Commit Graph

52715 Commits

Author SHA1 Message Date
Christian Lamparter
25bc66eb40 ca-certificates: fix python3-cryptography woes in certdata2pem.py
This patch is a revert of the upstream patch to Debian's ca-certificate
commit 033d52259172 ("mozilla/certdata2pem.py: print a warning for expired certificates.")

The reason is, that this change broke builds with the popular
Ubuntu 20.04 LTS (focal) releases which are shipping with an
older version of the python3-cryptography package that is not
compatible.

|Traceback (most recent call last):
|  File "certdata2pem.py", line 125, in <module>
|    cert = x509.load_der_x509_certificate(obj['CKA_VALUE'])
|TypeError: load_der_x509_certificate() missing 1 required positional argument: 'backend'
|make[5]: *** [Makefile:6: all] Error 1

...or if the python3-cryptography was missing all together:
|Traceback (most recent call last):
|  File "/certdata2pem.py", line 31, in <module>
|    from cryptography import x509
|ModuleNotFoundError: No module named 'cryptography'

More concerns were raised by Jo-Philipp Wich:
"We don't want the build to depend on the local system time anyway.
Right now it seems to be just a warning but I could imagine that
eventually certs are simply omitted of found to be expired at
build time which would break reproducibility."

Link: <https://github.com/openwrt/openwrt/commit/7c99085bd697>
Reported-by: Chen Minqiang <ptpt52@gmail.com>
Reported-by: Shane Synan <digitalcircuit36939@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-12-01 17:52:35 +01:00
Felix Fietkau
fbc9ce779f hostapd: make hostapd/supplicant/wpad packages depend on a specific version of hostapd-commoon
This avoids potential version mismatch between packages when upgraded
individually

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-12-01 16:39:12 +01:00
Felix Fietkau
b7ce8a8c17 qosify: remove bulk flow detection from default ports
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-12-01 16:39:12 +01:00
Felix Fietkau
ac83015621 qosify: add besteffort class and switch all default classifications to class names
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-12-01 16:39:12 +01:00
Stijn Tintel
6832271ee7 nftables: bump to 1.0.1
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-12-01 00:39:36 +02:00
Stijn Tintel
7f7034d79f libnftnl: bump to 1.2.1
This version is required by nftables 1.0.1.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-12-01 00:39:26 +02:00
Aleksander Jan Bajkowski
56246f2910 lantiq: xway_legacy: disable unused switches
The xway_legacy subtarget only supports 5 devices. Most compiled
switch drivers are unused by any of these devices. The same drivers
are compiled into the xway subtarget. They were probably copied
from there when creating this subtarget.

Switches used by devices:
Arcadyan ARV4518PWR01   Realtek RTL8306SD
Arcadyan ARV4518PWR01A  Realtek RTL8306SD
Arcadyan ARV4520PW      Infineon ADM6996I
Arcadyan ARV4525PW      only PHY(IC+ IP101A)
Arcadyan ARV452CQW      Realtek RTL8306

The CONFIG_ETHERNET_PACKET_MANGLE symbol has also been disabled,
as it is only needed by the driver for AR8216.

Reduces kernel size by 19.9 kB.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2021-11-30 22:29:24 +01:00
Martin Kennedy
79ceea4303 mpc85xx: Fix HiveAP-330 nvmem mac loader
We actually need to enclose the whole section of partitions in a
`partitions { ... }` to assign it a `compatible = "fixed-partitions";
otherwise the partition referred to by `hwinfo` won't be registered
when bringing up MTD partitions, for example as per:

- <https://forum.openwrt.org/t/tp-link-c2600-missing-default-mac-mtd-partition-in-snapshot/103945/6>

- commit e2b03c16eb ("ipq806x: add missing enclosing partitions block for TP-Link C2600")'

Fixes: 8ec21d6bb2 ("mpc85xx: convert mtd-mac-address to nvmem implementation")
Signed-off-by: Martin Kennedy <hurricos@gmail.com>
[minor beautification]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-30 22:29:24 +01:00
Christian Lamparter
7c99085bd6 ca-certicficates: Update to version 20211016
Update the ca-certificates and ca-bundle package from version 20210119 to
version 20211016.

Debian change-log entry [1]:
|[...]
|[ Julien Cristau ]
|* mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority
|    bundle to version 2.50
|    The following certificate authorities were added (+):
|    + "AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
|    + "GlobalSign Root R46"
|    + "GlobalSign Root E46"
|    + "GLOBALTRUST 2020"
|    + "ANF Secure Server Root CA"
|    + "Certum EC-384 CA"
|    + "Certum Trusted Root CA"
|    The following certificate authorities were removed (-):
|    - "QuoVadis Root CA"
|    - "Sonera Class 2 Root CA"
|    - "GeoTrust Primary Certification Authority - G2"
|    - "VeriSign Universal Root Certification Authority"
|    - "Chambers of Commerce Root - 2008"
|    - "Global Chambersign Root - 2008"
|    - "Trustis FPS Root CA"
|    - "Staat der Nederlanden Root CA - G3"
|  * Blacklist expired root certificate "DST Root CA X3" (closes: #995432)
|[...]

[1] <https://metadata.ftp-master.debian.org/changelogs//main/c/ca-certificates/ca-certificates_20211016_changelog>

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-30 20:14:26 +01:00
Kevin Darbyshire-Bryant
7a48dfc90c nftables: install package file
Install pc file so dnsmasq can find libnftables

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2021-11-30 15:16:17 +00:00
Hauke Mehrtens
101300b842 bcm4908: Deactivate pci feature
This target does not activate CONFIG_PCI kernel configuration option, do
not activate the PCI feature. This will deactivate some PCI drivers
which are not building without PCI support in the kernel.

If PCI_SUPPORT or PCIE_SUPPORT are activated in the kernel configuration
the feature flag will be automatically set by the build system again.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-11-29 22:40:44 +01:00
Hauke Mehrtens
be3fcd72e9 kernel: Deactivate B53 symbols in generic configuration
Deactivate all the symbols of the B53 DSA driver in the generic kernel
configuration. Multiple targets are now using this drivers and they
only need some of the options.
This fixes the bcm4908 build which didn't deactivate all of the options.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-11-29 22:37:58 +01:00
Chukun Pan
001bdd5f67 sunxi: remove kmod-rtc-sunxi for unsupported devices
From driver source:

	{ .compatible = "allwinner,sun4i-a10-rtc", .data =
	&data_year_param[0] },
	{ .compatible = "allwinner,sun7i-a20-rtc", .data =
	&data_year_param[1] },

The rtc-sunxi module only supports allwinner a10 and a20 SoCs,
other SoCs in the cortexa7 and cortexa53 subtarget using the
CONFIG_RTC_DRV_SUN6I driver which is compiled into the kernel
binary, so remove this package for these unsupported devices.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2021-11-29 22:11:29 +01:00
Oldřich Jedlička
8d6a534cc1 mac80211: fixed missing cfg80211 dependency on kmod-rfkill
When compiling with CONFIG_USE_RFKILL=y, the build fails and mentions that
dependency on kmod-rfkill is missing, which is correct [1]. Add this
dependency to the Makefile.

Depend on +USE_RFKILL and not PACKAGE_kmod-rfkill, because it forces
selection of kmod-rfkill package. Other combinations in DEPENDS like
USE_RFKILL:kmod-rfkill or (+)PACKAGE_kmod-rfkill:kmod-rfkill do not force
selection of kmod-rfkill package.

The kmod-rfkill package itself depends on USE_RFKILL, so with +USE_RFKILL
in kmod-cfg80211 package it is not possible to select wrong combination of
packages.

[1] https://linux-wireless.vger.kernel.narkive.com/m8JY9Iks/cfg80211-depends-on-rfkill-or-not

Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
2021-11-29 22:11:15 +01:00
Robert Marko
040c02497c ath10k-ct: Fix spectral scan NULL pointer
If spectral scan support is enabled then ath10k-ct will cause a NULL
pointer due to relay_open() being called with a const callback struct
which is only supported in kernel 5.11 and later.

So, simply check the kernel version and if 5.11 and newer use the const
callback struct, otherwise use the regular struct.

Fixes: 553a3ac ("ath10k-ct: use 5.15 version")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2021-11-29 21:48:03 +01:00
Sander Vanheule
22f85d63cf realtek: netgear-gigabit: Add gpio-restart node
The Netgear GS110TPP v1 switch cannot reliably perform cold reboots
using the system's internal reset controller.

On this device, and the other supported Netgear switches, internal GPIO
line 13 is connected to the system's hard reset logic. Expose this GPIO
on all systems to ensure restarts work properly.

Cc: Raylynn Knight <rayknight@me.com>
Cc: Michael Mohr <akihana@gmail.com>
Cc: Stijn Segers <foss@volatilesystems.org>
Cc: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Tested-by: Bjørn Mork <bjorn@mork.no>
2021-11-28 22:43:08 +01:00
Sander Vanheule
3f4d6da453 realtek: Enable gpio-restart driver
Add the gpio-restart driver to the realtek build. This way devices,
which cannot reliably perform resets using the SoC's internal reset
logic, can use a GPIO line to drive the SoC's hard reset input.

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2021-11-28 22:43:08 +01:00
Sander Vanheule
fa71139776 realtek: add missing GPIO irq properties
The internal GPIO controller on RTL838x is also an IRQ controller, which
requires the 'interrupt-controller' and '#interrupts-cells' properties
to be present in the device tree.

Reported-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2021-11-28 22:43:08 +01:00
Bjørn Mork
d1464afe1b realtek: use full range of assigned MAC addresses
Some devices are assigned globally unique MAC addresses for all
ports. These are stored by U-Boot in the second U-Boot enviroment
("sysinfo") as a range of start and end address.

Use the full range if provided.

Signed-off-by: Bjørn Mork <bjorn@mork.no>
2021-11-28 22:43:08 +01:00
Bjørn Mork
9e7149f729 realtek: revert to "standard" management configuration
The default management interface should be easy to find for users
doing "blind" installations without console access.  There are
already multiple examples in the forum of advanced early adopters
having problems locating the management interface after installing
OpenWrt.

Requiring tagged VLAN configration to access the initial management
interface creates unnecessary hassle at best. Errors on the other
end are close to impossible to debug without console access, even
for advanced users.  Less advanced users might have problems with
the concept of VLAN tagging.

Limiting management access to a single arbitrary port among up to
52 possible LAN ports makes this even more difficult, for no
reason at all. Users might have reasons to use a different port
for management.  And they might even have difficulties using the
OpenWrt selected one. The port might be the wrong type for their
management link (e.g copper instead of fibre).  Or they might
depend on PoE power from a device which they can't reconfigure.

User expectations will be based on
- OpenWrt defaults for other devices
- stock firmware default for the device in question
- common default behaviour of similar devices

All 3 cases point to a static IP address accessible on the native
VLAN of any LAN port.  A switch does not have any WAN port.  All
ports are LAN ports.

This changes the default network configuration in line with these
expectations.

Cc: John Crispin <john@phrozen.org>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-11-28 22:33:57 +01:00
Hauke Mehrtens
889043a155 uboot-omap: Remove omap3_overo configuration
The configs/omap3_overo_defconfig file was removed from upstream U-Boot
in commit ed3294d6d1f9 ("arm: Remove overo board"). Remove it in OpenWrt
too. If someone needs this please add it also to upstream U-Boot.

This fixes the compile of the omap target.

Fixes: ffb807ec90 ("omap: update u-boot to 2021.07")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-11-28 22:26:27 +01:00
Daniel Golle
0a4f5d06c2
image: fix CONFIG_EXTERNAL_CPIO handling
CONFIG_EXTERNAL_CPIO is a string variable, hence testing for 'y'
doesn't make much sense here.

Fixes: 330bd380e8 ("image: allow building FIT and uImage with ramdisk")
Reported-by: Huangbin Zhan <zhanhb88@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-11-28 20:15:10 +00:00
Hauke Mehrtens
2f6c847eb7 kernel: Add extra kernel configuration options for omap
This fixes the build on omap.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-11-28 19:12:53 +01:00
Felix Matouschek
1cc3b95efc ipq40xx: Add support for Teltonika RUTX10
This patch adds support for the Teltonika RUTX10.
This device is an industrial DIN-rail router with 4 ethernet ports,
2.4G/5G dualband WiFi, Bluetooth, a USB 2.0 port and two GPIOs.

The RUTX series devices are very similiar so common parts of the DTS
are kept in a DTSI file. They are based on the QCA AP-DK01.1-C1 dev
board.

See https://teltonika-networks.com/product/rutx10 for more info.

Hardware:
  SoC:                 Qualcomm IPQ4018
  RAM:                 256MB DDR3
  SPI Flash 1:         XTX XT25F128B (16MB, NOR)
  SPI Flash 2:         XTX XT26G02AWS (256MB, NAND)
  Ethernet:            Built-in IPQ4018 (SoC, QCA8075), 4x 10/100/1000 ports
  WiFi 1:              Qualcomm QCA4019 IEEE 802.11b/g/n
  Wifi 2:              Qualcomm QCA4019 IEEE 802.11a/n/ac
  USB Hub:             Genesys Logic GL852GT
  Bluetooth:           Qualcomm CSR8510 (A10U)
  LED/GPIO controller: STM32F030 with custom firmware
  Buttons:             Reset button
  Leds:                Power (green, cannot be controlled)
                       WiFi 2.4G activity (green)
                       WiFi 5G activity (green)

MACs Details verified with the stock firmware:
   eth0:             Partition 0:CONFIG Offset: 0x0
   eth1:             = eth0 + 1
   radio0 (2.4 GHz): = eth0 + 2
   radio1 (5.0 GHz): = eth0 + 3
Label MAC address is from eth0.

The LED/GPIO controller needs a separate kernel driver to function.
The driver was extracted from the Teltonika GPL sources and can be
found at following feed: https://github.com/0xFelix/teltonika-rutx-openwrt

USB detection of the bluetooth interface is sometimes a bit flaky. When
not detected power cycle the device. When the bluetooth interface was
detected properly it can be used with bluez / bluetoothctl.

Flash instructions via stock web interface (sysupgrade based):
  1. Set PC to fixed ip address 192.168.1.100
  2. Push reset button and power on the device
  3. Open u-boot HTTP recovery at http://192.168.1.1
  4. Upload latest stock firmware and wait until the device is rebooted
  5. Open stock web interface at http://192.168.1.1
  6. Set some password so the web interface is happy
  7. Go to firmware upgrade settings
  8. Choose
     openwrt-ipq40xx-generic-teltonika_rutx10-squashfs-nand-factory.ubi
  9. Set 'Keep settings' to off
  10. Click update, when warned that it is not a signed image proceed

Return to stock firmware:
  1. Set PC to fixed ip address 192.168.1.100
  2. Push reset button and power on the device
  3. Open u-boot HTTP recovery at http://192.168.1.1
  4. Upload latest stock firmware and wait until the device is rebooted

Note: The DTS expects OpenWrt to be running from the second rootfs
partition. u-boot on these devices hot-patches the DTS so running from the
first rootfs partition should also be possible. If you want to be save follow
the instructions above. u-boot HTTP recovery restores the device so that when
flashing OpenWrt from stock firmware it is flashed to the second rootfs
partition and the DTS matches.

Signed-off-by: Felix Matouschek <felix@matouschek.org>
2021-11-28 18:39:01 +01:00
Matthew Hagan
67f5201276 ipq806x: add support for Cisco Meraki MR42/MR52
The MR42 and MR52 are two similar IPQ806x based devices from the Cisco
Meraki "Cryptid" series.

  MR42 main features:
  -  IPQ8068 1.4GHz
  -  512MB RAM
  -  128MB NAND
  -  2x QCA9992 (2.4 & 5GHz)
  -  1x QCA9889 (2.4 & 5GHz)
  -  1x AR8033 PHY
  -  PoE/AC power

  MR52 main features:
  -  IPQ8068 1.4GHz
  -  512MB RAM
  -  128MB NAND
  -  2x QCA9994 (2.4 & 5GHz)
  -  1x QCA9889 (2.4 & 5GHz)
  -  2x AR8033 PHYs
  -  PoE/AC power

(MR42 Only) Installation via diagnostic mode:

If you can successfully complete step 1 then you can continue to install
via this method without having to open the device. Otherwise please use
the standard UART method. Please note that when booting via TFTP, some
Ethernet devices, in particular those on laptops, will not connect in
time, resulting in TFTP boot not succeeding. In this instance it is
advised to connect via a switch.

  1. Hold down reset at power on and keep holding, after around 10 seconds
     if the orange LED changes behaviour to begin flashing, proceed to
     release reset, then press reset two times. Ensure that the LED has
     turned blue. Note that flashing will occur on some devices, but it
     will not be possible to change the LED colour using the reset button.
     In this case it will still be possible to continue with this install
     method.

  2. Set your IP to 192.168.1.250. Set up a TFTP server serving
     mr42_u-boot.mbn and
     openwrt-ipq806x-generic-meraki_mr42-initramfs-fit-uImage.itb, obtained
     from [1].

  3. Use telnet and connect to 192.168.1.1. Run the following commands to
     install u-boot. Note that all these commands are critical, an error
     will likely render the device unusable.

     Option 3.1:
       If you are sure you have set up the TFTP server correctly you can
       run this script on the device. This will download and flash the
       u-boot image immediately:

       `/etc/update_uboot.sh 192.168.1.250 mr42_u-boot.mbn`

       Once completed successfully, power off the device.

     Option 3.2:
       If you are unsure the TFTP server is correctly set up you can
       obtain the image and flash manually:

       3.2.1. `cd /tmp`
       3.2.2. `tftp-hpa 192.168.1.250 -m binary -c get mr42_u-boot.mbn`
       3.2.3. Confirm file has downloaded correctly by comparing the
              md5sum:

            `md5sum mr42_u-boot.mbn`

       3.2.4. The following are the required commands to write the image.

            `echo 1 > /sys/devices/platform/msm_nand/boot_layout
             mtd erase /dev/mtd1
             nandwrite -pam /dev/mtd1 mr42_u-boot.mbn
             echo 0 > /sys/devices/platform/msm_nand/boot_layout`

          Important: You must observe the output of the `nandwrite`
          command. Look for the following to verify writing is occurring:

            `Writing data to block 0 at offset 0x0
             Writing data to block 1 at offset 0x20000
             Writing data to block 2 at offset 0x40000`

          If you do not see this then do not power off the device. Check
          your previous commands and that mr42_u-boot.mbn was downloaded
          correctly. Once you are sure the image has been written you
          can proceed to power off the device.

  4. Hold the reset button and power on the device. This will immediately
     begin downloading the appropriate initramfs image and boot into it.

     Note: If the device does not download the initramfs, this is likely
     due to the interface not being brought up in time. Changing Ethernet
     source to a router or switch will likely resolve this. You can also
     try manually setting the link speed to 10Mb/s Half-Duplex.

  5. Once a solid white LED is displayed on the device, continue to the
     UART installation method, step 6.

Standard installation via UART - MR42 & MR52

  1. Disassemble the device and connect a UART header. The header pinout
     is as follows:

       1 - 3.3v
       2 - TXD
       3 - RXD
       4 - GND

     Important: You should only connect TXD, RXD and GND. Connecting
     3.3v may damage the device.

  2. Set your IP to 192.168.1.250. Set up a TFTP server serving
     openwrt-ipq806x-generic-meraki_(mr42|mr52)-initramfs-fit-uImage.itb.
     Separately obtain the respective sysupgrade image.

  3. Run the following commands, preferably from a Linux host. The
     mentioned files, including ubootwrite.py and u-boot images, can be
     obtained from [1].

       `python ubootwrite.py --write=(mr42|mr52)_u-boot.bin`

     The default for "--serial" option is /dev/ttyUSB0.

  4. Power on the device. The ubootwrite script will upload the image to
     the device and launch it. The second stage u-boot will in turn load
     the initramfs image by TFTP, provided the TFTP server is running
     correctly. This process will take about 13 minutes. Once a solid
     white LED is displayed, the image has successfully finished
     loading. Note: If the image does not load via TFTP, try again with
     the Ethernet link to 10Mb/s Half-Duplex.

  5. (MR42 only) Do not connect over the network. Instead connect over
     the UART using minicom or similar tool. To replace u-boot with
     the network enabled version, please run the following commands.
     Note that in the provided initramfs images, the u-boot.mbn file
     is located in /root:

     If you have not used the provided initramfs, you must ensure you
     are using an image with "boot_layout" ECC configuration enabled in
     the Kernel. This will be version 5.10 or higher. If you do not do
     this correctly the device will be bricked.

       `insmod mtd-rw i_want_a_brick=1
        mtd erase /dev/mtd8
        nandwrite -pam /dev/mtd8 /root/mr42_u-boot.mbn`

     After running nandwrite, ensure you observe the following output:

       `Writing data to block 0 at offset 0x0
        Writing data to block 1 at offset 0x20000
        Writing data to block 2 at offset 0x40000`

  6. (Optional) If you have no further use for the Meraki OS, you can
     remove all other UBI volumes on ubi0 (mtd11), including diagnostic1,
     part.old, storage and part.safe. You must not remove the ubi1 ART
     partition (mtd12).

       `for i in diagnostic1 part.old storage part.safe ; do
        ubirmvol /dev/ubi0 -N $i
        done`

  7. Proceed to flash the sysupgrade image via luci, or else download or
     scp the image to /tmp and use the sysupgrade command.

[1] The mentioned images and ubootwrite.py script can be found in this repo:
    https://github.com/clayface/openwrt-cryptid

[2] The modified u-boot sources for the MR42 and MR52 are available:
    https://github.com/clayface/U-boot-MR52-20200629

Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2021-11-28 17:51:52 +01:00
Matthew Hagan
6e5b8c6300 ipq806x: add gsbi2_i2c label
gsbi2_i2c is used by the Meraki MR42 so we need to expose a label here.

Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2021-11-28 17:51:52 +01:00
Matthew Hagan
771691ec83 ipq806x: backport GMAC_AHB_RESET deassert patches
Add backports of the following patches:
"net: stmmac: explicitly deassert GMAC_AHB_RESET" and
"ARM: dts: qcom: add ahb reset to ipq806x-gmac"
Required for Meraki MR42/MR52.

Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2021-11-28 17:51:52 +01:00
Matthew Hagan
cef420e8f7 ipq806x: add GSBI nodes to ipq8064-dtsi-addidions
Rather than having separate patches for each GSBI node added, this patch
consolidates the existing GSBI1 patch into
083-ipq8064-dtsi-additions.patch. In addition, GSBI6 and GSBI7 I2C nodes,
required for the MR42 and MR52 respectively, are added.

Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2021-11-28 17:41:18 +01:00
Matthew Hagan
529eac5371 kernel: add back kmod-leds-tlc591xx
Add back support for the TLC591xx series LEDs which are used in the
ipq806x-based Meraki Cryptid series devices.

This module previously existed for the mvebu platform but was removed
at commit f849c2c832 due to being enabled
in that platform's kernel config.

Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2021-11-28 17:41:18 +01:00
Robert Marko
3ad229db0b ipq40xx: add support for MikroTik hAP ac3
This adds support for the MikroTik RouterBOARD RBD53iG-5HacD2HnD
(hAP ac³), a  indoor dual band, dual-radio 802.11ac
wireless AP with external omnidirectional antennae, USB port, five
10/100/1000 Mbps Ethernet ports and PoE passthrough.

See https://mikrotik.com/product/hap_ac3 for more info.

Specifications:
 - SoC: Qualcomm Atheros IPQ4019
 - RAM: 256 MB
 - Storage: 16 MB NOR + 128 MB NAND
 - Wireless:
   · Built-in IPQ4019 (SoC) 802.11b/g/n 2x2:2, 3 dBi antennae
   · Built-in IPQ4019 (SoC) 802.11a/n/ac 2x2:2, 5.5 dBi antennae
 - Ethernet: Built-in IPQ4019 (SoC, QCA8075) , 5x 1000/100/10 port,
             passive PoE in, PoE passtrough on port 5
- 1x USB Type A port

Installation:
1. Boot the initramfs image via TFTP
2. Run "cat /proc/mtd" and look for "ubi" partition mtd device number, ex. "mtd1"
3. Use ubiformat to remove MikroTik specific UBI volumes
* Detach the UBI partition by running: "ubidetach -d 0"
* Format the partition by running: "ubiformat /dev/mtdN -y"
Replace mtdN with the correct mtd index from step 2.
3. Flash the sysupgrade image using "sysupgrade -n"

Signed-off-by: Robert Marko <robimarko@gmail.com>
Tested-by: Mark Birss <markbirss@gmail.com>
Tested-by: Michael Büchler <michael.buechler@posteo.net>
Tested-by: Alex Tomkins <tomkins@darkzone.net>
2021-11-28 17:19:52 +01:00
Robert Marko
f2c4064ecb base-files: dont always create kernel UBI volume
Currently nand_upgrade_tar() will pass the kernel length
to nand_upgrade_prepare_ubi() in all cases except for when
the kernel is to be installed in a separate partition as a
binary with the MTD tool.

While this is fine for almost all cases newer MikroTik NAND
devices like hAP ac3 require the kernel to be installed as a
UBIFS packed UBI volume in its own partition.

So, since we have a custom recipe to use ubiformat to flash
the kernel in its partition it makes no sense for sysupgrade
to also install the kernel as a UBI volume in the "ubi"
partition as it only wastes space and will never be used.

So, simply check whether CI_KERNPART is set to "none" and
if so unset the "has_kernel" variable which will in turn
prevent the kernel length from being passed on and then
the kernel UBI volume wont be created for no usefull purpose.

The ath79 MikroTik NAND target has been setting CI_KERNPART
to "none" for a while now altough that was not preventing
the kernel to be installed as UBI volume as well.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2021-11-28 17:17:22 +01:00
Robert Marko
1fbc9c5e4d build: image: add command to ubinize the kernel image
Newer NAND devices from MikroTik like the hAP ac3
require the kernel to be packed into UBIFS and then
ubinized.

So, since the ubinize-image.sh script can now ubinize
kernel only as well lets add a command for it.

This now allows calling ubinize-kernel in the kernel
packaging at then end.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2021-11-28 17:17:22 +01:00
Robert Marko
6db4a0372a build: image: explicitly pass --rootfs to append-ubi
Rootfs is now optional in ubinize-image.sh and
requires --rootfs flag instead of just passing the
rootfs image as the argument before ubinize opts.

So, simply add --rootfs flag before the $(IMAGE_ROOTFS).

Signed-off-by: Robert Marko <robimarko@gmail.com>
2021-11-28 17:17:22 +01:00
Robert Marko
5a305e429f scripts: ubinize-image: make rootfs optional
Currently ubinize-image script always expects the
rootfs image to be passed and a volume for it created.

So, to allow only ubinizing a kernel for example which
the MikroTik hAP ac3 and other new NAND devices from
MikroTik require make rootfs an optional parameter like
kernel.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2021-11-28 17:17:22 +01:00
Robert Marko
da3261e57c build: image: add UBIFS kernel packer
This allows packing the kernel into UBIFS like newer
MikroTik NAND devices require.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2021-11-28 17:17:22 +01:00
John Audia
81995a5e77 kernel: bump 5.4 to 5.4.162
All patches automatically rebased.

Build system: x86_64
Build-tested: ramips/mt7621*

*I am hit with the binutils 2.37 bug so I had to revert 7f1edbd412
in order to downgrade to 2.35.1

Signed-off-by: John Audia <graysky@archlinux.us>
2021-11-28 16:32:45 +01:00
John Audia
bbdc13b15b kernel: bump 5.4 to 5.4.161
Removed upstreamed:
    ath79/patches-5.4/921-serial-core-add-support-for-boot-console-with-arbitr.patch[1]

Manually rebased:
    layerscape/patches-5.4/804-crypto-0016-MLKU-114-1-crypto-caam-reduce-page-0-regs-access-to-.patch
    octeontx/patches-5.4/0004-PCI-add-quirk-for-Gateworks-PLX-PEX860x-switch-with-.patch

All other patches automatically rebased.

1. Private email exchange with patch author, Hauke Mehrtens

Signed-off-by: John Audia <graysky@archlinux.us>
2021-11-28 16:32:45 +01:00
Hannu Nyman
26a7a385bb ath10k-ct: update version to fix DFS for VHT160
Update ath10k-ct to get the upstream fix for
DFS support for VHT160 in the 5.15 based ath10k-ct.
(Switch from 5.10 to 5.15 surfaced the upstream regression.)

* refresh one patch

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2021-11-28 13:57:41 +01:00
Christian Lamparter
a662d8550f gemini: try fis-index-block with 128 KiB sectors
Steven Maddox reported in the OpenWrt bugzilla, that his
RaidSonic IB-NAS4220-B was no longer booting with the new
OpenWrt 21.02 (uses linux 5.10's device-tree). However, it was
working with the previous OpenWrt 19.07 series (uses 4.14).

(This is still under investigation.)

Bugzilla: https://bugs.openwrt.org/index.php?do=details&task_id=4137
Reported-by: Steven Maddox <s.maddox@lantizia.me.uk>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-28 01:13:08 +01:00
Christian Lamparter
c3b9d0d1e2 ipq40xx: utilize nvmem on Netgear EX61X0 v2 Series
the Netgear EX6100v2 and EX6150v2 can utilize the nvmem
for the pre-calibration and mac-address for both WIFI
devices.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-28 01:13:08 +01:00
Christian Lamparter
297bceeecf ath79: convert TP-Link Archer C7v1/2 Wifis to nvmem-cells
For v2, both ath9k (2.4GHz Wifi) and ath10k (5 GHz) driver now
pull the (pre-)calibration data from the nvmem subsystem. v1
is slightly different as only the ath9k Wifi is supported.

This allows us to move the userspace caldata extraction
and mac-address patching for the 5GHZ ath10k supported
wifi into the device-tree definition of the device.

ath9k's nodes are also changed over to use nvmem-cells
over OpenWrt's custom mtd-cal-data property.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-28 01:13:08 +01:00
Christian Lamparter
49d400191d ath10k: support nvmem-cells for (pre-)calibration
refreshes mac80211 + ath10k-ct patches.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-28 01:13:08 +01:00
Christian Lamparter
dd7d4703e9 mpc85xx: backport "fix oops when CONFIG_FSL_PMC=n"
Martin Kennedy reported:
|Presently, I get this kernel panic on mpc85xx (Aerohive HiveAP 370)
|on OpenWrt 'master' which occurs right as the second processor is
|initialized:
|
|[    0.478804] rcu: Hierarchical SRCU implementation.
|[    0.535569] dyndbg: Ignore empty _ddebug table in a CONFIG_DYNAMIC_DEBUG_CORE build
|[    0.627233] smp: Bringing up secondary CPUs ...
|[    0.681659] kernel tried to execute user page (0) - exploit attempt? (uid: 0)
|[    0.766618] BUG: Unable to handle kernel instruction fetch (NULL pointer?)
|[    0.848899] Faulting instruction address: 0x00000000
|[    0.908273] Oops: Kernel access of bad area, sig: 11 [#1]
|[    0.972851] BE PAGE_SIZE=4K SMP NR_CPUS=2 P1020 RDB
|[    1.031179] Modules linked in:
|[    1.067640] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.10.80 #0
|[    1.139507] NIP:  00000000 LR: c0021d2c CTR: 00000000
|[    1.199921] REGS: c1051cf0 TRAP: 0400   Not tainted  (5.10.80)
|[...]
|[    1.758220] NIP [00000000] 0x0
|[    1.794688] LR [c0021d2c] smp_85xx_kick_cpu+0xe8/0x568
|[    1.856126] Call Trace:
|[    1.885295] [c1051da8] [c0021cb8] smp_85xx_kick_cpu+0x74/0x568 (unreliable)
|[    1.968633] [c1051de8] [c0011460] __cpu_up+0xc0/0x228
|[    2.029038] [c1051e18] [c0031bbc] bringup_cpu+0x30/0x224
|[    2.092572] [c1051e48] [c0031f3c] cpu_up.constprop.0+0x180/0x33c
|[..]
|[    2.727952] ---[ end trace 9b796a4bafb6bc14 ]---
|[    3.800879] Kernel panic - not syncing: Fatal exception
|[    3.862353] Rebooting in 1 seconds..
|[    5.905097] System Halted, OK to turn off power
|
|I bisected this down to commit 3ae5da5adc ("kernel: bump 5.10 to 5.10.80");
|that is, I don't get the panic right before this commit, but I do after.

He reported the issue upstream and Xiaoming Ni from huawei came up with
the patch (that is on it's way to upstream). While the AP370 is not in
Openwrt, this will likely affect other SMP P1020 devices OpenWrt ships
with: like the AP330, Enterasys WS-AP3710i, etc.

Reported-by: Martin Kennedy <hurricos@gmail.com>
Tested-by: Martin Kennedy <hurricos@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-28 01:13:01 +01:00
Christian Lamparter
a5b80dd487 ipq40xx: purge clk_ignore_unused bootarg
these flags have been creeping in from the QSDK.
All needed clocks should be accounted for, and
if a device is broken due to this. It should be
looked into.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-27 23:56:29 +01:00
Christian Lamparter
db7a392ade ipq40xx: update 105-ipq40xx-fix-sleep-clock.patch
Bjorn Anderson has suggestions which would help to upstream the patch.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-27 23:56:29 +01:00
Mathias Kresin
b7befd8d81 uboot-lantiq: danube: fix hanging lzma kernel uncompression #2
Follow up to commit 565b62cca2. Managed to
hit the very same issue again while playing with the NOR SPL builds.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2021-11-27 21:49:10 +01:00
Mathias Kresin
6f5c27edd4 lantiq: set maximum kernel size for P2812HNUF3
The board has a fixed size kernel partition but do not limit the kernel
size during image building.

Disable image building for both boards as well, since the kernel of the
last release as well as master are to big to fit into the 2 MByte kernel
partition.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2021-11-27 21:45:06 +01:00
Aleksander Jan Bajkowski
1c68494f67 lantiq: drop kernel 5.4 support
The current state of the kernel 5.4 support is in the openwrt-21.02
branch. No need to keep a not default used kernel in this branch.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [VRX268/ bthub5]
2021-11-27 21:45:04 +01:00
Aleksander Jan Bajkowski
2f3331ea7f lantiq: switch to kernel 5.10
Use kernel 5.10 by default.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [VRX268/ bthub5]
2021-11-27 21:40:12 +01:00
Mathias Kresin
9764968bba lantiq: ar7: use okli loader for FRITZ!Box
With Kernel 5.10 the ar7 FRITZ!Box are not booting the initramfs nor the
sysupgrade image any more. Presumably due to the grown kernel.

Use the okli preloader to workaround the bootloader issue. No solution
so far for the initramfs.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2021-11-27 21:40:12 +01:00