Commit Graph

37032 Commits (3c1f20d0bb390f911c3da3334c6d94c19609c8c4)

Author SHA1 Message Date
Florian Fainelli a909a5d676 orion: Build images for Buffalo Terastation Pro II/Live
Enable support for this machine in the kernel and also produce valid image
files with the correct machine id.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Florian Fainelli da5155b1a5 orion: Add support for 4.4 kernel
Patches and configuration apply just fine on the Marvell Orion target.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Florian Fainelli cec7e661e7 orion: Fold DT2 setup files into patch
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Florian Fainelli 9a08c0ba80 include/kernel: Switch to git download method
Utilize the existing git download logic from include/download.mk and migrate
the kernel download over to it. This avoids repeatedly cloning kernel sources
after a make target/linux/clean for instance.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix build error]
2016-12-04 11:41:51 +01:00
Florian Fainelli b9aab34eb4 include/download.mk: Allow specify DownloadMethod specific options
This is going to be used to migrate the hand rolled git clone for the kernel
into using the git download method. The kernel uses custom options that we may
have to pass down.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-12-04 11:41:51 +01:00
Felix Fietkau 832fb99da2 kernel: Add check to of_scan_flat_dt() before accessing initial_boot_params
Fixes a bug that affects rt288x

Signed-off-by: Tobias Wolf <dev-NTEO@vplace.de>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:50 +01:00
Felix Fietkau b3c5db79eb kernel: Fix alloc_node_mem_map with ARCH_PFN_OFFSET
Fixes a bug that affects rt288x

Signed-off-by: Tobias Wolf <github-NTEO@vplace.de>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:50 +01:00
Felix Fietkau 2135e54c00 ar71xx: set GPIO reset line for Ubiquiti NanoStation Loco XW
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:50 +01:00
Felix Fietkau 106a4605c8 ar71xx: add support for configuring at803x PHY GPIO reset via platform data
Needed to work around ethernet hang issues on Ubiquiti NanoStation Loco XW,
because ar71xx is not converted to device tree yet.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:50 +01:00
Felix Fietkau feb25f1a5b kernel: add support for the AT8032 PHY
This PHY is used on the Ubiquiti Networks NanoStation Loco XW

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:50 +01:00
Felix Fietkau 06a21e12ee kernel: backport some upstream at803x fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Felix Fietkau 566de813c3 ramips: prevent packet forwarding on mt7620 between switch ports during init (FS#103)
By default, forwarding between all ports is allowed on init. This is
problematic in cases where some ports are supposed to be isolated from
each other, most commonly LAN/WAN separation.

REG_ESW_PORT_PCR(port) has a destination mask for a particular port,
controlling what other ports it is allowed to send packets to.
Instead of initializing all to 0xff (all ports), allow each physical
port to send to the CPU port, and the CPU port to send to all other
ports.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Felix Fietkau 81b5e8e5d2 base-files: add a hint in sysupgrade that shows what to do when the image metadata check fails
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Yong-hyu, Ban 377eac0ceb ramips: fix LAN port order of WeVO W2914NS v2
Signed-off-by: Yong-hyu, Ban <perillamint@gentoo.moe>
2016-12-04 08:22:07 +01:00
BangLang Huang 23b58f8acb ramips: fix PBR-D1 button definition
Due to the product specification, the button on PBR-D1 should be
reset, not wps.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
2016-12-04 07:03:17 +01:00
Tobias Wolf 2e020e2cef ramips: add support for PCI based OHCI/EHCI support for F5D8235 V1
This router uses an PCI attached NEC EHCI controller to support the single USB port.

Signed-off-by: Tobias Wolf <github-NTEO@vplace.de>
2016-12-04 07:03:17 +01:00
Tobias Wolf 13c0d208b2 ramips: introduce CONFIG_PCI and CONFIG_OF_*PCI for rt288x
This is a prerequisite for F5D8235 V1 to use PCI based OHCI/EHCI.

Signed-off-by: Tobias Wolf <github-NTEO@vplace.de>
2016-12-04 07:03:17 +01:00
Tobias Wolf c2ed721e89 ramips: improve F5D8235 V1 support
This fixes the partition name for the firmware splitter, the cfi
address and adds the mtd-eeprom address for wmac. It adds additional
LEDs and make use of them in diag.sh and 01_leds.

Please note that the ":blue:wired" LED is used because the
":blue:router" behaviour is unpredictable for failsafe indication. The
issue with the router LED is that you have two states only.
"off" is steady on and "on" blinks. Therefore the wired LED is more
suitable.

Furthermore it reuses the correct switch configuration definition to
reflect the device ports and numbering. Additionally fixes the issue
that the default configuration is not applied as no port 6 exists on
this device.

Signed-off-by: Tobias Wolf <github-NTEO@vplace.de>
2016-12-04 07:03:17 +01:00
Vignesh Balasubramaniam 62e4c915ee mvebu: fix sysupgrade for Linksys WRT3200ACM
sysupgrade command fails due to missing U-Boot environment-processing
binaries on sysupgrade ramdisk. The missing binaries result in the
following output:

Switching to ramdisk...
	Performing system upgrade...
	ash: /usr/sbin/fw_printenv: not found
	ash: fw_setenv: not found
	ash: touch: not found
	cannot find target partition

Signed-off-by: Vignesh Balasubramaniam <vigneshb.hp@gmail.com>
2016-12-04 07:03:17 +01:00
Mathias Kresin c95e4e715d mvebu: fix image validation error
The name from the Device define will be used in the metadata. Due to
typo/different spelling, this name might not match the one exported in
/lib/mvebu.sh.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-12-04 07:03:17 +01:00
Mathias Kresin d9d838bc97 lantiq: fix image validation errors
The boards did not have the name set that is expected during metadata
validation on sysupgrade.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-12-04 07:03:17 +01:00
Hauke Mehrtens abedd718aa cyassl: update to wolfssl version 3.9.10
This fixes the following security problems:
CVE-2016-7440: Software AES table lookups do not properly consider cache-bank access times
CVE-2016-7439: Software RSA does not properly consider cache-bank monitoring
CVE-2016-7438: Software ECC does not properly consider cache-bank monitoring
SWEET32 Attack

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:35:35 +01:00
Hauke Mehrtens 7e6c53dac9 valgrind: update to 3.12.0
Support for MIPS toolchains without FPU support was added upstream,
so remove our patch.

patches/310-mips-link-tool.patch was a backport form this version of valgrind
src/abort.c is not referenced anywhere

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:03:56 +01:00
Hauke Mehrtens 4e07167eff curl: update to version 7.51.0
This fixes the following security problems:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:44 +01:00
Hauke Mehrtens 99ea26883b mbedtls: update to version 2.4.0
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:20 +01:00
Hauke Mehrtens 280fdac18f polarssl: update to version 1.3.18
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:36:34 +01:00
Jo-Philipp Wich a642a11fac scripts: getver.sh: append Git short hash to revision
Change getver.sh to append a short Git commit hash to the end of the artifical
revision number. This way we still have order- and comparable commit numbers
but also a direct relation to the Git commit.

The new output format will look like "r2400+2-882472e" for dirty trees or like
"r2402-882472e" for clean ones.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-02 16:38:55 +01:00
Jo-Philipp Wich 5f3c96c285 build: adjust version number handling
Move the revision info to the VERSION_CODE variable and default VERSION_NUMBER
to CURRENT for master branch builds.

Also introduce a new menuconfig option CONFIG_VERSION_CODE which allows users
to override the revision value put into VERSION_CODE and adjust the template
files used by the base-files package to accomodate for the changed semantics.

While we're at it, also adjust the various URLs to match the current web site.

After this commit, the relevent files will look like the examples given below:

    # cat /etc/openwrt_version
    r2398+1

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='CURRENT'
    DISTRIB_REVISION='r2398+1'
    DISTRIB_CODENAME='reboot'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Reboot CURRENT r2398+1'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="CURRENT, Reboot"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Reboot CURRENT"
    VERSION_ID="current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2398+1"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Reboot CURRENT r2398+1"

On a release branch, those files would look like:

    # cat /etc/openwrt_version
    r2399

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='16.12-CURRENT'
    DISTRIB_REVISION='r2399'
    DISTRIB_CODENAME='test_release'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Test Release 16.12-CURRENT r2399'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="16.12-CURRENT, Test Release"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Test Release 16.12-CURRENT"
    VERSION_ID="16.12-current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2399"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Test Release 16.12-CURRENT r2399"

On a release tag, those files would look like:

    # cat /etc/openwrt_version
    r2500

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='17.02.1'
    DISTRIB_REVISION='r2500'
    DISTRIB_CODENAME='mighty_unicorn'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Mighty Unicorn 17.02.1 r2500'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="17.02.1, Mighty Unicorn"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Mighty Unicorn 17.02.1"
    VERSION_ID="17.02.1"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2500"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Mighty Unicorn 17.02.1 r2500"

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 16:02:02 +01:00
Felix Fietkau 1947cf36ba procd: update to the latest version, fixes killing jailed processes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 13:55:23 +01:00
Felix Fietkau a2e197d972 libubox: update to the latest version
- Improves C++ compatibility
- Adds static initializers for the kvlist API

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 20:14:52 +01:00
John Crispin 7c809f1687 ramips: fix sdhci support on mt7621
the IRQ level was wrong. refresh the patch while at it.

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-01 18:30:41 +01:00
Jo-Philipp Wich 0b3b8c83c0 tools: cmake: fix compatibility with LibreSSL as well
Sadly, LibreSSL claims to be OpenSSL v2.0.0 while not providing the new
interfaces introduced with OpenSSL v1.1.x, so extend the pre-OpenSSL 1.1.x
compat checks to consider LibreSSL as well.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-01 16:49:24 +01:00
Andrew Yong 07b571a435 ramips: RB750Gr3: Add pwr LED and buzzer to DTS
use pwr LED in diag.sh
Expose unused pinmux pins as GPIOs
export power LED and buzzer pins
Use rb750gr3:blue:pwr LED in diag.sh for boot status instead of rb750gr3:green:usr

Signed-off-by: Andrew Yong <me@ndoo.sg>
2016-12-01 16:17:55 +01:00
dissent1 fef6a96d9e ipq806x: add thermal sensor driver
Allows to check cpu temperature.

Huge thanks to @hnyman for valuable assistance!

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-12-01 15:47:43 +01:00
Pavel Kubelun 2b71f958b1 ipq806x: increase coherent dma pool size
Cherry-picked and rebased from
https://source.codeaurora.org/quic/qsdk/system/openwrt/tree/?h=korg/linux-3.4.y/release/arugula_bb_cs

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-12-01 15:47:43 +01:00
Pavel Kubelun 8fca99266e ipq806x: add enable reg and masks for PRNG
Cherry-picked from https://source.codeaurora.org/quic/qsdk/system/openwrt/tree/?h=korg/linux-3.4.y/release/arugula_bb_cs

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-12-01 15:47:43 +01:00
Pavel Kubelun 94e4ee5395 net: ar8327: modify some configuration of switch
Imported from https://source.codeaurora.org/quic/qsdk/system/openwrt/commit/?h=korg/linux-3.4.y/release/arugula_bb_cs&id=2be4f8a8b205ae1a37db44839864451ebe893e6e
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>

Enable flow control of LAN and WAN ports to
get better performance.
Setup pvid as 0 for all ports during initialisation
to avoid confusion during system or switch INIT.
Disable PORT MAC before config MAC to avoid it work abnormal.
This change is for IR-054144, IR-057315.

Change-Id: I345f3dffa59ad3f97150e09692723da12a7b1067
Signed-off-by: Zou Shunxiang <shunxian@codeaurora.org>
Signed-off-by: xiaofeis <xiaofeis@codeaurora.org>
2016-12-01 15:47:43 +01:00
Pavel Kubelun 5a69f59602 net: ar8216: address security vulnerabilities in swconfig & ar8216
Imported from e1aaf7ec00%5E%21/#F0
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>

CHROMIUM: net: ar8216: address security vulnerabilities in swconfig & ar8216

This patch does the following changes:
*address the security vulnerabilities in both swconfig framework and in
 ar8216 driver (many bound check additions, and turned swconfig structure
 signed element into unsigned when applicable)
*address a couple of whitespaces and indendation issues

BUG=chrome-os-partner:33096
TEST=none

Change-Id: I94ea78fcce8c1932cc584d1508c6e3b5dfb93ce9
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
Reviewed-on: https://chromium-review.googlesource.com/236490
Reviewed-by: Toshi Kikuchi <toshik@chromium.org>
Commit-Queue: Toshi Kikuchi <toshik@chromium.org>
Tested-by: Toshi Kikuchi <toshik@chromium.org>
2016-12-01 15:47:43 +01:00
Pavel Kubelun a3454d1929 net: ar8216: prevent device duplication in ar8xxx_dev_list
Import from fd7b89dd46%5E%21/#F0
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>

CHROMIUM: drivers: ar8216: prevent device duplication in ar8xxx_dev_list

If probe is called twice, once for PHY0 and a second time for PHY4,
the same switch device will be added twice to ar8xxx_dev_list, while
supposedly this list should have one element per hardware switch present
in the system.

While no negative impact have been observed, it does happen if a
platform instanciates these two PHYs from device-tree, as an example.

Change-Id: Iddcbdf7d4adacb0af01975b73f8e56b4582e894e
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
Reviewed-on: https://chromium-review.googlesource.com/234790
Reviewed-by: Matthias Kaehlcke <mka@chromium.org>
Reviewed-by: Toshi Kikuchi <toshik@chromium.org>
Tested-by: Toshi Kikuchi <toshik@chromium.org>
2016-12-01 15:47:43 +01:00
Pavel Kubelun eb049d3777 net: ar8216: hold ar8xxx_dev_list_lock during use_count--
Import from c3fd96a7b8%5E%21/#F0
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>

CHROMIUM: drivers: ar8216: hold ar8xxx_dev_list_lock during use_count--

It is possible for the remove() callback to run twice in parallel, which
could result into --use_count returning only 1 in both cases and the
rest of the unregistration path to never be reached.

This case has never been observed in practice, but we will fix
preventively to make the code more robust.

BUG=chrome-os-partner:33096
TEST=none

Change-Id: If09abe27fdb2037f514f8674418bafaab3cbdef6
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
Reviewed-on: https://chromium-review.googlesource.com/232870
Reviewed-by: Matthias Kaehlcke <mka@chromium.org>
Reviewed-by: Toshi Kikuchi <toshik@chromium.org>
Tested-by: Toshi Kikuchi <toshik@chromium.org>
2016-12-01 15:47:43 +01:00
Pavel Kubelun 65b20d8b64 net: ar8327: replace sprintf() by scnprintf()
Import from fd0c41c7b9%5E%21/#F0
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>

CHROMIUM: drivers: ar8216: replace sprintf() by scnprintf()

BUG=chrome-os-partner:33096
TEST=none

Change-Id: Ib82035c9f2769a86d3e90f9573a09e5700ff5676
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
Reviewed-on: https://chromium-review.googlesource.com/232829
Reviewed-by: Matthias Kaehlcke <mka@chromium.org>
Tested-by: Toshi Kikuchi <toshik@chromium.org>
Reviewed-by: Toshi Kikuchi <toshik@chromium.org>
2016-12-01 15:47:43 +01:00
Pavel Kubelun 9aa734f8f5 net: ar8327: remove unnecessary spinlocks
Import from 541c15f8dd%5E%21/#F0
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>

CHROMIUM: drivers: ar8216: remove unnecessary spinlocks

BUG=chrome-os-partner:33096
TEST=none

Change-Id: Ia1b51258504501863fd3298717cc923a1baf34ca
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
Reviewed-on: https://chromium-review.googlesource.com/232828
Reviewed-by: Matthias Kaehlcke <mka@chromium.org>
Reviewed-by: Toshi Kikuchi <toshik@chromium.org>
Tested-by: Toshi Kikuchi <toshik@chromium.org>
2016-12-01 15:47:43 +01:00
Pavel Kubelun 7de8d5322e net: ar8216: sync mib_work cancellation
Import from c05af20272
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>

CHROMIUM: drivers: ar8216: sync mib_work cancellation

ar8xxx_mib_stop() is called from ar8xxx_phy_remove(), so we want to make
sure the work doesn't run after priv is freed / the device ceases to
exist.

BUG=chrome-os-partner:33096
TEST=none

Change-Id: Iafb44ce93a87433adc4576e5fea5fda58d1f43a9
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
Reviewed-on: https://chromium-review.googlesource.com/232827
Reviewed-by: Matthias Kaehlcke <mka@chromium.org>
Reviewed-by: Toshi Kikuchi <toshik@chromium.org>
Reviewed-by: Grant Grundler <grundler@chromium.org>
Tested-by: Toshi Kikuchi <toshik@chromium.org>
2016-12-01 15:47:43 +01:00
Pavel Kubelun 550f71ec8d ipq806x: refactor rpm clock controller patches
RPM clock controller driver had made its way upstream and previous
approach of directly redoing a driver to support ipq806x is a no go anymore.

Thus reverting mentioned patches to upstream state and renaming
in correct patch numbering accordance.

To make the driver work on ipq806x boards we introduce a custom patch.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2016-12-01 15:47:43 +01:00
Jo-Philipp Wich 83697ec389 tools: cmake: import another upstream commit for OpenSSL backwards compatibility
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-01 15:41:40 +01:00
Felix Fietkau b2443838e6 kernel: add missing config symbols
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 15:05:03 +01:00
Jo-Philipp Wich 7abd011b0a tools: cmake: import upstream patch for OpenSSL 1.1.x compatibility
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-01 15:02:00 +01:00
Felix Fietkau 4d448cf720 xtables-addons: add CONFIG_NF_CONNTRACK_MARK=y to all kmod-* packages
Not all kmod packages depends on kmod-ipt-compat-xtables, but this
kernel config option is required for building the whole package

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 14:24:03 +01:00
Jo-Philipp Wich 4596f9b5ac e2fsprogs: avoid picking up incompatible libcom_err.so
Commit 2728512 ("e2fsprogs: List all libraries explicitly") forced the
e2fsprogs build system to link libcom_err.so in various places.

Unfortunately, the krb5 package also ships a libcom_err.so with a totally
different ABI and puts it into the global staging directory which causes
e2fsprogs to pick up this wrong library, leading to the following failure:

    	LD blkid
    ../lib/libext2fs.so: undefined reference to `_et_list'
    collect2: error: ld returned 1 exit status
    Makefile:504: recipe for target 'blkid' failed

Change the SYSLIBS specification to explicitely link libcom_err.so.0.0
which in order to work around the problem.

In the long run, the libcom_err clash between e2fsprogs and krb5 needs to
be solved properly.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-30 23:32:17 +01:00
Felix Fietkau e678c9f764 mkimage: fix openssl 1.1.x compat fix with libressl
libressl sets OPENSSL_VERSION_NUMBER to 0x20000000L, which breaks API
checks based on it.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-30 20:24:33 +01:00