54520 Commits

Author SHA1 Message Date
John Thomson
ef69ab7a35 kernel: cut broken SPI_NOR 4K eraseblock LIMIT patch
Since 4e0c54bc5bc8 ("kernel: add support for kernel 5.4"),
the spi-nor limit 4k erasesize to spi-nor chips below a configured size
patch has not functioned as intended.

For uniform erasesize SPI-NOR devices, both
nor->erase_opcode & mtd->erasesize are used in erase operations.
These are set before, and not modified by, this
CONFIG_MTD_SPI_NOR_USE_4K_SECTORS_LIMIT patch.
Thus, an SPI-NOR device with CONFIG_MTD_SPI_NOR_USE_4K_SECTORS will
always use 4k erasesize (where the device supports it).

If this patch was fixed to function as intended, there would be
cases where devices change from a 4K to a 64K erasesize.

Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
2022-06-29 12:34:49 +02:00
Hauke Mehrtens
aae3a8a254 x86: 64: Add kmod-igc to default packages
This adds the igc driver for the Intel 2.5GBit Ethernet chip to the
default packages.

Fixes: #10064
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-06-29 00:57:57 +02:00
Tamas Balogh
74dd7f9c36 ramips: add support for ASUS RP-AC87
Asus RP-AC87 ac2600 Repeater
2.4GHz 800Mbps
5GHz 1733Mbps

Hardware specifications:
SoC: MT7621A 2 cores 4 threads @880MHz
WiFi2G: MT7615E 2G 4x4 b/g/n
Wifi5G: MT7615E 5G 4x4 n/ac
DRAM: 128MB DDR3 @1200mhz
Flash: 16MB MX25L12805D SPI-NOR
LAN/WAN: MT7530 1x1000M

MAC addresses as verified by OEM firmware:
use address source
Lan/W5G *:B0 factory 0x8004 (label)
W2G *:B4 factory 0x0

Installation:

Asus windows recovery tool:

install the Asus firmware restoration utility
unplug the router, hold the reset button while powering it on
release when the power LED flashes slowly
specify a static IP on your computer:
IP address: 192.168.1.75
Subnet mask 255.255.255.0
Start the Asus firmware restoration utility, specify the factory image
and press upload
Do not power off the device after OpenWrt has booted until the LED flashing.
TFTP Recovery method:

set computer to a static ip, 192.168.1.2
connect computer to the LAN 1 port of the router
hold the reset button while powering on the router for a few seconds
send firmware image using a tftp client; i.e from linux:
$ tftp
tftp> binary
tftp> connect 192.168.1.1
tftp> put factory.bin
tftp> quit

Signed-off-by: Tamas Balogh <tamasbalogh@hotmail.com>
2022-06-29 00:57:56 +02:00
Etienne Champetier
35fec487e3 iptables: default to ip(6)tables-nft
OpenWrt now uses firewall4 (nft) by default,
so iptables should also default to nftables backend.

When multiple packages provide the same virtual package,
opkg pick the first one by alphabetical order,
so we rename iptables-legacy to iptables-zz-legacy and add
iptables-legacy in PROVIDES.

We also need to remove IPTABLES_NFTABLES config as
this cause recursive dependencies.

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-06-29 00:57:56 +02:00
Stijn Tintel
a5796a4db3 qoriq: add kernel 5.15 support
Add support for kernel 5.15 as testing kernel for qoriq.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-06-29 01:16:46 +03:00
Stijn Tintel
61587c9242 qoriq: enable HARDENED_USERCOPY
The random crashes observed with HARDENED_USERCOPY enabled no longer
seem to occur. Enable HARDENED_USERCOPY to improve security.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-06-29 00:51:41 +03:00
Stijn Tintel
3e1848ee0f qoriq: disable CONFIG_COMPAT
We do not need support for 32 bit applications, as we're building
everything for 64 bit.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-06-29 00:12:23 +03:00
Thibaut VARÈNE
5fdbae463c qoriq: 02_network fix sweth globbing logic
This prevents invalid configuration of non-existent sweth devices.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
2022-06-29 00:09:53 +03:00
Thibaut VARÈNE
19231cf838 qoriq: define reset button for Firebox M300
This patch provides support for the Firebox M300 reset button.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
2022-06-29 00:09:53 +03:00
Thibaut VARÈNE
4ab421b81d qoriq: define leds for Firebox M300
This patch provides support for the Firebox M300 only user-controllable
bi-color LED, and makes the green "shield" LED act as the typical
OpenWrt status led.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
2022-06-29 00:09:53 +03:00
Stijn Tintel
e02406e3cc kernel: add missing symbol to 5.15 config
Kernel 5.15.49 introduced a new symbol 'LIB_MEMNEQ'. Add it to the
generic 5.15 config.

Fixes: f1cd14448221 ("kernel: bump 5.15 to 5.15.49")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-06-29 00:09:53 +03:00
Stijn Tintel
f3caba679b kernel: add missing symbol to 5.10 config
Kernel 5.10.124 introduced a new symbol 'LIB_MEMNEQ'. Add it to the
generic 5.10 config.

Fixes: 9e5d743422ed ("kernel: bump 5.10 to 5.10.124")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-06-29 00:09:53 +03:00
Luiz Angelo Daros de Luca
1005dc0a64 realtek: add DGS-1210-28 factory image
DGS-1210 switches support dual image, with each image composed of a
kernel and a rootfs partition. For image1, kernel and rootfs are in
sequence. The current OpenWrt image (written using a serial console),
uses those partitions together as the firmware partition, ignoring the
partition division. The current OEM u-boot fails to validate image1 but
it will only trigger firmware recovery if both image1 and image2 fail,
and it does not switch the boot image in case one of them fails the
check.

The OEM factory image is composed of concatenated blocks of data, each
one prefixed with a 0x40-byte cameo header. A normal OEM firmware will
have two of these blocks (kernel, rootfs). The OEM firmware only checks
the header before writing unconditionally the data (except the header)
to the correspoding partition.

The OpenWrt factory image mimics the OEM image by cutting the
kernel+rootfs firmware at the exact size of the OEM kernel partition
and packing it as "the kernel partition" and the rest of the kernel and
the rootfs as "the rootfs partition". It will only work if written to
image1 because image2 has a sysinfo partition between kernel2 and
rootfs2, cutting the kernel code in the middle.

Steps to install:

1) switch to image2 (containing an OEM image), using web or these CLI
   commands:
   - config firmware image_id 2 boot_up
   - reboot
2) flash the factory_image1.bin to image1. OEM web (v6.30.016)
   is crashing for any upload (ssh keys, firmware), even applying OEM
   firmwares. These CLI commands can upload a new firmware to the other
   image location (not used to boot):
   - download firmware_fromTFTP <tftpserver> factory_image1.bin
   - config firmware image_id 1 boot_up
   - reboot

To debrick the device, you'll need serial access. If you want to
recover to an OpenWrt, you can replay the serial installation
instructions. For returning to the original firmware, press ESC during
the boot to trigger the emergency firmware recovery procedure. After
that, use D-Link Network Assistant v2.0.2.4 to flash a new firmware.

The device documentation does describe that holding RESET for 12s
trigger the firmware recovery. However, the latest shipped U-Boot
"2011.12.(2.1.5.67086)-Candidate1" from "Aug 24 2021 - 17:33:09" cannot
trigger that from a cold boot. In fact, any U-Boot procedure that relies
on the RESET button, like reset settings, will only work if started from
a running original firmware. That, in practice, cancels the benefit of
having two images and a firmware recovery procedure (if you are not
consider dual-booting OpenWrt).

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2022-06-28 22:20:09 +02:00
Luiz Angelo Daros de Luca
2fd66e058b scripts: add cameo image header generator
The cameo header is a 0x40-byte header used by D-Link DGS 1210 switches
and Apresia ApresiaLightGS series. cameo-imghdr.py is a clean-room
reimplementation of imghdr present in the DGS-1210-28-GPL package.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
[fix board_version argument's help text]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-28 22:20:09 +02:00
Stijn Tintel
6556cad99d hostapd: disable mbo by default
Enabling mbo by default on 802.11ax devices breaks for encryption types
that do not enable 802.11w by default. Disable mbo by default to fix
this. Enabling mbo by default on 802.11ax devices was not explained in
the commit message anyway.

Fixes: 6eee9836565c ("hostapd: introduce mbo option")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-06-28 22:16:47 +03:00
Sven Hauer
7e21ce8e2b ath79: support for TP-Link EAP225 v4
This model is almost identical to the EAP225 v3.
Major difference is the RTL8211FS PHY Chipset.

Device specifications:
* SoC: QCA9563 @ 775MHz
* RAM: 128MiB DDR2
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (SoC): b/g/n, 3x3
* Wireless 5Ghz (QCA9886): a/n/ac, 2x2 MU-MIMO
* Ethernet (RTL8211FS): 1× 1GbE, 802.3at PoE

Flashing instructions:
* ssh into target device and run `cliclientd stopcs`
* Upgrade with factory image via web interface

Debricking:
* Serial port can be soldered on PCB J4 (1: TXD, 2: RXD, 3: GND, 4: VCC)
    * Bridge unpopulated resistors R225 (TXD) and R237 (RXD).
      Do NOT bridge R230.
    * Use 3.3V, 115200 baud, 8n1
* Interrupt bootloader by holding CTRL+B during boot
* tftp initramfs to flash via LuCI web interface
    setenv ipaddr 192.168.1.1 # default, change as required
    setenv serverip 192.168.1.10 # default, change as required
    tftp 0x80800000 initramfs.bin
    bootelf $fileaddr

MAC addresses:
MAC address (as on device label) is stored in device info partition at
an offset of 8 bytes. ath9k device has same address as ethernet, ath10k
uses address incremented by 1.

Signed-off-by: Sven Hauer <sven.hauer+github@uniku.de>
2022-06-28 10:58:16 +02:00
Stijn Tintel
d2d5aabdbb hostapd: introduce min_tx_power option
Introduce a new option min_tx_power to configure the minimum permitted
max TX power (in dBm) for ACS and DFS channel selection.

Imagine the following regulatory rules:
  * 5180 MHz [36] (21.0 dBm)
  * 5200 MHz [40] (21.0 dBm)
  * 5220 MHz [44] (21.0 dBm)
  * 5240 MHz [48] (21.0 dBm)
  * 5260 MHz [52] (20.0 dBm) (radar detection)
  * 5280 MHz [56] (20.0 dBm) (radar detection)
  * 5300 MHz [60] (20.0 dBm) (radar detection)
  * 5320 MHz [64] (20.0 dBm) (radar detection)
  * 5500 MHz [100] (21.0 dBm) (radar detection)
  * 5520 MHz [104] (21.0 dBm) (radar detection)
  * 5540 MHz [108] (21.0 dBm) (radar detection)
  * 5560 MHz [112] (21.0 dBm) (radar detection)
  * 5580 MHz [116] (21.0 dBm) (radar detection)
  * 5600 MHz [120] (21.0 dBm) (radar detection)
  * 5620 MHz [124] (21.0 dBm) (radar detection)
  * 5640 MHz [128] (21.0 dBm) (radar detection)
  * 5660 MHz [132] (21.0 dBm) (radar detection)
  * 5680 MHz [136] (21.0 dBm) (radar detection)
  * 5700 MHz [140] (21.0 dBm) (radar detection)
  * 5720 MHz [144] (13.0 dBm) (radar detection)
  * 5745 MHz [149] (13.0 dBm)
  * 5765 MHz [153] (13.0 dBm)
  * 5785 MHz [157] (13.0 dBm)
  * 5805 MHz [161] (13.0 dBm)
  * 5825 MHz [165] (13.0 dBm)
  * 5845 MHz [169] (13.0 dBm)
  * 5865 MHz [173] (13.0 dBm)

When ACS or DFS end up selecting channel 144 or higher, some clients
might no longer be able to communicate with the AP due to the TX power
being limited to 13 dBm. Setting min_tx_power to 20 will result in
hostapd not considering these channels during ACS or after a DFS event.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:51 +03:00
Stijn Tintel
f2982bcc89 hostapd: introduce background_radar option
Introduce a new option background_radar to toggle hostapd's background
radar feature. Enabling this allows DFS CAC to run on dedicated radio RF
chains while the radio(s) are otherwise running normal AP activities on
other channels.

As OpenWrt configures hostapd to use a channel list even when a single
channel is configured, using this feature requires a list of channels in
/etc/config/wireless. Alternatively, channel can be set to auto.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:51 +03:00
Stijn Tintel
5c57f9bbea hostapd: support MBO in bss_transition_request
Support the use of MBO in the bss_transition_request ubus method.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:51 +03:00
Stijn Tintel
6eee983656 hostapd: introduce mbo option
Introduce a new option mbo to toggle Multi Band Operation aka Agile
Multiband for a BSS.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:51 +03:00
Stijn Tintel
eaad8dfc22 hostapd: enable MBO if 802.11ax is enabled
Multi Band Operation is required for 802.11ax certification, so let's
enable it if 802.11ax support is enabled.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:51 +03:00
Stijn Tintel
48c321082c hostapd: add config symbol to enable MBO
Multi Band Operation aka Agile Multiband introduces new Transition
and Transition Rejection Reason Codes that should improve client
steering. Add a config symbol to enable it, and enable it by default for
the full variants.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:50 +03:00
Sander Vanheule
7bf73e270e kernel: backport RTL8211F clkout-disable patch
In Linux v5.14 an extra feature was introduced for the RTL8211F phy,
allowing to disable a clock output from the phy. Part of that patch is to
always (soft) reset the phy upon initialisation.

This phy reset is required to have a working ethernet on the TP-Link
EAP225-Outdoor v3 and EAP225 v4 after a reboot. Otherwise the ethernet
port will only function properly on cold boots.

Tested-by: Andre Klärner <kandre@ak-online.be> # EAP225-Outdoor v3
Tested-by: Sven Hauer <sven.hauer+github@uniku.de> # EAP225 v4
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-27 21:56:20 +02:00
Sander Vanheule
6445415809 firmware-utils: bump to git HEAD
The support-list partition for the EAP225-V3 board ID became larger than
the allocated size, resulting in factory image generation for the
EAP225-Outdoor v3 and EAP225 v3 to fail. The make directive
Build/tplink-safeloader ignores this failure however, resulting in a
seemingly successful build with empty factory images.

Included changes:
    e609c5d75186 tplink-safeloader: drop unqualified EAP225-V3 IDs

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-27 21:56:20 +02:00
Tiago Gaspar
40c2cd8bd0 ath10k: enable encapsulation offload by default
Enable ath10k offload by default. This improves wireless performance
without requiring user configuration.
This adds ath10k_core to the AUTOLOAD section so that the frame_mode
paramter can be added to /etc/modules.d and passed to the driver.
The frame_mode 2 enables ethernet mode on the firmware/driver.
This parameter is set by passing a different value to the frame_mode
value on kmod insmod.
Link to the original patchset:
https://patchwork.kernel.org/project/linux-wireless/cover/20220516032519.29831-1-ryazanov.s.a@gmail.com/

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
2022-06-27 21:33:16 +02:00
Martin Blumenstingl
9d06e5a773 lantiq: dts: td-w8980: Remove duplicate PCI properties
lantiq,bus-clock, interrupt-map-mask and interrupt-map are already
defined with these exact values in vr9.dtsi. Drop them from
vr9_tplink_tdw8980.dts to just have one place where these are
maintained.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-06-27 00:57:16 +02:00
Rui Salvaterra
f1cd144482 kernel: bump 5.15 to 5.15.49
Deleted (upstreamed):
generic/backport-5.15/702-v5.19-34-net-ethernet-mtk_eth_soc-fix-misuse-of-mem-alloc-int.patch [1]

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.49&id=fcba12a4308143f1f1dcb0face8b3ffb51edcc5c

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-06-27 00:57:16 +02:00
Rui Salvaterra
f2795132ba kernel: bump 5.15 to 5.15.48
No patches needed rebasing.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-06-27 00:57:16 +02:00
Rui Salvaterra
b55efebb1f kernel: bump 5.15 to 5.15.47
Deleted (upstreamed):
generic/backport-5.15/702-v5.19-32-net-ethernet-mtk_eth_soc-out-of-bounds-read-in-mtk_h.patch [01]

[01] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.47&id=b24ca1cf846273361d5bd73a35de95a486a54b6d

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
[Removed 702-v5.19-32-net-ethernet-mtk_eth_soc-out-of-bounds-read-in-mtk_h.patch]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-06-27 00:57:16 +02:00
Rui Salvaterra
251a382c28 kernel: bump 5.15 to 5.15.46
Deleted (upstreamed):
generic/backport-5.15/400-mtdblock-warn-if-opened-on-NAND.patch [01]
generic/backport-5.15/420-v5.19-01-mtd-spinand-gigadevice-fix-Quad-IO-for-GD5F1GQ5UExxG.patch [02]
bcm27xx/patches-5.15/950-0029-Revert-mailbox-avoid-timer-start-from-callback.patch [03]
bcm27xx/patches-5.15/950-0417-bcm2711_thermal-Don-t-clamp-temperature-at-zero.patch [04]
bcm27xx/patches-5.15/950-0740-drm-vc4-hvs-Fix-frame-count-register-readout.patch [05]
bcm27xx/patches-5.15/950-0755-drm-vc4-hvs-Reset-muxes-at-probe-time.patch [06]
bcm27xx/patches-5.15/950-0759-drm-vc4-txp-Don-t-set-TXP_VSTART_AT_EOF.patch [07]
bcm27xx/patches-5.15/950-0760-drm-vc4-txp-Force-alpha-to-be-0xff-if-it-s-disabled.patch [08]
bcm53xx/patches-5.15/031-v5.17-0005-ARM-dts-BCM5301X-update-CRU-block-description.patch [09]
mediatek/patches-5.15/102-mt7629-enable-arch-timer.patch [10]

Manually rebased:
bcm27xx/patches-5.15/950-0741-drm-vc4-hvs-Use-pointer-to-HVS-in-HVS_READ-and-HVS_W.patch

[01] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=f41c9418c5898c01634675150696da290fb86796
[02] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=d5b66645305c6f3a1b2cf75cee4157b07f293309
[03] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=119f99209d8531359bcb935f252ec435f9d21b13
[04] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=c4e1280abead1552e1764684079a43e222ccd163
[05] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=08465a1889cb48ec64431e9db745b5be15399251
[06] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=0e26a6da02e63b75b629573d13966c36aa6264f0
[07] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=01c9020b2e7c85e394879f34851805179ac3d1d8
[08] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=d47f85cc0171a5d3c5bd8cbb8a98983ca3357cbd
[09] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=5151f24ac937ff7eb1f078257c66e3c0f0296010
[10] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=ffea838686b82fbb2801cdfad6ba5309d15c032d

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-06-27 00:57:16 +02:00
Rui Salvaterra
aee1215c0e kernel: 5.15: x86-64: enable CONFIG_SLS
Starting with GCC 12, we have the possibility of mitigating straight-line
speculation vulnerabilities in x86-64 targets. Make it so.

Reported-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-06-27 00:57:16 +02:00
John Audia
53d99fedc7 kernel: bump 5.10 to 5.10.125
All patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-06-27 00:57:16 +02:00
John Audia
9e5d743422 kernel: bump 5.10 to 5.10.124
All patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-06-27 00:57:15 +02:00
John Audia
5202a511cc kernel: bump 5.10 to 5.10.123
No patches required a rebase, just updated checksum.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-06-27 00:57:15 +02:00
John Audia
9edc514e3d kernel: bump 5.10 to 5.10.122
All patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-06-27 00:57:15 +02:00
John Audia
706a4ec40c kernel: bump 5.10 to 5.10.121
Manually rebased:
    oxnas/patches-5.10/100-oxnas-clk-plla-pllb.patch

All other patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-06-27 00:57:15 +02:00
Rui Salvaterra
d075bb3f4a valgrind: bump to 3.19.0
Patches automatically rebased.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-06-27 00:57:15 +02:00
Josef Schlehofer
e21fea9289 opkg: update to 2022-02-24
Changes:
9c44557 opkg_remove: avoid remove pkg repeatly with option --force-removal-of-dependent-packages
2edcfad libopkg: set 'const' attribute for argv

This should fix the CI error in the packages repository, which happens with perl.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-06-27 00:57:15 +02:00
Konstantin Demin
f98bb1ffe5 dropbear: cherry-pick upstream commit 544f28a0
Resolves #10081

Reported-By: Chen Minqiang <ptpt52@gmail.com>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2022-06-27 00:57:15 +02:00
Rosen Penev
d60cfa5a9e tools/meson: update to 0.61.5
Mostly backports by a Red Hat employee as 0.62 and newer demands Python
3.7+. Same reason 0.61 is kept here.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-06-27 00:57:15 +02:00
Nick Hainke
71b211d304 arptables: update to 0.0.5 and cleanup
Update to 0.0.5:

efae894 arptables 0.0.5 release
1f3c6bc libarptc: Simplify alloc_handle by using calloc()
4e5e23a Eliminate compiler warning about size passed to strncmp()
bf11d72 Add .gitignore
28b22d5 arptables: legacy renaming
988d6a4 arptables: cleanup sysvinit script
f4ab8f6 src: Remove support for libc5
047f37b src: Use stdint types
4bb2f83 arptables: Add MARK target
dbbe9f7 arptables: Add revision field for arptables userspace
935acea src: fix compilation warning
5700dbf src: cache in tree and use x_tables.h
4b7d6b0 arptables: remove dead dynamic hooks code
c299484 arptables: fix potential buffer overflow (author: dcb)
9fcaf70 arptables: add missing long option --set-counters and update documentation
36daba3 arptables: install man pages
f79b957 Add man pages for arptables-{save,restore}
c492c16 add GPL text
8f58693 fix potential buffer overflows reported by static analysis
ee4ec13 make static analysis tool happy (false positive)
b064d44 build an libarptc.a archive

Cleanup Makefile:
- Switch to release versions
- Use ftp(http) mirror
- Add PKG_LICENSE_FILES

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-06-27 00:57:15 +02:00
Nick Hainke
fe5d3a4204 ethtool: update to 5.18
9eabf30 Release version 5.18.
2b3ddcb ethtool: fec: Change the prompt string to adapt to current situations
d660dde pretty: add missing message descriptions for rings
aaeb16a pretty: support u8 enumerated types
6b320b8 rings: add support to set/get cqe size
41fddc0 update UAPI header copies
42e6c28 help: fix alignment of rx-buf-len parameter
e1d0a19 ethtool.8: Fix typo in man page
37f0586 Release version 5.17.
8c2984c strset: do not put a pointer to a local variable to nlctx
8fd02a2 ioctl: add the memory free operation after send_ioctl call fails
b9f25ea ethtool: Add support for OSFP transceiver modules
6e79542 features: add --json support
5ed5ce5 Merge branch 'next' into  master
b90abbb man: document recently added parameters
51a9312 tunables: add support to get/set tx copybreak buf size
a081c2a rings: add support to set/get rx buf len
d699bab Merge branch 'master' into next
52db6b9 Merge branch 'review/module-extstate' into next
6407b52 monitor: add option for --show-module/--set-module
1f35786 ethtool: Add transceiver module extended state
2d4c5b7 ethtool: Add ability to control transceiver modules' power mode
005908b Update UAPI header copies

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-06-27 00:57:15 +02:00
Eneas U de Queiroz
0bd5367233 wolfssl: disable AES-NI by default for x86_64
WolfSSL is crashing with an illegal opcode in some x86_64 CPUs that have
AES instructions but lack other extensions that are used by WolfSSL
when AES-NI is enabled.

Disable the option by default for now until the issue is properly fixed.
People can enable them in a custom build if they are sure it will work
for them.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-06-27 00:57:15 +02:00
Sander Vanheule
326e109f24 firmware-utils: bump to git HEAD
Fixes the safeloader model identifiers for EAP225-Outdoor v1/v3 devices.

1e3d47292b2e tplink-safeloader: fix EAP225-Outdoor model IDs
9563fe8e78cb tplink-safeloader: add regionless EAP225-V3 IDs

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-26 16:58:05 +02:00
Felix Fietkau
7bf5233a2a mac80211: increase airtime scheduler quantum
improves performance by requiring fewer iterations over tx queues

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-06-26 11:48:11 +02:00
Markus Stockhausen
78b7be9f6c realtek: cleanup LAG logging
Setting up DSA bond silently fails if mode is not 802.3ad. Add log message
to fix it. As we are already here harmonize all logging messages in the
add/delete functions.

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
2022-06-26 11:02:15 +02:00
Felix Fietkau
6d49a25804 mac80211: add airtime fairness improvements
This reverts the airtime scheduler back from the virtual-time based scheduler
to the deficit round robin scheduler implementation.
This reduces burstiness and improves fairness by improving interaction with AQL.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-06-25 23:28:09 +02:00
Alexandru Gagniuc
4d1fc8916c realtek: EnGenius EWS2910P: add support for SFP ports
The SFP cages 9F and 10F share the same SCL line. Currently, there
isn't a good way to model this. Thus, only one SFP port can be fully
supported.

Cage 10F is fully supported with an I2C bus and sfp handle. Linux
automatically handles enabling or disabling the TX laser.

Cage 9F is only parially supported, without the sfp handle. The SDA
line is hogged as an input, so that it remains high. SCL transitions
sould not affect modules connected to this cage. The default value of
the tx-disable line is high (active). It is exported as a gpio, but
the laser is off by default. To enable the laser:

    echo 0 > /sys/class/gpio/sff-p9-tx-disable/value

Thus, both modules can be used for networking, but only 10F will be
able to detect and identify a plugged in SFP module.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2022-06-25 15:45:30 +02:00
Alexandru Gagniuc
2cfaab4549 realtek: add support for EnGenius EWS2910P
Add support for the Engenius EWS2910P PoE switch. This is an RTL8380
based switch with two SFP slots, and PoE 802.3af one every RJ-45 port.

The specs say 802.3af, but the vendor firmware configures the PSE for
a budget of 31W, indicating 802.3at support.

Specifications:
---------------
* SoC:       Realtek RTL8380M
* Flash:     32 MiB SPI flash Macronix MX25L25635E
* RAM:       256 MiB (As reported by bootloader)
* Ethernet:  16x 10/100/1000 Mbps with PoE
              2x SFP slots
* Buttons:   1 "Reset" button on front panel
             1 "LED mode: button on front panel
             1 "On/Off" Toggle switch on the back
* Power:     48V-54V DC barrel jack
* UART:      1 serial header (JP1) with populated 2.54mm pitch header
             Labeled GRTV for ground, rx, tx, and 3.3V respectively
* PoE:       1 STM ST32F100 microcontroller
             2 BCM59111 PSE chips
Works:
------
  - (8) RJ-45 ethernet ports
  - Switch functions
  - LEDs and buttons

Not yet enabled:
----------------
  - SFP ports (will be enabled in a subsequent change)
  - Power-over-Ethernet (requires realtek-poe package)

Install via web interface:
-------------------------

The factory firmware will accept and flash the initramfs image. It is
recommended to flash to "Partition 0". Flashing to "Partition 1" is
not supported at this point.

The factory web GUI will show the following warning:

 " Warning: The firmware version is v0.00.00-c0.0.00
     The firmware image you are uploading is older than the current
     firmware of the switch. The device will reset back to default
     settings. Are you sure you want to proceed?"

This is expected when flashing OpenWrt. After the initramfs image
boots, flash the -sysupgrade using either the commandline or LuCI.

Install via serial console/tftp:
--------------------------------

The u-boot firmware will not stop the boot, regardless of which key is
pressed. To access the u-boot console, ground out the CLK (pin 16) of
the ROM (U22) when u-boot is reading the linux image. If timed
correctly, the image CRC will fail, and u-boot will drop to a shell:
    > rtk network on
    > setenv ipaddr <address of tftp server>
    > tftp $(freemem) <name-of-initramfs-image.bin>
    > bootm

Then flash the -sysupgrade using either the commandline or luci.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[gpio-led node names, OpenWrt and LuCI capitalization in commit message]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-25 15:43:46 +02:00
Semih Baskan
530c0a2068 ramips: add support for Asus RT-N12+ B1 and RT-N300 B1
Asus RT-N12+ B1 and Asus RT-N300 B1 are the same device
with a different name.

The OEM firmwares have the same MD5 with Asus RT-N11P B1.

Same instructions for Asus RT-N11P B1 see:
commit c3dc52e39ac8 ("ramips: add support for Asus RT-N10P V3 / RT-N11P B1 / RT-N12 VP B1")

Signed-off-by: Semih Baskan <strstgs@gmail.com>
(Added id from the PR review to commit message)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-06-25 10:14:18 +02:00