Commit Graph

60082 Commits

Author SHA1 Message Date
Christian Marangi
cb42c2e307
generic: 6.1: backport Aquantia PHY endianess patch
Backport Aquantia PHY endianess patch. While the current implementation
works ok for Little-Endian targets, backport patch to prevent any kind
of malfunction if in the future we will have Big-Endian target with
Aquantia PHYs.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-11 16:28:16 +01:00
Christian Marangi
0222e48d73
qualcommax: fix wrong PHY node definition for Buffalo WXR-5950AX12
Commit d737ae99cb ("qualcommax: Fix Buffalo WXR-5950AX12 Ethernet
DTS") reverted the switch bmp to the original OEM definition and
added the malibu_first_phy_addr property.

Problem is that OEM bmp definition is wrong and actually doesn't make sense,
probably caused by copy-paste of the QCOM reference DTS without actually
setting real values. What actually fixed the regression was adding the
malibu_first_phy_addr as without it the MALIBU PHY was actually not
correctly configured and the Aquantia PHY were actually configured as
MALIBU PHY.

Fix all these wrong PHY definition.

The BPM is reverted and the following fixes are applied:
- Drop ESS_PORT1 as it's not actually attached in HW.
- Move ESS_PORT5 AGAIN from lan to wan. This refer to the first Aquantia
  PHY that is labelled "wan"
- Move ESS_PORT6 AGAIN from wan to lan. This refer to the second
  Aquantia PHY that is labelled "lan1".

Also PHY tag in MDIO node are renumbered to start from 0 following the
tagging standard used also in other dts and the not attached one (reg
0x18 and reg 0x1c) are correctly dropped.

Definition for port@1 in phyinfo is dropped as it doesn't exist.

dp nodes are updated to reference the new PHY tag numbering.

Fixes: d737ae99cb ("qualcommax: Fix Buffalo WXR-5950AX12 Ethernet DTS")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-11 16:08:05 +01:00
David Bauer
b589434a0b mediatek: fix failsafe ethernet for NWA50AX Pro
The NWA50AX Pro only has a eth0 interface for its only ethernet port.
Use this port for preinit.

Fixes non-working network in failsafe mode.

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-02-11 14:44:10 +01:00
Shiji Yang
88d1322fcf ramips: mtk_eth_soc: fix NULL pointer dereference for syncp
u64_stats_init() has been unable to handle NULL pointer since
6.1 kernel. This patch fixes kernel oops on mt76x8 and rt305x
sub-target.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-11 12:21:41 +01:00
Shiji Yang
3b74ae780c uboot-envtools: backport some usefull patches from v2024.04-rc1
Highlights:
- Silence small page read warning.
- Autodetect NAND erase size and env sectors.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-11 10:48:59 +01:00
Shiji Yang
00586674e4 ramips: hsdma-mtk: fix build on 5.15 kernel
In the 5.15 kernel, we use the staging driver version instead of the
downstream file.

Fixes: 88d982e3bd ("ramips: 6.1: mt7621-dma: add hsdma driver to files")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-11 09:05:21 +00:00
Nick Hainke
7181eb9f81 ramips: add support for 6.1 kernel
Remove upstreamed patches:
- 000-v5.18-01-dt-bindings-reset-add-dt-binding-header-for-Mediatek.patch
- 000-v5.18-02-staging-mt7621-dts-align-resets-with-binding-documen.patch
- 001-v5.18-01-dt-bindings-clock-mediatek-mt7621-sysc-add-reset-cel.patch
- 001-v5.18-02-clk-ralink-make-system-controller-node-a-reset-provi.patch
- 002-v6.0-MIPS-ralink-mt7621-avoid-to-init-common-ralink-reset.patch
- 100-v5.16-PCI-mt7621-Add-MediaTek-MT7621-PCIe-host-controller-.patch
- 101-v5.17-PCI-mt7621-Rename-mt7621_pci_-to-mt7621_pcie_.patch
- 102-v5.17-PCI-mt7621-Declare-mt7621_pci_ops-static.patch
- 103-v5.17-PCI-mt7621-Move-MIPS-setup-to-pcibios_root_bridge_pr.patch
- 104-v5.17-PCI-mt7621-Drop-of_match_ptr-to-avoid-unused-variabl.patch
- 105-v5.17-PCI-mt7621-Remove-unused-function-pcie_rmw.patch
- 106-v5.17-PCI-Let-pcibios_root_bridge_prepare-access-bridge-wi.patch
- 107-v6.2-PCI-mt7621-Add-sentinel-to-quirks-table.patch
- 108-v6.3-PCI-mt7621-Delay-phy-ports-initialization.patch

Manually refresh:
- 006-v6.5-mips-ralink-introduce-commonly-used-remap-node-funct.patch
- 320-MIPS-add-support-for-buggy-MT7621S-core-detection.patch
- 405-mtd-spi-nor-Add-support-for-BoHong-bh25q128as.patch
- 410-mtd-rawnand-add-driver-support-for-MT7621-nand-flash.patch
- 805-pinctrl-AW9523.patch
- 825-i2c-MIPS-adds-ralink-I2C-driver.patch
- 830-mmc-MIPS-ralink-add-sdhci-for-mt7620a-SoC.patch

Automatically refresh:
- 200-add-ralink-eth.patch
- 314-MIPS-add-bootargs-override-property.patch
- 315-owrt-hack-fix-mt7688-cache-issue.patch
- 700-net-ethernet-mediatek-support-net-labels.patch
- 720-Revert-net-phy-simplify-phy_link_change-arguments.patch
- 721-NET-no-auto-carrier-off-support.patch
- 800-dmaengine-mediatek-add-HSDMA-support-for-mt7621.patch
- 802-GPIO-MIPS-ralink-add-gpio-driver-for-ralink-SoC.patch
- 810-uvc-add-iPassion-iP2970-support.patch
- 821-SPI-ralink-add-Ralink-SoC-spi-driver.patch
- 835-asoc-add-mt7620-support.patch
- 840-serial-add-ugly-custom-baud-rate-hack.patch
- 845-pwm-add-mediatek-support.patch
- 850-awake-rt305x-dwc2-controller.patch

Tested-by: Andre Heider <a.heider@gmail.com> # netgear,wac124
Tested-by: Andrey Jr. Melnikov <temnota.am@gmail.com> # Xiaomi Mi Router 3G
Tested-by: Timo Dorfner <timo.capa@gmail.com> # mt7621/mir3g mt7621/rm2100
Reviewed-by: Shiji Yang <yangshiji66@qq.com>
Co-Developed-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-10 13:06:05 +01:00
Mieczyslaw Nalewaj
cc4d01cd60 ramips: 6.1: ralink: fix ethernet driver with 6.1
Fixes errors in the form of:
  make[9]: Entering directory '/home/nick/openwrt/build_dir/target-mipsel_24kc_musl/linux-ramips_mt7620/linux-6.1.77'
    CC      drivers/net/ethernet/ralink/mtk_eth_soc.o
  drivers/net/ethernet/ralink/mtk_eth_soc.c: In function 'fe_init':
  drivers/net/ethernet/ralink/mtk_eth_soc.c:1368:51: warning: passing argument 2 of 'of_get_mac_address' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
   1368 |         of_get_mac_address(priv->dev->of_node, dev->dev_addr);
        |                                                ~~~^~~~~~~~~~
  In file included from drivers/net/ethernet/ralink/mtk_eth_soc.c:26:
  ./include/linux/of_net.h:16:59: note: expected 'u8 *' {aka 'unsigned char *'} but argument is of type 'const unsigned char *'
     16 | extern int of_get_mac_address(struct device_node *np, u8 *mac);
        |                                                       ~~~~^~~
  drivers/net/ethernet/ralink/mtk_eth_soc.c: In function 'fe_probe':
  drivers/net/ethernet/ralink/mtk_eth_soc.c:1641:9: error: too many arguments to function 'netif_napi_add'
   1641 |         netif_napi_add(netdev, &priv->rx_napi, fe_poll, napi_weight);
        |         ^~~~~~~~~~~~~~
  In file included from ./include/linux/etherdevice.h:21,
                   from drivers/net/ethernet/ralink/mtk_eth_soc.c:21:
  ./include/linux/netdevice.h:2611:1: note: declared here
   2611 | netif_napi_add(struct net_device *dev, struct napi_struct *napi,
        | ^~~~~~~~~~~~~~

Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
[split commit and rewrite commit message]
Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-10 13:06:05 +01:00
Mieczyslaw Nalewaj
10452ea407 ramips: 6.1: spi: fix patch by replacing cs_gpio with cs_gpiod
Upstream commit f48dc6b96649 ("spi: Retire legacy GPIO handling") [0]
removed support using GPIOs as chip select. Fix it by replacing cs_gpio
with cs_gpiod.

[0] - f48dc6b966

Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
[split commit and rewrite commit message]
Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-10 13:06:05 +01:00
Nick Hainke
31c4fc7414 ramips: 6.1: ralink: fix const warning in the ethernet driver
Change fe_hw_set_macaddr and the set_mac parameter to const to fix
errors in the form of:

   drivers/net/ethernet/ralink/mtk_eth_soc.c: In function 'fe_set_mac_address':
  drivers/net/ethernet/ralink/mtk_eth_soc.c:174:53: error: passing argument 2 of 'priv->soc->set_mac' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
    174 |                         priv->soc->set_mac(priv, dev->dev_addr);
        |                                                  ~~~^~~~~~~~~~
  drivers/net/ethernet/ralink/mtk_eth_soc.c:174:53: note: expected 'unsigned char *' but argument is of type 'const unsigned char *'
  drivers/net/ethernet/ralink/mtk_eth_soc.c: In function 'fe_hw_init':
  drivers/net/ethernet/ralink/mtk_eth_soc.c:1220:45: error: passing argument 2 of 'priv->soc->set_mac' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
   1220 |                 priv->soc->set_mac(priv, dev->dev_addr);
        |                                          ~~~^~~~~~~~~~
  drivers/net/ethernet/ralink/mtk_eth_soc.c:1220:45: note: expected 'unsigned char *' but argument is of type 'const unsigned char *'
  drivers/net/ethernet/ralink/mtk_eth_soc.c:1222:44: error: passing argument 2 of 'fe_hw_set_macaddr' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
   1222 |                 fe_hw_set_macaddr(priv, dev->dev_addr);
        |                                         ~~~^~~~~~~~~~
  drivers/net/ethernet/ralink/mtk_eth_soc.c:155:75: note: expected 'unsigned char *' but argument is of type 'const unsigned char *'
    155 | static inline void fe_hw_set_macaddr(struct fe_priv *priv, unsigned char *mac)
        |                                                            ~~~~~~~~~~~~~~~^~~
  cc1: all warnings being treated as errors

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-10 13:06:05 +01:00
Nick Hainke
eeeb0b5349 ramips: 6.1: pwm: rewrite mtk_pwm_ops to fix pwm driver
Upstream dropped support for legacy driver [0]. Rewrite the driver like
the renesas pwm driver [1].

Fixes erros in the form of:
   make: *** [/__w/openwrt/openwrt/openwrt/include/toplevel.mk:232: target/compile] Error 1
  ====== Make errors from logs/target/linux/compile.txt ======
        |                   ^~~~~~~~~~~~~~
  drivers/pwm/pwm-mediatek-ramips.c:107:19: note: (near initialization for 'mtk_pwm_ops.free')
  drivers/pwm/pwm-mediatek-ramips.c:108:10: error: 'const struct pwm_ops' has no member named 'disable'
    108 |         .disable = mtk_pwm_disable,
        |          ^~~~~~~
  drivers/pwm/pwm-mediatek-ramips.c:108:20: error: initialization of 'int (*)(struct pwm_chip *, struct pwm_device *, struct pwm_capture *, long unsigned int)' from incompatible pointer type 'void (*)(struct pwm_chip *, struct pwm_device *)' [-Werror=incompatible-pointer-types]
    108 |         .disable = mtk_pwm_disable,
        |                    ^~~~~~~~~~~~~~~
  drivers/pwm/pwm-mediatek-ramips.c:108:20: note: (near initialization for 'mtk_pwm_ops.capture')
  cc1: all warnings being treated as errors

[0] - 0829c35dc5
[1] - ec00cd5e63

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-10 13:06:05 +01:00
Nick Hainke
31b3e61d77 ramips: 6.1: dai_dma: drop dma_data->slave_id in mt7620 support patch
Upstream dropped slave_id in dai_dma [0]. So drop it also in the mt7620
support patch.

Fixes errors in the form of:
   sound/soc/ralink/ralink-i2s.c: In function 'ralink_i2s_init_dma_data':
  sound/soc/ralink/ralink-i2s.c:452:17: error: 'struct snd_dmaengine_dai_dma_data' has no member named 'slave_id'
    452 |         dma_data->slave_id = i2s->txdma_req;
        |                 ^~
  sound/soc/ralink/ralink-i2s.c:462:17: error: 'struct snd_dmaengine_dai_dma_data' has no member named 'slave_id'
    462 |         dma_data->slave_id = i2s->rxdma_req;
        |                 ^~

[0] - https://lore.kernel.org/r/20211122222203.4103644-3-arnd@kernel.org

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-10 13:06:05 +01:00
Nick Hainke
3358045d1d ramips: 6.1: pinctrl: fix compilation with 6.1
Upstream changed in ed5c2f5fd10d ("i2c: Make remove callback return void")
the i2c driver's remove function to return no value. Adapt the driver code
to compile with 5.15 and 6.1 like it is done in other projects [0].

Fixes errors in the form of:
  make[8]: Leaving directory '/home/nick/openwrt/build_dir/target-mipsel_24kc_musl/linux-ramips_mt7621/linux-6.1.29'
    CC      drivers/pinctrl/pinctrl-aw9523.o
  drivers/pinctrl/pinctrl-aw9523.c:1117:19: error: initialization of 'void (*)(struct i2c_client *)' from incompatible pointer type 'int (*)(struct i2c_client *)' [-Werror=incompatible-pointer-types]
 1117 |         .remove = aw9523_remove,
      |                   ^~~~~~~~~~~~~
  drivers/pinctrl/pinctrl-aw9523.c:1117:19: note: (near initialization for 'aw9523_driver.remove')
  cc1: all warnings being treated as errors

[0] - https://gitlab.com/ddcci-driver-linux/ddcci-driver-linux/-/merge_requests/10/diffs

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-10 13:06:05 +01:00
Nick Hainke
0561613319 ramips: 6.1: mt7621-dma: apply dma handle error from device_reset patch
Apply the "109-drivers-mt7621-dma-handle-error-from-device_reset.patch"
directly on the downstream maintained dma driver.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-10 13:06:05 +01:00
Nick Hainke
88d982e3bd ramips: 6.1: mt7621-dma: add hsdma driver to files
Commit 87dd67f496f7 ("staging: mt7621-dma: remove driver from tree")
removed the mt7621-dma driver. Maintain the driver downstream in the
folder of the other mediatek drivers.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-10 13:06:05 +01:00
Nick Hainke
0dcbe4e931 ramips: 6.1: copy config and patches
Copy config and patches from 5.15. This simplifies reviewing process.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-10 13:06:05 +01:00
Hauke Mehrtens
2ef5714277 toolchain: glibc: Update glibc 2.37 to recent HEAD
512e30fd56 Revert "elf: Remove unused l_text_end field from struct link_map"
55d3dfadf8 Revert "elf: Always call destructors in reverse constructor order (bug 30785)"
8e20aedfd7 Revert "elf: Move l_init_called_next to old place of l_text_end in link map"
5014fb12f4 elf: Fix wrong break removal from 8ee878592c
874d418697 elf: Fix TLS modid reuse generation assignment (BZ 29039)
8bd00f5b6d x86-64: Fix the dtv field load for x32 [BZ #31184]
d052665f35 x86-64: Fix the tcb field load for x32 [BZ #31185]
0ca9ba3a9e NEWS: Mention bug fixes for 29039/30745/30843
9b90e763db getaddrinfo: translate ENOMEM to EAI_MEMORY (bug 31163)
bd9f194c34 libio: Check remaining buffer size in _IO_wdo_write (bug 31183)
8b8a3f0aaf sunrpc: Fix netname build with older gcc
97a4292aa4 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246)
67062eccd9 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779)
2b58cba076 syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780)
1d8bb622df i386: Use pthread_barrier for synchronization on tst-bz21269
32450f6e8d sysdeps: tst-bz21269: fix test parameter
f7e97cea20 sysdeps: tst-bz21269: handle ENOSYS & skip appropriately
d97929eadc sysdeps: tst-bz21269: fix -Wreturn-type
5bbe7e0da5 x86_64: Optimize ffsll function code size.
98ec3e004e sparc: Fix broken memset for sparc32 [BZ #31068]
2ce7abef67 sparc64: Remove unwind information from signal return stubs [BZ#31244]
18da90677c sparc: Fix sparc64 memmove length comparison (BZ 31266)
8b849f70b3 sparc: Remove unwind information from signal return stubs [BZ #31244]
eee7525d35 arm: Remove wrong ldr from _dl_start_user (BZ 31339)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-02-10 12:52:09 +01:00
Christian Marangi
f0e732f488
qualcommax: refresh kernel patches
Refresh kernel patches changed from the just introduced ipq60xx new
subtarget.

Patch automatically refreshed with make target/linux/refresh.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-09 14:33:43 +01:00
Robert Marko
fe98cc1baf
qualcommax: move generic image recipes to target Makefile
These recipes are generic and will be used for other subtargets, so lets
move them to the target Makefile so they can reused.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-02-09 14:01:51 +01:00
Mantas Pucka
23deb4ac90
qualcommax: add ipq60xx support
Introduce support for the Qualcomm IPQ60xx SoC. WiFi support still has
to be handled and correctly fix hence this is currently marked as
source-only to have a solid base to progress on correct support of this
and hope Upstream QUIC publish newers ath11k drivers for this SoC.

Co-developed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Mantas Pucka <mantas@8devices.com>
[ improve commit description, add SoB for Robert, make it source-only ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-09 14:01:51 +01:00
Robert Marko
a79efe4cdf
qca-ssdk: add support for ipq60xx
IPQ60xx uses a different codename for SSDK, so lets pass the correct one
as otherwise SSDK asumes we are building for the old MIPS SoC-s.

Signed-off-by: Robert Marko <robimarko@gmail.com>
[ drop outdated commit description info ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-09 14:01:51 +01:00
Nick Hainke
5a016cc3af uboot-envtools: update to 2024.01
Update to latest version.

Refresh patches:
- 002-Revert-tools-env-use-run-to-store-lockfile.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-09 13:55:18 +01:00
Felix Fietkau
2b4941a6f1 wifi-scripts: fix fullmac phy detection
Checking for AP_VLAN misdetects ath10k-ath12k as fullmac, because of software
crypto limitations. Check for monitor mode support instead, which is more
reliable.

Fixes: https://github.com/openwrt/openwrt/issues/14575
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-09 12:18:59 +01:00
Konstantin Demin
3f96246e97 dropbear: better handle interfaces
- introduce 'DirectInterface' option to bind exactly to specified interface;
  fixes #9666 and late IPv4/IPv6 address assignment
- option 'DirectInterface' takes precedence over 'Interface'
- improve interface/address handling,
  e.g. verify count of listening endpoints due to dropbear limit (10 for now)

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
865ae1c10c dropbear: better handle receive window size
- correct maximum receive window size
- adjust receive window size against maximum allowed value
- warn about too high receive window size in syslog

improves f95eecfb

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
05100d8651 dropbear: adjust file permissions
runtime:
- adjust ownership/permissions while starting dropbear
build time:
- correct file permissions for preseed files in $(TOPDIR)/files/etc/dropbear/ (if any)

closes #10849

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
a97e0dad6e dropbear: 'rsakeyfile' -> 'keyfile' transition
end users should have done this since OpenWrt 19.07.
if they didn't do this yet - perform auto-transition.

schedule 'rsakeyfile' removal for next year release.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
ff1ccd85e8 dropbear: failsafe: handle all supported key types
dropbear may be configured and compiled with support for different host key types

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
55218bcedb dropbear: minor config reorder
move DROPBEAR_ASKPASS under DROPBEAR_DBCLIENT (in all meanings)

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
c87a192386 dropbear: split U2F/FIDO support
these options allow one to configure U2F/FIDO support in more granular way

inspired by upstream commit aa6559db

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
bf900e02c7 dropbear: add option to enable modern crypto only
reduces binary/package size and increases overall performance

also:
- adjust 910-signkey-fix-use-of-rsa-sha2-256-pubkeys.patch
  to build without DROPBEAR_RSA/DROPBEAR_RSA_SHA256

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
88c8053d47 dropbear: adjust allowed shell list
this takes an effect only if getusershell(3) is missing

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
7f6fcaa3bf dropbear: honor CONFIG_TARGET_INIT_PATH
fixes 65256aee

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
2d9a0be307 dropbear: disable two weak kex/mac algorithms
hmac-sha1 and diffie-hellman-group14-sha1 are weak algorithms.
A future deprecation notice of ssh-rsa (2048-bit) has been issued. [1]

It has no place in a potentially internet-facing daemon like dropbear.
Upstream has acknowledged this and offered this solution to disable
these two until this is made to be the default in the next release
of dropbear next year. [2]

1. https://www.openssh.com/txt/release-8.2
2. https://github.com/mkj/dropbear/issues/138

Signed-off-by: John Audia <therealgraysky@proton.me>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
0b277f8659 dropbear: minor config clarification
- "default n" is not needed: options are not selected by default
- wrap config on 80 characters width (assuming tab is 8 characters long)
- add feature cost size and security notes for DROPBEAR_AGENTFORWARD
  and DROPBEAR_DBCLIENT_AGENTFORWARD:
  describe why and where it should be disabled

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
fa849fd411 dropbear: better object cleanup
improves b78aae79

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
f2b2293663 dropbear: allow more complex configuration
- switch DB_OPT_COMMON and DB_OPT_CONFIG to comma-separated lists:
  this allows to have values with "|" in DB_OPT_COMMON and DB_OPT_CONFIG
  which is more likely to be than values with commas;
  use $(comma) variable for values with commas.
- sort DB_OPT_COMMON and DB_OPT_CONFIG to have "overrides" on top of list.
- allow DB_OPT_COMMON to have values with commas.
- allow to replace multiline definitions in sysoptions.h.

improves e1bd9645

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
b5cde26048 dropbear: cherry-pick upstream patches
critical fixes:
- libtommath: possible integer overflow (CVE-2023-36328)
- implement Strict KEX mode (CVE-2023-48795)

various fixes:
- fix DROPBEAR_DSS and DROPBEAR_RSA config options
- y2038 issues
- remove SO_LINGER socket option
- make banner reading failure non-fatal
- fix "noremotetcp" behavior
- don't try to shutdown a pty
- fix test for multiuser kernels

adds new features:
- option to bind to interface
- allow inetd with non-syslog
- ignore unsupported command line options with dropbearkey

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
d4dfb566e2 dropbear: bump to 2022.83
- update dropbear to latest stable 2022.83;
  for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- drop patches:
  - 001-fix-MAX_UNAUTH_CLIENTS-regression.patch
- rework patches:
  - 901-bundled-libs-cflags.patch
- refresh remaining patches

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Christian Marangi
c6ed34940d
ipq40xx: fix dts error in LED color/function conversion
Fix DTS error in LED color/function conversion due to a bug in the
conversion script.

Fixes: a9e0d97e1f ("ipq40xx: convert to new LED color/function format where possible")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-09 01:44:19 +01:00
Christian Marangi
c4910e9cb3
linux: add dtb makefile target to targets list
Add dtb makefile target to targets list to permit correct working of

make target/linux/dtb

Fixes: c47532b1ea ("kernel-buildOnmk: add support for compiling only DTS")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-08 23:04:55 +01:00
Christian Marangi
c47532b1ea
kernel-build.mk: add support for compiling only DTS
Add support for compiling DTS for the selected target. This can be
useful for testing if the DTS correctly compile and doesn't produce any
error.

This adds a new make target. To compile only DTS use:

make target/linux/dtb

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-08 19:57:28 +01:00
John Audia
f89904ad78 kernel: bump 6.1 to 6.1.77
Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.77

Removed upstreamed:
	generic/backport-6.1/707-v6.8-01-net-phy-at803x-fix-passing-the-wrong-reference-for-c.patch[1]
	generic/backport-6.1/796-v6.8-ipmr-fix-kernel-panic-when-forwarding-mcast-packets.patch[2]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.1.77&id=7dc0fefd37dd5fb03fdac6e3e01b1c2291148ccb
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.1.77&id=d2f1b7fe74afd66298dbb3c7b39e7b62e4df1724

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne

Signed-off-by: John Audia <therealgraysky@proton.me>
2024-02-08 18:35:42 +01:00
John Audia
4a0839b44e kernel: bump 6.1 to 6.1.76
Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.76

All patches automatically rebased.

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne

Signed-off-by: John Audia <therealgraysky@proton.me>
2024-02-08 18:35:42 +01:00
Stephen Howell
d274867c21 lldpd: add option to force EDP
allow EDP support if compiled and add force EDP option

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
8b2d02e48c lldpd: only use snmp options when compiled in
prevent SNMP options being passed unless lldpd supports them

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
1b36d44323 lldpd: Update Makefile package release
increment Makefile package release to reflect changes to init script

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
a5f715da71 lldpd: add option for tx delay and tx hold
add option to set LLDP transmit delay, hold timers to set update frequency

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
4159acceeb lldpd: add option to set system platform
add option to override system platform instead of using kernel name

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
4ac134aa78 lldpd: add option to force SONMP enabled
add option to force SONMP to be enabled even when no peer detected

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00