Koen Vandeputte [Fri, 12 Jul 2019 07:35:23 +0000 (09:35 +0200)]
kernel: delete leftovers from unused kernel versions
Commit
000d400baa0a ("kernel: drop everything not on kernel version 4.14")
dropped everything not related to kernel 4.14, but forgot
to remove the parts in kernel-version.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Wed, 10 Jul 2019 14:51:07 +0000 (16:51 +0200)]
kernel: bump 4.14 to 4.14.133
Refreshed all patches.
Fixes:
- CVE-2019-3900
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Hauke Mehrtens [Thu, 11 Jul 2019 23:12:11 +0000 (01:12 +0200)]
mac80211: Do not build b43legacy on BRCM47xx mips74 subtarget
b43legacy needs ssb support and we do not compile the mips74 subtarget
of the brcm47xx target with SSB support. This causes a build failure in
the mac80211 package and only some of the kernel modules are being
created.
I am not aware of any device with a BRCM47xx mips74 CPU which uses a
b43legacy compatible device.
Fixes: FS#2334
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
e05310b9b80f944c718374b449b6fe48d06d412d)
Fredrik Olofsson [Thu, 4 Jul 2019 11:58:15 +0000 (13:58 +0200)]
kernel: cherry pick patch removing __linux__ check
This is already included in newer upstream. Needed to build BPF programs
using the MIPS kernel include files.
Without this patch, clang fails with "#error Use a Linux compiler or
give up." in sgidefs.h when building BPF programs.
Signed-off-by: Fredrik Olofsson <fredrik.olofsson@anyfinetworks.com>
(cherry-picked from commit
7d96c301d6afc9f360c26b404e435e8e03c1e207)
Adrian Schmutzler [Mon, 8 Jul 2019 08:17:28 +0000 (10:17 +0200)]
base-files: Fix path check in get_mac_binary
Logic was inverted when changing from string check to file check.
Fix it.
Fixes: 8592602d0a88 ("base-files: Really check path in get_mac_binary")
Reported-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
6ed3349308b24a6bac753643970a1f9f56ff6070)
Koen Vandeputte [Tue, 9 Jul 2019 10:18:31 +0000 (12:18 +0200)]
kernel: bump 4.14 to 4.14.132
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Hauke Mehrtens [Mon, 8 Jul 2019 14:55:14 +0000 (16:55 +0200)]
wolfssl: Fix package hash
Fixes: 3167a57f7262 ("wolfssl: update to 3.15.7, fix Makefile")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Konstantin Demin [Fri, 28 Jun 2019 18:30:50 +0000 (21:30 +0300)]
netsupport: move out mqprio from kmod-sched
Currently, there's unable to install "kmod-sched-mqprio" after
"kmod-sched" (or vice versa), because "sch_mqprio.ko" is
shipped in both packages.
Fixes: f83522fa6361 ("linux: Add kmod-sched-mqprio")
Fixes: 6af639e0bf78 ("linux: Add kmod-sched-act-vlan")
Fixes: 72c7e2dc467c ("linux: Add kmod-sched-flower")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
[Add cls_flower and act_vlan]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Eneas U de Queiroz [Mon, 1 Jul 2019 16:39:59 +0000 (13:39 -0300)]
wolfssl: update to 3.15.7, fix Makefile
This includes a fix for a medium-level potential cache attack with a
variant of Bleichenbacher’s attack. Patches were refreshed.
Increased FP_MAX_BITS to allow 4096-bit RSA keys.
Fixed poly1305 build option, and some Makefile updates.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
2792daab5ad26e916619052fc7f581cddc1ea53c)
Adrian Schmutzler [Thu, 4 Jul 2019 21:28:44 +0000 (23:28 +0200)]
base-files: Really check path in get_mac_binary
Currently, path argument is only checked for being not empty.
This changes behavior to actually check whether path exists.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Pawel Dembicki [Thu, 4 Jul 2019 11:17:02 +0000 (13:17 +0200)]
mpc85xx: Use gzip compressed kernel on HiveAP-330
After commit
1e41de2f48 ("mpc85xx: convert TL-WDR4900 v1 to simpleImage")
XZ compression of zImage was enabled. This change exposed a problem with
the HiveAP-330 images, which was fixed by foregoing the compression on
the kernel altogether with commit
98089bb8ba8
("mpc85xx: Use uncompressed kernel on the HiveAP-330").
This patch adds back the gzip compression of the kernel image by
utilizing the generic OpenWRT uImage method instead of relying on
the PowerPC bootwrapper script that did it previously.
Compile-tested: p1020/hiveap-330
Tested-by: Chris Blake <chrisrblake93@gmail.com> [run-tested]
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[filled in even more text]
Mathias Kresin [Wed, 3 Jul 2019 07:23:35 +0000 (09:23 +0200)]
lantiq: enable STP where referenced
While moving common used parts to dtsi files, the was disabled by
default but not enabled for all boards using the STP.
Fixes: f519fea4c6db ("lantiq: kernel 4.14: cleanup dts files")
Reported-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Mathias Kresin <dev@kresin.me>
Reviewed-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
W. Michael Petullo [Sun, 30 Jun 2019 00:06:20 +0000 (20:06 -0400)]
ar71xx: fix ath79/rb4xx IRQ initialization on kernel 4.14
Apply the same approach as in commit
3b53d6fdbc24 ("ar71xx: fix pci irq
init on kernel 4.14") to fix IRQ initialization for ath79-based chipsets
on rb4xx.
Ref: PR#2182
Acked-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: W. Michael Petullo <mike@flyn.org>
[commit ref fix]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
8c7d6c47a7893db689e50e1917479ad07a96547a)
Karel Kočí [Wed, 5 Jun 2019 11:18:41 +0000 (13:18 +0200)]
fstools: block-mount: fix restart of fstab service
Restarting service causes file-systems to be unmounted without being
mounted back. When this service was obsoleted it should have been
implemented in a way that all actions are ignored. Up to this commit
default handler was called when restart was requested. This default
handler just simply calls stop and start. That means that stop called
unmount but start just printed that this service is obsoleted.
This instead implements restart that just prints same message like start
does. It just calls start in reality. This makes restart unavailable for
call.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit
3ead9e7b743b1fbd3b07f5a72a16999abbec9347)
Brett Mastbergen [Tue, 25 Jun 2019 20:03:48 +0000 (16:03 -0400)]
mvebu: Fix platform.sh for non-generic espressobin versions
When the non-generic espressobin targets were added these board checks
were not updated. One side effect of this is that config is not saved
during an upgrade of -emmc,-v7, or -v7-emmc devices.
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
(cherry picked from commit
95c1dc5e8678a1fd87234a4d77c8c6643703023c)
Vladimir Vid [Fri, 7 Jun 2019 13:50:50 +0000 (15:50 +0200)]
mvebu: fix regression for non-generic ESPRESSObin versions
When targets for multiple ESPRESSObin devices were added, not all
files were updated which means any ESPRESSObin version beside generic
won't have proper networking, sysupgrade and uboot-env. This patch
fixes the issue.
* fixup network detection
* fixup uboot-env
* fixup platform.sh for sysupgrade
Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
(cherry picked from commit
bc47285cb3c0125424e628521f905f1f0d7b4cef)
Vladimir Vid [Fri, 7 Jun 2019 13:58:15 +0000 (15:58 +0200)]
mvebu: image: fix generic-arm64.bootscript mmc selection
Not all versions of ESPRESSObin require SD card, but can
be booted from the internal emmc flash (mmc dev 1) instead.
Add a simple check in the bootscript to see which mmc device
is detected and boot from it using mmcdev variable.
Tested-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
(cherry picked from commit
008b41b9b0ddd4c5c877a769a85d27eb9c4e21a4)
Bjørn Mork [Tue, 25 Jun 2019 12:20:53 +0000 (14:20 +0200)]
base-files: use OPENWRT prefix for os-release variables
Just stumbled across this LEDE legacy, without finding any real reason
to keep it. There is a single LEDE_DEVICE_MANUFACTURER_URL dependency
in the luci feed repo which needs to be syncronized.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
[re-added missing commit message]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
8a34a54b6aa6e9a5e2983d554fd5b97bec97e891)
Chuanhong Guo [Tue, 25 Jun 2019 15:19:41 +0000 (23:19 +0800)]
ramips: mt7621: add IRQ for GPIO node
This makes interrupt-based gpio-keys working.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit
110daa16e44bb53941a18396ab6a7d9fdd1fa362)
Koen Vandeputte [Thu, 20 Jun 2019 11:08:30 +0000 (13:08 +0200)]
uqmi: bump to latest git HEAD
1965c7139374 uqmi: add explicit check for message type when expecting a response
01944dd7089b uqmi_add_command: fixed command argument assignment
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit
47986dc6ea1d643cd348501da09cd2e3ee2f9ee1)
Koen Vandeputte [Thu, 27 Jun 2019 10:37:28 +0000 (12:37 +0200)]
kernel: bump 4.14 to 4.14.131
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Yangbo Lu [Wed, 12 Jun 2019 06:11:32 +0000 (14:11 +0800)]
layerscape: drop pause frame support for aquantia phy
An aquantia phy patch which dropped pause frame support was
missing when integrated LSDK-19.03 kernel patches into OpenWrt.
Without this patch, LS1043A 10G port would not work. So apply it.
Patch link
https://source.codeaurora.org/external/qoriq/qoriq-components/
linux/commit/?h=linux-4.14&id=
66346b115818365cfaf99d292871b19f0a1d2850
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Koen Vandeputte [Tue, 25 Jun 2019 10:54:12 +0000 (12:54 +0200)]
kernel: bump 4.14 to 4.14.130
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Christian Lamparter [Sat, 15 Jun 2019 17:13:30 +0000 (19:13 +0200)]
apm821xx: fix bogus key-presses on boot
"There are often transient line events when
the system is powered up and initialized and it
is often necessary for the gpio_chip driver to
clear any interrupt flags in hardware before
setting up the gpio chip, especially the
irqchip portions of it."
<http://lists.infradead.org/pipermail/openwrt-devel/2019-June/017630.html>
This patch adds a fix for the APM821XX's interrupt
controller to clear any bogus pending toggled
interrupts that happens on various APM821XX boards
on boot.
The patch also changes the debouce-interval from the
default 5ms debounce interval to 60ms all around.
The default setting caused on occasions that the button
state became stuck in a pressed state, even though the
button was released.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Chris Blake [Mon, 24 Jun 2019 11:32:45 +0000 (06:32 -0500)]
mpc85xx: Use uncompressed kernel on the HiveAP-330
It seems that newer builds of OpenWRT have a gzip kernel
larger than 2MB~, which for some reason fails to boot on this board.
However, we have 8MB of kernel space and currently the uncompressed
kernel is 6.5MB~, so we have some space to grow until a better
solution is worked out.
Before:
## Booting kernel from Legacy Image at
ee840000 ...
Image Name: Linux-4.19.53
Created: 2019-06-22 11:17:48 UTC
Image Type: PowerPC Linux Kernel Image (gzip compressed)
Data Size:
2315724 Bytes = 2.2 MB
Load Address:
00000000
Entry Point:
00000000
Verifying Checksum ... OK
## Loading init Ramdisk from Legacy Image at
02000000 ...
Image Name: OpenWrt fake ramdisk
Created: 2019-06-22 11:17:48 UTC
Image Type: PowerPC Linux RAMDisk Image (uncompressed)
Data Size: 0 Bytes = 0 kB
Load Address:
00000000
Entry Point:
00000000
Verifying Checksum ... OK
## Flattened Device Tree blob at
ec000000
Booting using the fdt blob at 0xec000000
Uncompressing Kernel Image ... Error: Bad gzipped data
GUNZIP: uncompress, out-of-mem or overwrite error -
must RESET board to recover
Loading Ramdisk to
10000000, end
10000000 ... OK
Loading Device Tree to
00ffa000, end
00fffc78 ... OK
ft_fixup_l2cache: FDT_ERR_NOTFOUND
After:
## Booting kernel from Legacy Image at
ee840000 ...
Image Name: POWERPC OpenWrt Linux-4.19.53
Created: 2019-06-22 11:17:48 UTC
Image Type: PowerPC Linux Kernel Image (uncompressed)
Data Size:
6724584 Bytes = 6.4 MB
Load Address:
00000000
Entry Point:
00000000
Verifying Checksum ... OK
## Loading init Ramdisk from Legacy Image at
02000000 ...
Image Name: OpenWrt fake ramdisk
Created: 2019-06-22 11:17:48 UTC
Image Type: PowerPC Linux RAMDisk Image (uncompressed)
Data Size: 0 Bytes = 0 kB
Load Address:
00000000
Entry Point:
00000000
Verifying Checksum ... OK
## Flattened Device Tree blob at
ec000000
Booting using the fdt blob at 0xec000000
Loading Kernel Image ... OK
OK
Loading Ramdisk to
10000000, end
10000000 ... OK
Loading Device Tree to
00ffa000, end
00fffc78 ... OK
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [75 cpl limit]
Jeff Kletsky [Sat, 15 Jun 2019 21:40:56 +0000 (14:40 -0700)]
ipq40xx: Linksys: sysupgrade: Ensure OEM volumes are removed
When OEM volumes are present in the [alt_]firmware partition,
sysupgrade will write a new kernel, but will fail to write
the root file system. The next boot will hang indefinitely
Waiting for root device /dev/ubiblock0_0...
Modified ipq40xx/base-files/lib/upgrade/linksys.sh
to remove both `squashfs` and `ubifs` if found
on the target firmware partition's UBI device.
Run-tested-on: Linksys EA8300
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[applied some shellcheck suggestions as well]
Koen Vandeputte [Mon, 24 Jun 2019 11:45:24 +0000 (13:45 +0200)]
kernel: bump 4.14 to 4.14.129
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Stefan Lippers-Hollmann [Sat, 15 Jun 2019 04:35:06 +0000 (06:35 +0200)]
mac80211: update WDS/4addr fix to the version accepted upstream
This updates "{nl,mac}80211: allow 4addr AP operation on crypto
controlled devices" to the version (v3), which was accepted into
upstream mac80211.git and which is tagged for -stable backporting
(v4.18+).
https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=
33d915d9e8ce811d8958915ccd18d71a66c7c495
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[format-patch]
Kevin Darbyshire-Bryant [Wed, 19 Jun 2019 19:25:43 +0000 (20:25 +0100)]
iproute2: update ctinfo support
Follow upstream changes - header file changes only
no functional or executable changes, hence no package bump
required
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
a8f0c02f80fa0c7c55702770b3ca99f6db5405e7)
Kevin Darbyshire-Bryant [Wed, 19 Jun 2019 19:21:35 +0000 (20:21 +0100)]
kernel: update act_ctinfo
Follow upstream changes - header file changes
no executable difference at all
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
5273fb6b21b953428e2f9ea5892872db5aaf22c1)
Adrian Schmutzler [Wed, 17 Apr 2019 13:45:52 +0000 (15:45 +0200)]
ath79: Add SUPPORTED_DEVICES for Archer C7 v1/v2
The identifier for both devices is "archer-c7" on ar71xx, set here:
https://github.com/openwrt/openwrt/blob/master/target/linux/ar71xx/base-files/lib/ar71xx.sh#L348
https://github.com/openwrt/openwrt/blob/master/target/linux/ar71xx/base-files/lib/ar71xx.sh#L511
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Robinson Wu [Tue, 4 Jun 2019 03:13:39 +0000 (11:13 +0800)]
base-files: fix uci led oneshot/timer trigger
This patch adds a missing type property which prevented
the creation of oneshot and timer led triggers when they
are specified in the /etc/board.d/01_leds files.
i.e.:
ucidef_set_led_timer "system" "system" "zhuotk:green:system" "1000" "1000"
Fixes: b06a286a4861 ("base-files: cleanup led functions in uci-defaults.sh")
Signed-off-by: Robinson Wu <wurobinson@qq.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Koen Vandeputte [Thu, 20 Jun 2019 07:49:08 +0000 (09:49 +0200)]
kernel: bump 4.14 to 4.14.128
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Henryk Heisig [Sat, 23 Mar 2019 08:35:11 +0000 (08:35 +0000)]
ar71xx: base-files: fix board detect on new MikroTik devices
Move all MikroTik devices to new function to increase script execution
speed.
Machine name in new version of MikroTik RouterBOARD devices add "RB"
before model name:
Old machine name: MikroTik RouterBOARD 951Ui-2nD
New: MikroTik RouterBOARD RB951Ui-2nD
So this patch should fix it for all currently supported MikroTik boards.
Tested-by: Cezary Jackiewicz <cezary@eko.one.pl> [wAP R-2nD]
Signed-off-by: Henryk Heisig <hyniu@o2.pl>
[rebased,commit message facelift,script fixes]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[spotted missing 922UAGS-5HPacD]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Tue, 18 Jun 2019 10:28:39 +0000 (12:28 +0200)]
kernel: bump 4.14 to 4.14.127
Refreshed all patches.
Fixes:
- CVE-2019-11479
- CVE-2019-11478
- CVE-2019-11477
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 17 Jun 2019 11:40:04 +0000 (13:40 +0200)]
kernel: bump 4.14 to 4.14.126
Refreshed all patches.
Altered patches:
- 816-pcie-support-layerscape.patch
This patch also restores the initial implementation
of the ath79 perfcount IRQ issue. (
78ee6b1a40b5)
It was wrongfully backported upstream initially and got reverted now.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
George Amanakis [Thu, 13 Jun 2019 04:03:38 +0000 (00:03 -0400)]
mvebu: fixes commit
4089df4f4b0d
err_free_stats has been deprecated. Replace with err_netdev.
Compile-tested on: mvebu
Runtime-tested on: mvebu
Fixes: 4089df4f4b0d ("kernel: bump 4.14 to 4.14.125 (FS#2305 FS#2297)")
Signed-off-by: George Amanakis <gamanakis@gmail.com>
[altered hashes]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit
1e3800df1808b4a5a977c3a9651958611df51c83)
Rafał Miłecki [Mon, 17 Jun 2019 04:53:07 +0000 (06:53 +0200)]
kernel: backport 4.18 patch adding DMI_PRODUCT_SKU
It's needed for applying some hardware quirks. This fixes:
drivers/net/wireless/broadcom/brcm80211/brcmfmac/dmi.c:60:20: error: 'DMI_PRODUCT_SKU' undeclared here (not in a function); did you mean 'DMI_PRODUCT_UUID'?
DMI_EXACT_MATCH(DMI_PRODUCT_SKU, "T8"),
Fixes: c52054e568d1 ("mac80211: brcm: backport remaining brcmfmac 5.2 patches")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
4d11c4c3784196ed3e5b5a1f81fa415d99ef32b0)
Rafał Miłecki [Sun, 16 Jun 2019 16:56:15 +0000 (18:56 +0200)]
mac80211: brcm: backport remaining brcmfmac 5.2 patches
This improves FullMAC firmware compatibility, adds logging in case of
firmware crash and *may* fix "Invalid packet id" errors.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
8888cb725d492ad5cad5b59fc7117b006e1bba5a)
Christian Lamparter [Sat, 15 Jun 2019 17:51:28 +0000 (19:51 +0200)]
mac80211: refresh patches
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Fri, 14 Jun 2019 22:45:58 +0000 (00:45 +0200)]
iwinfo: update PKG_MIRROR_HASH
This patch updates the PKG_MIRROR_HASH to match the one
of the current version.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Sven Eckelmann [Tue, 11 Jun 2019 12:53:12 +0000 (14:53 +0200)]
ath10k-ct: adjust tx power reduction for US regulatory domain
FCC allows maximum antenna gain of 6 dBi. 15.247(b)(4):
> (4) The conducted output power limit
> specified in paragraph (b) of this section
> is based on the use of antennas
> with directional gains that do not exceed
> 6 dBi. Except as shown in paragraph
> (c) of this section, if transmitting
> antennas of directional gain greater
> than 6 dBi are used, the conducted
> output power from the intentional radiator
> shall be reduced below the stated
> values in paragraphs (b)(1), (b)(2),
> and (b)(3) of this section, as appropriate,
> by the amount in dB that the
> directional gain of the antenna exceeds
> 6 dBi.
https://www.gpo.gov/fdsys/pkg/CFR-2013-title47-vol1/pdf/CFR-2013-title47-vol1-sec15-247.pdf
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Tue, 11 Jun 2019 12:53:12 +0000 (14:53 +0200)]
ath10k-ct: fix max antenna gain unit
Most of the txpower for the ath10k firmware is stored as twicepower (0.5 dB
steps). This isn't the case for max_antenna_gain - which is still expected
by the firmware as dB.
The firmware is converting it from dB to the internal (twicepower)
representation when it calculates the limits of a channel. This can be seen
in tpc_stats when configuring "12" as max_antenna_gain. Instead of the
expected 12 (6 dB), the tpc_stats shows 24 (12 dB).
Tested on QCA9888 and IPQ4019 with firmware 10.4-3.5.3-00057.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Tue, 11 Jun 2019 12:53:12 +0000 (14:53 +0200)]
mac80211: ath10k: adjust tx power reduction for US regulatory domain
FCC allows maximum antenna gain of 6 dBi. 15.247(b)(4):
> (4) The conducted output power limit
> specified in paragraph (b) of this section
> is based on the use of antennas
> with directional gains that do not exceed
> 6 dBi. Except as shown in paragraph
> (c) of this section, if transmitting
> antennas of directional gain greater
> than 6 dBi are used, the conducted
> output power from the intentional radiator
> shall be reduced below the stated
> values in paragraphs (b)(1), (b)(2),
> and (b)(3) of this section, as appropriate,
> by the amount in dB that the
> directional gain of the antenna exceeds
> 6 dBi.
https://www.gpo.gov/fdsys/pkg/CFR-2013-title47-vol1/pdf/CFR-2013-title47-vol1-sec15-247.pdf
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Tue, 11 Jun 2019 12:53:12 +0000 (14:53 +0200)]
mac80211: ath10k: fix max antenna gain unit
Most of the txpower for the ath10k firmware is stored as twicepower (0.5 dB
steps). This isn't the case for max_antenna_gain - which is still expected
by the firmware as dB.
The firmware is converting it from dB to the internal (twicepower)
representation when it calculates the limits of a channel. This can be seen
in tpc_stats when configuring "12" as max_antenna_gain. Instead of the
expected 12 (6 dB), the tpc_stats shows 24 (12 dB).
Tested on QCA9888 and IPQ4019 with firmware 10.4-3.5.3-00057.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Tue, 11 Jun 2019 12:46:28 +0000 (14:46 +0200)]
mac80211: ath9k: Increase allowed antenna gain to 6 dBi
FCC allows maximum antenna gain of 6 dBi. 15.247(b)(4):
> (4) The conducted output power limit
> specified in paragraph (b) of this section
> is based on the use of antennas
> with directional gains that do not exceed
> 6 dBi. Except as shown in paragraph
> (c) of this section, if transmitting
> antennas of directional gain greater
> than 6 dBi are used, the conducted
> output power from the intentional radiator
> shall be reduced below the stated
> values in paragraphs (b)(1), (b)(2),
> and (b)(3) of this section, as appropriate,
> by the amount in dB that the
> directional gain of the antenna exceeds
> 6 dBi.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Mantas Pucka [Tue, 11 Jun 2019 14:08:48 +0000 (17:08 +0300)]
kernel: mt29f_spinand: fix memory leak during page program
Memory is allocated with devm_kzalloc() on every page program
and leaks until device is closed (which never happens).
Convert to kzalloc() and handle error paths manually.
Signed-off-by: Mantas Pucka <mantas@8devices.com>
Koen Vandeputte [Wed, 12 Jun 2019 12:41:51 +0000 (14:41 +0200)]
iwinfo: update to latest git HEAD
1372f47eff34 iwinfo: Add Mikrotik R11e-5HnDr2
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Tue, 11 Jun 2019 16:25:36 +0000 (18:25 +0200)]
kernel: bump 4.14 to 4.14.125 (FS#2305 FS#2297)
Refreshed all patches.
This bump contains upstream commits which seem to avoid (not properly fix)
the errors as seen in FS#2305 and FS#2297
Altered patches:
- 403-net-mvneta-convert-to-phylink.patch
- 410-sfp-hack-allow-marvell-10G-phy-support-to-use-SFP.patch
Compile-tested on: ar71xx, cns3xxx, imx6, mvebu, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Daniel Golle [Tue, 11 Jun 2019 23:14:25 +0000 (01:14 +0200)]
kernel: drop everything not on kernel version 4.14
* Remove testing patches for kernel version 4.19
* remove targets ar7, ixp4xx, orion
Those targets are still on kernel 4.9, patches for 4.14 were not ready
in time. They may be readded once people prepare and test patches for
kernel 4.14.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Yousong Zhou [Tue, 11 Jun 2019 08:26:27 +0000 (08:26 +0000)]
dnsmasq: move feature detection inside a shell func
Resolves openwrt/packages#9219
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
04b45d3a31fac45c472ad3c31d98268d1c309763)
Alexander Couzens [Mon, 10 Jun 2019 20:16:09 +0000 (22:16 +0200)]
OpenWrt v19.07: set branch defaults
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Alexander Couzens [Mon, 10 Jun 2019 23:49:30 +0000 (01:49 +0200)]
version.mk: use https:// instead of http://
Only the repo should not use https. Otherwise the build would need
a wget/uclient_fetch with tls support.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Alexander Couzens [Mon, 10 Jun 2019 23:38:46 +0000 (01:38 +0200)]
replace links towards lede-project.org with openwrt.org
Modify VERSION_SUPPORT_URL VERSION_REPO
Replace BUGS variable in toolchain/gcc/common.mk
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Karl Pálsson [Wed, 5 Jun 2019 17:16:52 +0000 (17:16 +0000)]
toolchain: replace LEDE in help text
Use generic wording.
Signed-off-by: Karl Pálsson <karlp@etactica.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [fixed a -> á]
Kristian Evensen [Thu, 6 Jun 2019 16:27:39 +0000 (18:27 +0200)]
ramips: Remove redundant LED-cases
01_leds has several redundant LED-cases. This commit cleans
up the file by merging these cases into shared cases.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
Adrian Schmutzler [Thu, 9 May 2019 12:55:16 +0000 (14:55 +0200)]
ath79: Add support for TP-Link Archer C25 v1
The TP-Link Archer C25 is a low-cost dual-band router.
Specification:
- CPU: Atheros QCA9561 775 MHz
- RAM: 64 MB
- Flash: 8 MB
- Wifi: 3x3 2.4 GHz (integrated), 1x1 5 GHz QCA9887
- NET: 5x 10/100 Mbps Ethernet
Some LEDs are controlled by an additional 74HC595 chip, but not
all of them as e.g. for the C59.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Wed, 5 Jun 2019 11:50:21 +0000 (13:50 +0200)]
ath79: Reorder some TP-Link Archer devices in 01_leds
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Deng Qingfang [Fri, 7 Jun 2019 16:40:32 +0000 (00:40 +0800)]
ramips: mt7620: select kmod-rt2800-pci driver for RT5592
ASUS RP-N53 and Buffalo WHR-600D use RT5592 for 5GHz wireless
After commit
367813b9b17 the driver for RT5592 (rt2800pci)
is not selected by default anymore, which broke their 5GHz wireless
Add it back to device packages
Fixes: 367813b9b17 ("ramips: mt7620: fix dependencies")
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
David Santamaría Rogado [Tue, 4 Jun 2019 20:06:17 +0000 (22:06 +0200)]
ath79: migrate Archer C7 5GHz radio device paths
When upgrading a TP-Link Archer C7 v2 from ar71xx to ath79,
the 5ghz radio stops working because the device path changed.
Some people subtitute the unsupported QCA9880v1 in the Archer v1
with supported QCA9880v2 radio. Since the stock radio doesn't
work, so it's safe to apply the change also for the Archer v1
images as well.
Also this patch renames the migration file and variables from
wmac to wifi.
Signed-off-by: David Santamaría Rogado <howl.nsp@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[removed comment, added return 0 (not that it matters since uci is
clever, see 00-wmac-migration thread), reworded commit message]
Adrian Schmutzler [Wed, 5 Jun 2019 13:59:30 +0000 (15:59 +0200)]
ath79: Consistently label art partition with lower case
This patch harmonizes the label and alias for art partitions
across ath79. Since lower case seems to be more frequent, use that
consistently.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Wed, 5 Jun 2019 13:31:32 +0000 (15:31 +0200)]
ath79: Read MAC addresses from flash in 11-ath10k-caldata
In commit
c3a8518 eth0 and eth1 have been swapped for some devices,
but 11-ath10k-caldata has not been updated.
Instead of fixing this by swapping eth0/eth1, this patch will read
addresses from flash (as done for several devices already) so
adjustments due to eth order become obsolete.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Wed, 5 Jun 2019 13:17:01 +0000 (15:17 +0200)]
ath79: Consistently label info partition
The info/product-info partition, which frequently contains MAC
adresses, is typically assigned the 'info' alias in DTS, but
then labelled with 'info', 'product-info' or 'config'.
This leads to different aliases if used for setting MAC adresses
in DTS compared to when using e.g. mtd_get_mac_binary. Occationally,
also multiple switch-case entries are used just because of different
labelling.
This patch relabels those partitions in ath79 to consistently use
'info'.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Pawel Dembicki [Thu, 23 May 2019 18:41:50 +0000 (20:41 +0200)]
mpc85xx: re-enable TL-WDR4900v1 images
This reverts commit
324e94f31bfd ("mpc85xx: disable bricking TL-WDR4900v1 images")
The previous commit fixes the TL-WDR4900v1. Enable the target again.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Tue, 29 Jan 2019 22:52:27 +0000 (23:52 +0100)]
mpc85xx: convert TL-WDR4900 v1 to simpleImage
Converts the TP-Link WDR4900 v1 to use the simpleImage in the
hopes of prolonging the life of the device. While at it,
the patch makes the fdt.bin an ARTIFACT and sets the KERNEL_SIZE
to 2684 KiB as a precaution since the stock u-boot is using a
fixed kernel size.
Note: Give the image some time, it will take much longer to
extract and boot.
[tested for 4.14/4.19]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Co-authored-by: Pawel Dembicki <paweldembicki@gmail.com>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
André Valentin [Sat, 8 Jun 2019 11:48:08 +0000 (13:48 +0200)]
config: add xfrm interface support scripts
This package adds scripts for xfrm interfaces support.
Example configuration via /etc/config/network:
config interface 'xfrm0'
option proto 'xfrm'
option mtu '1300'
option zone 'VPN'
option tunlink 'wan'
option ifid 30
config interface 'xfrm0_static'
option proto 'static'
option ifname '@xfrm0'
option ip6addr 'fe80::1/64'
option ipaddr '10.0.0.1/30'
Now set in strongswan IPsec policy:
if_id_in = 30
if_id_out = 30
Signed-off-by: André Valentin <avalentin@marcant.net>
Hans Dedecker [Mon, 10 Jun 2019 08:02:39 +0000 (10:02 +0200)]
curl: update to 7.65.1
For changes in 7.65.1; see https://curl.haxx.se/changes.html#7_65_1
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
André Valentin [Sat, 8 Jun 2019 11:48:07 +0000 (13:48 +0200)]
netsupport: add xfrmi interface support
Add support for xfrm interfaces in kernel. XFRM interfaces are used by
the IPsec stack for tunneling.
XFRM interfaces are available since linux 4.19.
Signed-off-by: André Valentin <avalentin@marcant.net>
Petr Štetiar [Wed, 5 Jun 2019 09:25:44 +0000 (11:25 +0200)]
kirkwood: image: fix unwanted 2nd inclusion of kernel
In commit
d2e18dae2892 ("kirkwood: cleanup image build code") the image
build code was refactored, setting KERNEL_IN_UBI=0 which doesn't work as
the KERNEL_IN_UBI needs to be unset in order to make it working as
intended, which leads to factory images with two kernels in them:
binwalk --keep-going openwrt-kirkwood-cisco_on100-squashfs-factory.bin
MD5 Checksum:
c33e3d1eb0cb632bf0a4dc287592eb70
DECIMAL HEX DESCRIPTION
-------------------------------------------------------------------------------
0 0x0 uImage header [...] "ARM OpenWrt Linux-4.14.123"
5769216 0x580800 uImage header [...] "ARM OpenWrt Linux-4.14.123"
Cc: Mathias Kresin <dev@kresin.me>
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2285
Fixes: d2e18dae2892 ("kirkwood: cleanup image build code")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Tue, 4 Jun 2019 11:14:41 +0000 (13:14 +0200)]
gpio-button-hotplug: gpio-keys: fix always missing first event
Commit
afc056d7dc83 ("gpio-button-hotplug: support interrupt
properties") changed the gpio-keys interrupt handling logic in a way,
that it always misses first event, which causes issues with rc.button
scripts, so this patch restores the previous behaviour.
Fixes: afc056d7dc83 ("gpio-button-hotplug: support interrupt properties")
Reported-by: Kristian Evensen <kristian.evensen@gmail.com>
Tested-by: Kuan-Yi Li <kyli.tw@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [drop state check]
Petr Štetiar [Mon, 3 Jun 2019 21:08:01 +0000 (23:08 +0200)]
gpio-button-hotplug: fix wrong initial seen value
Currently the generated event contains wrong seen value, when the button
is pressed for the first time:
rmmod gpio_button_hotplug; modprobe gpio_button_hotplug
[ pressing the wps key immediately after modprobe ]
gpio-keys: create event, name=wps, seen=1088, pressed=1
So this patch adds a check for this corner case and makes seen=0 if the
button is pressed for the first time.
Tested-by: Kuan-Yi Li <kyli.tw@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 3 Jun 2019 20:05:41 +0000 (22:05 +0200)]
gpio-button-hotplug: use pr_debug and pr_err
pr_debug can be used with dynamic debugging.
Tested-by: Kuan-Yi Li <kyli.tw@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Yousong Zhou [Sat, 25 May 2019 09:58:18 +0000 (09:58 +0000)]
dnsmasq: skip options that are not compiled in
This is to make life easier for users with customized build of
dnsmasq-full variant. Currently dnsmasq config generated by current
service script will be rejected by dnsmasq build lacking DHCP feature
- Options like --dhcp-leasefile have default values. Deleting them
from uci config or setting them to empty value will make them take on
default value in the end
- Options like --dhcp-broadcast are output unconditionally
Tackle this by
- Check availablility of features from output of "dnsmasq --version"
- Make a list of options guarded by HAVE_xx macros in src/options.c of
dnsmasq source code
- Ignore these options in xappend()
Two things to note in this implementation
- The option list is not exhaustive. Supposedly only those options that
may cause dnsmasq to reject with "unsupported option (check that
dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)" are taken
into account here
- This provides a way out but users' cooperation is still needed. E.g.
option dnssec needs to be turned off, otherwise the service script
will try to add --conf-file pointing to dnssec specific anchor file
which dnsmasq lacking dnssec support will reject
Resolves FS#2281
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Hans Dedecker [Sat, 8 Jun 2019 19:49:22 +0000 (21:49 +0200)]
netifd: xfrm tunnel support
8c6358b netifd: add xfrm tunnel interface support
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Konstantin Demin [Fri, 7 Jun 2019 19:57:34 +0000 (22:57 +0300)]
busybox: add ALTERNATIVES for brctl
Busybox brctl applet conflicts with the version from bridge-utils.
Fix this by using ALTERNATIVE support for brctl in busybox.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
Deng Qingfang [Fri, 7 Jun 2019 16:57:46 +0000 (00:57 +0800)]
tools/ccache: update to 3.7.1
Update ccache to 3.7.1
Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_1
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Chen Minqiang [Fri, 10 May 2019 11:13:07 +0000 (19:13 +0800)]
kernel: re-add bridge allow reception on disabled port
The "bridge allow reception on disabled port" implementation
was broken after these commits:
08802d93e2c1 ("kernel: bump 4.19 to 4.19.37")
b765f4be407c ("kernel: bump 4.14 to 4.14.114")
456f486b53a7 ("kernel: bump 4.9 to 4.9.171")
This leads to issues when for example WDS is used, tied to a bridge:
[ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3)
[ 96.517956] wlan1: authenticated
[ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3)
[ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3)
[ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1)
[ 97.208706] wlan1: associated
[ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID)
It seems upstream introduced a new patch, [1]
so we have to reimplement these patches properly:
target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch
[1] https://lkml.org/lkml/2019/4/24/1228
Fixes: 08802d93e2c1 ("kernel: bump 4.19 to 4.19.37")
Fixes: b765f4be407c ("kernel: bump 4.14 to 4.14.114")
Fixes: 456f486b53a7 ("kernel: bump 4.9 to 4.9.171")
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
[updated commit message and title]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Kevin Darbyshire-Bryant [Wed, 5 Jun 2019 17:29:53 +0000 (18:29 +0100)]
iproute2: add tc action ctinfo support
Add the userspace control portion of the backported kernelspace
act_ctinfo.
ctinfo is a tc action restoring data stored in conntrack marks to
various fields. At present it has two independent modes of operation,
restoration of DSCP into IPv4/v6 diffserv and restoration of conntrack
marks into packet skb marks.
It understands a number of parameters specific to this action in
additional to the usual action syntax. Each operating mode is
independent of the other so all options are optional, however not
specifying at least one mode is a bit pointless.
Usage: ... ctinfo [dscp mask [statemask]] [cpmark [mask]] [zone ZONE]
[CONTROL] [index <INDEX>]
DSCP mode
dscp enables copying of a DSCP stored in the conntrack mark into the
ipv4/v6 diffserv field. The mask is a 32bit field and specifies where
in the conntrack mark the DSCP value is located. It must be 6
contiguous bits long. eg. 0xfc000000 would restore the DSCP from the
upper 6 bits of the conntrack mark.
The DSCP copying may be optionally controlled by a statemask. The
statemask is a 32bit field, usually with a single bit set and must not
overlap the dscp mask. The DSCP restore operation will only take place
if the corresponding bit/s in conntrack mark ANDed with the statemask
yield a non zero result.
eg. dscp 0xfc000000 0x01000000 would retrieve the DSCP from the top 6
bits, whilst using bit 25 as a flag to do so. Bit 26 is unused in this
example.
CPMARK mode
cpmark enables copying of the conntrack mark to the packet skb mark. In
this mode it is completely equivalent to the existing act_connmark
action. Additional functionality is provided by the optional mask
parameter, whereby the stored conntrack mark is logically ANDed with the
cpmark mask before being stored into skb mark. This allows shared usage
of the conntrack mark between applications.
eg. cpmark 0x00ffffff would restore only the lower 24 bits of the
conntrack mark, thus may be useful in the event that the upper 8 bits
are used by the DSCP function.
Usage: ... ctinfo [dscp mask [statemask]] [cpmark [mask]] [zone ZONE]
[CONTROL] [index <INDEX>]
where :
dscp MASK is the bitmask to restore DSCP
STATEMASK is the bitmask to determine conditional restoring
cpmark MASK mask applied to restored packet mark
ZONE is the conntrack zone
CONTROL := reclassify | pipe | drop | continue | ok |
goto chain <CHAIN_INDEX>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Kevin Darbyshire-Bryant [Wed, 5 Jun 2019 17:28:46 +0000 (18:28 +0100)]
kernel: backport act_ctinfo
ctinfo is a new tc filter action module. It is designed to restore
information contained in firewall conntrack marks to other packet fields
and is typically used on packet ingress paths. At present it has two
independent sub-functions or operating modes, DSCP restoration mode &
skb mark restoration mode.
The DSCP restore mode:
This mode copies DSCP values that have been placed in the firewall
conntrack mark back into the IPv4/v6 diffserv fields of relevant
packets.
The DSCP restoration is intended for use and has been found useful for
restoring ingress classifications based on egress classifications across
links that bleach or otherwise change DSCP, typically home ISP Internet
links. Restoring DSCP on ingress on the WAN link allows qdiscs such as
but by no means limited to CAKE to shape inbound packets according to
policies that are easier to set & mark on egress.
Ingress classification is traditionally a challenging task since
iptables rules haven't yet run and tc filter/eBPF programs are pre-NAT
lookups, hence are unable to see internal IPv4 addresses as used on the
typical home masquerading gateway. Thus marking the connection in some
manner on egress for later restoration of classification on ingress is
easier to implement.
Parameters related to DSCP restore mode:
dscpmask - a 32 bit mask of 6 contiguous bits and indicate bits of the
conntrack mark field contain the DSCP value to be restored.
statemask - a 32 bit mask of (usually) 1 bit length, outside the area
specified by dscpmask. This represents a conditional operation flag
whereby the DSCP is only restored if the flag is set. This is useful to
implement a 'one shot' iptables based classification where the
'complicated' iptables rules are only run once to classify the
connection on initial (egress) packet and subsequent packets are all
marked/restored with the same DSCP. A mask of zero disables the
conditional behaviour ie. the conntrack mark DSCP bits are always
restored to the ip diffserv field (assuming the conntrack entry is found
& the skb is an ipv4/ipv6 type)
e.g. dscpmask 0xfc000000 statemask 0x01000000
|----0xFC----conntrack mark----000000---|
| Bits 31-26 | bit 25 | bit24 |~~~ Bit 0|
| DSCP | unused | flag |unused |
|-----------------------0x01---000000---|
| |
| |
---| Conditional flag
v only restore if set
|-ip diffserv-|
| 6 bits |
|-------------|
The skb mark restore mode (cpmark):
This mode copies the firewall conntrack mark to the skb's mark field.
It is completely the functional equivalent of the existing act_connmark
action with the additional feature of being able to apply a mask to the
restored value.
Parameters related to skb mark restore mode:
mask - a 32 bit mask applied to the firewall conntrack mark to mask out
bits unwanted for restoration. This can be useful where the conntrack
mark is being used for different purposes by different applications. If
not specified and by default the whole mark field is copied (i.e.
default mask of 0xffffffff)
e.g. mask 0x00ffffff to mask out the top 8 bits being used by the
aforementioned DSCP restore mode.
|----0x00----conntrack mark----ffffff---|
| Bits 31-24 | |
| DSCP & flag| some value here |
|---------------------------------------|
|
|
v
|------------skb mark-------------------|
| | |
| zeroed | |
|---------------------------------------|
Overall parameters:
zone - conntrack zone
control - action related control (reclassify | pipe | drop | continue |
ok | goto chain <CHAIN_INDEX>)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Make suitable adjustments for backporting to 4.14 & 4.19
and add to SCHED_MODULES_FILTER
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Biwen Li [Mon, 6 May 2019 04:13:14 +0000 (12:13 +0800)]
layerscape: update patches-4.14 to LSDK 19.03
All patches of LSDK 19.03 were ported to Openwrt kernel.
We still used an all-in-one patch for each IP/feature for
OpenWrt.
Below are the changes this patch introduced.
- Updated original IP/feature patches to LSDK 19.03.
- Added new IP/feature patches for eTSEC/PTP/TMU.
- Squashed scattered patches into IP/feature patches.
- Updated config-4.14 correspondingly.
- Refreshed all patches.
More info about LSDK and the kernel:
- https://lsdk.github.io/components.html
- https://source.codeaurora.org/external/qoriq/qoriq-components/linux
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Sun, 14 Apr 2019 06:49:49 +0000 (14:49 +0800)]
layerscape: fix u-boot bootcmd
Current latest LSDK-19.03 u-boot had a bug that bootcmd
environment was always been reset when u-boot started up.
This was found on boards with spi NOR boot. Before the
proper fix-up is applied, we have to use a workaround
to hard code the bootcmd for OpenWrt booting for now.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Thu, 18 Apr 2019 11:15:24 +0000 (19:15 +0800)]
layerscape: drop ppa package
Drop ppa package since TF-A is used instead.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Mon, 6 May 2019 03:26:09 +0000 (11:26 +0800)]
layerscape: convert to use TF-A for firmware
This patch is to convert to use TF-A for firmware.
- Use un-swapped rcw since swapping will be done in TF-A.
- Use u-boot with TF-A defconfig.
- Rework memory map for TF-A introduction.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Mon, 15 Apr 2019 09:45:53 +0000 (17:45 +0800)]
layerscape: add ARM Trusted Firmware package
Add TF-A packages for Layerscape to implement trusted firmware.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Mon, 15 Apr 2019 08:56:55 +0000 (16:56 +0800)]
layerscape: add rcw packages for ls1043ardb/ls1046ardb SD boot
Add rcw packages for ls1043ardb/ls1046ardb SD boot.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Thu, 18 Apr 2019 10:48:00 +0000 (18:48 +0800)]
layerscape: drop armv8_32b support
NXP LSDK has decided to drop armv8_32b support considering
few users are using it.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Thu, 18 Apr 2019 11:19:21 +0000 (19:19 +0800)]
layerscape: update restool to LSDK 19.03
Update restool to LSDK 19.03.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Mon, 15 Apr 2019 09:14:09 +0000 (17:14 +0800)]
layerscape: update u-boot to LSDK 19.03
Update u-boot to LSDK 19.03.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Sun, 14 Apr 2019 08:11:29 +0000 (16:11 +0800)]
layerscape: update ppfe-firmware to LSDK 19.03
Update ppfe-firmware to LSDK 19.03.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Mon, 15 Apr 2019 08:48:40 +0000 (16:48 +0800)]
layerscape: update ls-rcw to LSDK 19.03
Update ls-rcw to LSDK 19.03.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Sun, 14 Apr 2019 08:07:48 +0000 (16:07 +0800)]
layerscape: update ls-mc to LSDK 19.03
Update to ls-mc to LSDK 19.03.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Sun, 14 Apr 2019 08:07:36 +0000 (16:07 +0800)]
layerscape: update ls-dpl to LSDK 19.03
Update ls-dpl to LSDK 19.03.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Sun, 14 Apr 2019 08:07:09 +0000 (16:07 +0800)]
layerscape: update fman-ucode to LSDK 19.03
The source code was same from lsdk-1806 to lsdk-1903.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Fri, 8 Mar 2019 08:18:00 +0000 (16:18 +0800)]
layerscape: remove POSIX_MQUEUE configs
The POSIX_MQUEUE configs had been handled by OpenWrt
configuration.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Fri, 8 Mar 2019 08:15:59 +0000 (16:15 +0800)]
kernel: handle CFQ_GROUP_IOSCHED/CGROUP_HUGETLB in config-4.14
The generic config-4.14 should handle below configs.
- CONFIG_CFQ_GROUP_IOSCHED
- CONFIG_CGROUP_HUGETLB
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Sebastian Meiling [Tue, 4 Jun 2019 07:36:34 +0000 (09:36 +0200)]
kernel: add package for atusb wpan module
This adds a new package for the kernel module of the ATUSB WPAN driver.
Signed-off-by: Sebastian Meiling <s@mlng.net>
[fixed SoB: and From: mismatch]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Daniel Gonzalez Cabanelas [Thu, 27 Dec 2018 11:33:03 +0000 (12:33 +0100)]
brcm63xx: DVA-G3810BN/TL: Fix the WAN ethernet port
The WAN port has the wrong configuration in the kernel for the DVA-G3810BN/TL
The WAN port uses the internal phy, but it isn't enabled at the kernel board data.
Fix it.
Signed-off-by: Daniel Gonzalez Cabanelas <dgcbueu@gmail.com>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Roman Yeryomin [Fri, 12 Apr 2019 15:26:03 +0000 (18:26 +0300)]
build: fix external module symbol collection if build_dir is a symlink
e26ffb31dfa30d498b963a86d231835e3af7d3df fixed only embedded modules
symbol collection. If we are building external modules, like broadcom-wl
or lantiq dsl stuff then modules which do EXPORT_SYMBOL have unresolved
paths in Module.symvers and external module which depend on other
external modules will have empty dependencies, leading to broken
module loading.
This was discussed on IRC with Jonas some time ago.
Fix this by handling both resolved and unresolved paths.
Fixes: e26ffb31dfa3 ("build: fix module symbol collection if build_dir is a symlink")
Signed-off-by: Roman Yeryomin <roman@advem.lv>
[jonas.gorski@gmail.com: add appropriate fixes tag]
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Kevin Darbyshire-Bryant [Thu, 6 Jun 2019 09:45:15 +0000 (10:45 +0100)]
Revert "kernel: backport act_ctinfo"
This reverts commit
7c50182e0cdce0366715082872a2afbcf208bbf8.
Produces build error:
Package kmod-sched is missing dependencies for the following libraries:
nf_conntrack.ko
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Jo-Philipp Wich [Thu, 6 Jun 2019 09:27:11 +0000 (11:27 +0200)]
rpcd: fix init script reload action
Drop the legacy start() and stop() procedures and define a proper
reload signal action instead.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>