This was available since kernel 5.4. The one provided in packages feed
will be considered deprecated and renamed to kmod-fs-exfat0.
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(use name kmod-fs-exfat. use "@!(LINUX_4_4||LINUX_4_19)" for dependency)
This patch adds support for the 8devices Habanero development board.
Specs are:
CPU: QCA IPQ4019
RAM: DDR3L 512MB
Storage: 32MB SPI-NOR and optional Parallel SLC NAND(Some boards ship with it and some without)
WLAN1: 2.4 GHz built into IPQ4019 (802.11n) 2x2
WLAN2: 5 GHz built into IPO4019 (802.11ac Wawe-2) 2x2
Ethernet: 5x Gbit LAN (QCA 8075)
USB: 1x USB 2.0 and 1x USB 3.0 (Both built into IPQ4019)
MicroSD slot (Uses SD controller built into IPQ4019)
SDIO3.0/EMMC slot (Uses the same SD controller)
Mini PCI-E Gen 2.0 slot (Built into IPQ4019)
5x LEDs (4 GPIO controllable)
2x Pushbutton (1 is connected to GPIO, other to SoC reset)
LCD ZIF socket (Uses the LCD controller built into IPQ4019 which has no driver support)
1x UART 115200 rate on J18
2x breakout development headers
12V DC Jack for power
DIP switch for bootstrap configuration
Installation instructions:
Since boards ship with vendors fork of OpenWrt sysupgrade can be used.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Also update the U-Boot BSP patch for I2SE Duckbill devices.
Run tested on I2SE Duckbill and Olimex OLinuXino Maxi boards.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Update U-Boot to latest release, remove `100-wandboard-enable-fit.patch`
as FIT support was added in commit 5b8585825128 ("wandboard: Add FIT
image support").
Rework `110-mx6cuboxi-mmc-fallback.patch` into two patches as there was
new config option `CONFIG_SPL_FORCE_MMC_BOOT` added upstream which
should provide the same functionality as the previous patch hunk.
Moving Apalis towards generic distro_bootcmd.
Cc: Vladimir Vid <vladimir.vid@sartura.hr>
Cc: Tim Harvey <tharvey@gateworks.com>
Cc: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Removes one of the duplicate `gpio-keys` words found in the logs:
gpio-keys gpio-keys: gpio-keysdoes not support key code:143
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Adds into 4.19 backported kernel module from 5.1 for Sensirion SPS30
particulate matter sensor, for kernel 5.4 backported dependency fix.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Otherwise we would need to enable IIO_TRIGGERED_BUFFER symbol in all
kernels in order to be able to use any of the IIO modules which are
utilizing triggered buffer based data acquisition method.
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
On platforms that do not have CONFIG_MTD enabled, loading the
rt2x00lib kernel module fails because it depends on symbols from
the mtd module ("Unknown symbol get_mtd_device_nm").
This commit disables the code that can read the eeprom from mtd if
mtd is not enabled.
Signed-off-by: Sven Over <sp@cedenti.st>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This patch support Devolo Magic 2 WIFI, board devolo_dlan2-2400-ac.
This device is a plc wifi AC2400 router/extender with 2 Ethernet
ports, has a G.hn PLC and uses LCMP protocol from Home Grid Forum.
Hardware:
SoC: AR9344
CPU: 560 MHz
Flash: 16 MiB (W25Q128JVSIQ)
RAM: 128 MiB DDR2
Ethernet: 2xLAN 10/100/1000
PLC: 88LX5152 (MaxLinear G.hn)
PLC Flash: W25Q32JVSSIQ
PLC Uplink: 1Gbps MIMO
PLC Link: RGMII 1Gbps (WAN)
WiFi: Atheros AR9340 2.4GHz 802.11bgn
Atheros AR9882-BR4A 5GHz 802.11ac
Switch: QCA8337, Port0:CPU, Port2:PLC, Port3:LAN1, Port4:LAN2
Button: 3x Buttons (Reset, wifi and plc)
LED: 3x Leds (wifi, plc white, plc red)
GPIO Switch: 11-PLC Pairing (Active Low)
13-PLC Enable
21-WLAN power
MACs Details verified with the stock firmware:
Radio1: 2.4 GHz &wmac *:4c Art location: 0x1002
Radio0: 5.0 GHz &pcie *:4d Art location: 0x5006
Ethernet ðernet *:4e = 2.4 GHz + 2
PLC uplink --- *:4f = 2.4 GHz + 3
Label MAC address is from PLC uplink
OEM SSID: echo devolo-$(grep SerialNumber /dev/mtd1 | grep -o ...$)
OEM WiFi password: grep DlanSecurityID /dev/mtd1|tr -d -|cut -d'=' -f 2
Recommendations: Configure and link your PLC with OEM firmware
BEFORE you flash the device. PLC configuration/link should
remain in different memory and should work straight forward
after flashing.
Restrictions: PLC link detection to trigger plc red led is not
available. PLC G.hn chip is not compatible with open-plc-tools,
it uses LCMP protocol with AES-128 and requires different
software.
Notes: Pairing should be possible with gpio switch. Default
configuration will trigger wifi led with 2.4Ghz wifi traffic
and plc white led with wan traffic.
Flash instruction (TFTP):
1. Set PC to fixed ip address 192.168.0.100
2. Download the sysupgrade image and rename it to uploadfile
3. Start a tftp server with the image file in its root directory
4. Turn off the router
5. Press and hold Reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time
the firmware should be transferred from the tftp server
8. Allow 1-2 minutes for the first boot.
Signed-off-by: Manuel Giganto <mgigantoregistros@gmail.com>
This commit ports the device from ar71xx to the ath79 target and
modifies the partition layout.
1. Firmware is installed to nand flash.
2. Modify the uboot-env parameter to boot from the nand flash.
3. The kernel size is extended to 5M.
4.nor flash retains the oem firmware.
oem partition layout
dev: size erasesize name
mtd0: 00040000 00010000 "u-boot"
mtd1: 00010000 00010000 "u-boot-env"
mtd2: 00e30000 00010000 "rootfs"
mtd3: 00170000 00010000 "kernel"
mtd4: 00010000 00010000 "art"
mtd5: 00f90000 00010000 "firmware"
mtd6: 06000000 00020000 "rootfs_data"
mtd7: 02000000 00020000 "backup"
new partition layout
dev: size erasesize name
mtd0: 00040000 00010000 "u-boot"
mtd1: 00010000 00010000 "u-boot-env"
mtd2: 00fa0000 00010000 "oem-firmware"
mtd3: 00010000 00010000 "art"
mtd4: 00500000 00020000 "kernel"
mtd5: 05b00000 00020000 "ubi"
mtd6: 02000000 00020000 "oem-backup"
MAC address overview:
All mac addresses are stored in the art partition.
eth0: 0x0
eth1: 0x6
ath9k: 0xc
ath10k: 0x12
No valid addresses in 0x1002 and 0x5006. All addresses match the OEM
firmware.
Install from oem firmware.
Enable ssh service:
Connect to the router web, click professional, click system-startup,
and add dropbear in the local startup input box. Click
system-administration, delete ssh-key, and replace your ssh pub key.
Restart the router.
1.Upload openwrt firmware to the device
scp openwrt-snapshot-r11365-df60a0852c-ath79-nand-domywifi_dw33d-\
squashfs-factory.bin root@192.168.10.1:/tmp
2.modify uboot-env.
ssh login to the device:
fw_setenv bootcmd 'nboot 0x8050000 0;bootm || bootm 0x9fe80000'
Run the fw_printenv command to check if the settings are correct.
3.Write openwrt firmware.
ssh login to the device:
mtd -r write /tmp/openwrt-snapshot-r11365-df60a0852c-ath79-nand-\
domywifi_dw33d-squashfs-factory.bin /dev/mtd6
The device will restart automatically and the openwrt firmware
installation is complete.
Restore oem firmware.just erase the kernel partition and the ubi
partition.
ssh login to the device:
mtd erase /dev/mtd4
mtd -r erase /dev/mtd5
Reboot the device
Signed-off-by: WeiDong Jia <jwdsccd@gmail.com>
[alter flash instruction in commit message]
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
Bump to dnsmasq 2.81rc2. In the process discovered several compiler
warnings one with a logical error.
2 relevant patches sent upstream, added as 2 local patches for OpenWrt
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
1st release candidate for v2.81 after 18 months.
Refresh patches & remove all upstreamed leaving:
110-ipset-remove-old-kernel-support.patch
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Since now we support both kernel 4.19 and 5.2, change the
condition to remove driver when on kernel 4.14
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
The current implementation is significantly lowering lantiq
performace [1][2] by using RPS with non-irq CPUs and XPS
with alternating CPUs.
The previous netifd implementation (by default but could be
configured) simply used all CPUs and this patch essentially
reverts to this behaviour.
The only document suggesting using non-interrupt CPUs is Red
Hat [3] where if the network interrupt rate is extremely high
excluding the CPU that handles network interrupts *may* also
improve performance.
The original packet steering patches [4] advise that optimal
settings for the CPU mask seems to depend on architectures
and cache hierarcy so one size does not fit all. It also
advises that the overhead in processing for a lightly loaded
server can cause performance degradation.
Ideally, proper IRQ balancing is a better option with
the irqbalance daemon or manually.
The kernel does not enable packet steering by default, so
also disable in OpenWRT by default. (Though mvebu with its
hardware scheduling issues [5] might want to enable packet
steering by default.)
Change undocumented "default_ps" parameter to clearer
"packet_steering" parameter. The old parameter was only ever
set in target/linux/mediatek/base-files/etc/uci-defaults/99-net-ps
and matched the default.
[1] https://forum.openwrt.org/t/18-06-4-speed-fix-for-bt-homehub-5a
[2] https://openwrt.ebilan.co.uk/viewtopic.php?f=7&t=1105
[3] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/performance_tuning_guide/network-rps
[4] https://marc.info/?l=linux-netdev&m=125792239522685&w=2
[5] https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=2e1f6f1682d3974d8ea52310e460f1bbe470390fFixes: #1852Fixes: #2573
Signed-off-by: Alan Swanson <reiver@improbability.net>
Fixes following build error on mpc85xx/p2020:
Package kmod-iio-st_accel is missing dependencies for the following libraries:
regmap-core.ko
Fixes: 2d8f4c4fbd ("kernel: iio: add st-accel driver modules")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Currently bootloader always stays on the same version as when first
written to boot medium (not true if partition layout changed, which will
trigger sysupgrade process to write full disk image). That creates
inconveniences as it always stays with same features or/and bugs. Users
wishing to add support to additional modules or new version, would need
to write the whole image, potentially destroying previous system
configuration. To fix these, this commit adds additional routine to
sysupgrade which upgrades unconditionally the bootloader to the latest
state provided by OpenWrt.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Adds kernel modules for various STMicroelectronics accelerometers.
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The BUILD_VARIANT might differ from UBOOT_CONFIG, so point to a file we
are actually changing. Being here let's call 'Build/Configure/U-Boot'
definition, instead of definig the same command. This'll be more future
proof, if U-Boot configuration procedure will change.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Because /etc/profile (and ~/.profile) are read by login shells only,
aliases and functions defined there are not available to non-login
shells, e.g. when using screen or tmux.
If the ENV environment variable exists (exported by /etc/profile or
~/.profile) and references an existing file, then all interactive shells
(login or non-login) will read that file as well.
This sets the ENV environment variable in /etc/profile, pointing to
/etc/shinit.
This also adds /etc/shinit, which:
* Contains alias and function definitions originally in /etc/profile
* Sources /etc/mkshrc if the user is using mksh (also originally in
/etc/profile), as /etc/mkshrc is meant for all interactive shells
* Sources ~/.mkshrc if the user is using mksh, to compensate for the
fact that mksh will not read ~/.mkshrc if ENV is set
* Sources ~/.shinit if the user is not using mksh
This also removes the shebang from /etc/profile, as the file is sourced,
not executed.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This activates PIE ASLR support by default when the regular option is
selected.
Size increase on imx6:
112681 ppp_2.4.8-2_arm_cortex-a9_neon.ipk
121879 ppp_2.4.8-2_arm_cortex-a9_neon.ipk
= 9198 diff
Acked-by: Alexander Couzens <lynxis@fe80.eu>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This activates PIE ASLR support by default when the regular option is
selected. This is required to enable PIE ASLR support by default in ppp,
as it fails to build without it, on x86/64.
The .so file size stays identical.
Suggested-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This patch fixes the regression caused by adding the NEON
variant of the ghash as the default ghash package package:
> ERROR: module '[...]/arch/arm/crypto/ghash-arm-ce.ko' is missing.
> modules/crypto.mk:286: recipe for target
> '[...]/kmod-crypto-ghash_4.19.106-1_aarch64_cortex-a53.ipk' failed
This patch limits the scope to the ARM32/cortexa9 target of mvebu.
Fixes: 285df63efc ("kernel: build neon-asm version of ghash module")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This builds the regular arm and arm-neon asm optmized modules for sha1
and sha512, for targets that set CONFIG_ARM_CRYPTO.
On ip40xx, the arm-asm version of sha1 improves performance by 5% over
the generic C implementation; sha1-neon is 25% faster than generic,
and sha512-neon, 259%.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This alone improves AES-GCM performance by up to 50% on ipq40xx. This
is enabled for targets that support neon and set CONFIG_ARM_CRYPTO:
imx6, ipq40xx, and mvebu.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
SOC: IPQ4019 / QCA Dakota
CPU: Quad-Core ARMv7 Processor rev 5 (v7l) Cortex-A7
DRAM: 256 MiB
FLASH: NOR 4 MiB + NAND 128 MiB
ETH: Qualcomm Atheros QCA8072
WLAN1: Qualcomm Atheros QCA4019 2.4GHz 802.11bgn 2:2x2
WLAN2: Qualcomm Atheros QCA4019 5GHz 802.11a/n/ac 2:2x2
WLAN2: Qualcomm Atheros QCA9888 5GHz 802.11a/n/ac 2:2x2
INPUT: WPS Button
LEDS: Power, LAN1, LAN2, WLAN 2.4GHz, WLAN 5GHz-1, WLAN 5GHz-2, OPMODE
1. Load Ramdisk via U-Boot
To set up the flash memory environment, do the following:
a. As a preliminary step, ensure that the board console port is connected to the PC using these RS232 parameters:
* 115200bps
* 8N1
b. Confirm that the PC is connected to the board using one of the Ethernet ports.
c. Set a static ip 192.168.99.8 for Ethernet that connects to board.
d. The PC must have a TFTP server launched and listening on the interface to which the board is connected.
e. At this stage power up the board and, after a few seconds, press 4 and then any key during the countdown.
U-BOOT> set serverip 192.168.99.9 && tftpboot 0x84000000 192.168.99.8:openwrt.itb && bootm
Signed-off-by: Steven Lin <steven.lin@senao.com>
[copied 4.19 dts to 5.4]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The nvmem framework is now used in net/ethernet/eth.c and the nvmem
sysfs is split into a separate Kconfig option. More work would be needed
to adapt this patch for the broader use. The current patch compiles fine
on ath79, but it breaks the x86 target.
nvmem is also compiled into the kernel for most of our targets for
example ath79 anyway, so patching the kernel to remove it is now harder
and not the case on multiple targets anyway. Instead of making this work
on kernel 5.4 just remove this hack patch.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This module was added with kernel 4.15, but is was removed again with
kernel version 5.3. OpenWrt does not support specifying a kernel version
range so just break it with kernel 4.14 and only support recent kernel
versions.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
With kernel 5.4 kmod-sound-hda-intel also needs snd-intel-nhlt.ko, but
this kernel module is only build on x86, make the OpenWrt kmod depend on
TARGET_x86.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
nf_reset() was renamed to nf_reset_ct() in upstream Linux commit
895b5c9f206e ("netfilter: drop bridge nf reset from nf_reset)"
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
gigaset was moved to staging in kernel 5.4, just deactivate it on
recent kernel versions instead of adapting it.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
In kernel 5.3 and 5.4 some crypto modules were split into two modules,
one implementing the crypto algorithm and the other integrating it
into the Linux crypto framework.
Adapt OpenWrt to support this split.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds the new xfrm4_mode_beet, xfrm4_mode_transport,
xfrm4_mode_tunnel and their IPv6 versions on kernel 5.4. These modules
were newly added in kernel 5.2.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
CONFIG_INCLUDE_CONFIG option is helpful for being able to rebuild the
exact same firmware as you see on a live OpenWRT instance, but it's
crucially missing feeds information, so we can't rebuild the exact same
package versions. This commit fixes this by adding the remaining feeds
(and version) buildinfo files to the image.
Signed-off-by: Xu Wang <xwang1498@gmx.com>
This reverts commit 215598fd03 since it
didn't contain a reference to the CVE it addresses. The next commit
will re-add the commit including a CVE reference in its commit message.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Old MikroTik devices have the RLE-encoded radio calibration data
directly stored in the art (hard_config) partition, without LZO
compression nor any preceding ERD magic bytes. This commit adds
a fallback for these devices.
Tested on the ath79 target with a MikroTik SXT 5nD r2 (SXT Lite5),
only locally --not yet merged upstream--.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
Add a radio_config_id property. If the radio config changes return an error
upon receiving the reconf call.
Signed-off-by: John Crispin <john@phrozen.org>
For devices without a dedicated 'diag' LED, we use sometimes one of
other LEDs for indicating at least 'boot', 'failsafe' and 'upgrade'
stages. In some cases, at the same time these LEDs have defined default
triggers in DTS using 'linux,default-trigger' property. Current 'diag'
setup removes the trigger and turns off 'boot' LED after bootup.
One of the examples of such device is TP-Link TL-WR841N v14 (ramips)
which uses 'wlan' LED with defined 'linux,default-trigger' for 'diag':
aliases {
led-boot = &led_wlan;
led-failsafe = &led_wlan;
led-upgrade = &led_wlan;
};
[...]
led_wlan: wlan {
label = "tl-wr841n-v14:green:wlan";
gpios = <&gpio1 9 GPIO_ACTIVE_LOW>;
linux,default-trigger = "phy0tpt";
};
This patch extends 'diag.sh' and 'leds.sh' scripts to make sure default
trigger defined in DTS is restored for 'diag' LED which isn't used for
indicating 'running' stage.
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
c888e17e06 ("hostapd: manage instances via procd instead of pidfile")
added procd support for managing hostapd and wpa_supplicant daemons
but at the same time limited wiphy names to 'phy*'.
This brings back initial behaviour (introduced in 60fb4c92b6 ("hostapd:
add ubus reload") and makes procd manage daemons for any wiphy device
found in '/sys/class/ieee80211'.
CC: Felix Fietkau <nbd@nbd.name>
CC: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
License "GPL-2.0+" is deprecated License Identifier according to
SPDX License list [1]. The correct one is GPL-2.0-or-later.
While at it, also add the License file.
[1] https://spdx.org/licenses/
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
The function trace_on_exit() is given to atexit() as a parameter, but
atexit() only takes a function pointer to a function with a void
parameter.
This problem was introduced when the on_exit() function was incompletely
replaced by atexit().
Fixes: ba6c8bd614 ("linux-atm: add portability fixes")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
ath10k-ct supports the combination to select IBSS (ADHOC) mode and
different beacon intervals together. mac80211 does not like this
combination, but Ben says this is ok, so remove this check.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
> Avoid reuse of PKG_NAME in call, define and eval lines for consistency and
> readability. Write the full name instead.
Ref: https://openwrt.org/docs/guide-developer/packages
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
> Avoid reuse of PKG_NAME in call, define and eval lines for consistency and
> readability. Write the full name instead.
Ref: https://openwrt.org/docs/guide-developer/packages
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
As 07e1d88d7b ("kernel: avoid underscore in *6lowpan package names") shows,
underscores might cause build failures. Replace underscore with dash.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
The current version of ATF does not support power off for SGMII
COMPHY. Update to latest ATF to resolve this issue.
Signed-off-by: Scott Roberts <ttocsr@gmail.com>
The SUBDIRS variable has been removed in kernel 5.4, and was deprecated
since the beginnig of kernel git history in favour of M or KBUILD_EXTMOD.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Removed all upstream patches.
Added PKG_BUILD_PARALLEL for faster compilation.
Small Makefile rearrangements for consistency between packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This adds the direct dependencies introduced by TARGET_LDFLAGS
to the package's DEPENDS variable.
This was found by accidentally building rssileds on octeon, which
resulted in:
"Package rssileds is missing dependencies for the following libraries:
libnl-tiny.so"
Though the dependencies are provided when building for the
relevant targets ar71xx, ath79 and ramips, it seems more tidy to
specify them explicitly.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
f4415afce213 mt76: mt76u: loop over all possible rx queues in mt76u_rx_tasklet
5b9f949cb760 mt76: mt76u: fix a possible memory leak in mt76u_init
fd892bc033fb mt76: mt76u: rely only on data buffer for usb control messagges
Signed-off-by: Felix Fietkau <nbd@nbd.name>
8d45443bb5c9 pppd: Ignore received EAP messages when not doing EAP
8d7970b8f3db pppd: Fix bounds check in EAP code
858976b1fc31 radius: Prevent buffer overflow in rc_mksid()
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Update util-linux to 2.35.1 and refresh patches.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
[commit subject and description tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
bd0df1b017a8 mt76: avoid extra RCU synchronization on station removal
d5a5e97b67c7 mt76: mt76x2: avoid starting the MAC too early
a67e42990d8a mt76: mt7615: fix msdu_id endianness in mt7615_write_hw_txp
d3af8bd3c722 mt76: mt7615: set proper length in strncmp
9c43417db17c mt76: mt7615: fix max_nss in mt7615_eeprom_parse_hw_cap
764e1d208a06 mt76: mt7615: fix tx power reporting
1881241c7ee5 mt76: fix rounding issues on converting per-chain and combined txpower
fa14e7f33199 mt76: mt7615: rework rx phy index handling
a205ce3e3e2d mt76: mt7615: fix ext_phy flag for stations
457a93203690 mt76: mt7615: fix MT_TX_HW_QUEUE_EXT_PHY to deal with mac80211 changes
c75cf513c674 mt76: do not set HOST_BROADCAST_PS_BUFFERING for mt7615
cc56c400167c mt76: fix LED link time failure
4dbd56b86970 mt76: mt76x0u: add support to TP-Link T2UHP
e226309c4bc4 mt76: mt7615: rely on mt76_queues_read for mt7622
c6a025318075 mt76: mt76u: extend RX scatter gather number
dfc24bc504e3 mt76: mt76u: rename stat_wq in wq
2bbffd2cb37b mt76: mt7615: remove rx_mask in mt7615_eeprom_parse_hw_cap
f408a2b7566c mt76: Introduce mt76_mcu data structure
17ecf0762542 mt76: mt76x02: fix handling MCU timeouts during hw restart
284e9fd72912 mt76: mt7615: fix monitor injection of beacon frames
8f8e9161b355 mt76: fix array overflow on receiving too many fragments for a packet
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Packages kmod-bluetooth_6lowpan and kmod-ieee802154_6lowpan contain an
underscore in the package name. This causes problems in package/install
because when building a list of package files to install offline using
opkg, it uses a wildcard of the form $(dir)/$(pkg)_*.ipk.
If you were to select kmod-bluetooth=y, but kmod-bluetooth_6lowpan=m,
the latter would be picked up by that wildcard, and make package/install
would fail:
Collected errors:
* satisfy_dependencies_for: Cannot satisfy the following dependencies
* for kmod-bluetooth_6lowpan:
* kmod-6lowpan
* opkg_install_cmd: Cannot install package kmod-bluetooth_6lowpan.
Changing the wildcard pattern is not trivial, and there may be other
places in the build system making this assumption about the package name
format.
Using a dash in place of the underscore avoids the issue.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
A file, package/network/services/dnsmasq/files/50-dnsmasq-migrate-resolv-conf-auto.sh,
was added in commit 6a28552120, but it
does not exit in a way that tells the uci-defaults mechanism that it
succeeded, and so it is not cleaned up after running successfully. Add
an exit 0 to the end to correct that.
Signed-off-by: Russell Senior <russell@personaltelco.net>
* send: cleanup skb padding calculation
* socket: remove useless synchronize_net
Sorry for the back-to-back releases. This fixes a regression spotted by Eric
Dumazet.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This change makes the names of Broadcom targets consistent by using
the common notation based on SoC/CPU ID (which is used internally
anyway), bcmXXXX instead of brcmXXXX.
This is even used for target TITLE in make menuconfig already,
only the short target name used brcm so far.
Despite, since subtargets range from bcm2708 to bcm2711, it seems
appropriate to use bcm27xx instead of bcm2708 (again, as already done
for BOARDNAME).
This also renames the packages brcm2708-userland and brcm2708-gpu-fw.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Álvaro Fernández Rojas <noltari@gmail.com>
This change makes the names of Broadcom targets consistent by using
the common notation based on SoC/CPU ID (which is used internally
anyway), bcmXXXX instead of brcmXXXX.
This is even used for target TITLE in make menuconfig already,
only the short target name used brcm so far.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This change makes the names of Broadcom targets consistent by using
the common notation based on SoC/CPU ID (which is used internally
anyway), bcmXXXX instead of brcmXXXX.
This is even used for target TITLE in make menuconfig already,
only the short target name used brcm so far.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This supports better per-chain noise floor reporting, which in turn allows for
better RSSI reporting in the driver.
Wave-2 fixes a long-standing rate-ctrl problem when connected to xbox (and probably other devices).
Wave-2 has fix for crash likely related to rekeying.
Wave-1 has some debugging code added where a user reported a crash.
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [ipq806x+qca9984,ipq4019+qca9986]
Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
Changes:
ath10k-ct: Support better RSSI measurements.
When used with recent firmware, these changes allow the driver to
query per-chain noise-floor from the radio to better calculate the
per-chain RSSI. The per-chain RSSI is then summed to provide the
'combined RSSI'. This gives better per-chain RSSI as well as combined
RSSI, especially when running with more than 20Mhz bandwidths.
Refresh patches.
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [ipq806x+qca9984,ipq4019+qca9986]
Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
* wg-quick: android: split uids into multiple commands
Newer android's ndc implementations have limits on uid size, so we have to
break these into several lists.
* man: document dynamic debug trick for Linux
This comes up occasionally, so it may be useful to mention its
possibility in the man page. At least the Arch Linux and Ubuntu kernels
support dynamic debugging, so this advice will at least help somebody. So that
you don't have to go digging into the commit, this adds this helpful tidbit
to the man page for getting debug logs on Linux:
# modprobe wireguard && echo module wireguard +p > /sys/kernel/debug/dynamic_debug/control
* extract-{handshakes,keys}: rework for upstream kernel
These tools will now use the source code from the running kernel instead of
from the old monolithic repo. Essential for the functioning of Wireshark.
* netlink: remove libmnl requirement
We no longer require libmnl. It turns out that inlining the small subset of
libmnl that we actually use results in a smaller binary than the overhead of
linking to the external library. And we intend to gradually morph this code
into something domain specific as a libwg emerges. Performance has also
increased, thanks to the inliner. On all platforms, wg(8) only needs a normal
libc. Compile time on my system is still less than one second. So all in all
we have: smaller binary, zero dependencies, faster performance.
Packagers should no longer have their wireguard-tools package depend on
libmnl.
* embeddable-wg-library: use newer string_list
* netlink: don't pretend that sysconf isn't a function
Small cleanups.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Most of the broadcom packaging codes were moved to broadcom.mk in commit
7f984dab1c ("mac80211: move broadcom packaging code to broadcom.mk"),
but b43/install still remained. Move it now.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
The $(space) definition in the hostapd Makefile ceased to work with
GNU Make 4.3 and later, leading to syntax errors in the generated
Kconfig files.
Drop the superfluous redefinition and reuse the working $(space)
declaration from rules.mk to fix this issue.
Fixes: GH#2713
Ref: https://github.com/openwrt/openwrt/pull/2713#issuecomment-583722469
Reported-by: Karel Kočí <cynerd@email.cz>
Suggested-by: Jonas Gorski <jonas.gorski@gmail.com>
Tested-by: Shaleen Jain <shaleen@jain.sh>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* compat: support building for RHEL-8.2
* compat: remove RHEL-7.6 workaround
Bleeding edge RHEL users should be content now (which includes the actual
RedHat employees I've been talking to about getting this into the RHEL kernel
itself). Also, we remove old hacks for versions we no longer support anyway.
* allowedips: remove previously added list item when OOM fail
* noise: reject peers with low order public keys
With this now being upstream, we benefit from increased fuzzing coverage of
the code, uncovering these two bugs.
* netns: ensure non-addition of peers with failed precomputation
* netns: tie socket waiting to target pid
An added test to our test suite for the above and a small fix for high-load CI
scenarios.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This reverts commit 96424c143d.
The commit changed libiwinfo's internal ABI which breaks a number of
downstream projects, including LuCI and rpcd-mod-iwinfo.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Bump procd package to reduce log spam related to missing jail binaries
in a non-jail capable system.
bcb8655 instance: add 'requirejail' attribute
An additional jail attribute 'requirejail' can now be used to indicate
mandatory use of a jailed environment and hence prevent process startup
in the event that the jail subsystem is unavailable.
Procd will now only log errors if jail is unavailable and 1) is a mandatory
requirement or 2) a procd debug level of at least 2 is in use.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
eba5a20 iwinfo: add device id for BCM43602
a6914dc iwinfo: add BSS load element to scan result
bb21698 iwinfo: add device id for Atheros AR9287
7483398 iwinfo: add device id for MediaTek MT7615E
Signed-off-by: David Bauer <mail@david-bauer.net>
Add Netgear WNDR3700v2 to the list of supported boards.
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
[rebase, adjusted commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Package kernel module for Linear Technology MCP3021/3221 I2C connected
current and voltage monitor chips.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
I'm having another attempt at trying to getting the 'store dscp into
conntrack connmark' functionality into upstream kernel, since the
restore function (act_ctinfo) has been accepted.
The syntax has changed from 'savedscp' to 'set-dscpmark' since that
conforms more closely with existing functionality.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Fixes handling CSA when using AP+STA or AP+Mesh
This change was accidentally dropped in commit 167028b75
("hostapd: Update to version 2.9 (2019-08-08)")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Without this change, wpa-cli features depend on which wpad build variant was
used to build the wpa-cli package
Signed-off-by: Felix Fietkau <nbd@nbd.name>
It is generally more desirable to use older kernel versions for
dependencies, as this will require less changes when newer kernels
are added (they will by default select the newer packages).
Since we currently only have two kernels (4.14 and 4.19) in master,
this patch applies this logic by converting all LINUX_4_19 symbols
to their inverted LINUX_4_14 equivalents.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
"[[" is a bash extension for test. As the ash-implementation is not
fully compatible we drop its usage.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
[remove shebang, slightly facelift commit title/message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
"[[" is a bash extension for test. As the ash-implementation is not
fully compatible we drop its usage.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
"[[" is a bash extension for test. As the ash-implementation is not
fully compatible we drop its usage.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
"[[" is a bash extension for test. As the ash-implementation is
not fully compatible we drop its usage.
Also change to "=" for simple test, which is sufficient. (see d6ac8ca76c)
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
[split patch, removed shebang]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Call skb_orphan(skb) to call the owner's destructor function and make
the skb unowned.
This is necessary to prevent sk_wmem_alloc of a socket from overflowing,
which leads to ENOBUFS errors on application level.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
This patch converts the Qxwlan E2600AC image away from
the deprecated .bin file and to the new .qca4019 method.
As a result, we no longer need to carry around the
legacy support for handling .bin files.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
SOC: IPQ4018 / QCA Dakota
CPU: Quad-Core ARMv7 Processor rev 5 (v7l) Cortex-A7
DRAM: 256 MiB
NOR: 32 MiB
ETH: Qualcomm Atheros QCA8072 (1 port)
WLAN1: Qualcomm Atheros QCA4018 2.4GHz 802.11bgn 2:2x2
WLAN2: Qualcomm Atheros QCA4018 5GHz 802.11a/n/ac 2:2x2
INPUT: RESET Button
LEDS: White, Blue, Red, Orange
Flash instruction:
From EnGenius firmware to OpenWrt firmware:
In Firmware Upgrade page, upgrade your openwrt-ipq40xx-generic-engenius_emd1-squashfs-factory.bin directly.
From OpenWrt firmware to EnGenius firmware:
1. Setup a TFTP server on your computer and configure static IP to 192.168.99.8
Put the EnGenius firmware in the TFTP server directory on your computer.
2. Power up EMD1. Press 4 and then press any key to enter u-boot.
3. Download EnGenius firmware
(IPQ40xx) # tftpboot 0x84000000 openwrt-ipq40xx-emd1-nor-fw-s.img
4. Flash the firmware
(IPQ40xx) # imgaddr=0x84000000 && source 0x84000000:script
5. Reboot
(IPQ40xx) # reset
Signed-off-by: Yen-Ting-Shen <frank.shen@senao.com>
[removed BOARD_NAME]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Specifications
==============
- SOC: IPQ4018
- RAM: DDR3 256MB
- Flash: SPI NOR 16MB
- WiFi:
- 2.4GHz: IPQ4018, 2x2, front end SKY85303-11
- 5GHz: IPQ4018, 2x2, front end SKY85717-21
- Ethernet: 1x 10/100/1000Mbps, POE 802.3af
- PHY: QCA8072
- UART: GND, blocked, 3.3V, RX, TX / 115200 8N1
- LED: 1x red / green
- Button: 1x reset / factory default
- U-Boot bootloader with tftp and "emergency web server" accessible
using serial port.
Installation
============
Flash factory image from D-Link web UI. Constraints in the D-Link web UI
makes the factory image unnecessarily large. Flash again using
sysupgrade from inside OpenWrt to reclaim some flash space.
Return to stock D-Link firmware
===============================
Partition layout is preserved, and it is possible to return to the stock
firmware simply by downloading it from D-Link and writing it to the
firmware partition.
# mtd -r write dap2610-firmware.bin firmware
Quirks
======
To be flashable from the D-Link http server, the firmware must be larger
then 6MB, and the size in the firmware header must match the actual file
size. Also, the boot loader verifies the checksum of the firmware before
each boot, thus the jffs2 must be after the checksum covered part. This
is solved in the factory image by having the rootfs at the very end of
the image (without pad-rootfs).
The sysupgrade image which does not have to be flashable from the D-Link
web UI may be smaller, and the checksum in the firmware header only
covers the kernel part of the image.
Signed-off-by: Fredrik Olofsson <fredrik.olofsson@anyfinetworks.com>
[added WRGG Variables to DEVICE_VARS, squashed spi pinconf/mux,
added emd1's gmac0 config,fix dtc warnings]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* Makefile: remove pwd from compile output
* Makefile: add standard 'all' target
* Makefile: evaluate git version lazily
Quality of life improvements for packagers.
* ipc: simplify inflatable buffer and add fuzzer
* fuzz: add generic command argument fuzzer
* fuzz: add set and setconf fuzzers
More fuzzers and a slicker string list implementation. These fuzzers now find
themselves configuring wireguard interfaces from scratch after several million
mutations, which is fun to watch.
* netlink: make sure to clear return value when trying again
Prior, if a dump was interrupted by a concurrent set operation, we'd try
again, but forget to reset an error flag, so we'd keep trying again forever.
Now we do the right thing and succeed when we succeed.
* Makefile: sort inputs to linker so that build is reproducible
Earlier versions of make(1) passed GLOB_NOSORT to glob(3), resulting in the
linker receiving its inputs in a filesystem-dependent order. This screwed up
reproducible builds.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Makefile: strip prefixed v from version.h
This fixes a mistake in dmesg output and when parsing the sysfs entry in the
filesystem.
* device: skb_list_walk_safe moved upstream
This is a 5.6 change, which we won't support here, but it does make the code
cleaner, so we make this change to keep things in sync.
* curve25519: x86_64: replace with formally verified implementation
This comes from INRIA's HACL*/Vale. It implements the same algorithm and
implementation strategy as the code it replaces, only this code has been
formally verified, sans the base point multiplication, which uses code
similar to prior, only it uses the formally verified field arithmetic
alongside reproducable ladder generation steps. This doesn't have a
pure-bmi2 version, which means haswell no longer benefits, but the
increased (doubled) code complexity is not worth it for a single
generation of chips that's already old.
Performance-wise, this is around 1% slower on older microarchitectures,
and slightly faster on newer microarchitectures, mainly 10nm ones or
backports of 10nm to 14nm. This implementation is "everest" below:
Xeon E5-2680 v4 (Broadwell)
armfazh: 133340 cycles per call
everest: 133436 cycles per call
Xeon Gold 5120 (Sky Lake Server)
armfazh: 112636 cycles per call
everest: 113906 cycles per call
Core i5-6300U (Sky Lake Client)
armfazh: 116810 cycles per call
everest: 117916 cycles per call
Core i7-7600U (Kaby Lake)
armfazh: 119523 cycles per call
everest: 119040 cycles per call
Core i7-8750H (Coffee Lake)
armfazh: 113914 cycles per call
everest: 113650 cycles per call
Core i9-9880H (Coffee Lake Refresh)
armfazh: 112616 cycles per call
everest: 114082 cycles per call
Core i3-8121U (Cannon Lake)
armfazh: 113202 cycles per call
everest: 111382 cycles per call
Core i7-8265U (Whiskey Lake)
armfazh: 127307 cycles per call
everest: 127697 cycles per call
Core i7-8550U (Kaby Lake Refresh)
armfazh: 127522 cycles per call
everest: 127083 cycles per call
Xeon Platinum 8275CL (Cascade Lake)
armfazh: 114380 cycles per call
everest: 114656 cycles per call
Achieving these kind of results with formally verified code is quite
remarkable, especialy considering that performance is favorable for
newer chips.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Older ath79-based MikroTik devices have the ERD calibration data
compressed and stored different to newer IPQ40xx ones. This commit
adds support for these former ones.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
Acked-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This utility extracts the radio calibration data, as well as other
board-related information (model, serial number, etc.), from MikroTik
Routerboard devices' flash.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
Acked-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
hostapd sets minimum values for CWmin/CWmax/AIFS and maximum for TXOP.
The code for applying those values had a few bugs leading to bogus values,
which caused significant latency and packet loss.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add ubootenv uci config for gl-ar150, gl-domino and gl-mifi
Signed-off-by: Kimmo Vuorinen <kimmo.vuorinen@gmail.com>
[commit message/title facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
hostapd allows putting WDS (4addr mode) clients into a separate bridge
other than the bridge regular (3addr mode) clients end up in. This is
useful for example giving WDS clients access to several VLANs
(trunking) while regular clients will end up inside a specific VLAN.
Add 'wds_bridge' config parameter for wifi-iface which contains the
name of the bridge. hostapd-mini already supports this feature, so all
needed is to add the UCI wrapping in mac80211.sh.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add support for Methode DM7052 NBASE-T module to OpenWRT. These
patches are taken from my "phy" branch, and will be sent for the
next kernel merge window.
Signed-off-by: Russell King <linux@armlinux.org.uk>
[jonas.gorski: move patches to pending, refresh patches]
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
58c12f7 jail: add basic support for network namespaces
ba69639 jail: create resolv.conf symlink for netns jails
81b88b1 jail: more strict mount options for /tmp/resolv.conf.d/
Add new 'netns' flag for procd_add_jail to make ujail setup a new
network namespace for the jailed service.
See previous netifd commit for example configuration for netns jailed
service.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Prepare netifd for handling procd service jails having their own
network namespace.
Intefaces having the jail attribute will only be brought up inside the
jail's network namespace by procd calling the newly introduced ubus
method 'netns_updown'.
Currently proto 'static' is supported and configuration changes are
not yet being handled (ie. you'll have to restart the jailed service
for changes to take effect).
Example /etc/config/network snippet:
config device 'veth0'
option type 'veth'
option name 'vhost0'
option peer_name 'virt0'
config interface 'virt'
option type 'bridge'
list ifname 'vhost0'
option proto 'static'
option ipaddr '10.0.0.1'
option netmask '255.255.255.0'
config interface 'virt0'
option ifname 'virt0'
option proto 'static'
option ipaddr '10.0.0.2'
option netmask '255.255.255.0'
option gateway '10.0.0.1'
option dns '10.0.0.1'
option jail 'transmission'
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Most of the kernel version switches below 4.14 were removed in commit
97940f8766 ("kernel: remove obsolete kernel version switches"),
but some of them still remained. Remove them now.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
It's cleaner and faster as it does not need to do extra work.
Also removed $() to avoid executing the output. The shell can handle it.
https://github.com/koalaman/shellcheck/wiki/SC2143
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[correct || to && for one conversion]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
When building libcxx for x86/64, the library is installed in /usr/lib64.
As the install section tries to copy the library from /usr/lib, this
breaks build on x86/64. Override the lib dir suffix to fix this.
Fixes: 856ea2bad3 ("libcxx: Add package")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Rosen Penev <rosenp@gmail.com>
6db312a dhcpv6-ia: use dhcp leasetime to set preferred/valid statefull lifetimes
2520c48 dhcpv6-ia: introduce DHCPv6 pd and ia assignments flags
b413d8a dhcpv6-ia: cleanup prefix delegation routes
b0902af dhcpv6-ia: remove passing interface as parameter to apply_lease
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Currently, it is very cumbersome for a user to connect to a WPA-Enterprise
based network securely because the RADIUS server's CA certificate must first be
extracted from the EAPOL handshake using tcpdump or other methods before it can
be pinned using the ca_cert(2) fields. To make this process easier and more
secure (combined with changes in openwrt/openwrt#2654), this commit adds
support for validating against the built-in CA bundle when the ca-bundle
package is installed. Related LuCI changes in openwrt/luci#3513.
Signed-off-by: David Lam <david@thedavid.net>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
In function `main` add calls to `free` for the variable `executable`.
This is needed because the variable `executable` is allocated but
never freed. This cause a memory leak.
Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
If a config section of a peer does not have a public key defined, the
whole interface does not start. The following log is shown
daemon.notice netifd: test (21071): Line unrecognized: `PublicKey='
daemon.notice netifd: test (21071): Configuration parsing erro
The command 'wg show' does only show the interface name.
With this change we skip the peer for this interface and emit a log
message. So the other peers get configured.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This patch introduces support for Netgear WNDR4500v3. Router
is very similar to WNDR4300v2 and is based on the same PCB.
Information gathered from various Internet sources (including
https://patchwork.ozlabs.org/patch/809227/) shows following
differences to WNDR4300v2:
* two USB 2.0 ports with separate LEDs
* USB LEDs soldered to secondary pads
* WPS and RFKILL buttons soldered to secondary pads
* described as N900 device with 3x3:3 MIMO for 2.4GHz radio
* power supply requirement is DC 12V 2.5A
* vendor HW ID suffix differs in one digit
* bigger chassis
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
This patch introduces support for Netgear WNDR4300v2.
Specification
=============
* Description: Netgear WNDR4300 v2
* Loader: U-boot
* SOC: Qualcomm Atheros QCA9563 (775 MHz)
* RAM: 128 MiB
* Flash: 2 MiB SPI-NOR + 128 MiB SPI-NAND
- NOR: U-boot binary: 256 KiB
- NOR: U-boot environment: 64 KiB
- NOR: ART Backup: 64 KiB
- NOR: Config: 64 KiB
- NOR: Traffic Meter: 64 KiB
- NOR: POT: 64 KiB
- NOR: Reserved: 1408 KiB
- NOR: ART: 64 KiB
- NAND: Firmware: 25600 KiB (see notes for OpenWrt)
- NAND: Language: 2048 KiB
- NAND: mtdoops Crash Dump: 128 KiB
- NAND: Reserved: 103296 KiB
* Ethernet: 5 x 10/100/1000 (4 x LAN, 1 x WAN) (AR8337)
* Wireless:
- 2.4 GHz b/g/n (internal)
- 5 GHz a/n (AR9580)
* USB: yes, 1 x USB 2.0
* Buttons:
- Reset
- WiFi (rfkill)
- WPS
* LEDs:
- Power (amber/green)
- WAN (amber/green)
- WLAN 2G (green)
- WLAN 5G (blue)
- 4 x LAN (amber/green)
- USB (green)
- WPS (green)
* UART: 4-pin connector JP1, 3.3V (Vcc, TX, RX, GND), 115200 8N1
* Power supply: DC 12V 1.5A
* MAC addresses: LAN=WLAN2G on case label, WAN +1, WLAN5G +2
Important Notes
===============
0. NOR Flash (2 MiB) is not touched by OpenWrt installation.
1. NAND Flash (128 MiB) layout under OpenWrt is changed as follows:
all space is split between 4 MiB kernel and 124 MiB UBI areas;
vendor partitions (language and mtdoops) are removed; kernel space
size can be further expanded if needed; maximum image size is set
to 25600k for compatibility reasons and can also be increased.
2. CPU clock is 775 MHz, not 750 MHz.
3. 5 GHz wireless radio chip is Atheros AR9580-AR1A with bogus PCI
device ID 0xabcd. For ath9k driver to load successfully, this is
overriden in DTS with correct value for this chip, 0x0033.
4. RFKILL button is wired to AR9580 pin 9 which is normally disabled
by chip definition in ath9k code (0x0000F4FF gpio mask). Therefore
'qca,gpio-mask=<0xf6ff>' hack must be used for button to work
properly.
5. USB port is always on, no GPIO for 5V power control has been
identified.
Installation
============
* TFTP recovery
* TFTP via U-boot prompt
* sysupgrade
* Web interface
Test build configuration
========================
CONFIG_TARGET_ath79=y
CONFIG_TARGET_ath79_nand=y
CONFIG_TARGET_ath79_nand_DEVICE_netgear_wndr4300-v2=y
CONFIG_ALL_KMODS=y
CONFIG_DEVEL=y
CONFIG_CCACHE=y
CONFIG_COLLECT_KERNEL_DEBUG=y
CONFIG_IMAGEOPT=y
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
This patch adds 'qca,gpio-mask=<u32>' device tree property to ath9k node.
This optional setting is a hack and should only be used in very special
(and rare) cases when a button or LED is wired to a GPIO pin normally
masked out (due to being one-way etc). Netgear WNDR4300 v2 is one such
example - it uses GPI9 for RFKILL.
See ath9k/reg.h *_GPIO_MASK constants.
Use with caution and expect to see stream of kernel warnings if wrong
mask value is provided.
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
If zram-backed swap is added after an existing swap, it gets a lower
priority. Assiming that usually all other swaps are slower, there should
be a way to assign a higher priority to zram swap.
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
The depends are totally wrong. libunwind does not work with powerpc and
i386 as it needs glibc.
Instead of duplicating the platforms, just change the dependency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
With this change it is now possible to switch off single instances of
the uhttpd config. Until now it was only possible to switch all
instances of uhttpd on or off.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Rekey GTK on STA disassociate
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Allows dtim_period to be configurable, the default is from hostapd.
Adds additional regulatory tunables for power constraint and spectrum
managment.
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Failsafe code of dropbear should be in the dropbear package not the
base-files package.
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
NAS devices certainly need to have hdparm to configure
things like spin-down time or their disks will be
constantly spinning. Just catenate CONFIG_HDPARM=y
on these configs.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
The 'DEFAULT:=m if ALL' line prevents the phase1 buildbots from building
the package, and users from downloading it, since they use 'ALL_KMODS=y'
but 'ALL' is not set.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Implement the suggestions laid out in README_PACKAGERS, mainly by preventing
the stripping of the internal vgpreload*.so libraries.
Also retain the symbol information of valgrind's private helper executables
and enable LTO as suggested in the packagers readme.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Setting CONFIG_IPK_FILES_CHECKSUMS=y causes sha256 checksum files to be
included with the packages to check for corruption. This commit fixes two
issues:
- /sbin/pkg_check was being removed incorrectly if IPK_FILES_CHECKSUMS=y
- checksums were being saved in the wrong file
Signed-off-by: Xu Wang <xwang1498@gmx.com>
The wpa_supplicant supports certificate subject validation via the
subject match(2) and altsubject_match(2) fields. domain_match(2) and
domain_suffix_match(2) fields are also supported for advanced matches.
This validation is especially important when connecting to access
points that use PAP as the Phase 2 authentication type. Without proper
validation, the user's password can be transmitted to a rogue access
point in plaintext without the user's knowledge. Most organizations
already require these attributes to be included to ensure that the
connection from the STA and the AP is secure. Includes LuCI changes via
openwrt/luci#3444.
From the documentation:
subject_match - Constraint for server certificate subject. This substring
is matched against the subject of the authentication server certificate.
If this string is set, the server sertificate is only accepted if it
contains this string in the subject. The subject string is in following
format: /C=US/ST=CA/L=San Francisco/CN=Test AS/emailAddress=as
.example.com
subject_match2 - Constraint for server certificate subject. This field is
like subject_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST
tunnel) authentication.
altsubject_match - Constraint for server certificate alt. subject.
Semicolon separated string of entries to be matched against the
alternative subject name of the authentication server certificate. If
this string is set, the server sertificate is only accepted if it
contains one of the entries in an alternative subject name extension.
altSubjectName string is in following format: TYPE:VALUE Example:
EMAIL:server@example.com Example:
DNS:server.example.com;DNS:server2.example.com Following types are
supported: EMAIL, DNS, URI
altsubject_match2 - Constraint for server certificate alt. subject. This
field is like altsubject_match, but used for phase 2 (inside
EAP-TTLS/PEAP/FAST tunnel) authentication.
domain_match - Constraint for server domain name. If set, this FQDN is
used as a full match requirement for the
server certificate in SubjectAltName dNSName element(s). If a
matching dNSName is found, this constraint is met. If no dNSName
values are present, this constraint is matched against SubjectName CN
using same full match comparison. This behavior is similar to
domain_suffix_match, but has the requirement of a full match, i.e.,
no subdomains or wildcard matches are allowed. Case-insensitive
comparison is used, so "Example.com" matches "example.com", but would
not match "test.Example.com". More than one match string can be
provided by using semicolons to
separate the strings (e.g., example.org;example.com). When multiple
strings are specified, a match with any one of the values is considered
a sufficient match for the certificate, i.e., the conditions are ORed
together.
domain_match2 - Constraint for server domain name. This field is like
domain_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel)
authentication.
domain_suffix_match - Constraint for server domain name. If set, this
FQDN is used as a suffix match requirement for the AAA server
certificate in SubjectAltName dNSName element(s). If a matching dNSName
is found, this constraint is met. If no dNSName values are present,
this constraint is matched against SubjectName CN using same suffix
match comparison. Suffix match here means that the host/domain name is
compared one label at a time starting from the top-level domain and all
the labels in domain_suffix_match shall be included in the certificate.
The certificate may include additional sub-level labels in addition to
the required labels. More than one match string can be provided by using
semicolons to separate the strings (e.g., example.org;example.com).
When multiple strings are specified, a match with any one of the values
is considered a sufficient match for the certificate, i.e., the
conditions are ORed together. For example,
domain_suffix_match=example.com would match test.example.com but would
not match test-example.com. This field is like domain_match, but used
for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication.
domain_suffix_match2 - Constraint for server domain name. This field is
like domain_suffix_match, but used for phase 2 (inside
EAP-TTLS/PEAP/FAST tunnel) authentication.
Signed-off-by: David Lam <david@thedavid.net>
Network interfaces are looked up based on the device behind a phy, so the
phy needs to be checked separately
Signed-off-by: Felix Fietkau <nbd@nbd.name>
With this change the well known jshn library will be used, to build the
json arguments for the ubus sysupgrade method. This is also used in all
other shell program that uses JSON. This commit unifies that.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This activates PIE ASLR support by default when the regular option is
selected.
Size increase on x86/64:
odhcpd-ipv6only Installed-Size: 36821 -> 38216
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This activates PIE ASLR support by default when the regular option is
selected.
Size increase on x86/64:
procd Installed-Size: 44931 -> 47362
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This activates PIE ASLR support by default when the regular option is
selected.
Size increase on x86/64:
ubus Installed-Size: 5602 -> 5950
ubusd Installed-Size: 11643 -> 12119
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This activates PIE ASLR support by default when the regular option is
selected.
This increases the binary size by 39% uncompressed and 21% compressed
on MIPS BE.
old:
33,189 /usr/sbin/uhttpd
23,016 uhttpd_2019-08-17-6b03f960-4_mips_24kc.ipk
new:
46,212 /usr/sbin/uhttpd
27,979 uhttpd_2019-08-17-6b03f960-4_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
This activates PIE ASLR support by default when the regular option is
selected.
This increases the binary size by 26% uncompressed and 16% compressed
on MIPS BE.
old:
460,933 /usr/sbin/wpad
283,891 wpad-basic_2019-08-08-ca8c2bd2-1_mips_24kc.ipk
new:
584,508 /usr/sbin/wpad
330,281 wpad-basic_2019-08-08-ca8c2bd2-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
This activates PIE ASLR support by default when the regular option is
selected.
This increases the binary size by 18% uncompressed and 17% compressed
on MIPS BE.
old:
164,261 /usr/sbin/dropbear
85,648 dropbear_2019.78-2_mips_24kc.ipk
new:
194,492 /usr/sbin/dropbear
100,309 dropbear_2019.78-2_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
This activates PIE ASLR support by default when the regular option is
selected.
This increases the binary size by 37% uncompressed and 18% compressed
on MIPS BE.
old:
146,933 /usr/sbin/dnsmasq
101,837 dnsmasq_2.80-14_mips_24kc.ipk
new:
202,020 /usr/sbin/dnsmasq
120,577 dnsmasq_2.80-14_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
After kernel 4.9 has been removed, this removes all (now obsolete)
kernel version switches that deal with versions before 4.14.
Package kmod-crypto-iv is empty now and thus removed entirely.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Hardware:
SOC: Qualcomm IPQ4018
RAM: 128 MB Nanya NT5CC64M16GP-DI
FLASH: 16 MB Macronix MX25L12805D
ETH: Qualcomm QCA8075 (4 Gigabit ports, 3xLAN, 1xWAN)
WLAN: Qualcomm IPQ4018 (2.4 & 5 Ghz)
BUTTON: Shared WPS/Reset button
LED: RGB Status/Power LED
SERIAL: Header J8 (UART, Left side of board). Numbered from
top to bottom:
(1) GND, (2) TX, (3) RX, (4) VCC (White triangle
next to it).
3.3v, 115200, 8N1
Tested/Working:
* Ethernet
* WiFi (2.4 and 5GHz)
* Status LED
* Reset Button (See note below)
Implementation notes:
* The shared WPS/Reset button is implemented as a Reset button
* I could not find a original firmware image to reverse engineer, meaning
currently it's not possible to flash OpenWrt through the Web GUI.
Installation (Through Serial console & TFTP):
1. Set your PC to fixed IP 192.168.1.12, Netmask 255.255.255.0, and connect to
one of the LAN ports
2. Rename the initramfs image to 'C0A8010B.img' and enable a TFTP server on
your pc, to serve the image
2. Connect to the router through serial (See connection properties above)
3. Hit a key during startup, to pause startup
4. type `setenv serverip 192.168.1.12`, to set the tftp server address
5. type `tftpboot`, to load the image from the laptop through tftp
6. type `bootm` to run the loaded image from memory
6. (If you want to return to stock firmware later, create an full MTD backup,
e.g. using instructions here https://openwrt.org/docs/guide-user/installation/generic.backup#create_full_mtd_backup)
7. Transfer the 'sysupgrade' OpenWrt firmware image from PC to router, e.g.:
`scp xxx-squashfs-sysupgrade.bin root@192.168.1.1:/tmp/upgrade.bin`
8. Run sysupgrade to permanently install OpenWrt to flash: `sysupgrade -n /tmp/upgrade.bin`
Revert to stock:
To revert to stock, you need the MTD backup from step 6 above:
1. Unpack the MTD backup archive
2. Transfer the 'firmware' partition image to the router (e.g. mtd8_firmware.backup)
3. On the router, do `mtd write mtd8_firmware.backup firmware`
Signed-off-by: Tom Brouwer <tombrouwer@outlook.com>
[removed BOARD_NAME, OpenWRT->OpenWrt, changed LED device name to board name]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Keep up with a small amount of churn in the upstream repository.
Upstream now represents the version of CAKE as found in the linux kernel
from 4.19 onwards but with some compatibility stubs to allow building on
<4.19.
After a diversion related to an experimental ECN implementation which
has now been reverted, the important and relevant changes for us are:
8a8946b sch_cake: avoid possible divide by zero in cake_enqueue()
183b320 RFC 8622 diffserv3, 4 & 8 LE PHB support
6ff4561 sch_cake: Make sure we can write the IP header before changing DSCP bits
9fba602 sch_cake: Use tc_skb_protocol for getting packet protocol
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* systemd: update documentation URL
* global: bump copyright
Usual house keeping.
* Makefile: DEBUG_TOOLS -> DEBUG and document
* Makefile: port static analysis check
* dns-hatchet: adjust path for new repo layout
* Makefile: rework automatic version.h mangling
These are some important-ish cleanups for downstream package maintainers that
should make packaging this a lot smoother.
* man: add documentation about removing explicit listen-port
Documentation improvement.
* wg-quick: linux: quote ifname for nft
This should fix issues with weirdly named ifnames and odd versions of nft(8).
* fuzz: find bugs in the config syntax parser
* fuzz: find bugs when parsing uapi input
These are two fuzzers that have been laying around without a repo for a while.
Perhaps somebody with enough compute power will find bugs with them.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* socket: mark skbs as not on list when receiving via gro
Certain drivers will pass gro skbs to udp, at which point the udp driver
simply iterates through them and passes them off to encap_rcv, which is
where we pick up. At the moment, we're not attempting to coalesce these
into bundles, but we also don't want to wind up having cascaded lists of
skbs treated separately. The right behavior here, then, is to just mark
each incoming one as not on a list. This can be seen in practice, for
example, with Qualcomm's rmnet_perf driver. This lead to crashes on
OnePlus devices and possibly other Qualcomm 4.14 devices. But I fear
that it could lead to issues on other drivers on weird OpenWRT routers.
This commit is upstream in net-next as:
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=736775d06bac60d7a353e405398b48b2bd8b1e54
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
When running sysupgrade from an existing configuration, UCI option
dhcp.@dnsmasq[0].resolvfile needs to be modified in case it has not
been changed from it's original value.
Accomplish that using a uci-defaults script.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Without this commit, ft_psk_generate_local is enabled for non-PSK
networks by default. This breaks 802.11r for EAP networks.
Disable ft_psk_generate_local by default for non-PSK networks resolves
this misbehavior.
Reported-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Signed-off-by: David Bauer <mail@david-bauer.net>
Tested-by: Martin Weinelt <martin@darmstadt.freifunk.net>
This target is still on kernel 4.9, and it looks like there is no
active maintainer for this target anymore.
Remove the code and all the packages which are only used by this target.
To add this target to OpenWrt again port it to a recent and supported
kernel version.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This target seems to have been unmaintained for quite a while, and not a
single tester for the (now outdated) kernel 4.14 patches has been found.
Remove the code and all the packages which are only used by this target.
To add this target to OpenWrt again port it to a recent and supported
kernel version.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This adds support for kernel 4.14 to the target and directly make it the
default kernel version to use.
This patch is build-tested only, but has never been device-tested. It is
only added to preserve the changes in Git history prior to removing this
target. Use it with care.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
[rebased and extended commit message, refreshed patches for 4.14.162]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Previous commit should have bumped PKG_RELEASE, but git add was
forgotten... Add it now.
Fixes: cd48d8d342 ("dnsmasq: switch to /tmp/resolv.conf.d/resolv.conf.auto")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Mount-bind directory instead of resolv.conf.auto file in jail to
avoid problems when the file is deleted/replaced.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This is a backport from the dnsmasq master which should fix a bug which
could cause a crash in dnsmasq.
I saw the following crashes in my log:
[522413.117215] do_page_fault(): sending SIGSEGV to dnsmasq for invalid read access from 2a001450
[522413.124464] epc = 004197f1 in dnsmasq[400000+23000]
[522413.129459] ra = 004197ef in dnsmasq[400000+23000]
This is happening in blockdata_write() when block->next is
dereferenced, but I am not sure if this is related to this problem or if
this is a different problem. I am unable to reproduce this problem.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Add call to fclose for file pointer fp in function t_openpw.
The resource leak could happen during an error handling.
Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
78cd384 Update README and patchlevel.h for 2.4.8 release
5d03403 pppd: Avoid use of strnlen (and strlen) in vslprintf
a1e950a pppd: Fix IPv6 default route code for Solaris
ca5e61b plugins/rp-pppoe: Make tag parsing loop condition more accurate
c10c3c7 pppd: Make sure word read from options file is null-terminated
b311e98 pppd: Limit memory accessed by string formats with max length specified
3ea9de9 pppd: Eliminate some more compiler warnings
57edb1a pppd: Include time.h header before using time_t
09f695f pppd: Don't free static string
03104ba pppd.h: Add missing headers
388597e pppd: Add defaultroute6 and related options
66ce4ba pppd: Avoid declarations within statements in main.c
5637180 pppd: Fix `ifname` option in case of multilink (#105)
d00f8a0 pppd: Fix variable reference syntax in Makefile.linux
b6b4d28 pppd: Check tdb pointer before closing
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
If CONFIG_DROPBEAR_ZLIB is set, building fails at the packaging stage
due to an undeclared dependency on libz.so.1.
As is already done for the main dropbear package, conditionally add a
dependency on zlib.
Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
It seems the buildbots can't handle it.
Added a cmake option to find the cxxabi files as they are part of the
toolchain and not in the normal path. It doesn't seem to make a
difference, just gets rid of cmake warnings.
Added another small GCC warning fix. It's fairly minor.
This has no change in compiled size, and most likely no change in
behavior. Bumped the PKG_RELEASE anyway.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
These two hacks are no longer necessary as they've
been moved to a special variant of kmod-ath10k-ct.
So, if you have a device suffering from low-memory
situation and getting applications crashes due to
the OOM reaper or kernel panics with ath10k, please
use the "kmod-ath10k-ct-smallbuffers" package from
now on.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
iperf2 is useful for testing UDP over multicast, add an option to permit
the enabling/disabling of multicast support.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Changed standard to 2a. 2a (as well as 17) contain more constexpr
functions, which are evaluated at compile time. This saves space.
Added --gc-sections. With the CXXABI change, this now makes the package
smaller.
With these, size went down to 210845 on mipsel_24kc.
Also fixed two small compiler warnings. No real change in behavior.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Allows proper exception handling. This includes removing unimplemented
warnings.
File size increased as a result:
Before:
182874
After:
211006
On mipsel_24kc.
Note that this requires libsupc++ anyway. It's specified in g++-libcxx.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This reverts commit 10cbc896c0.
The updated iptables package does not build due to the following error
encountered on the buildbots:
cp: cannot stat '.../iptables-1.8.4/ipkg-install/usr/lib/libiptc.so.*': No such file or directory
The changelog mentions "build: remove -Wl,--no-as-needed and libiptc.so" so
it appears as if further packaging changes are needed beyond a simple
version bump.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Setting user and group for a jailed process caused the jail not to
come up. Fix this by passing user and group to ujail and change
user only once the jail has been setup.
This allows jailing services which refuse to run as root user.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This adds a (currently missing) throughput LED trigger for the rt2x00
driver. Previously, LED triggers had to be assigned to the netdev, which
was limited to a single VAP.
Signed-off-by: David Bauer <mail@david-bauer.net>
Tested-by: Christoph Krapp <achterin@googlemail.com>
b30e0df kmodloader: print an error when no kernel module dir can be found
17689b6 logread: add option to filter for facilities
c9ffeac kmodloader: added -v arg to modeprobe
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
As announced on the mailing list, WireGuard will be in Linux 5.6. As a
result, the wg(8) tool, used by OpenWRT in the same manner as ip(8), is
moving to its own wireguard-tools repo. Meanwhile, the out-of-tree
kernel module for kernels 3.10 - 5.5 moved to its own wireguard-linux-
compat repo. Yesterday, releases were cut out of these repos, so this
commit bumps packages to match. Since wg(8) and the compat kernel module
are versioned and released separately, we create a wireguard-tools
Makefile to contain the source for the new tools repo. Later, when
OpenWRT moves permanently to Linux 5.6, we'll drop the original module
package, leaving only the tools. So this commit shuffles the build
definition around a bit but is basically the same idea as before.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2a0a19168dce mt7603: remove vif sta from poll list on interface remove
dc14ac64e7f3 mt7615: remove vif sta from poll list on interface remove
d868638fdd96 mt76: remove obsolete .add_buf() from struct mt76_queue_ops
50b1e9bd25cd mt76: refactor cc_lock locking scheme
1987b741dac2 mt76: mt76x0: remove 350ms delay in mt76x0_phy_calibrate
c93a2d1c1304 mt76: mt76x02u: update ewma pkt len in mt76x02u_tx_prepare_skb
58e1e969f03e mt76: mt7615: remove unneeded semicolon
c14d6563c492 mt76: mt76x2e: disable pcie_aspm by default
f2be00b1011a mt76: dma: fix buffer unmap with non-linear skbs
20f05897873a mt76: mt76u: rely on usb_interface instead of usb_dev
3cbaf81a185e mt76: mt76u: rely on a dedicated stats workqueue
ea19cd7ac6c6 mt76: Remove set but not used variable 'idx'
a85c06cec844 mt76: use mt76_dev in mt76_is_{mmio,usb}
e0731a82a14f mt76: move SUPPORTS_REORDERING_BUFFER hw property in mt76_register_device
cfdb75124e7c mt76: mt7615: add ibss support
e2f90adcc3b1 mt76: move interface_modes definition in mt76_core module
5dfb0ec9c6d1 mt76: mt7615: disable radar pattern detector during scanning
7121e163c068 mt76: fix possible out-of-bound access in mt7615_fill_txs/mt7603_fill_txs
db78ee08d95e mt76: move mt76_get_antenna in mt76_core module
faf5e6fedd7e mt76: mt7615: read {tx,rx} mask from eeprom
44825e88a42d mt76: use rcu_read_lock_bh in mt76_dma_rx_poll
af83ee8de928 mt76: move initialization of some struct members to mt76_alloc_device
6493e234b40d mt76: introduce struct mt76_phy
ea46624355ec mt76: add support for an extra wiphy in the rx path
c5f1e83e30d4 mt76: add support for an extra wiphy in the main tx path
1d8011871458 mt76: add support for an extra wiphy in the tx status path
e5e755a7a6b0 mt76: add support for an extra wiphy in mt76_sta_state()
ee36c8e2170f mt76: move channel state to struct mt76_phy
d246beb23350 mt76: keep a set of software tx queues per phy
a3e88bcf17e8 mt76: move state from struct mt76_dev to mt76_phy
9cda51d195db mt76: move chainmask back to driver specific structs
df74d6993383 mt76: move txpower_conf back to driver specific structs
9e95fa6208a2 mt76: move txpower and antenna mask to struct mt76_phy
502d09a6e806 mt76: add multiple wiphy support to mt76_get_min_avg_rssi
842cae558b82 mt76: add priv pointer to struct mt76_phy
8ca04846857b mt76: add function for allocating an external wiphy
04cd17a64520 mt76: add ext_phy field to struct mt76_wcid
1c8d69e7d666 mt76: move ampdu_ref from mt76_dev to driver struct
e6659d12d01e mt76: mt7615: add dual-phy support for mac80211 ops
e5ea72ac7158 mt76: mt7615: add multiple wiphy support for smart carrier sense
bdcd45dd04e0 mt76: mt7615: add missing register init for dual-wiphy support
0954c37d015f mt76: mt7615: remove useless MT_HW_RDD0/1 enum
705a0fcdc3a5 mt76: mt7615: add multiple wiphy support to the dfs support code
849fefacc48a mt76: mt7615: rework chainmask handling
caa47af1d6f2 mt76: mt7615: add multiple wiphy support to the rx path
c5585a735864 mt76: mt7615: initialize dbdc settings on interface add
6265fd1954d7 mt76: mt7615: move radio/mac initialization to .start/stop callbacks
5725d1f919ff mt76: mt7615: select the correct tx queue for frames sent to the second phy
993683d62fb7 mt76: mt7615: add support for registering a second wiphy via debugfs
1456a53ddeb3 mt76: mt7615: update beacon contents on BSS_CHANGED_BEACON
ea41ad8bdb36 mt76: mt7615: defer mcu initialization via workqueue
59de6c9447a7 mt7615: replace sta_state callback with sta_add/sta_remove
88db676f8517 mt76: fix rx dma ring descriptor state on reset
fff2c07193bb Revert "mt76: use rcu_read_lock_bh in mt76_dma_rx_poll"
b3bf83d6da1c mt76: disable bh in mt76_dma_rx_poll
efcbee1d8bfc mt76: mt76x0u: do not reset radio on resume
5dc6f6fcc027 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174
84554a1fbb9a kernel: fix typos and some coding style in comments
a116b0a6afe9 mt76: fix possible undetected invalid MAC address
becdec318fce mt76: Off by one in mt76_calc_rx_airtime()
683eb244fa55 mt76: mt7603: reset STA_CCA counter setting the channel
812692db171c mt76: eeprom: add support for big endian eeprom partition
8b362382b10c mt76: mt7615: Fix build with older compilers
fc24815a2cb4 mt76: mt7615: report firmware version using ethtool
5cec93d57e6d mt76: mt76x02: fix coverage_class type
9354f0f41d1c mt76: mt7603: set 0 as min coverage_class value
a589d095eeb6 mt76: mt7615: add set_coverage class support
257c19f5b56f mt76: clear skb pointers from rx aggregation reorder buffer during cleanup
05c87a33831f mt76: do not overwrite max_tx_fragments if it has been set
05fa07c667f3 mt76: use AC specific reorder timeout
3ef5f3444a94 mt76: mt7615: measure channel noise and report it via survey
726fd501651a mt76: mt7615: increase MCU command timeout
99d8cd03edfa mt76: mt7603: fix input validation issues for powersave-filtered frames
32129af2604d net/wireless: Delete unnecessary checks before the macro call “dev_kfree_skb”
85a8abf80385 mt76: mt76x02: omit beacon slot clearing
8b5d3615e1c8 mt76: mt76x02: split beaconing
dc364547d91a mt76: mt76x02: add check for invalid vif idx
462a16e185e4 mt76: mt76x02: remove a copy call for usb speedup
fa24aba4c280 mt76: speed up usb bulk copy
6a84ad21306e mt76: mt76x02: add channel switch support for usb interfaces
09fcbc214b10 mt76: usb: use max packet length for m76u_copy
584c0784e019 mt76: mt76x02u: do not set NULL beacons
ca17e5657e8a mt76: mt76x02: minor mt76x02_mac_set_beacon optimization
d5fdd2e7ced8 mt76: mt7615: fix MT7615_CFEND_RATE_DEFAULT value
ae25a4bf99a9 mt76: mt7615: introduce LED support
cd759b00cc06 mt76: mt76x02: simplify led reg definitions
cf00467c5de4 mt76: mt7603: simplify led reg definitions
1c8e76f4de3e mt76: fix compilation warning in mt76_eeprom_override()
960f5cc2390b mt76: mt76u: fix endpoint definition order
15e1c29ed8e3 mt76: mt7615: add missing settings for simultaneous dual-band support
e09b9f61eeb3 mt76: mt7615: rework set_channel function
4cb1195a1530 mt76: mt7615: add set_antenna callback
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Contains following changes:
a1523d76b016 fix blob parsing vulnerability by using blob_parse_untrusted
c60583743ccf ubus_monitor: workaround possibly false positive uses of memory after it is freed
dac6c7c575ac ubusd_monitor: fix possible null pointer dereference
060dfbb26da3 ubus_common: remove duplicate ARRAY_SIZE and add missing include
c5f2053dfcfd workaround possibly false positive uses of memory after it is freed
72be8e93f07d lua: ubus_lua_do_subscribe: fix copy&paste error
a995b1e68129 lua: workaround false positive dereference of null pointer
08f17c87a000 add fuzzer and cram based unit tests
c413be9b376c refactor ubusd.c into reusable ubusd_library
afd47189e864 examples: remove dead increments
b2e544238672 add initial GitLab CI support
058f4e9526ed libubus: fix incompatible pointer types assigment
d2e026a33df8 iron out all extra compiler warnings
5d7ca8309d0a ubusd/libubus-io: fix variable sized struct position warning
d61282db5640 ubusd: fix comparison of integers of different signs
90fb16234c22 cmake: enable extra compiler checks
and bumps ABI_VERSION to 20191219.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
14a279411cff fix certificate blob parsing vulnerability by using blob_parse_untrusted
19a7225ac018 fix leaking memory in cert_dump_blob
9dba44ddd4f5 fix possibly garbage value returned in cert_process_revoker
4462ff9dedfa add cram based unit tests
5fe64b5606aa cmake: split usign bits into static library
5d7626a2b6d8 cmake: reindent the file
e284ed941972 cmake: enable hardening compiler flags and fix the reported issues
7e5390666347 add initial GitLab CI support
fa0bf4ef45b1 cmake: add proper include and library dependencies
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Contains following changes:
eb7eb6393d47 blobmsg: fix array out of bounds GCC 10 warning
86f6a5b8d1f1 blobmsg: reuse blobmsg_namelen in blobmsg_data
586ce031eaa0 tests: fuzz: fuzz _len variants of checking methods
b0e21553ae8c blobmsg: add _len variants for all attribute checking methods
cd3059796a57 Replace use of blobmsg_check_attr by blobmsg_check_attr_len
143303149c8b Ensure blob_attr length check does not perform out of bounds reads
f2b2ee441adb blobmsg: fix heap buffer overflow in blobmsg_parse
4dfd24ed88c4 blobmsg: make blobmsg_len and blobmsg_data_len return unsigned value
2df6d35e3299 tests: add test cases for blobmsg parsing
8a34788b46c4 test: fuzz: add blobmsg_check_attr crashes
478597b9f9ae blob: fix OOB access in blob_check_type
325418a7a3c0 tests: use blob_parse_untrusted variant
0b24e24b93e1 blob: introduce blob_parse_untrusted
6d27336e4a8b blob: refactor attr parsing into separate function
833d25797b16 test: fuzz: add blob_parse crashes
09ee90f8d6ed tests: add test cases for blob parsing
436d6363a10b tests: add libFuzzer based tests
bf680707acfd tests: add unit tests covered with Clang sanitizers
f804578847de cmake: add more hardening compiler flags
46f8268b4b5b blobmsg/ulog: fix format string compiler warnings
eb216a952407 cmake: use extra compiler warnings only on gcc6+
and bumps ABI_VERSION to 20191226.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
edad0d6 version: bump snapshot
0e38a3c compat: ipv6_dst_lookup_flow was backported to 5.3 and 5.4
2e52c41 wg-quick: linux: use already configured addresses instead of in-memory
3721521 tools: adjust wg.8 syntax for consistency in COMMANDS section
21a1498 wg-quick: linux: try both iptables(8) and nft(8) on teardown
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
According to many bugreports [0][1][2] the default ath10k-ct kernel
module is unusable on devices with just 64 MiB RAM or with 128 MiB and
dual ath10k cards. The target boards boot but eventually oom-killer
starts to interfere with normal operation, so the current state is
effectively broken.
Since the two patches in question have a performance impact (and
possibly some other unexpected side-effects) a dedicated build variant
is added so that users of the low RAM devices can still benefit from all
the ath10k-ct advantages.
According to testing [3] results, the issue can be experienced even with
"a 256MB device with three radios". Measured performance impact of
implementing small buffers was lowering "the maximum 5 GHz throughput on
an IPQ40xx device without RPS/XPS optimizations from 494/432 Mbit/s for
TCP transfers (download/upload) to 438/343 Mbit/s"
The patches were apparently inspired by QSDK tweaks used by ODMs for the
affected devices.
[0] http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020573.html
[1] https://github.com/openwrt/openwrt/pull/1077
[2] https://bugs.openwrt.org/index.php?do=details&task_id=2664
[3] https://github.com/freifunk-gluon/gluon/pull/1440#issue-195607701
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
[Remove double CONFIG_ATH10K-CT_LEDS entry]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Don't build with uClibc-ng. It's totally unsupported as several functions
are missing.
Make the musl libc support conditional.
Fix hash with make check FIXUP=1. Apparently I based the Makefile off of
libedit and forgot to fix the hash.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fixes: 856ea2bad3 ("libcxx: Add package")
Unloading and reloading the modules fails, as platform_device_put() does not
release resources fully.
root@OpenWrt:/# insmod i2c-gpio-custom bus0=0,18,0,5
[ 196.860620] Custom GPIO-based I2C driver version 0.1.1
[ 196.871162] ------------[ cut here ]------------
[ 196.880517] WARNING: CPU: 0 PID: 1365 at fs/sysfs/dir.c:31 0x80112158
[ 196.893431] sysfs: cannot create duplicate filename '/devices/platform/i2c-gpio.0'
...
[ 197.513200] kobject_add_internal failed for i2c-gpio.0 with -EEXIST, don't try to register things with the same name in the same directory.
This patch fixes it by replacing platform_device_put() to
platform_device_unregister().
Fixes: da77408537 ("i2c-gpio-custom: minor bugfix")
Fixes: 3bc81edc70 ("package: fix w1-gpio-custom package (closes#6770)")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
The rpcd service is an important service, but if the service stops
working for any reason, no one will ever respawn that service. With this
commit, the procd service will monitor if the rpcd service
is running. If the rpcd service has crashed, then
procd respawns the rpcd service.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The USB descriptor parsing in adb fails to detect SuperSpeed devices
because of the SuperSpeed Endpoint Companion Descriptor. This
cherry-picks the upstream fix for the problem.
Unfortunately there never were a release with this fix before the
conversion to C++, so upgrading to a newer version isn't an option.
This makes adb work with SuperSpeed devices like the Sierra Wireless
EM7565. Tested and verified.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
- both packages provide ca-certs
- make ca-bundle the default provider
This should allow easy transition between these two forms of CA certificates storage
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
Currently in OpenWrt, there are two libc++: libstdcpp and uClibc++. The
former is huge and the latter supports only C++98 with some basic support
for C++11. Those C++ versions seem to be specific to the compiler version
libcxx supports C++11 and above while being much smaller than libstdcpp.
On mt7621, these are the sizes of the ipks that I get:
libstdcpp: 460786
libcxx: 182881
uClibc++:67720
libcxx is faster than uClibc++ and is under active development as part of
the LLVM project while uClibc++ is effectively dead.
This PR modifies uclibc++.mk to expose the make menuconfig option. Further
cleanup is beyond the scope of this PR. What that means is, this is not
used by default.
A g++-libcxx wrapper based on the uClibc++ one was added. Works the same
way.
Compile tested with all packages that use uclibc++.mk in their Makefiles
under mipsel_24kc. kismet fails compilation but that package needs to be
cleaned up and updated.
Runtime tested with gddrescue, gdisk, dcwapd, bonnie++, and aircrack-ng
on a TP-Link Archer C7v2.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The release notes since last time for wave-1:
* No changes to wave-1, but I make a version .014 copy anyway to keep
the makefile in sync.
The release notes since last time for wave-2:
* December 16, 2019: Wave-2 has a fix to make setting txpower work
better. Before setting the power was ignored at
least some of the time (it also appeared to work
mostly, so I guess it was being correctly set in
other ways).
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Was inadvertantly missed from the inital forward port from ar71xx to
ath79.
Fixes: 1588114cf2 ("ath79: add etactica-eg200 support")
Signed-off-by: Karl Palsson <karlp@etactica.com>
[commit description/subject facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The preinit network initialisation and failsafe informational message
are inherently racy as the interface takes some time to become
functional after "ip link set $pi_ifname up" command.
Consider this timing:
[ 12.002713] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
[ 12.008819] IPv6: ADDRCONF(NETDEV_UP): eth1.1: link is not ready
[ 12.118877] random: procd: uninitialized urandom read (4 bytes read)
[ 13.068614] eth1: link up (1000Mbps/Full duplex)
[ 13.073309] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
[ 13.080445] IPv6: ADDRCONF(NETDEV_CHANGE): eth1.1: link becomes ready
Since the UDP message was sent prior to link becoming ready, it was
never seen on the wire.
The default failsafe timeout is set to 2 seconds, so with this patch
there are two attempts to send the message, one spent in vain, and the
other visible in tcpdump on an attached host. Of course, in cases when
the interface is brought up faster it leads to two messages, however it
should be harmless. This patch (almost) doesn't affect normal boot time
while still allowing to enter failsafe reliably with a single button
press, matching the official "generic failsafe" documentation.
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
iputils has moved from the master tree to the packages feed, and is
switching from the abandoned skbuff.net upstream to
github.com/iputils/iputils.
Ref: https://git.openwrt.org/556698cedf9e86a0ffe9f148d4e8e733676c26f6
Signed-off-by: Petr Štetiar <ynezz@true.cz>
- usb-dwc3-of-simple is not used anymore as we have qcom dedicated driver
- usb-phy-qcom-dwc3 is not dependent of dwc3-of-simple
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
This update doesn't include:
3b1e0a7bdfee brcmfmac: add support for SAE authentication offload
be898fed355e brcmfmac: send port authorized event for FT-802.1X
due to nl80211 dependencies.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This package contains nvram files for brcmfmac, a mac80211 driver for FullMAC
Cypress devices.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
1ec6ece version: bump snapshot
e13de91 main: remove unused include <linux/version.h>
72eb17c wg-quick: linux: support older nft(8)
1d8e978 global: fix up spelling
e02713e wg-quick: linux: add support for nft and prefer it
b4e3a83 compat: support building for RHEL-8.1 instead of RHEL-8.0
f29e3ac socket: convert to ipv6_dst_lookup_flow for 5.5
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
In the rare event a pre-populated fw_env.config exists in the rootfs prior
to firstboot, calling fw_setenv after the system has initialised will
annihilate the devices environment due to two identical lines in
fw_env.config.
Check for existence prior to blind appendage.
Signed-off-by: Imran Khan <gururug@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: fixed patch format, improved grep, cosmetics]
With this patch, txpower for the PHY is applied when configuring the PHY
instead of the VIF. Otherwise, the configured txpower is not applied for
the first initialized VIF when using DFS channels, as it is currently
applied too early when the CAC hasn't finished.
Reported-by: Martin Weinelt <martin@darmstadt.freifunk.net
Signed-off-by: David Bauer <mail@david-bauer.net>
Tested-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Hardware:
Allwinner H3 upto 1.2GHz
512MB DDR3 RAM
8GB on-board eMMC - mountable, can be used as boot with custom boot.scr
microSD-card slot
WiFi 802.11n (AP6212A) - working
Bluetooth (AP6212A) - not working for now
Micro-USB OTG + 2*USB headers
UART 3.3V - working
GPIO/I2C/SPI 2.54mm headers
Standard sunxi SD-card installation procedure - copy image to SD card,
insert in into slot and boot. First time you will need UART adapter to
enable on-board wireless (or just build custom image with enabled WiFi).
To boot from eMMC:
- boot from SD
- copy SD image to emmc (dd bs=... if=.... of=/dev/mmcblk2)
- mount eMMC boot partition and replace boot script on it
- unmount, reboot
To use i2c, spi and more uarts - replace dtb on boot partition with
fixed one (use dtc or fdt-tools).
Signed-off-by: Roman Bazalevsky <rvb@rvb.name>
[rebase onto device name consolidation patches]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This changes device definition to resemble the vendor_device scheme
already present for the majority of device compatible strings.
By doing this, we achieve several advantages at once:
- Image names and node names are more consistent with other targets.
- SUPPORTED_DEVICES can be set automatically for all but two cases.
- Image names and node names are in line with DEVICE_TITLEs.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The release notes since last time for wave-1:
* November 29, 2019: Fix IBSS merge issue, related to TSF id leakage bug in firmware code.
Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test.
The release notes since last time for wave-2:
* December 6, 2019: Fix 160Mhz problem caused by logic that did not take into account the fact that
160Mhz has only 1/2 of the NSS of lower bandwidths in the rate table.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
If no AP is configured, hostapd-${phy}.conf is not being created,
hence md5sum fails and causes log pollution:
netifd: radio1 (3183): md5sum: can't open '/var/run/hostapd-phy1.conf': No such file or directoy
Hence make sure the file exists when calling md5sum.
Fixes: a5bc9787d4 ("mac80211: add support for dynamically reconfiguring wifi")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Before commit 60fb4c92b6 ("hostapd: add ubus reload") netifd was
tracking hostapd/wpa_supplicant and restarting wifi in case of a
process crash. Restore this behaviour by tracking the PIDs of
hostapd and wpa_supplicant.
Also make sure hostapd and/or wpa_supplicant have been started before
emmitting ubus calls to them using ubus wait_for.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
In addition to wpa_supplicant and hostapd managed interfaces, also
track unmanaged interfaces. This is used to make sure that running
'wifi' always returns into a clean state regardless of what the user
did before.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Allows graceful restart of crashing hostapd/wpa_supplicant instances
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: attempt to launch only present services]
This enables the CTRL_IFACE_MIB symbol for wpad-full and hostapd-full.
If it is not enabled, statistic outputs such as "hostapd_cli all_sta"
are empty.
Signed-off-by: David Bauer <mail@david-bauer.net>
Update iproute2 to latest stable version, see https://lwn.net/Articles/805654/
for the changes in 5.4.0
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* wg-quick: linux: suppress error when finding unused table
This fixes a spurious warning messages seen with recent versions of iproute2
and kernels.
* wg-quick: linux: ensure postdown hooks execute
* wg-quick: linux: have remove_iptables return true
* wg-quick: linux: iptables-* -w is not widely supported
Adding in iptables had some hiccups. For the record, I'm very unhappy about
having to put any firewalling code into wg-quick(8). We'll of course need to
support nftables too at some point if this continues. I'm investigating with
upstream the possibility of adding a sysctl to patch the issue that iptables
is handling now, so hopefully at somepoint down the line we'll be able to shed
this dependency once again.
* send: use kfree_skb_list
* device: prepare skb_list_walk_safe for upstreaming
* send: avoid touching skb->{next,prev} directly
Suggestions from LKML.
* ipc: make sure userspace communication frees wgdevice
Free things properly on error paths.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
IPv6 protocol is enabled on all gre interfaces, but gre(v6)tap
interfaces are usually added to a bridge interface, in which case
IPv6 should be enabled only on the bridge interface.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
The Owl Loader (named after the codename that Atheros gave
these devices back in the day) has been accepted upstream.
This patch removes the "misc" driver OpenWrt had and adds
the remaining differences against the version that ships
with 5.4-rc1 into a separate "120-owl-loader-compat.patch"
file that can be cut down once AR71XX is being dealt with.
Note: I decided to keep the existing (kmod-)owl-loader
package name around for now. The kernel module file in
the kmod package will be called ath9k_pci_owl_loader.ko
though.
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This reverts commit 8176431963 ("mt76: probe load mt7615 driver
asynchronously"). After said commit, users report that MT7615 no longer
works on boot and they have to manually enable WiFi (via command "wifi") to
make it working again.
Fixes: FS#2546
Ref: https://forum.openwrt.org/t/xiaomi-r3p-no-wifi-on-boot/45509
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
[commit description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This also fixes mac80211_prepare_vif iw set channel in monitor or
mesh mode.
Signed-off-by: Santiago Piccinini <spiccinini@altermundi.net>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: fixed commit message]
e4bd927 cast ucert_argv to proper type when passing to execv
Fixes warnings:
warning: passing argument 2 of 'execv' from incompatible pointer type
[-Wincompatible-pointer-types]
254 | execv(usign_argv[0], usign_argv)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* messages: recalculate rekey max based on a one minute flood
* allowedips: safely dereference rcu roots
* socket: remove redundant check of new4
* allowedips: avoid double lock in selftest error case
* tools: add syncconf command
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
07413cce72e1 tests: jshn: add more test cases
26586dae43a8 jshn: fix missing usage for -p and -o arguments
8e832a771d3a jshn: fix off by one in jshn_parse_file
cb698e35409b jshn: jshn_parse: fix leaks of memory pointed to by 'obj'
c42f11cc7c0f jshn: main: fix leak of memory pointed to by 'vars'
93848ec96dc5 jshn: refactor main into smaller pieces
9b6ede0e5312 avl: guard against theoretical null pointer dereference
c008294a8323 blobmsg_json: fix possible uninitialized struct member
0003ea9c45cc base64: fix possible null pointer dereference
8baeeea1f52d add assert.h component
b0a5cd8a28bf add cram based unit tests
1fefb7c4d7f9 add initial GitLab CI support
c955464d7a9b enable extra compiler checks
6228df9de91d iron out all extra compiler warnings
Signed-off-by: Petr Štetiar <ynezz@true.cz>
41060943 Bump up version number to 1.40.0, LT revision to 33:0:19
5ae9bb89 Fail fast if huffman decoding context is in failure state
bb519154 Merge pull request #1413 from nghttp2/check-authority
77f5487a Add nghttp2_check_authority as public API
db9a8f6e Merge pull request #1409 from nghttp2/fix-wrong-stream-close-error-code
6f28a69b Merge pull request #1411 from richard78917/fix_warning
6ce4835e Fix the bug that stream is closed with wrong error code
29042f1c priority_spec::valid(): remove const qualifier from return value
d08c4395 Merge pull request #1405 from nghttp2/huffman
5d6964cf Faster huffman decoding
0d855bfc Faster huffman encoding
6f967c6e Fix errors reported by coverity scan
b8a43db8 Merge pull request #1394 from wrowe/fix-static-libname
70b62c1a Merge pull request #1393 from wrowe/fix-static-msvcrt
28b1f0b9 Avoid filename collision of static and dynamic lib
1dd966f1 Merge branch 'fix-nghttpx-mruby'
fe8946dd nghttpx: Fix bug that mruby is incorrectly shared between backends
72b71a6b Add new flag ENABLE_STATIC_CRT for Windows
f8933fe5 nghttpx: Reconnect h1 backend if it lost connection before sending headers
89c33d69 Update neverbleed
7079dc5e Update neverbleed to fix memory leak
5080db84 Revert "nghttpx: Reconnect h1 backend if it lost connection before sending headers"
053c7ac5 nghttpx: Returns 408 if backend timed out before sending headers
8a59ce6d nghttpx: Reconnect h1 backend if it lost connection before sending headers
f2fde180 Remove redundant null check before delete
95efb3e1 Don't read too greedily
0a6ce87c Add nghttp2_option_set_max_outbound_ack
2aa79fa9 Bump up LT revision to 32:0:18
3980678d Merge branch 'nghttpx-fix-request-stall'
319d5ab1 nghttpx: Fix request stall
448bbbc3 integration-tests: gofmt
e575a2aa Merge pull request #1377 from Aldrog/cmake_systemd
4f7aedc9 cmake: Support building nghttpx with systemd
7a590893 Fix clang-8 warning
ee443134 Fix FPE with default backend
abef9b90 Fix log-level is not set with cmd-line or configuration file
12a999f0 Bump up version number to 1.40.0-DEV
acfb3607 Update manual pages
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
netifd does not handle network.@device[x].name properly if it
contains multiple ifaces separated by spaces. Due to this, board.d
lan_mac setup does not work if multiple ifaces are set to LAN by
ucidef_set_interface_lan.
To fix this, create a device node for each member iface when
running config_generate instead. Those are named based on the
member ifname:
ucidef_set_interface_lan "eth0 eth1.1"
ucidef_set_interface_macaddr "lan" "yy:yy:yy:yy:yy:01"
will return
config device 'lan_eth0_dev'
option name 'eth0'
option macaddr 'yy:yy:yy:yy:yy:01'
config device 'lan_eth1_1_dev'
option name 'eth1.1'
option macaddr 'yy:yy:yy:yy:yy:01'
ref: https://github.com/openwrt/openwrt/pull/2542
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
[always use new scheme, extend description, change commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Commit b3d8b3a introduced a new test:
[ -n "$noscan" -a "$noscan" -gt 0 ] && hostapd_noscan=1
But if length of "$noscan" is zero (noscan is not set) this doesn't stop
the shell to evaluate the rest of the test.
root@hank2:~# [ -n "$noscan" -a "$noscan" -gt 0 ]
ash: out of range
root@hank2:~#
So when radios are brought up this shows in the log:
Sat Nov 23 10:51:38 2019 daemon.info procd: - init complete -
Sat Nov 23 10:52:24 2019 daemon.notice netifd: radio1 (1243): sh: out of range
Sat Nov 23 10:52:25 2019 user.notice firewall: Reloading firewall due to ifup of wan (eth0.2)
Sat Nov 23 10:52:25 2019 daemon.notice netifd: radio0 (1242): sh: out of range
Sat Nov 23 10:52:26 2019 authpriv.info dropbear[1536]: Not backgrounding
This commit sets noscan to 0 if unset and removes the gratuitous length
check, preventing the warning.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
dnsmasq v2.80 made 'dnssec-check-unsigned' the default, thus the uci
option was rendered ineffectual: we checked unsigned zones no matter the
setting.
Disabling the checking of unsigned zones is now achieve with the
"--dnssec-check-unsigned=no" dnsmasq option.
Update init script to pass required option in the disabled case.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
This updates mac80211 to backports based on kernel 5.4-rc8.
The deleted patches were applied upstream.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
8174814 utils: persist effective extra_src and extra_dest options in state file
72a486f zones: fix emitting match rules for zones with only "extra" options
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This backports a patch to build it work with python2 in addition to
python3.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
* add u-boot support for uDPU
* add line to copy u-boot binary to STAGING_DIR_IMAGE, this can later be used
as BL33 variable required for ATF build
* add patch to increase max gunzip size in mvebu_armada-37xx.h which is
required for booting the itb recovery images
Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
ATF mvebu is required for building a functional bootloader for A7K/A8K and
A37xx platforms. uDPU device is added as the first target.
A3700 platform has a wide range of settings which can be used per device, so
options are defined under the Device sections.
Platform also required WTP (recovery) tools and mv-ddr package for the DDR
topology configuration. 32-bit cross compiler is used for building the WTMI
image.
After the build, flash-image.bin can be used with the bubt command from the
u-boot shell to flash the new version of u-boot.
Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
Change dhcp no/release on shutdown to 'norelease' uci option to match
existing proto dhcpv6 usage.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
All patches have been dropped, they're either redundant (e.g. due to the
new and unset CONFIG_SPL_FAT_WRITE), break compilation (thumb hacks) or
have been applied upstream.
The defconfig for am335x_boneblack has been removed upstream [0], so use
am335x_evm for boneblack too.
Size changes (before, after, file):
ti_am335x-evm and ti_am335x-bone-black:
79804 110832 MLO
623836 756148 u-boot.img
ti_omap3-beagle:
54148 57708 MLO
496272 665728 u-boot.img
ti_omap4-panda:
39356 40204 MLO
284648 366672 u-boot.img
Tested on boneblack, which has the biggest spl size increase. The beagle and
panda spl sizes seem reasonable to not break booting.
[0] 8fa7f65dd0
Signed-off-by: Andre Heider <a.heider@gmail.com>
This potentially fixes some issues seen on IBSS
when interfaces go out of range and then re-appear.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
The skb_get_hash_perturb() function now takes a siphash_key_t instead of
an u32. This was changed in commit 55667441c84f ("net/flow_dissector:
switch to siphash"). Use the correct type in the fq header file
depending on the kernel version.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Keep existing wdev when creating new nl80211 interfaces if phy and
type match, delete it otherwise.
To make this work, also remove left-over debugging function which
prevented the return-value of the 'iw' command to be taken into
account in mac80211_iw_interface_add().
As 4addr-mode (WDS) was setup during interface creation for station
interfaces, also set it after interface creation to make sure an
existing sta interface ends up with the right mode.
Fixes: a5bc9787d4 ("mac80211: add support for dynamically
reconfiguring wifi")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
8dd50da20de0 lua: fix error handling
a2cab3b088a2 ucimap: fix possible use of memory after it is freed
9cf978bc7964 delta: prevent possible null pointer use
7736f497d2d9 cli: remove unused variable assigment
39093f3b040d lua: fix memory leak in set method
19ceff323f1e lua: fix memory leak in changes method
18049a84fe40 tests: add cram based unit tests
2b549cc050de lua: fix copy&paste in error string
f5dd5217d627 cli: fix realloc issue spotted by cppcheck
af59f86a0db9 iron out all extra compiler warnings
1637d2918692 tests: shunit2: run all tests under Valgrind by default
c1af73bfb023 cmake: enable extra compiler checks
be69504e3666 cmake: build Lua module only if enabled
38a2f12ec5ab tests: shunit2: fix issues reported by shellcheck
266fc9e94c1e add initial GitLab CI support
17d6144a49c6 tests: shunit2: make it working under CMake
a6e8bbefd860 cmake: add unit testing option and shunit2 tests
0ca93fec701a test: move shunit2 tests under standalone subdirectory
Signed-off-by: Petr Štetiar <ynezz@true.cz>
0219008cc876 remove never used err variable assignment disliked by scan-build
7ce813fcd667 silence use after the free clang analyzer warning
1f73b6a8e678 use offsetof macro to make scan-build happy
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Commit ed5b9129d7 ("base-files: implement generic service_running")
has added EXTRA_HELP variable, thus overriding already available
EXTRA_HELP text available in other init scripts, resulting in the
missing help text from services like dropbear for example.
So fix this regression by appending EXTRA_HELP text provided by the
other init scripts into the one provided by the script itself.
Fixes: ed5b9129d7 ("base-files: implement generic service_running")
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
[commit title/description facelift, fixes tag, fixed From:, pkg bump]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
AutoLoad parameter must match the exact kernel module name. Fix it.
Fixes: 125f1ce9ad ("kernel: video: add DRM core and IMX DRM support for HDMI/LVDS")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Changes introduced for dynamic wifi reconfiguration left behind
unmanaged interface types. Restore parts of the old function to
also clean (unencrypted, non-DFS) mesh and ad-hoc interfaces.
Fixes: a5bc9787d4 ("mac80211: add support for dynamically
reconfiguring wifi")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The GL.iNet GL-AR750S has been supported by the ar71xx and ath79
platforms with access to its 16 MB NOR flash, but not its 128 MB
SPI NAND flash.
This commit provides support for the NAND through the upstream
SPI-NAND framework.
At this time, the OEM U-Boot appears to only support loading the
kernel from NOR. This configuration is preserved as this time,
with the glinet,gl-ar750s-nand name reserved for a potential,
future, NAND-only boot.
The family of GL-AR750S devices on the ath79 platform now includes:
* glinet,gl-ar750m-nor-nand "nand" target
* glinet,gl-ar750m-nor "nand" target (NAND-aware)
NB: This commit increases the kernel size from 2 MB to 4 MB
"Force-less" sysupgrade is presently supported from the current
versions of following NOR-based firmwre images to the version of
glinet,gl-ar750s-nor firmware produced by this commit:
* glinet,gl-ar750s -- OpenWrt 19.07 ar71xx
* glinet,gl-ar750s -- OpenWrt 19.07 ath79
Users who have sucessfully upgraded to glinet,gl-ar750m-nor may then
flash glinet,gl-ar750m-nor-nand with sysupgrade to transtion to the
NAND-based variant.
Other upgrades to these images, including directly to the NAND-based
glinet,gl-ar750s-nor-nand firmware, can be accomplished through U-Boot.
NB: See "ath79: restrict GL-AR750S kernel build-size to 2 MB" which
enables flashing of NAND factory.img with the current GL-iNet U-Boot,
"U-Boot 1.1.4-gcf378d80-dirty (Aug 16 2018 - 07:51:15)"
The GL-AR750S OEM U-Boot allows upload and flashing of either NOR
firmware (sysupgrade.bin) or NAND firmware (factory.img) through its
HTTP-based GUI. Serial connectivity is not required.
The glinet,gl-ar750s-nor and glinet,gl-ar750s-nor-nand images
generated after this commit flash each other directly.
This commit changes the control of the USB VBUS to gpio-hog from
regulator-fixed introduced by commit 0f6b944c92. This reduces the
compressed kernel size by ~14 kB, with no apparent loss of
functionality. No other ath79-nand boards are using regulator-fixed
at this time.
Note: mtd_get_mac_binary art 0x5006 does not return the proper MAC
and the GL.iNet source indicates that only the 0x0 offset is valid
The ar71xx targets are unmodified.
Cc: Alexander Wördekemper <alexwoerde@web.de>
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
The GL.iNet GL-AR300M series of devices includes variants without NAND
and only the 16 MB NOR flash. These include the GL-AR300M16 and the
GL-AR300M-Lite (already with its own board name).
This board-name addition provides disambiguation from the NAND-bearing
GL-AR300M devices, both for OpenWrt code and for end users.
Kernel and firmware support for NAND and UBI will add ~320 kB to the
overall firmware size at this time. This NOR-only option continues to
provide more compact firmware for both the GL-AR300M16 as well as
those who wish to use it as an alternate or primary, NOR-resident
firmware on the GL-AR300M.
The ar71xx targets are unmodified.
Installation
------------
Install through OEM U-Boot (HTTP-based) or `sysupgrade --force` when
booted from NOR and running OEM or OpenWrt, NOR-based firmware.
As one of the intentions is disambiguation from NAND-bearing units,
users who have flashed this firmware onto a device with NAND would
need to use U-Boot or `sysupgrade --force` to flash firmware that
again supports NAND.
There are no additional SUPPORTED_DEVICES as it is not possible to
determine if a device does or does not have NAND based on
either the OEM's or OpenWrt's board names prior to this patch.
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Discovered recent changes had broken sysupgrade for ar71xx mikrotik
rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after
switching to tmpfs.
Signed-off-by: Russell Senior <russell@personaltelco.net>
uci-defaults are sourced and non-executable, so they do not require
a shebang.
While at it, apply consistent naming scheme.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Now that netifd and hostapd allow dynamic reconfiguration, add a
command to trigger it.
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Change scripts to use ubus interface of hostapd/wpa_supplicant to
add/remove/modify wireless interfaces instead of (re-)starting the
services.
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add ubus interface to hostapd and wpa_supplicant to allow dynamically
reloading wiface configuration without having to restart the hostapd
process.
As a consequence, both hostapd and wpa_supplicant are now started
persistently on boot for each wifi device in the system and then
receive ubus calls adding, modifying or removing interface
configuration.
At a later stage it would be desirable to reduce the services to one
single instance managing all radios.
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
7a723d0 wireless: add ubus method for reloading configuration
e15147c wireless: make reconf opt-in and allow serializing configuration
Set new option 'reconf' in 'wifi-device' section to enable dynamic
re-configuration on that radio.
If necessary, also set option 'serialize' which forced netifd to
configure interfaces of wireless devices one-by-one.
Both options are disabled by default.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Includes following changes:
9d9d4c284786 fix possible garbage in unitialized char* struct members
dbc1b1b71b24 fix possible copy of null buffer and validation of unitialized header
76d53deef8bb crc32: add missing stdint.h dependency
e5666ed3b47c add cram based unit tests
abe0cf7de053 add initial GitLab CI support
e43042507b4f iron out extra compiler warnings
5df0cd6e1523 convert into CMake project
a7dc0526f819 refactor into separate Git project
adds missing PKG_LICENSE field and converts the package build to utilize
CMake.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Instead of depending on kmod-usb2 make it depend on the normal USB
dependencies. This should hopefully fix some problems seen in the build
bot builds for powerpc_8540.
In addition also activate DRIVER_11N_SUPPORT support.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
lib and includedir point to the host, not staging_dir.
Note that prefix and exec_prefix is overriden to point to staging_dir.
As CMAKE_INSTTALL is passed, switched InstallDev to use cmake.mk's rule.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
includedir and libdir are set to /usr/include and /usr/lib . This breaks
compilation with packages such as tmux that use pkgconfig to find libevent
Also added PKG_LICENSE_FILES.
Simplified the InstallDev section by using cmake.mk's default rule.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Forward the OpenWrt TARGET_LDFLAGS to the linker of the fw_printenv tool.
In addition also use the more standard make invocation script.
With this change the fw_printenv tool is built with PIE and Full RELRO
support when activated globally in OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Update busybox to 1.31.1
Small bug fix release. Fixes for dc, ash (PS1 expansion fix),
hush, dpkg-deb, telnet and wget.
No need to refresh patches or config.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Now that 'start-console' procd command has reached the main repo,
we can add a rule to start consoles on serial devices which are
created when USB gadget driver reports creation with hotplugging.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Also update the U-Boot BSP patch for I2SE Duckbill devices.
Run tested on I2SE Duckbill and Olimex OLinuXino Maxi boards.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This decreases the size of the usign application by 16% on MIPS BE.
old:
24,597 /usr/bin/usign
new:
20,501 /usr/bin/usign
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This decreases the size of the swconfig application by 25% on MIPS BE.
old:
16,916 /sbin/swconfig
new:
12,565 /sbin/swconfig
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This decreases the size of the mtd application by 25% on MIPS BE.
old:
20,597 /sbin/mtd
new:
16,421 /sbin/mtd
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This decreases the binary size when PIE ASLR is activated by 8% on MIPS BE.
old:
202,020 /usr/sbin/dnsmasq
new:
185,676 /usr/sbin/dnsmasq
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Commit ad7c6102f2 ("busybox: fix missing install with suid bit set if
FEATURE_SUID=y") actually fixes BUSYBOX_CONFIG_FEATURE_SUID option and
thus would install busybox setuid root by default which would result in
possibly unwanted change of current behaviour, so let's disable this
option by default in order to preserve the current status-quo.
For the record: disabling FEATURE_SUID to preserve the status-quo does
*not* imply the current status-quo is "safer", or for that matter, in
any way desireable. That is a discussion to be had on the mailing
lists.
Switching the FEATURE_SUID default to "n" is simply a compromise to
facilitate the merge of the changes that unbreak FEATURE_SUID.
Ref: PR#2502
Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
[commit title/description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
With FEATURE_SUID=y one can install busybox binary belonging to root
with the suid bit set, enabling some applets to perform root-level
operations even when run by ordinary users. Busybox then drops
privileges for applets that don't need root access, before entering
their main() function.
Currently we don't install busybox binary with suid bit set, rendering
this feature unusable.
Note that we can't just "chmod u+s /bin/busybox" at runtime as a
"cheaper" solution: it would waste approximately 200KiB of FLASH (the
whole /bin/busybox binary gets copied into the overlay).
Ref: PR#2502
Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
[commit title/description facelift, use INSTALL_SUID variable]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This reverts commit 6170c46b47.
There has been demand for further evaluation of the impact of a
changed hostname, so this is reverted for now. The default hostname
will be "OpenWrt" again after this commit.
The macaddr_geteui() function is not removed by this revert.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
If a label MAC address is provided for device, system
will rename the hostname with OpenWrt_{eui mac address}.
This helps to distinguish between different devices.
Since it's no good idea to nest json_* functions, this code does
not use get_mac_label directly, but only get_mac_label_dt as
external resource.
Signed-off-by: Rosy Song <rosysong@rosinson.com>
[merged with commit introducing macaddr_geteui, rebased on updated
label MAC address storage, extended commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
If set, label MAC address is available from one of two sources,
device tree or board.json. So far, the function get_mac_label
was meant for retrieving the address, while an option in uci
system config was specified only for case 2 (board.json).
The uci config option has several drawbacks:
- it is only used for a fraction of devices (those not in DT)
- label MAC address is a device property, while config implies
user interaction
- label_macaddr option will only be set if /etc/config/system
does not exist (i.e. only for new installations)
Thus, this patch changes the behavior of get_mac_label:
Instead of writing the value in board.json to uci system config
and reading from this location afterwards, get_mac_label now
extracts data from board.json directly. The uci config option
won't be used anymore.
In addition, two utility functions for extraction only from DT
or from board.json are introduced.
Since this is only changing the access to the label MAC address, it
won't interfere with the addresses stored in the code base so far.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This is needed to export crypto information to netfilter, allowing
the alt. afalg openssl engine to obtain information about the drivers
being used.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Many bugs were fixed--2 patches removed here.
This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:
- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Includes following changes:
0230d0698e59 add initial GitLab CI support
5e13b797a988 iron out all extra compiler warnings
802fbd4d6f39 cmake: enable extra compiler checks
050bb5c4431b convert into CMake project
5b350e42d1fd refactor into separate Git project
and converts the package build to utilize CMake.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The QCA953x only supports 25 MHz refclk, however some OEMs set an
invalid bootstrap value for the REF_CLK option, which would break the
clock detection in ath9k.
Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the
datasheet) the only valid frequency.
Signed-off-by: David Bauer <mail@david-bauer.net>
The release notes since last time for wave-1:
* October 5, 2019: Fix too-short msg caused by invalid use of PayloadLen in receive path.
This appears to resolve the issue of getting (and ignoring) too-short commands
when we detect loss of CE interrupts and go into polling mode.
* October 12, 2019: Fix regression in IBSS mode that caused SWBA overrun issues. Related to
regression added during the ct-station logic, specifically TSF allocation.
Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test.
* October 15, 2019: Only send beacon tx completion events if we can detect CT driver is being
used (based on CT_STATS_OK flag being set). This should help CT firmware work
better on stock driver.
The release notes since last time for wave-2:
* October 15, 2019: Only send beacon tx completion events if we can detect CT driver is being
used (based on ATH10k_USE_TXCOMPL_TXRATE2 | ATH10k_USE_TXCOMPL_TXRATE1 flags being set).
This should help CT firmware work better on stock driver.
* October 31, 2019: Compile out peer-ratecode-list-event. ath10k driver ignores the event.
* November 1, 2019: Fix rate-ctrl related crash when nss and other things were changed while
station stays associated. See bug: https://github.com/greearb/ath10k-ct/issues/96
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect
Fixes: CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The device path will be the same for the first phy. For all subsequent
phys, the path gets an extra +1, +2, ...
Move the code for converting path to phy and vice versa to a separate
library script shared by config detection code and the netifd wireless
handler script
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This enables PMKSA and opportunistic key caching by default for
WPA2/WPA3-Personal, WPA3-Personal and OWE auth types.
Otherwise, Apple devices won't connect to the WPA3 network.
This should not degrade security, as there's no external authentication
provider.
Tested with OCEDO Koala and iPhone 7 (iOS 13.1).
Signed-off-by: David Bauer <mail@david-bauer.net>
https://patchwork.kernel.org/patch/11224189/
--
On 2019-10-28 06:07, wbob wrote:
> Hello Roman,
>
> while reading around drivers/net/wireless/ralink/rt2x00/rt2800lib.c
> I stumbled on what I think is an edit of yours made in error in march
> 2017:
>
> https://github.com/torvalds/linux/commit/41977e86#diff-dae5dc10da180f3b055809a48118e18aR5281
>
> RT6352 in line 5281 should not have been introduced as the "else if"
> below line 5291 can then not take effect for a RT6352 device. Another
> possibility is for line 5291 to be not for RT6352, but this seems
> very unlikely. Are you able to clarify still after this substantial time?
>
> 5277: static int rt2800_init_registers(struct rt2x00_dev *rt2x00dev)
> ...
> 5279: } else if (rt2x00_rt(rt2x00dev, RT5390) ||
> 5280: rt2x00_rt(rt2x00dev, RT5392) ||
> 5281: rt2x00_rt(rt2x00dev, RT6352)) {
> ...
> 5291: } else if (rt2x00_rt(rt2x00dev, RT6352)) {
> ...
Hence remove errornous line 5281 to make the driver actually
execute the correct initialization routine for MT7620 chips.
As it was requested by Stanislaw Gruszka remove setting values of
MIMO_PS_CFG and TX_PIN_CFG. MIMO_PS_CFG is responsible for MIMO
power-safe mode (which is disabled), hence we can drop setting it.
TX_PIN_CFG is set correctly in other functions, and as setting this
value breaks some devices, rather don't set it here during init, but
only modify it later on.
Fixes: 41977e86c984 ("rt2x00: add support for MT7620")
Reported-by: wbob <wbob@jify.de>
Reported-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Acked-by: Stanislaw Gruszka <sgruszka@redhat.com>
--
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
It contains a single change to vlist.h header file: "vlist: add more
macros for loop iteration". This is needed for newer version of fstools
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Enables radio resource management to be reported by hostapd to clients.
Ref: https://github.com/lede-project/source/pull/1430
Co-developed-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
When ASLR_PIE was activated globally these drivers failed to build
because the user space LDFLAGS leaked into the kernel build process.
This was fixed in upstream Linux kernel commit ce99d0bf312d ("kbuild:
clear LDFLAGS in the top Makefile") which went into Linux 4.17. The
lantiq target is now on Linux 4.19 only and these exceptions are not
needed any more.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This patch adds ath79 support for Netgear WNR2200.
Router was previously supported by ar71xx target only (8 MiB variant).
Netgear WNR2200 has two flash versions - 8MiB sold in EU, US etc. and
16 MiB for Russia and China markets. Apart from flash size both variants
share the same hardware specification.
Specification
=============
* Description: Netgear WNR2200
* Loader: U-boot
* SOC: Atheros AR7241 (360 MHz)
* RAM: 64 MiB
* Flash: 8 MiB or 16 MiB (SPI NOR)
- U-boot binary: 256 KiB
- U-boot environment: 64 KiB
- Firmware: 7808 KiB or 16000 KiB
- ART: 64 KiB
* Ethernet: 4 x 10/100 LAN + 1 x 10/100 WAN
* Wireless: 2.4 GHz b/g/n (Atheros AR9287)
* USB: yes, 1 x USB 2.0
* Buttons:
- Reset
- WiFi (rfkill)
- WPS
* LEDs:
- Power (amber/green)
- WAN (amber/green)
- WLAN (blue)
- 4 x LAN (amber/green)
- WPS (green)
* UART: 4-pin connector JP1, 3.3V (Vcc, TX, RX, GND), 115200 8N1
* Power supply: DC 12V 1.5A
* MAC addresses: LAN on case label, WAN +1, WLAN +2
Installation
============
* TFTP recovery
* TFTP via U-boot prompt
* sysupgrade
* Web interface
Test build configuration
========================
CONFIG_TARGET_ath79=y
CONFIG_TARGET_ath79_generic=y
CONFIG_TARGET_ath79_generic_DEVICE_netgear_wnr2200-8m=y
CONFIG_ALL_KMODS=y
CONFIG_DEVEL=y
CONFIG_CCACHE=y
CONFIG_COLLECT_KERNEL_DEBUG=y
CONFIG_IMAGEOPT=y
CONFIG_KERNEL_DEBUG_INFO=y
CONFIG_KERNEL_DEBUG_KERNEL=y
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
Required as dependency on dropbear config headers is not tracked in
dropbear build system
Fixes FS#2275
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The kconfig symbol is an invisible one since its introduction. It is
not supposed to be enabled on its own.
Resolves FS#1821
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
"block mount" invokes "hotplug-call mount". It emits the following
error when mount is not present
hotplug-call call failed
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This fixes frequent crashes observed on a UniFi AC Mesh using OpenWrt
master and 19.07. 18.06 seems not affected from our testing.
Signed-off-by: David Bauer <mail@david-bauer.net>
This commit changes the source of the Wave 1 ath10k-firmware
from linux-firmware to Kall Valos ath10k-firmware repository.
This is necessary as the firmware selected in linux-firmware produces
frequent crashes in some circumstances.
This patch can be removed as soon as linux-firmware carries
10.2.4-1.0-00047 firmware.
Signed-off-by: David Bauer <mail@david-bauer.net>
When the build system finds libpam, it enables building of these tools,
causing linker failures. Explicitly disable them as they are unused.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hardware
--------
SoC: Qualcomm IPQ4019
RAM: 256M DDR3
FLASH: 128M NAND
WiFi: 2T2R IPQ4019 bgn
2T2R IPQ4019 a/n/ac
ETH: Atheros AR8033 RGMII PHY
BTN: 1x Connect (WPS)
LED: Power (green/red/yellow)
Installation
------------
1. Grab the uboot for the Device from the 'u-boot-fritz1200'
subdirectory. Place it in the same directory as the 'eva_ramboot.py'
script. It is located in the 'scripts/flashing' subdirectory of the
OpenWRT tree.
2. Assign yourself the IP address 192.168.178.10/24. Connect your
Computer to one of the boxes LAN ports.
3. Connect Power to the Box. As soon as the LAN port of your computer
shows link, load the U-Boot to the box using following command.
> ./eva_ramboot.py --offset 0x85000000 192.168.178.1 uboot-fritz1200.bin
4. The U-Boot will now start. Now assign yourself the IP address
192.168.1.70/24. Copy the OpenWRT initramfs (!) image to a TFTP
server root directory and rename it to 'FRITZ1200.bin'.
5. The Box will now boot OpenWRT from RAM. This can take up to two
minutes.
6. Copy the U-Boot and the OpenWRT sysupgrade (!) image to the Box using
scp. SSH into the Box and first write the Bootloader to both previous
kernel partitions.
> mtd write /path/to/uboot-fritz1200.bin uboot0
> mtd write /path/to/uboot-fritz1200.bin uboot1
7. Remove the AVM filesystem partitions to make room for our kernel +
rootfs + overlayfs.
> ubirmvol /dev/ubi0 --name=avm_filesys_0
> ubirmvol /dev/ubi0 --name=avm_filesys_1
8. Flash OpenWRT peristently using sysupgrade.
> sysupgrade -n /path/to/openwrt-sysupgrade.bin
Signed-off-by: David Bauer <mail@david-bauer.net>
f92be9d add support for AVM FRITZ!Repeater 1200
d651302 enable support for Atheros AR8033 PHY
e4c857c add machtype override hack
Signed-off-by: David Bauer <mail@david-bauer.net>
This commit fixes failing builds because of an incorrect configuration
for the kmod-rtw88 package.
RTW88_8822BE as well as RTW88_8822CE have to bes selected as "y" even
when building the driver as a module.
Signed-off-by: David Bauer <mail@david-bauer.net>
Moving a file between tmpfs and other fs is neither
faster nor safer, thus no point in doing it in two steps.
Use new jshn option to write output directly to file.
Originally discussed here:
http://lists.openwrt.org/pipermail/openwrt-devel/2017-December/010127.html
Signed-off-by: Roman Yeryomin <roman@advem.lv>
This commit adds packages for the Realtek RTl8822BE/RTL8822CE firmware
to be used with the rtw88 driver.
Signed-off-by: David Bauer <mail@david-bauer.net>
This commits adds packaging for the new RTW88 driver from Realtek.
It supports the Realtek 8822BE/8822CE PCIe wireless chips.
For operation, the complementary firmware has to be loaded.
Signed-off-by: David Bauer <mail@david-bauer.net>
* 40f939d57c67 Tag version 1.0.1
* 9e758e6e6aec jitterentropy-rngd: update to version v1.1.0 + clang compile fix
* 193586a25adc Fix wrong types in format strings used in debug build
* d474977bb611 Add initial GitLab CI support
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This separates the options for signature creation and verification
* SIGNED_PACKAGES create Packages.sig
* SIGNED_IMAGES add ucert signature to created images
* CHECK_SIGNATURE add verification capabilities to images
* INSTALL_LOCAL_KEY add local key-build to /etc/opkg/keys
Right now the buildbot.git contains some hacks to create images that
have signature verification capabilities while not storing private keys
on buildbot slaves. This commit allows to disable these steps for the
buildbots and only perform signing on the master.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Erasesize doesn't belong in the u-boot env config for block devices as it is
known to be 512 byte aligned.
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
The main motivation is to drop and stop maintaining
"100-debian_shared_lib.patch". It lacks the logic to include custom
implementation of several functions like pcap_strlcpy() which can cause
build failures when glibc is used [2]
CAN and CAN-USB support related symbols are now handled by general linux
support, see [1]
"-ffunction-sections -fdata-sections" were removed as they should help
much for shared libraries
Size comparison before and after the change
-rw-r--r-- 1 yunion yunion 238042 Oct 18 11:42 ipkg-x86_64/libpcap/usr/lib/libpcap.so.1
lrwxrwxrwx 1 yunion yunion 16 Oct 18 13:03 ipkg-x86_64/libpcap/usr/lib/libpcap.so.1 -> libpcap.so.1.9.1
-rwxr-xr-x 1 yunion yunion 229867 Oct 18 13:03 ipkg-x86_64/libpcap/usr/lib/libpcap.so.1.9.1
[1] On Linux, handle all CAN captures with pcap-linux.c, in cooked mode,
93ca5ff703
[2] https://github.com/openwrt/packages/issues/10270
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This adds engine configuration sections to openssl.cnf, with a commented
list of engines. To enable an engine, all you have to do is uncomment
the engine line.
It also adds some useful comments to the devcrypto engine configuration
section. Other engines currently don't have configuration commands.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Makefile changes:
- moves PKG_MAINTAINER above PKG_LICENSE
- Change PKG_LICENSE to LGPL-2.1-or-later and correct PKG_LICENSE_FILES
- changes URL to a more appropriate one, which uses HTTPS
- adds 2 spaces as an indentation in description
Compile and run tested on Turris Omnia, mvebu
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
if gcc not linker whith this LDFLAGS, "file libbz2.so.1.0.8" will
recognize as pie executable ELF file ( which should be shared object).
this because the file command version before 5.36 not recognize
correctly.
Signed-off-by: leo chung <gewalalb@gmail.com>
This updates mac80211 to backports based on kernel 5.4-rc2
ath10k-ct was updated to match the API changes and iw now uses the new
nl80211.h header file.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
If system has more then one and different wwan interface (modem). Then the
wwan protohandler will always take the modem which is discovered first.
The protohandler will always setup the same interface. To fix this add a
new usb "bus" option which is associated with wwan device and so will set
the specified interface up. With this change more then one interface
could be mananged by the wwan protohandler.
If the "bus" option is not set in the uci network config then the protohandler
behaves as before the change. The protohanldler will take the first
interface which he founds.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
service_running() implementation in /etc/rc.common use it.
It is preferable to use wildcard than assuming the instance
name is the default one.
jsonfilter returns all matches when wildcards are used, hence
the -l 1 argument used to limit output to only one value.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
This is a precursor to adding proper support for multiple
6in4 tunnels with the already programmed tunlink parameter.
This is an essential sanity check so as to not break existing
and working behind NAT setups.
Signed-off-by: Sean Kenny <skenny@wfap.ca>
6in4: add myip he.net api parameter logic
This is to add proper support for multiple 6in4 tunnels
with the already programmed tunlink parameter.
As it stands before this commit, if there is a multi wan setup that
consists of dynamic ips, there is no way to use the
dynamic update feature as the he.net api is implicitly using
the ip address of the caller. This will explicitly use the
ipaddr specified in the interface config OR the ip of the
tunlink interface specified in the dynamic update api call instead
ONLY if the final resolved ipaddr variable is not an rfc1918 address.
Signed-off-by: Sean Kenny <skenny@wfap.ca>
The destination buffer size `d_len` is passed to `lzma_inflate` as a
pointer. Therefore, it needs to be dereferenced to compare its content.
Signed-off-by: Christian Franke <nobody@nowhere.ws>
The fwutil command will interpret the final 16 byte of a given firmware
image files as "struct fwimage_trailer".
In case these bytes do look like a valid trailer, we must ensure that we
print them out along with the remainder of the image to not accidentally
truncate non-trailer-images by 16 bytes when they're piped through fwtool,
e.g. as part of an image verification command sequence.
Some command sequences pipe images through fwtool in order to strip any
possible metadata, certificate or signature trailers and do not expect
bare images without any of that metadata to get truncated as other non-
fwtool specific metadata is expected at the end of the file, e.g. an
information block with an md5sum in case of the combined image format.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
8eb8443 version: bump snapshot
be09cf5 wg-quick: android: use Binder for setting DNS on Android 10
4716f85 noise: recompare stamps after taking write lock
54db197 netlink: allow preventing creation of new peers when updating
f1b87d1 netns: add test for failing 5.3 FIB changes
a3539c4 qemu: bump default version
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
The channel can be selected automatically at run time by setting
channel=acs_survey or channel=0, both of which will enable the ACS survey
based algorithm in hostapd. If the option acs_exclude_dfs is set in the
hostpad config DFS channels from ACS are excluded on channel selection.
This commit will add the possibilty to exclude the dfs channel on ACS
survey.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Commit 7519a36774 ("base-files,procd: add generic service status")
introduced the generic 'status' command which broke the previous
dsl_control status output. To fix this, let's rename the "old" command
to "dslstat".
Fixes: 7519a36774 ("base-files,procd: add generic service status")
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Update libevent to 2.1.11
Use CMake instead GNU Autotools
Backport following commits:
f05ba67193
..and partially
7201062f3e
to fix compilation
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Compilation of liblua itself works, but when other packages link against
it, the linker starts throwing undefined references to a bunch of math
functions in libm.
First discovered in a failed attempt to transition a package to uClibc++.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[fix commit title capitalization]
Signed-off-by: David Bauer <mail@david-bauer.net>
While all ath10k eeproms have a checksum field, so far two
functions for patching ath10k MAC address have been present (and
been used).
This merges code to provide a single function ath10k_patch_mac
in caldata.sh, having its name in accordance with ath9k functions.
By doing so, correct MAC patching for current and future ath10k
devices should be ensured.
This patch adds checksum adjustments for several targets on
ath79 and lantiq.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3:
PR c++/20020 (GDB segfault on printing objects)
PR gdb/24454 (nat/x86-linux-dregs.c failed assertion)
PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned)
PR symtab/24545 (Symbol loading performance regression with cc1)
PR gdb/24592 (amd64->i386 linux syscall restart problem)
PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException')
PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background)
PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries)
This corrective release also brings the following testsuite fixes and
enhancements:
PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests)
PR testsuite/25016 (Test-case failures for -pie)
GDB 8.3 includes the following changes and enhancements:
* Support for new native configurations (also available as a target configuration):
- RISC-V GNU/Linux (riscv*-*-linux*)
- RISC-V FreeBSD (riscv*-*-freebsd*)
* Support for new target configurations:
- CSKY ELF (csky*-*-elf)
- CSKY GNU/Linux (csky*-*-linux)
- NXP S12Z ELF (s12z-*-elf)
- OpenRISC GNU/Linux (or1k*-*-linux*)
* Native Windows debugging is only supported on Windows XP or later.
* The Python API in GDB now requires Python 2.6 or later.
* GDB now supports terminal styling for the CLI and TUI.
Source highlighting is also supported by building GDB with GNU
Highlight.
* Experimental support for compilation and injection of C++ source
code into the inferior (requires GCC 7.1 or higher, built with
libcp1.so).
* GDB and GDBserver now support IPv6 connections.
* Target description support on RISC-V targets.
* Various enhancements to several commands:
- "frame", "select-frame" and "info frame" commands
- "info functions", "info types", "info variables"
- "info thread"
- "info proc"
- System call alias catchpoint support on FreeBSD
- "target remote" support for Unix Domain sockets.
* Support for displaying all files opened by a process
* DWARF index cache: GDB can now automatically save indices of DWARF
symbols on disk to speed up further loading of the same binaries.
* Various GDB/MI enhancements.
* GDBserver on PowerPC GNU/Linux now supports access to the PPR,
DSCR, TAR, EBB/PMU, and HTM registers.
* Ada task switching support when debugging programs built with
the Ravenscar profile added to aarch64-elf.
* GDB in batch mode now exits with status 1 if the last executed
command failed.
* Support for building GDB with GCC's Undefined Behavior Sanitizer.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This unifies MAC address patch functions and moves them to a
common script. While those were implemented differently for
different targets, they all seem to do the same. The number of
different variants is significantly reduced by this patch.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This moves the almost identical calibration data extraction
functions present multiple times in several targets to a single
library file /lib/functions/caldata.sh.
Functions are renamed with more generic names to merge different
variants that only differ in their names.
Most of the targets used find_mtd_chardev, while some used
find_mtd_part inside the extraction code. To merge them, the more
abundant version with find_mtd_chardev is used in the common code.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[rebase on latest master; add mpc85xx]
Signed-off-by: David Bauer <mail@david-bauer.net>
The xor() function is defined in each of the caldata extraction
scripts for several targets. Move it to functions.sh to reduce
duplicate code.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This driver supports the Bosch Sensortec BME680 gas, humidity, pressure
and temperature sensor.
Tested I2C and SPI modes on a Raspberry Pi Zero W.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Upon writing to "remove" file, debugfs_remove_recursive() blocks while
holding rtnl_lock. This is because debugfs' file_ops callbacks are
executed in debugfs_use_file_*() context which prevents file removal.
Fix this by only flagging the device for removal and then do the cleanup
in file_ops.release callback which is executed out of that context.
Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
Since v3.11, netdevice notification data are of type
"struct netdev_notifier_info". Handle it as such!
This should fix a critical bug in which devices are unable get released
because trelay does not release resources in response to UNREGISTER
event spamming the log with something like:
unregister_netdevice: waiting for eth0.1 to become free. Usage count = 1
Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
crypto-arc4 move into a module with commit c3a78955f3,
fs-nfs-common-rpcsec compile error without arc4 support.
Ref: https://github.com/openwrt/packages/issues/9912
Fixes: c3a78955f3 ("kernel: move crypto-arc4 into a module")
Signed-off-by: Ruixi Zhou <zhouruixi@gmail.com>
"coreutil-date" package from the packages feed replaces the Busybox date
applet by symlinking /usr/bin/gnu-date to /bin/date. This prevents the system
init script from setting kernel timezone because the GNU date utility does not
provide such functionality:
root@OpenWrt:~# date -k
date: invalid option -- 'k'
Try 'date --help' for more information.
A specific reference to the Busybox date applet prevents alternative date
utilities from breaking the system init script.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
The first allows usage of several functions in the std namespace, which
broke compilation of gddrescue specifically with uClibc-ng and uClibc++.
The second allows usage of long long with normal C++11, which is part of
the standard. Before, std=gnu++11 needed to be passsed to work around it.
As a result of the second patch, the pedantic patch can safely be removed.
Both patches are upstream backports.
Added -std=c++11 to CFLAGS to guarentee proper inclusion of long long.
Added another patch that fixes a typo with the long long support. Sent to
upstream.
Fixed up license information according to SPDX.
Small cleanups for consistency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Add missing dependencies to i2c-core and regmap-spi. These get activated
when these modules are build in this driver, which is the case when we
build all modules. This fixes the build on some targets. This was found
by the buildbot.
Fixes: 34e2526f9f ("kernel: add kmod-rtc-pcf2127")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Current hash doesn't match with the content of the source tarball.
Fixes: a92f74ba8d ("libnl-tiny: move source code into separate Git repository")
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
71c2ef0420b5 mt76: fix aggregation stop issue
5b02a078d4a7 mt76: add missing locking around ampdu action
7d8764d320cf mt76: avoid enabling interrupt if NAPI poll is still pending
d94cc81d3980 mt76: drop rcu read lock in mt76_rx_aggr_stop
c11a4ad06d9d mt76: mt76x0: eeprom: add support for MAC address from OF
01642d8bed33 mt76: mt76x02: fix use-after-free in tx status code handling airtime
391e1488f885 mt76: add sanity check for a-mpdu rx wcid index
d3a589586d1b mt76: fix a-mpdu boundary detection issue for airtime reporting
Signed-off-by: Felix Fietkau <nbd@nbd.name>
0d004db Revert "pppd: Include time.h before using time_t"
e400854 pppdump: Eliminate printf format warning by using %zd
7f2f0de pppd: Refactor setjmp/longjmp with pipe pair in event wait loop
4e71317 make: Avoid using host include for cross-compiling
3202f89 pppoe: Remove the use of cdefs
d8e8d7a pppd: Remove unused rcsid variables
486f854 pppd: Fix GLIBC version test for non-glibc toolchains
b6cd558 pppd: Include time.h before using time_t
ef8ec11 radius: Fix compiler warning
f6330ec magic: Remove K&R style of arguments
347904e Add Submitting-patches.md
Remove patches 130-no_cdefs_h.patch, 131-missing_prototype_macro.patch,
132-fix_linux_includes.patch as fixed upstream
Refresh patches
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
In non-ETSI regulatory domains scan is blocked when operating channel
is a DFS channel. For ETSI, however, once DFS channel is marked as
available after the CAC, this channel will remain available (for some
time) even after leaving this channel.
Therefore a scan can be done without any impact on the availability
of the DFS channel as no new CAC is required after the scan.
Enable scan in mac80211 in these cases.
Signed-off-by: Aaron Komisar <aaron.komisar@tandemg.com>
Link: https://lore.kernel.org/r/1570024728-17284-1-git-send-email-aaron.komisar@tandemg.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
The factory uboot of the Turris Omnia boots with "root=b301", and we
instruct new users to sysupgrade from there (e.g. method 1, step 7).
Currently, this will fail with "Unable to determine upgrade device".
Add a new case to export_bootdevice, which parses the hex argument.
Fixes commit 2e5a0b81 ("mvebu: sysupgrade: sdcard: keep user added ...")
Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
gcc-8 switch -ffile-prefix-map helps a lot with reproducible build paths
in the resulting binaries.
Ref: https://reproducible-builds.org/docs/build-path/
Signed-off-by: Paul Spooren <mail@aparcar.org>
[refactored into separate commit]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
In order to make the source code usable and testable separately out of
buildroot.
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This backport fixes high latency (>100ms) on the WiFi link when using a
QCA988x Wave 1 radio. The ath10k-ct driver is not affected by this bug
from my testing, hence why it hasn't been discovered earlier.
Signed-off-by: David Bauer <mail@david-bauer.net>
Wifi HE (ieee80211ax) parsing is currently only activated in the full
version because it increases the compressed size by 2.5KBytes.
This also activates link time optimization (LTO) again, the problem was
fixed upstream
This increases the uncompressed binary size of iw-tiny by about 1.7%
old:
34446 iw_5.0.1-1_mipsel_24kc.ipk
new:
35064 iw_5.3-1_mipsel_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
https://patchwork.kernel.org/patch/11161981/
--
From: Stanislaw Gruszka <sgruszka@redhat.com>
Subject: [PATCH] rt2x00: initialize last_reset
Initialize last_reset variable to INITIAL_JIFFIES, otherwise it is not
possible to test H/W reset for first 5 minutes of system run.
Fixes: e403fa31ed71 ("rt2x00: add restart hw")
Reported-and-tested-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
--
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Changes since 0.0.20190702:
define conversion constants for ancient kernels
android: refactor and add incoming allow rules
enforce that unused bits of flags are zero
immediately rekey all peers after changing device private key
support running in OpenVZ environments
do not run bc on clean target
skip peers with invalid keys
account for upstream configuration maze changes
openbsd: fix alternate routing table syntax
account for android-4.9 backport of addr_gen_mode
don't fail down when using systemd-resolved
allow specifying kernel release
enforce named pipe ownership and use protected prefix
work around ubuntu breakage
support newer PaX
don't rewrite siphash when it's from compat
squelch warnings for stack limit on broken kernel configs
support rhel/centos 7.7
Signed-off-by: Brandy Krueger <krueger.brandy24@gmail.com>
572ff7f fritzcreator: actually add checksum spacer
6edce1a fritzcreator: replace obscure padding generation with something more portable
2ff189f add ASUS RT-AC58U "easy install" factory u-boot shim
b91f9c2 readd spi-nand support
486ae53 improve cmd_sysupgrade
b0933f1 replace sstrip with strip
882e48a do not include generated files into git
0c5aa5f fix bugs in ipq40xx_cdp.c
Signed-off-by: David Bauer <mail@david-bauer.net>
hostapd will not use the getrandom() syscall and as a fallback use
/dev/random, the syscall is supported since Linux 3.17 and in the musl,
glibc and uclibc version used by OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
All the content of this function is proceeded by IEEE8021X_EAPOL no code
accesses the ssid variable outside of this ifdef.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The size of the ipkgs increase a bit (between 0.7% and 1.1%):
old 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk
new 2019-08-08 (2.9):
290217 wpad-basic_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
258745 wpad-mini_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
431732 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
427641 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This also syncs the configuration files with the default configuration
files, but no extra options are activated or deactivated.
The mesh patches were partially merged into hostapd 2.8, the remaining
patches were extracted from patchwork and are now applied by OpenWrt.
The patches still have open questions which are not fixed by the author.
They were taken from this page:
https://patchwork.ozlabs.org/project/hostap/list/?series=62725&state=*
The changes in 007-mesh-apply-channel-attributes-before-running-Mesh.patch
where first applied to hostapd, but later reverted in hostapd commit
3e949655ccc5 because they caused memory leaks.
The size of the ipkgs increase a bit (between 1.3% and 2.3%):
old 2018-12-02 (2.7):
283337 wpad-basic_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
252857 wpad-mini_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
417473 wpad-openssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
415105 wpad-wolfssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
new 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
4327ed4 mkdev: Avoid out of bounds read
9b3eb63 libblkid-tiny: use blkid_probe_set_utf8label for label set
c9d0462 libblkid-tiny: adds blkid_probe_set_utf8label support
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Needed for glib2 host build:
gresource-tool.c:32:20: fatal error: libelf.h: No such file or directory
#include <libelf.h>
Changed PKG_LICENSE to the SPDX version.
Switched build dependency for argp-standalone to !USE_GLIBC. argp is a
glibc extension. Treat it as such.
Adjusted patch to use strerror_l, which works properly with both glibc
and musl. The patch errors under glibc with:
dwfl_error.c:158:7: error: ignoring return value of 'strerror_r', declared
with attribute warn_unused_result [-Werror=unused-result]
strerror_r (error & 0xffff, s, sizeof(s));
void casting does not fix the error.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hardware acceleration was disabled when AES-CCM was selected as a
workaround for a build failure. This applies a couple of upstream
patches fixing this.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Remove 300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch,
the issue has been fixed upstream.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
This patch was originally added to fix compilation with v4l2rtspserver.
Turns out it was v4l2rtspserver that was broken, not uClibc++. This now
causes issues with a different package where the arguments are being
split.
Note that with this patch, shellcheck throws an error:
SC2068: Double quote array expansions to avoid re-splitting elements.
More: https://github.com/openwrt/packages/pull/9972#discussion_r324878373
Signed-off-by: Rosen Penev <rosenp@gmail.com>
For AP mode, OpenWrt automatically sets ieee80211w to either 1 or 2, depending
on whether the encryption is set to sae-mixed, or sae/owe/eap suite-b.
Mirror the same defaults for client mode connections, in order to allow an
OpenWrt station to associate to an OpenWrt ap with SAE, OWE or Suite-B encryption
without the need to manually specify "option ieee80211w" on the station.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This changes fixes the generation of the wpa_supplicant client configuration
in WPA3 OWE client mode. Instead of incorrectly emitting key_mgmt=NONE, use
the proper key_mgmt=OWE setting instead.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
add module to support Emulex OneConnect
common in 10Gbit SFP+ cards by Dell/HP/IBM
supports OneConnect OCe10xxx OCe11xxx OCe14xxx,
LightPulse LPe12xxx
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
wps_supplicant.h assumes that 'struct wpa_bss' is forward declared if
CONFIG_WPS is not defined. With the later inclusion of
600-ubus_support, the issue manifests in warnings like these:
wps_supplicant.h:113:15: warning: 'struct wpa_bss' declared inside parameter list will not be visible outside of this definition or declaration
struct wpa_bss *bss)
^~~~~~~
This patch forward declares 'struct wpa_bss' regardless.
Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The original wpa_hexdump uses a 'void *' for the payload. With patch
410-limit_debug_messages, the signature changes and compiler warnings
occur at various places. One such warning is:
wpa_debug.h:106:20: note: expected 'const u8 * {aka const unsigned char *}' but argument is of type 'struct wpa_eapol_key *'
Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
For many devices, MAC addresses cannot be retrieved via the
device tree alias.
To still provide the label MAC address for those, this implements
a second mechanism that will put the address into uci config.
Note that this stores the actual MAC address, whereas in DTS
we reference the bearing device.
This is based on the work of Rosy Song <rosysong@rosinson.com>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
To refer to the MAC address on a device's label, one can
specify the alias label-mac-device in the DTS which should
point to the bearer of the corresponding MAC address.
With the function get_mac_label, the user can retrieve then
retrieve this address and use it as a value that uniquely
identifies his device.
This is severely helpful for several downstream functionalities,
e.g. define MAC addresses of custom netifs or change the SSID to
be easily recognizable.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0
Fixes CVEs:
CVE-2019-5481
CVE-2019-5482
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This version fixes 3 low-severity vulnerabilities:
- CVE-2019-1547: ECDSA remote timing attack
- CVE-2019-1549: Fork Protection
- CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and
CMS_decrypt_set1_pkey
Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Since service and instance names may contain characters which are not allowed
in JSON path labels, such as dashes or spaces, change the filter expression
to array square bracket notation to properly match these cases as well.
Fixes: 2c3dd70741 ("procd: add procd_running() helper for checking running state")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This makes brcmfmac use the same wiphy after PCIe reset to help user
space handle corner cases (e.g. firmware crash).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Update the ath10k-ct driver version to 5e8cd86f90dac966d12df6ece84ac41458d0e95f
to enable dynamic VLANs to work. Patches refreshed during the bump.
Signed-off-by: Robert Marko <robimarko@gmail.com>
[commit description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This enables a feature flag in the wave-2 firmware wmi-services indicating it can send
software-encrypted raw frames. This should in turn allow the AP-VLAN feature to work.
Signed-off-by: Robert Marko <robimarko@gmail.com>
commit eb204d14f75c ("base-files: implement generic service_running")
introduced generic service_running so it's not needed to copy&paste same
3 lines over and over again.
I've removed service_running from netifd/network init script as well,
because it was not working properly, looked quite strange and I didn't
understand the intention:
$ /etc/init.d/network stop
$ service network running && echo "yes" || echo "nope"
( have to wait for 30s )
Command failed: Request timed out
yes
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Adds a default status action for init.d scripts.
procd "service status" will return:
0) for loaded services (even if disabled by conf or dead)
3) for inactive services
4) when filtering a non-existing instance
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
[rebased, cleaned up]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
e73bf11 config: ra_management compatibility support
d818380 odhcpd: router: Fix out of scope memory access
94a1c94 dhcpv6-ia: free assignment when validity timer expires
752fc2c router: speed up initial router advertisements
09aa022 router: close socket upon NETEV_IFINDEX_CHANGE fixed
79eb160 router: fix previous commit
6034b5c router: close socket upon NETEV_IFINDEX_CHANGE
000182f router: fix lingering uloop socket descriptor
f6c2242 router: support ra_lifetime being 0
d111809 router: make RA flags configurable (FS#2019)
Update odhcpd defaults according to the new RA flags implementation
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
a88fb42 iwinfo: add device id for Qualcomm Atheros QCA9886
1b69d86 iwinfo: add device id for Qualcomm Atheros QCA9887
Signed-off-by: David Bauer <mail@david-bauer.net>
Now that $UPGRADE_BACKUP is set conditionally there is no need to check
the $UPGRADE_OPT_SAVE_CONFIG anymore. All conditions can be simplified.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
b8238df sysupgrade: support "backup" attribute
This update requires "sysupgrade" method callers to pass "backup"
attribute if $UPGRADE_BACKUP is used in the project.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This explicitly tells procd what backup file should be used during
sysupgrade (if any). It's much more generic this way compared to the
magic /tmp/sysupgrade.tgz file that had to be created before a call.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This allows platform code to check if firmware image can be used with
preserving a backup. It may be used e.g. when installing vendor
firmwares that won't restore appended backup archive.
Suggested-by: Luis Araneda <luaraneda@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
It's a variable set by procd that should replace hardcoded
/tmp/sysupgrade.tgz.
This change requires the most recent procd with the commit 0f3c136
("sysupgrade: set UPGRADE_BACKUP env variable").
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
0f3c136 sysupgrade: set UPGRADE_BACKUP env variable
0bcbbbf system: fix uninitialized variables in firmware validation code
This update includes a fix for uninitialized variable usage.
Fixes: 7290963d09 ("procd: update to the latest git HEAD")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
The actual retrieval of the MAC address in mtd_get_mac_binary_ubi()
is the same as in get_mac_binary(). Thus, use the latter function
in the former to reduce duplicate code.
This will also allow to benefit from the enhanced path check there
and bring mtd_get_mac_binary_ubi() more in line with the similar
mtd_get_mac_binary().
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The mtd_get_mac_text helper method did not support hexadecimal offset
values, resulting them to break after 75bfc393ba ("treewide:
convert MAC address location offsets to hexadecimal")
This commit fixes this by evaluating the hexadecimal input,
converting them to decimal.
Signed-off-by: David Bauer <mail@david-bauer.net>
1) Add BACKUP_FILE and use it when copying an archive to be restored
after sysupgrade (on the next preinit).
2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
ABI version is same.
The ipkg size increase by about 2.2%:
old:
47.909 libnftnl11_1.1.3-1_arm_cortex-a7_neon-vfpv4.ipk
new:
48.985 libnftnl11_1.1.4-1_arm_cortex-a7_neon-vfpv4.ipk
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
This adds the key_type and ec_curve options to enable the generation of
EC keys during initialization, using openssl or the new options added to
px5g.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This adds an 'eckey' command to generate an EC key, with an optional
curve name argument, with P-256 as default.
For the 'selfsigned' command, it adds an 'ec' algorithm argument to the
'-newkey' option, and a '-pkeyopt ec_paramgen_curve:<curvename>' option,
mirroring the way openssl specifies the curve name.
Notice that curve names are not necessarily the same in mbedtls and
openssl. In particular, secp256r1 works for mbedtls, but openssl uses
prime256v1 instead. px5g uses mbedtls, but short NIST curve names P-256
and P-384 are specifically supported.
Package size increased by about 900 bytes (arm).
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Instead, instruct the configure script to use $(FPIC) only.
Mixing -fPIC and -fpic can cause issues on some platforms like PPC.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The configure scripts matches Linux with -fPIC, which is not exactly what
is desired. Since we are already passing $(FPIC), added a CONFIGURE_VAR to
avoid passing -fPIC.
Removed PKG_BUILD_DIR as it is already the default value.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Since the binaries for both lua as well as lua5.3 contain the version
number, invocations of the "lua" binary are failing, as it's not created
anymore for the host package.
Fixes: fe59b46 ("lua: include version number in installed files")
Signed-off-by: David Bauer <mail@david-bauer.net>
So far firmware validation result was binary limited: it was either
successful or not. That meant various limitations, e.g.:
1) Lack of proper feedback on validation problems
2) No way of marking firmware as totally broken (impossible to install)
This change introduces JSON for storing detailed validation info. It
provides a list of performed validation tests and their results. It
allows marking firmware as non-forceable (broken image that can't be
even forced to install).
Example:
{
"tests": {
"fwtool_signature": true,
"fwtool_device_match": true
},
"valid": true,
"forceable": true
}
Implementation is based on *internal* check_image bash script that:
1) Uses existing validation functions
2) Provides helpers for setting extra validation info
This allows e.g. platform_check_image() to call notify_check_broken()
when needed & prevent user from bricking a device.
Right now the new JSON info is used by /sbin/sysupgrade only. It still
doesn't make use of "forceable" as that is planned for later
development.
Further plans for this feature are:
1) Expose firmware validation using some new ubus method
2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus
method so:
a) It's possible to safely sysupgrade using ubus only
b) /sbin/sysupgrade can be more like just a CLI
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
From: Stanislaw Gruszka <sgruszka@redhat.com>
This reverts commit 9ad3b55654455258a9463384edb40077439d879f.
As reported by Sergey:
"I got some problem after upgrade kernel to 5.2 version (debian testing
linux-image-5.2.0-2-amd64). 5Ghz client stopped to see AP.
Some tests with 1metre distance between client-AP: 2.4Ghz -22dBm, for
5Ghz - 53dBm !, for longer distance (8m + walls) 2.4 - 61dBm, 5Ghz not
visible."
It was identified that rx signal level degradation was caused by
9ad3b5565445 ("rt2800: enable TX_PIN_CFG_LNA_PE_ bits per band").
So revert this commit.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Close cooperation with Lorenzo Bianconi resulted
in these patches which fix all remaining seen issues
when using dynack.
Fix link losses when:
- Late Ack's are not seen or not present
- switching from too low static coverage class to dynack on a live link
These are fixed by setting the Ack Timeout/Slottime to
the max possible value for the currently used channel width when
a new station has been discovered.
When traffic flows, dynack is able to adjust to optimal values
within a few packets received (typically < 1 second)
These changes have been thoroughly tested on ~60 offshore devices
all interconnected using mesh over IBSS and dynack enabled on all.
Distances between devices varied from <100m up to ~35km
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
6a61b9a probe: fallback to libblkid.so.1 when libblkid.so does not exist
Also remove deprecation notices from init script while we're at it.
Fixes: FS#2274
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
a9f9557 nl80211: support reading hardware id from phy directly
c586cd3 iwinfo: add device id for MediaTek MT7612E
d4382dd iwinfo: add device id for Atheros AR9390
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This should fix a problem with 1560 MTU, 160Mhz on DFS channels,
some other small issues on < 5.2 kernels, and for 5.2 driver,
it pulls in some upstream stable fixes.
wave-1 firmware changes since last update:
* June 24, 2019: Try allocating low-priority WMI msgs if high-prio are not available.
* June 24, 2019: Init rate-ctrl to start at lowest rate instead of in the middle. Hoping
this helps DHCP when station connects from a long distance.
wave-2:
* June 24, 2019 Start rate-ctrl at minimal values to help DHCP work better for far-away peers.
* July 24, 2019 Fix old regression that made /a (and probably /b/g) perform poorly, at least on
diet-compiled images.
* Aug 8, 2019 Improve a/b/g rate-ctrl by damping the PER swings caused by the all-or-nothing logic
of transmitting non-block-ack frames one at a time.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Update fstools to commit 1539b535ac327a3bc599d1ca871e14fd0dc3bba1
git log --pretty=oneline --abbrev-commit ff1ded63..1539b535
1539b53 libblkid-tiny: increment label size to 256
d563f3c libblkid-tiny: fix wrong btrfs label length
3957dd3 block: prevent mount point confusion
9b36dc2 libfstools: avoid false positives when matching devices and volumes
Created with the help of the make-package-update-commit.sh script.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Update ath10k-ct to commit 9e5ab25027e0971fa24ccf93373324c08c4e992d
git log --pretty=oneline --abbrev-commit f0aa8130..9e5ab250
9e5ab25 ath10k-ct: Update to latest 5.2 upstream, support bigger mtu, 160Mhz
Created with the help of the make-package-update-commit.sh script
and refresh patches.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This patch adds sysupgrade, uboot-env and networking support
for Methode uDPU device.
Device features 4 partitions:
-----------------------------------------
| boot | recovery | rootfs | misc |
| (ext4) | (ext4) | (fsf2) | (f2fs) |
_________________________________________
Idea was to use f2fs only but the u-boot currently lacks support
so first 2 partition are ext4 to be u-boot readable, and this was
a reason why custom build and sysupgrade sections were required.
On the sysupgrade, boot and rootfs partitions are updated, firmare
image and user configuration is saved on the misc partition and if
the upgrade was successfull, recovery partition will be updated on
after the reboot from preinit script. If the sysupgrade fails for any
reason, device will fallback to recovery initramfs image.
Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
This explicitly lets stage2 know if partitions should be preserved. No
more "touch /tmp/sysupgrade.always.overwrite.bootdisk.partmap" hack.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
To do not brake HW restart we should keep initialization vectors data.
I assumed that on start the data is already initialized to zeros, but
that not true on some scenarios and we should clear it. So add
additional flag to check if we are under HW restart and clear IV's
data if we are not.
Patch fixes AP mode regression.
Patch pending on linux-wireless and imported from patchwork.
Fixes: 0b2c42ced2 ("mac80211: Update to version 5.2-rc7")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
iwlwifi from the new backports also supports more recent FW versions,
update to the most recent versions for already supported devices.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes a bug introduced in backports from kernel 5.1 which makes
ath10k crash on QCA9984 when a station connects. The FW sends a airtime
report, but this station is not yet fully registered and a NULL pointer
is used.
Fixes: 0b2c42ced2 ("mac80211: Update to version 5.2-rc7")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The BDFs for the:
ALFA Network AP120C-AC
ASUS Lyra
AVM FRITZ!Box 7530
AVM FRITZ!Repeater 3000
EnGenius EAP1300
EnGenius ENS620EXT
Netgear Orbi Pro SRK60
boards were upstreamed to the ath10k-firmware repository
and linux-firmware.git.
Furthermore the BDFs for the:
OpenMesh A42 specific BDFs
OpenMesh A62 specific BDFs
Linksys EA6350v3
have been updated.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Update iftop to commit 77901c8c53e01359d83b8090aacfe62214658183
git log --pretty=oneline --abbrev-commit 949ed0f7..77901c8c
77901c8 Support scales beyond 1Gbps
Created with the help of the make-package-update-commit.sh script.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
957abacf Bump up version number to 1.39.2, LT revision to 32:0:18
83d362c6 Don't read too greedily
a76d0723 Add nghttp2_option_set_max_outbound_ack
db2f612a nghttpx: Fix request stall
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Preserve optionality of libcap by having configuration script follow the
HAVE_CAP environment variable, used similarly to the HAVE_ELF variable.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase/refresh patches]
This is necessary to build PowerDNS authoritative and recursor against
OpenWRT, and may avoid packages depending on lua/host unnecessarily.
Signed-off-by: James Taylor <james@jtaylor.id.au>
This adds a vendor command policy which is enforced since mac80211 from
kernel 5.3
Fixes: 928e893a11 ("mac80211: Update to version 5.3-rc4-1")
Signed-off-by: Boris Krasnovskiy <boris.krasnovskiy@lairdtech.com>
This happens only the second time a library is loaded by dlopen().
After lib1 is loaded, dlsym(lib1,"undef1") correctly resolves the undef
symbol from lib1 dependencies. After the second library is loaded,
dlsym(lib2,"undef1") was returning the address of "undef1" in lib2
instead of searching lib2 dependencies.
Using upstream fix which now uses the same logic for relocation time
and dlsym.
Fixesopenwrt/packages#9297
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Always build AES-GCM support.
Unnecessary patches were removed.
This includes two vulnerability fixes:
CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.
CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
It seems bzip2 was abandoned by the author and adopted by the sourceware
people. The last release of bzip2 was from 2010.
Several security bugs were fixed as well as others.
Fixed up PKG_LICENSE to be compatible with SPDX.
Changed URLs to point to the new home.
Added patch that gets rid of deprecated utime function and switches it to
utimensat.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The removed patches were applied upstream.
The type of the RT2X00_LIB_EEPROM config option was changed to bool,
because boolean is an invalid value and the new kconfig system
complained about this.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit will activate CONFIG_IEEE80211W for all, but the mini
variant when at least one driver supports it. This will add ieee80211w
support for the mesh variant for example.
Fixes: FS#2397
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Bump to latest git HEAD
509e673 firewall3: Improve ipset support
The enabled option did not work properly for ipsets, as it was not
checked on create/destroy of a set. After this commit, sets are only
created/destroyed if enabled is set to true.
Add support for reloading, or recreating, ipsets on firewall reload. By
setting "reload_set" to true, the set will be destroyed and then
re-created when the firewall is reloaded.
Add support for the counters and comment extensions. By setting
"counters" or "comment" to true, then counters or comments are added to
the set.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
generate feeds.buildinfo and version.buildinfo in build dir after
containing the feed revisions (via ./scripts/feeds list -sf) as well as
the current revision of buildroot (via ./scripts/getver.sh).
With this information it should be possible to reproduce any build,
especially the release builds.
Usage would be to move feeds.buildinfo to feeds.conf and git checkout the
revision hash of version.buildinfo.
Content of feeds.buildinfo would look similar to this:
src-git routing https://git.openwrt.org/feed/routing.git^bf475d6
src-git telephony https://git.openwrt.org/feed/telephony.git^470eb8e
...
Content of version.buildinfo would look similar to this:
r10203+1-c12bd3a21b
Without the exact feed revision it is not possible to determine
installed package versions.
Also rename config.seed to config.buildinfo to follow the recommended
style of https://reproducible-builds.org/docs/recording/
Signed-off-by: Paul Spooren <mail@aparcar.org>
Revert "mac80211: add new minstrel_ht patches to improve probing on mt76x2" (9861050b85)
Revert "kernel: use bulk free in kfree_skb_list to improve performance" (98b654de2e)
Revert "ramips: add preliminary support for WIO ONE" (085141dc5b)
Revert "ramips: add preliminary support for SGE AP-MTKH7-0006 developer board" (b1db6d0539)
Revert "build: use config.site generated by autoconf-lean, drop hardcoded sitefiles" (363ce4329d)
Revert "toolchain: add autoconf-lean" (fdb30eed03)
Revert "build: allow overriding the filename on the remote server when downloading" (6fa0e07758)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
In the commit 623716dd43 ("comgt-ncm: Fix NCM protocol")
the dependencies to vendor NCM drivers were removed, because:
> comgt-ncm should not depend on the USB-serial-related kernel modules,
> as the cdc-wdm control device works without them. There is also no need
> to depend on kmod-huawei-cdc-ncm, since other manufacturers (like
> Ericsson and Samsung) which use other kernel modules should also be
> supported.
From a user-perspective this does not make sense, as installing comgt-ncm
(or luci-proto-ncm) should install all needed dependencies for using such
a device.
Furthermore depending on kmod-huawei-cdc-ncm does not mean that Ericsson
and Samsung devices can't be supported. By the way it seems that Ericsson
and Samsung devices never used NCM, but act as serial modems.
Thus this commit adds the dependencies again.
Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
[fixed title capitalization, formatted commit message,
renamed Sony-Ericsson to Ericsson]
Signed-off-by: David Bauer <mail@david-bauer.net>
Since usign miscalculates SHA-512 digests for input sizes of exactly
64 + N * 128 + 110 or 64 + N * 128 + 111 bytes, we need to apply some
white space padding to avoid triggering the hashing edge case.
While usign itself has been fixed already, there is still many firmwares
in the wild which use broken usign versions to verify current package
indexes so we'll need to carry this workaround in the forseeable future.
Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Ref: https://git.openwrt.org/5a52b379902471cef495687547c7b568142f66d2
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Introduce a new option CONFIG_SIGNATURE_CHECK which defaults to the value
of CONFIG_SIGNED_PACKAGES and thus is enabled by default.
This option is needed to support building target opkg with enabled
signature verification while having the signed package lists disabled.
Our buildbots currently disable package signing globally in the
buildroot and SDK to avoid the need to ship private signing keys to
the build workers and to prevent the triggering of random key generation
on the worker nodes since package signing happens off-line on the master
nodes.
As unintended side-effect, updated opkg packages will get built with
disabled signature verification, hence the need for a new override option.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This update fixes usign signature verification on files with certain
file sizes triggering a bug in the shipped SHA-512 implementation.
5a52b37 sha512: fix bad hardcoded constant in sha512_final()
3e6648b README: replace unicode character
716c3f2 README: add reference to OpenBSD signify
86d3668 README: provide reference for ed25519 algorithm
939ec35 usign: main.c: describe necessary arguments for -G
Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fix build breakage as upstream has removed implicit include of
sys/sysmacros.h from sys/types.h:
remove implicit include of sys/sysmacros.h from sys/types.h
this reverts commit f552c792c7ce5a560f214e1104d93ee5b0833967, which
exposed the sysmacros.h macros (device major/minor calculations) for
BSD and GNU profiles to mimic an unintentional glibc behavior some
code depended on. glibc has deprecated and since removed them as the
resolution to bug #19239, so it makes no sense for us to keep this
behavior. affected code should all have been fixed by now, and if it's
not yet fixed it needs to be for use with modern glibc anyway.
Ref: https://git.musl-libc.org/cgit/musl/commit/include/sys/types.h?id=a31a30a0076c284133c0f4dfa32b8b37883ac930
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This is already enabled as kernel built-in feature in mvebu target and
none other target will use it.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
This changes the default PKG_BUILD_DIR to take BUILD_VARIANT into
account (if set), so that packages do not need to manually override
PKG_BUILD_DIR just to handle variants.
This also updates most base packages with variants to use the updated
default PKG_BUILD_DIR.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
379c096 Release version 5.2.
2bce6d9 ethtool: Add 100BaseT1 and 1000BaseT1 link modes
67ffbf5 ethtool: sync ethtool-copy.h with linux-next from 30/05/2019
687152b ethtool.spec: Use standard file location macros
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
wireless-regdb fails to build if there is python2 installed from package
feeds, as staging_dir/hostpkg/bin/python is python2 and
staging_dir/hostpkg/bin takes precedence over staging_dir/host/bin
(proper place with python -> python3 symlink) which leads to the build
failure of wireless-regdb, so this patch makes it explicit which python
should be used.
Reported-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Russell Senior <russell@personaltelco.net>
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
- make create_pbl and byte_swap as host tools
- fix a bug that maybe use the cross compiler
to compile create_pbl and byte_swap:
# -a option appends the image for Chassis 3 devices in case of non secure boot
aarch64-openwrt-linux-musl-gcc -Wall -Werror -pedantic -std=c99 -O2
-DVERSION=v1.5(release):reboot-10604-ge9216b3336 -D_GNU_SOURCE -D_XOPEN_SOURCE=700
-c -o create_pbl.o create_pbl.c
cc1: note: someone does not honour COPTS correctly, passed 0 times
LD create_pbl
/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
create_pbl.o: error adding symbols: File in wrong format
collect2: error: ld returned 1 exit status
Makefile:43: recipe for target create_pbl failed
make[4]: *** [create_pbl] Error 1
plat/nxp/tools/pbl_ch2.mk:45: recipe for target pbl failed
make[3]: *** [pbl] Error 2
- add tfa- prefix to all tools in order to avoid future clashes with
other toolnames
Signed-off-by: Biwen Li <biwen.li@nxp.com>
[added missing HOST_CFLAGS, added tfa- prefix to the tools]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Fixes build issues on a python3 host (issues with the print statement
formatting in the current build).
Includes 100-regdb-write-firmware-file-format-version-code-20.patch and
other fixes.
Closes bugs.openwrt.org/index.php?do=details&task_id=1605.
Uses the tarball as requested.
Signed-off-by: Zachary Riedlshah <git@zacharyrs.me>
Python 2.7 will not be maintained past 2020. Let's convert
to python3 for rcw. Also drop byte swapping since TF-A had
been already used which handled byte swapping instead.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Backport upstream patches pre 2.81rc for testing purposes.
Let's see what falls out!
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
iptables: connmark - add savedscp option
Naive user space front end to xt_connmark 'savedscp' option.
e.g.
iptables -A QOS_MARK_eth0 -t mangle -j CONNMARK --savedscp-mark 0xfc000000/0x01000000
Will save DSCP into the top 6 bits and OR 0x01 (ie set) the least
significant bit of most significant byte.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
fiptool is a host tool, used in a firmware generation pipeline, but it's
not treated as such, leading to the build breakage on the hosts which
don't have {Open,Libre}SSL dev package installed:
In file included from fiptool.h:16:0,
from fiptool.c:19:
fiptool_platform.h:18:27: fatal error: openssl/sha.h:
No such file or directory
# include <openssl/sha.h>
So this patch promotes fiptool into the host tool with proper host
include and library paths under STAGING_DIR.
Ref: https://github.com/openwrt/openwrt/pull/2267
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This doesn't include 9ff8614a3dbe ("brcmfmac: use separate Kconfig file
for brcmfmac") due to a few conflicts with backports changes.
An important change is:
[PATCH 2/7] brcmfmac: change the order of things in brcmf_detach()
which fixes a rmmod crash in the brcmf_txfinalize().
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
the ath10k-ct package ships multiple versions of the ath10k-ct driver,
OpenWrt currently only uses the version 4.19, but we still ship some
patches for older versions. Remove all patches only touching older
versions and also remove the patch for older versions from patches which
do the same changes to multiple versions of ath10k-ct.
This removes some unneeded patches, the end binary should stay the same.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This updates mac80211 to version 5.2-rc7, this contains all the changes
to the wireless subsystem up to Linux 5.2-rc7.
* The removed patches are applied upstream
* b43 now uses kmod-lib-cordic
* Update the nl80211.h file in iw to match backports version.
* Remove the two backports from kernel 4.9, they were needed for mt76,
but that can use the version from backports now, otherwise they
collide and cause compile errors.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
While compile checking mtd changes in PR#1359 I've noticed following
compiler warnings and cleaned them up:
fis.c: In function 'fis_remap':
fis.c:143:25: warning: variable 'redboot' set but not used [-Wunused-but-set-variable]
struct fis_image_desc *redboot = NULL;
^~~~~~~
fis.c:142:25: warning: variable 'fisdir' set but not used [-Wunused-but-set-variable]
struct fis_image_desc *fisdir = NULL;
^~~~~~
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The code for calculating the CRC32 signatures for RedBoot FIS partitions
was already included, but for unknown reasons, it was never invoked. Some
bootloaders enforce checking these for loaded kernels, so they should be
written. This patch does so.
Tested-by: Brian Gonyer <bgonyer@gmail.com>
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
To configure the list of allowable TLS 1.3 ciphersuites, the option
tls_ciphersuites is used instead of tls_ciphers.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Redirect the build output to PKG_BUILD_DIR instead of copying over
complete source code.
Build tested on following targets:
x86/64 ar7/generic ipq40xx/generic imx6/generic ar71xx/generic
ramips/mt7621 ramips/mt7620 sunxi/cortexa7
Run tested on imx6/apalis.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
By default, set BE tx queue TXOP limit to 1.0 in the hostapd config
Many vendor drivers are doing similar things to boost throughput.
On MT7612 under ideal conditions, it improves tx throughput from 470 Mbit/s
to about 570 Mbit/s.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Specifications:
- SoC: AR9344
- RAM: 128MB
- Flash: 2 * 16MB (MX25L12845)
- Ethernet: 2 * FE LAN & 1 * FE WAN
- WiFi: 2.4G: AR9344 5G: QCA9882
Flash instruction:
1. Hold reset and power up the router
2. Set your IP to 192.168.1.x
3. Open 192.168.1.1 and upload the generated *factory* firmware
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefore add all libraries linked by
block-mount and blockd as direct dependencies to the corresponding
binary package definition.
This ensures that block-mount and blockd is automatically rebuilt and
relinked if any of these libraries has its ABI_VERSION updated in the
future.
Fixes: FS#2373
[jow: similar fix for procd and 98.42% of commit message]
Signed-off-by: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This patch unifies the polled and interrupt-driven gpio_keys code
paths as well implements consistent handling of the debounce
interval set for the GPIO buttons and switches.
Hotplug events will only be fired if
1. The input changes its state and remains stable for the duration
of the debounce interval (default is 5 ms).
2. In the initial stable (no state-change for duration of the
debounce interval) state once the driver module gets loaded.
Switch type inputs will always report their stable state.
Unpressed buttons will not trigger an event for the initial
stable state. Whereas pressed buttons will trigger an event.
This is consistent with upstream's gpio-key driver that uses
the input subsystem (and dont use autorepeat).
Prior to this patch, this was handled inconsistently for interrupt-based
an polled gpio-keys. Hence this patch unifies the shared logic into the
gpio_keys_handle_button() function and modify both implementations to
handle the initial state properly.
The changes described in 2. ) . can have an impact on the
failsafe trigger. Up until now, the script checked for button
state changes. On the down side, this allowed to trigger the
failsafe by releasing a held button at the right time. On the
plus side, the button's polarity setting didn't matter.
Now, the failsafe will only engage when a button was pressed
at the right moment (same as before), but now it can
theoretically also trigger when the button was pressed the
whole time the kernel booted and well into the fast-blinking
preinit phase. However, the chances that this can happen are
really small. This is because the gpio-button module is usually
up and ready even before the preinit state is entered. So, the
initial pressed button event gets lost and most devices behave
as before.
Bisectors: If this patch causes a device to permanently go into
failsafe or experience weird behavior due to inputs, please
check the following:
- the GPIO polarity setting for the button
- the software-debounce value
Run-tested for 'gpio-keys' and 'gpio-keys-polled' on
- devolo WiFi pro 1200e
- devolo WiFi pro 1750c
- devolo WiFi pro 1750x
- Netgear WNDR4700
- Meraki MR24
- RT-AC58U
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [further
cleanups, simplification and unification]
b43legacy needs ssb support and we do not compile the mips74 subtarget
of the brcm47xx target with SSB support. This causes a build failure in
the mac80211 package and only some of the kernel modules are being
created.
I am not aware of any device with a BRCM47xx mips74 CPU which uses a
b43legacy compatible device.
Fixes: FS#2334
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Update the lua5.3 package to build a shared object just like the old lua
package. Ported / recreated the same patch number as the other lua
package. Built and tested library / interpreter on BCM5301X.
Signed-off-by: Colby Whitney <colby.whitney@luxul.com>
do_upgrade_stage2() isn't really any common code. It isn't used anywhere
except for /sbin/sysupgrade that passes it to the stage2.
Moving its code to separated file also simplifies COMMAND variable.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Logic was inverted when changing from string check to file check.
Fix it.
Fixes: 8592602d0a ("base-files: Really check path in get_mac_binary")
Reported-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Fix file installation clash between kmod-sched & kmod-sched-cake as both
try to install sch_cake.ko
Remove cake from kmod-sched package as cake is supposed to be the
optional qdisc.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
CAKE made it to kernel 4.19 and since OpenWrt now at kernel 4.19 we can
drop the out of tree cake package in base repository.
Add kmod-sched-cake to netsupport so package dependencies are still met.
Similarly CAKE is retained as an optional qdisc module to avoid base
scheduler package size implications.
Backport upstream patches from k5.1 to address some small bugs and
support fwmark usage.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
With bcm53xx switched to the new procedure there is no more need for
keeping that backward compatibility code.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Its last usage was dropped back in 2013 in the commit b95bdc8ab5
("kernel/base-files: clean up old code related to refreshing mtd
partitions, it is no longer used anywhere").
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This patch adds two new commands:
zram status - shows memory stats for all zram swaps
zram compaction - trigger compaction for all zram swaps
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
No size increase on busybox binary.
Since busybox mkswap is already enabled by default it seems reasonable
to enable swapon/off too. For ex. this obsoletes installing block-mount
dependency for zram-swap.
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Executing '/etc/init.d/zram start' during runtime (with a swap being already
mounted) triggers zram device compaction and prints out nice stats info about
zram memory usage
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [use IEC's MiB unit]
- fix dependency on BUSYBOX_CONFIG_SWAPONOFF (removed in 84da2a6)
- add busybox defaults checking (fix zram-swap always installs swap-utils
and libblkid as dependency, even if busybox includes mkswap by default)
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Currently, path argument is only checked for being not empty.
This changes behavior to actually check whether path exists.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This edjusts the selection of recently removed wolfssl options which
have always been built into the library even in their abscence.
Also remove the selection of libwolfssl itself, allowing the library to
be built as a module.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Removed options that can't be turned off because we're building with
--enable-stunnel, some of which affect hostapd's Config.in.
Adjusted the title of OCSP option, as OCSP itself can't be turned off,
only the stapling part is selectable.
Mark options turned on when wpad support is selected.
Add building options for TLS 1.0, and TLS 1.3.
Add hardware crypto support, which due to a bug, only works when CCM
support is turned off.
Reorganized option conditionals in Makefile.
Add Eneas U de Queiroz as maintainer.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This includes a fix for a medium-level potential cache attack with a
variant of Bleichenbacher’s attack. Patches were refreshed.
Increased FP_MAX_BITS to allow 4096-bit RSA keys.
Fixed poly1305 build option, and some Makefile updates.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This patch updates the board-2.bin for the default
IPQ4019, QCA9984 and QCA9888 ath10k-firmware-xyz-ct
and -ct-htt firmwares.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Linux 4.15 removes the init_timer() API. It's replaced by two functions:
- timer_setup() is used instead of init_timer() and also replaces the
timer "function" (callback) setup.
- from_timer() has to be used to obtain the use-case specific data from
a struct timer_list, which is now passed to the timer callback.
Update the timer API to be compatible with Linux 4.15+ so it compiles
with the upcoming Linux 4.19 kernel update.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
This addresses an issue where the list option specified in
/etc/config/openvpn i.e. 'tls_cipher' would instead show up in the
generated openvpn-<name>.conf as 'ncp-ciphers'. For context,
'ncp_ciphers' appears after 'tls_cipher' in OPENVPN_LIST from
openvpn.options.
Also, the ordering of the options in the UCI config file is now
preserved when generating the OpenVPN config. The two currently
supported list options deal with cipher preferences.
Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
All protos for wwan (ncm,qmi,mbim) do have a delay option.
To standardize that add also the missing delay option to the 3g proto.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Restart is in default implemented so it calls stop and start. This is
pretty unsafe to call on umount service. This service should not do
anything on restart the same way as on start. Only use of this service
is on stop.
Signed-off-by: Karel Kočí <cynerd@email.cz>
There are mobile carrier who have different MTU size in their network.
With this change it is now possible to configure this with the qmi
proto handler.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Fix wrong paths in InstallDev which cause Lua 5.3 headers to be staged
in /usr/include/, overwriting Lua 5.1 headers and leading to widespread
build failures in all Lua related packages.
Fixes: FS#2348
Fixes: 6b161bb8d5 ("lua5.3: package Lua 5.3 version")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* curve25519: not all linkers support bmi2 and adx
This should allow WireGuard to build on older toolchains.
* global: switch to coarse ktime
Our prior use of fast ktime before meant that sometimes, depending on how
broken the motherboard was, we'd wind up calling into the HPET slow path. Here
we move to coarse ktime which is always super speedy. In the process we had to
fix the resolution of the clock, as well as introduce a new interface for it,
landing in 5.3. Older kernels fall back to a fast-enough mechanism based on
jiffies.
https://lore.kernel.org/lkml/tip-e3ff9c3678b4d80e22d2557b68726174578eaf52@git.kernel.org/https://lore.kernel.org/lkml/20190621203249.3909-3-Jason@zx2c4.com/
* netlink: cast struct over cb->args for type safety
This follow recent upstream changes such as:
https://lore.kernel.org/lkml/20190628144022.31376-1-Jason@zx2c4.com/
* peer: use LIST_HEAD macro
Style nit.
* receive: queue dead packets to napi queue instead of empty rx_queue
This mitigates a WARN_ON being triggered by the workqueue code. It was quite
hard to trigger, except sporadically, or reliably with a PC Engines ALIX, an
extremely slow board with an AMD LX800 that Ryan Whelan of Axatrax was kind
enough to mail me.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
The plan for packaging Lua is to have "lua5.1" and "lua5.3" packages
with only the first one having "lua" alias (PROVIDES) for backward
compatibility with existing packages.
Putting PROVIDES in lua5.3 was a copy & paste mistake.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Some devices and packages require newer version of u-boot to work
properly, update u-boot to keep up with 4.19 kernel.
Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
[re-added missing commit message]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
It apparently requires passing V variable explicitly.
Fixes: fe59b46ca7 ("lua: include version number in installed files")
Reported-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This package provides an interpreter and compiler for Lua 5.3.5. It has
been decided to use separated package due to a backward incompatibility
of Lua 5.2 and 5.3.
This package/version:
1) Does not include lnum patch as its author didn't decide to port it to
the new version.
2) Does not provide shared library as the old patch doesn't apply
anymore. It can be added later if needed.
3) Does not come with examples package as tests were dropped by upstream
developers.
That said there is definitely a room for improvement and any further
work is highly appreciated. It works however and can be safely pushed as
a basic/early package release.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
cd7eabcd8c9d ugps: Fix compilation under 64-bit
198c06051dd0 Fix build error caused by enabled extra compiler warnings
fc2ab8756b3b Enable extra compiler warnings
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Just stumbled across this LEDE legacy, without finding any real reason
to keep it. There is a single LEDE_DEVICE_MANUFACTURER_URL dependency
in the luci feed repo which needs to be syncronized.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
[re-added missing commit message]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
b3a2965 mt76x02: fix crash on device reset
ffddb68 mt76x02u: check chip version on probe
7fc5f92 mt76x2u: remove duplicated entry in mt76x2u_device_table
61311d9 mt76: introduce mt76_free_device routine
a7dfcf2 mt76: move mac_work in mt76_dev
334b4ce mt76: add mac80211 driver for MT7615 PCIe-based chipsets
edb2a00 mt76: add unlikely() for dma_mapping_error() check
355c079 mt76: use macro for sn and seq_ctrl conversion
133bffb add firmware for MT7615E
49d9c1b mt76: usb: reduce locking in mt76u_tx_tasklet
3e371ca mt76: set txwi_size according to the driver value
5007326 mt76: add skb pointer to mt76_tx_info
c47a568 mt76: dma: introduce skb field in mt76_txwi_cache
9029560 mt76: dma: add skb check for dummy pointer
e9eea39 mt76: mt7615: use sizeof instead of sizeof_field
98c5359 Revert "mt76: fix potential deadlock on cancelling workqueues"
bc9baa7 mt76x02u: remove bogus stop on suspend
6c1cab9 mt76usb: fix tx/rx stop
0e674c5 mt76x02: remove bogus mutex usage
59f7bb6 Revert "mt76: mt76x02: send no-skb tx status without holding the status lock"
b0f2a30 mt76x02: avoid status_list.lock and sta->rate_ctrl_lock dependency
62054de mt76: mt7603: remove query from mt7603_mcu_msg_send signature
e79d96a mt76: mt7603: use standard signature for mt7603_mcu_msg_send
be8f039 mt76: mt7603: initialize mt76_mcu_ops data structure
9a9c656 mt76: introduce mt76_mcu_restart macro
980b91e mt76: mt7603: init mcu_restart function pointer
a97db3f mt76: mt7603: run __mt76_mcu_send_msg in mt7603_mcu_send_firmware
151115f mt76: mt76x02: mt76x02_poll_tx() can be static
7391f98 mt76: fix endianness sparse warnings
6c06f73 mt76: mt7603: report firmware version using ethtool
f06647e mt76: usb: use EP max packet aligned buffer sizes for rx
f43fccf mt76: move beacon_int in mt76_dev
74ab2cf mt76: move beacon_mask in mt76_dev
23c2f94 mt76: add TX/RX antenna pattern capabilities
6e790e1 mt76: move pre_tbtt_tasklet in mt76_dev
7606c08 mt76: mt7603: enable/disable pre_tbtt_tasklet in mt7603_set_channel
ff22eee mt76: do not enable/disable pre_tbtt_tasklet in scan_start/scan_complete
3157385 mt76: mt7603: dynamically alloc mcu req in mt7603_mcu_set_eeprom
cc674e2 mt76: mt76x02: remove useless return in mt76x02_resync_beacon_timer
6b18427 mt76: move tx_napi in mt76_dev
bce63c4 mt76: mt7603: use napi polling for tx cleanup
4afd89e mt76: mt7615: use napi polling for tx cleanup
2cb4683 mt76: move netif_napi_del in mt76_dma_cleanup
b4ceb9f mt76: Fix a signedness bug in mt7615_add_interface()
d00dc95 mt76: mt7615: Use after free in mt7615_mcu_set_bcn()
4e0ccc6 mt76: mt7615: Make mt7615_irq_handler static
0fd552a mt7615: mcu: simplify __mt7615_mcu_set_wtbl
50f7094 mt7615: mcu: simplify __mt7615_mcu_set_sta_rec
4434d04 mt7615: mcu: remove bss_info_convert_vif_type routine
083fbb9 mt7615: mcu: use proper msg size in mt7615_mcu_add_wtbl_bmc
f61ca80 mt7615: mcu: use proper msg size in mt7615_mcu_add_wtbl
35bd12d mt7615: mcu: unify mt7615_mcu_add_wtbl_bmc and mt7615_mcu_del_wtbl_bmc
f8f990b mt7615: mcu: remove unused parameter in mt7615_mcu_del_wtbl
965bca1 mt7615: remove query from mt7615_mcu_msg_send signature
9b9ca18 mt7615: remove dest from mt7615_mcu_msg_send signature
935b7e5 mt7615: mcu: remove skb_ret from mt7615_mcu_msg_send
2442db4 mt7615: mcu: unify __mt7615_mcu_set_dev_info and mt7615_mcu_set_dev_info
645bc45 mt7615: mcu: do not use function pointers whenever possible
40c4201 mt7615: mcu: remove unused structure in mcu.h
a8834a2 mt7615: mcu: use standard signature for mt7615_mcu_msg_send
824d25c mt7615: initialize mt76_mcu_ops data structure
d943427 mt7615: mcu: init mcu_restart function pointer
c2211e4 mt7615: mcu: run __mt76_mcu_send_msg in mt7615_mcu_send_firmware
cb63a06 mt76: mt7603: stop mac80211 queues before setting the channel
c6aaa3a mt76: mt7615: rearrange cleanup operations in mt7615_unregister_device
97609f3 mt76: mt7615: add static qualifier to mt7615_rx_poll_complete
f9dadd2 mt76: mt7603: add debugfs knob to enable/disable edcca
89cda5d mt7603: fix reading target tx power from eeprom
77d0e33 mt76: fix setting chan->max_power
f575da2 mt76: mt76x02: fix tx status reporting issues
a5d18dc mt76: mt76x02: fix tx reordering on rate control probing without a-mpdu
bd32a93 mt76: mt76x02: remove enable from mt76x02_edcca_init signature
18386ee mt76: mt76x2u: remove mt76x02_edcca_init in mt76x2u_set_channel
da3514f mt76: mt76x2: move mutex_lock inside mt76x2_set_channel
0d4719c mt76: mt76x02: run mt76x02_edcca_init atomically in mt76_edcca_set
fd5af73 mt76: mt76x02: fix edcca file permission
a0f51f2 mt76: mt7615: do not process rx packets if the device is not initialized
753cdee mt76: mt7615: stop mcu first in mt7615_unregister_device
899efe7 mt76: move mt76_insert_ccmp_hdr in mt76-module
6960b6e mt76: mt7615: add support for mtd eeprom parsing
4bcb057 mt76: mt7615: select wifi band according to eeprom
866f2c6 mt76: generalize mt76_get_txpower for 4x4:4 devices
514fb04 mt76: mt7615: add the capability to configure tx power
ced9d43 mt76: mt7615: init get_txpower mac80211 callback
8abd502 mt76: mt7615: rearrange locking in mt7615_config
5b9b62e mt76: move mt76_get_rate in mt76-module
661c7c8 mt76: Remove set but not used variables 'pid' and 'final_mpdu'
f072c7b mt76: mt7615: enable support for mesh
28d9496 mt76: mt7615: fix slow performance when enable encryption
827b9ad mt76: mt7615: remove unused variable in mt7615_mcu_set_bcn
34eea14 mt76: mt7615: remove key check in mt7615_mcu_set_wtbl_key
2bfae5a mt76: usb: fix rx A-MSDU support
b033532 mt76: usb: do not always copy the first part of received frames
3e7fc15 mt76x02: fix reporting of non-probing frames with tx status requested
0d5caea Revert "mt76: usb: do not always copy the first part of received frames"
335e8c6 Revert "mt76: usb: fix rx A-MSDU support"
47ddf4b mt76: revert support for TX_NEEDS_ALIGNED4_SKBS
0b6520b mt7603: rework and fix tx status reporting
539b679 mt7603: improve hardware rate switching configuration
d86d6ef mt76x0: fix RF frontend initialization for external PA
f476a14 mt76x02: fix endian issue in tx status reporting patch
f8d0517 mt76: mt7615: simplify mt7615_mcu_set_sta_rec routine
73ff45f mt76: mt7615: add support for per-chain signal strength reporting
9b67ae6 mt76: mt7615: init per-channel target power
160fdc0 mt76: mt7615: take into account extPA when configuring tx power
2211d93 mt76: mt76x02u: fix sparse warnings: should it be static?
3750533 mt76: mt7615: fix incorrect settings in mesh mode
c37c1ca mt76: mt7615: update peer's bssid when state transition occurs
9dd1089 mt76: mt76u: reduce rx memory footprint
0789f45 mt76: mt7615: remove cfg80211_chan_def from mt7615_set_channel signature
2dca431 mt76: move nl80211_dfs_regions in mt76_dev data structure
3386ccf mt76: mt76u: get rid of {out,in}_max_packet
d680ab0 mt76: usb: fix rx A-MSDU support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This patch is in a series to allow additional STOP indexes after
umount, so that other block devices may stop cleanly.
rssileds.init is now STOP=89
Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
This patch is in a series to allow additional STOP indexes after umount,
so that other block devices may stop cleanly.
kdumpinit is now STOP=90
Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
This patch is in a series to allow additional STOP indexes after umount,
so that other block devices may stop cleanly.
boot is now STOP=90
umount is now STOP=90
After this patch series, the resulting STOP indexes in the 80s & 90s
will be:
STOP=85 odhcpd.init
STOP=89 conntrackd.init
STOP=89 log.init
STOP=89 rssileds.init
STOP=90 boot
STOP=90 kdump.init
STOP=90 network
STOP=90 sysfixtime
STOP=90 umount
STOP=98 mdadm.init (note: will be addressed in a separate patch)
Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[PKG_RELEASE is now 200]
This patch fixes the ath79-nand build error:
|Package kmod-tpm is missing dependencies for the following libraries:
|rng-core.ko
by making it depend on rng-core from 4.19 onwards.
This should work as 4.9 is gone so only 4.14 and 4.19
are there.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
'38b22b1e: deduplicate files in libnghttp2' missed duplicates in
staging_dir by Build/InstallDev.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by rpcd
as direct dependencies to the corresponding binary package definition.
This ensures that rpcd is automatically rebuilt and relinked if any
of these libraries has its ABI_VERSION updated in the future.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Restarting service causes file-systems to be unmounted without being
mounted back. When this service was obsoleted it should have been
implemented in a way that all actions are ignored. Up to this commit
default handler was called when restart was requested. This default
handler just simply calls stop and start. That means that stop called
unmount but start just printed that this service is obsoleted.
This instead implements restart that just prints same message like start
does. It just calls start in reality. This makes restart unavailable for
call.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
This is mainly for kmod-br-netfilter. To turn off
bridge-netfilter-call-xxx immediately after installation
While at it
- Define filelist="/usr/lib/opkg/info/${pkgname}.list"
- Reuse "[ -z "$root" ]"
- Grep with "-m1"
Fixes FS#2300
Reported-by: Marco Sartorius <tidbits@ormoorgmen.info>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Follow upstream changes - header file changes only
no functional or executable changes, hence no package bump
required
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
This adds the dm-raid kmod, which is needed for
LVM builtin raid configurations, aka "MD-over-LVM"
Signed-off-by: Chris Koying Browet <cbro@semperpax.com>
Support to disable the timestamp check for certificates in
wpa_supplicant (Useful for devices without RTC that cannot
reliably get the real date/time) has been accepted in the
upstream hostapd. It's implemented in wpa_supplicant as a
per-AP flag tls_disable_time_checks=[0|1].
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
bnx2x driver support for the x86 architecture. Includes module and
firmware for Broadcom QLogic 5771x/578xx 10/20-Gigabit ethernet
adapters.
Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[added +kmod-lib-zlib-inflate as well]
This patch adds a missing type property. This fixes
the creation of oneshot and timer led triggers like:
| ucidef_set_led_timer "system" "system" "zhuotk:green:system" "1000" "1000"
from /etc/init.d/01_leds.
Fixes: b06a286a48 ("base-files: cleanup led functions in uci-defaults.sh")
Signed-off-by: Robinson Wu <wurobinson@qq.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by uhttpd
as direct dependencies to the corresponding binary package definition.
This ensures that uhttpd is automatically rebuilt and relinked if any
of these libraries has its ABI_VERSION updated in the future.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
After commit e82a4d9cfb ("config: regenerate *_shipped sources") the mconf
parser became more strict as a side effect and started to spew a series of
warnings when evaluating our generated kconfig sources:
tmp/.config-package.in:705:warning: ignoring unsupported character '@'
The root cause of these warnings is a wrong use of the @SYMBOL dependency
syntax in various Makefile. Fix the corresponding Makefiles by turning
`@SYM||@SYM2` expressions into the proper `@(SYM||SYM2)` form.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by procd
as direct dependencies to the corresponding binary package definition.
This ensures that procd is automatically rebuilt and relinked
if any of these libraries has its ABI_VERSION updated in the
future.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When targets for multiple ESPRESSObin devices were added, not all
files were updated which means any ESPRESSObin version beside generic
won't have proper networking, sysupgrade and uboot-env. This patch
fixes the issue.
* fixup network detection
* fixup uboot-env
* fixup platform.sh for sysupgrade
Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
While testing 4.19 build on malta/be64, I've encountered following
error:
gpio-button-hotplug/gpio-button-hotplug.c:529:18: error: implicit
declaration of function 'gpio_to_desc'
which is caused by the missing include fixed by this patch.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Supports EIP97 and EIP197 found on Armada 37xx, 7k and 8k SoCs.
Unfortunately firmware for EIP197 is not easily obtainable, therefore
to not cause lot of user requests directed at OpenWrt, package it as
module with explanation where to obtain the firmware.
Cc: Marek Behún <marek.behun@nic.cz>
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
7ffc239b Bump up version number to 1.39.1
bc886a0e Fix FPE with default backend
a3a14a9c Fix log-level is not set with cmd-line or configuration file
acfb3607 Update manual pages
bdfd14c2 Bump up version number to 1.39.0, LT revision to 31:4:17
cddc09fe Update AUTHORS
3c3b6ae8 Add missing colon
2f83aa9e Fix multi-line text travis issue
fc591d0c Run nghttpx integration test with cmake build
9a17c3ef travis: use multi-line text
b7220f07 cmake: Remove SPDY related files
a1556fd1 Merge pull request #1356 from nghttp2/fix-log-level-on-reload
77f1c872 nghttpx: Fix unchanged log level on configuration reload
49ce44e1 Merge pull request #1352 from nghttp2/travis-osx
f54b3ffc Fix libxml2 CFLAGS output
b0f5e5cc Implement daemon() using fork() for OSX
8d6ecd66 Enable osx build on travis
f82fb521 Update doc
2e1975dd clang-format-8
97ce392b Merge pull request #1347 from nghttp2/nghttpx-ignore-cl-te-on-upgrade
afefbda5 Ignore content-length in 200 response to CONNECT request
4fca2502 nghttpx: Ignore Content-Length and Transfer-Encoding in 1xx or 200 to CONNECT
6975c336 Update llhttp to 1.1.3
0288093c Fix llhttp_get_error_pos usage
a3a03481 Merge pull request #1340 from nghttp2/nghttpx-llhttp
c64d2573 Replace http-parser with llhttp
f028cc43 clang-format
302e3746 Merge pull request #1337 from nghttp2/upgrade-mruby
3cdbc5f5 Merge pull request #1335 from adamgolebiowski/boost-1.70
a6925186 Fix mruby build error
45d63d20 Upgrade mruby to 2.0.1
cbba1ebf asio: support boost-1.70
e86d1378 Bump up version number to 1.39.0-DEV
4a9d2005 Update manual pages
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Also the other type is worng and causes compile problems on ARM64
platforms.
Fixes: 9b53201d9c ("urngd: Fix wrong type in format string")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This improves FullMAC firmware compatibility, adds logging in case of
firmware crash and *may* fix "Invalid packet id" errors.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
9dd2dcf libubox: add format string checking to ulog()
ecf5617 ustream: Add format string checks to ustream_(v)printf()
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
GCC 9.1 complains about this wrong type used in the format string, fix
this to make the compiler happy.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
FCC allows maximum antenna gain of 6 dBi. 15.247(b)(4):
> (4) The conducted output power limit
> specified in paragraph (b) of this section
> is based on the use of antennas
> with directional gains that do not exceed
> 6 dBi. Except as shown in paragraph
> (c) of this section, if transmitting
> antennas of directional gain greater
> than 6 dBi are used, the conducted
> output power from the intentional radiator
> shall be reduced below the stated
> values in paragraphs (b)(1), (b)(2),
> and (b)(3) of this section, as appropriate,
> by the amount in dB that the
> directional gain of the antenna exceeds
> 6 dBi.
https://www.gpo.gov/fdsys/pkg/CFR-2013-title47-vol1/pdf/CFR-2013-title47-vol1-sec15-247.pdf
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Most of the txpower for the ath10k firmware is stored as twicepower (0.5 dB
steps). This isn't the case for max_antenna_gain - which is still expected
by the firmware as dB.
The firmware is converting it from dB to the internal (twicepower)
representation when it calculates the limits of a channel. This can be seen
in tpc_stats when configuring "12" as max_antenna_gain. Instead of the
expected 12 (6 dB), the tpc_stats shows 24 (12 dB).
Tested on QCA9888 and IPQ4019 with firmware 10.4-3.5.3-00057.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
FCC allows maximum antenna gain of 6 dBi. 15.247(b)(4):
> (4) The conducted output power limit
> specified in paragraph (b) of this section
> is based on the use of antennas
> with directional gains that do not exceed
> 6 dBi. Except as shown in paragraph
> (c) of this section, if transmitting
> antennas of directional gain greater
> than 6 dBi are used, the conducted
> output power from the intentional radiator
> shall be reduced below the stated
> values in paragraphs (b)(1), (b)(2),
> and (b)(3) of this section, as appropriate,
> by the amount in dB that the
> directional gain of the antenna exceeds
> 6 dBi.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
* Update busybox to version 1.31.0.
New applets: ts, i2ctransfer
New (restored) feature: error/info levels in syslog messages.
Leave new features disabled by default.
* Refresh patches
* Remove patch that was backported from upstream
Config refreshed with commands below, after which the OpenWrt specific
config defaults (ipv6, login session child) were corrected:
make package/busybox/compile (to populate the build_dir)
cd package/utils/busybox/config/
../convert_menuconfig.pl ../../../../build_dir/target-mips_24kc_musl/busybox-1.31.0
cd package/utils/busybox
./convert_defaults.pl < ../../../build_dir/target-mips_24kc_musl/busybox-1.31.0/.config > Config-defaults.in
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Add proto_add_host_dependency to add a dependency to the tunlink interface
Signed-off-by: André Valentin <avalentin@marcant.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
Now that busybox is a known alternatives provider by opkg, we remove the
ALTERNATIVES spec and add a note to make the implicit situation clear
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Opkg starting from this version special-cases busybox as alternatives
provider. There should be no need to add entries to ALTERNATIVES of
busybox package
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
wave-1:
2019-05-09: Tweak rate-ctrl: Ramp PER up faster, down slower. This
helps throughput in rate-vs-range test, especially with
nss1.
2019-05-20: Disable adaptive-CCA. I am not sure it helps, and it may
make it slower to detect noise that should tell the system
to stop transmitting. If someone has means to test this
properly, I'd be happy to work with them.
wave-2:
2019-05-15: Fix problem where rate-ctrl sometimes used rix of 0x0.
2019-05-15: Allow raw-tx of encrypted frame. Requires a patch to the
driver to use raw mode when skb has WEP flag enabled AND
skb is flagged to not be encrypted. Lightly tested.
2019-05-16: Fix tx-hang that happened when rate-ctrl chose an OFDM rate
for 20Mhz and sent that as AMPDU. To fix, limit to (V)HT
rates if peer is (V)HT. It seems that MCS0 (V)HT20 should
have as good of a chance of being detected as CCK or OFDM.
2019-06-06: Disable TX-BFEE, TX-BFER for IBSS connections. I suspect
this is part of the tx-hang issue seen with IBSS between
two 9984 radios.
2019-06-12: Fix rx-rate reporting in 'fw_stats' logic. This was at
least partly due to regressions I had added earlier when
working on some multi-vdev enhancements.
2019-6-12: Fix case where extd peer-stats were not always populated.
The stats gathering code did not handle error conditions
well.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Changes:
ath10k: Improve PMF/MPF mgt frame check
And add a driver for 5.2 (beta, not even tested yet) kernel.
Refresh patches.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
μrngd is OpenWrt's micro non-physical true random number generator based
on timing jitter.
Using the Jitter RNG core, the rngd provides an entropy source that
feeds into the Linux /dev/random device if its entropy runs low. It
updates the /dev/random entropy estimator such that the newly provided
entropy unblocks /dev/random.
The seeding of /dev/random also ensures that /dev/urandom benefits from
entropy. Especially during boot time, when the entropy of Linux is low,
the Jitter RNGd provides a source of sufficient entropy.
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Add support for xfrm interfaces in kernel. XFRM interfaces are used by
the IPsec stack for tunneling.
XFRM interfaces are available since linux 4.19.
Signed-off-by: André Valentin <avalentin@marcant.net>
Commit afc056d7dc ("gpio-button-hotplug: support interrupt
properties") changed the gpio-keys interrupt handling logic in a way,
that it always misses first event, which causes issues with rc.button
scripts, so this patch restores the previous behaviour.
Fixes: afc056d7dc ("gpio-button-hotplug: support interrupt properties")
Reported-by: Kristian Evensen <kristian.evensen@gmail.com>
Tested-by: Kuan-Yi Li <kyli.tw@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [drop state check]
Currently the generated event contains wrong seen value, when the button
is pressed for the first time:
rmmod gpio_button_hotplug; modprobe gpio_button_hotplug
[ pressing the wps key immediately after modprobe ]
gpio-keys: create event, name=wps, seen=1088, pressed=1
So this patch adds a check for this corner case and makes seen=0 if the
button is pressed for the first time.
Tested-by: Kuan-Yi Li <kyli.tw@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This is to make life easier for users with customized build of
dnsmasq-full variant. Currently dnsmasq config generated by current
service script will be rejected by dnsmasq build lacking DHCP feature
- Options like --dhcp-leasefile have default values. Deleting them
from uci config or setting them to empty value will make them take on
default value in the end
- Options like --dhcp-broadcast are output unconditionally
Tackle this by
- Check availablility of features from output of "dnsmasq --version"
- Make a list of options guarded by HAVE_xx macros in src/options.c of
dnsmasq source code
- Ignore these options in xappend()
Two things to note in this implementation
- The option list is not exhaustive. Supposedly only those options that
may cause dnsmasq to reject with "unsupported option (check that
dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)" are taken
into account here
- This provides a way out but users' cooperation is still needed. E.g.
option dnssec needs to be turned off, otherwise the service script
will try to add --conf-file pointing to dnssec specific anchor file
which dnsmasq lacking dnssec support will reject
Resolves FS#2281
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Busybox brctl applet conflicts with the version from bridge-utils.
Fix this by using ALTERNATIVE support for brctl in busybox.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
Add the userspace control portion of the backported kernelspace
act_ctinfo.
ctinfo is a tc action restoring data stored in conntrack marks to
various fields. At present it has two independent modes of operation,
restoration of DSCP into IPv4/v6 diffserv and restoration of conntrack
marks into packet skb marks.
It understands a number of parameters specific to this action in
additional to the usual action syntax. Each operating mode is
independent of the other so all options are optional, however not
specifying at least one mode is a bit pointless.
Usage: ... ctinfo [dscp mask [statemask]] [cpmark [mask]] [zone ZONE]
[CONTROL] [index <INDEX>]
DSCP mode
dscp enables copying of a DSCP stored in the conntrack mark into the
ipv4/v6 diffserv field. The mask is a 32bit field and specifies where
in the conntrack mark the DSCP value is located. It must be 6
contiguous bits long. eg. 0xfc000000 would restore the DSCP from the
upper 6 bits of the conntrack mark.
The DSCP copying may be optionally controlled by a statemask. The
statemask is a 32bit field, usually with a single bit set and must not
overlap the dscp mask. The DSCP restore operation will only take place
if the corresponding bit/s in conntrack mark ANDed with the statemask
yield a non zero result.
eg. dscp 0xfc000000 0x01000000 would retrieve the DSCP from the top 6
bits, whilst using bit 25 as a flag to do so. Bit 26 is unused in this
example.
CPMARK mode
cpmark enables copying of the conntrack mark to the packet skb mark. In
this mode it is completely equivalent to the existing act_connmark
action. Additional functionality is provided by the optional mask
parameter, whereby the stored conntrack mark is logically ANDed with the
cpmark mask before being stored into skb mark. This allows shared usage
of the conntrack mark between applications.
eg. cpmark 0x00ffffff would restore only the lower 24 bits of the
conntrack mark, thus may be useful in the event that the upper 8 bits
are used by the DSCP function.
Usage: ... ctinfo [dscp mask [statemask]] [cpmark [mask]] [zone ZONE]
[CONTROL] [index <INDEX>]
where :
dscp MASK is the bitmask to restore DSCP
STATEMASK is the bitmask to determine conditional restoring
cpmark MASK mask applied to restored packet mark
ZONE is the conntrack zone
CONTROL := reclassify | pipe | drop | continue | ok |
goto chain <CHAIN_INDEX>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
ctinfo is a new tc filter action module. It is designed to restore
information contained in firewall conntrack marks to other packet fields
and is typically used on packet ingress paths. At present it has two
independent sub-functions or operating modes, DSCP restoration mode &
skb mark restoration mode.
The DSCP restore mode:
This mode copies DSCP values that have been placed in the firewall
conntrack mark back into the IPv4/v6 diffserv fields of relevant
packets.
The DSCP restoration is intended for use and has been found useful for
restoring ingress classifications based on egress classifications across
links that bleach or otherwise change DSCP, typically home ISP Internet
links. Restoring DSCP on ingress on the WAN link allows qdiscs such as
but by no means limited to CAKE to shape inbound packets according to
policies that are easier to set & mark on egress.
Ingress classification is traditionally a challenging task since
iptables rules haven't yet run and tc filter/eBPF programs are pre-NAT
lookups, hence are unable to see internal IPv4 addresses as used on the
typical home masquerading gateway. Thus marking the connection in some
manner on egress for later restoration of classification on ingress is
easier to implement.
Parameters related to DSCP restore mode:
dscpmask - a 32 bit mask of 6 contiguous bits and indicate bits of the
conntrack mark field contain the DSCP value to be restored.
statemask - a 32 bit mask of (usually) 1 bit length, outside the area
specified by dscpmask. This represents a conditional operation flag
whereby the DSCP is only restored if the flag is set. This is useful to
implement a 'one shot' iptables based classification where the
'complicated' iptables rules are only run once to classify the
connection on initial (egress) packet and subsequent packets are all
marked/restored with the same DSCP. A mask of zero disables the
conditional behaviour ie. the conntrack mark DSCP bits are always
restored to the ip diffserv field (assuming the conntrack entry is found
& the skb is an ipv4/ipv6 type)
e.g. dscpmask 0xfc000000 statemask 0x01000000
|----0xFC----conntrack mark----000000---|
| Bits 31-26 | bit 25 | bit24 |~~~ Bit 0|
| DSCP | unused | flag |unused |
|-----------------------0x01---000000---|
| |
| |
---| Conditional flag
v only restore if set
|-ip diffserv-|
| 6 bits |
|-------------|
The skb mark restore mode (cpmark):
This mode copies the firewall conntrack mark to the skb's mark field.
It is completely the functional equivalent of the existing act_connmark
action with the additional feature of being able to apply a mask to the
restored value.
Parameters related to skb mark restore mode:
mask - a 32 bit mask applied to the firewall conntrack mark to mask out
bits unwanted for restoration. This can be useful where the conntrack
mark is being used for different purposes by different applications. If
not specified and by default the whole mark field is copied (i.e.
default mask of 0xffffffff)
e.g. mask 0x00ffffff to mask out the top 8 bits being used by the
aforementioned DSCP restore mode.
|----0x00----conntrack mark----ffffff---|
| Bits 31-24 | |
| DSCP & flag| some value here |
|---------------------------------------|
|
|
v
|------------skb mark-------------------|
| | |
| zeroed | |
|---------------------------------------|
Overall parameters:
zone - conntrack zone
control - action related control (reclassify | pipe | drop | continue |
ok | goto chain <CHAIN_INDEX>)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Make suitable adjustments for backporting to 4.14 & 4.19
and add to SCHED_MODULES_FILTER
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Current latest LSDK-19.03 u-boot had a bug that bootcmd
environment was always been reset when u-boot started up.
This was found on boards with spi NOR boot. Before the
proper fix-up is applied, we have to use a workaround
to hard code the bootcmd for OpenWrt booting for now.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
This patch is to convert to use TF-A for firmware.
- Use un-swapped rcw since swapping will be done in TF-A.
- Use u-boot with TF-A defconfig.
- Rework memory map for TF-A introduction.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Add TF-A packages for Layerscape to implement trusted firmware.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
This adds a new package for the kernel module of the ATUSB WPAN driver.
Signed-off-by: Sebastian Meiling <s@mlng.net>
[fixed SoB: and From: mismatch]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This reverts commit 7c50182e0c.
Produces build error:
Package kmod-sched is missing dependencies for the following libraries:
nf_conntrack.ko
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
ctinfo is a new tc filter action module. It is designed to restore
information contained in firewall conntrack marks to other packet fields
and is typically used on packet ingress paths. At present it has two
independent sub-functions or operating modes, DSCP restoration mode &
skb mark restoration mode.
The DSCP restore mode:
This mode copies DSCP values that have been placed in the firewall
conntrack mark back into the IPv4/v6 diffserv fields of relevant
packets.
The DSCP restoration is intended for use and has been found useful for
restoring ingress classifications based on egress classifications across
links that bleach or otherwise change DSCP, typically home ISP Internet
links. Restoring DSCP on ingress on the WAN link allows qdiscs such as
but by no means limited to CAKE to shape inbound packets according to
policies that are easier to set & mark on egress.
Ingress classification is traditionally a challenging task since
iptables rules haven't yet run and tc filter/eBPF programs are pre-NAT
lookups, hence are unable to see internal IPv4 addresses as used on the
typical home masquerading gateway. Thus marking the connection in some
manner on egress for later restoration of classification on ingress is
easier to implement.
Parameters related to DSCP restore mode:
dscpmask - a 32 bit mask of 6 contiguous bits and indicate bits of the
conntrack mark field contain the DSCP value to be restored.
statemask - a 32 bit mask of (usually) 1 bit length, outside the area
specified by dscpmask. This represents a conditional operation flag
whereby the DSCP is only restored if the flag is set. This is useful to
implement a 'one shot' iptables based classification where the
'complicated' iptables rules are only run once to classify the
connection on initial (egress) packet and subsequent packets are all
marked/restored with the same DSCP. A mask of zero disables the
conditional behaviour ie. the conntrack mark DSCP bits are always
restored to the ip diffserv field (assuming the conntrack entry is found
& the skb is an ipv4/ipv6 type)
e.g. dscpmask 0xfc000000 statemask 0x01000000
|----0xFC----conntrack mark----000000---|
| Bits 31-26 | bit 25 | bit24 |~~~ Bit 0|
| DSCP | unused | flag |unused |
|-----------------------0x01---000000---|
| |
| |
---| Conditional flag
v only restore if set
|-ip diffserv-|
| 6 bits |
|-------------|
The skb mark restore mode (cpmark):
This mode copies the firewall conntrack mark to the skb's mark field.
It is completely the functional equivalent of the existing act_connmark
action with the additional feature of being able to apply a mask to the
restored value.
Parameters related to skb mark restore mode:
mask - a 32 bit mask applied to the firewall conntrack mark to mask out
bits unwanted for restoration. This can be useful where the conntrack
mark is being used for different purposes by different applications. If
not specified and by default the whole mark field is copied (i.e.
default mask of 0xffffffff)
e.g. mask 0x00ffffff to mask out the top 8 bits being used by the
aforementioned DSCP restore mode.
|----0x00----conntrack mark----ffffff---|
| Bits 31-24 | |
| DSCP & flag| some value here |
|---------------------------------------|
|
|
v
|------------skb mark-------------------|
| | |
| zeroed | |
|---------------------------------------|
Overall parameters:
zone - conntrack zone
control - action related control (reclassify | pipe | drop | continue |
ok | goto chain <CHAIN_INDEX>)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Make suitable adjustments for backporting to 4.14 & 4.19
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
89bfaa424606 Fix possible linker errors by using CMake find_library macro
569284a119f9 session: handle NULL return values of crypt()
Signed-off-by: Petr Štetiar <ynezz@true.cz>
There was an issue with the backport compat layer in yesterday's snapshot,
causing issues on certain (mostly Atom) Intel chips on kernels older than
4.2, due to the use of xgetbv without checking cpu flags for xsave support.
This manifested itself simply at module load time. Indeed it's somewhat tricky
to support 33 different kernel versions (3.10+), plus weird distro
frankenkernels.
If OpenWRT doesn't support < 4.2, you probably don't need to apply this.
But it also can't hurt, and probably best to stay updated.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tools: add wincompat layer to wg(8)
Consistent with a lot of the Windows work we've been doing this last cycle,
wg(8) now supports the WireGuard for Windows app by talking through a named
pipe. You can compile this as `PLATFORM=windows make -C src/tools` with mingw.
Because programming things for Windows is pretty ugly, we've done this via a
separate standalone wincompat layer, so that we don't pollute our pretty *nix
utility.
* compat: udp_tunnel: force cast sk_data_ready
This is a hack to work around broken Android kernel wrapper scripts.
* wg-quick: freebsd: workaround SIOCGIFSTATUS race in FreeBSD kernel
FreeBSD had a number of kernel race conditions, some of which we can vaguely
work around. These are in the process of being fixed upstream, but probably
people won't update for a while.
* wg-quick: make darwin and freebsd path search strict like linux
Correctness.
* socket: set ignore_df=1 on xmit
This was intended from early on but didn't work on IPv6 without the ignore_df
flag. It allows sending fragments over IPv6.
* qemu: use newer iproute2 and kernel
* qemu: build iproute2 with libmnl support
* qemu: do not check for alignment with ubsan
The QEMU build system has been improved to compile newer versions. Linking
against libmnl gives us better error messages. As well, enabling the alignment
check on x86 UBSAN isn't realistic.
* wg-quick: look up existing routes properly
* wg-quick: specify protocol to ip(8), because of inconsistencies
The route inclusion check was wrong prior, and Linux 5.1 made it break
entirely. This makes a better invocation of `ip route show match`.
* netlink: use new strict length types in policy for 5.2
* kbuild: account for recent upstream changes
* zinc: arm64: use cpu_get_elf_hwcap accessor for 5.2
The usual churn of changes required for the upcoming 5.2.
* timers: add jitter on ack failure reinitiation
Correctness tweak in the timer system.
* blake2s,chacha: latency tweak
* blake2s: shorten ssse3 loop
In every odd-numbered round, instead of operating over the state
x00 x01 x02 x03
x05 x06 x07 x04
x10 x11 x08 x09
x15 x12 x13 x14
we operate over the rotated state
x03 x00 x01 x02
x04 x05 x06 x07
x09 x10 x11 x08
x14 x15 x12 x13
The advantage here is that this requires no changes to the 'x04 x05 x06 x07'
row, which is in the critical path. This results in a noticeable latency
improvement of roughly R cycles, for R diagonal rounds in the primitive. As
well, the blake2s AVX implementation is now SSSE3 and considerably shorter.
* tools: allow setting WG_ENDPOINT_RESOLUTION_RETRIES
System integrators can now specify things like
WG_ENDPOINT_RESOLUTION_RETRIES=infinity when building wg(8)-based init
scripts and services, or 0, or any other integer.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Highlights of this version:
- Prevent over long nonces in ChaCha20-Poly1305 (CVE-2019-1543)
- Fix OPENSSL_config bug (patch removed)
- Change the default RSA, DSA and DH size to 2048 bit instead of 1024.
- Enable SHA3 pre-hashing for ECDSA and DSA
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [DMARC removal]
Upstream Linux's input gpio-keys driver supports
specifying a external interrupt for a gpio via the
'interrupts' properties as well as having support
for software debounce.
This patch ports these features to OpenWrt's event
version. Only the "pure" interrupt-driven support is
left behind, since this goes a bit against the "gpio"
in the "gpio-keys" and I don't have a real device to
test this with.
This patch also silences the generated warnings showing
up since 4.14 due to the 'constification' of the
struct gpio_keys_button *buttons variable in the
upstream struct gpio_keys_platform_data declaration.
gpio-button-hotplug.c: In function 'gpio_keys_get_devtree_pdata':
gpio-button-hotplug.c:392:10: warning: assignment discards 'const'
qualifier from pointer target type [-Wdiscarded-qualifiers]
button = &pdata->buttons[i++];
^
gpio-button-hotplug.c: In function 'gpio_keys_button_probe':
gpio-button-hotplug.c:537:12: warning: assignment discards 'const'
qualifier from pointer target type [-Wdiscarded-qualifiers]
bdata->b = &pdata->buttons[i];
^
gpio-button-hotplug.c: In function 'gpio_keys_probe':
gpio-button-hotplug.c:563:37: warning: initialization discards 'const'
qualifier from pointer target type [-Wdiscarded-qualifiers]
struct gpio_keys_button *button = &pdata->buttons[i];
^
Acked-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Upstream PPP project has added in commit 8e77984 options to tune discovery
timeout and attempts in the rp-pppoe plugin.
Expose these options in the uci datamodel for pppoe:
padi_attempts: Number of discovery attempts
padi_timeout: Initial timeout for discovery packets in seconds
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
It is not always necessary to add a host route for the gre peer address.
This introduces a new config option 'nohostroute' (similar to the
option introduced for wireguard in d8e2e19) to allow to disable
the creation of those routes explicitely.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
This version bump contains the following commit to fix FS#2222
3b3e368 uclient-http: set data_eof when content-length is 0
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Instead of maintaining 3 very similar subtargets merge them into one.
This does not use the Arm NEON extension any more, because the SAMA5D3
does not support NEON.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Sandeep Sheriker <sandeepsheriker.mallikarjun@microchip.com>
For devices such as BTHOMEHUBV5A with both reset and restart buttons,
its easily accessible restart button has been assigned to KEY_POWER
power script to poweroff preventing accidental (or malicious) factory
resets by KEY_RESTART reset script. However an easily accessible button
immediately powering off the device is also undesirable.
As KEY_RESTART is already used for reset script (and there's no
KEY_REBOOT in Linux input events), use KEY_POWER2 for rebooting via new
reboot script with 5 second seen delay.
Fixes: FS#1965
Signed-off-by: Alan Swanson <reiver@improbability.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [long line wrap]
For devices such as BTHOMEHUBV5A with both reset and restart buttons,
its easily accessible restart button has been assigned to KEY_POWER
power script to poweroff preventing accidental (or malicious) factory
resets by KEY_RESTART reset script. However an easily accessible button
immediately powering off the device is also undesirable.
As KEY_RESTART is already used for reset script (and there's no
KEY_REBOOT in Linux input events), use KEY_POWER2 for rebooting via new
reboot script with 5 second seen delay.
Fixes: FS#1965
Signed-off-by: Alan Swanson <reiver@improbability.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [long line wrap]
For devices such as BTHOMEHUBV5A with both reset and restart buttons,
its easily accessible restart button has been assigned to KEY_POWER
power script to poweroff preventing accidental (or malicious) factory
resets by KEY_RESTART reset script. However an easily accessible button
immediately powering off the device is also undesirable.
Fixes: FS#1965
Signed-off-by: Alan Swanson <reiver@improbability.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [long line wrap]
ade00ca585a4 container: fix .dockerenv stat check
385b904b2f0a hotplug: improve error message during group ownership change
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Add upstream patch from:
https://git.busybox.net/busybox/commit/?id=028c5aa18b5273c029f0278232d922ee1a164de6
The patch fixes a problem with an infinite loop causing 100% CPU usage
when running the following command /lib/preinit/10_indicate_preinit
without the CAP_NET_ADMIN capability (such as in Docker):
ip -4 address flush dev $pi_ifname
Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [refresh patch]
Don't set the default firewall zone to wan if not specified to keep the
behavior aligned with other tunnel protocols like gre and 6rd.
If the interface zone is not specified try to get it from the firewall config
when constructing the procd firewall rule.
While at it only add procd inbound/outbound firewall rules if a zone is specified.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Don't set the default firewall zone to wan if not specified to keep the
behavior aligned with other tunnel protocols like gre and 6rd.
If the interface zone is not specified try to get it from the firewall config
when constructing the procd firewall rule.
While at it only add a procd inbound firewall rule if a zone is specified.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* Feature: Add support for 200Gbps (50Gbps per lane) link mode
* Feature: simplify handling of PHY tunable downshift
* Feature: add support for PHY tunable Fast Link Down
* Feature: add PHY Fast Link Down tunable to man page
* Feature: Add a 'start N' option when specifying the Rx flow hash indirection table.
* Feature: Add bash-completion script
* Feature: add 10000baseR_FEC link mode name
* Fix: qsfp: fix special value comparison
* Feature: move option parsing related code into function
* Feature: move cmdline_coalesce out of do_scoalesce
* Feature: introduce new ioctl for per-queue settings
* Feature: support per-queue sub command --show-coalesce
* Feature: support per-queue sub command --coalesce
* Fix: fix up dump_coalesce output to match actual option names
* Feature: fec: add pretty dump
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Lua's LNUM patch currently doesn't parse properly certain numbers as
it's visible from the following simple tests.
On x86_64 host (stock Lua 5.1.5, expected output):
$ /usr/bin/lua -e 'print(0x80000000); print(0x80000000000); print(0x100000000)'
2147483648
8796093022208
4294967296
On x86_64 host:
$ staging_dir/hostpkg/bin/lua -e 'print(0x80000000); print(0x80000000000); print(0x100000000)'
-2147483648
0
0
On x86_64 target:
$ lua -e 'print(0x80000000); print(0x80000000000); print(0x100000000)'
-2147483648
0
0
On ath79 target:
$ lua -e 'print(0x80000000); print(0x80000000000); print(0x100000000)'
-2147483648
8796093022208
4294967296
It's caused by two issues fixed in this patch, first issue is caused by
unhadled strtoul overflow and second one is caused by the cast of
unsigned to signed Lua integer when parsing from hex literal.
Run tested on:
* Zidoo Z9S with RTD1296 CPU (aarch64_cortex-a53)
* qemu/x86_64
* qemu/armvirt_64
* ath79
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
[commit subject/message touches, fixed From to match SOB, fixed another
unhandled case in luaO_str2i, host Lua, package bump]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Commit "generic: ar8216: add mib_poll_interval switch attribute" has
added mib_poll_interval global config option and commit "generic:
ar8216: group MIB counters and use two basic ones only by default" has
added mib_type config option.
So this patch adds ucidef_set_ar8xxx_switch_mib helper function which
would allow configuration of the above mentioned new switch config
options.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Commit "generic: ar8216: add mib_poll_interval switch attribute" has added
mib_poll_interval global config option and commit "generic: ar8216: group
MIB counters and use two basic ones only by default" has added mib_type
config option.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This adds the host staging directory to the include path to make it use
the zlib.h files from the staging include directory and also link
against the zlib version from the staging directory.
This fixes a compile problem when the zlib header were not installed on
the build host.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[picked from openwrt-18.06]
c9d9dbf pppoe: Custom host-uniq tag
44012ae plugins/rp-pppoe: Fix compile errors
Refresh patches
Drop 520-uniq patch as upstream accepted
Drop 150-debug_compile_fix patch as fixed upstream
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Using the same method as the D-Link DAP-2695 A1 we use
the "mtd" tool to augment the firmware checkum in flash
on first boot of a new firmware on the D-Link DIR-685.
We need to augment the Makefile for "mtd" to build in
the special WRGG fixup support for Gemini as well.
This works around the problem of the machine not booting
after factory install unless the sysupgrade is applied
immediately.
Based on commit e3875350f3
"ar71xx: add support for D-Link DAP-2695 rev. A1"
Cc: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
The D-Link DIR-685 has the same problem as the
D-Link DAP-2695: when flashing the factory image, the
checksum includes the whole flashed image, even the
rootfs_data part with the end of filesystem mark.
Also the whole flashed image is stored in the flash,
so on the first boot, the whole rootfs image is loaded
into memory with the kernel.
This is fixed using the fixwrgg command to mtd, but
for this to work we need to make fixwrgg work with
the Little-Endian ARM DIR-685.
The code tries to be endian agnostic but this fails
because the WRGG image loader doesn't. On ARM, the
file size is stored in little endian format, and on
big-endian systems it is stored in big endian format,
so we can just drop all the friendly htonl() that
will make the shdr->size big endian: this will
actually break the little endian systems, and on
the big endian systems the native endianness will
still be correct.
The magic number is always stored in little endian
format however, so make sure this is always read
in LE32 format. I chose to create a straight-forward
le32_to_cpu() static inline that IMO is simple and
easy to read.
Cc: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Specification:
- Qualcomm Atheros SoC QCA9558
- 720/600/200 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 16 MB of FLASH (SPI NOR)
- 1x 10/100/1000 Mbps Ethernet
- 3T3R 2.4 GHz (QCA9558 WMAC)
- 3T3R 5.8 Ghz (QCA9880-BR4A, Senao PCE4553AH)
https://fccid.io/A8J-ECB1750
Tested and working:
- lan, wireless, leds, sysupgrade (tftp)
Flash instructions:
1.) tftp recovery
- use a 1GbE switch or direct attached 1GbE link
- setup client ip address 192.168.1.10 and start tftpd
- save "openwrt-ath79-generic-engenius_ecb1750-initramfs-kernel.bin" as "ap.bin" in tfpd root directory
- plugin powercord and hold reset button 10secs.. "ap.bin" will be downloaded and executed
- afterwards login via ssh and do a sysuprade
2.) oem webinterface factory install (not tested)
Use normal webinterface upgrade page und select "openwrt-ath79-generic-engenius_ecb1750-squashfs-factory.bin".
3.) oem webinterface command injection
OEM Firmware already running OpenWrt (Attitude Adjustment 12.09).
Use OEM webinterface and command injection. See wiki for details.
https://openwrt.org/toh/engenius/engenius_ecb1750_1
Signed-off-by: sven friedmann <sf.openwrt@okay.ms>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[use interrupt-driven "gpio-keys" binding]
The Linksys EA8300 is based on QCA4019 and QCA9888 and provides three,
independent radios. NAND provides two, alternate kernel/firmware
images with fail-over provided by the OEM U-Boot.
Installation:
"Factory" images may be installed directly through the OEM GUI.
Hardware Highlights:
* IPQ4019 at 717 MHz (4 CPUs)
* 256 MB NAND (Winbond W29N02GV, 8-bit parallel)
* 256 MB RAM
* Three, fully-functional radios; `iw phy` reports (FCC/US, -CT):
* 2.4 GHz radio at 30 dBm
* 5 GHz radio on ch. 36-64 at 23 dBm
* 5 GHz radio on ch. 100-144 at 23 dBm (DFS), 149-165 at 30 dBm
#{ managed } <= 16, #{ AP, mesh point } <= 16, #{ IBSS } <= 1
* All two-stream, MCS 0-9
* 4x GigE LAN, 1x GigE Internet Ethernet jacks with port lights
* USB3, single port on rear with LED
* WPS and reset buttons
* Four status lights on top
* Serial pads internal (unpopulated)
"Linksys Dallas WiFi AP router based on Qualcomm AP DK07.1-c1"
Implementation Notes:
The OEM flash layout is preserved at this time with 3 MB kernel and
~69 MB UBIFS for each firmware version. The sysdiag (1 MB) and
syscfg (56 MB) partitions are untouched, available as read-only.
Serial Connectivity:
Serial connectivity is *not* required to flash.
Serial may be accessed by opening the device and connecting
a 3.3-V adapter using 115200, 8n1. U-Boot access is good,
including the ability to load images over TFTP and
either run or flash them.
Looking at the top of the board, from the front of the unit,
J3 can be found on the right edge of the board, near the rear
|
J3 |
|-| |
|O| | (3.3V seen, open-circuit)
|O| | TXD
|O| | RXD
|O| |
|O| | GND
|-| |
|
Unimplemented:
* serial1 "ttyQHS0" (serial0 works as console)
* Bluetooth; Qualcomm CSR8811 (potentially conected to serial1)
Other Notes:
https://wikidevi.com/wiki/Linksys_EA8300 states
FCC docs also cover the Linksys EA8250. According to the
RF Test Report BT BR+EDR, "All models are identical except
for the EA8300 supports 256QAM and the EA8250 disable 256QAM."
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Consistently handle boot-count reset and upgrade across
ipq40xx, ipq806x, kirkwood, mvebu
Dual-firmware devices often utilize a specific MTD partition
to record the number of times the boot loader has initiated boot.
Most of these devices are NAND, typically with a 2k erase size.
When this code was ported to the ipq40xx platform, the device in hand
used NOR for this partition, with a 16-byte "record" size. As the
implementation of `mtd resetbc` is by-platform, the hard-coded nature
of this change prevented proper operation of a NAND-based device.
* Unified the "NOR" variant with the rest of the Linksys variants
* Added logging to indicate success and failure
* Provided a meaningful return value for scripting
* "Protected" the use of `mtd resetbc` in start-up scripts so that
failure does not end the boot sequence
* Moved Linksys-specific actions into common `/etc/init.d/bootcount`
For upgrade, these devices need to determine which partition to flash,
as well as set certain U-Boot envirnment variables to change the next
boot to the newly flashed version.
* Moved upgrade-related environment changes out of bootcount
* Combined multiple flashes of environment into single one
* Current-partition detection now handles absence of `boot_part`
Runtime-tested: Linksys EA8300
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[checkpatch.pl fixes, traded split strings for 80+ chars per line]
This package provides board-specific reference ("cal") data
on an interim basis until included in the upstream distros
While originally conceived for IPQ4019-based boards, similar needs
are appearing with three-radio devices. For some of these devices,
both a board-2.bin file needs to be supplied both for the IPQ4019
as well as for the other radio on the board.
This patch allows new or multiple overrides to be specified by:
* Adding board name to ALLWIFIBOARDS
* Placing file(s) in this directory named as
board-<devicename>.<qca4019|qca9888|qca9984>
* Adding
$(eval $(call generate-ipq-wifi-package,<device>,<display name>))
(along with suitable package selection for the board)
At this time, QCA4019, QCA9888, and QCA9984 are supported.
Extension to other chips should be straightforward.
The existing files, board-*.bin, are "grandfathered" as QCA4019.
The package name has been retained for compatability reasons.
At this time it DEPENDS:=@TARGET_ipq40xx, limiting its visibility.
Build-tested-on: asus_map-ac2200, alfa-network_ap120c-ac,
avm_fritzbox-7530, avm_fritzrepeater-3000, engenius_eap1300,
engenius_ens620ext, linksys_ea6350v3, qxwlan-e2600ac-c1/-c2
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
22e8e58 interface-ip: use ptp address as well to find local address target
f1aa0f9 treewide: pass bool as second argument of blobmsg_check_attr
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The 8 year old file does not have any ARC definitions.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[updated content of the patch with version sent to upstream]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This commit makes three changes to the uci shell library:
* A check for UCI_CONFIG_DIR has been added to the command line when
adding anonymous sections. Without this change, adding anonymous
sections to configs not stored in /etc/config is not possible.
* Support for adding/removing items from lists were missing, so I have
added the functions uci_add_list() and uci_remove_list() to simplify
working with uci lists from scripts.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
[added missing package version bump]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The buildroot pkg-config (in staging_dir/host/bin) overrides the prefix
and exec_prefix variables in *.pc files, to supply the correct
(buildroot) paths for callers. If other variables are not defined
relative to prefix and exec_prefix, then the returned values will be
incorrect.
The default zlib.pc file generated by cmake contains absolute paths.
This patches the file to use relative paths (relative to ${prefix} and
${exec_prefix}).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
41a74cb config: remove 'ignore' config option
c0c8034 treewide: init assignment lists head
f98b7ee config: use list safe iterator in lease_delete
3c9810b dhcpv4: fix lease ordering by ip address
b60c384 config: use multi-stage parsing of uci sections
a2dd8d6 treewide: always init interface list heads during initialization
a17665e dhcpv4: do not allow pool end address to overlap with broadcast address
6b951c5 treewide: give file descriptors safe initial value
39e11ed dhcpv4: DHCP pool size is off-by-one
4a600ce dhcpv4: add support for Parameter Request List option 55
09e5eca dhcpv4: fix DHCP packet size
3cd4876 ndp: fix syslog flooding (FS#2242)
79fbba1 config: set default loglevel to LOG_WARNING
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
for better identification. Also create SUPPORTED_DEVICES string from it
which corresponds to dts compatible string.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Missing header for va_list.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[updated with upstream version of the patch]
Update linux-firmware to 20190416, which includes updated firmwares e.g. for ath10k
Also switch to official tarball source.
The following firmware files we use are updated in this change:
ath10k/QCA6174/hw3.0/board-2.bin
ath10k/QCA9888/hw2.0/firmware-5.bin
ath10k/QCA988X/hw2.0/firmware-5.bin
ath10k/QCA9984/hw1.0/firmware-5.bin
mrvl/sd8887_uapsta.bin
mrvl/pcie8897_uapsta.bin
iwlwifi-8000C-36.ucode
iwlwifi-8265-36.ucode
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
fcb076c Various fixes for errors found by coverity static analysis (#109)
d98ab38 Merge branch 'pppd_print_changes' of https://github.com/nlhintz/ppp into nlhintz-pppd_print_changes
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Convert whole target to Device Tree based board detection instead of
identifying devices by dts file name. With this we can drop mvebu.sh
translation script and rely on common method for model detection.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Add vendors in device names and also rename few device names, for easier
identyfying potential firmware to flash. The vendor and device string is
mainly derived from model/compatipble string in dts from particular
device, but since not all devices are well described, some of the renames
follow marketing names.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Switched to xz archives for smaller size.
Removed upstreamed patches.
Reorganized Makefile a little bit for clarity. Build/Prepare is not useful
anymore. Upstream converted the file to LF.
Refreshed config.
Removed -ansi option from the original CFLAGS as this was causing long
long support to be missing.
Removed fPIC. We have the macro $(FPIC) already used. No point in setting
fpic and fPIC together.
Removed pedantic -Wlong-long warnings as they are not useful.
Removed -std=gnu++98. Not only is it unnecessary (it compiles against all
standards), it actually results in a size increase. 75843 vs. 75222 (gcc
in OpenWrt defaults to g++14).
Added --gc-sections to linker flags to reduce size: 72653 vs 75222.
Removed warn linker options. They have been upstreamed.
Tested on Archer C7v2 and GnuBee PC1.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Jeff Kletsky noted in his patch titled:
"utils/spidev_test: Update to current source from upstream Linux"
that the spidev_test utility OpenWrt ships is severly out of date.
Instead of updating the spidev_test.c from the current kernel,
this patch replaces the package building code to utilize the
very file that gets shipped with the kernel we compiling for
anyway much like the "perf" package already does.
Reported-by: Jeff Kletsky <git-commits@allycomm.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>