Commit Graph

48745 Commits

Author SHA1 Message Date
Bjoern Dobe
d38d345c72 ath79: mikrotik: use base mac on lan for RBwAPG-5HacT2HnD
The Mikrotik RBwAPG-5HacT2HnD has only a single ethernet interface
(lan), and the vendor uses the base (label) MAC address for it.

Signed-off-by: Bjoern Dobe <bjoern@dobecom.de>
[commit title/message improvement]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-25 22:01:34 +02:00
Sungbo Eo
ab78694fe8 treewide: rename POWER_ON_STRIP register
AR8327 datasheet[1] calls the register at address 0x0010
"Power-on Strapping Register". As it has nothing to do with "strip",
let's rename it to "POWER_ON_STRAP" to make it easier to grasp.

[1] https://lafibre.info/images/doc/201106_spec_AR8327.pdf

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2020-07-25 21:50:50 +02:00
John Thomson
8484d6da1e ramips: remove non-existant poe_passthrough for RouterBOARD 750Gr3
This 750gr3 GPIO17 switch was added based on vendor source,
but only the 760iGS (which shares the rbsysfs board identifier)
device has the physical wiring. The 750Gr3 actually does not
support PoE out.

Apart from that, note that the gpio base (480) would have required
this GPIO to be referenced as 497 if it was kept.

Fixes: 6ba58b7b02 ("ramips: cleanup the RB750Gr3 support")

Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
[commit title/message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-25 21:41:07 +02:00
Davide Fioravanti
92780d80ab ramips: add support for Winstars WS-WN583A6
The Winstars WS-WN583A6 is a wireless repeater with 2 gigabit ethernet
ports. Even if mine is branded as "Gemeita AC2100", the sticker on the
back says WS-WN583A6. So I will refer to it as Winstars WS-WN583A6.
Probably the real product name is the Wavlink WL-WN583A6 because of
the many references to Wavlink in the OEM firmware and bootlog.

Hardware
--------
SoC:   Mediatek MT7621AT (880 MHz, 2 cores 4 threads)
RAM:   128MB
FLASH: 8MB NOR (GigaDevice GD25Q64B)
ETH:   2x 10/100/1000 Mbps Ethernet (MT7530)
WIFI:
  - 2.4GHz: 1x MT7603E (2x2:2)
  - 5GHz:   1x MT7615E (4x4:4)
  - 6 internal antennas
BTN:
  - 1x Reset button
  - 1x WPS button
  - 1x ON/OFF switch (working but unmodifiable)
  - 1x Auto/Schedule switch (working but unmodifiable. Read Note #3)
LEDS:
  - 1x White led
  - 1x Red led
  - 1x Amber led
  - 1x Blue led
  - 2x Blue leds (lan and wan port status: working but unmodifiable)
UART:
  - 57600-8-N-1

Everything works correctly.

Currently there is no firmware update available. Because of this, in
order to restore the OEM firmware, you must firstly dump the OEM
firmware from your router before you flash the OpenWrt image.

Backup the OEM Firmware
-----------------------
The following steps are to be intended for users having little to none
experience in linux. Obviously there are many ways to backup the OEM
firmware, but probably this is the easiest way for this router.
Procedure tested on M83A6.V5030.191210 firmware version.

1) Go to http://192.168.10.1/webcmd.shtml

2) Type the following line in the "Command" input box:
	mkdir /etc_ro/lighttpd/www/dev; for i in /dev/mtd*ro; do dd if=${i} of=/etc_ro/lighttpd/www${i}; done

3) Click "Apply"

4) After few seconds, in the textarea should appear this output:
		16384+0 records in
	16384+0 records out
	8388608 bytes (8.0MB) copied, 4.038820 seconds, 2.0MB/s
	384+0 records in
	384+0 records out
	196608 bytes (192.0KB) copied, 0.095180 seconds, 2.0MB/s
	128+0 records in
	128+0 records out
	65536 bytes (64.0KB) copied, 0.032020 seconds, 2.0MB/s
	128+0 records in
	128+0 records out
	65536 bytes (64.0KB) copied, 0.031760 seconds, 2.0MB/s
	15744+0 records in
	15744+0 records out
	8060928 bytes (7.7MB) copied, 3.885280 seconds, 2.0MB/s
	dd: can't open '/dev/mtd5ro': No such device
	dd: can't open '/dev/mtd6ro': No such device
	dd: can't open '/dev/mtd7ro': No such device

   Excluding the "X.XXXXXX seconds" part, you should get the same
   exact output. If your output doesn't match mine, stop reading
   and ask for help in the forum.

5) Open the following links to download the partitions of the OEM FW:
	http://192.168.10.1/dev/mtd0ro
	http://192.168.10.1/dev/mtd1ro
	http://192.168.10.1/dev/mtd2ro
	http://192.168.10.1/dev/mtd3ro
	http://192.168.10.1/dev/mtd4ro

   If one (or more) of these files weight 0 byte, stop reading and ask
   for help in the forum.

6) Store these downloaded files in a safe place.

7) Reboot your router to remove any temporary file from your router.

Installation
------------
Flash the initramfs image in the OEM firmware interface.
When openwrt boots, flash the sysupgrade image otherwise you won't be
able to keep configuration between reboots.

Restore OEM Firmware
--------------------
Flash the "mtd4ro" file you previously backed-up directly from LUCI.
Warning: Remember to not keep settings!
Warning2: Remember to force the flash.

Notes
-----
1) The "System Command" page allows to run every command as root.
   For example you can use "dd" and "nc" to backup the OEM firmware.
   PC (SERVER):
	nc -l 5555 > ./mtdXro
   ROUTER (CLIENT):
	dd if=/dev/mtdXro | nc PC_IP_ADDRESS 5555

2) The OEM web interface accepts only images containing the string
   "WN583A6" in the filename.
   Currently the OEM interface accepts only the initramfs image
   probably because it checks if the ih_size in the image header is
   equal to the whole image size (instead of the kernel size)
   Read more here:
   https://forum.openwrt.org/t/support-for-strong-1200/22768/19

3) The white led (namely "Smart Night Light") can be controller by the
   user only if the side switch is set to "Schedule" otherwise it will
   be activated by the light condition (there is a photodiode on the
   top side of the router)

4) Router mac addresses:

   LAN		XX:XX:XX:XX:XX:8F
   WAN		XX:XX:XX:XX:XX:90
   WIFI 2G	XX:XX:XX:XX:XX:91
   WIFI 5G	XX:XX:XX:XX:XX:92

   LABEL	XX:XX:XX:XX:XX:91

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
[remove chosen node, fix whitespace]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-25 21:04:11 +02:00
Adrian Schmutzler
1e55df2e41 oxnas: use vendor_model scheme for ox810se
Most newer targets have been converted to consistently use
vendor_model scheme for device definitions/image names, ox820 is
using it as well, so let's just convert ox810se for consistency.

While at it, use generic setup for DEVICE_DTS and add SUPPORTED_DEVICES.
The latter have been introduced for ox820 already in
cf7896117b ("oxnas: enable image metadata by setting SUPPORTED_DEVICES")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-25 21:04:11 +02:00
Daniel Golle
98b60b3efa procd: jail: fix build on glibc and uclibc
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-25 16:54:40 +01:00
Daniel Golle
114e5255c4 procd: update to git HEAD
48777de rcS: cast format string to int64_t
 a4df90f jail: fix wrong format for 32-bit
 c482c5d jail: add support for referencing existing namespaces

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-25 16:07:59 +01:00
Kevin Darbyshire-Bryant
b2f7355eec cake-oot: update to latest HEAD
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-07-24 18:44:31 +01:00
Hauke Mehrtens
f94b09867d build: Remove dependency of user space stack cookies from kernel
Currently the user space stack cookies work well also when the kernel
stack cookies are not activated. This is handled completely in user
space and does not need kernel support.

This dependency was probably needed some years ago when the libc did not
support stack cookies.

Reviewed-by: Ian Cooper <iancooper@hotmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-24 00:35:21 +02:00
Hauke Mehrtens
54124e1e1c toolchain: binutils: Use version 2.34 by default
Switch to binutils version 2.34 for all CPUs by default. The ARC CPUs
do not need any special binutils version any more.

This increases the image size by 0.2% on MIPS (lantiq)

Tested on lantiq, ipq40xx

Acked-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-24 00:34:09 +02:00
Hauke Mehrtens
64de3076c3 lantiq: Fix warning in SPI driver
This fixes a warning in the SPI driver at bootup. This warning is seen
in kernel 5.4 on lantiq deives.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-23 23:39:56 +02:00
Hauke Mehrtens
ed2015c386 mac80211: Update to version 5.8-rc2-1
The following patches:
* 972-ath10k_fix-crash-due-to-wrong-handling-of-peer_bw_rxnss_override-parameter.patch
* 973-ath10k_fix-band_center_freq-handling-for-VHT160-in-recent-firmwares.patch
are replaced by this commit in the upstream kernel:
* 3db24065c2c8 ("ath10k: enable VHT160 and VHT80+80 modes")

The following patches were applied upstream:
* 001-rt2800-enable-MFP-support-unconditionally.patch
* 090-wireless-Use-linux-stddef.h-instead-of-stddef.h.patch

The rtw88 driver is now split into multiple kernel modules, just put it
all into one OpenWrt kernel package.

rtl8812au-ct was patched to compile against the mac80211 from kernel
5.8, but not runtime tested.

Add a patch which fixes ath10k on IPQ40XX, this patch was send upstream
and fixes a crash when loading ath10k on this SoC.

Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [ipq40xx/ map-ac2200]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-23 23:39:56 +02:00
Hauke Mehrtens
d1100c76b3 mac80211: Update to version 5.7.5-1
The b43 and b43legacy driver now support DRIVER_11W_SUPPORT.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-23 22:28:52 +02:00
Ted Hess
600416d5c1 tools/mkimage: create .itb file with read-access for group,other not just owner.
This patch will fix the source of 403 errors on these files
from downloads.openwrt.org.

Signed-off-by: Ted Hess <thess@kitschensync.net>
2020-07-23 14:25:10 -04:00
Rosen Penev
1db3fb5842 uboot-mediatek: remove swig requirement
Ever since this package was introduced, the SDK for mt7629 failed to
build as it started failing on this package.

Fixed by porting Hauke's similar patch for uboot-sunxi to uboot-mediatek.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-07-23 17:38:13 +02:00
Michal Hrusecky
cdb25bcef3 openvpn: Allow override of interface name
If using a configuration file for OpenVPN, allow overriding name of the
interface. The reason is that then people could use configuration file
provided by VPN provider directly and override the name of the interface
to include it in correct firewall zone without need to alter the
configuration file.

Signed-off-by: Michal Hrusecky <michal@hrusecky.net>
(cherry picked from commit c93667358515ec078ef4ac96393623ac084e5c9e)
2020-07-23 13:10:09 +02:00
Michal Hrusecky
8483bf3126 openpvn: Split out config parsing code for reuse
Split out code that parses openvpn configuration file into separate file
that can be later included in various scripts and reused.

Signed-off-by: Michal Hrusecky <michal@hrusecky.net>
(cherry picked from commit 86d8467c8ab792c79809a08c223dd9d40da6da2e)
2020-07-23 13:10:09 +02:00
Phi Nguyen
eda9751d86 ipq40xx: support reset button for WPJ419
Compex WPJ419 has a reset button on a GPIO pin.

Signed-off-by: Phi Nguyen <phind.uet@gmail.com>
2020-07-23 12:56:58 +02:00
Paul Spooren
fca3bf4f4c tools/flock: add PKG_{VERSION,RELEASE}
The stored source code of flock contains the version string of version
2.18, reflect that in the Makefile.

Motivation is the tracking of changes in the buildsystem, which requires
versioning of packages.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-07-23 11:30:22 +02:00
Paul Spooren
d2332e215e tools/sstrip: add PKG_{VERSION,RELEASE}
Comparing the in tree stored source file of sstrip suggests it's version
2.0[0], reflect that in the Makefile.

Motivation is the tracking of changes in the buildsystem, which requires
versioning of packages.

[0]: df4426a0f0 (diff-d3ba694d91432a068d5d3b36abf8cd0f)

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-07-23 11:30:14 +02:00
Paul Spooren
7c12d5d167 tools/firmware-utils: add PKG_RELEASE
There is no versioning information in the firmware-utils code nor the
Makefile. Consider it as first release by adding PKG_RELEASE.

Motivation is the tracking of changes in the buildsystem, which requires
versioning of packages.

Also update copyright.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-07-23 11:30:09 +02:00
Paul Spooren
d32012376a tools/patch-image: add PKG_RELEASE
There is no versioning information in the patch-image code nor the
Makefile. Consider it as first release by adding PKG_RELEASE.

Motivation is the tracking of changes in the buildsystem, which requires
versioning of packages.

Also update copyright.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-07-23 11:30:04 +02:00
Adrian Schmutzler
240793d175 tools: drop PKG_VERSION for purely local packages
This applies to tools directory what has been done for package/ in
commit 9c170cb92f ("package: drop PKG_VERSION for purely local
packages"):

In the package guidelines, PKG_VERSION is supposed to be used as
"The upstream version number that we're downloading", while
PKG_RELEASE is referred to as "The version of this package Makefile".
Thus, the variables in a strict interpretation provide a clear
distinction between "their" (upstream) version in PKG_VERSION and
"our" (local OpenWrt trunk) version in PKG_RELEASE.

For local (OpenWrt-only) packages, this implies that those will only
need PKG_RELEASE defined, while PKG_VERSION does not apply following
a strict interpretation. While the majority of "our" packages actually
follow that scheme, there are also some that mix both variables or
have one of them defined but keep them at "1".

This is misleading and confusing, which can be observed by the fact
that there typically either one of the variables is never bumped or
the choice of the variable to increase depends on the person doing the
change.

Consequently, this patch aims at clarifying the situation by
consistently using only PKG_RELEASE for "our" packages. For tools/,
only three packages were affected. This fixes two of them, and
leaves the remaining wrt350nv2-builder untouched, as the code there
seems to have some versioning of its own that is treated as upstream
version in PKG_VERSION.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-23 10:54:33 +02:00
Adrian Schmutzler
b057862e24 Revert "ramips: fix flash layout for TP-Link TL-WR841N v14"
This reverts commit 1623defbdb.

As already stated in the reverted patch, the OEM firmware will
properly recreate the config partition if it is overwritten by
OpenWrt.

The main reason for adding the partition was the image size
restriction imposed by the 0x3d0000 limitation of the TFTP
flashing process. Addressing this by shrinking the firmware
partition is not a good solution to that problem, though:

1. For a working image, the size of the content has to be smaller
   than the available space, so empty erase blocks will remain.

2. Conceptually, the restriction is on the image, so it makes sense
   to implement it in the same way, and not via the partitioning.
   Users could e.g. do initial flash with TFTP restriction with
   an older image, and then sysupgrade into a newer one, so TFTP
   restriction does not apply.

3. The (content) size of the recovery image is enforced to 0x3d0000
   by the tplink-v2-image command in combination with
   TPLINK_FLASHLAYOUT (flash layout in mktplinkfw2.c) anyway.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-22 18:59:44 +02:00
Adrian Schmutzler
0a5d74fa68 arc770: use generic 02_sysinfo
Currently arc770 sets a board name from compatible for no apparent
reason. Just use the compatible directly instead.

This theoretically removes a board name "generic" when no compatible
was present, however, there is no case where this "generic" board
name was actually used.

This also fixes an issue where snps,axs101 would not have been
properly detected anyway, as its case was not set up syntactically
correct.

Fixes: 576621f1e3 ("linux: add support of Synopsys ARC770-based boards")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-22 18:28:09 +02:00
Adrian Schmutzler
3c190ef112 archs38: use generic 02_sysinfo
Currently archs38 sets a board name from compatible for no apparent
reason. Just use the compatible directly instead.

This theoretically removes a board name "generic" when no compatible
was present, however, there is no case where this "generic" board
name was actually used.

This also fixes an issue where snps,axs103 would not have been
properly detected anyway, as its case was not set up syntactically
correct.

Fixes: 73015c4cb3 ("linux: add support of Synopsys ARCHS38-based boards")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-22 18:28:09 +02:00
David Bauer
9662b9d688 ramips: switch MT7620 subtarget to 5.4
MT7620 seems to work fine with kernel 5.4. Set the default kernel
version to 5.4 to bring this to a broader audience.

Tested on Archer C2 v1 / Archer C20i

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-22 17:20:38 +02:00
David Bauer
4cd5ce5a7f ramips: increase SPI frequency for MT7620 Archer
Increase the SPI frequency for the MT7620 based TP-Link Archer
series to 30MHz.

TP-Link uses different SPI flash chips for the same board
revision, so be conservative to not break boards with a
different chip. 30MHz should be well supported by all chips.

Tested on Archer C2 v1 (GD25Q64B) and Archer C20i (W25Q64FV).

Archer C20i (before)
====================
root@OpenWrt:~# time dd if=/dev/mtd1 of=/tmp/test.bin bs=64k
122+0 records in
122+0 records out
real	0m 15.30s
user	0m 0.00s
sys	0m 15.29s

Archer C20i (after)
===================
root@OpenWrt:~# time dd if=/dev/mtd1 of=/tmp/test.bin bs=64k
122+0 records in
122+0 records out
real	0m 5.99s
user	0m 0.00s
sys	0m 5.98s

Signed-off-by: David Bauer <mail@david-bauer.net>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-22 17:20:24 +02:00
David Bauer
9a9cdc65c4 ath79: re-enable image generation for GL-AR750S
The bootloader only writes the first 2MB of the image to the NOR flash
when installing the NAND factory image. The bootloader is capable of
booting larger kernels as it boots from the memory mapped SPI flash.

Disable the NAND factory image. The NAND can be bootstrapped by writing
the NAND initramfs image using the NOR upgrade method in the bootloader
web-recovery and sysupgrading from there. The NOR variant is not
affected.

Also refactor the partition definitions in the DTS to make them less
annoying to read.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-22 17:18:55 +02:00
Kevin Darbyshire-Bryant
9b9726aeb4 kmod-sched-cake-oot: fix PKG_MIRROR_HASH
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-07-22 15:59:54 +01:00
Kevin Darbyshire-Bryant
017cd5bfb0 umdns: fix compiling using gcc 10
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-07-22 15:59:54 +01:00
Hans Dedecker
f206461153 glibc: fix memcpy and memmove for negative length [BZ #25620]
6f3459f985 Add NEWS entry for CVE-2020-6096 (bug 25620)
64246fccaf arm: CVE-2020-6096: Fix multiarch memcpy for negative length [BZ #25620]
9bbd2b6172 arm: CVE-2020-6096: fix memcpy and memmove for negative length [BZ #25620]

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-07-21 22:44:37 +02:00
Adrian Schmutzler
5e86877f36 ath79: correctly define WiFi switch for TL-WR841ND v8
The TL-WR841ND v8 feature a WiFi switch instead of a button.
This adds the corresponding input-type to prevent booting into
failsafe regularly.

This has been defined correctly in ar71xx, but was overlooked
when migrating to ath79. In contrast, the TL-WR842ND v2, which
has the key set up as switch in ar71xx, actually has a button.
The TL-MR3420 v2 has a button as well and is set up correctly
for both targets. (Information based on TP-Link user guide)

Note:

While looking into this, I found that support PR for TL-MR3420 v2
switched reset button to ACTIVE_HIGH. However, the other two
device still use ACTIVE_LOW. This seems strange, but I cannot
verify it lacking the affected devices.

Fixes: FS#2733
Fixes: 9601d94138 ("add support for TP-Link TL-WR841N/ND v8")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-21 12:02:35 +02:00
Adrian Schmutzler
42dc5c2a3f ramips: improve LED support for D-Link DIR-615 D series
This patch adds a trigger for the WAN LED and enhances support for
the WiFi LED by enabling activity indication.

This is based on bug report feedback (see reference below).

While at it, update the LED node names in DTS file.

Fixes: FS#732

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-21 11:59:17 +02:00
Adrian Schmutzler
05c74e4000 omap: derive DEVICE_DTS from device name
In most cases the DEVICE_DTS name can be derived easily from the
node name, so let's do this to enforce harmonized names where
possible.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-21 11:57:22 +02:00
Adrian Schmutzler
eff0a0e39e apm821xx: derive DEVICE_DTS from device name
The DEVICE_DTS variable always matches the device definition name,
just with "_" replaced by "-". Thus, create a DEVICE_DTS definition
in Device/Default and drop all the individual statements.

If necessary in the future, local DEVICE_DTS will still overwrite
that default.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-21 11:56:35 +02:00
Adrian Schmutzler
a2fee73e27 bcm47xx: fix switch setup for Linksys WRT610N v2
WRT610N V2 is not detected by the initial network configuration script.
The switch remains unconfigured and wlan/lan vlans are not created.

This adds the correct setup for the device.

Fixes: FS#1869

Suggested-by: Alessandro Radicati
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-21 11:55:31 +02:00
Adrian Schmutzler
683193cfb7 layerscape: fix indent
Fix indent to be consistent with the rest of the file.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-21 11:51:51 +02:00
Nelson Cai
6269f10ea4 ramips: fix network setup for Ubiquiti ER-X/ER-X-SFP
The function name ucidef_set_interface_lan_wan does not exist,
use the proper name by adding an "s" and thereby fix network
setup on these devices.

Fixes: 22468cc40c (ramips: erx and erx-sfp: fix missing WAN interface)

Signed-off-by: Nelson Cai <niphor@gmail.com>
[commit message/title facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-20 17:16:47 +02:00
David Bauer
93bbd998aa hostapd: enter DFS state if no available channel is found
Previously hostapd would not stop transmitting when a DFS event was
detected and no available channel to switch to was available.

Disable and re-enable the interface to enter DFS state. This way, TX
does not happen until the kernel notifies hostapd about the NOP
expiring.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-20 15:08:19 +02:00
David Bauer
cfd2f3bf6f mac80211: create channel list for fixed channel operation
Currently a device which has a DFS channel selected using the UCI
channel setting might switch to a non-DFS channel in case no chanlist is
provided (UCI setting "channels") when the radio detects a DFS event.

Automatically add a chanlist consisting of the configured channel when
the device does not operate in auto-channel mode and no chanlist set to
circumvent this issue.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-20 15:07:47 +02:00
Johannes Kimmel
65e9de3c33 vxlan: add capability for multiple fdb entries
Similar to wireguard, vxlan can configure multiple peers or add specific
entries to the fdb for a single mac address.

While you can still use peeraddr/peer6addr option within the proto
vxlan/vxlan6 section to not break existing configurations, this patch
allows to add multiple sections that conigure fdb entries via the bridge
command. As such, the bridge command is now a dependency of the vxlan
package. (To be honest without the bridge command available, vxlan isn't
very much fun to use or debug at all)

Field names are taken direclty from the bridge command.

Example with all supported parameters, since this hasn't been documented so
far:

  config interface 'vx0'
      option proto     'vxlan6'      # use vxlan over ipv6

      # main options
      option ip6addr   '2001:db8::1' # listen address
      option tunlink   'wan6'        # optional if listen address given
      option peer6addr '2001:db8::2' # now optional
      option port      '8472'        # this is the standard port under linux
      option vid       '42'          # VXLAN Network Identifier to use
      option mtu       '1430'        # vxlan6 has 70 bytes overhead

      # extra options
      option rxcsum  '0'  # allow receiving packets without checksum
      option txcsum  '0'  # send packets without checksum
      option ttl     '16' # specifies the TTL value for outgoing packets
      option tos     '0'  # specifies the TOS value for outgoing packets
      option macaddr '11:22:33:44:55:66' # optional, manually specify mac
                                         # default is a random address

Single peer with head-end replication. Corresponds to the following call
to bridge:

  $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3

  config vxlan_peer
      option vxlan 'vx0'
      option dst '2001:db8::3' # always required

For multiple peers, this section can be repeated for each dst address.

It's possible to specify a multicast address as destination. Useful when
multicast routing is available or within one lan segment:

  config vxlan_peer
      option vxlan 'vx0'
      option dst 'ff02::1337' # multicast group to join.
                              # all bum traffic will be send there
      option via 'eth1'       # for multicast, an outgoing interface needs
                              # to be specified

All available peer options for completeness:

  config vxlan_peer
      option vxlan   'vx0'               # the interface to configure
      option lladdr  'aa:bb:cc:dd:ee:ff' # specific mac,
      option dst     '2001:db8::4'       # connected to this peer
      option via     'eth0.1'            # use this interface only
      option port    '4789'              # use different port for this peer
      option vni     '23'                # override vni for this peer
      option src_vni '123'               # see man 3 bridge

Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
2020-07-20 13:43:36 +02:00
Johannes Kimmel
5222aadbf3 vxlan: remove mandatory peeraddr
vxlan can be configured without a peer address. This is used to prepare
an interface and add peers later.

Fixes: FS#2743

Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
Acked-by: Matthias Schiffer <mschiffer@universe-factory.net>
2020-07-20 13:43:36 +02:00
Adrian Schmutzler
4a2380a1e7 tplink-safeloader: expand support list for TP-Link CPE210 v3
This adds new strings to the support list for the TP-Link CPE210 v3
that are supposed to work with the existing setup.

Without it, the factory image won't be accepted by the vendor UI on
these newer revisions.

Tested on a CPE210 v3.20 (EU).

Ref: https://forum.openwrt.org/t/build-for-cpe210-v3-20/68000

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-20 13:43:36 +02:00
Kevin Darbyshire-Bryant
a197fa093c dnsmasq: bump to 2.82
This fixes a nasty problem introduced in 2.81 which causes random
crashes on systems where there's significant DNS activity over TCP. It
also fixes DNSSEC validation problems with zero-TTL DNSKEY and DS
records.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-07-20 10:38:35 +01:00
Daniel Golle
5aedd5a110 procd: bump to git HEAD once again
Further complete OCI container support in ujail:
 f5f305e jail: move /tmp/resolv.conf.d to /dev/resolv.conf.d
 6f078ae jail: add support for defining devices
 686cf7a jail: actually apply filesystem-specific mount options
 f91009a jail: refactor default mounts into new structure
 66ae2d9 jail: re-implement /proc/sys/net read-write in netns hack

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-20 04:39:11 +01:00
Dustin Gathmann
d5a148f5c8 lantiq/xrx200: make WLAN button responsive on Fritzbox 7360 & 7362
Pressing the 'WLAN' button should enable/disable wireless activity.
Currently, the button is mapped to the KEY_WLAN, which will not
have this effect.
This patch changes the mapping of the WLAN button, so a button
press will emit an action for the 'rfkill' key instead of 'wlan'.
Apparently, this is what stock OpenWRT expects.

This fix is analogous to the preceding patch for Fritzbox 3370.

Signed-off-by: Dustin Gathmann <dzsoftware@posteo.org>
2020-07-20 00:58:30 +02:00
Dustin Gathmann
0ee30adb46 lantiq/xrx200: fix WLAN button actions for Fritzbox 3370
The WLAN button actions are reversed, i.e. pressing the button emits a
'released' action, and vice versa.
This can easily be checked by adding
logger -t button_action "$BUTTON $ACTION"
as the second line of /etc/rc.button/rfkill, and using logread to read
the events (assuming the preceding patch has been applied).
Defining the GPIO as ACTIVE_LOW corrects this behavior.

Signed-off-by: Dustin Gathmann <dzsoftware@posteo.org>
2020-07-20 00:58:30 +02:00
Dustin Gathmann
a53bf63756 lantiq/xrx200: make WLAN button responsive on Fritzbox 3370
Pressing the 'WLAN' button should enable/disable wireless activity.
However, on the Fritzbox 3370 this doesn't have an effect.
This patch changes the mapping of the physical WLAN button, so a button
press will emit an action for the 'rfkill' key instead of 'wlan'.
Apparently, this is what stock OpenWRT expects, and also what is
implemented for most other devices.

Signed-off-by: Dustin Gathmann <dzsoftware@posteo.org>
2020-07-20 00:58:30 +02:00
Daniel Golle
211548c523 procd: update to git HEAD
9eddf0f jail: fix hooks
 1b1286b jail: parse and apply OCI sysctl values
 c049047 jail: implement OCI user additionalGIDs
 0e1920c jail: read and apply umask from OCI if defined
 1c46cc3 jail: parse and apply POSIX rlimits
 76adac5 jail: /proc/$pid/oom_score_adj to OCI defined oomScoreAdj

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-19 19:35:47 +01:00