ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-21 22:47:56 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
58,228 Commits 9 Branches 75 Tags 909 MiB
5b4df9a27e
Commit Graph

58228 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
INAGAKI Hiroshi
5b4df9a27e mediatek: add support for Buffalo WSR-3200AX4S 
Buffalo WSR-3200AX4S is a 2.4/5 GHz band 11ax (Wi-Fi 6) router, based on
MT7622B.

Specification:

- SoC         : MediaTek MT7622B
- RAM         : DDR3 512 MiB
- Flash       : SPI-NAND 128 MiB (Winbond W25N01GVZEIG)
- WLAN        : 2.4/5 GHz 4T4R
  - 2.4 GHz   : MediaTek MT7622B (SoC)
  - 5 GHz     : MediaTek MT7915
- Ethernet    : 5x 10/100/1000 Mbps
  - Switch    : MediaTek MT7531
- LEDs/Keys   : 6x/5x (2x: buttons, 3x: slide-switches)
- UART        : through-hole on PCB (J4)
  - assignment: 3.3V, GND, TX, RX from tri-angle marking
  - settings  : 115200n8
- Power       : 12 VDC, 1.5 A

Flash instruction using factory.bin image:

1. Boot WSR-3200AX4S with "Router" mode
2. Access to "http://192.168.11.1/" and open firmware update page
   ("ファームウェア更新")
3. Select the OpenWrt factory.bin image and click update ("更新実行")
   button
4. Wait ~120 seconds to complete flashing

Note:

- This device has 2x OS images on flash. The first one will always be
  used for booting and the secondary is for backup.

- This support generates multiple factory*.bin image:

  - factory.bin      : for flashing from OEM WebUI
  - factory-uboot.bin: for flashing from U-Boot or clean installation
                       via sysupgrade (don't use for normal sysupgrade)

Known issues:

- Wi-Fi MAC addresses won't be applied to each adapter.

MAC Addresses:

LAN    : C4:3C:EA:xx:xx:60 (board_data, mac (text))
WAN    : C4:3C:EA:xx:xx:60 (board_data, mac (text))
2.4 GHz: C4:3C:EA:xx:xx:61
5 GHz  : C4:3C:EA:xx:xx:68

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit 7383eb266b)
 2024-02-27 17:42:30 +00:00
INAGAKI Hiroshi
65f9f3131e mediatek: separate dts/dtsi for Buffalo WSR series 
Separate dts/dtsi from the dts of Buffalo WSR-2533DHP2 to prepare adding
suppport for WSR-3200AX4S.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit 9f640cae75)
 2024-02-27 17:42:30 +00:00
INAGAKI Hiroshi
882d20e25b mediatek: merge trx helpers in image/mt7622.mk 
Merge similar helpers of trx image generation, "buffalo-kernel-trx" and
"trx-nand".

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit d0929006f2)
 2024-02-27 17:42:30 +00:00
INAGAKI Hiroshi
a26ea17294 mediatek: drop pwm7_pins from Buffalo WSR-2533DHP2 
MediaTek MT7622 doesn't support ch7 of PWM and pinctrl groups were dropped from
driver source[0]. So pwm7-related groups are unavailable now, then, kernel shows a
warning.

[    0.370264] mt7622-pinctrl 10211000.pinctrl: invalid group "pwm_ch7_2" for function "pwm"

Drop that pinmux from pinctrl node.

[0]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/pinctrl/mediatek/pinctrl-mt7622.c?id=57972641810a97566ffd13e4be3f6a66d61eb3b5

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit 4d9113017b)
 2024-02-27 17:42:30 +00:00
INAGAKI Hiroshi
9c793c44c9 mediatek: add label-mac-device for Buffalo WSR-2533DHP2 
Add label-mac-device with "&gmac0" phandle for Buffalo WSR-2533DHP2.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit 94606abf63)
 2024-02-27 17:42:30 +00:00
INAGAKI Hiroshi
7e47913ef6 mediatek: update NVMEM bindings for Buffalo WSR-2533DHP2 
Update NVMEM-related nodes and use newer binding for MAC addresses on
Buffalo WSR-2533DHP2.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit de62e01652)
 2024-02-27 17:42:30 +00:00
INAGAKI Hiroshi
04ec453970 mediatek: update LED/Key bindings for Buffalo WSR-2533DHP2 
Update LED and key nodes with newer DeviceTree bindings for WSR-2533DHP2.

- LED
  - use led-[0-9] for node name of LEDs
  - add "color" and "function" properties
  - drop default-state = "on" from green:power LED
    - this LED will be turned on by led-running alias

- key
  - drop unnecessary poll-interval property
  - use key-[0-9] for node name of keys

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit 6b8e7144c8)
 2024-02-27 17:42:30 +00:00
Łukasz M
91ef14a487 mediatek: mt7981: improve fan behaviour 
This doubles the number of cooling-levels.
In addition the fan is turned on with a low speed at lower temperatures
and with a higher speed at higher temperatures.
This also attempts to reduce the likelihood of constant start-stop actions.

The change only affects the GL.iNet MT3000 and has been tested with it.

Signed-off-by: Łukasz M <lukasz1992m@gmail.com>
(cherry picked from commit 5a603c7a31)
 2024-02-27 17:42:30 +00:00
David Bauer
78d493af22 generic l2tp: drop flow hash on forward 
Drop the flow-hash of the skb when forwarding to the L2TP netdev.

This avoids the L2TP qdisc from using the flow-hash from the outer
packet, which is identical for every flow within the tunnel.

This does not affect every platform but is specific for the ethernet
driver. It depends on the platform including L4 information in the
flow-hash.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 35a5e62da7)
 2024-02-27 12:46:06 +01:00
David Bauer
a2943e3795 generic vxlan: don't learn non-unicast L2 destinations 
This patch avoids learning non-unicast targets in the vxlan FDB. They
are non-unicast and thus should be sent to the broadcast-IPv6 instead of
a unicast address

Link: https://lore.kernel.org/netdev/15ee0cc7-9252-466b-8ce7-5225d605dde8@david-bauer.net/
Link: https://github.com/freifunk-gluon/gluon/issues/3191

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 0985262fd0)
 2024-02-27 12:46:06 +01:00
Robert Senderek
b30b1d3685 mediatek: filogic: Cudy WR3000 v1 wps button fix 
WPS button activation method is wrong .  It should be active low

Signed-off-by: Robert Senderek <robert.senderek@10g.pl>
(cherry picked from commit 611a9894b2)
 2024-02-27 12:46:06 +01:00
Chukun Pan
e94052bfee mac80211: ath11k: sync with upstream 
Synchronize the ath11k backports with upstream linux.
Most of them are changes in kernel 6.5, the rest are
fixes for the ath11k_pci. The most important one is
"Revert 'wifi: ath11k: Enable threaded NAPI'", which
fixes the problem that QCN9074 cannot be used after
restarting on the x86 platform.

[   23.462718] ath11k_pci 0000:02:00.0: failed to vdev 0 create peer for AP: -110
[   28.503020] ath11k_pci 0000:02:00.0: Timeout in receiving vdev delete response

Changes to ipq8074 coldboot part pick from commit
b33bfcf ("mac80211: ath11k: sync with ath-next").

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
 2024-02-26 21:35:29 +01:00
Hauke Mehrtens
48c81b80b2 wifi-scripts: Support HE Iftypes with multiple entries 
With mac80211_hwsim I have seen such entries in OpenWrt 22.03:
    HE Iftypes: managed, AP
The mac80211.sh script did not detect the entry and failed. Allow
arbitrary other entries before to fix this problem.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5df7a78e82)
 2024-02-22 22:18:42 +01:00
Oto Šťáva
60768064ce
build: add explicit --no-show-signature for git 
When `log.showSignature` is set, it causes the `SOURCE_DATE_EPOCH` to
include a textual signature description on OpenPGP-signed commits,
because Git prints the description into stdout. This then causes some
scripts to fail because they cannot parse the date from the variable.

Adding an explicit `--no-show-signature` prevents the signatures from
being displayed even when one has Git configured to show them by
default, fixing the scripts.

Signed-off-by: Oto Šťáva <oto.stava@gmail.com>
(cherry picked from commit 1e93208bd2)
 2024-02-20 20:58:41 +01:00
Bjørn Mork
79a7195087 realtek: fix Netgear GS110TPP OEM install 
Recent OEM firmware versions test the version number embedded in the uimage
"name" header field. The exact restricton is unknown, but "7.0.8.4" seems
to be the lowest number accepted on a GS110TPPv1 which already has that
version or higher.

A "9.9.9.9" version is accepted as valid by the GS110TPPv1 OEM firmware,
and considered both unique enough to identify an OpenWrt image and
moderately future proof against OEM version bumps.

This change is also boot tested on a GS108Tv3 with

 "BOOT Loader Version 1.0.0.2 (2018-08-31 17:05:26 UTC)"

to verify that it doesn't break boot on older hardware.

Link: https://forum.openwrt.org/t/72510/58
Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit 6da308f4de)
 2024-02-18 09:59:30 +01:00
Eneas U de Queiroz
31ae9728ff
hostapd: fix FILS AKM selection with EAP-192 
Fix netifd hostapd.sh selection of FILS-SHA384 algorithm with eap-192.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 472312f83f)
 2024-02-17 11:41:01 -03:00
Christian Marangi
eda5930d43 generic: 5.15: backport upstream Aquantia PHY firmware loader patches 
Backport merged upstream patch that adds support for firmware loader
from NVMEM or attached filesystem for Aquantia PHYs.

Refresh all kernel patches affected by this change.

Also update the path for aquantia .ko that got moved to dedicated
directory upstream.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
[rmilecki: port to 5.15]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1b3259eb5c)
 2024-02-13 05:41:32 +01:00
Rafał Miłecki
277d97e0d9 kernel: 5.15: update Aquantia PHY driver to v6.1 code 
Backport few upstream changes included between v5.15 and v6.1.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 418aadaec9)
 2024-02-13 05:41:32 +01:00
David Bauer
c90901f088 mediatek: fix failsafe ethernet for NWA50AX Pro 
The NWA50AX Pro only has a eth0 interface for its only ethernet port.
Use this port for preinit.

Fixes non-working network in failsafe mode.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit b589434a0b)
 2024-02-11 14:45:17 +01:00
John Audia
1c28058710 kernel: bump 5.15 to 5.15.148 
Changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.148

Removed upstreamed:
	generic/hack-5.15/321-powerpc_crtsavres_prereq.patch[1]

Manually rebased:
	target/linux/octeontx/patches-5.15/0004-PCI-add-quirk-for-Gateworks-PLX-PEX860x-switch-with-.patch[2]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.148&id=0b11a145eb00d51f7ef18cfcae587b93f9adb1e9
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?h=v5.15.148&id=b67064bd372300a75293efbbc70624996dccffd4

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 99c9d8abd6)
[Refresh on OpenWrt 23.05]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2024-02-10 20:19:28 +01:00
Christian Marangi
fbe86d0e91
linux: add dtb makefile target to targets list 
Add dtb makefile target to targets list to permit correct working of

make target/linux/dtb

Fixes: c47532b1ea ("kernel-buildOnmk: add support for compiling only DTS")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit c4910e9cb3)
 2024-02-10 13:29:43 +01:00
Christian Marangi
183c0d530d
kernel-build.mk: add support for compiling only DTS 
Add support for compiling DTS for the selected target. This can be
useful for testing if the DTS correctly compile and doesn't produce any
error.

This adds a new make target. To compile only DTS use:

make target/linux/dtb

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit c47532b1ea)
 2024-02-10 13:29:27 +01:00
Hauke Mehrtens
80c8d65933 toolchain: glibc: Update glibc 2.37 to recent HEAD 
512e30fd56 Revert "elf: Remove unused l_text_end field from struct link_map"
55d3dfadf8 Revert "elf: Always call destructors in reverse constructor order (bug 30785)"
8e20aedfd7 Revert "elf: Move l_init_called_next to old place of l_text_end in link map"
5014fb12f4 elf: Fix wrong break removal from 8ee878592c
874d418697 elf: Fix TLS modid reuse generation assignment (BZ 29039)
8bd00f5b6d x86-64: Fix the dtv field load for x32 [BZ #31184]
d052665f35 x86-64: Fix the tcb field load for x32 [BZ #31185]
0ca9ba3a9e NEWS: Mention bug fixes for 29039/30745/30843
9b90e763db getaddrinfo: translate ENOMEM to EAI_MEMORY (bug 31163)
bd9f194c34 libio: Check remaining buffer size in _IO_wdo_write (bug 31183)
8b8a3f0aaf sunrpc: Fix netname build with older gcc
97a4292aa4 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246)
67062eccd9 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779)
2b58cba076 syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780)
1d8bb622df i386: Use pthread_barrier for synchronization on tst-bz21269
32450f6e8d sysdeps: tst-bz21269: fix test parameter
f7e97cea20 sysdeps: tst-bz21269: handle ENOSYS & skip appropriately
d97929eadc sysdeps: tst-bz21269: fix -Wreturn-type
5bbe7e0da5 x86_64: Optimize ffsll function code size.
98ec3e004e sparc: Fix broken memset for sparc32 [BZ #31068]
2ce7abef67 sparc64: Remove unwind information from signal return stubs [BZ#31244]
18da90677c sparc: Fix sparc64 memmove length comparison (BZ 31266)
8b849f70b3 sparc: Remove unwind information from signal return stubs [BZ #31244]
eee7525d35 arm: Remove wrong ldr from _dl_start_user (BZ 31339)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 2ef5714277)
 2024-02-10 12:53:42 +01:00
Hauke Mehrtens
633eb115b5 firmware-utils: Fix PKG_MIRROR_HASH 
This fixes the PKG_MIRROR_HASH.

Fixes: 5eb578a4fb ("firmware-utils: bump to latest openwrt-23.05")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2024-02-10 12:44:08 +01:00
Felix Fietkau
b79583c975 wifi-scripts: fix fullmac phy detection 
Checking for AP_VLAN misdetects ath10k-ath12k as fullmac, because of software
crypto limitations. Check for monitor mode support instead, which is more
reliable.

Fixes: https://github.com/openwrt/openwrt/issues/14575
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 2b4941a6f1)
 2024-02-09 12:20:48 +01:00
Rafał Miłecki
9e41117953 ipq40xx: fix PHY subsystem compilation (phy_interface_num_ports()) 
Fixes:
drivers/net/phy/phy-core.c: In function 'phy_interface_num_ports':
drivers/net/phy/phy-core.c:107:9: error: enumeration value 'PHY_INTERFACE_MODE_PSGMII' not handled in switch [-Werror=switch]
  107 |         switch (interface) {
      |         ^~~~~~

Fixes: 8a7f667fb5 ("kernel: 5.15: backport v6.1 PHY changes required for Aquantia")
Fixes: https://github.com/openwrt/openwrt/issues/14560
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
 2024-02-07 09:19:30 +01:00
Yuu Toriyama
c51d49ba39 wireless-regdb: update to 2024.01.23 
The maintainer and repository of wireless-regdb has changed.
    https://lore.kernel.org/all/CAGb2v657baNMPKU3QADijx7hZa=GUcSv2LEDdn6N=QQaFX8r-g@mail.gmail.com/

Changes:
    37dcea0 wireless-regdb: Update keys and maintainer information
    9e0aee6 wireless-regdb: Makefile: Reproducible signatures
    8c784a1 wireless-regdb: Update regulatory rules for China (CN)
    149c709 wireless-regdb: Update regulatory rules for Japan (JP) for December 2023
    bd69898 wireless-regdb: Update regulatory rules for Singapore (SG) for September 2023
    d695bf2 wireless-regdb: Update and disable 5470-5730MHz band according to TPC requirement for Singapore (SG)
    4541300 wireless-regdb: update regulatory database based on preceding changes

Signed-off-by: Yuu Toriyama <PascalCoffeeLake@gmail.com>
(cherry picked from commit b463737826)
 2024-02-04 19:18:17 +01:00
Ivan Pavlov
aa762ada80 openssl: update to 3.0.13 
Major changes between OpenSSL 3.0.12 and OpenSSL 3.0.13 [30 Jan 2024]

  * Fixed PKCS12 Decoding crashes
    ([CVE-2024-0727])
  * Fixed Excessive time spent checking invalid RSA public keys
    ([CVE-2023-6237])
  * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
    CPUs which support PowerISA 2.07
    ([CVE-2023-6129])
  * Fix excessive time spent in DH check / generation with large Q parameter
    value ([CVE-2023-5678])

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit 44cd90c49a)
 2024-02-04 19:18:17 +01:00
Chad Monroe
9ee626f945 ucode: add libjson-c/host dependency 
ensure host libjson-c is built prior to ucode

Signed-off-by: Chad Monroe <chad@monroe.io>
(cherry picked from commit 5a3f6c50ef)
 2024-02-04 19:18:17 +01:00
Stijn Segers
3a23eed4dc realtek: fix zyxel-vers usage for XGS1250-12 
Commit daefc646e6 ("realtek: fix ZyXEL initramfs image generation")
fixed a shell expansion issue with zyxel-vers usage. Commit 045baca10b
("realtek: deduplicate GS1900 recipes") took care of this for the
rtl838x and rtl839x subtargets, but the single device officially
supported in rtl930x - the XGS1250-12 - was overlooked. This commit
updates the XGS1250-12 build recipe as well.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
(cherry picked from commit 557db5106c)
 2024-02-04 13:34:57 +01:00
Álvaro Fernández Rojas
be7d9da7be bcm27xx: base-files: fix platform_copy_config 
Only bcm2708 and bcm2709 use "kernel.img" file name.
bcm2710 and bcm2711 use "kernel8.img" and bcm2712 uses "kernel_2712.img".

(cherry picked from commit 1a5e51ab00)
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
 2024-02-01 10:48:58 +01:00
Álvaro Fernández Rojas
9a869950c1 bcm27xx: improve image generation script 
- Exit immediately on a non-zero status.
- Remove empty lines.
- Remove unused variables.
- Add missing ptgen variables for readability.
- Refactor SYNTAX if block.

(cherry picked from commit 96b03ff247)
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
 2024-02-01 10:48:27 +01:00
Álvaro Fernández Rojas
c82ca6dc74 bcm27xx: base-files: properly detect boot partition 
Automatically detect boot partition instead of forcing /dev/mmcblk0p1.
This way users can still get /boot mounted when booting from USB.

(cherry picked from commit a391760102)
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
 2024-02-01 10:48:04 +01:00
Rafał Miłecki
8a7f667fb5 kernel: 5.15: backport v6.1 PHY changes required for Aquantia 
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 2df8a0ccb0)
 2024-01-31 11:57:41 +01:00
Rosen Penev
6d962cabba kernel: backport ethtool_puts 
Will be used for conversions in later commits and is a requirement for
PHY backports.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[rmilecki: update commit message for 23.05]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 511c7ff032)
 2024-01-31 11:57:41 +01:00
Sander Vanheule
5eb578a4fb firmware-utils: bump to latest openwrt-23.05 
This version bump contains two patches improving compatibility with
recent vendor firmware versions:
    - c46b4b4ad7e7 tplink-safeloader: bump EAP225-V3 compat_level
    - b6a7e813b61c tplink-safeloader: bump EAP225-Outdoor v1 compat

Signed-off-by: Sander Vanheule <sander@svanheule.net>
 2024-01-31 09:21:06 +01:00
Lech Perczak
e302172258 ath79: add Ubiquiti Rocket M XW as alternate name to Bullet M XW 
Ubiquiti Rocket M XW is a single-band, 2x2:2 external Wi-Fi AP, with optional
GPS receiver, with two external RP-SMA antenna connections, based on
AR9342 SoC. Two band variants exists, for 2.4GHz and 5GHz band, usable
with the same image.

Specs:
- CPU: Atheros AR9342 MIPS SoC at 535MHz
- RAM: 64MB DDR400
- ROM: 8MB SPI-NOR in SO16W package, MX25L6408E
- Wi-Fi Atheros AR9342 built-in 2x2:2 radio
- Ethernet: Atheros AR8035 PHY, limited to 100Mbps speeds due to
  magnetics
- Power: 24V passive PoE input.

Installation: please refer to Ubiquiti Bullet M2HP for documentation.

The device runs with exactly same image as the Bullet, and after fixes
in preceding commit, is fully functional again. Add the alternative name
to the build system.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit 54387fddea)
 2024-01-30 15:39:28 +01:00
Lech Perczak
e5af19e955 ath79: ubnt-bullet-m-xw: fix Ethernet PHY traffic 
Since commit 6f2e1b7485 ("ath79: disable delays on AT803X config init")
Ubiquiti XW boards equipped with AR8035 PHY suffered from lack of
outbound traffic on the Ethernet port. This was caused by the fact, the
U-boot has set this during boot and it wasn't reset by the PHY driver,
and the corresponding setting in device tree was wrong.

Set the 'phy-mode = "rgmii-txid"' at the &eth0, and drop this property
from PHY node, as it is not parsed there. This causes the device to
connect using Ethernet once again.

Fixes: db4b6535f8 ("ath79: Add support for Ubiquity Bullet M (XW)")
Fixes: 6f2e1b7485 ("ath79: disable delays on AT803X config init")
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit a9b2ba4d7b)
 2024-01-30 15:39:28 +01:00
Lech Perczak
58c9308400 ath79: ubnt,bullet-m-xw: set PHY max-speed to 100Mbps 
Onboard AR8035 PHY supports 1000Base-T operation, but onboard
Ethernet magnetics do not. Reduce advertised link speeds to 100Mbps and
lower.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit d406777fb1)
 2024-01-30 15:39:28 +01:00
orangepizza
b5c728948c
mbedtls: security bump to version 2.28.7 
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for following security issues:

* Timing side channel in private key RSA operations (CVE-2024-23170)

  Mbed TLS is vulnerable to a timing side channel in private key RSA
  operations. This side channel could be sufficient for an attacker to
  recover the plaintext. A local attacker or a remote attacker who is
  close to the victim on the network might have precise enough timing
  measurements to exploit this. It requires the attacker to send a large
  number of messages for decryption.

* Buffer overflow in mbedtls_x509_set_extension() (CVE-2024-23775)

  When writing x509 extensions we failed to validate inputs passed in to
  mbedtls_x509_set_extension(), which could result in an integer overflow,
  causing a zero-length buffer to be allocated to hold the extension. The
  extension would then be copied into the buffer, causing a heap buffer
  overflow.

Fixes: CVE-2024-23170, CVE-2024-23775
References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-1/
References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/
Signed-off-by: orangepizza <tjtncks@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [formal fixes]
(cherry picked from commit 920414ca88)
 2024-01-29 09:41:19 +00:00
Petr Štetiar
b0f3fd550b
ipq807x: prpl-haze: fix sysupgrade flashing from bootloader 
While flashing sysupgrade image from U-Boot, then the rootfs_data
overlay filesystem formatting is left for the fstools during firstboot,
but that wont work as mkfs.f2fs is missing in the sysupgrade image:

 mount_root: overlay filesystem in /dev/loop0 has not been formatted yet
 mount_root: no usable overlay filesystem found, using tmpfs overlay
 sh: mkfs.f2fs: not found

 Filesystem                Size      Used Available Use% Mounted on
 /dev/loop0              139.6M     46.9M     92.6M  34% /overlay

 Number  Start (sector)    End (sector)  Size       Code  Name
  20           98850          406349   150.1 MiB   FFFF  rootfs

So lets fix it by adding f2fs support to the sysupgrade image.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit ba415af570)
 2024-01-29 09:38:17 +00:00
Rafał Miłecki
1ca61b7b37 uhttpd: handle reload after uhttpd-mod-ubus installation using postinst 
Use postinst script to reload service instead of uci-defaults hack. It's
possible thanks to recent base-files change that executes postinst after
uci-defaults.

This fixes support for uhttpd customizations. It's possible (again) to
adjust uhttpd config with custom uci-defaults before it gets started.

Cc: Hauke Mehrtens <hauke@hauke-m.de>
Fixes: d25d281fd6 ("uhttpd: Reload config after uhttpd-mod-ubus was added")
Ref: b799dd3c70 ("base-files: execute package's "postinst" after executing uci-defaults")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1f11a4e283)
 2024-01-27 10:36:43 +01:00
Rafał Miłecki
6b7c4739c4 base-files: execute package's "postinst" after executing uci-defaults 
Allow "postinst" scripts to perform extra actions after applying all
kind of fixups implemented using uci-defaults.

This is needed e.g. by uhttpd-mod-ubus which after installation in a
running systems needs to:
1. Update uhttpd config using its uci-defaults script
2. Reload uhttpd

While this approach makes sense there is a risk it'll blow up some
corner case postinst usages. There is only 1 way to find out.

Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b799dd3c70)
 2024-01-27 10:36:43 +01:00
Álvaro Fernández Rojas
1da896f706 bcm27xx-gpu-fw: update to latest version 
raspberrypi/firmware is about 40G, so getting the full history log isn't an
option.
There have been multiple improvements and also support for the RPi 5 has been
added.

(cherry picked from commit e8f5581701)
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
 2024-01-26 12:13:36 +01:00
Marty Jones
e05659ef59 bcm27xx-userland: update to latest version 
This is the last update for bcm27xx-userland as it has been
deprecated but funcional up to raspberry pi 5.

96a7334 README: Update to make it clear that most code in this repo is deprecated
3c97f76 userland: dtoverlay: /boot/firmware is a valid path
153a235 Assorted clang static analysis fixes
eca070c bcm_host: Update kms/fkms check for pi5
06a7618 dtoverlay: Support bcm2712 as a platform
0489c07 dtoverlay: Add dtoverlay_first/next_subnode
a1c7f81 dtoverlay: Support literal assignments of path strings
44a3953 raspivid: Also flush PTS file if flush is enabled
cc1ca18 userland: dtoverlay: Use os_prefix if set
9d5250f libfdt: Add null-ptr check for prop-data to resolve clang --analyzer warning
50527c6 mmal: Only include Videocore components if not running on Videocore
df245ea tvservice: Update unsupported message to recommend kmsprint
de0cfe8 dtoverlay: Fix clang warnings
0182f05 dtoverlay: Fix various compiler warnings
2a6306b dtoverlay: Fix path rebasing and exports
d1e92d7 dtoverlay: Add support for string escape sequences
b1ee39e gencmd: Add a fallback to mailbox interface if vchiq is not available
54fd97a hello_pi: Fix some build issues

Signed-off-by: Marty Jones <mj8263788@gmail.com>
(cherry picked from commit 3df664101a)
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
 2024-01-26 12:13:35 +01:00
Yangyu Chen
5a4389f6ab bcm27xx: 5.15: turn on cpu erratum for A72 and disable A53 
The original configuration might be copied from bcm2710 which uses
cortex A53 rather than A72 in BCM2711, without errata might be harmful
to system stability and security.

Signed-off-by: Yangyu Chen <cyy@cyyself.name>
(cherry picked from commit d549809c05)
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
 2024-01-26 12:13:35 +01:00
Álvaro Fernández Rojas
ac97ea1079 bcm27xx: config: update documentation links 
The documentation links have changed and are no longer valid.

(cherry picked from commit 189838517e)
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
 2024-01-26 12:13:35 +01:00
Lech Perczak
c55aaa7c9a ath79: generic: disable SPI-NOR write protect unconditionally 
Kernel 5.15 introduced a significant change to spi-nor subsystem [1],
which would the SPI-NOR core to no longer unprotect the Flash chips if
their protection bits are non-volatile, which is the case for MX25L6405D
and MX25L12805D, used in Ubiquiti XW and WA lines of devices [2].

However, their bootloader forcibly enables this protection before
continuing to boot, making the kernel not unprotect the flash upon boot,
causing JFFS2 to be unable write to the filesystem. Because sysupgrade
seems to unlock the flash explicitly, the upgrade will work, but the
system will be unable to save configrationm showing the following symptom
in the kernel log:

[   86.168016] jffs2_scan_eraseblock(): End of filesystem marker found at 0x0
[   86.192344] jffs2_build_filesystem(): unlocking the mtd device...
[   86.192443] done.
[   86.200669] jffs2_build_filesystem(): erasing all blocks after the end marker...
[   86.220646] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001e0000
[   86.292388] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001d0000
[   86.324867] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001c0000
[   86.355316] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001b0000
[   86.402855] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001a0000

Disable the write protection unconditionally for ath79/generic subtarget,
so the XW and WA devices can function again. However, this is only a
stopgap solution - it probably should be investigated if there is a way
to selectively unlock the area used by rootfs_data - but given the lock
granularity, this seems unlikely.

With this patch in place, rootfs_data partition on my Nanostation Loco
M5 XW is writable again.

Fixes: #12882
Fixes: #13750
Fixes: 579703f38c ("ath79: switch to 5.15 as default kernel")
Link: http://www.infradead.org/pipermail/linux-mtd/2020-October/082805.html
Link: https://forum.openwrt.org/t/powerbeam-m5-xw-configuration-loss-after-reboot/141925
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>

(cherry picked from commit f024f4b1b0)
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
 2024-01-25 19:16:15 +01:00
Michel Thill
72421d973e realtek: d-link dgs-1210-10p improve sfp support 
The current dts file of dgs-1210-10p doesn't support link states
for the sfp ports (they are always up).
This patch tries to give better support for this and was run tested
on dgs-1210-10p.
It was already commited to the main branch.

Signed-off-by: Michel Thill <jmthill@gmail.com>
(cherry picked from commit 135e107620)
 2024-01-24 17:53:41 +01:00
Jo-Philipp Wich
78beef6aee jsonfilter: update to Git HEAD (2024-01-23) 
013b75ab0598 jsonfilter: drop legacy json-c support
594cfa86469c main: fix spurious premature parse aborts in array mode

Fixes: https://bugs.openwrt.org/?task_id=3683
Fixes: https://github.com/openwrt/openwrt/issues/8703
Fixes: https://github.com/openwrt/openwrt/issues/11649
Fixes: https://github.com/openwrt/openwrt/issues/12344
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 33f15dd6d4)
 2024-01-23 09:09:45 +01:00