aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* OpenWrt v21.02.1: adjust config defaultsv21.02.1Hauke Mehrtens2021-10-251-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* wolfssl: fix compile when enable-devcrypto is setIvan Pavlov2021-10-231-0/+22
| | | | | | | | fixing linking error when --enable-devcrypto=yes fixes: 7d92bb050961 wolfssl: update to 4.8.1-stable Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com> (cherry picked from commit be3e260f92643a841f4f83b03cbb07b9a26cff66)
* wolfssl: remove --enable-sha512 configure switchAndre Heider2021-10-231-2/+2
| | | | | | | | | | | It's the default anyway and this just looks confusing, as if it wasn't. Switch to AUTORELEASE while at it. The binary size is unchanged. Signed-off-by: Andre Heider <a.heider@gmail.com> (cherry picked from commit 7cb5af30f48d6788cd471138820a772610a7f8e0)
* wolfssl: always build with --enable-reproducible-buildAndre Heider2021-10-231-0/+1
| | | | | | | | | | | | This gates out anything that might introduce semantically frivolous jitter, maximizing chance of identical object files. The binary size shrinks by 8kb: 1244352 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f 1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f Signed-off-by: Andre Heider <a.heider@gmail.com> (cherry picked from commit c76300707e8d705d9efc7ed4bb1b7449d0a5fe00)
* wolfssl: update to 4.8.1-stableIvan Pavlov2021-10-225-18/+24
| | | | | | | | | | | | | | Changes from 4.7.0: Fix one high (OCSP verification issue) and two low vulnerabilities Improve compatibility layer Other improvements and fixes For detailed changes refer to https://github.com/wolfSSL/wolfssl/releases Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com> (cherry picked from commit 7d92bb0509615550b98e2dc71091073c8258d564) [Added patch to allow compilation with libtool 2.4] Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* wolfssl: fix build with GCC 10 on 32 x86 targetsStijn Tintel2021-10-221-0/+123
| | | | | | | Backport upstream patch to fix build with GCC 10 on 32 x86 targets. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit 718a4f47806da8f68cb8f1fe2ebecf403e14ae96)
* ncurses: add tmux terminfoJitao Lu2021-10-211-1/+3
| | | | | | | | | | | They're preferred terminal descriptions for tmux, with additional support to some special characters and italic fonts. More info can be found at: https://github.com/tmux/tmux/wiki/FAQ Fixes: FS#3404 Signed-off-by: Jitao Lu <dianlujitao@gmail.com> (cherry picked from commit 917126ff4cfb1ea4795cfc93820ed5d304b084c3)
* ncurses: add screen-256color terminfoPaul Spooren2021-10-211-1/+2
| | | | | | | | The terminfo is required by the popular terminal multiplexer screen and tmux, offer it by default as the size impact is minimal with 885 Bytes. Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 6a6b5a677e8c245f6c82ad40cc718e614aa9f7a1)
* ncurses: split long line of supported terminfoPaul Spooren2021-10-211-1/+12
| | | | | | | | The terminfo files were all in one row which is terrible to read. Split them over multiple lines to improve readability. Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 75ea474b9002c758e9a23023f7636258a467704c)
* ath10k-ct: update to version from 2021-09-22Andrew Robbins2021-10-212-4/+4
| | | | | | | | | Add in a fix for 160Mhz dfs on 5.10 and higher. Add support for 5.13 and 5.15 kernels. Add of_get_mac_address support for 5.15 driver. Signed-off-by: Andrew Robbins <andrew@robbinsa.me> (cherry picked from commit 1d2bc94f786434e89bc87003b2a2202e92ad84e7)
* wolfssl: bump PKG_RELEASEDavid Bauer2021-10-191-1/+1
| | | | | | Fixes commit 4b212b1306a9 ("wolfssl: build with WOLFSSL_ALT_CERT_CHAINS") Signed-off-by: David Bauer <mail@david-bauer.net>
* wolfssl: build with WOLFSSL_ALT_CERT_CHAINSAndre Heider2021-10-171-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | "Alternate certification chains, as oppossed to requiring full chain validataion. Certificate validation behavior is relaxed, similar to openssl and browsers. Only the peer certificate must validate to a trusted certificate. Without this, all certificates sent by a peer must be used in the trust chain or the connection will be rejected." This fixes e.g. uclient-fetch and curl connecting to servers using a Let's Encrypt certificate which are cross-signed by the now expired DST Root CA X3, see [0]. This is the recommended solution from upstream [1]. The binary size increases by ~12.3kb: 1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f 1248704 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f [0] https://github.com/openwrt/packages/issues/16674 [1] https://github.com/wolfSSL/wolfssl/issues/4443#issuecomment-934926793 Signed-off-by: Andre Heider <a.heider@gmail.com> [bump PKG_RELEASE] Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 28d8e6a8711ba78f1684a205e11b0dbd4ff2b2f3)
* uhttpd: make organization (O=) of the cert configurable via uciMartin Schiller2021-10-062-3/+4
| | | | | | | | | Make the organization (O=) of the cert configurable via uci. If not configured, use a combination of "OpenWrt" and an unique id like it was done before. Signed-off-by: Martin Schiller <ms@dev.tdt.de> (cherry picked from commit 2c6c1501af664490ec9b701b46a201e21c670b96)
* uboot-lantiq: fix sha1.h header clash when system libmd installedAlan Swanson2021-10-021-0/+172
| | | | | | | | | Backport of u-boot commit "includes: move openssl headers to include/u-boot" https://github.com/u-boot/u-boot/commit/2b9912e6a7df7b1f60beb7942bd0e6fa5f9d0167 Fixes: FS#3955 Signed-off-by: Alan Swanson <reiver@improbability.net> (cherry picked from commit 8db641049292035604f0e1fb788608fdea879eca)
* ipq-wifi: Work around Plasma Cloud PA1200 5GHz crashSven Eckelmann2021-09-251-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was noticed [1] that the ath10k firmware crashes on 5GHz since OpenWrt 21.02.0. The problem seems to be triggered by the the nonLinearTxFir field in the 5GHz BDF. If baseEepHeader.nonLinearTxFir (offset 0xc2) is 1 then the firmware just crashes when setting up the 5Ghz radio using `ifconfig wlan1 up`: ath10k_ahb a800000.wifi: firmware crashed! (guid 9e36ee82-4d2c-4c63-b20b-609a1eaca30c) ath10k_ahb a800000.wifi: qca4019 hw1.0 target 0x01000000 chip_id 0x003b00ff sub 0000:0000 ath10k_ahb a800000.wifi: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0 ath10k_ahb a800000.wifi: firmware ver 10.4-3.6-00140 api 5 features no-p2p,mfp,peer-flow-ctrl,btcoex-param,allows-mesh-bcast,no-ps crc32 ba79b746 ath10k_ahb a800000.wifi: board_file api 2 bmi_id 0:17 crc32 5f400efc ath10k_ahb a800000.wifi: htt-ver 2.2 wmi-op 6 htt-op 4 cal pre-cal-file max-sta 512 raw 0 hwcrypto 1 ath10k_ahb a800000.wifi: firmware register dump: ath10k_ahb a800000.wifi: [00]: 0x0000000B 0x000015B3 0x009C3C27 0x00975B31 ath10k_ahb a800000.wifi: [04]: 0x009C3C27 0x00060530 0x00000018 0x004176B8 ath10k_ahb a800000.wifi: [08]: 0x00405A50 0x00412A30 0x00000000 0x00000000 ath10k_ahb a800000.wifi: [12]: 0x00000009 0x00000000 0x009B9742 0x009B974F ath10k_ahb a800000.wifi: [16]: 0x00971238 0x009B9742 0x00000000 0x00000000 ath10k_ahb a800000.wifi: [20]: 0x409C3C27 0x004053DC 0x00000D2C 0x00405A60 ath10k_ahb a800000.wifi: [24]: 0x809C3E13 0x0040543C 0x00000000 0xC09C3C27 ath10k_ahb a800000.wifi: [28]: 0x809B9AC5 0x0040547C 0x00412A30 0x0040549C ath10k_ahb a800000.wifi: [32]: 0x809B8ECD 0x0040549C 0x00000001 0x00412A30 ath10k_ahb a800000.wifi: [36]: 0x809B8FF3 0x004054CC 0x00412838 0x00000014 ath10k_ahb a800000.wifi: [40]: 0x809BEF98 0x0040551C 0x0041627C 0x00000002 ath10k_ahb a800000.wifi: [44]: 0x80986D47 0x0040553C 0x0041627C 0x00416A88 ath10k_ahb a800000.wifi: [48]: 0x809CBB0A 0x0040559C 0x0041ACC0 0x00000000 ath10k_ahb a800000.wifi: [52]: 0x809864EE 0x0040560C 0x0041ACC0 0x00000001 ath10k_ahb a800000.wifi: [56]: 0x809CA8A4 0x0040564C 0x0041ACC0 0x00000001 ath10k_ahb a800000.wifi: Copy Engine register dump: ath10k_ahb a800000.wifi: [00]: 0x0004a000 14 14 3 3 ath10k_ahb a800000.wifi: [01]: 0x0004a400 16 16 22 23 ath10k_ahb a800000.wifi: [02]: 0x0004a800 3 3 2 3 ath10k_ahb a800000.wifi: [03]: 0x0004ac00 15 15 15 15 ath10k_ahb a800000.wifi: [04]: 0x0004b000 4 4 44 4 ath10k_ahb a800000.wifi: [05]: 0x0004b400 3 3 2 3 ath10k_ahb a800000.wifi: [06]: 0x0004b800 1 1 1 1 ath10k_ahb a800000.wifi: [07]: 0x0004bc00 1 1 1 1 ath10k_ahb a800000.wifi: [08]: 0x0004c000 0 0 127 0 ath10k_ahb a800000.wifi: [09]: 0x0004c400 0 0 0 0 ath10k_ahb a800000.wifi: [10]: 0x0004c800 0 0 0 0 ath10k_ahb a800000.wifi: [11]: 0x0004cc00 0 0 0 0 ath10k_ahb a800000.wifi: failed to update channel list: -108 ath10k_ahb a800000.wifi: failed to set pdev regdomain: -108 ath10k_ahb a800000.wifi: failed to create WMI vdev 0: -108 ieee80211 phy1: Hardware restart was requested Since no actual solution is known (besides downgrading the ath10k firmware) it seems to be better to disable the nonLinearTxFir for now. [1] https://lore.kernel.org/ath10k/3423718.UToCqzeSYe@ripper/ Signed-off-by: Sven Eckelmann <sven@narfation.org> (cherry picked from commit 8b090708208501a60e71d0118b9860dd401d7d8d)
* ipq-wifi: Update Plasma Cloud PA1200 BDFs to firmware 3.5.12Sven Eckelmann2021-09-251-0/+0
| | | | | | | | | The official Plasma Cloud firmware adjusted the BDFs to contain new conformance test limits and target power values. These should be imported to avoid emissions outside the allowed limits. Signed-off-by: Sven Eckelmann <sven@narfation.org> (cherry picked from commit e0721608f9620b570c7f18d94681e86b01c0b9a0)
* hostapd: fix segfault when deinit mesh ifacesJesus Fernandez Manzano2021-09-241-0/+5
| | | | | | | | | | | | In hostapd_ubus_add_bss(), ubus objects are not registered for mesh interfaces. This provokes a segfault when accessing the ubus object in mesh deinit. This commit adds the same condition to hostapd_ubus_free_bss() for discarding those mesh interfaces. Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net> (cherry picked from commit 5269c47e8db549695ceaf6a19afdd0cb90074622)
* mac80211: Update to backports-5.10.68Hauke Mehrtens2021-09-2229-135/+84
| | | | | | | | | | | | | | | | | | Refresh all patches. The removed patches were integrated upstream. This contains fixes for CVE-2020-3702 1. These patches (ath, ath9k, mac80211) were included in kernel versions since 4.14.245 and 4.19.205. They fix security vulnerability CVE-2020-3702 [1] similar to KrØØk, which was found by ESET [2]. Thank you Josef Schlehofer for reporting this problem. [1] https://nvd.nist.gov/vuln/detail/CVE-2020-3702 [2] https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/ Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v21.02.0: revert to branch defaultsHauke Mehrtens2021-09-011-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v21.02.0: adjust config defaultsv21.02.0Hauke Mehrtens2021-09-011-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openssl: bump to 1.1.1lEneas U de Queiroz2021-08-282-5/+4
| | | | | | | | | | | | This version fixes two vulnerabilities: - SM2 Decryption Buffer Overflow (CVE-2021-3711) Severity: High - Read buffer overruns processing ASN.1 strings (CVE-2021-3712) Severity: Medium Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 7119fd32d397567931e63dbbf72014e95624018f)
* uboot-layerscape: fix dtc compilation on host gcc 10Hauke Mehrtens2021-08-281-0/+46
| | | | | | | Backport a patch from upstream U-Boot to fix the compile with host GCC 10. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 8d143784cb8fafccdbcdc0bd5d1aa47d3d676f70)
* uboot-at91: fix dtc compilation on host gcc 10Hauke Mehrtens2021-08-282-9/+49
| | | | | | | Backport a patch from upstream U-Boot to fix the compile with host GCC 10. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit a1034afba8ea8bec48e2528fdae0fb74a6757e53)
* bcm27xx-userland: update to latest versionÁlvaro Fernández Rojas2021-08-211-2/+2
| | | | | | Properly recognise all BCM2711 variants Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* bcm27xx-userland: factor out a -dev packageMichael Heimpold2021-08-181-4/+30
| | | | | | | | | | | | Installing headers and static libraries to the target system seems to be not required for most use cases, so let's factor them out into a dedicated -dev package. This cuts down to disk usage to around 50% of the original package to ~ 2MB - not that disk space is an issue normally, but when using inside an initramfs only project, it counts. Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* fritz-tools: fix returning wrong values due to strncmp usageDaniel Kestrel2021-08-082-2/+2
| | | | | | | | | | | | | | | | | When having two keys that start with the same characters and the second key just has one character more nand_tffs_read and tffs_read return the wrong value for the longer key. This is due to the usage of strncmp in combination with the length of the shorter key which is usually first in the list before the longer key and when strncmp matches, the search is stopped. The problem only occurs when the length of the two keys is different, not if just the last character is different. The fix is to use strcmp and as such it will only return the value if the key (name) and the key to look for (namefilter) have the same value and length. A sample case returning wrong values is when keys macwlan and macwlan2 are defined and querying macwlan2 returns the value for macwlan. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (cherry picked from commit 12564c5b860f9849c9a2fb7026c2c11150b9a4fc)
* mbedtls: update to 2.16.11Rosen Penev2021-08-081-3/+3
| | | | | | | | | | Switched to AUTORELEASE to avoid manual increments. Release notes: https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.11 Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit fcfd741eb83520e496eb09de5f8b2f2b62792a80)
* dnsmasq: reset EXTRA_MOUNT in the right placeDaniel Golle2021-08-021-2/+2
| | | | | | | | | | EXTRA_MOUNT variable should be reset in dnsmasq_start() rather than just once at the beginning of the script. Fixes: ac4e8aa2f8 ("dnsmasq: fix more dnsmasq jail issues") Reported-by: Hartmut Birr <e9hack@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit ddc8d085f39dea998f59680fb556ca72d779a3b1)
* dnsmasq: fix more dnsmasq jail issuesDaniel Golle2021-08-021-10/+26
| | | | | | | | | | | | | * remove superflus mounts of /dev/null and /dev/urandom * reset EXTRA_MOUNTS at the beginning of the script * add mount according to ignore_hosts_dir * don't add mount for file which is inside a directory already in the EXTRA_MOUNTS list Fixes: 59c63224e1 ("dnsmasq: rework jail mounts") Reported-by: Hartmut Birr <e9hack@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit ac4e8aa2f8d98158ea7b749f877269f1f5fa9c5a)
* dnsmasq: rework jail mountsDaniel Golle2021-08-021-1/+7
| | | | | | | | | | | | | * split into multiple lines to improve readability * use EXTRA_MOUNT for addnhosts instead of blindly adding /tmp/hosts * remove no longer needed mount for /sbin/hotplug-call * add dhcp-script.sh dependencies (jshn, ubus) Fixes: 3a94c2ca5c ("dnsmasq: add /tmp/hosts/ to jail_mount") Fixes: aed95c4cb8 ("dnsmasq: switch to ubus-based hotplug call") Reported-by: Stijn Tintel <stijn@linux-ipv6.be> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 59c63224e11d6c4eca27131a73bf16218e47a271)
* dnsmasq: use local option for local domain parameterKevin Darbyshire-Bryant2021-08-021-1/+1
| | | | | | | | | | | '--local' is a synonym for '--server' so let's use '--local' in the resultant config file for uci's 'local' instead of uci's local parameter being turned into '--server'. Slightly less confusion all round. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (cherry picked from commit e4cfefa9fc3d22da5705b554785ba9c533c373d0) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* dnsmasq: add ignore hosts dir to dnsmasq init scriptJoão Henriques2021-08-021-1/+6
| | | | | | | | | | When running multiple instances of dnsmasq, for example one being for the lan and another for a guest network, it might not be desirable to have the same dns names configured in both networks Signed-off-by: João Henriques <joaoh88@gmail.com> (cherry picked from commit e8a5670122e04574fdb5855ecd63d18f317c5bfd) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* OpenWrt v21.02.0-rc4: revert to branch defaultsHauke Mehrtens2021-08-011-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v21.02.0-rc4: adjust config defaultsv21.02.0-rc4Hauke Mehrtens2021-08-011-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* netifd: update to the latest versionFelix Fietkau2021-07-261-3/+3
| | | | | | | 440eb0647708 bridge: fix regression in bringing up bridge ports Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 39f81b0bf687017b4d086255c94166e662ac177e)
* netifd: update to the latest versionFelix Fietkau2021-07-251-3/+3
| | | | | | | | 85f01c44a950 bridge: check bridge port vlan membership on link-up events 17e453bd68b4 wireless: add back regular virtual interfaces on hotplug-add events as well Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 2801fe6132c4e2e364e2d5a304594185351b501b)
* dnsmasq: distinct Ubus names for multiple instancesEtan Kissling2021-07-191-3/+29
| | | | | | | | | | | | | | | | | | | | | | | | | Currently, when using multiple dnsmasq instances they are all assigned to the same Ubus instance name. This does not work, as only a single instance can register with Ubus at a time. In the log, this leads to `Cannot add object to UBus: Invalid argument` error messages. Furthermore, upstream 3c93e8eb41952a9c91699386132d6fe83050e9be changes behaviour so that instead of the log, dnsmasq exits at start instead. With this patch, all dnsmasq instances are assigned unique names so that they can register with Ubus concurrently. One of the enabled instances is always assigned the previous default name "dnsmasq" to avoid breaking backwards compatibility with other software relying on that default. Previously, a random instance got assigned that name (while the others produced error logs). Now, the first unnamed dnsmasq config section is assigned the default name. If there are no unnamed dnsmasq sections the first encountered named dnsmasq config section is assigned instead. A similar issue exists for Dbus and was similarly addressed. Signed-off-by: Etan Kissling <etan.kissling@gmail.com> [tweaked commit message] dnsmasq was not crashing it is exiting Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (cherry picked from commit ba5bd8e556b2e7573d27b16e005ba287e066f795)
* dnsmasq: add /tmp/hosts/ to jail_mountNick Hainke2021-07-191-1/+1
| | | | | | | | Programs like the olsr-name-plugin write hostname files to "/tmp/hosts/". If you don't add this to the jail_mount, dnsmasq can't read it anymore. Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit 3a94c2ca5cf7c11ca150fa3ae884e7be8d07a281)
* odhcpd: fix invalid DHCPv6 ADVERTSIE with small configured leasetime (FS#3935)Hans Dedecker2021-07-191-3/+3
| | | | | | | bc9d317 dhcpv6-ia: fix invalid preferred lifetime Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (cherry picked from commit 033d5ff25eaf4facbaab09153982e7321fe282e6)
* netifd: update to the latest versionFelix Fietkau2021-07-141-3/+3
| | | | | | | 7f24a063475e vlan: fix device vlan alias handling Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit d1a812c49b57636efcb9ef6f5f0aff4f11eb6b36)
* netifd: update to the latest versionFelix Fietkau2021-07-131-3/+3
| | | | | | | | | | | | | | | | | | | | 61a71e5e49c3 bridge: dynamically create vlans for hotplug members cb6ee9608e10 bridge: fix dynamic delete of hotplug vlans 7f199050f395 wireless: pass the real network ifname to the setup script 50381d0a2998 bridge: allow adding/removing VLANs to configured member ports via hotplug f12b073c0cc3 wireless: add some comments to functions b0d090688302 bridge: fix setting pvid for updated vlans ff3764ce28e0 device: move hotplug handling logic from system-linux.c to device.c 16bff892f415 ubus: add a dummy mode ubus call to simulate hotplug events 7f30b02013f2 examples: make dummy wireless vif names shorter 013a1171e9b0 device: do not treat devices with non-digit characters after . as vlan devices f037b082923a wireless: handle WDS per-sta devices db0fa24e1c17 bridge: fix enabling hotplug-added VLANs on the bridge port 4e92ea74273f bridge: bring up pre-existing vlans on hotplug as well 1f283c654aeb bridge: fix hotplug vlan overwrite on big-endian systems Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 1236cbe30cec8e3e8246237005140596f8611ce9)
* iwinfo: move device info into -data packageJo-Philipp Wich2021-07-112-4/+40
| | | | | | | | | | Backport upstream patch a0a0e02 ("iwinfo: rename hardware.txt to devices.txt") and split devices.txt (former hardware.txt) into a common libiwinfo-data package to allow different libiwinfo versions to coexist without file clashes. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commit c13d7c82aa4cd2cbf1f61bad857cd01b795318e3)
* hostapd: make wnm_sleep_mode_no_keys configurableTimo Sigurdsson2021-07-052-4/+8
| | | | | | | | | | | | | | | In the aftermath of the KRACK attacks, hostapd gained an AP-side workaround against WNM-Sleep Mode GTK/IGTK reinstallation attacks. WNM Sleep Mode is not enabled by default on OpenWrt, but it is configurable through the option wnm_sleep_mode. Thus, make the AP-side workaround configurable as well by exposing the option wnm_sleep_mode_no_keys. If you use the option wpa_disable_eapol_key_retries and have wnm_sleep_mode enabled, you might consider using this workaround. Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de> [bump PKG_RELEASE] Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit bf98faaac8ed24cf7d3d93dd4fcd7304d109363b)
* hostapd: make country3 option configurableTimo Sigurdsson2021-07-052-3/+4
| | | | | | | | | | | | | The country3 option in hostapd.conf allows the third octet of the country string to be set. It can be used e.g. to indicate indoor or outdoor use (see hostapd.conf for further details). Make this option configurable but optional in OpenWrt. Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de> [bump PKG_RELEASE, rebase] Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 9f09c1936a4a13b67fcba632f7ca02331f685359) Signed-off-by: Paul Spooren <mail@aparcar.org>
* iwinfo: build with nl80211 backend only and make sharedJo-Philipp Wich2021-07-021-19/+5
| | | | | | | | | | | | Drop support for building the obsolete broadcom-wl backend and always forcibly enable the nl82011 support. This allows us to make the package shared again since no target specific compilation is happening anymore. This will solve various repository coherency issues related to unavailable libiwinfo versions in the long run. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 5a1065758b88b568a04a50189400321601904bdf)
* treewide: unmark selected packages nonsharedPetr Štetiar2021-07-026-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This partially reverts changes done in commit 72cc44958ef4 ("treewide: mark selected packages nonshared") as it removes the nonshared flag, but keeps the PKG_RELEASE as the PKG_RELEASE bump while adding nonshared flag was incorrect. Unmark uci, ubus, libubox, lua, libnl-tiny and libjson-c as nonshared packages as this fix attempt didn't worked out. Currently the imagebuilder is broken again: openwrt-imagebuilder-21.02.0-rc3-ipq40xx-generic.Linux-x86_64$ make image PROFILE=avm_fritzbox-7530 PACKAGES=luci-ssl-openssl ... Collected errors: * pkg_hash_check_unresolved: cannot find dependency libiwinfo20210430 for luci-mod-status * pkg_hash_fetch_best_installation_candidate: Packages for luci-mod-status found, but incompatible with the architectures configured * pkg_hash_check_unresolved: cannot find dependency libiwinfo20210430 for rpcd-mod-iwinfo * pkg_hash_fetch_best_installation_candidate: Packages for rpcd-mod-iwinfo found, but incompatible with the architectures configured * satisfy_dependencies_for: Cannot satisfy the following dependencies for luci-ssl-openssl: * libiwinfo20210430 * opkg_install_cmd: Cannot install package luci-ssl-openssl. Everything because iwinfo's ABI was changed two times since rc3 release: +IWINFO_ABI_VERSION:=20210430 +IWINFO_ABI_VERSION:=20210420 Since iwinfo is marked as nonshared, it wasn't built by phase2 builders, but luci-mod-status was already updated 2 times since rc3 and was thus rebuilt by phase2 builders: d1d452ed2fb3 luci-mod-status: don't set '-' hostname when creating static lease 95b3633055c1 luci-mod-status: switch to html table for wlan channel analysis So now luci-mod-status depends on libiwinfo20210430 but only libiwinfo20210106 can be downloaded. This is first part of the fix, in the upcoming commit Jo is going to remove nonshared flag from iwinfo package as well. References: https://lists.infradead.org/pipermail/openwrt-devel/2021-July/035736.html References: https://lists.infradead.org/pipermail/openwrt-devel/2021-July/035741.html Acked-by: Jo-Philipp Wich <jo@mein.io> Reported-by: Nick Hainke <vincent@systemli.org> Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 8307da3dbdaff13d5ce99f8aefa32f5b7a2e18e6)
* ath10k-ct: fix typo in MakefileMichael Yartys2021-07-021-1/+1
| | | | | | | Add forgotten colon to Makefile. Signed-off-by: Michael Yartys <michael.yartys@protonmail.com> (cherry picked from commit f0f1d68d528402b4d51a1dd08d2e2c9034167f92)
* ath10k-ct: update to latest versionMichael Yartys2021-07-024-45/+8
| | | | | | | | | | | | | | | | | Changelog: - ath10k-ct: Add security fixes. - ath10k-ct: Add 5.12 kernel version. - ath10k-ct: Fix the beacon/mcast/bcast override issue - ath10k-ct 5.7: Fix setting mcast/bcast/beacon rate from debugfs. - ath10k-ct: Add 5.11 driver. Delete upstreamed patch and refresh the rest. Also, use the opportunity to set PKG_RELEASE to $(AUTORELEASE). Runtime-tested on ipq806x (Netgear R7800). Signed-off-by: Michael Yartys <michael.yartys@protonmail.com> (cherry picked from commit 2e10ed925e1e07c28570731a429efa5e7de3b826)
* kernel/modules: move act_gact into kmod-sched-coreDENG Qingfang2021-07-021-2/+2
| | | | | | | | As the name suggests, act_gact has the generic actions such as dropping and accepting packets, so move it into kmod-sched-core. Signed-off-by: DENG Qingfang <dqfext@gmail.com> (cherry-picked from commit 10aacb9a6ce3445cdee39573f4120e7888beb022)
* package/comgt: Handle bind/unbind eventsArjun AK2021-07-021-0/+2
| | | | | | | | | | | | | | This script was expecting only add/remove events which has not been the case since Kernel 4.12 (which added bind/unbind). Bind events were getting treated as remove events which would cause hotplugged 3g modems to not work. More info: https://lkml.org/lkml/2018/12/23/128 https://github.com/systemd/systemd/issues/8221 Signed-off-by: Arjun AK <arjunak234@gmail.com> (cherry picked from commit 89ef883b92b3a87d9ab1bd289de26b9e72681dac)