aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* linux: Add kmod-sched-act-vlanHauke Mehrtens2019-03-251-0/+16
| | | | | | This allows to configure rules to push or pop vlan headers. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* linux: Add kmod-sched-flowerHauke Mehrtens2019-03-251-0/+16
| | | | | | | This allows to classify packets based on a configurable combination of packet keys and masks. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* linux: Add kmod-sched-mqprioHauke Mehrtens2019-03-251-0/+16
| | | | | | This adds Multi-queue priority scheduler (MQPRIO). Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* linux: Add kmod-crxypto-xcbcHauke Mehrtens2019-03-251-0/+12
| | | | | | This can be used for IPsec. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* dropbear: split ECC support to basic and fullKonstantin Demin2019-03-252-8/+31
| | | | | | | | | | - limit ECC support to ec*-sha2-nistp256: * DROPBEAR_ECC now provides only basic support for ECC - provide full ECC support as an option: * DROPBEAR_ECC_FULL brings back support for ec{dh,dsa}-sha2-nistp{384,521} - update feature costs in binary size Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: rewrite init script startup logic to handle both host key filesKonstantin Demin2019-03-251-24/+38
| | | | Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: change type of config option "Port" to scalar type "port"Konstantin Demin2019-03-251-1/+1
| | | | | | it was never used anywhere, even LuCI works with "Port" as scalar type. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: introduce config option "keyfile" (replacement for "rsakeyfile")Konstantin Demin2019-03-251-1/+56
| | | | | | | | | | | | * option "keyfile" is more generic than "rsakeyfile". * option "rsakeyfile" is considered to be deprecated and should be removed in future releases. * warn user (in syslog) if option "rsakeyfile" is used * better check options ("rsakeyfile" and "keyfile"): don't append "-r keyfile" to command line if file is absent (doesn't exist or empty), warn user (in syslog) about such files Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: add initial support for ECC host keyKonstantin Demin2019-03-251-0/+2
| | | | Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: fix regression where TTY modes weren't reset for clientKonstantin Demin2019-03-251-0/+46
| | | | | | cherry-pick upstream commit 7bc6280613f5ab4ee86c14c779739070e5784dfe Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: honour CFLAGS while building bundled libtomcrypt/libtommathKonstantin Demin2019-03-251-0/+48
| | | | | | | | Felix Fietkau pointed out that bundled libtomcrypt/libtommath do funny stuff with CFLAGS. fix this with checking environment variable OPENWRT_BUILD in both libs. change in dropbear binary size is drastical: 221621 -> 164277. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: fix hardening flags during configureKonstantin Demin2019-03-251-0/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | compiler complains about messed up CFLAGS in build log: <command-line>: warning: "_FORTIFY_SOURCE" redefined <command-line>: note: this is the location of the previous definition and then linker fails: mips-openwrt-linux-musl-gcc [...] -o dropbearmulti [...] collect2: fatal error: ld terminated with signal 11 [Segmentation fault] compilation terminated. /staging_dir/toolchain-mips_24kc_gcc-8.2.0_musl/mips-openwrt-linux-musl/bin/ld: /tmp/cc27zORz.ltrans0.ltrans.o: relocation R_MIPS_HI16 against `cipher_descriptor' can not be used when making a shared object; recompile with -fPIC /staging_dir/toolchain-mips_24kc_gcc-8.2.0_musl/mips-openwrt-linux-musl/bin/ld: /tmp/cc27zORz.ltrans1.ltrans.o: relocation R_MIPS_HI16 against `ses' can not be used when making a shared object; recompile with -fPIC /staging_dir/toolchain-mips_24kc_gcc-8.2.0_musl/mips-openwrt-linux-musl/bin/ld: /tmp/cc27zORz.ltrans2.ltrans.o: relocation R_MIPS_HI16 against `cipher_descriptor' can not be used when making a shared object; recompile with -fPIC /staging_dir/toolchain-mips_24kc_gcc-8.2.0_musl/mips-openwrt-linux-musl/bin/ld: BFD (GNU Binutils) 2.31.1 assertion fail elfxx-mips.c:6550 [...] /staging_dir/toolchain-mips_24kc_gcc-8.2.0_musl/mips-openwrt-linux-musl/bin/ld: BFD (GNU Binutils) 2.31.1 assertion fail elfxx-mips.c:6550 make[3]: *** [Makefile:198: dropbearmulti] Error 1 make[3]: *** Deleting file 'dropbearmulti' make[3]: Leaving directory '/build_dir/target-mips_24kc_musl/dropbear-2018.76' make[2]: *** [Makefile:158: /build_dir/target-mips_24kc_musl/dropbear-2018.76/.built] Error 2 make[2]: Leaving directory '/package/network/services/dropbear' This FTBFS issue was caused by hardening flags set up by dropbear's configure script. By default, Dropbear offers hardening via CFLAGS and LDFLAGS, but this may break or confuse OpenWrt settings. Remove most Dropbear's hardening settings in favour of precise build, but preserve Spectre v2 mitigations: * -mfunction-return=thunk * -mindirect-branch=thunk Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: bump to 2019.77Konstantin Demin2019-03-2512-517/+52
| | | | | | | | | | | | | - drop patches applied upstream: * 010-runtime-maxauthtries.patch * 020-Wait-to-fail-invalid-usernames.patch * 150-dbconvert_standalone.patch * 610-skip-default-keys-in-custom-runs.patch - refresh patches - move OpenWrt configuration from patch to Build/Configure recipe, thus drop patch 120-openwrt_options.patch Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* ath10k-ct: Update to 2019-03-25Christian Lamparter2019-03-256-23/+23
| | | | | | | | 2e917efb607f ath10k: Add slow-pci bus work-around, sw-crypt blockack support. cc73ceb0dbc7 ath10k: Fix out-of-tree compile for 4.16 driver. 4b3cf7c20972 ath10k: Improve tx-status reporting. Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* ath10k-firmware: update Candela Tech firmware imagesChristian Lamparter2019-03-251-24/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Release notes since last time: Release notes for wave-1: - 2019-03-12: Add btcoex feature flag for 2.4Ghz only adapters, backported from upstream 10.2 firmware. - 2019-03-12: Support offloading decrypt of PMF blockack frames to the host. This lets us do blockack with PMF and rx-sw-crypt. Normal hwcrypt scenarios would not need this. Release notes for wave-2: - 2019-03-12: Fix crash when tearing down VI TID when pending frames exist. Could reproduce this while doing rmmod when VI traffic was flowing and PMF was enabled but broken. Bad luck could rarely cause it to happen in more normal config too. - 2019-03-12: Support offloading decrypt of PMF blockack frames to the host. This lets us do blockack with PMF and rx-sw-crypt. Normal hwcrypt scenarios would not need this. - 2019-03-12: Re-work problematic patch that attempted to fix transmit on non-QOS tids. It appears buggy in several ways, hopefully improved now. This was introduced last fall. See github bug 78. Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* mt76: update to the latest versionFelix Fietkau2019-03-231-3/+3
| | | | | | | | | | | | | 4d8c7e8 mt76: mt76x02: send no-skb tx status without holding the status lock 7e9e9ad mt76: mt7603: add missing initialization for dev->ps_lock 3a7e6bb mt76: fix potential deadlock on cancelling workqueues deacb8f mt76: fix using mac80211 tx skb header padding c9402eb mt76: use napi polling for tx cleanup 60e508e mt76: use readl/writel instead of ioread32/iowrite32 5912e8a mt7603: fix sequence number assignment 95a83cc mt7603: send BAR after powersave wakeup Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: update to latest git HEADHauke Mehrtens2019-03-211-3/+3
| | | | | | | a8cf037 netifd: wireless: Add support for GCMP cipher 34a70b6 netifd: wireless: Add support for 802.11ad Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ubox: update to latest git HEADHauke Mehrtens2019-03-211-3/+3
| | | | | | a782779 kmodloader: increase module name length Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iwinfo: update to latest git HEADHauke Mehrtens2019-03-211-3/+3
| | | | | | | ce1814b iwinfo: Add device ID for Wilocity Wil6210 a8e8275 iwinfo: Add support for 802.11ad Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* Revert "valgrind: enable LTO and refresh patches"Hauke Mehrtens2019-03-211-1/+0
| | | | | | | | | This reverts commit 0331770299b1587a96285fd1af33afe6de4ecbb9. With LTO enabled valgridn does not build on MIPS32 any more, deactivate it for now. The patch refresh was not reverted. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libnftnl: bump to latest versionRosy Song2019-03-211-3/+3
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* openssl: revert disallowing parallel buildEneas U de Queiroz2019-03-211-1/+1
| | | | | | | Openssl 1.1.0 made wholesale changes to its building system. Apparently, parallel builds are working now. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* odhcpd: update to latest git HEAD (FS#2160)Hans Dedecker2019-03-211-3/+3
| | | | | | | | | | 6d23385 dhcpv6: extra syslog tracing b076916 dhcpv6/router: add support for mutiple master interfaces e4a24dc ndp: fix adding proxy neighbor entries 4ca7f7e router: add extra syslog tracing 8318e93 netlink: fix neighbor event handling (FS#2160) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* uboot-fritz4040: fix PKG_MIRROR_HASHChristian Lamparter2019-03-211-1/+1
| | | | | | | The PKG_MIRROR_HASH was for some reason wrong. Fixes: d75db67870fa ("uboot-fritz4040: bump version to 2019-03-03") Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* adb: fix missing PKG_MIRROR_HASHChristian Lamparter2019-03-211-0/+1
| | | | | | This package was missing a PKG_MIRROR_HASH value. Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* ramips: Xiaomi MIR3G: detect board name from DTSOzgur Can Leonard2019-03-211-1/+1
| | | | | | | | | | | | | | | | - Former "mir3g" board name becomes "xiaomi,mir3g". - Reorder some entries to maintain alphabetical order. - Change DTS so status LEDs (yellow/red/blue) mimic Xiaomi stock firmware: (Section Indicator) <http://files.xiaomi-mi.co.uk/files/router_pro/router%20PRO%20EN.pdf> <http://files.xiaomi-mi.co.uk/files/Mi_WiFi_router_3/MiWiFi_router3_EN.pdf> |Yellow: Update (LED flickering), the launch of the system (steady light); |Blue: during normal operation (steady light); |Red: Safe mode (display flicker), system failure (steady light); Signed-off-by: Ozgur Can Leonard <ozgurcan@gmail.com> [Added link to similar Router 3 model] Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* ca-certificates: update to version 20190110Josef Schlehofer2019-03-211-4/+3
| | | | | | | | | | - Tested on Turris MOX, OpenWrt master - Removed PKG_BUILD_DIR In build_dir there were two folders ca-certificates and ca-certificates-20190110 and it failed as files were in ca-certificates-20190110 Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
* ipq40xx: add support for EnGenius ENS620EXTSteve Glennon2019-03-212-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hardware -------- CPU: Qualcomm IPQ4018 RAM: 256M FLASH: 32M SPI NOR W25Q256 ETH: QCA8075 WiFi2: IPQ4018 2T2R 2SS b/g/n WiFi5: IPQ4018 2T2R 2SS n/ac LED: - Power amber - LAN1(PoE) green - LAN2 green - Wi-Fi 2.4GHz green - Wi-Fi 5GHz green BTN: - WPS UART: 115200n8 3.3V J1 VCC(1) - GND(2) - TX(3) - RX(4) Added basic support to get the device up and running for a sysupgrade image only. There is currently no way back to factory firmware, so this is a one-way street to OpenWRT. Install from factory condition is convoluted, and may brick your device: 1) Enable SSH and disable the CLI on the factory device from the web user interface (Management->Advanced) 2) Reboot the device 3) Override the default, limited SSH shell: a) Get into the ssh shell: ssh admin@192.168.1.1 /bin/sh --login b) Change the dropbear script to disable the limited shell. At the empty command prompt type: sed -i '/login_ssh/s/^/#/g’ dropbear /etc/init.d/dropbear restart exit 4) ssh in to a (now-) normal OpenWRT SSH session 5) Flash your built image a) scp openwrt-ipq40xx-engenius_ens620ext-squashfs-sysupgrade.bin admin@192.168.1.1:/tmp/ b) ssh admin@192.168.1.1 c) sysupgrade -n /tmp/openwrt-ipq40xx-engenius_ens620ext-squashfs-sysupgrade.bin 6) After flash completes (it may say "Upgrade failed" followed by "Upgrade completed") and device reboots, log in to newly flashed system. Note you will now need to ssh as root rather than admin. Signed-off-by: Steve Glennon <s.glennon@cablelabs.com> [whitespace fixes, reordered partitions, removed rng node from 4.14, fixed 901-arm-boot-add-dts-files.patch] Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* iproute2: update to 5.0.0Deng Qingfang2019-03-207-50/+19
| | | | | | | | | Update iproute2 to 5.0.0 Remove upstream patch 001-tc-fix-undefined-XATTR_SIZE_MAX Alter patch 170-ip_tiny as support for IPX and DECnet is dropped Update patch 010-cake-fwmark to match upstream commit Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
* mac80211: fix an issue with the TXQ scheduling API and powersave clientsFelix Fietkau2019-03-201-0/+31
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: improve the txq scheduling API to deal with driver buffered packetsFelix Fietkau2019-03-202-3/+108
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: optimize skb resizing to avoid reallocation when using 802.11s + ↵Felix Fietkau2019-03-201-0/+198
| | | | | | batman-adv Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iproute2: add cake fwmark supportRyan Mounce2019-03-202-1/+156
| | | | Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
* kmod-sched-cake: bump to latest cakeRyan Mounce2019-03-191-3/+3
| | | | | | | | | | | | | | | | Update the out of tree build of cake. Applicable patches are also in net-next. 057c738 Fix fwmark_shft assignment (again) ca6c162 Add support for storing mark back into conntrack 7ed9b6c Fix off-by-one error when setting fwmark_shft. a4a243a sch_cake: Interpret fwmark parameter as a bitmask 29d707e Simplify logic in cake_select_tin() 8acaaee Permit use of connmarks as tin classifiers 348f186 Make the dual modes fairer 99a7297 compat: Don't lock root qdisc when dumping stats on old kernels Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
* usbutils: Update usb.ids to 0.321Daniel Engberg2019-03-181-3/+3
| | | | | | Update usb.ids to 0.321 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* ipset: size optimizationsDeng Qingfang2019-03-171-2/+5
| | | | | | | | | | | ipset utility was linked statically to libipset. Disable static library for dynamic linking to save space. Add -Wl,--gc-sections,--as-needed for further reduction MIPS ipk size: ipset: 29KiB -> 2KiB libipset: 39KiB -> 38KiB Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
* mac80211: netifd: Use a mask when using `iw set antenna`Alexander Couzens2019-03-162-3/+6
| | | | | | | | The keyword "all" is only supported by `iw set antenna` if it's used as the only argument. Convert "all" into a mask before calling `iw set antenna`. Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* mt76: update to the latest versionFelix Fietkau2019-03-161-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 00ac79d mt7603: fix initialization of max rx length 320af65 mt76: mt7603: use the correct hweight8() function bdee924 mt76: fix schedule while atomic in mt76x02_reset_state abcb544 mt76x02: do not enable RTS/CTS by default e97a209 mt76: remove mt76_queue dependency from tx_queue_skb function pointer ddd98f8 mt76: remove mt76_queue dependency from tx_prepare_skb function pointer 9bc2d56 mt76: remove mt76_queue dependency from tx_complete_skb function pointer 06c917f mt76: introduce mt76_sw_queue data structure 2dc63b0 mt76: introduce mt76_txq_id field in mt76_queue_entry 312f6fc mt76: remove irqsave/restore in locking for tx status fifo 0fe6386 mt76: move mt76x02_insert_hdr_pad in mt76-core module efe9a47 mt76: mmio: move mt76_insert_hdr_pad in mt76_dma_tx_queue_skb 0b03f87 mt76: move skb dma mapping before running tx_prepare_skb f977a92 mt76: introduce mt76_tx_info data structure 72fe286 mt76: use mac80211 txq scheduling b77b932 mt76: reduce locking in mt76_dma_tx_cleanup c0ab515 mt76: store wcid tx rate info in one u32 reduce locking f37ad72 mt76: mt76x02: store software PN/IV in wcid 5323005 mt76: move tx tasklet to struct mt76_dev 688d708 mt76: only schedule txqs from the tx tasklet 42ce040 mt76: use TX_NEEDS_ALIGNED4_SKBS 2660aa9 mt76: mt7603: store software PN/IV in wcid 3ce8a93 mt76: dma: add static qualifier to mt76_dma_tx_queue_skb 81a32aa mt7603: remove mt7603_mcu_init routine 48dc7e9 mt7603: core: do not use magic numbers in mt7603_reg_map 2236490 mt76: usb: reduce code indentation in mt76u_alloc_tx Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add a few performance improvement patchesFelix Fietkau2019-03-164-0/+297
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: improve locking around the txq scheduling / airtime fairness APIFelix Fietkau2019-03-161-0/+214
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: backport the txq scheduling / airtime fairness APIFelix Fietkau2019-03-169-59/+1147
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix an unaligned access in the mesh hash table functionFelix Fietkau2019-03-161-0/+21
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: add support for suppressing the DHCP request hostname by setting it to *Felix Fietkau2019-03-161-0/+2
| | | | | | | | | dnsmasq (and probably other DHCP servers as well) does not like to hand out leases with duplicate host names. Adding support for skipping the hostname makes it easier to deploy setups where it is not guaranteed to be unique Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: update and fix the patch to allow 4-byte aligned tx skbsFelix Fietkau2019-03-1614-300/+371
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: allocate tailroom for forwarded mesh packetsFelix Fietkau2019-03-161-0/+37
| | | | | | Fixes a warning + packet loss on encrypted mesh networks with forwarding Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iproute2: tc: reduce size of dynamic symbol tableTony Ambardar2019-03-142-1/+45
| | | | | | | | | | | | | In the case of SHARED_LIBS=y, don't use -export-dynamic to place *all* symbols into the dynamic symbol table. Instead, use --dynamic-list to export a smaller set of symbols similar to that defined in static-syms.h in the case of SHARED_LIBS=n, avoiding an 11 KB tc package size increase. The symbol set is based on that required by the only plugin, m_xt.so. Also increment PKG_RELEASE. Signed-off-by: Tony Ambardar <itugrok@yahoo.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE fixup]
* iproute2: tc: enable and fix support for using .so pluginsTony Ambardar2019-03-142-1/+107
| | | | | | | | | | | | | | | | | | | | | | | This enables using the tc module m_xt.so, which uses the act_ipt kernel module to allow tc actions based on iptables targets. e.g. tc filter add dev eth0 parent 1: prio 10 protocol ip \ u32 match u32 0 0 action xt -j DSCP --set-dscp-class BE Make the SHARED_LIBS parameter configurable and based on tc package selection. Fix a problem using the tc m_xt.so plugin as also described in https://bugs.debian.org/868059: Sync include/xtables.h from iptables to make sure the right offset is used when accessing structure members defined in libxtables. One could get “Extension does not know id …” otherwise. (See also: #868059) Patch to sync the included xtables.h with system iptables 1.6.x. This continues to work with iptables 1.8.2. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* iproute2: support eBFP/XDP object file loading, simplify linking libelfTony Ambardar2019-03-143-67/+30
| | | | | | | | | | | | | | Add build and runtime dependencies on libelf, allowing tc and ip-full to load BPF and XDP object files respectively. Define package 'tc' as a singleton package variant, which can be used to enable additional functionality limited only to tc. Also set ip-tiny as the default 'ip' variant. Preserve optionality of libelf by having configuration script follow the HAVE_ELF environment variable, used similarly to the HAVE_MNL variable. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* netifd: update to latest git HEAD (FS#2087)Hans Dedecker2019-03-141-3/+3
| | | | | | 81ac3bc interface-ip: fix delegate config update on reload (FS#2087) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* uboot-sunxi: add fix for A20-OLinuXino-Lime2-eMMC rev. K boardsZoltan HERPAI2019-03-131-0/+44
| | | | | | | The OLinuXino Lime2 rev. K boards use new PHYs (Micrel KSZ9031), so enable that. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>