L. D. Pinney [Thu, 29 Dec 2016 07:43:08 +0000 (01:43 -0600)]
ramips: MiWiFi Nano fixes
Use the the dt-bindings macros and add the reset button.
Set the correct polarity for the LEDs and drop the default state.
Remove all trigger for the LEDs. According to the manual the LEDs are
only used to show the operation state, where blue means normal
operation.
Use the MAC-Addresses stored in EEPROM for the ethernet and the
wireless interface.
Signed-off-by: L. D. Pinney <ldpinney@gmail.com>
[use leds only for boot status indication, add proper commit message] Signed-off-by: Mathias Kresin <dev@kresin.me>
Alberto Bursi [Sun, 1 Jan 2017 16:24:18 +0000 (17:24 +0100)]
base-files: fix message of initscript wrapper
currently (after blogic's edit to my commit) it prints like this:
root@lede:/# service aa
aa does not exist. the following services are available :adblock dnsmasq gpio_switch rpcd system
boot done led sqm uhttpd
crelay dropbear log sysctl umount
cron firewall network sysfixtime urandom_seed
ddns fstab odhcpd sysntpd
which looks pretty bad, and is even worse if someone writes only "service" without arguments, as it will print " does not exist. " which is confusing.
with this commit it looks like this:
root@lede:/# service
service "" not found, the following services are available:
adblock dnsmasq gpio_switch rpcd system
boot done led sqm uhttpd
crelay dropbear log sysctl umount
cron firewall network sysfixtime urandom_seed
ddns fstab odhcpd sysntpd
Yes there is some play with " and ', it is to display "name" or just "" if no service name is entered (like in the example).
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
Hauke Mehrtens [Mon, 2 Jan 2017 12:34:57 +0000 (13:34 +0100)]
oxnas: fix syntax in ox820-akitio.dts
This commit introduced a syntax error in ox820-akitio.dts which is
fixed now:
commit 5cde94d9ab577c5ab68fc71e15a05d1bda5041f2
Author: Daniel Golle <daniel@makrotopia.org>
Date: Sat Sep 24 01:14:53 2016 +0200
oxnas: backport upstream NAND driver
This caused the folowing error message in the build bot:
Error: arch/arm/boot/dts/ox820-akitio.dts:146.3-147.1 syntax error
FATAL ERROR: Unable to parse input tree
scripts/Makefile.lib:293: recipe for target 'arch/arm/boot/dts/ox820-akitio.dtb' failed
make[5]: *** [arch/arm/boot/dts/ox820-akitio.dtb] Error 1
Hauke Mehrtens [Mon, 2 Jan 2017 12:07:10 +0000 (13:07 +0100)]
curl: update to version 7.52.1
This fixes the folowing security problems:
CVE-2016-9586: printf floating point buffer overflow
CVE-2016-9952: Win CE schannel cert wildcard matches too much
CVE-2016-9953: Win CE schannel cert name out of buffer read
CVE-2016-9594: unititialized random
Magnus Kroken [Fri, 30 Dec 2016 00:31:29 +0000 (01:31 +0100)]
mbedtls: enable DHE-RSA key exchange
Later OpenVPN 2.3-openssl versions only enable
TLS cipher suites with perfect forward secrecy, i.e. DHE and ECDHE
cipher suites. ECDHE key exchange is not supported by
OpenVPN 2.3-openssl, enable DHE key exchange to allow LEDE
OpenVPN 2.4-mbedtls clients to connect to such servers.
Signed-off-by: Magnus Kroken <mkroken@gmail.com> Reported-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Reported-by: Lucian Cristian <luci@createc.ro>
Magnus Kroken [Fri, 30 Dec 2016 00:31:28 +0000 (01:31 +0100)]
mbedtls: enable secp384r1 elliptic curve support
Secp384r1 is the default curve for OpenVPN 2.4+. Enable this to
make OpenVPN-mbedtls clients able to perform ECDHE key exchange
with remote OpenVPN 2.4-openssl servers that use the default
OpenVPN curve.
Felix Fietkau [Tue, 27 Dec 2016 19:54:15 +0000 (20:54 +0100)]
ath9k: fix issues with external reset on AR913x
An external reset patch for AR955x accidentally led to external reset
being issued twice on AR913x, once before the RTC reset and once after.
This may be causing some stability issues.
Felix Fietkau [Tue, 27 Dec 2016 11:10:53 +0000 (12:10 +0100)]
ath9k: remove old rx dma stop check optimization
This commit was added to improve reset time on old SoC devices that run
into chip hangs more frequently. However with the more recent addition
of full WMAC reset on these chips, it could be problematic.
Drop this patch to ensure that DMA activity is really stopped before the
chip reset is issued
opkg: vfork external gzip command to uncompress data
Opkg's builtin decompression code is unsuitable to process nested archives as
it uses a single shared state and relies on undefined seek behaviour for pipes.
Rework the extraction logic to use the external gzip command as I/O filter for
decompressing data and remove the builtin inflate code entirely.
This shrinks the final opkg binary by about 4KB and results in less runtime
memory consumption due to efficient use of vfork() and less copy-on-write
operations in the forked child.
Rework by Felix: create a thread that relays data to the gzip process
instead of using a fragile poll loop
Signed-off-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Stijn Tintel [Tue, 27 Dec 2016 03:41:30 +0000 (04:41 +0100)]
Revert "opkg: vfork external gzip command to uncompress data"
This reverts commit 0090adcd5c94adad2168cd9b338f45827533c81d.
It breaks reading package list in /tmp/opkg-lists, making it impossible
to install packages from feeds in snapshots.
Alberto Bursi [Sat, 24 Dec 2016 12:32:26 +0000 (13:32 +0100)]
package/Makefile & ipkg-make-index.sh: add full package data list
The external script used to generate the package lists for the
LEDE wiki's table of packages [1] and package indexes [2] requires
a "Source:" field in the package lists to find package makefiles.
The package makefiles are used to read the package's Category and Submenu.
Add a separate package list file with full data to be used by the wiki's script.
It's called Packages.manifest and isn't compressed as it's not necessary.
opkg: vfork external gzip command to uncompress data
Opkg's builtin decompression code is unsuitable to process nested archives as
it uses a single shared state and relies on undefined seek behaviour for pipes.
Rework the extraction logic to use the external gzip command as I/O filter for
decompressing data and remove the builtin inflate code entirely.
This shrinks the final opkg binary by about 4KB and results in less runtime
memory consumption due to efficient use of vfork() and less copy-on-write
operations in the forked child.
Rework by Felix: create a thread that relays data to the gzip process
instead of using a fragile poll loop
Signed-off-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Hans Dedecker [Sun, 25 Dec 2016 19:56:45 +0000 (20:56 +0100)]
netifd: Upstep to git HEAD version
64a655d proto: allow configuring deprecated static IPv6 addresses c99182e remove obsolete /opt/local prefix on Mac OS X 0249d5f system-linux: Don't set gre tunnel ttl by default to 64 (#FS312) edc15ca ubus: Display the IPv6 prefix assigned address
Hauke Mehrtens [Sun, 25 Dec 2016 14:19:20 +0000 (15:19 +0100)]
ppc44x: fix build of crypto4xx_core.c
crypto4xx_probe() is in the __init section and referenced by code form
other sections, which causes a build error. Backport a patch from
mainline kernel to fix this.
Hauke Mehrtens [Sat, 17 Dec 2016 14:00:59 +0000 (15:00 +0100)]
kernel: add KERNEL_DEVMEM and KERNEL_DEVKMEM
These options are needed to create /dev/mem or /dev/kmem .
/dev/mem is needed by the io tool to access raw hardware memory, which
is helpful when debugging and developing drivers.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: John Crispin <john@phrozen.org>
Zefir Kurtisi [Thu, 22 Dec 2016 09:39:51 +0000 (10:39 +0100)]
libpcap: Fix build when PACKAGECONFIG ipv6 is not enabled
Add patches provided upstream [1] by Fabio Berton to fix error:
> ./gencode.c: In function 'pcap_compile':
> ./gencode.c:693:8: error: 'compiler_state_t {aka struct _compiler_state}' has no member named 'ai'
> cstate.ai = NULL;
> ^
> ./gencode.c: In function 'gen_gateway':
> ./gencode.c:4914:13: error: 'cstate' undeclared (first use in this function)
> bpf_error(cstate, "direction applied to 'gateway'");
> ^
Mathias Kresin [Thu, 22 Dec 2016 08:18:05 +0000 (09:18 +0100)]
lantiq: drop the FRITZ7360SL led-dsl alias
The power LED can not be used for indicating the xDSL line state and
the in system (boot) state at the same time in LEDE. As soon as the
xDSL Line goes down, the power LED is switched off.
During xDSL handshake the power led would blink with the same or a
similar pattern as during boot.
Mathias Kresin [Fri, 23 Dec 2016 08:46:48 +0000 (09:46 +0100)]
ramips: use different board names for variants
Use different names for flash size related board variants, to make sure
that only images for the actual flash size are considered as valid by
the image validation code.
Remove the flash size suffix from the string returned by
ramips_board_detect() to ensure that existing scripts relying on the
former used boardname are still working.
Mathias Kresin [Thu, 1 Dec 2016 06:37:03 +0000 (07:37 +0100)]
ramips: fix image validation errors
The name from the Device define will be used in the metadata. Due to
typos/different spelling, this name might not match the one exported in
/lib/ramips.sh.
Fix all name mismatches which were found by checking if the name used
in the metadata exists in /lib/ramips.sh.
Felix Fietkau [Thu, 22 Dec 2016 16:04:12 +0000 (17:04 +0100)]
kirkwood: clean up FEATURES
Remove dt: it is implicitly enabled based on the kernel config
Remove tar.gz and jffs2_nand: Legacy build code has been removed,
NAND devices are only supported with UBI now.
Remove ubifs: deprecated, use squashfs images instead
Jo-Philipp Wich [Fri, 23 Dec 2016 18:15:14 +0000 (19:15 +0100)]
generic: ar8216: fix invalid bounds check imported from ChromeOS (FS#347)
The priv->vlan_id member is of size AR8X16_MAX_VLANS, not AR8X16_MAX_PORTS,
so check for the proper maximum value in order to avoid capping valid VLAN IDs
to 7 (AR8X16_MAX_PORTS - 1).
Felix Fietkau [Thu, 22 Dec 2016 15:43:07 +0000 (16:43 +0100)]
uhttpd: drop uhttpd-mod-tls, it has been useless for years
Before the rewrite, uhttpd-mod-tls used to contain a tls plugin.
Afterwards it was left in for compatibility reasons, but given how much
has changed, and that we're about to change the default SSL
implementation again, it's better to just drop this now
Felix Fietkau [Wed, 21 Dec 2016 15:39:56 +0000 (16:39 +0100)]
build: add defaults for PKG_SOURCE, PKG_SOURCE_SUBDIR, PKG_VERSION
This makes it easier to unify versioning of git based package downloads.
PKG_SOURCE_DATE along with an 8-character abbreviation of the git hash
is used as PKG_VERSION, PKG_RELEASE should be used like normal packages.
Pavel Kubelun [Tue, 20 Dec 2016 08:39:00 +0000 (11:39 +0300)]
ath10k-firmware: update qca9984 firmware
A new firmware that is available on code-aurora repository is newer
than in Kvalo's repo.
Taking into account that firmwares that are in Kvalo's repo are considered
to be tested by internal QCA team, this one seems to be more stable
and fixes this bug:
ath10k_pci 0000:01:00.0: received unexpected tx_fetch_ind event: in
push mode
At least i havent faced it for a while in contradiction to current version.
Thus switching firmware source for qca9984 until it or a newer version
gets into Kvalo's repo.
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
gettext-full: enforce only static lib on the host build
Sometimes I'm getting error on the host-side build:
```
/usr/lib64/gcc/x86_64-suse-linux/4.8/../../../../x86_64-suse-linux/bin/ld: /home/sandu/work/lede/staging_dir/host/lib/liblzma.a(liblzma_la-common.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC
/home/sandu/work/lede/staging_dir/host/lib/liblzma.a: error adding symbols: Bad value
collect2: error: ld returned 1 exit status
Makefile:2847: recipe for target 'libgettextlib.la' failed
make[9]: *** [libgettextlib.la] Error 1
make[9]: Leaving directory '/home/sandu/work/lede/build_dir/target-x86_64_musl-1.1.15/host/gettext-0.19.8.1/gettext-tools/gnulib-lib'
Makefile:2597: recipe for target 'all' failed
```
Disabling the shared-lib build, seems to fix this.
This is when building glib2 on the host-side.
glib2 is required by newer QEMU package [which is in the feeds].
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Tedaz [Tue, 20 Dec 2016 08:56:33 +0000 (16:56 +0800)]
x86/64: enable Hyper-V support in the x86_64 kernel config
Enabled Hyper-V network interface card driver, display adapter driver,
storage driver, keyboard driver, mouse driver and Hyper-V utility and
EFI boot support in the kernel for subtarget x86/64.
Convert the img file to vhd by Ubuntu qemu-img, rather than by the buildroot's
built-in qemu-img.
Tested on Windows Server 2008 r2 and 2012 r2 Gen1 and Gen2 VMs.
Magnus Kroken [Sat, 10 Dec 2016 11:11:33 +0000 (12:11 +0100)]
openvpn: update to 2.4_rc2
OpenVPN 2.4 builds with mbedTLS 2.x, rename openvpn-polarssl
variant to openvpn-mbedtls.
Some feature highlights:
* Data channel cipher negotiation
* AEAD cipher support for data channel encryption (currently only
* AES-GCM)
* ECDH key exchange for control channel
* LZ4 compression support
See https://github.com/OpenVPN/openvpn/blob/master/Changes.rst
for additional change notes.
projects / thirdparty / openwrt.git / log
