aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* kernel: Hide kernel options behind a menuFlorian Fainelli2017-05-261-1/+3
| | | | | | | | We are starting to add more and more kernel configurable options, to the point where the Global build options menu is not really usable anymore, hide all kernel-related configuration options behind a menu. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* elfutils: Pass -Wno-unused-result to silence warnings as errorsFlorian Fainelli2017-05-261-1/+1
| | | | | | | | | | | | | | | | | | | elfutils turns on -Werror by default, and patch 100-musl-compat.patch changes how strerror_r is used and we no longer use the function's return value. This causes the following build error/warning to occur with glibc-based toolchains: dwfl_error.c: In function 'dwfl_errmsg': dwfl_error.c:158:18: error: ignoring return value of 'strerror_r', declared with attribute warn_unused_result [-Werror=unused-result] strerror_r (error & 0xffff, s, sizeof(s)); ^ cc1: all warnings being treated as errors Fixing this would be tricky as there are two possible signatures for strerror_r (XSI and GNU), just turn off unused-result warnings instead. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* dnsmasq: add dhcp-script hook for other packagesNick Brassel2017-05-263-5/+59
| | | | | | | | | | | | | Adds a script which acts as a hook for when dnsmasq creates/destroys a lease, or completes a TFTP file transfer. The hook loops through scripts in appropriate directories inside '/etc/hotplug.d', executing each one with the same arguments supplied by dnsmasq. In case dnsmasq is jailed by ujail the dhcp-script hook will not work as expected as ujail does not yet support executing a script within a jail. Signed-off-by: Nick Brassel <nick@tzarc.org> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* treewide: fix device tree path in scriptsMathias Kresin2017-05-262-2/+2
| | | | | | | | The device tree is at /proc/device-tree/ without a base subdir. Fixes: da472e5b30f6 ("treewide: access device tree from userspace via /proc/") Signed-off-by: Mathias Kresin <dev@kresin.me>
* Revert "sysupgrade: run only one instance at a time."Jo-Philipp Wich2017-05-261-14/+0
| | | | | | | | | | | | | This reverts commit e96a9a9af82c00dcce606a84a7bb87a00411385d. The change breaks sysupgrade through LuCI and two-stage sysupgrade on NAND targets. There is also a mismatch of file paths in lock and unlock operations. This commit was apparently neither properly tested, nor reviewed, so drop it for now. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ramips: add support for GL-inet GL-MT300N-V2Kyson Lok2017-05-267-0/+155
| | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds supports for the GL-inet GL-MT300N-V2. Specification: - SoC: MediaTek MT7628AN - Flash: 16 MiB (W25Q128FVSG) - RAM: 128 MiB DDR - Ethernet: 1 x WAN (100 Mbps) and 1 x LAN (100 Mbps) - USB: 1 x USB 2.0 port - Button: 1 x switch button, 1 x reset button - LED: 3 x LEDS (system power led is not GPIO controller) - UART: 1 x UART on PCB (JP1: 3.3V, RX, TX, GND) Installation through Luci: - The original firmware is LEDE, so both LuCI or sysupgrade can be used. - Do not keep settings, for sysupgrade please use the -n option. Installation through bootloader webserver: - Plug power and hold reset button until red LED blink to bright. - Install sysupgrade image using web interface on 192.168.1.1. Signed-off-by: Kyson Lok <kysonlok@gmail.com> [match maximum image size with firmware partition] Signed-off-by: Mathias Kresin <dev@kresin.me>
* treewide: access device tree from userspace via /proc/Mathias Kresin2017-05-262-2/+2
| | | | | | | Access the device tree via /proc/device-tree/ is the documented way to access the properties. Everything else might not work in future. Signed-off-by: Mathias Kresin <dev@kresin.me>
* flex: update to 2.6.4 (FS#809)Eric Luehrsen2017-05-261-3/+3
| | | | | | flex 2.6.3 has a bug which fails code generation and compile of some packages Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
* x86/legacy: disable PAE againDaniel Golle2017-05-251-1/+1
| | | | | | | | | | | commit 961c0eacea ('x86: fix lifting kernel CPU requirements and always enable PAE') broke some older geode boards such as Soekris net4826. Hence disable PAE on x86/legacy again in order to still support those very old non-PAE capable CPUs. Fixes FS#773 - PAE broke Soekris net4826 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* build: fix QUILT related overridesFelix Fietkau2017-05-251-10/+12
| | | | | | They need to be defined before including quilt.mk Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iptables: fix typos in 600-shared-libext.patch (FS#711)Felix Fietkau2017-05-251-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* DWR-512: adding wwan support for the dwr-512 3G modemGiuseppe Lippolis2017-05-254-17/+51
| | | | | | | | | This PR allow the 3G modem embedded in the DWR-512 to be managed by the wwan-ncm scripts. The modem will use the usb-option and usb-cdc-ether drivers. The DWR-512 DT is updated accordingly. Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
* gcc: fix documentation entries added by 910-mbsd_multi.patchFelix Fietkau2017-05-252-12/+12
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* scripts/download.pl: print the command used to download filesFelix Fietkau2017-05-251-0/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* xfsprogs: update to 4.11.0Felix Fietkau2017-05-2512-341/+49
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tools/libressl: update to 2.5.4Hannu Nyman2017-05-251-3/+3
| | | | Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* tools/flex: update to 2.6.3Hannu Nyman2017-05-252-4/+4
| | | | | | | | * update flex to 2.6.3 * download .tar.gz (as upstream has dropped .xz) * refresh patches Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* tools/cmake: update to 3.8.1Hannu Nyman2017-05-255-11/+11
| | | | | | | | | | * update cmake to 3.8.1 * refresh patches Release notes: https://cmake.org/cmake/help/v3.8/release/3.8.html Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* x86_64: add drivers for Xeon controller hub based GPIOPhilip Prindeville2017-05-251-2/+4
| | | | | | | These drivers are in many reference-design Xeon, iCore, or Atom64 based server boards. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* json-c: disable implicit fallthrough warning (gcc 7)Felix Fietkau2017-05-251-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firewall: update to the latest version, fixes a gcc7 build errorFelix Fietkau2017-05-251-3/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* toolchain: add gcc 7.1.0 supportFelix Fietkau2017-05-2523-1/+775
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tools/isl: update to 0.18Syrone Wong2017-05-251-2/+2
| | | | Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
* octeon: remove linux 4.4 supportFelix Fietkau2017-05-256-2051/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: fix quilt for mixed package/host buildsFelix Fietkau2017-05-251-23/+24
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: set QUILT=1 automatically when calling package host build refreshFelix Fietkau2017-05-251-1/+1
| | | | | | Makes behavor consistent with package builds and regular host builds Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: stop overriding STAGING_DIR_HOST for toolchain buildFelix Fietkau2017-05-255-14/+8
| | | | | | | | | This causes various issues in other places that assume that host binaries are staged in STAGING_DIR_HOST. Since all the right places use HOST_BUILD_PREFIX, override that instead. This fixes some issues with quilt on toolchain dirs Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: fix autoloading arch-specific modulesYousong Zhou2017-05-253-9/+9
| | | | | | Fixes FS#745 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* backlight-pwm: fix module descriptionYousong Zhou2017-05-251-1/+1
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* sysupgrade: run only one instance at a time.Kenneth Johansson2017-05-251-0/+14
| | | | | | | Things do not work well if running multiple instances of upgrade at the same time. Signed-off-by: Kenneth Johansson <kenneth.johansson@inteno.se>
* include: Determine MODULES_DIR correctly for external/git kernelsFlorian Fainelli2017-05-251-3/+5
| | | | | | | | | | | | | | When using external or git cloned kernels, any kind of modifications will alter KERNELRELEASE. LEDE still tries to stage modules in lib/modules/$(LINUX_UNAME_VERSION) and LINUX_UNAME_VERSION is based on KERNEL_PATCHVER (indirectly) so this does not work, and we lose all kinds of automatic modules loading. To remedy that, just cat $(LINUX_DIR)/include/config/kernel.release which is late enough the kernel has prepared this file, and is correctly tracking changes done throughout the kernel. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* include: Do not alter KERNELRELEASE for external/git kernelsFlorian Fainelli2017-05-251-1/+6
| | | | | | | | | In case we use external and/or git cloned kernels, let the kernel determine the appropriate KERNELRELEASE. We cannot used LINUX_UNAME_VERSION because that one gets determined at a later time, when the kernel is already built proper. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* Revert "kernel: prevent addition of scm marker to localversion"Florian Fainelli2017-05-251-4/+0
| | | | | | | | | | This reverts commit 0df2c6563a3537ed21b28a9fb6874bf2718afd05 since it gets in the way of identifying properly which kernel we are running. This is particularly important if LEDE is using external kernels/git cloned kernels. We want to make sure we only load modules from that specific kernel. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* kernel: add kmod-usb-net-pl packageRoman Spychała2017-05-251-0/+13
| | | | | | Kernel support for Prolific PL-2301/2302/25A1 based cables Signed-off-by: Roman Spychała <roed@onet.eu>
* Make GBit switch work on RB2011René Mayrhofer2017-05-251-1/+2
| | | | | | | | | | | | | | | | | | | | | This change is required to make the GBit switch work on my Mikrotik Routerboard RB2011UiAS-RM, and I assume that the other RB2011 variants are exactly the same in terms of the switch. I have tested the board without and with the patch and confirm that the GBit ports are not supported at all (i.e. no communication works) with the current version in trunk and that everything works with the patch applied. The test box has been running for a few days with the patch applied, and does not show any performance problems in a test setting. I have not used it with LEDE in production so far, but with a previous turnk version of OpenWRT for many years - with the same patch applied. I therefore have good indication that it is stable. For the record, the switch chip on my test box is identified as switch0: Atheros AR8327 rev. 4 switch registered on ag71xx-mdio.0 The value 0x6f000000 has been taken from the table at https://wiki.openwrt.org/toh/mikrotik/rb2011uias with the previous discussion thread still online at https://lists.openwrt.org/pipermail/openwrt-devel/2014-December/029949.html. One definite improvement from the older OpenWRT trunk version I have been running in production and current LEDE trunk is that the SFP interface can be kept in the default configuration without excessive kernel messages about it constantly going up and down. I have not yet tested an actual SFP module, though. Performance seems to be reasonable. Routing between two GBit ports on that switch separated by different VLANs with the default firewall ruleset (and one additional rule two allow traffic between the VLANs), but without NAT, iperf3 results are: [ ID] Interval Transfer Bandwidth Retr [ 4] 0.00-10.00 sec 508 MBytes 426 Mbits/sec 102 sender [ 4] 0.00-10.00 sec 506 MBytes 425 Mbits/sec receiver With a connection going through NAT (also 2 ports on the same GBit switch, same ruleset, but NAT active), routing performance drops to around 250 MBit/s. (Note that RouterOS achieves beyond 900 MBit/s on the same hardware with the default rule set and the FastTrack rule active even for NAT, see https://wiki.mikrotik.com/index.php?title=Manual:IP/Fasttrack and http://www.mikrotik.com/download/share/FastTrack.pdf). Summarizing, I strongly recommend to apply this patch in trunk, so that the GBit switch chip rev. 4 can be supported upstream in the next LEDE release (hopefully soon). Signed-off-by: René Mayrhofer <rene@mayrhofer.eu.org>
* ar71xx: change image version for ubiquiti devicesMatthias Fritzsche2017-05-251-3/+3
| | | | | | | | | | changes the image version from hardcoded OpenWrt to $VERSION_DIST. AirOS shows a notification with the image version during a firmware upgrade. fixes #582 Signed-off-by: Matthias Fritzsche <txt.file@txtfile.eu>
* lldpd: bump to 0.9.7Stijn Tintel2017-05-241-2/+2
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* samba: fix CVE-2017-7494Stijn Tintel2017-05-242-4/+33
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* brcm2708: enable cpufreqStijn Tintel2017-05-233-8/+42
| | | | | | | | | | | | | With cpufreq disabled, the CPU stays locked at the frequency set by the bootloader. This severely degrades performance as the bootloader sets the CPU at the lowest frequency by default. Enable cpufreq for all subtargets and use the ondemand governor. Tested bcm2708 on RPi0W. Tested bcm2709 and bcm2710 on RPi3. Reported-by: Bryan Mayland <bmayland@capnbry.net> Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* dnsmasq: bump to 2.77rc5Hans Dedecker2017-05-221-3/+3
| | | | | | | | | | | | | Some small tweaks and improvements : 9828ab1 Fix compiler warning. f77700a Fix compiler warning. 0fbd980 Fix compiler warning. 43cdf1c Remove automatic IDN support when building i18n. ff19b1a Fix &/&& confusion. 2aaea18 Add .gitattributes to substitute VERSION on export. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* 6rd: add 6rd specific settings as nested json objectHans Dedecker2017-05-222-3/+7
| | | | | | Add 6rd specific settings prefix, relay-prefix as a nested data json object Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to git HEAD versionHans Dedecker2017-05-221-3/+3
| | | | | | | | | | | 7573880 system-linux: parse 6rd specific settings as nested json data object a063705 system-linux: remove redundant check for strtoul() return value e6ebe0b build: disable unknown warning option error in clang 08d8f47 interface: add new "ifup-failed" hotplug event 20a1bac bridge: reset primary only after marking the member not present 6b9c267 build: suppress format truncation warnings to avoid errors with gcc7 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* umdns: update to the version 2017-05-22Rafał Miłecki2017-05-221-3/+3
| | | | | | | | | | | | | | | | This includes following changes: 0e8b948 Support specifying instance name in JSON file 49fdb9f Support PTR queries for a specific service 26ce7dc Allow filtering with instance name in service_reply 920c62a Store instance name in the struct service ff09d9a Rename service_name function to the service_instance_name 64f78f1 Rename mdns_hostname variable to the umdns_host_label Previous package update pulled commit 70c66fbbcde86 ("Fix sending replies to PTR questions") which introduced a regression which this update fixes. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* fstools: update to the latest versionFelix Fietkau2017-05-221-3/+3
| | | | | | | | | 88d48d5 libfstools: silence mkfs.{ext4,f2fs} a19f2b3 build: disable the format-truncation warning error to fix gcc 7 build errors 633a8d0 libfstools: fix multiple volume_identify usages with the same volume c43ae11 fstools: use -Wno-format-truncation instead of -Wno-error=format-truncation Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libunwind: update to 1.2Yousong Zhou2017-05-223-19/+58
| | | | | | | | | | | Addresses CVE-2015-3239: Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes. Upstream stable-v1.2 fixed the missing unwind_i.h issue but no new tarball is released yet Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* dropbear: bump to 2017.75Kevin Darbyshire-Bryant2017-05-212-17/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Security: Fix double-free in server TCP listener cleanup A double-free in the server could be triggered by an authenticated user if dropbear is running with -a (Allow connections to forwarded ports from any host) This could potentially allow arbitrary code execution as root by an authenticated user. Affects versions 2013.56 to 2016.74. Thanks to Mark Shepard for reporting the crash. CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c - Security: Fix information disclosure with ~/.ssh/authorized_keys symlink. Dropbear parsed authorized_keys as root, even if it were a symlink. The fix is to switch to user permissions when opening authorized_keys A user could symlink their ~/.ssh/authorized_keys to a root-owned file they couldn't normally read. If they managed to get that file to contain valid authorized_keys with command= options it might be possible to read other contents of that file. This information disclosure is to an already authenticated user. Thanks to Jann Horn of Google Project Zero for reporting this. CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123 Refresh patches, rework 100-pubkey_path.patch to work with new authorized_keys validation. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* mac80211: add support for rtl8821ae pcie adapterHans Ulli Kroll2017-05-211-2/+22
| | | | | | | | | Add support for Realtek RTL8821AE/RTL8812AE PCIe adapter. This device supports 802.11ac and bluetooth testet on PC Engines APU with AP and STA mode Signed-off-by: Hans Ulli Kroll <ulli.kroll@googlemail.com>
* linux-firmware: add firmware for rtl8821ae supportHans Ulli Kroll2017-05-211-0/+8
| | | | | | Add needed firmware to support rtl8821ae pcie adapter Signed-off-by: Hans Ulli Kroll <ulli.kroll@googlemail.com>
* lantiq: spi: double time out toleranceHauke Mehrtens2017-05-211-0/+37
| | | | | | | | | | | | | | | | | | | The generic SPI code calculates how long the issued transfer would take and adds 100ms in addition to the timeout as tolerance. On my 500 MHz Lantiq Mips SoC I am getting timeouts from the SPI like this when the system boots up: m25p80 spi32766.4: SPI transfer timed out blk_update_request: I/O error, dev mtdblock3, sector 2 SQUASHFS error: squashfs_read_data failed to read block 0x6e After increasing the tolerance for the timeout to 200ms I haven't seen these SPI transfer time outs any more. The Lantiq SPI driver in use here has an extra work queue in between, which gets triggered when the controller send the last word and the hardware FIFOs used for reading and writing are only 8 words long. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.9 to 4.9.29Koen Vandeputte2017-05-2171-1089/+149
| | | | | | | | | | | | | - Refresh all patches - Removed upstreamed - Adapted 1 Compile tested on: bcm53xx, cns3xxx, imx6, lantiq Run tested on: cns3xxx & imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> [update from 4.9.28 to 4.9.29] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>