aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* curl: update to version 7.68.0 (security fix)Jan Pavlinec2020-01-211-3/+3
| | | | | | | Fixes CVE-2019-15601 Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* fstools: update to version 2020-01-21Petr Štetiar2020-01-211-3/+3
| | | | | | deb745f82b93 Revert "fstools: Add support to read-only MTD partitions (eg. recovery images)" Signed-off-by: Petr Štetiar <ynezz@true.cz>
* urngd: update to version 2020-01-21Petr Štetiar2020-01-211-3/+3
| | | | | | | c7f7b6b65b82 Tag version 1.0.2 236b7a0aef21 Fix blocked entropy generation Signed-off-by: Petr Štetiar <ynezz@true.cz>
* procd: update to latest git HEADDaniel Golle2020-01-211-4/+4
| | | | | | | | | | | | | 58c12f7 jail: add basic support for network namespaces ba69639 jail: create resolv.conf symlink for netns jails 81b88b1 jail: more strict mount options for /tmp/resolv.conf.d/ Add new 'netns' flag for procd_add_jail to make ujail setup a new network namespace for the jailed service. See previous netifd commit for example configuration for netns jailed service. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* netifd: add basic support for jail network namespacesDaniel Golle2020-01-211-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prepare netifd for handling procd service jails having their own network namespace. Intefaces having the jail attribute will only be brought up inside the jail's network namespace by procd calling the newly introduced ubus method 'netns_updown'. Currently proto 'static' is supported and configuration changes are not yet being handled (ie. you'll have to restart the jailed service for changes to take effect). Example /etc/config/network snippet: config device 'veth0' option type 'veth' option name 'vhost0' option peer_name 'virt0' config interface 'virt' option type 'bridge' list ifname 'vhost0' option proto 'static' option ipaddr '10.0.0.1' option netmask '255.255.255.0' config interface 'virt0' option ifname 'virt0' option proto 'static' option ipaddr '10.0.0.2' option netmask '255.255.255.0' option gateway '10.0.0.1' option dns '10.0.0.1' option jail 'transmission' Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libubox: update to version 2020-01-20Petr Štetiar2020-01-201-3/+3
| | | | | | | | | | | | | | | | 43a103ff17ee blobmsg: blobmsg_parse and blobmsg_parse_array oob read fixes 5c0faaf4f5e2 tests: prefer dynamically allocated buffers 1ffa41535369 blobmsg_json: prefer snprintf usage 132ecb563da7 blobmsg: blobmsg_vprintf: prefer vsnprintf a2aab30fc918 jshn: prefer snprintf usage b0886a37f39a cmake: add a possibility to set library version a36ee96618a9 blobmsg: blobmsg_add_json_element() 64-bit values f0da3a4283b7 blobmsg_json: fix int16 serialization 20a070f08139 tests: blobmsg/json: add more test cases 379cd33d1992 tests: include json script shunit2 based testing Acked-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* fstools: update to version 2020-01-18Petr Štetiar2020-01-201-3/+3
| | | | | | | f5c7c1813f52 fstools: Add support to read-only MTD partitions (eg. recovery images) 189b41b6b487 libblkid-tiny: fix f2fs labels by increasing label buffer Signed-off-by: Petr Štetiar <ynezz@true.cz>
* kernel: remove further obsolete kernel version switchesSungbo Eo2020-01-181-4/+1
| | | | | | | | Most of the kernel version switches below 4.14 were removed in commit 97940f876616 ("kernel: remove obsolete kernel version switches"), but some of them still remained. Remove them now. Signed-off-by: Sungbo Eo <mans0n@gorani.run>
* base-files/functions.sh: use grep -q instead of []Rosen Penev2020-01-181-4/+4
| | | | | | | | | | | | It's cleaner and faster as it does not need to do extra work. Also removed $() to avoid executing the output. The shell can handle it. https://github.com/koalaman/shellcheck/wiki/SC2143 Signed-off-by: Rosen Penev <rosenp@gmail.com> [correct || to && for one conversion] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files/system.sh: remove $ in $(())Rosen Penev2020-01-171-1/+1
| | | | | | | | Not needed. https://github.com/koalaman/shellcheck/wiki/Sc2004 Signed-off-by: Rosen Penev <rosenp@gmail.com>
* base-files/functions.sh: use && instead of -aRosen Penev2020-01-171-2/+2
| | | | | | | | -a is not well defined. https://github.com/koalaman/shellcheck/wiki/SC2166 Signed-off-by: Rosen Penev <rosenp@gmail.com>
* base-files/functions.sh: remove useless catRosen Penev2020-01-171-2/+2
| | | | | | | | The cut command can take a file as an input. https://github.com/koalaman/shellcheck/wiki/SC2002 Signed-off-by: Rosen Penev <rosenp@gmail.com>
* base-files/functions.sh: don't use $var in $(())Rosen Penev2020-01-171-3/+3
| | | | | | | | It's not needed. It can also lead to subtle bugs. https://github.com/koalaman/shellcheck/wiki/Sc2004 Signed-off-by: Rosen Penev <rosenp@gmail.com>
* libcxx: fix build for x86/64Stijn Tintel2020-01-171-0/+1
| | | | | | | | | | When building libcxx for x86/64, the library is installed in /usr/lib64. As the install section tries to copy the library from /usr/lib, this breaks build on x86/64. Override the lib dir suffix to fix this. Fixes: 856ea2bad3b3 ("libcxx: Add package") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Rosen Penev <rosenp@gmail.com>
* odhcpd: update to version 2020-01-14Hans Dedecker2020-01-161-3/+3
| | | | | | | | | 6db312a dhcpv6-ia: use dhcp leasetime to set preferred/valid statefull lifetimes 2520c48 dhcpv6-ia: introduce DHCPv6 pd and ia assignments flags b413d8a dhcpv6-ia: cleanup prefix delegation routes b0902af dhcpv6-ia: remove passing interface as parameter to apply_lease Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: add support for system cert bundle validationDavid Lam2020-01-162-6/+15
| | | | | | | | | | | | | | Currently, it is very cumbersome for a user to connect to a WPA-Enterprise based network securely because the RADIUS server's CA certificate must first be extracted from the EAPOL handshake using tcpdump or other methods before it can be pinned using the ca_cert(2) fields. To make this process easier and more secure (combined with changes in openwrt/openwrt#2654), this commit adds support for validating against the built-in CA bundle when the ca-bundle package is installed. Related LuCI changes in openwrt/luci#3513. Signed-off-by: David Lam <david@thedavid.net> [bump PKG_RELEASE] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: cleanup IBSS-RSNDaniel Golle2020-01-162-6/+2
| | | | | | set noscan also for IBSS and remove redundant/obsolete variable. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uboot-oxnas: fix memory leak in tool mkox820crcAndrea Dalla Costa2020-01-151-0/+3
| | | | | | | | In function `main` add calls to `free` for the variable `executable`. This is needed because the variable `executable` is allocated but never freed. This cause a memory leak. Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
* dropbear: fix compile errorJohn Crispin2020-01-151-1/+2
| | | | | Fixes: 0da193ee6943 ("dropbear: move failsafe code out of base-files") Signed-off-by: John Crispin <john@phrozen.org>
* wireguard: skip peer config if public key of the peer is not definedFlorian Eckert2020-01-151-0/+5
| | | | | | | | | | | | | | | If a config section of a peer does not have a public key defined, the whole interface does not start. The following log is shown daemon.notice netifd: test (21071): Line unrecognized: `PublicKey=' daemon.notice netifd: test (21071): Configuration parsing erro The command 'wg show' does only show the interface name. With this change we skip the peer for this interface and emit a log message. So the other peers get configured. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* busybox: fix build issuesJohn Crispin2020-01-151-1/+3
| | | | | Fixes: f704f97e4c57 ("busybox: Include hdparm by default on nas type device") Signed-off-by: John Crispin <john@phrozen.org>
* ath79: add support for Netgear WNDR4500 v3Michal Cieslakiewicz2020-01-151-0/+1
| | | | | | | | | | | | | | | | | | | This patch introduces support for Netgear WNDR4500v3. Router is very similar to WNDR4300v2 and is based on the same PCB. Information gathered from various Internet sources (including https://patchwork.ozlabs.org/patch/809227/) shows following differences to WNDR4300v2: * two USB 2.0 ports with separate LEDs * USB LEDs soldered to secondary pads * WPS and RFKILL buttons soldered to secondary pads * described as N900 device with 3x3:3 MIMO for 2.4GHz radio * power supply requirement is DC 12V 2.5A * vendor HW ID suffix differs in one digit * bigger chassis Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
* ath79: add support for Netgear WNDR4300 v2Michal Cieslakiewicz2020-01-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch introduces support for Netgear WNDR4300v2. Specification ============= * Description: Netgear WNDR4300 v2 * Loader: U-boot * SOC: Qualcomm Atheros QCA9563 (775 MHz) * RAM: 128 MiB * Flash: 2 MiB SPI-NOR + 128 MiB SPI-NAND - NOR: U-boot binary: 256 KiB - NOR: U-boot environment: 64 KiB - NOR: ART Backup: 64 KiB - NOR: Config: 64 KiB - NOR: Traffic Meter: 64 KiB - NOR: POT: 64 KiB - NOR: Reserved: 1408 KiB - NOR: ART: 64 KiB - NAND: Firmware: 25600 KiB (see notes for OpenWrt) - NAND: Language: 2048 KiB - NAND: mtdoops Crash Dump: 128 KiB - NAND: Reserved: 103296 KiB * Ethernet: 5 x 10/100/1000 (4 x LAN, 1 x WAN) (AR8337) * Wireless: - 2.4 GHz b/g/n (internal) - 5 GHz a/n (AR9580) * USB: yes, 1 x USB 2.0 * Buttons: - Reset - WiFi (rfkill) - WPS * LEDs: - Power (amber/green) - WAN (amber/green) - WLAN 2G (green) - WLAN 5G (blue) - 4 x LAN (amber/green) - USB (green) - WPS (green) * UART: 4-pin connector JP1, 3.3V (Vcc, TX, RX, GND), 115200 8N1 * Power supply: DC 12V 1.5A * MAC addresses: LAN=WLAN2G on case label, WAN +1, WLAN5G +2 Important Notes =============== 0. NOR Flash (2 MiB) is not touched by OpenWrt installation. 1. NAND Flash (128 MiB) layout under OpenWrt is changed as follows: all space is split between 4 MiB kernel and 124 MiB UBI areas; vendor partitions (language and mtdoops) are removed; kernel space size can be further expanded if needed; maximum image size is set to 25600k for compatibility reasons and can also be increased. 2. CPU clock is 775 MHz, not 750 MHz. 3. 5 GHz wireless radio chip is Atheros AR9580-AR1A with bogus PCI device ID 0xabcd. For ath9k driver to load successfully, this is overriden in DTS with correct value for this chip, 0x0033. 4. RFKILL button is wired to AR9580 pin 9 which is normally disabled by chip definition in ath9k code (0x0000F4FF gpio mask). Therefore 'qca,gpio-mask=<0xf6ff>' hack must be used for button to work properly. 5. USB port is always on, no GPIO for 5V power control has been identified. Installation ============ * TFTP recovery * TFTP via U-boot prompt * sysupgrade * Web interface Test build configuration ======================== CONFIG_TARGET_ath79=y CONFIG_TARGET_ath79_nand=y CONFIG_TARGET_ath79_nand_DEVICE_netgear_wndr4300-v2=y CONFIG_ALL_KMODS=y CONFIG_DEVEL=y CONFIG_CCACHE=y CONFIG_COLLECT_KERNEL_DEBUG=y CONFIG_IMAGEOPT=y Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
* mac80211: ath9k: add GPIO mask dts propertyMichal Cieslakiewicz2020-01-151-0/+25
| | | | | | | | | | | | | | | This patch adds 'qca,gpio-mask=<u32>' device tree property to ath9k node. This optional setting is a hack and should only be used in very special (and rare) cases when a button or LED is wired to a GPIO pin normally masked out (due to being one-way etc). Netgear WNDR4300 v2 is one such example - it uses GPI9 for RFKILL. See ath9k/reg.h *_GPIO_MASK constants. Use with caution and expect to see stream of kernel warnings if wrong mask value is provided. Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
* zram-swap: support swap priorityMaxim Storchak2020-01-152-2/+4
| | | | | | | | If zram-backed swap is added after an existing swap, it gets a lower priority. Assiming that usually all other swaps are slower, there should be a way to assign a higher priority to zram swap. Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
* perf: Add libunwind only if selectedRosen Penev2020-01-151-2/+2
| | | | | | | | | The depends are totally wrong. libunwind does not work with powerpc and i386 as it needs glibc. Instead of duplicating the platforms, just change the dependency. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* uhttpd: add enable instance optionFlorian Eckert2020-01-152-1/+5
| | | | | | | | With this change it is now possible to switch off single instances of the uhttpd config. Until now it was only possible to switch all instances of uhttpd on or off. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* hostapd: add wpa_strict_rekey supportKyle Copperfield2020-01-151-1/+3
| | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Rekey GTK on STA disassociate Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
* hostapd: add dtim_period, local_pwr_constraint, spectrum_mgmt_requiredKyle Copperfield2020-01-152-3/+12
| | | | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Allows dtim_period to be configurable, the default is from hostapd. Adds additional regulatory tunables for power constraint and spectrum managment. Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
* dropbear: move failsafe code out of base-filesKyle Copperfield2020-01-154-8/+11
| | | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Failsafe code of dropbear should be in the dropbear package not the base-files package. Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
* busybox: Include hdparm by default on nas type deviceLinus Walleij2020-01-151-0/+3
| | | | | | | | | NAS devices certainly need to have hdparm to configure things like spin-down time or their disks will be constantly spinning. Just catenate CONFIG_HDPARM=y on these configs. Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
* cryptodev-linux: remove DEFAULT redefinitionEneas U de Queiroz2020-01-151-1/+0
| | | | | | | | The 'DEFAULT:=m if ALL' line prevents the phase1 buildbots from building the package, and users from downloading it, since they use 'ALL_KMODS=y' but 'ALL' is not set. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* mac80211: fix MAC address allocations if the local bit is set on the base addrFelix Fietkau2020-01-151-1/+1
| | | | | | | If it's set, don't subtract 1 from the interface index encoded into the first byte of the address Signed-off-by: Felix Fietkau <nbd@nbd.name>
* valgrind: do not strip internal preload libraries and executablesJo-Philipp Wich2020-01-141-2/+20
| | | | | | | | | | Implement the suggestions laid out in README_PACKAGERS, mainly by preventing the stripping of the internal vgpreload*.so libraries. Also retain the symbol information of valgrind's private helper executables and enable LTO as suggested in the packagers readme. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: fix build for /sbin/pkg_checkXu Wang2020-01-141-2/+2
| | | | | | | | | | Setting CONFIG_IPK_FILES_CHECKSUMS=y causes sha256 checksum files to be included with the packages to check for corruption. This commit fixes two issues: - /sbin/pkg_check was being removed incorrectly if IPK_FILES_CHECKSUMS=y - checksums were being saved in the wrong file Signed-off-by: Xu Wang <xwang1498@gmx.com>
* hostapd: add support for subject validationDavid Lam2020-01-142-1/+93
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The wpa_supplicant supports certificate subject validation via the subject match(2) and altsubject_match(2) fields. domain_match(2) and domain_suffix_match(2) fields are also supported for advanced matches. This validation is especially important when connecting to access points that use PAP as the Phase 2 authentication type. Without proper validation, the user's password can be transmitted to a rogue access point in plaintext without the user's knowledge. Most organizations already require these attributes to be included to ensure that the connection from the STA and the AP is secure. Includes LuCI changes via openwrt/luci#3444. From the documentation: subject_match - Constraint for server certificate subject. This substring is matched against the subject of the authentication server certificate. If this string is set, the server sertificate is only accepted if it contains this string in the subject. The subject string is in following format: /C=US/ST=CA/L=San Francisco/CN=Test AS/emailAddress=as .example.com subject_match2 - Constraint for server certificate subject. This field is like subject_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication. altsubject_match - Constraint for server certificate alt. subject. Semicolon separated string of entries to be matched against the alternative subject name of the authentication server certificate. If this string is set, the server sertificate is only accepted if it contains one of the entries in an alternative subject name extension. altSubjectName string is in following format: TYPE:VALUE Example: EMAIL:server@example.com Example: DNS:server.example.com;DNS:server2.example.com Following types are supported: EMAIL, DNS, URI altsubject_match2 - Constraint for server certificate alt. subject. This field is like altsubject_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication. domain_match - Constraint for server domain name. If set, this FQDN is used as a full match requirement for the server certificate in SubjectAltName dNSName element(s). If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using same full match comparison. This behavior is similar to domain_suffix_match, but has the requirement of a full match, i.e., no subdomains or wildcard matches are allowed. Case-insensitive comparison is used, so "Example.com" matches "example.com", but would not match "test.Example.com". More than one match string can be provided by using semicolons to separate the strings (e.g., example.org;example.com). When multiple strings are specified, a match with any one of the values is considered a sufficient match for the certificate, i.e., the conditions are ORed together. domain_match2 - Constraint for server domain name. This field is like domain_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication. domain_suffix_match - Constraint for server domain name. If set, this FQDN is used as a suffix match requirement for the AAA server certificate in SubjectAltName dNSName element(s). If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using same suffix match comparison. Suffix match here means that the host/domain name is compared one label at a time starting from the top-level domain and all the labels in domain_suffix_match shall be included in the certificate. The certificate may include additional sub-level labels in addition to the required labels. More than one match string can be provided by using semicolons to separate the strings (e.g., example.org;example.com). When multiple strings are specified, a match with any one of the values is considered a sufficient match for the certificate, i.e., the conditions are ORed together. For example, domain_suffix_match=example.com would match test.example.com but would not match test-example.com. This field is like domain_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication. domain_suffix_match2 - Constraint for server domain name. This field is like domain_suffix_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication. Signed-off-by: David Lam <david@thedavid.net>
* mac80211: fix list_phy_interfaces for multiple wiphys on the same deviceFelix Fietkau2020-01-141-1/+10
| | | | | | | Network interfaces are looked up based on the device behind a phy, so the phy needs to be checked separately Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix a page refcounting issue leading to leaks/crashes in rx A-MSDU ↵Felix Fietkau2020-01-141-0/+25
| | | | | | decap Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix sta TID stats leak on a few nl80211 callsFelix Fietkau2020-01-142-0/+43
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: renumber subsys patches accepted upstreamFelix Fietkau2020-01-144-0/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* base-files: use jshn lib for ubus sysupgrade argument generationFlorian Eckert2020-01-141-14/+11
| | | | | | | | With this change the well known jshn library will be used, to build the json arguments for the ubus sysupgrade method. This is also used in all other shell program that uses JSON. This commit unifies that. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* rpcd: activate PIE ASLR by defaultPetr Štetiar2020-01-141-0/+1
| | | | | | | This activates PIE ASLR support by default when the regular option is selected. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* odhcpd: activate PIE ASLR by defaultPetr Štetiar2020-01-141-0/+1
| | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. Size increase on x86/64: odhcpd-ipv6only Installed-Size: 36821 -> 38216 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* procd: activate PIE ASLR by defaultPetr Štetiar2020-01-141-0/+1
| | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. Size increase on x86/64: procd Installed-Size: 44931 -> 47362 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ubus: activate PIE ASLR by defaultPetr Štetiar2020-01-141-1/+2
| | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. Size increase on x86/64: ubus Installed-Size: 5602 -> 5950 ubusd Installed-Size: 11643 -> 12119 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* uhttpd: Activate PIE by defaultHauke Mehrtens2020-01-131-0/+1
| | | | | | | | | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. This increases the binary size by 39% uncompressed and 21% compressed on MIPS BE. old: 33,189 /usr/sbin/uhttpd 23,016 uhttpd_2019-08-17-6b03f960-4_mips_24kc.ipk new: 46,212 /usr/sbin/uhttpd 27,979 uhttpd_2019-08-17-6b03f960-4_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Petr Štetiar <ynezz@true.cz>
* hostapd: Activate PIE by defaultHauke Mehrtens2020-01-131-0/+1
| | | | | | | | | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. This increases the binary size by 26% uncompressed and 16% compressed on MIPS BE. old: 460,933 /usr/sbin/wpad 283,891 wpad-basic_2019-08-08-ca8c2bd2-1_mips_24kc.ipk new: 584,508 /usr/sbin/wpad 330,281 wpad-basic_2019-08-08-ca8c2bd2-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Petr Štetiar <ynezz@true.cz>
* dropbear: Activate PIE by defaultHauke Mehrtens2020-01-131-0/+1
| | | | | | | | | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. This increases the binary size by 18% uncompressed and 17% compressed on MIPS BE. old: 164,261 /usr/sbin/dropbear 85,648 dropbear_2019.78-2_mips_24kc.ipk new: 194,492 /usr/sbin/dropbear 100,309 dropbear_2019.78-2_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Petr Štetiar <ynezz@true.cz>
* dnsmasq: Activate PIE by defaultHauke Mehrtens2020-01-131-0/+1
| | | | | | | | | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. This increases the binary size by 37% uncompressed and 18% compressed on MIPS BE. old: 146,933 /usr/sbin/dnsmasq 101,837 dnsmasq_2.80-14_mips_24kc.ipk new: 202,020 /usr/sbin/dnsmasq 120,577 dnsmasq_2.80-14_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Petr Štetiar <ynezz@true.cz>
* ethtool: bump to 5.4Hans Dedecker2020-01-121-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 7dc0af7 Release version 5.4. 914912e ethtool: add 0x16 and 0x1c extended compliance codes 600b779 ethtool: mark 10G Base-ER as SFF-8472 revision 10.4 onwards 696565d ethtool: correctly interpret bitrate of 255 2941970 fix unused parameter warning in e1000_get_mac_type() 5e814f2 fix unused parameter warning in fjes_dump_regs() b1a5279 fix unused parameter warning in ixgb_dump_regs() 6608751 fix unused parameter warning in ibm_emac_dump_regs() 1c30119 fix unused parameter warning in et131x_dump_regs() a56aba4 fix unused parameter warning in amd8111e_dump_regs() f40d32d fix unused parameter warning in fec_dump_regs() 8b84f1a fix unused parameter warning in at76c50x_usb_dump_regs() f725f5a fix unused parameter warning in smsc911x_dump_regs() a12cd66 fix unused parameter warning in e1000_dump_regs() e058656 fix unused parameter warning in igb_dump_regs() debac02 fix unused parameter warning in de2104[01]_dump_regs() d434eea fix unused parameter warning in e100_dump_regs() 8df12f3 fix unused parameter warning in vioc_dump_regs() 92d716b fix unused parameter warning in tg3_dump_{eeprom, regs}() 211c99e fix unused parameter warning in fec_8xx_dump_regs() 362fb8b fix unused parameter warning in ixgbevf_dump_regs() 87903c2 fix unused parameter warning in st_{mac100, gmac}_dump_regs() c1eaddf fix unused parameter warning in vmxnet3_dump_regs() 313c9f8 fix unused parameter warning in dsa_dump_regs() 183e8a2 fix unused parameter warning in {skge, sky2}_dump_regs() 7f84c13 fix unused parameter warning in lan78xx_dump_regs() 02d0aaa fix unused parameter warning in realtek_dump_regs() 726d607 fix unused parameter warning in ixgbe_dump_regs() 967177c fix unused parameter warning in netsemi_dump_eeprom() 710a414 fix unused parameter warning in natsemi_dump_regs() 283398a fix unused parameter warning in print_simple_table() 0404267 fix unused parameter warning in sfc_dump_regs() 57c7298 fix unused parameter warning in altera_tse_dump_regs() 302e91a fix unused parameter warning in dump_eeprom() 2054a8c fix unused parameter warning in find_option() d5432a9 fix unused parameter warnings in do_version() and show_usage() c430e75 fix arithmetic on pointer to void is a GNU extension warning e568431 ethtool: implement support for Energy Detect Power Down e391f4c ethtool: sync ethtool-copy.h: adds support for EDPD Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>