Commit Graph

40144 Commits

Author SHA1 Message Date
Jo-Philipp Wich
8a57531855 hostapd: set group_mgmt_cipher when ieee80211w is enabled
In order to properly support 802.11w, hostapd needs to advertise a group
management cipher when negotiating associations.

Introduce a new per-wifi-iface option "ieee80211w_mgmt_cipher" which
defaults to the standard AES-128-CMAC cipher and always emit a
"group_mgmt_cipher" setting in native hostapd config when 802.11w is
enabled.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-07 12:33:47 +01:00
Kevin Darbyshire-Bryant
b153dbf046 argp-standalone: clean up patch fuzz
Refresh patches to tidy up fuzz.  No functional changes

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-05 11:59:59 +01:00
Kevin Darbyshire-Bryant
4e800716ac lua: clean up patch fuzz
Refresh patches to tidy up fuzz.  No functional changes

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-05 10:42:34 +01:00
Kevin Darbyshire-Bryant
b61a648e4a busybox: clean up patch fuzz
Refresh patches to tidy up fuzz.  No functional changes

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-05 10:35:51 +01:00
Mathias Kresin
d726187367 lantiq: fix wbmr-hp-g300h image metadata
The Annex A and Annex B version are using the same (old) userspace
boardname. Update the SUPPORTED_DEVICES to allow an update from lede-17.01.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-01-04 21:23:59 +01:00
Matthias Schiffer
0b28cc56d4
scripts/package-metadata.pl: remove broken detection of self-dependencies
A self-dependency is not an error worth a warning; rather, it is very
common: whenever there are dependencies between different binary packages
originating from the same source package, such dependencies occur. Not
actually generating dependency rules is correct, but already handled a few
lines below.

A typo prevented this redundant rule from working, which is the reason the
warning was not actually printed.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-01-04 17:18:16 +01:00
Jo-Philipp Wich
da95c9aa17 opkg: switch source url to git.openwrt.org
As LEDE is rebranding to OpenWrt now, adjust the Git source references
accordingly.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-04 13:44:42 +01:00
Jo-Philipp Wich
f839ad685b sdk: switch base feed url to git.openwrt.org
As LEDE is rebranding to OpenWrt now, adjust the base feed Git reference
accordingly.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-04 13:44:42 +01:00
Philip Prindeville
d280c03a1d x86: preinit: use board_name on Sm Super Servers
Supermicro puts "Super Server" into their product_name DMI value
for a whole slew of products, making this value about as useful
as not having been filled in at all.  Instead, fall back on the
board_name instead.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2018-01-04 13:44:42 +01:00
Philip Prindeville
445f980a38 x86: preinit: make name rewrite into reusable function
There might be other places (such as vendor-supplied preinit scripts)
where we wish to take a DMI name and clean it up in a consistent way,
so make the sed command into a function.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2018-01-04 13:44:42 +01:00
Hans Dedecker
6c76decd61 netifd: update to latest git HEAD
fd5c399 proto: allow dumping protocol handlers without config_params

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-01-04 09:49:45 +01:00
Stijn Tintel
09ae6897f7 merge: github: use OpenWrt in issue/pr templates
Keep the link to submitting patches for now.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-03 20:36:57 +01:00
Stijn Tintel
c5ca1c9ab6 kernel: bump 4.14 to 4.14.11
Rename unwinder config symbols to match upstream changes.
Refresh patches.
Update patch that no longer applies: 202-reduce_module_size.patch

Also enable CONFIG_PAGE_TABLE_ISOLATION. This feature was backported
from 4.15 to the 4.14 stable series. It is enabled by default, so enable
it in OpenWrt as well.

Compile-tested on x86/64.
Runtime-tested on x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-03 00:07:10 +02:00
Stijn Tintel
8b35da1552 kernel: move CONFIG_KASAN to generic config
While bumping 4.14, the kernel build failed due to missing CONFIG_KASAN
symbol. Move it to generic config instead of defining it for all arm64
and x86/64 targets.

It was only added in 4.0, so not needed in config-3.18.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-02 21:55:46 +02:00
Tony Ambardar
a367645f23 uci: add missing 'option' support to uci_rename()
When using the uci.sh wrapper, allow parameters to match those supported
by the uci binary i.e. "uci rename <config>.<section>[.<option>]=<name>".

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2018-01-02 17:22:19 +01:00
Daniel Engberg
cbe71649bc package/libs/zlib: Add host build
Some packages such as Python/Python3 (host pip/pip3) needs this
to compile.

More detailed explanation provided by Alexandru:

"i need the zlib/host for Python/Python3 ; because, it seems the
host pip/pip3 needs this to work ; i suspect in older versions
this worked, because some of the host's build env would be used
in the build, and then the zlib-dev from the host distro would
be used ; now, the host-build does not seem to have any
-I/usr/include stuff, which is good

and it also seems that Python/Python3 does not like it if the
zlib-dev package is too old, so using this zlib/host would be
good for this as well"

Source:
https://github.com/lede-project/source/pull/1329#issuecomment-351055861

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-01-02 17:11:12 +01:00
Daniel Engberg
0dd439141d package/libs/zlib: Add option for O3 optimization
Add option to use O3 optimization as not all devices have
space constraints. This option is default using GCC in upstream
but isn't in the CMake makefile for some reason.

Source: https://github.com/madler/zlib/blob/master/configure#L170

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-01-02 17:11:12 +01:00
Daniel Engberg
3acecba520 package/libs/zlib: Add ARM and NEON optimizations
This adds two optimizations for ARM:
NEON optimized Adler(-)32 checksum algorithm (ARMv7 and newer NEON CPUs)
ARM(v7+) specific optimization for inflate
I've also connected inflate optimization to the build using the following
source as template.
0397489124 (diff-a62ad2db6c83dbc205d34bb9a8884f16)

Additional info:
https://codereview.chromium.org/2676493007/
https://codereview.chromium.org/2722063002/

Sources:
https://github.com/madler/zlib/pull/251 (only the first commit)
https://github.com/madler/zlib/pull/256

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-01-02 17:11:12 +01:00
Daniel Engberg
383e8aeec7 package/libs/zlib: Use toolchain build logic
Use build logic provided by toolchain instead of doing it manually.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-01-02 17:11:12 +01:00
Kevin Darbyshire-Bryant
37bb463daa procd: procd_send_signal use signal names
Usage documentation for 'procd_send_signal' states "The signal is SIGHUP
by default, and must be specified by NAME."  Make actual behaviour match
the stated documented behaviour.

https://wiki.openwrt.org/inbox/procd-init-scripts

Suggested-by: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-02 17:02:44 +01:00
John Crispin
3804f5743d procd: update to latest git HEAD
a5954cf procd: Add %m to several functions that return errno.
810d7a5 procd: Remove redundant errno variable in several printf functions.
fa5ce1c procd: Replace strerror(errno) with %m.

Signed-off-by: John Crispin <john@phrozen.org>
2018-01-02 14:29:12 +01:00
John Crispin
25302c0a08 umdns: update to latest git HEAD
7897441 umdnsd: Replace strerror(errno) with %m.

Signed-off-by: John Crispin <john@phrozen.org>
2018-01-02 14:29:12 +01:00
Daniel Albers
d30c0f4d50 kernel: make uas work during early boot
Add the uas(p) module to the modules loaded early on the boot process.

The uas(p) is an modern alternative, which is used by the modern USB3
storage cases, compared to the bot protocol. To be able to use uas(p)
storage cases for extroot, the kernel module has to be loaded before the
search for extroot has been called. This patch changes the load order to
support uas(p) storage cases for extroot.

Signed-off-by: Daniel Albers <daniel.albers@public-files.de>
2018-01-02 14:29:04 +01:00
John Crispin
16ed8ac8e9 fstools: update to latest git HEAD
11efbf3 overlay: fix race condition when switching to jffs2
bdeb95a libblkid-tiny: add support for NTFS superblock
ef2cc03 fstools: Replace strerror(errno) with %m format.
98fd5b4 libblkid-tiny: add support for UBI superblock

Signed-off-by: John Crispin <john@phrozen.org>
2018-01-02 07:57:22 +01:00
Roman Yeryomin
8b477d09d1 base-files: protect stop and reload actions with procd_lock
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Andrejs Hanins <ahanins@gmail.com>
2018-01-02 07:52:57 +01:00
Roman Yeryomin
e410f785a4 procd: introduce procd_lock for init script protection
Use flock to protect init script from concurrent execution
(of the same script).
Important for services which generate native config files.

Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Andrejs Hanins <ahanins@gmail.com>
2018-01-02 07:52:27 +01:00
Roman Yeryomin
2277cd1249 busybox: enable flock by default
This is needed for procd init script protection to work.
flock adds 4248 bytes to stripped busybox binary.

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2018-01-02 07:51:39 +01:00
Hauke Mehrtens
597de6904c layerscape: activate fpu feature
The CPU sub type was set to a CPU version with FPU, but the FPU feature
was not activated before, so a soft float toolchain was created.
Activate also the FPU feature to create the correct toolchain.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-01-02 07:24:46 +01:00
Hauke Mehrtens
01cc6bd495 at91: sama5: activate fpu
This activates neon and VFPv4 support for this target. The CPU support
these feature so also use them.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-01-02 07:14:09 +01:00
Michael Heimpold
498285922e firmware-tools/ptgen: use portable exit codes
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2018-01-02 07:14:09 +01:00
Michael Heimpold
83f729dfb2 firmware-tools/ptgen: fix minor coding style issues
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2018-01-02 07:14:09 +01:00
Kevin Darbyshire-Bryant
4b275baf91 kernel: bump 4.9 to 4.9.73
Refresh patches.

Runtime tested: ar71xx - Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-02 07:14:09 +01:00
John Crispin
7c0a2bc930 busybox: backport cve-2017-16544 fix
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2,
the tab autocomplete feature of the shell, used to get a list of filenames
in a directory, does not sanitize filenames and results in executing any
escape sequence in the terminal. This could potentially result in code
execution, arbitrary file writes, or other attacks.

Fixes: FS#1181 - CVE-2017-16544:

Backport the patch from:
https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8
https://nvd.nist.gov/vuln/detail/CVE-2017-16544

Signed-off-by: Derek Werthmuller <thewerthfam@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
2018-01-02 07:14:08 +01:00
Roman Yeryomin
0b1fa809d0 base-files: rc.common: fix enable() return code and logic
In current state, if there is START but no STOP, enbale()
will return 1 (failure), which is wrong.
Moreover there is no need to check for START/STOP twice.
Instead, add err variable to save success state and
and return it's value.
Also eliminate the need to disable() by using 'ln -sf',
which will first delete the old symlink if one exists.

Changes from v1:
- fixed description

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2018-01-02 07:14:08 +01:00
John Crispin
b153745bfb procd: update to latest git HEAD
7aad940 procd: initd: fix path allocation in early_insmod
006c19c procd: Remove unnecessary memset calls.

Signed-off-by: John Crispin <john@phrozen.org>
2018-01-02 07:14:08 +01:00
Jo-Philipp Wich
ab703bf174 uci: bump to git HEAD version
5beb95d lua: additionally return name when looking up sections
ff33bb2 lua: support extended section notation

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-01 16:42:29 +01:00
Hauke Mehrtens
9f626501cb nftables: fix sha256sum
The mirror was delivering a file with a different hash.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-31 18:46:13 +01:00
Kabuli Chana
d0a14c1cd9 mwlwifi: update to version 10.3.4.0 / 2017-12-14
Lastest stamped version

Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
2017-12-31 18:46:13 +01:00
Kevin Darbyshire-Bryant
7aa15953e1 kmod-sched-cake: bump to latest bake
Fix overhead accounting error introduced by f33c4d6 refactor
cake_advance_shaper and ack_filter

Symptoms were links running under rate.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-30 14:17:34 +01:00
Rafał Miłecki
3267ce750e bcm53xx: use iflag=skip_bytes for dd command during sysupgrade
Since BusyBox 1.25.0 dd command supports iflag=skip_bytes which allows
skipping requested amount of bytes without reducing blocksize. Thanks to
this we can leave default blocksize and let dd work more efficiently.

On Netgear R6250 "dd skip=58 iflag=skip_bytes" can be 5 times faster
than "dd bs=58 skip=1" when extracting TRX out of CHK.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-12-29 23:18:45 +01:00
Rafał Miłecki
612a93564c brcm47xx: image: build firmware for Asus WL-500g Deluxe
It's a device based on BCM5365P (0x5365 package 0x00). This SoC has
USB 1.1 controller but device has two USB 2.0 parts. They are handled by
PCI-based controllers: 1106:3038 UHCI and 1106:3104 EHCI.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-12-29 23:18:19 +01:00
Rafał Miłecki
fea884ff51 bcm53xx: add early support for kernel 4.14
Don't switch to it by default yet as it requires more testing.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-12-29 23:15:32 +01:00
Mathias Kresin
4dd51788dd ramips: fix Omega2 compatible string
Change the compatibel from Omega to Omega2 and add the compatible string
where missing.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-12-29 22:32:34 +01:00
Mathias Kresin
76d735d189 ramips: fix widora neo diag led
The diag LED is named widora🍊wifi and can't be derived from the
boardname.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-12-29 22:32:34 +01:00
Thomas Nixon
9fc9fbeb97 lantiq: fix dts compatible string
This was broken in 7bab49fd ("lantiq: add compatible strings to dts
files"), causing for the dm200 garbled serial output during boot, and
likely other issues.

Signed-off-by: Thomas Nixon <tom@tomn.co.uk>
[fix the compat string of the P2601HNFX as well]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-12-29 22:32:26 +01:00
rektide de la faye
0f72690a2d iptables: fix nftables compile issue (FS#711)
Enabling IPTABLES_NFTABLES resulted in an error during build:#
*** No rule to make target '../extensions/libext.a',
needed by 'xtables-compat-multi'."

Comments from Alexander Lochmann and Fedor Konstantinov in FS#711
provided fixes for this build error, allowing iptables to compile.
https://bugs.lede-project.org/index.php?do=details&task_id=711.

This commit updates the Makefile.am xtables_compat_multi_LDFLAGS
and _LDADD, moving linking of extensions to LDFLAGS.

Signed-off-by: rektide de la faye <rektide@voodoowarez.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-12-29 18:06:25 +01:00
Rafał Miłecki
6e922a0756 bcm53xx: make USB packages compatible with kernels 4.13+
In kernels 4.13+ modules are located in an extra "broadcom" subdir.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-12-29 17:25:51 +01:00
Matthias Schiffer
302aa793c0
base-files: fix logic when to show failsafe banner
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: 8170f280c4 ("base-files: set FAILSAFE in /etc/profile when
/tmp/.failsafe exists")
2017-12-29 15:58:16 +01:00
Rafał Miłecki
9c312ef628 bcm53xx: add upstream patch fixing SPI controller driver
That patch fixes handling SPI messages with two writing transfers. It's
important when using e.g. by m25p80 driver which uses one transfer for
opcode and another one for data.

Thanks to that fix we can now drop m25p80 workaround patch. It means one
less hack and also a better flash writing performance as there is no
more data buf copying.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-12-29 15:31:22 +01:00
Vittorio Gambaletta
d40a358136
ag71xx: Fix rx ring buffer stall on small packets flood on qca956x and qca953x.
Backported from Code Aurora QSDK

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
2017-12-29 15:17:07 +01:00