Commit Graph

331 Commits

Author SHA1 Message Date
Tom Herbers
af579e9906
modules: update openwrt
ecd8f7e294 ramips: get MAC addr from the encrypted partition (WG4хх223)
290ace2fe6 base-files: add mtd_get_mac_encrypted_arcadyan function
d94a28f7d2 uencrypt: add package to decrypt WG4хх223 config
bfb37d363c odhcp6c: update to git HEAD
464f349fad ramips: allow custom trx magic for Arcadyan
7edaae16db ramips: create new dtsi for Arcadyan routers
206581018c ramips: add support for MTS WG430223
1320a78aab ramips: add support for ASUS RT-AX53U
e06f97eb33 mvebu: backport pending Turris Omnia LEDs improvements
93ac163dea mvebu: backport DTS changes for Turris Omnia from mvebu/dt
659bb7638d mpc85xx: enable NAND support for all subtargets
89b7714cf6 kernel: add kmod-leds-turris-omnia
5e39f37caa toolchain: Update glibc 2.34 to recent HEAD
da7e9b201e build: add support for python3.11 and higher
dfe5c23592 iwinfo: update to latest HEAD
1d16b928b3 ath25: fix initramfs image generation
2728d13030 ath25: fix ELF image generation
46e62907f1 kernel: bump 5.10 to 5.10.136
be29de706c kernel: bump 5.10 to 5.10.135
6c901ec97d kernel: Backport upstream flowtable patches from 5.15
6a638c134d pkg-config: always use correct path for pkg-config.real
1c7a167366 kernel: kmod-phy-smsc: Add new PHY
fd4a354f3e kernel: kmod-phy-ax88796b: Add new PHY
13d66ef33f kernel: kmod-ipt-ulog: Remove package
534e256c02 kernel: kmod-nft-nat6: Remove package
2a6fa77b77 kernel: ipt-ipset: Add ipset/ip_set_hash_ipmac.ko
fc05102d51 kernel: netsupport: kmod-sched: explicitly define included modules
3b51f74a91 kernel: netsupport: kmod-sched: Add kmod-lib-textsearch dependency
9727b71147 kernel: netsupport: kmod-sched: Remove sch_fq_codel and sch_fifo
0038e96c27 arm-trusted-firmware-mediatek: skip bad blocks on SPI-NAND (SNFI)
5c69416246 fstools: add uci fstab section to conffiles for package block-mount
0855549b4b kernel: scale nf_conntrack_max more reasonably
0179ba7851 dnsmasq: fix jail_mount for serversfile
2022-08-20 15:37:27 +02:00
Tom Herbers
2fd9b8aa19
modules: update openwrt
8b6b73d0e8 wolfssl: make shared again
7ca89e1187 kernel: bump 5.10 to 5.10.134
1db4f5cba3 x86: update defconfig for 5.10.133
762703d397 kernel: bump 5.10 to 5.10.133
aedcbaae37 kernel: bump 5.10 to 5.10.132
a409bd7705 octeon: add SUPPORTED_DEVICES to er/erlite
e0d3dc5de1 uboot-bcm4908: include SoC in output files
066547b974 bcm4908: build bootfs image per-SoC
506432a783 lantiq: fix network port GPIO settings for Fritzbox 3390
ee27a2b706 ipq806x: Archer VR2600: fix switch ports numbering
f2c12b8940 layerscape: update PKG_HASH / PKG_MIRROR_HASH
bddfd3f7ed sdk: add spidev-test to the bundle of userspace sources
396dc89ee7 realtek: correct egress frame port verification
f8a44c22d4 realtek: correct egress frame priority assignment
4da0b5a786 realtek: fix egress L2 learning on rtl839x
8614b8eb5f realtek: fix egress port mask on rtl839x
c240fed242 ramips: add support for Netgear WAX202
d5858c6d97 image: add support for Netgear encrypted image
a1068f77c9 wolfssl: Do not activate HW acceleration on armvirt by default
dbe19b1041 libpcap: fix PKG_CONFIG_DEPENDS for rpcapd
a12eb71c88 wolfssl: WOLFSSL_HAS_WPAS requires WOLFSSL_HAS_DH
41fa086e6f kernel: Refresh kernel patches
aa237757e0 kernel: bump 5.10 to 5.10.131
a51f54b41d kernel: bump 5.10 to 5.10.130
f14122f8e6 kernel: bump 5.10 to 5.10.129
73ef008ea6 kernel: bump 5.10 to 5.10.128
cb9a69807e firewall3: bump to latest git HEAD
8ccd657629 mt7622: remove 300 MHz from dts
606fc4cd81 bcm4908: use upstream-accepted watchdog patches
7eda42a3f3 bcm4908: backport latest DT patches
187f5147d3 kernel: update leds-bcm63138 driver
f1fc90e5a1 kernel: backport LEDs driver for BCMBCA devices
a8001815a6 opkg: update to 2022-02-24
479890083d firmware: intel-microcode: update to 20220510
c5ee4b7863 openssl: bump to 1.1.1q
ade7c6db1e wolfssl: bump to 5.4.0
409534860f ath79: bsap18x0: pad rootfs image
1be4cad669 ath79: ja76pf2: use nvmem cells to specify MAC addresses
94530067ad ath79: move image check for devices with RedBoot
8e09f9ffc3 ath79: switch some RedBoot based devices to OKLI loader
01b8cd3200 rockchip: reliably distribute net interrupts
4fb05e45df wolfssl: re-enable AES-NI by default for x86_64
ec9f82fa18 mac80211: fix AQL issue with multicast traffic
945b13e369 realtek: build sane factory images for DGS-1210 models
3fbf45bd09 realtek: build factory images for all DGS-1210 models
128575d0fd realtek: rename u-boot-env2 to board-name
9081098273 scripts: fix CAMEO tag generator
87e58a43ea realtek: build DGS-1210 images with CAMEO tag
b151362d19 scripts: add CAMEO tag generator
72466aaeb9 realtek: add DGS-1210-28 factory image
b2876e6a3a scripts: add cameo image header generator
8b4169f1c9 bcm53xx: use -falign-functions=32 for kernel compilation
e291e49da3 bcm53xx: enable & setup packet steering
5359a8ca38 bcm53xx: disable GRO by default at kernel level
027f7b18b9 bcm53xx: revert bgmac back to the old limited max frame size
bd826dc9f9 kernel: drop patch adding hardcoded kernel compilation flags
da7c57b086 kernel: support setting extra CFLAGS for kernel compilation
614a420084 kernel: use KCFLAGS for passing EXTRA_OPTIMIZATION flags
2022-07-31 13:49:45 +02:00
David Bauer
17156cc06b lantiq-xrx200: make DSA images swconfig upgradable
Update the device-support version for image-metadata so that older Gluon
versions not implementing skipping minor compat-version checks are able
to update to newer Gluon versions.

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-07-05 23:49:49 +02:00
David Bauer
82571e3fee ramips: add MT7621 WiFi devpath migration
Add a migration script to migrate the device path of PCIe WiFi hardware
from OpenWrt 19.07 to the one used with OpenWrt 21.02+.

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-06-26 02:13:30 +02:00
David Bauer
8e8aa0c846 openwrt: make DSA images upgradable from swconfig
Set the compat-version of the sysupgrade image to 1.0 in order to allow
upgrades from Gluon-sources which are based on swconfig and do not
ignore mismatching minor compat-versions.

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-06-26 02:13:30 +02:00
David Bauer
e453b503bd modules: switch to OpenWrt 22.03 2022-04-30 16:35:05 +02:00
David Bauer
70ed8ea18b modules: update openwrt
5b7d01b427 iwinfo: update to latest HEAD
39aaec62ca hostapd: refresh patches
e2030fcfa7 hostapd: add ubus link-measurements notifications
1a2940f68e hostapd: add ubus method for requesting link measurements
b4a9597154 hostapd: add support for enabling link measurements
5a18028c69 iwinfo: update to latest HEAD
b519d76276 iwinfo: update to latest Git head
01cc5e195d iwinfo: update to latest Git HEAD
44781b265c iwinfo: update to the latest version
f7c445aa7d iwinfo: update to the latest version
75cbd8de00 wolfssl: fix compilation with /dev/crypto
1418439da9 kernel: add missing config symbols
39f1815b3e mac80211: fix QCA9561 PA bias
1769e3162e ramips: mt7620: disable SOC VLANs for external switches
30e47fb1e4 ramips: mt7620: ethernet: use more macros and bump version
3f976d0225 ramips: mt7620: fix RGMII TXID PHY mode
6685eb29e5 ramips: mt7620: add ephy-disable option to switch driver
47db830b82 ramips: mt7620: move mt7620_mdio_mode() to ethernet driver
6876465875 ramips: mt7620: use DTS to set PHY base address for external PHYs
5d7805c78b ramips: mt7620: allow both internal and external PHYs
01bbed7444 ramips: mt7620: fix ethernet driver GMAC port init
6491212ea7 ramips: mt7620: remove useless GMAC nodes
a14c2d409c ramips: mt7620: simplify DTS properties for GMAC
c652a06eef ramips: mt7620: enable autonegotiation for all ports
08ec622c46 ramips: make PHY initialization more descriptive
4123f177f9 ramips: add support for the Wavlink WL-WN579X3
92af15077f ramips: split Youku YK1 to YK-L1 and YK-L1c
55f8eb84d2 ramips: improve pinctrl for Youku YK-L1
92489b4f82 ramips: speed up spi frequency for Youku YK-L1
bea1891182 ramips: remove obsolete mx25l25635f compatible hack
6c44b157e5 mvebu: kernel: enable CONFIG_BLK_DEV_NVME
f0f9b7ac5c OpenWrt v21.02.3: revert to branch defaults
42a15ca378 OpenWrt v21.02.3: adjust config defaults
1d4dea6d4f ath79: Move TPLink WPA8630Pv2 to ath79-tiny target
41a97c2074 bcm27xx: add AMP2 to HifiBerry DAC+ / DAC+ Pro package
9a765554f4 ath79: add support for MikroTik RouterBOARD mAP lite
2cc9ee8000 ath79: add support for Yuncore A930
06874171d1 ath79: add support for Yuncore XD3200
c5ef62a218 wolfssl: bump to 5.2.0
99b00edf35 mac80211: Update to version 5.10.110-1
9132344444 bpftools: fix feature override for masking clang
169c9e3a88 ramips: fix reboot for remaining 32 MB boards
39bf2aee0e kernel: bump 5.4 to 5.4.188
3008f1f441 imagebuilder: fix broken image generation with external targets
2022-04-27 13:57:23 +02:00
Sven Eckelmann
979cc0a2ed ath79-generic: Add support for OpenMesh OM5P-AN
Device specifications:
======================

* Qualcomm/Atheros AR9344 rev 2
* 560/450/225 MHz (CPU/DDR/AHB)
* 64 MB of RAM
* 16 MB of SPI NOR flash
  - 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 1T1R 2.4 GHz Wi-Fi
* 2T2R 5 GHz Wi-Fi
* 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default)
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* TI tmp423 (package kmod-hwmon-tmp421) for temperature monitoring
* 2x ethernet
  - eth0
    + AR8035 ethernet PHY
    + 10/100/1000 Mbps Ethernet
    + 802.3af POE
    + used as LAN interface
  - eth1
    + 10/100 Mbps Ethernet
    + builtin switch port 1
    + 18-24V passive POE (mode B)
    + used as WAN interface
* 12-24V 1A DC
* internal antennas

Flashing instructions:
======================

Various methods can be used to install the actual image on the flash.
Two easy ones are:

ap51-flash
----------

The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.

initramfs from TFTP
-------------------

The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):

    setenv serverip 192.168.1.21
    setenv ipaddr 192.168.1.1
    tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr

The actual sysupgrade image can then be transferred (on the LAN port) to the
device via

    scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/

On the device, the sysupgrade must then be started using

    sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
2022-03-21 09:37:03 +01:00
Sven Eckelmann
6e35f6b95a ath79-generic: Add support for OpenMesh OM5P-AC v1
Device specifications:
======================

* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
  - 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 2T2R 2.4 GHz Wi-Fi (11n)
* 2T2R 5 GHz Wi-Fi (11ac)
* 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* TI tmp423 (package kmod-hwmon-tmp421) for temperature monitoring
* 2x ethernet
  - eth0
    + AR8035 ethernet PHY (RGMII)
    + 10/100/1000 Mbps Ethernet
    + 802.3af POE
    + used as LAN interface
  - eth1
    + AR8035 ethernet PHY (SGMII)
    + 10/100/1000 Mbps Ethernet
    + 18-24V passive POE (mode B)
    + used as WAN interface
* 12-24V 1A DC
* internal antennas

Flashing instructions:
======================

Various methods can be used to install the actual image on the flash.
Two easy ones are:

ap51-flash
----------

The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.

initramfs from TFTP
-------------------

The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):

    setenv serverip 192.168.1.21
    setenv ipaddr 192.168.1.1
    tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr

The actual sysupgrade image can then be transferred (on the LAN port) to the
device via

    scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/

On the device, the sysupgrade must then be started using

    sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin

Gluon image name change
=======================

The device had the image name "openmesh-om5p-ac" in older versions of Gluon.
This had to be changed with the new name in the device trees of the ath79
device tree.
2022-03-21 09:37:03 +01:00
Sven Eckelmann
47eda6a501 ath79-generic: Add support for OpenMesh OM2P v1
Device specifications:
======================

* Qualcomm/Atheros AR7240 rev 2
* 350/350/175 MHz (CPU/DDR/AHB)
* 32 MB of RAM
* 16 MB of SPI NOR flash
  - 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 2x 10/100 Mbps Ethernet
* 1T1R 2.4 GHz Wi-Fi
* 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default)
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 2x fast ethernet
  - eth0
    + 18-24V passive POE (mode B)
    + used as WAN interface
  - eth1
    + builtin switch port 4
    + used as LAN interface
* 12-24V 1A DC
* external antenna

The device itself requires the mtdparts from the uboot arguments to
properly boot the flashed image and to support dual-boot (primary +
recovery image). Unfortunately, the name of the mtd device in mtdparts is
still using the legacy name "ar7240-nor0" which must be supplied using the
Linux-specfic DT parameter linux,mtd-name to overwrite the generic name
"spi0.0".

Flashing instructions:
======================

Various methods can be used to install the actual image on the flash.
Two easy ones are:

ap51-flash
----------

The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.

initramfs from TFTP
-------------------

The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):

    setenv serverip 192.168.1.21
    setenv ipaddr 192.168.1.1
    tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr

The actual sysupgrade image can then be transferred (on the LAN port) to the
device via

    scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/

On the device, the sysupgrade must then be started using

    sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin

Gluon image name change
=======================

The device had the image name "openmesh-om2p" in older versions of Gluon.
This had to be changed with the new name in the device trees of the ath79
device tree.
2022-03-21 09:37:03 +01:00
Sven Eckelmann
767b4123cf ath79-generic: Add support for OpenMesh A40
Device specifications:
======================

* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
  - 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 2T2R 2.4 GHz Wi-Fi (11n)
* 2T2R 5 GHz Wi-Fi (11ac)
* multi-color LED (controlled via red/green/blue GPIOs)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 2x ethernet
  - eth0
    + Label: Ethernet 1
    + AR8035 ethernet PHY (RGMII)
    + 10/100/1000 Mbps Ethernet
    + 802.3af POE
    + used as WAN interface
  - eth1
    + Label: Ethernet 2
    + AR8035 ethernet PHY (SGMII)
    + 10/100/1000 Mbps Ethernet
    + used as LAN interface
* 1x USB
* internal antennas

Flashing instructions:
======================

Various methods can be used to install the actual image on the flash.
Two easy ones are:

ap51-flash
----------

The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.

initramfs from TFTP
-------------------

The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):

    setenv serverip 192.168.1.21
    setenv ipaddr 192.168.1.1
    tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr

The actual sysupgrade image can then be transferred (on the LAN port) to the
device via

    scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/

On the device, the sysupgrade must then be started using

    sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
2022-03-21 09:37:03 +01:00
Sven Eckelmann
df114faec0 ath79-generic: Add support for OpenMesh A60
Device specifications:
======================

* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
  - 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 3T3R 2.4 GHz Wi-Fi (11n)
* 3T3R 5 GHz Wi-Fi (11ac)
* multi-color LED (controlled via red/green/blue GPIOs)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 2x ethernet
  - eth0
    + Label: Ethernet 1
    + AR8035 ethernet PHY (RGMII)
    + 10/100/1000 Mbps Ethernet
    + 802.3af POE
    + used as WAN interface
  - eth1
    + Label: Ethernet 2
    + AR8031 ethernet PHY (SGMII)
    + 10/100/1000 Mbps Ethernet
    + used as LAN interface
* 1x USB
* internal antennas

Flashing instructions:
======================

Various methods can be used to install the actual image on the flash.
Two easy ones are:

ap51-flash
----------

The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.

initramfs from TFTP
-------------------

The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):

    setenv serverip 192.168.1.21
    setenv ipaddr 192.168.1.1
    tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr

The actual sysupgrade image can then be transferred (on the LAN port) to the
device via

    scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/

On the device, the sysupgrade must then be started using

    sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
2022-03-21 09:37:03 +01:00
Matthias Schiffer
1e50966b84
kernel: drop obsolete ebtables patches
We are on Linux 5.4, so these patches for Linux 4.14 don't do anything.
2022-01-23 11:39:02 +01:00
Matthias Schiffer
0db3c58329
modules: update OpenWrt base
97b95ef8b918 uci: update to the latest master

Replace the downstream UCI patch with a proper OpenWrt 21.02 backport.
2022-01-23 11:36:08 +01:00
lemoer
3f7c0b3ae8
gluon-mesh-vpn-wireguard: add package (#2168)
The address of the vpn interface is calculated in the style of
modified EUI-64, based on a virtual mac address. This virtual mac
address consists of 0x00 as first byte and the other five bytes
are taken from the first bytes of md5sum(base64 encoded public key).

The algorithm was taken by the ffmuc, with a slight difference. ffmuc
calculated the result of md5sum(base64 encoded public key + '\n')
which was interpreted as accidential fault and therefore dropped.

Example:
- Public-Key: "gP3VJnTTvnQut+z4O+m0N9RgMyXbgyUbUkF3E3TKX2w="
- Address: "fe80::02ca:b8ff:fedc:2eb3"

The following interfaces are used for wireguard:
- wg_mesh  -> wireguard interface
- mesh-vpn -> vxlan iface on top of wg_mesh

If you use this new feature, make sure the NTP servers in your site
config are publicly reachable. This is necessary, since wireguard
requires correct time before the vpn connection is established.
Therefore gluon performs ntp time synchronisation via WAN before it
establishes the vpn connection. Therefore the NTP servers have to
be publicly reachable (and not only via mesh).
2021-09-15 01:25:59 +02:00
David Bauer
aab2b914b8 modules: switch to OpenWrt 21.02 2021-06-21 16:28:15 +02:00
David Bauer
429223b99f modules: update OpenWrt
fec1aa6dfb mt76: update to the latest version
224fa47bf9 ramips: mark toggle input on EX6150 as a switch
3a05aa17db mac80211: Remove 357-mac80211-optimize-skb-resizing.patch
171d8bce0c ramips: remove factory image for TP-Link Archer C2 v1
2eb8444363 ath79: fix USB power GPIO for TP-Link TL-WR810N v1
d5a8e85878 wolfssl: Backport fix for CVE-2021-3336
cf5e5204d9 bcm63xx: sprom: override the PCI device ID
4465b44fc1 kernel: bump 4.14 to 4.14.219
4b9ade65ec bcm63xx: R5010UNv2: fix flash partitions for 16MB flash
ab9cb390be hostapd: fix P2P group information processing vulnerability
1e90091c5d opkg: update to latest git HEAD of branch openwrt-19.07
312c05611b kernel: bump 4.14 to 4.14.218
3100649458 wolfssl: enable HAVE_SECRET_CALLBACK
e9d2aa9dc6 wolfssl: Fix hostapd build with wolfssl 4.6.0
2044c01de8 wolfssl: Update to v4.6.0-stable
5ac0b2b431 mvebu: omnia: make initramfs image usable out of the box
2021-02-15 01:29:38 +01:00
David Bauer
39c1f67236 modules: update OpenWrt
a7a207e18b mt76: update to the latest version
1ce5008597 wireguard: Fix compile with kernel 4.14.217
2ecb22dc51 kernel: bump 4.14 to 4.14.217
11f4918ebb dnsmasq: backport fixes
9999c87d3a netifd: fix IPv6 routing loop on point-to-point links
250dbb3a60 odhcp6c: fix IPv6 routing loop on point-to-point links
d816c6cd31 kernel: bump 4.14 to 4.14.216
c21d59dc11 imagebuilder: pass IB=1 on checking requirements
2021-02-01 13:16:18 +01:00
Linus Lüssing
13cb7504f4 kernel: bridge: Fix a deadlock when enabling multicast snooping
[ Upstream commit 851d0a73c90e6c8c63fef106c6c1e73df7e05d9d ]

From: Joseph Huang <Joseph.Huang@garmin.com>

When enabling multicast snooping, bridge module deadlocks on multicast_lock
if 1) IPv6 is enabled, and 2) there is an existing querier on the same L2
network.

The deadlock was caused by the following sequence: While holding the lock,
br_multicast_open calls br_multicast_join_snoopers, which eventually causes
IP stack to (attempt to) send out a Listener Report (in igmp6_join_group).
Since the destination Ethernet address is a multicast address, br_dev_xmit
feeds the packet back to the bridge via br_multicast_rcv, which in turn
calls br_multicast_add_group, which then deadlocks on multicast_lock.

The fix is to move the call br_multicast_join_snoopers outside of the
critical section. This works since br_multicast_join_snoopers only deals
with IP and does not modify any multicast data structures of the bridge,
so there's no need to hold the lock.

Steps to reproduce:
1. sysctl net.ipv6.conf.all.force_mld_version=1
2. have another querier
3. ip link set dev bridge type bridge mcast_snooping 0 && \
   ip link set dev bridge type bridge mcast_snooping 1 < deadlock >

A typical call trace looks like the following:

[  936.251495]  _raw_spin_lock+0x5c/0x68
[  936.255221]  br_multicast_add_group+0x40/0x170 [bridge]
[  936.260491]  br_multicast_rcv+0x7ac/0xe30 [bridge]
[  936.265322]  br_dev_xmit+0x140/0x368 [bridge]
[  936.269689]  dev_hard_start_xmit+0x94/0x158
[  936.273876]  __dev_queue_xmit+0x5ac/0x7f8
[  936.277890]  dev_queue_xmit+0x10/0x18
[  936.281563]  neigh_resolve_output+0xec/0x198
[  936.285845]  ip6_finish_output2+0x240/0x710
[  936.290039]  __ip6_finish_output+0x130/0x170
[  936.294318]  ip6_output+0x6c/0x1c8
[  936.297731]  NF_HOOK.constprop.0+0xd8/0xe8
[  936.301834]  igmp6_send+0x358/0x558
[  936.305326]  igmp6_join_group.part.0+0x30/0xf0
[  936.309774]  igmp6_group_added+0xfc/0x110
[  936.313787]  __ipv6_dev_mc_inc+0x1a4/0x290
[  936.317885]  ipv6_dev_mc_inc+0x10/0x18
[  936.321677]  br_multicast_open+0xbc/0x110 [bridge]
[  936.326506]  br_multicast_toggle+0xec/0x140 [bridge]

Fixes: 4effd28c1245 ("bridge: join all-snoopers multicast address")
Signed-off-by: Joseph Huang <Joseph.Huang@garmin.com>
Acked-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Link: https://lore.kernel.org/r/20201204235628.50653-1-Joseph.Huang@garmin.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[linus.luessing@c0d3.blue: backported to 4.4]
2021-01-25 03:16:06 +01:00
Sven Eckelmann
50537e5474 ipq40xx: add support for Plasma Cloud PA2200
This device is a dual 5GHz device. It is recommended to manually change the
radio of the first device to the lower 5GHz channels and the second radio
to the upper 5GHz channels
2021-01-13 08:28:12 +01:00
Sven Eckelmann
17baf0f415 ipq40xx: add support for Plasma Cloud PA1200 2021-01-13 08:28:12 +01:00
David Bauer
db9768310a
Merge pull request #2153 from FreifunkVogtland/pa300
ath79: Add support for Plasma Cloud PA300(E)
2021-01-12 15:22:03 +01:00
Sven Eckelmann
6e2faecb4e ath79: add support for Plasma Cloud PA300E 2021-01-10 09:06:02 +01:00
Sven Eckelmann
a9039229d6 ath79: add support for Plasma Cloud PA300 2021-01-10 09:05:58 +01:00
David Bauer
604087fae3 modules: refresh OpenWrt patches
Fixes commit fb8cd562f6 ("modules: update OpenWrt")
2020-12-07 04:27:11 +01:00
David Bauer
5ee379bbb8 Revert "openwrt: revert kernel: add netfilter-actual-sk patch"
This reverts commit 94736703ae.

Bumping the packages feed fixes the xtables-addons build.
2020-12-06 01:08:33 +01:00
Martin Weinelt
94736703ae
openwrt: revert kernel: add netfilter-actual-sk patch
During the update of openwrt-19.07 in 435c5196 a breaking change was
introduced. Let's revert it for now so the master branch builds again.
2020-12-06 00:22:07 +01:00
David Bauer
88ec9cbedf
mt76: mt7603: add additional EEPROM chip ID (#2133)
Some newer MT7628 based routers (notably the TP-Link Archer C50 v4) are
shipped with a chip-id of 0x7600 in the on-flash EEPROM. Add this as a
possible valid ID.

This fixes unstable WiFi on some units of the TP-Link Archer C50 v4.
2020-10-17 13:58:45 +02:00
Linus Lüssing
b2add48d2a kernel: bridge: Implement MLD Querier wake-up calls / Android bug workaround
Implement a configurable MLD Querier wake-up calls "feature" which
works around a widely spread Android bug in connection with IGMP/MLD
snooping.

Currently there are mobile devices (e.g. Android) which are not able
to receive and respond to MLD Queries reliably because the Wifi driver
filters a lot of ICMPv6 when the device is asleep - including
MLD. This in turn breaks IPv6 communication when MLD Snooping is
enabled. However there is one ICMPv6 type which is allowed to pass and
which can be used to wake up the mobile device: ICMPv6 Echo Requests.

If this bridge is the selected MLD Querier then setting
"multicast_wakeupcall" to a number n greater than 0 will send n
ICMPv6 Echo Requests to each host behind this port to wake
them up with each MLD Query. Upon receiving a matching ICMPv6 Echo
Reply an MLD Query with a unicast ethernet destination will be sent
to the specific host(s).

Link: https://issuetracker.google.com/issues/149630944
Link: https://github.com/freifunk-gluon/gluon/issues/1832

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2020-10-08 20:06:24 +02:00
David Bauer
923299b834 openwrt: refresh patches
Fixes commit bf36c5b2d3 ("modules: bump OpenWrt")
2020-08-02 00:32:10 +02:00
David Bauer
a3a55d6461
openwrt: backport DFS fixes (#2077)
This backports two fixes related to operation on DFS-required
channels.

When a DFS-required channel was selected as the regular
(non-outdoor-mode) 5 GHz channel, hostapd would switch to a non-DFS
channel as OpenWrt did not pass a chanlist of allowed ACS channels.

When hostapd is given a single channel for the chanlist or there's no
available channel left (all allowed channels are in the no-occupancy
period), hostapd prints "no DFS channels left, waiting for NOP to
finish" to the syslog but never stopped transmitting on this channel,
still sending out beacon frames and allowing client data transfer.
2020-07-29 15:45:17 +02:00
David Bauer
2be6fe32e6 modules: update OpenWrt
b515edb775 ipq40xx: essedma: Disable TCP segmentation offload for IPv6
f7f15f8033 ath79: wndr3700 series: fix wifi range & throughput
1f5cbd6be7 ca-certificates: update to version 20200601
fa72f2646a oxnas: build with 8021Q VLAN support
e752fc1ff9 ath79: add support for TP-Link TL-WR802N V1 and V2
6488d2f7cc ath79: update WA/XC devices UBNT_VERSION to 8.5.3
fb79e5d9fe ipq806x: EA8500 fix boot partition detection
e36bdd5dc5 ath79: fix LEDs for GL.inet GL-AR150
21454a772b ar71xx: fix reset key for TP-Link TL-WR802N V1/V2
a32b0ec4cf generic: fix flow table hw offload

Closes #2055
2020-06-14 15:49:17 +02:00
David Bauer
2891454f16 mt76: mt76x0: disable GTK offloading
When the GTK is offloaded, MT7610 won't transmit any multicast frames.
This is most likely due to a bug in the offloading datapath. MT7612 is
not affected.

Disable GTK offloading for now. It can be re-enabled once the bug in the
offloading path is fixed.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-06-13 23:07:05 +02:00
David Bauer
e8cc866db2 mac80211: rt2800: enable MFP support unconditionally
This gives us WPA3 support out of the box without having to manually disable
hardware crypto. The driver will fall back to software crypto if the connection
requires management frame protection.

THis allows us to use WPA3 features (Private-WiFi SAE & OWE) on
ramips-mt7620.
2020-06-10 22:41:01 +02:00
Matthias Schiffer
e5456bdf14
build: backport kernel debuginfo ZSTD compression 2020-05-31 11:12:41 +02:00
David Bauer
c3be82f6c8 modules: update OpenWrt
83b714a27f musl: fix locking synchronization bug
f99b1d1d92 rpcd: update to latest openwrt-19.07 Git HEAD
92bd395b04 Revert "rpcd: update to latest Git HEAD"
adf5d753ef rpcd: update to latest Git HEAD
9b48375c7e libubox: update to the latest version
a4e8eca03e libubox: update to the latest master
498f1f4f5d ramips: gsw_mt7621: disable PORT 5 MAC RX/TX flow control by default
d8d1956a80 hostapd: backport wolfssl bignum fixes
ab7e9754df ucert: update to latest git HEAD
bc0c2db2a3 brcm47xx: disable Netgear WNR2000 v2 by default
059db419d7 squashfs: Fix compile with GCC 10
97b522a1f9 usign: update to latest git HEAD
942262f9c8 usign: update to latest Git HEAD
6a89098935 ath79: add support for TP-Link TL-WA901ND v4 and v5
a6f70f2e97 ath79: add support for TP-Link TL-WA701ND/730RE/801ND/901ND v1
8c6c488e9e ath79: add support for TP-Link TL-WR940N v6
36d4140517 ath79: add support for TP-Link TL-WA830RE v1
7187826b8b ath79: reorganize DTSI for ar7240 TP-Link devices
d4092eac1f ath79: migrate TP-Link TL-MR3420v2 to ath79
24cfd961d9 ath79: add support for TP9343-based TP-Link TL-WR94x devices
7de43d66ff generic: platform/mikrotik: disambiguate SPDX-License-Identifier
84154574c8 ramips: drop non-existant ralink,port-map for Ravpower WD03
af667c73c5 bcm63xx: mask interrupts on init
d1ce73677c bcm63xx: periph_intc: report effective affinity
1d40c8a9f2 bcm63xx: ext_intc: fix warning
65f2fae911 bcm63xx: periph_intc: fix warning
b2c9f82eb4 bcm63xx: redboot: fix warning
a2a3ac9f51 bcm63xx: bcm6362: fix pinctrl bug
6c96ecf3b4 bcm63xx: refresh kernel config
c3e3802a8e OpenWrt v19.07.3: revert to branch defaults
f3f38f40da OpenWrt v19.07.3: adjust config defaults
85e04e9f46 generic: platform/mikrotik: fix LZOR support
4cd9ae41c5 libjson-c: backport security fixes
6ffd4d8a4d ar71xx: remove hard-coded folder name from Mikrotik RB upgrade
d2ee15ef76 fstools: blockd: fix segfault triggered by non-autofs mounts
4cd44e5dc7 ar71xx: mikrotik: mach-rbspi.c remove wlan id
3fecb06fb1 ar71xx: mikrotik: bypass id check in __rb_get_wlan_data()
b36aa168d8 ar71xx: mikrotik: ath10k: use new sysfs driver
fa2369e59b generic: platform/mikrotik: support LZOR encoding
612b64e6c4 ar71xx: enable mikrotik platform driver
511859de9b generic: mikrotik platform build bits
ddae86cc69 generic: routerboot sysfs platform driver
2efcfb1d1a kernel: bump 4.14 to 4.14.180
ecea10f2b9 ath79: dts: add missing 'serial0' alias for TP-Link TL-MR3040v2
2020-05-27 02:12:44 +02:00
David Bauer
2e3a4a5179 modules: bump OpenWrt
d9244a1b5b generic: ar8216: fix unknown packet flooding for ar8229/ar8236
429e4490c4 libpcap: fix library packaging issues
e678cb1595 kernel: bump 4.14 to 4.14.179
8fa4ed9ef7 fstools: update to the latest version
5c6dfb5bc0 fstools: update to the latest version
607809dcdc mac80211: Update to version 4.19.120
96d280cc37 scripts/download: add sources CDN as first mirror
55ccb04046 upgs: Remove extra _DEFAULT_SOURCE definition
ee480c50c1 dante: Fix compile with glibc
5f0e25d966 perf: build with NO_LIBCAP=1
005adba939 mac80211: ath10k: increase rx buffer size to 2048
0974d59b5f kernel: backport fix for non-regular inodes on f2fs
f40947a8c0 ath79: indicate boot/failsafe/upgrade for NanoBeam/Nanostation AC
65cf72d5d2 ath79: add SUPPORTED_DEVICES based on ar71xx for some devices
f9ef0c5705 kernel: bump 4.14 to 4.14.178
2df0ea042d wpad-wolfssl: fix crypto_bignum_sub()
ec6cb33452 mac80211: backport fix for an no-ack tx status issue
f141cdd200 hostapd: unconditionally enable ap/mesh for wpa-cli
54b6683390 wireless-regdb: backport three upstream fixes
55591e63bc curl: backport fix for CVE-2019-15601
35ea808b97 uboot-kirkwood: fix ethernet and usb

Compile-tested: all targets
2020-05-07 00:39:16 +02:00
Martin Weinelt
03f718a071
patches: reorder OpenWrt 2020-04-29 13:40:04 +02:00
Matthias Schiffer
35e8b53385 kernel: backport slub prefetch fix from v4.19
This patch fixes a regression introduced in kernel v4.14. While the
commit message only mentions a performance penalty, the issue is
suspected to be the cause of spurious data bus errors on MIPS CPUs
(ar71xx target).

Fixes: #1982
2020-04-29 13:05:25 +02:00
Sven Eckelmann
8bc602b021 mac80211: ath10k: increase rx buffer size to 2048
Before, only frames with a maximum size of 1528 bytes could be
transmitted between two 802.11s nodes.

For batman-adv for instance, which adds its own header to each frame,
we typically need an MTU of at least 1532 bytes to be able to transmit
without fragmentation.

This patch now increases the maxmimum frame size from 1528 to 1656
bytes.

Tested with two ath10k devices in 802.11s mode, as well as with
batman-adv on top of 802.11s with forwarding disabled.

Fix originally found and developed by Ben Greear.
2020-04-25 21:33:41 +02:00
David Bauer
3e3d6d5c78 openwrt: refresh patches 2020-04-24 21:21:26 +02:00
Jan Alexander
17b49e20ee ath79-generic: add support for GL.iNet GL-AR750S 2020-04-09 20:29:24 +02:00
David Bauer
8df207c103 ipq40xx-generic: add support for Aruba AP-303 2020-01-04 01:43:10 +01:00
nrbffs
920aa1a21d
patches/openwrt: add set TARGET_ROOTFS_PARTSIZE to make combined image fit in 128MB 2019-12-28 18:06:43 +01:00
Matthias Schiffer
00b46f0662
modules: update OpenWrt base
f97d2351e2c1 ath79: remove ath10k drivers from Archer C7 v1 profile
7c321e00dd19 kernel: nf_conntrack_rtcache: fix WARNING on rmmod
2a2f9ffe81ce kernel: nf_conntrack_rtcache: fix WARNING on forward path
2019-11-23 22:44:39 +01:00
Matthias Schiffer
911ed5263d
Refresh OpenWrt package patches 2019-11-23 17:28:17 +01:00
Matthias Schiffer
154567dfdd
openwrt: Revert "kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod" 2019-11-23 17:28:17 +01:00
Matthias Schiffer
c3e764d1df
modules: update OpenWrt base
6160f773fef2 ipq40xx: add support for AVM FRITZ!Repeater 1200
63b1e8f8d226 ipq-wifi: add AVM FRITZ!Repeater 1200 bdf
496489ea95af uboot-fritz4040: update to latest HEAD
e30ca0d90a98 mac80211: update to version 4.19.85
b1ef0e443720 layerscape: Fix kernel patch
ad0463c2e875 kernel: Add missing configuration option
b0adf79c9e7c firewall: update to latest Git HEAD
b41619592792 firewall: update to latest git HEAD
3685f86cefac cns3xxx: use proper macros for defining partition regions
db345220b485 kernel: bump 4.14 to 4.14.155
538ca42ddad8 wireless-regdb: fix build when python2 from package feeds exists
2751c5c75219 wireless-regdb: fix patch fuzz
d6ecadb05c2b wireless-regdb: fix Makefile indentation
0a4071b550eb wireless-regdb: set PKGARCH:=all
e8d528af7e91 wireless-regdb: prefer python provided by make variable
53d8de0207e8 wireless-regdb: Make it build with python2
f2ef9b4feafe wireless-regdb: update to 2019.06.03
8fac0b398c34 ar71xx: fix buttons for TP-Link TL-WDR4900 v2
3c65c47ce6fd ar71xx: fix LED setup for TL-WDR4900 v2
b6c80f85cb7b ramips: set uImage name of WeVO 11AC NAS and W2914NS v2
e945c43142ab ar71xx: fix MAC address setup for TL-WDR4900 v2
8a21bc36229d ar71xx: fix MAC addresses for Archer C5 v1, C7 v1/v2, WDR4900 v2
2019-11-22 22:45:19 +01:00
Matthias Schiffer
02cbe0b794
kernel: refresh patches 2019-11-19 23:43:37 +01:00
Matthias Schiffer
0374526a8e
kernel: remove obsolete kernel 4.9 patch files 2019-11-19 23:36:20 +01:00