This allows libnetfilter_queue to access connection tracking information
by requesting NFQA_CFG_F_CONNTRACK. Connection tracking information is
provided in the NFQA_CT attribute.
CONFIG_NETFILTER_NETLINK_GLUE_CT enables the interaction between
nf_queue and nf_conntrack_netlink. Without this option, trying to access
connection tracking information results in "Operation not supported".
Signed-off-by: Etan Kissling <etan_kissling@apple.com>
Enable the ability to use segment routing based on IPv6. It allows the
packet to specify a path that the packet should take through the
network.
Lwtunnel allow an easy encapsulation of a package. You can just install
ip-full package and use it:
ip -6 route add 2003::/64 dev eth0 encap seg6 mode encap \
segs 2001::1,2002::2
An IPv6 package looks like this:
[IPv6 HDR][IPv6 RH][IPv6 HDR][Data...]
Netifd support:
https://git.openwrt.org/?p=project/netifd.git;
a=commit;h=458b1a7e9473c150a40cae5d8be174f4bb03bd39
Increases imagesize by 24.125 KiB. Therefore, only enable for devices
with enough flash.
Signed-off-by: Nick Hainke <vincent@systemli.org>
UDP tunneling support isn't user-selectable, but it's required by WireGuard
which is, for the time being, an out-of-tree module. We currently work around
this issue by selecting an unrelated module which depends on UDP tunnelling
(VXLAN). This is inconvenient, as it implies this unrelated module needs to be
built-in when doing a monolithic build.
Fix this inconvenience by making UDP tunneling user-selectable in the kernel
configuration.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Otherwise the missing symbol is added to target config for every kernel
config refresh.
While at it, remove the disabled symbol from target configs.
Fixes: 4943bc5cff ("kernel: only strip proc for small flash devices")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Currently, you are not able to get statistics about IPv4 and IPv6
usage. This information can be collected via the snmp and snmp6.
However, in the current state this interface is disabled as you can
read in the "902-debloat_proc.patch":
"Strip non-essential /proc functionality to reduce code size"
Tools like netstat use the snmp/6 interface to collect interface
statistics. Some prometheus exporters also mention this:
- prometheus-collectors/netstat.lua
- prometheus-collectors/snmp6 (still a PR)
- collectd/snmp6 (still a PR)
PRs:
- https://github.com/collectd/collectd/pull/3789
- https://github.com/openwrt/packages/pull/14158
Instead of enabling it as default for all devices we condition it
default y if SMALL_FLASH
A test shows it needs around 16 kiB.
Signed-off-by: Nick Hainke <vincent@systemli.org>
[fixed whitespace issue]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
All modifications made by update_kernel.sh run in a fresh clone
without any existing toolchains.
Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711
Run-tested: ipq806x/R7800
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
The rs5c372 RTC driver has alarm support, but it can't be enabled and only
can handle 24 hours in the future spite the chip is 1 week capable. Provide
these two patches:
- Support alarms up to 1 week
- Let the wakealarm to be used as a wakeup source
This patch makes the alarm wakeup feature to be available in the Buffallo
Linkstation LS421DE (mvebu target) and should also work with any other
device if the hardware has the proper capability.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
CIFS_STATS is a debugging option. It is not really useful for end users
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[fixed missing config-4.19 file]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The PPE only provides a 14 bit hash, however many uses of the skb hash
expect the hash to use the full 32 bit range.
Use jhash to extend the hash to the full size
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Removed since included upstream and could be reverse-applied by quilt:
backport-5.4/315-v5.10-usbnet-ipeth-fix-connectivity-with-ios-14.patch
Remaining modifications made by update_kernel.sh
Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711
Run-tested: ipq806x/R7800
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
Tested-by: Curtis Deptuck <curtdept@me.com> [build/run x86_64]
All modifications made by update_kernel.sh/no human intervention needed
Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711
Run-tested: ipq806x/R7800
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
[another refresh]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This fixes tethering with devices using iOS 14. Prior to this patch,
connections to remote endpoints were not possible while data transfers
between the OpenWrt device and the iOS endpoints worked fine.
Signed-off-by: David Bauer <mail@david-bauer.net>
Hauke wrote:
> We want to run some processes in the procd-ujail, this works when we
> use a SquashFS image and an overlay file system, but when we use an
> initramfs it does not work.
> [...]
> When we switch from initramfs to tmpfs, it is working, we added this
> code to target/linux/generic/other-files/init to make [it] work.
Move files to newly mounted tmpfs and then use switch_root to chroot
into new rootfs and free initramfs.
Suggested-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Removed since could be reverse-applied by quilt and found to be
included upstream:
backport-5.4/789-net-usb-qmi_wwan-Set-DTR-quirk-for-MR400.patch
All modifications made by update_kernel.sh
Build system: x86_64
Build-tested: ipq806x/R7800, bcm27xx/bcm2711, ath79/generic
Run-tested: ipq806x/R7800
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
Tested-by: Curtis Deptuck <curtdept@me.com> [x86_64 build/run]
Manually rebased patches:
ath79/patches-5.4/910-unaligned_access_hacks.patch
bcm27xx/patches-5.4/950-0135-spi-spi-bcm2835-Disable-forced-software-CS.patch
bcm27xx/patches-5.4/950-0414-SQUASH-Fix-spi-driver-compiler-warnings.patch
ipq806x/patches-5.4/093-4-v5.8-ipq806x-PCI-qcom-Use-bulk-clk-api-and-assert-on-error.patch
Removed since could be reverse-applied by quilt and found to be included upstream:
ipq806x/patches-5.4/096-PCI-qcom-Make-sure-PCIe-is-reset-before-init-for-rev.patch
All modifications made by update_kernel.sh
Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711
Run-tested: ipq806x/R7800
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
[refresh altered targets after rebase]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Some devices (especially QCA ones) are already using hardcoded partition
names with colons in it. The OpenMesh A62 for example provides following
mtd relevant information via cmdline:
root=31:11 mtdparts=spi0.0:256k(0:SBL1),128k(0:MIBIB),384k(0:QSEE),64k(0:CDT),64k(0:DDRPARAMS),64k(0:APPSBLENV),512k(0:APPSBL),64k(0:ART),64k(custom),64k(0:KEYS),0x002b0000(kernel),0x00c80000(rootfs),15552k(inactive) rootfsname=rootfs rootwait
The change to split only on the last colon between mtd-id and partitions
will cause newpart to see following string for the first partition:
KEYS),0x002b0000(kernel),0x00c80000(rootfs),15552k(inactive)
Such a partition list cannot be parsed and thus the device fails to boot.
Avoid this behavior by making sure that the start of the first part-name
("(") will also be the last byte the mtd-id split algorithm is using for
its colon search.
Fixes: d6a9a92e32 ("kernel: bump 5.4 to 5.4.69")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
All targets that used mvsw61xx have switched to upstream mv88e6xxx DSA
driver, so it can be removed.
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
Define wildcard patterns for filtering in target/linux/generic/config-filter
Preparation for supporting newer kernels
Signed-off-by: Felix Fietkau <nbd@nbd.name>
MikroTik recently changed again the way they store wlan calibration data
on devices. Prior to this change, ERD calibration data for all available
radios was stored within a single identifier node ("tag" in RouterBoot
parlance).
Recent devices have been seen with calibration (and BDF) data stored in
separate identifiers within LZOR packing for each radio: this patch
addresses this by:
1) ensuring that both variants are properly supported,
2) preserving backward compatibility with existing data consumers,
3) allowing for more than 2 calibration blobs to be exposed via sysfs.
Specifically, before this patch, the driver would provide a single sysfs
file named /sys/firmware/mikrotik/hard_config/wlan_data that contained
whatever calibration data found on the device's flash. After this patch,
when executed on a device that uses the old style storage, this behavior
is unchanged, but when executed on a device that uses new style storage
(for either traditional "ERD" packing or "LZOR" packing), the driver
replaces that single file with a folder containing one or more files
each containing the data encoded within individual identifiers.
As far as OpenWRT is concerned, this means that for devices which are
known to exist with both styles of data storage, a suitable hotplug stub
could look like this for e.g. the second radio:
wdata="/sys/firmware/mikrotik/hard_config/wlan_data"
( [ -f "$wdata" ] && caldata_sysfsload_from_file "$wdata" 0x8000 0x2f20 ) || \
( [ -d "$wdata" ] && caldata_sysfsload_from_file "$wdata/data_2" 0x0 0x2f20 )
This patch has been tested with LZOR old and new style packing on ipq4019,
and with old style on ath79.
Tested-by: John Thomson <git@johnthomson.fastmail.com.au>
Tested-by: Шебанов Алексей <admin@ublaze.ru>
Tested-by: Alen Opačić <subixonfire@gmail.com>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Tested-by: Robert Marko <robimarko@gmail.com>
Manually rebased patches:
bcm27xx:
patches-5.4/950-0267-xhci-add-quirk-for-host-controllers-that-don-t-updat.patch
bcm53xx:
patches-5.4/180-usb-xhci-add-support-for-performing-fake-doorbell.patch
layerscape:
patches-5.4/802-can-0025-can-flexcan-add-LPSR-mode-support-for-i.MX7D.patch
patches-5.4/808-i2c-0002-MLK-10893-i2c-imx-add-irqf_no_suspend.patch
patches-5.4/820-usb-0016-MLK-16735-usb-host-add-XHCI_CDNS_HOST-flag.patch
Removed since could be reverse-applied by quilt:
mediatek:
patches-5.4/0700-arm-dts-mt7623-add-missing-pause-for-switchport.patch
All modifications made by update_kernel.sh
Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711, x86_64
Run-tested: ipq806x/R7800, x86_64
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
Tested-by: Curtis Deptuck <curtdept@me.com> [x86_64]
Rebase of 802-can-0025-can-flexcan-add-LPSR-mode-support-for-i.MX7D.patch
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
adds support for vsc8504 phy.
patch have use on 5.4 kernel and has
to be dropped after since phy is supported by
CONFIG_MICROSEMI_PHY on newer LTS kernels.
Tested-by: Johannes Kimmel <fff@bareminimum.eu>
Signed-off-by: Roman Kuzmitskii <damex.pp@icloud.com>
In kernel commit adf82accc5f5 ("netfilter: x_tables: merge ip and
ipv6 masquerade modules") the config symbols IP_NF_TARGET_MASQUERADE
and IP6_NF_TARGET_MASQUERADE have been demoted to simple backwards-
compat options for NETFILTER_XT_TARGET_MASQUERADE.
In netfilter.mk, this has already been updated in OpenWrt commit
d1592306cc ("netfilter.mk: use CONFIG_NETFILTER_XT_TARGET_MASQUERADE"),
having us use the new config symbol.
However, enabling IP_NF_NAT or IP6_NF_NAT still makes the relevant
legacy options selectable, so we need to disable them in generic
config (and forget about them afterwards).
Since CONFIG_IP_NF_TARGET_MASQUERADE is already present there, this
just adds the missing CONFIG_IP6_NF_TARGET_MASQUERADE.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Kernel has removed the symbols CONFIG_NF_NAT_IPV4 and
CONFIG_NF_NAT_IPV6 in favor of CONFIG_NF_NAT in commit
3bf195ae6037 ("netfilter: nat: merge nf_nat_ipv4,6 into nat core").
This drops the obsolete symbol CONFIG_NF_NAT_IPV6 from generic
config-5.4.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This removes unneeded kernel version switches from the targets after
kernel 4.19 has been dropped.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
We use 5.4 on all targets by default, and 4.19 has never been released
in a stable version. There is no reason to keep it.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This will make a separated section for dtb appear in ELF, and we can
then use objcopy to patch a dtb into vmlinuz when RAW_APPENDED_DTB
is set in kernel config.
command to patch a dtb:
objcopy --set-section-flags=.appended_dtb=alloc,contents \
--update-section=.appended_dtb=<target>.dtb vmlinuz vmlinuz-dtb
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
Upstream linux 5.1 commit d1aca8ab ("netfilter: nat: merge ipv4 and ipv6
masquerade functionality") replaces the following 2 options
- CONFIG_NF_NAT_MASQUERADE_IPV4
- CONFIG_NF_NAT_MASQUERADE_IPV6
with CONFIG_NF_NAT_MASQUERADE. The new option is one without prompt and
will be selected by CONFIG_NETFILTER_XT_TARGET_MASQUERADE introduced
still later in 5.2.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The code is now much cleaner and works better than the old code.
Preparation for submitting it upstream (though with a different API)
Also add back MT7621 support and fix flow table coherence issues on
MT7622
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The vDSO is used to accelerate some syscalls. It should work fine wherever it's
available, so enable it globally for all targets.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Similar to how it was already done for other filesystems' *_FS_XATTR
kernel config symbols, also move CONFIG_F2FS_FS_XATTR=y and
CONFIG_F2FS_STAT_FS=y to target/linux/generic.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Extended attributes are required for overlayfs and have hence been long
ago enabled for jffs2, but should be enabled unconditionally for all
other filesystems which may potentially serve as overlayfs' upper
directory. Previously it was inconsistently added in multiple targets.
Add symbols to generic kernel config and remove all *_XATTR symbols
from target configs.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[keep things as they are for squashfs, improve commit message]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The options were out of order which makes reviewing of changes harder.
Sort it before applying an actual change.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Seemingly unneeded based on new upstream code so manually deleted:
layerscape:
820-usb-0007-usb-dwc3-gadget-increase-timeout-value-for-send-ep-c.patch
Manually merged:
generic-hack:
251-sound_kconfig.patch
All other modifications made by update_kernel.sh
Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711
Run-tested: ipq806x/R7800, lantiq/Easybox 904 xDSL
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
[add lantiq test report, minor commit message clarification]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>