aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* wolfssl: update to 4.4.0-stableEneas U de Queiroz2020-05-201-2/+2
| | | | | | | | | | | | This version adds many bugfixes, including a couple of security vulnerabilities: - For fast math (enabled by wpa_supplicant option), use a constant time modular inverse when mapping to affine when operation involves a private key - keygen, calc shared secret, sign. - Change constant time and cache resistant ECC mulmod. Ensure points being operated on change to make constant time. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* kernel: kmod-ptp-qoriq: Package kernel object fileJeffery To2020-05-201-2/+2
| | | | | | | This updates the package to contain the kernel object (.ko) file instead of the plain object (.o) file. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* ramips: Add support for Xiaomi Redmi Router AC2100 (RM2100)Richard Huynh2020-05-201-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Specification: - CPU: MediaTek MT7621A - RAM: 128 MB DDR3 - FLASH: 128 MB ESMT NAND - WIFI: 2x2 802.11bgn (MT7603) - WIFI: 4x4 802.11ac (MT7615) - ETH: 3xLAN+1xWAN 1000base-T - LED: Power, WAN, in Amber and White - UART: On board near ethernet, opposite side from power - Modified u-boot Installation: 1. Run linked exploit to get shell, startup telnet and wget the files over 2. mtd write openwrt-ramips-mt7621-xiaomi_rm2100-squashfs-kernel1.bin kernel1 3. nvram set uart_en=1 4. nvram set bootdelay=5 5. nvram set flag_try_sys1_failed=1 6. nvram commit 7. mtd -r write openwrt-ramips-mt7621-xiaomi_rm2100-squashfs-rootfs0.bin rootfs0 Restore to stock: 1. Setup PXE and TFTP server serving stock firmware image (See dhcp-boot option of dnsmasq) 2. Hold reset button down before powering on and wait for flashing amber led 3. Release reset button 4. Wait until status led changes from flashing amber to white Notes: This device has dual kernel and rootfs slots like other Xiaomi devices currently supported (mir3g, etc.) thus, we use the second slot and overwrite the first rootfs onwards in order to get more space. Exploit and detailed instructions: https://openwrt.org/toh/xiaomi/xiaomi_redmi_router_ac2100 An implementation of CVE-2020-8597 against stock firmware version 1.0.14 This requires a computer with ethernet plugged into the wan port and an active PPPoE session, and if successful will open a reverse shell to 192.168.31.177 on port 31337. As this shell is somewhat unreliable and likely to be killed in a random amount of time, it is recommended to wget a static compiled busybox binary onto the device and start telnetd with it. The stock telnetd and dropbear unfortunately appear inoperable. (Disabled on release versions of stock firmware likely) Ie. wget https://yourip/busybox-mipsel -O /tmp/busybox chmod a+x /tmp/busybox /tmp/busybox telnetd -l /bin/sh Tested-by: David Martinez <bonkilla@gmail.com> Signed-off-by: Richard Huynh <voxlympha@gmail.com>
* bcm63xx-cfe: fix build with CONFIG_AUTOREMOVEÁlvaro Fernández Rojas2020-05-201-6/+7
| | | | | | | | | | | When CONFIG_AUTOREMOVE is enabled, CFE binaries are removed before the image creation. Install CFE binaries to kernel directory and let autoremove clean the files in PKG_BUILD_DIR. Also drop unneeded tar cmd/options. Fixes: dcee4eaa4214 ("bcm63xx-cfe: add package with CFE RAM binaries") Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* wireguard-tools: bump to 1.0.20200513Jason A. Donenfeld2020-05-201-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * ipc: add support for openbsd kernel implementation * ipc: cleanup openbsd support * wg-quick: add support for openbsd kernel implementation * wg-quick: cleanup openbsd support Very exciting! wg(8) and wg-quick(8) now support the kernel implementation for OpenBSD. OpenBSD is the second kernel, after Linux, to receive full fledged and supported WireGuard kernel support. We'll probably send our patch set up to the list during this next week. `ifconfig wg0 create` to make an interface, and `wg ...` like usual to configure WireGuard aspects of it, like usual. * wg-quick: support dns search domains If DNS= has a non-IP in it, it is now treated as a search domain in resolv.conf. This new feature will be rolling out across our various GUI clients in the next week or so. * Makefile: simplify silent cleaning * ipc: remove extra space * git: add gitattributes so tarball doesn't have gitignore files * terminal: specialize color_mode to stdout only Small cleanups. * highlighter: insist on 256-bit keys, not 257-bit or 258-bit The highlighter's key checker is now stricter with base64 validation. * wg-quick: android: support application whitelist Android users can now have an application whitelist instead of application blacklist. * systemd: add wg-quick.target This enables all wg-quick at .services to be restarted or managed as a unit via wg-quick.target. * Makefile: remember to install all systemd units Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* bcm63xx: smp: add NAND supportÁlvaro Fernández Rojas2020-05-181-1/+1
| | | | | | NAND controller is present on BCM6328, BCM6362, BCM6368 and BCM63268. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* bcm63xx-cfe: add package with CFE RAM binariesÁlvaro Fernández Rojas2020-05-181-0/+42
| | | | | | | CFE RAM is a second stage bootloader which is usually loaded by CFE ROM (first stage bootloader) from a JFFS2 partition stored on the NAND. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* base-files: switch_to_ramfs: add nand-utilsÁlvaro Fernández Rojas2020-05-182-2/+2
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* ramips: add support for Linksys EA7500 v2Davide Fioravanti2020-05-171-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Linksys EA7500 v2 is advertised as AC1900, but its internal hardware is AC2600 capable. Hardware -------- SoC: Mediatek MT7621AT (880 MHz, 2 cores 4 threads) RAM: 256M (Nanya NT5CC128M16IP-DI) FLASH: 128MB NAND (Macronix MX30LF1G18AC-TI) ETH: 5x 10/100/1000 Mbps Ethernet (MT7530) WIFI: - 2.4GHz: 1x MT7615N (4x4:4) - 5GHz: 1x MT7615N (4x4:4) - 4 antennas: 3 external detachable antennas and 1 internal USB: - 1x USB 3.0 - 1x USB 2.0 BTN: - 1x Reset button - 1x WPS button LEDS: - 1x White led (Power) - 6x Green leds (link lan1-lan4, link wan, wps) - 5x Orange leds (act lan1-lan4, act wan) (working but unmodifiable) Everything works correctly. Installation ------------ The “factory” openwrt image can be flashed directly from OEM stock firmware. After the flash the router will reboot automatically. However, due to the dual boot system, the first installation could fail (if you want to know why, read the footnotes). If the flash succeed and you can reach OpenWrt through the web interface or ssh, you are done. Otherwise the router will try to boot 3 times and then will automatically boot the OEM firmware (don’t turn off the router. Simply wait and try to reach the router through the web interface every now and then, it will take few minutes). After this, you should be back in the OEM firmware. Now you have to flash the OEM Firmware over itself using the OEM web interface (I tested it using the FW_EA7500v2_2.0.8.194281_prod.img downloaded from the Linksys website). When the router reboots flash the “factory” OpenWrt image and this time it should work. After the OpenWrt installation you have to use the sysupgrade image for future updates. Restore OEM Firmware -------------------- After the OpenWrt flash, the OEM firmware is still stored in the second partition thanks to the dual boot system. You can switch from OpenWrt to OEM firmware and vice-versa failing the boot 3 times in a row: 1) power on the router 2) wait 15 seconds 3) power off the router 4) repeat steps 1-2-3 twice more. 5) power on the router and you should be in the “other” firmware If you want to completely remove OpenWrt from your router, switch to the OEM firmware and then flash OEM firmware from the web interface as a normal update. This procedure will overwrite the OpenWrt partition. Footnotes --------- The Linksys EA7500-v2 has a dual boot system to avoid bricks. This system works using 2 pair of partitions: 1) "kernel" and "rootfs" 2) "alt_kernel" and "alt_rootfs". After 3 failed boot attempts, the bootloader tries to boot the other pair of partitions and so on. This system is managed by the bootloader, which writes a bootcount in the s_env partition, and if successfully booted, the system add a "zero-bootcount" after the previous value. A system update performed from OEM firmware, writes the firmware on the other pair of partitions and sets the bootloader to boot the new pair of partitions editing the “boot_part” variable in the bootloader vars. Effectively it's a quick and safe system to switch the selected boot partition. Another way to switch the boot partition is: 1) power on the router 2) wait 15 seconds 3) power off the router 4) repeat steps 1-2-3 twice more. 5) power on the router and you should be in the “other” firmware In this OpenWrt port, this dual boot system is partially working because the bootloader sets the right rootfs partition in the cmdline but unfortunately OpenWrt for ramips platform overwrites the cmdline so is not possible to detect the right rootfs partition. Because all of this, I preferred to simply use the first pair of partitions and set read-only the other pair. However this solution is not optimal because is not possible to know without opening the case which is the current booted partition. Let’s take for example a router booting the OEM firmware from the first pair of partitions. If we flash the OpenWrt image, it will be written on the second pair. In this situation the router will bootloop 3 times and then will automatically come back to the first pair of partitions containg the OEM firmware. In this situation, to flash OpenWrt correctly is necessary to switch the booting partition, flashing again the OEM firmware over itself. At this point the OEM firmware is on both pair of partitions but the current booted pair is the second one. Now, flashing the OpenWrt factory image will write the firmware on the first pair and then will boot correctly. If this limitation in the ramips platform about the cmdline will be fixed, the dual boot system can also be implemented in OpenWrt with almost no effort. Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com> Co-Developed-by: Jackson Lim <jackcolentern@gmail.com> Signed-off-by: Jackson Lim <jackcolentern@gmail.com>
* mtd: add linksys_bootcount for ramipsDavide Fioravanti2020-05-171-1/+1
| | | | | | | | | | | | | Reset bc is needed for Linksys EA7500 v2's dual boot. Size impact (tested with Linksys EA7500 v2 @ mt7621): mtd_25_mipsel_24kc.ipk: 13174 -> 13628 (454 bytes) initramfs: 3660350 -> 3660688 (338 bytes) Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com> [add size impact information] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* kernel: drop outdated kernel version switches for local codeAdrian Schmutzler2020-05-1715-174/+0
| | | | | | | | This drops kernel version switches for versions not supported by OpenWrt master at the moment. This only adjusts local code, but doesn't touch patches to existing external packages. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* hostapd: backport wolfssl bignum fixesDaniel Golle2020-05-164-1/+107
| | | | | | | | crypto_bignum_rand() use needless time-consuming filtering which resulted in SAE no longer connecting within time limits. Import fixes from hostap upstream to fix that. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: jail: fix segfault and add console featureDaniel Golle2020-05-152-3/+17
| | | | | | | | 2e73848 jail: SIGSEGV must not be forwarded to the child process 7e150f6 jail: unnamed jails can not have netns (fix segfault) 1ab539b jail: add option to provide /dev/console to containers Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: replace backticks by $(...)Adrian Schmutzler2020-05-132-3/+3
| | | | | | This replaces deprecated backticks by more versatile $(...) syntax. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* wwan: replace backticks by $(...)Adrian Schmutzler2020-05-131-1/+1
| | | | | | This replaces deprecated backticks by more versatile $(...) syntax. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* comgt: replace backticks by $(...)Adrian Schmutzler2020-05-131-2/+2
| | | | | | This replaces deprecated backticks by more versatile $(...) syntax. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* netifd: replace backticks by $(...)Adrian Schmutzler2020-05-133-3/+3
| | | | | | This replaces deprecated backticks by more versatile $(...) syntax. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* mac80211: replace backticks by $(...)Adrian Schmutzler2020-05-132-2/+2
| | | | | | This replaces deprecated backticks by more versatile $(...) syntax. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ltq-vdsl-fw: replace backticks by $(...)Adrian Schmutzler2020-05-131-3/+3
| | | | | | This replaces deprecated backticks by more versatile $(...) syntax. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ltq-vdsl-app: replace backticks by $(...)Adrian Schmutzler2020-05-131-1/+1
| | | | | | This replaces deprecated backticks by more versatile $(...) syntax. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* libjson-c: backport security fixesRobert Marko2020-05-135-1/+175
| | | | | | | | | | | | This backports upstream fixes for the out of bounds write vulnerability in json-c. It was reported and patches in this upstream PR: https://github.com/json-c/json-c/pull/592 Addresses CVE-2020-12762 Signed-off-by: Robert Marko <robert.marko@sartura.hr> Signed-off-by: Luka Perkov <luka.perkov@sartura.hr> [bump PKG_RELEASE] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* fstools: blockd: fix segfault triggered by non-autofs mountsDaniel Golle2020-05-121-3/+3
| | | | | | | | | | Program received signal SIGSEGV, Segmentation fault. main_autofs (argv=<optimized out>, argc=<optimized out>) at fstools-2020-05-06-eec16e2f/block.c:1193 1193: if (!m->autofs && (mp = find_mount_point(pr->dev))) { Fixes: c3a43753b9 ("fstools: update to the latest version") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* umdns: re-enable address-of-packed-member warningKevin Darbyshire-Bryant2020-05-101-1/+1
| | | | Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* dnsmasq: hotplug script tidyupKevin Darbyshire-Bryant2020-05-102-6/+3
| | | | | | | | Hotplug scripts are sourced so the #!/bin/sh is superfluous/deceptive. Re-arrange script to only source 'procd' if we get to the stage of needing to signal the process, reduce hotplug processing load a little. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* mac80211: distance config: allow "auto" as a valueAli MJ Al-Nasrawy2020-05-091-1/+2
| | | | | | | | | The user can now enable the ACK timeout estimation algorithm (dynack) for drivers that support it. It is also expected that the distance config accepts the same values as: $ iw phyX set distance XXX Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
* mvebu: uDPU: switch default kernel and U-Boot PHY modeJakov Petrina2020-05-091-0/+43
| | | | | | | | | | | | | | | | Certain SFP modules (most notably Nokia GPON ones) first check connectivity on 1000base-x, and switch to 2500base-x afterwards. This is considered a quirk so the phylink switches the interface to 2500base-x as well. However, after power-cycling the uDPU device, network interface/SFP module will not work correctly until the module is re-seated. This patch resolves this issue by forcing the interface to be brought up in 2500base-x mode by default. Signed-off-by: Jakov Petrina <jakov.petrina@sartura.hr> Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr> Cc: Luka Perkov <luka.perkov@sartura.hr>
* base-files: upgrade: fix indentJavier Marcet2020-05-081-2/+2
| | | | | | | | Use same indent as for the rest of the file. Signed-off-by: Javier Marcet <javier@marcet.info> [add commit description] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* package/base-files: add caldata_sysfsload_from_file()Thibaut VARÈNE2020-05-082-1/+16
| | | | | | | | This routine enables loading caldata binary via the kernel sysfs loader See https://www.kernel.org/doc/html/v4.19/driver-api/firmware/fallback-mechanisms.html Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* package/base-files: caldata: allow setting target fileThibaut VARÈNE2020-05-082-9/+22
| | | | | | | This will enable platforms to extract caldata to an arbitrary file, or patch mac in an abitrary file. Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* package/utils: remove rbextractThibaut VARÈNE2020-05-086-895/+0
| | | | | | | | | | | | Rationale: 1/ This tool is no longer necessary following the implementation of a sysfs driver 2/ The upstream author, Robert Marko, stated[1] that this tool had been taken from his tree in an unfinished state not suitable for merging [1] https://github.com/openwrt/openwrt/pull/2850#issuecomment-610277863 Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* lldpd: add management IP settingDaniel A. Maierhofer2020-05-083-2/+10
| | | | | | | | | | | | | add option to set management IP pattern also add missing 'unconfigure system hostname' for example pattern '!192.168.1.1' makes it possible that WAN IP is selected instead of LAN IP Signed-off-by: Daniel A. Maierhofer <git@damadmai.at> [grammar and spelling fixes in commit message] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* samba36: RemoveRosen Penev2020-05-0841-32012/+0
| | | | | | | | | | | | | | | | | | | | | | | | | Samba 3.6 is completely unsupported, in addition to having tons of patches It also causes kernel panics on some platforms when sendfile is enabled. Example: https://github.com/gnubee-git/GnuBee_Docs/issues/45 I have reproduced on ramips as well as mvebu in the past. Samba 4 is an alternative available in the packages repo. cifsd is a lightweight alternative available in the packages repo. It is also a faster alternative to both Samba versions (lower CPU usage). It was renamed to ksmbd. To summarize, here are the alternatives: - ksmbd + luci-app-cifsd - samba4 + luci-app-samba4 Signed-off-by: Rosen Penev <rosenp@gmail.com> [drop samba36-server from GEMINI_NAS_PACKAGES, ksmbd rename + summary] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* opkg: update to latest Git HEADJo-Philipp Wich2020-05-071-3/+3
| | | | | | | | | | | f2166a8 libopkg: implement lightweight package listing logic cf4554d libopkg: support passing callbacks to feed parsing functions 2a0210f opkg-cl: don't read feeds on opkg update b6f1967 libopkg: use xsystem() to spawn opkg-key 60b9af2 file_util.c: refactor and fix checksum_hex2bin() 206ebae file_util.c: fix possible bad memory access in file_read_line_alloc() Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* layerscape: update restool to LSDK-20.04Yangbo Lu2020-05-071-3/+3
| | | | | | Update restool to latest LSDK-20.04. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: update ls-dpl to LSDK-20.04Yangbo Lu2020-05-071-3/+3
| | | | | | Update ls-dpl to latest LSDK-20.04. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: define only one package for ls-dplYangbo Lu2020-05-071-24/+12
| | | | | | | | | We do not have to define package for each board, and consider variant's installing. It is easier to maintain ls-dpl with only one package installing all 4 files as intermediate files. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: update ls-mc to LSDK-20.04Yangbo Lu2020-05-071-5/+5
| | | | | | Update ls-mc to latest LSDK-20.04. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: define only one package for ls-mcYangbo Lu2020-05-071-20/+8
| | | | | | | | | We do not have to define package for each board, and consider variant's installing. It is easier to maintain ls-mc with only one package installing all two images as intermediate files. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: update ppfe-firmware to LSDK-20.04Yangbo Lu2020-05-071-3/+3
| | | | | | Update ppfe-firmware to latest LSDK-20.04. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: update fman-ucode to LSDK-20.04Yangbo Lu2020-05-071-2/+2
| | | | | | | Just update PKG_VERSION/PKG_MIRROR_HASH since fman-ucode of LSDK-20.04 had no changes. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: define only one package for fman-ucodeYangbo Lu2020-05-071-20/+8
| | | | | | | | | We do not have to define package for each board, and consider variant's installing. It is easier to maintain fman-ucode with only one package installing all two binaries as intermediate files. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: update tfa to LSDK-20.04Yangbo Lu2020-05-072-70/+36
| | | | | | | | | | | | Update tfa package to latest LSDK-20.04 dropping one patch which had already been integrated. Add fixes, - Fix DEPENDS/PKG_BUILD_DEPENDS. - Remove HIDDEN:=1. - Move intermediate files installing into Build/InstallDev. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: update u-boot to LSDK-20.04Yangbo Lu2020-05-0710-97/+9
| | | | | | | | Update u-boot package to latest LSDK-20.04 dropping patches which are no longer needed. Adapt u-boot bootargs to kernel 5.4 for booting. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: update ls-rcw to latest LSDK-20.04Yangbo Lu2020-05-074-551/+38
| | | | | | | | Update ls-rcw to latest LSDK-20.04. Update patch 0001 with a new one. Drop patch 0002 since it had been integrated. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: define only one package for ls-rcwYangbo Lu2020-05-072-79/+27
| | | | | | | | | | We do not have to define package for each board, and consider variant's building/installing. It is easier to maintain ls-rcw with only one package installing all boards RCW binaries as intermediate files, each of which is just about hundreds of bytes. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* wireguard: bump to 1.0.20200506Jason A. Donenfeld2020-05-071-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * compat: timeconst.h is a generated artifact Before we were trying to check for timeconst.h by looking in the kernel source directory. This isn't quite correct on configurations in which the object directory is separate from the kernel source directory, for example when using O="elsewhere" as a make option when building the kernel. The correct fix is to use $(CURDIR), which should point to where we want. * compat: use bash instead of bc for HZ-->USEC calculation This should make packaging somewhat easier, as bash is generally already available (at least for dkms), whereas bc isn't provided by distros by default in their build meta packages. * socket: remove errant restriction on looping to self It's already possible to create two different interfaces and loop packets between them. This has always been possible with tunnels in the kernel, and isn't specific to wireguard. Therefore, the networking stack already needs to deal with that. At the very least, the packet winds up exceeding the MTU and is discarded at that point. So, since this is already something that happens, there's no need to forbid the not very exceptional case of routing a packet back to the same interface; this loop is no different than others, and we shouldn't special case it, but rather rely on generic handling of loops in general. This also makes it easier to do interesting things with wireguard such as onion routing. At the same time, we add a selftest for this, ensuring that both onion routing works and infinite routing loops do not crash the kernel. We also add a test case for wireguard interfaces nesting packets and sending traffic between each other, as well as the loop in this case too. We make sure to send some throughput-heavy traffic for this use case, to stress out any possible recursion issues with the locks around workqueues. * send: cond_resched() when processing tx ringbuffers Users with pathological hardware reported CPU stalls on CONFIG_ PREEMPT_VOLUNTARY=y, because the ringbuffers would stay full, meaning these workers would never terminate. That turned out not to be okay on systems without forced preemption. This commit adds a cond_resched() to the bottom of each loop iteration, so that these workers don't hog the core. We don't do this on encryption/decryption because the compat module here uses simd_relax, which already includes a call to schedule in preempt_enable. * selftests: initalize ipv6 members to NULL to squelch clang warning This fixes a worthless warning from clang. * send/receive: use explicit unlikely branch instead of implicit coalescing Some code readibility cleanups. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ppp: Fix mirror hashHauke Mehrtens2020-05-061-1/+1
| | | | | Fixes: ae06a650d680 ("ppp: update to version 2.4.8.git-2020-03-21") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* fstools: update to the latest versionRafał Miłecki2020-05-061-3/+3
| | | | | | | | | eec16e2 blockd: add optional "device" parameter to "info" ubus method 9ab936d block(d): always call hotplug.d "mount" scripts from blockd 4963db4 blockd: use uloop_process for calling /sbin/hotplug-call mount cddd902 Truncate FAT filesystem label until 1st occurance of a blank (0x20) Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* fstools: update to the latest versionRafał Miłecki2020-05-051-3/+3
| | | | | | | | | | 8b9e601 block: always use st_dev (device ID) of / when looking for root 37c9148 block: simplify check_extroot() a bit d70774d block: add some basic extroot documentation 32db27d Revert "block: support hierarchical mount/umount" 0b93429 Revert "block: mount_action: handle mount/umount deps" Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* odhcpd: update to latest git HEAD (FS#3056)Hans Dedecker2020-05-041-3/+3
| | | | | | 5ce0770 router: fix Lan host reachibility due to identical RIO and PIO prefixes (FS#3056) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>