Commit Graph

58272 Commits

Author SHA1 Message Date
Christian Marangi
85d1b43be4
hostapd: permit 40MHz in 802.1s only also for 2.4GHz g/n with noscan
Currently for 802.1s only, for wifi 2.4GHz in g/n mode, 40MHz is never
permitted.

This is probably due to the complexity of setting periodic check for the
intolerant bit. When noscan option is set, we ignore the presence of the
intoleran bit in near AP, so we can enable 40MHz and ignore any complex
logic for checking.

Fixes: #13112
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 6c9ac57d58)
2023-11-09 16:10:26 +01:00
Christian Marangi
1cab0d74b3
hostapd: permit also channel 7 for 2.5GHz to be set to HT40PLUS
Also channel 7 for 2.4GHz can be set to HT40PLUS. Permit this and add it
to the list of the channels.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit b1c7b1bd67)
2023-11-09 16:10:26 +01:00
Christian Marangi
c9e8453de7
hostapd: fix broke noscan option for mesh
noscan option for mesh was broken and actually never applied.

This is caused by a typo where ssid->noscan value is check instead of
conf->noscan resulting in the logic swapped and broken.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 1b5ea2e199)
2023-11-09 16:10:26 +01:00
Christian Marangi
2ef625e769
mac80211: fix not set noscan option for wpa_supplicant
noscan option was changed to hostapd_noscan but the entry in
wpa_supplicant was never updated resulting in the noscan option actually
never set.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 1070fbce6e)
2023-11-09 16:10:25 +01:00
Hauke Mehrtens
5106f554bb px5g-wolfssl: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.

OpenSSL does this in the same way already.

With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.*
-rw-r--r--    1 root     root           749 Nov  6 23:14 /etc/uhttpd.crt
-rw-------    1 root     root           121 Nov  6 23:14 /etc/uhttpd.key

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6aad5ab099)
2023-11-08 19:04:11 +01:00
Hauke Mehrtens
6fd16b0d27 px5g-mbedtls: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.

OpenSSL does this in the same way already.

With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.crt /etc/uhttpd.key
-rw-r--r--    1 root     root           519 Nov  6 22:58 /etc/uhttpd.crt
-rw-------    1 root     root           121 Nov  6 22:58 /etc/uhttpd.key

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 929c9a58c9)
2023-11-08 19:04:11 +01:00
Felix Fietkau
6de0e0d01a hostapd: use rtnl to set up interfaces
In wpa_supplicant, set up wlan interfaces before adding them

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit c2a30b6e01)
2023-11-08 12:47:46 +01:00
Felix Fietkau
bbfb920e99 wifi: fix applying mesh parameters when wpa_supplicant is in use
Apply them directly using nl80211 after setting up the interface.
Use the same method in wdev.uc as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 531314260d)
2023-11-08 12:47:42 +01:00
Felix Fietkau
f780cfb92f netifd: update to the latest version
383753dd65ae device/bridge: support passing extra vlans in the device_set_state call
b6e75eafc1af device: send notifications for device events via ubus
cab415c7aefd bridge: add auth-required bridge members with auth_status=0 if vlan is enabled
827a02f0343c bridge: add support for configuring vlans for auth=1,auth_status=false
40ed7363caf2 device: fix build error on 32 bit systems
516ab774cc16 system-linux: fix race condition on bringing up wireless devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 41d7439af5)
2023-11-08 12:47:34 +01:00
Tianling Shen
d3c193525e mediatek: add CMCC RAX3000M support
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: 64GB eMMC or 128 MB SPI-NAND
  RAM: 512MB
  Ethernet: 4x 10/100/1000 Mbps
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, Mesh
  Power: DC 12V 1A
- UART: 3.3v, 115200n8
  --------------------------
  |         Layout         |
  |   -----------------    |
  | 4 | GND TX VCC RX | <= |
  |   -----------------    |
  --------------------------

Gain SSH access:
1. Login into web interface, and download the configuration.
2. Enter fakeroot, decompress the configuration:
   tar -zxf cfg_export_config_file.conf
3. Edit 'etc/config/dropbear', set 'enable' to '1'.
4. Edit 'etc/shadow', update (remove) root password:
   'root::19523:0:99999:7:::'
5. Repack 'etc' directory:
   tar -zcf cfg_export_config_file.conf etc/
   * If you find an error about 'etc/wireless/mediatek/DBDC_card0.dat',
     just ignore it.
6. Upload new configuration via web interface, now you can SSH to RAX3000M.

Check stroage type:
Check the label on the back of the device:
"CH EC CMIIT ID: xxxx" is eMMC version
"CH    CMIIT ID: xxxx" is NAND version

eMMC Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'factory' part.
   ('data' partition can be ignored, it's useless.)
2. Write new GPT table:
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-gpt.bin of=/dev/mmcblk0 bs=512 seek=0 count=34 conv=fsync
3. Erase and write new BL2:
   echo 0 > /sys/block/mmcblk0boot0/force_ro
   dd if=/dev/zero of=/dev/mmcblk0boot0 bs=512 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-preloader.bin of=/dev/mmcblk0boot0 bs=512 conv=fsync
4. Erase and write new FIP:
   dd if=/dev/zero of=/dev/mmcblk0 bs=512 seek=13312 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-bl31-uboot.fip of=/dev/mmcblk0 bs=512 seek=13312 conv=fsync
5. Set static IP on your PC:
   IP 192.168.1.254, GW 192.168.1.1
6. Serve OpenWrt initramfs image using TFTP server.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt has booted, perform sysupgrade.
9. Additionally, if you want to have eMMC recovery boot feature:
     (Don't worry! You will always have TFTP recovery boot feature.)
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb of=/dev/mmcblk0p4 bs=512 conv=fsync

NAND Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'Factory' part.
2. Erase and write new BL2:
   mtd erase BL2
   mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin BL2
3. Erase and write new FIP:
   mtd erase FIP
   mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip FIP
4. Set static IP on your PC:
   IP 192.168.1.254, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, erase UBI volumes:
   ubidetach -p /dev/mtd0
   ubiformat -y /dev/mtd0
   ubiattach -p /dev/mtd0
8. Create new ubootenv volumes:
   ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
   ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
9. Additionally, if you want to have NAND recovery boot feature:
     (Don't worry! You will always have TFTP recovery boot feature.)
   ubimkvol /dev/ubi0 -n 2 -N recovery -s 20MiB
   ubiupdatevol /dev/ubi0_2 openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb
10. Perform sysupgrade.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 423186d7d8)
[rebased to 23.05]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-11-07 00:46:00 +01:00
Tianling Shen
429715a237 uboot-mediatek: add support for CMCC RAX3000M
The OEM U-Boot uses dual boot and signature verification which does not
support by OpenWrt. So add a custom U-Boot build for OpenWrt.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit fddd735dd5)
2023-11-07 00:45:43 +01:00
Tianling Shen
b209f45640 arm-trusted-firmware-mediatek: add emmc/spim-nand ddr4 build for mt7981
They will be used on CMCC RAX3000M.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 7d8ffe941d)
2023-11-07 00:43:33 +01:00
Mikhail Zhilkin
04cde73d56 treewide: fix MERCUSYS brand spelling
This commit fixes MERCUSYS brand spelling. The proper name is capitalized.

Link: https://www.mercusys.com/
Link: https://github.com/torvalds/linux/blob/master/drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c#L7779

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
(cherry picked from commit 45a50a06fb)
2023-11-07 00:40:00 +01:00
Hauke Mehrtens
3223f31fd3 mbedtls: Activate secp521r1 curve by default
Activate the secp521r1 ecliptic curve by default. This curve is allowed
by the CA/Browser forum, see
https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-v2.0.1-redlined.pdf#page=110

This increases the size of libmbedtls12_2.28.5-1_aarch64_generic.ipk by
about 400 bytes:
Without:
252,696 libmbedtls12_2.28.5-1_aarch64_generic.ipk
With:
253,088 libmbedtls12_2.28.5-2_aarch64_generic.ipk

Fixes: #13774
Acked-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3c17cdbc36)
2023-11-07 00:37:20 +01:00
Petr Štetiar
cfadbc090c
image: fix image generation within ImageBuilder
Changes introduced in commit d604a07225 ("build: add CycloneDX SBOM
JSON support") broke ImageBuilder:

  Cannot open '/openwrt-imagebuilder-ath79-generic.Linux-x86_64/tmp/.packageinfo': No such file or directory

So lets fix it by wrapping the BOM generation behind condition of IB
feature check.

Fixes: #13881
Fixes: d604a07225 ("build: add CycloneDX SBOM JSON support")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c4259a6586)
2023-11-06 12:04:53 +00:00
Koen Vandeputte
7c43ced160 libnl: add support for cli
Some packages (like wavemon >= 0.9.4) depend on libnl-cli. Add support
for this part of the lib. libnl-cli itself depends on libnl-genl and
libnl-nf. On MIPS, this component adds 81kB.

Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
(punctuation correction and reorganisation of commit message)
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 4bdd1c1a13)
2023-11-05 12:22:47 +01:00
David Bauer
ec54022549 mediatek: add label-mac for GL.iNet GL-MT3000
The MAC-address of gmac0 matches the one printed on the bottom label.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit ae500e62e2)
2023-11-04 02:45:23 +01:00
Kevin Darbyshire-Bryant
610ae4d344 odhcpd: Bump to latest commits
d8118f6 config: make sure timer is not on the timeouts list before freeing
4bbc6e7 add hostsfile output in addition to statefile

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 0221b86032)
2023-11-03 08:27:52 +01:00
Nicolò Veronese
8ed934f371
uboot-mediatek: fix global pll clock override on mtk_spim
With patch 101-03-spi-mtk_spim-get-spi-clk-rate-only-once.patch
 a new system to calculate the SPI clocks has been added.

Unfortunately, the do_div macro overrides the global
 priv->pll_clk_rate field. This will cause to have a reduced
 clock rate on each subsequent SPI call.

Signed-off-by: Valerio 'ftp21' Mancini <ftp21@ftp21.eu>
Signed-off-by: Nicolò Veronese <nicveronese@gmail.com>
(cherry picked from commit 8849ccb995)
2023-11-03 04:13:33 +01:00
Sandro Jäckel
250ab7b7a5 build: fix pkg-config detection when inside of a nix-shell
The output of command_all when inside a nix-shell looks like the below
where /usr does not match:

 ➜ scripts/command_all.sh pkg-config
/nix/store/ifr6srqgpvygd5vp14748d109ri31isv-pkg-config-wrapper-0.29.2/bin/pkg-config

Signed-off-by: Sandro Jäckel <sandro.jaeckel@gmail.com>
(cherry picked from commit 86ca7199df)
2023-11-02 22:40:40 +01:00
Petr Štetiar
592aacc3d9
ci: add workflow for automated GitHub release
Implement a GitHub Actions workflow for automated project releases.

The workflow triggers on Git tags, ensuring that a GitHub release is
created whenever a new tag is pushed.

That new release is going to be created in draft and pre-release mode
and needs to be manually promoted to the proper release, once its
decided, that its good enough and prepared.

This is a start of a streamlined and consistent release process for
GitHub, reducing manual intervention.

Acked-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 280d9dd758)
2023-11-02 14:44:49 +00:00
Petr Štetiar
65a10c8230
hostapd: fix broken WPS on broadcom-wl and ath11k
Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl/ath11k
based adapters. The reason for it is hostapd tries to install additional
IEs for scanning while the driver does not support this.

The kernel indicates the maximum number of bytes for additional scan IEs
using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and
only add additional scan IEs in case the driver can accommodate these
additional IEs.

Bug: http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
Bug-Debian: https://bugs.debian.org/1004524
Bug-ArchLinux: https://bugs.archlinux.org/task/73495
Upstream-Status: Changes Requested [https://patchwork.ozlabs.org/project/hostap/patch/20220130192200.10883-1-mail@david-bauer.net]
Reported-by: Étienne Morice <neon.emorice@mail.com>
Tested-by: Étienne Morice <neon.emorice@mail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 6dca88aa4a)
2023-11-02 14:44:48 +00:00
Petr Štetiar
21e5db97c4
build: add CycloneDX SBOM JSON support
CycloneDX is an open source standard developed by the OWASP foundation.
It supports a wide range of development ecosystems, a comprehensive set
of use cases, and focuses on automation, ease of adoption, and
progressive enhancement of SBOMs (Software Bill Of Materials) throughout
build pipelines.

So lets add support for CycloneDX SBOM for packages and images
manifests.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit d604a07225)
2023-11-02 14:44:47 +00:00
Petr Štetiar
4ef8899c7a
package-dumpinfo,metadata: add ABI version information to package index
There is no standard for ABI versioning, so its not possible to find out
from `libext2fs2`, `libiwinfo20230701` or `libss2` package names if
thats just package name or package name with ABI version included. To
help with the decision, lets make ABI version aviable in package index.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 649655f427)
2023-11-02 14:44:46 +00:00
Petr Štetiar
fdeb7d6dd0
package-metadata: add CPE information to JSON package manifests
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.

In order for the information to be processed further, it should also be
available in JSON package manifests.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 8562c65ff8)
2023-11-02 14:44:45 +00:00
Petr Štetiar
21552a955a
package-dumpinfo: add CPE information to package index
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.

In order for the information to be processed further, it should also be
available in package index files.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 33b3fea702)
2023-11-02 14:44:45 +00:00
Felix Fietkau
40203cdbde firewall4: update to the latest version
23a434d0d15d tests: fix expected test output
840ccdeeabce fw4: avoid emitting invalid rule jump targets
20da9933fd7e fw4: fix another instance of invalid rule jump targets
598d9fbb5179 fw4: remove special cases around hw flow offloading

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 7049ea9e95)
2023-11-02 12:11:38 +01:00
Jo-Philipp Wich
f34ccb10dd ucode: update to latest Git HEAD
cfb24ea build: avoid redefining _FORTIFY_SOURCE
448c763 lib: enforce consistent `index()` behavior with empty needle argument
cdc0203 nl80211: fix maybe uninitialized variable
a69b5c8 vm: fix unused result warning
ea046bd build: enable source fortification by default

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 262554f12cbcc4e3bea2440ce1e696ce8791e732)
2023-11-02 10:38:48 +01:00
Felix Fietkau
51b1d5950e ucode: fix build on macos
Remove ABI version, since its format is not accepted by the linker.
Enable rpath to avoid clash with system libraries

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 5eb8a21ba5)
2023-11-02 10:38:48 +01:00
Jo-Philipp Wich
b549880815 ucode: update to latest Git HEAD
- Introduces signal handling facilities
 - Fixes potentially incorrect object equality tests
 - Introduces debug library
 - Introduces log library
 - ABI version bump due to changed VM structure layout
 - Revised packaging

Changelog:

07c0317 jsdoc: switch to own custom theme
6ca08b0 jsdoc: properly handle indented documentation blocks
2a67f22 lib: add/improve documentation for require(), loadfile(), loadstring()
9993ccb uci: fix potential memory leaks in `configs()`
f56394f ci: re-trigger workflows on pull request pushes
1c18993 lib: various documentation fixes
d25dcb1 uci: add module documentation
4a8ece2 docs: use CSS and local JavaScript fixups to improve formatting
8f21cfa lib: introduce log library
8a3aefe build: auto-enable module depending on present libraries
6a01adc build: convert CMakeLists.txt into lowercase
8700665 ci: don't skip pull request workflows for `master` branch
0184d23 include: fix execvpe compat function on macOS
8b23884 uloop: rename environ variable to avoid clashing with system macro on macOS
7c209d7 types: ensure double serializatiion with decimal places
d150425 rtnl: update the link attr TODOs
d394174 rtnl: add IFLA_TARGET_NETNSID for operating in other namespaces
1227733 lib: fix documented return value for `splice()`
c9982de docs: add struct module documentation
7dde493 docs: add missing headline to debug module documentation
8f852ea types: improve comparison reliability of binary strings
6940c28 lib: introduce debug library
be07107 treewide: consolidate platform specific code in platform.c
2593270 uloop: interrupt on VM signals
97a5292 lib: add `signal()` stdlib function
1dbbb6a main: enable signal dispatching in the standalone cli interpreter
1623245 types: treat signal handler array as GC root
29b1c0d vm: introduce basic signal handling infrastructure
093684d fs: explicitly compare isatty() result
4f4f38f types: don't rely on implicit type conversion in ucv_compare()
4bee0ef docs: disable GitHub Jekyll post processing
5efb7a0 docs: further rework
33bc7bf docs: fix markup quirks
9d5e420 docs: add information about memory management and operator precedence
f1190ef docs: various improvements
f0cc841 fs: use `fseeko()` and `ftello()`
cba0c3c fs: complete function documentation coverage
f9260f7 github: drop superfluous CNAME file
c85bc74 Create CNAME
5309294 lib: add JSDoc documentation
b0f2f90 fs: add JSDoc documentation
fe086da math: add JSDoc documentation
70f9348 docs: add initial JSDoc infrastructure
24f1a56 source: fix source offset accounting
9df9160 lexer: don't count EOF token as newline
b9d8f06 ci: switch to official openwrt/gh-action-sdk

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit eacc885816)
2023-11-02 10:38:48 +01:00
Rafał Miłecki
41f27bbb6d bcm53xx: add the latest fix version of brcm_nvram
It was just sent for upstream.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 943bd3c9f6)
2023-11-02 09:45:16 +01:00
Rafał Miłecki
0dec0e0f19 kernel: fix mtd/NVMEM regression affecting U-Boot env NVMEM driver
Fixes: 20736013e9 ("kernel: backport nvmem v6.6 fixes and v6.7 changes")
Fixes: https://github.com/openwrt/openwrt/issues/13831
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit c997634c01)
2023-11-02 09:45:08 +01:00
Rafał Miłecki
20736013e9 kernel: backport nvmem v6.6 fixes and v6.7 changes
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b595670070)
2023-11-02 09:37:45 +01:00
Rafał Miłecki
066971615f kernel: backport v6.6 nvmem changes
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 52c365f055)
2023-11-02 09:37:19 +01:00
Rafał Miłecki
b649b0bf71 kernel: nvmem: fix "fixed-layout" & support "mac-base"
DT binding for MAC cells in fixed layout was upstream approved and
accepted. Add support for it. This can replace quite some of our
downstream hacks.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 61f674df4f)
2023-11-02 09:36:20 +01:00
Hauke Mehrtens
e465592155 urngd: update to version 2023-11-01
Fix compilation with glibc

44365eb Deactivate _FORTIFY_SOURCE in jitterentropy-base.c

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d62726b1e4)
2023-11-01 22:22:45 +01:00
Jianhui Zhao
1157b8c1f1 uboot-mediatek: fix determine the size of an uImage.FIT using 'imsz' or 'imszb'.
It must read the entire image for previous code of 'imsz' or 'imszb'.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Suggested-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit 3bbc1d5fba)
2023-10-31 22:18:19 +00:00
Daniel Golle
89184b15cf mediatek: add build for MT7981 RFB
Add build for the MTK3943 reference board for MT7981B+MT7976C.

**Hardware specification:**

 - SoC: MediaTek MT7981B 2x A53
 - Flash: various options
 - RAM: 256MB DDR3
 - Ethernet: 4 x 10/100/1000 Mbps via MT7531AE switch
        EITHER 1 x 10/100/1000 Mbps built-in PHY
            OR 1 x 10/100/1000/2500 Mbps MaxLinear GPY211C
 - Switch: MediaTek MT7531AE
 - WiFi: MediaTek MT7976C
 - Button: RST, WPS

**Flash instructions for SPIM-NAND:**
 - write *mt7981-rfb-spim-nand-preloader.bin to 'BL2' partition
 - write *mt7981-rfb-spim-nand-bl31-uboot.fip to 'FIP' partition
 - erase 'ubi' partition
 - reset board
 - create ubootenv and ubootenv2 UBI volumes in U-Boot
 - edit environment and set bootcmd, e.g.
   setenv bootconf 'config-1#mt7981-rfb-spim-nand#mt7981-rfb-mxl-2p5g-phy-eth1'
   setenv bootcmd 'ubi read $loadaddr fit; bootm $loadaddr#$bootconf'
 - load initramfs image via TFTP:
   setenv serverip 192.168.1.254
   setenv ipaddr 192.168.1.1
   setenv bootfile openwrt-mediatek-filogic-mediatek_mt7981-rfb-initramfs.itb
   saveenv ; saveenv
   tftpboot
   bootm $loadaddr#$bootconf
 - Now use sysupgrade to write OpenWrt firmware to flash.

SNFI-NAND, SPIM-NOR and eMMC all work very similar, a bootable SD card image
is also being generated. However, as the board I've been provided only comes
with SPIM-NAND all other boot media are untested.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ce7209bd21)
2023-10-31 22:16:53 +00:00
Daniel Golle
25bb84e273 uboot-mediatek: add build for mt7981 rfb
Improve and package builds for various boot media configurations of the
MediaTek MT7981 reference board.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 8428bed15d)
2023-10-31 22:16:53 +00:00
Daniel Golle
3f6e28e39c arm-trusted-firmware-mediatek: fix copy&paste error in Makefile
When adding builds for MT7981 the related Makefile sections for MT7986
have apparently been copied, but in one instance the rename from 7986 to
7981 has been omitted. Fix that now.

Fixes: 602cb4f325 ("arm-trusted-firmware-mediatek: add build for MT7981 DDR3")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit be6e257fe6)
2023-10-31 22:16:53 +00:00
Daniel Golle
958817b1c3 kernel: serial: 8250_mtk: track busclk state to avoid bus error
UARTs not used as boot console are currently broken on some MediaTek
targets due to register access depending on the bus clock being enabled.
Add patch to make sure this dependency is always met.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 9f62abbb60)
2023-10-31 22:16:52 +00:00
David Bauer
16fcad47a4 hostapd: fix OWE association with mbedtls
The code for hostapd-mbedtls did not work when used for OWE association.

When handling association requests, the buffer offsets and length
assumptions were incorrect, leading to never calculating the y point,
thus denying association.

Also when crafting the association response, the buffer contained the
trailing key-type.

Fix up both issues to adhere to the specification and make
hostapd-mbedtls work with the OWE security type.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 39341f422f)
2023-10-31 21:15:57 +01:00
Mikhail Zhilkin
6bb3c2eba8 ramips: enable wireless LEDs activity blinking for TP-Link EC330-G5u v1
This commit enables wireless LEDs activity blinking for TP-Link EC330-G5u
v1 router.

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
(cherry picked from commit 7666940efe)
2023-10-31 14:17:09 +01:00
Felix Fietkau
eaf44c5696 hostapd: do not trim trailing whitespace, except for newline
Fixes adding SSID or key with trailing whitespace

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a2d8226c4f)
2023-10-31 13:30:11 +01:00
Shiji Yang
220ab83cd1 ath79: increase the rfkill debounce interval for TP-Link Archer C7 v2
Due to circuit issue or silicon defect, sometimes the WiFi switch button
of the Archer C7 v2 can be accidentally triggered multiple times in one
second. This will cause WiFi to be unexpectedly shut down and trigger
'irq 23: nobody cared'[1] warning. Increasing the key debounce interval
to 1000 ms can fix this issue. This patch also add the missing rfkill
key label.

[1] Warning Log:
```
[87765.218511] irq 23: nobody cared (try booting with the "irqpoll" option)
[87765.225331] CPU: 0 PID: 317 Comm: irq/23-keys Not tainted 5.15.118 #0
...
[87765.486246] handlers:
[87765.488543] [<85257547>] 0x800c29a0 threaded [<5c6328a2>] 0x80ffe0b8 [gpio_button_hotplug@4cf73d00+0x1a00]
[87765.498364] Disabling IRQ #23
```

Fixes: https://github.com/openwrt/openwrt/issues/13010
Fixes: https://github.com/openwrt/openwrt/issues/12167
Fixes: https://github.com/openwrt/openwrt/issues/11191
Fixes: https://github.com/openwrt/openwrt/issues/7835

Tested-by: Hans Hasert
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit e32f70e706)
2023-10-31 00:44:03 +01:00
Shiji Yang
ed6e13649d ramips: fix Gigabit Ethernet port of the HiWiFi HC5861
HiWiFi HC5861 has a GbE port which connected to the RTL8211E PHY
chip. This patch adds the missing Realtek PHY driver package and
sets the correct external PHYs base address to make it work again.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit f025135f16)
2023-10-31 00:44:03 +01:00
Anari Jalakas
26164312b4 iptables: opt-out of lto usage
This fixes building with USE_LTO enabled.

<artificial>:(.text+0xc22): relocation R_MIPS16_26 against `libxt_DNAT_init' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol printf
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
(cherry picked from commit 5dbdf3bb3a)
2023-10-31 00:44:03 +01:00
Anari Jalakas
f1ea45f853 lua: opt-out of lto usage
This fixes building with USE_LTO enabled.

<artificial>:(.text+0xcc8): relocation R_MIPS16_26 against `luaL_argerror' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol strcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
(cherry picked from commit 246b97b607)
2023-10-31 00:44:03 +01:00
Anari Jalakas
1d5d149330 libsepol: opt-out of lto usage
This fixes building with USE_LTO enabled.

<artificial>:(.text+0x4194): relocation R_MIPS16_26 against `cil_printf.lto_priv.0' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol memcmp
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
(cherry picked from commit 1925a183a3)
2023-10-31 00:44:03 +01:00
Anari Jalakas
b5817d14c9 libselinux: opt-out of lto usage
This fixes building with USE_LTO enabled:

<artificial>:(.text.exit+0x6e): relocation R_MIPS16_26 against `pthread_key_delete' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol stpcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
(cherry picked from commit 2a33d26d21)
2023-10-31 00:44:03 +01:00