Initially APK would sign packages and package index and verify
signatures individually. With the latest change, all packages inside a
trusted index are automatically trusted.
This is important within the OpenWrt eco-system since signing the index
happens on another machine than the package creation.
Signed-off-by: Paul Spooren <mail@aparcar.org>
This adds auto-configuration of network ports on Dell EMC Edge620 (x86) product.
It is similar in specs/features to some of the Sophos x86-based appliances, but:
1. Serial console terminal is built in and requires just the micro-USB cable
2. Comes with both MMC (16Gb) and SSD (256Gb) installed
3. Comes with 6 ethernet ports all 6 are functional when no SFP is used
4. Comes with two SFP cages and not one, like some of revision 3 Sophos products
5. Unlike Sophos devices, there are no non-wireless models of Edge 620,
it comes with Qualcomm Atheros QCA9880 radio
These devices can be now found both second-hand and new at online marketplaces below
(sometimes well below) US $100, I believe they make great candidates for running OpenWrt.
The ethernet network ports on the case are marked GE1 thru to GE6 with the
following mapping once booted into OpenWrt:
```
GE1: eth2: pci0000:00/0000:00:0b.0/0000:02:00.2
GE2: eth3: pci0000:00/0000:00:0b.0/0000:02:00.3
GE3: eth0: pci0000:00/0000:00:0b.0/0000:02:00.0
GE4: eth1: pci0000:00/0000:00:0b.0/0000:02:00.1
GE5: eth7: pci0000:00/0000:00:17.0/0000:07:00.1
GE6: eth6: pci0000:00/0000:00:17.0/0000:07:00.0
```
Dell's instructions for [standard configuration](https://infohub.delltechnologies.com/en-us/l/dell-emc-edge-620-advanced-activation-guide/dell-emc-sd-wan-edge-620-standard-configuration/)
recommend using GE3, GE4, GE5, or GE6 for WAN, I've selected the GE6 as the sole
WAN port under OpenWrt with the rest of ethernet ports assigned to LAN.
Please merge before 24.xx is forked and if possible, cherry-pick for 23.05
if there's no ETA for 24.xx forking.
PS. @Hurricos I'm struggling with ixgbe mappings on Sophos devices which use
very similar hardware to Dell EMC, so even tho I know the sys paths for ethernet ports,
I'd prefer to do a separate commit to properly map ethernet ports to match the case markings
for this device at some point later.
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Compilation of mtd_test.ko should be added only for kernel 6.6 or above.
Fixes 26df88a ("kernel: Add kmod-mfd-test")
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/16085
Signed-off-by: Robert Marko <robimarko@gmail.com>
Bump omnia-mcutool to 0.3-rc3:
* The `--upgrade` option will now work even if MCU is in bootloader (for
example if previous upgrade was aborted).
* On boards with GD32 MCUs, `omnia-mcutool` will now refuse to upgrade
application firmware to version lower than 4.1 if bootloader version
is 2.0 (the original for first batch of boards with GD32 MCUs) since
these versions of application and bootloader are not compatible.
If user already upgraded to such a combination, an upgrade of
bootloader firmware is required.
The `--upgrade` option will inform about this and will automatically
upgrade bootloader firmware if the `--force` option is given.
(Note that version 4.1 of the MCU firmware was will be released soon,
once it is properly tested.)
* Various other improvements.
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/16086
Signed-off-by: Robert Marko <robimarko@gmail.com>
6.6.44 introduced breakage complaining about missing mtd_test.ko
for some targets.
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/16061
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Use realtek,extif property instead of realtek,extif0 to extif2
by extending it with the cpu_port parameter.
The extif number is automatically calculated based on cpu_port.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/15749
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Store the chip type in smi->rtl8367b_chip
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/15749
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Remove the rlvid analysis because for the rtl8367b family chips supported
by the driver (rtl8367rb and rtl8367r-vb), rlvid is always equal to 1.
So the code for rlvid equal to 0 is completely unnecessary.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/15749
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Use realtek,extif property instead of realtek,extif0 and realtek,extif1
by extending it with the cpu_port parameter.
The extif number is automatically calculated based on cpu_port.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/15749
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Enabling KERNEL_DEBUG_INFO_BTF and KERNEL_KPROBE_EVENTS on 6.6 exposes
CONFIG_PROBE_EVENTS_BTF_ARGS in the kernel config. Add a build option
for it to fix build failures with KERNEL_DEBUG_INFO_BTF and
KERNEL_KPROBE_EVENTS enabled on targets using the 6.6 kernel.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Drop config for Linux 6.1.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/16030
Signed-off-by: Robert Marko <robimarko@gmail.com>
Switch to Linux kernel version 6.6.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/16030
Signed-off-by: Robert Marko <robimarko@gmail.com>
This patch backports fixes for a security vulnerability impacting the
hostapd implementation of SAE H2E.
As upgrading hostapd would require more testing, the second mitigation
step which involves backporting several patches was adopted as outlined
in the official advisory[1].
An explanation of the impact of the vulnerability is provided from the
advisory[1]:
This vulnerability allows the attacker to downgrade the negotiated group
to another enabled group if both the AP and STA have enabled SAE H2E and
multiple groups. It should be noted that the H2E option is not enabled
by default and the attack is not applicable to the default option, i.e.,
hunting-and-pecking, since it does not have any downgrade protection for
group negotiation. In addition, the default configuration for enabled
SAE groups in hostapd is to enable only a single group, so the
vulnerability is not applicable unless hostapd has been explicitly
configured to enable more groups for SAE.
[1]: https://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16042
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Add a new utility, omnia-mcutool, which main purpose is to upgrade the
firmware on the microcontroller on the Turris Omnia router. Depends on
omnia-mcu-firmware, and the upgrade process is pretty simple:
omnia-mcutool --upgrade
Besides firmware upgrade, the utility can be used to show and configure
various firmware settings.
Signed-off-by: Marek Mojík <marek.mojik@nic.cz>
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add a new package, omnia-mcu-firmware, containing firmware binaries for
the microcontroller on the Turris Omnia router.
Signed-off-by: Marek Mojík <marek.mojik@nic.cz>
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add support for the MCU driver on CZ.NIC's Turris Omnia. This adds
the ability to do a true board poweroff, and to configure various
features (for example the user may configure that after poweroff, the
router should automatically wake up at a specific time).
Signed-off-by: Marek Mojík <marek.mojik@nic.cz>
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
Handle the KEY_VENDOR key in gpio-button-hotplug driver. This is used
by Turris Omnia.
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
This backports patches
dt-bindings: firmware: add cznic,turris-omnia-mcu binding
platform: cznic: Add preliminary support for Turris Omnia MCU
platform: cznic: turris-omnia-mcu: Add support for MCU connected GPIOs
platform: cznic: turris-omnia-mcu: Add support for poweroff and wakeup
platform: cznic: turris-omnia-mcu: Add support for MCU watchdog
platform: cznic: turris-omnia-mcu: Add support for MCU provided TRNG
ARM: dts: turris-omnia: Add MCU system-controller node
ARM: dts: turris-omnia: Add GPIO key node for front button
platform: cznic: turris-omnia-mcu: Depend on OF
platform: cznic: turris-omnia-mcu: Depend on WATCHDOG
platform: cznic: turris-omnia-mcu: fix Kconfig dependencies
that will be released in 6.11 into mvebu/patches-6.6.
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
This target doesn't actually use NAND.
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16001
Signed-off-by: Robert Marko <robimarko@gmail.com>
This reverts commit f444dea428.
It seems that some devices using GPIO WDT have really short WDT timeouts
and when using module_platform_driver registration it happens too late
and thus WDT will timeout and reset the board.
So, for now lets return the postcore_initcall hack for now.
Fixes: f444dea428 ("ath79: remove GPIO driver earlier registration hack")
Signed-off-by: Joan Moreau <jom@grosjo.net>
Link: https://github.com/openwrt/openwrt/pull/16035
Signed-off-by: Robert Marko <robimarko@gmail.com>
Layerscape was switched to 6.6 kernel. Now is time to remove 6.1
support.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16037
Signed-off-by: Robert Marko <robimarko@gmail.com>
CI says patches need to be refreshed, so do so.
Fixes: 6bb334c5cf ("mediatek: fix u-boot env layout NVMEM definitions")
Link: https://github.com/openwrt/openwrt/pull/16051
Signed-off-by: Robert Marko <robimarko@gmail.com>
68c8a4f system-linux: re-apply ethtool on phy attachment
890929b wireless: add support for defining wifi interfaces via procd service data
b57e40b wireless: use blobmsg_parse_attr
7a6532f proto-shell: add proto property for skipping device config
33ec3da CMake: bump the minimum required CMake version to 3.5
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Kirkwood was switched to 6.6. We can remove 6.1 support now.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15998
Signed-off-by: Robert Marko <robimarko@gmail.com>
generic.mk was commited by mistake. It isn't used. Let's remove it.
Fixes: ccbdb212f3 ("kirkwood: Add missing package dependency")
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15998
Signed-off-by: Robert Marko <robimarko@gmail.com>
Let's switch to kernel 6.6 for wide tests.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15998
Signed-off-by: Robert Marko <robimarko@gmail.com>
Radxa ROCK Pi E v3.0 has a RTL8723DU Wi-Fi 4 on-board device. enable
it.
Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15910
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Radxa ROCK Pi S has a RTL8723DS Wi-Fi 4 on-board device. enable it.
Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15910
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Build the amd64-microcode package on all architectures even if it only
makes sense to use it on x86. If the package build is done by a builder
not building for x86 it will not include the package otherwise.
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different target.
Fixes: 24d6abe2d7 ("firmware-utils: new package replacing otrx")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different target.
Fixes: 8619d7af67 ("kirkwood: add D-Link DNS-320L support")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different target.
Fixes: 1eb21b87bd ("kobs-ng: add new package")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different target.
Fixes: 07043a853a ("imx23: rename imx23 to mxs for upcoming imx23/28 support")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Package the firmware files in the target specific build step and not in
the architecture common step. The architecture common step is not
necessary build for the ipq40xx target. If it is build for a different
target these packages are not packaged at all. This moves the build to
the ipq40xx target specific build step. This change is needed to make
the firmware files show up in the buildbot images.
Fixes: 02db8a19cb ("firmware: add Intel/Lantiq VRX518 ACA firmware package")
Fixes: 07b0e6f3d9 ("firmware: add Intel/Lantiq VRX518 PPE firmware package")
Fixes: 13eb1f564a ("firmware: add Intel/Lantiq VRX518 DSL firmware package")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Import patch from mainline Linux to fix issue with PERST# signal
polarity.
Quote from commit message:
"This extra, very short, PERST# assertion + deassertion has been
reported to cause issues with certain WLAN controllers, e.g. RTL8822CE."
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Testing turned out that the HWRNG quality varies greatly on RK3566,
even on supposedly identical boards and SoC revisions.
Hence enable the HWRNG driver only on RK3568 for now.
Allow users to simply tune sample_count and quality to allow easily
testing results on different boards and SoCs.
Link: https://patchwork.kernel.org/project/linux-arm-kernel/cover/cover.1720969799.git.daniel@makrotopia.org/
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This is a backport of netdev/net [1]/[2], expected to be in kernel 6.11
(if not backported to a stable branch).
Since 4fdc7bb8f1 (2024-06-14, switching ath79 from kernel 6.1 to 6.6),
the rtl8366s driver was made to write to bogus PHY MII registers on
ath79/netgear,wndr3800 and family, and likely on other systems using
this switch in a similar manner. The writes were directed to PHY 4 MII
registers 0x0d (13) and 0x0e (14). The rtl8366s data sheet claims these
registers are reserved. These register writes were causing the device to
not maintain link, track link status, or pass traffic on eth1 (labeled
WAN), as eth1 is connected to PHY 4.
0x0d is MII_MMD_CTRL, and 0x0e is MII_MMD_DATA. rtl8366s doesn't appear
to support MMD in any way, and certainly not via the IEEE 802.3 annex
22D "clause 45 over clause 22" protocol implemented by mmd_phy_indirect.
This patch intercepts those attempted register accesses and returns
-EOPNOTSUPP without touching the switch chip. This is implemented by
defining phy_driver::{read,write}_mmd as
genphy_{read,write}_mmd_unsupported for this PHY. A new PHY driver for
this PHY is introduced to achieve that, because this PHY was previously
using genphy_driver, and there is otherwise no clean way to declare lack
of support for these operations.
This was caused by kernel 9b01c885be36 (2023-02-13, in 6.3). The new
genphy_c45_read_eee_abilities call in genphy_read_abilities (called
during phy_probe) was causing an attempted MMD read of (MMIO_MMD_PCS,
MDIO_PCS_EEE_ABLE), which was transformed into an annex 22D
mmd_phy_indirect operation that performed MII register writes to
MII_MMD_CTRL, MII_MMD_DATA, and MII_MMD_CTRL again, followed by another
read from MII_MMD_DATA. This was enough to "scramble" the state of those
two MII registers, which are in fact not used for annex 22D MMD register
access on this device but are reserved and have some other function,
rendering the PHY unusable while so configured. The result of the
bungled MMD read attempt caused the genphy driver to incorrectly believe
that the PHY supported standard EEE, which led to several more attempted
MMD writes and reads, in turn being transformed into writes to these two
MII registers.
rtl8366s does support some pre-IEEE 802.3az EEE standard form of "Green
Ethernet" which the switch driver (local to OpenWrt) already has some
support for. No attempt is made to map the standard operations for this
device.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=225990c487c1
[2] https://lore.kernel.org/netdev/20240725204147.69730-1-mark@mentovai.com/
Fixes: https://github.com/openwrt/openwrt/issues/15981
Link: https://github.com/openwrt/openwrt/issues/15739
Reported-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Mark Mentovai <mark@mentovai.com>
Link: https://github.com/openwrt/openwrt/pull/16012
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Radxa ROCK Pi E v3.0 is a compact networking SBC[1] using the Rockchip
RK3328 SoC.
Hardware
--------
- Rockchip RK3328 SoC
- Quad A53 CPU
- 512MB/1GB/2GB DDR4 RAM
- 4/8/16/32GB eMMC
- Micro SD Card slot
- WiFi 4 and BT 4, or WiFi 5 and BT 5 (not supported yet)
- 1x 1000M Ethernet with PoE support (additional PoE HAT required)
- 1x 100M Ethernet
- 1x USB 3.0 Type-A port (Host)
- 1x 4-ring 3.5mm headphone jack
- 40 Pin GPIO header
[1] https://radxa.com/products/rockpi/pie
Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.
Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15984
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is an automatically generated commit which aids following Kernel patch
history, as git will see the move and copy as a rename thus defeating the
purpose.
For the original discussion see:
https://lists.openwrt.org/pipermail/openwrt-devel/2023-October/041673.html
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>