Commit Graph

17070 Commits (392a6bb5781f84f7785b569102760770a0b5bfd2)

Author SHA1 Message Date
Felix Fietkau 3d731fc903 mac80211: merge performance improvement patches
Fix fq_codel performance issues
Add a new rx function for batch processing

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-08-06 12:43:25 +02:00
Felix Fietkau b7727a8005 mac80211: fix AQL issues
- Remove bogus STA txq pending airtime underflow warning
- Improve tx airtime estimation for A-MPDU traffic

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-08-06 12:42:29 +02:00
Felix Fietkau 60f595daab binutils: update to version 2.34
Fixes perf on aarch64

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-08-06 12:42:16 +02:00
Felix Fietkau bab0d1c33c mt76: update to 2020-07-22
7bc58ca2b375 mt76: add missing lock configuring coverage class
43febd452110 mt76: mt7615: fix lmac queue debugsfs entry
0b9975254694 mt76: mt7615: fix hw queue mapping
4058595e146e mt76: overwrite qid for non-bufferable mgmt frames
49c7131dd0c5 mt76: mt76x02: do not access uninitialized NAPI structs
f185d90ec51c update mt7915 firmware to the latest version
0ed6a335ebc2 mt76: mt7615: re-enable offloading of sequence number assignment
2a52eabbddc5 mt76: usb: rely on mt76_for_each_q_rx
90fc1d8614e1 mt76: mt7663: introduce ARP filter offload
b57223dd01b9 mt76: mt7615: fix up typo in Kconfig for MT7663U
ec4057d685c0 mt76: add script for generating single-sku device tree data
769b030de636 mt76: add functions for parsing rate power limits from DT
1d2aedb248d0 mt76: extend DT rate power limits to support 11ax devices
a3e17ff8e624 mt76: mt7615: implement support for using DT rate power limits
a48a4ae32d48 mt76: allow more channels, allowed in ETSI domain
869ba618ef54 mt76: fix include in pci.h
b1ddec840aa4 mt76: rely on register macros
d6d9a7ea428d mt76: add U-APSD support on AP side
ee13b78367db mt76: mt7615: fix EEPROM buffer size
82a94173b162 mt76: mt7915: add missing CONFIG_MAC80211_DEBUGFS
c0dbbd930d32 mt76: mt7615: add .set_tsf callback
84d54df76996 mt76: mt7915: add a fixed AC queue mapping
dacc2d29672d mt76: mt7915: add MU-MIMO support
1ce4660a0ea3 mt76: mt7915: use ieee80211_tx_queue_params to avoid open coded
53891242a682 mt76: mt7915: add support for DT rate power limits
b3a4d78914f6 mt76: mt7915: rework the flow of txpower setting
c6ea163c019b mt76: mt7915: directly read per-rate tx power from registers
8ae83adc73a8 mt76: mt7915: overwrite qid for non-bufferable mgmt frames
740b0bfdf279 mt76: mt76x2e: rename routines in pci.c
b5eee1b52234 mt76: mt7615: schedule tx tasklet and sta poll on mac tx free
72f34107248e mt76: mt7615: add support for accessing mapped registers via bus ops
46bc8a0b5347 mt76: mt7615: add support for accessing RF registers via MCU
882cec420609 mt76: mt7615: use full on-chip memory address for WF_PHY registers
b1ddb8e35ca2 mt76: vif_mask to struct mt76_phy
3a1ea7287eb2 mt76: add API for testmode support
d7467bc018e5 mt76: mt7615: implement testmode support
3ea5da1639fe add utility for using testmode support
6789a2db7246 mt7615: fix getting wideband RSSI in test mode
7941217ffe46 mt76: mt7915: remove unused parameters in mt7915_puts_rate_txpower()
13ab1d648684 mt76: mt7915: update HE capabilities
3f0e66dc25de mt76: mt76x2: fix pci suspend/resume on mt7612e
c605f2b6940b mt76: mt76x2u: enable HC-M7662BU1
ca2b797ee52d mt76: mt7915: avoid memcpy in rxv operation
dad3f93e8f6a mt76: mt7615: avoid polling in fw_own for mt7663
ec303bfad299 mt76: move mt76 workqueue in common code
0bf82270568a mt76: mt7615: add mt7615_pm_wake utility routine
091e9b5df6af mt76: mt7615: introduce mt7615_mutex_{acquire,release} utilities
e3850966d74c mt76: mt7615: wake device before accessing regmap in debugfs
e6dcb71d7992 mt76: mt7615: wake device before configuring hw keys
050f8cd9cbe7 mt76: mt7615: introduce pm_power_save delayed work
56779a6c7dec mt76: mt7615: wake device in mt7615_update_channel before access regmap
b0bcdd66ccaa mt76: mt7615: acquire driver_own before configuring device for suspend
58369fdce235 mt76: mt7615: wake device before performing freq scan
2c188db1f7c7 mt76: mt7615: add missing lock in mt7615_regd_notifier
6fdb20a025eb mt76: mt7615: run mt7615_mcu_set_wmm holding mt76 mutex
36a789c00e4f mt76: mt7615: run mt7615_mcu_set_roc holding mt76 mutex
b8cdce45c131 mt76: mt7615: wake device before pulling packets from mac80211 queues
82e8e0525d6c mt76: mt7615: wake device before pushing frames in mt7615_tx
65ccc40c14e1 mt76: mt7615: run mt7615_pm_wake in mt7615_mac_sta_{add,remove}
2107caf92e71 mt76: mt7615: check MT76_STATE_PM flag before accessing the device
28a2f5fa6eed mt76: mt7615: do not request {driver,fw}_own if already granted
94519eac69c3 mt76: mt7615: add runtime-pm knob in mt7615 debugfs
ccc90dafea66 mt76: mt7615: enable beacon hw filter for runtime-pm
29f2bebe1a1e mt76: mt7615: add idle-timeout knob in mt7615 debugfs
58057d1f232b mt76: mt7615: improve mt7615_driver_own reliability
a873b7c8e3de mt76: mt7663u: sync probe sampling with rate configuration
b469c59c616c mt76: mt7615: avoid scheduling runtime-pm during hw scan
f1ff52acb6a7 mt76: mt7615: reschedule ps work according to last activity
1f670a534451 mt76: mt7663u: fix memory leak in set key
afff00ad2b60 mt76: mt7663u: fix potential memory leak in mcu message handler
4c9309f47ddf mt76: mt7615: fix potential memory leak in mcu message handler
379445b4aa7f mt76: mt7915: potential array overflow in mt7915_mcu_tx_rate_report()
750797b61ba8 mt76: fix copy&paste error in mt76_testmode_cmd
f9a7a2f7dbc2 testmode: fix setting tx_power
1641aa201682 mt76: mt7615: fix mt7615_mcu_set_test_param set non-bool parameters
6838d002f9de mt76: mt7615: fix tx_frames setup
8c0a25d6a38c mt76: mt7615: take into account sdio bus configuring txwi
c0cbef79eb45 mt76: mt76u: add mt76_skb_adjust_pad utility routine
98412356c959 mt76: mt7615: sdio code must access rate/key regs in preocess context
fa16627d7e3a mt76: mt7615: introduce mt7663-usb-sdio-common module
bf88e70c7a68 mt76: introduce mt76_sdio module
aa97be8e02de mt76: mt7615: introduce mt7663s support
1eb8b7d689a3 mt76: testmode: fix tx_done accounting on enqueue failures
632ce698e8ee mt76: mt7615: fix antenna settings for test mode
4d2f622190b6 mt76: mt76s: move queue accounting in mt76s_tx_queue_skb
9a3723c8febc mt76: mt7915: fix potential memory leak in mcu message handler
88fa973f59c2 mt76: mt7615: fix possible memory leak in mt7615_mcu_wtbl_sta_add
2fff7d77befd mt76: mt76u: add missing release on skb in __mt76x02u_mcu_send_msg
b5df0fbb1847 mt7615: update firmware to version 20200629

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-08-06 12:41:50 +02:00
Felix Fietkau 25e0ae6bfc mac80211: make cfg80211 testmode support optional (and disabled by default)
Testmode commands are typically only used for manufacturing or vendor specific
debugging features, so they should not be in the default image

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-08-06 12:36:23 +02:00
Jo-Philipp Wich b92f54b919 openvpn: fix arguments passing to wrapped up and down scripts
With the introduction of the generic OpenVPN hotplug mechanism, wrapped
--up and --down scripts got the wrong amount and order of arguments passed,
breaking existing configurations and functionality.

Fix this issue by passing the same amount of arguments in the same expected
order as if the scripts were executed by the OpenVPN daemon directly.

Ref: https://github.com/openwrt/openwrt/pull/1596#issuecomment-668935156
Fixes: 8fe9940db6 ("openvpn: add generic hotplug mechanism")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-08-06 08:34:31 +02:00
Jo-Philipp Wich 34553e8cc9 add vfconfig
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-08-06 08:34:19 +02:00
Jo-Philipp Wich 96b87196b0 dsaconfig: introduce package for UCI configuration of VLAN filter rules
This package provides the necessary files to translate `config dsa_vlan`
and `config dsa_port` sections  of `/etc/config/network` into appropriate
bridge vlan filter rules.

The approach of the configuration is to bridge all DSA ports into a logical
bridge device, called "switch0" by default, and to set VLAN port membership,
tagging state and PVID as specified by UCI on each port and on the switch
bridge device itself, allowing logical interfaces to reference port VLAN
groups by using "switch0.N" as ifname, where N denotes the VLAN ID.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-08-06 08:34:19 +02:00
Rafał Miłecki 3d167ed805 uhttpd: update to the latest master
212f836 ubus: rename JSON-RPC format related functions
628341f ubus: use local "blob_buf" in uh_ubus_handle_request_object()
9d663e7 ubus: use BLOBMSG_TYPE_UNSPEC for "params" JSON attribute
77d345e ubus: drop unused "obj" arguments
8d9e1fc ubus: parse "call" method params only for relevant call

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2020-08-05 15:49:03 +02:00
Jason A. Donenfeld 80a6d3d4a2 wireguard: bump to 1.0.20200729
* compat: rhel 8.3 beta removed nf_nat_core.h
* compat: ipv6_dst_lookup_flow was ported to rhel 7.9 beta

This compat tag adds support for RHEL 8.3 beta and RHEL 7.9 beta, in addition
to RHEL 8.2 and RHEL 7.8. It also marks the first time that
<https://www.wireguard.com/build-status/> is all green for all RHEL kernels.
After quite a bit of trickery, we've finally got the RHEL kernels building
automatically.

* compat: allow override of depmod basedir

When building in an environment with a different modules install path, it's
not possible to override the depmod basedir flag by setting the DEPMODBASEDIR
environment variable.

* compat: add missing headers for ip_tunnel_parse_protocol

This fixes compilation with some unusual configurations.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-08-03 23:14:24 +02:00
Adrian Schmutzler 50413e1ec8 package: replace remaining occurrences of ifconfig with ip
ifconfig is effectively deprecated for quite some time now. Let's
replace the remaining occurrences for packages by the
corresponding ip commands now.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-03 10:42:35 +02:00
Magnus Kroken 48a9d99a21 openvpn: revise sample configuration
Update the openvpn sample configurations to use modern options in favor
of deprecated ones, suggest more sane default settings and add some
warnings.

* Add tls_crypt and ncp_disable to the sample configuration
* Replace nsCertType with remote_cert_tls in client sample configuration
* Comment out "option compress", compression should not be preferred
* Advise 2048-bit Diffie-Hellman parameters by default
* Add warnings about compression and use of Blowfish (BF-CBC)

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2020-08-01 14:54:39 +01:00
Rui Salvaterra 9565c5726a uboot-envtools: ath79: add support for the Nanostation M (XM)
Tested on an AirGrid M2 (AG‑HP‑2G16).

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2020-08-01 14:54:39 +01:00
Rui Salvaterra f2af32c20c wireguard-tools: allow compiling with MIPS16 instructions
The wg utility compiles and runs without issues in MIPS16 mode, despite setting
PKG_USE_MIPS16:=0 in the makefile. Let's remove this, allowing for a substantial
size reduction of the wg executable. Since wg is a just a configuration utility,
it shouldn't be performance-critical, as the crypto heavy-lifting is done on the
kernel side.

wg sizes for both modes:

MIPS32: 64309 bytes
MIPS16: 42501 bytes

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2020-08-01 14:54:39 +01:00
Rosen Penev cd41234d2f exfat: add out of tree module
>From an email conversation with the person responsible for upstreaming
the exFAT driver, it seems the staging one in kernel 5.4 is not so
good. Excerpts below.

Namjae Jeon:
Hm... exfat in 5.4 kernel  that we did crap shit long time ago is
contributed by someone who we don't know.
This version is unstable and low quality code. We have been improving
it continuously.
and staging version exfat is removed from linux 5.7 kernel.

linux exfat oot  version is a backport of exfat in linux 5.7 kernel to
support lower version kernel, and it is a real.
You can see the patch history fro linux-exfat-oot.
this version support timezone and boot sector verification feature newly.
and better filesystem structure and much clean code quality that
reviewed by high profile kernel developers. and add many bug fixes.
And this version is officially maintained by me and kernel guys.

I would not recommend to use staging exfat version.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-08-01 14:54:39 +01:00
Rosen Penev d157ee0c12 staging: remove staging exfat driver
This will be replaced with the driver found in newer kernels.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-08-01 14:54:39 +01:00
David Bauer 68bf5a9659 mac80211: don't kill wireless daemon on teardown
Don't kill the wireless daemon on teardown. hostapd as well as
wpa_supplicant are managed by procd which would detect the shutdown of
either process as a crash loop.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-31 19:52:03 +02:00
David Bauer 8b3e170526 hostapd: fix incorrect service name
When retrieving the PID for hostapd and wpa_supplicant via ubus the
wrong service name is currently used. This leads to the following error
in the log:

netifd: radio0 (1409): WARNING (wireless_add_process):
executable path /usr/sbin/wpad does not match process  path (/proc/exe)

Fixing the service name retrieves the correct PID and therefore the
warning won't occur.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-31 19:51:51 +02:00
Adrian Schmutzler 65305cb448 kirkwood: use real model names for Linksys devices
This replaces the internal device names "Audi" and "Viper" with the
real model names, which a user would look for. This makes the
Linksys devices on this target consistent with the names recently
changed for mvebu based on the same idea.

As a consequence, the "viper" device definition is split into two
separate definitions with the correct names for both real models.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-31 15:03:43 +02:00
Tony Ambardar 217877d046 base-files: mount bpffs at boot
Explicitly mount the BPF filesystem if available. This is used for pinning
eBPF programs and maps, making them accessible to other eBPF programs or
from userspace with the help of libbpf or bpftool.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
[daniel@makrotopia.org: bumped PKG_RELEASE]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-31 13:43:03 +01:00
Adrian Schmutzler c4dd7fc23b hostapd: reorganize config selection hierarchy for WPA3
The current selection of DRIVER_MAKEOPTS and TARGET_LDFLAGS is
exceptionally hard to read. This tries to make things a little
easier by inverting the hierarchy of the conditions, so SSL_VARIANT
is checked first and LOCAL_VARIANT is checked second.

This exploits the fact that some of the previous conditions were
unnecessary, e.g. there is no hostapd-mesh*, so we don't need
to exclude this combination.

It also should make it a little easier to see which options are
actually switched by SSL_VARIANT and which by LOCAL_VARIANT.

The patch is supposed to be cosmetic.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-31 11:40:15 +02:00
Adrian Schmutzler 02d6ac1060 base-files: fwtool: make compat_version backward compatible
So far, the compatibility mechanism only works if both device and
image are already updated to the new routines. This patch extends
the sysupgrade metadata and fwtool_check_image() to account for
"older" images as well:

The basic mechanism for older devices to check for image compatibility
is the supported_devices entry. This can be exploited by putting
a custom message into this variable of the metadata, so older FW
will produce a mismatch and print the message as it thinks it's the
list of supported devices. So, we have two cases:

device 1.0, image 1.0:
  The metadata will just contain supported_devices as before.

device 1.0, image 1.1:
  The metadata will contain:

  "new_supported_devices":["device_string1", "device_string2", ...],
  "supported_devices":["Image version 1.1 incompatible to device: ..."]

  If the device is "legacy", i.e. does not have the updated fwtool.sh,
  it will just fail with image check and print the content of
  supported_devices. If DEVICE_COMPAT_MESSAGE is set, this will be
  printed on old devices as well through the same mechanism. Otherwise
  a generic "Please check documentation ..." is appended.

  Upgrade can still be performed with -F like when
  SUPPORTED_DEVICES has been removed to prevent bricking.

  If the device has updated fwtool.sh (but is 1.0), it will just use
  the new_supported_devices instead, and work as intended (flashing
  with -n will work, flashing without will print the appropriate
  warning).

This mechanism should provide a fair tradeoff between simplicity
and functionality.

Since we touched a lot of fields in metadata, this also bumps
metadata_version to 1.1.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-31 11:40:15 +02:00
Adrian Schmutzler ad3e1f9db4 base-files: fwtool: implement compatibility check for images
We regularly encounter the situation that devices are subject to
changes that will make them incompatible to previous versions.
Removing SUPPORTED_DEVICES will not really be helpful in most of these
cases, as this only helps after a rename.

To solve this situation, this patchset introduces a compatibility
version for devices. In this patch, the actual checks are implemented
into fwtool_check_image():

If an incompatible change is introduced, one can increase either
the minor version (1.0->1.1) or the major version (1.0->2.0).

Minor version increment:
This will still allow sysupgrade, but require to reset config
(-n or SAVE_CONFIG=0). If sysupgrade is called without -n, a
corresponding message will be printed. If sysupgrade is called
with -n, it will just pass, with supported devices being checked
as usual. (Which will allow us to add back SUPPORTED_DEVICES for
many cases.)

Major version increment:
This is meant for potential (rare) cases where sysupgrade is
not possible at all, because it would break the device.
In this case, a warning will be printed, and -n won't help.

If image check fails because of one of the versions parts not
matching, the content of DEVICE_COMPAT_MESSAGE is printed in
addition to the generic message (if set).

For both cases, upgrade can still be forced with -F as usual.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-31 11:40:15 +02:00
Adrian Schmutzler 735de53b2a base-files: add support for compat_version on device
We regularly encounter the situation that devices are subject to
changes that will make them incompatible to previous versions.
Removing SUPPORTED_DEVICES will not really be helpful in most of these
cases, as this only helps after a rename.

To solve this situation, this patchset introduces a compatibility
version for devices. To complement the DEVICE_COMPAT_VERSION set
for the image to be flashed, this implements a compat_version on
the device, so it will have something to compare with the image.

The only viable way to achieve this seems to be via board.d files,
i.e. this is technically adding a compat version for the device's
config.

Like for the network setup, this will set up a command
ucidef_set_compat_version to set the compat_version in board.d.
This will then add a string to /etc/board.json, which will be
translated into uci system config by bin/config_generate.
By this, the compat_version, being a version of the config, will
also be exposed to the user.

As with DEVICE_COMPAT_VERSION, missing uci entry will be assumed
as compat_version "1.0", so we only need to add this if a device
needs to be bumped, e.g.

   ucidef_set_compat_version "1.1"

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-31 11:40:15 +02:00
Daniel Golle d15b6e4895 procd: update to git HEAD
28be011 instance: make sure values are not inherited from previous runs
 2ae5cbc uxc: remove debugging left-over

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-30 17:16:53 +01:00
Adrian Schmutzler 917980fd8a hostapd: improve TITLE for packages
For a few packages, the current TITLE is too long, so it is not
displayed at all when running make menuconfig. Despite, there is
no indication of OpenSSL vs. wolfSSL in the titles.

Thus, this patch adjusts titles to be generally shorter, and adds
the SSL variant to it.

While at it, make things easier by creating a shared definition for
eapol-test like it's done already for all the other flavors.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-30 16:27:44 +01:00
Daniel Golle 34705946e2 hostapd: update mesh DFS patches and add mesh HE support
Drop outdated and by now broken patchset originally supplied by
Peter Oh in August 2018 but never merged upstream.
Instead add the more promissing rework recently submitted by
Markus Theil who picked up Peter's patchset, fixed and completed it
and added support for HE (802.11ax) in mesh mode.

This is only compile tested and needs some real-life testing.

Fixes: FS#3214
Fixes: 167028b750 ("hostapd: Update to version 2.9 (2019-08-08)")
Fixes: 0a3ec87a66 ("hostapd: update to latest Git hostap_2_9-1238-gdd2daf0848ed")
Fixes: 017320ead3 ("hostapd: bring back mesh patches")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-30 16:27:44 +01:00
Daniel Golle a15ed964cf procd: update to git HEAD
c3ca99f jail: serialize hook execution
 8ff8970 jail: add some remaining OCI features
 9d5fa0a uxc: behave more like a compliant OCI run-time
 1274033 uxc: fix create operation
 2d811a4 jail: add 'kill' method to container.%s object
 08133b8 uxc: use new container.%s kill ubus API

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-29 10:33:19 +01:00
David Bauer c3e252d080 base-files: add function for generating random MAC
This adds a function for generating a valid random MAC address (unset MC
bit / set locally administered bit).

It is necessary for devices which do not have a MAC address programmed
by the manufacturer.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-28 15:52:44 +02:00
David Bauer 04f06787f1 uboot-rockchip: add NanoPi R2S support
Add support for the FriendlyARM NanoPi R2S.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-28 15:52:44 +02:00
David Bauer 65ac670b79 uboot-rockchip: update to v2020.07
Update the U-Boot to version v2020.07. Also replace the Makefile rewrite
with a proper patch, explaining why this hack is needed.

Run-tested: FriendlyARM NanoPi R2S

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-28 15:52:44 +02:00
Lucian Cristian 444b107118 atf-rockchip: update to 2.3
also install the firmware for all the supported boards

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
[fix ATF blob path in uboot-rockchip]
Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-28 15:52:44 +02:00
Adrian Schmutzler 8126e572dd imx6: use device-tree compatible for board name
In imx6, we currently use the model from DTS to derive a board name
manually in /lib/imx6.sh.

However, if we have individual DTS files anyway, we can exploit
generic 02_sysinfo and use the compatible as board name directly.

While at it, remove the wildcards from /lib/upgrade/platform.sh as
these might make code shorter, but are quite unpleasant when grepping
for a specific device.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-27 12:10:45 +02:00
Adrian Schmutzler 0f3c3a5fb2 layerscape: harmonize device strings
OpenWrt lately has harmonized device (definition) names to the
pattern vendor_model to improve overall consistency, also with
other values like the DTS compatible.

This patch applies that scheme to the layerscape target.

Since this (intentionally) creates a bigger overlap between DTS names,
compatible, and device definition name, it also moves DEVICE_DTS and
SUPPORTED_DEVICES definitions to the Device/Default blocks.

Apart from that, it also modifies several packages to use consistent
naming in order to keep the $(1) file references working.

While at it, remove one layer of complexity for the setup in
tfa-layerscape package.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-27 12:06:52 +02:00
Yousong Zhou 6c57fb7aa9 firewall: bump to version 2020-07-05
Changes since last source version

  e9b90df zones: apply tcp mss clamping also on ingress path
  050816a redirects: fix segmentation fault
  f62a52b treewide: replace unsafe string functions
  23cc543 improve reload logic
  9d7f49d redurects: add support to define multiple zones for dnat reflection rules
  f87d0b0 firewall3: defaults: fix uci flow_offloading option
  fe9602c rules: fix typo
  7cc2a84 defaults: robustify flow table detection.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2020-07-26 18:10:52 +08:00
David Woodhouse ad295e0ee8 mediatek: add U-Boot build for UniElec U7623
Patches submitted upstream at
https://patchwork.ozlabs.org/project/uboot/list/?series=189178

Tested on Banana Pi R2 and U7623-06.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2020-07-26 16:42:36 +08:00
David Bauer a956c14d6a mac80211: util: don't warn on missing sband iftype data
The kernel currently floods the ringbuffer with warnings when adding a
mesh interface for a device not support HE 6GHz modes.

Return without warning in this case, as mesh_add_he_6ghz_cap_ie calls
ieee80211_ie_build_he_6ghz_cap regardless of the supported interface
modes.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-25 22:36:34 +02:00
Daniel Golle 98b60b3efa procd: jail: fix build on glibc and uclibc
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-25 16:54:40 +01:00
Daniel Golle 114e5255c4 procd: update to git HEAD
48777de rcS: cast format string to int64_t
 a4df90f jail: fix wrong format for 32-bit
 c482c5d jail: add support for referencing existing namespaces

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-25 16:07:59 +01:00
Kevin Darbyshire-Bryant b2f7355eec cake-oot: update to latest HEAD
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-07-24 18:44:31 +01:00
Hauke Mehrtens ed2015c386 mac80211: Update to version 5.8-rc2-1
The following patches:
* 972-ath10k_fix-crash-due-to-wrong-handling-of-peer_bw_rxnss_override-parameter.patch
* 973-ath10k_fix-band_center_freq-handling-for-VHT160-in-recent-firmwares.patch
are replaced by this commit in the upstream kernel:
* 3db24065c2c8 ("ath10k: enable VHT160 and VHT80+80 modes")

The following patches were applied upstream:
* 001-rt2800-enable-MFP-support-unconditionally.patch
* 090-wireless-Use-linux-stddef.h-instead-of-stddef.h.patch

The rtw88 driver is now split into multiple kernel modules, just put it
all into one OpenWrt kernel package.

rtl8812au-ct was patched to compile against the mac80211 from kernel
5.8, but not runtime tested.

Add a patch which fixes ath10k on IPQ40XX, this patch was send upstream
and fixes a crash when loading ath10k on this SoC.

Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [ipq40xx/ map-ac2200]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-23 23:39:56 +02:00
Hauke Mehrtens d1100c76b3 mac80211: Update to version 5.7.5-1
The b43 and b43legacy driver now support DRIVER_11W_SUPPORT.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-23 22:28:52 +02:00
Rosen Penev 1db3fb5842 uboot-mediatek: remove swig requirement
Ever since this package was introduced, the SDK for mt7629 failed to
build as it started failing on this package.

Fixed by porting Hauke's similar patch for uboot-sunxi to uboot-mediatek.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-07-23 17:38:13 +02:00
Michal Hrusecky cdb25bcef3 openvpn: Allow override of interface name
If using a configuration file for OpenVPN, allow overriding name of the
interface. The reason is that then people could use configuration file
provided by VPN provider directly and override the name of the interface
to include it in correct firewall zone without need to alter the
configuration file.

Signed-off-by: Michal Hrusecky <michal@hrusecky.net>
(cherry picked from commit c93667358515ec078ef4ac96393623ac084e5c9e)
2020-07-23 13:10:09 +02:00
Michal Hrusecky 8483bf3126 openpvn: Split out config parsing code for reuse
Split out code that parses openvpn configuration file into separate file
that can be later included in various scripts and reused.

Signed-off-by: Michal Hrusecky <michal@hrusecky.net>
(cherry picked from commit 86d8467c8ab792c79809a08c223dd9d40da6da2e)
2020-07-23 13:10:09 +02:00
Kevin Darbyshire-Bryant 9b9726aeb4 kmod-sched-cake-oot: fix PKG_MIRROR_HASH
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-07-22 15:59:54 +01:00
Kevin Darbyshire-Bryant 017cd5bfb0 umdns: fix compiling using gcc 10
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-07-22 15:59:54 +01:00
David Bauer 93bbd998aa hostapd: enter DFS state if no available channel is found
Previously hostapd would not stop transmitting when a DFS event was
detected and no available channel to switch to was available.

Disable and re-enable the interface to enter DFS state. This way, TX
does not happen until the kernel notifies hostapd about the NOP
expiring.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-20 15:08:19 +02:00
David Bauer cfd2f3bf6f mac80211: create channel list for fixed channel operation
Currently a device which has a DFS channel selected using the UCI
channel setting might switch to a non-DFS channel in case no chanlist is
provided (UCI setting "channels") when the radio detects a DFS event.

Automatically add a chanlist consisting of the configured channel when
the device does not operate in auto-channel mode and no chanlist set to
circumvent this issue.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-07-20 15:07:47 +02:00
Johannes Kimmel 65e9de3c33 vxlan: add capability for multiple fdb entries
Similar to wireguard, vxlan can configure multiple peers or add specific
entries to the fdb for a single mac address.

While you can still use peeraddr/peer6addr option within the proto
vxlan/vxlan6 section to not break existing configurations, this patch
allows to add multiple sections that conigure fdb entries via the bridge
command. As such, the bridge command is now a dependency of the vxlan
package. (To be honest without the bridge command available, vxlan isn't
very much fun to use or debug at all)

Field names are taken direclty from the bridge command.

Example with all supported parameters, since this hasn't been documented so
far:

  config interface 'vx0'
      option proto     'vxlan6'      # use vxlan over ipv6

      # main options
      option ip6addr   '2001:db8::1' # listen address
      option tunlink   'wan6'        # optional if listen address given
      option peer6addr '2001:db8::2' # now optional
      option port      '8472'        # this is the standard port under linux
      option vid       '42'          # VXLAN Network Identifier to use
      option mtu       '1430'        # vxlan6 has 70 bytes overhead

      # extra options
      option rxcsum  '0'  # allow receiving packets without checksum
      option txcsum  '0'  # send packets without checksum
      option ttl     '16' # specifies the TTL value for outgoing packets
      option tos     '0'  # specifies the TOS value for outgoing packets
      option macaddr '11:22:33:44:55:66' # optional, manually specify mac
                                         # default is a random address

Single peer with head-end replication. Corresponds to the following call
to bridge:

  $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3

  config vxlan_peer
      option vxlan 'vx0'
      option dst '2001:db8::3' # always required

For multiple peers, this section can be repeated for each dst address.

It's possible to specify a multicast address as destination. Useful when
multicast routing is available or within one lan segment:

  config vxlan_peer
      option vxlan 'vx0'
      option dst 'ff02::1337' # multicast group to join.
                              # all bum traffic will be send there
      option via 'eth1'       # for multicast, an outgoing interface needs
                              # to be specified

All available peer options for completeness:

  config vxlan_peer
      option vxlan   'vx0'               # the interface to configure
      option lladdr  'aa:bb:cc:dd:ee:ff' # specific mac,
      option dst     '2001:db8::4'       # connected to this peer
      option via     'eth0.1'            # use this interface only
      option port    '4789'              # use different port for this peer
      option vni     '23'                # override vni for this peer
      option src_vni '123'               # see man 3 bridge

Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
2020-07-20 13:43:36 +02:00