aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* mxs: bump to use 4.14 by defaultZoltan HERPAI2018-02-201-1/+1
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* mxs: add support for 4.14Zoltan HERPAI2018-02-202-0/+370
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* kernel: ar83xx: remove stray leading spaceJohn Crispin2018-02-201-3/+3
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* kernel: ar83xx: add support to configure per port VLAN priorityTan Hong Hui2018-02-203-0/+55
| | | | | | | | | Add support to allow for per switch port VLAN priority (PCP) bits for the ar8327/8337 chip using the swconfig utility. Tested on Netgear R7800 Signed-off-by: Tan Hong Hui <hhtan72@yahoo.com>
* uqmi: ensure CID is a numeric value before proceedingKoen Vandeputte2018-02-201-4/+4
| | | | | | | | | | | The current implementation only checked if uqmi itself executed correctly which is also the case when the returned value is actually an error. Rework this, checking that CID is a numeric value, which can only be true if uqmi itself also executed correctly. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: backport pcie enumeration fix to kernel 4.9Koen Vandeputte2018-02-201-0/+62
| | | | | | | This issue is also present in kernel 4.9 starting from 4.9.71 Adapted the patch, as the fixed function is in another location here. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* build: add --force option to gzip in Build/gzipStijn Tintel2018-02-191-1/+1
| | | | | | | | | | When using pigz, a parallel gzip implementation, the gzip step in the image build for some targets fails, because the image filename already has the .gz extension. This results in an emtpy image file. Fix this by adding the --force option to gzip in the Build/gzip macro. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Martin Schleier <drahemmaps@gmx.net>
* Revert "brcm2708: fix sdcard image"Stijn Tintel2018-02-191-2/+2
| | | | | | | | | | | This reverts commit 6c2e1ff80f52b939405fe0c14577c584602ae432. GNU gzip does not fail when the image filename already contains the .gz extension, this is a problem specific to pigz. Revert the commit, as we now gzip the image twice. Reported-by: Martin Schleier <drahemmaps@gmx.net> Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: backport patches simplifying mtd_device_parse_register codeRafał Miłecki2018-02-197-3/+335
| | | | | | These 2 patches were recently queued for 4.17. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* kernel: order mtd backported patches by kernel releaseRafał Miłecki2018-02-194-0/+0
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* imx6: remove support for 4.9Tim Harvey2018-02-198-1242/+0
| | | | | Signed-off-by: Tim Harvey <tharvey@gateworks.com> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* imx6: switch to Linux 4.14Tim Harvey2018-02-191-1/+1
| | | | | Signed-off-by: Tim Harvey <tharvey@gateworks.com> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* imx6: add support for Linux 4.14Tim Harvey2018-02-194-2/+555
| | | | | Signed-off-by: Tim Harvey <tharvey@gateworks.com> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: backport dwc pci enumeration fixTim Harvey2018-02-191-0/+62
| | | | | | | Backport of: http://patchwork.ozlabs.org/patch/860701/ Signed-off-by: Tim Harvey <tharvey@gateworks.com> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: add missing symbols for v4.14John Crispin2018-02-191-0/+2
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* dnsmasq: bump to 2.79rc1Kevin Darbyshire-Bryant2018-02-186-376/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1721453 Remove special handling of A-for-A queries. 499d8dd Fix boundary for test introduced in 3e3f1029c9ec6c63e430ff51063a6301d4b2262 6f1cbfd Fix debian/readme typo. 55ecde7 Inotify: Ignore backup files created by editors 6b54d69 Make failure to chown() pidfile a warning. 246a31c Change ownership of pid file, to keep systemd happy. 83e4b73 Remove confusion between --user and --script-user. 6340ca7 Tweak heuristic for initial DNSSEC memory allocation. baf553d Default min-port to 1024 to avoid reserved ports. 486bcd5 Simplify and correct bindtodevice(). be9a74d Close Debian bug for CVE-2017-15107. ffcbc0f Example config typo fixes. a969ba6 Special case NSEC processing for root DS record, to avoid spurious BOGUS. f178172 Add homepage to Debian control file. cd7df61 Fix DNSSEC validation errors introduced in 4fe6744a220eddd3f1749b40cac3dfc510787de6 c1a4e25 Try to be a little more clever at falling back to smaller DNS packet sizes. 4fe6744 DNSSEC fix for wildcard NSEC records. CVE-2017-15107 applies. 3bd4c47 Remove limit on length of command-line options. 98196c4 Typo fix. 22cd860 Allow more than one --bridge-interface option to refer to an interface. 3c973ad Use SIGINT (instead of overloading SIGHUP) to turn on DNSSEC time validation. faaf306 Spelling fixes. c7e6aea Change references to gPXE to iPXE. Development of EtherBoot gPXE was always development of iPXE core developer Michael Brown. e541245 Handle duplicate RRs in DNSSEC validation. 84a01be Bump year in Debian copyright notice. d1ced3a Update copyrights to 2018. a6cee69 Fix exit code from dhcp_release6. 0039920 Severely fix code formating of contrib/lease-tools/dhcp_release6.c 39d8550 Run Debian startup regex in "C" locale. ef3d137 Fix infinite retries in strict-order mode. 8c707e1 Make 373e91738929a3d416e6292e65824184ba8428a6 compile without DNSSEC. 373e917 Fix a6004d7f17687ac2455f724d0b57098c413f128d to cope with >256 RRs in answer section. 74f0f9a Commment language tweaks. ed6bdb0 Man page typos. c88af04 Modify doc.html to mention git-over-http is now available. ae0187d Fix trust-anchor regexp in Debian init script. 0c50e3d Bump version in Debian package. 075366a Open inotify socket only when used. 8e8b2d6 Release notes update. 087eb76 Always return a SERVFAIL response to DNS queries with RD=0. ebedcba Typo in printf format string added in 22dee512f3738f87539a79aeb52b9e670b3bd104 0954a97 Remove RSA/MD5 DNSSEC algorithm. b77efc1 Tidy DNSSEC algorithm table use. 3b0cb34 Fix manpage which said ZSK but meant KSK. aa6f832 Add a few DNS RRs to the table. ad9c6f0 Add support for Ed25519 DNSSEC signature algorithm. a6004d7 Fix caching logic for validated answers. c366717 Tidy up add_resource_record() buffer size checks. 22dee51 Log DNS server max packet size reduction. 6fd5d79 Fix logic on EDNS0 headers. 9d6918d Use IP[V6]_UNICAST_IF socket option instead of SO_BINDTODEVICE for DNS. a49c5c2 Fix search_servers() segfault with DNSSEC. 30858e3 Spaces in CNAME options break parsing. Refresh patches. Remove upstreamed patches: 250-Fix-infinite-retries-in-strict-order-mode.patch 260-dnssec-SIGINT.patch 270-dnssec-wildcards.patch Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* brcm2708: Fix compile after adding kernel 4.9.82Hauke Mehrtens2018-02-181-0/+8
| | | | | Fixes: f621b539512e ("kernel: bump 4.9 to 4.9.82") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* x86: Use kernel 4.14 by defaultHauke Mehrtens2018-02-181-1/+1
| | | | | | | | Support for kernel 4.14 was added 2 months ago, make it now the default kernel to use for the x86 target. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Tested-by: Stijn Segers <francesco.borromini@inventati.org>
* kernel: add missing config symbolsStijn Tintel2018-02-181-0/+2
| | | | | | | | They were introduced for arm64 in 4.14.20. Fixes: 88ba41453dbc ("kernel: bump 4.14 to 4.14.20") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: add missing symbolJohn Crispin2018-02-181-0/+1
| | | | | | this caused v4.14.20 based builds so fail on aarch64 Signed-off-by: John Crispin <john@phrozen.org>
* kernel: bump 4.9 to 4.9.82Stijn Tintel2018-02-1827-326/+86
| | | | | | | | | | | | | | | | | | | | | | Refresh patches. Remove upstreamed patches: - ar7/002-MIPS-AR7-ensure-the-port-type-s-FCR-value-is-used.patch - backport/040-crypto-fix-typo-in-KPP-dependency-of-CRYPTO_ECDH.patch Remove layerscape/819-Revert-dmaengine-dmatest-move-callback-wait-queue-to.patch, it is superseded by upstream commit 297c7cc4b5651b174a62925b6c961085f04979fd. Remove pending/650-pppoe_header_pad.patch, it is superseded by upstream commit 1bd21b158e07e0b8c5a2ce832305a0ebfe42c480. Update patches that no longer apply: - ar71xx/004-register_gpio_driver_earlier.patch - hack/204-module_strip.patch - pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch Fixes CVE-2017-8824. Compile-tested: ar71xx. Runtime-tested: ar71xx. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* dropbear: add option to set receive window sizeStijn Tintel2018-02-181-1/+4
| | | | | | | | | | | | | | | | | The default receive window size in dropbear is hardcoded to 24576 byte to limit memory usage. This value was chosen for 100Mbps networks, and limits the throughput of scp on faster networks. It also severely limits scp throughput on high-latency links. Add an option to set the receive window size so that people can improve performance without having to recompile dropbear. Setting the window size to the highest value supported by dropbear improves throughput from my build machine to an APU2 on the same LAN from 7MB/s to 7.9MB/s, and to an APU2 over a link with ~65ms latency from 320KB/s to 7.5MB/s. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: bump 4.14 to 4.14.20Stijn Tintel2018-02-1831-225/+70
| | | | | | | | | | | | | | | | Refresh patches. Remove upstreamed patches: - backport/080-v4.15-0001-arch-define-weak-abort.patch - backport/081-v4.15-0002-kernel-exit.c-export-abort-to-modules.patch Update patch that no longer applies: pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch Fixes CVE-2017-8824. Compile-tested: octeon, x86/64. Runtime-tested: octeon, x86/64. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* brcm2708: fix sdcard imageStijn Tintel2018-02-171-2/+2
| | | | | | | | | | | | The gzip step in the sdcard image build fails because the image filename already has the gzip extension. This results in an empty image file, to which the metadata is finally appended. Remove the .gz extension from the image filename to fix this. Fixes: e79b096ee175 ("brcm2708: convert to metadata") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* iperf3: update to 3.4Philip Prindeville2018-02-172-240/+5
| | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* archs38: add HSDK board to network configure scriptsEvgeniy Didin2018-02-172-1/+4
| | | | | | | | | | | | In the initial patch which adds HSDK board there were no update of network configuration scripts. Without it by default static IP is set for br-lan and there is no access to internet. This patch fixes the issue. Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com> CC: Alexey Brodkin <abrodkin@synopsys.com> CC: Hauke Mehrtens <hauke@hauke-m.de> CC: John Crispin <john@phrozen.org>
* openvpn: fix interface with mbedtls_sha256Russell Senior2018-02-171-0/+11
| | | | | | | | | Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions were deprecated in favor of functions returning an int error code. Use the new function mbedtls_sha256_ret(). Signed-off-by: Russell Senior <russell@personaltelco.net> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* curl: fix interface with mbedtls_sha256Russell Senior2018-02-171-0/+11
| | | | | | | | | Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions were deprecated in favor of functions returning an int error code. Use the new function mbedtls_sha256_ret(). Signed-off-by: Russell Senior <russell@personaltelco.net> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* sunxi: Add Xunlong Orange Pi Zero PlusHauke Mehrtens2018-02-172-0/+204
| | | | | | | This is based on a patch from armbian: https://github.com/armbian/build/blob/master/patch/kernel/sunxi-next/sunxi-add-orangepi-zero-plus.patch Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uboot-sunxi: Add Xunlong Orange Pi Zero PlusHauke Mehrtens2018-02-172-1/+158
| | | | | | | This is based on a patch from armbian: https://github.com/armbian/build/blob/master/patch/u-boot/u-boot-sunxi/add-orangepi-zeroplus.patch Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* sunxi: Add Realtek PHY driver or ARM64 devicesHauke Mehrtens2018-02-171-0/+1
| | | | | | | The Orange Pi Zero Plus uses a RTL8211E, add the driver for this PHY. This is probably used on more boards with a Allwinner SoC. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* sunxi: add support for NanoPi NEO Plus2 boardAntony Antony2018-02-172-0/+19
| | | | | | | | | | | | | | arm64: allwinner: h5: NanoPi NEO Plus2 DT support Add initial DT for NanoPi NEO Plus2 by FriendlyARM - Allwinner quad core H5 Cortex A53 with an ARM Mali-450MP GPU - 1 GB DDR3 RAM - 8GB eMMC flash (Samsung KLM8G1WEPD-B031) - micro SD card slot - Gigabit Ethernet (external RTL8211E-VB-CG chip) - 802.11 b/g/n WiFi, Bluetooth 4.0 (Ampak AP6212A module) - 2x USB 2.0 host ports & 2x USB via headers Signed-off-by: Antony Antony <antony@phenome.org>
* sunxi: add kernel DT for NanoPi NEO Plus2 boardAntony Antony2018-02-171-0/+224
| | | | | | Linux Kernel upstream commit d73413058 Signed-off-by: Antony Antony <antony@phenome.org>
* uboot-sunxi: add u-boot DT for NanoPi NEO Plus2 boardAntony Antony2018-02-171-0/+165
| | | | | | u-boot upstream commit 6130b1f6bc23 Signed-off-by: Antony Antony <antony@phenome.org>
* uboot-sunxi: dts: Update orange Pi R1 integrationHauke Mehrtens2018-02-172-146/+73
| | | | | | | | This syncs the Orange Pi R1 device tree files with the one from the upstream kernel and also uses the default configuration from the Orange Pi Zero. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ar71xx: fix sysupgrade syntax errorMathias Kresin2018-02-161-1/+1
| | | | | | | Fix syntax error introduced with 188328111b46 ("treewide: move nand_do_upgrade call to platform_do_upgrade"). Signed-off-by: Mathias Kresin <dev@kresin.me>
* mbedtls: activate deprecated functionsHauke Mehrtens2018-02-161-9/+0
| | | | | | | | | Some functions used by a lot of other software was renamed and is only active when deprecated functions are allowed, deactivate the removal of deprecated functions for now. Fixes: 75c5ab4caf9 ("mbedtls: update to version 2.7.0") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* gpio-nct5104d: Add support for new chip IDJasper Scholte2018-02-161-2/+4
| | | | | | | The PC Engines APU3b has a new nct5104b version with chip ID 0xc453. This adds support for that version. Signed-off-by: Jasper Scholte <NightNL@outlook.com>
* treewide: move nand_do_upgrade call to platform_do_upgradeMathias Kresin2018-02-168-75/+69
| | | | | | | | | | Calling nand_do_upgrade() from platform_pre_upgrade() was deprecated with 30f61a34b4cf ("base-files: always use staged sysupgrade"). Update the platform upgrade code to use platform_do_upgrade() for NAND images as well. Signed-off-by: Mathias Kresin <dev@kresin.me>
* treewide: remove obsolete sysupgrade watchdog killMathias Kresin2018-02-1611-111/+0
| | | | | | | | | The watchdog kill command was meant for busybox watchdog. Busybox watchdog was replaced by the procd watchdog mid 2013 with commit df7ce9301a25 ("busybox: disable the watchdog utility by default"), which makes the kill command obsolete since quite some time. Signed-off-by: Mathias Kresin <dev@kresin.me>
* sunxi: switch to kernel 4.14Zoltan HERPAI2018-02-161-1/+1
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* Revert "uboot-sunxi: bump to 2017.11"Zoltan HERPAI2018-02-1611-36/+392
| | | | | | | | This reverts commit 805f756d6e4ff5061380baf5e262aec72abcf195. Move back to 2017.07 until we move sunxi to GCC7. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* Revert "uboot-sunxi: refresh patches"Zoltan HERPAI2018-02-166-10/+10
| | | | | | | | This reverts commit f142de5f44bcba8cb0f12e5b1fd26cd9867cf866. Revert until we can move to 2017.11 Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* Revert "uboot-sunxi: fix build by adding comparabilities for old dtc"Zoltan HERPAI2018-02-161-52/+0
| | | | | | | | This reverts commit ef0416666f48e1e7793c4230cec18c8cdd3e1003. Revert until we can move to 2017.11 Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* kernel: add missing symbolsJohn Crispin2018-02-162-0/+2
| | | | | | These cause mediatek arm to fail full builds Signed-off-by: John Crispin <john@phrozen.org>
* nftables: update to version 0.8.2Hauke Mehrtens2018-02-152-3/+5
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iproute2: update to version 4.15.0Hauke Mehrtens2018-02-1511-225/+23
| | | | | | The musl compatibility patches are now included in the upstream version. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: update to version 2.7.0Hauke Mehrtens2018-02-152-41/+39
| | | | | | | | This fixes the following security problems: * CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled * CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ramips: preliminary support for 4.14Roman Yeryomin2018-02-1577-24/+27451
| | | | | | | | - removed upstreamed patches - 0901-spansion_nand_id_fix.patch is disabled, not clear if it's needed Signed-off-by: Roman Yeryomin <roman@advem.lv> Signed-off-by: John Crispin <john@phrozen.org>
* iwinfo: update to latest git HEADDaniel Golle2018-02-151-3/+3
| | | | | | 223e09b add support for expected throughput Signed-off-by: Daniel Golle <daniel@makrotopia.org>