7c0d711 version: bump snapshot b6a5cc0 contrib: add extract-handshakes kprobe example 37dc953 wg-quick: if resolvconf/run/iface exists, use it 1f9be19 wg-quick: if resolvconf/interface-order exists, use it 4d2d395 noise: align static_identity keys 14395d2 compat: use correct -include path 38c6d8f noise: fix function prototype 302d0c0 global: in gnu code, use un-underscored asm ff4e06b messages: MESSAGE_TOTAL is unused ea81962 crypto: read only after init e35f409 Kconfig: require DST_CACHE explicitly 9d5baf7 Revert "contrib: keygen-html: rewrite in pure javascript" 6e09a46 contrib: keygen-html: rewrite in pure javascript e0af0f4 compat: workaround netlink refcount bug ec65415 contrib: embedded-wg-library: add key generation functions 06099b8 allowedips: fix comment style ce04251 contrib: embedded-wg-library: add ability to add and del interfaces 7403191 queueing: skb_reset: mark as xnet
Changes:
* queueing: skb_reset: mark as xnet
This allows cgroups to classify packets.
* contrib: embedded-wg-library: add ability to add and del interfaces
* contrib: embedded-wg-library: add key generation functions
The embeddable library gains a few extra tricks, for people implementing
plugins for various network managers.
* crypto: read only after init
* allowedips: fix comment style
* messages: MESSAGE_TOTAL is unused
* global: in gnu code, use un-underscored asm
* noise: fix function prototype
Small cleanups.
* compat: workaround netlink refcount bug
An upstream refcounting bug meant that in certain situations it became
impossible to unload the module. So, we work around it in the compat code. The
problem has been fixed in 4.16.
* contrib: keygen-html: rewrite in pure javascript
* Revert "contrib: keygen-html: rewrite in pure javascript"
We nearly moved away from emscripten'ing the fiat32 code, but the resultant
floating point javascript was just too terrifying.
* Kconfig: require DST_CACHE explicitly
Required for certain frankenkernels.
* compat: use correct -include path
Fixes certain out-of-tree build systems.
* noise: align static_identity keys
Gives us better alignment of private keys.
* wg-quick: if resolvconf/interface-order exists, use it
* wg-quick: if resolvconf/run/iface exists, use it
Better compatibility with Debian's resolvconf.
* contrib: add extract-handshakes kprobe example
Small utility for extracting ephemeral key data from the kernel's memory.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (git log --oneline description)
Hans Dedecker [Mon, 5 Mar 2018 09:23:09 +0000 (10:23 +0100)]
nghttp2: bump to 1.31.0
6e744662 Update bash_completion 478eac09 Update manual pages 88e2029e Bump up version number to 1.31.0, LT revision to 30:0:16 45d76cf5 nghttpx: Close listening socket on graceful shutdown 54573f28 Merge pull request #1137 from nghttp2/session-set-user-data 17793e99 Add nghttp2_session_set_user_data() public API function 5eac3c90 Update manual pages e70195ae nghttpx: Update doc fe51e7fa Merge pull request #1130 from nghttp2/avoid-inet_pton-macro eb951c2c src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro 39f0ce7c Merge pull request #1126 from nghttp2/nghttpx-expired-client-cert 65157811 Merge pull request #1123 from nghttp2/mruby-client-cert-not-before-after e8af7afc nghttpx: Add an option to accept expired client certificate 38abfd18 nghttpx: Add mruby tls_client_not_before, and tls_client_not_after ff3edc09 nghttpx: Fix potential memory leak 0bb15406 Bump up version number to 1.31.0-DEV
Hauke Mehrtens [Sat, 3 Mar 2018 00:21:08 +0000 (01:21 +0100)]
lantiq: Deactivate ASLR support for some applications
The lantiq components still leak some user space linker options into the
kernel space. This breaks with build when ASLR is activated, deactivate
it for now on these packages.
Hauke Mehrtens [Fri, 2 Mar 2018 23:20:43 +0000 (00:20 +0100)]
lantiq: ltq-ifxos: activate build with mips16
The build process does not leak the user space cflags into the kernel
build process any more, this allows to activate MIPS16 builds.
This was fixed with some update of ifxos.
This decreases size of the libifxos.a and the ltq-vdsl-app
old:
78320 libifxos.a
44383 ltq-vdsl-app_4.17.18.6-2_mips_24kc.ipk
Stijn Segers [Wed, 28 Feb 2018 21:53:37 +0000 (22:53 +0100)]
kernel: bump 4.14 to 4.14.23
This patch bumps the 4.14 kernel to .23.
- Refreshed patches.
- Deleted bcm53xx/patches-4.14/089-PCI-iproc-Fix-NULL-pointer-dereference-for-BCMA.patch. Has been accepted upstream.
- Deleted generic/pending-4.14/821-usb-Remove-annoying-warning-about-bogus-URB.patch. The upstream URB code was changed,
the patch no longer applies. I discussed this with the patch author and removed it for now, we'll see how it goes.
Compile-tested on: ramips/mt7621, x86/64
Run-tested on: ramips/mt7621, x86/64
mvebu: rename clearfog sysupgrade script and functions
Cosmetic name change of ClearFog sysupgrade script and its functions to
more generic sdcard. This way it won't be confusing for other future
device additions.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
mvebu: fix partition type and signature for sdcard
Previously the partition signature was assigned from provided type. Now
both are corrected wherein signature is always generated from
SOURCE_DATE_EPOCH. With that the root file system can be identified
by PARTUUID string, without relying on static declaration of device node.
This commit also does some cosmetics, removing trailing whitespace and
replacing spaces with tab.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
mvebu: remove redefinition of image name for clearfog
The IMAGE_NAME redefinition causes overwriting of generated SD card
image when multiple root file system types are selected. In result only
single SD card image is generated. This commit fixes this behaviour.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Josua Mayer [Thu, 19 Oct 2017 07:22:11 +0000 (09:22 +0200)]
mvebu: clearfog: use partition uuid for root= bootarg
U-Boot already knows where it found the boot.scr, and
figuring out the partition UUID becomes trivial at this point.
This change allows booting OpenWrt from whatever storage it has been
flashed to: SD card, eMMC, USB disk or SATA disk.
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
[replace lede with openwrt, redact commit message] Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Hauke Mehrtens [Sun, 18 Feb 2018 17:57:02 +0000 (18:57 +0100)]
mvebu: activate more workarounds for ARM erratas
The Armada XP uses a Marvell PJ4Bv7 Processor for which already one
workaround for an errata is activated.
The Armada 285 uses a Cortex A9 r4p1 for which the Linux kernel provides
a workaround for ERRATA_764369, activate this.
Hans Dedecker [Fri, 2 Mar 2018 13:28:43 +0000 (14:28 +0100)]
gre: squash grev4 and grev6 packages into gre (FS#1399)
The split-up into packages gre, grev4 and grev6 causes confusion for the
users as reported in FS#1399.
As IPv4 and IPv6 are considered now as bundled; squash the grev4 and grev6
packages into the gre package and let gre provide both grev4 and grev6.
Hans Dedecker [Thu, 1 Mar 2018 17:38:55 +0000 (18:38 +0100)]
netifd: add udhcpc link check to dhcp shell handler script
Fixes the assumption the busybox udhcpc applet is always enabled; in case
the symbolic link check fails the DHCP shell handler script will exit and
as result the DHCP protocol handler will not be registered in netifd.
Rafał Miłecki [Thu, 1 Mar 2018 11:32:07 +0000 (12:32 +0100)]
mac80211: rename patches accepted upstream
This is to simplify maintenance. It's easy to say now which patches need
some extra work and/or sending upstream. Updating to newer backports
should be also simpler with this.
Felix Fietkau [Wed, 28 Feb 2018 20:10:32 +0000 (21:10 +0100)]
Revert "ath: do not apply broken power limits with ATH_USER_REGD"
This reverts commit 79a768a90fa94c0a38c9def1992cc974c091e286.
Some devices can go over their power limits with this commit, so this
needs to be handled on a case by case basis instead
Rafał Miłecki [Tue, 27 Feb 2018 15:44:25 +0000 (16:44 +0100)]
base-files: fix off-by-one in counting seconds for factory reset
There was a mismatch between indicating factory reset and code actually
starting it. After 5 seconds status LED started blinking rapidly letting
user know it's ready to release reset button. In practice button had to
stay pressed for another second in order to relly start the process.
Felix Fietkau [Mon, 26 Feb 2018 11:30:28 +0000 (12:30 +0100)]
netifd: update to the latest version, rewrite RPS/XPS handling
Remove RPS/XPS support from netifd core, move the logic to a hotplug
script that uses a different policy which provides better performance
and more fairness across flows
Rosen Penev [Wed, 7 Feb 2018 21:57:30 +0000 (13:57 -0800)]
ag71xx: Move timestamp struct member outside of struct.
With this change, the timestamp variable is only used in ag71xx_check_dma_stuck. Small tx speedup.
Based on a Qualcomm commit. ag->timestamp = jiffies was not replaced with netif_trans_update(dev) because of this quote:
It should be noted that after this series several instances
of netif_trans_update() are useless (if they occur in
.ndo_start_xmit and driver doesn't set LLTX flag -- stack already
did an update).
Felix Fietkau [Tue, 27 Feb 2018 14:09:43 +0000 (15:09 +0100)]
ramips: fix spurious IRQ7 events when using perf on 4.14
Upstream handling of MIPS CPU IRQs is rather hackish and the interrupts
are being enabled unconditionally in various places because of legacy
code.
Performance counter events are routed both through the GIC and through
legacy CPU IRQ7 events, causing spurious interrupts.
Fix this by disabling IRQ7 when trying to access the performance counter
IRQ.
Johnny S. Lee [Tue, 30 Jan 2018 17:19:51 +0000 (01:19 +0800)]
mwlwifi: add and use individual firmware packages
As each mvebu device only uses one of the firmwares provided by mwlwifi
package, it makes sense to put them in separate packages and only install
the one that is needed.
Current mwlwifi version's firmware sizes and usages by devices:
88W8864.bin 118776 caiman, mamba, cobra, shelby
88W8897.bin 489932 (none)
88W8964.bin 449420 rango
Changes by this commit:
* indicate in title that mwlwifi also is driver for 88W8897 and 88W8964
* remove mwlwifi package's firmware installation rules
* add 3 new individual firmware packages (all depends on kmod-mwlwifi):
- mwlwifi-firmware-88w8864
- mwlwifi-firmware-88w8897
- mwlwifi-firmware-88w8964
* add firmware package to mvebu devices' DEVICE_PACKAGES accordingly
Signed-off-by: Johnny S. Lee <_@jsl.io>
[Add the used FW files to the PACKAGES of default image] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
/lib/functions.sh can deal with Require-User specifications that only
contain a group, but no user. Adjust metadata.pm to allow such
specifications as well.
Jonas Gorski [Sun, 25 Feb 2018 21:52:41 +0000 (22:52 +0100)]
mvebu: fix SFP insert detection GPIO name on 4.14
When SFP support was accepted upstream, the expected GPIO names were
slightly changed, breaking SFP insert detection. Update the DTS file to
the expected name to make SFP work again.
Fixes: 4ccad922293a ("mvebu: Add support for kernel 4.14") Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
perf: restrict libunwind dependency to archs that actually support libunwind
Allow building perf on uncommon targets again.
Depending on the kernel version, not all of these archs will actually use
libunwind in perf. Still, it seems simpler and less error-prone to use the
same list that is defined in the libunwind package.
Hauke Mehrtens [Sat, 24 Feb 2018 11:47:59 +0000 (12:47 +0100)]
kernel: generic: Fix skip GRO for foreign MAC address patches
Somewhere in the kernel 4.9 migration process it looks like this patch
was broken. The update should be done when a device is added to the
bridge and when it gets removed, currently it is only done on the remove
path twice which does not make any sense.
I do not have a setup to test this now so this is only compile tested.
Jakub Tymejczyk [Wed, 21 Feb 2018 11:55:31 +0000 (12:55 +0100)]
samba36: fix build (issue #5574)
As indicated in #5574 samba fails to build with linker error due to lack
of talloc_* functions when the packet libtalloc also gets build.
According to Makefile it is compiled with "--without-libtalloc" option.
Running ./configure --help shows that there is another option connected
to libtalloc: --enable/disable-external-libtalloc.
Adding this option fixes build.
Signed-off-by: Jakub Tymejczyk <jakub@tymejczyk.pl>
Ansuel Smith [Sat, 17 Feb 2018 15:58:57 +0000 (16:58 +0100)]
iptables: update to 1.6.2
459b6932 policy: add nft translation for simple policy none/strict use case 255e55b7 tests: xlate-test: no need to require superuser privileges 6990bbc5 extensions: hashlimit: remove space before burst in translation to nft 13ecaeb0 extensions: hashlimit: Rename 'flow table' keyword to meter c252a2b0 extensions: Add test for cluster nft translation bda1daa4 extensions: ip6t_{S,D}NAT: add more tests 88fa4543 extensions: ip6t_{S,D}NAT: multiple to-dst/to-src arguments not reported 64a0e098 extensions: libxt_cluster: Add translation to nft 6067208f extensions: add support for 'srh' match 0f387b07 extensions: hashlimit: fix incorrect burst in translations 1ffe6a74 extensions: libxt_hashlimit: Do not print default timeout and burst 27de281d extensions: Add macro _DEFAULT_SOURCE. 75364151 iptables: Remove const qualifier from struct option. 8b0da213 iptables: masquerade: add randomize-full support e64db006 iptables: patch to correct linker flag sequence 033eac81 extensions: libxt_tcpmss: Add test case for invalid ranges. 505bfa11 iptables: xtables-eb: Remove const qualifier from struct option a6d6821a iptables: extensions: Fix MARK target help 71de414c libxt_sctp: fix array out of range in print_chunk 1a32381a extensions: add tests for ipcomp protocol 4bd51770 tests: xlate: print output in same way as nft-test.py d0e3d95f libxt_recent: Remove ineffective checks for info->name 23e6ed71 libxt_TOS: add tests for translation infrastructure 9564595e Update .gitignore bebce197 iptables: iptables-compat translation for TCPMSS dbbab0aa extensions: libxt_tcpmss: Detect invalid ranges 0e958281 iptables-translate: add test file for TCPMSS extension de3c68b6 iptables-compat: do not allow to delete populated user define chains f4b80ce7 iptables: change large file support handling f5b46c2f iptables: Constify option struct 21ba5b38 ip{,6}tables-restore: Don't accept wait-interval without wait 60e0ffd3 ip{,6}tables-restore: Don't ignore missing wait-interval value af468b6e utils: Add a man page for nfnl_osf 1773dcaa utils: nfnl_osf: Fix synopsis in help text 895ce096 extensions: libxt_bpf: fix missing __NR_bpf declaration 3c633296 xtables-compat-restore: fix translation of mangle's OUTPUT 1c32e560 netfilter: xt_hashlimit: add rate match mode b5331f88 xtables-compat: fix memory leak when listing 91ae12e3 xtables-compat-restore: fix several memory leaks 79e1edd1 iptables-xml: Fix segfault on jump without a target c49a93f1 xtables-translate: fix double space before comment 79fa7cc2 libip6t_icmp6: xlate: remove leftover space 8e62f572 tests: xlate: generalize owner 8d994bcf iptables: Add file output option to iptables-save f8e5ebc5 iptables: Fix crash on malformed iptables-restore 80d8bfaa iptables: insist that the lock is held. c29d99c8 libxtables: Display weird character warning for wildcards 1fe96cfb tests: xlate: check if it is being run as root 3f92b259 tests: xlate: remove python 3.5 dependency d89dc47a iptables-restore/save: exit when given an unknown option 65801d02 iptables-restore.8: document -w/-W options 9cd3adbe iptables-restore/ip6tables-restore: add --version/-V argument 1ec1fb7a extensions: libxt_hashlimit: fix 64-bit printf formats 27f69f4a iptables: extensions: Remove typedef in struct. 340105fa tests: add regression tests for xtables-translate b669e184 extensions: libxt_TOS: Add translation to nft b2a84476 iptables: Remove unnecessary braces. 2963a8df iptables: Remove explicit static variables initalization. 1cf4ba6f iptables: Constify option struct 999eaa24 iptables-restore: support acquiring the lock. 6e2e169e iptables: remove duplicated argument parsing code 836846f0 iptables: move XT_LOCK_NAME from CFLAGS to config.h. b91af533 iptables: set the path of the lock file via a configure option. 0e94eb2e iptables-translate: print nft iff there are more expanded rules to print 48ad179b libxtables: abolish AI_CANONNAME 9f50bbdf libxtables: remove unnecessary nesting from host_to_ip(6)addr c6df55d6 iptables-translate: print nft command for each expand rules via dns names 82dacbb8 xtables-translate: Avoid querying the kernel 9f972f45 extensions: libxt_addrtype: Add translation to nft 2c8e251e utils: nfsynproxy: fix build with musl libc 9b8cb756 libiptc: don't set_changed() when checking rules with module jumps eb66632d extensions: libxt_hashlimit: Add translation to nft 72bb3dbf xshared: using the blocking file lock request when we wait indefinitely 24f81746 xshared: do not lock again and again if "-w" option is not specified fc3c3b4e libxt_hashlimit: add new unit test to catch kernel bug 516d9191 iptables: update pf.os
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Mathias Kresin [Wed, 21 Feb 2018 07:56:59 +0000 (08:56 +0100)]
apm821xx: nand remove obsolete kernel config symbol
The missing CONFIG_USB_XHCI_PCI dependency on CONFIG_USB_PCI of the
µPD720201 xhci-pci(e) usb 3.0 chip used by the WNDR4700 was fixed with 6112abf186bf ("kernel: enable CONFIG_USB_PCI for PCI usb modules").
Commit c38fb585763f ("kernel: fix disabling common usb quirks on 4.14")
finally fixed the following build error:
drivers/usb/host/xhci-pci.c: In function 'xhci_pci_probe':
drivers/usb/host/xhci-pci.c:749:6: error: implicit declaration of function 'usb_xhci_needs_pci_reset' [-Werror=implicit-function-declaration]
if (usb_xhci_needs_pci_reset(dev)) {
Hence the CONFIG_USB_PCI symbol isn't required any longer in target kernel
config.
Piotr Dymacz [Fri, 26 Jan 2018 15:21:34 +0000 (16:21 +0100)]
ramips: add support for ALFA Network AWUSFREE1
ALFA Network AWUSFREE1 is an USB Wi-Fi N300 adapter based on MT7628.
Specification:
- MT7628AN (580 MHz)
- 64 MB of RAM (DDR2)
- 8 MB of FLASH (SPI NOR)
- 2T2R 2.4 GHz (MT7628) with external FEM (RFFM4203)
- 2x detachable antennas (RP-SMA)
- ASIX AX88772 USB to Ethernet bridge (connected with MT7628 PHY0)
- 4x LED (2 driven by GPIO)
- 1x button (reset)
- 1x mini USB for host and main power input
- UART header on PCB
Flash instruction:
You can use sysupgrade image directly in vendor firmware which is based
on LEDE/OpenWrt. Alternatively, you can use web recovery mode in U-Boot:
1. Power device with reset button pressed and release it after ~5 sec.
2. Setup static IP 192.168.1.2/4 on your PC.
3. Go to 192.168.1.1 in browser and upload "sysupgrade" image.
projects / thirdparty / openwrt.git / log
