Commit Graph

17382 Commits

Author SHA1 Message Date
Daniel Golle
256fa157a9 dnsmasq: install /etc/hotplug.d/ntp/25-dnsmasqsec world-readable
/etc/hotplug.d/ntp/25-dnsmasqsec is being sourced by /sbin/hotplug-call
running as ntpd user. For that to work the file needs to be readable by
that user.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-28 02:01:04 +00:00
Sven Eckelmann
7ca9b82c38 mac80211: Fix wpa_supplicant config removal ubus call
If mac80211_setup_supplicant() is called with enabled=0 then it should just
destroy the interface and remove the configuration from wpa_supplicant. But
the ubus method call always returned

  Command failed: Method not found

because the actual name of the method is "config_remove".

Fixes: b5516603dd ("mac80211: more wifi reconf related fixes")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
[bump PKG_RELEASE]
Signed-off-by: David Bauer <mail@david-bauer.net>
2020-10-28 00:11:12 +01:00
David Bauer
83d40aef13 hostapd: bump PKG_RELEASE
Signed-off-by: David Bauer <mail@david-bauer.net>
2020-10-28 00:09:34 +01:00
David Bauer
838b412cb5 hostapd: add interworking support
This adds configuration options to enable interworking for hostapd.
All options require iw_enabled to be set to 1 for a given VAP.

All IEEE802.11u related settings are supported with exception of the
venue information which will be added as separate UCI sections at a
later point.

The options use the same name as the ones from the hostapd.conf file
with a "iw_" prefix added.

All UCI configuration options are passed without further modifications
to hostapd with exceptions of the following options, whose elements can
be provided using UCI lis elements:

 - iw_roaming_consortium
 - iw_anqp_elem
 - iw_nai_realm
 - iw_domain_name
 - iw_anqp_3gpp_cell_net

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-10-28 00:09:04 +01:00
David Bauer
cc80cf53c5 hostapd: add FTM responder support
This adds support for enabling the FTM responder flag for the APs
extended capabilities. On supported hardware, enabling the ftm_responder
config key for a given AP will enable the FTM responder bit.

FTM support itself is unconditionally implemented in the devices
firmware (ath10k 2nd generation with 3.2.1.1 firmware). There's
currently no softmac implementation.

Also allow to configure LCI and civic location information which can be
transmitted to a FTM initiator.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-10-28 00:08:56 +01:00
David Bauer
daeda8a87e mac80211: pass phy name to hostapd_set_bss_options
hostapd_set_bss_options expects the PHY as second and the VIF as third
argument. However, only the VIF was passed as second argument without a
third argument at all.

This was never a problem, as both PHY and VIF were never accessed.
However, with FTM support the PHY is needed to determine the HW support
when configuring the BSS.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-10-28 00:08:49 +01:00
David Bauer
b518f07d4b hostapd: remove ieee80211v option
Remove the ieee80211v option. It previously was required to be enabled
in order to use time_advertisement, time_zone, wnm_sleep_mode and
bss_transition, however it didn't enable any of these options by default.

Remove it, as configuring these options independently is enough.

This change does not influence the behavior of any already configured
setting.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-10-28 00:08:29 +01:00
David Bauer
e66bd0eb04 hostapd: make rrm report independent of ieee80211k setting
Allow to configure both RRM beacon as well as neighbor reports
independently and only enable them by default in case the ieee80211k
config option is set.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-10-28 00:08:22 +01:00
Petr Štetiar
43fe0bd18d uci: fix package mirror hash
I've forget to update PKG_MIRROR_HASH in my previous package version
bump.

Fixes: 095cc2b745 ("uci: update to version 2020-10-06")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-10-27 22:58:27 +01:00
Petr Štetiar
f9005d4f80 umdns: update to version 2020-10-26
59e4fc98162d cache: cache_answer: fix off by one
4cece9cc7db4 cache: cache_record_find: fix buffer overflow
be687257ee0b cmake: tests: provide umdns-san binary
bf01f2dd0089 tests: add dns_handle_packet_file tool
134afc728846 tests: add libFuzzer based fuzzing
de08a2c71ca8 cmake: create static library
cdc18fbb3ea8 interface: fix possible null pointer dereference
1fa034c65cb6 interface: fix value stored to 'fd' is never read
3a67ebe3fc66 Add initial GitLab CI support
50caea125517 cmake: fix include dirs and libs lookup

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-10-27 22:51:59 +01:00
Petr Štetiar
095cc2b745 uci: update to version 2020-10-06
52bbc99f69ea Replace malloc() + memset() with calloc()
3fbd6c923434 ucimap: Check return of malloc()
eae126f66663 file: Check buffer size after strtok()
7f574273180a file: use size_t for position and pointer
19770b6949b9 file: use dynamic memory allocation for tempfile name
aa46546794ac file: uci_file_commit: fix memory leak
671c7554bfde uci: silence UBSAN error by using offsetof macro from compiler
ea5bbd57d0e1 tests: cram: add uci import testing on fuzzer corpus
31f78bfbf75f cmake: add uci-san cli built with clang sanitizers
a3e650911f5e file: uci_parse_package: fix heap use after free
9bd361ca3236 tests: add libFuzzer based fuzzing

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-10-27 22:51:59 +01:00
Joel Johnson
d7db32440f dnsmasq: include IPv6 local nameserver entry
For IPv6 native connections when using IPv6 DNS lookups, there is no
valid default resolver if ignoring WAN DHCP provided nameservers.

This uses a runtime check to determine if IPv6 is supported on the host.

Signed-off-by: Joel Johnson <mrjoel@lixil.net>
2020-10-26 18:51:35 +01:00
Biwen Li
3a47dc1df2 layerscape: update tfa to LSDK-20.04-update-290520
Update tfa to LSDK-20.04-update-290520.

Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[fix PKG_RELEASE bump]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-10-26 00:40:12 +01:00
Biwen Li
bd15d49838 layerscape: update u-boot to LSDK-20.04-update-290520
Update u-boot to LSDK-20.04-update-290520.

Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[fix PKG_RELEASE bump]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-10-26 00:40:12 +01:00
Biwen Li
348602186a layerscape: update ls-rcw to LSDK-20.04-update-290520
Update ls-rcw to LSDK-20.04-update-290520.

Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[rebase, fix PKG_RELEASE change]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-10-26 00:40:12 +01:00
Pawel Dembicki
a254279a6c layerscape: Change to combined rootfs on sd images
At this moment layerscape images are ext4 only. It causes problem with
save changes durring sysupgrade and make "firstboot" and failsafe mode
useless.

This patch changes sd-card images to squashfs + f2fs combined images.
To make place, for saving config, kernel space ar now ext4 partition
with fit kernel.

This method of image generation is similar to rest of OpenWrt sd-card
targets.

Reviewed-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
[reword README, reword DEVICE_COMPAT_MESSAGE, keep original indent]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-10-26 00:40:12 +01:00
Pawel Dembicki
3605eff881 layerscape: add dtb to sysupgrade
At this moment sysupgrade replaces only kernel and rootfs.

This patch add dtb part to sysupgrade images to avoid situation
when old dtb make system broken.

Is possible to sysupgrade older images for NOR devices:
1. Firmware partition in bootargs need to be updated to:
   "49m@0xf00000(firmware)". Env should be saved after changes.
2. After step one, "sysupgrade -F" will work.

Run tested: LS1046A-RDB

Reviewed-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
[bump PKG_RELEASE for uboot-layerscape]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-10-26 00:40:12 +01:00
Daniel Golle
2a0d08d827 ubus: bump to git HEAD
ad0cd11 ubusd_acl: add support for wildcard in methods

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-25 18:23:45 +00:00
Daniel Golle
2e746b4d29 busybox: make username consistent
ntpd in packages feed had already a user 'ntp' with UID 123 declared.
Rename the username of busybox-ntpd to be 'ntp' instead of 'ntpd' so
it doesn't clash.

Reported-by: Etienne Champetier <champetier.etienne@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-25 17:26:30 +00:00
Daniel Golle
70c17268a8 dnsmasq: adapt to non-root ntpd
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-25 13:01:35 +00:00
Daniel Golle
2d34355e16 busybox: allow ntpd to run as non-root ntpd user
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-25 13:01:35 +00:00
Daniel Golle
ccb283c71c procd: ujail fixes
ec461ff jail: mount more stuff read-only
33b799b ujail: elf: work around GCC bug on MIPS64

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-25 12:41:44 +00:00
Daniel Golle
bd8c3314fb ubox: run logd non-root as user logd
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-25 12:36:22 +00:00
Yousong Zhou
d23443f4d9 netifd: bump to version 2020-10-22
Changelog follows

  ced0d535 build: find and use libnl header dirs
  5722218e proto: rework parse_addr to return struct device_addr
  3d7bf604 device_addr: record address index as in the blob
  24ce1eab interface: proto_ip: order by address index first

This bump mainly affects order of interface addresses in ubus output.  At the
moment dnsmasq uses first address of an interface for setting dhcp-range option
in its config

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2020-10-24 18:35:27 +08:00
Daniel Golle
0b31713c85 rpcd: adapt defaults for changed ubus.sock path
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-22 15:13:38 +01:00
Daniel Golle
061904d7e3 uhttpd: adapt defaults for changes ubus.sock path
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-22 15:13:38 +01:00
Daniel Golle
de7ca7dafa base-files: merge /etc/passwd et al at sysupgrade config restore
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-22 14:25:55 +01:00
Daniel Golle
a2def3663a procd: jail: clean up capability handling and non-root ubusd
Unify capability handling to only use OCI spec parsers even for ujail
slim containers which previously supposedly used their own format.

 80c9516 cgroups: restrict allowed keys in 'unified' section
 5ade567 cgroups: memory controller fixes
 3121467 early: run ubusd non-root as user ubus, group ubus
 12a5b97 jail: adapt to new ubus socket path
 788d144 instance: actually wire up capabilities filename
 ebc5a7f jail: nuke old capabilities code in favour of reusing OCI code
 6c5233a jail: capabilities: apply in two phases

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-21 15:22:30 +01:00
Daniel Golle
2dffadece9 ubus: prepare to run ubusd as non-root user
Move /var/run/ubus.sock to /var/run/ubus/ubus.sock in preparation for
having ubusd run as non-root user.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-21 15:20:10 +01:00
Daniel Golle
d355b578b7 target: include selinux-variants if CONFIG_SELINUX is set
Rather than unconditionally adding busybox and procd to the set of
default packages, add busybox-selinux and procd-selinux in case
CONFIG_SELINUX is set.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-21 11:56:26 +01:00
Markov Mikhail
610843f3bc mac80211: rt2x00: save survey for every channel visited
rt2800 olny gives you survey for current channel.

Survey-based ACS algorithms are failing to perform their job when working
with rt2800.

Make rt2800 save survey for every channel visited and be able to give away
that information.

There is a bug registred https://dev.archive.openwrt.org/ticket/19081 and
this patch solves the issue.

Signed-off-by: Markov Mikhail <markov.mikhail@itmh.ru>
2020-10-21 11:56:26 +01:00
Hauke Mehrtens
7f5f738466 sunxi: Adapt U-Boot config to board rename
The board was renamed without changing the BUILD_DEVICES in the U-Boot
Makefile, this broken the build.

Fixes: 0830ae3a2f ("sunxi: Correct manufacturer name to Sinovoip")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-10-18 15:46:42 +02:00
Jayantajit Gogoi
e6d9f6fdff sunxi: add support for FriendlyARM NanoPi R1
Specification:

- CPU: Allwinner H3, Quad-core Cortex-A7 Up to 1.2GHz
- DDR3 RAM: 512MB/1GB
- Network:
    10/100/1000M Ethernet x 1,
    10/100M Ethernet x 1
- WiFi: 802.11b/g/n, with SMA antenna interface
- USB Host: Type-A x2
- MicroSD Slot x 1
- MicroUSB: for OTG and power input
- Debug Serial Port: 3Pin 2.54mm pitch pin-header
- LED:
    nanopi:red:status
    nanopi:green:wan
    nanopi:green:lan
- KEY:
    reset
- Power Supply: DC 5V/2A

Installation:

- Write the image to SD Card with dd
- Boot NanoPi from the SD Card

Signed-off-by: Jayantajit Gogoi <jayanta.gogoi525@gmail.com>
2020-10-18 15:46:42 +02:00
Felix Fietkau
4a0688ed71 base-files: remove block2mtd checks from sysupgrade
This hasn't been used in a long time

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-10-17 16:43:17 +02:00
Felix Fietkau
08a42ef057 mac80211: fix memory leak on filtered powersave frames
After the status rework, ieee80211_tx_status_ext is leaking un-acknowledged
packets for stations in powersave mode.
To fix this, move the code handling those packets from __ieee80211_tx_status
into ieee80211_tx_status_ext

Reported-by: Tobias Waldvogel <tobias.waldvogel@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-10-17 16:43:17 +02:00
Daniel Golle
00c28c51fb
selinux-policy: update to git tag v0.3
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-16 13:49:38 +01:00
Daniel Golle
21a7c4d97a fstools: update to git HEAD
8e0f29a mount: remove support for legacy overlayfs before v2.3
 0f8a443 mount: fix log format string and indentation
 46a56d3 overlay: use precompiler macros for reoccuring path names
 f25ab8a mount: apply SELinux labels before overlayfs mount

Total ipk size change (ipq40xx): +120b

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-16 01:53:00 +01:00
Daniel Golle
1923669413 policycoreutils: 'restorecon' is a 'setfiles' applet
Instead of duplicating the '/sbin/setfiles' binary, have
'/sbin/restorecon' as yet another alias for
'/sbin/policycoreutils-setfiles'.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-16 00:38:06 +01:00
Daniel Golle
63e2e086be hostapd: ubus: add handler for wps_status and guard WPS calls
Expose WPS ubus API only if compiled with WPS support and add new
handler for wps_status call.
Also add '-v wps' option to check whether WPS support is present in
hostapd.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-16 00:38:06 +01:00
Felix Fietkau
953435795d build: always build package/kernel/linux
build: always build package/kernel/linux

If no in-tree module packages are selected, the build system does not process
package/kernel/linux. This package is required for building the virtual
'kernel' package, which is specified as a dependency for all kernel packages.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-10-15 13:25:58 +02:00
Arturas Moskvinas
679db02b10 sunxi: add support for FriendlyArm Zeropi
Specification

    CPU: Allwinner H3, Quad-core Cortex-A7 Up to 1.2GHz
    DDR3 RAM: 256MB/512MB
    Connectivity: 10/100/1000Mbps Ethernet
    USB Host: Type-A x 1
    MicroSD Slot x 1
    MicroUSB: for power input only
    Debug Serial Port: 4Pin, 2.54 mm pitch pin header
    Power Supply: DC 5V/2A
    PCB Dimension: 40 x 40 x 1.2mm

Installation:

    Burn the image file to an SD Card with dd or any image burning tool
    Boot ZeroPi from the SD Card

The following features are working and tested:

    Ethernet port 10/100/1000M Ethernet

Remarks: SBC is mostly compatible and boots with FriendlyARM NanoPI M1 plus DTS also (zeropi has no working hdmi)

Signed-off-by: Arturas Moskvinas <arturas.moskvinas@gmail.com>
2020-10-11 18:29:26 +02:00
Andre Heider
111895aa19 kernel: add a kmod package for the SoC S/PDIF codec
Size of the modules for a Cortex A7 build:
43920 linux-5.4.66/sound/soc/codecs/snd-soc-spdif-rx.ko
44044 linux-5.4.66/sound/soc/codecs/snd-soc-spdif-tx.ko

Signed-off-by: Andre Heider <a.heider@gmail.com>
2020-10-11 17:45:02 +02:00
Andre Heider
447fe1454e kernel: fix name of CONFIG_SND_SOC_GENERIC_DMAENGINE_PCM
CONFIG_SND_SOC_DMAENGINE_PCM was removed and replaced with
CONFIG_SND_SOC_GENERIC_DMAENGINE_PCM seven years ago, see:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=28c4468b00a1e55e08cc20117de968f7c6275441
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b7ae6f31d8243ec684af16bc5c763eccdfabaec0

Signed-off-by: Andre Heider <a.heider@gmail.com>
2020-10-11 17:45:02 +02:00
Andre Heider
60c9a27cbc uboot-envtools: mvebu: fix config for mainline u-boot
Mainline u-boot dynamically passes the mtd partitions via devicetree:
$ cat /proc/mtd
dev:    size   erasesize  name
mtd0: 003f0000 00001000 "firmware"
mtd1: 00010000 00001000 "u-boot-env"

Add support for this setup.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2020-10-11 16:53:20 +02:00
Hauke Mehrtens
7c0496f29b kernel: Move CONFIG_*_FS_XATTR to generic kernel config
This option is now activated in the generic kernel configuration, no
need to do it for a specific package.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-10-11 16:38:16 +02:00
Hauke Mehrtens
722906d144 kernel: move CONFIG_F2FS_CHECK_FS to generic kernel config
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-10-11 16:38:16 +02:00
Hauke Mehrtens
6542615e41 kernel: Move CONFIG_F2FS_FS_SECURITY to generic kernel config
Move the CONFIG_F2FS_FS_SECURITY kernel configuration option to the
generic kernel configuration.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-10-11 16:38:16 +02:00
Hauke Mehrtens
18deed29be kernel: Remove 2FS_FS_XATTR and F2FS_STAT_FS symbols from target configs
This config option was moved to the generic kernel configuration.

Fixes: ab1bd57656 ("kernel: move F2FS_FS_XATTR and F2FS_STAT_FS symbols to generic")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-10-11 16:38:16 +02:00
Andre Heider
b79d2356db arm-trusted-firmware-mvebu: fix topology for ESPRESSObin V3-V5 (1GB 1CS)
Signed-off-by: Andre Heider <a.heider@gmail.com>
2020-10-11 16:38:16 +02:00
Andre Heider
8870ad58b6 uboot-mvebu: don't install 64bit binaries
u-boot binaries are not useful for these boards, they need to be combined
with atf for a proper firmware.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2020-10-11 16:38:16 +02:00