Commit Graph

48581 Commits

Author SHA1 Message Date
Hauke Mehrtens
2f3d7abccd kernel: Update kernel 4.14 to version 4.14.193
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-08-10 19:34:37 +02:00
Hauke Mehrtens
fdac05b741 kernel: Update kernel 4.19 to version 4.19.138
Compile and run tested on lantiq/xrx200

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-08-10 19:34:37 +02:00
Hauke Mehrtens
fce0f1501b mac80211: Update to version 5.8
The removed patches were applied upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-08-10 19:34:37 +02:00
Christoph Krapp
d32010d5ff uboot-envtools: ath79: add ZyXEL NBG6616 uboot env support
This adds support for ZyXEL NBG6616 uboot-env access

Signed-off-by: Christoph Krapp <achterin@googlemail.com>
2020-08-10 18:37:47 +02:00
Christoph Krapp
459c8c9ef8 ath79: add support for ZyXEL NBG6616
Specifications:

  SoC: Qualcomm Atheros QCA9557
  RAM: 128 MB (Nanya NT5TU32M16EG-AC)
  Flash: 16 MB (Macronix MX25L12845EMI-10G)
  Ethernet: 5x 10/100/1000 (1x WAN, 4x LAN)
  Wireless: QCA9557 2.4GHz (nbg), QCA9882 5GHz (ac)
  USB: 2x USB 2.0 port
  Buttons: 1x Reset
  Switches: 1x Wifi
  LEDs: 11 (Pwr, WAN, 4x LAN, 2x Wifi, 2x USB, WPS)

MAC addresses:

WAN *:3f uboot-env ethaddr + 3
LAN *:3e uboot-env ethaddr + 2
2.4GHz *:3c uboot-env ethaddr
5GHz *:3d uboot-env ethaddr + 1

The label contains all four MAC addresses, however the one without
increment is first, so this one is taken for label MAC address.

Notes:

The Wifi is controlled by an on/off button, i.e. has to be implemented
by a switch (EV_SW). Despite, it appears that GPIO_ACTIVE_HIGH needs
to be used, just like recently fixed for the NBG6716.
Both parameters have been wrong at ar71xx.

Flash Instructions:

At first the U-Boot variables need to be changed in order to boot the
new combined image format. ZyXEL uses a split kernel + root setup and
the current kernel is too large to fit into the partition. As resizing
didnt do the trick, I've decided to use the prefered combined image
approach to be future-kernel-enlargement-proof (thanks to blocktrron for
the assistance).

First add a new variable called boot_openwrt:
setenv boot_openwrt bootm 0x9F120000

After that overwrite the bootcmd and save the environment:
setenv bootcmd run boot_openwrt
saveenv

After that you can flash the openwrt factory image via TFTP. The servers
IP has to be 192.168.1.33. Connect to one of the LAN ports and hold the
WPS Button while booting. After a few seconds the NBG6616 will look for
a image file called 'ras.bin' and flash it.

Return to vendor firmware is possible by resetting the bootcmd:
setenv bootcmd run boot_flash
saveenv
and flashing the vendor image via the TFTP method as described above.

Accessing the U-Boot Shell:
ZyXEL uses a proprietary loader/shell on top of u-boot: "ZyXEL zloader v2.02"
When the device is starting up, the user can enter the the loader shell
by simply pressing a key within the 3 seconds once the following string
appears on the serial console:

|    Hit any key to stop autoboot:  3

The user is then dropped to a locked shell.

| NBG6616> ?
| ATEN	x,(y)     set BootExtension Debug Flag (y=password)
| ATSE	x         show the seed of password generator
| ATSH	          dump manufacturer related data in ROM
| ATRT	(x,y,z,u) ATRT RAM read/write test (x=level, y=start addr, z=end addr, u=iterations
| ATGO	          boot up whole system
| ATUR	x         upgrade RAS image (filename)

In order to escape/unlock a password challenge has to be passed.
Note: the value is dynamic! you have to calculate your own!

First use ATSE $MODELNAME (MODELNAME is the hostname in u-boot env)
to get the challange value/seed.

| NBG6616> ATSE NBG6616
| 00C91D7EAC3C

This seed/value can be converted to the password with the help of this
bash script (Thanks to http://www.adslayuda.com/Zyxel650-9.html authors):

- tool.sh -
ror32() {
  echo $(( ($1 >> $2) | (($1 << (32 - $2) & (2**32-1)) ) ))
}
v="0x$1"
a="0x${v:2:6}"
b=$(( $a + 0x10F0A563))
c=$(( 0x${v:12:14} & 7 ))
p=$(( $(ror32 $b $c) ^ $a ))
printf "ATEN 1,%X\n" $p
- end of tool.sh -

| # bash ./tool.sh 00C91D7EAC3C
| ATEN 1,10FDFF5

Copy and paste the result into the shell to unlock zloader.

| NBG6616> ATEN 1,10FDFF5

If the entered code was correct the shell will change to
use the ATGU command to enter the real u-boot shell.

| NBG6616> ATGU
| NBG6616#

Signed-off-by: Christoph Krapp <achterin@googlemail.com>
[move keys to DTSI, adjust usb_power DT label, remove kernel config
change, extend commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-10 18:37:43 +02:00
Adrian Schmutzler
d4ac0ad543 treewide: make dependency on kmod-usb-net selective
A bunch of kernel modules depends on kmod-usb-net, but does not
select it. Make AddDepends/usb-net selective, so we can drop
some redundant +kmod-usb-net definitions for DEVICE_PACKAGES.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-10 12:54:30 +02:00
Nicholas Smith
c00b8dcf72 ath79: add support for Telco T1
Description:
    2x 100Mbps Etherent ports
    24V passive PoE
    64MB RAM
    16MB Flash
    2.4GHz WiFi
    1x WiFi antenna (RP-SMA connector)
    1x LTE antenna (SMA connector)
    Sierra Wireless MC7430 LTE modem

Flash instructions:
    Original firmware is based on OpenWrt.
    Flash using sysupgrade -n

SUPPORTED_DEVICES is added to support factory firmware.

Signed-off-by: Nicholas Smith <nicholas.smith@telcoantennas.com.au>
[add missing led_rssi0 DT label, add SUPPORTED_DEVICES]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-10 12:49:29 +02:00
Aleksander Jan Bajkowski
37df722266 ath79: increase spi frequency on TL-WDR3500/3600/4300/4310
SPI Flash chip supports up to 33 MHz wihout fast read opcode.
Available frequencies are 112.5, 56.25, 37.5, 28.125, 22.5 etc.
This patch increases the nominal maximum frequency to 33 MHz,
reaching an effective increase from 22.5 to 28.125 MHz.

Formula to calculate SPI frequency:
Freq = 225 MHz / 2 / div

Before:

$ time dd if=/dev/mtd1 of=/dev/null bs=8M
0+1 records in
0+1 records out
real	0m 3.58s
user	0m 0.00s
sys	0m 3.57s

After:

$ time dd if=/dev/mtd1 of=/dev/null bs=8M
0+1 records in
0+1 records out
real	0m 2.95s
user	0m 0.00s
sys	0m 2.93s

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
[minor commit message adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-10 12:43:37 +02:00
Adrian Schmutzler
04b99d9539 ramips/mt7628: fix portmap based on board.d port assignment
When comparing to the port assignment in board.d/02_network, a few
devices seem to use the wrong setup of mediatek,portmap.

The corrects the values for mt76x8 subtarget based on the location
of the wan port.

A previous cleanup of obviously wrong values has already been done in
7a387bf9a0 ("ramips: mt76x8: fix bogus mediatek,portmap")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-10 12:33:38 +02:00
Andreas Böhler
ab74def0db ath79: add support for TP-Link TL-WPA8630P v2
The TL-WPA8630P v2 is a HomePlug AV2 compatible device with a QCA9563 SoC
and 2.4GHz and 5GHz WiFi modules.

Specifications
--------------

  - QCA9563 750MHz, 2.4GHz WiFi
  - QCA9888 5GHz WiFi
  - 8MiB SPI Flash
  - 128MiB RAM
  - 3 GBit Ports (QCA8337)
  - PLC (QCA7550)

MAC address assignment
----------------------

WiFi 2.4GHz and LAN share the same MAC address as printed on the label.
5GHz WiFi uses LAN-1, based on assumptions from similar devices.

LAN Port assignment
-------------------

While there are 3 physical LAN ports on the device, there will be 4
visible ports in OpenWrt. The fourth port (internal port 5) is used
by the PowerLine Communication SoC and thus treated like a regular
LAN port.

Versions
--------

Note that both TL-WPA8630 and TL-WPA8630P, as well as the different
country-versions, differ in partitioning, and therefore shouldn't be
cross-flashed.

This adds support for the two known partitioning variants of the
TL-WPA8630P, where the variants can be safely distinguished via the
tplink-safeloader SupportList. For the non-P variants (TL-WPA8630),
at least two additional partitioning schemes exist, and the same
SupportList entry can have different partitioning.
Thus, we don't support those officially (yet).

Also note that the P version for Germany (DE) requires the international
image version, but is properly protected by SupportList.

In any case, please check the OpenWrt Wiki pages for the device
before flashing anything!

Installation
------------

Installation is possible from the OEM web interface. Make sure to
install the latest OEM firmware first, so that the PLC firmware is
at the latest version. However, please also check the Wiki page
for hints according to altered partitioning between OEM firmware
revisions.

Additional thanks to Jon Davies and Joe Mullally for bringing
order into the partitioning mess.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
[minor DTS adjustments, add label-mac-device, drop chosen, move
common partitions to DTSI, rename de to int, add AU support strings,
adjust TPLINK_BOARD_ID, create common node in generic-tp-link.mk,
adjust commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-10 11:48:08 +02:00
Thomas Petazzoni
12178be465 procd: add SELinux support
This commit adds a patch to procd to support loading the SELinux
policy early at boot time, and adjusts the procd package to use this
SELinux support when libselinux is enabled.

The procd patch has been submitted separately [1]: obviously the
intent is to have it merged in the procd Git repository rather than
have it in OpenWrt itself.

[1] http://lists.infradead.org/pipermail/openwrt-devel/2019-November/025791.html

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[rebase, add commit message]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
[split commit into openwrt.git and procd.git]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-08-10 09:54:50 +01:00
Daniel Golle
42abe56f1b kernel: further clean-up options and defaults
Remove `if !SMALL_FLASH` in places which are anyway already augmented
by `if !SMALL_FLASH`.
Always enable CONFIG_BLK_DEV_THROTTLING on !SMALL_FLASH devices rather
than just enabling it on bcm27xx.
Enabled CPU bandwidth provisioning for FAIR_GROUP_SCHED on !SMALL_FLASH
devices as CONFIG_FAIR_GROUP_SCHED is already enabled and becomes more
useful for cgroups with that option enbled as well.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-08-10 09:54:14 +01:00
Daniel Golle
cfe235c436 kernel: modules: add package kmod-iosched-bfq
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-08-10 09:52:31 +01:00
Thomas Petazzoni
9e7ef46065 tools: add fakeroot
SELinux support requires setting the appropriate SELinux security context
to files and directories, which needs to happen at build time in order
to support read-only root filesystem scenarios. In order to create these
security contexts, we will have to run some SELinux-specific tools on
the host machine, but that requires root access. This adds support for
fakeroot, which the build process will use to run the SELinux security
context creation and the image creation.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Apply to current master, and adjust commit message

Thomas' original work is available at
http://lists.infradead.org/pipermail/openwrt-devel/2019-November/025976.html.

Signed-off-by: W. Michael Petullo <mike@flyn.org>
[add rules.mk FAKEROOT variable]
Signed-off-by: Paul Spooren <mail@aparcar.org>
[update, fix macos build]
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-08-10 10:09:55 +02:00
Piotr Stefaniak
e27fbae63c tools/cmake: fix typo in parallel make patch
The variable in the case argument was mistyped, so the case always
checked against an empty string and never matched.

Fix the variable name. Add a PKG_RELEASE to Makefile so we can bump it.

Fixes: d6de31310c ("cmake: restore parallel build support for bootstrap")

Signed-off-by: Piotr Stefaniak <pstef@freebsd.org>
[add commit message, add PKG_RELEASE, fix commit title, add Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-10 00:01:51 +02:00
Adrian Schmutzler
c25c9e98f5 Revert "build: fix typo in cmake patch"
This reverts commit 685570858d.

The commit had several formal flaws, revert it and hopefully apply
it properly next time.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-09 23:59:20 +02:00
Christoph Krapp
eb95ca3b5c uboot-envtools: ar71xx: add ZyXEL NBG6616 uboot env support
This adds support for ZyXEL NBG6616 uboot-env access

Signed-off-by: Christoph Krapp <achterin@googlemail.com>
[add "ar71xx" to commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-09 23:57:17 +02:00
Christoph Krapp
982c1f6e42 ar71xx: change u-boot-env to read-write for ZyXEL NBG6616
As the ath79 port of this device uses a combined kernel + root
partition the uboot bootcmd variable needs to be changed. As using
cli/luci is more convenient than opening up the case and using a uart
connection, lets unlock the uboot-env partition for write access.

Signed-off-by: Christoph Krapp <achterin@googlemail.com>
2020-08-09 23:57:17 +02:00
Piotr Stefaniak
685570858d build: fix typo in cmake patch
The variable in the case argument was mistyped, so the case always
checked against an empty string and never matched.

Fix the variable name.

Signed-off-by: Piotr Stefaniak <pstef@freebsd.org>
[add commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-09 23:57:17 +02:00
Felix Fietkau
5d8fded26a kernel: add missing config symbols
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-08-09 14:01:52 +02:00
Felix Fietkau
eff8c76aa0 mac80211: fix spurious disconnect issues with disassoc_low_ack=1 (default)
mac80211 reports a packet loss event to user space when 50 consecutive packets
were not acked. On a high throughput link with long aggregates and sudden
link changes, this can trigger way too easily.
Mitigate false positives by only triggering the event on a packet loss if
no ACK was received for at least a second

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-08-09 14:01:49 +02:00
Adrian Schmutzler
e81e625ca3 treewide: add sysupgrade comment for early DSA-adopters
Add a specific comment for early DSA-adopters that they can keep
their config when prompted due to compat-version increase.

This is a temporary solution, the patch should be simply reverted
before any release.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-08 20:56:12 +02:00
Adrian Schmutzler
372529d311 ath79: add support for TP-Link TL-WA901ND v3
This ports support for the TL-WA901ND v3 from ar71xx to ath79.
Most of the hardware is shared with the TL-WA850/860RE v1 range
extenders. It completes the TL-WA901ND series in ath79.

Specifications:
  Board: AP123 / AR9341
  Flash/RAM: 4/32 MiB
  CPU: 535 MHz
  WiFi: 2.4 GHz b/g/n
  Ethernet: 1 port (100M)

Flashing instructions:
  Upload the factory image via the vendor firmware upgrade option.

This has not been tested on device, but port from ar71xx is
straightforward and the device will be disabled by default anyway.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-08 20:40:48 +02:00
Ansuel Smith
df3ad130d5 ipq806x: replace patches with upstream version
Replace all the custom patches with the backported upstream version

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
[refresh patches]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-08 18:07:17 +02:00
Adrian Schmutzler
4f1a51f438 ath79: drop redundant kmods-leds-gpio
The ath79 target has CONFIG_LEDS_GPIO=y set in kernel config, so
no need to pull the kmod-leds-gpio module for specific devices.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-08 16:13:51 +02:00
Adrian Schmutzler
1eac573b53 ramips: mt7621: implement compatibility version for DSA migration
This implements the newly introduced compat-version to prevent
broken upgrade between swconfig and DSA for ramips' mt7621 subtarget.

In order to make the situation more transparent for the user, and
to prevent large switch-cases for devices, it is more convenient to
have the entire subtarget 1.1-by-default. This means that new devices
will be added with 1.1 from the start, but in contrast we don't need
to switch them in board.d files. Apart from that, users that manually
backport devices to 19.07 with swconfig will have an equivalent
upgrade experience to officially supported devices.

Since DSA support on mt7621 is out for a while already, this applies
the same uci-defaults workaround for early adopters as already
done for kirkwood and mvebu in previous commits.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-08 16:13:51 +02:00
Adrian Schmutzler
fbd4214bb0 build: improve message for incompatible image on "legacy" devices
It has been reported that the current message displayed during
upgrade with compat_version change is misleading for "legacy"
devices, i.e. those without the "new" fwtool. This is partially
caused by the fact that we need to exploit the supported_devices
string to get some message text displayed for these devices.

This patch modifies the message to make it more helpful and
include additional information, e.g.

  Device linksys,wrt3200acm not supported by this image
  Supported devices: linksys,wrt3200acm linksys-whateverelse - Image
  version mismatch: image 1.1, device 1.0. Please wipe config during
  upgrade (force required) or reinstall. Reason: Config cannot be
  migrated from swconfig to DSA

Note that the line breaks (except the one before Supported devices)
are added manually here, I hesitate to hack \n into the
supported_devices as well. The "Reason:" will only be displayed if
DEVICE_COMPAT_MESSAGE is set for the device, otherwise
"Please check documentation ..." will be shown instead.

While at it, also rearrange the code in image-commands.mk to
make lines shorter and remove the double filter-out command.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-08 16:13:51 +02:00
Adrian Schmutzler
86c89bf5e8 kirkwood: fix sysupgrade experience for early DSA-adopters
Conceptually, the compat-version during sysupgrade is meant to
describe the config. Therefore, if somebody starts with a device on
19.07 and swconfig, and that person does a forceful upgrade into a
DSA-based firmware without wiping his/her config, then the local
compat-version should stay at 1.0 according to the config present
(and not get updated).

However, this poses a problem for those people that early-adopted
DSA in master, as they already have adjusted their config for DSA,
but it still is "1.0" as far as sysupgrade is concerned. This can
be healed by a simple

   uci set system.@system[0].compat_version="1.1"
   uci commit system

But this needs to be applied _after_ the upgrade (as the "old" fwtool
on the old installation does not know about compat_version) and it
requires access via SSH (i.e. no pure GUI solution is available for
this group of people, apart from wiping their config _again_ for
no technical reason). Despite, the situation will not become
obvious to those just upgrading via GUI, they will just have the
experience of a "broken upgrade".

This is a conflict which cannot be resolved by achieving both goals,
we have to decide to either keep the strict concept or improve the
situation for early adopters.

In this patch, we address the issue by providing a uci-defaults
script that will raise the compat_version for _all_ people upgrading
into a 1.1 image, no matter whether they have reset config or not.
The idea is to implement this as a _temporary_ solution, so early
adopters can upgrade into the new mechanism without issues, and
after a few weeks/months we could remove the uci-defaults script
again.

If we e.g. remove the script just before 20.xx.0-rc1, early adopters
should have moved on by then, and existing stable users would still
get the intended experience.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-08 16:13:51 +02:00
Adrian Schmutzler
a9703db720 mvebu: fix sysupgrade experience for early DSA-adopters
Conceptually, the compat-version during sysupgrade is meant to
describe the config. Therefore, if somebody starts with a device on
19.07 and swconfig, and that person does a forceful upgrade into a
DSA-based firmware without wiping his/her config, then the local
compat-version should stay at 1.0 according to the config present
(and not get updated).

However, this poses a problem for those people that early-adopted
DSA in master, as they already have adjusted their config for DSA,
but it still is "1.0" as far as sysupgrade is concerned. This can
be healed by a simple

   uci set system.@system[0].compat_version="1.1"
   uci commit system

But this needs to be applied _after_ the upgrade (as the "old" fwtool
on the old installation does not know about compat_version) and it
requires access via SSH (i.e. no pure GUI solution is available for
this group of people, apart from wiping their config _again_ for
no technical reason). Despite, the situation will not become
obvious to those just upgrading via GUI, they will just have the
experience of a "broken upgrade".

This is a conflict which cannot be resolved by achieving both goals,
we have to decide to either keep the strict concept or improve the
situation for early adopters.

In this patch, we address the issue by providing a uci-defaults
script that will raise the compat_version for _all_ people upgrading
into a 1.1 image, no matter whether they have reset config or not.
The idea is to implement this as a _temporary_ solution, so early
adopters can upgrade into the new mechanism without issues, and
after a few weeks/months we could remove the uci-defaults script
again.

If we e.g. remove the script just before 20.xx.0-rc1, early adopters
should have moved on by then, and existing stable users would still
get the intended experience.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-08 16:13:51 +02:00
Sungbo Eo
de78747de1 ramips: use lzma-loader for RT5350F-OLinuXino devices
The bootloader fails to extract a big kernel, e.g. v5.4 kernel image
with ALL_KMODS enabled. This can be fixed by using lzma-loader.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2020-08-08 16:13:51 +02:00
Sungbo Eo
a40ddc2195 ramips: adjust LZMA_TEXT_START for 32MB RAM devices
Currently the lzma-loader is placed in RAM at 32MB offset, which does not
make sense for devices with only 32MB RAM. If we adjust LZMA_TEXT_START to
24MB offset, then the lzma-loader can be used on those devices and still
about 24MB memory will be available for uncompressed image, which should be
enough for most use cases.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2020-08-08 16:13:51 +02:00
David Bauer
1bfba18a36 mac80211: exchange mesh 6GHz IE patch for upstream accepted
Exchange the patch fixing the kernel ringbuffer WARNING flood for the
one accepted upstream.

Fixes commit a956c14d6a ("mac80211: util: don't warn on missing sband
iftype data")

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-08-08 10:31:57 +02:00
Jo-Philipp Wich
bc1c9fdc20 hostapd: recognize option "key" as alias for "auth_secret"
The hostapd configuration logic is supposed to accept "option key" as
legacy alias for "option auth_secret". This particular fallback option
failed to work though because "key" was not a registered configuration
variable.

Fix this issue by registering the "key" option as well, similar to the
existing "server" nad "port" options.

Ref: https://github.com/openwrt/openwrt/pull/3282
Suggested-by: Michael Jones <mike@meshplusplus.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-08-07 21:19:29 +02:00
Jo-Philipp Wich
321503dbf3 hostapd: make "key" option optional if "wpa_psk_file" is provided
If an existing "wpa_psk_file" is passed to hostapd, the "key" option may
be omitted.

While we're at it, also improve the passphrase length checking to ensure
that it is either exactly 64 bytes or 8 to 63 bytes.

Fixes: FS#2689
Ref: https://github.com/openwrt/openwrt/pull/3283
Suggested-by: Michael Jones <mike@meshplusplus.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-08-07 21:04:02 +02:00
David Bauer
a4e72013e7 exfat: add dependency on nls-base
Add a dependency on kmod-nls-base for the new exfat driver. Otherwise
the build fails on ramips and ath79 on kernel 5.4:

Package kmod-fs-exfat is missing dependencies for the following libraries:
nls_base.ko

Fixes commit cd41234d2f ("exfat: add out of tree module")

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-08-07 16:51:58 +02:00
Adrian Schmutzler
1d5b08ca51 om-watchdog: fix board name for teltonika,rut5xx
The board name is equivalent to the compatible, not the device
definition. Fix it.

Fixes: b4588c8538 ("kernel/om-watchdog: Apply device renames from ramips")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-07 16:30:55 +02:00
Adrian Schmutzler
1634461bd2 ramips: switch rt288x subtarget to kernel 5.4
The sbutarget has testing support for kernel 5.4 for quite a while
and builds fine, however, only one devices there is > 4 MiB.

Since it's unlikely to get a Tested-by for that device, and the other
ralink subtargets appear to be working with 5.4 so far, let's set
this target to 5.4 by default as well.

That way, even if the device happens to break, we'll still have at
least usable SDK and IB for people to use.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-07 14:51:20 +02:00
Hans Dedecker
f74edb3e95 nat46: update to latest git HEAD
71e9f09 nat46-core: fix compilation with kernel 5.4

Remove 100-kernel-5.4-compat patch as upstream accepted

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-08-07 13:40:26 +02:00
Adrian Schmutzler
7c07a0f4c3 ramips/mt7620: fix portmap based on board.d port assignment
When comparing to the port assignment in board.d/02_network, many
devices seem to use the wrong setup of mediatek,portmap.

The corrects the values for mt7620 subtarget based on the location
of the wan port.

A previous cleanup of obviously wrong values has already been done in
d3c0a94405 ("ramips: mt7620/mt7621: remove invalid mediatek,portmap")

Cc: Sungbo Eo <mans0n@gorani.run>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-07 13:01:18 +02:00
Petr Štetiar
c487cf8e94 hostapd: add wpad-basic-wolfssl variant
Add package which provides size optimized wpad with support for just
WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
[adapt to recent changes, add dependency for WPA_WOLFSSL config]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-07 12:02:19 +02:00
Adrian Schmutzler
121c021989 ramips: invert wpad selection for mt7621
For ramips/mt7621, the wpad-basic package is not selected by default,
but added for every device individually as needed.

While this might be technically correct if the SoC does not come with
a Wifi module, only 18 of 97 devices for that platform are set up
_without_ wpad-basic currently.

Therefore, it seems more convenient to add wpad-basic by default for
the subtarget and then just remove it for the 18 mentioned devices,
instead of having to add it for about 60 times instead.

This would also match the behavior of the 5 other subtargets, where
wpad-basic/wpad-mini is added by default as well, and thus be more
obvious to developers without detailed SoC knowledge.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-07 12:02:19 +02:00
Álvaro Fernández Rojas
24f7ae814a bcm63xx: add missing endif board comnents
This provides better context for board patches.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-08-07 11:09:06 +02:00
Jo-Philipp Wich
4a6795409d base-files: functions.sh: fix config_get() on invalid identifiers
When passing a section or option value to config_get() which contains
characters that happen to be valid variable interpolation expressions,
the function returns a nonsensical expression result instead of the
expected empty string.

When the passed section or option name contains other characters which
are not valid within a shell variable name, a substitution error is
occuring instead.

The issue can be easily reproduced by one of the following examples:

    root@OpenWrt:~# . /lib/functions.sh
    root@OpenWrt:~# config load system
    root@OpenWrt:~# config_get variable invalid-section option
    root@OpenWrt:~# echo "$variable"
    section_option:-

    root@OpenWrt:~# . /lib/functions.sh
    root@OpenWrt:~# config load system
    root@OpenWrt:~# config_get variable section invalid-option
    root@OpenWrt:~# echo "$variable"
    option:-

    root@OpenWrt:~# . /lib/functions.sh
    root@OpenWrt:~# config load system
    root@OpenWrt:~# config_get variable section invalid@option
    -ash: eval: syntax error: bad substitution

Fix this issue by only performing interpolations when the given section
and option arguments are free of illegal characters.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-08-07 11:05:16 +02:00
Álvaro Fernández Rojas
0c109df7f0 bcm63xx: merge RTA770BW and RTA770W board patches
The only difference between both boards is the DSL annex.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-08-07 10:34:31 +02:00
Álvaro Fernández Rojas
eddf863650 bcm63xx: add missing fallback SPROMs
A couple of SPROM IDs are missing.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-08-07 10:34:31 +02:00
Álvaro Fernández Rojas
fb589b6142 bcm63xx: add missing OHCI nodes
All boards with EHCI enabled should also have OHCI enabled.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-08-07 10:34:31 +02:00
Álvaro Fernández Rojas
440d5996ef bcm63xx: remove invalid EHCI nodes
There's no EHCI controller on BCM6348.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-08-07 10:34:31 +02:00
Álvaro Fernández Rojas
81fdb4235e bcm63xx: refactor board patches
Current board patches format is crazy.
Let's try to put some order.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-08-07 10:34:31 +02:00
Yousong Zhou
064dc1e81b dnsmasq: abort when dnssec requested but not available
Before this commit, if uci option "dnssec" was set, we pass "--dnssec"
and friends to dnsmasq, let it start and decide whether to quit and
whether to emit message for diagnosis

  # dnsmasq --dnssec; echo $?
  dnsmasq: DNSSEC not available: set HAVE_DNSSEC in src/config.h
  1

DNSSEC as a feature is different from others like dhcp, tftp in that
it's a security feature.  Better be explicit.  With this change
committed, we make it so by not allowing it in the first in the
initscript, should dnsmasq later decides to not quit (not likely) or
quit without above explicit error (unlikely but less so ;)

So this is just being proactive.  on/off choices with uci option
"dnssec" are still available like before

Link: https://github.com/openwrt/openwrt/pull/3265#issuecomment-667795302
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2020-08-07 15:56:30 +08:00
Sander Vanheule
34271d38ae tools/firmware-utils: use UTC for image timestamps
By using localtime() to determine the timestamp that goes into factory
images, the resulting image depends on the timezone of the build system.
Use gmtime() instead, which results in more reproducible images.

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-08-07 09:48:33 +02:00