aboutsummaryrefslogtreecommitdiffstats
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
* iptables: Fix target TRACE issueMartin Wetterwald2017-10-271-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | The package kmod-ipt-debug builds the module xt_TRACE, which allows users to use '-j TRACE' as target in the chain PREROUTING of the table raw in iptables. The kernel compilation flag NETFILTER_XT_TARGET_TRACE is also enabled so that this feature which is implemented deep inside the linux IP stack (for example in sk_buff) is compiled. But a strace of iptables -t raw -I PREROUTING -p icmp -j TRACE reveals that an attempt is made to read /usr/lib/iptables/libxt_TRACE.so, which fails as this dynamic library is not present on the system. I created the package iptables-mod-trace which takes care of that, and target TRACE now works! https://dev.openwrt.org/ticket/16694 https://dev.openwrt.org/ticket/19661 Signed-off-by: Martin Wetterwald <martin.wetterwald@corp.ovh.com> [Jo-Philipp Wich: also remove trace extension from builtin extension list and depend on kmod-ipt-raw since its required for rules] Signed-off-by: Jo-Philipp Wich <jo@mein.io> Tested-by: Enrico Mioso <mrkiko.rs@gmail.com>
* include: Silence external kernel version checksFlorian Fainelli2017-10-241-1/+1
| | | | | | | | | | | | | | During the initial configuration phases, we have not set-up the kernel source directory, which would lead to such messages: cat: /local/users/fainelli/openwrt/trunk/build_dir/target-x86_64_musl/linux-uml/linux-4.9.58/include/config/kernel.release: No such file or directory Just silence it, since it does not create a functional problem. Fixes: 8e0e0e7d8bfb ("include: Determine MODULES_DIR correctly for external/git kernels") Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* kernel: fixup KARCH for powerpc64 buildsFlorian Larysch2017-10-241-0/+2
| | | | | | | The kernel calls both ppc64 and ppc32 "powerpc", so we need to fixup LINUX_KARCH when building with ARCH=powerpc64. Signed-off-by: Florian Larysch <fl@n621.de>
* target: add cpu flags for powerpc64Florian Larysch2017-10-241-0/+4
| | | | Signed-off-by: Florian Larysch <fl@n621.de>
* include/site: add powerpc64 configFlorian Larysch2017-10-241-0/+26
| | | | | Signed-off-by: Florian Larysch <fl@n621.de> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* include: Include new location for DT bindingsFlorian Fainelli2017-10-231-0/+1
| | | | | | | | | Starting with commit d5d332d3f7e8 ("devicetree: Move include prefixes from arch to separate directory") included in 4.12 and newer relocated the dt-bindings directory, so account for that while passing CPPFLAGS before DTC runs. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* kernel: bump 4.9 to 4.9.58Stijn Tintel2017-10-231-2/+2
| | | | | | | | Refresh patches. Compile-tested: ar71xx, octeon, x86/64. Runtime-tested: octeon, x86/64. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: bump 4.4 to 4.4.93Kevin Darbyshire-Bryant2017-10-181-2/+2
| | | | | | | | | | | | | | No patch refresh required. Compile-tested for ar71xx - Archer C7 v2 Runtime-tested on ar71xx - Archer C7 v2 Fixes the following CVEs: - CVE-2017-15265 - CVE-2017-0786 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: bump 4.9 to 4.9.57Kevin Darbyshire-Bryant2017-10-181-2/+2
| | | | | | | | | | | | | | | | Refresh patches. Compile-tested for ar71xx - Archer C7 v2 Runtime-tested on ar71xx - Archer C7 v2 Fixes the following CVEs: - CVE-2017-7518 - CVE-2017-0786 - CVE-2017-1000255 - CVE-2017-12188 - CVE-2017-15265 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: bump 4.4 to 4.4.92Kevin Darbyshire-Bryant2017-10-141-2/+2
| | | | | | | | | No patch refresh changes required. Compile tested for: ar71xx Archer C7 v2 Run tested: ar71xx Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* image-commands: tplink-v2-header: pass kernel loadaddr and entryAlexander Couzens2017-10-091-1/+2
| | | | | | | Initramfs images won't boot if the default loadaddr and entrypont is different. Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* kernel: bump 4.9 to 4.9.54Stijn Tintel2017-10-081-2/+2
| | | | | | | | | | | | | Refresh patches. Remove upstreamed patches: - ramips/0067-enable-mt7621-xhci.patch - ramips/0085-pinmux-util.patch - ramips/301-fix-rt3883.patch Compile-tested on brcm2708/bcm2708, octeon, ramips/mt7621, x86/64. Runtime-tested on brcm2708/bcm2708, octeon, ramips/mt7621, x86/64. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: bump 4.4 to 4.4.91Kevin Darbyshire-Bryant2017-10-081-2/+2
| | | | | | | | | Refresh patches. Compile-tested for: ar71xx Archer C7 v2 Run-tested on: ar71xx Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: update 4.9 to 4.9.53Stijn Tintel2017-10-071-2/+2
| | | | | | | | | | | | | Refresh patches. Compile-tested on brcm2708/bcm2708, octeon and x86/64. Runtime-tested on brcm2708/bcm2708, octeon and x86/64. Fixes the following CVEs: - CVE-2017-1000252 - CVE-2017-12153 - CVE-2017-12154 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: update 4.4 to 4.4.90Kevin Darbyshire-Bryant2017-10-071-2/+2
| | | | | | | | | | | | | | | No patch refresh required. Compile & run tested: ar71xx Archer C7 v2 Fixes the following CVEs: - CVE-2017-1000252 - CVE-2017-12153 - CVE-2017-12154 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> [reference fixed CVEs] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* build: add mktplinkfw2 hardcoded values to makefileThibaut VARÈNE2017-10-061-3/+8
| | | | | | | | | | | This patch adds all the board-specific values currently hardcoded in mktplinkfw2.c back to the respective device declarations in the makefiles. The rationale is to avoid modifying the source code every time a new board or board variant is added. Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* build: add a darwin sitefile to deal with macOS 10.12 + Xcode 9 build errorsFelix Fietkau2017-10-052-0/+7
| | | | | | | Certain functions are available in system headers, but only work on macOS 10.13 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: update 4.4 to 4.4.89Kevin Darbyshire-Bryant2017-09-291-2/+2
| | | | | | | Refresh patches. Compile & run tested on ar71xx Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: update 4.9 to 4.9.52Stijn Tintel2017-09-281-2/+2
| | | | | | | | Refresh patches. Compile-tested on x86/64. Runtime-tested on x86/64. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: update 4.9 to 4.9.51Stijn Tintel2017-09-201-2/+2
| | | | | | | | | | | | Refresh patches. Compile-tested on octeon and x86/64. Runtime-tested on octeon and x86/64. Fixes the following CVEs: - CVE-2017-14106 - CVE-2017-14497 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* build: add image command for installing zImage file.Sandeep Sheriker Mallikarjun2017-09-201-0/+5
| | | | Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
* build: remove @ as it's causing an errorPhilip Prindeville2017-09-201-1/+1
| | | | | | | | Since $(DownloadMethod/unknown) is being invoked in the expansion of $(call locked ...) anyway, you can't have an @ because the shell doesn't know what to do with it. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* kernel: update 4.9 to 4.9.50Stijn Tintel2017-09-181-2/+2
| | | | | | | | | | | | Refresh patches. Compile-tested on ipq8065/nbg6817 and x86/64. Runtime-tested on ipq8065/nbg6817 and x86/64. Fixes CVE-2017-1000251. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> [adapt qcom_nandc.c patches to match upstream changes, test ipq8065/nbg6817] Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
* kernel: update to 3.18.71Florian Fainelli2017-09-181-2/+2
| | | | | | | | | | Delete a bunch of fixes that are already included. Refresh patches. Compile-tested on malta/mipsel Runtime-tested on malta/mipsel Signed-off-by: Florian Fainelli <f.fainelli@gmail.com> Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update 4.4 to 4.4.88Kevin Darbyshire-Bryant2017-09-161-2/+2
| | | | | | | Refresh patches. Compile & run tested: ar71xx Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: update 4.9 to 4.9.49Stijn Tintel2017-09-111-2/+2
| | | | | | | | | | Refresh patches. Compile-tested on octeon and x86/64. Runtime-tested on octeon and x86/64. Fixes CVE-2017-11600. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: update 4.4 to 4.4.87Kevin Darbyshire-Bryant2017-09-091-2/+2
| | | | | | | | | | Fixes CVE-2017-11600 No patch refresh required Compile & run tested: ar71xx - Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: update 4.4 to 4.4.86Kevin Darbyshire-Bryant2017-09-051-2/+2
| | | | | | | | Refresh patches Compile & run tested: ar71xx - Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: update 4.9 to 4.9.47Stijn Tintel2017-09-031-2/+2
| | | | | | | | Refresh patches. Compile-tested on ramips/mt7621 and x86/64. Runtime-tested on ramips/mt7621 and x86/64. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: update 4.4 to 4.4.85Kevin Darbyshire-Bryant2017-08-311-2/+2
| | | | | | | | Refresh patches Compile & run tested: ar71xx - Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* kernel: update 4.9 to 4.9.45Koen Vandeputte2017-08-301-2/+2
| | | | | | | | Refreshed all patches Compiled & run-tested on targets: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: update 4.4 to 4.4.83Kevin Darbyshire-Bryant2017-08-171-2/+2
| | | | | | | | | | | | | | | | | Refresh patches. Minor update 704-phy-no-genphy-soft-reset.patch which was partially accepted upstream. Compile-tested on ar71xx. Runtime-tested on ar71xx. Fixes the following vulnerabilities: - CVE-2017-7533 (4.4.80) - CVE-2017-1000111 (4.4.82) - CVE-2017-1000112 (4.4.82) Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> [cleanup commit message, add compile/runtime tested] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: update 4.9 to 4.9.44Stijn Tintel2017-08-171-2/+2
| | | | | | | | | | | | | | | Refresh patches. Adapt 704-phy-no-genphy-soft-reset.patch. Remove brcm2708/950-0005-mm-Remove-the-PFN-busy-warning.patch. Compile-tested on brcm2708/bcm2708 and x86/64. Runtime-tested on brcm2708/bcm2708 and x86/64. Fixes the following vulnerabilities: - CVE-2017-7533 - CVE-2017-1000111 - CVE-2017-1000112 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: split patches folder up into backport, pending and hack foldersJohn Crispin2017-08-053-2/+12
| | | | | | | | | | | | | | | | | | | | * properly format/comment all patches * merge debloat patches * merge Kconfig patches * merge swconfig patches * merge hotplug patches * drop 200-fix_localversion.patch - upstream * drop 222-arm_zimage_none.patch - unused * drop 252-mv_cesa_depends.patch - no longer required * drop 410-mtd-move-forward-declaration-of-struct-mtd_info.patch - unused * drop 661-fq_codel_keep_dropped_stats.patch - outdated * drop 702-phy_add_aneg_done_function.patch - upstream * drop 840-rtc7301.patch - unused * drop 841-rtc_pt7c4338.patch - upstream * drop 921-use_preinit_as_init.patch - unused * drop spio-gpio-old and gpio-mmc - unused Signed-off-by: John Crispin <john@phrozen.org>
* kernel: update kernel 4.4 to version 4.4.79Hauke Mehrtens2017-07-281-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.9 to version 4.9.40Hauke Mehrtens2017-07-281-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* build: move mktplinkfw-combined command to image-commands.mkPiotr Dymacz2017-07-221-0/+9
| | | | | | | | | | We will need "mktplinkfw-combined" command also in the "ramips" target for new MediaTek based TP-Link devices, with "safeloader" image type. Also, rename the command to "tplink-v1-header", use "VERSION_DIST" variable instead of "OpenWrt" and allow passing additional parameters. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* Revert "kernel: do not try to probe builtin modules on empty kmod package ↵Jo-Philipp Wich2017-07-211-2/+0
| | | | | | | | | | | install" This change currently causes some issues with loading out of tree kernel modules so revert that commit for now. Reverts commit 34c01e68b5d6b06ce3794ef0e2b06e81ec3ce8ca. Fixes FS#919. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* kernel: do not try to probe builtin modules on empty kmod package installJonas Gorski2017-07-201-0/+2
| | | | | | | | | | | | Builtin modules are always present, and trying to load them will cause modprobe to spew errors when installing the empty kmod packages. Fix this by never generating any postinst module install instructions for builtin modules. Fixes #842. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* image: fix ar71xx legacy imagesMathias Kresin2017-07-151-0/+1
| | | | | | | | | | | | | | | | | | If TARGET_PER_DEVICE_ROOTFS and DEVICE_PACKAGES are used for ar71xx legacy images: - an already jffs2 padded squashfs rootfs is overwritten with an unpadded/raw one. - the squashfs-raw and squashfs-64k rootfs are not replaced by the ones including the DEVICE_PACKAGES Call Image/Build/squashfs after the DEVICE_PACKAGES are added to the base squashfs rootfs to fix the issues. Fixes: FS#904 Signed-off-by: Mathias Kresin <dev@kresin.me>
* kernel: update kernel 4.9 to 4.9.37Koen Vandeputte2017-07-151-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Refreshed all patches - Removed upstreamed - Adapted 4 patches: 473-fix-marvell-phy-initialization-issues.patch ----------------------------------------------- Removed hunk 5 which got upstreamed 403-net-phy-avoid-setting-unsupported-EEE-advertisments.patch 404-net-phy-restart-phy-autonegotiation-after-EEE-advert.patch -------------------------------------------------------------- Adapted these 2 RFC patches, merging the delta's from an upstream commit (see below) which made it before these 2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux- stable.git/commit/?h=v4.9.36&id=97ace183074d306942b903a148aebd5d061758f0 180-usb-xhci-add-support-for-performing-fake-doorbell.patch ----------------------------------------------------------- - Moved fake_doorbell bitmask due to new item Compile tested on: cns3xxx, imx6 Run tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* netfilter: add iptables-mod-rpfilter packageAlin Nastac2017-07-111-0/+2
| | | | | | | | | Unlike /proc/sys/net/ipv4/conf/INTF/rp_filter flag, rule iptables -t raw -I PREROUTING -m rpfilter --invert -j DROP prevents conntrack table to become full when a packet flood with randomly selected source IP addresses is received from the lan side. Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
* build: move mktplinkfw2 related commands to image-commands.mkPiotr Dymacz2017-06-291-0/+14
| | | | | | | | | There are already two targets (lantiq, ramips) which use mktplinkfw2 tool for creating images. This de-duplicates code, introduces two new build commands: tplink-v2-header, tplink-v2-image and makes use of them in place of old, (sub)target specific ones. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* build: rename TPLINK_BOARD_NAME to TPLINK_BOARD_IDPiotr Dymacz2017-06-291-1/+1
| | | | Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* kernel: update kernel 4.4 to 4.4.74Stijn Tintel2017-06-271-2/+2
| | | | | | | | Refresh patches. Compile-tested on ar71xx. Runtime-tested on ar71xx. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: update kernel 4.9 to 4.9.34Koen Vandeputte2017-06-271-2/+2
| | | | | | | | | | | | - Refreshed all patches - Adapted 1 (0031-mtd-add-SMEM-parser-for-QCOM-platforms.patch) Compile tested on: brcm2708, cns3xxx, imx6 Run tested on: brcm2708, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> [Compile and run tested on brcm2708] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* ar71xx: add AVM FRITZ!WLAN Repeater 300E supportMathias Kresin2017-06-241-0/+10
| | | | | | | | | | | | | | | | | | | | | | Specifications: * SoC: AR7242 (Virian 400MHz) * RAM: 64 MB DDR (W9751G6JB-25) * Flash: 16MB SPI flash (S25FL129PIF) * WiFi: AR9382 (2.4/5GHz) + 2x SE2595L * LAN: 1x1000M (PEF7071V) To install LEDE via EVA bootloader, a FTP connection need to be established to 192.168.178.1 within the first seconds after power on: ftp> quote USER adam2 ftp> quote PASS adam2 ftp> binary ftp> debug ftp> passive ftp> quote MEDIA FLSH ftp> put lede-ar71xx-generic-fritz300e-squashfs-sysupgrade.bin mtd1 Signed-off-by: Mathias Kresin <dev@kresin.me>
* build: move lzma2eva build step to image-commands.mkMathias Kresin2017-06-241-0/+5
| | | | | | | Move it to image-commands.mk so that it can used by other targets with eva based boards as well. Signed-off-by: Mathias Kresin <dev@kresin.me>
* build: Fix not altering KERNELRELEASE for external kernelHauke Mehrtens2017-06-191-2/+1
| | | | | | | | | | | | When an external kernel tree is used the version should not get modified by the LEDE build scripts. This was added by Florian some time ago. The commit 0aed054becb21439 ("build: add KERNEL_MAKE and KERNEL_MAKE_FLAGS variables and move to kernel.mk") breaks this feature introduced in b6746a6ffb73 ("include: Do not alter KERNELRELEASE for external/git kernels"). Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* build: move definition of KBUILD_BUILD_TIMESTAMP to include/kernel.mkAlexander Couzens2017-06-172-6/+6
| | | | | | | Fixes: 0aed054bec (build: add KERNEL_MAKE and KERNEL_MAKE_FLAGS variables and move to kernel.mk) Signed-off-by: Alexander Couzens <lynxis@fe80.eu>