1. 18 Dec, 2018 40 commits
    • Koen Vandeputte's avatar
      kernel: bump 4.14 to 4.14.89 · 7b0e1d28
      Koen Vandeputte authored
      
      
      Refreshed all patches.
      
      Compile-tested on: cns3xxx, imx6
      Runtime-tested on: cns3xxx, imx6
      Signed-off-by: default avatarKoen Vandeputte <koen.vandeputte@ncentric.com>
      7b0e1d28
    • Koen Vandeputte's avatar
      kernel: bump 4.9 to 4.9.146 · 386a57dc
      Koen Vandeputte authored
      
      
      Refreshed all patches.
      
      Compile-tested on: ar71xx
      Runtime-tested on: ar71xx
      Signed-off-by: default avatarKoen Vandeputte <koen.vandeputte@ncentric.com>
      386a57dc
    • Hauke Mehrtens's avatar
      kernel: Activate VDSO on MIPS again · 217219ee
      Hauke Mehrtens authored
      
      
      The cache coloring problem on MIPS CPUs was fixed with kernel 4.9.129 of
      the kernel 4.9 branch. Activate VDSO support for MIPS again.
      Signed-off-by: default avatarHauke Mehrtens <hauke@hauke-m.de>
      (backported from 91a71804)
      217219ee
    • Kevin Darbyshire-Bryant's avatar
      wireguard: bump to 0.0.20180925 · fbce3020
      Kevin Darbyshire-Bryant authored
      
      
      33523a5 version: bump snapshot
      0759480 curve25519-hacl64: reduce stack usage under KASAN
      b9ab0fc chacha20: add bounds checking to selftests
      2e99d19 chacha20-mips32r2: reduce stack and branches in loop, refactor jumptable handling
      d6ac367 qemu: bump musl
      28d8b7e crypto: make constant naming scheme consistent
      56c4ea9 hchacha20: keep in native endian in words
      0c3c0bc chacha20-arm: remove unused preambles
      3dcd246 chacha20-arm: updated scalar code from Andy
      6b9d5ca poly1305-mips64: remove useless preprocessor error
      3ff3990 crypto-arm: rework KERNEL_MODE_NEON handling again
      dd2f91e crypto: flatten out makefile
      67a3cfb curve25519-fiat32: work around m68k compiler stack frame bug
      9aa2943 allowedips: work around kasan stack frame bug in selftest
      317b318 chacha20-arm: use new scalar implementation
      b715e3b crypto-arm: rework KERNEL_MODE_NEON handling
      77b07d9 global: reduce stack frame size
      ddc2bd6 chacha20: add chunked selftest and test sliding alignments and hchacha20
      2eead02 chacha20-mips32r2: reduce jumptable entry size and stack usage
      a0ac620 chacha20-mips32r2: use simpler calling convention
      09247c0 chacha20-arm: go with Ard's version to optimize for Cortex-A7
      a329e0a chacha20-mips32r2: remove reorder directives
      3b22533 chacha20-mips32r2: fix typo to allow reorder again
      d4ac6bb poly1305-mips32r2: remove all reorder directives
      197a30c global: put SPDX identifier on its own line
      305806d ratelimiter: disable selftest with KASAN
      4e06236 crypto: do not waste space on selftest items
      5e0fd08 netlink: reverse my christmas trees
      a61ea8b crypto: explicitly dual license
      b161aff poly1305: account for simd being toggled off midway
      470a0c5 allowedips: change from BUG_ON to WARN_ON
      aa9e090 chacha20: prefer crypto_xor_cpy to avoid memmove
      1b0adf5 poly1305: no need to trick gcc 8.1
      a849803 blake2s: simplify final function
      073f3d1 poly1305: better module description
      Signed-off-by: default avatarKevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
      (backported from 37961f12)
      fbce3020
    • Jason A. Donenfeld's avatar
      wireguard: bump to 0.0.20180918 · 113dadc6
      Jason A. Donenfeld authored
      
      
      * blake2s-x86_64: fix whitespace errors
      * crypto: do not use compound literals in selftests
      * crypto: make sure UML is properly disabled
      * kconfig: make NEON depend on CPU_V7
      * poly1305: rename finish to final
      * chacha20: add constant for words in block
      * curve25519-x86_64: remove useless define
      * poly1305: precompute 5*r in init instead of blocks
      * chacha20-arm: swap scalar and neon functions
      * simd: add __must_check annotation
      * poly1305: do not require simd context for arch
      * chacha20-x86_64: cascade down implementations
      * crypto: pass simd by reference
      * chacha20-x86_64: don't activate simd for small blocks
      * poly1305-x86_64: don't activate simd for small blocks
      * crypto: do not use -include trick
      * crypto: turn Zinc into individual modules
      * chacha20poly1305: relax simd between sg chunks
      * chacha20-x86_64: more limited cascade
      * crypto: allow for disabling simd in zinc modules
      * poly1305-x86_64: show full struct for state
      * chacha20-x86_64: use correct cut off for avx512-vl
      * curve25519-arm: only compile if symbols will be used
      * chacha20poly1305: add __init to selftest helper functions
      * chacha20: add independent self test
      
      Tons of improvements all around the board to our cryptography library,
      including some performance boosts with how we handle SIMD for small packets.
      
      * send/receive: reduce number of sg entries
      
      This quells a powerpc stack usage warning.
      
      * global: remove non-essential inline annotations
      
      We now allow the compiler to determine whether or not to inline certain
      functions, while still manually choosing so for a few performance-critical
      sections.
      Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
      (backported from f07a94da)
      113dadc6
    • Jason A. Donenfeld's avatar
      wireguard: bump to 0.0.20180910 · 9f9f8db1
      Jason A. Donenfeld authored
      
      
      * curve25519: arm: do not modify sp directly
      * compat: support neon.h on old kernels
      * compat: arch-namespace certain includes
      * compat: move simd.h from crypto to compat since it's going upstream
      
      This fixes a decent amount of compat breakage and thumb2-mode breakage
      introduced by our move to Zinc.
      
      * crypto: use CRYPTOGAMS license
      
      Rather than using code from OpenSSL, use code directly from AndyP.
      
      * poly1305: rewrite self tests from scratch
      * poly1305: switch to donna
      
      This makes our C Poly1305 implementation a bit more intensely tested and also
      faster, especially on 64-bit systems. It also sets the stage for moving to a
      HACL* implementation when that's ready.
      Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
      (backported from a54f492d)
      9f9f8db1
    • Jason A. Donenfeld's avatar
      wireguard: bump to 0.0.20180904 · 686f7072
      Jason A. Donenfeld authored
      
      
      * Kconfig: use new-style help marker
      * global: run through clang-format
      * uapi: reformat
      * global: satisfy check_patch.pl errors
      * global: prefer sizeof(*pointer) when possible
      * global: always find OOM unlikely
      
      Tons of style cleanups.
      
      * crypto: use unaligned helpers
      
      We now avoid unaligned accesses for generic users of the crypto API.
      
      * crypto: import zinc
      
      More style cleanups and a rearrangement of the crypto routines to fit how this
      is going to work upstream. This required some fairly big changes to our build
      system, so there may be some build errors we'll have to address in subsequent
      snapshots.
      
      * compat: rng_is_initialized made it into 4.19
      
      We therefore don't need it in the compat layer anymore.
      
      * curve25519-hacl64: use formally verified C for comparisons
      
      The previous code had been proved in Z3, but this new code from upstream
      KreMLin is directly generated from the F*, which is preferable. The
      assembly generated is identical.
      
      * curve25519-x86_64: let the compiler decide when/how to load constants
      
      Small performance boost.
      
      * curve25519-arm: reformat
      * curve25519-arm: cleanups from lkml
      * curve25519-arm: add spaces after commas
      * curve25519-arm: use ordinary prolog and epilogue
      * curve25519-arm: do not waste 32 bytes of stack
      * curve25519-arm: prefix immediates with #
      
      This incorporates ASM nits from upstream review.
      Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
      (backported from 4ccbe7de)
      686f7072
    • Jason A. Donenfeld's avatar
      wireguard: bump to 0.0.20180809 · b9202858
      Jason A. Donenfeld authored
      
      
      * send: switch handshake stamp to an atomic
      
      Rather than abusing the handshake lock, we're much better off just using
      a boring atomic64 for this. It's simpler and performs better. Also, while
      we're at it, we set the handshake stamp both before and after the
      calculations, in case the calculations block for a really long time waiting
      for the RNG to initialize.
      
      * compat: better atomic acquire/release backport
      
      This should fix compilation and correctness on several platforms.
      
      * crypto: move simd context to specific type
      
      This was a suggestion from Andy Lutomirski on LKML.
      
      * chacha20poly1305: selftest: use arrays for test vectors
      
      We no longer have lines so long that they're rejected by SMTP servers.
      
      * qemu: add easy git harness
      
      This makes it a bit easier to use our qemu harness for testing our mainline
      integration tree.
      
      * curve25519-x86_64: avoid use of r12
      
      This causes problems with RAP and KERNEXEC for PaX, as r12 is a
      reserved register.
      
      * chacha20: use memmove in case buffers overlap
      
      A small correctness fix that we never actually hit in WireGuard but is
      important especially for moving this into a general purpose library.
      
      * curve25519-hacl64: simplify u64_eq_mask
      * curve25519-hacl64: correct u64_gte_mask
      
      Two bitmath fixes from Samuel, which come complete with a z3 script proving
      their correctness.
      
      * timers: include header in right file
      
      This fixes compilation in some environments.
      
      * netlink: don't start over iteration on multipart non-first allowedips
      
      Matt Layher found a bug where a netlink dump of peers would never terminate in
      some circumstances, causing wg(8) to keep trying forever. We now have a fix as
      well as a unit test to mitigate this, and we'll be looking to create a fuzzer
      out of Matt's nice library.
      Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
      (backported from 42dc0e25)
      b9202858
    • Jason A. Donenfeld's avatar
      wireguard: bump to 0.0.20180802 · 4e165fbc
      Jason A. Donenfeld authored
      Changelog taken from the version announcement
      
      > == Changes ==
      >
      >   * chacha20poly1305: selftest: split up test vector constants
      >
      >   The test vectors are encoded as long strings -- really long strings -- and
      >   apparently RFC821 doesn't like lines longer than 998.
      >   https://cr.yp.to/smtp/message.html
      
      
      >
      >   * queueing: keep reference to peer after setting atomic state bit
      >
      >   This fixes a regression introduced when preparing the LKML submission.
      >
      >   * allowedips: prevent double read in kref
      >   * allowedips: avoid window of disappeared peer
      >   * hashtables: document immediate zeroing semantics
      >   * peer: ensure resources are freed when creation fails
      >   * queueing: document double-adding and reference conditions
      >   * queueing: ensure strictly ordered loads and stores
      >   * cookie: returned keypair might disappear if rcu lock not held
      >   * noise: free peer references on failure
      >   * peer: ensure destruction doesn't race
      >
      >   Various fixes, as well as lots of code comment documentation, for a
      >   small variety of the less obvious aspects of object lifecycles,
      >   focused on correctness.
      >
      >   * allowedips: free root inside of RCU callback
      >   * allowedips: use different macro names so as to avoid confusion
      >
      >   These incorporate two suggestions from LKML.
      >
      > This snapshot contains commits from: Jason A. Donenfeld and Jann Horn.
      Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
      Signed-off-by: default avatarYousong Zhou <yszhou4tech@gmail.com>
      (backported from 68e2ebe6)
      4e165fbc
    • Rosy Song's avatar
      iptables: fix dependency for libip6tc on IPV6 · b3cc304e
      Rosy Song authored
      
      Signed-off-by: default avatarRosy Song <rosysong@rosinson.com>
      (backported from 2dc1f54b)
      b3cc304e
    • Rosy Song's avatar
      468a4b5b
    • Florian Eckert's avatar
      base-files: add network_get_metric() to /lib/functions/network.sh · 0ccf009b
      Florian Eckert authored
      
      Signed-off-by: default avatarFlorian Eckert <fe@dev.tdt.de>
      Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
      (backported from 61a59949)
      0ccf009b
    • Andy Walsh's avatar
      ncurses: use default host install · d5b045b5
      Andy Walsh authored
      
      
      * just use default host/install, so libs/headers get properly generated/installed
      Signed-off-by: default avatarAndy Walsh <andy.walsh44+github@gmail.com>
      (backported from e0196152)
      d5b045b5
    • Andy Walsh's avatar
      gettext-full: host compile with -fpic · 38e99cb3
      Andy Walsh authored
      
      Signed-off-by: default avatarAndy Walsh <andy.walsh44+github@gmail.com>
      (backported from 2bbc9376)
      38e99cb3
    • David Yang's avatar
      dante: disable sched_getscheduler() - not implemented in musl · 9a01ff5c
      David Yang authored
      musl doesn't come with an valid implementation of `sched_getscheduler()`;
      it simply returns -ENOSYS for it. Without this option (and compile dante
      with `sched_getscheduler()` enabled), you will get
      
          error: serverinit(): sched_getscheduler(2): failed to retrieve current
          cpuscheduling policy: Function not implemented
      
      and dante won't start at all.
      
      Ref: http://lists.alpinelinux.org/alpine-devel/3932.html
      Ref: http://lists.alpinelinux.org/alpine-devel/3936.html
      
      Signed-off-by: default avatarDavid Yang <mmyangfl@gmail.com>
      [slightly reword commit message]
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      (backported from aaf46a8f)
      9a01ff5c
    • Kevin Darbyshire-Bryant's avatar
      kernel: re-enable MIPS VDSO · 991e43c8
      Kevin Darbyshire-Bryant authored
      
      
      kernel upstream commit 9efcaa7c4afba5628f2650a76f69c798f47eeb18 to 4.14
      itself a backport of 0f02cfbc3d9e413d450d8d0fd660077c23f67eff has
      resolved the cache line issues that led to us disabling VDSO by default
      on MIPS.
      
      Remove our force disable patch:
      
      pending-4.14/206-mips-disable-vdso.patch
      Signed-off-by: default avatarKevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
      Acked-by: default avatarHauke Mehrtens <hauke@hauke-m.de>
      (backported from 8ee7a80d)
      991e43c8
    • Tony Ambardar's avatar
      base-files: fix postinstall uci-defaults removal · 85c77301
      Tony Ambardar authored
      Commit 7f694582 introduced a bug where default_postinst() often fails to
      remove a uci-defaults script after application, leaving it to run again
      after a reboot.
      (Note: commit 7f694582 also introduced FS#1021, now fixed by 73c745f6
      
      )
      
      The subtle problem arises from the shell logical chain:
      [ -f "$i" ] && . "$i" && rm -f "$i"
      
      Most uci-defaults scripts contain a terminal 'exit 0' statement which,
      when sourced, results in the logic chain exiting before executing 'rm -f'.
      This was observed while testing upgrades of 'luci-app-sqm'.
      
      The solution is to wrap the shell sourcing in a subshell relative to the
      command 'rm -f':
      ( [ -f "$i" ] && . "$i" ) && rm -f "$i"
      
      Revert to using 'grep' to prefilter the list of entries from the control
      file, which yields the full path of uci-defaults scripts. This allows
      keeping the existence check, directory change and script sourcing inside
      the subshell, with the script removal correctly outside.
      
      This approach avoids adding a second subshell only around the "." (source)
      command. The change also preserves the fix FS#1021, since the full path is
      used to source the script, which is POSIX-portable irrespective of PATH
      variable or reference to the CWD.
      
      Run Tested on: LEDE 17.01.4 running ar71xx, while tracing installation of
      package luci-app-sqm with its associated /etc/uci-defaults/luci-sqm file.
      Signed-off-by: default avatarTony Ambardar <itugrok@yahoo.com>
      (backported from 4097ab6a)
      85c77301
    • Konstantin Demin's avatar
      rules.mk: add ESED command · 6bcafab5
      Konstantin Demin authored
      
      
      ESED is SED with extended regular expressions turned on.
      Command line and usage are the same as for SED.
      Signed-off-by: default avatarKonstantin Demin <rockdrilla@gmail.com>
      (backported from d3b43f49)
      6bcafab5
    • Jo-Philipp Wich's avatar
      lldpd: inhibit linking of libbsd on !GLIBC · a3446cb0
      Jo-Philipp Wich authored
      
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      (backported from 4f277eb6)
      a3446cb0
    • Hauke Mehrtens's avatar
      kernel: fix build of nftables · 63b867ad
      Hauke Mehrtens authored
      Backport an additional patch from 4.16 for nftables.
      This fixes a build problem recently introduced.
      
      Fixes: f57806b5
      
       ("kernel: generic: Fix nftables inet table breakage")
      Signed-off-by: default avatarHauke Mehrtens <hauke@hauke-m.de>
      (backported from efffba34)
      63b867ad
    • Brett Mastbergen's avatar
      kernel: generic: Fix nftables inet table breakage · 69d6da1d
      Brett Mastbergen authored
      Commit b7265c59 ("kernel: backport a series of netfilter cleanup
      patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use-
      multihook-infrast.patch.  That patch switches the netfilter core in the
      kernel to use the new native NFPROTO_INET support.  Unfortunately, the
      new native NFPROTO_INET support does not exist in 4.14 and was not
      backported along with this patchset.  As such, nftables inet tables never
      see any traffic.
      
      As an example the following nft counter rule should increment for every
      packet coming into the box, but never will:
      
      nft add table inet foo
      nft add chain inet foo bar { type filter hook input priority 0\; }
      nft add rule inet foo bar counter
      
      This commit pulls in the required backport patches to add the new
      native NFPROTO_INET support, and thus restore nftables inet table
      functionality.
      
      Tested on Turris Omnia (mvebu)
      
      Fixes: b7265c59
      
       ("kernel: backport a series of netfilter cleanup ...")
      Signed-off-by: default avatarBrett Mastbergen <bmastbergen@untangle.com>
      (backported from f57806b5
      
      )
      (rebased patches)
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      69d6da1d
    • Jonathan Lancett's avatar
      mwlwifi: driver version to 10.3.8.0-20180920 · bbc0c4d9
      Jonathan Lancett authored
      
      Signed-off-by: default avatarJonathan Lancett <j.lancett@ntlworld.com>
      [minor tweak to commit title]
      Signed-off-by: default avatarKevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
      (backported from 95b3f8ec)
      bbc0c4d9
    • Hans Dedecker's avatar
      map: drop default encaplimit value · 6f50d5cc
      Hans Dedecker authored
      
      
      Setting encaplimit to a numerical value results into the value being
      included as tunnel encapsulation limit in the destination option header
      for tunneled packets.
      Several users have reported interop issues as not all ISPs support the
      destination option header containing the tunnel encapsulation limit
      resulting into broken map connectivity.
      Therefore drop the default encaplimit value for map tunnels so
      no destination option header is included by default.
      Signed-off-by: default avatarHans Dedecker <dedeckeh@gmail.com>
      (backported from d9691b66)
      6f50d5cc
    • Hans Dedecker's avatar
      ds-lite: drop default encaplimit value · f6eab3c3
      Hans Dedecker authored
      
      
      Setting encaplimit to a numerical value results into the value being
      included as tunnel encapsulation limit in the destination option header
      for tunneled packets.
      Several users have reported interop issues as not all ISPs support the
      destination option header containing the tunnel encapsulation limit
      resulting into broken ds-lite connectivity.
      Therefore drop the default encaplimit value for ds-lite tunnels so
      no destination option header is included by default.
      Signed-off-by: default avatarHans Dedecker <dedeckeh@gmail.com>
      (backported from 1241707b)
      f6eab3c3
    • Rosy Song's avatar
      odhcpd: enable ipv6 server mode only when it is supported · d9f845f7
      Rosy Song authored
      
      Signed-off-by: default avatarRosy Song <rosysong@rosinson.com>
      (backported from 918ec4d5)
      d9f845f7
    • Marko Ratkaj's avatar
      tools/expat: fix docbook2man error on some systems · 15a023a4
      Marko Ratkaj authored
      
      
      On some systems (Gentoo) configure stage fails because of docbook2man
      working with SGML rather than with XML. We don't need xmlwf man pages so
      we disable this.
      Signed-off-by: default avatarMarko Ratkaj <marko.ratkaj@sartura.hr>
      (backported from 6e80dd58)
      15a023a4
    • Andy Walsh's avatar
      base-files: /etc/services: add missing 'rpcbind' alias · 4b5e062b
      Andy Walsh authored
      
      
      * add missing 'rpcbind' alias to /etc/services
      
      Allows rpcbind to open its 111 port and be reachable via lan, this is the default behaviour.
      Signed-off-by: default avatarAndy Walsh <andy.walsh44+github@gmail.com>
      (backported from 4549ab46)
      4b5e062b
    • Rosen Penev's avatar
      usbutils: Update usb.ids to 0.315 · 376e9294
      Rosen Penev authored
      
      
      Referencing the version instead of revision should fix uscan.
      
      Tested on Turria Omnia.
      Signed-off-by: default avatarRosen Penev <rosenp@gmail.com>
      (backported from a9aa25c8)
      376e9294
    • Rosen Penev's avatar
      hostapd: Fix compile with OpenSSL 1.1.0 + no deprecated APIs · 3dbdd404
      Rosen Penev authored
      Patch was accepted upsteam:
      
      https://w1.fi/cgit/hostap/commit/?id=373c796948599a509bad71695b5b72eef003f661
      
      Signed-off-by: default avatarRosen Penev <rosenp@gmail.com>
      (backported from f78e07ad
      
      )
      (rebased patches)
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      3dbdd404
    • Yousong Zhou's avatar
      scripts/ipkg-build: quash error messages when conffiles.resolved is empty · fa3805f2
      Yousong Zhou authored
      
      
      When Package/xx/conffiles only contains directories that are empty at
      package time, conffiles.resolved will be missing and the following
      error messages will appear in the build log.
      
      	/home/yousong/git-repo/openwrt/openwrt/scripts/ipkg-build -c -o 0 -g 0 /home/yousong/git-repo/openwrt/openwrt/build_dir/target-mips_24kc_musl/linux-malta_be/openvswitch-2.10.0/ipkg-mips_24kc/openvswitch-common /home/yousong/git-repo/openwrt/openwrt/bin/packages/mips_24kc/packages
      	mv: cannot stat 'CONTROL/conffiles.resolved': No such file or directory
      	chmod: cannot access 'CONTROL/conffiles': No such file or directory
      
      It will not break the ipkg-build process.  The change is merely cosmetic
      to not cause confusion when reading logs
      Signed-off-by: default avatarYousong Zhou <yszhou4tech@gmail.com>
      (backported from 9e58c20e)
      fa3805f2
    • Yousong Zhou's avatar
      scripts/metadata.pm: avoid adding dup names in provides list · f5cf9b26
      Yousong Zhou authored
      
      
      The need arises from building Open vSwitch kernel datapath modules, e.g.
      
       - kmod-openvswitch from Linux upstream
       - kmod-openvswitch-intree from openvswitch source code
      
      where both provides virtual package "kmod-openvswitch" for userspace
      packages to select and depend on
      Signed-off-by: default avatarYousong Zhou <yszhou4tech@gmail.com>
      (backported from 20408167)
      f5cf9b26
    • Stijn Tintel's avatar
      strace: fix build on aarch64 · 0dbafc3a
      Stijn Tintel authored
      
      
      As of version 4.21, strace enforces mpers by default. The current
      implementation of aarch64 compat in strace assumes it's identical to
      ARMv7 EABI and therefore tries to enable m32 personality support. As
      there is no -m32 support on aarch64, this causes the build to fail.
      
      Restore previous strace behavior to fix build on aarch64.
      Signed-off-by: default avatarStijn Tintel <stijn@linux-ipv6.be>
      Tested-by: default avatarKarl Palsson <karlp@tweak.net.au>
      (backported from 067e2f5f)
      0dbafc3a
    • Hans Dedecker's avatar
      odhcpd: bump to git HEAD (detect broken hostnames) · 8cac88af
      Hans Dedecker authored
      
      
      881f66b odhcpd: detect broken hostnames
      3e17fd9 config: fix odhcpd_attrs array size
      Signed-off-by: default avatarHans Dedecker <dedeckeh@gmail.com>
      (backported from ecc3165c)
      8cac88af
    • Alexander Couzens's avatar
      hostapd: fix build of wpa-supplicant-p2p · 69f28f3a
      Alexander Couzens authored
      VARIANT:= got removed by accident.
      
      Fixes: 3838b169
      
       ("hostapd: fix conflicts hell")
      Signed-off-by: default avatarAlexander Couzens <lynxis@fe80.eu>
      (backported from 967d6460)
      69f28f3a
    • Felix Fietkau's avatar
    • Jo-Philipp Wich's avatar
      ppp: remove hardcoded lcp-echo-failure, lcp-echo-interval values · 62e7ad1d
      Jo-Philipp Wich authored
      OpenWrt used to ship hardcoded defaults for lcp-echo-failure and
      lcp-echo-interval in the non-uci /etc/ppp/options file.
      
      These values break uci support for *disabling* LCP echos through
      the use of "option keepalive 0" as either omitting the keepalive
      option or setting it to 0 will result in no lcp-echo-* flags
      getting passed to the pppd cmdline, causing the pppd process to
      revert to the defaults in /etc/ppp/options.
      
      Address this issue by letting the uci "keepalive" option default
      to the former hardcoded values "5, 1" and by removing the fixed
      lcp-echo-failure and lcp-echo-interval settings from the
      /etc/ppp/options files.
      
      Ref: https://github.com/openwrt/luci/issues/2112
      Ref: https://dev.archive.openwrt.org/ticket/2373.html
      Ref: https://bugs.openwrt.org/index.php?do=details&task_id=854
      Ref: https://bugs.openwrt.org/index.php?do=details&task_id=1259
      
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      (backported from 555c5923)
      62e7ad1d
    • Paul Wassi's avatar
      base-files: provide more tolerant xterm detection · 87a6aadf
      Paul Wassi authored
      
      
      Set the window title not only in "xterm", but also in
      e.g. "xterm-256color", "xterm-color", etc.
      The case statement is taken from Debian / Ubuntu.
      Signed-off-by: default avatarPaul Wassi <p.wassi@gmx.at>
      (backported from 1bd6b91e)
      87a6aadf
    • Tuomas Tynkkynen's avatar
      brcm47xx: Enable USB power on WNDR3400v3 · 40ca437c
      Tuomas Tynkkynen authored
      
      
      WNDR3400v3 needs GPIO 21 pulled high to enable power to USB ports. Add a
      kernel patch to do that.
      Signed-off-by: default avatarTuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
      (backported from 5dd74558)
      40ca437c
    • Keith Wong's avatar
      kernel: add kmod-tcp-bbr · 9afbe27b
      Keith Wong authored
      
      
      This adds support for BBR (Bottleneck Bandwidth and RTT) TCP
      congestion control. Applications (e.g. webservers, VPN client/server)
      which initiate connections from router side can benefit from this.
      
      This provide an easier way for users to use BBR by selecting /
      installing kmod-tcp-bbr instead of altering kernel config and
      compiling firmware by themselves.
      Signed-off-by: default avatarKeith Wong <keithwky@gmail.com>
      (backported from 79c233da)
      9afbe27b
    • Daniel Engberg's avatar
      libbsd: Update to 0.8.7 · 39420c3e
      Daniel Engberg authored
      
      
      Update libbsd to 0.8.7
      Remove glibc dependency
      Clean up InstallDev and install entries
      Use /usr path for consistency
      Cherry pick patches from upstream to fix musl compilation
      Signed-off-by: default avatarDaniel Engberg <daniel.engberg.lists@pyret.net>
      (backported from e341f459)
      39420c3e