Stijn Tintel [Fri, 2 Mar 2018 10:14:11 +0000 (11:14 +0100)]
firewall: bump to git HEAD
392811a ubus: let fw3_ubus_address() return the number of resolved addresses 359adcf options: emit an empty address item when resolving networks fails 503db4a zones: disable masq when resolving of all masq_src or masq_dest items failed f50a524 helpers: implement explicit CT helper assignment support a3ef503 zones: allow per-table log control 8ef12cb iptables: fix possible NULL pointer access on constructing rule masks
base-files: tune fragment queue thresholds for available system memory
The default fragment low/high thresholds are 3 and 4 MB. On devices with
only 32MB RAM, these settings may lead to OOM when many fragments that
cannot be reassembled are received. Decrease fragment low/high thresholds
to 384 and 512 kB on devices with less than 64 MB RAM.
imagebuilder: reuse rootfs preparation from rootfs.mk
In addition to removing redundant code, this fixes various issues in
IB-generated images that have been fixed in prepare_rootfs before,
including better handling of CONFIG_CLEAN_IPKG and enabling of initscripts
from FILES.
We also reuse the opkg macro and remove --force-... flags that have been
removed from rootfs.mk as well.
include/rootfs.mk: retain list of conffiles with CONFIG_CLEAN_IPKG
/usr/lib/opkg/status must not be removed completely, otherwise the
packages' conffile lists will be missing. Replace it with a reduced version
only containing the conffile entries.
7c0d711 version: bump snapshot b6a5cc0 contrib: add extract-handshakes kprobe example 37dc953 wg-quick: if resolvconf/run/iface exists, use it 1f9be19 wg-quick: if resolvconf/interface-order exists, use it 4d2d395 noise: align static_identity keys 14395d2 compat: use correct -include path 38c6d8f noise: fix function prototype 302d0c0 global: in gnu code, use un-underscored asm ff4e06b messages: MESSAGE_TOTAL is unused ea81962 crypto: read only after init e35f409 Kconfig: require DST_CACHE explicitly 9d5baf7 Revert "contrib: keygen-html: rewrite in pure javascript" 6e09a46 contrib: keygen-html: rewrite in pure javascript e0af0f4 compat: workaround netlink refcount bug ec65415 contrib: embedded-wg-library: add key generation functions 06099b8 allowedips: fix comment style ce04251 contrib: embedded-wg-library: add ability to add and del interfaces 7403191 queueing: skb_reset: mark as xnet
Changes:
* queueing: skb_reset: mark as xnet
This allows cgroups to classify packets.
* contrib: embedded-wg-library: add ability to add and del interfaces
* contrib: embedded-wg-library: add key generation functions
The embeddable library gains a few extra tricks, for people implementing
plugins for various network managers.
* crypto: read only after init
* allowedips: fix comment style
* messages: MESSAGE_TOTAL is unused
* global: in gnu code, use un-underscored asm
* noise: fix function prototype
Small cleanups.
* compat: workaround netlink refcount bug
An upstream refcounting bug meant that in certain situations it became
impossible to unload the module. So, we work around it in the compat code. The
problem has been fixed in 4.16.
* contrib: keygen-html: rewrite in pure javascript
* Revert "contrib: keygen-html: rewrite in pure javascript"
We nearly moved away from emscripten'ing the fiat32 code, but the resultant
floating point javascript was just too terrifying.
* Kconfig: require DST_CACHE explicitly
Required for certain frankenkernels.
* compat: use correct -include path
Fixes certain out-of-tree build systems.
* noise: align static_identity keys
Gives us better alignment of private keys.
* wg-quick: if resolvconf/interface-order exists, use it
* wg-quick: if resolvconf/run/iface exists, use it
Better compatibility with Debian's resolvconf.
* contrib: add extract-handshakes kprobe example
Small utility for extracting ephemeral key data from the kernel's memory.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (git log --oneline description)
Hans Dedecker [Mon, 5 Mar 2018 09:23:09 +0000 (10:23 +0100)]
nghttp2: bump to 1.31.0
6e744662 Update bash_completion 478eac09 Update manual pages 88e2029e Bump up version number to 1.31.0, LT revision to 30:0:16 45d76cf5 nghttpx: Close listening socket on graceful shutdown 54573f28 Merge pull request #1137 from nghttp2/session-set-user-data 17793e99 Add nghttp2_session_set_user_data() public API function 5eac3c90 Update manual pages e70195ae nghttpx: Update doc fe51e7fa Merge pull request #1130 from nghttp2/avoid-inet_pton-macro eb951c2c src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro 39f0ce7c Merge pull request #1126 from nghttp2/nghttpx-expired-client-cert 65157811 Merge pull request #1123 from nghttp2/mruby-client-cert-not-before-after e8af7afc nghttpx: Add an option to accept expired client certificate 38abfd18 nghttpx: Add mruby tls_client_not_before, and tls_client_not_after ff3edc09 nghttpx: Fix potential memory leak 0bb15406 Bump up version number to 1.31.0-DEV
Hauke Mehrtens [Sat, 3 Mar 2018 00:21:08 +0000 (01:21 +0100)]
lantiq: Deactivate ASLR support for some applications
The lantiq components still leak some user space linker options into the
kernel space. This breaks with build when ASLR is activated, deactivate
it for now on these packages.
Hauke Mehrtens [Fri, 2 Mar 2018 23:20:43 +0000 (00:20 +0100)]
lantiq: ltq-ifxos: activate build with mips16
The build process does not leak the user space cflags into the kernel
build process any more, this allows to activate MIPS16 builds.
This was fixed with some update of ifxos.
This decreases size of the libifxos.a and the ltq-vdsl-app
old:
78320 libifxos.a
44383 ltq-vdsl-app_4.17.18.6-2_mips_24kc.ipk
Stijn Segers [Wed, 28 Feb 2018 21:53:37 +0000 (22:53 +0100)]
kernel: bump 4.14 to 4.14.23
This patch bumps the 4.14 kernel to .23.
- Refreshed patches.
- Deleted bcm53xx/patches-4.14/089-PCI-iproc-Fix-NULL-pointer-dereference-for-BCMA.patch. Has been accepted upstream.
- Deleted generic/pending-4.14/821-usb-Remove-annoying-warning-about-bogus-URB.patch. The upstream URB code was changed,
the patch no longer applies. I discussed this with the patch author and removed it for now, we'll see how it goes.
Compile-tested on: ramips/mt7621, x86/64
Run-tested on: ramips/mt7621, x86/64
mvebu: rename clearfog sysupgrade script and functions
Cosmetic name change of ClearFog sysupgrade script and its functions to
more generic sdcard. This way it won't be confusing for other future
device additions.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
mvebu: fix partition type and signature for sdcard
Previously the partition signature was assigned from provided type. Now
both are corrected wherein signature is always generated from
SOURCE_DATE_EPOCH. With that the root file system can be identified
by PARTUUID string, without relying on static declaration of device node.
This commit also does some cosmetics, removing trailing whitespace and
replacing spaces with tab.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
mvebu: remove redefinition of image name for clearfog
The IMAGE_NAME redefinition causes overwriting of generated SD card
image when multiple root file system types are selected. In result only
single SD card image is generated. This commit fixes this behaviour.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Josua Mayer [Thu, 19 Oct 2017 07:22:11 +0000 (09:22 +0200)]
mvebu: clearfog: use partition uuid for root= bootarg
U-Boot already knows where it found the boot.scr, and
figuring out the partition UUID becomes trivial at this point.
This change allows booting OpenWrt from whatever storage it has been
flashed to: SD card, eMMC, USB disk or SATA disk.
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
[replace lede with openwrt, redact commit message] Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Hauke Mehrtens [Sun, 18 Feb 2018 17:57:02 +0000 (18:57 +0100)]
mvebu: activate more workarounds for ARM erratas
The Armada XP uses a Marvell PJ4Bv7 Processor for which already one
workaround for an errata is activated.
The Armada 285 uses a Cortex A9 r4p1 for which the Linux kernel provides
a workaround for ERRATA_764369, activate this.
Hans Dedecker [Fri, 2 Mar 2018 13:28:43 +0000 (14:28 +0100)]
gre: squash grev4 and grev6 packages into gre (FS#1399)
The split-up into packages gre, grev4 and grev6 causes confusion for the
users as reported in FS#1399.
As IPv4 and IPv6 are considered now as bundled; squash the grev4 and grev6
packages into the gre package and let gre provide both grev4 and grev6.
Hans Dedecker [Thu, 1 Mar 2018 17:38:55 +0000 (18:38 +0100)]
netifd: add udhcpc link check to dhcp shell handler script
Fixes the assumption the busybox udhcpc applet is always enabled; in case
the symbolic link check fails the DHCP shell handler script will exit and
as result the DHCP protocol handler will not be registered in netifd.
Rafał Miłecki [Thu, 1 Mar 2018 11:32:07 +0000 (12:32 +0100)]
mac80211: rename patches accepted upstream
This is to simplify maintenance. It's easy to say now which patches need
some extra work and/or sending upstream. Updating to newer backports
should be also simpler with this.
Felix Fietkau [Wed, 28 Feb 2018 20:10:32 +0000 (21:10 +0100)]
Revert "ath: do not apply broken power limits with ATH_USER_REGD"
This reverts commit 79a768a90fa94c0a38c9def1992cc974c091e286.
Some devices can go over their power limits with this commit, so this
needs to be handled on a case by case basis instead
Rafał Miłecki [Tue, 27 Feb 2018 15:44:25 +0000 (16:44 +0100)]
base-files: fix off-by-one in counting seconds for factory reset
There was a mismatch between indicating factory reset and code actually
starting it. After 5 seconds status LED started blinking rapidly letting
user know it's ready to release reset button. In practice button had to
stay pressed for another second in order to relly start the process.
Felix Fietkau [Mon, 26 Feb 2018 11:30:28 +0000 (12:30 +0100)]
netifd: update to the latest version, rewrite RPS/XPS handling
Remove RPS/XPS support from netifd core, move the logic to a hotplug
script that uses a different policy which provides better performance
and more fairness across flows
Rosen Penev [Wed, 7 Feb 2018 21:57:30 +0000 (13:57 -0800)]
ag71xx: Move timestamp struct member outside of struct.
With this change, the timestamp variable is only used in ag71xx_check_dma_stuck. Small tx speedup.
Based on a Qualcomm commit. ag->timestamp = jiffies was not replaced with netif_trans_update(dev) because of this quote:
It should be noted that after this series several instances
of netif_trans_update() are useless (if they occur in
.ndo_start_xmit and driver doesn't set LLTX flag -- stack already
did an update).
Felix Fietkau [Tue, 27 Feb 2018 14:09:43 +0000 (15:09 +0100)]
ramips: fix spurious IRQ7 events when using perf on 4.14
Upstream handling of MIPS CPU IRQs is rather hackish and the interrupts
are being enabled unconditionally in various places because of legacy
code.
Performance counter events are routed both through the GIC and through
legacy CPU IRQ7 events, causing spurious interrupts.
Fix this by disabling IRQ7 when trying to access the performance counter
IRQ.
Johnny S. Lee [Tue, 30 Jan 2018 17:19:51 +0000 (01:19 +0800)]
mwlwifi: add and use individual firmware packages
As each mvebu device only uses one of the firmwares provided by mwlwifi
package, it makes sense to put them in separate packages and only install
the one that is needed.
Current mwlwifi version's firmware sizes and usages by devices:
88W8864.bin 118776 caiman, mamba, cobra, shelby
88W8897.bin 489932 (none)
88W8964.bin 449420 rango
Changes by this commit:
* indicate in title that mwlwifi also is driver for 88W8897 and 88W8964
* remove mwlwifi package's firmware installation rules
* add 3 new individual firmware packages (all depends on kmod-mwlwifi):
- mwlwifi-firmware-88w8864
- mwlwifi-firmware-88w8897
- mwlwifi-firmware-88w8964
* add firmware package to mvebu devices' DEVICE_PACKAGES accordingly
Signed-off-by: Johnny S. Lee <_@jsl.io>
[Add the used FW files to the PACKAGES of default image] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
/lib/functions.sh can deal with Require-User specifications that only
contain a group, but no user. Adjust metadata.pm to allow such
specifications as well.
Jonas Gorski [Sun, 25 Feb 2018 21:52:41 +0000 (22:52 +0100)]
mvebu: fix SFP insert detection GPIO name on 4.14
When SFP support was accepted upstream, the expected GPIO names were
slightly changed, breaking SFP insert detection. Update the DTS file to
the expected name to make SFP work again.
Fixes: 4ccad922293a ("mvebu: Add support for kernel 4.14") Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
perf: restrict libunwind dependency to archs that actually support libunwind
Allow building perf on uncommon targets again.
Depending on the kernel version, not all of these archs will actually use
libunwind in perf. Still, it seems simpler and less error-prone to use the
same list that is defined in the libunwind package.
projects / thirdparty / openwrt.git / log
