This will allow x86 devices with 256 MB disk to upgrade.

This seems to unbreak bootloader image generation with certain shells /
build setups.

Fixes #1766

(cherry picked from commit fdf552e5)

a0ab6d6e712f simple-tc: increment PKG_VERSION

89808e211c kernel: bump 4.14 to 4.14.137
349714a491 kernel: bump 4.9 to 4.9.188
0a4a82a431 config: introduce separate CONFIG_SIGNATURE_CHECK option
8a83892662 packages: apply usign padding workarounds to package indexes if needed
0bce1d0db9 usign: update to latest Git HEAD
958411aa61 kernel: bump 4.14 to 4.14.136
2807f84b62 kernel: bump 4.9 to 4.9.187
7e4ce0c655 ar71xx: wpj531: fix SIG1/RSS1 LED GPIO

Compile-tested: ar71xx, mpc85xx

b7e7d220e7 ar71xx: fix HiveAP 121 PLL for 1000M

df53824f46 kernel: bump 4.14 to 4.14.134
76d1e8a0c2 kernel: bump 4.9 to 4.9.186
ef9c13fb5d imx6: bump SDMA firmware to 3.5
41e3f12e00 imx6: bump sdma firmware to 3.4
f51e2d031e mac80211: brcm: improve brcmfmac debugging of firmware crashes
95745e26b3 mac80211: brcm: update brcmfmac 5.4 patches
65a405382b omcproxy: fix compilation on little-endian CPUs
a68be42f99 scripts: ipkg-make-index.sh: dereference symbolic links
8231f67218 mac80211: brcmfmac: backport fixes from kernel 5.4
627bb0b8dc busybox: strip off ALTERNATIVES spec
e6af9c017b opkg: bump to version 2019-06-14
33e7beeb31 base-files: Fix path check in get_mac_binary
687977bfc9 kernel: bump 4.14 to 4.14.132
6ee6c97ded base-files: Really check path in get_mac_binary
aced9de9a4 wireguard: bump to 0.0.20190601
3bbd16da46 ramips: fix mt7620 pinmux for second SPI
b84f761d91 OpenWrt v18.06.4: revert to branch defaults
f6429577c5 OpenWrt v18.06.4: adjust config defaults

Compile-tested: ar71xx-generic, ipq40xx, mpc85xx-generic, ramips-mt7621
Runtime-tested: mpc85xx-generic (WDR4900v1), ramips-mt761 (DIR-860L-B1)

Fixes #1718

$(TOPDIR) does not contain a trailing slash.
Thus the 'gluon.mk'-include must include
the trailing slash. (Just like the link to
$(INCLUDE_DIR)/package.mk does.)

Signed-off-by: Chris Fiege <chris@tinyhost.de>

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>

ef686b7292 uqmi: bump to latest git HEAD
3dc740257b uqmi: inherit firewall zone membership to virtual sub interfaces
a2c22b8776 uqmi: fix PIN_STATUS_FAILED error with MC7455 WCDMA/LTE modem
d5ff0897cb kernel: bump 4.14 to 4.14.131
18266fc6c0 kernel: bump 4.9 to 4.9.184

Compile-tested: mpc85xx-generic, ramips-mt7621
Runtime-tested: mpc85xx-generic (TP-Link WDR4900 v1), ramips-mt7621 (D-Link DIR-860L B1)

Fixes #1771

5e771160b8 kernel: bump 4.14 to 4.14.130
9c6fb1d67a kernel: bump 4.14 to 4.14.129
6c1bef833d kernel: bump 4.9 to 4.9.183
467adaf6c5 OpenWrt v18.06.3: revert to branch defaults
4382d4ce19 OpenWrt v18.06.3: adjust config defaults
97ae9e0ccb fstools: block-mount: fix restart of fstab service
25fc20db8b fstools: update to the latest master branch
fc39d5fc45 fstools: media change detection (eg:sdcard) using kernel polling
b463a13881 hostapd: fix multiple security problems

Compile-tested: ramips-mt7621
Runtime-tested: ramips-mt7621 (D-Link DIR-860L B1)

This is a fix for the broken ingress traffic-shaping in gluon v2018.2.2
and possibly earlier.

For ingress traffic shaping the kernel option NET_ACT_POLICE is needed.
Before this patch there was no dependency to this. Neither in
gluon_core, gluon-mesh-vpn-core nor in the package.

This patch adds this dependency.

[Matthias Schiffer: move dependency from GLUON_CORE to gluon-mesh-vpn-core]

Fixes #1790

(cherry picked from commit dc8149ab)

d4c87ce6b06e simple-tc: depend on KERNEL_NET_ACT_POLICE or kmod-sched
73b301911d2d simple-tc: fix confusing program names in error messages

The profile for GL.iNet AR750 currently selects ATH10K_PACKAGES, but this device actually has a QCA9887 which needs another driver.
This commit fixes the issue by setting ATH10K_PACKAGES_QCA9887 instead.

(cherry picked from commit 0a222183)

The gluon-authorized-keys is usually installed to use SSH keys to
authenticate a user against the device. To make this useful, it is also
required to disable passwordless SSH access to the device.

This new dependency is only required when the user doesn't have
gluon-setup-mode enabled already.

Fixes: #1777
Reported-by: yanosz <github@yanosz.net>
Fixes: a753fa79 ("gluon-authorized-keys: add keys from site.conf")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit 2eb15bac)

(cherry picked from commit 85494380)

- A Picostation M5 never existed
- TL-WR710N v1 and v2.1 are part of ar71xx-generic not ar71xx-tiny

(cherry picked from commit e8b37b2d)

(cherry picked from commit 170c494f)

the tag was added by dd23a805

(cherry picked from commit cae79eb0)

(cherry picked from commit ff7aeafa)

A table with hardware supported by Gluon can be found on the OpenWrt Wiki. This commit adds a corresponding FAQ entry.

(cherry picked from commit deb020d3)

Uncovered by sphinx-build:
docs/releases/v2018.2.1.rst:19: WARNING: Too many autonumbered footnote references: only 0 corresponding footnotes available.
docs/releases/v2018.2.1.rst:19: WARNING: Unknown target name: "noibss".
docs/releases/v2018.2.1.rst:26: WARNING: Unknown target name: "noibss".
docs/releases/v2018.2.1.rst:30: WARNING: Unknown target name: "noibss".
docs/releases/v2018.2.1.rst:34: WARNING: Unknown target name: "noibss".
docs/releases/v2018.2.1.rst:35: WARNING: Unknown target name: "noibss".

fc1dae5be797 brcm2708: Revert "staging: vc04_services: prevent integer overflow in create_pagelist()"
84aba5796ea2 gemini: 4.14: Fix up DNS-313 compatible string
9656f49ea009 base-files: fix uci led oneshot/timer trigger
bd0c3988e742 kernel: bump 4.14 to 4.14.128

(cherry picked from commit 99f344ba)

2999c342aa kernel: bump 4.14 to 4.14.127
9de2f4d4ce kernel: bump 4.9 to 4.9.182
5fe809d718 Revert "ipq806x: fix EA8500 switch control"
e493230e84 kernel: bump 4.14 to 4.14.126
c449130bb2 mvebu: fixes commit f63a1caf22cb
6fa6f74e37 kernel: backport 4.18 patch adding DMI_PRODUCT_SKU
2cd234d96b mac80211: brcmfmac: backport important fixes from kernel 5.2
85eda6f61e kernel: mt29f_spinand: fix memory leak during page program
a0543d8e70 uboot-fritz4040: update PKG_MIRROR_HASH
f63a1caf22 kernel: bump 4.14 to 4.14.125
40b1e899ba kernel: bump 4.9 to 4.9.181
5dbac47426 kernel: re-add bridge allow reception on disabled port
5d27e87de7 rpcd: fix init script reload action
1867f10807 kernel: bump 4.14 to 4.14.123
7fe1b4a4b2 kernel: bump 4.9 to 4.9.180
6563e494a0 kernel: bump 4.14 to 4.14.122
e3408d09b0 kernel: bump 4.9 to 4.9.179
b2b1265a1d apm821xx: backport accepted linux-crypto patches

Fixes: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479

Compile-tested: x86_64
Runtime-tested: x86_64
(cherry picked from commit 1b06a15b)

We now keep the VPN enable state, bandwidth limit enable and actual limits
in the core config to avoid having to recover "user intent" from different
config files when the used VPN packages change.

Fixes #1736

(cherry picked from commit 818c31af)

None of our scripts can handle fastd and tunneldigger running at the same
time. When both are installed, ignore tunneldigger.

(cherry picked from commit f6df3b05)