Commit Graph

41015 Commits (eba3b028e46dbfe54f1208e9edf47bb0c6f73ac8)

Author SHA1 Message Date
Daniel Golle eba3b028e4 hostapd: update to git snapshot of 2018-03-26
The following patches were merged upstream:
000-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
 replaced by commit 0e3bd7ac6
001-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
 replaced by commit cb5132bb3
002-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
 replaced by commit 87e2db16b
003-Prevent-installation-of-an-all-zero-TK.patch
 replaced by commit 53bb18cc8
004-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
 replaced by commit 0adc9b28b
005-TDLS-Reject-TPK-TK-reconfiguration.patch
 replaced by commit ff89af96e
006-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
 replaced by commit adae51f8b
007-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
 replaced by commit 2a9c5217b
008-WPA-Extra-defense-against-PTK-reinstalls-in-4-way-ha.patch
 replaced by commit a00e946c1
009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch
 replaced by commit b488a1294
010-Optional-AP-side-workaround-for-key-reinstallation-a.patch
 replaced by commit 6f234c1e2
011-Additional-consistentcy-checks-for-PTK-component-len.patch
 replaced by commit a6ea66530
012-Clear-BSSID-information-in-supplicant-state-machine-.patch
 replaced by commit c0fe5f125
013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch
 replaced by commit 114f2830d

Some patches had to be modified to work with changed upstream source:
380-disable_ctrl_iface_mib.patch (adding more ifdef'ery)
plus some minor knits needed for other patches to apply which are not
worth being explicitely listed here.

For SAE key management in mesh mode, use the newly introduce
sae_password parameter instead of the psk parameter to also support
SAE keys which would fail the checks applied on the psk field (ie.
length and such). This fixes compatibility issues for users migrating
from authsae.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-03-27 19:25:32 +02:00
Hans Dedecker 9b92afa3aa uci: update to latest git HEAD
5d2bf09 uci: fix a potential use-after-free in uci_set()
3b3d63e list: only record ordering deltas if element position changed
4c4d343 cmake: Fix cli shared linking against ubox

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-03-27 13:49:49 +02:00
Felix Fietkau d290024c42 netifd: update to the latest version (fixes FS#1452)
9c8d781 netifd: return the interface for locally addressable host dependencies

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-27 11:33:51 +02:00
Felix Fietkau 905a3f249a build: include kmod-ipt-offload in default images
Netfilter flow offload has now started to become useful and suitable for
a wider testing audience. Configuring it via UCI is also integrated in
firewall3 by adding 'option flow_offloading 1' to the 'defaults'
section in /etc/config/firewall

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-27 08:26:41 +02:00
Felix Fietkau 83e1fce17a kernel: add kmod-sound-ens1371
This audio chip is provided as a virtual audio device by VMware

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-25 21:18:35 +02:00
Hans Dedecker 287f5ebd2f dnsmasq: improve init script portability (FS#1446)
Improve portability of init script by declaring resolvfile as local
in dnsmasq_stop function.
Fixes resolvfile being set for older busybox versions in dnsmasq_start
in a multi dnsmasq instance config when doing restart; this happens when
the last instance has a resolvfile configured while the first instance
being started has noresolv set to 1.

Base on a patch by "Phil"

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-03-24 18:50:45 +01:00
Fan Fan 8e1065d681 sunxi: add build for sopine
This will generate image for Pine64 Sopine board.

Signed-off-by: Fan Fan <fkpwolf@gmail.com>
2018-03-23 23:53:20 +01:00
Rosen Penev 43788a91fb ethtool: Update to 4.15.
Contains kernel 4.14 updates. Compile tested on mvebu.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-03-23 23:49:55 +01:00
Stijn Segers 41a881a8d9 Kernel: bump 4.14 to 4.14.29
Right patch version this time, sorry!

* Patch 180-usb-xhci-add-support-for-performing-fake-doorbell.patch had to be adjusted slightly because of upstream adapted code.
* Refreshed patches.

Compile-tested: ramips/mt7621, x86/64
Run-tested: ramips/mt7621, x86/64
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Rosen Penev <rosenp@gmail.com>
2018-03-23 23:49:55 +01:00
Kevin Darbyshire-Bryant 4a788fcf63 iproute2: cake: support new overhead reporting & stats structures
Cake in kernel space now splits stats structure handling across netlink
messages to reduce stack usage issue flagged by upstream kernel checks.
Update user space (tc) qdisc handling to understand this new regime.

Cake also reports packet overheads & compensation in a different way so
add display code for this. e.g.

'tc -s qdisc show dev eth0' reports this extra detail:

 min/max transport layer size:         28 /    1500
 min/max overhead-adjusted size:       65 /    1550
 average transport hdr offset:         14

Cake also supports output in JSON format.

Patch is bulkier than before because a (slightly out of date - see above
stats) man page is included for reference. Better than nothing!

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-03-23 22:08:22 +01:00
Kevin Darbyshire-Bryant c9154c270a kmod-sched-cake: split stats structures, add overhead stats
Relevant changes:

0afc1be Fixes for kernel 4.16
d2d6780 Reinitialise overhead compensation stats when reconfiguring.
a3bab9d Export overhead compensation stats to userspace.
9cd2fa8 Split tin stats to its own structure to decrease size of tc_cake_xstats
71c7b44 Gather more statistics about packet length transformations.
0517357 Rework overhead compensation to use dynamic transport header offset instead of (inaccurate) static one.
c1a0c8e Refactor length handling code to better centralise overhead calculations

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-03-23 22:08:22 +01:00
Hauke Mehrtens dd8bf0cf64 ath10k-ct: fix module depends
PKG_EXTMOD_SUBDIRS should be set to the sub directory where the kernel
module gets build in, for the ath10k-ct driver this changed in commit
3888e77c1c from ath10k to ath10k-4.13. Without this fix the depends
line of the ath10*.ko modules is empty and the kernel module load system
will not automatically load the depended modules like mac80211.

Fixes: 3888e77c1c ("ath10k-ct driver: use dma_alloc_coherent, 4.13 based driver")
Fixes: 23a388fe41 ("ath10k-ct: Force loading mac80211 and ath modules.")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-23 22:08:22 +01:00
Ben Greear d15b09aab8 ath10k-ct: Add htt-mgt variants of ath10k-ct firmware.
The HTT-MGT variants transport management frames over the
normal HTT tx path, just like data frames.  This saves
limitted WMI buffers which can become depleted if lots of
management frames become stuck in TX queues due to peer
that went away.

In addition, at least for the wave-1 firmware, htt-mgt is
required in order for 802.11r (fast roaming) authentication
to function properly.

The htt-mgt firmware requires the use of the ath10k-ct
driver.  Normal non-htt-mgt ath10k-ct firmware should work
with stock drivers.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-03-23 22:08:22 +01:00
Ben Greear 545a561785 ath10k-ct: Update wave-1 and wave-2 firmware to latest.
This updates to latest ath10k-ct firmware.  Hopefully we are
at the end of the development cycle for this firmware release,
so these should be stable.

wave-1 changes since last release:

Release 20

  *  Allow flushing peer when deleting.  Hopefully this will allow the
     peer delete command to happen in a reasonable amount of time even
     if the RF environment is busy (or peer has died).
     To enable this, set the high flag in the mac-addr second word in the
     ath10k driver near end of the ath10k_wmi_op_gen_peer_delete method:

     cmd->peer_macaddr.word1 |= __cpu_to_le32(0x80000000);

  *  Attempt to fix crash seen in resmgr-ocs, appearantly due to list corruption.
     Use a temporary list instead of trying to rely on for-each-safe.

  *  Add flag to tx-descriptor to allow driver to request no-ack on data
     frames.  This is bit 15 on the flag1 field (previously un-used).

  *  Add option to support specifying the tx-rate-code and retry count on
     a per-packet basis.  Only a single series is supported at this time.
     Useful mainly for radiotap monitor-tx type testing at this point.

  *  Fix crash on startup when chip is at -40 deg C and calibration fails.  Instead
     of asserting, just keep retrying calibration, which appears to start working
     after a few minutes (when the chip warms up).

  *  Allow reporting per-chain rssi for management frames.  We pack the values into
     empty space in the mgt-frame wmi header.  This will only be enabled if the driver
     requests it, since otherwise the driver is assumed to not understand the new API.
     ath10k-ct drivers that support this feature will automatically enable it.

  *  A customer reports a case that appears to be the hardware not properly detecting
     end of AMPDU, so frames were being mis-delivered to the wrong peer.  Attempt to
     work around this, and in doing so, clean up a bunch of void* abuse in the block-ack
     reordering code (could not ever confirm there was a problem in this area).

  *  Re-work the rx-mem logic to be less complicated and to use less memory.

  *  Attempt to fix crash that appearanty happens because the driver can sometimes
     delete a vdev in 'up' state.

  *  Attempt to fix hung scan state machine issues.

  *  Fix crash in tx path due to un-initialized memory.

wave-2 changes since last release:

Release 10

  *  Fix an assert related to tx scheduling.  This hopefully fixes
     what appears to be a regression that I added some time back.

  *  Enable CSI reporting for 9984, and maybe 9888/9886.  Only in
     non-trimmed builds.

  *  Other stability improvements, including regression fixes from
     some tricky bugs introduced in earlier releases.

  *  Allow compiling for IPQ4019 chipset.

  *  Firmware will now send txbf frames to the host (driver) if the
     TXBF (0xF00000001) set-special feature is enabled, or when the radio
     is in monitor mode.  But, if the frame is consumed by the txbf_cv
     logic, then the pkt cannot be delivered to the host in this manner.  Instead,
     a WMI event will be sent and host can find the txbf_cv data in shared
     memory.  See ath10k_wmi_event_txbf_cv_mesg() in ath10k-ct driver.

  *  Support rx-all-mgt option.  When enabled, the firmware will deliver all
     management frames that it can to the host.  No RX filters are changed
     when this option is enabled.

  *  Fix at least some problems with sending tx-beamforming frames to SU-MIMO
     peers.  Looks like this was a regression in my code.

  *  Fix a crash in rate-ctrl due to nss mismatch.  This was something I introduced
     while trying to fix other bugs in rate-ctrl some time back.

  *  Attempt to fix a sw-peer-key object leak in IBSS mode.  The peer key code
     is very complex, and shares some pointers as union members.  I think I fixed
     at least some of the issues, but would not be surprised if more exist.

  *  Improve ath10k user guide to document CT firmware features:
     https://www.candelatech.com/ath10k-ug.php

  *  Add ct-special option to configure the txbf sounding time.  See ath10k-ug.php

  *  Fix and allow the driver to tell the firmware to send sounding frames.  See ath10k-ug.php
     In further testing, this seems to fail much of the time, and I am not sure why.
     Disabling this in diet (trimmed) builds.

  *  Fix crashes related to deleting peers while they are in power-save mode.  Reported
     by LEDE user on r7800 with 9984 NIC.
  *  Make rate-ctrl txbf probe work better.  If enabled, the rate-ctrl logic will periodically
     send out probes at an NSS that can to txbf.  Previously, txbf probes would not reliably happen
     if both AP and peer had the same nss (ie, 2x2 talking to 2x2).  To enable this feature, you
     need to enable the fwtest-cmdid number 20.

  *  Report rx-timeout error counters.  These were previously un-reported, though the
     field existed in the wmi struct already.

  *  txbf:  Ignore frames not destined for us.  If NIC is in promisc mode, it
     could acquire and process NDPA frames that were not destined for it.  Check
     the dest-MAC and ignore frames not for us (pass them up the stack for monitor
     mode instead of save them in the peer's rate-ctrl logic.)

  *  Port ping-pong crash handling and othe related features to IPQ4019 target.  It should
     now act similar to 9984 in this regard.

  *  Fix a few asserts related to txbf and tx-seq logic.

  *  Add custom-stats support, for rx-reorder-stats.  Similar to what I did for wave-1.

  *  Disable AMSDU for IBSS.  This now matches what I did for peregrine.  It seems to
     work better this way, though I did not debug it in detail.

  *  Enable the set-special command to re-enable AMSDU for IBSS if user wants to experiment.

  *  Fix bug where dbglog did not disable IRQs, so if you made dbglog messages from the IRQ
     handler, it could cause corruption that could crash the firmware and/or corrupt the log
     message buffers.

  *  Don't assert if there are no buffer descriptors for RX of non-data frame.

  *  Retry any stuck block-ack sessions every 20 seconds instead of just disabling BA for
     ever when we get too many failures.

  *  Fix SGI flag when reporting tx-rate info.  The flag moved since wave-1 days, and
     I did not notice that when I ported my changes forward to wave-2.

  *  Allow disabling special CCA handling for IBSS txqs.  Earlier testing indicated this
     might improve throughput in some testing on 9984 chips in IBSS mode, but subsequent
     testing looks about the same without it.  Since I do not really understand what this
     setting exists for, leave it at upstream defaults.  A new set-special API command (0x12)
     can be used to enable this hack for testing.  Setting 0x1 bit disables special CCA handling
     for non-beacon IBSS txqs, setting 0x2 bit disables it for beacon queues as well.

  *  Add MCAST-BCAST feature flag.  This tells driver we do not need a monitor interface
     to do MESH.

  *  When calculating the rx-address filter (affects ACK & BLOCK-ACK, among other things),
     to not add in monitor interfaces if other interfaces are up.  There is no need for
     a monitor device to ACK frames.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-03-23 22:08:22 +01:00
Ben Greear 5eb2b99b15 ath10k-ct: Update driver to latest.
Among other things, this will check for an htt-mgt variant of
ath10k-ct firmware before loading 'normal' firmware, and it disables
verbose printing of firmware DBGLOG messages by default.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-03-23 22:08:22 +01:00
Ben Greear 375be15429 ath10k-ct: Update DEPENDS and PROVIDES
Update DEPENDS and PROVIDES so that ath10k-ct firmware
and drivers can be used to replace stock firmware
and drivers.  The -htt firmware variant, which requires
ath10k-ct driver now selects ath10k-ct driver when the
firmware is selected.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-03-23 22:08:22 +01:00
Felix Fietkau 5f7d134454 libubox: update to the latest version
3aad294 libubox: Plug a small memory leak.
eebe3fc utils: use constant byte-order conversion

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 20:56:34 +01:00
Felix Fietkau a276002079 ramips: remove dead (and potentially crashy) code in mt7621 gsw init
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 20:56:34 +01:00
Felix Fietkau 147b679891 ramips: rename ethernet priv->device field to dev to match upstream
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 20:56:34 +01:00
Felix Fietkau c89e338fe6 kernel: netfilter: fix dst entries in flowtable offload
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 20:56:34 +01:00
Felix Fietkau db108cdf14 kernel: fix crash in flow offload when removing net devices
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 20:56:34 +01:00
Felix Fietkau 2c7b0e9f31 kernel: flow-offload: only offload connections that have been fully established
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 20:56:34 +01:00
Mathias Kresin af3a9566fe lantiq: intel-xway: add vr9 v1.1 phy support
During upstreaming the intel phy driver, support for the vr9 v1.1
embedded phys got lost. Backport the upstream send patch adding support
for the vr9 v1.1 embbeded phys to the driver.

Signed-off-by: Mathias Kresin <dev@kresin.me>

cosmetic fixes

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-03-23 20:31:49 +01:00
INAGAKI Hiroshi e3bf92edf5 ramips: fix switch and MAC address for WHR-G300N
WHR-G300N has 5 ethernet ports (lan: 4, wan: 1), but there was no
correct configuration in 02_network script and 6 ports was configured
on the switch.
Also, since the MAC address was not acquired from factory partition,
incorrect values was set to LAN and WAN interfaces.

This commit fixes these issues.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2018-03-23 20:31:49 +01:00
Sven Eckelmann 7004f681cd ipq40xx: Add reserved memory for WPJ428
The APPSBL and anything after that it not allowed to touch some of the
memory regions which are used by other components. Still trying to write to
the memory can lead to sudden device restarts

  (IPQ40xx) # mw 87e80000 0
  data abort
  pc : [<873149f8>]          lr : [<87308578>]
  sp : 86edfc28  ip : 86ef4412     fp : 00000000
  r10: 00000000  r9 : 00000000     r8 : 86edff68
  r7 : 00000003  r6 : 8737e624     r5 : 86ef4420  r4 : 8736c154
  r3 : 00000000  r2 : 00000010     r1 : 00000000  r0 : 00000000
  Flags: nZCv  IRQs off  FIQs off  Mode SVC_32
  Resetting CPU ...

The device manufacturer only provided a very rough list of regions:

* rsvd1:     0x87000000 0x500000
* wifi_dump: 0x87500000 0x600000
* rsvd2:     0x87b00000 0x500000

A more detailed list for devices using the AP.DK reference design memory
maps was provided by Roman Yeryomin <roman@advem.lv> in commit 56f2df879fd
("ipq806x: ipq4019: add ap-dk01.1-c1 board support"):

* apps_bl:          0x87000000 0x400000
* sbl:              0x87400000 0x100000
* cnss_debug:       0x87500000 0x600000
* cpu_context_dump: 0x87b00000 0x080000
* tz_apps:          0x87b80000 0x280000
* smem:             0x87e00000 0x080000
* tz:               0x87e80000 0x180000

The u-boot function ipq_fdt_mem_rsvd_fixup seems to suggest that only the
rsvd2 (tz_apps, smem, tz) should be protected. All other regions would have
been removed by it when CONFIG_QCA_APPSBL_DLOAD is not enabled. This allows
to reduce the 16MB reserved memory region to only 4.5MB.

Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
2018-03-23 20:31:49 +01:00
Sven Eckelmann 71ed9f10a3 ipq40xx: Use detailed reserved memory for A42
The APPSBL and anything after that it not allowed to touch some of the
memory regions which are used by other components. Still trying to write to
the memory can lead to sudden device restarts

  (IPQ40xx) # mw 87e80000 0
  data abort
  pc : [<873149f8>]          lr : [<87308578>]
  sp : 86edfc28  ip : 86ef4412     fp : 00000000
  r10: 00000000  r9 : 00000000     r8 : 86edff68
  r7 : 00000003  r6 : 8737e624     r5 : 86ef4420  r4 : 8736c154
  r3 : 00000000  r2 : 00000010     r1 : 00000000  r0 : 00000000
  Flags: nZCv  IRQs off  FIQs off  Mode SVC_32
  Resetting CPU ...

The device manufacturer only provided a very rough list of regions:

* rsvd1:     0x87000000 0x500000
* wifi_dump: 0x87500000 0x600000
* rsvd2:     0x87b00000 0x500000

A more detailed list for devices using the AP.DK reference design memory
maps was provided by Roman Yeryomin <roman@advem.lv> in commit 56f2df879fd
("ipq806x: ipq4019: add ap-dk01.1-c1 board support"):

* apps_bl:          0x87000000 0x400000
* sbl:              0x87400000 0x100000
* cnss_debug:       0x87500000 0x600000
* cpu_context_dump: 0x87b00000 0x080000
* tz_apps:          0x87b80000 0x280000
* smem:             0x87e00000 0x080000
* tz:               0x87e80000 0x180000

The u-boot function ipq_fdt_mem_rsvd_fixup seems to suggest that only the
rsvd2 (tz_apps, smem, tz) should be protected. All other regions would have
been removed by it when CONFIG_QCA_APPSBL_DLOAD is not enabled. This allows
to reduce the 16MB reserved memory region to only 4.5MB.

Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
2018-03-23 20:31:49 +01:00
Sven Eckelmann 1fcd625c0a ipq40xx: Remove phy reset gpio from Cisco Meraki MR33
There is currently no code to read the phy reset gpios for the ethernet
PHY. It would also have been better to use the more common name
"phy-reset-gpios" for this property.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2018-03-23 20:31:49 +01:00
Sven Eckelmann 7a8017b0ae ipq40xx: Adjust SoC name of AVM Fritz!Box 4040
The AVM Fritz!Box 4040 uses an IPQ4018 as SoC and not an IPQ4019. The DTS
must be adjusted to reflect this.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2018-03-23 20:31:49 +01:00
Sven Eckelmann 9ca81646b9 ipq40xx: Use constant to set gpio active low/high
The GPIO configuration in the DTS have as third parameter the active
low/high configuration. This parameter is not easy to parse by humans when
it is only set to 0/1. It is better to use the predefined constants
GPIO_ACTIVE_HIGH and GPIO_ACTIVE_LOW.

Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
2018-03-23 20:31:49 +01:00
Sven Eckelmann 688ae1c4c0 ipq40xx: Fix DTS status parameter values
The "Devicetree Specification, Release v0.2 - 2.3.4 status" [1] only allows
the "okay" value for an operational device. The "ok" value will be accepted
by the kernel but should be avoided.

Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
2018-03-23 20:31:49 +01:00
Sven Eckelmann 6b456d1014 ipq40xx: Provide prefered DTS config name for A42
The OpenMesh A42 will use the default config entry in the FIT when no other
on is found but prefers the config@om.a42. This only becomes relevant when
a Multi-FIT image is prepared for this device.

Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
2018-03-23 20:31:49 +01:00
Sven Eckelmann 8bc373f8f4 ipq40xx: Remove SUPPORTED_DEVICES for A42
The SUPPORTED_DEVICES will be defined automatically via Device/Default in
ipq40xx.

Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
2018-03-23 20:31:49 +01:00
Felix Fietkau 99d511dcd3 kernel: fix offloading connections with SNAT + DNAT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 19:16:23 +01:00
Felix Fietkau 48d17551b6 kernel: fix flow offload UDP handling issue
Only run the TCP state check for TCP connections

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 19:16:12 +01:00
Hans Dedecker 02fba1a181 busybox: drop providing virtual package ip
Drop providing the virtual package ip by busybox which was added in commit
1cec4d4ef0.

Letting busybox provide the virtual package ip is not optimal for the
following reasons :

	- Applications depending on ip expect either the ip-full or
	  ip-tiny package to be enabled.
	- Busybox ip applet cannot be added or removed at runtime

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-03-22 21:54:20 +01:00
Hans Dedecker 0f30f56e38 firewall: update to latest git HEAD
5cdf15e helpers.conf: add CT rtsp helper
d5923f1 Reword rule comments
c1a295a defaults: add support for xt_FLOWOFFLOAD rule
41c2ab5 ipsets: add support for specifying entries

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-03-22 13:29:22 +01:00
Ben Greear 8bb9f8dd47 ath10k-firmware: Support CT IPQ4019 firmware.
Initial beta release of the CT IPQ4019 firmware.  Features are
similar to the CT 9984 firmware

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-03-22 09:09:55 +01:00
Ben Greear 23a388fe41 ath10k-ct: Force loading mac80211 and ath modules.
They are not automatically loaded on IPQ4019 (at least) machines
for some reason.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-03-22 09:09:54 +01:00
Ben Greear d0f3dd5b9f ath10k-ct: update to latest version, enable AHB.
The driver updates include:

ath10k driver backport to fix WPA 'pn' related security bugs
(4.13 based driver only currently),
a fix for off-channel TX for CT wave-1 firmware, a likely
fix for napi related crashes, and a backport of the firmware fetch
patch.

AHB is needed for the IPQ4019 platform radios.

Signed-off-by: Ben Greear <greearb@candelatech.com>
[use common subject format]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-22 09:09:54 +01:00
Zoltan HERPAI 3db9d6e57d intel-microcode: update to 20180312
- Update microcode for 24 CPU types
- Implements IBRS/IBPB/STIPB support, Spectre-v2 mitigation for:
  Sandybridge, Ivy Bridge, Haswell, Broadwell, Skylake, Kaby Lake,
  Coffee Lake
- Missing production updates:
   - Broadwell-E/EX Xeons (sig 0x406f1)
   - Anniedale/Morefield, Apollo Lake, Avoton, Cherry Trail, Braswell,
     Gemini Lake, Denverton
- New Microcodes:
   - sig 0x00050653, pf_mask 0x97, 2018-01-29, rev 0x1000140
   - sig 0x00050665, pf_mask 0x10, 2018-01-22, rev 0xe000009

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2018-03-21 23:24:09 +01:00
Zoltan HERPAI ed369e0481 uboot-sunxi: refresh patches
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2018-03-21 17:08:35 +01:00
Hauke Mehrtens 367ee3274d uboot-sunxi: fix build by adding comparabilities for old dtc
We use the dtc from the kernel and that does not have all the options
which u-boot would like to use now. make these parameters optional.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
[wigyori@uid0.hu: renamed to 221-compatible-old-dtc.patch from 220-]
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2018-03-21 17:08:19 +01:00
Zoltan HERPAI 7e1e29de75 uboot-sunxi: bump again to 2017.11
Runtime-tested on:
 - Pine64 (A64)
 - Orange Pi 2 (H3)
 - Bananapro (A20)
 - Olimex A20-Micro (A20)
 - Pcduino v3 (A20)
 - Pcduino v2 (A10)

Compile-tested on:
 - all A8/A7/A53 boards

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2018-03-21 17:07:06 +01:00
Rafał Miłecki bfc6514e94 kernel: b53: fix compilation on BCM47XX
This fixes:
drivers/net/phy/b53/b53_priv.h:325:2: error: enumeration value '<board>' not handled in switch [-Werror=switch]
errors.

Fixes: 0de2213eea ("kernel: b53: look for NVRAM's "robo_reset" entry on every platform")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-03-21 10:54:14 +01:00
Rafał Miłecki 0f1a1489a6 mac80211: backport brcmfmac fixes from 4.16
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-03-21 08:36:14 +01:00
Rafał Miłecki 0de2213eea kernel: b53: look for NVRAM's "robo_reset" entry on every platform
Since kernel 4.1 bcm47xx_nvram_gpio_pin() is now defined in a global
header and can be safely called even on non-Broadcom platforms.

This change makes b53 look for "robo_reset" on ARCH_BCM_5301X and
slightly simplifies the code.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-03-21 06:56:43 +01:00
Paul Wassi 6fe9277d0c kirkwood: fix initramfs boot warning on iconnect
The chosen dts configuration linux,initrd-* gives an error message
on bootup of kirkwood-iconnect. Since initramfs/initrd is not used
remove these options from the dts.

Reported-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Tested-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2018-03-20 21:45:27 +01:00
Paul Wassi e0d4ad7127 kirkwood: switch to kernel 4.14
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2018-03-20 21:45:27 +01:00
Paul Wassi 1447784a8c kirkwood: add kernel 4.14 support
Add patches for 4.14, undoing upstream changes for Linksys devices
regarding DSA. Instead, the switchdev driver marvell,88e6171 is used.

Tested-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Tested-by: Alberto Bursi <alberto.bursi@outlook.it>
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2018-03-20 21:45:27 +01:00
Paul Wassi f21cd96400 uboot-kirkwood: update to 2018.03
U-Boot now requires GCC > 5

Catch up with upstream and move some configuration options from
the header files to the corresponding defconfig files.
Also move some options of patch 010 affecting the whole platform
to 010's device only.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2018-03-20 21:45:27 +01:00