Commit Graph

18490 Commits

Author SHA1 Message Date
Ronny Kotzschmar
72bfc35f8f umdns: add missing syscalls to seccomp filter
The 'mmap', 'mmap2', 'munmap' syscalls are missing.
Found with 'utrace /usr/sbin/umdns'.

Signed-off-by: Ronny Kotzschmar <ro.ok@me.com>
2021-10-07 23:21:59 -10:00
Stijn Tintel
b4a3c20aa4 kernel: drop kmod-gpio-dev
The GPIO_DEVICE symbol belonged to a custom driver that was removed from
OpenWrt in 2012. The symbol never existed in the upstream kernel.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-10-05 23:30:48 +03:00
Hannu Nyman
9fb038ca64 busybox: update to 1.34.1
Update busybox to version 1.34.1, which is a minor
maintenance release. It contains just the two post-1.34.0
upstream patches that we earlier backported plus a few fixes
to awk.

* Remove the two backported upstream patches that are
  now unnecessary.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2021-10-05 20:59:32 +02:00
Daniel Golle
b6da10f2d1
uboot-mediatek: update to 2021.10
U-Boot 2021.10 has been released.
Rebase mediatek patches on top of new release and remove some patches
which have been merged upstream.

Tested on Bananapi BPi-R2 (mt7623), Bananapi BPi-R64 (mt7622) and
Linksys E8450 (mt7622).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-04 20:46:30 +01:00
Paul Fertser
ed7769aa40 dnsmasq: add explicit "set:" for client-matching options
Bring the usage in line with the dnsmasq man page and the other options
where set: is mandatory.

No functional change.

Signed-off-by: Paul Fertser <fercerpav@gmail.com>
2021-10-03 21:48:16 +02:00
Adrian Schmutzler
53d19bb8cf treewide: use AUTORELEASE on all uboot-* packages
Nobody ever updates PKG_RELEASE when changing devices or setup in
the various uboot-* packages. Use $(AUTORELEASE) so we still have
proper versioning there.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-10-02 21:26:12 +02:00
Rafał Miłecki
c4d5e60f61 bcm4908img: detect Linksys images
Linksys uses an extra 0x100 bytes long tail for BCM4908 images.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-10-02 20:26:42 +02:00
Rafał Miłecki
063038bcef bcm4908img: store offset of tail data
This simplifies some operations as it doesn't have to be caculated over
and over. It will also allow adding support for more vendor formats.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-10-02 20:26:42 +02:00
Robert Marko
78cf3e53b1 mvebu: add Globalscale MOCHAbin
Globalscale MOCHAbin is a Armada 7040 based development board.

Specifications:
* Armada 7040 Quad core ARMv8 Cortex A-72 @ 1.4GHz
* 2 / 4 / 8 GB of DDR4 DRAM
* 16 GB eMMC
* 4MB SPI-NOR (Bootloader)
* 1x M.2-2280 B-key socket (for SSD expansion, SATA3 only)
* 1x M.2-2250 B-key socket (for modems, USB2.0 and I2C only)
* 1x Mini-PCIe 3.0 (x1, USB2.0 and I2C)
* 1x SATA 7+15 socket (SATA3)
* 1x 16-pin (2×8) MikroBus Connector
* 1x SIM card slot (Connected to the mini-PCIe and both M.2 slots)
* 2x USB3.0 Type-A ports via SMSC USB5434B hub
* Cortex 2x5 JTAG
* microUSB port for UART (PL2303GL/PL2303SA onboard)
* 1x 10G SFP+
* 1x 1G SFP (Connected to 88E1512 PHY)
* 1x 1G RJ45 with PoE PD (Connected to 88E1512 PHY)
* 4x 1G RJ45 ports via Topaz 88E6141 switch
* RTC with battery holder (SoC provided, requires CR2032 battery)
* 1x 12V DC IN
* 1x Power switch
* 1x 12V fan header (3-pin, power only)
* 1x mini-PCIe LED header (2x0.1" pins)
* 1x M.2-2280 LED header (2x0.1" pins)
* 6x Bootstrap jumpers
* 1x Power LED (Green)
* 3x Tri-color RGB LEDs (Controllable)
* 1x Microchip ATECC608B secure element

Note that 1G SFP and 1G WAN cannot be used at the same time as they are in
parallel connected to the same PHY.

Installation:

Copy dtb from build_dir to bin/ and run tftpserver there:
$ cp ./build_dir/target-aarch64_cortex-a72_musl/linux-mvebu_cortexa72/image-armada-7040-mochabin.dtb bin/targets/mvebu/cortexa72/
$ in.tftpd -L -s bin/targets/mvebu/cortexa72/

Connect to the device UART via microUSB port and power on the device.

Power on the device and hit any key to stop the autoboot.

Set serverip (host IP) and ipaddr (any free IP address on the same subnet), e.g:
$ setenv serverip 192.168.1.10 # Host
$ setenv ipaddr 192.168.1.15 # Device

Set the ethernet device (Example for the 1G WAN):
$ setenv ethact mvpp2-2

Ping server to confirm network is working:
$ ping $serverip
Using mvpp2-2 device
host 192.168.1.15 is alive

Tftpboot the firmware:
$ tftpboot $kernel_addr_r openwrt-mvebu-cortexa72-globalscale_mochabin-initramfs-kernel.bin
$ tftpboot $fdt_addr_r image-armada-7040-mochabin.dtb

Boot the image:
$ booti $kernel_addr_r - $fdt_addr_r

Once the initramfs is booted, transfer openwrt-mvebu-cortexa72-globalscale_mochabin-squashfs-sdcard.img.gz
to /tmp dir on the device.

Gunzip and dd the image:
$ gunzip /tmp/openwrt-mvebu-cortexa72-globalscale_mochabin-squashfs-sdcard.img.gz
$ dd if=/tmp/openwrt-mvebu-cortexa72-globalscale_mochabin-squashfs-sdcard.img of=/dev/mmcblk0 && sync

Reboot the device.

Hit any key to stop the autoboot.

Reset U-boot env and set the bootcmd:
$ env default -a
$ setenv bootcmd 'load mmc 0 ${loadaddr} boot.scr && source ${loadaddr}'

Optionally I would advise to edit the console env variable to remove earlycon as that
causes the kernel to never use the driver for the serial console.
Earlycon should be used only for debugging before the kernel can configure the console
and will otherwise cause various issues with the console.

$ setenv console 'console=ttyS0,115200'

Save and reset
$ saveenv
$ reset

OpenWrt should boot from eMMC now.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2021-10-02 16:45:35 +02:00
Alan Swanson
8db6410492 uboot-lantiq: fix sha1.h header clash when system libmd installed
Backport of u-boot commit "includes: move openssl headers to include/u-boot"
2b9912e6a7

Fixes: FS#3955
Signed-off-by: Alan Swanson <reiver@improbability.net>
2021-10-02 13:33:46 +02:00
Daniel Golle
454e411a77 uboot-mediatek: fix and make use of LEDs on BPi-R2
Fix BPi-R2 GPIO LEDs to indicate boot into production or recovery
firmware in DTS and define them in default environment.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-09-30 22:49:55 +01:00
Felix Fietkau
fa13dd658f netifd: update to the latest version
186f6eaeba70 wireless: display log messages for setup/teardown/retry
fac471c4934a wireless: process and close script file descriptor when rerunning setup
62e2bb56f48e main: poll process log stream even if processes are killed
0e311d3f2d1a wireless: reset number of retries on config change
e467e0ff44c0 wireless: reset retry counter when setup succeeds
448ffc154fe7 wireless: fix index for stations

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-30 11:33:37 +02:00
Felix Fietkau
42dda0ed3e mac80211: allow retry of wifi setup if an iw interface add command fails
In some cases, spurious failures might be cleared by teardown and retry

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-30 11:33:37 +02:00
Rosen Penev
585cef5f1a cryptodev-linux: update to 1.12
Remove upstream backport.

Use AUTORELEASE for simplicity.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-29 22:56:59 +02:00
Stijn Tintel
0e30276632 kernel: add missing symbol to kmod-kvm
Even though TRACEPOINTS is not enabled in my kernel config, my build
fails due to KVM_MMU_AUDIT being missing. Add this symbol to kmod-kvm to
fix this.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-09-29 19:17:55 +03:00
Stijn Tintel
73a2570fa0 kernel: order kmod-kvm symbols alphabetically
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-09-29 19:17:55 +03:00
Felix Fietkau
9c3b1d5563 netifd: update to the latest version
4d0c2ad3fd26 wireless: fix applying wireless devices attributes on hotplug events

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-28 14:27:34 +02:00
Felix Fietkau
6cd54254e4 netifd: update to the latest version
5a4ac30c7a15 netifd: rework/fix device free handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-27 19:00:28 +02:00
Felix Fietkau
2bfac61483 mac80211: backport support for BSS color changes
This is needed for an upcoming mt76 update

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-25 09:38:37 +02:00
Jesus Fernandez Manzano
5269c47e8d hostapd: fix segfault when deinit mesh ifaces
In hostapd_ubus_add_bss(), ubus objects are not registered for mesh
interfaces. This provokes a segfault when accessing the ubus object in
mesh deinit.

This commit adds the same condition to hostapd_ubus_free_bss() for
discarding those mesh interfaces.

Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
2021-09-24 12:32:19 +02:00
Paul Spooren
70543aafb2 base-files: reduce number of mkdir calls
The `mkdir` commands supports passing multiple arguments to batch create
multiple folders, instead of calling the tool every single time.

If the creation of one of the folders fails, all other folder are still
created and therefore doesn't change the error handling.

Also stop creating `/etc/` explicitly after subfolders of `/etc/` were
already created.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-09-23 21:40:52 -10:00
Paul Spooren
9c331a6a91 base-files: reduce sed calls
The `sed`-script shouldn't be called multiple times, especially not with
the same files.

This commit merges all files together in a single `sed`-script call.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-09-23 21:39:46 -10:00
Rosen Penev
67cd648fa2 restool: add back PKG_VERSION
For some reason, the build system chops off the last number from the version,
which is not correct. Add it back.

Update hash.

Fixes: 96c7164acd ("restool: update to LSDK-20.12")

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[add Fixes]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-09-23 23:20:42 +02:00
Sven Eckelmann
8b09070820 ipq-wifi: Work around Plasma Cloud PA1200 5GHz crash
It was noticed [1] that the ath10k firmware crashes on 5GHz since OpenWrt
21.02.0. The problem seems to be triggered by the the nonLinearTxFir field
in the 5GHz BDF. If baseEepHeader.nonLinearTxFir (offset 0xc2) is 1 then
the firmware just crashes when setting up the 5Ghz radio using `ifconfig
wlan1 up`:

  ath10k_ahb a800000.wifi: firmware crashed! (guid 9e36ee82-4d2c-4c63-b20b-609a1eaca30c)
  ath10k_ahb a800000.wifi: qca4019 hw1.0 target 0x01000000 chip_id 0x003b00ff sub 0000:0000
  ath10k_ahb a800000.wifi: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0
  ath10k_ahb a800000.wifi: firmware ver 10.4-3.6-00140 api 5 features no-p2p,mfp,peer-flow-ctrl,btcoex-param,allows-mesh-bcast,no-ps crc32 ba79b746
  ath10k_ahb a800000.wifi: board_file api 2 bmi_id 0:17 crc32 5f400efc
  ath10k_ahb a800000.wifi: htt-ver 2.2 wmi-op 6 htt-op 4 cal pre-cal-file max-sta 512 raw 0 hwcrypto 1
  ath10k_ahb a800000.wifi: firmware register dump:
  ath10k_ahb a800000.wifi: [00]: 0x0000000B 0x000015B3 0x009C3C27 0x00975B31
  ath10k_ahb a800000.wifi: [04]: 0x009C3C27 0x00060530 0x00000018 0x004176B8
  ath10k_ahb a800000.wifi: [08]: 0x00405A50 0x00412A30 0x00000000 0x00000000
  ath10k_ahb a800000.wifi: [12]: 0x00000009 0x00000000 0x009B9742 0x009B974F
  ath10k_ahb a800000.wifi: [16]: 0x00971238 0x009B9742 0x00000000 0x00000000
  ath10k_ahb a800000.wifi: [20]: 0x409C3C27 0x004053DC 0x00000D2C 0x00405A60
  ath10k_ahb a800000.wifi: [24]: 0x809C3E13 0x0040543C 0x00000000 0xC09C3C27
  ath10k_ahb a800000.wifi: [28]: 0x809B9AC5 0x0040547C 0x00412A30 0x0040549C
  ath10k_ahb a800000.wifi: [32]: 0x809B8ECD 0x0040549C 0x00000001 0x00412A30
  ath10k_ahb a800000.wifi: [36]: 0x809B8FF3 0x004054CC 0x00412838 0x00000014
  ath10k_ahb a800000.wifi: [40]: 0x809BEF98 0x0040551C 0x0041627C 0x00000002
  ath10k_ahb a800000.wifi: [44]: 0x80986D47 0x0040553C 0x0041627C 0x00416A88
  ath10k_ahb a800000.wifi: [48]: 0x809CBB0A 0x0040559C 0x0041ACC0 0x00000000
  ath10k_ahb a800000.wifi: [52]: 0x809864EE 0x0040560C 0x0041ACC0 0x00000001
  ath10k_ahb a800000.wifi: [56]: 0x809CA8A4 0x0040564C 0x0041ACC0 0x00000001
  ath10k_ahb a800000.wifi: Copy Engine register dump:
  ath10k_ahb a800000.wifi: [00]: 0x0004a000  14  14   3   3
  ath10k_ahb a800000.wifi: [01]: 0x0004a400  16  16  22  23
  ath10k_ahb a800000.wifi: [02]: 0x0004a800   3   3   2   3
  ath10k_ahb a800000.wifi: [03]: 0x0004ac00  15  15  15  15
  ath10k_ahb a800000.wifi: [04]: 0x0004b000   4   4  44   4
  ath10k_ahb a800000.wifi: [05]: 0x0004b400   3   3   2   3
  ath10k_ahb a800000.wifi: [06]: 0x0004b800   1   1   1   1
  ath10k_ahb a800000.wifi: [07]: 0x0004bc00   1   1   1   1
  ath10k_ahb a800000.wifi: [08]: 0x0004c000   0   0 127   0
  ath10k_ahb a800000.wifi: [09]: 0x0004c400   0   0   0   0
  ath10k_ahb a800000.wifi: [10]: 0x0004c800   0   0   0   0
  ath10k_ahb a800000.wifi: [11]: 0x0004cc00   0   0   0   0
  ath10k_ahb a800000.wifi: failed to update channel list: -108
  ath10k_ahb a800000.wifi: failed to set pdev regdomain: -108
  ath10k_ahb a800000.wifi: failed to create WMI vdev 0: -108
  ieee80211 phy1: Hardware restart was requested

Since no actual solution is known (besides downgrading the ath10k firmware)
it seems to be better to disable the nonLinearTxFir for now.

[1] https://lore.kernel.org/ath10k/3423718.UToCqzeSYe@ripper/

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2021-09-23 20:50:58 +02:00
Sven Eckelmann
e0721608f9 ipq-wifi: Update Plasma Cloud PA1200 BDFs to firmware 3.5.12
The official Plasma Cloud firmware adjusted the BDFs to contain new
conformance test limits and target power values. These should be imported
to avoid emissions outside the allowed limits.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2021-09-23 20:50:58 +02:00
Timo Sigurdsson
f83e927b87 fstools: ensure filesystems are mounted before log service starts
Currently, the fstab service starts after the log service which breaks
the ability to write a persistent log file to a filesystem mounted by
the fstab service. Thus, change the start order of the fstab service so
it starts right before the log service.

Fixes: b131853 ("ubox: update to latest git revision")
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
[set to 11 to be explicitly before log, not only alphabetically, SPDX]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-09-22 16:49:10 -10:00
Hauke Mehrtens
97bc59a5c0 mac80211: Update to backports-5.10.68
Refresh all patches.
The removed patches were integrated upstream.

This contains fixes for CVE-2020-3702

1. These patches (ath, ath9k, mac80211)  were included in kernel
versions since 4.14.245 and 4.19.205. They fix security vulnerability
CVE-2020-3702 [1] similar to KrØØk, which was found by ESET [2].

Thank you Josef Schlehofer for reporting this problem.

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-3702
[2] https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-22 22:24:00 +02:00
Rosen Penev
f84b513266 bpftools: fix compilation with musl 1.2.x
A definition for __maybe_inline is needed.

Refreshed patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-22 19:04:02 +02:00
Rosen Penev
50773c5c98 tfp-layerscape: update to LSDK-20.12
Fixes compilation with GCC11.

Kept PKG_VERSION as there's some bug that chops off the 12 at the end.

Refreshed other patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-21 21:39:01 -10:00
Rosen Penev
96c7164acd restool: update to LSDK-20.12
Fixes compilation with both GCC 10 and 11.

Switched to AUTORELEASE for simplicity.

Removed PKG_VERSION as it's derived from PKG_SOURCE_VERSION.

Removed all patches as they are upstream backports.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-09-21 21:39:01 -10:00
David Lam
6a2f516d55 6rd: delete tunnel on interface teardown
Delete tunnel on 6rd interface teardown.
Should solve problem related to tunnel stuck on restart loop
with "Unknown Command" on tunnel restart due to wan connection drop.

This patch is similar to the one written by Ansuel on Aug 2, 2021
but the 6rd teardown produces the same symptoms when the network
service is restarted.

Signed-off-by: David Lam <david@thedavid.net>
2021-09-22 01:45:33 +03:00
Kuan-Yi Li
b62a4cfc93 restool: fix compilation with GCC 10
GCC 10 defaults to `-fno-common` and complains about multiple definition
of `mc_status` in restool.

Backport a patch from upstream to fix compilation with host GCC 10.

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2021-09-21 21:07:55 +03:00
Felix Fietkau
17d19a7d43 hostapd: let netifd set bridge port attributes for snooping
Avoids race conditions on bridge member add/remove

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-21 19:43:20 +02:00
Felix Fietkau
ef24475658 ustp: update to the latest version
c62d85cf7a0d bridge: check port bpdu filter status and apply it to the config
25555611be91 libnetlink: turn rtnetlink error answers into debug msgs
462b3a491347 build: use pthread cflags/ldflags

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-21 19:43:20 +02:00
Felix Fietkau
c0d77852a7 netifd: update to the latest version
d590fbd255ce wireless: always enable bpdu filter for AP interfaces and VLANs
f8ff6d820283 system-linux: remove copy&paste from /proc and /sys path names
300b1220fab3 wireless: improve reliability of proxyarp support
5ba9744aac6d device: add support for configuring bonding devices
6fa9b042ff4d wireless: only apply wireless device attributes to the base vif interface
06d11bbf1f2b wireless: only enable proxyarp/isolate for AP vifs
08e954e137ff bonding: claim the port device before creating the bonding device

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-21 19:43:20 +02:00
Hauke Mehrtens
309c8b4902 arm-trusted-firmware-mvebu: Add hash for aarch64 cm3-gcc
This adds the hash also for the aarch64 toolchain in addition to the
x86_64 toolchain. This gets the build on a Linux aarch64 host one step
further.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-20 15:59:47 +02:00
Hans Dedecker
f413e4835e iproute2: update to 5.14
Update iproute2 to latest stable 5.14; for the changes see https://lwn.net/Articles/867940/

Refresh patches

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2021-09-18 20:59:31 +02:00
Daniel Golle
10df8ffcdf
procd: update to git HEAD
8a60e7e trace: don't leak file descriptor in error path
 68df9ac procd: fix container deletion
 f16abe0 uxc: add JSON output option for 'list' command
 a23c888 jail: prepare for adding process to existing namespace
 50da8a4 instance: allow jailed service to join namespace(s)
 482d1ab Revert "jail: do not hack /etc/resolv.conf on container rootfs"
 1eb4371 jail: start ubus and netifd instances for container with netns

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-09-15 21:47:32 +01:00
sean lee
23e4d90b61 arm-trusted-firmware-mvebu: CZ.NIC's Secure Firmware bump to v2021.09.07
bump version and remove patches that have been applied

176d701 wtmi: Wait 1s after putting PHYs INTn pin low
2eeccfe wtmi: Change comment describing reset workaround
e8c94a5 wtmi: Count RAM size from both CS0 and CS1
995979e wtmi: Rename macro
e29eb29 wtmi: soc: Fix start_ap_workaround() for TF-A with debug
81245ed wtmi: Use constant name PLAT_MARVELL_MAILBOX_BASE
18ccb83 wtmi: Do a proper UART reset with clock change as described in spec
15ff106 avs: Validate VDD value from OTP
3f33626 fix: clock: a3700: change pwm clock for 600/600 and 1200/750 preset
fb5e436 wtmi: uart: fix UART baudrate divisor calculation

Signed-off-by: sean lee <ilf@live.com>
2021-09-15 16:43:10 +02:00
Etan Kissling
02a2b44eab dnsmasq: add config option for connmark DNS filtering
This adds uci support to configure connmark based DNS filtering.

Signed-off-by: Etan Kissling <etan_kissling@apple.com>
(imported from upstream mailing list
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/015151.html)
Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
2021-09-14 20:56:20 +02:00
Etan Kissling
d2d0044ebf dnsmasq: Update to version 2.86
Summary of upstream CHANGELOG:
* Handle DHCPREBIND requests in the DHCPv6 server code.
* Fix bug which caused dnsmasq to lose track of processes forked.
* Major rewrite of the DNS server and domain handling code.
* Revise resource handling for number of concurrent DNS queries.
* Improve efficiency of DNSSEC.
* Connection track mark based DNS query filtering.
* Allow smaller than 64 prefix lengths in synth-domain.
* Make domains generated by --synth-domain appear in replies
  when in authoritative mode.
* Ensure CAP_NET_ADMIN capability is available when
  conntrack is configured.
* When --dhcp-hostsfile --dhcp-optsfile and --addn-hosts are
  given a directory as argument, define the order in which
  files within that directory are read.
* Support some wildcard matching of input tags to --tag-if.

Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
2021-09-14 20:38:59 +02:00
Ivan Pavlov
7d92bb0509 wolfssl: update to 4.8.1-stable
Changes from 4.7.0:
  Fix one high (OCSP verification issue) and two low vulnerabilities
  Improve compatibility layer
  Other improvements and fixes

For detailed changes refer to https://github.com/wolfSSL/wolfssl/releases

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
2021-09-13 18:36:15 +02:00
Soma Zambelly
c5b44af2fc realtek: add ZyXEL GS1900-24HPv2 support
The ZyXEL GS1900-24HPv2 is a 24 port PoE switch with two SFP ports, similar to the other GS1900 switches.

Specifications
--------------
* Device:    ZyXEL GS1900-24HPv2
* SoC:       Realtek RTL8382M 500 MHz MIPS 4KEc
* Flash:     16 MiB
* RAM:       W631GG8MB-12 128 MiB DDR3 SDRAM
             (stock firmware is configured to use only 64 MiB)
* Ethernet:  24x 10/100/1000 Mbps, 2x SFP 100/1000 Mbps
* LEDs:      1 PWR LED (green, not configurable)
             1 SYS LED (green, configurable)
             24 ethernet port link/activity LEDs (green, SoC controlled)
             24 ethernet port PoE status LEDs
             2 SFP status/activity LEDs (green, SoC controlled)
* Buttons:   1 "RESTORE" button on front panel
             1 "RESET" button on front panel
* Power      120-240V AC C13
* UART:      1 serial header (J41) with populated standard pin connector on
             the left edge of the PCB, angled towards the side.
             The casing has a rectangular cutout on the side that provides
             external access to these pins.
             Pinout (front to back):
             + GND
             + TX
             + RX
             + VCC

Serial connection parameters for both devices: 115200 8N1.

Installation
------------

OEM upgrade method:

(Possible on master once https://patchwork.ozlabs.org/project/openwrt/patch/20210624210408.19248-1-bjorn@mork.no/ is merged)

* Log in to OEM management web interface
* Navigate to Maintenance > Firmware > Management
* If "Active Image" has the first option selected, OpenWrt will need to be
  flashed to the "Active" partition. If the second option is selected,
  OpenWrt will need to be flashed to the "Backup" partition.
* Navigate to Maintenance > Firmware > Upload
* Upload the openwrt-realtek-generic-zyxel_gs1900-24hp-v2-initramfs-kernel.bin
  file by your preferred method to the previously determined partition.
  When prompted, select to boot from the newly flashed image, and reboot the switch.
* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:
   > sysupgrade -n /tmp/openwrt-realtek-generic-zyxel_gs1900-24hp-v2-squashfs-sysupgrade.bin
   it may be necessary to restart the network (/etc/init.d/network restart) on
   the running initramfs image.

U-Boot TFTP method:

* Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10).
* Set up a TFTP server on your client and make it serve the initramfs image.
* Connect serial, power up the switch, interrupt U-boot by hitting the
  space bar, and enable the network:
   > rtk network on
* Since the GS1900-24HPv2 is a dual-partition device, you want to keep the OEM
  firmware on the backup partition for the time being. OpenWrt can only boot
  from the first partition anyway (hardcoded in the DTS). To make sure we are
  manipulating the first partition, issue the following commands:
  > setsys bootpartition 0
  > savesys
* Download the image onto the device and boot from it:
   > tftpboot 0x84f00000 192.168.1.10:openwrt-realtek-generic-zyxel_gs1900-24hp-v2-initramfs-kernel.bin
   > bootm
* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:
   > sysupgrade -n /tmp/openwrt-realtek-generic-zyxel_gs1900-24hp-v2-squashfs-sysupgrade.bin
   it may be necessary to restart the network (/etc/init.d/network restart) on
   the running initramfs image.

Signed-off-by: Soma Zambelly <zambelly.soma@gmail.com>
2021-09-13 18:36:15 +02:00
Christian Pointner
bd74bc9013 kernel: add package kmod-iio-ads1015 and remove kmod-hwmon-ads1015
The hwmon driver for the ADC ADS1015 has been removed in Linux 5.4 in
favor of a driver in the iio system. For details see:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2c9d5b5e

This fixes: https://bugs.openwrt.org/index.php?do=details&task_id=4005

Run-tested: ramips/mt76x8 (Onion Omega 2+)

Signed-off-by: Christian Pointner <equinox@spreadspace.org>
2021-09-13 17:11:50 +02:00
Sven Eckelmann
ebe800765e ipq-wifi: Drop empty wifi package for Netgear WAC510
The ipq-wifi-netgear_wac510 package is not selected by any device and would
be empty anyway. The default board-2.bin from ath10k-board-qca4019 is
therefore used for this device and the package doesn't provide any visible
features.

Fixes: b126d9c3a3 ("ipq40xx: add netgear wac510 support")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2021-09-12 18:52:30 +02:00
Roman Yeryomin
edd53df168 iproute2: m_xt.so depends on dynsyms.list
When doing parallel build on a fast machine with bottleneck in i/o,
m_xt.so may start linking faster than dynsyms.list gets populated,
resulting in error:

ld:dynsyms.list:0: syntax error in dynamic list

Fix this by adding dynsyms.list as make dependency to m_xt.so
Described also here:
https://bugs.openwrt.org/index.php?do=details&task_id=3353

Change from v1:
- add dynsysms.list dependancy only when shared libs are enabled

Signed-off-by: Roman Yeryomin <roman@advem.lv>
Fixes: FS#3353
2021-09-09 21:13:42 +02:00
Felix Fietkau
6f2044c2d7 mac80211: revert faulty change that was breaking broadcast tx
Fixes: 0f6887972a ("mac80211: add missing change for encap offload on devices with sw rate control")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-09-06 12:01:42 +02:00
Andrea Poletti
de0c380a5f ramips: add support for Sitecom WLR-4100 v1 002
Sitecom WLR-4100 v1 002 (marked as X4 N300) is a wireless router
Specification:
SoC: MT7620A
RAM: 64 MB DDR2
Flash: MX25L6405D SPI NOR 8 MB
WIFI: 2.4 GHz integrated
Ethernet: 5x 10/100/1000 Mbps QCA8337
USB: 1x 2.0
LEDS: 2x GPIO controlled, 5x switch
Buttons: 1x GPIO controlled
UART: row of 4 unpopulated holes near USB port, starting count from
      white triangle on PCB:

    VCC 3.3V
    GND
    TX
    RX

    baud: 115200, parity: none, flow control: none

Installation

    Connect to one of LAN (yellow) ethernet ports,
    Open router configuration interface,
    Go to Toolbox > Firmware,
    Browse for OpenWrt factory image with dlf extension and hit Apply,
    Wait few minutes, after the Power LED will stop blinking, the router is
    ready for configuration.

Known issues
Some USB 2.0 devices work at full speed mode 1.1 only

MAC addresses

factory partition only contains one (binary) MAC address in 0x4.
u-boot-env contains four (ascii) MAC addresses, of which two appear
to be valid.

  factory     0x4       **:**:**:**:b9:84  binary
  u-boot-env  ethaddr   **:**:**:**:b9:84  ascii
  u-boot-env  wanaddr   **:**:**:**:b9:85  ascii
  u-boot-env  wlanaddr  00:AA:BB:CC:DD:12  ascii
  u-boot-env  iNICaddr  00:AA:BB:CC:DD:22  ascii

The factory firmware only assigns ethaddr. Thus, we take the
binary value which we can use directly in DTS.

Additional information
OEM firmware shell password is: SitecomSenao
useful for creating backup of original firmware.
There is also another revision of this device (v1 001), based on RT3352 SoC

Signed-off-by: Andrea Poletti <polex73@yahoo.it>
[remove config DT label, convert to nvmem, remove MAC address
 setup from u-boot-env, add MAC address info to commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-09-05 23:52:35 +02:00
Hannu Nyman
b6cbbbb6ef busybox: update to version 1.34.0
Update busybox to version 1.34.0

* Remove upstreamed patches (205, 530, 540)

* Remove one old patch that does not apply any more. (203)
  That was originally introduced in 2008 with 563d23459,
  but does not apply after busybox restructuring with
  https://git.busybox.net/busybox/commit/networking/udhcp/dhcpc.c?h=1_34_stable&id=e6007c4911c3ea26925f9473b9f156a692585f30
  and
  https://git.busybox.net/busybox/commit/networking/udhcp/dhcpc.c?h=1_34_stable&id=1c7253726fcbab09917f143f0b703efbd2df55c3

* Refresh config and patches.

* Backport upstream fixes for
   - MIPS compilation breakage and
   - process substitution regression

Config refresh:

Refresh commands, run after busybox is first built once:

cd utils/busybox/
cd config/
../convert_menuconfig.pl ../../../../build_dir/target-aarch64_cortex-a53_musl/busybox-default/busybox-1.34.0
cd ..
./convert_defaults.pl < ../../../build_dir/target-aarch64_cortex-a53_musl/busybox-default/busybox-1.34.0/.config > Config-defaults.in

Manual edits needed afterward:

* Config-defaults.in:  OpenWrt config symbol IPV6 logic applied to
  BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in:  OpenWrt configTARGET_bcm53xx logic applied to
  BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* Config-defaults.in:  OpenWrt logic applied to
  BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)
  BUSYBOX_DEFAULT_UDHCPC_DEFAULT_INTERFACE (just "")
* config/editors/Config.in: Add USE_GLIBC dependency to
  BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* config/shell/Config.in : change at "Options common to all shells"  the symbol
  SHELL_ASH  -->  BUSYBOX_CONFIG_SHELL_ASH
   (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
     Apparently our script does not see the hidden option while
     prepending config options with "BUSYBOX_CONFIG_" which leads to a
     missed dependency when the options are later evaluated.)
* Edit Config.in files by adding quotes to sourced items in
  config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2021-09-04 21:05:26 +02:00
Jo-Philipp Wich
9e9057f416 ucode: update to latest Git HEAD
929c862 vm: fix toplevel function call protocol
8f34d70 fs: fix chown() and rename() error return values
03ca445 tests: disable fuzz tests for now
3b1be3d types: mark further GC roots
d49af4e types: fix comparison of differently signed integers
c79ff39 types: handle conversion errors when dealing with negative error indexes
3315b1f types: allow negative array indexes
d5b25f9 treewide: harmonize function naming
cc4ce8d module: remove unused defines
f5d7526 examples: add libucode usage examples
559eff2 types, vm: adjust GC api
e5e7e62 treewide: move header files into dedicated directory
ff6168a build: install header files
7e6ce0f main: introduce new flag `-x` to allow disabling specific functions
b1817b3 vm: fix invalid memory access on GC'ing uninitialized VM context
498fe87 main: refactor option parsing and VM setup
ff52440 treewide: consolidate typedef naming
1d60418 vm: add API to control trace mode
48f33ad vm: make root exception handler configurable
0f69f09 vm: fix invalid memory access on toplevel function calls
6bcc318 vm: fix handling exceptions in top-level function calls
4ae0568 lib, vm: reimplement exit() as exception type
2f77657 vm: extend API to allow returning result value from VM execution
111645a vm: remove module preloading logic
38ff6de main: preload modules ourselves
d5bc223 vm: add uc_vm_invoke() helper
ef0baf1 vm: cosmetic fix for outputting exceptions without source context
b11a2fa vm: move global scope allocation into uc_vm_init()
900b2a3 vm: add getter and setter for vm globals scope
0179576 lib: rename uc_add_proto_functions() to uc_add_functions()
98b9c84 lib: expose stdlib function array
1adfba0 treewide: eliminate dead code and unused functions
3974e71 treewide: replace a number of unnecessary type casts
bf85226 treewide: move ressource type registry into vm instance
e2b3d2e build: split into libucode and ucode cli
dad8f3a types: properly deal with circular data in GC mark phase
62dbd64 lexer: rename UT_ prefixed constants to UC_
bc8e465 types: fix wrong assert() on tearing down object trees
853b9f1 vm: fix potential invalid memory access in uc_vm_get_error_context()
6f05cdd lib: fix refcount imbalance in uc_require_path()
96f140b lib, vm: ensure that require() compiles modules only once
df5db5f compiler: don't segfault on invalid declaration expressions
a97c7a1 lexer: transition into EOF state on unrecognized character
2a838d1 compiler: improve mapping of binary operator tokens to instructions
9872f65 vm: add support for I_LE and I_GE instructions
4e410c3 treewide: let uc_cmp() use instruction instead of token numbers
ce6081d lexer, vm: reorder token and instruction numbers
234a4f6 lib: implement b64enc() and b64dec() functions
856a0c0 lib: only consider context of calling function for callbacks
86fb130 lib: implement min() and max() functions
3e893e6 lib: pass-through "this" context to library function callbacks
42de7ab lib: implement `sourcepath()` function
05c80a7 lib: fix negative uc_index() return value on 32bit systems
9874562 lexer: implement raw code mode
3b665c8 lexer: drop value union from keyword table
44354cf lexer, compiler: separate TK_BOOL token into TK_TRUE and TK_FALSE tokens
5879bdf syntax: drop Infinity and NaN keywords
d4edadc lib: rename uc_lib_init() to uc_load_stdlib()
d81bad7 main, lib: move allocation of globals object into lib function
c4f4b38 main: simplify REQUIRE_SEARCH_PATH initialization
54ca3aa types: fix uninitialized memory on setting non-contiguous array indexes
cbc0d78 build: let require search patch default to CMAKE_INSTALL_PREFIX
5714705 syntax: introduce `const` support
ed32c42 compiler, lexer: add NO_LEGACY define to disable legacy syntax features
ff6811f syntax: implement `delete` as proper operator
5803d86 lib: implement wildcard() function
dfb7379 fs: implement chmod(), chown(), rename() and glob() functions
1ddf5b6 lexer: skip interpreter line in any source buffer
9951a00 build: lower minimum required CMake version to v3.13
7b81ab2 main: expose argv as global ARGV array to ucode scripts
7283a70 tests: rename misnamed testcases for consistency
3f80116 compiler: fix local for-loop initializer variable declarations
f20b56f compiler: properly parse slashes in parenthesized division expressions
5c4e1ea lib: implement regexp(), a function to construct regexp instances at runtime
e546bba lib: implement render(), an include variant capturing output in a string
0cb10c6 vm: implement mechanism to change output file descriptor
eb8a64d lib: fix uc_sort()
f1ffc9f vm: truncate long values after 60 chars in trace output
850612f compiler: properly handle break/continue in nested scopes
f0a9875 compiler: properly handle keyword in parenthesized property access expression
1660433 compiler: fix stack mismatch on compiling `use strict` statements
a36e0df syntax: implement support for 'use strict' pragma
827a34a vm, compiler: get rid of unused struct members
594cdf3 lib: implement assert()
c4d1648 lib: add support for pretty printing JSON to printf() and sprintf()
f2eaea3 lib: gracefully handle truncated format strings in uc_printf_common()
02629b8 lexer: fix infinite loop on parsing unterminated comments
2bc9bac lexer: fix infinite loop on parsing unterminated expression blocks
f73e201 lexer: fix infinite loop when parsing regexp literal at EOF
86b4863 compiler: fix segfault on parsing invalid pre/post increment expressions
0e24509 lib: fix reporting source context lines at EOF
e66b2ad compiler, lexer: improve lexical state handling
e29b574 lib: fix uc_split() quirks
64eec7f treewide: ISO C / pedantic compliance
4af803d build: output error messages on test failures
9ef693e vm: improve context for early errors
6def9fc tests: pass ucode library path through environment
d5dd183 treewide: address various sign-compare warnings
28825ac types: support creating ressource values without associated type
9c5106a types: fix potential memory leaks and null pointer accesses
c51934a types: fix potential leak of key in ucv_object_add()
7b28727 main: fix ineffective EOF check in parse()
4cf897c lib: uc_system(): fix invalid free() of non-heap memory
35af4ba treewide: rework internal data type system
f2c4b79 treewide: fix issues reported by clang code analyzer
93ededb tests: allow executing run_tests.sh from any directory
0e4a387 Add initial GitLab and GitHub CI support
df73b25 tests: add more tests
41d33d0 tests: custom: return exit code if tests fails
1c548a6 cmake: do not output binaries into lib directory
2b59097 tests: create custom tests from current tests cases
8039361 main: provide just binary name in help output
778e4f7 lexer: fix incomplete struct initializers
502ecdc cmake: enable extra compiler checks
3c2aeff cmake: fix includes and libraries
617a114 cmake: make 3.0 minimum version
f360350 lib: implement sleep(ms) function
7f0ff91 lib: allow parsing non-array, non-object value in json()

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-09-01 15:40:27 +02:00