The package still leaks some user space linker options into the kernel
space. This breaks the build when ASLR is activated, deactivate it for
now.
Signed-off-by: Mathias Kresin <dev@kresin.me>
7c0d711 version: bump snapshot
b6a5cc0 contrib: add extract-handshakes kprobe example
37dc953 wg-quick: if resolvconf/run/iface exists, use it
1f9be19 wg-quick: if resolvconf/interface-order exists, use it
4d2d395 noise: align static_identity keys
14395d2 compat: use correct -include path
38c6d8f noise: fix function prototype
302d0c0 global: in gnu code, use un-underscored asm
ff4e06b messages: MESSAGE_TOTAL is unused
ea81962 crypto: read only after init
e35f409 Kconfig: require DST_CACHE explicitly
9d5baf7 Revert "contrib: keygen-html: rewrite in pure javascript"
6e09a46 contrib: keygen-html: rewrite in pure javascript
e0af0f4 compat: workaround netlink refcount bug
ec65415 contrib: embedded-wg-library: add key generation functions
06099b8 allowedips: fix comment style
ce04251 contrib: embedded-wg-library: add ability to add and del interfaces
7403191 queueing: skb_reset: mark as xnet
Changes:
* queueing: skb_reset: mark as xnet
This allows cgroups to classify packets.
* contrib: embedded-wg-library: add ability to add and del interfaces
* contrib: embedded-wg-library: add key generation functions
The embeddable library gains a few extra tricks, for people implementing
plugins for various network managers.
* crypto: read only after init
* allowedips: fix comment style
* messages: MESSAGE_TOTAL is unused
* global: in gnu code, use un-underscored asm
* noise: fix function prototype
Small cleanups.
* compat: workaround netlink refcount bug
An upstream refcounting bug meant that in certain situations it became
impossible to unload the module. So, we work around it in the compat code. The
problem has been fixed in 4.16.
* contrib: keygen-html: rewrite in pure javascript
* Revert "contrib: keygen-html: rewrite in pure javascript"
We nearly moved away from emscripten'ing the fiat32 code, but the resultant
floating point javascript was just too terrifying.
* Kconfig: require DST_CACHE explicitly
Required for certain frankenkernels.
* compat: use correct -include path
Fixes certain out-of-tree build systems.
* noise: align static_identity keys
Gives us better alignment of private keys.
* wg-quick: if resolvconf/interface-order exists, use it
* wg-quick: if resolvconf/run/iface exists, use it
Better compatibility with Debian's resolvconf.
* contrib: add extract-handshakes kprobe example
Small utility for extracting ephemeral key data from the kernel's memory.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (git log --oneline description)
6e744662 Update bash_completion
478eac09 Update manual pages
88e2029e Bump up version number to 1.31.0, LT revision to 30:0:16
45d76cf5 nghttpx: Close listening socket on graceful shutdown
54573f28 Merge pull request #1137 from nghttp2/session-set-user-data
17793e99 Add nghttp2_session_set_user_data() public API function
5eac3c90 Update manual pages
e70195ae nghttpx: Update doc
fe51e7fa Merge pull request #1130 from nghttp2/avoid-inet_pton-macro
eb951c2c src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro
39f0ce7c Merge pull request #1126 from nghttp2/nghttpx-expired-client-cert
65157811 Merge pull request #1123 from nghttp2/mruby-client-cert-not-before-after
e8af7afc nghttpx: Add an option to accept expired client certificate
38abfd18 nghttpx: Add mruby tls_client_not_before, and tls_client_not_after
ff3edc09 nghttpx: Fix potential memory leak
0bb15406 Bump up version number to 1.31.0-DEV
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The lantiq components still leak some user space linker options into the
kernel space. This breaks with build when ASLR is activated, deactivate
it for now on these packages.
Fixes: FS#1391
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Do not leak the user space CFLAGS into the kernel space any more, this
allows us to activate the MIPS16 build.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Do not leak the user space CFLAGS into the kernel space any more, this
allows us to activate the MIPS16 build.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Do not leak the user space CFLAGS into the kernel space any more, this
allows us to activate the MIPS16 build.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Do not leak the user space CFLAGS into the kernel space any more, this
allows us to activate the MIPS16 build.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Do not leak the user space CFLAGS into the kernel space any more, this
allows us to activate the MIPS16 build.
This decreases the size of the ipk file from 87589 bytes to 81267 bytes.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Do not force to build with O3 optimization any more, but take what was
selected by the OpenWrt build system.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The build process does not leak the user space cflags into the kernel
build process any more, this allows to activate MIPS16 builds.
This was fixed with some update of ifxos.
This decreases size of the libifxos.a and the ltq-vdsl-app
old:
78320 libifxos.a
44383 ltq-vdsl-app_4.17.18.6-2_mips_24kc.ipk
new:
66852 libifxos.a
43506 ltq-vdsl-app_4.17.18.6-2_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The split-up into packages gre, grev4 and grev6 causes confusion for the
users as reported in FS#1399.
As IPv4 and IPv6 are considered now as bundled; squash the grev4 and grev6
packages into the gre package and let gre provide both grev4 and grev6.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Fixes the assumption the busybox udhcpc applet is always enabled; in case
the symbolic link check fails the DHCP shell handler script will exit and
as result the DHCP protocol handler will not be registered in netifd.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This is to simplify maintenance. It's easy to say now which patches need
some extra work and/or sending upstream. Updating to newer backports
should be also simpler with this.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This reverts commit 79a768a90f.
Some devices can go over their power limits with this commit, so this
needs to be handled on a case by case basis instead
Signed-off-by: Felix Fietkau <nbd@nbd.name>
There was a mismatch between indicating factory reset and code actually
starting it. After 5 seconds status LED started blinking rapidly letting
user know it's ready to release reset button. In practice button had to
stay pressed for another second in order to relly start the process.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Remove RPS/XPS support from netifd core, move the logic to a hotplug
script that uses a different policy which provides better performance
and more fairness across flows
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Support config in the form of ....
add_list sendopts=router:10.10.10.2
add_list sendopts=nissrv:20.20.20.2
add_list sendopts=0x7D:abba
This allows to configure sendopts having white spaces as option value
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
With this, `mount -t efivarfs` is available and tools such as efitools
and efibootmgr will be usable.
Signed-off-by: Alif M. Ahmad <alive4ever@live.com>
[daniel@makrotopia.org: some whitespace fixes, match From: with SoB]
As each mvebu device only uses one of the firmwares provided by mwlwifi
package, it makes sense to put them in separate packages and only install
the one that is needed.
Current mwlwifi version's firmware sizes and usages by devices:
88W8864.bin 118776 caiman, mamba, cobra, shelby
88W8897.bin 489932 (none)
88W8964.bin 449420 rango
Changes by this commit:
* indicate in title that mwlwifi also is driver for 88W8897 and 88W8964
* remove mwlwifi package's firmware installation rules
* add 3 new individual firmware packages (all depends on kmod-mwlwifi):
- mwlwifi-firmware-88w8864
- mwlwifi-firmware-88w8897
- mwlwifi-firmware-88w8964
* add firmware package to mvebu devices' DEVICE_PACKAGES accordingly
Signed-off-by: Johnny S. Lee <_@jsl.io>
[Add the used FW files to the PACKAGES of default image]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Allow building perf on uncommon targets again.
Depending on the kernel version, not all of these archs will actually use
libunwind in perf. Still, it seems simpler and less error-prone to use the
same list that is defined in the libunwind package.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Works around two incompatiblities between glibc and (POSIX-compliant) musl:
- missing register definitions from asm/ptrace.h
- non-POSIX-compliant ucontext_t on PPC32 with glibc
Compile tested on mpc85xx.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Support configuration in the form...
list ip6prefix 2001:db8:1234::/64
list ip6prefix 2001:db8:5678::/64
... to allow specifying multiple additional IPv6 prefixes.
Implements feature request FS#1361.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
As indicated in #5574 samba fails to build with linker error due to lack
of talloc_* functions when the packet libtalloc also gets build.
According to Makefile it is compiled with "--without-libtalloc" option.
Running ./configure --help shows that there is another option connected
to libtalloc: --enable/disable-external-libtalloc.
Adding this option fixes build.
Signed-off-by: Jakub Tymejczyk <jakub@tymejczyk.pl>