| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
Update make_ext4fs to latest git head in order to support creating empty
filesystem images by making the source directory argument optional.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
| |
Instead of introducing a fake filesystem type, move the tar generation step
directly into the image build step.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
| |
This is not a strict rule but it matches better this one:
7xx - network / phy driver patches
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
|
|
|
| |
The previous image building code rework removed the rootfs.tar.gz with embedded
kernel and dtb build artifact which is required to build suitable SD images.
Reintroduce a .tar.gz artifact locally which embeds kernel and dtb, similar to
how the old code handled it.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Yue Cao claims that current host rate limiting of challenge ACKS
(RFC 5961) could leak enough information to allow a patient attacker
to hijack TCP sessions. He will soon provide details in an academic
paper.
Backports upstream commit 75ff39ccc1bd5d3c455b6822ab09e533c551f758
to the used LEDE kernel versions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
| |
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
|
| |
Also configure the switch based on the failsafe config, and create the
failsafe interface as tagged if necessary.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
|
| |
In preparation of properly setting up vlans and switches, add
support for configuring failsafe on a vlan tagged interface.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
| |
Make use of the existing board.d to autodetect lan ifname in a generic way.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
|
| |
Move preinit interface and ip config to its own function to allow
calling it from more than one place.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
|
| |
Allow passing a filename to change the location of the generated
board.json.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
|
| |
Instead of board_detect generating the config as a side effect, let
config_generate call board_detect as needed.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
|
| |
Should fix parser data containing uninitialized values for of probed
physmap flashes, which could break e.g. the redboot parser.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
| |
Make sure SOURCE_DATE_EPOCH actually contains something.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Similar how we fix the file times in the filesystems, fix the build time
of the kernel, and make the build number static. This should allow the
kernel build to be reproducable when combined with setting the
KERNEL_BUILD_USER and _DOMAIN in case of different machines.
The reproducability only applies to non-initramfs kernels, those still
require additional changes.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Security: Message printout was vulnerable to format string injection.
If specific usernames including "%" symbols can be created on a system
(validated by getpwnam()) then an attacker could run arbitrary code as root
when connecting to Dropbear server.
A dbclient user who can control username or host arguments could potentially
run arbitrary code as the dbclient user. This could be a problem if scripts
or webpages pass untrusted input to the dbclient program.
- Security: dropbearconvert import of OpenSSH keys could run arbitrary code as
the local dropbearconvert user when parsing malicious key files
- Security: dbclient could run arbitrary code as the local dbclient user if
particular -m or -c arguments are provided. This could be an issue where
dbclient is used in scripts.
- Security: dbclient or dropbear server could expose process memory to the
running user if compiled with DEBUG_TRACE and running with -v
The security issues were reported by an anonymous researcher working with
Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
| |
adds support for the Linksys WRT1900ACSv2 and WRT1200ACv2
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
set network interface for failsafe mode to eth0 for all boards
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
| |
This generates proper images when using CONFIG_TARGET_MULTI_PROFILE and
CONFIG_TARGET_PER_DEVICE_ROOTFS.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
| |
This allows using USB out of the box.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
| |
Thanks to this images for SoftMAC devices don't get brcmfmac anymore and
b43 is added for devices with (quite poor) support only.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
|
|
|
| |
Among other things, this compiles out support for peer caching.
The feature did not seem to work well in my testing of AP mode,
and totally breaks my own special use of station mode.
Briefly tested on ea8500.
Signed-off-by: Ben Greear <greearb@candelatech.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
ath10k-ct driver was using bad defaults for 9980 if user
had not specified a fwcfg file to over-ride them.
Also, support configurable station-kickout-threshold,
which might work around issues with flakey connections.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix PKG_VERSION]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes the LEDE build on mounted NFSv4 shares.
The lock file cannot be opened in read-write mode by default, because
then we cannot use flock(1) to lock executable files.
The read-write mode for lock files is necessary on NFSv4 where
flock(2) is emulated by by fcntl() -- this situation is possible to
detect by flock(2) EBADF error.
The patch consist of the following util-linux/flock commits
http://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=eb742a1f66d5e3a7c5b43efce741c113f51bef3b
http://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=caf1ba11a367ad702fb774653daf9ebdcca49d7b
without including the pre kernel 3.4 support.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [minor cleanup]
|
| |
|
|
|
|
| |
Tested with eglibc on x86 and armv7 so far
Signed-off-by: Matteo Croce <matteo.croce@canonical.com>
|
| |
|
|
|
|
|
| |
9pfs is used by kvm to share files between host and guest,
add proper config option to enable it.
Signed-off-by: Matteo Croce <matteo.croce@canonical.com>
|
| |
|
|
|
|
|
|
| |
RADIUS accounting can be used even when RADIUS authentication is not
used. Move the accounting configuration outside of the EAP-exclusive
sections.
Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
It should be the last device with FullMAC chipset to convert.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
| |
It's one more device with FullMAC that got forgotten in the previous
commit.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
|
| |
This allows building images for selected devices with brcmfmac only
(without b43 which is for SoftMAC devices).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Reviewed-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
| |
Thunder Timecloud is a small NAS with MT7621A. It has 1 USB port and an
SD Card slot. There is no wireless cards.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The pi_* variables and the fs_failsafe_wait_timeout variable are set by
the CONFIG_TARGET_PREINIT_* config options. No need to maintain the same
values twice.
All other fs_ variables were never used.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
|
|
| |
Due to missing parameter the package wasn't build for the xway target.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
|
|
|
| |
Due to the missing carrier status set, the interface wasn't usable on a
BTHOMEHUB2B after ip link down and up as it is done in preinit.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
| |
Signed-off-by: Jimmy Zhong <mb300sd@mb300sd.net>
|
| |
|
|
|
|
|
|
| |
According to the author of the cpu temp driver, not all xrx200 boards
have a cpu temperature sensor. For that reason enable the sensor only
for tested boards.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
|
|
|
| |
Do not set the lan mac address for boards which having the lan mac
address already set in device tree source file.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The device tree binding and the associated code duplicates functionality
already patched into the etop driver. The compatible string isn't used
any more. Therefore the whole code can be dropped.
The "mac-increment" property allowed to increment a mac address received
via kernel cmdline. This functionality isn't used by any device and
should be added as etop driver device tree property if required again.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
|
|
|
| |
Use the generic mtd-mac-address dts property to get a mac address from
flash instead of the lantiq specific one.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use the same mac address increment in device tree source file and
userspace.
Don't add a mac address increment to either the only mtd mac-address or
to all mac-addresses.
Fix a typo in the TDW89X0.dtsi file to add an increment.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
|
|
|
|
|
|
| |
All device tree nodes are using the named properties now and the code
path handling the reg property isn't required any more.
The code related to the ath,eep-flash property has been reformatted to
be better readable.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
|
|
|
| |
No functional change, just easier to get what's the purpose of the hex
values.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
| |
|
|
|
|
|
|
|
|
|
| |
The conversion to the new image building code accidentally caused the kernel
image to get compressed twice, leading to boot failures when kernel and rootfs
are flashed separately.
The sysupgrade images have been unaffected by this. Also restore the elf
kernel build artifact while we're at it.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
