Commit Graph

54071 Commits

Author SHA1 Message Date
Andreas Böhler
5439efe37d ramips: Add support for SERCOMM NA502S
The SERCOMM NA502s is a smart home gateway manufactured by SERCOMM and sold
under different brands (among others, A1 Telekom Austria SmartHome Premium
Gateway). It has multi-protocol radio support in addition to LAN and WiFi.

Note: BLE and audio are currently unsupported.

Specifications
--------------

  - MT7621ST 880MHz, Single-Core, Dual-Thread
  - MT7603EN 2.4GHz WiFi
  - MT7662EN 5GHz WiFi + BLE
  - 128MiB NAND
  - 256MiB DDR3 RAM
  - SD3503 ZWave Controller
  - EM357 Zigbee Coordinator
  - Telit UMTS module
  - Rechargeable battery
  - speaker and microphone

MAC address assignment
----------------------

LAN MAC is read from the config partition, WiFi 2.4GHz is LAN+2 and matches
the OEM firmware. WiFi 5GHz with LAN+1 is an educated guess since the
OEM firmware does not enable 5GHz WiFi.

Installation
------------
Attach serial console, then boot the initramfs image via TFTP.
Once inside OpenWrt, run sysupgrade -n with the sysupgrade file.

Attention: The device has a dual-firmware design. We overwrite kernel2,
since kernel1 contains an automatic recovery image.

If you get NAND ECC errors and are stuck with bad eraseblocks, try to
erase the mtd partition first with

mtd unlock ubi
mtd erase ubi

This should only be needed once.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit 9ee6ac00c4)
2022-05-17 21:14:45 +02:00
Davide Fioravanti
fe5943a7bd ramips: add support for Wavlink WL-WN533A8
The Wavlink WL-WN533A8 is an AC3000 router with 5 gigabit ethernet ports
and one USB 3.0 port.
It's also known as Wavlink QUANTUM T8.

Hardware
--------
SoC:   Mediatek MT7621A
RAM:   128MB (Nanya NT5CB64M16GP-EK)
FLASH: 16MB NOR (GigaDevice GD25Q127CSIG3)
ETH:
  - 5x 10/100/1000 Mbps Ethernet (4x LAN + 1x WAN)
WIFI:
  - 1x MT7615DN (2x 2x2:2) 2.4GHz and 5GHz DBDC
  - 1x MT7615NE (4x4:4) 5GHz
  - 8 external antennas
BTN:
  - 1x Reset button
  - 1x WPS button
  - 1x Turbo button
  - 1x Touchlink button
  - 1x ON/OFF switch
LEDS:
  - 1x Red led (system status)
  - 1x Blue led (system status)
  - 7x Blue leds (wifi led + 5 ethernet ports + power)
USB:
  - 1x USB 3.0 port
UART:
  - 57600-8-N-1
    J4

Everything works correctly.

Installation
------------
Flash the initramfs image in the OEM firmware interface
(http://192.168.10.1/update.shtml).
When Openwrt boots, flash the sysupgrade image otherwise you won't be
able to keep configuration between reboots.
(Procedure tested on fw M33A8.V5030.190716 and M33A8.V5030.201204)

Restore OEM Firmware
--------------------
Flash the firmware update available online directly from LUCI.
You can download it from:
https://www.wavlink.com/en_us/firmware/details/f2d247ecba.html
Warning: Remember to not keep settings!
Warning2: Remember to force the flash.

Notes
-----
1) Router mac addresses:
   LAN		XX:XX:XX:XX:XX:63 (factory @ 0xe006)
   WAN		XX:XX:XX:XX:XX:64 (factory @ 0xe000)
   WIFI 2G/5G	XX:XX:XX:XX:XX:65 (factory @ 0x04)
   WIFI 5G	XX:XX:XX:XX:XX:66 (factory @ 0x8004)

   LABEL	XX:XX:XX:XX:XX:65

   In OEM firmware the DBDC wifi interfaces have these mac addresses:
     2G) 82:XX:XX:XX:XX:65
     5G) 80:XX:XX:XX:XX:65

   While in OpenWrt the addresses are:
     2G) 80:XX:XX:XX:XX:65
     5G) 02:XX:XX:XX:XX:65

2) radio0 will show as 2G/5G interface but only 2G is really usable.

3) There is just one wifi led for all wifi interfaces.
   It currently shows only the radio0 GHz wifi activity.

4) My unit was shipped with M33A8.V5030.190716 firmware which contains
   the http://192.168.10.1/webcmd.shtml page. Entering "telnetd" in
   the input box it will start the telnet daemon. Now you can access
   the telnet console on port 2323 with these credentials:
     username: admin2860
     password: admin

5) The M33A8.V5030.201204 firmware version, doesn't contain anymore the
   webcmd.shtml page. If your router is shipped with a previous firmware
   version and you want to back it up, you can follow the back up
   procedure of the WS-WN583A6.

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
(cherry picked from commit 32e6942d72)
2022-05-17 21:14:45 +02:00
Davide Fioravanti
5454735574 ramips: create shared DTSI for Wavlink WN53XAX devices
Most of the definitions for WN531A6 will be shared with WN533A8 in a
future commit, so put them in a shared DTSI.

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
(cherry picked from commit 57b6dcd826)
2022-05-17 21:14:45 +02:00
Marcin Gordziejewski
7152bc84f4 ramips: add support for TP-Link RE650 v2
TP-Link RE650 v2 is largely similar to v1 that
is already supported by OpenWrt. Notable differences
is differnt SPI Flash - 8 MB instead of 16 MB
(from cFeon instead of Winbond) and a different
configuration of PCIE connections to wifi chips.
Otherwise it's largely the same product as v1

Hardware specification:

- SoC 880 MHz - MediaTek MT7621AT
- 128 MB of DDR3 RAM
- 8 MB - cFeon QH64A-104HIP
- 4T4R 2.4 GHz - MediaTek MT7615E
- 4T4R 5 GHz - MediaTek MT7615E
- 1x 1 Gbps Ethernet - MT7621AT integrated
- 7x LEDs (Power, 2G, 5G, WPS(x2), Lan(x2))
- 4x buttons (Reset, Power, WPS, LED)
- UART pinout - GND, RX, TX, labeled in the middle of the PCB,
  requires soldering because they're not through holes.

  Serial console @ 57600,8n1

Flash instructions:

Upload
openwrt-ramips-mt7621-tplink_re650-v2-squashfs-factory.bin
from the RE650 web interface.

TFTP recovery to stock firmware:
I didn't try recovering back to the stock firmware, however,
if there is such process for other RExxx devices, it seems like
it could be similar here.

Signed-off-by: Marcin Gordziejewski <openwrt@flicksfix.com>
(cherry picked from commit 39799974a3)
2022-05-17 21:14:23 +02:00
Clemens Hopfer
d627ea510c ramips: add support for YunCore AX820/HWAP-AX820
There are two versions which are identical apart from the enclosure:
  YunCore AX820: indoor ceiling mount AP with integrated antennas
  YunCore HWAP-AX820: outdoor enclosure with external (N) connectors

Hardware specs:
  SoC: MediaTek MT7621DAT
  Flash: 16 MiB SPI NOR
  RAM: 128MiB (DDR3, integrated)
  WiFi: MT7905DAN+MT7975DN 2.4/5GHz 2T2R 802.11ax
  Ethernet: 10/100/1000 Mbps x2 (WAN/PoE+LAN)
  LED: Status (green)
  Button: Reset
  Power: 802.11af/at PoE; DC 12V,1A
  Antennas: AX820(indoor): 4dBi internal; HWAP-AX820(outdoor): external

Flash instructions:
  The "OpenWRT support" version of the AX820 comes with a LEDE-based
  firmware with proprietary MTK drivers and a luci webinterface and
  ssh accessible under 192.168.1.1 on LAN; user root, no password.
  The sysupgrade.bin can be flashed using luci or sysupgrade via ssh,
  you will have to force the upgrade due to a different factory name.
  Remember: Do *not* preserve factory configuration!

MAC addresses as used by OEM firmware:
  use   address            source
  2g    44:D1:FA:*:0b      Factory 0x0004 (label)
  5g    46:D1:FA:*:0b      LAA of 2g
  lan   44:D1:FA:*:0c      Factory 0xe000
  wan   44:D1:FA:*:0d      Factory 0xe000 + 1
The wan MAC can also be found in 0xe006 but is not used by OEM dtb.

Due to different MAC handling in mt76 the LAA derived from lan is used
for 2g to prevent duplicate MACs when creating multiple interfaces.

Signed-off-by: Clemens Hopfer <openwrt@wireloss.net>
(cherry picked from commit 4891b86538)
2022-05-17 21:14:23 +02:00
Sander Vanheule
9c2ed54aa2 firmware-utils: bump to git HEAD
Includes image support for new TP-Link devices:

  ddc3e00e314d tplink-safeloader: add TP-Link EAP265 HD support
  ceea1a7fe56e tplink-safeloader: add TP-Link Deco M4R v1 and v2 support

Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit 0f207ade12)
2022-05-17 21:14:23 +02:00
Hauke Mehrtens
87f9dd665a firmware-utils: bump to git HEAD
05fd700 tplink-safeloader: TP-Link RE650 v2 support

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 36790ca694)
2022-05-17 21:14:23 +02:00
Hauke Mehrtens
3963a90df8 kernel: Add missing devm_regulator_get_exclusive()
This backports a patch from Linux 5.10.116 to fix a compile problem
introduced in 5.10.114.

drivers/usb/phy/phy-generic.c could not find
devm_regulator_get_exclusive().

Fixes: 8592df67f4 ("kernel: bump 5.10 to 5.10.114")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7400adae8d)
2022-05-17 21:14:23 +02:00
John Audia
7a0af40e37 kernel: bump 5.10 to 5.10.115
Removed upstreamed:
  backport-5.10/850-v5.17-0004-PCI-aardvark-Clear-all-MSIs-at-setup.patch
  pending-5.10/850-0002-PCI-aardvark-Fix-reading-MSI-interrupt-number.patch

All other patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit b754b0c721)
2022-05-17 20:50:34 +02:00
John Audia
e0aaecdbb8 kernel: bump 5.10 to 5.10.114
All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 8592df67f4)
2022-05-17 20:50:27 +02:00
Andreas Böhler
416e8aefe1 IPQ4019: AVM FRITZ!Box 7530: Remove NAND ECC restrictions from DTS
Some revisions of the FRITZ!7530 use a Toshiba NAND with 8 bit ECC in
contrast to the Macronix NAND with 4 bit ECC. This removes the hardcoded
ECC strength and step size as set in qcom-ipq4019.dtsi, thus relying on the
kernel NAND detection routines to correclty set up the ECC parameters.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit f167f4a9a4)
2022-05-15 16:40:24 +02:00
Andreas Böhler
ec45e1ff68 kernel: add support for Toshiba TC58NVG0S3HTA00 NAND flash
The Toshiba TC58NVG0S3HTA00 is detected with 64 byte OOB while the flash
has 128 byte OOB. This adds a static NAND ID entry to correct this.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit 0bc794a668)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-05-15 16:40:07 +02:00
Christian Lamparter
144d9c4a43 uboot-fritz4040: Add support for Toshiba NAND
From Andreas Böhler:

"Some revisions of the FRITZ!7530 use a Toshiba NAND with 8 bit ECC
in contrast to the Macronix NAND with 4 bit ECC.".

Uboot needs to know this in order to have a chance to load from
the NAND.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 057bac2e1f)
2022-05-15 16:39:45 +02:00
Lech Perczak
9ef931f96b ath79: ZTE MF286[A,R]: add "Power button blocker" GPIO switch
ZTE MF286A and MF286R feature a "power switch override" GPIO in stock
firmware as means to prevent power interruption during firmware update,
especially when used with internal battery.
To ensure that this GPIO is
properly driven as in stock firmware, configure it with userspace GPIO
switch.

It was observed that on some units, the modem would not be
restarted together with the board itself on reboot, this should help
with that as well.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit 1fabeeb799)
2022-05-15 16:39:45 +02:00
Pawel Dembicki
54e759d05d ipq40xx: revert Cell-C RTL30VW to legacy caldata extraction
This partially reverts
commit cfc13c4459 ("ipq40xx: utilize nvmem-cells for macs & (pre-)calibration data").

After switching to nvmem RTL30VW, wifi was broken:

[   19.118319] ath10k_ahb a000000.wifi: qca4019 hw1.0 target 0x01000000 chip_id 0x003b00ff sub 0000:0000
[   19.118377] ath10k_ahb a000000.wifi: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0
[   19.130285] ath10k_ahb a000000.wifi: firmware ver 10.4b-ct-4019-fW-13-5ae337bb1 api 5 features mfp,peer-flow-ctrl,txstatus-noack,wmi-10.x-CT,ratemask-CT,regdump-CT,txrate-CT,flush-all-CT,pingpong-CT,ch-regs-CT,nop-CT,set-special-CT,tx-rc-CT,cust-stats-CT,txrate2-CT,beacon-cb-CT,wmi-block-ack-CT,wmi-bcn-rc-CT crc32 6b2b5c5b
[   19.159092] ath10k_ahb a000000.wifi: failed to fetch board data for bus=ahb,vendor=0000,device=0000,subsystem-vendor=0000,subsystem-device=0000,variant=cellc,rtl30vw from ath10k/QCA4019/hw1.0/board-2.bin
[   19.238764] ath10k_ahb a000000.wifi: failed to fetch board-2.bin or board.bin from ath10k/QCA4019/hw1.0
[   19.238847] ath10k_ahb a000000.wifi: failed to fetch board file: -12
[   19.247362] ath10k_ahb a000000.wifi: could not probe fw (-12)
[   20.190797] ath10k_ahb a800000.wifi: qca4019 hw1.0 target 0x01000000 chip_id 0x003b00ff sub 0000:0000
[   20.190853] ath10k_ahb a800000.wifi: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0
[   20.202893] ath10k_ahb a800000.wifi: firmware ver 10.4b-ct-4019-fW-13-5ae337bb1 api 5 features mfp,peer-flow-ctrl,txstatus-noack,wmi-10.x-CT,ratemask-CT,regdump-CT,txrate-CT,flush-all-CT,pingpong-CT,ch-regs-CT,nop-CT,set-special-CT,tx-rc-CT,cust-stats-CT,txrate2-CT,beacon-cb-CT,wmi-block-ack-CT,wmi-bcn-rc-CT crc32 6b2b5c5b
[   20.231357] ath10k_ahb a800000.wifi: failed to fetch board data for bus=ahb,vendor=0000,device=0000,subsystem-vendor=0000,subsystem-device=0000,variant=cellc,rtl30vw from ath10k/QCA4019/hw1.0/board-2.bin
[   20.317318] ath10k_ahb a800000.wifi: failed to fetch board-2.bin or board.bin from ath10k/QCA4019/hw1.0
[   20.317399] ath10k_ahb a800000.wifi: failed to fetch board file: -12
[   20.326098] ath10k_ahb a800000.wifi: could not probe fw (-12)

Bootloader mangles in NAND partitions and removes precal@X nodes in
working system:

root@OpenWrt:~# echo $(cat /sys/firmware/devicetree/base/soc/spi@78b5000/flash@0/partitions/partition@170000/label)
0:ART
root@OpenWrt:~# ls /sys/firmware/devicetree/base/soc/spi@78b5000/flash@0/partitions/partition@170000/
label  name   reg

Revert to legacy method fixed the problem.

Fixes: cfc13c4459 ("ipq40xx: utilize nvmem-cells for macs & (pre-)calibration data")
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
(cherry picked from commit af425e4221)
2022-05-15 16:39:45 +02:00
Ptilopsis Leucotis
0f8eba4f95 ath79: fix I2C on GL-AR300M devices
On GL-AR300M Series GPIO17 described as I2C SDA in Device Tree.
Because of GPIO_OUT_FUNCTION4 register was not initialized on start,
GPIO17 was uncontrollable, it always in high state. According to QCA9531
documentation, default setting of GPIO17 is SYS_RST_L. In order to make
GPIO17 controllable, it should write value 0x00 on bits [15:8] of
GPIO_OUT_FUNCTION4 register, located at 0x1804003C address.

Signed-off-by: Ptilopsis Leucotis <PtilopsisLeucotis@yandex.com>
(cherry picked from commit 57efdd6a2d)
2022-05-15 16:39:45 +02:00
Christian Lamparter
308ce46076 ipq40xx: Lyra: update RGB LED-Controller node for 5.10+
Add the reg and color property to each channel node. This
update is to accommodate the multicolor framework.

Refer to:
<https://lore.kernel.org/all/20200622185919.2131-9-dmurphy@ti.com>
<https://lore.kernel.org/all/20210818070209.1540451-1-michal.vokac@ysoft.com>

Note:

There is only a single extremely bright RGB-LED.
The RGB-color channels (i.e.: blue-0, blue-1 and blue-2)
are running in parallel to increase the current delivery
beyond what a single PWM-output on the LED controller
could do.

BugLink: https://github.com/openwrt/openwrt/issues/9851
Reported-By: Thomas Bøge <thomas@boegenielsen.dk>
Tested-By: Thomas Bøge <thomas@boegenielsen.dk>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 834c9b3f05)
2022-05-15 11:17:31 +02:00
Aleksander Jan Bajkowski
19a8c723b6 lantiq: xway: disable unused switch drivers
None of the devices supported by target xway are using Realtek
RTL8366S, RTL8367A and RTL8367B switches. The switches mentioned
earlier were enabled when bumping the kernel version to 3.7 in
commit 3a948770cf ("add linux-v3.7").

Switches used by individual devices are listed below.

Device				Switch			PHY
Arcadyan ARV4510PW		Infineon ADM6996I	int. switch
Arcadyan ARV4519PW		Atheros AR8216		int. switch
Arcadyan ARV7506PW11		Realtek RTL8306G	int. switch
Arcadyan ARV7510PW22		Atheros AR8216		int. switch
Arcadyan ARV7518PW		Atheros AR8216		int. switch
Arcadyan ARV7519PW		Atheros RTL8306G	int. switch
Arcadyan ARV7525PW		N/A			IC+ IP101A
Arcadyan ARV752DPW		Realtek RTL8306G	int. switch
Arcadyan ARV752DPW22		Atheros AR8216		int. switch
Arcadyan ARV8539PW22		Atheros AR8216		int. switch
AVM Fritzbox 7312		int. SoC		Atheros AR8030-A
AVM Fritzbox 7320		int. SOC		Lantiq PEF7071V
AudioCodes MediaPack MP-252	Infineon ADM6996I	int. switch
BT Home Hub 2B			Infineon ADM6996I	int. switch
BT Home Hub 3A			Infineon PSB6972	Lantiq PEF7071V
Buffalo WBMR-HP-G300H-A		Atheros AR8316		int. switch
Buffalo WBMR-HP-G300H-B		Atheros AR8316		int. switch
Lantiq EASY50712		Infinein ADM6996I	int. switch
Netgear DGN3500			Realtek RTL8366RB	int. switch
Netgear DGN3500B		Realtek RTL8366RB	int. switch
Siemens	Gigaset sx76x		Infineon ADM6996I	int. switch
ZTE H201L			Realtek RTL8306G	int. switch
ZyXEL P-2601HN-F1		Realtek RTL8306E	int. switch
ZyXEL P-2601HN-F3		Realtek RTL8306E	int. switch

Reduces uncompressed kernel size by 36 kB.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
Acked-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
(checkpatch.pl fixes)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 8b5d2a7325)
2022-05-15 11:17:31 +02:00
Birger Koblitz
a374a959b9 realtek: do not reset SerDes on link change
Do not reset the RTL930x SerDes on link changes, instead set up
the SDS with internal PHYs for the SFP+ ports only.
This fixes the 8 1GBit ports on the Zyxel XGS1250 which
do not work without this patch.

A complete SerDes reset was performed on all SerDes links. For copper
1Gbit ports, this is commonly a single XGMII link to an RTL8218D. There
is however no support for setting up the XGMII link on RTL9300/RTL9310,
thereby wiping the (RX/TX) setup done by u-boot and breaking the 1GBit
ports. No SerDes reset should be done for these links.

The handling of SGMII/HiSGMII, 1000BX or 10GR links is actually entirely
different. All these modes need to be suitably RX calibrated and the
pre- main and post- amplifiers set up properly for TX.

The 10GBit SFP+ fiber links are recalibrated instead of reset, which
e.g. is necessary when someone pulls a module out and puts another in.
This makes swapping out 10GBit fiber modules possible. 1GBit modules are
not yet supported, nor any modules with an internal phy.

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Birger Koblitz <git@birger-koblitz.de>
[rewrite commit message based on discussion]
Link: http://lists.infradead.org/pipermail/openwrt-devel/2022-May/038623.html
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit d1b824650f)
2022-05-14 21:26:14 +02:00
Birger Koblitz
7b4702afef realtek: Trap all frames with switch as destination to CPU-port
This fixes a bug where frames sent to the switch itself were
flooded to all ports unless the MAC address of the CPU-port
was learned otherwise.

Tested-by: Wenli Looi <wlooi@ucalgary.ca>
Tested-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Birger Koblitz <git@birger-koblitz.de>
[fix code formatting]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit 98bb26f9f7)
2022-05-14 21:26:14 +02:00
Piotr Dymacz
1c6a179e1a ramips: fix booting on Samknows SK-WB8
This fixes a well known "LZMA ERROR 1" error, reported previously on
numerous of similar devices.

Fixes: #9824
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit 064e7e57b4)
2022-05-13 13:52:58 +02:00
Piotr Dymacz
6120a66e6a bcm27xx: include 'rtc' in target's 'FEATURES'
There are many ways to add external RTC to Raspberry Pi boards. Let's
include support for this for the whole target and while at it, sort
features alphabetically.

Fixes: #9594
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit ff09905a46)
2022-05-07 22:22:58 +02:00
Felix Fietkau
ae64d0624c kernel: fix corrupted padding on small packets with mt753x dsa
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 203ffc4ca7)
2022-05-06 21:55:52 +02:00
Felix Fietkau
53fc6e9ede kernel: fix flow offload issues with pppoe
sync xt_FLOWOFFLOAD code with latest version of nft_flow_offload

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 726ef8ba2d)
2022-05-06 20:11:01 +02:00
Felix Fietkau
77e123340f mediatek: add patches for MT7622 WED (wireless ethernet dispatch)
This series also contains other improvement for hardware flow offload support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 0f029b3d2b)
2022-05-06 19:57:57 +02:00
Tiago Gaspar
5ff900e0ad firewall: config: remove restictions on DHCPv6 allow rule
Remove restrictions on source and destination addresses, which aren't
specified on RFC8415, and for some reason in openwrt are configured
to allow both link-local and ULA addresses.
As cleared out in issue #5066 there are some ISPs that use Gloabal
Unicast addresses, so fix this rule to allow them.

Fixes: #5066

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
[rebase onto firewall3, clarify subject, bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 65258f5d60)
2022-05-04 15:28:41 +02:00
Daniel Golle
2ac5ee7f8a fstools: update to git HEAD
9e11b37 fstools: remove SELinux restorecon hack

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 4509b790f0)
2022-05-03 20:32:48 +01:00
Daniel Golle
ffe12f8b48 procd: update to git HEAD
652e6df init: restore SELinux labels after policy is loaded

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit fb01111866)
2022-05-03 20:32:48 +01:00
Daniel Golle
0dc3ecf0da base-files: simplify restorecon logic
Remove forgotten redundant selinuxenabled call and skip the whole
thing in case $IPKG_INSTROOT is set as labels are anyway applied only
later on in fakeroot when squashfs is created.

Fixes: 6d7272852e ("base-files: add missing $IPKG_INSTROOT to restorecon call")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 7b07c3cff5)
2022-05-03 20:32:48 +01:00
Dominick Grift
efc38b315e selinux-policy: update to version 1.1
try to clean up some labeling inconsistencies
iwinfo loose ends
ucode loose ends
Makefile: adjust mintesttgt (adds blockmount/blockd)
nftables: reads inherited netifd pipe
ucode: reads inherited netifd pipes
mountroot: fowner
sandbox: writes inherited dropbear pipes
unbound related to /tmp/etc/ssl
unbound loose ends
adds a sslconftmpfile for /tmp/etc/ssl
README: maintain a wish list in the README
iwinfo: netifd forgot write
gptfdisk loose ends
iwinfo: netifd wpad reads/writes inherited netifd fifo files
netifd (mac80211.sh) executes iwinfo
luci: executes wireguard
luci-cgi: audits xtables execute access
rcuhttpd: lists ssl certfile dirs
iwinfo, wifi,nftables usage of ttyd pty if available
urandomseed: seedrng needs cap_sys_admin
iwinfo iwinfo, nftables and some chronyd rules related to ntp nts server
nftables, wifi and adds iwinfo skel
nftables, rpcd, ucode
nftables, ucode and seedrng ucode, fw3/nftables, luci
adds ucode skel and some fw3/nftables related
urandomseed: some seedrng rules
fw3 adds some support for fw4
urandomseed: /etc/seedrng is for seed.credit
hotplugcal: runs ucode which is interpreter like
adds a nftables skeleton and makes xtables optional
agent: allow all agents to write inherited dropbear pipes
urandomseed: this seems to be replaced by seedrng
kmodloader: label /etc/modules.conf kmodloader.conffile
Revert "shelexecfile: remove auditallow rule"
Makefile: sort the modules to process by secilc
Moves back to git.defensec.nl
unbound odhcpd (ip) reads net proc
tcp dump
shelexecfile: remove auditallow rule
rrd.cil: fixes indent
Target rddtool from cgi-io instead of runnit it without transition
rrd.cil related
rrd, rpcd, cgiio clean ups related to luci-app-statistics
Rules for rrd files and luci-statistics
unboundcontrol ordering
Several missing permissions
blockmount, dnsmasq, hotplugcall, rpcd, unbound
adds mctp_socket (linux 5.15)
ip: forgot tc-tiny type transition to go along with the fc spec
ip: adds a fc spec for tc-tiny (called by sqm)
adds ttyACM fc spec and various assorted loose ends
.gitattributes: do not export the github workflows
workflow use selinux 3.3

project moved back to https://git.defensec.nl/selinux-policy.git

Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit 4379457098)
2022-05-03 20:32:48 +01:00
Daniel Golle
6cb08b1797 base-files: add missing $IPKG_INSTROOT to restorecon call
Update to overlooked v2 version of Dominick Grift's patch.

Fixes: 5109bd164c ("base-files: address sed in-place without SELinux awareness")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 6d7272852e)
2022-05-03 20:32:38 +01:00
Dominick Grift
9282cb0be0 base-files: address sed in-place without SELinux awareness
sed(1) in busybox does not support this functionality:
https://git.savannah.gnu.org/cgit/sed.git/tree/sed/execute.c#n598

This causes /etc/group to become mislabeled when a package requests
that a uid/gid be added on OpenWrt with SELinux

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[move restorecon inside lock]
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit 5109bd164c)
2022-05-03 20:32:38 +01:00
Daniel Golle
dc71658a80 fstools: update to git HEAD
f0fc66a libfstools: check for overlay mounting errors
 128ecaf Update / fix extroot comments
 8a0ba3b libfstools: get rid of "extroot_prefix" global variable
 649cd3f libfstools: use variable for overlay mount-point
 922f1b3 libfstools: avoid segfault in find_mount_point
 ce5eacb libfstools: mtd: improve error handling
 898b328 blockd: restore device_move semantics
 0917d22 block: don't probe mtdblock on NAND (with legacy exceptions)

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 4e8d095013)
2022-05-03 20:31:37 +01:00
Enrico Mioso
3a974b5bcd ipq40xx: fix BDF file for pcie wifi chip on the GL.Inet GL-B2200
After the switch to pre-calibration, ath10k would fail to initialize
the PCIE Wi-Fi on the GL-B200 as follows:

ath10k_pci 0000:01:00.0: enabling device (0140 -> 0142)
ath10k_pci 0000:01:00.0: qca9888 hw2.0 target 0x01000000 chip_id 0x00000000 sub 0000:0000
[...]
ath10k_pci 0000:01:00.0: failed to fetch board data for bus=pci,bmi-chip-id=0,bmi-board-id=16,variant=GL-B2200 from ath10k/QCA9888/hw2.0/board-2.bin
ath10k_pci 0000:01:00.0: failed to fetch board-2.bin or board.bin from ath10k/QCA9888/hw2.0
ath10k_pci 0000:01:00.0: failed to fetch board file: -12
ath10k_pci 0000:01:00.0: could not probe fw (-12)

Repackage the BDF file after renaming relevant fields and files to
allow for the Wi-Fi interface to start again.

Fixes: 80d34d9d59 ("ipq40xx: document pcie wifi chip on the GL.Inet GL-B2200")
CC: Christian Lamparter <chunkeey@gmail.com>
CC: Robert Marko <robimarko@gmail.com>
Reviewed-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
(cherry picked from commit e3f9af4fb6)
2022-05-02 21:25:46 +02:00
John Audia
d90c7621f4 kernel: bump 5.10 to 5.10.113
All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit e08942e76a)
2022-05-01 14:13:15 +02:00
John Audia
e9c14fa85f kernel: bump 5.10 to 5.10.112
Manually rebased:
  ath79/patches-5.10/901-phy-mdio-bitbang-prevent-rescheduling-during-command.patch

All other patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit cab20be008)
2022-05-01 14:13:14 +02:00
Kerma Gérald
fa8e050c4b f2fs-tools: fix resize.f2fs (#9800)
resolve issue
- https://github.com/openwrt/openwrt/issues/9800
add the upstream patch:
- f2fs-tools.git/patch/?id=f056fbeff08d30a6d9acdb9e06704461ceee3500

Signed-off-by: Kerma Gérald <gandalf@gk2.net>
(cherry picked from commit 1aac1b36d3)
2022-05-01 13:23:12 +02:00
PtilopsisLeucotis
0c25b9cb11 ath79: add USB power control for GL-AR300M series
Add USB power control in DTS for GL.iNet models:
- AR300M;
- AR300M-Ext;
- AR300M16;
- AR300M16-Ext.

Signed-off-by: PtilopsisLeucotis <PtilopsisLeucotis@yandex.com>
(cherry picked from commit 6e9c814022)
2022-05-01 13:23:12 +02:00
Martin Kennedy
a142d96ade mpc85xx: Fix output location of padded dtb
In commit 7e614820a8 ("mpc85xx: add support for Extreme Networks
WS-AP3825i"), we borrowed a recipe convention from apm821xx for device
tree blob padding. Unfortunately, in the apm821xx target, the image
recipes name the device tree blob differently, meaning that in
mpc85xx, the padded dtb is never consumed.

Change the definition of `Build/dtb` so that it outputs the padded dtb
to the correct location for it to be consumed.

Also, rename the recipe to `Build/pad-dtb`, so it is clear we
are building and padding the device tree blob.

This change fixes Github issue #9779 [1].

[1]: https://github.com/openwrt/openwrt/issues/9779

Fixes: 7e614820a8 ("mpc85xx: add support for Extreme Networks WS-AP3825i")
Signed-off-by: Martin Kennedy <hurricos@gmail.com>
(cherry picked from commit 1d06277407)
2022-05-01 13:23:12 +02:00
Huangbin Zhan
fbd9605a90 build: don't remove BUILD_LOG_DIR in _clean
targetclean should not remove BUILD_LOG

Fixes: db34b93331 (add a version that can be bumped to force toolchain/target rebuild)
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
(cherry picked from commit aeaa816cd2)
2022-05-01 13:23:12 +02:00
Daniel Golle
946f60aaeb dnsmasq: add logfacility file to jail mounts
If logfacility is a path to a file it needs to be r/w mounted in the
sandbox as well for dnsmasq to work.

Reported-by: @iointerrupt
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2b5fa44f60)
2022-05-01 13:23:12 +02:00
Martin Weinelt
6d5a097232 ath79: ubnt: drop swconfig on ac-{lite,lr,mesh}
These don't have switches that could be configured using swconfig.

Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
(cherry picked from commit 089eb02abc)
2022-05-01 13:23:12 +02:00
Huangbin Zhan
18649fbff0 bcm63xx: fix description fix name case
The `Description` should be capital.

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
(cherry picked from commit b8ed98b100)
2022-05-01 13:23:12 +02:00
Lech Perczak
d79380ac1d ath79: ZTE MF286R: add comgt-ncm to DEVICE_PACKAGES
When adding support to the router's built-in modem, this required
package was omitted, because it was already enabled in the image
configuration in use for testing, and this went unnoticed.
In result, the modem still isn't fully supported in official images.
As it is the primary WAN interface, add the missing package.

Fixes: e02fb42c53 ("comgt: support ZTE MF286R modem")
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit 8a1003c598)
2022-05-01 13:23:12 +02:00
Alban Bedel
4c5d2cde13 ramips: zbt-wg2626: Add the reset gpio for PCIe port 1
The 2.4GHz interface doesn't come up properly with the log showing:

    mt7621-pci 1e140000.pcie: pcie1 no card, disable it (RST & CLK)

As seen on other MT7621 boards this is caused by a missing reset GPIO.
The MT7621 dtsi set GPIO 19 as PCIe reset GPIO, which on this board
reset the 5GHz interface on port 0. Add GPIO 8 to the PCIe reset GPIO
list to also reset the 2.4GHz interface on port 1.

Signed-off-by: Alban Bedel <albeu@free.fr>
(cherry picked from commit f953a1a4bf)
2022-05-01 11:23:43 +08:00
Nick Hainke
d4053d2e8e ipq40xx: 5.10: fix ar40xx driver
This commit is completely based on the work of adron-s:
https://github.com/openwrt/openwrt/pull/4721#issuecomment-1101108651

The commit fixes the data corruption on TX packets. Packets are
transmitted, but their contents are replaced with zeros. This error is
caused by the lack of guard (50 ms) intervals between calibration phases.
This error is treated by adding mdelay(50) to the calibration function
code. In the original qca-ssda code [0], these mdelays were existing, but
in the ar41xx.c they are gone.

Tested on:
- Fritz!Box 4040
- Fritz!Box 7530
- Mikrotik SXTsq 5AC
- ZyXEL NBG6617

- [0] https://git.codelinaro.org/clo/qsdk/oss/lklm/qca-ssdk/-/blob/NHSS.QSDK.11.4/src/init/ssdk_init.c#L2072

Suggested-by: Serhii Serhieiev <adron@mstnt.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit ab7e53e5cc)
2022-04-29 00:27:58 +02:00
Jo-Philipp Wich
5a11704244 ucode: reorder BuildPackage calls
Ensure that the libucode recipe is processed before the ucode one in
order to reliably encode the ABI version into ucode's libucode dependency.

Fixes: #9788
Ref: https://forum.openwrt.org/t/fw4-wont-start-after-upgrade/126308
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 573ce80ca6)
2022-04-28 10:46:49 +02:00
David Bauer
832e3ad71a iwinfo: update to latest HEAD
dc6847e iwinfo: nl80211: omit A-hwmode on non-5GHz hardware

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f757a8a098)
2022-04-27 00:55:07 +02:00
David Bauer
1b7cf4dd1c uboot-envtools: add WS-AP3825i config
Add configuration to use uboot-envtools with the Extreme Networks
WS-AP3825i.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit fb7ff6b027)
2022-04-26 01:04:44 +02:00
David Bauer
3579ee63bc mpc85xx: set WS-AP3825i mac-address in preinit
The bootloader does seem to not correctly patch in the MAC address for
eth0 / eth1 in some cases. While the root cause is not known, manually
applying the MAC-Address in preinit does not hurt.

Reported-by: Tom Herbers <freifunk@tomherbers.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c6d52515e0)
2022-04-26 01:04:30 +02:00