Commit Graph

52375 Commits

Author SHA1 Message Date
Rafał Miłecki
366be2183e bcm53xx: backport early DT patches queued for 5.16
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-09-23 07:55:55 +02:00
Ansuel Smith
ff875876da scripts: format dl_cleanup to black format python style
Forma dl_cleanup python script to black style.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2021-09-22 19:54:00 -10:00
Ansuel Smith
4eb4c3c469 scripts: add missing regex for dl_cleanup script
Regex xxx-YYYY-MM-DD-GIT_SHASUM was missing. Add the new regex to improve
and better find outdated package. This also fix a bug where some bug were
incorrectly detected as packagename-yyyy-mm-dd instead of packagename due
to them be parsed by the wrong parser

Example:

    openwrt-keyring-2021-02-20-49283916.tar.xz

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
[added example in commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-09-22 19:51:44 -10:00
Paul Spooren
f48ced582d toolchain/binutils: switch to version 2.37 by default
Compile tests:
* all

Runtime tests:
* ipq806x/generic
* lantiq/mt7621
* lantiq/xrx200
* x86/64

Signed-off-by: Paul Spooren <mail@aparcar.org>
Tested-by: Paul Spooren <mail@aparcar.org>
Tested-by: Rosen Penev <rosenp@gmail.com>
Tested-by: Andre Heider <a.heider@gmail.com>
Tested-by: Ansuel Smith <ansuelsmth@gmail.com>
Tested-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-09-22 19:37:24 -10:00
Timo Sigurdsson
f83e927b87 fstools: ensure filesystems are mounted before log service starts
Currently, the fstab service starts after the log service which breaks
the ability to write a persistent log file to a filesystem mounted by
the fstab service. Thus, change the start order of the fstab service so
it starts right before the log service.

Fixes: b131853 ("ubox: update to latest git revision")
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
[set to 11 to be explicitly before log, not only alphabetically, SPDX]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-09-22 16:49:10 -10:00
Hauke Mehrtens
97bc59a5c0 mac80211: Update to backports-5.10.68
Refresh all patches.
The removed patches were integrated upstream.

This contains fixes for CVE-2020-3702

1. These patches (ath, ath9k, mac80211)  were included in kernel
versions since 4.14.245 and 4.19.205. They fix security vulnerability
CVE-2020-3702 [1] similar to KrØØk, which was found by ESET [2].

Thank you Josef Schlehofer for reporting this problem.

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-3702
[2] https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-22 22:24:00 +02:00
Hauke Mehrtens
71e96532df toolchain/musl: Remove extra format attribute patch
This patch never went upstream so remove it. GCC should already add such
a check to the common functions.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-22 19:04:02 +02:00
Rosen Penev
f84b513266 bpftools: fix compilation with musl 1.2.x
A definition for __maybe_inline is needed.

Refreshed patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-22 19:04:02 +02:00
Rosen Penev
b519be1c52 toolchain/musl: remove several GNU headers
Remove GLOB_ONLYDIR patch. Only fstools relies on it. fstools has been
fixed separately.

Remove woresize.h file. It seems to be for an old version of GCC.

Remove features.h and glibc-types files. Same as above.

Remove sys/cdefs.h. This is a deprecated header. Patches to fix packages
that use it have already been patched.

Tested with all packages in the base tree. They all compile.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-22 19:04:02 +02:00
Rosen Penev
aaec2ad13b toolchain/musl: update to 1.2.2
This release introduces 64-bit time_t, which is needed to avoid the
year 2038 problem.

Remove upstream patches. Refreshed others.

Rebased features.h file based on latest musl.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-22 19:04:02 +02:00
Paul Spooren
da5bb885e1 toolchain/gcc: switch to version 11 by default
gcc10 seem to increase build size and gcc11 seem to fix that.

Compile tests:
* all

Runtime tests:
* ath79
* mpx85xx/p2020
* mvebu
* x86/64

Special thanks to Rosen for fixing layerscape & bcm63xx

Signed-off-by: Paul Spooren <mail@aparcar.org>
Reviewed-by: Rui Salvaterra <rsalvaterra@gmail.com
Acked-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Rui Salvaterra <rsalvaterra@gmail.com
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
Tested-by: Pawel Dembicki <paweldembicki@gmail.com>
Tested-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2021-09-21 22:07:36 -10:00
Rosen Penev
50773c5c98 tfp-layerscape: update to LSDK-20.12
Fixes compilation with GCC11.

Kept PKG_VERSION as there's some bug that chops off the 12 at the end.

Refreshed other patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-21 21:39:01 -10:00
Rosen Penev
96c7164acd restool: update to LSDK-20.12
Fixes compilation with both GCC 10 and 11.

Switched to AUTORELEASE for simplicity.

Removed PKG_VERSION as it's derived from PKG_SOURCE_VERSION.

Removed all patches as they are upstream backports.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-21 21:39:01 -10:00
Rosen Penev
f9050f1c43 bcm63xx: remove memcpy from mac assignment
With GCC11, memcpy doesn't work here as it assumes a size of 0. Use
ioremap to avoid it.

Fixed parameter type to match board_get_mac_address.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-21 15:46:19 -10:00
Paul Spooren
753f2f1eaa toolchain/gcc: cleanup gcc9 config option
This line should have been removed in 244847da "build: remove GCC9
support" but stayed in tree after an incomplete rebase. Fix it.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-09-21 15:10:25 -10:00
David Lam
6a2f516d55 6rd: delete tunnel on interface teardown
Delete tunnel on 6rd interface teardown.
Should solve problem related to tunnel stuck on restart loop
with "Unknown Command" on tunnel restart due to wan connection drop.

This patch is similar to the one written by Ansuel on Aug 2, 2021
but the 6rd teardown produces the same symptoms when the network
service is restarted.

Signed-off-by: David Lam <david@thedavid.net>
2021-09-22 01:45:33 +03:00
Kuan-Yi Li
b62a4cfc93 restool: fix compilation with GCC 10
GCC 10 defaults to `-fno-common` and complains about multiple definition
of `mc_status` in restool.

Backport a patch from upstream to fix compilation with host GCC 10.

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2021-09-21 21:07:55 +03:00
Felix Fietkau
17d19a7d43 hostapd: let netifd set bridge port attributes for snooping
Avoids race conditions on bridge member add/remove

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-21 19:43:20 +02:00
Felix Fietkau
ef24475658 ustp: update to the latest version
c62d85cf7a0d bridge: check port bpdu filter status and apply it to the config
25555611be91 libnetlink: turn rtnetlink error answers into debug msgs
462b3a491347 build: use pthread cflags/ldflags

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-21 19:43:20 +02:00
Felix Fietkau
c0d77852a7 netifd: update to the latest version
d590fbd255ce wireless: always enable bpdu filter for AP interfaces and VLANs
f8ff6d820283 system-linux: remove copy&paste from /proc and /sys path names
300b1220fab3 wireless: improve reliability of proxyarp support
5ba9744aac6d device: add support for configuring bonding devices
6fa9b042ff4d wireless: only apply wireless device attributes to the base vif interface
06d11bbf1f2b wireless: only enable proxyarp/isolate for AP vifs
08e954e137ff bonding: claim the port device before creating the bonding device

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-21 19:43:20 +02:00
Felix Fietkau
a4b5bc20d7 kernel: add a bridge feature for filtering BPDU packets on ports
This will be used to ensure that APs don't transmit unnecessary STP packets

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-21 19:43:20 +02:00
Hauke Mehrtens
309c8b4902 arm-trusted-firmware-mvebu: Add hash for aarch64 cm3-gcc
This adds the hash also for the aarch64 toolchain in addition to the
x86_64 toolchain. This gets the build on a Linux aarch64 host one step
further.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-20 15:59:47 +02:00
Eneas U de Queiroz
c377d874be libtool: bump to 2.4.6
This updates libtool to its current release, from 2015.  Current patches
were renumbered and given a description text.  The fix in
160-passthrough-ssp.patch is no longer needed.

A patch to speed up build was cherry-picked, and another openwrt
specific patch was needed to not use quotes in $(SHELL), to acommodate
our "SHELL=/usr/bin/env bash" usage.

The already present call to ./bootstrap ensures that generated files are
refreshed, so the patches are applied only to their sources.  Also, that
bootstrap call was adjusted to run at the appropriate time when QUILT=1.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2021-09-20 15:21:17 +02:00
Rosen Penev
8c863f604d tools/e2fsprogs: update to 1.46.4
Refresh patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-20 15:21:17 +02:00
Rosen Penev
0d983c2a68 tools/autoconf-archive: update to 2021.02.19
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-20 15:21:17 +02:00
Rosen Penev
d23c5ecb19 tools/sstrip: update to 3.2
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-20 15:21:17 +02:00
Rosen Penev
674bda09e2 tools/sparse: update to 0.6.4
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-20 15:21:17 +02:00
Rosen Penev
aae4bf7c62 tools/mtools: update to 4.0.35
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-20 15:21:17 +02:00
Rosen Penev
fc9682ed39 tools/m4: update to 1.4.19
Remove upstreamed patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-20 15:21:17 +02:00
Rosen Penev
22c30ed958 tools/fakeroot: update to 1.26
Remove upstreamed patches. Refresh other.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-20 15:21:17 +02:00
Rosen Penev
af1853af60 tools/bison: update to 3.8.1
Remove upstreamed patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-20 15:21:17 +02:00
Paul Spooren
62ed1af15d build: remove GCC7 support
The development branch is now on version 10, we shouldn't drag to many
old versions and therefore drop at least 7.x.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Acked-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Rui Salvaterra <rsalvaterra@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2021-09-19 11:26:00 -10:00
Paul Spooren
244847dae9 build: remove GCC9 support
gcc9 was never used within a release and the development branch is
already on version 10, no need to keep this in tree.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Acked-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Rui Salvaterra <rsalvaterra@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2021-09-19 11:21:02 -10:00
Hans Dedecker
f413e4835e iproute2: update to 5.14
Update iproute2 to latest stable 5.14; for the changes see https://lwn.net/Articles/867940/

Refresh patches

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2021-09-18 20:59:31 +02:00
Rafał Miłecki
0be4dea48e kernel: add missing CONFIG_NET_DSA_TAG_BRCM_LEGACY config symbol
This fixes:
Distributed Switch Architecture (NET_DSA) [Y/n/m/?] y
  Tag driver for Atheros AR9331 SoC with built-in switch (NET_DSA_TAG_AR9331) [N/m/y/?] n
  Tag driver for Broadcom switches using in-frame headers (NET_DSA_TAG_BRCM) [N/m/y/?] n
  Tag driver for Broadcom legacy switches using in-frame headers (NET_DSA_TAG_BRCM_LEGACY) [N/m/y/?] (NEW)
Error in reading or end of file.

Fixes: 8fa1b576bb ("linux: update b53 upstream driver")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-09-17 22:07:03 +02:00
Rafał Miłecki
8fa1b576bb linux: update b53 upstream driver
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-09-17 10:15:26 +02:00
Rosen Penev
aa344bcfa8 tools/pkgconf: update to 1.8.0
Switch to compiling with meson for faster and more reliable compilation.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-16 16:31:28 -10:00
Rosen Penev
c4dfdde2ea tools: add meson
meson is a next generation build system designed to have good defaults,
simpler build files, and fast compilation.

It is built upon python and uses ninja for compilation. The latter
provides fast by default (parallel) and problem free compilation.

There are over 40 packages already successfully using meson. The next
commit will convert pkgconf to use meson compilation.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-16 16:31:28 -10:00
Rosen Penev
4b898afdd2 tools/mm-macros: remove
ccaaab1c04 says that this is in the
codebase because of libsigc++, which is not in the codebase anymore.
Neither in base nor in packages. It doesn't seem to be needed by
anything else either. GNOME packages have transitioned to using meson,
which does not use m4 files.

Tested local compile with CONFIG_ALL. No problems seen.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-16 16:27:32 -10:00
Rafał Miłecki
a46fa5c3a7 bcm53xx: drop DTS based workaround for serial support in procd
Specifying serial in bootargs is not needed since the commit
ffeb37047e ("procd: update to git HEAD"). It's thanks to the procd
commit 2cfc26f8456a ("inittab: detect active console from kernel if no
console= specified").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-09-16 07:59:50 +02:00
Daniel Golle
10df8ffcdf
procd: update to git HEAD
8a60e7e trace: don't leak file descriptor in error path
 68df9ac procd: fix container deletion
 f16abe0 uxc: add JSON output option for 'list' command
 a23c888 jail: prepare for adding process to existing namespace
 50da8a4 instance: allow jailed service to join namespace(s)
 482d1ab Revert "jail: do not hack /etc/resolv.conf on container rootfs"
 1eb4371 jail: start ubus and netifd instances for container with netns

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-09-15 21:47:32 +01:00
Daniel Golle
83672f506d
sunxi: add testing Linux 5.10
Add testing Linux kernel 5.10 for sunxi targets.

Removed patches were replaced by upstream commits:

- 410-v5.6-arm64-dts-allwinner-a64-olinuxino-Add-bank-supply-re.patch
   f0c3b29f56f0a arm64: dts: allwinner: a64: olinuxino: Add bank supply regulators

- 420-v5.7-arm64-dts-allwinner-a64-olinuxino-add-user-red-LED.patch
   89866b2667e0d arm64: dts: allwinner: a64: olinuxino: add user red LED

- 440-add-h6-pwm.patch
   a7fe985633f92 pwm: sun4i: Add an optional probe for reset line
   b8d74644f34a8 pwm: sun4i: Prefer "mod" clock to unnamed
   5b090b430d750 pwm: sun4i: Add an optional probe for bus clock
   fa4d81784681a pwm: sun4i: Always calculate params when applying new parameters
   9f28e95b5286f pwm: sun4i: Add support to output source clock directly
   fdd2c12e3761f pwm: sun4i: Add support for H6 PWM

- 441-arm64-dts-add-PWM-node.patch
   88432f5f8469b arm64: dts: allwinner: h6: Add PWM node

- 443-board-h6-orangepioneplus-fix-missing-ethernet.patch
   7ee32a17e0d65 arm64: dts: allwinner: h6: orangepi-one-plus: Enable ethernet

Run tested on friendlyarm,nanopi-neo (allwinner,sun8i-h3), looks all good.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-09-15 19:11:44 +01:00
Daniel Golle
47b531de32
sunxi: bring up DSA b53 switch on Lamobo R1
Build cortexa7 subtarget with DSA driver for MDIO-connected Broadcom
BCM53xxx switches. This is needed for the Lamobo R1 aka. BananaPi
BPi-R1 board which comes with such a switch IC.

Remove old swconfig driver from target kernel config as the only board
using it is now supported by the DSA driver.

No changes to device tree are needed as upstream DTS already got a
DSA switch definition and we are just using that upstream source.

Update default network config of the Lamobo R1 to create lan bridge
with all 4 lan ports.

Introduce DEVICE_COMPAT_VERSION for the board to inform users about
having the re-create their network configuration and add device alias
as Bananapi BPi-R1 while at it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-09-15 19:11:29 +01:00
sean lee
23e4d90b61 arm-trusted-firmware-mvebu: CZ.NIC's Secure Firmware bump to v2021.09.07
bump version and remove patches that have been applied

176d701 wtmi: Wait 1s after putting PHYs INTn pin low
2eeccfe wtmi: Change comment describing reset workaround
e8c94a5 wtmi: Count RAM size from both CS0 and CS1
995979e wtmi: Rename macro
e29eb29 wtmi: soc: Fix start_ap_workaround() for TF-A with debug
81245ed wtmi: Use constant name PLAT_MARVELL_MAILBOX_BASE
18ccb83 wtmi: Do a proper UART reset with clock change as described in spec
15ff106 avs: Validate VDD value from OTP
3f33626 fix: clock: a3700: change pwm clock for 600/600 and 1200/750 preset
fb5e436 wtmi: uart: fix UART baudrate divisor calculation

Signed-off-by: sean lee <ilf@live.com>
2021-09-15 16:43:10 +02:00
Paul Spooren
5ef4608c02 build: store artifacts in JSON
Multiple profiles create artifacts, these should be stored in the JSON
file as well, allowing downstream tooling to show those files, too.

Artifacts don't have specific filesystems so only the fields `name`,
`type` and `sha256` are available.

Rename env variable names from IMAGE_ to FILE_ prefixes to reflect that
images, kernels and artifacts are added with the same command.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-09-14 10:42:38 -10:00
Etan Kissling
02a2b44eab dnsmasq: add config option for connmark DNS filtering
This adds uci support to configure connmark based DNS filtering.

Signed-off-by: Etan Kissling <etan_kissling@apple.com>
(imported from upstream mailing list
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/015151.html)
Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
2021-09-14 20:56:20 +02:00
Etan Kissling
d2d0044ebf dnsmasq: Update to version 2.86
Summary of upstream CHANGELOG:
* Handle DHCPREBIND requests in the DHCPv6 server code.
* Fix bug which caused dnsmasq to lose track of processes forked.
* Major rewrite of the DNS server and domain handling code.
* Revise resource handling for number of concurrent DNS queries.
* Improve efficiency of DNSSEC.
* Connection track mark based DNS query filtering.
* Allow smaller than 64 prefix lengths in synth-domain.
* Make domains generated by --synth-domain appear in replies
  when in authoritative mode.
* Ensure CAP_NET_ADMIN capability is available when
  conntrack is configured.
* When --dhcp-hostsfile --dhcp-optsfile and --addn-hosts are
  given a directory as argument, define the order in which
  files within that directory are read.
* Support some wildcard matching of input tags to --tag-if.

Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
2021-09-14 20:38:59 +02:00
Sander Vanheule
46dec9952b firmware-utils: tplink-safeloader: set EAP235-Wall v1 soft-version
Starting with v3 of the vendor firmware for the TP-Link EAP235-Wall v1,
downgrades to firmware versions below v3 as not allowed.  Since OpenWrt
uses version 0.0.0 as a default, this causes the factory install to fail
on devices with a recent firmware. This failure is associated by the
following message on the device's serial console:

    EAP235/230-Wall forbid fw reverted from 3.x.x to lower version!

Vendor firmware (v3) also uses build and release numbers to compare
images, so identical version numbers are very unlikely to cause issues.
Bump the firmware version to 3.0.0 to ensure users can install OpenWrt
on their devices.

Reported-by: Colton Conor <colton.conor@gmail.com>
Tested-by: Colton Conor <colton.conor@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2021-09-13 18:36:15 +02:00
Sander Vanheule
8dba4741b3 firmware-utils: tplink-safeloader: improve soft-version customisation
Some devices using the safeloader firmware format require a minimum or
specific version to be set in the soft-version metadata partition.
Currently only custom text values can be provided, but not all device
firmware support this format.

Modify the device info struct to allow for more well-defined types of
soft-version overwrites, and provide a few macros for easy value
initialisation. Requires all existing values to be updated to match the
new structure.

Signed-off-by: Sander Vanheule <sander@svanheule.net>
[Adapt TL-WA1201-V2 entry too]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-13 18:36:15 +02:00
Ivan Pavlov
7d92bb0509 wolfssl: update to 4.8.1-stable
Changes from 4.7.0:
  Fix one high (OCSP verification issue) and two low vulnerabilities
  Improve compatibility layer
  Other improvements and fixes

For detailed changes refer to https://github.com/wolfSSL/wolfssl/releases

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
2021-09-13 18:36:15 +02:00