OpenWrt Network interface configuration daemon https://git-03.infra.openwrt.org/project/netifd/atom?h=master 2026-04-23T10:48:22Z 2026-04-23T10:48:22Z Markus Stockhausen 2026-04-21T06:28:36Z urn:sha1:e45b890fa532bb89380b78008c2cc70bfad2c4c7 system_set_ethtool_settings() might be called when the interface is still in admin state. In this status the kernel does not guarantee a consistent result of phylink_ethtool_ksettings_get(). E.g. the autonegotiation flag is always false for a SFP module that is plugged in during boot. To avoid an inconsistent read/modify/write sequence return early from system_set_ethtool_settings() if nothing needs to be done. Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de> 2026-04-23T09:06:05Z Felix Fietkau 2026-04-23T09:05:29Z urn:sha1:8c319597d6aa5a06a23020d9c62127ab9b8ff3e1 system_if_apply_settings() already routes every sysctl and ioctl through apply_mask, but the trailing system_set_ethtool_settings() call ran unconditionally. Its internal sub-decisions are driven by s->flags, so whenever the device has DEV_OPT_AUTONEG (or any other link-mode bit) configured, ETHTOOL_SLINKSETTINGS fires on every call and renegotiates the PHY. That makes the recent live-apply path (1375538b9d83) bounce the link on any pure-sysctl change: a diff of just DEV_OPT_RPFILTER on an eth0 with autoneg=1 eee=0 re-issues SLINKSETTINGS, drops the carrier, and tears down wan/wan6. Gate the ethtool call on apply_mask carrying at least one bit that system_set_ethtool_settings() actually consumes. At bringup apply_mask == s->flags, so behaviour is unchanged when any ethtool attribute is configured; for live-apply every ethtool bit is outside DEV_OPT_LIVE_APPLY_MASK, so the call is skipped and the link stays up. Signed-off-by: Felix Fietkau <nbd@nbd.name> 2026-04-21T15:41:35Z Felix Fietkau 2026-04-21T13:03:23Z urn:sha1:1375538b9d8361abd91da909410f9dd62c56c26c A reload_config that only changes per-netdev sysctls (rpfilter, drop_unsolicited_na, neigh*, etc.) currently tears the device down and brings it back up because device_set_config() promotes any device-attr diff to DEV_CONFIG_RESTART. On a bridge that detaches every member and bounces every DSA port for 2-3 s even though the change is a single write to /proc/sys/net/.../<ifname>/... . Teach device_set_config() to push such changes directly via system_if_apply_settings() on the active device and return DEV_CONFIG_APPLIED instead. The conservative set of attributes whose writes are safe on a live interface is captured by DEV_OPT_LIVE_APPLY_MASK in device.h; any diff outside that set still returns RESTART, as do subtype-attr changes reported by a reload hook. device_apply_live_settings() applies new values from dev->settings and restores captured originals from dev->orig_settings for attributes dropped from UCI, then rebalances orig_settings.flags so an eventual teardown still restores the correct set. Signed-off-by: Felix Fietkau <nbd@nbd.name> 2026-04-21T15:41:35Z Felix Fietkau 2026-04-21T13:00:38Z urn:sha1:5bddddb4df09c1ca5d2853baba6a3e6c7ca7d861 Each reload hook (bridge, bonding, vrf, vlandev, veth, macvlan) has so far duplicated the same sequence: parse tb_dev, call device_init_settings(), diff against device_attr_list, and promote any difference to DEV_CONFIG_RESTART. Move that shared work into device_set_config() so each hook carries only its subtype-attr logic. Signed-off-by: Felix Fietkau <nbd@nbd.name> 2026-04-21T15:41:35Z Felix Fietkau 2026-04-21T12:50:46Z urn:sha1:18ba5f3e357533576245db73a8c036e7897635c1 Reorder DEV_ATTR_* into three groups and redefine each DEV_OPT_X as (1ULL << DEV_ATTR_X). With this alignment the diff bitmap produced by uci_blob_diff(..., &device_attr_list, ...) is directly usable as a DEV_OPT_* mask, removing the need for a translation table. DEV_OPT_DEFAULT_MACADDR has no DEV_ATTR_* peer (synthesised by system_if_get_settings()) and is parked at bit 63. The groups are: 1. Live-applicable: attributes whose kernel value can be updated on a running interface via system_if_apply_settings() without tearing the device down. All per-netdev sysctls (IPV6, IP6SEGMENTROUTING, RPFILTER, ACCEPTLOCAL, IGMPVERSION, MLDVERSION, NEIGHREACHABLETIME, NEIGHGCSTALETIME, NEIGHLOCKTIME, DADTRANSMITS, SENDREDIRECTS, DROP_V[46]_UNICAST_IN_L2_MULTICAST, DROP_GRATUITOUS_ARP, DROP_UNSOLICITED_NA, ARP_ACCEPT, MTU6) plus TXQUEUELEN (SIOCSIFTXQLEN), PROMISC (IFF_PROMISC) and MULTICAST (IFF_MULTICAST). MTU6 uses the pure sysctl path (/proc/sys/net/ipv6/conf/<ifname>/mtu) via system_update_ipv6_mtu. 2. Teardown-required DEV_OPT_* attributes (MTU, MACADDR, MASTER, ethtool link/feature flags, PSE, bridge-port flags). MTU stays in this group because SIOCSIFMTU is handled inconsistently across drivers. 3. Attributes without a DEV_OPT_* peer (TYPE, ENABLED, VLAN, AUTH_VLAN, TAGS); they carry data consumed outside the flags bitmap. DEV_OPT_LIVE_APPLY_MASK covers the first group as a contiguous low-bit mask derived from __DEV_ATTR_LIVE_APPLY_MAX. Pure refactor; no behaviour change. Every existing DEV_OPT_* / DEV_ATTR_* use site is symbolic and stays correct. Signed-off-by: Felix Fietkau <nbd@nbd.name> 2026-02-26T10:25:53Z Felix Fietkau 2026-02-26T10:25:53Z urn:sha1:69a5afc9713adf31edbf3228a7a372ada7bba449 When moving a device between bridges during config reload, the present toggle in bridge_free_member() can disrupt a bridge that has already successfully claimed the device. During device_init_pending(), bridges are processed in alphabetical order. If the new bridge (e.g. br-lan) is processed before the old bridge (e.g. br-wan), it successfully claims the device. When the old bridge then flushes the device, the present toggle tears down and rebuilds the new bridge unnecessarily, causing interface setup failures. Only toggle the present state when the device has no active claims, which is the case when bridge_enable_member() failed (e.g. because the device was still in the old bridge at the time). Signed-off-by: Felix Fietkau <nbd@nbd.name> 2026-02-23T09:58:26Z Carlo Szelinsky 2026-01-18T11:48:31Z urn:sha1:299a51f0c3011ca98a3f06cd29d50c2e1f86e348 This commit adds basic support for modern PSE-PD/POE control. It requires linux 6.18 or a backport. The backports are in those PRs: https://github.com/openwrt/openwrt/pull/21810 https://github.com/openwrt/openwrt/pull/21926 Additionally the Makefile for netifd is adjusted: https://github.com/openwrt/openwrt/pull/21918 In Detail: * device.h - Added PSE device attributes & settings * device.c - Added UCI parsing for PSE options * system-linux.c - Added genetlink PSE get/set functions Signed-off-by: Carlo Szelinsky <github@szelinsky.de> Link: https://github.com/openwrt/netifd/pull/65 Signed-off-by: Robert Marko <robimarko@gmail.com> 2026-02-15T08:26:17Z Felix Fietkau 2026-02-15T08:24:58Z urn:sha1:c6122254eb7003377b67a6ad14d284b69725bbee Signed-off-by: Felix Fietkau <nbd@nbd.name> 2026-02-15T08:25:47Z Felix Fietkau 2026-02-13T13:39:35Z urn:sha1:3fc8b83c8b62ca9dcb6485790216ad5171959223 Add the ucode script infrastructure for ucode-based protocol handlers: proto.uc: Handler management module loaded by main.uc. Scans proto/*.uc for handler scripts, registers proto_config_load callback on netifd.cb for UCI config reading and sorted JSON serialization. proto-ucode.uc: Subprocess wrapper spawned for setup/teardown. Receives handler script path, proto name, action, interface name, config JSON, and optional device name via ARGV. Creates proto object with notification methods mapping to ubus calls to network.interface.<iface>.notify_proto. Loads handler module via include() with scope injection and dispatches the requested action. Signed-off-by: Felix Fietkau <nbd@nbd.name> 2026-02-15T08:25:27Z Felix Fietkau 2026-02-13T13:37:23Z urn:sha1:aaf5b194b15d881db76286327fa90770ef467188 Add C infrastructure for ucode-based protocol handlers. Handlers are registered via netifd.add_proto() from ucode scripts loaded at startup. Signed-off-by: Felix Fietkau <nbd@nbd.name>