aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ramips: Xiaomi MiWiFi Nano: fix status ledCezary Jackiewicz2016-09-292-2/+2
| | | | | | | - add status led for Xiaomi MiWiFi Nano - revert https://github.com/lede-project/source/commit/af1e70b4a730e91ce1668d506ebc5c1c8cf5abf5 , this should not be added. Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
* kernel: fix build error in sign-file.c with libresslFelix Fietkau2016-09-291-0/+16
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: add missing config symbolsFelix Fietkau2016-09-291-0/+7
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: use upstream patches for rtl8xxxuÁlvaro Fernández Rojas2016-09-29108-455/+488
| | | | | | Also improves rtl8188eu support. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* kernel: add missing config symbolsFelix Fietkau2016-09-281-1/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* procd: update to latest git HEADJohn Crispin2016-09-281-2/+2
| | | | | | | | this adds 2 new inittab handlers * askconsolelate * respawnlate Signed-off-by: John Crispin <john@phrozen.org>
* netifd: update to the latest version, adds various fixesFelix Fietkau2016-09-281-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* toolchain: Rework external toolchain libc selectionFlorian Fainelli2016-09-283-5/+26
| | | | | | | | | | | | | | | | Make it a choice menu which offers the 3 C libraries we know about: glibc, uClibc and musl. While at it, make it possible for the external toolchain libc to select USE_GLIBC, USE_UCLIBC or USE_MUSL which is used by several packages to conditionally include specific CFLAGS (e.g: iproute2). Because USE_GLIBC et al. can now be selected by external toolchains, we need to restrict the per-libc menus to check on !EXTERNAL_TOOLCHAIN. While at it, make musl the default C library for external toolchain to match the internal toolchain. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ath10k-firmware: move to firmware section in buildrootStijn Segers2016-09-281-4/+16
| | | | | | | This patch moves the ath10k firmware packages to the firmware submenu in the buildroot, where it belongs. Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
* ar71xx: Do not use a hardcoded ath10k firmware mac addressMartin Blumenstingl2016-09-281-7/+10
| | | | | | | | | | | | | | | | | | | | | ar71xx has an init-script for special devices where the ath10k OTP calibration data is stored on the PCIe card's EEPROM (and thus can only be read by ath10k). Unfortunately the OTP data uses the default mac address (= all devices come with the same mac address, which leads to problems when you have multiple of these devices in the same network). To work around this the mac address is patched in the firmware during the first boot of the device. To prevent flash wear this was only done if the ath10k firmware matched a hardcoded md5sum. However, if the md5sum does not match this can mean that either the mac address was already patched (which is fine) - unfortunately it can also mean that the firmware version was updated without updating the hardcoded md5sum. Change the "was the mac address already patched" check to actually compare the mac address inside the ath10k firmware. Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
* ath10k-firmware: update the qca988x firmware to 10.2.4.70.54Martin Blumenstingl2016-09-281-13/+5
| | | | | | | | | | | | | | Use firmware version 10.2.4.70.54 from kvalo's git repository. The old version (even though it's version number is greater) is an old version from September 2015. Using only the firmware versions from kvalo's git repo is recommended, because those are tested by QCA's internal QCA. The QCA988X directory received a small reorganization as a "hw2.0" subdirectory was added - this patch also takes care of that as board.bin was moved to that subdirectory. Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
* toolchain: Force installation into /libFlorian Fainelli2016-09-281-24/+16
| | | | | | | | For 64-bit capable systems, a symbolic link is set up for /lib64 to point to /lib, so make sure the installation goes into /lib, irrespective of where the C library files come from in an external toolchain. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* kernel: add missing config symbol after rfkill changeFelix Fietkau2016-09-281-0/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* rfkill: add fake rfkill supportJohn Crispin2016-09-272-1/+88
| | | | | | allow building of modules depending on RFKILL even if RFKILL is not enabled. Signed-off-by: John Crispin <john@phrozen.org>
* perf: fix build with musl on PowerPCMatthias Schiffer2016-09-281-0/+8
| | | | Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* kernel: remove echainiv.ko from kmod-crypto-ivMatthias Schiffer2016-09-281-4/+3
| | | | | | | There is a separate package kmod-crypto-echainiv for echainiv.ko. Selecting both packages led to a conflict, so remove the file from kmod-crypto-iv. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* mac80211: backport brcmfmac changes from 2016-09-27Rafał Miłecki2016-09-273-1/+97
| | | | | | | | This fixes bug that could cause WARNING on every add_key/del_key call. It also replaces WARNING with a simple message. They may still occur e.g. on station going out of range and A-MPDU stall in the firmware. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* ar71xx: add support for Cisco Meraki Z1 Cloud Managed Teleworker GatewayChris Blake2016-09-2716-19/+293
| | | | | | | | | This patch adds support for Cisco's Z1. Detailed instructions for the flashing the device can be found in the OpenWrt wiki: <https://wiki.openwrt.org/toh/meraki/z1> Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
* openssl: update to 1.0.2jMagnus Kroken2016-09-273-49/+2
| | | | | | | | | | | | | | A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null pointer exception. Patches applied upstream: * 301-fix_no_nextprotoneg_build.patch * 302-Fix_typo_introduced_by_a03f81f4.patch Security advisory: https://www.openssl.org/news/secadv/20160926.txt Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* ramips : add support for Newifi D1BangLang Huang2016-09-277-0/+178
| | | | Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
* ramips : add support for PandoraBox D1BangLang Huang2016-09-277-1/+177
| | | | Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
* fortify-headers: update to 0.8Kevin Darbyshire-Bryant2016-09-271-2/+2
| | | | Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* linux-firmware: Add mirrorsdiizzyy2016-09-271-1/+3
| | | | | | | Adds Google's mirrors as primary source and kernel.org as fallback. Discussed in #lede-dev on Freenode Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* openssl: Make DTLS configurable.Rosen Penev2016-09-272-0/+10
| | | | Signed-off by: Rosen Penev <rosenp@gmail.com>
* openssl: Remove J-PAKE. Nothing uses it.Rosen Penev2016-09-271-1/+2
| | | | Signed-off by: Rosen Penev <rosenp@gmail.com>
* busybox: v1.25.0 upstream patchesKevin Darbyshire-Bryant2016-09-273-0/+75
| | | | | | Include upstream patches for gzip, ip & ntpd. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* libjson-c: Update to 0.12.1Daniel Engberg2016-09-272-26/+5
| | | | | | Updates libjson-c and removes backport patch. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libunwind: use url aliasdiizzyy2016-09-271-1/+1
| | | | | | Use alias instead of hardcoded URL Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* uml: set inittab for working consoleAdrian Panella2016-09-271-0/+4
| | | | Signed-off-by: Adrian Panella <ianchi74@outlook.com>
* ramips: Add support for ZBT-CPE102Cezary Jackiewicz2016-09-277-0/+136
| | | | | | | | | | - CPU: MT7620N 580MHz - Flash: 8MB - RAM: 64MB - build-in minipcie slot for modem 3G/4G - one ethernet port 10/100Mbps Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
* iwinfo: fix WPA cipher reportingJo-Philipp Wich2016-09-271-2/+2
| | | | | | | | | | | Within the Lua binding, use the same logic as the command line interface for reporting the used WPA ciphers. Instead of printing the intersection of pairwise and group ciphers, report both group and pairwise ciphers. This fixes a case where a connection which uses CCMP for pairwise and TKIP as groupwise cipher is getting reported as using the NONE cipher. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* iproute: properly support high routing table IDsJo-Philipp Wich2016-09-273-24/+487
| | | | | | | | | | | | | | | | | | | | | The Linux kernel uses two distinct fields to denote the routing table ID in use by network routes; the 8 bit `rtm_table` member of `struct rtmsg` and the 32 bit `RTA_TABLE` netlink attribute. If a routing table ID is larger than 255, the `RT_TABLE` attribute must be used and the `rtm_table` field has to be set to the special `RT_TABLE_UNSPEC` value. This commit adds a patch which... - switches the *_n2a() and *_a2n() functions of rt_names.c to use dynamically sized, name-sorted arrays instead of fixed arrays limited to 1024 slots in order to support IDs up to 65535 - adds proper handling of high table IDs to iprule.c and iproute.c when adding, removing and dumping ip rules and network routes After this change, the Busybox ip applet fully supports IP rules with high ID numbers, using the same logic as the full iproute2. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* 6in4: fix invalid local variable declaration (FS#188)Jo-Philipp Wich2016-09-272-3/+3
| | | | | | | | Remove an invalid local variable declaration in the tunnel update subshell invocation. Local declarations outside of function scopes are illegal since the Busybox update to version 1.25.0 . Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211: backport brcmfmac changes from 2016-09-26Rafał Miłecki2016-09-2726-2/+1316
| | | | | | | All these patches are in wireless-drirvers-next. There is support for hidden SSID, few new devices and many fixes. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* rootfs: fail on errors in postinst scriptsMatthias Schiffer2016-09-261-0/+5
| | | | | | | | | | | | | | The Gluon firmware framework [1] uses postinst scripts for sanity checks. Make the build fail when a postinst script exits with an error to make these sanity checks effective. All postinst scripts in packages from the LEDE core and the packages feed seem to work correctly with this change and will always return 0 unless something is very broken. [1] https://github.com/freifunk-gluon/gluon Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* rootfs: remove unnecessary and potentially harmful force flags from opkg callMatthias Schiffer2016-09-262-4/+1
| | | | | | | | | | | | Especially --force-overwrite and --force-depends will often lead to broken images; it's better to fail the build in such cases than to silently ignore the errors. Instead, ignore errors in the per-device rootfs opkg remove command, so the build doesn't break when packages can't be removed because of dependencies. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* image: per-device rootfs: first remove, then install packagesMatthias Schiffer2016-09-261-3/+3
| | | | | | | | Some DEVICE_PACKAGES definitions replace one package variant with another (e.g. wpad-mini is replaced with wpad). To avoid file conflicts, first remove, then install packages. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: make default_prerm work offlineMatthias Schiffer2016-09-261-4/+12
| | | | | | | IPKG_INSTROOT must be respected for offline removal (used for per-device rootfs). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* ramips: fix DEVICE_PACKAGES of Ubiquiti EdgeRouter XMatthias Schiffer2016-09-261-1/+1
| | | | | | | kmod-rt2x00-lib and kmod-mac80211 need to be removed, as they depend on kmod-cfg80211. kmod-rt2800-pci should not be installed anyways. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* ar71xx: clean up DEVICE_PACKAGES of legacy devicesMatthias Schiffer2016-09-261-43/+22
| | | | | | Remove arbitrary or redundant packages from DEVICE_PACKAGES. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* image: don't modify file permissions before rootfs generationMatthias Schiffer2016-09-262-22/+3
| | | | | | | | | | | | | | | | Modifying the file permissions can be harmful, as it would make files world-readable even if they weren't in the ipk packages. The Image/mkfs/prepare step is removed completely, as it is redundant now (/tmp and /overlay are already provided by base-files with the correct permissions). It has been verified that this change does not affect any permissions of files in the default package set except /etc/ppp/chap-secrets, which was world-readable before. All packages not in the default set are more likely to be installed via opkg than being part of a base image and thus were usually not affected by the permission modification anyways. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: fix check for empty password warningMatthias Schiffer2016-09-261-2/+1
| | | | | | | | | | | | | Now that we know that the password is in /etc/shadow and not in /etc/passwd, we can properly fix the logic for the empty password check. Only 'root::' is an empty password, 'root:x:' and 'root:!:' allow no password login at all. This fixes the empty password warning still showing after the root password has been locked using 'passwd -l root' (e.g. to allow public-key auth only). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* config: enable shadow passwords unconditionallyMatthias Schiffer2016-09-263-5/+0
| | | | | | | | | | | | | Configurations without shadow passwords have been broken since the removal of telnet: as the default entry in /etc/passwd is not empty (but rather unset), there will be no way to log onto such a system by default. As disabling shadow passwords is not useful anyways, remove this configuration option. The config symbol is kept (for a while), as packages from feeds depend on it. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* mac80211: fix crash in mac80211_hwsimFelix Fietkau2016-09-261-0/+11
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mvebu: add switch config for clearfog proJonas Gorski2016-09-261-0/+3
| | | | | | Check for switch0 existance and add default switch config if found. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* mvebu: add sysupgrade support for clearfogJonas Gorski2016-09-265-8/+79
| | | | | | | | Add and enable sysupgrade support for clearfog boards, based on how the brcm2708 target does it. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>
* mvebu: add switch node to clearfogJonas Gorski2016-09-262-1/+22
| | | | | | | | Add a switch node to clearfog to probe and initialize it on Clearfog Pro. This make the switch work and allows using all six switch ports. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>
* mvsw61xx: enable SerDes on 6176 if requiredJonas Gorski2016-09-262-0/+59
| | | | | | | | If the cpu port is connected through SGMII we need to enable SerDes for it to work. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>
* mvsw61xx: reset phys on probe to enable switch ports on clearfog proJonas Gorski2016-09-262-1/+54
| | | | | | | | The clearfog u-boot does not initialize the switch at all, so we need to power up the phys ourselves. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>
* mvebu: replace ClearFog dts files with patches from upstreamJonas Gorski2016-09-267-582/+909
| | | | | | | | Make the dts file match with what is upstream, to ensure it has the latest changes and switching to newer kernels is easier. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>