summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* uclient: update to the latest version, fixes fetch of multiple filesFelix Fietkau2017-11-031-3/+3
| | | | | | 4b87d83 uclient-fetch: fix overloading of output_file variable Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ramips: fix Youku-YK1 supportEdmunt Pienkowsky2017-10-274-5/+6
| | | | | | | | | | | | | | | | | | | | | | Remove the ephy-pins from the ethernet device tree node. The ephy-pins are useed to controll the ePHY LEDs and this board doesn't have these. Instead one of the ePHY pins is used in GPIO mode to control the WAN LED. Use the switch LED trigger to control the WAN LED. Move the power LED handling to diag.sh to show the boot status via this LED. Add the missing kernel packages for USB and microSD card reader to the default package selection. Fix the maximum image size value. The board has a 32MByte flash chip. Fixes: FS#1055 Signed-off-by: Edmunt Pienkowsky <roed@onet.eu> [make the commit message more verbose, remove GPIO pinmux for pins not used as GPIOs] Signed-off-by: Mathias Kresin <dev@kresin.me>
* tools/squashfs4: include sysmacros.h explicitlyAlex Maclean2017-10-255-16/+36
| | | | | | | | | | | | glibc is moving to remove the include of sys/sysmacros.h from sys/types.h, and some distros have done this early. Other libcs may already lack this include. Include sysmacros.h explicitly. Fixes: FS#1017 Signed-off-by: Alex Maclean <monkeh@monkeh.net> [refresh patches] Signed-off-by: Mathias Kresin <dev@kresin.me>
* tools/squashfs: include sysmacros.h explicitlyAlex Maclean2017-10-251-0/+20
| | | | | | | | | | glibc is moving to remove the include of sys/sysmacros.h from sys/types.h, and some distros have done this early. Other libcs may already lack this include. Include sysmacros.h explicitly. Fixes: FS#1018 Signed-off-by: Alex Maclean <monkeh@monkeh.net>
* tools/mtd-utils: include sysmacros.h explicitlyAlex Maclean2017-10-251-0/+25
| | | | | | | | | | | | glibc is moving to remove the include of sys/sysmacros.h from sys/types.h, and some distros have done this early. Other libcs may already lack this include. Include sysmacros.h explicitly. Fixes: FS#1015 Signed-off-by: Alex Maclean <monkeh@monkeh.net> [refresh patches] Signed-off-by: Mathias Kresin <dev@kresin.me>
* tools/findutils: include sysmacros.h explicitlyAlex Maclean2017-10-251-0/+13
| | | | | | | | | | glibc is moving to remove the include of sys/sysmacros.h from sys/types.h, and some distros have done this early. Other libcs may already lack this include. Include sysmacros.h explicitly. Fixes: FS#1016 Signed-off-by: Alex Maclean <monkeh@monkeh.net>
* dnsmasq: restore ability to include/exclude raw device namesJo-Philipp Wich2017-10-252-3/+3
| | | | | | | | | | | | | | Commit 5cd88f4 "dnsmasq: remove use of uci state for getting network ifname" broke the ability to specify unmanaged network device names for inclusion and exclusion in the uci configuration. Restore support for raw device names by falling back to the input value when "network_get_device" yields no result. Fixes FS#876. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit a89c36b50875e61c790113d3adee10621575788a)
* lantiq: add missing default lan interfaceMathias Kresin2017-10-251-0/+2
| | | | | | | | | With removing the boards from the the default case to fix the xDSL WAN MAC-Address, the setting for the default LAN interface wasn't added. Fixes: 92a12c434ca3 ("lantiq: fix avm fritz box mac addresses") Signed-off-by: Mathias Kresin <dev@kresin.me>
* ipq806x: fix Zyxel NBG6817 WiFi buttonTolga Cakir2017-10-241-2/+3
| | | | | | | | Zyxel NBG6817 features a WiFi button, which becomes functional by setting correct GPIO. It is a switch-type button, so it emits KEY_RFKILL on each ON and OFF state. This is achieved by setting input-type to EV_SW. Signed-off-by: Tolga Cakir <tolga@cevel.net>
* ramips: fix default usb support for nexx wt3020-8MAlberto Bursi2017-10-241-0/+1
| | | | | | | the nexx wt3020-8M has a usb 2.0 port, add usb 2.0 support packages to its default package list. Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
* opkg: bump to 2017-10-23 (lede-17.01)Matthias Schiffer2017-10-231-3/+3
| | | | | | | | | | | | A lede-17.01 branch for bugfix backports has been added to the opkg-lede repo. c6caf07 pkg_parse: fix segfault when parsing descriptions with leading newlines 5bb5fd5 opkg: add --no-check-certificate argument 7a96972 libbb: xreadlink: fix memory leak on failure case 3f13edd pkg_run_script: use pkg->dest in half installed case Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* lantiq: ARV752DPW22: fix wireless mac addressMathias Kresin2017-10-181-0/+1
| | | | | | | | | | The ARV752DPW22 has the same generic mac address in the EEPROM as it was already noticed for other lantiq boards using a ralink wireless. Use the base mac address from the boardconfig partition as it is done by the stock firmware. Signed-off-by: Mathias Kresin <dev@kresin.me>
* lantiq: ARV752DPW22: set correct wireless led triggerMathias Kresin2017-10-181-0/+3
| | | | | | | The ARV752DPW22 has a ralink based wireless and can not use the ath9k only phy0tpt trigger. Signed-off-by: Mathias Kresin <dev@kresin.me>
* kernel: bump 4.4 to 4.4.93 for 17.01Kevin Darbyshire-Bryant2017-10-182-3/+3
| | | | | | | | | | | | Refresh patches. Compile-tested for ar71xx - Archer C7 v2 Runtime-tested on ar71xx - Archer C7 v2 Fixes CVE-2017-15265. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> [remove 2nd CVE as it was fixed in mac80211 in commit bff16304b0bf] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* mountd: bump to git HEAD version (fixes SIGSEV crashes)Hans Dedecker2017-10-181-4/+4
| | | | | | | 6efeb19 autofs: register SIGTERM for gracefull exit 01bb2b0 mount: fix SIGSEV crashes Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* LEDE v17.01.4: revert to branch defaultsStijn Tintel2017-10-185-11/+9
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* LEDE v17.01.4: adjust config defaultsv17.01.4Stijn Tintel2017-10-185-9/+11
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* wireguard: version bump to 0.0.20171017Jason A. Donenfeld2017-10-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a simple version bump. Changes: * noise: handshake constants can be read-only after init * noise: no need to take the RCU lock if we're not dereferencing * send: improve dead packet control flow * receive: improve control flow * socket: eliminate dead code * device: our use of queues means this check is worthless * device: no need to take lock for integer comparison * blake2s: modernize API and have faster _final * compat: support READ_ONCE * compat: just make ro_after_init read_mostly Assorted cleanups to the module, including nice things like marking our precomputations as const. * Makefile: even prettier output * Makefile: do not clean before cloc * selftest: better test index for rate limiter * netns: disable accept_dad for all interfaces Fixes in our testing and build infrastructure. Now works on the 4.14 rc series. * qemu: add build-only target * qemu: work on ubuntu toolchain * qemu: add more debugging options to main makefile * qemu: simplify shutdown * qemu: open /dev/console if we're started early * qemu: phase out bitbanging * qemu: always create directory before untarring * qemu: newer packages * qemu: put hvc directive into configuration This is the beginning of working out a cross building test suite, so we do several tricks to be less platform independent. * tools: encoding: be more paranoid * tools: retry resolution except when fatal * tools: don't insist on having a private key * tools: add pass example to wg-quick man page * tools: style * tools: newline after warning * tools: account for padding being in zero attribute Several important tools fixes, one of which suppresses a needless warning. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> (cherry picked from commit f6c4a9c045797d9be12310eebc6341050fd260ce)
* hostapd: add wpa_disable_eapol_key_retries optionStijn Tintel2017-10-172-1/+6
| | | | | | | | | | | | | | | Commit b6c3931ad6554357a108127797c8d7097a93f18f introduced an AP-side workaround for key reinstallation attacks. This option can be used to mitigate KRACK on the station side, in case those stations cannot be updated. Since many devices are out there will not receive an update anytime soon (if at all), it makes sense to include this workaround. Unfortunately this can cause interoperability issues and reduced robustness of key negotiation, so disable the workaround by default, and add an option to allow the user to enable it if he deems necessary. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit c5f97c9372da3229350184fb263c97d9ea8944c5)
* hostapd: backport extra changes related to KRACKStijn Tintel2017-10-176-0/+730
| | | | | | | | | | | | While these changes are not included in the advisory, upstream encourages users to merge them. See http://lists.infradead.org/pipermail/hostap/2017-October/037989.html Added 013-Add-hostapd-options-wpa_group_update_count-and-wpa_p.patch so that 016-Optional-AP-side-workaround-for-key-reinstallation-a.patch applies without having to rework it. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* mac80211: backport kernel fix for CVE-2017-13080Stijn Tintel2017-10-171-0/+81
| | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit 2f701194c29da50bfda968a83c6609843f74a7f4)
* x86: partly revert cabf775Jo-Philipp Wich2017-10-162-1/+12
| | | | | | | | The subtarget cleanups made in cabf775 "x86: Refresh subtargets kernel config" removed some important symbol disable statements, so revert the changes to the subtarget configs for now. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211: Update wireless-regdb to master-2017-03-07Ryan Mounce2017-10-161-12/+19
| | | | | | | | | | | | | | | | | The short log of changes since the 2016-06-10 release is below. Jouni Malinen (1): wireless-regdb: Remove DFS requirement for India (IN) Ryan Mounce (1): wireless-regdb: Update rules for Australia (AU) and add 60GHz rules Seth Forshee (2): wireless-regdb: Update 5 GHz rules for Canada wireless-regdb: update regulatory.bin based on preceding changes Signed-off-by: Ryan Mounce <ryan@mounce.com.au> (cherry picked from commit 8b12e62e9cd6ba2e3bb2e7f2555180df0173c7c6)
* wireguard: add wireguard to base packagesJason A. Donenfeld2017-10-162-0/+308
| | | | | | | | | | | | | | | | | | | | | | | | Move wireguard from openwrt/packages to base a package. This follows the pattern of kmod-cake and openvpn. Cake is a fast-moving experimental kernel module that many find essential and useful. The other is a VPN client. Both are inside of core. When you combine the two characteristics, you get WireGuard. Generally speaking, because of the extremely lightweight nature and "stateless" configuration of WireGuard, many view it as a core and essential utility, initiated at boot time and immediately configured by netifd, much like the use of things like GRE tunnels. WireGuard has a backwards and forwards compatible Netlink API, which means the userspace tools should work with both newer and older kernels as things change. There should be no versioning requirements, therefore, between kernel bumps and userspace package bumps. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Acked-by: Jo-Philipp Wich <jo@mein.io> Acked-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 699c6fcc314225f79156a26db418e15bbc6bf10f)
* brcmfmac: backport length check in brcmf_cfg80211_escan_handler()Felix Fietkau2017-10-161-0/+63
| | | | | | Fixes CVE-2017-0786 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: bump 4.4 to 4.4.92Stijn Tintel2017-10-166-12/+12
| | | | | | | | | | | Refresh patches. Fixes the following CVEs: - CVE-2017-1000252 - CVE-2017-12153 - CVE-2017-12154 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* ramips: fix compile warning in MT7621 NAND driverFelix Fietkau2017-10-161-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ramips: fix typo in MT7621 NAND driverFelix Fietkau2017-10-161-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: merge fixes for WPA packet number reuse with replayed messages and ↵Felix Fietkau2017-10-1611-10/+929
| | | | | | | | | | | | | | | | | | | | | | | key reinstallation Fixes: - CERT case ID: VU#228519 - CVE-2017-13077 - CVE-2017-13078 - CVE-2017-13079 - CVE-2017-13080 - CVE-2017-13081 - CVE-2017-13082 - CVE-2017-13086 - CVE-2017-13087 - CVE-2017-13088 For more information see: https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt Backport of bbda81ce3077dfade2a43a39f772cfec2e82a9a5 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* x86/64: add xen DomU supportBaptiste Jonglez2017-10-161-1/+58
| | | | | | | | | Xen support for x86/generic was added in 296772f9. This commit also enables it for x86/64. This was successfully tested with Xen 4.5. Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* x86: Refresh subtargets kernel configBaptiste Jonglez2017-10-163-14/+16
| | | | | | | | | | | | | | | | This was done by simply running `make kernel_menuconfig CONFIG_TARGET=subtarget` and then saving without changing any option. Having consistent kernel config is important to avoid surprises, such as the issue fixed with 6f0367c9 (where Xen support was silently disabled when building the kernel, although it was present in the initial config) As far as I understand the build system, this shouldn't have any user-visible impact, because the build system already merges the various kernel configs during build. Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* x86: Fix xen serial console by removing conflicting PATA driverBaptiste Jonglez2017-10-162-2/+0
| | | | | | | | | | | | | | | | | | | | | The Xen serial console has been broken since the xen_domu subtarget was merged in the generic x86 subtarget (commits 296772f9 and b36e24f3). The reason for the broken serial console seems to be an IRQ conflict between the serial console driver and the PATA_LEGACY driver: [ 1.330125] genirq: Flags mismatch irq 8. 00000000 (hvc_console) vs. 00000000 (platform[pata_legacy.4]) [ 1.330134] hvc_open: request_irq failed with rc -16. [ 1.330148] Warning: unable to open an initial console. Just drop the PATA_LEGACY driver from the x86/generic and x86_64 subtargets, since this driver is marked experimental and only supports very old ISA devices anyway. It is still included in the x86/legacy subtarget where it rightfully belongs. Fixes: FS#787 Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* x86/generic: use HIGHMEM64G instead of HIGHMEM4G to fix PAE and XenBaptiste Jonglez2017-10-161-1/+4
| | | | | | | | | | | | | | | | This is a backport of 641a65fd062987a456216cc4fa91ff2910528261 in master. This change re-enables PAE for the 32-bit x86 subtarget, which is interesting in its own right but also necessary for Xen support. Commit af1d1ebd ("x86: enable 4G high memory support for generic (32bit) subtarget") inadvertently disabled both PAE and Xen support. Fixes: FS#908 Cc: Daniel Golle <daniel@makrotopia.org> Cc: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* kernel: add fix for bgmac with B50212E B1 PHYRafał Miłecki2017-10-135-3/+98
| | | | | | | This PHY requires some extra programming to work reliably with all devices. Backport upstream fix for it. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mt76: sync with version 878456caf60d from masterFelix Fietkau2017-10-1331-52/+38
| | | | | | | Backport required DT changes from commit dabdd123c90c. Significantly improves stability and performance for MT76x2 and MT7603 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* bcm53xx: backport DTS changes up to the first 4.15 queued commitsRafał Miłecki2017-10-108-0/+662
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* ar71xx: add rssileds to WA850RE v1 imageMathias Kresin2017-10-071-0/+1
| | | | | | | | | | | | A default rssileds config exists for the TP-Link WA850RE v1 but the rssiled package is not included by default. The compressed 17.01.3 image size increases by 3302 bytes which should be tolerable even for a 4MB flash board. Fixes: FS#1043 Signed-off-by: Mathias Kresin <dev@kresin.me>
* toolchain/gdb: update to version 8.0.1Ryan Mounce2017-10-053-5/+5
| | | | | | | | Fixes CVE-2017-9778. Signed-off-by: Ryan Mounce <ryan@mounce.com.au> [reference fixed CVE] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* cmake: fix build error with Xcode 9 on macOS 12Felix Fietkau2017-10-051-0/+15
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* gcc: fix build error with macOS + Xcode 9Felix Fietkau2017-10-051-0/+10
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: add a darwin sitefile to deal with macOS 10.12 + Xcode 9 build errorsFelix Fietkau2017-10-052-0/+7
| | | | | | | Certain functions are available in system headers, but only work on macOS 10.13 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ramips: mt7620: do not pad sysupgrade Archer imagesThibaut VARENE2017-10-041-3/+3
| | | | | | | | | | | | | | | | The current makefile unnecessarily pads sysupgrade image for Archer devices. This has three implications: 1. higher risk of OOM when uploading the binary image to the device 2. much slower upgrade due to time wasted erasing and writing padding 3. grows image beyond available flash size if metadata are appended This is already fixed in master, albeit in a completely different way (the whole target have been reworked) Fixes: FS#1025, FS#1039 Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
* LEDE v17.01.3: revert to branch defaultsStijn Tintel2017-10-035-11/+9
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* LEDE v17.01.3: adjust config defaultsv17.01.3Stijn Tintel2017-10-035-9/+11
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* uhttp: update to latest versionAdrian Panella2017-10-031-3/+3
| | | | | | | | | | | | | | 3fd58e9 2017-08-19 uhttpd: add manifest support 88c0b4b 2017-07-09 file: fix basic auth regression 99957f6 2017-07-02 file: remove unused "auth" member from struct path_info c0a569d 2017-07-02 proc: expose HTTP_AUTH_USER and HTTP_AUTH_PASS ad93be7 2017-07-02 auth: store parsed username and password fa51d7f 2017-07-02 proc: do not declare empty process variables a8bf9c0 2017-01-26 uhttpd: Add TCP_FASTOPEN support e6cfc91 2016-10-25 lua: ensure that PATH_INFO starts with a slash Signed-off-by: Adrian Panella <ianchi74@outlook.com>
* odhcpd: don't enable server mode on non-static lan portKarl Palsson2017-10-022-3/+18
| | | | | | | | | | | | Instead of blindly enabling the odhcpd v6 server and RA server on the lan port, only do that if the lan port protocol is "static" This prevents the unhelpful case of a device being a dhcpv4 client and v6 server on the same ethernet port. Signed-off-by: Karl Palsson <karlp@etactica.com> [PKG_SOURCE_DATE increase; odhcpd.defaults script cleanup] Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: backport fixes from master branch (FS#402, FS#524)Hans Dedecker2017-10-021-3/+3
| | | | | | | 336212c config: fix dhcpv4 server being started 336212c dhcpv6: assign all viable DHCPv6 addresses by default (FS#402, FS#524) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: bump to v2.78Kevin Darbyshire-Bryant2017-10-027-226/+4
| | | | | | Fixes CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, 2017-CVE-14495, 2017-CVE-14496 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* base-files: create /etc/config/ directoryHauke Mehrtens2017-10-011-0/+1
| | | | | | | | | | | | | | | The /bin/config_generate script and some other scripts are assuming the /etc/config directory exists in the image. This is true in case for example the package firewall, dropbear or dnsmasq are included, which are adding the files under /etc/config/. Without any of these package the system will not boot up fully because the /etc/config/ directory is missing and some init scripts just fail. Make sure all images with the base-files contain a /etc/config/ directory. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: John Crispin <john@phrozen.org>
* sunxi: clean up modules definitionsMatthias Schiffer2017-10-013-45/+5
| | | | | | | | | | | | | | | | | | Module definitions for kmod-wdt-sunxi and kmod-eeprom-sunxi are removed (wdt-sunxi was builtin anyways; nvmem-sunxi, which is the new name of eeprom-sunxi is changed to builtin). As kmod-eeprom-sunxi was specified in DEFAULT_PACKAGES, but not available on kernel 4.4, it was breaking the image builder. Support for kmod-sunxi-ir is added for kernel 4.4 (it is unclear why it was disable before, it builds fine with with kernel 4.4). Condtionals only relevant for pre-4.4 kernels are removed from modules.mk, as sunxi does't support older kernels anymore. Fixes FS#755. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
generated by cgit v1.1 at 2024-07-24 16:36:08 +0000