Commit Graph

21542 Commits

Author SHA1 Message Date
Antonio Flores
cfb7df2991 kernel: add kmod-ata-ahci-dwc
Add kmod-ata-ahci-dwc for the rockchip target.

33629d3509

Signed-off-by: Antonio Flores <antflores627@gmail.com>
2024-05-05 00:46:48 +02:00
Antonio Flores
4a6e3e1bc8 uboot-rockchip: add Bananapi-R2 Pro support
add uboot support for Bananapi-R2 Pro

Signed-off-by: Antonio Flores <antflores627@gmail.com>
2024-05-05 00:46:48 +02:00
Weijie Gao
3f28c422ba libunwind: add support for loongarch64
Modify package depends to allow building for loongarch64.
Also fix for building with musl.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
33cd87079b openssl: add linux64-loongarch64 into the targets list
Add "linux64-loongarch64-openwrt" into openssl configurations to enable
building on loongarch64 machines.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
b98355ed0f grub2: add EFI support for loongarch64
Add a new package for loongarch64 which only supports EFI.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
159a285736 kernel: modules: video: adapt for loongarch64
* Allow kmod-acpi-video to be built for loongarch64:
The x86-specific CONFIG_ACPI_WMI will be split from default
kmod-acpi-video as a board-specific addition.

* Allow kmod-drm-amdgpu to be built for loongarch64:
Also add loongarch64-specific configs and modules.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
886a507fa6 kernel: modules: netdevices: add depedency required for loongarch64
Add TARGET_loongarch64 as dependency for kmod-mdio-devres,
kmod-mdio-gpio and kmod-switch-rtl8366-smi

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
6eafcd86b8 toolchain: Disable libtsan and liblsan sanitizer on loongarch64
libtsan and liblsan are not supported by glibc on loongarch64

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Zoltan HERPAI
3f7d8e20cd sunxi: add support for Lichee Pi Zero Dock (V3s) board
CPU:     Allwinner V3s single-core Cortex-A7 @ 1.2GHz
Memory:  64Mb DDR2 integrated into SoC package
Storage: 1x SDcard on board, 1x SDcard on dock
Network: 10/100M ethernet
Other:   4x buttons via LRADC, CSI

Flashing instructions:
  Standard sunxi SD card installation procedure - copy image to SD card,
  insert into SD card slot on the device and boot.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-05-04 00:41:02 +02:00
Christian Marangi
23de46c913
xdp-tools: fix wrong matching for OPENWRT_VERBOSE
To enable verbose log for xdp-tools compilation, we check for "c" in
the OPENWRT_VERBOSE, but verbose.mk supports only "w" and "s" for V=1
and V=99.

Fix the wrong matching and correctly enable verbose output matching for
"s".

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-03 14:53:11 +02:00
Christian Marangi
0d436fc8b1
xdp-tools: refresh patches
Refresh xdp-tools patches with make package/xdp-tools/refresh

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-03 14:53:10 +02:00
Zoltan HERPAI
095efad4fe opensbi: bump to 1.4
Upgrade the OpenSBI firmware used by RISC-V CPUs to 1.4.

Runtime-tested:
 - d1 (Lichee RV)
 - sifiveu (SiFive Unleashed)

Updates since last release:

1.4:
Synopsys DesignWare APB GPIO driver
Zicntr and Zihpm support
Console print improvements
Smepmp support
Simple FDT based syscon regmap driver
Syscon based reboot and poweroff driver
Non-contiguous hpm counters
Smcntrpmf support
Full sparse hartid support
IPI improvements
RFENCE improvements
Zkr support
Andes custom PMU support

1.3.1:
ACLINT driver fix for disabled CPUs
SBI PMU fix for out-of-bound access
Designware GPIO driver

1.3:
Allow platform to influence cold boot HART selection
Starfive JH7110 platform support
Split RX and RW firmware regions
Advertise non-retentive suspend for allwinner D1 platform
Byteorder/endianness conversion macros
SBI debug console extension (Experimental)
Configure the PMA regions for RZ/Five platform
SBI system suspend extension (Experimental)
SBI PMU platform firmware events (Experimental)
SBI CPPC extension (Experimental)
Optimized remote TLB flushes
Simple heap for boot time memory allocations
Bring back no-map DT property for reserved memory nodes

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-05-03 11:09:22 +02:00
Linus Walleij
f789454df1 uboot-bmips: Add U-Boot for the BMIPS target
This is needed to boot the BCM6238-based Inteno XG6846.
Currently this is restricted to the XG6846 board.

Reviewed-by: Paul Donald <newtwen+github@gmail.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-05-01 21:30:32 +02:00
Christian Marangi
5acc4f919c
xdp-tools: fix compilation wrongly using host header
Currently it's needed to have gcc-multilib on the host to correctly
compile xdp-tools. This is wrong and means that we are using host header
to compile a tool.

By some searching in how the makefile works it was discovered that
BPF_CFLAGS were not used and required to be appended to config.mk

Only one single header was added but we should include each BPF_CFLAGS
from bpf.mk. To make this some patching to bpf-header were required and
some patches to xdp-tools were required.
Also it's needed to pass the correct target to BPF_CFLAGS.

With the following changes xdp-tools can correctly compile with each
header from bpf-headers and should not use any host header.

Co-Developed-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/11825
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-01 19:11:34 +02:00
Christian Marangi
dfcc0ff5d2
bpf-headers: fix use of netlink.h header
netlink.h header have NL_SET_ERR_MSG_MOD that is tied to kmods. We don't
need kmods on bpf tools and this cause compilation error if the header
is included. Fix it by dropping NL_SET_ERR_MSG_MOD.

Link: https://github.com/openwrt/openwrt/pull/11825
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-01 19:11:33 +02:00
Felix Fietkau
b6f1e2e5b0 ucode: fix ubus defer when running from within eloop (integrated with uloop)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-01 19:00:21 +02:00
Felix Fietkau
52a5f4491c hostapd: fix a null pointer dereference in wpa_supplicant on teardown
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-01 19:00:21 +02:00
Tianling Shen
790082098e
mediatek: switch to fitblk for JDCloud RE-CP-03
Use the new fitblk driver.

Tested-By: Yangyu Chen <cyy@cyyself.name>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-04-30 03:28:13 +01:00
Christian Marangi
4b04304713
procd: make mDNS TXT record parsing more solid
mDNS broadcast can't accept empty TXT record and would fail
registration.

Current procd_add_mdns_service checks only if the first passed arg is
empty but don't make any verification on the other args permittins
insertion of empty values in TXT record.

Example:

	procd_add_mdns "blah" \
				"tcp" "50" \
				"1" \
				"" \
				"3"

Produce:

{ "blah_50": { "service": "_blah._tcp.local", "port": 50, "txt": [ "1", "", "3" ] } }

The middle empty TXT record should never be included as it's empty.

This can happen with scripts that make fragile parsing and include
variables even if they are empty.

Prevent this and make the TXT record more solid by checking every
provided TXT record and include only the non-empty ones.

The fixed JSON is the following:

{ "blah_50": { "service": "_blah._tcp.local", "port": 50, "txt": [ "1", "3" ] } }

Fixes: b0d9dcf84d ("procd: update to latest git HEAD")
Reported-by: Paul Donald <newtwen@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15331
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-29 23:24:58 +02:00
Robert Marko
5c833329ce
arm-trusted-firmware-mvebu: refresh cryptopp hash
Well, it seems that cryptopp hash was never refreshed since calling
make package/boot/arm-trusted-firmware-mvebu/check FIXUP=1 V=s does not
actually refresh the download calls hashes so refresh it manually.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2024-04-29 13:02:23 +02:00
Robert Marko
e909746665
arm-trusted-firmware-mvebu: use SOURCE_VERSION instead of VERSION
Since ("download: don't overwrite VERSION variable") trying to download the
required sources for mvebu ATF will fail with:
Makefile:247: *** Download/mox-boot-builder is missing the SOURCE_VERSION field..  Stop.

This also broke the buildbot mvebu/cortex-a53 builds.

So, fix it by switching to SOURCE_VERSION instead.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2024-04-29 12:05:45 +02:00
Paul Spooren
00b86168bd apk: add package
APK (Alpine Package Keeper) is the package manager of Alpine Linux and
has multiple advantages over OPKG. While Alpine uses APK version 2, this
commit adds version 3 with a heavily optimised database structure and
additional feature making it suitable for OpenWrt.

This commit will be followed by many more to add APK build capabilities
to the OpenWrt build system, firstly enabling side by side builds of APK
and OPKG packages, later replacing OPKG entirely.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-04-29 11:36:03 +02:00
Hauke Mehrtens
adc29202c2 mbedtls: Remove Kconfig options removed from mbedtls 3.6.0
These options are not available in mbedtls 3.6.0 and selecting them
causes an error.

MBEDTLS_CERTS_C was removed in:
1aec64642c

MBEDTLS_XTEA_C was removed in:
10e8cf5fef

MBEDTLS_SSL_TRUNCATED_HMAC was removed in:
4a7010d1aa

Fixes: 0e06642643 ("mbedtls: Update to version 3.6.0")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-29 01:32:36 +02:00
Marius Dinu
ff0bb196eb libaudit: update to 3.1.4, join with daemon and utils, rename
Changes:
- new URL for sources (old address is dead)
- daemon and utils from packages feed are merged in here
  - only build once
  - no need to update at the same time in both places
- update to v3.1.4
  - removed unneeded patches
  - added audisp-syslog
  - removed audispd (no longer exists)
- rename and move to package/utils/audit
  - update new path in one dependent package

Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
2024-04-29 00:53:43 +02:00
Jean Thomas
30245a869e uqmi: set dangling-pointer as error
With "ebfe8b4 CMakeLists: set no-dangling-pointer" the compilation
option is set in uqmi, and can therefore be removed from no-error.

Signed-off-by: Jean Thomas <jean.thomas@wifirst.fr>
2024-04-28 23:51:19 +02:00
Jean Thomas
4d058d5e4d uqmi: update to git HEAD
e7207be uqmi: print radio interfaces in serving system command
6ef41d6 uqmi: create function to print radio interface string
e25d042 uqmi: Add basic 5G NR support
3e782be uqmi: sync data from libqmi project
368d46c uqmi: support C reserved keywords in upstream JSON files
02e42c0 reorganize source code in common and uqmi specific parts
4591f0a .gitignore build/ directories
2b57ee1 uqmi: commands-uim: fix uninitialized use of card_application_state
7c77e77 data/code-gen: add support for indications
ddbf864 qmi-struct.h: add missing includes
5320c1d move qmi_get_error_str to into utils.c
1503bc7 dev.c: add missing import strings.h
bae945f commands-nas: add missing includes
9ffd0e2 commands: make `struct blob_buf status` public
a4fbdcc commands-nas: fix gcc warning
8ff632a dev.c: add comment to qmi_request_wait()
a043a74 CMakeLists: refactor SOURCES variable to allow later adding uqmid
ebfe8b4 CMakeLists: set no-dangling-pointer
c47125d CMakeLists: improve generated files
0f64b69 CMakeLists: update cmake minimum version to 3.5

As the built uqmi binary is now moved to a dedicated directory,
update the Makefile accordingly.

Signed-off-by: Jean Thomas <jean.thomas@wifirst.fr>
2024-04-28 23:51:19 +02:00
Weijie Gao
f9e3fb59c7 libunwind: update to 1.8.1
Rebased patches:
- 003-fix-missing-ef_reg-defs-with-musl.patch
- 004-ppc-musl.patch

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-04-28 23:32:08 +02:00
Weijie Gao
8968675247 grub2: update to 2.12
compile tested: x86_64,i386,loongarch64

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
{Refresh patches}
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 23:26:35 +02:00
Hauke Mehrtens
0e06642643 mbedtls: Update to version 3.6.0
This adds support for mbedtls 3.6.0.
The 3.6 version is the next LTS version of mbedtls.
This version supports TLS 1.3.

This switches to download using git. The codeload tar file misses some
git submodules.

Add some extra options added in mbedtls 3.6.0.

The size of the compressed ipkg increases:
230933 bin/packages/mips_24kc/base/libmbedtls13_2.28.7-r2_mips_24kc.ipk
300154 bin/packages/mips_24kc/base/libmbedtls14_3.6.0-r1_mips_24kc.ipk

The removed patch was integrated upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:37 +02:00
Hauke Mehrtens
00a1671248 hostapd: Fix compile against mbedtsl 3.6
Fix compile of the mbedtls extension for hostapd.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:18 +02:00
Hauke Mehrtens
6c80f34c07 uencrypt: Fix mbedtls 3.6 compatibility
This makes it compile with mbedtls 3.6.0.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:18 +02:00
Hauke Mehrtens
0fd9acb471 uencrypt: Fix compile warnings
keylen and ivlen are of type long and not size_t.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:18 +02:00
Josef Schlehofer
1b190dfd3a uboot-mvebu: backport patch for Turris Omnia to enable LTO
Fixes issue while building package uboot-mvebu on OpenWrt 23.05:

u-boot-with-spl.kwb exceeds file size limit:
  limit:  0xf0000 bytes
  actual: 0xf0100 bytes
  excess: 0x100 bytes
make[3]: *** [Makefile:1466: u-boot-with-spl.kwb] Error 1
make[3]: *** Deleting file 'u-boot-with-spl.kwb'
make[3]: Leaving directory '/workspaces/openwrt/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/u-boot-omnia/u-boot-2024.04'
make[2]: *** [Makefile:83: /workspaces/openwrt/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/u-boot-omnia/u-boot-2024.04/.built] Error 2

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15307
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-28 11:39:42 +02:00
Fabrice Fontaine
6e5edec159 package/network/utils/iptables: fix PKG_CPE_ID
cpe:/a:netfilter:iptables is the correct CPE ID for iptables:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️netfilter:iptables

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15297
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:44:48 +02:00
Fabrice Fontaine
a4f723e04e package/libs/libjson-c: fix PKG_CPE_ID
cpe:/a:json-c:json-c is the correct CPE ID for libjson-c:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️json-c:json-c

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15292
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:44:20 +02:00
Fabrice Fontaine
289f811abb package/network/services/dropbear: fix PKG_CPE_ID
cpe:/a:dropbear_ssh_project:dropbear_ssh is the correct CPE ID for dropbear:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️dropbear_ssh_project:dropbear_ssh

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15290
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:43:58 +02:00
Robert Marko
cf3520ba66 ipq-wifi: correct PKG_MIRROR_HASH
It seems that somehow a wrong hash has been used for ipq-wifi, so refresh
it.

Fixes: f10d55df9e ("ipq-wifi: update to Git HEAD (2024-04-26)")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:29:48 +02:00
Felix Fietkau
2d6fd937c3 netifd: packet_steering: fix shell error on unset steering_flows option
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-27 20:59:52 +02:00
Felix Fietkau
994f71e0f0 netifd: fix bogus warnings in packet_steering init script
Avoids warnings if options are unset

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-27 20:57:19 +02:00
Robert Marko
0fc87ddf44
ubox: update to Git HEAD (2024-04-26)
85f1053019ca kmodloader: fix insmod path logic

Signed-off-by: Robert Marko <robimarko@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15288
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-27 13:34:13 +02:00
Paul Donald
708101c141 lldpd: fix reload bug: advertisements shall default to on
Because these capability advertisements default to on in lldpd, they
became absent at reload, and not restart, due to how the reload logic
works ( keep daemon running, send unconfigured and then the new config
via socket ), and it was not evident unless you happened to be looking
for it (e.g. via pcap or tcpdump). It was also not evident from the
manpage ( have now sent patches upstream ).

At reload time, the unconfigure logic disabled them unless they were
explicitly enabled (compare with other settings where 'unconfigure' just
resets them). Now they default to on/enabled at init time, and are
explicitly 'unconfigure'd at startup if the user disables them via:

lldp_mgmt_addr_advertisements=0
lldp_capability_advertisements=0

In other words: explicit is necessary to disable the advertisements.

The same applies to 'configure system capabilities enabled'. Technically
'unconfigure'd is the default but now it is explicit at reload.

Tested on: 23.05.3

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-27 12:11:27 +02:00
Fabrice Fontaine
27d1ebb46a package/libs/pcre2: fix PKG_CPE_ID
cpe:/a:pcre:pcre2 is the correct CPE ID for pcre2:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️pcre:pcre2

Fixes: c39b0646f3 (pcre2: import pcre2 from packages feed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-04-27 12:05:43 +02:00
Paul Donald
01cdeb531b ustp: update to Git HEAD (2023-05-29)
a85a5bc83bde netif_utils: correctly close fd on read error

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-27 11:40:04 +02:00
Stijn Tintel
f434643857 perf: fix build on PowerPC
Building perf's intel-pt-decoder fails on both PPC32 and PPC64:

/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-13.2.0_musl/lib/gcc/powerpc64-openwrt-linux-musl/13.2.0/../../../../powerpc64-openwrt-linux-musl/bin/ld.bfd:
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-powerpc64_e5500_musl/linux-qoriq_generic/linux-6.1.86/tools/
perf-target-powerpc64_e5500_musl/perf-in.o: in function `insn_set_byte':
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-powerpc64_e5500_musl/linux-qoriq_generic/linux-6.1.86/tools/perf/util/intel-pt-decoder/../../../arch/x86/include/asm/insn.h:64:
undefined reference to `__le32_to_cpu'

Add NO_AUXTRACE=1 to MAKE_FLAGS for LINUX_KARCH powerpc, which disables
build of intel-pt-decoder on both PPC32 and PPC64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2024-04-26 15:19:48 +03:00
Christian Marangi
f10d55df9e
ipq-wifi: update to Git HEAD (2024-04-26)
fab9e29f6b92 ipq6018: update regdb in TPLink EAP610-Outdoor BDF
6d02b65fadf3 ipq8074: update RegDB in new submitted BDF
644ba9ea2e66 ipq6018: update RegDB in new submitted BDF

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-26 13:28:09 +02:00
Felix Fietkau
7ebcf2fb9c netifd: add flow steering mode to the packet steering script
This allows directing processing of locally received packets to the CPUs
of the tasks receiving them

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-26 06:31:27 +02:00
Felix Fietkau
c4d394c6cc netifd: add a packet steering mode matching the old script
This spreads packet processing across all cores

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-26 06:31:27 +02:00
Tony Ambardar
098bde1f3e gettext-full: update to 0.22.5
Release Announcement:
https://savannah.gnu.org/news/?group_id=425

Refresh:
- 200-libunistring-missing-link.patch

Tested-by: Georgi Valkov <gvalkov@gmail.com> # MacOS
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-25 21:33:51 +02:00
Tim Lunn
99eb0d0e33 uboot-envtools: add env settings for Edgerouter-X
uboot-envtools is currently missing config for Edgerouter-X
and its not immediately obvious what settings to manually
apply.

Provide default configuration for envtools on Edgerouter-X.

Signed-off-by: Tim Lunn <tim@feathertop.org>
2024-04-25 21:33:16 +02:00
Linus Walleij
9c8f2d7c2d modules: Add kernel module for MV88E6xxx DSA switch
This adds a kernel module package for the Marvell
MV88E6XXX DSA switch and a separate module package for
the DSA tagger since it can in theory be used by multiple
DSA switches. Enable both DSA and EDSA tags in the
tagger.

We can't just compile this in because just a few devices
has this DSA, and it depends on e.g. the I2C and SFP
to be loaded as modules first.

We have no examples of DSA switches being packaged as
modules before, all seem to be compiled in, but it
actually works just fine to do this.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-04-24 23:15:58 +02:00
Hauke Mehrtens
f475a44c03 wolfssl: Update to 5.7.0
This fixes multiple security problems:
 * [High] CVE-2024-0901 Potential denial of service and out of bounds
   read. Affects TLS 1.3 on the server side when accepting a connection
   from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
   it is recommended to update the version of wolfSSL used.

 * [Med] CVE-2024-1545 Fault Injection vulnerability in
   RsaPrivateDecryption function that potentially allows an attacker
   that has access to the same system with a victims process to perform
   a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin
   Zhang, Qingni Shen for the report (Peking University, The University
   of Western Australia)."

 * [Med] Fault injection attack with EdDSA signature operations. This
   affects ed25519 sign operations where the system could be susceptible
   to Rowhammer attacks. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang,
   Qingni Shen for the report (Peking University, The University of
   Western Australia).

Size increased a little:
wolfssl 5.6.6:
516880 bin/packages/mips_24kc/base/libwolfssl5.6.6.e624513f_5.6.6-stable-r1_mips_24kc.ipk
wolfssl: 5.7.0:
519429 bin/packages/mips_24kc/base/libwolfssl5.7.0.e624513f_5.7.0-stable-r1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-24 23:01:03 +02:00
Hauke Mehrtens
360ac07eb9 mbedtls: Update to 2.28.8
This contains a fix for:
CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x
before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto
API mishandles shared memory.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-24 22:24:11 +02:00
Nick Hainke
6ca8305598 oxnas: drop target
The Upstream Linux community has discontinued support for the target.
Maintaining support for it downstream would require too much effort.
Moreover, it seems that the supported hardware is no longer deemed worthy
of it.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-04-24 14:12:15 +02:00
Paweł Owoc
652a6677d5 base-files: Add new functions for ath11k caldata
Add new functions for ath11k caldata:
- ath11k_patch_mac (from 0 to 5)
- ath11k_remove_regdomain
- ath11k_set_macflag (some pre-caldata have the nvMacFlag flag unset which is needed to change the MAC address)

Additionaly for ath10k caldata:
- ath10k_remove_regdomain

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
2024-04-23 22:35:57 +02:00
Stefan Kalscheuer
63dd3f74ac mwlwifi: update to version 10.4.10-20240419
This update contains a minor fix to resolve "detected write beyond size
of field" warning during compilation:
* "replace [0] with []" (1d0d08c)

All patches still apply.

References:
* https://github.com/openwrt/openwrt/issues/15108

Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
2024-04-23 22:33:56 +02:00
Connor Yoon
3569b37b15 ipq807x: add Spectrum SAX1V1K
Spectrum SAX1V1K is a AX WIFI router with 3 1G and 1 2.5G ports.
The router is provided to Spectrum customers.
It is OEM of Askey RT5010W
https://forum.openwrt.org/t/spectrum-sax1v1k-askey-rt5010w-openwrt-support/149923

It continues the original work by @MeisterLone to get this device supported.

Specifications:
```
  •  CPU: Qualcomm IPQ8072A Quad core Cortex-A53 2.2GHz
  •  RAM: 2048MB of DDR3
  •  Storage: 1024MB eMMC
  •  Ethernet: 3x 1G RJ45 ports (QCA8075) + 1 2.5G Port (QCA8081)
  •  WLAN:
     • 2.4GHz: Qualcomm QCN5024 4x4 802.11b/g/n/ax 1174 Mbps PHY rate
     • 5GHz: Qualcomm QCN5054 4x4 802.11a/b/g/n/ac/ax 2402 PHY rate

  •  LED: 1 gpio-controlled dual color led (blue/red)
  •  Buttons: 1x reset
  •  Power: 12V DC jack
```

Notes:
```
  •  This commit adds only single partition support, that means
     sysupgrade is upgrading the current rootfs partition.
  •  Installation can be done by serial connection only.
  •  A poulated serial header is onboard
     https://forum.openwrt.org/t/spectrum-sax1v1k-askey-rt5010w-openwrt-support/149923/6
  •  RX/TX is working, u-boot bootwait is active, secure boot is enabled.
```

Installation Instructions:

	**Most part of the installation is performed from an initramfs image.**

	Boot initramfs : Using serial connection
	1. Boot up the device and wait till it displays "VERIFY_IB: Success. verify IB ok"
	2. Once that message appears,
	    login with username 'root'
	    password serial number of your router in uppercase.
	3. Use vi to paste the 'open.sh' script from @MeisterLone github on your device
	    https://github.com/MeisterLone/Askey-RT5010W-D187-REV6/blob/master/Patch/open.sh
	4. chmod 755 open.sh
	5. ./open.sh
	6. Set your ip to 192.168.0.1
	7. Run a TFTP server and host the initramfs image on the TFTP server and name it "recovery.img"
	8. Reboot device. On boot it will try TFTP.

	Install OpenWrt from initramfs image:
	1. Use SCP (or other way) to transfer OpenWrt factory image
	2. Connect to device using SSH (on a LAN port)
	3. Flash firmware: sysupgrade
	   # sysupgrade -n -v /tmp/openwrt_sysupgrade.bin
	4. Set U-boot env variable: bootcmd
	   # fw_setenv bootcmd "run fix_uboot; run setup_and_boot"
	5. Reboot the device
	   # reboot
	6. Once device is booted, residue of previous firmware will prevent openwrt to work properly.
	    Factory Reset is MUST required
	    # Once serial console is displaying to login, hold reset button for 10 sec
	7. Now everything should be operational.

        Note: this PR adds only single partition support, that means sysupgrade is
              upgrading the current rootfs partition

Signed-off-by: Connor Yoon <j_connor@taliaent.com>
2024-04-23 21:48:34 +02:00
Tony Ambardar
c6e6d26f4b ubox: update to Git HEAD (2024-03-02)
d413903016c4 kmodloader: support duplicate module names and aliases
1c9aaefc119a kmodloader: fix memleak adding to avl tree
4c5c45c6beac kmodloader: fix invalid write during insmod, CodeQL warnings
6a59975afc2c kmodloader: improve memory accounting and deallocation

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-23 20:58:18 +02:00
Felix Fietkau
786e3dec01 bridger: update to Git HEAD (2024-04-22)
ec8c620fd5f4 split bridge-local disable into rx and tx
40b1c5b6be4e flow: do not attempt to offload bridge-local flows

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-22 11:02:52 +02:00
Chen Minqiang
3416144418 ppp: add sourcefilter option support
This make source based IPv6 routing option available for
ppp/pptp/pppoe/pppoa

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-22 15:11:44 +08:00
Paul Donald
4a81d868db
lldpd: extended interface(s) parsing to handle patterns
For interface type parameters, the man page documents patterns:
```
*,!eth*,!!eth1

uses all interfaces, except interfaces starting with "eth",
but including "eth1".
```

* Renamed `_ifname` to `_l2dev`.
* get the l2dev via network_get_physdev (and not l3dev)
* Glob pattern `*` is also valid - use noglob for this

The net result is that now interface 'names' including globs '*' and '!'
inversions are included in the generated lldpd configs.

Temporarily `set -o noglob` and then `set +o noglob` to disable & enable
globbing respectively, because when we pass `*` as an interface choice,
other file and pathnames get sucked in from where the init script runs,
and the `*` never makes it to lldpd.

Tested extensively on: 22.03.6, 23.05.3

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
[ squash with commit bumping release version ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-21 17:57:03 +02:00
Felix Fietkau
ea609fe486 uclient: update to Git HEAD (2024-04-19)
e8780fa7792a uclient: fix http regression

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-19 20:06:47 +02:00
Felix Fietkau
a339894691 uclient: update to Git HEAD (2024-04-19)
704c78111a92 uclient-http: use ustream_ssl without ustream_fd

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-19 18:00:23 +02:00
Felix Fietkau
7334337064 ustream-ssl: update to Git HEAD (2024-04-19)
524a76e5af78 ustream-ssl: add support for using a fd instead of ustream as backing

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-19 18:00:23 +02:00
Robert Marko
040af127e7
uboot-mvebu: update to version 2024.04
Lets update to 2024.04 in order to drop all of the patches as they have
been merged upstream.

Tested on Methode eDPU.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2024-04-19 10:50:55 +02:00
Felix Fietkau
66019e456f uclient: update to Git HEAD (2024-04-18)
c2bf660d88ec lib: add log_msg callback to get more detailed log messages
9adb4ca5219d uclient-fetch: add uclient / ustream-ssl log messages (enabled via -v)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-18 22:27:51 +02:00
Felix Fietkau
8992767956 ustream-ssl: update to Git HEAD (2024-04-18)
f9a28a9ce864 ustream-ssl: poll connection on incomplete reads
3c49e70c4622 ustream-ssl: increase number of read buffers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-18 22:27:50 +02:00
Felix Fietkau
e4453d1f81 ustream-ssl: update to Git HEAD (2024-04-18)
60d8fbb5e669 mbedtls: handle session tickets for TLS 1.3
ac42af7981ae mbedtls: add ifdefs to fix legacy compatibility
af7c3532ad49 mbedtls: another cosmetic ifdef fix

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-18 13:18:48 +02:00
Paul Donald
27edf28b11
base-files: reduce IPv6 ULA prefix generation to a single call
Reduce calls and pipes and read from urandom once directly with hexdump
for the necessary 5 bytes of random data to build the 48 bit ULA Prefix.

Fewer calls and forks; finish quicker; less memory used.

Tested on: 23.05.3

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-18 12:55:31 +02:00
Robert Marko
b0422af1b3
mac80211: ath11k: re-enable ipq807x coldboot calibration
It seems that move to kernel 6.6 somehow fixed the remoteproc restart so
now it properly restarts and thus coldboot calibration works as well.

ipq60xx still seems to be broken in a different way so keep it disabled.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-18 11:55:36 +02:00
Christian Marangi
918e2fca1e
qca-nss-dp: add patch fixing rmmod and insmod
Add patch fixing rmmod and insmod. Lots of flawed logic fixed that
permits the module to correctly rmmod and insmod later.

Just to quote some change, use phy_detach instead of phy_disconnect, fix
exclusive reset_control that could only be used once, fix kernel panic
on second edma_cleanup, stop traffic before module exit...

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-18 11:54:21 +02:00
Chukun Pan
9cef2bc224 ipq807x: add support for Zbtlink ZBT-Z800AX
Hardware specifications:
  SoC: Qualcomm IPQ8072A
  RAM: 1GB of DDR4 600MHz
  Flash1: Winbond W25Q64DW 8MB
  Flash2: MX30UF2G28AD 256MB
  WiFi1: QCN5024 2.4GHz AX 4x4
  WiFi2: QCN5054 5GHz AX 4x4
  Ethernet: 5x 1G RJ45 port
  USB: 2x USB 3.0 (1x M.2)
  Button: Reset, WPS

Flash instructions:
  Upload factory.bin in stock firmware's
  upgrade page, do not preserve settings.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-04-17 12:08:56 +02:00
Chukun Pan
74eb718871 ipq-wifi: update to version 2024-04-16
Contains following updates:

 * ipq8074: add Spectrum SAX1V1K BDF
 * ipq8074: add Zbtlink ZBT-Z800AX BDF
 * ipq8074: update regdb in Spectrum SAX1V1K BDF
 * ipq6018: add Linksys MR7350 BDF

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-04-17 12:08:56 +02:00
Chen Minqiang
44a3c18a31 qmi: add sourcefilter option support
This make source based IPv6 routing option available for qmi

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-17 12:34:27 +08:00
Chen Minqiang
044fb8fc13 mbim: add sourcefilter option support
This make source based IPv6 routing option available for mbim

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-17 12:34:27 +08:00
Chen Minqiang
01e8d822e8 ncm: add sourcefilter option support
This make source based IPv6 routing option available for ncm

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-17 12:34:27 +08:00
Chuanhong Guo
9f6a28b91e ipset: update to 7.21
release notes:
7.21: https://www.spinics.net/lists/netfilter-devel/msg85299.html
7.20: https://www.spinics.net/lists/netfilter-devel/msg85120.html
7.19: https://www.spinics.net/lists/netfilter-devel/msg82985.html

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2024-04-17 12:14:20 +08:00
Chuanhong Guo
c7fb5d4cac ipset: include libgen.h for basename
musl dropped the GNU version of basename prototype from string.h
in 1.2.5.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2024-04-17 12:14:20 +08:00
Felix Fietkau
d4742de1d7 Revert "elfutils: fix a missing typedef in the last update"
This reverts commit a9e22ffa50.
After doing a clean rebuild, it turns out that this change is not necessary

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-15 22:05:24 +02:00
Felix Fietkau
123282d9f9 netifd: add missing error checks to packet steering script
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-15 13:46:05 +02:00
Felix Fietkau
a9e22ffa50 elfutils: fix a missing typedef in the last update
Fixes perf

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-15 13:46:05 +02:00
Felix Fietkau
93d75f8401 bridger: update to Git HEAD (2024-04-15)
3159bbe0a2eb improve isolation when selecting a fixed output port
c77a7a1ff74d nl: fix getting flow offload stats
a08e51e679dd add support for disabling bridge-local flows via config

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-15 11:29:24 +02:00
Tianling Shen
a65fceb078 uboot-rockchip: Update to 2024.04
Removed upstreamed patch.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-04-14 18:29:44 +02:00
Tianling Shen
d2d064e06e rkbin: bump to latest git HEAD
Fixed bugs for memory initialization/training,
improved memory compatibility/stability.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-04-14 18:29:44 +02:00
Tony Ambardar
e609b7486f elfutils: update to 1.91
Release Notes:
https://sourceware.org/pipermail/elfutils-devel/2024q1/006876.html

Refresh patch:
- 005-build_only_libs.patch

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-14 17:38:09 +02:00
Felix Fietkau
a205a5734e netifd: rewrite packet steering script
The new script uses a different strategy compared to the previous one.
Instead of trying to split flows by hash and spread them to all CPUs,
use RPS to redirect packets to a single core only.
Try to spread NAPI thread and RPS target CPUs across available CPUs
and try to ensure that the NAPI thread is on a different CPU than the
RPS target. This significantly reduces cycles wasted on the scheduler.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-14 16:24:37 +02:00
Robert Marko
5fe0d296c1 mac80211: ath11k: support DT property to limit channels
Limiting allowed channels per device may be required and is commonly
supported on other drivers, so include a pending patch to add support for
the same.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-13 20:05:01 +02:00
Felix Fietkau
ab9a29a320 mac80211: improve mesh fast tx patch
Change hash key struct size for faster lookup.
Fix clearing cache entries for forwarding

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-13 16:33:45 +02:00
Felix Fietkau
1ee5b7e506 hostapd: fix a crash corner case
On some setup failures, iface->bss can be NULL

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-13 16:33:45 +02:00
Tianling Shen
0db68a789f uboot-d1: define default BUILD_SUBTARGET
As commit 3ce1e4c3d3 ("d1: define subtarget specifically") added the
'generic' subtarget, without 'BUILD_SUBTARGET' the correspond U-Boot
package will be no longer selected automatically.

Fixes: 3ce1e4c3d3 ("d1: define subtarget specifically")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-04-13 13:41:41 +02:00
Tony Ambardar
4d8a9a954a bpftool: Update to v7.4.0
Update to the latest upstream release to include recent improvements and
bugfixes. Update copyright, fix typo in PKG_NAME, and remove unneeded use
of MAKE_VARS definition in Makefile. Drop 001-cflags.patch and simplify
002-includes.patch after refreshing. Also simplify LTO/DCE build flags.

Link: https://github.com/libbpf/bpftool/releases/tag/v7.4.0
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-13 11:20:41 +02:00
Tony Ambardar
5b07c37dfa libbpf: Update to v1.4.0
Update to the latest upstream release to include recent improvements and
bugfixes, and update copyright. Remove MAKE_VARS usage in Makefile and drop
001-cflags.patch which are no longer needed. Also add flags to disable LTO,
mistakenly dropped earlier.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.0
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-13 11:20:41 +02:00
Paul Donald
50021d3222
lldpd: make management address advertisement controllable
Defaults to off.

Available from >= 0.7.15

These are sent in TLV

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-12 13:45:48 +02:00
Paul Donald
4d8f56bd59
lldpd: make capabilities advertisement controllable
Defaults to off.

Only available from >= 1.0.15

These capabilities are sent in TLV.

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-12 13:45:48 +02:00
Paul Donald
b476917502
lldpd: note about capabilities
only available from >= 1.0.15

Comments are useful. Apparently this config parameter was committed when
openwrt used an older version of lldpd which did not yet support it.

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-12 13:20:40 +02:00
Paul Donald
8cf1dce428
lldpd: fix restart
Redirection broke in 5364fe0f01 ("lldpd: shellcheck fixes")

redirects to /dev/null shall be handled correctly (i.e. last).

This fixes these errors on `/etc/init.d/lldpd reload`:

2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`
2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`
2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`
2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`

Tested-on: 22.03.6
Fixes: 5364fe0f01 ("lldpd: shellcheck fixes")
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
[ improve commit description, add fixes tag ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-12 13:20:06 +02:00
Daniel Golle
07918e6612 package: kernel: leds-gca230718: fix build with Linux 6.6
Starting with Linux 6.3 the .probe call no longer got the id parameter,
see also commit torvalds/linux@03c835f498
("i2c: Switch .probe() to not take an id parameter").

As the parameter is anyway unused by the driver, drop it when
building the GCA230718 LED driver for newer kernels.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-04-12 02:07:30 +01:00
Robert Marko
923d7c5531
mediatek: filogic: add support for Edgecore EAP111
HW specifications:
* Mediatek MT7981A
* 256MB SPI-NAND
* 512MB DRAM
* Uplink: 1 x 10/100/1000Base-T Ethernet, Auto MDIX, RJ-45 with 802.3at
PoE (Built-in GBe PHY)
* LAN: 1 x 10/100/1000Base-T Ethernet, Auto MDIX, RJ-45 (Airoha EN8801SC)
* 1 Tricolor LED
* Reset button
* 12V/2.0A DC input

Installation:
Board comes with OpenWifi/TIP which is OpenWrt based, so sysupgrade can
be used directly over SSH.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2024-04-11 13:25:11 +02:00
Oleg S
d668c74fe6 kernel: add kmod-hwmon-emc2305 support
This module supports the Microchip Technology Inc (SMSC)
EMC2301/EMC2302/EMC2303/EMC2305 fan speed PWM controller chips.

Signed-off-by: Oleg S <remittor@gmail.com>
2024-04-10 10:50:17 +02:00
Felix Fietkau
08639a5e47 ucode: update to Git HEAD (2024-04-07)
1220992631d5 ubus: automatically clear error information
d6fd94014eea uci: automatically clear error information
99837f280b61 uloop: automatically clear error information
be767ae197ba vm: rework `in` operator semantics
4ade84e8fb81 ubus: add explicit support for deferring incoming requests

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-09 21:33:02 +02:00
Paul Spooren
d997477775 treewide: remove implicit SUBTARGET
Historically it's possible to leave the `SUBTARGETS` undefined and
automatically fallback to a "generic" subtarget. This however breaks
various downstream scripts which may have expectations around filenames:

While some targets with an explicit generic subtarget contain `generic`
in the filenames of artifacts, implicit "subtargets" don't.

Right now this breaks the CI[1], possibly also scripts using the ImageBuilders.

This commit removes all code that support implicit handling of
subtargets and instead requires every target to define "SUBTARGETS".

[1]: https://github.com/openwrt/openwrt/actions/runs/8592821105/job/23548273630

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-04-08 21:53:05 +02:00