Sven Eckelmann [Mon, 5 Mar 2018 08:51:47 +0000 (09:51 +0100)]
build: Allow to change the FIT config section name
Some devices only boot when a special config is found in the image and
completely ignore the default entry during the selection. These devices can
now use the variable DEVICE_DTS_CONFIG in their device image definition.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The change is incompatible with the image builder code.
Luckily the RT-AC58U is no longer depending on the initramfs
being available for the target's image generation rules.
Reported-by: Venitex Aveon <aveon@aenote.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
tplink-safeloader: add support to convert factory into sysupgrade
Those converted factory images can be used to regain the original
tp-link firmware.
Be aware of firmware upgrade which additional require changes of
other partition than os-image (kernel) & file-system (rootfs).
OEM factory images from tplink can change nearly all partitions.
However using those images, OpenWrt's sysupgrade will only
modify the partitions os-image and file-system.
Christian Mehlis [Sun, 30 Oct 2016 08:51:54 +0000 (09:51 +0100)]
ipq806x: add support for Compex WPQ864
Hardware highlights:
- SoC: Qualcomm Atheros IPQ8064/5 ARM Dual Core CPU
- RAM: (512MB or 1GB) DDR3 System Memory
- Storage: 32MB NOR (Cypress S25FL256S1)
256MB NAND (Micron MT29F2G08ABBEAH4)
- Ethernet: 5 x 1G via QCA8337N
- USB: 1 x USB 2.0/3.0 + 1 x USB 2.0 on mini PCIe3 socket
- PCIe: 3x mini PCIe (third mini PCIE3 is PCIe/USB shared)
- SIM Card Slot: 2 x Slot
- Buttons: Reset Button
- LEDs: 18x, 8x GPIO controllable
- Buzzer
The correct amount of RAM will be passed by the bootloader.
In contrast to the documentation provided by Compex, the third PCIe
doesn't use GPIO16 for PERST. Instead, GPIO3 is shared and used as PERST
for PCIe0 and PCIe2.
So far, no one was able to get USB 3.0 working with the 1GB RAM version,
while it works fine for my 512MB version. Since USB 3.0 doesn't work with
the Compex firmware for the 1G variant either, it could be a hardware
issue with these boards.
OpenWrt will be installed to the NAND flash. Make sure to have a full
working image on the NOR flash. It will be the backup in case anything
goes wrong.
It has been observed that an image loaded via tftpboot might have
bitflips. Hence the extra step to create a crc32 checksum to allow to
compare the checksum with the one from the source file prior to flashing.
In all cases it is necessary to set the following u-boot parameter to an
empty (whitespace) value, to ensure that the chosen bootargs of the dts
isn't overwritten or set to bogus - not working - values:
(IPQ) # set bootargs " "
(IPQ) # set fsbootargs " "
(IPQ) # saveenv
The sysupgrade image can be installed directly on flash using u-boot (put
jumper in JP13 (leave JP9 open) to boot from nand):
(IPQ) # set serverip 192.168.1.20
(IPQ) # set ipaddr 192.168.1.1
Mathias Kresin [Wed, 14 Mar 2018 21:07:08 +0000 (22:07 +0100)]
mvebu: unset uboot build by default
Initialise the UBOOT variable by default. Otherwise it will be
unintended inherit to following images if set and causes an uboot build
where not required.
Chris Blake [Sat, 10 Mar 2018 09:59:18 +0000 (10:59 +0100)]
ipq40xx: add Cisco Meraki MR33 Support
This patch adds support for Cisco Meraki MR33
hardware highlights:
SOC: IPQ4029 Quad-Core ARMv7 Processor rev 5 (v7l) Cortex-A7
DRAM: 256 MiB DDR3L-1600 @ 627 MHz Micron MT41K128M16JT-125IT
NAND: 128 MiB SLC NAND Spansion S34ML01G200TFV00 (106 MiB usable)
ETH: Qualcomm Atheros AR8035 Gigabit PHY (1 x LAN/WAN) + PoE
WLAN1: QCA9887 (168c:0050) PCIe 1x1:1 802.11abgn ac Dualband VHT80
WLAN2: Qualcomm Atheros QCA4029 2.4GHz 802.11bgn 2:2x2
WLAN3: Qualcomm Atheros QCA4029 5GHz 802.11a/n/ac 2:2x2 VHT80
LEDS: 1 x Programmable RGB+White Status LED (driven by Ti LP5562 on i2c-1)
1 x Orange LED Fault Indicator (shared with LP5562)
2 x LAN Activity / Speed LEDs (On the RJ45 Port)
BUTTON: one Reset button
MISC: Bluetooth LE Ti cc2650 PG2.3 4x4mm - BL_CONFIG at 0x0001FFD8
AT24C64 8KiB EEPROM
Kensington Lock
Serial:
WARNING: The serial port needs a TTL/RS-232 3V3 level converter!
The Serial setting is 115200-8-N-1. The board has a populated
1x4 0.1" header with half-height/low profile pins.
The pinout is: VCC (little white arrow), RX, TX, GND.
Flashing needs a serial adaptor, as well as patched ubootwrite utility
(needs Little-Endian support). And a modified u-boot (enabled Ethernet).
Meraki's original u-boot source can be found in:
<https://github.com/riptidewave93/meraki-uboot/tree/mr33-20170427>
Add images to do an installation via bootloader:
0. open up the MR33 and connect the serial console.
1. start the 2nd stage bootloader transfer from client pc:
# ubootwrite.py --write=mr33-uboot.bin
(The ubootwrite tool will interrupt the boot-process and hence
it needs to listen for cues. If the connection is bad (due to
the low-profile pins), the tool can fail multiple times and in
weird ways. If you are not sure, just use a terminal program
and see what the device is doing there.
2. power on the MR33 (with ethernet + serial cables attached)
Warning: Make sure you do this in a private LAN that has
no connection to the internet.
- let it upload the u-boot this can take 250-300 seconds -
3. use a tftp client (in binary mode!) on your PC to upload the sysupgrade.bin
(the u-boot is listening on 192.168.1.1)
# tftp 192.168.1.1
binary
put openwrt-ipq40xx-meraki_mr33-squashfs-sysupgrade.bin
4. wait for it to reboot
5. connect to your MR33 via ssh on 192.168.1.1
For more detailed instructions, please take a look at the:
"Flashing Instructions for the MR33" PDF. This can be found
on the wiki: <https://openwrt.org/toh/meraki/mr33>
(A link to the mr33-uboot.bin + the modified ubootwrite is
also there)
Thanks to Jerome C. for sending an MR33 to Chris.
Signed-off-by: Chris Blake <chrisrblake93@gmail.com> Signed-off-by: Mathias Kresin <dev@kresin.me> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Mathias Kresin [Fri, 26 Jan 2018 22:36:50 +0000 (23:36 +0100)]
base-files: add more name source to get_dt_led helper function
Not all LED driver are using the label devicetree property for the led
name. Add support for the TI/National Semiconductor LP55xx Led Drivers,
which are using the chan-name property for the led name, as fallback.
This patch adds support for ASUS RT-AC58U/RT-ACRH13.
hardware highlights:
SOC: IPQ4018 / QCA Dakota
CPU: Quad-Core ARMv7 Processor rev 5 (v7l) Cortex-A7
DRAM: 128 MiB DDR3L-1066 @ 537 MHz (1074?) NT5CC64M16GP-DI
NOR: 2 MiB Macronix MX25L1606E (for boot, QSEE)
NAND: 128 MiB Winbond W25NO1GVZE1G (cal + kernel + root, UBI)
ETH: Qualcomm Atheros QCA8075 Gigabit Switch (4 x LAN, 1 x WAN)
USB: 1 x 3.0 (via Synopsys DesignWare DWC3 controller in the SoC)
WLAN1: Qualcomm Atheros QCA4018 2.4GHz 802.11bgn 2:2x2
WLAN2: Qualcomm Atheros QCA4018 5GHz 802.11a/n/ac 2:2x2
INPUT: one Reset and one WPS button
LEDS: Status, WAN, WIFI1/2, USB and LAN (one blue LED for each)
Serial:
WARNING: The serial port needs a TTL/RS-232 3V3 level converter!
The Serial setting is 115200-8-N-1. The board has an unpopulated
1x4 0.1" header. The pinout (VDD, RX, GND, TX) is printed on the
PCB right next to the connector.
U-Boot Note: The ethernet driver isn't always reliable and can sometime
time out... Don't worry, just retry.
Access via the serial console is required. As well as a working
TFTP-server setup and the initramfs image. (If not provided, it
has to be built from the OpenWrt source. Make sure to enable
LZMA as the compression for the INITRAMFS!)
To install the image permanently, you have to do the following
steps in the listed order.
1. Open up the router.
There are four phillips screws hiding behind the four plastic
feets on the underside.
2. Connect the serial cable (See notes above)
3. Connect your router via one of the four LAN-ports (yellow)
to a PC which can set the IP-Address and ssh and scp from.
If possible set your PC's IPv4 Address to 192.168.1.70
(As this is the IP-Address the Router's bootloader expects
for the tftp server)
4. power up the router and enter the u-boot
choose option 1 to upload the initramfs image. And follow
through the ipv4 setup.
Wait for your router's status LED to stop blinking rapidly and
glow just blue. (The LAN LED should also be glowing blue).
3. Connect to the OpenWrt running in RAM
The default IPv4-Address of your router will be 192.168.1.1.
1. Copy over the openwrt-sysupgrade.bin image to your router's
temporary directory
The image production rules does not have the initramfs-image
as a dependency. So, from make’s perspective initramfs
creation can run independently/in parallel with the image
generation code in the target's Makefile.
This is a problem for devices that have to use the initramfs
for the image creation and can lead to broken images.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
mac80211: ath10k: search all IEs for variant before falling back
This patch adds the patch that was posted to ath10k-devel ML:
<https://patchwork.kernel.org/patch/10233491/>
|From: Thomas Hebb <tommyhebb@gmail.com>
|Subject: [PATCH] ath10k: search all IEs for variant before falling back
|Date: Wed, 21 Feb 2018 11:43:39 -0500
|[...]
|This patch fixes the issue by first searching the entire file for the ID
|with variant, and searching for the fallback ID only if that search
|fails. It also includes some code cleanup in the area, as
|ath10k_core_fetch_board_data_api_n() no longer does its own string
|mangling to remove the variant from an ID, instead leaving that job to a
|new flag passed to ath10k_core_create_board_name().
|
|I've tested this patch on a QCA4019 and verified that the driver behaves
|correctly for 1) both fallback and variant BDFs present, 2) only fallback
|BDF present, and 3) no matching BDFs present.
|
|Fixes: 1657b8f84ed9 ("ath10k: search SMBIOS for OEM board file extension")
|Signed-off-by: Thomas Hebb <tommyhebb@gmail.com>
Note: 937-ath10k-calibration-variant.patch has been reassigned a new 081
number, as it now ships with upstream.... But also because this patch
requires the change in ath10k_core_create_board_name().
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Mathias Kresin [Sat, 17 Feb 2018 08:07:54 +0000 (09:07 +0100)]
ipq40xx: fix GL.iNet GL-B1300 support
Rename the dts file to match the used SoC type and drop the unnecessary
KERNEL_INSTALL from the image build code.
Remove the fixed rootfs and kernel partitions and create an image with
rootfs appended after kernel.
Setup a switch portmap matching the hardware and a default network/switch
configuration to make make the second lan port working. Use eth0 as lan
to have it consistent accross the target.
Use the power LED to indicate the boot status.
Sort the SoC entries within the dts by address and use dtc labels
whenever possible.
Signed-off-by: Mathias Kresin <dev@kresin.me> Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
David Bauer [Sat, 10 Mar 2018 09:49:15 +0000 (10:49 +0100)]
ipq40xx: remove block- and pagesize from FB4040
This removes the block- and pagesize from the FritzBox 4040
image description, fixing incorrectly working sysupgrade.
With this commit, the default values for block- and pagesize are
used.
Signed-off-by: David Bauer <mail@david-bauer.net>
[chunkeey@gmail.com: removed 105-mtd-nor-add-mx25l25635f.patch as well] Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
There's an interaction issue between the clk changes:"
clk: qcom: ipq4019: Add the apss cpu pll divider clock node
clk: qcom: ipq4019: remove fixed clocks and add pll clocks
" and the cpufreq-dt.
cpufreq-dt is now spamming the kernel-log with the following:
[ 1099.190658] cpu cpu0: dev_pm_opp_set_rate: failed to find current OPP
for freq 761142857 (-34)
This only happens on certain devices like the Compex WPJ428
and AVM FritzBox!4040. However, other devices like the Asus
RT-AC58U and Meraki MR33 work just fine.
The issue stem from the fact that all higher CPU-Clocks
are achieved by switching the clock-parent to the P_DDRPLLAPSS
(ddrpllapss). Which is set by Qualcomm's proprietary bootcode
as part of the DDR calibration.
For example, the FB4040 uses 256 MiB Nanya NT5CC128M16IP clocked
at round 533 MHz (ddrpllsdcc = 190285714 Hz).
whereas the 128 MiB Nanya NT5CC64M16GP-DI in the ASUS RT-AC58U is
clocked at a slightly higher 537 MHz ( ddrpllsdcc = 192000000 Hz).
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Andy Walsh [Sat, 3 Feb 2018 20:00:27 +0000 (21:00 +0100)]
e2fsprogs: break out libcomerr/libss, FS#1310
libext2fs breaks krb5 by always installing its own copies of libcom_err.so
and libss.so.
Move the libraries into separate libcomerr and libss packages respectively
and add a host build recipe to stage the required compile_et and mk_cmds
utilities for use by other packages.
This allows the krb5 package to be fixed to use the system wide libcomerr
and libss libraries.
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
[rename libcom_err to libcomerr, make compile_et and mk_cmds relocatable,
cleanup makefile, add dependency on host build, reword commit message] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Rafał Miłecki [Wed, 14 Mar 2018 14:07:03 +0000 (15:07 +0100)]
kernel: use V10 of mtd patchset adding support for "compatible" string
In the commit bde5e7a632ef0 ("kernel: backport mtd implementation for
"compatible" in "partitions" subnode") patches that got accepted into
l2-mtd.git were backported to the kernels 4.9 and 4.14. Unfortunately
there was a regression report, patches were dropped and never reached
4.16.
This commit replaces these pseudo-backports with the latest version
that includes regression fix and futher changes that were requested.
Hans Dedecker [Mon, 12 Mar 2018 10:13:07 +0000 (11:13 +0100)]
glibc: fix applying of patches
Commit f4d9d7a removed support for version specific patches; but it also
broke applying of patches in the patches glibc dir.
Fix the issue by setting PATCH_DIR to $(PATH_PREFIX)/patches similar as
musl/common.mk.
Signed-off-by: Xinxing Hu <xinxing.huchn@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Felix Fietkau [Tue, 13 Mar 2018 12:33:04 +0000 (13:33 +0100)]
netifd: update to the latest version (fixes FS#1358)
1f5a29c ip: do not add local routes for host dependencies c06f842 device: add support for setting the isolate options for bridge ports 69aeaab interface-ip: fix route selection for host dependencies
Rafał Miłecki [Tue, 13 Mar 2018 09:20:08 +0000 (10:20 +0100)]
kernel: b53: drop support for old location of bcm47xx_nvram.h
In kernels 4.0 and older that header file was located in some subdir of
arch/mips/include. Target brcm47xx supports kernels 4.4 and 4.9 only so
that code isn't needed anymore.
André Draszik [Thu, 22 Feb 2018 11:04:28 +0000 (11:04 +0000)]
ramips: gpio: fix compilation if CONFIG_GPIO_SYSFS=n
If CONFIG_GPIO_SYSFS=n, compilation fails with
drivers/built-in.o: In function `gpio_export_with_name':
include/asm-generic/gpio.h:128: undefined reference to `__gpiod_export'
This is because the stub in that case has the wrong name,
_gpiod_export() - note the missing underscore (_) at the
start.
Fix the stub, and add the correct prototype for the real
implementation.
busybox tries to be smart and passes a number of additional flags to the
compiler. Unfortunately, the i386-specific flags break ABI compatiblity
with libc.
Fixes busybox crashes observed on x86-generic with GCC 7.
Felix Fietkau [Mon, 12 Mar 2018 09:31:19 +0000 (10:31 +0100)]
toolchain/gcc: switch to version 7 by default
Newer GCC versions are reported to improve code size on various ARM
devices, which is why newer u-boot versions require them now.
There have also been user reports of data corruption issues fixed on
MIPS by updating from GCC 5 to GCC 7.
This update was previously held up by these two MIPS compile issues,
which have since been fixed:
This commit introduces new subtarget for Marvell EBU Armada Cortex A53
processor based devices.
The first device is Globalscale ESPRESSObin. Some hardware specs:
SoC: Marvell Armada 3700LP (88F3720) dual core ARM Cortex A53
processor up to 1.2GHz
RAM: 512MB, 1GB or 2GB DDR3
Storage: SATA interface
µSD card slot with footprint for an optional 4GB EMMC
4MB SPI NOR flash for bootloader
Ethernet: Topaz Networking Switch (88E6341) with 3x GbE ports
Connectors: USB 3.0
USB 2.0
µUSB port connected to PL2303SA (USB to serial bridge
controller) for UART access
Expansion: 2x 46-pin GPIO headers for accessories and shields with
I2C, GPIOs, PWM, UART, SPI, MMC, etc
MiniPCIe slot
Misc: Reset button, JTAG interface
Currently booting only from µSD card is supported.
The boards depending on date of dispatch can come with various U-Boot
versions. For the newest version 2017.03-armada-17.10 no manual
intervention should be needed to boot OpenWrt image. For the older ones
it's necessary to modify default U-Boot environment:
1. Interrupt boot process to run U-Boot command line,
2. Run following commands:
(for version 2017.03-armada-17.06 and 2017.03-armada-17.08)
setenv bootcmd "load mmc 0:1 0x4d00000 boot.scr; source 0x4d00000"
saveenv
Ryan Mounce [Fri, 2 Jun 2017 16:31:06 +0000 (02:01 +0930)]
mvebu: add support for Turris Omnia
Adds support for the Turris Omnia and builds an eMMC sysupgrade image in
the same format as the SolidRun ClearFog.
An initramfs image in the simple yet Omnia-specific 'medkit' image format
is also built in order to ease the initial flashing process.
Notable hardware support omissions are support for switching between SFP
cage and copper PHY, and RGB LED control.
Due to a current limitation of DSA, only 1/2 CPU switch uplinks are used.
Specifications:
- Marvell Armada 385 1.6GHz dual-core ARMv7 CPU
- 1GB DDR3 RAM
- 8GB eMMC Flash
- 5x Gigabit LAN via Marvell 88E6176 Switch (2x RGMII CPU ports)
- 1x switchable RJ45 (88E1514 PHY) / SFP SGMII WAN
- 2x USB 3.0
- 12x dimmable RGB LEDs controlled by independent MCU
- 3x Mini PCIe slots
- Optional Compex WLE200N2 Mini PCIe AR9287 2x2 802.11b/g/n (2.4GHz)
- Optional Compex WLE900VX Mini PCIe QCA9880 3x3 802.11ac (2.4 / 5GHz)
- Optional Quectel EC20 Mini PCIe LTE modem
Flash instructions:
If the U-Boot environment has been modified previously (likely manually via
serial console), first use serial to reset the default environment.
=> env default -a
=> saveenv
Method 1 - USB 'medkit' image w/o serial
- Copy openwrt-mvebu-turris-omnia-sysupgrade.img.gz and
omnia-medkit-openwrt-mvebu-turris-omnia-initramfs.tar.gz to the root of a
USB flash drive formatted with FAT32 / ext2/3/4 / btrfs / XFS.
Note that the medkit MUST be named omnia-medkit*.tar.gz
- Disconnect other USB devices from the Omnia and connect the flash drive
to either USB port.
- Power on the Omnia and hold down the rear reset button until 4 LEDs are
illuminated, then release.
- Wait approximately 2 minutes for the Turris Omnia to flash itself with
the temporary image, during which LEDs will change multiple times.
- Connect a computer to a LAN port of the Turris Omnia with a DHCP client
- (if necessary) ssh-keygen -R 192.168.1.1
- ssh root@192.168.1.1
$ mount /dev/sda1 /mnt
$ sysupgrade /mnt/openwrt-mvebu-turris-omnia-sysupgrade.img.gz
- Wait another minute for the final OpenWrt image to be flashed. The Turris
Omnia will reboot itself and you can remove the flash drive.
Method 2 - TFTP w/ serial
- Extract omnia-medkit-openwrt-mvebu-turris-omnia-initramfs.tar.gz and copy
dtb + zImage to your TFTP server (rename if desired)
- Connect Turris Omnia WAN port to DHCP-enabled network with TFTP server
- Connect serial console and interrupt U-Boot
=> dhcp
=> setenv serverip <tftp_server_ip_here>
=> tftpboot 0x01000000 zImage
=> tftpboot 0x02000000 dtb
=> bootz 0x01000000 - 0x02000000
- OpenWrt will now boot from ramdisk
- Download openwrt-mvebu-turris-omnia-sysupgrade.img.gz to /tmp/
$ sysupgrade /tmp/openwrt-mvebu-turris-omnia-sysupgrade.img.gz
- Wait another minute for the final OpenWrt image to be flashed. The Turris
Omnia will reboot itself.
Ryan Mounce [Mon, 19 Feb 2018 14:01:34 +0000 (00:31 +1030)]
mvebu: disable DSA DT nodes for boards using mvsw61xx
As at this commit, DSA is not enabled in the kernel config for mvebu, so these
nodes have been ignored. In preparation for the first mvebu board using DSA,
disable these nodes for existing boards to avoid issues.
Henryk Heisig [Sun, 18 Feb 2018 08:47:13 +0000 (09:47 +0100)]
firmware: ath10k-firmware: update QCA9984 firmware to 10.4-3.5.3-00053
This patch updates ath10k-firmware to use the
firmware-5.bin_10.4-3.5.3-00053 firmware for the QCA9984.
The update fixes "ath10k_pci 0001:01:00.0: Invalid VHT mcs 15 peer
stats" spamming the kernel ring buffer at very high frequencies, but
introduces the new "ath10k_pci 0001:01:00.0: Unknown eventid: 36925".
This new warning doesn't appear to cause problems in practice and is
only emitted relatively rarely, not causing dmesg to overflow within
minutes.
Tested on the ZyXEL NBG6817; early feedback also suggests this firmware
to work well (with the same fixes and caveats) on the Netgear r7800 as
well.
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> Signed-off-by: Henryk Heisig <hyniu@o2.pl>
Stijn Tintel [Fri, 2 Mar 2018 10:14:11 +0000 (11:14 +0100)]
firewall: bump to git HEAD
392811a ubus: let fw3_ubus_address() return the number of resolved addresses 359adcf options: emit an empty address item when resolving networks fails 503db4a zones: disable masq when resolving of all masq_src or masq_dest items failed f50a524 helpers: implement explicit CT helper assignment support a3ef503 zones: allow per-table log control 8ef12cb iptables: fix possible NULL pointer access on constructing rule masks
base-files: tune fragment queue thresholds for available system memory
The default fragment low/high thresholds are 3 and 4 MB. On devices with
only 32MB RAM, these settings may lead to OOM when many fragments that
cannot be reassembled are received. Decrease fragment low/high thresholds
to 384 and 512 kB on devices with less than 64 MB RAM.
imagebuilder: reuse rootfs preparation from rootfs.mk
In addition to removing redundant code, this fixes various issues in
IB-generated images that have been fixed in prepare_rootfs before,
including better handling of CONFIG_CLEAN_IPKG and enabling of initscripts
from FILES.
We also reuse the opkg macro and remove --force-... flags that have been
removed from rootfs.mk as well.
include/rootfs.mk: retain list of conffiles with CONFIG_CLEAN_IPKG
/usr/lib/opkg/status must not be removed completely, otherwise the
packages' conffile lists will be missing. Replace it with a reduced version
only containing the conffile entries.
7c0d711 version: bump snapshot b6a5cc0 contrib: add extract-handshakes kprobe example 37dc953 wg-quick: if resolvconf/run/iface exists, use it 1f9be19 wg-quick: if resolvconf/interface-order exists, use it 4d2d395 noise: align static_identity keys 14395d2 compat: use correct -include path 38c6d8f noise: fix function prototype 302d0c0 global: in gnu code, use un-underscored asm ff4e06b messages: MESSAGE_TOTAL is unused ea81962 crypto: read only after init e35f409 Kconfig: require DST_CACHE explicitly 9d5baf7 Revert "contrib: keygen-html: rewrite in pure javascript" 6e09a46 contrib: keygen-html: rewrite in pure javascript e0af0f4 compat: workaround netlink refcount bug ec65415 contrib: embedded-wg-library: add key generation functions 06099b8 allowedips: fix comment style ce04251 contrib: embedded-wg-library: add ability to add and del interfaces 7403191 queueing: skb_reset: mark as xnet
Changes:
* queueing: skb_reset: mark as xnet
This allows cgroups to classify packets.
* contrib: embedded-wg-library: add ability to add and del interfaces
* contrib: embedded-wg-library: add key generation functions
The embeddable library gains a few extra tricks, for people implementing
plugins for various network managers.
* crypto: read only after init
* allowedips: fix comment style
* messages: MESSAGE_TOTAL is unused
* global: in gnu code, use un-underscored asm
* noise: fix function prototype
Small cleanups.
* compat: workaround netlink refcount bug
An upstream refcounting bug meant that in certain situations it became
impossible to unload the module. So, we work around it in the compat code. The
problem has been fixed in 4.16.
* contrib: keygen-html: rewrite in pure javascript
* Revert "contrib: keygen-html: rewrite in pure javascript"
We nearly moved away from emscripten'ing the fiat32 code, but the resultant
floating point javascript was just too terrifying.
* Kconfig: require DST_CACHE explicitly
Required for certain frankenkernels.
* compat: use correct -include path
Fixes certain out-of-tree build systems.
* noise: align static_identity keys
Gives us better alignment of private keys.
* wg-quick: if resolvconf/interface-order exists, use it
* wg-quick: if resolvconf/run/iface exists, use it
Better compatibility with Debian's resolvconf.
* contrib: add extract-handshakes kprobe example
Small utility for extracting ephemeral key data from the kernel's memory.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (git log --oneline description)
Hans Dedecker [Mon, 5 Mar 2018 09:23:09 +0000 (10:23 +0100)]
nghttp2: bump to 1.31.0
6e744662 Update bash_completion 478eac09 Update manual pages 88e2029e Bump up version number to 1.31.0, LT revision to 30:0:16 45d76cf5 nghttpx: Close listening socket on graceful shutdown 54573f28 Merge pull request #1137 from nghttp2/session-set-user-data 17793e99 Add nghttp2_session_set_user_data() public API function 5eac3c90 Update manual pages e70195ae nghttpx: Update doc fe51e7fa Merge pull request #1130 from nghttp2/avoid-inet_pton-macro eb951c2c src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro 39f0ce7c Merge pull request #1126 from nghttp2/nghttpx-expired-client-cert 65157811 Merge pull request #1123 from nghttp2/mruby-client-cert-not-before-after e8af7afc nghttpx: Add an option to accept expired client certificate 38abfd18 nghttpx: Add mruby tls_client_not_before, and tls_client_not_after ff3edc09 nghttpx: Fix potential memory leak 0bb15406 Bump up version number to 1.31.0-DEV
Hauke Mehrtens [Sat, 3 Mar 2018 00:21:08 +0000 (01:21 +0100)]
lantiq: Deactivate ASLR support for some applications
The lantiq components still leak some user space linker options into the
kernel space. This breaks with build when ASLR is activated, deactivate
it for now on these packages.
projects / thirdparty / openwrt.git / log
