Commit Graph

19144 Commits

Author SHA1 Message Date
Daniel Golle
946f60aaeb dnsmasq: add logfacility file to jail mounts
If logfacility is a path to a file it needs to be r/w mounted in the
sandbox as well for dnsmasq to work.

Reported-by: @iointerrupt
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2b5fa44f60)
2022-05-01 13:23:12 +02:00
Jo-Philipp Wich
5a11704244 ucode: reorder BuildPackage calls
Ensure that the libucode recipe is processed before the ucode one in
order to reliably encode the ABI version into ucode's libucode dependency.

Fixes: #9788
Ref: https://forum.openwrt.org/t/fw4-wont-start-after-upgrade/126308
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 573ce80ca6)
2022-04-28 10:46:49 +02:00
David Bauer
832e3ad71a iwinfo: update to latest HEAD
dc6847e iwinfo: nl80211: omit A-hwmode on non-5GHz hardware

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f757a8a098)
2022-04-27 00:55:07 +02:00
David Bauer
1b7cf4dd1c uboot-envtools: add WS-AP3825i config
Add configuration to use uboot-envtools with the Extreme Networks
WS-AP3825i.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit fb7ff6b027)
2022-04-26 01:04:44 +02:00
Jo-Philipp Wich
0481a5a35a firewall4: update to latest Git HEAD
fc83d46 ruleset: set auto-merge directive for interval sets
9bce873 fw4: fix skipping invalid ipset entries
425ea8a fw4: fix applying zone flags for source bound rules
a378883 fw4: fix emitting family specific redirect rules without any addrs
11feddf fw4: bracketize IPv6 addresses in dnat addr:port notation
9972f7d fw4: ensure to capitalize weekday names
fde8070 treewide: forward compatibility changes

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commits 1a35ac9990 and
 af02a12d7c)
2022-04-25 09:55:23 +02:00
Jo-Philipp Wich
23170c6f4e ucode: update to latest Git HEAD
e14b099 syntax: implement support for ES6 template literals
111cf06 vm: stop executing bytecode on return of nested calls
33f1e0b treewide: move json-c compat shims into internal header file
e0e9431 vm: move unhandled exception reporting out of `uc_vm_execute_chunk()`
2b59140 vm: fix callframe double free on unhanded exceptions
7d7e950 main: abort when failing to load a preload library
1032a67 lib: let `json()` accept input objects implementing `read()` method
5ee68d5 fs: implement `fs.readfile()` and `fs.writefile()`
df6b861 ci: debian: change path before attempting to invoke Git operations
dfaf05a ci: debian: automatically update changelog from Git tag
34f3c45 ci: fix YAML syntax of Debian workflow
e956bcf fs: fix off-by-one in fs.dirname() function
6fc4b6c .gitignore: fix overmatching patterns, blacklist cram .venv
7c2e082 build: remove legacy json-c check
77942af build: add polyfills for older libjson-c versions
0b4aaa3 CI: build Debian package
f404285 debian: Add package definition
a37f654 types: fix escape sequence encoding of high byte values in JSON strings
aae5312 Update README.md
8134e25 build: fix symlink install target
87c7296 treewide: replace some leftover "utpl" occurrences, update .gitignore
7d27ad5 build: only stage ucc symlink if compile support is enabled
171402f lib: add date and time related functions
8b5dc60 lib: provide API function to obtain stdlib function implementations
eb0d2f1 main: turn ucode into multicall executable
28ee7e1 uloop: add support for tasks
753dea9 CI: build on macOS
668c5c0 lib: add argument position support (`%m$`) to `sprintf()` and `printf()`
ab46fdf treewide: remove legacy json-c include directives
b8f49b1 tests: 21_regex_literals: generalize syntax error test case
fd2e5e7 tests: 16_sort: fix logic flaw exposed on OS X
2c71bf2 tests: run_tests.sh: pass dummy value to `-T` flag
55c4a90 lib: disallow zero padding for %s formats
0d05cb5 tests: run_tests.sh: use greadlink if available
271e520 resolv: make OS X compatible
d13c320 fs: avoid Linux specific sys/sysmacros.h include on OS X
33397a3 uloop: use execvp() on OS X
bafdc8f lib: add naive sigtimedwait() stub for OS X
ada1585 build: consolidate CMakeLists.txt and cover OS X deviations
befbb69 include: add OS X compatible endian.h header
49838a8 include: rename include guards to avoid clashes with system headers
91f65de nl80211: add missing attributes and correct some attribute flags
b4a1fd5 lib: adjust require(), render() and include() raw mode semantics
4618807 main: rework CLI frontend
73dcd78 lib: fix potential integer underflow on empty render output
c402551 vm: fix crash on object literals with non-string computed properties
efe8a02 syntax: support add new operators
078d686 ubus: add event support
6c66c83 ubus: refactor error and argument handling
1cb04f9 ubus: add object publishing, notify and subscribe support
0e85974 uloop: clear errno before integer conversion attempts
05bd7ed types: treat resource type prototypes as GC roots
a2a26ca lib: introduce uloop binding
6b6d01f vm: release this context on exception in managed method call
1af23a9 tests: fix proto() testcase
4ce69a8 fs: implement access(), mkstemp(), file.flush() and proc.flush()

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commits cef3e6a69c,
 0400774a10 and
 c59704334c)
2022-04-25 09:52:14 +02:00
David Bauer
dbe8d4fa2e iwinfo: update to latest HEAD
a479b9b devices: remove whitespace
562d015 iwinfo: nl80211: fix hwmode parsing for multi-band NICs

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-04-24 23:13:04 +02:00
Daniel Golle
e4d8c0f9b4 uboot-mediatek: remove '0x' prefix from pstore node
Remove '0x' prefix from pstore node in dts, just like it was done
for the device tree used by Linux on MT7622.
This change is done in preparation to update U-Boot to 2022.04.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 810b48e793)
2022-04-23 18:48:58 +01:00
Hauke Mehrtens
0e607d60ef OpenWrt v22.03.0-rc1: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-04-21 00:28:54 +02:00
Hauke Mehrtens
6945ddde9b OpenWrt v22.03.0-rc1: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-04-21 00:28:50 +02:00
Eneas U de Queiroz
df622768da wolfssl: fix compilation with /dev/crypto
This is trivial fix of a duplicate definition of 'int ret'.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-04-20 12:37:37 +02:00
Jo-Philipp Wich
204259356e netfilter: move nf-log modules into separate packages
Both legacy iptables and nftables require nf-log modules for rule logging,
so move them into a separate package both firewall implementations can
depend on.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit bea01fa57f)
2022-04-19 23:57:14 +02:00
Martin Kennedy
d60b3bf890 realtek: add ZyXEL GS1900-24HP v1 support
The ZyXEL GS1900-24HP v1 is a 24 port PoE switch with two SFP ports,
similar to the other GS1900 switches.

Specifications
--------------
* Device:    ZyXEL GS1900-24HP v1
* SoC:       Realtek RTL8382M 500 MHz MIPS 4KEc
* Flash:     16 MiB
* RAM:       Winbond W9751G8KB-25 64 MiB DDR2 SDRAM
* Ethernet:  24x 10/100/1000 Mbps, 2x SFP 100/1000 Mbps
* LEDs:
  * 1 PWR LED (green, not configurable)
  * 1 SYS LED (green, configurable)
  * 24 ethernet port link/activity LEDs (green, SoC controlled)
  * 24 ethernet port PoE status LEDs
  * 2 SFP status/activity LEDs (green, SoC controlled)
* Buttons:
  * 1 "RESET" button on front panel (soft reset)
  * 1 button ('SW1') behind right hex grate (hardwired power-off)
* PoE:
  * Management MCU: ST Micro ST32F100 Microcontroller
  * 6 BCM59111 PSE chips
  * 170W power budget
* Power:     120-240V AC C13
* UART:      Internal populated 10-pin header ('J5') providing RS232;
             connected to SoC UART through a TI or SIPEX 3232C for voltage
             level shifting.

* 'J5' RS232 Pinout (dot as pin 1):
  2) SoC RXD
  3) GND
  10) SoC TXD

Serial connection parameters: 115200 8N1.

Installation
------------

OEM upgrade method:

* Log in to OEM management web interface

* Navigate to Maintenance > Firmware > Management

* If "Active Image" has the first option selected, OpenWrt will need to be
  flashed to the "Active" partition. If the second option is selected,
  OpenWrt will need to be flashed to the "Backup" partition.

* Navigate to Maintenance > Firmware > Upload

* Upload the openwrt-realtek-rtl838x-zyxel_gs1900-24hp-v1-initramfs-kernel.bin
  file by your preferred method to the previously determined partition.
  When prompted, select to boot from the newly flashed image, and reboot
  the switch.

* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:

  > sysupgrade /tmp/openwrt-realtek-rtl838x-zyxel_gs1900-24hp-v1-squashfs-sysupgrade.bin

U-Boot TFTP method:

* Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10).

* Set up a TFTP server on your client and make it serve the initramfs
  image.

* Connect serial, power up the switch, interrupt U-boot by hitting the
  space bar, and enable the network:

  > rtk network on

* Since the GS1900-24HP v1 is a dual-partition device, you want to keep the
  OEM firmware on the backup partition for the time being. OpenWrt can
  only be installed in the first partition anyway (hardcoded in the
  DTS). To ensure we are set to boot from the first partition, issue the
  following commands:

  > setsys bootpartition 0
  > savesys

* Download the image onto the device and boot from it:

  > tftpboot 0x81f00000 192.168.1.10:openwrt-realtek-rtl838x-zyxel_gs1900-24hp-v1-initramfs-kernel.bin
  > bootm

* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:

  > sysupgrade /tmp/openwrt-realtek-rtl838x-zyxel_gs1900-24hp-v1-squashfs-sysupgrade.bin

Signed-off-by: Martin Kennedy <hurricos@gmail.com>
[Add info on PoE hardware to commit message]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit a5ac8ad0ba)
2022-04-19 21:45:46 +02:00
Andrew Powers-Holmes
ff9264fabc ath79: add support for Sophos AP100/AP55 family
The Sophos AP100, AP100C, AP55, and AP55C are dual-band 802.11ac access
points based on the Qualcomm QCA9558 SoC. They share PCB designs with
several devices that already have partial or full support, most notably the
Devolo DVL1750i/e.

The AP100 and AP100C are hardware-identical to the AP55 and AP55C, however
the 55 models' ART does not contain calibration data for their third chain
despite it being present on the PCB.

Specifications common to all models:
 - Qualcomm QCA9558 SoC @ 720 MHz (MIPS 74Kc Big-endian processor)
 - 128 MB RAM
 - 16 MB SPI flash
 - 1x 10/100/1000 Mbps Ethernet port, 802.3af PoE-in
 - Green and Red status LEDs sharing a single external light-pipe
 - Reset button on PCB[1]
 - Piezo beeper on PCB[2]
 - Serial UART header on PCB
 - Alternate power supply via 5.5x2.1mm DC jack @ 12 VDC

Unique to AP100 and AP100C:
 - 3T3R 2.4GHz 802.11b/g/n via SoC WMAC
 - 3T3R 5.8GHz 802.11a/n/ac via QCA9880 (PCI Express)

AP55 and AP55C:
 - 2T2R 2.4GHz 802.11b/g/n via SoC WMAC
 - 2T2R 5.8GHz 802.11a/n/ac via QCA9880 (PCI Express)

AP100 and AP55:
 - External RJ45 serial console port[3]
 - USB 2.0 Type A port, power controlled via GPIO 11

Flashing instructions:

This firmware can be flashed either via a compatible Sophos SG or XG
firewall appliance, which does not require disassembling the device, or via
the U-Boot console available on the internal UART header.

To flash via XG appliance:
 - Register on Sophos' website for a no-cost Home Use XG firewall license
 - Download and install the XG software on a compatible PC or virtual
   machine, complete initial appliance setup, and enable SSH console access
 - Connect the target AP device to the XG appliance's LAN interface
 - Approve the AP from the XG Web UI and wait until it shows as Active
   (this can take 3-5 minutes)
 - Connect to the XG appliance over SSH and access the Advanced Console
   (Menu option 5, then menu option 3)
 - Run `sudo awetool` and select the menu option to connect to an AP via
   SSH. When prompted to enable SSH on the target AP, select Yes.
 - Wait 2-3 minutes, then select the AP from the awetool menu again. This
   will connect you to a root shell on the target AP.
 - Copy the firmware to /tmp/openwrt.bin on the target AP via SCP/TFTP/etc
 - Run `mtd -r write /tmp/openwrt.bin astaro_image`
 - When complete, the access point will reboot to OpenWRT.

To flash via U-Boot serial console:
 - Configure a TFTP server on your PC, and set IP address 192.168.99.8 with
   netmask 255.255.255.0
 - Copy the firmware .bin to the TFTP server and rename to 'uImage_AP100C'
 - Open the target AP's enclosure and locate the 4-pin 3.3V UART header [4]
 - Connect the AP ethernet to your PC's ethernet port
 - Connect a terminal to the UART at 115200 8/N/1 as usual
 - Power on the AP and press a key to cancel autoboot when prompted
 - Run the following commands at the U-Boot console:
    - `tftpboot`
    - `cp.b $fileaddr 0x9f070000 $filesize`
    - `boot`
 - The access point will boot to OpenWRT.

MAC addresses as verified by OEM firmware:

use   address     source
LAN   label       config 0x201a (label)
2g    label + 1   art 0x1002    (also found at config 0x2004)
5g    label + 9   art 0x5006

Increments confirmed across three AP55C, two AP55, and one AP100C.

These changes have been tested to function on both current master and
21.02.0 without any obvious issues.

[1] Button is present but does not alter state of any GPIO on SoC
[2] Buzzer and driver circuitry is present on PCB but is not connected to
    any GPIO. Shorting an unpopulated resistor next to the driver circuitry
    should connect the buzzer to GPIO 4, but this is unconfirmed.
[3] This external RJ45 serial port is disabled in the OEM firmware, but
    works in OpenWRT without additional configuration, at least on my
    three test units.
[4] On AP100/AP55 models the UART header is accessible after removing
    the device's top cover. On AP100C/AP55C models, the PCB must be removed
    for access; three screws secure it to the case.
    Pin 1 is marked on the silkscreen. Pins from 1-4 are 3.3V, GND, TX, RX

Signed-off-by: Andrew Powers-Holmes <andrew@omnom.net>
(cherry picked from commit 6f1efb2898)
2022-04-19 21:45:46 +02:00
Abdul Aziz Amar
3b3dccae0e ramips: add support for BOLT! Arion
This device is from now-defunct BOLT! ISP in Indonesia.
The original firmware is based on mediatek SDK running linux 2.6 or 3.x in later revision.

Specifications:

- SoC:      MediaTek MT7621
- Flash:    32 MiB NOR SPI
- RAM:      128 MiB DDR3
- Ethernet: 2x 10/100/1000 Mbps (switched, LAN + WAN)
- WIFI0:    MT7603E 2.4GHz 802.11b/g/n
- WIFI1:    MT7612E 5GHz 802.11ac
- Antennas: 2x internal, non-detachable
- LEDs:     Programmable LEDs: 5 blue LEDs (wlan, tel, sig1-3) and 2 red LEDs (wlan and sig1)
            Non-programmable "Power"  LED
- Buttons:  Reset and WPS

Instalation:
Install from TFTP

Set your PC IP to 10.10.10.3 and gateway to 10.10.10.123
Press "1" when turning on the router, and type the initramfs file name

You also need to solder pin header or cable to J4 or neighboring test points (T19-T21)
Pinouts from top to bottom: GND, TX, RX, VCC (3.3v)
Baudrate: 57600n8

There's also an additional gigabit transformer and RTL8211FD managed by the LTE module on the backside of the PCB.

Signed-off-by: Abdul Aziz Amar <abdulaziz.amar@gmail.com>
(cherry picked from commit 78c3534645)
2022-04-19 21:45:46 +02:00
Thibaut VARÈNE
b78db9daa4 mac80211: fix QCA9561 PA bias
This patch fixes an invalid TX PA DC bias level on QCA9561, which
results in a very low output power and very low throughput as devices
are further away from the AP (compared to other 2.4GHz APs),
following a suggestion from nbd[1].

This patch has been submitted upstream[2].

[1] https://lore.kernel.org/all/91c58969-c60e-2f41-00ac-737786d435ae@nbd.name
[2] https://lore.kernel.org/linux-wireless/20220417145145.1847-1-hacks+kernel@slashdirt.org/

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit 7dc52a78ae)
2022-04-18 06:43:06 +02:00
Rosen Penev
541acd3933 readline: add host PIC
Python seems to fail to link to libreadline properly because of this.
Not a fatal error but an error nontheless.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit b363f74886)
2022-04-17 21:47:11 +02:00
Hauke Mehrtens
d86980eab2 linux-firmware: Update to version 20220411
The following files used in OpenWrt changed:
 amd64-microcode/lib/firmware/amd-ucode/microcode_amd_fam17h.bin
 amd64-microcode/lib/firmware/amd-ucode/microcode_amd_fam19h.bin
 amdgpu-firmware/lib/firmware/amdgpu/aldebaran_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/aldebaran_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/aldebaran_rlc.bin
 amdgpu-firmware/lib/firmware/amdgpu/aldebaran_sdma.bin
 amdgpu-firmware/lib/firmware/amdgpu/aldebaran_smc.bin
 amdgpu-firmware/lib/firmware/amdgpu/aldebaran_sos.bin
 amdgpu-firmware/lib/firmware/amdgpu/aldebaran_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/aldebaran_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/arcturus_sdma.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_dmcub.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_rlc.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_sdma.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_smc.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_sos.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/beige_goby_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/cyan_skillfish2_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/cyan_skillfish2_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/cyan_skillfish2_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/cyan_skillfish2_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/cyan_skillfish2_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/dcn_3_1_6_dmcub.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_dmcub.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_rlc.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_sdma.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_smc.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_sos.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_rlc.bin
 amdgpu-firmware/lib/firmware/amdgpu/green_sardine_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/green_sardine_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/green_sardine_dmcub.bin
 amdgpu-firmware/lib/firmware/amdgpu/green_sardine_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/green_sardine_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/green_sardine_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/green_sardine_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/green_sardine_rlc.bin
 amdgpu-firmware/lib/firmware/amdgpu/green_sardine_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/green_sardine_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi10_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi10_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi10_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi10_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi10_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi10_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi10_sos.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi10_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi10_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi12_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi12_sdma.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi12_sdma1.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi12_sos.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi12_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi12_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi14_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi14_smc.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi14_sos.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi14_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/navi14_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_dmcub.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_rlc.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_sdma.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_smc.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_sos.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/picasso_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/picasso_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/picasso_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/picasso_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/picasso_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/picasso_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/picasso_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/picasso_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/psp_13_0_8_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/psp_13_0_8_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/psp_13_0_8_toc.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven2_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven2_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven2_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven2_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven2_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven2_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven2_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven2_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/raven_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/renoir_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/renoir_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/renoir_dmcub.bin
 amdgpu-firmware/lib/firmware/amdgpu/renoir_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/renoir_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/renoir_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/renoir_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/renoir_rlc.bin
 amdgpu-firmware/lib/firmware/amdgpu/renoir_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/renoir_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/sdma_5_2_7.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_dmcub.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_rlc.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_sdma.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_smc.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_sos.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_ta.bin
 amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_vcn.bin
 amdgpu-firmware/lib/firmware/amdgpu/vangogh_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/vangogh_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/vangogh_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/vangogh_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/vangogh_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/vangogh_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega10_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega10_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega10_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega10_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega10_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega10_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega12_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega12_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega12_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega12_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega12_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega12_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega20_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega20_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega20_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega20_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega20_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/vega20_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_asd.bin
 amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_ce.bin
 amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_me.bin
 amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_mec.bin
 amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_mec2.bin
 amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_pfp.bin
 amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_rlc.bin
 amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_ta.bin
 ibt-firmware/lib/firmware/intel/ibt-hw-37.8.10-fw-22.50.19.14.f.bseq
 iwlwifi-firmware-ax210/lib/firmware/iwlwifi-ty-a0-gf-a0.pnvm
 iwlwifi-firmware-iwl9260/lib/firmware/iwlwifi-9260-th-b0-jf-b0-46.ucode
 iwlwifi-firmware-iwl9000/lib/firmware/iwlwifi-9000-pu-b0-jf-b0-46.ucode

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 54d9051c55)
2022-04-17 21:31:02 +02:00
Cezary Jackiewicz
0a5f3b0126 comgt: support ZTE MF286R modem
The modem is based on Marvell PXA1826 and uses ACM+RNDIS interface to
establish connection with custom commands specific to ZTE modems.
Two variants of modems were discovered, some identifying themselves
as "ZTE", and others as plain "Marvell", the chipset manufacturer.
The modem itself runs a fork of OpenWrt inside, which root shell can be
accessed via ADB interface.

Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit e02fb42c53)
2022-04-17 21:31:02 +02:00
Lech Perczak
83003b6c06 comgt: ncm: try to detect interface for ttyACM ports
Some modems expose ttyACM as their control ports, which have the
"device" symlink pointing one level down in sysfs tree. Try to find
network interfaces for them as well, this is commonly used for modems
exposing ACM + RNDIS or ACM + ECM interface combinations.

Co-developed-by: Cezary Jackiewicz <cezary@eko.one.pl>
Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit ed7957810c)
2022-04-17 21:31:02 +02:00
Lech Perczak
839cb17e3a comgt: ncm: select first available network interface for device
Some modems expose multiple network interfaces on the same USB device,
causing the connection setup script to fail, because glob matching in
the detection phase causes 'ls' to output more than one interface name
plus their base directories in sysfs. Avoid that by listing the
directories explicitly and then selecting first available interface.
This is the case for some variants of ZTE MF286R built-in modem, which
exposes both RNDIS and CDC-ECM network interfaces, causing the
connection setup to fail.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit b2940bb8b2)
2022-04-17 21:31:02 +02:00
Lech Perczak
c138cb80e9 comgt: ncm: allow specification of interface name
Add ifname property to UCI, which can be used to override the
autodetected interface name in case the detection fails due to having
none or more than one interface exposed by the modem, which is not
explicitly linked to TTY port. This is needed on certain variants of ZTE
MF286R built-in modem, which exposes both RNDIS and CDC-ECM interfaces
on the modem, on which the automatic detection may select the wrong
network interface.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit a67629bbe2)
2022-04-17 21:31:02 +02:00
David Bauer
75b83e94a3 hostapd: add ubus link-measurements notifications
Notify external ubus subscribers of received link-measurement reports.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f6445cfa1a)
2022-04-17 01:16:58 +02:00
David Bauer
fd20720c71 hostapd: add ubus method for requesting link measurements
Add a ubus method to request link-measurements from connected STAs.

In addition to the STAs address, the used and maximum transmit power can
be provided by the external process for the link-measurement. If they
are not provided, 0 is used as the default value.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 965aa33a18)
2022-04-17 01:16:44 +02:00
David Bauer
04bc07ab84 hostapd: add support for enabling link measurements
Allow external processes to enable advertisement of link-measurement RRM
capability.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 2ca5c3da04)
2022-04-17 01:16:37 +02:00
Daniel Golle
7ea412ef5a
netifd: relax check in dhcp proto handler
Checking whether /sbin/udhcpc is a symbolic link breaks using the
DHCP proto handler inside procd-ujail where bind-mounts are used for
the resolved link. Check whether /sbin/udhcpc is executable instead
to allow using the proto handler for DHCP-provisioned containers.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit c5f113c43f)
2022-04-15 14:12:09 +01:00
Daniel Golle
7cd482662f
procd: update to git HEAD
6343c3a procd: completely remove tmp-on-zram support
 5c5e63f uxc: fix potential NULL-pointer dereference
 eb03f03 jail: include necessary files for per-netns netifd instance

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2c8873033e)
2022-04-15 14:12:04 +01:00
Daniel Golle
6fe3852d47
base-files: more robust sysupgrade on NAND
Make sure sysupgrade on NAND also works in case of UBI volumes having
index >9. While at it, also make sure UBI device is detected and abort
in case it isn't. Use Shell built-in shorthand ':' instead of 'true'.

Fixes #9708
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 0dbca1b2ba)
2022-04-15 14:11:59 +01:00
Thibaut VARÈNE
321ec22f52 ath79: add support for Yuncore A930
Specification:

- QCA9533 (650 MHz), 64 or 128MB RAM, 16MB SPI NOR
- 2x 10/100 Mbps Ethernet, with 802.3at PoE support (WAN)
- 2T2R 802.11b/g/n 2.4GHz

Flash instructions:

If your device comes with generic QSDK based firmware, you can login
over telnet (login: root, empty password, default IP: 192.168.188.253),
issue first (important!) 'fw_setenv' command and then perform regular
upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download
image to the device, SSH server is not available):

  fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000"
  sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin

In case your device runs firmware with YunCore custom GUI, you can use
U-Boot recovery mode:

1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with
   'tftp' image renamed to 'upgrade.bin'
2. Power the device with reset button pressed and release it after 5-7
   seconds, recovery mode should start downloading image from server
   (unfortunately, there is no visible indication that recovery got
   enabled - in case of problems check TFTP server logs)

Signed-off-by: Clemens Hopfer <openwrt@wireloss.net>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit a05dcb0724)
2022-04-15 08:14:50 +02:00
Thibaut VARÈNE
708b883168 ath79: add support for Yuncore XD3200
Specification:

- QCA9563 (775MHz), 128MB RAM, 16MB SPI NOR
- 2T2R 802.11b/g/n 2.4GHz
- 2T2R 802.11n/ac 5GHz
- 2x 10/100/1000 Mbps Ethernet, with 802.3at PoE support (WAN port)

LED for 5 GHz WLAN is currently not supported as it is connected directly
to the QCA9882 radio chip.

Flash instructions:

If your device comes with generic QSDK based firmware, you can login
over telnet (login: root, empty password, default IP: 192.168.188.253),
issue first (important!) 'fw_setenv' command and then perform regular
upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download
image to the device, SSH server is not available):

  fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000"
  sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin

In case your device runs firmware with YunCore custom GUI, you can use
U-Boot recovery mode:

1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with
   'tftp' image renamed to 'upgrade.bin'
2. Power the device with reset button pressed and release it after 5-7
   seconds, recovery mode should start downloading image from server
   (unfortunately, there is no visible indication that recovery got
   enabled - in case of problems check TFTP server logs)

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit c91df224f5)
2022-04-15 08:14:50 +02:00
Felix Fietkau
968c1dedc2 mac80211: backport minstrel_ht fix for legacy rates
Fixes OFDM rates on 5 GHz

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 5d5afd5177)
2022-04-12 09:34:07 +02:00
Rosen Penev
724a9bb3ea musl-fts: add host build
This will be used for libselinux.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 1fb099341e)
2022-04-11 23:17:55 +02:00
Eneas U de Queiroz
fb597a9d4c nftables: add CONFLICT between versions
Have nftables-json conflict with nftables-nojson.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 1135b75d1f)
2022-04-11 22:45:16 +02:00
Hauke Mehrtens
706c7706a3 mac80211: Update to version 5.15.33-1
This updates mac80211 to version 5.15.33-1 which is based on kernel
5.15.33.
The removed patches were applied upstream.

This new release contains many fixes which were merged into the upstream
Linux kernel.
This also contains the following new drivers which are needed for ath11k:
* net/qrtr/
* drivers/bus/mhi/

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3aa96efa24)
2022-04-11 22:44:17 +02:00
Eneas U de Queiroz
2393b09b59 wolfssl: bump to 5.2.0
Fixes two high-severity vulnerabilities:

- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
  can be bypassed.  If a malicious client does not send the
  certificate_verify message a client can connect without presenting a
  certificate even if the server requires one.

- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
  v1.3 server can have its certificate heck bypassed. If the sig_algo in
  the certificate_verify message is different than the certificate
  message checking may be bypassed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit e89f3e85eb)
2022-04-11 22:44:17 +02:00
Daniel Golle
1a2689a460 arm-trusted-firmware-mediatek: remove no longer needed Configure step
As anyway only the default is called now we can as well also just remove
the override for Build/Configure.

Fixes: e2cffbb805 ("arm-trusted-firmware-mediatek: update to 2021-03-10")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit dffad93d3e)
2022-04-10 16:32:20 +01:00
Konstantin Demin
d118e57b35 dropbear: bump to 2022.82
- update dropbear to latest stable 2022.82;
  for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- use $(AUTORELEASE) in PKG_RELEASE
- use https for all uris
- refresh all patches
- rewrite patches:
  - 100-pubkey_path.patch
  - 130-ssh_ignore_x_args.patch

binary/pkg size changes:
- ath79/generic, mips:
  - binary: 215112 -> 219228 (+4116)
  - pkg: 111914 -> 113404 (+1490)
- ath79/tiny, mips:
  - binary: 172501 -> 172485 (-16)
  - pkg: 89871 -> 90904 (+1033)

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit 65256aee23)
2022-04-10 16:26:01 +01:00
Nick Hainke
53c2874e07 libmnl: update to 1.0.5
Changes:

Duncan Roe (5):
      nlmsg: Fix a missing doxygen section trailer
      build: doc: "make" builds & installs a full set of man pages
      build: doc: get rid of the need for manual updating of Makefile
      build: If doxygen is not available, be sure to report "doxygen: no" to ./configure
      src: doc: Fix messed-up Netlink message batch diagram

Fernando Fernandez Mancera (1):
      src: fix doxygen function documentation

Florian Westphal (1):
      libmnl: zero attribute padding

Guillaume Nault (1):
      callback: mark cb_ctl_array 'const' in mnl_cb_run2()

Kylie McClain (1):
      examples: nfct-daemon: Fix test building on musl libc

Laura Garcia Liebana (4):
      examples: add arp cache dump example
      examples: fix neigh max attributes
      examples: fix print line format
      examples: reduce LOCs during neigh attributes validation

Pablo Neira Ayuso (3):
      doxygen: remove EXPORT_SYMBOL from the output
      include: add MNL_SOCKET_DUMP_SIZE definition
      build: libmnl 1.0.5 release

Petr Vorel (1):
      examples: Add rtnl-addr-add.c

Stephen Hemminger (1):
      examples: rtnl-addr-dump: fix typo

igo95862 (1):
      doxygen: Fixed link to the git source tree on the website.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit c3b7389339)
2022-04-10 16:26:01 +01:00
Nick Hainke
8215bba00e libnfnetlink: update to 1.0.2
Changes:

c63f193 bump version to 1.0.2
3cffa84 libnfnetlink: Check getsockname() return code
90ba679 include: Silence gcc warning in linux_list.h
bb4f6c8 Make it clear that this library is deprecated
e46569c Minimally resurrect doxygen documentation
5087de4 libnfnetlink: hide private symbols
62ca426 autogen: don't convert __u16 to u_int16_t
efa1d8e src: Use stdint types everywhere
7a1a07c include: Sync with kernel headers
7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings
94b68f3 configure: uclinux is also linux
617fe82 src: get source code license header in sync with current licensing terms
97a3960 build: resolve automake-1.12 warnings

Removed the patch 100-missing_include.patch, libnfnetlink compiles fine
with musl without this patch.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit aecf088b37)
2022-04-10 16:26:01 +01:00
Andrey Erokhin
8f4124c252 gpio-button-hotplug: fix data race
bh_event_add_var can be called by multiple threads concurrently,
so it shall not use a static char buffer

Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com>
(cherry picked from commit 1e991e09b7)
2022-04-10 16:26:01 +01:00
Daniel Golle
dbec41685b libselinux: add missing host-build dependency on libsepol/host
The host-build of libselinux requires libsepol/host.
Add the libsepol/host to HOST_BUILD_DEPENDS to allow build on hosts
which don't have libsepol installed.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 0d3850dc5a)
2022-04-10 16:26:01 +01:00
Valentyn Datsko
660923cd74 dnsmasq: add procd interface index tracking
Problem exist when dnsmasq is exclusively bind to particular interface.
After reconfiguring or restarting this interface, its index changes, but
dnsmasq uses the old one. When this problem occurs, dnsmasq does not
listen on the correct interface so DHCP does not work, and clients do not
get an IP address. Procd netdev param can be added to restart dnsmasq when
the interface index is changed.

Signed-off-by: Valentyn Datsko <valikk.d@gmail.com>
[combined into a single &&-connected statement]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 76f55e3c3f)
2022-04-10 16:26:01 +01:00
Rosen Penev
ce7ee54c55 libselinux: use musl-fts for host builds
Fixes compilation under musl based distros like Alpine Linux.

Also add pcre/host as a build dependency as it's needed.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit abb2683de3)
2022-04-10 16:26:01 +01:00
Paul Spooren
f56ddb0f58 toolchain: reproducible libstdcpp
A Python script containing an unreproducible path is copied by default.
Remove it before generating the package.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 950bd40a27)
2022-04-06 13:59:44 +01:00
Paul Spooren
fd81c052f7 grub2: add missing license
The PKG_LICENSE field was missing.
While at it, normalize the Makefile a bit.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 839b1ff1fc)
2022-04-05 23:33:35 +02:00
Daniel Golle
2dafc04b4d kernel: load device-mapper early on boot
Previously commit openwrt/packages@3abb7cb ("lvm2: Added script and updated Makefile[...]")
couldn't actually work and allow rootfs_data to be stored on a LVM2 as
the necessary kernel modules had not been loaded at this point.
Fix this by loading device-mapper modules early at boot.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 82f9ad6ab2)
2022-04-05 23:33:35 +02:00
Piotr Dymacz
66c075c5d2 kernel: modules: drop 'AddDepends/bluetooth' calls
Function 'AddDepends/bluetooth' doesn't exist in our codebase.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit 173198e35a)
2022-04-05 23:33:35 +02:00
Hauke Mehrtens
d18e365b17 busybox: Fix snprintf arguments in lock
The first argument for snprintf is the buffer and the 2. one is the
size. Fix the order. This broke the lock application.

Fixes: 9d2b26d5a7 ("busybox: fix busybox lock applet pidstr buffer overflow")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d80336e1a9)
2022-04-05 23:33:16 +02:00
Qichao Zhang
9d2b26d5a7 busybox: fix busybox lock applet pidstr buffer overflow
Kernel setting `/proc/sys/kernel/pid_max` can be set up to 4194304 (7
digits) which will cause buffer overflow in busbox lock patch, this
often happens when running in a rootfs container environment.
This commit enlarges `pidstr` to 12 bytes to ensure a sufficient buffer
for pid number and an additional char '\n'.

Signed-off-by: Qichao Zhang <njuzhangqichao@gmail.com>
(cherry picked from commit 34567750db)
2022-04-05 00:20:24 +02:00
Rosen Penev
56463b0221 pcre: disable shared libraries for host builds
Getting rid of shared libraries for hostpkg avoids having to use rpath
hacks to find the library. It also fixes compilation with host glib2
binaries.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f8571749a7)
2022-04-05 00:20:24 +02:00
Rosen Penev
308adb76d2 musl-fts: remove shared libraries from host
Avoids having to add rpath to the various packages using it. Also add
PIC to fix compilation as static libraries do not use PIC by default.

Fixes: 1fb099341e ("musl-fts: add host build")
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 8a75ed4ba0)
2022-04-05 00:20:24 +02:00
Stijn Tintel
3a3fdd6239 gettext-full: add gmsgfmt symlink in host install
Some configure scripts look for msgfmt and gmsgfmt. As we don't install
the latter, configure might pick up one from staging_dir/hostpkg, and
the other from the host:

checking for msgfmt... /home/stijn/Development/OpenWrt/openwrt/staging_dir/hostpkg/bin/msgfmt
checking for gmsgfmt... /usr/bin/gmsgfmt

This could potentially lead to hard to debug undefined behaviour.
Install a symlink in the host install phase to avoid this.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 636cb00ecc)
2022-04-05 00:20:24 +02:00
Robert Marko
9ae93c14fb uboot-mvebu: backport patch to fix eMMC
v2022.01 has a regression that broke eMMC usage on most if not all Armada
SoC-s, thus breaking boards like uDPU which use eMMC for storage.

Fix it by backporting a recent upstream patch.

Fixes: 782d4c8306 ("uboot-mvebu: update to version 2022.01")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit a703830806)
2022-04-05 00:20:24 +02:00
Daniel Golle
d7354297bb uqmi: fix acquiring PIN status
Evaluating the return value of 'json_load' didn't work in the
intended way resulting in PIN status no longer being read on modems
where --get-pin-status doesn't fail.
Fix this by trying --get-pin-status first and checking if pin1_status
field exists in JSON, and if it doesn't try again with
--uim-get-sim-state.

Fixes: #9501
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ee7cb5e885)
2022-03-27 16:14:00 +01:00
Felix Fietkau
52e0ce2327 mac80211: backport patch that allows receiving packets with non-standard VHT MCS10-11 rates
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 56ae4eb908)
2022-03-27 16:14:00 +01:00
Daniel Golle
64fd2713a3 uboot-mediatek: add patch to allow accessing bootconf from Linux
Store selected boot configuration in '/chosen' node in device tree, so
it can be accessed by Linux (and used for fine-tuning the FIT partition
parser).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit dfc3ea6810)
2022-03-27 16:14:00 +01:00
Daniel Golle
ef822ac8d8 uboot-envtools: oxnas: fix wrong eraseblock size for shuttle,kd20
Shuttle KD20 has NAND flash with 0x20000 (128KiB) erase blocks.
Correctly set that in uboot-envtools as well to allow writing to the
bootloader environment using fw_setenv.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit fa67639513)
2022-03-27 16:14:00 +01:00
Petr Štetiar
b8f076c9a4 openwrt-keyring: fix broken install step
In commit 2d03f27f0f ("openwrt-keyring: make opkg use 22.03 usign
key") I've accidentally removed the `endef` keyword, so fix it by adding
it back.

Fixes: 2d03f27f0f ("openwrt-keyring: make opkg use 22.03 usign key")
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-03-27 11:48:31 +02:00
Petr Štetiar
2d03f27f0f openwrt-keyring: make opkg use 22.03 usign key
In order to make opkg usable with artifacts produced by project's
buildbot:

 Downloading https://downloads.openwrt.org/releases/22.03-SNAPSHOT/packages/x86_64/luci/Packages.sig
 Signature check failed.
 Remove wrong Signature file.

References: https://gitlab.com/openwrt/docker/-/jobs/2255191689
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-03-27 11:06:40 +02:00
张 鹏
e93af247a3 ipq40xx: update E2600AC c1/c2 board
Modified the radio frequency hardware part of e2600ac c1/c2,
need to cooperate with the modified board.bin file, the device
can work normally.

Signed-off-by: 张 鹏 <sd20@qxwlan.com>
(cherry picked from commit bdc786e82c)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-03-26 21:28:41 +01:00
Josef Schlehofer
2ce4ae55db cypress-firmware: drop several packages
1. Drop package: cypress-firmware-4359-pcie
This binary is no longer provided and there are not many details what
happened.

2. Drop package: cypress-firmware-4359-sdio
This binary is no longer provided, but in this case, to compare it with
PCIe package mention as first, there was added
support in Linux-firmware [1], but no sign of firmware file.

4. Drop package: cypress-firmware-89459-pcie [2]
According to Infineon: "CYW89459 is an automotive Wi-Fi chip which is not
supported in the broad market community."

[1] https://patchwork.kernel.org/project/linux-wireless/patch/20191211235253.2539-6-smoch@web.de/

[2] https://community.infineon.com/t5/Wi-Fi-Bluetooth-for-Linux/the-wifi-driver-for-CYW89459-in-linux4-14-98-2-3-00/m-p/138971

Fixes: 7ca7e0b22d ("cypress-firmware: update it to version 5.4.18-2021_0812")

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 51dee3f4f7)
2022-03-26 21:28:41 +01:00
Petr Štetiar
161ff660fc openwrt-keyring: add OpenWrt 22.03 GPG/usign keys
62471e693b4f usign: add 22.03 release build public key
 70817cffc905 gpg: add OpenWrt 22.03 signing key

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 759886345d)
2022-03-25 14:28:50 +01:00
Petr Štetiar
3965dda0fa zlib: backport security fix for a reproducible crash in compressor
Tavis has just reported, that he was recently trying to track down a
reproducible crash in a compressor. Believe it or not, it really was a
bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.

Tavis has reported it upstream, but it turns out the issue has been
public since 2018, but the patch never made it into a release. As far as
he knows, nobody ever assigned it a CVE.

Suggested-by: Tavis Ormandy <taviso@gmail.com>
References: https://www.openwall.com/lists/oss-security/2022/03/24/1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b3aa2909a7)
2022-03-24 08:18:21 +01:00
Felix Fietkau
68b008756f qosify: update to the latest version
391a9fbd5ace dns: fix parsing vlan encapsulated protocol
6aeeddbc91ad interface: extend dns filters to cover vlan tagged traffic as well
1ab53d4ca601 bpf: return TC_ACT_UNSPEC to allow other filters to proceed
ca21e729af23 interface: switch to using clsact for filters
5d158f6b3c15 interface: run ingress bpf filter on main device ingress instead of ifb egress
bdfcb11847ce interface: fix duplicated dns filter line
b97405aa632a Revert "ubus: remove dnsmasq subscriber"
8fbaf39dbc95 interface: rework adding/removing filters, do not delete clsact
d7ba5804eae4 interface: replace open-coded ifb-dns string with QOSIFY_DNS_IFNAME
91cf440db9e2 loader: fix use of deprecated functions
57c7817f91c2 qosify: fix dscp values of ubus-added dns host entries

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit af434e0da2)
2022-03-22 10:29:18 +01:00
Rui Salvaterra
714ed05a41 kmod-lzo: include the lzo-rle kmod in the package
Albeit a separate crypto module, lzo-rle uses the same kernel library as lzo.
Crypto API users (zram, for example) expect both lzo and lzo-rle to be
available, so let's include lzo-rle (about 5.5 kiB) in the lib-lzo package.

Based on e9hack's original patch: https://patchwork.ozlabs.org/project/openwrt/patch/541cbfbd-76f2-59b3-a867-47b6f0fc7da9@gmail.com/

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit aaa0c09785)
2022-03-22 09:25:40 +00:00
Richard Huynh
9470160c35 mediatek: Add support for Xiaomi Redmi Router AX6S
Also known as the "Xiaomi Router AX3200" in western markets,
but only the AX6S is widely installation-capable at this time.

SoC: MediaTek MT7622B
RAM: DDR3 256 MiB (ESMT M15T2G16128A)
Flash: SPI-NAND 128 MiB (ESMT F50L1G41LB or Gigadevice GD5F1GQ5xExxG)
WLAN: 2.4/5 GHz 4T4R
2.4 GHz: MediaTek MT7622B
5 GHz: MediaTek MT7915E
Ethernet: 4x 10/100/1000 Mbps
Switch: MediaTek MT7531B
LEDs/Keys: 2/2 (Internet + System LED, Mesh button + Reset pin)
UART: Marked J1 on board VCC RX GND TX, beginning from "1". 3.3v, 115200n8
Power: 12 VDC, 1.5 A

Notes:
U-Boot passes through the ethaddr from uboot-env partition,
but also has been known to reset it to a generic mac address
hardcoded in the bootloader.

However, bdata is also populated with the ethernet mac addresses,
but is also typically never written to. Thus this is used instead.

Installation:
1. Flash stock Xiaomi "closed beta" image labelled
'miwifi_rb03_firmware_stable_1.2.7_closedbeta.bin'.
(MD5: 5eedf1632ac97bb5a6bb072c08603ed7)

2. Calculate telnet password from serial number and login

3. Execute commands to prepare device
nvram set ssh_en=1
nvram set uart_en=1
nvram set boot_wait=on
nvram set flag_boot_success=1
nvram set flag_try_sys1_failed=0
nvram set flag_try_sys2_failed=0
nvram commit

4. Download and flash image
On computer:
python -m http.server
On router:
cd /tmp
wget http://<IP>:8000/factory.bin
mtd -r write factory.bin firmware

Device should reboot at this point.

Reverting to stock:
Stock Xiaomi recovery tftp that accepts their signed images,
with default ips of 192.168.31.1 + 192.168.31.100.
Stock image should be renamed to tftp server ip in hex (Eg. C0A81F64.img)
Triggered by holding reset pin on powerup.

A simple implementation of this would be via dnsmasq's
dhcp-boot option or using the vendor's (Windows only)
recovery tool available on their website.

Signed-off-by: Richard Huynh <voxlympha@gmail.com>
(cherry picked from commit 9f9477b275)
2022-03-21 13:11:56 +00:00
Paul Spooren
43e6d979b8 OpenWrt v22.03: set branch defaults
Signed-off-by: Paul Spooren <mail@aparcar.org>
2022-03-20 13:05:00 +00:00
Huangbin Zhan
3bf10bac11 ncurses: update to 6.3
release notes: https://invisible-island.net/ncurses/announce-6.3.html

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
2022-03-19 17:42:29 +01:00
Mikhail Zhilkin
f8b02130d2 ramips: add support for Beeline SmartBox Flash
Beeline SmartBox Flash is a wireless AC1300 (WiFi 5) router manufactured
by Arcadyan company.

Device specification
--------------------
SoC Type: MediaTek MT7621AT
RAM: 256 MiB, Winbond W632GU6NB
Flash: 128 MiB (NAND), Winbond W29N01HVSINF
Wireless 2.4 GHz (MT7615DN): b/g/n, 2x2
Wireless 5 GHz (MT7615DN): a/n/ac, 2x2
Ethernet: 3xGbE (WAN, LAN1, LAN2)
USB ports: 1xUSB3.0
Button: 1 (Reset/WPS)
LEDs: 1 RGB LED
Power: 12 VDC, 1.5 A
Connector type: Barrel
Bootloader: U-Boot (Ralink UBoot Version: 5.0.0.2)
OEM: Arcadyan WE42022

Installation
------------
1. Place *factory.trx on any web server (192.168.1.2 in this example)
2. Connect to the router using telnet shell (no password required)
3. Save MAC adresses to U-Boot environment:
   uboot_env --set --name eth2macaddr --value $(ifconfig | grep eth2 | \
    awk '{print $5}')
   uboot_env --set --name eth3macaddr --value $(ifconfig | grep eth3 | \
    awk '{print $5}')
   uboot_env --set --name ra0macaddr --value $(ifconfig | grep ra0 | \
    awk '{print $5}')
   uboot_env --set --name rax0macaddr --value $(ifconfig | grep rax0 | \
    awk '{print $5}')
4. Ensure that MACs were saved correctly:
   uboot_env --get --name eth2macaddr
   uboot_env --get --name eth3macaddr
   uboot_env --get --name ra0macaddr
   uboot_env --get --name rax0macaddr
5. Download and write the OpenWrt images:
   cd /tmp
   wget http://192.168.1.2/factory.trx
   mtd_write erase /dev/mtd4
   mtd_write write factory.trx /dev/mtd4
6. Set 1st boot partition and reboot:
   uboot_env --set --name bootpartition --value 0
   reboot

Back to Stock
-------------
1. Run in the OpenWrt shell:
   fw_setenv bootpartition 1
   reboot
2. Optional step. Upgrade the stock firmware with any version to
   overwrite the OpenWrt in Slot 1.

MAC addresses
-------------
+-----------+-------------------+----------------+
| Interface | MAC               | Source         |
+-----------+-------------------+----------------+
| label     | 30:xx:xx:51:xx:09 | No MACs was    |
| LAN       | 30:xx:xx:51:xx:09 | found on Flash |
| WAN       | 30:xx:xx:51:xx:06 | [1]            |
| WLAN_2g   | 30:xx:xx:51:xx:07 |                |
| WLAN_5g   | 32:xx:xx:41:xx:07 |                |
+-----------+-------------------+----------------+
[1]:
a. Label wasb't found neither in factory nor in other places.
b. MAC addresses are stored in encrypted partition "glbcfg". Encryption
   key hasn't known yet. To ensure the correct MACs in OpenWrt, a hack
   with saving of the MACs to u-boot-env during the installation was
   applied.
c. Default Ralink ethernet MAC address (00:0C:43:28:80:36) was found in
   "Factory" 0xfff0. It's the same for all Smartbox Flash devices. OEM
   firmware also uses this MAC when initialazes ethernet driver. In
   OpenWrt we use it only as internal GMAC (eth0), all other MACs are
   unique. Therefore, there is no any barriers to the operation of several
   Smartbox Flash devices even within the same broadcast domain.

Stock firmware image format
---------------------------
+--------------+---------------+----------------------------------------+
| Offset       | 1.0.15        | Description                            |
+==============+===============+========================================+
| 0x0          | 5d 43 6f 74   | TRX magic "]Cot"                       |
+--------------+---------------+----------------------------------------+
| 0x4          | 00 70 ff 00   | Length (reverse)                       |
+--------------+---------------+----------------------------------------+
|              |               | htonl(~crc) from 0xc ("flag_version")  |
| 0x8          | 72 b3 93 16   | to "Length"                            |
+--------------+---------------+----------------------------------------+
| 0xc          | 00 00 01 00   | Flags                                  |
+--------------+---------------+----------------------------------------+
|              |               | Offset (reverse) of Kernel partition   |
| 0x10         | 1c 00 00 00   | from the start of the header           |
+--------------+---------------+----------------------------------------+
|              |               | Offset (reverse) of RootFS partition   |
| 0x14         | 00 00 42 00   | from the start of the header           |
+--------------+---------------+----------------------------------------+
| 0x18         | 00 00 00 00   | Zeroes                                 |
+--------------+---------------+----------------------------------------+
| 0x1c         | 27 05 19 56 … | Kernel data + zero padding             |
+--------------+---------------+----------------------------------------+
|              |               | RootFS data (starting with "hsqs") +   |
| 0x420000     | 68 73 71 73 … | zero padding to "Length"               |
+--------------+---------------+----------------------------------------+
|              |               | Some signature data (format is         |
|              |               | unknown). Necessary for the fw         |
| "Lenght"     | 00 00 00 00 … | update via oem fw web interface.       |
+--------------+---------------+----------------------------------------+
| "Lenght" +   |               | TRX magic "HDR0". U-Boot is            |
| 0x10c        | 48 44 52 30   | checking it at every boot.             |
+--------------+---------------+----------------------------------------+
|              |               | 1.00:                                  |
|              |               |   Zero padding to ("Lenght" + 0x23000) |
|              |               | 1.0.12:                                |
|              |               |   Zero padding to ("Lenght" + 0x2a000) |
| "Lenght" +   |               | 1.0.13, 1.0.15, 1.0.16:                |
| 0x110        | 00 00 00 00   |   Zero padding to ("Lenght" + 0x10000) |
+--------------+---------------+----------------------------------------+

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
2022-03-19 16:14:01 +01:00
Florian Eckert
09c41ea679 base-files: add wrapper for procd service list command
A service managed by procd does have a json object with usefull information.
This information could by dumped with the following command.

ubus call service list "{ 'verbose':true, 'name': '<service-name>)'". }"

This line is long and complicated to enter. This commit adds a wrapper
call to the procd service section tool to simplify the input and get the
output faster.

We could now enter the command /etc/initd/<service> info to get the info
faster.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2022-03-19 16:13:58 +01:00
Florian Eckert
b9017384ca procd: move service command to procd
The service command belongs to the procd and does not belong in the
shinit. In the course of the move, the script was also checked with
shellcheck and cleaned up.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2022-03-19 16:13:58 +01:00
Etienne Champetier
30c15d06e8 iptables: bump PKG_RELEASE
Following {arp,eb}tables-nft addition, bump PKG_RELEASE

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Etienne Champetier
66bb6dde36 iptables: add {arp,eb}tables-nft
Add a patch to add some missing init_extensions{a,b}() calls
Package lib{arp,eb}t_*.so

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Etienne Champetier
c913be1da1 iptables: add xtables-nft package
This allows to install ip6tables-nft without iptables-nft
This prepare the addition of {arp,eb}tables-nft

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Etienne Champetier
afb6824a2c iptables: add xtables-legacy package
This allows to install ip6tables-legacy without iptables-legacy

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Etienne Champetier
905b49920f ebtables: rename to ebtables-legacy
This prepare the introduction of ebtables-nft.
Add PROVIDES so dependencies are not broken,
use ALTERNATIVES.

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Etienne Champetier
2f5088ef5f arptables: rename package to arptables-legacy
This prepare the introduction of arptables-nft.
Add PROVIDES so dependencies are not broken,
use ALTERNATIVES.

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Josef Schlehofer
7ca7e0b22d cypress-firmware: update it to version 5.4.18-2021_0812
- Binary files were renamed to cyfmac from brcmfmac, but the files needs
  to be on the router with the previous naming

[    6.656165] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6
[    6.665182] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.bin failed with error -2
[    6.674928] brcmfmac mmc1:0001:1: Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.bin

- Cypress were acquired by Infineon Technologies
Thus change the project URL and switch to download files from their
GitHub repository. This is much better than the previous solution, which
requires finding new threads on their community forum about new driver
updates, and it will be necessary to change the URL each time.

Unfortunately, it seems that there is not published changelog, but
according to this forum thread [1], be careful by opening the link from
solution since it contains ending bracket ), it brings fixes for various
security vulnerabilities, which were fixed in 7_45_234.

Fixes:
- FragAttacks
- Kr00k

Also add LICENSE file

Run tested on Seeedstudio router powered by Raspberry Pi 4 CM with
package cypress-firmware-43455-sdio.

Before:
root@OpenWrt:~# dmesg | grep 'Firmware: BCM4345/6'
[    6.895050] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM4345/6 wl0: Mar 23 2020 02:20:01 version 7.45.206 (r725000 CY) FWID 01-febaba43

After:
root@OpenWrt:~# dmesg | grep 'Firmware: BCM4345/6'
[    6.829805] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM4345/6 wl0: Apr 15 2021 03:03:20 version 7.45.234 (4ca95bb CY) FWID 01-996384e2

[1] https://community.infineon.com/t5/Wi-Fi-Bluetooth-for-Linux/Outdated-brcmfmac-firmware-for-Raspberry-Pi-4-in-OpenWrt-21-02-1/m-p/331593#M2269

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-03-19 16:13:58 +01:00
Josef Schlehofer
013b043564 iwinfo: update to latest Git head
Changelog:
90bfbb9 devices: Add Cypress CYW43455
234075b devices: fix AMD RZ608 format
0e2a318 devices: add AMD RZ608 device-id

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-03-19 16:13:58 +01:00
Felix Fietkau
54aab4e719 bpftools: fix library path on 64 bit systems
drop the use of LIB_SUFFIX

Fixes: 00cbf6f6ab ("bpftools: update to standalone bpftools + libbpf, use the latest version")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-19 13:29:15 +01:00
Felix Fietkau
00cbf6f6ab bpftools: update to standalone bpftools + libbpf, use the latest version
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-19 07:30:06 +01:00
Felix Fietkau
9c8cd1462d mac80211: backport MBSSID support
Required for an upcoming mt76 update

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-18 14:38:27 +01:00
Rosen Penev
80b88b083a argp-standalone: fix compilation with Alpine Linux
This package is a C89 one. Add the proper CFLAG to fix compilation.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-16 17:58:24 +01:00
Brian Norris
e8a0c55909 base-files: Align rootfs_data upgrades to 64KiB on eMMC
Rootfs overlays get created at a ROOTDEV_OVERLAY_ALIGN (64KiB)
alignment after the rootfs, but emmc_do_upgrade() is assuming
it comes at the very next 512-byte sector.

Suggested-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
(move spaces around, mention fstools' libtoolfs)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-03-16 17:50:06 +01:00
Martin Schiller
e17c6ee627 openssl: bump to 1.1.1n
This is a bugfix release. Changelog:

  *) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
     forever for non-prime moduli. (CVE-2022-0778)

  *) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK
     (RFC 5489) to the list of ciphersuites providing Perfect Forward
     Secrecy as required by SECLEVEL >= 3.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2022-03-16 16:28:16 +01:00
Rafał Miłecki
f4c2dab544 uboot-bcm4908: add BCM4912 build
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-03-15 18:43:41 +01:00
Rafał Miłecki
3592aa8566 uboot-bcm4908: update to the latest generic
0625aad74d arm: dts: add ASUS GT-AX6000
6fb1cb624d arm: dts: add Netgear RAXE450 / RAXE550

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-03-15 14:31:02 +01:00
Rafał Miłecki
9dbca6bf6e uboot-bcm4908: use "xxd" from staging_dir
This fixes:
bash: xxd: command not found
on hosts without xxd installed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-03-15 12:43:04 +01:00
Felix Fietkau
da2b97210c mt76: update to the latest version
378b638c70c0 mt76: mt7915: fix unused variable with testmode disabled
4f4309542862 mt76: mt7915: only use u32_get_bits with constant value
de06d828a0bf mt76: mt7921: fix injected MPDU transmission to not use HW A-MSDU
c007ba3ec7a9 mt76: mt7915: simplify conditional
64c74dc93f68 mt76: fix dfs state issue with 160 MHz channels
d3471b0d92c1 mt76: mt7615: honor ret from mt7615_mcu_restart in mt7663u_mcu_init
f4c87b32e0e9 mt76: mt7663u: introduce mt7663u_mcu_power_on routine
82de5987af54 mt76: mt7921: fix up the monitor mode
c501df4086e1 mt76: mt7921: use mt76_hw instead of open coding it
594ee03d5a11 mt76: mt7915: fix DFS no radar detection event
d8d2b383a241 mt76: split single ldpc cap bit into bits
0f336fba20fe mt76: mt7921: make mt7921_init_tx_queues static
00a066ce9914 mt76: mt7921: fix xmit-queue dump for usb and sdio
d6d2479568b2 mt76: mt7921: fix mt7921_queues_acq implementation
d17b74420199 mt76: fix monitor mode crash with sdio driver
c374559eae6f mt76: mt7915: allow beaconing on all chains
b219af63b9ce mt76: connac: add 6 GHz support for wtbl and starec configuration
630384cb3246 mt76: mt7915: add 6 GHz support
28ff1bddc7e8 mt76: mt7915: fix eeprom fields of txpower init values
d4b226cc15e7 mt76: mt7915: add txpower init for 6GHz
31e820d4ce4b mt76: mt7921: get rid of mt7921_wait_for_mcu_init declaration
9fee1faf6028 mt76: mt7915: check for devm_pinctrl_get() failure
31a970940b97 mt76: connac: make read-only array ba_range static const
e49af7036bbc mt76: use le32/16_get_bits() whenever possible
0664d39039c2 mt76: fix invalid rssi report
f16fc9d96105 mt76: mt7915: set band1 TGID field in tx descriptor
67ce2708dcef mt76: mt7915: fix beamforming mib stats
6e899abec818 mt76: mt7915: fix phy cap in mt7915_set_stream_he_txbf_caps()
c6780c85cff2 mt76: mt7915: fix typos in comments
aa6eadc09a83 mt76: usb: add req_type to ___mt76u_rr signature
74a519ab8353 mt76: usb: add req_type to ___mt76u_wr signature
2651d2c66cbd mt76: usb: introduce __mt76u_init utility routine
c03e095eee27 mt76: mt7921: disable runtime pm for usb
41085cdcd7e3 mt76: mt7921: update mt7921_skb_add_usb_sdio_hdr to support usb
e700aba6bae3 mt76: mt7921: move mt7921_usb_sdio_tx_prepare_skb in common mac code
056b7f4ebcc6 mt76: mt7921: move mt7921_usb_sdio_tx_complete_skb in common mac code.
0abf682a3def mt76: mt7921: move mt7921_usb_sdio_tx_status_data in mac common code.
b0c60d5252de mt76: mt7921: add mt7921u driver
053668acdaf8 mt76: mt7921: move mt7921_init_hw in a dedicated work

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-15 10:46:10 +01:00
Petr Štetiar
9cdd15d8a5 mac80211: headers: fix lockdep_assert_not_held()
LOCK_STATE_HELD define was omitted during backport of
lockdep_assert_not_held() which leads to build failures of kernels with
CONFIG_LOCKDEP=y:

 backports-5.15.8-1/backport-include/linux/lockdep.h:16:47: error: 'LOCK_STATE_HELD' undeclared (first use in this function)

Fix it by adding missing LOCK_STATE_HELD define.

References: PR#9373
Reported-by: Oskari Rauta <oskari.rauta@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-03-15 08:33:45 +01:00
Michael Pratt
41be1a2de2 ath79: add support for Araknis AN-700-AP-I-AC
FCC ID: 2AG6R-AN700APIAC

Araknis AN-700-AP-I-AC is an indoor wireless access point with
1 Gb ethernet port, dual-band wireless,
internal antenna plates, and 802.3at PoE+

this board is a Senao device:
the hardware is equivalent to EnGenius EAP1750
the software is modified Senao SDK which is based on openwrt and uboot
including image checksum verification at boot time,
and a failsafe image that boots if checksum fails

**Specification:**

  - QCA9558 SOC		MIPS 74kc, 2.4 GHz WMAC, 3x3
  - QCA9880 WLAN	PCI card, 5 GHz, 3x3, 26dBm
  - AR8035-A PHY	RGMII GbE with PoE+ IN
  - 40 MHz clock
  - 16 MB FLASH		MX25L12845EMI-10G
  - 2x 64 MB RAM	NT5TU32M16
  - UART console	J10, populated, RX shorted to ground
  - 4 antennas		5 dBi, internal omni-directional plates
  - 4 LEDs		power, 2G, 5G, wps
  - 1 button		reset

  NOTE: all 4 gpio controlled LEDS are viewed through the same lightguide
	therefore, the power LED is off for default state

**MAC addresses:**

  MAC address labeled as ETH
  Only one Vendor MAC address in flash at art 0x0

  eth0 ETH  *:xb art 0x0
  phy1 2.4G *:xc ---
  phy0 5GHz *:xd ---

**Serial Access:**

  the RX line on the board for UART is shorted to ground by resistor R176
  therefore it must be removed to use the console
  but it is not necessary to remove to view boot log

  optionally, R175 can be replaced with a solder bridge short

  the resistors R175 and R176 are next to the UART RX pin at J10

**Installation:**

  Method 1: Firmware upgrade page:

    (if you cannot access the APs webpage)
    factory reset with the reset button
    connect ethernet to a computer
    OEM webpage at 192.168.20.253
    username and password 'araknis'
    make a new password, login again...

    Navigate to 'File Management' page from left pane
    Click Browse and select the factory.bin image
    Upload and verify checksum
    Click Continue to confirm
    wait about 3 minutes

  Method 2: Serial to load Failsafe webpage:

    After connecting to serial console and rebooting...
    Interrupt uboot with any key pressed rapidly
    execute `run failsafe_boot` OR `bootm 0x9fd70000`
    wait a minute
    connect to ethernet and navigate to
    192.168.20.253
    Select the factory.bin image and upload
    wait about 3 minutes

**Return to OEM:**

  Method 1: Serial to load Failsafe webpage (above)

  Method 2: delete a checksum from uboot-env
  this will make uboot load the failsafe image at next boot
  because it will fail the checksum verification of the image

    ssh into openwrt and run
    `fw_setenv rootfs_checksum 0`
    reboot, wait a minute
    connect to ethernet and navigate to
    192.168.20.253
    select OEM firmware image and click upgrade

  Method 3: backup mtd partitions before upgrade

**TFTP recovery:**

  Requires serial console, reset button does nothing

  rename initramfs-kernel.bin to '0101A8C0.img'
  make available on TFTP server at 192.168.1.101
  power board, interrupt boot with serial console
  execute `tftpboot` and `bootm 0x81000000`

  NOTE: TFTP may not be reliable due to bugged bootloader
	set MTU to 600 and try many times

**Format of OEM firmware image:**

  The OEM software is built using SDKs from Senao
  which is based on a heavily modified version
  of Openwrt Kamikaze or Altitude Adjustment.
  One of the many modifications is sysupgrade being performed by a custom script.
  Images are verified through successful unpackaging, correct filenames
  and size requirements for both kernel and rootfs files, and that they
  start with the correct magic numbers (first 2 bytes) for the respective headers.

  Newer Senao software requires more checks but their script
  includes a way to skip them.

  The OEM upgrade script is at
  /etc/fwupgrade.sh

  OKLI kernel loader is required because the OEM software
  expects the kernel to be less than 1536k
  and the OEM upgrade procedure would otherwise
  overwrite part of the kernel when writing rootfs.

Note on PLL-data cells:

  The default PLL register values will not work
  because of the external AR8035 switch between
  the SOC and the ethernet port.

  For QCA955x series, the PLL registers for eth0 and eth1
  can be see in the DTSI as 0x28 and 0x48 respectively.
  Therefore the PLL registers can be read from uboot
  for each link speed after attempting tftpboot
  or another network action using that link speed
  with `md 0x18050028 1` and `md 0x18050048 1`.

  The clock delay required for RGMII can be applied at the PHY side,
  using the at803x driver `phy-mode` setting through the DTS.
  Therefore, the Ethernet Configuration registers for GMAC0
  do not need the bits for RGMII delay on the MAC side.
  This is possible due to fixes in at803x driver
  since Linux 5.1 and 5.3

Signed-off-by: Michael Pratt <mcpratt@pm.me>
2022-03-13 19:54:58 +01:00
Michael Pratt
56716b578e ath79: add support for Araknis AN-500-AP-I-AC
FCC ID: 2AG6R-AN500APIAC

Araknis AN-500-AP-I-AC is an indoor wireless access point with
1 Gb ethernet port, dual-band wireless,
internal antenna plates, and 802.3at PoE+

this board is a Senao device:
the hardware is equivalent to EnGenius EAP1200
the software is modified Senao SDK which is based on openwrt and uboot
including image checksum verification at boot time,
and a failsafe image that boots if checksum fails

**Specification:**

  - QCA9557 SOC		MIPS 74kc, 2.4 GHz WMAC, 2x2
  - QCA9882 WLAN	PCI card 168c:003c, 5 GHz, 2x2, 26dBm
  - AR8035-A PHY	RGMII GbE with PoE+ IN
  - 40 MHz clock
  - 16 MB FLASH		MX25L12845EMI-10G
  - 2x 64 MB RAM	NT5TU32M16
  - UART console	J10, populated, RX shorted to ground
  - 4 antennas		5 dBi, internal omni-directional plates
  - 4 LEDs		power, 2G, 5G, wps
  - 1 button		reset

  NOTE: all 4 gpio controlled LEDS are viewed through the same lightguide
	therefore, the power LED is off for default state

**MAC addresses:**

  MAC address labeled as ETH
  Only one Vendor MAC address in flash at art 0x0

  eth0 ETH  *:e1 art 0x0
  phy1 2.4G *:e2 ---
  phy0 5GHz *:e3 ---

**Serial Access:**

  the RX line on the board for UART is shorted to ground by resistor R176
  therefore it must be removed to use the console
  but it is not necessary to remove to view boot log

  optionally, R175 can be replaced with a solder bridge short

  the resistors R175 and R176 are next to the UART RX pin at J10

**Installation:**

  Method 1: Firmware upgrade page:

    (if you cannot access the APs webpage)
    factory reset with the reset button
    connect ethernet to a computer
    OEM webpage at 192.168.20.253
    username and password 'araknis'
    make a new password, login again...

    Navigate to 'File Management' page from left pane
    Click Browse and select the factory.bin image
    Upload and verify checksum
    Click Continue to confirm
    wait about 3 minutes

  Method 2: Serial to load Failsafe webpage:

    After connecting to serial console and rebooting...
    Interrupt uboot with any key pressed rapidly
    execute `run failsafe_boot` OR `bootm 0x9fd70000`
    wait a minute
    connect to ethernet and navigate to
    192.168.20.253
    Select the factory.bin image and upload
    wait about 3 minutes

**Return to OEM:**

  Method 1: Serial to load Failsafe webpage (above)

  Method 2: delete a checksum from uboot-env
  this will make uboot load the failsafe image at next boot
  because it will fail the checksum verification of the image

    ssh into openwrt and run
    `fw_setenv rootfs_checksum 0`
    reboot, wait a minute
    connect to ethernet and navigate to
    192.168.20.253
    select OEM firmware image and click upgrade

  Method 3: backup mtd partitions before upgrade

**TFTP recovery:**

  Requires serial console, reset button does nothing

  rename initramfs-kernel.bin to '0101A8C0.img'
  make available on TFTP server at 192.168.1.101
  power board, interrupt boot with serial console
  execute `tftpboot` and `bootm 0x81000000`

  NOTE: TFTP may not be reliable due to bugged bootloader
	set MTU to 600 and try many times

**Format of OEM firmware image:**

  The OEM software is built using SDKs from Senao
  which is based on a heavily modified version
  of Openwrt Kamikaze or Altitude Adjustment.
  One of the many modifications is sysupgrade being performed by a custom script.
  Images are verified through successful unpackaging, correct filenames
  and size requirements for both kernel and rootfs files, and that they
  start with the correct magic numbers (first 2 bytes) for the respective headers.

  Newer Senao software requires more checks but their script
  includes a way to skip them.

  The OEM upgrade script is at
  /etc/fwupgrade.sh

  OKLI kernel loader is required because the OEM software
  expects the kernel to be less than 1536k
  and the OEM upgrade procedure would otherwise
  overwrite part of the kernel when writing rootfs.

Note on PLL-data cells:

  The default PLL register values will not work
  because of the external AR8035 switch between
  the SOC and the ethernet port.

  For QCA955x series, the PLL registers for eth0 and eth1
  can be see in the DTSI as 0x28 and 0x48 respectively.
  Therefore the PLL registers can be read from uboot
  for each link speed after attempting tftpboot
  or another network action using that link speed
  with `md 0x18050028 1` and `md 0x18050048 1`.

  The clock delay required for RGMII can be applied at the PHY side,
  using the at803x driver `phy-mode` setting through the DTS.
  Therefore, the Ethernet Configuration registers for GMAC0
  do not need the bits for RGMII delay on the MAC side.
  This is possible due to fixes in at803x driver
  since Linux 5.1 and 5.3

Signed-off-by: Michael Pratt <mcpratt@pm.me>
2022-03-13 19:54:57 +01:00
Michael Pratt
561f46bd02 ath79: add support for Araknis AN-300-AP-I-N
FCC ID: U2M-AN300APIN

Araknis AN-300-AP-I-N is an indoor wireless access point with
1 Gb ethernet port, dual-band wireless,
internal antenna plates, and 802.3at PoE+

this board is a Senao device:
the hardware is equivalent to EnGenius EWS310AP
the software is modified Senao SDK which is based on openwrt and uboot
including image checksum verification at boot time,
and a failsafe image that boots if checksum fails

**Specification:**

  - AR9344 SOC		MIPS 74kc, 2.4 GHz WMAC, 2x2
  - AR9382 WLAN		PCI on-board 168c:0030, 5 GHz, 2x2
  - AR8035-A PHY	RGMII GbE with PoE+ IN
  - 40 MHz clock
  - 16 MB FLASH		MX25L12845EMI-10G
  - 2x 64 MB RAM	1839ZFG V59C1512164QFJ25
  - UART console	J10, populated, RX shorted to ground
  - 4 antennas		5 dBi, internal omni-directional plates
  - 4 LEDs		power, 2G, 5G, wps
  - 1 button		reset

  NOTE: all 4 gpio controlled LEDS are viewed through the same lightguide
	therefore, the power LED is off for default state

**MAC addresses:**

  MAC address labeled as ETH
  Only one Vendor MAC address in flash at art 0x0

  eth0 ETH  *:7d art 0x0
  phy1 2.4G *:7e ---
  phy0 5GHz *:7f ---

**Serial Access:**

  the RX line on the board for UART is shorted to ground by resistor R176
  therefore it must be removed to use the console
  but it is not necessary to remove to view boot log

  optionally, R175 can be replaced with a solder bridge short

  the resistors R175 and R176 are next to the UART RX pin at J10

**Installation:**

  Method 1: Firmware upgrade page:

    (if you cannot access the APs webpage)
    factory reset with the reset button
    connect ethernet to a computer
    OEM webpage at 192.168.20.253
    username and password 'araknis'
    make a new password, login again...

    Navigate to 'File Management' page from left pane
    Click Browse and select the factory.bin image
    Upload and verify checksum
    Click Continue to confirm
    wait about 3 minutes

  Method 2: Serial to load Failsafe webpage:

    After connecting to serial console and rebooting...
    Interrupt uboot with any key pressed rapidly
    execute `run failsafe_boot` OR `bootm 0x9fd70000`
    wait a minute
    connect to ethernet and navigate to
    192.168.20.253
    Select the factory.bin image and upload
    wait about 3 minutes

**Return to OEM:**

  Method 1: Serial to load Failsafe webpage (above)

  Method 2: delete a checksum from uboot-env
  this will make uboot load the failsafe image at next boot
  because it will fail the checksum verification of the image

    ssh into openwrt and run
    `fw_setenv rootfs_checksum 0`
    reboot, wait a minute
    connect to ethernet and navigate to
    192.168.20.253
    select OEM firmware image and click upgrade

  Method 3: backup mtd partitions before upgrade

**TFTP recovery:**

  Requires serial console, reset button does nothing

  rename initramfs-kernel.bin to '0101A8C0.img'
  make available on TFTP server at 192.168.1.101
  power board, interrupt boot with serial console
  execute `tftpboot` and `bootm 0x81000000`

  NOTE: TFTP may not be reliable due to bugged bootloader
	set MTU to 600 and try many times

**Format of OEM firmware image:**

  The OEM software is built using SDKs from Senao
  which is based on a heavily modified version
  of Openwrt Kamikaze or Altitude Adjustment.
  One of the many modifications is sysupgrade being performed by a custom script.
  Images are verified through successful unpackaging, correct filenames
  and size requirements for both kernel and rootfs files, and that they
  start with the correct magic numbers (first 2 bytes) for the respective headers.

  Newer Senao software requires more checks but their script
  includes a way to skip them.

  The OEM upgrade script is at
  /etc/fwupgrade.sh

  OKLI kernel loader is required because the OEM software
  expects the kernel to be less than 1536k
  and the OEM upgrade procedure would otherwise
  overwrite part of the kernel when writing rootfs.

Note on PLL-data cells:

  The default PLL register values will not work
  because of the external AR8035 switch between
  the SOC and the ethernet port.

  For QCA955x series, the PLL registers for eth0 and eth1
  can be see in the DTSI as 0x28 and 0x48 respectively.
  Therefore the PLL registers can be read from uboot
  for each link speed after attempting tftpboot
  or another network action using that link speed
  with `md 0x18050028 1` and `md 0x18050048 1`.

  The clock delay required for RGMII can be applied at the PHY side,
  using the at803x driver `phy-mode` setting through the DTS.
  Therefore, the Ethernet Configuration registers for GMAC0
  do not need the bits for RGMII delay on the MAC side.
  This is possible due to fixes in at803x driver
  since Linux 5.1 and 5.3

Signed-off-by: Michael Pratt <mcpratt@pm.me>
2022-03-13 19:54:57 +01:00
Martin Kennedy
d1a8690742 realtek: add ZyXEL GS1900-24 v1 support
The ZyXEL GS1900-24 v1 is a 24 port switch with two SFP ports, similar to
the other GS1900 switches.

Specifications
--------------
* Device:    ZyXEL GS1900-24 v1
* SoC:       Realtek RTL8382M 500 MHz MIPS 4KEc
* Flash:     16 MiB
* RAM:       Winbond W9751G8KB-25 64 MiB DDR2 SDRAM
* Ethernet:  24x 10/100/1000 Mbps, 2x SFP 100/1000 Mbps
* LEDs:
  * 1 PWR LED (green, not configurable)
  * 1 SYS LED (green, configurable)
  * 24 ethernet port link/activity LEDs (green, SoC controlled)
  * 2 SFP status/activity LEDs (green, SoC controlled)
* Buttons:
  * 1 "RESET" button on front panel (soft reset)
  * 1 button ('SW1') behind right hex grate (hardwired power-off)
* Power:     120-240V AC C13
* UART:      Internal populated 10-pin header ('J5') providing RS232;
             connected to SoC UART through a SIPEX 3232EC for voltage
             level shifting.

* 'J5' RS232 Pinout (dot as pin 1):
  2) SoC RXD
  3) GND
  10) SoC TXD

Serial connection parameters: 115200 8N1.

Installation
------------

OEM upgrade method:

* Log in to OEM management web interface

* Navigate to Maintenance > Firmware > Management

* If "Active Image" has the first option selected, OpenWrt will need to be
  flashed to the "Active" partition. If the second option is selected,
  OpenWrt will need to be flashed to the "Backup" partition.

* Navigate to Maintenance > Firmware > Upload

* Upload the openwrt-realtek-rtl838x-zyxel_gs1900-24-v1-initramfs-kernel.bin
  file by your preferred method to the previously determined partition.
  When prompted, select to boot from the newly flashed image, and reboot
  the switch.

* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:

  > sysupgrade /tmp/openwrt-realtek-rtl838x-zyxel_gs1900-24-v1-squashfs-sysupgrade.bin

U-Boot TFTP method:

* Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10).

* Set up a TFTP server on your client and make it serve the initramfs
  image.

* Connect serial, power up the switch, interrupt U-boot by hitting the
  space bar, and enable the network:

  > rtk network on

> Since the GS1900-24 v1 is a dual-partition device, you want to keep the
  OEM firmware on the backup partition for the time being. OpenWrt can
  only be installed in the first partition anyway (hardcoded in the
  DTS). To ensure we are set to boot from the first partition, issue the
  following commands:

  > setsys bootpartition 0
  > savesys

* Download the image onto the device and boot from it:

  > tftpboot 0x81f00000 192.168.1.10:openwrt-realtek-rtl838x-zyxel_gs1900-24-v1-initramfs-kernel.bin
  > bootm

* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:

  > sysupgrade /tmp/openwrt-realtek-rtl838x-zyxel_gs1900-24-v1-squashfs-sysupgrade.bin

Signed-off-by: Martin Kennedy <hurricos@gmail.com>
2022-03-13 19:24:13 +01:00
Tianling Shen
efc8aff62c kernel/modules: add kmod-inet-diag package
Add option to compile kmod-inet-diag, support for INET (TCP, DCCP, etc)
socket monitoring interface used by native Linux tools such as ss.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2022-03-13 19:24:13 +01:00
Etienne Champetier
e9c99e0f7f iptables: backport missing init_extensions6() calls
This fixes ip6tables-nft no being able to use built-in
extensions like icmp6.

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-13 19:24:13 +01:00
Florian Eckert
e5440ec871 ipset: add backport patch for IPv6 nftables ipset-translation
When porting mwan3 from iptables to nftables I tried the new translation
tool for ipset ipset-translate. I noticed that no IPv6 ipset can be
created with the tool. I have reported the problem to the upstream
project and the following patch fixes the problem.

Until this upsream is included in a new release, this patch should be
used in Openwrt.

https://lore.kernel.org/netfilter-devel/20220228190217.2256371-1-pablo@netfilter.org/T/#m09cc3cb738f2e42024c7aecf5b7240d9f6bbc19c

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2022-03-13 19:24:13 +01:00
Rafał Miłecki
9851d4b6ce base-files: call "sync" after initial setup
OpenWrt uses a lot of (b)ash scripts for initial setup. This isn't the
best solution as they almost never consider syncing files / data. Still
this is what we have and we need to try living with it.

Without proper syncing OpenWrt can easily get into an inconsistent state
on power cut. It's because:
1. Actual (flash) inode and data writes are not synchronized
2. Data writeback can take up to 30 seconds (dirty_expire_centisecs)
3. ubifs adds extra 5 seconds (dirty_writeback_centisecs) "delay"

Some possible cases (examples) for new files:
1. Power cut during 5 seconds after write() can result in all data loss
2. Power cut happening between 5 and 35 seconds after write() can result
   in empty file (inode flushed after 5 seconds, data flush queued)

Above affects e.g. uci-defaults. After executing some migration script
it may get deleted (whited out) without generated data getting actually
written. Power cut will result in missing data and deleted file.

There are three ways of dealing with that:
1. Rewriting all user-space init to proper C with syncs
2. Trying bash hacks (like creating tmp files & moving them)
3. Adding sync and hoping for no power cut during critical section

This change introduces the last solution that is the simplest. It
reduces time during which things may go wrong from ~35 seconds to
probably less than a second. Of course it applies only to IO operations
performed before /etc/init.d/boot . It's probably the stage when the
most new files get created.

All later changes are usually done using smarter C apps (e.g. busybox or
uci) that creates tmp files and uses rename() that is expected to be
atomic.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2022-03-12 11:13:54 +00:00
Daniel Golle
2a801ee562
uqmi: update to git HEAD
44dd095 uqmi: corrected too short received SMS

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-03-12 11:07:27 +00:00
Lech Perczak
c8a88118af uqmi: set CID during 'query-data-status' operation
Modems used in ZTE mobile broadband routers require to query the data
session status using the same CID as one used to establish the session,
otherwise they will report the session as "disconnected" despite
reporting correct PDH in previous step. Without this change, IPv6
connection on these modems doesn't establish properly. In IPv4 this bug
is present as well, but for some reason querying of IPv4 status works
using temporary CID, this however seems noncompliant with QMI
specifications, so fix it as well.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2022-03-12 10:38:11 +00:00