This is intended to be used for a wide array of package sanity checks.
The first check that is implemented is for the hash of downloaded files.
It checks:
- Missing hash
- Use of SHA256 instead of MD5
- dl/<file> hash not matching hash in makefile
- deprecated MD5SUM variable
The deprecated MD5SUM variable check is skipped for feeds/ until OpenWrt
is updated as well
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This works around deadlock and/or memory corruption during
firmware crash and improves ability to configure number of
tids in firmware.
Signed-off-by: Ben Greear <greearb@candelatech.com>
CT firmware files use the same filename with a different URL for
different chips. Since all files end up in dl/, filenames need to be
unique as well.
Add a chip prefix to the output filename to fix this issue.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The SIGHUP also got sent to the reload script making it bail out
with an error
Revert "dnsmasq: reload config if host name is modified"
This reverts commit 854459a2f9.
Reported-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
The sha256sum was not updated in the last commit.
Fixes: a7c231027 [odhcpd: Fix dnsmasq re-reading hostfile]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Calling a build ##.##-CURRENT might mislead users into thinking that this
build is the most current release of a branch.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Currently, installing kmod-sdhci fails with "sdhci is already loaded" since
"sdhci.ko" is inserted explicitely first, the implicitely loaded again when
"sdhci-pltfm.ko" is inserted as the latter depends on the former.
Remove the explicit autoprobe of "sdhci.ko" to fix the postinstall script.
Acked-by: John Crispin <john@phrozen.org>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This will avoid loading it in the default configuration, which reduces
image size a bit, and (more importantly) improves performance by
avoiding some unnecessary netfilter hooks
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Update libpcap to upstream release 1.8.1
Change the name from libpcap.so.1.3 to libpcap.so.1
Remove parts of patch 201 which moved code among src files.
Import patch 204 from Debian to update the USB path.
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix parallel build bug]
this package references an undefined variable for its submenu.
Remove this NOP variable assignment.
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
this kernel module currently does not set submenu.
Fix this by adding it to the "Others" submenu
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
Add support for specifying a call profile index instead of APN. A
specific index different from 1 must be used for some service
provider and modem combinations.
In addition, change the manufacturer detection to use the standard
AT+CGMI command, which produces more predictable output than ATI,
remove the redundant ipv6 option, since it is less ambiguous to
directly specify the PDP context type with mobile connections, and
fix missing device during teardown when using ncm through the wwan
proto.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
Update uqmi to latest version, which brings about support for
specifying a call profile index instead of APN. A specific index
different from 1 must be used for some service provider and modem
combinations.
Also change option dhcp to dhcpv6, since IPv4 now always uses DHCP,
replace option ipv6 with pdptype, which is less ambiguous, and
make autoconnect optional and default it to off for IPv6 due to it
not working with statically configured IPv6.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
Harmonise handling of DEFAULT_PATH by removing the patch introducing #ifndef
guards around the path, and only using one means to set the path in the
makefile.
Signed-off-by: Dario Ernst <Dario.Ernst@riverbed.com>
Update procd to latest HEAD in order to introduce support for services signals:
- Adds a new service.signal ubus call to send a kill() signal to one or all
running instances of a given service
- Adds a new "reload_signal" property which allows service init scripts to
request procd to send a specific kill() signal on reload, instead of
stopping and restarting running processes
Also fixes some potential memory leaks reported by cppcheck and an environment
variable corruption in the trace command.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The xt_id match was used by the firewall3 package to track its own rules but
the approach has been changed to use xt_comment instead now, so we can drop
this nonstandard extension.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update to current HEAD in order to drop automatic generation of per-zone
NOTRACK rules.
The NOTRACK rules used to provide a little performance improvement but the
later introduction of the netfilter conntrack cache made those rules largely
unnecessary. Additionally, those rules caused various issues which broke
stateful firewalling in some scenarios.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Depending on the dhcp uci config pidof dnsmasq can return
multiple pids. Fix re-reading of the hostfile by dnsmasq in
such case by sending SIGHUP signal to each of the returned
pids.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Let dnsmasq read all hosts files in /tmp/hosts directory by specifying
/tmp/hosts as argument of --addn-host
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Support new packet overhead passing paradigm in cake qdisc, also restore
DSCP wash/nowash keywords.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Track upstream changes, incl changes in packet overhead accounting
(automatically taking care of linux' packet sizing knowledge),
improvements to triple isolated DRR handling (new flow dominance),
statistics tweak & allow more packet drops in stressed conditions.
Under tests this has significantly improved latency control under
'many flows to one' scenarious as is typical of bittorrent and MS
Windows update.
I also restored 'DSCP washing' functionality in my repo which follows
upstream closely (like a hawk!) with tc keywords 'wash/nowash'. This
allows cake to limit/control packets in bands determined by a packet's
DSCP but to clear those DSCP bits on qdisc egress. This functionality
was originally removed as part of an attempt to push cake into the
kernel, which hasn't actually happened as yet.
A matching commit is required to iproute2/tc to support the new overhead
handling, keyword changes as well as the 'wash/nowash' tweak.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
One of those changes is re-enabling blowfish support to make
openvpn-mbedtls compatible with common configurations
Signed-off-by: Felix Fietkau <nbd@nbd.name>
OpenVPN requires arguments to --push to be enclosed in double quotes.
One set of quotes is stripped when the UCI config is parsed.
Change append_params() of openvpn.init to enclose push parameters in
double quotes.
Unquoted push parameters do not cause errors in OpenVPN 2.3,
but OpenVPN 2.4 fails to start with unquoted push parameters.
Fixes: FS#290.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
This option is required by OpenVPN, and OpenVPN 2.4 uses mbedTLS 2.x.
DHM_C is also already enabled in the PolarSSL 1.3.x config.h.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
This board is very old and unlikely to still be relevant today. Support
for it contains a significant amount of device specific baggage which is
worth getting rid of.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add support for NXP layerscape ls1046ardb 64b/32b Dev board.
LS1046ARDB Specification:
-------------------------
Memory subsystem:
* 8GByte DDR4 SDRAM (64bit bus)
* 512 Mbyte NAND flash
* Two 64 Mbyte high-speed SPI flash
* SD connector to interface with the SD memory card
* On-board 4G eMMC
Ethernet:
* Two XFI 10G ports
* Two SGMII ports
* Two RGMII ports
PCIe:
* PCIe1 (SerDes2 Lane0) to miniPCIe slot
* PCIe2 (SerDes2 Lane1) to x2 PCIe slot
* PCIe3 (SerDes2 Lane2) to x4 PCIe slot
* USB 3.0: one super speed USB 3.0 type A port, one Micro-AB port
* UART: supports two UARTs up to 115200 bps for console
Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.
Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.
Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
This just adds the kmods for these kernel modules.
This is found on some Lantiq / Intel reference boards.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Now that the VERSION_NUMBER variable holds the human friendly name and not
the commit ID anymore, we need to support adding the revision ID as well.
Introduce a new config variable CONFIG_VERSION_CODE_FILENAMES which, if set,
causes the resulting file names to contain a commit ID designation as printed
by scripts/getver.sh.
Also sanitize the input variables to ensure that the resulting strings are
lowercased and no not contain spaces.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Correct splitting the 32-bit 'hostid' value to two 16-bit hexadecimal
values. Previously, the lower 16-bit value was truncated to an 8-bit
value, which would result in hostid values 100 and 200 both to be set
to [::0:0] instead of [::0:100] and [::0:200] respectively.
Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
If the hostname in /etc/config/system is modified the dnsmasq will not
reread the update host file under /tmp/hosts/dhcp.$cfg.
Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
Last release of libnetfilter-queue was in 2012.
There don't seem to be any release tarballs since then.
This updates it to a more recent version, pointing to the git repo.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This fixes the following security problems:
CVE-2016-7440: Software AES table lookups do not properly consider cache-bank access times
CVE-2016-7439: Software RSA does not properly consider cache-bank monitoring
CVE-2016-7438: Software ECC does not properly consider cache-bank monitoring
SWEET32 Attack
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Support for MIPS toolchains without FPU support was added upstream,
so remove our patch.
patches/310-mips-link-tool.patch was a backport form this version of valgrind
src/abort.c is not referenced anywhere
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes the following security problems:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Move the revision info to the VERSION_CODE variable and default VERSION_NUMBER
to CURRENT for master branch builds.
Also introduce a new menuconfig option CONFIG_VERSION_CODE which allows users
to override the revision value put into VERSION_CODE and adjust the template
files used by the base-files package to accomodate for the changed semantics.
While we're at it, also adjust the various URLs to match the current web site.
After this commit, the relevent files will look like the examples given below:
# cat /etc/openwrt_version
r2398+1
# cat /etc/openwrt_release
DISTRIB_ID='LEDE'
DISTRIB_RELEASE='CURRENT'
DISTRIB_REVISION='r2398+1'
DISTRIB_CODENAME='reboot'
DISTRIB_TARGET='x86/64'
DISTRIB_DESCRIPTION='LEDE Reboot CURRENT r2398+1'
DISTRIB_TAINTS='no-all override'
# cat /usr/lib/os-release
NAME="LEDE"
VERSION="CURRENT, Reboot"
ID="lede"
ID_LIKE="lede openwrt"
PRETTY_NAME="LEDE Reboot CURRENT"
VERSION_ID="current"
HOME_URL="http://lede-project.org/"
BUG_URL="http://bugs.lede-project.org/"
SUPPORT_URL="http://forum.lede-project.org/"
BUILD_ID="r2398+1"
LEDE_BOARD="x86/64"
LEDE_TAINTS="no-all override"
LEDE_DEVICE_MANUFACTURER="LEDE"
LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
LEDE_DEVICE_PRODUCT="Generic"
LEDE_DEVICE_REVISION="v0"
LEDE_RELEASE="LEDE Reboot CURRENT r2398+1"
On a release branch, those files would look like:
# cat /etc/openwrt_version
r2399
# cat /etc/openwrt_release
DISTRIB_ID='LEDE'
DISTRIB_RELEASE='16.12-CURRENT'
DISTRIB_REVISION='r2399'
DISTRIB_CODENAME='test_release'
DISTRIB_TARGET='x86/64'
DISTRIB_DESCRIPTION='LEDE Test Release 16.12-CURRENT r2399'
DISTRIB_TAINTS='no-all override'
# cat /usr/lib/os-release
NAME="LEDE"
VERSION="16.12-CURRENT, Test Release"
ID="lede"
ID_LIKE="lede openwrt"
PRETTY_NAME="LEDE Test Release 16.12-CURRENT"
VERSION_ID="16.12-current"
HOME_URL="http://lede-project.org/"
BUG_URL="http://bugs.lede-project.org/"
SUPPORT_URL="http://forum.lede-project.org/"
BUILD_ID="r2399"
LEDE_BOARD="x86/64"
LEDE_TAINTS="no-all override"
LEDE_DEVICE_MANUFACTURER="LEDE"
LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
LEDE_DEVICE_PRODUCT="Generic"
LEDE_DEVICE_REVISION="v0"
LEDE_RELEASE="LEDE Test Release 16.12-CURRENT r2399"
On a release tag, those files would look like:
# cat /etc/openwrt_version
r2500
# cat /etc/openwrt_release
DISTRIB_ID='LEDE'
DISTRIB_RELEASE='17.02.1'
DISTRIB_REVISION='r2500'
DISTRIB_CODENAME='mighty_unicorn'
DISTRIB_TARGET='x86/64'
DISTRIB_DESCRIPTION='LEDE Mighty Unicorn 17.02.1 r2500'
DISTRIB_TAINTS='no-all override'
# cat /usr/lib/os-release
NAME="LEDE"
VERSION="17.02.1, Mighty Unicorn"
ID="lede"
ID_LIKE="lede openwrt"
PRETTY_NAME="LEDE Mighty Unicorn 17.02.1"
VERSION_ID="17.02.1"
HOME_URL="http://lede-project.org/"
BUG_URL="http://bugs.lede-project.org/"
SUPPORT_URL="http://forum.lede-project.org/"
BUILD_ID="r2500"
LEDE_BOARD="x86/64"
LEDE_TAINTS="no-all override"
LEDE_DEVICE_MANUFACTURER="LEDE"
LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
LEDE_DEVICE_PRODUCT="Generic"
LEDE_DEVICE_REVISION="v0"
LEDE_RELEASE="LEDE Mighty Unicorn 17.02.1 r2500"
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Felix Fietkau <nbd@nbd.name>
Not all kmod packages depends on kmod-ipt-compat-xtables, but this
kernel config option is required for building the whole package
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Commit 2728512 ("e2fsprogs: List all libraries explicitly") forced the
e2fsprogs build system to link libcom_err.so in various places.
Unfortunately, the krb5 package also ships a libcom_err.so with a totally
different ABI and puts it into the global staging directory which causes
e2fsprogs to pick up this wrong library, leading to the following failure:
LD blkid
../lib/libext2fs.so: undefined reference to `_et_list'
collect2: error: ld returned 1 exit status
Makefile:504: recipe for target 'blkid' failed
Change the SYSLIBS specification to explicitely link libcom_err.so.0.0
which in order to work around the problem.
In the long run, the libcom_err clash between e2fsprogs and krb5 needs to
be solved properly.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
"service" is a simple wrapper that will allow to call init.d scripts
current method: # /etc/init.d/network reload
with the wrapper: # service network reload
If the wrapper is called without arguments or with a wrong init script name, it will print an error and list the content of /etc/init.d/ folder
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
Based on the submission to the uboot-lantiq repo by Martin Blumenstingl.
Use the ddr_settings.h from the GPL tarball. The NAND boot optimized
one (with memory tuning enabled) doesn't work for the UART boot image.
Use the same mtd layout as the stock u-boot. Add add UBI support.
Use the leds to indicate boot status like it is done with the stock
u-boot. Switch on the red power led if kernel image can't be loaded.
Otherwise switch the green led on.
Make only the ramboot u-boot available. Only this image is required for
the first installation of LEDE.
Signed-off-by: Mathias Kresin <dev@kresin.me>
These properties allow overriding the settings from the EEPROM
which indicate whether a band is enabled or not.
Setting this property is only needed when the RF circuit does not
support the 2.4GHz or 5GHz band while it is enabled nevertheless in the
EEPROM.
These patches will be replaced with a future upstream version which
will introduces an ieee80211 device tree property to disable bands.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
There are two types of swapping the EEPROM data in the ath9k driver.
Before this series one type of swapping could not be used without the
other.
The first type of swapping looks at the "magic bytes" at the start of
the EEPROM data and performs swab16 on the EEPROM contents if needed.
The second type of swapping is EEPROM format specific and swaps
specific fields within the EEPROM itself (swab16, swab32 - depends on
the EEPROM format).
With this series the second part now looks at the EEPMISC register
inside the EEPROM, which uses a bit to indicate if the EEPROM data
is Big Endian (this is also done by the FreeBSD kernel).
This has a nice advantage: currently there are some out-of-tree hacks
(in OpenWrt and LEDE) where the EEPROM has a Big Endian header on a
Big Endian system (= no swab16 is performed) but the EEPROM itself
indicates that it's data is Little Endian. Until now the out-of-tree
code simply did a swab16 before passing the data to ath9k, so ath9k
first did the swab16 - this also enabled the format specific swapping.
These out-of-tree hacks are still working with the new logic, but it
is recommended to remove them. This implementation is based on a
discussion with Arnd Bergmann who raised concerns about the
robustness and portability of the swapping logic in the original OF
support patch review, see [0].
After a second round of patches (= v1 of this series) neither Arnd
Bergmann nor I were really happy with the complexity of the EEPROM
swapping logic. Based on a discussion (see [1] and [2]) we decided
that ath9k should use a defined format (specifying the endianness
of the data - I went with __le16 and __le32) when accessing the
EEPROM fields. A benefit of this is that we enable the EEPMISC based
swapping logic by default, just like the FreeBSD driver, see [3]. On
the devices which I have tested (see below) ath9k now works without
having to specify the "endian_check" field in ath9k_platform_data (or
a similar logic which could provide this via devicetree) as ath9k now
detects the endianness automatically. Only EEPROMs which are mangled
by some out-of-tree code still need the endian_check flag (or one can
simply remove that mangling from the out-of-tree code).
[0] http://www.spinics.net/lists/linux-wireless/msg152634.html
[1] https://marc.info/?l=linux-wireless&m=147250597503174&w=2
[2] https://marc.info/?l=linux-wireless&m=147254388611344&w=2
[3] 50719b56d9/sys/dev/ath/ath_hal/ah_eeprom_9287.c (L351)
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
These patches add support for configuring ath9k based devices via
devicetree. This was tested on PCI(e) based devices. This should work
for AHB based devices as well (adding more AHB specific properties may
still be needed) as soon as the ath79 platform is ready to populate the
ath9k wmac via devicetree.
This patchset was accepted upstream, more information can be found on
the linux-wireless list:
https://www.spinics.net/lists/linux-wireless/msg155474.html
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
The ESP algorithms in CBC mode require echainiv, so have kmod-ipsec
depend on kmod-crypto-echainiv.
See upstream commit 32b6170ca59ccf07d0e394561e54b2cd9726038c.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This constant was always defined to 0, and recently got removed in
upstream commit a07ea4d9941af5a0c6f0be2a71b51ac9c083c5e5 ("genetlink: no
longer support using static family IDs")
Fixes libnl-tiny builds with latest upstream kernels.
Fixes: d723f2573a ("libnl-tiny: remove include/linux overrides to fix various build issues")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Update fuse+libfuse to upstream 2.9.7. Drop the patch for CVE-2015-3202,
which is already integrated in the newer version. Rework the other patches.
Also switch PKG_SOURCE from @SF to libfuse's github releases.
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
The 10.1 includes a good many stability fixes related to the effort of
backporting upstream 10.2 firmware. Also enables 802.1q vlan support.
Successfully tested on apu2.
The 10.4 firmwares including new backported code as well as stability
fixes. 10.4 has been tested on Fedora x86-64 platforms, but not on LEDE
specifically since I had issues compiling LEDE for my 9980/9984 AP hardware.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Packages that do a killall <cmd> with the same name as the init script
will fail the prerm step when the service isn't running. Do make them
removable without having to restart the service, ignore the return code.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
To make sure we properly restart services on upgrade we need to
call the prerm script of the old package, in case the init script
changes (or vanishes).
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Properly stop/start services on upgrade, but don't change the enabled
state.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Allow scripts from the package to be upgraded to be aware of being
upgraded.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
The host-side build of grub2 requires this sometimes.
This will re-generate the ./configure script from configure.ac.
I don't know the conditions of how this reproduces, it just
sometimes appears, and sometimes doesn't.
Build error
```
<lede-dir>/build_dir/target-x86_64_musl-1.1.15_yogi/host/grub-2.02~beta2/build-aux/missing: line 81: aclocal-1.14: command not found
WARNING: 'aclocal-1.14' is missing on your system.
You should only need it if you modified 'acinclude.m4' or
'configure.ac' or m4 files included by 'configure.ac'.
The 'aclocal' program is part of the GNU Automake package:
<http://www.gnu.org/software/automake>
It also requires GNU Autoconf, GNU m4 and Perl in order to run:
<http://www.gnu.org/software/autoconf>
<http://www.gnu.org/software/m4/>
<http://www.perl.org/>
Makefile:3962: recipe for target 'aclocal.m4' failed
```
Adding PKG_FIXUP adds sanity (i.e. autoreconf is used for host & target
builds) over just using HOST_FIXUP.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Use fwtool to extract it, only require metadata to be present if the
platform sysupgrade script sets REQUIRE_IMAGE_METADATA=1
Image metadata is in JSON format and contains a list of supported
devices, along with version information that could be displayed by a UI
later before the actual upgrade happens.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This will be used to append extra information to images which allows the
system to verify if an image is compatible with the system.
The extra data is appended to the end of the image, where it will be
ignored when upgrading from systems that do not process this data yet:
If the image is a squashfs or jffs2 image, the extra data will land
after the end-of-filesystem marker, where it will be overwritten once
the system boots for the first timee.
If the image is a sysupgrade tar file, tar will simply ignore the extra
data when unpacking.
The layout of the metadata/signature chunks is constructed in a way
that the last part contains just a magic and size information, so that
the tool can quickly check if any valid data is present without having
to do a pattern search throughout the full image.
Chunks also contain CRC32 information to detect file corruption, even
when the image is not signed.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
SafeLoader is image format used by some TP-LINK devices. This tool
allows extracting selected partitions out of it. It can be used for
sysupgrade.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Reboot of 519a199cbc
Which broke other builds.
This time, added compile flags to build only for POWERPC archs
Tested on mpc85xx, ar71xx and bcm2708.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Adds Google's mirror as primary source and kernel.org as fallback.
Same as commit 0d4f02dfd6
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
TI wl18xx and wl12xx are Wi-Fi/Bluetooth combo modules
that could be found on different existing boards.
But it is possible to get those modules as a separate
component and use with existing boards as well as
new boards equipped with either module may appear so we
remove dependency on OMAP instead we add dependency on MMC
because this Wi-Fi module uses SDIO interface.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Cc: Felix Fietkau <nbd@nbd.name>
Cc: Imre Kaloz <kaloz@openwrt.org>
Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
Without setting the HSR to the selected channel, the WLAN of the UAP
Outdoor+ will exhibit high packet loss in RX.
Based-on-patch-by: Stefan Rompf <stefan@loplof.de>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
odhcpd daemon has hitless config reload support by means of the
sighup signal; add reload_service function which uses sighup
signal to reload the config
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This fixes building with musl and drops the dependency on the OpenWrt
kernel-header patches:
270-uapi-kernel.h-glibc-specific-inclusion-of-sysinfo.h.patch
271-uapi-libc-compat.h-do-not-rely-on-__GLIBC__.patch
272-uapi-if_ether.h-prevent-redefinition-of-struct-ethhd.patch
Use the new upstream location at netfilter.org and use a define instead
of a patch to "optimize".
See also: https://git.netfilter.org/arptables/log/
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
[Jo-Philipp Wich: add mirror SHA256 sum]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This allows to include optimizations such as ARM neon which
are detected on run-time.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
[Jo-Philipp Wich: picked from openwrt#191 and rebased onto LEDE master]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This adds support for "channels" command which displays more details
about channels. It includes e.g. info about available widths.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
A firmware compiled with BUSYBOX_CONFIG_ARP should also use by default the
arp binary from busybox. Otherwise the extra functionality the user
requested can only be used when running arp with the path to the binary.
Signed-off-by: Marek Lindner <marek.lindner@open-mesh.com>
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
Backport upstream accepted patch which allows to override the EEPROM
mac address with one from device tree.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The patch 615-rt2x00-fix_20mhz_clk.patch fixes code introduced by
611-rt2x00-rf_vals-rt3352-xtal20.patch and makes the the platform data
property clk_is_20mhz obsolete.
Signed-off-by: Mathias Kresin <dev@kresin.me>
This reverts commit 519a199cbc.
Multiple users have reported building failures on ARM architectures, e.g.:
In file included from defs.h:42:0,
from process.c:37:
process.c:51:22: error: 'struct user_regs' has no member named 'ARM_r0'
#define uoff(member) offsetof(struct user, member)
^
./linux/arm/userent.h:1:3: note: in expansion of macro 'uoff'
{ uoff(regs.ARM_r0), "r0" },
^
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update to latest Git head in order to import several fixes and enhancements.
- Disable drop invalid by default (FS#73, FS#154)
Instead of dropping packets with conntrack state INVALID, only allow streams
with explicit NEW or UNTRACKED conntrack state.
This change gives user defined rules the chance to accept traffic like ICMPv6
multicast which would be filtered away by the very early ctstate INVALID drop
rule otherwise.
The old behaviour can be restored by explicitely setting "drop_invalid" to 1
in the global firewall config section.
- Fix re-initialization of loadable iptables extensions on musl (FS#31)
Since musl does not implement actual dlclose() semantics, it is impossible to
re-run initializers on subsequent dlopen() calls.
The firewall3 executable now intercepts the extension registration calls
instead in order to be able to re-call them when needed.
This also allowed us to switch to libxtables' builtin extension loader as a
positive side-effect.
- Fix masquerade rules for multiple negated IP addresses (FS#248)
When building MASQUERADE rules for zones which specify multiple negated
addresses in masq_src or masq_dest, emit -j RETURN rules which jump out of
the masquerading chain instead of creating multiple rules with inverted "-s"
arguments.
- Tag own rules using comments
Instead of relying on the nonstandard xt_id match, use the xt_comment match
to mark own rules. Existing comments are prefixed with "!fw3: " while
uncommented rules are marked with a sole "!fw3" string.
This allows removing the xt_id match entirely in a later commit.
- Make missing ubus connection nonfatal
Technically, firewall3 is able to operate without ubus just fine as long as
the zones are declared using "option device" or "option subnet" instead of
"option network" so do not abort execution if ubus could not be connected or
of no network namespace is exported in ubus.
This allows running firewall3 on ordinary Linux systems.
- Fix conntrack requirement detection for indirectly connected zones
The current code fails to apply the conntrack requirement flag recursively to
zones, leading to stray NOTRACK rules which break conntrack based traffic
policing.
Change the implementation to iteratively reapply the conntrack fixup logic
until no more zones had been changed in order to ensure that all directly and
indirectly connected zones receive the conntrack requirement flag.
- Add support for iptables 1.6.x
Adds support for the xtables version 11 api in order to allow building
against iptables 1.6.x
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
"This release fixes a few minor bugs, including a
(non-security-impacting) buffer overflow fix ported
from upstream cjson."
<http://software.es.net/iperf/news.html#iperf-3-1-4-released>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Most of the lantiq devices with ralink wifi have the EEPROM stored
in big endian byte order in flash, but the driver expects the EEPROM to
be in little endian.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The ralink,mtd-eeprom device tree property doesn't require the
ralink,eeprom property to work.
Rework the error handling and user notification as well. Do not log an
error if the mtd-eeprom parameter isn't used. It could be intentional
and should not scare the user.
Check if the number of bytes read from the mtd devices matches the
requested number of bytes.
In case of an mtd read error, give a hint to the user which partition
was tried to read from.
In case everything is fine, notify the user as well.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Call the rt2x00lib_get_eeprom_file_name only once and from the function
where the EEPROM filename is required.
Error only out if an EEPROM file is mandatory. Use the
REQUIRE_EEPROM_FILE bit to determine if it is mandatory.
Do not set the REQUIRE_EEPROM_FILE bit while requesting an EEPROM file.
It should be (and is) set before requesting an EEPROM file.
Do not redirect users to upstream while using a function of a custom
patch.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Adds the mac address of the DNS requestor to DNS queries which
are forwarded upstream and can be used to do filtering by the
upstream servers. This only works if the requestor is on the
same subnet as the dnsmasq server
The addmac parameter can hold the following values:
0 : mac address is not added
1 : mac address is added in binary format
base64 : mac address is added base64 encoded
text: : mac address is added in human readable format
as hex and colons
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
moving comgt and its modules to WWAN submenu to join uqmi as both are tools for WWAN modems.
I replaced the link with comgt's ubuntu manpage because the old link isn't working anymore.
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
Package the driver for the DS1374 chip present on the T4240RDB.
Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix missing symbol]
For Huawei devices like E3372 proper command for set lte mode is:
AT^SYSCFGEX="03",3fffffff,2,4,7fffffffffffffff,,
Eval is required for proper quotation.
Without this fix:
Fri Nov 4 19:07:49 2016 daemon.notice netifd: Interface 'wan' is setting up now
Fri Nov 4 19:07:52 2016 daemon.notice netifd: wan (2060): sending -> AT
Fri Nov 4 19:07:52 2016 daemon.notice netifd: wan (2060): sending -> ATZ
Fri Nov 4 19:07:53 2016 daemon.notice netifd: wan (2060): sending -> ATQ0
Fri Nov 4 19:07:53 2016 daemon.notice netifd: wan (2060): sending -> ATV1
Fri Nov 4 19:07:54 2016 daemon.notice netifd: wan (2060): sending -> ATE1
Fri Nov 4 19:07:55 2016 daemon.notice netifd: wan (2060): sending -> ATS0=0
Fri Nov 4 19:07:55 2016 daemon.notice netifd: wan (2060): sending -> AT+CGDCONT=1,"IP","internet"
Fri Nov 4 19:07:57 2016 daemon.notice netifd: wan (2060): sending -> AT^SYSCFGEX=\"03\",3fffffff,2,4,7fffffffffffffff,,
Fri Nov 4 19:07:58 2016 daemon.notice netifd: wan (2060): Error running AT-command
Fri Nov 4 19:07:58 2016 daemon.notice netifd: wan (2060): Failed to set operating mode
Fri Nov 4 19:07:58 2016 daemon.notice netifd: wan (2092): Stopping network
...
With this fix:
Fri Nov 4 19:10:59 2016 daemon.notice netifd: Interface 'wan' is setting up now
Fri Nov 4 19:11:01 2016 daemon.notice netifd: wan (2539): sending -> AT
Fri Nov 4 19:11:01 2016 daemon.notice netifd: wan (2539): sending -> ATZ
Fri Nov 4 19:11:02 2016 daemon.notice netifd: wan (2539): sending -> ATQ0
Fri Nov 4 19:11:03 2016 daemon.notice netifd: wan (2539): sending -> ATV1
Fri Nov 4 19:11:03 2016 daemon.notice netifd: wan (2539): sending -> ATE1
Fri Nov 4 19:11:04 2016 daemon.notice netifd: wan (2539): sending -> ATS0=0
Fri Nov 4 19:11:05 2016 daemon.notice netifd: wan (2539): sending -> AT+CGDCONT=1,"IP","internet"
Fri Nov 4 19:11:06 2016 daemon.notice netifd: wan (2539): sending -> AT^SYSCFGEX="03",3fffffff,2,4,7fffffffffffffff,,
Fri Nov 4 19:11:07 2016 daemon.notice netifd: wan (2539): sending -> AT^NDISDUP=1,1,"internet"
Fri Nov 4 19:11:08 2016 daemon.notice netifd: wan (2539): Connected, starting DHCP on wwan0
Fri Nov 4 19:11:08 2016 daemon.notice netifd: Interface 'wan' is now up
Fri Nov 4 19:11:08 2016 daemon.notice netifd: Network device 'wwan0' link is up
Fri Nov 4 19:11:08 2016 daemon.notice netifd: Network alias 'wwan0' link is up
Fri Nov 4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' is enabled
Fri Nov 4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' has link connectivity
Fri Nov 4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' is setting up now
...
Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
FS#256
Fix audio not working due to unset SND_PCM_TIMER. CONFIG_SND_PCM_TIMER
is required for ALSA to work (at least for some audio devices),
otherwise applications using sound may fail. Can be reproduced by
installing "alsa-utils-tests" and running "speaker-test":
...
ALSA lib pcm_direct.c:1159:(snd1_pcm_direct_initialize_poll_fd) unable to open timer 'hw:CLASS=3,SCLASS=0,CARD=0,DEV=0,SUBDEV=0'
ALSA lib pcm_dmix.c:1106:(snd_pcm_dmix_open) unable to initialize poll_fd
Playback open error: -19,No such device
The kernel size does not increase, only the size of the kernel module
increases.
Signed-off-by: Dmitry Sutyagin <f3flight@gmail.com>