Kevin Darbyshire-Bryant [Wed, 30 May 2018 08:46:34 +0000 (08:46 +0000)]
nettle: bump to 3.4
3.4 is mainly a bug fix/maintenance release.
3KB increase in ipk lib size on mips.
Compile tested for: ar71xx, ramips
Run tested on: ar71xx Archer C7 v2, ramips mir3g
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from
1ee5051f202f600d854bcf939ba4ee37f057ace2)
Yousong Zhou [Thu, 5 Jul 2018 10:51:54 +0000 (18:51 +0800)]
ca-certificates: ca-bundle: add symlink for openssl default setting
OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation
Fixes openwrt/packages#6152
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(backported from
191078e83d127f5ed9a38366d2edaac49f9333c5)
Rosen Penev [Sun, 27 May 2018 22:13:48 +0000 (15:13 -0700)]
curl: Add ca-bundle dependency
While building, curl complains that the path specified is missing.
Also, without ca-bundle, something like 'curl https://www.google.com'
does not work due to a certificate verify error.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported from
7a20c7a05d52f9bb3c82742098457bfbed869a8a)
Rosen Penev [Sun, 27 May 2018 22:13:47 +0000 (15:13 -0700)]
curl: Use ca-bundle for all TLS libraries.
It simplifies the Makefile a bit. In addition, using ca-bundle
saves some space as well.
It also fixes an issue with at least transmission, which has a dependency
on ca-bundle, but currently libcurl with OpenSSL or GnuTLS cause it not
to work.
This has been tested on mt7621 with OpenSSL and GnuTLS just by running
'curl https://www.google.com' and seeing if there's a verify error.
The rest are already using ca-bundle and therefore work fine.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from
f97946c49680a5fe713d0e2caaf072789f70e68d)
Rosen Penev [Fri, 25 May 2018 03:47:46 +0000 (20:47 -0700)]
ath10k-firmware: Fix QCA6174 support
Currently when installing the firmware, a bunch of files and directories
that the ath10k driver does not look for are created.
The package now installs firmware for both hw 2.1 and 3.0 devices.
2.1 is abandonware but may be useful to keep.
3.0 firmware was tested on a Killer 1535 to be relatively stable with
802.11w disabled. 802.11w causes multiple firmware crashes but that's true
of other ath10k firmwares as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported and squashed from
27eab4fa578d696ab55b6264a1b35fad6488b664,
d0fbe1956b3b9f07b6dcb54a8ed43a4904581e1d,
e191c7ee797c8b3458eb9791212a56b16febeeb4)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Daniel Golle [Thu, 31 May 2018 13:18:12 +0000 (15:18 +0200)]
hostapd: properly build hostapd-only SSL variants
Make sure hostapd-openssl is actually build against OpenSSL, same
for wolfSSL.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from
987900f2de76e6d292e55aa068c39b03f79c8812)
Daniel Golle [Wed, 30 May 2018 22:10:49 +0000 (00:10 +0200)]
hostapd: update packaging and patches
Clean up conflicts/provides/depends hell and add PROVIDES for
eapol-test variants while at it.
Update mesh-DFS patchset from Peter Oh to v5 (with local fixes) which
allows to drop two revert-patches for upstream commits which previously
were necessary to un-break mesh-DFS support.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from
78f1974bc565d7544589a49ad8efd92c4ddec5b3)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Daniel Golle [Fri, 25 May 2018 13:59:41 +0000 (15:59 +0200)]
hostapd: convert ssl provider build options to variants
Instead of selecting the SSL provider at compile time, build package
variants for each option so users can select the binary package without
having to build it themselves.
Most likely not all variants have actually ever been user by anyone.
We should reduce the selection to the reasonable and most used
combinations at some point in future. For now, build them all.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from
c8fdd0e9c843dd483f6677dc41f7df17313aa3cd)
Daniel Golle [Sat, 28 Apr 2018 19:12:19 +0000 (21:12 +0200)]
hostapd: update to git HEAD of 2018-05-21, allow build against wolfssl
Support for building wpa_supplicant/hostapd against wolfssl has been
added upstream recently, add build option to allow users using it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from
69f544937f8498e856690f9809a016f0d7f5f68b)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Daniel Golle [Thu, 24 May 2018 16:51:44 +0000 (18:51 +0200)]
ustream-ssl: fix build against wolfSSL
commit
39a6ce205d (ustream-ssl: Enable ECDHE with OpenSSL.) broke
build against wolfSSL because wolfSSL doesn't (yet) support
SSL_CTX_set_ecdh_auto() of the OpenSSL API.
Fix this in ustream-ssl:
189cd38b41 don't use SSL_CTX_set_ecdh_auto with wolfSSL
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from
4f442f5f383837efcfb345033169178f74f63440)
Daniel Golle [Wed, 30 May 2018 22:34:15 +0000 (00:34 +0200)]
wolfssl: change defaults to cover wpa_supplicant needs
Implicetely selecting the required options via Kconfig snippet from
hostapd worked fine in local builds when using menuconfig but confused
the buildbots which (in phase1) may build wpad-mini and hence already
come with CONFIG_WPA_WOLFSSL being defined as unset which then won't
trigger changing the defaults of wolfssl.
Work around by explicitely reflecting wpa_supplicant's needs in
wolfssl's default settings to make buildbots happy.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from
dad39249fb91d6f320256ac12944863f09bb2dc9)
Daniel Golle [Fri, 25 May 2018 18:35:46 +0000 (20:35 +0200)]
wolfssl: add PKG_CONFIG_DEPENDS symbols
This change will trigger rebuild on buildbots in case of changed config
symbols, like in the case of hostapd selecting some wolfssl symbols
lately.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from
5857088c5eb3a5a2409e3c57dbfa2487e08bbf4a)
Daniel Golle [Wed, 23 May 2018 21:26:41 +0000 (23:26 +0200)]
wolfssl: update to version 3.14.4
Use download from github archive corresponding to v3.14.4 tag because
the project's website apparently only offers 3.14.0-stable release
downloads.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from
4f67c1522d92bc4512c3ecf58c38ff9886530b48)
Rodolfo Giometti [Wed, 28 Jun 2017 08:49:01 +0000 (10:49 +0200)]
package sysfsutils: add support for sysfs settings at boot
This patch is based on sysfsutils package's behaviour on Debian OS.
Signed-off-by: Rodolfo Giometti <giometti@linux.it>
(backported from
2437e0f67050cad79cc1778b18cefd8d3cd86d07)
Tomasz Maciej Nowak [Fri, 30 Mar 2018 22:12:03 +0000 (00:12 +0200)]
kernel: merge kmod-fbcon with kmod-fb
As of commit in kernel:
6104c37094 fbcon: Make fbcon a built-time depency for fbdev
framebuffer console is build in into framebuffer module and there's no
standalone fbcon module. Therefore drop the kmod-fbcon and enable
console in kmod-fb. The only targets which use these modules are imx6
and geode, both are on kernel 4.14 so no fallback for other kernels is
introduced.
Being at that this commit also fixes autoload of fbdev for x86.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
(backported from
9c0ddafd4663948fe5c6f3f4a7a7601fdbb36737)
Hauke Mehrtens [Sat, 19 May 2018 13:20:46 +0000 (15:20 +0200)]
ath10k-firmware: Fix mirror hash sum
This now matches what was generated locally on my PC and the file on the
mirror server.
Fixes:
349fe46103359 ("ath10k-firmware: Update QCA988X firmware to the latest version")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from
56a03e434386ccd1359d5c995a5a3c0fcc44f6af)
Timo Sigurdsson [Wed, 16 May 2018 22:33:56 +0000 (00:33 +0200)]
ath10k-firmware: Update QCA988X firmware to the latest version
This patch updates the QCA988X firmware to the latest revision
firmware-5.bin_10.2.4-1.0-00037
found in the ath10k-firmware and linux-firmware repositories.
Tested on TP-Link Archer C7 v2 (ar71xx).
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
(backported from
349fe46103359682692e6b175d22f8c05ff75f74)
Rosy Song [Tue, 15 May 2018 03:42:29 +0000 (11:42 +0800)]
nftables: bump to 0.8.5 version
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from
39e87e0ffc4eabf27d25459a369be425e9ef0474)
Rosy Song [Tue, 15 May 2018 02:41:19 +0000 (10:41 +0800)]
libnftnl: bump to 1.1.0
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from
c7e9d72f056a190fe14b1ebc3f07e726121e2965)
Hans Dedecker [Tue, 15 May 2018 12:00:37 +0000 (14:00 +0200)]
ebtables: update to latest git 2018-05-15
66a9701 ebtables: Fix build errors and warnings
9fff3d5 include: Fix musl libc compatibility
b1cdae8 extensions: Add string filter to ebtables
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from
ac70ac3532fefa78c944d8a26c8df0ca5d88d04e)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Christoph Krapp [Thu, 8 Nov 2018 11:09:02 +0000 (11:09 +0000)]
ar71xx: add support for UniFi-AC-Mesh-Pro
This adds the build option for UniFi AC Mesh Pro as well as
model detection for it.
The device is a hardware clone of the AC Pro.
- SoC: QCA9563-AL3A (775Mhz)
- RAM: 128MiB
- Flash: 16MiB - dual firmware partitions!
- LAN: 2x 1000M - POE+
- Wireless:
2.4G: QCA9563
5G: UniFi Chip, QCA988X compatible
Signed-off-by: Christoph Krapp <achterin@googlemail.com>
(cherry picked from commit
987b961537b7002eda21df97dd8bfebe8882bc6d)
Koen Vandeputte [Thu, 13 Dec 2018 10:46:02 +0000 (11:46 +0100)]
kernel: bump 4.14 to 4.14.88
Refreshed all patches.
Altered patches:
- 180-usb-xhci-add-support-for-performing-fake-doorbell.patch
Fixes CVE:
- CVE-2018-14625
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Thu, 13 Dec 2018 10:43:25 +0000 (11:43 +0100)]
kernel: bump 4.9 to 4.9.145
Refreshed all patches.
Fixes CVE:
- CVE-2018-14625
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Tue, 11 Dec 2018 12:31:35 +0000 (13:31 +0100)]
kernel: bump 4.14 to 4.14.87
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Tue, 11 Dec 2018 11:24:02 +0000 (12:24 +0100)]
kernel: bump 4.9 to 4.9.144
Refreshed all patches.
Compile-tested: ar71xx
Runtime-tested: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Thu, 6 Dec 2018 12:34:21 +0000 (13:34 +0100)]
kernel: bump 4.14 to 4.14.86
Refreshed all patches.
Altered patches:
- 180-usb-xhci-add-support-for-performing-fake-doorbell.patch
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Wed, 28 Nov 2018 11:36:15 +0000 (12:36 +0100)]
kernel: bump 4.9 to 4.9.143
Refreshed all patches.
Altered patches:
- 950-0063-Improve-__copy_to_user-and-__copy_from_user-performa.patch
- 950-0149-Update-vfpmodule.c.patch
- 201-extra_optimization.patch
New symbol:
- CONFIG_HARDEN_BRANCH_PREDICTOR
Compile-tested on: ar71xx, ar7, arc770, at91, brcm2708, brcm63xx, ixp4xx, lantiq, layerscape, mpc85xx, orion, rb532, uml
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Martin Schiller [Wed, 12 Dec 2018 12:43:20 +0000 (13:43 +0100)]
openvpn: re-add option comp_lzo
This option is deprecated but needs to be kept for backward compatibility. [0]
[0] https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#a--comp-lzo
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(cherry picked from commit
3850b41f01925a7eddc24033ed155503c1ad2112)
Jo-Philipp Wich [Thu, 22 Nov 2018 13:42:14 +0000 (14:42 +0100)]
rpcd: update to latest Git head
3aa81d0 file: access exec timeout via daemon ops structure
7235f34 plugin: store pointer to exec timeout value in the ops structure
ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout
c79ef22 main: fix logic bug when not specifying a timeout option
2cc4b99 file: use global exec timeout instead of own hardcoded limit
ecd1660 exec: increase maximum execution time to 120s
Also expose the socket and timeout options in /etc/config/rpcd for
easier use.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commits
41055551151e12abf8efe710efa4dc025a7b7b6a,
952b11766cd83898cf8f9626b75141eac6d4ad1a and
e533fb17061027dca2cc60a9555fc2edb9e832eb)
Martin Weinelt [Fri, 2 Nov 2018 19:52:01 +0000 (20:52 +0100)]
ramips: fix leds on GL.iNet GL-MT300N-V2
The WAN LED now shows the link state. It's color is green,
not blue.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
(cherry picked from commit
0411813c6f0520dea23a1c4f58f5956c504bf129)
Marek Lindner [Sun, 2 Dec 2018 14:02:04 +0000 (22:02 +0800)]
ipq40xx: fix openmesh sysupgrade with tar content out of order
The tar extraction depends on the order in which the files
are added to the tar file. Since the order is not guaranteed
and depends on the host system, the combined mtd write fails
with sysupgrade images built on some systems.
Fix by changing to tar file order independent mtd write.
Fixes:
86e18f6706e1 ("ipq806x: add support for OpenMesh A42")
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Jo-Philipp Wich [Thu, 29 Nov 2018 11:32:34 +0000 (12:32 +0100)]
rules.mk: fix syntax error
Fix broken assignment operator added in a previous commit.
Fixes
db73ec9f51 ("rules.mk: add INSTALL_SUID macro")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
1416b63dcbadbb5c11c2591b4513f5276b6dc744)
Jo-Philipp Wich [Thu, 29 Nov 2018 10:59:20 +0000 (11:59 +0100)]
rules.mk: add INSTALL_SUID macro
This is useful for packages that want to stage SUID executables.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
b0261ee5e9bcbc743960727b5aad1829250d1add)
Tony Ambardar [Sat, 3 Mar 2018 04:04:36 +0000 (20:04 -0800)]
base-files: fix prerm return value, align with postinst code
The return value of a package prerm script is discarded and not returned
correctly by default_prerm(). This allows other operations like service
shutdown to "leak" their return value, prompting workarounds like commit
48cfc826 which do not address the root cause.
Preserve a package prerm script return value for use by default_prerm(),
sharing the corresponding code from default_postinst() for consistency.
Also use consistent code for handling of /etc/init.d/ scripts.
Run Tested on: LEDE 17.01.4 running ar71xx.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit
8806da86f5da3b1b1e4d24259d168e2219c01a26)
Karl Vogel [Thu, 29 Nov 2018 08:07:21 +0000 (09:07 +0100)]
sdk: find kernel modules when KDIR is a symlink
The find statement would not return any results if the KDIR_BASE pointed to a
symlink. Ran into this issue due to a custom Kernel/Prepare that was installing
a symlink to the kernel directory.
The extra slash at the end fixes this scenario and does no harm for targets that
have a proper KDIR.
Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
(cherry picked from commit
ae980458abf8299d614f4b34add32e18d054378d)
Jo-Philipp Wich [Wed, 28 Nov 2018 11:42:24 +0000 (12:42 +0100)]
uhttpd: update to latest Git head
cdfc902 cgi: escape url in 403 error output
0bba1ce uhttpd: fix building without TLS and Lua support
2ed3341 help: document -A option
fa5fd45 file: fix CPP syntax error
77b774b build: avoid redefining _DEFAULT_SOURCE
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
56378bc12da1aa4f9434bd1119ec770096d92cac)
Jo-Philipp Wich [Thu, 23 Aug 2018 07:07:23 +0000 (09:07 +0200)]
uhttpd: support multiple Lua prefixes
Update to latest git HEAD in order to support configuring multiple
concurrent Lua prefixes in a single uhttpd instance:
b741dec lua: support multiple Lua prefixes
Additionally rework the init script and update the default configuration
example to treat the lua_prefix option as key=value uci list, similar to
the interpreter extension mapping. Support for the old "option lua_prefix"
plus "option lua_handler" notation is still present.
Finally drop the sed postinstall hack in uhttpd-mod-lua to avoid mangling
files belonging to other packages. Since Lua prefixes have precedence
over CGI prefixes, simply register `/cgi-bin/luci` as Lua handler which
will only become active if both luci-base and uhttpd-mod-lua is installed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
214146c6f298e593695c29b8c04a418dac914040)
Jo-Philipp Wich [Tue, 21 Aug 2018 12:48:47 +0000 (14:48 +0200)]
uhttpd: update to latest Git head
952bf9d build: use _DEFAULT_SOURCE
30a18cb uhttpd: recognize PATCH, PUT and DELETE HTTP methods
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
22681cdef21be45d4d2c3e21939209ea618b66e4)
Freddy Leitner [Mon, 26 Nov 2018 18:14:19 +0000 (19:14 +0100)]
apm821xx: MBL: load kernel/dtb from SATA 0:1 first
This remedies an issue with the MBL Duo if both disks are inserted
and contain OpenWrt. kernel and dtb would be loaded from SATA 1:1
while rootfs (/dev/sda2) would be mounted on SATA 0:1.
Such a mix&match would obviously only work if both OpenWrt versions/
builds are identical, and especially fail after sysupgrade upgraded
the system disk on SATA 0:1.
The fallback to SATA 1:1 needs to be kept for MBL Single (only has
SATA 1:1) and MBL Duo with one disk inserted on SATA 1:1. To speed
up booting in those cases, the unneccesarily doubled "sata init"
will only be called once. (In theory it could be omitted completely
since the on-flash boot script already initializes SATA to load the
on-disk boot script.)
Tested on MBL Duo (all possible combination of disks) and MBL Single
Signed-off-by: Freddy Leitner <hello@square.wf>
Acked-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Sun, 14 Oct 2018 21:53:56 +0000 (23:53 +0200)]
apm821xx: wndr4700: restore sd-card media detection
This was not converted to the new, dt-based board name.
Fixes:
e90dc8d2722 ("apm821xx: convert to device-tree board detection")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Jo-Philipp Wich [Sat, 24 Nov 2018 19:10:26 +0000 (20:10 +0100)]
uclient: update to latest Git head
3ba74eb uclient-http: properly handle HTTP redirects via proxy connections
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
0bd99db5118665bbe17f84427238c322af3deaae)
David Bauer [Wed, 7 Nov 2018 21:31:46 +0000 (22:31 +0100)]
tools: tplink-safeloader: add C7v5 EU SupportList
Currently flash from WebIF is broken for Archer C7 v5 EU models as their
SupportList entries are missing.
The added entries originate from TP-Links latest Archer C7 v5 EU
firmware.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
53020ed4b981d8d48394842d0aff1a0d0497cc1c)
Linus Kardell [Thu, 22 Nov 2018 10:35:08 +0000 (11:35 +0100)]
base-files: fix unkillable processes after restart
When restart is run on an init script, the script traps SIGTERM. This is
done as a workaround for scripts named the same name as the program they
start. In that case, the init script process will have the same name as
the program process, and so when the init script runs killall, it will
kill itself. So SIGTERM is trapped to make the init script unkillable.
However, the trap is retained when the init script runs start, and thus
processes started by restart will not respond to SIGTERM, and will thus
be unkillable unless you use SIGKILL. This fixes that by removing the
trap before running start.
Signed-off-by: Linus Kardell <linus@telliq.com>
(cherry picked from commit
2ac1a57677ce4e21513dca2a8efab1eb6e0a9c58)
Koen Vandeputte [Wed, 21 Nov 2018 09:48:37 +0000 (10:48 +0100)]
kernel: bump 4.14 to 4.14.82
Refreshed all patches.
Compile-tested: cns3xxx, imx6, x86_64
Runtime-tested: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Wed, 21 Nov 2018 09:45:19 +0000 (10:45 +0100)]
kernel: bump 4.9 to 4.9.138
Refreshed all patches.
Compile-tested: ar71xx, layerscape
Runtime-tested: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Rinki Kumari [Thu, 27 Sep 2018 16:10:15 +0000 (21:40 +0530)]
ar71xx: fix TP-Link Archer C7 v5 switch LEDs
Signed-off-by: Rinki Kumari <rinki13@gmail.com>
Rafał Miłecki [Thu, 15 Nov 2018 11:28:50 +0000 (12:28 +0100)]
kernel: fix ubifs loosing O_TMPFILE data after power cut
There was a bug in ubifs related to the O_TMPFILE. When reapplying
changes after power cut data could be lost. This problem was exposed by
overlayfs and the upstream commit
3a1e819b4e80 ("ovl: store file handle
of lower inode on copy up").
This fixes a regression introduced when switching from 4.9 to 4.14.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
c6a1bcac16f92afa1e41eaceafc85075d97a74cd)
Koen Vandeputte [Wed, 14 Nov 2018 11:37:10 +0000 (12:37 +0100)]
kernel: bump 4.14 to 4.14.81
Refreshed all patches.
Removed upstreamed patches:
- 081-spi-bcm-qspi-switch-back-to-reading-flash-using-smal.patch
Altered patches:
- 0054-cpufreq-dt-Handle-OPP-voltage-adjust-events
Compile-tested on: cns3xxx, imx6, ipq806x, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Wed, 14 Nov 2018 11:32:49 +0000 (12:32 +0100)]
kernel: bump 4.9 to 4.9.137
Refreshed all patches.
Removed upstreamed hunks:
- 703-phy-support-layerscape.patch
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Wed, 14 Nov 2018 11:30:43 +0000 (12:30 +0100)]
sunxi: remove kernel 4.9 support
This target has been on 4.14 for a long time now.
Remove these leftovers as it interferes with kernel bumping.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Felix Fietkau [Tue, 13 Nov 2018 19:34:35 +0000 (20:34 +0100)]
mac80211: fix spurious disconnections with powersave clients
Affects all drivers using ieee80211_tx_status_noskb, e.g. ath9k and mt76
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Stijn Tintel [Mon, 12 Nov 2018 17:58:36 +0000 (19:58 +0200)]
kernel: bump 4.14 to 4.14.80
Refresh patches.
Compile-tested: cns3xxx, imx6, x86/64
Runtime-tested: cns3xxx, imx6, x86/64
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Stijn Tintel [Thu, 19 Jul 2018 17:07:38 +0000 (20:07 +0300)]
tcpdump: explicitly disable libcap-ng support
If libcap-ng is detected during tcpdump build, support for it is
enabled and the binary is linked against it. Explicitly disable
libcap-ng support to avoid build failing due to a missing depndency.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Felix Fietkau [Mon, 12 Nov 2018 23:58:21 +0000 (00:58 +0100)]
mt76: update to the latest version, sync with master
- adds new drivers for mt76x2u, mt76x0u and mt76x0e
- adds back fixed version of the tx status fixes
- improves mt7603e stability
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Daniel Golle [Sun, 4 Nov 2018 17:22:33 +0000 (18:22 +0100)]
oxnas: squash-pick commits from master branch
4f017c871d oxnas: switch to generic board detect
ef9b169df0 oxnas: remove stray kernel config symbols
cf7896117b oxnas: enable image metadata by setting SUPPORTED_DEVICES
9bcc08958b oxnas: add console=ttyS0,115200 argument to bootargs
b831eb5363 oxnas: kd20: correct memory size to 256MB
217fe505b6 oxnas: remove superseded sysupgrade image check
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Rafał Miłecki [Fri, 9 Nov 2018 22:01:11 +0000 (23:01 +0100)]
mac80211: brcmfmac: add 2 more recent changes
First one is a fix for reporting channels to the user space. Important
for users as they could try setting invalid channel and fail to start an
interface.
Later is a support for newer FullMAC chipset firmwares.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Fri, 9 Nov 2018 21:28:31 +0000 (22:28 +0100)]
bcm53xx: add DT patch describing pins mux controller
It's needed to support new devices that use specific pin functions.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
0cf32de17c47c7625c7ee9cc7d21c3489d86311b)
Felix Fietkau [Fri, 9 Nov 2018 14:20:21 +0000 (15:20 +0100)]
mac80211: backport firmware_request_nowarn and firmware_request_cache
Required for an mt76 update to the latest version from master
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 12 Sep 2018 14:58:32 +0000 (16:58 +0200)]
kernel: backport and include linux/overflow.h
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Thu, 6 Sep 2018 11:30:24 +0000 (13:30 +0200)]
mac80211: backport sg_init_marker()
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Rafał Miłecki [Fri, 9 Nov 2018 06:40:42 +0000 (07:40 +0100)]
bcm53xx: update pinctrl driver
It's upstream now with a one trivial fix.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
f975ab8f4e3d5b8a8e81870c70d427f9d84b203b)
Rafał Miłecki [Thu, 11 Oct 2018 11:55:57 +0000 (13:55 +0200)]
bcm53xx: add pending pinctrl driver
It's required to support devices using adjustable SoC pins for some
specific purpose (e.g. I2C, PWM, UART1).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
f00cb94f7ced064d74839892116c3a0b8f10c872)
Jo-Philipp Wich [Thu, 8 Nov 2018 10:52:33 +0000 (11:52 +0100)]
script: ipkg-build: honour $SOURCE_DATE_EPOCH
When the SOURCE_DATE_EPOCH environment variable is set, use it to
override the timestamps of .ipk archive contents.
This ensures that .ipk archives built in environments without SCM
metadata (mainly the SDK) are reproducible between different runs.
Ref: https://github.com/openwrt/packages/issues/6954
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
d157a76c67bcb821d3ec8dcd4312390ef129a95a)
Rafał Miłecki [Wed, 7 Nov 2018 11:21:59 +0000 (12:21 +0100)]
mac80211: brcmutil: backport chanspec debugging patch
It helps debugging possible WARN-ings.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Wed, 7 Nov 2018 08:01:32 +0000 (09:01 +0100)]
mac80211: brcmfmac: backport the latest 4.20 changes
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
b50f162b3cce3d95874e4394f4765413f58765f1)
Rafał Miłecki [Wed, 7 Nov 2018 11:02:43 +0000 (12:02 +0100)]
mac80211: brcmfmac: rename 4.20 backport patches
Include kernel version to help tracking changes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
f7a3459ab9c4d8f5102c8ae0861ca481571703f7)
Rafał Miłecki [Tue, 4 Sep 2018 13:20:34 +0000 (15:20 +0200)]
mac80211: add iw command wrapper with error logging
Currently it's close to impossible to tell what part of mac80211 setup
went wrong. Errors logged into system log look like this:
radio0 (6155): command failed: No error information (-524)
radio0 (6155): command failed: Not supported (-95)
radio0 (6155): command failed: I/O error (-5)
radio0 (6155): command failed: Too many open files in system (-23)
With this commit change it's getting clear:
command failed: No error information (-524)
Failed command: iw dev wlan0 del
command failed: Not supported (-95)
Failed command: iw phy phy0 set antenna_gain 0
command failed: I/O error (-5)
Failed command: iw phy phy0 set distance 0
command failed: Too many open files in system (-23)
Failed command: iw phy phy0 interface add wlan0 type __ap
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
ffa80bf5a784a34b81e32144669f30560780bdb6)
Baptiste Jonglez [Thu, 18 Oct 2018 09:08:20 +0000 (11:08 +0200)]
kernel: Add support for Winbond w25q128jv SPI NOR flash
Newer batches of several Mikrotik boards contain this yet-unsupported
flash chip, for instance:
- rb941-2nd (hAP lite)
- rb952ui-5ac2nd (hAP ac lite)
- RBM33G
and probably other Mikrotik boards need this patch as well.
The patch was submitted upstream by Robert Marko: https://patchwork.ozlabs.org/patch/934181/
Closes: FS#1715
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Cc: Robert Marko <robimarko@gmail.com>
[Rebased + refreshed on current kernels]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 5 Nov 2018 16:41:00 +0000 (17:41 +0100)]
imx6: fix DMA transaction errors
Following errors were seen in the past on imx6 when using serial:
[ 22.617622] imx-uart
2020000.serial: DMA transaction error.
[ 22.623228] imx-uart
2020000.serial: DMA transaction error.
[ 22.628826] imx-uart
2020000.serial: DMA transaction error.
[ 22.648951] imx-uart
2020000.serial: DMA transaction error.
[ 22.654558] imx-uart
2020000.serial: DMA transaction error.
[ 22.660156] imx-uart
2020000.serial: DMA transaction error.
Which is the reason why DMA for the serial ports
got disabled in commits:
efb362cd93b0 ("imx6: disable dma on uart")
3b4241071dd4 ("imx6: disable UART dma")
As indicated on mailinglist discussion, the cause seems to be
the usage of very old SDMA firmware which is present in the soc:
[ 0.624302] imx-sdma
20ec000.sdma: Direct firmware load for imx/sdma/sdma-imx6q.bin failed with error -2
[ 0.624318] imx-sdma
20ec000.sdma: Falling back to user helper
[ 64.531607] imx-sdma
20ec000.sdma: external firmware not found, using ROM firmware
This patch adds the new firmware binary. (2196 bytes)
It is required to embed the binary into the kernel image, as it
gets loaded very early in the boot process where the rootfs is not
available yet:
[ 0.622966] imx-sdma
20ec000.sdma: loaded firmware 3.3
Extended testing shows that the DMA errors are not seen anymore
when using this newer firmware version.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 5 Nov 2018 10:31:12 +0000 (11:31 +0100)]
ath9k: fix dynack in IBSS mode
Currently, dynack was only tested upstream using AP/STA mode.
Testing it on IBSS, showed that late-ack detection was broken.
This is caused due to dynack using Association Request/Response
frames for late-ack detection, which IBSS does not use.
Also allowing Authentication frames here solves this.
A second issue also got fixed, which was also seen AP/STA mode:
When a station was added, the estimated value would be exponentially averaged
using 0 as a starting point.
This means that on larger distances, the ack timeout was still not high
enough before synchronizing would run out of late-ack's for estimation.
Fix this by using the initial estimated value as a baseline
and only start averaging in the following estimation rounds.
Test setup:
- 2x identical devices: RB912UAG-5HPnD + 19dB sector
- IBSS
- 2x2 802.11an (ar9340), HT20, long GI
- RSSI's -70 / -71
- Real distance: 23910 meter
Results (60s iperf runs):
Fixed coverage class 54 (up to 24300m):
* 21.5 Mbits/sec
Dynack:
* 28.9 Mbits/sec
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 5 Nov 2018 10:23:17 +0000 (11:23 +0100)]
kernel: bump 4.14 to 4.14.79
Refreshed all patches.
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Felix Fietkau [Thu, 1 Nov 2018 18:56:30 +0000 (19:56 +0100)]
Revert "mt76: update to the latest version"
This reverts the following commits:
24ca1cda38fbc3c5ae1302e44ea9dba20cf01ea0
79989634289b25a09a533fb97b26e34cc7e81ea1
The update was reported to cause stability issues.
Revert until those are resolved
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Koen Vandeputte [Thu, 18 Oct 2018 12:23:36 +0000 (14:23 +0200)]
kernel: tolerate using UBI/UBIFS on MLC flash (FS#1830)
starting from upstream commit
577b4eb23811 ("ubi: Reject MLC NAND")
it is not allowed to use UBI and UBIFS on a MLC flavoured NAND flash chip. [1]
According to David Oberhollenzer [2]:
The real problem is that on MLC NAND, pages come in pairs.
Multiple voltage levels inside a single, physical memory cell are used to
encode more than one bit. Instead of just having pages that are twice as big,
the flash exposes them as two different pages. Those pages are usually not
ordered sequentially either, but according to a vendor/device specific
pairing scheme.
Within OpenWrt, devices utilizing this type of flash,
combined with UBI(fs) will be bricked when a user upgrades
from 17.01.4 to a newer version as the MLC will be refused.
As these devices are currently advertised as supported by OpenWrt,
we should at least maintain the original state during the lifecycle
of the current releases.
Support can be gracefully ended when a new release-branch is created.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.e>
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.14.77&id=
577b4eb23811dfc8e38924dc476dbc866be74253
[2] https://lore.kernel.org/patchwork/patch/920344/
Felix Fietkau [Sat, 27 Oct 2018 15:56:28 +0000 (17:56 +0200)]
mt76: update to the latest version
71b7a4a mt76: fix regression in tx status handling
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Fri, 26 Oct 2018 15:13:38 +0000 (17:13 +0200)]
mt76: update to the latest version
199d6bf mt76x2: skip station tx status for non-sta wcid entries
d83ac6e mt76: only override control->sta on sw-encrypted tx
23abe5d mt76: add support for reporting tx status with skb
f8ce59e mt7603: use common tx status handling code
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Rafał Miłecki [Tue, 23 Oct 2018 07:42:00 +0000 (09:42 +0200)]
bcm53xx: use upstream SPI controller fix
This just moves patch to use 0xx prefix and includes maintainer's s-o-b.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
9b385b24967a53e88c31aee04ba629d276c4e69d)
Rafał Miłecki [Thu, 11 Oct 2018 08:01:45 +0000 (10:01 +0200)]
bcm53xx: replace SPI revert with a fix sent upstream
Instead of reverting whole commit it's enough to just revert a single
line change. It seems the real problem with the regressing commit was a
bump of read chunk size. Switching back to 256 B chunks is enough to fix
the problem/regression.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
92de28b751a473655fd0cf3d3a8b81ca1d27d758)
Koen Vandeputte [Tue, 23 Oct 2018 08:52:27 +0000 (10:52 +0200)]
kernel: add missing symbol for target bcm53xx
Fixes:
47f68ca58615 ("kernel: bump 4.14 to 4.14.77")
Reported-by: Rafał Miłecki <rafal@milecki.pl>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Kevin Darbyshire-Bryant [Sun, 19 Aug 2018 18:52:00 +0000 (20:52 +0200)]
dnsmasq: bump to v2.80
Cherry-picked & squashed from relevant commits from master:
dnsmasq v2.80 release
Change from rc1:
91421cb Fix compiler warning.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
6c4d3d705a0d6e508de94dc49736c250ecdae27c)
dnsmasq: remove creation of /etc/ethers
Remove creation of file /etc/ethers in dnsmasq init script as the
file is now created by default in the base-files package by
commit
fa3301a28e
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
6c227e45cb6a97c61d9fa2ffa35cebee2a048739)
dnsmasq: bump to dnsmasq v2.80test5
Refresh patches
Remove 240-ubus patch as upstream accepted.
Add uci option ubus which allows to enable/disable ubus support (enabled
by default)
Upstream commits since last bump:
da8b651 Implement --address=/example.com/#
c5db8f9 Tidy
7f876b64c22b2b18412e2e3d8506ee33e42db7c
974a6d0 Add --caa-record
b758b67 Improve logging of RRs from --dns-rr.
9bafdc6 Tidy up file parsing code.
97f876b Properly deal with unaligned addresses in DHCPv6 packets.
cbfbd17 Fix broken DNSSEC records in previous.
b6f926f Don't return NXDOMAIN to empty non-terminals.
c822620 Add --dhcp-name-match
397c050 Handle case of --auth-zone but no --auth-server.
1682d15 Add missing EDNS0 section. EDNS0 section missing in replies to EDNS0-containing queries where answer generated from --local=/<domain>/
dd33e98 Fix crash parsing a --synth-domain with no prefix. Problem introduced in 2.79/
6b2b564ac34cb3c862f168e6b1457f9f0b9ca69c
c16d966 Add copyright to src/metrics.h
1dfed16 Remove C99 only code.
6f835ed Format fixes - ubus.c
9d6fd17 dnsmasq.c fix OPT_UBUS option usage
8c1b6a5 New metrics and ubus files.
8dcdb33 Add --enable-ubus option.
aba8bbb Add collection of metrics
caf4d57 Add OpenWRT ubus patch
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
3d377f4375c6e4a66c6741bbd2549ad53ef671b3)
dnsmasq: bump to dnsmasq 2.80test6
Refresh patches
Changes since latest bump:
af3bd07 Man page typo.
d682099 Picky changes to
47b45b2967c931fed3c89a2e6a8df9f9183a5789
47b45b2 Fix lengths of interface names
2b38e38 Minor improvements in lease-tools
282eab7 Mark die function as never returning
c346f61 Handle ANY queries in context of
da8b6517decdac593e7ce24bde2824dd841725c8
03212e5 Manpage typo.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
43d4b8e89e68fcab00698ee3b70a58c74813a6a7)
dnsmasq: Handle memory allocation failure in make_non_terminals()
Backport upstream commit:
ea6cc33 Handle memory allocation failure in make_non_terminals()
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
687168ccd9154b1fb7a470fa8f42ce64a135f51d)
dnsmasq: Change behavior when RD bit unset in queries.
Backport upstream commit
Change anti cache-snooping behaviour with queries with the
recursion-desired bit unset. Instead to returning SERVFAIL, we
now always forward, and never answer from the cache. This
allows "dig +trace" command to work.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
6c4cbe94bd940b5c061e27744eb78805764d6b34)
dnsmasq: bump to v2.80test7
Bump to latest test release:
3a610a0 Finesse allocation of memory for "struct crec" cache entries.
48b090c Fix
b6f926fbefcd2471699599e44f32b8d25b87b471 to not SEGV on startup (rarely).
4139298 Change behavior when RD bit unset in queries.
51cc10f Add warning about 0.0.0.0 and :: addresses to man page.
ea6cc33 Handle memory allocation failure in make_non_terminals()
ad03967 Add debian/tmpfiles.conf
f4fd07d Debian bugfix.
e3c08a3 Debian packaging fix. (restorecon)
118011f Debian packaging fix. (tmpfiles.d)
Delete our own backports of
ea6cc33 &
4139298, so the only real changes
here, since we don't care about the Debian stuff are
48b090c &
3a610a0
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
d9a37d8d1eb7d117d5aa44924064a4a3b5517ddd)
dnsmasq: bump to v2.80test8
e1791f3 Fix logging of DNSSEC queries in TCP mode. Destination server address was misleading.
0fdf3c1 Fix dhcp-match-name to match hostname, not complete FQDN.
ee1df06 Tweak strategy for confirming SLAAC addresses.
1e87eba Clarify manpage for --auth-sec-servers
0893347 Make interface spec optional in --auth-server.
7cbf497 Example config file fix for CERT Vulnerability VU#598349.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
30cc5b0bf4f3cdfe950ca7fc380a34c81dd9d7e4)
dnsmasq: add dhcp-ignore-names support - CERT VU#598349
dnsmasq v2.80test8 adds the ability to ignore dhcp client's requests for
specific hostnames. Clients claiming certain hostnames and thus
claiming DNS namespace represent a potential security risk. e.g. a
malicious host could claim 'wpad' for itself and redirect other web
client requests to it for nefarious purpose. See CERT VU#598349 for more
details.
Some Samsung TVs are claiming the hostname 'localhost', it is believed
not (yet) for nefarious purposes.
/usr/share/dnsmasq/dhcpbogushostname.conf contains a list of hostnames
in correct syntax to be excluded. e.g.
dhcp-name-match=set:dhcp_bogus_hostname,localhost
Inclusion of this file is controlled by uci option dhcpbogushostname
which is enabled by default.
To be absolutely clear, DHCP leases to these requesting hosts are still
permitted, but they do NOT get to claim ownership of the hostname
itself and hence put into DNS for other hosts to be confused/manipulate by.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
a45f4f50e16cd2d0370a4470c3ede0c6c7754ba9)
dnsmasq: fix compile issue
Fix compile issue in case HAVE_BROKEN_RTC is enabled
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
39e5e17045aceb2bfbd6b5c6ecfd6cfbce2f3311)
dnsmasq: bump to v2.80rc1
53792c9 fix typo
df07182 Update German translation.
Remove local patch 001-fix-typo which is a backport of the above
53792c9
There is no practical difference between our test8 release and this rc
release, but this does at least say 'release candidate'
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
b8bc672f247a68bc6f72f08f9352cd7aaa5cb9c4)
dnsmasq: fix dnsmasq failure to start when ujail'd
This patch fixes jailed dnsmasq running into the following issue:
|dnsmasq[1]: cannot read /usr/share/dnsmasq/dhcpbogushostname.conf: No such file or directory
|dnsmasq[1]: FAILED to start up
|procd: Instance dnsmasq::cfg01411c s in a crash loop 6 crashes, 0 seconds since last crash
Fixes:
a45f4f50e16 ("dnsmasq: add dhcp-ignore-names support - CERT VU#598349")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[bump package release]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
583466bb5b374b29b6b7cba6f065e97c4734f742)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Koen Vandeputte [Mon, 22 Oct 2018 12:13:40 +0000 (14:13 +0200)]
kernel: bump 4.14 to 4.14.78
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 22 Oct 2018 09:51:07 +0000 (11:51 +0200)]
kernel: bump 4.9 to 4.9.135
Refreshed all patches.
Fixes:
- CVE-2018-10883
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Thu, 18 Oct 2018 10:11:27 +0000 (12:11 +0200)]
kernel: bump 4.14 to 4.14.77
Refreshed all patches.
Altered patches:
- 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch
New symbol for arm targets:
- HARDEN_BRANCH_PREDICTOR
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
Koen Vandeputte [Thu, 18 Oct 2018 10:01:18 +0000 (12:01 +0200)]
kernel: bump 4.9 to 4.9.134
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Fabio Bettoni [Wed, 17 Oct 2018 12:27:31 +0000 (14:27 +0200)]
ar71xx: fix mtd corruption
In commit
9e1530b2a35e ("kernel: bump 4.9 to 4.9.117 for 18.06") [1], the following patch for removed:
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch
This patch contained fixes for both write and erase functions.
While the chip-detects for erase got fixed upstream [2],
some modifications are still required, even with the fixes applied.
Not doing so results in following errors seen:
Collected errors:
* pkg_write_filelist: Failed to open //usr/lib/opkg/info/luci-lib-ip.list: I/O error.
* opkg_install_pkg: Failed to extract data files for luci-lib-ip. Package debris may remain!
* opkg_install_cmd: Cannot install package luci-ssl.
* opkg_conf_write_status_files: Can't open status file //usr/lib/opkg/status: I/O error.
[ 0.780920] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
[ 8.406396] jffs2: notice: (415) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[ 8.423476] mount_root: switching to jffs2 overlay
[ 270.902671] jffs2: Write of 1989 bytes at 0x005ce6f8 failed. returned -5, retlen 962
[ 270.931965] jffs2: Write of 1989 bytes at 0x005ceec0 failed. returned -5, retlen 0
[ 270.939631] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[ 270.950397] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[ 270.957838] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[ 270.968584] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[ 270.976027] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[ 270.986735] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[ 270.994225] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[1] https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=
fec8fe806963c96a6506c2aebc3572d3a11f285f
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.9.133&id=
a0239d83e1cb60de5e78452d4708c083b9e3dcbe
Fixes:
9e1530b2a35e ("kernel: bump 4.9 to 4.9.117 for 18.06")
Signed-off-by: Fabio Bettoni <fbettoni@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 15 Oct 2018 09:24:04 +0000 (11:24 +0200)]
kernel: bump 4.14 to 4.14.76
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 15 Oct 2018 09:22:06 +0000 (11:22 +0200)]
kernel: bump 4.9 to 4.9.133
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Felix Fietkau [Thu, 11 Oct 2018 16:48:35 +0000 (18:48 +0200)]
mac80211: fix A-MSDU packet handling with TCP retransmission
Improves local TCP throughput and fixes use-after-free bugs that could lead
to crashes.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Koen Vandeputte [Wed, 10 Oct 2018 15:31:40 +0000 (17:31 +0200)]
netfilter: add missing dependency for kernel 4.14
Since kernel 4.14.75 commit ("netfilter: xt_cluster: add dependency on conntrack module")
a dependency is required on kmod-nf-conntrack.
It seems this was already present for kmod-ipt-clusterip
but not yet for kmod-ipt-cluster
Add it fixing a build error when including kmod-ipt-cluster:
Package kmod-ipt-cluster is missing dependencies for the following libraries:
nf_conntrack.ko
modules/netfilter.mk:665: recipe for target '/mnt/ramdisk/koen/firmware/builds/openwrt/bin/targets/cns3xxx/generic/packages/kmod-ipt-cluster_4.14.75-1_arm_mpcore_vfp.ipk' failed
make[3]: *** [/mnt/ramdisk/koen/firmware/builds/openwrt/bin/targets/cns3xxx/generic/packages/kmod-ipt-cluster_4.14.75-1_arm_mpcore_vfp.ipk] Error 1
make[3]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt/package/kernel/linux'
Command exited with non-zero status 2
time: package/kernel/linux/compile#1.80#0.05#2.07
package/Makefile:107: recipe for target 'package/kernel/linux/compile' failed
make[2]: *** [package/kernel/linux/compile] Error 2
make[2]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt'
package/Makefile:103: recipe for target '/mnt/ramdisk/koen/firmware/builds/openwrt/staging_dir/target-arm_mpcore+vfp_musl_eabi/stamp/.package_compile' failed
make[1]: *** [/mnt/ramdisk/koen/firmware/builds/openwrt/staging_dir/target-arm_mpcore+vfp_musl_eabi/stamp/.package_compile] Error 2
make[1]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt'
/mnt/ramdisk/koen/firmware/builds/openwrt/include/toplevel.mk:216: recipe for target 'world' failed
make: *** [world] Error 2
Fixes:
bba743458eb4 ("kernel: bump 4.14 to 4.14.75")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.14.75&id=
b969656b46626a674232c0eadf92a394b89df07c
Koen Vandeputte [Wed, 10 Oct 2018 10:37:20 +0000 (12:37 +0200)]
kernel: bump 4.14 to 4.14.75
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Wed, 10 Oct 2018 09:37:42 +0000 (11:37 +0200)]
kernel: bump 4.9 to 4.9.132
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Felix Fietkau [Tue, 9 Oct 2018 11:22:46 +0000 (13:22 +0200)]
kernel: enable memory compaction
Compaction is the only memory management component to form high order (larger
physically contiguous) memory blocks reliably. The page allocator relies on
compaction heavily and the lack of the feature can lead to unexpected OOM
killer invocations for high order memory requests. You shouldn't disable this
option unless there really is a strong reason for it.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
Hans Dedecker [Mon, 8 Oct 2018 14:57:01 +0000 (16:57 +0200)]
e2fsprogs: fix glibc compile issue (FS#1749,FS#1796)
Fixes the following build error:
.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_post’
.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_wait'
.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_init’
.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_destroy’
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Rafał Miłecki [Sun, 7 Oct 2018 12:17:50 +0000 (14:17 +0200)]
iperf: fix --daemon option
Support for -D got broken in the 2.0.11 release by the upstream commit
218d8c667944 ("first pass L2 mode w/UDP checks, v4 only"). After that
commit clients were still able to connect but no traffic was passed.
It was reported and is fixed now in the upstream git repository.
Backport two patches to fix this. The first one is just a requirement
for the later to apply. The second one is the real fix and it needed
only a small adjustment to apply without backporing the commit
10887b59c7e7 ("fix --txstart-time report messages").
Fixes:
7d15f96eaf76 ("iperf: bump to 2.0.12")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
87cd118794cc9375260ea213838e80ad5295e83c)
Sven Eckelmann [Mon, 1 Oct 2018 10:27:25 +0000 (12:27 +0200)]
ar71xx: Fix installation of fw_setenv in sysupgrade ramdisk
The install_bin from /lib/upgrade/common.sh is no longer creating the
symlinks when a secondary parameter is added. But the fw_setenv program was
always copied this way to the ramdisk for the upgrade.
Instead, just install fw_setenv and let install_bin handle the detection of
the required dependencies.
Fixes:
438dcbfe74a6 ("base-files: automatically handle paths and symlinks for RAMFS_COPY_BIN")
Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
Sven Eckelmann [Mon, 1 Oct 2018 09:48:04 +0000 (11:48 +0200)]
base-files: Reintroduce sysupgrade_pre_upgrade hook
The sysupgrade_pre_upgrade hook was removed with
6a27c2f4b1a4 ("base-files:
drop fwtool_pre_upgrade") while there were still scripts using it:
* target/linux/ar71xx/base-files/lib/upgrade/allnet.sh
* target/linux/ar71xx/base-files/lib/upgrade/openmesh.sh
* target/linux/ipq40xx/base-files/lib/upgrade/openmesh.sh
Not running the hooks can either prevent a successful upgrade or brick the
device because the fw_setenv program cannot be started correctly.
Fixes:
6a27c2f4b1a4 ("base-files: drop fwtool_pre_upgrade")
Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
Hans Dedecker [Sun, 7 Oct 2018 13:33:29 +0000 (15:33 +0200)]
netifd: fix segfault (FS#1875)
d0fa124 iprule: fix segfault (FS#1875)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Amol Bhave [Tue, 2 Oct 2018 15:48:27 +0000 (08:48 -0700)]
build: use CMAKE_SOURCE_SUBDIR variable to cmake.mk
Sometimes, the CMakeLists.txt file is not in the root directory of a
repo. In those cases, the CMAKE_SOURCE_SUBDIR variable can be specified
to use CMakeLists.txt from a subdirectory instead.
Signed-off-by: Amol Bhave <ambhave@fb.com>
Koen Vandeputte [Thu, 4 Oct 2018 09:28:09 +0000 (11:28 +0200)]
kernel: bump 4.14 to 4.14.74
Refreshed all patches.
Fixes CVE:
- CVE-2018-7755
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Thu, 4 Oct 2018 09:27:39 +0000 (11:27 +0200)]
kernel: bump 4.9 to 4.9.131
Refreshed all patches.
Fixes CVE:
- CVE-2018-10880
- CVE-2018-7755
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
David Bauer [Tue, 11 Sep 2018 15:04:16 +0000 (17:04 +0200)]
ar71xx: flag FritzBox 4020 buttons as active low
Buttons of AVM FritzBox 4020 are incorrectly flagged as active high.
This was an oversight as RFKill button was working as expected even
with incorrectly flagged GPIO.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
cd02d4faf981bd4de0427cd23812b41192635d82)