summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* bcm53xx: pass datasize to mtd in hexadecimal formatRafał Miłecki2016-06-111-2/+1
| | | | | | This avoids extra calculation in bash script. Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
* mtd: fix typo in error message for 'c' optionRafał Miłecki2016-06-111-1/+1
| | | | Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
* bcm53xx: fix partition typos in 09_fix_crcRafał Miłecki2016-06-111-1/+1
| | | | Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
* kernel: deny swconfig set requests for unprivileged usersJo-Philipp Wich2016-06-111-0/+3
| | | | | | | | | | | | | | | | | The swconfig kernel infrastructure fails to do any permissions checks when changing settings. As such an ordinary user account on a device with a switch can change switch settings without any special permissions. Routers generally have few non-admin users so this isn't a big hole, but it is a security hole. Likely the greatest danger is for multifunction devices which have a lot of extra daemons, compromising a low-security daemon would allow one to modify switch settings and cause the router/switch to appear to lock-up (or cause other sorts of troublesome nyetwork behavior). Implement a check for CAP_NET_ADMIN in swconfig_set_attr() and deny any requests originating from user contexts lacking this capability. Reported-by: Elliott Mitchell <ehem+openwrt@m5p.com> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* swconfig: improve failure reportingJo-Philipp Wich2016-06-112-7/+7
| | | | | | Report the translated error to the user if a get/set netlink operation failed. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* dnsmasq: support hostid ipv6 address suffix optionKevin Darbyshire-Bryant2016-06-101-1/+29
| | | | | | | | | | | | | | | | | | | | | | Add support for hostid dhcp config entry to dnsmasq. This allows specification of dhcpv6 hostid suffix and works in the same way as odhcpd. Entries in auto generated dnsmasq.conf should conform to: dhcp-host=mm:mm:mm:mm:mm:mm,IPv4addr,[::V6su:ffix],hostname example based on sample config/dhcp entry: config host option name 'Kermit' option mac 'E0:3F:49:A1:D4:AA' option ip '192.168.235.4' option hostid '4' dhcp-host=E0:3F:49:A1:D4:AA,192.168.235.4,[::0:4],Kermit Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* mac80211: fix calculation of VHT capability valuesScott Shambarger2016-06-101-7/+6
| | | | | | | | | | - Fix calculation of `$vht_cap` bit field - Replace wrong reference to `$tx_stbc` variable with proper `$tx_stbc_2by1` one - Emit proper `RX-STBC-{1,12,123,1234}` tokens for the VHT capability list See https://dev.openwrt.org/ticket/22535 for reference. Signed-off-by: Scott Shambarger <devel@shambarger.net>
* busybox: Call ntpd hotplug script for every actionHans Dedecker2016-06-102-2/+1
| | | | | | | | Daemons that are waiting for a timesync are only triggered when the action is stratum. As step is the first sync action pass all actions to the ntpd hotplug scripts; it's up to the ntpd hotplugscript to filter out the actions it is interested in. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: Add option --max-portHans Dedecker2016-06-101-0/+1
| | | | | | | | | By default dnsmasq uses random ports for outbound dns queries; when the maxport UCI option is specified the ports used will always be smaller than the specified value. This is usefull for systems behind firewalls. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* bcm53xx: calculate TRX CRC32 using whole kernel partitionRafał Miłecki2016-06-101-1/+6
| | | | | | This provides better protection of flash data. Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
* mvebu: add a patch to deal with excessive latencies/delays during flash PIO ↵Felix Fietkau2016-06-101-0/+36
| | | | | | command processing Signed-off-by: Felix Fietkau <nbd@nbd.name>
* xtables-addons: add missing dependencyFelix Fietkau2016-06-091-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ubox: increase default size of system log buffer to 64 kBHannu Nyman2016-06-072-2/+2
| | | | | | | | Increase the default system log buffer size from 16 kB (default both in logd source and in the startup script) to 64 kB by adjusting the default value in startup script. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* base-files: increase default system log size to 64 kBHannu Nyman2016-06-072-1/+2
| | | | | | | | Increase the default system log buffer size from 16 kB (built-in default in ubox logd) to 64 kB by setting the option in /etc/config/system. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* brcm2708: fix another missing kmod dependencyÁlvaro Fernández Rojas2016-06-091-1/+4
| | | | | | | kmod-sound-soc-digidac1-soundcard is also missing snd-soc-wm8804 dependency for snd-soc-wm8804-i2c Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* brcm2708: fix missing dependency found by buildbotÁlvaro Fernández Rojas2016-06-091-1/+4
| | | | | | Add missing dependency to kmod-sound-soc-adau1977-adc. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* brcm2708: update linux 4.4 patches to latest versionÁlvaro Fernández Rojas2016-06-08374-656/+8785
| | | | | | | | As usual these patches were extracted from the raspberry pi repo: https://github.com/raspberrypi/linux/tree/rpi-4.4.y Also alphabetically order sound-soc kernel packages. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* brcm2708-gpu-fw: update to latest versionÁlvaro Fernández Rojas2016-06-081-7/+7
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* brcm2708: take over maintainershipÁlvaro Fernández Rojas2016-06-081-1/+1
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* kernel: add missing config symbols for 4.4Jo-Philipp Wich2016-06-081-0/+3
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: maintain LED config stateJo-Philipp Wich2016-06-081-5/+17
| | | | | | | | Record the state of any hardware LED configured through UCI and use that information to revert the state when applying updated settings while maintaining default behaviour of system LEDs. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* brcm63xx: improve image/MakefileÁlvaro Fernández Rojas2016-06-081-2/+1
| | | | | | | - Use KERNEL_INITRAMFS_SUFFIX for customizing initramfs name. - Modifying $(PROFILES) is no longer needed. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* base-files: fix /bin/config_generate breakageFelix Fietkau2016-06-081-0/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uboot-lantiq: get rid of bogus profile dependenciesFelix Fietkau2016-06-081-43/+43
| | | | | | Turn them into subtarget dependencies instead Signed-off-by: Felix Fietkau <nbd@nbd.name>
* base-files: drop /etc/config/systemJo-Philipp Wich2016-06-081-12/+0
| | | | | | | The board_detect framework is now able to create the entire system config from scratch so we can finally drop the copy shipped by base-files. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: rework config generation logicJo-Philipp Wich2016-06-082-18/+20
| | | | | | | | | | | | Now that config_generate is able to generate the entire /etc/config/system from scratch we can apply the same logic as used for /etc/config/network; when the configuration file exists already then do not do anything, else generate it from the values provided by /etc/board.json . In order to facilitate that move the file existance checking inside /bin/config_generate and call it unconditionally from /bin/board_detect. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* adm5120: remove target specific /etc/config/systemJo-Philipp Wich2016-06-081-40/+0
| | | | | | | Now that deviations to the default /etc/config/system are registered via board.d we can drop the target specific copy. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* adm5120: convert LED setup to board.dJo-Philipp Wich2016-06-081-0/+17
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: support port_state LED types in board.dJo-Philipp Wich2016-06-082-0/+27
| | | | | | Add support for handling port_state LEDs as used by ADM5120. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* xburst: remove target specific /etc/config/systemJo-Philipp Wich2016-06-081-3/+0
| | | | | | | Now that deviations to the default /etc/config/system are registered via board.d we can drop the target specific copy. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* xburst: add /etc/config/system overrides via board.dJo-Philipp Wich2016-06-081-0/+12
| | | | | | Use /etc/board.d/ to register hostname and ntp server overrides. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: support hostname and ntp servers through board.dJo-Philipp Wich2016-06-081-0/+47
| | | | | | Add support for specifying hostname and NTP servers via /etc/board.d/ scripts. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ath25: remove target specific /etc/config/systemJo-Philipp Wich2016-06-081-9/+0
| | | | | | | The system config file shipped by ath25 is now equivalent to the generic one in base files, so drop the target specific copy. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ath25: drop target specific button hotplugJo-Philipp Wich2016-06-082-38/+0
| | | | | | | | | | | The ath25 target has its own unique button action config support, which is not used anywhere except for two example logger statements in UCI. Since there is a generic /etc/rc.button facility since some time already there is no reason at all to keep this target specific mechanism anymore, so simply drop it. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* generic: remove brcmfmac-sdio.hBen Whitten2016-06-081-124/+0
| | | | | | This file is present in the kernel so no point overlaying it. Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
* xtables-addons: update to 2.11Dirk Neukirchen2016-06-073-60/+8
| | | | | | | | | | | | - fix compilation w. Kernel 4.6 due to hash->shash crypto API - remove a patch integrated upstream - remove unrecognized configure option removed upstream in 2010 commit 40d0345f1ed02de183b13a6ce38847bc1f4ac48e Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
* openvpn: add support for tls-version-minMatteo Panella2016-06-072-2/+2
| | | | | | | | | | | | | Currently, the uci data model does not provide support for specifying the minimum TLS version supported in an OpenVPN instance (be it server or client). This patch adds support for writing the relevant option to the openvpn configuration file at service startup. Signed-off-by: Matteo Panella <morpheus@level28.org> [Jo-Philipp Wich: shorten commit title, bump pkg release] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: reset LED stateJo-Philipp Wich2016-06-071-0/+6
| | | | | | | | Attempt to reset all LED states before applying the UCI configuration to avoid leaving disabled LEDs behind in lingering glowing state, e.g. when changing the sysfs entry in the config from one hardware LED to another. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* image.mk: fix dependencies for legacy make prepare stepFelix Fietkau2016-06-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: replace jow@openwrt.org with jo@mein.ioJo-Philipp Wich2016-06-0765-73/+73
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ar71xx: add support for OpenEmbed SOM9331Allan Nick Pedrana2016-06-0712-0/+176
| | | | | | | | This patch adds the target profile SOM9331 and configures hardware functionality for the 3x Eth Ports & corresponding LED's, the USB Host, the USART to USB bridge and the System LED. Signed-off-by: Allan Nick Pedrana <nik9993@gmail.com>
* ixp4xx: fix Avila SoC audio driver compilationJo-Philipp Wich2016-06-071-1/+1
| | | | | | | | | | | | | | Upstream dropped the `dapm` member of `struct snd_soc_component`, requiring users to access it using `snd_soc_codec_get_dapm()` instead so change the driver code to do just that. Fixes the following build error spotted by the buildbots: CC [M] sound/soc/gw-avila/gw-avila.o sound/soc/gw-avila/gw-avila.c: In function 'avila_aic3x_init': sound/soc/gw-avila/gw-avila.c:104:44: error: 'struct snd_soc_codec' has no member named 'dapm' Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* image.mk: fix filesystem dependency issueFelix Fietkau2016-06-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* lantiq: fix image DEVICE_DTS handling, add proper default valueFelix Fietkau2016-06-072-31/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* lantiq: only call Image/Prepare/Profile for defined profilesFelix Fietkau2016-06-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* wolfssl: enable openssl 1.0.1 compatibilityKarl Palsson2016-06-072-19/+1
| | | | | | | | | | | >From wolfssl/openssl/opensslv.h, and from skimming the contents of what "--enable-stunnel" actually does, it seems that --enable-opensslextra doesn't give you the "full" openssl compatibility that you may wish for these days. Unfortuantely, while wolfssl writes the build time options into wolfssl/options.h, it doesn't include that file itself. User applications must include that directly. Signed-off-by: Karl Palsson <karlp@etactica.com>
* ustream-ssl: update to the latest version, adds cyassl/wolfssl fixesFelix Fietkau2016-06-071-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: replace nbd@openwrt.org with nbd@nbd.nameFelix Fietkau2016-06-07219-299/+299
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: allow to build LEDE on latest MacOS XWaldemar Brodkorb2016-06-073-0/+32
| | | | | | | | | | | | | Latest Xcode doesn't include openssl anymore. To compile mkimage from u-boot source you need SSL headers on your host. This patch provides libressl host package for any Darwin compilation. Unfortunately openssl from MacPorts can not be used, as the installed headers in /opt/local are breaking GDB compilation. Tested with a RB532 image build and resulting kernel booted on a device via TFTP. Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Felix Fietkau <nbd@nbd.name> [fixes, dependencies]
* ar71xx: convert OM2P to device profileFelix Fietkau2016-06-072-11/+15
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>