summaryrefslogtreecommitdiff
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
* LEDE v17.01.6: adjust config defaultsv17.01.6Hauke Mehrtens2018-09-021-3/+3
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to version 4.4.153Hauke Mehrtens2018-08-301-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to version 4.4.151Hauke Mehrtens2018-08-221-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to version 4.4.150Hauke Mehrtens2018-08-211-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to version 4.4.148Hauke Mehrtens2018-08-151-2/+2
| | | | | | | | | | | The following patch was integrated upstream: * target/linux/generic/patches-4.4/005-ext4-fix-check-to-prevent-initializing-reserved-inod.patch This fixes tries to work around the following security problems: * CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects * CVE-2018-3646 L1 Terminal Fault Virtualization related aspects Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to version 4.4.147Matthias Schiffer2018-08-091-2/+2
| | | | | | | | target/linux/ar71xx/patches-4.4/103-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch has been applied upstream; the two deleted brcm2708 patches have been useless even before (as the second one only reverted the first one). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* downloads.mk: introduce name-agnostic PROJECT_GIT variableJo-Philipp Wich2018-08-041-2/+4
| | | | | | | | | | | Introduce a name-agnostic PROJECT_GIT variable poiting to https://git.openwrt.org/ and declare LEDE_GIT and OPENWRT_GIT as aliases to it. After some transition time we can drop this alias variables. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 4700544e4068cb72932148ac1ecd294ca1388671)
* build: fix compile error when a package includes itself in PROVIDESFelix Fietkau2018-07-201-1/+1
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 7c306ae640feb4d42b352175de27b034bd917938)
* LEDE v17.01.5: revert to branch defaultsHauke Mehrtens2018-07-151-3/+3
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* LEDE v17.01.5: adjust config defaultsv17.01.5Hauke Mehrtens2018-07-151-3/+3
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to version 4.4.140Hauke Mehrtens2018-07-131-2/+2
| | | | | | | | | | These two patches: target/linux/ar71xx/patches-4.4/403-mtd_fix_cfi_cmdset_0002_status_check.patch target/linux/ramips/patches-4.4/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch are replaced by upstream commit 242dbd2b3df ("mtd: cfi_cmdset_0002: Change erase functions to check chip good only") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to version 4.4.139Hauke Mehrtens2018-07-031-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to version 4.4.138Hauke Mehrtens2018-06-161-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to version 4.4.137Hauke Mehrtens2018-06-151-2/+2
| | | | | | | | | | | | The new option CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE was added, in this commit: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=linux-4.4.y&id=ffe4bf3eb3cfa10f9ef295c08c21f4fe3bb07e21 Handle it by setting it to the opposite value CONFIG_CC_OPTIMIZE_FOR_SIZE is set to. Tested on lantiq Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to 4.4.135 for 17.01Hauke Mehrtens2018-06-021-2/+2
| | | | | | * Refreshed patches Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.4 to 4.4.132 for 17.01Etienne Haarsma2018-05-221-2/+2
| | | | | | | | | * Refreshed patches Compile-tested: ar71xx Run-tested: ar71xx Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
* kernel: bump kernel 4.4 to 4.4.131 for 17.01Etienne Haarsma2018-05-071-2/+2
| | | | | | | | | * Refreshed patches Compile-tested: ar71xx Run-tested: ar71xx Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
* kernel: bump kernel 4.4 to 4.4.129 for 17.01Etienne Haarsma2018-04-301-2/+2
| | | | | | | | | * Refreshed patches Compile-tested: ar71xx Run-tested: ar71xx Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
* kernel: bump kernel 4.4 to 4.4.126 for 17.01Stijn Segers2018-04-141-2/+2
| | | | | | | | | * Refreshed patches Compile-tested: ar71xx, ramips/mt7621, x86/64 Run-tested: ar71xx Signed-off-by: Stijn Segers <foss@volatilesystems.org>
* Kernel: bump 4.4 to 4.4.124 for 17.01Stijn Segers2018-04-011-2/+2
| | | | | | | | | | * Refreshed patches * Removed 087-Revert-led-core-Fix-brightness-setting-when-setting-.patch (applied upstream) Compile-tested on ar71xx, ramips/mt7621, x86/64 Run-tested on ar71xx Signed-off-by: Stijn Segers <foss@volatilesystems.org>
* include/package-defaults.mk: fix default Build/Prepare with empty ./srcMatthias Schiffer2018-03-071-1/+1
| | | | | | | Copying ./src/* would fail when src exists, but is empty or only contains hidden files. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* include/rootfs.mk: retain list of conffiles with CONFIG_CLEAN_IPKGMatthias Schiffer2018-03-071-1/+8
| | | | | | | | /usr/lib/opkg/status must not be removed completely, otherwise the packages' conffile lists will be missing. Replace it with a reduced version only containing the conffile entries. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* include/rootfs.mk: do not remove opkg prerm scripts during rootfs preparationMatthias Schiffer2018-03-071-1/+0
| | | | | | | When a user removes a preinstalled opkg package, the package's prerm script (and in particular our default_prerm) should run. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* kernel: bump 4.4 to 4.4.120 for 17.01Stijn Segers2018-03-041-2/+2
| | | | | | | | | Bump the 4.4 kernel for the 17.01 release to 4.4.120. Refresh patches. Compile-tested: ar71xx, ramips/mt7621, x86/64 Run-tested: ar71xx, x86/64 Signed-off-by: Stijn Segers <foss@volatilesystems.org>
* kernel: update 17.01 kernel to 4.4.116Stijn Segers2018-02-201-2/+2
| | | | | | | | | | | | | | | | | | This bumps the 4.4. kernel in LEDE 17.01 to 4.4.116. More Meltdown & Spectre mitigation. * Refresh patches. * Refresh x86/config for RETPOLINE. * Deleted 8049-PCI-layerscape-Add-fsl-ls2085a-pcie-compatible-ID.patch (accepted upstream) * Deleted 8050-PCI-layerscape-Fix-MSG-TLP-drop-setting.patch (accepted upstream) * 650-pppoe_header_pad.patch does not apply anymore (code was replaced). Bumps from 4.4.113 to 4.4.115 were handled by Kevin Darbyshire-Bryant. Compile-tested on: ar71xx, ramips/mt7621, x86/64 Run-tested on: ar71xx, ramips/mt7621, x86/64 Signed-off-by: Stijn Segers <foss@volatilesystems.org>
* iptables: Fix target TRACE issueMartin Wetterwald2018-01-261-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | The package kmod-ipt-debug builds the module xt_TRACE, which allows users to use '-j TRACE' as target in the chain PREROUTING of the table raw in iptables. The kernel compilation flag NETFILTER_XT_TARGET_TRACE is also enabled so that this feature which is implemented deep inside the linux IP stack (for example in sk_buff) is compiled. But a strace of iptables -t raw -I PREROUTING -p icmp -j TRACE reveals that an attempt is made to read /usr/lib/iptables/libxt_TRACE.so, which fails as this dynamic library is not present on the system. I created the package iptables-mod-trace which takes care of that, and target TRACE now works! https://dev.openwrt.org/ticket/16694 https://dev.openwrt.org/ticket/19661 Signed-off-by: Martin Wetterwald <martin.wetterwald@corp.ovh.com> [Jo-Philipp Wich: also remove trace extension from builtin extension list and depend on kmod-ipt-raw since its required for rules] Signed-off-by: Jo-Philipp Wich <jo@mein.io> Tested-by: Enrico Mioso <mrkiko.rs@gmail.com>
* kernel: bump 4.4 to 4.4.112 for 17.01Kevin Darbyshire-Bryant2018-01-221-2/+2
| | | | | | | | | | | | | | | | | | | | | | Refresh patches. Remove upstreamed patches: target/linux/generic/patches-4.4/030-2-smsc75xx-use-skb_cow_head-to-deal-with-cloned-skbs.patch target/linux/generic/patches-4.4/030-3-cx82310_eth-use-skb_cow_head-to-deal-with-cloned-skb.patch target/linux/generic/patches-4.4/030-4-sr9700-use-skb_cow_head-to-deal-with-cloned-skbs.patch target/linux/generic/patches-4.4/030-5-lan78xx-use-skb_cow_head-to-deal-with-cloned-skbs.patch CVEs completely or partially addressed: CVE-2017-5715 CVE-2017-5753 CVE-2017-17741 CVE-2017-1000410 Compile-tested: ar71xx Archer C7 v2 Run-tested: ar71xx Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: bump 4.4 to 4.4.111 for 17.01Kevin Darbyshire-Bryant2018-01-171-2/+2
| | | | | | | | Refresh patches Tested-on: ar71xx Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* build: fix restoring /etc/opkg with PER_DEVICE_ROOTFSJo-Philipp Wich2018-01-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | When generating per-device rootfs directories, the ./etc/opkg/ directory is moved away prior to calling opkg install, opkg remove and rootfs_prepare. After the opkg invocations and the rootfs_prepare macro call, the saved opkg config directory is supposed to be moved back to its previous ./etc/opkg location. The mv command however can fail to properly restore the directory under certain circumstances, e.g. when the prior opkg or files/ overlay copy operations caused a new ./etc/opkg/ directory to be created. In this case, the backed up directory (named target-dir-$hash.opkg) will be moved into the preexisting ./etc/opkg/ directory instead, causing the opkg configuration to be located in a wrong path on the final rootfs, e.g. in /etc/opkg/target-dir-$hash.opkg/distfeeds.conf instead of /etc/opkg/distfeeds.conf. Solve this problem by replacing the naive "mv" command with a recursive "cp -T" invocation which causes the backed up directory tree to get merged with the destination directory in case it already exists. Also perform the rootfs_prepare macro call after restoring the opkg configuration, to allow users to override it again by using the files/ overlay mechanism. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit ab1785b1b2559c9f2d09d4d3ce43e11f4b828616)
* kernel: update kernel 4.4 to version 4.4.110Hauke Mehrtens2018-01-071-2/+2
| | | | | | This fixes: CVE-2017-5754 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump 4.4 to 4.4.108 for 17.01Kevin Darbyshire-Bryant2017-12-301-2/+2
| | | | | | Refresh patches. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: bump 4.4 to 4.4.107Etienne Haarsma2017-12-231-2/+2
| | | | | | | | | | | | | Bump 4.4 to 4.4.107 and refreshed all patches. Made the following patch for Mediatek and Oxnas compatible with kernel 4.4.107: 0072-mtd-backport-v4.7-0day-patches-from-Boris.patch Compile-tested: ar71xx Run-tested: ar71xx Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com> Reviewed-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> Tested-by: Rosen Penev <rosenp@gmail.com>
* build: remove @ as it's causing an errorPhilip Prindeville2017-12-131-1/+1
| | | | | | | | | Since $(DownloadMethod/unknown) is being invoked in the expansion of $(call locked ...) anyway, you can't have an @ because the shell doesn't know what to do with it. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> (cherry picked from commit 76ba01a39216b8460846808b2fc10d5ee230a324)
* netfilter: add iptables-mod-rpfilter packageAlin Nastac2017-12-131-0/+2
| | | | | | | | | | Unlike /proc/sys/net/ipv4/conf/INTF/rp_filter flag, rule iptables -t raw -I PREROUTING -m rpfilter --invert -j DROP prevents conntrack table to become full when a packet flood with randomly selected source IP addresses is received from the lan side. Signed-off-by: Alin Nastac <alin.nastac@gmail.com> (cherry picked from commit d8748e537f11ab5f2b5e2ed25d94baa5ce353984)
* build: new fixes for symlinked .config handlingSergey Ryazanov2017-12-131-4/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | When running "make {config|defconfig|oldconfig}" with symlinked .config (e.g. to env/.config) it renames symlink to .config.old, creates new .config file, and writes the updated configuration into it. This breaks the desired workflow when changes in the configuration can be checked using "scripts/env diff" and commited using "scripts/env save". Since the env/.config file is not updated. The things become even worse when working with feeds, since feeds script quite often silently invokes "make {oldconfig|defconfig}" and breaks the symlink. Fix this issue by exporting KCONFIG_OVERWRITECONFIG=1, which forces mconf to overwrite the .config content, instead of renaming it and creating a new file. This variable is set only if .config is a symlink, otherwise the variable is not exported and the old behaviour is preserved. This change uses the same behaviour as "make menucofig", which has already been fixed in commit 5bf98b1acc3b6b178f8954c5075a58e1e6a99d6a. Also make a tiny cosmetic update to the "make menuconfig" target code layout to make it look like other config handling targets. Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com> (cherry picked from commit e06d8f0f6f041c8ac1acba810eea96c32dc983e4)
* build: allow val.% targets to bypass the prepare stepsFelix Fietkau2017-12-131-0/+3
| | | | | | | | Significantly reduces time spent processing those targets and should also silence some log clutter which could confuse buildbot Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit ddbb036bbb8a1030dd8f6fae0004d390b5f2b8a5)
* include/packages-defaults.mk: Remove LARGEFILE optionDaniel Engberg2017-12-131-1/+0
| | | | | | | Remove LARGEFILE option, support was removed back in 2011 (OpenWrt rev 25208). Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> (cherry picked from commit edda8ecd79b181e338e82331ecb45eaeff0f57af)
* kernel: move initramfs's init script out of base-filesRafał Miłecki2017-12-131-1/+1
| | | | | | | | | Keeping it in base-files was resulting in adding it to the base-files package. This file is meant to be included manually for initramfs images only. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit f6433eede79db4f6276b68e815bb17a9364292c7)
* target.mk: check that CPU_TYPE has known CPU_CFLAGS mappingPhilip Prindeville2017-12-131-0/+5
| | | | | | | | | If someone creates a target and indicates a CPU_TYPE, but there's no corresponding support for that CPU_TYPE's flags in include/target.mk then that should probably be indicated rather than silently ignored. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> (cherry picked from commit d3bc11857af788e185e8a3ece26ce40757cf3965)
* build: fix STAMP_PREPARED with quiltFelix Fietkau2017-12-132-2/+2
| | | | | | | | quilt.mk needs to be included first, to ensure that STAMP_PREPARED does not include the hash if quilt is used. Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 89118da865a34ed9537a088196d81ca9e37cb983)
* build: get rid of FIND_L from host.mkFelix Fietkau2017-12-132-6/+1
| | | | | | | | This was added for Mac OS X many years ago, but recent versions also support find -L Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit be206eba3a57128695a00f490767e5c136e43ab7)
* build: unsilence move commandThomas Reifferscheid2017-12-131-1/+1
| | | | | | | | | | The @ sign in front of the "mv" command was significantly suppressing output to stdout. When reviewing the make/build logs it was tricking me a whole lot and it mad me lose time. Removing the @ sign will get stdout and logs right about what happened when. Signed-off-by: Thomas Reifferscheid <thomas@reifferscheid.org> (cherry picked from commit 1d49b534f5b74676f30f2ee1ba78d9e02d59f0bc)
* build: skip headers install and config on make target/linux/prepareFelix Fietkau2017-12-131-1/+1
| | | | | | | This simplifies working with quilt on the kernel tree Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit dce6eeccc09339c7101a5b6b3fdba8b4d8f41247)
* build: make Host/Install/Default use Host/Compile/Default with an extra argumentFelix Fietkau2017-12-131-1/+1
| | | | | | | Allows parallelizing compile steps that might be necessary during install Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit fe1e3622a271386ea0413c97d9884e9935e17f11)
* kernel: bump 4.4 to 4.4.103 for 17.01Etienne Haarsma2017-12-121-2/+2
| | | | | | | | | | | | | Refreshed all patches. Removed upstream ramips patches: 0101-MIPS-ralink-Fix-MT7628-pinmux.patch 0102--MIPS-ralink-Fix-typo-in-mt7628-pinmux-function.patch Compile-tested: ar71xx Run-tested: ar71xx Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
* kernel: bump 4.4 to 4.4.102Etienne Haarsma2017-11-261-2/+2
| | | | | | | | | | | | Refreshed all patches. Removed upstream ramips patch: 0063-set-CM_GCR_BASE_CMDEFTGT_MEM-according-to-datasheet.patch Compile-tested: ar71xx Run-tested: ar71xx Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com> Tested-by: Stijn Segers <francesco.borromini@inventati.org>
* kernel: bump 4.4 to 4.4.93 for 17.01Kevin Darbyshire-Bryant2017-10-181-2/+2
| | | | | | | | | | | | Refresh patches. Compile-tested for ar71xx - Archer C7 v2 Runtime-tested on ar71xx - Archer C7 v2 Fixes CVE-2017-15265. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> [remove 2nd CVE as it was fixed in mac80211 in commit bff16304b0bf] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* LEDE v17.01.4: revert to branch defaultsStijn Tintel2017-10-181-3/+3
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* LEDE v17.01.4: adjust config defaultsv17.01.4Stijn Tintel2017-10-181-3/+3
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: bump 4.4 to 4.4.92Stijn Tintel2017-10-161-2/+2
| | | | | | | | | | | Refresh patches. Fixes the following CVEs: - CVE-2017-1000252 - CVE-2017-12153 - CVE-2017-12154 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>