Commit Graph

54489 Commits

Author SHA1 Message Date
Oscar Molnar
da7e9b201e build: add support for python3.11 and higher
python3.11 beta is out but fails to run the makefile currently
this supports python versions from 3.6 to 3.99 with the python3 binary
it also checks specifically for 3.11 as it is the latest version out

Signed-off-by: Oscar Molnar <oscar@tymscar.com>
(cherry picked from commit a9e8eec221)
2022-08-14 21:06:53 +02:00
Hauke Mehrtens
dfe5c23592 iwinfo: update to latest HEAD
705d3b5 iwinfo: Add missing auth_suites mappings for WPA3

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit cc2dfc5e4d)
2022-08-14 21:06:53 +02:00
Lech Perczak
1d16b928b3 ath25: fix initramfs image generation
Commit 21f460a5db ("ath25: fix duplicate LZMA compression") changed
the way kernel images are generated, affecting initramfs images instead.
Initramfs images were previously ELF images, and by mistake this change
caused the raw kernel image to be used as a source. This caused them to
be non-loadable by bootloaders.

Restore the previous KERNEL_INITRAMFS recipe and adjust
KERNEL_INITRAMFS_NAME to point at the correct source artifact.
While at that, adjust KERNEL_INITRAMFS_SUFFIX to -kernel.elf,
so it matches the suffix of non-initramfs kernel artifact.

Fixes: 21f460a5db ("ath25: fix duplicate LZMA compression")
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit 9f5cbb6e8b)
2022-08-14 21:06:53 +02:00
Lech Perczak
2728d13030 ath25: fix ELF image generation
Commit 21f460a5db ("ath25: fix duplicate LZMA compression"), when
attempting to restore ELF artifact generation, copiedover the raw
kernel image twice. Because of that, the .elf artifact was actually a
duplicate of raw image.

Fix that by copying over .elf suffixed kernel image instead.

Fixes: 21f460a5db ("ath25: fix duplicate LZMA compression")
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit 611291383a)
2022-08-14 21:06:53 +02:00
John Audia
46e62907f1 kernel: bump 5.10 to 5.10.136
All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 2239ead6eb)
2022-08-14 21:06:53 +02:00
John Audia
be29de706c kernel: bump 5.10 to 5.10.135
All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit ccff2fbaea)
2022-08-14 21:06:52 +02:00
Hauke Mehrtens
6c901ec97d kernel: Backport upstream flowtable patches from 5.15
This backports some patches from kernel 5.15 to fix issues with
flowtable offloading in kernel 5.10. OpenWrt backports most of the
patches related to flowtable offloading from kernel 5.15 already, but we
are missing some of the extra fixes.

This fixes some connection tracking problems when a flow gets removed
from the offload and added to the normal SW path again.

The patch 614-v5.18-netfilter-flowtable-fix-TCP-flow-teardown.patch was
extended manually with the nf_conntrack_tcp_established() function.

All changes are already included in kernel 5.15.

Fixes: #8776
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 96ef2dabce)
2022-08-14 00:29:20 +02:00
Leonardo Mörlein
6a638c134d pkg-config: always use correct path for pkg-config.real
Before this commit, it was assumed that pkg-config.real is in the PATH. While
this was fine for the normal build workflow, this led to some issues if

    make TOPDIR="$(pwd)" -C "$pkgdir" compile

was called manually. The command failed with

    Makefile:15: *** No libnl-tiny development libraries found!.  Stop.
    make[1]: Leaving directory

since pkg-config of the host system was used.

After the commit, the package is built sucessfully.

Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
(cherry picked from commit 37c0d15a8e)
2022-08-14 00:29:20 +02:00
Hauke Mehrtens
1c7a167366 kernel: kmod-phy-smsc: Add new PHY
This adds the SMSC PHY which is needed by the kmod-usb-net-smsc95xx
driver.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5b016a88f9)
2022-08-14 00:29:19 +02:00
Hauke Mehrtens
fd4a354f3e kernel: kmod-phy-ax88796b: Add new PHY
This adds the AX88796B PHY which is needed by the kmod-usb-net-asix
driver.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 712ff388bc)
2022-08-14 00:29:19 +02:00
Hauke Mehrtens
13d66ef33f kernel: kmod-ipt-ulog: Remove package
The ulog iptables target was removed with kernel 3.17, remove the kernel
and also the iptables package in OpenWrt too.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 2a0284fb03)
2022-08-14 00:29:19 +02:00
Hauke Mehrtens
534e256c02 kernel: kmod-nft-nat6: Remove package
The nft NAT packages for IPv4 and IPv6 were merged into the common
packages with kernel 5.1. The kmod-nft-nat6 package was empty in our
build, remove it.

Multiple kernel configuration options were also removed, remove them
from our generic kernel configuration too.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b75425370d)
2022-08-14 00:29:19 +02:00
Hauke Mehrtens
2a6fa77b77 kernel: ipt-ipset: Add ipset/ip_set_hash_ipmac.ko
Add the ipset/ip_set_hash_ipmac.ko file. The CONFIG_IP_SET_HASH_IPMAC
KConfig option is already set by the package.

Signed-off-by: Hauke Mehrtens <hmehrtens@maxlinear.com>
(cherry picked from commit 6a2e9f3da6)
2022-08-14 00:06:21 +02:00
Thomas Langer
fc05102d51 kernel: netsupport: kmod-sched: explicitly define included modules
Change SCHED_MODULES_EXTRA to an explicit list of modules
instead of taking everything that is not filtered out.
This removes the need of updating the filter each time an extra
sch_*, act_* or similar is added with an own kmod definition.

Signed-off-by: Thomas Langer <tlanger@maxlinear.com>
Signed-off-by: Hauke Mehrtens <hmehrtens@maxlinear.com>
(cherry picked from commit 1b956e66cc)
2022-08-14 00:01:48 +02:00
Hauke Mehrtens
3b51f74a91 kernel: netsupport: kmod-sched: Add kmod-lib-textsearch dependency
The CONFIG_NET_EMATCH_TEXT configuration option depends on the
kmod-lib-textsearch package.

Signed-off-by: Hauke Mehrtens <hmehrtens@maxlinear.com>
(cherry picked from commit 3cc878a8d3)
2022-08-14 00:01:48 +02:00
Hauke Mehrtens
9727b71147 kernel: netsupport: kmod-sched: Remove sch_fq_codel and sch_fifo
The sch_fq_codel.ko and the sch_fifo.ko are always compiled into the
kernel, they are activated in the generic kernel configuration. There is
no need to activate the build of these kernel modules in the kmod-sched*
packages.

Signed-off-by: Hauke Mehrtens <hmehrtens@maxlinear.com>
(cherry picked from commit 606e357bf8)
2022-08-14 00:01:48 +02:00
Daniel Golle
0038e96c27 arm-trusted-firmware-mediatek: skip bad blocks on SPI-NAND (SNFI)
Add patch to skip bad blocks when reading from SPI-NAND. This is needed
in case erase block(s) early in the flash inside the FIP area are bad
and hence need to be skipped in order to be able to boot on such damaged
chips.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit c0109537d1)
2022-08-12 22:47:39 +02:00
Florian Eckert
5c69416246 fstools: add uci fstab section to conffiles for package block-mount
The command 'opkg search /etc/config/fstab' does not return a package
name for this config file. In order to know to which package this config
file belongs to, a 'conffiles' entry was made for this file to package
'block-mount'.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 885f04b305)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-08-12 22:46:51 +02:00
Vincent Pelletier
0855549b4b kernel: scale nf_conntrack_max more reasonably
Use the kernel's built-in formula for computing this value.
The value applied by OpenWRT's sysctl configuration file does not scale
with the available memory, under-using hardware capabilities.
Also, that formula also influences net.netfilter.nf_conntrack_buckets,
which should improve conntrack performance in average (fewer connections
per hashtable bucket).

Backport upstream commit for its effect on the number of connections per
hashtable bucket.

Apply a hack patch to set the RAM size divisor to a more reasonable value (2048,
down from 16384) for our use case, a typical router handling several thousands
of connections.

Signed-off-by: Vincent Pelletier <plr.vincent@gmail.com>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit 15fbb91666)
2022-08-11 21:54:09 +01:00
Bruno Victal
0179ba7851 dnsmasq: fix jail_mount for serversfile
Fix 'serversfile' option not being jail_mounted by the init script.

Signed-off-by: Bruno Victal <brunovictal@outlook.com>
(cherry picked from commit 0276fab649)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-08-10 15:06:30 +02:00
Nita Vesa
ca58b8b4fe ramips: Add Xiaomi Mi Router 4A 100M International
The international version of Mi Router 4A 100M is physically
identical to the non-international one, but appears to be
using a different partitioning scheme with the "overlay"
partition being 2MiB in size instead of 1MiB. This means
the following "firmware" partition starts at a different
address and the DTS needs to be adjusted for the firmware
to work.

Signed-off-by: Nita Vesa <werecatf@outlook.com>
(cherry picked from commit 1a8c74da70)
Signed-off-by: Tom Herbers <freifunk@tomherbers.de>
2022-08-09 21:22:41 +02:00
Petr Štetiar
707ec48ab3 zlib: backport null dereference fix
The curl developers found test case that crashed in their testing when
using zlib patched against CVE-2022-37434, same patch we've backported
in commit 7df6795d4c ("zlib: backport fix for heap-based buffer
over-read (CVE-2022-37434)"). So we need to backport following patch in
order to fix issue introduced in that previous CVE-2022-37434 fix.

References: https://github.com/curl/curl/issues/9271
Fixes: 7df6795d4c ("zlib: backport fix for heap-based buffer over-read (CVE-2022-37434)")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f443e9de70)
2022-08-09 08:12:46 +02:00
Petr Štetiar
5e0173de51 zlib: bump PKG_RELEASE after CVE fix
Fixing missed bump of PKG_RELEASE while backporting commit 7561eab8e8
("zlib: backport fix for heap-based buffer over-read (CVE-2022-37434)")
as package in master is using AUTORELEASE.

Fixes: 7561eab8e8 ("zlib: backport fix for heap-based buffer over-read (CVE-2022-37434)")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-08-08 09:55:33 +02:00
Petr Štetiar
7561eab8e8 zlib: backport fix for heap-based buffer over-read (CVE-2022-37434)
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow
in inflate in inflate.c via a large gzip header extra field. NOTE: only
applications that call inflateGetHeader are affected. Some common
applications bundle the affected zlib source code but may be unable to
call inflateGetHeader.

Fixes: CVE-2022-37434
References: https://github.com/ivd38/zlib_overflow
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 7df6795d4c)
2022-08-08 09:46:36 +02:00
Hans Dedecker
1f9d603141 odhcpd: update to git HEAD
860ca90 odhcpd: Support for Option NTP and SNTP
83e14f4 router: advertise removed addresses as invalid in 3 consecutive RAs

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 73c6d8fd04)
2022-08-07 12:38:55 +02:00
Andre Heider
39ac29a68a uboot-mvebu: update to v2022.07
- Release announcement:
https://lore.kernel.org/u-boot/20220711134339.GV1146598@bill-the-cat/

- Changes between 2022.04 and 2022.07:
https://source.denx.de/u-boot/u-boot/-/compare/v2022.04...v2022.07?from_project_id=531

Remove one upstreamed patch and add patch to fix issue with sunxi tool
as it uses function from newer version libressl (3.5.0).

Signed-off-by: Andre Heider <a.heider@gmail.com>
Tested-by: Josef Schlehofer <pepe.schlehofer@gmail.com> [Turris Omnia]
(cherry picked from commit 24bf6813bad98a8eba5430ed5e4da89d54797274)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[Improve commit message]
2022-08-06 22:25:43 +02:00
Olliver Schinagl
ec8b5cf0e6 realtek: Fix typo in Kconfig prompt
As the symbol RTL930x shows, the bool enables the RTL930x platform, not
the RTL839x one.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
(slightly changed commit subject)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 943905b0b6)
2022-08-06 22:25:39 +02:00
Wenli Looi
247ef07540 ramips: support fw_printenv for Netgear WAX202
Config partition contains uboot env for the first 0x20000 bytes.
The rest of the partition contains other data including the device MAC
address and the password printed on the label.

Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
(cherry picked from commit 0bfe1cfbb1)
2022-08-06 22:25:13 +02:00
Chen Minqiang
62fff4e1e6 umdns: add missing syscall to seccomp filter
There is some syscall missing:
'getdents64'
'getrandom'
'statx'
'newfstatat'

Found with:
'mkdir /etc/umdns; ln -s /tmp/1.json /etc/umdns/; utrace /usr/sbin/umdns'

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
(cherry picked from commit 31cca8f8d3)
2022-08-06 22:25:07 +02:00
Oleg S
ecf0dc7055 ramips: Add support command fw_setsys for Xiaomi routers
The system parameters are contained in the Bdata partition.
To use the fw_setsys command, you need to create a file
fw_sys.config.
This file is created after calling the functions
ubootenv_add_uci_sys_config and ubootenv_add_app_config.

Signed-off-by: Oleg S <remittor@gmail.com>
[ wrapped commit description to 72 char ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 6c7e337c80)
2022-08-06 22:24:42 +02:00
Roland Barenbrug
bd9bb13012 ltq-vdsl-app: Fix counter overflow resulting in negative values
The re-transmit counters can overflow the 32 bit representation resulting
in negative values being displayed. Background being that the numbers are
treated at some point as signed INT rather than unsigned INT.
Change the counters from 32 bit to 64 bit, should provide sufficient room
to avoid any overflow. Not the nicest solution but it works

Fixes: #10077
Signed-off-by: Roland Barenbrug <roland@treslong.com>
Acked-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
(cherry picked from commit 456b9029d7)
2022-08-06 22:24:39 +02:00
Christian Lamparter
bd74c11155 kernel: silence refresh warning
|Warning: trailing whitespace in line 66 of drivers/mtd/parsers/Kconfig

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit d6801e0d3f)
2022-08-06 22:23:57 +02:00
Paul Spooren
dcb782792b x86: add missing Lex 3I380NX network detection
The Lex 3I380NX industrial PC has 4 ethernet controllers on board
which need pmc_plt_clk0 - 3 to function, add it to the critclk_systems
DMI table, so that drivers/clk/x86/clk-pmc-atom.c will mark the clocks
as CLK_CRITICAL and they will not get turned off.

This commit is nearly redundant to 3d0818f5eba8 ("platform/x86:
pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table")
but for the 3I380NX device.

The original vendor firmware is only available using the WaybackMachine:
http://www.lex.com.tw/products/3I380NX.html

Signed-off-by: Michael Schöne <michael.schoene@rhebo.com>
Signed-off-by: Paul Spooren <paul.spooren@rhebo.com>
(Hans broader version for more Lex Baytrail systems)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 8019410f56)
2022-08-06 22:23:26 +02:00
Daniel Kestrel
c2c32bdc80 lantiq: fix lan port 3+4 phy-mode settings for Fritzbox 3390
There are forum reports that 2 LAN ports are still not working,
the phy-mode settings are adjusted to fix the problem.

Fixes: #10371
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
(cherry picked from commit 8756a04787)
2022-08-06 22:23:20 +02:00
Kasparas Elzbutas
456d05d6d8 ipq40xx: fix RUTX10 Wi-Fi woes
This partially reverts:
commit cfc13c4459 ("ipq40xx: utilize nvmem-cells for macs & (pre-)calibration data")

U-Boot on these devices mangles the device tree,
so nvmem-cell type calibration doesn't work.

Fixes: cfc13c4459 ("ipq40xx: utilize nvmem-cells for macs & (pre-)calibration data")
Signed-off-by: Kasparas Elzbutas <elzkas@gmail.com>
(added reference to commit, rewrote commit message)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-08-05 15:24:57 +02:00
Mark Mentovai
daa73dc681 libmnl: fix build when bash is not located at /bin/bash
This fixes the libmnl build on macOS, which ships with an outdated bash
at /bin/bash. During the OpenWrt build, a modern host bash is built and
made available at staging_dir/host/bin/bash, which is present before
/bin/bash in the build's PATH.

This is similar to 8f7ce3aa6d, presently appearing at
package/kernel/mac80211/patches/build/001-fix_build.patch.

Signed-off-by: Mark Mentovai <mark@mentovai.com>
(cherry picked from commit beeb49740b)
2022-08-05 15:24:57 +02:00
Hauke Mehrtens
596efe1356 OpenWrt v22.03.0-rc6: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-08-01 00:05:33 +02:00
Hauke Mehrtens
f1ff3fd95c OpenWrt v22.03.0-rc6: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-08-01 00:05:27 +02:00
Hauke Mehrtens
042d558536 mac80211: Update to version 5.15.58-1
This updates mac80211 to version 5.15.58-1 which is based on kernel
5.15.58.
The removed patches were applied upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3aa18f71f9)
2022-07-31 17:12:47 +02:00
John Audia
c9cc3189ed wolfssl: fix math library build
Apply upstream patch[1] to fix breakage around math libraries.
This can likely be removed when 5.5.0-stable is tagged and released.

Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B

1. https://github.com/wolfSSL/wolfssl/pull/5390

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit c2aa816f28)
2022-07-31 17:12:47 +02:00
Dávid Benko
535f4a5bff odhcp6c: update to latest git HEAD
9212bfc odhcp6c: fix IA discard when T1 > 0 and T2 = 0

Signed-off-by: Dávid Benko <davidbenko@davidbenko.dev>
(cherry picked from commit f920908626)
2022-07-31 17:12:47 +02:00
Michael Pratt
5a7bcd6977 firewall3: update file hash
the hash and timestamp of the remote copy of the archive
has changed since last bump
meaning the remote archive copy was recreated

Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit ba7da73680)
2022-07-31 17:12:47 +02:00
Claudiu Beznea
c5f0eab222 uboot-at91: fix build on buildbots
Buidbots are throwing the following compile error:

In file included from tools/aisimage.c:9:
include/image.h:1133:12: fatal error: openssl/evp.h: No such file or directory
            ^~~~~~~~~~~~~~~
compilation terminated.

Fix it by passing `UBOOT_MAKE_FLAGS` variable to make.

Suggested-by: Petr Štetiar <ynezz@true.cz>
Fixes: 6d5611af28 ("uboot-at91: update to linux4sam-2022.04")
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
(cherry picked from commit 95a24b5479)
2022-07-31 17:12:47 +02:00
Claudiu Beznea
972b833e91 uboot-at91: update to linux4sam-2022.04
Update uboot-at91 to linux4sam-2022.04. As linux4sam-2022.04 is based on
U-Boot v2022.01 which contains commit
93b196532254 ("Makefile: Only build dtc if needed") removed also the DTC
variable passed to MAKE to force the compilation of DTC.

Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
(cherry picked from commit 6d5611af28)
2022-07-31 17:12:47 +02:00
Claudiu Beznea
39810995fb at91bootstrap: update at91bootstrap v4 targets to v4.0.3
Update AT91Bootstrap v4 capable targets to v4.0.3.

Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
(cherry picked from commit 859f5f9aec)
2022-07-31 17:12:47 +02:00
Jo-Philipp Wich
8b6b73d0e8 wolfssl: make shared again
Disable the usage of target specific CPU crypto instructions by default
to allow the package being shared again. Since WolfSSL does not offer
a stable ABI or a long term support version suitable for OpenWrt release
timeframes, we're forced to frequently update it which is greatly
complicated by the package being nonshared.

People who want or need CPU crypto instruction support can enable it in
menuconfig while building custom images for the few platforms that support
them.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 0063e3421d)
2022-07-30 17:22:16 +02:00
John Audia
7ca89e1187 kernel: bump 5.10 to 5.10.134
All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 7be62b1187)
2022-07-30 17:22:16 +02:00
John Audia
1db4f5cba3 x86: update defconfig for 5.10.133
Add some new/missing symbols relating to speculative execution mitigations[1].

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/arch/x86/Kconfig?id=v5.10.133&id2=v5.10.132

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 56760c0b13)
2022-07-30 17:22:16 +02:00
John Audia
762703d397 kernel: bump 5.10 to 5.10.133
All patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 913f160ac6)
2022-07-30 17:22:16 +02:00
John Audia
aedcbaae37 kernel: bump 5.10 to 5.10.132
All patches automatically rebased.

The following patch was replaced by a similar version upstream:
 bcm27xx/patches-5.10/950-0036-tty-amba-pl011-Add-un-throttle-support.patch

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 7d3c0928de)
2022-07-30 17:21:47 +02:00