade").

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agombedtls: activate deprecated functions
Hauke Mehrtens [Fri, 16 Feb 2018 18:48:49 +0000 (19:48 +0100)]
mbedtls: activate deprecated functions

Some functions used by a lot of other software was renamed and is only
active when deprecated functions are allowed, deactivate the removal of
deprecated functions for now.

Fixes: 75c5ab4caf9 ("mbedtls: update to version 2.7.0")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agogpio-nct5104d: Add support for new chip ID
Jasper Scholte [Thu, 15 Feb 2018 12:40:53 +0000 (13:40 +0100)]
gpio-nct5104d: Add support for new chip ID

The PC Engines APU3b has a new nct5104b version with chip ID 0xc453.
This adds support for that version.

Signed-off-by: Jasper Scholte <NightNL@outlook.com>
6 years agotreewide: move nand_do_upgrade call to platform_do_upgrade
Mathias Kresin [Mon, 18 Dec 2017 19:32:18 +0000 (20:32 +0100)]
treewide: move nand_do_upgrade call to platform_do_upgrade

Calling nand_do_upgrade() from platform_pre_upgrade() was deprecated
with 30f61a34b4cf ("base-files: always use staged sysupgrade").

Update the platform upgrade code to use platform_do_upgrade() for NAND
images as well.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agotreewide: remove obsolete sysupgrade watchdog kill
Mathias Kresin [Mon, 18 Dec 2017 17:42:49 +0000 (18:42 +0100)]
treewide: remove obsolete sysupgrade watchdog kill

The watchdog kill command was meant for busybox watchdog. Busybox watchdog
was replaced by the procd watchdog mid 2013 with commit df7ce9301a25
("busybox: disable the watchdog utility by default"), which makes the kill
command obsolete since quite some time.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agosunxi: switch to kernel 4.14
Zoltan HERPAI [Fri, 16 Feb 2018 11:20:39 +0000 (12:20 +0100)]
sunxi: switch to kernel 4.14

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agoRevert "uboot-sunxi: bump to 2017.11"
Zoltan HERPAI [Fri, 16 Feb 2018 10:40:34 +0000 (11:40 +0100)]
Revert "uboot-sunxi: bump to 2017.11"

This reverts commit 805f756d6e4ff5061380baf5e262aec72abcf195.

Move back to 2017.07 until we move sunxi to GCC7.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agoRevert "uboot-sunxi: refresh patches"
Zoltan HERPAI [Fri, 16 Feb 2018 10:40:01 +0000 (11:40 +0100)]
Revert "uboot-sunxi: refresh patches"

This reverts commit f142de5f44bcba8cb0f12e5b1fd26cd9867cf866.

Revert until we can move to 2017.11

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agoRevert "uboot-sunxi: fix build by adding comparabilities for old dtc"
Zoltan HERPAI [Fri, 16 Feb 2018 10:39:13 +0000 (11:39 +0100)]
Revert "uboot-sunxi: fix build by adding comparabilities for old dtc"

This reverts commit ef0416666f48e1e7793c4230cec18c8cdd3e1003.

Revert until we can move to 2017.11

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agokernel: add missing symbols
John Crispin [Fri, 16 Feb 2018 09:01:31 +0000 (10:01 +0100)]
kernel: add missing symbols

These cause mediatek arm to fail full builds

Signed-off-by: John Crispin <john@phrozen.org>
6 years agonftables: update to version 0.8.2
Hauke Mehrtens [Thu, 15 Feb 2018 21:13:17 +0000 (22:13 +0100)]
nftables: update to version 0.8.2

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agoiproute2: update to version 4.15.0
Hauke Mehrtens [Thu, 15 Feb 2018 21:12:03 +0000 (22:12 +0100)]
iproute2: update to version 4.15.0

The musl compatibility patches are now included in the upstream version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agombedtls: update to version 2.7.0
Hauke Mehrtens [Thu, 15 Feb 2018 20:58:47 +0000 (21:58 +0100)]
mbedtls: update to version 2.7.0

This fixes the following security problems:
* CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled
* CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agoramips: preliminary support for 4.14
Roman Yeryomin [Tue, 16 Jan 2018 22:07:58 +0000 (00:07 +0200)]
ramips: preliminary support for 4.14

- removed upstreamed patches
- 0901-spansion_nand_id_fix.patch is disabled, not clear if it's needed

Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: John Crispin <john@phrozen.org>
6 years agoiwinfo: update to latest git HEAD
Daniel Golle [Thu, 15 Feb 2018 03:56:26 +0000 (04:56 +0100)]
iwinfo: update to latest git HEAD

223e09b add support for expected throughput

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agoramips: fix reporting effective VLAN ID on MT7621 switches
Jo-Philipp Wich [Tue, 13 Feb 2018 14:58:48 +0000 (15:58 +0100)]
ramips: fix reporting effective VLAN ID on MT7621 switches

On MT7621, the REG_ESW_VLAN_VTIM reads are undefined, causing swconfig
to always report `vid: 0` in swconfig show output.

Since a 4K VLAN table is used on this platform, the VLAN ID always
correponds to the actual VLAN table index so provide a specific MT7621
implementation of the get_vid callback which returns the table index
as VLAN ID.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agoramips: properly map pvid for vlans with remapped vid on mt7530/762x switches
Jo-Philipp Wich [Tue, 13 Feb 2018 14:37:49 +0000 (15:37 +0100)]
ramips: properly map pvid for vlans with remapped vid on mt7530/762x switches

Currently, untagged port primary vlan IDs are set to the VLAN table index,
and not the actual VLAN ID, breaking configurations with IDs deviating from
the VLAN index.

Fix the issue by resolving the per-port pvid property to the target VLAN ID
value before committing to the hardware.

Fixes FS#991, FS#1147, FS#1341

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agoramips: don't clobber vlans with remapped vid on mt7530/762x switches
Jo-Philipp Wich [Sun, 11 Feb 2018 19:24:37 +0000 (20:24 +0100)]
ramips: don't clobber vlans with remapped vid on mt7530/762x switches

Avoid overwriting vlan entries with remapped vid in later iterations of
the vlan enumeration loop of mt7530_apply_config().

Fix the problem by refactoring the code to first reset the entire table,
then reprogram only vlans with members to prevent overwriting configured
vlans with unconfigured ones.

Fixes FS#1147, FS#1341

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agoat91: fix image building with CONFIG_TARGET_MULTI_PROFILE
Jo-Philipp Wich [Tue, 13 Feb 2018 15:12:08 +0000 (16:12 +0100)]
at91: fix image building with CONFIG_TARGET_MULTI_PROFILE

The current image build code has a number of race conditions and interface
contract violations in the custom image build steps:

 - Build/install-zImage, solely used by at91, relies on $(PROFILE_SANITIZED)
   which is not available when building with CONFIG_TARGET_MULTI_PROFILE

 - Build/at91-sdcard, which may run concurrently, creates scratch files at
   fixed locations and manipulates target files directly which can lead
   to file corruption and other unexpected failures

Rename the install-zImage macro to at91-install-zImage and move it to the
at91 image Makefile since this target is the sole user. Also utilize "$@"
as output file name and switch the usage of $(PROFILE_SANITIZED) to
$(DEVICE_NAME) in order to fix naming under multi profile builds.

Fix the at91-sdcard macro to construct scratch file paths relative to "$@",
which is guaranteed to be unique and store the final artifact output in "$@"
as well, instead of inside $(BIN_DIR). The generic image build code takes
care of moving a build steps "$@" output to the final destination in a
concurrency-safe manner.

Finally remove the broken install-zImage from the generic image-commands
Makefile.

Fixes: d7a679a036 ("at91: Install zImage.")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agomediatek: bump to v4.14
John Crispin [Mon, 8 Jan 2018 14:06:24 +0000 (15:06 +0100)]
mediatek: bump to v4.14

This drops support for all the !emmc EVB and adds banannaPi-R2
Also drop mtkhnat until the nftables offoad driver is ready

Signed-off-by: John Crispin <john@phrozen.org>