Currently the user space stack cookies work well also when the kernel
stack cookies are not activated. This is handled completely in user
space and does not need kernel support.
This dependency was probably needed some years ago when the libc did not
support stack cookies.
Reviewed-by: Ian Cooper <iancooper@hotmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Switch to binutils version 2.34 for all CPUs by default. The ARC CPUs
do not need any special binutils version any more.
This increases the image size by 0.2% on MIPS (lantiq)
Tested on lantiq, ipq40xx
Acked-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes a warning in the SPI driver at bootup. This warning is seen
in kernel 5.4 on lantiq deives.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The following patches:
* 972-ath10k_fix-crash-due-to-wrong-handling-of-peer_bw_rxnss_override-parameter.patch
* 973-ath10k_fix-band_center_freq-handling-for-VHT160-in-recent-firmwares.patch
are replaced by this commit in the upstream kernel:
* 3db24065c2c8 ("ath10k: enable VHT160 and VHT80+80 modes")
The following patches were applied upstream:
* 001-rt2800-enable-MFP-support-unconditionally.patch
* 090-wireless-Use-linux-stddef.h-instead-of-stddef.h.patch
The rtw88 driver is now split into multiple kernel modules, just put it
all into one OpenWrt kernel package.
rtl8812au-ct was patched to compile against the mac80211 from kernel
5.8, but not runtime tested.
Add a patch which fixes ath10k on IPQ40XX, this patch was send upstream
and fixes a crash when loading ath10k on this SoC.
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [ipq40xx/ map-ac2200]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Ever since this package was introduced, the SDK for mt7629 failed to
build as it started failing on this package.
Fixed by porting Hauke's similar patch for uboot-sunxi to uboot-mediatek.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
If using a configuration file for OpenVPN, allow overriding name of the
interface. The reason is that then people could use configuration file
provided by VPN provider directly and override the name of the interface
to include it in correct firewall zone without need to alter the
configuration file.
Signed-off-by: Michal Hrusecky <michal@hrusecky.net>
(cherry picked from commit c93667358515ec078ef4ac96393623ac084e5c9e)
Split out code that parses openvpn configuration file into separate file
that can be later included in various scripts and reused.
Signed-off-by: Michal Hrusecky <michal@hrusecky.net>
(cherry picked from commit 86d8467c8ab792c79809a08c223dd9d40da6da2e)
The stored source code of flock contains the version string of version
2.18, reflect that in the Makefile.
Motivation is the tracking of changes in the buildsystem, which requires
versioning of packages.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Comparing the in tree stored source file of sstrip suggests it's version
2.0[0], reflect that in the Makefile.
Motivation is the tracking of changes in the buildsystem, which requires
versioning of packages.
[0]: df4426a0f0 (diff-d3ba694d91432a068d5d3b36abf8cd0f)
Signed-off-by: Paul Spooren <mail@aparcar.org>
There is no versioning information in the firmware-utils code nor the
Makefile. Consider it as first release by adding PKG_RELEASE.
Motivation is the tracking of changes in the buildsystem, which requires
versioning of packages.
Also update copyright.
Signed-off-by: Paul Spooren <mail@aparcar.org>
There is no versioning information in the patch-image code nor the
Makefile. Consider it as first release by adding PKG_RELEASE.
Motivation is the tracking of changes in the buildsystem, which requires
versioning of packages.
Also update copyright.
Signed-off-by: Paul Spooren <mail@aparcar.org>
This applies to tools directory what has been done for package/ in
commit 9c170cb92f ("package: drop PKG_VERSION for purely local
packages"):
In the package guidelines, PKG_VERSION is supposed to be used as
"The upstream version number that we're downloading", while
PKG_RELEASE is referred to as "The version of this package Makefile".
Thus, the variables in a strict interpretation provide a clear
distinction between "their" (upstream) version in PKG_VERSION and
"our" (local OpenWrt trunk) version in PKG_RELEASE.
For local (OpenWrt-only) packages, this implies that those will only
need PKG_RELEASE defined, while PKG_VERSION does not apply following
a strict interpretation. While the majority of "our" packages actually
follow that scheme, there are also some that mix both variables or
have one of them defined but keep them at "1".
This is misleading and confusing, which can be observed by the fact
that there typically either one of the variables is never bumped or
the choice of the variable to increase depends on the person doing the
change.
Consequently, this patch aims at clarifying the situation by
consistently using only PKG_RELEASE for "our" packages. For tools/,
only three packages were affected. This fixes two of them, and
leaves the remaining wrt350nv2-builder untouched, as the code there
seems to have some versioning of its own that is treated as upstream
version in PKG_VERSION.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This reverts commit 1623defbdb.
As already stated in the reverted patch, the OEM firmware will
properly recreate the config partition if it is overwritten by
OpenWrt.
The main reason for adding the partition was the image size
restriction imposed by the 0x3d0000 limitation of the TFTP
flashing process. Addressing this by shrinking the firmware
partition is not a good solution to that problem, though:
1. For a working image, the size of the content has to be smaller
than the available space, so empty erase blocks will remain.
2. Conceptually, the restriction is on the image, so it makes sense
to implement it in the same way, and not via the partitioning.
Users could e.g. do initial flash with TFTP restriction with
an older image, and then sysupgrade into a newer one, so TFTP
restriction does not apply.
3. The (content) size of the recovery image is enforced to 0x3d0000
by the tplink-v2-image command in combination with
TPLINK_FLASHLAYOUT (flash layout in mktplinkfw2.c) anyway.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Currently arc770 sets a board name from compatible for no apparent
reason. Just use the compatible directly instead.
This theoretically removes a board name "generic" when no compatible
was present, however, there is no case where this "generic" board
name was actually used.
This also fixes an issue where snps,axs101 would not have been
properly detected anyway, as its case was not set up syntactically
correct.
Fixes: 576621f1e3 ("linux: add support of Synopsys ARC770-based boards")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Currently archs38 sets a board name from compatible for no apparent
reason. Just use the compatible directly instead.
This theoretically removes a board name "generic" when no compatible
was present, however, there is no case where this "generic" board
name was actually used.
This also fixes an issue where snps,axs103 would not have been
properly detected anyway, as its case was not set up syntactically
correct.
Fixes: 73015c4cb3 ("linux: add support of Synopsys ARCHS38-based boards")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
MT7620 seems to work fine with kernel 5.4. Set the default kernel
version to 5.4 to bring this to a broader audience.
Tested on Archer C2 v1 / Archer C20i
Signed-off-by: David Bauer <mail@david-bauer.net>
Increase the SPI frequency for the MT7620 based TP-Link Archer
series to 30MHz.
TP-Link uses different SPI flash chips for the same board
revision, so be conservative to not break boards with a
different chip. 30MHz should be well supported by all chips.
Tested on Archer C2 v1 (GD25Q64B) and Archer C20i (W25Q64FV).
Archer C20i (before)
====================
root@OpenWrt:~# time dd if=/dev/mtd1 of=/tmp/test.bin bs=64k
122+0 records in
122+0 records out
real 0m 15.30s
user 0m 0.00s
sys 0m 15.29s
Archer C20i (after)
===================
root@OpenWrt:~# time dd if=/dev/mtd1 of=/tmp/test.bin bs=64k
122+0 records in
122+0 records out
real 0m 5.99s
user 0m 0.00s
sys 0m 5.98s
Signed-off-by: David Bauer <mail@david-bauer.net>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The bootloader only writes the first 2MB of the image to the NOR flash
when installing the NAND factory image. The bootloader is capable of
booting larger kernels as it boots from the memory mapped SPI flash.
Disable the NAND factory image. The NAND can be bootstrapped by writing
the NAND initramfs image using the NOR upgrade method in the bootloader
web-recovery and sysupgrading from there. The NOR variant is not
affected.
Also refactor the partition definitions in the DTS to make them less
annoying to read.
Signed-off-by: David Bauer <mail@david-bauer.net>
The TL-WR841ND v8 feature a WiFi switch instead of a button.
This adds the corresponding input-type to prevent booting into
failsafe regularly.
This has been defined correctly in ar71xx, but was overlooked
when migrating to ath79. In contrast, the TL-WR842ND v2, which
has the key set up as switch in ar71xx, actually has a button.
The TL-MR3420 v2 has a button as well and is set up correctly
for both targets. (Information based on TP-Link user guide)
Note:
While looking into this, I found that support PR for TL-MR3420 v2
switched reset button to ACTIVE_HIGH. However, the other two
device still use ACTIVE_LOW. This seems strange, but I cannot
verify it lacking the affected devices.
Fixes: FS#2733
Fixes: 9601d94138 ("add support for TP-Link TL-WR841N/ND v8")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This patch adds a trigger for the WAN LED and enhances support for
the WiFi LED by enabling activity indication.
This is based on bug report feedback (see reference below).
While at it, update the LED node names in DTS file.
Fixes: FS#732
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
In most cases the DEVICE_DTS name can be derived easily from the
node name, so let's do this to enforce harmonized names where
possible.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The DEVICE_DTS variable always matches the device definition name,
just with "_" replaced by "-". Thus, create a DEVICE_DTS definition
in Device/Default and drop all the individual statements.
If necessary in the future, local DEVICE_DTS will still overwrite
that default.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
WRT610N V2 is not detected by the initial network configuration script.
The switch remains unconfigured and wlan/lan vlans are not created.
This adds the correct setup for the device.
Fixes: FS#1869
Suggested-by: Alessandro Radicati
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The function name ucidef_set_interface_lan_wan does not exist,
use the proper name by adding an "s" and thereby fix network
setup on these devices.
Fixes: 22468cc40c (ramips: erx and erx-sfp: fix missing WAN interface)
Signed-off-by: Nelson Cai <niphor@gmail.com>
[commit message/title facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Previously hostapd would not stop transmitting when a DFS event was
detected and no available channel to switch to was available.
Disable and re-enable the interface to enter DFS state. This way, TX
does not happen until the kernel notifies hostapd about the NOP
expiring.
Signed-off-by: David Bauer <mail@david-bauer.net>
Currently a device which has a DFS channel selected using the UCI
channel setting might switch to a non-DFS channel in case no chanlist is
provided (UCI setting "channels") when the radio detects a DFS event.
Automatically add a chanlist consisting of the configured channel when
the device does not operate in auto-channel mode and no chanlist set to
circumvent this issue.
Signed-off-by: David Bauer <mail@david-bauer.net>
Similar to wireguard, vxlan can configure multiple peers or add specific
entries to the fdb for a single mac address.
While you can still use peeraddr/peer6addr option within the proto
vxlan/vxlan6 section to not break existing configurations, this patch
allows to add multiple sections that conigure fdb entries via the bridge
command. As such, the bridge command is now a dependency of the vxlan
package. (To be honest without the bridge command available, vxlan isn't
very much fun to use or debug at all)
Field names are taken direclty from the bridge command.
Example with all supported parameters, since this hasn't been documented so
far:
config interface 'vx0'
option proto 'vxlan6' # use vxlan over ipv6
# main options
option ip6addr '2001:db8::1' # listen address
option tunlink 'wan6' # optional if listen address given
option peer6addr '2001:db8::2' # now optional
option port '8472' # this is the standard port under linux
option vid '42' # VXLAN Network Identifier to use
option mtu '1430' # vxlan6 has 70 bytes overhead
# extra options
option rxcsum '0' # allow receiving packets without checksum
option txcsum '0' # send packets without checksum
option ttl '16' # specifies the TTL value for outgoing packets
option tos '0' # specifies the TOS value for outgoing packets
option macaddr '11:22:33:44:55:66' # optional, manually specify mac
# default is a random address
Single peer with head-end replication. Corresponds to the following call
to bridge:
$ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3
config vxlan_peer
option vxlan 'vx0'
option dst '2001:db8::3' # always required
For multiple peers, this section can be repeated for each dst address.
It's possible to specify a multicast address as destination. Useful when
multicast routing is available or within one lan segment:
config vxlan_peer
option vxlan 'vx0'
option dst 'ff02::1337' # multicast group to join.
# all bum traffic will be send there
option via 'eth1' # for multicast, an outgoing interface needs
# to be specified
All available peer options for completeness:
config vxlan_peer
option vxlan 'vx0' # the interface to configure
option lladdr 'aa:bb:cc:dd:ee:ff' # specific mac,
option dst '2001:db8::4' # connected to this peer
option via 'eth0.1' # use this interface only
option port '4789' # use different port for this peer
option vni '23' # override vni for this peer
option src_vni '123' # see man 3 bridge
Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
vxlan can be configured without a peer address. This is used to prepare
an interface and add peers later.
Fixes: FS#2743
Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
Acked-by: Matthias Schiffer <mschiffer@universe-factory.net>
This adds new strings to the support list for the TP-Link CPE210 v3
that are supposed to work with the existing setup.
Without it, the factory image won't be accepted by the vendor UI on
these newer revisions.
Tested on a CPE210 v3.20 (EU).
Ref: https://forum.openwrt.org/t/build-for-cpe210-v3-20/68000
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This fixes a nasty problem introduced in 2.81 which causes random
crashes on systems where there's significant DNS activity over TCP. It
also fixes DNSSEC validation problems with zero-TTL DNSKEY and DS
records.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Further complete OCI container support in ujail:
f5f305e jail: move /tmp/resolv.conf.d to /dev/resolv.conf.d
6f078ae jail: add support for defining devices
686cf7a jail: actually apply filesystem-specific mount options
f91009a jail: refactor default mounts into new structure
66ae2d9 jail: re-implement /proc/sys/net read-write in netns hack
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Pressing the 'WLAN' button should enable/disable wireless activity.
Currently, the button is mapped to the KEY_WLAN, which will not
have this effect.
This patch changes the mapping of the WLAN button, so a button
press will emit an action for the 'rfkill' key instead of 'wlan'.
Apparently, this is what stock OpenWRT expects.
This fix is analogous to the preceding patch for Fritzbox 3370.
Signed-off-by: Dustin Gathmann <dzsoftware@posteo.org>
The WLAN button actions are reversed, i.e. pressing the button emits a
'released' action, and vice versa.
This can easily be checked by adding
logger -t button_action "$BUTTON $ACTION"
as the second line of /etc/rc.button/rfkill, and using logread to read
the events (assuming the preceding patch has been applied).
Defining the GPIO as ACTIVE_LOW corrects this behavior.
Signed-off-by: Dustin Gathmann <dzsoftware@posteo.org>
Pressing the 'WLAN' button should enable/disable wireless activity.
However, on the Fritzbox 3370 this doesn't have an effect.
This patch changes the mapping of the physical WLAN button, so a button
press will emit an action for the 'rfkill' key instead of 'wlan'.
Apparently, this is what stock OpenWRT expects, and also what is
implemented for most other devices.
Signed-off-by: Dustin Gathmann <dzsoftware@posteo.org>
9eddf0f jail: fix hooks
1b1286b jail: parse and apply OCI sysctl values
c049047 jail: implement OCI user additionalGIDs
0e1920c jail: read and apply umask from OCI if defined
1c46cc3 jail: parse and apply POSIX rlimits
76adac5 jail: /proc/$pid/oom_score_adj to OCI defined oomScoreAdj
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The config partition was missing from the flash layout of the device.
Although the stock firmware resets a corrupted config partition to the
default values, the TFTP flash with an image bigger than 0x3d0000 will
truncate the image as the bootloader only copies 0x3d0000 bytes to flash
during TFTP flashing.
Fixed by adding the config partition and shrinking the firmware
partition.
Fixes: 3fd97c522b ("ramips: add support for TP-Link TL-WR841n v14")
Signed-off-by: Alexander Müller <donothingloop@gmail.com>
The factory partition on this device is only 64k in size, so having
mediatek,mtd-eeprom = <&factory 0x10000> would place the EEPROM data
after the end of the flash. As can be verified against the TP-Link
GPL sources, which contain the EEPROM data as binary blob, the actual
address for the EEPROM data is 0x0.
Since 0x0 is default for MT7628, the incorrect line is just removed.
This error is the reason for the abysmal Wifi performance that people
are complaining about for the WR841Nv14.
Fixes: 3fd97c522b ("ramips: add support for TP-Link TL-WR841n v14")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Don't create UCI switch config for the GL.iNet microuter-N300 and
VIXMINI. These devices only have a single LAN port.
Creating the switch config makes usage of VLANs more complicated,
as they would have to be configured on the MAC as well as the "switch".
Signed-off-by: David Bauer <mail@david-bauer.net>
8d5208f jail: fix false return in case of nofail mount
b41f76b procd: fix compile if procd-ujail is not selected
86a5105 jail: fs: fix build on uClibc-ng
bfce7d1 jail: fix some more mount options
268126a jail: add support for maskedPaths and readonlyPaths
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Split the /etc/uci-defaults/01_led_migration scripts into subtargets
as already done for most of the other base-files.
While this introduces a minor amount of code duplication, it still
is considered an improvement, as device-specific settings are kept
together in the subtargets' base-files and the script at hand can be
removed entirely for two of the subtargets not needing it.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This file is always present because it is part of the ltq-dsl-base
package on which these packages depend.
This check would not have been necessary in the past, because the script
was part of the TARGET_LANTIQ on which these packages also depend.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
It does not make sense to install this components on lantiq systems
where the dsl subsystem is not needed/used.
This also makes it possible to use the files also on other targets.
(hopefully ipq401x / FritzBox 7530 in the near future)
Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>