Commit Graph

59633 Commits

Author SHA1 Message Date
Christian Marangi
a181b9f0f9
yafut: add missing PKG_MIRROR_HASH
Add missing PKG_MIRROR_HASH. This is always needed as is used to
generate and use a tar instead of git clone and validate the hash of it.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-02 22:13:10 +02:00
Robert Marko
b7eea2db73
ipq40xx: use upstreamed SDI disable support
Google WiFi board has what seems as debug version of TZ/QSEE and it is
always enabling SDI (Secure Debug Image) and in order to do a regular
reboot it must be disabled, as otherwise you are stuck in a debug state
where you are supposed to extract debug logs via QCA tooling which is not
helpfull at all for regular users.

So, instead of using our downstream version to disable SDI lets use the
version that was merged upstream and relies on a boolean property in the
SCM node instead of checking the compatible.

Signed-off-by: Robert Marko <robimarko@gmail.com>
Tested-by: Brian Norris <computersforpeace@gmail.com>
2023-10-02 19:03:30 +02:00
Christian Marangi
93182ff272
ipq-wifi: improve and update instructions on how to add board files
Improve and update instructions on how to add board files and both
describe the needed step to upstream a board file or to use it locally.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-02 19:00:14 +02:00
Hauke Mehrtens
954142f477 rtl8812au-ct: Fix PKG_MIRROR_HASH
The PKG_MIRROR_HASH is wrong, fix it.
Found and fixed using this command:
make package download check FIXUP=1

Fixes: c123e4f053 ("rtl8812au-ct: bump to fix kernel 6.1 compile")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-10-02 13:01:35 +02:00
Mikhail Zhilkin
85b0d7592c mediatek: fix eeprom loading (Mercusys MR90X v1)
Commit mt76: drop default eeprom file for mt7986-firmware
(e3aa645b26) breaks eeprom loading for
Mercusys MR90X v1. As a result WiFi is not working at all.

This commit adds Mercusus MR90x to the caldata script (it works after the
commit mentioned above). And we can safely drop "81_fix_eeprom" script
as it's no longer required.

Fixes: e3aa645b26
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
2023-10-02 11:40:27 +01:00
Oskari Rauta
c354c069b3 uci: fix Makefile formatting
Fix wrong declaration for PKG_SROUCE_URL and PKG_VERSION variables and add missing colon

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
2023-10-01 23:18:02 +03:00
Christian Marangi
5d111b6714
ipq806x: disable unused SWCONFIG config flags
Disable unused SWCONFIG config flags now that we switched to DSA and are
not needed anymore.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-30 22:06:05 +02:00
Christian Marangi
cafa8804a4
ipq806x: add patch fixing regression from stmmac TX timer
Add patch fixing regression from stmmac TX timer.

Refer to the single patch for extensive details on the problem.

This should restore original performance before 4.19 kernel.

Fixes: #11676
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-30 16:55:09 +02:00
Christian Marangi
f4106c728e
ipq806x: add patch fixing regression from stmmac TX timer
Add patch fixing regression from stmmac TX timer.

Refer to the single patch for extensive details on the problem.

This should restore original performance before 4.19 kernel.

Fixes: #11676
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-30 16:55:04 +02:00
Christian Marangi
33908b2ad7
ipq40xx: refresh qca8k patches
Refresh qca8k patches to sync with the generic backports changes.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-30 13:51:20 +02:00
Christian Marangi
c707cff6c9
ipq806x: add LEDs definition for non-standard qca8k LEDs
Add LEDs definition for devices that use a non-standard qca8k LEDs
configuration.

This is to restore original setup of the LED and be on par with swconfig
old configuration.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-30 13:51:20 +02:00
Christian Marangi
8eab5b2526
ipq806x: enable and setup multi-CPU port for qca8k switch
Enable and setup multi-cpu for qca8k switch for ipq806x based devices.

Rework each DTS to enable the secondary CPU port on QCA8K switch and
apply the required values originally set by the OEM in the old swconfig
node.

In original firmware the first CPU port was always assigned to the WAN
port and the secondary CPU port was assigned to the rest of the LAN
port. Follow this original implementation using an init.d script.

To setup the CPU port ip tools is required. Add additional default
package ip-tiny to correctly setup the CPU port.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-30 13:51:20 +02:00
Christian Marangi
500dbaefd2
generic: 6.1: backport patch for multi CPU port support on QCA8K
Backport pending patch for multi CPU port support on QCA8K. 6.1 already
supports all the requiredt code to change a DSA master port so only this
patch fixing the driver is required.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-30 13:51:19 +02:00
Christian Marangi
a62b1544d1
generic: 6.1: backport various qca8k fixes patch
Backport various QCA8K fixes patch merged upstream. Refresh any changed
patches due to backports.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-30 13:51:19 +02:00
Christian Marangi
f166c9e617
ipq806x: move ASRock G10 fix mac preinit script to generic board.d script
Drop and move ASRock G10 preinit script to fix mac address to generic
board.d script and rework for consistency with other devices following a
similar implementation.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-30 13:51:19 +02:00
Christian Marangi
337e36e0ef
ipq806x: convert each device to DSA implementation
Convert each ipq806x device to DSA implementation using the qca8k
driver. Rework 02_network to follow the new naming scheme.
Update 01_leds to use netdev trigger with correct DSA port and drop
now unused switch trigger.

Currently secondary CPU is disabled and will be reneabled later.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-30 13:51:16 +02:00
Christian Marangi
86dadeba48
generic: add patch for GPON-ONU-34-20BI quirk
Backport patch merged upstream adding quirk for SFP GPON-ONU-34-20BI.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-29 11:48:24 +02:00
Nick Hainke
91d2ead3c3 hostapd: increase PKG_RELEASE to fix builds
Recent hostapd changes just edited the ucode files. It is required to
bump the PKG_RELEASE to include the newest changes in the latest builds.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-09-29 11:26:49 +02:00
Jianhui Zhao
fe10f97439 filogic: add support for GL.iNet GL-MT6000
Hardware specification:
* SoC: MediaTek MT7986A 4x A53
* Flash: 8GB EMMC
* RAM: 1GB DDR4
* Ethernet:
  * 2x2.5G RJ45 port (RTL8221B)
  * 4x1G RJ45 ports (MT7531AE)
* WLAN:
  * 2.4GHz: MT7976GN 4T4R
  * 5GHz: MT7976AN 4T4R
* Button: Reset
* LED: 1 x dual color LED
* USB: 1 x USB 3.0
* Power: DC 12V 4A
* UART: 3V3 115200 8N1 (Pinout: GND TX RX VCC)
* JTAG: 9 PIN

If you want to use u-boot from OpenWrt, you can upgrade it safely.
* bl2: openwrt-mediatek-filogic-glinet_gl-mt6000-preloader.bin
* fip: openwrt-mediatek-filogic-glinet_gl-mt6000-bl31-uboot.fip

`openwrt-mediatek-filogic-glinet_gl-mt6000-squashfs-factory.bin` is used in OpenWrt's u-boot.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
2023-09-29 00:18:26 +01:00
Chukun Pan
e3aa645b26 mt76: drop default eeprom file for mt7986-firmware
The mt76 driver usually reads the eeprom on the mtd partition at dts.
For emmc device we need to use caldata_extract script to read the
eeprom. However, the default eeprom file breaks the caldata script
execution, so remove it.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2023-09-29 00:18:26 +01:00
Jianhui Zhao
1db949a632 generic: net: phy: realtek: add interrupt support for RTL8221B
This commit introduces interrupt support for RTL8221B.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
2023-09-29 00:18:26 +01:00
Chukun Pan
eb273ef640 uboot-mediatek: sync spi-nand driver with SDK
When adding new router support, I found that uboot
could not recognize flash: "unknown raw ID xxx".

Sync SPI-NAND driver for mediatek to fixes this:
 * Add support for Winbond W25N01KV 1Gbit chip.
 * Add support for Etron SPI-NAND chip.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2023-09-29 00:07:50 +01:00
Zoltan HERPAI
10867ec4bc sifiveu: refresh 6.1 config
Add new config symbols as required.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2023-09-28 14:04:54 +02:00
Zoltan HERPAI
d9a8747a3d sifiveu: remove upstreamed patches, refresh remaining ones
Upstreamed:
0002-riscv-sifive-unmatched-update-regulators-values.patch
0003-riscv-sifive-unmatched-define-PWM-LEDs.patch
0006-riscv-sbi-srst-support.patch

Compile-tested: HiFive Unleashed / Unmatched
Runtime-tested: HiFive Unleashed / Unmatched

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2023-09-28 14:04:54 +02:00
Zoltan HERPAI
1871aa145b sifiveu: add testing kernel 6.1
Compile-tested: HiFive Unleashed / Unmatched
Runtime-tested: HiFive Unleashed / Unmatched

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2023-09-28 14:04:54 +02:00
Zoltan HERPAI
d304ad045d sifiveu: copy patches from 5.15 to 6.1
To start the upgrade, we copy the patches from 5.15 to 6.1.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2023-09-28 14:04:54 +02:00
Felix Fietkau
abceef120d hostapd: fix wpa_supplicant mac address allocation on ap+sta
If the full interface is restarted while bringing up an AP, it can trigger a
wpa_supplicant interface start before wpa_supplicant is notified of the
allocated mac addresses.
Fix this by moving the iface_update_supplicant_macaddr call to just after
the point where mac addresses are allocated.

Reported-by: Michael-cy Lee (李峻宇) <Michael-cy.Lee@mediatek.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-28 10:30:14 +02:00
David Bauer
0e8641d3b0 mpc85xx: add Enterasys WS-AP3715i reset button
The reset button was missing from the Enterasys WS-AP3715i DTS.
Add the node required for making the reset button work.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-09-27 23:13:36 +02:00
Felix Fietkau
0c43a48735 hostapd: fix mac address of interfaces created via wdev.uc
Use the wdev config with the generated MAC address

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-27 15:04:25 +02:00
Alexey D. Filimonov
ff95f859eb ramips: cf-ew72-v2: Add support for COMFAST CF-EW72 V2
Add support for COMFAST CF-EW72 V2

Hardware:
-   SoC: Mediatek MT7621 (MT7621DAT or MT7621AT)
-   Flash: 16 MiB NOR
-   RAM: 128 MiB
-   Ethernet: Built-in, 2 x 1GbE
-   Power: only 802.3af PD on any port, injector supplied in the box
-   PoE passthrough: No
-   Wifi 2.4GHz: Mediatek MT7603BE 802.11b/g/b
-   Wifi 5GHz: Mediatek MT7613BEN 802.11ac/n/a
-   LEDs: 8x (only 1 is both visible and controllable, see below)
-   Buttons: 1x (RESET)

Installing OpenWrt:
Flashing is done using Mediatek U-Boot System Recovery Mode
-   make wired connection with 2 cables like this:
-     -   PC (LAN) <-> PoE Injector (LAN)
-     -   PoE Injector (POE) <-> CF-EW72 V2 (LAN). Leave unconnected to CF-EW72 V2 yet.
-   configure 192.168.1.(2-254)/24 static ip address on your PC LAN
-   press and keep pressed RESET button on device
-   power the device by plugging PoE Injector (POE) <-> CF-EW72 V2 (LAN) cable
-   wait for about 10 seconds until wifi led stops blinking and release RESET button
-   navigate from your PC to http://192.168.1.1 and upload OpenWrt *-factory.bin firmware file
-   proceed until router starts blinking with wifi led again (flashing) and stops (rebooting to OpenWrt)

MAC addresses as verified by OEM firmware:
  vendor OpenWrt  address
  LAN    lan\eth0 label
  WAN    wan     label + 1
  2g     phy0    label + 2
  5g     phy1    label + 3

  The label MAC address was found in 0xe000.

LEDs detailed:
  The only both visible and controllable indicator is blue:wlan LED.
  It is not bound by default to indicate activity of any wireless interfaces.

  Place (WAN->ANT) | Num | GPIO | LED name (LuCI)   | Note
  -----------------|-----|-----------------------------------------------------------------------------------------
             power | 1   |      |                   | POWER LED. Not controlled with GPIO.
      hidden_led_2 | 2   | 13   | blue:hidden_led_2 | This LED does not have proper hole in shell.
               wan | 3   |      |                   | WAN LED. Not controlled with GPIO.
      hidden_led_4 | 4   | 16   | blue:hidden_led_4 | This LED does not have proper hole in shell.
               lan | 5   |      |                   | LAN LED. Not controlled with GPIO.
      noconn_led_6 | 6   |      |                   | Not controlled with GPIO, possibly not connected
              wlan | 7   | 15   | blue:wlan         | WLAN LED. Wireless indicator.
      noconn_led_8 | 8   |      |                   | Not controlled with GPIO, possibly not connected

  mt76-phy0 and mt76-phy1 leds also exist in OpenWrt, but do not exist on board.

Signed-off-by: Alexey D. Filimonov <alexey@filimonic.net>
2023-09-27 00:10:16 +02:00
David Bauer
cd14b17cb0 mpc85xx: drop WS-AP3715i label-mac
Label MAC detection does not work properly, as MAC address is assigned
on preinit. Thus, remove the label-mac definition.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-09-26 14:32:42 +02:00
Glen Lee
74e7f8ebbd ipq40xx: add support for Extreme Networks WS-AP391x series APs
This in a single image to run many types of hardware in the AP391x
series (AP3912/AP3915/AP3916/AP3917/AP7662).

Hardware
--------
Qualcomm IPQ4029 WiSoC
2T2R 802.11 abgn
2T2R 802.11 nac
Macronix MX25L25635E SPI-NOR (32M)
512M DDR3 RAM
1-4x Gigabit Ethernet
Senao EXT1025 HD Camera (AP3916 only)
USB 2.0 Port (AP3915e only)

1x Cisco RJ-45 Console port
  - except for AP3916 and AP3912 where there is no external serial
    console and it is TDB how to solder one. Possibly J12 is UART with
    pin1 = 3.3V, pin2 = GND, pin3 = TXD, pin4 = RXD.
  - Settings: 115200 8N1

Installation With Serial Console
--------------------------------

1. Attach to the Console port. Power up the device and press the s key
   to interrupt autoboot.

2. The default username / password to the bootloader is admin / new2day

3. Check uboot variables using printenv, and update if necessary:

   $ setenv AP_MODE 0
   $ setenv WATCHDOG_COUNT 0
   $ setenv WATCHDOG_LIMIT 0
   $ setenv AP_PERSONALITY identifi
   $ setenv serverip <SERVER_IPADDR>
   $ setenv ipaddr <UNIQUE_IPADDR>
   $ setenv MOSTRECENTKERNEL 0; ## OpenWRT only uses the primary image
   $ saveenv
   $ saveenv ## 2nd time to write the secondary copy

4. On the TFTP server located at <SERVER_IPADDR>, download the OpenWrt
   initramfs image. Rename and serve it as vmlinux.gz.uImage.3912

5. TFTP boot the OpenWrt initramfs image from the AP serial console:

   $ run boot_net

6. Wait for OpenWrt to start. Internet port sw-eth5 is assiged to LAN
   bridge and sw-eth4 (if available) is assigned to WAN.  The LAN port
   will use default IP address 192.168.1.1 and run a DHCP server.

   If you already have a working DHCP server or already have 192.168.1.1
   on your network you MUST DISCONNECT the LAN cable from your active
   network immediately after the power/status LED turns green!

   At this point, you need to temporarily reconfigure the AP to have
   a way to transfer the OpenWRT sysupgrade image to it.

   Reconfigure the newly converted OpenWRT AP using serial console or
   plug in a PC to a sw-eth5 as a separate network. Note -- the LAN/WAN
   port assignments were designed to make it possible to convert to
   OpenWRT without serial console and using a common firmware
   image for many AP models -- they may not make the most sense when
   fully deployed.

7. Download and transfer the sysupgrade image to the device using e.g.
   SCP.

8. Install OpenWrt to the device using "sysupgrade"

   $ sysupgrade -n /path/to/openwrt.bin

9. After it boots up again, as in step 6, connect to AP and reconfigure
   for final deployment.

This build supports APs in the AP391x series and similar such as WiNG
AP7662.

Ethernet devices within OpenWRT are named "sw-eth1" thru "sw-eth5".
Mapping from OpenWRT internal naming to external naming on the case is
as follows:

```
            |sw-eth1|sw-eth2|sw-eth3|sw-eth4|sw-eth5
------------+-------+-------+-------+-------+-------
AP3917      |       |       |       |  GE2  |  GE1
------------+-------+-------+-------+-------+-------
AP7662      |       |       |       |  GE2  |  GE1
------------+-------+-------+-------+-------+-------
AP3916      |       |       |       |  CAM* |  GE1
------------+-------+-------+-------+-------+-------
AP3915      |       |       |       |       |  GE1
------------+-------+-------+-------+-------+-------
AP3912      |       |  P1   |  P2   |  P3   | LAN1
------------+-------+-------+-------+-------+-------
```

By default sw-eth4 is mapped to WAN. All others are assigned to the
LAN.

CAM* - On AP3916, sw-eth4 is the camera's interface.  You should
reconfigure this to be on LAN after OpenWRT boots from flash.

Installation Without Serial Console
-----------------------------------

The main premise is to set u-boot environment variables using the
Extreme Networks firmware's rdwr_boot_cfg program.

$ rdwr_boot_cfg

Utility to manipulate the boot ROM config blocks
All errors are written to the sytem log file (/tmp/log/ap.log)

```
Usage: rdwr_boot_cfg <read_all|read_var|read_var_f|write_var|rm_var> ...
   read_all             read the entire active block
   read_var <var>       read a single variable from the active block
   read_var_f <var>     read a single variable from the active block
(formatted)
   write_var <var=val>  write a single variable/value pair to both
blocks
   rm_var <var>         delete a single variable from both blocks
```

WARNING: Be very sure you have set the u-boot environment correctly.
If not, it can only be fixed by attaching serial console!

Be aware that the Extreme Networks shell environment will automatically
reboot every 5 minutes if there is no controller present.

Read and understand these steps fully before attempting.  It is easy
to make mistakes!

1. Place the OpenWRT initramfs on the TFTP server and name it as
   vmlinux.gz.uImage.3912

2. Boot up to Extreme Networks WING-Campus mode OS.  Port GE1/LAN1
   will be a DHCP **client**.  Find out the IP address from your DHCP
   server and SSH in.  Default user/passwd is admin/new2day or
   admin/admin123.

   If it is booting to WING-Distributed mode, use this command to
   convert to Campus mode.

   $ operational-mode centralized

3. Upon bootup you have about 5mins to changed these u-boot variables
   if necessary using the rdwr_boot_cfg command in Linux shell:

   $ rdwr_boot_cfg write_var AP_MODE=0
   $ rdwr_boot_cfg write_var MOSTRECENTKERNEL=0
   $ rdwr_boot_cfg write_var WATCHDOG_COUNT=0
   $ rdwr_boot_cfg write_var WATCHDOG_LIMIT=0
   $ rdwr_boot_cfg write_var AP_PERSONALITY=identifi
   $ rdwr_boot_cfg write_var serverip=<SERVER_IPADDR>
   $ rdwr_boot_cfg write_var ipaddr=<UNIQUE_IPADDR>
   $ rdwr_boot_cfg write_var bootcmd="run boot_net"

4. Reboot AP.

5. Connect PC with ethernet to GE1/LAN1 port.  You should get a
   DHCP address in the 192.168.1.x range and should be able to
   SSH to the new OpenWRT TFTP recovery/installation shell.

6. At this point, u-boot is still set to TFTP boot, so you have to
   replace the TFTP image with the original Extreme Networks image so
   that you can change the u-boot environment.

   See the instructions for Extracting Extreme Networks firmware
   image.

   DON'T REBOOT YET!

7. Next you must follow steps 6 thru 8 from the Installation with serial
   console.  After which you should have OpenWRT installed to primary
   flash firmware.

8. Now Reboot.  This time it will boot using TFTP into Extreme Networks
   image.  You may need to reconnect cables at this point -- GE1/LAN1
   will be a DHCP **client** and you can SSH in -- just like step 2.
   Get the IP address from you own DHCP server.

9. Set u-boot env as follows:

   $ rdwr_boot_cfg write_var MOSTRECENTKERNEL=0
   $ rdwr_boot_cfg write_var WATCHDOG_COUNT=0
   $ rdwr_boot_cfg write_var bootcmd="run boot_flash"

10. Reboot AP.  This time it should be into OpenWRT.  GE1/LAN1 will be
   a DHCP **server** and have static IP 192.168.1.1 -- just like step 5.

11. SSH into the LAN port and reconfigure to final configuration. Don't
   make any changes that prevent you from SSH or Luci access!

Restoring Extreme Networks firmware
-----------------------------------

Assuming you have the original Extreme Networks image:

1. Login to OpenWRT shell

2. scp the Extreme Networks packaged firmware image file AP391x-*.img to
   /tmp

3. Extract the firmware uimage file:

   $ tar xjf AP391x-*.img vmlinux.gz.uImage

4. Force run sysupgrade:

   $ sysupgrade -F /tmp/AP391x-*.img /

5. Restore the u-boot varable(s):

   $ rdwr_boot_cfg write_var WATCHDOG_LIMIT=3

USB 2.0 Port on AP3915e
-----------------------
Enable this by setting LED "eth:amber_or_usb_enable" to ALWAYS ON.

Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Glen Lee <g2lee@yahoo.com>
2023-09-25 23:21:09 +02:00
Hauke Mehrtens
d2b5f4b2cd treewide: Add extra CPE identifier
This adds some Common Platform Enumerations (CPE) identifiers which I
found.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-09-25 23:06:33 +02:00
Andreas Böhler
4c83b6a4f8 ipq40xx: ZTE MF282 Plus fix sysupgrade
While adding support for the MF282 Plus, an entry in platform.sh was
overlooked - this fixes sysupgrade on this devices.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
2023-09-25 20:18:52 +02:00
Andreas Böhler
964b576fc1 ipq40xx: ZTE MF287 fix sysupgrade
While refactoring support for the MF287 series, an entry in platform.sh
was overlooked - this fixes sysupgrade on this devices.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
2023-09-25 20:18:04 +02:00
Christian Marangi
ab015abd4a
ipq40xx: drop patches/files/config for kernel 5.15
Drop patches/files/config for kernel 5.15 now that they are not used
anymore.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-25 19:33:28 +02:00
Christian Marangi
d686f2153c
ipq40xx: move to kernel 6.1 by default
Move ipq40xx to kernel 6.1 by default.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-25 19:33:28 +02:00
Christian Marangi
e89373bc23
generic: 6.1: add missing config TRUSTED_KEYS_TEE
Add missing config TRUSTED_KEYS_TEE for kernel 6.1 triggered when
TRUSTED_KEYS is enabled.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-25 19:33:24 +02:00
Felix Fietkau
f1bb528ae7 hostapd: fix rare crash with AP+STA and ACS enabled
Ensure that the iface disable in uc_hostapd_iface_start also clears the ACS
state.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-25 18:46:22 +02:00
Oskari Rauta
e26e088203
kernel: add missing symbols
CONFIG_DEVTMPFS_SAFE and CONFIG_DM_AUDIT were not
set and had to be manually selected during build
everytime kernel was updated.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
2023-09-25 18:11:20 +02:00
Leon M. Busch-George
25aab738ef base-files: ipcalc.sh: make check slightly more future-proof
The previous code handling the equal-condition might be removed or
altered in the future and the case might be overlooked.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
270f694f11 base-files: ipcalc.sh: turn error into warning
Some users have their routers configured to supply a DHCP range that
includes the local interface address.
That worked with dnsmasq because it automatically skips the local
address.

Re-enable those existing configurations for the release and hint at
possible future problems.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
[ wrap commit description and remove unecessary text ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
d7978e1f39 base-files: ipcalc.sh clarify range parameters in comment
To avoid confusion when working with ipcalc.sh, clarify that the last two
parameters belong to the range calculation and rename 'num' to the slightly
less ambiguous 'size'.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
9f52a57c99 package: dnsmasq: remove off-by-one mitigation for limit
In the dnsmasq init script, an off-by-one in the range calculation of
ipcalc.sh was mitigated by passing the limit as if its counting started
at zero. This patch removes the mitigation as the off-by-one has been
fixed.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
6b23836071 package: avoid the use of eval to parse ipcalc.sh output
Add a function 'ipcalc' to /lib/functions.sh that sets variables more
safely using export.
With this new function, dnsmasq also handles the return value of ipcalc
correctly.

Fixes: e4bd3de1be ("dnsmasq: refuse to add empty DHCP range")
Co-Authored-By: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
59e681eea1 base-files: ipcalc.sh: don't print broadcast addr for prefix > 30
Printing a broadcast address doesn't make any sense for /31 and /32
prefixes.
Strictly speaking, the same goes for the network address but it is useful
to get the first address in the prefix, e.g. to create a canonical
CIDR notation "$NETWORK/$PREFIX".

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
9b2f8a33b6 base-files: ipcalc.sh: correctly set limit for prefix > 30
For /31 and /32 prefixes, there are only host addresses - no network and
broadcast address with all-zero and all-one bits.
Reflect this when setting the limit.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
9e8bbd4265 base-files: ipcalc.sh: correctly interpret num parameter
The start and end addresses are inclusive.
Thus, adding num without substracting one results in num + 1 addresses.
Add the substraction and to implement the documented behaviour.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Florian Eckert
6585498372 build: replace SourceName with PKG_NAME compile unit name
Currently, the same information is stored at the Packages.manifest in
the 'Package:' variable and also additionally in the 'SourceName:' variable.

So we have for Packages.manifest for strongswan-charon-cmd:
```
Package: strongswan-charon-cmd
Version: 5.9.11-1

SourceName: strongswan-charon-cmd
License: GPL-2.0-or-later
Section: net
```

This is not correct. Several installable packages are built from the same
strongswan source. Therefore it makes more sense that the source name is
really the source name. In this case the it is 'strongswan'.

After this change the Packages.manifest for strongswan-charon-cmd:
```
Package: strongswan-charon-cmd
Version: 5.9.11-1

SourceName: strongswan
License: GPL-2.0-or-later
Section: net
```

In summary. The 'Package' name is the name of the package to be installed
on the target system. The 'SourceName' is the compile unit from which the
package was build from. This must be the same for all installable
packages built from the same compile unit. This commit fixes that.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2023-09-24 19:33:53 +02:00
Leon M. Busch-George
98d325aaf8 ipq40xx: wpj428: panic on squashfs error to work around boot limbo
Apparently, a few ipq40xx devices have sporadic problems when reading the
flash over SPI. When that happens, the result of the faulty SPI read is
cached and it isn't re-attempted. Depending on when it happens, the router
either panics and reboots or is left in a partially broken state (an
application wont start).
The data on the flash is alright.

This wasn't the case with Openwrt with Linux < 5.x but I wasn't able to
work out which software change was responsible.

Github user karlpip created a patch for testing that disabled the cache
entirely and added logs. Typically, only one or two SPI operations fail at
a time:

  [689200.631152] spi-nor spi0.0: SPI transfer failed: -110
  [689200.631280] spi_master spi0: failed to transfer one message from queue
  [689200.635369] jffs2: Write of 68 bytes at 0x00ffccf4 failed. returned -110, retlen 0
  [689200.642014] jffs2: Not marking the space at 0x00ffccf4 as dirty because the flash driver returned retlen zero

Because reads aren't re-attempted, squashfs can't recover:

  [3171844.279235] SQUASHFS error: Failed to read block 0x2bb912: -5
  [3171844.279284] SQUASHFS error: Unable to read fragment cache entry [2bb912]
  [3171844.283980] SQUASHFS error: Unable to read page, block 2bb912, size 14e6c
  [3171844.291650] SQUASHFS error: Unable to read fragment cache entry [2bb912]
  [3171844.297831] SQUASHFS error: Unable to read page, block 2bb912, size 14e6c

I assume there to be some kind of underlying electrical problem because,
in my experience, this happens a lot more when PoE is used.

NoTengoBattery has made an in-depth investigation:
https://forum.openwrt.org/t/patch-squashfs-data-probably-corrupt/70480

.. and created a patch that evicts the page cache and retries reading:
https://github.com/NoTengoBattery/openwrt/blob/linksys-ea6350v3-mastertrack/target/linux/ipq40xx/patches-5.4/9996-fs_squashfs_improve_squashfs_error_resistance.patch

The patch also works well with the WPJ428 but NoTengoBattery didn't try to
upstream it ("This is not the solution that should be used").

In 2020, I tried and failed to create a working patch that prevents faulty pages to
be cached in the first place. Because I needed a solution, I backported
  "squashfs: add option to panic on errors " (10dde05b89980ef)
which has since become available in Openwrt.

The 'error=panic' option has been tested on a fleet of multiple hundred
WPJ428s over multiple years. Without this patch, devices regularly went
into 'limbo' on reboot or update and required a manual reboot.
Devices with this patch don't. I was initially concerned that the kernel
panic would leave devices with a real corrupted data but I haven't seen a
case of actual corruption since (outside of people turning off the power
during upgrades).

The WPJ428 is the only device I tested this patch on - others might also
benefit.

Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-24 18:55:35 +02:00