This fixes multiple security problems:
* [Medium] CVE-2024-1544
Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls.
* [Medium] CVE-2024-5288
A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations.
* [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS.
* [Low] CVE-2024-5991
In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.
* [Medium] CVE-2024-5814
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection.
* [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received.
* [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt.
Unset DISABLE_NLS to prevent setting the unsupported configuration
option --disable-nls which breaks the build now.
Link: https://github.com/openwrt/openwrt/pull/15948
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
408c2cc libfstools: skip JFFS2 padding when BLOCKSIZE was given
013050f fstools: remove redundant F2FS_MINSIZE definition
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
There is no point in hard-coding the UBI volume numbers as we are
dynamically looking up the volume by volume name in all cases by now.
Remove this relict as it causes problems without being useful for
anything.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
1. Rename function _do_env_set() to env_do_env_set().
2. Replace kwbimage hack with UBOOT_CUSTOMIZE_CONFIG:
"--disable TOOLS_KWBIMAGE" and "--disable TOOLS_LIBCRYPTO".
3. Disable CONFIG_CMD_BOOTEFI_BOOTMGR for all supported devices
because the newly added UEFI bootmenu entries doesn't work.
4. Enable CONFIG_VERSION_VARIABLE for the OpenWrt One.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Co-authored-by: Daniel Golle <daniel@makrotopia.org>
73644a036f5a nl80211: move access to tb array out of uc_nl_convert_attr and below
6e3cf83a77a7 nl80211: add support for multi-attribute arrays
6ff24d5488a9 nl80211: update nl80211.h to latest wireless-next
abc2aef28641 nl80211: add wiphy multi-radio support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Brings lots of driver updates and API changes needed for mt76 updates.
Disable iwlwifi and ath11k on 5.15, since backport is too difficult,
and the only remaining targets won't need those drivers.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Changes:
2a768c4 wireless-regdb: Update regulatory rules for Mongolia (MN) on 6GHz
04875d9 wireless-regdb: Update regulatory rules for Saudi Arabia (SA) on 6GHz
b7bced8 wireless-regdb: Update regulatory rules for South Africa (ZA) on 6GHz
7bc8615 wireless-regdb: Update regulatory info for Thailand (TH) on 6GHz
f901fa9 wireless-regdb: Update regulatory info for Malaysia (MY) for 2022
d72d288 wireless-regdb: Update regulatory info for Morocco (MA) on 6GHz
414face wireless-regdb: Update regulatory info for Chile (CL) on 6GHz
1156a08 wireless-regdb: Update regulatory info for Mexico (MX) on 6GHz
cc6cf7c wireless-regdb: Update regulatory info for Iceland (IS) on 6GHz
ce03cc0 wireless-regdb: Update regulatory info for Mauritius(MU) on 6GHz
7e37778 wireless-regdb: Update regulatory info for Argentina (AR) on 6GHz
56f3a43 wireless-regdb: Update regulatory info for United Arab Emirates (AE) on 6GHz
3cb8b91 wireless-regdb: Update regulatory info for Colombia (CO) on 6GHz
3682ce5 wireless-regdb: Update regulatory info for Costa Rica (CR) for 2021
dd4ffe7 wireless-regdb: Update regulatory info for Dominican Republic (DO) on 6GHz
f8ef7da wireless-regdb: Update regulatory info for Liechtenstein (LI) on 6GHz
a9ecabe wireless-regdb: Update regulatory info for Jordan (JO) for 2022
5a9fdad wireless-regdb: Update regulatory info for Kenya (KE) for 2022
19326c3 wireless-regdb: Update regulatory info for Macao (MO) for 2024
4838054 wireless-regdb: update regulatory database based on preceding changes
Link: https://github.com/openwrt/openwrt/pull/15921
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2158201 devices: add device id for Atheros AR9590
Signed-off-by: Tan Zien <nabsdh9@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15889
Signed-off-by: Robert Marko <robimarko@gmail.com>
For some reason, it's not working right locally. Override as is done
with the target build.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15916
Signed-off-by: Robert Marko <robimarko@gmail.com>
This commit adds support for Asus RT-AX89X BX revision.
WARNING: Only the BX revision boards (So B1, B2 etc) are supported because
AX revision boards use IPQ8074 v1 SoC which is unsupported.
Specifications:
---------------
* CPU: Qualcomm IPQ8074A Quad core Cortex-A53 @ 2.2GHz
* RAM: 1024MB
* Storage: 256MB SLC NAND (Macronix MX30UF2G18AC)
* Ethernet:
* 5x 1G RJ45 ports via QCA8337 switch
* 3x 1G RJ45 ports via internal switch (QCA8075 PHY)
* 1x 10G RJ45 via internal switch (AQR113C PHY)
* 1x 10G SFP+ slot via internal switch
* WLAN:
* 2.4GHz 4x4
* 5GHz 8x8
* 8 external antennas
* USB: 2x USB 3.0 Type-A
* Buttons:
* Power switch
* WPS
* Reset
* Wireless ON/OFF
* LED ON/OFF
LED-s:
* Power
* Wi-Fi
* WAN
* 10G
* SFP+
Power:
* 19.5V via DC jack
Installation instructions:
--------------------------
1. Flash temporary OpenWrt initramfs:
* Flash openwrt-qualcommax-ipq807x-asus_rt-ax89x-initramfs-factory.trx
via the stock firmware.
Administration -> Firmware Upgrade -> Manual Firmware update (Upload)
After flashing the device will reboot with OpenWrt initramfs and it can
be accesed via any of the LAN ports via SSH with the usual OpenWrt
default credentials.
2. Sysupgrade from OpenWrt initramfs:
* Copy openwrt-qualcommax-ipq807x-asus_rt-ax89x-squashfs-sysupgrade.bin to
/tmp/openwrt-qualcommax-ipq807x-asus_rt-ax89x-squashfs-sysupgrade.bin of
the running initramfs image.
* Simply sysupgrade -n /tmp/openwrt-qualcommax-ipq807x-asus_rt-ax89x-squashfs-sysupgrade.bin
After flashing the device will reboot with OpenWrt initramfs and it can
be accesed via any of the LAN ports via SSH with the usual OpenWrt
default credentials.
Link: https://github.com/openwrt/openwrt/pull/15840
Signed-off-by: Robert Marko <robimarko@gmail.com>
Currently, SSDK is creating a fake SFP PHY which has no OF node populated,
thus making it impossible to pass it to NSS-DP so port can actually work.
We eliminated QCA-s connecting of the PHY by manually creating a string
and then matching by name and instead only support passing the PHY as
phandle via phy-handle.
So, lets just use the switch port node to which the SFP is connected to
anyway and set it as the PHY device OF node so we can pass it to NSS-DP.
Link: https://github.com/openwrt/openwrt/pull/15840
Signed-off-by: Robert Marko <robimarko@gmail.com>
ncurses is built with wide support enabled, which enables libncursesw.
The problem is, the ncurses build system only supplies ncursesw or
ncurses.pc but not both. The other problem is, the readline build tests
for libncurses before the w variant, making its pc file unusable as
there is no ncurses.pc file to satisfy the Required: ncurses section.
Just override the library.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15864
Signed-off-by: Robert Marko <robimarko@gmail.com>
Needed for things such as readline that depend on ncurses.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15864
Signed-off-by: Robert Marko <robimarko@gmail.com>
Convert DSL_XTUDir_t to DSL_AccessDir_t to get rid of enum-conversion
warning.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Link: https://github.com/openwrt/openwrt/pull/15811
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Satisfy compiler expectations in a hell of typedef's and get rid of
system-wide workqueue flush. Results in warning-free compile of the TAPI
driver also with Linux 6.6.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Link: https://github.com/openwrt/openwrt/pull/15811
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit adds support for TP-LINK RE6000XD.
The device is quite similar to the Mercusys MR90X V1,
except only 3 LAN ports and more LEDs.
So thanks to csharper2005 for doing all the groundwork.
Device specification
--------------------
SoC Type: MediaTek MT7986BLA, Cortex-A53, 64-bit
RAM: MediaTek MT7986BLA (512MB)
Flash: SPI NAND GigaDevice (128 MB)
Ethernet: MediaTek MT7531AE + 2.5GbE MaxLinear GPY211C0VC (SLNW8)
Ethernet: 1x2.5Gbe (LAN3 2.5Gbps), 2xGbE (LAN 1Gbps, LAN1,
LAN2)
WLAN 2g: MediaTek MT7975N, b/g/n/ax, MIMO 4x4
WLAN 5g: MediaTek MT7975P(N), a/n/ac/ax, MIMO 4x4
LEDs: 8 LEDs, 1 status blue, 2x WIFI blue, 2x signal
blue/red, 3 LAN blue gpio-controlled
Button: 2 (Reset, WPS)
USB ports: No
Power: 12 VDC, 2 A
Connector: Barrel
Bootloader: Main U-Boot - U-Boot 2022.01-rc4. Additionally, ubi0
partition contain "seconduboot" (also U-Boot 2022.01-rc4)
Serial console (UART), unpopulated
---------------------
V
+-------+-------+-------+-------+
| +3.3V | GND | TX | RX |
+---+---+-------+-------+-------+
|
+--- Don't connect
Disassemble: rm the 2 screws at the bottom and the one at the backside.
un-clip the case starting at the edge above the LEDs.
Installation (UART)
-------------------
1. Place OpenWrt initramfs image on tftp server with IP 192.168.1.2
2. Attach UART, switch on the router and interrupt the boot process by
pressing 'Ctrl-C'
3. Load and run OpenWrt initramfs image:
tftpboot openwrt-mediatek-filogic-tplink_re6000xd-initramfs-kernel.bin bootm
4. Run 'sysupgrade -n' with the sysupgrade OpenWrt image
Notice: while I was successfull at activating ssh (as described
here:
https://www.lisenet.com/2023/gaining-ssh-access-to-tp-link-re200-wi-fi-range-extender/)
Unfortunately I haven't found the correct root password.
Looks like they are using a static password
(md5crypt, salt + 21 characters) that is not the web
interface admin password.
The TP-LINK RE900XD looks like the very same device,
according to the pictures and the firmware.
But I haven't checked if the OpenWrt firmware works as well
on that device.
The second ubi partition (ubi1) is empty and there is no known
dual-partition mechanism, neither in u-boot nor in the stock firmware.
Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>
Re-enable FIT signature verification since we switched to use hyphen
for node name separators in commit 2b133ab19c ("scripts: use sep-char for hash nodes").
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
use u-boot-rockchip.bin to copy SPL/TPL/U-Boot to the image.
since binman was used in mainline u-boot for rockchip, we can use
u-boot-rockchip.bin instead of idbloader.img and u-boot.itb.
Reviewed-by: Tianling Shen <cnsztl@immortalwrt.org>
Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15815
Signed-off-by: Robert Marko <robimarko@gmail.com>
BDFs come from latest firmware, version 1.1.19.209880 (2022-06-20):
- /lib/firmware/IPQ4019/v1/FCC/boardData_1_0_IPQ4019_DK04_2G.bin
- /lib/firmware/IPQ4019/v1/FCC/boardData_1_0_IPQ4019_DK04_5G.bin
- /lib/firmware/QCA9888/v1/FCC/boardData_2_0_QCA9888_5G_Y9690_SBS_HB.bin
Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15844
Signed-off-by: Robert Marko <robimarko@gmail.com>
Package the sctp_diag.ko file which already gets build when kmod-sctp
and kmod-inet-diag are selected.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Package the mfd-core.ko kernel module. It is selected by the
kmod-hwmon-gsc already.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The mtd_nandbiterrs.ko kernel module was added with kernel 3.7. We
should package it like the other test modules.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
kxxhash_generic.ko is a soft dependency of kmod-fs-btrfs, but we did not
package it. Extract the kmod-lib-xxhash and then package
xxhash_generic.ko.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The kmod-fs-btrfs package has a soft dependency to kmod-crypto-blake2b
The CONFIG_BTRFS_FS kernel build option selects CONFIG_CRYPTO_BLAKE2B,
but we did not package it before.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The kernel provides two variants of the lz4 compression a normal version
and a high compression mode version. The old kmod-lib-lz4 package
contained the normal version plus one part of the lz4hc version. There
was already code which selected the kmod-lib-lz4hc package which did
not exists.
I split this into 3 packages. kmod-lib-lz4 and kmod-lib-lz4hc for the
normal the and high compression algorithm which contain the specific
code and the kmod-lib-lz4-decompress which contains the common
decompressor.
New we are also packaging lz4hc.ko
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The nf_dup_ipv4.ko and nf_dup_ipv6.ko kernel module were packaged by
kmod-ipt-tee and kmod-nft-dup-inet at the same time. Extract them into a
separate package used by both.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
`f2fslabel` is already built into `f2fs.fsck`, but is missing its symlink
in the final package.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15851
Signed-off-by: Robert Marko <robimarko@gmail.com>
Fixes the following error:
Syntax error: Unable to resolve path for module 'uci'
In line 3, byte 27:
`import * as uci from 'uci';`
Near here ----------------^
Fixes: 4a3ed518b2 ("wifi-scripts: rewrite wifi detect code in ucode")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Don't ignore probe requests which contain an invalid DS parameter for the
current operating channel.
As the comment outlines, the drop shall only apply if
dot11RadioMeasurementActivated is set to 1.
However, it was observed Linux clients (Debian 12 / NixOS 23.11)
with an Intel 8265 NIC may generate a probe request frame with
dot11RadioMeasurementActivated set to false and an invalid DSSS
parameter.
These were also dropped even though they should not have been. They
however should not have contained this parameter in the first place.
Don't drop Probe Requests which contain such an invalid field. This may
lead to more probe responses being sent, however it does fix very
frequent connection issues for these clients on 2.4 GHz.
Signed-off-by: David Bauer <mail@david-bauer.net>
These things already get built and installed by tools/e2fsprogs. No need
to duplicate.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15822
Signed-off-by: Robert Marko <robimarko@gmail.com>
Release notes:
https://lists.infradead.org/pipermail/linux-mtd/2024-March/104058.html
mtd-utils are currently depending on zlib, however it is not expressed
as a dependency and it is somehow being only pulled-in by lincurses-devel
so mtd-utils were able to compile.
Since 2.2.0 zlib is optional so lets disable support for it like for other
compressors since we dont package the mkfs.ubifs or mkfs.jffs2 that
are only users of compressors anyway.
Link: https://github.com/openwrt/openwrt/pull/15802
Signed-off-by: Robert Marko <robimarko@gmail.com>
Now that we are not patching mtd-utils with JFFS2 LZMA support there
is no need for autoreconf to be run.
Link: https://github.com/openwrt/openwrt/pull/15802
Signed-off-by: Robert Marko <robimarko@gmail.com>
We have been carrying the 100-fix_includes.patch and 130-lzma_jffs2.patch
for a long time but the reason is lost to history.
We dont need to carry the JFFS2 LZMA support patch as mkfs.jffs2 is not
even being packaged so its not even being used.
As for the 100-fix_includes.patch that also seems like a relic of history
as mtd-utils compiles fine without it.
So, lets drop both patches.
Link: https://github.com/openwrt/openwrt/pull/15790
Signed-off-by: Robert Marko <robimarko@gmail.com>
Backport patch for G761 PWM Fan controller support. This is used by
an ipq807x RAX120v2 and have an internal clock that was currently
unconfigured making the device not working.
Link: https://github.com/openwrt/openwrt/pull/15796
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
MikroTik RB5009 uses RouterBoot as its bootloader like all MikroTik devices
running RouterOS, meaning that its not FIT compatible and can only boot
ELF images.
Now this is not so much of an issue on ARM or MIPS since kernel supports
appending DTB-s to it (Or we patch the kernel to embed it), but on ARM64
there is intentionally no such support.
RouterBoot will pass a DTB, but its the broken MikroTik one which is a
modified reference DTB and incorrect in more places than its valid so we
cannot use it to boot our kernel.
Thus, the solution is to use an intermediary loader and luckily for us
Armada 7040 is well supported in U-Boot which makes it a great option since
it supports anything that we will ever need to boot.
Upstream U-Boot currently requires the Armada boards to be converted to
OF_UPSTREAM before adding anything new and this requires updating all of
the drivers to accomodate the Linux DTS, while I plan to do this eventually
we will need to keep this board downstream for now.
Most stuff is supported in U-Boot, including networking since the switch
is preconfigured by RouterBoot.
A custom environment is used to try and boot from the following devices:
1. NAND (UBI)
2. USB
3. Networking
If NAND boot fails then U-Boot will attempt to boot OpenWrt initramfs from
USB or via networking.
There is a manual recovery mechanism implemented where if the reset button
is held when U-Boot is booting it will try to boot OpenWrt initramfs from:
1. USB
2. Networking
When U-Boot is in recovery mode it will light all of the LED-s except the
switch ones.
Link: https://github.com/openwrt/openwrt/pull/15765
Signed-off-by: Robert Marko <robimarko@gmail.com>
Trying to compile for ipq60xx will fail with:
ERROR: modpost: "qca808x_phy_reset" [build_dir/target-aarch64_cortex-a53_musl/linux-qualcommax_ipq60xx/qca-ssdk-2024.06.13~c451136b/qca-ssdk.ko] undefined!
So, lets fix this by disabling Manhattan switch and PHY support as this is
the new 2.5G quad port switch that is not present on ipq60xx boards.
Fixes: 87a45ea432 ("kernel: qca-ssdk: update 12.5 to 2024-06-13")
Signed-off-by: Robert Marko <robimarko@gmail.com>
There are some new commits, so refresh and update patches.
Some build warnings have been fixed upstream too.
Add backport target/linux/generic/backport-6.6/722-v6.10-dt-bindings-arm-qcom-ids-Add-SoC-ID-for-IPQ5321.patch.
Removed upstream:
[-] qca-ssdk/patches/101-hsl_phy-add-support-for-detection-PSGMII-PHY-mode.patch
[-] qca-ssdk/patches/201-fix-compile-warnings.patch
List of changes:
2024-04-16 -c451136b- qca-ssdk: strip MRPPE code
2024-06-05 -f455a820- [qca-ssdk]: fix enum-int-mismatch warnings
2024-05-31 -bbfc0fa9- Merge "[qca-ssdk]: update eee status of phydev"
2024-05-31 -adbe9dc5- Merge "[qca-ssdk]: support psgmii and uqsxgmii mode of kernel"
2024-05-31 -d06ca777- Merge "[qca-ssdk]: fix 5G issue with the AQR FW that use 5gbaser for 5G speed"
2024-05-31 -c6f539a5- Merge "qca-ssdk: support mrppe pktedit padding functions"
2024-04-29 -c321e2a9- qca-ssdk: support mrppe pktedit padding functions
2024-05-24 -ee6e201e- qca-ssdk: Fix the big endian compile error
2024-05-15 -8c116bb9- [qca-ssdk]: update eee status of phydev
2024-05-20 -f0341a2c- Merge "qca-ssdk: Enable igmp for PPE MINI profile"
2024-05-16 -44a0ce93- qca-ssdk: Enable igmp for PPE MINI profile
2024-05-15 -8b91bbf6- [qca-ssdk]: support psgmii and uqsxgmii mode of kernel
2024-05-14 -7eec1658- [qca-ssdk]: fix 5G issue with the AQR FW that use 5gbaser for 5G speed
2024-05-12 -b9f5ea0e- [qca-ssdk]: ethtool support, do not change wake-up timer when the requested timer is 0
2024-05-09 -5e2c15ed- Merge "[qca-ssdk]: remove check when mht clock enable"
2024-05-09 -a1563b90- Merge "[qca-ssdk] support new sku IPQ5321"
2024-04-23 -f04b7680- [qca-ssdk]: show unknown status when link down
2024-03-22 -33b91b30- [qca-ssdk]: remove check when mht clock enable
2024-04-29 -b6362f2b- Merge "qca-ssdk:fix bug in marina nptv6 iid cal"
2024-04-29 -097033ae- Merge "[qca-ssdk] support cypress uniphy0 connecting MHT switch port0"
2024-04-24 -d45560fd- qca-ssdk:fix bug in marina nptv6 iid cal
2024-04-24 -7d7a42af- qca-ssdk: enable policer counter on low memory profile
2024-04-18 -e36cf6ea- Merge "[qca-ssdk]: change portvlan egress mode initial value as untouched"
2024-04-18 -27817881- Merge "[qca-ssdk]: update the aqr phy supported ability"
2024-04-18 -5a3a693c- Merge "qca-ssdk:support marina nptv6"
2024-04-16 -129fe9b3- Merge "qca-ssdk: support tunnel fields and innner fields inverse"
2024-01-09 -fc8f6abd- qca-ssdk:support marina nptv6
Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Link: https://github.com/openwrt/openwrt/pull/15771
Signed-off-by: Robert Marko <robimarko@gmail.com>
It has its own dedicated knob
Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15761
Signed-off-by: Robert Marko <robimarko@gmail.com>
New dependencies required for the module to be useful, and correct IPv6 support
Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15761
Signed-off-by: Robert Marko <robimarko@gmail.com>
Currently, the build option to enable/disable engine support isn't
reflected in the final '/etc/ssl/openssl.cnf' config. It assumes `engines`
is always enabled, producing an error whenever running any
commands in openssl util or programs that explicitly use settings
from '/etc/ssl/openssl.cnf'.
```
➤ openssl version
FATAL: Startup failure (dev note: apps_startup()) for openssl
307D1EA97F000000:error:12800067:lib(37):dlfcn_load:reason(103):crypto/dso/dso_dlfcn.c:118:filename(libengines.so):
Error loading shared library libengines.so: No such file or directory
307D1EA97F000000:error:12800067:lib(37):DSO_load:reason(103):crypto/dso/dso_lib.c:152:
307D1EA97F000000:error:0700006E:lib(14):module_load_dso:reason(110):crypto/conf/conf_mod.c:321:module=engines, path=engines
307D1EA97F000000:error:07000071:lib(14):module_run:reason(113):crypto/conf/conf_mod.c:266:module=engines
```
Build should check for the `CONFIG_OPENSSL_ENGINE` option, and comment out `engines`
if not explicitly enabled.
Example:
```
[openssl_init]
providers = provider_sect
```
After this change, openssl util works correctly.
```
➤ openssl version
OpenSSL 3.0.14 4 Jun 2024 (Library: OpenSSL 3.0.14 4 Jun 2024)
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15661
Signed-off-by: Robert Marko <robimarko@gmail.com>
224d497dd94f srec2bin: drop unused "dum" variable
6777b2d51961 uimage_sgehdr: use "char" type for header struct strings
81db3025aac5 uimage_sgehdr: drop unused "ltmp" variable
bd7fcc74b43e pc1crypt: make decrypt/encrypt functions take void * as argument
6ac44974185a linksys: add magic header generation tool for e8350 v1
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This reverts commit 25bbefcdd9.
Only the Config-build.in change needed to be merged and this contains
leftover from previous revision of the feature.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Backport upstream patch for tim->virtual_map flex array warning for
invalid write.
This has been notice with the bump of ath10k-ct to version 6.7.
Link: https://github.com/openwrt/openwrt/pull/15760
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Old "interface" sections for bridges were mixing layer 2 and layer 3.
That syntax got deprecated and UCI section "device" is used for bridge
configuration now.
Backward compatibility may be dropped from netifd soon now so migrate
old configs using uci-defaults script.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
netifd supports more accurate "ports" option (instead of "ifname") for
years now. Relevant changes were even backported to OpenWrt 21.02. Add
uci-defaults script that translates config files using deprecated
syntax.
Identical commit f716c30241 ended up reverted back in 2021 by
80be798d4a due to breaking downgrades. With 19.07 support ended it
should no longer be an issue.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Backport RX timestamp flags patch needed for ath10k-ct to compile with
newer versions.
Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.
Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.
Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This reverts commit dc9c5d1ee7.
Additional file for ath10k-ct slipped in, revert for a better version
pushed later.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
A small regress from the translation to shell.
Fixes#12921, originally fixed in #12925 (Github).
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Link: https://github.com/openwrt/openwrt/pull/15430
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This commit makes the libquadmath library available to the GCC
toolchain. This library is important for libraries such as
Boost.charconv
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15637
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Debian changelog:
intel-microcode (3.20240531.1) unstable; urgency=medium
* New upstream microcode datafile 20240531
* Fix unspecified functional issues on Pentium Silver N/J5xxx,
Celeron N/J4xxx
* Updated Microcodes:
sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800
* source: update symlinks to reflect id of the latest release, 20240531
-- Henrique de Moraes Holschuh <hmh@debian.org> Sat, 01 Jun 2024 11:49:47 -0300
intel-microcode (3.20240514.1) unstable; urgency=medium
* New upstream microcode datafile 20240514
* Mitigations for INTEL-SA-01051 (CVE-2023-45733)
Hardware logic contains race conditions in some Intel Processors may
allow an authenticated user to potentially enable partial information
disclosure via local access.
* Mitigations for INTEL-SA-01052 (CVE-2023-46103)
Sequence of processor instructions leads to unexpected behavior in
Intel Core Ultra Processors may allow an authenticated user to
potentially enable denial of service via local access.
* Mitigations for INTEL-SA-01036 (CVE-2023-45745, CVE-2023-47855)
Improper input validation in some Intel TDX module software before
version 1.5.05.46.698 may allow a privileged user to potentially enable
escalation of privilege via local access.
* Fix for unspecified functional issues on 4th gen and 5th gen Xeon
Scalable, 12th, 13th and 14th gen Intel Core processors, as well as for
Core i3 N-series processors.
* Updated microcodes:
sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632
sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400
sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390
sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390
sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390
sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256
sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035
sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035
sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035
sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208
sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433
sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808
sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040
sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240
sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960
sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230
* source: update symlinks to reflect id of the latest release, 20240514
-- Henrique de Moraes Holschuh <hmh@debian.org> Thu, 16 May 2024 21:40:52 -0300
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Fix compilation warning:
./include/linux/export.h:29:22: error: passing argument 1 of 'class_create' from incompatible pointer type [-Werror=incompatible-pointer-types]
29 | #define THIS_MODULE (&__this_module)
| ~^~~~~~~~~~~~~~~
| |
| struct module *
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:1105:29: note: in expansion of macro 'THIS_MODULE'
1105 | dsl_class = class_create(THIS_MODULE, "dsl_cpe_api");
| ^~~~~~~~~~~
In file included from ./include/linux/device.h:31,
from ./include/linux/platform_device.h:13,
from ./include/linux/of_device.h:5,
from ./include/linux/of_platform.h:10,
from /home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:15:
./include/linux/device/class.h:230:54: note: expected 'const char *' but argument is of type 'struct module *'
230 | struct class * __must_check class_create(const char *name);
| ~~~~~~~~~~~~^~~~
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:1105:16: error: too many arguments to function 'class_>
1105 | dsl_class = class_create(THIS_MODULE, "dsl_cpe_api");
| ^~~~~~~~~~~~
./include/linux/device/class.h:230:29: note: declared here
230 | struct class * __must_check class_create(const char *name);
| ^~~~~~~~~~~~
cc1: all warnings being treated as errors
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
Fix compilation warning:
./include/linux/export.h:29:22: error: passing argument 1 of 'class_create' from incompatible pointer type [-Werror=incompatible-pointer-types]
29 | #define THIS_MODULE (&__this_module)
| ~^~~~~~~~~~~~~~~
| |
| struct module *
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:2774:34: note: in expansion of macro 'THIS_MODULE'
2774 | dsl_class = class_create(THIS_MODULE, "ifx_mei");
| ^~~~~~~~~~~
In file included from ./include/linux/device.h:31,
from ./include/linux/dma-mapping.h:8,
from ./include/linux/skbuff.h:28,
from ./include/net/net_namespace.h:43,
from ./include/linux/netdevice.h:38,
from /home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:39:
./include/linux/device/class.h:230:54: note: expected 'const char *' but argument is of type 'struct module *'
230 | struct class * __must_check class_create(const char *name);
| ~~~~~~~~~~~~^~~~
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:2774:21: error: too many arguments to function 'class_create'
2774 | dsl_class = class_create(THIS_MODULE, "ifx_mei");
| ^~~~~~~~~~~~
./include/linux/device/class.h:230:29: note: declared here
230 | struct class * __must_check class_create(const char *name);
| ^~~~~~~~~~~~
cc1: all warnings being treated as errors
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
All usages of mtd-cal-data have been removed. To avoid submissions that
rely on this deprecated behavior, remove it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15671
Signed-off-by: Robert Marko <robimarko@gmail.com>
This reverts commit 80d1c353b7 with the
fix which won't break running systems. A logic error on how shell
handles && and || more the init process.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Currently, the apk utility lacks accessible help documentation, making
it cumbersome for human users:
apk-tools 3.0.0_pre20240519, compiled for x86_64.
ERROR: This apk-tools has been built without help
This absence of help forces users to delve into the apk's build
directory to understand its functionality. To enhance usability, we will
enable the help feature for the host build. The host environment can
accommodate the 3% increase in binary size for the added convenience.
On Ubuntu 22.04, x86_64 platform, the apk size increases by 17,816 bytes
(from 594,144 to 611,960 bytes), a 2.99% increase. This is a reasonable
trade-off for improved ergonomics.
Additionally fix the Lua host build dependency as apk-tools uses during
the build Lua to convert SCDOC manpages to apk-tools help messages.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG as APK have different
way to validate package integrity (apk audit)
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
For APK installation we don't have /usr/lib/opkg/info and user fixup are
handled dirrectly. Skip the script in such case.
Also remove this uci-defaults if we have CONFIG_USE_APK enabled.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Don't install /usr/lib/opkg/info in package install as it doesn't make
sense and conflicts with APK installations.
Fixes: a377aa9ab5 ("add dropkey ssh keys and config files to the conffiles section (#2014)")
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
For non-overlay configuration we need checksum for config file that
weren't modified by the user. For OPKG in sysupgrade we check the status
file for the Conffiles: entry of every package. this entry contains
checksum for every static file that the package contains.
Provide the same info for APK by creating a conffiles_static file and
parse this file on sysupgrade for non-overlay configurations.
This is also used by the sysupgrade -u option to exclude non-changed
files from the final backup.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Currently the build with USE_APK=y fails in package/libs/toolchain:
staging_dir/host/bin/fakeroot: line 182: staging_dir/host/bin/apk: No such file or directory
make[2]: *** [Makefile:758: bin/targets/mediatek/filogic/packages/libgcc1-13.2.0-r4.apk] Error 127
as commit d788ab376f ("build: add APK package build capabilities") added
dependency on apk in packaging step, but there is no host build
dependency defined, thus apk binary is missing when libgcc1 apk package is being
created. So lets fix it by adding explicit apk/host dependency to all
targets in the subdirectories.
Fixes: d788ab376f ("build: add APK package build capabilities")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[ rework logic to be more self contained ]
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Since musl 1.2.5 update yafut would throw a warning about implicit
declaration of basename() but would still somehow compile.
However, trying to use it on a device will cause it to instantly
Segmentation fault.
So, to fix this lets update to the current upstream repository version
that has removed the use of basename() completely.
Link: https://github.com/openwrt/openwrt/pull/15685
Signed-off-by: Robert Marko <robimarko@gmail.com>
Select DRIVER_11AX_SUPPORT and KERNEL_RELAY also for kmod-mt7996 to
prevent build failure if only this driver is selected during build and
end up with (most) required hostap features (IEEE 802.11be rates are not
yet supported).
Reported-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The 'kmod-stmmac-core' package is referenced by the following packages:
* kmod-dwmac-intel
* kmod-dwmac-imx
* kmod-dwmac-sun8i
The problem is that 'kmod-of-mdio' is not selectable for 'TARGET_x86'.
That means the package 'kmod-dwmac-intel' is not available on this
architecture and so the package 'kmod-dwmac-intel' could not be enabled.
To fix this remove the dependencies 'kmod-of-mdio' from 'kmod-stmmac-core'.
This is not needed on this level, because the modules 'kmod-of-mdio' is
already selected by the packages 'kmod-dwmac-imx' and 'kmod-dwmac-sun8i'.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Major changes between OpenSSL 3.0.13 and OpenSSL 3.0.14 [04-Jun-2024]
* Fixed potential use after free after SSL_free_buffers() is called.
[CVE-2024-4741]
* Fixed checking excessively long DSA keys or parameters may be very slow.
[CVE-2024-4603]
* Fixed an issue where some non-default TLS server configurations can cause
unbounded memory growth when processing TLSv1.3 sessions. An attacker may
exploit certain server configurations to trigger unbounded memory growth that
would lead to a Denial of Service. [CVE-2024-2511]
* New atexit configuration switch, which controls whether the OPENSSL_cleanup
is registered when libcrypto is unloaded. This can be used on platforms
where using atexit() from shared libraries causes crashes on exit
Signed-off-by: John Audia <therealgraysky@proton.me>
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
This adds some compile fixes for linux 6.6 compatibility.
class_create now require only the name instead of the module ownership
reference.
Also the kernel enabled checks for enum.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
This adds some compile fixes for linux 6.6 compatibility.
class_create now require only the name instead of the module ownership
reference.
Also the kernel enabled checks for enum.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
struct u128 and u128_xor() was removed by upstream commit f413e724818c
("cyrpto/b128ops: Remove struct u128").
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
This fixes some compile warnings for linux 6.6.
Flushing system-wide workqueues is dangerous and will be forbidden.
Replace system_wq with local vectoring_wq.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Update to the latest upstream release to include recent improvements and
bugfixes, and simplify use of PKG_SOURCE_VERSION.
Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.3
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Add two patches to fix compile errors being repeatedly seen on OpenWrt CI.
The first is an upstream backport to fix this i386-related error:
x86_64-openwrt-linux-musl-gcc -mcmodel=large -I./purgatory/include
-I./purgatory/arch/x86_64/include -I./util_lib/include -I./include -Iinclude
-I/builder/shared-workdir/build/sdk/staging_dir/toolchain-x86_64_gcc-13.3.0_musl/lib/gcc/x86_64-openwrt-linux-musl/13.3.0/include
-c -MD -o purgatory/arch/i386/entry32-16.o purgatory/arch/i386/entry32-16.S
purgatory/arch/i386/entry32-16.S: Assembler messages:
purgatory/arch/i386/entry32-16.S:23: Error: 64bit mode not supported on `i386'.
The second addresses an error using basename() on musl libc:
kexec/arch/i386/x86-linux-setup.c: In function 'add_edd_entry':
kexec/arch/i386/x86-linux-setup.c:332:20: warning: implicit declaration of function 'basename' [-Wimplicit-function-declaration]
332 | if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) {
| ^~~~~~~~
kexec/arch/i386/x86-linux-setup.c:332:20: warning: passing argument 1 of 'sscanf' makes pointer from integer without a cast [-Wint-conversion]
332 | if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) {
| ^~~~~~~~~~~~~~~~~~~~
| |
| int
...
Fixes: #14621
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
This reverts commit 17d8c5825e.
This commit is breaking init somehow, even the hostname is not set,
so until its fixed, revert it.
Signed-off-by: Robert Marko <robimarko@gmail.com>
When running unit tests this causes trouble since `/lib/config/uci.sh`
isn't available in those cases. Instead exit with a clean status fo the
unit test framework don't wrongly interpret things as an error.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The gpio is actually low active, fix it.
Fixes: 40e7fab9e4 ("mediatek: add Nokia EA0326GMP support")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15651
Signed-off-by: Robert Marko <robimarko@gmail.com>
containing fixes around tar and internal checksums.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Link: https://github.com/openwrt/openwrt/pull/15646
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Commit ae8bf1a26e ("imx: add imx8m support") configured the
drm-imx-ldb kmod for imx_cortexa9 and imx_cortexa7 however it is only
applicable to imx_cortexa9 (imx6).
Fix this so that we can avoid a missing module config for cortexa7 when
moving to the 6.6 kernel.
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Hardware specification:
SoC: MediaTek MT7981B 2x A53
Flash: 128 MB SPI-NAND
RAM: 256MB
Ethernet: 4x 10/100/1000 Mbps
Switch: MediaTek MT7531AE
WiFi: MediaTek MT7976C
Button: Reset, WPS/Mesh
Power: DC 12V 1A
Gain SSH access:
1. Login into web interface, and download the configuration.
2. Download the configration utilities:
https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7981-nokia-ea0326gmp-config-utils.tar.gz
These binaries are extraced from the factory firmware, which are
dynamically linked with aarch64 musl 1.1.24. To use them, you
must run them under the same runtime environment, otherwise the
binaries will not work properly!
3. Upload the configuration and utilities to a suitable environment.
4. Uncompress the utilities, move them to '/bin' and give them executable permisison:
tar -zxf openwrt-mediatek-mt7981-nokia-ea0326gmp-config-utils.tar.gz
mv mkconfig seama /bin
chmod +x /bin/mkconfig
chmod +x /bin/seama
5. Decrypt and uncompress the configuration:
Enter fakeroot if you are not login as root.
mkconfig -a de-enca -m EA0326GMP_3FE79221BAAA -i EA0326GMP_3FE79221BAAA-xxxxxxxx-backup.tar.gz -o backup.tar.gz
tar -zxf backup.tar.gz
6. Edit 'etc/config/dropbear', set 'enable' to '1'.
7. Edit 'etc/passwd', remove root password: 'root::1:0:99999:7:::'.
8. Repack the configuration:
tar -zcf backup.tar.gz etc/
mkconfig -a enca -m EA0326GMP_3FE79221BAAA -i backup.tar.gz -o EA0326GMP_3FE79221BAAA-xxxxxxxx-backup.tar.gz
9. Upload new configuration via web interface, now you can SSH to EA0326GMP.
A minimum configuration which enabled SSH access is also provided
to simplify the process:
https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7981-nokia-ea0326gmp-enable-ssh.tar.gz
Flash instructions:
1. SSH to EA0326GMP, backup everything, especially 'Factory' part.
2. Write new BL2:
mtd write openwrt-mediatek-filogic-nokia_ea0326gmp-preloader.bin BL2
3. Write new FIP:
mtd write openwrt-mediatek-filogic-nokia_ea0326gmp-bl31-uboot.fip FIP
4. Set static IP on your PC:
IP 192.168.1.254/24, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, perform sysupgrade.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Dont allow x2 read and cache read operations on FM35Q1GA as they seem
to be unstable. Also the Linux drivers does not allow x2 ops.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Import pending patches to set pinconf settings for SPI-NAND pins on
MT7622 identical to what the old proprietary preloader did.
Should further increase the reliability of some SNFI-attached SPI-NAND
flash chips.
Link: https://github.com/mtk-openwrt/arm-trusted-firmware/pull/7
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Update ARM TrustedFirmware-A to the most recent release of
MediaTek downstream patched version released 2024-01-17.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Enable trx feature of mtd command to fixup trx length and crc32 while
booting for some Buffalo devices.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Use the same Yafut code revision for both updating devices with NAND
flash and preparing firmware images for devices with NOR flash.
Signed-off-by: Michał Kępień <openwrt@kempniu.pl>
Link: https://github.com/openwrt/openwrt/pull/13453
Signed-off-by: Robert Marko <robimarko@gmail.com>
There are too many RTC drivers in other.mk, they deserve their
own menu and .mk-file, so let's break them out to a separate
entity.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
U-Boot 2024.04 for tegra needs swig installed on the host, this
dependency is only checked if UBOOT_USE_INTREE_DTC is set. add the
missing definition.
Fixes: 6832faf340 ("uboot-tegra: bump version to 2024.04")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Split the kmod-video-dma into kmod-video-dma-sg and
kmod-video-dma-contig. The old one contained two kmods, but sometimes
only one of them is build which caused problems. The configuration
options are not manually selectable in the kernel and hidden in OpenWrt.
Currently this causes build failures on some targets.
Fixes: 4d7cbe0a55 ("kernel: video-dma: explicitly state packaged modules")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Dual-slot NAS based on Marvell Kirkwood.
Specifications:
- Marvell 88F6702 @1GHz
- 256Mb RAM
- 128Mb NAND
- 1x GbE LAN (Marvell 88E1318R)
- 1x USB 2.0
- 2x SATA
- Weltrend WT69P3 ("supervisor" MCU chip)
- Serial on J2 (115200,8n1)
- Newer bootROM so kwboot-ing via serial is possible
Notes:
- The Weltrend MCU is controlled by the package added in utils/dns320l-mcu.
- The original MAC address is stored in the "mini firmware" image's first
17 bytes.
- Compared to the original MTD layout, the uImage+rootfs are now stored in
a common ubi partition.
Installation:
1. Serial console
- Connect your levelshifter to the serial console
on J2 (refer to the wiki page for pinout)
2. Update u-boot
- Download the u-boot.kwb image for the device
- Powercycle the NAS
- Run "kwboot -b u-boot-dns320l/u-boot.kwb /dev/ttyUSB0 -p"
- Connect to the serial console with minicom
- tftp 0x0800000 u-boot-dns320l/u-boot.kwb
(Please note that "PHY reset timed out" seems to be customary
on kirkwood devices, the egiga0 interface works regardless.)
- nand erase 0x0 100000
- nand write 0x0800000 0x0 0x100000
- reset
3. Install OpenWrt
- Boot up the initramfs image
- tftpboot 0x800000 openwrt-kirkwood-generic-dlink_dns320l-initramfs-uImage; bootm 0x800000
- Download the sysupgrade image and perform sysupgrade
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Reviewed-by: Pawel Dembicki <paweldembicki@gmail.com>
Because wildcard in variable stating packaged modules, the filtering for
built-in kernel modules didn't work and would cause a packaging failure.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
ply is a light-weight dynamic tracer for Linux that leverages the kernel's
BPF VM in concert with kprobes/tracepoints to attach probes to arbitrary
points in the kernel.
Most tracers that generate BPF bytecode are based on the LLVM-based BCC
toolchain; ply on the other hand has no external dependencies outside libc,
making it suitable for use on constrained embedded systems.
Currently ply supports x86_64, aarch64, arm, riscv64, riscv32, powerpc,
mips(el), and mips64(el) architectures.
Further documentation, examples and implementation details may be found at:
https://github.com/iovisor/ply.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
At least kmod-fb-tft depends on CONFIG_FB_DEVICE and can not be
activated without it.
This configuration option was added with kernel 6.6, before this featre
was always activated.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Support for iptables action has been dropped. Remove tc-mod-iptables and related
patch (175-reduce-dynamic-syms.patch).
We also add the missing libbpf dependency for `ss` since iproute 8740ca9
("ss: add support for BPF socket-local storage") now means that `ss` requires
libbpf as well.
Fix 170-ip_tiny.patch, as the help text didn't match all the included functions.
Drop upstreamed patches 402-bpf-fix-warning-from-basename.patch
and 403-bpf-include-libgen.h-for-basename.patch.
All other patches automatically rebased.
Co-authored-by: Rany Hany <rany_hany@riseup.net>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Upstream patches:
401-bridge-vlan.c-bridge-vlan.c-fix-build-with-gcc-14-on.patch
402-bpf-fix-warning-from-basename.patch
403-bpf-include-libgen.h-for-basename.patch
The patch (400-rdma-include-libgen.h-for-basename.patch) was not
submitted upstream but just adds a missing include for basename.
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Without this patch, GCC 14 incorrectly complains about the following error:
In file included from /home/user/workspace/mbedtls/library/ctr_drbg.c:13:
In function ‘mbedtls_xor’,
inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:17: error: array subscript 48 is outside array bounds of ‘unsigned char[48]’ [-Werror=array-bounds=]
235 | r[i] = a[i] ^ b[i];
| ~^~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:335:19: note: at offset 48 into object ‘tmp’ of size 48
335 | unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
| ^~~
In function ‘mbedtls_xor’,
inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:24: error: array subscript 48 is outside array bounds of ‘const unsigned char[48]’ [-Werror=array-bounds=]
235 | r[i] = a[i] ^ b[i];
| ~^~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:333:57: note: at offset 48 into object ‘data’ of size [0, 48]
333 | const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN])
| ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘mbedtls_xor’,
inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:14: error: array subscript 48 is outside array bounds of ‘unsigned char[48]’ [-Werror=array-bounds=]
235 | r[i] = a[i] ^ b[i];
| ~~~~~^~~~~~~~~~~~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:335:19: note: at offset 48 into object ‘tmp’ of size 48
335 | unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
| ^~~
This change adds a basic check to silence the warning until a solution is worked on upstream.
As this check is already used by another compiler, it shouldn't cause any issues for us.
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Remove 100-musl_fix.patch, which is no longer needed
and causes a build error with gcc-14.
Fixes:
useful_functions.c:63:41: error: passing argument 1 of 'ether_ntoa' from incompatible pointer type [-Wincompatible-pointer-types]
63 | printf("%s", ether_ntoa((struct ether_addr *) mac));
| ^~~~~~~~~~~~~~~~~~~~~~~~~
| |
| struct ether_addr *
In file included from include/ebtables_u.h:28,
from useful_functions.c:25:
/Volumes/wrt3200/openwrt/staging_dir/toolchain-arm_cortex-a9+vfpv3-d16_gcc-14.1.0_musl_eabi/include/netinet/ether.h:10:19: note: expected 'const struct ether_addr *' but argument is of type 'struct ether_addr *'
10 | char *ether_ntoa (const struct ether_addr *);
| ^~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15576
Signed-off-by: Robert Marko <robimarko@gmail.com>
Dell/SonicWall APL26-0AE (marketed as SonicPoint ACe) is a dual band
wireless access point. End of life as of 2022-07-31.
Specification
SoC: QualcommAtheros QCA9550
RAM: 256 MB DDR2
Flash: 32 MB SPI NOR
WIFI: 2.4 GHz 3T3R integrated
5 GHz 3T3R QCA9890 oversized Mini PCIe card
Ethernet: 2x 10/100/1000 Mbps QCA8334
port labeled lan1 is PoE capable (802.3at)
USB: 1x 2.0
LEDs: LEDs: 6x which 5 are GPIO controlled and two of them are dual color
Buttons: 2x GPIO controlled
Serial: RJ-45 port, SonicWall pinout
baud: 115200, parity: none, flow control: none
Before flashing, be sure to have a copy of factory firmware, in case You
wish to revert to original firmware.
All described procedures were done in following environment:
ROM Version: SonicROM (U-Boot) 8.0.0.0-11o
SafeMode Firmware Version: SonicOS 8.0.0.0-14o
Firmware Version: SonicOS 9.0.1.0
In case of other versions, following installation instructions might be
ineffective.
Installation
1. Prepare TFTP server with OpenWrt sysupgrade image and rename that
image to "sp_fw.bin".
2. Connect to one of LAN ports.
3. Connect to serial port.
4. Hold the reset button (small through hole on side of the unit),
power on the device and when prompted to stop autoboot, hit any key.
The held button can now be released.
5. Alter U-Boot environment with following commands:
setenv bootcmd bootm 0x9F110000
saveenv
6. Adjust "ipaddr" (access point, default is 192.168.1.1) and "serverip"
(TFTP server, default is 192.168.1.10) addresses in U-Boot
environment, then run following commands:
tftp 0x80060000 sp_fw.bin
erase 0x9F110000 +0x1EF0000
cp.b 0x80060000 0x9F110000 $filesize
7. After successful flashing, execute:
boot
8. The access point will boot to OpenWrt. Wait few minutes, until the
wrench LED will stop blinking, then it's ready for configuration.
Known issues
Initramfs image can't be bigger than specified kernel size, otherwise
bootloader will throw LZMA decompressing error. Switching to lzma-loader
should workaround that.
This device has Winbond 25Q256FVFG and doesn't have reliable reset, which
causes hang on reboot, thus broken-flash-reset needs to be added. This
property addition causes dispaly of "scary" warning on each boot, take
this warnig into consideration.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
This commit adds a new mlxreg package, which allows access
to Mellanox programmable device register space through sysfs
interface for thermal control and hardware management.
It also adds required Mellanox I²C drivers and packages
for the "special" MSN4800 series and SN2201 platform.
Signed-off-by: Til Kaiser <mail@tk154.de>
Add support for ELECOM WRC-X1800GS on uboot-envtools, to update
bootmenu_delay variable on sysupgrade.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Common specifications:
* Mediatek MT7988A (4x Cortex-A73, up to 1.8 GHz clock speed)
* 8 GiB eMMC
* 2 GiB DDR4 RAM
* 1x 10000M/1000M/100M + 3x 1000M/100M/10M LAN ports
* MT7996 Tri-band (2.4G, 5G, 6G) 4T4R 802.11be Wi-Fi
* Airoha AG3352 GPS
* Renesas DA14531MOD Bluetooth
* 2 buttons (Reset, Mesh/WPS)
* uC-controlled RGB LED via I2C
* 2x LED for each 1G port, 3x LED for each 10G port
* USB 3.0 type A port
* 3.3V-level 115200 baud UART console via 4-pin Dupont connector
exposed at the bottom of the device
* USB-C PD power input
SDG-8733: 1x 10000M/1000M/100M WAN port
SDG-8734: 1x USXGMII/10GBase-R/5GBase-R/2500Base-X/1000Base-X/SGMII SFP+
Both models are also available in versions including 2x FXS POTS interfaces
for analog phones. Those interfaces are not supported by OpenWrt.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Basic changes to make linux-atm build without any issues with GCC 14.
Besides some errors caused by -Wpointer-sign, there was also an issue
with socklen_t not being used for getsockopt() and accept()
sometimes.
I also updated the Debian patch to include the latest changes from
version "1:2.5.1-5.1" in Debian Sid. This allowed me to drop
"600-fix-format-errors.patch" and "700-include_sockios.patch".
Signed-off-by: Rany Hany <rany_hany@riseup.net>