Stijn Tintel [Mon, 19 Feb 2018 22:03:00 +0000 (23:03 +0100)]
build: add --force option to gzip in Build/gzip
When using pigz, a parallel gzip implementation, the gzip step in the
image build for some targets fails, because the image filename already
has the .gz extension. This results in an emtpy image file. Fix this by
adding the --force option to gzip in the Build/gzip macro.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Martin Schleier <drahemmaps@gmx.net>
GNU gzip does not fail when the image filename already contains the .gz
extension, this is a problem specific to pigz. Revert the commit, as we
now gzip the image twice.
Reported-by: Martin Schleier <drahemmaps@gmx.net> Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
1721453 Remove special handling of A-for-A queries. 499d8dd Fix boundary for test introduced in 3e3f1029c9ec6c63e430ff51063a6301d4b2262 6f1cbfd Fix debian/readme typo. 55ecde7 Inotify: Ignore backup files created by editors 6b54d69 Make failure to chown() pidfile a warning. 246a31c Change ownership of pid file, to keep systemd happy. 83e4b73 Remove confusion between --user and --script-user. 6340ca7 Tweak heuristic for initial DNSSEC memory allocation. baf553d Default min-port to 1024 to avoid reserved ports. 486bcd5 Simplify and correct bindtodevice(). be9a74d Close Debian bug for CVE-2017-15107. ffcbc0f Example config typo fixes. a969ba6 Special case NSEC processing for root DS record, to avoid spurious BOGUS. f178172 Add homepage to Debian control file. cd7df61 Fix DNSSEC validation errors introduced in 4fe6744a220eddd3f1749b40cac3dfc510787de6 c1a4e25 Try to be a little more clever at falling back to smaller DNS packet sizes. 4fe6744 DNSSEC fix for wildcard NSEC records. CVE-2017-15107 applies. 3bd4c47 Remove limit on length of command-line options. 98196c4 Typo fix. 22cd860 Allow more than one --bridge-interface option to refer to an interface. 3c973ad Use SIGINT (instead of overloading SIGHUP) to turn on DNSSEC time validation. faaf306 Spelling fixes. c7e6aea Change references to gPXE to iPXE. Development of EtherBoot gPXE was always development of iPXE core developer Michael Brown. e541245 Handle duplicate RRs in DNSSEC validation. 84a01be Bump year in Debian copyright notice. d1ced3a Update copyrights to 2018. a6cee69 Fix exit code from dhcp_release6. 0039920 Severely fix code formating of contrib/lease-tools/dhcp_release6.c 39d8550 Run Debian startup regex in "C" locale. ef3d137 Fix infinite retries in strict-order mode. 8c707e1 Make 373e91738929a3d416e6292e65824184ba8428a6 compile without DNSSEC. 373e917 Fix a6004d7f17687ac2455f724d0b57098c413f128d to cope with >256 RRs in answer section. 74f0f9a Commment language tweaks. ed6bdb0 Man page typos. c88af04 Modify doc.html to mention git-over-http is now available. ae0187d Fix trust-anchor regexp in Debian init script. 0c50e3d Bump version in Debian package. 075366a Open inotify socket only when used. 8e8b2d6 Release notes update. 087eb76 Always return a SERVFAIL response to DNS queries with RD=0. ebedcba Typo in printf format string added in 22dee512f3738f87539a79aeb52b9e670b3bd104 0954a97 Remove RSA/MD5 DNSSEC algorithm. b77efc1 Tidy DNSSEC algorithm table use. 3b0cb34 Fix manpage which said ZSK but meant KSK. aa6f832 Add a few DNS RRs to the table. ad9c6f0 Add support for Ed25519 DNSSEC signature algorithm. a6004d7 Fix caching logic for validated answers. c366717 Tidy up add_resource_record() buffer size checks. 22dee51 Log DNS server max packet size reduction. 6fd5d79 Fix logic on EDNS0 headers. 9d6918d Use IP[V6]_UNICAST_IF socket option instead of SO_BINDTODEVICE for DNS. a49c5c2 Fix search_servers() segfault with DNSSEC. 30858e3 Spaces in CNAME options break parsing.
Stijn Tintel [Sun, 18 Feb 2018 00:43:25 +0000 (01:43 +0100)]
kernel: bump 4.9 to 4.9.82
Refresh patches.
Remove upstreamed patches:
- ar7/002-MIPS-AR7-ensure-the-port-type-s-FCR-value-is-used.patch
- backport/040-crypto-fix-typo-in-KPP-dependency-of-CRYPTO_ECDH.patch
Remove layerscape/819-Revert-dmaengine-dmatest-move-callback-wait-queue-to.patch,
it is superseded by upstream commit 297c7cc4b5651b174a62925b6c961085f04979fd.
Remove pending/650-pppoe_header_pad.patch, it is superseded by
upstream commit 1bd21b158e07e0b8c5a2ce832305a0ebfe42c480.
Update patches that no longer apply:
- ar71xx/004-register_gpio_driver_earlier.patch
- hack/204-module_strip.patch
- pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch
Stijn Tintel [Sun, 18 Feb 2018 00:15:58 +0000 (01:15 +0100)]
dropbear: add option to set receive window size
The default receive window size in dropbear is hardcoded to 24576 byte
to limit memory usage. This value was chosen for 100Mbps networks, and
limits the throughput of scp on faster networks. It also severely limits
scp throughput on high-latency links.
Add an option to set the receive window size so that people can improve
performance without having to recompile dropbear.
Setting the window size to the highest value supported by dropbear
improves throughput from my build machine to an APU2 on the same LAN
from 7MB/s to 7.9MB/s, and to an APU2 over a link with ~65ms latency
from 320KB/s to 7.5MB/s.
Stijn Tintel [Sat, 17 Feb 2018 20:00:34 +0000 (21:00 +0100)]
brcm2708: fix sdcard image
The gzip step in the sdcard image build fails because the image filename
already has the gzip extension. This results in an empty image file, to
which the metadata is finally appended.
Remove the .gz extension from the image filename to fix this.
Fixes: e79b096ee175 ("brcm2708: convert to metadata") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Evgeniy Didin [Thu, 15 Feb 2018 17:26:04 +0000 (20:26 +0300)]
archs38: add HSDK board to network configure scripts
In the initial patch which adds HSDK board there were no update
of network configuration scripts. Without it by default static IP
is set for br-lan and there is no access to internet.
This patch fixes the issue.
Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com> CC: Alexey Brodkin <abrodkin@synopsys.com> CC: Hauke Mehrtens <hauke@hauke-m.de> CC: John Crispin <john@phrozen.org>
Russell Senior [Fri, 16 Feb 2018 12:39:00 +0000 (04:39 -0800)]
openvpn: fix interface with mbedtls_sha256
Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions
were deprecated in favor of functions returning an int error code. Use
the new function mbedtls_sha256_ret().
Signed-off-by: Russell Senior <russell@personaltelco.net> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Russell Senior [Fri, 16 Feb 2018 12:15:21 +0000 (04:15 -0800)]
curl: fix interface with mbedtls_sha256
Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions
were deprecated in favor of functions returning an int error code. Use
the new function mbedtls_sha256_ret().
Signed-off-by: Russell Senior <russell@personaltelco.net> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Hauke Mehrtens [Fri, 16 Feb 2018 18:48:49 +0000 (19:48 +0100)]
mbedtls: activate deprecated functions
Some functions used by a lot of other software was renamed and is only
active when deprecated functions are allowed, deactivate the removal of
deprecated functions for now.
Fixes: 75c5ab4caf9 ("mbedtls: update to version 2.7.0") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The watchdog kill command was meant for busybox watchdog. Busybox watchdog
was replaced by the procd watchdog mid 2013 with commit df7ce9301a25
("busybox: disable the watchdog utility by default"), which makes the kill
command obsolete since quite some time.
Hauke Mehrtens [Thu, 15 Feb 2018 20:58:47 +0000 (21:58 +0100)]
mbedtls: update to version 2.7.0
This fixes the following security problems:
* CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled
* CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures
Jo-Philipp Wich [Tue, 13 Feb 2018 14:58:48 +0000 (15:58 +0100)]
ramips: fix reporting effective VLAN ID on MT7621 switches
On MT7621, the REG_ESW_VLAN_VTIM reads are undefined, causing swconfig
to always report `vid: 0` in swconfig show output.
Since a 4K VLAN table is used on this platform, the VLAN ID always
correponds to the actual VLAN table index so provide a specific MT7621
implementation of the get_vid callback which returns the table index
as VLAN ID.
Jo-Philipp Wich [Tue, 13 Feb 2018 14:37:49 +0000 (15:37 +0100)]
ramips: properly map pvid for vlans with remapped vid on mt7530/762x switches
Currently, untagged port primary vlan IDs are set to the VLAN table index,
and not the actual VLAN ID, breaking configurations with IDs deviating from
the VLAN index.
Fix the issue by resolving the per-port pvid property to the target VLAN ID
value before committing to the hardware.
Jo-Philipp Wich [Sun, 11 Feb 2018 19:24:37 +0000 (20:24 +0100)]
ramips: don't clobber vlans with remapped vid on mt7530/762x switches
Avoid overwriting vlan entries with remapped vid in later iterations of
the vlan enumeration loop of mt7530_apply_config().
Fix the problem by refactoring the code to first reset the entire table,
then reprogram only vlans with members to prevent overwriting configured
vlans with unconfigured ones.
Jo-Philipp Wich [Tue, 13 Feb 2018 15:12:08 +0000 (16:12 +0100)]
at91: fix image building with CONFIG_TARGET_MULTI_PROFILE
The current image build code has a number of race conditions and interface
contract violations in the custom image build steps:
- Build/install-zImage, solely used by at91, relies on $(PROFILE_SANITIZED)
which is not available when building with CONFIG_TARGET_MULTI_PROFILE
- Build/at91-sdcard, which may run concurrently, creates scratch files at
fixed locations and manipulates target files directly which can lead
to file corruption and other unexpected failures
Rename the install-zImage macro to at91-install-zImage and move it to the
at91 image Makefile since this target is the sole user. Also utilize "$@"
as output file name and switch the usage of $(PROFILE_SANITIZED) to
$(DEVICE_NAME) in order to fix naming under multi profile builds.
Fix the at91-sdcard macro to construct scratch file paths relative to "$@",
which is guaranteed to be unique and store the final artifact output in "$@"
as well, instead of inside $(BIN_DIR). The generic image build code takes
care of moving a build steps "$@" output to the final destination in a
concurrency-safe manner.
Finally remove the broken install-zImage from the generic image-commands
Makefile.
Dongming Han [Thu, 7 Dec 2017 12:48:19 +0000 (20:48 +0800)]
ipq806x: add support for GL.iNet GL-B1300
This patch adds support for GL.iNet GL-B1300
Specification:
- SOC: IPQ4028 / QCA Dakota
- RAM: 256 MiB
- FLASH: 32 MiB
- ETH: Qualcomm Atheros QCA8075 Gigabit Switch (2 x LAN, 1 x WAN)
- USB: 1 x 3.0 (via Synopsys DesignWare DWC3 controller in the SoC)
- WLAN1: Qualcomm Atheros QCA4028 2.4GHz 802.11bgn 2:2x2
- WLAN2: Qualcomm Atheros QCA4028 5GHz 802.11a/n/ac 2:2x2
- INPUT: one reset and one WPS button
- LEDS: 3 leds: Power, WIFI(only for 2.4G currently), and one reserved
- UART: 1 x UART on PCB (3.3V, TX, RX, GND) - 115200 8N1
Installation:
Method 1:
- use serial port to stop uboot
- uboot command: run lf
Method 2:
- push down reset button and power on
- wait until three leds constantly on then release
- upgrade by uboot web at http://192.168.1.1
Note:
- the sysupgrade image need to be renamed to lede-gl-b1300.bin in both method.
- the sysupgrade image can be automatically downloaded if tftp server at
192.168.1.2 have that file.
- the wifi led will be flashing when writing image.
Signed-off-by: Dongming Han <handongming@gl-inet.com>
John Crispin [Wed, 14 Feb 2018 08:28:52 +0000 (09:28 +0100)]
ubox: update to latest git HEAD
128bc35 logread: fix reconnect logd logic 66347ec logread: move the code setting up the request blob out of the main loop 975a258 logread: move output connection setup code out of main loop b81bea7 logread: cleanup pid file handling d73e7d2 ubox: Replace strerror(errno) with %m format.
Evgeniy Didin [Tue, 13 Feb 2018 14:24:25 +0000 (17:24 +0300)]
archs38: add HSDK board
Synopsys DesignWare HSDK (which stands for ARC HS
Development Kit) is the latest and greatest development
platform that sports quad-core ARC HS38 in real silicon.
Most noticeable features of the board are:
* Quad-core ARC HS38 CPU running at 1GHz
* 4Gb of DDR
* Built-in Vivante GPU (well supported via open source
Etnaviv drivers)
* Built-in Wi-Fi/Bluetooth module (RedPine RS-9113)
And as usual we have:
* [micro] SD-card slot
* 2 USB 2.0 ports
* 1Gbit Ethernet port
* Built-in Digilent JTAG probe
* Serial port accessible via micro-USB port
For more information about HSDK board visit:
https://www.synopsys.com/dw/ipdir.php?ds=arc-hs-development-kit
Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com> CC: Alexey Brodkin <abrodkin@synopsys.com> CC: Hauke Mehrtens <hauke@hauke-m.de> CC: John Crispin <john@phrozen.org>
generic: swconfig: reduce lock duration on sysfs files
sysfs attributes 'port_mask' & 'speed_mask' held locks whilst doing
mundane tasks such as sprintf. Refactor code to reduce length of time
locks are held unnecessarily.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
This blinking can be confusing/distracting if the switch has other LEDs
used to indicate traffic. Provide a 'mode' sysfs attribute that
controls the blink on traffic behaviour.
mode - either "none" (LED is off) or a space separated list of one or more:
link: LED's normal state reflects whether the link is up (has carrier) or not
tx: LED blinks on transmitted data
rx: LED blinks on receive data
Note that 'link' considers any port speed mask that may be applicable.
e.g. if an LED is configured to indicate 1Gbit link speed and mode is
set to 'link rx tx' but the port is connected at 100Mbit then the LED
will not light or blink. A mode of 'tx rx' will blink in the presence of
traffic only if the port matches the rate (if configured)
This maintains compatibility with existing behaviour.
Attribute is 'link tx rx' by default for backwards compatible behaviour.
Many thanks to Thibaut Varene for providing a more sensible led_event
routine after I had mangled the original, and other coding style hints.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> Acked-by: Thibaut VARENE <hacks@slashdirt.org>
Hauke Mehrtens [Sun, 11 Feb 2018 11:28:38 +0000 (12:28 +0100)]
mwlwifi: use PKG_SOURCE_DATE instead of version
Using PKG_SOURCE_DATE instead of PKG_VERSION will make the build system
generate the version based on the date and the git hash. This way the
tar file name changes when the git hash changes and this avoids problems
when someone forgets to change the version, but changes the git hash.
Changes since last merge into OpenWrt since 2017-12-14:
- Added debugfs file tx_hist.
- Added debugfs file fixed_rate.
- Added debugfs file ba_hist.
- Modified the way to establish BA stream.
- Added code to control BF type.
- Added functions to check/dump dhcp packet.
- Upgrade 88W8964 firmware to 9.3.2.4.
- Added debugfs file coredump.
- Corrected the way to transmit multicast packets.
- Change driver version to 10.3.4.0-20180118.
- Corrected the way to get qos control.
- Assigned broadcast dhcpoffer to another queue.
- Separated broadcast and multicast packets. Bump to latest commit 20180206
Signed-off-by: Chris Breuer <github@chrisbreuer.de>
Hauke Mehrtens [Sun, 21 Jan 2018 15:33:34 +0000 (16:33 +0100)]
mvebu: Migrate uci config to new PCIe path
The name of the PCIe controller node in device tree changed between
kernel 4.9 and kernel 4.14. Migrate the configuration when an update
from kernel 4.9 to 4.14 or back is done to the new name to make
the existing wifi configuration compatible with the new names.
This replaces the "pcie-controller" part with "pcie" on all nodes if the
file exists in sys fs.
This is not done in the uci-defualts, because they are getting executed
to late in the boot process. The kernel module gets loaded before the
uci-defaults scripts are executed. When the mwlwifi driver gets loaded
it will trigger an event via hotplug to detect new devices and as the
paths are not in the uci configuration they will be added again.
When the migration is done before the script will detect that they are
already there.
Hauke Mehrtens [Thu, 21 Dec 2017 11:13:30 +0000 (12:13 +0100)]
mvebu: Add support for kernel 4.14
Add support for kernel 4.14 to the mvebu target.
This also replaces the old sfp and phylink patches with new versions
from Russell's clearfog-4.13 branch
http://git.arm.linux.org.uk/cgit/linux-arm.git/log/?h=clearfog-4.13
Hauke Mehrtens [Sat, 23 Dec 2017 16:45:23 +0000 (17:45 +0100)]
mvebu: move files to files-4.9 and files-4.4 folder
This is needed to prevent copying it into kernel 4.14.
These device tree files are already integrated into kernel 4.14 and we
would like to use the upstream versions only.
Hauke Mehrtens [Sun, 11 Feb 2018 21:58:42 +0000 (22:58 +0100)]
mac80211: move wifi detect hotplug script to later
Make it easily possible to add a custom script in front of this hotplug
script which adds new devices. This is needed for the mvebu target in
which we want to migrate the old configuration before new devices are
getting detected.
Hauke Mehrtens [Sun, 21 Jan 2018 15:01:15 +0000 (16:01 +0100)]
kernel: ubifs: create use file system format 4 by default
Instead of creating an ubifs file system with format version 5 by
default on empty UBI volumes use the older format 4 by default. This
will make it possible to mount these file systems also on older kernel
versions.
When a user wants to do a sysupgrade from kernel 4.14 to kernel 4.9 the
old kernel has to read the file system created by the more recent kernel
which currently does not work for ubifs.
This fixes the problem by creating file systems which are compatible
with older kernel versions by default.
Kernel 4.14 will still be able to read and write UBI FS file system
version 5, it will just not be used when a ubifs partition is created
implicitly on an empty UBI volume.
Jonas Gorski [Tue, 13 Feb 2018 11:19:29 +0000 (12:19 +0100)]
brcm63xx: drop root parameter from cmdline
The root= parameter overrides the automatic rootfs detection by partition
name, so drop it. Fixes boot from flash after renumeration changes of
partitions due to parser changes.
Fixes FS#1350.
Fixes: a27d59bb4274 ("brcm63xx: switch to new partition layout specification") Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
ipq806x: switch to full dual-boot for the nbg6817 sysupgrade support
Instead of writing to the currently booted partition set, this
implements full dual-boot support for sysupgrade by always writing to
the other, currently inactive, partition set and toggling the dualflag
after a successful flash.
The currently active/ booted partition set is determined by parsing
/proc/cmdline for its rootfs parameter (supplied by the DTS), instead
of reading from the 0:DUAL_FLAG mtd, in order to prevent (potentially)
bricking both partition sets.
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
ipq806x: request the first free loop device dynamically for the nbg6817 sysupgrade
Instead of hardcoding /dev/loop0, it's safer to query for the first
free loop device and assign that dynamically. While /dev/loop0 is a
reasonable assumption immediately following "losetup --detach-all",
detaching the mounted overlay is no longer strictly necessary once
dual-boot support has been added for the nbg6817.
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Koen Vandeputte [Wed, 7 Feb 2018 12:23:28 +0000 (13:23 +0100)]
uqmi: use built-in command for data-link verification
uqmi contains a command for directly querying the modem if there
is a valid data connection, so let's use it.
This avoids the cases were all previous tests are succesful, but the
actual data link is not up for some reasons, leading to states were we
thought the link was up when it actually wasn't ..
Koen Vandeputte [Wed, 7 Feb 2018 12:23:26 +0000 (13:23 +0100)]
uqmi: use general method for state cleaning
Debugging shows that using the general method properly cleans on each
run, while the method specifying the client-ID shows "No effect"
even while in connected state.
Fixes several connectivity issues seen on specific modems.
INAGAKI Hiroshi [Sun, 11 Feb 2018 18:42:47 +0000 (03:42 +0900)]
ramips: use new image build code for WHR-G300N
The tftp.bin image for Buffalo WHR-G300N was not built, so I was fixed
it after rewriting to new image build code. And the code for
factory-EU.bin was broken, so I deleted it.
Evgeniy Didin [Mon, 12 Feb 2018 16:42:01 +0000 (19:42 +0300)]
tools/mkimage: copy mkenvimage to bin directory
For some boards u-boot binary environment file is required,
which is generated by mkenvimage utility. But in OpenWrt there
is no separate support for mkenvimage, which is a part of u-boot tools.
mkenvimage gets built in u-boot/tools as well as mkimage anyways.
So lets just copy mkenvimage to the $(STAGING_DIR_HOST)/bin/ directory.
Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com> CC: Alexey Brodkin <abrodkin@synopsys.com> CC: Hauke Mehrtens <hauke@hauke-m.de> CC: John Crispin <john@phrozen.org>
Tim Harvey [Tue, 23 Jan 2018 23:15:44 +0000 (15:15 -0800)]
octeontx: add support for OCTEON TX target
The Cavium OCTEON TX is an ARM 64-bit SoC leveraging CPU cores and
periperhals from the Cavium ThunderX SoC.
This initial support provides a 4.14 kernel and kernel+initramfs that is
bootable on the Gateworks Newport GW630x as well as the Cavium sff8104
reference board.
Michael Heimpold [Sat, 10 Feb 2018 13:05:17 +0000 (14:05 +0100)]
packages: uboot-mxs: override instead of appending u-boot make flags
This prevents passing down the HOSTCC stuff set in u-boot.mk
which results in linking errors against openssl:
tools/mxsimage.o: In function `sb_aes_reinit':
mxsimage.c:(.text+0x202): undefined reference to `EVP_CIPHER_CTX_reset'
tools/mxsimage.o: In function `mxsimage_generate':
mxsimage.c:(.text+0x110d): undefined reference to `EVP_MD_CTX_new'
mxsimage.c:(.text+0x114f): undefined reference to `EVP_MD_CTX_free'
mxsimage.c:(.text+0x11c3): undefined reference to `EVP_MD_CTX_new'
mxsimage.c:(.text+0x1323): undefined reference to `EVP_MD_CTX_free'
mxsimage.c:(.text+0x134a): undefined reference to `EVP_CIPHER_CTX_reset'
tools/mxsimage.o: In function `mxsimage_verify_print_header':
mxsimage.c:(.text+0x23ce): undefined reference to `EVP_MD_CTX_new'
mxsimage.c:(.text+0x242c): undefined reference to `EVP_MD_CTX_new'
mxsimage.c:(.text+0x246b): undefined reference to `EVP_MD_CTX_free'
mxsimage.c:(.text+0x24ef): undefined reference to `EVP_CIPHER_CTX_reset'
mxsimage.c:(.text+0x2e52): undefined reference to `EVP_MD_CTX_free'
collect2: error: ld returned 1 exit status
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Michael Heimpold [Sat, 10 Feb 2018 13:04:34 +0000 (14:04 +0100)]
mxs: rename files to files-4.9
The Device Tree file for I2SE Duckbill boards was updated upstream.
Let's use the upstream version for upcoming kernel 4.14 by keeping
our current version for v4.9 still around.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Rosen Penev [Mon, 5 Feb 2018 00:24:15 +0000 (16:24 -0800)]
ramips: Add support for the GnuBee Personal Cloud Two
The GnuBee Personal Cloud Two crowdfunded on https://www.crowdsupply.com
It is a low-cost, low-power, network-attached storage device.
Specifications:
- SoC: MediaTek MT7621AT
- RAM: DDR3 512 MB
- Flash: 32 MB
- Six SATA ports for 3.5" Drives
- One SDcard
- One USB 3.0
- Two USB 2.0
- Gigabit Ethernet: Three Ports
- UART 3.5mm Audio Jack or 3 pin header - 57600 8N1
- Three GPIOs available on a pin header
Flash instructions:
The GnuBee Personal Cloud Two ships with libreCMC installed.
libreCMC is a Free Software Foundation approved fork of LEDE/OpenWrt.
As such one can upgrade using the webinterface or sysupgrade.
Das U-Boot has multiple options for recovery or updates including :
- USB
- http
- tftp
Errata:
- While there are three ethernet ports, the third requires support for
the second GMAC. This will come in kernel 4.14.
- The first hard drive slot has a clearance issue with the two fan
headers. Workaround is to pull the headers out and connect the pins to
jumper wires.
- Using this device as a NAS is problematic with the 4.9 kernel as many
/dev/sdX reads throw silent errors. The current theory behind this is
some kind of unhandled DMA mapping error in the kernel. This is not an
issue with kernel 4.4.
Signed-off-by: L. D. Pinney <ldpinney@gmail.com> Signed-off-by: Rosen Penev <rosenp@gmail.com>
Kristian Evensen [Mon, 22 Jan 2018 17:52:28 +0000 (18:52 +0100)]
iptables: Support building connlabel module
It is currently possible to enable connlabel-support in iptables.
However, in order for connlabel to work properly, the kernel module must
also be present. This patch adds support for building the
connlabel-module, and selects it by default when connlabel-support is
enabled.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
projects / thirdparty / openwrt.git / log
