aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* wireguard: bump to 0.0.20180809Jason A. Donenfeld2018-08-121-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * send: switch handshake stamp to an atomic Rather than abusing the handshake lock, we're much better off just using a boring atomic64 for this. It's simpler and performs better. Also, while we're at it, we set the handshake stamp both before and after the calculations, in case the calculations block for a really long time waiting for the RNG to initialize. * compat: better atomic acquire/release backport This should fix compilation and correctness on several platforms. * crypto: move simd context to specific type This was a suggestion from Andy Lutomirski on LKML. * chacha20poly1305: selftest: use arrays for test vectors We no longer have lines so long that they're rejected by SMTP servers. * qemu: add easy git harness This makes it a bit easier to use our qemu harness for testing our mainline integration tree. * curve25519-x86_64: avoid use of r12 This causes problems with RAP and KERNEXEC for PaX, as r12 is a reserved register. * chacha20: use memmove in case buffers overlap A small correctness fix that we never actually hit in WireGuard but is important especially for moving this into a general purpose library. * curve25519-hacl64: simplify u64_eq_mask * curve25519-hacl64: correct u64_gte_mask Two bitmath fixes from Samuel, which come complete with a z3 script proving their correctness. * timers: include header in right file This fixes compilation in some environments. * netlink: don't start over iteration on multipart non-first allowedips Matt Layher found a bug where a netlink dump of peers would never terminate in some circumstances, causing wg(8) to keep trying forever. We now have a fix as well as a unit test to mitigate this, and we'll be looking to create a fuzzer out of Matt's nice library. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* base-files: add function to get mac as text from flashMathias Kresin2018-08-111-0/+23
| | | | | | | | | Add a function to get a mac stored as text from flash. The octets of the mac address need to be separated by any separator supported by macaddr_canonicalize(). Signed-off-by: Dmitry Tunin <hanipouspilot@gmail.com> Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: use consistent coding styleMathias Kresin2018-08-111-8/+4
| | | | | | | | Add the opening bracket right after the function name, to do it the same way for all functions in this file. Signed-off-by: Dmitry Tunin <hanipouspilot@gmail.com> Signed-off-by: Mathias Kresin <dev@kresin.me>
* uci: bump to source date 2018-08-11Yousong Zhou2018-08-111-3/+3
| | | | | | Fixes segfault when parsing malformed delta lines Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* wpa_supplicant: fix CVE-2018-14526John Crispin2018-08-101-0/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unauthenticated EAPOL-Key decryption in wpa_supplicant Published: August 8, 2018 Identifiers: - CVE-2018-14526 Latest version available from: https://w1.fi/security/2018-1/ Vulnerability A vulnerability was found in how wpa_supplicant processes EAPOL-Key frames. It is possible for an attacker to modify the frame in a way that makes wpa_supplicant decrypt the Key Data field without requiring a valid MIC value in the frame, i.e., without the frame being authenticated. This has a potential issue in the case where WPA2/RSN style of EAPOL-Key construction is used with TKIP negotiated as the pairwise cipher. It should be noted that WPA2 is not supposed to be used with TKIP as the pairwise cipher. Instead, CCMP is expected to be used and with that pairwise cipher, this vulnerability is not applicable in practice. When TKIP is negotiated as the pairwise cipher, the EAPOL-Key Key Data field is encrypted using RC4. This vulnerability allows unauthenticated EAPOL-Key frames to be processed and due to the RC4 design, this makes it possible for an attacker to modify the plaintext version of the Key Data field with bitwise XOR operations without knowing the contents. This can be used to cause a denial of service attack by modifying GTK/IGTK on the station (without the attacker learning any of the keys) which would prevent the station from accepting received group-addressed frames. Furthermore, this might be abused by making wpa_supplicant act as a decryption oracle to try to recover some of the Key Data payload (GTK/IGTK) to get knowledge of the group encryption keys. Full recovery of the group encryption keys requires multiple attempts (128 connection attempts per octet) and each attempt results in disconnection due to a failure to complete the 4-way handshake. These failures can result in the AP/network getting disabled temporarily or even permanently (requiring user action to re-enable) which may make it impractical to perform the attack to recover the keys before the AP has already changes the group keys. By default, wpa_supplicant is enforcing at minimum a ten second wait time between each failed connection attempt, i.e., over 20 minutes waiting to recover each octet while hostapd AP implementation uses 10 minute default for GTK rekeying when using TKIP. With such timing behavior, practical attack would need large number of impacted stations to be trying to connect to the same AP to be able to recover sufficient information from the GTK to be able to determine the key before it gets changed. Vulnerable versions/configurations All wpa_supplicant versions. Acknowledgments Thanks to Mathy Vanhoef of the imec-DistriNet research group of KU Leuven for discovering and reporting this issue. Possible mitigation steps - Remove TKIP as an allowed pairwise cipher in RSN/WPA2 networks. This can be done also on the AP side. - Merge the following commits to wpa_supplicant and rebuild: WPA: Ignore unauthenticated encrypted EAPOL-Key data This patch is available from https://w1.fi/security/2018-1/ - Update to wpa_supplicant v2.7 or newer, once available Signed-off-by: John Crispin <john@phrozen.org>
* base-files: make wifi report unknown commandThibaut VARÈNE2018-08-101-2/+3
| | | | | | | | | | | Avoid having /sbin/wifi silently ignore unknown keywords and execute "up"; instead display the help message and exit with an error. Spell out the "up" keyword (which has users), add it to usage output, and preserve the implicit assumption that runing /sbin/wifi without argument performs "up". Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* ath79: add support for OCEDO KoalaDavid Bauer2018-08-091-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit adds support for the OCEDO Koala SOC: Qualcomm QCA9558 (Scorpion) RAM: 128MB FLASH: 16MiB WLAN1: QCA9558 2.4 GHz 802.11bgn 3x3 WLAN2: QCA9880 5 GHz 802.11nac 3x3 INPUT: RESET button LED: Power, LAN, WiFi 2.4, WiFi 5, SYS Serial: Header Next to Black metal shield Pinout is 3.3V - GND - TX - RX (Arrow Pad is 3.3V) The Serial setting is 115200-8-N-1. Tested and working: - Ethernet - 2.4 GHz WiFi - 5 GHz WiFi - TFTP boot from ramdisk image - Installation via ramdisk image - OpenWRT sysupgrade - Buttons - LEDs Installation seems to be possible only through booting an OpenWRT ramdisk image. Hold down the reset button while powering on the device. It will load a ramdisk image named 'koala-uImage-initramfs-lzma.bin' from 192.168.100.8. Note: depending on the present software, the device might also try to pull a file called 'koala-uimage-factory'. Only the name differs, it is still used as a ramdisk image. Wait for the ramdisk image to boot. OpenWRT can be written to the flash via sysupgrade or mtd. Due to the flip-flop bootloader which we not (yet) support, you need to set the partition the bootloader is selecting. It is possible from the initramfs image with > fw_setenv bootcmd run bootcmd_1 Afterwards you can reboot the device. Signed-off-by: David Bauer <mail@david-bauer.net>
* odhcp6c: apply IPv6/ND configuration earlierHans Dedecker2018-08-092-8/+9
| | | | | | | | | | Apply IPv6/ND configuration before proto_send_update so that all config info is available when netifd is handling the notify_proto ubus call. In particular this fixes an issue when netifd is updating the downstream IPv6 mtu as netifd was still using the not yet updated upstream IPv6 mtu to set the downstream IPv6 mtu Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iproute2: remove libutil from InstallDev sectionHans Dedecker2018-08-091-3/+2
| | | | | | | | | | | Commit 4d961538f6 added libutil to the iproute2 InstallDev section but lead to compile issues with packages picking up the wrong libutil since libutil is quite a generic name ... Further libutil is rather meant for internal usage in iproute2 than a public API; therefore let's remove it from the InstallDev section together with ll_map.h Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-08-091-3/+3
| | | | | | 115a694 interface-ip: always override downstream IPv6 mtu Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* sunxi: Added support for Xunlong Orange Pi PC2Antonio Silverio2018-08-091-0/+9
| | | | | | | | | | | | | | | | CPU: H5 High Performance Quad-core 64-bit Cortex-A53 GPU: Mali450 OpenGL ES 2.0/1.1/1.0, OpenVG 1.1, EGL Memory: 1GB DDR3 (shared with GPU) Onboard Storage: TF card (Max. 32GB) / NOR flash(2MB) Onboard Network: 1000M/100M Ethernet RJ45 USB 2.0 Ports: Three USB 2.0 HOST, one USB 2.0 OTG, HOST mode role by default in DTS Buttons: Power Button(SW4) Debug TTL UART: ..DC-IN.. >[GND][RX][TX] ..HDMI.. Signed-off-by: Antonio Silverio <menion@gmail.com>
* firmware: intel-microcode: bump to 20180703Zoltan HERPAI2018-08-091-6/+6
| | | | | | | | | | | | | | | | | | | | | | | * New upstream microcode data file 20180703 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2018-05-08, rev 0x061d, size 18432 sig 0x000206d7, pf_mask 0x6d, 2018-05-08, rev 0x0714, size 19456 sig 0x000306e4, pf_mask 0xed, 2018-04-25, rev 0x042d, size 15360 sig 0x000306e7, pf_mask 0xed, 2018-04-25, rev 0x0714, size 17408 sig 0x000306f2, pf_mask 0x6f, 2018-04-20, rev 0x003d, size 33792 sig 0x000306f4, pf_mask 0x80, 2018-04-20, rev 0x0012, size 17408 sig 0x000406f1, pf_mask 0xef, 2018-04-19, rev 0xb00002e, size 28672 sig 0x00050654, pf_mask 0xb7, 2018-05-15, rev 0x200004d, size 31744 sig 0x00050665, pf_mask 0x10, 2018-04-20, rev 0xe00000a, size 18432 sig 0x000706a1, pf_mask 0x01, 2017-12-26, rev 0x0022, size 73728 + First batch of fixes for: Intel SA-00115, CVE-2018-3639, CVE-2018-3640 + Implements IBRS/IBPB/STIPB support, Spectre-v2 mitigation + SSBD support (Spectre-v4 mitigation) and fix Spectre-v3a for: Sandybridge server, Ivy Bridge server, Haswell server, Skylake server, Broadwell server, a few HEDT Core i7/i9 models that are actually gimped server dies. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* busybox: prevent compile hang with bzip2 enabledRob Mosher2018-08-081-0/+9
| | | | | | | | The BZIP2_SMALL option was not being exposed via Config.in which caused the build to fail as 'yes' is piped to the config during build. As it's expecting a number, it gets stuck in a loop. Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
* ucert: update to lastest git HEADJo-Philipp Wich2018-08-081-3/+3
| | | | | | | | Update to latest HEAD in order to fix a stack memory corruption issue: 1056e73 Change the sigb buffer to be the same size as the fread Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* iproute2: add libutil to InstallDev sectionHans Dedecker2018-08-081-0/+1
| | | | | | | | In iproute2 v4.17 ll_map has been moved from the libnetlink to the libutil library; add libutil as well to the staging dir in order to keep support for ll_map Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* uboot-envtools: add ath79 targetDavid Bauer2018-08-081-0/+26
| | | | | | | | This adds uci entries for all ath79 devices for which this already was the case on ar71xx. Additionally we add the OCEDO Koala as there was no support in OpenWRT yet. Signed-off-by: David Bauer <mail@david-bauer.net>
* base-files: introduce sysupgrade signature chain verificationDaniel Golle2018-08-083-3/+31
| | | | | | | | | Verify ucert signature chains in sysupgrade images in case ucert is installed and $CHECK_IMAGE_SIGNARURE = 1. Also make sure ucert host binary is present and generate a self-signed ucert in case $TOPDIR/key-build.ucert is missing. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ucert: update sourceDaniel Golle2018-08-071-4/+10
| | | | | | | | | | | | ad816fc set rpath to make bundle-libraries.sh happy 63ad591 blob_buf needs to be zero'd Now that libubox, libjson-c and libblobms_json are installed into STAGING_DIR_HOST we can properly bundle ucert in the ImageBuilder. Follow-up commits will make use of it to include a signature-chain in sysupgrade images using fwtool. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libubox: set HOST_BUILD_PREFIXDaniel Golle2018-08-071-1/+2
| | | | | | | Install into STAGING_DIR_HOST rather than STAGING_DIR_HOSTPKG to make bundle-libraries.sh happy. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libjson-c: set HOST_BUILD_PREFIXDaniel Golle2018-08-071-1/+2
| | | | | | | Install into STAGING_DIR_HOST rather than STAGING_DIR_HOSTPKG to make bundle-libraries.sh happy. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libubox: fix source version dateJo-Philipp Wich2018-08-071-1/+1
| | | | | | | | The referenced Git commit was made on the 25th of July, not June. Fixes 432eaa940f ("libubox: fix mirror hash") Fixes 5dc32620c4 ("libubox: update to latest git HEAD") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* libubox: fix mirror hashJo-Philipp Wich2018-08-071-1/+1
| | | | | | | | | | | Correct the mirror hash to reflect whats on the download server. A locally produced libubox SCM tarball was also verified to yield an identical checksum compared to the one currently on the download server. Fixes FS#1707. Fixes 5dc32620c4 ("libubox: update to latest git HEAD") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ustream-ssl: update to latest git HEADEneas U de Queiroz2018-08-071-4/+4
| | | | | | | | 23a3f28 openssl, wolfssl: match mbedTLS ciphersuite list 450ada0 ustream-ssl: Revised security on mbedtls 34b0b80 ustream-ssl: add openssl-1.1.0 compatibility Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* procd: update to latest git HEADHans Dedecker2018-08-061-3/+3
| | | | | | | | e29966f Allow disabling seccomp or changing the whitelist 5f57223 trace: Use properly sized type for PTRACE_GETEVENTMSG 747efb6 procd: fix ustream deadlock when there are 0 bytes or no newlines Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* Revert "netfilter: separate IPv6 relevant kernel modules from IPv4"Jo-Philipp Wich2018-08-061-58/+5
| | | | | | | | | This reverts commit 42a3c6465a230a4e03f2a185f4db5ac57b89f673. The change was apparently never build-tested with all kmods enabled. I took a brief look but found no simple way to untangle this, so revert it. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* netfilter: separate IPv6 relevant kernel modules from IPv4Rosy Song2018-08-061-5/+58
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* base-files: do not add relevant sections & options except when ipv6 is ↵Rosy Song2018-08-061-16/+26
| | | | | | support in kernel Signed-off-by: Rosy Song <rosysong@rosinson.com>
* kernel: modules: fix kmod-regmap reduxChristian Lamparter2018-08-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Jonas Gorski commented on the previous patch: |This is actually the wrong fix and papers over an issue in one of our |local patches. | |We intentionally allow regmap to be built as a module, see | |/target/linux/generic/hack-4.14/259-regmap_dynamic.patch |[...] |[The regulator code] optionally supports regmap thanks to the stubs |provided if regmap is disabled - which breaks if you compile regmap |as a module. In order to mitigate this issue, this patch reverts the previous patch and replaces the existing IS_ENABLED(CONFIG_REGMAP) with IS_REACHABLE(CONFIG_REGMAP). This solves this particular issue as the regulator code will now automatically fallback to the regmap stubs in case the kmod-regmap module is enabled, but nothing else sets CONFIG_REGMAP=y. Note: There's still a potential issue that this patch doesn't solve: If someone ever wants to make a OpenWrt kernel package for a regulator module that requires the REGMAP feature for a target that doesn't set CONFIG_REGMAP=y but has CONFIG_REGULATOR=y, the resulting kmod-regulator-xyz package will not work on the target. Luckily, there aren't any in-tree OpenWrt kernel module packages for regulators at the moment. On the bright side: regmap is a critical part nowadays and all new and upcoming architectures require it by default. This will likely only ever be a problem for legacy targets and devices that cannot afford to enable REGMAP. Cc: Jonas Gorski <jonas.gorski@gmail.com> Cc: John Crispin <john@phrozen.org> Fixes: d00913d1215b ("kernel: modules: fix kmod-regmap") Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* base-files: sysupgrade: abort if config backup failsAndreas Ziegler2018-08-062-1/+6
| | | | | | | Sysupgrade shouldn't proceed, if the backup of the configuration fails because tar (or gzip) exit with a non-zero code. Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
* wireguard: bump to 0.0.20180802Jason A. Donenfeld2018-08-041-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog taken from the version announcement > == Changes == > > * chacha20poly1305: selftest: split up test vector constants > > The test vectors are encoded as long strings -- really long strings -- and > apparently RFC821 doesn't like lines longer than 998. > https://cr.yp.to/smtp/message.html > > * queueing: keep reference to peer after setting atomic state bit > > This fixes a regression introduced when preparing the LKML submission. > > * allowedips: prevent double read in kref > * allowedips: avoid window of disappeared peer > * hashtables: document immediate zeroing semantics > * peer: ensure resources are freed when creation fails > * queueing: document double-adding and reference conditions > * queueing: ensure strictly ordered loads and stores > * cookie: returned keypair might disappear if rcu lock not held > * noise: free peer references on failure > * peer: ensure destruction doesn't race > > Various fixes, as well as lots of code comment documentation, for a > small variety of the less obvious aspects of object lifecycles, > focused on correctness. > > * allowedips: free root inside of RCU callback > * allowedips: use different macro names so as to avoid confusion > > These incorporate two suggestions from LKML. > > This snapshot contains commits from: Jason A. Donenfeld and Jann Horn. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* uclient: update to latest git HEADJo-Philipp Wich2018-08-031-3/+3
| | | | | | | | | | | | | | f2573da uclient-fetch: use package name pattern in message for missing SSL library 9fd8070 uclient-fetch: Check for nullpointer returned by uclient_get_url_filename f41ff60 uclient-http: basic auth: Handle memory allocation failure a73b23b uclient-http: auth digest: Handle multiple possible memory allocation failures 66fb58d uclient-http: Handle memory allocation failure 2ac991b uclient: Handle memory allocation failure for url 63beea4 uclient-http: Implement error handling for header-sending eb850df uclient-utils: Handle memory allocation failure for url file name ae1c656 uclient-http: Close ustream file handle only if allocated Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* iproute2: cake: make gso/gro splitting configurableKevin Darbyshire-Bryant2018-08-022-2/+11
| | | | | | | | | | | | | | | | | | This patch makes sch_cake's gso/gro splitting configurable from userspace. To disable breaking apart superpackets in sch_cake: tc qdisc replace dev whatever root cake no-split-gso to enable: tc qdisc replace dev whatever root cake split-gso Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk> Signed-off-by: Dave Taht <dave.taht@gmail.com> [pulled from netdev list - no API/ABI change] Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kmod-sched-cake: bump to 20180728 optional gso splitKevin Darbyshire-Bryant2018-08-021-3/+3
| | | | | | | | | Follow upstream kernel patch that restores always splitting gso packets by default whilst making the option configurable from (tc) userspace. No ABI/API change Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* busybox: update to 1.29.2Hannu Nyman2018-08-0211-149/+80
| | | | | | | | | | | | | | | * Update busybox to 1.29.2 * refresh default config * remove upstreamed patches Config refreshed with cd config/ ../convert_menuconfig.pl ../../../../build_dir/target-arm_cortex-a9+vfpv3_musl_eabi/busybox-1.29.2 cd .. ./convert_defaults.pl < ../../../build_dir/target-arm_cortex-a9+vfpv3_musl_eabi/busybox-1.29.2/.config > Config-defaults.in Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> Tested-by: Hans Dedecker <dedeckeh@gmail.com>
* iperf: bump to 2.0.12Koen Vandeputte2018-08-021-2/+2
| | | | | | | | | | | | | | | | | | | Fixes the annoying 'feature' were TTL was set to "1" by default .. Users had to specify -T manually to test outside the own network. 2.0.12 change set (as of June 25th 2018) o Change the unicast TTL default value from 1 to the system default (to be compatable with previous versions.) Multicast still defaults to 1. o adpative formatting bug fix: crash occurs when values exceed 1 Tera. Add support for Tera and Peta and eliminate the potential crash condition o configure default compile to include isochronous support (use configure --disable-isochronous to remove support) o replace 2.0.11's --vary-load option with a more general -b option to include <mean>,<stdev>, e.g. -b 100m,40m, which will pull from a log normal distribution every 0.1 seconds o fixes for windows cross compile (using mingw32) o compile flags of -fPIE for android o configure --enable-checkprograms to compile ancillary binaries used to test things such as delay, isoch, pdf generation o compile tests when trying to use 64b seq numbers on a 32b platform o Fix GCC ver 8 warnings Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* gdb: bump to 8.1.1Koen Vandeputte2018-08-013-9/+9
| | | | | | | | | | | | | | | GDB 8.1.1 brings the following fixes and enhancements over GDB 8.1: * PR gdb/22824 (misleading description of new rbreak Python function in GDB 8.1 NEWS file) * PR gdb/22849 (ctrl-c doesn't work in extended-remote) * PR gdb/22907 ([Regression] gdbserver doesn't work with filename-only binaries) * PR gdb/23028 (inconsistent disassemble of vcvtpd2dq) * PR gdb/23053 (Fix -D_GLIBCXX_DEBUG gdb-add-index regression) * PR gdb/23127 ([AArch64] GDB cannot be used for debugging software that uses high Virtual Addresses) * PR server/23158 (gdbserver no longer functional on Windows) * PR breakpoints/23210 ([8.1/8.2 Regression] Bogus Breakpoint address adjusted from 0xf7fe7dd3 to 0xfffffffff7fe7dd3) Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* adb: added patch for openssl 1.1.0 compatibilityEneas U de Queiroz2018-08-012-1/+29
| | | | Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* nftables: allow to build with json supportRosy Song2018-08-011-1/+12
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* iwinfo: update to latest Git HEADJo-Philipp Wich2018-07-311-3/+3
| | | | | | | | a514139 build: compile with -ffunction-sections, -fdata-sections and LTO 3c30b17 wl: only invoke nvram executable if it exists 65b8333 Revert "build: compile with -ffunction-sections, -fdata-sections and LTO" Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211: brcmfmac: backport patch for per-firmware featuresRafał Miłecki2018-07-311-0/+84
| | | | | | | This allows driver to support features that can't be dynamically discovered. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* ca-caertificates: remove myself as PKG_MAINTAINERChristian Schoenebeck2018-07-311-2/+2
| | | | | | remove myself as PKG_MAINTAINER Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* netifd: update to latest git HEADJohn Crispin2018-07-301-2/+2
| | | | | | fix a compile error Signed-off-by: John Crispin <john@phrozen.org>
* netifd: update to latest git HEAD (FS#1668)Hans Dedecker2018-07-301-3/+3
| | | | | | | | | | | | | | 75ee790 interface-ip: fix eui64 ifaceid generation (FS#1668) ca97097 netifd: make sure the vlan ifname fits into the buffer b8c1bca iprule: remove bogus assert calls a2f952d iprule: fix broken in_dev/out_dev checks 263631a vlan: use alloca to get rid of IFNAMSIZE in vlan_dev_set_name() 291ccbb ubus: display correct prefix size for IPv6 prefix address 908a9f4 CMakeLists.txt: add -Wimplicit-fallthrough to the compiler flags b06b011 proto-shell.c: add a explicit "fall through" comment to make the compiler happy 60293a7 replace fall throughs in switch/cases where possible with simple code changes Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* kernel: modules: fix kmod-regmapChristian Lamparter2018-07-301-1/+1
| | | | | | | | | | | | | | | | | | | This patch fixes the a compile issue that was triggered by apm821xx/sata when kmod-regmap was selected. The CONFIG_REGMAP is declared in drivers/base/regmap/Kconfig as type "bool" and not "tristate". Hence the symbol should never be set to module, as this confuses the #if CONFIG_REGMAP guards in include/linux/regmap.h: |.../drivers/regulator/core.c:4041: undefined reference to `dev_get_regmap' |.../drivers/regulator/core.c:4042: undefined reference to `dev_get_regmap' |.../drivers/regulator/core.c:4044: undefined reference to `dev_get_regmap' |.../drivers/regulator/helpers.o: In function `regulator_is_enabled_regmap': |.../drivers/regulator/helpers.c:36: undefined reference to `regmap_read' |... Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* tcpdump: explicitly disable libcap-ng supportStijn Tintel2018-07-301-0/+1
| | | | | | | | When libcap-ng is detected during build, support for it is enabled. This will cause a build failure due to a missing dependency. Explicitly disable libcap-ng support to avoid this. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* mac80211: ath10k: Limit available channels via DT ieee80211-freq-limitSven Eckelmann2018-07-301-0/+44
| | | | | | | | | | | | | Tri-band devices (1x 2.4GHz + 2x 5GHz) often incorporate special filters in the RX and TX path. These filtered channel can in theory still be used by the hardware but the signal strength is reduced so much that it makes no sense. There is already a DT property to limit the available channels but ath10k has to manually call this functionality to limit the currrently set wiphy channels further. Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
* kernel: add kmod-iio-htu21Torbjörn Jansson2018-07-301-0/+22
| | | | | | | | | | | | | This adds support for the htu21 humidity and temperature sensor. To get it to work you have to do something like this: echo "htu21 0x40" >/sys/class/i2c-dev/i2c-1/device/new_device for example by adding it to rc.local Compile tested on brcm2708 and I have used an earlier version of this patch for more than a year. Signed-off-by: Torbjörn Jansson <torbjorn.jansson@mbox200.swipnet.se>
* wolfssl: remove myself as maintainerAlexandru Ardelean2018-07-301-1/+0
| | | | | | | I no longer have the time, nor the desire to maintain this package. Remove myself as maintainer. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* base-files: drop fwtool_pre_upgradeJohn Crispin2018-07-302-7/+0
| | | | | | | this feature has never worked, the fw image name was not passed and the -t parameter was missing in the tool invocation. drop the feature. Signed-off-by: John Crispin <john@phrozen.org>
* kirkwood: add support for Iomega Storcenter ix2-200Ademar Arvati Filho2018-07-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Iomega Storcenter ix2-200 is a dual SATA NAS powered by a Marvell Kirkwood SoC clocked at 1GHz. It has 256MB of RAM and 32MB of flash memory, 3x USB 2.0 and 1x 1Gbit/s NIC Specification: - SoC: Marvell Kirkwood 88F6281 - CPU/Speed: 1000Mhz - Flash-Chip: Hynix NAND - Flash size: 32 MiB,erase size:16 KiB,page size:512,OOB size:16 - RAM: 256MB - LAN: 1x 1000 Mbps Ethernet - WiFi: none - 3x USB 2.0 - UART: for serial console Installation instructions - easy steps: 1. download factory.bin and copy into tftp server 2. access uboot environment with serial cable and run ``` setenv mainlineLinux yes setenv arcNumber 1682 setenv console 'console=ttyS0,115200n8' setenv mtdparts 'mtdparts=orion_nand:0x100000@0x000000(u-boot)ro,0x20000@0xA0000(u-boot environment)ro,0x300000@0x100000(kernel),0x1C00000@0x400000(ubi)' setenv bootargs_root 'root=' setenv bootcmd 'setenv bootargs ${console} ${mtdparts} ${bootargs_root}; nand read.e 0x800000 0x100000 0x300000; bootm 0x00800000' saveenv setenv serverip 192.168.1.1 setenv ipaddr 192.168.1.13 tftpboot 0x00800000 factory.bin nand erase 0x100000 $(filesize) nand write 0x00800000 0x100000 $(filesize) run bootcmd ``` 3. access openwrt by dhcp ip address assigned by your router (p.ex: 192.168.1.13) Installation steps nand bad blocks proof: 1. download initramfs-uImage and copy into usb ext2 partition ``` mkfs.ext2 -L ext2 /dev/sdh1 mount -t ext2 /dev/sdh1 /mnt cp initramfs-uImage /mnt/initramfs.bin umount /mnt ``` 2. access uboot environment with serial cable and run ``` setenv mainlineLinux yes setenv arcNumber 1682 setenv console 'console=ttyS0,115200n8' setenv mtdparts 'mtdparts=orion_nand:0x100000@0x000000(u-boot)ro,0x20000@0xA0000(u-boot environment)ro,0x300000@0x100000(kernel),0x1C00000@0x400000(ubi)' setenv bootargs_root 'root=' setenv bootcmd 'setenv bootargs ${console} ${mtdparts} ${bootargs_root}; nand read.e 0x800000 0x100000 0x300000; bootm 0x00800000' saveenv usb reset; ext2load usb 0:1 0x00800000 /initramfs.bin; bootm 0x00800000 ``` 3. log into openwrt and sysupgrade to install into flash ``` sysupgrade -n /tmp/sysupgrade.bin ``` 4. access openwrt by dhcp ip address assigned by your router (p.ex: 192.168.1.13) Signed-off-by: Ademar Arvati Filho <arvati@hotmail.com>