Commit Graph

53178 Commits

Author SHA1 Message Date
Etienne Champetier
0e32c6baf3 iptables: add ip{,6}tables-legacy{,-restore,-save} symlinks
Now that we can have both legacy and nft iptables variants
installed at the same time, install the legacy symlinks

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-02-03 00:02:31 +01:00
Etienne Champetier
3a5df36cf6 iptables: use ALTERNATIVES for ip(6)tables(-nft)
As nftables is now the default, ip(6)tables-nft gets higher priority

The removed symlinks ("$(CP)" line) will now be installed by the
ALTERNATIVES mechanism

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-02-03 00:02:31 +01:00
Etienne Champetier
b0bd6599e8 iptables: rework ip(6)tables-nft dependencies
according to iptables-nft man page,
"These tools use the libxtables framework extensions and hook to the nf_tables
kernel subsystem using the nft_compat module."

This means that to work, iptables-nft needs the same modules as
iptables legacy except the ip(6)table-{filter,mangle,nat,raw}
ip_tables, ip6tables.
When those modules are loaded iptables-nft-save output contains
"# Warning: iptables-legacy tables present, use iptables-legacy-save to see them"
But as long as it's empty it should not be a problem.

To have nft properly display the rules created by ip(6)tables-nft we need
all iptables targets and matches to be built as extension and not built-in
(/usr/lib/iptables/libip(6)t_*.so)

When switching a package to iptables-nft, you need to keep the
iptables-mod-* dependencies

This patch does minimal changes:
- remove the direct iptables-nft -> iptables dependency
- and more important add nft-compat dependency

The rule
iptables-nft -A OUTPUT -d 8.8.8.8 -m comment --comment "aaa" -j REJECT
becomes
table ip filter {
	chain OUTPUT {
		type filter hook output priority filter; policy accept;
		ip daddr 8.8.8.8 # xt_comment counter packets 0 bytes 0 # xt_REJECT
	}
}

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-02-03 00:02:31 +01:00
Etienne Champetier
1ebb8e3b6b netfilter: add kmod-nft-compat
This modules is required by iptables-nft

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-02-02 23:24:03 +01:00
Etienne Champetier
4e7ad15904 iptables: fix ip6tables-nft description
ip6tables-nft packages ip6tables* utils not iptables*

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-02-02 23:24:03 +01:00
Etienne Champetier
a5c8811c04 iptables: fix ip6tables-extra description
The define was referencing ip6tables-mod-extra instead of ip6tables-extra

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-02-02 23:24:03 +01:00
Daniel Golle
4367d4f869
uqmi: update to git HEAD
f254fc5 uqmi: add support for get operating mode

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-02-02 02:37:21 +00:00
Hauke Mehrtens
dc2da6a233 bcm63xx: Remove patch already in Linux stable
Remove the 434-nand-brcmnand-fix-OOB-R-W-with-Hamming-ECC.patch, it was
already applied to Linux 5.10.37 and is not needed any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 23:34:07 +00:00
Rui Salvaterra
ff97fb98e3 kernel: bump 5.10 to 5.10.96
Patches automatically rebased.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-02-01 23:34:07 +00:00
Rui Salvaterra
b9736cb78c kernel: bump 5.10 to 5.10.95
Patches automatically rebased.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-02-01 23:34:07 +00:00
Rui Salvaterra
1343acc8cd kernel: bump 5.10 to 5.10.94
Deleted (upstreamed):
bcm27xx/patches-5.10/950-0669-drm-vc4-hdmi-Make-sure-the-device-is-powered-with-CE.patch [1]
bcm27xx/patches-5.10/950-0672-drm-vc4-hdmi-Move-initial-register-read-after-pm_run.patch [1]
gemini/patches-5.10/0003-ARM-dts-gemini-NAS4220-B-fis-index-block-with-128-Ki.patch [2]

Manually rebased:
bcm27xx/patches-5.10/950-0675-drm-vc4-hdmi-Drop-devm-interrupt-handler-for-CEC-int.patch

Manually reverted:
generic/pending-5.10/860-Revert-ASoC-mediatek-Check-for-error-clk-pointer.patch [3]

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.94&id=55b10b88ac8654fc2f31518aa349a2e643b37f18
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.94&id=958a8819d41420d7a74ed922a09cacc0ba3a4218
[3] https://lore.kernel.org/all/trinity-2a727d96-0335-4d03-8f30-e22a0e10112d-1643363480085@3c-app-gmx-bap33/

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-02-01 23:34:07 +00:00
Rui Salvaterra
f2232544b8 kernel: bump 5.10 to 5.10.93
No patches required rebasing.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-02-01 23:34:07 +00:00
Alar Aun
70eedac9b3 ipq40xx: add MikroTik cAP ac support
This adds support for the MikroTik RouterBOARD RBcAPGi-5acD2nD
(cAP ac), a  indoor dual band, dual-radio 802.11ac wireless AP, two
10/100/1000 Mbps Ethernet ports.

See https://mikrotik.com/product/cap_ac for more info.

Specifications:
 - SoC: Qualcomm Atheros IPQ4018
 - RAM: 128 MB
 - Storage: 16 MB NOR
 - Wireless:
   · Built-in IPQ4018 (SoC) 802.11b/g/n 2x2:2, 2.5 dBi antennae
   · Built-in IPQ4018 (SoC) 802.11a/n/ac 2x2:2, 2.5 dBi antennae
 - Ethernet: Built-in IPQ4018 (SoC, QCA8075) , 2x 1000/100/10 port,
   PoE in and passive PoE out

Unsupported:
 - PoE out

Installation:
Boot the initramfs image via TFTP and then flash the sysupgrade
image using "sysupgrade -n"

Signed-off-by: Alar Aun <alar.aun@gmail.com>
2022-02-01 23:18:58 +01:00
Sergey V. Lobanov
93d91197b9 wolfssl: update to 5.1.1-stable
Bump from 4.8.1-stable to 5.1.1-stable

Detailed release notes: https://github.com/wolfSSL/wolfssl/releases

Upstreamed patches:
001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch -
 fa8f23284d
002-Update-macro-guard-on-SHA256-transform-call.patch -
 f447e4c1fa

Refreshed patches:
100-disable-hardening-check.patch
200-ecc-rng.patch

CFLAG -DWOLFSSL_ALT_CERT_CHAINS replaced to --enable-altcertchains
configure option

The size of the ipk changed on aarch64 like this:
491341 libwolfssl4.8.1.31258522_4.8.1-stable-7_aarch64_cortex-a53.ipk
520322 libwolfssl5.1.1.31258522_5.1.1-stable-1_aarch64_cortex-a53.ipk

Tested-by: Alozxy <alozxy@users.noreply.github.com>
Acked-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2022-02-01 23:18:01 +01:00
Marek Behún
45d541bb40 kernel: add kmod-vrf
Add option to compile kmod-vrf, support for Virtual Routing and
Forwarding (Lite).

This module depends on NET_L3_MASTER_DEV, which is a boolean kernel
option, so we need to create a configuration option also for this, and
make kmod-vrf depend on it.

Signed-off-by: Marek Behún <kabel@kernel.org>
2022-02-01 22:59:09 +01:00
John Audia
aa8299ee4f kernel: bump 5.4 to 5.4.175
All patches automatically rebased.

Signed-off-by: John Audia <graysky@archlinux.us>
2022-02-01 21:46:07 +01:00
Hauke Mehrtens
d438bdca5d toolchain: glibc: Remove patch for ARC700
The ARC700 target was renoved, this patch is not needed any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
6cab21bd6d kernel: Make kmod-usb-net-lan78xx depend on kmod-of-mdio
kmod-usb-net-lan78xx depends on kmod-of-mdio when this package is
activated.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
8c1a84aada uboot-envtools: Update to version 2022.01
The sizes of the ipk changed on MIPS 24Kc like this:
13281 uboot-envtools_2021.01-54_mips_24kc.ipk
13308 uboot-envtools_2022.01-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
392609543d libcap: Update to version 2.63
The sizes of the ipk changed on MIPS 24Kc like this:
11248 libcap_2.51-1_mips_24kc.ipk
14461 libcap_2.63-1_mips_24kc.ipk

18864 libcap-bin_2.51-1_mips_24kc.ipk
20576 libcap-bin_2.63-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
8c2445a0e4 e2fsprogs: Update to version 1.46.5
The sizes of the ipk changed on MIPS 24Kc like this:
  8788 badblocks_1.45.6-2_mips_24kc.ipk
  8861 badblocks_1.46.5-1_mips_24kc.ipk

  3652 chattr_1.45.6-2_mips_24kc.ipk
  3657 chattr_1.46.5-1_mips_24kc.ipk

 58128 debugfs_1.45.6-2_mips_24kc.ipk
 60279 debugfs_1.46.5-1_mips_24kc.ipk

  8551 dumpe2fs_1.45.6-2_mips_24kc.ipk
  8567 dumpe2fs_1.46.5-1_mips_24kc.ipk

  4797 e2freefrag_1.45.6-2_mips_24kc.ipk
  4791 e2freefrag_1.46.5-1_mips_24kc.ipk

159790 e2fsprogs_1.45.6-2_mips_24kc.ipk
168212 e2fsprogs_1.46.5-1_mips_24kc.ipk

  7083 e4crypt_1.45.6-2_mips_24kc.ipk
  7134 e4crypt_1.46.5-1_mips_24kc.ipk

  5749 filefrag_1.45.6-2_mips_24kc.ipk
  6233 filefrag_1.46.5-1_mips_24kc.ipk

  4361 libcomerr0_1.45.6-2_mips_24kc.ipk
  4355 libcomerr0_1.46.5-1_mips_24kc.ipk

168040 libext2fs2_1.45.6-2_mips_24kc.ipk
174209 libext2fs2_1.46.5-1_mips_24kc.ipk

  8514 libss2_1.45.6-2_mips_24kc.ipk
  8613 libss2_1.46.5-1_mips_24kc.ipk

  3148 lsattr_1.45.6-2_mips_24kc.ipk
  3227 lsattr_1.46.5-1_mips_24kc.ipk

 22530 resize2fs_1.45.6-2_mips_24kc.ipk
 22909 resize2fs_1.46.5-1_mips_24kc.ipk

 33315 tune2fs_1.45.6-2_mips_24kc.ipk
 34511 tune2fs_1.46.5-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
18c6b99666 util-linux: Update to version 2.37.3
This release fixes two security mount(8) and umount(8) issues:

CVE-2021-3996
    Improper UID check in libmount allows an unprivileged user to unmount FUSE
    filesystems of users with similar UID.

CVE-2021-3995
    This issue is related to parsing the /proc/self/mountinfo file allows an
    unprivileged user to unmount other user's filesystems that are either
    world-writable themselves or mounted in a world-writable directory.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
693d7c12e8 util-linux: Do not build raw any more.
The man page of the raw tool does not build because the disk-utils/raw.8
file is missing. It looks like it should be in the tar.xz file we
download, but it is missing.

We do not package the raw tool, so this is not a problem.

This fixes the following build error:
No rule to make target 'disk-utils/raw.8', needed by 'all-am'.  Stop.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
64866ba474 strace: Update to version 5.16
The sizes of the ipk changed on MIPS 24Kc like this:
289764 strace_5.14-1_mips_24kc.ipk
310899 strace_5.16-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
cec4614df8 ethtool: Update to version 5.16
795f420 cmis: Rename CMIS parsing functions
369b43a cmis: Initialize CMIS memory map
da16288 cmis: Use memory map during parsing
6acaeb9 cmis: Consolidate code between IOCTL and netlink paths
d7d15f7 sff-8636: Rename SFF-8636 parsing functions
4230597 sff-8636: Initialize SFF-8636 memory map
b74c040 sff-8636: Use memory map during parsing
799572f sff-8636: Consolidate code between IOCTL and netlink paths
9fdf45c sff-8079: Split SFF-8079 parsing function
2ccda25 netlink: eeprom: Export a function to request an EEPROM page
86792db cmis: Request specific pages for parsing in netlink path
6e2b32a sff-8636: Request specific pages for parsing in netlink path
c2170d4 sff-8079: Request specific pages for parsing in netlink path
9538f38 netlink: eeprom: Defer page requests to individual parsers
664586e Merge branch 'review/next/module-mem-map' into master
50fdaec ethtool: Set mask correctly for dumping advertised FEC modes
c5e7133 cable-test: Fix premature process termination
73091cd sff-8636: Use an SFF-8636 specific define for maximum number of channels
837c166 sff-common: Move OFFSET_TO_U16_PTR() to common header file
8658852 cmis: Initialize Page 02h in memory map
27b42a9 cmis: Initialize Banked Page 11h in memory map
340d88e cmis: Parse and print diagnostic information
eae6a99 cmis: Print Module State and Fault Cause
82012f2 cmis: Print Module-Level Controls
d7b1007 sff-8636: Print Power set and Power override bits
429f2fc Merge branch 'review/cmis-diag' into master
32457a9 monitor: do not show duplicate options in help text
c01963e Release version 5.16.

The sizes of the ipk changed on MIPS 24Kc like this:
34317 ethtool_5.15-1_mips_24kc.ipk
34311 ethtool_5.16-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
57f38e2c82 mbedtls: Update to version 2.16.12
This fixes the following security problems:
* Zeroize several intermediate variables used to calculate the expected
  value when verifying a MAC or AEAD tag. This hardens the library in
  case the value leaks through a memory disclosure vulnerability. For
  example, a memory disclosure vulnerability could have allowed a
  man-in-the-middle to inject fake ciphertext into a DTLS connection.
* Fix a double-free that happened after mbedtls_ssl_set_session() or
  mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
  (out of memory). After that, calling mbedtls_ssl_session_free()
  and mbedtls_ssl_free() would cause an internal session buffer to
  be free()'d twice. CVE-2021-44732

The sizes of the ipk changed on MIPS 24Kc like this:
182454 libmbedtls12_2.16.11-2_mips_24kc.ipk
182742 libmbedtls12_2.16.12-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
5b96048de1 gdb: Update gdb to version 11.2
This is a minor corrective release over GDB 11.1, fixing the following issues:
* PR sim/28302 (gdb fails to build with glibc 2.34)
* PR build/28318 (std::thread support configure check does not use CXX_DIALECT)
* PR gdb/28405 (arm-none-eabi: internal-error: ptid_t remote_target::select_thread_for_ambiguous_stop_reply(const target_waitstatus*): Assertion `first_resumed_thread != nullptr' failed)
* PR tui/28483 ([gdb/tui] breakpoint creation not displayed)
* PR build/28555 (uclibc compile failure since commit 4655f8509fd44e6efabefa373650d9982ff37fd6)
* PR rust/28637 (Rust characters will be encoded using DW_ATE_UTF)
* PR gdb/28758 (GDB 11 doesn't work correctly on binaries with a SHT_RELR (.relr.dyn) section)
* PR gdb/28785 (Support SHT_RELR (.relr.dyn) section)

The sizes of the ipk changed on mips 24Kc like this:
2285775 gdb_11.1-3_mips_24kc.ipk
2287441 gdb_11.2-4_mips_24kc.ipk
191828 gdbserver_11.1-3_mips_24kc.ipk
191811 gdbserver_11.2-4_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Hauke Mehrtens
782a4e00b7 toolchain: gdb: Update to version 11.2
This is a minor corrective release over GDB 11.1, fixing the following issues:
* PR sim/28302 (gdb fails to build with glibc 2.34)
* PR build/28318 (std::thread support configure check does not use CXX_DIALECT)
* PR gdb/28405 (arm-none-eabi: internal-error: ptid_t remote_target::select_thread_for_ambiguous_stop_reply(const target_waitstatus*): Assertion `first_resumed_thread != nullptr' failed)
* PR tui/28483 ([gdb/tui] breakpoint creation not displayed)
* PR build/28555 (uclibc compile failure since commit 4655f8509fd44e6efabefa373650d9982ff37fd6)
* PR rust/28637 (Rust characters will be encoded using DW_ATE_UTF)
* PR gdb/28758 (GDB 11 doesn't work correctly on binaries with a SHT_RELR (.relr.dyn) section)
* PR gdb/28785 (Support SHT_RELR (.relr.dyn) section)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-01 21:25:02 +01:00
Stijn Tintel
cd6a6e3030 Revert "ramips: add support for ipTIME AX2004M"
Commit f4a79148f8 ("ramips: add support for ipTIME AX2004M") seems to
leak KERNEL_LOADADDR 0x82000000 to other devices, causing the to no
longer boot. The leak is visible in u-boot:

   Using 'config-1' configuration
   Trying 'kernel-1' kernel subimage
     Description:  MIPS OpenWrt Linux-5.10.92
     Type:         Kernel Image
     Compression:  lzma compressed
     Data Start:   0x840000e4
     Data Size:    10750165 Bytes = 10.3 MiB
     Architecture: MIPS
     OS:           Linux
     Load Address: 0x82000000
     Entry Point:  0x82000000

Normally, it should look like this:

   Using 'config-1' configuration
   Trying 'kernel-1' kernel subimage
     Description:  MIPS OpenWrt Linux-5.10.92
     Type:         Kernel Image
     Compression:  lzma compressed
     Data Start:   0xbfca00e4
     Data Size:    2652547 Bytes = 2.5 MiB
     Architecture: MIPS
     OS:           Linux
     Load Address: 0x80001000
     Entry Point:  0x80001000

Revert the commit to avoid more people soft-bricking their devices.

This reverts commit f4a79148f8.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-02-01 21:35:15 +02:00
Rafał Miłecki
da8b720b0e bcm4908: backport first 5.18 DTS changes
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-02-01 11:35:07 +01:00
Sungbo Eo
ad5bf16001 ath79: convert remaining mtd-mac-address-increment
Commit d284e6ef0f ("treewide: convert mtd-mac-address-increment* to
generic implementation") renamed "mtd-mac-address-increment" property
to "mac-address-increment". Convert remaining usages that have been
added after that.

Fixes: af8a059bb4 ("ath79: add support for GL.iNet GL-XE300")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-02-01 14:55:40 +09:00
Sungbo Eo
f16f419022 ipq806x: convert remaining mtd-mac-address-increment
Commit d284e6ef0f ("treewide: convert mtd-mac-address-increment* to
generic implementation") renamed "mtd-mac-address-increment" property
to "mac-address-increment". Convert remaining usages that have been
added after that.

Fixes: f44e933458 ("ipq806x: provide WiFI mac-addresses from dts")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-02-01 14:55:40 +09:00
Sungbo Eo
c7a559980a ath79: improve support for Dongwon T&I DW02-412H
* Move &nand node to DTSI
* Utilize nvmem for fetching caldata
* Rename build recipe, clean before build
* Simplify KERNEL definition

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-02-01 14:54:16 +09:00
Sungbo Eo
0c635cf830 linux-firmware: intel: add firmware for AX210
Add the most recent supported firmware file for Intel Wi-Fi 6E AX210
wireless chip. The API version 67 is not yet supported by the driver.
Additional PNVM file is required since API version 62.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-01-31 18:59:10 +00:00
Daniel Golle
b6a2cee4b7
ubox: fix broken deferred start of logfile writer
Just use 'start' action which will have the desired effect instead of
trying to introduce a 'start_file' action which didn't work that way
because procd jshn magic would have to wrap around it.

Fixes: 88baf6ce2c ("ubox: only start log to file when filesystem has been mounted")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-01-31 15:03:25 +00:00
Daniel Golle
9ba7a83425
mediatek: mt7623: simplify partition generation
The two options 'emmc' and 'sdmmc' now became identical lines after
introducing CONFIG_TARGET_ROOTFS_PARTSIZE.
Remove the now useless if-clauses.

Fixes: a40b4d335a ("mediatek: use CONFIG_TARGET_ROOTFS_PARTSIZE")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-01-31 15:02:36 +00:00
Daniel Golle
5d110c0161
procd: seccomp/jail: Fix build error on arm with glibc
From: Peter Lundkvist <peter.lundkvist@gmail.com>

This fixes the make_syscall_h.sh script to recognize both
__NR_Linux, used by mips, and __NR_SYSCALL_BASE and
__ARM_NR_BASE used by arm.

Run-tested on arm (ipq806x) and mips (ath79), both with glibc.
Compile-tested and checked resulting syscall_names.h file wuth
glibc: aarch64, powerpc, x86_64, i486
musl: arm, mips

Fixes: FS#4194, FS#4195

Signed-off-by: Peter Lundkvist <peter.lundkvist@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-01-31 00:10:42 +00:00
Daniel Golle
5e6867fd54
mediatek: u7623-02: enable early console also in legacy image
Append 'earlycon=uart8250,mmio32,0x11004000' to the boot arguments
embedded in device-tree in order to enable early console on the
UniElec U7623 board when using the vendor/stock bootloader.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-01-31 00:10:38 +00:00
Rafał Miłecki
840f07e532 bcm4908: backport bcm_sf2 patch for better LED registers support
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-01-31 00:58:02 +01:00
Rafał Miłecki
a11e9fd1d5 bcm4908: fixup pinctrl patches for kernel 5.4
Fixes: b014589167 ("bcm4908: backport BCM4908 pinctrl driver")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-01-31 00:57:58 +01:00
Rafał Miłecki
b014589167 bcm4908: backport BCM4908 pinctrl driver
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-01-31 00:19:34 +01:00
Hans Dedecker
3572c5a5da glibc: update to 2.34 HEAD
72123e1b56 NEWS: Add a bug entry for BZ #28755
08beb3a3f4 x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755]
b50d5b746c x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755]
1b9cd6a721 NEWS: add bug entry for BZ #28769 and BZ #28770
3438bbca90 Linux: Detect user namespace support in io/tst-getcwd-smallbuff
d084965adc realpath: Avoid overwriting preexisting error (CVE-2021-3998)
472e799a5f getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999)
8c8a71c85f tst-realpath-toolong: Fix hurd build
f7a79879c0 realpath: Set errno to ENAMETOOLONG for result larger than PATH_MAX [BZ #28770]
73c362840c stdlib: Fix formatting of tests list in Makefile
269eb9d930 stdlib: Sort tests in Makefile
062ff490c1 support: Add helpers to create paths longer than PATH_MAX
82b1acd9de powerpc: Fix unrecognized instruction errors with recent binutils
1d401d1fcc x86: use default cache size if it cannot be determined [BZ #28784]
6890b8a3ae CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug 28768)
1081f1d3dd sunrpc: Test case for clnt_create "unix" buffer overflow (bug 22542)
7b5d433fd0 CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" (bug 22542)
5575daae50 socket: Add the __sockaddr_un_set function
03e6e02e6a Disable debuginfod in printer tests [BZ #28757]
705f1e4606 Update syscall lists for Linux 5.16
2fe2af88ab i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bug 28771)
73558ffe84 Update syscall lists for Linux 5.15
e64235ff42 powerpc: Fix unrecognized instruction errors with recent GCC

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2022-01-30 22:23:46 +01:00
Daniel Golle
88baf6ce2c
ubox: only start log to file when filesystem has been mounted
If log_file is on an filesystem mounted using /etc/config/fstab we have
to wait for that to happen before starting the logread process.
Inhibit the start of the file-writer process and use a mount trigger to
fire it up once the filesystem actually becomes available.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-01-30 20:19:37 +00:00
Daniel Golle
6d76ec3872
procd: support generic mount triggers and clean up
Allow init scripts to trigger free-form actions by exposing
procd_add_action_mount_trigger.
Clean up mount trigger wrappers while at it to reduce code duplication.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-01-30 20:16:25 +00:00
Tamas Balogh
b21bc3479d ath79: ASUS RP-AC66 use flash till the end
This makes available the additional space,
which was occupied by OEM's jffs2 partition before:
"0x000000f80000-0x000001000000 : jffs2"

Reverting to the OEM firmware will also recover
this partition, i.e. it is not needed and can be
used by OpenWrt.

Signed-off-by: Tamas Balogh <tamasbalogh@hotmail.com>
2022-01-30 01:16:14 +09:00
Davide Fioravanti
8fde82095b ramips: add support for Wavlink WL-WN535K1
The Wavlink WL-WN535K1 is a "mesh" router with 2 gigabit ethernet ports
and one fast ethernet port. Mine is branded as Talius TAL-WMESH1.
It can be found in kits of 2 or 3 (WL-WN535K2 or WL-WN535K3).
The motherboard is labelled as WS-WN535G3-B-V1.2 so this image could
potentially work for WL-WN535G3R and WS-WN535G3R with little to none
effort, but it's untested.

Hardware
--------
SoC:   Mediatek MT7620A
RAM:   64MB
FLASH: 8MB NOR (GigaDevice GD25Q64CS)
ETH:
  - 2x 10/100/1000 Mbps Ethernet (RTL8211F)
  - 1x 10/100 Mbps Ethernet (integrated in SOC)
WIFI:
  - 2.4GHz: 1x (integrated in SOC) (2x2:2)
  - 5GHz:   1x MT7612E (2x2:2)
  - 4 internal antennas
BTN:
  - 1x Reset button
  - 1x Touchlink button (set to WPS)
  - 1x ON/OFF switch
LEDS:
  - 1x Red led (system status)
  - 1x Blue led (system status)
  - 3x Green leds (ethernet port status/act)
UART:
  - 57600-8-N-1

Everything works correctly.

Currently there is no firmware update available. Because of this, in
order to restore the OEM firmware, you must firstly dump the OEM
firmware from your router before you flash the OpenWrt image.

Backup the OEM Firmware
-----------------------
The following steps are to be intended for users having little to none
experience in linux. Obviously there are many ways to backup the OEM
firmware, but probably this is the easiest way for this router.
Procedure tested on WN535K1_V1510_200916 firmware version.

1) Go to http://192.168.10.1/webcmd.shtml

2) Type the following line in the "Command" input box and then press enter:
	mkdir /etc_ro/lighttpd/www/dev; dd if=/dev/mtd0ro of=/etc_ro/lighttpd/www/dev/mtd0ro

3) After few seconds in the textarea should appear this output:
		16384+0 records in
	16384+0 records out

   If your output doesn't match mine, stop reading and ask for
   help in the forum.

4) Open in another tab http://192.168.10.1/dev/mtd0ro to download the
   content of the whole NOR. If the file size is 0 byte, stop reading
   and ask for help in the forum.

5) Come back to the http://192.168.10.1/webcmd.shtml webpage and type:
	rm /etc_ro/lighttpd/www/dev/mtd0ro;for i in 1 2 3 4 5; do dd if=/dev/mtd${i}ro of=/etc_ro/lighttpd/www/dev/mtd${i}ro; done

6) After few seconds, in the textarea should appear this output:
		384+0 records in
	384+0 records out
	128+0 records in
	128+0 records out
	128+0 records in
	128+0 records out
	14720+0 records in
	14720+0 records out
	1024+0 records in
	1024+0 records out

   If your output doesn't match mine, stop reading and ask for
   help in the forum.

7) Open the following links to download the partitions of the OEM FW:
	http://192.168.10.1/dev/mtd1ro
	http://192.168.10.1/dev/mtd2ro
	http://192.168.10.1/dev/mtd3ro
	http://192.168.10.1/dev/mtd4ro
	http://192.168.10.1/dev/mtd5ro

   If one (or more) of these files are 0 byte, stop reading and ask
   for help in the forum.

8) Store these downloaded files in a safe place.

9) Reboot your router to remove any temporary file in ram.

Installation
------------
Flash the initramfs image in the OEM firmware interface
(http://192.168.10.1/update_mesh.shtml).
When Openwrt boots, flash the sysupgrade image otherwise you won't be
able to keep configuration between reboots.

Restore OEM Firmware
--------------------
Flash the "mtd4ro" file you previously backed-up directly from LUCI.
Warning: Remember to not keep settings!
Warning2: Remember to force the flash.

Notes
-----
1) Router mac addresses:
   LAN		XX:XX:XX:XX:XX:E2 (factory @ 0x28)
   WAN		XX:XX:XX:XX:XX:E3 (factory @ 0x2e)
   WIFI 2G	XX:XX:XX:XX:XX:E4 (factory @ 0x04)
   WIFI 5G	XX:XX:XX:XX:XX:E5 (factory @ 0x8004)

   LABEL	XX:XX:XX:XX:XX:E5

2) The OEM firmware upgrade page accepts only files containing the
   string "WN535K1" in the filename.

3) Additional notes 1,2,3 in the WS-WN583A6 commit are still valid
(92780d80ab)

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
[remove trailing whitespace]
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-01-30 01:15:23 +09:00
Paul Spooren
3dc38823a2 CI: add formal checks
The formal checks verify the following things:
- Commits does not contain any merge commits
- Signed by a real name
- Commit titles starts with an `<area>:`
- Author name matches signed of name
- Commit message is not empty

Signed-off-by: Paul Spooren <mail@aparcar.org>
2022-01-29 16:44:11 +01:00
Sungbo Eo
f4a79148f8 ramips: add support for ipTIME AX2004M
ipTIME AX2004M is an 802.11ax (Wi-Fi 6) router, based on MediaTek
MT7621A.

Specification:
* SoC: MT7621A
* RAM: 256 MiB
* Flash: NAND 128 MiB
* Wi-Fi:
  * MT7915D: 2.4/5 GHz (DBDC)
* Ethernet: 5x 1GbE
  * Switch: SoC built-in
* USB: 1x 3.0
* UART: J4 (115200 baud)
  * Pinout: [3V3] (TXD) (RXD) (GND)

MAC address:

| interface |        MAC        |     source     | comment
|-----------|-------------------|----------------|---------
|       LAN | 58:XX:XX:00:XX:9B |                | [1]
|       WAN | 58:XX:XX:00:XX:99 |                |
|   WLAN 2G | 58:XX:XX:00:XX:98 | factory 0x4    |
|   WLAN 5G | 5A:XX:XX:40:XX:98 |                |
|           |                   |                |
|           | 58:XX:XX:00:XX:98 | config ethaddr |

[1] Used in this patch as WLAN 5G MAC address with the local bit set

Load address:
* stock
  * 0x80010000: FIT image
  * 0x81001000: kernel image -> entry
* OpenWrt
  * 0x80010000: FIT image
  * 0x82000000: uncompressed kernel+relocate image
  * 0x80001000: relocated kernel image -> entry

Installation via **recovery** mode:
1.  Press reset button, power up the device, wait >10s for CPU LED
    to stop blinking.
2.  Upload recovery image through the recovery web page at 192.168.0.1.

Revert to stock firmware:
1.  Install stock image via recovery mode.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-01-29 23:50:28 +09:00
Sungbo Eo
03aa57d7ab ramips: make the relocation address configurable
If no argument is given to relocate-kernel, KERNEL_LOADADDR will be used
just as before.

This is a preparation for ramips support of ipTIME AX2004M.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-01-29 23:50:28 +09:00
Sungbo Eo
6ff970bb51 mvebu: add support for ipTIME NAS1dual
ipTIME NAS1dual is a 1-bay NAS, based on Marvell Armada 385 SoC.

Specifications:
* SoC: 88F6820
* RAM: 2 GiB
* Flash: SPI NOR 64 MiB
* SATA: 1x 3Gb/s
* Ethernet: 2x 1GbE
* USB: 1x 3.0
* Fan: 2 speed level
* UART: J11 (115200 8N1)
  * Pinout: [3V3] (TXD) (RXD) (GND)

Installation via web interface:
1.  Flash **initramfs** image through the stock web interface.
2.  Boot into OpenWrt and perform sysupgrade with sysupgrade image.

Revert to stock firmware:
1.  Perform sysupgrade with stock image.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-01-29 23:50:28 +09:00