openwrt/staging/hauke.git
3 years agohostapd: fix civic location option
John Crispin [Tue, 6 Apr 2021 11:24:43 +0000 (13:24 +0200)]
hostapd: fix civic location option

Signed-off-by: John Crispin <john@phrozen.org>
3 years agonetifd: update to the latest master
Rafał Miłecki [Wed, 26 May 2021 05:54:19 +0000 (07:54 +0200)]
netifd: update to the latest master

899c2a4 interface: support "device" attribute and deprecate "ifname"
62e3cb5 scripts/netifd-wireless.sh: add support for specifying the operating band

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agoopkg: use $(PROJECT_GIT), $(AUTORELEASE) and SPDX
Nick Hainke [Wed, 19 May 2021 20:39:35 +0000 (22:39 +0200)]
opkg: use $(PROJECT_GIT), $(AUTORELEASE) and SPDX

1) Use SPDX license headers to be machine readable.
2) Update copyright to 2021.
3) Use $(PROJECT_GIT) instead of manually specifying the git url.
4) Use $(AUTORELEASE) to automatically set the correct PKG_RELEASE.

Signed-off-by: Nick Hainke <vincent@systemli.org>
3 years agobuild: fix regression for kernels < 5.10
Sebastian Kemper [Tue, 13 Apr 2021 12:22:20 +0000 (14:22 +0200)]
build: fix regression for kernels < 5.10

This fixes a regression introduced with commit
5ed1e5140a80558ab47fd70410ae3242bed5becf ("build: build kernel image
before building modules/packages").

Before this commit the make target would always include "modules",
resulting in a MODPOST and a complete Module.symvers file. Since this
commit a MODPOST of the kernel modules is not guaranteed for kernels <
5.10. This results in some broken SDKs in which external packages that
depend on exported symbols from kernel modules fail to compile.

Adding "modules" back to the calls to the CompileImage defines fixes the
regression. For kernels > 5.10 this is not needed, but it doesn't cause
any harm either.

Tested with kernels 5.4.x and 5.10.x.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agokernel: fix a perf build error
Felix Fietkau [Tue, 25 May 2021 16:12:41 +0000 (18:12 +0200)]
kernel: fix a perf build error

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agobusybox: mention SRV support in help message
Paul Spooren [Thu, 20 May 2021 10:08:10 +0000 (12:08 +0200)]
busybox: mention SRV support in help message

The SRV was added some time ago and should be mentioned in the short
help message to avoid confusion about missing features.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agonat46: fix memory leak
Hans Dedecker [Mon, 24 May 2021 10:59:29 +0000 (12:59 +0200)]
nat46: fix memory leak

0d5860d fix memory leak in nat46_netdev_destroy().The netdev is forgotten to free in nat46_netdev_destroy function (#26)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
3 years agobase-files: fix configuration generation of network if "bridge" exists
INAGAKI Hiroshi [Sun, 23 May 2021 11:30:58 +0000 (20:30 +0900)]
base-files: fix configuration generation of network if "bridge" exists

After the commit 43fc720657c6e3b30c6ed89d7227ee6e646c158b
("base-files: generate "device UCI type section for bridge"), the wrong
network configuration is generated for the devices that already have the
bridge device section for VLAN, such as the devices in realtek target.

As a result, the bridge device by additional "device" section is
specified to the "ports" option in the "bridge-vlan" section and netifd
shuts down the switch and the ethernet when the network service started.

Fixes: 43fc720657 ("base-files: generate "device" UCI type section for bridge")
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
[rmilecki: use $ports for generate_bridge_vlan argument]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agobase-files: support setting bridge MAC address
Rafał Miłecki [Mon, 24 May 2021 05:46:12 +0000 (07:46 +0200)]
base-files: support setting bridge MAC address

Fixes: 43fc720657c6 ("base-files: generate "device" UCI type section for bridge")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agotreewide: Mark packages nonshared if they depend on @TARGET_
Hauke Mehrtens [Sun, 2 May 2021 22:35:38 +0000 (00:35 +0200)]
treewide: Mark packages nonshared if they depend on @TARGET_

This marks all packages which depend on a target with @TARGET nonshared.
If they are not marked nonshared they would be build by the SDK build
and if this happens with a different SDK, then the SDK from the target
the package depends on, the package would not be added to the index.

This should fix the image builder for some of these packages.

This should fix the image builder at least for bcm27xx/bcm2710 and
bcm4908/generic.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agomediatek: update mtd parser patches
Hauke Mehrtens [Sun, 18 Apr 2021 19:51:00 +0000 (21:51 +0200)]
mediatek: update mtd parser patches

This updates the patches to match the versions included in the mtd
subsystem for the next Linux kernel version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agokernel: backport "mvmdio avoid error message for optional IRQ"
Daniel González Cabanelas [Fri, 23 Apr 2021 15:33:32 +0000 (17:33 +0200)]
kernel: backport "mvmdio avoid error message for optional IRQ"

Rid of kernel error message:
  [    0.780828] orion-mdio d0072004.mdio: IRQ index 0 not found

on Marvell targets backporting the kernel commit fa2632f74e57

Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
3 years agogeneric: mt7530: fix EEE patch
DENG Qingfang [Fri, 7 May 2021 04:36:03 +0000 (12:36 +0800)]
generic: mt7530: fix EEE patch

The higher 16-bit of EEE register was overwritten by mistake, fix that.

Fixes: 5b9ba4a93e83 ("generic: mt7530: support adjusting EEE")
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
3 years agoccache: Build with ENABLE_DOCUMENTATION=OFF
David Adair [Fri, 14 May 2021 23:04:27 +0000 (16:04 -0700)]
ccache: Build with ENABLE_DOCUMENTATION=OFF

This adjusts the Makefile to use the new option to turn off the
doc builds. It will not cause any problems except a warning
about unused options if combined with a ccache source missing
the upstream patch.

Since a config setting is required to re-enable the doc build this
is equivalent to unconditionally disabling the docs if the config
setting is not created.

Signed-off-by: David Adair <djabhead@aol.com>
3 years agomac80211: fix ATH_REG_DYNAMIC_USER_REG_HINTS
Robert Marko [Sun, 16 May 2021 16:06:58 +0000 (18:06 +0200)]
mac80211: fix ATH_REG_DYNAMIC_USER_REG_HINTS

ATH_REG_DYNAMIC_USER_REG_HINTS is currently not being set as mac80211
tries to set it as m which is not possible as its boolean only.

Since its used alongside user regulatory, move it to USER_REGD.

This is required for ath11k to accept regulatory changes, otherwise
it wont accept any changes and will simply force US.

Signed-off-by: Robert Marko <robimarko@gmail.com>
3 years agoprereq-build: g++ formatting and consistency fixes
Karl Palsson [Mon, 17 May 2021 00:38:03 +0000 (00:38 +0000)]
prereq-build: g++ formatting and consistency fixes

Remove \n that mangles output, and fix inconsistent version name check.

Example before:

Build dependency: Please install the GNU C++ Compiler (g++) 6 or later
Build dependency: \nPlease reinstall the GNU C++ Compiler (4.8 or later) - it appears to be broken
Build dependency: Please install ncurses. (Missing libncurses.so or ncurses.h)

Signed-off-by: Karl Palsson <karlp@tweak.net.au>
3 years agomvebu: 5.10 fix DVFS caused random boot crashes
Robert Marko [Wed, 19 May 2021 11:02:31 +0000 (13:02 +0200)]
mvebu: 5.10 fix DVFS caused random boot crashes

5.10.37 and 5.4.119 introduced a lot of DVFS changes for Armada 37xx from 5.13 kernel.

Unfortunately commit:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/cpufreq/armada-37xx-cpufreq.c?h=v5.10.37&id=a13b110e7c9e0dc2edcc7a19d4255fc88abd83cc

This patch actually corrects the things so that 1 or 1.2GHz models would actually get scaled to their native frequency.

However, due to a AVS setting voltages too low this will cause random crashes on 1.2GHz models.

So, until a new safe for everybody voltage is agreed on
lets revert the patch.

Fixes: d337731 ("kernel: bump 5.10 to 5.10.37")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
3 years agokernel-defaults: fix external kernel build when user_headers is missing
Matt Merhar [Fri, 26 Feb 2021 04:28:53 +0000 (23:28 -0500)]
kernel-defaults: fix external kernel build when user_headers is missing

Use an 'if' so the absence of $(LINUX_DIR)/user_headers doesn't make the
line evaluate to false and cause the build to fail.

Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
3 years agokexec-tools: add patch to fix issue with appended DTB and zImage on ARM
Alexander Egorenkov [Sat, 17 Apr 2021 07:50:39 +0000 (09:50 +0200)]
kexec-tools: add patch to fix issue with appended DTB and zImage on ARM

This patch fixes a recently found problem when a zImage passed to
kexec-tools contains an appended DTB. In that case kexec boot fails because
the decompressor wrongly tries to use the non-existing appended DTB instaed
of the one passed in the register r2.

- http://lists.infradead.org/pipermail/kexec/2021-April/022353.html

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
3 years agobinutils: update to 2.35.2
Konstantin Demin [Fri, 23 Apr 2021 06:49:55 +0000 (09:49 +0300)]
binutils: update to 2.35.2

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
3 years agokernel: limit crypto-hw-talitos to the mpc85xx and layerscape
Aleksander Jan Bajkowski [Thu, 29 Apr 2021 21:02:53 +0000 (23:02 +0200)]
kernel: limit crypto-hw-talitos to the mpc85xx and layerscape

CONFIG_CRYPTO_DEV_TALITOS depends on FSL_SOC. This driver only makes sense
on Freescale(NXP) SoCs.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
3 years agokernel: limit crypto-hw-geode to the x86/geode
Aleksander Jan Bajkowski [Thu, 29 Apr 2021 20:55:47 +0000 (22:55 +0200)]
kernel: limit crypto-hw-geode to the x86/geode

CONFIG_CRYPTO_DEV_GEODE depends on X86_32. This driver only makes sense
on X86\geode.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
3 years agokernel: crypto: drop kmod-crypto-pcompress
Aleksander Jan Bajkowski [Sun, 2 May 2021 09:27:23 +0000 (11:27 +0200)]
kernel: crypto: drop kmod-crypto-pcompress

CONFIG_CRYPTO_PCOMP and CONFIG_CRYPTO_PCOMP2 have been removed in upstream commit[1].
This symbol doesn't exist since kernel 4.6 and this package is empty.

1. [ crypto: compress - remove unused pcomp interface ]
(https://github.com/torvalds/linux/commit/110492183c4b8f572b16fce096b9d78e2da30baf)

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
3 years agokernel: crypto: drop kmod-crypto-wq
Aleksander Jan Bajkowski [Sun, 2 May 2021 09:25:46 +0000 (11:25 +0200)]
kernel: crypto: drop kmod-crypto-wq

CONFIG_CRYPTO_WORKQUEUE was removed in upstream commit[1]. This symbol doesn't
exist since kernel 5.3 and this package is empty.

1. [ crypto: cryptd - move kcrypto_wq into cryptd ]
(https://github.com/torvalds/linux/commit/3e56e168638b3e7147902c3b7257a57ea573a30e)

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
3 years agowolfssl: add support for OpenVPN
Ivan Pavlov [Wed, 5 May 2021 15:23:19 +0000 (18:23 +0300)]
wolfssl: add support for OpenVPN

Support for wolfSSL has been upstreamed to the master OpenVPN branch
in f6dca235ae560597a0763f0c98fcc9130b80ccf4, so we can use wolfSSL
directly in OpenVPN. So no more needed differnt SSL engine for OpenVPN
in systems based on wolfSSL library
Compiled && tested on ramips/mt7620, ramips/mt7621

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
3 years agofakeroot: Alpine linux libc.musl build error fix
Ruslan Isaev [Mon, 10 May 2021 14:56:59 +0000 (14:56 +0000)]
fakeroot: Alpine linux libc.musl build error fix

Prevent build error on Alpine Linux host:
libfakeroot.c error: conflicting types for 'id_t'
Error relocating openwrt/staging_dir/host/lib/libfakeroot.so: SEND_GET_XATTR: symbol not found

Signed-off-by: Ruslan Isaev <legale.legale@gmail.com>
3 years agoapm821xx: MR24: Change default config of WLAN LED
Tan Zien [Fri, 14 May 2021 16:34:11 +0000 (00:34 +0800)]
apm821xx: MR24: Change default config of WLAN LED

The previous config will only show 2.4G radio activity status

This change mr24:green:wifi4 and mr24:green:wifi2 to
show 2.4G and 5G radio on and off status

change mr24:green:wifi3 and mr24:green:wifi1 to
show 2.4G and 5G radio activity status

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
3 years agokernel: add kmod-input-leds
Anderson McKinley [Wed, 19 May 2021 23:38:21 +0000 (23:38 +0000)]
kernel: add kmod-input-leds

Adds support for LEDs on input devices. Useful for example on x86 laptops-
allows re-purposing num/caps/scroll lock LEDs.

Signed-off-by: Anderson McKinley <coyoso@tuta.io>
3 years agoipq806x: fix warning about tsens debugfs already registered
Ansuel Smith [Tue, 11 May 2021 22:20:49 +0000 (00:20 +0200)]
ipq806x: fix warning about tsens debugfs already registered

Backport a pending patch already reviewed that fix some warning about tsens debugs already registered.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
3 years agoipq806x: reduce pci IO space to 64k
Ansuel Smith [Tue, 11 May 2021 22:13:04 +0000 (00:13 +0200)]
ipq806x: reduce pci IO space to 64k

With some talk with the ARM maintainer, it was notice that enlarging the limit
to the current value is VERY wrong and clash with other memory.
A better solution would be to reduce the IO space from 1MB to 64K as probably
it's a long lasting typo and even x86 arch doesn't have a IO space that big.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
3 years agokernel: bump 5.4 to 5.4.121
John Audia [Sat, 22 May 2021 10:50:01 +0000 (06:50 -0400)]
kernel: bump 5.4 to 5.4.121

All patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800
Run-tested: ipq806x/R7800

No dmesg regressions, everything functional

Signed-off-by: John Audia <graysky@archlinux.us>
3 years agokernel: bump 5.4 to 5.4.120
John Audia [Fri, 21 May 2021 10:29:01 +0000 (06:29 -0400)]
kernel: bump 5.4 to 5.4.120

Removed upstreamed:
  generic/pending-5.4/770-02-net-ethernet-mtk_eth_soc-fix-rx-vlan-offload.patch

All other patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800

Note that since I rebased the previous commit, I removed my Run-tested line
although I confirm building the image successfully.

Signed-off-by: John Audia <graysky@archlinux.us>
3 years agokernel: bump 5.4 to 5.4.119
John Audia [Fri, 14 May 2021 09:05:17 +0000 (05:05 -0400)]
kernel: bump 5.4 to 5.4.119

Removed upstreamed:
  generic/backport-5.4/050-gro-fix-napi_gro_frags-Fast-GRO-breakage-due-to-IP-a.patch
  bcm63xx/patches-5.4/434-nand-brcmnand-fix-OOB-R-W-with-Hamming-ECC.patch*

Removed/code was included upstream and therefore redundant:
  ramips/patches-5.4/999-fix-pci-init-mt7620.patch

All other patches automatically rebased.

* update_kernel.sh did not flag this yet it was included in 5.4.119[1], as a
  result of the rebase, I removed my testing lines since I did not go back to
  test built or to run test 5.4.119 with the removed patch present.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.4.119&id=e5b3e69eb36ac1178a7a2392616fd29afd288c4e

Signed-off-by: John Audia <graysky@archlinux.us>
3 years agokernel: bump 5.4 to 5.4.118
John Audia [Tue, 11 May 2021 15:50:27 +0000 (11:50 -0400)]
kernel: bump 5.4 to 5.4.118

Manually rebased:
  ath79/patches-5.4/0033-spi-ath79-drop-pdata-support.patch

Removed uneeded patch:
  ath79/patches-5.4/0050-spi-ath79-remove-spi-master-setup-and-cleanup-assign.patch

All other patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800
Run-tested: ipq806x/R7800

No dmesg regressions, everything functional

Signed-off-by: John Audia <graysky@archlinux.us>
3 years agokernel: bump 5.10 to 5.10.39
Kevin Darbyshire-Bryant [Sat, 22 May 2021 12:10:57 +0000 (13:10 +0100)]
kernel: bump 5.10 to 5.10.39

Automatically refreshed:

generic/pending-5.10/666-Add-support-for-MAP-E-FMRs-mesh-mode.patch

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 years agokernel: bump 5.10 to 5.10.38
Rui Salvaterra [Wed, 19 May 2021 11:14:40 +0000 (12:14 +0100)]
kernel: bump 5.10 to 5.10.38

Automatically refreshed:
apm821xx/patches-5.10/802-usb-xhci-force-msi-renesas-xhci.patch
generic/backport-5.10/610-v5.13-31-net-ethernet-mtk_eth_soc-fix-parsing-packets-in-GDM.patch
generic/backport-5.10/610-v5.13-32-net-ethernet-mtk_eth_soc-add-support-for-initializin.patch
generic/backport-5.10/610-v5.13-33-net-ethernet-mtk_eth_soc-add-flow-offloading-support.patch
generic/hack-5.10/204-module_strip.patch
generic/hack-5.10/911-kobject_add_broadcast_uevent.patch
ipq806x/patches-5.10/104-1-drivers-thermal-tsens-Add-VER_0-tsens-version.patch
ipq806x/patches-5.10/104-8-drivers-thermal-tsens-Add-support-for-ipq8064-tsens.patch

Deleted (reverse-appliable):
generic/backport-5.10/610-v5.13-37-net-ethernet-mtk_eth_soc-fix-RX-VLAN-offload.patch
ipq806x/patches-5.10/106-5.13-net-stmmac-Set-FIFO-sizes-for-ipq806x.patch

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 years agohostapd: wolfssl: add RNG to EC key
David Bauer [Wed, 5 May 2021 23:53:49 +0000 (01:53 +0200)]
hostapd: wolfssl: add RNG to EC key

Since upstream commit 6467de5a8840 ("Randomize z ordinates in
scalar mult when timing resistant") WolfSSL requires a RNG for
the EC key when built hardened which is the default.

Set the RNG for the EC key to fix connections for OWE clients.

Signed-off-by: David Bauer <mail@david-bauer.net>
3 years agowolfssl: always export wc_ecc_set_rng
David Bauer [Wed, 5 May 2021 23:48:04 +0000 (01:48 +0200)]
wolfssl: always export wc_ecc_set_rng

Since commit 6467de5a8840 ("Randomize z ordinates in scalar
mult when timing resistant") wolfssl requires a RNG for an EC
key when the hardened built option is selected.

wc_ecc_set_rng is only available when built hardened, so there
is no safe way to install the RNG to the key regardless whether
or not wolfssl is compiled hardened.

Always export wc_ecc_set_rng so tools such as hostapd can install
RNG regardless of the built settings for wolfssl.

Signed-off-by: David Bauer <mail@david-bauer.net>
3 years agobusybox: nslookup applet link with resolv if use glibc
Chen Minqiang [Thu, 20 May 2021 08:34:28 +0000 (16:34 +0800)]
busybox: nslookup applet link with resolv if use glibc

This fixed b36b8b6929c6d6b17edddfb4597cf6a26a991ed0
("busybox: remove nslookup_lede/openwrt.patch")

It is likely dropped by mistake, This add back the changes

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
3 years agogrub2: disable liblzma dependency
Dirk Neukirchen [Thu, 20 May 2021 08:39:35 +0000 (10:39 +0200)]
grub2: disable liblzma dependency

Florian Ekert reported:

"I have build a fresh master branch recently, Since your last change [1]
on grub2, I have now a new dependency on liblzma for the install package
grub2-editenv.

root@st-dev-07 /usr/lib # ldd /root/grub-editenv
       /lib/ld-musl-x86_64.so.1 (0x7f684b088000)
       liblzma.so.5 => /usr/lib/liblzma.so.5 (0x7f684b06d000)
       libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x7f684b059000)
       libc.so => /lib/ld-musl-x86_64.so.1 (0x7f684b088000)

This was not the case before your update.

root@st-dev-07 /usr/sbin # ldd /usr/sbin/grub-editenv
       /lib/ld-musl-x86_64.so.1 (0x7fd970176000)
       libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x7fd970162000)
       libc.so => /lib/ld-musl-x86_64.so.1 (0x7fd970176000)

My build complains that it cannot satisfy the runtime package dependency
for grub2-editenv.

install -d -m0755 /home/feckert/workspace/openwrt/LDM-master-x86_64/build/openwrt/build_dir/target-x86_64_musl/linux-x86_64/grub-pc/grub-2.06~rc1/ipkg-x86_64/grub2-editenv/usr/sbin
install -m0755 /home/feckert/workspace/openwrt/LDM-master-x86_64/build/openwrt/build_dir/target-x86_64_musl/linux-x86_64/grub-pc/grub-2.06~rc1/grub-editenv /home/feckert/workspace/openwrt/LDM-master-x86_64/build/openwrt/build_dir/target-x86_64_musl/linux-x86_64/grub-pc/grub-2.06~rc1/ipkg-x86_64/grub2-editenv/usr/sbin/
find /home/feckert/workspace/openwrt/LDM-master-x86_64/build/openwrt/build_dir/target-x86_64_musl/linux-x86_64/grub-pc/grub-2.06~rc1/ipkg-x86_64/grub2-editenv -name 'CVS' -o -name '.svn' -o -name '.#*' -o -name '*~'| xargs -r rm -rf
Package grub2-editenv is missing dependencies for the following libraries:
liblzma.so.5
make[2]: *** [Makefile:166: /home/feckert/workspace/openwrt/LDM-master-x86_64/build/openwrt/bin/APOS/feckert/master/master-Maggie-455-ga5edc0e8e/x86_64/targets/x86/64/packages/grub2-editenv_2.06~rc1-1_x86_64.ipk] Error 1
make[2]: Leaving directory '/home/feckert/workspace/openwrt/LDM-master-x86_64/build/openwrt/package/boot/grub2'
time: package/boot/grub2/pc/compile#78.64#9.79#83.88
   ERROR: package/boot/grub2 failed to build (build variant: pc).
make[1]: *** [package/Makefile:116: package/boot/grub2/compile] Error 1
make[1]: Leaving directory '/home/feckert/workspace/openwrt/LDM-master-x86_64/build/openwrt'
make: *** [/home/feckert/workspace/openwrt/LDM-master-x86_64/build/openwrt/include/toplevel.mk:230: package/boot/grub2/compile] Error 2

If I add the following changes to the package all works as expected.

<snip>
-  DEPENDS:=@TARGET_x86
+  DEPENDS:=@TARGET_x86 +liblzma
  VARIANT:=pc
endef

This is a hotfix but I dont´t think this is the final solution, because lzma is provided by the package xz.
And This is maintained in the package feed [not the core]"

Dirk stated & offered his patch to disable liblzma and thus resolve the
'out of core dependency' problem:

"LZMA is used in mkimage.c
disabling it prints
Without liblzma (no support for XZ-compressed mips images) (explicitly disabled)
(see configure.ac)

liblzma is autodetected so this issue was present but hidden somehow

[unsure: grep/image generation does not use grub with that option]
OpenWrt does not use that feature currently

[!] some scripts and examples use --compression=xz or -C xz and those will break

grub has an internal xzlib for different "lzma" functionality
(ext. LIBLZMA from XZ (GRUB_COMPRESSION_XZ) vs. GRUB_COMPRESSION_LZMA)"

Hopefully fixes e74d81ece2e2932a4f370d8e6d180061a6a2c229 and doesn't
break anything else.

Signed-off-by: Dirk Neukirchen <plntyk.lede@plntyk.name>
[include Florian's description of how problem 1st encountered]
[bump package release]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 years agouboot-envtools: support uci-default config also per subtargets
Piotr Dymacz [Thu, 1 Apr 2021 22:52:56 +0000 (00:52 +0200)]
uboot-envtools: support uci-default config also per subtargets

The current version of 'uboot-envtools' package generates dedicated
uci-default file only per target. This change makes it possible to
use subtarget-specific files, with name pattern: 'target_subtarget'
(example: 'ath79_nand'). The subtarget-specific files will take
precedence over target-specific one.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoimx6: image: cleanup variables order within device's defines
Piotr Dymacz [Sun, 28 Mar 2021 13:31:12 +0000 (15:31 +0200)]
imx6: image: cleanup variables order within device's defines

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoimx6: image: keep devices in alphabetical order
Piotr Dymacz [Sun, 28 Mar 2021 13:23:47 +0000 (15:23 +0200)]
imx6: image: keep devices in alphabetical order

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agouboot-imx6: update BUILD_DEVICES values
Piotr Dymacz [Sun, 28 Mar 2021 23:02:52 +0000 (01:02 +0200)]
uboot-imx6: update BUILD_DEVICES values

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agouboot-imx6: drop 'HIDDEN' flag from 'mx6cuboxi' define
Piotr Dymacz [Sun, 28 Mar 2021 23:02:05 +0000 (01:02 +0200)]
uboot-imx6: drop 'HIDDEN' flag from 'mx6cuboxi' define

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoimx6: image: use vendor_model scheme
Piotr Dymacz [Sat, 9 Jan 2021 15:47:41 +0000 (16:47 +0100)]
imx6: image: use vendor_model scheme

This switches device names to the common 'vendor_model' approach as in
most of other targets in OpenWrt.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoimx6: image: cleanup image recipes
Piotr Dymacz [Fri, 8 Jan 2021 11:18:32 +0000 (12:18 +0100)]
imx6: image: cleanup image recipes

- drop unused 'UBOOT' variable from 'Device/apalis' recipe
- fix 'KERNEL_SUFFIX' for 'Device/cubox-i' (should be '-zImage')
- drop redundant 'DEVICE_{VENDOR,MODEL}' from 'Device/ventana-large'
- other, minor fixes

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoimx6: rename Freescale to NXP in BOARDNAME and profiles
Piotr Dymacz [Tue, 9 Mar 2021 12:41:27 +0000 (13:41 +0100)]
imx6: rename Freescale to NXP in BOARDNAME and profiles

Freescale no longer exists, it was acquired by NXP in 2015.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agofirmware-utils: fix coverity zytrx.c resource leak
Kevin Darbyshire-Bryant [Sun, 16 May 2021 10:46:32 +0000 (11:46 +0100)]
firmware-utils: fix coverity zytrx.c resource leak

fix coverity resource leak warning:

     *len = stat.st_size;
     mapped = mmap(NULL, stat.st_size, PROT_READ, MAP_SHARED, fd, 0);
     if (close(fd) < 0)
CID 1484880:  Resource leaks  (RESOURCE_LEAK)
Variable "mapped" going out of scope leaks the storage it points to.
     return NULL;
     return mapped;
    }

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 years agoRevert "base-files: migrate old UCI network bridge ports syntax"
Rafał Miłecki [Thu, 20 May 2021 10:23:55 +0000 (12:23 +0200)]
Revert "base-files: migrate old UCI network bridge ports syntax"

This reverts commit f716c30241d5fd9d821560f58d0af0c3ffe78600.

Migrating everyone to the new syntax could break downgrades. We may
reintroduce it way later if needed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agonetifd: update to the latest master
Rafał Miłecki [Thu, 20 May 2021 10:22:12 +0000 (12:22 +0200)]
netifd: update to the latest master

config: fix ifname->ports compat rename

Fixes: 829b5c2ba32f ("netifd: update to the latest version")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agobase-files: generate bridge device sections with br- name prefix
Rafał Miłecki [Thu, 20 May 2021 08:32:18 +0000 (10:32 +0200)]
base-files: generate bridge device sections with br- name prefix

Missing br- prefix could result in name conflict between DSA port
interface and bridge interface. Some devices with just one LAN port use
"lan" interface name for DSA port. Trying to create bridge with the same
"lan" name was failing.

Reported-by: David Bauer <mail@david-bauer.net>
Fixes: 43fc720657c6 ("base-files: generate "device" UCI type section for bridge")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agobusybox: preserve crontabs
Philip Prindeville [Wed, 5 May 2021 23:43:55 +0000 (17:43 -0600)]
busybox: preserve crontabs

/etc/syslog.conf is used by sysklogd, and /etc/crontabs is used
by crond, both features of busybox.  Given this, ownership for
these files should be bound to busybox, especially if one day
there's a way to do an in-place opkg update of busybox.

There's also the busybox provided syslogd which uses this file
if CONFIG_BUSYBOX_FEATURE_SYSLOGD_CFG is set.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agobusybox: remove nslookup_lede/openwrt.patch
Nick Hainke [Wed, 12 May 2021 18:36:58 +0000 (20:36 +0200)]
busybox: remove nslookup_lede/openwrt.patch

The nslookup_lede/openwrt applet was introduced in de5b8e5. It was
introduced because:

  Add a new LEDE nslookup applet which is compatible with musl libc
  and providing more features like ability to specify query type.

  In contrast to busybox' builtin nslookup applet, this variant does
  not rely on libc resolver internals but uses explicit send logic
  and the libresolv primitives to parse received DNS responses.

In busybox this applet is added in 0dd3be8. In particular, this commit
introduces the variable NSLOOKUP_BIG. We set the default to true and
so nothing changes.

Signed-off-by: Nick Hainke <vincent@systemli.org>
3 years agobusybox: show reproducible timestamp
Paul Spooren [Thu, 13 May 2021 21:57:45 +0000 (23:57 +0200)]
busybox: show reproducible timestamp

On login busybox shows a timestamp per default contianing the build
date. Since the build date isn't reproducible per default this behaviour
was disabled by default via 34df4d40 "busybox: disable timestamp in
version".

This commit modifies busybox so that the printed timestamp reproducible
using SOURCE_DATE_EPOCH and therefore shouldn't be disabled anymore.

Before:

    BusyBox v1.33.1 () built-in shell (ash)

After:

    BusyBox v1.33.1 (2021-05-13 09:34:34 UTC) built-in shell (ash)

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agobase-files: migrate old UCI network bridge ports syntax
Rafał Miłecki [Sat, 15 May 2021 21:04:35 +0000 (23:04 +0200)]
base-files: migrate old UCI network bridge ports syntax

netifd has been recently patched to use more accurate "ports" option
instead of "ifname". This is a simple translation between two UCI
options.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agobase-files: generate "device" UCI type section for bridge
Rafał Miłecki [Sat, 15 May 2021 19:06:27 +0000 (21:06 +0200)]
base-files: generate "device" UCI type section for bridge

This switches from the old way of defining bridges in an "interface" UCI
section type (that should be used for layer 3 only). From now a defualt
board switch will have its own "device" UCI section type. It's a new &
preferred way of defining L2 devices.

Before:

config interface 'lan'
        option type 'bridge'
        option ifname 'lan1 lan2 lan3 lan4'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'

After:

config device
        option name 'lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'

config interface 'lan'
        option ifname 'lan'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agorpcd: fix PKG_MIRROR_HASH
David Bauer [Tue, 18 May 2021 17:30:09 +0000 (19:30 +0200)]
rpcd: fix PKG_MIRROR_HASH

Fixes commit 97e820c6d61d ("rpcd: update to latest HEAD")

Signed-off-by: David Bauer <mail@david-bauer.net>
3 years agobusybox: use $(AUTORELEASE) and SPDX
Paul Spooren [Tue, 18 May 2021 13:36:10 +0000 (15:36 +0200)]
busybox: use $(AUTORELEASE) and SPDX

use AUTORELEASE since BusyBox is often updaten and PKG_RELEASE is not
consistently bumped. Also use SPDX license headers to be machine
readable and bump the copyright year to 2021.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agonetifd: update to the latest version
Felix Fietkau [Tue, 18 May 2021 10:52:31 +0000 (12:52 +0200)]
netifd: update to the latest version

02dd2f2df7cb fix unannotated fall-through warnings
3052f2f67686 extdev: remove unused function
2a97fd006c3b device: add support for configuring devices with external auth handler
87e469be0c08 wireless: fix memory corruption bug when using vlans/station entries in the config
7277764bf817 bridge: rename "ifname" attribute to "ports"

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agohostapd: add patch for disabling automatic bridging of vlan interfaces
Felix Fietkau [Tue, 18 May 2021 10:50:17 +0000 (12:50 +0200)]
hostapd: add patch for disabling automatic bridging of vlan interfaces

netifd is responsible for handling that, except if the vlan bridge
was provided by the config

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agohostapd: add ubus notifications for adding/removing vlan interfaces
Felix Fietkau [Tue, 18 May 2021 10:16:11 +0000 (12:16 +0200)]
hostapd: add ubus notifications for adding/removing vlan interfaces

This can be used to handle network configuration of dynamically created vlan
interfaces in a more flexible way

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agolibubox: update to the latest version
Felix Fietkau [Mon, 17 May 2021 15:58:52 +0000 (17:58 +0200)]
libubox: update to the latest version

870acee325fe tests: cram: test_base64: fix failing tests
4d8995e91d56 tests: cram: test_base64: really fix failing tests
551d75b5662c libubox: tests: add more blobmsg/json test cases
a0dbcf8b8f96 tests: add blob-buffer overflow test
b36a3a90098d blob: fix exceeding maximum buffer length
b8abed749423 utils.h: add fallthrough macro
b14c4688612c json_script: fix unannotated fall-through warning

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agotoolchain/gdb: fix broken configure test for ELF support
Felix Fietkau [Mon, 17 May 2021 15:16:56 +0000 (17:16 +0200)]
toolchain/gdb: fix broken configure test for ELF support

A missing #include was causing gdb on macOS to be compiled without ELF support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agobase-files: use "ports" array in board.json network for bridges
Rafał Miłecki [Fri, 14 May 2021 09:09:57 +0000 (11:09 +0200)]
base-files: use "ports" array in board.json network for bridges

Bridge aggregates multiple ports so use a more accurate name ("ports")
and format (array) for storing them in board.json.

Example:

"network": {
"lan": {
"ports": [
"lan1",
"lan2",
"lan3",
"lan4"
],
"protocol": "static"
},
"wan": {
"ifname": "wan",
"protocol": "dhcp"
}
}

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agoopenwrt-keyring: Only copy sign key for snapshots
Hauke Mehrtens [Wed, 12 May 2021 23:25:55 +0000 (01:25 +0200)]
openwrt-keyring: Only copy sign key for snapshots

Instead of adding all public signature keys from the openwrt-keyring
repository only add the key which is used to sign the master feeds.

If one of the other keys would be compromised this would not affect
users of master snapshot builds.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agobmips: remove duplicated brcmnand patch
Álvaro Fernández Rojas [Mon, 17 May 2021 10:25:34 +0000 (12:25 +0200)]
bmips: remove duplicated brcmnand patch

brcmnand patch was applied upstream on 5.10.37 update.

Fixes: d337731f85c8 ("kernel: bump 5.10 to 5.10.37")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
3 years agoocteon: use shared function for platform_copy_config()
Adrian Schmutzler [Sun, 16 May 2021 21:58:59 +0000 (23:58 +0200)]
octeon: use shared function for platform_copy_config()

This reduces redundant instructions.

The solution is inspired by a different implemention of
Roman Kuzmitskii.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoath79: add support for ZiKing CPE46B
Giulio Lorenzo [Tue, 6 Oct 2020 12:14:31 +0000 (14:14 +0200)]
ath79: add support for ZiKing CPE46B

ZiKing CPE46B is a POE outdoor 2.4ghz device with an integrated directional
antenna. It is low cost and mostly available via Aliexpress, references can
be found at:
- https://forum.openwrt.org/t/anddear-ziking-cpe46b-ar9331-ap121/60383
- https://git.lsd.cat/g/openwrt-cpe46b

Specifications:

- Atheros AR9330
- 32MB of RAM
- 8MB of flash (SPI NOR)
- 1 * 2.4ghz integrated antenna
- 2 * 10/100/1000 ethernet ports (1 POE)
- 3 * Green LEDs controlled by the SoC
- 3 * Green LEDs controlled via GPIO
- 1 * Reset Button controlled via GPIO
- 1 * 4 pin serial header on the PCB
- Outdoor packaging

Flashing instruction:

You can use sysupgrade image directly in vendor firmware which is based
on OpenWrt/LEDE. In case of issues with the vendor GUI, the vendor
Telnet console is vulnerable to command injection and can be used to gain
a shell directly on the OEM OpenWrt distribution.

Signed-off-by: Giulio Lorenzo <salveenee@mortemale.org>
[fix whitespaces, drop redundant uart status and serial0, drop
num-chipselects, drop 0x1002 MAC address for wmac]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoath79: fix leading whitespaces in generic 01_leds
Adrian Schmutzler [Sun, 16 May 2021 19:37:43 +0000 (21:37 +0200)]
ath79: fix leading whitespaces in generic 01_leds

Use tabs consistently.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoath79: add support for COMFAST CF-E375AC
Joao Henrique Albuquerque [Fri, 14 Aug 2020 15:04:02 +0000 (12:04 -0300)]
ath79: add support for COMFAST CF-E375AC

COMFAST CF-E375AC is a ceiling mount AP with PoE support,
based on Qualcomm/Atheros QCA9563 + QCA9886 + QCA8337.

Short specification:

    2x 10/100/1000 Mbps Ethernet, with PoE support
    128MB of RAM (DDR2)
    16 MB of FLASH
    3T3R 2.4 GHz, 802.11b/g/n
    2T2R 5 GHz, 802.11ac/n/a, wave 2
    built-in 5x 3 dBi antennas
    output power (max): 500 mW (27 dBm)
    1x RGB LED, 1x button
    built-in watchdog chipset

Flash instruction:
1) Original firmware is based on OpenWrt.
Use sysupgrade image directly in vendor GUI.

2) TFTP
2.1) Set a tftp server on your machine with a fixed IP address of
     192.168.1.10. A place the sysupgrade as firmware_auto.bin.
2.2) boot the device with an ethernet connection on fixed ip route
2.3) wait a few seconds and try to login via ssh

3) TFTP trough Bootloader
3.1) open the device case and get a uart connection working
3.2) stop the autoboot process and test connection with serverip
3.3) name the sysupgrade image firmware.bin and run firmware_upg

MAC addresses:
Though the OEM firmware has four adresses in the usual locations,
it appears that the assigned addresses are just incremented in a
different way:

interface    address    location
LAN:          *:DC      0x0
WAN           *:DD      0x1002
WLAN 2.4g     *:E6      n/a (0x0 + 10)
WLAN 5g       *:DE      0x6
unused        *:DF      0x5006

The MAC address pointed at the label is the one assign to the LAN
interface.

Signed-off-by: Joao Henrique Albuquerque <joaohccalbu@gmail.com>
[add label-mac-device, remove redundant uart status, fix whitespace
issues, fix commit message wrapping, remove x bit on DTS file]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoocteon: add new target and support for Ubiquiti EdgeRouter 6P
Dan Brown [Wed, 12 May 2021 12:48:01 +0000 (14:48 +0200)]
octeon: add new target and support for Ubiquiti EdgeRouter 6P

Ubiquiti EdgeRouter 6P is 6 port router with similar
specifications as the EdgeRouter 4, support for which was added
in commit dd651e54cc5eadba480a56a7d2c18471e560f491

There are five 10/100/1000 Mbps RJ/Copper ports and
one 1000 Mbps SFP port.

SoC: Octeon Cavium 7130 (Cavium 3) at 1000MHz
Memory: 1GiB DDR3
Flash: 2x2M chips with uboots (chainloaded) + 512K eeprom
LEDs: 1x for power status (white/blue, controllable)
  and 6x for ethernet and SFP ports (no control over them)
Buttons: 1x Reset
Serial: 1x RJ45 port on front panel. 115200 baud, 8N1
USB: 1x USB3.0 on front panel
MII: 1x QSGMII from SoC
PHY: 1x Vitesse VSC8504 of which 4 ports are used (phys 4-7)
     1x Vitesse VSC8514 of which 2 ports are used (phys 8-9)

Network port mapping
 - eth0 on device maps to lan0 and phy5
 - eth1 on device maps to lan1 and phy6
 - eth2 on device maps to lan2 and phy7
 - eth3 on device maps to lan3 and phy8
 - eth4 on device maps to lan4 and phy9
 - eth5 (SFP) on device maps to lan5 and phy4

What is not working:
 - There is no port status available before it goes up
 - SFP have no additional status and presented as no different from eth
 - Power-over-ethernet (passive) support has not been tested

How to flash the firmware:
  - copy openwrt-octeon-ubnt_edgerouter-6p-initramfs-kernel.bin and
    openwrt-octeon-ubnt_edgerouter-6p-squashfs-sysupgrade.tar to
    USB flash drive that is formatted to vfat/fat32
  - connect USB flash drive to EdgeRouter 6P front USB port
  - connect serial cable using front RJ45 port (115200 baud, 8N1)
  - connect power to cable to EdgeRouter 6P
  - connect terminal to the console to see uboot boot process
  - interrupt boot by pressing button(s) on your keyboard to log
    in to the uboot
  - detect usb connected flash drives by typing to the console:
    usb start
  - after drive is detected load initramfs+kernel to the memory by typing:
    fatload usb 0:1 0x20000000 openwrt-octeon-ubnt_edgerouter-6p-initramfs-kernel.bin
  - after initramfs+kernel is loaded to the memory load it by typing:
    bootoctlinux 0 numcores=4 endbootargs mem=0
  - boot process should finish and you will be greeted with console
    after pressing enter
  - create directory to mount usb flash drive to by typing:
    mkdir /tmp/sda
  - mount flash drive to that directory by typing:
    mount /dev/sda1 /tmp/sda
  - flash firmware to router internal storage by typing:
    sysupgrade /tmp/sda/openwrt-octeon-ubnt_edgerouter-6p-squashfs-sysupgrade.tar
  - device will reboot and after it gets up you will have
    edgerouter 6p running openwrt

Signed-off-by: Dan Brown <danbrown@gmail.com>
[reorder/squash patches, move ethernet@0 to DTS, share image setup]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoocteon: create shared DTSI for Ubiquiti E300 platform
Dan Brown [Sat, 15 May 2021 21:40:50 +0000 (23:40 +0200)]
octeon: create shared DTSI for Ubiquiti E300 platform

EdgeRouter 4 and upcoming EdgeRouter 6P and 12 have similar setup,
so create a shared DTSI to prevent duplicate code.

Signed-off-by: Dan Brown <danbrown@gmail.com>
[reorder/squash commits, add description, move ethernet@0 to DTS]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agobase-files: change logging for upgrade on fwtool
Florian Eckert [Wed, 3 Feb 2021 09:24:02 +0000 (10:24 +0100)]
base-files: change logging for upgrade on fwtool

Remove vn call in favour of v call. This commit serves as preparation
for removing the v function call.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[alter slightly to prevent double space after colon]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoramips: fix SUPPORTED_DEVICES for ALFA Network devices
Piotr Dymacz [Sun, 16 May 2021 21:48:04 +0000 (23:48 +0200)]
ramips: fix SUPPORTED_DEVICES for ALFA Network devices

Vendor firmware expects model name without manufacturer name inside
'supported_devices' part of metadata. This allows direct upgrade to
OpenWrt from vendor's GUI.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
3 years agoath79: set lzma-loader variables to null by default
Michael Pratt [Sat, 8 May 2021 21:34:30 +0000 (17:34 -0400)]
ath79: set lzma-loader variables to null by default

This fixes a small regression where the lzma-loader variable values
are being shared between boards that require different configurations.

If not set to "" globally, a device without these settings will just take
the last values another device has set before in the queue.

Fixes: 1b8bd17c2d07 ("ath79: lzma-loader: allow setting custom kernel magic")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
[add detailed explanation to the commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agofstools: add missing #define _GNU_SOURCE
Daniel Golle [Sun, 16 May 2021 08:54:50 +0000 (09:54 +0100)]
fstools: add missing #define _GNU_SOURCE

asprintf requires _GNU_SOURCE to be defined. Set it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agogrub2: bump to 2.06-rc1
Stijn Tintel [Fri, 14 May 2021 14:11:42 +0000 (17:11 +0300)]
grub2: bump to 2.06-rc1

When building GRUB with binutils 2.35.2 or later, an error occurs due to
a section .note.gnu.property that is placed at an offset such that
objcopy needs to pad the img file with zeros. This in turn causes the
following error: "error: Decompressor is too big.".

The fix accepted by upstream patches a python script that isn't executed
at all when building GRUB with OpenWrt buildroot. There's another patch
that patches the files generated by that python script directly, but by
including it we would deviate further from upstream. Instead of doing
that, simply bump to the latest release candidate.

As one of the fixes for the CVEs causes grub to crash on some x86
hardware using legacy BIOS when compiled with -O2, filter -O2 and
-O3 out of TARGET_CFLAGS.

Fixes the following CVEs:
- CVE-2020-14372
- CVE-2020-25632
- CVE-2020-25647
- CVE-2020-27749
- CVE-2020-27779
- CVE-2021-3418
- CVE-2021-20225
- CVE-2021-20233

Runtime-tested on x86/64.

Fixes: FS#3790
Suggested-by: Dirk Neukirchen <plntyk.lede@plntyk.name>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 years agoumdns: bump to git HEAD
Stijn Tintel [Thu, 13 May 2021 13:08:14 +0000 (16:08 +0300)]
umdns: bump to git HEAD

777a0b service: fix compilation with GCC 10

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
3 years agofstools: update to git HEAD
Daniel Golle [Sat, 15 May 2021 23:33:26 +0000 (00:33 +0100)]
fstools: update to git HEAD

 c44b40b overlay: fix syncronizing typo
 b5397a1 fstools: block: fix segfault on mount with no target
 bd7cc8d block: use dynamically allocated target string
 6d8450e blockd: use allocated strings instead of fixed buffers
 d47909e libblkid-tiny: fix buffer overflow
 67d2297 block: match device path instead of assuming /dev/%s
 2aeba88 block: allow autofs and umount commands also on MTD/UBI

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agomt76: update to the latest version
Felix Fietkau [Sat, 15 May 2021 07:13:19 +0000 (09:13 +0200)]
mt76: update to the latest version

28b162366d09 mt76: fix calling mt76_get_of_eeprom with an offset for pre-cal data
9d736545bb5a mt76: mt7915: disable pre-calibration support for now

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agouclient: update to Git version 2021-05-14
Baptiste Jonglez [Fri, 14 May 2021 21:40:40 +0000 (23:40 +0200)]
uclient: update to Git version 2021-05-14

6a6011d uclient-http: set eof mark when content-length is 0
19571e4 tests: fix help usage test for uclient built with sanitizer
c5fc04b tests: fix help usage test

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
3 years agobusybox: disable PREFER_IPV4_ADDRESS
Baptiste Jonglez [Thu, 13 May 2021 17:50:22 +0000 (19:50 +0200)]
busybox: disable PREFER_IPV4_ADDRESS

PREFER_IPV4_ADDRESS is broken on IPv6-only hosts, as it causes busybox
utilities (ping, traceroute, ntpd) to forcibly use the A record instead of
the AAAA record when resolving a DNS name.  This obviously fails when
there is no IPv4 connectivity.  Since IPv6-only hosts or routers will only
become more common over time, disable PREFER_IPV4_ADDRESS to support this
use-case.

As a side-effect, disabling PREFER_IPV4_ADDRESS changes the default
resolution behaviour of busybox utilities on dual-stack hosts.  Busybox
utilities now simply use the order given by getaddrinfo(), so they will
now prefer IPv6 addresses when resolving a name with both A and AAAA
records if there is IPv6 connectivity.  This is in line with RFC 6724.

PREFER_IPV4_ADDRESS was likely intended to work around naive
implementations of getaddrinfo() that could return AAAA records first,
even on an IPv4-only host.  But both musl (since 1.1.3) and glibc
correctly implement RFC 6724 for getaddrinfo() and check connectivity to
determine the correct order in which to return records.  On IPv4-only
hosts, getaddrinfo() will return A records first, so there is no need for
the PREFER_IPV4_ADDRESS hack.

See also: https://bugs.busybox.net/show_bug.cgi?id=12381

Fixes: FS#84
Fixes: FS#2608
References: https://github.com/openwrt/openwrt/pull/4167
Signed-off-by: Alexander Traud <pabstraud@compuserve.com>
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
3 years agokernel: bump 5.10 to 5.10.37
Rui Salvaterra [Fri, 14 May 2021 12:58:11 +0000 (13:58 +0100)]
kernel: bump 5.10 to 5.10.37

Automatically refreshed:
ath79/patches-5.10/0032-MIPS-ath79-sanitize-symbols.patch
bcm63xx/patches-5.10/322-MIPS-BCM63XX-switch-to-IRQ_DOMAIN.patch
bcm63xx/patches-5.10/434-nand-brcmnand-fix-OOB-R-W-with-Hamming-ECC.patch
bmips/patches-5.10/001-v5.11-mips-bmips-select-ARCH_HAS_RESET_CONTROLLER.patch
bmips/patches-5.10/041-v5.13-mtd-rawnand-brcmnand-fix-OOB-R-W-with-Hamming-ECC.patch
bmips/patches-5.10/202-mips-bmips-disable-ARCH_HAS_SYNC_DMA_FOR_CPU_ALL.patch
bmips/patches-5.10/600-mips-bmips-add-pci-support.patch
generic/backport-5.10/103-v5.13-MIPS-select-CPU_MIPS64-for-remaining-MIPS64-CPUs.patch
generic/hack-5.10/301-mips_image_cmdline_hack.patch
generic/hack-5.10/402-mtd-blktrans-call-add-disks-after-mtd-device.patch
generic/hack-5.10/902-debloat_proc.patch
generic/pending-5.10/300-mips_expose_boot_raw.patch
generic/pending-5.10/495-mtd-core-add-get_mtd_device_by_node.patch
generic/pending-5.10/630-packet_socket_type.patch
ipq806x/patches-5.10/0072-add-ipq806x-with-no-clocks.patch
ipq806x/patches-5.10/099-1-mtd-nand-raw-qcom_nandc-add-boot_layout_mode-support.patch
lantiq/patches-5.10/0001-MIPS-lantiq-add-pcie-driver.patch
lantiq/patches-5.10/0023-NET-PHY-add-led-support-for-intel-xway.patch
lantiq/patches-5.10/0152-lantiq-VPE.patch

Deleted (reverse-appliable):
bmips/patches-5.10/052-v5.13-gpio-guard-gpiochip_irqchip_add_domain-with-GPIOLIB_.patch
generic/backport-5.10/499-v5.13-mtd-don-t-lock-when-recursively-deleting-partitions.patch

Deleted (alternative upstream fix):
ramips/patches-5.10/330-fix-pci-init-mt7620.patch

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 years agokernel: bump 5.10 to 5.10.36
Rui Salvaterra [Thu, 13 May 2021 14:49:54 +0000 (15:49 +0100)]
kernel: bump 5.10 to 5.10.36

Automatically refreshed:
apm821xx/patches-5.10/802-usb-xhci-force-msi-renesas-xhci.patch
ath79/patches-5.10/410-spi-ath79-Implement-the-spi_mem-interface.patch
bcm63xx/patches-5.10/143-gpio-fix-device-tree-gpio-hogs-on-dual-role-gpio-pin.patch
generic/pending-5.10/465-m25p80-mx-disable-software-protection.patch
ipq806x/patches-5.10/0069-arm-boot-add-dts-files.patch
ipq806x/patches-5.10/101-dwmac-ipq806x-qsgmii-pcs-all-ch-ctl.patch
ipq806x/patches-5.10/106-5.13-net-stmmac-Set-FIFO-sizes-for-ipq806x.patch

Deleted (empty or reverse-appliable):
ath79/patches-5.10/411-spi-ath79-add-SPI_MASTER_GPIO_SS-flag.patch
ath79/patches-5.10/0050-spi-ath79-remove-spi-master-setup-and-cleanup-assign.patch
ath79/patches-5.10/0054-spi-sync-up-initial-chipselect-state.patch

Manually refreshed:
ath79/patches-5.10/0033-spi-ath79-drop-pdata-support.patch

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 years agoath79: fix sorting in generic 02_network
Adrian Schmutzler [Thu, 13 May 2021 19:19:01 +0000 (21:19 +0200)]
ath79: fix sorting in generic 02_network

The two device strings were not ordered properly.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agobuild: introduce $(MKHASH)
Leonardo Mörlein [Sun, 9 May 2021 20:28:15 +0000 (22:28 +0200)]
build: introduce $(MKHASH)

Before this commit, it was assumed that mkhash is in the PATH. While
this was fine for the normal build workflow, this led to some issues if

    make TOPDIR="$(pwd)" -C "$pkgdir" compile

was called manually. In most of the cases, I just saw warnings like this:

    make: Entering directory '/home/.../package/gluon-status-page'
    bash: line 1: mkhash: command not found
    bash: line 1: mkhash: command not found
    bash: line 1: mkhash: command not found
    bash: line 1: mkhash: command not found
    bash: line 1: mkhash: command not found
    bash: line 1: mkhash: command not found
    bash: line 1: mkhash: command not found
    bash: line 1: mkhash: command not found
    [...]

While these were only warnings and the package still compiled sucessfully,
I also observed that some package even fail to build because of this.

After applying this commit, the variable $(MKHASH) is introduced. This
variable points to $(STAGING_DIR_HOST)/bin/mkhash, which is always the
correct path.

Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
3 years agoipq806x: base-files: asrock: fix bootcount include
Petr Štetiar [Fri, 7 May 2021 13:06:48 +0000 (15:06 +0200)]
ipq806x: base-files: asrock: fix bootcount include

Fixes following error while executing the init script on the buildhost:

 Enabling boot
 ./etc/init.d/bootcount: line 5: /lib/upgrade/asrock.sh: No such file or directory
 Enabling bootcount

While at it fix following shellcheck issue:

 base-files/etc/init.d/bootcount line 11:
    if [ $? -eq 0 ]; then
         ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.

Cc: Ansuel Smith <ansuelsmth@gmail.com>
Cc: Pawel Dembicki <paweldembicki@gmail.com>
Cc: Christian Lamparter <chunkeey@gmail.com>
Fixes: 98b86296e67d ("ipq806x: add support for ASRock G10")
References: https://gitlab.com/ynezz/openwrt/-/jobs/1243290743#L1444
Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agomt76: update to the latest version
Felix Fietkau [Thu, 13 May 2021 08:24:44 +0000 (10:24 +0200)]
mt76: update to the latest version

Includes fix for CVE-2020-24588

c7dd54a22e30 mt76: connac: skip wtbl reset on sta disconnect
3511fd430356 mt76: validate rx A-MSDU subframes
aedc3145de6e mt76: fix possible NULL pointer dereference in mt76_tx
5c2baab92cd0 mt76: mt7615: fix NULL pointer dereference in tx_prepare_skb()
af21659ee834 mt76: mt76x0: use dev_debug instead of dev_err for hw_rf_ctrl
e423c16f16f7 mt76: mt7615: free irq if mt7615_mmio_probe fails
f2d0da8da9b7 mt76: mt7663: enable hw rx header translation
d2713a5d9de9 mt76: mt7921: fix mt7921_wfsys_reset sequence
ce5f32d84f33 mt76: mt7921: Don't alter Rx path classifier
8ab8c7747197 mt76: connac: fw_own rely on all packet memory all being free
a747b0bb4956 mt76: mt7921: enable deep sleep at runtime
2e6e999509b1 mt76: mt7921: add deep sleep control to runtime-pm knob
30bcb2338ce2 mt76: connac: fix WoW with disconnetion and bitmap pattern
56518f4a126e mt76: mt7921: consider the invalid value for to_rssi
e969ab10a034 mt76: mt7921: add back connection monitor support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agobusybox: update to 1.33.1
Nick Hainke [Sat, 8 May 2021 07:38:58 +0000 (09:38 +0200)]
busybox: update to 1.33.1

Remove backports:
- 001-backport1330fix-ash-make-strdup-copy.patch
- 002-backport1330fix-traceroute.patch
- 005-backport-CVE-2021-28831.patch

Remove upstreamed:
- 010-fix-wrong-variable.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
[don't use $(AUTORELEASE) for now]
Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agomac80211: backport upstream fixes for FragAttacks
Felix Fietkau [Wed, 12 May 2021 12:28:37 +0000 (14:28 +0200)]
mac80211: backport upstream fixes for FragAttacks

From the patch series description:

Several security issues in the 802.11 implementations were found by
Mathy Vanhoef (New York University Abu Dhabi), who has published all
the details at

https://papers.mathyvanhoef.com/usenix2021.pdf

Specifically, the following CVEs were assigned:

 * CVE-2020-24586 - Fragmentation cache not cleared on reconnection
 * CVE-2020-24587 - Reassembling fragments encrypted under different
                    keys
 * CVE-2020-24588 - Accepting non-SPP A-MSDU frames, which leads to
                    payload being parsed as an L2 frame under an
                    A-MSDU bit toggling attack
 * CVE-2020-26139 - Forwarding EAPOL from unauthenticated sender
 * CVE-2020-26140 - Accepting plaintext data frames in protected
                    networks
 * CVE-2020-26141 - Not verifying TKIP MIC of fragmented frames
 * CVE-2020-26142 - Processing fragmented frames as full frames
 * CVE-2020-26143 - Accepting fragmented plaintext frames in
                    protected networks
 * CVE-2020-26144 - Always accepting unencrypted A-MSDU frames that
                    start with RFC1042 header with EAPOL ethertype
 * CVE-2020-26145 - Accepting plaintext broadcast fragments as full
                    frames
 * CVE-2020-26146 - Reassembling encrypted fragments with non-consecutive
                    packet numbers
 * CVE-2020-26147 - Reassembling mixed encrypted/plaintext fragments

In general, the scope of these attacks is that they may allow an
attacker to
 * inject L2 frames that they can more or less control (depending on the
   vulnerability and attack method) into an otherwise protected network;
 * exfiltrate (some) network data under certain conditions, this is
   specific to the fragmentation issues.

A subset of these issues is known to apply to the Linux IEEE 802.11
implementation (mac80211). Where it is affected, the attached patches
fix the issues, even if not all of them reference the exact CVE IDs.

In addition, driver and/or firmware updates may be necessary, as well
as potentially more fixes to mac80211, depending on how drivers are
using it.

Specifically, for Intel devices, firmware needs to be updated to the
most recently released versions (which was done without any reference
to the security issues) to address some of the vulnerabilities.

To have a single set of patches, I'm also including patches for the
ath10k and ath11k drivers here.

We currently don't have information about how other drivers are, if
at all, affected.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agobuild: kernel2minor: work around path length limit
François Chavant [Fri, 7 May 2021 15:58:11 +0000 (17:58 +0200)]
build: kernel2minor: work around path length limit

When building for MikroTik devices the kernel2minor tool will sometimes
fail with:

  Can't get lstat from kernel file!: No such file or directory.

This is because kernel2minor expects paths no longer than 250 chars.
To work around this the include/image-commands.mk has been modified
to copy the kernel to a temporary file (/tmp/tmp.XXXXXXXXXX) before
calling kernel2minor.

Signed-off-by: François Chavant <francois@chavant.info>
3 years agobusybox: add SRV support to nslookup_lede.c patch
Perry Melange [Tue, 30 Jul 2019 09:05:22 +0000 (11:05 +0200)]
busybox: add SRV support to nslookup_lede.c patch

Add support for querying and parsing SRV DNS records to nslookup_lede.c

This patch is based on http://lists.busybox.net/pipermail/busybox/2019-June/087359.html

Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com>
[reword subject, bump PKG_RELEASE]
Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agobase-files: shinit: properly handle dashes in service names
Jo-Philipp Wich [Wed, 12 May 2021 10:44:32 +0000 (12:44 +0200)]
base-files: shinit: properly handle dashes in service names

Fixes: FS#3801
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
3 years agobuild: fix opkg install step for large package selection
Alexander Egorenkov [Fri, 9 Apr 2021 23:32:44 +0000 (01:32 +0200)]
build: fix opkg install step for large package selection

When the list of packages to be installed in a built image exceeds a certain
number, then 'opkg install' executed for target '$(curdir)/install' in
package/Makefile fails with: /usr/bin/env: Argument list too long.

On Linux, the length of a command-line parameter is limited by
MAX_ARG_STRLEN to max 128 kB.

* https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/binfmts.h#L15
* https://www.in-ulm.de/~mascheck/various/argmax/

To solve the problem, store the package list being passed to 'opkg install'
in a temporary file and use the shell command substitution to pass the
content of the file to 'opkg install'. This guarantees that the length of
the command-line parameters passed to the bash shell is short.

The following bash script demonstrates the problem:
----------------------------------------------------------------------------
count=${1:-1000}

FILES=""
a_file="/home/egorenar/Repositories/openwrt-rel/bin/targets/alpine/generic/packages/base-files_1414-r16464+19-e887049fbb_arm_cortex-a15_neon-vfpv4.ipk"

for i in $(seq 1 $count); do
FILES="$FILES $a_file"
done

env bash -c "echo $FILES >/dev/null"
echo "$FILES" | wc -c
----------------------------------------------------------------------------

Test run:
----------------------------------------------------------------------------
$ ./test.sh 916
130989
$ ./test.sh 917
./test.sh: line 14: /bin/env: Argument list too long
131132
----------------------------------------------------------------------------

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
[reword commit subject]
Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agokernel: add kmod-leds-uleds
Keith T. Garner [Wed, 5 May 2021 14:04:15 +0000 (09:04 -0500)]
kernel: add kmod-leds-uleds

The allows userspace LEDs to be created and controlled. This can be useful
for testing triggers and can also be used to implement virtual LEDs.

Signed-off-by: Keith T. Garner <kgarner@kgarner.com>
[squash fixup commit and improve option wording]
Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agogeneric: platform/mikrotik: release mtd device after use
Thibaut VARÈNE [Tue, 11 May 2021 10:50:21 +0000 (12:50 +0200)]
generic: platform/mikrotik: release mtd device after use

The code uses get_mtd_device_nm() which must be followed by a call to
put_mtd_device() once the handle is no longer used.

This fixes spurious shutdown console messages such as:
[ 2256.334562] Removing MTD device #7 (soft_config) with use count 1

Reported-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
3 years agokernel: move three accepted patches from pending to backports
Daniel Golle [Mon, 10 May 2021 23:06:02 +0000 (00:06 +0100)]
kernel: move three accepted patches from pending to backports

311-MIPS-zboot-put-appended-dtb-into-a-section.patch
commit d2e850e96183 in kernel, part of v5.11

499-mtd-don-t-lock-when-recursively-deleting-partitions.patch
commit cb4543054c5c in kernel, part of v5.13

103-MIPS-select-CPU_MIPS64-for-remaining-MIPS64-CPUs.patch
commit 5a4fa44f5e1b in kernel, part of v5.13

Move them to backports folder to make maintainance easier.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoramips: fix mac addresses of Youku YK1
Shiji Yang [Wed, 5 May 2021 11:48:01 +0000 (19:48 +0800)]
ramips: fix mac addresses of Youku YK1

MAC addresses read from official firmware

        value       location
Wlan    xx 71 de    factory@0x04
Lan     xx 71 dd    factory@0x28
Wan     xx 71 df    factory@0x2e
Label   xx 71 dd    factory@0x28

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[fix sorting in 02_network, redact commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoramips: use standard naming scheme for Zyxel NR7101 LED nodes
Adrian Schmutzler [Sun, 9 May 2021 21:38:38 +0000 (23:38 +0200)]
ramips: use standard naming scheme for Zyxel NR7101 LED nodes

Make naming and DT label consistent with other devices at this
target.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>