Commit Graph

51730 Commits

Author SHA1 Message Date
Luiz Angelo Daros de Luca
fe6b9b0588 base-files: bring up vlan interface too
Vlan subinterface was never brought up when using vlan-based preinit network.
Tested forcing ifname="" before preinit_ip() on a Tp-Link Archer C5v4.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2021-06-22 23:23:00 +02:00
Hauke Mehrtens
b7ee0786b5 realtek: Fix failsafe mode
The RTL8380-RTL9300 switches only forward packets when VLAN ID 1 is
configured. Do not use the standard failsafe configuration for DSA
accessing the default port directly, but configure a switch on the lan1
interface instead.

This will add the VLAN ID 1 configuration to the switch:
$ bridge vlan show
port              vlan-id
lan1              1 PVID Egress Untagged
switch            1 PVID Egress Untagged

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-06-22 23:23:00 +02:00
Hauke Mehrtens
790561d510 base-files: failsafe: Remove the VLAN modifier from interface name
Some interfaces have a VLAN modifier like :t in lan1:t, this modifier
should be removed from the interface before calling preinit_ip_config().

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-06-22 23:23:00 +02:00
Hauke Mehrtens
467cd378db base-files: failsafe: Fix IP configuration
Adapt the preinit_config_board() to the board.json network changes. It
now looks for the device and the ports variables to configure the LAN
network.

This works with swconfig configurations.

Fixes: FS#3866
Fixes: d42640e389 ("base-files: use "ports" array in board.json network for bridges")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Rafał Miłecki <rafal@milecki.pl>
2021-06-22 23:23:00 +02:00
Hauke Mehrtens
2e17c71095 kernel: Backport patch to automatically bring up DSA master when opening user port
Without this patch we have to manually bring up the CPU interface in
failsafe mode.

This was backported from kernel 5.12.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Rafał Miłecki <rafal@milecki.pl>
2021-06-22 23:23:00 +02:00
Jason A. Donenfeld
2a3b2f59fe kernel-5.4: backport latest patches for wireguard
These are the latest patches that just landed upstream for 5.13, will be
backported by Greg into 5.10 (because of stable@), and are now in the
5.4 backport branch of wireguard: https://git.zx2c4.com/wireguard-linux/log/?h=backport-5.4.y

Cc: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Tested-by: Stijn Segers <foss@volatilesystems.org>
2021-06-22 23:23:00 +02:00
Rui Salvaterra
79481c71dc kernel: bump 5.10 to 5.10.44
Add the new symbol to the generic kconfig.

No deleted or manually refreshed patches.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2021-06-22 23:23:00 +02:00
Aleksander Jan Bajkowski
c1927f4108 kernel: crypto: limit crypto-hw-hifn-795x to devices with pci support
CONFIG_CRYPTO_DEV_HIFN_795X depends on PCI. This driver only makes sense on
devices with pci support.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2021-06-22 23:23:00 +02:00
Birger Koblitz
76428494c3 realtek: Fix buffer length calculation on RTL8380 with CRC offload
Fixes the buffer and packet length calculations for Ethernet TX on
the RTL8380 SoC when CRC calculation offload is enabled.
CRC-offload is always done by the SoC, but additional CRC
calculation was previously done also by the kernel.
It also fixes detection of the DSA tag for packets on RTL8390
SoCs for ports > 28.

v2 has correct whitespace

Signed-off-by: Birger Koblitz <mail@birger-koblitz.de>
2021-06-22 23:23:00 +02:00
Timo Sigurdsson
bf98faaac8 hostapd: make wnm_sleep_mode_no_keys configurable
In the aftermath of the KRACK attacks, hostapd gained an AP-side workaround
against WNM-Sleep Mode GTK/IGTK reinstallation attacks. WNM Sleep Mode is not
enabled by default on OpenWrt, but it is configurable through the option
wnm_sleep_mode. Thus, make the AP-side workaround configurable as well by
exposing the option wnm_sleep_mode_no_keys. If you use the option
wpa_disable_eapol_key_retries and have wnm_sleep_mode enabled, you might
consider using this workaround.

Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
2021-06-22 11:10:06 -10:00
Karel Kočí
cc7316d1e9 base-files: fix enabled for services with only STOP
There are services that have only STOP value set. They are executed only
on shutdown and it is common to use them for system cleanup. There is
one such service shipped directly with base-files, it is 'umount'. Those
work the same way as those with START but enabled does not report them
as enabled although it should have as they can be enabled and disabled
as any other service.

This also changes check from check for executable to check for symbolic
link. The implementation depends on those being links to service file
and it is much cleaner and direct to check for them being links.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
2021-06-22 09:45:27 -10:00
Rafał Miłecki
0b2c1997e9 bcm63xx-cfe: update to the latest master
e5050f3 linksys: ea9500-v2: add cferam file

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-06-22 13:27:41 +02:00
Rafał Miłecki
f8d5bd20b3 bcm4908: fix Ethernet broken state after interface restart
This fixes traffic stalls after ifdown & ifup.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-06-22 08:06:13 +02:00
Timo Sigurdsson
85ce590705 hostapd: fix handling of the channel utilization options
Commit 0a7657c ("hostapd: add channel utilization as config option") added the
two new uci options bss_load_update_period and chan_util_avg_period. However,
the corresponding "config_add_int" calls for these options weren't added, so
attempting to actually use these options and change their values is bound to
fail - they always stay at their defaults. Add the missing code to actually
make these options work.

Fixes: 0a7657c ("hostapd: add channel utilization as config option")
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
2021-06-21 19:04:06 -10:00
Timo Sigurdsson
9f09c1936a hostapd: make country3 option configurable
The country3 option in hostapd.conf allows the third octet of the country
string to be set. It can be used e.g. to indicate indoor or outdoor use (see
hostapd.conf for further details). Make this option configurable but optional
in OpenWrt.

Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
2021-06-21 19:02:33 -10:00
Karel Kočí
219e17a350 ustream-ssl: variants conflict with each other
This adds conflicts between variants of libustream pacakge.
They provide the same file and thus it should not be possible to install
them side by side.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
2021-06-21 18:48:03 -10:00
David Bauer
f2f137593e ath79: add missing GPIO_LATCH symbol
Fixes commit 7b8931678c ("ath79: add gpio-latch driver for MikroTik RouterBOARDs")

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-06-22 00:39:48 +02:00
Dirk Neukirchen
2c9537e274 grub2: update to 2.06
-300-CVE-2015-8370.patch is upstreamed with different code
(upstream id: 451d80e52d851432e109771bb8febafca7a5f1f2)

- fixup OpenWrts setup_root patch

compile tested: x86_64,i386
runtime tested: VM x86_64,VM i386

- booted fine
- grub-editenv worked

Signed-off-by: Dirk Neukirchen <plntyk.lede@plntyk.name>
2021-06-21 09:02:26 -10:00
Chris Blake
f1e41155c9 kernel/modules: make sure igb loads at boot
Without loading the igb at boot, the recovery wouldn't have
network available. All network drivers should be loaded before
etc/board.d/02_network is called. Note that other network drivers
already have this set, such as tg3.

Fixes: 7e0e5110bc ("kernel: add igb kernel module")
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2021-06-21 08:38:07 -10:00
Florian Eckert
92ac2a20eb uci: add uci_revert function
Add missing uci_revert shell function wrapper.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-06-21 08:36:03 -10:00
Michael Yartys
f0f1d68d52 ath10k-ct: fix typo in Makefile
Add forgotten colon to Makefile.

Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
2021-06-21 08:34:39 -10:00
Paul Spooren
181054bf79 build: create profiles.json per default
The file is a info file just like config.buildinfo, feeds.buildinfo and
version.buildinfo. It bundles these and more information in a machine
readable way.

This commit enables the creation of profiles.json by default and not
only for buildbots. By doing so it follow the behaviour of the
ImageBuilder which always creates the file, lastly this increases the
files visibility for downstream projects.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-06-21 08:12:21 -10:00
Koen Vandeputte
6561ca1fa5 ath79: ar934x: fix mounting issues if subpage is not supported
Currently, the option to disable subpage writing is only set
when a HW ECC engine is used.

Some boards lack a HW ECC engine and use software for that.
In this case, this NAND option does not get set when the NAND chip
does not support it, resulting in mounting errors.

Move the setting of this option to a generic init location so it
gets set for all types where required.

While at it, also OR the option instead of just setting it
so we don't overwrite potential flags being set somewhere else.

Before:

[    1.681273] UBI: auto-attach mtd2
[    1.684669] ubi0: attaching mtd2
[    1.688877] ubi0 error: validate_ec_hdr: bad VID header offset 2048, expected 512
[    1.696469] ubi0 error: validate_ec_hdr: bad EC header
[    1.701712] Erase counter header dump:
[    1.705512]  magic          0x55424923
[    1.709322]  version        1
[    1.712330]  ec             1
[    1.715331]  vid_hdr_offset 2048
[    1.718610]  data_offset    4096
[    1.721880]  image_seq      1462320675
[    1.725680]  hdr_crc        0x12255a15

After:

    1.680917] UBI: auto-attach mtd2
[    1.684308] ubi0: attaching mtd2
[    2.954504] random: crng init done
[    3.142813] ubi0: scanning is finished
[    3.163455] ubi0: attached mtd2 (name "ubi", size 124 MiB)
[    3.169069] ubi0: PEB size: 131072 bytes (128 KiB), LEB size: 126976 bytes
[    3.176037] ubi0: min./max. I/O unit sizes: 2048/2048, sub-page size 2048
[    3.182942] ubi0: VID header offset: 2048 (aligned 2048), data offset: 4096
[    3.190013] ubi0: good PEBs: 992, bad PEBs: 0, corrupted PEBs: 0
[    3.196102] ubi0: user volume: 3, internal volumes: 1, max. volumes count: 128
[    3.203434] ubi0: max/mean erase counter: 2/0, WL threshold: 4096, image sequence number: 1462320675
[    3.212700] ubi0: available PEBs: 0, total reserved PEBs: 992, PEBs reserved for bad PEB handling: 20
[    3.222124] ubi0: background thread "ubi_bgt0d" started, PID 317
[    3.230246] block ubiblock0_1: created from ubi0:1(rootfs)
[    3.235819] ubiblock: device ubiblock0_1 (rootfs) set to be root filesystem
[    3.256830] VFS: Mounted root (squashfs filesystem) readonly on device 254:0.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2021-06-21 10:48:27 +02:00
Denis Kalashnikov
695a1cd53c ath79: add support for MikroTik RouterBOARD 912UAG-2HPnD
This board has been supported in the ar71xx.

Links:
* https://mikrotik.com/product/RB912UAG-2HPnD
* https://openwrt.org/toh/hwdata/mikrotik/mikrotik_rb912uag-2hpnd

This also supports the 5GHz flavour of the board.

Hardware:
* SoC: Atheros AR9342,
* RAM: DDR 64MB,
* SPI NOR: 64KB,
* NAND: 128MB,
* Ethernet: x1 10/100/1000 port with passive POE in,
* Wi-Fi: 802.11 b/g/n,
* PCIe,
* USB: 2.0 EHCI controller, connected to mPCIe slot and a Type-A
  port -- both can be used for LTE modem, but only one can be
  used at any time.
* LEDs: 5 general purpose LEDs (led1..led5), power LED, user LED,
  Ethernet phy LED,
* Button,
* Beeper.

Not working:
* Button: it shares gpio line 15 with NAND ALE and NAND IO7,
  and current drivers doesn't easily support this configuration,
* Beeper: it is connected to bit 5 of a serial shift register
  (tested with sysfs led trigger timer). But kmod-gpio-beeper
  doesn't work -- we left this as is for now.

Flashing:
* Use the RouterBOARD Reset button to enable TFTP netboot,
boot kernel and initramfs and then perform sysupgrade.
* From ar71xx OpenWrt firmware run:
  $ sysupgrade -F /tmp/<sysupgrade.bin>
For more info see: https://openwrt.org/toh/mikrotik/common.

Co-Developed-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Denis Kalashnikov <denis281089@gmail.com>
2021-06-21 10:48:27 +02:00
Denis Kalashnikov
820e660cd7 ath79: add NAND driver for MikroTik RB91xG series
Main part is copied from ar71xx original driver rb91x_nand
written by Gabor Juhos <juhosg@openwrt.org>.

What is done:
* Support of kernel 5.4 and 5.10,
* DTS support,
* New gpio API (gpiod_*) support.

Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Denis Kalashnikov <denis281089@gmail.com>
2021-06-21 10:48:27 +02:00
Denis Kalashnikov
7b8931678c ath79: add gpio-latch driver for MikroTik RouterBOARDs
This is a slighty modified version of ar71xx gpio-latch driver
written by Gabor Juhos <juhosg@openwrt.org>.

Changes:
* DTS support,
* New gpio API (gpiod_*).

Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Denis Kalashnikov <denis281089@gmail.com>
2021-06-21 10:48:27 +02:00
Paul Spooren
fd0d9909bf build,json: fix generation with empty profiles
If the image generation doesn't add any profiles to the output the
*profile merge* will fail. To avoid that set an empty profile as
fallback.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-06-20 22:42:29 -10:00
Perry Melange
23c3bab920 qos-scripts: add ifbN device before setting the link up
commit 50413e1ec8 replaced ifconfig
with ip.  In order to set a link state to up, the interface needs
to be added first.

Fixes: FS#3754

Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com>
[Add Fixes tag]
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
2021-06-21 09:18:33 +02:00
Rafał Miłecki
fcfa60408c bcm4908: add kmod-gpio-button-hotplug
All bcm4908 devices are expected to have GPIO buttons to make relevant
package selected by default.
This "fixes" triggering failsafe mode.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-06-21 09:12:59 +02:00
Rosen Penev
5cff6c1abb tools/cmake: update to 3.20.3 + build with Ninja
Compile with Ninja. Ninja compiles faster and is more stable with
parallel builds. Routines copied from cmake.mk.

Speed improves from:

Executed in	127.47 secs	fish		external
usr time	17.02 mins	446.00 micros	17.02 mins
sys time	1.18 mins	40.00 micros	1.18 mins

to:

Executed in	118.91 secs	fish		external
usr time	17.28 mins	499.00 micros	17.28 mins
sys time	1.13 mins	45.00 micros	1.13 mins

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-06-20 20:12:14 -10:00
Rosen Penev
3cbdc13bc1 tools/squashfskit4: fix compilation under big endian
The macro used is for the wrong struct. Just byte swap manually.

Refreshed patches.

Tested on sparc64.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-06-20 18:59:36 -10:00
Rosen Penev
b154a2f8d3 tools/e2fsprogs: update to 1.46.2
Fix wrong FPIC flag to fix compilation under sparc64

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-06-20 18:10:15 -10:00
Michael Yartys
b9b4aef4f2 hostapd: add support for setting sae_pwe
Make it possible to specify the SAE mechanism for PWE derivation. The
following values are possible:

0 = hunting-and-pecking loop only
1 = hash-to-element only
2 = both hunting-and-pecking loop and hash-to-element enabled

hostapd currently defaults to hunting-and-pecking loop only.

Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
2021-06-20 15:42:52 -10:00
Rosen Penev
bf4dbbb55e tools/libressl: update to 3.3.3
Fix wrong FPIC variable usage. Fixes compilation under sparc64 host.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-06-20 15:20:54 -10:00
Florian Eckert
40f533b73e base-files: redirect kill ouptut for ash, telnetd and dropbear
If one of the programmes is not running, then we see the following
output in the logs.

`killall: telnetd: no process killed`

To ensure that the log is clean, redirect the output to /dev/null

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-06-20 15:15:32 -10:00
Florian Eckert
d8bfcc59b0 base-files: remove unused vn and _vn function
The remaining vn calls have been ported to v.
Therefore, these functions are no longer needed and will be removed.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-06-20 15:15:32 -10:00
Florian Eckert
42d78fedfb base-files: change logging for upgrade on stage2
Remove vn call in favour of v call. This commit serves as preparation
for removing the vn function call.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-06-20 15:15:32 -10:00
Florian Eckert
bb2b7156a4 base-files: add syslog logging for v function
The logging output should not only be displayed in the calling shell
session but also in the syslog. A sysupgrade and a configuration
import, export can thus be traced in the syslog.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-06-20 15:15:32 -10:00
Chuck Fan
d374e2cdb4 base-files: upgrade: use zcat command provided by busybox
Calling `switch_to_ramfs()` will not copy the gzip executable
(/bin/gzip) to ramfs, but `/bin/zcat` will call `/bin/gzip` when
package gzip is installed, instead of the busybox-supplied zcat.
This will cause `zcat` to fail to find `gzip`, then cause the
sysupgrade to fail. Adding the `busybox` prefix here will solve
the problem.

Signed-off-by: Chuck Fan <fanck0605@qq.com>
2021-06-20 14:19:54 -10:00
Sergey Ponomarev
bffee5ea19 busybox: disable bzip2
bzip2 adds about 8kb of size. For tiny builds it's often disabled.
It's not directly used by stock OpenWrt programs.
Kernel images compressed with bzip2 are also not fully supported.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
[fix \ indention]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-06-20 14:17:49 -10:00
Dobroslaw Kijowski
bb2ac5a33b hostapd: stop advertising 11w feature
This is a follow up of 1a9b896d ("treewide: nuke DRIVER_11W_SUPPORT").
LuCI commit ab010406 ("luci-mod-network: skip check for 802.11w feature")
skips check of the 11w feature [1]. Now advertising it in hostapd is
superfluous so stop doing it.

[1]: https://github.com/openwrt/luci/pull/4689

Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
[remove outdated PKG_RELEASE bump and update to SPDX]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-06-20 14:11:30 -10:00
Martin Schiller
2c6c1501af uhttpd: make organization (O=) of the cert configurable via uci
Make the organization (O=) of the cert configurable via uci. If not
configured, use a combination of "OpenWrt" and an unique id like it was
done before.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2021-06-20 13:50:36 -10:00
李国
e4723755f2 grub2: pass compilation parameters more accurately
In order for the grub2 boot-related code to compile normally, we have
made many adjustments to the compilation parameters. These adjustments
are not necessary for tools-related code. We apply these parameter
adjustments only to the boot-related code.

Signed-off-by: 李国 <uxgood.org@gmail.com>
2021-06-20 13:34:27 -10:00
李国
ca94104136 grub2: make grub2 tools built in a separate variant
grub2 boot-related code and tools-related code may require different
compilation parameters. We split them into different variants for
compilation, so that we can accurately pass the required parameters and
avoid causing problems.

Signed-off-by: 李国 <uxgood.org@gmail.com>
2021-06-20 13:31:09 -10:00
李国
5876d6a62f grub2: make grub2-bios-setup as a separate package
The grub2 and grub2-efi packages should only contain boot-related code.
grub-bios-setup is the same as grub-editenv, they are both grub2 tools
and should be placed in a separate package.

Signed-off-by: 李国 <uxgood.org@gmail.com>
[use AUTORELEASE and update to SPDX]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-06-20 13:23:42 -10:00
Adrian Schmutzler
881fdb811f ramips: clean up dlink_dir-8xx-r1 recipe
* only add factory.bin when it's defined
 * fix check-size vs. append-metadata
 * whitespace/line break cleanup

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-06-20 17:29:52 +02:00
Adrian Schmutzler
2001c0ca9f ramips: reorganize DTSI files for D-Link DIR-8xx
* Remove micro-DTSI mt7621_dlink_dir-882-x1.dtsi to ease reading
   config without too much inheritance
 * Use "separate" partitioning DTSIs so we can use the partitioning
   without a complete match on the other settings (i.e. without the
   former parent DTSI)
 * Rename files to express the new organization

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-06-20 17:29:52 +02:00
Rosen Penev
3dabb62581 treewide: remove PKG_INSTALL from CMake packages
It's already default with cmake.mk

Found with:

git grep PKG_INSTALL\: | cut -d ':' -f 1 | sort -u > ins
git grep cmake.mk | cut -d ':' -f 1 > cmake
comm -1 -2 ins cmake

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-06-19 20:44:59 -10:00
Rosen Penev
2e745e9be6 treewide: remove BUILD_PARALLEL from CMake packages
It's already default. The only exception is mt76 which has Ninja
disabled.

Found with:

git grep BUILD_PARALLEL | cut -d ':' -f 1 | sort -u > par
git grep cmake.mk | cut -d ':' -f 1 > cmake
comm -1 -2 par cmake

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-06-19 20:44:59 -10:00
Stijn Segers
b6245fbd58 firmware-utils: tplink-safeloader: support Archer A6 v3 CA
The Canadian edition of the TP-Link Archer A6 v3 uses a different header, but
otherwise it's identical to the already supported EU/US editions.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Brian Lee <dev@leebrian.me>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
2021-06-20 00:49:06 +02:00