openwrt/openwrt.git
6 weeks agoOpenWrt v21.02.0: adjust config defaults v21.02.0
Hauke Mehrtens [Wed, 1 Sep 2021 19:53:53 +0000 (21:53 +0200)]
OpenWrt v21.02.0: adjust config defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 weeks agoath79: add support for onion omega
Jan-Niklas Burfeind [Fri, 27 Aug 2021 17:25:47 +0000 (19:25 +0200)]
ath79: add support for onion omega

The Onion Omega is a hardware development platform with built-in WiFi.

https://onioniot.github.io/wiki/

Specifications:
 - QCA9331 @ 400 MHz (MIPS 24Kc Big-Endian Processor)
 - 64MB of DDR2 RAM running at 400 MHz
 - 16MB of on-board flash storage
 - Support for USB 2.0
 - Support for Ethernet at 100 Mbps
 - 802.11b/g/n WiFi at 150 Mbps
 - 18 digital GPIOs
 - A single Serial UART
 - Support for SPI
 - Support for I2S

Flash instructions:
The device is running OpenWrt upon release using the ar71xx target.
Both a sysupgrade
and uploading the factory image using u-boots web-UI do work fine.

Depending on the ssh client, it might be necessary to enable outdated
KeyExchange methods e.g. in the clients ssh-config:

Host 192.168.1.1
        KexAlgorithms +diffie-hellman-group1-sha1

The stock credentials are: root onioneer

For u-boots web-UI manually configure `192.168.1.2/24` on your computer,
connect to `192.168.1.1`.

MAC addresses as verified by OEM firmware:
2G       phy0      label
LAN      eth0      label - 1

LAN is only available in combination with an optional expansion dock.

Based on vendor acked commit:
commit 5cd49bb067ca ("ar71xx: add support for Onion Omega")

Partly reverts:
commit fc553c7e4c8e ("ath79: drop unused/incomplete dts")

Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit d98738b5c118fc45068b45f07b8b6938e91f35d2)

6 weeks agokernel: bump 5.4 to 5.4.143
Hauke Mehrtens [Sun, 29 Aug 2021 19:27:20 +0000 (21:27 +0200)]
kernel: bump 5.4 to 5.4.143

Manually rebased:
  bcm27xx/patches-5.4/950-1031-net-lan78xx-Ack-pending-PHY-ints-when-resetting.patch

Removed upstreamed:
  mvebu/patches-5.4/100-cpufreq-armada-37xx-forbid-cpufreq-for-1.2-GHz-variant.patch

All others updated automatically.

Compile-tested on: lantiq/xrx200, armvirt/64
Runtime-tested on: lantiq/xrx200, armvirt/64

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
7 weeks agoopenssl: bump to 1.1.1l
Eneas U de Queiroz [Thu, 26 Aug 2021 17:37:56 +0000 (14:37 -0300)]
openssl: bump to 1.1.1l

This version fixes two vulnerabilities:
  - SM2 Decryption Buffer Overflow (CVE-2021-3711)
    Severity: High

  - Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
    Severity: Medium

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7119fd32d397567931e63dbbf72014e95624018f)

7 weeks agoprereq-build: require python3-distutils
Andre Heider [Tue, 10 Aug 2021 10:22:17 +0000 (12:22 +0200)]
prereq-build: require python3-distutils

Debian and Ubuntu ship a python3-minimal package which does not include
the distutils module. This is not supported by upstream and can be
considered a broken python distribution.

In practice, many scripts depend on said module, and this is a reoccuring
pain point for building various OpenWrt packages.

Require and check for said module, enough time has been wasted on this.

A list of just the most recent issues:
https://github.com/openwrt/packages/pull/16304
https://github.com/openwrt/packages/pull/16027
https://github.com/openwrt/packages/pull/15443
https://github.com/openwrt/packages/pull/14394
https://github.com/openwrt/packages/pull/12909
https://github.com/openwrt/packages/issues/12443
https://github.com/openwrt/packages/pull/11035
https://github.com/openwrt/packages/issues/10993

Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 60af8d753343691c4a647bfc7c51ef6eb92df9f2)

7 weeks agouboot-layerscape: fix dtc compilation on host gcc 10
Hauke Mehrtens [Sun, 8 Aug 2021 22:03:43 +0000 (00:03 +0200)]
uboot-layerscape: fix dtc compilation on host gcc 10

Backport a patch from upstream U-Boot to fix the compile with host GCC 10.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8d143784cb8fafccdbcdc0bd5d1aa47d3d676f70)

7 weeks agouboot-at91: fix dtc compilation on host gcc 10
Hauke Mehrtens [Fri, 20 Aug 2021 22:07:54 +0000 (00:07 +0200)]
uboot-at91: fix dtc compilation on host gcc 10

Backport a patch from upstream U-Boot to fix the compile with host GCC 10.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a1034afba8ea8bec48e2528fdae0fb74a6757e53)

7 weeks agokernel: bump 5.4 to 5.4.142
David Bauer [Thu, 19 Aug 2021 18:40:29 +0000 (20:40 +0200)]
kernel: bump 5.4 to 5.4.142

Compile-tested: ath79-generic ipq40xx-generic
Run-tested: ipq40xx-generic

Signed-off-by: David Bauer <mail@david-bauer.net>
7 weeks agoipq40xx: fix Edgecore ECW5211 boot
Stijn Tintel [Wed, 18 Aug 2021 13:11:11 +0000 (16:11 +0300)]
ipq40xx: fix Edgecore ECW5211 boot

The bootloader will look for a configuration section named ap.dk01.1-c2
in the FIT image. If this doesn't exist, the device won't boot.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit a43da1be43ae251f0edaa6419612e600fc6ec972)

7 weeks agoath79: kernel: Add missing quote to drivers/mfd/Kconfig
Paul Blazejowski [Wed, 21 Jul 2021 22:28:20 +0000 (18:28 -0400)]
ath79: kernel: Add missing quote to drivers/mfd/Kconfig

A missing quote in target/linux/ath79/patches-5.x/920-mikrotik-rb4xx.patch
produces:

...
scripts/kconfig/conf  --syncconfig Kconfig
drivers/mfd/Kconfig:2016:warning: multi-line strings not supported
...

This patch adds missing closing quote, fixing the above warning.

Signed-off-by: Paul Blazejowski <paulb@blazebox.homeip.net>
(cherry picked from commit f7374bce00a97fda78ace3acaef48369e8246814)

8 weeks agobcm27xx-userland: update to latest version
Álvaro Fernández Rojas [Sat, 21 Aug 2021 17:03:24 +0000 (19:03 +0200)]
bcm27xx-userland: update to latest version

Properly recognise all BCM2711 variants

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
8 weeks agobcm27xx-userland: factor out a -dev package
Michael Heimpold [Sat, 27 Mar 2021 19:48:30 +0000 (20:48 +0100)]
bcm27xx-userland: factor out a -dev package

Installing headers and static libraries to the target system seems
to be not required for most use cases, so let's factor them
out into a dedicated -dev package.

This cuts down to disk usage to around 50% of the original
package to ~ 2MB - not that disk space is an issue normally,
but when using inside an initramfs only project, it counts.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 months agox86: kernel: set NR_CPUS to 512
Edgar Su [Mon, 12 Jul 2021 13:22:48 +0000 (21:22 +0800)]
x86: kernel: set NR_CPUS to 512

NR_CPUS limits the number of CPUs supported to 8. This makes total sense
on hardware-restircted platforms, but not on x86_64, where CPUs with
more than 8 cores can be easily acquired and with less physical limitaions.

see also: https://forum.openwrt.org/t/x86-64-8-cpu-limitation-on-vanilla-release/100946

Signed-off-by: Edgar Su <sjs333@outlook.com>
(cherry picked from commit df554e6fcab171ec499d8fb2ed10a0da328323f3)

2 months agofritz-tools: fix returning wrong values due to strncmp usage
Daniel Kestrel [Sun, 25 Jul 2021 18:32:05 +0000 (20:32 +0200)]
fritz-tools: fix returning wrong values due to strncmp usage

When having two keys that start with the same characters and the second
key just has one character more nand_tffs_read and tffs_read return the
wrong value for the longer key. This is due to the usage of strncmp in
combination with the length of the shorter key which is usually first in
the list before the longer key and when strncmp matches, the search is
stopped. The problem only occurs when the length of the two keys is
different, not if just the last character is different. The fix is to
use strcmp and as such it will only return the value if the key (name)
and the key to look for (namefilter) have the same value and length. A
sample case returning wrong values is when keys macwlan and macwlan2 are
defined and querying macwlan2 returns the value for macwlan.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
(cherry picked from commit 12564c5b860f9849c9a2fb7026c2c11150b9a4fc)

2 months agombedtls: update to 2.16.11
Rosen Penev [Tue, 13 Jul 2021 20:27:09 +0000 (13:27 -0700)]
mbedtls: update to 2.16.11

Switched to AUTORELEASE to avoid manual increments.

Release notes:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.11

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit fcfd741eb83520e496eb09de5f8b2f2b62792a80)

2 months agomvebu: armada-37xx: add patch to forbid cpufreq for 1.2 GHz
Josef Schlehofer [Tue, 27 Jul 2021 11:22:31 +0000 (13:22 +0200)]
mvebu: armada-37xx: add patch to forbid cpufreq for 1.2 GHz

This patch is backported from linux-arm-kernel [1] to improve situation, when
it was reported that 1.2 GHz variant is unstable with DFS.
It waits to be accepted upstream, however, it waits for Marvell people to respond.

[1] https://patchwork.kernel.org/project/linux-arm-kernel/patch/20210630225601.6372-1-kabel@kernel.org/

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit d3794768177293f584cc74f90c921276793da1e7)

2 months agoRevert "mvebu: 5.4 fix DVFS caused random boot crashes"
Josef Schlehofer [Tue, 27 Jul 2021 11:22:30 +0000 (13:22 +0200)]
Revert "mvebu: 5.4 fix DVFS caused random boot crashes"

Based on the discussion on the mailing list [1], the patch which was
reverted, it reverts only one patch without the subsequent ones.

This leads to the SoC scaling issue not using a CPU parent clock, but
it uses DDR clock. This is done for all variants, and it's wrong because
commits (hacks) that were using the DDR clock are no longer in the mainline kernel.

If someone has stability issues on 1.2 GHz, it should not affect all
routers (1 GHz, 800 MHz) and it should be rather consulted with guys, who are trying to
improve the situation in the kernel and not making the situation worse.

There are two solutions in cases of instability:
a) disable cpufreq
b) underclock it up to 1 GHz

This reverts commit 080a0b74e39d159eecf69c468debec42f28bf4d8.

[1] https://lists.openwrt.org/pipermail/openwrt-devel/2021-June/035702.html

CC: Pali Rohár <pali@kernel.org>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 7b868fe04a8961048feec1143e72fe47bde52a12)

2 months agodnsmasq: reset EXTRA_MOUNT in the right place
Daniel Golle [Sun, 1 Aug 2021 14:05:18 +0000 (15:05 +0100)]
dnsmasq: reset EXTRA_MOUNT in the right place

EXTRA_MOUNT variable should be reset in dnsmasq_start() rather than
just once at the beginning of the script.

Fixes: ac4e8aa2f8 ("dnsmasq: fix more dnsmasq jail issues")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ddc8d085f39dea998f59680fb556ca72d779a3b1)

2 months agodnsmasq: fix more dnsmasq jail issues
Daniel Golle [Sun, 1 Aug 2021 10:25:41 +0000 (11:25 +0100)]
dnsmasq: fix more dnsmasq jail issues

 * remove superflus mounts of /dev/null and /dev/urandom
 * reset EXTRA_MOUNTS at the beginning of the script
 * add mount according to ignore_hosts_dir
 * don't add mount for file which is inside a directory already in the
   EXTRA_MOUNTS list

Fixes: 59c63224e1 ("dnsmasq: rework jail mounts")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ac4e8aa2f8d98158ea7b749f877269f1f5fa9c5a)

2 months agodnsmasq: rework jail mounts
Daniel Golle [Sun, 1 Aug 2021 02:33:52 +0000 (03:33 +0100)]
dnsmasq: rework jail mounts

 * split into multiple lines to improve readability
 * use EXTRA_MOUNT for addnhosts instead of blindly adding /tmp/hosts
 * remove no longer needed mount for /sbin/hotplug-call
 * add dhcp-script.sh dependencies (jshn, ubus)

Fixes: 3a94c2ca5c ("dnsmasq: add /tmp/hosts/ to jail_mount")
Fixes: aed95c4cb8 ("dnsmasq: switch to ubus-based hotplug call")
Reported-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 59c63224e11d6c4eca27131a73bf16218e47a271)

2 months agodnsmasq: use local option for local domain parameter
Kevin Darbyshire-Bryant [Thu, 1 Jul 2021 18:50:22 +0000 (19:50 +0100)]
dnsmasq: use local option for local domain parameter

'--local' is a synonym for '--server' so let's use '--local' in the
resultant config file for uci's 'local' instead of uci's local
parameter being turned into '--server'.  Slightly less confusion all
round.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit e4cfefa9fc3d22da5705b554785ba9c533c373d0)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 months agodnsmasq: add ignore hosts dir to dnsmasq init script
João Henriques [Sun, 18 Apr 2021 22:41:30 +0000 (23:41 +0100)]
dnsmasq: add ignore hosts dir to dnsmasq init script

When running multiple instances of dnsmasq, for example one being for the lan
and another for a guest network, it might not be desirable to have the same dns names
configured in both networks

Signed-off-by: João Henriques <joaoh88@gmail.com>
(cherry picked from commit e8a5670122e04574fdb5855ecd63d18f317c5bfd)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 months agoOpenWrt v21.02.0-rc4: revert to branch defaults
Hauke Mehrtens [Sun, 1 Aug 2021 17:39:03 +0000 (19:39 +0200)]
OpenWrt v21.02.0-rc4: revert to branch defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 months agoOpenWrt v21.02.0-rc4: adjust config defaults v21.02.0-rc4
Hauke Mehrtens [Sun, 1 Aug 2021 17:38:53 +0000 (19:38 +0200)]
OpenWrt v21.02.0-rc4: adjust config defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 months agokernel: bump 5.4 to 5.4.137
Hauke Mehrtens [Thu, 29 Jul 2021 20:42:38 +0000 (22:42 +0200)]
kernel: bump 5.4 to 5.4.137

Manually rebased
  generic/pending-5.4/680-NET-skip-GRO-for-foreign-MAC-addresses.patch

All others updated automatically.

Compile-tested on: ramips/mt7621, armvirt/32
Runtime-tested on: ramips/mt7621, armvirt/32

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 months agoramips: mt76x8: add missing config symbol
David Bauer [Thu, 29 Jul 2021 20:58:57 +0000 (22:58 +0200)]
ramips: mt76x8: add missing config symbol

PWM_MEDIATEK was not defined, breaking builds for the mt76x8 subtarget.

Signed-off-by: David Bauer <mail@david-bauer.net>
2 months agox86: move Kconfig symbol to common config
David Bauer [Thu, 29 Jul 2021 20:58:09 +0000 (22:58 +0200)]
x86: move Kconfig symbol to common config

This is required for all x86 targets. x86-legacy missed this config
symbol, breaking the build.

Signed-off-by: David Bauer <mail@david-bauer.net>
2 months agogeneric: add missing Kconfig symbol
David Bauer [Thu, 29 Jul 2021 20:57:24 +0000 (22:57 +0200)]
generic: add missing Kconfig symbol

Fixes build errors for sunxi as well as rockchip targets.

Signed-off-by: David Bauer <mail@david-bauer.net>
2 months agoath79: fix JT-OR750i switch LED assignment
David Bauer [Wed, 28 Jul 2021 12:17:13 +0000 (14:17 +0200)]
ath79: fix JT-OR750i switch LED assignment

The LEDs for LAN1 and LAN3 were swapped. Link on port 1 would illuminate
the LED on port 3 and vice versa.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f0a885ed8636b9762d12f2eb2755f63297ff0cb5)

2 months agoath79: enable missing pinmux for JT-OR750i
David Bauer [Wed, 28 Jul 2021 11:52:22 +0000 (13:52 +0200)]
ath79: enable missing pinmux for JT-OR750i

Without explicit configuration of these pins the ethernet as well as
status LED of the device do not work correctly.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4feb9a4211d4c8e118e6b8f01fa0bbd4eab5d35c)

2 months agoath79: add support for Joy-IT JT-OR750i
Vincent Wiemann [Sun, 20 Jun 2021 14:56:21 +0000 (16:56 +0200)]
ath79: add support for Joy-IT JT-OR750i

Specifications:
 * QCA9531, 16 MiB flash (Winbond W25Q128JVSQ), 128 MiB RAM
 * 802.11n 2T2R (external antennas)
 * QCA9887, 802.11ac 1T1R (connected with diplexer to one of the antennas)
 * 3x 10/100 LAN, 1x 10/100 WAN
 * UART header with pinout printed on PCB

Installation:
 * The device comes with a bootloader installed only
 * The bootloader offers DHCP and is reachable at http://10.123.123.1
 * Accept the agreement and flash sysupgrade.bin
 * Use Firefox if flashing does not work

TFTP recovery with static IP:
 * Rename sysupgrade.bin to jt-or750i_firmware.bin
 * Offer it via TFTP server at 192.168.0.66
 * Keep the reset button pressed for 4 seconds after connecting power

TFTP recovery with dynamic IP:
 * Rename sysupgrade.bin to jt-or750i_firmware.bin
 * Offer it via TFTP server with a DHCP server running at the same address
 * Keep the reset button pressed for 6 seconds after connecting power

Co-authored-by: Sebastian Schaper <openwrt@sebastianschaper.net>
Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
(cherry picked from commit 55b4b3655263984b92e4b9fc515a5e6b8003c655)

2 months agonetifd: update to the latest version
Felix Fietkau [Mon, 26 Jul 2021 18:42:48 +0000 (20:42 +0200)]
netifd: update to the latest version

440eb0647708 bridge: fix regression in bringing up bridge ports

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 39f81b0bf687017b4d086255c94166e662ac177e)

2 months agonetifd: update to the latest version
Felix Fietkau [Sun, 25 Jul 2021 04:26:20 +0000 (06:26 +0200)]
netifd: update to the latest version

85f01c44a950 bridge: check bridge port vlan membership on link-up events
17e453bd68b4 wireless: add back regular virtual interfaces on hotplug-add events as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 2801fe6132c4e2e364e2d5a304594185351b501b)

2 months agoglibc: update to latest 2.33 HEAD (bug 28011)
Hans Dedecker [Tue, 13 Jul 2021 19:21:33 +0000 (21:21 +0200)]
glibc: update to latest 2.33 HEAD (bug 28011)

b5711025bc x86_64: Remove unneeded static PIE check for undefined weak diagnostic
edfd11197e wordexp: handle overflow in positional parameter number (bug 28011)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 9d2dcc83128a035262bf15b8bbd1f57622465b42)

2 months agoglibc: update to latest 2.33 HEAD (BZ #27646, bug 27896, BZ #15271)
Hans Dedecker [Sun, 27 Jun 2021 13:29:25 +0000 (15:29 +0200)]
glibc: update to latest 2.33 HEAD (BZ #27646, bug 27896, BZ #15271)

58b90461ae elf: Use _dl_catch_error from base namespace in dl-libc.c [BZ #27646]
8c06748c51 Fix use of __pthread_attr_copy in mq_notify (bug 27896)
4b6be914bd Use __pthread_attr_copy in mq_notify (bug 27896)
f4cba6ca1e dlfcn: Failures after dlmopen should not terminate process [BZ #15271]

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit f033d5ad1c28e07eb6de2ce3ea8650dc7080d6d0)

2 months agodnsmasq: distinct Ubus names for multiple instances
Etan Kissling [Sun, 27 Jun 2021 22:02:46 +0000 (22:02 +0000)]
dnsmasq: distinct Ubus names for multiple instances

Currently, when using multiple dnsmasq instances they are all assigned
to the same Ubus instance name. This does not work, as only a single
instance can register with Ubus at a time. In the log, this leads to
`Cannot add object to UBus: Invalid argument` error messages.
Furthermore, upstream 3c93e8eb41952a9c91699386132d6fe83050e9be changes
behaviour so that instead of the log, dnsmasq exits at start instead.

With this patch, all dnsmasq instances are assigned unique names so that
they can register with Ubus concurrently. One of the enabled instances
is always assigned the previous default name "dnsmasq" to avoid breaking
backwards compatibility with other software relying on that default.
Previously, a random instance got assigned that name (while the others
produced error logs). Now, the first unnamed dnsmasq config section is
assigned the default name. If there are no unnamed dnsmasq sections the
first encountered named dnsmasq config section is assigned instead.

A similar issue exists for Dbus and was similarly addressed.

Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
[tweaked commit message] dnsmasq was not crashing it is exiting
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit ba5bd8e556b2e7573d27b16e005ba287e066f795)

2 months agokernel: bump 5.4 to 5.4.132
Hauke Mehrtens [Sun, 18 Jul 2021 21:51:48 +0000 (23:51 +0200)]
kernel: bump 5.4 to 5.4.132

Manually rebased
  layerscape/patches-5.4/805-display-0002-drm-rockchip-prepare-common-code-for-cdns-and-rk-dpi.patch

All others updated automatically.

Compile-tested on: ramips/mt7621
Runtime-tested on: ramips/mt7621

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 months agodnsmasq: add /tmp/hosts/ to jail_mount
Nick Hainke [Sun, 18 Jul 2021 13:32:44 +0000 (15:32 +0200)]
dnsmasq: add /tmp/hosts/ to jail_mount

Programs like the olsr-name-plugin write hostname files to "/tmp/hosts/".
If you don't add this to the jail_mount, dnsmasq can't read it anymore.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 3a94c2ca5cf7c11ca150fa3ae884e7be8d07a281)

2 months agoodhcpd: fix invalid DHCPv6 ADVERTSIE with small configured leasetime (FS#3935)
Hans Dedecker [Sun, 18 Jul 2021 17:27:57 +0000 (19:27 +0200)]
odhcpd: fix invalid DHCPv6 ADVERTSIE with small configured leasetime (FS#3935)

bc9d317 dhcpv6-ia: fix invalid preferred lifetime

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 033d5ff25eaf4facbaab09153982e7321fe282e6)

3 months agoipq40xx: fix FRITZRepeater 1200 RGMII delay
David Bauer [Sat, 17 Jul 2021 18:04:29 +0000 (20:04 +0200)]
ipq40xx: fix FRITZRepeater 1200 RGMII delay

When the AVM FRITZ!Repeater 1200 was introduced on Kernel 4.19, the
at803x PHY driver incorrectly set up the delays, not disabling delays
set by the bootloader.

The PHY was always operating with RX as well as TX delays enabled, but
with kernel 5.4 and later, the required TX delay is disabled, breaking
ethernet operation.

Correct the PHY mode, so the driver enables both delays.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f9d18281051c894eacd40f10c10b430c6c9082ad)

3 months agonetifd: update to the latest version
Felix Fietkau [Wed, 14 Jul 2021 13:31:41 +0000 (15:31 +0200)]
netifd: update to the latest version

7f24a063475e vlan: fix device vlan alias handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit d1a812c49b57636efcb9ef6f5f0aff4f11eb6b36)

3 months agompc85xx: add missing Kconfig symbols
David Bauer [Tue, 13 Jul 2021 20:18:37 +0000 (22:18 +0200)]
mpc85xx: add missing Kconfig symbols

Signed-off-by: David Bauer <mail@david-bauer.net>
3 months agonetifd: update to the latest version
Felix Fietkau [Fri, 4 Jun 2021 07:11:37 +0000 (09:11 +0200)]
netifd: update to the latest version

61a71e5e49c3 bridge: dynamically create vlans for hotplug members
cb6ee9608e10 bridge: fix dynamic delete of hotplug vlans
7f199050f395 wireless: pass the real network ifname to the setup script
50381d0a2998 bridge: allow adding/removing VLANs to configured member ports via hotplug
f12b073c0cc3 wireless: add some comments to functions
b0d090688302 bridge: fix setting pvid for updated vlans
ff3764ce28e0 device: move hotplug handling logic from system-linux.c to device.c
16bff892f415 ubus: add a dummy mode ubus call to simulate hotplug events
7f30b02013f2 examples: make dummy wireless vif names shorter
013a1171e9b0 device: do not treat devices with non-digit characters after . as vlan devices
f037b082923a wireless: handle WDS per-sta devices
db0fa24e1c17 bridge: fix enabling hotplug-added VLANs on the bridge port
4e92ea74273f bridge: bring up pre-existing vlans on hotplug as well
1f283c654aeb bridge: fix hotplug vlan overwrite on big-endian systems

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 1236cbe30cec8e3e8246237005140596f8611ce9)

3 months agomediatek: add missing config symbols
David Bauer [Mon, 12 Jul 2021 21:24:33 +0000 (23:24 +0200)]
mediatek: add missing config symbols

Signed-off-by: David Bauer <mail@david-bauer.net>
3 months agogeneric: add missing config symbols
David Bauer [Mon, 12 Jul 2021 21:22:14 +0000 (23:22 +0200)]
generic: add missing config symbols

Signed-off-by: David Bauer <mail@david-bauer.net>
3 months agoiwinfo: move device info into -data package
Jo-Philipp Wich [Sun, 11 Jul 2021 13:59:48 +0000 (15:59 +0200)]
iwinfo: move device info into -data package

Backport upstream patch a0a0e02 ("iwinfo: rename hardware.txt to devices.txt")
and split devices.txt (former hardware.txt) into a common libiwinfo-data
package to allow different libiwinfo versions to coexist without file
clashes.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit c13d7c82aa4cd2cbf1f61bad857cd01b795318e3)

3 months agobuild: ensure that dash isn't prepended twice to abi version suffix
Jo-Philipp Wich [Tue, 15 Jun 2021 07:54:45 +0000 (09:54 +0200)]
build: ensure that dash isn't prepended twice to abi version suffix

The ABIV_$(pkgname) variable already is formatted so return it as-is from
the GetABISuffix macro and only filter through FormatABISuffix if we read
the raw ABI version value from a version stamp file.

This ensures that binary intra-package dependencies on ABI versioned
libraries are properly formatted.

Ref: https://github.com/openwrt/packages/issues/15871
Fixes: f6a03bff5b ("build: prepend ABI suffixes with a dash if package name ends with digit")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit fbb9b1f8ed0d8a76dd989cc6c16a4e0fda2b6e74)

3 months agobuild: prepend ABI suffixes with a dash if package name ends with digit
Jo-Philipp Wich [Mon, 14 Jun 2021 12:58:37 +0000 (14:58 +0200)]
build: prepend ABI suffixes with a dash if package name ends with digit

Ensure that ABI suffixes are separated with a dash from the package name if
the name happens to end with a digit. This implementation detail got lost
during the recent refactoring of the ABI_VERSION handling in buildroot.

Ref: https://github.com/openwrt/packages/pull/14237#issuecomment-860473585
Fixes: c921650382 ("build: drop ABI version from metadata")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit f6a03bff5bccdbf9165087bccbb35095903d05c6)

3 months agoath79: add missing MTD_NAND_RB91X symbol
Koen Vandeputte [Fri, 9 Jul 2021 11:50:57 +0000 (13:50 +0200)]
ath79: add missing MTD_NAND_RB91X symbol

Looks like the symbol was forgotten for 5.4

Fixes: 820e660cd7 ("ath79: add NAND driver for MikroTik RB91xG series")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 52c27dab1973d523453fc1e319d8636e1cb10927)

3 months agoath79: add missing GPIO_LATCH symbol
David Bauer [Mon, 21 Jun 2021 21:50:05 +0000 (23:50 +0200)]
ath79: add missing GPIO_LATCH symbol

Fixes commit 7b8931678c36 ("ath79: add gpio-latch driver for MikroTik RouterBOARDs")

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f2f137593eb6c0e849352e85c003c91f8be81dd1)

3 months agoath79: mikrotik: fix beeper phantom noise on RB912
Koen Vandeputte [Mon, 28 Jun 2021 08:57:21 +0000 (10:57 +0200)]
ath79: mikrotik: fix beeper phantom noise on RB912

Analysis done by Denis Kalashnikov:

It seems that some ROS versions on some routerboard models have this bug:
after silence boot (no output to uart, no beeps) beeper clicks when wireless traffic is.

https://forum.mikrotik.com/viewtopic.php?f=3&t=92269
https://forum.mikrotik.com/viewtopic.php?t=63399

From these links:

1)
Hello, I have RB951G-2HnD and I noticed strange thing
when I loaded the device with some wireless traffic it
produced strange sound - like hissing, fizzing etc.

2)
Same problem still on 6.33, with silent boot enabled
I hear buzzing noise on wireless load.

3)
The sound is fixed in v5.19, it was a bug that caused beeper to make clicks.

It also got fixed in RouterOS:

* What's new in 5.19 (2012-Jul-16 10:51):
fix ticking sound on RB411UAHL;

* What's new in 6.38.3 (2017-Feb-07 09:52):
rb3011 - fixed noise from buzzer after silent boot;

I've checked with an oscilloscope that:
* When on the ssr beeper pin is 0,
  on the beeper itself is 1 (~5V),
  and when on the ssr beeper pin is 1,
  on the beeper is 0
  The beeper doesn't consume power,
  so 1 should be a default/idle value for the ssr beeper pin).
* When there is wireless traffic (ping packets)
  in the background and the beeper clicks, I see
  pulses on the beeper itself,
  but no pulses on the ssr beeper pin (Q5 pin of 74hc595).
  When I manually toggle the ssr beeper pin I see pulses on both.
  So, it is likely that the phantom beeper clicks are caused by the EMI.

Suggested-by: Denis Kalashnikov <denis281089@gmail.com>
Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit a58bcc9e673db3c6aa39f2089d216d51c8356418)

3 months agoath79: ar934x: fix mounting issues if subpage is not supported
Koen Vandeputte [Mon, 17 May 2021 15:52:53 +0000 (17:52 +0200)]
ath79: ar934x: fix mounting issues if subpage is not supported

Currently, the option to disable subpage writing is only set
when a HW ECC engine is used.

Some boards lack a HW ECC engine and use software for that.
In this case, this NAND option does not get set when the NAND chip
does not support it, resulting in mounting errors.

Move the setting of this option to a generic init location so it
gets set for all types where required.

While at it, also OR the option instead of just setting it
so we don't overwrite potential flags being set somewhere else.

Before:

[    1.681273] UBI: auto-attach mtd2
[    1.684669] ubi0: attaching mtd2
[    1.688877] ubi0 error: validate_ec_hdr: bad VID header offset 2048, expected 512
[    1.696469] ubi0 error: validate_ec_hdr: bad EC header
[    1.701712] Erase counter header dump:
[    1.705512]  magic          0x55424923
[    1.709322]  version        1
[    1.712330]  ec             1
[    1.715331]  vid_hdr_offset 2048
[    1.718610]  data_offset    4096
[    1.721880]  image_seq      1462320675
[    1.725680]  hdr_crc        0x12255a15

After:

    1.680917] UBI: auto-attach mtd2
[    1.684308] ubi0: attaching mtd2
[    2.954504] random: crng init done
[    3.142813] ubi0: scanning is finished
[    3.163455] ubi0: attached mtd2 (name "ubi", size 124 MiB)
[    3.169069] ubi0: PEB size: 131072 bytes (128 KiB), LEB size: 126976 bytes
[    3.176037] ubi0: min./max. I/O unit sizes: 2048/2048, sub-page size 2048
[    3.182942] ubi0: VID header offset: 2048 (aligned 2048), data offset: 4096
[    3.190013] ubi0: good PEBs: 992, bad PEBs: 0, corrupted PEBs: 0
[    3.196102] ubi0: user volume: 3, internal volumes: 1, max. volumes count: 128
[    3.203434] ubi0: max/mean erase counter: 2/0, WL threshold: 4096, image sequence number: 1462320675
[    3.212700] ubi0: available PEBs: 0, total reserved PEBs: 992, PEBs reserved for bad PEB handling: 20
[    3.222124] ubi0: background thread "ubi_bgt0d" started, PID 317
[    3.230246] block ubiblock0_1: created from ubi0:1(rootfs)
[    3.235819] ubiblock: device ubiblock0_1 (rootfs) set to be root filesystem
[    3.256830] VFS: Mounted root (squashfs filesystem) readonly on device 254:0.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry-picked from commit 6561ca1fa510003a19ea7f8800535f12e5098ce2)

3 months agoath79: add support for MikroTik RouterBOARD 912UAG-2HPnD
Denis Kalashnikov [Thu, 27 May 2021 08:16:46 +0000 (11:16 +0300)]
ath79: add support for MikroTik RouterBOARD 912UAG-2HPnD

This board has been supported in the ar71xx.

Links:
* https://mikrotik.com/product/RB912UAG-2HPnD
* https://openwrt.org/toh/hwdata/mikrotik/mikrotik_rb912uag-2hpnd

This also supports the 5GHz flavour of the board.

Hardware:
* SoC: Atheros AR9342,
* RAM: DDR 64MB,
* SPI NOR: 64KB,
* NAND: 128MB,
* Ethernet: x1 10/100/1000 port with passive POE in,
* Wi-Fi: 802.11 b/g/n,
* PCIe,
* USB: 2.0 EHCI controller, connected to mPCIe slot and a Type-A
  port -- both can be used for LTE modem, but only one can be
  used at any time.
* LEDs: 5 general purpose LEDs (led1..led5), power LED, user LED,
  Ethernet phy LED,
* Button,
* Beeper.

Not working:
* Button: it shares gpio line 15 with NAND ALE and NAND IO7,
  and current drivers doesn't easily support this configuration,
* Beeper: it is connected to bit 5 of a serial shift register
  (tested with sysfs led trigger timer). But kmod-gpio-beeper
  doesn't work -- we left this as is for now.

Flashing:
* Use the RouterBOARD Reset button to enable TFTP netboot,
boot kernel and initramfs and then perform sysupgrade.
* From ar71xx OpenWrt firmware run:
  $ sysupgrade -F /tmp/<sysupgrade.bin>
For more info see: https://openwrt.org/toh/mikrotik/common.

Co-Developed-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Denis Kalashnikov <denis281089@gmail.com>
(cherry-picked from commit 695a1cd53ca52c678b3f837deb1bf30204285360)

3 months agoath79: add NAND driver for MikroTik RB91xG series
Denis Kalashnikov [Thu, 27 May 2021 08:16:45 +0000 (11:16 +0300)]
ath79: add NAND driver for MikroTik RB91xG series

Main part is copied from ar71xx original driver rb91x_nand
written by Gabor Juhos <juhosg@openwrt.org>.

What is done:
* Support of kernel 5.4 and 5.10,
* DTS support,
* New gpio API (gpiod_*) support.

Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Denis Kalashnikov <denis281089@gmail.com>
(cherry-picked from commit 820e660cd7463aa6d5ed9d31baf0f3c35596ce57)

3 months agoath79: add gpio-latch driver for MikroTik RouterBOARDs
Denis Kalashnikov [Thu, 27 May 2021 08:16:44 +0000 (11:16 +0300)]
ath79: add gpio-latch driver for MikroTik RouterBOARDs

This is a slighty modified version of ar71xx gpio-latch driver
written by Gabor Juhos <juhosg@openwrt.org>.

Changes:
* DTS support,
* New gpio API (gpiod_*).

Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Denis Kalashnikov <denis281089@gmail.com>
(cherry-picked from commit 7b8931678c36c8d8c333b446258a653b1358bf70)

3 months agohostapd: make wnm_sleep_mode_no_keys configurable
Timo Sigurdsson [Tue, 15 Jun 2021 21:09:41 +0000 (23:09 +0200)]
hostapd: make wnm_sleep_mode_no_keys configurable

In the aftermath of the KRACK attacks, hostapd gained an AP-side workaround
against WNM-Sleep Mode GTK/IGTK reinstallation attacks. WNM Sleep Mode is not
enabled by default on OpenWrt, but it is configurable through the option
wnm_sleep_mode. Thus, make the AP-side workaround configurable as well by
exposing the option wnm_sleep_mode_no_keys. If you use the option
wpa_disable_eapol_key_retries and have wnm_sleep_mode enabled, you might
consider using this workaround.

Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
[bump PKG_RELEASE]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit bf98faaac8ed24cf7d3d93dd4fcd7304d109363b)

3 months agohostapd: make country3 option configurable
Timo Sigurdsson [Tue, 15 Jun 2021 21:08:56 +0000 (23:08 +0200)]
hostapd: make country3 option configurable

The country3 option in hostapd.conf allows the third octet of the country
string to be set. It can be used e.g. to indicate indoor or outdoor use (see
hostapd.conf for further details). Make this option configurable but optional
in OpenWrt.

Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
[bump PKG_RELEASE, rebase]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 9f09c1936a4a13b67fcba632f7ca02331f685359)
Signed-off-by: Paul Spooren <mail@aparcar.org>
3 months agoltq-deu: Mark lantiq DEU broken
Hauke Mehrtens [Sat, 26 Jun 2021 22:52:50 +0000 (00:52 +0200)]
ltq-deu: Mark lantiq DEU broken

When the ltq_deu_vr9 kernel module is loaded, hostapd does not start any
more. It fails with this error message:
daemon.err hostapd: nl80211: kernel reports: key addition failed
daemon.err hostapd: Interface initialization failed

OpenWrt uses the standard Linux crypto API in the wifi drivers now
and this probably makes the system offload more crypto operations to
special hardware like the Lantiq DEU. There is probably a bug in the DEU
and these operations fail and then hostapd does not start the interface.

Do not include the Lantiq DEU by default any more.

Fixes: FS#3901
Fixes: 53b6783907f3 ("mac80211: remove patches stripping down crypto support")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Tested-by: Notupus <notpp46@gmail.com>
(cherry-picked from commit 964863bb23999a1fae99b883053cc4f3c5c42b40)

3 months agoiwinfo: build with nl80211 backend only and make shared
Jo-Philipp Wich [Fri, 2 Jul 2021 16:04:17 +0000 (18:04 +0200)]
iwinfo: build with nl80211 backend only and make shared

Drop support for building the obsolete broadcom-wl backend and always
forcibly enable the nl82011 support. This allows us to make the package
shared again since no target specific compilation is happening anymore.

This will solve various repository coherency issues related to unavailable
libiwinfo versions in the long run.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5a1065758b88b568a04a50189400321601904bdf)

3 months agotreewide: unmark selected packages nonshared
Petr Štetiar [Fri, 2 Jul 2021 16:00:09 +0000 (18:00 +0200)]
treewide: unmark selected packages nonshared

This partially reverts changes done in commit 72cc44958ef4 ("treewide:
mark selected packages nonshared") as it removes the nonshared flag, but
keeps the PKG_RELEASE as the PKG_RELEASE bump while adding nonshared
flag was incorrect.

Unmark uci, ubus, libubox, lua, libnl-tiny and libjson-c as nonshared
packages as this fix attempt didn't worked out. Currently the
imagebuilder is broken again:

 openwrt-imagebuilder-21.02.0-rc3-ipq40xx-generic.Linux-x86_64$ make image PROFILE=avm_fritzbox-7530 PACKAGES=luci-ssl-openssl
 ...
 Collected errors:
  * pkg_hash_check_unresolved: cannot find dependency libiwinfo20210430 for luci-mod-status
  * pkg_hash_fetch_best_installation_candidate: Packages for luci-mod-status found, but incompatible with the architectures configured
  * pkg_hash_check_unresolved: cannot find dependency libiwinfo20210430 for rpcd-mod-iwinfo
  * pkg_hash_fetch_best_installation_candidate: Packages for rpcd-mod-iwinfo found, but incompatible with the architectures configured
  * satisfy_dependencies_for: Cannot satisfy the following dependencies for luci-ssl-openssl:
  *  libiwinfo20210430
  * opkg_install_cmd: Cannot install package luci-ssl-openssl.

Everything because iwinfo's ABI was changed two times since rc3 release:

 +IWINFO_ABI_VERSION:=20210430
 +IWINFO_ABI_VERSION:=20210420

Since iwinfo is marked as nonshared, it wasn't built by phase2 builders, but
luci-mod-status was already updated 2 times since rc3 and was thus rebuilt by
phase2 builders:

 d1d452ed2fb3 luci-mod-status: don't set '-' hostname when creating static lease
 95b3633055c1 luci-mod-status: switch to html table for wlan channel analysis

So now luci-mod-status depends on libiwinfo20210430 but only
libiwinfo20210106 can be downloaded. This is first part of the fix, in
the upcoming commit Jo is going to remove nonshared flag from iwinfo
package as well.

References: https://lists.infradead.org/pipermail/openwrt-devel/2021-July/035736.html
References: https://lists.infradead.org/pipermail/openwrt-devel/2021-July/035741.html
Acked-by: Jo-Philipp Wich <jo@mein.io>
Reported-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 8307da3dbdaff13d5ce99f8aefa32f5b7a2e18e6)

3 months agoath10k-ct: fix typo in Makefile
Michael Yartys [Mon, 21 Jun 2021 11:37:20 +0000 (13:37 +0200)]
ath10k-ct: fix typo in Makefile

Add forgotten colon to Makefile.

Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
(cherry picked from commit f0f1d68d528402b4d51a1dd08d2e2c9034167f92)

3 months agoath10k-ct: update to latest version
Michael Yartys [Thu, 3 Jun 2021 21:50:12 +0000 (23:50 +0200)]
ath10k-ct: update to latest version

Changelog:
- ath10k-ct: Add security fixes.
- ath10k-ct: Add 5.12 kernel version.
- ath10k-ct: Fix the beacon/mcast/bcast override issue
- ath10k-ct 5.7: Fix setting mcast/bcast/beacon rate from debugfs.
- ath10k-ct: Add 5.11 driver.

Delete upstreamed patch and refresh the rest. Also, use the opportunity to
set PKG_RELEASE to $(AUTORELEASE).

Runtime-tested on ipq806x (Netgear R7800).

Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
(cherry picked from commit 2e10ed925e1e07c28570731a429efa5e7de3b826)

3 months agokernel/modules: move act_gact into kmod-sched-core
DENG Qingfang [Fri, 9 Apr 2021 04:25:08 +0000 (12:25 +0800)]
kernel/modules: move act_gact into kmod-sched-core

As the name suggests, act_gact has the generic actions such as dropping
and accepting packets, so move it into kmod-sched-core.

Signed-off-by: DENG Qingfang <dqfext@gmail.com>
(cherry-picked from commit 10aacb9a6ce3445cdee39573f4120e7888beb022)

3 months agopackage/comgt: Handle bind/unbind events
Arjun AK [Thu, 16 Jul 2020 15:52:24 +0000 (21:22 +0530)]
package/comgt: Handle bind/unbind events

This script was expecting only add/remove events which has not been the
case since Kernel 4.12 (which added bind/unbind). Bind events were getting
treated as remove events which would cause hotplugged 3g modems to not
work.

More info:
https://lkml.org/lkml/2018/12/23/128
https://github.com/systemd/systemd/issues/8221

Signed-off-by: Arjun AK <arjunak234@gmail.com>
(cherry picked from commit 89ef883b92b3a87d9ab1bd289de26b9e72681dac)

3 months agoubus: update to the latest version
Felix Fietkau [Wed, 30 Jun 2021 19:57:19 +0000 (21:57 +0200)]
ubus: update to the latest version

4fc532c8a55b ubusd: fix tx_queue linked list usage

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 months agobase-files: wifi: tidy up the reconf code
Bob Cantor [Thu, 24 Jun 2021 18:48:45 +0000 (04:48 +1000)]
base-files: wifi: tidy up the reconf code

commit 5edbd390d321532d9a697d6895a1a7c71c40bd5d rearranged the
"wifi up" code.

This commit tidies up the "wifi reconf" code so as to
keep it aligned with the "wifi up" code.

branches affected: trunk, 21.02

Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit e8b54296092118fbef75de796d57799cc6c7b927)

3 months agobase-files: wifi: swap the order of some ubus calls
Bob Cantor [Thu, 24 Jun 2021 18:37:17 +0000 (04:37 +1000)]
base-files: wifi:  swap the order of some ubus calls

"/sbin/wifi up" makes three ubus calls:
1. ubus call network reload
2. ubus call network.wireless down
3. ubus call network.wireless up

The first and third ubus calls call drv_mac80211_setup,
while the second ubus call triggers wireless_device_setup_cancel,
so the call sequence becomes,

1. drv_mac80211_setup
2. wireless_device_setup_cancel
3. drv_mac80211_setup

This commit swaps the order of the first two ubus calls,
1. ubus call network.wireless down
2. ubus call network reload
3. ubus call network.wireless up

Consequently drv_mac80211_setup is only called once,
and two related bugs (#FS3784 and #FS3902) are no longer triggered
by /sbin/wifi.

branches affected: trunk, 21.02

Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit b82cc8071366b8e96904a1b52af503442069b20d)

3 months agomac80211: print an error if wifi teardown fails
Bob Cantor [Thu, 24 Jun 2021 18:14:47 +0000 (04:14 +1000)]
mac80211: print an error if wifi teardown fails

drv_mac80211_teardown fails silently if the device to be torn down is
not defined.  This commit prints an error message.

branches affected: trunk, 21.02

Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit 3933e29d1b87c713167cf4730b68e5f18af4f140)

3 months agomac80211: always call wireless_set_data (FS#3784)
Bob Cantor [Thu, 24 Jun 2021 18:07:34 +0000 (04:07 +1000)]
mac80211: always call wireless_set_data  (FS#3784)

When wifi is turned off, drv_mac80211_teardown sometimes fails (silently)
because the device to be torn down is not defined.

This situation arises if drv_mac80211_setup was called twice when
wifi was turned on.

This commit ensures that the device to be torn down is always defined
in drv_mac80211_teardown.

Steps to reproduce:

1) Use /sbin/wifi to turn on wifi.
   uci set wireless.@wifi-iface[0].disabled=0
   uci set wireless.@wifi-device[0].disabled=0
   uci commit
   wifi

2) Use /sbin/wifi to turn off wifi.
   uci set wireless.@wifi-device[0].disabled=1
   uci commit
   wifi

3) Observe that wifi is still up.

branches affected: trunk, 21.02

Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit d515f6b6cde357bf480d32a7387f07ea40e85e52)

3 months agomac80211: fix no_reload logic (FS#3902)
Bob Cantor [Thu, 24 Jun 2021 17:18:33 +0000 (03:18 +1000)]
mac80211: fix no_reload logic (FS#3902)

If drv_mac80211_setup is called twice with the same wifi configuration,
then the second call returns early with error HOSTAPD_START_FAILED.
(wifi works nevertheless, despite the fact that setup is incomplete.  But
"ubus call network.wireless status" erroneously reports that radio0 is down.)

The relevant part of drv_mac80211_setup is,

if [ "$no_reload" != "0" ]; then
        add_ap=1
        ubus wait_for hostapd
        local hostapd_res="$(ubus call hostapd config_add "{\"iface\":\"$primary_ap\", \"config\":\"${hostapd_conf_file}\"}")"
        ret="$?"
        [ "$ret" != 0 -o -z "$hostapd_res" ] && {
                wireless_setup_failed HOSTAPD_START_FAILED
                return
        }
        wireless_add_process "$(jsonfilter -s "$hostapd_res" -l 1 -e @.pid)" "/usr/sbin/hostapd" 1 1
fi

This commit sets no_reload = 0 during the second call of drv_mac80211_setup.

It is perhaps worth providing a way to reproduce the situation
where drv_mac80211_setup is called twice.

When /sbin/wifi is used to turn on wifi,
   uci set wireless.@wifi-iface[0].disabled=0
   uci set wireless.@wifi-device[0].disabled=0
   uci commit
   wifi

/sbin/wifi makes the following ubus calls,
   ubus call network reload
   ubus call network.wireless down
   ubus call network.wireless up

The first and third ubus calls both call drv_mac80211_setup,
while the second ubus call triggers wireless_device_setup_cancel.
So the call sequence becomes,

   drv_mac80211_setup
   wireless_device_setup_cancel
   drv_mac80211_setup

In contrast, when LuCI is used to turn on wifi only a single call
is made to drv_mac80211_setup.

branches affected: trunk, 21.02

Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit a29ab3b79affb62fda82e0825ed811eaf482dd3c)

3 months agomac80211: backport fix for nl80211 control port tx (fixes FS#3857)
Felix Fietkau [Wed, 30 Jun 2021 17:08:59 +0000 (19:08 +0200)]
mac80211: backport fix for nl80211 control port tx (fixes FS#3857)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit de499573006ab4f32ded9fd66a62ec5e0c183e8a)

3 months agomac80211: add support for 802.3 encap offload with software rate control
Felix Fietkau [Sun, 6 Jun 2021 18:58:33 +0000 (20:58 +0200)]
mac80211: add support for 802.3 encap offload with software rate control

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit f2c6d892cacb5d884bdd638bc7574c1ee98514a5)

3 months agomac80211: improve rate control performance
Felix Fietkau [Sun, 6 Jun 2021 18:57:39 +0000 (20:57 +0200)]
mac80211: improve rate control performance

Call rate control handler after intermediate queueuing
Includes follow-up fixes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
cherry-picked from commits:
7dd8829ef915f1c5fc728be8f8360c61ddaadf1b
a603e82dd342680d584c4eb5f1b222e056379890
8bb4437c01ca35a5ac67e391630a1b24cb52dbb7

3 months agobusybox: sysntpd: add trigger to reload server
Alexey Dobrovolsky [Sat, 5 Jun 2021 23:25:02 +0000 (02:25 +0300)]
busybox: sysntpd: add trigger to reload server

sysntpd server becomes unavailable if the index of the bound
interface changes. So let's add an interface trigger to reload sysntpd.

This patch also adds the ability for the sysntpd script to handle
uci interface name from configuration.

Fixes: 4da60500ebd2 ("busybox: sysntpd: option to bind server to iface")
Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit 88114f617ae7bffe13d19d7b9575659a3d3cd9b6)

3 months agobusybox: sysntpd: option to bind server to iface
Alexey Dobrovolsky [Tue, 23 Feb 2021 14:43:02 +0000 (17:43 +0300)]
busybox: sysntpd: option to bind server to iface

NTPD in busybox has option -I to bind server to IFACE.
However, capabilities of the busybox are limited, the -I option cannot be
repeated and only one interface can be effectively specified in it.
This option is currently not configurable via UCI.
The patch adds an interface option to the system config, ntp section.
Also sort options for uci_load_validate alphabetically.

Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
(cherry picked from commit e12fcf0fe5597467f7cc21144e5f4da60500ebd2)

3 months agoiwinfo: update to latest Git HEAD
David Bauer [Sat, 1 May 2021 22:22:56 +0000 (00:22 +0200)]
iwinfo: update to latest Git HEAD

c45f0b5 iwinfo: add 802.11ax HE rate information

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 5515c29029ce7c63b48d1af0cbb3fbdc14ca033b)

3 months agoiwinfo: update to latest Git HEAD
David Bauer [Mon, 12 Apr 2021 22:13:33 +0000 (00:13 +0200)]
iwinfo: update to latest Git HEAD

50b64a6 iwinfo: add basic IEEE 802.11ax support
70d2136 iwinfo: nl80211: perform split wiphy dump
cd23727 iwinfo: cli: fix hwmode formatting

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 6f77ce77248d6458414efafd64c72d653fc70bb8)

3 months agokernel: bump 5.4 to 5.4.128
Hauke Mehrtens [Sat, 26 Jun 2021 19:08:19 +0000 (21:08 +0200)]
kernel: bump 5.4 to 5.4.128

Manually rebased
  bcm27xx/patches-5.4/950-0089-cgroup-Disable-cgroup-memory-by-default.patch
    Replaced with patch from Raspberry Pi kernel 5.10 patches
  mvebu/patches-5.4/002-PCI-aardvark-Don-t-rely-on-jiffies-while-holding-spi.patch
    Applied upstream

All others updated automatically.

Compile-tested on: ath79/generic, lantiq/xrx200, brcm27xx
Runtime-tested on: ath79/generic, lantiq/xrx200

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 months agolibusb: Fix parsing of descriptors for multi-configuration devices
Georgi Valkov [Wed, 3 Feb 2021 07:41:54 +0000 (09:41 +0200)]
libusb: Fix parsing of descriptors for multi-configuration devices

Prerequisite patch:
Correct a typo in the Changelog and clean up a stray file

Fix changes in libusb which introduced a regression:
Commit e2be556bd2 ("linux_usbfs: Parse config descriptors during device
initialization") introduced a regression for devices with multiple
configurations. The logic that verifies the reported length of the
configuration descriptors failed to count the length of the
configuration descriptor itself and would truncate the actual length by
9 bytes, leading to a parsing error for subsequent descriptors.

Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
(cherry picked from commit 4b37e3bc2b2a079c996b6d97b8d3dbbd4ba6eb62)

3 months agobase-files: fix /tmp/TZ when zoneinfo not installed
Paul Spooren [Thu, 24 Jun 2021 17:42:53 +0000 (07:42 -1000)]
base-files: fix /tmp/TZ when zoneinfo not installed

The zoneinfo packages are not installed per default so neither
/tmp/localtime nor /tmp/TZ is generated.

This patch mostly reverts the previous fix and instead incooperates a
solution suggested by Jo.

Fixes "base-files: fix zoneinfo support " 8af62ed

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 56bdb6bb9781f8a0bbec5fc3075b9d2b8d12f9a8)

3 months agobase-files: fix zoneinfo support
Rosen Penev [Sat, 10 Apr 2021 00:22:48 +0000 (17:22 -0700)]
base-files: fix zoneinfo support

The system init script currently sets /tmp/localinfo when zoneinfo is
populated. However, zoneinfo has spaces in it whereas the actual files
have _ instead of spaces. This made the if condition never return true.

Example failure when removing the if condition:

/tmp/localtime -> /usr/share/zoneinfo/America/Los Angeles

This file does not exist. America/Los_Angeles does.

Ran through shfmt -w -ci -bn -sr -s

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 8af62ede189aa504135db05474d34c9f8a1ed35d)

3 months agoexfat: update to 5.12.3
Rosen Penev [Sun, 13 Jun 2021 04:26:17 +0000 (21:26 -0700)]
exfat: update to 5.12.3

Major changes are:
    Avoid page allocation failure from upcase table allocation.
    Add support for FITRIM.
    Improve write perofmrance on dirsync mount.
    Improve lookup perofmrance.
    Fix a bug on discard mount.

Switch to AUTORELEASE to avoid having to bump it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 months agorealtek: Fix failsafe mode
Hauke Mehrtens [Mon, 21 Jun 2021 22:45:21 +0000 (00:45 +0200)]
realtek: Fix failsafe mode

The RTL8380-RTL9300 switches only forward packets when VLAN ID 1 is
configured. Do not use the standard failsafe configuration for DSA
accessing the default port directly, but configure a switch on the lan1
interface instead.

This will add the VLAN ID 1 configuration to the switch:
$ bridge vlan show
port              vlan-id
lan1              1 PVID Egress Untagged
switch            1 PVID Egress Untagged

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b7ee0786b56d1088c195fe7c1cdb1ad7d20c9245)

3 months agobase-files: failsafe: Remove the VLAN modifier from interface name
Hauke Mehrtens [Mon, 21 Jun 2021 22:45:20 +0000 (00:45 +0200)]
base-files: failsafe: Remove the VLAN modifier from interface name

Some interfaces have a VLAN modifier like :t in lan1:t, this modifier
should be removed from the interface before calling preinit_ip_config().

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 790561d5109ef81537fdb8ceb8eb183c0cab077c)

3 months agobase-files: failsafe: Fix IP configuration
Hauke Mehrtens [Mon, 21 Jun 2021 22:45:19 +0000 (00:45 +0200)]
base-files: failsafe: Fix IP configuration

Adapt the preinit_config_board() to the board.json network changes. It
now looks for the device and the ports variables to configure the LAN
network.

This works with swconfig configurations.

Fixes: FS#3866
Fixes: d42640e389a8 ("base-files: use "ports" array in board.json network for bridges")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 467cd378db3359814866ec4121fdb4417783241e)

3 months agokernel: Backport patch to automatically bring up DSA master when opening user port
Hauke Mehrtens [Mon, 21 Jun 2021 22:45:18 +0000 (00:45 +0200)]
kernel: Backport patch to automatically bring up DSA master when opening user port

Without this patch we have to manually bring up the CPU interface in
failsafe mode.

This was backported from kernel 5.12.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 2e17c710954bd3506467d700dee23757b138fedd)

3 months agokernel-5.4: backport latest patches for wireguard
Jason A. Donenfeld [Sun, 6 Jun 2021 10:37:53 +0000 (12:37 +0200)]
kernel-5.4: backport latest patches for wireguard

These are the latest patches that just landed upstream for 5.13, will be
backported by Greg into 5.10 (because of stable@), and are now in the
5.4 backport branch of wireguard: https://git.zx2c4.com/wireguard-linux/log/?h=backport-5.4.y

Cc: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Tested-by: Stijn Segers <foss@volatilesystems.org>
(cherry picked from commit 2a3b2f59fec10d7c08f90f019b310db418e775bf)

3 months agohostapd: fix handling of the channel utilization options
Timo Sigurdsson [Tue, 15 Jun 2021 21:12:08 +0000 (23:12 +0200)]
hostapd: fix handling of the channel utilization options

Commit 0a7657c ("hostapd: add channel utilization as config option") added the
two new uci options bss_load_update_period and chan_util_avg_period. However,
the corresponding "config_add_int" calls for these options weren't added, so
attempting to actually use these options and change their values is bound to
fail - they always stay at their defaults. Add the missing code to actually
make these options work.

Fixes: 0a7657c ("hostapd: add channel utilization as config option")
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
(cherry picked from commit 85ce590705072be78c3ef7dc6b64e3b1facc892b)

3 months agobcm4908: fix Ethernet broken state after interface restart
Rafał Miłecki [Tue, 22 Jun 2021 05:47:18 +0000 (07:47 +0200)]
bcm4908: fix Ethernet broken state after interface restart

This fixes traffic stalls after ifdown & ifup.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f8d5bd20b31842ef7fdb740d27c70294f21c6124)

3 months agobcm4908: add kmod-gpio-button-hotplug
Rafał Miłecki [Mon, 21 Jun 2021 06:49:03 +0000 (08:49 +0200)]
bcm4908: add kmod-gpio-button-hotplug

All bcm4908 devices are expected to have GPIO buttons to make relevant
package selected by default.
This "fixes" triggering failsafe mode.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit fcfa60408c37a129b143e4928b6d86e383c2c8f6)

3 months agobase-files: fix typo in config_generate MAC check
Rafał Miłecki [Mon, 14 Jun 2021 20:29:49 +0000 (22:29 +0200)]
base-files: fix typo in config_generate MAC check

Fixes: 125deb4d783e ("base-files: set MAC for bridge ports (devices) instead of bridge itself")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 946019637ec9192450c685a61c589a9cbef7637b)

3 months agobase-files: set MAC for bridge ports (devices) instead of bridge itself
Rafał Miłecki [Mon, 14 Jun 2021 18:18:14 +0000 (20:18 +0200)]
base-files: set MAC for bridge ports (devices) instead of bridge itself

This restores the original config_generate behaviour. With MAC set for
bridged devices the bridge automatically gets its MAC adjusted (it picks
the lowest MAC of bridged devices).

This fixes confusing interfaces setup (bridge ports not having custom
MAC assigned).

Reported-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Fixes: c2139eef279e ("base-files: simplify setting device MAC")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit c8d8eb9d13fc6fc8b394a620c27995ee71d29c4d)

3 months agohostapd: wolfssl: add RNG to EC key
David Bauer [Wed, 5 May 2021 23:53:49 +0000 (01:53 +0200)]
hostapd: wolfssl: add RNG to EC key

Since upstream commit 6467de5a8840 ("Randomize z ordinates in
scalar mult when timing resistant") WolfSSL requires a RNG for
the EC key when built hardened which is the default.

Set the RNG for the EC key to fix connections for OWE clients.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit ddcb970274c011d3db611ec39350ee4704ff0e02)

3 months agowolfssl: always export wc_ecc_set_rng
David Bauer [Wed, 5 May 2021 23:48:04 +0000 (01:48 +0200)]
wolfssl: always export wc_ecc_set_rng

Since commit 6467de5a8840 ("Randomize z ordinates in scalar
mult when timing resistant") wolfssl requires a RNG for an EC
key when the hardened built option is selected.

wc_ecc_set_rng is only available when built hardened, so there
is no safe way to install the RNG to the key regardless whether
or not wolfssl is compiled hardened.

Always export wc_ecc_set_rng so tools such as hostapd can install
RNG regardless of the built settings for wolfssl.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit ef9b103107aebd1a54f4360af3d9cf28d0544f13)

3 months agoath79: don't autodetect AR8033 PHY capabilities
David Bauer [Sun, 13 Jun 2021 10:00:41 +0000 (12:00 +0200)]
ath79: don't autodetect AR8033 PHY capabilities

PHY capabilities are currently read from the fiber status page, thus
Linux won't advertise 10 / 100 Base-T operation modes, effectively
limiting operation to 1000 Base-T.

Statically set the PHYs capabilities, avoiding autodetection.

The issue itself is properly fixed kernel upstream, however backporting
efforts to OpenWrt master resulted in breaking the fiber operation for
another target.

This is currently only known to be necessary for the Ubiquiti
UniFi AC series, so enabling it in the ath79 target should not
break somewhere else.

Signed-off-by: David Bauer <mail@david-bauer.net>
3 months agobuild,json: fix generation with empty profiles
Paul Spooren [Mon, 21 Jun 2021 06:23:45 +0000 (20:23 -1000)]
build,json: fix generation with empty profiles

If the image generation doesn't add any profiles to the output the
*profile merge* will fail. To avoid that set an empty profile as
fallback.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit fd0d9909bf50f114d5e7f7cedf53e542de878a2c)

3 months agobuild: preserve profiles.json between builds
Moritz Warning [Sun, 21 Feb 2021 23:18:10 +0000 (00:18 +0100)]
build: preserve profiles.json between builds

Keep other profiles.json content if the data belongs to the current
build version.

Also useful for the ImageBuilder, which builds for a single model each
time. Without this commit the profiles.json would only contain the
latest build profile information.

Signed-off-by: Moritz Warning <moritzwarning@web.de>
[improve commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit a463b96241fbc2d142982387eaed9989e201ac7a)

3 months agoqos-scripts: add ifbN device before setting the link up
Perry Melange [Mon, 19 Apr 2021 09:17:10 +0000 (11:17 +0200)]
qos-scripts: add ifbN device before setting the link up

commit 50413e1ec83dedaea44558d5f37af5454156a46a replaced ifconfig
with ip.  In order to set a link state to up, the interface needs
to be added first.

Fixes: FS#3754

Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com>
[Add Fixes tag]
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
(cherry picked from commit 23c3bab9209f984692f8206c0d97758ee223a26f)

3 months agomac80211: fix an issue with wds links on 802.11ax devices
Felix Fietkau [Sat, 19 Jun 2021 10:16:49 +0000 (12:16 +0200)]
mac80211: fix an issue with wds links on 802.11ax devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 89c9ccc3b241d8f07c22a1c271211322c4703f7b)

3 months agoath79: use dynamic partitioning for TP-Link CPE series
Michael Pratt [Wed, 5 May 2021 03:32:00 +0000 (23:32 -0400)]
ath79: use dynamic partitioning for TP-Link CPE series

CPExxx and WBSxxx boards with AR9344 SOC
use the OKLI lzma kernel loader
with the offset of 3 blocks of length 4k (0x3000)
in order to have a fake "kernel" that cannot grow larger
than how it is defined in the now static OEM partition table.

Before recent changes to the mtdsplit driver,
the uImage parser for OKLI only supported images
that started exactly on an eraseblock boundary.

The mtdsplit parser for uImage now supports identifying images
with any magic number value
and at any offset from the eraseblock boundary
using DTS properties to define those values.

So, it is no longer necessary to use fixed sizes
for kernel and rootfs

Tested-by: Andrew Cameron <apcameron@softhome.net> [CPE510 v2]
Tested-by: Bernhard Geier <freifunk@geierb.de> [WBS210 v2]
Tested-by: Petrov <d7c48mWsPKx67w2@gmail.com> [CPE210 v1]
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 7b9a0c264cb9dc2c5a946a0aa9a290427a5e559c)