openwrt/staging/chunkeey.git
4 years agogdb: Always use system zlib
Hauke Mehrtens [Sat, 24 Oct 2020 21:34:18 +0000 (23:34 +0200)]
gdb: Always use system zlib

Instead of using the system zlib when the package is selected and using
the internal zlib if it is not selected in OpenWrt, just activate it
always. This should make the package more deterministic.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agogdb: Update to version 10.1
Hauke Mehrtens [Sat, 24 Oct 2020 18:21:05 +0000 (20:21 +0200)]
gdb: Update to version 10.1

gdb 10.1 adds many new features for example gdbserver support for
  - ARC GNU/Linux
  - RISC-V GNU/Linux

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agotoolchain: gdb: Remove ARC patches
Hauke Mehrtens [Sat, 31 Oct 2020 23:16:22 +0000 (00:16 +0100)]
toolchain: gdb: Remove ARC patches

The ARC specific gdb was removed some time ago.

Fixes: 969690b33c56 ("toolchain/gdb: Don't use gdb-arc")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agotoolchain: gdb: Disable tests
Hauke Mehrtens [Sat, 24 Oct 2020 21:35:13 +0000 (23:35 +0200)]
toolchain: gdb: Disable tests

Instead of patching the tests out, just remove them with a configure
option.
No files were generates in the testsuite and unit-test directories.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agotoolchain: gdb: Update to version 10.1
Hauke Mehrtens [Sat, 24 Oct 2020 18:20:54 +0000 (20:20 +0200)]
toolchain: gdb: Update to version 10.1

gdb 10.1 adds many new features for example gdbserver support for
  - ARC GNU/Linux
  - RISC-V GNU/Linux

Removed this patch, because similar changes are now integrated upstream:
toolchain/gdb/patches/100-no_extern_inline.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agoodhcpd: fix compile problem on 64-bit systems
Hans Dedecker [Sun, 1 Nov 2020 19:23:04 +0000 (20:23 +0100)]
odhcpd: fix compile problem on 64-bit systems

735c783 dhcpv6: fix size_t fields in syslog format

Fixes 5cdc65f6d1

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
4 years agoipq40xx: enable RX hash / CTAG TX offloading for single-phy
David Bauer [Mon, 26 Oct 2020 20:59:47 +0000 (21:59 +0100)]
ipq40xx: enable RX hash / CTAG TX offloading for single-phy

This re-enables offloading features disabled by
commit 9da2b567605b ("ipq40xx: fix ethernet vlan double tagging").

Single-PHY devices use port-based VLANs on the switch, therefore no
S-TAG magic is involved here. Re-enabling these features restores
throughput back to 950 Mbit/s.

Reported-by: Jannis Pinter <jannis@pinterjann.is>
Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agoath79: use correct firmware name for UniFi AP
David Bauer [Sat, 31 Oct 2020 15:41:04 +0000 (16:41 +0100)]
ath79: use correct firmware name for UniFi AP

The Ubiquiti UniFi AP does not have a AHB connected radio but a PCI one.
Also the EEPROM ist only 0x440 bytes of length.

Reported-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Tested-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agoath79: remove AT803X config symbol from subtargets
David Bauer [Fri, 30 Oct 2020 00:22:47 +0000 (01:22 +0100)]
ath79: remove AT803X config symbol from subtargets

The AT803X_PHY kernel config symbol is already enabled target-wide. SO
it does not have to be enabled for individual subtargets.

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agoath79: drop upstreamed patch
David Bauer [Fri, 30 Oct 2020 00:03:09 +0000 (01:03 +0100)]
ath79: drop upstreamed patch

Patch was upstreamed a long time ago (over 2 years) as commit
a08227a206b8d ("MIPS: ath79: select the PINCTRL subsystem").

When porting this patch to a newer kernel, nobody noticed we now patch a
Broadcom platform. This is clearly not intended. So drop this patch and
pretend nothing ever happened.

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agokernel: bump 5.4 to 5.4.73
John Audia [Sat, 31 Oct 2020 11:35:12 +0000 (07:35 -0400)]
kernel: bump 5.4 to 5.4.73

Removed upstreamed patches:
 generic/pending-5.4
   445-mtd-spinand-gigadevice-Only-one-dummy-byte-in-QUA.patch
   446-mtd-spinand-gigadevice-Add-QE-Bit.patch
 pistachio/patches-5.4
   150-pwm-img-Fix-null-pointer-access-in-probe.patch

Manually rebased:
 layerscape/patches-5.4
   801-audio-0011-Revert-ASoC-fsl_sai-add-of_match-data.patch
   801-audio-0039-MLK-16224-6-ASoC-fsl_sai-fix-DSD-suspend-resume.patch
   801-audio-0073-MLK-21957-3-ASoC-fsl_sai-add-bitcount-and-timestamp-.patch
   820-usb-0009-usb-dwc3-Add-workaround-for-host-mode-VBUS-glitch-wh.patch

All modifications made by update_kernel.sh

Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711,
              mvebu (mamba, rango), x86_64, ramips/mt7621
Run-tested: ipq806x/R7800, mvebu (mamba, rango), x86_64, ramips (RT-AC57U)

No dmesg regressions, everything functional

Signed-off-by: John Audia <graysky@archlinux.us>
[alter 820-usb-0009-usb-dwc3-Add-workaround-for-host-mode-VBUS-glitch-wh]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoodhcpd: update to latest git HEAD
Hans Dedecker [Sat, 31 Oct 2020 20:23:45 +0000 (21:23 +0100)]
odhcpd: update to latest git HEAD

5700919 dhcpv6: add explicit dhcpv4o6 server address
e4f4e62 dhcpv6: add DHCPv4-over-DHCPv6 support
aff290b dhcpv6: check message type
2677fa1 router: fix advertisement interval option

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
4 years agohostapd: enable OWE for the basic-{openssl, wolfssl} variants
Rui Salvaterra [Sat, 31 Oct 2020 11:59:48 +0000 (11:59 +0000)]
hostapd: enable OWE for the basic-{openssl, wolfssl} variants

Opportunistic Wireless Encryption is needed to create/access encrypted networks
which don't require authentication.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
4 years agolibselinux: remove dependency on musl-fts for non-musl builds
Daniel Golle [Sat, 31 Oct 2020 00:06:53 +0000 (00:06 +0000)]
libselinux: remove dependency on musl-fts for non-musl builds

Suggested-by: Curtis Deptuck <curtdept@users.noreply.github.com>
Tested-by: Curtis Deptuck <curtdept@users.noreply.github.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agotarget: remove obsolete kernel version switches for 4.19
Adrian Schmutzler [Thu, 1 Oct 2020 15:02:47 +0000 (17:02 +0200)]
target: remove obsolete kernel version switches for 4.19

This removes unneeded kernel version switches from the targets after
kernel 4.19 has been dropped.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agokernel: remove obsolete kernel version switches for 4.19
Adrian Schmutzler [Thu, 1 Oct 2020 14:47:34 +0000 (16:47 +0200)]
kernel: remove obsolete kernel version switches for 4.19

This removes switches dependent on kernel version 4.19 as well as
several packages/modules selected only for that version.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agokernel: remove support for kernel 4.19
Adrian Schmutzler [Fri, 9 Oct 2020 19:53:35 +0000 (21:53 +0200)]
kernel: remove support for kernel 4.19

We use 5.4 on all targets by default, and 4.19 has never been released
in a stable version. There is no reason to keep it.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoocteon: disable edgerouter image
Johannes Kimmel [Thu, 29 Oct 2020 10:07:38 +0000 (11:07 +0100)]
octeon: disable edgerouter image

This patch disables the image for edgerouter devices by default, since
it isn't able to boot at the moment.

Currently the edgerouter image won't boot. Current kernels have an
option CONFIG_CAVIUM_CN63XXP1 that needs to be enabled for this chip.

If the kernel was compiled without this option, following message is
displayed and the machine reboots:

[   36.778028] Kernel panic - not syncing: OCTEON II DCache prefetch workaround not in place (cfa0000c).
[   36.778028] Please build kernel with proper options (CONFIG_CAVIUM_CN63XXP1).
[   36.794398] Rebooting in 1 seconds..

This was last confirmed on 2020-10-29.

The description of this option states, that enabling it will possibly
cause performance issues on other chips.

Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
4 years agoimage: drop obsolete legacy image recipes
Adrian Schmutzler [Mon, 26 Oct 2020 19:41:02 +0000 (20:41 +0100)]
image: drop obsolete legacy image recipes

LegacyDevice is not used anymore in our tree, so let's drop it
together with the relevant definitions and recipes.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoimage: sort image-commands.mk alphabetically
Adrian Schmutzler [Fri, 30 Oct 2020 18:21:37 +0000 (19:21 +0100)]
image: sort image-commands.mk alphabetically

The definitions in image-commands.mk seem to have no particular
order. Sort them alphabetically to make it easier to actually
find anything there. No other changes made beyond moving entire
blocks.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoimage: drop combined-image build recipe
Adrian Schmutzler [Mon, 26 Oct 2020 19:39:47 +0000 (20:39 +0100)]
image: drop combined-image build recipe

Build/combined-image is only used in ath25 target, and that defines
its own version. Thus, drop the unused definition in image-commands.mk.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoimage: drop unused legacy NAND build recipes
Adrian Schmutzler [Mon, 26 Oct 2020 19:37:43 +0000 (20:37 +0100)]
image: drop unused legacy NAND build recipes

This drops unused legacy recipes Image/Build/SysupgradeNAND and
Image/Build/UbinizeImage.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agokernel: move kmod-i2c-bcm-iproc to I2C menu
Daniel Golle [Fri, 30 Oct 2020 15:45:42 +0000 (15:45 +0000)]
kernel: move kmod-i2c-bcm-iproc to I2C menu

A typo resulted in that module having it's own menu.
Move it into the I2C menu as it was most likely intended.

Fixes: 1291274335 ("kernel: package bcm53xx i2c module")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoRevert "kmod-nft-reject: Fix for "nft_reject_ipv4.ko missing" warning"
Daniel Golle [Fri, 30 Oct 2020 01:37:54 +0000 (01:37 +0000)]
Revert "kmod-nft-reject: Fix for "nft_reject_ipv4.ko missing" warning"

This reverts commit 7f94e2afcf090f751c9f7f7ea46e8ef8d93ee84b.

Package kmod-nft-core is missing dependencies for the following libraries:
nft_reject.ko

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agorules.mk: simplify FAKEROOT command line
Jo-Philipp Wich [Thu, 10 Sep 2020 12:54:49 +0000 (14:54 +0200)]
rules.mk: simplify FAKEROOT command line

Since fakeroot is patched to discover related ressources relative to the
STAGING_DIR_HOST environment variable, there is no need to pass the path
to faked or the preload library manually anymore.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agofakeroot: make fakeroot script relocatable
Jo-Philipp Wich [Thu, 10 Sep 2020 12:52:31 +0000 (14:52 +0200)]
fakeroot: make fakeroot script relocatable

Patch the fakeroot script template to discover faked and libfakeroot.so
relative to the STAGING_DIR_HOST environment variable, similar to how it
is done for automake, libtool, quilt and autoconf already.

This avoids the need for passing the paths to faked and libfakeroot.so
manually every time we invoke fakeroot and subsequently allows us to
drop OS X specific logic.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agobuild,IB: reload packages/ only if existing
Paul Spooren [Sat, 17 Oct 2020 20:06:03 +0000 (10:06 -1000)]
build,IB: reload packages/ only if existing

With the fix of external kmod feeds it is possible to ship the
ImageBuilder without any packages except the pseudo packages kernel and
libc. Therefore the local package feeds becomes optional.

This commit adds a check to the package_reload function to only run if
the local feed is existing.

Signed-off-by: Paul Spooren <mail@aparcar.org>
4 years agobuild,IB: include kmods only in local builds
Paul Spooren [Tue, 15 Sep 2020 22:44:36 +0000 (12:44 -1000)]
build,IB: include kmods only in local builds

The buildbots generate a kmod archive which should be used instead of a
local copy. This is possible due to the introduction of a kernelversion
specific feed.

This commit adds the ability of using only signed package feeds.

Signed-off-by: Paul Spooren <mail@aparcar.org>
4 years agobuild: FeedSourcesAppend add kmod feed to snapshot
Paul Spooren [Tue, 15 Sep 2020 22:33:46 +0000 (12:33 -1000)]
build: FeedSourcesAppend add kmod feed to snapshot

Nightly snapshot builds of OpenWrt change their kernels versions
frequently and lose thereby compatibility to kmods from the upstream
target specific packages feed.

To allow opkg to install packages over multiple days a kmod archive is
offered at $target/$subtarget/kmods/$kernelversion and added as a feed
to created snapshot images via a buildbot step[1].

Instead of using a buildstep add the kmod feed directly via
FeedSourcesAppend to be included in the ImageBuilder repositories.conf
as well. This is conditionally only done for SNAPSHOT builds and when
running as BUILDBOT. Releases are unaffected as they don't include
kernel version changes and local builds may use different kernel
versions or magics than available upstream.

This commit allows in a future step to ship ImageBuilders without a
locally stored kmod archive.

[1]: https://git.openwrt.org/?p=buildbot.git;a=blob;f=phase1/master.cfg;h=3ba7a1606e89b095b10555e703ea96e93295deec;hb=HEAD#l1025

Signed-off-by: Paul Spooren <mail@aparcar.org>
4 years agokmod-nft-reject: Fix for "nft_reject_ipv4.ko missing" warning
Philip Prindeville [Tue, 21 Apr 2020 08:29:51 +0000 (02:29 -0600)]
kmod-nft-reject: Fix for "nft_reject_ipv4.ko missing" warning

Seeing the following:

    ERROR: module '/home/philipp/lede/build_dir/target-x86_64_musl/linux-x86_64/linux-5.4.33/net/ipv4/netfilter/nft_reject_ipv4.ko' is missing.
    modules/netfilter.mk:1068: recipe for target '/home/philipp/lede/bin/targets/x86/64/packages/kmod-nft-core_5.4.33-1_x86_64.ipk' failed
    make[3]: *** [/home/philipp/lede/bin/targets/x86/64/packages/kmod-nft-core_5.4.33-1_x86_64.ipk] Error 1

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
4 years agohostapd: remove hostapd-hs20 variant
Daniel Golle [Thu, 29 Oct 2020 12:50:47 +0000 (12:50 +0000)]
hostapd: remove hostapd-hs20 variant

Hotspot 2.0 AP features have been made available in the -full variants
of hostapd and wpad. Hence we no longer need a seperate package for
that.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agohostapd: add {hostapd,wpad}-basic-openssl variants
Rui Salvaterra [Thu, 29 Oct 2020 18:58:37 +0000 (18:58 +0000)]
hostapd: add {hostapd,wpad}-basic-openssl variants

Add OpenSSL-linked basic variants (which provides WPA-PSK only, 802.11r and
802.11w) of both hostapd and wpad. For people who don't need the full hostapd
but are stuck with libopenssl for other reasons, this saves space by avoiding
the need of an additional library (or a larger hostapd with built-in crypto).

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
4 years agoopkg: bump to git HEAD
Daniel Golle [Fri, 30 Oct 2020 00:19:29 +0000 (00:19 +0000)]
opkg: bump to git HEAD

 8769c75 pkg_hash: don't suggest incompatible packages

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoath79: mikrotik: use vmlinuz (zBoot ELF)
John Thomson [Thu, 15 Oct 2020 09:27:55 +0000 (19:27 +1000)]
ath79: mikrotik: use vmlinuz (zBoot ELF)

- minimal built initramfs: 10MB vmlinux ELF -> 6MB vmlinuz
- ~5 seconds for kernel decompression, which was equivalent to the
  additional time to load the uncompressed ELF from SPI NOR.
- Removes requirement for lzma-loader, which may have been causing some
  image builds to fail to boot on Mikrotik mt7621.

Suggested-by: Thibaut VARÈNE <hacks@slashdirt.org>
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
4 years agomt7621: mikrotik: use vmlinuz (zBoot ELF)
John Thomson [Thu, 15 Oct 2020 09:27:55 +0000 (19:27 +1000)]
mt7621: mikrotik: use vmlinuz (zBoot ELF)

- minimal built initramfs: 11MB vmlinux ELF -> 4.5MB vmlinuz
- ~5 seconds for kernel decompression, which was equivalent to the
  additional time to load the uncompressed ELF from SPI NOR.
- Removes requirement for lzma-loader, which may have been causing some
  image builds to fail to boot on Mikrotik mt7621.

Fixes: FS#3354
Suggested-by: Thibaut VARÈNE <hacks@slashdirt.org>
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
4 years agobuild: image: add append-dtb-elf helper
John Thomson [Thu, 15 Oct 2020 09:06:41 +0000 (19:06 +1000)]
build: image: add append-dtb-elf helper

The mips kernel vmlinux image supports adding an empty ELF section
for DTB to be later inserted into with MIPS_ELF_APPENDED_DTB.

This ELF + inserted DTB image can then be directly booted on some
devices.

Example usage:
image/subtarget.mk:
KERNEL_NAME := vmlinux.elf
KERNEL_INITRAMFS_NAME := vmlinux-initramfs.elf
KERNEL := kernel-bin | append-dtb-elf

On mt7621 memory size needed to be manually specified.

Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
4 years agokernel: mips: zboot: put appended dtb into a section
Chuanhong Guo [Thu, 29 Oct 2020 13:22:57 +0000 (21:22 +0800)]
kernel: mips: zboot: put appended dtb into a section

This will make a separated section for dtb appear in ELF, and we can
then use objcopy to patch a dtb into vmlinuz when RAW_APPENDED_DTB
is set in kernel config.

command to patch a dtb:
objcopy --set-section-flags=.appended_dtb=alloc,contents \
        --update-section=.appended_dtb=<target>.dtb vmlinuz vmlinuz-dtb

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
4 years agoramips: add linux zboot support
Chuanhong Guo [Wed, 14 Oct 2020 13:17:56 +0000 (21:17 +0800)]
ramips: add linux zboot support

linux-mips has zboot code which can create a self-extracting kernel
image.
This allows enabling kernel zboot support for ramips targets.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
4 years agohostapd: wpas: add missing config symbols
David Bauer [Wed, 28 Oct 2020 02:17:11 +0000 (03:17 +0100)]
hostapd: wpas: add missing config symbols

This adds missing config symbols for interworking as well as Hotspot 2.0
to the wpa_supplicant-full configuration.

These symbols were added to the hostapd-full configuration prior to this
commit. Without adding them to the wpa_supplicant configuration,
building of wpad-full fails.

Thanks to Rene for reaching out on IRC.

Fixes: commit be9694aaa297 ("hostapd: add UCI support for Hotspot 2.0")
Fixes: commit 838b412cb527 ("hostapd: add interworking support")
Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agodnsmasq: install /etc/hotplug.d/ntp/25-dnsmasqsec world-readable
Daniel Golle [Wed, 28 Oct 2020 01:56:16 +0000 (01:56 +0000)]
dnsmasq: install /etc/hotplug.d/ntp/25-dnsmasqsec world-readable

/etc/hotplug.d/ntp/25-dnsmasqsec is being sourced by /sbin/hotplug-call
running as ntpd user. For that to work the file needs to be readable by
that user.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agomac80211: Fix wpa_supplicant config removal ubus call
Sven Eckelmann [Thu, 22 Oct 2020 08:52:08 +0000 (10:52 +0200)]
mac80211: Fix wpa_supplicant config removal ubus call

If mac80211_setup_supplicant() is called with enabled=0 then it should just
destroy the interface and remove the configuration from wpa_supplicant. But
the ubus method call always returned

  Command failed: Method not found

because the actual name of the method is "config_remove".

Fixes: b5516603dd90 ("mac80211: more wifi reconf related fixes")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
[bump PKG_RELEASE]
Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agohostapd: bump PKG_RELEASE
David Bauer [Tue, 27 Oct 2020 23:09:34 +0000 (00:09 +0100)]
hostapd: bump PKG_RELEASE

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agohostapd: add interworking support
David Bauer [Mon, 19 Oct 2020 00:29:47 +0000 (02:29 +0200)]
hostapd: add interworking support

This adds configuration options to enable interworking for hostapd.
All options require iw_enabled to be set to 1 for a given VAP.

All IEEE802.11u related settings are supported with exception of the
venue information which will be added as separate UCI sections at a
later point.

The options use the same name as the ones from the hostapd.conf file
with a "iw_" prefix added.

All UCI configuration options are passed without further modifications
to hostapd with exceptions of the following options, whose elements can
be provided using UCI lis elements:

 - iw_roaming_consortium
 - iw_anqp_elem
 - iw_nai_realm
 - iw_domain_name
 - iw_anqp_3gpp_cell_net

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agohostapd: add FTM responder support
David Bauer [Sun, 18 Oct 2020 21:09:09 +0000 (23:09 +0200)]
hostapd: add FTM responder support

This adds support for enabling the FTM responder flag for the APs
extended capabilities. On supported hardware, enabling the ftm_responder
config key for a given AP will enable the FTM responder bit.

FTM support itself is unconditionally implemented in the devices
firmware (ath10k 2nd generation with 3.2.1.1 firmware). There's
currently no softmac implementation.

Also allow to configure LCI and civic location information which can be
transmitted to a FTM initiator.

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agomac80211: pass phy name to hostapd_set_bss_options
David Bauer [Mon, 19 Oct 2020 17:36:56 +0000 (19:36 +0200)]
mac80211: pass phy name to hostapd_set_bss_options

hostapd_set_bss_options expects the PHY as second and the VIF as third
argument. However, only the VIF was passed as second argument without a
third argument at all.

This was never a problem, as both PHY and VIF were never accessed.
However, with FTM support the PHY is needed to determine the HW support
when configuring the BSS.

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agohostapd: remove ieee80211v option
David Bauer [Sun, 18 Oct 2020 23:21:23 +0000 (01:21 +0200)]
hostapd: remove ieee80211v option

Remove the ieee80211v option. It previously was required to be enabled
in order to use time_advertisement, time_zone, wnm_sleep_mode and
bss_transition, however it didn't enable any of these options by default.

Remove it, as configuring these options independently is enough.

This change does not influence the behavior of any already configured
setting.

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agohostapd: make rrm report independent of ieee80211k setting
David Bauer [Sun, 18 Oct 2020 20:35:31 +0000 (22:35 +0200)]
hostapd: make rrm report independent of ieee80211k setting

Allow to configure both RRM beacon as well as neighbor reports
independently and only enable them by default in case the ieee80211k
config option is set.

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agouci: fix package mirror hash
Petr Štetiar [Tue, 27 Oct 2020 21:56:35 +0000 (22:56 +0100)]
uci: fix package mirror hash

I've forget to update PKG_MIRROR_HASH in my previous package version
bump.

Fixes: 095cc2b7454a ("uci: update to version 2020-10-06")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agoumdns: update to version 2020-10-26
Petr Štetiar [Mon, 26 Oct 2020 07:35:01 +0000 (08:35 +0100)]
umdns: update to version 2020-10-26

59e4fc98162d cache: cache_answer: fix off by one
4cece9cc7db4 cache: cache_record_find: fix buffer overflow
be687257ee0b cmake: tests: provide umdns-san binary
bf01f2dd0089 tests: add dns_handle_packet_file tool
134afc728846 tests: add libFuzzer based fuzzing
de08a2c71ca8 cmake: create static library
cdc18fbb3ea8 interface: fix possible null pointer dereference
1fa034c65cb6 interface: fix value stored to 'fd' is never read
3a67ebe3fc66 Add initial GitLab CI support
50caea125517 cmake: fix include dirs and libs lookup

Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agouci: update to version 2020-10-06
Petr Štetiar [Tue, 6 Oct 2020 07:34:24 +0000 (09:34 +0200)]
uci: update to version 2020-10-06

52bbc99f69ea Replace malloc() + memset() with calloc()
3fbd6c923434 ucimap: Check return of malloc()
eae126f66663 file: Check buffer size after strtok()
7f574273180a file: use size_t for position and pointer
19770b6949b9 file: use dynamic memory allocation for tempfile name
aa46546794ac file: uci_file_commit: fix memory leak
671c7554bfde uci: silence UBSAN error by using offsetof macro from compiler
ea5bbd57d0e1 tests: cram: add uci import testing on fuzzer corpus
31f78bfbf75f cmake: add uci-san cli built with clang sanitizers
a3e650911f5e file: uci_parse_package: fix heap use after free
9bd361ca3236 tests: add libFuzzer based fuzzing

Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agoramips: add support for Wavlink WL-WN530HG4
Nuno Goncalves [Thu, 13 Aug 2020 22:26:13 +0000 (23:26 +0100)]
ramips: add support for Wavlink WL-WN530HG4

Same hardware as Phicomm K2G but different flash layout.

Specification:
- SoC: MediaTek MT7620A
- Flash: 8 MB
- RAM: 64 MB
- Ethernet: 4 FE ports and 1 GE port (RTL8211F on port 5)
- Wireless radio: MT7620 for 2.4G and MT7612E for 5G, both equipped
  with external PA.
- UART: 1 x UART on PCB - 57600 8N1

Flash instruction:
To avoid requiring UART for TFTP a dual flash procedure is suggested
to install the squashfs image:
1. Rename openwrt-ramips-mt7620-wavlink_wl-wn530hg4-initramfs-kernel.bin
   to WN530HG4-WAVLINK.
2. Flash this file with the factory web interface.
3. With OpenWRT now running use standard sysupgrade to install the
   squashfs image.

Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
[remove dts-v1, remove model from LED labels, wrap commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agomalta: relocate CPU_TYPE setting to subtarget makefiles
Tony Ambardar [Sun, 16 Aug 2020 20:07:30 +0000 (13:07 -0700)]
malta: relocate CPU_TYPE setting to subtarget makefiles

Move CPU_TYPE:=24kc (32-bit) from the top-level target makefile to the
be/le subtarget makefiles, which is consistent with the 64-bit subtargets.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
4 years agolantiq: add support for AVM FRITZ!Box 7430
Leon Maurice Adam [Sun, 3 May 2020 10:44:24 +0000 (12:44 +0200)]
lantiq: add support for AVM FRITZ!Box 7430

Hardware:
- SoC: Lantiq VRX 220
- CPU: 2x MIPS 34Kc 500 MHz
- RAM: 128 MiB 250 MHz
- Flash: 128 MiB NAND
- Ethernet: Built-in Fast Ethernet switch, 4 ports used
- Wifi: Atheros AR9381-AL1A b/g/n with 2 pcb/internal and 1 external antennas
- USB: 1x USB 2.0
- DSL: Built-in A/VDSL2 modem
- DECT: Dialog SC14441
- LEDs: 1 two-color, 4 one-color
- Buttons: 1x DECT, 1x WIFI
- Telephone connectors: 1 FXS port via TAE or RJ11 connector

With the exception of FXS/DECT everything works
(there are no drivers for AVM's FXS or DECT implementation),
DSL is yet untested.

Installation:
Boot up the device and wait a few seconds. Run the eva_ramboot.py script
in scripts/flashing/ to load the initramfs image on the device:
$ ./scripts/flashing/eva_ramboot.py 192.168.178.1 <path to your initramfs image>
If the script fails to reach the device, maybe try 169.254.120.1.

Wait until booting is complete. You should now be able to reach your device
under the default ip address 192.168.1.1.

Before flashing, check if linux_fs_start is not set to 1 in the tffs partition:
$ fritz_tffs_nand -d /dev/mtd1 -n linux_fs_start
If linux_fs_start is 1, you will need to reset it to 0, either by FTP,
upgrading FritzOS or doing a recovery.

Now you should be able to flash the device using sysupgrade.

Signed-off-by: Leon Maurice Adam <leon.adam@aol.de>
Acked-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
[drop BOARD_NAME, use wpad-basic-wolfssl, drop 4.19, drop dts-v1,
remove model prefix from LED names]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolantiq: fix indent in vr9_avm_fritz7412.dts
Adrian Schmutzler [Tue, 27 Oct 2020 12:33:21 +0000 (13:33 +0100)]
lantiq: fix indent in vr9_avm_fritz7412.dts

Indent should be tabs.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agobcm63xx: reorganize board patches into fewer files
Adrian Schmutzler [Sun, 4 Oct 2020 16:00:28 +0000 (18:00 +0200)]
bcm63xx: reorganize board patches into fewer files

At the moment, bcm63xx creates one patch for each board to add to
board_bcm963xx.c. While this is not really helpful to get an overview
in the first place, it is particularly painful if you want to change
something for an early file and have to refresh all the later patches
accordingly.

Since it does not look like these board patches are upstreamed either,
this commit consolidates all board additions into one patch per "board".
By this, both adding and editing boards should become much simpler,
and we drop about 1300 lines of "code" from patches as well.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoath79: enable upgrade from ar71xx for Qxwlan devices
Adrian Schmutzler [Sat, 17 Oct 2020 12:00:54 +0000 (14:00 +0200)]
ath79: enable upgrade from ar71xx for Qxwlan devices

This supports upgrade from ar71xx for the recently added Qxwlan
devices E1700AC v2, E558 v2, E750A v4 and E750G v8.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoocteon: use dedicated function to move config backup
Roman Kuzmitskii [Thu, 22 Oct 2020 18:31:07 +0000 (18:31 +0000)]
octeon: use dedicated function to move config backup

All octeon devices use the same or a very similar way to backup
and restore configuration.

We expect to have more devices added and in order to stop
repeating ourselves move the logic to a separate function.

While at it, add a few checks.

Signed-off-by: Roman Kuzmitskii <damex.pp@icloud.com>
[commit message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agodnsmasq: include IPv6 local nameserver entry
Joel Johnson [Fri, 21 Aug 2020 14:32:00 +0000 (08:32 -0600)]
dnsmasq: include IPv6 local nameserver entry

For IPv6 native connections when using IPv6 DNS lookups, there is no
valid default resolver if ignoring WAN DHCP provided nameservers.

This uses a runtime check to determine if IPv6 is supported on the host.

Signed-off-by: Joel Johnson <mrjoel@lixil.net>
4 years agosdk: keep the linux package in the same subdir as in the main build system
Felix Fietkau [Mon, 19 Oct 2020 09:28:29 +0000 (11:28 +0200)]
sdk: keep the linux package in the same subdir as in the main build system

Fixes: 953435795d17 ("build: always build package/kernel/linux")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agoath79: fix block protection clearing
Nick Hainke [Sat, 24 Oct 2020 22:52:47 +0000 (00:52 +0200)]
ath79: fix block protection clearing

The block protection bits of macronix do not match the implementation.
The chip has 3 BP bits. Bit 5 is actually the third BP but here the
5th bit is SR_TB. Therefore the patch adds SR_TB to the mask. In the
4.19er kernel the whole register was simply set to 0.

The wrong implementation did not remove the block protection. This led
to jffs2 errors in the form of:
"jffs2: Newly-erased block contained word 0x19852003 at offset 0x..."
This caused inconsistent memory and other errors.

Suggested-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Nick Hainke <vincent@systemli.org>
4 years agolayerscape: several kernel fix-ups from NXP linux factory
Yangbo Lu [Thu, 15 Oct 2020 08:56:10 +0000 (16:56 +0800)]
layerscape: several kernel fix-ups from NXP linux factory

NXP linux factory unifies one linux kernel for i.MX, Layerscape and
S32 platforms. It provides a common code base for their SDKs.

Add several kernel patches for bug fix from linux factory last release.

Git: https://source.codeaurora.org/external/qoriq/qoriq-components/linux
Tag: LTS-5.4.47-20200828

Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
4 years agolayerscape: update tfa to LSDK-20.04-update-290520
Biwen Li [Thu, 6 Aug 2020 07:41:39 +0000 (07:41 +0000)]
layerscape: update tfa to LSDK-20.04-update-290520

Update tfa to LSDK-20.04-update-290520.

Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[fix PKG_RELEASE bump]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolayerscape: update u-boot to LSDK-20.04-update-290520
Biwen Li [Thu, 6 Aug 2020 07:37:05 +0000 (07:37 +0000)]
layerscape: update u-boot to LSDK-20.04-update-290520

Update u-boot to LSDK-20.04-update-290520.

Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[fix PKG_RELEASE bump]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolayerscape: update ls-rcw to LSDK-20.04-update-290520
Biwen Li [Thu, 6 Aug 2020 07:14:15 +0000 (07:14 +0000)]
layerscape: update ls-rcw to LSDK-20.04-update-290520

Update ls-rcw to LSDK-20.04-update-290520.

Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[rebase, fix PKG_RELEASE change]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolayerscape: update kernel to LSDK-20.04-V5.4-update-290520
Biwen Li [Thu, 6 Aug 2020 06:49:00 +0000 (06:49 +0000)]
layerscape: update kernel to LSDK-20.04-V5.4-update-290520

Update kernel from LSDK-20.04-V5.4 to LSDK-20.04-V5.4-update-290520.
Only two patches added for Layerscape.

LSDK kernel link
https://source.codeaurora.org/external/qoriq/qoriq-components/linux/

Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
4 years agolayerscape: harmonize wrapping for IMAGE/* definitions
Adrian Schmutzler [Sun, 25 Oct 2020 16:58:49 +0000 (17:58 +0100)]
layerscape: harmonize wrapping for IMAGE/* definitions

Always keep the first line empty for multi-line IMAGE/* definitions.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolayerscape: create shared definitions for sdboot devices
Adrian Schmutzler [Sun, 25 Oct 2020 16:53:53 +0000 (17:53 +0100)]
layerscape: create shared definitions for sdboot devices

This moves a few shared variables for SD-Boot devices into common
definitions in order to reduce duplicate code.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolayerscape: Change to combined rootfs on sd images
Pawel Dembicki [Mon, 24 Aug 2020 12:29:32 +0000 (14:29 +0200)]
layerscape: Change to combined rootfs on sd images

At this moment layerscape images are ext4 only. It causes problem with
save changes durring sysupgrade and make "firstboot" and failsafe mode
useless.

This patch changes sd-card images to squashfs + f2fs combined images.
To make place, for saving config, kernel space ar now ext4 partition
with fit kernel.

This method of image generation is similar to rest of OpenWrt sd-card
targets.

Reviewed-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
[reword README, reword DEVICE_COMPAT_MESSAGE, keep original indent]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolayerscape: fix platform_copy_config function
Pawel Dembicki [Mon, 24 Aug 2020 10:21:19 +0000 (12:21 +0200)]
layerscape: fix platform_copy_config function

At this moment platform_copy_config function is used for every device
and function "export_partdevice" without "export_bootdevice" causes
multiple errors like that:
"sh: 1: unknown operand"

This patch fix usage of export_partdevice and split platform_copy_config
for sd-card images.

Fixes: 0841b68c91d3 ("layerscape: support sysupgrade for SD card ext4
rootfs")

Reviewed-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
4 years agolayerscape: add dtb to sysupgrade
Pawel Dembicki [Wed, 19 Aug 2020 10:13:26 +0000 (12:13 +0200)]
layerscape: add dtb to sysupgrade

At this moment sysupgrade replaces only kernel and rootfs.

This patch add dtb part to sysupgrade images to avoid situation
when old dtb make system broken.

Is possible to sysupgrade older images for NOR devices:
1. Firmware partition in bootargs need to be updated to:
   "49m@0xf00000(firmware)". Env should be saved after changes.
2. After step one, "sysupgrade -F" will work.

Run tested: LS1046A-RDB

Reviewed-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
[bump PKG_RELEASE for uboot-layerscape]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolayerscape: fix sd-card sysupgrade
Pawel Dembicki [Thu, 20 Aug 2020 07:28:01 +0000 (09:28 +0200)]
layerscape: fix sd-card sysupgrade

So far, kernel has not been written correctly to SD card during
sysupgrade, as both target path and offset were wrong.

This patch fixes it, and adds some descriptive output on the way.

Fixes: 0841b68c91d3 ("layerscape: support sysupgrade for SD card ext4
rootfs")

Reviewed-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
[alter/extend commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoubus: bump to git HEAD
Daniel Golle [Sun, 25 Oct 2020 18:07:19 +0000 (18:07 +0000)]
ubus: bump to git HEAD

 ad0cd11 ubusd_acl: add support for wildcard in methods

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agobusybox: make username consistent
Daniel Golle [Sun, 25 Oct 2020 17:24:03 +0000 (17:24 +0000)]
busybox: make username consistent

ntpd in packages feed had already a user 'ntp' with UID 123 declared.
Rename the username of busybox-ntpd to be 'ntp' instead of 'ntpd' so
it doesn't clash.

Reported-by: Etienne Champetier <champetier.etienne@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoath79: define 2.4GHz radio for litebeam ac gen2
Nick Hainke [Sun, 25 Oct 2020 11:58:30 +0000 (12:58 +0100)]
ath79: define 2.4GHz radio for litebeam ac gen2

The litebeam ac gen2 has a 2.4GHz management radio.

Signed-off-by: Nick Hainke <vincent@systemli.org>
4 years agoath79: define 2.4GHz radio for nanostation ac loco
Nick Hainke [Sun, 25 Oct 2020 13:41:31 +0000 (14:41 +0100)]
ath79: define 2.4GHz radio for nanostation ac loco

The nanostation ac loco has a 2.4GHz management radio.

Signed-off-by: Nick Hainke <vincent@systemli.org>
4 years agoath79: fix nanostation ac loco ethernet interface
Nick Hainke [Sun, 25 Oct 2020 13:34:40 +0000 (14:34 +0100)]
ath79: fix nanostation ac loco ethernet interface

In 4.14 the delays were not cleared, so setting "rgmii" as phy-mode
did not affect delays set by the bootloader. With 5.4 kernel the
situation changed and the ethernet interface stopped working.

Just taking the ethernetpart from the litebeam ac gen2 will fix
the issue.

Explained-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Nick Hainke <vincent@systemli.org>
4 years agoramips: mt7621: use lzma-loader for U7621-06
Jianhui Zhao [Fri, 23 Oct 2020 01:42:03 +0000 (09:42 +0800)]
ramips: mt7621: use lzma-loader for U7621-06

The U7621-06 fails to boot if the kernel is large.
Enabling lzma-loader resolves the issue.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
4 years agoramips: add support for TOTOLINK X5000R
Chuanhong Guo [Wed, 21 Oct 2020 05:11:35 +0000 (13:11 +0800)]
ramips: add support for TOTOLINK X5000R

Specifications:
- SoC: MT7621AT
- RAM: 256MB
- Flash: 16MB (EN25QH128A)
- Ethernet: 5xGbE
- WiFi: MT7915 2x2 2.4G 573.5Mbps + 2x2 5G 1201Mbps

Known issue:
MT7915 DBDC variant isn't supported yet.

Flash instruction:
Upload the sysupgrade firmware to the firmware upgrade page in
vendor fw.

Other info:
MT7915 seems to have two PCIEs connected to MT7621. Card detected on
PCIE0 has an ID of 14c3:7916 and the other one on PCIE1 has 14c3:7915.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
4 years agodnsmasq: adapt to non-root ntpd
Daniel Golle [Sun, 25 Oct 2020 12:44:50 +0000 (12:44 +0000)]
dnsmasq: adapt to non-root ntpd

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agobusybox: allow ntpd to run as non-root ntpd user
Daniel Golle [Mon, 19 Oct 2020 20:22:30 +0000 (21:22 +0100)]
busybox: allow ntpd to run as non-root ntpd user

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoprocd: ujail fixes
Daniel Golle [Fri, 23 Oct 2020 02:07:09 +0000 (03:07 +0100)]
procd: ujail fixes

ec461ff jail: mount more stuff read-only
33b799b ujail: elf: work around GCC bug on MIPS64

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoubox: run logd non-root as user logd
Daniel Golle [Mon, 19 Oct 2020 20:37:38 +0000 (21:37 +0100)]
ubox: run logd non-root as user logd

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agonetfilter.mk: remove now obsolete kmod nf_nat_redirect
Yousong Zhou [Tue, 20 Oct 2020 01:41:07 +0000 (09:41 +0800)]
netfilter.mk: remove now obsolete kmod nf_nat_redirect

Now that the minimal kernel version maintained here is 4.19

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agonetfilter.mk: add version conditional around nf_nat_redirect mod
Yousong Zhou [Fri, 9 Oct 2020 08:34:16 +0000 (16:34 +0800)]
netfilter.mk: add version conditional around nf_nat_redirect mod

Kernel commit 1ac89d20150e ("netfilter: nat: merge nf_nat_redirect into
nf_nat") made the redirect module part of the nat core and changed the
CONFIG_NF_NAT_REDIRECT option to a boolean, without prompt, affecting
kernel 4.18 onwards.  CONFIG_NF_NAT_REDIRECT now can only be selected by
CONFIG_NFT_REDIR or NETFILTER_XT_TARGET_REDIRECT

Fixes: FS#2476
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2476

Fixes: FS#2990 (partial)
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2990

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
[note that the option has no prompt and can only be selected by other
kconfig options]
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agonetfilter.mk: add version conditional around CONFIG_NF_NAT_PROTO_GRE
Yousong Zhou [Fri, 9 Oct 2020 09:22:04 +0000 (17:22 +0800)]
netfilter.mk: add version conditional around CONFIG_NF_NAT_PROTO_GRE

It was removed in upstream linux commit faec18db ("netfilter: nat:
remove l4proto->manip_pkt").  This happened since linux 5.0

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agonetfilter.mk: add version conditional for CONFIG_NF_CT_PROTO_GRE
Tony Ambardar [Mon, 27 Jul 2020 07:24:23 +0000 (00:24 -0700)]
netfilter.mk: add version conditional for CONFIG_NF_CT_PROTO_GRE

Kernel commit 22fc4c4c9fd6 ("netfilter: conntrack: gre: switch module to
be built-in") moved the CT GRE code into the core nf_conntrack.ko module
and changed the CONFIG_NF_CT_PROTO_GRE option to boolean for kernel 5.1
and onwards.

CONFIG_NF_CT_PROTO_GRE at the moment has no prompt and can only be
selected by NF_CONNTRACK_PPTP

Fixes: FS#2990 (partial)
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2990

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
[note that the option now can not be enabled on its own]
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agogeneric: 5.4: make nf nat masquerade in unset state by default
Yousong Zhou [Fri, 25 Sep 2020 15:02:05 +0000 (23:02 +0800)]
generic: 5.4: make nf nat masquerade in unset state by default

Upstream linux 5.1 commit d1aca8ab ("netfilter: nat: merge ipv4 and ipv6
masquerade functionality") replaces the following 2 options

 - CONFIG_NF_NAT_MASQUERADE_IPV4
 - CONFIG_NF_NAT_MASQUERADE_IPV6

with CONFIG_NF_NAT_MASQUERADE.  The new option is one without prompt and
will be selected by CONFIG_NETFILTER_XT_TARGET_MASQUERADE introduced
still later in 5.2.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agonetfilter.mk: add version conditional for nf_nat_ipv4,6
Yousong Zhou [Fri, 25 Sep 2020 14:37:43 +0000 (22:37 +0800)]
netfilter.mk: add version conditional for nf_nat_ipv4,6

The upstream linux commit is 3bf195ae ("netfilter: nat: merge
nf_nat_ipv4,6 into nat core").  It was included since linux 5.1

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agonetfilter.mk: use CONFIG_NETFILTER_XT_TARGET_REDIRECT
Yousong Zhou [Fri, 9 Oct 2020 08:32:48 +0000 (16:32 +0800)]
netfilter.mk: use CONFIG_NETFILTER_XT_TARGET_REDIRECT

CONFIG_IP_NF_TARGET_REDIRECT is a compat option since upstream commit
2cbc78a2 ("netfilter: combine ipt_REDIRECT and ip6t_REDIRECT").  That
happened since linux 3.10

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agonetfilter.mk: use CONFIG_NETFILTER_XT_TARGET_MASQUERADE
Yousong Zhou [Fri, 25 Sep 2020 14:59:04 +0000 (22:59 +0800)]
netfilter.mk: use CONFIG_NETFILTER_XT_TARGET_MASQUERADE

CONFIG_IP_NF_TARGET_MASQUERADE and its counterpart
CONFIG_IP6_NF_TARGET_MASQUERADE are "backwards-compat option for the
user's convenience"

Related commit d22c1755 ("netfilter: fix NAT packaging with kernels
5.2+")

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agonetifd: bump to version 2020-10-22
Yousong Zhou [Sat, 24 Oct 2020 10:28:58 +0000 (18:28 +0800)]
netifd: bump to version 2020-10-22

Changelog follows

  ced0d535 build: find and use libnl header dirs
  5722218e proto: rework parse_addr to return struct device_addr
  3d7bf604 device_addr: record address index as in the blob
  24ce1eab interface: proto_ip: order by address index first

This bump mainly affects order of interface addresses in ubus output.  At the
moment dnsmasq uses first address of an interface for setting dhcp-range option
in its config

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agorpcd: adapt defaults for changed ubus.sock path
Daniel Golle [Thu, 22 Oct 2020 14:02:58 +0000 (15:02 +0100)]
rpcd: adapt defaults for changed ubus.sock path

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agouhttpd: adapt defaults for changes ubus.sock path
Daniel Golle [Thu, 22 Oct 2020 14:02:42 +0000 (15:02 +0100)]
uhttpd: adapt defaults for changes ubus.sock path

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agobase-files: merge /etc/passwd et al at sysupgrade config restore
Daniel Golle [Thu, 22 Oct 2020 12:13:39 +0000 (13:13 +0100)]
base-files: merge /etc/passwd et al at sysupgrade config restore

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoRevert "target: select procd-{ujail,seccomp} if !SMALL_FLASH"
Petr Štetiar [Thu, 22 Oct 2020 09:49:07 +0000 (11:49 +0200)]
Revert "target: select procd-{ujail,seccomp} if !SMALL_FLASH"

This reverts commit 6a56a6eb30799fcec9eecc3ee860dc4d8a5d952a as several
users have reported unbootable systems.

Ref: https://lists.openwrt.org/pipermail/openwrt-devel/2020-October/031838.html
Suggested-by: Roman Kuzmitskii <damex.pp@icloud.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agotarget: select procd-{ujail,seccomp} if !SMALL_FLASH
Daniel Golle [Wed, 21 Oct 2020 14:04:17 +0000 (15:04 +0100)]
target: select procd-{ujail,seccomp} if !SMALL_FLASH

Add procd-ujail and procd-seccomp to DEFAULT_PACKAGES if not building
for space-constraint (FEATURES:=small_flash) targets.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoprocd: jail: clean up capability handling and non-root ubusd
Daniel Golle [Mon, 19 Oct 2020 20:39:17 +0000 (21:39 +0100)]
procd: jail: clean up capability handling and non-root ubusd

Unify capability handling to only use OCI spec parsers even for ujail
slim containers which previously supposedly used their own format.

 80c9516 cgroups: restrict allowed keys in 'unified' section
 5ade567 cgroups: memory controller fixes
 3121467 early: run ubusd non-root as user ubus, group ubus
 12a5b97 jail: adapt to new ubus socket path
 788d144 instance: actually wire up capabilities filename
 ebc5a7f jail: nuke old capabilities code in favour of reusing OCI code
 6c5233a jail: capabilities: apply in two phases

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoubus: prepare to run ubusd as non-root user
Daniel Golle [Mon, 19 Oct 2020 20:38:17 +0000 (21:38 +0100)]
ubus: prepare to run ubusd as non-root user

Move /var/run/ubus.sock to /var/run/ubus/ubus.sock in preparation for
having ubusd run as non-root user.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agotarget: include selinux-variants if CONFIG_SELINUX is set
Daniel Golle [Mon, 19 Oct 2020 15:55:39 +0000 (16:55 +0100)]
target: include selinux-variants if CONFIG_SELINUX is set

Rather than unconditionally adding busybox and procd to the set of
default packages, add busybox-selinux and procd-selinux in case
CONFIG_SELINUX is set.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agomac80211: rt2x00: save survey for every channel visited
Markov Mikhail [Mon, 12 Oct 2020 09:46:43 +0000 (14:46 +0500)]
mac80211: rt2x00: save survey for every channel visited

rt2800 olny gives you survey for current channel.

Survey-based ACS algorithms are failing to perform their job when working
with rt2800.

Make rt2800 save survey for every channel visited and be able to give away
that information.

There is a bug registred https://dev.archive.openwrt.org/ticket/19081 and
this patch solves the issue.

Signed-off-by: Markov Mikhail <markov.mikhail@itmh.ru>