Commit Graph

59438 Commits

Author SHA1 Message Date
Daniel Kestrel
48b2df5a41 lantiq: add support for AVM Fritzbox 5490/5491
This adds support for the Fritzbox 5490/5491 devices. They contain
two SoCs, one Lantiq without WiFi and one QCA9558 with 2.4GHz
and 5 GHz WiFi. Only the Lantiq has access to the flash memory,
the Atheros runs fully from RAM and is booted by using a remoteproc
kernel module which is not supported with this commit.
Both devices have fiber WAN ports.
The devices were manufactured with varying NAND chips which
requires Micron and non-Micron versions of the images.

Specifications:
 - SoC: Lantiq 500 MHz
 - RAM: 256 MB
 - Storage: 512 MB NAND, 1MB FLASH
 - Wireless, separate SOC QCA9558 with 128MB RAM (not supported yet):
   · Qualcomm-QCA9558 w/ 3×3 MIMO for 2.4GHz 802.11b/g/n
   · Qualcomm-QCA9880 w/ 3×3 MIMO for 5GHz 802.11a/ac
   · AG71xx ethernet
 - Ethernet: Built-in AR 803x, 7 port Lantiq gswip switch,
   4x 1000/100/10 port (additional qca8334 switch for 2 ports), Port 5 is
   fixed and connected to the Wireless SOC
 - Renesas µPD720202 USB3 PCIe, requires firmware binary on the device
 - AT 8033 based AON fiber port (5490) or GPON fiber port (5491)

Unsupported:
 - DECT and ISDN telephony
 - Two ethernet ports (on extra switch) and fiber port not working

Installation:
Check which NAND the device has by using the following procedure with
stock firmware:
Go to to http://<fritzbox_ip>/support.lua, download the support data
file and search for string "NAND device" to get the manufacturer kernel
output.
Use Micron image if Micron is displayed otherwise the non-Micron image.
Use the eva_ramboot.py script to boot the initramfs image. Follow the
procedure to interrupt booting by ftp into 192.168.178.1 within
5 seconds after poweron.
Then transfer the sysupgrade image to the device and run sysupgrade to
flash it to the NAND.
For making USB work, an renesas xhci firmware file (e.g. v2026) is
needed and it should be copied to /lib/firmware/ (file name
renesas_usb_fw.mem).

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2024-02-02 15:07:07 +01:00
Daniel Kestrel
bb46f0484d lantiq: add support for AVM Fritzbox 7490
This adds support for the Fritzbox 7490 device. It contains two
SoCs, one Lantiq without WiFi and one QCA9558 with 2.4GHz
and 5 GHz WiFi. Only the Lantiq has access to the flash memory,
the Atheros runs fully from RAM and is booted by using a remoteproc
kernel module and is not supported with this commit.
The devices were manufactured with varying NAND chips which
requires Micron and non-Micron versions of the images.

Specifications:
 - SoC: Lantiq 500 MHz
 - RAM: 256 MB
 - Storage: 512 MB NAND, 1MB FLASH
 - Wireless, separate SOC QCA9558 with 128MB RAM (not supported yet):
   · Qualcomm-QCA9558 w/ 3×3 MIMO for 2.4GHz 802.11b/g/n
   · Qualcomm-QCA9880 w/ 3×3 MIMO for 5GHz 802.11a/ac
   · AG71xx ethernet
 - Ethernet: Built-in AR 803x, 7 port 4 phy switch,
   4x 1000/100/10 port, Port 5 is fixed and connected to the WASP SOC
 - Renesas µPD720202 USB3 PCIe, requires firmware binary on the device
 - VDSL2 modem

Unsupported:
 - DECT and ISDN telephony

Installation:
Check which NAND the device has by using the following procedure with
stock firmware:
Go to to http://<fritzbox_ip>/support.lua, download the support data
file and search for string "NAND device" to get the manufacturer kernel
output.
Use Micron image if Micron is displayed otherwise the non-Micron image.
Use the eva_ramboot.py script to boot the initramfs image. Follow the
procedure to interrupt booting by ftp into 192.168.178.1 within
5 seconds after poweron.
Then transfer the sysupgrade image to the device and run sysupgrade to
flash it to the NAND.
For making USB work, an renesas xhci firmware file (e.g. v2026) is
needed and it should be copied to /lib/firmware/ (file name
renesas_usb_fw.mem).

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2024-02-02 15:07:07 +01:00
Daniel Kestrel
c34651c423 lantiq: add pcie endianess switch for slave devices
The Fritzbox 3490, 5490 and 7490 devices have a Renesas µPD720202
USB3 PCIe device, which requires an endian switch for PCIe slave
devices. The flag and setting is not implemented in the available
patches. Since adding this setting would break other devices,
a DTB setting lantiq,switch-pcie-endianess is added for selective
enablement.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2024-02-02 15:07:07 +01:00
Christian Marangi
3702cc719b
qualcommax: enable back QCA808X PHY driver
Commit 997acc7f86 ("generic: 6.1: backport at803x split patches")
didn't enable back QCA808x PHY driver after the introduction of the
at803x driver split.

Fixes: 997acc7f86 ("generic: 6.1: backport at803x split patches")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-02 14:23:42 +01:00
David Bentham
d8f4453bf2 mediatek: add Comfast CF-E393AX support
Comfast CF-E393AX is a dual-band Wi-Fi 6 POE ceiling mount access point.

Oem firmware is a custom openwrt 21.02 snapshot version.

We can gain access via ssh once we remove the root password.

Hardware specification:
  SoC: MediaTek MT7981A 2x A53
  Flash: 128 MB SPI-NAND
  RAM: 256MB DDR3
  Ethernet: 1x 10/100/1000 Mbps built-in PHY (WAN)
            1x 10/100/1000/2500 Mbps MaxLinear GPY211C (LAN)
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976D
  LEDS: 1x (Red, Blue and Green)
  Button: Reset
  UART: 3.3v, 115200n8
  --------------------------
  | Layout |
  | ----------------- |
  | 4 | VCC GND TX RX | <= |
  | ----------------- |
  --------------------------

Gain SSH access:
1. Login into web interface (http://apipaddress/computer/login.html),
   and download the
   configuration(http://apipaddress/computer/config.html).

2. Rename downloaded backup config - 'backup.file to backup.tar.gz',
   Enter 'fakeroot' command then decompress the configuration:
   tar -zxf backup.tar.gz

3. Edit 'etc/shadow', update (remove) root password:
   With password =
   'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
   'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
   to
   Without password =
   'root::0:99999:7:::'
   'root::0:99999:7:::'

4. Repack 'etc' directory back to a new backup file:
   tar -zcf backup-ssh.tar.gz etc/
5. Rename new config tar.gz file to 'backup-ssh.file'
   Exit fakeroot - 'exit'

6. Upload new configuration via web interface, now you
   can SSH with the following:

   'ssh -vv -o HostKeyAlgorithms=+ssh-rsa \
   -o PubkeyAcceptedAlgorithms=+ssh-rsa root@192.168.10.1'.

   Backup the mtd partitions
   - https://openwrt.org/docs/guide-user/installation/generic.backup

7. Copy openwrt factory firmware to the tmp folder to install via ssh:

   'scp -o HostKeyAlgorithms=+ssh-rsa \
   -o PubkeyAcceptedAlgorithms=+ssh-rsa \
   *-mediatek-filogic-comfast_cf-e393ax-squashfs-factory.bin \
   root@192.168.10.1:/tmp/'

   'sysupgrade -n -F \
   /tmp/*--mediatek-filogic-comfast_cf-e393ax-squashfs-factory.bin'

8. Once led has stopped flashing - Connect via ssh with the
   default openwrt ip address - 'ssh root@192.168.1.1'

9. SSH copy the openwrt sysupgrade firmware and upgrade
   as per the default instructions.

Signed-off-by: David Bentham <db260179@gmail.com>
2024-02-02 13:01:38 +01:00
Weiping Yang
d0bcb496cf ath79: Modify GL.iNer GL-S200 lan wan interface
Specifications:
lan: eth0
wan: eth1

Problem Description:
The lan wan port is reversed with the current machine.

Use eth0 as LAN port and eth1 as WAN port.

Signed-off-by: Weiping Yang <weiping.yang@gl-inet.com>
2024-02-02 11:42:42 +01:00
Jan Fuchs
f61fc8ed79 ath79: add WAN definition for GL.iNET GL-E750 (Mudi)
Add the default WAN interface to use QMI, to have WAN configured
right from the start.

Signed-off-by: Jan Fuchs <jf@simonwunderlich.de>
2024-02-02 11:29:52 +01:00
Jan Fuchs
b1d37262c9 ath79: add WWAN serial driver and qmi for GL.iNET GL-E750 (Mudi)
The driver for the cellular modems serial interface and qmi was missing
from the default device packages. The driver is required to interact
with the modem using AT commands.

Signed-off-by: Jan Fuchs <jf@simonwunderlich.de>
2024-02-02 11:29:52 +01:00
Ivan Pavlov
44cd90c49a openssl: update to 3.0.13
Major changes between OpenSSL 3.0.12 and OpenSSL 3.0.13 [30 Jan 2024]

  * Fixed PKCS12 Decoding crashes
    ([CVE-2024-0727])
  * Fixed Excessive time spent checking invalid RSA public keys
    ([CVE-2023-6237])
  * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
    CPUs which support PowerISA 2.07
    ([CVE-2023-6129])
  * Fix excessive time spent in DH check / generation with large Q parameter
    value ([CVE-2023-5678])

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
2024-02-02 08:46:52 +03:00
Daniel Golle
7eee094f01 uhttpd: bump PKG_RELEASE
Bump PKG_RELEASE which should have been done by commit 7b1c3068b7
("uhttpd: restart when interface to listen becomes available").

Fixes: 7b1c3068b7 ("uhttpd: restart when interface to listen becomes available")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-02 04:22:17 +00:00
John Audia
99c9d8abd6 kernel: bump 5.15 to 5.15.148
Changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.148

Removed upstreamed:
	generic/hack-5.15/321-powerpc_crtsavres_prereq.patch[1]

Manually rebased:
	target/linux/octeontx/patches-5.15/0004-PCI-add-quirk-for-Gateworks-PLX-PEX860x-switch-with-.patch[2]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.148&id=0b11a145eb00d51f7ef18cfcae587b93f9adb1e9
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?h=v5.15.148&id=b67064bd372300a75293efbbc70624996dccffd4

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
2024-02-01 21:36:00 +01:00
John Audia
2c363a070e kernel: bump 6.1 to 6.1.75
Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.75

Removed upstreamed:
	generic/hack-6.1/321-powerpc_crtsavres_prereq.patch[1]
	generic/pending-6.1/540-ksmbd-only-v2-leases-handle-the-directory.patch[2]

Rebased:
	bcm27xx/patches-6.1/950-0670-fbdev-Don-t-cancel-deferred-work-if-pagelist-empty.patch[3]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.1.75&id=16b88e68b85d5520c28498bb847358ff6300cb90
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/smb?h=v6.1.75&id=c866866c795296d3637ab0d48a3d8a3ef5d6f4a3
3. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.1.75&id=81f444f22816a82ada2cc787a2845cffc8c584a6

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne

Signed-off-by: John Audia <therealgraysky@proton.me>
2024-02-01 21:34:05 +01:00
Christian Marangi
e430815f5a
generic: 6.1: backport PHY package MMD patch
Backport PHY package MMD patch merged upstream that add support for
writing MMD regs for the PHY package and support for writing to PHY
package at an offset.

All affected patches automatically refreshed.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-01 21:28:46 +01:00
Shiji Yang
0db4f9785c
ath79: convert ath10k calibration data to NVMEM (ASCII MAC)
This patch converts ath10k calibration data to NVMEM format for
wave 1 devices with mtd ASCII MAC address. The "calibration"
NVMEM cell size is 0x844. All unportable MAC address settings
have been moved to '10_fix_wifi_mac' scripts.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-01 17:09:03 +01:00
Shiji Yang
2f1c62e5af
ath79: convert ath10k calibration data to NVMEM (binary MAC)
This patch converts ath10k calibration data to NVMEM format for
wave 1 devices with mtd binary MAC address. The "calibration"
NVMEM cell size is 0x844. The MAC addresses are assigned via dts.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-01 17:09:02 +01:00
Shiji Yang
d07cec6b2b
ath79: convert ath10k calibration data to NVMEM (built-in MAC)
This patch converts ath10k calibration data to NVMEM format for
wave 1 devices with built-in MAC address. The "calibration"
NVMEM cell size is 0x844.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-01 17:09:02 +01:00
Shiji Yang
7e71eef5ed
ath79: convert ath10k pre-calibration data to NVMEM (ASCII MAC)
This patch converts ath10k pre-calibration data to NVMEM format for
wave 2 devices with mtd ASCII MAC address. The "pre-calibration"
NVMEM cell size is 0x2f20. All unportable MAC address settings have
been moved to '10_fix_wifi_mac' scripts.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-01 17:09:02 +01:00
Shiji Yang
348e0ee157
ath79: convert ath10k pre-calibration data to NVMEM (binary MAC)
This patch converts ath10k pre-calibration data to NVMEM format for
wave 2 devices with mtd binary MAC address. The "pre-calibration"
NVMEM cell size is 0x2f20. The MAC addresses are assigned via dts.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-01 17:09:02 +01:00
Shiji Yang
650d37a809
ath79: convert ath10k pre-calibration data to NVMEM (built-in MAC)
This patch converts ath10k pre-calibration data to NVMEM format for
wave 2 devices with built-in MAC address. The "pre-calibration"
NVMEM cell size is 0x2f20.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-01 17:09:01 +01:00
Shiji Yang
3c7ce20d5c
ath79: add back board-2.bin to COMFAST devices
The ath10k driver will load both pre-calibration data and board-2.bin
if board-2.bin exists. So it's not necessary to remove it. And this
change won't increase jffs2 image size.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-01 17:09:01 +01:00
Chukun Pan
dbe2a0c091
kernel: move gpio packages to gpio menu
Move gpio packages to the 'GPIO support' menu.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-02-01 17:04:54 +01:00
Chukun Pan
3d24668f99
kernel: modules: move gpio modules to gpio menu
Since we have the 'GPIO support' menu, it is strange to look up
gpio related modules in 'Other modules' menu. So move these
modules and put them in the gpio menu.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-02-01 17:04:54 +01:00
Chukun Pan
45554ffb96
kernel: modules: gpio.mk: renamed from gpio-cascade.mk
This can be used to place the gpio module, so rename it.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-02-01 17:04:51 +01:00
Chad Monroe
5a3f6c50ef
ucode: add libjson-c/host dependency
ensure host libjson-c is built prior to ucode

Signed-off-by: Chad Monroe <chad@monroe.io>
2024-02-01 16:22:11 +01:00
Christian Marangi
997acc7f86
generic: 6.1: backport at803x split patches
Backport at803x split patches merged upstream to tidy things up for the
at803x PHY driver.

New Kernel config are introduced hence any user needs to be updated.

Downstream ipq40xx patch require rework to correctly move them to the
qcom specific PHY directory.

All affected patch automatically refreshed.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-01 16:21:52 +01:00
Álvaro Fernández Rojas
0a65787675 bcm27xx: bcm2712: remove boot-2711 image files
According to Raspberry Pi documentation, the RPi 5 First Stage Bootloader
loads the linux kernel instead of loading the Second Stage Bootloader
(start.elf):
https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#differences-on-raspberry-pi-5

Fixes: 8b63d9a ("bcm27xx: add new bcm2712 subtarget")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-02-01 12:05:08 +01:00
Álvaro Fernández Rojas
1a5e51ab00 bcm27xx: base-files: fix platform_copy_config
Only bcm2708 and bcm2709 use "kernel.img" file name.
bcm2710 and bcm2711 use "kernel8.img" and bcm2712 uses "kernel_2712.img".

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-02-01 09:58:17 +01:00
Álvaro Fernández Rojas
96b03ff247 bcm27xx: improve image generation script
- Exit immediately on a non-zero status.
- Remove empty lines.
- Remove unused variables.
- Add missing ptgen variables for readability.
- Refactor SYNTAX if block.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-02-01 09:58:17 +01:00
Álvaro Fernández Rojas
a391760102 bcm27xx: base-files: properly detect boot partition
Automatically detect boot partition instead of forcing /dev/mmcblk0p1.
This way users can still get /boot mounted when booting from USB.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-02-01 09:58:17 +01:00
Álvaro Fernández Rojas
6d27032a37 bcm27xx: base-files: set_preinit_iface: add RPi 5
Add missing Rasoberry Pi 5 board_name to set_preinit_iface in order to get
ethernet working on failsafe mode.

Fixes: 8b63d9a ("bcm27xx: add new bcm2712 subtarget")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-02-01 09:58:11 +01:00
Daniel Golle
4ae2f43b3a mediatek: fixes for Ethernet on MT7988 SoC
* fix switch ports with modes other than 1000M/Full
 * set 32-bit dma_coherent_mask to get PPE to work with 4 GiB of RAM
 * sync driver for built-in 1GE PHY with MediaTek SDK sources

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-01 01:01:44 +00:00
Daniel Golle
efcc100ef0 base-files: upgrade: nand.sh: mute umount error
Send error output of umount to /dev/null to mute error in case
ubiblock device has already been unmounted (which is usually the
case).
Gets rid of bogus error message:
umount: can't unmount /dev/ubiblock0_4: Invalid argument

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-01 00:52:54 +00:00
Daniel Golle
7b1c3068b7 uhttpd: restart when interface to listen becomes available
Currently uhttpd won't start with a listening interface configured if
the interface isn't already up at the time uhttpd starts. Make sure we
attempt to start uhttpd when it comes up.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-01 00:52:54 +00:00
Nick Hainke
906595c262 tools/cmake: update to 3.28.2
Release Notes:
https://www.kitware.com/cmake-3-28-2-available-for-download/

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-30 15:27:37 +01:00
Chukun Pan
3a073a0212
qualcommax: dts: add reset delay to qca8081 phy
The qca8081 phy needs to set the reset delay time,
otherwise it will not be detected by the mdio bus.

Fixes: 75ad5c2 ("qualcommax: switch to qca8081 upstream PHY driver")
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-01-30 14:34:28 +01:00
Nick Hainke
097f0f035e libbsd: update to 0.11.8
Changelog:
edddd80 Release libbsd 0.11.8
dd0bdb5 test: Close all descriptors before initializing them for closefrom()
0813f37 build: Check out-of-tree builds in CI
df116b5 Adjust strlcpy() and strlcat() per glibc adoption
ecb44e1 Do not add a pointer to the NULL constant
459b7f7 Do not confuse code analyzers with out-of-bounds array access look alike
a44f885 test: Fix short-lived memory leak
3f5ca0a build: Add a coverage regex to the CI job
9d3e59a man: Use VARIANTS instead of ALTERNATIVES in libbsd(7)
f02562d man: Markup function references with Xr instead of Fn
b7367c9 build: Add missing dash to macro title bar
6777eb6 pwcache: Do not declare uidtb and gidtb when not used
d4e0cdc fgetln: Include <stdio.h> after <sys/*>
f41d6c1 build: Refactor GNU .init_array support check into a new m4 function
30b48ed build: Refactor linker script detection into a new m4 function
d0d8d01 build: Do not provide prototypes for arc4random() on Solaris
cf61ebb build: Do not build the progname module if it is not needed
73b25a8 build: Sort entries alphabetically
5434ba1 build: Conditionalize wcslcpy() and wcslcat() functions on macOS
dc1bd1a build: Conditionalize only id-from-name functions not the entire pwcache
edc746e build: Conditionalize getprogname()/setprogname on macOS
8f998d1 progname: Include <procinfo.h> if available
d08163b build: Check whether we need libperfstat on AIX
1186cf8 build: Annotate droppable functions for musl on next SOVERSION bump
6385ccc build: Conditionalize bsd_getopt() on macOS
c120681 Move the version script comments before the symbols
9fa0676 Port getprogname() to AIX
92337b1 Make getprogname() porting mandatory
90b7f3a test: Do not use /dev/null as compiler output file
426bf45 build: Add generated *.sym files to .gitignore
21d12b0 build: On macOS do not build functions provided by the system
bc65806 build: Select whether to include funopen() in the build system
8b7a4d9 build: Move Windows OS detection to the OS features section
ccbfd1c build: Remove __MUSL__ definition from configure
e0976d7 build: Add a new libbsd_strong_alias() macro and switch users to it
49c7dd1 build: Only emit link warnings for ELF objects
8622767 build: Use an export symbols file if there is no version script support
8f61036 build: Add -no-undefined libtool flag
ae7942b build: Do not override the default DEPENDENCIES for libbsd
a5faf17 Only use <stdio_ext.h> if present
06e8a1b Define _NSIG if it is not defined by the system
44824ac Declare environ if the system does not do so
1fb6c3f Use lockf() when flock() is not available
fe16f38 test: Use open_memstream() only if available
7c652a9 test: Do not hardcode root:root user and group names
ed2eb31 test: Fix closefrom() test on macOS
0f8bcdf test: Fix closefrom() test to handle open file descriptor limits
07192b3 test: Disable blank_stack_side_effects() on non-Hurd systems
ca3db5e build: Do not enable ASAN for musl CI pipelines
ff46386 man: Add HISTORY section to arc4random(3bsd)
4c6da57 man: Switch arc4random(3bsd) man page from OpenBSD to NetBSD
830dd88 doc: Remove written-by attribution
257800a build: Add support for sanitizer compiler flags
536a7d4 test: Exempt blank_stack_side_effects() from sanitizer checks
7ed5de0 test: Import explicit_bzero() sanitizer support changes from OpenBSD
05a802a test: Fix memory leaks in fpurge test
5962e03 man: Fix BSD and glibc versions
59a21c7 man: Update STANDARDS and HISTORY sections
7b4ebd6 include: Adjust closefrom() per glibc adoption
0dfbe76 build: Switch to debian:latest Docker image
dec783d build: Fix version script linker support detection
fe21244 include: Use __has_builtin to detect __builtin_offsetof support
ec88b7b funopen: Replace off64_t with off_t in funopen_seek()
2337719 man: Prune unneeded <sys/types.h> include in setproctitle(3)
5dea9da build: Improve C99 compatibility of __progname configure check
b9bf42d build: Enable -Wall for automake
e57c078 build: Add missing AM_PROG_AR macro call to configure.ac
80f1927 build: Fix configure.ac indentation
b7a8bc2 build: Require automake 1.11
e508962 build: Do not require funopen() to be ported
00b538f build: Terminate lists in variables with «# EOL»
5cfa39e build: Use «yes» instead of «true» for AC_CHECK_FUNCS cache value

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-30 10:39:21 +01:00
Nick Hainke
dfb4babfdf tools/xz: update to 5.4.6
Changelog:
https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;h=d271dad2d3f1ec54e56ef8fa60275a88697a24aa;hb=0ef8192e8d5af4e6200d5d4aee22d1f177f7a2df

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-30 10:37:34 +01:00
Nick Hainke
25080a95dc tools/zlib: update to 1.3.1
Release Notes:
https://github.com/madler/zlib/releases/tag/v1.3.1

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-30 10:35:15 +01:00
Álvaro Fernández Rojas
0b498c3c3f bcm27xx: bcm2712: enable USB symbols and drop packages
This allows booting from USB.

Fixes: 8b63d9ac4a ("bcm27xx: add new bcm2712 subtarget")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-29 22:23:01 +01:00
Aleksander Jan Bajkowski
7227dabfeb
lantiq: replace patch with upstream version
Replace recently added patch with version accepted upstream.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2024-01-29 20:59:57 +01:00
orangepizza
920414ca88
mbedtls: security bump to version 2.28.7
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for following security issues:

* Timing side channel in private key RSA operations (CVE-2024-23170)

  Mbed TLS is vulnerable to a timing side channel in private key RSA
  operations. This side channel could be sufficient for an attacker to
  recover the plaintext. A local attacker or a remote attacker who is
  close to the victim on the network might have precise enough timing
  measurements to exploit this. It requires the attacker to send a large
  number of messages for decryption.

* Buffer overflow in mbedtls_x509_set_extension() (CVE-2024-23775)

  When writing x509 extensions we failed to validate inputs passed in to
  mbedtls_x509_set_extension(), which could result in an integer overflow,
  causing a zero-length buffer to be allocated to hold the extension. The
  extension would then be copied into the buffer, causing a heap buffer
  overflow.

Fixes: CVE-2024-23170, CVE-2024-23775
References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-1/
References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/
Signed-off-by: orangepizza <tjtncks@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [formal fixes]
2024-01-29 09:28:41 +00:00
Álvaro Fernández Rojas
60ffcfdabc packages: drop bcm27xx-userland
bcm27xx-userland is deprecated and bcm27xx-utils should be used instead.
96a7334ae9

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-28 10:07:55 +01:00
Álvaro Fernández Rojas
476aaf057a bcm27xx: refresh bcm2711 kernel config
Refresh outdated bcm2711 (RPi 4B) kernel config.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-28 01:11:02 +01:00
Christian Marangi
75ad5c2414
qualcommax: switch to qca8081 upstream PHY driver
Switch to qca8081 upstream PHY. Update every device that have LEDs
attached to the qca8081 PHY to follow new way of defining the LEDs and
add original OEM configuration.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-27 19:09:25 +01:00
Christian Marangi
7f0f838767
qca-ssdk: disable compiling qca8081 PHY driver in favor of upstream
Disable compiling qca8081 PHY driver in favor of upstream to better
support it and add better control of attached LEDs.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-27 19:04:11 +01:00
Christian Marangi
b8f8931232
generic: 6.1: backport patch adding more speed modes to LED netdev trigger
Backport upstream patch adding more speed modes to LED netdev trigger.

Fixes: 2c39269b6e ("generic: 6.1: backport qca808x LED support patch")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-27 17:53:43 +01:00
Christian Marangi
2c39269b6e
generic: 6.1: backport qca808x LED support patch
Backport qca808x LED support patch merged upstream needed to drop
handling of it from the SSDK for ipq807x target.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-27 16:32:53 +01:00
Álvaro Fernández Rojas
0c45d2cfc6 mac80211: brcm: fix warning on ARCH_BCM2835
Completely disable dump_survey code on ARCH_BCM2835 to fix defined but not
used warning.
512b762ddb (commitcomment-137899352)

Fixes: 512b762ddb ("mac80211: brcm: disable dump_survey on Raspberry Pi")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-27 10:30:47 +01:00
Felix Fietkau
5485d27f4d libubox: update to Git HEAD (2024-01-26)
6339204c212b CMakeLists.txt: bump minimum cmake version
c1be505732e6 udebug: fix crash in udebug_entry_vprintf with longer strings

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-26 21:08:07 +01:00
Álvaro Fernández Rojas
e5efc638a7 iwinfo: update to latest git HEAD
Adds MediaTek MT7916AN and Cypress CYW43455 (Raspberry Pi 5) devices.

a34977c devices: add device id for Cypress CYW43455
3eb34df devices: add device id for MediaTek MT7916AN

There are no ABI changes.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-26 18:29:54 +01:00