Signed-off-by: Felix Fietkau <nbd@nbd.name>

Our supported libcs are ABI compatible across version upgrades

Signed-off-by: Felix Fietkau <nbd@nbd.name>

Update gdb to version 7.12.1.

GDB 7.12.1 brings the following fixes and enhancements over GDB 7.12:

   * PR tdep/20682 (aarch64 regression: gdb.cp/nextoverthrow.exp)
   * PR server/20733 (Failed to build aarch64_be-linux-gnu GDBserver)
   * PR tdep/20953 (GDB crashes after "set architecture rl78")
   * PR tdep/20954 (GDB crashes if "set architecture rx")
   * PR tdep/20955 (GDB internal error in cris-tdep.c)
   * PR build/20712 (gdb 7.12+ doesn't build as C++ on Solaris)
   * PR breakpoint/20653 (string_to_explicit_location has some weird code)
   * PR build/20753 (MinGW compilation errors due to strcasecmp)
   * PR gdb/20977 (GDB exception handling is broken on i686-w64-mingw32)
   * PR python/21048 (backtrace is broken on i686)
   * PR sim/20808 (mips sim build fails due to undefined SD/CPU variables)
   * PR sim/20809 (mips sim build fails for r3900 cpus)
   * PR gdb/20939 (GDB aborts

Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>

Signed-off-by: Felix Fietkau <nbd@nbd.name>

Use 2.27 as default which is the current relese.
Makes it easier to get support and submit patches upstream if needed.

Tested on ar71xx, mt7621, kirkwood (arm)

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

These are patches queued for 4.11. It adds support for even more hw and
removes some annoying WARN_ONCE.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

This adds support for more devices.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

- Really disable power management (wrong config flags).
- Disable internal roaming engine.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

It's needed for macaddr_add.

Fixes: 50efd403 ("bcm53xx: set WAN MAC address to don't share one with LAN interface")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Add missing parentheses.
Fixes kernel build issue when using this driver.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

Compiled & tested on cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

Signed-off-by: Felix Fietkau <nbd@nbd.name>

After "73d923ed base-files: emit tagged switch configuration by default"
some default network configurations are broken because the lan and wan
ifnames are forcibly set to untagged netdevs.

Adjust the offending set_interfaces_lan_wan() calls to use the proper
tagged device names.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Add a patch to revert upstream commit 9aed02feae57bf7a40cb04ea0e3017cb7a998db4
which introduces syntax errors.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

This fixes the following 41 security problems:
 + CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
 + CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
 + CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
 + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
 + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
 + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
 + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
 + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
 + CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
 + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
 + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
 + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
 + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
 + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
 + CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
 + CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
 + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
 + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
 + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
 + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
 + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
 + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
 + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
 + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
 + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
 + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
 + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
 + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
      buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
      lightweight resolver protocol, PIM).
 + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
 + CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
 + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
 + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
 + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
 + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
 + CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
 + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
      OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
      print-ether.c:ether_print().
 + CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
 + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
 + CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
 + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
 + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().

The size of the package is only incread very little:
new size:
306430 tcpdump_4.9.0-1_mips_24kc.ipk
130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk

old size:
302782 tcpdump_4.8.1-1_mips_24kc.ipk
129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

n
As usual these patches were extracted and rebased from the raspberry pi repo:
https://github.com/raspberrypi/linux/tree/rpi-4.4.y



Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

It just makes code consistent. This trivial change may be a 17.01
candidate to provide simpler backporting experience.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

This reverts commit dde5c729.

The uClibc update was completely untested, does not build with Kernel 4.4 and
did not adjust the configuration to predeclare new config symbols.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Signed-off-by: Felix Fietkau <nbd@nbd.name>

Signed-off-by: Felix Fietkau <nbd@nbd.name>

Signed-off-by: Felix Fietkau <nbd@nbd.name>

Signed-off-by: Felix Fietkau <nbd@nbd.name>

For backward 4.4 compatibility I added patch reverting my changes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

In kernel 4.9 it's already present so we don't want to overwite it (with
older & API incompatible version).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

We dont't build officialy images for them yet due to partitioning
issues.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Refresh patches for all targets that support kernel 4.4.
Compile-tested on all targets that use kernel 4.4 and aren't marked
broken, except arc770 and arch38 due to broken toolchain.

Runtime-tested on ar71xx, octeon, ramips and x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

Bump to dnsmasq 2.77test1 - this includes a number of fixes since 2.76
and allows dropping of 2 LEDE carried patches.

Notable fix in rrfilter code when talking to Nominum's DNS servers
especially with DNSSEC.

A patch to switch dnsmasq back to 'soft fail' for SERVFAIL responses
from dns servers is also included.  This mean dnsmasq tries all
configured servers before giving up.

A 'localise queries' enhancement has also been backported (it will
appear in test2/rc'n') this is especially important if using the
recently imported to LEDE 'use dnsmasq standalone' feature 9525743c

I have been following dnsmasq HEAD ever since 2.76 release.
Compile & Run tested: ar71xx, Archer C7 v2

Tested-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

ref commit 9525743c
dnsmasq: make DHCPv6 viable for standalone dnsmasq install
Above commit broke instancing by missing filter_dnsmasq()
as part of the dhcp_add() execution.

Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>

The Sanlinking Technologies D240
(http://www.sanlinking.com/en/29-dual-4g-wifi-router.html

) is basically the same
device as the ZBT WE826, so adding support for it in LEDE is straight forward.
The differences is that the D240 has two mini-PCIe slots (instead of one), blue
LEDs and supports PoE.

Specification:
* CPU: MT7620A
* 1x 10/100Mbps POE (802.3af/802.3at) Ethernet, 4x 10/100Mbps.
* 16 MB Flash.
* 128 MB RAM.
* 1x USB 2.0 port.
* 2x mini-PCIe slots.
* 2x SIM slots.
* 1x 2.4Ghz WIFI.
* 1x button.

Wifi, USB, switch and both mini-PCIe slots are working. I have not been able to
test the SD card reader.

The device comes pre-installed with an older version of OpenWRT, including Luci.
In order to install LEDE, you need to follow the existing procedure for updating
OpenWRT/LEDE using Luci. I.e., you need to access the UI and update the firmware
using the sysupgrade-image. Remember to select that you do not want to keep
existing settings. The default router address is 192.168.10.1 and
username/password admin/root (at least on my devices).

If you brick the device, the procedure for recovery is the same as for the
WE826. Please see the wiki page for that device for instructions.

Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>

Signed-off-by: Felix Fietkau <nbd@nbd.name>

Do not spam the syslog with DHCPv6 lease info if quietdhcp option
is selected. This already works for DHCPv4, make it work in the same
way for DHCPv6.

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
[Originally written by Arjen de Korte on GitHub but had issues providing
a SoB in correct format.]
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Tim Harvey <tharvey@gateworks.com> [fixes]

This patch moves the fakeroot code required by some devices to
`image-commands.mk`.

Create the fakeroot on the fly by using the undocumented -s (skip copy)
parameter of mkimage.

Signed-off-by: Joseph C. Lehner <joseph.c.lehner@gmail.com>
[remove unused NETGEAR_KERNEL_MAGIC, remove workarounds to have a dummy
rootfs for mkimage]
Signed-off-by: Mathias Kresin <dev@kresin.me>

Gemtek is the ODM but the board was sold by Airlink101.

Signed-off-by: Mathias Kresin <dev@kresin.me>

The factory image can't be bigger than 3328 KByte. If the image is
bigger than that, the gemtek-header tool throws an error and breaks
the build.

Make sure the output file to which the gemtek header should be added
exists and wasn't removed during the check-size step because of it
size. This will prevent hard errors in case the factory image is to big
similar to what is done for sysupgrade images.

Signed-off-by: Mathias Kresin <dev@kresin.me>