openwrt/staging/blocktrron.git
6 years agokernel: adjust bridge port isolate patch to match upstream attribute naming
Felix Fietkau [Wed, 4 Jul 2018 17:49:32 +0000 (19:49 +0200)]
kernel: adjust bridge port isolate patch to match upstream attribute naming

Newer kernels have a patch that implements compatible functionality
directly. Adjust the attribute of our own patch in preparation for
dropping it later

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agoprocd: update to the latest version, fixes gcc 8 build error
Felix Fietkau [Thu, 5 Jul 2018 09:16:13 +0000 (11:16 +0200)]
procd: update to the latest version, fixes gcc 8 build error

a0372ac procd: increase watchdog fd_buf storage size to fix gcc8 build error

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agomac80211: Expose support for ath9k Dynack
Koen Vandeputte [Mon, 2 Jul 2018 08:23:44 +0000 (10:23 +0200)]
mac80211: Expose support for ath9k Dynack

Enables support for Dynack feature.

When a remote station is far away, we need to compensate for the distance
by allowing more time for an ACK to arrive back before issueing a retransmission.
Currently, it needs to be set fixed to indicate the maximum distance the remote
station will ever be.

While this mostly works for static antennae, it introduces 2 issues:
- If the actual distance is less, speed is reduced due to a lot of wates wait-time
- If the distance becomes greater, retries start to occur and comms can get lost.

Allowing to set it dynamically using dynack ensures the best possible tradeoff
between speed vs distance.

This feature is currently only supported in ath9k.
it is also disabled by default.

Enabling it can be done in 2 ways:
- issue cmd:  iw phy0 set distance auto
- sending the NL80211_ATTR_WIPHY_DYN_ACK flag to mac80211 driver using netlink

Disabling it can be done by providing a valid fixed value.

To give an idea of a practical example:

In my usecase, we have mesh wifi device installed on ships/platforms.
Currently, the coverage class is set at 12000m fixed.

When a vessel moved closer (ex. 1500m), the measured link capacity was a lot
lower compared to setting the coverage class fixed to 1500m

Dynack completely solved this, nearly providing double the bandwidth at closer range
compared to the fixed setting of 12000m being used.

Also when a vessel sailed to a distance greater than the fixed setting,
communication was lost as the ACK's never arrived within the max allowed timeframe.

Actual distance: 6010m
iperf 60s run avg

Fixed 12150m:  31 Mbit/s
Dynack:        58 Mbit/s

Fixed 6300m:   51 Mbit/s
Dynack:        59 Mbit/s

Fixed 3000m:   13 Mbit/s  (lots of retries)
Dynack:        58 Mbit/s

Actual distance: 1504m
iperf 60s run avg

Fixed 12150m:  31 Mbit/s
Dynack:        86 Mbit/s

Fixed 6300m:   55 Mbit/s
Dynack:        87 Mbit/s

Fixed 3000m:   67 Mbit/s
Dynack:        87 Mbit/s

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: bump 4.14 to 4.14.54
Koen Vandeputte [Tue, 10 Jul 2018 09:52:53 +0000 (11:52 +0200)]
kernel: bump 4.14 to 4.14.54

Rereshed all patches

Reworked patches to match upstream:
335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoqos-scripts: fix indentation
Moritz Warning [Tue, 10 Jul 2018 16:50:30 +0000 (18:50 +0200)]
qos-scripts: fix indentation

Signed-off-by: Moritz Warning <moritzwarning@web.de>
6 years agowireguard: bump to 0.0.20180708
Jason A. Donenfeld [Tue, 10 Jul 2018 19:29:18 +0000 (21:29 +0200)]
wireguard: bump to 0.0.20180708

* device: print daddr not saddr in missing peer error
* receive: style

Debug messages now make sense again.

* wg-quick: android: support excluding applications

Android now supports excluding certain apps (uids) from the tunnel.

* selftest: ratelimiter: improve chance of success via retry
* qemu: bump default kernel version
* qemu: decide debug kernel based on KERNEL_VERSION

Some improvements to our testing infrastructure.

* receive: use NAPI on the receive path

This is a big change that should both improve preemption latency (by not
disabling it unconditionally) and vastly improve rx performance on most
systems by using NAPI. The main purpose of this snapshot is to test out this
technique.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoiproute2: update to 4.17.0
Hans Dedecker [Tue, 10 Jul 2018 10:19:40 +0000 (12:19 +0200)]
iproute2: update to 4.17.0

Update to the latest version of iproute2; see https://lwn.net/Articles/756991/
for a full overview of the changes in 4.17.
Remove upstream patch 002-json_print-fix-hidden-64-bit-type-promotion.
Backport upstream patch 001-rdma-sync-some-IP-headers-with-glibc fixing
rdma compile issue.
At the same time re-organize patch numbering so the OpenWRT specific
patches start at 100.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agohostapd: build with LTO enabled (using jobserver for parallel build)
Felix Fietkau [Tue, 10 Jul 2018 11:48:17 +0000 (13:48 +0200)]
hostapd: build with LTO enabled (using jobserver for parallel build)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agobinutils: remove version 2.27
Felix Fietkau [Tue, 10 Jul 2018 12:21:13 +0000 (14:21 +0200)]
binutils: remove version 2.27

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agobinutils: update to version 2.30, resolves issues with LTO
Felix Fietkau [Tue, 10 Jul 2018 12:20:25 +0000 (14:20 +0200)]
binutils: update to version 2.30, resolves issues with LTO

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agobinutils: backport an upstream fix for a linker bug that triggers with LTO
Felix Fietkau [Tue, 10 Jul 2018 12:19:36 +0000 (14:19 +0200)]
binutils: backport an upstream fix for a linker bug that triggers with LTO

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agokernel: bcm47xxpart: fix getting user-space data partition name
Rafał Miłecki [Tue, 10 Jul 2018 12:02:00 +0000 (14:02 +0200)]
kernel: bcm47xxpart: fix getting user-space data partition name

Partition name is picked by a parser_trx_data_part_name(). It has to
get correct partition offset (taking care of bad blocks) to work
properly.

This fixes UBI support for devices that have kernel flashed on partition
with a bad block.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agonasm: disable LTO, remove host specific workarounds
Felix Fietkau [Tue, 10 Jul 2018 11:08:30 +0000 (13:08 +0200)]
nasm: disable LTO, remove host specific workarounds

The recent build failures on various platforms were apparently caused by
the fact that LTO build support in the configure script does not check
if it has a suitable version of gcc and simply assumes that gcc-ar is
available and can be used for intermediate files.

Since we really don't need to build nasm with LTO, simply disable it and
keep the whole build more portable

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agoodhcpd: update to latest git HEAD
Hans Dedecker [Mon, 9 Jul 2018 07:08:31 +0000 (09:08 +0200)]
odhcpd: update to latest git HEAD

345bba0 dhcpv4: improve error checking in handle_dhcpv4()
c0f6390 odhcpd: Check if open the ioctl socket failed

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agotoolchain/nasm: force ar and ranlib only on macOSX
Hauke Mehrtens [Sun, 8 Jul 2018 10:48:13 +0000 (12:48 +0200)]
toolchain/nasm: force ar and ranlib only on macOSX

On Debian 9 nasm does not build when we force it to use ranlib, for
macOSX this is needed. Only force this on macOSX and not on any other
OS, this should fix the build of nasm on Linux systems. On my Debian
system the nasm configure script selects  gcc-ranlib and gcc-ar instead.

Fixes: d3a7587eb95 ("toolchain/nasm: fix missing AR/RANLIB variables")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agobuild: README punctuation pendantry
Kevin Darbyshire-Bryant [Sun, 8 Jul 2018 10:58:07 +0000 (11:58 +0100)]
build: README punctuation pendantry

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agobuild: Update README & github help
Kevin Darbyshire-Bryant [Sat, 7 Jul 2018 21:23:01 +0000 (22:23 +0100)]
build: Update README & github help

Update README to include Openwrt branding and improve wording.

Point at the Openwrt wiki in .github templates.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agobasefiles: Reword sysupgrade message
Kevin Darbyshire-Bryant [Wed, 4 Jul 2018 16:26:16 +0000 (17:26 +0100)]
basefiles: Reword sysupgrade message

sysupgrade 'upgrade' message more verbose than needs be.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoath79: add support for OCEDO Raccoon
David Bauer [Fri, 6 Jul 2018 16:23:31 +0000 (18:23 +0200)]
ath79: add support for OCEDO Raccoon

This commit adds support for the OCEDO Raccoon

SOC: Atheros AR9344
RAM:    128MB
FLASH:  16MiB
WLAN1:  AR9344 2.4 GHz 802.11bgn 2x2
WLAN2:  AR9382 5 GHz 802.11an 2x2
INPUT:  RESET button
LED:    Power, LAN, WiFi 2.4, WiFi 5
Serial: Header Next to Black metal shield
        Pinout is 3.3V - GND - TX - RX (Arrow Pad is 3.3V)
        The Serial setting is 115200-8-N-1.

NOTE: The U-Boot won't boot with the serial attached.
Boot the device without serial attached and attach it
after 3 seconds.

Tested and working:
 - Ethernet
 - 2.4 GHz WiFi
 - 5 GHz WiFi
 - TFTP boot from ramdisk image
 - Installation via ramdisk image
 - OpenWRT sysupgrade
 - Buttons
 - LEDs

Installation seems to be possible only through booting an OpenWRT
ramdisk image.

Hold down the reset button while powering on the device. It will load a
ramdisk image named 'raccoon-uImage-initramfs-lzma.bin' from 192.168.100.8.

Note: depending on the present software, the device might also try to
pull a file called 'raccoon-uimage-factory'. Only the name differs, it
is still used as a ramdisk image.

Wait for the ramdisk image to boot. OpenWRT can be written to the flash
via sysupgrade or mtd.

Due to the flip-flop bootloader which we not (yet) support, you need to
set the partition the bootloader is selecting. It is possible from the
initramfs image with

 > fw_setenv bootcmd run bootcmd_1

Afterwards you can reboot the device.

Signed-off-by: David Bauer <mail@david-bauer.net>
6 years agokernel: move CONFIG_USB_MTU3 to generic config
Hauke Mehrtens [Sat, 7 Jul 2018 21:49:37 +0000 (23:49 +0200)]
kernel: move CONFIG_USB_MTU3 to generic config

CONFIG_USB_MTU3 is not visible for the mediatek target by default, but
only when CONFIG_USB_GADGET is set. This will config option will be
remove with when running "make kernel_oldconfig", move this option to
the generic config to prevent this.

This fixes the build of the mt7623 subtarget of the mediatek target.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agokernel: disable some DRM_PANEL config options
Hauke Mehrtens [Sat, 7 Jul 2018 21:22:10 +0000 (23:22 +0200)]
kernel: disable some DRM_PANEL config options

The modules should not be build by default.
This fixes the build of the zynq target.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agotoolchain/nasm: Backport GCC8 compatibility fix from upstream repo
Ted Hess [Sat, 7 Jul 2018 20:11:48 +0000 (16:11 -0400)]
toolchain/nasm: Backport GCC8 compatibility fix from upstream repo

Signed-off-by: Ted Hess <thess@kitschensync.net>
6 years agoath79: disable unused drivers for tiny target
Lucian Cristian [Wed, 27 Jun 2018 21:55:36 +0000 (00:55 +0300)]
ath79: disable unused drivers for tiny target

Shrink the tiny kernel by moving all switch and ethernet phy drivers to
the generic kernel config instead of the target kernel config.

All boards in the tiny and nand target are either ar7240 or ar9331 based,
which don't support external xMII and therefore no external ethernet phy
can be connected. None of the boards uses a realtek switch either.

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
6 years agoath79: optimize ath79 tiny target for size
Lucian Cristian [Fri, 6 Jul 2018 14:31:47 +0000 (17:31 +0300)]
ath79: optimize ath79 tiny target for size

the speed impact on tiny target is minimal and worth the size gained

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
6 years agoath79: add support for UniFi AC-Mesh Pro
Christoph Krapp [Mon, 2 Jul 2018 12:39:54 +0000 (14:39 +0200)]
ath79: add support for UniFi AC-Mesh Pro

The Unifi AC-Mesh Pro has identical hardware to the Unifi AC-Pro except
USB support.
Furthermore for setting parameters like antenna gain it is helpful to
know the exact device variant.

Signed-off-by: Christoph Krapp <achterin@googlemail.com>
6 years agoramips: add support for Blueendless Kimax U35WF
Ademar Arvati Filho [Wed, 4 Jul 2018 01:29:36 +0000 (01:29 +0000)]
ramips: add support for Blueendless Kimax U35WF

Blueendless Kimax U35WF is a 3,5" HDD Enclosure with Wi-Fi and Ethernet

Patch rewritten from: https://forum.openwrt.org/viewtopic.php?id=66908
Based on: https://github.com/lede-project/source/pull/965

Specification:
- SoC: MediaTek MT7620N
- CPU/Speed: 580 MHz
- Flash-Chip: KH25L12835F Spi Flash
- Flash size: 16 MiB
- RAM: 64 MiB
- LAN: 1x 100 Mbps Ethernet
- WiFi SoC-integrated: 802.11bgn
- 1x USB 2.0
- UART: for serial console

Installation:
1. Download sysupgrade.bin
2. Open vendor web interface
3. Choose to upgrade firmware
3. After reboot connect via ethernet at 192.168.1.1

Signed-off-by: Ademar Arvati Filho <arvati@hotmail.com>
6 years agoar71xx: factor out safe loader image build code
Mathias Kresin [Thu, 5 Jul 2018 20:34:14 +0000 (22:34 +0200)]
ar71xx: factor out safe loader image build code

Add a template for safeloader images and include it instead of
overwriting variables defined in the common tp-link build commands.

Split the existing tp-link templates to proper implement the safeloader
template.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agoar71xx: drop unnecessary LOADER_TYPE variables
Mathias Kresin [Thu, 5 Jul 2018 20:53:16 +0000 (22:53 +0200)]
ar71xx: drop unnecessary LOADER_TYPE variables

Drop the LOADER_TYPE variables in case no loader is used at all or move
the variable to devices which are using a loader.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agoar71xx: get rid of copy-file
Mathias Kresin [Thu, 5 Jul 2018 20:48:54 +0000 (22:48 +0200)]
ar71xx: get rid of copy-file

Use the provided image build variables to point the kernel-bin build
command to the kernel we are interested in.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agoar71xx: mikrotik: cleanup nand image build code
Mathias Kresin [Wed, 4 Jul 2018 04:39:05 +0000 (06:39 +0200)]
ar71xx: mikrotik: cleanup nand image build code

Use the LOADER_TYPE variable to specify that we need the elf preloader
and append the loader via the corresponding build recipe. It allows to
enable initramfs images again for mikrotik NAND images, which caused a
build error before.

Add the minor header only to the kernel of the sysupgrade images, as it
is only required for the bootloader to find the kernel on flash.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agoramips: add support for I-O DATA WN-AX1167GR
INAGAKI Hiroshi [Wed, 27 Jun 2018 13:47:13 +0000 (22:47 +0900)]
ramips: add support for I-O DATA WN-AX1167GR

I-O DATA WN-AX1167GR is a 2.4/5 GHz band 11ac router, based on
MediaTek MT7621A.

Specification:

- MT7621A (2-Cores, 4-Threads)
- 64 MB of RAM (DDR2)
- 16 MB of Flash (SPI)
- 2T2R 2.4/5 GHz
- 5x 10/100/1000 Mbps Ethernet
- 2x LEDs, 4x keys (2x buttons, 1x slide switch)
- UART header on PCB
  - Vcc, GND, TX, RX from ethernet port side
  - baudrate: 115200 bps (U-Boot, OpenWrt)

Stock firmware:

In the stock firmware, WN-AX1167GR has two os images each composed of
Linux kernel and rootfs.
These images are stored in "Kernel" and "app" partition of the
following partitions, respectively.

(excerpt from dmesg):

MX25L12805D(c2 2018c220) (16384 Kbytes)
mtd .name = raspi, .size = 0x01000000 (16M) .erasesize = 0x00010000 (64K) .numeraseregions = 0
Creating 10 MTD partitions on "raspi":
0x000000000000-0x000001000000 : "ALL"
0x000000000000-0x000000030000 : "Bootloader"
0x000000030000-0x000000040000 : "Config "
0x000000040000-0x000000050000 : "Factory"
0x000000050000-0x000000060000 : "iNIC_rf"
0x000000060000-0x0000007e0000 : "Kernel"
0x000000800000-0x000000f80000 : "app"
0x000000f90000-0x000000fa0000 : "Key"
0x000000fa0000-0x000000fb0000 : "backup"
0x000000fb0000-0x000001000000 : "storage"

The flag for boot partition is stored in "Key" partition, and U-Boot
reads this and determines the partition to boot.

If the image that U-Boot first reads according to the flag is
"Bad Magic Number", U-Boot then tries to boot from the other image.
If the second image is correct, change the flag to the number
corresponding to that image and boot from that image.

(example):

## Booting image at bc800000 ...
Bad Magic Number,FFFFFFFF
Boot from KERNEL 1  !!
## Booting image at bc060000 ...
   Image Name:   MIPS OpenWrt Linux-4.14.50
   Image Type:   MIPS Linux kernel Image (lzma compressed)
   Data Size:    1865917 Bytes = 1.8 MB
   Load Address: 80001000
   Entry Point:  80001000
   Verifying Checksum ... OK
   Uncompressing Kernel Image ... OK
raspi_erase_write: offs:f90000, count:34
.
.
Done!

Starting kernel ...

Flash instruction using factory image:

1. Connect the computer to the LAN port of WN-AX1167GR
2. Connect power cable to WN-AX1167GR and turn on it
3. Access to "192.168.0.1" on the web browser and open firmware
update page ("ファームウェア")
4. Select the OpenWrt factory image and perform firmware update
5. On the initramfs image, execute "mtd erase firmware" to erase stock
firmware and execute sysupgrade with sysupgrade image for WN-AX1167GR
6. Wait ~180 seconds to complete flasing

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
6 years agolibnl: bump to 3.4.0
Konstantin Demin [Thu, 28 Jun 2018 06:21:42 +0000 (09:21 +0300)]
libnl: bump to 3.4.0

refresh patches

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
6 years agouboot-imx: bump to 2018.03 which fixes the build issues with fdt64_t redefinitions
Vladimir Vid [Thu, 26 Apr 2018 15:52:14 +0000 (17:52 +0200)]
uboot-imx: bump to 2018.03 which fixes the build issues with fdt64_t redefinitions

* change mx6qsabresd to mx6qsabres to match defconfig name
* merge wanboard profiles since there is only one defconfig for the target device
* move wanboard options from wandboard.h to defconfig
* remove legacy patches

Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
6 years agomac80211: initialize sinfo in cfg80211_get_station
Sven Eckelmann [Wed, 6 Jun 2018 09:21:53 +0000 (11:21 +0200)]
mac80211: initialize sinfo in cfg80211_get_station

Most of the implementations behind cfg80211_get_station will not initialize
sinfo to zero before manipulating it. For example, the member "filled",
which indicates the filled in parts of this struct, is often only modified
by enabling certain bits in the bitfield while keeping the remaining bits
in their original state. A caller without a preinitialized sinfo.filled can
then no longer decide which parts of sinfo were filled in by
cfg80211_get_station (or actually the underlying implementations).

cfg80211_get_station must therefore take care that sinfo is initialized to
zero. Otherwise, the caller may tries to read information which was not
filled in and which must therefore also be considered uninitialized. In
batadv_v_elp_get_throughput's case, an invalid "random" expected throughput
may be stored for this neighbor and thus the B.A.T.M.A.N V algorithm may
switch to non-optimal neighbors for certain destinations.

Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
6 years agoath10k-ct: search DT for BDF variant info
Sven Eckelmann [Thu, 30 Nov 2017 13:30:06 +0000 (14:30 +0100)]
ath10k-ct: search DT for BDF variant info

Board Data File (BDF) is loaded upon driver boot-up procedure. The right
board data file is identified on QCA4019 using bus, bmi-chip-id and
bmi-board-id.

The problem, however, can occur when the (default) board data file cannot
fulfill the vendor requirements and it is necessary to use a different
board data file.

This problem was solved for SMBIOS by adding a special SMBIOS type 0xF8.
Something similar has to be provided for systems without SMBIOS but with
device trees. No solution was specified by QCA and therefore a new one has
to be found for ath10k.

The device tree requires addition strings to define the variant name

    wifi@a000000 {
     status = "okay";
     qcom,ath10k-calibration-variant = "RT-AC58U";
    };

    wifi@a800000 {
     status = "okay";
     qcom,ath10k-calibration-variant = "RT-AC58U";
    };

This would create the boarddata identifiers for the board-2.bin search

 *  bus=ahb,bmi-chip-id=0,bmi-board-id=16,variant=RT-AC58U
 *  bus=ahb,bmi-chip-id=0,bmi-board-id=17,variant=RT-AC58U

Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
6 years agoconfig: add config option for KERNEL_TASKSTATS
Jeremiah McConnell [Wed, 20 Jun 2018 05:35:08 +0000 (23:35 -0600)]
config: add config option for KERNEL_TASKSTATS

In order for monitoring tools such as atop and htop to track and report
i/o data, kernel support for task statistics and io accounting is
required.

Add a config option to enable building this support in the kernel.

Signed-off-by: Jeremiah McConnell <miah@miah.com>
6 years agombedtls: Activate deterministic ECDSA
Hauke Mehrtens [Sun, 24 Jun 2018 19:27:41 +0000 (21:27 +0200)]
mbedtls: Activate deterministic ECDSA

With deterministic ECDSA the value k needed for the ECDSA signature is
not randomly generated any more, but generated from a hash over the
private key and the message to sign. If the value k used in a ECDSA
signature or the relationship between the two values k used in two
different ECDSA signatures over the same content is know to an attacker
he can derive the private key pretty easily. Using deterministic ECDSA
as defined in the RFC6979 removes this problem by deriving the value k
deterministically from the private key and the content which gets
signed.

The resulting signature is still compatible to signatures generated not
deterministic.

This increases the size of the ipk on mips 24Kc by about 2 KByte.
old:
166.240 libmbedtls_2.11.0-1_mips_24kc.ipk
new:
167.811 libmbedtls_2.11.0-1_mips_24kc.ipk

This does not change the ECDSA performance in a measurable way.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agombedtls: Disable MBEDTLS_SHA256_SMALLER implementation
Daniel Engberg [Sun, 24 Jun 2018 19:19:18 +0000 (21:19 +0200)]
mbedtls: Disable MBEDTLS_SHA256_SMALLER implementation

Disable MBEDTLS_SHA256_SMALLER implementation, not enabled by default in
upstream and reduces performance by quite a bit.

Source: include/mbedtls/config.h

Enable an implementation of SHA-256 that has lower ROM footprint but also
lower performance.

The default implementation is meant to be a reasonnable compromise between
performance and size. This version optimizes more aggressively for size at
the expense of performance. Eg on Cortex-M4 it reduces the size of
mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of
about 30%.

The size of mbedtls increased a little bit:
ipkg for mips_24kc before:
164.382 Bytes
ipkg for mips_24kc after:
166.240 Bytes

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
6 years agombedtls: Update to 2.11.0
Daniel Engberg [Thu, 21 Jun 2018 13:30:30 +0000 (15:30 +0200)]
mbedtls: Update to 2.11.0

Update mbed TLS to 2.11.0

Disable OFB block mode and XTS block cipher mode, added in 2.11.0.
The soVersion of mbedtls changed, bump PKG_RELEASE for packages that use mbedTLS
This is to avoid having a mismatch between packages when upgrading.

The size of mbedtls increased a little bit:
ipkg for mips_24kc before:
163.846 Bytes
ipkg for mips_24kc after:
164.382 Bytes

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
6 years agombedtls: cleanup config patch
Daniel Engberg [Fri, 6 Jul 2018 13:45:06 +0000 (16:45 +0300)]
mbedtls: cleanup config patch

Clean up patch, use "//" consistently.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agosunxi: Enable SD block devices
Daniel Engberg [Fri, 22 Jun 2018 18:55:15 +0000 (20:55 +0200)]
sunxi: Enable SD block devices

USB storage support is however SCSI Disk block device support isn't
meaning that connected devices wont enumerate.
Enable CONFIG_BLK_DEV_SD by default to fix it.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
6 years agobrcm2708: platform.sh: fix tar directory directive
Alexandru Ardelean [Mon, 25 Jun 2018 12:03:04 +0000 (15:03 +0300)]
brcm2708: platform.sh: fix tar directory directive

BusyBox's `tar` command does not support the `--directory` directive, which
is essentially `-C` in short-form option.
BusyBox's `tar` command supports `-C`.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
6 years agolibconfig: update to version 1.7.2
Enrico Mioso [Sun, 1 Jul 2018 20:46:05 +0000 (22:46 +0200)]
libconfig: update to version 1.7.2

The previous link did not work here.

Compile-tested on: bcm47xx
Runtime-tested on: bcm47xx

Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
6 years agokernel: remove DEVMEM and DEVKMEM from target's config
Luis Araneda [Tue, 3 Jul 2018 02:54:11 +0000 (22:54 -0400)]
kernel: remove DEVMEM and DEVKMEM from target's config

These options are handled by generic configuration

Targets that need these options should select KERNEL_DEVMEM
and/or KERNEL_DEVKMEM options on OpenWRT's config

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
6 years agoWDR4900v1 remove dt node for absent hw crypto.
Tim Small [Wed, 4 Jul 2018 13:05:18 +0000 (14:05 +0100)]
WDR4900v1 remove dt node for absent hw crypto.

The WDR4900v1 uses the P1040 SoC, so the device tree pulls in the
definition for the related P1010 SoC.  However, the P1040 lacks the
CAAM/SEC4 hardware crypto accelerator which the P1010 device tree
defines.  If left defined, this causes the CAAM drivers (if present) to
attempt to use the non-existent device, making various crypto-related
operations (e.g. macsec and ipsec) fail.

This commit overrides the incorrect dt node definition in the included
file.

See also:
 - https://bugs.openwrt.org/index.php?do=details&task_id=1262
 - https://community.nxp.com/thread/338432#comment-474107

Signed-off-by: Tim Small <tim@seoss.co.uk>
6 years agoca-certificates: ca-bundle: add symlink for openssl default setting
Yousong Zhou [Thu, 5 Jul 2018 10:51:54 +0000 (18:51 +0800)]
ca-certificates: ca-bundle: add symlink for openssl default setting

OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem.  This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation

Fixes openwrt/packages#6152

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
6 years agokernel: usb: dwc2 DMA alignment fixes
Antti Seppälä [Fri, 6 Jul 2018 06:35:37 +0000 (09:35 +0300)]
kernel: usb: dwc2 DMA alignment fixes

Add two patches submitted for upstream review that significantly improve
the dwc2 driver on openwrt from kernel stability and performance
perspectives.

Fixes: FS#1367
Signed-off-by: Antti Seppälä <a.seppala@gmail.com>
6 years agolinux: update license tag to use correct SPDX tag
Florian Eckert [Fri, 6 Jul 2018 12:31:44 +0000 (14:31 +0200)]
linux: update license tag to use correct SPDX tag

Use SPDX tag.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
6 years agotoolchain/nasm: fix missing AR/RANLIB variables
Felix Fietkau [Sat, 7 Jul 2018 12:50:51 +0000 (14:50 +0200)]
toolchain/nasm: fix missing AR/RANLIB variables

Fixes build on macOS

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agoperf: remove linux 4.4 workarounds
Felix Fietkau [Thu, 5 Jul 2018 13:11:07 +0000 (15:11 +0200)]
perf: remove linux 4.4 workarounds

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agokernel: remove linux 4.4 support
Felix Fietkau [Wed, 4 Jul 2018 17:41:26 +0000 (19:41 +0200)]
kernel: remove linux 4.4 support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agolibubox: update to the latest version
Felix Fietkau [Thu, 7 Jun 2018 13:45:09 +0000 (15:45 +0200)]
libubox: update to the latest version

3c1b33b utils: add const_* byteswapping functions

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agofirmware: amd64-microcode: update to 20180524
Zoltan HERPAI [Sat, 7 Jul 2018 09:44:02 +0000 (11:44 +0200)]
firmware: amd64-microcode: update to 20180524

  * New microcode update packages from AMD upstream:
    + New Microcodes:
      sig 0x00800f12, patch id 0x08001227, 2018-02-09
    + Updated Microcodes:
      sig 0x00600f12, patch id 0x0600063e, 2018-02-07
      sig 0x00600f20, patch id 0x06000852, 2018-02-06
  * Adds Spectre v2 (CVE-2017-5715) microcode-based mitigation support,
    plus other unspecified fixes/updates.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agokmod-sched-cake: bump to latest 20180706
Kevin Darbyshire-Bryant [Sat, 7 Jul 2018 10:05:52 +0000 (11:05 +0100)]
kmod-sched-cake: bump to latest 20180706

Fixes a potential infinite loop bug when in unlimited (ie not using
built in shaper) mode.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agotools/ccache: update to 3.4.2
Hannu Nyman [Fri, 6 Jul 2018 13:45:06 +0000 (16:45 +0300)]
tools/ccache: update to 3.4.2

update version and refresh patch

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
6 years agotools/cmake: update to 3.11.4
Hannu Nyman [Fri, 6 Jul 2018 13:46:33 +0000 (16:46 +0300)]
tools/cmake: update to 3.11.4

Update cmake and refresh patches.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
6 years agotoolchain: Replace YASM with NASM
Ted Hess [Thu, 28 Jun 2018 23:28:02 +0000 (19:28 -0400)]
toolchain: Replace YASM with NASM

Packages libx264 and ffmpeg are built with ASM options on x86 platforms.
The current libx264 version no longer builds with YASM and requires NASM.
ffmpeg 3.x can be built with either YASM or NASM however, furture 4.x versions
will require NASM.

Signed-off-by: Ted Hess <thess@kitschensync.net>
Acked-by: Rosen Penev <rosenp@gmail.com>
6 years agodownload.mk: enable DownloadMethod/github_archive
Yousong Zhou [Fri, 29 Jun 2018 06:40:46 +0000 (14:40 +0800)]
download.mk: enable DownloadMethod/github_archive

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
6 years agoscripts/dl_github_archive.py: rename from download.py
Yousong Zhou [Thu, 28 Jun 2018 10:27:27 +0000 (18:27 +0800)]
scripts/dl_github_archive.py: rename from download.py

 - Make the code more GitHub-specific
 - Requires mirror hash to work with .gitattributes
 - Use different API depending on whether PKG_SOURCE_VERSION is a
   complete commit id or other ref types like tags
 - Fix removing symbolic link
 - pre-clean dir_untar for possible leftovers from previous run

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
6 years agodownload.mk: add more comments
Yousong Zhou [Tue, 3 Jul 2018 08:15:35 +0000 (16:15 +0800)]
download.mk: add more comments

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
6 years agofixup-makefile.pl: fixup when PKG_SOURCE is defined elsewhere
Yousong Zhou [Tue, 3 Jul 2018 07:37:49 +0000 (15:37 +0800)]
fixup-makefile.pl: fixup when PKG_SOURCE is defined elsewhere

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
6 years agoelfutils: bump to 0.173
Luiz Angelo Daros de Luca [Sun, 17 Jun 2018 09:08:51 +0000 (06:08 -0300)]
elfutils: bump to 0.173

- Removed hacks to use standalone argp as upstream now detects it nicely.
- As we are already installing files, use files from PKG_INSTALL_DIR and
  not PKG_BUILD_DIR
- Only changes Makefile.am as PKG_FIXUP:=autoreconf is in use

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
6 years agokernel: bump 4.14 to 4.14.53
Koen Vandeputte [Wed, 4 Jul 2018 09:54:47 +0000 (11:54 +0200)]
kernel: bump 4.14 to 4.14.53

Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: bump 4.9 to 4.9.111
Koen Vandeputte [Wed, 4 Jul 2018 09:54:18 +0000 (11:54 +0200)]
kernel: bump 4.9 to 4.9.111

Refreshed all patches

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoath79: remove bs-partition ro-flag for UniFi AC devices
Christoph Krapp [Tue, 3 Jul 2018 09:06:20 +0000 (11:06 +0200)]
ath79: remove bs-partition ro-flag for UniFi AC devices

This removes the read-only flag from the bs (bootselect) partition
on UniFi AC devices. This allows to correct the indicator from which
partition the device is booting its kernel from.

See also:
 - freifunk-gluon/gluon#1301
 - https://bugs.lede-project.org/index.php?do=details&task_id=662

Signed-off-by: Christoph Krapp <achterin@googlemail.com>
6 years agoath79: swap TP-Link Archer C7 v2 USB port LED and GPIO names
Aleksandr V. Piskunov [Sun, 1 Jul 2018 13:57:22 +0000 (16:57 +0300)]
ath79: swap TP-Link Archer C7 v2 USB port LED and GPIO names

TP-Link Archer C7 v2 USB port LED and GPIO names are in incorrect order,
i.e. in order to match actual user visible labels, usb1 should be usb2,
and vice versa.
This patch swaps LED and GPIO power control node names.

Signed-off-by: Aleksandr V. Piskunov <aleksandr.v.piskunov@gmail.com>
6 years agoath79: drop mv88e6063 switch driver
Mathias Kresin [Mon, 2 Jul 2018 20:18:36 +0000 (22:18 +0200)]
ath79: drop mv88e6063 switch driver

Due do a missing KCONFIG isn't selectable nor enabled in the target
kernel config. Drop it for now and enable/add the driver at the time it
is required.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agoipq806x: fix numbering for Netgear R7800 LAN ports
Aleksandr V. Piskunov [Sun, 1 Jul 2018 13:40:37 +0000 (16:40 +0300)]
ipq806x: fix numbering for Netgear R7800 LAN ports

Netgear R7800 switch LAN ports are numbered backwards in LuCI,
i.e. numbering is not corresponding to the actual physical port labels,
patch fixes that.

Signed-off-by: Aleksandr V. Piskunov <aleksandr.v.piskunov@gmail.com>
[merged with existing board using the same config]
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
6 years agoramips: add support for TL-WA801ND v5
Romain MARIADASSOU [Tue, 26 Jun 2018 23:24:39 +0000 (01:24 +0200)]
ramips: add support for TL-WA801ND v5

Specification:

- System-On-Chip: MediaTek MT7628NN
- CPU/Speed: 580 MHz
- Flash-Chip: ELM Technology GD25Q64
- Flash size: 8192 KiB
- RAM: 64 MiB
- Wireless No1: SoC-integrated: MT7628N 2.4GHz 802.11bgn

Currently the only method to install openwrt for the first time is via
TFTP recovery. After first install you can use regular updates.

Flash instructions:

1) To flash the recovery image, start a TFTP server with IP address
   192.168.0.66 and serve the recovery image named tp_recovery.bin.
2) Connect your device to the LAN port, then press the WPS and Reset
   button and power it up. Keep pressing the WPS/Reset button for
   10 seconds or until the lock LED is lighting up.
   It will try to download the recovery image and flash it.

It can take up to 2-3 minutes to finish. When it reaches 100%, the
router will reboot itself.

Signed-off-by: Romain MARIADASSOU <roms2000@free.fr>
6 years agoramips: add support for ZyXEL Keenetic Extra II
Maxim Anisimov [Sun, 8 Apr 2018 14:04:11 +0000 (17:04 +0300)]
ramips: add support for ZyXEL Keenetic Extra II

Specification:
- System-On-Chip: MT7628N/N
- CPU/Speed: 580 MHz
- Flash-Chip: Winbond w25q256
- Flash size: 32768 KiB
- RAM: 128 MiB
- 5x 10/100 Mbps Ethernet
- 4x external, non-detachable antennas
- UART (J1) header on PCB (57600 8n1)
- Wireless No1 (2T2R): SoC-integrated: MT7628N 2.4GHz 802.11bgn
- Wireless No2 (2T2R): On-board chip: MT7612EN 5GHz 802.11ac
- USB: Yes 1 x 2.0
- 4x LED, 3x button

The device supports dual boot mode. So we use only first half of flash.

Flash instruction:

The only way to flash OpenWrt image is to use
tftp recovery mode in U-Boot:

1. Configure PC with static IP 192.168.1.2/24 and tftp server.
2. Rename "openwrt-ramips-mt76x8-zyxel_keenetic-extra-ii-squashfs-factory.bin"
   to "kextra2_recovery.bin" and place it in tftp server directory.
3. Connect PC with one of LAN ports, press the reset button, power up
   the router and keep button pressed until power led start blinking.
4. Router will download file from server, write it to flash and reboot.

Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
6 years agoramips: move zyimage define to common Makefile
Maxim Anisimov [Thu, 28 Jun 2018 05:26:39 +0000 (08:26 +0300)]
ramips: move zyimage define to common Makefile

Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
6 years agoramips: add support for MikroTik RouterBOARD RBM11g
Tobias Schramm [Mon, 25 Jun 2018 20:51:43 +0000 (22:51 +0200)]
ramips: add support for MikroTik RouterBOARD RBM11g

This commit adds support for the MikroTik RouterBOARD RBM11g.

=Hardware=

The RBM11g is a mt7621 based device featuring one GbE port and one
miniPCIe slot with a sim card socket and USB 2.0.

==Switch==

The single onboard Ethernet port is connected the CPU directly.
The internal switch of the mt7621 SoC is disabled.

==Flash==

The device has one spi nor flash chip. It is a 128 Mbit winbond 25Q128FVS
connected to CS0.

==PCIe==

The board features a single miniPCIe slot. It has a dedicated mini SIM
socket and a USB 2.0 port. Power to the miniPCIe slot is controlled via
GPIO9.

==USB==

There are no external USB ports.

==Power==

The board can accept both, passive PoE and external power via a 2.1 mm
barrel jack (center-positive). The input voltage range is 11-32 V.

==Serial port==

The device does have an onboard UART on an unpopulated header next to the
flash chip:

GND: pin 2
 TX: pin 7
 RX: pin 6

Settings: 115200, 8N1

See below illustration for positioning of the header.

0 = screw hole
* = some pin
T = TX  pin
R = RX  pin
G = GND pin

Pinout:
+---------------
|O
|             __
|            /  \
|            \__/
|
|
|
|               +---+
|               |RAM|
| +--+          |   |
| |**|  <- unpopulated header with UART
| |*T|          +---+
| |R*|        +--------+
| |**|        |        |
| |G*|        |  CPU   |
| +--+        |        |
|    +--+     |        |
|    |  |     +--------+
|    +--+  <- flash chip
|O
|       +-----+
|       |     |
|+--+   |     |
||  |   |     |
+---------------------

=Installation=

To install an OpenWRT image to the device two components must be built:

1. A openwrt initramfs image
2. A openwrt sysupgrade image

===initramfs & sysupgrade image===

Select target devices "Mikrotik RBM11G" in
openwrt menuconfig and build the images. This will create the images
"openwrt-ramips-mt7621-mikrotik_rbm11g-initramfs-kernel.bin" and
"openwrt-ramips-mt7621-mikrotik_rbm11g-squashfs-sysupgrade.bin" in the
output directory.

==Installing==

**Make sure to back up your RouterOS license in case you do ever want to
go back to RouterOS using "/system license output" and back up the
created license file.**

When rebooted the board will try booting via ethernet first. If your
board does not boot via ethernet automatically you will have to attach
to the serial port and set ethernet as boot device within RouterBOOT.

1. Set up a dhcp server that points the bootfile to tftp server serving
   the "openwrt-ramips-mt7621-mikrotik_rbm11g-initramfs-kernel.bin"
   initramfs image
2. Connect to ethernet port on board
3. Power on the board
4. Wait for OpenWrt to boot

Right now OpenWrt will be running with a SSH server listening. Now
OpenWrt must be flashed to the devices flash:

1. Copy "openwrt-ramips-mt7621-mikrotik_rbm11g-squashfs-sysupgrade.bin"
   to the device using scp.
2. Write openwrt to flash using "sysupgrade
   openwrt-ramips-mt7621-mikrotik_rbm11g-squashfs-sysupgrade.bin"

Once the flashing completes the board will reboot. Disconnect from the
devices ethernet port or stop the DHCP/TFTP server to prevent the device
from booting via ethernet again.
The device should now boot straight to OpenWrt.

Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
6 years agolantiq: enlarge AVM Fritz!Box 3370 flash
Michael Kuron [Sun, 1 Jul 2018 08:03:38 +0000 (10:03 +0200)]
lantiq: enlarge AVM Fritz!Box 3370 flash

Increase the available flash memory size in AVM Fritz!Box 3370 by
incorporating the unused extra partitions located after the ubi partition.

Note that users upgrading from a previous OpenWRT version need to
re-install from the boot loader to pick up the new partition layout.

Available flash space for rootfs+overlay increases from 48MB to 124MB.

Reverting to the OEM firmware is still possible (via the recovery utility
provided by AVM) as the OEM firmware appears to reformat the config and
nand-filesystem partitions upon first boot if necessary. The
reserved-kernel and reserved-filesystem partitions are overwritten by the
OEM firmware when installing an update, so their contents do not matter.

Boot loader and device-specific information (MAC addresses, calibration
data, etc.) are not located in NAND flash and remain unharmed by this
changed.

Tested with OEM firmware 06.54 on device with HWRevision 5 and Micron
flash chip.

Signed-off-by: Michael Kuron <m.kuron@gmx.de>
6 years agolantiq: backport stp-xway get callback implementation
Mathias Kresin [Thu, 28 Jun 2018 18:28:19 +0000 (20:28 +0200)]
lantiq: backport stp-xway get callback implementation

To keep the status of a LED connected to the stp during boot, the get
callback is required. If the callback is missing and the LED default
state is set to keep in the devicetree, the gpio led driver errors out
during load.

Fixes: FS#1620
Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agofirmware-utils: tplink-safeloader: add calloc error handling
Hyeonsik Song [Mon, 25 Jun 2018 02:02:43 +0000 (11:02 +0900)]
firmware-utils: tplink-safeloader: add calloc error handling

Signed-off-by: Hyeonsik Song <blogcin@naver.com>
6 years agokernel: fix AT8032 PHY phy id mask
Mathias Kresin [Mon, 2 Jul 2018 20:09:04 +0000 (22:09 +0200)]
kernel: fix AT8032 PHY phy id mask

Don't mask bit 4 of the AT8022 phy id. If bit 4 of the AT8022 phy id
(0x004dd023) is masked, it will match the phy id of the AR8327 switch
(0x004dd033) as well.

It results in applied at803x driver settings/callbacks, which will at
least limit the AR8327 phys to 100MBit operation instead of the possible
1000MBit.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agobuild: ASLR hardening use $(FPIC)
Kevin Darbyshire-Bryant [Sat, 9 Jun 2018 08:11:24 +0000 (09:11 +0100)]
build: ASLR hardening use $(FPIC)

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agotoolchain: gdb: enable TUI
Kevin Darbyshire-Bryant [Mon, 4 Sep 2017 19:20:12 +0000 (20:20 +0100)]
toolchain: gdb: enable TUI

The GDB Text User Interface (TUI) is a terminal interface
which uses the curses library to show the source file,
the assembly output, the program registers and GDB
commands in separate text windows.

In other words it's a friendlier interface for idiots like me!

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agodnsmasq: bump to latest patches on 2.80rc2
Kevin Darbyshire-Bryant [Sun, 3 Jun 2018 03:44:12 +0000 (04:44 +0100)]
dnsmasq: bump to latest patches on 2.80rc2

Refresh patches and backport upstream to current HEAD:

a997ca0 Fix sometimes missing DNSSEC RRs when DNSSEC validation not enabled.
51e4eee Fix address-dependent domains for IPv6.
05ff659 Fix stupid infinite loop introduced by preceding commit.
db0f488 Handle some corner cases in RA contructed interfaces with addresses changing interface.
7dcca6c Warn about the impact of cache-size on performance.
090856c Allow zone transfer in authoritative mode whenever auth-peer is specified.
cc5cc8f Sane error message when pcap file header is wrong.
c488b68 Handle standard and contructed dhcp-ranges on the same interface.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agokmod-sched-cake: bump to latest cake
Kevin Darbyshire-Bryant [Mon, 21 May 2018 19:29:41 +0000 (20:29 +0100)]
kmod-sched-cake: bump to latest cake

This bumps to the latest & possibly greatest cake, sadly it's still
inedible but from an SQM point of view quite tasty :-)

Main tweaks since previous bump, improved ack_filter, some extra stats,
support for 64bit netlink parameters (higher rates/byte counters)

0520a6c Fix NAT option handling
8da93e1 Make sure we always call qdisc_watchdog_init() in cake_init()
f65daf6 Fix mismatched parenthesis
51d4ab3 Change flag handling to be safe even when mixing with non-eligible ACKs
f2ea091 ack_filter: protect DCTCP with stricter filtering of ECE marks
28b4560 ACK filter: Handle wrapping sequence numbers and DSACKs
73f62d9 Use the right PAD attribute for options
5969c14 Use 32 for tin backlog
e289f31 Move all the u64 netlink attributes together
36180a0 Check ACK seqno before parsing SACKs
91bbc01 Merge branch 'mine' into cobalt
58c55ec Rework SACK check to compare the ranges of two SACKs
9a5d593 ack_filter: Add proper handling of SACKs
eca95d4 ack_filter: short-circuit TCP flag check
d50a246 compat: backport some ktime functions
7b7ad11 compat: define tcpopt_fastopen for pre-4.1 kernels
ca54cdb Fix ktime compare
9d7dcc0 ack filter: Parse TCP options and only drop safe ones
b119882 Return EOPNOTSUPP on NAT option if conntrack is not available
842d7f0 Don't try to pad stats with tin_stats padding
bd46dc2 Use 64-bit divide helper
8e41bf0 Make sure we never drop SACKs when filtering ACKs
66e5d60 Avoid comparing ktime_t to scalar values
7fab017 Actually commit the ktime_t changes
fca6d13 Switch to ktime_t and get rid of cobalt.h
6f7e5af Can't use do_div with 64-bit divisors

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoiproute2: tc: update support for cake
Kevin Darbyshire-Bryant [Fri, 18 May 2018 19:57:44 +0000 (20:57 +0100)]
iproute2: tc: update support for cake

Bump iproute2/tc support of cake.

Add support for cake's change to u64 attribute passing for certain
attributes (rate & byte counts)

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agokernel: gen_stats: Fix netlink stats dumping in the presence of padding
Kevin Darbyshire-Bryant [Mon, 2 Jul 2018 17:27:02 +0000 (18:27 +0100)]
kernel: gen_stats: Fix netlink stats dumping in the presence of padding

Backport hot off the press upstream netlink patch.  Fixes stats display
from CAKE qdisc on MIPS allowing us to bump CAKE to latest version.

The gen_stats facility will add a header for the toplevel nlattr of type
TCA_STATS2 that contains all stats added by qdisc callbacks. A reference
to this header is stored in the gnet_dump struct, and when all the
per-qdisc callbacks have finished adding their stats, the length of the
containing header will be adjusted to the right value.

However, on architectures that need padding (i.e., that don't set
CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS), the padding nlattr is added
before the stats, which means that the stored pointer will point to the
padding, and so when the header is fixed up, the result is just a very
big padding nlattr. Because most qdiscs also supply the legacy TCA_STATS
struct, this problem has been mostly invisible, but we exposed it with
the netlink attribute-based statistics in CAKE.

Fix the issue by fixing up the stored pointer if it points to a padding
nlattr.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoramips: limit dictionary size for lzma compression
Felix Fietkau [Tue, 19 Jun 2018 08:06:50 +0000 (10:06 +0200)]
ramips: limit dictionary size for lzma compression

In some cases, recent builds fail to boot from flash with at least some
MT7621 based devices. The error message is:
"LZMA ERROR 1 - must RESET board to recover"
Booting the same kernel via TFTP works for some reason.

Through testing I figured out that limiting the LZMA dictionary size
seems to prevent these errors

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agouhttpd: update to latest Git head
Jo-Philipp Wich [Mon, 2 Jul 2018 06:58:38 +0000 (08:58 +0200)]
uhttpd: update to latest Git head

db86175 lua: honour size argument in recv() function
d3b9560 utils: add uh_htmlescape() helper
8109b95 file: escape strings in HTML output
393b59e proc: expose HTTP Origin header in process environment
796d42b client: flush buffered SSL output when tearing down client ustream

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agoebtables: update to latest git 2018-06-27
Hans Dedecker [Mon, 2 Jul 2018 15:31:03 +0000 (17:31 +0200)]
ebtables: update to latest git 2018-06-27

48cff25 build: drop install -o/-g root
53d7e7a extensions: ebt_string: take action if snprintf discards data

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agotoolchain/glibc: update to latest 2.26 commit
Hans Dedecker [Mon, 2 Jul 2018 12:27:34 +0000 (14:27 +0200)]
toolchain/glibc: update to latest 2.26 commit

74d16a57a3 Check length of ifname before copying it into to ifreq structure.
3aaf8bda00 getifaddrs: Don't return ifa entries with NULL names [BZ #21812]
f958b45d52 Use _STRUCT_TIMESPEC as guard in <bits/types/struct_timespec.h> [BZ #23349]
81b994bd83 Fix parameter type in C++ version of iseqsig (bug 23171)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agobuild: fix target metadata scan dependencies
Felix Fietkau [Mon, 2 Jul 2018 12:23:19 +0000 (14:23 +0200)]
build: fix target metadata scan dependencies

Move SCAN_DEPS to scan.mk to eliminate redundancy with scripts/feeds
Add image/*.mk to SCAN_DEPS for targets to pick up newly added devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agobuild: ensure that iwinfo is selected when building for multiple devices
Felix Fietkau [Mon, 2 Jul 2018 12:19:42 +0000 (14:19 +0200)]
build: ensure that iwinfo is selected when building for multiple devices

extra_packages needs to be added there, like on profiles and target
packages lists

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agofw3: update to latest git HEAD
John Crispin [Mon, 2 Jul 2018 05:20:56 +0000 (07:20 +0200)]
fw3: update to latest git HEAD

72684e5 firewall3: Fix GCC8 warnings by replacing sprintf with snprintf

Signed-off-by: John Crispin <john@phrozen.org>
6 years agozynq: remove config options handled by generic
Luis Araneda [Sat, 30 Jun 2018 07:15:55 +0000 (03:15 -0400)]
zynq: remove config options handled by generic

The options are now handled for all targets by
the generic configuration

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
6 years agosamba36: Disable external libtdb and libtevent
Rosen Penev [Sun, 1 Jul 2018 00:02:52 +0000 (17:02 -0700)]
samba36: Disable external libtdb and libtevent

This was causing issues recently as samba36 is not API compatible with the
libtdb in the packages repo. It shouldn't be using it anyway. Nor tevent.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agousbutils: Switch to Fedora usbutils
Rosen Penev [Sat, 30 Jun 2018 19:25:12 +0000 (12:25 -0700)]
usbutils: Switch to Fedora usbutils

The Gentoo GitHub mirror went down. One benefit of Fedora's usb.ids file
is that it's versioned.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agoath79: add support for TP-Link RE450 v2
Peter Lundkvist [Fri, 29 Jun 2018 03:44:58 +0000 (05:44 +0200)]
ath79: add support for TP-Link RE450 v2

TP-Link RE450 v2 is a dual band router/range-extender
based on Qualcomm/Atheros QCA9563 + QCA9880.

Specification:

- 775 MHz CPU
- 64 MB of RAM (DDR2)
- 8 MB of FLASH (SPI NOR)
- 3T3R 2.4 GHz
- 3T3R 5 GHz
- 1x 10/100/1000 Mbps Ethernet (AR8033 PHY)
- 7x LED, 4x button
- UART header on PCB (needs unmounted R64 & R69 0201 resistors/jumpers)

Flash instruction:
Apply factory image in OEM firmware web-gui.

U-Boot does not seem to have any recovery functions, so
debricking requires connection via UART.

Signed-off-by: Peter Lundkvist <peter.lundkvist@gmail.com>
6 years agokernel: bump 4.14 to 4.14.52
Koen Vandeputte [Wed, 27 Jun 2018 20:21:57 +0000 (22:21 +0200)]
kernel: bump 4.14 to 4.14.52

Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: bump 4.9 to 4.9.110
Koen Vandeputte [Wed, 27 Jun 2018 20:21:56 +0000 (22:21 +0200)]
kernel: bump 4.9 to 4.9.110

Refreshed all patches

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years ago ath79: port TP-Link TL-WR741ND v4 and TL-WR740ND v4
Rocco Folino [Mon, 2 Jul 2018 05:02:56 +0000 (07:02 +0200)]
 ath79: port TP-Link TL-WR741ND v4 and TL-WR740ND v4

This patch ports the TP-Link TL-WR741ND v4 and TL-WR740ND v4 to the
ath79 target.

Because the two devices share the same hw layout, this patch adds a common
.dtsi which is included by the two .dts.

Signed-off-by: Rocco Folino <rocco@folino.io>
6 years agoath79: add pinmux to ar9330
Rocco Folino [Wed, 27 Jun 2018 18:38:27 +0000 (20:38 +0200)]
ath79: add pinmux to ar9330

This patch adds the pinmux support to the ar9330 used to disable the
JTAG or to enable switch LEDs

Signed-off-by: Rocco Folino <rocco@folino.io>
6 years agoramips: fix wizfi630a swapped lan/wan port
Lev [Tue, 26 Jun 2018 22:50:11 +0000 (00:50 +0200)]
ramips: fix wizfi630a swapped lan/wan port

The order of the Ethernet ports were mixed up.
This commit fixes the order to be aligned with the physical layout.

Signed-off-by: Lev <leventelist@gmail.com>
6 years agodownload.mk: restore the old dl_method implementation
Yousong Zhou [Fri, 29 Jun 2018 05:49:34 +0000 (13:49 +0800)]
download.mk: restore the old dl_method implementation

Seems like the python download.py dl_method call causes serious
performance regression for fresh "make defconfig" as reported in
FS#1621.  GitHub tarball download will also be disabled with this

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
6 years agoswconfig: swlib_map_settings(): change return type to void
Alexander Couzens [Fri, 29 Jun 2018 03:36:06 +0000 (05:36 +0200)]
swconfig: swlib_map_settings(): change return type to void

The return value of the function isn't used anywhere.
Fixes missing return value, CID 1329717.

Found-by: Coverity
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>