LEDE v17.01.3: adjust config defaults

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

feeds.conf.default

@@ -1,4 +1,4 @@
-src-git packages https://git.lede-project.org/feed/packages.git^dc558eaa296686603c1730c1aab01f3ea69d7831
-src-git luci https://git.lede-project.org/project/luci.git^7f6fc1681f7becc514a58082e871f3855d3a123f
-src-git routing https://git.lede-project.org/feed/routing.git^dbbad8472288498c17825303d834da3ee5030806
-src-git telephony https://git.lede-project.org/feed/telephony.git^1f0fb2538ba6fc306198fe2a9a4b976d63adb304
+src-git packages https://git.lede-project.org/feed/packages.git^21b2e3eb761ea79bf3a8d2b6368435887960f5c2
+src-git luci https://git.lede-project.org/project/luci.git^079f65a628a4c4179578c043d2905efea93bb167
+src-git routing https://git.lede-project.org/feed/routing.git^d11075cd40a88602bf4ba2b275f72100ddcb4767
+src-git telephony https://git.lede-project.org/feed/telephony.git^ac6415e61f147a6892fd2785337aec93ddc68fa9

include/image-legacy.mk

@@ -48,6 +48,7 @@ endef
 ifdef TARGET_PER_DEVICE_ROOTFS
   define Image/Build/Profile/Filesystem
 	cp $(KDIR)/root.$(2)+pkg=$(3) $(KDIR)/root.$(2)
+	$(call Image/Build/$(2),$(2))
 	$(call Image/Build/Profile,$(1),$(2))
   endef
 else

include/kernel-version.mk

@@ -3,10 +3,10 @@
 LINUX_RELEASE?=1
 
 LINUX_VERSION-3.18 = .43
-LINUX_VERSION-4.4 = .71
+LINUX_VERSION-4.4 = .89
 
 LINUX_KERNEL_HASH-3.18.43 = 1236e8123a6ce537d5029232560966feed054ae31776fe8481dd7d18cdd5492c
-LINUX_KERNEL_HASH-4.4.71 = 44cd5532d6df32197fd0f89e6f8c542fcfb76b52155a4d3a609ef4898522e6ab
+LINUX_KERNEL_HASH-4.4.89 = a81d1b1306e4fddee5d6f7219090a616073b02f4069e44522a9c0454b17f2b67
 
 ifdef KERNEL_PATCHVER
   LINUX_VERSION:=$(KERNEL_PATCHVER)$(strip $(LINUX_VERSION-$(KERNEL_PATCHVER)))

include/kernel.mk

@@ -131,7 +131,7 @@ define ModuleAutoLoad
 	}; \
 	$(3) \
 	if [ -n "$$$$$$$$modules" ]; then \
-		modules="$$$$$$$$(echo "$$$$$$$$modules" | tr ' ' '\n' | sort | uniq | paste -s -d' ')"; \
+		modules="$$$$$$$$(echo "$$$$$$$$modules" | tr ' ' '\n' | sort | uniq | paste -s -d' ' -)"; \
 		mkdir -p $(2)/etc/modules.d; \
 		mkdir -p $(2)/CONTROL; \
 		echo "#!/bin/sh" > $(2)/CONTROL/postinst-pkg; \

include/version.mk

@@ -31,16 +31,16 @@ qstrip_escape=$(subst ','\'',$(call qstrip,$(1)))
 sanitize = $(call tolower,$(subst _,-,$(subst $(space),-,$(1))))
 
 VERSION_NUMBER:=$(call qstrip_escape,$(CONFIG_VERSION_NUMBER))
-VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),17.01.2)
+VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),17.01.3)
 
 VERSION_CODE:=$(call qstrip_escape,$(CONFIG_VERSION_CODE))
-VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r3435-65eec8bd5f)
+VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r3533-d0bf257c46)
 
 VERSION_NICK:=$(call qstrip_escape,$(CONFIG_VERSION_NICK))
 VERSION_NICK:=$(if $(VERSION_NICK),$(VERSION_NICK),$(RELEASE))
 
 VERSION_REPO:=$(call qstrip_escape,$(CONFIG_VERSION_REPO))
-VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),http://downloads.lede-project.org/releases/17.01.2)
+VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),http://downloads.lede-project.org/releases/17.01.3)
 
 VERSION_DIST:=$(call qstrip_escape,$(CONFIG_VERSION_DIST))
 VERSION_DIST:=$(if $(VERSION_DIST),$(VERSION_DIST),LEDE)

package/base-files/Makefile

@@ -11,14 +11,15 @@ include $(INCLUDE_DIR)/kernel.mk
 include $(INCLUDE_DIR)/version.mk
 
 PKG_NAME:=base-files
-PKG_RELEASE:=173
+PKG_RELEASE:=173.1
 PKG_FLAGS:=nonshared
 
 PKG_FILE_DEPENDS:=$(PLATFORM_DIR)/ $(GENERIC_PLATFORM_DIR)/base-files/
 PKG_BUILD_DEPENDS:=usign/host
 PKG_LICENSE:=GPL-2.0
 
-PKG_CONFIG_DEPENDS := CONFIG_SIGNED_PACKAGES CONFIG_TARGET_INIT_PATH CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE
+# Extend depends from version.mk
+PKG_CONFIG_DEPENDS += CONFIG_SIGNED_PACKAGES CONFIG_TARGET_INIT_PATH CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -137,6 +138,7 @@ define Package/base-files/install
 
 	mkdir -p $(1)/CONTROL
 	mkdir -p $(1)/dev
+	mkdir -p $(1)/etc/config
 	mkdir -p $(1)/etc/crontabs
 	mkdir -p $(1)/etc/rc.d
 	mkdir -p $(1)/overlay

package/base-files/files/bin/config_generate

@@ -119,17 +119,14 @@ generate_network() {
 		;;
 
 		pppoe)
-			# fixup IPv6 slave interface
-			ifname="pppoe-$1"
-
 			uci -q batch <<-EOF
 				set network.$1.proto='pppoe'
 				set network.$1.username='username'
 				set network.$1.password='password'
-				set network.$1.ipv6='auto'
+				set network.$1.ipv6='1'
 				delete network.${1}6
 				set network.${1}6='interface'
-				set network.${1}6.ifname='$ifname'
+				set network.${1}6.ifname='@${1}'
 				set network.${1}6.proto='dhcpv6'
 			EOF
 		;;

package/base-files/files/lib/preinit/10_indicate_preinit

@@ -96,6 +96,8 @@ preinit_config_board() {
 }
 
 preinit_ip() {
+	[ "$pi_preinit_no_failsafe" = "y" ] && return
+
 	# if the preinit interface isn't specified and ifname is set in
 	# preinit.arch use that interface
 	if [ -z "$pi_ifname" ]; then
@@ -107,6 +109,8 @@ preinit_ip() {
 	elif [ -d "/etc/board.d/" ]; then
 		preinit_config_board
 	fi
+
+	preinit_net_echo "Doing Lede Preinit\n"
 }
 
 preinit_ip_deconfig() {
@@ -146,7 +150,6 @@ preinit_echo() {
 }
 
 pi_indicate_preinit() {
-	preinit_net_echo "Doing Lede Preinit\n"
 	set_state preinit
 }
 

package/base-files/image-config.in

@@ -190,7 +190,7 @@ if VERSIONOPT
 	config VERSION_REPO
 		string
 		prompt "Release repository"
-		default "http://downloads.lede-project.org/releases/17.01.2"
+		default "http://downloads.lede-project.org/releases/17.01.3"
 		help
 			This is the repository address embedded in the image, it defaults
 			to the trunk snapshot repo; the url may contain the following placeholders:

package/boot/uboot-envtools/files/ar71xx

@@ -18,6 +18,7 @@ a40|\
 a60|\
 alfa-ap120c|\
 all0258n|\
+ap121f|\
 ap90q|\
 cap324|\
 cap4200ag|\

package/kernel/lantiq/ltq-vdsl-mei/Makefile

@@ -9,7 +9,7 @@ include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=ltq-vdsl-vr9-mei
 PKG_VERSION:=1.5.17.6
-PKG_RELEASE:=1
+PKG_RELEASE:=3
 
 PKG_BASE_NAME:=drv_mei_cpe
 PKG_SOURCE:=$(PKG_BASE_NAME)-$(PKG_VERSION).tar.gz

package/kernel/lantiq/ltq-vdsl/Makefile

@@ -9,7 +9,7 @@ include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=ltq-vdsl-vr9
 PKG_VERSION:=4.17.18.6
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_BASE_NAME:=drv_dsl_cpe_api
 PKG_SOURCE:=$(PKG_BASE_NAME)_vrx-$(PKG_VERSION).tar.gz

package/kernel/lantiq/ltq-vdsl/patches/110-semaphore-lock.patch

@@ -0,0 +1,107 @@
+--- a/src/include/drv_dsl_cpe_pm_core.h
++++ b/src/include/drv_dsl_cpe_pm_core.h
+@@ -1510,9 +1510,9 @@ typedef struct
+    /** Common PM module mutex*/
+    DSL_DRV_Mutex_t pmMutex;
+    /** PM module direction Near-End mutex*/
+-   DSL_DRV_Mutex_t pmNeMutex;
++   struct semaphore pmNeMutex;
+    /** PM module direction Far-End mutex*/
+-   DSL_DRV_Mutex_t pmFeMutex;
++   struct semaphore pmFeMutex;
+    /** PM module Near-End access mutex*/
+    DSL_DRV_Mutex_t pmNeAccessMutex;
+    /** PM module Far-End access mutex*/
+--- a/src/pm/drv_dsl_cpe_api_pm.c
++++ b/src/pm/drv_dsl_cpe_api_pm.c
+@@ -220,9 +220,9 @@ DSL_Error_t DSL_DRV_PM_Start(
+    /* init PM module common mutex */
+    DSL_DRV_MUTEX_INIT(DSL_DRV_PM_CONTEXT(pContext)->pmMutex);
+    /* init PM module direction Near-End mutex */
+-   DSL_DRV_MUTEX_INIT(DSL_DRV_PM_CONTEXT(pContext)->pmNeMutex);
++   sema_init(&(DSL_DRV_PM_CONTEXT(pContext)->pmNeMutex),1);
+    /* init PM module direction Far-End mutex */
+-   DSL_DRV_MUTEX_INIT(DSL_DRV_PM_CONTEXT(pContext)->pmFeMutex);
++   sema_init(&(DSL_DRV_PM_CONTEXT(pContext)->pmFeMutex),1);
+    /* init PM module Near-End access mutex */
+    DSL_DRV_MUTEX_INIT(DSL_DRV_PM_CONTEXT(pContext)->pmNeAccessMutex);
+    /* init PM module Far-End access mutex */
+@@ -592,7 +592,7 @@ DSL_Error_t DSL_DRV_PM_Stop(
+    if( DSL_DRV_PM_CONTEXT(pContext)->pmThreadFe.bRun != DSL_TRUE )
+    {
+       DSL_DEBUG(DSL_DBG_WRN,
+-         (pContext, SYS_DBG_WRN"DSL[%02d]: PM module Near-End thread already stopped"
++         (pContext, SYS_DBG_WRN"DSL[%02d]: PM module Far-End thread already stopped"
+          DSL_DRV_CRLF, DSL_DEV_NUM(pContext)));
+    }
+    else
+--- a/src/pm/drv_dsl_cpe_pm_core.c
++++ b/src/pm/drv_dsl_cpe_pm_core.c
+@@ -1022,7 +1022,7 @@ DSL_Error_t DSL_DRV_PM_DirectionMutexCon
+    {
+       if( bLock )
+       {
+-         if( DSL_DRV_MUTEX_LOCK(DSL_DRV_PM_CONTEXT(pContext)->pmNeMutex) )
++         if(down_interruptible(&(DSL_DRV_PM_CONTEXT(pContext)->pmNeMutex)))
+          {
+             DSL_DEBUG( DSL_DBG_ERR,
+                (pContext, SYS_DBG_ERR"DSL[%02d]: ERROR - Couldn't lock PM NE mutex!"
+@@ -1034,14 +1034,14 @@ DSL_Error_t DSL_DRV_PM_DirectionMutexCon
+       else
+       {
+           /* Unlock PM module NE Mutex*/
+-          DSL_DRV_MUTEX_UNLOCK(DSL_DRV_PM_CONTEXT(pContext)->pmNeMutex);
++          up(&(DSL_DRV_PM_CONTEXT(pContext)->pmNeMutex));
+       }
+    }
+    else
+    {
+       if( bLock )
+       {
+-         if( DSL_DRV_MUTEX_LOCK(DSL_DRV_PM_CONTEXT(pContext)->pmFeMutex) )
++         if(down_interruptible(&(DSL_DRV_PM_CONTEXT(pContext)->pmFeMutex)))
+          {
+             DSL_DEBUG( DSL_DBG_ERR,
+                (pContext, SYS_DBG_ERR"DSL[%02d]: ERROR - Couldn't lock PM FE mutex!"
+@@ -1053,7 +1053,7 @@ DSL_Error_t DSL_DRV_PM_DirectionMutexCon
+       else
+       {
+          /* Unlock PM module FE Mutex*/
+-         DSL_DRV_MUTEX_UNLOCK(DSL_DRV_PM_CONTEXT(pContext)->pmFeMutex);
++         up(&(DSL_DRV_PM_CONTEXT(pContext)->pmFeMutex));
+       }
+    }
+ 
+@@ -1139,7 +1139,7 @@ DSL_Error_t DSL_DRV_PM_Lock(DSL_Context_
+    if( !(DSL_DRV_PM_CONTEXT(pContext)->bPmLock) )
+    {
+       /* Lock PM module Near-End Mutex*/
+-      if( DSL_DRV_MUTEX_LOCK(DSL_DRV_PM_CONTEXT(pContext)->pmNeMutex) )
++      if(down_interruptible(&(DSL_DRV_PM_CONTEXT(pContext)->pmNeMutex)))
+       {
+          DSL_DEBUG( DSL_DBG_ERR,
+             (pContext, SYS_DBG_ERR"DSL[%02d]: ERROR - Couldn't lock PM NE mutex!"
+@@ -1148,8 +1148,8 @@ DSL_Error_t DSL_DRV_PM_Lock(DSL_Context_
+          return DSL_ERR_SEMAPHORE_GET;
+       }
+ 
+-      /* Lock PM module Near-End Mutex*/
+-      if( DSL_DRV_MUTEX_LOCK(DSL_DRV_PM_CONTEXT(pContext)->pmFeMutex) )
++      /* Lock PM module Far-End Mutex*/
++      if( down_interruptible(&(DSL_DRV_PM_CONTEXT(pContext)->pmFeMutex)) )
+       {
+          DSL_DEBUG( DSL_DBG_ERR,
+             (pContext, SYS_DBG_ERR"DSL[%02d]: ERROR - Couldn't lock PM FE mutex!"
+@@ -1193,10 +1193,10 @@ DSL_Error_t DSL_DRV_PM_UnLock(DSL_Contex
+    if( DSL_DRV_PM_CONTEXT(pContext)->bPmLock )
+    {
+       /* Unlock PM module NE Mutex*/
+-      DSL_DRV_MUTEX_UNLOCK(DSL_DRV_PM_CONTEXT(pContext)->pmNeMutex);
++      up(&(DSL_DRV_PM_CONTEXT(pContext)->pmNeMutex));
+ 
+       /* Unlock PM module FE Mutex*/
+-      DSL_DRV_MUTEX_UNLOCK(DSL_DRV_PM_CONTEXT(pContext)->pmFeMutex);
++      up(&(DSL_DRV_PM_CONTEXT(pContext)->pmFeMutex));
+ 
+       /* Clear bPmLock flag*/
+       DSL_DRV_PM_CONTEXT(pContext)->bPmLock = DSL_FALSE;

package/kernel/linux/modules/netfilter.mk

@@ -360,8 +360,6 @@ define KernelPackage/nf-nathelper/description
  Default Netfilter (IPv4) Conntrack and NAT helpers
  Includes:
  - ftp
- - irc
- - tftp
 endef
 
 $(eval $(call KernelPackage,nf-nathelper))
@@ -381,11 +379,13 @@ define KernelPackage/nf-nathelper-extra/description
  Includes:
  - amanda
  - h323
+ - irc
  - mms
  - pptp
  - proto_gre
  - sip
  - snmp_basic
+ - tftp
  - broadcast
 endef
 

package/kernel/mac80211/Makefile

@@ -11,7 +11,7 @@ include $(INCLUDE_DIR)/kernel.mk
 PKG_NAME:=mac80211
 
 PKG_VERSION:=2017-01-31
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 PKG_SOURCE_URL:=http://mirror2.openwrt.org/sources
 PKG_BACKPORT_VERSION:=
 PKG_HASH:=75e6d39e34cf156212a2509172a4a62b673b69eb4a1d9aaa565f7fa719fa2317

package/kernel/mac80211/files/lib/wifi/mac80211.sh

@@ -92,7 +92,7 @@ detect_mac80211() {
 			htmode="VHT80"
 		}
 
-		[ -n $htmode ] && ht_capab="set wireless.radio${devidx}.htmode=$htmode"
+		[ -n "$htmode" ] && ht_capab="set wireless.radio${devidx}.htmode=$htmode"
 
 		if [ -x /usr/bin/readlink -a -h /sys/class/ieee80211/${dev} ]; then
 			path="$(readlink -f /sys/class/ieee80211/${dev}/device)"

package/libs/mbedtls/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mbedtls
-PKG_VERSION:=2.4.2
+PKG_VERSION:=2.6.0
 PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
 PKG_SOURCE_URL:=https://tls.mbed.org/download/
-PKG_HASH:=d01f2d5586a52055329d194d909103f445bd2d0b6b2b5f1c830fbf828ac6299f
+PKG_HASH:=a99959d7360def22f9108d2d487c9de384fe76c349697176b1f22370080d5810
 
 PKG_BUILD_PARALLEL:=1
 PKG_LICENSE:=GPL-2.0+

package/libs/mbedtls/patches/200-config.patch

@@ -1,6 +1,6 @@
 --- a/include/mbedtls/config.h
 +++ b/include/mbedtls/config.h
-@@ -191,7 +191,7 @@
+@@ -220,7 +220,7 @@
   *
   * Uncomment to get errors on using deprecated functions.
   */
@@ -9,7 +9,7 @@
  
  /* \} name SECTION: System support */
  
-@@ -441,17 +441,17 @@
+@@ -539,17 +539,17 @@
   *
   * Comment macros to disable the curve and functions for it
   */
@@ -35,7 +35,7 @@
  #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
  
  /**
-@@ -476,8 +476,8 @@
+@@ -574,8 +574,8 @@
   * Requires: MBEDTLS_HMAC_DRBG_C
   *
   * Comment this macro to disable deterministic ECDSA.
@@ -45,7 +45,7 @@
  
  /**
   * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
-@@ -523,7 +523,7 @@
+@@ -621,7 +621,7 @@
   *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
   *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
   */
@@ -54,7 +54,7 @@
  
  /**
   * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
-@@ -542,8 +542,8 @@
+@@ -640,8 +640,8 @@
   *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
   *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
   *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
@@ -64,7 +64,7 @@
  
  /**
   * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
-@@ -568,7 +568,7 @@
+@@ -666,7 +666,7 @@
   *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
   *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
   */
@@ -73,7 +73,7 @@
  
  /**
   * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-@@ -695,7 +695,7 @@
+@@ -793,7 +793,7 @@
   *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
   *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
   */
@@ -82,7 +82,7 @@
  
  /**
   * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
-@@ -719,7 +719,7 @@
+@@ -817,7 +817,7 @@
   *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
   *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
   */
@@ -91,7 +91,7 @@
  
  /**
   * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
-@@ -823,7 +823,7 @@
+@@ -921,7 +921,7 @@
   * This option is only useful if both MBEDTLS_SHA256_C and
   * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
   */
@@ -100,7 +100,7 @@
  
  /**
   * \def MBEDTLS_ENTROPY_NV_SEED
-@@ -917,14 +917,14 @@
+@@ -1015,14 +1015,14 @@
   * Uncomment this macro to disable the use of CRT in RSA.
   *
   */
@@ -117,7 +117,7 @@
  
  /**
   * \def MBEDTLS_SHA256_SMALLER
-@@ -940,7 +940,7 @@
+@@ -1038,7 +1038,7 @@
   *
   * Uncomment to enable the smaller implementation of SHA256.
   */
@@ -126,7 +126,7 @@
  
  /**
   * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
-@@ -1059,8 +1059,8 @@
+@@ -1157,8 +1157,8 @@
   * misuse/misunderstand.
   *
   * Comment this to disable support for renegotiation.
@@ -136,7 +136,7 @@
  
  /**
   * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
-@@ -1234,8 +1234,8 @@
+@@ -1332,8 +1332,8 @@
   * callbacks are provided by MBEDTLS_SSL_TICKET_C.
   *
   * Comment this macro to disable support for SSL session tickets
@@ -146,7 +146,7 @@
  
  /**
   * \def MBEDTLS_SSL_EXPORT_KEYS
-@@ -1265,7 +1265,7 @@
+@@ -1363,7 +1363,7 @@
   *
   * Comment this macro to disable support for truncated HMAC in SSL
   */
@@ -155,7 +155,7 @@
  
  /**
   * \def MBEDTLS_THREADING_ALT
-@@ -1299,8 +1299,8 @@
+@@ -1397,8 +1397,8 @@
   * Requires: MBEDTLS_VERSION_C
   *
   * Comment this to disable run-time checking and save ROM space
@@ -165,7 +165,7 @@
  
  /**
   * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
-@@ -1621,7 +1621,7 @@
+@@ -1719,7 +1719,7 @@
   *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
   *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
   */
@@ -174,7 +174,7 @@
  
  /**
   * \def MBEDTLS_CCM_C
-@@ -1635,7 +1635,7 @@
+@@ -1733,7 +1733,7 @@
   * This module enables the AES-CCM ciphersuites, if other requisites are
   * enabled as well.
   */
@@ -183,7 +183,7 @@
  
  /**
   * \def MBEDTLS_CERTS_C
-@@ -1647,7 +1647,7 @@
+@@ -1745,7 +1745,7 @@
   *
   * This module is used for testing (ssl_client/server).
   */
@@ -192,7 +192,7 @@
  
  /**
   * \def MBEDTLS_CIPHER_C
-@@ -1700,7 +1700,7 @@
+@@ -1798,7 +1798,7 @@
   *
   * This module provides debugging functions.
   */
@@ -201,7 +201,7 @@
  
  /**
   * \def MBEDTLS_DES_C
-@@ -1725,8 +1725,8 @@
+@@ -1823,8 +1823,8 @@
   *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
   *
   * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
@@ -211,7 +211,7 @@
  
  /**
   * \def MBEDTLS_DHM_C
-@@ -1880,8 +1880,8 @@
+@@ -1978,8 +1978,8 @@
   * Requires: MBEDTLS_MD_C
   *
   * Uncomment to enable the HMAC_DRBG random number geerator.
@@ -221,7 +221,7 @@
  
  /**
   * \def MBEDTLS_MD_C
-@@ -2158,7 +2158,7 @@
+@@ -2256,7 +2256,7 @@
   * Caller:  library/md.c
   *
   */
@@ -230,7 +230,7 @@
  
  /**
   * \def MBEDTLS_RSA_C
-@@ -2235,8 +2235,8 @@
+@@ -2334,8 +2334,8 @@
   * Caller:
   *
   * Requires: MBEDTLS_SSL_CACHE_C
@@ -240,7 +240,7 @@
  
  /**
   * \def MBEDTLS_SSL_COOKIE_C
-@@ -2257,8 +2257,8 @@
+@@ -2356,8 +2356,8 @@
   * Caller:
   *
   * Requires: MBEDTLS_CIPHER_C
@@ -250,7 +250,7 @@
  
  /**
   * \def MBEDTLS_SSL_CLI_C
-@@ -2357,8 +2357,8 @@
+@@ -2456,8 +2456,8 @@
   * Module:  library/version.c
   *
   * This module provides run-time version information.
@@ -260,7 +260,7 @@
  
  /**
   * \def MBEDTLS_X509_USE_C
-@@ -2468,7 +2468,7 @@
+@@ -2567,7 +2567,7 @@
   * Module:  library/xtea.c
   * Caller:
   */
@@ -269,3 +269,12 @@
  
  /* \} name SECTION: mbed TLS modules */
  
+@@ -2681,7 +2681,7 @@
+  * recommended because of it is possible to generte SHA-1 collisions, however
+  * this may be safe for legacy infrastructure where additional controls apply.
+  */
+-// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
++#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
+ 
+ /**
+  * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake

package/libs/uclient/Makefile

@@ -5,9 +5,9 @@ PKG_RELEASE=1
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(LEDE_GIT)/project/uclient.git
-PKG_SOURCE_DATE:=2016-12-09
-PKG_SOURCE_VERSION:=52d955fd802a4d990b7ff9116f02ff52aa63ffec
-PKG_MIRROR_HASH:=b96f53ccaa62a229e818be836bb4fc85aa4a1ce257fd41fbdbf4e31a959c641f
+PKG_SOURCE_DATE:=2017-09-06
+PKG_SOURCE_VERSION:=24d6eded73dec427fc4a3a20cc73c94227f59c31
+PKG_MIRROR_HASH:=e884ae0c859baa20a5c7f3d924022f8e1f57d28474dbe5fed1efb8fb97790dd0
 CMAKE_INSTALL:=1
 
 PKG_BUILD_DEPENDS:=ustream-ssl

package/network/config/gre/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=gre
 PKG_VERSION:=1
-PKG_RELEASE:=6
+PKG_RELEASE:=7
 PKG_LICENSE:=GPL-2.0
 
 include $(INCLUDE_DIR)/package.mk

package/network/config/gre/files/gre.sh

@@ -25,7 +25,7 @@ gre_generic_setup() {
 	json_add_string mode "$mode"
 	json_add_int mtu "${mtu:-1280}"
 	[ -n "$df" ] && json_add_boolean df "$df"
-	[ -n "ttl" ] && json_add_int ttl "$ttl"
+	[ -n "$ttl" ] && json_add_int ttl "$ttl"
 	[ -n "$tos" ] && json_add_string tos "$tos"
 	json_add_boolean multicast "$multicast"
 	json_add_string local "$local"

package/network/ipv6/odhcp6c/Makefile

@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=odhcp6c
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=$(LEDE_GIT)/project/odhcp6c.git

package/network/ipv6/odhcp6c/files/dhcpv6.script

@@ -214,6 +214,6 @@ case "$2" in
 esac
 
 # user rules
-[ -f /etc/odhcp6c.user ] && . /etc/odhcp6c.user "@"
+[ -f /etc/odhcp6c.user ] && . /etc/odhcp6c.user "$@"
 
 exit 0

package/network/services/dnsmasq/Makefile

@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dnsmasq
-PKG_VERSION:=2.77
+PKG_VERSION:=2.78
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/
-PKG_HASH:=6eac3b1c50ae25170e3ff8c96ddb55236cf45007633fdb8a35b1f3e02f5f8b8a
+PKG_HASH:=89949f438c74b0c7543f06689c319484bd126cc4b1f8c745c742ab397681252b
 
 PKG_LICENSE:=GPL-2.0
 PKG_LICENSE_FILES:=COPYING

package/network/services/dnsmasq/files/dnsmasq.init

@@ -533,7 +533,7 @@ dhcp_relay_add() {
 
 dnsmasq_start()
 {
-	local cfg="$1" disabled resolvfile
+	local cfg="$1" disabled
 
 	config_get_bool disabled "$cfg" disabled 0
 	[ "$disabled" -gt 0 ] && return 0
@@ -613,6 +613,7 @@ dnsmasq_start()
 	config_list_foreach "$cfg" "addnhosts" append_addnhosts
 	config_list_foreach "$cfg" "bogusnxdomain" append_bogusnxdomain
 	append_parm "$cfg" "leasefile" "--dhcp-leasefile" "/tmp/dhcp.leases"
+	append_parm "$cfg" "resolvfile" "--resolv-file" "/tmp/resolv.conf.auto"
 	append_parm "$cfg" "serversfile" "--servers-file"
 	append_parm "$cfg" "tftp_root" "--tftp-root"
 	append_parm "$cfg" "dhcp_boot" "--dhcp-boot"
@@ -627,6 +628,7 @@ dnsmasq_start()
 	config_get_bool readethers "$cfg" readethers
 	[ "$readethers" = "1" -a \! -e "/etc/ethers" ] && touch /etc/ethers
 
+	config_get resolvfile $cfg resolvfile
 	config_get dhcpscript $cfg dhcpscript
 
 	config_get leasefile $cfg leasefile "/tmp/dhcp.leases"
@@ -640,8 +642,6 @@ dnsmasq_start()
 		[ -n "$resolvfile" -a \! -e "$resolvfile" ] && touch "$resolvfile"
 	fi
 
-	[ -n "$resolvfile" ] && xappend "--resolv-file=$resolvfile"
-
 	config_get hostsfile "$cfg" dhcphostsfile
 	[ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile"
 

package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch

@@ -7,7 +7,7 @@ Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
 
 --- a/src/dnsmasq.h
 +++ b/src/dnsmasq.h
-@@ -82,7 +82,7 @@ typedef unsigned long long u64;
+@@ -88,7 +88,7 @@ typedef unsigned long long u64;
  #if defined(HAVE_SOLARIS_NETWORK)
  #  include <sys/sockio.h>
  #endif

package/network/services/dropbear/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dropbear
 PKG_VERSION:=2017.75
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:= \

package/network/services/dropbear/files/dropbear.init

@@ -132,7 +132,7 @@ service_triggers()
 	config_load "${NAME}"
 	config_foreach load_interfaces dropbear
 
-	[ -n "${interfaces}" ] & {
+	[ -n "${interfaces}" ] && {
 		for n in $interfaces ; do
 			procd_add_interface_trigger "interface.*" $n /etc/init.d/dropbear reload
 		done

package/network/services/hostapd/Makefile

@@ -7,7 +7,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=hostapd
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_SOURCE_URL:=http://w1.fi/hostap.git
 PKG_SOURCE_PROTO:=git

package/network/services/hostapd/files/hostapd.sh

@@ -364,7 +364,7 @@ hostapd_set_bss_options() {
 	[ -n "$network_bridge" ] && append bss_conf "bridge=$network_bridge" "$N"
 	[ -n "$iapp_interface" ] && {
 		local ifname
-		network_get_device ifname "$iapp_interface" || ifname = "$iapp_interface"
+		network_get_device ifname "$iapp_interface" || ifname="$iapp_interface"
 		append bss_conf "iapp_interface=$ifname" "$N"
 	}
 
@@ -620,7 +620,7 @@ wpa_supplicant_add_network() {
 		scan_ssid=""
 	}
 
-	[[ "$_w_mode" = "adhoc" -o "$_w_mode" = "mesh" ]] && append network_data "$_w_modestr" "$N$T"
+	[ "$_w_mode" = "adhoc" -o "$_w_mode" = "mesh" ] && append network_data "$_w_modestr" "$N$T"
 
 	case "$auth_type" in
 		none) ;;

package/network/services/odhcpd/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=odhcpd
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(LEDE_GIT)/project/odhcpd.git
-PKG_SOURCE_DATE:=2017-04-28
-PKG_SOURCE_VERSION:=9268ca65d6e000b6cd4ed72d4a8fa427dada6f06
-PKG_MIRROR_HASH:=3c375291de38034f0965c92e509ca17788d3b31fe13abbc8f541b2e2452bc7fe
+PKG_SOURCE_DATE:=2017-10-02
+PKG_SOURCE_VERSION:=c6f3d5d4ea5154e5971fa0b1b1e9a9c07119429f
+PKG_MIRROR_HASH:=5ce8f52b5c6acea27d9733918e9c3bc8a154d516a02eef9b172c5e3d459f494c
 
 PKG_MAINTAINER:=Hans Dedecker <dedeckeh@gmail.com>
 PKG_LICENSE:=GPL-2.0

package/network/services/odhcpd/files/odhcpd.defaults

@@ -2,12 +2,27 @@
 uci -q get dhcp.odhcpd && exit 0
 touch /etc/config/dhcp
 
+. /usr/share/libubox/jshn.sh
+
+json_load "$(cat /etc/board.json)"
+json_select network
+json_select lan
+json_get_vars protocol
+json_select ..
+json_select ..
+
+case "$protocol" in
+# only enable server mode on statically addressed lan ports
+"static") MODE=server ;;
+*) MODE=disabled ;;
+esac
+
 uci batch <<EOF
 set dhcp.odhcpd=odhcpd
 set dhcp.odhcpd.maindhcp=0
 set dhcp.odhcpd.leasefile=/tmp/hosts/odhcpd
 set dhcp.odhcpd.leasetrigger=/usr/sbin/odhcpd-update
-set dhcp.lan.dhcpv6=server
-set dhcp.lan.ra=server
+set dhcp.lan.dhcpv6=$MODE
+set dhcp.lan.ra=$MODE
 commit dhcp
 EOF

package/network/services/openvpn/Makefile

@@ -9,14 +9,15 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openvpn
 
-PKG_VERSION:=2.4.2
-PKG_RELEASE:=1
+PKG_VERSION:=2.4.3
+PKG_RELEASE:=2
 
 PKG_SOURCE_URL:=\
 	https://build.openvpn.net/downloads/releases/ \
-	https://swupdate.openvpn.net/community/releases/
+	https://swupdate.openvpn.net/community/releases/ \
+	http://www.eurephia.net/openvpn/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=df5c4f384b7df6b08a2f6fa8a84b9fd382baf59c2cef1836f82e2a7f62f1bff9
+PKG_HASH:=7aa86167a5b8923e54e8795b814ed77288c793671f59fd830d9ab76d4b480571
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>

package/network/services/openvpn/files/openvpn.options

@@ -30,6 +30,7 @@ ecdh_curve
 echo
 engine
 explicit_exit_notify
+extra_certs
 fragment
 group
 hand_window

package/network/services/openvpn/patches/001-reproducible-remove_DATE.patch

@@ -1,6 +1,6 @@
 --- a/src/openvpn/options.c
 +++ b/src/openvpn/options.c
-@@ -107,7 +107,6 @@ const char title_string[] =
+@@ -106,7 +106,6 @@ const char title_string[] =
  #ifdef HAVE_AEAD_CIPHER_MODES
      " [AEAD]"
  #endif

package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch

@@ -1,6 +1,6 @@
 --- a/src/openvpn/ssl_mbedtls.c
 +++ b/src/openvpn/ssl_mbedtls.c
-@@ -1337,7 +1337,7 @@ const char *
+@@ -1336,7 +1336,7 @@ const char *
  get_ssl_library_version(void)
  {
      static char mbedtls_version[30];

package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch

@@ -1,6 +1,6 @@
 --- a/configure.ac
 +++ b/configure.ac
-@@ -1058,37 +1058,14 @@ dnl
+@@ -1076,37 +1076,14 @@ dnl
  AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
  AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
  if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then

package/network/services/openvpn/patches/220-disable_des.patch

@@ -1,6 +1,6 @@
 --- a/src/openvpn/syshead.h
 +++ b/src/openvpn/syshead.h
-@@ -594,11 +594,11 @@ socket_defined(const socket_descriptor_t
+@@ -597,11 +597,11 @@ socket_defined(const socket_descriptor_t
  /*
   * Should we include NTLM proxy functionality
   */
@@ -18,7 +18,7 @@
   * Should we include proxy digest auth functionality
 --- a/src/openvpn/crypto_mbedtls.c
 +++ b/src/openvpn/crypto_mbedtls.c
-@@ -320,6 +320,7 @@ int
+@@ -319,6 +319,7 @@ int
  key_des_num_cblocks(const mbedtls_cipher_info_t *kt)
  {
      int ret = 0;
@@ -26,7 +26,7 @@
      if (kt->type == MBEDTLS_CIPHER_DES_CBC)
      {
          ret = 1;
-@@ -332,6 +333,7 @@ key_des_num_cblocks(const mbedtls_cipher
+@@ -331,6 +332,7 @@ key_des_num_cblocks(const mbedtls_cipher
      {
          ret = 3;
      }
@@ -34,7 +34,7 @@
  
      dmsg(D_CRYPTO_DEBUG, "CRYPTO INFO: n_DES_cblocks=%d", ret);
      return ret;
-@@ -340,6 +342,7 @@ key_des_num_cblocks(const mbedtls_cipher
+@@ -339,6 +341,7 @@ key_des_num_cblocks(const mbedtls_cipher
  bool
  key_des_check(uint8_t *key, int key_len, int ndc)
  {
@@ -42,7 +42,7 @@
      int i;
      struct buffer b;
  
-@@ -368,11 +371,15 @@ key_des_check(uint8_t *key, int key_len,
+@@ -367,11 +370,15 @@ key_des_check(uint8_t *key, int key_len,
  
  err:
      return false;
@@ -58,7 +58,7 @@
      int i;
      struct buffer b;
  
-@@ -387,6 +394,7 @@ key_des_fixup(uint8_t *key, int key_len,
+@@ -386,6 +393,7 @@ key_des_fixup(uint8_t *key, int key_len,
          }
          mbedtls_des_key_set_parity(key);
      }
@@ -66,7 +66,7 @@
  }
  
  /*
-@@ -698,10 +706,12 @@ cipher_des_encrypt_ecb(const unsigned ch
+@@ -710,10 +718,12 @@ cipher_des_encrypt_ecb(const unsigned ch
                         unsigned char *src,
                         unsigned char *dst)
  {

package/network/services/uhttpd/Makefile

@@ -12,9 +12,9 @@ PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(LEDE_GIT)/project/uhttpd.git
-PKG_SOURCE_DATE:=2016-10-25
-PKG_SOURCE_VERSION:=1628fa4b34aa143187353f81e8001b9a15286bda
-PKG_MIRROR_HASH:=2ac4ba8dc0b349d72174aac9ff693a73a214295a9890fe3d2a8eedcad54d06e3
+PKG_SOURCE_DATE:=2017-08-19
+PKG_SOURCE_VERSION:=3fd58e9b6da7d9e1a4710dbeefc2d289baea09fb
+PKG_MIRROR_HASH:=69bba3b04c5e1975b99dee4fc47672ebf5ab282f115249a46be0fe0b961eb34b
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 PKG_LICENSE:=ISC
 

package/network/utils/comgt/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=comgt
 PKG_VERSION:=0.32
-PKG_RELEASE:=28
+PKG_RELEASE:=29
 
 PKG_SOURCE:=$(PKG_NAME).$(PKG_VERSION).tgz
 PKG_SOURCE_URL:=@SF/comgt

package/network/utils/comgt/files/3g.sh

@@ -109,4 +109,4 @@ proto_3g_teardown() {
 	proto_kill_command "$interface"
 }
 
-[ -z "NOT_INCLUDED" ] || add_protocol 3g
+[ -z "$NOT_INCLUDED" ] || add_protocol 3g

package/network/utils/comgt/files/directip.sh

@@ -44,8 +44,7 @@ proto_directip_setup() {
 		return 1
 	}
 
-	cardinfo=$(gcom -d "$device" -s /etc/gcom/getcardinfo.gcom)
-	[ -n $(echo "$cardinfo" | grep -q "Sierra Wireless") ] || {
+	gcom -d "$device" -s /etc/gcom/getcardinfo.gcom | grep -q "Sierra Wireless" || {
 		proto_notify_error "$interface" BAD_DEVICE
 		proto_block_restart "$interface"
 		return 1

package/network/utils/curl/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=curl
 PKG_VERSION:=7.52.1
-PKG_RELEASE:=3
+PKG_RELEASE:=5
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=http://curl.haxx.se/download/ \

package/network/utils/curl/patches/101-CVE-2017-7407.patch

@@ -0,0 +1,165 @@
+From 6019f1795b4e3b72507b84b0e02dc8c32024f562 Mon Sep 17 00:00:00 2001
+From: Dan Fandrich <dan@coneharvesters.com>
+Date: Sat, 11 Mar 2017 10:59:34 +0100
+Subject: [PATCH] CVE-2017-7407: fixed
+
+Bug: https://curl.haxx.se/docs/adv_20170403.html
+
+Reported-by: Brian Carpenter
+---
+ src/tool_writeout.c     |  6 +++---
+ tests/data/Makefile.inc |  2 +-
+ tests/data/test1440     | 31 +++++++++++++++++++++++++++++++
+ tests/data/test1441     | 31 +++++++++++++++++++++++++++++++
+ tests/data/test1442     | 35 +++++++++++++++++++++++++++++++++++
+ 5 files changed, 101 insertions(+), 4 deletions(-)
+ create mode 100644 tests/data/test1440
+ create mode 100644 tests/data/test1441
+ create mode 100644 tests/data/test1442
+
+--- a/src/tool_writeout.c
++++ b/src/tool_writeout.c
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -113,7 +113,7 @@ void ourWriteOut(CURL *curl, struct OutS
+   double doubleinfo;
+ 
+   while(ptr && *ptr) {
+-    if('%' == *ptr) {
++    if('%' == *ptr && ptr[1]) {
+       if('%' == ptr[1]) {
+         /* an escaped %-letter */
+         fputc('%', stream);
+@@ -341,7 +341,7 @@ void ourWriteOut(CURL *curl, struct OutS
+         }
+       }
+     }
+-    else if('\\' == *ptr) {
++    else if('\\' == *ptr && ptr[1]) {
+       switch(ptr[1]) {
+       case 'r':
+         fputc('\r', stream);
+--- a/tests/data/Makefile.inc
++++ b/tests/data/Makefile.inc
+@@ -150,7 +150,7 @@ test1408 test1409 test1410 test1411 test
+ test1416 test1417 test1418 test1419 test1420 test1421 test1422 test1423 \
+ test1424 \
+ test1428 test1429 test1430 test1431 test1432 test1433 test1434 test1435 \
+-test1436 test1437 test1438 test1439 \
++test1436 test1437 test1438 test1439 test1440 test1441 test1442 \
+ \
+ test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
+ test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \
+--- /dev/null
++++ b/tests/data/test1440
+@@ -0,0 +1,31 @@
++<testcase>
++<info>
++<keywords>
++--write-out
++</keywords>
++</info>
++# Server-side
++<reply>
++</reply>
++
++# Client-side
++<client>
++<server>
++file
++</server>
++
++<name>
++Check --write-out with trailing %{
++</name>
++<command>
++file://localhost/%PWD/log/ --write-out '%{'
++</command>
++</client>
++
++# Verify data
++<verify>
++<stdout nonewline="yes">
++%{
++</stdout>
++</verify>
++</testcase>
+--- /dev/null
++++ b/tests/data/test1441
+@@ -0,0 +1,31 @@
++<testcase>
++<info>
++<keywords>
++--write-out
++</keywords>
++</info>
++# Server-side
++<reply>
++</reply>
++
++# Client-side
++<client>
++<server>
++file
++</server>
++
++<name>
++Check --write-out with trailing %
++</name>
++<command>
++file://localhost/%PWD/log/ --write-out '%'
++</command>
++</client>
++
++# Verify data
++<verify>
++<stdout nonewline="yes">
++%
++</stdout>
++</verify>
++</testcase>
+--- /dev/null
++++ b/tests/data/test1442
+@@ -0,0 +1,35 @@
++<testcase>
++<info>
++<keywords>
++--write-out
++FILE
++</keywords>
++</info>
++# Server-side
++<reply>
++</reply>
++
++# Client-side
++<client>
++<server>
++file
++</server>
++
++<name>
++Check --write-out with trailing \
++</name>
++<command>
++file://localhost/%PWD/log/non-existent-file.txt --write-out '\'
++</command>
++</client>
++
++# Verify data
++<verify>
++<errorcode>
++37
++</errorcode>
++<stdout nonewline="yes">
++\
++</stdout>
++</verify>
++</testcase>

package/network/utils/curl/patches/102-CVE-2017-7468.patch

@@ -0,0 +1,264 @@
+From 8166b637bce299f4ac64d371c20cd5afea72c364 Mon Sep 17 00:00:00 2001
+From: Jay Satiro <raysatiro@yahoo.com>
+Date: Wed, 22 Mar 2017 01:59:49 -0400
+Subject: [PATCH] TLS: Fix switching off SSL session id when client cert is
+ used
+
+- Move the sessionid flag to ssl_primary_config so that ssl and
+  proxy_ssl will each have their own sessionid flag.
+
+Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that
+this issue had been fixed in 247d890, CVE-2016-5419.
+
+Bug: https://github.com/curl/curl/issues/1341
+Reported-by: lijian996@users.noreply.github.com
+---
+ lib/url.c            | 5 +++--
+ lib/urldata.h        | 2 +-
+ lib/vtls/axtls.c     | 4 ++--
+ lib/vtls/cyassl.c    | 4 ++--
+ lib/vtls/darwinssl.c | 2 +-
+ lib/vtls/gtls.c      | 4 ++--
+ lib/vtls/mbedtls.c   | 4 ++--
+ lib/vtls/nss.c       | 2 +-
+ lib/vtls/openssl.c   | 4 ++--
+ lib/vtls/polarssl.c  | 4 ++--
+ lib/vtls/schannel.c  | 4 ++--
+ lib/vtls/vtls.c      | 9 ++++++---
+ 12 files changed, 26 insertions(+), 22 deletions(-)
+
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -548,7 +548,7 @@ CURLcode Curl_init_userdefined(struct Us
+ #endif
+   set->ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
+                                                       type */
+-  set->general_ssl.sessionid = TRUE; /* session ID caching enabled by
++  set->ssl.primary.sessionid = TRUE; /* session ID caching enabled by
+                                         default */
+   set->proxy_ssl = set->ssl;
+ 
+@@ -2470,8 +2470,9 @@ CURLcode Curl_setopt(struct Curl_easy *d
+     break;
+ 
+   case CURLOPT_SSL_SESSIONID_CACHE:
+-    data->set.general_ssl.sessionid = (0 != va_arg(param, long)) ?
++    data->set.ssl.primary.sessionid = (0 != va_arg(param, long)) ?
+                                       TRUE : FALSE;
++    data->set.proxy_ssl.primary.sessionid = data->set.ssl.primary.sessionid;
+     break;
+ 
+ #ifdef USE_LIBSSH2
+--- a/lib/urldata.h
++++ b/lib/urldata.h
+@@ -354,6 +354,7 @@ struct ssl_primary_config {
+   char *random_file;     /* path to file containing "random" data */
+   char *egdsocket;       /* path to file containing the EGD daemon socket */
+   char *cipher_list;     /* list of ciphers to use */
++  bool sessionid;        /* cache session IDs or not */
+ };
+ 
+ struct ssl_config_data {
+@@ -383,7 +384,6 @@ struct ssl_config_data {
+ };
+ 
+ struct ssl_general_config {
+-  bool sessionid; /* cache session IDs or not */
+   size_t max_ssl_sessions; /* SSL session id cache size */
+ };
+ 
+--- a/lib/vtls/axtls.c
++++ b/lib/vtls/axtls.c
+@@ -256,7 +256,7 @@ static CURLcode connect_prep(struct conn
+    * 2) setting up callbacks.  these seem gnutls specific
+    */
+ 
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     const uint8_t *ssl_sessionid;
+     size_t ssl_idsize;
+ 
+@@ -386,7 +386,7 @@ static CURLcode connect_finish(struct co
+   conn->send[sockindex] = axtls_send;
+ 
+   /* Put our freshly minted SSL session in cache */
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     const uint8_t *ssl_sessionid = ssl_get_session_id_size(ssl);
+     size_t ssl_idsize = ssl_get_session_id(ssl);
+     Curl_ssl_sessionid_lock(conn);
+--- a/lib/vtls/cyassl.c
++++ b/lib/vtls/cyassl.c
+@@ -383,7 +383,7 @@ cyassl_connect_step1(struct connectdata
+ #endif /* HAVE_ALPN */
+ 
+   /* Check if there's a cached ID we can/should use here! */
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     void *ssl_sessionid = NULL;
+ 
+     Curl_ssl_sessionid_lock(conn);
+@@ -597,7 +597,7 @@ cyassl_connect_step3(struct connectdata
+ 
+   DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
+ 
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     bool incache;
+     SSL_SESSION *our_ssl_sessionid;
+     void *old_ssl_sessionid = NULL;
+--- a/lib/vtls/darwinssl.c
++++ b/lib/vtls/darwinssl.c
+@@ -1541,7 +1541,7 @@ static CURLcode darwinssl_connect_step1(
+ #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */
+ 
+   /* Check if there's a cached ID we can/should use here! */
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     char *ssl_sessionid;
+     size_t ssl_sessionid_len;
+ 
+--- a/lib/vtls/gtls.c
++++ b/lib/vtls/gtls.c
+@@ -782,7 +782,7 @@ gtls_connect_step1(struct connectdata *c
+ 
+   /* This might be a reconnect, so we check for a session ID in the cache
+      to speed up things */
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     void *ssl_sessionid;
+     size_t ssl_idsize;
+ 
+@@ -1311,7 +1311,7 @@ gtls_connect_step3(struct connectdata *c
+   conn->recv[sockindex] = gtls_recv;
+   conn->send[sockindex] = gtls_send;
+ 
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     /* we always unconditionally get the session id here, as even if we
+        already got it from the cache and asked to use it in the connection, it
+        might've been rejected and then a new one is in use now and we need to
+--- a/lib/vtls/mbedtls.c
++++ b/lib/vtls/mbedtls.c
+@@ -374,7 +374,7 @@ mbed_connect_step1(struct connectdata *c
+                                 mbedtls_ssl_list_ciphersuites());
+ 
+   /* Check if there's a cached ID we can/should use here! */
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     void *old_session = NULL;
+ 
+     Curl_ssl_sessionid_lock(conn);
+@@ -618,7 +618,7 @@ mbed_connect_step3(struct connectdata *c
+ 
+   DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
+ 
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     int ret;
+     mbedtls_ssl_session *our_ssl_sessionid;
+     void *old_ssl_sessionid = NULL;
+--- a/lib/vtls/nss.c
++++ b/lib/vtls/nss.c
+@@ -1696,7 +1696,7 @@ static CURLcode nss_setup_connect(struct
+     goto error;
+ 
+   /* do not use SSL cache if disabled or we are not going to verify peer */
+-  ssl_no_cache = (data->set.general_ssl.sessionid
++  ssl_no_cache = (SSL_SET_OPTION(primary.sessionid)
+                   && SSL_CONN_CONFIG(verifypeer)) ? PR_FALSE : PR_TRUE;
+   if(SSL_OptionSet(model, SSL_NO_CACHE, ssl_no_cache) != SECSuccess)
+     goto error;
+--- a/lib/vtls/openssl.c
++++ b/lib/vtls/openssl.c
+@@ -2161,7 +2161,7 @@ static CURLcode ossl_connect_step1(struc
+ #endif
+ 
+   /* Check if there's a cached ID we can/should use here! */
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     void *ssl_sessionid = NULL;
+ 
+     Curl_ssl_sessionid_lock(conn);
+@@ -2915,7 +2915,7 @@ static CURLcode ossl_connect_step3(struc
+ 
+   DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
+ 
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     bool incache;
+     SSL_SESSION *our_ssl_sessionid;
+     void *old_ssl_sessionid = NULL;
+--- a/lib/vtls/polarssl.c
++++ b/lib/vtls/polarssl.c
+@@ -327,7 +327,7 @@ polarssl_connect_step1(struct connectdat
+   ssl_set_ciphersuites(&connssl->ssl, ssl_list_ciphersuites());
+ 
+   /* Check if there's a cached ID we can/should use here! */
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     void *old_session = NULL;
+ 
+     Curl_ssl_sessionid_lock(conn);
+@@ -555,7 +555,7 @@ polarssl_connect_step3(struct connectdat
+ 
+   DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
+ 
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     int ret;
+     ssl_session *our_ssl_sessionid;
+     void *old_ssl_sessionid = NULL;
+--- a/lib/vtls/schannel.c
++++ b/lib/vtls/schannel.c
+@@ -145,7 +145,7 @@ schannel_connect_step1(struct connectdat
+   connssl->cred = NULL;
+ 
+   /* check for an existing re-usable credential handle */
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     Curl_ssl_sessionid_lock(conn);
+     if(!Curl_ssl_getsessionid(conn, (void **)&old_cred, NULL, sockindex)) {
+       connssl->cred = old_cred;
+@@ -714,7 +714,7 @@ schannel_connect_step3(struct connectdat
+ #endif
+ 
+   /* save the current session data for possible re-use */
+-  if(data->set.general_ssl.sessionid) {
++  if(SSL_SET_OPTION(primary.sessionid)) {
+     bool incache;
+     struct curl_schannel_cred *old_cred = NULL;
+ 
+--- a/lib/vtls/vtls.c
++++ b/lib/vtls/vtls.c
+@@ -120,6 +120,9 @@ Curl_clone_primary_ssl_config(struct ssl
+   CLONE_STRING(egdsocket);
+   CLONE_STRING(random_file);
+   CLONE_STRING(clientcert);
++
++  /* Disable dest sessionid cache if a client cert is used, CVE-2016-5419. */
++  dest->sessionid = (dest->clientcert ? false : source->sessionid);
+   return TRUE;
+ }
+ 
+@@ -293,9 +296,9 @@ bool Curl_ssl_getsessionid(struct connec
+   int port = isProxy ? (int)conn->port : conn->remote_port;
+   *ssl_sessionid = NULL;
+ 
+-  DEBUGASSERT(data->set.general_ssl.sessionid);
++  DEBUGASSERT(SSL_SET_OPTION(primary.sessionid));
+ 
+-  if(!data->set.general_ssl.sessionid)
++  if(!SSL_SET_OPTION(primary.sessionid))
+     /* session ID re-use is disabled */
+     return TRUE;
+ 
+@@ -397,7 +400,7 @@ CURLcode Curl_ssl_addsessionid(struct co
+                                            &conn->proxy_ssl_config :
+                                            &conn->ssl_config;
+ 
+-  DEBUGASSERT(data->set.general_ssl.sessionid);
++  DEBUGASSERT(SSL_SET_OPTION(primary.sessionid));
+ 
+   clone_host = strdup(isProxy ? conn->http_proxy.host.name : conn->host.name);
+   if(!clone_host)

package/network/utils/curl/patches/103-CVE-2017-1000100.patch

@@ -0,0 +1,41 @@
+From 358b2b131ad6c095696f20dcfa62b8305263f898 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 1 Aug 2017 17:16:46 +0200
+Subject: [PATCH] tftp: reject file name lengths that don't fit
+
+... and thereby avoid telling send() to send off more bytes than the
+size of the buffer!
+
+CVE-2017-1000100
+
+Bug: https://curl.haxx.se/docs/adv_20170809B.html
+Reported-by: Even Rouault
+
+Credit to OSS-Fuzz for the discovery
+---
+ lib/tftp.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+--- a/lib/tftp.c
++++ b/lib/tftp.c
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -490,6 +490,11 @@ static CURLcode tftp_send_first(tftp_sta
+     if(result)
+       return result;
+ 
++    if(strlen(filename) > (state->blksize - strlen(mode) - 4)) {
++      failf(data, "TFTP file name too long\n");
++      return CURLE_TFTP_ILLEGAL; /* too long file name field */
++    }
++
+     snprintf((char *)state->spacket.data+2,
+              state->blksize,
+              "%s%c%s%c", filename, '\0',  mode, '\0');

package/network/utils/curl/patches/104-CVE-2017-1000101.patch

@@ -0,0 +1,33 @@
+From 453e7a7a03a2cec749abd3878a48e728c515cca7 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 1 Aug 2017 17:16:07 +0200
+Subject: [PATCH] glob: do not continue parsing after a strtoul() overflow
+ range
+
+Added test 1289 to verify.
+
+CVE-2017-1000101
+
+Bug: https://curl.haxx.se/docs/adv_20170809A.html
+Reported-by: Brian Carpenter
+---
+ src/tool_urlglob.c      |  5 ++++-
+ tests/data/Makefile.inc |  2 +-
+ tests/data/test1289     | 35 +++++++++++++++++++++++++++++++++++
+ 3 files changed, 40 insertions(+), 2 deletions(-)
+ create mode 100644 tests/data/test1289
+
+--- a/src/tool_urlglob.c
++++ b/src/tool_urlglob.c
+@@ -272,7 +272,10 @@ static CURLcode glob_range(URLGlob *glob
+         }
+         errno = 0;
+         max_n = strtoul(pattern, &endp, 10);
+-        if(errno || (*endp == ':')) {
++        if(errno)
++          /* overflow */
++          endp = NULL;
++        else if(*endp == ':') {
+           pattern = endp+1;
+           errno = 0;
+           step_n = strtoul(pattern, &endp, 10);

package/network/utils/tcpdump/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=tcpdump
-PKG_VERSION:=4.9.0
+PKG_VERSION:=4.9.2
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.tcpdump.org/release/ \
-	http://www.at.tcpdump.org/
-PKG_HASH:=eae98121cbb1c9adbedd9a777bf2eae9fa1c1c676424a54740311c8abcee5a5e
+PKG_SOURCE_URL:=http://www.us.tcpdump.org/release/ \
+	http://www.tcpdump.org/release/
+PKG_HASH:=798b3536a29832ce0cbb07fafb1ce5097c95e308a6f592d14052e1ef1505fe79
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_BUILD_PARALLEL:=1
@@ -76,7 +76,6 @@ endif
 MAKE_FLAGS += \
 	CCOPT="$(TARGET_CFLAGS)" INCLS="-I. $(TARGET_CPPFLAGS)"
 
-
 define Package/tcpdump/install
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/tcpdump $(1)/usr/sbin/

package/network/utils/tcpdump/patches/100-tcpdump_mini.patch

@@ -115,7 +115,7 @@
  	$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/datalinks.c
 --- a/addrtoname.c
 +++ b/addrtoname.c
-@@ -566,8 +566,10 @@ linkaddr_string(netdissect_options *ndo,
+@@ -578,8 +578,10 @@ linkaddr_string(netdissect_options *ndo,
  	if (type == LINKADDR_ETHER && len == ETHER_ADDR_LEN)
  		return (etheraddr_string(ndo, ep));
  
@@ -125,8 +125,8 @@
 +#endif
  
  	tp = lookup_bytestring(ndo, ep, len);
- 	if (tp->e_name)
-@@ -1202,6 +1204,7 @@ init_addrtoname(netdissect_options *ndo,
+	if (tp->bs_name)
+@@ -1214,6 +1216,7 @@ init_addrtoname(netdissect_options *ndo,
  	init_ipxsaparray(ndo);
  }
  
@@ -134,7 +134,7 @@
  const char *
  dnaddr_string(netdissect_options *ndo, u_short dnaddr)
  {
-@@ -1221,6 +1224,7 @@ dnaddr_string(netdissect_options *ndo, u
+@@ -1233,6 +1236,7 @@ dnaddr_string(netdissect_options *ndo, u
  
  	return(tp->name);
  }
@@ -247,7 +247,7 @@
  		return (1);
 @@ -368,6 +369,7 @@ ethertype_print(netdissect_options *ndo,
  		}
- 		isoclns_print(ndo, p + 1, length - 1, caplen - 1);
+		isoclns_print(ndo, p + 1, length - 1);
  		return(1);
 +#endif
  
@@ -335,7 +335,7 @@
          break;
 --- a/print-ip6.c
 +++ b/print-ip6.c
-@@ -303,6 +303,7 @@ ip6_print(netdissect_options *ndo, const
+@@ -305,6 +305,7 @@ ip6_print(netdissect_options *ndo, const
  				return;
  			nh = *cp;
  			break;
@@ -343,13 +343,16 @@
  		case IPPROTO_FRAGMENT:
  			advance = frag6_print(ndo, cp, (const u_char *)ip6);
  			if (advance < 0 || ndo->ndo_snapend <= cp + advance)
-@@ -324,16 +325,19 @@ ip6_print(netdissect_options *ndo, const
- 			advance = mobility_print(ndo, cp, (const u_char *)ip6);
+@@ -328,6 +329,7 @@ ip6_print(netdissect_options *ndo, const
+				return;
  			nh = *cp;
  			return;
 +#endif
  		case IPPROTO_ROUTING:
+			ND_TCHECK(*cp);
  			advance = rt6_print(ndo, cp, (const u_char *)ip6);
+@@ -335,12 +337,14 @@ ip6_print(netdissect_options *ndo, const
+				return;
  			nh = *cp;
  			break;
 +#ifndef TCPDUMP_MINI
@@ -363,15 +366,15 @@
  		case IPPROTO_TCP:
  			tcp_print(ndo, cp, len, (const u_char *)ip6, fragmented);
  			return;
-@@ -343,6 +347,7 @@ ip6_print(netdissect_options *ndo, const
+@@ -350,6 +354,7 @@ ip6_print(netdissect_options *ndo, const
  		case IPPROTO_ICMPV6:
  			icmp6_print(ndo, cp, len, (const u_char *)ip6, fragmented);
  			return;
 +#ifndef TCPDUMP_MINI
  		case IPPROTO_AH:
  			advance = ah_print(ndo, cp);
- 			nh = *cp;
-@@ -371,6 +376,7 @@ ip6_print(netdissect_options *ndo, const
+			if (advance < 0)
+@@ -382,6 +387,7 @@ ip6_print(netdissect_options *ndo, const
  		case IPPROTO_PIM:
  			pim_print(ndo, cp, len, (const u_char *)ip6);
  			return;
@@ -379,7 +382,7 @@
  
  		case IPPROTO_OSPF:
  			ospf6_print(ndo, cp, len);
-@@ -384,9 +390,11 @@ ip6_print(netdissect_options *ndo, const
+@@ -395,9 +401,11 @@ ip6_print(netdissect_options *ndo, const
  		        ip_print(ndo, cp, len);
  			return;
  
@@ -393,7 +396,7 @@
  			gre_print(ndo, cp, len);
 --- a/print-ip.c
 +++ b/print-ip.c
-@@ -329,6 +329,7 @@ ip_print_demux(netdissect_options *ndo,
+@@ -344,6 +344,7 @@ ip_print_demux(netdissect_options *ndo,
  again:
  	switch (ipds->nh) {
  
@@ -401,7 +404,7 @@
  	case IPPROTO_AH:
  		if (!ND_TTEST(*ipds->cp)) {
  			ND_PRINT((ndo, "[|AH]"));
-@@ -367,7 +368,9 @@ again:
+@@ -382,7 +383,9 @@ again:
  		 */
  		break;
  	}
@@ -411,7 +414,7 @@
  	case IPPROTO_SCTP:
  		sctp_print(ndo, ipds->cp, (const u_char *)ipds->ip, ipds->len);
  		break;
-@@ -375,6 +378,7 @@ again:
+@@ -390,6 +393,7 @@ again:
  	case IPPROTO_DCCP:
  		dccp_print(ndo, ipds->cp, (const u_char *)ipds->ip, ipds->len);
  		break;
@@ -419,7 +422,7 @@
  
  	case IPPROTO_TCP:
  		/* pass on the MF bit plus the offset to detect fragments */
-@@ -394,6 +398,7 @@ again:
+@@ -409,6 +413,7 @@ again:
  			   ipds->off & (IP_MF|IP_OFFMASK));
  		break;
  
@@ -427,7 +430,7 @@
  	case IPPROTO_PIGP:
  		/*
  		 * XXX - the current IANA protocol number assignments
-@@ -414,14 +419,17 @@ again:
+@@ -429,14 +434,17 @@ again:
  	case IPPROTO_EIGRP:
  		eigrp_print(ndo, ipds->cp, ipds->len);
  		break;
@@ -445,7 +448,7 @@
  
  	case IPPROTO_OSPF:
  		ospf_print(ndo, ipds->cp, ipds->len, (const u_char *)ipds->ip);
-@@ -454,6 +462,7 @@ again:
+@@ -469,6 +477,7 @@ again:
  		gre_print(ndo, ipds->cp, ipds->len);
  		break;
  
@@ -453,14 +456,14 @@
  	case IPPROTO_MOBILE:
  		mobile_print(ndo, ipds->cp, ipds->len);
  		break;
-@@ -482,6 +491,7 @@ again:
+@@ -497,6 +506,7 @@ again:
  	case IPPROTO_PGM:
  		pgm_print(ndo, ipds->cp, ipds->len, (const u_char *)ipds->ip);
  		break;
 +#endif
  
  	default:
- 		if (ndo->ndo_nflag==0 && (proto = getprotobynumber(ipds->nh)) != NULL)
+		if (ndo->ndo_nflag==0 && (p_name = netdb_protoname(ipds->nh)) != NULL)
 --- a/print-llc.c
 +++ b/print-llc.c
 @@ -206,6 +206,7 @@ llc_print(netdissect_options *ndo, const
@@ -495,21 +498,22 @@
  
  #ifdef ENABLE_SMB
  	if (ssap == LLCSAP_NETBEUI && dsap == LLCSAP_NETBEUI
-@@ -322,11 +326,13 @@ llc_print(netdissect_options *ndo, const
+@@ -322,12 +326,13 @@ llc_print(netdissect_options *ndo, const
  		return (hdrlen);
  	}
  #endif
 +#ifndef TCPDUMP_MINI
  	if (ssap == LLCSAP_ISONS && dsap == LLCSAP_ISONS
  	    && control == LLC_UI) {
- 		isoclns_print(ndo, p, length, caplen);
+		isoclns_print(ndo, p, length);
  		return (hdrlen);
  	}
+-
 +#endif
- 
  	if (!ndo->ndo_eflag) {
  		if (ssap == dsap) {
-@@ -480,6 +486,7 @@ snap_print(netdissect_options *ndo, cons
+			if (src == NULL || dst == NULL)
+@@ -480,6 +485,7 @@ snap_print(netdissect_options *ndo, cons
  
  	case OUI_CISCO:
                  switch (et) {
@@ -517,7 +521,7 @@
                  case PID_CISCO_CDP:
                          cdp_print(ndo, p, length, caplen);
                          return (1);
-@@ -492,6 +499,7 @@ snap_print(netdissect_options *ndo, cons
+@@ -492,6 +498,7 @@ snap_print(netdissect_options *ndo, cons
                  case PID_CISCO_VTP:
                          vtp_print(ndo, p, length);
                          return (1);
@@ -525,7 +529,7 @@
                  case PID_CISCO_PVST:
                  case PID_CISCO_VLANBRIDGE:
                          stp_print(ndo, p, length);
-@@ -504,6 +512,7 @@ snap_print(netdissect_options *ndo, cons
+@@ -504,6 +511,7 @@ snap_print(netdissect_options *ndo, cons
  	case OUI_RFC2684:
  		switch (et) {
  
@@ -533,7 +537,7 @@
  		case PID_RFC2684_ETH_FCS:
  		case PID_RFC2684_ETH_NOFCS:
  			/*
-@@ -565,6 +574,7 @@ snap_print(netdissect_options *ndo, cons
+@@ -565,6 +573,7 @@ snap_print(netdissect_options *ndo, cons
  			 */
  			fddi_print(ndo, p, length, caplen);
  			return (1);
@@ -549,7 +553,7 @@
  
 +#ifndef TCPDUMP_MINI
  	case BSD_AFNUM_ISO:
- 		isoclns_print(ndo, p, length, caplen);
+		isoclns_print(ndo, p, length);
  		break;
 @@ -127,6 +128,7 @@ null_if_print(netdissect_options *ndo, c
  	case BSD_AFNUM_IPX:
@@ -561,7 +565,7 @@
  		/* unknown AF_ value */
 --- a/print-ppp.c
 +++ b/print-ppp.c
-@@ -1358,6 +1358,7 @@ trunc:
+@@ -1367,6 +1367,7 @@ trunc:
  	return 0;
  }
  
@@ -569,7 +573,7 @@
  static void
  ppp_hdlc(netdissect_options *ndo,
           const u_char *p, int length)
-@@ -1436,6 +1437,7 @@ trunc:
+@@ -1445,6 +1446,7 @@ trunc:
  	free(b);
  	ND_PRINT((ndo, "[|ppp]"));
  }
@@ -577,7 +581,7 @@
  
  
  /* PPP */
-@@ -1443,10 +1445,12 @@ static void
+@@ -1452,10 +1454,12 @@ static void
  handle_ppp(netdissect_options *ndo,
             u_int proto, const u_char *p, int length)
  {
@@ -590,7 +594,7 @@
  
  	switch (proto) {
  	case PPP_LCP: /* fall through */
-@@ -1479,6 +1483,7 @@ handle_ppp(netdissect_options *ndo,
+@@ -1488,6 +1492,7 @@ handle_ppp(netdissect_options *ndo,
  	case PPP_IPV6:
  		ip6_print(ndo, p, length);
  		break;
@@ -598,7 +602,7 @@
  	case ETHERTYPE_IPX:	/*XXX*/
  	case PPP_IPX:
  		ipx_print(ndo, p, length);
-@@ -1490,6 +1495,7 @@ handle_ppp(netdissect_options *ndo,
+@@ -1499,6 +1504,7 @@ handle_ppp(netdissect_options *ndo,
  	case PPP_MPLS_MCAST:
  		mpls_print(ndo, p, length);
  		break;
@@ -606,7 +610,7 @@
  	case PPP_COMP:
  		ND_PRINT((ndo, "compressed PPP data"));
  		break;
-@@ -1630,6 +1636,7 @@ ppp_if_print(netdissect_options *ndo,
+@@ -1639,6 +1645,7 @@ ppp_if_print(netdissect_options *ndo,
  	return (0);
  }
  
@@ -614,7 +618,7 @@
  /*
   * PPP I/F printer to use if we know that RFC 1662-style PPP in HDLC-like
   * framing, or Cisco PPP with HDLC framing as per section 4.3.1 of RFC 1547,
-@@ -1857,6 +1864,7 @@ printx:
+@@ -1866,6 +1873,7 @@ printx:
  #endif /* __bsdi__ */
  	return (hdrlength);
  }

package/system/ca-certificates/Makefile

@@ -7,13 +7,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ca-certificates
-PKG_VERSION:=20161130
+PKG_VERSION:=20161130+nmu1
 PKG_MAINTAINER:=Christian Schoenebeck <christian.schoenebeck@gmail.com>
 
 PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/c/ca-certificates
-PKG_HASH:=04bca9e142a90a834aca0311f7ced237368d71fee7bd5c9f68ef7f4611aee471
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
+PKG_HASH:=77f9aca431e3122bf04aa0ffd989b723d906db4d1c106e3290e463d73c177f0e
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-20161130
 
 PKG_INSTALL:=1
 

package/system/fstools/Makefile

@@ -12,10 +12,10 @@ PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(LEDE_GIT)/project/fstools.git
-PKG_SOURCE_DATE:=2016-12-04
-PKG_SOURCE_VERSION:=84b530a732b12cca1cd5ee9ba163b7ead7a83de3
-PKG_MIRROR_HASH:=b607138de1adbb7f49e53daebe28ac1352910fa2b29278365edeabafc5b46a91
-PKG_RELEASE:=2
+PKG_SOURCE_DATE:=2017-06-30
+PKG_SOURCE_VERSION:=bdcb075fafdac0bfe3207c23f64acd58432bad86
+PKG_MIRROR_HASH:=760a1fdbd379f1191947ac6ba9881a85a9b8c43f4a96d49db18d4654b0c312c4
+PKG_RELEASE:=1
 CMAKE_INSTALL:=1
 
 PKG_LICENSE:=GPL-2.0

package/system/fstools/patches/0001-libfstools-fix-multiple-volume_identify-usages-with-.patch

@@ -1,56 +0,0 @@
-From 633a8d0981fed0c90f6d16ee2257858b04514dc8 Mon Sep 17 00:00:00 2001
-From: Pieter Smith <pieter.smith@philips.com>
-Date: Wed, 29 Mar 2017 18:21:56 +0200
-Subject: [PATCH] libfstools: fix multiple volume_identify usages with the same
- volume
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This fixes e.g. factory-flashed startup issue with jffs2 on ubi overlay
-
-Commit ba019965 ("libfstools: accept volume as argument in most calls")
-broke startup for factory-flashed jffs2 on ubi systems, causing substantial
-slowdown in factory environments.
-
-When starting up with a factory-flashed jffs2 on ubi system, the "rootfs_data"
-volume contains a deadcode marker. In the start phase, mount_root then mounts a
-tmpfs overlay, and postpones remounting of the jffs2 overlay until the done
-phase of the startup.
-
-The refactoring in ba019965 eliminated an unneeded call to volume_find() when
-done() called jffs2_switch(). Unfortunately the refactoring did not take into
-account that volume_identify() does not function correctly when called twice in
-a row on the same struct volume when using an mtd driver.
-
-mtd_volume_identify() uses mtd_volume_load() to open an fd to the mtd device
-and reads a potential deadcode marker from the fd. The first time this works,
-and FS_DEADCODE is returned.
-
-When volume_identify() is called a second time however, mtd_volume_load()
-notices that we already have an open fd, does nothing further and returns 0
-without resetting the file offset to 0. mtd_volume_identify() now reads past
-the deadcode marker and now returns FS_JFFS2 if the mtd device is a UBIVOLUME.
-
-jffs2_switch() then handles the wrong case, either pulling the root out from
-under user-space in Chaos Calmer, or indefinitely sticking to a tmpfs overlay
-in later OpenWRT builds.
-
-Signed-off-by: Pieter Smith <pieter.smith@philips.com>
-Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
----
-
---- a/libfstools/mtd.c
-+++ b/libfstools/mtd.c
-@@ -76,8 +76,10 @@ static int mtd_volume_load(struct mtd_vo
- 	struct mtd_info_user mtdInfo;
- 	struct erase_info_user mtdLockInfo;
- 
--	if (p->fd)
-+	if (p->fd) {
-+		lseek(p->fd, 0, SEEK_SET);
- 		return 0;
-+	}
- 
- 	if (!p->chr)
- 		return -1;

package/system/procd/Makefile

@@ -12,9 +12,9 @@ PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(LEDE_GIT)/project/procd.git
-PKG_SOURCE_DATE:=2017-02-15
-PKG_SOURCE_VERSION:=5f9124103410c178d816bb5229fba7dd2286a49b
-PKG_MIRROR_HASH:=ec887b349fc60ad3882fc9eaefb5cd299d64e7d43c062df9f7b7500591ba3e85
+PKG_SOURCE_DATE:=2017-08-08
+PKG_SOURCE_VERSION:=66be6a23d71fcc068d6b813f0e0be2f8f0b6aa88
+PKG_MIRROR_HASH:=286dcc8855f1dc403895bc9252f617c14be6f7f6ec36f13d4f4de7c4a715f08c
 CMAKE_INSTALL:=1
 
 PKG_LICENSE:=GPL-2.0

package/utils/f2fs-tools/Makefile

@@ -9,13 +9,13 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=f2fs-tools
 PKG_VERSION:=1.8.0
-PKG_RELEASE:=1
+PKG_RELEASE:=3
 
 PKG_LICENSE:=GPLv2
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs-tools.git/snapshot/
-PKG_HASH:=34790bccd74086e6b4f04fcac3a167ce1ca3319ce660454bceefc45c52906f94
+PKG_HASH:=d4dbecf55560c548bf0758c9f641d1beec1e960b38cbbc19951195d5144d39ae
 
 PKG_FIXUP:=autoreconf
 PKG_BUILD_PARALLEL:=1
@@ -59,6 +59,9 @@ endef
 CONFIGURE_ARGS += \
 	--without-selinux
 
+CONFIGURE_VARS += \
+	ac_cv_file__git=no
+
 define Package/libf2fs/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(CP) \

package/utils/f2fs-tools/patches/001-compile.patch

@@ -1,19 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -20,14 +20,9 @@ AC_DEFINE([F2FS_MINOR_VERSION], m4_bpats
- 				[\([0-9]*\).\([0-9]*\)\(\w\|\W\)*], [\2]),
- 				[Minor version for f2fs-tools])
- 
--AC_CHECK_FILE(.git,
--	AC_DEFINE([F2FS_TOOLS_DATE],
--		"m4_bpatsubst(f2fs_tools_gitdate,
--		[\([0-9-]*\)\(\w\|\W\)*], [\1])",
--		[f2fs-tools date based on Git commits]),
--	AC_DEFINE([F2FS_TOOLS_DATE],
-+AC_DEFINE([F2FS_TOOLS_DATE],
- 		"f2fs_tools_date",
--		[f2fs-tools date based on Source releases]))
-+		[f2fs-tools date based on Source releases])
- 
- AC_CONFIG_SRCDIR([config.h.in])
- AC_CONFIG_HEADER([config.h])

package/utils/f2fs-tools/patches/010-include-byteswap-h.patch

@@ -1,10 +0,0 @@
---- a/include/f2fs_fs.h
-+++ b/include/f2fs_fs.h
-@@ -15,6 +15,7 @@
- #include <inttypes.h>
- #include <linux/types.h>
- #include <sys/types.h>
-+#include <byteswap.h>
- 
- #ifdef HAVE_CONFIG_H
- #include <config.h>

package/utils/f2fs-tools/patches/100-f2fs-WARNING-at-fs-f2fs-segment.c-718-update_sit_ent.patch

@@ -0,0 +1,66 @@
+From 31873d5cdf8a97d5f7921451c54f6d293293c6cc Mon Sep 17 00:00:00 2001
+From: Jaegeuk Kim <jaegeuk@kernel.org>
+Date: Wed, 23 Aug 2017 13:33:00 -0700
+Subject: [PATCH] mkfs.f2fs: fix missing cpu_to_le64 for checkpoint version
+
+The error on mips was reported by Stijn as follow.
+
+Commit 8399a29df92d6867d226df362edbf2e0efa527c1 in f2fs-tools
+("mkfs.f2fs: give random checkpoint version") causes a bug when mounting
+a filesystem created with it on a MIPS64 device running a 4.4(.83)
+kernel. The following kernel warning appears several times per second,
+for 30 seconds:
+
+[   23.837262] ------------[ cut here ]------------
+[   23.842039] WARNING: CPU: 0 PID: 935 at fs/f2fs/segment.c:718
+update_sit_entry+0x1c0/0x2b0()
+[   23.850507] Modules linked in: pppoe ppp_async l2tp_ppp iptable_nat
+[   24.174064] Call Trace:
+[   24.176527] [<ffffffff81126e14>] show_stack+0x68/0xb4
+[   24.181595] [<ffffffff81321fc4>] dump_stack+0x8c/0xc4
+[   24.186660] [<ffffffff8113d004>] warn_slowpath_common+0xa0/0xd0
+[   24.192597] [<ffffffff812e0148>] update_sit_entry+0x1c0/0x2b0
+[   24.198353] [<ffffffff812e0a70>] refresh_sit_entry+0x70/0xf8
+[   24.204022] [<ffffffff812e251c>] allocate_data_block+0x1f0/0x310
+[   24.210038] [<ffffffff812e28d8>] do_write_page+0x29c/0x2bc
+[   24.215532] [<ffffffff812e2a88>] write_data_page+0xa0/0xd8
+[   24.221028] [<ffffffff812d844c>] do_write_data_page+0xe4/0x384
+[   24.226870] [<ffffffff812d88f4>] f2fs_write_data_page+0x208/0x464
+[   24.232972] [<ffffffff812d5184>] __f2fs_writepage+0x1c/0x74
+[   24.238553] [<ffffffff812d54dc>]
+f2fs_write_cache_pages.constprop.7+0x250/0x394
+[   24.245869] [<ffffffff812d57f4>] f2fs_write_data_pages+0x130/0x1b0
+[   24.252066] [<ffffffff811a9f80>] __filemap_fdatawrite_range+0xa0/0xd4
+[   24.258515] [<ffffffff812d2338>] sync_dirty_dir_inodes+0x94/0xd8
+[   24.264530] [<ffffffff812d2484>] write_checkpoint+0x108/0xb9c
+[   24.270283] [<ffffffff812cc398>] f2fs_sync_fs+0x68/0xb0
+[   24.275526] [<ffffffff812c641c>] f2fs_sync_file+0x2e8/0x518
+[   24.281107] [<ffffffff81213ff4>] do_fsync+0x38/0x70
+[   24.285992] [<ffffffff812142e8>] SyS_fsync+0x14/0x20
+[   24.290972] [<ffffffff81103950>] syscall_common+0x34/0x58
+[   24.296372]
+[   24.298096] ---[ end trace fd3ac44449b218ab ]---
+
+Fix: 8399a29df92d68 ("mkfs.f2fs: give random checkpoint version")
+Reported-And-Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
+Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
+---
+ mkfs/f2fs_format.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/mkfs/f2fs_format.c b/mkfs/f2fs_format.c
+index 92876b8..b379e80 100644
+--- a/mkfs/f2fs_format.c
++++ b/mkfs/f2fs_format.c
+@@ -546,7 +546,7 @@ static int f2fs_write_check_point_pack(void)
+ 	}
+ 
+ 	/* 1. cp page 1 of checkpoint pack 1 */
+-	cp->checkpoint_ver = rand() | 0x1;
++	cp->checkpoint_ver = cpu_to_le64(rand() | 0x1);
+ 	set_cp(cur_node_segno[0], c.cur_seg[CURSEG_HOT_NODE]);
+ 	set_cp(cur_node_segno[1], c.cur_seg[CURSEG_WARM_NODE]);
+ 	set_cp(cur_node_segno[2], c.cur_seg[CURSEG_COLD_NODE]);
+-- 
+2.13.5
+

package/utils/mtd-utils/Makefile

@@ -20,7 +20,7 @@ PKG_INSTALL:=1
 
 PKG_FLAGS:=nonshared
 
-PKG_BUILD_DEPENDS:=util-linux liblzo zlib
+PKG_BUILD_DEPENDS:=util-linux lzo zlib
 
 PKG_LICENSE:=GPLv2
 PKG_LICENSE_FILES:=

scripts/om-fwupgradecfg-gen.sh

@@ -1,4 +1,4 @@
-#/bin/sh
+#!/bin/sh
 #
 # Copyright (C) 2011 OpenWrt.org
 #

target/linux/apm821xx/patches-4.4/040-backport_leds-convert-IDE-trigger-to-common-disk-trigger.patch

@@ -193,7 +193,7 @@ Signed-off-by: Jacek Anaszewski <j.anaszewski@samsung.com>
 -MODULE_LICENSE("GPL");
 --- a/include/linux/leds.h
 +++ b/include/linux/leds.h
-@@ -302,10 +302,10 @@ static inline void *led_get_trigger_data
+@@ -308,10 +308,10 @@ static inline void *led_get_trigger_data
  #endif /* CONFIG_LEDS_TRIGGERS */
  
  /* Trigger specific functions */

target/linux/apm821xx/patches-4.4/801-usb-xhci-add-firmware-loader-for-uPD720201-and-uPD72.patch

@@ -44,7 +44,7 @@ Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
  
  #include "xhci.h"
  #include "xhci-trace.h"
-@@ -221,6 +223,458 @@ static void xhci_pme_acpi_rtd3_enable(st
+@@ -224,6 +226,458 @@ static void xhci_pme_acpi_rtd3_enable(st
  static void xhci_pme_acpi_rtd3_enable(struct pci_dev *dev) { }
  #endif /* CONFIG_ACPI */
  
@@ -503,7 +503,7 @@ Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
  /* called during probe() after chip reset completes */
  static int xhci_pci_setup(struct usb_hcd *hcd)
  {
-@@ -260,6 +714,22 @@ static int xhci_pci_probe(struct pci_dev
+@@ -263,6 +717,22 @@ static int xhci_pci_probe(struct pci_dev
  	struct hc_driver *driver;
  	struct usb_hcd *hcd;
  
@@ -526,7 +526,7 @@ Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
  	driver = (struct hc_driver *)id->driver_data;
  
  	/* Prevent runtime suspending between USB-2 and USB-3 initialization */
-@@ -317,6 +787,16 @@ static void xhci_pci_remove(struct pci_d
+@@ -320,6 +790,16 @@ static void xhci_pci_remove(struct pci_d
  {
  	struct xhci_hcd *xhci;
  

target/linux/ar7/patches-3.18/101-MIPS-AR7-allow-NULL-clock-for-clk_get_rate.patch

@@ -0,0 +1,45 @@
+From patchwork Tue Jul 18 10:17:26 2017
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: [5/9] MIPS: AR7: allow NULL clock for clk_get_rate
+X-Patchwork-Submitter: Jonas Gorski <jonas.gorski@gmail.com>
+X-Patchwork-Id: 16775
+Message-Id: <20170718101730.2541-6-jonas.gorski@gmail.com>
+To: unlisted-recipients:; (no To-header on input)
+Cc: Ralf Baechle <ralf@linux-mips.org>,
+ Paul Gortmaker <paul.gortmaker@windriver.com>,
+ James Hogan <james.hogan@imgtec.com>,
+ linux-mips@linux-mips.org, linux-kernel@vger.kernel.org
+Date: Tue, 18 Jul 2017 12:17:26 +0200
+From: Jonas Gorski <jonas.gorski@gmail.com>
+List-Id: linux-mips <linux-mips.eddie.linux-mips.org>
+
+Make the behaviour of clk_get_rate consistent with common clk's
+clk_get_rate by accepting NULL clocks as parameter. Some device
+drivers rely on this, and will cause an OOPS otherwise.
+
+Fixes: 780019ddf02f ("MIPS: AR7: Implement clock API")
+Cc: Ralf Baechle <ralf@linux-mips.org>
+Cc: Paul Gortmaker <paul.gortmaker@windriver.com>
+Cc: James Hogan <james.hogan@imgtec.com>
+Cc: linux-mips@linux-mips.org
+Cc: linux-kernel@vger.kernel.org
+Reported-by: Mathias Kresin <dev@kresin.me>
+Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
+---
+ arch/mips/ar7/clock.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/arch/mips/ar7/clock.c
++++ b/arch/mips/ar7/clock.c
+@@ -430,6 +430,9 @@ EXPORT_SYMBOL(clk_disable);
+ 
+ unsigned long clk_get_rate(struct clk *clk)
+ {
++	if (!clk)
++		return 0;
++
+ 	return clk->rate;
+ }
+ EXPORT_SYMBOL(clk_get_rate);

target/linux/ar7/patches-4.1/101-MIPS-AR7-allow-NULL-clock-for-clk_get_rate.patch

@@ -0,0 +1,45 @@
+From patchwork Tue Jul 18 10:17:26 2017
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: [5/9] MIPS: AR7: allow NULL clock for clk_get_rate
+X-Patchwork-Submitter: Jonas Gorski <jonas.gorski@gmail.com>
+X-Patchwork-Id: 16775
+Message-Id: <20170718101730.2541-6-jonas.gorski@gmail.com>
+To: unlisted-recipients:; (no To-header on input)
+Cc: Ralf Baechle <ralf@linux-mips.org>,
+ Paul Gortmaker <paul.gortmaker@windriver.com>,
+ James Hogan <james.hogan@imgtec.com>,
+ linux-mips@linux-mips.org, linux-kernel@vger.kernel.org
+Date: Tue, 18 Jul 2017 12:17:26 +0200
+From: Jonas Gorski <jonas.gorski@gmail.com>
+List-Id: linux-mips <linux-mips.eddie.linux-mips.org>
+
+Make the behaviour of clk_get_rate consistent with common clk's
+clk_get_rate by accepting NULL clocks as parameter. Some device
+drivers rely on this, and will cause an OOPS otherwise.
+
+Fixes: 780019ddf02f ("MIPS: AR7: Implement clock API")
+Cc: Ralf Baechle <ralf@linux-mips.org>
+Cc: Paul Gortmaker <paul.gortmaker@windriver.com>
+Cc: James Hogan <james.hogan@imgtec.com>
+Cc: linux-mips@linux-mips.org
+Cc: linux-kernel@vger.kernel.org
+Reported-by: Mathias Kresin <dev@kresin.me>
+Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
+---
+ arch/mips/ar7/clock.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/arch/mips/ar7/clock.c
++++ b/arch/mips/ar7/clock.c
+@@ -430,6 +430,9 @@ EXPORT_SYMBOL(clk_disable);
+ 
+ unsigned long clk_get_rate(struct clk *clk)
+ {
++	if (!clk)
++		return 0;
++
+ 	return clk->rate;
+ }
+ EXPORT_SYMBOL(clk_get_rate);

target/linux/ar71xx/base-files/etc/board.d/01_leds

@@ -49,6 +49,10 @@ antrouter-r1)
 	ucidef_set_led_wlan "wlan" "WLAN" "$board:green:wlan" "phy0tpt"
 	ucidef_set_led_default "btc" "BTC" "$board:green:btc" "0"
 	;;
+ap121f)
+	ucidef_set_led_netdev "lan" "LAN" "$board:green:lan" "eth0"
+	ucidef_set_led_wlan "wlan" "WLAN" "$board:green:wlan" "phy0tpt"
+	;;
 arduino-yun)
 	ucidef_set_led_wlan "wlan" "WLAN" "arduino:blue:wlan" "phy0tpt"
 	ucidef_set_led_usbdev "usb" "USB" "arduino:white:usb" "1-1.1"

target/linux/ar71xx/base-files/etc/board.d/02_network

@@ -42,7 +42,6 @@ ar71xx_setup_interfaces()
 	tl-mr3420|\
 	tl-wdr3320-v2|\
 	tl-wdr3500|\
-	tl-wr741nd|\
 	tl-wr741nd-v4|\
 	tl-wr841n-v11|\
 	tl-wr841n-v9|\
@@ -61,6 +60,7 @@ ar71xx_setup_interfaces()
 	antminer-s1|\
 	antminer-s3|\
 	antrouter-r1|\
+	ap121f|\
 	aw-nr580|\
 	bullet-m|\
 	c-55|\
@@ -400,6 +400,7 @@ ar71xx_setup_interfaces()
 		ucidef_set_interface_raw "eth" "eth0"
 		ucidef_set_interfaces_lan_wan "lan1 lan2 lan3 lan4" "wan"
 		;;
+	tl-wr741nd|\
 	tl-wr841n-v7)
 		ucidef_set_interfaces_lan_wan "eth0" "eth1"
 		ucidef_add_switch "switch0" \
@@ -480,7 +481,8 @@ ar71xx_setup_macs()
 		wan_mac=$(mtd_get_mac_binary caldata 6)
 		;;
 	tl-wr1043nd-v4)
-		wan_mac=$(mtd_get_mac_binary config 0x1017c)
+		lan_mac=$(mtd_get_mac_binary product-info 8)
+		wan_mac=$(macaddr_add "$lan_mac" 1)
 		;;
 	esr900)
 		wan_mac=$(mtd_get_mac_ascii u-boot-env "wanaddr")

target/linux/ar71xx/base-files/etc/diag.sh

@@ -29,6 +29,9 @@ get_status_led() {
 	xd3200)
 		status_led="$board:green:system"
 		;;
+	ap121f)
+		status_led="$board:green:vpn"
+		;;
 	ap132|\
 	db120|\
 	dr344|\

target/linux/ar71xx/base-files/lib/ar71xx.sh

@@ -433,6 +433,9 @@ ar71xx_board_detect() {
 	*AP121-MINI)
 		name="ap121-mini"
 		;;
+	*"AP121F")
+		name="ap121f"
+		;;
 	*"AP132 reference board")
 		name="ap132"
 		;;

target/linux/ar71xx/base-files/lib/upgrade/platform.sh

@@ -203,6 +203,7 @@ platform_check_image() {
 	airgatewaypro|\
 	airgateway|\
 	airrouter|\
+	ap121f|\
 	ap132|\
 	ap90q|\
 	bullet-m|\

target/linux/ar71xx/config-4.4

@@ -42,6 +42,7 @@ CONFIG_ATH79_MACH_ANTMINER_S1=y
 CONFIG_ATH79_MACH_ANTMINER_S3=y
 CONFIG_ATH79_MACH_ANTROUTER_R1=y
 CONFIG_ATH79_MACH_AP121=y
+CONFIG_ATH79_MACH_AP121F=y
 CONFIG_ATH79_MACH_AP132=y
 CONFIG_ATH79_MACH_AP136=y
 CONFIG_ATH79_MACH_AP143=y

target/linux/ar71xx/files/arch/mips/ath79/Kconfig.openwrt

@@ -16,6 +16,16 @@ config ATH79_MACH_ALFA_AP120C
 	select ATH79_DEV_M25P80
 	select ATH79_DEV_WMAC
 
+config ATH79_MACH_AP121F
+	bool "ALFA Network AP121F support"
+	select SOC_AR933X
+	select ATH79_DEV_ETH
+	select ATH79_DEV_GPIO_BUTTONS
+	select ATH79_DEV_LEDS_GPIO
+	select ATH79_DEV_M25P80
+	select ATH79_DEV_USB
+	select ATH79_DEV_WMAC
+
 config ATH79_MACH_ALFA_AP96
 	bool "ALFA Network AP96 board support"
 	select SOC_AR71XX

target/linux/ar71xx/files/arch/mips/ath79/Makefile

@@ -48,6 +48,7 @@ obj-$(CONFIG_ATH79_MACH_ANTMINER_S1)		+= mach-antminer-s1.o
 obj-$(CONFIG_ATH79_MACH_ANTMINER_S3)		+= mach-antminer-s3.o
 obj-$(CONFIG_ATH79_MACH_ANTROUTER_R1)		+= mach-antrouter-r1.o
 obj-$(CONFIG_ATH79_MACH_AP121)			+= mach-ap121.o
+obj-$(CONFIG_ATH79_MACH_AP121F)			+= mach-ap121f.o
 obj-$(CONFIG_ATH79_MACH_AP132)			+= mach-ap132.o
 obj-$(CONFIG_ATH79_MACH_AP136)			+= mach-ap136.o
 obj-$(CONFIG_ATH79_MACH_AP143)			+= mach-ap143.o

target/linux/ar71xx/files/arch/mips/ath79/mach-ap121f.c

@@ -0,0 +1,103 @@
+/*
+ * ALFA Network AP121F board support
+ *
+ * Copyright (C) 2017 Piotr Dymacz <pepe2k@gmail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as published
+ * by the Free Software Foundation.
+ */
+
+#include <linux/gpio.h>
+#include <linux/platform_device.h>
+
+#include <asm/mach-ath79/ath79.h>
+#include <asm/mach-ath79/ar71xx_regs.h>
+
+#include "common.h"
+#include "dev-eth.h"
+#include "dev-gpio-buttons.h"
+#include "dev-leds-gpio.h"
+#include "dev-m25p80.h"
+#include "dev-usb.h"
+#include "dev-wmac.h"
+#include "machtypes.h"
+
+#define AP121F_GPIO_LED_LAN	17
+#define AP121F_GPIO_LED_VPN	27
+#define AP121F_GPIO_LED_WLAN	0
+
+#define AP121F_GPIO_MICROSD_EN	26
+
+#define AP121F_GPIO_BTN_RESET	12
+#define AP121F_GPIO_BTN_SWITCH	21
+
+#define AP121F_KEYS_POLL_INTERVAL	20
+#define AP121F_KEYS_DEBOUNCE_INTERVAL	(3 * AP121F_KEYS_POLL_INTERVAL)
+
+#define AP121F_WMAC_CALDATA_OFFSET	0x1000
+
+static struct gpio_led ap121f_leds_gpio[] __initdata = {
+	{
+		.name		= "ap121f:green:lan",
+		.gpio		= AP121F_GPIO_LED_LAN,
+		.active_low	= 1,
+	}, {
+		.name		= "ap121f:green:vpn",
+		.gpio		= AP121F_GPIO_LED_VPN,
+		.active_low	= 1,
+	}, {
+		.name		= "ap121f:green:wlan",
+		.gpio		= AP121F_GPIO_LED_WLAN,
+		.active_low	= 0,
+	},
+};
+
+static struct gpio_keys_button ap121f_gpio_keys[] __initdata = {
+	{
+		.desc			= "reset",
+		.type			= EV_KEY,
+		.code			= KEY_RESTART,
+		.debounce_interval	= AP121F_KEYS_DEBOUNCE_INTERVAL,
+		.gpio			= AP121F_GPIO_BTN_RESET,
+		.active_low		= 1,
+	}, {
+		.desc			= "switch",
+		.type			= EV_KEY,
+		.code			= BTN_0,
+		.debounce_interval	= AP121F_KEYS_DEBOUNCE_INTERVAL,
+		.gpio			= AP121F_GPIO_BTN_SWITCH,
+		.active_low		= 0,
+	},
+};
+
+static void __init ap121f_setup(void)
+{
+	u8 *art = (u8 *) KSEG1ADDR(0x1f040000);
+
+	ath79_register_m25p80(NULL);
+
+	ath79_setup_ar933x_phy4_switch(false, false);
+
+	/* LAN */
+	ath79_register_mdio(0, 0x0);
+	ath79_init_mac(ath79_eth0_data.mac_addr, art, 0);
+	ath79_register_eth(0);
+
+	ath79_register_leds_gpio(-1, ARRAY_SIZE(ap121f_leds_gpio),
+				 ap121f_leds_gpio);
+
+	ath79_register_gpio_keys_polled(-1, AP121F_KEYS_POLL_INTERVAL,
+					ARRAY_SIZE(ap121f_gpio_keys),
+					ap121f_gpio_keys);
+
+	gpio_request_one(AP121F_GPIO_MICROSD_EN,
+			 GPIOF_OUT_INIT_HIGH | GPIOF_EXPORT_DIR_FIXED,
+			 "microSD enable");
+
+	ath79_register_wmac(art + AP121F_WMAC_CALDATA_OFFSET, NULL);
+
+	ath79_register_usb();
+}
+
+MIPS_MACHINE(ATH79_MACH_AP121F, "AP121F", "ALFA Network AP121F", ap121f_setup);

target/linux/ar71xx/files/arch/mips/ath79/mach-rb95x.c

@@ -165,6 +165,8 @@ static int rb95x_nand_scan_fixup(struct mtd_info *mtd)
 		chip->ecc.layout = &rb95x_nand_ecclayout;
 	}
 
+	chip->options = NAND_NO_SUBPAGE_WRITE;
+
 	return 0;
 }
 

target/linux/ar71xx/files/arch/mips/ath79/mach-tl-wr1043nd-v4.c

@@ -57,7 +57,7 @@
 #define TL_WR1043_V4_KEYS_POLL_INTERVAL		20 /* msecs */
 #define TL_WR1043_V4_KEYS_DEBOUNCE_INTERVAL	(3 * TL_WR1043_V4_KEYS_POLL_INTERVAL)
 
-#define TL_WR1043_V4_MAC_LOCATION		0x1ff80174
+#define TL_WR1043_V4_MAC_LOCATION		0x1ff50008
 
 #define TL_WR1043_V4_EEPROM_ADDR		0x1fff0000
 #define TL_WR1043_V4_WMAC_CALDATA_OFFSET	0x1000

target/linux/ar71xx/files/arch/mips/ath79/machtypes.h

@@ -30,6 +30,7 @@ enum ath79_mach_type {
 	ATH79_MACH_ANTROUTER_R1,		/* Antrouter R1 */
 	ATH79_MACH_AP121,			/* Atheros AP121 reference board */
 	ATH79_MACH_AP121_MINI,			/* Atheros AP121-MINI reference board */
+	ATH79_MACH_AP121F,			/* ALFA Network AP121F */
 	ATH79_MACH_AP132,			/* Atheros AP132 reference board */
 	ATH79_MACH_AP135_020,			/* Atheros AP135-020 reference board */
 	ATH79_MACH_AP136_010,			/* Atheros AP136-010 reference board */

target/linux/ar71xx/image/generic.mk

@@ -1,3 +1,16 @@
+define Device/ap121f
+  DEVICE_TITLE := ALFA Network AP121F
+  DEVICE_PACKAGES := kmod-usb-core kmod-usb2 kmod-usb-storage -swconfig
+  BOARDNAME := AP121F
+  IMAGE_SIZE := 16064k
+  CONSOLE := ttyATH0,115200
+  MTDPARTS := spi0.0:192k(u-boot)ro,64k(u-boot-env),64k(art)ro,-(firmware)
+  SUPPORTED_DEVICES := ap121f
+  IMAGE/sysupgrade.bin = append-kernel | pad-to $$$$(BLOCKSIZE) | \
+	append-rootfs | pad-rootfs | append-metadata | check-size $$$$(IMAGE_SIZE)
+endef
+TARGET_DEVICES += ap121f
+
 define Device/ap90q
   DEVICE_TITLE := YunCore AP90Q
   BOARDNAME = AP90Q

target/linux/ar71xx/image/tp-link.mk

@@ -441,6 +441,7 @@ define Device/tl-wr710n-v1
     DEVICE_PROFILE := TLWR710
     TPLINK_HWID := 0x07100001
     CONSOLE := ttyATH0,115200
+    IMAGE/factory.bin := append-rootfs | mktplinkfw factory -C US
 endef
 
 define Device/tl-wr710n-v2

target/linux/ar71xx/mikrotik/config-default

@@ -8,6 +8,7 @@
 # CONFIG_ATH79_MACH_ANTMINER_S3 is not set
 # CONFIG_ATH79_MACH_ANTROUTER_R1 is not set
 # CONFIG_ATH79_MACH_AP121 is not set
+# CONFIG_ATH79_MACH_AP121F is not set
 # CONFIG_ATH79_MACH_AP132 is not set
 # CONFIG_ATH79_MACH_AP136 is not set
 # CONFIG_ATH79_MACH_AP143 is not set

target/linux/ar71xx/nand/config-default

@@ -4,6 +4,7 @@
 # CONFIG_ATH79_MACH_ALL0258N is not set
 # CONFIG_ATH79_MACH_ALL0315N is not set
 # CONFIG_ATH79_MACH_AP121 is not set
+# CONFIG_ATH79_MACH_AP121F is not set
 # CONFIG_ATH79_MACH_AP132 is not set
 # CONFIG_ATH79_MACH_AP136 is not set
 # CONFIG_ATH79_MACH_AP147 is not set

target/linux/ar71xx/patches-4.4/102-MIPS-ath79-fix-regression-in-PCI-window-initializati.patch

@@ -1,37 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Sun, 15 May 2016 13:09:20 +0200
-Subject: [PATCH] MIPS: ath79: fix regression in PCI window initialization
-
-ath79_ddr_pci_win_base has the type void __iomem *, so register offsets
-need to be a multiple of 4.
-
-Cc: Alban Bedel <albeu@free.fr>
-Fixes: 24b0e3e84fbf ("MIPS: ath79: Improve the DDR controller interface")
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/arch/mips/ath79/common.c
-+++ b/arch/mips/ath79/common.c
-@@ -76,14 +76,14 @@ void ath79_ddr_set_pci_windows(void)
- {
- 	BUG_ON(!ath79_ddr_pci_win_base);
- 
--	__raw_writel(AR71XX_PCI_WIN0_OFFS, ath79_ddr_pci_win_base + 0);
--	__raw_writel(AR71XX_PCI_WIN1_OFFS, ath79_ddr_pci_win_base + 1);
--	__raw_writel(AR71XX_PCI_WIN2_OFFS, ath79_ddr_pci_win_base + 2);
--	__raw_writel(AR71XX_PCI_WIN3_OFFS, ath79_ddr_pci_win_base + 3);
--	__raw_writel(AR71XX_PCI_WIN4_OFFS, ath79_ddr_pci_win_base + 4);
--	__raw_writel(AR71XX_PCI_WIN5_OFFS, ath79_ddr_pci_win_base + 5);
--	__raw_writel(AR71XX_PCI_WIN6_OFFS, ath79_ddr_pci_win_base + 6);
--	__raw_writel(AR71XX_PCI_WIN7_OFFS, ath79_ddr_pci_win_base + 7);
-+	__raw_writel(AR71XX_PCI_WIN0_OFFS, ath79_ddr_pci_win_base + 0x0);
-+	__raw_writel(AR71XX_PCI_WIN1_OFFS, ath79_ddr_pci_win_base + 0x4);
-+	__raw_writel(AR71XX_PCI_WIN2_OFFS, ath79_ddr_pci_win_base + 0x8);
-+	__raw_writel(AR71XX_PCI_WIN3_OFFS, ath79_ddr_pci_win_base + 0xc);
-+	__raw_writel(AR71XX_PCI_WIN4_OFFS, ath79_ddr_pci_win_base + 0x10);
-+	__raw_writel(AR71XX_PCI_WIN5_OFFS, ath79_ddr_pci_win_base + 0x14);
-+	__raw_writel(AR71XX_PCI_WIN6_OFFS, ath79_ddr_pci_win_base + 0x18);
-+	__raw_writel(AR71XX_PCI_WIN7_OFFS, ath79_ddr_pci_win_base + 0x1c);
- }
- EXPORT_SYMBOL_GPL(ath79_ddr_set_pci_windows);
- 

target/linux/ar71xx/patches-4.4/910-unaligned_access_hacks.patch

@@ -214,7 +214,7 @@
  #include <linux/uaccess.h>
  #include <linux/ipv6.h>
  #include <linux/icmpv6.h>
-@@ -781,10 +782,10 @@ static void tcp_v6_send_response(const s
+@@ -786,10 +787,10 @@ static void tcp_v6_send_response(const s
  	topt = (__be32 *)(t1 + 1);
  
  	if (tsecr) {
@@ -241,7 +241,7 @@
   */
 --- a/net/ipv6/datagram.c
 +++ b/net/ipv6/datagram.c
-@@ -429,7 +429,7 @@ int ipv6_recv_error(struct sock *sk, str
+@@ -433,7 +433,7 @@ int ipv6_recv_error(struct sock *sk, str
  				ipv6_iface_scope_id(&sin->sin6_addr,
  						    IP6CB(skb)->iif);
  		} else {
@@ -250,7 +250,7 @@
  					       &sin->sin6_addr);
  			sin->sin6_scope_id = 0;
  		}
-@@ -766,12 +766,12 @@ int ip6_datagram_send_ctl(struct net *ne
+@@ -770,12 +770,12 @@ int ip6_datagram_send_ctl(struct net *ne
  			}
  
  			if (fl6->flowlabel&IPV6_FLOWINFO_MASK) {
@@ -610,7 +610,7 @@
  			goto next_ht;
 --- a/net/ipv6/ip6_offload.c
 +++ b/net/ipv6/ip6_offload.c
-@@ -222,7 +222,7 @@ static struct sk_buff **ipv6_gro_receive
+@@ -225,7 +225,7 @@ static struct sk_buff **ipv6_gro_receive
  			continue;
  
  		iph2 = (struct ipv6hdr *)(p->data + off);
@@ -711,7 +711,7 @@
  		if (xb)
  			return i * 32 + 31 - __fls(ntohl(xb));
  	}
-@@ -799,17 +803,18 @@ static inline int ip6_default_np_autolab
+@@ -804,17 +808,18 @@ static inline int ip6_default_np_autolab
  static inline void ip6_flow_hdr(struct ipv6hdr *hdr, unsigned int tclass,
  				__be32 flowlabel)
  {

target/linux/bcm53xx/Makefile

@@ -23,7 +23,7 @@ include $(INCLUDE_DIR)/target.mk
 
 KERNELNAME:=zImage dtbs
 
-DEFAULT_PACKAGES += swconfig wpad-mini nvram \
+DEFAULT_PACKAGES += swconfig nvram \
 	osafeloader oseama otrx \
 	kmod-gpio-button-hotplug \
 	kmod-leds-gpio kmod-ledtrig-default-on kmod-ledtrig-timer

target/linux/bcm53xx/config-4.4

@@ -71,6 +71,7 @@ CONFIG_BCMA_HOST_PCI_POSSIBLE=y
 CONFIG_BCMA_HOST_SOC=y
 CONFIG_BCMA_SFLASH=y
 CONFIG_BCM_NET_PHYLIB=y
+CONFIG_BCM_NS_THERMAL=y
 CONFIG_BGMAC=y
 CONFIG_BGMAC_BCMA=y
 # CONFIG_BGMAC_PLATFORM is not set
@@ -311,6 +312,10 @@ CONFIG_SWCONFIG_B53_SRAB_DRIVER=y
 CONFIG_SWIOTLB=y
 CONFIG_SWP_EMULATE=y
 CONFIG_SYS_SUPPORTS_APM_EMULATION=y
+CONFIG_THERMAL=y
+CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y
+CONFIG_THERMAL_GOV_STEP_WISE=y
+CONFIG_THERMAL_OF=y
 # CONFIG_THUMB2_KERNEL is not set
 CONFIG_TICK_CPU_ACCOUNTING=y
 CONFIG_TREE_RCU=y

target/linux/bcm53xx/image/Makefile

@@ -86,9 +86,11 @@ endef
 
 DEVICE_VARS += PRODUCTID SIGNATURE NETGEAR_BOARD_ID NETGEAR_REGION TPLINK_BOARD
 
-BRCMFMAC_43602A1 := kmod-brcmfmac brcmfmac-firmware-43602a1-pcie
-BRCMFMAC_4366B1 := kmod-brcmfmac brcmfmac-firmware-4366b1-pcie
-BRCMFMAC_4366C0 := kmod-brcmfmac
+IEEE8021X := wpad-mini
+B43 := $(IEEE8021X) kmod-b43
+BRCMFMAC_43602A1 := $(IEEE8021X) kmod-brcmfmac brcmfmac-firmware-43602a1-pcie
+BRCMFMAC_4366B1 := $(IEEE8021X) kmod-brcmfmac brcmfmac-firmware-4366b1-pcie
+BRCMFMAC_4366C0 := $(IEEE8021X) kmod-brcmfmac
 USB2_PACKAGES := kmod-usb-ohci kmod-usb2 kmod-phy-bcm-ns-usb2
 USB2_PACKAGES += kmod-usb-ledtrig-usbport
 USB3_PACKAGES := $(USB2_PACKAGES) kmod-usb3 kmod-phy-bcm-ns-usb3
@@ -115,7 +117,7 @@ endef
 
 define Device/asus-rt-ac56u
   DEVICE_TITLE := Asus RT-AC56U
-  DEVICE_PACKAGES := kmod-b43 $(USB3_PACKAGES)
+  DEVICE_PACKAGES := $(B43) $(USB3_PACKAGES)
 endef
 TARGET_DEVICES += asus-rt-ac56u
 
@@ -145,19 +147,19 @@ TARGET_DEVICES += buffalo-wxr-1900dhp
 
 define Device/buffalo-wzr-600dhp2
   DEVICE_TITLE := Buffalo WZR-600DHP2
-  DEVICE_PACKAGES := kmod-b43 $(USB2_PACKAGES)
+  DEVICE_PACKAGES := $(B43) $(USB2_PACKAGES)
 endef
 TARGET_DEVICES += buffalo-wzr-600dhp2
 
 define Device/buffalo-wzr-900dhp
   DEVICE_TITLE := Buffalo WZR-900DHP
-  DEVICE_PACKAGES := kmod-b43 $(USB3_PACKAGES)
+  DEVICE_PACKAGES := $(B43) $(USB3_PACKAGES)
 endef
 TARGET_DEVICES += buffalo-wzr-900dhp
 
 define Device/buffalo-wzr-1750dhp
   DEVICE_TITLE := Buffalo WZR-1750DHP
-  DEVICE_PACKAGES := kmod-b43 $(USB3_PACKAGES)
+  DEVICE_PACKAGES := $(B43) $(USB3_PACKAGES)
 endef
 TARGET_DEVICES += buffalo-wzr-1750dhp
 
@@ -178,7 +180,7 @@ TARGET_DEVICES += dlink-dir-885l
 
 define Device/linksys-ea6300-v1
   DEVICE_TITLE := Linksys EA6300 V1
-  DEVICE_PACKAGES := kmod-b43 $(USB3_PACKAGES)
+  DEVICE_PACKAGES := $(B43) $(USB3_PACKAGES)
 endef
 # TARGET_DEVICES += linksys-ea6300-v1
 
@@ -203,7 +205,7 @@ endef
 
 define Device/netgear-r6250
   DEVICE_TITLE := Netgear R6250
-  DEVICE_PACKAGES := kmod-b43 $(USB3_PACKAGES)
+  DEVICE_PACKAGES := $(B43) $(USB3_PACKAGES)
   $(Device/netgear)
   NETGEAR_BOARD_ID := U12H245T00_NETGEAR
 endef
@@ -211,7 +213,7 @@ TARGET_DEVICES += netgear-r6250
 
 define Device/netgear-r6300-v2
   DEVICE_TITLE := Netgear R6300 V2
-  DEVICE_PACKAGES := kmod-b43 $(USB3_PACKAGES)
+  DEVICE_PACKAGES := $(B43) $(USB3_PACKAGES)
   $(Device/netgear)
   NETGEAR_BOARD_ID := U12H240T00_NETGEAR
 endef
@@ -259,7 +261,7 @@ TARGET_DEVICES += smartrg-sr400ac
 
 define Device/tenda-ac9
   DEVICE_TITLE := Tenda AC9
-  DEVICE_PACKAGES := kmod-b43 $(USB2_PACKAGES)
+  DEVICE_PACKAGES := $(B43) $(USB2_PACKAGES)
   IMAGES := trx
   IMAGE/trx := append-rootfs | trx-serial
 endef
@@ -267,7 +269,7 @@ TARGET_DEVICES += tenda-ac9
 
 define Device/tplink-archer-c5-v2
   DEVICE_TITLE := TP-LINK Archer C5 V2
-  DEVICE_PACKAGES := kmod-b43 $(USB2_PACKAGES)
+  DEVICE_PACKAGES := $(B43) $(USB2_PACKAGES)
   IMAGES := bin
   IMAGE/bin := append-rootfs | bcm53xx-tplink-safeloader
   TPLINK_BOARD := ARCHER-C5-V2

target/linux/bcm53xx/patches-4.4/031-ARM-dts-enable-clock-support-for-BCM5301X.patch

@@ -68,7 +68,7 @@ Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
  			compatible = "arm,cortex-a9-global-timer";
 -			reg = <0x0200 0x100>;
 +			reg = <0x20200 0x100>;
- 			interrupts = <GIC_PPI 11 IRQ_TYPE_LEVEL_HIGH>;
+ 			interrupts = <GIC_PPI 11 IRQ_TYPE_EDGE_RISING>;
 -			clocks = <&clk_periph>;
 +			clocks = <&periph_clk>;
  		};
@@ -78,7 +78,7 @@ Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
  			compatible = "arm,cortex-a9-twd-timer";
 -			reg = <0x0600 0x100>;
 +			reg = <0x20600 0x100>;
- 			interrupts = <GIC_PPI 13 IRQ_TYPE_LEVEL_HIGH>;
+ 			interrupts = <GIC_PPI 13 IRQ_TYPE_EDGE_RISING>;
 -			clocks = <&clk_periph>;
 +			clocks = <&periph_clk>;
  		};

target/linux/bcm53xx/patches-4.4/047-0013-ARM-dts-BCM5301X-Correct-GIC_PPI-interrupt-flags.patch

@@ -1,41 +0,0 @@
-From 0e34079cd1f674449749aafe4be07336177de90d Mon Sep 17 00:00:00 2001
-From: Jon Mason <jon.mason@broadcom.com>
-Date: Thu, 2 Mar 2017 19:21:32 -0500
-Subject: [PATCH] ARM: dts: BCM5301X: Correct GIC_PPI interrupt flags
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-GIC_PPI flags were misconfigured for the timers, resulting in errors
-like:
-[    0.000000] GIC: PPI11 is secure or misconfigured
-
-Changing them to being edge triggered corrects the issue
-
-Suggested-by: Rafał Miłecki <rafal@milecki.pl>
-Signed-off-by: Jon Mason <jon.mason@broadcom.com>
-Fixes: d27509f1 ("ARM: BCM5301X: add dts files for BCM4708 SoC")
-Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
----
- arch/arm/boot/dts/bcm5301x.dtsi | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
---- a/arch/arm/boot/dts/bcm5301x.dtsi
-+++ b/arch/arm/boot/dts/bcm5301x.dtsi
-@@ -66,14 +66,14 @@
- 		timer@20200 {
- 			compatible = "arm,cortex-a9-global-timer";
- 			reg = <0x20200 0x100>;
--			interrupts = <GIC_PPI 11 IRQ_TYPE_LEVEL_HIGH>;
-+			interrupts = <GIC_PPI 11 IRQ_TYPE_EDGE_RISING>;
- 			clocks = <&periph_clk>;
- 		};
- 
- 		local-timer@20600 {
- 			compatible = "arm,cortex-a9-twd-timer";
- 			reg = <0x20600 0x100>;
--			interrupts = <GIC_PPI 13 IRQ_TYPE_LEVEL_HIGH>;
-+			interrupts = <GIC_PPI 13 IRQ_TYPE_EDGE_RISING>;
- 			clocks = <&periph_clk>;
- 		};
- 

target/linux/bcm53xx/patches-4.4/049-v4.14-0001-ARM-dts-BCM5301X-Specify-USB-ports-for-each-controll.patch

@@ -0,0 +1,74 @@
+From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
+Date: Tue, 27 Jun 2017 19:35:27 +0200
+Subject: [PATCH] ARM: dts: BCM5301X: Specify USB ports for each controller
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Northstar has 3 controllers: OHCI and EHCI (each with 2 ports) and XHCI
+(with just 1 port). Describe them in the DT. In future this will allow
+to reference them as trigger sources.
+
+Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
+Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
+---
+ arch/arm/boot/dts/bcm5301x.dtsi | 34 ++++++++++++++++++++++++++++++++++
+ 1 file changed, 34 insertions(+)
+
+--- a/arch/arm/boot/dts/bcm5301x.dtsi
++++ b/arch/arm/boot/dts/bcm5301x.dtsi
+@@ -272,6 +272,19 @@
+ 				reg = <0x00021000 0x1000>;
+ 				interrupts = <GIC_SPI 79 IRQ_TYPE_LEVEL_HIGH>;
+ 				phys = <&usb2_phy>;
++
++				#address-cells = <1>;
++				#size-cells = <0>;
++
++				ehci_port1: port@1 {
++					reg = <1>;
++					#trigger-source-cells = <0>;
++				};
++
++				ehci_port2: port@2 {
++					reg = <2>;
++					#trigger-source-cells = <0>;
++				};
+ 			};
+ 
+ 			ohci: ohci@22000 {
+@@ -280,6 +293,19 @@
+ 				compatible = "generic-ohci";
+ 				reg = <0x00022000 0x1000>;
+ 				interrupts = <GIC_SPI 79 IRQ_TYPE_LEVEL_HIGH>;
++
++				#address-cells = <1>;
++				#size-cells = <0>;
++
++				ohci_port1: port@1 {
++					reg = <1>;
++					#trigger-source-cells = <0>;
++				};
++
++				ohci_port2: port@2 {
++					reg = <2>;
++					#trigger-source-cells = <0>;
++				};
+ 			};
+ 		};
+ 
+@@ -300,6 +326,14 @@
+ 				interrupts = <GIC_SPI 80 IRQ_TYPE_LEVEL_HIGH>;
+ 				phys = <&usb3_phy>;
+ 				phy-names = "usb";
++
++				#address-cells = <1>;
++				#size-cells = <0>;
++
++				xhci_port1: port@1 {
++					reg = <1>;
++					#trigger-source-cells = <0>;
++				};
+ 			};
+ 		};
+ 

target/linux/bcm53xx/patches-4.4/049-v4.14-0002-ARM-dts-BCM5301X-Specify-USB-ports-for-USB-LEDs-of-f.patch

@@ -0,0 +1,139 @@
+From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
+Date: Wed, 2 Aug 2017 06:40:41 +0200
+Subject: [PATCH] ARM: dts: BCM5301X: Specify USB ports for USB LEDs of few
+ devices
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This uses trigger-sources documented in commit 80dc6e1cd85fc ("dt-bindings:
+leds: document new trigger-sources property") to specify USB ports. Such an
+information can be used by operating system to setup LEDs behavior.
+
+I updated dts files for 7 devices I own and I was able to test.
+
+Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
+Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
+---
+ arch/arm/boot/dts/bcm4708-buffalo-wzr-1750dhp.dts  | 4 ++++
+ arch/arm/boot/dts/bcm4708-netgear-r6250.dts        | 3 +++
+ arch/arm/boot/dts/bcm4708-smartrg-sr400ac.dts      | 6 ++++++
+ arch/arm/boot/dts/bcm47081-tplink-archer-c5-v2.dts | 4 ++++
+ arch/arm/boot/dts/bcm4709-tplink-archer-c9-v1.dts  | 5 +++++
+ arch/arm/boot/dts/bcm47094-dlink-dir-885l.dts      | 3 +++
+ arch/arm/boot/dts/bcm47094-luxul-xwr-3100.dts      | 3 +++
+ 7 files changed, 28 insertions(+)
+
+--- a/arch/arm/boot/dts/bcm4708-buffalo-wzr-1750dhp.dts
++++ b/arch/arm/boot/dts/bcm4708-buffalo-wzr-1750dhp.dts
+@@ -52,6 +52,10 @@
+ 		usb {
+ 			label = "bcm53xx:blue:usb";
+ 			gpios = <&hc595 0 GPIO_ACTIVE_HIGH>;
++			trigger-sources = <&ohci_port1>, <&ehci_port1>,
++					  <&xhci_port1>, <&ohci_port2>,
++					  <&ehci_port2>;
++			linux,default-trigger = "usbport";
+ 		};
+ 
+ 		power0 {
+--- a/arch/arm/boot/dts/bcm4708-netgear-r6250.dts
++++ b/arch/arm/boot/dts/bcm4708-netgear-r6250.dts
+@@ -48,6 +48,9 @@
+ 		usb {
+ 			label = "bcm53xx:blue:usb";
+ 			gpios = <&chipcommon 8 GPIO_ACTIVE_LOW>;
++			trigger-sources = <&ohci_port1>, <&ehci_port1>,
++					  <&xhci_port1>;
++			linux,default-trigger = "usbport";
+ 		};
+ 
+ 		wireless {
+--- a/arch/arm/boot/dts/bcm4708-smartrg-sr400ac.dts
++++ b/arch/arm/boot/dts/bcm4708-smartrg-sr400ac.dts
+@@ -42,16 +42,22 @@
+ 		usb2 {
+ 			label = "bcm53xx:white:usb2";
+ 			gpios = <&chipcommon 3 GPIO_ACTIVE_HIGH>;
++			trigger-sources = <&ohci_port2>, <&ehci_port2>;
++			linux,default-trigger = "usbport";
+ 		};
+ 
+ 		usb3-white {
+ 			label = "bcm53xx:white:usb3";
+ 			gpios = <&chipcommon 4 GPIO_ACTIVE_HIGH>;
++			trigger-sources = <&xhci_port1>;
++			linux,default-trigger = "usbport";
+ 		};
+ 
+ 		usb3-green {
+ 			label = "bcm53xx:green:usb3";
+ 			gpios = <&chipcommon 5 GPIO_ACTIVE_HIGH>;
++			trigger-sources = <&ohci_port1>, <&ehci_port1>;
++			linux,default-trigger = "usbport";
+ 		};
+ 
+ 		wps {
+--- a/arch/arm/boot/dts/bcm47081-tplink-archer-c5-v2.dts
++++ b/arch/arm/boot/dts/bcm47081-tplink-archer-c5-v2.dts
+@@ -36,6 +36,8 @@
+ 		usb2-port1 {
+ 			label = "bcm53xx:green:usb2-port1";
+ 			gpios = <&chipcommon 2 GPIO_ACTIVE_HIGH>;
++			trigger-sources = <&ohci_port1>, <&ehci_port1>;
++			linux,default-trigger = "usbport";
+ 		};
+ 
+ 		power {
+@@ -67,6 +69,8 @@
+ 		usb2-port2 {
+ 			label = "bcm53xx:green:usb2-port2";
+ 			gpios = <&chipcommon 13 GPIO_ACTIVE_HIGH>;
++			trigger-sources = <&ohci_port2>, <&ehci_port2>;
++			linux,default-trigger = "usbport";
+ 		};
+ 	};
+ 
+--- a/arch/arm/boot/dts/bcm4709-tplink-archer-c9-v1.dts
++++ b/arch/arm/boot/dts/bcm4709-tplink-archer-c9-v1.dts
+@@ -46,11 +46,16 @@
+ 		usb3 {
+ 			label = "bcm53xx:blue:usb3";
+ 			gpios = <&chipcommon 6 GPIO_ACTIVE_HIGH>;
++			trigger-sources = <&ohci_port1>, <&ehci_port1>,
++					  <&xhci_port1>;
++			linux,default-trigger = "usbport";
+ 		};
+ 
+ 		usb2 {
+ 			label = "bcm53xx:blue:usb2";
+ 			gpios = <&chipcommon 7 GPIO_ACTIVE_HIGH>;
++			trigger-sources = <&ohci_port2>, <&ehci_port2>;
++			linux,default-trigger = "usbport";
+ 		};
+ 
+ 		wan-blue {
+--- a/arch/arm/boot/dts/bcm47094-dlink-dir-885l.dts
++++ b/arch/arm/boot/dts/bcm47094-dlink-dir-885l.dts
+@@ -71,6 +71,9 @@
+ 		usb3-white {
+ 			label = "bcm53xx:white:usb3";
+ 			gpios = <&chipcommon 8 GPIO_ACTIVE_LOW>;
++			trigger-sources = <&ohci_port1>, <&ehci_port1>,
++					  <&xhci_port1>;
++			linux,default-trigger = "usbport";
+ 		};
+ 
+ 		2ghz {
+--- a/arch/arm/boot/dts/bcm47094-luxul-xwr-3100.dts
++++ b/arch/arm/boot/dts/bcm47094-luxul-xwr-3100.dts
+@@ -59,6 +59,9 @@
+ 		usb3	{
+ 			label = "bcm53xx:green:usb3";
+ 			gpios = <&chipcommon 8 GPIO_ACTIVE_LOW>;
++			trigger-sources = <&ohci_port1>, <&ehci_port1>,
++					  <&xhci_port1>;
++			linux,default-trigger = "usbport";
+ 		};
+ 
+ 		status	{

target/linux/bcm53xx/patches-4.4/332-ARM-BCM5301X-Add-power-button-for-Buffalo-WZR-1750DHP.patch

@@ -5,7 +5,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 ---
 --- a/arch/arm/boot/dts/bcm4708-buffalo-wzr-1750dhp.dts
 +++ b/arch/arm/boot/dts/bcm4708-buffalo-wzr-1750dhp.dts
-@@ -98,6 +98,12 @@
+@@ -102,6 +102,12 @@
  		#address-cells = <1>;
  		#size-cells = <0>;
  

target/linux/brcm2708/patches-4.4/0029-Add-dwc_otg-driver.patch

@@ -659,7 +659,7 @@ dwc_otg: Remove duplicate gadget probe/unregister function
  }
 --- a/drivers/usb/core/hub.c
 +++ b/drivers/usb/core/hub.c
-@@ -4967,7 +4967,7 @@ static void port_event(struct usb_hub *h
+@@ -4975,7 +4975,7 @@ static void port_event(struct usb_hub *h
  	if (portchange & USB_PORT_STAT_C_OVERCURRENT) {
  		u16 status = 0, unused;
  

target/linux/brcm2708/patches-4.4/0044-Added-hwmon-thermal-driver-for-reporting-core-temper.patch

@@ -39,7 +39,7 @@ Signed-off-by: Noralf Trønnes <noralf@tronnes.org>
  	depends on X86_THERMAL_VECTOR
 --- a/drivers/thermal/Makefile
 +++ b/drivers/thermal/Makefile
-@@ -38,6 +38,7 @@ obj-$(CONFIG_ARMADA_THERMAL)	+= armada_t
+@@ -39,6 +39,7 @@ obj-$(CONFIG_ARMADA_THERMAL)	+= armada_t
  obj-$(CONFIG_IMX_THERMAL)	+= imx_thermal.o
  obj-$(CONFIG_DB8500_CPUFREQ_COOLING)	+= db8500_cpufreq_cooling.o
  obj-$(CONFIG_INTEL_POWERCLAMP)	+= intel_powerclamp.o

target/linux/brcm2708/patches-4.4/0073-BCM270x_DT-Add-pwr_led-and-the-required-input-trigge.patch

@@ -31,7 +31,7 @@ See: https://github.com/raspberrypi/linux/issues/1064
 
 --- a/drivers/leds/leds-gpio.c
 +++ b/drivers/leds/leds-gpio.c
-@@ -42,6 +42,13 @@ static void gpio_led_work(struct work_st
+@@ -41,6 +41,13 @@ static void gpio_led_work(struct work_st
  		led_dat->platform_gpio_blink_set(led_dat->gpiod,
  					led_dat->new_level, NULL, NULL);
  		led_dat->blinking = 0;
@@ -45,7 +45,7 @@ See: https://github.com/raspberrypi/linux/issues/1064
  	} else
  		gpiod_set_value_cansleep(led_dat->gpiod, led_dat->new_level);
  }
-@@ -62,7 +69,8 @@ static void gpio_led_set(struct led_clas
+@@ -61,7 +68,8 @@ static void gpio_led_set(struct led_clas
  	 * seem to have a reliable way to know if we're already in one; so
  	 * let's just assume the worst.
  	 */
@@ -55,7 +55,7 @@ See: https://github.com/raspberrypi/linux/issues/1064
  		led_dat->new_level = level;
  		schedule_work(&led_dat->work);
  	} else {
-@@ -75,6 +83,13 @@ static void gpio_led_set(struct led_clas
+@@ -74,6 +82,13 @@ static void gpio_led_set(struct led_clas
  	}
  }
  
@@ -69,7 +69,7 @@ See: https://github.com/raspberrypi/linux/issues/1064
  static int gpio_blink_set(struct led_classdev *led_cdev,
  	unsigned long *delay_on, unsigned long *delay_off)
  {
-@@ -131,6 +146,7 @@ static int create_gpio_led(const struct
+@@ -129,6 +144,7 @@ static int create_gpio_led(const struct
  		led_dat->cdev.blink_set = gpio_blink_set;
  	}
  	led_dat->cdev.brightness_set = gpio_led_set;

target/linux/brcm2708/patches-4.4/0111-mm-Remove-the-PFN-busy-warning.patch

@@ -14,11 +14,11 @@ Signed-off-by: Eric Anholt <eric@anholt.net>
 
 --- a/mm/page_alloc.c
 +++ b/mm/page_alloc.c
-@@ -6785,8 +6785,6 @@ int alloc_contig_range(unsigned long sta
+@@ -6816,8 +6816,6 @@ int alloc_contig_range(unsigned long sta
  
  	/* Make sure the range is really isolated. */
  	if (test_pages_isolated(outer_start, end, false)) {
--		pr_info("%s: [%lx, %lx) PFNs busy\n",
+-		pr_info_ratelimited("%s: [%lx, %lx) PFNs busy\n",
 -			__func__, outer_start, end);
  		ret = -EBUSY;
  		goto done;

target/linux/brcm2708/patches-4.4/0179-Protect-__release_resource-against-resources-without.patch

@@ -12,7 +12,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
 
 --- a/kernel/resource.c
 +++ b/kernel/resource.c
-@@ -237,6 +237,12 @@ static int __release_resource(struct res
+@@ -246,6 +246,12 @@ static int __release_resource(struct res
  {
  	struct resource *tmp, **p;
  

target/linux/brcm2708/patches-4.4/0446-of-Export-of_device_uevent_modalias-for-DRM_MIPI_DSI.patch

@@ -1,21 +0,0 @@
-From 6245131c0c328d2ed876d87cc20b176e2f24a769 Mon Sep 17 00:00:00 2001
-From: Eric Anholt <eric@anholt.net>
-Date: Tue, 9 Aug 2016 15:12:06 -0700
-Subject: [PATCH] of: Export of_device_uevent_modalias for DRM_MIPI_DSI.
-
-In order to make DSI panel modules able to load automatically, we need
-to emit the OF modalias uevent so that their MODULE_DEVICE_TABLE(of,
-...) can match against it.
-
-Signed-off-by: Eric Anholt <eric@anholt.net>
----
- drivers/of/device.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/drivers/of/device.c
-+++ b/drivers/of/device.c
-@@ -287,3 +287,4 @@ int of_device_uevent_modalias(struct dev
- 
- 	return 0;
- }
-+EXPORT_SYMBOL(of_device_uevent_modalias);

target/linux/brcm2708/patches-4.4/0551-kbuild-add-fno-PIE.patch

@@ -29,10 +29,10 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 
 --- a/Makefile
 +++ b/Makefile
-@@ -619,6 +619,8 @@ include arch/$(SRCARCH)/Makefile
- KBUILD_CFLAGS	+= $(call cc-option,-fno-delete-null-pointer-checks,)
- KBUILD_CFLAGS	+= $(call cc-disable-warning,maybe-uninitialized,)
- KBUILD_CFLAGS	+= $(call cc-disable-warning,frame-address,)
+@@ -622,6 +622,8 @@ KBUILD_CFLAGS	+= $(call cc-disable-warni
+ KBUILD_CFLAGS	+= $(call cc-disable-warning, format-truncation)
+ KBUILD_CFLAGS	+= $(call cc-disable-warning, format-overflow)
+ KBUILD_CFLAGS	+= $(call cc-disable-warning, int-in-bool-context)
 +KBUILD_CFLAGS	+= $(call cc-option,-fno-PIE)
 +KBUILD_AFLAGS	+= $(call cc-option,-fno-PIE)
  

target/linux/brcm2708/patches-4.4/0552-kbuild-Steal-gcc-s-pie-from-the-very-beginning.patch

@@ -38,10 +38,10 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 
 --- a/Makefile
 +++ b/Makefile
-@@ -619,8 +619,6 @@ include arch/$(SRCARCH)/Makefile
- KBUILD_CFLAGS	+= $(call cc-option,-fno-delete-null-pointer-checks,)
- KBUILD_CFLAGS	+= $(call cc-disable-warning,maybe-uninitialized,)
- KBUILD_CFLAGS	+= $(call cc-disable-warning,frame-address,)
+@@ -622,8 +622,6 @@ KBUILD_CFLAGS	+= $(call cc-disable-warni
+ KBUILD_CFLAGS	+= $(call cc-disable-warning, format-truncation)
+ KBUILD_CFLAGS	+= $(call cc-disable-warning, format-overflow)
+ KBUILD_CFLAGS	+= $(call cc-disable-warning, int-in-bool-context)
 -KBUILD_CFLAGS	+= $(call cc-option,-fno-PIE)
 -KBUILD_AFLAGS	+= $(call cc-option,-fno-PIE)
  

target/linux/brcm47xx/config-4.4

@@ -14,11 +14,6 @@ CONFIG_ARCH_SUSPEND_POSSIBLE=y
 CONFIG_ARCH_USE_BUILTIN_BSWAP=y
 CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y
 CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y
-CONFIG_SWCONFIG_B53=y
-# CONFIG_SWCONFIG_B53_MMAP_DRIVER is not set
-CONFIG_SWCONFIG_B53_PHY_DRIVER=y
-CONFIG_SWCONFIG_B53_PHY_FIXUP=y
-# CONFIG_SWCONFIG_B53_SRAB_DRIVER is not set
 CONFIG_BCM47XX=y
 CONFIG_BCM47XX_BCMA=y
 CONFIG_BCM47XX_NVRAM=y
@@ -36,7 +31,9 @@ CONFIG_BCMA_HOST_PCI=y
 CONFIG_BCMA_HOST_PCI_POSSIBLE=y
 CONFIG_BCMA_HOST_SOC=y
 CONFIG_BCMA_NFLASH=y
+CONFIG_BCMA_PFLASH=y
 CONFIG_BCMA_SFLASH=y
+# CONFIG_BGMAC_BCMA is not set
 CONFIG_CC_OPTIMIZE_FOR_SIZE=y
 CONFIG_CEVT_R4K=y
 CONFIG_CLONE_BACKWARDS=y
@@ -75,7 +72,6 @@ CONFIG_GENERIC_SCHED_CLOCK=y
 CONFIG_GENERIC_SMP_IDLE_THREAD=y
 CONFIG_GENERIC_TIME_VSYSCALL=y
 CONFIG_GPIOLIB=y
-CONFIG_GPIOLIB_IRQCHIP=y
 CONFIG_GPIO_DEVRES=y
 CONFIG_GPIO_SYSFS=y
 CONFIG_GPIO_WDT=y
@@ -105,6 +101,7 @@ CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
 CONFIG_HAVE_FUNCTION_TRACER=y
 CONFIG_HAVE_GENERIC_DMA_COHERENT=y
 CONFIG_HAVE_IDE=y
+CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y
 CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y
 CONFIG_HAVE_LATENCYTOP_SUPPORT=y
 CONFIG_HAVE_MEMBLOCK=y
@@ -157,7 +154,6 @@ CONFIG_SCHED_HRTICK=y
 CONFIG_SERIAL_8250_EXTENDED=y
 # CONFIG_SERIAL_8250_FSL is not set
 CONFIG_SERIAL_8250_SHARE_IRQ=y
-# CONFIG_SG_SPLIT is not set
 CONFIG_SRCU=y
 CONFIG_SSB=y
 CONFIG_SSB_B43_PCI_BRIDGE=y
@@ -177,8 +173,12 @@ CONFIG_SSB_PCIHOST_POSSIBLE=y
 CONFIG_SSB_SERIAL=y
 CONFIG_SSB_SFLASH=y
 CONFIG_SSB_SPROM=y
-# CONFIG_SUNXI_SRAM is not set
 CONFIG_SWCONFIG=y
+CONFIG_SWCONFIG_B53=y
+# CONFIG_SWCONFIG_B53_MMAP_DRIVER is not set
+CONFIG_SWCONFIG_B53_PHY_DRIVER=y
+CONFIG_SWCONFIG_B53_PHY_FIXUP=y
+# CONFIG_SWCONFIG_B53_SRAB_DRIVER is not set
 CONFIG_SYSCTL_EXCEPTION_TRACE=y
 CONFIG_SYS_HAS_CPU_BMIPS=y
 CONFIG_SYS_HAS_CPU_BMIPS32_3300=y

target/linux/brcm63xx/patches-4.4/000-4.5-03-spi-nor-convert-to-spi_nor_-get-set-_flash_node.patch

@@ -68,7 +68,7 @@ Reviewed-by: Boris Brezillon <boris.brezillon@free-electrons.com>
  	spifi->nor.write = nxp_spifi_write;
 --- a/drivers/mtd/spi-nor/spi-nor.c
 +++ b/drivers/mtd/spi-nor/spi-nor.c
-@@ -1113,7 +1113,7 @@ int spi_nor_scan(struct spi_nor *nor, co
+@@ -1120,7 +1120,7 @@ int spi_nor_scan(struct spi_nor *nor, co
  	const struct flash_info *info = NULL;
  	struct device *dev = nor->dev;
  	struct mtd_info *mtd = &nor->mtd;

target/linux/brcm63xx/patches-4.4/111-MIPS-BCM63XX-allow-NULL-clock-for-clk_get_rate.patch

@@ -0,0 +1,48 @@
+From patchwork Tue Jul 18 10:17:27 2017
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: [6/9] MIPS: BCM63XX: allow NULL clock for clk_get_rate
+X-Patchwork-Submitter: Jonas Gorski <jonas.gorski@gmail.com>
+X-Patchwork-Id: 16776
+Message-Id: <20170718101730.2541-7-jonas.gorski@gmail.com>
+To: unlisted-recipients:; (no To-header on input)
+Cc: Ralf Baechle <ralf@linux-mips.org>,
+ Florian Fainelli <f.fainelli@gmail.com>,
+ bcm-kernel-feedback-list@broadcom.com,
+ James Hogan <james.hogan@imgtec.com>,
+ linux-mips@linux-mips.org, linux-kernel@vger.kernel.org
+Date: Tue, 18 Jul 2017 12:17:27 +0200
+From: Jonas Gorski <jonas.gorski@gmail.com>
+List-Id: linux-mips <linux-mips.eddie.linux-mips.org>
+
+Make the behaviour of clk_get_rate consistent with common clk's
+clk_get_rate by accepting NULL clocks as parameter. Some device
+drivers rely on this, and will cause an OOPS otherwise.
+
+Fixes: e7300d04bd08 ("MIPS: BCM63xx: Add support for the Broadcom BCM63xx family of SOCs.")
+Cc: Ralf Baechle <ralf@linux-mips.org>
+Cc: Florian Fainelli <f.fainelli@gmail.com>
+Cc: bcm-kernel-feedback-list@broadcom.com
+Cc: James Hogan <james.hogan@imgtec.com>
+Cc: linux-mips@linux-mips.org
+Cc: linux-kernel@vger.kernel.org
+Reported-by: Mathias Kresin <dev@kresin.me>
+Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
+Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
+---
+ arch/mips/bcm63xx/clk.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/arch/mips/bcm63xx/clk.c
++++ b/arch/mips/bcm63xx/clk.c
+@@ -345,6 +345,9 @@ EXPORT_SYMBOL(clk_disable);
+ 
+ unsigned long clk_get_rate(struct clk *clk)
+ {
++	if (!clk)
++		return 0;
++
+ 	return clk->rate;
+ }
+