git.openwrt.org Git - openwrt/openwrt.git/log

nghttp2: bump to 1.35.1

63843750 Update manual pages
27801e98 Bump up version number to 1.35.1
60e020a8 nghttpx: Fix broken trailing slash handling

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

dnsmasq: Fix dhcp-boot, dhcp-reply-delay and pxe-prompt regressions

The above options were incorrectly changed to required tags. Make them
optional again.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>

glibc: update to latest 2.27 commit (BZ #23927)

f6d0e8c36f Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bug 23861)
2794474c65 powerpc: Add missing CFI register information (bug #23614)
d8ca7a0c71 Fix _dl_profile_fixup data-dependency issue (Bug 23690)
f1e211096b inet/tst-if_index-long: New test case for CVE-2018-19591 [BZ #23927]
4e9f34e54f support: Implement <support/descriptors.h> to track file descriptors
e75481a7a7 support: Close original descriptors in support_capture_subprocess
0f79dc0be3 support_quote_string: Do not use str parameter name
6b2dd53aa0 support: Implement support_quote_string
50477165b9 malloc: Add another test for tcache double free check.
4b246928bd malloc: tcache double free check

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

kernel: bump 4.14 to 4.14.88

Refreshed all patches.

Altered patches:
- 180-usb-xhci-add-support-for-performing-fake-doorbell.patch

Fixes CVE:
- CVE-2018-14625

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

kernel: bump 4.9 to 4.9.145

Refreshed all patches.

Fixes CVE:
- CVE-2018-14625

Compile-tested on: brcm2708
Runtime-tested on: brcm2708

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>

kernel: bump 3.18 to 3.18.129

Refreshed all patches.

Compile-tested on: adm5120
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

iproute2: backport patch fixing incorrect usage of LDFLAGS

Backport upstream patch fixing incorrect passing of -lxtables to
LDFLAGS instead of LDLIBS in the tc/Makefile

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

netifd: update to latest git HEAD

1ac1c78 system-linux: get rid of SIOCSDEVPRIVATE

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

mac80211: Update to version 4.19.7-1

This updates the backports package used in mac80211 to version 4.19.7-1
which is based on kernel 4.19.7. This integrates all the stable fixes
introduces in this kernel version.

The deleted patches are not needed any more because they are either
included in the upstream Linux kernel 4.19.7 or in backports 4.19.7-1.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: drop unneeded LINUX_VERSION_CODE checks

All those parsers are used by 4.14 targets. They don't need that
backward compatibility code.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

kernel: add DT binding support to the LZMA and WRG parsers

It allows specifying those parsers directly in the DT.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

ramips: mt7621: disable CONFIG_MTD_SPLIT_FIRMWARE

It's no longer needed as all mt7621 devices use DT binding (supported by
upstream mtd code) for specifying "firmware" part format explicitly.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

ramips: mt7621: specify "firmware" partition format for remaining devices

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

kmod-dma-buf: fix build with external kernel

In hack/904-debloat_dma_buf.patch, DMA_SHARED_BUFFER is changed from
bool to tristate. As this patch is not applied to external kernel
sources, build fails if kmod-dma-buf is enabled. Fix this by only
including the module file if CONFIG_EXTERNAL_KERNEL_TREE and
CONFIG_KERNEL_GIT_CLONE_URI are not enabled.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

ipq806x: fix and cleanup dts for NEC WG2600HP

This commit fixes and cleanups qcom-ipq8064-wg2600hp.dts to improve the
support for WG2600HP.

- Use dt label in qcom-ipq8064.dtsi:

  - gmac1
  - gmac2
  - gsbi4
    - gsbi4_serial
  - gsbi5
  - hs_phy_0
  - ss_phy_0
  - usb3_0
  - usb3_1
  - pcie0
  - pcie1
  - qcom_pinmux

- Fix wrong pcie reset (perst) gpios

  - drop reset-gpio and use perst-gpios in qcom-ipq8064.dtsi

- Remove unnecessary dt label from device dts

  - flash
  - phy0, phy4

- Rename spi-nor node to "flash" from "m25p80"

- Fix qca,ar8327-initvals

  - use oem settings

    - fix: PAD0_MODE, PAD6_MODE
    - drop: PAD5_MODE (unnecessary)

- Move mtd partitions under partitions (fixed-partitions) node

- Specify "firmware" partition format

  - WG2600HP uses uImage format (denx,uimage)

- Change failsafe status LED to power_red

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>

openvpn: re-add option comp_lzo

This option is deprecated but needs to be kept for backward compatibility. [0]

[0] https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#a--comp-lzo

Signed-off-by: Martin Schiller <ms@dev.tdt.de>

rpcd: update to latest Git head

3aa81d0 file: access exec timeout via daemon ops structure
7235f34 plugin: store pointer to exec timeout value in the ops structure
ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

dnsmasq: fix ipv6 ipset bug

During upstream removal of conditional ipv6 support an order swap error
was made in a ternary operator usage.

This patch sent upstream.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>

iproute2: backport upstream patch to fix print_0xhex on 32 bit

The argument to print_0xhex is converted to unsigned long long
so the format string give for normal printout has to be some
variant of %llx. Backport the patch as otherwise, bogus values
will be printed on 32 bit platforms.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

ath9k: register GPIO chip for OF targets

This partitialy reverts commit ccab68f2d399.

Registering the GPIO chip without a parent device completely breaks the
ath9k GPIOs for device tree targets.

As long as boards using the devicetree don't have the gpio-controller
property set for the ath9k node, the unloading of the driver works as
expected.

Register the GPIO chip with the ath9k device as parent only for OF
targets to find a trade-off between the needs of driver developers and
the broken LEDs and buttons seen by users.

Signed-off-by: Mathias Kresin <dev@kresin.me>

ath79: fix dtc compiler warnings

The qca9557/qca956x reset-controller aren't a simple bus. A simple bus
would require node unit addresses.

Add the node unit addresses for the qca9557 usb phys. Add the regs for
the USB_PWRCTL and USB_CONFIG registers even not yet used.

Fix the wrong ar7100 pcie controller node unit address as well.

Signed-off-by: Mathias Kresin <dev@kresin.me>

ramips: drop old image validation code

Due to the enforced image metadata we ensure that the correct image is
uploaded. Checks based on a magic arn't required any more.

Signed-off-by: Mathias Kresin <dev@kresin.me>

ramips: enforce image metadata verification

Now that we got rid of all legacy images, we can enforce image metadata
verification.

Signed-off-by: Mathias Kresin <dev@kresin.me>

ramips: drop support for ALLNET ALL0239-3G and Sitecom WL-341 v3

Beside one exception, no one took care of these two remaining boards
still using the legacy image build code during the last two years.

Since OpenWrt 14.07 the ALLNET ALL0239-3G image building is broken.

The Sitecom WL-341 v3 image build code looks pretty hackish and broken.
It's questionable if the legacy image works as all.

Signed-off-by: Mathias Kresin <dev@kresin.me>

ramips: use new image build code for D-Link DCS-930 family

Drop the factory images and the firmware tool to create them. They don't
work any more, since the factory image has an uImage header covering the
whole kernel + rootfs. This way the uImage splitter will not be able to
find the rootfs and the kernel will panic later on.

The factory images were most likely added at a time the board had
distinct partitions for kernel and rootfs.

Signed-off-by: Mathias Kresin <dev@kresin.me>

elfutils: install library files for pkg-config

Support other packages using pkg-config to query existence and details of
libelf and libdw libraries at build time.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>

hostapd: add support for WPS pushbutton station

similar to hostapd, also add a ubus interface for wpa_supplicant
which will allow handling WPS push-button just as it works for hostapd.
In order to have wpa_supplicant running without any network
configuration (so you can use it to retrieve credentials via WPS),
configure wifi-iface in /etc/config/wireless:

  config wifi-iface 'default_radio0'
      option device 'radio0'
      option network 'wwan'
      option mode 'sta'
      option encryption 'wps'

This section will automatically be edited if credentials have
successfully been acquired via WPS.

Size difference (mips_24kc): roughly +4kb for the 'full' variants of
wpa_supplicant and wpad which do support WPS.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

uboot-fritz4040: update package to 2018-12-09

This patch updates the uboot-fritz4040 package to the latest version.
The portability and private-libgcc patches, as well as the
upload-to-f4040.sh script have been added to the upstream repository.
Furthermore, the upload-to-f4040 has been updated to take the first
parameter as the file it is supposed to flash, otherwise it defaults
to the previous "uboot-fritz4040.bin". Furthermore the error messages
have been improved and ftp will now dump some "progress information"
to the user's console.

Also included is support for gcc 8+ and a fix for the obnoxous error
that currently breaks the builders:
| fritz/src/lzma2eva.c:23:30: fatal error: zlib.h: No such file or directory

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>

brcm63xx: HG655b: fix the imagetag at dts

Fix the imagetag on the HG655b to allow a correct partition detection at boot time.

It turns out that it was defined at the wrong partition. Just move the imagetag to
the linux firmware partition.

The bug is present since the 18.06 release. Without this fix, the board won't boot.

Fixes: a27d59bb4274 ("brcm63xx: switch to new partition layout specification")
Signed-off-by: Daniel Gonzalez Cabanelas <dgcbueu@gmail.com>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>

brcm63xx: fix ethernet switch core reset mask for BCM6368

The reset mask for the bcm6368 switch core was left at 0 due to a copy &
paste error. Fix this by setting it to the correct value.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>

brcm63xx: drop legacy profile for SR102

Remove the sky.mk causing a duplicate device profile to be added in
image builder. The generic device code already generates a profile for
the device.

Fixes FS#1780.

Fixes: d59126040701 ("brcm63xx: initial support for Sky SR102 router")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>

kernel: add missing symbol in some 4.9 subtargets

Buildbot revealed some subtargets are still missing the new symbol.

Fixes: dfbf836a52e4 ("kernel: bump 4.9 to 4.9.143")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

kernel: bump 4.14 to 4.14.87

Refreshed all patches.

Remove upstreamed:
- 0008-MIPS-ralink-Fix-mt7620-nd_sd-pinmux.patch

Compile-tested: cns3xxx, imx6
Runtime-tested: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

kernel: bump 4.9 to 4.9.144

Refreshed all patches.

Remove upstreamed:
- 014-Kbuild-suppress-packed-not-aligned-warning-for-defau.patch

Compile-tested: ar7, brcm2708
Runtime-tested: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

kernel: bump 4.14 to 4.14.86

Refreshed all patches.

Altered patches:
- 180-usb-xhci-add-support-for-performing-fake-doorbell.patch

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

kernel: bump 4.9 to 4.9.143

Refreshed all patches.

Altered patches:
- 950-0063-Improve-__copy_to_user-and-__copy_from_user-performa.patch
- 201-extra_optimization.patch

New symbol:
- CONFIG_HARDEN_BRANCH_PREDICTOR

Compile-tested on: ar7, at91, brcm2708, ixp4xx, layerscape, orion
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[fix brcm2708/950-0149-Update-vfpmodule.c.patch]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

kernel: bump 3.18 to 3.18.128

Refreshed all patches.

Altered patches:
- 002-phy_drivers_backport.patch

Compile-tested on: adm5120
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

dnsmasq: follow upstream dnsmasq pre-v2.81 v2

Backport upstream commits. Most interesting 122392e which changes how
SERVFAIL is handled especially in event of genuine server down/failure
scenarios with multiple servers. a799ca0 also interesting in that
answered received via TCP are now cached, DNSSEC typically using TCP
meant until now answers weren't cached, hence reducing performance.

59e4703 Free config file values on parsing errors.
48d12f1 Remove the NO_FORK compile-time option, and support for uclinux.
122392e Revert 68f6312d4bae30b78daafcd6f51dc441b8685b1e
3a5a84c Fix Makefile lines generating UBUS linker config.
24b8760 Do not rely on dead code elimination, use array instead. Make options bits derived from size and count. Use size of option bits and last supported bit in computation. No new change would be required when new options are added. Just change OPT_LAST constant.
6f7812d Fix spurious AD flags in some DNS replies from local config.
cbb5b17 Fix logging in cf5984367bc6a949e3803a576512c5a7bc48ebab
cf59843 Don't forward *.bind/*.server queries upstream
ee87504 Remove ability to compile without IPv6 support.
a220545 Ensure that AD bit is reset on answers from --address=/<domain>/<address>.
a799ca0 Impove cache behaviour for TCP connections.

Along with an additional patch to fix compilation without DHCPv6, sent
upstream.

I've been running this for aaaages without obvious issue hence brave
step of opening to wider openwrt community.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>

Revert "dnsmasq: follow upstream dnsmasq pre-v2.81"

This reverts commit a6a8fe0be5cd2edb1560bfc3f3094c3d34f2d2b0.

buildbot found an error
option.c: In function 'dhcp_context_free':
option.c:1042:15: error: 'struct dhcp_context' has no member named 'template_interface'
free(ctx->template_interface);

revert for the moment

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>

dnsmasq: follow upstream dnsmasq pre-v2.81

Backport upstream commits. Most interesting 122392e which changes how
SERVFAIL is handled especially in event of genuine server down/failure
scenarios with multiple servers. a799ca0 also interesting in that
answered received via TCP are now cached, DNSSEC typically using TCP
meant until now answers weren't cached, hence reducing performance.

59e4703 Free config file values on parsing errors.
48d12f1 Remove the NO_FORK compile-time option, and support for uclinux.
122392e Revert 68f6312d4bae30b78daafcd6f51dc441b8685b1e
3a5a84c Fix Makefile lines generating UBUS linker config.
24b8760 Do not rely on dead code elimination, use array instead. Make options bits derived from size and count. Use size of option bits and last supported bit in computation. No new change would be required when new options are added. Just change OPT_LAST constant.
6f7812d Fix spurious AD flags in some DNS replies from local config.
cbb5b17 Fix logging in cf5984367bc6a949e3803a576512c5a7bc48ebab
cf59843 Don't forward *.bind/*.server queries upstream
ee87504 Remove ability to compile without IPv6 support.
a220545 Ensure that AD bit is reset on answers from --address=/<domain>/<address>.
a799ca0 Impove cache behaviour for TCP connections.

I've been running this for aaaages without obvious issue hence brave
step of opening to wider openwrt community.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>

dnsmasq: drop dnssec timestamp file patch

Openwrt no longer uses and has not used since 5acfe55d71 Jun 2016 the
timestamp file (/etc/dnsmasq.time) method of resolving the dnssec/ntp
dnslookup chicken/egg problem, having used signals from ntp since that
change.

Drop the 'dnssec-improve-timestamp-heuristic' patch since it is neither
used nor sent upstream. One less thing to refresh & maintain.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>

nettle: bump to 3.4.1

This is a security fix adding safer APIs for RSA use.

Compile tested for: ar71xx

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

base-files: add sysupgrade -k to save list of pkgs

When '-k' is used, sysupgrade inserts into backup a new file
/etc/backup/installed_packages.txt which contains pkgname and origin (rom,
overlay, unknown) without touching rootfs.

It's mainly used to reinstall all extra packages:

# opkg update
# grep "\toverlay" /etc/backup/installed_packages.txt | cut -f1 | xargs -r opkg install
# rm /etc/backup/installed_packages.txt

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

base-files: add sysupgrade -o to save all overlay files

Add sysupgrade '-o' option in order to include all overlay files in
backup, except for those that are from packages but including files
listed in conffiles, sysupgrade.conf or /lib/upgrade/keep.d.

With '-u' option, it will skip files equals to /rom and conffiles that
were not changed.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

base-files: add sysupgrade -u to skip unchanged files

With '-u', for a file /aaa/bbb/ccc enlisted for backup,
it will only get into backup if /rom/aaa/bbb/ccc does not
exist or /aaa/bbb/ccc is different from /rom/aaa/bbb/ccc.

It also works with '-c', but only effective for files touched
but not modified.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

base-files: minor cleanups on sysupgrade

Renamed add_uci_conffiles to add_conffiles as it includes
any conffiles listed, not only UCI ones.

Make do_save_conffiles arg mandatory

Allow other options after -l (like -c)

Do not use stdout for error messages (fixes backup to stdout)

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

firewall: update to latest git HEAD

14589c8 redirects: properly handle src_dport in SNAT rules

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

apm821xx: WNDAP620: remove bad semicolon in dts after #include

This patch fixes a build warning triggered by a semicolon in
the dts after the #include directive.

netgear-wndap620.dts:11:33: warning: extra tokens at end of #include directive

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>

apm821xx: move fifo-entry-size property to WNDR4700

This property (and value) came from Netgear's WNDR4700
stock firmware dts. However, other devices do not set
it and the EMAC default is 16, which matches that of
the programming notes of the APM82181 spec.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>

ath10k-firmware: Fix mirror hash sum (FS#1983)

This now matches what was generated locally on my PC and the file on the
mirror server.

Fixes: 575d0240f9593 ("ath10k-firmware: update board-2.bin for community firmwares")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>

kernel: add DT binding support to the TRX and minor parsers

It allows specifying those parsers directly in the DT.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

iptables: fix ebtables vlan compile issue (FS#1990)

Backport an upstream patch which fixes an userspace/kernel headers
collison

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>

ramips: fix firmware compatible string for dir860l-b1

In commit d70ec3008d4cd0540a9f6c88fb7e786107f1679a, a firmware compatible
string of "denx,uimage" was added for the Dlink DIR-860L-B1. Unfortunately,
this was the wrong string. It needs "seama" instead.

Signed-off-by: Russell Senior <russell@personaltelco.net>

iptables: bump to 1.8.2

Drop 030-extensions-libxt_bpf-Fix-build-with-old-kernel-versi.patch as pushed upstream
Added patches :
001-extensions_format-security_fixes_in_libip.patch
002-include_fix_build_with_kernel_headers_before_4_2.patch
101-remove-register-check.patch

The first and the second patch are upsteam fixes for compilation errors.
The third patch remove check if one target lib is already registred; this is caused by
shared libs that are loaded before the iptables execution.

Iptables changelog:

bba6bc6 (tag: v1.8.2) configure: bump versions for 1.8.2 release
61d6c38 xtables: add 'printf' attribute to xlate_add
5edb249 libxtables: xlate: init buffer to zero
9afd2a6 tests: shell: fix expected arptables-save output
6387941 arptables: fix --version info
d703c1f arptables: ignore --table argument.
d5754e3 arptables: make uni/multicast mac masks static
1b63e66 arptables: add test cases
5aecb2d arptables: pre-init hlen and ethertype
9677ed1 arptables: fix src/dst mac handling
ab0b6d5 arptables: fix target ip offset
c0c75ce arptables: fix -s/-d handling for negation and mask
3ac65af arptables: add basic test infra for arptables-nft
e31564f arptables: fix rule deletion/compare
2345ff6 arptables: remove code that is also commented-out in original arptables
50c2397 arptables-save: add -c option, like xtables-save
d9a518e arptables: use ->save for arptables-save, like xtables
5a52e6a extensions: test protocol and interface negation
85d7df9 xtables: Fix error return code in nft_chain_user_rename()
3ccb443 xtables: Clarify error message when deleting by index
95db364 xtables: Fix typo in do_command() error message
5f508b7 ebtables: use extrapositioned negation consistently
583b27e ebtables-save: add -c option, using xtables-style counters
e6723ab nft: add NFT_TABLE_* enumeration
21ec111 nft: replace nft_chain_dump() by nft_chain_list_get()
05947c8 iptables-nft: fix -f fragment option
7bd9feb libxtables: add and use mac print helpers
a10eb88 extensions: libebt_ip: fix tos negation
9b127b7 extensions: libebt_ip6: fix ip6-dport negation
c59ba1b xtables-nft: make -Z option work
1bf4a13 nft: add missing error string
a9f9377 iptables-tests: add % to run iptables commands
b81c8da iptables-tests: do not append xtables-multi to external commands
edf2b7c ebtables-nft: add arpreply target
2d1372e ebtables: add redirect test case
c3e8dbd ebtables: add test cases
cd90cef ebtables: relax -t table restriction, add snat/dnat test cases
fd95f1f ebtables: fix -j CONTINUE handling for add/delete
fb747f8 tests: add basic ebtables test support
d4bc5a3 iptables-nft: fix bogus handling of zero saddr/daddr
9ff9915 iptables-test: fix netns test
8c918db xtables: Fix for matching rules with wildcard interfaces
b2fc2a3 extensions: limit: unbreak build without libnftnl
682f39a xtables: Fix for spurious errors from iptables-translate
90f7dc3 (tag: v1.8.1) configure: bump versions for 1.8.1 release
0123183 iptables-test: add -N option to exercise netns removal path
abae556 libxtables: expose new etherdb lookup function through libxtables API
c2d9ed9 libxtables: prefix exported new functions for etherdb lookups
5a44360 Revert "extensions: libxt_quota: Allow setting the remaining quota"
2673faf xtables: Remove target_maxnamelen field
8ca3436 extensions: cgroup: fix option parsing for v2
0a8f2bc extensions: libxt_quota: Allow setting the remaining quota
b373a91 nft-shared: Use xtables_calloc()
5a40961 arptables: Use the shared nft_ipv46_parse_target()
9f07503 Combine parse_target() and command_jump() implementations
7373297 Combine command_match() implementations
a76ba54 libiptc: NULL-terminate errorname
a3716cc libxtables: Check extension real_name length
0195b64 iptables: Gitignore xtables-{legacy, nft}-multi scripts
671e40a xtables: Drop pointless check
7c9a152 arptables: Fix incorrect strcmp() in nft_arp_rule_find()
11e91a4 xtables: Don't read garbage in nft_ipv4_parse_payload()
d95c1e8 libxtables: Use posix_spawn() instead of vfork()
7e50eba Fix a few cases of pointless assignments
f40ce2d extensions: libebt_ip{, 6}: Drop pointless error checking
47fb86c nft-arp: Drop ineffective conditional
80aae9b iptables: Use print_ifaces() from xtables
8da04ff Share print_ipv{4,6}_addr() from xtables
b686594 iptables-apply: Replace signal numbers by names
f175dee iptables-apply: Quote strings passed to echo
52aa150 nfnl_osf: Replace deprecated nfnl_talk() by nfnl_query()
61ebf3f libxtables: Don't read garbage in xtables_strtoui()
ab639f2 libxtables: Avoid calling memcpy() with NULL source
22ef371 libiptc: Simplify alloc_handle() function signature
6b7145f libxt_time: Drop initialization of variable 'year'
749d3c2 libxt_ipvs: Avoid potential buffer overrun
8e798e0 libxt_conntrack: Avoid potential buffer overrun
74eb239 libxt_conntrack: Version 0 does not support XT_CONNTRACK_DIRECTION
d0c1f1b libxt_LED: Avoid string overrun while parsing led-trigger-id
23ef6f0 xtables: Remove unused variable in nft_is_table_compatible()
4e499d5 ip{, 6}tables-restore: Fix for uninitialized array 'curtable'
1788f54 Mark fall through cases in switch() statements
31f1434 libxtables: Integrate getethertype.c from xtables core
7ae4fb1 xtables: Fix for wrong assert() in __nft_table_flush()
8c786a3 nfnl_osf: Drop pointless check in xt_osf_strchr()
6fc7762 libxt_string: Fix array out of bounds check
2a68be1 xtables-save: Ignore uninteresting tables
f9efc8c extensions: add cgroup revision 2
9b8cb16 extensions: REJECT: Merge reject tables
56d7ab4 libxt_string: Avoid potential array out of bounds access
bfd41c8 ebtables: Fix for potential array boundary overstep
e6f9867 libiptc: Avoid side-effect in memset() calls
4144571 libxtables: Fix potential array overrun in xtables_option_parse()
9242b5d xtables: Accept --wait in iptables-nft-restore
c9f4f04 xtables: Don't check all rules for being compatible
15606f2 doc: Improve layout of u32 instructions
7345037 xtables-restore: Fix flushing referenced custom chains
7df11d1 xtables: Drop use of IP6T_F_PROTO
b6a06c1 xtables: Align return codes with legacy iptables
3bb497c xtables: Fix for deleting rules with comment
0800d9b ip6tables-translate: Fix libip6t_mh.txlate test
4cf650c ebtables-translate: Fix for libebt_limit.txlate
783e9c2 xtables: Add missing deinitialization
9771d06 ebtables: Review match/target lookup once more
85ed1ab extensions: libebt_mark: Drop mark_supplied check
6a46ca0 xtables: Add a few missing exit calls
acde6be ebtables-translate: Fix segfault while parsing extension options
2c4e4d2 ebtables: trivial: Leverage C99-style initializers a bit more
9f5b28a xlate-test: Fix for calling wrong command name
1a878a7 extensions: AUDIT: Provide translation
5ee03e6 xtables: Use meta l4proto for -p match
37b68b2 xtables: Fix for segfault when registering hashlimit extension
92f7b04 xtables: Fix for segfault in iptables-nft
294f9ef ebtables: Fix entries count in chain listing
6f29aa8 xtables: Make 'iptables -S nonexisting' return non-zero
7bccf30 ebtables: Fix for listing of non-existent chains
3d9a13d xtables: Fix for no output in iptables-nft -S
a33c6fd arptables: Drop extensions/libxt_mangle.c
02b8097 ebtables: Merge libebt_limit.c into libxt_limit.c
5de8dcf xtables: Use native nftables limit expression
514de48 ebtables: Remove flags misinterpretations
528cbf9 xtables: Fix for wrong counter format in -S output
9ca32c4 xtables: Don't pass full invflags to add_compat()
e055aeb xtables: Improve xtables-monitor first impression
b925733 tests: Fix skipping for recent nft-only tests
277f374 xtables: Spelling fixes in xtables-monitor
a9d9f64 xtables: Fix potential segfault in nft_rule_append()
fbf0bf7 tests: Add ebtables-{save,restore} testcases
f1d8508 tests: Add arptables-{save,restore} testcases
63c3dae xtables: Implement arptables-{save,restore}
aa7fb04 ebtables: Review match/target lookup
3f123dc ebtables-restore: Use xtables_restore_parse()
295d5a8 xtables-restore: Make COMMIT support configurable
1679b2c xtables-restore: Improve user-defined chain detection
2ce9f65 xtables: Match verbose ip{,6}tables output with legacy
cd79556 xtables: Reserve space for 'opt' column in ip6tables output
0357254 xtables: Print error when listing non-existent chains
206033e xtables: Fix for no output on first iptables-nft invocation
a0698de xtables: Do not count rules as chain references
d11b6b8 arptables: Fix jumps into user-defined chains
3f27955 arptables: Fix opcode printing in numeric output
f988fe4 xtables: Fix symlinks/names for ebtables-{save, restore}
3319c61 ebtables: Support --init-table command
3ec8aac arptables: Print policy only for base chains
83bc189 arptables: Fix for trailing spaces in output
aaed1b6 arptables: Fix memleaks in do_commandarp()
d67d85d ebtables: Print non-standard target parameters
2e478e9 ebtables: Fix match_list insertion
a192f03 ebtables: Fix for wrong program name in error messages
a2ed880 xshared: Consolidate argv construction routines
1cc0918 xshared: Consolidate parse_counters()
78b9d43 Consolidate DEBUGP macros
14ad525 xtables: Fix program name in xtables_error()
f7bbdb0 xtables: Use correct built-in chain count
ae574b2 xtables: Fix compilation with NLDEBUG defined
82d278c xtables: Free chains in NFT_COMPAT_CHAIN_ADD jobs
c2895ea xtables: Free chains in NFT_COMPAT_CHAIN_USER_DEL jobs
89d3443 xtables: Fix for nft_rule_flush() returning garbage
c259447 xtables: Allocate rule cache just once
ed30b93 nft: don't print rule counters unless verbose
31e4b59 iptables-restore: free the table lock when skipping a table
f8e29a1 xtables: avoid bogus 'is incompatible' warning
6ea7579 nft: decode meta l4proto
922508e xtables: implement ebtables-{save,restore}
25ef908 xtables: introduce nft_init_eb()
de8574a xtables: parameter to add_argv() may be const
6f60f22 xtables: pass format to nft_rule_save()
f3b772c xtables: introduce save_chain callback
fa1681f xtables: rename {print,save}_rule functions
444d581 xtables: get rid of nft_ipv{4,6}_save_counters()
34e1e23 xtables: eliminate nft_ipv{4,6}_rule_find()
de782e8 xtables: merge nft_ipv{4,6}_parse_target()
ae8eece xtables: get rid of nft_ipv{4,6}_print_header()
2687794 xtables: arp: make rule_to_cs callback private
1bf73c4 xtables: Use new callbacks in nft_rule_print_save()
1866625 xtables: introduce rule_to_cs/clear_cs callbacks
0589457 xtables: simplify struct nft_xt_ctx
d9c6a5d xtables: merge {ip,arp}tables_command_state structs
87b5b9e iptables: replace memset by c99-style initializers
907da5c xtables: fix crash if nft_rule_list_get() fails
565a223 xtables: Support nft suffix for arptables and ebtables
c468f01 tests: check iptables retval, not echo
47d1484 iptables: tests: add test for iptables-save and iptables-restore
e4e0704 extensions: don't bother to build libebt/libarp extensions if nft backend was disabled
17c66a5 iptables: tests: shell: Add README
6c2118c (tag: v1.8.0) configure: bump version and libnftnl dependency
7b66fc2 man: clarify translate tools do not modify any state
f7fec51 xtables-monitor: add --version option
b470b8e xtables-legacy: fix argv0 name for ip6tables-legacy
2028e54 xtables: display legacy/nf_tables flavor in error messages, too
fd8d7d7 ebtables-nft: add stp match
f15639b tests: add script that mimics firewalld startup
27f7db2 tests: fix variable name to multi-binary
2a89ec5 tests: add a few simple tests for list/new/delete
37d9d5b ebtables-nft: make -L, -X CHAINNAME work
816bd1f ebtables-nft: remove exec_style
b81708f ebtables-nft: don't crash on ebtables -X
de02a75 doc: fix some spellos and the dash escape
dcf4529 tests: add firewalld default ruleset from fedora 27
f23abd5 tests: add another ipv4 only ruleset
ed9cfe1 tests: add initial save/restore test cases
9933dc5 tests: adapt test suite to run with legacy+nftables based binaries
be70918 xtables: rename xt-multi binaries to -nft, -legacy
d49ba50 xtables-restore: init table before processing policies
344c6eb doc: Fix spelling error in hashlimit section
e063873 tests: make duplicate test work
d26c538 xtables: add xtables-monitor
db84371 xtables: translate nft meta trace set 1 to -j TRACE
20eac2a xtables: warn in case old-style (set/getsockopt) tables exist
c9f5e18 xtables: add nf_tables vs. legacy postfix to version strings
e5fed16 iptables8.in: Update coreteam names
672accf include: update kernel netfilter header files
856a875 xtables: silence two compiler warnings
ae6e159 xtables: remove dead code inherited from ebtables
107b7eb configure: add -Wlogical-op warning to cflags
bc7f49d ebtables-translate: remove --change-counters code
38b4166 iptables: tests: shell: add shell test-suite
1e6427a xtables-compat: skip invalid tables
cb368b6 xtables: more error printing fixes
b1b828f xtables: homogenize error message
4caa559 xtables: initialize basechains for rule flush command too
9b89622 xtables: rework rule cache logic
01e25e2 xtables: add chain cache
8d190e9 xtables: initialize basechains only once on ruleset restore
0a86351 xtables-compat: ignore '+' interface name
125d1ce xtables-compat: append all errors into single line
437746c xtables: extended error reporting
d1c79cd xtables: allocate struct xt_comment_info for comments
4e20209 xtables: use libnftnl batch API
49709e2 xtables-compat: remove nft_is_ruleset_compatible
03e1377 xtables: allow dumping of chains in specific table
94fd83d xtables: inconsistent error reporting for -X and no empty chain
c4f1622 ebtables-compat: add arp match extension
24ce746 ebtables-compat: add redirect match extension
84c04e3 ebtables-compat: add nat match extensions
14ec998 xtables-compat: ebtables: prefer snprintf to strncpy
5e2b473 xtables-compat: extend generic tests for masks and wildcards
1a696c9 libxtables: store all requested match types
bb436ce xtables-compat: ip6table-save: fix save of ip6 address masks
6454d7d ebtables-translate: suppress redundant protocols
07f4ca9 xtables-compat: ebtables: allow checking for zero-mac
0ca2d2a xtables-compat: ebtables: add helpers to print interface and mac addresses
3d9f300 xtables-compat: ebtables: remove interface masks from ebt_entry struct
20e2758 xtables-compat: ebtables: fix logical interface negation
2682bb0 xtables-compat: ebtables: add and use helper to parse all interface names
564862d xtables-compat: ebtables: split match/target print from nft_bridge_print_firewall
0ae81d0 xtables-compat: ebtables: kill ebtables_command_state
651cfee xtables-compat: pass correct table skeleton
652b98e xtables-compat: fix wildcard detection
49f4993 extensions: libip6t_srh.t: Add test cases for psid, nsid, and lsid
429143b extensions: libxt_CONNMARK: incorrect translation after v2
db7b4e0 extensions: libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark
155e1c0 extensions: libip6t_srh: support matching previous, next and last SID
f4ffda1 extensions: libipt_DNAT: tests added for shifted portmap range
6a9ffb1 xtables-compat-restore: flush table and its content with no -n
07ae37c xtables-compat: fix bogus error with -X and no user-defined chains
df3d92b xtables-compat-restore: flush user-defined chains with -n
ca16584 xtables-compat-restore: flush rules and delete user-defined chains
ac1e85a extensions: libipt_DNAT: use size of nf_nat_range2 for rev2
e25d99a xtables-compat: pass larger socket buffer
838746e xtables-compat: xtables-save: don't return 1
2211679 xtables-compat: ebtables: support concurrent option
a77a7d8 iptables-test: fix bug with rateest
de87405 xtables-compat: fix ipv4 frag (-f)
c7b2fd6 xtables-compat: also check tg2->userspacesize
5685938 xtables-compat: avoid unneeded bitwise ops
b9d7b49 xtables-compat: restore: sync options with iptables-restore
c0ef861 extensions: add xlate test for ipables -f
d79a7f1 xtables-compat: output -s,d first during save, just like iptables
d1eb4d5 iptables-compat: chains are purge out already from table flush
09f0d47 iptables-compat: do not fail on restore if user chain exists
8798eb8 iptables-compat: remove non-batching routines
b633ef9 xtables.conf: fix hook skeletons
7af2178 xtables-compat: fall back to comment match in case name is too long
e9aeecf xlate-test: use locally installed xlate tools
0ab58e3 xtables-compat: ebtables: handle mac masks properly
734ad40 xtables-compat: nft-arp: fix warning wrt. sprintf-out-of-bounds
fb7ae9f xtables-compat: truncate comments to 254 bytes
36976c4 extensions: libipt_DNAT: support shifted portmap ranges
d7ac61b iptables-test: add nft switch and test binaries from git
992e17d xtables-compat: only fetch revisions for ip/ip6
12a52ff xtables: Fix rules print/save after iptables update
1197c5e xtables: Register all match/target revisions supported by us and kernel
e3bb24c xtables: Check match/target size vs XT_ALIGN(size) at register time
3b2530c xtables: Do not register matches/targets with incompatible revision
d3f1437 xtables: Introduce and use common function to print val[/mask] arguments
29b1d97 xtables: Introduce and use common function to parse val[/mask] arguments
56aadc0 extensions: Initialize linear mapping of symbols in _init() of extension
79c2da9 extensions: ULOG: remove test
a0956ce ebtables-translate: turn off useless compat queries
9840869 nft: arptables: remove obsolete forward hook definition
7a37d14 iptables-compat: statify nft_restart()
a3aac1d iptables-compat: handle netlink dump EINTR errors
a567dc3 ebtables-compat: add 'vlan' match extension
7564bba ebtables-compat: add 'pkttype' match extension
4d40904 ebtables-translate: update table name on -t
5c8ce9c ebtables-compat: add 'ip6' match extension
8a85a14 libebt_ip: fix translations for tos and icmp
b6f0bec libebt_ip: add icmp support
f38ed1e xt-translate: quote interface names in translated output
71a6e37 icmp: split icmp type printing to header file
e67c088 ebtables-translate: add initial test cases
207dd5e xt-compat: add ebtables-translate
d988274 xlate-translate: split common parts into helper
1650806 xtables-eb: export 3 functions
6b2041c nft-bridge: add eb-translate backend functions
3063c37 nft-bridge: fix mac address printing
394a400 nft: fix crash when getprotobynumber() returns 0
6a1dbdf ebtables-compat: support intra-positioned negations
3e94f0a nft-bridge: add forward declaration for struct nftnl_rule
5024efe libebt_limit: print 'minute' and 'seconds', not 'min' and 'secs'
ce3c780 nft: make nft_init self-contained
cb151d5 xtables-translate: rm duplicate includes
69c089b xt-compat: constify a few struct members
03ecffe ebtables-compat: add initial translations
57af67d iptables: constify option struct
88231c4 ebtables-compat: load mark target
6b4e167 ebtables-compat: don't make failing extension load fatal
24110b5 libxt_comment: silence truncation warning
98fc8ce xtables-compat: only validate the xtables builtin tables
9d9b724 xtables-compat: skip unsupported tables
59d15cf xtables-compat: also validate priorities and hook points match expected values
eb35854 xtables-compat: fix snprintf truncation warnings
fc04c8a extensions: CLUSTERIP: do not allow --local-node 0
eb2c052 extensions: CLUSTERIP: add tests
ca3c397 iptables: add xtables-translate.8 manpage
5beb158 extensions: libxt_bpf: Fix build with old kernel versions
147a891 extenstions: ecn: add tcp ecn/cwr translation
ed928a8 extensions: add tests for comp match options
632ace7 xtables-compat-multi.c: Allow symlink of ebtables
d7ccc68 iptables: add xtables-compat.8 manpage
043da5b extensions: connmark: remove non-working translation
a93b502 extensions: prefer plain 'set' over 'set mark and'
577b7e2 xtables-compat-restore: use correct hook priorities

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>

Add support for TL-WA801ND v4

This add support for TP-Link TL-WA801ND v4 (same as TL-WA801ND v3) :

Specification:

- System-On-Chip: Qualcomm Atheros QCA9533
- CPU/Speed: 650 MHz
- Flash-Chip: Winbond W25Q32BVSIG
- Flash size: 4096 KiB
- RAM: 32 MiB
- Wireless No1: SoC-integrated: QCA9533 2.4GHz 802.11bgn

Flash instructions:

1) To flash the image, rename the file
   openwrt-ar71xx-generic-tl-wa801nd-v4-squashfs-factory.bin
   to firmware.bin
2) Connect your device to the LAN port, then upload the firmware
   through web interface. It will try to download the image and
   flash it.

It can take up to 2-3 minutes to finish. When it reaches 100%, the
router will reboot itself.

Signed-off-by: Romain MARIADASSOU <roms2000@free.fr>

ath79: dts: Use PowerCloud CAP324 bicolor status LED

PowerCloud Systems CAP324 has a bicolor power LED and OpenWrt DTS files /
base files support using both colours to better inform user of state
and to better match stock firmware, so use green power to indicate
normal operation.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>

ath79: add support for I-O DATA WN-AG300DGR

I-O DATA WN-AG300DGR is a 2T2R 2.4/5 GHz 11n router, based on Atheros
AR1022.

WN-AG300DGR does not have an LED to indicates power or system status,
I set "router" LED as OpenWrt status LED.

There is no eeprom data for 5 GHz wlan in "art" partition.

Specification:

- Atheros AR1022
- 64 MB of RAM (DDR2)
- 8 MB of Flash (SPI-NOR)
- 2T2R 2.4/5GHz wifi
  - 2.4 GHz: SoC internal
  - 5 GHz: Atheros AR93x2
- 5x 10/100/1000 Mbps Ethernet
- 6x LEDs, 6x keys (4x buttons, 1x slide switch)
- 1x USB 2.0 Type-A
- UART through-hole on PCB
  - Vcc, GND, TX, RX from ethernet port side
  - 115200n8

Flash instruction using factory image:

1. Connect the computer to the LAN port on WN-AG300DGR
2. Connect power cable to WN-AG300DGR and turn it
3. Access to "http://192.168.0.1/" and open firmware update page
("ファームウェア")
4. Select the OpenWrt factory image and click update ("更新") button
5. Wait ~150 seconds to complete flashing

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>

ath79: add support for Winchannel WB2000

WB2000 is a dual-band 11N AP using AR9344.
The factory firmware used the original DB120 partition table
with a small kernel partition at the end of firmware and the
kernel will easily get oversized in the future. Since it has
to be flashed using UART I also swapped kernel/rootfs and
changed the default load address.

Specification:

- SoC: Atheros AR9344
- RAM: 128 MB
- Flash: 16 MB
- Ethernet: 10/100/1000 Mbps (Atheros AR8035)
- 2x USB 2.0
- WIFI: AR9344(2G) + AR9382(5G)
- RTC: DS1338

Known issue:
5G ath9k led doesn't work due to commit ccab68f.

Flash instruction:
Set up a TFTP server on your computer and configure static IP.
Connect UART (J11 TX/GND/RX) and press any key to enter U-boot
shell.
1. Change the default boot command:
   setenv bootcmd 'bootm 0x9f050000 || bootm 0x9fd50000'
   saveenv
2. Set your router ipaddr and server ipaddr. e.g.:
   setenv ipaddr 192.168.1.1
   setenv serverip 192.168.1.50
3. Load and flash the firmware:
   tftp 0x80060000 fw.bin
   erase 0x9f050000 +$filesize
   cp.b $fileaddr 0x9f050000 $filesize
4. Reset your router:
   reset

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
[Drop the i2c node unit address. Move the ath9k-leds node out of the spi
node, it doesn't belong there. Add the #gpio-cells property to the pci
wifi node. All fix dtc compiler warnings]
Signed-off-by: Mathias Kresin <dev@kresin.me>
merge

ath79: fix ethernet configurations for I-O DATA ETG3-R

This commit fixes several issues in eth0 on ETG3-R, and solve slowdown
in NA(P)T speed.

- add gmac-config with correct configurations
- fix pll-data value

And I added ref clock-frequency.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>

ath79: drop unused mtd splitter

Neither the seama nor the wrgg splitter are used at the moment. Drop
them for now to not bloat the target from the beginning.

Signed-off-by: Mathias Kresin <dev@kresin.me>

ath79: remove duplicate image build variables

Remove image build variables which are set to the same value as the
default image build recipe.

Signed-off-by: Mathias Kresin <dev@kresin.me>

ath79: fix GL.iNet GL-AR300M sysupgrade

The userspace boardname derived from the dts compatible was out of sync
with the expected board added to the image metadata. This way a
sysupgrade is refused.

Sync the userspace boardname and the baordname used in the image metdata
to allow a seamless sasupgrade.

Signed-off-by: Mathias Kresin <dev@kresin.me>

ath79: add SoC or family compatible

Add missing SoC specific compatibles and/or inherit the family
compatibles like "ubnt,xm".

Signed-off-by: Mathias Kresin <dev@kresin.me>

ath79: add AVM EVA firmware partition compatible

This commit adds firmware partition compatible for the
AVM FRITZ!Box 4020 and AVM FRITZ!WLAN Repeater 300E.

This allows to select the correct mtdsplit parser
instead of trying all available ones one by one.

Signed-off-by: David Bauer <mail@david-bauer.net>

ath79: Define firmware partition format to all boards where applicable

Parsing "firmware" partition (to create kernel + rootfs) was implemented
using OpenWrt downstream code enabled by CONFIG_MTD_SPLIT_FIRMWARE. With
recent upstream mtd changes we can do it in a more clean way for DTS
targets. It just requires adding a proper "compatible" string to the
"firmware" partition node.

Signed-off-by: Petr Štetiar <ynezz@true.cz>

ramips: fix dtc compiler warnings

The latest dtc compiler considers nodes named i2c or spi as the
respective bus:

  /pinctrl/i2c: incorrect #address-cells for I2C bus
  /pinctrl/spi: incorrect #address-cells for SPI bus

Rename the node to fix the false positives.

Fix the spi node unit address for the DWR-512-B and UBNT-ER-e50 to get
rid of the following warning:

  SPI bus unit address format error, expected "n"

Signed-off-by: Mathias Kresin <dev@kresin.me>

ramips: mt76x8: select only the matching mt76 driver

Select the matching mt76 driver for the PCI wireless of the following
devices:

- HiWiFi HC5861B
- Mercury MAC1200R v2.0
- Netgear AC1200 R6120
- Buffalo WCR-1166DS
- ZyXEL Keenetic Extra II
- Wavlink WL-WN575A3

Because every device has selected the corresponding mt76 driver, we can
include kmod-mt7603 instead of the mt76 metapackage, which used for the
wireless of the mt7628 and mt7688 WiSoC.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
[select kmod-mt7603 as target default package, add wireless driver for
WL-WN575A3]
Signed-off-by: Mathias Kresin <dev@kresin.me>

ath79: rename qca9533.dtsi to qca953x.dtsi

qca9533 is a costdown version of qca9531 which doesn't have USB and PCIE.
Rename the misleading dtsi names and fix the SoC type of gl-ar300m.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
[apply the changes for the gl-x750 as well]
Signed-off-by: Mathias Kresin <dev@kresin.me>

ramips: disable sdhc for HC5661A

Currently OpenWrt doesn't support switching MT7628 into AP mode
(which is done by writing some undocumented registers in MTK SDK)
Without doing so, enabling SD breaks 4 FE ports and the SD controller
doesn't work since SD pins aren't configured correctly.

Disable SDHC on HC5661A to recover the 4 FE ports.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
[drop the sdhci node completely]
Signed-off-by: Mathias Kresin <dev@kresin.me>

glibc: update to latest 2.27 commit (BZ #23927)

9f433fc791 CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

apm821xx, ath79, ipq40xx, ipq806x, lantiq, ramips: base-files: Use generic diag.sh

I wanted to add status LEDs support to my imx6 based board and have found out,
that I could use diag.sh script found in ramips platform, which seems to be
also shared in a few other platforms:

4801276bc2078c5bcf03003c831e3b0a target/linux/ramips/base-files/etc/diag.sh
4801276bc2078c5bcf03003c831e3b0a target/linux/ipq40xx/base-files/etc/diag.sh
4801276bc2078c5bcf03003c831e3b0a target/linux/ath79/base-files/etc/diag.sh

And @chunkeey suggested to me, that I can also add lantiq, ipq806x and
apm821xx to the list of platforms which could share this generic
diag.sh.

I've extended the base diag.sh in a way, that if it detects any of the
DTS LED aliases, then it would use the generic DTS set_led_state code.
The code in platform's diag.sh has moved to base-files package in this
commit:

base-files: diag.sh: Make it more generic towards DTS so it could be reused

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Tested-by: Christian Lamparter <chunkeey@gmail.com> (apm821xx and ipq40xx)

base-files: diag.sh: Make it more generic towards DTS so it could be reused

I wanted to add status LEDs support to my imx6 based board and have
found out, that I could use diag.sh script found in ramips platform,
which seems to be also shared in a few other platforms:

4801276bc2078c5bcf03003c831e3b0a target/linux/ramips/base-files/etc/diag.sh
4801276bc2078c5bcf03003c831e3b0a target/linux/ipq40xx/base-files/etc/diag.sh
4801276bc2078c5bcf03003c831e3b0a target/linux/ath79/base-files/etc/diag.sh

So I've extended the base diag.sh in a way, that if it detects any of
the DTS LED aliases, then it would use the generic DTS set_led_state
code.

Signed-off-by: Petr Štetiar <ynezz@true.cz>

kernel: add DT binding support to AVM EVA parser

It allows selecting split-firmware parser directly by
specifying image-format in the device-tree.

Signed-off-by: David Bauer <mail@david-bauer.net>

comgt: Fix 3g.sh permissions

3g.sh needs to be executable. 600 is not correct for that.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

octeon: Evaluate board names in alphabetical order

Signed-off-by: Jonathan Thibault <jonathan@navigue.com>

ipq806x: dts: Add support for RGMII RX and TX clock delays

This change enables support to select phy4 in RGMII mode and
enables RGMII TX/RX clock internal delays.

Signed-off-by: Ram Chandra Jangir <rjangir@codeaurora.org>

kernel: ar83xx: Add support for three GMAC's connection

We have IPQ8064 AP161 board which has three GMAC's
* RGMII x2
* SGMII x1.
The existing ar8327 driver does not have support for
three GMAC's connection, hence this change adds support
for the same. This has been verified on AP148 and AP161
board.

Signed-off-by: xiaofeis <xiaofeis@codeaurora.org>
Signed-off-by: Ram Chandra Jangir <rjangir@codeaurora.org>

ar71xx: Add usb drivers in Archer C7 v4/v5 images

This commit adds the default usb packages
- kmod-usb-core
- kmod-usb2
- kmod-usb-ledtrig-usbport
for Archer C7 v4 and v5.
(The C7 v5 configuration is based on the v4, therefore the change for v4
also applies for v5.)

Signed-off-by: Daniel Halmschlager <dh@dev.halms.at>

base-files: fix several bashisms

For equality test a simple = is sufficient, the == is
usually disregarded as bashism.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

ipq40xx: fix openmesh sysupgrade with tar content out of order

The tar extraction depends on the order in which the files
are added to the tar file. Since the order is not guaranteed
and depends on the host system, the combined mtd write fails
with sysupgrade images built on some systems.
Fix by changing to tar file order independent mtd write.

Fixes: 86e18f6706e1 ("ipq806x: add support for OpenMesh A42")
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Sven Eckelmann <sven@narfation.org>

ipq40xx: add support for EnGenius EAP1300

SOC:    IPQ4018 / QCA Dakota
CPU:    Quad-Core ARMv7 Processor rev 5 (v7l) Cortex-A7
DRAM:   256 MiB
NOR:    32 MiB
ETH:    Qualcomm Atheros QCA8072
WLAN1:  Qualcomm Atheros QCA4018 2.4GHz 802.11bgn 2:2x2
WLAN2:  Qualcomm Atheros QCA4018 5GHz 802.11a/n/ac 2:2x2
INPUT:  RESET Button
LEDS:   Power, LAN, MESH, WLAN 2.4GHz, WLAN 5GHz

1. Load Ramdisk via U-Boot

To set up the flash memory environment, do the following:
a. As a preliminary step, ensure that the board console port is connected to the PC using these RS232 parameters:
   * 115200bps
   * 8N1
b. Confirm that the PC is connected to the board using one of the Ethernet ports. Set a static ip 192.168.99.8 for Ethernet that connects to board. The PC must have a TFTP server launched and listening on the interface to which the board is connected. At this stage power up the board and, after a few seconds, press 4 and then any key during the countdown.

U-BOOT> set serverip 192.168.99.8 && set ipaddr 192.168.99.9 && tftpboot 0x84000000 openwrt.itb && bootm

2. Load image via GUI

a. Upgrade EAP1300 to FW v3.5.3.2
In the GUI, System Manager > Firmware > Firmware Upgrade, to do upgrade.
b. Transfer to OpenWrt from EnGenius.
In Firmware Upgrade page, to upgrade yours openwrt-ipq40xx-engenius_eap1300-squashfs-sysupgrade.bin.

3. Revert to EnGenius EAP1300
To flash openwrt-ipq40xx-engenius_eap1300-squashfs-factory.bin by using sysupgrade command and "DO NOT" keep configuration.
$ sysupgrade –n openwrt-ipq40xx-engenius_eap1300-squashfs-factory.bin

Signed-off-by: Steven Lin <steven.lin@senao.com>

brcm2708-gpu-fw: add fw required for camera module

To be able to use the camera module, start_x=1 has to be set in
config.txt. This will cause the bootloader to load the GPU firmware that
contain the extra video codecs. Install these firmware files.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

brcm2708-gpu-fw: update to git HEAD

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

kernel: add missing symbol

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

mac80211: fix brcmfmac on brcm2708

An upstream change broke brcmfmac when loaded with modparam roamoff=1.
As we are carrying a patch that enables roamoff by default on the
brcm2708 target to improve stability, wireless is currently broken
there. Add a patch to fix brcmfmac with roamoff=1.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

ramips: fix Netgear EX3700/EX3800 wireless driver selection

Fix the typo to select kmod-mt76x2.

Signed-off-by: Mathias Kresin <dev@kresin.me>

mt76: update to the latest version

5a5b396 mt76: throttle transmission of buffered multicast packets
8084323 mt7603: implement code for adjusting energy detect CCA thresholds
8929a6e mt7603: increase MCU timeout
f2ba65f mt7603: update firmware to 20161027164355
0ad998b mt7603: increase aggregation limits (based on vendor driver changes)
da00af0 mt7603: clear bit 18 in MT_SEC_SCR to fix ICV error

Signed-off-by: Felix Fietkau <nbd@nbd.name>

Revert "kernel: use add_mtd_partitions() helper when using OpenWrt parsers"

This reverts commit 7e88753ace0022bd56f77a7a647894f2936cf17b.

Using subpartitions (hierarchical layout) resulted in calling MTD ops of
parent partition instead of master device ops. That was expected and
should work but testing revealed some bugs.

Apparently the way MTD_ERASE_PARTIAL is implemented in the OpenWrt
breaks something and using parent partition ops triggers using that
code.

On SmartRG SR400ac it was resulting in:
[ 225.487519] jffs2: Erase at 0x01ac0000 failed immediately: errno -22
on the second boot (for some reason erasing was starting over) and it
was breaking flash access in a long term.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

ramips: add support for D-Link DWR-118-A1

The DWR-118-A1 Wireless Router is based on the MT7620A SoC.

Specification:

- MediaTek MT7620A (580 Mhz)
- 64 MB of RAM
- 16 MB of FLASH
- 1x 802.11bgn radio
- 1x 802.11ac radio (MT7610EN)
- 3x 10/100 Mbps Ethernet (3 LAN)
- 2x 10/100/1000 Mbps ICPlus IP1001 Ethernet PHY (1 WAN AND 1 LAN)
- 1x internal, non-detachable antenna
- 2x external, non-detachable antennas
- 1x USB 2.0
- UART (J1) header on PCB (57600 8n1)
- 7x LED (5x GPIO-controlled), 2x button
- JBOOT bootloader

Known issues:
- WIFI 5G LED not working
- flash is very slow

The status led has been assigned to the dwr-118-a1:green:internet led.
At the end of the boot it is switched off and is available for other
operation. Work correctly also during sysupgrade operation.

Installation:
Apply factory image via http web-gui or JBOOT recovery page

How to revert to OEM firmware:
- push the reset button and turn on the power. Wait until LED start
blinking (~10sec.)
- upload original factory image via JBOOT http (IP: 192.168.123.254)

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>

ramips: mt7620: select only the matching mt76 driver

Because every device has selected the corresponding mt76 driver, we can
now disable the mt76 metapackage by default to make sure that other
devices (those don't need mt76) avoid selecting unwanted packages.

We can find the hardware specifies and determine the dependencies on
these sites:
https://wikidevi.com/wiki/
https://openwrt.org/toh/hwdata/

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>

ramips: mt7620: drop mt76 driver for boards without mt76 wireless

These boards don't have a mt76 wireless at all and don't need any of the
mt76 family drivers.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>

ramips: mt7620: disable PCIe if nothing is attached

All boards neither expose the PCIe as Mini-PCIe nor have anything
attached to the PCIe Bus. Disable PCIe for those by dropping the node
from the dts files.

Signed-off-by: Mathias Kresin <dev@kresin.me>

ramips: mt7620: add missing pci wifi nodes to dts files

These devices has pci wifi but not defined in dts:
HC5761
HC5861
TINY-AC

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>

kernel: use add_mtd_partitions() helper when using OpenWrt parsers

This helper uses hierarchical partitions layout following the way
upstream parsers work. It's closer to what we should use when mainlining
our solutions. It also doesn't require hacky casting of struct
mtd_partition to the const.

THIS WILL AFFECT KERNEL PRINTING PARTITIONS IN THE LOG

Something like:
[    3.930158] 0x0000004e0000-0x000001fb0000 : "rootfs_data"
will get replaced by:
[    3.907338] Creating 1 MTD partitions on "rootfs":
[    3.912142] 0x00000031d400-0x000001ded400 : "rootfs_data"

It's important to understand that "rootfs_data" in above example is a
*subpartition* of the "rootfs" now. To get absolute addresses (e.g. for
some debugging purposes) one has to add them to the "rootfs", e.g.
[    3.912548] 0x0000001c2c00-0x000001fb0000 : "rootfs"

(0x1c2c00 + 0x31d400 = 0x4e0000)

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

kernel: backport 2 mtd partitioning fixes

This improves handling of subpartitions.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

openvpn: add list element parsing

For the parameters tls-cipher and ncp-ciphers more than one option can
be used in the OpenVPN configuration, separated by a colon, which should
be implemented as a list in order to configure it more clearly. By
adding the new OPENVPN_LIST option to the openvpn.options file with the
tls-cipher and ncp-cipher parameters, uci can now add this option as a
"list" and the init script will generate the appropriate OpenVPN
configuration from it.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Florian Eckert <fe@dev.tdt.de>

kernel: fix downloading rcX releases

They are no longer stored in the "testing" subdirectory and are not
available as .tar.xz archives. If -rc is detected download it from the
git.kernel.org and use .tar.gz.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

ath79: add support for Ubiquiti AirRouter

Indoor low-power router with 2.4 GHz radio

CPU:    Atheros AR7241 rev 1
RAM:    32 MB
Flash:  8 MB NOR SPI
Switch: Atheros AR7240
Ports:  1x WAN, 4x LAN 10/100 Ethernet
WLAN:   Atheros AR9285 (2.4 GHz)
USB:    1x USB2 host port

Note: Ethernet WAN/LAN port naming is reversed from ar71xx.
WAN is eth0; LAN is eth1.1.

UART settings: 115200, 8N1

                LEDs
        +--------------------------
        |
        |
        |
        |
        |
        |
        |
        |
    VCC | x x
     RX | * x
        | x x
        | x x
     TX | * x
    GND | * x
        |
        |
        |
        |
        +--------------------------
                ETHERNET PORTS

Installation from Ubiquiti firmware, is as for other ubnt-xm AirOs devices.

Signed-off-by: Russell Senior <russell@personaltelco.net>

ath79: split ubnt outdoor device leds into separate dtsi

Move common LED configuration into a separate includible dtsi.

Signed-off-by: Russell Senior <russell@personaltelco.net>

cryptodev-linux: move from packages feed

The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
This is actually a build dependency for /dev/crypto support in openssl.
Since it is a kernel module, it belongs here anyway.

- Removed Nikos Mavrogiannopoulos as maintainer.
- Streamlined make flags

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>