Commit Graph

55676 Commits

Author SHA1 Message Date
Glen Huang
1bd63df263 uhttpd: use acme hotplug
Reload uhttpd after certificates are renewed with acme.

Reviewed-by: Toke Høiland-Jørgensen <toke@toke.dk>
Signed-off-by: Glen Huang <i@glenhuang.com>
2022-10-18 08:38:07 +02:00
Robert Marko
b58f3c573d
arm-trusted-firmware-mvebu: add Methode eDPU support
Provide ATF support for Methode eDPU as well, this makes it easy for
OpenWrt users to update the included U-boot+ATF combo.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2022-10-17 15:42:50 +02:00
Robert Marko
1324fe468c
uboot-mvebu: add Methode eDPU support
Add support for building for Methode eDPU board, no patches are needed
as board has been upstreamed and is part of the 2022.10-rc releases.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2022-10-17 15:42:50 +02:00
Robert Marko
4f348a200b
uboot-mvebu: update to 2022.10
Update mvebu U-boot to 2022.10 to avoid backporting patches in order
to support Methode eDPU.

It also allows dropping existing patches as they are all backports.

Tested-by: Andre Heider <a.heider@gmail.com> # espressobin-v3-v5-1gb-2cs
Tested-by: Russell Morris <github@rkmorris.us> # espressobin-v3-v5-1gb-1cs
Tested-by: Josef Schlehofer <pepe.schlehofer@gmail.com> [Turris Omnia]
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2022-10-17 15:42:30 +02:00
Christian Marangi
689cfaeb7c
CI: kernel: check if patch are refreshed for each target
Enforce refreshed patch for each target with kernel pr tests.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-17 00:40:52 +02:00
Christian Marangi
1b147bec1a
ipq806x: 5.15: refresh target patches
Refresh ipq806x target patches for kernel 5.15.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-17 00:40:16 +02:00
Christian Marangi
32ecf4251a
bcm53xx: 5.10: refresh target patches
Refresh bcm53xx target patches for kernel 5.10.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-17 00:34:28 +02:00
Christian Marangi
32c683ddce
generic: 5.10: refresh hack patches
Refresh hack patches for kernel 5.10.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-16 20:36:49 +02:00
Christian Marangi
6b4bdab918
generic: 5.10: refresh backport patches
Refresh backport patches for kernel 5.10.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-16 20:36:03 +02:00
Christian Marangi
6893dd4803
generic: 5.15: refresh hack patches
Refresh hack patches for kernel 5.15.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-16 13:19:33 +02:00
Christian Marangi
fb67733d87
generic: 5.15: refresh backport patches
Refresh backport patches for kernel 5.15.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-16 13:19:05 +02:00
Jo-Philipp Wich
cb24be47ff firewall4: update to latest Git HEAD
4fbf6d7 ruleset.uc: log forwarded traffic not matched by zone policies
c7201a3 main.uc: reintroduce set reload restriction
756f1e2 ruleset: fix emitting set_mark/set_xmark rules with masks
3db4741 ruleset: properly handle zone names starting with a digit
43d8ef5 fw4: fix formatting of default log prefix
592ba45 main.uc: remove uneeded/wrong set reload restrictions
b0a6bff tests: fix testcases
145e159 fw4: recognize `option log` and `option counter` in `config nat` sections
ce050a8 fw4: fall back to device if l3_device is not available in ifstatus

Fixes: #10639, #10965
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-10-15 00:39:48 +02:00
Jo-Philipp Wich
5110dcb1fa ucode: update to latest Git HEAD
4ae7072 fs: use `getline()` for line wise read operations
21ace5e lexer: fixes for regex literal parsing
00965fa lib: implement slice() function
76d396d main: implement print mode
7bbba78 compiler: optimize function return opcode generation
a45f2a3 lexer: improve regex literal handling
d64d5d6 vm: maintain export symbol tables per program
f4b4ded uloop: task: gracefully handle absent output callback
a58fe47 ubus: hold reference to underlying connection until deferred is concluded
e23b58a lib: uc_system(): retry waitpid() on EINTR

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-10-15 00:39:48 +02:00
Jo-Philipp Wich
db17c75271 rpcd: update to latest Git HEAD
8c852b6 ucode: write ucode runtime exceptions to stderr

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-10-15 00:39:48 +02:00
David Bauer
f8942d1428 mpc85xx: fix unset kernel symbol
Signed-off-by: David Bauer <mail@david-bauer.net>
2022-10-14 23:13:02 +02:00
Matthias Schiffer
a01d23e755 image: always rebuild kernel loaders
Kernel loaders like the lzma-loader currently don't track changes to
their sources. This can lead to an old version of a loader to be used
when a build tree is not clean between builds.

As the loaders are tiny and the build times are insignificant, simply
force rebuilding them on every build to avoid this problem.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2022-10-14 23:13:02 +02:00
Matthias Schiffer
2fa53c9214 mpc85xx: p1010: make TP-Link WDR4900 v1 build again
Add the spi-loader as a pre-kernel stage, so we can lift the kernel size
limit.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2022-10-14 23:13:02 +02:00
Matthias Schiffer
a296055b82 mpc85xx: add SPI kernel loader for TP-Link TL-WDR4900 v1
Similar to the lzma-loader on our MIPS targets, the spi-loader acts as
a second-stage loader that will then load and start the actual kernel.
As the TL-WDR4900 uses SPI-NOR and the P1010 family does not have support
for memory mapping of this type of flash, this loader needs to contain a
basic driver for the FSL ESPI controller.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2022-10-14 23:13:02 +02:00
Uwe Kleine-König
63e5ba8e69 busybox: nslookup: ensure unique transaction IDs for the DNS queries
On machines with a coarse monotonic clock (here: TP-Link RE200 powered
by a MediaTek MT7620A) it can happen that the two DNS requests (for A
and AAAA) share the same transaction ID. If this happens the second
reply is wrongly dropped and nslookup reports "No answer".

Fix this by ensuring that the transaction IDs are unique.

Signed-off-by: Uwe Kleine-König <uwe@kleine-koenig.org>
2022-10-14 20:51:35 +02:00
Christian Marangi
fcff86be06
generic: 5.15: backport qca8k fixup patches for Big-Endian systems
Backport qca8k fixup patches for inband mgmt on Big-Endian systems.
This is needed for ath79 and mpc85xx targets that are Big-Endian and use
qca8k based switch.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-14 15:10:52 +02:00
Bruno Umuarama
85ae64bb27
mediatek: mt7623: fix thermal zone
Raising the temperatures for passive and active trips. @VA1DER
proposed at issue 9396 to remove passive trip. This commit relates to
his suggestion.

Without this patch. the CPU will be throttled all the way down to 98MHz
if the temperature rises even a degree above the trip point, and it was
further discovered that if the internal temperature of the device is
above the first trip point temperature when it boots then it will start
in a throttled state and even
$ echo disabled > /sys/class/thermal/thermal_zone0/mode
will have no effect.

The patch increases the passive trip point and active cooling map. The
throttling temperature will then be at 77°C and 82°C, which is still a
low enough temperature for ARM devices to not be in the real danger
zone, and gives some operational headroom.

Signed-off-by: Bruno Umuarama <anonimou_eu@hotmail.com>
2022-10-14 14:44:37 +02:00
Felix Fietkau
ef8b935c95 mediatek: clean up mt7622 kernel config
Remove a few unused options to reduce kernel size

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:16:16 +02:00
Felix Fietkau
9995dd2543 kernel: remove target specific CONFIG_IKCONFIG lines
Use generic configuration for this feature

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:15:47 +02:00
Felix Fietkau
d3cd09d1c6 kernel: add missing lockdep config symbols for 5.15
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:15:29 +02:00
Felix Fietkau
34054e4c06 mediatek: fill wlan device entries in board.json on mt7622
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:13:49 +02:00
Felix Fietkau
a7ca1b2314 mac80211: use board.json provided phy names in generated default config
The phy will be automatically renamed on setup

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:13:11 +02:00
Felix Fietkau
50a03decdf mac80211: change the default config for a renamed wiphy
use option phy to reference the device instead of path/macaddr

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:13:01 +02:00
Felix Fietkau
db9c4a066a mac80211: fix detecting highest radio* config section index
Deal with gaps by iterating over existing sections instead of counting

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:12:49 +02:00
Felix Fietkau
4d323303e7 mac80211: rename phy according to board.json entries on bringup
This allows phy names specified in board.json to be used directly instead of
the path option

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:12:42 +02:00
Felix Fietkau
6603748e0c mac80211: change default ifname to <phy>-<type><index>
This makes it clear, which phy a wlan device belongs to and also helps with
telling them apart by including the mode in the ifname.
Preparation for automatically renaming PHYs

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:12:36 +02:00
Felix Fietkau
7f9d3a00d8 base-files: add helper functions for adding wlan device entries to board.json
These will be used to give WLAN PHYs a specific name based on path specified
in board.json. The platform board.d script can assign a specific order based
on available slots (PCIe slots, WMAC device) and device tree configuration.

This helps with maintaining config compatibility in case the device path
changes due to kernel upgrades.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:12:30 +02:00
Felix Fietkau
0a4a0c7193 libubox: update to the latest version
ea56013409d5 jshn.sh: add json_add_fields function for adding multiple fields at once

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:12:23 +02:00
Felix Fietkau
735f5f18dd iwinfo: update to the latest version
0496c722f1d7 nl80211: fix issues with renamed wiphy and multiple phy per device

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-14 13:12:07 +02:00
Felix Fietkau
da6b77215b mac80211: fix typo in netifd script
Reported-by: Chad Monroe <chad.monroe@smartrg.com>
Fixes: 590eaaeed5 ("mac80211: fix issues in HE capabilities")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-13 21:50:34 +02:00
Nick Hainke
dbce336539
airoha: fix imagebuilder generation by introducing generic target
The generic imagebuilder does not have a generic in the name, although
this is the default naming scheme. Apply the same fix as for the octeon
target. Thanks to @dangowrt for reporting that the same issues applies
also for the airoha target.

Before the fix:
openwrt-imagebuilder-airoha.Linux-x86_64.tar.xz

After:
openwrt-imagebuilder-airoha-generic.Linux-x86_64.tar.xz

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-13 17:38:59 +02:00
Nick Hainke
e5cab973a4
hostapd: add measurement report value for beacon reports
Add the measurement report value to the beacon reports send via ubus. It
is possible to derive from the measurement report if a station refused to
do a beacon report and why. It is important to know why a station refuses
to do a beacon-report. In particular, we should not request a beacon
report from a station again that refused a beacon-report before.

The rejection reasons can be found by looking at the bits defined by:
- MEASUREMENT_REPORT_MODE_ACCEPT
- MEASUREMENT_REPORT_MODE_REJECT_LATE
- MEASUREMENT_REPORT_MODE_REJECT_INCAPABLE
- MEASUREMENT_REPORT_MODE_REJECT_REFUSED

Suggested-by: Ian Clowes <clowes_ian@hotmail.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-13 16:53:37 +02:00
Aleksey Nasibulin
3413409ef6
bcm53xx: linksys ea6500-v2: extend RAM to full 256MB
Linksys ea6500-v2 have 256MB of ram. Currently we only use 128MB.
Expand the definition to use all the available RAM.

Signed-off-by: Aleksey Nasibulin <alealexpro100@ya.ru>
[ wrap to 80 columns ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-13 16:34:50 +02:00
Olliver Schinagl
41a1a652fb
kernel: backport gnu11 upgrade
Upstream has switched to gnu11 not too long ago. One advantage of
backporting this to these older kernels is, that we can encourage and
write better upstreamable kernels. E.g. the kernel devs prefer loop
declarations. Shrinking the master/local gap will be useful in these
cases.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Acked-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-13 16:03:35 +02:00
Huangbin Zhan
2f8ac8bcea
build: image: use printf for ModelNameLimit16
Fix syntax error on macos, for substr is undefined results according to
the POSIX standard.

From expr on macos:
 According to the POSIX standard, the use of string arguments length,
 substr, index, or match produces undefined results.  In this version of
 expr, these arguments are treated just as their respective string values.

By a simple test Makefile:

define ModelNameLimit16
$(shell expr substr "$(word 2, $(subst _, ,$(1)))" 1 16)
endef

define ModelNameLimit16_2
$(shell printf %.16s "$(word 2, $(subst _, ,$(1)))")
endef

hello:
	echo $(call ModelNameLimit16, technicolor_tg582n-telecom-italia)
	echo $(call ModelNameLimit16_2, technicolor_tg582n-telecom-italia)

The same output is produced.

echo tg582n-telecom-i
tg582n-telecom-i
echo tg582n-telecom-i
tg582n-telecom-i

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
[ wrap commit description to 80 columns and improve it ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-13 15:57:35 +02:00
Felix Fietkau
88803cb0e6 mac80211: add patch that gives the driver more control over netdev offloads
This can be used to selectively disable checksum, SG or GSO offloads

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-13 15:04:33 +02:00
Felix Fietkau
26f400210d mac80211: backport security fixes
This mainly affects scanning and beacon parsing, especially with MBSSID enabled

Fixes: CVE-2022-41674
Fixes: CVE-2022-42719
Fixes: CVE-2022-42720
Fixes: CVE-2022-42721
Fixes: CVE-2022-42722
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-13 15:00:59 +02:00
Felix Fietkau
590eaaeed5 mac80211: fix issues in HE capabilities
Enable HE SU beamformee by default
Fix spatial reuse configuration:
- he_spr_sr_control is not a bool for enabling, it contains multiple bits
  which disable features that should be disabled by default
- one of the features (PSR) can be enabled through he_spr_psr_enabled
- add option to disable bss color / spatial reuse

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-13 13:45:42 +02:00
Christian Marangi
5fb7232bc0
CI: labeler: target major version of labeler action
Target major version of labeler to include minor fixes and use always
the latest major version with included fixes.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-12 16:49:46 +02:00
Christian Marangi
77b24012db
CI: bump actions/download,upload-artifact action to v3
Bump actions/download,upload-artifact action to v3 on every workflow
to mute node deprecation warning.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-12 16:48:46 +02:00
Christian Marangi
87c69d73bb
CI: bump actions/checkout action to v3
Bump actions/checkout action to v3 on every workflow to mute node
deprecation warning.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-12 16:47:46 +02:00
Giammarco Marzano
cd93980abb
ipq40xx: Fix wrong GPIO for internal status LED on ZTE MF289F
Change GPIO from 10 to 35 to make it works as expected

Fixes: 0de6a3339f ("ipq40xx: Add ZTE MF289F")
Signed-off-by: Giammarco Marzano <stich86@gmail.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
2022-10-12 00:59:39 +02:00
Christian Marangi
bb451eccaa
ipq806x: switch to 5.15 kernel by default
Switch to 5.15 kernel by default to promote more wider testing and use
better upstream patch.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-11 21:28:46 +02:00
Christian Marangi
8d9dfac2bd
ipq806x: 5.15: add clk krait fixes/improvement patch
Add various krait fixes patch that correctly bringup mux and cpu clocks.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-11 21:28:46 +02:00
Christian Marangi
ecf1abe5bf
ipq806x: 5.15: enable again usb node for each device
Usb node now are disabled by default in dtsi. Enable again them in each
device dts.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-11 21:28:46 +02:00
Christian Marangi
6f1b89baba
ipq806x: 5.15: add krait-cc modernization patch and fixup
Add multiple patch for krait-cc modernization and multiple fixup for the
driver. Also modify a patch to enable the qsb fixed clock and add pxo to
krait-cc node.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-10-11 21:28:45 +02:00