Commit Graph

4568 Commits

Author SHA1 Message Date
David Bauer
7a80663f18 modules: update openwrt
34b6abf5a8 ath79: add support for MikroTik hAP (RB951Ui-2nD)
03cfdf72e2 ath79: add support for MikroTik RouterBOARD hAP ac lite
80baa60259 firewall4: update to latest Git HEAD
4575498276 ucode: update to latest Git HEAD
e90f74feb6 kernel: bump 5.10 to 5.10.116
95c315f200 ath79: fix ar934x spi driver delays
97a2012ecc openssl: bump to 1.1.1o
6f8db8fee3 wolfssl: bump to v5.3.0-stable
3aeb6e975f ipq806x: add support for Arris TR4400 v2 / RAC2V1A
a11c3cde27 realtek: add support for ZyXEL GS1900-16
9b20e2a699 ath79: add Netgear WNDAP360
6729fa2dd2 ath79: add support for TP-Link Deco M4R v1 and v2
3c57430d1c ramips: add led_source for Asus RT-AC1200 devices
e431195abf ramips: add support for Cudy X6
5439efe37d ramips: Add support for SERCOMM NA502S
fe5943a7bd ramips: add support for Wavlink WL-WN533A8
5454735574 ramips: create shared DTSI for Wavlink WN53XAX devices
7152bc84f4 ramips: add support for TP-Link RE650 v2
d627ea510c ramips: add support for YunCore AX820/HWAP-AX820
9c2ed54aa2 firmware-utils: bump to git HEAD
87f9dd665a firmware-utils: bump to git HEAD
3963a90df8 kernel: Add missing devm_regulator_get_exclusive()
7a0af40e37 kernel: bump 5.10 to 5.10.115
e0aaecdbb8 kernel: bump 5.10 to 5.10.114
416e8aefe1 IPQ4019: AVM FRITZ!Box 7530: Remove NAND ECC restrictions from DTS
ec45e1ff68 kernel: add support for Toshiba TC58NVG0S3HTA00 NAND flash
144d9c4a43 uboot-fritz4040: Add support for Toshiba NAND
9ef931f96b ath79: ZTE MF286[A,R]: add "Power button blocker" GPIO switch
54e759d05d ipq40xx: revert Cell-C RTL30VW to legacy caldata extraction
0f8eba4f95 ath79: fix I2C on GL-AR300M devices
308ce46076 ipq40xx: Lyra: update RGB LED-Controller node for 5.10+
19a8c723b6 lantiq: xway: disable unused switch drivers
a374a959b9 realtek: do not reset SerDes on link change
7b4702afef realtek: Trap all frames with switch as destination to CPU-port
1c6a179e1a ramips: fix booting on Samknows SK-WB8
6120a66e6a bcm27xx: include 'rtc' in target's 'FEATURES'
ae64d0624c kernel: fix corrupted padding on small packets with mt753x dsa
53fc6e9ede kernel: fix flow offload issues with pppoe
77e123340f mediatek: add patches for MT7622 WED (wireless ethernet dispatch)
2022-05-21 18:09:18 +02:00
Martin Weinelt
99bdce1072
ramips-mt7621: add TP-Link RE650v1 (#2527)
- [x] Must be flashable from vendor firmware
  - [x] Web interface
  - [ ] TFTP (untested, but possible according to OpenWrt wiki)
  - [ ] Other: <specify>
- [x] Must support upgrade mechanism
  - [x] Must have working sysupgrade
    - [x] Must keep/forget configuration (`sysupgrade [-n]`, `firstboot`)
  - [x] Gluon profile name matches autoupdater image name
        (`lua -e 'print(require("platform_info").get_image_name())'`)
- [x] Reset/WPS/... button must return device into config mode
- [x] Primary MAC address should match address on device label (or packaging)
      (https://gluon.readthedocs.io/en/latest/dev/hardware.html#notes)
  - When re-adding a device that was supported by an earlier version of Gluon, a
    factory reset must be performed before checking the primary MAC address, as
    the setting from the old version is not reset otherwise.
- Wired network
  - [x] should support all network ports on the device
  - [x] must have correct port assignment (WAN/LAN)
    - On devices supplied via PoE, there is usually no explicit WAN/LAN labeling on the hardware.
      The PoE input should be the WAN port in this case.
- Wireless network (if applicable)
  - [x] Association with AP must be possible on all radios
  - [x] Association with 802.11s mesh must work on all radios
  - [x] AP+mesh mode must work in parallel on all radios
- LED mapping
  - Power/system LED
    - [x] Lit while the device is on
    - [x] Should display config mode blink sequence
          (https://gluon.readthedocs.io/en/latest/features/configmode.html)
  - Radio LEDs
    - [x] Should map to their respective radio
    - [x] Should show activity
  - Switch port LEDs
    - [x] Should map to their respective port (or switch, if only one led present)
    - [x] Should show link state and activity
2022-05-21 14:17:29 +02:00
Maciej Krüger
57c0bdbf56
gluon-core: add post-setup.d .keep (#2525)
This folder is referenced in files/lib/netifd/proto/gluon_mesh.sh, but 
there's no .keep for it
2022-05-20 18:59:37 +02:00
Sebastian Schaper
3ee60c77ba ath79-generic: fix whitespace
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
2022-05-17 18:54:15 +02:00
J. Burfeind
02edf564bd
ath79-generic: (re)add CPE210v3 (#2506)
Gone due to
commit 45c84a117b ("ar71xx: drop target")
2022-05-13 23:36:34 +02:00
J. Burfeind
523dead05b
ath79-generic: (re)add support for wndr3700 (#2482)
Gone due to
commit 45c84a117b ("ar71xx: drop target")
2022-05-11 23:00:43 +02:00
David Bauer
6ccd7c587b
Merge pull request #2503 from freifunk-gluon/import-release-notes
Import v2021.1.2 release notes, README / copyright updates
2022-05-08 12:14:19 +02:00
Matthias Schiffer
b68f2484ff
treewide: remove leftover GLUON_SPECIALIZE_KERNEL dependencies (#2514)
This was removed in commit c23bc293ef ("treewide: remove
GLUON_SPECIALIZE_KERNEL").
2022-05-08 12:14:03 +02:00
naveen
341ed3b311 chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-05-08 01:00:16 +00:00
Matthias Schiffer
9d403c9849
docs: dev/hardware: update hardware support documentation (#2458)
Replace most of the page to account for the changes that have happened
in Gluon and OpenWrt in the last 4 years:

- Switch from Shell-based target definition language to Lua
- Removal of targets using legacy build code

Closes #2360
2022-05-07 18:27:45 +02:00
David Bauer
56eaf4aa28
treewide: switch crypto lib to WolfSSL (#2509)
WolfSSL has a significant lower flash footprint. Also, issues with OWE /
SAE connections were fixed in OpenWrt a while ago.

See ddcb970274

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-05-07 15:17:03 +02:00
Matthias Schiffer
b1a12a4a0c
generic: reduce kernel size some more (#2510)
Remove a few features that became enabled by default since OpenWrt 19.07.
Disabling CONFIG_RELAY also reduces RAM usage.
2022-05-07 15:16:47 +02:00
David Bauer
1bcd4a47c9
Merge pull request #2508 from blocktrron/gluon-size
generic: reduce flash consumption
2022-05-07 00:01:45 +02:00
David Bauer
fd6f8c2919 generic: optimize kernel size
Remove kernel symbols which are not required for Gluon.

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-05-06 20:57:25 +02:00
David Bauer
6fe2e6fc80 target: remove nftables
Gluon still uses firewall3 and iptables, so remove dependency on
nftables.
2022-05-06 20:57:03 +02:00
David Bauer
d656d38c7c mesh-vpn-core: require legacy iptables
Require legacy iptables, as Gluon still depends on firewall3. Otherwise,
nftables is pulled in as a dependency.
2022-05-06 20:55:57 +02:00
David Bauer
436d6053cb
Merge pull request #2504 from freifunk-gluon/update-modules
Update modules
2022-05-06 08:43:35 +02:00
Matthias Schiffer
8ebba2350a
modules: update OpenWrt packages
948ea0e9c046 ecdsautils: update to v0.4.1
97333939dbcc hwdata: update to version 0.359
22c8efd9377c tor: bump to 0.4.7.7 stable
241e70f5fd84 etherwake-nfqueue: swap iptables for nftables dependency
61e0ee2e8e30 rclone: Update to 1.58.1
a8374c48e14f apfree-wifidog: fix compile error
2af08fe724f3 gst1-libav: fix compilation with ffmpeg5
419054a05f56 libtorrent-rasterbar: Update to 2.0.6

With the update to ecdsautils 0.4.1, we can remove the downstream patch
again.
2022-05-05 20:08:12 +02:00
Matthias Schiffer
f0e76390ef
modules: update OpenWrt base
5ff900e0ade7 firewall: config: remove restictions on DHCPv6 allow rule
2ac5ee7f8a99 fstools: update to git HEAD
ffe12f8b48cf procd: update to git HEAD
0dc3ecf0da1c base-files: simplify restorecon logic
efc38b315e9b selinux-policy: update to version 1.1
6cb08b17979c base-files: add missing $IPKG_INSTROOT to restorecon call
9282cb0be06c base-files: address sed in-place without SELinux awareness
dc71658a802b fstools: update to git HEAD
3a974b5bcd77 ipq40xx: fix BDF file for pcie wifi chip on the GL.Inet GL-B2200
d90c7621f40f kernel: bump 5.10 to 5.10.113
e9c14fa85f4d kernel: bump 5.10 to 5.10.112
fa8e050c4bcb f2fs-tools: fix resize.f2fs (#9800)
0c25b9cb11bf ath79: add USB power control for GL-AR300M series
a142d96ade46 mpc85xx: Fix output location of padded dtb
fbd9605a908d build: don't remove BUILD_LOG_DIR in _clean
946f60aaebc6 dnsmasq: add logfacility file to jail mounts
6d5a097232b0 ath79: ubnt: drop swconfig on ac-{lite,lr,mesh}
18649fbff04a bcm63xx: fix description fix name case
d79380ac1dff ath79: ZTE MF286R: add comgt-ncm to DEVICE_PACKAGES
4c5d2cde1307 ramips: zbt-wg2626: Add the reset gpio for PCIe port 1
2022-05-05 20:07:26 +02:00
Matthias Schiffer
605c7e0806
docs: import v2021.1.2 release notes and update README 2022-05-05 20:01:08 +02:00
Matthias Schiffer
9aaeda8df3
Update copyright years 2022-05-05 19:57:47 +02:00
Matthias Schiffer
204f7e56e3
Merge pull request from GHSA-xqhj-fmc7-f8mv
ecdsautils: verify: fix signature verification (CVE-2022-24884)
2022-05-05 18:02:38 +02:00
J. Burfeind
743ba02fe9
ramips-mt76x8: add support for TP-Link Archer C20 v4 (#2500)
Co-authored-by: Ilja Gerhardt <ilja@cryptix.net>

Co-authored-by: Ilja Gerhardt <ilja@cryptix.net>
2022-05-05 11:10:07 +02:00
J. Burfeind
40f8275918
ath79-generic: (re)add Archer C7 v4 (#2497)
Gone due to
commit 45c84a117b ("ar71xx: drop target")
2022-05-05 01:19:29 +02:00
J. Burfeind
ab3e831b7c
ath79-generic: (re)add support for tl-wdr3500-v1 (#2450)
Gone due to
commit 45c84a117b ("ar71xx: drop target")
2022-05-04 00:33:05 +02:00
Matthias Schiffer
5e6bac4e52
ecdsautils: verify: fix signature verification (CVE-2022-24884)
A vulnerability was found in ecdsautils which allows forgery of ECDSA
signatures. An adversary exploiting this vulnerability can create an update
manifest accepted by the autoupdater, which can be used to distribute
malicious firmware updates by spoofing a Gluon node's connection to the
update server.
2022-05-03 20:35:16 +02:00
J. Burfeind
6526612aaf
ath79-generic: (re)add archer c60 (#2496)
Device is marked as broken due to ath9k+ath10k 8/64.

Gone due to
commit 45c84a117b ("ar71xx: drop target")
2022-05-02 23:38:56 +02:00
Andreas Ziegler
948d3e10e7
ath79-generic: (re)add support for archer-c59-v1 (#2489) 2022-05-01 19:38:12 +02:00
J. Burfeind
4ec8c4db19
ath79-generic: (re)add support for gl-usb150 (#2476)
Gone due to
commit 45c84a117b ("ar71xx: drop target")
2022-05-01 19:36:13 +02:00
Tom Herbers
aef006e02e
mpc85xx-p1020: add Extreme Networks WS-AP3825i (#2495) 2022-05-01 10:43:32 +02:00
David Bauer
154ecf6ad8
Merge pull request #2426 from freifunk-gluon/switch-2203
modules: use OpenWrt 22.03
2022-04-30 23:47:27 +02:00
David Bauer
90dfd25e06 mpc85xx-p1010: remove TP-Link WDR4900
Remove support for the TP-Link WDR4900, as it us currently unable to
load its kernel sure to factory bootloader constraints.

Progress on this topic is tracked in #2491
2022-04-30 16:35:44 +02:00
David Bauer
78b2bca383 generic: remove jool workaround
Jool can be built without error on 22.03. Remove this workaround.
2022-04-30 16:35:06 +02:00
David Bauer
8fde14f63d generic: remove firewall4 2022-04-30 16:35:06 +02:00
David Bauer
3dc3b40819 treewide: replace ip6tables with ip6tables-legacy 2022-04-30 16:35:06 +02:00
David Bauer
e453b503bd modules: switch to OpenWrt 22.03 2022-04-30 16:35:05 +02:00
David Bauer
f54c0e789f
Merge pull request #2493 from blocktrron/modules-220427
modules: update to latest HEAD
2022-04-27 19:03:57 +02:00
Matthias Schiffer
a27edd4baa
Merge pull request #2459 from ffgraz/cm
gluon-setup-mode: add gluon-enter-setup-mode
2022-04-27 18:36:59 +02:00
Matthias Schiffer
1992383134
Merge pull request #2457 from MyIgel/statuspage-fix-tables
gluon-status-page: explicitly add tbody element to fix table manipulation
2022-04-27 17:20:24 +02:00
David Bauer
61b7085ff7 modules: update routing
b8461cc batman-adv: compat: Add atomic mc_forwarding support for stable kernels
a0d61bd mesh11sd: [New Package] Release v1.0.0
6166db3 naywatch: fix reboot_now
2022-04-27 13:57:23 +02:00
David Bauer
0bb999732c modules: update packages
0d142ffd2 telegraf: Update to version 1.22.2
587caf22a xray-core: Update to 1.5.5
87f14264f prometheus-node-exporter-lua: improve ubnt-manager
959860dc4 git: update to version 2.34.3
636342ee4 golang: Update to 1.17.9
51231fc5c ffmpeg: update to version 4.3.4
45426fa3d ruby: update to 3.0.4
4d34758b6 ci: use openwrt/gh-action-sdk@v4
edc9829bd delve: Update to 1.8.2
fe3e0493d usteer: update to latest HEAD
8995d3f02 python3-speedtest-cli: update to 2.1.3
827c37533 ooniprobe: Update 3.14.2
04a580232 ooniprobe: update to version 3.10.1
a33113111 ooniprobe: update to version 3.9.2
9f90da736 ooniprobe: update to version 3.9.0
918ca913b ooniprobe: update to version 3.8.0
a11f9a412 ooniprobe: update to version 3.7.0
915fed260 ooniprobe: update to version 3.5.2
78bcd00c1 yq: Update to 4.24.5
8406439bd yq: Update to 4.24.4
754c075a8 prometheus-node-exporter-lua: fix ubnt-manager collector
8ac019e76 prometheus-node-exporter-lua: add ubnt-manager collector
406abcbcc ubnt-manager: add ubnt-manager
216a37d65 pdns-recursor: add patch for CVE-2022-27227
f618daa55 pdns: add patch for CVE-2022-27227
427f2f995 haveged: update to 1.9.18
25a2c9f70 php7-pecl-redis: update to 5.3.7
3094dfadd php7-pecl-http: update to 3.2.5
77dcb4c90 php8: update to 8.0.17
e74e59d04 telegraf: Update to version 1.22.1
14d7e1608 keepalived: fix libip6tc dependency
3fbe10e59 keepalived: add missing CONFIG_ prefix to PKG_CONFIG_DEPENDS elements
bbb13556d adguardhome: Update adguardhome to v0.107.5
19e621a43 adguardhome: Bump adguardhome to v0.107.3 stable
d86d6d02b adguardhome: Update to v0.107.2 stable
9fa3942a8 nextdns: Update to version 1.37.11
894f58ceb yq: Update to 4.24.2
fbcaa8bce ksmbd-tools: revert update to 3.4.4
2022-04-27 13:57:23 +02:00
David Bauer
70ed8ea18b modules: update openwrt
5b7d01b427 iwinfo: update to latest HEAD
39aaec62ca hostapd: refresh patches
e2030fcfa7 hostapd: add ubus link-measurements notifications
1a2940f68e hostapd: add ubus method for requesting link measurements
b4a9597154 hostapd: add support for enabling link measurements
5a18028c69 iwinfo: update to latest HEAD
b519d76276 iwinfo: update to latest Git head
01cc5e195d iwinfo: update to latest Git HEAD
44781b265c iwinfo: update to the latest version
f7c445aa7d iwinfo: update to the latest version
75cbd8de00 wolfssl: fix compilation with /dev/crypto
1418439da9 kernel: add missing config symbols
39f1815b3e mac80211: fix QCA9561 PA bias
1769e3162e ramips: mt7620: disable SOC VLANs for external switches
30e47fb1e4 ramips: mt7620: ethernet: use more macros and bump version
3f976d0225 ramips: mt7620: fix RGMII TXID PHY mode
6685eb29e5 ramips: mt7620: add ephy-disable option to switch driver
47db830b82 ramips: mt7620: move mt7620_mdio_mode() to ethernet driver
6876465875 ramips: mt7620: use DTS to set PHY base address for external PHYs
5d7805c78b ramips: mt7620: allow both internal and external PHYs
01bbed7444 ramips: mt7620: fix ethernet driver GMAC port init
6491212ea7 ramips: mt7620: remove useless GMAC nodes
a14c2d409c ramips: mt7620: simplify DTS properties for GMAC
c652a06eef ramips: mt7620: enable autonegotiation for all ports
08ec622c46 ramips: make PHY initialization more descriptive
4123f177f9 ramips: add support for the Wavlink WL-WN579X3
92af15077f ramips: split Youku YK1 to YK-L1 and YK-L1c
55f8eb84d2 ramips: improve pinctrl for Youku YK-L1
92489b4f82 ramips: speed up spi frequency for Youku YK-L1
bea1891182 ramips: remove obsolete mx25l25635f compatible hack
6c44b157e5 mvebu: kernel: enable CONFIG_BLK_DEV_NVME
f0f9b7ac5c OpenWrt v21.02.3: revert to branch defaults
42a15ca378 OpenWrt v21.02.3: adjust config defaults
1d4dea6d4f ath79: Move TPLink WPA8630Pv2 to ath79-tiny target
41a97c2074 bcm27xx: add AMP2 to HifiBerry DAC+ / DAC+ Pro package
9a765554f4 ath79: add support for MikroTik RouterBOARD mAP lite
2cc9ee8000 ath79: add support for Yuncore A930
06874171d1 ath79: add support for Yuncore XD3200
c5ef62a218 wolfssl: bump to 5.2.0
99b00edf35 mac80211: Update to version 5.10.110-1
9132344444 bpftools: fix feature override for masking clang
169c9e3a88 ramips: fix reboot for remaining 32 MB boards
39bf2aee0e kernel: bump 5.4 to 5.4.188
3008f1f441 imagebuilder: fix broken image generation with external targets
2022-04-27 13:57:23 +02:00
David Bauer
099d2bd693
docs: fix mpc85xx-p1010 target name (#2492)
The mpc85xx-generic target was renamed to mpc85xx-p1010 in OpenWrt
21.02. The target name in Gluon docs was never adjusted however.

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-04-25 00:02:08 +02:00
J. Burfeind
ed0cb90d42
ath79-generic: (re)add support for archer-c25-v1 (#2477)
Gone due to
commit 45c84a117b ("ar71xx: drop target")
2022-04-21 22:42:07 +02:00
J. Burfeind
374b81ddc0
ath79-generic: (re)add support for wndr3700v2 (#2485)
Gone due to
commit 45c84a117b ("ar71xx: drop target")
2022-04-21 22:34:11 +02:00
Igor Scheller
1ceb4428da gluon-status-page: Use querySelector instead of firstElementChild 2022-04-17 23:26:17 +02:00
Igor Scheller
68a5a74d1d gluon-status-page: Move mesh vpn id to table body, directly use table body 2022-04-17 23:10:40 +02:00
eberhab
9ec4abd043
ramips-mt76x8: add support for TP-Link Archer C20 v5 (#2481)
https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=86e7353bff2a5de257de8ec62e782f016eed143c

Co-authored-by: Tom Herbers <mail@tomherbers.de>
2022-04-17 20:47:27 +02:00
Matthias Schiffer
a8d25670ce
gluon-core: use copy of "WAN" role list for "single" default (#2478)
Instead of using roles.wan directly as the default for roles.single,
create a copy of the table, so subsequent modifications of roles.single
don't affect roles.wan as well.

Fixes migration of Mesh-on-WAN status when no default for "single"
interfaces is set in site.conf.
2022-04-17 20:46:53 +02:00
Tom Herbers
588502cff1
ath79-generic: (re)add support for tl-wr1043n-v5 (#2483)
Gone due to
commit 45c84a117b ("ar71xx: drop target")
2022-04-17 20:31:43 +02:00