openwrt/staging/blocktrron.git
3 years agouqmi: wait forever registration if timeout set to 0
Thomas Richard [Thu, 8 Oct 2020 12:35:24 +0000 (14:35 +0200)]
uqmi: wait forever registration if timeout set to 0

Give possibility to wait forever the registration by setting timeout
option to 0.

No timeout can be useful if the interface starts whereas no network is
available, because at the end of timeout the interface will be stopped
and never restarted.

Signed-off-by: Thomas Richard <thomas.richard@kontron.com>
3 years agoRevert "refpolicy: add variant that builds modular policy"
Daniel Golle [Sun, 22 Nov 2020 15:20:35 +0000 (15:20 +0000)]
Revert "refpolicy: add variant that builds modular policy"

This reverts commit 9eb9943f82e0b2d5e32ffe1c63f5a82caca5094d.
Building the 'modular' variant requires 'semodule_package' from
'selinux-python' to be installed on the buildhost.
Apart from that, this change also broke the monolithic refpolicy
'targeted' build.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoprocd: update to git HEAD
Daniel Golle [Sun, 22 Nov 2020 03:21:51 +0000 (03:21 +0000)]
procd: update to git HEAD

 04a2edd uxc: make force-delete kill container process
 be6da62 seccomp: silence 'unknown syscall' warnings
 b22e625 jail: cgroup hack: rewrite cgroup -> cgroup2
 df7fa7b uxc: fix incomplete commit

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agotools/mpc: update to 1.2.1
Hannu Nyman [Sat, 21 Nov 2020 11:33:32 +0000 (13:33 +0200)]
tools/mpc: update to 1.2.1

Update mpc to 1.2.1

http://www.multiprecision.org/mpc/
  Bug fixes:
    Fix an incompatibility problem with GMP 6.0 and before.
    Fix an intermediate overflow in asin.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
3 years agotools/gmp: update to 6.2.1
Hannu Nyman [Sat, 21 Nov 2020 11:36:15 +0000 (13:36 +0200)]
tools/gmp: update to 6.2.1

Update gmp to 6.2.1

Release notes: https://gmplib.org/gmp6.2

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
3 years agotools/bison: update to 3.7.4
Hannu Nyman [Sat, 21 Nov 2020 11:30:34 +0000 (13:30 +0200)]
tools/bison: update to 3.7.4

Update bison to 3.7.4

Release notes:
http://git.savannah.gnu.org/cgit/bison.git/tree/NEWS?id=7a11a9308cb

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
3 years agotools/cmake: update to 3.18.5
Hannu Nyman [Sat, 21 Nov 2020 11:39:01 +0000 (13:39 +0200)]
tools/cmake: update to 3.18.5

Update cmake to 3.18.5

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
3 years agotools/expat: update to 2.2.10
Hannu Nyman [Sat, 21 Nov 2020 12:16:05 +0000 (14:16 +0200)]
tools/expat: update to 2.2.10

Update expat to 2.2.10

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
3 years agonetifd: update to the latest version
Felix Fietkau [Sat, 21 Nov 2020 09:23:54 +0000 (10:23 +0100)]
netifd: update to the latest version

351d690f1a09 wireless: fix passing bridge name for vlan hotplug pass-through
c1c2728946b5 config: initialize bridge and bridge vlans before other devices
5e18d5b9ccb1 interface: do not force link-ext hotplug interfaces to present by default
4544f026bb09 bridge-vlan: add support for defining aliases for vlan ids

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agomusl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928)
Petr Štetiar [Fri, 20 Nov 2020 12:13:27 +0000 (13:13 +0100)]
musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928)

The wcsnrtombs function in all musl libc versions up through 1.2.1 has
been found to have multiple bugs in handling of destination buffer
size when limiting the input character count, which can lead to
infinite loop with no forward progress (no overflow) or writing past
the end of the destination buffera.

This function is not used internally in musl and is not widely used,
but does appear in some applications. The non-input-limiting form
wcsrtombs is not affected.

All users of musl 1.2.1 and prior versions should apply the attached
patch, which replaces the overly complex and erroneous implementation.
The upcoming 1.2.2 release will adopt this new implementation.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agoscripts: download.pl: retry download using filename
David Bauer [Wed, 18 Nov 2020 15:02:23 +0000 (16:02 +0100)]
scripts: download.pl: retry download using filename

With this commit, the download script will try downloading source files
using the filename instead of the url-filename in case the previous
download attempt using the url-filename failed.

This is required, as the OpenWrt sources mirrors serve files using the
filename files might be renamed to after downloading. If the original
mirror for a file where url-filename and filename do not match goes
down, the download failed prior to this patch.

Further improvement can be done by performing this only for the
OpenWrt sources mirrors.

Signed-off-by: David Bauer <mail@david-bauer.net>
3 years agoimagebuilder: add package signature verification
Paul Spooren [Mon, 2 Nov 2020 22:15:05 +0000 (12:15 -1000)]
imagebuilder: add package signature verification

The ImageBuilder downloads pre-built packages and adds them to images.
This process uses `opkg` which has the capability to verify package list
signatures via `usign`, as enabled per default on running OpenWrt
devices.

Until now this was disabled for ImageBuilders because neither the `opkg`
keys nor the `opkg-add` script was present during first packagelist
update.

To harden the ImageBuilder against *drive-by-download-attacks* both keys
and verification script are added to the ImageBuilder allowing `opkg` to
verify downloaded package indices.

This commit adds `opkg-add` to the ImageBuilder scripts folder. The keys
folder is added to ImageBuilder $TOPDIR to have an obvious place for users to
store their own keys. The `option check_signature` is appended to the
repositories.conf file. All of the above only happens if the Buildbot
runs with the SIGNATURE_CHECK option.

The keys stored in the ImageBuilder keys/ are the same as included in
the openwrt-keyring package. To avoid the chicken-egg problem of
downloading and verifying a package, containing signing keys, the keys
are added during the ImageBuilder generation. They are same as in
shipped images (stored at `/etc/opkg/keys/`).

To allow a local package feed in which the user can add additional
packages, a local set of `usign` and `ucert` keys is generated, same as
building OpenWrt from source. The private key signs the local repository
inside the packages/ folder. The local public key is added to the keys/
folder to be considered by `opkg` when updating repositories. This way a
local package feed can be modified while requiring `opkg` to check
signatures for remote feed, making HTTPS optional.

The new option `ADD_LOCAL_KEY` allows to add the local key inside the
created images, adding the advantage that sysupgrades can validate the
ImageBuilders local key.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agobuild: create $(PKG_SYMVERS_DIR) if non-existent
Sebastian Kemper [Wed, 18 Nov 2020 21:58:58 +0000 (22:58 +0100)]
build: create $(PKG_SYMVERS_DIR) if non-existent

Commit 5d76065 moved the creation of the symvers directory to
include/kernel-build.mk. This is fine when building from scratch. But
when unpacking an SDK the directory doesn't exist and because the kernel
won't be built (again) this directory will not be created by the build
system, causing build failure if make tries to copy files into it.

This moves the creation of the symvers directory back into
include/kernel.mk so that the directory is created in any case.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agobase-files: generated named bridge-vlan sections
John Crispin [Thu, 19 Nov 2020 14:08:33 +0000 (15:08 +0100)]
base-files: generated named bridge-vlan sections

Signed-off-by: John Crispin <john@phrozen.org>
3 years agoramips: add support for the Hak5 WiFi Pineapple Mark 7
Marc Egerton [Fri, 2 Oct 2020 17:30:59 +0000 (18:30 +0100)]
ramips: add support for the Hak5 WiFi Pineapple Mark 7

This patch adds support for the WiFi Pineapple Mark 7, a wireless
penetration testing tool.

Specifications:
    * SoC: MediaTek MT7628 (580MHz)
    * RAM: 256MiB (DDR2)
    * Storage 1: 32MiB NOR (SPI)
    * Storage 2: 2GB eMMC
    * Wireless 1: 802.11b/g/n 2.4GHz (Built In)
    * Wireless 2: 802.11b/g/n 2.4GHz (MT7601)
    * Wireless 3: 802.11b/g/n 2.4GHz (MT7601)
    * USB: 1x USB Type-A 2.0 Host Port
    * Ethernet: 1x USB Type-C AX88772C Ethernet
    * UART: 57600 8N1 on PCB
    * Inputs: 1x Reset Button
    * Outputs: 1x RGB LED
    * FCCID: 2AA52MK7

Flash Instructions:
    Original firmware is based on OpenWRT.
    Use sysupgrade via SSH to flash.

Signed-off-by: Marc Egerton <foxtrot@realloc.me>
[pepe2k@gmail.com: set only required/used gpio groups to gpio function]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoath79: fix reset button support on 8devices Lima
Piotr Dymacz [Mon, 16 Nov 2020 00:46:49 +0000 (01:46 +0100)]
ath79: fix reset button support on 8devices Lima

This fixes 'linux,code' property name and value for the 'reset' key node
in 8devices Lima DTS file.

Problem and solution were reported on the forum, see:
https://forum.openwrt.org/t/resetbutton-not-working-ath79-8devices-lima/78810

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoath79: calculate Eth MACs from WLAN on ALFA Network R36A
Piotr Dymacz [Fri, 30 Oct 2020 13:16:08 +0000 (14:16 +0100)]
ath79: calculate Eth MACs from WLAN on ALFA Network R36A

New batches of the R36A board series might no longer keep separated
Ethernet MAC addresses stored in flash. Use same approach as on the
N2Q and calculate Ethernet MACs from WLAN one which is kept in ART.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agouboot-envtools: ath79: add support for ALFA Network Pi-WiFi4
Piotr Dymacz [Fri, 9 Oct 2020 05:31:44 +0000 (07:31 +0200)]
uboot-envtools: ath79: add support for ALFA Network Pi-WiFi4

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoath79: add support for ALFA Network Pi-WiFi4
Piotr Dymacz [Fri, 9 Oct 2020 05:30:24 +0000 (07:30 +0200)]
ath79: add support for ALFA Network Pi-WiFi4

ALFA Network Pi-WiFi4 is a Qualcomm QCA9531 v2 based, high-power 802.11n
WiFi board in Raspberry Pi 3B shape, equipped with 1x FE and 4x USB 2.0.

Specifications:

- Qualcomm/Atheros QCA9531 v2
- 650/400/200 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 16+ MB of flash (SPI NOR)
- 1x 10/100 Mbps Ethernet
- 2T2R 2.4 GHz Wi-Fi with Qorvo RFFM8228P FEM
- 2x IPEX/U.FL connectors on PCB
- 4x USB 2.0 Type-A
- Genesys Logic GL850G 4-port USB HUB
- USB power is controlled by GPIO
- 5x LED (3x on PCB, 2x in RJ45, 4x driven by GPIO)
- 1x button (reset)
- external h/w watchdog (EM6324QYSP5B, enabled by default)
- 1x micro USB Type-B for power and system console (Holtek HT42B534)
- UART and GPIO (8-pin, 1.27 mm pitch) header on PCB

Flash instruction:

You can use sysupgrade image directly in vendor firmware which is based
on LEDE/OpenWrt. Alternatively, you can use web recovery mode in U-Boot:

1. Configure PC with static IP 192.168.1.2/24.
2. Connect PC with one of RJ45 ports, press the reset button, power up
   device, wait for first blink of all LEDs (indicates network setup),
   then keep button for 3 following blinks and release it.
3. Open 192.168.1.1 address in your browser and upload sysupgrade image.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoath79: add label MAC address for ALFA Network N5Q
Piotr Dymacz [Mon, 9 Nov 2020 00:23:26 +0000 (01:23 +0100)]
ath79: add label MAC address for ALFA Network N5Q

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoscripts: add const_structs.checkpatch for checkpatch.pl
Adrian Schmutzler [Wed, 18 Nov 2020 20:45:38 +0000 (21:45 +0100)]
scripts: add const_structs.checkpatch for checkpatch.pl

Kernel has separated the structs that are reported to be const in
checkpatch.pl into a file of its own, const_structs.checkpatch.

This file has been missing after the recent update of checkpatch.pl,
leading to the following message:

  No structs that should be const will be found - file
  '/data/openwrt/scripts/const_structs.checkpatch': No such file
  or directory

This commit adds the relevant file from v5.10-rc4.

Fixes: 086ee09bbcac ("scripts: Update checkpatch.pl to 2020-06-11")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoscripts: checkpatch.pl: suppress warnings about MAINTAINERS
Adrian Schmutzler [Wed, 18 Nov 2020 20:38:59 +0000 (21:38 +0100)]
scripts: checkpatch.pl: suppress warnings about MAINTAINERS

The kernel expects changes to MAINTAINERS for all removed or added
files, printing warnings like:

  WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
  #828:
  deleted file mode 100644

Since this does not apply to "our" files in OpenWrt repo, this
warning should be disabled.

This can be achieved easiest by setting $reported_maintainer_file
to 1. While this is a hack that tricks the script into believing
the proper MAINTAINERS changes have been made, it's the easiest
solution as it does not require to touch any other code.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoramips: use m25p,fast-read on Xiaomi Mi Router 4A Gb/3G v2
Adrian Schmutzler [Wed, 18 Nov 2020 19:48:26 +0000 (20:48 +0100)]
ramips: use m25p,fast-read on Xiaomi Mi Router 4A Gb/3G v2

The Xiaomi Mi Router 4A Gigabit model has a race condition on bootup
causing the SQUASHFS data errors to appear and create a bootloop
scenario.

Adding the m25p,fast-read property resolves this issue.

Suggested-by: David Bentham <db260179@gmail.com>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agokernel: bump 5.4 to 5.4.77
John Audia [Wed, 11 Nov 2020 20:30:36 +0000 (15:30 -0500)]
kernel: bump 5.4 to 5.4.77

Manually rebased patches:
 bcm27xx/patches-5.4/950-0135-spi-spi-bcm2835-Disable-forced-software-CS.patch
 generic-backport/744-v5.5-net-sfp-soft-status-and-control-support.patch
 layerscape/patches-5.4/819-uart-0005-tty-serial-fsl_lpuart-enable-dma-mode-for-imx8qxp.patch
 mvebu/patches-5.4/521-arm64-dts-marvell-espressobin-Add-ethernet-switch-al.patch

Removed:
 layerscape/patches-5.4/819-uart-0012-tty-serial-lpuart-add-LS1028A-support.patch

All modifications made by update_kernel.sh

Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711,
              lantiq/Easybox 904 xDSL, x86_64
Run-tested: ipq806x/R7800, lantiq/Easybox 904 xDSL, x86_64

No dmesg regressions, everything functional

Signed-off-by: John Audia <graysky@archlinux.us>
Co-developed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoath79: Add support for Ubiquiti NanoBeam AC Gen2
Nick Hainke [Sun, 25 Oct 2020 13:51:55 +0000 (14:51 +0100)]
ath79: Add support for Ubiquiti NanoBeam AC Gen2

CPU:         Atheros AR9342 rev 3 SoC
RAM:         64 MB DDR2
Flash:       16 MB NOR SPI
WLAN 2.4GHz: Atheros AR9342 v3 (ath9k)
WLAN 5.0GHz: QCA988X
Ports:       2x GbE

Flashing procedure is identical to other ubnt devices.
https://openwrt.org/toh/ubiquiti/common

Flashing through factory firmware
1. Ensure firmware version v8.7.0 is installed.
   Up/downgrade to this exact version.
2. Patch fwupdate.real binary using
   `hexdump -Cv /bin/ubntbox | sed 's/14 40 fe 27/00 00 00 00/g' | \
    hexdump -R > /tmp/fwupdate.real`
3. Make the patched fwupdate.real binary executable using
   `chmod +x /tmp/fwupdate.real`
4. Copy the squashfs factory image to /tmp on the device
5. Flash OpenWrt using `/tmp/fwupdate.real -m <squashfs-factory image>`
6. Wait for the device to reboot
(copied from Ubiquiti NanoBeam AC and modified)

To keep it consistent, we will add the gen1 variant to
the nanobeam ac gen1.

Signed-off-by: Nick Hainke <vincent@systemli.org>
3 years agovalgrind: Update to version 3.16.1
Hauke Mehrtens [Sat, 31 Oct 2020 23:17:58 +0000 (00:17 +0100)]
valgrind: Update to version 3.16.1

No special changes, just get in sync with recent code.
See here for the changelog:
https://valgrind.org/docs/manual/dist.news.html

The ipkg sizes changes as follows for mips 24kc :
3.15   : valgrind_3.15.0-2_mips_24kc.ipk 1450680
3.16.1 : valgrind_3.16.1-1_mips_24kc.ipk 1491954

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agostrace: Update to version 5.9
Hauke Mehrtens [Sat, 31 Oct 2020 23:17:51 +0000 (00:17 +0100)]
strace: Update to version 5.9

No special changes, just get in sync with recent code.
See here for the changelog:
https://github.com/strace/strace/releases/tag/v5.9

The ipkg sizes changes as follows for mips 24kc :
5.8 : strace_5.8-1_mips_24kc.ipk 271195
5.9 : strace_5.9-1_mips_24kc.ipk 278352

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agoiperf3: Update to version 3.9
Hauke Mehrtens [Sat, 31 Oct 2020 23:17:36 +0000 (00:17 +0100)]
iperf3: Update to version 3.9

No special changes, just get in sync with recent code.
See here for the changelog:
http://software.es.net/iperf/news.html#iperf-3-9-released

The ipkg sizes changes as follows for mips 24kc :
3.7 : iperf3_3.7-1_mips_24kc.ipk 39675
3.9 : iperf3_3.9-1_mips_24kc.ipk 41586

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agoethtool: update to version 5.9
Hans Dedecker [Sun, 15 Nov 2020 19:43:49 +0000 (20:43 +0100)]
ethtool: update to version 5.9

The ipkg sizes changes as follows for mips 24kc :
5.8 : ethtool_5.8-1_mips_24kc.ipk 34930
5.9 : ethtool_5.9-1_mips_24kc.ipk 35241

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
3 years agobase-files: fix backwards compatiblity of rc.common EXTRA_COMMANDS
Matthias Schiffer [Mon, 16 Nov 2020 16:30:43 +0000 (17:30 +0100)]
base-files: fix backwards compatiblity of rc.common EXTRA_COMMANDS

Avoid needlessly breaking old initscripts that set EXTRA_COMMANDS. This
will aid in debugging (as it simplifies reverting to an older version of
a package) and unbreaks third-party feeds (and packages that maintain
their OpenWrt initscripts as part of the software's repo instead of the
OpenWrt feed like fastd).

Without this, initscripts that set EXTRA_COMMANDS become completely
unusable, as all default commands like start/stop cease working.

Fixes: 1a69f50dc627 ("base-files: fix rc.common help alignment")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
3 years agohostapd: set validity interval for BSS TMRA
David Bauer [Tue, 17 Nov 2020 10:47:38 +0000 (11:47 +0100)]
hostapd: set validity interval for BSS TMRA

This sets the validity interval for the BSS transition candidate
list to the same value as the disassociation timer.

Currently the value is always 0, which is the specification states is a
reserved value. Also, wpa_supplicant and from the looks of it some
Android implementations will outright ignore the candidate list in this
case.

Signed-off-by: David Bauer <mail@david-bauer.net>
3 years agohostapd: add support for static airtime policy configuration
Dobroslaw Kijowski [Mon, 16 Nov 2020 19:32:38 +0000 (20:32 +0100)]
hostapd: add support for static airtime policy configuration

* Add support for passing airtime_sta_weight into hostapd configuration.
* Since that commit it is possible to configure station weights. Set higher
  value for larger airtime share, lower for smaller share.

I have tested this functionality by modyfing /etc/config/wireless to:

config wifi-device 'radio0'
...
        option airtime_mode '1'

config wifi-iface 'default_radio0'
...
        list airtime_sta_weight '01:02:03:04:05:06 1024'

Now, when the station associates with the access point it has been assigned
a higher weight value.
root@OpenWrt:~# cat /sys/kernel/debug/ieee80211/phy0/netdev\:wlan0/stations/01\:02\:03\:04\:05\:06/airtime
RX: 12656 us
TX: 10617 us
Weight: 1024
Deficit: VO: -2075 us VI: 256 us BE: -206 us BK: 256 us

[MAC address has been changed into a dummy one.]

Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
3 years agohostapd: fix per-BSS airtime configuration
Dobroslaw Kijowski [Mon, 16 Nov 2020 19:21:46 +0000 (20:21 +0100)]
hostapd: fix per-BSS airtime configuration

airtime_mode is always parsed as an empty string since it hasn't been
added into hostapd_common_add_device_config function.

Fixes: e289f183 ("hostapd: add support for per-BSS airtime configuration")
Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
3 years agohostapd: ubus: add get_status method
David Bauer [Sun, 1 Nov 2020 23:53:41 +0000 (00:53 +0100)]
hostapd: ubus: add get_status method

This adds a new get_status method to a hostapd interface, which
provides information about the current interface status.

Signed-off-by: David Bauer <mail@david-bauer.net>
3 years agohostapd: ubus: add VHT capabilities to client list
David Bauer [Mon, 12 Oct 2020 01:10:20 +0000 (03:10 +0200)]
hostapd: ubus: add VHT capabilities to client list

This adds parsed VHT capability information to the hostapd
get_clients method.

Signed-off-by: David Bauer <mail@david-bauer.net>
3 years agohostapd: ubus: add driver information to client list
David Bauer [Sun, 11 Oct 2020 15:45:01 +0000 (17:45 +0200)]
hostapd: ubus: add driver information to client list

This adds information from mac80211 to hostapd get_client ubus function.
This way, TX as well as RX status information as well as the signal can
be determined.

Signed-off-by: David Bauer <mail@david-bauer.net>
3 years agohostapd: fix variable shadowing
David Bauer [Wed, 28 Oct 2020 19:42:17 +0000 (20:42 +0100)]
hostapd: fix variable shadowing

Fixes commit 838b412cb527 ("hostapd: add interworking support")

Signed-off-by: David Bauer <mail@david-bauer.net>
3 years agoumdns: convert seccomp filter rules to OCI format
Daniel Golle [Tue, 17 Nov 2020 13:11:16 +0000 (13:11 +0000)]
umdns: convert seccomp filter rules to OCI format

procd-seccomp switched to OCI-compliant seccomp parser instead of our
(legacy, OpenWrt-specific) format. Convert ruleset to new format.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoprocd: drop legacy seccomp support, switch to OCI parsers
Daniel Golle [Tue, 17 Nov 2020 13:09:36 +0000 (13:09 +0000)]
procd: drop legacy seccomp support, switch to OCI parsers

 d8f36f5 seccomp: specifying architectures is optional
 d352e6e seccomp: switch to new OCI compliant parser
 c110405 trace: switch to OCI seccomp JSON output

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agowireguard-tools: fix category/description in menuconfig
Alberto Bursi [Tue, 17 Nov 2020 07:58:40 +0000 (08:58 +0100)]
wireguard-tools: fix category/description in menuconfig

wireguard-tools is trying to import the menuconfig section
from the wireguard package, but since it's not anymore in
the same makefile this seems to fail and wireguard-tools
ends up in "extra packages" category instead with other
odds and ends.

Same for the description, it's trying to import it from the
wireguard package but it fails so it only shows the line
written in this makefile.

remove the broken imports and add manually the entries
and description they were supposed to load

Fixes: ea980fb9c6de ("wireguard: bump to 20191226")
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
[fix trailing whitespaces, add Fixes]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoath79: fix missing ";;" in 11-ath10k-caldata
Adrian Schmutzler [Mon, 16 Nov 2020 18:26:25 +0000 (19:26 +0100)]
ath79: fix missing ";;" in 11-ath10k-caldata

This adds a missing ";;" in the switch-case in 11-ath10k-caldata.

Fixes: 4d36569b9cab ("ath79: fix ath10k caldata extraction on some
D-Link DIR-842 C3 devices")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoath79: fix ath10k caldata extraction on some D-Link DIR-842 C3 devices
Paul Fertser [Tue, 27 Oct 2020 11:02:53 +0000 (14:02 +0300)]
ath79: fix ath10k caldata extraction on some D-Link DIR-842 C3 devices

According to forum threads [0][1] and a report on IRC by Doc-Saintly
some of those boards have calibration data in a different place. Only
one alternative location is known.

Without proper board calibration data (board.bin having all 0xff bytes)
ath10k firmware still tries to load but crashes on startup with a
confusing error message.

If you're applying this patch manually on your device do not forget to
remove /lib/firmware/ath10k/pre-cal-pci-0000:00:00.0.bin and reboot to
force caldata re-extraction.

[0] https://forum.openwrt.org/t/support-for-d-link-dir842-rev-c3/41654
[1] https://forum.openwrt.org/t/d-link-dir-842-cant-access-firmware-upload-form/65454

Signed-off-by: Paul Fertser <fercerpav@gmail.com>
3 years agokernel: remove mvsw61xx swconfig driver
DENG Qingfang [Fri, 13 Nov 2020 03:54:44 +0000 (11:54 +0800)]
kernel: remove mvsw61xx swconfig driver

All targets that used mvsw61xx have switched to upstream mv88e6xxx DSA
driver, so it can be removed.

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
3 years agomediatek: fix mixed indent in DTS files
Adrian Schmutzler [Mon, 16 Nov 2020 12:35:51 +0000 (13:35 +0100)]
mediatek: fix mixed indent in DTS files

mediatek frequently had mixed indent (tabs vs. spaces) in DTS files
and DTS file kernel patches (probably due to careless copy/paste).

The harmonizes these cases to tabs-only, as usual for DTS(I).

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agotreewide: remove default-state off for LEDs
Adrian Schmutzler [Mon, 16 Nov 2020 12:26:56 +0000 (13:26 +0100)]
treewide: remove default-state off for LEDs

default-state = "off" is default for LEDs, no need to specify it
explicitly.

https://www.kernel.org/doc/Documentation/devicetree/bindings/leds/common.yaml

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agomvebu: LS421DE: improve the HDD leds
Daniel González Cabanelas [Fri, 13 Nov 2020 19:23:00 +0000 (20:23 +0100)]
mvebu: LS421DE: improve the HDD leds

Improve the HDD LEDs used for disk activity:
 - Use the trigger activity per ata channel

Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
3 years agoramips: mt7621: fix Telco X1 GPIO switches
DENG Qingfang [Mon, 16 Nov 2020 06:06:12 +0000 (14:06 +0800)]
ramips: mt7621: fix Telco X1 GPIO switches

The GPIO base of MT7621 GPIO 0~31 is 480 on kernel 5.4
Fix the GPIO numbering.

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
3 years agoodhcpd: update to latest git HEAD
Hans Dedecker [Sun, 15 Nov 2020 17:44:40 +0000 (18:44 +0100)]
odhcpd: update to latest git HEAD

fb55e80 dhcpv6-ia : write statefile atomically

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
3 years agodropbear: update to 2.81
Hans Dedecker [Sat, 14 Nov 2020 12:04:43 +0000 (13:04 +0100)]
dropbear: update to 2.81

Update dropbear to latest stable 2.81; for the changes see https://matt.ucc.asn.au/dropbear/CHANGES

Refresh patches

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
4 years agobcm27xx: add bit variant to redundant RaspberryPi
Paul Spooren [Fri, 6 Nov 2020 19:54:20 +0000 (09:54 -1000)]
bcm27xx: add bit variant to redundant RaspberryPi

Both bcm2709 and bcm2710 firmware can run on the same RaspberryPi
models, varying however in 32 and 64 Bit architectures. The model name
alone does not include the architecture information, which becomes
problematic if looking at a overview that only contains the names. By
adding a variant it is possible to tell the architecture.

Signed-off-by: Paul Spooren <mail@aparcar.org>
4 years agowireguard-tools: drop the dependency on ip-{tiny,full}
Rui Salvaterra [Thu, 5 Nov 2020 11:37:16 +0000 (11:37 +0000)]
wireguard-tools: drop the dependency on ip-{tiny,full}

BusyBox ip already provides the required functionality and is enabled by default
in OpenWrt. This patch drops the ip dependency and makes the BusyBox ip required
dependencies explicit, allowing for a significant image size reduction.

openwrt-ath79-generic-ubnt_nanostation-loco-m-squashfs-sysupgrade.bin size:
4588354 bytes (with ip-tiny)
4457282 bytes (with BusyBox ip)

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
4 years agobuild: support cmake verbose for host builds
Felix Fietkau [Sat, 14 Nov 2020 13:34:30 +0000 (14:34 +0100)]
build: support cmake verbose for host builds

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agolibjson-c: enable rpath for host builds to fix errors on recent macOS
Felix Fietkau [Sat, 14 Nov 2020 13:33:23 +0000 (14:33 +0100)]
libjson-c: enable rpath for host builds to fix errors on recent macOS

Same approach as on libubox

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agotools/bc: use autoreconf to fix build failure on macOS with recent Xcode versions
Felix Fietkau [Sat, 14 Nov 2020 11:52:58 +0000 (12:52 +0100)]
tools/bc: use autoreconf to fix build failure on macOS with recent Xcode versions

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agotools/libelf: use autoreconf to fix build failure on macOS with recent Xcode versions
Felix Fietkau [Sat, 14 Nov 2020 11:47:39 +0000 (12:47 +0100)]
tools/libelf: use autoreconf to fix build failure on macOS with recent Xcode versions

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agobuild: detect broken make version on macOS
Felix Fietkau [Sat, 14 Nov 2020 11:37:39 +0000 (12:37 +0100)]
build: detect broken make version on macOS

Apple ships a broken make version with the Xcode command line tools.
Homebrew installs make as gmake by default in order to not collide with
Apple's version.
Exit with an error if the broken one is used accidentally

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agotools/fakeroot: fix build on macOS with recent Xcode versions
Felix Fietkau [Sat, 14 Nov 2020 10:57:23 +0000 (11:57 +0100)]
tools/fakeroot: fix build on macOS with recent Xcode versions

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agobuild: try to find getopt in macOS homebrew's standard location
Felix Fietkau [Sat, 14 Nov 2020 06:35:11 +0000 (07:35 +0100)]
build: try to find getopt in macOS homebrew's standard location

It is not symlinked to /usr/local/bin by default

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agoiproute2: update to 5.9
Hans Dedecker [Thu, 12 Nov 2020 17:18:52 +0000 (18:18 +0100)]
iproute2: update to 5.9

Update iproute2 to latest stable 5.9; for the changes see https://lwn.net/Articles/834755/

Refresh patches

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Acked-by: Hauke Mehrtens <hauke@huake-m.de>
4 years agoipq40xx: do not remove pci@40000000 for ap.dk04.1
Adrian Schmutzler [Fri, 13 Nov 2020 15:04:01 +0000 (16:04 +0100)]
ipq40xx: do not remove pci@40000000 for ap.dk04.1

This pci@40000000 node from upstream was dropped when the device
was converted from local DTS(I) files to kernel patches in [1] to
ensure that change was purely cosmetic.

However, the DK04.1 has a PCI-E slot by default, so let's keep
(i.e. not remove) the kernel definition now.

[1] c4beac9ea2e1 ("ipq40xx: use upstream DTS files for IPQ4019/AP-DK04.1")

Suggested-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoipq40xx: 5.4: update and reorder patches
Robert Marko [Fri, 30 Oct 2020 13:18:27 +0000 (14:18 +0100)]
ipq40xx: 5.4: update and reorder patches

A lot of patches are outdated versions of upstreamed patches and
drivers.

So lets pull in the upstreamed patches and reorder remaining ones.

This drops the unnecessary 721-dts-ipq4019-add-ethernet-essedma-node.patch
which adds nodes for not yet in OpenWrt IPQESS driver.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
[do not touch 902-dts-ipq4019-ap-dk04.1.patch here]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agobuild: filter out more autogenerated kernel config options
Felix Fietkau [Tue, 20 Oct 2020 19:36:52 +0000 (21:36 +0200)]
build: filter out more autogenerated kernel config options

Define wildcard patterns for filtering in target/linux/generic/config-filter
Preparation for supporting newer kernels

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agoscripts/kconfig.pl: allow regex syntax in filtering out config entries
Felix Fietkau [Tue, 20 Oct 2020 16:54:49 +0000 (18:54 +0200)]
scripts/kconfig.pl: allow regex syntax in filtering out config entries

This will be used to filter out some autogenerated config values from
the kernel config files

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agokernel: rename mtdpart_get_master to mtd_get_master
Felix Fietkau [Sat, 17 Oct 2020 15:21:12 +0000 (17:21 +0200)]
kernel: rename mtdpart_get_master to mtd_get_master

Preparation for supporting newer kernels

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agobuild: pass KBUILD_EXTRA_SYMBOLS with symvers files for kernel module packages
Felix Fietkau [Fri, 23 Oct 2020 09:26:48 +0000 (11:26 +0200)]
build: pass KBUILD_EXTRA_SYMBOLS with symvers files for kernel module packages

This replaces the previous (deprecated) method of collecting symvers data
in $(PKG_BUILD_DIR)/Module.symvers, which does not work on newer kernels

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agokernel: ip17xx: use pr_warn instead of pr_warning
Felix Fietkau [Sat, 24 Oct 2020 16:11:15 +0000 (18:11 +0200)]
kernel: ip17xx: use pr_warn instead of pr_warning

Fixes build with newer kernels

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agokernel: remove kmod-capi
Felix Fietkau [Sat, 24 Oct 2020 17:16:29 +0000 (19:16 +0200)]
kernel: remove kmod-capi

We don't package any driver that uses this module

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agonetifd: update to the latest version
Felix Fietkau [Fri, 13 Nov 2020 11:48:34 +0000 (12:48 +0100)]
netifd: update to the latest version

4a41135750d9 system-linux: only overwrite dev->present state on check_state for simple devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agogeneric: platform/mikrotik: implement multi caldata
Thibaut VARÈNE [Mon, 24 Aug 2020 10:38:40 +0000 (12:38 +0200)]
generic: platform/mikrotik: implement multi caldata

MikroTik recently changed again the way they store wlan calibration data
on devices. Prior to this change, ERD calibration data for all available
radios was stored within a single identifier node ("tag" in RouterBoot
parlance).

Recent devices have been seen with calibration (and BDF) data stored in
separate identifiers within LZOR packing for each radio: this patch
addresses this by:
1) ensuring that both variants are properly supported,
2) preserving backward compatibility with existing data consumers,
3) allowing for more than 2 calibration blobs to be exposed via sysfs.

Specifically, before this patch, the driver would provide a single sysfs
file named /sys/firmware/mikrotik/hard_config/wlan_data that contained
whatever calibration data found on the device's flash. After this patch,
when executed on a device that uses the old style storage, this behavior
is unchanged, but when executed on a device that uses new style storage
(for either traditional "ERD" packing or "LZOR" packing), the driver
replaces that single file with a folder containing one or more files
each containing the data encoded within individual identifiers.

As far as OpenWRT is concerned, this means that for devices which are
known to exist with both styles of data storage, a suitable hotplug stub
could look like this for e.g. the second radio:

wdata="/sys/firmware/mikrotik/hard_config/wlan_data"
( [ -f "$wdata" ] && caldata_sysfsload_from_file "$wdata" 0x8000 0x2f20 ) || \
( [ -d "$wdata" ] && caldata_sysfsload_from_file "$wdata/data_2" 0x0 0x2f20 )

This patch has been tested with LZOR old and new style packing on ipq4019,
and with old style on ath79.

Tested-by: John Thomson <git@johnthomson.fastmail.com.au>
Tested-by: Шебанов Алексей <admin@ublaze.ru>
Tested-by: Alen Opačić <subixonfire@gmail.com>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Tested-by: Robert Marko <robimarko@gmail.com>
4 years agolibnetfilter-log: Backport kernel header syncs
Brett Mastbergen [Thu, 18 Jul 2019 19:28:09 +0000 (15:28 -0400)]
libnetfilter-log: Backport kernel header syncs

Backport upstream commits that sync the local kernel header
copies in this library, with up to date copies.  These updated
headers ensure that libnetfilter-log users can use current
kernel functionality such as requesting that conntrack
information be appended to nflog events sent to userspace via
the NFULNL_CFG_F_CONNTRACK flag.  This functionality has been
available since kernel version 4.4

Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
4 years agoscripts: add spelling.txt for checkpatch.pl
Paul Spooren [Mon, 27 Jul 2020 22:57:04 +0000 (12:57 -1000)]
scripts: add spelling.txt for checkpatch.pl

Running the updated checkpatch version with spelling.txt show that
spelling mistakes happen to everyone.

> /target/linux$ fd .*.patch | xargs ../../scripts/checkpatch.pl | rg spell
WARNING: 'usefull' may be misspelled - perhaps 'useful'?
WARNING: 'afecting' may be misspelled - perhaps 'affecting'?
WARNING: 'usefull' may be misspelled - perhaps 'useful'?
WARNING: 'afecting' may be misspelled - perhaps 'affecting'?
WARNING: 'begining' may be misspelled - perhaps 'beginning'?
WARNING: 'superflous' may be misspelled - perhaps 'superfluous'?
WARNING: 'multipe' may be misspelled - perhaps 'multiple'?
WARNING: 'recieves' may be misspelled - perhaps 'receives'?
WARNING: 'retreive' may be misspelled - perhaps 'retrieve'?
WARNING: 'tranfer' may be misspelled - perhaps 'transfer'?
WARNING: 'additonal' may be misspelled - perhaps 'additional'?
WARNING: 'accomodate' may be misspelled - perhaps 'accommodate'?
[...]

Signed-off-by: Paul Spooren <mail@aparcar.org>
4 years agoscripts: checkpatch remove device-tree doc check
Paul Spooren [Mon, 3 Aug 2020 01:34:00 +0000 (15:34 -1000)]
scripts: checkpatch remove device-tree doc check

Remove checks for device tree documentation as the OpenWrt tree comes
withouth the ./Documentation folder.

Signed-off-by: Paul Spooren <mail@aparcar.org>
4 years agoscripts: Update checkpatch.pl to 2020-06-11
Paul Spooren [Mon, 27 Jul 2020 22:45:53 +0000 (12:45 -1000)]
scripts: Update checkpatch.pl to 2020-06-11

Checkpatch grown in functionallity and we should make use of that. If
OpenWrt patches should be upstream material they should also be checked
based on upstream checkpatch.pl instead of 2013.

Signed-off-by: Paul Spooren <mail@aparcar.org>
4 years agox86: generic: disable CONFIG_EFI_VARS
Alberto Bursi [Sat, 19 Sep 2020 23:36:05 +0000 (01:36 +0200)]
x86: generic: disable CONFIG_EFI_VARS

CONFIG_EFI_VARS has been disabled in
64bit x86 target in 2018 by the following commit
b0a51dab8c5b8d40828a00b0c6d66450bf90f217
the same reasons apply to Generic target, so
now it's disabled here too.
Leaving it enabled is also blocking compile as
a new symbol was added
EFI_CUSTOM_SSDT_OVERLAYS
that depends from CONFIG_EFI_VARS
and the build system stops and waits for
user input on what to do about it.

The Legacy and Geode targets never
had any EFI_xxx configs enabled so they
don't have this issue

Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
4 years agortl838x: Add switch and ethernet driver support for RTL839x SoCs
Birger Koblitz [Tue, 27 Oct 2020 08:12:01 +0000 (09:12 +0100)]
rtl838x: Add switch and ethernet driver support for RTL839x SoCs

This adds support for RTL839x SoCs in the ethernet and switch
drivers of the rtl838x architecture.

Reviewed-by: Andreas Oberritter <obi@saftware.de>
Signed-off-by: Birger Koblitz <git@birger-koblitz.de>
4 years agosunxi: add support for Libre Computer ALL-H3-CC H5
Roman Kuzmitskii [Sun, 18 Oct 2020 18:05:23 +0000 (18:05 +0000)]
sunxi: add support for Libre Computer ALL-H3-CC H5

Specification:

- CPU: Allwinner H5, Quad-core Cortex-A53 Up to 1GHz
- DDR3 RAM: 2GB
- Network:
    10/100M Ethernet x 1
- IR: x1 (Receive)
- USB (Host) Type-A x3
- USB (OTG) Type-A x1
- MicroSD Slot x 1
- eMMC Slot x1
- MicroUSB power input
- GPIO 40pin header
- UART 3pin header
- Leds:
    - librecomputer:blue:status
    - librecomputer:green:pwr
- Buttons:
    - uboot button (used to enter fel mode)
    - power button (can trigger power on)
- Power Supply via MicroUSB or GPIO 5V/2A

Installation:

- Write the image to SD Card with dd
- Boot from the SD Card

Signed-off-by: Roman Kuzmitskii <damex.pp@icloud.com>
[Fixed Signed-off-by]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agokernel: add module support Solarflare network adapter
Tan Zien [Mon, 19 Oct 2020 04:27:54 +0000 (12:27 +0800)]
kernel: add module support Solarflare network adapter

According to Solarflare user guide
it is recommended to install lm-sensors and
use the following command to obtain adapter health info

$ sensors | grep sfc
sfc pci 0400
sfc pci 0401

$ sensors sfc pci 0400
sfc pci 0400
Adapter: PCI adapter
1.2V supply:                        N/A
3.3V supply:                    +3.22 V  (min =  +3.00 V, max =  +3.60 V)
12.0V supply:                  +12.14 V  (min = +11.04 V, max = +12.96 V)
0.9V supply (ext. ADC):         +1.03 V  (min =  +0.50 V, max =  +1.10 V)
                                         (crit max =  +1.15 V)
0.9V phase A supply:                N/A
PHY overcurrent:                    N/A
ERROR: Can't get value of subfeature temp1_alarm: Can't read
PHY temp.:                          N/A
AOE FPGA temp.:                 +68.0°C  (low  =  +0.0°C, high = +95.0°C)
                                         (crit = +105.0°C)
Ambient temp.:                  +56.0°C  (low  =  +0.0°C, high = +75.0°C)
                                         (crit = +85.0°C)
Controller die (TDIODE) temp.:  +77.0°C  (low  =  +0.0°C, high = +95.0°C)
                                         (crit = +105.0°C)
Board front temp.:              +59.0°C  (low  =  +0.0°C, high = +75.0°C)
                                         (crit = +85.0°C)
Board back temp.:               +62.0°C  (low  =  +0.0°C, high = +75.0°C)
                                         (crit = +85.0°C)
1.2V supply current:                N/A
0.9V phase A supply current:        N/A
3.3V supply current:                N/A
12V supply current:                 N/A

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
4 years agonetfilter: Add queue support for nftables
Brett Mastbergen [Fri, 30 Oct 2020 14:35:05 +0000 (10:35 -0400)]
netfilter: Add queue support for nftables

This change adds the configuration option to build and include
the nft_queue kernel module, which allows traffic to be queued up
to userspace from an nftables rule

Tested-by: Sébastien Delafond sdelafond@gmail.com
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
4 years agofirmware-utils: fix mistake and improve logic in nec-enc
INAGAKI Hiroshi [Sat, 31 Oct 2020 12:45:05 +0000 (21:45 +0900)]
firmware-utils: fix mistake and improve logic in nec-enc

this patch fixes/improves follows:

- PATTERN_LEN is defined as a macro but unused
- redundant logic in count-up for "ptn"

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
4 years agobuild: store SOURCE_DATE_EPOCH in JSON info files
Paul Spooren [Sun, 1 Nov 2020 21:53:39 +0000 (11:53 -1000)]
build: store SOURCE_DATE_EPOCH in JSON info files

The source date epoch is the only reproducible date close to the actual
build date. It can be used for tooling like the firmware wizard to show
the image age.

Signed-off-by: Paul Spooren <mail@aparcar.org>
4 years agorpcd: remove file when applied
Huangbin Zhan [Wed, 4 Nov 2020 09:29:30 +0000 (17:29 +0800)]
rpcd: remove file when applied

Make sure exit value of this script is zero. Or the file won't be deleted.

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
4 years agoca-certificates: canonical the build dir
Jianhui Zhao [Thu, 5 Nov 2020 14:28:37 +0000 (22:28 +0800)]
ca-certificates: canonical the build dir

The previous build directory "build_dir/target-xx/work/"
contaminated the entire build directory.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
4 years agobusybox: Let procd respawn cron
Bruno Randolf [Mon, 9 Nov 2020 10:43:10 +0000 (10:43 +0000)]
busybox: Let procd respawn cron

On some systems I see the issue that crond dies after a few days.
Simply letting procd respawn the process is a simple safety-net.

Signed-off-by: Bruno Randolf <br1@einfach.org>
4 years agoglibc: update to latest 2.32 commit (BZ #25399)
Hans Dedecker [Thu, 12 Nov 2020 16:40:39 +0000 (17:40 +0100)]
glibc: update to latest 2.32 commit (BZ #25399)

5c36293f06 resolv: Serialize processing in resolv/tst-resolv-txnid-collision
2dfa659a66 resolv: Handle transaction ID collisions in parallel queries (bug 26600)
05c025abca support: Provide a way to clear the RA bit in DNS server responses
f688bcd83d support: Provide a way to reorder responses within the DNS test server
eba0ce6058 Remove __warndecl
5337b2af4b Remove __warn_memset_zero_len [BZ #25399]
c6e794640c aarch64: Add unwind information to _start (bug 26853)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
4 years agouboot-envtools: support Xiaomi Mi Router 3G v2/4A Gigabit
Antonis Kanouras [Thu, 29 Oct 2020 19:58:42 +0000 (21:58 +0200)]
uboot-envtools: support Xiaomi Mi Router 3G v2/4A Gigabit

Add support for the following devices:

- Xiaomi Mi Wi-Fi Router 3G v2
- Xiaomi Mi Router 4A Gigabit Edition

Signed-off-by: Antonis Kanouras <antonis@metadosis.eu>
[add explicit case for 4A, bump PKG_RELEASE,
improve commit title/message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: add Xiaomi Mi Router 4A Gigabit explicitly
Adrian Schmutzler [Thu, 12 Nov 2020 15:00:10 +0000 (16:00 +0100)]
ramips: add Xiaomi Mi Router 4A Gigabit explicitly

This device has previously been supported by the image
for Xiaomi Mi Router 3G v2. Since this is not obvious, the
4A is marketed as a new major revision and it also seems to
have a different bootloader, this will be both more tidy and
more helpful for the users.

Apart from that, note that there also is a 100M version of
the device that uses mt7628 platform, so a specifically named
image will also prevent confusion in this area.

Specifications:

- SoC:      MediaTek MT7621
- Flash:    16 MiB NOR SPI
- RAM:      128 MiB DDR3
- Ethernet: 3x 10/100/1000 Mbps (switched, 2xLAN + WAN)
- WIFI0:    MT7603E 2.4GHz 802.11b/g/n
- WIFI1:    MT7612E 5GHz 802.11ac
- Antennas: 4x external (2 per radio), non-detachable
- LEDs:     Programmable "power" LED (two-coloured, yellow/blue)
            Non-programmable "internet" LED (shows WAN activity)
- Buttons:  Reset

Installation:

Bootloader won't accept any serial input unless "boot_wait" u-boot
environment variable is changed to "on".

Vendor firmware won't accept any serial input until "uart_en" is
set to "1".

Using the https://github.com/acecilia/OpenWRTInvasion exploit you
can gain access to shell to enable these options:

To enable uart keyboard actions - 'nvram set uart_en=1'
To make uboot delay boot work - 'nvram set boot_wait=on'
Set boot delay to 5 - 'nvram set bootdelay=5'

Then run 'nvram commit' to make the changes permanent.

Once in the shell (following the OpenWRTInvasion instructions) you
can then run the following to flash OpenWrt and then reboot:

'cd /tmp; curl https://downloads.openwrt.org/...-sysupgrade.bin
  --output firmware.bin; mtd -e OS1 -r write firmware.bin OS1'

Suggested-by: David Bentham <db260179@gmail.com>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolayerscape: make restool depend on TARGET_layerscape_armv8_64b
Yangbo Lu [Wed, 28 Oct 2020 02:33:34 +0000 (10:33 +0800)]
layerscape: make restool depend on TARGET_layerscape_armv8_64b

The restool is for Layerscape DPAA2 platforms which are
ARMv8 platforms.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
4 years agoath79: add support for Qxwlan E600G v2 / E600GAC v2
张鹏 [Sat, 31 Oct 2020 01:35:21 +0000 (09:35 +0800)]
ath79: add support for Qxwlan E600G v2 / E600GAC v2

E600G v2 based on Qualcomm/Atheros QCA9531

Specification:

 - 650/600/200 MHz (CPU/DDR/AHB)
 - 128/64 MB of RAM (DDR2)
 - 8/16 MB of FLASH (SPI NOR)
 - 2T2R 2.4 GHz
 - 2 x 10/100 Mbps Ethernet(RJ45)
 - 1 x MiniPCI-e
 - 1 x SIM (3G/4G)
 - 5 x LED , 1 x Button(SW2-Reset Buttun), 1 x power input
 - UART(J100) header on PCB(115200 8N1)

E600GAC v2 based on Qualcomm/Atheros QCA9531 + QCA9887

Specification:

 - 650/600/200 MHz (CPU/DDR/AHB)
 - 128/64 MB of RAM (DDR2)
 - 8/16 MB of FLASH (SPI NOR)
 - 2T2R 2.4 GHz
 - 1T1R 5 GHz
 - 2 x 10/100 Mbps Ethernet(RJ45)
 - 6 x LED (one three-color led), 2 x Button(SW2-Reset Buttun),1 x power input
 - UART (J100)header on PCB(115200 8N1)

Flash instruction:

1.Using tftp mode with UART connection and original OpenWrt image
 - Configure PC with static IP 192.168.1.10 and tftp server.
 - Rename "openwrt-ath79-generic-xxx-squashfs-sysupgrade.bin"
   to "firmware.bin" and place it in tftp server directory.
 - Connect PC with one of LAN ports, power up the router and press
   key "Enter" to access U-Boot CLI.
 - Use the following commands to update the device to OpenWrt:
   run lfw
 - After that the device will reboot and boot to OpenWrt.
 - Wait until all LEDs stops flashing and use the router.

2.Using httpd mode with Web UI connection and original OpenWrt image
 - Configure PC with static IP 192.168.1.xxx(2-255) and tftp server.
 - Connect PC with one of LAN ports,press the reset button, power up
   the router and keep button pressed for around 6-7 seconds, until
   leds flashing.
 - Open your browser and enter 192.168.1.1,You will see the upgrade
   interface, select "openwrt-ath79-generic-xxx-squashfs-
   sysupgrade.bin" and click the upgrade button.
 - After that the device will reboot and boot to OpenWrt.
 - Wait until all LEDs stops flashing and use the router.

Signed-off-by: 张鹏 <sd20@qxwlan.com>
[rearrange in generic.mk, fix one case in 04_led_migration, update
commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agosunxi: fix board.d/01_leds permissions and drop include
Piotr Jurkiewicz [Thu, 12 Nov 2020 01:41:24 +0000 (02:41 +0100)]
sunxi: fix board.d/01_leds permissions and drop include

The file lacks executable permissions, which makes it not being applied
during the first boot.

While at it, drop unneeded include.

Signed-off-by: Piotr Jurkiewicz <piotr.jerzy.jurkiewicz@gmail.com>
[do not touch board name handling, update commit message/title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agowireguard: bump to 1.0.20201112
Jason A. Donenfeld [Thu, 12 Nov 2020 09:14:18 +0000 (10:14 +0100)]
wireguard: bump to 1.0.20201112

* noise: take lock when removing handshake entry from table

This is a defense in depth patch backported from upstream to account for any
future issues with list node lifecycles.

* netns: check that route_me_harder packets use the right sk

A test for an issue that goes back to before Linux's git history began. I've
fixed this upstream, but it doesn't look possible to put it into the compat
layer, as it's a core networking problem. But we still test for it in the
netns test and warn on broken kernels.

* qemu: drop build support for rhel 8.2

We now test 8.3+.

* compat: SYM_FUNC_{START,END} were backported to 5.4
* qemu: bump default testing version

The real motivation for this version bump: 5.4.76 made a change that broke our
compat layer.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
4 years agolibnl-tiny: update to the latest version
Felix Fietkau [Wed, 5 Aug 2020 17:59:12 +0000 (19:59 +0200)]
libnl-tiny: update to the latest version

2584ebc642b2 libnl-tiny: install pkgconfig file
c291088f631d unl: add support for connecting to rtnl

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agomac80211: add minstrel fixes that fix mt76 issues in legacy mode
Felix Fietkau [Wed, 11 Nov 2020 18:49:54 +0000 (19:49 +0100)]
mac80211: add minstrel fixes that fix mt76 issues in legacy mode

Remove deferred sampling code which does not work well with rate tables +
probing.
Fix tx status handling if the first invalid rate idx is not set to -1

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agomac80211: backport the new tasklet API
Felix Fietkau [Wed, 11 Nov 2020 18:48:45 +0000 (19:48 +0100)]
mac80211: backport the new tasklet API

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agonetifd: update to the latest version
Felix Fietkau [Mon, 9 Nov 2020 13:06:12 +0000 (14:06 +0100)]
netifd: update to the latest version

3023b0cc7352 bridge: add support for defining port member vlans via hotplug ops
a3016c451248 vlan: add pass-through hotplug ops that pass the VLAN info to the bridge
d59f3ddcbaf0 vlandev: add pass-through hotplug ops that pass the VLAN info to the bridge
dd5e61153636 bridge: show vlans in device status
a56e14afa612 bridge: preserve hotplug ports on vlan update if config is unchanged
d1e8884f8911 bridge: fix use-after-free bug on bridge member free
3a2b21001c3c system-dummy: set present state only for simple devices
ed11f0c0ffe4 bridge: only overwrite implicit vlan assignment if vlans are configured

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agodnsmasq: 'ipset' config sections
Aleksandr Mezin [Fri, 23 Oct 2020 05:02:37 +0000 (11:02 +0600)]
dnsmasq: 'ipset' config sections

Allow configuring ipsets with dedicated config sections:

    config ipset
        list name 'ss_rules_dst_forward'
        list name 'ss_rules6_dst_forward'
        list domain 't.me'
        list domain 'telegram.org'

instead of current, rather inconvenient syntax:

    config dnsmasq
        ...
        list ipset '/t.me/telegram.org/ss_rules_dst_forward,ss_rules6_dst_forward'

Current syntax will still continue to work though.

With this change, a LuCI GUI for DNS ipsets should be easy to implement.

Signed-off-by: Aleksandr Mezin <mezin.alexander@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
4 years agoramips: add support for D-Link DIR-2640 A1
James McGuire [Thu, 5 Nov 2020 05:13:19 +0000 (21:13 -0800)]
ramips: add support for D-Link DIR-2640 A1

This patch adds support for D-Link DIR-2640 A1.

Specifications:
* Board: AP-MTKH7-0002
* SoC: MediaTek MT7621AT
* RAM: 256 MB (DDR3)
* Flash: 128 MB (NAND)
* WiFi: MediaTek MT7615N (x2)
* Switch: 1 WAN, 4 LAN (Gigabit)
* Ports: 1 USB 2.0, 1 USB 3.0
* Buttons: Reset, WPS
* LEDs: Power (blue/orange), Internet (blue/orange), WiFi 2.4G (blue),
        WiFi 5G (blue), USB 3.0 (blue), USB 2.0 (blue)

Notes:
* WiFi 2.4G and WiFi 5G LEDs are wired directly to the wireless chips

Installation:
* D-Link Recovery GUI: power down the router, press and hold the reset
  button, then re-plug it. Keep the reset button pressed until the power
  LED starts flashing orange, manually assign a static IP address under
  the 192.168.0.xxx subnet (e.g. 192.168.0.2) and go to http://192.168.0.1

* Some modern browsers may have problems flashing via the Recovery GUI,
  if that occurs consider uploading the firmware through cURL:

    curl -v -i -F "firmware=@file.bin" 192.168.0.1

MAC addresses:

lan   factory 0xe000     *:a7 (label)
wan   factory 0xe006     *:aa
2.4   factory 0xe000 +1  *:a8
5.0   factory 0xe000 +2  *:a9

Seems like vendor didn't replace the dummy entries in the calibration data.

Signed-off-by: James McGuire <jamesm51@gmail.com>
[fix device definition title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agox86: upgrade: make code comment appear as log lines
Yousong Zhou [Tue, 3 Nov 2020 03:41:44 +0000 (11:41 +0800)]
x86: upgrade: make code comment appear as log lines

The comment content can be useful for readers of both the log and code

Previously when dd command "records in/out" messages are not filtered
like now with get_image_dd, it's not clear that these messages are for
extracting boot sectors.  E.g.

Before

  == upgrade: Reading partition table from bootdisk...
  37+26 records in
  37+26 records out
  == upgrade: Reading partition table from image...

After

  == upgrade: Reading partition table from bootdisk...
  == upgrade: Extract boot sector from the image
  37+26 records in
  37+26 records out
  == upgrade: Reading partition table from image...

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agox86: upgrade: use get_image_dd
Yousong Zhou [Tue, 3 Nov 2020 03:39:59 +0000 (11:39 +0800)]
x86: upgrade: use get_image_dd

Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3140
Reported-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Reviewed-By: Philip Prindeville <philipp@redfish-solutions.com>
4 years agox86: upgrade: use v function for writting logs
Yousong Zhou [Tue, 3 Nov 2020 03:03:31 +0000 (11:03 +0800)]
x86: upgrade: use v function for writting logs

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agobase-files: bump PKG_RELEASE
Yousong Zhou [Tue, 3 Nov 2020 08:55:13 +0000 (16:55 +0800)]
base-files: bump PKG_RELEASE

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>