Gluon v2020.2.x uses fastd v19, so we keep that in a separate patch. The
fastd memory leak fix from v18 is not removed in this patch anymore, as
the fix is needed for v19 as well.
The v20 and v21 patches are squashed into one, as they aren't backports
anymore after the rebase onto current openwrt-19.07.
a2673dc53 fastd: fix buffer leak when receiving invalid packets
51bf00834 logrotate: update to version 3.17.0
8715cef64 logrotate: update to 3.16.0
acb77d5be python3: Update to 3.7.9, refresh/remove backported patches
4af889f20 travelmate: bugfix single radio mode
cb3bab180 netdata: update to version 1.26.0
70bb0b4c8 bind: update to version 9.16.7
d05698fae freeradius3: move "release_" from PKG_VERSION
93360e625 freeradius3: add meta-package for default modules
2f7338b62 python-urllib3: update to version 1.25.10 (security fix)
50a67ed74 nextdns: Update to version 1.8.6
b48575ef4 chrony: update to 3.5.1
35e6986a0 nextdns: mark /etc/config/nextdns as configuration file
418e3b294 simple-adblock: config update file fix
9ac587ca8 libuv: update to 1.40.0
613d21085 nano: update to 5.3
992746571 btrfs-progs: update to version 5.7
cedba1ca2 btrfs-progs: update to version 5.6
25b2751f8 python-pytz: update to 2019.03
f3b424139 adblock: refresh blocklist sources
ec628b10d syslog-ng: bump version in config file
d0a74afad syslog-ng: tweak shell code of network_localhost little bit
f705a5a93 python-sentry-sdk: Update to version 0.12.3
2976a5a0e haproxy: Update HAProxy to v2.0.18
eec7bd646 tor: update to version 0.4.4.5
91af4cf72 mariadb: Update to the latest version from 10.2 branch
9461ae47a Werkzeug: Update to version 0.16.0
f9d9ae8c8 Flask: update to version 1.1.2
4a833e3a8 Flask: Update to version 1.1.1
a4534f160 gstreamer1: enable build options necessary for most applications
8a71cdd6a python-ifaddr: update to version 0.1.7
05ea7dfc6 nextdns: Update to version 1.8.5
9069ad925 ipmitool: fix CVE-2020-5208
826fc8921 nextdns: Update to version 1.8.4
ac7f78285 openconnect: updated to 8.10 to address CVE-2020-12823
3f0e26637 python-zeroconf: update to version 0.28.0
fe7ceaa65 python-zeroconf: update to version 0.24.4
49459505e mwan3: fix typo in mwan3_set_sticky_iptables
cae961784 ocserv: include ocserv-worker
2af61c9a4 vpnbypass: README update, code cleanup
b00feac4b ocserv: updated to 1.1.1
c614914da miniupnpd: add miniupnpd ipv6_disable option, #11971 close
70e57317b simple-adblock: add config auto-update feature
94866d76a collectd: update to 5.12.0
b60fa2de9 collectd: update PKG_RELEASE
aeefbbe34 collectd: remove quotation on interval this is an number
b0ad32a3e collectd: move include line
fbe7abcd5 collectd: update PKG_RELEASE
f53b79ced collectd: fix ubi data source type
67a403bfe collectd: add ubi uci and plugin info
37335cf65 collectd: enable ubi plugin
Some newer MT7628 based routers (notably the TP-Link Archer C50 v4) are
shipped with a chip-id of 0x7600 in the on-flash EEPROM. Add this as a
possible valid ID.
This fixes unstable WiFi on some units of the TP-Link Archer C50 v4.
Implement a configurable MLD Querier wake-up calls "feature" which
works around a widely spread Android bug in connection with IGMP/MLD
snooping.
Currently there are mobile devices (e.g. Android) which are not able
to receive and respond to MLD Queries reliably because the Wifi driver
filters a lot of ICMPv6 when the device is asleep - including
MLD. This in turn breaks IPv6 communication when MLD Snooping is
enabled. However there is one ICMPv6 type which is allowed to pass and
which can be used to wake up the mobile device: ICMPv6 Echo Requests.
If this bridge is the selected MLD Querier then setting
"multicast_wakeupcall" to a number n greater than 0 will send n
ICMPv6 Echo Requests to each host behind this port to wake
them up with each MLD Query. Upon receiving a matching ICMPv6 Echo
Reply an MLD Query with a unicast ethernet destination will be sent
to the specific host(s).
Link: https://issuetracker.google.com/issues/149630944
Link: https://github.com/freifunk-gluon/gluon/issues/1832
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
This backports two fixes related to operation on DFS-required
channels.
When a DFS-required channel was selected as the regular
(non-outdoor-mode) 5 GHz channel, hostapd would switch to a non-DFS
channel as OpenWrt did not pass a chanlist of allowed ACS channels.
When hostapd is given a single channel for the chanlist or there's no
available channel left (all allowed channels are in the no-occupancy
period), hostapd prints "no DFS channels left, waiting for NOP to
finish" to the syslog but never stopped transmitting on this channel,
still sending out beacon frames and allowing client data transfer.
When the GTK is offloaded, MT7610 won't transmit any multicast frames.
This is most likely due to a bug in the offloading datapath. MT7612 is
not affected.
Disable GTK offloading for now. It can be re-enabled once the bug in the
offloading path is fixed.
Signed-off-by: David Bauer <mail@david-bauer.net>
This gives us WPA3 support out of the box without having to manually disable
hardware crypto. The driver will fall back to software crypto if the connection
requires management frame protection.
THis allows us to use WPA3 features (Private-WiFi SAE & OWE) on
ramips-mt7620.
d9244a1b5b generic: ar8216: fix unknown packet flooding for ar8229/ar8236
429e4490c4 libpcap: fix library packaging issues
e678cb1595 kernel: bump 4.14 to 4.14.179
8fa4ed9ef7 fstools: update to the latest version
5c6dfb5bc0 fstools: update to the latest version
607809dcdc mac80211: Update to version 4.19.120
96d280cc37 scripts/download: add sources CDN as first mirror
55ccb04046 upgs: Remove extra _DEFAULT_SOURCE definition
ee480c50c1 dante: Fix compile with glibc
5f0e25d966 perf: build with NO_LIBCAP=1
005adba939 mac80211: ath10k: increase rx buffer size to 2048
0974d59b5f kernel: backport fix for non-regular inodes on f2fs
f40947a8c0 ath79: indicate boot/failsafe/upgrade for NanoBeam/Nanostation AC
65cf72d5d2 ath79: add SUPPORTED_DEVICES based on ar71xx for some devices
f9ef0c5705 kernel: bump 4.14 to 4.14.178
2df0ea042d wpad-wolfssl: fix crypto_bignum_sub()
ec6cb33452 mac80211: backport fix for an no-ack tx status issue
f141cdd200 hostapd: unconditionally enable ap/mesh for wpa-cli
54b6683390 wireless-regdb: backport three upstream fixes
55591e63bc curl: backport fix for CVE-2019-15601
35ea808b97 uboot-kirkwood: fix ethernet and usb
Compile-tested: all targets
This patch fixes a regression introduced in kernel v4.14. While the
commit message only mentions a performance penalty, the issue is
suspected to be the cause of spurious data bus errors on MIPS CPUs
(ar71xx target).
Fixes: #1982
Before, only frames with a maximum size of 1528 bytes could be
transmitted between two 802.11s nodes.
For batman-adv for instance, which adds its own header to each frame,
we typically need an MTU of at least 1532 bytes to be able to transmit
without fragmentation.
This patch now increases the maxmimum frame size from 1528 to 1656
bytes.
Tested with two ath10k devices in 802.11s mode, as well as with
batman-adv on top of 802.11s with forwarding disabled.
Fix originally found and developed by Ben Greear.
6160f773fef2 ipq40xx: add support for AVM FRITZ!Repeater 1200
63b1e8f8d226 ipq-wifi: add AVM FRITZ!Repeater 1200 bdf
496489ea95af uboot-fritz4040: update to latest HEAD
e30ca0d90a98 mac80211: update to version 4.19.85
b1ef0e443720 layerscape: Fix kernel patch
ad0463c2e875 kernel: Add missing configuration option
b0adf79c9e7c firewall: update to latest Git HEAD
b41619592792 firewall: update to latest git HEAD
3685f86cefac cns3xxx: use proper macros for defining partition regions
db345220b485 kernel: bump 4.14 to 4.14.155
538ca42ddad8 wireless-regdb: fix build when python2 from package feeds exists
2751c5c75219 wireless-regdb: fix patch fuzz
d6ecadb05c2b wireless-regdb: fix Makefile indentation
0a4071b550eb wireless-regdb: set PKGARCH:=all
e8d528af7e91 wireless-regdb: prefer python provided by make variable
53d8de0207e8 wireless-regdb: Make it build with python2
f2ef9b4feafe wireless-regdb: update to 2019.06.03
8fac0b398c34 ar71xx: fix buttons for TP-Link TL-WDR4900 v2
3c65c47ce6fd ar71xx: fix LED setup for TL-WDR4900 v2
b6c80f85cb7b ramips: set uImage name of WeVO 11AC NAS and W2914NS v2
e945c43142ab ar71xx: fix MAC address setup for TL-WDR4900 v2
8a21bc36229d ar71xx: fix MAC addresses for Archer C5 v1, C7 v1/v2, WDR4900 v2
As of OpenWrt commit b3d8b3ab8e6f ("mac80211: set noscan=1 if sta/adhoc/
mesh interfaces are present"), the issue workarounded by this patch cannot
occur anymore.
Instead of unconditionally loading this module on boot the gluon_bat0
netifd protocol script will later take care of loading either the
batman-adv or batman-adv-legacy module, depending on the configured routing
algorithm in UCI.
This updates the batman-adv OpenWrt package to the current version
provided in the master branch of the openwrt-routing packages
repository:
* e26096a batman-adv: Fix duplicated OGMs on NETDEV_UP
* 1ff00ee batman-adv: upgrade package to latest release 2019.2
Small difference to the original:
* Compat code for batadv_genl_dump_check_consistent()
* Compat code for cfg80211_sinfo_release_content()
* 0001-batman-adv-add-compat-hacks.patch kept
* batctl dependency kept removed
* config related files unchanged
The new config format was not backported yet to keep this patch small
and less invasive.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
The factory firmware omits the JFFS2 end-marker while flashing via
web-interface. Add a 64k padding after the marker fixes this problem.
When the end-marker is not present, OpenWRT won't save the overlayfs
after initial flash.
This always pulls in the batman-adv compat 15 kernel module. However,
batctl works just as well with batman-adv-legacy (compat 14).
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
If no mcast_rate is set for the wifi-iface then there is no rate_idx (0)
set for the bss. This breaks for example 5GHz meshpoint interfaces because
0 maps to a CCK rate (11Mbit/s).
It must also be avoided that the ath10k-ct internal state for the rates is
not synced with the mac80211 rates state. Otherwise, the user specified
rate (e.g. a wifi-iface mcast_rate for a meshpoint interface) will only be
set on startup. And a short while after that, ath10k-ct specific code in
ath10k_check_apply_special_rates is missing a valid rate in its own
structures and is then recalculating a new default rate. This default rate
is in most situations not the requested rate.
Fixes: a399b60735 ("ath10k/ath10k-ct: support multicast and management rate control")
Drivers with software rate control can directly use the selected multicast
rate for multicast/broadcast frames and the minimal basic rate for
management frames. But drivers with offloaded rate control algorithms must
be informed about such upper layer decisions to configure the
hardware/firmware.
A new BSS_CHANGED_MCAST_RATE is introduced in mac80211 to automatically
inform all drivers. ath10k can detect this event and forward it via WMI to
the driver. The already existing BSS_CHANGED_BASIC_RATES can be used to
select the management rate.
Without the WMI commands, a low rate (not necessarily one from the basic
rates) is used for bcast/mcast/management frames. This means that the
/etc/config/wireless settings basic_rate and mcast_rate would have no
effect on the rates selected by this driver for the mentioned frames.
This backports the TP-Link Archer C50 v4.
We are dropping the following upstream commits. They add support for the
TP-Link recovery-flag which enabled the web-recovery. As they are not
needed for the router to work, we drop them for now.
28cd2ca base-files: sysupgrade: support additional mtd options
1e06482 mtd: add logic for TP-Link ramips recovery magic
6e16dd1234 mt76: update to the latest version
76037756d0 kernel: bump 4.14 to 4.14.94
455bfd1065 kernel: bump 4.9 to 4.9.151
fafd7691e6 opkg: update to latest Git head
e789bd2243 opkg: drop argument from check_signature in opkg.conf
3603c2321d ramips: mt7621: fix 5GHz WiFi LED on ZBT WG3526
7f98cd8d50 odhcpd: fix onlink IA check (FS#2060)
abd0f7995e kmod-sched-cake: bump to latest cake
Compile-tested: ar71xx-{tiny,generic}, ramips-mt7621, x86-64
6f74e269c8 kernel: bump 4.14 to 4.14.87
b2f243394e kernel: bump 4.9 to 4.9.144
2213b20aee kernel: bump 4.14 to 4.14.86
bcd7644007 kernel: bump 4.9 to 4.9.143
d5afaa4114 openvpn: re-add option comp_lzo
629073e86d rpcd: update to latest Git head
1cd945ea22 ramips: fix leds on GL.iNet GL-MT300N-V2
fbadfecbb5 ipq40xx: fix openmesh sysupgrade with tar content out of order
06a20afb34 rules.mk: fix syntax error
d40e90986c rules.mk: add INSTALL_SUID macro
d40de11d1b base-files: fix prerm return value, align with postinst code
cc8e875039 sdk: find kernel modules when KDIR is a symlink
a8b292afe6 uhttpd: update to latest Git head
7a8b75375c uhttpd: support multiple Lua prefixes
fede6df09e uhttpd: update to latest Git head
9671a2d2c8 apm821xx: MBL: load kernel/dtb from SATA 0:1 first
26ebcc88e3 apm821xx: wndr4700: restore sd-card media detection
5337319bdf uclient: update to latest Git head
Compile-tested: ar71xx, ipq40xx, x86-64
Runtime-tested: ar71xx
ath10k-ct uses a rather high number of buffers to communicate with the
QCA/Candelatech firmware. Especially the HTC (host-target-communication)
and HTT (host-target-transport) can take up a lot of memory when data is
transferred over a ath10k wifi link.
Even a 256MB device with three radios can go OOM (while sending to three
devices using UDP unicast/multicast packets) with the default buffer
limits. Unfortunately, this also reduced the maximum 5GHz throughput on an
IPQ40xx device from 494/432 Mbit/s for TCP transfers (download/upload) to
438/343 Mbit/s. These throughput values should still be good enough for a
Freifunk installation. And these changes are already used by ath10k in
OpenWrt 18.06.
bc7abe8729f3 include/kernel-build.mk: fix kernel rebuild on backport patch changes
c99c70e05303 kernel: backport page fragment API changes from 4.10+ to 4.9
This commit makes use of the Power-LED as Diag-LED, allowing the LED to
work as a status indicator for config-mode.
Signed-off-by: David Bauer <mail@david-bauer.net>
b6a1f43075f9 base-files: fix UCI config parsing and callback handling
6734f32d91cd mtd: add build hack to reintroduce shared mtd for older releases
aaac9e82aa60 mtd: mark as nonshared to fix FS#484
0fee4906d5c0 ustream-ssl: update to latest git HEAD
f34a0756fd94 ustream-ssl: update to latest git HEAD
98b9d8a3d3fd mbedtls: Activate the session cache
88ba88e5adc4 mbedtls: update mbedtls to version 2.7.3
Most of the implementations behind cfg80211_get_station will not initialize
sinfo to zero before manipulating it. For example, the member "filled",
which indicates the filled in parts of this struct, is often only modified
by enabling certain bits in the bitfield while keeping the remaining bits
in their original state. A caller without a preinitialized sinfo.filled can
then no longer decide which parts of sinfo were filled in by
cfg80211_get_station (or actually the underlying implementations).
cfg80211_get_station must therefore take care that sinfo is initialized to
zero. Otherwise, the caller may tries to read information which was not
filled in and which must therefore also be considered uninitialized. In
batadv_v_elp_get_throughput's case, an invalid "random" expected throughput
may be stored for this neighbor and thus the B.A.T.M.A.N V algorithm may
switch to non-optimal neighbors for certain destinations.
A reference to the best gateway is taken when the list of gateways in the
mesh is sent via netlink. This is necessary to check whether the currently
dumped entry is the currently selected gateway or not. This information is
then transferred as flag BATADV_ATTR_FLAG_BEST.
After the comparison of the current entry is done,
batadv_*_gw_dump_entry() has to decrease the reference counter again.
Otherwise the reference will be held and thus prevents a proper shutdown of
the batman-adv interfaces (and some of the interfaces enslaved in it).
Fixes: 899235a4a637 ("Merge pull request #241 from ecsv/batman-adv-2016.4-maint-2016-10-29")
Reported-by: Andreas Ziegler <dev@andreas-ziegler.de>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
This commit adds support for the AVM Fritz!Box 4020 WiFi-router.
SoC: Qualcomm Atheros QCA9561 (Dragonfly) 750MHz
RAM: Winbond W971GG6KB-25
FLASH: Macronix MX25L12835F
WiFi: QCA9561 b/g/n 3x3 450Mbit/s
USB: 1x USB 2.0
IN: WPS button, WiFi button
OUT: Power LED green, Internet LED green, WLAN LED green,
LAN LED green, INFO LED green, INFO LED red
UART: Header Next to Black metal shield
Pinout is 3.3V - RX - TX - GND (Square Pad is 3.3V)
The Serial setting is 115200-8-N-1.
Tested and working:
- Ethernet (LAN + WAN)
- WiFi (correct MAC)
- Installation via EVA bootloader
- OpenWRT sysupgrade
- Buttons
- LEDs
Not working:
- USB port
Installation via EVA:
In the first seconds after Power is connected, the bootloader will
listen for FTP connections on 169.254.157.1 (Might also be 192.168.178.1). Firmware can be uploaded
like following:
ftp> quote USER adam2
ftp> quote PASS adam2
ftp> binary
ftp> debug
ftp> passive
ftp> quote MEDIA FLSH
ftp> put openwrt-sysupgrade.bin mtd1
Note that this procedure might take up to two minutes. After transfer is
complete you need to powercycle the device to boot OpenWRT.
Signed-off-by: David Bauer <mail@david-bauer.net>
999bb66b20b0 kernel: add missing in6_dev_put_clear call to an ipv6 network patch
81573ea25924 kernel: bump kernel 4.4 to 4.4.129 for 17.01
afa887388766 gcc: gcc 6.3.0 fix comparison between pointer and integer
efb6ca189641 base-files: /lib/functions.sh: ignore errors in insert_modules
b5ba01a0d3f6 fstools: update to latest lede-17.01 branch
a9b607740273 kernel: bump kernel 4.4 to 4.4.126 for 17.01
09d95e44fc3d mbedtls: change libmbedcrypto.so soversion back to 0
4673a0bffc89 kernel: mtd: bcm47xxpart: improve handling TRX partition size
Also switch to the upstreamed version of "kernel: disable accept_ra by
default".
9b0a4bafbce7 base-files: tune fragment queue thresholds for available system memory
b47094ce96ff include/package-defaults.mk: fix default Build/Prepare with empty ./src
75be005e8bdc include/rootfs.mk: retain list of conffiles with CONFIG_CLEAN_IPKG
696c6325a3a7 include/rootfs.mk: do not remove opkg prerm scripts during rootfs preparation
17c0362178ca base-files: sysupgrade: do not rely on opkg to list changed conffiles
2ae9ebf37402 kernel: bump 4.4 to 4.4.120 for 17.01
571d3def6baf x86: add preinit hook to reload microcode
681aaaf719ec firmware: add microcode package for Intel
c6314ee06f94 firmware: add microcode package for AMD
222521d5937a tools: add iucode-tool
f7a6b6724a63 x86: enable microcode loading for Intel and AMD
dfe620cb93c0 odhcpd: fix interop with wide DHCPv6 client (FS#1377)
18c999a6ff33 base-files: fix off-by-one in counting seconds for factory reset
92ea65b36aa7 sunxi: disable LPAE to allow kernel to run on A13
7dcbe0e22dbb bcm53xx: fix fallback code for picking status LED
4db583b9c2ab mountd: update to the latest version from 2018-02-26
The first one adds a fix that might potentially result in multicast packet
loss once we would enable multicast_mode again.
The second one avoids some small but unnecessary overhead. More
importantly though, it is supposed to ease further multicast improvements
later (e.g. no need for a multicast sending node to determine overlap
between WANT_ALL_IPV4/6 flags and TT entries while on fast-path).
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
788312ca59c5 uqmi: ensure CID is a numeric value before proceeding
b934aa2f2144 kernel: update 17.01 kernel to 4.4.116
b3b16c8ce5c6 uqmi: use built-in command for data-link verification
e9eb219e5a07 uqmi: use correct value for connection checking
5661ac1de4d8 uqmi: use general method for state cleaning
7c259fb98018 uqmi: silence error on pin verification
046222dfaf12 uqmi: fix raw-ip mode for newer lte modems
0393009ec84e net: uqmi: fix blocking in endless loops when unplugging device
31ae7381b8db kernel: refresh patches
3b227103e6a3 kernel: backport raw-ip mode for newer QMI LTE modems
f60be720772c base-files: don't evaluate block-device uevent
623cdc4ffeef ramips: backport mt7530/762x switch fixes
b15d54e659b4 perf: use libunwind
566ff9e6ee69 libunwind: enable build for arm
This is needed for the Gluon ARP limiter to work without hiccups in
traffic.
Link: https://patchwork.ozlabs.org/patch/841210/
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>