1. 05 May, 2021 2 commits
  2. 01 Feb, 2021 1 commit
    • David Bauer's avatar
      modules: update OpenWrt · 39c1f672
      David Bauer authored
      a7a207e18b mt76: update to the latest version
      1ce5008597 wireguard: Fix compile with kernel 4.14.217
      2ecb22dc51 kernel: bump 4.14 to 4.14.217
      11f4918ebb dnsmasq: backport fixes
      9999c87d3a netifd: fix IPv6 routing loop on point-to-point links
      250dbb3a60 odhcp6c: fix IPv6 routing loop on point-to-point links
      d816c6cd31 kernel: bump 4.14 to 4.14.216
      c21d59dc11 imagebuilder: pass IB=1 on checking requirements
      39c1f672
  3. 25 Jan, 2021 2 commits
    • David Bauer's avatar
      Merge pull request #2178 from T-X/pr-bridge-fix-mc-snoopers-join-deadlock · ec8c4043
      David Bauer authored
      kernel: bridge: Fix a deadlock when enabling multicast snooping
      ec8c4043
    • Linus Lüssing's avatar
      kernel: bridge: Fix a deadlock when enabling multicast snooping · 13cb7504
      Linus Lüssing authored
      
      
      [ Upstream commit 851d0a73c90e6c8c63fef106c6c1e73df7e05d9d ]
      
      From: Joseph Huang <Joseph.Huang@garmin.com>
      
      When enabling multicast snooping, bridge module deadlocks on multicast_lock
      if 1) IPv6 is enabled, and 2) there is an existing querier on the same L2
      network.
      
      The deadlock was caused by the following sequence: While holding the lock,
      br_multicast_open calls br_multicast_join_snoopers, which eventually causes
      IP stack to (attempt to) send out a Listener Report (in igmp6_join_group).
      Since the destination Ethernet address is a multicast address, br_dev_xmit
      feeds the packet back to the bridge via br_multicast_rcv, which in turn
      calls br_multicast_add_group, which then deadlocks on multicast_lock.
      
      The fix is to move the call br_multicast_join_snoopers outside of the
      critical section. This works since br_multicast_join_snoopers only deals
      with IP and does not modify any multicast data structures of the bridge,
      so there's no need to hold the lock.
      
      Steps to reproduce:
      1. sysctl net.ipv6.conf.all.force_mld_version=1
      2. have another querier
      3. ip link set dev bridge type bridge mcast_snooping 0 && \
         ip link set dev bridge type bridge mcast_snooping 1 < deadlock >
      
      A typical call trace looks like the following:
      
      [  936.251495]  _raw_spin_lock+0x5c/0x68
      [  936.255221]  br_multicast_add_group+0x40/0x170 [bridge]
      [  936.260491]  br_multicast_rcv+0x7ac/0xe30 [bridge]
      [  936.265322]  br_dev_xmit+0x140/0x368 [bridge]
      [  936.269689]  dev_hard_start_xmit+0x94/0x158
      [  936.273876]  __dev_queue_xmit+0x5ac/0x7f8
      [  936.277890]  dev_queue_xmit+0x10/0x18
      [  936.281563]  neigh_resolve_output+0xec/0x198
      [  936.285845]  ip6_finish_output2+0x240/0x710
      [  936.290039]  __ip6_finish_output+0x130/0x170
      [  936.294318]  ip6_output+0x6c/0x1c8
      [  936.297731]  NF_HOOK.constprop.0+0xd8/0xe8
      [  936.301834]  igmp6_send+0x358/0x558
      [  936.305326]  igmp6_join_group.part.0+0x30/0xf0
      [  936.309774]  igmp6_group_added+0xfc/0x110
      [  936.313787]  __ipv6_dev_mc_inc+0x1a4/0x290
      [  936.317885]  ipv6_dev_mc_inc+0x10/0x18
      [  936.321677]  br_multicast_open+0xbc/0x110 [bridge]
      [  936.326506]  br_multicast_toggle+0xec/0x140 [bridge]
      
      Fixes: 4effd28c1245 ("bridge: join all-snoopers multicast address")
      Signed-off-by: default avatarJoseph Huang <Joseph.Huang@garmin.com>
      Acked-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Link: https://lore.kernel.org/r/20201204235628.50653-1-Joseph.Huang@garmin.com
      
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      [linus.luessing@c0d3.blue: backported to 4.4]
      13cb7504
  4. 19 Jan, 2021 1 commit
    • David Bauer's avatar
      modules: update OpenWrt · 9df297bd
      David Bauer authored
      6fc02f2a45 OpenWrt v19.07.6: revert to branch defaults
      b12284a14c OpenWrt v19.07.6: adjust config defaults
      8055e38794 dnsmasq: Backport some security updates
      733e62a8e1 uboot-at91: Add PKG_MIRROR_HASH to fix download
      53814dadaf at91bootstrap: Add PKG_MIRROR_HASH to fix download
      e30d3ea95f mbedtls: update to 2.16.9
      c7b9c85819 kernel: bump 4.14 to 4.14.215
      c9388fa986 kernel: bump 4.14 to 4.14.214
      e290024717 glibc: update to latest 2.27 commit
      2c37993c8a build/prereq: merge ifndef IB block together
      79b1fa1702 build, imagebuilder: Do not require compilers
      58138df2d5 build, imagebuilder: Do not require libncurses-dev
      42e478eb0d build/json: add filesystem information
      9df297bd
  5. 13 Jan, 2021 3 commits
  6. 12 Jan, 2021 4 commits
  7. 10 Jan, 2021 2 commits
  8. 09 Jan, 2021 1 commit
  9. 02 Jan, 2021 6 commits
  10. 29 Dec, 2020 1 commit
  11. 20 Dec, 2020 1 commit
    • David Bauer's avatar
      modules: update OpenWrt · 049625bb
      David Bauer authored
      b14eeccdfe ath79: image: fix initramfs for safeloader devices
      cb58c7fe73 kernel: bump 4.14 to 4.14.212
      fb52c40531 wireless-regdb: Update to version 2020.11.20
      7711a5906a wireless-regdb: bump to latest release 2020-04-29
      c03f018220 openssl: update to 1.1.1i
      0a59e2a76e mac80211: Update to version 4.19.161-1
      3f5fecfd33 ramips: enable LED VCC for Asus RT-AC51U
      049625bb
  12. 19 Dec, 2020 1 commit
  13. 15 Dec, 2020 1 commit
    • David Bauer's avatar
      wireless-encryption mesh-wireless-sae: depend on OpenSSL daemons · 430c0ecc
      David Bauer authored
      This switches the used wireless daemons for OWE / SAE to the OpenSSL
      flavors. The WolfSSL implementation currently seems to be broken.
      
      THis switch may be reverted at a later point in time when hostapd /
      wpa_supplicant implementations for WolfSSL have matured.
      430c0ecc
  14. 11 Dec, 2020 1 commit
  15. 07 Dec, 2020 2 commits
    • David Bauer's avatar
      modules: refresh OpenWrt patches · 604087fa
      David Bauer authored
      Fixes commit fb8cd562 ("modules: update OpenWrt")
      604087fa
    • David Bauer's avatar
      modules: update OpenWrt · fb8cd562
      David Bauer authored
      d0b8be75ff generic: ipeth: fix iOS 14 tethering
      bdc2f19f9d OpenWrt v19.07.5: revert to branch defaults
      c37eb9a9f9 OpenWrt v19.07.5: adjust config defaults
      5090152ae3 tools: always create $STAGING_DIR/usr/{include,lib}
      fb8cd562
  16. 06 Dec, 2020 4 commits
    • Andreas Ziegler's avatar
      modules: update OpenWrt · 8be025fe
      Andreas Ziegler authored
      d830403133 toolchain: kernel-headers: kernel Git tree mirror hash
      8c2bb1d9b6 toolchain: kernel-headers: fix check target for kernel Git tree
      a47caacaf3 download.pl: properly cleanup intermediate .hash file
      605adb1023 download: handle possibly invalid local tarballs
      5abe989475 cmake.mk,rules.mk: fix host builds using CMake and ccache
      77734ce82a cmake.mk: set C/CXX compiler for host builds as well
      ebe8cc2b2a mvebu: fixup Turris Omnia U-Boot environment
      f10332c292 mvebu: base-files: Update Turris Omnia U-Boot environment
      ca1ee39854 mvebu: Add turris-omnia.bootscript
      f61e053e72 uboot-envtools: mvebu: update uci defaults for Turris Omnia
      f1525e785e kernel: backport GD25Q256 support from 4.15
      c72b7a4f0d kernel: bump 4.14 to 4.14.209
      c420f77678 wireguard-tools: fix category/description in menuconfig
      8be025fe
    • David Bauer's avatar
      Merge pull request #2157 from blocktrron/xtables-addons · 6d95ec64
      David Bauer authored
      openwrt: fix xtables-addons build
      6d95ec64
    • David Bauer's avatar
      Revert "openwrt: revert kernel: add netfilter-actual-sk patch" · 5ee379bb
      David Bauer authored
      This reverts commit 94736703.
      
      Bumping the packages feed fixes the xtables-addons build.
      5ee379bb
    • David Bauer's avatar
      modules: bump OpenWrt packages · f52139f9
      David Bauer authored
      2974079d3 nano: update to 5.4
      e82884caf miniupnpd: Pass ipv6 addr to ipv6_listening_ip
      33bd6b6af Merge pull request #14115 from mwarning/zt
      ace81238c zerotier: update to 1.6.2
      808a67b35 net/miniupnpd: ext_ip_reserved_ignore support
      1adf9d979 miniupnpd: Added chain rule to filter table so udp stun incoming connections rules works
      4ed18c40e miniupnpd: update to 2.2.0
      16cceb118 net/miniupnpd: check by /etc/init.d/miniupnpd running
      93d44081c miniupnpd: default to IGDv1
      49fb6862d adblock: reporting fixes/tweaks
      613d4e19c Merge pull request #14029 from aaronjg/xtables-addons-fix
      12b0f8c1a xtables-addons: patch for 4.14 route_me_harder fix
      a453361e7 Merge pull request #13943 from jjm2473/openwrt-19.07-fix-libtirpc-clang
      fb9077a72 Merge pull request #13983 from rs/nextdns-1.9.4-openwrt-19.07
      591601446 nextdns: Update to version 1.9.4
      889c46a79 Merge pull request #13981 from rs/nextdns-1.9.3-openwrt-19.07
      c65dc2c45 nextdns: Update to version 1.9.3
      446bec699 Merge pull request #13937 from jjm2473/openwrt-19.07-fix-vim-clang
      fb7630209 travelmate: refine scan interface determination
      c68be0b84 libs/libtirpc: fix host compile with clang 12.0.0
      1f5670bdf vim: fix host compile with clang 12.0.0
      f52139f9
  17. 05 Dec, 2020 1 commit
  18. 01 Dec, 2020 1 commit
    • David Bauer's avatar
      modules: update OpenWrt · 435c5196
      David Bauer authored
      0ce0d687de ipq40xx: disable double-tagging for PSGMII devices
      6703abb7ca tcpdump: patch CVE-2020-8037
      b4698d87c8 kernel: mtd: parser: cmdline: Fix parsing of part-names with colons
      193adc94d1 ar71xx,ath79: refresh 910-unaligned_access_hacks.patch
      733a482733 musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928)
      c9c7b4b394 kernel: add netfilter-actual-sk patch
      a448ad7490 uhttpd: update to 19.07 Git HEAD
      435c5196
  19. 20 Nov, 2020 1 commit
  20. 17 Nov, 2020 2 commits
    • Martin Weinelt's avatar
      modules: update packages · b09a124a
      Martin Weinelt authored
      b77fabe01 Merge pull request #13911 from ja-pa/libexif-sec-19.07
      e74565a0b libexif: update to 0.6.22
      68eb1943c mwan3: add missing dependency
      b038148cc mwan3: Remove fork/exec for head
      c5d61945f haproxy: Update HAProxy to v2.0.19
      5b3870890 php7: update to 7.2.34
      2bd627ec7 Merge pull request #13828 from jgora/jgora
      d1d53a3ac xtables-addons: Support IPTV Timeshift
      05efc24fd youtube-dl: update to version 2020.11.1.1
      5db211c62 youtube-dl: update to version 2020.9.20
      7b1ac9283 youtube-dl: update to version 2020.9.14
      3a61338ab bind: update to version 9.16.8
      2331de4ec libftdi1: disable building documentation
      73c7bcb63 libftdi1: Fix pkgconfig paths properly
      82208ceca libftdi1: Apply pkgconfig fixes to libftdipp1 as well
      58b6d0ee5 libftdi1: Partially add back InstallDev
      55e7acc25 libftdi1: Remove faulty change from last patch
      45e7e13dc libftdi1: Don't build examples
      089699b1e tinyproxy: convert to procd
      39ce33461 tinyproxy: update to 1.10.0
      b07f752e7 nextdns: Update to version 1.8.8
      99e77a716 openconnect: allow specify --protocol from config
      37303e1f0 adblock: update 4.0.7-2
      5dbbb7ebf adblock: update 4.0.7
      0c9206469 zoneinfo: Updated to the latest release
      a9162448c zoneinfo: Updated to the latest release
      abcbc5e1c zoneinfo: Updated to the latest release.
      b09a124a
    • Martin Weinelt's avatar
      modules: update OpenWrt · 2537b743
      Martin Weinelt authored
      2a8279c161 layerscape: Fix check after kernel update
      ac5297340e kernel: bump 4.14 to 4.14.206
      589c3cf4e0 ath79: remove wmac mtd-mac-address for UniFi AC family
      2a3dbded93 feeds: add freifunk feed
      ad3c2b9736 ath79: use correct firmware name for UniFi AP
      84ae238324 ramips: fix logic level for DIR-645 buttons
      c25e3275ac ath79: fix LED labels for PowerCloud CAP324
      78c4c04dd7 uci: Backport security fixes
      3af9c5fefd uboot-envtools: mvebu: fix config for mainline u-boot
      7fbee0c7b2 mvebu: Add bootscript for espressobin to support mainline firmware
      14903d9d8c kernel: bump 4.14 to 4.14.202
      03a029745f firmware: intel-microcode: update to 20200616
      95d60bf881 firmware: amd64-microcode: update to 20191218
      dda5e3db19 firewall: options: fix parsing of boolean attributes
      7dd822983b kernel: bump 4.14 to 4.14.201
      aee081e62e oxnas: fix qc_prep return in sata driver after kernel 4.14.200
      6696fddfd9 mac80211: do not allow bigger VHT MPDUs than the hardware supports
      9c718b5478 kernel: bump 4.14 to 4.14.200
      b21bea7b1b ath79: ar8216: make switch register access atomic
      891022918d scripts: getver.sh: fix version based on stable branch
      8076fb59ab openssl: bump to 1.1.1h
      f4286d7bc2 ath79: fix rssi-low LED for My Net Range Extender
      d82e6a2f10 kernel: Update to version 4.14.199
      86b44028e2 comgt: fix hotplug event handling
      34a9652904 Revert "ramips: ethernet: fix to interrupt handling"
      
      Build-tested: x86-64, ath79-generic, ipq40xx-generic
      2537b743
  21. 16 Nov, 2020 1 commit
  22. 15 Nov, 2020 1 commit