Mauro Mozzarelli [Mon, 2 Oct 2017 18:09:09 +0000 (19:09 +0100)]
kernel: netfilter: add IPVS kernel module support
IPVS (IP Virtual Server) implements transport-layer load balancing inside
the Linux kernel, so called Layer-4 switching. IPVS running on a host acts
as a load balancer at the front of a cluster of real servers, it can direct
requests for TCP/UDP based services to the real servers, and makes services
of the real servers to appear as a virtual service on a single IP address.
This change adds the following kmod packages
- kmod-nf-ipvs
- kmod-nf-ipvs-ftp
- kmod-nf-ipvs-sip
Signed-off-by: Mauro Mozzarelli <mauro@ezplanet.org>
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Andy Walsh [Wed, 1 Aug 2018 10:48:08 +0000 (12:48 +0200)]
ncurses: use default host install
* just use default host/install, so libs/headers get properly generated/installed
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Andy Walsh [Tue, 7 Aug 2018 15:46:42 +0000 (17:46 +0200)]
gettext-full: host compile with -fpic
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Samuel Casa [Tue, 7 Aug 2018 09:16:34 +0000 (11:16 +0200)]
zram-swap: Shell cosmetic
Signed-off-by: Samuel Casa <samuel.casa@neratec.com>
Samuel Casa [Tue, 7 Aug 2018 08:49:22 +0000 (10:49 +0200)]
zram-swap: remove trailing whitespaces in init script
Signed-off-by: Samuel Casa <samuel.casa@neratec.com>
[slightly reword subject]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
David Yang [Sat, 11 Aug 2018 07:51:02 +0000 (15:51 +0800)]
dante: disable sched_getscheduler() - not implemented in musl
musl doesn't come with an valid implementation of `sched_getscheduler()`;
it simply returns -ENOSYS for it. Without this option (and compile dante
with `sched_getscheduler()` enabled), you will get
error: serverinit(): sched_getscheduler(2): failed to retrieve current
cpuscheduling policy: Function not implemented
and dante won't start at all.
Ref: http://lists.alpinelinux.org/alpine-devel/3932.html
Ref: http://lists.alpinelinux.org/alpine-devel/3936.html
Signed-off-by: David Yang <mmyangfl@gmail.com>
[slightly reword commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Tony Ambardar [Sat, 3 Mar 2018 03:32:24 +0000 (19:32 -0800)]
base-files: fix postinstall uci-defaults removal
Commit
7f694582 introduced a bug where default_postinst() often fails to
remove a uci-defaults script after application, leaving it to run again
after a reboot.
(Note: commit
7f694582 also introduced FS#1021, now fixed by
73c745f6)
The subtle problem arises from the shell logical chain:
[ -f "$i" ] && . "$i" && rm -f "$i"
Most uci-defaults scripts contain a terminal 'exit 0' statement which,
when sourced, results in the logic chain exiting before executing 'rm -f'.
This was observed while testing upgrades of 'luci-app-sqm'.
The solution is to wrap the shell sourcing in a subshell relative to the
command 'rm -f':
( [ -f "$i" ] && . "$i" ) && rm -f "$i"
Revert to using 'grep' to prefilter the list of entries from the control
file, which yields the full path of uci-defaults scripts. This allows
keeping the existence check, directory change and script sourcing inside
the subshell, with the script removal correctly outside.
This approach avoids adding a second subshell only around the "." (source)
command. The change also preserves the fix FS#1021, since the full path is
used to source the script, which is POSIX-portable irrespective of PATH
variable or reference to the CWD.
Run Tested on: LEDE 17.01.4 running ar71xx, while tracing installation of
package luci-app-sqm with its associated /etc/uci-defaults/luci-sqm file.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Konstantin Demin [Mon, 5 Mar 2018 09:46:44 +0000 (12:46 +0300)]
rules.mk: add ESED command
ESED is SED with extended regular expressions turned on.
Command line and usage are the same as for SED.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Rafał Miłecki [Mon, 24 Sep 2018 11:46:08 +0000 (13:46 +0200)]
kernel: pick earlycon regression fixes from the stable-queue.git
This fixes regression introduced in kernel 4.14 and makes bcm53xx revert
obsolete.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Felix Fietkau [Mon, 24 Sep 2018 09:02:30 +0000 (11:02 +0200)]
build: drop buildbot toolchain rebuild check when not using git
The check cleans and rebuilds the toolchain if it changed on update.
When building from a source tarball, it is reasonable to expect that
there will be no updates, so no rebuild check is necessary
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Jo-Philipp Wich [Mon, 24 Sep 2018 06:36:10 +0000 (08:36 +0200)]
lldpd: inhibit linking of libbsd on !GLIBC
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Rosy Song [Sat, 22 Sep 2018 13:15:40 +0000 (21:15 +0800)]
busybox: fix dependency for IPV6
Signed-off-by: Rosy Song <rosysong@rosinson.com>
Hauke Mehrtens [Sat, 22 Sep 2018 21:59:10 +0000 (23:59 +0200)]
kernel: fix build of nftables
Backport an additional patch from 4.16 for nftables.
This fixes a build problem recently introduced.
Fixes:
f57806b56e5 ("kernel: generic: Fix nftables inet table breakage")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Yangbo Lu [Thu, 6 Sep 2018 05:30:32 +0000 (13:30 +0800)]
layerscape: build ls-dpl package with linux dtc tool
Building ls-dpl package requires the dtc tool. This patch
is to support using linux dtc tool for ls-dpl package.
This avoids compile issue when host system doesn't have
the dtc tool.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Wed, 1 Aug 2018 02:41:11 +0000 (10:41 +0800)]
layerscape: fix get_device_file() function of restool
The restool failed to work with current gcc-7.3.0-musl.
This patch is to add a restool fix-up patch to fix
multiple problems encountered in the get_device_file()
function:
- The deprecated atoi() function is replaced by strtoul
- An invalid memory access was being performed by using
memory from dir->d_name even after closedir(). This is
fixed by a strdup() on the device filename.
- Also, error prints now print any relevant error code.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Mon, 23 Jul 2018 08:48:48 +0000 (16:48 +0800)]
layerscape: update README for SD card boot and new devices
This patch is to update the README since SD card boot support
and LS1012AFRWY/LS1021ATWR were introduced.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Wed, 18 Jul 2018 08:56:07 +0000 (16:56 +0800)]
layerscape: add ls1012afrwy support and drop ls1012afrdm
ls1012afrdm was no longer supported in NXP Layerscape SDK.
Instead a new board ls1012afrwy was introduced in LSDK.
This patch is to drop ls1012afrdm and add ls1012afrwy support.
Since only 2MB NOR flash could be used, we just put u-boot
and firmware on NOR flash, and put kernel/dtb/rootfs on SD
card.
The Layerscape FRWY-LS1012A board is an ultra-low-cost
development platform for LS1012A Series Communication
Processors built on Arm Cortex-A53. This tool refines the
FRDM-LS1012A with more features for a better hands-on experience
for IoT, edge computing, and various advanced embedded
applications. Features include easy access to processor I/O,
low-power operation, micro SD card storage, an M2 connector, a
small form factor, and expansion board options via mikroBUS Click
Module. The MicroBUS Module provides easy expansion via hundreds
of powerful modules supporting sensors, actuators, memories,
and displays.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Wed, 18 Jul 2018 06:14:40 +0000 (14:14 +0800)]
layerscape: add SD card boot support
NOR/QSPI Flash on Layerscape board only has limited 64MB memory size.
Since some boards (ls1043ardb/ls1046ardb/ls1088ardb/ls1021atwr)
could support SD card boot, we added SD boot support for them to put
all things on SD card to meet large memory requirement.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Tue, 10 Jul 2018 03:58:59 +0000 (11:58 +0800)]
layerscape: add armv7 subtarget and ls1021atwr board support
The NXP TWR-LS1021A module is a development system based
on the QorIQ LS1021A processor.
- This feature-rich, high-performance processor module can
be used standalone or as part of an assembled Tower System
development platform.
- Incorporating dual Arm Cortex-A7 cores running up to 1 GHz,
the TWR-LS1021A delivers an outstanding level of performance.
- The TWR-LS1021A offers HDMI, SATA3 and USB3 connectors as
well as a complete Linux software developer's package.
- The module provides a comprehensive level of security that
includes support for secure boot, Trust Architecture and
tamper detection in both standby and active power modes,
safeguarding the device from manufacture to deployment.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Wed, 15 Aug 2018 08:41:41 +0000 (16:41 +0800)]
layerscape: split image makefile per subtarget
This patch is to split image makefile per subtarget.
The ARMv7 subtarget will be added in the future.
It will be not convinient if only one makefile is used
for several subtargets management and future development.
This patch also dropped 32-bit Traverse LS1043-S since
Traverse only intended to support 64-bit and the 32-bit
compile now had an issue.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Mon, 9 Jul 2018 10:38:10 +0000 (18:38 +0800)]
layerscape: define ls-append function
This patch is to define a ls-append function for
each device to reuse it for image appending.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Wed, 15 Aug 2018 08:08:53 +0000 (16:08 +0800)]
layerscape: update linux 4.9 patches to LSDK-18.06
This patch is to update linux 4.9 patches to LSDK-18.06
release and to adjust config-4.9 accordingly.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Tue, 17 Jul 2018 09:42:47 +0000 (17:42 +0800)]
layerscape: add u-boot environment support for OpenWrt boot
This patch is to implement u-boot environment txt files
to support OpenWrt boot for all layerscape devices.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Wed, 4 Jul 2018 04:20:41 +0000 (12:20 +0800)]
layerscape: update u-boot to LSDK-18.06
The u-boot source code had been migrated to codeaurora
for LSDK-18.06 release and the future release. This
patch is to update u-boot to LSDK-18.06 for both
uboot-layerscape and uboot-layerscape-armv8_32b packages.
Besides, this patch also introduced some other changes.
- Reworked uboot-layerscape makefile to make it more
readable.
- Define package in uboot-layerscape-armv8_32b for each board.
- Fixed u-boot package selection in target image makefile.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Mon, 16 Jul 2018 08:59:48 +0000 (16:59 +0800)]
layerscape: drop uboot-layerscape patches
Dropped uboot-layerscape patches which were environemnt patches.
We will make u-boot environment binaries with a txt file for all
devices.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Tue, 3 Jul 2018 06:17:08 +0000 (14:17 +0800)]
layerscape: update restool to LSDK-18.06
The restool source code had been migrated to codeaurora
for LSDK-18.06 release and the future release. This patch
is to update restool to LSDK-18.06 release.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Tue, 3 Jul 2018 06:58:01 +0000 (14:58 +0800)]
layerscape: update ls-ppa to LSDK-18.06
This patch is to update ls-ppa to LSDK-18.06 release
and to rework ls-ppa makefile to make it more readable.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Tue, 3 Jul 2018 03:07:06 +0000 (11:07 +0800)]
layerscape: update ls-rcw to LSDK-18.06
The rcw source code had been migrated to codeaurora
for LSDK-18.06 release and the future release. The
source code had also involved ls1012ardb/ls1012afrdm/
ls1088ardb/ls2088ardb rcw, so we updated ls-rcw to
LSDK-18.06, reworked the makefile and dropped ls-rcw-bin
package in this patch. Also reworked ls-rcw patch to
adapt to the latest source code.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Mon, 2 Jul 2018 08:33:35 +0000 (16:33 +0800)]
layerscape: update ppfe-firmware to LSDK-18.06
This patch is to update ppfe-firmware to LSDK-18.06 release.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Mon, 2 Jul 2018 06:58:30 +0000 (14:58 +0800)]
layerscape: update ls-mc to LSDK-18.06
This patch is to update ls-mc to LSDK-18.06 release.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Mon, 2 Jul 2018 03:12:17 +0000 (11:12 +0800)]
layerscape: update ls-dpl to LSDK-18.06
The dpl-examples source code had been migrated to
codeaurora for LSDK-18.06 release and the future
release. This patch is to update this package to
LSDK-18.06.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Fri, 29 Jun 2018 08:20:32 +0000 (16:20 +0800)]
layerscape: update fman-ucode to LSDK-18.06
Actually there was no change for fman-ucode in LSDK-18.06
just tagged with LSDK-18.06. This patch is to rework the
fman-ucode makefile to make it more readable, and to use
lsdk-1806 as the PKG_VERSION.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Luis Araneda [Wed, 12 Sep 2018 05:48:10 +0000 (02:48 -0300)]
zynq: kernel: select FPGA-related configs
These configs are necessary to program the FPGA fabric
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
Jasper Scholte [Wed, 19 Sep 2018 20:31:26 +0000 (22:31 +0200)]
sunxi: build image/uboot for the NanoPi NEO2
The NanoPi NEO2 is a small Allwinner H5 based board available with
different DRAM configurations.
This board is very similar to the NanoPi NEO PLUS2
Signed-off-by: Jasper Scholte <NightNL@outlook.com>
Brett Mastbergen [Wed, 12 Sep 2018 19:04:55 +0000 (15:04 -0400)]
kernel: generic: Fix nftables inet table breakage
Commit
b7265c59ab7d ("kernel: backport a series of netfilter cleanup
patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use-
multihook-infrast.patch. That patch switches the netfilter core in the
kernel to use the new native NFPROTO_INET support. Unfortunately, the
new native NFPROTO_INET support does not exist in 4.14 and was not
backported along with this patchset. As such, nftables inet tables never
see any traffic.
As an example the following nft counter rule should increment for every
packet coming into the box, but never will:
nft add table inet foo
nft add chain inet foo bar { type filter hook input priority 0\; }
nft add rule inet foo bar counter
This commit pulls in the required backport patches to add the new
native NFPROTO_INET support, and thus restore nftables inet table
functionality.
Tested on Turris Omnia (mvebu)
Fixes:
b7265c59ab7d ("kernel: backport a series of netfilter cleanup ...")
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
Hartmut Knaack [Mon, 10 Sep 2018 23:33:37 +0000 (01:33 +0200)]
kernel: add Si7020 relative humidity/temperature sensor driver
Add support for the Silicon Labs Si7020 family of relative humidity and
temperature sensors using the I2C bus.
Signed-off-by: Hartmut Knaack <knaack.h@gmx.de>
Hartmut Knaack [Mon, 10 Sep 2018 23:33:36 +0000 (01:33 +0200)]
kernel: add TSL4531 ambient light sensor driver
Add support for the TAOS TSL4531x family of ambient light sensors using
the I2C bus.
Signed-off-by: Hartmut Knaack <knaack.h@gmx.de>
Robert Marko [Wed, 19 Sep 2018 09:18:00 +0000 (11:18 +0200)]
ath79: Fix GL-AR300M USB trigger
Correct a typo preventing USB trigger to work on AR300M.
Signed-off-by: Robert Marko <robimarko@gmail.com>
David Bauer [Tue, 11 Sep 2018 15:04:16 +0000 (17:04 +0200)]
ar71xx: flag FritzBox 4020 buttons as active low
Buttons of AVM FritzBox 4020 are incorrectly flagged as active high.
This was an oversight as RFKill button was working as expected even
with incorrectly flagged GPIO.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Tue, 11 Sep 2018 15:04:17 +0000 (17:04 +0200)]
ath79: flag FritzBox 4020 buttons as active low
Buttons of AVM FritzBox 4020 are incorrectly flagged as active high.
This was an oversight as RFKill button was working as expected even
with incorrectly flagged GPIO.
Signed-off-by: David Bauer <mail@david-bauer.net>
Magnus Kroken [Sat, 15 Sep 2018 22:44:43 +0000 (00:44 +0200)]
mbedtls: update to 2.13.0
* Fixed a security issue in the X.509 module which could lead to a buffer overread during certificate extensions parsing.
* Several bugfixes.
* Improvements for better support for DTLS on low-bandwidth, high latency networks with high packet loss.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Felix Fietkau [Sat, 22 Sep 2018 13:34:40 +0000 (15:34 +0200)]
ath9k: add back support for using tx99 with active monitor interfaces
Fixes controlling bitrate
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Sat, 22 Sep 2018 13:18:46 +0000 (15:18 +0200)]
mac80211: fix tx queue allocation for active monitor interfaces
Fixes a crash with drivers like ath9k
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Sat, 22 Sep 2018 10:56:10 +0000 (12:56 +0200)]
mt76: fix tx power issue for mt76x2
6e1898d mt76x2: fix tx power configuration for VHT mcs 9
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Kevin Darbyshire-Bryant [Fri, 21 Sep 2018 18:41:27 +0000 (19:41 +0100)]
kernel: re-enable MIPS VDSO
kernel upstream commit
9efcaa7c4afba5628f2650a76f69c798f47eeb18 to 4.14
itself a backport of
0f02cfbc3d9e413d450d8d0fd660077c23f67eff has
resolved the cache line issues that led to us disabling VDSO by default
on MIPS.
Remove our force disable patch:
pending-4.14/206-mips-disable-vdso.patch
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Luiz Angelo Daros de Luca [Tue, 18 Sep 2018 04:07:57 +0000 (01:07 -0300)]
elfutils: bump to 0.174
- Simplified musl patch with error.h concentrated into system.h
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Christian Lamparter [Tue, 4 Sep 2018 21:27:00 +0000 (23:27 +0200)]
toolchain/musl: update to version 1.1.20
This release introduces the ability to replace/interpose the allocator
(malloc) subject to certain restrictions, adds an experimental m68k
port, and makes notable improvements to stdio (application-provided
buffers), getaddrinfo (AI_ADDRCONFIG, support for IPv4-only kernel
configurations), the dynamic linker (safety against dlopen of
libraries using initial-exec TLS model, reclaiming unused memory on
FDPIC archs, better dladdr results), and handling of default thread
stack size (pthread_setattr_default_np now works more reliably).
Many bugs have been fixed, including potentially dangerous regressions
in iconv (only for new conversions to legacy encodings) and visibly
incorrect behavior in printf on non-x86 archs (%a format with
precision specifier), in getopt_long_only when short options are a
prefix for a long option, in complex arc-trig/hyperbolic functions, in
strftime and mktime (timezone-specific issues), and numerous
less-obvious places.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[altered commit msg a bit keeping it tight]
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Thu, 20 Sep 2018 12:37:43 +0000 (14:37 +0200)]
kernel: bump 4.14 to 4.14.71
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Thu, 20 Sep 2018 12:36:42 +0000 (14:36 +0200)]
kernel: bump 4.9 to 4.9.128
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Kevin Darbyshire-Bryant [Thu, 20 Sep 2018 17:26:33 +0000 (18:26 +0100)]
dnsmasq: Change behavior when RD bit unset in queries.
Backport upstream commit
Change anti cache-snooping behaviour with queries with the
recursion-desired bit unset. Instead to returning SERVFAIL, we
now always forward, and never answer from the cache. This
allows "dig +trace" command to work.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Jonathan Lancett [Thu, 20 Sep 2018 18:16:01 +0000 (19:16 +0100)]
mwlwifi: driver version to 10.3.8.0-
20180920
Signed-off-by: Jonathan Lancett <j.lancett@ntlworld.com>
[minor tweak to commit title]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Felix Fietkau [Thu, 20 Sep 2018 08:06:49 +0000 (10:06 +0200)]
ath9k: fix unloading the module
Registering a GPIO chip with the ath9k device as parent prevents unload,
because the gpiochip core increases the module use count.
Unfortunately, the only way to avoid this at the moment seems to be to
register the GPIO chip without a parent device
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Rosen Penev [Wed, 19 Sep 2018 01:32:15 +0000 (18:32 -0700)]
mdadm: Install /etc/config file as 600
/etc/config/mdadm is only used by the init script which is ran as root.
There is no need for it to be readable by anything else.
Added PKG_CPE_ID for proper CVE tracking.
Small reorganization for consistency between Makefiles.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Wed, 19 Sep 2018 01:32:20 +0000 (18:32 -0700)]
fstools: Install mount.hotplug and 10-fstab.defaults as 600
Both of these are used by programs that run as root and nothing else.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Wed, 19 Sep 2018 01:32:19 +0000 (18:32 -0700)]
usbmode: Update modeswitch data to
20170806
Changed hotplug file to 600 as it is only read by procd, which runs as
root.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Wed, 19 Sep 2018 01:32:18 +0000 (18:32 -0700)]
trelay: Install hotplug and config files as 600
The hotplug file is ran by procd, which runs as root. The config file is
used by the init script, which also runs as root.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Wed, 19 Sep 2018 01:32:17 +0000 (18:32 -0700)]
dropbear: Install /etc/config as 600
/etc/config/dropbear is used by the init script which only runs as root.
Small whitespace change.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Wed, 19 Sep 2018 01:32:16 +0000 (18:32 -0700)]
lldpd: Install /etc/config file as 600
/etc/config/lldpd is only used by the init script, which only runs as root
Adjusted homepage and download URLs to use HTTPS.
-std=c99 is useful for GCC versions less than 6. Current OpenWrt uses 7.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hans Dedecker [Wed, 19 Sep 2018 08:03:57 +0000 (10:03 +0200)]
netifd: update to latest git HEAD
23941d7 system-linux: enable by default ignore encaplimit for ip6 tunnels
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 17 Sep 2018 15:53:34 +0000 (17:53 +0200)]
map: drop default encaplimit value
Setting encaplimit to a numerical value results into the value being
included as tunnel encapsulation limit in the destination option header
for tunneled packets.
Several users have reported interop issues as not all ISPs support the
destination option header containing the tunnel encapsulation limit
resulting into broken map connectivity.
Therefore drop the default encaplimit value for map tunnels so
no destination option header is included by default.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 17 Sep 2018 09:24:39 +0000 (11:24 +0200)]
ds-lite: drop default encaplimit value
Setting encaplimit to a numerical value results into the value being
included as tunnel encapsulation limit in the destination option header
for tunneled packets.
Several users have reported interop issues as not all ISPs support the
destination option header containing the tunnel encapsulation limit
resulting into broken ds-lite connectivity.
Therefore drop the default encaplimit value for ds-lite tunnels so
no destination option header is included by default.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Jason A. Donenfeld [Tue, 18 Sep 2018 14:57:05 +0000 (16:57 +0200)]
wireguard: bump to 0.0.
20180918
* blake2s-x86_64: fix whitespace errors
* crypto: do not use compound literals in selftests
* crypto: make sure UML is properly disabled
* kconfig: make NEON depend on CPU_V7
* poly1305: rename finish to final
* chacha20: add constant for words in block
* curve25519-x86_64: remove useless define
* poly1305: precompute 5*r in init instead of blocks
* chacha20-arm: swap scalar and neon functions
* simd: add __must_check annotation
* poly1305: do not require simd context for arch
* chacha20-x86_64: cascade down implementations
* crypto: pass simd by reference
* chacha20-x86_64: don't activate simd for small blocks
* poly1305-x86_64: don't activate simd for small blocks
* crypto: do not use -include trick
* crypto: turn Zinc into individual modules
* chacha20poly1305: relax simd between sg chunks
* chacha20-x86_64: more limited cascade
* crypto: allow for disabling simd in zinc modules
* poly1305-x86_64: show full struct for state
* chacha20-x86_64: use correct cut off for avx512-vl
* curve25519-arm: only compile if symbols will be used
* chacha20poly1305: add __init to selftest helper functions
* chacha20: add independent self test
Tons of improvements all around the board to our cryptography library,
including some performance boosts with how we handle SIMD for small packets.
* send/receive: reduce number of sg entries
This quells a powerpc stack usage warning.
* global: remove non-essential inline annotations
We now allow the compiler to determine whether or not to inline certain
functions, while still manually choosing so for a few performance-critical
sections.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Kevin Darbyshire-Bryant [Wed, 19 Sep 2018 06:37:53 +0000 (07:37 +0100)]
dnsmasq: Handle memory allocation failure in make_non_terminals()
Backport upstream commit:
ea6cc33 Handle memory allocation failure in make_non_terminals()
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Mike McCormack [Sat, 18 Aug 2018 06:04:57 +0000 (16:04 +1000)]
ucert: work around short read
usign occasionally writes 16 characters then exits without writing a LF,
leaving ucert hanging waiting for more input. Accept 16 characters
or more rather than 17 to work around the short read.
Signed-off-by: Mike McCormack <mike@atratus.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Koen Vandeputte [Mon, 17 Sep 2018 09:52:06 +0000 (11:52 +0200)]
kernel: bump 4.14 to 4.14.70
Refreshed all patches.
Added new patch:
- 192-Revert-ubifs-xattr-Don-t-operate-on-deleted-inodes.patch
This fixes a bug introduced in upstream 4.14.68 which caused targets using
ubifs to produce file-system errors on boot, rendering them useless.
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 17 Sep 2018 09:48:49 +0000 (11:48 +0200)]
kernel: bump 4.9 to 4.9.127
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 17 Sep 2018 09:47:42 +0000 (11:47 +0200)]
kernel: bump 3.18 to 3.18.122
Refreshed all patches.
Compile-tested on: adm5120
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Daniel Golle [Sat, 15 Sep 2018 17:16:52 +0000 (19:16 +0200)]
uqmi: pass-through ipXtable to child interfaces
Allow setting specific routing tables via the ip4table and ip6table
options also when ${ifname}_4 and ${ifname}_6 child interfaces are
being created.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Felix Fietkau [Sat, 15 Sep 2018 13:49:31 +0000 (15:49 +0200)]
tools/e2fsprogs: fix build with clang
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Kevin Darbyshire-Bryant [Fri, 14 Sep 2018 20:52:39 +0000 (21:52 +0100)]
iproute2: q_cake: Also print nonat, nowash and no-ack-filter keywords
Pull in latest upstream tweaks:
Similar to the previous patch for no-split-gso, the negative keywords for
'nat', 'wash' and 'ack-filter' were not printed either. Add those as well.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Hannu Nyman [Fri, 14 Sep 2018 19:07:42 +0000 (22:07 +0300)]
busybox: update to 1.29.3
Update busybox to 1.29.3, minor bugfix release
https://git.busybox.net/busybox/log/?h=1_29_3
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Hans Dedecker [Thu, 13 Sep 2018 07:26:44 +0000 (09:26 +0200)]
toolchain/glibc: update to latest 2.26 commit
c5c90b480e Fix segfault in maybe_script_execute.
174709d879 pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Rosy Song [Wed, 12 Sep 2018 01:21:19 +0000 (09:21 +0800)]
odhcpd: enable ipv6 server mode only when it is supported
Signed-off-by: Rosy Song <rosysong@rosinson.com>
Kevin Darbyshire-Bryant [Wed, 12 Sep 2018 07:24:37 +0000 (08:24 +0100)]
iproute2: q_cake: Add printing of no-split-gso option
When the GSO splitting was turned into dual split-gso/no-split-gso options,
the printing of the latter was left out. Add that, so output is consistent
with the options passed
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Rafał Miłecki [Wed, 12 Sep 2018 06:40:03 +0000 (08:40 +0200)]
mac80211: brcmfmac: backport CYW89342 support & fixes from 4.20
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Kevin Darbyshire-Bryant [Wed, 12 Sep 2018 04:10:55 +0000 (05:10 +0100)]
kmod-sched-cake: fix 6in4/gso performance issue
Bump to latest upstream cake:
Add workaround for wrong skb->mac_len values after splitting GSO
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Florian Fainelli [Wed, 12 Sep 2018 00:19:51 +0000 (17:19 -0700)]
netifd: update to latest HEAD
0059335c5b60 CMakeList: Check that compiler supports -Wimplicit-fallthrough
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Marko Ratkaj [Mon, 10 Sep 2018 09:04:36 +0000 (11:04 +0200)]
tools/expat: fix docbook2man error on some systems
On some systems (Gentoo) configure stage fails because of docbook2man
working with SGML rather than with XML. We don't need xmlwf man pages so
we disable this.
Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
Jason A. Donenfeld [Tue, 11 Sep 2018 00:59:16 +0000 (18:59 -0600)]
wireguard: bump to 0.0.
20180910
* curve25519: arm: do not modify sp directly
* compat: support neon.h on old kernels
* compat: arch-namespace certain includes
* compat: move simd.h from crypto to compat since it's going upstream
This fixes a decent amount of compat breakage and thumb2-mode breakage
introduced by our move to Zinc.
* crypto: use CRYPTOGAMS license
Rather than using code from OpenSSL, use code directly from AndyP.
* poly1305: rewrite self tests from scratch
* poly1305: switch to donna
This makes our C Poly1305 implementation a bit more intensely tested and also
faster, especially on 64-bit systems. It also sets the stage for moving to a
HACL* implementation when that's ready.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
John Crispin [Mon, 10 Sep 2018 15:50:40 +0000 (17:50 +0200)]
kernel: add missing symbol
Signed-off-by: John Crispin <john@phrozen.org>
Andy Walsh [Mon, 27 Aug 2018 12:19:55 +0000 (14:19 +0200)]
base-files: /etc/services: add missing 'rpcbind' alias
* add missing 'rpcbind' alias to /etc/services
Allows rpcbind to open its 111 port and be reachable via lan, this is the default behaviour.
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Tobias Wolf [Sun, 19 Aug 2018 11:04:02 +0000 (13:04 +0200)]
ramips: Fix early memory calculation for certain MIPS platforms
Kernel upstream commit
67a3ba25aa95 ("MIPS: Fix incorrect mem=X@Y handling") introduced a new issue for rt288x where "PHYS_OFFSET" is 0x0 but the calculated "ramstart" is not. As the prerequisite of custom memory map has been removed, this results in the full memory range of 0x0 - 0x8000000 to be marked as reserved
for this platform.
This patch adds the originally intended prerequisite again.
Signed-off-by: Tobias Wolf <dev-NTEO@vplace.de>
Sven Eckelmann [Mon, 3 Sep 2018 07:58:42 +0000 (09:58 +0200)]
ar71xx: Skip more hashed blocks for OM2P(-HS) 64k variant
The OM2P(-HS)v4 got a variant which uses a slightly different flash. The
standard versions used a flash with 256KB blocks which is no longer
available. The replacement flash uses a flash with 64K blocks.
The padding for the image rootfs is already for 64K and 256K and thus can
be flashed on the device without any problems. Unfortunately, the
bootloader will check $rootfs_size (rounded down to the nearest 64k block)
minus 1x 64k. But it is now possible that the new JFFS2 rootfs_data starts
even earlier and modifies the checked region. The check will then fail and
the backup image (when available) will be booted.
Just setting it to the same number of skipped blocks as other 64K models
avoids this problem.
Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
Daniel Engberg [Wed, 29 Aug 2018 06:58:44 +0000 (08:58 +0200)]
tools/expat: Update to 2.2.6
Update (lib)expat to 2.2.6
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Daniel Engberg [Wed, 29 Aug 2018 07:01:54 +0000 (09:01 +0200)]
tools/e2fsprogs: Update to 1.44.4
Update e2fsprogs to 1.44.4
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Lech Perczak [Wed, 5 Sep 2018 17:40:16 +0000 (19:40 +0200)]
ath79: ubnt-xm: add rssileds package
In order to make RSSI indicator on the device work out of box,
include "rssileds" package in per-device rootfs image by default
for Ubiquiti XM family.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Lech Perczak [Wed, 5 Sep 2018 17:40:06 +0000 (19:40 +0200)]
ath79: ubnt-xm: create RSSI monitor on wlan0
When mapping for RSSI LEDs was defined for interface wlan0 on
Ubiquiti XM family, the mapping for rssileds monitor was omitted
by mistake. Therefore create the mapping, so RSSI LEDs work without
additional configuration, after starting rssileds service.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Bernhard Frauendienst [Sat, 18 Aug 2018 16:28:02 +0000 (18:28 +0200)]
ath79: add support for Buffalo WZR-HP-AG300H
Buffalo WZR-HP-AG300H is a dual band router based on
Qualcom Atheros AR7161 rev 2
Specification:
- 680 MHz CPU (Qualcomm Atheros AR7161)
- 128 MiB RAM (2x Samsung K4H511638G-LCCC)
- 32 MiB Flash (2x Winbond 25Q128BVFG)
- WiFi 5 GHz a/n (Atheros AR9220)
- WiFi 2.4 GHz b/g/n (Atheros AR9223)
- 1000Base-T WAN (Atheros AR7161)
- 4x 1000Base-T Switch (Atheros AR8316)
- 1x USB 2.0
- 3 Buttons (AOSS/WPS, Reset, USB Eject)
- 2 Slide switches (Router (on/off/auto), Movie Engine (on/off))
- 9 LEDs (Power green, WLAN 2GHz green, WLAN 2GHz amber,
WLAN 5GHz green, WLAN 5GHz LED amber, Router green,
Diag red, Movie Engine blue, USB green)
It is already supported by the ar71xx target.
For more information on the device visit the wiki:
<https://openwrt.org/toh/buffalo/wzr-hp-ag300h>
Serial console:
- The UART Header is next to Movie Engine Switch.
- Pinout is RX - TX - GND - 3.3V (Square Pad is 3.3V)
- The Serial setting is 115200-8-N-1.
Installation of OpenWRT from vendor firmware:
- Connect to the Web-interface at http://192.168.11.1
- Go to “Administration” → “Firmware Upgrade”
- Upload the OpenWrt factory image
Tested:
- Ethernet (LAN, WAN)
- WiFi
- Installation
- via TFTP rescue
- via factory image
- on firmware v1.77 (28-05-2012)
- on pro firmware v24SP2 r30356 (26-03-2018)
- via sysupgrade from ar71xx
(wlan devices don't work because of new names)
- via sysupgrade from itself
- Buttons
- LEDS
- USB (Power control and device recognition)
Signed-off-by: Bernhard Frauendienst <openwrt@nospam.obeliks.de>
Bernhard Frauendienst [Sat, 25 Aug 2018 10:48:54 +0000 (12:48 +0200)]
kernel: add driver for virtual mtd_concat devices
Some systems require multiple flash chips to be concatenated and read as
a single mtd device. The ar71xx target provides custom code to create
such mtdconcat devices. When porting devices to ath79, however, there is
no way to create such devices from within the device tree.
This commit adds a driver for creating virtual mtd-concat devices to the
ath79 target. Nodes must have a compatible = "virtual,mtd-concat" line,
and define a list of devices to concat in the 'devices' property,
for example:
flash {
compatible = "virtual,mtd-concat";
devices = <&flash0 &flash1>;
};
The driver is added to the very end of the mtd Makefile to increase the
likelyhood of all child devices already being loaded at the time of
probing, preventing unnecessary deferred probes which might in turn
cause other problems (like failure to load MAC addresses from art because
the partitions are not loaded yet).
Signed-off-by: Bernhard Frauendienst <openwrt@nospam.obeliks.de>
INAGAKI Hiroshi [Mon, 10 Sep 2018 07:30:28 +0000 (09:30 +0200)]
ath79: add support for ELECOM WRC-300GHBK2-I
ELECOM WRC-300GHBK2-I is a 2.4 GHz wireless router, based on Qualcomm
Atheros QCA9563.
Specification:
- Qualcomm Atheros QCA9563
- 64 MB of RAM (DDR2)
- 8 MB of Flash (SPI-NOR)
- 2T2R 2.4 GHz wifi
- SoC internal
- 5x 10/100/1000 Mbps Ethernet
- 3x LEDs, 4x keys(connected to GPIO: 3x)
- UART header on PCB
- TX, GND, RX, Vcc from ethernet port side
- 115200n8
Flash instruction using factory image:
1. Boot the WRC-300GHBK2-I normaly and connect the computer to its
LAN port
2. Access to "http://192.168.2.1/" and open firmware update page
("ファームウェア更新 手動更新(アップデート)")
3. Select the OpenWrt factory image and click apply ("適用") button
to perform firmware update
4. On the (initramfs) factory image, execute "mtd erase firmware" to
erase stock firmware and execute sysupgrade with squashfs-sysupgrade
image for WRC-300GHBK2-I
5. Wait ~150 seconds to complete flashing
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
INAGAKI Hiroshi [Mon, 10 Sep 2018 07:29:39 +0000 (09:29 +0200)]
firmware-utils: mkedimaximg: add "big-endianness mode" option
In addition to the default little-endianness format, I added a mode
so that we can generate firmware with big-endianness format.
example: ELECOM WRC-300GHBK2-I (QCA9563)
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Martin Schiller [Wed, 29 Aug 2018 13:06:21 +0000 (15:06 +0200)]
kernel: backport i2c-gpio working over slow can_sleep GPIOs
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Martin Schiller [Wed, 29 Aug 2018 09:13:42 +0000 (11:13 +0200)]
kernel: backport rtc ds1308 support to 4.9
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Eneas U de Queiroz [Wed, 1 Aug 2018 12:49:35 +0000 (12:49 +0000)]
libpcap: patch to add limits.h to pcap-usb-linux.c
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
This is an upstream-applied patch that fixes 'PATH_MAX' and 'NAME_MAX'
undeclared when compiling on musl with CONFIG_PCAP_HAS_USB.
[
aafa351] pcap-usb-linux.c: add missing limits.h for musl systems.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Rosen Penev [Sun, 9 Sep 2018 04:23:57 +0000 (21:23 -0700)]
mvebu: Replace RTC initialization patch with upstreamed version
While we're at it, rename the patches to their proper git format-patch
name.
Tested on a Turris Omnia.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Mon, 10 Sep 2018 01:55:43 +0000 (18:55 -0700)]
usbutils: Update usb.ids to 0.315
Referencing the version instead of revision should fix uscan.
Tested on Turria Omnia.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Christian Lamparter [Tue, 4 Sep 2018 21:27:02 +0000 (23:27 +0200)]
ath79: add support for WD My Net Wi-Fi Range Extender
This patch ports over support for the device from ar71xx.
SOC: AR7370 (Wasp - AR9344 rev2
0001974c)
RAM: Winbond W9725G6KB-25 32MiB
FLASH: Winbond 25Q64FVSIG 8MiB
WLAN: AR9380 Dual-Band 802.11abgn 3x3:3
INPUT: WPS, RESET button (hardware on/off toggle button)
LED: Power, LAN, WiFi, 3 RSSI-Leds (low, medium, high)
Serial: Header Next to the winbond flash chip (labeld JP1)
Pinout is GND - NC - RX - TX - 3V3 (JP1)
The Serial setting is 115200-8-N-1.
- Installation via uboot's upgrade command
0. attach serial cable
1. interrupt uboot and enter "upgrade code.bin" into
the u-boot prompt
ar7240> upgrade code.bin
2. rename openwrt...sysupgrade.bin to code.bin on PC
3. run a tftp-client on the PC
(shell)$ tftp 192.168.1.230
binary
put code.bin
4. wait for the device to finish
[...]
Copy buff to Flash from 0x9f040000 length 0x79f000
Copy to Flash... write addr:
9f040000
done
5. enter "go" in the u-boot prompt
ar7240> go
- TFTP ramdisk image boot from the uboot prompt
(tftp server defaults to serverip 192.168.1.254)
=> tftpboot
81000000 initramfs.bin
=> bootm
Tested and working:
- LEDs
- Buttons
- Ethernet
- Wi-Fi
- OpenWRT sysupgrade
For flashing and debricking information see:
<https://openwrt.org/toh/wd/rext>
Users coming from ar71xx can use sysupgrade too. But I highly
advise to no save the old configuration and start from a clean
state.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Tue, 4 Sep 2018 21:27:01 +0000 (23:27 +0200)]
ath79: port cybertan_part from ar71xx
This patch ports the cybertan_part code from ar71xx and converts the
driver to a DT-supported mtd parser. As a result, it will no longer
add the u-boot, nvram and art partitions, which were never part of
the special Cybertan header.
Instead these partitions have to be specified in the DT, which has the
upside of making it possible to add properties (i.e.: read-only), labels
and references to these important partitions.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Rafał Miłecki [Tue, 4 Sep 2018 13:20:34 +0000 (15:20 +0200)]
mac80211: add iw command wrapper with error logging
Currently it's close to impossible to tell what part of mac80211 setup
went wrong. Errors logged into system log look like this:
radio0 (6155): command failed: No error information (-524)
radio0 (6155): command failed: Not supported (-95)
radio0 (6155): command failed: I/O error (-5)
radio0 (6155): command failed: Too many open files in system (-23)
With this commit change it's getting clear:
command failed: No error information (-524)
Failed command: iw dev wlan0 del
command failed: Not supported (-95)
Failed command: iw phy phy0 set antenna_gain 0
command failed: I/O error (-5)
Failed command: iw phy phy0 set distance 0
command failed: Too many open files in system (-23)
Failed command: iw phy phy0 interface add wlan0 type __ap
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rosen Penev [Sun, 2 Sep 2018 02:06:54 +0000 (19:06 -0700)]
hostapd: Fix compile with OpenSSL 1.1.0 + no deprecated APIs
Patch was accepted upsteam:
https://w1.fi/cgit/hostap/commit/?id=
373c796948599a509bad71695b5b72eef003f661
Signed-off-by: Rosen Penev <rosenp@gmail.com>