| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
Previously this was only activated for ADSL, this patch activates the
same setting also for VDSL, this feature is also support for VDSL in the
same way it works for ADSL.
I tested it with DSL FW 5.7.9.5.1.7 against a Broadcom 177.140 DSLCO
(Deutsche Telekom) and saw different data rates and Max. Attainable Data
Rates depending on the ds_snr_offset settings I choose.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch makes possible to tweak the downstream SNR margin on
Lantiq DSL devices.
The UCI parameter 'network.dsl.ds_snr_offset' is used to set the SNR
margin offset. It accepts values in range -50 to +50 in 0.1 dB units.
The SNR margin can thus be modified in range -5.0 to +5.0 dB in 0.1 dB
steps.
Currently this should only affect ADSL (not VDSL). It should be very
easy to make this work also on VDSL lines, but since I couldn't test
on VDSL lines this patch does not do that yet.
I have also a patch for LUCI about this, that I could submit.
Tested on FB3370 (Lantiq VR9) and Telecom Italia ADSL2+ line.
Signed-off-by: Andrea Merello <andrea.merello@gmail.com>
|
| |
|
|
|
|
|
|
| |
1dafcd7 jshn: properly support JSON "null" type
6abafba jshn: read and write 64-bit integers
cfc75c5 runqueue: fix use-after-free bug
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
| |
This fixes: CVE-2017-5754
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
By default we are reusing the stack provided by CFE, like it is intended
by CFE. On my WRT54GS it is located at 0x8043BF30, so a big kernel image
could overwrite it. Relocate it to a different memory region which is
still under the 8MB RAM, but in the higher area. We only need this
memory region for the stack of the loader, Linux will set up this
for its own.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The boot process on a WRT54GL works the following way:
1. CFE gets loaded by the boot rom from flash
2. CFE loads the loader from the flash and gzip uncompresses it
3. CFE starts the loader
4. The loader stores the FW arguments and relocates itself to
BZ_TEXT_START (now 0x80600000)
5. The loader reads the Linux image from flash
6. The loader lzma decompresses the Linux image to LOADADDR (0x80001000)
7. The loader executes the uncompress Linux image at LOADADDR
The BZ_TEXT_START was set to 0x80400000 before. When the kernel gets
uncompressed and is bigger than BZ_TEXT_START - LOADADDR it overwrote
the loader which was currently uncompressing it and made the board
crash. Increase the BZ_TEXT_START my 2 MB to have more space for the
kernel. Even on 16MB RAM devices the memory goes till 0x80FFFFFF so this
should not be a problem.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
| |
37762ff libfstools: support file paths longer than 255 chars
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
| |
1883530 procd: Fix minor null pointer dereference.
9085551 procd: initd: fix path allocation in early_insmod
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
| |
It's a device based on BCM5365P (0x5365 package 0x00). This SoC has
USB 1.1 controller but device has two USB 2.0 parts. They are handled by
PCI-based controllers: 1106:3038 UHCI and 1106:3104 EHCI.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
| |
This reverts commit da126d557c6d1cfe19d3f93481af6e00631d7931 as the iptables patch does not apply cleanly.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enabling IPTABLES_NFTABLES resulted in an error during build:#
*** No rule to make target '../extensions/libext.a',
needed by 'xtables-compat-multi'."
Comments from Alexander Lochmann and Fedor Konstantinov in FS#711
provided fixes for this build error, allowing iptables to compile.
https://bugs.lede-project.org/index.php?do=details&task_id=711.
This commit updates the Makefile.am xtables_compat_multi_LDFLAGS
and _LDADD, moving linking of extensions to LDFLAGS.
Signed-off-by: rektide de la faye <rektide@voodoowarez.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
| |
cfe1e75c91 sys: packagelist: allow listing all packages
74a784f037 sys: fix passwd path
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(commit 173edcdc9da55fbd7225c4baa7b03405dfc074cc on master)
|
| |
|
|
|
|
|
|
|
|
| |
Switch uci to the lede-17.01 branch which contains the following two commits
cherry-picked from uci master:
141b64e lua: additionally return name when looking up sections
1e17f24 lua: support extended section notation
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
| |
Fix patch format error introduced in c4e9487cf5
Refresh patches to tidy fuzz
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
| |
Refresh patches.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There has been recent significant activity with the cake qdisc of late
Some of that effort is related to upstreaming to kernel & iproute2
mainline but we're not quite there yet. This commit teaches tc how to
activate and interprete the latest cake operating modes, namely:
ingress mode: Instead of only counting packets that make it past the
shaper, include packets we've decided to drop as well, since they did
arrive with us on the link and took link capacity.
This mode is more suitable for shaping the ingress of a link
(e.g. from ISP) rather than the more normal egress.
ack-filter/ack-filter-aggressive: Filter excessive TCP ACKS. Useful in
highly assymetric links (downstream v upstream capacity) where the
majority of upstream link capacity is occupied with ACKS for downstream
traffic.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There has been recent significant activity with the cake qdisc of late
but in the cobalt branch. Some of that effort is related to upstreaming
to kernel & iproute2 mainline but we're not quite there yet. Relevant
feature changes:
ingress mode: Instead of only counting packets that make it past the
shaper, include packets we've decided to drop as well, since they did
arrive with us on the link and took link capacity.
This mode is more suitable for shaping the ingress of a link
(e.g. from ISP) rather than the more normal egress.
ptm mode: Minor optimisation in packet overhead calculation.
dual-src/dsthost/triple-isolate: Optimise only calculating src or dst
host hashes only if required.
ack-filter/ack-filter-aggressive: Filter excessive TCP ACKS. Useful in
highly assymetric links (downstream v upstream capacity) where the
majority of upstream link capacity is occupied with ACKS for downstream
traffic.
A separate iproute2 patch to teach it about Cake's new features will
follow.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
| |
The diag LED is named widora:orange:wifi and can't be derived from the
boardname.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
|
|
| |
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: 1c9299877be9 ("base-files: set FAILSAFE in /etc/profile when
/tmp/.failsafe exists")
|
| |
|
|
|
|
|
| |
Since dropbear clears the environment, FAILSAFE was not set as intended in
failsafe mode.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
7e945a8 version: bump snapshot
f2168aa compat: kernels < 3.13 modified genl_ops
52004fd crypto: compile on UML
6b69b65 wg-quick: dumber matching for default routes
aa35d9d wg-quick: add the "Table" config option
037c389 keygen-html: remove prebuilt file
No patch refresh required.
Compile-test-for: ar71xx
Run-tested-on: ar71xx Archer C7 v2
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Bump 4.4 to 4.4.107 and refreshed all patches.
Made the following patch for Mediatek and Oxnas compatible with kernel 4.4.107:
0072-mtd-backport-v4.7-0day-patches-from-Boris.patch
Compile-tested: ar71xx
Run-tested: ar71xx
Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
Reviewed-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bump to latest WireGuard snapshot release:
44f8e4d version: bump snapshot
bbe2f94 chacha20poly1305: wire up avx512vl for skylake-x
679e53a chacha20: avx512vl implementation
10b1232 poly1305: fix avx512f alignment bug
5fce163 chacha20poly1305: cleaner generic code
63a0031 blake2s-x86_64: fix spacing
d2e13a8 global: add SPDX tags to all files
d94f3dc chacha20-arm: fix with clang -fno-integrated-as.
3004f6b poly1305: update x86-64 kernel to AVX512F only
d452d86 tools: no need to put this on the stack
0ff098f tools: remove undocumented unused syntax
b1aa43c contrib: keygen-html for generating keys in the browser
e35e45a kernel-tree: jury rig is the more common spelling
210845c netlink: rename symbol to avoid clashes
fcf568e device: clear last handshake timer on ifdown
d698467 compat: fix 3.10 backport
5342867 device: do not clear keys during sleep on Android
88624d4 curve25519: explictly depend on AS_AVX
c45ed55 compat: support RAP in assembly
7f29cf9 curve25519: modularize dispatch
Refresh patches.
Compile-test-for: ar71xx
Run-tested-on: ar71xx Archer C7 v2
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
| |
The generic preinit code is now able to setup network and switch vlan settings
from the /etc/board.json file, therefor drop the target specific code.
Fixes FS#790.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 833c500cb2985e9b76a1aae3b6a577977eee5457)
|
| |
|
|
|
|
|
|
|
| |
Set TMPDIR to the same value as the existing TMP_DIR variable in order to
let gcc and various other utilities use the local temporary directory
instead of the system-wide one.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 52a3477ff91a2009e451d5dce307e9cc945e9ffa)
|
| |
|
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit fc4e7bdca75f4d283374d3dfe0d0ac1cd4885612)
|
| |
|
|
|
| |
Signed-off-by: Leon M. George <leon@georgemail.eu>
(cherry picked from commit 63462910ddb01d9a7391d793228767628aa65db2)
|
| |
|
|
|
|
|
| |
no longer supported
Signed-off-by: Leon M. George <leon@georgemail.eu>
(cherry picked from commit cc0847eda337f948f5ff6e75014aa88e48779677)
|
| |
|
|
|
|
|
| |
Simplifies the code and reduces size
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit d5bcd0240a8f42a05ef31005a9a9dea848d3f7a8)
|
| |
|
|
|
|
|
|
| |
The value of nvram_tuple_t is allocated in _nvram_realloc,
but it is not freed in _nvram_free.
Signed-off-by: Zhai Zhaoxuan <zhaizhaoxuan@xiaomi.com>
(cherry picked from commit c382237ac33a787043b22abc42f0c5a80278baae)
|
| |
|
|
|
|
|
|
| |
Passing the ctrl iface to wpa_supplicant will automatically cause wpa_supplicant
to send "STOP_AP" messages to the hostapd. This breaks the AP interfaces.
Signed-off-by: Antonio Quartulli <ordex@autistici.org>
(cherry picked from commit 0da54fa6428ea98d31b49f5d9a4a272214f5d188)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The beacon_int is currently set explicitly for hostapd and when LEDE uses
iw to join and IBSS/mesh. But it was not done when wpa_supplicant was used
to join an encrypted IBSS or mesh.
This configuration is required when an AP interface is configured together
with an mesh interface. The beacon_int= line must therefore be re-added to
the wpa_supplicant config. The value is retrieved from the the global
variable.
Fixes: 1a16cb9c67f0 ("mac80211, hostapd: always explicitly set beacon interval")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [rebase]
(cherry picked from commit 772afef61dc68e2470f4da130fac862ccf2fb105)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The wpa_supplicant code for IBSS allows to set the mcast rate. It is
recommended to increase this value from 1 or 6 Mbit/s to something higher
when using a mesh protocol on top which uses the multicast packet loss as
indicator for the link quality.
This setting was unfortunately not applied for mesh mode. But it would be
beneficial when wpa_supplicant would behave similar to IBSS mode and set
this argument during mesh join like authsae already does. At least it is
helpful for companies/projects which are currently switching to 802.11s
(without mesh_fwding and with mesh_ttl set to 1) as replacement for IBSS
because newer drivers seem to support 802.11s but not IBSS anymore.
Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [refresh]
(cherry picked from commit 43f66943d0dbf0ed0ec2a9cb071d0fbded2fbe35)
|
| |
|
|
|
|
|
|
|
|
| |
Remove multicast routing firewall rules when the igmpproxy is stopped by
triggering a firewall config change.
Keeping the firewall open from the wan for igmp and udp multicast is not
desired when the igmpproxy service is inactive.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 31ebbe34ccc066c212ef20de0856ab3a428fb801)
|
| |
|
|
|
|
| |
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (PKG_RELEASE increase)
(cherry picked from commit e2f25e607d2092cffa45196e7997854feb464232)
|
| |
|
|
|
|
|
|
| |
When a library is using fortify-packages GCC will complain about
"error: format not a string literal, argument types not checked".
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(cherry picked from commit 6ab45214644166846398e5e520d151c05cc4dd55)
|
| |
|
|
|
|
|
| |
Parts of the build system use non-portable invocation of readlink
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 6bcc1c5331c797004e1b43168eb116d2d14b0102)
|
| |
|
|
|
|
|
|
|
|
|
| |
Update to latest Git in order to fix potential memory corruption and invalid
memory access when handling query strings in conjunction with active basic
authentication.
a235636 2017-11-04 file: fix query string handling
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 05a4200d56efe439e298c8af3d82ac221b0e86e9)
|
| |
|
|
|
| |
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
(cherry picked from commit f5468d248613fee51d19715e0fa6e37012c0eda7)
|
| |
|
|
|
| |
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 06d5d01e8acb4c7012bfa1ce8d432816b98088b0)
|
| |
|
|
|
|
|
|
|
|
| |
Without this change, when a user disables seccomp support in .config,
procd does not get recompiled unless the package is cleaned manually.
It is because when -D option is missing from cmake command line, cmake
uses cached value from the previous run where seccomp was enabled.
Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
(cherry picked from commit 0e300a3a71264d8938b17f9fb0d5f1ab33a0434a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we enable -fstack-protector while building libunwind, function
__stack_chk_fail_local will be referred to for i386 and powerpc32
arches. This will cause link failure because the default gcc build
specs says no link_ssp if -nostdlib is given.
The error message:
OpenWrt-libtool: link: ccache_cc -shared -fPIC -DPIC .libs/os-linux.o mi/.libs/init.o mi/.libs/flush_cache.o mi/.libs/mempool.o mi/.libs/strerror.o x86/.libs/is_fpreg.o x86/.libs/regname.o x86/.libs/Los-linux.o mi/.libs/backtrace.o mi/.libs/dyn-cancel.o mi/.libs/dyn-info-list.o mi/.libs/dyn-register.o mi/.libs/Ldyn-extract.o mi/.libs/Lfind_dynamic_proc_info.o mi/.libs/Lget_accessors.o mi/.libs/Lget_proc_info_by_ip.o mi/.libs/Lget_proc_name.o mi/.libs/Lput_dynamic_unwind_info.o mi/.libs/Ldestroy_addr_space.o mi/.libs/Lget_reg.o mi/.libs/Lset_reg.o mi/.libs/Lget_fpreg.o mi/.libs/Lset_fpreg.o mi/.libs/Lset_caching_policy.o x86/.libs/Lcreate_addr_space.o x86/.libs/Lget_save_loc.o x86/.libs/Lglobal.o x86/.libs/Linit.o x86/.libs/Linit_local.o x86/.libs/Linit_remote.o x86/.libs/Lget_proc_info.o x86/.libs/Lregs.o x86/.libs/Lresume.o x86/.libs/Lstep.o x86/.libs/getcontext-linux.o -Wl,--whole-archive ./.libs/libunwind-dwarf-local.a ./.libs/libunwind-elf32.a -Wl,--no-whole-archive -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/target-i386_i486_musl-1.1.16/usr/lib -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/target-i386_i486_musl-1.1.16/lib -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/toolchain-i386_i486_gcc-5.4.0_musl-1.1.16/usr/lib -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/toolchain-i386_i486_gcc-5.4.0_musl-1.1.16/lib -lc -lgcc -Os -march=i486 -fstack-protector -Wl,-z -Wl,now -Wl,-z -Wl,relro -nostartfiles -nostdlib -Wl,-soname -Wl,libunwind.so.8 -o .libs/libunwind.so.8.0.1
.libs/os-linux.o: In function `_Ux86_get_elf_image':
os-linux.c:(.text+0x588): undefined reference to `__stack_chk_fail_local'
x86/.libs/Lregs.o: In function `_ULx86_access_fpreg':
Lregs.c:(.text+0x25b): undefined reference to `__stack_chk_fail_local'
x86/.libs/Lresume.o: In function `_ULx86_resume':
Lresume.c:(.text+0xdc): undefined reference to `__stack_chk_fail_local'
collect2: error: ld returned 1 exit status
Makefile:2249: recipe for target 'libunwind.la' failed
The snippet from gcc -dumpspecs
%{!nostdlib:%{!nodefaultlibs:%(link_ssp) %(link_gcc_c_sequence)}}
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit f0c37f6ceb10a1db0193d4270c6807c0b2f7a3a0)
|
| |
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 20d363aed395e07ff42fe648f898b17f2077cc82)
|
| |
|
|
|
|
|
|
| |
This fixes a compile problem recently introduced by me.
Fixes: f40fd43ab2f ("ppp: fix compile warning")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a29848c67180396656e4e8a7ef47ae5b441a7325)
|
| |
|
|
|
| |
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f40fd43ab2fe0f5c707a07eb036e84af086f3066)
|
| |
|
|
|
|
|
| |
Add CONFIG_DROPBEAR_UTMP, CONFIG_DROPBEAR_PUTUTLINE to PKG_CONFIG_DEPENDS
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 834c93e00bee4f7253a5c64d1a9c8202b1082b1a)
|
| |
|
|
|
|
|
|
|
|
| |
Adds config option to enable compression support which is usefull
when using a terminal sessions over a slow link. Impact on binary
size is negligible but additional 60 kB (uncompressed) is needed for
a shared zlib library.
Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
(cherry picked from commit a816e1eac761bfdac720d00d15feb18b7b9fd1e3)
|
| |
|
|
|
| |
Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
(cherry picked from commit 1a5bf778fb4f8b648716d9f8275c6a0af503cfe5)
|
| |
|
|
|
|
|
|
|
|
| |
Fixes CVE-2017-12166: out of bounds write in key-method 1.
Remove the mirror that was temporarily added during the
2.4.3 release.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit a9a37526a9df3b565f5242857d17887cb492afab)
|
| |
|
|
|
|
|
|
|
| |
Since $(DownloadMethod/unknown) is being invoked in the expansion of
$(call locked ...) anyway, you can't have an @ because the shell
doesn't know what to do with it.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit 76ba01a39216b8460846808b2fc10d5ee230a324)
|
