Minor cleanup and code reorganization, along with a change to not disable
offload anymore when a tkip or sw crypto key is added
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* compat: backport kfree_sensitive and switch to it
* netlink: consistently use NLA_POLICY_EXACT_LEN()
* netlink: consistently use NLA_POLICY_MIN_LEN()
* compat: backport NLA policy macros
Backports from upstream changes.
* peerlookup: take lock before checking hash in replace operation
A fix for a race condition caught by syzkaller.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
3d9bd73 utils: fix check_pid_path to work with deleted file as well
330f403 vlan: initialize device ifname earlier at creation time
c057e71 device: do not check state from within device_init
cb0c07b system-dummy: fix resolving ifindex
ccd9ddc bridge: add support for turning on vlan_filtering
82bcb64 bridge: add support for adding vlans to a bridge
0e8cea0 bridge: add support for VLAN filtering
6086b63 config: enable bridge vlan filtering by default for bridges that define VLANs
ac0710b device: look up full device name before traversing vlan chain
e32e21e bridge: flush vlan list on bridge free
645ceed interface-ip: clear host bits of the device prefix
d7b614a netifd-wireless: parse 'osen' encryption
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The uci-default mechanism to update the compat-version was only
meant for early DSA-adopters, which should have updated by now.
Remove this workaround again in order to prevent the intended
experiences for all the other people.
This reverts:
a9703db720 ("mvebu: fix sysupgrade experience for early DSA-adopters")
86c89bf5e8 ("kirkwood: fix sysupgrade experience for early DSA-adopters")
Partially reverted:
1eac573b53 ("ramips: mt7621: implement compatibility version for DSA migration")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This reverts commit e81e625ca3.
This was meant just for early DSA-adopters. Those should have
updated by now, remove it so future updaters get the intended
experience.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The Ed25519 key pairs are much shorter than RSA pairs and are supported
by default in OpenSSH. Looking at websites explaining how to create new
SSH keys, many suggest using Ed25519 rather than RSA, however consider
the former as not yet widely established. OpenWrt likely has a positive
influence on that development.
As enabling Ed25519 is a compile time option, it is currently not
possible to install the feature via `opkg` nor select that option in an
ImageBuilder.
Due to the size impact of **12kB** the option should only be enabled for
devices with `!SMALL_FLASH`.
This approach seems cleaner than splitting `dropbear` into two packages
like `dropbear` and `dropbear-ed25519`.
Signed-off-by: Paul Spooren <mail@aparcar.org>
When the libmagic from the file package in the packages feed was also
compiled and provided its libmagic.so file, util-linux tried to link
against it. Avoid this by explicitly disable libmagic support.
This fixes the following build error:
Package more is missing dependencies for the following libraries:
libmagic.so.1
Fixes: 36d9ed360a ("util-linux: update to 2.36")
Acked-by: Sebastian Kemper <sebastian_ml@gmx.net>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[Add commit description]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This also sets the ABI_VERSION as this is a versioned shared library.
The ipk sizes for mips_24Kc change like this:
old:
jansson_2.12-1_mips_24kc.ipk 18.692
new:
jansson4_2.13.1-1_mips_24kc.ipk 19.171
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Manually merged:
hack-5.4
230-openwrt_lzma_options.patch
bcm27xx
950-0283-hid-usb-Add-device-quirks-for-Freeway-Airmouse-T3-an.patch
x86
011-tune_lzma_options.patch
Remove upstreamed patches in collaboration with Ansuel Smith:
ipq806x
093-1-v5.8-ipq806x-PCI-qcom-Add-missing-ipq806x-clocks-in-PCIe-driver.patch
093-2-v5.8-ipq806x-PCI-qcom-Change-duplicate-PCI-reset-to-phy-reset.patch
093-3-v5.8-ipq806x-PCI-qcom-Add-missing-reset-for-ipq806x.patch
All other modifications made by update_kernel.sh
Build-tested: bcm27xx/bcm2708, ipq806x, x86/64
Run-tested: ipq806x (R7800), x86/64
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
[update commit message/tested]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Devices with 4M flash are not built be default for 20.xx anymore.
Building them with buildbot settings does not work anymore anyway.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This applies the vendor_model scheme for this target as well, so
naming is consistent throughout supported targets.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
AR2315 Ethernet driver pass NULL instead of a real device pointer to DMA
(un-)map calls. With kernel version 5.4 such behaviour causes a kernel
panic. Fix this issue by preserving device pointer during the probe
procedure and pass it to each skb data DMA (un-)map call.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Rework ethernet supported link modes to linkmode bitmask.
This is needed to suppress compilation errors:
drivers/net/ethernet/atheros/ar231x/ar231x.c:1153:20: ...
error: assignment to expression with array type
phydev->supported &= (SUPPORTED_10baseT_Half
^~
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
[cut out of bigger patch, adjust commit title/message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Kernel commit e7bfb3fdbde3 ("mtd: Stop updating erase_info->state
and calling mtd_erase_callback()") removed erase_info->state
updates and calls of mtd_erase_callback().
Drop these erase callback invocations from AR2315 MTD driver as well.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Discussion on the mailing list reveals that this target has active
users. As we are finally able to upgrade this target to kernel 5.4,
add it back to master.
This reverts commit 7d29a55714 ("ath25: drop target") and
immediately moves the relevant files to 5.4, without touching
the content.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This is the same as loader-kernel since the KERNEL_CMDLINE
parameter has been removed in [1] and not used at all anyway.
Remove it.
[1] f77db1a590 ("ath79: cleanup image build code")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Paul Spooren <mail@aparcar.org>
This patch adds support for D-Link DIR-2660 A1.
Specifications:
* Board: AP-MTKH7-0002
* SoC: MediaTek MT7621AT
* RAM: 256 MB (DDR3)
* Flash: 128 MB (NAND)
* WiFi: MediaTek MT7615N (x2)
* Switch: 1 WAN, 4 LAN (Gigabit)
* Ports: 1 USB 2.0, 1 USB 3.0
* Buttons: Reset, WPS
* LEDs: Power (white/orange), Internet (white/orange), WiFi 2.4G (white),
WiFi 5G (white), USB 3.0 (white), USB 2.0 (white)
Notes:
* WiFi 2.4G and WiFi 5G LEDs are wired directly to the wireless chips
Installation:
* D-Link Recovery GUI: power down the router, press and hold the reset
button, then re-plug it. Keep the reset button pressed until the power
LED starts flashing orange, manually assign a static IP address under
the 192.168.0.xxx subnet (e.g. 192.168.0.2) and go to http://192.168.0.1
* Some modern browsers may have problems flashing via the Recovery GUI,
if that occurs consider uploading the firmware through cURL:
curl -v -i -F "firmware=@file.bin" 192.168.0.1
MAC addresses:
lan factory 0xe000 *:a7 (label)
wan factory 0xe006 *:aa
2.4 factory 0xe000 +1 *:a8
5.0 factory 0xe000 +2 *:a9
Seems like vendor didn't replace the dummy entries in the calibration data.
Signed-off-by: Josh Bendavid <joshbendavid@gmail.com>
[rebase onto already merged DIR-1960 A1, add MAC addresses to commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Devices with PCIe-Switches like the WNDR4700, MR24 and WNDAP660
need to have the interrupts property specified in the device-tree
for the legacy pci interrupt signaling method to work.
If the proper interrupt value is not specified, the default INTA
IRQ 12 is taken for all devices. This is especially bad, if the
device is setup to use INTC, because these interrupts will not
be serviced.
Russell Senior reported his experience on the MR24:
"The symptom is client devices can't see the beacons.
Wifi ifaces appear, can scan and hear other networks,
but clients can't see the MR24's SSIDs."
(The interrupts-property on the WNDAP620 was optional since it
uses INTA by default. Likewise the MX60W is in the same category)
Reported-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The LED's "label" property has been deprecated in upstream by:
|commit c5d18dd6b64e09dd6984bda9bdd55160af537a8c
|Author: Jacek Anaszewski <jacek.anaszewski@gmail.com>
|Date: Sun Jun 9 20:19:04 2019 +0200
|
| dt-bindings: leds: Add properties for LED name construction
|
| Introduce dedicated properties for conveying information about
| LED function and color. Mark old "label" property as deprecated.
|
| Additionally function-enumerator property is being provided
| for the cases when neither function nor color can be used
| for LED differentiation.
in order to be somewhat prepared, this patch adds a fallback
as a last resort to make the current led code work by falling
back to the node-name as the "label".
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
af30be0 Fix setting prefix for IPv6 link-local addresss
0314df4 Disable asking password again when prompt program returns 128
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Adding inline shell invocations in per-target variables causes them to be
executed over and over again, which causes a significant slowdown.
Fix this by evaluating it only once per package directory
Signed-off-by: Felix Fietkau <nbd@nbd.name>
mt76 now spreads the load over multiple CPUs more smoothly, processing
ethernet packets should be faster running on one core
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The linux upstream commit had treated config leak as error.
5967577 scripts: headers_install: Exit with error on config leak
It is causing below build issue. Provide a kernel patch to fix
it by replacing CONFIG_COMPAT kernel option with FM_COMPAT instead.
HDRINST usr/include/linux/fmd/integrations/integration_ioctls.h
HDRINST usr/include/linux/fmd/Peripherals/fm_port_ioctls.h
error: include/uapi/linux/fmd/Peripherals/fm_port_ioctls.h: leak
CONFIG_COMPAT to user-space
scripts/Makefile.headersinst:63: recipe for target
'usr/include/linux/fmd/Peripherals/fm_port_ioctls.h' failed
make[5]: *** [usr/include/linux/fmd/Peripherals/fm_port_ioctls.h] Error 1
Makefile:1198: recipe for target 'headers' failed
make[4]: *** [headers] Error 2
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
The LSM (Linux security mechanism) list is the successor of the now
legacy *major LSM*. Instead of defining a single security mechanism the
LSM symbol is a comma separated list of mechanisms to load.
Until recently OpenWrt would only support DAC (Unix discretionary access
controls) which don't require an additional entry in the LSM list. With
the newly introduced SELinux support the LSM needs to be extended else
only a manual modified Kernel cmdline (`security=selinux`) would
activate SELinux.
As the default OpenWrt Kernel config sets DAC as default security
mechanism, SELinux is stripped from the LSM list, even if
`KERNEL_DEFAULT_SECURITY_SELINUX` is activated. To allow SELinux without
a modified cmdline this commit sets a specific LSM list if
`KERNEL_SECURITY_SELINUX` is enabled.
The upstream Kconfig adds even more mechanisms
(smack,selinux,tomoyo,apparmor), but until they're ported to OpenWrt,
these can be ignored.
To compile SELinux Kernel support but disable it from loading, the
already present options `KERNEL_SECURITY_SELINUX_DISABLE` or
`KERNEL_SECURITY_SELINUX_BOOTPARAM` (with custom cmdline `selinux=0`)
can be used. Further it's possible to edit `/etc/selinux/config`.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The HooToo HT-TM05 is a battery powered router, with an Ethernet and USB port.
Vendor U-Boot limited to 1.5 MB kernel size, so use lzma loader (loader-okli).
Specifications:
SOC: MediaTek MT7620N
BATTERY: 10400mAh
WLAN: 802.11bgn
LAN: 1x 10/100 Mbps Ethernet
USB: 1x USB 2.0 (Type-A)
RAM: 64 MB
FLASH: GigaDevice GD25Q64, Serial 8 MB Flash, clocked at 50 MHz
Flash itself specified to 80 MHz, but speed limited by mt7620 SPI
fast-read enabled (m25p)
LED: Status LED (blue after boot, green with WiFi traffic
4 leds to indicate power level of the battery (unable to control)
INPUT: Power, reset button
MAC assignment based on vendor firmware:
2.4 GHz *:b4 (factory 0x04)
LAN/label *:b4 (factory 0x28)
WAN *:b5 (factory 0x2e)
Tested and working:
- Ethernet
- 2.4 GHz WiFi (Correct MAC-address)
- Installation from TFTP (recovery)
- OpenWRT sysupgrade (Preserving and non-preserving), through the usual
ways: command line and LuCI
- LEDs (except as noted above)
- Button (reset)
- I2C, which is needed for reading battery charge status and level
- U-Boot environment / variables (from U-Boot, and OpenWrt)
Installation:
- Download the needed OpenWrt install files, place them in the root
of a clean TFTP server running on your computer. Rename the files as,
- ramips-mt7620-hootoo_tm05-squashfs-kernel.bin => kernel
- ramips-mt7620-hootoo_tm05-squashfs-rootfs.bin => rootfs
- Plug the router into your computer via Ethernet
- Set your computer to use 10.10.10.254 as its IP address
- With your router shut down, hold down the power button until the first
white LED lights up.
- Push and hold the reset button and release the power button. Continue
holding the reset button for 30 seconds or until it begins searching
for files on your TFTP server, whichever comes first.
- The router (10.10.10.128) will look for your computer at 10.10.10.254
and install the two files. Once it has finished installation, it will
automatically reboot and start up OpenWrt.
- Set your computer to use DHCP for its IP address
Notes:
- U-Boot environment can be modified, u-boot-env is preserved on initial
install or sysupgrade
- mtd-concat functionality is included, to leave a "hole" for u-boot-env,
combining the OEM kernel and rootfs partitions
I would like to thank @mpratt14 and @xabolcs for their help getting the
lzma loader to work!
Signed-off-by: Russell Morris <rmorris@rkmorris.us>
[drop changes in image/Makefile, fix indent and PKG_RELEASE in
uboot-envtools, fix LOADER_FLASH_OFFS, minor commit message facelift,
add COMPILE to Device/Default]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
FLASH_START is supposed to point at the memory area where NOR flash are
mapped. We currently have an incorrect FLASH_START copied from ar71xx
back then and the loader doesn't work under OKLI mode.
On ramips, mt7621 has it's flash mapped to 0x1fc00000 and other SoCs
uses 0x1c000000. This commit makes FLASH_START a configurable value to
handle both cases.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>