Commit Graph

18239 Commits

Author SHA1 Message Date
Hauke Mehrtens
d1c15c41d9 OpenWrt v21.02.2: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-17 19:00:44 +01:00
Hauke Mehrtens
30e2782e06 OpenWrt v21.02.2: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-17 19:00:30 +01:00
Hauke Mehrtens
59e7ae8d65 tcpdump: Fix CVE-2018-16301
This fixes the following security problem:
The command-line argument parser in tcpdump before 4.99.0 has a buffer
overflow in tcpdump.c:read_infile(). To trigger this vulnerability the
attacker needs to create a 4GB file on the local filesystem and to
specify the file name as the value of the -F command-line argument of
tcpdump.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8f5875c4e2)
2022-02-13 00:23:30 +01:00
Hauke Mehrtens
0c0db6e66b hostapd: Apply SAE/EAP-pwd side-channel attack update 2
This fixes some recent security problems in hostapd.
See here for details: https://w1.fi/security/2022-1
* CVE-2022-23303
* CVE-2022-23304

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-02-13 00:23:30 +01:00
Sergey V. Lobanov
5b13b0b02c wolfssl: update to 5.1.1-stable
Bump from 4.8.1-stable to 5.1.1-stable

Detailed release notes: https://github.com/wolfSSL/wolfssl/releases

Upstreamed patches:
001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch -
 fa8f23284d
002-Update-macro-guard-on-SHA256-transform-call.patch -
 f447e4c1fa

Refreshed patches:
100-disable-hardening-check.patch
200-ecc-rng.patch

CFLAG -DWOLFSSL_ALT_CERT_CHAINS replaced to --enable-altcertchains
configure option

The size of the ipk changed on aarch64 like this:
491341 libwolfssl4.8.1.31258522_4.8.1-stable-7_aarch64_cortex-a53.ipk
520322 libwolfssl5.1.1.31258522_5.1.1-stable-1_aarch64_cortex-a53.ipk

Tested-by: Alozxy <alozxy@users.noreply.github.com>
Acked-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry picked from commit 93d91197b9)
2022-02-13 00:23:08 +01:00
Sergey V. Lobanov
7d376e6e52 libs/wolfssl: add SAN (Subject Alternative Name) support
x509v3 SAN extension is required to generate a certificate compatible with
chromium-based web browsers (version >58)

It can be disabled via unsetting CONFIG_WOLFSSL_ALT_NAMES

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry picked from commit dfd695f4b9)
2022-02-12 20:27:27 +01:00
Stan Grishin
5ea2e1d5ba wolfssl: enable ECC Curve 25519 by default
* fixes https://github.com/openwrt/packages/issues/16652
 see https://github.com/openwrt/packages/issues/16674#issuecomment-934983898

Signed-off-by: Stan Grishin <stangri@melmac.net>
(cherry picked from commit 05a7af9ca0)
2022-02-12 20:25:48 +01:00
Hauke Mehrtens
4108d02a29 ustream-ssl: update to Git version 2022-01-16
868fd88 ustream-openssl: wolfSSL: Add compatibility for wolfssl >= 5.0

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit e74529552c)
2022-02-12 20:02:21 +01:00
Hauke Mehrtens
32d50a1281 mbedtls: Update to version 2.16.12
This fixes the following security problems:
* Zeroize several intermediate variables used to calculate the expected
  value when verifying a MAC or AEAD tag. This hardens the library in
  case the value leaks through a memory disclosure vulnerability. For
  example, a memory disclosure vulnerability could have allowed a
  man-in-the-middle to inject fake ciphertext into a DTLS connection.
* Fix a double-free that happened after mbedtls_ssl_set_session() or
  mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
  (out of memory). After that, calling mbedtls_ssl_session_free()
  and mbedtls_ssl_free() would cause an internal session buffer to
  be free()'d twice. CVE-2021-44732

The sizes of the ipk changed on MIPS 24Kc like this:
182454 libmbedtls12_2.16.11-2_mips_24kc.ipk
182742 libmbedtls12_2.16.12-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 57f38e2c82)
2022-02-12 19:42:08 +01:00
Rafał Miłecki
97b95ef8b9
uci: update to the latest master
4b3db11 cli: add option for changing save path

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 05a4273058)
2022-01-23 11:30:30 +01:00
Daniel Golle
1472a8fa42 procd: update to git HEAD
945d0d7 utils: fix C style in header file
 2cfc26f inittab: detect active console from kernel if no console= specified

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ffeb37047e)
2022-01-18 15:09:15 +01:00
Daniel Golle
015f170fe6 procd: update to git HEAD
64e9f3a procd: fix compilation with newer musl

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1cd4a02c8e)
2022-01-18 15:09:15 +01:00
Karel Kočí
cd5ba0cfbb ustream-ssl: variants conflict with each other
This adds conflicts between variants of libustream pacakge.
They provide the same file and thus it should not be possible to install
them side by side.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit 219e17a350)
2022-01-16 16:28:46 +01:00
Karel Kočí
77ee281a3e kernel: add kmod-ledtrig-pattern
This allows LEDs to be triggered by custom pattern and not just
predefined ones.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit 507911f477)
2022-01-08 21:31:15 +01:00
Evgeny Kolesnikov
aa2de44cdd kernel: fix AutoLoad parameter for uleds module
The name of the module is 'uleds', not 'leds-uleds'.

Signed-off-by: Evgeny Kolesnikov <evgenyz@gmail.com>
[improve commit title]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3e9318f3c0)
2022-01-08 21:31:15 +01:00
Keith T. Garner
bc37a699e5 kernel: add kmod-leds-uleds
The allows userspace LEDs to be created and controlled. This can be useful
for testing triggers and can also be used to implement virtual LEDs.

Signed-off-by: Keith T. Garner <kgarner@kgarner.com>
[squash fixup commit and improve option wording]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 6a37286c2a)
2022-01-08 21:31:15 +01:00
Eneas U de Queiroz
5beaa75d94 openssl: bump to 1.1.1m
This is a bugfix release.  Changelog:

  *) Avoid loading of a dynamic engine twice.
  *) Fixed building on Debian with kfreebsd kernels
  *) Prioritise DANE TLSA issuer certs over peer certs
  *) Fixed random API for MacOS prior to 10.12

Patches were refreshed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit def9565be6)
2022-01-03 22:09:45 +01:00
Rafał Miłecki
18b10db2f1 arm-trusted-firmware-bcm63xx: add ATF for Broadcom devices
Right now it includes bcm4908 variant only that is required by BCM4908
family devices with U-Boot.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f18288e267)
2022-01-03 14:28:13 +01:00
Rafał Miłecki
b6ed2641df busybox: backport dd support for iflag=count_bytes
It's very useful flag for handling various formats in sysupgrade. This
commit comes from the 1.34.0 release.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-01-03 14:28:13 +01:00
Rafał Miłecki
1d4a28d5e1 dtc: support printing binary data with fdtget
It's needed for extracting binary images.

Cc: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a2cf659ad8)
2022-01-03 14:28:13 +01:00
Rafał Miłecki
ce5d0378bf dtc: import package for dtc & fdt from packages feed
fdt* utils are needed by targets that use U-Boot FIT images for
sysupgrade. It includes all recent BCM4908 SoC routers as Broadcom
switched from CFE to U-Boot.

fdtget is required for extracting images (bootfs & rootfs) from
Broadcom's ITB. Extracted images can be then flashed to UBI volumes.

sysupgrade is core functionality so it needs dtc as part of base code
base.

Cc: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-01-03 14:28:06 +01:00
Nick Hainke
27225e3538 kernel: ath10k: provide a build variant for small RAM devices
Based on: 1ac627024d ("kernel: ath10k-ct: provide a build variant for
small RAM devices")

Like described in the ath10k-ct-smallbuffers version, oom-killer gets
triggered frequently by devices with small RAM.

That change is necessary for many community mesh networks which use
ath10k based devices with too little RAM. The -ct driver has been
proven unstable if used with 11s meshing and only wave2 chipsets are
supporting 11s. Freifunk Berlin is nowadays assembling its
firmware-based completely of vanilla OpenWRT with some package additions
which are made through the imagebuilder. Therefore we cannot take the
approach other freifunk communities have taken to maintain that patch
downstream [1]. Other communities consider these devices as broken and
that change would pretty much give those devices a second life [2].
[1] - 450b306e54
[2] - https://github.com/freifunk-gluon/gluon/issues/1988#issuecomment-619532909

Signed-off-by: Simon Polack <spolack+git@mailbox.org>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 694757a08f)
2022-01-02 12:35:21 +01:00
Alexander Egorenkov
3b14ddf8d2 build: fix opkg install step for large package selection
When the list of packages to be installed in a built image exceeds a certain
number, then 'opkg install' executed for target '$(curdir)/install' in
package/Makefile fails with: /usr/bin/env: Argument list too long.

On Linux, the length of a command-line parameter is limited by
MAX_ARG_STRLEN to max 128 kB.

* https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/binfmts.h#L15
* https://www.in-ulm.de/~mascheck/various/argmax/

To solve the problem, store the package list being passed to 'opkg install'
in a temporary file and use the shell command substitution to pass the
content of the file to 'opkg install'. This guarantees that the length of
the command-line parameters passed to the bash shell is short.

The following bash script demonstrates the problem:
----------------------------------------------------------------------------
count=${1:-1000}

FILES=""
a_file="/home/egorenar/Repositories/openwrt-rel/bin/targets/alpine/generic/packages/base-files_1414-r16464+19-e887049fbb_arm_cortex-a15_neon-vfpv4.ipk"

for i in $(seq 1 $count); do
	FILES="$FILES $a_file"
done

env bash -c "echo $FILES >/dev/null"
echo "$FILES" | wc -c
----------------------------------------------------------------------------

Test run:
----------------------------------------------------------------------------
$ ./test.sh 916
130989
$ ./test.sh 917
./test.sh: line 14: /bin/env: Argument list too long
131132
----------------------------------------------------------------------------

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
[reword commit subject]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 1854aeec4d)
2021-12-31 17:55:29 +01:00
Hauke Mehrtens
4dddb7ca36 tcpdump: libpcap: Remove http://www.us.tcpdump.org mirror
The http://www.us.tcpdump.org mirror will go offline soon, only use the
normal download URL.

Reported-by: Denis Ovsienko <denis@ovsienko.info>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 18bdfc803b)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[rebased for OpenWrt 21.02 branch]
2021-12-29 23:45:37 +01:00
Christian Lamparter
47a5b9744b linux-firmware: amd: consolidate amd's linux-firmware entries
this patch consolidates the amd64-microcode
(moved to linux-firmware.git, previously this was an extra
debian source package download), amdgpu and radeon firmwares
into a shared "amd" makefile.

this will include a microcode update for ZEN 3 CPUs that
came with the 20211216 linux-firmware bump.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit cf8ee49c9b)
2021-12-29 23:45:37 +01:00
Hauke Mehrtens
6003752394 linux-firmware: Update to version 20211216
The rtl8723bs firmware was removed and a symlink to the rtl8723bu
firmware was created like it is done in upstream linux-firmware.

The following OpenWrt packages are changing:
* amdgpu-firmware: Multiple updates and new files
* ar3k-firmware: Multiple updates and new files
* ath10k-firmware-qca6174: Updated ath10k/QCA6174/hw3.0/board-2.bin
* bnx2x-firmware: Added bnx2x-e1-7.13.21.0.fw, bnx2x-e1h-7.13.21.0.fw and bnx2x-e2-7.13.21.0.fw
* iwlwifi-firmware-iwl8260c: Updated iwlwifi-8000C-36.ucode
* iwlwifi-firmware-iwl8265: Updated iwlwifi-8265-36.ucode
* iwlwifi-firmware-iwl9000: Updated iwlwifi-9000-pu-b0-jf-b0-46.ucode
* iwlwifi-firmware-iwl9260: Updated iwlwifi-9260-th-b0-jf-b0-46.ucode
* r8169-firmware: Updated rtl8153c-1.fw
* rtl8723bs-firmware: removed
* rtl8723bu-firmware: Added rtlwifi/rtl8723bs_nic.bin symlink
* rtl8822ce-firmware: Updated rtw8822c_fw.bin

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 397dfe4a97)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (2012->2021)
2021-12-29 23:45:37 +01:00
Tomas Lara
7306b9e810 linux-firmware: update to 20210511
git log --pretty=oneline --abbrev-commit 20201118..20210511

7685cf4 (HEAD, tag: 20210511) nvidia: Update Tegra194 XUSB firmware to v60.09
cf32752 nvidia: Update Tegra186 XUSB firmware to v55.18
cb8ca82 nvidia: Update Tegra210 XUSB firmware to v50.26
f99d6a1 linux-firmware: update firmware for mhdp8546
ecdfcf8 Merge branch 'adlp_dmc_firmware' of git://anongit.freedesktop.org/drm/drm-firmware into main
547b202 Merge https://github.com/suraj714/linux-firmware-venus into main
3d32f21 i915: Add ADL-P DMC Support
3f23f51 amdgpu: add new polaris 12 MC firmware
a2565bb firmware: nvidia: Add VIC firmware for Tegra194
17ec2a5 qcom: add gpu firmwares for sc7280
b653cf4 Merge https://github.com/pkshih/linux-firmware into main
2a96c08 brcm: Add a link to enable khadas VIM2's WiFi
ffc64a2 rtw89: 8852a: update fw to v0.13.8.0
3e3497c rtl_bt: Update RTL8852A BT USB firmware to 0xD9A8_7893
c7b11ed qcom: Add venus firmware files for VPU-2.0
2f4f0f8 rtw89: 8852a: update fw to v0.13.8.0
fa0efef linux-firmware: Update firmware file for Intel Bluetooth AX210
9be3daa linux-firmware: Update firmware file for Intel Bluetooth 9560
687d64a linux-firmware: Update firmware file for Intel Bluetooth 9260
a7f1249 linux-firmware: Update firmware file for Intel Bluetooth AX200
47650a0 linux-firmware: Update firmware file for Intel Bluetooth AX201
195ecf1 linux-firmware: Intel BT 7265: Fix Security Issues
4116d72 linux-firmware: Update firmware file for Intel Bluetooth 8265
ca83c73 qcom: update venus firmware files for v5.4
1334578 Merge branch 'mrvl-prestera' of https://github.com/PLVision/linux-firmware into main
16052e4 mrvl: prestera: Add Marvell Prestera Switchdev firmware 3.0 version
bdf929d rtw88: 8822c: Update normal firmware to v9.9.9
0b558e8 brcm: add missing symlink for Pi Zero W NVRAM file
cfa004c amdgpu: update arcturus firmware from 21.10
d5567c5 amdgpu: update navy flounder firmware from 21.10
ef5ea5d amdgpu: update sienna cichlid firmware from 21.10
f35700f amdgpu: update vega20 firmware from 21.10
1be98f1 amdgpu: update picasso firmware from 21.10
fee0497 amdgpu: update navi14 firmware from 21.10
15003b0 amdgpu: update green sardine firmware from 21.10
64555fb amdgpu: update vega12 firmware from 21.10
eb07276 amdgpu: update navi12 firmware from 21.10
e36c82a amdgpu: update vega10 firmware from 21.10
4a5eaa2 amdgpu: update renoir firmware from 21.10
65eb326 amdgpu: update navi10 firmware from 21.10
8bdca03 amdgpu: update raven2 firmware from 21.10
c9e44ca amdgpu: update raven firmware from 21.10
bc3e610 rtl_nic: add new firmware for RTL8153 and RTL8156 series
8528618 Merge branch 'for-upstream' of git://git.chelsio.net/pub/git/linux-firmware into main
940b7f4 cxgb4: Update firmware to revision 1.25.4.0
f66adc3 Merge branch 'main' of gitolite.kernel.org:/pub/scm/linux/kernel/git/maks/linux-firmware into main
f350e91 Merge https://github.com/rjliao-qca/qca-btfw into main
9bc1bcc Merge https://github.com/Netronome/linux-firmware into main
2f30708 Mellanox: Add new mlxsw_spectrum firmware xx.2008.2438
393f272 brcm: Link CM4's WiFi firmware with DMI machine name.
73144e0 linux-firmware: Update firmware file for Intel Bluetooth AX201
8ab7aba amdgpu: update navi14 smc firmware
4fe6e53 amdgpu: update navi10 SMC firmware
c296849 QCA: Update Bluetooth firmware for QCA6174
d6a18e9 WHENCE: link to similar config file for rtl8821a support
6c419ae nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.14.A.6
af1ca28 amdgpu: add arcturus firmware
0dd245d Merge branch 'sm8250-new-fw' of https://github.com/lumag/linux-firmware into main
55cab07 rtl_bt: Add rtl8723bs_config-OBDA0623.bin symlink
2548d06 brcm: Add nvram for the Chuwi Hi8 (CWI509) tablet
e45c137 brcm: Add nvram for the Predia Basic tablet
d8fa0cf qcom: sm8250: update remoteproc firmware
84af0e0 qcom: update a650 firmware files
3f026a2 rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x59A_76A3
c82cb46 amdgpu: update sienna cichlid firmware for 20.50
24fe696 amdgpu: update vega20 firmware for 20.50
e05d197 amdgpu: update picasso firmware for 20.50
76d07cd amdgpu: update navi14 firmware for 20.50
b2fc037 amdgpu: update vega12 firmware for 20.50
25451a4 amdgpu: update navi12 firmware for 20.50
b938597 amdgpu: update vega10 firmware for 20.50
2542ba7 amdgpu: update renoir firmware for 20.50
b55d063 amdgpu: update navi10 firmware for 20.50
1a62f28 amdgpu: update raven2 firmware for 20.50
4df488f amdgpu: update raven firmware for 20.50
a29bdb2 amdgpu: add initial support for navy flounder
3568f96 (tag: 20210315) linux-firmware: Update firmware file for Intel Bluetooth AX210
9e96e50 linux-firmware: Update firmware file for Intel Bluetooth AX200
c8d0db5 linux-firmware: Update firmware file for Intel Bluetooth AX201
5e2a387 Merge tag 'iwlwifi-fw-2021-03-05-v3' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into main
b0d3e31 rtw88: 8822c: Update normal firmware to v9.9.6
5a2fd63 iwlwifi: add new FWs from core59-66 release
4f54906 iwlwifi: update 9000-family firmwares
11b7607 iwlwifi: update 7265D firmware
e425f76 Merge branch 'add-silabs-wf200' of github.com:jerome-pouiller/linux-firmware into main
5ecd13f Mellanox: Add new mlxsw_spectrum firmware xx.2008.2406
58fb90a linux-firmware: add frimware for mediatek bluetooth chip (MT7921)
e576a1b rtw89: 8852a: add firmware v0.9.12.2
048a7cb WHENCE: add missing symlink for BananaPi M3
aa6c6e7 Add symlink for BananaPi M2 to brcmfmac43430-sdio config
58825f7 brcm: Fix Raspberry Pi 4B NVRAM file
520f71b silabs: add new firmware for WF200
f7915a0 amdgpu: add initial firmware for green sardine
80cb579 rtw88: RTL8822C: Update normal firmware to v9.9.5
b79d239 (tag: 20210208) Merge branch 'DG1-guc-huc-ADLS-dmc' of git://anongit.freedesktop.org/drm/drm-firmware into main
66970e1 Merge branch 'qcom-rb5' of https://github.com/lumag/linux-firmware into main
cf6fc2b Mellanox: Add new mlxsw_spectrum firmware xx.2008.2304
391fd50 linux-firmware: add firmware for MT7921
c5e3240 rtw88: RTL8821C: Update firmware to v24.8
d33d2d8 linux-firmware: Update firmware file for Intel Bluetooth AX210
3027ae4 linux-firmware: Update firmware file for Intel Bluetooth AX200
13979c3 linux-firmware: Update firmware file for Intel Bluetooth AX201
348d8a9 i915: Add DMC v2.01 for ADL-S
f33f1f7 i915: Add HuC v7.7.1 for DG1
6a422f5 i915: Add GuC v49.0.1 for DG1
df822a8 qcom: Add venus firmware files for VPU-1.0
11a1db1 qcom: Add SM8250 Compute DSP firmware
e55248b qcom: Add SM8250 Audio DSP firmware
da74cc6 qcom: add firmware files for Adreno a650
0578970 brcm: Link RPi4's WiFi firmware with DMI machine name.
d528862 brcm: Add NVRAM for Vamrs 96boards Rock960
870b805 brcm: Update Raspberry Pi 3B+/4B NVRAM for downstream changes
a28a590 cypress: Fix link direction
060ad8b cypress: Link the new cypress firmware to the old brcm files
0f0aefd brcm: remove old brcm firmwares that have newer cypress variants
f580dc2 rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x059A_25CB
7df2220 rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099a_7253
e79405d rtl_bt: Add firmware and config files for RTL8852A BT USB chip
ef3813d rtl_bt: Update RTL8821C BT(USB I/F) FW to 0x829a_7644
646f159 (tag: 20201218) make AP6212 in bananpi m2 plus/zero work
28185ec linux-firmware: Update firmware file for Intel Bluetooth AX210
23da869 linux-firmware: Update firmware file for Intel Bluetooth AX200
2099248 linux-firmware: Update firmware file for Intel Bluetooth AX201
94de5e2 linux-firmware: Update firmware file for Intel Bluetooth 9560
27a3689 linux-firmware: Update firmware file for Intel Bluetooth 9260
5c3c4af Merge branch 'lt9611uxc' of https://github.com/lumag/linux-firmware into main
aaed4a8 Merge branch 'v1.1.6' of https://github.com/irui-wang/linux_fw_vpu_v1.1.6 into main
d8c9865 Merge branch 'master' of https://github.com/sampnimm/linux-firmware-BT into main
63ab3db linux-firmware: add firmware for Lontium LT9611UXC DSI to HDMI bridge
0fe0fe0 mediatek: update MT8173 VPU firmware to v1.1.6
1a08ec9 QCA : Updated firmware files for WCN3991
7455a36 Merge branch 'guc_v49' of git://anongit.freedesktop.org/drm/drm-firmware into main
7eb7fda linux-firmware: Update firmware file for Intel Bluetooth AX210
5cbf459 linux-firmware: Update firmware file for Intel Bluetooth AX210
c487f7d i915: Add GuC firmware v49.0.1 for all platforms
d9ffb07 i915: Remove duplicate KBL DMC entry
b362fd4 Mellanox: Add new mlxsw_spectrum firmware xx.2008.2018
bc9cd0b linux-firmware: Update AMD SEV firmware
54c797a amdgpu: add sienna cichlid firmware for 20.45
1340e9c amdgpu: update vega20 firmware for 20.45
b260c9c amdgpu: update vega12 firmware for 20.45
d683bd5 amdgpu: update vega10 firmware for 20.45
7c81cc2 amdgpu: update renoir firmware for 20.45
3619e57 amdgpu: update navi14 firmware for 20.45
68ce0fb amdgpu: update navi12 firmware for 20.45
e889b80 amdgpu: update navi10 firmware for 20.45
f4edc15 amdgpu: update raven2 firmware for 20.45
e71210f amdgpu: update raven firmware for 20.45

Signed-off-by: Tomas Lara <tl849670@gmail.com>
[rebased; removed brcmfmac changes due to removed firmware]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4413537430)
2021-12-29 23:45:37 +01:00
Josef Schlehofer
d0b0ebf966 linux-firmware: update to version 20210315 and trim down broadcom FW
In there linux-firmware repository located in kernel, there were removed old
broadcom firmware [1] as they seem to be likely vulnerable to KrØØk vulnerability
(CVE-2019-15126), because Cypress released new versions and superseded
by it.

In OpenWrt, there is Makefile for cypress-firmware, which already provides
the same named packages like it was in linux-firmware. For example, cypress-firmware-43455-sdio
provides brcmfmac-firmware-43455-sdio [2].

Changelog between 2020118 and 20210315:
3568f96 (tag: 20210315) linux-firmware: Update firmware file for Intel Bluetooth AX210
9e96e50 linux-firmware: Update firmware file for Intel Bluetooth AX200
c8d0db5 linux-firmware: Update firmware file for Intel Bluetooth AX201
5e2a387 Merge tag 'iwlwifi-fw-2021-03-05-v3' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into main
b0d3e31 rtw88: 8822c: Update normal firmware to v9.9.6
5a2fd63 iwlwifi: add new FWs from core59-66 release
4f54906 iwlwifi: update 9000-family firmwares
11b7607 iwlwifi: update 7265D firmware
e425f76 Merge branch 'add-silabs-wf200' of github.com:jerome-pouiller/linux-firmware into main
5ecd13f Mellanox: Add new mlxsw_spectrum firmware xx.2008.2406
58fb90a linux-firmware: add frimware for mediatek bluetooth chip (MT7921)
e576a1b rtw89: 8852a: add firmware v0.9.12.2
048a7cb WHENCE: add missing symlink for BananaPi M3
aa6c6e7 Add symlink for BananaPi M2 to brcmfmac43430-sdio config
58825f7 brcm: Fix Raspberry Pi 4B NVRAM file
520f71b silabs: add new firmware for WF200
f7915a0 amdgpu: add initial firmware for green sardine
80cb579 rtw88: RTL8822C: Update normal firmware to v9.9.5
b79d239 (tag: 20210208) Merge branch 'DG1-guc-huc-ADLS-dmc' of git://anongit.freedesktop.org/drm/drm-firmware into main
66970e1 Merge branch 'qcom-rb5' of https://github.com/lumag/linux-firmware into main
cf6fc2b Mellanox: Add new mlxsw_spectrum firmware xx.2008.2304
391fd50 linux-firmware: add firmware for MT7921
c5e3240 rtw88: RTL8821C: Update firmware to v24.8
d33d2d8 linux-firmware: Update firmware file for Intel Bluetooth AX210
3027ae4 linux-firmware: Update firmware file for Intel Bluetooth AX200
13979c3 linux-firmware: Update firmware file for Intel Bluetooth AX201
348d8a9 i915: Add DMC v2.01 for ADL-S
f33f1f7 i915: Add HuC v7.7.1 for DG1
6a422f5 i915: Add GuC v49.0.1 for DG1
df822a8 qcom: Add venus firmware files for VPU-1.0
11a1db1 qcom: Add SM8250 Compute DSP firmware
e55248b qcom: Add SM8250 Audio DSP firmware
da74cc6 qcom: add firmware files for Adreno a650
0578970 brcm: Link RPi4's WiFi firmware with DMI machine name.
d528862 brcm: Add NVRAM for Vamrs 96boards Rock960
870b805 brcm: Update Raspberry Pi 3B+/4B NVRAM for downstream changes
a28a590 cypress: Fix link direction
060ad8b cypress: Link the new cypress firmware to the old brcm files
0f0aefd brcm: remove old brcm firmwares that have newer cypress variants
f580dc2 rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x059A_25CB
7df2220 rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099a_7253
e79405d rtl_bt: Add firmware and config files for RTL8852A BT USB chip
ef3813d rtl_bt: Update RTL8821C BT(USB I/F) FW to 0x829a_7644
646f159 (tag: 20201218) make AP6212 in bananpi m2 plus/zero work
28185ec linux-firmware: Update firmware file for Intel Bluetooth AX210
23da869 linux-firmware: Update firmware file for Intel Bluetooth AX200
2099248 linux-firmware: Update firmware file for Intel Bluetooth AX201
94de5e2 linux-firmware: Update firmware file for Intel Bluetooth 9560
27a3689 linux-firmware: Update firmware file for Intel Bluetooth 9260
5c3c4af Merge branch 'lt9611uxc' of https://github.com/lumag/linux-firmware into main
aaed4a8 Merge branch 'v1.1.6' of https://github.com/irui-wang/linux_fw_vpu_v1.1.6 into main
d8c9865 Merge branch 'master' of https://github.com/sampnimm/linux-firmware-BT into main
63ab3db linux-firmware: add firmware for Lontium LT9611UXC DSI to HDMI bridge
0fe0fe0 mediatek: update MT8173 VPU firmware to v1.1.6
1a08ec9 QCA : Updated firmware files for WCN3991
7455a36 Merge branch 'guc_v49' of git://anongit.freedesktop.org/drm/drm-firmware into main
7eb7fda linux-firmware: Update firmware file for Intel Bluetooth AX210
5cbf459 linux-firmware: Update firmware file for Intel Bluetooth AX210
c487f7d i915: Add GuC firmware v49.0.1 for all platforms
d9ffb07 i915: Remove duplicate KBL DMC entry
b362fd4 Mellanox: Add new mlxsw_spectrum firmware xx.2008.2018
bc9cd0b linux-firmware: Update AMD SEV firmware
54c797a amdgpu: add sienna cichlid firmware for 20.45
1340e9c amdgpu: update vega20 firmware for 20.45
b260c9c amdgpu: update vega12 firmware for 20.45
d683bd5 amdgpu: update vega10 firmware for 20.45
7c81cc2 amdgpu: update renoir firmware for 20.45
3619e57 amdgpu: update navi14 firmware for 20.45
68ce0fb amdgpu: update navi12 firmware for 20.45
e889b80 amdgpu: update navi10 firmware for 20.45
f4edc15 amdgpu: update raven2 firmware for 20.45
e71210f amdgpu: update raven firmware for 20.45

[1] https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=0f0aefd733f70beae4c0246edbd2c158d5ce974c

[2] eeda8652f1/package/firmware/cypress-firmware/Makefile (L124)

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit ff2bb16730)
(removed sinovoip_bananapi-m2-berry)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-12-29 23:45:37 +01:00
Josef Schlehofer
209c77e90f linux-firmware: ath10k: add support for Qualcomm Atheros QCA9377
Add firmware and board file for Qualcomm Atheros QCA9377 802.11ac Wireless
Network Adapter (rev 31) recognized as [168c:0042].

This card supports standard 1x1 802.11ac Wave2, BT5, and MU-MIMO.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit b265649085)
2021-12-29 23:45:37 +01:00
Tan Zien
2ed471a12a firmware: intel-microcode: update to 20210608
intel-microcode (3.20210608.2)

  * Correct INTEL-SA-00442 CVE id to CVE-2020-24489 in changelog and
    debian/changelog (3.20210608.1).

intel-microcode (3.20210608.1)

  * New upstream microcode datafile 20210608 (closes: #989615)
    * Implements mitigations for CVE-2020-24511 CVE-2020-24512
      (INTEL-SA-00464), information leakage through shared resources,
      and timing discrepancy sidechannels
    * Implements mitigations for CVE-2020-24513 (INTEL-SA-00465),
      Domain-bypass transient execution vulnerability in some Intel Atom
      Processors, affects Intel SGX.
    * Implements mitigations for CVE-2020-24489 (INTEL-SA-00442), Intel
      VT-d privilege escalation
    * Fixes critical errata on several processors
    * New Microcodes:
      sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104
      sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648
      sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648
      sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
      sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
      sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568
      sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208
      sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328
      sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456
      sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456
      sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352
    * Updated Microcodes:
      sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816
      sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456
      sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472
      sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744
      sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816
      sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864
      sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720
      sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720
      sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648
      sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576
      sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576
      sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456
      sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408
      sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360
      sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472
      sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264
      sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752
      sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776
      sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592
      sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768
      sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448
      sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448
      sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424
      sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448
      sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448
      sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448
      sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400
      sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448
      sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424
      sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424
      sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184
      sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208
      sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208
      sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208
      sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184
  * source: update symlinks to reflect id of the latest release, 20210608

intel-microcode (3.20210216.1)

  * New upstream microcode datafile 20210216
    * Mitigates an issue on Skylake Server (H0/M0/U0), Xeon-D 21xx,
      and Cascade Lake Server (B0/B1) when using an active JTAG
      agent like In Target Probe (ITP), Direct Connect Interface
      (DCI) or a Baseboard Management Controller (BMC) to take the
      CPU JTAG/TAP out of reset and then returning it to reset.
    * This issue is related to the INTEL-SA-00381 mitigation.
    * Updated Microcodes:
      sig 0x00050654, pf_mask 0xb7, 2020-12-31, rev 0x2006a0a, size 36864
      sig 0x00050656, pf_mask 0xbf, 2020-12-31, rev 0x4003006, size 53248
      sig 0x00050657, pf_mask 0xbf, 2020-12-31, rev 0x5003006, size 53248
  * source: update symlinks to reflect id of the latest release, 20210216

intel-microcode (3.20201118.1)

  * New upstream microcode datafile 20201118
    * Removes a faulty microcode update from release 2020-11-10 for Tiger Lake
      processors.  Note that Debian already had removed this specific falty
      microcode update on the 3.20201110.1 release
    * Add a microcode update for the Pentium Silver N/J5xxx and Celeron
      N/J4xxx which didn't make it to release 20201110, fixing security issues
      (INTEL-SA-00381, INTEL-SA-00389)
    * Updated Microcodes:
      sig 0x000706a1, pf_mask 0x01, 2020-06-09, rev 0x0034, size 74752
    * Removed Microcodes:
      sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520

intel-microcode (3.20201110.1)

  * New upstream microcode datafile 20201110 (closes: #974533)
    * Implements mitigation for CVE-2020-8696 and CVE-2020-8698,
      aka INTEL-SA-00381: AVX register information leakage;
      Fast-Forward store predictor information leakage
    * Implements mitigation for CVE-2020-8695, Intel SGX information
      disclosure via RAPL, aka INTEL-SA-00389
    * Fixes critical errata on several processor models
    * Reintroduces SRBDS mitigations(CVE-2020-0543, INTEL-SA-00320)
      for Skylake-U/Y, Skylake Xeon E3
    * New Microcodes
      sig 0x0005065b, pf_mask 0xbf, 2020-08-20, rev 0x700001e, size 27648
      sig 0x000806a1, pf_mask 0x10, 2020-06-26, rev 0x0028, size 32768
      sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520
      sig 0x000a0652, pf_mask 0x20, 2020-07-08, rev 0x00e0, size 93184
      sig 0x000a0653, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 94208
      sig 0x000a0655, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 93184
      sig 0x000a0661, pf_mask 0x80, 2020-07-02, rev 0x00e0, size 93184
    * Updated Microcodes
      sig 0x000306f2, pf_mask 0x6f, 2020-05-27, rev 0x0044, size 34816
      sig 0x000406e3, pf_mask 0xc0, 2020-07-14, rev 0x00e2, size 105472
      sig 0x00050653, pf_mask 0x97, 2020-06-18, rev 0x1000159, size 33792
      sig 0x00050654, pf_mask 0xb7, 2020-06-16, rev 0x2006a08, size 35840
      sig 0x00050656, pf_mask 0xbf, 2020-06-18, rev 0x4003003, size 52224
      sig 0x00050657, pf_mask 0xbf, 2020-06-18, rev 0x5003003, size 52224
      sig 0x000506c9, pf_mask 0x03, 2020-02-27, rev 0x0040, size 17408
      sig 0x000506ca, pf_mask 0x03, 2020-02-27, rev 0x001e, size 15360
      sig 0x000506e3, pf_mask 0x36, 2020-07-14, rev 0x00e2, size 105472
      sig 0x000706a8, pf_mask 0x01, 2020-06-09, rev 0x0018, size 75776
      sig 0x000706e5, pf_mask 0x80, 2020-07-30, rev 0x00a0, size 109568
      sig 0x000806e9, pf_mask 0x10, 2020-05-27, rev 0x00de, size 104448
      sig 0x000806e9, pf_mask 0xc0, 2020-05-27, rev 0x00de, size 104448
      sig 0x000806ea, pf_mask 0xc0, 2020-06-17, rev 0x00e0, size 104448
      sig 0x000806eb, pf_mask 0xd0, 2020-06-03, rev 0x00de, size 104448
      sig 0x000806ec, pf_mask 0x94, 2020-05-18, rev 0x00de, size 104448
      sig 0x000906e9, pf_mask 0x2a, 2020-05-26, rev 0x00de, size 104448
      sig 0x000906ea, pf_mask 0x22, 2020-05-25, rev 0x00de, size 103424
      sig 0x000906eb, pf_mask 0x02, 2020-05-25, rev 0x00de, size 104448
      sig 0x000906ec, pf_mask 0x22, 2020-06-03, rev 0x00de, size 103424
      sig 0x000906ed, pf_mask 0x22, 2020-05-24, rev 0x00de, size 103424
      sig 0x000a0660, pf_mask 0x80, 2020-07-08, rev 0x00e0, size 94208
  * 0x806c1: remove the new Tiger Lake update: causes hang on cold/warm boot
    https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/44
    INTEL-SA-00381 AND INTEL-SA-00389 MITIGATIONS ARE THEREFORE NOT INSTALLED
    FOR 0x806c1 TIGER LAKE PROCESSORS by this package update.  Contact your
    system vendor for a firmware update, or wait fo a possible fix in a future
    Intel microcode release.
  * source: update symlinks to reflect id of the latest release, 20201110
  * source: ship new upstream documentation (security.md, releasenote.md)

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
[used different .tar.xz source, but with the same content]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 1add2c0d95)
2021-12-29 23:45:37 +01:00
Nian Bohung
a20e9474df cypress-nvram: fix firmware is not exist for raspberry pi compute 4
Fixes:
brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6
Direct firmware load for brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module.txt failed with error -2
Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module.txt
Direct firmware load for brcm/brcmfmac43455-sdio.txt failed with error -2
Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.txt

Signed-off-by: Nian Bohung <n0404.n0404@gmail.com>
(cherry picked from commit b1db558555)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[improved commit mesage]
2021-12-29 21:40:40 +01:00
Florian Eckert
dbe2a6343f base-files: fix service_running check
The following command checks if a instance of a service is running.
/etc/init.d/<service> running <instance>

 In the variable `$@`, which is passed to the function
`service_running`, the first argument is always the `instance` which
should be checked. Because all other variables where removed from `$@`
with `shift`.

Before this change the first argument of `$@` was set to the `$service`
Variable. So the function does not work as expected. The `$service`
variable was always the instance which should be checked. This is not
what we want.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Reviewed-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit dd681838d3)
2021-12-29 21:40:40 +01:00
Javier Marcet
e81dd8a10a base-files: upgrade: fix efi partitions size calculation
We were missing (not using) the last sector of each partition,
compared with the output of gparted.

Signed-off-by: Javier Marcet <javier@marcet.info>
[moved the dot]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 018ada5403)
2021-12-29 21:38:58 +01:00
Felix Fietkau
d655eea053 hostapd: only attempt to set qos map if supported by the driver
Fixes issues with brcmfmac

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 5e67cd63c4)
2021-12-23 19:20:34 +01:00
Felix Fietkau
e1b79b1dc3 mac80211: optimize airtime fairness code to reduce cpu usage
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 87def9efd8)
2021-12-21 12:58:22 +01:00
Hauke Mehrtens
4b52d89531 mac80211: Update toversion 5.10.85
The following patches were backported from upstream before and are not
needed any more:
  package/kernel/mac80211/patches/ath/980-ath10k-fix-max-antenna-gain-unit.patch
  package/kernel/mac80211/patches/subsys/307-mac80211-do-not-access-the-IV-when-it-was-stripped.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-12-14 23:12:22 +01:00
Rafał Miłecki
2c1f27bf4b bcm4908img: detect Linksys images
Linksys uses an extra 0x100 bytes long tail for BCM4908 images.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit c4d5e60f61)
2021-12-13 14:33:06 +01:00
Rafał Miłecki
1d1c695273 bcm4908img: store offset of tail data
This simplifies some operations as it doesn't have to be caculated over
and over. It will also allow adding support for more vendor formats.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 063038bcef)
2021-12-13 14:33:06 +01:00
Rafał Miłecki
f24e745b25 bcm63xx-cfe: update to the latest master
e5050f3 linksys: ea9500-v2: add cferam file

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 0b2c1997e9)
2021-12-13 14:33:06 +01:00
Rafał Miłecki
2912bba4cb otrx: update to the latest master
56e8e19 otrx: support TRX from stdin when extracting
a37ccaf otrx: support unsorted partitions offsets
1fa145e otrx: extract shared code opening & parsing TRX format
4ecefda otrx: allow validating TRX from stdin
cf01e69 otrx: avoid unneeded fseek() when calculating CRC32

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 942facd14f)
2021-12-13 14:01:11 +01:00
Rafał Miłecki
3d05cd40a6 otrx: use firmware-utils.git to avoid code duplication
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 7c4d79aa1c)
2021-12-13 13:57:28 +01:00
Hannu Nyman
5124b96e72 busybox: update to 1.33.2 bugfix release
Update busybox to 1.33.2, which includes only 5 commits after 1.33.1

  Bug fix release. 1.33.2 has fixes for hush and ash (parsing fixes)
  and unlzma (fix where we could read before beginning of buffer).

https://git.busybox.net/busybox/log/?h=1_33_2

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2021-12-04 20:20:06 +01:00
Felix Fietkau
266890bb12 mt76: update to the latest version
71e08471ab56 mt76: eeprom: fix return code on corrected bit-flips
9a8fc6636d83 mt76: move sar_capa configuration in common code
7cdbea1dc82a mt76: only access ieee80211_hdr after mt76_insert_ccmp_hdr
678071ef7029 mt76: mt7615: clear mcu error interrupt status on mt7663

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit fc4398fe71)
2021-12-03 11:13:01 +01:00
Felix Fietkau
efc76b1361 mac80211: bump PKG_RELEASE
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-12-02 14:27:22 +01:00
Felix Fietkau
1276ef9c1c mac80211: fix tx aggregation locking issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit a1a71a7199)
2021-12-02 14:14:39 +01:00
Felix Fietkau
b1e684fa88 mac80211: fix queue assignment of aggregation start requests
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 15d8c7aa74)
2021-12-02 14:13:33 +01:00
Felix Fietkau
462ccf90be mt76: update to the latest version
a6451fea5a3d mt76: mt7615: improve wmm index allocation
1911486414dc mt76: mt7915: improve wmm index allocation
7998a41d1321 mt76: clear sta powersave flag after notifying driver
664475574438 mt76: mt7603: introduce SAR support
5c0da39c940b mt76: mt7915: introduce SAR support
77fc6c439a32 mt76: mt7603: improve reliability of tx powersave filtering
094b3d800835 firmware: update mt7663 rebb firmware to 20200904171623
25237b19bcc1 mt76: eeprom: tolerate corrected bit-flips
1463cb4c6ac2 mt76: mt7921: fix boolreturn.cocci warning
586bad6020f7 mt76: mt7921: use correct iftype data on 6GHz cap init
8ec95c910425 mt76: mt7921s: fix bus hang with wrong privilege
688e30c7d854 firmware: update mt7921 firmware to version 20211014
6fad970893dd mt76: fix key pointer overwrite in mt7921s_write_txwi/mt7663_usb_sdio_write_txwi
95acf972750c mt76: fix 802.3 RX fail by hdr_trans
3f402b0cf6c0 mt76: mt7921s: fix possible kernel crash due to invalid Rx count
929a03a8d65d mt76: connac: fix last_chan configuration in mt76_connac_mcu_rate_txpower_band

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 7e15390056)
2021-12-02 12:53:30 +01:00
Mathias Kresin
36848e2c29 uboot-lantiq: danube: fix hanging lzma kernel uncompression #2
Follow up to commit c744798cad. Managed to
hit the very same issue again while playing with the NOR SPL builds.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2021-11-27 23:00:31 +01:00
Felix Fietkau
0e0192098a mac80211: backport fix for dealing with stripped IV on rx
This fixes potental rx drop issues

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 68189835ac)
2021-11-26 08:55:04 +01:00
Felix Fietkau
77667a7eb6 hostapd: add a patch that allows processing auth requests for peers in blocked state
If authentication fails repeatedly e.g. because of a weak signal, the link
can end up in blocked state. If one of the nodes tries to establish a link
again before it is unblocked on the other side, it will block the link to
that other side. The same happens on the other side when it unblocks the
link. In that scenario, the link never recovers on its own.

To fix this, allow restarting authentication even if the link is in blocked
state, but don't initiate the attempt until the blocked period is over.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit f84053af5c)
2021-11-24 18:31:04 +01:00
Felix Fietkau
9127e5193e hostapd: bump PKG_RELEASE
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-11-24 15:43:10 +01:00
Felix Fietkau
4679c4ae25 mac80211: bump PKG_RELEASE
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-11-24 15:42:45 +01:00
Felix Fietkau
36c3103cba mac80211: add a fix for kernel warnings when forwarding packets in mesh mode
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit d439c7d85a)
2021-11-24 15:42:20 +01:00
Felix Fietkau
ea91ebedce mac80211: fix regression in SSN handling of addba tx
Some drivers that do their own sequence number allocation (e.g. ath9k, mwlwifi) rely
on being able to modify params->ssn on starting tx ampdu sessions.
This was broken by a change that modified it to use sta->tid_seq[tid] instead.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit ddd977fcc5)
2021-11-24 15:41:34 +01:00
David Bauer
dec9e83956 hostapd: fix goto loop for ubus assoc handler
When a ubus event handler denies a association with a non-zero return
value, the code jumps to preceeding code, creating an endless loop until
the event handler accepts the assc request.

Move the ubus handler further up the code to avoid creating such a loop.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-11-23 22:27:13 +01:00
Felix Fietkau
c254d83ea8 hostapd: enable ht40 in wpa_supplicant when using wider HE modes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit c26d741d07)
2021-11-23 18:30:05 +01:00
Felix Fietkau
0243f09465 hostapd: add support for providing vendor specific IE elements
They can be added as hex digit strings via the 'vendor_elements' option

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 1818b038d7)
2021-11-23 18:30:05 +01:00
John Crispin
28b30ae10b hostapd: add eap_server support
This makes it possible to avoid using a RADIUS server for WPA enterprise authentication

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from 98621c9782)
2021-11-23 18:30:05 +01:00
Felix Fietkau
21eb0a5aa3 hostapd: add default values for r0kh/r1kh
This allows WPA enterprise roaming in the same mobility domain without any
manual key configuration (aside from radius credentials)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 704ab6a002)
2021-11-23 18:30:05 +01:00
Felix Fietkau
32b047e22e hostapd: add support for configuring the beacon rate
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 46509a51dd)
2021-11-23 18:30:05 +01:00
Felix Fietkau
1f5155d005 hostapd: add support for configuring rts threshold
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 26da5c2359)
2021-11-23 18:30:05 +01:00
David Bauer
75f72696b5 hostapd: fix use after free bugs
Using a pointer one lifter after it freed is not the best idea.
Let's not do that.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry-picked from commit 63c01ad025)
2021-11-23 18:30:05 +01:00
Felix Fietkau
0b75372275 hostapd: add wmm qos map set by default
This implements the mapping recommendations from RFC8325, with an
update from RFC8622. This ensures that DSCP marked packets are properly
sorted into WMM classes.
The map can be disabled by setting iw_qos_map_set to something invalid
like 'none'

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit a5e3def182)
2021-11-23 18:30:05 +01:00
Felix Fietkau
6ac1b9188a hostapd: support qos_map_set without CONFIG_INTERWORKING
This feature is useful on its own even without full interworking support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit efff3520f4)
2021-11-23 18:30:04 +01:00
Felix Fietkau
5a8988baa9 hostapd: refresh patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-11-23 18:30:04 +01:00
Felix Fietkau
9b660c63ad hostapd: fix a race condition on adding AP mode wds sta interfaces
Both hostapd and netifd attempt to add a VLAN device to a bridge.
Depending on which one wins the race, bridge vlan settings might be incomplete,
or hostapd might run into an error and refuse to service the client.
Fix this by preventing hostapd from adding interfaces to the bridge and
instead rely entirely on netifd handling this properly

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit da4be02fcd)
(cherry-picked from commit 63c01ad025)
2021-11-23 18:30:04 +01:00
Felix Fietkau
d9373c5922 hostapd: fix max_oper_chwidth setting for HE
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 2319cf4ec0)
2021-11-23 18:30:04 +01:00
Felix Fietkau
4a53adbd43 hostapd: let netifd set bridge port attributes for snooping
Avoids race conditions on bridge member add/remove

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 17d19a7d43)
2021-11-23 18:30:04 +01:00
Jesus Fernandez Manzano
345f8fc7f3 hostapd: respect fixed channel BW in HE20 mode
When using htmode 'HE20' with a radio mode that uses wpa-supplicant
(like mesh or sta), it will default to 40 MHz bw if disable_ht40 is not
set. This commit fixes this behaviour.

Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
(cherry-picked from commit af83e3ce0f)
2021-11-23 18:30:04 +01:00
Felix Fietkau
23909a85de hostapd: make proxyarp work with libnl-tiny
Remove a dependency on libnl3-route

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit ae1c5d0d6a)
2021-11-23 18:30:04 +01:00
Felix Fietkau
aada4d0e78 hostapd: fix a segfault on sta disconnect with proxy arp enabled
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 5dd1bd5b80)
2021-11-23 18:30:04 +01:00
Felix Fietkau
c75d176882 hostapd: make the snooping interface (for proxyarp) configurable
Use the VLAN interface instead of the bridge, to ensure that hostapd receives
untagged DHCP packets

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 7b46377a0c)
(cherry-picked from commit f1b98fa4fa)
2021-11-23 18:30:04 +01:00
Felix Fietkau
93dc8760b0 hostapd: configure inter-AP communication interface for 802.11r
In setups using VLAN bridge filtering, hostapd may need to communicate using
a VLAN interface on top of the bridge, instead of using the bridge directly

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 305c1b8d74)
2021-11-23 18:30:04 +01:00
John Crispin
ce7a170414 hostapd: add additional radius options
- add functionality to configure RADIUS NAS-Id and Operator-Name
- add functionality to configure RADIUS accounting interval
- enable RADIUS "Chargeable User Identity"

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 3bd6c8c728)
2021-11-23 18:30:04 +01:00
Felix Fietkau
7d1c464a23 hostapd: add extra options for hotspot 2.0 / interworking
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit c76f1d8330)
2021-11-23 18:30:04 +01:00
John Crispin
e480a0986e hostapd: fix civic location option
Signed-off-by: John Crispin <john@phrozen.org>
(cherry-picked from commit 937dd79e2a)
2021-11-23 18:30:04 +01:00
Rui Salvaterra
46aa34ee0f hostapd: enable airtime policy for the -basic variants
Airtime policy configuration is extremely useful in multiple BSS scenarios.
Since nowadays most people configure both private and guest networks (at
least), it makes sense to enable it by default, except for the most limited
of the variants.

Size of the hostapd-basic-openssl binary (mipsel 24Kc -O2):
543944 bytes (airtime policy disabled)
548040 bytes (airtime policy enabled)

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Acked-by: Daniel Golle <daniel@makrotopia.org>
(cherry-picked from commit d38f456582)
2021-11-23 18:30:04 +01:00
Felix Fietkau
62fa301cce hostapd: add patch for disabling automatic bridging of vlan interfaces
netifd is responsible for handling that, except if the vlan bridge
was provided by the config

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit cf45caeff1)
2021-11-23 18:30:04 +01:00
Felix Fietkau
2982f1ec0a mt76: update to the latest version
624c681ef0c6 mt76: mt7921: enable VHT BFee capability
a27dfcb63ccf mt76: connac: fix UC entry is being overwritten
6b691e62470e mt76: connac: add mt76_connac_power_save_sched in mt76_connac_pm_unref
b14365bea586 mt76: mt7921: wake the device before dumping power table
82af16bddfc0 mt76: mt7921: make mt7921_set_channel static
b24598b1c1a9 mt76: connac: add mt76_connac_mcu_get_nic_capability utility routine
5954e3381ff9 mt76: testmode: move chip-specific stats dump before common stats
fd5b612f9aa4 mt76: mt7915: fix rx fcs error count in testmode
d9d26a294f7b mt76: connac: fix the maximum interval schedule scan can support
ed39c882f388 mt76: reduce rx buffer size to 2048
60f3d3adbba6 mt76: move mt76_get_next_pkt_id in mt76.h
67ed4d902c84 mt76: connac: check band caps in mt76_connac_mcu_set_rate_txpower
23c6ec49c000 mt76: make mt76_update_survey() per phy
5ca602fb9455 mt76: mt7915: introduce mt7915_mcu_set_txbf()
c13df42282e9 mt76: mt7915: improve MU stability
dee7dcddcaa0 mt76: use SPDX header file comment style
6fbd47153b3d mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode
1b97dd1762ca mt76: mt7921: fix sta_state incorrect implementation
1b89053b5a6f mt76: mt7921: improve code readability for mt7921_update_txs
126649816785 mt76: mt7921: limit txpower according to userlevel power
a5163ac09be2 mt76: mt7921: introduce dedicated control for deep_sleep
e47c04db4d7e mt76: mt7921: fix kernel warning when reset on vif is not sta
063d3611662c mt76: mt7921: fix the coredump is being truncated
12bf28feba7c mt76: fix iv and CCMP header insertion
949327e76ee4 mt76: disable TWT capabilities for the moment
3530254c1bc9 mt76: mt7921: enable HE BFee capability
599e35f5d9b8 mt76: sdio: do not run mt76_txq_schedule directly
3b6d30c28946 mt76: mt7663s: rely on pm reference counting
529d55a79088 mt76: mt7663s: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx path
ef44ff116ee2 mt76: mt7663s: enable runtime-pm
3a71e71a555e mt76: mt7615: set macwork timeout according to runtime-pm
925d96e443a4 mt76: mt7921: allow chip reset during device restart
63b114d84361 mt76: mt76x0e: fix device hang during suspend/resume
7f5ea5e2fd10 mt7915: check return code of sysfs_create_link
ca64a36908b7 mt76: fix mt76_rates for the multiple devices
f517116bf14c mt76: add mt76_default_basic_rate more devices can rely on
6c70b0100513 mt76: mt7921: fix mgmt frame using unexpected bitrate
c00a9a6b52af mt76: mt7915: fix mgmt frame using unexpected bitrate
0e4089949565 mt76: mt7921: fix endianness in mt7921_mcu_tx_done_event
55f314120ef2 mt76: mt7921: avoid unnecessary spin_lock/spin_unlock in mt7921_mcu_tx_done_event
541cd3276488 mt76: mt7915: fix endianness warning in mt7915_mac_add_txs_skb
817761e87c4f mt76: mt7921: fix endianness warning in mt7921_update_txs
b8eca74bbd7b mt76: mt7615: fix endianness warning in mt7615_mac_write_txwi
5e5e07f0def3 mt76: mt7915: fix potential overflow of eeprom page index
abda4cded420 mt76: mt7915: fix info leak in mt7915_mcu_set_pre_cal()
535899f81a46 mt76: mt7915: fix calling mt76_wcid_alloc with incorrect parameter
adfa1b9a3ca0 mt76: connac: fix mt76_connac_gtk_rekey_tlv usage
2a65b105ea4a mt76: mt7921: enable aspm by default
c57158c82804 mt76: fix build error implicit enumeration conversion
41f607cab83c mt76: mt7921: fix survey-dump reporting
25b4f885a937 mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
e63fadb87fe1 mt76: mt7915: report HE MU radiotap
135ef3e9827a mt76: mt7915: adapt new firmware to update BA winsize for Rx session
7118eacb7ce4 mt76: mt7921: add .set_sar_specs support
f1f6569da408 mt76: mt7915: fix an off-by-one bound check
f7da39467965 mt76 mt7915: take RCU read lock when calling ieee80211_bss_get_elem()
87af8e5c72b1 mt76: mt7915: cleanup -Wunused-but-set-variable
8e2d383fbd92 mt76: mt7915: report tx rate directly from tx status
ddce30977591 mt76: mt7915: remove mt7915_sta_stats
4ccd42029519 mt76: mt7921: introduce testmode support
bbebea7d6dc6 Revert "mt76: fix mt76_rates for the multiple devices"
74dedf9352c5 mt76: mt7615: fix skb use-after-free on mac reset
7201290eda43 mt76: mt7921: Fix out of order process by invalid event pkt
ca1b57e9971a mt76: mt7915: add a missing HT flag for GI parsing
4932c5d80153 of: net: pass the dst buffer to of_get_mac_address()
51d9eb3e6f52 mt76: mt7915: fix endianness warnings in mu radiotap
833ca13014ab mt76: mt7921: Add mt7922 support
8f8ed44d026e mt76: mt7915: add control knobs for thermal throttling
16f18bab6b11 mt76: mt7915: send EAPOL frames at lowest rate
affea639c586 mt76: mt7921: send EAPOL frames at lowest rate
ac00fed412d4 mt76: mt7915: fix potential overflow of eeprom page index [update]
e576ddb76dfa mt76: mt7915: switch proper tx arbiter mode in testmode
222847c3d5eb mt76: mt7915: fix bit fields for HT rate idx
d04814366c83 mt76: add support for setting mcast rate
4602acc9271a mt76: mt7921: fix dma hang in rmmod
ec2cf3bf96fd mt76: connac: fix GTK rekey offload failure on WPA mixed mode
2fdb9d621431 mt76: connac: add support for limiting to maximum regulatory Tx power
489ace63d42c mt76: mt7921: get rid of monitor_vif
22da8d28fcc8 mt76: mt7921: get rid of mt7921_mac_set_beacon_filter
c94130519786 mt76: mt7921: introduce mt7921_mcu_set_beacon_filter utility routine
51cff39d7ad3 mt76: overwrite default reg_ops if necessary
da11c1c6edef mt76: mt7615: move mt7615_mcu_set_p2p_oppps in mt76_connac module
47f50b0aa4b8 mt76: mt7921: report HE MU radiotap
4f48ba4b0254 mt76: mt7915: checkpatch cleanup
bc7ee7d7bdea mt76: mt7915: add HE-LTF into fixed rate command
6a19e40820aa mt76: mt7921: continue to probe driver when fw already downloaded
8b3d8e2de084 mt76: mt7921: fix firmware usage of RA info using legacy rates
17305a54b166 mt76: mt7921: fix kernel warning from cfg80211_calculate_bitrate
801c15577293 mt76: mt7921: fix endianness warnings in mt7921_mac_decode_he_mu_radiotap
0182a5b99a7a mt76: mt7915: update mac timing settings
e2ee9d0a33ed mt76: use IEEE80211_OFFLOAD_ENCAP_ENABLED instead of MT_DRV_AMSDU_OFFLOAD
fa6504aceb4f Revert "mt76: mt7915: checkpatch cleanup"
56b842b72a72 mt76: mt7915: fix wmm index on DBDC cards
8044311f5de5 mt76: mt7915: fix potential NPE in TXS processing
28da4baec7c5 mt76: mt7915: fix he_mcs capabilities for 160mhz
f7088ebe7452 mt76: mt7915: add LED support
ee019046284d mt76: mt7915: introduce bss coloring support
9848094e4bb5 mt76: mt7921: Fix fall-through warning for Clang
5710d0643418 mt76: add a bound check in mt76_calculate_default_rate()
a509cf2b654e mt76: mt7921: move mt7921_queue_rx_skb to mac.c
5a0f2382fcfe mt76: mt7915: rework debugfs queue info
62ffc31f4d7b mt76: mt7915: rename debugfs tx-queues
4750b5c918e5 mt76: mt7921: always wake device if necessary in debugfs
ac6adf74b3f2 mt76: mt7921: update mib counters dumping phy stats
eb75b9266ce6 net🛜mt76: fix boolreturn.cocci warnings
d7c4698435b3 mt76: mt7921: fix the inconsistent state between bind and unbind
9dcfba3169c4 mt76: switch from 'pci_' to 'dma_' API
d8b5e42c9a73 mt76: fill boottime_ns in Rx path
8ee6446075f2 mt76: disable BH around napi_schedule() calls
e17d730bf2f6 mt76: mt7915: add LED support [update to v3]
80fe40c9457e mt76: mt7915: enable configured beacon tx rate
c8f0d1d81d05 mt76: mt7915: fix hwmon temp sensor mem use-after-free
3b9ba7e02076 mt76: mt7615: fix hwmon temp sensor mem use-after-free
5e82eceb45cb mt76: mt7921: start reworking tx rate reporting
eb66b5c9ff77 mt76: mt7921: add support for tx status reporting
c8010f170e76 mt76: mt7921: report tx rate directly from tx status
4dc7f3db572b mt76: mt7921: remove mcu rate reporting code
db89c6f86724 mt76: mt7921: remove mt7921_sta_stats
6bb8b4267dbe mt76: move spin_lock_bh to spin_lock in tasklet
0eacf41985da mt76: mt7915: honor all possible error conditions in mt7915_mcu_init()
4dfff296ee6e mt76: mt7915: fix possible infinite loop release semaphore
537ed88dd2d0 mt76: mt7921: robustify hardware initialization flow
e0b846159221 mt76: mt7921: fix retrying release semaphore without end
c55dedcea268 mt76: mt7915: add ethtool stats support
d1d5e8cd3a3e mt76: mt7915: add tx stats gathered from tx-status callbacks
1687189d68b7 mt76: mt7915: add some per-station tx stats to ethtool
f4dde5f765af mt76: mt7915: add tx mu/su counters to mib
9752bf0643c9 mt76: mt7915: add more MIB registers
4727415017c9 mt76: mt7915: add mib counters to ethtool stats
4ca80a749e7f mt76: connac: set 6G phymode in mt76_connac_get_phy_mode{,v2}
3f2a5d39631e mt76: connac: enable 6GHz band for hw scan
817a41826bd7 mt76: connac: add 6GHz support to mt76_connac_mcu_set_channel_domain
a6ab81c21080 mt76: connac: set 6G phymode in single-sku support
ca4f47028a44 mt76: connac: add 6GHz support to mt76_connac_mcu_sta_tlv
d2e192ea81e2 mt76: connac: add 6GHz support to mt76_connac_mcu_uni_add_bss
c3dd12b4c8ae mt76: connac: enable hw amsdu @ 6GHz
91ed2b256c20 mt76: add 6GHz support
de8c4f92621f mt76: mt7921: add 6GHz support
f143aedc1d57 mt76: introduce packet_id idr
bcc8d9e03a5d mt76: remove mt76_wcid pointer from mt76_tx_status_check signature
ccbd84763153 mt76: substitute sk_buff_head status_list with spinlock_t status_lock
69bb59df894c mt76: schedule status timeout at dma completion
03a992645310 mt76: support reading EEPROM data embedded in fdt
75615480b3fe mt76: introduce __mt76_mcu_send_firmware routine
e8e2eae41f94 mt76: drop MCU header size from buffer size in __mt76_mcu_send_firmware
4c455e8b1a20 mt76: mt7915: introduce __mt7915_get_tsf routine
9d49c611a2d7 mt76: mt7915: introduce mt7915_mcu_twt_agrt_update mcu command
f44ca79c9aed mt76: mt7915: introduce mt7915_mac_add_twt_setup routine
2f9555a2f18f mt76: mt7915: enable twt responder capability
440e2db8d541 mt76: mt7915: add twt_stats knob in debugfs
eb5f640f8afa mt76: debugfs: improve queue node readability
53d7eb3b4884 mt76: mt7615: fix monitor mode tear down crash
2aa3d4414826 mt76: mt7921: add delay config for sched scan
47e8e96e8e4d mt76: use a separate CCMP PN receive counter for management frames
5560b08f8e2d mt76: do not access 802.11 header in ccmp check for 802.3 rx skbs
1af0242d1241 mt76: mt7915: replace a 64 bit divsion with a call to div_u64_rem
83598c2e872f mt76: avoid possible infinite loop in mt76_tx_status_check
ebf5b2336591 mt7615/mt7915: fix hwmon device name
8d12f9ed275d mt76: mt7615: mt7622: fix ibss and meshpoint
e7883cdc0b4e mt76: mt7915: improve code readability in mt7915_mcu_sta_bfer_ht
831d5967abb9 wireless: fix spelling of A-MSDU in HE capabilities
f09cb04be261 wireless: align some HE capabilities with the spec
0eeba8f2952d wireless: align HE capabilities A-MPDU Length Exponent Extension
655a6c65b8a7 mt76: mt7915: introduce mt7915_mcu_beacon_check_caps()
4440025d0ba9 mt76: mt7915: fix txbf starec TLV issues
87d2fb6fbff5 mt76: mt7915: improve starec readability of txbf
53c6a3cb7f6b mt76: mt7915: fix sta_rec_wtbl tag len
f517845e4f28 mt76: mt7915: rework starec TLV tags
1df017bc39a3 mt76: mt7915: fix muar_idx in mt7915_mcu_alloc_sta_req()
6724b0a9a748 mt76: mt7915: set VTA bit in tx descriptor
f1f505cbbb30 mt76: mt7915: set muru platform type
8c9d4b38d258 mt76: mt7915: remove dead code in mt7915_get_et_stats
d0ccc4297935 mt76: rely on phy pointer in mt76_register_debugfs_fops routine signature
0af0af82bb97 mt76: mt7915: introduce mt76 debugfs sub-dir for ext-phy
10e85d62f213 mt76: mt7915: improve code readability for xmit-queue handler
b6051f7713d2 mt76: sdio: export mt76s_alloc_rx_queue and mt76s_alloc_tx routines
9a97c38a309d mt76: mt7921: get rid of unused variable in mt7921_tx_complete_skb
c02847c05884 mt76: mt7921: get rid of unused variable in mt7921_mac_tx_free
60dd47a0a62e mt76: mt7915: remove dead code in debugfs code
ce74fc020d81 mt76: mt7921: add MU EDCA cmd support
c062f6920356 mt76: mt7921: refactor mac.c to be bus independent
bfa909c833e8 mt76: mt7921: refactor dma.c to be pcie specific
6556bddf26d2 mt76: mt7921: refactor mcu.c to be bus independent
1c8418207c86 mt76: mt7921: refactor init.c to be bus independent
6cf8248c1a44 mt76: mt7921: add MT7921_COMMON module
77600b0c10ac mt76: connac: move mcu reg access utility routines in mt76_connac_lib module
65362a00d07d mt76: mt7663s: rely on mcu reg access utility
956206bb55c3 mt76: mt7921: make all event parser reusable between mt7921s and mt7921e
f0dedcf6aaf0 mt76: mt7921: use physical addr to unify register access
5079d5b0b13c mt76: sdio: move common code in mt76_sdio module
26257594398b mt76: sdio: introduce parse_irq callback
e353424f1b07 mt76: sdio: extend sdio module to support CONNAC2
ddab3dd25f94 mt76: connac: extend mcu_get_nic_capability
b2d9a1748a41 mt76: mt7921: rely on mcu_get_nic_capability
e6ce5d9cbda0 mt76: mt7921: refactor mt7921_mcu_send_message
ce3706a65ccd mt76: mt7921: introduce mt7921s support
3143118baf53 mt76: mt7921s: add reset support
645eac64bece mt76: mt76x0: correct VHT MCS 8/9 tx power eeprom offset
d54796787cb7 mt76: move mt76_sta_stats in mt76.h
094e085abf5a mt76: move mt76_ethtool_worker_info in mt76 module
f80ab6dde63d mt76: mt7915: run mt7915_get_et_stats holding mt76 mutex
4a11cb67dc27 mt76: mt7915: move tx amsdu stats in mib_stats
486da6fa2512 mt76: do not reset MIB counters in get_stats callback
d8837b7c8dcd mt76: mt7921: add some more MIB counters
5ffe086fcd1b mt76: mt7921: introduce stats reporting through ethtool
69154ae23f6b mt76: mt7921: add sta stats accounting in mt7921_mac_add_txs_skb
4b65fbc4e203 mt76: mt7921: move tx amsdu stats in mib_stats
35b8025f466b mt76: mt7921: add per-vif counters in ethtool
cfbbd861eb12 mt76: mt7915: enable HE UL MU-MIMO
a0b94987df80 mt76: mt7915: rework mt7915_mcu_sta_muru_tlv()
5fbb686e9c0c mt76: mt7915: fix missing HE phy cap
b649678c18ca mt76: mt7915: change max rx len limit of hw modules
9d288d7c0c73 mt76: mt7615: apply cached RF data for DBDC
4d2e81d9ecab mt76: mt7915: remove mt7915_mcu_add_he()
2c8c3bcd766c mt76: mt7915: rework .set_bitrate_mask() to support more options
577d45f6e4a0 mt76: mt7915: rework debugfs fixed-rate knob
b68af355f707 mt76: mt7915: fix endiannes warning mt7915_mcu_beacon_check_caps
b52adf981561 mt76: mt7915: add WA firmware log support
ed3d8569c400 mt76: mt7915: add debugfs knobs for MCU utilization
0f49a22314a5 mt76: mt7921: disable 4addr capability
754d4a37ab71 mt76: mt7921: fix mt7921s Kconfig
f81f42fe875f mt76: Print error message when reading EEPROM from mtd failed
fd25a550965d mt76: Make use of the helper macro kthread_run()
1d01257662a6 wireless: mediatek: mt7921: fix Wformat build warning
f6bde7ba82ee mt76: connac: fix unresolved symbols when CONFIG_PM is unset
5dd32475c859 mt76: mt7915: get rid of mt7915_mcu_set_fixed_rate routine
f5cfaaff3dd1 mt76: mt7921: drop offload_flags overwritten
f5ad840ca5c0 mt76: mt7615: fix possible deadlock while mt7615_register_ext_phy()
29a8a08827b1 mt76: mt7921: fix MT7921E reset failure
f44685f2faee mt76: mt7915: fix return condition in mt7915_tm_reg_backup_restore()
ae8e02ddd2b0 mt76: mt7915: fix SMPS operation fail
e814e15716b0 mt76: reverse the first fragmented frame to 802.11
c9bca3ed9566 mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode
dd054b7e16e7 mt76: only set rx radiotap flag from within decoder functions
f1520c9bb332 mt76: mt7915: add default calibrated data support
0c489ea2865a mt76: testmode: add support to set MAC
91c5da3d0a7c mt76: mt7921: add support for PCIe ID 0x0608/0x0616
ca39b4bbc227 mt76: debugfs: fix queue reporting for mt76-usb
00b6f497e2e8 mt76: mt7921: introduce 160 MHz channel bandwidth support
c1574466c733 mt76: fix possible OOB issue in mt76_calculate_default_rate
9680a17b0aed mt76: mt7921: fix possible NULL pointer dereference in mt7921_mac_write_txwi
78fc0dcdcef0 mt76: connac: fix a theoretical NULL pointer dereference in mt76_connac_get_phy_mode
05953e7d6fe7 mt76: mt7615: remove dead code in get_omac_idx
39f6c37127c1 mt76: connac: remove PHY_MODE_AX_6G configuration in mt76_connac_get_phy_mode
526591b203f3 mt76: do not pass the received frame with decryption error
256789bb400f mt76: fix the wiphy's available antennas to the correct value
fa187f5cf068 mt76: fix timestamp check in tx_status
11ebf11a3587 mt76: mt7915: fix the wrong SMPS mode
8c69b815ee7f mt76: mt7921: honor mt76_connac_mcu_set_rate_txpower return value in mt7921_config
bc6798f729f9 mt76: move sar utilities to mt76-core module
b1d0ad2e74fe mt76: mt76x02: introduce SAR support
f0a5b1118fa4 mt76: mt7915: fix decap offload corner case with 4-addr VLAN frames
67f93aa9a207 mt76: mt7615: fix decap offload corner case with 4-addr VLAN frames
46261d4bbfb5 mt76: fix possible pktid leak
a7fdd272efee mt76: mt7921: move mt76_connac_mcu_set_hif_suspend to bus-related files
3d9e13f567a4 mt76: mt7921s: fix the device cannot sleep deeply in suspend
99225b985cbc mt76: mt7615: fix unused tx antenna mask in testmode

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(sync with master commit 5aa62cb799)
2021-11-23 18:30:04 +01:00
Felix Fietkau
ee5b593435 mac80211: fix crash in drivers relying on mac80211 retransmitting packets for powersave clients
This showed up primarily on rt2x00

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit d1ea575baa)
2021-11-23 18:30:04 +01:00
Felix Fietkau
fb98c8a610 mac80211: backport a few trivial patches
No functional changes, just some renames to make it easier to keep mt76 in
sync with upstream

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit e62c550470)
(cherry-picked from commit a889dcd3f2)
2021-11-23 18:30:04 +01:00
Felix Fietkau
2007d4e208 mac80211: backport AP mode TWT support
Required for an upcoming mt76 update

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 978e822db3)
(cherry-picked from commit af9d31aacc)
2021-11-23 18:30:04 +01:00
Felix Fietkau
c5ef1cee8a mac80211: backport support for BSS color changes
This is needed for an upcoming mt76 update
also sync iw nl80211 with kernel backports

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 2bfac61483)
(cherry-picked from commit 36019ed589)
2021-11-23 18:30:04 +01:00
Felix Fietkau
bb5da058db mac80211: add missing change for encap offload on devices with sw rate control
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 0f6887972a)
(cherry-picked from commit 6f2044c2d7)
2021-11-23 18:30:04 +01:00
Felix Fietkau
52300733cd mac80211: backport SAR power limit support
Needed for an upcoming mt76 update

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 890bf06cef)
2021-11-23 18:30:04 +01:00
Felix Fietkau
68886f3018 mac80211: merge the virtual time based airtime scheduler
Improves airtime fairness, especially for devices with larger firmware buffers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit a5888ad6b3)
2021-11-23 18:30:04 +01:00
Felix Fietkau
c20f4e24bd mac80211: set beamformer/beamformee number of antennas in VHT caps
Without this, beamforming is probably not working

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit e2c4998f6d)
2021-11-23 18:30:04 +01:00
Bastian Bittorf
91ba22e3a4 mac80211: fix IBSS/adhoc mode for brcmfmac
On systems using brmcfmac (e.g. Raspberry Pi Zero W) without this fix,
the final setup-call:
iw dev wlan0 ibss join ...

fails with returncode 161 and message:
"command failed: Not supported (-95)"

So this patch calls an explicit:
iw dev wlan0 set type ibss
just prior to the 'ibss join' command.

I have tested several ath9k and mt76xx devices
with different revisions: this patch does not harm.

please also apply to stable branch.

Signed-off-by: Bastian Bittorf <bb@npl.de>
(cherry-picked from commit ea5fce3f46)
2021-11-23 18:30:04 +01:00
Felix Fietkau
27e4c5cf47 mac80211: allow retry of wifi setup if an iw interface add command fails
In some cases, spurious failures might be cleared by teardown and retry

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 42dda0ed3e)
2021-11-23 18:30:04 +01:00
Felix Fietkau
4a70b93f2d mac80211: fix HT40 mode for 6G band
The channel offset used for VHT segment calculation was missing for HT

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit a0d81ba0d5)
2021-11-23 18:30:04 +01:00
Felix Fietkau
cdb867b73a mac80211: fix processing HE capabilities (FS#3871)
Use the right argument to fix setting unsupported capabilities to 0

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 49ef4dbee5)
2021-11-23 18:30:04 +01:00
Felix Fietkau
7b7b494d56 mac80211: fix typo
Remove stray parenthesis

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 2cd1a10829)
2021-11-23 18:30:04 +01:00
Felix Fietkau
8e3b3fa577 mac80211: do not enable VHT in the default config on 2.4 GHz
Some drivers advertise it, but it's not supported at the moment

Reported-by: John Thomson <git@johnthomson.fastmail.com.au>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 42a99b18ff)
2021-11-23 18:30:04 +01:00
Felix Fietkau
4edda0c544 mac80211: fix detecting VHT capabilities when generating the default config
The colon does not directly follow the "VHT Capabilities" string

Reported-by: John Thomson <git@johnthomson.fastmail.com.au>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 3518b793a2)
2021-11-23 18:30:04 +01:00
Felix Fietkau
8133d59da9 mac80211: add more HE capabilities
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit fbd6f099f5)
2021-11-23 18:30:04 +01:00
Felix Fietkau
42d542e04f mac80211: fix center freq selection for 6 GHz
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8d79915327)
2021-11-23 18:30:04 +01:00
Felix Fietkau
b535ec25eb mac80211: set hostapd op_class for 6 GHz
This is needed to disambiguate it from 5 GHz channels

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit c8bcdd5619)
2021-11-23 18:30:04 +01:00
Felix Fietkau
7a2405efc6 mac80211: rework default config script
Emit the new band option instead of hwmode
Support 6 GHz band and HE options

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8504212f65)
2021-11-23 18:30:04 +01:00
Felix Fietkau
d0b33833ae mac80211: make use of the new 'band' option
Use it to look up frequencies only in the configured band to better deal
with channel number overlap

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8b8c1cb09b)
2021-11-23 18:30:04 +01:00
Felix Fietkau
be55e7d5dd netifd: update to the master branch
Sync with commit 4eba313065

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-11-23 18:30:04 +01:00
Jianhui Zhao
aae63bb9a9 iw: enable print wpa ie for scan
This increases the size of the iw_5.9-8fab0c9e-3_mips_24kc.ipk from
41166 to 41942 bytes by 776 bytes.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry-picked from commit 9df7eadcfd)
2021-11-23 17:08:29 +01:00
Hans Dedecker
df363764b7 netifd: fix deletion of ip tunnels (FS#4058)
a68e805 system-linux: fix deletion of ip tunnels (FS#4058)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2021-11-17 20:44:26 +01:00
Mathias Kresin
c744798cad uboot-lantiq: danube: fix hanging lzma kernel uncompression
At least since gcc 7.3.0 (OpenWrt 18.06) lwr/lwl are used in the
assembly of LzmaProps_Decode. While the decission made by the compiler
looks perfect fine, it triggers some obscure hang on lantiq danube-s
v1.5 with MX29LV640EB NOR flash chips.

Only if the offset 1 is used, the hang can be observed. Using any other
offset works fine:

  lwl s0,0(a1) - s0 == 0x6d000080
  lwl s0,1(a1) - hangs
  lwl s0,2(a1) - s0 == 0x0080xxxx
  lwl s0,3(a1) - s0 == 0x80xxxxxx

It isn't clear whether it is a limitation of the flash chip, the EBU or
something else.

Force 8bit reads to prevent gcc optimizing the read with lwr/lwl
instructions.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2021-11-14 20:24:45 +01:00
Christian Lamparter
4b0f87729c wireless-regdb: update to version 2021.08.28
e983a25 Update regulatory rules for Ecuador (EC)
a0bcb88 wireless-regdb: Update regulatory rules for Norway (NO) on 6 and 60 GHz
cdf854d wireless-regdb: Update regulatory rules for Germany (DE) on 6GHz
86cba52 wireless-regdb: reduce bandwidth for 5730-5850 and 5850-5895 MHz in US
6fa2384 wireless-regdb: remove PTMP-ONLY from 5850-5895 MHz for US
9839e1e wireless-regdb: recent FCC report and order allows 5850-5895 immediately
42dfaf4 wireless-regdb: update 5725-5850 MHz rule for GB

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit dbb4c47798)
2021-11-07 19:21:40 +01:00
Deomid Ryabkov
2f04012b20 base-files: chmod 1777 /var/lock
Per FHS 3.0, /var/lock is the location for lock files [1].
However its current permissions (755) are too restrictive
for use by unprivileged processes.
Debian and Ubuntu set them to 1777, and now so do we.

[1] <https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#varlockLockFiles>

Signed-off-by: Deomid Ryabkov <rojer@rojer.me>
[fixed typo in commit message, had to remove "rojer" due to git hooks]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 430f691943)
2021-11-05 21:24:04 +01:00
Stephan Schmidtmer
6ec5dbd2a1 libpcap: add rpcapd as package
This enables building of rpcapd and adds it as a package.

It is a daemon that allows remote packet capturing from another machine.
E.g. Wireshark can talk to it using the Remote Capture Protocol (RPCAP).
https://www.tcpdump.org/manpages/rpcapd.8.html

Compile and run tested:
OpenWrt 21.02.0-rc4 r16256-2d5ee43dc6 on x86/64 and mvebu/cortexa9

Signed-off-by: Stephan Schmidtmer <hurz@gmx.org>
(cherry picked from commit 891c8676a1)
2021-11-05 21:24:04 +01:00
Christian Lamparter
6fe4b7aa2b gpio-button-hotplug: convert to gpio descriptor (gpiod_) API
OpenWrt's special gpio-button-hotplug driver is still using
exclusively the legacy GPIO Subsystem gpio_ API.

While it still does work fine for most devices, upstream
linux is starting to convert platform support like that of
the APU2/3/4 to the new GPIOD LOOKUP tables that are not
supported by it.

Hence, this patch replaces the gpio_ calls present in
gpio-button-hotplug with gpiod_ equivalent wherever
it's possible. This allows the driver to use the
gpiod lookup tables and still have a fallback for
legacy platform data code that just sets button->gpio
set to the real button/switch GPIO.

As a bonus: the active_low logic is now being handled
by the linux's gpio subsystem too. Another issue that
was address is the of_handle leak in the dt parser
error path.

Tested with legacy platform data: x86_64: APU2, MX-100
Tested on OF: ATH79; MR18, APM821xx: Netgear WNDR4700,
	      RAMIPS: WL-330N3G
	      LANTIQ: AVM FritzBox 7360v1

Reported-by: Chris Blake <chrisrblake93@gmail.com>
Tested-by: Chris Blake <chrisrblake93@gmail.com>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 2b0378cf9f)
2021-11-05 21:24:04 +01:00
Roman Yeryomin
f441be3921 iproute2: m_xt.so depends on dynsyms.list
When doing parallel build on a fast machine with bottleneck in i/o,
m_xt.so may start linking faster than dynsyms.list gets populated,
resulting in error:

ld:dynsyms.list:0: syntax error in dynamic list

Fix this by adding dynsyms.list as make dependency to m_xt.so
Described also here:
https://bugs.openwrt.org/index.php?do=details&task_id=3353

Change from v1:
- add dynsysms.list dependancy only when shared libs are enabled

Signed-off-by: Roman Yeryomin <roman@advem.lv>
Fixes: FS#3353
(cherry-picked from commit edd53df168)
2021-10-27 20:49:44 +02:00
Hauke Mehrtens
a77ea2f05f OpenWrt v21.02.1: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-10-25 21:45:09 +02:00
Hauke Mehrtens
b4d7885af7 OpenWrt v21.02.1: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-10-25 21:44:54 +02:00
Ivan Pavlov
23778f067a wolfssl: fix compile when enable-devcrypto is set
fixing linking error when --enable-devcrypto=yes
fixes: 7d92bb0509 wolfssl: update to 4.8.1-stable

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit be3e260f92)
2021-10-23 12:38:01 +02:00
Andre Heider
3f8adcb215 wolfssl: remove --enable-sha512 configure switch
It's the default anyway and this just looks confusing, as if it wasn't.

Switch to AUTORELEASE while at it.

The binary size is unchanged.

Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 7cb5af30f4)
2021-10-23 12:37:51 +02:00
Andre Heider
249478ec48 wolfssl: always build with --enable-reproducible-build
This gates out anything that might introduce semantically frivolous jitter,
maximizing chance of identical object files.

The binary size shrinks by 8kb:
1244352 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f

Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit c76300707e)
2021-10-23 12:37:18 +02:00
Ivan Pavlov
16414718f9 wolfssl: update to 4.8.1-stable
Changes from 4.7.0:
  Fix one high (OCSP verification issue) and two low vulnerabilities
  Improve compatibility layer
  Other improvements and fixes

For detailed changes refer to https://github.com/wolfSSL/wolfssl/releases

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit 7d92bb0509)
[Added patch to allow compilation with libtool 2.4]
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2021-10-22 16:34:11 -10:00
Stijn Tintel
5a02760c8f wolfssl: fix build with GCC 10 on 32 x86 targets
Backport upstream patch to fix build with GCC 10 on 32 x86 targets.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 718a4f4780)
2021-10-22 16:34:11 -10:00
Jitao Lu
2274e4c1fc ncurses: add tmux terminfo
They're preferred terminal descriptions for tmux, with additional support to
some special characters and italic fonts. More info can be found at:
https://github.com/tmux/tmux/wiki/FAQ

Fixes: FS#3404

Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
(cherry picked from commit 917126ff4c)
2021-10-21 11:04:39 -10:00
Paul Spooren
eb5c2fed51 ncurses: add screen-256color terminfo
The terminfo is required by the popular terminal multiplexer screen and
tmux, offer it by default as the size impact is minimal with 885 Bytes.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 6a6b5a677e)
2021-10-21 11:04:27 -10:00
Paul Spooren
df9ca41322 ncurses: split long line of supported terminfo
The terminfo files were all in one row which is terrible to read.
Split them over multiple lines to improve readability.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 75ea474b90)
2021-10-21 11:03:51 -10:00
Andrew Robbins
284f8a64b7 ath10k-ct: update to version from 2021-09-22
Add in a fix for 160Mhz dfs on 5.10 and higher.
Add support for 5.13 and 5.15 kernels.
Add of_get_mac_address support for 5.15 driver.

Signed-off-by: Andrew Robbins <andrew@robbinsa.me>
(cherry picked from commit 1d2bc94f78)
2021-10-21 00:19:43 +02:00
David Bauer
43a5bebda1 wolfssl: bump PKG_RELEASE
Fixes commit 4b212b1306 ("wolfssl: build with WOLFSSL_ALT_CERT_CHAINS")

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-10-19 09:09:12 +02:00
Andre Heider
4b212b1306 wolfssl: build with WOLFSSL_ALT_CERT_CHAINS
"Alternate certification chains, as oppossed to requiring full chain
validataion. Certificate validation behavior is relaxed, similar to
openssl and browsers. Only the peer certificate must validate to a trusted
certificate. Without this, all certificates sent by a peer must be
used in the trust chain or the connection will be rejected."

This fixes e.g. uclient-fetch and curl connecting to servers using a Let's
Encrypt certificate which are cross-signed by the now expired
DST Root CA X3, see [0].

This is the recommended solution from upstream [1].

The binary size increases by ~12.3kb:
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1248704 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f

[0] https://github.com/openwrt/packages/issues/16674
[1] https://github.com/wolfSSL/wolfssl/issues/4443#issuecomment-934926793

Signed-off-by: Andre Heider <a.heider@gmail.com>
[bump PKG_RELEASE]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 28d8e6a871)
2021-10-17 16:26:54 +02:00
Martin Schiller
e604873e8a uhttpd: make organization (O=) of the cert configurable via uci
Make the organization (O=) of the cert configurable via uci. If not
configured, use a combination of "OpenWrt" and an unique id like it was
done before.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit 2c6c1501af)
2021-10-06 20:34:23 -10:00
Alan Swanson
76d90a5eaf uboot-lantiq: fix sha1.h header clash when system libmd installed
Backport of u-boot commit "includes: move openssl headers to include/u-boot"
2b9912e6a7

Fixes: FS#3955
Signed-off-by: Alan Swanson <reiver@improbability.net>
(cherry picked from commit 8db6410492)
2021-10-02 17:41:59 +02:00
Sven Eckelmann
1c95d78f08 ipq-wifi: Work around Plasma Cloud PA1200 5GHz crash
It was noticed [1] that the ath10k firmware crashes on 5GHz since OpenWrt
21.02.0. The problem seems to be triggered by the the nonLinearTxFir field
in the 5GHz BDF. If baseEepHeader.nonLinearTxFir (offset 0xc2) is 1 then
the firmware just crashes when setting up the 5Ghz radio using `ifconfig
wlan1 up`:

  ath10k_ahb a800000.wifi: firmware crashed! (guid 9e36ee82-4d2c-4c63-b20b-609a1eaca30c)
  ath10k_ahb a800000.wifi: qca4019 hw1.0 target 0x01000000 chip_id 0x003b00ff sub 0000:0000
  ath10k_ahb a800000.wifi: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0
  ath10k_ahb a800000.wifi: firmware ver 10.4-3.6-00140 api 5 features no-p2p,mfp,peer-flow-ctrl,btcoex-param,allows-mesh-bcast,no-ps crc32 ba79b746
  ath10k_ahb a800000.wifi: board_file api 2 bmi_id 0:17 crc32 5f400efc
  ath10k_ahb a800000.wifi: htt-ver 2.2 wmi-op 6 htt-op 4 cal pre-cal-file max-sta 512 raw 0 hwcrypto 1
  ath10k_ahb a800000.wifi: firmware register dump:
  ath10k_ahb a800000.wifi: [00]: 0x0000000B 0x000015B3 0x009C3C27 0x00975B31
  ath10k_ahb a800000.wifi: [04]: 0x009C3C27 0x00060530 0x00000018 0x004176B8
  ath10k_ahb a800000.wifi: [08]: 0x00405A50 0x00412A30 0x00000000 0x00000000
  ath10k_ahb a800000.wifi: [12]: 0x00000009 0x00000000 0x009B9742 0x009B974F
  ath10k_ahb a800000.wifi: [16]: 0x00971238 0x009B9742 0x00000000 0x00000000
  ath10k_ahb a800000.wifi: [20]: 0x409C3C27 0x004053DC 0x00000D2C 0x00405A60
  ath10k_ahb a800000.wifi: [24]: 0x809C3E13 0x0040543C 0x00000000 0xC09C3C27
  ath10k_ahb a800000.wifi: [28]: 0x809B9AC5 0x0040547C 0x00412A30 0x0040549C
  ath10k_ahb a800000.wifi: [32]: 0x809B8ECD 0x0040549C 0x00000001 0x00412A30
  ath10k_ahb a800000.wifi: [36]: 0x809B8FF3 0x004054CC 0x00412838 0x00000014
  ath10k_ahb a800000.wifi: [40]: 0x809BEF98 0x0040551C 0x0041627C 0x00000002
  ath10k_ahb a800000.wifi: [44]: 0x80986D47 0x0040553C 0x0041627C 0x00416A88
  ath10k_ahb a800000.wifi: [48]: 0x809CBB0A 0x0040559C 0x0041ACC0 0x00000000
  ath10k_ahb a800000.wifi: [52]: 0x809864EE 0x0040560C 0x0041ACC0 0x00000001
  ath10k_ahb a800000.wifi: [56]: 0x809CA8A4 0x0040564C 0x0041ACC0 0x00000001
  ath10k_ahb a800000.wifi: Copy Engine register dump:
  ath10k_ahb a800000.wifi: [00]: 0x0004a000  14  14   3   3
  ath10k_ahb a800000.wifi: [01]: 0x0004a400  16  16  22  23
  ath10k_ahb a800000.wifi: [02]: 0x0004a800   3   3   2   3
  ath10k_ahb a800000.wifi: [03]: 0x0004ac00  15  15  15  15
  ath10k_ahb a800000.wifi: [04]: 0x0004b000   4   4  44   4
  ath10k_ahb a800000.wifi: [05]: 0x0004b400   3   3   2   3
  ath10k_ahb a800000.wifi: [06]: 0x0004b800   1   1   1   1
  ath10k_ahb a800000.wifi: [07]: 0x0004bc00   1   1   1   1
  ath10k_ahb a800000.wifi: [08]: 0x0004c000   0   0 127   0
  ath10k_ahb a800000.wifi: [09]: 0x0004c400   0   0   0   0
  ath10k_ahb a800000.wifi: [10]: 0x0004c800   0   0   0   0
  ath10k_ahb a800000.wifi: [11]: 0x0004cc00   0   0   0   0
  ath10k_ahb a800000.wifi: failed to update channel list: -108
  ath10k_ahb a800000.wifi: failed to set pdev regdomain: -108
  ath10k_ahb a800000.wifi: failed to create WMI vdev 0: -108
  ieee80211 phy1: Hardware restart was requested

Since no actual solution is known (besides downgrading the ath10k firmware)
it seems to be better to disable the nonLinearTxFir for now.

[1] https://lore.kernel.org/ath10k/3423718.UToCqzeSYe@ripper/

Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit 8b09070820)
2021-09-25 18:39:53 +02:00
Sven Eckelmann
22db28683c ipq-wifi: Update Plasma Cloud PA1200 BDFs to firmware 3.5.12
The official Plasma Cloud firmware adjusted the BDFs to contain new
conformance test limits and target power values. These should be imported
to avoid emissions outside the allowed limits.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit e0721608f9)
2021-09-25 18:39:53 +02:00
Jesus Fernandez Manzano
3a051a234a hostapd: fix segfault when deinit mesh ifaces
In hostapd_ubus_add_bss(), ubus objects are not registered for mesh
interfaces. This provokes a segfault when accessing the ubus object in
mesh deinit.

This commit adds the same condition to hostapd_ubus_free_bss() for
discarding those mesh interfaces.

Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
(cherry picked from commit 5269c47e8d)
2021-09-24 12:33:33 +02:00
Hauke Mehrtens
65835e0d5f mac80211: Update to backports-5.10.68
Refresh all patches.
The removed patches were integrated upstream.

This contains fixes for CVE-2020-3702

1. These patches (ath, ath9k, mac80211)  were included in kernel
versions since 4.14.245 and 4.19.205. They fix security vulnerability
CVE-2020-3702 [1] similar to KrØØk, which was found by ESET [2].

Thank you Josef Schlehofer for reporting this problem.

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-3702
[2] https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-22 22:36:15 +02:00
Hauke Mehrtens
6f8143fa4a OpenWrt v21.02.0: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-01 21:53:58 +02:00
Hauke Mehrtens
b2ae423314 OpenWrt v21.02.0: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-01 21:53:53 +02:00
Eneas U de Queiroz
ff31cfb856 openssl: bump to 1.1.1l
This version fixes two vulnerabilities:
  - SM2 Decryption Buffer Overflow (CVE-2021-3711)
    Severity: High

  - Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
    Severity: Medium

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7119fd32d3)
2021-08-28 15:51:41 +02:00
Hauke Mehrtens
f78017006b uboot-layerscape: fix dtc compilation on host gcc 10
Backport a patch from upstream U-Boot to fix the compile with host GCC 10.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8d143784cb)
2021-08-28 15:48:08 +02:00
Hauke Mehrtens
8f039acee4 uboot-at91: fix dtc compilation on host gcc 10
Backport a patch from upstream U-Boot to fix the compile with host GCC 10.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a1034afba8)
2021-08-28 15:48:08 +02:00
Álvaro Fernández Rojas
25d9fe8468 bcm27xx-userland: update to latest version
Properly recognise all BCM2711 variants

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2021-08-21 19:39:55 +02:00
Michael Heimpold
35eb06066e bcm27xx-userland: factor out a -dev package
Installing headers and static libraries to the target system seems
to be not required for most use cases, so let's factor them
out into a dedicated -dev package.

This cuts down to disk usage to around 50% of the original
package to ~ 2MB - not that disk space is an issue normally,
but when using inside an initramfs only project, it counts.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2021-08-18 20:29:47 +02:00
Daniel Kestrel
94efa1c612 fritz-tools: fix returning wrong values due to strncmp usage
When having two keys that start with the same characters and the second
key just has one character more nand_tffs_read and tffs_read return the
wrong value for the longer key. This is due to the usage of strncmp in
combination with the length of the shorter key which is usually first in
the list before the longer key and when strncmp matches, the search is
stopped. The problem only occurs when the length of the two keys is
different, not if just the last character is different. The fix is to
use strcmp and as such it will only return the value if the key (name)
and the key to look for (namefilter) have the same value and length. A
sample case returning wrong values is when keys macwlan and macwlan2 are
defined and querying macwlan2 returns the value for macwlan.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
(cherry picked from commit 12564c5b86)
2021-08-08 20:51:52 +02:00
Rosen Penev
d9be07169e mbedtls: update to 2.16.11
Switched to AUTORELEASE to avoid manual increments.

Release notes:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.11

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit fcfd741eb8)
2021-08-08 20:51:41 +02:00
Daniel Golle
4003eeab35
dnsmasq: reset EXTRA_MOUNT in the right place
EXTRA_MOUNT variable should be reset in dnsmasq_start() rather than
just once at the beginning of the script.

Fixes: ac4e8aa2f8 ("dnsmasq: fix more dnsmasq jail issues")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ddc8d085f3)
2021-08-02 21:42:46 +01:00
Daniel Golle
6ca34c5c0c
dnsmasq: fix more dnsmasq jail issues
* remove superflus mounts of /dev/null and /dev/urandom
 * reset EXTRA_MOUNTS at the beginning of the script
 * add mount according to ignore_hosts_dir
 * don't add mount for file which is inside a directory already in the
   EXTRA_MOUNTS list

Fixes: 59c63224e1 ("dnsmasq: rework jail mounts")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ac4e8aa2f8)
2021-08-02 21:42:31 +01:00
Daniel Golle
b88ab44036
dnsmasq: rework jail mounts
* split into multiple lines to improve readability
 * use EXTRA_MOUNT for addnhosts instead of blindly adding /tmp/hosts
 * remove no longer needed mount for /sbin/hotplug-call
 * add dhcp-script.sh dependencies (jshn, ubus)

Fixes: 3a94c2ca5c ("dnsmasq: add /tmp/hosts/ to jail_mount")
Fixes: aed95c4cb8 ("dnsmasq: switch to ubus-based hotplug call")
Reported-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 59c63224e1)
2021-08-02 21:42:16 +01:00
Kevin Darbyshire-Bryant
8ef5894197
dnsmasq: use local option for local domain parameter
'--local' is a synonym for '--server' so let's use '--local' in the
resultant config file for uci's 'local' instead of uci's local
parameter being turned into '--server'.  Slightly less confusion all
round.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit e4cfefa9fc)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-08-02 21:41:52 +01:00
João Henriques
da5fd91073
dnsmasq: add ignore hosts dir to dnsmasq init script
When running multiple instances of dnsmasq, for example one being for the lan
and another for a guest network, it might not be desirable to have the same dns names
configured in both networks

Signed-off-by: João Henriques <joaoh88@gmail.com>
(cherry picked from commit e8a5670122)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-08-02 21:41:32 +01:00
Hauke Mehrtens
9531e70708 OpenWrt v21.02.0-rc4: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-08-01 19:39:03 +02:00
Hauke Mehrtens
134ac824c5 OpenWrt v21.02.0-rc4: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-08-01 19:38:53 +02:00
Felix Fietkau
55d9c020a1 netifd: update to the latest version
440eb0647708 bridge: fix regression in bringing up bridge ports

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 39f81b0bf6)
2021-07-26 20:44:17 +02:00
Felix Fietkau
089efd61e9 netifd: update to the latest version
85f01c44a950 bridge: check bridge port vlan membership on link-up events
17e453bd68b4 wireless: add back regular virtual interfaces on hotplug-add events as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 2801fe6132)
2021-07-25 06:27:23 +02:00
Etan Kissling
249aeaa9d8 dnsmasq: distinct Ubus names for multiple instances
Currently, when using multiple dnsmasq instances they are all assigned
to the same Ubus instance name. This does not work, as only a single
instance can register with Ubus at a time. In the log, this leads to
`Cannot add object to UBus: Invalid argument` error messages.
Furthermore, upstream 3c93e8eb41952a9c91699386132d6fe83050e9be changes
behaviour so that instead of the log, dnsmasq exits at start instead.

With this patch, all dnsmasq instances are assigned unique names so that
they can register with Ubus concurrently. One of the enabled instances
is always assigned the previous default name "dnsmasq" to avoid breaking
backwards compatibility with other software relying on that default.
Previously, a random instance got assigned that name (while the others
produced error logs). Now, the first unnamed dnsmasq config section is
assigned the default name. If there are no unnamed dnsmasq sections the
first encountered named dnsmasq config section is assigned instead.

A similar issue exists for Dbus and was similarly addressed.

Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
[tweaked commit message] dnsmasq was not crashing it is exiting
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit ba5bd8e556)
2021-07-19 22:47:23 +02:00
Nick Hainke
88c8d0a219 dnsmasq: add /tmp/hosts/ to jail_mount
Programs like the olsr-name-plugin write hostname files to "/tmp/hosts/".
If you don't add this to the jail_mount, dnsmasq can't read it anymore.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 3a94c2ca5c)
2021-07-19 14:16:19 +01:00
Hans Dedecker
4633471d74 odhcpd: fix invalid DHCPv6 ADVERTSIE with small configured leasetime (FS#3935)
bc9d317 dhcpv6-ia: fix invalid preferred lifetime

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 033d5ff25e)
2021-07-19 13:26:46 +02:00
Felix Fietkau
f3f70fb956 netifd: update to the latest version
7f24a063475e vlan: fix device vlan alias handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit d1a812c49b)
2021-07-14 15:33:57 +02:00
Felix Fietkau
fe498dd3f1 netifd: update to the latest version
61a71e5e49c3 bridge: dynamically create vlans for hotplug members
cb6ee9608e10 bridge: fix dynamic delete of hotplug vlans
7f199050f395 wireless: pass the real network ifname to the setup script
50381d0a2998 bridge: allow adding/removing VLANs to configured member ports via hotplug
f12b073c0cc3 wireless: add some comments to functions
b0d090688302 bridge: fix setting pvid for updated vlans
ff3764ce28e0 device: move hotplug handling logic from system-linux.c to device.c
16bff892f415 ubus: add a dummy mode ubus call to simulate hotplug events
7f30b02013f2 examples: make dummy wireless vif names shorter
013a1171e9b0 device: do not treat devices with non-digit characters after . as vlan devices
f037b082923a wireless: handle WDS per-sta devices
db0fa24e1c17 bridge: fix enabling hotplug-added VLANs on the bridge port
4e92ea74273f bridge: bring up pre-existing vlans on hotplug as well
1f283c654aeb bridge: fix hotplug vlan overwrite on big-endian systems

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 1236cbe30c)
2021-07-13 08:00:50 +02:00