aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* bcm53xx: include wpad-mini only on devices with (supported) wirelessRafał Miłecki2017-06-262-13/+15
| | | | | | | Don't include wpad-mini when it's useless just like we don't include useless wireless drivers. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* firmware-utils: fix dgn3500sum compiler warningsMathias Kresin2017-06-262-4/+3
| | | | | | | | | | | The sum variable need to be initialised, otherwise it will points to random stack memory and a bogus image checksum might be calculated. While at it, fix the segfault in case the product region code isn't specified and enable compiler warnings which had revealed all the code issues. Signed-off-by: Mathias Kresin <dev@kresin.me>
* ca-certificates: Update to version 20161130+nmu1Christian Schoenebeck2017-06-261-3/+3
| | | | Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* openvpn: update to 2.4.3Magnus Kroken2017-06-265-13/+14
| | | | | | | | | | | | | | | | | | | | Fixes for security and other issues. See security announcement for more details: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 * Remotely-triggerable ASSERT() on malformed IPv6 packet (CVE-2017-7508) * Pre-authentication remote crash/information disclosure for clients (CVE-2017-7520) * Potential double-free in --x509-alt-username (CVE-2017-7521) * Remote-triggerable memory leaks (CVE-2017-7512) * Post-authentication remote DoS when using the --x509-track option (CVE-2017-7522) * Null-pointer dereference in establish_http_proxy_passthru() * Restrict --x509-alt-username extension types * Fix potential 1-byte overread in TCP option parsing * Fix mbedtls fingerprint calculation * openssl: fix overflow check for long --tls-cipher option * Ensure option array p[] is always NULL-terminated * Pass correct buffer size to GetModuleFileNameW() (Quarkslabs finding 5.6) Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* mbedtls: update to 2.5.1Magnus Kroken2017-06-262-27/+27
| | | | | | | | | | | | | | | Fixes some security issues (no remote exploits), and introduces some changes. See release notes for details: https://tls.mbed.org/tech-updates/releases/mbedtls-2.5.1-2.1.8-and-1.3.20-released * Fixes an unlimited overread of heap-based buffers in mbedtls_ssl_read() * Adds exponent blinding to RSA private operations * Wipes stack buffers in RSA private key operations (rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt()) * Removes SHA-1 and RIPEMD-160 from the default hash algorithms for certificate verification. * Fixes offset in FALLBACK_SCSV parsing that caused TLS server to fail to detect it sometimes. * Tighten parsing of RSA PKCS#1 v1.5 signatures, to avoid a potential Bleichenbacher/BERserk-style attack. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* bcm53xx: enable Northstar thermal driverRafał Miłecki2017-06-221-0/+5
| | | | | | | It allows monitoring CPU temp and will shutdown system on critical value. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* kernel: backport Broadcom thermal driversRafał Miłecki2017-06-225-0/+801
| | | | | | This includes driver for Northstar and for Raspberry Pi. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* Revert "dnsmasq: don't point --resolv-file to default location unconditionally"Hans Dedecker2017-06-191-3/+3
| | | | | | | | | | This reverts commit 78edfff5303533dc52a1ac64ad745acc0a8a743e. This breaks local dns resolving in case noresolv=1 as resolv.conf is not populated anymore with 127.0.0.1 as resolvfile does not equal /tmp/resolv.conf.auto anymore. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dropbear: fix service trigger syntax errorKevin Darbyshire-Bryant2017-06-172-2/+2
| | | | | | The classic single '&' when double '&&' conditional was meant. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* ramips: fix Phicomm K1S(PSG1208) pinmux小桥2017-06-121-1/+1
| | | | | | Use gpio function for pins with LEDs. Signed-off-by: 小桥 <29551030@qq.com>
* LEDE v17.01.2: revert to branch defaultsAlexander Couzens2017-06-105-11/+9
| | | | Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* LEDE v17.01.2: adjust config defaultsv17.01.2Alexander Couzens2017-06-105-9/+11
| | | | Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* build: ensure that flock is available for make downloadFelix Fietkau2017-06-081-1/+1
| | | | | | | It ensures that make download can parallelize downloads, even when some packages download the same files (e.g. gcc/initial, gcc/final) Signed-off-by: Felix Fietkau <nbd@nbd.name>
* include/toplevel: set env GIT_ASKPASS=/bin/trueAlexander Couzens2017-06-081-0/+1
| | | | | | | | When git-https request a service (e.g. github) which ask for credentials git will pass this request to the user resulting download.pl to wait for user input. Set GIT_ASKPASS to stop asking. Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* base-files: network.sh: fix a number of IPv6 logic flawsJo-Philipp Wich2017-06-081-17/+48
| | | | | | | | | | | | | | | | | | | | | | * Change network_get_subnet6() to sensibly guess a suitable prefix Attempt to return the first non-linklocal, non-ula range, then attempt to return the first non-linklocal range and finally fall back to the previous behaviour of simply returning the first found item. * Fix network_get_ipaddrs_all() Instead of replicating the flawed logic appending a fixed ":1" suffix to IPv6 addresses, rely on network_get_ipaddrs() and network_get_ipaddrs6() to build a single list of all interface addresses. * Fix network_get_subnets6() Instead of replicating the flawed logic appending a fixed ":1" suffix to IPv6 addresses, rely on the ipv6-prefix-assignment.local-address field to figure out the proper network address. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mwlwifi: update to version 10.3.4.0 / 2017-06-06Jo-Philipp Wich2017-06-081-3/+3
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* automake: import upstream fix for perl 5.26Daniel Golle2017-06-081-0/+30
| | | | | | | | Build broke as distributions now include Perl 5.26 and automake triggered an "Unescaped left brace in regex" error. Import upstream commit 13f00eb449 to fix that. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: network.sh: properly report local IPv6 addressesJo-Philipp Wich2017-06-082-18/+14
| | | | | | | | | | Rework the network_get_ipaddr6() and network_get_ipaddrs6() functions to fetch the effective local IPv6 address of delegated prefix from the "local-address" field instead of naively hardcoding ":1" as static suffix. Fixes FS#829. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* kernel: update kernel 4.4 to 4.4.71Jo-Philipp Wich2017-06-073-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the following security vulnerabilities: CVE-2017-8890 The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. CVE-2017-9074 The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls. CVE-2017-9075 The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9076 The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9077 The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9242 The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls. Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242 Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* Add missing APU1 reference to x86 board.dKristian Evensen2017-06-062-2/+2
| | | | | | | | | | | | x86 board.d only contains a case for the APU2, not the APU1. This causes, for example, network configuration not to be created correctly. Even though the APU1 seems to reaching EOL, there a still a lot of them out there. The APU1 and APU2 is configured in the same way and this patch should also be considered for stable, as the error also exists there. Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
* base-files: always set proto passed to _ucidef_set_interface()Mathias Kresin2017-06-031-1/+1
| | | | | | | | | | | | | | | Overwrite an already set proto if a new one is passed to _ucidef_set_interface() similar to what is done for the interface. It is required when using ""ucidef_set_interface_wan 'ptm0' 'pppoe'" after some initial wan interface configuration is already done by ucidef_add_switch. The "json_is_a protocol string" guard is meant to not reset an earlier set interface proto in case something like "ucidef_set_interface_lan 'eth0'" is used afterwards. Signed-off-by: Mathias Kresin <dev@kresin.me>
* lantiq: fix broadcasts and vlans in two iface modeMathias Kresin2017-06-031-5/+6
| | | | | | | | | | | | | | | | | The two phy operation mode where one phy is assigned to an interface without lantiq,* device tree property and the other phy is assigned to an interface with the lantiq,wan device property was broken with the multicast package leaks between vlans fixes. Move the multicast packages relevant portmap settings to the condition which handles multicast packages for better readability. Replace the priv->port_map based port_map only for the interface which has the lantiq,switch device tree property set, to allow tagged multicast packages in two phy mode where the lantiq,switch device tree property isn't used. Signed-off-by: Mathias Kresin <dev@kresin.me>
* lantiq: select kmod-mt7603 instead of kmod-mt76 for WBMR-300HPDFelix Fietkau2017-06-031-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* lantiq: use the P2812HNUF* wan port as wanMathias Kresin2017-06-031-1/+1
| | | | | | | The port is labeled as wan and was only used as lan port because of the "tx ring full" issues fixed with 8f02f7c. Signed-off-by: Mathias Kresin <dev@kresin.me>
* lantiq: xrx200: use vlan for ethernet wan portMathias Kresin2017-06-034-39/+9
| | | | | | | | | | | | | | | | | | | | | | | Using the lantiq,wan device tree property for one interface node and the lantiq,switch device tree property for another interface node at the same time was never intended/isn't supported at the moment. The property is meant to be used in two phy operation mode where one phy is assigned to an interface without lantiq,* device tree property and the other phy is assigned to an interface with the lantiq,wan device property to have two netdevs. If both properties are used at the same time, the lantiq,wan interface is shown as independent netdev but not able to operate independent. The port needs to be managed via swconfig. These dependency is not obvious and fooled already a lot of users. Add a default WAN vlan for xrx200 devices having an ethernet WAN port and remove the lantiq,wan device tree property. Leave it up to the user to set the ethernet WAN port as default WAN interface or to use this port as additional LAN port. Signed-off-by: Mathias Kresin <dev@kresin.me>
* x86: disable X2APIC support for legacy subtargetsJo-Philipp Wich2017-06-022-0/+2
| | | | | | | | | Explicitely disable X2APIC support on legacy targets since the targeted processor types do not support it anyway there. Fixes FS#285. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* umdns: remove superfluous include in init scriptJo-Philipp Wich2017-06-021-2/+0
| | | | | | | | | | | | | The umdns init script includes function/network.sh globally, outside of any service procedure. This causes init script activation to fail in buildroot and IB context if umdns is set to builtin. Additionally, the network.sh helper is not actually used. Drop the entire include in order to repair init script activation in build host context. Fixes FS#658. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* dnsmasq: bump to 2.77Jo-Philipp Wich2017-06-026-393/+22
| | | | | | | | | | | This is a cumulative backport of multiple dnsmasq update commits in master. Drops three LEDE specific patches which are included upstream and another patch which became obsolete. Remaining LEDE specific patches are rebased. Fixes FS#766 - Intermittent SIGSEGV crash of dnsmasq-full. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* dnsmasq: make tftp root if not existingAlberto Bursi2017-06-021-1/+1
| | | | | | | | | | If there's a TFTP root directory configured, create it with mkdir -p (which does not throw an error if the folder exists already) before starting dnsmasq. This is useful for TFTP roots in /tmp, for example. Originally submitted by nfw user aka Nathaniel Wesley Filardo Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
* dnsmasq: use logical interface name for dhcp relay configKarl Vogel2017-06-021-1/+2
| | | | | | | | | The relay section should use the logical interface name and not the linux network device name directly. This to be consistent with other sections of the dnsmasq config where 'interface' means the logical interface. Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
* dnsmasq: don't point --resolv-file to default location unconditionallyPhilip Prindeville2017-06-021-3/+3
| | | | | | | If noresolv is set, we should not generate a --resolv-file parameter. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [minor cleanup]
* ar71xx: fix Wallys DR344 GPIO-connected LEDs and buttonPiotr Dymacz2017-05-303-10/+33
| | | | | | | | | | | | | | | | | | | | This fixes wrong GPIO numbers for LEDs and button in Wallys DR344 board and sets color of all LEDs to green as the mass production boards have only green one. Actually, DR344 has 6 GPIO-connected LEDs and one button: - GPIO11: status - GPIO12: sig1 - GPIO13: sig2 - GPIO14: sig3 - GPIO15: sig4 - GPIO16: reset button - GPIO17: lan WAN LED is connected directly with AR8035 PHY. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* ar71xx: set GE interface as wan by default in Wallys DR344Piotr Dymacz2017-05-301-1/+1
| | | | | | | This aligns default network interfaces configuration with vendor firmware: GE (eth0) -> wan, FE (eth1) -> lan. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* ar71xx: fix GE interface support in Wallys DR344Piotr Dymacz2017-05-301-30/+8
| | | | | | | | GMAC0 interface of AR9344 SOC in Wallys DR344 board is connected with AR8035, not with AR8327. Without this fix, GE interface doesn't work at all or shows high packet loss ratio. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* toolchain/gdb: update to version 7.12.1Etienne Haarsma2017-05-301-2/+2
| | | | | | | | | | | | | | | | | | | | | | Update gdb to version 7.12.1. GDB 7.12.1 brings the following fixes and enhancements over GDB 7.12: * PR tdep/20682 (aarch64 regression: gdb.cp/nextoverthrow.exp) * PR server/20733 (Failed to build aarch64_be-linux-gnu GDBserver) * PR tdep/20953 (GDB crashes after "set architecture rl78") * PR tdep/20954 (GDB crashes if "set architecture rx") * PR tdep/20955 (GDB internal error in cris-tdep.c) * PR build/20712 (gdb 7.12+ doesn't build as C++ on Solaris) * PR breakpoint/20653 (string_to_explicit_location has some weird code) * PR build/20753 (MinGW compilation errors due to strcasecmp) * PR gdb/20977 (GDB exception handling is broken on i686-w64-mingw32) * PR python/21048 (backtrace is broken on i686) * PR sim/20808 (mips sim build fails due to undefined SD/CPU variables) * PR sim/20809 (mips sim build fails for r3900 cpus) * PR gdb/20939 (GDB aborts Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
* usbmode: update usb-modeswitch-data to 20170205Julian Labus2017-05-291-2/+2
| | | | | | add support for new hardware Signed-off-by: Julian Labus <julian@labus-online.de>
* usbmode: update to latest versionJulian Labus2017-05-291-3/+3
| | | | | | 453da8e convert-modeswitch.pl: fix message indices Signed-off-by: Julian Labus <julian@labus-online.de>
* usbmode: Update to latest HEADFlorian Fainelli2017-05-291-3/+3
| | | | | | | | | | | Brings the following changes: 22f041e18df0 Extend StandardEject sequence to include LUN 1 61fdf7e9b1cc cmake: Search for libjson-c 2769852e76b5 cmake: Find libubox/blobmsg_json.h 8a47c4b6649f add TargetClass support Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* samba: bump PKG_RELEASEJo-Philipp Wich2017-05-271-1/+1
| | | | | | | | | | | The previous CVE bugfix commit did not adjust PKG_RELEASE, therefor the fixed samba package does not appear as opkg update. Bump the PKG_RELEASE to signify upgrades to downstream users. Ref: https://forum.lede-project.org/t/sambacry-are-lede-devices-affected/3972/4 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall: resync with masterJo-Philipp Wich2017-05-271-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update to latest Git HEAD in order to import a number of fixes and other improvements: a4d98ae options: remove stray continue statement 3d2c18a options: improve handling of negations when parsing space separated values 0e5dd73 iptables: support -i, -o, -s and -d in option extra 4cb06c7 ubus: increase ubus network interface dump timeout e5dfc82 iptables: add exception handling f625954 firewall3: add check_snat() function 7d3d9dc firewall3: display the section type for UBUS rules 53ef9f1 firewall3: add UBUS support for include scripts 5cd4af4 firewall3: add UBUS support for ipset sections 02d6832 firewall3: add UBUS support for forwarding sections 0a7d36d firewall3: add UBUS support for redirect sections d44f418 firewall3: add fw3_attr_parse_name_type() function e264c8e firewall3: replace warn_rule() by warn_section() 6039c7f firewall3: check the return value of fw3_parse_options() c328d1f build: use -Wno-format-truncation instead of -Wno-error=format-truncation e06e537 utils: replace sprintf use with snprintf to avoid overflows 533f834 build: disable the format-truncation warning error to fix gcc 7 build errors e751cde zones: drop outgoing invalid traffic in masqueraded zones d596f72 rules: fix UCI context in error reporting 1d0564c ubus: fix interface name and proto lookup 82ccd9e firewall3: fix handling of UTC times 1949e0c iptables: support xtables API > 11 Fixes FS#548, FS#640, FS#806, FS#811. Ref: https://forum.lede-project.org/t/nat-leakage-on-tl-wr1043nd-v4/1712 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211, hostapd: always explicitly set beacon intervalMatthias Schiffer2017-05-274-9/+10
| | | | | | | | | | | | | | | | One of the latest mac80211 updates added sanity checks, requiring the beacon intervals of all VIFs of the same radio to match. This often broke AP+11s setups, as these modes use different default intervals, at least in some configurations (observed on ath9k). Instead of relying on driver or hostapd defaults, change the scripts to always explicitly set the beacon interval, defaulting to 100. This also applies the beacon interval to 11s interfaces, which had been forgotten before. VIF-specific beacon_int setting is removed from hostapd.sh. Fixes FS#619. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* hostapd: add legacy_rates option to disable 802.11b data rates.Nick Lowe2017-05-271-8/+20
| | | | | | | | | | | | | | | | | | Setting legacy_rates to 0 disables 802.11b data rates. Setting legacy_rates to 1 enables 802.11b data rates. (Default) The basic_rate option and supported_rates option are filtered based on this. The rationale for the change, stronger now than in 2014, can be found in: https://mentor.ieee.org/802.11/dcn/14/11-14-0099-00-000m-renewing-2-4ghz-band.pptx The balance of equities between compatibility with b clients and the detriment to the 2.4 GHz ecosystem as a whole strongly favors disabling b rates by default. Signed-off-by: Nick Lowe <nick.lowe@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup, defaults change]
* ipq806x: fix Netgear X4 R7500 ath10k firmware selectionThomas Reifferscheid2017-05-271-1/+1
| | | | | | | Netgear X4 R7500 comes with a QCA988X. Select a firmware that matches the ath10k chipset Signed-off-by: Thomas Reifferscheid <thomas@reifferscheid.org>
* treewide: select ath10k firmware explicitMathias Kresin2017-05-271-1/+1
| | | | | | Do not rely on the default firmware selected by ath10k. Signed-off-by: Mathias Kresin <dev@kresin.me>
* ath10k-firmware: do not select the qca988x by defaultMathias Kresin2017-05-271-1/+0
| | | | | | | | Do not select the qca988x by default as soon as kmod-ath10k is selected. We do support more ath10k chips than the qca988x in the meantime, so this dependency doesn't make sense any longer. Signed-off-by: Mathias Kresin <dev@kresin.me>
* build: fix possible issue with kmod package having multiple AutoLoad'sYousong Zhou2017-05-271-9/+12
| | | | | | | | | | | This commit contains the following changes - Use local shell var where appliable - The $(sort $$$$$$$$mods) call will have no expected effect - Avoid EEXIST when creating symlinks in /etc/modules-boot.d/ - Avoid duplicate arguments for insert_modules() in postinst-pkg Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* kernel: update kernel 4.4 to 4.4.70Hauke Mehrtens2017-05-274-7/+7
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: fix autoloading arch-specific modulesYousong Zhou2017-05-253-9/+9
| | | | | | Fixes FS#745 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* backlight-pwm: fix module descriptionYousong Zhou2017-05-251-1/+1
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* kernel: update kernel 4.4 to 4.4.69Stijn Segers2017-05-2428-474/+143
| | | | | | | | | | | | | | | | | | | | | Bump the 17.01 tree kernel to 4.4.69. Trunk 4.4 and 17.01 4.4 have diverged, talked this through with jow, he was okay with a clean diff against 17.01 and not a backported trunk patch. The following patches were applied upstream: * 062-[1-6]-MIPS-* series * 042-0004-mtd-bcm47xxpart-fix-parsing-first-block Reintroduced lantiq/patches-4.4/0050-MIPS-Lantiq-Fix-cascaded-IRQ-setup, as it was incorrectly included upstream thus dropped from LEDE, but subsequently reverted upstream. Thanks to Kevin Darbyshire-Bryant for pointing me to it. Compile-tested on: ar71xx, ramips/mt7621, x86/64. Run-tested on: ar71xx, ramips/mt7621, x86/64. Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>