aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* imx6: move to Linux 4.9 kernelTim Harvey2017-02-111-3/+3
| | | | | Signed-off-by: Tim Harvey <tharvey@gateworks.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dropbear: enable SHA256 HMACsJoseph C. Sible2017-02-101-3/+2
| | | | | | | The only HMACs currently available use MD5 and SHA1, both of which have known weaknesses. We already compile in the SHA256 code since we use Curve25519 by default, so there's no significant size penalty to enabling this. Signed-off-by: Joseph C. Sible <josephcsible@users.noreply.github.com>
* mac80211: update brcmfmac backporting brcmf_err cleanupsRafał Miłecki2017-02-106-1/+172
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* odhcpd: update to git HEAD version (FS#396)Hans Dedecker2017-02-091-3/+3
| | | | | | | | | 8df4253 ndp: harden netlink event socket error handling b02f3e6 ndp: close proc file descriptor also during error handling 8a615ad npd: rework IPv6 relay logic (FS#396) 0129f79 config: restore interface defaults when cleaning interface Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* kernel: remove kmod packages for bridge, stp, llc and 8021qFelix Fietkau2017-02-092-68/+2
| | | | | | | Remove CONFIG_VLAN_8021Q overrides for two targets These features are built into the kernel image for all targets Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix build on linux 3.18Felix Fietkau2017-02-091-0/+43
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: make <subdir>/install opt-in, use it for target/ onlyFelix Fietkau2017-02-091-1/+0
| | | | | | | Fixes buildbot errors on running make target/install or toolchain/install Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uclibc++: patch bugfix erase() on derived __base_associativeBen Kelly2017-02-091-0/+40
| | | | | | | | | | | | | | | | | When calling erase() on a containers derived from __base_associative (e.g. multimap) and providing a pair of iterators a segfault will occur. Example code to reproduce: typedef std::multimap<int, int> testmap; testmap t; t.insert(std::pair<int, int>(1, 1)); t.insert(std::pair<int, int>(2, 1)); t.insert(std::pair<int, int>(3, 1)); t.erase(t.begin(), t.end()); Signed-off-by: Ben Kelly <ben@benjii.net>
* uboot-kirkwood: fix goflexhome/net bootcommandAlberto Bursi2017-02-091-1/+1
| | | | | | | | | | Goflexhome/net use uImage, and to boot an uImage the u-boot must use bootm command, not bootz. Fixes the "i cannot boot LEDE with this u-boot" issue that I found out myself with my goflexnet. Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
* uboot-kirkwood: remove obsolete patchesAlberto Bursi2017-02-096-142/+0
| | | | | | | | | | all patches for CONFIG_SYS_GENERIC_BOARD are obsolete for uboot 2016 sources. Run-tested with the uboot of goflexnet, also the md5sum of all other uboots is the same with or without these patches. Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
* iperf3: Update to 3.1.6Daniel Engberg2017-02-091-2/+2
| | | | | | Update to 3.1.6 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* utils/e2fsprogs: Update to 1.43.4Daniel Engberg2017-02-091-5/+5
| | | | | | | | | | * Update to 1.43.4 * Use xz tarball which saves about 2Mbyte in size Changelog: http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.43.4 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Felix Fietkau <nbd@nbd.name> [use @KERNEL instead of hardcoded URL]
* procd: update to latest git HEADJohn Crispin2017-02-091-3/+3
| | | | | | cdc3dab ujail: fix signal forwarding Signed-off-by: John Crispin <john@phrozen.org>
* rt2x00: mt7620: lots of improvementsDaniel Golle2017-02-081-118/+133
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit combines all the changes I've made on my staging tree into a single commit fixing many issues with our patch for MT7620. First of all, checkpatch.pl revealed numerous code style issues with the patch, so fix all the white-space and commets. Also use usleep_range instead of legacy timing and relax timing for VCO calibration just like the vendor driver does. Several line programming registers were commented out in the patch. Originally this came from the features present but disabled by default in the vendor's driver (RTMP_TEMPERATURE_CALIBRATION and ADJUST_POWER_CONSUMPTION_SUPPORT). Remove the dead code for now, it can easily be re-added if we actually intend to support those features. Move values from mt7620_freqconfig type into the existing rf_channel struct, this shouldn't be a new typedef and it is possible to use the existing struct because rf_channel got 4 32-bit fields, so two of the 8-bit values from mt7620_freqconfig can easily be stored in the same 32-bit field. Map values such that Rdiv -> rf1 N -> rf2 K -> rf3[0:7] D -> rf3[8:15] Ksd -> rf4 This makes the channel switching logic already look a bit more like what we are used to in rt2x00... Probably many of the read-modify-write calls could still be replaced by macros intended for that. iq calibration seems to be identical to RT5592, so just enable it. Test shows that this improves things quite a lot, datarates went up by a couple of megabits when running iperf, signal quality seems jumpy in the first few seconds once a station connencts, the stabelizes on a value significantly better than what it was before. Add description to the patch and reference the original OpenWrt commit by which it was added. The patch now passes checkpatch.pl and can thus be discussed with the upstream authors of the rt2x00 driver. Funded-by: https://www.kickstarter.com/projects/1327597961/better-support-for-mt7620a-n-in-openwrt-lede/ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* odhcp6c: update to GIT head versionHans Dedecker2017-02-081-3/+3
| | | | | | cfd986c odhcp6c: fix possible stack corruption when parsing proc if_inet6 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* mac80211: brcmfmac: update Raspberry Pi patches for linux 4.9Álvaro Fernández Rojas2017-02-072-2/+2
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* kernel: of-mdio: add missing dependency for linux 4.9Álvaro Fernández Rojas2017-02-071-1/+3
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* brcmfmac: improve Raspberry Pi 3 stabilityÁlvaro Fernández Rojas2017-02-072-2/+25
| | | | | | | - Really disable power management (wrong config flags). - Disable internal roaming engine. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* mac80211: fix ath9k kernel crash with linux 4.9Felix Fietkau2017-02-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tcpdump: update to version 4.9.0Hauke Mehrtens2017-02-064-81/+81
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the following 41 security problems: + CVE-2016-7922: buffer overflow in print-ah.c:ah_print(). + CVE-2016-7923: buffer overflow in print-arp.c:arp_print(). + CVE-2016-7924: buffer overflow in print-atm.c:oam_print(). + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print(). + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print(). + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print(). + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print(). + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header(). + CVE-2016-7930: buffer overflow in print-llc.c:llc_print(). + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print(). + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum(). + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print(). + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print(). + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print(). + CVE-2016-7936: buffer overflow in print-udp.c:udp_print(). + CVE-2016-7937: buffer overflow in print-udp.c:vat_print(). + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame(). + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions. + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions. + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions. + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions. + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print(). + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print(). + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print(). + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print(). + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions. + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print(). + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print(). + CVE-2016-8575: buffer overflow in print-fr.c:q933_print(). + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print(). + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print(). + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print(). + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print(). + CVE-2017-5341: buffer overflow in print-otv.c:otv_print(). + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). + CVE-2017-5482: buffer overflow in print-fr.c:q933_print(). + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse(). + CVE-2017-5484: buffer overflow in print-atm.c:sig_print(). + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap(). + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print(). The size of the package is only incread very little: new size: 306430 tcpdump_4.9.0-1_mips_24kc.ipk 130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk old size: 302782 tcpdump_4.8.1-1_mips_24kc.ipk 129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* brcm2708-gpu-fw: update to latest versionÁlvaro Fernández Rojas2017-02-061-8/+8
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* mac80211: update to wireless-testing 2017-01-31Felix Fietkau2017-02-06204-12870/+1419
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dnsmasq: update to dnsmasq 2.77test1Kevin Darbyshire-Bryant2017-02-056-257/+145
| | | | | | | | | | | | | | | | | | | | | | | Bump to dnsmasq 2.77test1 - this includes a number of fixes since 2.76 and allows dropping of 2 LEDE carried patches. Notable fix in rrfilter code when talking to Nominum's DNS servers especially with DNSSEC. A patch to switch dnsmasq back to 'soft fail' for SERVFAIL responses from dns servers is also included. This mean dnsmasq tries all configured servers before giving up. A 'localise queries' enhancement has also been backported (it will appear in test2/rc'n') this is especially important if using the recently imported to LEDE 'use dnsmasq standalone' feature 9525743c I have been following dnsmasq HEAD ever since 2.76 release. Compile & Run tested: ar71xx, Archer C7 v2 Tested-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* dnsmasq: fix instances in dhcp_add()Eric Luehrsen2017-02-051-2/+2
| | | | | | | | | ref commit 9525743c076393336cd2129539c974f8a01c7894 dnsmasq: make DHCPv6 viable for standalone dnsmasq install Above commit broke instancing by missing filter_dnsmasq() as part of the dhcp_add() execution. Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
* dnsmasq: honor quietdhcp option for DHCPv6Arjen de Korte2017-02-051-0/+1
| | | | | | | | | | | Do not spam the syslog with DHCPv6 lease info if quietdhcp option is selected. This already works for DHCPv4, make it work in the same way for DHCPv6. Signed-off-by: Arjen de Korte <build+lede@de-korte.org> [Originally written by Arjen de Korte on GitHub but had issues providing a SoB in correct format.] Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* ubus: update to the latest versionFelix Fietkau2017-02-041-3/+3
| | | | | | | | | Adds the following fixes: 91acde6 libubus: do not modify uloop_cancelled 763b9b2 libubus: reset ctx->sock.eof to fix reconnect issues Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libubox: update to the latest versionFelix Fietkau2017-02-041-3/+3
| | | | | | | | | | | | | | | Adds the following changes: de3f14b uloop: add uloop_cancelling function 3b6181b utils: fix build on Mac OS X 10.12 7f671b1 blobmsg: add support for double 0fe1374 utils: add helper functions useful for allocating a ring buffer 8fc1c30 libubox: replace strtok with _r version. 4a9f74f libubox: allow reading out the pid of uloop process in lua 372e1e6 uloop: remove useless epoll data assignment f9db1cb libubox: allow reading out the remaining time of a uloop timer in Lua Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mt76: update to the latest version, fixes a MAC address handling regressionFelix Fietkau2017-02-041-3/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* acx-mac80211: fix scan API error that could lead to a crashFelix Fietkau2017-02-031-0/+29
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: adding key_direction to append_params.Brandon Koepke2017-02-031-2/+2
| | | | | | key_direction shows up as an openvpn option in the user-interface but does not end up in the /var/etc/openvpn*.conf file. Adding it to the list here fixed the issue for me. Signed-off-by: Brandon Koepke <bdkoepke@fastmail.com>
* ubox: support quiet modprobe, support millisecond log timestamp accuracyJo-Philipp Wich2017-02-021-3/+3
| | | | | | | | | Update ubox to latest Git HEAD in order to import the following fixes: ac2d43e kmodloader: support '-q' quiet option f8d3d16 ubox: Add an option for more accurate timestamps in log Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ath9k: add a warning to the tx99 config optionFelix Fietkau2017-02-021-1/+1
| | | | | | | | | Lots of users try random stuff when they encounter any kind of difficulty. I've had to debug a number of cases where people had enabled this option for no reason. Hopefully this warning will reduce the number of useless support cases. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: brcmfmac: backport wowlan netdetect fixesRafał Miłecki2017-02-024-2/+149
| | | | | | | | | | | | | | I needed a moment to figure out relation between this patchset and the nl80211: fix validation of scheduled scan info for wowlan netdetect It appears nl80211 commit will go on top of brcmfmac changes so it's safe to backport these patches. One patch that was excluded is commit 2a2a5d1835b6 ("brcmfmac: add .update_connect_params() callback") as it depends on missing commit 088e8df82f91 ("cfg80211: Add support to update connection parameters"). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: brcmfmac: backport PSM watchdog improvementsRafał Miłecki2017-02-022-0/+96
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: brcmfmac: backport minor code cleanupsRafał Miłecki2017-02-029-1/+363
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: brcmfmac: backport 4.10 fixes & typo fixRafał Miłecki2017-02-023-0/+111
| | | | | | This includes memory leak fix in initialization path. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: brcmfmac: backport scheduled scan cleanup and chip supportRafał Miłecki2017-02-0218-11/+2200
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: brcmfmac: backport some old patches from 2016Rafał Miłecki2017-02-028-8/+332
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: rename brcmfmac patches to use higher prefixRafał Miłecki2017-02-023-0/+0
| | | | | | There are more patches to backport that should go before these. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* ccache, samba36: fix samba.org addresses to use httpsHannu Nyman2017-02-022-5/+5
| | | | | | | | | | | | samba.org has started to enforce https and currently plain http downloads with curl/wget fail, so convert samba.org download links to use https. Modernise links at the same time. Also convert samba.org URL fields to have https. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* dnsmasq: make DHCPv6 viable for standalone dnsmasq installEric Luehrsen2017-02-022-29/+152
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | dnsmasq has sufficient services to meet the needs of DHCP and RA with IP6 for single router router users. This is the most common use for consumer routers. Its reenforced as most ISP tend to only DHCP-PD /64. dnsmasq has year over year demonstrated great flexibility in its option set, and support for off-standard DHCP clients. odhcpd has enhanced capabilities focused on IP6 such as DHCP/RA relay and NDP proxy. However, it is not as flexible in its option set. odhcpd is not as forgiving with off-standard DHCP clients. Some points may represent a long term TODO list, but it is the state currently. These changes make any such combination possible. Already odhcpd can be set as the main dhcp server. Now odhcpd can be removed or disabled and dnsmasq will take over if DHCPv6 compiled in. The existing DHCPv6 and RA UCI are translated into dnsmasq.conf. The changes focus on '--dhcp-range', '--dhcp-host', and '--dhcp-options'. DHCP host ID is least 16 bits [::1000-::FFFF], but leaves low range for typical infrastructure assignments. dnsmasq accepts DHCPv6 options in the tranditional '--dhcp-option' put they must be prefixed 'option6:'. dnsmasq will also discover SLAAC DNS entries from DHCPv4 clients MAC, and confirm with a ping at least renew. Long term TODO include improving use of dnsmasq relay options for DHCPv4 and DHCPv6 in parallel. It would also be possible to preconfigure DHCP-PD in host-with-options records for fixed infrastructure. Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com> [Jo-Philipp Wich: emit proper IPv6 hostid format in dhcp-host directive] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* dnsmasq: expand 'add_local_hostname' fexibility including FQDNEric Luehrsen2017-02-022-23/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ref commit 612e2276b4a2f57fcbbe79b95bec4a46e89d748c ref commit ec63e3bf1312ab4c666f7417ca9844857214047f 'option add_local_hostname' scripted implementation statically assigns this host in auto generated host file at init. If IFUP or other signals do not occur, then address changes are not tracked. The script doesn't apply all the addresses at an interface. This may make logs obscure. The script only puts the bare host name (maybe not FQDN) in host file, but if '--exapandhosts' is enabled, then /etc/hosts entries will be suffixed, and "127.0.0.1 localhost" becomes "localhost.lan". dnsmasq provides an option to perform this function, but it is rather greedy. '--interface-name=<name>,<iface>' will assign the name to all IP on the specified interface (except link local). This is a useful feature, but some setups depend on the original restrictive behavior. 'option add_local_fqdn' is added to enhance the feature set, but if not entered or empty string, then it will default to original option and behavior. This new option has a few settings. At each increased setting the most detailed name becomes the PTR record: 0 - same as add_local_hostname 0 or disabled 1 - same as add_local_hostname 1 2 - assigns the bare host name to all IP w/ --dnsmasq-interface 3 - assigns the FQDN and host to all IP w/ --dnsmasq-interface 4 - assigns <iface>.<host>.<domain> and above w/ --dnsmasq-nterface 'option add_wan_fqdn' is added to run the same procedure on inferred WAN intefaces. If an interface has 'config dhcp' and 'option ignore 1' set, then it is considered WAN. The original option would only run on DHCP serving interfaces. Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
* base-files: emit tagged switch configuration by defaultJo-Philipp Wich2017-02-021-1/+1
| | | | | | | | | | | | | | | | | | | Instead of only using tagged CPU port configurations when more than one VLAN is present on the switch, always emit tagged configurations unless a board explicitely opts out of this behaviour by using the previously introduced [0-9]u@netdev syntax. Emitting default tagged configurations has the following benefits: - Relation of switch vlans to netdevs is easier to understand, especially for multi-cpu-port switches - Adding additional VLANs (e.g. to break out a LAN port for other purposes) becomes easier as users are not forced to change the existing untagged VLAN to tagged and the existing ifname notation from ethX to ethX.Y anymore, drastly reducing the likelyhood of soft-bricks. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* odhcp6c: fix PKG_SOURCE_URLHans Dedecker2017-02-011-1/+1
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: update to git HEAD versionHans Dedecker2017-02-011-5/+5
| | | | | | | | 3317c86 dhcpv6-ia: apply lease delete based on assignment bound state df50429 odhcpd: properly handle netlink messages (FS#388) 83d72cf odhcpd: fix coding style Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ath10k-firmware: revert faulty PKG_SOURCE_DATE change from 7cb27b46Felix Fietkau2017-02-011-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ath10k-firmware: update qca9984 firmware and board dataPavel Kubelun2017-02-011-5/+5
| | | | | | | | Fixes firmware crash in rare cases and a bug ath10k_pci 0001:01:00.0: received unexpected tx_fetch_ind event: in push mode for those who kept experiencing it after previous firmware update. Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
* mt76: update to the latest versionFelix Fietkau2017-02-011-3/+3
| | | | | | | | Uses upstream code to parse DT supported band/frequency information. Update existing .dts files to the new format and remove unnecessary overrides. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ath10k-ct: depend on kmod-hwmon-core, it gets used when CONFIG_THERMAL is setFelix Fietkau2017-02-011-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ath10k-ct: fix kernel api compatibility issuesFelix Fietkau2017-02-012-0/+108
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>