Fixes:
brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6
Direct firmware load for brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module.txt failed with error -2
Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module.txt
Direct firmware load for brcm/brcmfmac43455-sdio.txt failed with error -2
Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.txt
Signed-off-by: Nian Bohung <n0404.n0404@gmail.com>
(cherry picked from commit b1db558555)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[improved commit mesage]
The following command checks if a instance of a service is running.
/etc/init.d/<service> running <instance>
In the variable `$@`, which is passed to the function
`service_running`, the first argument is always the `instance` which
should be checked. Because all other variables where removed from `$@`
with `shift`.
Before this change the first argument of `$@` was set to the `$service`
Variable. So the function does not work as expected. The `$service`
variable was always the instance which should be checked. This is not
what we want.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Reviewed-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit dd681838d3)
We were missing (not using) the last sector of each partition,
compared with the output of gparted.
Signed-off-by: Javier Marcet <javier@marcet.info>
[moved the dot]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 018ada5403)
The following patches were backported from upstream before and are not
needed any more:
package/kernel/mac80211/patches/ath/980-ath10k-fix-max-antenna-gain-unit.patch
package/kernel/mac80211/patches/subsys/307-mac80211-do-not-access-the-IV-when-it-was-stripped.patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This simplifies some operations as it doesn't have to be caculated over
and over. It will also allow adding support for more vendor formats.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 063038bcef)
Update busybox to 1.33.2, which includes only 5 commits after 1.33.1
Bug fix release. 1.33.2 has fixes for hush and ash (parsing fixes)
and unlzma (fix where we could read before beginning of buffer).
https://git.busybox.net/busybox/log/?h=1_33_2
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
71e08471ab56 mt76: eeprom: fix return code on corrected bit-flips
9a8fc6636d83 mt76: move sar_capa configuration in common code
7cdbea1dc82a mt76: only access ieee80211_hdr after mt76_insert_ccmp_hdr
678071ef7029 mt76: mt7615: clear mcu error interrupt status on mt7663
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit fc4398fe71)
a6451fea5a3d mt76: mt7615: improve wmm index allocation
1911486414dc mt76: mt7915: improve wmm index allocation
7998a41d1321 mt76: clear sta powersave flag after notifying driver
664475574438 mt76: mt7603: introduce SAR support
5c0da39c940b mt76: mt7915: introduce SAR support
77fc6c439a32 mt76: mt7603: improve reliability of tx powersave filtering
094b3d800835 firmware: update mt7663 rebb firmware to 20200904171623
25237b19bcc1 mt76: eeprom: tolerate corrected bit-flips
1463cb4c6ac2 mt76: mt7921: fix boolreturn.cocci warning
586bad6020f7 mt76: mt7921: use correct iftype data on 6GHz cap init
8ec95c910425 mt76: mt7921s: fix bus hang with wrong privilege
688e30c7d854 firmware: update mt7921 firmware to version 20211014
6fad970893dd mt76: fix key pointer overwrite in mt7921s_write_txwi/mt7663_usb_sdio_write_txwi
95acf972750c mt76: fix 802.3 RX fail by hdr_trans
3f402b0cf6c0 mt76: mt7921s: fix possible kernel crash due to invalid Rx count
929a03a8d65d mt76: connac: fix last_chan configuration in mt76_connac_mcu_rate_txpower_band
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 7e15390056)
Follow up to commit c744798cad. Managed to
hit the very same issue again while playing with the NOR SPL builds.
Signed-off-by: Mathias Kresin <dev@kresin.me>
If authentication fails repeatedly e.g. because of a weak signal, the link
can end up in blocked state. If one of the nodes tries to establish a link
again before it is unblocked on the other side, it will block the link to
that other side. The same happens on the other side when it unblocks the
link. In that scenario, the link never recovers on its own.
To fix this, allow restarting authentication even if the link is in blocked
state, but don't initiate the attempt until the blocked period is over.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit f84053af5c)
Some drivers that do their own sequence number allocation (e.g. ath9k, mwlwifi) rely
on being able to modify params->ssn on starting tx ampdu sessions.
This was broken by a change that modified it to use sta->tid_seq[tid] instead.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit ddd977fcc5)
When a ubus event handler denies a association with a non-zero return
value, the code jumps to preceeding code, creating an endless loop until
the event handler accepts the assc request.
Move the ubus handler further up the code to avoid creating such a loop.
Signed-off-by: David Bauer <mail@david-bauer.net>
They can be added as hex digit strings via the 'vendor_elements' option
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 1818b038d7)
This makes it possible to avoid using a RADIUS server for WPA enterprise authentication
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from 98621c9782)
This allows WPA enterprise roaming in the same mobility domain without any
manual key configuration (aside from radius credentials)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 704ab6a002)
Using a pointer one lifter after it freed is not the best idea.
Let's not do that.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry-picked from commit 63c01ad025)
This implements the mapping recommendations from RFC8325, with an
update from RFC8622. This ensures that DSCP marked packets are properly
sorted into WMM classes.
The map can be disabled by setting iw_qos_map_set to something invalid
like 'none'
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit a5e3def182)
This feature is useful on its own even without full interworking support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit efff3520f4)
Both hostapd and netifd attempt to add a VLAN device to a bridge.
Depending on which one wins the race, bridge vlan settings might be incomplete,
or hostapd might run into an error and refuse to service the client.
Fix this by preventing hostapd from adding interfaces to the bridge and
instead rely entirely on netifd handling this properly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit da4be02fcd)
(cherry-picked from commit 63c01ad025)
When using htmode 'HE20' with a radio mode that uses wpa-supplicant
(like mesh or sta), it will default to 40 MHz bw if disable_ht40 is not
set. This commit fixes this behaviour.
Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
(cherry-picked from commit af83e3ce0f)
Use the VLAN interface instead of the bridge, to ensure that hostapd receives
untagged DHCP packets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 7b46377a0c)
(cherry-picked from commit f1b98fa4fa)
In setups using VLAN bridge filtering, hostapd may need to communicate using
a VLAN interface on top of the bridge, instead of using the bridge directly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 305c1b8d74)
- add functionality to configure RADIUS NAS-Id and Operator-Name
- add functionality to configure RADIUS accounting interval
- enable RADIUS "Chargeable User Identity"
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 3bd6c8c728)
Airtime policy configuration is extremely useful in multiple BSS scenarios.
Since nowadays most people configure both private and guest networks (at
least), it makes sense to enable it by default, except for the most limited
of the variants.
Size of the hostapd-basic-openssl binary (mipsel 24Kc -O2):
543944 bytes (airtime policy disabled)
548040 bytes (airtime policy enabled)
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Acked-by: Daniel Golle <daniel@makrotopia.org>
(cherry-picked from commit d38f456582)
netifd is responsible for handling that, except if the vlan bridge
was provided by the config
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit cf45caeff1)
No functional changes, just some renames to make it easier to keep mt76 in
sync with upstream
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit e62c550470)
(cherry-picked from commit a889dcd3f2)
Required for an upcoming mt76 update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 978e822db3)
(cherry-picked from commit af9d31aacc)
This is needed for an upcoming mt76 update
also sync iw nl80211 with kernel backports
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 2bfac61483)
(cherry-picked from commit 36019ed589)
Improves airtime fairness, especially for devices with larger firmware buffers
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit a5888ad6b3)
On systems using brmcfmac (e.g. Raspberry Pi Zero W) without this fix,
the final setup-call:
iw dev wlan0 ibss join ...
fails with returncode 161 and message:
"command failed: Not supported (-95)"
So this patch calls an explicit:
iw dev wlan0 set type ibss
just prior to the 'ibss join' command.
I have tested several ath9k and mt76xx devices
with different revisions: this patch does not harm.
please also apply to stable branch.
Signed-off-by: Bastian Bittorf <bb@npl.de>
(cherry-picked from commit ea5fce3f46)
In some cases, spurious failures might be cleared by teardown and retry
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 42dda0ed3e)
The channel offset used for VHT segment calculation was missing for HT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit a0d81ba0d5)
Some drivers advertise it, but it's not supported at the moment
Reported-by: John Thomson <git@johnthomson.fastmail.com.au>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 42a99b18ff)
The colon does not directly follow the "VHT Capabilities" string
Reported-by: John Thomson <git@johnthomson.fastmail.com.au>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 3518b793a2)
Emit the new band option instead of hwmode
Support 6 GHz band and HE options
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8504212f65)
Use it to look up frequencies only in the configured band to better deal
with channel number overlap
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8b8c1cb09b)
This increases the size of the iw_5.9-8fab0c9e-3_mips_24kc.ipk from
41166 to 41942 bytes by 776 bytes.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry-picked from commit 9df7eadcfd)
At least since gcc 7.3.0 (OpenWrt 18.06) lwr/lwl are used in the
assembly of LzmaProps_Decode. While the decission made by the compiler
looks perfect fine, it triggers some obscure hang on lantiq danube-s
v1.5 with MX29LV640EB NOR flash chips.
Only if the offset 1 is used, the hang can be observed. Using any other
offset works fine:
lwl s0,0(a1) - s0 == 0x6d000080
lwl s0,1(a1) - hangs
lwl s0,2(a1) - s0 == 0x0080xxxx
lwl s0,3(a1) - s0 == 0x80xxxxxx
It isn't clear whether it is a limitation of the flash chip, the EBU or
something else.
Force 8bit reads to prevent gcc optimizing the read with lwr/lwl
instructions.
Signed-off-by: Mathias Kresin <dev@kresin.me>
e983a25 Update regulatory rules for Ecuador (EC)
a0bcb88 wireless-regdb: Update regulatory rules for Norway (NO) on 6 and 60 GHz
cdf854d wireless-regdb: Update regulatory rules for Germany (DE) on 6GHz
86cba52 wireless-regdb: reduce bandwidth for 5730-5850 and 5850-5895 MHz in US
6fa2384 wireless-regdb: remove PTMP-ONLY from 5850-5895 MHz for US
9839e1e wireless-regdb: recent FCC report and order allows 5850-5895 immediately
42dfaf4 wireless-regdb: update 5725-5850 MHz rule for GB
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit dbb4c47798)
Per FHS 3.0, /var/lock is the location for lock files [1].
However its current permissions (755) are too restrictive
for use by unprivileged processes.
Debian and Ubuntu set them to 1777, and now so do we.
[1] <https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#varlockLockFiles>
Signed-off-by: Deomid Ryabkov <rojer@rojer.me>
[fixed typo in commit message, had to remove "rojer" due to git hooks]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 430f691943)
This enables building of rpcapd and adds it as a package.
It is a daemon that allows remote packet capturing from another machine.
E.g. Wireshark can talk to it using the Remote Capture Protocol (RPCAP).
https://www.tcpdump.org/manpages/rpcapd.8.html
Compile and run tested:
OpenWrt 21.02.0-rc4 r16256-2d5ee43dc6 on x86/64 and mvebu/cortexa9
Signed-off-by: Stephan Schmidtmer <hurz@gmx.org>
(cherry picked from commit 891c8676a1)
OpenWrt's special gpio-button-hotplug driver is still using
exclusively the legacy GPIO Subsystem gpio_ API.
While it still does work fine for most devices, upstream
linux is starting to convert platform support like that of
the APU2/3/4 to the new GPIOD LOOKUP tables that are not
supported by it.
Hence, this patch replaces the gpio_ calls present in
gpio-button-hotplug with gpiod_ equivalent wherever
it's possible. This allows the driver to use the
gpiod lookup tables and still have a fallback for
legacy platform data code that just sets button->gpio
set to the real button/switch GPIO.
As a bonus: the active_low logic is now being handled
by the linux's gpio subsystem too. Another issue that
was address is the of_handle leak in the dt parser
error path.
Tested with legacy platform data: x86_64: APU2, MX-100
Tested on OF: ATH79; MR18, APM821xx: Netgear WNDR4700,
RAMIPS: WL-330N3G
LANTIQ: AVM FritzBox 7360v1
Reported-by: Chris Blake <chrisrblake93@gmail.com>
Tested-by: Chris Blake <chrisrblake93@gmail.com>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 2b0378cf9f)
When doing parallel build on a fast machine with bottleneck in i/o,
m_xt.so may start linking faster than dynsyms.list gets populated,
resulting in error:
ld:dynsyms.list:0: syntax error in dynamic list
Fix this by adding dynsyms.list as make dependency to m_xt.so
Described also here:
https://bugs.openwrt.org/index.php?do=details&task_id=3353
Change from v1:
- add dynsysms.list dependancy only when shared libs are enabled
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Fixes: FS#3353
(cherry-picked from commit edd53df168)
fixing linking error when --enable-devcrypto=yes
fixes: 7d92bb0509 wolfssl: update to 4.8.1-stable
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit be3e260f92)
It's the default anyway and this just looks confusing, as if it wasn't.
Switch to AUTORELEASE while at it.
The binary size is unchanged.
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 7cb5af30f4)
This gates out anything that might introduce semantically frivolous jitter,
maximizing chance of identical object files.
The binary size shrinks by 8kb:
1244352 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit c76300707e)
Changes from 4.7.0:
Fix one high (OCSP verification issue) and two low vulnerabilities
Improve compatibility layer
Other improvements and fixes
For detailed changes refer to https://github.com/wolfSSL/wolfssl/releases
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit 7d92bb0509)
[Added patch to allow compilation with libtool 2.4]
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Backport upstream patch to fix build with GCC 10 on 32 x86 targets.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 718a4f4780)
They're preferred terminal descriptions for tmux, with additional support to
some special characters and italic fonts. More info can be found at:
https://github.com/tmux/tmux/wiki/FAQ
Fixes: FS#3404
Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
(cherry picked from commit 917126ff4c)
The terminfo is required by the popular terminal multiplexer screen and
tmux, offer it by default as the size impact is minimal with 885 Bytes.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 6a6b5a677e)
The terminfo files were all in one row which is terrible to read.
Split them over multiple lines to improve readability.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 75ea474b90)
Add in a fix for 160Mhz dfs on 5.10 and higher.
Add support for 5.13 and 5.15 kernels.
Add of_get_mac_address support for 5.15 driver.
Signed-off-by: Andrew Robbins <andrew@robbinsa.me>
(cherry picked from commit 1d2bc94f78)
"Alternate certification chains, as oppossed to requiring full chain
validataion. Certificate validation behavior is relaxed, similar to
openssl and browsers. Only the peer certificate must validate to a trusted
certificate. Without this, all certificates sent by a peer must be
used in the trust chain or the connection will be rejected."
This fixes e.g. uclient-fetch and curl connecting to servers using a Let's
Encrypt certificate which are cross-signed by the now expired
DST Root CA X3, see [0].
This is the recommended solution from upstream [1].
The binary size increases by ~12.3kb:
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1248704 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
[0] https://github.com/openwrt/packages/issues/16674
[1] https://github.com/wolfSSL/wolfssl/issues/4443#issuecomment-934926793
Signed-off-by: Andre Heider <a.heider@gmail.com>
[bump PKG_RELEASE]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 28d8e6a871)
Make the organization (O=) of the cert configurable via uci. If not
configured, use a combination of "OpenWrt" and an unique id like it was
done before.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit 2c6c1501af)
The official Plasma Cloud firmware adjusted the BDFs to contain new
conformance test limits and target power values. These should be imported
to avoid emissions outside the allowed limits.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit e0721608f9)
In hostapd_ubus_add_bss(), ubus objects are not registered for mesh
interfaces. This provokes a segfault when accessing the ubus object in
mesh deinit.
This commit adds the same condition to hostapd_ubus_free_bss() for
discarding those mesh interfaces.
Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
(cherry picked from commit 5269c47e8d)
This version fixes two vulnerabilities:
- SM2 Decryption Buffer Overflow (CVE-2021-3711)
Severity: High
- Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
Severity: Medium
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7119fd32d3)
Backport a patch from upstream U-Boot to fix the compile with host GCC 10.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8d143784cb)
Backport a patch from upstream U-Boot to fix the compile with host GCC 10.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a1034afba8)
Installing headers and static libraries to the target system seems
to be not required for most use cases, so let's factor them
out into a dedicated -dev package.
This cuts down to disk usage to around 50% of the original
package to ~ 2MB - not that disk space is an issue normally,
but when using inside an initramfs only project, it counts.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
When having two keys that start with the same characters and the second
key just has one character more nand_tffs_read and tffs_read return the
wrong value for the longer key. This is due to the usage of strncmp in
combination with the length of the shorter key which is usually first in
the list before the longer key and when strncmp matches, the search is
stopped. The problem only occurs when the length of the two keys is
different, not if just the last character is different. The fix is to
use strcmp and as such it will only return the value if the key (name)
and the key to look for (namefilter) have the same value and length. A
sample case returning wrong values is when keys macwlan and macwlan2 are
defined and querying macwlan2 returns the value for macwlan.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
(cherry picked from commit 12564c5b86)
EXTRA_MOUNT variable should be reset in dnsmasq_start() rather than
just once at the beginning of the script.
Fixes: ac4e8aa2f8 ("dnsmasq: fix more dnsmasq jail issues")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ddc8d085f3)
* remove superflus mounts of /dev/null and /dev/urandom
* reset EXTRA_MOUNTS at the beginning of the script
* add mount according to ignore_hosts_dir
* don't add mount for file which is inside a directory already in the
EXTRA_MOUNTS list
Fixes: 59c63224e1 ("dnsmasq: rework jail mounts")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ac4e8aa2f8)
* split into multiple lines to improve readability
* use EXTRA_MOUNT for addnhosts instead of blindly adding /tmp/hosts
* remove no longer needed mount for /sbin/hotplug-call
* add dhcp-script.sh dependencies (jshn, ubus)
Fixes: 3a94c2ca5c ("dnsmasq: add /tmp/hosts/ to jail_mount")
Fixes: aed95c4cb8 ("dnsmasq: switch to ubus-based hotplug call")
Reported-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 59c63224e1)
'--local' is a synonym for '--server' so let's use '--local' in the
resultant config file for uci's 'local' instead of uci's local
parameter being turned into '--server'. Slightly less confusion all
round.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit e4cfefa9fc)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
When running multiple instances of dnsmasq, for example one being for the lan
and another for a guest network, it might not be desirable to have the same dns names
configured in both networks
Signed-off-by: João Henriques <joaoh88@gmail.com>
(cherry picked from commit e8a5670122)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
85f01c44a950 bridge: check bridge port vlan membership on link-up events
17e453bd68b4 wireless: add back regular virtual interfaces on hotplug-add events as well
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 2801fe6132)
Currently, when using multiple dnsmasq instances they are all assigned
to the same Ubus instance name. This does not work, as only a single
instance can register with Ubus at a time. In the log, this leads to
`Cannot add object to UBus: Invalid argument` error messages.
Furthermore, upstream 3c93e8eb41952a9c91699386132d6fe83050e9be changes
behaviour so that instead of the log, dnsmasq exits at start instead.
With this patch, all dnsmasq instances are assigned unique names so that
they can register with Ubus concurrently. One of the enabled instances
is always assigned the previous default name "dnsmasq" to avoid breaking
backwards compatibility with other software relying on that default.
Previously, a random instance got assigned that name (while the others
produced error logs). Now, the first unnamed dnsmasq config section is
assigned the default name. If there are no unnamed dnsmasq sections the
first encountered named dnsmasq config section is assigned instead.
A similar issue exists for Dbus and was similarly addressed.
Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
[tweaked commit message] dnsmasq was not crashing it is exiting
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit ba5bd8e556)
Programs like the olsr-name-plugin write hostname files to "/tmp/hosts/".
If you don't add this to the jail_mount, dnsmasq can't read it anymore.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 3a94c2ca5c)
61a71e5e49c3 bridge: dynamically create vlans for hotplug members
cb6ee9608e10 bridge: fix dynamic delete of hotplug vlans
7f199050f395 wireless: pass the real network ifname to the setup script
50381d0a2998 bridge: allow adding/removing VLANs to configured member ports via hotplug
f12b073c0cc3 wireless: add some comments to functions
b0d090688302 bridge: fix setting pvid for updated vlans
ff3764ce28e0 device: move hotplug handling logic from system-linux.c to device.c
16bff892f415 ubus: add a dummy mode ubus call to simulate hotplug events
7f30b02013f2 examples: make dummy wireless vif names shorter
013a1171e9b0 device: do not treat devices with non-digit characters after . as vlan devices
f037b082923a wireless: handle WDS per-sta devices
db0fa24e1c17 bridge: fix enabling hotplug-added VLANs on the bridge port
4e92ea74273f bridge: bring up pre-existing vlans on hotplug as well
1f283c654aeb bridge: fix hotplug vlan overwrite on big-endian systems
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 1236cbe30c)
Backport upstream patch a0a0e02 ("iwinfo: rename hardware.txt to devices.txt")
and split devices.txt (former hardware.txt) into a common libiwinfo-data
package to allow different libiwinfo versions to coexist without file
clashes.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit c13d7c82aa)
In the aftermath of the KRACK attacks, hostapd gained an AP-side workaround
against WNM-Sleep Mode GTK/IGTK reinstallation attacks. WNM Sleep Mode is not
enabled by default on OpenWrt, but it is configurable through the option
wnm_sleep_mode. Thus, make the AP-side workaround configurable as well by
exposing the option wnm_sleep_mode_no_keys. If you use the option
wpa_disable_eapol_key_retries and have wnm_sleep_mode enabled, you might
consider using this workaround.
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
[bump PKG_RELEASE]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit bf98faaac8)
The country3 option in hostapd.conf allows the third octet of the country
string to be set. It can be used e.g. to indicate indoor or outdoor use (see
hostapd.conf for further details). Make this option configurable but optional
in OpenWrt.
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
[bump PKG_RELEASE, rebase]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 9f09c1936a)
Signed-off-by: Paul Spooren <mail@aparcar.org>
Drop support for building the obsolete broadcom-wl backend and always
forcibly enable the nl82011 support. This allows us to make the package
shared again since no target specific compilation is happening anymore.
This will solve various repository coherency issues related to unavailable
libiwinfo versions in the long run.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5a1065758b)
This partially reverts changes done in commit 72cc44958e ("treewide:
mark selected packages nonshared") as it removes the nonshared flag, but
keeps the PKG_RELEASE as the PKG_RELEASE bump while adding nonshared
flag was incorrect.
Unmark uci, ubus, libubox, lua, libnl-tiny and libjson-c as nonshared
packages as this fix attempt didn't worked out. Currently the
imagebuilder is broken again:
openwrt-imagebuilder-21.02.0-rc3-ipq40xx-generic.Linux-x86_64$ make image PROFILE=avm_fritzbox-7530 PACKAGES=luci-ssl-openssl
...
Collected errors:
* pkg_hash_check_unresolved: cannot find dependency libiwinfo20210430 for luci-mod-status
* pkg_hash_fetch_best_installation_candidate: Packages for luci-mod-status found, but incompatible with the architectures configured
* pkg_hash_check_unresolved: cannot find dependency libiwinfo20210430 for rpcd-mod-iwinfo
* pkg_hash_fetch_best_installation_candidate: Packages for rpcd-mod-iwinfo found, but incompatible with the architectures configured
* satisfy_dependencies_for: Cannot satisfy the following dependencies for luci-ssl-openssl:
* libiwinfo20210430
* opkg_install_cmd: Cannot install package luci-ssl-openssl.
Everything because iwinfo's ABI was changed two times since rc3 release:
+IWINFO_ABI_VERSION:=20210430
+IWINFO_ABI_VERSION:=20210420
Since iwinfo is marked as nonshared, it wasn't built by phase2 builders, but
luci-mod-status was already updated 2 times since rc3 and was thus rebuilt by
phase2 builders:
d1d452ed2fb3 luci-mod-status: don't set '-' hostname when creating static lease
95b3633055c1 luci-mod-status: switch to html table for wlan channel analysis
So now luci-mod-status depends on libiwinfo20210430 but only
libiwinfo20210106 can be downloaded. This is first part of the fix, in
the upcoming commit Jo is going to remove nonshared flag from iwinfo
package as well.
References: https://lists.infradead.org/pipermail/openwrt-devel/2021-July/035736.html
References: https://lists.infradead.org/pipermail/openwrt-devel/2021-July/035741.html
Acked-by: Jo-Philipp Wich <jo@mein.io>
Reported-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 8307da3dbd)
As the name suggests, act_gact has the generic actions such as dropping
and accepting packets, so move it into kmod-sched-core.
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
(cherry-picked from commit 10aacb9a6c)
This script was expecting only add/remove events which has not been the
case since Kernel 4.12 (which added bind/unbind). Bind events were getting
treated as remove events which would cause hotplugged 3g modems to not
work.
More info:
https://lkml.org/lkml/2018/12/23/128https://github.com/systemd/systemd/issues/8221
Signed-off-by: Arjun AK <arjunak234@gmail.com>
(cherry picked from commit 89ef883b92)
commit 5edbd390d321532d9a697d6895a1a7c71c40bd5d rearranged the
"wifi up" code.
This commit tidies up the "wifi reconf" code so as to
keep it aligned with the "wifi up" code.
branches affected: trunk, 21.02
Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit e8b5429609)
"/sbin/wifi up" makes three ubus calls:
1. ubus call network reload
2. ubus call network.wireless down
3. ubus call network.wireless up
The first and third ubus calls call drv_mac80211_setup,
while the second ubus call triggers wireless_device_setup_cancel,
so the call sequence becomes,
1. drv_mac80211_setup
2. wireless_device_setup_cancel
3. drv_mac80211_setup
This commit swaps the order of the first two ubus calls,
1. ubus call network.wireless down
2. ubus call network reload
3. ubus call network.wireless up
Consequently drv_mac80211_setup is only called once,
and two related bugs (#FS3784 and #FS3902) are no longer triggered
by /sbin/wifi.
branches affected: trunk, 21.02
Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit b82cc80713)
drv_mac80211_teardown fails silently if the device to be torn down is
not defined. This commit prints an error message.
branches affected: trunk, 21.02
Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit 3933e29d1b)
When wifi is turned off, drv_mac80211_teardown sometimes fails (silently)
because the device to be torn down is not defined.
This situation arises if drv_mac80211_setup was called twice when
wifi was turned on.
This commit ensures that the device to be torn down is always defined
in drv_mac80211_teardown.
Steps to reproduce:
1) Use /sbin/wifi to turn on wifi.
uci set wireless.@wifi-iface[0].disabled=0
uci set wireless.@wifi-device[0].disabled=0
uci commit
wifi
2) Use /sbin/wifi to turn off wifi.
uci set wireless.@wifi-device[0].disabled=1
uci commit
wifi
3) Observe that wifi is still up.
branches affected: trunk, 21.02
Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit d515f6b6cd)
If drv_mac80211_setup is called twice with the same wifi configuration,
then the second call returns early with error HOSTAPD_START_FAILED.
(wifi works nevertheless, despite the fact that setup is incomplete. But
"ubus call network.wireless status" erroneously reports that radio0 is down.)
The relevant part of drv_mac80211_setup is,
if [ "$no_reload" != "0" ]; then
add_ap=1
ubus wait_for hostapd
local hostapd_res="$(ubus call hostapd config_add "{\"iface\":\"$primary_ap\", \"config\":\"${hostapd_conf_file}\"}")"
ret="$?"
[ "$ret" != 0 -o -z "$hostapd_res" ] && {
wireless_setup_failed HOSTAPD_START_FAILED
return
}
wireless_add_process "$(jsonfilter -s "$hostapd_res" -l 1 -e @.pid)" "/usr/sbin/hostapd" 1 1
fi
This commit sets no_reload = 0 during the second call of drv_mac80211_setup.
It is perhaps worth providing a way to reproduce the situation
where drv_mac80211_setup is called twice.
When /sbin/wifi is used to turn on wifi,
uci set wireless.@wifi-iface[0].disabled=0
uci set wireless.@wifi-device[0].disabled=0
uci commit
wifi
/sbin/wifi makes the following ubus calls,
ubus call network reload
ubus call network.wireless down
ubus call network.wireless up
The first and third ubus calls both call drv_mac80211_setup,
while the second ubus call triggers wireless_device_setup_cancel.
So the call sequence becomes,
drv_mac80211_setup
wireless_device_setup_cancel
drv_mac80211_setup
In contrast, when LuCI is used to turn on wifi only a single call
is made to drv_mac80211_setup.
branches affected: trunk, 21.02
Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit a29ab3b79a)
Call rate control handler after intermediate queueuing
Includes follow-up fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
cherry-picked from commits:
- 7dd8829ef9
- a603e82dd3
- 8bb4437c01
sysntpd server becomes unavailable if the index of the bound
interface changes. So let's add an interface trigger to reload sysntpd.
This patch also adds the ability for the sysntpd script to handle
uci interface name from configuration.
Fixes: 4da60500ebd2 ("busybox: sysntpd: option to bind server to iface")
Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit 88114f617a)
NTPD in busybox has option -I to bind server to IFACE.
However, capabilities of the busybox are limited, the -I option cannot be
repeated and only one interface can be effectively specified in it.
This option is currently not configurable via UCI.
The patch adds an interface option to the system config, ntp section.
Also sort options for uci_load_validate alphabetically.
Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
(cherry picked from commit e12fcf0fe5)
Prerequisite patch:
Correct a typo in the Changelog and clean up a stray file
Fix changes in libusb which introduced a regression:
Commit e2be556bd2 ("linux_usbfs: Parse config descriptors during device
initialization") introduced a regression for devices with multiple
configurations. The logic that verifies the reported length of the
configuration descriptors failed to count the length of the
configuration descriptor itself and would truncate the actual length by
9 bytes, leading to a parsing error for subsequent descriptors.
Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
(cherry picked from commit 4b37e3bc2b)
The zoneinfo packages are not installed per default so neither
/tmp/localtime nor /tmp/TZ is generated.
This patch mostly reverts the previous fix and instead incooperates a
solution suggested by Jo.
Fixes "base-files: fix zoneinfo support " 8af62ed
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 56bdb6bb97)
The system init script currently sets /tmp/localinfo when zoneinfo is
populated. However, zoneinfo has spaces in it whereas the actual files
have _ instead of spaces. This made the if condition never return true.
Example failure when removing the if condition:
/tmp/localtime -> /usr/share/zoneinfo/America/Los Angeles
This file does not exist. America/Los_Angeles does.
Ran through shfmt -w -ci -bn -sr -s
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 8af62ede18)
Major changes are:
Avoid page allocation failure from upcase table allocation.
Add support for FITRIM.
Improve write perofmrance on dirsync mount.
Improve lookup perofmrance.
Fix a bug on discard mount.
Switch to AUTORELEASE to avoid having to bump it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Some interfaces have a VLAN modifier like :t in lan1:t, this modifier
should be removed from the interface before calling preinit_ip_config().
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 790561d510)
Adapt the preinit_config_board() to the board.json network changes. It
now looks for the device and the ports variables to configure the LAN
network.
This works with swconfig configurations.
Fixes: FS#3866
Fixes: d42640e389 ("base-files: use "ports" array in board.json network for bridges")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 467cd378db)
Commit 0a7657c ("hostapd: add channel utilization as config option") added the
two new uci options bss_load_update_period and chan_util_avg_period. However,
the corresponding "config_add_int" calls for these options weren't added, so
attempting to actually use these options and change their values is bound to
fail - they always stay at their defaults. Add the missing code to actually
make these options work.
Fixes: 0a7657c ("hostapd: add channel utilization as config option")
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
(cherry picked from commit 85ce590705)
Fixes: 125deb4d78 ("base-files: set MAC for bridge ports (devices) instead of bridge itself")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 946019637e)
