Commit Graph

4090 Commits

Author SHA1 Message Date
Christian Marangi
e2fa450560
netifd: update to Git HEAD (2023-12-17)
66a7652176a7 system-linux: set pending to 0 on ifindex found or error for if_get_master

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-12-17 17:35:45 +01:00
Thibaut VARÈNE
8815a3114f dnsmasq: invert logic for "localuse"
Prior to this commit, "localuse" (which enables local resolving through
dnsmsasq) was off by "default". That default was in turn overridden when
"noresolv" was unset (which itself is the default for "noresolv") *and*
"resolvfile" was "/tmp/resolv.conf.d/resolv.conf.auto" (also the default
for this parameter).

In other words, the "default" unset value for "localuse" would only be
ever used in specific *non-default* configurations.

However, the problem with that logic is that a user who wants to ignore
their ISP-provided resolvers by setting "noresolv" to true ends up with
a device that will *only use* said resolvers for local DNS queries,
serving clients' queries via dnsmasq (which now ignores the ISP
resolvers). This can lead to confusion and break random setups as the
DNS lookup performed on clients behalf can differ in their replies from
DNS lookups performed locally on the router.

Furthermore, "localuse" is not configurable through Luci, contrary to
the other two involved settings, adding further confusion for the end
user.

To work around this situation, the logic that sets "localuse" is
inverted: "localuse" now defaults to on by default, and IFF "noresolv"
is unset (default) AND "resolvfile" is changed from default THEN
"localuse" gets turned back off, allowing for more sensible behaviour.

"localuse" value set in config/dhcp still overrides the logic in all
cases, as it did already.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
2023-12-16 15:28:21 +00:00
Nick Hainke
62ff11576d ethtool: update to 6.6
Release Notes:
https://lore.kernel.org/netdev/20231123220625.q427zyjaogdmlf6d@lion.mk-sys.cz/T/

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-12-12 14:34:11 +01:00
Christian Marangi
db3afed6ce
netifd: update to Git HEAD (2023-12-12)
8f2806a37fe1 system-linux: set master early on apply settings
e3fc2b0026a5 system-linux: skip refreshing MAC on master change if custom MAC

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-12-12 01:18:37 +01:00
Nick Hainke
9ed26a48d9 iproute2: update to 6.6.0
Release Notes:
https://lore.kernel.org/netdev/20231106090325.07092c87@hermes.local/T/

Automatically refreshed:
- 115-add-config-xtlibdir.patch
- 175-reduce-dynamic-syms.patch
- 195-build_variant_ip_tc.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-12-11 16:44:19 +01:00
Felix Fietkau
5fec4d6cd5 netifd: update to Git HEAD (2023-12-05)
02bc2e14d1d3 udebug: use helper code for ubus config handling
1b967334189b netifd: add netlink udebug ring
061e308f9f7d debug: remove newline from debug messages
f1763852dfba bridge: fix reload on bridge vlan changes
cc9e928f0a12 bridge: rework config change pvid handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-12-05 13:07:30 +01:00
Tony Ambardar
1020ac6f47 bpftool: Update to v7.3.0
Update to the latest upstream release to include recent improvements and
bugfixes. Also refresh local patches.

Link: https://github.com/libbpf/bpftool/releases/tag/v7.3.0
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2023-11-30 13:35:27 -08:00
Felix Fietkau
f909059b74 hostapd: use new udebug ubus api to make debug rings configurable
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-30 20:08:56 +01:00
Sven Eckelmann
711dcb7763 dnsmasq: mark global ubus context as closed after fork
If the dnsmasq process forks to handle TCP connections, it closes the ubus
context. But instead of changing the daemon wide pointer to NULL, only the
local variable was adjusted - and this portion of the code was even dropped
(dead store) by some optimizing compilers.

It makes more sense to change the daemon->ubus pointer because various
functions are already checking it for NULL. It is also the behavior which
ubus_destroy() implements.

Fixes: d8b33dad0b ("dnsmasq: add support for monitoring and modifying dns lookup results via ubus")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2023-11-26 19:58:35 +01:00
Felix Fietkau
0f283ab4c9 umdns: update to Git HEAD (2023-11-21)
9040335e102b interface: fix interface memory corruption
b1e023eda358 add udebug support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-21 07:36:08 +01:00
Felix Fietkau
cafb961850 netifd: update to Git HEAD (2023-11-20), adds udebug support
9dcc37a77cb2 add udebug support
525fa911e8ab replace DPRINTF calls with D(...)
7642eaba3838 system-linux: fix bogus debug error messages on adding bridge members
f3e06e81b347 wireless: add bridge_isolate option

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-20 19:18:06 +01:00
Felix Fietkau
2723f16dda hostapd: add missing acl entries for udebug
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-20 14:10:27 +01:00
Felix Fietkau
effc305cda hostapd: add udebug support
This is not activated by default and must be explicitly enabled via ubus
It supports reporting log messages and netlink packets

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-20 11:58:54 +01:00
Nazar Mokrynskyi
684d1a5c35 hostapd: fix undeclared variable iface_name
Signed-off-by: Nazar Mokrynskyi <nazar@mokrynskyi.com>
2023-11-19 19:10:42 +01:00
Philip Prindeville
af64898c26 dnsmasq: Invoke new ipcalc with CIDR notation
The new rewritten ipcalc.sh understands 3 notations:

ipaddr/prefix ...
ipaddr/dotted-netmask ...
ipaddr dotted-netmask ...

meaning that the previous 4th non-standard notation of "ipaddr prefix"
will be dropped, alas that's the notation that dnsmasq currently uses.

This change has us using the first notation which is the most common.

This behavior came in as
eda27e8382
a long time ago.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2023-11-15 20:36:35 +00:00
Jo-Philipp Wich
c23b509d72 netifd: update to Git HEAD (2023-11-14)
8587c074f1eb interface-ip: fix IPv4 route target masking

Fixes: https://github.com/openwrt/netifd/issues/17
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2023-11-14 15:35:03 +01:00
Christian Marangi
3d6b89c514
iptables: backport patch fixing bug with string module
Backport patch fixing critical bug with string module merged upstream.

Fixes: #13812
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-12 14:13:41 +01:00
Christian Marangi
a69367933d
netifd: update to Git HEAD (2023-11-11)
c739dee0a37b system-linux: refresh MAC address on DSA port conduit change

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-11 23:38:30 +01:00
Felix Fietkau
d45d72a6da netifd: update to the latest version
eee02ccca8c8 device: add support to configure eee
bb28f6a291d9 wireless: fix sign comparison warning
35facc8306f5 wireless: fix premature removal of hotplug devices due to down state

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-10 15:37:42 +01:00
Christian Marangi
1714087442
netifd: update to Git HEAD (2023-11-09)
841b05fbb91e system-linux: fix compilation error if IFLA_DSA_MASTER is not supported
5c9ecc1ff74f system-linux: make system_if_get_master_ifindex static
2dc7f450f3a2 system-linux: add option to configure DSA conduit device
838f815db5ef system-linux: add support for configurable GRO option

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-10 12:30:33 +01:00
Christian Marangi
05e516b12d
hostapd: refresh patches
Refresh patches for hostapd using make package/hostapd/refresh.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-09 16:07:55 +01:00
Christian Marangi
6c9ac57d58
hostapd: permit 40MHz in 802.1s only also for 2.4GHz g/n with noscan
Currently for 802.1s only, for wifi 2.4GHz in g/n mode, 40MHz is never
permitted.

This is probably due to the complexity of setting periodic check for the
intolerant bit. When noscan option is set, we ignore the presence of the
intoleran bit in near AP, so we can enable 40MHz and ignore any complex
logic for checking.

Fixes: #13112
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-09 15:58:38 +01:00
Christian Marangi
b1c7b1bd67
hostapd: permit also channel 7 for 2.5GHz to be set to HT40PLUS
Also channel 7 for 2.4GHz can be set to HT40PLUS. Permit this and add it
to the list of the channels.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-09 15:58:37 +01:00
Christian Marangi
1b5ea2e199
hostapd: fix broke noscan option for mesh
noscan option for mesh was broken and actually never applied.

This is caused by a typo where ssid->noscan value is check instead of
conf->noscan resulting in the logic swapped and broken.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-09 15:58:37 +01:00
Felix Fietkau
c2a30b6e01 hostapd: use rtnl to set up interfaces
In wpa_supplicant, set up wlan interfaces before adding them

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-08 12:46:29 +01:00
Felix Fietkau
531314260d wifi: fix applying mesh parameters when wpa_supplicant is in use
Apply them directly using nl80211 after setting up the interface.
Use the same method in wdev.uc as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-08 12:46:29 +01:00
Felix Fietkau
41d7439af5 netifd: update to the latest version
383753dd65ae device/bridge: support passing extra vlans in the device_set_state call
b6e75eafc1af device: send notifications for device events via ubus
cab415c7aefd bridge: add auth-required bridge members with auth_status=0 if vlan is enabled
827a02f0343c bridge: add support for configuring vlans for auth=1,auth_status=false
40ed7363caf2 device: fix build error on 32 bit systems
516ab774cc16 system-linux: fix race condition on bringing up wireless devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-07 13:36:54 +01:00
Jo-Philipp Wich
5bb3b5d46c firewall4: update to latest Git HEAD
4101dd4 fw4: perform strict validation of zone and set names
a923c88 fw4: pass zone to templates whenever possible
597dc90 fw4: add support for zone log_limit
1874050 fw4: add log_limit to rules and redirects
19a8caf ruleset: dispatch ct states using verdict map
a5553da ruleset: reduce ksoftirqd load by refering to looopback by numeric id
de3483c tests: adjust zone log limit testcases
7392792 ruleset: do not emit redundant drop invalid rules
698a533 ruleset: apply egress MSS fixup later to apply final MTU before wire

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2023-11-03 15:55:15 +01:00
Philip Prindeville
ac199c57c5
dnsmasq: don't source functions.sh twice
It's already pulled in from /etc/rc.common.

Fixes: #13758

Fixes: 6b23836071 ("package: avoid the use of eval to parse ipcalc.sh output")

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2023-11-02 20:29:38 +01:00
Petr Štetiar
6dca88aa4a
hostapd: fix broken WPS on broadcom-wl and ath11k
Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl/ath11k
based adapters. The reason for it is hostapd tries to install additional
IEs for scanning while the driver does not support this.

The kernel indicates the maximum number of bytes for additional scan IEs
using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and
only add additional scan IEs in case the driver can accommodate these
additional IEs.

Bug: http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
Bug-Debian: https://bugs.debian.org/1004524
Bug-ArchLinux: https://bugs.archlinux.org/task/73495
Upstream-Status: Changes Requested [https://patchwork.ozlabs.org/project/hostap/patch/20220130192200.10883-1-mail@david-bauer.net]
Reported-by: Étienne Morice <neon.emorice@mail.com>
Tested-by: Étienne Morice <neon.emorice@mail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-11-01 12:23:01 +00:00
David Bauer
9a47688eee uqmi: update to latest HEAD
eea2924 uqmi: add slot number to uim-sim-status output

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
39341f422f hostapd: fix OWE association with mbedtls
The code for hostapd-mbedtls did not work when used for OWE association.

When handling association requests, the buffer offsets and length
assumptions were incorrect, leading to never calculating the y point,
thus denying association.

Also when crafting the association response, the buffer contained the
trailing key-type.

Fix up both issues to adhere to the specification and make
hostapd-mbedtls work with the OWE security type.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
79912a9531 uqmi: configure PDP type and APN to modem
Configure the PLMN and APN to the modem. This is required in cases,
where either the SGSN or GGSN does not permit the selection of IPv4v6
pdp type.

Previously, the modem always tried to establish a dual-stacked PDP
context regardless of the configured PDP type in uci. As this setting
can not be parameterized when creating a WDS context, configure it to
the modems internal list of profiles. This way, the PDP type is taken
into account when creating the WDS context.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
c4321462e4 uqmi: fix non-working PLMN selection
The PLMN selection was reset when calling network-register, thus
rendering the sepcific selection of a carrier unapplied.

Set the PLMN selection after executing network-register. This seems to
cause the modem to re-select the carrier eventually.

That being said, qmi does allow the parameterization of the
network-register to include dpecific PLMN settings, however this is
currently not implemented in uqmi.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
c1fcce1112 uqmi: set RAT preference before attach
Set the RAT preference before attaching. This handles cases better,
where a network might be available but not with the preferred RAT.

If RAT is changed to a non-available RAT after attach, QMI does not fail
with missing registration but with failing to establish a PDP session.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
0bc2b2a780 uqmi: increase wait time before checking connection state
Increase the wait time before polling the connection state for the first
time.

Depending on the prior state of the modem, the first poll might still
return a connected state. The script then tries to establish a PDP
session, which subsequently fails as the modem by then is in scan state.

Increasing the wait-time to 3 seconds mitigates this from happening.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
696c9f723d uqmi: add illegal SIM state recovery
On some network-triggered disconnections the UIM state might end up in
"illegal". This prevents the modem from attaching to any network in
non-restricted service modes.

Detect this state and reset the SIM card. This way, the modem can attach
to networks again.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
ead0c19348 uqmi: don't block restart on failed registration
Failing the registration does not necessarily mean we can not bring this
interface up. For example, roaming SIM cards are possibly steered by the
home-operator.

Don't block restart of the QMI interface in this case.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
Felix Fietkau
a2d8226c4f hostapd: do not trim trailing whitespace, except for newline
Fixes adding SSID or key with trailing whitespace

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-10-31 13:29:32 +01:00
Anari Jalakas
5dbdf3bb3a iptables: opt-out of lto usage
This fixes building with USE_LTO enabled.

<artificial>:(.text+0xc22): relocation R_MIPS16_26 against `libxt_DNAT_init' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol printf
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
2023-10-29 19:42:32 +01:00
Anari Jalakas
fbacc5ae52 iwinfo: opt-out of lto usage
This fixes building with USE_LTO enabled.

<artificial>:(.text+0x400c): relocation R_MIPS16_26 against `iwinfo_close' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol strcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
2023-10-29 19:42:32 +01:00
Kevin Darbyshire-Bryant
0221b86032 odhcpd: Bump to latest commits
d8118f6 config: make sure timer is not on the timeouts list before freeing
4bbc6e7 add hostsfile output in addition to statefile

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2023-10-28 22:33:32 +01:00
David Bauer
0da74dbb45 uqmi: update to latest HEAD
c8c9f10 uim: fix help formatting
aac0776 uqmi: add APN profile commands
ffc5eea uim: support SIM card power-up/down
d6c963d uim: add application state to SIM status

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-25 22:09:42 +02:00
Rahul Thakur
002f180a97
dnsmasq: add support for RA option 31
The option 31 in the RA specifies the DNS search list, the support
to configure this via UCI is missing in case dnsmasq-dhcpv6 is used.

This commit uses the uci option domain (same as is done by odhcpd) to
read and pass the DNS search list to dnsmasq, which is then used by RA.

Hence, with this commit, we are able to configure DNS search list for the
RA messages via the uci config when dnsmsaq-dhcpv6 is used.

Signed-off-by: Rahul Thakur <rahul.thakur@iopsys.eu>
2023-10-20 16:04:59 +02:00
Nick Hainke
141780222c nftables: update to 1.0.9
ChangeLog:
https://www.netfilter.org/projects/nftables/files/changes-nftables-1.0.9.txt

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-20 14:42:31 +02:00
Christian Marangi
53039bf7f5
netifd: update to latest git HEAD
5590a80e2566 config: fix incompatible with jshn network-device entry

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-20 13:02:44 +02:00
Felix Fietkau
3e1ac00ccb umdns: update to the latest version
479c7f8676d9 cache: make record/hostname lookup case-insensitive
26c97a5a50bf ubus: add a browse flag for suppressing cached ip addresses
c286c51a9bd9 Fix AVL tree traversal in cache_record_find and cache_host_is_known
4035fe42df58 interface: use a global socket instead of per-interface ones
c63d465698c7 cache: dump hostname target from srv records
b42b22152d73 use hostname from SRV record to look up IP addresses
d45c443aa1e6 ubus: add array flag support for the hosts method

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-10-19 19:15:32 +02:00
Nick Hainke
5b85c19642 iproute2: update to 6.5.0
Release Notes:
https://lore.kernel.org/netdev/20230906093918.394a1b1d@hermes.local/T/

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-14 08:01:56 +02:00
Nick Hainke
abe908ca53 ethtool: update to 6.5
Release Notes:
https://lore.kernel.org/netdev/20230912223336.zywfpavr3ln3trp3@lion.mk-sys.cz/T/

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-14 08:01:45 +02:00
Martin Schiller
e53ed6af87 linux-atm: use target specific kernel headers
There are a few targets that mess with the atm kernel headers. To avoid
incompatibility between kernel and user space during compilation, the
correct headers should be used.

Consequently, the package must also be marked as nonshared.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2023-10-05 10:31:39 +02:00