aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* busybox: disable PREFER_IPV4_ADDRESSBaptiste Jonglez2021-05-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PREFER_IPV4_ADDRESS is broken on IPv6-only hosts, as it causes busybox utilities (ping, traceroute, ntpd) to forcibly use the A record instead of the AAAA record when resolving a DNS name. This obviously fails when there is no IPv4 connectivity. Since IPv6-only hosts or routers will only become more common over time, disable PREFER_IPV4_ADDRESS to support this use-case. As a side-effect, disabling PREFER_IPV4_ADDRESS changes the default resolution behaviour of busybox utilities on dual-stack hosts. Busybox utilities now simply use the order given by getaddrinfo(), so they will now prefer IPv6 addresses when resolving a name with both A and AAAA records if there is IPv6 connectivity. This is in line with RFC 6724. PREFER_IPV4_ADDRESS was likely intended to work around naive implementations of getaddrinfo() that could return AAAA records first, even on an IPv4-only host. But both musl (since 1.1.3) and glibc correctly implement RFC 6724 for getaddrinfo() and check connectivity to determine the correct order in which to return records. On IPv4-only hosts, getaddrinfo() will return A records first, so there is no need for the PREFER_IPV4_ADDRESS hack. See also: https://bugs.busybox.net/show_bug.cgi?id=12381 Fixes: FS#84 Fixes: FS#2608 References: https://github.com/openwrt/openwrt/pull/4167 Signed-off-by: Alexander Traud <pabstraud@compuserve.com> Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* build: introduce $(MKHASH)Leonardo Mörlein2021-05-137-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before this commit, it was assumed that mkhash is in the PATH. While this was fine for the normal build workflow, this led to some issues if make TOPDIR="$(pwd)" -C "$pkgdir" compile was called manually. In most of the cases, I just saw warnings like this: make: Entering directory '/home/.../package/gluon-status-page' bash: line 1: mkhash: command not found bash: line 1: mkhash: command not found bash: line 1: mkhash: command not found bash: line 1: mkhash: command not found bash: line 1: mkhash: command not found bash: line 1: mkhash: command not found bash: line 1: mkhash: command not found bash: line 1: mkhash: command not found [...] While these were only warnings and the package still compiled sucessfully, I also observed that some package even fail to build because of this. After applying this commit, the variable $(MKHASH) is introduced. This variable points to $(STAGING_DIR_HOST)/bin/mkhash, which is always the correct path. Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
* mt76: update to the latest versionFelix Fietkau2021-05-131-3/+3
| | | | | | | | | | | | | | | | | | | | | | Includes fix for CVE-2020-24588 c7dd54a22e30 mt76: connac: skip wtbl reset on sta disconnect 3511fd430356 mt76: validate rx A-MSDU subframes aedc3145de6e mt76: fix possible NULL pointer dereference in mt76_tx 5c2baab92cd0 mt76: mt7615: fix NULL pointer dereference in tx_prepare_skb() af21659ee834 mt76: mt76x0: use dev_debug instead of dev_err for hw_rf_ctrl e423c16f16f7 mt76: mt7615: free irq if mt7615_mmio_probe fails f2d0da8da9b7 mt76: mt7663: enable hw rx header translation d2713a5d9de9 mt76: mt7921: fix mt7921_wfsys_reset sequence ce5f32d84f33 mt76: mt7921: Don't alter Rx path classifier 8ab8c7747197 mt76: connac: fw_own rely on all packet memory all being free a747b0bb4956 mt76: mt7921: enable deep sleep at runtime 2e6e999509b1 mt76: mt7921: add deep sleep control to runtime-pm knob 30bcb2338ce2 mt76: connac: fix WoW with disconnetion and bitmap pattern 56518f4a126e mt76: mt7921: consider the invalid value for to_rssi e969ab10a034 mt76: mt7921: add back connection monitor support Signed-off-by: Felix Fietkau <nbd@nbd.name>
* busybox: update to 1.33.1Nick Hainke2021-05-125-132/+3
| | | | | | | | | | | | | | Remove backports: - 001-backport1330fix-ash-make-strdup-copy.patch - 002-backport1330fix-traceroute.patch - 005-backport-CVE-2021-28831.patch Remove upstreamed: - 010-fix-wrong-variable.patch Signed-off-by: Nick Hainke <vincent@systemli.org> [don't use $(AUTORELEASE) for now] Signed-off-by: Paul Spooren <mail@aparcar.org>
* mac80211: backport upstream fixes for FragAttacksFelix Fietkau2021-05-1223-7/+1466
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From the patch series description: Several security issues in the 802.11 implementations were found by Mathy Vanhoef (New York University Abu Dhabi), who has published all the details at https://papers.mathyvanhoef.com/usenix2021.pdf Specifically, the following CVEs were assigned: * CVE-2020-24586 - Fragmentation cache not cleared on reconnection * CVE-2020-24587 - Reassembling fragments encrypted under different keys * CVE-2020-24588 - Accepting non-SPP A-MSDU frames, which leads to payload being parsed as an L2 frame under an A-MSDU bit toggling attack * CVE-2020-26139 - Forwarding EAPOL from unauthenticated sender * CVE-2020-26140 - Accepting plaintext data frames in protected networks * CVE-2020-26141 - Not verifying TKIP MIC of fragmented frames * CVE-2020-26142 - Processing fragmented frames as full frames * CVE-2020-26143 - Accepting fragmented plaintext frames in protected networks * CVE-2020-26144 - Always accepting unencrypted A-MSDU frames that start with RFC1042 header with EAPOL ethertype * CVE-2020-26145 - Accepting plaintext broadcast fragments as full frames * CVE-2020-26146 - Reassembling encrypted fragments with non-consecutive packet numbers * CVE-2020-26147 - Reassembling mixed encrypted/plaintext fragments In general, the scope of these attacks is that they may allow an attacker to * inject L2 frames that they can more or less control (depending on the vulnerability and attack method) into an otherwise protected network; * exfiltrate (some) network data under certain conditions, this is specific to the fragmentation issues. A subset of these issues is known to apply to the Linux IEEE 802.11 implementation (mac80211). Where it is affected, the attached patches fix the issues, even if not all of them reference the exact CVE IDs. In addition, driver and/or firmware updates may be necessary, as well as potentially more fixes to mac80211, depending on how drivers are using it. Specifically, for Intel devices, firmware needs to be updated to the most recently released versions (which was done without any reference to the security issues) to address some of the vulnerabilities. To have a single set of patches, I'm also including patches for the ath10k and ath11k drivers here. We currently don't have information about how other drivers are, if at all, affected. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* busybox: add SRV support to nslookup_lede.c patchPerry Melange2021-05-122-2/+22
| | | | | | | | | | Add support for querying and parsing SRV DNS records to nslookup_lede.c This patch is based on http://lists.busybox.net/pipermail/busybox/2019-June/087359.html Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com> [reword subject, bump PKG_RELEASE] Signed-off-by: Paul Spooren <mail@aparcar.org>
* base-files: shinit: properly handle dashes in service namesJo-Philipp Wich2021-05-121-1/+1
| | | | | Fixes: FS#3801 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* build: fix opkg install step for large package selectionAlexander Egorenkov2021-05-121-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the list of packages to be installed in a built image exceeds a certain number, then 'opkg install' executed for target '$(curdir)/install' in package/Makefile fails with: /usr/bin/env: Argument list too long. On Linux, the length of a command-line parameter is limited by MAX_ARG_STRLEN to max 128 kB. * https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/binfmts.h#L15 * https://www.in-ulm.de/~mascheck/various/argmax/ To solve the problem, store the package list being passed to 'opkg install' in a temporary file and use the shell command substitution to pass the content of the file to 'opkg install'. This guarantees that the length of the command-line parameters passed to the bash shell is short. The following bash script demonstrates the problem: ---------------------------------------------------------------------------- count=${1:-1000} FILES="" a_file="/home/egorenar/Repositories/openwrt-rel/bin/targets/alpine/generic/packages/base-files_1414-r16464+19-e887049fbb_arm_cortex-a15_neon-vfpv4.ipk" for i in $(seq 1 $count); do FILES="$FILES $a_file" done env bash -c "echo $FILES >/dev/null" echo "$FILES" | wc -c ---------------------------------------------------------------------------- Test run: ---------------------------------------------------------------------------- $ ./test.sh 916 130989 $ ./test.sh 917 ./test.sh: line 14: /bin/env: Argument list too long 131132 ---------------------------------------------------------------------------- Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net> [reword commit subject] Signed-off-by: Paul Spooren <mail@aparcar.org>
* kernel: add kmod-leds-uledsKeith T. Garner2021-05-121-0/+14
| | | | | | | | | The allows userspace LEDs to be created and controlled. This can be useful for testing triggers and can also be used to implement virtual LEDs. Signed-off-by: Keith T. Garner <kgarner@kgarner.com> [squash fixup commit and improve option wording] Signed-off-by: Paul Spooren <mail@aparcar.org>
* mt76: update to the latest versionFelix Fietkau2021-05-101-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 186af01047b2 mt76: mt7921: introduce MCU_EVENT_LP_INFO event parsing 93b5c28c97d5 mt76: mt7921: add rcu section in mt7921_mcu_tx_rate_report a8e89c5a1d1f mt76: testmode: add support to send larger packet a0cc9a9e3877 mt76: mt7915: rework mt7915_tm_set_tx_len() c8b96630324e mt76: mt7915: fix rate setting of tx descriptor in testmode 22fd2958c42a mt76: mt7615: fix memleak when mt7615_unregister_device() 7401e0db3143 mt76: mt7915: fix memleak when mt7915_unregister_device() c3656268b3f6 mt76: mt7915: only free skbs after mt7915_dma_reset() when reset happens 0ce955b04ba8 mt76: mt7615: only free skbs after mt7615_dma_reset() when reset happens b03d1e62acf7 mt76: mt7615: use ieee80211_free_txskb() in mt7615_tx_token_put() 5ac02e22fb03 mt76: flush tx status queue on DMA reset c71f609b398a mt76: sync with upstream changes 23ecadd4af77 mt76: mt7615: fix hardware error recovery for mt7663 57a899ee3c3c mt76: mt7615: fix entering driver-own state on mt7663 42a2dddb706b mt76: mt7615: load ROM patch before checking patch semaphore status cf0e406af84a mt76: mt7915: add support for applying pre-calibration data 459940ccbc58 mt76: mt7921: move hw configuration in mt7921_register_device 0a094b11f3c0 mt76: improve mcu error logging bf536832e37d mt76: mt7921: run mt7921_mcu_fw_log_2_host holding mt76 mutex 7616f4f78163 mt76: mt7921: add wifisys reset support in debugfs e620bd881ef5 mt76: mt7921: abort uncompleted scan by wifi reset e8dacf59ab1c mt76: mt7915: rework the flow of txpower setting c8c78e577236 mt76: mt7915: directly read per-rate tx power from registers 1622bf4f8705 mt76: mt7921: add mt7921_dma_cleanup in mt7921_unregister_device ef96fafad8a9 mt76: Convert to DEFINE_SHOW_ATTRIBUTE 90e4bfea2948 mt76: mt7921: do not use 0 as NULL pointer 0a139d7f5966 mt76: connac: move mcu_update_arp_filter in mt76_connac module de26c73ce3c2 mt76: mt7921: remove leftover function declaration 1c0b6cb4f942 mt76: mt7921: fix a race between mt7921_mcu_drv_pmctrl and mt7921_mcu_fw_pmctrl 2923e3e2b8e4 mt76: mt7663: fix a race between mt7615_mcu_drv_pmctrl and mt7615_mcu_fw_pmctrl 74d0fdaa7a99 mt76: connac: introduce wake counter for fw_pmctrl synchronization 28c87e09a5ea mt76: mt7921: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx path 36f664edc7db mt76: mt7663: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx path 51b3d1a9a2b7 mt76: dma: add the capability to define a custom rx napi poll routine 4f1339c9fb72 mt76: mt7921: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx/rx napi 1bc5e67a60be mt76: mt7663: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx/rx napi 325f7b451c03 mt76: connac: unschedule ps_work in mt76_connac_pm_wake 12115052a02f mt76: connac: check wake refcount in mcu_fw_pmctrl e5d28e3cef66 mt76: connac: remove MT76_STATE_PM in mac_tx_free 475112a3cdcc mt76: mt7921: get rid of useless MT76_STATE_PM in mt7921_mac_work 112998f32d85 mt76: connac: alaways wake the device before scanning 4334f3e2fc43 mt76: mt7615: rely on pm refcounting in mt7615_led_set_config 0562380659ad mt76: connac: do not run mt76_txq_schedule_all directly acfa78df5708 mt76: connac: use waitqueue for runtime-pm ca74a4cd0722 mt76: remove MT76_STATE_PM in tx path 0c2d3e74852e mt76: mt7921: add awake and doze time accounting 45e0eefffe9f mt76: mt7921: enable sw interrupts fd2ff641166f mt76: mt7615: Fix a dereference of pointer sta before it is null checked 7e2521468767 mt76: mt7921: move mt7921_dma_reset in dma.c c9dd6b1fa171 mt76: mt7921: introduce mt7921_wpdma_reset utility routine 2ac7c7e9c568 mt76: mt7921: introduce mt7921_dma_{enable,disable} utilities 662a89f2b9d1 mt76: mt7921: introduce mt7921_wpdma_reinit_cond utility routine 614efe9e9180 mt76: connac: introduce mt76_connac_mcu_set_deep_sleep utility 0dbb16ef39d8 mt76: mt7921: enable deep sleep when the device suspends 3c19f569cc70 mt76: mt7921: fix possible invalid register access ade1f5aad4c6 mt76: move token_lock, token and token_count in mt76_dev 8d5c456be1ff mt76: move token utilities in mt76 common module fb04d9df5e52 mt76: mt7915: do not read rf value from efuse in flash mode 2126b2176336 mt76: mt7921: get rid of mcu_reset function pointer d325b7eff1b1 mt76: mt7921: improve doze opportunity 2ae25c7e547e mt76: mt7663: add awake and doze time accounting 349bbb9d6f13 mt76: connac: unschedule mac_work before going to sleep 98a235004dea mt76: mt7921: mt7921_stop should put device in fw_own state 63d80b9ab251 mt76: mt7921: introduce mt7921_mcu_sta_add routine 3c5bf837fdbd mt76: mt7615: fix a precision vs width bug in printk ded14da5eacc mt76: mt7915: fix a precision vs width bug in printk aaf0d254f9ea mt76: mt7921: fix a precision vs width bug in printk 757af5c67d32 mt76: move mt76_token_init in mt76_alloc_device ed41ed73a495 mt76: mt7921: reinit wpdma during drv_own if necessary 92fb81e085c6 mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report 53d915a23bc9 mt76: connac: do not schedule wake_work if the runtime-pm is disabled 23fe1bdcf15a mt76: connac: do not schedule mac_work if the device is not running e5b19336c58e mt76: mt7615: do not set MT76_STATE_PM at bootstrap 0fc2136a61dd mt76_connac_mcu: move mt76_connac_mcu_update_arp_filter outside of CONFIG_PM e693f3e23e06 mt76: mt7915: add MSI support 5231e7300fa4 mt7915: disable ASPM 554b50dabf54 mt76: connac: fix uninitialized HT A-MPDU setting field in STA_REC_PHY 43b9c0a838bb mt76: mt7921: fix max aggregation subframes setting 5a387a0a3004 mt76: mt7921: enable rx hw de-amsdu c8cbcb87be07 mt76: connac: add missing configuration in mt76_connac_mcu_wtbl_hdr_trans_tlv 55921e57b380 mt76: mt7921: enable rx header traslation offload 01441f67d8b2 mt76: mt7921: enable rx csum offload c9ab76dd93a0 mt76: mt7915: move mt7915_queue_rx_skb to mac.c caedb4c4ee41 mt76: mt7615: fix fixed-rate tx status reporting c6ae95d43e6d mt76: improve tx status codepath 27d468d094e6 mt76: mt7915: rework tx rate reporting 3b4ca5b09e2c mt76: mt7615: avoid use of ieee80211_tx_info_clear_status e1f07d7f1cb9 mt76: mt7603: avoid use of ieee80211_tx_info_clear_status 18513ba5fbc2 mt76: mt7915: add support for tx status reporting 35f189cf81b2 mt76: mt7915: fix uninitialized variable in MSI error handling 9e928ac1ea9b mt76: dma: use ieee80211_tx_status_ext to free packets when tx fails 628eee9c386c mt76: fill queue entry wcid for all skbs with a station a9bc4d94b7a1 mt76: intialize tx queue entry wcid to 0xffff by default 998ca8af7d17 mt76: mt7915: fix tssi indication field of DBDC NICs 7dd24b3cfacf mt76: mt7915: fix a signedness bug in mt7915_mcu_apply_tx_dpd() 535025d65d8d mt76: mt7915: cleanup mt7915_mcu_sta_rate_ctrl_tlv() ff8bbe22dd87 mt76: mt7915: add .set_bitrate_mask() callback Signed-off-by: Felix Fietkau <nbd@nbd.name>
* rpcd: set correct PKG_SOURCE_DATEDaniel Golle2021-05-101-1/+1
| | | | | | | | The previous commit bumped the source commit level without reflecting that in PKG_SOURCE_DATA. Bump PKG_SOURCE_DATA as well. Fixes: 97e820c6d6 ("rpcd: update to latest HEAD") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* rpcd: update to latest HEADDavid Bauer2021-05-101-2/+2
| | | | | | 7a560a1 iwinfo: add 802.11ax HE support Signed-off-by: David Bauer <mail@david-bauer.net>
* ramips: mt7621: Add support for ZyXEL NR7101Bjørn Mork2021-05-091-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ZyXEL NR7101 is an 802.3at PoE powered 5G outdoor (IP68) CPE with integrated directional 5G/LTE antennas. Specifications: - SoC: MediaTek MT7621AT - RAM: 256 MB - Flash: 128 MB MB NAND (MX30LF1G18AC) - WiFi: MediaTek MT7603E - Switch: 1 LAN port (Gigabiti) - 5G/LTE: Quectel RG502Q-EA connected by USB3 to SoC - SIM: 2 micro-SIM slots under transparent cover - Buttons: Reset, WLAN under same cover - LEDs: Multicolour green/red/yellow under same cover (visible) - Power: 802.3at PoE via LAN port The device is built as an outdoor ethernet to 5G/LTE bridge or router. The Wifi interface is intended for installation and/or temporary management purposes only. UART Serial: 57600N1 Located on populated 5 pin header J5: [o] GND [ ] key - no pin [o] RX [o] TX [o] 3.3V Vcc Remove the SIM/button/LED cover, the WLAN button and 12 screws holding the back plate and antenna cover together. The GPS antenna is fixed to the cover, so be careful with the cable. Remove 4 screws fixing the antenna board to the main board, again being careful with the cables. A bluetooth TTL adapter is recommended for permanent console access, to keep the router water and dustproof. The 3.3V pin is able to power such an adapter. MAC addresses: OpenWrt OEM Address Found as lan eth2 08:26:97:*:*:BC Factory 0xe000 (hex), label wlan0 ra0 08:26:97:*:*:BD Factory 0x4 (hex) wwan0 usb0 random WARNING!! ISP managed firmware might at any time update itself to a version where all known workarounds have been disabled. Never boot an ISP managed firmware with a SIM in any of the slots if you intend to use the router with OpenWrt. The bootloader lock can only be disabled with root access to running firmware. The flash chip is physically inaccessible without soldering. Installation from OEM web GUI: - Log in as "supervisor" on https://172.17.1.1/ - Upload OpenWrt initramfs-recovery.bin image on the Maintenance -> Firmware page - Wait for OpenWrt to boot and ssh to root@192.168.1.1 - (optional) Copy OpenWrt to the recovery partition. See below - Sysupgrade to the OpenWrt sysupgrade image and reboot Installation from OEM ssh: - Log in as "root" on 172.17.1.1 port 22022 - scp OpenWrt initramfs-recovery.bin image to 172.17.1.1:/tmp - Prepare bootloader config by running: nvram setro uboot DebugFlag 0x1 nvram setro uboot CheckBypass 0 nvram commit - Run "mtd_write -w write initramfs-recovery.bin Kernel" and reboot - Wait for OpenWrt to boot and ssh to root@192.168.1.1 - (optional) Copy OpenWrt to the recovery partition. See below - Sysupgrade to the OpenWrt sysupgrade image and reboot Copying OpenWrt to the recovery partition: - Verify that you are running a working OpenWrt recovery image from flash - ssh to root@192.168.1.1 and run: fw_setenv CheckBypass 0 mtd -r erase Kernel2 - Wait while the bootloader mirrors Image1 to Image2 NOTE: This should only be done after successfully booting the OpenWrt recovery image from the primary partition during installation. Do not do this after having sysupgraded OpenWrt! Reinstalling the recovery image on normal upgrades is not required or recommended. Installation from Z-Loader: - Halt boot by pressing Escape on console - Set up a tftp server to serve the OpenWrt initramfs-recovery.bin image at 10.10.10.3 - Type "ATNR 1,initramfs-recovery.bin" at the "ZLB>" prompt - Wait for OpenWrt to boot and ssh to root@192.168.1.1 - Sysupgrade to the OpenWrt sysupgrade image NOTE: ATNR will write the recovery image to both primary and recovery partitions in one go. Booting from RAM: - Halt boot by pressing Escape on console - Type "ATGU" at the "ZLB>" prompt to enter the U-Boot menu - Press "4" to select "4: Entr boot command line interface." - Set up a tftp server to serve the OpenWrt initramfs-recovery.bin image at 10.10.10.3 - Load it using "tftpboot 0x88000000 initramfs-recovery.bin" - Boot with "bootm 0x8800017C" to skip the 380 (0x17C) bytes ZyXEL header This method can also be used to RAM boot OEM firmware. The warning regarding OEM applies! Never boot an unknown OEM firmware, or any OEM firmware with a SIM in any slot. NOTE: U-Boot configuration is incomplete (on some devices?). You may have to configure a working mac address before running tftp using "setenv eth0addr <mac>" Unlocking the bootloader: If you are unebale to halt boot, then the bootloader is locked. The OEM firmware locks the bootloader on every boot by setting DebugFlag to 0. Setting it to 1 is therefore only temporary when OEM firmware is installed. - Run "nvram setro uboot DebugFlag 0x1; nvram commit" in OEM firmware - Run "fw_setenv DebugFlag 0x1" in OpenWrt NOTE: OpenWrt does this automatically on first boot if necessary NOTE2: Setting the flag to 0x1 avoids the reset to 0 in known OEM versions, but this might change. WARNING: Writing anything to flash while the bootloader is locked is considered extremely risky. Errors might cause a permanent brick! Enabling management access from LAN: Temporary workaround to allow installing OpenWrt if OEM firmware has disabled LAN management: - Connect to console - Log in as "root" - Run "iptables -I INPUT -i br0 -j ACCEPT" Notes on the OEM/bootloader dual partition scheme The dual partition scheme on this device uses Image2 as a recovery image only. The device will always boot from Image1, but the bootloader might copy Image2 to Image1 under specific conditions. This scheme prevents repurposing of the space occupied by Image2 in any useful way. Validation of primary and recovery images is controlled by the variables CheckBypass, Image1Stable, and Image1Try. The bootloader sets CheckBypass to 0 and reboots if Image1 fails validation. If CheckBypass is 0 and Image1 is invalid then Image2 is copied to Image1. If CheckBypass is 0 and Image2 is invalid, then Image1 is copied to Image2. If CheckBypass is 1 then all tests are skipped and Image1 is booted unconditionally. CheckBypass is set to 1 after each successful validation of Image1. Image1Try is incremented if Image1Stable is 0, and Image2 is copied to Image1 if Image1Try is 3 or larger. But the bootloader only tests Image1Try if CheckBypass is 0, which is impossible unless the booted image sets it to 0 before failing. The system is therefore not resilient against runtime errors like failure to mount the rootfs, unless the kernel image sets CheckBypass to 0 before failing. This is not yet implemented in OpenWrt. Setting Image1Stable to 1 prevents the bootloader from updating Image1Try on every boot, saving unnecessary writes to the environment partition. Keeping an OpenWrt initramfs recovery as Image2 is recommended primarily to avoid unwanted OEM firmware boots on failure. Ref the warning above. It enables console-less recovery in case of some failures to boot from Image1. Signed-off-by: Bjørn Mork <bjorn@mork.no>
* uboot-mediaktek: add support for PSTORE and check it on bootDaniel Golle2021-05-085-15/+131
| | | | | | | | Add support for pstore/ramoops now that DRAM content is preserved over reboot on MT7622. On each boot, check pstore and boot to recovery image in case there are records stored in it. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* arm-trusted-firmware-mediatek: update to git HEADDaniel Golle2021-05-081-3/+3
| | | | | | | Most notably this enabled use of pstore/ramoops on MT7622 as DRAM content is now preserved over reboot. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uqmi: fix network registration loopThomas Richard2021-05-082-10/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With some debug in qmi.sh using following patch, some errors are visible in the registration step @@ -29,6 +29,7 @@ proto_qmi_init_config() { } proto_qmi_setup() { + set -x local interface="$1" local dataformat connstat plmn_mode mcc mnc local device apn auth username password pincode delay modes pdptype @@ -224,6 +225,8 @@ proto_qmi_setup() { fi done + registration=$(uqmi -s -d "$device" --get-serving-system) + [ -n "$modes" ] && uqmi -s -d "$device" --set-network-modes "$modes" > /dev/null 2>&1 echo "Starting network $interface" During the boot of the system, modem could not start automatically its network registration. netifd: wan (9235): + echo 'Waiting for network registration' netifd: wan (9235): Waiting for network registration netifd: wan (9235): + local 'registration_timeout=0' netifd: wan (9235): + uqmi -s -d /dev/cdc-wdm1 --get-serving-system netifd: wan (9235): + grep '"searching"' netifd: wan (9235): + uqmi -s -d /dev/cdc-wdm1 --get-serving-system netifd: wan (9235): + registration='{"registration":"not_registered","plmn_mcc":208,"plmn_mnc":20,"plmn_description":"","roaming":true}' netifd: wan (9235): + '[' -n ] netifd: wan (9235): + echo 'Starting network wan' As the while loop checks only "searching" pattern, uqmi.sh script quits searching loop and continues whereas the modem is not registered Other issue, after X seconds modem stops searching. netifd: wan (9213): + uqmi -s -d /dev/cdc-wdm0 --get-serving-system netifd: wan (9213): + grep '"searching"' netifd: wan (9213): + '[' -e /dev/cdc-wdm0 ] netifd: wan (9213): + '[' 3 -lt 0 -o 0 '=' 0 ] netifd: wan (9213): + let registration_timeout++ netifd: wan (9213): + sleep 1 netifd: wan (9213): + uqmi -s -d /dev/cdc-wdm0 --get-serving-system netifd: wan (9213): + grep '"searching"' netifd: wan (9213): + uqmi -s -d /dev/cdc-wdm0 --get-serving-system netifd: wan (9213): + registration='{"registration":"not_registered"}' netifd: wan (9213): + '[' -n ] netifd: wan (9213): + echo 'Starting network wan' netifd: wan (9213): Starting network wan If registration_timeout is not expired, registration can be restarted Signed-off-by: Thomas Richard <thomas.richard@kontron.com> Tested-by: Florian Eckert <fe@dev.tdt.de>
* uboot-envtools: change size for unifi-6-lrDaniel Golle2021-05-071-1/+1
| | | | | | | The previous commit increased the U-Boot environment size of the UniFi 6 LR to 0x4000. Also change it uboot-envtools accordingly. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uboot-mediatek: unifi-6-lr: fix erase of production paritionDaniel Golle2021-05-072-13/+15
| | | | | | | | | | | mtd erase needs to be aligned with erase blocks. Use padded image size for erasing the production volume. As the environment grew above the current size of 0x1000 bytes by introducing the new padding function, increase the env size to 0x4000. While at it, clean up reset button function to work to more reliable on that board. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2021-05-051-3/+3
| | | | | | 021ece8 procd: Use /dev/console for serial console if exists Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: upgrade: take down loop and LVM before upgradeDaniel Golle2021-05-051-0/+10
| | | | | | | | | | | | | | Users of devices with large block storage may choose to have an LVM partition on the same device which is used for booting OpenWrt. The presents a problem during sysupgrade as the root device is then still busy and changing partitions will not work as desired, leading to data corruption in case the newly flashed image is larger than the currently installed one. Having loop devices setup causes similar havoc. Make sure all volume groups are offline and all loop devices have been released before sysupgrade. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* dnsmasq: Update to version 2.85Alan Swanson2021-05-054-92/+6
| | | | | | | | | | | | | | | | | | | | | Fixes issue with merged DNS requests in 2.83/2.84 not being retried on the firsts failed request causing lookup failures. Also fixes the following security problem in dnsmasq: * CVE-2021-3448: If specifiying the source address or interface to be used when contacting upstream name servers such as: server=8.8.8.8@1.2.3.4, server=8.8.8.8@1.2.3.4#66 and server=8.8.8.8@eth0 then all would use the same socket bound to the explicitly configured port. Now only server=8.8.8.8@1.2.3.4#66 will use the explicitly configured port and the others random source ports. Remove upstreamed patches and update remaining patch. Signed-off-by: Alan Swanson <reiver@improbability.net> [refreshed old runtime support patch] Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* ltq-dsl-base: Make package nonshared to fix image builderHauke Mehrtens2021-05-041-0/+2
| | | | | | | | | | This package depends on the lantiq target and is only build for that target. A normal package would be build by the SDK builder probably under a different target and then this package will not be selected. Mark it as nonshared to build it when the lantiq target gets build. Fixes: FS#3773, FS#3774 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: Update to version 5.10.34-1Hauke Mehrtens2021-05-0421-188/+48
| | | | | | The removed patches were applied upstream and are not needed anymore. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* busybox: backport fix for CVE-2021-28831Hauke Mehrtens2021-05-022-1/+53
| | | | | | | | | This backports a fix for the low priority CVE-2021-28831: decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iwinfo: update to latest Git HEADDavid Bauer2021-05-021-4/+4
| | | | | | c45f0b5 iwinfo: add 802.11ax HE rate information Signed-off-by: David Bauer <mail@david-bauer.net>
* uboot-mediatek: bpi-r64: add TFTP update options to eMMC bootmenuDaniel Golle2021-05-011-6/+14
| | | | | | | Just like on SPI-NAND, also allow updating the bootloader comfortably on eMMC installations. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: qlcnic: fix typo in module descriptionChukun Pan2021-05-011-1/+1
| | | | | Fixes: f88c64d28ccf ("kernel: netdev: add qlcnic") Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
* kernel: qlcnic: add dependency to kmod-hwmon-coreHauke Mehrtens2021-05-011-2/+4
| | | | | | | | | QLCNIC_HWMON was activated when hwmon was set, but the dependency was missing. This broke the build bot builds. Fix this by explicitly activating HWMON support and adding a dependency. Fixes: f88c64d28ccf ("kernel: netdev: add qlcnic") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211/rtl: backport a rtl8192cu AP mode fixRui Salvaterra2021-05-011-0/+118
| | | | | | | | | Running USB devices in AP mode is never a good idea. That said, fix the TIM issue in rtl8192cu [1], allowing these devices to "work" in AP mode. [1] https://patchwork.kernel.org/project/linux-wireless/patch/20210419065956.6085-1-pkshih@realtek.com/ Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* kernel: netdev: add qlcnicVieno Hakkerinen2021-05-011-0/+17
| | | | | | Add driver for QLogic QLE8240 and QLE8242 Converged Ethernet devices. Signed-off-by: Vieno Hakkerinen <vieno@hakkerinen.eu>
* kernel: add kmod-ipvlan supportChen Minqiang2021-04-301-0/+16
| | | | | | | | | | | | This kmod is similar to macvlan with the difference being that the endpoints have the same mac address. It is useful on cloud where only one mac address allowed on port, where macvlan not works but ipvlan would. One use case is where multiple IPs and gateways assign on one net port Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
* uboot-envtools: add support for Buffalo WZR-HP-G300NHMauri Sandberg2021-04-301-0/+4
| | | | | | This adds an entries for wzr-hp-g300nh-rb and wzr-hp-g300nh-s. Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
* ipq40xx: add support for MikroTik SXTsq 5 acRoger Pueyo Centelles2021-04-292-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit adds support for the MikroTik SXTsq 5 ac (RBSXTsqG-5acD), an outdoor 802.11ac wireless CPE with one 10/100/1000 Mbps Ethernet port. Specifications: - SoC: Qualcomm Atheros IPQ4018 - RAM: 256 MB - Storage: 16 MB NOR - Wireless: IPQ4018 (SoC) 802.11a/n/ac 2x2:2, 16 dBi antennae - Ethernet: IPQ4018 (SoC) 1x 10/100/1000 port, 10-28 Vdc PoE in - 1x Ethernet LED (green) - 7x user-controllable LEDs · 1x power (blue) · 1x user (green) · 5x rssi (green) Note: Serial UART is probably available on the board, but it has not been tested. Flashing: Boot via TFTP the initramfs image. Then, upload a sysupgrade image via SSH and flash it normally. More info at the "Common procedures for MikroTik products" page https://openwrt.org/toh/mikrotik/common. Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
* uboot-mediatek: unifi6lr: mtd erase before write to flashChen Minqiang2021-04-281-2/+2
| | | | | | | | Erase firmware ereas before writing to recovery or production partition when updating them via the bootloader menu. Signed-off-by: Chen Minqiang <ptpt52@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* arm-trusted-firmware-mediatek: fix boot hang on unifi-6-lrDaniel Golle2021-04-281-3/+3
| | | | | | | | | | | | The Ubiquiti Networks UniFi 6 LR access point comes with a total of 512 MB RAM provided by 2x 8-bit DDR3 SDRAM. This combination lead to problems with the DDR calibration on boot resulting in occasional hang on boot. Use updated calibration binary provided by MediaTek to make boot on that device more reliable. The binary has also been tested on the BananaPi BPi-R64 board and that also works just fine with the new binary. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mac80211: minstrel_ht: fix issue in calculating success probabilityFelix Fietkau2021-04-281-0/+21
| | | | | | | Missing braces in a macro were leading to badly working rates sometimes getting a success probabilty of 1.0 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iwinfo: update to latest Git HEADDavid Bauer2021-04-281-4/+4
| | | | | | | | 50b64a6 iwinfo: add basic IEEE 802.11ax support 70d2136 iwinfo: nl80211: perform split wiphy dump cd23727 iwinfo: cli: fix hwmode formatting Signed-off-by: David Bauer <mail@david-bauer.net>
* dnsmasq: add ignore hosts dir to dnsmasq init scriptJoão Henriques2021-04-241-1/+6
| | | | | | | | When running multiple instances of dnsmasq, for example one being for the lan and another for a guest network, it might not be desirable to have the same dns names configured in both networks Signed-off-by: João Henriques <joaoh88@gmail.com>
* nat46: update to git HEADHans Dedecker2021-04-241-3/+3
| | | | | | | | | 9df230a Zero checksum handling (#25) 7688102 skip generating a UDP4 csum if the UDP6 csum is 0 and zero_csum_pass is set 4a9e4b1 zero csum: avoid calling the checksum adjustment function if udp csum is zero 2de14c5 add a module argument to skip checksum adjust for UDP if checksum is zero Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* bpftools: update to v5.11.16, simplify makeTony Ambardar2021-04-242-16/+7
| | | | | | | | | | | | | | | | Update to the latest stable upstream version. Drop unneeded make variables to remove redundant assignments seen during invocation of package Makefile. Also remove the following patch now included upstream: * 200-fix-install-param-order-on-macos.patch Compile and run-tested on malta/mips32be, using bpftool directly and also libbpf (linked with tc) to inspect and load simple eBPF programs. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* bpftools: fix feature override for masking clangTony Ambardar2021-04-241-1/+1
| | | | | | | | | Rename feature variable clang-bpf-global-var following upstream changes. This restores the HAVE_CLANG feature override and should avoid rare build errors where a recent host clang and BTF-enabled host kernel are present. Fixes: 23be333401f0 ("bpftools: update to 5.10.10") Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* iproute2: avoid unneeded compiles to speed buildingTony Ambardar2021-04-224-3/+31
| | | | | | | | | | | | | | | | | | | | | | | Skip building Makefile targets that aren't packaged: tipc, dcb, ifstat, rtacct, lnstat, and man. Also, only compile targets needed for the current build variant i.e. don't compile 'tc' when building an 'ip' variant and vice versa. These changes reduce typical build times by over 30%: $ make package/iproute2/clean && time make -j8 package/iproute2/compile (old) ... real 2m24.985s user 3m12.537s sys 0m26.677s (new) ... real 1m36.945s user 2m8.734s sys 0m20.046s Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* uboot-rockchip: update to v2021.04David Bauer2021-04-205-671/+31
| | | | | | | | | Update the uboot-rockchip to the latest upstream release. Remove upstreamed patches. Tested-on: FriendlyElec NanoPi R2S Signed-off-by: David Bauer <mail@david-bauer.net>
* kernel: select kmod-backlight as dependency for kmod-drmDavid Bauer2021-04-181-1/+1
| | | | | | | | | | | | | Select kmod-backlight as dependency for kmod-drm in case kmod-backlight is compiled. This fixes kernel 5.10 build issues on x86-geode with all kmods enabled: Package kmod-drm is missing dependencies for the following libraries: backlight.ko Signed-off-by: David Bauer <mail@david-bauer.net>
* kernel: netdev: make kmod-of-mdio conflict with x86David Bauer2021-04-181-1/+1
| | | | | | | | CONFIG_MDIO_OF depends on CONFIG_OF which is not enabled for x86. Fixes builds of x86 with Kernel 5.10 due to unresolved dependencies. Signed-off-by: David Bauer <mail@david-bauer.net>
* uboot-envtools: mvebu: add Buffalo LS421DEDaniel González Cabanelas2021-04-171-0/+3
| | | | | | | | The Buffalo Linkstation LS421DE NAS lacks an uboot env config file. Create it via scripts. Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
* kernel/modules: move act_gact into kmod-sched-coreDENG Qingfang2021-04-171-2/+2
| | | | | | | As the name suggests, act_gact has the generic actions such as dropping and accepting packets, so move it into kmod-sched-core. Signed-off-by: DENG Qingfang <dqfext@gmail.com>
* linux-firmware: ath10k: add support for Qualcomm Atheros QCA9377Josef Schlehofer2021-04-171-0/+17
| | | | | | | | | Add firmware and board file for Qualcomm Atheros QCA9377 802.11ac Wireless Network Adapter (rev 31) recognized as [168c:0042]. This card supports standard 1x1 802.11ac Wave2, BT5, and MU-MIMO. Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* ltq-vdsl-app: extent dsl metrics with state_num and power_state_numFlorian Eckert2021-04-171-14/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the old ubus dsl API, the numbers for the individual line_states and power_states were also returned. These were not ported to the new DSL C-API. This commit adds the missing information. For this the internal values are mapped to numbers. * additional JSON output for state_num: "state_num": <map_state_number> Since not all values are meaningful only the following values are implemented, this can be extended if the future. * LSTATE_MAP_NOT_INITIALIZED * LSTATE_MAP_EXCEPTION * LSTATE_MAP_IDLE * LSTATE_MAP_SILENT * LSTATE_MAP_HANDSHAKE * LSTATE_MAP_FULL_INIT * LSTATE_MAP_SHOWTIME_NO_SYNC * LSTATE_MAP_SHOWTIME_TC_SYNC * LSTATE_MAP_RESYNC * additinal JSON output for power_level: "power_state_num": <map_power_satte_number>, Since there are not so many here, all are mapped. * PSTATE_MAP_NA, * PSTATE_MAP_L0, * PSTATE_MAP_L1, * PSTATE_MAP_L2, * PSTATE_MAP_L3, Signed-off-by: Florian Eckert <fe@dev.tdt.de> v6: Add state LSTATE_MAP_NOT_INITILIZED at the beginning of the list Start the list LSTATE_MAP with -1 Reviewed-by: Andre Heider <a.heider@gmail.com>
* odhcp6c: read user scripts from directoryLeon M. George2021-04-172-2/+6
| | | | | | | | | | | | | | Placeholder DHCP user scripts were added recently. These files make package-based installations of such scripts more difficult. Pull user callbacks from directories instead to allow packages and users to install co-existing scripts more easily. References: b4f3d93b5 odhcp6c: add a odhcp6c.user placeholder script Signed-off-by: Leon M. George <leon@georgemail.eu> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]