aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
...
* ltq-ptm: Update VR9 PTM firmwareAntti Seppälä2021-02-128-312/+439
| | | | | | | | | | | | | | | After looking at various vendor GPL source code dumps I discovered that some of them contain updated versions of ltq-ptm driver when compared to what openwrt has. The driver update is mostly cursory (simple changes to comments, whitespace, formatting etc.) or adds debug features not used by openwrt. However the updated driver also contains a later version of PTM firmware which is extracted and included in this commit along with bits to correctly identify its version when driver loads. Signed-off-by: Antti Seppälä <a.seppala@gmail.com>
* arm-trusted-firmware-tools: add patch to pass LDFLAGSDaniel Golle2021-02-101-0/+11
| | | | | | This should hopefully fix builds on the buildbot. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* arm-trusted-firmware-mediatek: mark @BROKEN until bromimage gets fixedDaniel Golle2021-02-101-1/+3
| | | | | | | | | | The 'bromimage' tool which is used to wrap bl2 with a MediaTek-specific header is distributed in binary form only and unfortunately tries to dynamically link against libopenssl, which fails on the buildbots. Wait for MTK to provide a at least static executable instead, in the meantime, mark the package as broken. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* arm-trusted-firmware-tools: fix passing of CFLAGSDaniel Golle2021-02-101-3/+2
| | | | | | | | HOST_CFLAGS were ignored as they were passed on incorrectly which lead to build failure if OpenSSL wasn't present on the build host. Fix that by properly passing HOST_CFLAGS when building each tool. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* wolfssl: Backport fix for CVE-2021-3336Hauke Mehrtens2021-02-092-1/+54
| | | | | | | | | | | | This should fix CVE-2021-3336: DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate). The patch is backported from the upstream wolfssl development branch. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* arm-trusted-firmware-tools: remove tools which require libopensslDaniel Golle2021-02-091-12/+0
| | | | | | They are anyway not used for now, so only build fiptool and sptool. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uboot-envtools: Update to version 2021.01Hauke Mehrtens2021-02-081-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ltq-dsl-base: remove usused lantiq_dsl.shAndre Heider2021-02-082-750/+1
| | | | | | | All users have been converted to ubus. Signed-off-by: Andre Heider <a.heider@gmail.com> Tested-by: Martin Schiller <ms@dev.tdt.de>
* ltq-adsl-app: use ubus to provide metricsAndre Heider2021-02-082-4/+5
| | | | | | | | luci now uses ubus directly, so remove 'lucistat'. For manual usage just print the ubus output, use luci for a pretty version. Signed-off-by: Andre Heider <a.heider@gmail.com>
* ltq-vdsl-app: use ubus to provide metricsAndre Heider2021-02-082-4/+5
| | | | | | | | | luci now uses ubus directly, so remove 'lucistat'. For manual usage just print the ubus output, use luci for a pretty version. Signed-off-by: Andre Heider <a.heider@gmail.com> Tested-by: Martin Schiller <ms@dev.tdt.de>
* ltq-adsl-app: add ubus support to get metricsAndre Heider2021-02-082-1/+56
| | | | | | As with ltq-vdsl-app, see previous commit. Signed-off-by: Andre Heider <a.heider@gmail.com>
* ltq-vdsl-app: add ubus support to get metricsAndre Heider2021-02-083-1/+859
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a 'dsl' ubus object with a 'metrics' function to replace the expensive shell parsing done by /etc/init.d/dsl_control [dsl|luci]stat. All metrics are gathered by using syscalls. An additional thread is started to handle ubus events. $ time /etc/init.d/dsl_control dslstat real 0m 2.66s user 0m 0.90s sys 0m 1.76s $ time ubus call dsl metrics real 0m 0.02s user 0m 0.00s sys 0m 0.01s Example output: { "api_version": "4.17.18.6", "firmware_version": "5.8.1.5.0.7", "chipset": "Lantiq-VRX200", "driver_version": "1.5.17.6", "state": "Showtime with TC-Layer sync", "up": true, "uptime": 3891, "atu_c": { "vendor_id": [ 181, 0, 66, 68, 67, 77, 178, 26 ], "vendor": "Broadcom 178.26", "system_vendor_id": [ 181, 0, 66, 68, 67, 77, 0, 0 ], "system_vendor": "Broadcom", "version": [ 49, 57, 46, 48, 46, 51, 53, 46, 50, 32, 86, 69, 95, 49, 49, 95 ], "serial": [ 65, 65, 49, 52, 52, 54, 70, 69, 48, 90, 87, 45, 48, 56, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ] }, "power_state": "L0 - Synchronized", "xtse": [ 0, 0, 0, 0, 0, 0, 0, 2 ], "annex": "B", "standard": "G.993.2", "profile": "17a", "mode": "G.993.2 (VDSL2, Profile 17a, with down- and upstream vectoring)", "upstream": { "vector": true, "trellis": true, "bitswap": true, "retx": true, "virtual_noise": false, "interleave_delay": 0, "data_rate": 31999000, "latn": 8.500000, "satn": 8.400000, "snr": 12.700000, "actps": -90.100000, "actatp": 13.400000, "attndr": 37180000 }, "downstream": { "vector": true, "trellis": true, "bitswap": true, "retx": true, "virtual_noise": false, "interleave_delay": 140, "data_rate": 89998000, "latn": 9.500000, "satn": 9.600000, "snr": 13.300000, "actps": -90.100000, "actatp": -1.600000, "attndr": 116315372 }, "errors": { "near": { "es": 1, "ses": 0, "loss": 3, "uas": 424, "lofs": 0, "fecs": 0, "hec": 0, "ibe": 0, "crc_p": 0, "crcp_p": 0, "cv_p": 0, "cvp_p": 0, "rx_corrupted": 27740, "rx_uncorrected_protected": 27010, "rx_retransmitted": 0, "rx_corrected": 730, "tx_retransmitted": 16222 }, "far": { "es": 242, "ses": 71, "loss": 0, "uas": 424, "lofs": 0, "fecs": 22687, "hec": 0, "ibe": 0, "crc_p": 0, "crcp_p": 0, "cv_p": 0, "cvp_p": 0, "rx_corrupted": 1383552, "rx_uncorrected_protected": 1220215, "rx_retransmitted": 0, "rx_corrected": 163337, "tx_retransmitted": 1574051 } } } Signed-off-by: Andre Heider <a.heider@gmail.com> Tested-by: Martin Schiller <ms@dev.tdt.de>
* ltq-vdsl-app: shutdown upon sigtermAndre Heider2021-02-082-2/+19
| | | | | | | | | | procd sends sigterm to stop daemons, hook it up. This speeds up the shutdown sequence and gets rid of the following message: daemon.info procd: Instance dsl_control::instance1 pid 15408 not stopped on SIGTERM, sending SIGKILL instead Signed-off-by: Andre Heider <a.heider@gmail.com> Tested-by: Martin Schiller <ms@dev.tdt.de>
* dnsmasq: Bump to v2.84Kevin Darbyshire-Bryant2021-02-083-3/+76
| | | | | | | | | | dnsmasq v2.84rc2 has been promoted to release. No functional difference between v2.83test3 and v2.84/v2.84rc2 Backport 2 patches to fix the version reporting Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* dnsmasq: switch to ubus-based hotplug callDaniel Golle2021-02-085-39/+46
| | | | | | | | Use new ubus-based hotplug call in dhcp-script.sh As sysntpd now makes use of the new ubus-based hotplug calls, dnsmasq no longer needs to ship ACL to cover ntpd-hotplug. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* busybox: sysntpd: make use of new ubus hotplug.ntp objectDaniel Golle2021-02-084-4/+28
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: add hotplug-call dispatcher ubus objectsDaniel Golle2021-02-081-3/+3
| | | | | | Add per-subsystem ubus objects exposing hotplug-call. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* acx-mac80211: replace dead URLs with OpenWrt CDNIlya Lipnitskiy2021-02-071-9/+9
| | | | | | | | erley.org no longer exists; attempting to connect to it during package download results in lengthy timeouts. Use the new OpenWrt CDN alias to download from reliable OpenWrt mirrors. Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
* treewide: unify OpenWrt hosted source via @OPENWRTPaul Spooren2021-02-0512-14/+14
| | | | | | | | | | | Multiple sources are hosted on OpenWrts source server only. The source URLs to point to the server vary based on different epochs in OpenWrts history. Replace all by @OPENWRT which is an "empty" mirror, therefore using the fallback servers sources.cdn.openwrt.org and sources.openwrt.org. Signed-off-by: Paul Spooren <mail@aparcar.org>
* selinux-policy: update to version 0.6Daniel Golle2021-02-051-2/+2
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: add forgotten patch for P2P vulnerability fixPetr Štetiar2021-02-042-1/+39
| | | | | | | | Commit 7c8c4f1be648 ("hostapd: fix P2P group information processing vulnerability") was missing the actual patch for the vulnerability. Fixes: 7c8c4f1be648 ("hostapd: fix P2P group information processing vulnerability") Signed-off-by: Petr Štetiar <ynezz@true.cz>
* hostapd: fix P2P group information processing vulnerabilityDaniel Golle2021-02-041-1/+1
| | | | | | | | | | | A vulnerability was discovered in how wpa_supplicant processing P2P (Wi-Fi Direct) group information from active group owners. This issue was discovered by fuzz testing of wpa_supplicant by Google's OSS-Fuzz. https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* arm-trusted-firmware-mediatek: make use of trusted-firmware-a.mkDaniel Golle2021-02-031-10/+6
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* tfa-layerscape: don't build fiptoolDaniel Golle2021-02-031-8/+3
| | | | | | tfa-fiptool is now provided by an extra package. Use that instead. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* arm-trusted-firmware-tools: add packageDaniel Golle2021-02-031-0/+70
| | | | | | | Package ARM Trusted Firmware host tools separately. (instead of building tfa-fiptool as part of tfa-layerscape) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* iptables: update to 1.8.7Curtis Deptuck2021-02-021-2/+2
| | | | | | | | | | ChangeLog: https://netfilter.org/projects/iptables/files/changes-iptables-1.8.7.txt Refresh patch: None required Signed-off-by: Curtis Deptuck <curtdept@me.com>
* arm-trusted-firmware-mediatek: add ATF builds for MT7622Daniel Golle2021-02-021-0/+111
| | | | | | | | | | | | | | ATF bl2 comes in 4 variants for MT7622 depending on the boot media: * nor * snand * emmc * sdmmc Additional binary headers needed for emmc and sdmmc are downloaded as well and provided along with bl2*.bin and bl31.bin to allow building images including ATF for MT7622. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2021-02-021-4/+4
| | | | | | | | | | 0aee1c3 hotplug.c: set nl_pid to zero d6dda31 procd: fix compiler warning 92c8e8f jail: remove duplicate check for hook file permissions 0a74c06 jail: only output BPF instr. table header if debugging fd18379 jail: cgroups: fix uninitialized variabl Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mac80211: fix station rate table updates on assocFelix Fietkau2021-02-011-0/+38
| | | | | | | | If the driver uses .sta_add, station entries are only uploaded after the sta is in assoc state. Fix early station rate table updates by deferring them until the sta has been uploaded Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix incorrect parameterDavid Bauer2021-02-011-1/+1
| | | | | | | he_mu_beamformer only accepts values of 0 and 1 according to the hostapd documentation. Signed-off-by: David Bauer <mail@david-bauer.net>
* uboot-rockchip: fix RockPro64 boot from eMMCMarty Jones2021-02-011-0/+27
| | | | | | | | | | | With upstream commit f81f9f0ebac5 ("rockchip: rockpro64: initialize USB in preboot") CONFIG_USE_PREBOOT was enabled on the RockPro64, which is causing boot issues when a eMMC is used, as a workaround will temporarily disable this option. Signed-off-by: Marty Jones <mj8263788@gmail.com> [Improve patch description] Signed-off-by: David Bauer <mail@david-bauer.net>
* mac80211: convert UniFi Outdoor+ HSR support to OFDavid Bauer2021-02-011-25/+10
| | | | | | | | Enable support for the Ubiquiti UniFi Outdoor+ RF filter via device-tree. The old way of using platform data is not required anymore, as it was only used on the now removed ar71xx target. Signed-off-by: David Bauer <mail@david-bauer.net>
* util-linux: remove custom pkgconfig patchRosen Penev2021-01-312-77/+11
| | | | | | | | | | | Replace with sed as done elsewhere. Fixes error with at least btrfs-progs: Package '@LIBSELINUX@', required by 'mount', not found Package '@LIBCRYPTSETUP@', required by 'mount', not foun Signed-off-by: Rosen Penev <rosenp@gmail.com>
* selinux-policy: update to git tag v0.5Daniel Golle2021-01-311-2/+2
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* odhcpd: update to latest git HEADHans Dedecker2021-01-301-3/+3
| | | | | | 8d8a8cd dhcpv6-ia: apply prefix_filter on dhcpv6 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* arm-trusted-firmware-mvebu: pass commit ids to a3700-utils/mv-ddr-marvellAndre Heider2021-01-303-0/+29
| | | | | | | | | The two required tools fail to identify their version when not compiling from a git clone, patch that in and pass on the used commit hashes. Upon boot it now prints "WTMI-devel-18.12.1-5598e150". Signed-off-by: Andre Heider <a.heider@gmail.com>
* arm-trusted-firmware-mvebu: bump espressobin boards to CPU_1000_DDR_800Andre Heider2021-01-301-6/+6
| | | | | | | | | | | | | The cpufreq issue has been identified and a fix is in the process of beeing upstreamed [0]. Bump the boards to the default 1000MHz so they can run at that frequency once the fix is merged. Until then the boards are stuck at 800MHz (just claiming to run 1000Hz, which is a lie). [0] https://lore.kernel.org/linux-arm-kernel/20210114124032.12765-1-pali@kernel.org/ Signed-off-by: Andre Heider <a.heider@gmail.com>
* arm-trusted-firmware-mvebu: update to v2.4Andre Heider2021-01-302-12/+12
| | | | Signed-off-by: Andre Heider <a.heider@gmail.com>
* uboot-mvebu: update to v2021.01Andre Heider2021-01-304-533/+2
| | | | | | | u-boot now detects emmc variants at runtime, we don't need to build seperate binaries anymore. Signed-off-by: Andre Heider <a.heider@gmail.com>
* arm-trusted-firmware-mvebu: don't build emmc variantsAndre Heider2021-01-301-55/+0
| | | | | | | Starting with u-boot v2021.01 a single binary will be used for non-emmc and emmc variants. Signed-off-by: Andre Heider <a.heider@gmail.com>
* strace: update package to v5.10Geordan Neukum2021-01-301-2/+2
| | | | | | | | | | v5.10 has been released for strace. As such, let's go ahead bring in the latest version of this package. See here for the changelog: https://github.com/strace/strace/releases/tag/v5.10 Signed-off-by: Geordan Neukum <gneukum1@gmail.com>
* base-files: mount pstore if presentBrian Norris2021-01-291-0/+1
| | | | | | | | Pstore (persistent store) can be used to stash debug information (kernel console, panics, ftrace) across reboots or crashes. If the filesystem is present, mount it. Signed-off-by: Brian Norris <computersforpeace@gmail.com>
* ath10k-ct: update to latest versionMichael Yartys2021-01-291-3/+3
| | | | | | | | | Changelog: - ath10k-ct: Pull in some upstream patches. Runtime-tested on ipq806x (Netgear R7800). Signed-off-by: Michael Yartys <michael.yartys@gmail.com>
* ca-certicficates: Update to version 20210119Paul Menzel2021-01-291-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update the ca-certificates and ca-bundle package from version 20200601 to version 2021019. This version uses Python 3 for the build, fixing a build issue on systems, where `/usr/bin/python3` is a wrapper script [1]. Debian change-log entry [2]: > [ Julien Cristau ] > * New maintainer (closes: #976406) > * mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate > authority > bundle to version 2.46. > The following certificate authorities were added (+): > + "certSIGN ROOT CA G2" > + "e-Szigno Root CA 2017" > + "Microsoft ECC Root Certificate Authority 2017" > + "Microsoft RSA Root Certificate Authority 2017" > + "NAVER Global Root Certification Authority" > + "Trustwave Global Certification Authority" > + "Trustwave Global ECC P256 Certification Authority" > + "Trustwave Global ECC P384 Certification Authority" > The following certificate authorities were removed (-): > - "EE Certification Centre Root CA" > - "GeoTrust Universal CA 2" > - "LuxTrust Global Root 2" > - "OISTE WISeKey Global Root GA CA" > - "Staat der Nederlanden Root CA - G2" (closes: #962079) > - "Taiwan GRCA" > - "Verisign Class 3 Public Primary Certification Authority - G3" > > [ Michael Shuler ] > * mozilla/blacklist: > Revert Symantec CA blacklist (#911289). Closes: #962596 > The following root certificates were added back (+): > + "GeoTrust Primary Certification Authority - G2" > + "VeriSign Universal Root Certification Authority" > > [ Gianfranco Costamagna ] > * debian/{rules,control}: > Merge Ubuntu patch from Matthias Klose to use Python3 during build. > Closes: #942915 [1]: https://github.molgen.mpg.de/mariux64/mxtools/issues/148 [2]: https://metadata.ftp-master.debian.org/changelogs//main/c/ca-certificates/ca-certificates_20210119_changelog Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
* base-files: remove execute bit and shebang from functions.shAdrian Schmutzler2021-01-291-1/+0
| | | | | | | | | | | /lib/functions.sh was executable for no obvious reason and its execute property was even checked in package-ipkg.mk just to source it afterwards. Remove the execute bit and shebang as this is clearly a library. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
* treewide: drop shebang from non-executable lib filesAdrian Schmutzler2021-01-2920-25/+2
| | | | | | | | | | | | This drops the shebang from another bunch of files in various /lib folders, as these are sourced and the shebang is useless. Fix execute bit in one case, too. This should cover almost all trivial cases now, i.e. where /lib is actually used for library files. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* sunxi: add support for linksprite pcDuino3 nano boardJiang Yongquan2021-01-271-0/+7
| | | | | | | | | | | | | | | | | | Specifications: - SoC: Allwinner A20 @ 1Ghz - DRAM: 1GiB DDR3 @ 408MHz (K4B4G1646Q-HYK0) - NAND: 4GB MLC NAND (H27UBG8T2BTR-BC) - Ethernet: 10/100/1000Mbps Ethernet (Realtek RTL8211E) Flash instructions: dd if=openwrt-sunxi-cortexa7-linksprite_pcduino3-nano-ext4-sdcard.img of=/dev/sdX Signed-off-by: Jiang Yongquan <woxwchc@foxmail.com> [Remove CONFIG_REALTEK_PHY from sunxi/cortexa53 config] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mt76: update to the latest versionFelix Fietkau2021-01-271-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | 65abbcd9f6fb mt76: usb: process URBs with status EPROTO properly 3199ef5fa35e mt76: mt7615: set mcu country code in mt7615_mcu_set_channel_domain() 5c86d5bb079b mt76: mt7915: Remove unneeded semicolon 3f546330b59d mt76: mt7915: support TxBF for DBDC 032ad7e02545 mt76: mt7615: unify init work cc3f23d1e654 mt76: mt7915: bring up the WA event rx queue for band1 fa3d334a0e22 mt76: fix crash on tearing down ext phy c4c9c402d14a mt76: mt7915: fix vif sta index for DBDC eca2f0ec0d4c mt76: mt7915: fix command id for txbf action c828124ef9a5 mt76: mt7915: add support for using a secondary PCIe link for gen1 dbaf0f4679f3 mt76: mt7915: make vif index per adapter instead of per band fb3e5ce1eb00 mt76: move vif_mask back from mt76_phy to mt76_dev be2bea66d6e3 mt76: mt7915: detect wrong nss eeprom parameter on dbdc cards 8dc5d4a0da7c Revert "mt76: mt7915: fix vif sta index for DBDC" 8c796a33781c mt76: mt7915: only set int1 when using the second hif 4eb5caaf6cc1 mt76: reduce q->lock hold time 0714890bf0fd mt76: mt7615: reduce VHT maximum MPDU length 2f85aa5cbc62 mt76: mt7915: avoid writes to MT_PCIE_RECOG_ID when not using gen1 devices 8696919d9aae mt76: dma: fix a possible memory leak in mt76_add_fragment() Signed-off-by: Felix Fietkau <nbd@nbd.name>
* base-files: bump Copyright to 2021Paul Spooren2021-01-261-1/+1
| | | | | | | | | | This commit is only added to keep the PKG_RELEASE correct after fixing the $(COMMITCOUNT) logic in the previous commit. This way the PKG_RELEASE stays the same while the compiled packages content isn't changed. Signed-off-by: Paul Spooren <mail@aparcar.org>
* px5g-wolfssl: Fix certificate signatureJeffrey Elms2021-01-262-3/+3
| | | | | | | | | | Certificate signature algorithm was being set after call to `wc_MakeCert`, resulting in a mismatch between specified signature in certificate and the actual signature type. Signed-off-by: Jeffrey Elms <jeff@wolfssl.com> [fix commit subject, use COMMITCOUNT] Signed-off-by: Paul Spooren <mail@aparcar.org>