Petr Štetiar [Sun, 16 Jun 2019 19:39:32 +0000 (19:39 +0000)]
armvirt: add kernel configs for 4.19
It's just copy of 4.14 and will be refreshed in the upcoming commit,
renamed config-default to config-4.14 as well.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Koen Vandeputte [Tue, 18 Jun 2019 11:19:59 +0000 (13:19 +0200)]
kernel: bump 4.19 to 4.19.52
Refreshed all patches.
Fixes:
- CVE-2019-11479
- CVE-2019-11478
- CVE-2019-11477
Also fix a malformed patch issue caught during refresh.
It was caused by removing a whitespace without altering
the index values in a patch which alters a patch.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Fixes: cf6526249298 ("kernel: bump 4.19 to 4.19.51")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Tue, 18 Jun 2019 10:37:27 +0000 (12:37 +0200)]
kernel: bump 4.14 to 4.14.127
Refreshed all patches.
Fixes:
- CVE-2019-11479
- CVE-2019-11478
- CVE-2019-11477
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Tue, 18 Jun 2019 09:49:03 +0000 (11:49 +0200)]
kernel: bump 4.9 to 4.9.182
Refreshed all patches.
Fixes:
- CVE-2019-11479
- CVE-2019-11478
- CVE-2019-11477
Compile-tested on: none
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 17 Jun 2019 11:31:05 +0000 (13:31 +0200)]
kernel: bump 4.19 to 4.19.51
Refreshed all patches.
Altered patches:
- 370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch
- 220-optimize_inlining.patch
- 640-netfilter-nf_flow_table-add-hardware-offload-support.patch
This patch also restores the initial implementation
of the ath79 perfcount IRQ issue. (
78ee6b1a40b5)
It was wrongfully backported upstream initially and got reverted now.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Koen Vandeputte [Mon, 17 Jun 2019 11:24:31 +0000 (13:24 +0200)]
kernel: bump 4.14 to 4.14.126
Refreshed all patches.
Altered patches:
- 220-optimize_inlining.patch
- 816-pcie-support-layerscape.patch
This patch also restores the initial implementation
of the ath79 perfcount IRQ issue. (
78ee6b1a40b5)
It was wrongfully backported upstream initially and got reverted now.
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Petr Štetiar [Mon, 17 Jun 2019 13:25:40 +0000 (15:25 +0200)]
urngd: move project to git.openwrt.org
Let's move project to a proper place.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Thu, 13 Jun 2019 13:07:10 +0000 (15:07 +0200)]
ar71xx: make target source-only
Lets make it really explicit, that we should now focus only on ath79 in
order to make it ready for next release, where ar71xx is going to be
removed for good.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Henryk Heisig [Sat, 23 Mar 2019 08:35:11 +0000 (08:35 +0000)]
ar71xx: base-files: fix board detect on new MikroTik devices
Move all MikroTik devices to new function to increase script execution
speed.
Machine name in new version of MikroTik RouterBOARD devices add "RB"
before model name:
Old machine name: MikroTik RouterBOARD 951Ui-2nD
New: MikroTik RouterBOARD RB951Ui-2nD
So this patch should fix it for all currently supported MikroTik boards.
Signed-off-by: Henryk Heisig <hyniu@o2.pl>
[rebased,commit message facelift,script fixes]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[spotted missing 922UAGS-5HPacD]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Petr Štetiar [Sat, 15 Jun 2019 09:28:05 +0000 (09:28 +0000)]
gpio-button-hotplug: fix 4.19 build breakage on malta/be64
While testing 4.19 build on malta/be64, I've encountered following
error:
gpio-button-hotplug/gpio-button-hotplug.c:529:18: error: implicit
declaration of function 'gpio_to_desc'
which is caused by the missing include fixed by this patch.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Thu, 13 Jun 2019 22:38:22 +0000 (22:38 +0000)]
tegra: add missing kernel symbol to 4.19 config
This patch adds missing kernel config symbol to 4.19 kernel config.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Thu, 13 Jun 2019 22:32:46 +0000 (22:32 +0000)]
tegra: refresh 4.19 kernel config
This patch refreshes Tegra's 4.19 kernel config.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Marko Ratkaj [Thu, 13 Jun 2019 14:40:46 +0000 (16:40 +0200)]
mvebu: add kernel 4.19 support
Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
[added sfp related patches from Russell King]
Signed-off-by: Marek Behún <marek.behun@nic.cz>
[rebase; rework patches; separate and cleanup kernel configs;
add espessobin dts; adjust venom dts]
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Tomasz Maciej Nowak [Thu, 13 Jun 2019 14:40:47 +0000 (16:40 +0200)]
kernel: package module for SafeXcel crypto engine
Supports EIP97 and EIP197 found on Armada 37xx, 7k and 8k SoCs.
Unfortunately firmware for EIP197 is not easily obtainable, therefore
to not cause lot of user requests directed at OpenWrt, package it as
module with explanation where to obtain the firmware.
Cc: Marek Behún <marek.behun@nic.cz>
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Rafał Miłecki [Mon, 17 Jun 2019 04:53:07 +0000 (06:53 +0200)]
kernel: backport 4.18 patch adding DMI_PRODUCT_SKU
It's needed for applying some hardware quirks. This fixes:
drivers/net/wireless/broadcom/brcm80211/brcmfmac/dmi.c:60:20: error: 'DMI_PRODUCT_SKU' undeclared here (not in a function); did you mean 'DMI_PRODUCT_UUID'?
DMI_EXACT_MATCH(DMI_PRODUCT_SKU, "T8"),
Fixes: 8888cb725d49 ("mac80211: brcm: backport remaining brcmfmac 5.2 patches")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Hauke Mehrtens [Sun, 16 Jun 2019 20:54:23 +0000 (22:54 +0200)]
uhttpd: Fix format string build problems
91fcac34ac uhttpd: Fix multiple format string problems
Fixes: fc454ca15305 libubox: update to latest git HEAD
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hans Dedecker [Sun, 16 Jun 2019 19:27:04 +0000 (21:27 +0200)]
nghttp2: bump to 1.39.1
7ffc239b Bump up version number to 1.39.1
bc886a0e Fix FPE with default backend
a3a14a9c Fix log-level is not set with cmd-line or configuration file
acfb3607 Update manual pages
bdfd14c2 Bump up version number to 1.39.0, LT revision to 31:4:17
cddc09fe Update AUTHORS
3c3b6ae8 Add missing colon
2f83aa9e Fix multi-line text travis issue
fc591d0c Run nghttpx integration test with cmake build
9a17c3ef travis: use multi-line text
b7220f07 cmake: Remove SPDY related files
a1556fd1 Merge pull request #1356 from nghttp2/fix-log-level-on-reload
77f1c872 nghttpx: Fix unchanged log level on configuration reload
49ce44e1 Merge pull request #1352 from nghttp2/travis-osx
f54b3ffc Fix libxml2 CFLAGS output
b0f5e5cc Implement daemon() using fork() for OSX
8d6ecd66 Enable osx build on travis
f82fb521 Update doc
2e1975dd clang-format-8
97ce392b Merge pull request #1347 from nghttp2/nghttpx-ignore-cl-te-on-upgrade
afefbda5 Ignore content-length in 200 response to CONNECT request
4fca2502 nghttpx: Ignore Content-Length and Transfer-Encoding in 1xx or 200 to CONNECT
6975c336 Update llhttp to 1.1.3
0288093c Fix llhttp_get_error_pos usage
a3a03481 Merge pull request #1340 from nghttp2/nghttpx-llhttp
c64d2573 Replace http-parser with llhttp
f028cc43 clang-format
302e3746 Merge pull request #1337 from nghttp2/upgrade-mruby
3cdbc5f5 Merge pull request #1335 from adamgolebiowski/boost-1.70
a6925186 Fix mruby build error
45d63d20 Upgrade mruby to 2.0.1
cbba1ebf asio: support boost-1.70
e86d1378 Bump up version number to 1.39.0-DEV
4a9d2005 Update manual pages
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hauke Mehrtens [Sun, 16 Jun 2019 16:59:04 +0000 (18:59 +0200)]
urngd: Fix more wrong type in format string
Also the other type is worng and causes compile problems on ARM64
platforms.
Fixes: 9b53201d9c53 ("urngd: Fix wrong type in format string")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
George Amanakis [Thu, 13 Jun 2019 04:03:38 +0000 (00:03 -0400)]
mvebu: fixes commit
a7e68927d0
err_free_stats has been deprecated. Replace with err_netdev.
Compile-tested on: mvebu
Runtime-tested on: mvebu
Fixes: a7e68927d047 ("kernel: bump 4.14 to 4.14.125 (FS#2305 FS#2297)")
Signed-off-by: George Amanakis <gamanakis@gmail.com>
Rafał Miłecki [Sun, 16 Jun 2019 16:56:15 +0000 (18:56 +0200)]
mac80211: brcm: backport remaining brcmfmac 5.2 patches
This improves FullMAC firmware compatibility, adds logging in case of
firmware crash and *may* fix "Invalid packet id" errors.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Hauke Mehrtens [Sun, 12 May 2019 16:49:24 +0000 (18:49 +0200)]
kernel: Activate CONFIG_OPTIMIZE_INLINING
This will reduce the size of the kernel if CONFIG_CC_OPTIMIZE_FOR_SIZE is
set like for all targets with small_flash feature flag.
I haven't seen any changes for an ARM64 target which optimizes the
kernel for speed instead.
On the ath79/tiny target the uncompressed kernel size was reduced by
3.2% and the compressed kernel size by 2.1%
kernel size with CONFIG_OPTIMIZE_INLINING=n
4346412 build_dir/target-mips_24kc_musl/linux-ath79_tiny/vmlinux
1391169 build_dir/target-mips_24kc_musl/linux-ath79_tiny/tplink_tl-wr941-v4-kernel.bin
Kernel size with CONFIG_OPTIMIZE_INLINING=y
4212396 build_dir/target-mips_24kc_musl/linux-ath79_tiny/vmlinux
1362051 build_dir/target-mips_24kc_musl/linux-ath79_tiny/tplink_tl-wr941-v4-kernel.bin
This change is currently pending for kernel 5.2 and already in
linux-next, this updates our patch to match the upstream version.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
André Valentin [Fri, 14 Jun 2019 11:09:46 +0000 (13:09 +0200)]
netsupport: improve xfrm module support
-switch to module autoprobe
-exclude 4.9 kernel
Signed-off-by: André Valentin <avalentin@marcant.net>
Hauke Mehrtens [Sun, 16 Jun 2019 14:36:13 +0000 (16:36 +0200)]
libubox: update to latest git HEAD
9dd2dcf libubox: add format string checking to ulog()
ecf5617 ustream: Add format string checks to ustream_(v)printf()
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Joseph Benden [Wed, 8 May 2019 18:52:56 +0000 (11:52 -0700)]
toolchain: Add GCC 9.1.0 release
Most of the patches are copied over from GCC 8.3.
The following patches are backported from the GCC 9.X development branch:
toolchain/gcc/patches/9.1.0/970-recompute-dom-fast-queries-before-vn.patch
toolchain/gcc/patches/9.1.0/975-g++-ICE-with-generic-lambda.patch
The specs file changed with gcc 9, now it contains "%@{L*}" instead of
"%{L*}" in older GCC versions.
Signed-off-by: Joseph Benden <joe@benden.us>
Hauke Mehrtens [Sun, 16 Jun 2019 14:38:56 +0000 (16:38 +0200)]
urngd: Fix wrong type in format string
GCC 9.1 complains about this wrong type used in the format string, fix
this to make the compiler happy.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 16 Jun 2019 13:48:44 +0000 (15:48 +0200)]
ubox: bump to git HEAD
4df34a4 kmodloader: Increase path array size to make it always fit
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hans Dedecker [Sat, 15 Jun 2019 19:25:03 +0000 (21:25 +0200)]
netifd: xfrm fixes
9932ed0 netifd: fix xfrm interface deletion and standardize netlink call
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Adrian Schmutzler [Wed, 17 Apr 2019 13:45:52 +0000 (15:45 +0200)]
ath79: Add SUPPORTED_DEVICES for Archer C7 v1/v2
The identifier for both devices is "archer-c7" on ar71xx, set here:
https://github.com/openwrt/openwrt/blob/master/target/linux/ar71xx/base-files/lib/ar71xx.sh#L348
https://github.com/openwrt/openwrt/blob/master/target/linux/ar71xx/base-files/lib/ar71xx.sh#L511
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Christian Lamparter [Sat, 15 Jun 2019 17:51:28 +0000 (19:51 +0200)]
mac80211: refresh patches
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Sven Eckelmann [Tue, 11 Jun 2019 12:53:12 +0000 (14:53 +0200)]
mac80211: ath10k: adjust tx power reduction for US regulatory domain
FCC allows maximum antenna gain of 6 dBi. 15.247(b)(4):
> (4) The conducted output power limit
> specified in paragraph (b) of this section
> is based on the use of antennas
> with directional gains that do not exceed
> 6 dBi. Except as shown in paragraph
> (c) of this section, if transmitting
> antennas of directional gain greater
> than 6 dBi are used, the conducted
> output power from the intentional radiator
> shall be reduced below the stated
> values in paragraphs (b)(1), (b)(2),
> and (b)(3) of this section, as appropriate,
> by the amount in dB that the
> directional gain of the antenna exceeds
> 6 dBi.
https://www.gpo.gov/fdsys/pkg/CFR-2013-title47-vol1/pdf/CFR-2013-title47-vol1-sec15-247.pdf
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Tue, 11 Jun 2019 12:53:12 +0000 (14:53 +0200)]
mac80211: ath10k: fix max antenna gain unit
Most of the txpower for the ath10k firmware is stored as twicepower (0.5 dB
steps). This isn't the case for max_antenna_gain - which is still expected
by the firmware as dB.
The firmware is converting it from dB to the internal (twicepower)
representation when it calculates the limits of a channel. This can be seen
in tpc_stats when configuring "12" as max_antenna_gain. Instead of the
expected 12 (6 dB), the tpc_stats shows 24 (12 dB).
Tested on QCA9888 and IPQ4019 with firmware 10.4-3.5.3-00057.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Tue, 11 Jun 2019 12:46:28 +0000 (14:46 +0200)]
mac80211: ath9k: Increase allowed antenna gain to 6 dBi
FCC allows maximum antenna gain of 6 dBi. 15.247(b)(4):
> (4) The conducted output power limit
> specified in paragraph (b) of this section
> is based on the use of antennas
> with directional gains that do not exceed
> 6 dBi. Except as shown in paragraph
> (c) of this section, if transmitting
> antennas of directional gain greater
> than 6 dBi are used, the conducted
> output power from the intentional radiator
> shall be reduced below the stated
> values in paragraphs (b)(1), (b)(2),
> and (b)(3) of this section, as appropriate,
> by the amount in dB that the
> directional gain of the antenna exceeds
> 6 dBi.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Pavel Kubelun [Tue, 14 May 2019 13:42:19 +0000 (16:42 +0300)]
ipq40xx: fix high resolution timer
Cherry-picked from CAF QSDK repo.
see 090-ipq40xx-fix-high-resolution-timer.patch
Original commit message:
The kernel is failing in switching the timer for high resolution
mode and clock source operates in 10ms resolution. The always-on
property needs to be given for timer device tree node to make
clock source working in 1ns resolution.
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[changed authorship of main patch to pavel and cherry-picked
patch to Abhishek Sahu]
Pavel Kubelun [Tue, 14 May 2019 13:42:17 +0000 (16:42 +0300)]
ipq40xx: directly define voltage per opp
This should align opp table with what it was before converting to OPP v2.
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Mantas Pucka [Tue, 11 Jun 2019 14:08:48 +0000 (17:08 +0300)]
kernel: mt29f_spinand: fix memory leak during page program
Memory is allocated with devm_kzalloc() on every page program
and leaks until device is closed (which never happens).
Convert to kzalloc() and handle error paths manually.
Signed-off-by: Mantas Pucka <mantas@8devices.com>
Adrian Schmutzler [Tue, 11 Jun 2019 11:28:02 +0000 (13:28 +0200)]
ath79: Merge cases in 11-ath10k-caldata
Cosmetical patch that just merges two cases.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Christian Lamparter [Fri, 14 Jun 2019 22:45:58 +0000 (00:45 +0200)]
iwinfo: update PKG_MIRROR_HASH
This patch updates the PKG_MIRROR_HASH to match the one
of the current version.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Linus Walleij [Tue, 11 Jun 2019 21:25:39 +0000 (23:25 +0200)]
gemini: Make root filesystem writeable
The squashfs+jffs2 root filesystem only came up as read-only
and the config would not take:
[ 25.600237] mount_root: Could not open mtd device: /dev/mtd4
[ 25.634674] mount_root: reading rootfs_data failed
[ 25.665346] mount_root: Could not open mtd device: /dev/mtd3
[ 25.699802] mount_root: reading rootfs failed
[ 25.726426] mount_root: mounting /dev/root
Well that is not very strange since the whole firmware partition
is made read-only in the device tree. Let's fix that by augmenting
the OpenWrt patch.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Linus Walleij [Tue, 11 Jun 2019 21:06:55 +0000 (23:06 +0200)]
gemini: Fix MAC address assignment for DIR-685
The DIR-685 has the MAC addresses in the RedBoot code just like
DNS-313. Check some magic numbers to determine that the MAC
address is where we want it and extract it from RedBoot.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[replaced ifconfig with ip, ! -z = -n, added string quotes]
Linus Walleij [Tue, 11 Jun 2019 21:06:54 +0000 (23:06 +0200)]
gemini: Make a per-board case for ethernet MAC
The DNS-313 isn't the only special board so let's bite the
bullet and create a case ladder in preparation for DIR-685.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [refreshed]
Linus Walleij [Tue, 11 Jun 2019 21:06:53 +0000 (23:06 +0200)]
gemini: Use library functions to assign MAC address
This simplifies the ethernet address extraction script
by using standard library functions to locate the MTD
partitions and extract ethernet address from a binary
offset location in the flash. Furthermore, the aging
ifconfig is replaced by the ip tool, which will now
assign the MAC addresses.
Suggested-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[ifconfig replacement, use -n instead of ! -z,
-n requires string to be quoted within the test brackets,
drop prepended "x" in check, add quotes, make local
variables local, kill whitespaces]
Christian Lamparter [Fri, 14 Jun 2019 16:44:51 +0000 (18:44 +0200)]
gemini: enable CONFIG_PACKET
CONFIG_PACKET is a important feature to have.
The Packet protocol is used by applications which
communicate directly with network devices without
an intermediate network protocol implemented in
the kernel, e.g. tcpdump and ip.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Rosen Penev [Mon, 20 May 2019 18:11:49 +0000 (11:11 -0700)]
kernel: Add AEAD and RNG support to kmod-crypto-user
Now that kernel 3.18 is gone, we can safely add these features.
Tested on Turris Omnia.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hannu Nyman [Sat, 15 Jun 2019 09:16:55 +0000 (12:16 +0300)]
busybox: update to 1.31.0
* Update busybox to version 1.31.0.
New applets: ts, i2ctransfer
New (restored) feature: error/info levels in syslog messages.
Leave new features disabled by default.
* Refresh patches
* Remove patch that was backported from upstream
Config refreshed with commands below, after which the OpenWrt specific
config defaults (ipv6, login session child) were corrected:
make package/busybox/compile (to populate the build_dir)
cd package/utils/busybox/config/
../convert_menuconfig.pl ../../../../build_dir/target-mips_24kc_musl/busybox-1.31.0
cd package/utils/busybox
./convert_defaults.pl < ../../../build_dir/target-mips_24kc_musl/busybox-1.31.0/.config > Config-defaults.in
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
André Valentin [Fri, 14 Jun 2019 11:09:47 +0000 (13:09 +0200)]
network/config/xfrm: add host-dependency for xfrm interface parent
Add proto_add_host_dependency to add a dependency to the tunlink interface
Signed-off-by: André Valentin <avalentin@marcant.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
Yousong Zhou [Fri, 14 Jun 2019 01:49:42 +0000 (01:49 +0000)]
busybox: strip off ALTERNATIVES spec
Now that busybox is a known alternatives provider by opkg, we remove the
ALTERNATIVES spec and add a note to make the implicit situation clear
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Yousong Zhou [Fri, 14 Jun 2019 01:44:15 +0000 (01:44 +0000)]
opkg: bump to version 2019-06-14
Opkg starting from this version special-cases busybox as alternatives
provider. There should be no need to add entries to ALTERNATIVES of
busybox package
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Stijn Tintel [Thu, 13 Jun 2019 22:18:58 +0000 (01:18 +0300)]
kernel: add missing symbol to 4.19 config
Kernel 4.19.47 added a new kernel config symbol ARM64_ERRATUM_1463225.
This causes a build failure for sunxi/cortexa53. Add the symbol to the
generic config to fix this, and avoid future build failures on other
arm64 targets that expose this symbol. As the erratum only affects
Cortex-A76 cores, we can safely disable it.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Hans Dedecker [Thu, 13 Jun 2019 20:16:06 +0000 (22:16 +0200)]
netifd: update to latest git HEAD
42a3878 interface-ip: fix possible null pointer dereference
c1964d8 system-linux: remove superfluous dev check
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Kevin Darbyshire-Bryant [Thu, 13 Jun 2019 16:34:26 +0000 (17:34 +0100)]
ath10k-firmware: update Candela Tech firmware images
wave-1:
2019-05-09: Tweak rate-ctrl: Ramp PER up faster, down slower. This
helps throughput in rate-vs-range test, especially with
nss1.
2019-05-20: Disable adaptive-CCA. I am not sure it helps, and it may
make it slower to detect noise that should tell the system
to stop transmitting. If someone has means to test this
properly, I'd be happy to work with them.
wave-2:
2019-05-15: Fix problem where rate-ctrl sometimes used rix of 0x0.
2019-05-15: Allow raw-tx of encrypted frame. Requires a patch to the
driver to use raw mode when skb has WEP flag enabled AND
skb is flagged to not be encrypted. Lightly tested.
2019-05-16: Fix tx-hang that happened when rate-ctrl chose an OFDM rate
for 20Mhz and sent that as AMPDU. To fix, limit to (V)HT
rates if peer is (V)HT. It seems that MCS0 (V)HT20 should
have as good of a chance of being detected as CCK or OFDM.
2019-06-06: Disable TX-BFEE, TX-BFER for IBSS connections. I suspect
this is part of the tx-hang issue seen with IBSS between
two 9984 radios.
2019-06-12: Fix rx-rate reporting in 'fw_stats' logic. This was at
least partly due to regressions I had added earlier when
working on some multi-vdev enhancements.
2019-6-12: Fix case where extd peer-stats were not always populated.
The stats gathering code did not handle error conditions
well.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Kevin Darbyshire-Bryant [Thu, 13 Jun 2019 18:06:25 +0000 (19:06 +0100)]
ath10k-ct: Update to 2019-06-13
Changes:
ath10k: Improve PMF/MPF mgt frame check
And add a driver for 5.2 (beta, not even tested yet) kernel.
Refresh patches.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Paul Spooren [Wed, 12 Jun 2019 21:38:20 +0000 (23:38 +0200)]
f2fs-tools: fixup SPDX license
The f2fs-tools have a wrong PKG_LICENSE with is not SPDX compatible.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Daniel Golle [Sat, 29 Dec 2018 05:51:32 +0000 (06:51 +0100)]
config: enable some useful features on !SMALL_FLASH devices
enable kernel features needed for procd-ujail, procd-seccomp, lxc and
more on devices with big enough flash. Those packages are currently
useless in binary builds due to missing kernel features.
Enable the features on devices which can bare with the extra space
consumption.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Konstantin Demin [Wed, 12 Jun 2019 09:10:09 +0000 (12:10 +0300)]
nghttp2: deduplicate files in libnghttp2
libnghttp2 accidentally ships library twice:
$ tar -Oxzf libnghttp2-14_1.38.0-1_mips_24kc.ipk ./data.tar.gz | tar -tzvf -
drwxr-xr-x root/root 0 2019-06-07 23:14 ./
drwxr-xr-x root/root 0 2019-06-07 23:14 ./usr/
drwxr-xr-x root/root 0 2019-06-07 23:14 ./usr/lib/
-rw-r--r-- root/root 144412 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14
-rw-r--r-- root/root 144412 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14.17.3
after fix, there's library and symlink (as designed):
$ tar -Oxzf libnghttp2-14_1.38.0-2_mips_24kc.ipk ./data.tar.gz | tar -tzvf -
drwxr-xr-x root/root 0 2019-06-07 23:14 ./
drwxr-xr-x root/root 0 2019-06-07 23:14 ./usr/
drwxr-xr-x root/root 0 2019-06-07 23:14 ./usr/lib/
lrwxrwxrwx root/root 0 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14 -> libnghttp2.so.14.17.3
-rw-r--r-- root/root 144412 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14.17.3
Binary package size reduced accordingly: 134621 -> 66593.
Compile/run-tested: ar71xx/generic.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Koen Vandeputte [Wed, 12 Jun 2019 12:41:51 +0000 (14:41 +0200)]
iwinfo: update to latest git HEAD
1372f47eff34 iwinfo: Add Mikrotik R11e-5HnDr2
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Tue, 11 Jun 2019 16:26:06 +0000 (18:26 +0200)]
kernel: bump 4.19 to 4.19.50
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Tue, 11 Jun 2019 16:25:36 +0000 (18:25 +0200)]
kernel: bump 4.14 to 4.14.125 (FS#2305 FS#2297)
Refreshed all patches.
This bump contains upstream commits which seem to avoid (not properly fix)
the errors as seen in FS#2305 and FS#2297
Altered patches:
- 403-net-mvneta-convert-to-phylink.patch
- 410-sfp-hack-allow-marvell-10G-phy-support-to-use-SFP.patch
Compile-tested on: ar71xx, cns3xxx, imx6, mvebu, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Tue, 11 Jun 2019 16:22:19 +0000 (18:22 +0200)]
kernel: bump 4.9 to 4.9.181
Refreshed all patches.
Compile-tested on: ar7
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Yousong Zhou [Tue, 11 Jun 2019 08:26:27 +0000 (08:26 +0000)]
dnsmasq: move feature detection inside a shell func
Resolves openwrt/packages#9219
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Petr Štetiar [Mon, 20 May 2019 14:47:23 +0000 (16:47 +0200)]
build: add urandom-seed and urngd to default packages set
urandom-seed content was split from base-files into separate package so
in order to preserve the current functionality and to provide some
fallback mechanism in case jent-rng initialization fails in urngd we
need to add it back.
urngd is OpenWrt's micro non-physical true random number generator based
on timing jitter.
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 20 May 2019 14:38:33 +0000 (16:38 +0200)]
base-files: move urandom seed bits into separate package
So it's possible to install or remove it as needed.
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 20 May 2019 14:41:43 +0000 (16:41 +0200)]
ubox: move getrandom into separate getrandom package
So it's possible to install or remove it as needed.
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 20 May 2019 12:02:20 +0000 (14:02 +0200)]
urng: add micro non-physical true RNG based on timing jitter
μrngd is OpenWrt's micro non-physical true random number generator based
on timing jitter.
Using the Jitter RNG core, the rngd provides an entropy source that
feeds into the Linux /dev/random device if its entropy runs low. It
updates the /dev/random entropy estimator such that the newly provided
entropy unblocks /dev/random.
The seeding of /dev/random also ensures that /dev/urandom benefits from
entropy. Especially during boot time, when the entropy of Linux is low,
the Jitter RNGd provides a source of sufficient entropy.
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Alexander Couzens [Mon, 10 Jun 2019 23:49:30 +0000 (01:49 +0200)]
version.mk: use https:// instead of http://
Only the repo should not use https. Otherwise the build would need
a wget/uclient_fetch with tls support.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Alexander Couzens [Mon, 10 Jun 2019 23:38:46 +0000 (01:38 +0200)]
replace links towards lede-project.org with openwrt.org
Modify VERSION_SUPPORT_URL VERSION_REPO
Replace BUGS variable in toolchain/gcc/common.mk
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Karl Pálsson [Wed, 5 Jun 2019 17:16:52 +0000 (17:16 +0000)]
toolchain: replace LEDE in help text
Use generic wording.
Signed-off-by: Karl Pálsson <karlp@etactica.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [fixed a -> á]
Kristian Evensen [Thu, 6 Jun 2019 16:27:39 +0000 (18:27 +0200)]
ramips: Remove redundant LED-cases
01_leds has several redundant LED-cases. This commit cleans
up the file by merging these cases into shared cases.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
Adrian Schmutzler [Thu, 9 May 2019 12:55:16 +0000 (14:55 +0200)]
ath79: Add support for TP-Link Archer C25 v1
The TP-Link Archer C25 is a low-cost dual-band router.
Specification:
- CPU: Atheros QCA9561 775 MHz
- RAM: 64 MB
- Flash: 8 MB
- Wifi: 3x3 2.4 GHz (integrated), 1x1 5 GHz QCA9887
- NET: 5x 10/100 Mbps Ethernet
Some LEDs are controlled by an additional 74HC595 chip, but not
all of them as e.g. for the C59.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Wed, 5 Jun 2019 11:50:21 +0000 (13:50 +0200)]
ath79: Reorder some TP-Link Archer devices in 01_leds
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Deng Qingfang [Fri, 7 Jun 2019 16:40:32 +0000 (00:40 +0800)]
ramips: mt7620: select kmod-rt2800-pci driver for RT5592
ASUS RP-N53 and Buffalo WHR-600D use RT5592 for 5GHz wireless
After commit
367813b9b17 the driver for RT5592 (rt2800pci)
is not selected by default anymore, which broke their 5GHz wireless
Add it back to device packages
Fixes: 367813b9b17 ("ramips: mt7620: fix dependencies")
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
David Santamaría Rogado [Tue, 4 Jun 2019 20:06:17 +0000 (22:06 +0200)]
ath79: migrate Archer C7 5GHz radio device paths
When upgrading a TP-Link Archer C7 v2 from ar71xx to ath79,
the 5ghz radio stops working because the device path changed.
Some people subtitute the unsupported QCA9880v1 in the Archer v1
with supported QCA9880v2 radio. Since the stock radio doesn't
work, so it's safe to apply the change also for the Archer v1
images as well.
Also this patch renames the migration file and variables from
wmac to wifi.
Signed-off-by: David Santamaría Rogado <howl.nsp@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[removed comment, added return 0 (not that it matters since uci is
clever, see 00-wmac-migration thread), reworded commit message]
Adrian Schmutzler [Wed, 5 Jun 2019 13:59:30 +0000 (15:59 +0200)]
ath79: Consistently label art partition with lower case
This patch harmonizes the label and alias for art partitions
across ath79. Since lower case seems to be more frequent, use that
consistently.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Wed, 5 Jun 2019 13:31:32 +0000 (15:31 +0200)]
ath79: Read MAC addresses from flash in 11-ath10k-caldata
In commit
c3a8518 eth0 and eth1 have been swapped for some devices,
but 11-ath10k-caldata has not been updated.
Instead of fixing this by swapping eth0/eth1, this patch will read
addresses from flash (as done for several devices already) so
adjustments due to eth order become obsolete.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Wed, 5 Jun 2019 13:17:01 +0000 (15:17 +0200)]
ath79: Consistently label info partition
The info/product-info partition, which frequently contains MAC
adresses, is typically assigned the 'info' alias in DTS, but
then labelled with 'info', 'product-info' or 'config'.
This leads to different aliases if used for setting MAC adresses
in DTS compared to when using e.g. mtd_get_mac_binary. Occationally,
also multiple switch-case entries are used just because of different
labelling.
This patch relabels those partitions in ath79 to consistently use
'info'.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Pawel Dembicki [Thu, 23 May 2019 18:41:50 +0000 (20:41 +0200)]
mpc85xx: re-enable TL-WDR4900v1 images
This reverts commit
324e94f31bfd ("mpc85xx: disable bricking TL-WDR4900v1 images")
The previous commit fixes the TL-WDR4900v1. Enable the target again.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Tue, 29 Jan 2019 22:52:27 +0000 (23:52 +0100)]
mpc85xx: convert TL-WDR4900 v1 to simpleImage
Converts the TP-Link WDR4900 v1 to use the simpleImage in the
hopes of prolonging the life of the device. While at it,
the patch makes the fdt.bin an ARTIFACT and sets the KERNEL_SIZE
to 2684 KiB as a precaution since the stock u-boot is using a
fixed kernel size.
Note: Give the image some time, it will take much longer to
extract and boot.
[tested for 4.14/4.19]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Co-authored-by: Pawel Dembicki <paweldembicki@gmail.com>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
André Valentin [Sat, 8 Jun 2019 11:48:08 +0000 (13:48 +0200)]
config: add xfrm interface support scripts
This package adds scripts for xfrm interfaces support.
Example configuration via /etc/config/network:
config interface 'xfrm0'
option proto 'xfrm'
option mtu '1300'
option zone 'VPN'
option tunlink 'wan'
option ifid 30
config interface 'xfrm0_static'
option proto 'static'
option ifname '@xfrm0'
option ip6addr 'fe80::1/64'
option ipaddr '10.0.0.1/30'
Now set in strongswan IPsec policy:
if_id_in = 30
if_id_out = 30
Signed-off-by: André Valentin <avalentin@marcant.net>
Hans Dedecker [Mon, 10 Jun 2019 08:02:39 +0000 (10:02 +0200)]
curl: update to 7.65.1
For changes in 7.65.1; see https://curl.haxx.se/changes.html#7_65_1
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
André Valentin [Sat, 8 Jun 2019 11:48:07 +0000 (13:48 +0200)]
netsupport: add xfrmi interface support
Add support for xfrm interfaces in kernel. XFRM interfaces are used by
the IPsec stack for tunneling.
XFRM interfaces are available since linux 4.19.
Signed-off-by: André Valentin <avalentin@marcant.net>
Petr Štetiar [Wed, 5 Jun 2019 09:25:44 +0000 (11:25 +0200)]
kirkwood: image: fix unwanted 2nd inclusion of kernel
In commit
d2e18dae2892 ("kirkwood: cleanup image build code") the image
build code was refactored, setting KERNEL_IN_UBI=0 which doesn't work as
the KERNEL_IN_UBI needs to be unset in order to make it working as
intended, which leads to factory images with two kernels in them:
binwalk --keep-going openwrt-kirkwood-cisco_on100-squashfs-factory.bin
MD5 Checksum:
c33e3d1eb0cb632bf0a4dc287592eb70
DECIMAL HEX DESCRIPTION
-------------------------------------------------------------------------------
0 0x0 uImage header [...] "ARM OpenWrt Linux-4.14.123"
5769216 0x580800 uImage header [...] "ARM OpenWrt Linux-4.14.123"
Cc: Mathias Kresin <dev@kresin.me>
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2285
Fixes: d2e18dae2892 ("kirkwood: cleanup image build code")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Tue, 4 Jun 2019 11:14:41 +0000 (13:14 +0200)]
gpio-button-hotplug: gpio-keys: fix always missing first event
Commit
afc056d7dc83 ("gpio-button-hotplug: support interrupt
properties") changed the gpio-keys interrupt handling logic in a way,
that it always misses first event, which causes issues with rc.button
scripts, so this patch restores the previous behaviour.
Fixes: afc056d7dc83 ("gpio-button-hotplug: support interrupt properties")
Reported-by: Kristian Evensen <kristian.evensen@gmail.com>
Tested-by: Kuan-Yi Li <kyli.tw@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [drop state check]
Petr Štetiar [Mon, 3 Jun 2019 21:08:01 +0000 (23:08 +0200)]
gpio-button-hotplug: fix wrong initial seen value
Currently the generated event contains wrong seen value, when the button
is pressed for the first time:
rmmod gpio_button_hotplug; modprobe gpio_button_hotplug
[ pressing the wps key immediately after modprobe ]
gpio-keys: create event, name=wps, seen=1088, pressed=1
So this patch adds a check for this corner case and makes seen=0 if the
button is pressed for the first time.
Tested-by: Kuan-Yi Li <kyli.tw@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 3 Jun 2019 20:05:41 +0000 (22:05 +0200)]
gpio-button-hotplug: use pr_debug and pr_err
pr_debug can be used with dynamic debugging.
Tested-by: Kuan-Yi Li <kyli.tw@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Yousong Zhou [Sat, 25 May 2019 09:58:18 +0000 (09:58 +0000)]
dnsmasq: skip options that are not compiled in
This is to make life easier for users with customized build of
dnsmasq-full variant. Currently dnsmasq config generated by current
service script will be rejected by dnsmasq build lacking DHCP feature
- Options like --dhcp-leasefile have default values. Deleting them
from uci config or setting them to empty value will make them take on
default value in the end
- Options like --dhcp-broadcast are output unconditionally
Tackle this by
- Check availablility of features from output of "dnsmasq --version"
- Make a list of options guarded by HAVE_xx macros in src/options.c of
dnsmasq source code
- Ignore these options in xappend()
Two things to note in this implementation
- The option list is not exhaustive. Supposedly only those options that
may cause dnsmasq to reject with "unsupported option (check that
dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)" are taken
into account here
- This provides a way out but users' cooperation is still needed. E.g.
option dnssec needs to be turned off, otherwise the service script
will try to add --conf-file pointing to dnssec specific anchor file
which dnsmasq lacking dnssec support will reject
Resolves FS#2281
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Hans Dedecker [Sat, 8 Jun 2019 19:49:22 +0000 (21:49 +0200)]
netifd: xfrm tunnel support
8c6358b netifd: add xfrm tunnel interface support
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Konstantin Demin [Fri, 7 Jun 2019 19:57:34 +0000 (22:57 +0300)]
busybox: add ALTERNATIVES for brctl
Busybox brctl applet conflicts with the version from bridge-utils.
Fix this by using ALTERNATIVE support for brctl in busybox.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
Deng Qingfang [Fri, 7 Jun 2019 16:57:46 +0000 (00:57 +0800)]
tools/ccache: update to 3.7.1
Update ccache to 3.7.1
Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_1
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Chen Minqiang [Fri, 10 May 2019 11:13:07 +0000 (19:13 +0800)]
kernel: re-add bridge allow reception on disabled port
The "bridge allow reception on disabled port" implementation
was broken after these commits:
08802d93e2c1 ("kernel: bump 4.19 to 4.19.37")
b765f4be407c ("kernel: bump 4.14 to 4.14.114")
456f486b53a7 ("kernel: bump 4.9 to 4.9.171")
This leads to issues when for example WDS is used, tied to a bridge:
[ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3)
[ 96.517956] wlan1: authenticated
[ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3)
[ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3)
[ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1)
[ 97.208706] wlan1: associated
[ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID)
It seems upstream introduced a new patch, [1]
so we have to reimplement these patches properly:
target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch
[1] https://lkml.org/lkml/2019/4/24/1228
Fixes: 08802d93e2c1 ("kernel: bump 4.19 to 4.19.37")
Fixes: b765f4be407c ("kernel: bump 4.14 to 4.14.114")
Fixes: 456f486b53a7 ("kernel: bump 4.9 to 4.9.171")
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
[updated commit message and title]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Kevin Darbyshire-Bryant [Wed, 5 Jun 2019 17:29:53 +0000 (18:29 +0100)]
iproute2: add tc action ctinfo support
Add the userspace control portion of the backported kernelspace
act_ctinfo.
ctinfo is a tc action restoring data stored in conntrack marks to
various fields. At present it has two independent modes of operation,
restoration of DSCP into IPv4/v6 diffserv and restoration of conntrack
marks into packet skb marks.
It understands a number of parameters specific to this action in
additional to the usual action syntax. Each operating mode is
independent of the other so all options are optional, however not
specifying at least one mode is a bit pointless.
Usage: ... ctinfo [dscp mask [statemask]] [cpmark [mask]] [zone ZONE]
[CONTROL] [index <INDEX>]
DSCP mode
dscp enables copying of a DSCP stored in the conntrack mark into the
ipv4/v6 diffserv field. The mask is a 32bit field and specifies where
in the conntrack mark the DSCP value is located. It must be 6
contiguous bits long. eg. 0xfc000000 would restore the DSCP from the
upper 6 bits of the conntrack mark.
The DSCP copying may be optionally controlled by a statemask. The
statemask is a 32bit field, usually with a single bit set and must not
overlap the dscp mask. The DSCP restore operation will only take place
if the corresponding bit/s in conntrack mark ANDed with the statemask
yield a non zero result.
eg. dscp 0xfc000000 0x01000000 would retrieve the DSCP from the top 6
bits, whilst using bit 25 as a flag to do so. Bit 26 is unused in this
example.
CPMARK mode
cpmark enables copying of the conntrack mark to the packet skb mark. In
this mode it is completely equivalent to the existing act_connmark
action. Additional functionality is provided by the optional mask
parameter, whereby the stored conntrack mark is logically ANDed with the
cpmark mask before being stored into skb mark. This allows shared usage
of the conntrack mark between applications.
eg. cpmark 0x00ffffff would restore only the lower 24 bits of the
conntrack mark, thus may be useful in the event that the upper 8 bits
are used by the DSCP function.
Usage: ... ctinfo [dscp mask [statemask]] [cpmark [mask]] [zone ZONE]
[CONTROL] [index <INDEX>]
where :
dscp MASK is the bitmask to restore DSCP
STATEMASK is the bitmask to determine conditional restoring
cpmark MASK mask applied to restored packet mark
ZONE is the conntrack zone
CONTROL := reclassify | pipe | drop | continue | ok |
goto chain <CHAIN_INDEX>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Kevin Darbyshire-Bryant [Wed, 5 Jun 2019 17:28:46 +0000 (18:28 +0100)]
kernel: backport act_ctinfo
ctinfo is a new tc filter action module. It is designed to restore
information contained in firewall conntrack marks to other packet fields
and is typically used on packet ingress paths. At present it has two
independent sub-functions or operating modes, DSCP restoration mode &
skb mark restoration mode.
The DSCP restore mode:
This mode copies DSCP values that have been placed in the firewall
conntrack mark back into the IPv4/v6 diffserv fields of relevant
packets.
The DSCP restoration is intended for use and has been found useful for
restoring ingress classifications based on egress classifications across
links that bleach or otherwise change DSCP, typically home ISP Internet
links. Restoring DSCP on ingress on the WAN link allows qdiscs such as
but by no means limited to CAKE to shape inbound packets according to
policies that are easier to set & mark on egress.
Ingress classification is traditionally a challenging task since
iptables rules haven't yet run and tc filter/eBPF programs are pre-NAT
lookups, hence are unable to see internal IPv4 addresses as used on the
typical home masquerading gateway. Thus marking the connection in some
manner on egress for later restoration of classification on ingress is
easier to implement.
Parameters related to DSCP restore mode:
dscpmask - a 32 bit mask of 6 contiguous bits and indicate bits of the
conntrack mark field contain the DSCP value to be restored.
statemask - a 32 bit mask of (usually) 1 bit length, outside the area
specified by dscpmask. This represents a conditional operation flag
whereby the DSCP is only restored if the flag is set. This is useful to
implement a 'one shot' iptables based classification where the
'complicated' iptables rules are only run once to classify the
connection on initial (egress) packet and subsequent packets are all
marked/restored with the same DSCP. A mask of zero disables the
conditional behaviour ie. the conntrack mark DSCP bits are always
restored to the ip diffserv field (assuming the conntrack entry is found
& the skb is an ipv4/ipv6 type)
e.g. dscpmask 0xfc000000 statemask 0x01000000
|----0xFC----conntrack mark----000000---|
| Bits 31-26 | bit 25 | bit24 |~~~ Bit 0|
| DSCP | unused | flag |unused |
|-----------------------0x01---000000---|
| |
| |
---| Conditional flag
v only restore if set
|-ip diffserv-|
| 6 bits |
|-------------|
The skb mark restore mode (cpmark):
This mode copies the firewall conntrack mark to the skb's mark field.
It is completely the functional equivalent of the existing act_connmark
action with the additional feature of being able to apply a mask to the
restored value.
Parameters related to skb mark restore mode:
mask - a 32 bit mask applied to the firewall conntrack mark to mask out
bits unwanted for restoration. This can be useful where the conntrack
mark is being used for different purposes by different applications. If
not specified and by default the whole mark field is copied (i.e.
default mask of 0xffffffff)
e.g. mask 0x00ffffff to mask out the top 8 bits being used by the
aforementioned DSCP restore mode.
|----0x00----conntrack mark----ffffff---|
| Bits 31-24 | |
| DSCP & flag| some value here |
|---------------------------------------|
|
|
v
|------------skb mark-------------------|
| | |
| zeroed | |
|---------------------------------------|
Overall parameters:
zone - conntrack zone
control - action related control (reclassify | pipe | drop | continue |
ok | goto chain <CHAIN_INDEX>)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Make suitable adjustments for backporting to 4.14 & 4.19
and add to SCHED_MODULES_FILTER
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Biwen Li [Mon, 6 May 2019 04:13:14 +0000 (12:13 +0800)]
layerscape: update patches-4.14 to LSDK 19.03
All patches of LSDK 19.03 were ported to Openwrt kernel.
We still used an all-in-one patch for each IP/feature for
OpenWrt.
Below are the changes this patch introduced.
- Updated original IP/feature patches to LSDK 19.03.
- Added new IP/feature patches for eTSEC/PTP/TMU.
- Squashed scattered patches into IP/feature patches.
- Updated config-4.14 correspondingly.
- Refreshed all patches.
More info about LSDK and the kernel:
- https://lsdk.github.io/components.html
- https://source.codeaurora.org/external/qoriq/qoriq-components/linux
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Sun, 14 Apr 2019 06:49:49 +0000 (14:49 +0800)]
layerscape: fix u-boot bootcmd
Current latest LSDK-19.03 u-boot had a bug that bootcmd
environment was always been reset when u-boot started up.
This was found on boards with spi NOR boot. Before the
proper fix-up is applied, we have to use a workaround
to hard code the bootcmd for OpenWrt booting for now.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Thu, 18 Apr 2019 11:15:24 +0000 (19:15 +0800)]
layerscape: drop ppa package
Drop ppa package since TF-A is used instead.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Mon, 6 May 2019 03:26:09 +0000 (11:26 +0800)]
layerscape: convert to use TF-A for firmware
This patch is to convert to use TF-A for firmware.
- Use un-swapped rcw since swapping will be done in TF-A.
- Use u-boot with TF-A defconfig.
- Rework memory map for TF-A introduction.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Mon, 15 Apr 2019 09:45:53 +0000 (17:45 +0800)]
layerscape: add ARM Trusted Firmware package
Add TF-A packages for Layerscape to implement trusted firmware.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Mon, 15 Apr 2019 08:56:55 +0000 (16:56 +0800)]
layerscape: add rcw packages for ls1043ardb/ls1046ardb SD boot
Add rcw packages for ls1043ardb/ls1046ardb SD boot.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Thu, 18 Apr 2019 10:48:00 +0000 (18:48 +0800)]
layerscape: drop armv8_32b support
NXP LSDK has decided to drop armv8_32b support considering
few users are using it.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Yangbo Lu [Thu, 18 Apr 2019 11:19:21 +0000 (19:19 +0800)]
layerscape: update restool to LSDK 19.03
Update restool to LSDK 19.03.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Mon, 15 Apr 2019 09:14:09 +0000 (17:14 +0800)]
layerscape: update u-boot to LSDK 19.03
Update u-boot to LSDK 19.03.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Biwen Li [Sun, 14 Apr 2019 08:11:29 +0000 (16:11 +0800)]
layerscape: update ppfe-firmware to LSDK 19.03
Update ppfe-firmware to LSDK 19.03.
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>