Permalink
Commits on Dec 30, 2017
  1. iproute2: cake: fix patch format error

    Kevin Darbyshire-Bryant authored and mkresin committed Dec 30, 2017
    Fix patch format error introduced in c4e9487
    Refresh patches to tidy fuzz
    
    Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Commits on Dec 29, 2017
  1. kernel: bump 4.4 to 4.4.108 for 17.01

    Kevin Darbyshire-Bryant authored and blogic committed Dec 26, 2017
    Refresh patches.
    
    Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
  2. iproute2: cake: support new operating modes for 17.01

    Kevin Darbyshire-Bryant authored and blogic committed Dec 22, 2017
    There has been recent significant activity with the cake qdisc of late
    Some of that effort is related to upstreaming to kernel & iproute2
    mainline but we're not quite there yet.  This commit teaches tc how to
    activate and interprete the latest cake operating modes, namely:
    
    ingress mode: Instead of only counting packets that make it past the
    shaper, include packets we've decided to drop as well, since they did
    arrive with us on the link and took link capacity.
    This mode is more suitable for shaping the ingress of a link
    (e.g. from ISP) rather than the more normal egress.
    
    ack-filter/ack-filter-aggressive: Filter excessive TCP ACKS.  Useful in
    highly assymetric links (downstream v upstream capacity) where the
    majority of upstream link capacity is occupied with ACKS for downstream
    traffic.
    
    Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
  3. kmod-sched-cake: bump to latest bake of cake for 17.01

    Kevin Darbyshire-Bryant authored and blogic committed Dec 22, 2017
    There has been recent significant activity with the cake qdisc of late
    but in the cobalt branch.  Some of that effort is related to upstreaming
    to kernel & iproute2 mainline but we're not quite there yet.  Relevant
    feature changes:
    
    ingress mode: Instead of only counting packets that make it past the
    shaper, include packets we've decided to drop as well, since they did
    arrive with us on the link and took link capacity.
    This mode is more suitable for shaping the ingress of a link
    (e.g. from ISP) rather than the more normal egress.
    
    ptm mode: Minor optimisation in packet overhead calculation.
    
    dual-src/dsthost/triple-isolate: Optimise only calculating src or dst
    host hashes only if required.
    
    ack-filter/ack-filter-aggressive: Filter excessive TCP ACKS.  Useful in
    highly assymetric links (downstream v upstream capacity) where the
    majority of upstream link capacity is occupied with ACKS for downstream
    traffic.
    
    A separate iproute2 patch to teach it about Cake's new features will
    follow.
    
    Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
  4. ramips: fix widora neo diag led

    mkresin committed Dec 27, 2017
    The diag LED is named widora🍊wifi and can't be derived from the
    boardname.
    
    Signed-off-by: Mathias Kresin <dev@kresin.me>
  5. base-files: fix logic when to show failsafe banner

    NeoRaider committed Dec 29, 2017
    Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
    Fixes: 1c92998 ("base-files: set FAILSAFE in /etc/profile when
    /tmp/.failsafe exists")
  6. base-files: set FAILSAFE in /etc/profile when /tmp/.failsafe exists

    NeoRaider committed Dec 29, 2017
    Since dropbear clears the environment, FAILSAFE was not set as intended in
    failsafe mode.
    
    Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Commits on Dec 25, 2017
  1. wireguard: bump to 20171221

    Kevin Darbyshire-Bryant authored and dedeckeh committed Dec 23, 2017
    7e945a8 version: bump snapshot
    f2168aa compat: kernels < 3.13 modified genl_ops
    52004fd crypto: compile on UML
    6b69b65 wg-quick: dumber matching for default routes
    aa35d9d wg-quick: add the "Table" config option
    037c389 keygen-html: remove prebuilt file
    
    No patch refresh required.
    
    Compile-test-for: ar71xx
    Run-tested-on: ar71xx Archer C7 v2
    
    Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Commits on Dec 23, 2017
  1. kernel: bump 4.4 to 4.4.107

    bladeoner authored and mkresin committed Dec 21, 2017
    Bump 4.4 to 4.4.107 and refreshed all patches.
    Made the following patch for Mediatek and Oxnas compatible with kernel 4.4.107:
    0072-mtd-backport-v4.7-0day-patches-from-Boris.patch
    
    Compile-tested: ar71xx
    Run-tested: ar71xx
    
    Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
    Reviewed-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
    Tested-by: Rosen Penev <rosenp@gmail.com>
Commits on Dec 15, 2017
  1. wireguard: bump to 20171211

    Kevin Darbyshire-Bryant authored and dedeckeh committed Dec 12, 2017
    Bump to latest WireGuard snapshot release:
    
    44f8e4d version: bump snapshot
    bbe2f94 chacha20poly1305: wire up avx512vl for skylake-x
    679e53a chacha20: avx512vl implementation
    10b1232 poly1305: fix avx512f alignment bug
    5fce163 chacha20poly1305: cleaner generic code
    63a0031 blake2s-x86_64: fix spacing
    d2e13a8 global: add SPDX tags to all files
    d94f3dc chacha20-arm: fix with clang -fno-integrated-as.
    3004f6b poly1305: update x86-64 kernel to AVX512F only
    d452d86 tools: no need to put this on the stack
    0ff098f tools: remove undocumented unused syntax
    b1aa43c contrib: keygen-html for generating keys in the browser
    e35e45a kernel-tree: jury rig is the more common spelling
    210845c netlink: rename symbol to avoid clashes
    fcf568e device: clear last handshake timer on ifdown
    d698467 compat: fix 3.10 backport
    5342867 device: do not clear keys during sleep on Android
    88624d4 curve25519: explictly depend on AS_AVX
    c45ed55 compat: support RAP in assembly
    7f29cf9 curve25519: modularize dispatch
    
    Refresh patches.
    
    Compile-test-for: ar71xx
    Run-tested-on: ar71xx Archer C7 v2
    
    Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Commits on Dec 13, 2017
  1. brcm47xx: remove target specific network preinit config

    jow- committed May 17, 2017
    The generic preinit code is now able to setup network and switch vlan settings
    from the /etc/board.json file, therefor drop the target specific code.
    
    Fixes FS#790.
    
    Signed-off-by: Jo-Philipp Wich <jo@mein.io>
    (cherry picked from commit 833c500)
  2. rules.mk: export TMPDIR

    jow- committed Dec 12, 2017
    Set TMPDIR to the same value as the existing TMP_DIR variable in order to
    let gcc and various other utilities use the local temporary directory
    instead of the system-wide one.
    
    Signed-off-by: Jo-Philipp Wich <jo@mein.io>
    (cherry picked from commit 52a3477ff91a2009e451d5dce307e9cc945e9ffa)
  3. usbutils: Update usb.ids file to latest

    neheb authored and jow- committed Nov 22, 2017
    Signed-off-by: Rosen Penev <rosenp@gmail.com>
    (cherry picked from commit fc4e7bd)
  4. hostapd: remove unused local var declaration

    yogo1212 authored and jow- committed Nov 20, 2017
    Signed-off-by: Leon M. George <leon@georgemail.eu>
    (cherry picked from commit 6346291)
  5. hostapd: don't set htmode for wpa_supplicant

    yogo1212 authored and jow- committed Nov 20, 2017
    no longer supported
    
    Signed-off-by: Leon M. George <leon@georgemail.eu>
    (cherry picked from commit cc0847e)
  6. libnl-tiny: use fixed message size instead of using the page size

    nbd168 authored and jow- committed Nov 9, 2017
    Simplifies the code and reduces size
    
    Signed-off-by: Felix Fietkau <nbd@nbd.name>
    (cherry picked from commit d5bcd02)
  7. packages: nvram: fix memory leak in _nvram_free

    Kxuan authored and jow- committed Jul 11, 2017
    The value of nvram_tuple_t is allocated in _nvram_realloc,
    but it is not freed in _nvram_free.
    
    Signed-off-by: Zhai Zhaoxuan <zhaizhaoxuan@xiaomi.com>
    (cherry picked from commit c382237)
  8. mac80211: don't pass the hostapd ctrl iface in adhoc

    Antonio Quartulli authored and jow- committed Nov 9, 2012
    Passing the ctrl iface to wpa_supplicant will automatically cause wpa_supplicant
    to send "STOP_AP" messages to the hostapd. This breaks the AP interfaces.
    
    Signed-off-by: Antonio Quartulli <ordex@autistici.org>
    (cherry picked from commit 0da54fa)
  9. hostapd: explicitly set beacon interval for wpa_supplicant

    ecsv authored and jow- committed Nov 7, 2017
    The beacon_int is currently set explicitly for hostapd and when LEDE uses
    iw to join and IBSS/mesh. But it was not done when wpa_supplicant was used
    to join an encrypted IBSS or mesh.
    
    This configuration is required when an AP interface is configured together
    with an mesh interface. The beacon_int= line must therefore be re-added to
    the wpa_supplicant config. The value is retrieved from the the global
    variable.
    
    Fixes: 1a16cb9 ("mac80211, hostapd: always explicitly set beacon interval")
    Signed-off-by: Sven Eckelmann <sven@narfation.org>
    Signed-off-by: Felix Fietkau <nbd@nbd.name> [rebase]
    (cherry picked from commit 772afef)
  10. hostapd: set mcast_rate in mesh mode

    ecsv authored and jow- committed May 11, 2017
    The wpa_supplicant code for IBSS allows to set the mcast rate. It is
    recommended to increase this value from 1 or 6 Mbit/s to something higher
    when using a mesh protocol on top which uses the multicast packet loss as
    indicator for the link quality.
    
    This setting was unfortunately not applied for mesh mode. But it would be
    beneficial when wpa_supplicant would behave similar to IBSS mode and set
    this argument during mesh join like authsae already does. At least it is
    helpful for companies/projects which are currently switching to 802.11s
    (without mesh_fwding and with mesh_ttl set to 1) as replacement for IBSS
    because newer drivers seem to support 802.11s but not IBSS anymore.
    
    Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
    Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
    Signed-off-by: Felix Fietkau <nbd@nbd.name> [refresh]
    (cherry picked from commit 43f6694)
  11. igmpproxy: remove firewall rules when service is stopped

    dedeckeh authored and jow- committed Nov 13, 2017
    Remove multicast routing firewall rules when the igmpproxy is stopped by
    triggering a firewall config change.
    Keeping the firewall open from the wan for igmp and udp multicast is not
    desired when the igmpproxy service is inactive.
    
    Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
    (cherry picked from commit 31ebbe3)
  12. openvpn: add support to start/stop single instances

    sch-m authored and jow- committed Oct 9, 2017
    Signed-off-by: Martin Schiller <ms@dev.tdt.de>
    Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (PKG_RELEASE increase)
    (cherry picked from commit e2f25e6)
  13. package/elfutils: add CFLAG -Wno-format-nonliteral

    lynxis authored and jow- committed Aug 4, 2017
    When a library is using fortify-packages GCC will complain about
    "error: format not a string literal, argument types not checked".
    
    Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
    (cherry picked from commit 6ab4521)
  14. tools/coreutils: install readlink

    nbd168 authored and jow- committed Nov 9, 2017
    Parts of the build system use non-portable invocation of readlink
    
    Signed-off-by: Felix Fietkau <nbd@nbd.name>
    (cherry picked from commit 6bcc1c5)
  15. uhttpd: fix query string handling

    jow- committed Nov 6, 2017
    Update to latest Git in order to fix potential memory corruption and invalid
    memory access when handling query strings in conjunction with active basic
    authentication.
    
    a235636 2017-11-04 file: fix query string handling
    
    Signed-off-by: Jo-Philipp Wich <jo@mein.io>
    (cherry picked from commit 05a4200)
  16. openssl: fix cryptodev config dependency

    seragh authored and jow- committed Oct 22, 2017
    Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
    (cherry picked from commit f5468d2)
  17. uqmi: replace legacy command invoke with newer type

    xback authored and jow- committed Oct 24, 2017
    Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
    (cherry picked from commit 06d5d01)
  18. procd: Always tell cmake whether to include seccomp support or not

    wentasah authored and jow- committed Nov 3, 2017
    Without this change, when a user disables seccomp support in .config,
    procd does not get recompiled unless the package is cleaned manually.
    It is because when -D option is missing from cmake command line, cmake
    uses cached value from the previous run where seccomp was enabled.
    
    Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
    (cherry picked from commit 0e300a3)
  19. libunwind: disable building with ssp

    yousong authored and jow- committed Nov 6, 2017
    If we enable -fstack-protector while building libunwind, function
    __stack_chk_fail_local will be referred to for i386 and powerpc32
    arches.  This will cause link failure because the default gcc build
    specs says no link_ssp if -nostdlib is given.
    
    The error message:
    
        OpenWrt-libtool: link: ccache_cc -shared  -fPIC -DPIC  .libs/os-linux.o mi/.libs/init.o mi/.libs/flush_cache.o mi/.libs/mempool.o mi/.libs/strerror.o x86/.libs/is_fpreg.o x86/.libs/regname.o x86/.libs/Los-linux.o mi/.libs/backtrace.o mi/.libs/dyn-cancel.o mi/.libs/dyn-info-list.o mi/.libs/dyn-register.o mi/.libs/Ldyn-extract.o mi/.libs/Lfind_dynamic_proc_info.o mi/.libs/Lget_accessors.o mi/.libs/Lget_proc_info_by_ip.o mi/.libs/Lget_proc_name.o mi/.libs/Lput_dynamic_unwind_info.o mi/.libs/Ldestroy_addr_space.o mi/.libs/Lget_reg.o mi/.libs/Lset_reg.o mi/.libs/Lget_fpreg.o mi/.libs/Lset_fpreg.o mi/.libs/Lset_caching_policy.o x86/.libs/Lcreate_addr_space.o x86/.libs/Lget_save_loc.o x86/.libs/Lglobal.o x86/.libs/Linit.o x86/.libs/Linit_local.o x86/.libs/Linit_remote.o x86/.libs/Lget_proc_info.o x86/.libs/Lregs.o x86/.libs/Lresume.o x86/.libs/Lstep.o x86/.libs/getcontext-linux.o  -Wl,--whole-archive ./.libs/libunwind-dwarf-local.a ./.libs/libunwind-elf32.a -Wl,--no-whole-archive  -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/target-i386_i486_musl-1.1.16/usr/lib -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/target-i386_i486_musl-1.1.16/lib -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/toolchain-i386_i486_gcc-5.4.0_musl-1.1.16/usr/lib -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/toolchain-i386_i486_gcc-5.4.0_musl-1.1.16/lib -lc -lgcc  -Os -march=i486 -fstack-protector -Wl,-z -Wl,now -Wl,-z -Wl,relro -nostartfiles -nostdlib   -Wl,-soname -Wl,libunwind.so.8 -o .libs/libunwind.so.8.0.1
        .libs/os-linux.o: In function `_Ux86_get_elf_image':
        os-linux.c:(.text+0x588): undefined reference to `__stack_chk_fail_local'
        x86/.libs/Lregs.o: In function `_ULx86_access_fpreg':
        Lregs.c:(.text+0x25b): undefined reference to `__stack_chk_fail_local'
        x86/.libs/Lresume.o: In function `_ULx86_resume':
        Lresume.c:(.text+0xdc): undefined reference to `__stack_chk_fail_local'
        collect2: error: ld returned 1 exit status
        Makefile:2249: recipe for target 'libunwind.la' failed
    
    The snippet from gcc -dumpspecs
    
        %{!nostdlib:%{!nodefaultlibs:%(link_ssp) %(link_gcc_c_sequence)}}
    
    Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
    (cherry picked from commit f0c37f6)
  20. tools/squashfs: use host cflags

    nbd168 authored and jow- committed Oct 24, 2017
    Signed-off-by: Felix Fietkau <nbd@nbd.name>
    (cherry picked from commit 20d363a)
  21. ppp: make the patches apply correctly again

    hauke authored and jow- committed Oct 16, 2017
    This fixes a compile problem recently introduced by me.
    
    Fixes: f40fd43 ("ppp: fix compile warning")
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
    (cherry picked from commit a29848c)
  22. ppp: fix compile warning

    hauke authored and jow- committed Oct 15, 2017
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
    (cherry picked from commit f40fd43)
  23. dropbear: fix PKG_CONFIG_DEPENDS

    dedeckeh authored and jow- committed Oct 6, 2017
    Add CONFIG_DROPBEAR_UTMP, CONFIG_DROPBEAR_PUTUTLINE to PKG_CONFIG_DEPENDS
    
    Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
    (cherry picked from commit 834c93e)
  24. dropbear: make ssh compression support configurable

    marcin1j authored and jow- committed Jun 30, 2017
    Adds config option to enable compression support which is usefull
    when using a terminal sessions over a slow link. Impact on binary
    size is negligible but additional 60 kB (uncompressed) is needed for
    a shared zlib library.
    
    Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
    (cherry picked from commit a816e1e)
  25. procd: Install seccomp-trace symlink

    wentasah authored and jow- committed Sep 12, 2017
    Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
    (cherry picked from commit 1a5bf77)