Commit Graph

46667 Commits

Author SHA1 Message Date
Felix Fietkau
c6c4701def kernel: fix dst reference leak in flow offload
Fixes a significant amount of leaked memory with lots of connections

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-01-23 17:41:55 +01:00
Adrian Schmutzler
07ce940b77 ath79: fix SUPPORTED_DEVICES not matching ar71xx board names
Based on a script for comparison, this fixes (hopefully) all errors
in SUPPORTED_DEVICES for ar71xx->ath79 upgrade.

Devices where old string is removed as the device does not exist
in ar71xx:
- dlink_dir-859-a1
- tplink_archer-a7-v5
- tplink_cpe510-v3

Devices where string is changed because it did not match the board
name in ar71xx:
- tplink_tl-mr3220-v1
- tplink_tl-mr3420-v1
- tplink_tl-wr2543-v1
- tplink_tl-wr741nd-v4
- tplink_tl-wr841-v7
- ubnt_unifiac-mesh
- ubnt_unifiac-mesh-pro
- ubnt_unifiac-pro

For this device, the correct string could not be found, but we could
not determine the correct one. Thus, the string is removed for now:
- tplink_tl-wr740n-v4

The script for checking this is quite simple (note that newer
entries, i.e. ath79->ath79 upgrade, are displayed as missing):

  newpath=target/linux/ath79/image/
  oldpath=target/linux/ar71xx/base-files/lib/ar71xx.sh

  for s in $(grep -roh "SUPPORTED_DEVICES.*" $newpath | sed 's/SUPPORTED_DEVICES *.= *//'); do
    found="Missing"
    grep -q -r "\"$s\"" $oldpath && found="Found"
    echo "$s: $found."
  done

The errors might be filtered by appending 'grep "Missing"' to the script.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-23 16:09:58 +01:00
Adrian Schmutzler
071a637276 ath79: move lzma-loader to the end of available RAM
In certain cases, the uncompressed initramfs image will overwrite
the lzma-loader, which is currently only 10 MB away from kernel image
start. To prevent this, change LZMA_TEXT_START to 24 MB, so loader
and compressed image have 8 MB at the end of RAM and uncompressed
image has 24 MB available.

This is only enabled for ath79 at the moment, as there we can be sure
that all devices have 32+ MB RAM and TARGET_INITRAMFS_COMPRESSION_LZMA
is not enabled there.

Despite, since lzma-loader is currently build specifically for ath79
anyway, there is no need to re-specify LOADADDR and LZMA_TEXT_START
in image/Makefile, so the values are set directly in
image/lzma-loader/Makefile and the overwrite in image/Makefile is
removed.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-23 15:28:03 +01:00
Roger Pueyo Centelles
6aaa5ce2c5 ath79: add support for MikroTik RouterBOARD wAP G-5HacT2HnD
This commit adds support for the MikroTik RouterBOARD wAP G-5HacT2HnD
(wAP AC), a small weatherproof dual band, dual-radio 802.11ac
wireless AP with integrated omnidirectional anntennae and one
10/100/1000 Mbps Ethernet port.

See https://mikrotik.com/product/RBwAPG-5HacT2HnD for more info.

Specifications:
 - SoC: Qualcomm Atheros QCA9556
 - RAM: 64 MB
 - Storage: 16 MB NOR
 - Wireless:
   · Atheros AR9550 (SoC) 802.11b/g/n 2x2:2, 2 dBi antennae
   · Qualcomm QCA9880 802.11a/n/ac 3x3:3, 2 dBi antennae
 - Ethernet: Atheros AG71xx (SoC, AR8033), 1x 1000/100/10 port,
   passive PoE in

Working:
 - Board/system detection
 - Sysupgrade
 - Serial console
 - Ethernet
 - 2.4 GHz radio
 - 5 GHz radio and LED
 - Reset button

Not working/Unsupported:
 - 2.4 GHz LED
 - AP/CAP LED
 - ZT2046Q SPI temperature and voltage sensor

This adds the basic features for supporting MikroTik devices:
 - a common recipe for mikrotik images in common-mikrotik.mk
 - support for minor (MikroTik NOR) split firmware (only for
   generic subtarget so far)

Acknowledgments: Robert Marko <robimarko@gmail.com>
                 Andrew Cameron <apcameron@softhome.net>
                 Koen Vandeputte <koen.vandeputte@ncentric.com>
                 Chuanhong Guo <gch981213@gmail.com>

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
Co-developed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-23 15:28:03 +01:00
David Bauer
26c2556775 ath79: allow to override AR8033 SGMII aneg status
In order to make the QCA955x SGMII workaround work, the unsuccessful
SGMII autonegotiation on the AR8033 should not block the PHY
state-machine.

Otherwise, the ag71xx driver never becomes aware of the copper-side
link-establishment and the workaround is never executed.

Signed-off-by: David Bauer <mail@david-bauer.net>
[remove one trailing whitespace per file]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-23 15:28:03 +01:00
David Bauer
0d416a8d3b ath79: add QCA955x SGMII link loss workaround
This commit adds a workaround for the loss of the SGMII link observed on
the QCA955x generation of SoCs. The workaround originates part from the
U-Boot source code, part from the implementation from AVM found in the
GPL tarball for the AVM FRITZ!WLAN Repeater 450E.

The bug results in a stuck SGMII link between the PHY device and the SoC
side. This has only been observed with the Atheros AR8033 PHY and most
likely all devices using such combination are affected.

It is worked around by reading a hidden SGMII status register and
issuing a SGMII PHY reset until the link becomes useable again.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-01-23 15:28:03 +01:00
Roger Pueyo Centelles
7d39946ea0 rbextract: support devices directly showing ERD magic
Older ath79-based MikroTik devices have the ERD calibration data
compressed and stored different to newer IPQ40xx ones. This commit
adds support for these former ones.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
Acked-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-23 15:28:03 +01:00
Roger Pueyo Centelles
ba730d61af rbextract: add package
This utility extracts the radio calibration data, as well as other
board-related information (model, serial number, etc.), from MikroTik
Routerboard devices' flash.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
Acked-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-23 15:28:02 +01:00
Roger Pueyo Centelles
51526bcf1e rbcfg: make package available for ath79
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
2020-01-23 15:28:02 +01:00
Felix Fietkau
c07f6e8659 hostapd: fix faulty WMM IE parameters with ETSI regulatory domains
hostapd sets minimum values for CWmin/CWmax/AIFS and maximum for TXOP.
The code for applying those values had a few bugs leading to bogus values,
which caused significant latency and packet loss.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-01-23 14:53:13 +01:00
Adrian Schmutzler
6fe31abc5a kirkwood: exploit BOARD_NAME to set DEVICE_DTS and SUPPORTED_DEVICES
Due to the history of the target, all devices added before a certain
point have the same device string in BOARD_NAME, DEVICE_DTS and added
to SUPPORTED_DEVICES.

Thus, we can set this one automatically for all devices where
BOARD_NAME is specified, removing the explicit DEVICE_DTS and
SUPPORTED_DEVICES addition there.

For new devices, nothing has changed, and just DEVICE_DTS has to
be set manually.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-23 14:27:12 +01:00
Adrian Schmutzler
d0d8584b41 sunxi: tidy up and sort alphabetically in image Makefiles
This tidies up the image Makefiles for the sunxi target by:
- Move the if-condition for the subtarget to the parent Makefile
- Remove lots of unnecessary empty lines
- Sort device definitions alphabetically
- Harmonize line wrapping for DEVICE_PACKAGES

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-23 14:21:19 +01:00
Kimmo Vuorinen
a8723c48ad uboot-envtools: ath79: add support for glinet,gl-ar150
Add ubootenv uci config for GL.inet GL-AR150

Signed-off-by: Kimmo Vuorinen <kimmo.vuorinen@gmail.com>
[commit title/message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-23 14:08:24 +01:00
Kimmo Vuorinen
dc6dfaac80 uboot-envtools: ar71xx: add support for gl-ar150/-domino/-mifi
Add ubootenv uci config for gl-ar150, gl-domino and gl-mifi

Signed-off-by: Kimmo Vuorinen <kimmo.vuorinen@gmail.com>
[commit message/title facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-23 14:04:50 +01:00
Kimmo Vuorinen
2c1cfacdde ar71xx: change u-boot-env to read-write for gl-ar150/-domino/mifi
Change u-boot-env partitions to be mounted as read-write for gl-ar150,
gl-domino and gl-mifi so uboot-envtools support is possible.

Signed-off-by: Kimmo Vuorinen <kimmo.vuorinen@gmail.com>
[commit title/message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-23 13:56:53 +01:00
Adrian Schmutzler
a66a1eb9c5 ath79: add support for TP-Link TL-WA850RE v2
TP-Link TL-WA850RE v2 is a wall-plug N300 Wi-Fi range extender,
based on Qualcomm/Atheros QCA9533 v2.

Short specification:

- 550/391/195 MHz (CPU/DDR/AHB)
- 1x 10/100 Mbps Ethernet
- 32 MB of RAM (DDR1)
- 4 MB of FLASH
- 2T2R 2.4 GHz
- 2x internal antennas (embedded on PCB)
- 9x LED (all can be turned off with GPIO15), 2x button
- UART (J3) header on PCB

Flash instruction: use "factory" image directly in vendor GUI.

Warning: this device does not include any kind of recovery mechanism
in the bootloader and disassembling process is not trivial.

You can access vendor firmware over serial line using:
- login: root
- password: sohoadmin

Stock firmware uses label MAC address for WiFi and same with local
bit set for ethernet. Since this is difficult to reproduce with
the toolset of OpenWrt, we just keep both ethernet and WiFi to
the same address here.

This is the first tiny device with tplink-safeloader in ath79.
Firmware partition is only 3648k and thus even smaller than for
the tplink-4m(lzma) devices.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-22 23:52:51 +01:00
Adrian Schmutzler
b2102be8a5 ar71xx: use dynamic partitioning for TP-Link TL-WA850RE v2
This moves the TP-Link TL-WA850RE v2 to dynamic partitioning and
will allow to use this for ath79 as well.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-22 23:52:51 +01:00
David Bauer
5f4f269ce1 generic at803x: remove unneeded patches
- Remove the "RGMII TX delay fixup" hack and the associated
   DT-property. It was never used in a DT-based platform and
   solved a problem which can be mitigated by using correct
   delays on the MAC side.

 - Remove the patch to enable platform-data support for the
   at803x driver. It was only used by ar71xx which does not
   (and never will) support kernel 4.19 or later.

 - Remove the SmartEEE DT-configuration patch. As explained
   previously, this patch never disabled the Atheros SmartEEE
   implementation, but rather "standard" EEE. This can be done
   on device-tree compatible platforms by adding the
   "eee-broken-1000t" or "eee-broken-100tx" properties to the PHY
   node. As all usages of the old properties are migrated, this
   patch can be removed.

Signed-off-by: David Bauer <mail@david-bauer.net>
Acked-by: Christian Lamparter <chunkeey@gmail.com>
2020-01-22 22:54:14 +01:00
David Bauer
a8898f1a11 ath79: use upstream properties to disable EEE
The hack-patch which introduced the "at803x-disable-smarteee" for
disabling SmartEEE did in fact not disable SmartEEE but rather disabled
802.3az "standard" EEE.

This can be done by using the upstream properties "eee-broken-100tx" and
"eee-broken-1000t". EEE is then disabled by the PHY subsystem.

Tested on devolo WiFi pro 1200e.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-01-22 22:53:55 +01:00
Adrian Schmutzler
6eaea3a8ba ath79: add support for TP-Link TL-WA850RE v1
This ports support for the TL-WA850RE v1 range extender from ar71xx
to ath79.

Specifications:
  Board: AP123 / AR9341 rev. 3
  Flash/RAM: 4/32 MiB
  CPU: 535 MHz
  WiFi: 2.4 GHz b/g/n
  Ethernet: 1 port (100M)

Flashing instructions:
Upload the factory image via the vendor firmware upgrade option.

Recovery:
Note that this device does not provide TFTP via ethernet like many
other TP-Link devices do. You will have to open the case if you
require recovery beyond failsafe.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-22 17:18:55 +01:00
Daniel Golle
3d6c571083 mac80211: add support for wds_bridge hostapd feature
hostapd allows putting WDS (4addr mode) clients into a separate bridge
other than the bridge regular (3addr mode) clients end up in. This is
useful for example giving WDS clients access to several VLANs
(trunking) while regular clients will end up inside a specific VLAN.

Add 'wds_bridge' config parameter for wifi-iface which contains the
name of the bridge. hostapd-mini already supports this feature, so all
needed is to add the UCI wrapping in mac80211.sh.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-22 14:22:17 +02:00
Jonas Gorski
947163b9d2 kernel: sfp: re-attempt probing for phy
Add patches retrying to probe the PHY to restore support for PHYs taking
longer to initialize without breaking modules without PHYs.

Patches taken from http://git.armlinux.org.uk/cgit/linux-arm.git/log/?h=phy

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2020-01-21 22:32:48 +01:00
Jonas Gorski
10b12b5d68 kernel: sfp: add two fixes submitted to upstream
Add two small fixes for SFP that were submitted upstream.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2020-01-21 22:32:48 +01:00
Russell King
46678fbdca mvebu: add uDPU update patches
Update the uDPU kernel support, fixing a number of issues:
* make ethernet work again by adding comphy definitions
* slow the I2C bus to give it more chance of actually working
* the SFP cages are designed to support up to 3W modules, which
  would be prevented from initialising without this patch.

Signed-off-by: Russell King <linux@armlinux.org.uk>
[jonas.gorski: rename to mvebu, refresh patches]
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2020-01-21 22:32:48 +01:00
Russell King
a1358fc7ae kernel: add SFP support for Methode DM7052 NBASE-T module
Add support for Methode DM7052 NBASE-T module to OpenWRT. These
patches are taken from my "phy" branch, and will be sent for the
next kernel merge window.

Signed-off-by: Russell King <linux@armlinux.org.uk>
[jonas.gorski: move patches to pending, refresh patches]
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2020-01-21 22:32:48 +01:00
Russell King
1c16b574c4 kernel: add backported phy/phylink/sfp patches
Backport the phy/phylink/sfp patches currently queued in netdev or in
mainline necessary to support GPON popular modules, specifically to
support Huawei and Nokia GPON modules.

Signed-off-by: Russell King <linux@armlinux.org.uk>
[jonas.gorski: include kernel version in file names, refresh patches]
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2020-01-21 22:32:48 +01:00
Russell King
a07638eb24 kernel: move phylink patches from mvebu to generic
Move two phylink patches from mvebu to generic, so that everyone can
benefit from them.

Signed-off-by: Russell King <linux@armlinux.org.uk>
[jonas.gorski: add kernel version to file names]
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2020-01-21 22:32:48 +01:00
Russell King
e81a5b0556 kernel: remove obsolete phylink/SFP patches
Remove the old phylink/SFP patches from the OpenWRT build; these will
be updated with a new set in subsequent.

450-reprobe_sfp_phy is also removed for several reasons:
1) it is not in mainline.
2) it breaks copper modules that do not have a PHY.
3) it makes backporting the current patch set harder.

Discussion is ongoing with the patch author for a mainline Linux kernel
patch for this.

Signed-off-by: Russell King <linux@armlinux.org.uk>
2020-01-21 22:32:48 +01:00
Jan Pavlinec
2982997f1b curl: update to version 7.68.0 (security fix)
Fixes
CVE-2019-15601

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
2020-01-21 22:17:53 +01:00
Hannu Nyman
96e9d48664 tools/bison: update to 3.5
Update bison to 3.5

Release notes:
https://lists.gnu.org/archive/html/info-gnu/2019-12/msg00002.html

Note for future: release notes mention that YYPRINT macro is
declared deprecated, but apparently still works for now. I found
one possible use of that in scripts/config/zconf.tab.c_shipped
That might be modernized at some point, but as the file is synced
with the one from upstream Linux, it might get fixed there.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-01-21 18:43:58 +01:00
Adrian Schmutzler
111a7a3d01 ath79: remove usused TPLINK_BOARD_NAME variable for DEVICE_VARS
TPLINK_BOARD_NAME has been renamed to TPLINK_BOARD_ID a long time
ago (7d6c63d875: "build: rename TPLINK_BOARD_NAME to
TPLINK_BOARD_ID" for ar71xx), and before introducing ath79 target
at all.

TPLINK_BOARD_NAME seems to have been introduced into ath79 target
only by mistake. It has never been used. Remove it.

Fixes: 53c474abbd ("ath79: add new OF only target for QCA MIPS silicon")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-21 18:08:19 +01:00
Petr Štetiar
0c707d37b7 Revert "kernel: mtd: Make subpartitions inherit parent's access mode"
This reverts commit de80424f70 which needs
more work and testing as it broke at least jffs2 overlays at least on
ath79 platform, marking them as read-only, thus unusable:

 jffs2_build_filesystem(): erasing all blocks after the end marker...
 jffs2: Erase at 0x009e0000 failed immediately: -EROFS. Is the sector locked?

Ref: http://lists.infradead.org/pipermail/openwrt-devel/2020-January/021344.html
Reported-by: Steve Brown <sbrown@ewol.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-21 17:25:56 +01:00
Petr Štetiar
0f81a0979c fstools: update to version 2020-01-21
deb745f82b93 Revert "fstools: Add support to read-only MTD partitions (eg. recovery images)"

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-21 17:25:56 +01:00
Petr Štetiar
3d8edd9bb4 urngd: update to version 2020-01-21
c7f7b6b65b82 Tag version 1.0.2
236b7a0aef21 Fix blocked entropy generation

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-21 17:16:01 +01:00
Adrian Schmutzler
2cb413de1c zynq: derive DEVICE_DTS from device definition name
In zynq target, the DEVICE_DTS variable is always set consistent
with the model part of the device definition name.

This patch replaces the redundant definitions for the individual
devices with a common recipe.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-21 14:26:04 +01:00
Adrian Schmutzler
1fa04b5d9f mvebu: split base-files across subtargets
For the mvebu target in particular, there is a lot of files in
base-files that are only relevant for one subtarget. Improve
overview and reduce size per subtarget by moving/splitting
base-files depending on the subtarget they belong to.

While at it, consolidate 01_leds by using the model part of
the board name as variable.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2020-01-21 14:24:49 +01:00
Adrian Schmutzler
e93626f1f4 mvebu: use SOC to derive DEVICE_DTS
This introduces the SOC variable to mvebu target to derive some of
the DEVICE_DTS variables based on the SOC prefix and the device
definition name.

Since DTS names and compatible are inconsistent also in the kernel
for this target, the scheme cannot be applied to all devices, though.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2020-01-21 14:23:52 +01:00
Adrian Schmutzler
0a388b5bf7 mvebu: move subtarget image Makefile switch to parent Makefile
This moves the if conditions for choosing which image Makefiles
are used to the parent image/Makefile. It seems more convenient
to have "codeflow" in the parent while the subtarget-specific
files only contain the definitions.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2020-01-21 14:18:07 +01:00
Enrico Mioso
b99b60b2f1 ath79: add support for TP-Link TL-MR6400
This device is an LTE router supported in ar71xx so far.
As per original commit, hardware specifications (v1.0 EU):
- SoC: QCA9531
- Flash: Winbond W25Q64FV (8MiB)
- RAM: EtronTech EM6AB160TSE-5G (64MiB)
- Wireless: SoC platform only (2.4GHz b/g/n, 2x internal antenna)
- Ethernet: 2NIC (3x100M + 1x100M)
- WWAN: TP-LINK LTE MODULE (2x external detachable antenna)
- Power: DC 12V 1A

Flashing instructions:
You can flash via tftp recovery (serve factory image as /mr6400_tp_recovery.bin
on 192.168.0.66/24, connect to any ethernet port and power on device while
holding the reset button). Flashing via OEM web interface does not work.

Known issues:
- LTE module does not always come up during boot (showing USB enumeration errors). Similar behavior has been reported at least from one user for ar71xx, too. Turning USB off and on again will serve as a workaround.
- eth0 (LAN) always shows carrier as 1 even if no cable is plugged in (this works "correctly" on ar71xx)

Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
[several adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Filip Moc <lede@moc6.cz>
2020-01-21 14:15:48 +01:00
Lech Perczak
83708f233d ar71xx: ubnt-rocket-m-ti: fix RSSI LED definitions
When mapping for RSSI LEDs was defined for interface wlan0 on
Ubiquiti Rocket M Titanium, it missed connection to actual interface.
Therefore create the mapping to interface, so RSSI LEDs work without
additional configuration, after starting rssileds service.

While at that, split RSSI into ~equal intervals for 6 LEDs,
and remove coefficients needed for PWM LEDs, as this board does not
support PWM LEDs.

Finally, for complete support, enable 'rssileds' package in per-device
rootfs, so the indicator works out of box.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2020-01-21 14:09:30 +01:00
Daniel Golle
97a03a4760 procd: update to latest git HEAD
58c12f7 jail: add basic support for network namespaces
 ba69639 jail: create resolv.conf symlink for netns jails
 81b88b1 jail: more strict mount options for /tmp/resolv.conf.d/

Add new 'netns' flag for procd_add_jail to make ujail setup a new
network namespace for the jailed service.
See previous netifd commit for example configuration for netns jailed
service.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-21 12:52:12 +02:00
Daniel Golle
e4ce8f59f5 netifd: add basic support for jail network namespaces
Prepare netifd for handling procd service jails having their own
network namespace.
Intefaces having the jail attribute will only be brought up inside the
jail's network namespace by procd calling the newly introduced ubus
method 'netns_updown'.
Currently proto 'static' is supported and configuration changes are
not yet being handled (ie. you'll have to restart the jailed service
for changes to take effect).

Example /etc/config/network snippet:
config device 'veth0'
    option type 'veth'
    option name 'vhost0'
    option peer_name 'virt0'

config interface 'virt'
    option type 'bridge'
    list ifname 'vhost0'
    option proto 'static'
    option ipaddr '10.0.0.1'
    option netmask '255.255.255.0'

config interface 'virt0'
    option ifname 'virt0'
    option proto 'static'
    option ipaddr '10.0.0.2'
    option netmask '255.255.255.0'
    option gateway '10.0.0.1'
    option dns '10.0.0.1'
    option jail 'transmission'

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-21 10:25:27 +02:00
Michal Cieslakiewicz
0d28e5d644 ath79: fix SUPPORTED_DEVICES for WNDR4300 and WNDR3700v4
Kernel partition increase to 4 MiBs for Netgear WNDR3700v4 and WNDR4300
routers breaks sysupgrade image compatibility with ar71xx builds.
Therefore, SUPPORTED_DEVICES variable has to be removed for both devices
from target makefile.

Reported-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2020-01-21 00:29:25 +01:00
Petr Štetiar
5c73bb12c8 libubox: update to version 2020-01-20
43a103ff17ee blobmsg: blobmsg_parse and blobmsg_parse_array oob read fixes
 5c0faaf4f5e2 tests: prefer dynamically allocated buffers
 1ffa41535369 blobmsg_json: prefer snprintf usage
 132ecb563da7 blobmsg: blobmsg_vprintf: prefer vsnprintf
 a2aab30fc918 jshn: prefer snprintf usage
 b0886a37f39a cmake: add a possibility to set library version
 a36ee96618a9 blobmsg: blobmsg_add_json_element() 64-bit values
 f0da3a4283b7 blobmsg_json: fix int16 serialization
 20a070f08139 tests: blobmsg/json: add more test cases
 379cd33d1992 tests: include json script shunit2 based testing

Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-20 20:57:21 +01:00
Bruno Pena
de80424f70 kernel: mtd: Make subpartitions inherit parent's access mode
Currently it's not possible to effectively mark a "firmware" partition
as read-only. The sub-partitions "kernel", "rootfs" and "rootfs_data"
are always created as read-write (ignoring the parent access mode).

This patch enforces the access mode of sub-partitions to match the
parent partition, which is useful for recovery images that are meant
to be fully read-only to avoid accidental damage from end-user.

An example of such implementation (read-only firmware image) is the
recovery image used on the Zsun-SD100 [1].

Please note the related patch for fstools [2] to enable this read-only
concept.

[1] https://github.com/brunompena/zsun-resources
[2] http://lists.infradead.org/pipermail/openwrt-devel/2020-January/021043.html

Signed-off-by: Bruno Pena <brunompena@gmail.com>
[removed already obsolete 4.9 kernel patch]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-20 20:57:21 +01:00
Petr Štetiar
63000bfaf7 fstools: update to version 2020-01-18
f5c7c1813f52 fstools: Add support to read-only MTD partitions (eg. recovery images)
 189b41b6b487 libblkid-tiny: fix f2fs labels by increasing label buffer

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-20 20:57:21 +01:00
Koen Vandeputte
7adb0f9810 kernel: bump 4.19 to 4.19.97
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00
Koen Vandeputte
ac050025a5 kernel: bump 4.14 to 4.14.166
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00
Koen Vandeputte
6cc7498daa kernel: bump 4.19 to 4.19.96
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00
Koen Vandeputte
2b4654f74f kernel: bump 4.14 to 4.14.165
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00