aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* kmod-sched-cake: bump to 20180716Kevin Darbyshire-Bryant2018-07-161-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bump to the latest cake recipe. This backports tc class support to kernel 4.9 and other than conditional kernel compilation pre-processor macros represents the cake that has gone upstream into kernel 4.19. Loud cheer! Fun may be had by changing cake tin classification for packets on ingress. e.g. tc filter add dev ifb4eth0 parent 800b: protocol ip u32 match \ ip dport 6981 0xffff action skbedit priority 800b:1 Where 800b: represents the filter handle for the ifb obtained by 'tc qdisc' and the 1 from 800b:1 represents the cake tin number. So the above example puts all incoming packets destined for port 6981 into the BULK (lowest priority) tin. f39ab9a Obey tin_order for tc filter classifiers 1e2473f Clean up after latest backport. 82531d0 Reorder includes to fix out of tree compilation 52cbc00 Code style cleanup 6cdb496 Fix argument order for NL_SET_ERR_MSG_ATTR() cab17b6 Remove duplicate call to qdisc_watchdog_init() 71c7991 Merge branch 'backport-classful' 32aa7fb Fix compilation on Linux 4.9 9f8fe7a Fix compilation on Linux 4.14 ceab7a3 Rework filter classification aad5436 Fixed version of class stats be1c549 Add cake-specific class stats 483399d Use tin_order for class dumps 80dc129 Add class dumping 0c8e6c1 Fix dropping when using filters c220493 Add the minimum class ops 5ed54d2 Start implementing tc filter/class support Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* dropbear: close all active clients on shutdownChristian Schoenebeck2018-07-161-0/+5
| | | | | | | | | | | | | | | | | | | | Override the default shutdown action (stop) and close all processes of dropbear Since commit 498fe85, the stop action only closes the process that's listening for new connections, maintaining the ones with existing clients. This poses a problem when restarting or shutting-down a device, because the connections with existing SSH clients, like OpenSSH, are not properly closed, causing them to hang. This situation can be avoided by closing all dropbear processes when shutting-down the system, which closes properly the connections with current clients. Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com> [Luis: Rework commit message] Signed-off-by: Luis Araneda <luaraneda@gmail.com>
* mtd: improve check for TRX header being already fixedRafał Miłecki2018-07-152-8/+9
| | | | | | | | | | | First of all lengths should be compared after checking all blocks for being good/bad. It's because requested length may differ from a final one if there were some bad blocks. Secondly it makes sense to also compare crc32 since we already have a new one calculated. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* curl: Update to 7.61.0Daniel Engberg2018-07-151-5/+5
| | | | | | Update curl to 7.61.0 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* odhcp6c: add noserverunicast config option for broken DHCPv6 serversHans Dedecker2018-07-152-6/+9
| | | | | | | | | Fix broken DHCPv6 servers which provide the server unicast option but do not reply on DHCPv6 renew messages directed to the IPv6 address contained in the server unicast option whihc results in broken IPv6 connectivity. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* mtd: support bad blocks within the mtd_fixtrx()Rafał Miłecki2018-07-152-7/+29
| | | | | | | | | | | | | | | | Reading MTD data with (p)read doesn't return any error when accessing bad block. As the result, with current code, CRC32 covers "data" stored in bad blocks. That behavior doesn't match CFE's one (bootloader simply skips bad blocks) and may result in: 1) Invalid CRC32 2) CFE refusing to boot firmware with a following error: Boot program checksum is invalid Fix that problem by checking every block before reading its content. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* ppp: add missing -fPIC to rp-pppoe.so CFLAGSFelix Fietkau2018-07-141-0/+11
| | | | | | Fixes build error with LTO Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ubus: compile with LTO enabledFelix Fietkau2018-07-131-1/+2
| | | | | | Reduces total .ipk size by about 1k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* procd: compile with LTO enabledFelix Fietkau2018-07-131-0/+3
| | | | | | Reduces .ipk size on MIPS from 42k to 39k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dropbear: compile with LTO enabledFelix Fietkau2018-07-132-2/+35
| | | | | | Reduces size of the .ipk on MIPS from 87k to 84k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firewall: compile with LTO enabledFelix Fietkau2018-07-131-2/+2
| | | | | | Reduces .ipk size on MIPS from 41.6k to 41.1k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iw: compile with LTO enabledFelix Fietkau2018-07-131-2/+3
| | | | | | Reduces .ipk size on MIPS from 34k to 33k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ppp: compile with LTO enabledFelix Fietkau2018-07-131-2/+2
| | | | | | Reduces .ipk size on MIPS from 98.5k to 98k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ppp: fix linker flags for the radius pluginFelix Fietkau2018-07-131-3/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: compile with LTO enabledFelix Fietkau2018-07-131-1/+4
| | | | | | Reduces .ipk size from 65k to 63k on MIPS Signed-off-by: Felix Fietkau <nbd@nbd.name>
* busybox: compile with LTO enabledFelix Fietkau2018-07-132-5/+42
| | | | | | | In the default configuration on MIPS, it reduces the .ipk size from 214k to 207k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mt76: update to the latest versionFelix Fietkau2018-07-131-3/+3
| | | | | | | | | 08719b1 mt76: use a per rx queue page fragment cache 4d2c565 mt76x2: reset HW before probe f622975 mt76x2: fix CCK protection control frame rate 6780375 mt76x2: add frame protection support Signed-off-by: Felix Fietkau <nbd@nbd.name>
* include/feeds.mk: rework generation of opkg distfeeds.confMatthias Schiffer2018-07-122-16/+0
| | | | | | | Allow enabling/commenting/disabling each feed individually by using a tristate config symbol. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: fix feed list in PKG_CONFIG_DEPENDSMatthias Schiffer2018-07-121-1/+1
| | | | | | | FEEDS_ENABLED and FEEDS_DISABLED are derived from FEEDS_AVAILABLE, not FEEDS_INSTALLED. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* kernel: gpio-nct5104d remove boardname checkLukáš Mrtvý2018-07-121-5/+0
| | | | | | | 'In different versions of coreboot are different names of apu boardname. No need to check boardname to load module.' Signed-off-by: Lukáš Mrtvý <lukas.mrtvy@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-07-111-3/+3
| | | | | | | 5cf7975 iprule: rework interface based rules to handle dynamic interfaces 57f87ad Introduce new interface event "create" (IFEV_CREATE) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to the latest versionFelix Fietkau2018-07-111-3/+3
| | | | | | | | | c1f6a82 system-linux: add autoneg and link-partner output e9eff34 system-linux: extend link mode speed definitions d1251e1 system-linux: adjust bridge isolate mode for upstream attribute naming 03785fb system-linux: fix build error on older kernels Signed-off-by: Felix Fietkau <nbd@nbd.name>
* procd: update to the latest version, fixes gcc 8 build errorFelix Fietkau2018-07-111-3/+3
| | | | | | a0372ac procd: increase watchdog fd_buf storage size to fix gcc8 build error Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: Expose support for ath9k DynackKoen Vandeputte2018-07-111-1/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enables support for Dynack feature. When a remote station is far away, we need to compensate for the distance by allowing more time for an ACK to arrive back before issueing a retransmission. Currently, it needs to be set fixed to indicate the maximum distance the remote station will ever be. While this mostly works for static antennae, it introduces 2 issues: - If the actual distance is less, speed is reduced due to a lot of wates wait-time - If the distance becomes greater, retries start to occur and comms can get lost. Allowing to set it dynamically using dynack ensures the best possible tradeoff between speed vs distance. This feature is currently only supported in ath9k. it is also disabled by default. Enabling it can be done in 2 ways: - issue cmd: iw phy0 set distance auto - sending the NL80211_ATTR_WIPHY_DYN_ACK flag to mac80211 driver using netlink Disabling it can be done by providing a valid fixed value. To give an idea of a practical example: In my usecase, we have mesh wifi device installed on ships/platforms. Currently, the coverage class is set at 12000m fixed. When a vessel moved closer (ex. 1500m), the measured link capacity was a lot lower compared to setting the coverage class fixed to 1500m Dynack completely solved this, nearly providing double the bandwidth at closer range compared to the fixed setting of 12000m being used. Also when a vessel sailed to a distance greater than the fixed setting, communication was lost as the ACK's never arrived within the max allowed timeframe. Actual distance: 6010m iperf 60s run avg Fixed 12150m: 31 Mbit/s Dynack: 58 Mbit/s Fixed 6300m: 51 Mbit/s Dynack: 59 Mbit/s Fixed 3000m: 13 Mbit/s (lots of retries) Dynack: 58 Mbit/s Actual distance: 1504m iperf 60s run avg Fixed 12150m: 31 Mbit/s Dynack: 86 Mbit/s Fixed 6300m: 55 Mbit/s Dynack: 87 Mbit/s Fixed 3000m: 67 Mbit/s Dynack: 87 Mbit/s Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* qos-scripts: fix indentationMoritz Warning2018-07-113-15/+16
| | | | Signed-off-by: Moritz Warning <moritzwarning@web.de>
* wireguard: bump to 0.0.20180708Jason A. Donenfeld2018-07-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | * device: print daddr not saddr in missing peer error * receive: style Debug messages now make sense again. * wg-quick: android: support excluding applications Android now supports excluding certain apps (uids) from the tunnel. * selftest: ratelimiter: improve chance of success via retry * qemu: bump default kernel version * qemu: decide debug kernel based on KERNEL_VERSION Some improvements to our testing infrastructure. * receive: use NAPI on the receive path This is a big change that should both improve preemption latency (by not disabling it unconditionally) and vastly improve rx performance on most systems by using NAPI. The main purpose of this snapshot is to test out this technique. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* iproute2: update to 4.17.0Hans Dedecker2018-07-1014-310/+48
| | | | | | | | | | | | Update to the latest version of iproute2; see https://lwn.net/Articles/756991/ for a full overview of the changes in 4.17. Remove upstream patch 002-json_print-fix-hidden-64-bit-type-promotion. Backport upstream patch 001-rdma-sync-some-IP-headers-with-glibc fixing rdma compile issue. At the same time re-organize patch numbering so the OpenWRT specific patches start at 100. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: build with LTO enabled (using jobserver for parallel build)Felix Fietkau2018-07-102-3/+54
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* odhcpd: update to latest git HEADHans Dedecker2018-07-091-4/+4
| | | | | | | 345bba0 dhcpv4: improve error checking in handle_dhcpv4() c0f6390 odhcpd: Check if open the ioctl socket failed Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* basefiles: Reword sysupgrade messageKevin Darbyshire-Bryant2018-07-081-1/+1
| | | | | | sysupgrade 'upgrade' message more verbose than needs be. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* libnl: bump to 3.4.0Konstantin Demin2018-07-074-31/+15
| | | | | | refresh patches Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* uboot-imx: bump to 2018.03 which fixes the build issues with fdt64_t ↵Vladimir Vid2018-07-079-1636/+26
| | | | | | | | | | | redefinitions * change mx6qsabresd to mx6qsabres to match defconfig name * merge wanboard profiles since there is only one defconfig for the target device * move wanboard options from wandboard.h to defconfig * remove legacy patches Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
* mac80211: initialize sinfo in cfg80211_get_stationSven Eckelmann2018-07-071-0/+42
| | | | | | | | | | | | | | | | | | | Most of the implementations behind cfg80211_get_station will not initialize sinfo to zero before manipulating it. For example, the member "filled", which indicates the filled in parts of this struct, is often only modified by enabling certain bits in the bitfield while keeping the remaining bits in their original state. A caller without a preinitialized sinfo.filled can then no longer decide which parts of sinfo were filled in by cfg80211_get_station (or actually the underlying implementations). cfg80211_get_station must therefore take care that sinfo is initialized to zero. Otherwise, the caller may tries to read information which was not filled in and which must therefore also be considered uninitialized. In batadv_v_elp_get_throughput's case, an invalid "random" expected throughput may be stored for this neighbor and thus the B.A.T.M.A.N V algorithm may switch to non-optimal neighbors for certain destinations. Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
* ath10k-ct: search DT for BDF variant infoSven Eckelmann2018-07-073-1/+363
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Board Data File (BDF) is loaded upon driver boot-up procedure. The right board data file is identified on QCA4019 using bus, bmi-chip-id and bmi-board-id. The problem, however, can occur when the (default) board data file cannot fulfill the vendor requirements and it is necessary to use a different board data file. This problem was solved for SMBIOS by adding a special SMBIOS type 0xF8. Something similar has to be provided for systems without SMBIOS but with device trees. No solution was specified by QCA and therefore a new one has to be found for ath10k. The device tree requires addition strings to define the variant name wifi@a000000 { status = "okay"; qcom,ath10k-calibration-variant = "RT-AC58U"; }; wifi@a800000 { status = "okay"; qcom,ath10k-calibration-variant = "RT-AC58U"; }; This would create the boarddata identifiers for the board-2.bin search * bus=ahb,bmi-chip-id=0,bmi-board-id=16,variant=RT-AC58U * bus=ahb,bmi-chip-id=0,bmi-board-id=17,variant=RT-AC58U Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
* mbedtls: Activate deterministic ECDSAHauke Mehrtens2018-07-071-18/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | With deterministic ECDSA the value k needed for the ECDSA signature is not randomly generated any more, but generated from a hash over the private key and the message to sign. If the value k used in a ECDSA signature or the relationship between the two values k used in two different ECDSA signatures over the same content is know to an attacker he can derive the private key pretty easily. Using deterministic ECDSA as defined in the RFC6979 removes this problem by deriving the value k deterministically from the private key and the content which gets signed. The resulting signature is still compatible to signatures generated not deterministic. This increases the size of the ipk on mips 24Kc by about 2 KByte. old: 166.240 libmbedtls_2.11.0-1_mips_24kc.ipk new: 167.811 libmbedtls_2.11.0-1_mips_24kc.ipk This does not change the ECDSA performance in a measurable way. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Disable MBEDTLS_SHA256_SMALLER implementationDaniel Engberg2018-07-071-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | Disable MBEDTLS_SHA256_SMALLER implementation, not enabled by default in upstream and reduces performance by quite a bit. Source: include/mbedtls/config.h Enable an implementation of SHA-256 that has lower ROM footprint but also lower performance. The default implementation is meant to be a reasonnable compromise between performance and size. This version optimizes more aggressively for size at the expense of performance. Eg on Cortex-M4 it reduces the size of mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about 30%. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 164.382 Bytes ipkg for mips_24kc after: 166.240 Bytes Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: Update to 2.11.0Daniel Engberg2018-07-076-32/+58
| | | | | | | | | | | | | | | | Update mbed TLS to 2.11.0 Disable OFB block mode and XTS block cipher mode, added in 2.11.0. The soVersion of mbedtls changed, bump PKG_RELEASE for packages that use mbedTLS This is to avoid having a mismatch between packages when upgrading. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 163.846 Bytes ipkg for mips_24kc after: 164.382 Bytes Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: cleanup config patchDaniel Engberg2018-07-071-35/+28
| | | | | | | Clean up patch, use "//" consistently. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libconfig: update to version 1.7.2Enrico Mioso2018-07-071-4/+4
| | | | | | | | | The previous link did not work here. Compile-tested on: bcm47xx Runtime-tested on: bcm47xx Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
* ca-certificates: ca-bundle: add symlink for openssl default settingYousong Zhou2018-07-071-0/+2
| | | | | | | | | | OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is needed for wget-ssl and possibly others to work seamlessly with fresh ca-bundle installation Fixes openwrt/packages#6152 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* linux: update license tag to use correct SPDX tagFlorian Eckert2018-07-071-1/+1
| | | | | | Use SPDX tag. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* perf: remove linux 4.4 workaroundsFelix Fietkau2018-07-074-75/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libubox: update to the latest versionFelix Fietkau2018-07-071-3/+3
| | | | | | 3c1b33b utils: add const_* byteswapping functions Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firmware: amd64-microcode: update to 20180524Zoltan HERPAI2018-07-071-2/+2
| | | | | | | | | | | | | * New microcode update packages from AMD upstream: + New Microcodes: sig 0x00800f12, patch id 0x08001227, 2018-02-09 + Updated Microcodes: sig 0x00600f12, patch id 0x0600063e, 2018-02-07 sig 0x00600f20, patch id 0x06000852, 2018-02-06 * Adds Spectre v2 (CVE-2017-5715) microcode-based mitigation support, plus other unspecified fixes/updates. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* kmod-sched-cake: bump to latest 20180706Kevin Darbyshire-Bryant2018-07-071-3/+3
| | | | | | | Fixes a potential infinite loop bug when in unlimited (ie not using built in shaper) mode. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* elfutils: bump to 0.173Luiz Angelo Daros de Luca2018-07-047-351/+149
| | | | | | | | | - Removed hacks to use standalone argp as upstream now detects it nicely. - As we are already installing files, use files from PKG_INSTALL_DIR and not PKG_BUILD_DIR - Only changes Makefile.am as PKG_FIXUP:=autoreconf is in use Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* dnsmasq: bump to latest patches on 2.80rc2Kevin Darbyshire-Bryant2018-07-0319-11/+406
| | | | | | | | | | | | | | | Refresh patches and backport upstream to current HEAD: a997ca0 Fix sometimes missing DNSSEC RRs when DNSSEC validation not enabled. 51e4eee Fix address-dependent domains for IPv6. 05ff659 Fix stupid infinite loop introduced by preceding commit. db0f488 Handle some corner cases in RA contructed interfaces with addresses changing interface. 7dcca6c Warn about the impact of cache-size on performance. 090856c Allow zone transfer in authoritative mode whenever auth-peer is specified. cc5cc8f Sane error message when pcap file header is wrong. c488b68 Handle standard and contructed dhcp-ranges on the same interface. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kmod-sched-cake: bump to latest cakeKevin Darbyshire-Bryant2018-07-031-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This bumps to the latest & possibly greatest cake, sadly it's still inedible but from an SQM point of view quite tasty :-) Main tweaks since previous bump, improved ack_filter, some extra stats, support for 64bit netlink parameters (higher rates/byte counters) 0520a6c Fix NAT option handling 8da93e1 Make sure we always call qdisc_watchdog_init() in cake_init() f65daf6 Fix mismatched parenthesis 51d4ab3 Change flag handling to be safe even when mixing with non-eligible ACKs f2ea091 ack_filter: protect DCTCP with stricter filtering of ECE marks 28b4560 ACK filter: Handle wrapping sequence numbers and DSACKs 73f62d9 Use the right PAD attribute for options 5969c14 Use 32 for tin backlog e289f31 Move all the u64 netlink attributes together 36180a0 Check ACK seqno before parsing SACKs 91bbc01 Merge branch 'mine' into cobalt 58c55ec Rework SACK check to compare the ranges of two SACKs 9a5d593 ack_filter: Add proper handling of SACKs eca95d4 ack_filter: short-circuit TCP flag check d50a246 compat: backport some ktime functions 7b7ad11 compat: define tcpopt_fastopen for pre-4.1 kernels ca54cdb Fix ktime compare 9d7dcc0 ack filter: Parse TCP options and only drop safe ones b119882 Return EOPNOTSUPP on NAT option if conntrack is not available 842d7f0 Don't try to pad stats with tin_stats padding bd46dc2 Use 64-bit divide helper 8e41bf0 Make sure we never drop SACKs when filtering ACKs 66e5d60 Avoid comparing ktime_t to scalar values 7fab017 Actually commit the ktime_t changes fca6d13 Switch to ktime_t and get rid of cobalt.h 6f7e5af Can't use do_div with 64-bit divisors Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* iproute2: tc: update support for cakeKevin Darbyshire-Bryant2018-07-031-28/+83
| | | | | | | | | Bump iproute2/tc support of cake. Add support for cake's change to u64 attribute passing for certain attributes (rate & byte counts) Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* uhttpd: update to latest Git headJo-Philipp Wich2018-07-031-3/+3
| | | | | | | | | | db86175 lua: honour size argument in recv() function d3b9560 utils: add uh_htmlescape() helper 8109b95 file: escape strings in HTML output 393b59e proc: expose HTTP Origin header in process environment 796d42b client: flush buffered SSL output when tearing down client ustream Signed-off-by: Jo-Philipp Wich <jo@mein.io>