Commit Graph

22188 Commits

Author SHA1 Message Date
George Witt
9b33645566 ipq807x: add support for TP-Link EAP660 HD v1
Specifications:
* SoC: Qualcomm IPQ8072A (64-bit Quad-core Arm Cortex-A53 @ 2200MHz)
* Memory: 2x ESMT M15T4G16256A-DEBG2G (1 GiB DDR3-1866 13-13-13)
* Serial Port: 3v3 TTL 115200n8
* Wi-Fi: QCN5054 (4x4 5 GHz 802.11ax)
* Wi-Fi: QCN5024 (4x4 2.4 GHz 802.11b/g/n/ax)
* Ethernet: QCA8081 (10/100/1000/2.5GBASE-T)
* Flash: Winbond W29N01HZSINF (128 MiB)
* LEDs: 1x Blue Status (GPIO 42 Active High)
* Buttons: 1x Reset (GPIO 50 Active Low)

Installation Instructions (Serial+TFTP):
1. Solder 4 pin header to JP1 and bridge pads of R58 and R62.
2. Connect 3V3 TTL port to TX, RX, and GND, which are positions 1, 2,
   and 3 respectively. Be sure to crossover TX and RX.
3. Copy RAM firmware image
   openwrt-qualcommax-ipq807x-tplink_eap660hd-v1-initramfs-uImage.itb
   to TFTP server root, available at 192.168.10.1.
4. Connect PoE ethernet cable to the RJ45 port and hold Ctrl+B in the
   serial console (115200 baud) until autoboot is halted.
5. Run the following commands in the U-boot prompt:
   # tftpboot 0x44000000 openwrt-qualcommax-ipq807x-tplink_eap660hd-v1-initramfs-uImage.itb
   # bootm
   You may need to type Ctrl+C and Enter before running these commands
   to clear invisible characters from the buffer.
6. Run the following command in a terminal to copy the sysupgrade image
   to be installed (check IP address):
   $ scp openwrt-qualcommax-ipq807x-tplink_eap660hd-v1-squashfs-sysupgrade.bin root@192.168.1.1:/tmp/
7. Activate the OpenWrt serial console and run the following commands:
   # cd /tmp
   # sysupgrade -n openwrt-qualcommax-ipq807x-tplink_eap660hd-v1-squashfs-sysupgrade.bin
8. The AP will reboot and OpenWrt will be successfully installed.

Signed-off-by: George Witt <george.witt@nltsproject.org>
Link: https://github.com/openwrt/openwrt/pull/15832
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-08 12:01:19 +02:00
Rosen Penev
fe6c079681 uboot-laniq: fix compilation with GCC14
GCC errors on returning int in void function now.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16348
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-08 11:49:20 +02:00
Ivan Pavlov
62d3773bf1 openssl: update to 3.0.15
OpenSSL 3.0.15 is a security patch release. The most severe CVE fixed in this release is Moderate.

This release incorporates the following bug fixes and mitigations:

  * Fixed possible denial of service in X.509 name checks (CVE-2024-6119)

  * Fixed possible buffer overread in SSL_select_next_proto() (CVE-2024-5535)

Added github releases url as source mirror

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16332
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 23:44:56 +02:00
Ivan Pavlov
2b2a98b3eb uboot-envtools: add u-boot system env config for Xiaomi Redmi AX6S
Adds u-boot config for access to system env variables on this board

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16312
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 23:40:04 +02:00
Christian Svensson
01ae39a0b2 wireguard-tools: accept iproute2 as dependency
If the user has ip-tiny or ip-full installed there is no need to depend on
BusyBox having any form of `ip` or `ip link` applets.

Signed-off-by: Christian Svensson <blue@cmd.nu>
Link: https://github.com/openwrt/openwrt/pull/16062
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 23:35:02 +02:00
Gioacchino Mazzurco
d760576132 hostapd: ensure that interface name is not null
Include hotfix suggested by Sebastian Gottschall to fix bug introduced
with APuP patchset

Signed-off-by: Gioacchino Mazzurco <gio@polymathes.cc>
Link: 0c3001a69e
Link: https://github.com/openwrt/openwrt/pull/16298
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 22:42:42 +02:00
Rosen Penev
4b7e7046ba ltq-ptm: propagate reset errors to probe
Instead of avoiding returning, propagate error so that the kernel
infrastructure can handle it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16262
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 22:23:16 +02:00
Rosen Penev
42a763ef04 ltq-atm: propagate EPROBE_DEFER to probe
Instead of ignoring errors, let the linux infrastructure handle it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16262
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 22:23:15 +02:00
Felix Fietkau
a1c7f794da mt76: update to Git HEAD (2024-09-05)
5c5e685eb028 wifi: mt76: mt7915: improve hardware recovery
a897606f7c26 wifi: mt76: mt76x0: fix locking regression
65cc3daf2a33 wifi: mt76: support per-band MAC addresses from OF child nodes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-05 15:12:33 +02:00
Felix Fietkau
e7ea93e1e3 netifd: update to Git HEAD (2024-09-05)
61c606d6e66b device: simplify external device settings handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-05 10:16:19 +02:00
Eric Long
21b155e0ff bpftool: add host build
Besides probing BPF information in running system, bpftool is also used in
generating skeleton, dumping BTF, etc. that is widely used in modern BPF
development. Make it available as a host tool so that we can use it in
package build.

Tested build targeting malta/le on Arch Linux x86_64. bpftools currently
does not support processing cross-endian BPF objects, so big-endian host
is needed to build for big-endian targets using bpftools.

Signed-off-by: Eric Long <i@hack3r.moe>
Link: https://github.com/openwrt/openwrt/pull/16122
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-04 00:06:34 +02:00
Felix Fietkau
2bec6f48e6 netifd: update to Git HEAD (2024-09-03)
480551a3adc4 interface: add support for disabling renew on topology change
b7b294266781 device: add more debugging code
595094f5c213 device: do not pull device present state from hotplug events
4e11e52e9b98 main: add messages to udebug regardless of their log level
091d063f4a9d wireless: handle link updates even if devices are present already
a8e90853c936 interface: improve hotplug handling reliability
cdb41673ceea device: remove redundant newlines from debug messages
cd2a7964f2c0 device: revert to explicit device_set_present calls

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-03 15:14:42 +02:00
Felix Fietkau
bc2e5f10d4 uboot-mediatek: add missing dependency for mt7988_rfb-spim-nand
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-02 12:42:05 +02:00
Felix Fietkau
978aa43e55 uboot-mediatek: fix build error on mt7981-rfb and openwrt-one
Remove an unnecessary config option that was breaking the build

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-02 12:42:05 +02:00
Felix Fietkau
cb44f7ce3b uboot-mediatek: fix broken patch
Add missing --- line

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-02 12:42:05 +02:00
Jan Hoffmann
cf6d52f45a ltq-vdsl-vr11-app: perform orderly shutdown on exit
Try to do a clean disconnection via L3 request before the connection is
stopped.

Because this might take up to 6 seconds (the driver does 3 attempts with
a timeout of 2 seconds each), a termination timeout needs to be defined
in the init script.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
23826115e1 ltq-vdsl-vr11-app: always disconnect on exit
Move the code for disconnection on exit to a separate function, and also
call it in the code paths for SIGINT and the "quit" CLI command.

While at it, make the patch description a bit clearer.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
663389c4cf ltq-vdsl-vr9-app: always disconnect on exit
Move the code for disconnection on exit to a separate function, and also
call it in the code path for the "quit" CLI command.

While at it, make the patch description a bit clearer.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
a78ad43d1d ltq-vdsl-vr11-app: fix error handling during disconnection
Use the correct return value in error message.

Fixes: 6e4c9738be ("ltq-vdsl-vr11-app: add version 4.23.1 for vr11 targets")
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
df6284b079 ltq-vdsl-vr9-app: fix error handling during disconnection
Use the correct return value in error message.

Fixes: 1daaef31b3 ("ltq-vdsl-app: disconnect when service is stopped")
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Florian Eckert
378272f0a4 kernel: modules: usb: remove deprecated Kconfig option CONFIG_USB_XHCI_HCD_DEBUGGING
The Kconfig option 'CONFIG_USB_XHCI_HCD_DEBUGGING' has been removed with the
following commit upstream in the Linux kernel.

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=b2497509df002e9a09c8550cd0ecd2f77c9640d8

This Kconfig option is therefore no longer valid for the kernel version
6.6 and could be removed.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-08-31 19:28:04 +02:00
Paweł Owoc
2c48cda28b uboot-envtools: ath79: add Belkin F9K1115v2/F9J1108v2 u-boot env support
Add support for Belkin F9K1115v2/F9J1108v2 u-boot env

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16033
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-30 00:43:58 +02:00
Matthias Schiffer
9bbaa6f2c0
base-files: fix merge of passwd/shadow/group lines with trailing colons
Empty trailing fields get lost when the lines are split and merged again
at colons, resulting in unparsable entries. Only use the split fields for
matching against the other file, but emit the original line unchanged
to fix the issue.

Fixes: de7ca7dafa ("base-files: merge /etc/passwd et al at sysupgrade config restore")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2024-08-29 21:07:15 +02:00
Til Kaiser
f1812d5901 kernel: netdevices: adjust mlxsw network drivers
* Adds the x86_64 dependency for mlxsw_core

* Removes the redundant mlxsw_core dependency
from mlxsw-minimal and mlxsw-spectrum

* Removes the DCB configuration symbols because
they were moved into the generic configuration

Signed-off-by: Til Kaiser <mail@tk154.de>
Link: https://github.com/openwrt/openwrt/pull/15362
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:39:48 +02:00
Til Kaiser
ababc2d0a7 linux-firmware: add firmware for all Mellanox Spectrum Switches
This commit adds the currently missing Mellanox
Spectrum-2, Spectrum-3, and Spectrum-4 firmware files.

Signed-off-by: Til Kaiser <mail@tk154.de>
Link: https://github.com/openwrt/openwrt/pull/15362
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:39:48 +02:00
Til Kaiser
ad3a7fc129 kernel: modules: add x86 dependency for leds-mlxcpld
This commit adds the missing x86 dependency for
the Mellanox mlxcpld LED driver.

Signed-off-by: Til Kaiser <mail@tk154.de>
Link: https://github.com/openwrt/openwrt/pull/15362
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:39:48 +02:00
FUKAUMI Naoki
61878706f9 rockchip: add support for Radxa ROCK 3B
Radxa ROCK 3B is a Pico-ITX form factor SBC[1] using the Rockchip
RK3568(J).

Hardware
--------
- Rockchip RK3568(J) SoC
- Quad A55 CPU
- Mali-G52 GPU
- 1 TOPS @ INT8 NPU
- 2GB/4GB/8GB LPDDR4 RAM
- eMMC connector
- Micro SD Card slot
- NVMe SSD through the M.2 M Key (2-lane PCIe 3.0)
- SPI Flash for bootloader
- 2x Gigabit ethernet port (one supports PoE with add-on PoE HAT)
- 1x M.2 E Key socket with SDIO, UART and USB interfaces
- 1x M.2 B Key socket with PCIe, SATA, and USB interfaces
- 1x SIM card socket
- 1x USB 3.0 Type-A HOST port
- 1x USB 3.0 Type-A OTG port
- 2x USB 2.0 Type-A HOST ports
- 40 Pin GPIO header

[1] https://radxa.com/products/rock3/3b

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16185
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:16:26 +02:00
FUKAUMI Naoki
59fc334ed0 rockchip: add support for Radxa ZERO 3E and 3W
Radxa ZERO 3E and 3W are light, compact and tiny SBC[1][2] using the
Rockchip RK3566.

Hardware
--------
- Rockchip RK3566 SoC
- Quad A55 CPU
- Mali-G52-2EE GPU
- 1 TOPS @ INT8 NPU
- 1GB/2GB/4GB/8G LPDDR4 RAM
- Optional 8GB/16GB/32GB/64GB eMMC (3E)
- Micro SD Card slot
- 1x Gigabit ethernet port (supports PoE with add-on PoE HAT) (3E)
- WiFi6/BT5.4 (3W) (not supported yet on OpenWrt)
- 1x USB 3.0 Type-C HOST port
- 1x USB 2.0 Type-C OTG port
- Optional 40 Pin GPIO header

[1] https://radxa.com/products/zeros/zero3e
[2] https://radxa.com/products/zeros/zero3w

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16185
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:16:26 +02:00
FUKAUMI Naoki
8384c6d796 rockchip: add support for Radxa ROCK 3C
Radxa ROCK 3C is a high-performance, low-cost SBC[1] using the
Rockchip RK3566.

Hardware
--------
- Rockchip RK3566 SoC
- Quad A55 CPU
- Mali-G52-2EE GPU
- 1 TOPS @ INT8 NPU
- 1GB/2GB/4GB LPDDR4 RAM
- eMMC connector
- Micro SD Card slot
- NVMe SSD through the M.2 M Key connector(2230) or M.2 Extension
  board(2232/2260/2280)
- SATA through the Radxa Penta SATA HAT
- 1x Gigabit ethernet port(supports PoE with add-on PoE HAT)
- WiFi6/BT5.4 (not supported yet on OpenWrt)
- 1x USB 3.0 Type-A HOST port
- 2x USB 2.0 Type-A HOST ports
- 1x USB 2.0 Type-A OTG port
- 40 Pin GPIO header

[1] https://radxa.com/products/rock3/3c

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16185
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:16:26 +02:00
FUKAUMI Naoki
e231cdd0c6 uboot-rockchip: renumber patches
renumber patches for upcoming new device support

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16185
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:16:26 +02:00
Daniel Golle
e64b92c63b uboot-mediatek: detect rootdisk on MT7981
Set /chosen/rootdisk according to boot_mode register, similar to
MT7986.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-28 15:11:51 +01:00
Sarah Maedel
8de185a176 hostapd: fix anqp_3gpp_cell_net list delimiter
This patch fixes the list delimiter between 3GPP networks
passed to hostapd.

> list iw_anqp_3gpp_cell_net '262,001'
> list iw_anqp_3gpp_cell_net '262,002'

When passing a list of "iw_anqp_3gpp_cell_net" parameters via UCI,
hostapd would crash at startup:
> daemon.err hostapd: Line 73: Invalid anqp_3gpp_cell_net: 262,001:262,002

Using a semicolon as a delimiter, hostapd will start as expected.

Signed-off-by: Sarah Maedel <git@tbspace.de>
2024-08-28 11:57:23 +02:00
David Bauer
ebe7c5f1a3 uqmi: update to latest HEAD
28b48a1 uim: add support for ICC communication channel
f582e00 qmi: fix dynamic array macro
d381f80 data: add support for ICC channel

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-08-25 23:25:45 +02:00
Felix Fietkau
ecfb095866 mt76: update to Git HEAD (2024-08-25)
dbc9b0df7c01 linux-firmware: update firmware for MT7996
4e8167b94175 wifi: mt76: connac: fix checksum offload fields of connac3 RXD
084eaaf4792e wifi: mt76: mt7915: fix sta poll list corruption on hw restart
aea16bfe8d50 firmware: update MT7981 firmware to version 20240507201102
65bbd4c394a9 firmware: update MT7986 firmware to version 20240507160203
1f4ac8faa529 wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac
b76f16ea6521 wifi: mt76: mt7915: improve hardware restart reliability
e6afe9218a27 wifi: mt76: mt7915: fix unused variable error
d6611d015efd firmware: update mt7916/mt7981/mt7986 firmware to version 20240823
ddeb304aae6d wifi: mt76: mt7921: fix wrong UNII-4 freq range check for the channel usage
904ef52a8d04 wifi: mt76: mt7996: fix uninitialized TLV data

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-08-25 21:24:44 +02:00
Petr Štetiar
0e8b701794 ustream-ssl: update to Git HEAD (2024-07-28)
99bd3d2b167c ustream-openssl: fix compilation with OPENSSL_NO_DEPRECATED

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Link: https://github.com/openwrt/openwrt/pull/16020
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 17:27:32 +02:00
Goetz Goerisch
3774f3272e treewide: rename ZyXEL to Zyxel
The company Zyxel rebranded some years ago.
Currently the casing is according to the old branding even
for newer devices which already use the new branding.

This commit aligns the casing of Zyxel everywhere.

Signed-off-by: Goetz Goerisch <ggoerisch@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15652
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 15:08:25 +02:00
FUKAUMI Naoki
eae339fa72 uboot-rockchip: fix model name for Radxa ROCK 3A, 5A, and 5B
This patch fixes model name in dts as below:

Radxa ROCK3 model A  -> Radxa ROCK 3A
Radxa ROCK 5 model A -> Radxa ROCK 5A
Radxa ROCK 5 model B -> Radxa ROCK 5B

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16232
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 14:46:27 +02:00
Rosen Penev
7a7ea98400 trace-cmd: update to 3.3
Use local tarballs instead of upstream generated ones. Smaller.

Fix version to be compatible with apk.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16219
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-24 21:26:55 +02:00
Carsten Schuette
57c600dc27 dnsmasq: Add EDNS0 Upstream support
Forward client mac address and subnet on dns queries. Pi-hole and Adguard use this feature to send the originators ip address/subnet so it can be logged and not just the nat address of the router. This feature has been added since version 2.56 of dnsmasq and would be nice to expose this feature in openwrt.

Signed-off-by: Carsten Schuette <schuettecarsten@googlemail.com>
Link: https://github.com/openwrt/openwrt/pull/15965
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-24 21:25:17 +02:00
Daniel Pawlik
b68e34c837 mt76: Change AutoLoad macro call for mt7925e and mt7925u
There was a typo done for mt7925e and mt7925u in the KernelPackage
definitions, which caused the system to load the wrong kernel modules.

Signed-off-by: Daniel Pawlik <pawlik.dan@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16236
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 15:10:39 +02:00
xiaobo tian
9482341a47 rockchip: add support for nanopc t6
SoC: Rockchip RK3588
CPU: Quad-core ARM Cortex-A76(up to 2.4GHz) and quad-core Cortex-A55 CPU (up to 1.8GHz)
GPU: Mali-G610 MP4, compatible with OpenGLES 1.1, 2.0, and 3.2, OpenCL up to 2.2 and Vulkan1.2
VPU: 8K@60fps H.265 and VP9 decoder, 8K@30fps H.264 decoder, 4K@60fps AV1 decoder, 8K@30fps H.264 and H.265 encoder
NPU: 6TOPs, supports INT4/INT8/INT16/FP16
RAM: 64-bit 4GB/8GB/16GB LPDDR4X at 2133MHz
Flash: 32GB/64GB/256GB eMMC, at HS400 mode
microSD: support up to SDR104 mode
Ethernet: 2x PCIe 2.5G Ethernet

Signed-off-by: xiaobo tian <peterwillcn@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16158
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:55:02 +02:00
Daniel Pawlik
da502be941 mt76: Add firmware files into mt7925-firmware package
The firmware binaries were missing in kmod-mt7925-firmware package.

Signed-off-by: Daniel Pawlik <pawlik.dan@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16239
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:50:20 +02:00
Johannes Truschnigg
b6ac37110f linux-firmware: add Intel CPU-integrated GPU (iGPU) firmware
On latest Intel x86 CPUs, DMC firmware is required for the iGPU to reach
its lowest power states. If the driver cannot load it, it will print a
warning and unnecessarily make the iGPU draw a bit more power when idle.

GUC firmware (various "offload" mechanisms that deal with scheduling GPU
workloads) and HUC firmware (required for accelerated media codec
operations for HEVC/H.265) are probably more niche, but could also
provde useful for some - for example, when building an
Intel/OpenWrt-based security camera.

Signed-off-by: Johannes Truschnigg <johannes@truschnigg.info>
Link: https://github.com/openwrt/openwrt/pull/16069
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:46:28 +02:00
Rosen Penev
5d107bbbbb tmon: make version apk compatible
No need to override version.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-08-22 17:53:28 +02:00
Felix Fietkau
580ad3e6bb mt76: update to Git HEAD (2024-08-21)
5c9fbdd64313 wifi: mt7915: fix wcid allocation leak
d547c25cabab wifi: mt76: mt7915: fix last argument to mt7915_mcu_add_sta
caed4843c5cd wifi: mt76: fix station muar index
3cd1c1740280 wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker
a5e630ef458c wifi: mt76: mt7916: fix regression in .sta_state migration

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-08-21 16:52:07 +02:00
Tianling Shen
ea249af456 uboot-rockchip: add ROCK 5B support
Add support for the Radxa ROCK 5B board.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16149
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-21 00:10:47 +02:00
Tianling Shen
d44fcee73c uboot-rockchip: add ROCK 5A support
Add support for the Radxa ROCK 5A board.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16149
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-21 00:10:47 +02:00
Mark Mentovai
1310e4f1ae failsafe: fix console failsafe shell
When running a failsafe shell on a console, job control was unavailable,
and ^C did not function correctly.

This change invokes console failsafe shells via `setsid`, making them
session leaders and allowing them to claim controlling terminals, which
makes job control function properly. To support this, the busybox
`setsid` utility is enabled. This has a minimal 149-byte size impact on
a test x86_64 squashfs rootfs image.

^C was ignored in subprocesses of failsafe shells: it was not possible
to ^C out of a program that would not exit on its own, such as many
typical `ping` invocations. As job control was unavailable, it was not
possible to suspend these subprocesses either, causing a hung program to
tie up a console indefinitely, unless another means to signal the
program was available. This was caused by SIGINT being placed at
disposition SIG_IGN by the shell running preinit, which it did because
the console shell was executed asynchronously with &. That disposition
was inherited by the console shell and its subprocesses, generally
causing ^C to have no effect.

As there is no way in busybox `ash` to reset the disposition of a signal
already ignored at shell entry, and no apparent way to avoid SIGINT
being placed at SIG_IGN when & is used in preinit, an alternative
construct is needed. Now, `start-stop-daemon` is used to start (-S) the
console failsafe shell in the background (-b). This approach does not
alter SIGINT, allowing the console shell to be started with that
signal's handling intact, and normal ^C processing to occur.

busybox `ash` has some behaviors conditional on SHLVL, and while the
console shells ought to run at SHLVL=1, they were not by virtue of being
started by the shell-based preinit system. Additionally, a variety of
detritus was present in the console shell's environment, carried over
from preinit. These conditions are corrected by running the console
shell via `env -i` to clear the environment and establish a minimum and
correct set of environment variables for operation, in the same manner
as `login`. HOME is not explicitly set, because it's addressed in
/etc/profile. For non-failsafe console shells when
system.@system[0].ttylogin = 0, `login -f root` achieves a similar
effect. (`login` already started non-failsafe console shells when
ttylogin = 1 and behaved correctly. This brings the ttylogin = 0 case to
parity.) Note that even `login -f` is somewhat undesirable for failsafe
shells because it requires a viable /etc/passwd, hence the `env -i`
construct in that case.

The TERM environment variable from the preinit environment, with value
"linux", would rarely be correct for serial consoles. Now, the preinit
TERM value is preserved (or set to "linux" if unset) only when the
console is /dev/console or /dev/tty[0-9]*. Otherwise, it will be set to
a safe default appropriate for serial consoles, "vt102", as used for
serial consoles by busybox init. This "linux"/"vt102" TERM setting is
also duplicated for non-failsafe console shells.

This also indicates failsafe mode by showing "- failsafe -" on all
consoles (not just the last-defined one). It sets a hostname of
"OpenWrt-failsafe" in failsafe mode which is rendered in the shell's
prompt as a reminder of the mode during interactive failsafe use.
Previously, no hostname was set, which resulted in the kernel-default
hostname, "(none)", appearing in failsafe shell prompts.

Signed-off-by: Mark Mentovai <mark@mentovai.com>
Link: https://github.com/openwrt/openwrt/pull/16113
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-19 18:55:00 +02:00
Matt Eaton
60951f0515 xfrm: remove requirement for underlying device
Since kernel 5.3, phydev (dev) is no longer required

   torvalds/linux@22d6552

Signed-off-by: Matt Eaton <git@divinehawk.com>
Link: https://github.com/openwrt/openwrt/pull/16046
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-19 18:49:49 +02:00
Sylvain Monné
88186c85f9 uhttpd: restart daemon if certificate has changed
Fixes #16075

When the SSL certificate used by uhttpd has been changed, calling
`/etc/init.d/uhttpd reload` will now have the effect of restarting the
daemon to make the change effective.

Signed-off-by: Sylvain Monné <sylvain@monne.contact>
Link: https://github.com/openwrt/openwrt/pull/16076
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-19 18:46:08 +02:00
Álvaro Fernández Rojas
5d2a008670 kernel: r8126: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-08-18 19:57:47 +02:00
Álvaro Fernández Rojas
a57a3e5cc5 kernel: r8125: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-08-18 19:57:41 +02:00
Álvaro Fernández Rojas
2f846a3315 kernel: r8168: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-08-18 19:57:36 +02:00
Álvaro Fernández Rojas
fe0240f27e kernel: r8101: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-18 19:31:55 +02:00
Álvaro Fernández Rojas
8d9893ff34 kernel: r8126: ignore the rss rxnfc log
This log is noisy and useless, just ignore it.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-08-18 11:38:40 +02:00
Chukun Pan
2fd0102cc3 kernel: r8125: ignore the rss rxnfc log
This log is noisy and useless, just ignore it.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-08-18 11:38:40 +02:00
Felix Fietkau
8d25723865 mt76: update to Git HEAD (2024-08-18)
0ac3041a9ac8 wifi: mt76: fix off-channel wcid pending queue handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-08-18 09:55:46 +02:00
Álvaro Fernández Rojas
b72c4b5386 package: add kmod-r8101 ethernet driver
r8101 is an out of tree driver provided by Realtek for RTL8101 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-16 20:40:34 +02:00
Álvaro Fernández Rojas
8208d36220 kernel: r8168/r8125/r8126: update PKG_SOURCE_URL
r8168, r8125 and r8126 have been transferred from https://github.com/noltari to
https://github.com/openwrt.
The old URL should still work after the transfer, but let's update it anyway.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-16 20:37:41 +02:00
Felix Fietkau
20bf5f35e7 mt76: update to Git HEAD (2024-08-16)
58d187e4a97c wifi: mt76: mt792x: add struct mt792x_bss_conf
eb278f9863be wifi: mt76: mt792x: add struct mt792x_link_sta
156bd77d3264 wifi: mt76: mt792x: add struct mt792x_chanctx
017001536f34 wifi: mt76: mt7925: support for split bss_info_changed method
f6979f7bac2d wifi: mt76: mt792x: extend mt76_connac_mcu_uni_add_dev for per-link BSS
a72414b0929b wifi: mt76: mt7925: extend mt7925_mcu_set_tx with for per-link BSS
ccc741182b32 wifi: mt76: mt7925: extend mt7925_mcu_add_bss_info for per-link BSS
a6072c1cb337 wifi: mt76: mt7925: extend mt7925_mcu_set_timing for per-link BSS
8bc843c9a1bc wifi: mt76: mt7925: extend mt7925_mcu_bss_ifs_tlv for per-link BSS
57770675f269 wifi: mt76: mt7925: extend mt7925_mcu_bss_color_tlv for per-link BSS
69cbc0f03c2e wifi: mt76: mt7925: extend mt7925_mcu_bss_he_tlv for per-link BSS
36712505c8c6 wifi: mt76: mt7925: extend mt7925_mcu_bss_qos_tlv for per-link BSS
5399d0439cc6 wifi: mt76: mt7925: extend mt7925_mcu_bss_mld_tlv for per-link BSS
92abc8b3efb4 wifi: mt76: mt7925: extend mt7925_mcu_bss_bmc_tlv for per-link BSS
cca65ef81a47 wifi: mt76: mt7925: remove unused parameters in mt7925_mcu_bss_bmc_tlv
7a4997a2fc70 wifi: mt76: mt7925: extend mt7925_mcu_bss_sec_tlv for per-link BSS
eafc690d3e00 wifi: mt76: mt7925: extend mt7925_mcu_bss_basic_tlv for per-link BSS
a215af375b85 wifi: mt76: mt7925: extend mt7925_mcu_set_bss_pm for per-link BSS
b310e0dd4245 wifi: mt76: mt7925: extend mt7925_mcu_[abort, set]_roc for per-link BSS
b71940427ae7 wifi: mt76: mt7925: extend mt7925_mcu_uni_bss_bcnft for per-link BSS
4e2eadef7d59 wifi: mt76: mt7925: extend mt7925_mcu_uni_bss_ps for per-link BSS
0bec7c7124f7 wifi: mt76: mt7925: add mt7925_mcu_bss_rlm_tlv to constitue the RLM TLV
21d15e680a6d wifi: mt76: mt7925: mt7925_mcu_set_chctx rely on mt7925_mcu_bss_rlm_tlv
63e0bb14bd71 wifi: mt76: mt7925: extend mt7925_mcu_sta_update for per-link STA
f5a819c97e71 wifi: mt76: mt7925: extend mt7925_mcu_sta_state_v2_tlv for per-link STA
737235764c4c wifi: mt76: mt7925: extend mt7925_mcu_sta_rate_ctrl_tlv with per-link STA
a59201b4f003 wifi: mt76: mt7925: extend mt7925_mcu_sta_eht_tlv for per-link STA
25e12096e568 wifi: mt76: mt7925: extend mt7925_mcu_sta_he_6g_tlv for per-link STA
5e326a87bc46 wifi: mt76: mt7925: extend mt7925_mcu_sta_he_tlv for per-link STA
5c21555c6c79 wifi: mt76: mt7925: extend mt7925_mcu_sta_amsdu_tlv for per-link STA
d5bb9a9e735c wifi: mt76: mt7925: extend mt7925_mcu_sta_vht_tlv for per-link STA
a9e4e795652c wifi: mt76: mt7925: extend mt7925_mcu_sta_ht_tlv for per-link STA
daccf349f24f wifi: mt76: mt7925: extend mt7925_mcu_sta_phy_tlv for per-link STA
454b8f332428 wifi: mt76: mt7925: extend mt7925_get_phy_mode_ext for per-link STA
54dad0c287a5 wifi: mt76: mt7925: extend mt7925_get_phy_mode for per-link STA
c7248fea9557 wifi: mt76: mt792x: extend mt76_connac_get_phy_mode_v2 for per-link STA
afe6c142b1ee wifi: mt76: mt762x: extend mt76_connac_mcu_sta_basic_tlv for per-link STA
bb8bc43f3400 wifi: mt76: mt7925: extend mt7925_mcu_sta_hdr_trans_tlv for per-link STA
92262378ae20 wifi: mt76: mt7925: extend mt7925_mcu_add_bss_info for per-link STA
371667695674 wifi: mt76: mt7925: extend mt7925_mcu_bss_mld_tlv for per-link STA
990e9c62a7f2 wifi: mt76: mt7925: extend mt7925_mcu_bss_basic_tlv for per-link STA
070efb705591 wifi: mt76: mt7925: add mt7925_mac_link_sta_add to create per-link STA
90a7976363a7 wifi: mt76: mt7925: add mt7925_mac_link_sta_assoc to associate per-link STA
8695a2500bbd wifi: mt76: mt7925: add mt7925_mac_link_sta_remove to remove per-link STA
ac251c6d65e1 wifi: mt76: mt7925: add mt7925_mac_link_bss_add to create per-link BSS
f4f4e3238dc1 wifi: mt76: mt7925: add mt7925_mac_link_bss_remove to remove per-link BSS
64378d3a036e wifi: mt76: mt7925: simpify mt7925_mcu_sta_cmd logic by removing fw_offload
436e75a67e40 wifi: mt76: mt7925: update mt76_connac_mcu_uni_add_dev for MLO
aa913a43f20c wifi: mt76: mt7925: update mt7925_mac_link_sta_[add, assoc, remove] for MLO
74d518be9812 wifi: mt76: mt7925: set Tx queue parameters according to link id
94e751a0f549 wifi: mt76: mt7925: set mt7925_mcu_sta_key_tlv according to link id
15054d71a61a wifi: mt76: mt7925: add mt7925_set_link_key
41e7149458ef wifi: mt76: mt7925: extend mt7925_mcu_uni_roc_event
56064fc172b7 wifi: mt76: mt7925: add mt7925_change_vif_links
74138b229be6 wifi: mt76: mt7925: add mt7925_change_sta_links
6f628298f9ae wifi: mt76: mt7925: add link handling in mt7925_mac_sta_add
79f3aaf2765a wifi: mt76: mt7925: add link handling in mt7925_mac_sta_remove
950578348506 wifi: mt76: mt7925: add link handling to txwi
b6a07bce6000 wifi: mt76: mt7925: add link handling in mt7925_set_key
f1a7ab0544ae wifi: mt76: mt7925: add link handling to mt7925_change_chanctx
14d2ae0cdf16 wifi: mt76: mt7925: add link handling in the BSS_CHANGED_PS handler
f68bdb9b9d64 wifi: mt76: mt7925: add link handling in mt7925_mcu_set_beacon_filter
18ee40e548d1 wifi: mt76: mt7925: add link handling in mt7925_txwi_free
415503c237cf wifi: mt76: mt7925: add link handling in mt7925_mac_sta_assoc
6dfcb265aa97 wifi: mt76: mt7925: add link handling in mt7925_sta_set_decap_offload
18471bb0d671 wifi: mt76: mt7925: add link handling in mt7925_vif_connect_iter
ac8ab0853432 wifi: mt76: mt7925: add link handling in the BSS_CHANGED_ARP_FILTER handler
b14f7c02c79c wifi: mt76: mt7925: add link handling in the mt7925_ipv6_addr_change
6ebeb5f0150d wifi: mt76: mt7925: update rate index according to link id
ebd522981ba6 wifi: mt76: mt7925: report link information in rx status
2304e6146cf9 wifi: mt76: add def_wcid to struct mt76_wcid
1fc2bab3f510 wifi: mt76: mt7925: add mt7925_[assign,unassign]_vif_chanctx
2a23c1e5fef2 wifi: mt76: mt7925: update mt7925_mcu_sta_mld_tlv for MLO
2a226b8c06f7 wifi: mt76: mt7925: update mt7925_mcu_bss_mld_tlv for MLO
45df65348e26 wifi: mt76: mt7925: update mt7925_mcu_add_bss_info for MLO
7eb17943de6b wifi: mt76: mt7925: update mt7925_mcu_sta_update for MLO
d2b28297551e wifi: mt76: mt7925: add mt7925_mcu_sta_eht_mld_tlv for MLO
e385735a67a1 wifi: mt76: mt7925: update mt7925_mcu_sta_rate_ctrl_tlv for MLO
aedb640a90ad wifi: mt76: mt7925: update mt7925_mcu_sta_phy_tlv for MLO
6a3af6e618e4 wifi: mt76: mt7925: update mt7925_mcu_set_timing for MLO
783bb8314585 wifi: mt76: mt7925: update mt7925_mcu_bss_basic_tlv for MLO
17f5ef8058ef wifi: mt76: mt7925: update mt7925_mac_link_bss_add for MLO
94fe68018774 wifi: mt76: mt7925: remove the unused mt7925_mcu_set_chan_info
e0b4763428eb wifi: mt76: mt7925: enabling MLO when the firmware supports it
3a367258d9d6 wifi: mt76: mt792x: fix scheduler interference in drv own process
b6fd8fe5d260 wifi: mt76: mt7996: Use DECLARE_FLEX_ARRAY() and fix -Warray-bounds warnings
e25fb9a010f9 wifi: mt76: mt7921: add missing bss_conf vif init
6585a4353a51 wifi: mt76: mt7921: fix crash on ipv6 addr notification during vif bringup
fdba7f408873 wifi: mt76: fix mt76_get_rate
c13032ba4721 wifi: mt76: mt7915: always query station rx rate from firmware
d5286f465f83 wifi: mt76: connac: add support for IEEE 802.11 fragmentation
c4c66f6b119d wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation
b4da028f990a wifi: mt76: mt7915: fix rx filter setting for bfee functionality
6ccafa50c647 firmware: update firmware for MT7915 to 20240429200502
b80c997b3ff6 wifi: mt76: partially move channel change code to core
891031ee051d wifi: mt76: add separate tx scheduling queue for off-channel tx
4eea0786d83f wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable
e0a409af5526 wifi: mt76: mt7915: allocate vif wcid in the same range as stations
1305484d044a wifi: mt76: connac: add support for passing connection state directly
ea8c3eac128e wifi: mt76: change .sta_assoc callback to .sta_event
5af2f7c8e884 wifi: mt76: mt7915: use mac80211 .sta_state op
863b3a5f521e wifi: mt76: mt7915: set MT76_MCU_RESET early in mt7915_mac_full_reset
a1a65d860812 wifi: mt76: mt7915: retry mcu messages
362fec004cea wifi: mt76: mt7915: reset the device after MCU timeout
37955a4d08db wifi: mt76: mt7996: use hweight16 to get correct tx antenna
b980637b11e8 wifi: mt76: mt7996: fix traffic delay when switching back to working channel
a5aa259fb137 wifi: mt76: mt7996: fix wmm set of station interface to 3
8e2f906cb154 wifi: mt76: mt7996: advertize beacon_int_min_gcd
bf2eeec731c6 wifi: mt76: mt7996: fix HE and EHT beamforming capabilities
c2c6940e60c4 wifi: mt76: mt7996: set correct beamformee SS capability
5cf02b0a2682 wifi: mt76: mt7996: fix EHT beamforming capability check
4a90f927311c wifi: mt76: mt7996: set correct value in beamforming mcu command for mt7992
c4e34c8bb963 wifi: mt76: mt7996: fix handling mbss enable/disable
bb6a5dbbb7aa wifi: mt76: connac: add IEEE 802.11 fragmentation support for mt7996
437ec1b9e282 wifi: mt76: mt7996: set IEEE80211_KEY_FLAG_GENERATE_MMIE for other ciphers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-08-16 19:58:57 +02:00
Daniel Golle
1591e2d4cc arm-trusted-firmware-mediatek: build RAM boot images for MT7622
Build images for use with mtk_uartboot also for MT7622.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-16 13:17:55 +01:00
Daniel Golle
6347bf799a arm-trusted-firmware-mediatek: only build bl2 for RAM boot images
There is no need to build BL31 as anyway only the bl2 image is
relevant for use with mtk_uartboot. Build only bl2 in this case.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-16 13:17:55 +01:00
Roland Reinl
2fbffb3643 mediatek: Add support for Linksys EA7500 v3
Specification:
- MT7629 CPU
- MT7531 switch
- MT7761N and MT7762N wifi
- 256 MB RAM
- 128 MB NAND flash with dual-boot partitions
- 2 buttons: WPS and reset
- 1 WAN port (1G)
- 4 LAN ports (1G)
- 1 USB port

Limitations (same as other MT7629/MT7761N/MT7762N devices):
- Wifi is not working
- Second core is not working (kernel error message "CPU1: failed to come online")

Disassembly:
- There are two screws under the front rubber feet and two under the label on the bottom (in the corners towards the back, you should be able to feel them).

Serial Interface:
- UART pin header is already soldered on the board. Pinning from front to back:
1 - VCC
2 - TX
3 - RX
4 - n/a
5 - GND

GPIO:
- 1 white LED, connected to GPIO 52
- 1 reset button, connected to GPIO 60
- 1 WPS button, connected to GPIO 58

MAC Adresses:
- The MAC address printed on the device label is used for LAN and WAN
- The MAC address is stored in the devinfo partition in ASCII format (hw_mac_addr=aa:bb:cc:dd:ee)
- 2.4 GHz wifi uses MAC of the device label + 1
- 5 GHz wifi uses MAC of the device label + 2

Flashing:
- OpenWrt is only runnig in the first partition of dual boot
- To ensure to be able to go back to the factory image, flash the last OEM firmware via OEM web interface. This will ensure that the OEM firmware is present on both partitions
- Because of dual boot partitions, flashing via OEM interface is not supported
- Start a TFTP server and provide the initramfs image. Default settings:
  - Router IP: 192.168.1.1
  - TFTP server IP: 192.168.1.100
  - TFTP file name: 7531.bin
- Open the device, connect UART and select " 1. System Load Linux to SDRAM via TFTP." during startup
- Adapt the settings to your environment, if required
- After initramfs is booted, flash the sysupgrade image

Return to OEM firmware:
- Run the following commands in OpenWrt to switch to the second partition
  fw_setenv boot_part 2
  fw_setenv bootimage 2
- Reboot the device. OEM firmware will start up again

Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16067
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-15 00:13:20 +02:00
Antonio Flores
63412038dc mac80211: add rtw89 driver
This commits adds the RTW89 driver from Realtek.
Supports the Realtek 8851BE/8852AE/8852BE/8852CE PCIe wireless chips.

Signed-off-by: Antonio Flores <antflores627@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16131
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-14 23:26:26 +02:00
Hannu Nyman
0b7d99147b uhttpd: Decrease the default validity time of certificate
The recommended maximum validity period is currently 397 days
and some browsers throw warning with longer periods.

Reference to
https://cabforum.org/working-groups/server/baseline-requirements/
 6.3.2 Certificate operational periods and key pair usage periods
 Subscriber Certificates issued on or after 1 September 2020
 SHOULD NOT have a Validity Period greater than 397 days and
 MUST NOT have a Validity Period greater than 398 days.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/15366
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-13 21:07:13 +02:00
Pat Fruth
db4e8ef952 uhttpd: Include new extensions in uhttpd self-signed certs
The introduction of MacOS Catalina includes new requirements for self-signed certificates.
See: https://support.apple.com/en-us/HT210176
These new requirements include the addition of two TLS server certificate extensions.
- extendedKeyUsage
- subjectAltName
The extendedKeyUsage must be set to serverAuth.
The subjectAltName must be set to the DNS name of the server.
In the absense of these new extensions, when the LUCI web interface is configured to use HTTPS and
self-signed certs, MacOS user running Google Chrome browsers will not be able to access the LUCI web enterface.
If you are generating self-signed certs which do not include that extension, Chrome will
report "NET::ERR_CERT_INVALID" instead of "NET::ERR_CERT_AUTHORITY_INVALID".  You can click through to
ignore the latter, but not the former.

This change updates the uhttpd init script to generate self-signed cert that meets the new requirements.
Signed-off-by: Pat Fruth <pat@patfruth.com>
Link: https://github.com/openwrt/openwrt/pull/15366
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-13 21:07:13 +02:00
Hannu Nyman
efca89daef px5g-mbedtls: add subjectAltName and extendedKeyUsage to SSL certs
To better acommodate with the current browsers' requirements, also
self-signed certificates should have subjectAltName and
extendedKeyUsage defined in the self-signed x509 SSL certificates.

The following case sensitive options are now possible:
-addext subjectAltName=DNS:...
-addext subjectAltName=EMAIL:...
-addext subjectAltName=IP:...
-addext subjectAltName=URI:...
-addext extendedKeyUsage=serverAuth OR -addext extendedKeyUsage=any

Initial draft by Paul Donald <newtwen@gmail.com>

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/15366
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-13 21:07:13 +02:00
Marek Behún
ccc06f6716 firmware: omnia-mcu-firmware: Bump to 4.1
Bump `omnia-mcu-firmware` to version 4.1.

This version fixes the following issue on boards with GD32 MCU:
* the user has old GD32 MCU bootloader and application (version 2.0)
* the user upgraded MCU application firmware to newer version (from
  2.99 to 4.0)
* the user wants to upgrade application again, but it is impossible,
  because when MCU application firmware jumps into the old MCU
  bootloader firmware (2.0), the old bootloader firmware gets stuck in
  exception
* the user has to restart the board and upgrade the bootloader firmware
  first, which is not ideal, since if bootloader firmware upgrade is
  interrupted, the board gets bricked

Therefore the `omnia-mcutool` utility version 0.3-rc3 will refuse to
upgrade MCU application firmware to versions 2.99 to 4.0 if the MCU
bootloader firmware is at version 2.0.

For users to be able to upgrade MCU application firmware on GD32
boards, they will need this new 4.1 version.

Users that already upgraded the MCU application firmware to a version
version between 2.99 and 4.0 (using a previous version of the
`omnia-mcutool` utility) have no other choice but to upgrade MCU
bootloader firmware as well.

Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/16159
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-13 12:22:33 +02:00
Gioacchino Mazzurco
e80520197c hostapd: Add support for APuP
Add support for hostapd Access Point Micro Peering

Signed-off-by: Gioacchino Mazzurco <gio@polymathes.cc>
Link: https://gitlab.com/g10h4ck/hostap/-/commits/APuP
Link: https://github.com/openwrt/openwrt/pull/15442
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-13 00:28:32 +02:00
Vyacheslav Ivanov
7305bf616e uboot-envtools: Add support for Orange Pi R1 Plus & LTS
Add support this boards to envtools config
This commit integrates the latest changes from new U-Boot, which includes important updates to the DTSI files for the Orange Pi R1 Plus and Orange Pi R1 Plus LTS boards.

Signed-off-by: Vyacheslav Ivanov <islavaivanov76@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16090
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-12 21:00:36 +02:00
Hannu Nyman
879ee70ea4 ath10k-ct: bump to version 6.9
Use ath10k-ct 6.9 to better match mac80211 backports 6.9.x

Drop patch 010 that is merged upstream.
Add patch 001 to fix version to 6.9 (overlooked by upstream).
Refresh patches.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/16036
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-12 20:56:59 +02:00
Daniel Golle
74bf11570f base-files: get rid of forgotten traces of fitblk_get_bootdev
The function fitblk_get_bootdev doesn't exist any more, using it in
export_bootdevice anyway never made much sense and only worked for
classic block devices.
Just drop /dev/fit* handling there, it isn't needed anywhere.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-12 19:16:58 +01:00
Daniel Golle
c22ba7544e arm-trusted-firmware-mediatek: fix NAND read failure on SNFI
A bug has plagued bl2 which caused failure to boot and bricked Linksys
E8450 and Belkin RT3200 devices in case of correctable bitflips being
detected during a read operation. A simple logic error resulted in read
to be considered errornous instead of just continueing in case of
correctable bitflips.

Address this by importing a patch fixing that logic error.

The issue, which has been dubbed as the "OpenWrt Kiss of Death", and is
now a thing of the past.

Users should preemptively update bl2 to prevent their devices being at
risk.

Link: https://github.com/mtk-openwrt/arm-trusted-firmware/pull/11
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-12 11:31:37 +01:00
Ben Whitten
7ac6739a4c uboot-rockchip: add nanopi r6s rk3588s board support
Backporting support for the NanoPi R6S from upstream
uboot.

Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15607
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-11 18:56:27 +02:00
Ben Whitten
e6ffbcb2d2 uboot-rockchip: backport upstream dts sync
Upstream uboot have merged in kernel dts files, we need
the update for the rk3588 boards.

Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15607
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-11 18:56:27 +02:00
Ben Whitten
76071a8bb0 rkbin: add rk3588 support
Adding support for the rk3588 platform

Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15607
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-11 18:56:27 +02:00
Álvaro Fernández Rojas
bfeef9b3d7 kernel: r8126: add RSS variant
Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-11 15:51:37 +02:00
Álvaro Fernández Rojas
f063f4620c kernel: r8125: add RSS variant
Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-11 15:51:31 +02:00
Álvaro Fernández Rojas
1565eeda4e package: add kmod-r8168 ethernet driver
r8168 is an out of tree driver provided by Realtek for RTL8168 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-11 12:06:14 +02:00
Álvaro Fernández Rojas
ddb4070c96 package: add kmod-r8125 ethernet driver
r8125 is an out of tree driver provided by Realtek for RTL8125 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-10 20:39:59 +02:00
Álvaro Fernández Rojas
54623c6a1d package: add kmod-r8126 ethernet driver
r8126 is an out of tree driver provided by Realtek for RTL8126 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-10 20:36:31 +02:00
Joel Low
824f7ea52d uboot-envtools: add env settings for ubnt,unifi-6-lr-v3
Using the same configuration as my earlier Unifi 6-LRv2s:

```bash
$ cat /etc/fw_env.config
/dev/mtd3 0x0 0x1000 0x1000 1
$ fw_printenv
arch=arm
baudrate=115200
board=mt7622_evb
board_name=mt7622_evb
bootcmd=bootubnt
bootdelay=3
bootfile=uImage
cpu=armv7
device_model=U6-LR
ethact=mtk_eth
ethaddr=<redacted>
ipaddr=<redacted>
is_ble_stp=true
is_default=true
loadaddr=0x5007FF28
macaddr=<redacted>
serverip=<redacted>
soc=mt7622
stderr=serial
stdin=serial
stdout=serial
vendor=mediatek
```

Signed-off-by: Joel Low <joel@joelsplace.sg>
Link: https://github.com/openwrt/openwrt/pull/16127
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-10 18:02:27 +02:00
Paul Spooren
44b6df3184 sdk: fix APK key creation
The keys are created differently compared to the old OPKG keys. Instead
of being part of base-files/configure, they are created as a Makefile
requirement of `package/compile`, which is a cleaner solution.

This requirement would only be added to non SDK environments, however
APK always requires keys to be available. Add an `else` case for the SDK
and create keys.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-08-09 01:47:05 +02:00
Kristian Skramstad
d62648d58c qualcommax: ipq60xx: add support for Cambium Networks XE3-4
Cambium Networks XE3-4 is a tri-radio Wi-Fi 6/6E 4×4/2×2 AP.

Hardware:
    Model:    Cambium Networks XE3-4
    CPU:      IPQ6010/AP-CP01-C3, SoC Version: 1.0 @ 800 MHz
    Memory:   1 GiB
    Flash:    512 MiB Macronix MX30UF2G18AC + W25Q128FW
    Ethernet: 1x 1 GbE   (QCA8072)
              1x 2.5 GbE (QCA8081)
    Buttons:  1x Reset
    Serial:   TX, RX, GND
    Baudrate: 115200
    Radios:   Qualcomm Atheros IPQ6018 802.11ax - 2x2 - 2GHz
              Qualcomm Atheros IPQ6018 802.11ax - 2x2 - 5GHz
              Qualcomm Atheros QCN9074 802.11ax - 4x4 - 5GHz or 6GHz
              BLE 4.1
    Power:    32.0W 802.3bt5 PoE++
              25.5W 802.3at with USB, BT disabled
    Size:     215mm x 215mm
    Ports:    1x USB 2.0
    Antenna:  6 GHz: 6.29 dBi, Omni    30 dBm
              5 GHz: 6.12 dBi, Omni    31 dBm
              2.4 GHz: 4.85 dBi, Omni  29 dBm
    LEDs:     Multi-color status LEDs
    Mounting: Wall, ceiling or T-bar

Installation: Serial connection
1. Open the AP to get access to the board. Connect RX, TX and GND.
2. Power on the AP, and short the CS pin of the SPI flash with
   one of the APs GND pins.
3. Transfer the initramfs image with TFTP
   (Default server IP is 192.168.0.120)
   # tftpboot factory.ubi
4. Flash the rootfs partition
   # flash rootfs
5. Reboot the AP
   # reset

Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Link: https://github.com/openwrt/openwrt/pull/15633
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-08 22:57:22 +02:00
Aleksey Vasilenko
f8ed29932f libunistring: update to 1.2
Release notes:
  https://git.savannah.gnu.org/gitweb/?p=libunistring.git;a=blob_plain;f=NEWS

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16065
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-07 18:05:32 +02:00
Zxl hhyccc
58a8b882ce kernel: mtdtests: update for 6.1 as well
6.1.103 and 6.6.44 introduced breakage complaining about missing mtd_test.ko
for some targets.

Signed-off-by: Zxl hhyccc <zxlhhy@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16093
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-07 10:07:49 +02:00
Paul Spooren
ef8c1adb61 apk: switch to index-trust branch
Initially APK would sign packages and package index and verify
signatures individually. With the latest change, all packages inside a
trusted index are automatically trusted.

This is important within the OpenWrt eco-system since signing the index
happens on another machine than the package creation.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-08-06 18:07:30 +02:00
Mieczyslaw Nalewaj
ce6145b818 kernel: Add kmod-mfd-test for kernel 6.6 only
Compilation of mtd_test.ko should be added only for kernel 6.6 or above.

Fixes 26df88a ("kernel: Add kmod-mfd-test")

Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/16085
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-06 14:04:31 +02:00
Marek Behún
38f2d26f1b utils: omnia-mcutool: Bump to 0.3-rc3
Bump omnia-mcutool to 0.3-rc3:

* The `--upgrade` option will now work even if MCU is in bootloader (for
  example if previous upgrade was aborted).

* On boards with GD32 MCUs, `omnia-mcutool` will now refuse to upgrade
  application firmware to version lower than 4.1 if bootloader version
  is 2.0 (the original for first batch of boards with GD32 MCUs) since
  these versions of application and bootloader are not compatible.

  If user already upgraded to such a combination, an upgrade of
  bootloader firmware is required.

  The `--upgrade` option will inform about this and will automatically
  upgrade bootloader firmware if the `--force` option is given.

  (Note that version 4.1 of the MCU firmware was will be released soon,
   once it is properly tested.)

* Various other improvements.

Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/16086
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-06 10:49:21 +02:00
John Audia
26df88a7df kernel: Add kmod-mfd-test
6.6.44 introduced breakage complaining about missing mtd_test.ko
for some targets.

Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/16061
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-06 00:40:14 +02:00
Rany Hany
db7f70fe61 hostapd: fix SAE H2E security vulnerability
This patch backports fixes for a security vulnerability impacting the
hostapd implementation of SAE H2E.

As upgrading hostapd would require more testing, the second mitigation
step which involves backporting several patches was adopted as outlined
in the official advisory[1].

An explanation of the impact of the vulnerability is provided from the
advisory[1]:

This vulnerability allows the attacker to downgrade the negotiated group
to another enabled group if both the AP and STA have enabled SAE H2E and
multiple groups. It should be noted that the H2E option is not enabled
by default and the attack is not applicable to the default option, i.e.,
hunting-and-pecking, since it does not have any downgrade protection for
group negotiation. In addition, the default configuration for enabled
SAE groups in hostapd is to enable only a single group, so the
vulnerability is not applicable unless hostapd has been explicitly
configured to enable more groups for SAE.

[1]: https://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt

Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16042
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-02 23:13:44 +02:00
Marek Mojík
17ecd37c6a utils: Add the omnia-mcutool utility
Add a new utility, omnia-mcutool, which main purpose is to upgrade the
firmware on the microcontroller on the Turris Omnia router. Depends on
omnia-mcu-firmware, and the upgrade process is pretty simple:

  omnia-mcutool --upgrade

Besides firmware upgrade, the utility can be used to show and configure
various firmware settings.

Signed-off-by: Marek Mojík <marek.mojik@nic.cz>
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-02 22:11:05 +02:00
Marek Mojík
56706d33cf firmware: Add CZ.NIC Turris Omnia MCU firmware
Add a new package, omnia-mcu-firmware, containing firmware binaries for
the microcontroller on the Turris Omnia router.

Signed-off-by: Marek Mojík <marek.mojik@nic.cz>
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-02 22:11:05 +02:00
Marek Behún
cbc8d072c8 gpio-button-hotplug: add vendor button handling
Handle the KEY_VENDOR key in gpio-button-hotplug driver. This is used
by Turris Omnia.

Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-02 22:11:05 +02:00
Daniel Golle
ee8c05f9b6 netifd: update to git HEAD
68c8a4f system-linux: re-apply ethtool on phy attachment
 890929b wireless: add support for defining wifi interfaces via procd service data
 b57e40b wireless: use blobmsg_parse_attr
 7a6532f proto-shell: add proto property for skipping device config
 33ec3da CMake: bump the minimum required CMake version to 3.5

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-01 20:48:24 +01:00
FUKAUMI Naoki
7e06815257 mac80211: realtek: rtw88: add support for RTL8723DS and RTL8723DU
add Realtek RTL8723DS and RTL8723DU support to rtw88 package.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15910
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-01 00:04:41 +02:00
Hauke Mehrtens
4e6212e62f linux-firmware: amd64-microcode: Remove TARGET_x86 dependency
Build the amd64-microcode package on all architectures even if it only
makes sense to use it on x86. If the package build is done by a builder
not building for x86 it will not include the package otherwise.

Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
Hauke Mehrtens
4992946bc9 firmware-utils: Mark as nonshared to build in step 1
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different  target.

Fixes: 24d6abe2d7 ("firmware-utils: new package replacing otrx")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
Hauke Mehrtens
9ac50c0aa3 dns320l-mcu: Mark as nonshared to build in step 1
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different  target.

Fixes: 8619d7af67 ("kirkwood: add D-Link DNS-320L support")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
Hauke Mehrtens
54258c396f kobs-ng: Mark as nonshared to build in step 1
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different  target.

Fixes: 1eb21b87bd ("kobs-ng: add new package")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
Hauke Mehrtens
9a981ffb51 imx-bootlets: Mark as nonshared to build in step 1
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different  target.

Fixes: 07043a853a ("imx23: rename imx23 to mxs for upcoming imx23/28 support")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
Hauke Mehrtens
fe62370e55 firmware: Mark Intel/Lantiq firmware packages as nonshared
Package the firmware files in the target specific build step and not in
the architecture common step. The architecture common step is not
necessary build for the ipq40xx target. If it is build for a different
target these packages are not packaged at all. This moves the build to
the ipq40xx target specific build step. This change is needed to make
the firmware files show up in the buildbot images.

Fixes: 02db8a19cb ("firmware: add Intel/Lantiq VRX518 ACA firmware package")
Fixes: 07b0e6f3d9 ("firmware: add Intel/Lantiq VRX518 PPE firmware package")
Fixes: 13eb1f564a ("firmware: add Intel/Lantiq VRX518 DSL firmware package")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
FUKAUMI Naoki
649bc715b2 rockchip: add support for Radxa ROCK Pi E v3.0
Radxa ROCK Pi E v3.0 is a compact networking SBC[1] using the Rockchip
RK3328 SoC.

Hardware
--------
- Rockchip RK3328 SoC
- Quad A53 CPU
- 512MB/1GB/2GB DDR4 RAM
- 4/8/16/32GB eMMC
- Micro SD Card slot
- WiFi 4 and BT 4, or WiFi 5 and BT 5 (not supported yet)
- 1x 1000M Ethernet with PoE support (additional PoE HAT required)
- 1x 100M Ethernet
- 1x USB 3.0 Type-A port (Host)
- 1x 4-ring 3.5mm headphone jack
- 40 Pin GPIO header

[1] https://radxa.com/products/rockpi/pie

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15984
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-29 23:00:14 +02:00
Hauke Mehrtens
91573ac145 ncurses: Fix path in ncursesw.pc
The file contains the the /usr/lib path from the toolchain directory and
not from the target directory. The /usr/lib directory for the toolchain
is empty and the shared library is not in the specified paths. On RISCV
the linker of util-linux was finding the libncursesw.so in my host
system, tried to link against it and failed. Fix the .pc file.

Fixes: #15942
Co-authored-by: Thomas Weißschuh <thomas@t-8ch.de>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/16018
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-28 19:30:35 +02:00
Aleksey Vasilenko
d261be1d9e mwlwifi: fix mac80211 broken after update to 6.9.9
Port of kernel commit: https://github.com/torvalds/linux/commit/0a44dfc
Fixes: https://github.com/openwrt/openwrt/issues/15975
Fixes: 1bfcc1e ("mac80211: update to version 6.9.9")

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16016
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-28 19:16:34 +02:00
INAGAKI Hiroshi
08705d4481 uboot-ath79: add support for NEC Aterm series based on AR9344
Add support for NEC Aterm series devices based on Atheros AR9344.
The following devices have almost the same hardware, so the same U-Boot
binary can be used for them.

- NEC Aterm WR8750N
- NEC Aterm WR9500N
- NEC Aterm WG600HP

By the way, on NetBSD-based NEC Aterm devices, only 0x20000 (128KiB) is
available for a bootloader on the flash chip and that limitation is too
small for mainline U-Boot with the default options. So many
features/commands not required for booting OpenWrt and recoverying are
disabled on that devices, like the followings.

- networking support
- FIT support
- all decompression methods support

etc...

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15432
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-28 18:47:56 +02:00
INAGAKI Hiroshi
e08b4bab8f uboot-ath79: add new U-Boot package for Atheros/QCA devices
Add U-Boot package for the devices that based on Atheros/Qualcomm
Atheros SoCs.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15432
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-28 18:47:56 +02:00
Hauke Mehrtens
e33ebdd00e ltq-ptm: Fix netdev ioctls with kernel > 5.15
.ndo_do_ioctl is not called for SIOCDEVPRIVATE any more, the kernel
calls .ndo_siocdevprivate now.

The function gets the data pointer from the callback directly, make use
of it.

See upstream Linux kernel commit:
https://git.kernel.org/linus/b9067f5dc4a07c8e24e01a1b277c6722d91be39e

Link: https://github.com/openwrt/openwrt/pull/16005
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-28 16:12:51 +02:00
Thomas Weißschuh
edf927690e util-linux: update to v2.40.2
Release Notes:
        https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40-ReleaseNotes
        https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40.1-ReleaseNotes
        https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40.2-ReleaseNotes

Remove upstreamed:
        0001-meson-Fix-build-python-option.patch

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
Link: https://github.com/openwrt/openwrt/pull/15995
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-27 18:59:42 +02:00
Rafał Miłecki
a67b20e3d5 base-files: upgrade: nand: allow custom fw extraction in nand_do_upgrade()
By default nand_do_upgrade() can only deal with raw and gzipped firmware
files. Vendors often use custom firmware containers. Allow passing
custom extraction command to allow using nand_do_upgrade() with vendor
firmwares.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-07-26 13:41:25 +02:00
Chukun Pan
ee382f65a9 uboot-mediatek: add TP-LINK TL-XTR8488 support
Same as TP-Link TL-XDR608x, this router comes with locked vendor
loader. Add U-Boot build for replacement loader for this device.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Link: https://github.com/openwrt/openwrt/pull/15930
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-25 22:54:16 +02:00
FUKAUMI Naoki
d94d14a5ed rockchip: add support for Radxa ROCK 3A
Radxa ROCK 3A is a credit card sized SBC with rich interfaces[1] using
the Rockchip RK3328 SoC.

Hardware
--------
- Rockchip RK3568 SoC
- Quad Cortex-A55 CPU
- Mail G52 GPU
- 1 TOPs NPU
- 2/4/8GB LPDDR4 RAM
- 1x eMMC connector
- 1x M.2 M Key (2-lane PCIe 3.0) supporting NVMe SSD
- 1x Micro SD card slot
- 1x 1000M Ethernet with PoE support (additional PoE HAT required)
- 1x USB 3.0 Type-A port (Host)
- 1x USB 3.0 Type-A port (OTG)
- 2x USB 2.0 Type-A ports (Host)
- 40 pin color GPIO header

[1] https://radxa.com/products/rock3/3a

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15985
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-25 22:50:28 +02:00
FUKAUMI Naoki
bbcd5111cb rockchip: add support for Radxa ROCK Pi S
Radxa ROCK Pi S is a small in size, full in features SBC[1] using the
Rockchip RK3308B SoC.

Hardware
--------
- Rockchip RK3308B SoC
- Quad A35 CPU
- 256/512MB DDR3 RAM
- Optional 4/8GB eMMC
- Micro SD Card slot
- Optional WiFi 4 and BT 4 (not supported yet)
- 1x 100M Ethernet with PoE support (additional PoE HAT required)
- 1x USB 2.0 Type-A port (Host)
- 1x USB 2.0 Type-C port (OTG)
- 2x 26 Pin GPIO header

[1] https://radxa.com/products/rockpi/pis

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15933
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-24 00:03:02 +02:00
FUKAUMI Naoki
2d31004133 wifi-scripts: add missing dependency on ucode-mod-rtnl
rtnl is used in hostap/common.uc.

$ grep -r rtnl files
files/usr/share/hostap/common.uc:import * as rtnl from "rtnl";
files/usr/share/hostap/common.uc:	     rtnl.request(rtnl.const.RTM_SETLINK, 0, { dev: reuse_ifname, ifname: name}) != false))
files/usr/share/hostap/common.uc:	rtnl.request(rtnl.const.RTM_SETLINK, 0, { dev: name, change: 1, flags: up ? 1 : 0 });

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15922
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-23 23:49:36 +02:00
Martin Schiller
13eb1f564a firmware: add Intel/Lantiq VRX518 DSL firmware package
This is required by the DSL CPE API driver.

Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[update for new license]
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15550
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 21:42:09 +02:00
Martin Schiller
07b0e6f3d9 firmware: add Intel/Lantiq VRX518 PPE firmware package
This firmware is used by the vrx518 tc driver.

Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[update for new license]
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15550
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 21:42:09 +02:00
Martin Schiller
02db8a19cb firmware: add Intel/Lantiq VRX518 ACA firmware package
This firmware is used by the vrx518 ep driver.

Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[update for new license]
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15550
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 21:42:09 +02:00
Borys Zhukov
f25cd55bd1 ramips: add support for Netgear WAX214v2
Netgear WAX214v2 is an 802.11ax (Wi-Fi 6) wireless access point.

Specifications:
* SoC: MediaTek MT7621AT
* RAM: 512 MiB
* Flash: NAND 128 MiB (ESMT PSU1GA30DT)
* Wi-Fi: 2.4/5 GHz 4T4R (MediaTek MT7915E)
* Ethernet: 1x 10/100/1000 Mbps LAN
* Switch: MediaTek MT7530 (SoC built-in)
* LEDs/Keys
  * Power (green, blue, amber)
  * LAN (green, amber)
  * WLAN 2.4GHz (green, blue)
  * WLAN 5GHz (green, blue)
  * Reset button
* USB: None
* UART: Marked J1 on board, 115200 8N1
* Power
  * 12 VDC, 1.5 A
  * IEEE 802.3at (PoE+)

Load addresses (same as Netgear WAX202):
* stock
  * 0x80010000: FIT image
  * 0x81001000: kernel image -> entry
* OpenWrt
  * 0x80010000: FIT image
  * 0x82000000: uncompressed kernel+relocate image
  * 0x80001000: relocated kernel image -> entry

MAC addresses as verified by OEM firmware:

vendor   OpenWrt   address
eth0     lan       label
ra0      phy0      label + 2
rax0     phy1      label + 3

Installation:
* Flash the factory image by TFTP to the bootloader.
  NMRP can be used to TFTP without opening the case.

Revert to stock firmware:
* Flash the stock firmware to the bootloader using TFTP/NMRP.

References to WAX214v2 GPL source:
https://www.downloads.netgear.com/files/GPL/WAX214v2-V1.0.1.5-gpl-src.tar.gz

* openwrt/target/linux/ramips/dts/mt7621-ax-nand-wax214v2.dts
  DTS file for this device.

Signed-off-by: Borys Zhukov <borys@zhukov.org>
Link: https://github.com/openwrt/openwrt/pull/14401
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 20:05:14 +02:00
Luiz Angelo Daros de Luca
403c17cadf kernel: modules: video: add kmod-video-gspca-pac7302
Add the package for the Pixart PAC7302 USB Camera Driver kernel module.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15886
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 19:01:23 +02:00
Philip Prindeville
0037100e12 base-files: ipcalc.sh handle start and range being empty strings
If we're being paranoid and quote all the arguments to ipcalc.sh,
it's possible to pass in empty start and range arguments.  This
should be handled the same as their being absent.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Link: https://github.com/openwrt/openwrt/pull/15946
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 17:31:59 +02:00
Marco von Rosenberg
f84a9f7dc0 ath79: add support for Huawei AP6010DN
Huawei AP6010DN is a dual-band, dual-radio 802.11a/b/g/n 2x2 MIMO
enterprise access point with one Gigabit Ethernet port and PoE
support.

Hardware highlights:
- CPU: AR9344 SoC at 480MHz
- RAM: 128MB DDR2
- Flash: 32MB SPI-NOR
- Wi-Fi 2.4GHz: AR9344-internal radio
- Wi-Fi 5GHz: AR9580 PCIe WLAN SoC
- Ethernet: 10/100/1000 Mbps Ethernet through Atheros AR8035 PHY
- PoE: yes
- Standalone 12V/2A power input
- Serial console externally available through RJ45 port
- External watchdog: CAT706SVI (1.6s timeout)

Serial console:
  9600n8 (9600 baud, no stop bits, no parity, 8 data bits)

MAC addresses:
  Each device has 32 consecutive MAC addresses allocated by
  the vendor, which don't overlap between devices.
  This was confirmed with multiple devices with consecutive
  serial numbers.
  The MAC address range starts with the address on the label.
  To be able to distinguish between the interfaces,
  the following MAC address scheme is used:
    - eth0 = label MAC
    - radio0 (Wi-Fi 2.4GHz) = label MAC + 1
    - radio1 (Wi-Fi 5GHz) = label MAC + 2

Installation:
0. Connect some sort of RJ45-to-USB adapter to "Console" port of the AP

1. Power up the AP

2. At prompt "Press f or F  to stop Auto-Boot in 3 seconds",
   do what they say.
   Log in with default admin password "admin@huawei.com".

3. Boot the OpenWrt initramfs from TFTP using the hidden script "run ramboot".
   Replace IP address as needed:

   > setenv serverip 192.168.1.10
   > setenv ipaddr 192.168.1.1
   > setenv rambootfile openwrt-ath79-generic-huawei_ap6010dn-initramfs-kernel.bin
   > saveenv
   > run ramboot

4. Optional but recommended as the factory firmware cannot be downloaded publicly:
   Back up contents of "firmware" partition using the web interface or ssh:

   $ ssh root@192.168.1.1 cat /dev/mtd11 > huawei_ap6010dn_fw_backup.bin

5. Run sysupgrade using sysupgrade image. OpenWrt
   shall boot from flash afterwards.

Return to factory firmware (using firmware upgrade package downloaded from non-public Huawei website):
1. Start a TFTP server in the directory where
   the firmware upgrade package is located

2. Boot to u-boot as described above

3. Install firmware upgrade package and format the config partitions:

   > update system FatAP6X10XN_SOMEVERSION.bin
   > format_fs

Return to factory firmware (from previously created backup):
1. Copy over the firmware partition backup to /tmp,
   for example using scp

2. Use sysupgrade with force to restore the backup:
   sysupgrade -F huawei_ap6010dn_fw_backup.bin

3. Boot AP to U-Boot as described above

Quirks and known issues:
- The stock firmware has a semi dual boot concept where the primary
kernel uses a squashfs as root partition and the secondary kernel uses
an initramfs. This dual boot concept is circumvented on purpose to gain
more flash space and since the stock firmware's flash layout isn't
compatible with mtdsplit.
- The external watchdog's timeout of 1.6s is very hard to satisfy
during bootup. This is why the GPIO15 pin connected to the watchdog input
is configured directly in the LZMA loader to output the AHB_CLK/2 signal
which keeps the watchdog happy until the wdt-gpio kernel driver takes
over. Because it would also take too long to read the whole kernel image
from flash, the uImage header only includes the loader which then reads
the kernel image from flash after GPIO15 is configured.

Signed-off-by: Marco von Rosenberg <marcovr@selfnet.de>
Link: https://github.com/openwrt/openwrt/pull/15941
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 16:51:52 +02:00
Tianling Shen
f2f428c699 mediatek: add ABT ASR3000 support
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: 128 MB SPI-NAND
  RAM: 256MB
  Ethernet: 4x 10/100/1000 Mbps
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, Mesh
  Power: DC 12V 1A

Gain telnet access:
1. Login into web interface, and download the configuration.
2. Decode and uncompress the configuration:
     * Enter fakeroot if you are not login as root.
   base64 -d e-xxxxxxxxxxxx-cfg.tar.gz | tar -zx
3. Edit 'etc/passwd', remove root password: 'root::1:0:99999:7:::'.
4. Edit 'etc/rc.local', insert telnetd command before 'exit 0':
   ( sleep 3s; /usr/sbin/telnetd; ) &
5. Repack the configuration:
   tar -zc etc/ | base64 > e-xxxxxxxxxxxx-cfg.tar.gz
6. Upload new configuration via web interface, now you can connect to
   ASR3000 via telnet.

Flash instructions:
1. Connect to ASR3000, backup everything, especially 'Factory' part.
2. Write new BL2:
   mtd write openwrt-mediatek-filogic-abt_asr3000-preloader.bin BL2
3. Write new FIP:
   mtd write openwrt-mediatek-filogic-abt_asr3000-bl31-uboot.fip FIP
4. Set static IP on your PC:
   IP 192.168.1.254/24, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, perform sysupgrade.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15887
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 16:13:06 +02:00
Sean Khan
02e8285051 mac80211: fix kconf build warnings
This patch cleans up the following warnings during build:

"warning: format not a string literal"

```
conf.c: In function 'conf_askvalue':
conf.c:89:17: warning: format not a string literal and no format arguments [-Wformat-security]
    89 |                 printf(_("(NEW) "));
      |                 ^~~~~~
conf.c: In function 'conf_choice':
conf.c:285:33: warning: format not a string literal and no format arguments [-Wformat-security]
  285 |                                 printf(_(" (NEW)"));
      |                                 ^~~~~~
conf.c: In function 'check_conf':
conf.c:440:41: warning: format not a string literal and no format arguments [-Wformat-security]
  440 |                                         printf(_("*\n* Restart config...\n*\n"));
      |                                         ^~~~~~
conf.c: In function 'main':
conf.c:617:41: warning: format not a string literal and no format arguments [-Wformat-security]
  617 |                                         _("\n*** The configuration requires explicit update.\n\n"));
      |                                         ^
conf.c:669:25: warning: format not a string literal and no format arguments [-Wformat-security]
  669 |                         fprintf(stderr, _("\n*** Error during writing of the configuration.\n\n"));
      |                         ^~~~~~~
conf.c:673:25: warning: format not a string literal and no format arguments [-Wformat-security]
  673 |                         fprintf(stderr, _("\n*** Error during update of the configuration.\n\n"));
      |                         ^~~~~~~
conf.c:684:25: warning: format not a string literal and no format arguments [-Wformat-security]
  684 |                         fprintf(stderr, _("\n*** Error during writing of the configuration.\n\n"));
      |                         ^~~~~~~
```

And POSIX Yacc warnings
```
lex -ozconf.lex.c -L zconf.l
yacc -ozconf.tab.c -t -l zconf.y
zconf.y:34.1-7: warning: POSIX Yacc does not support %expect [-Wyacc]
    34 | %expect 32
      | ^~~~~~~
zconf.y:97.1-11: warning: POSIX Yacc does not support %destructor [-Wyacc]
    97 | %destructor {
      | ^~~~~~~~~~~
gcc -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -DKBUILD_NO_NLS   -c -o zconf.tab.o zconf.tab.c
gcc   conf.o zconf.tab.o   -o conf
```

After:

gcc -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -DKBUILD_NO_NLS   -c -o conf.o conf.c
yacc -Wno-yacc -ozconf.tab.c -t -l zconf.y
gcc -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -DKBUILD_NO_NLS   -c -o zconf.tab.o zconf.tab.c
gcc   conf.o zconf.tab.o   -o conf

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15953
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 14:01:21 +02:00
Tony Ambardar
2bebf13357 libbpf: Update to v1.4.5
Update to the latest upstream release to include recent improvements and
bugfixes.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.5
Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.4
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-07-19 12:14:47 -07:00
Rafał Miłecki
715634e6d1 base-files: upgrade: nand: use "cmd" argument for extracting command
NAND code uses either "cat" or "zcat" for getting firmware image
content. Code was full of duplicated ${gz}cat calls. Use "cmd" variable
that is determined by a caller and passed to lower level functions. This
avoids code duplication and allows adding support for more formats.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-07-19 08:48:51 +02:00
Rafał Miłecki
4565699ebe base-files: upgrade: nand: document nand_do_upgrade()
Describe what firmware files are supported.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-07-19 08:48:51 +02:00
Tianling Shen
39c824f846 mediatek: switch to fitblk for cmcc rax3000m
Use the new fitblk driver.

Tested-by: Yangyu Chen <cyy@cyyself.name>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-18 13:20:58 +01:00
Daniel Golle
de2df0f2c5 base-files: remove fitblk_get_bootdev() from /lib/upgrade/common.sh
The function was moved to /lib/upgrade/fit.sh which is part of the fitblk
package. Remove it from /lib/upgrade/common.sh to safe space on boards
not using unified uImage.FIT images.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-18 11:48:53 +01:00
Daniel Golle
386855dca8 uboot-envtools: use /lib/upgrade/fit.sh
Use export_fitblk_bootdev() in /lib/upgrade/fit.sh instead of now
deprecated fitblk_get_bootdev() function. Include /lib/upgrade/fit.sh
instead of /lib/upgrade/common.sh to allow removing the function there.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-18 11:48:53 +01:00
Daniel Golle
ec2dc60d57 fitblk: move shell functions to common file
Move shell functions used for sysupgrade into /lib/upgrade/fit.sh.
Introduce improved fitblk boot device detection function which
works also in case ubiblock devices have not yet been created or
even UBI itself not yet being attached.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-18 11:48:53 +01:00
Hauke Mehrtens
3a0232ffd3 wolfssl: Update to version 5.7.2
This fixes multiple security problems:
 * [Medium] CVE-2024-1544
   Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls.

 * [Medium] CVE-2024-5288
   A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations.

 * [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS.

 * [Low] CVE-2024-5991
   In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.

 * [Medium] CVE-2024-5814
   A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection.

 * [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received.

 * [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt.

Unset DISABLE_NLS to prevent setting the unsupported configuration
option --disable-nls which breaks the build now.

Link: https://github.com/openwrt/openwrt/pull/15948
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-15 23:57:44 +02:00
Felix Fietkau
37f5a3bb01 uboot-mediatek: fix build error on mt7988-rfb
Remove an unnecessary config option that was breaking the build

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-07-15 11:55:48 +02:00
Daniel Golle
850a5caaa3 fstools: update to git HEAD
408c2cc libfstools: skip JFFS2 padding when BLOCKSIZE was given
 013050f fstools: remove redundant F2FS_MINSIZE definition

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-14 19:45:21 +01:00
Daniel Golle
3a85467427 uboot-mediatek: remove hard-coded UBI volume numbers
There is no point in hard-coding the UBI volume numbers as we are
dynamically looking up the volume by volume name in all cases by now.

Remove this relict as it causes problems without being useful for
anything.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-14 16:29:49 +01:00
Shiji Yang
a40e0c7529 uboot-mediatek: refresh device defconfig files
It seems that most of them are manually modified. However, we can
use `make savedefconfig` to generate a clean defconfig file.

Refreshed by:
```
Boards=(
	mt7623n_bpir2_defconfig \
	mt7623a_unielec_u7623_02_defconfig \
	mt7622_bananapi_bpi-r64-sdmmc_defconfig \
	mt7622_bananapi_bpi-r64-emmc_defconfig \
	mt7622_bananapi_bpi-r64-snand_defconfig \
	mt7622_linksys_e8450_defconfig \
	mt7622_ubnt_unifi-6-lr-v1_defconfig \
	mt7622_ubnt_unifi-6-lr-v2_defconfig \
	mt7622_ubnt_unifi-6-lr-v3_defconfig \
	ravpower-rp-wd009-ram_defconfig \
	mt7621_zbtlink_zbt-wg3526-16m_defconfig \
	mt7986_netcore_n60_defconfig \
	mt7986a_bpi-r3-emmc_defconfig \
	mt7986a_bpi-r3-nor_defconfig \
	mt7986a_bpi-r3-sd_defconfig \
	mt7986a_bpi-r3-snand_defconfig \
	mt7986_xiaomi_redmi-ax6000_defconfig \
	mt7986_tplink_tl-xdr4288_defconfig \
	mt7986_tplink_tl-xdr6086_defconfig \
	mt7986_tplink_tl-xdr6088_defconfig \
	mt7981_qihoo-360t7_defconfig \
	mt7981_xiaomi_mi-router-wr30u_defconfig \
	mt7981_h3c_magic-nx30-pro_defconfig \
	mt7986a_glinet_gl-mt6000_defconfig \
	mt7981_cmcc_rax3000m-emmc_defconfig \
	mt7981_cmcc_rax3000m-nand_defconfig \
	mt7981_jcg_q30-pro_defconfig \
	mt7986_zyxel_ex5601-t0_defconfig \
	mt7981_xiaomi_mi-router-ax3000t_defconfig \
	mt7986a_jdcloud_re-cp-03_defconfig \
	mt7986a_bpi-r3-mini-emmc_defconfig \
	mt7986a_bpi-r3-mini-snand_defconfig \
	mt7981_nokia_ea0326gmp_defconfig \
	mt7988a_bananapi_bpi-r4-emmc_defconfig \
	mt7988a_bananapi_bpi-r4-sdmmc_defconfig \
	mt7988a_bananapi_bpi-r4-snand_defconfig \
	mt7988a_bananapi_bpi-r4-poe-emmc_defconfig \
	mt7988a_bananapi_bpi-r4-poe-sdmmc_defconfig \
	mt7988a_bananapi_bpi-r4-poe-snand_defconfig \
	mt7622_xiaomi_redmi-router-ax6s-ubi-loader_defconfig \
	mt7981_openwrt-one-nor_defconfig \
	mt7981_openwrt-one-spi-nand_defconfig \
	)

for Board in ${Boards[@]}
do
	echo "Refresh board ${Board}"
	make ${Board}
	make savedefconfig
	cat ./defconfig > ./configs/${Board}
done
```

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-07-14 16:29:49 +01:00
Shiji Yang
6951526792 uboot-mediatek: update to U-Boot release v2024.07
1. Rename function _do_env_set() to env_do_env_set().
2. Replace kwbimage hack with UBOOT_CUSTOMIZE_CONFIG:
   "--disable TOOLS_KWBIMAGE" and "--disable TOOLS_LIBCRYPTO".
3. Disable CONFIG_CMD_BOOTEFI_BOOTMGR for all supported devices
   because the newly added UEFI bootmenu entries doesn't work.
4. Enable CONFIG_VERSION_VARIABLE for the OpenWrt One.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Co-authored-by: Daniel Golle <daniel@makrotopia.org>
2024-07-14 16:29:49 +01:00
Felix Fietkau
7f44f8d8d6 mt76: update to Git HEAD (2024-07-13)
564cd93961fc mt76: sync with upstream changes
3b47d9df427c wifi: mt76: mt7915: fix oops on non-dbdc mt7986

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-07-13 15:31:32 +02:00
谢致邦 (XIE Zhibang)
e4ce494529 netfilter: kmod-nft-netdev: add egress support
The netdev egress hook was added in Linux kernel 5.16.

Link: https://patchwork.ozlabs.org/project/openwrt/patch/tencent_EB1DF62723D08576A747D0DAE16FFB99B505@qq.com/
Signed-off-by: 谢致邦 (XIE Zhibang) <Yeking@Red54.com>
2024-07-13 14:54:35 +02:00
Shiji Yang
419ceead11 rtl8812au-ct: fix build with mac80211 6.9.9 backport
The change_beacon() API has been updated since the 6.7 kernel. Ref:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.9.9&id=66f85d57b7109baf8a7d5ee04049ac9412611d35

Fix build error:
../rtl8812au-ct-2022.10.26~9b2b203a/os_dep/linux/ioctl_cfg80211.c:5984:26: error: initialization of 'int (*)(struct wiphy *, struct net_device *, struct cfg80211_ap_update *)' from incompatible pointer type 'int (*)(struct wiphy *, struct net_device *, struct cfg80211_beacon_data *)' [-Werror=incompatible-pointer-types]
 5984 |         .change_beacon = cfg80211_rtw_change_beacon,
      |                          ^~~~~~~~~~~~~~~~~~~~~~~~~~
../rtl8812au-ct-2022.10.26~9b2b203a/os_dep/linux/ioctl_cfg80211.c:5984:26: note: (near initialization for 'rtw_cfg80211_ops.change_beacon')

Link: https://patchwork.ozlabs.org/project/openwrt/patch/TYCP286MB0895A26BA1C0517F2CBE71F0BCA72@TYCP286MB0895.JPNP286.PROD.OUTLOOK.COM/
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-07-13 14:25:36 +02:00
Shiji Yang
192afd31e3 mac80211: rt2x00: remove upstreamed patch
This BBP register fix patch has already been upstreamed. Ref:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.9.9&id=50da74e1e8b682853d1e07fc8bbe3a0774ae5e09

Fixes: 1bfcc1ea8a ("mac80211: update to version 6.9.9")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-07-13 09:28:17 +02:00
Felix Fietkau
7ca4190c18 ath10k-ct: fix mac80211 backport patch to account for the bump to 6.7
Fixes build error

Fixes: 1bfcc1ea8a ("mac80211: update to version 6.9.9")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-07-12 18:27:25 +02:00
Felix Fietkau
f0a54f7e2f ucode: update to Git HEAD (2024-07-11)
73644a036f5a nl80211: move access to tb array out of uc_nl_convert_attr and below
6e3cf83a77a7 nl80211: add support for multi-attribute arrays
6ff24d5488a9 nl80211: update nl80211.h to latest wireless-next
abc2aef28641 nl80211: add wiphy multi-radio support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-07-12 16:38:42 +02:00
Felix Fietkau
1bfcc1ea8a mac80211: update to version 6.9.9
Brings lots of driver updates and API changes needed for mt76 updates.
Disable iwlwifi and ath11k on 5.15, since backport is too difficult,
and the only remaining targets won't need those drivers.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-07-12 16:38:28 +02:00
Felix Fietkau
c640f7b937 mac80211: clear vif private data in order to fix accidental reuse
Fixes potential issues when bringing an interface down and then up again

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-07-11 15:07:58 +02:00
Kristian Skramstad
c7af99b973 firmware: ipq-wifi: update to version 2024-07-04
Added:
[+] qcn9074: add Cambium Networks XE3-4 BDF
[+] ipq60xx: add Cambium Networks XE3-4 BDF

Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Link: https://github.com/openwrt/openwrt/pull/15884
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-11 12:49:36 +02:00
Hauke Mehrtens
0a24fd9155 wireless-regdb: Update to version 2024.07.04
Changes:
  2a768c4 wireless-regdb: Update regulatory rules for Mongolia (MN) on 6GHz
  04875d9 wireless-regdb: Update regulatory rules for Saudi Arabia (SA) on 6GHz
  b7bced8 wireless-regdb: Update regulatory rules for South Africa (ZA) on 6GHz
  7bc8615 wireless-regdb: Update regulatory info for Thailand (TH) on 6GHz
  f901fa9 wireless-regdb: Update regulatory info for Malaysia (MY) for 2022
  d72d288 wireless-regdb: Update regulatory info for Morocco (MA) on 6GHz
  414face wireless-regdb: Update regulatory info for Chile (CL) on 6GHz
  1156a08 wireless-regdb: Update regulatory info for Mexico (MX) on 6GHz
  cc6cf7c wireless-regdb: Update regulatory info for Iceland (IS) on 6GHz
  ce03cc0 wireless-regdb: Update regulatory info for Mauritius(MU) on 6GHz
  7e37778 wireless-regdb: Update regulatory info for Argentina (AR) on 6GHz
  56f3a43 wireless-regdb: Update regulatory info for United Arab Emirates (AE) on 6GHz
  3cb8b91 wireless-regdb: Update regulatory info for Colombia (CO) on 6GHz
  3682ce5 wireless-regdb: Update regulatory info for Costa Rica (CR) for 2021
  dd4ffe7 wireless-regdb: Update regulatory info for Dominican Republic (DO) on 6GHz
  f8ef7da wireless-regdb: Update regulatory info for Liechtenstein (LI) on 6GHz
  a9ecabe wireless-regdb: Update regulatory info for Jordan (JO) for 2022
  5a9fdad wireless-regdb: Update regulatory info for Kenya (KE) for 2022
  19326c3 wireless-regdb: Update regulatory info for Macao (MO) for 2024
  4838054 wireless-regdb: update regulatory database based on preceding changes

Link: https://github.com/openwrt/openwrt/pull/15921
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-11 00:21:15 +02:00
novenary enneagon
d92c42f469 ncurses: add foot terminfo
Add terminfo file for the terminal emulator foot.

https://codeberg.org/dnkl/foot

Signed-off-by: novenary enneagon <novenary@kwak.zip>
Link: https://github.com/openwrt/openwrt/pull/15915
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-10 12:53:27 +02:00
Tianling Shen
7a96d36188 rockchip: fix baudrate for Radxa E25
According to the documentation[1], the serial baudrate of E25 is
115.2 Kbps, and setting it to 1.5 Mbps will cause onboard CH340B
USB-UART chip unstable.

Since mainline TPL is yet available, download patched TPL binary
from Radxa.

1. https://wiki.radxa.com/Rock3/CM/CM3I/E25/getting_started

Fixes: https://github.com/openwrt/openwrt/issues/15814
Fixes: f7c732bf9e ("rockchip: add Radxa E25 board support")
Tested-by: FUKAUMI Naoki <naoki@radxa.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15870
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-10 09:46:19 +02:00
Tan Zien
9a8111fb25 libiwinfo: update to Git HEAD (2024-07-06)
2158201 devices: add device id for Atheros AR9590

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15889
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-10 09:40:26 +02:00
Rosen Penev
2beadefaa0 readline: override termlib for host
For some reason, it's not working right locally. Override as is done
with the target build.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15916
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-10 09:39:32 +02:00
Robert Marko
3d7cb14211 qualcommax: ipq807x: add Asus RT-AX89X BX revision
This commit adds support for Asus RT-AX89X BX revision.

WARNING: Only the BX revision boards (So B1, B2 etc) are supported because
AX revision boards use IPQ8074 v1 SoC which is unsupported.

Specifications:
---------------
* CPU: Qualcomm IPQ8074A Quad core Cortex-A53 @ 2.2GHz
* RAM: 1024MB
* Storage: 256MB SLC NAND (Macronix MX30UF2G18AC)
* Ethernet:
	* 5x 1G RJ45 ports via QCA8337 switch
	* 3x 1G RJ45 ports via internal switch (QCA8075 PHY)
	* 1x 10G RJ45 via internal switch (AQR113C PHY)
	* 1x 10G SFP+ slot via internal switch
* WLAN:
	* 2.4GHz 4x4
	* 5GHz 8x8
	* 8 external antennas
* USB: 2x USB 3.0 Type-A
* Buttons:
	* Power switch
	* WPS
	* Reset
	* Wireless ON/OFF
	* LED ON/OFF
LED-s:
	* Power
	* Wi-Fi
	* WAN
	* 10G
	* SFP+
Power:
	* 19.5V via DC jack

Installation instructions:
--------------------------
1. Flash temporary OpenWrt initramfs:
* Flash openwrt-qualcommax-ipq807x-asus_rt-ax89x-initramfs-factory.trx
via the stock firmware.
Administration -> Firmware Upgrade -> Manual Firmware update (Upload)

After flashing the device will reboot with OpenWrt initramfs and it can
be accesed via any of the LAN ports via SSH with the usual OpenWrt
default credentials.

2. Sysupgrade from OpenWrt initramfs:
* Copy openwrt-qualcommax-ipq807x-asus_rt-ax89x-squashfs-sysupgrade.bin to
/tmp/openwrt-qualcommax-ipq807x-asus_rt-ax89x-squashfs-sysupgrade.bin of
the running initramfs image.
* Simply sysupgrade -n /tmp/openwrt-qualcommax-ipq807x-asus_rt-ax89x-squashfs-sysupgrade.bin

After flashing the device will reboot with OpenWrt initramfs and it can
be accesed via any of the LAN ports via SSH with the usual OpenWrt
default credentials.

Link: https://github.com/openwrt/openwrt/pull/15840
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-09 12:33:17 +02:00
Robert Marko
cc459f55e1 firmware: ipq-wifi: add Asus RT-AX89X BDF
Include the Asus RT-AX89X BDF.

Link: https://github.com/openwrt/openwrt/pull/15840
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-09 12:33:17 +02:00
Robert Marko
d55f4aeee0 kernel: qca-ssdk: set OF node for the SFP PHY
Currently, SSDK is creating a fake SFP PHY which has no OF node populated,
thus making it impossible to pass it to NSS-DP so port can actually work.

We eliminated QCA-s connecting of the PHY by manually creating a string
and then matching by name and instead only support passing the PHY as
phandle via phy-handle.

So, lets just use the switch port node to which the SFP is connected to
anyway and set it as the PHY device OF node so we can pass it to NSS-DP.

Link: https://github.com/openwrt/openwrt/pull/15840
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-09 12:33:17 +02:00
Rosen Penev
d7a76fc351 readline: fix pkgconfig usage
ncurses is built with wide support enabled, which enables libncursesw.
The problem is, the ncurses build system only supplies ncursesw or
ncurses.pc but not both. The other problem is, the readline build tests
for libncurses before the w variant, making its pc file unusable as
there is no ncurses.pc file to satisfy the Required: ncurses section.

Just override the library.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15864
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-08 09:44:21 +02:00
Rosen Penev
1b141cb3d1 ncurses: enable pc files in the host build
Needed for things such as readline that depend on ncurses.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15864
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-08 09:44:21 +02:00
Daniel Golle
a307f8f84b procd: bump to git HEAD
f230c11 utils: use strlcpy when appropriate
 a8cf548 jail: fix copy & paste error in parseOCIlinux()
 1e411a5 utils: get_cmdline_val: add missing error check

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-07 21:25:52 +01:00
Martin Schiller
4624711139 kernel: ltq-adsl: fix enum missmatch on linux 6.6
Convert DSL_XTUDir_t to DSL_AccessDir_t to get rid of enum-conversion
warning.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Link: https://github.com/openwrt/openwrt/pull/15811
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 17:50:23 +02:00
Daniel Golle
8a40d49a56 ltq-tapi: fix build with Linux 6.6
Satisfy compiler expectations in a hell of typedef's and get rid of
system-wide workqueue flush. Results in warning-free compile of the TAPI
driver also with Linux 6.6.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Link: https://github.com/openwrt/openwrt/pull/15811
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 17:50:23 +02:00
Dirk Buchwalder
9e49593ff7 mediatek: filogic: add support for TP-LINK RE6000XD
This commit adds support for TP-LINK RE6000XD.
The device is quite similar to the Mercusys MR90X V1,
except only 3 LAN ports and more LEDs.
So thanks to csharper2005 for doing all the groundwork.

Device specification
--------------------
SoC Type:   MediaTek MT7986BLA, Cortex-A53, 64-bit
RAM:        MediaTek MT7986BLA (512MB)
Flash:      SPI NAND GigaDevice (128 MB)
Ethernet:   MediaTek MT7531AE + 2.5GbE MaxLinear GPY211C0VC (SLNW8)
Ethernet:   1x2.5Gbe (LAN3 2.5Gbps), 2xGbE (LAN 1Gbps, LAN1,
            LAN2)
WLAN 2g:    MediaTek MT7975N, b/g/n/ax, MIMO 4x4
WLAN 5g:    MediaTek MT7975P(N), a/n/ac/ax, MIMO 4x4
LEDs:       8 LEDs, 1 status blue, 2x WIFI blue, 2x signal
	    blue/red, 3 LAN blue gpio-controlled
Button:     2 (Reset, WPS)
USB ports:  No
Power:      12 VDC, 2 A
Connector:  Barrel
Bootloader: Main U-Boot - U-Boot 2022.01-rc4. Additionally, ubi0
            partition contain "seconduboot" (also U-Boot 2022.01-rc4)

Serial console (UART), unpopulated
---------------------
                            V
+-------+-------+-------+-------+
| +3.3V |  GND  |  TX   |  RX   |
+---+---+-------+-------+-------+
    |
    +--- Don't connect

Disassemble: rm the 2 screws at the bottom and the one at the backside.
            un-clip the case starting at the edge above the LEDs.

Installation (UART)
-------------------
1. Place OpenWrt initramfs image on tftp server with IP 192.168.1.2
2. Attach UART, switch on the router and interrupt the boot process by
   pressing 'Ctrl-C'
3. Load and run OpenWrt initramfs image:
      tftpboot openwrt-mediatek-filogic-tplink_re6000xd-initramfs-kernel.bin bootm
4. Run 'sysupgrade -n' with the sysupgrade OpenWrt image

Notice: while I was successfull at activating ssh (as described
        here:
        https://www.lisenet.com/2023/gaining-ssh-access-to-tp-link-re200-wi-fi-range-extender/)

        Unfortunately I haven't found the correct root password.
        Looks like they are using a static password
        (md5crypt, salt + 21 characters) that is not the web
        interface admin password.

        The TP-LINK RE900XD looks like the very same device,
        according to the pictures and the firmware.
        But I haven't checked if the OpenWrt firmware works as well
        on that device.

        The second ubi partition (ubi1) is empty and there is no known
        dual-partition mechanism, neither in u-boot nor in the stock firmware.

Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>
2024-07-04 22:14:32 +02:00
Tianling Shen
18f04617f4 uboot-rockchip: Update to 2024.07
Re-enable FIT signature verification since we switched to use hyphen
for node name separators in commit 2b133ab19c ("scripts: use sep-char for hash nodes").

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-04 21:21:36 +02:00
Shiji Yang
cdfd0b74a2 uboot-envtools: update to U-Boot release v2024.07
Remove upstreamed patches:
010-fw_env-fix-reading-NVMEM-device-s-compatible-value.patch
[commit f29c5ca33df4c77b9af2cbfb7ed90bf336613522]

011-fw_env-keep-calling-read-until-whole-flash-block-is-.patch
[commit 9e3003f79d168eac7ee65cd457e3904e2fb4eea8]

012-fw_env-autodetect-NAND-erase-size-and-env-sectors.patch
[commit d73a6641868029b5cae53ed00c5766921c9d8b1f]

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-07-04 21:16:02 +02:00
FUKAUMI Naoki
1664e506ac uboot-rockchip: use u-boot-rockchip.bin
use u-boot-rockchip.bin to copy SPL/TPL/U-Boot to the image.

since binman was used in mainline u-boot for rockchip, we can use
u-boot-rockchip.bin instead of idbloader.img and u-boot.itb.

Reviewed-by: Tianling Shen <cnsztl@immortalwrt.org>
Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15815
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-04 19:26:00 +02:00
Rodrigo Balerdi
702bad7212 ipq40xx: add BDFs for Linksys WHW03 V1
BDFs come from latest firmware, version 1.1.19.209880 (2022-06-20):
- /lib/firmware/IPQ4019/v1/FCC/boardData_1_0_IPQ4019_DK04_2G.bin
- /lib/firmware/IPQ4019/v1/FCC/boardData_1_0_IPQ4019_DK04_5G.bin
- /lib/firmware/QCA9888/v1/FCC/boardData_2_0_QCA9888_5G_Y9690_SBS_HB.bin

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15844
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-04 19:14:20 +02:00
Rodrigo Balerdi
799829f418 ipq-wifi: update to Git HEAD (2024-06-30)
f54581d ipq6018: add BDF for Edgecore EAP101
6df42f9 ipq40xx: add BDFs for Linksys WHW03 V1
e82cba7 ipq8074: add TP-Link EAP660 HD v1 BDF

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15844
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-04 19:14:20 +02:00
Hauke Mehrtens
4cc69a6542
kernel: Add kmod-sctp-diag
Package the sctp_diag.ko file which already gets build when kmod-sctp
and kmod-inet-diag are selected.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:02 +02:00
Hauke Mehrtens
8b4fd1c0de
kernel: Add kmod-mfd
Package the mfd-core.ko kernel module. It is selected by the
kmod-hwmon-gsc already.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:02 +02:00
Hauke Mehrtens
4e33427965
kernel: Add mtd_nandbiterrs.ko to kmod-mtdtests
The mtd_nandbiterrs.ko kernel module was added with kernel 3.7. We
should package it like the other test modules.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:01 +02:00
Hauke Mehrtens
2ebeda0294
kernel: Add kmod-crypto-xxhash
kxxhash_generic.ko is a soft dependency of kmod-fs-btrfs, but we did not
package it. Extract the kmod-lib-xxhash and then package
xxhash_generic.ko.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:01 +02:00
Hauke Mehrtens
f89091bba6
kernel: Add kmod-crypto-blake2b
The kmod-fs-btrfs package has a soft dependency to kmod-crypto-blake2b

The CONFIG_BTRFS_FS kernel build option selects CONFIG_CRYPTO_BLAKE2B,
but we did not package it before.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:00 +02:00
Hauke Mehrtens
fac507606d
kernel: Fix kmod-lib-lz4 packaging
The kernel provides two variants of the lz4 compression a normal version
and a high compression mode version. The old kmod-lib-lz4 package
contained the normal version plus one part of the lz4hc version. There
was already code which selected the kmod-lib-lz4hc package which did
not exists.

I split this into 3 packages. kmod-lib-lz4 and kmod-lib-lz4hc for the
normal the and high compression algorithm which contain the specific
code and the kmod-lib-lz4-decompress which contains the common
decompressor.

New we are also packaging lz4hc.ko

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:00 +02:00
Hauke Mehrtens
b0953c4fbf
kernel: Extract kmod-nf-dup-inet
The nf_dup_ipv4.ko and nf_dup_ipv6.ko kernel module were packaged by
kmod-ipt-tee and kmod-nft-dup-inet at the same time. Extract them into a
separate package used by both.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:10:59 +02:00
Sean Khan
c27fd6fd97 f2fs-tools: Add missing 'f2fslabel' symlink
`f2fslabel` is already built into `f2fs.fsck`, but is missing its symlink
in the final package.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15851
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-03 11:14:42 +02:00
Stijn Tintel
6b16eaf840 wifi-scripts: add missing dependency on ucode-mod-uci
Fixes the following error:

Syntax error: Unable to resolve path for module 'uci'
In line 3, byte 27:

 `import * as uci from 'uci';`
  Near here ----------------^

Fixes: 4a3ed518b2 ("wifi-scripts: rewrite wifi detect code in ucode")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2024-07-03 01:40:15 +03:00
David Bauer
89d7051485 hostapd: bump PKG_RELEASE
Signed-off-by: David Bauer <mail@david-bauer.net>
2024-06-30 22:23:11 +02:00
David Bauer
68e4cc9be5 hostapd: don't ignore probe-requests with invalid DSSS params
Don't ignore probe requests which contain an invalid DS parameter for the
current operating channel.

As the comment outlines, the drop shall only apply if
dot11RadioMeasurementActivated is set to 1.

However, it was observed Linux clients (Debian 12 / NixOS 23.11)
with an Intel 8265 NIC may generate a probe request frame with
dot11RadioMeasurementActivated set to false and an invalid DSSS
parameter.

These were also dropped even though they should not have been. They
however should not have contained this parameter in the first place.

Don't drop Probe Requests which contain such an invalid field. This may
lead to more probe responses being sent, however it does fix very
frequent connection issues for these clients on 2.4 GHz.

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-06-30 22:23:11 +02:00
Rosen Penev
7c32295b00 e2fsprogs: remove HostBuild
These things already get built and installed by tools/e2fsprogs. No need
to duplicate.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15822
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-28 11:25:58 +02:00
Álvaro Fernández Rojas
e04533ae7b bcm63xx-cfe: update to latest version
sagem: fast-3864-op:add cferam.000 file
tp-link: archer vr400 v1: add cfe file

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-06-26 19:26:34 +02:00
Robert Marko
2b666bb827 utils: mtd-utils: update to 2.2.0
Release notes:
https://lists.infradead.org/pipermail/linux-mtd/2024-March/104058.html

mtd-utils are currently depending on zlib, however it is not expressed
as a dependency and it is somehow being only pulled-in by lincurses-devel
so mtd-utils were able to compile.

Since 2.2.0 zlib is optional so lets disable support for it like for other
compressors since we dont package the mkfs.ubifs or mkfs.jffs2 that
are only users of compressors anyway.

Link: https://github.com/openwrt/openwrt/pull/15802
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-26 09:23:27 +02:00
Robert Marko
116903082b utils: mtd-utils: drop autoreconf
Now that we are not patching mtd-utils with JFFS2 LZMA support there
is no need for autoreconf to be run.

Link: https://github.com/openwrt/openwrt/pull/15802
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-26 09:23:26 +02:00
Robert Marko
fb2fa8f7c2 utils: mtd-utils: drop patches
We have been carrying the 100-fix_includes.patch and 130-lzma_jffs2.patch
for a long time but the reason is lost to history.

We dont need to carry the JFFS2 LZMA support patch as mkfs.jffs2 is not
even being packaged so its not even being used.

As for the 100-fix_includes.patch that also seems like a relic of history
as mtd-utils compiles fine without it.

So, lets drop both patches.

Link: https://github.com/openwrt/openwrt/pull/15790
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-25 13:01:45 +02:00
Christian Marangi
be26643e91
generic: 6.6: backport patch for G671 PWM Fan controller support
Backport patch for G761 PWM Fan controller support. This is used by
an ipq807x RAX120v2 and have an internal clock that was currently
unconfigured making the device not working.

Link: https://github.com/openwrt/openwrt/pull/15796
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-25 12:52:43 +02:00
Robert Marko
14bf60deb8 uboot-mvebu: add support for MikroTik RB5009
MikroTik RB5009 uses RouterBoot as its bootloader like all MikroTik devices
running RouterOS, meaning that its not FIT compatible and can only boot
ELF images.

Now this is not so much of an issue on ARM or MIPS since kernel supports
appending DTB-s to it (Or we patch the kernel to embed it), but on ARM64
there is intentionally no such support.

RouterBoot will pass a DTB, but its the broken MikroTik one which is a
modified reference DTB and incorrect in more places than its valid so we
cannot use it to boot our kernel.

Thus, the solution is to use an intermediary loader and luckily for us
Armada 7040 is well supported in U-Boot which makes it a great option since
it supports anything that we will ever need to boot.

Upstream U-Boot currently requires the Armada boards to be converted to
OF_UPSTREAM before adding anything new and this requires updating all of
the drivers to accomodate the Linux DTS, while I plan to do this eventually
we will need to keep this board downstream for now.

Most stuff is supported in U-Boot, including networking since the switch
is preconfigured by RouterBoot.

A custom environment is used to try and boot from the following devices:
1. NAND (UBI)
2. USB
3. Networking

If NAND boot fails then U-Boot will attempt to boot OpenWrt initramfs from
USB or via networking.

There is a manual recovery mechanism implemented where if the reset button
is held when U-Boot is booting it will try to boot OpenWrt initramfs from:
1. USB
2. Networking

When U-Boot is in recovery mode it will light all of the LED-s except the
switch ones.

Link: https://github.com/openwrt/openwrt/pull/15765
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-24 09:46:19 +02:00
Álvaro Fernández Rojas
ea2ff25d4c generic: 6.6: backport upstream r8169 patches
Backport a bunch of upstream r8169 patches:
- RTL8168/RTL8101 LEDs support.
- RTL8126A support.
- RTL8125/RTL8126 LEDs support.
- RTL8168M support.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-06-24 05:36:14 +02:00
Álvaro Fernández Rojas
2f5c57ced6 linux-firmware: add RTL8126 firmware
This commit adds RTL8126 firmwares to r8169-firmware package.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-06-23 22:36:28 +02:00
Robert Marko
de5d1f44ae qca-ssdk: fix compiling for ipq60xx
Trying to compile for ipq60xx will fail with:
ERROR: modpost: "qca808x_phy_reset" [build_dir/target-aarch64_cortex-a53_musl/linux-qualcommax_ipq60xx/qca-ssdk-2024.06.13~c451136b/qca-ssdk.ko] undefined!

So, lets fix this by disabling Manhattan switch and PHY support as this is
the new 2.5G quad port switch that is not present on ipq60xx boards.

Fixes: 87a45ea432 ("kernel: qca-ssdk: update 12.5 to 2024-06-13")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 17:43:36 +02:00
Kristian Skramstad
87a45ea432 kernel: qca-ssdk: update 12.5 to 2024-06-13
There are some new commits, so refresh and update patches.
Some build warnings have been fixed upstream too.

Add backport target/linux/generic/backport-6.6/722-v6.10-dt-bindings-arm-qcom-ids-Add-SoC-ID-for-IPQ5321.patch.

Removed upstream:
[-] qca-ssdk/patches/101-hsl_phy-add-support-for-detection-PSGMII-PHY-mode.patch
[-] qca-ssdk/patches/201-fix-compile-warnings.patch

List of changes:
2024-04-16  -c451136b-  qca-ssdk: strip MRPPE code
2024-06-05  -f455a820-  [qca-ssdk]: fix enum-int-mismatch warnings
2024-05-31  -bbfc0fa9-  Merge "[qca-ssdk]: update eee status of phydev"
2024-05-31  -adbe9dc5-  Merge "[qca-ssdk]: support psgmii and uqsxgmii mode of kernel"
2024-05-31  -d06ca777-  Merge "[qca-ssdk]: fix 5G issue with the AQR FW that use 5gbaser for 5G speed"
2024-05-31  -c6f539a5-  Merge "qca-ssdk: support mrppe pktedit padding functions"
2024-04-29  -c321e2a9-  qca-ssdk: support mrppe pktedit padding functions
2024-05-24  -ee6e201e-  qca-ssdk: Fix the big endian compile error
2024-05-15  -8c116bb9-  [qca-ssdk]: update eee status of phydev
2024-05-20  -f0341a2c-  Merge "qca-ssdk: Enable igmp for PPE MINI profile"
2024-05-16  -44a0ce93-  qca-ssdk: Enable igmp for PPE MINI profile
2024-05-15  -8b91bbf6-  [qca-ssdk]: support psgmii and uqsxgmii mode of kernel
2024-05-14  -7eec1658-  [qca-ssdk]: fix 5G issue with the AQR FW that use 5gbaser for 5G speed
2024-05-12  -b9f5ea0e-  [qca-ssdk]: ethtool support, do not change wake-up timer when the requested timer is 0
2024-05-09  -5e2c15ed-  Merge "[qca-ssdk]: remove check when mht clock enable"
2024-05-09  -a1563b90-  Merge "[qca-ssdk] support new sku IPQ5321"
2024-04-23  -f04b7680-  [qca-ssdk]: show unknown status when link down
2024-03-22  -33b91b30-  [qca-ssdk]: remove check when mht clock enable
2024-04-29  -b6362f2b-  Merge "qca-ssdk:fix bug in marina nptv6 iid cal"
2024-04-29  -097033ae-  Merge "[qca-ssdk] support cypress uniphy0 connecting MHT switch port0"
2024-04-24  -d45560fd-  qca-ssdk:fix bug in marina nptv6 iid cal
2024-04-24  -7d7a42af-  qca-ssdk: enable policer counter on low memory profile
2024-04-18  -e36cf6ea-  Merge "[qca-ssdk]: change portvlan egress mode initial value as untouched"
2024-04-18  -27817881-  Merge "[qca-ssdk]: update the aqr phy supported ability"
2024-04-18  -5a3a693c-  Merge "qca-ssdk:support marina nptv6"
2024-04-16  -129fe9b3-  Merge "qca-ssdk: support tunnel fields and innner fields inverse"
2024-01-09  -fc8f6abd-  qca-ssdk:support marina nptv6

Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Link: https://github.com/openwrt/openwrt/pull/15771
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 17:42:17 +02:00
Nathaniel Wesley Filardo
7d71c03ab1 kernel: crypto: remove FCRYPT from miscellany
It has its own dedicated knob

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15761
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 14:07:17 +02:00
Nathaniel Wesley Filardo
98793e02f7 kernel: catch up rxrpc
New dependencies required for the module to be useful, and correct IPv6 support

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15761
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 14:07:17 +02:00
Sean Khan
31ec4515c3 openssl: conditionally disable engine section
Currently, the build option to enable/disable engine support isn't
reflected in the final '/etc/ssl/openssl.cnf' config. It assumes `engines`
is always enabled, producing an error whenever running any
commands in openssl util or programs that explicitly use settings
from '/etc/ssl/openssl.cnf'.

```
➤ openssl version
FATAL: Startup failure (dev note: apps_startup()) for openssl
307D1EA97F000000:error:12800067:lib(37):dlfcn_load:reason(103):crypto/dso/dso_dlfcn.c:118:filename(libengines.so):
Error loading shared library libengines.so: No such file or directory
307D1EA97F000000:error:12800067:lib(37):DSO_load:reason(103):crypto/dso/dso_lib.c:152:
307D1EA97F000000:error:0700006E:lib(14):module_load_dso:reason(110):crypto/conf/conf_mod.c:321:module=engines, path=engines
307D1EA97F000000:error:07000071:lib(14):module_run:reason(113):crypto/conf/conf_mod.c:266:module=engines
```

Build should check for the `CONFIG_OPENSSL_ENGINE` option, and comment out `engines`
if not explicitly enabled.

Example:
```
[openssl_init]
providers = provider_sect
```

After this change, openssl util works correctly.

```
➤ openssl version
OpenSSL 3.0.14 4 Jun 2024 (Library: OpenSSL 3.0.14 4 Jun 2024)
```

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15661
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-22 16:31:23 +02:00
Sean Khan
d648ee4c58 wifi-scripts: ensure get_freq returns int (iw-6.9)
With `iw` version 6.9 frequencies are now being reported as float,
which is incompatible with wpa_supplicant's config option 'frequency'
which expects an integer.

iwinfo phy0 info output:

Version: 5.19
```
Frequencies:
  * 5180 MHz [36] (30.0 dBm)
  * 5200 MHz [40] (30.0 dBm)
  * 5220 MHz [44] (30.0 dBm)
  * 5240 MHz [48] (30.0 dBm)
  * 5260 MHz [52] (24.0 dBm)
  * 5280 MHz [56] (24.0 dBm)
  * 5300 MHz [60] (24.0 dBm)
  * 5320 MHz [64] (24.0 dBm)
  * 5500 MHz [100] (24.0 dBm)
  * 5520 MHz [104] (24.0 dBm)
  * 5540 MHz [108] (24.0 dBm)
  * 5560 MHz [112] (24.0 dBm)
  * 5580 MHz [116] (24.0 dBm)
  * 5600 MHz [120] (24.0 dBm)
  * 5620 MHz [124] (24.0 dBm)
  * 5640 MHz [128] (24.0 dBm)
  * 5660 MHz [132] (24.0 dBm)
  * 5680 MHz [136] (24.0 dBm)
  * 5700 MHz [140] (24.0 dBm)
  * 5720 MHz [144] (24.0 dBm)
  * 5745 MHz [149] (30.0 dBm)
  * 5765 MHz [153] (30.0 dBm)
  * 5785 MHz [157] (30.0 dBm)
  * 5805 MHz [161] (30.0 dBm)
  * 5825 MHz [165] (30.0 dBm)
  * 5845 MHz [169] (disabled)
  * 5865 MHz [173] (disabled)
  * 5885 MHz [177] (disabled)
```

Version: 6.9
```
Frequencies:
  * 5180.0 MHz [36] (30.0 dBm)
  * 5200.0 MHz [40] (30.0 dBm)
  * 5220.0 MHz [44] (30.0 dBm)
  * 5240.0 MHz [48] (30.0 dBm)
  * 5260.0 MHz [52] (24.0 dBm)
  * 5280.0 MHz [56] (24.0 dBm)
  * 5300.0 MHz [60] (24.0 dBm)
  * 5320.0 MHz [64] (24.0 dBm)
  * 5500.0 MHz [100] (24.0 dBm)
  * 5520.0 MHz [104] (24.0 dBm)
  * 5540.0 MHz [108] (24.0 dBm)
  * 5560.0 MHz [112] (24.0 dBm)
  * 5580.0 MHz [116] (24.0 dBm)
  * 5600.0 MHz [120] (24.0 dBm)
  * 5620.0 MHz [124] (24.0 dBm)
  * 5640.0 MHz [128] (24.0 dBm)
  * 5660.0 MHz [132] (24.0 dBm)
  * 5680.0 MHz [136] (24.0 dBm)
  * 5700.0 MHz [140] (24.0 dBm)
  * 5720.0 MHz [144] (24.0 dBm)
  * 5745.0 MHz [149] (30.0 dBm)
  * 5765.0 MHz [153] (30.0 dBm)
  * 5785.0 MHz [157] (30.0 dBm)
  * 5805.0 MHz [161] (30.0 dBm)
  * 5825.0 MHz [165] (30.0 dBm)
  * 5845.0 MHz [169] (disabled)
  * 5865.0 MHz [173] (disabled)
  * 5885.0 MHz [177] (disabled)
```

Error reported from wpa_supplicant
```console
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 10: invalid number "5320.0"
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 10: failed to parse frequency '5320.0'.
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 16: failed to parse network block.
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Failed to read or parse configuration '/var/run/wpa_supplicant-phy1-mesh0.conf'.
```

This affects mesh, adhoc, and client-mode WDS.

Until hostapd/wpa_supplicant is updated (or patched) to support float
frequencies, ensure `get_freq` prints out an integer.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15770
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-22 11:34:46 +02:00
Felix Fietkau
4a3ed518b2 wifi-scripts: rewrite wifi detect code in ucode
Rely entirely on /etc/board.json instead of screen scraping iw cli output

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
31aa61503e wifi-scripts: add default channel to board.json in wifi-detect.uc
Preparation for avoiding iw calls in /lib/wifi/mac80211.sh

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
33420f039d ucode: update to Git HEAD (2024-06-18)
8cf816d615fd socket: fix potential memory leak in connect()
8f5f231d66cd socket: optimize poll() argument handling
36f106056069 socket: remove wrong documentation fragment
525fca224012 socket: uv_to_sockaddr(): fix length calculation for AF_UNIX addresses
3938645ad9e3 socket: support IPv6 addresses in struct conversion routines
3a586dc7ddbe socket: improve uc_socket_connect() behavior
7b269f1cd3d2 socket: improve uc_socket_listen() behavior
fc6f2b89febf socket: handle further socket option value types
d6f25797dad1 socket: add IPv6 socket options
7611487b9a05 socket: implement recvmsg(), sendmsg() and cmsg support
d2e44bfa8b54 core-lib: improved documentation
e0bab40c8578 fs: add truncate() file method
5d305cfb2ab7 fs: add lock() file method
8b0318f7fabe lib: introduce zlib library

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
a6e1c5f01e iw: update to version 6.9
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Felix Fietkau
032d3fcf7a hostapd: use strdup on string passed to hostapd_add_iface
The data is modified within hostapd_add_iface

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Felix Fietkau
3984fb0582 hostapd: fix crash on interface setup failure
Add a missing NULL pointer check when deleting beacons

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Christian Marangi
2b6772c82c
firmware-utils: update to Git HEAD (2024-06-20)
224d497dd94f srec2bin: drop unused "dum" variable
6777b2d51961 uimage_sgehdr: use "char" type for header struct strings
81db3025aac5 uimage_sgehdr: drop unused "ltmp" variable
bd7fcc74b43e pc1crypt: make decrypt/encrypt functions take void * as argument
6ac44974185a linksys: add magic header generation tool for e8350 v1

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-20 23:23:30 +02:00
Thomas Weißschuh
f1b7f45f8c util-linux: update to v2.40.1
Release Notes:
	https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40-ReleaseNotes
	https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40.1-ReleaseNotes

Remove upstreamed:
	001-meson-properly-handle-gettext-non-existence.patch

New:
	0001-meson-Fix-build-python-option.patch

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
2024-06-20 14:06:41 +02:00
Christian Marangi
cf2b689d03
Revert "apk: limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG"
This reverts commit 25bbefcdd9.

Only the Config-build.in change needed to be merged and this contains
leftover from previous revision of the feature.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-20 05:52:05 +02:00
Daniel Golle
5e7955171c generic: backport pending driver for Winchip CH348 USB serial
Import patch and package kernel module for Winchip CH348
USB-to-8x-UART chip.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-20 01:11:09 +01:00
Christian Marangi
e6e4d90b69
mac80211: backport upstream patch for tim->virtual_map flex array warn
Backport upstream patch for tim->virtual_map flex array warning for
invalid write.

This has been notice with the bump of ath10k-ct to version 6.7.

Link: https://github.com/openwrt/openwrt/pull/15760
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-19 23:38:27 +02:00
Rafał Miłecki
156f5e8f48 base-files: migrate old UCI network sections defining bridges
Old "interface" sections for bridges were mixing layer 2 and layer 3.
That syntax got deprecated and UCI section "device" is used for bridge
configuration now.

Backward compatibility may be dropped from netifd soon now so migrate
old configs using uci-defaults script.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-06-19 12:47:58 +02:00
Rafał Miłecki
c8e68dce61 base-files: migrate old UCI network bridge ports syntax
netifd supports more accurate "ports" option (instead of "ifname") for
years now. Relevant changes were even backported to OpenWrt 21.02. Add
uci-defaults script that translates config files using deprecated
syntax.

Identical commit f716c30241 ended up reverted back in 2021 by
80be798d4a due to breaking downgrades. With 19.07 support ended it
should no longer be an issue.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-06-19 09:11:44 +02:00
Christian Marangi
d14670aea8
ath10k-ct: bump to version 6.7
Bump ath10k-ct to version 6.7.

Drop patch 100 that got merged upstream.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:42 +02:00
Christian Marangi
0134270319
mac80211: backport RX timestamp flags patch
Backport RX timestamp flags patch needed for ath10k-ct to compile with
newer versions.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:42 +02:00
Christian Marangi
3b2a81ec24
ath10k-ct: replace LEDs patch with upstream patch
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:41 +02:00
Christian Marangi
6b71ab630a
mac80211: ath10k: replace LEDs patch with upstream patch
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:40 +02:00
Christian Marangi
29b98a0192
Revert "mac80211: ath10k: replace LEDs patch with upstream patch"
This reverts commit dc9c5d1ee7.

Additional file for ath10k-ct slipped in, revert for a better version
pushed later.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 18:33:25 +02:00
Christian Marangi
dc9c5d1ee7
mac80211: ath10k: replace LEDs patch with upstream patch
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 18:23:44 +02:00
Leon M. Busch-George
bff0e1cfd8
base-files: fix ipcalc bound calculation for /31 prefix
A small regress from the translation to shell.
Fixes #12921, originally fixed in #12925 (Github).

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Link: https://github.com/openwrt/openwrt/pull/15430
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 13:45:37 +02:00
Konstantin Demin
f3080677f5
xdp-tools: update to v1.4.2
- release notes:
  https://github.com/xdp-project/xdp-tools/releases/tag/v1.4.2
- patches rebased manually:
  - 010-configure-respect-LDFLAGS.patch

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15705
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 13:26:37 +02:00
Carlos Miguel Ferreira
76c863fe60
libquadmath: Add libquadmath to the toolchain
This commit makes the libquadmath library available to the GCC
toolchain. This library is important for libraries such as
Boost.charconv

Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15637
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 13:12:29 +02:00
John Audia
f34620f146 kernel: bump 6.6 to 6.6.33 and adjust subarches
This commit accomplishes three goals:
1. bump 6.6 to 6.6.33
2. kernel: modules: video: change package definition for fb for
   upstream changes[1]
3. kernel/multiple subtargets: add CONFIG_FB_IOMEM_FOPS=y to all
   subtargets which also set CONFIG_FB_CORE=y.

Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.33

Removed upstreamed:
	pending-6.6/195-block-fix-and-simplify-blkdevparts-cmdline-parsing.patch[2]
	gemini/patches-6.6/0003-net-ethernet-cortina-Locking-fixes.patch[3]

Manually rebased:
	ramips/patches-6.6/810-uvc-add-iPassion-iP2970-support.patch

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.6.y&id=c00e8fd749502c02085534c60b1edca4fc479c91
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.33&id=99bbbd9aea059f8a206736dc601be2ae61d366fb
3. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.33&id=8f6f82d6a205ceb3aba8d279f9ff6eeea0b1689b

Build system: x86/64
Build-tested: x86/64/AMD Cezanne, flogic/xiaomi_redmi-router-ax6000-ubootmod, ramips/tplink_archer-a6-v3
Run-tested: x86/64/AMD Cezanne, flogic/xiaomi_redmi-router-ax6000-ubootmod, ramips/tplink_archer-a6-v3

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: John Audia <therealgraysky@proton.me>
2024-06-15 22:44:06 +02:00
Christian Lamparter
7d9b9762c9 firmware: intel-microcode: update to 20240531
Debian changelog:

intel-microcode (3.20240531.1) unstable; urgency=medium

  * New upstream microcode datafile 20240531
    * Fix unspecified functional issues on Pentium Silver N/J5xxx,
      Celeron N/J4xxx
    * Updated Microcodes:
      sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800
  * source: update symlinks to reflect id of the latest release, 20240531

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Sat, 01 Jun 2024 11:49:47 -0300

intel-microcode (3.20240514.1) unstable; urgency=medium

  * New upstream microcode datafile 20240514
    * Mitigations for INTEL-SA-01051 (CVE-2023-45733)
      Hardware logic contains race conditions in some Intel Processors may
      allow an authenticated user to potentially enable partial information
      disclosure via local access.
    * Mitigations for INTEL-SA-01052 (CVE-2023-46103)
      Sequence of processor instructions leads to unexpected behavior in
      Intel Core Ultra Processors may allow an authenticated user to
      potentially enable denial of service via local access.
    * Mitigations for INTEL-SA-01036 (CVE-2023-45745,  CVE-2023-47855)
      Improper input validation in some Intel TDX module software before
      version 1.5.05.46.698 may allow a privileged user to potentially enable
      escalation of privilege via local access.
    * Fix for unspecified functional issues on 4th gen and 5th gen Xeon
      Scalable, 12th, 13th and 14th gen Intel Core processors, as well as for
      Core i3 N-series processors.
    * Updated microcodes:
      sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632
      sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400
      sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256
      sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208
      sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433
      sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808
      sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040
      sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240
      sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960
      sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230
  * source: update symlinks to reflect id of the latest release, 20240514

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Thu, 16 May 2024 21:40:52 -0300

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2024-06-15 11:20:13 +02:00
Aleksander Jan Bajkowski
1b846fe208 kernel: ltq-adsl: fix compilation warning on 6.6
Fix compilation warning:
./include/linux/export.h:29:22: error: passing argument 1 of 'class_create' from incompatible pointer type [-Werror=incompatible-pointer-types]
   29 | #define THIS_MODULE (&__this_module)
      |                     ~^~~~~~~~~~~~~~~
      |                      |
      |                      struct module *
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:1105:29: note: in expansion of macro 'THIS_MODULE'
 1105 |    dsl_class = class_create(THIS_MODULE, "dsl_cpe_api");
      |                             ^~~~~~~~~~~
In file included from ./include/linux/device.h:31,
                 from ./include/linux/platform_device.h:13,
                 from ./include/linux/of_device.h:5,
                 from ./include/linux/of_platform.h:10,
                 from /home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:15:
./include/linux/device/class.h:230:54: note: expected 'const char *' but argument is of type 'struct module *'
  230 | struct class * __must_check class_create(const char *name);
      |                                          ~~~~~~~~~~~~^~~~
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:1105:16: error: too many arguments to function 'class_>
 1105 |    dsl_class = class_create(THIS_MODULE, "dsl_cpe_api");
      |                ^~~~~~~~~~~~
./include/linux/device/class.h:230:29: note: declared here
  230 | struct class * __must_check class_create(const char *name);
      |                             ^~~~~~~~~~~~
cc1: all warnings being treated as errors

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2024-06-14 14:32:28 +02:00
Aleksander Jan Bajkowski
fda7563c9a kernel: ltq-adsl-mei: fix compilation warning on 6.6
Fix compilation warning:
./include/linux/export.h:29:22: error: passing argument 1 of 'class_create' from incompatible pointer type [-Werror=incompatible-pointer-types]
   29 | #define THIS_MODULE (&__this_module)
      |                     ~^~~~~~~~~~~~~~~
      |                      |
      |                      struct module *
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:2774:34: note: in expansion of macro 'THIS_MODULE'
 2774 |         dsl_class = class_create(THIS_MODULE, "ifx_mei");
      |                                  ^~~~~~~~~~~
In file included from ./include/linux/device.h:31,
                 from ./include/linux/dma-mapping.h:8,
                 from ./include/linux/skbuff.h:28,
                 from ./include/net/net_namespace.h:43,
                 from ./include/linux/netdevice.h:38,
                 from /home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:39:
./include/linux/device/class.h:230:54: note: expected 'const char *' but argument is of type 'struct module *'
  230 | struct class * __must_check class_create(const char *name);
      |                                          ~~~~~~~~~~~~^~~~
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:2774:21: error: too many arguments to function 'class_create'
 2774 |         dsl_class = class_create(THIS_MODULE, "ifx_mei");
      |                     ^~~~~~~~~~~~
./include/linux/device/class.h:230:29: note: declared here
  230 | struct class * __must_check class_create(const char *name);
      |                             ^~~~~~~~~~~~
cc1: all warnings being treated as errors

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2024-06-14 14:32:28 +02:00
Rosen Penev
6b03050192 mac80211: remove mtd-cal-data
All usages of mtd-cal-data have been removed. To avoid submissions that
rely on this deprecated behavior, remove it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15671
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-13 18:10:27 +02:00
Paul Spooren
213bd273ed base-files: Reapply fixed "Ignore exit code of uci.sh inclusion"
This reverts commit 80d1c353b7 with the
fix which won't break running systems. A logic error on how shell
handles && and || more the init process.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-06-12 11:12:13 +02:00
Petr Štetiar
b2a84c86e3
apk: host: make the help available
Currently, the apk utility lacks accessible help documentation, making
it cumbersome for human users:

 apk-tools 3.0.0_pre20240519, compiled for x86_64.

 ERROR: This apk-tools has been built without help

This absence of help forces users to delve into the apk's build
directory to understand its functionality. To enhance usability, we will
enable the help feature for the host build. The host environment can
accommodate the 3% increase in binary size for the added convenience.

On Ubuntu 22.04, x86_64 platform, the apk size increases by 17,816 bytes
(from 594,144 to 611,960 bytes), a 2.99% increase. This is a reasonable
trade-off for improved ergonomics.

Additionally fix the Lua host build dependency as apk-tools uses during
the build Lua to convert SCDOC manpages to apk-tools help messages.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:20 +02:00
Christian Marangi
25bbefcdd9
apk: limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG
Limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG as APK have different
way to validate package integrity (apk audit)

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:19 +02:00
Christian Marangi
8ca2e2852e
base-files: skip fix-group-user uci-default for APK installation
For APK installation we don't have /usr/lib/opkg/info and user fixup are
handled dirrectly. Skip the script in such case.

Also remove this uci-defaults if we have CONFIG_USE_APK enabled.

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:18 +02:00
Christian Marangi
9f6fc4f524
dropbear: don't install /usr/lib/opkg/info in package install
Don't install /usr/lib/opkg/info in package install as it doesn't make
sense and conflicts with APK installations.

Fixes: a377aa9ab5 ("add dropkey ssh keys and config files to the conffiles section (#2014)")
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:17 +02:00
Christian Marangi
93d49529a1
apk: provide csum for static conffiles
For non-overlay configuration we need checksum for config file that
weren't modified by the user. For OPKG in sysupgrade we check the status
file for the Conffiles: entry of every package. this entry contains
checksum for every static file that the package contains.

Provide the same info for APK by creating a conffiles_static file and
parse this file on sysupgrade for non-overlay configurations.

This is also used by the sysupgrade -u option to exclude non-changed
files from the final backup.

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:17 +02:00
Petr Štetiar
617431685e
build: package: fix missing host apk dependency
Currently the build with USE_APK=y fails in package/libs/toolchain:

 staging_dir/host/bin/fakeroot: line 182: staging_dir/host/bin/apk: No such file or directory
 make[2]: *** [Makefile:758: bin/targets/mediatek/filogic/packages/libgcc1-13.2.0-r4.apk] Error 127

as commit d788ab376f ("build: add APK package build capabilities") added
dependency on apk in packaging step, but there is no host build
dependency defined, thus apk binary is missing when libgcc1 apk package is being
created. So lets fix it by adding explicit apk/host dependency to all
targets in the subdirectories.

Fixes: d788ab376f ("build: add APK package build capabilities")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[ rework logic to be more self contained ]
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:14 +02:00
Robert Marko
b47fbca97f yafut: update to fix basename() issue
Since musl 1.2.5 update yafut would throw a warning about implicit
declaration of basename() but would still somehow compile.
However, trying to use it on a device will cause it to instantly
Segmentation fault.

So, to fix this lets update to the current upstream repository version
that has removed the use of basename() completely.

Link: https://github.com/openwrt/openwrt/pull/15685
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-11 14:27:47 +02:00
Daniel Golle
83311b7470 mt76: mt7996: select required kernel and hostap options
Select DRIVER_11AX_SUPPORT and KERNEL_RELAY also for kmod-mt7996 to
prevent build failure if only this driver is selected during build and
end up with (most) required hostap features (IEEE 802.11be rates are not
yet supported).

Reported-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-11 00:10:21 +01:00
Florian Eckert
fe5fe3c8e7 kernel: modules: netdevice: remove kmod-of-mdio dependency for kmod-stmmac-core
The 'kmod-stmmac-core' package is referenced by the following packages:
* kmod-dwmac-intel
* kmod-dwmac-imx
* kmod-dwmac-sun8i

The problem is that 'kmod-of-mdio' is not selectable for 'TARGET_x86'.
That means the package 'kmod-dwmac-intel' is not available on this
architecture and so the package 'kmod-dwmac-intel' could not be enabled.

To fix this remove the dependencies 'kmod-of-mdio' from 'kmod-stmmac-core'.
This is not needed on this level, because the modules 'kmod-of-mdio' is
already selected by the packages 'kmod-dwmac-imx' and 'kmod-dwmac-sun8i'.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-06-10 16:50:29 +02:00
John Audia
bac2f1bed6 openssl: update to 3.0.14
Major changes between OpenSSL 3.0.13 and OpenSSL 3.0.14 [04-Jun-2024]

* Fixed potential use after free after SSL_free_buffers() is called.
  [CVE-2024-4741]
* Fixed checking excessively long DSA keys or parameters may be very slow.
  [CVE-2024-4603]
* Fixed an issue where some non-default TLS server configurations can cause
  unbounded memory growth when processing TLSv1.3 sessions. An attacker may
  exploit certain server configurations to trigger unbounded memory growth that
  would lead to a Denial of Service.  [CVE-2024-2511]
* New atexit configuration switch, which controls whether the OPENSSL_cleanup
  is registered when libcrypto is unloaded. This can be used on platforms
  where using atexit() from shared libraries causes crashes on exit

Signed-off-by: John Audia <therealgraysky@proton.me>

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
2024-06-08 23:29:31 +02:00
Martin Schiller
abf1c4e67d kernel: ltq-vdsl-vr9: fix compilation with linux 6.6
This adds some compile fixes for linux 6.6 compatibility.

class_create now require only the name instead of the module ownership
reference.

Also the kernel enabled checks for enum.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Martin Schiller
45eeedbbfc kernel: ltq-vdsl-vr9-mei: fix compilation with linux 6.6
This adds some compile fixes for linux 6.6 compatibility.

class_create now require only the name instead of the module ownership
reference.

Also the kernel enabled checks for enum.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Martin Schiller
10f8a14eca kernel: ltq-deu: fix compilation with linux 6.6
struct u128 and u128_xor() was removed by upstream commit f413e724818c
("cyrpto/b128ops: Remove struct u128").

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Martin Schiller
c7648273d0 kernel: ltq-vectoring: Avoid flush_scheduled_work() usage
This fixes some compile warnings for linux 6.6.

Flushing system-wide workqueues is dangerous and will be forbidden.
Replace system_wq with local vectoring_wq.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Tony Ambardar
56b15913af libbpf: Update to v1.4.3
Update to the latest upstream release to include recent improvements and
bugfixes, and simplify use of PKG_SOURCE_VERSION.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.3
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-06-08 14:21:40 +02:00
Tony Ambardar
1cb489c784 kexec-tools: fix multiple compile errors
Add two patches to fix compile errors being repeatedly seen on OpenWrt CI.

The first is an upstream backport to fix this i386-related error:

  x86_64-openwrt-linux-musl-gcc  -mcmodel=large -I./purgatory/include
  -I./purgatory/arch/x86_64/include -I./util_lib/include -I./include -Iinclude
  -I/builder/shared-workdir/build/sdk/staging_dir/toolchain-x86_64_gcc-13.3.0_musl/lib/gcc/x86_64-openwrt-linux-musl/13.3.0/include
  -c -MD -o purgatory/arch/i386/entry32-16.o purgatory/arch/i386/entry32-16.S
  purgatory/arch/i386/entry32-16.S: Assembler messages:
  purgatory/arch/i386/entry32-16.S:23: Error: 64bit mode not supported on `i386'.

The second addresses an error using basename() on musl libc:

  kexec/arch/i386/x86-linux-setup.c: In function 'add_edd_entry':
  kexec/arch/i386/x86-linux-setup.c:332:20: warning: implicit declaration of function 'basename' [-Wimplicit-function-declaration]
    332 |         if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) {
        |                    ^~~~~~~~
  kexec/arch/i386/x86-linux-setup.c:332:20: warning: passing argument 1 of 'sscanf' makes pointer from integer without a cast [-Wint-conversion]
    332 |         if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) {
        |                    ^~~~~~~~~~~~~~~~~~~~
        |                    |
        |                    int
  ...

Fixes: #14621
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-06-08 14:08:38 +02:00
Robert Marko
80d1c353b7 Revert "base-files: Ignore exit code of uci.sh inclusion"
This reverts commit 17d8c5825e.
This commit is breaking init somehow, even the hostname is not set,
so until its fixed, revert it.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-08 12:57:18 +02:00
Paul Spooren
17d8c5825e base-files: Ignore exit code of uci.sh inclusion
When running unit tests this causes trouble since `/lib/config/uci.sh`
isn't available in those cases. Instead exit with a clean status fo the
unit test framework don't wrongly interpret things as an error.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-06-07 21:49:09 +02:00
Tianling Shen
4edde98768 mediatek: fix wps button for nokia ea0326gmp
The gpio is actually low active, fix it.

Fixes: 40e7fab9e4 ("mediatek: add Nokia EA0326GMP support")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15651
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-07 14:19:39 +02:00
Felix Fietkau
b9650de249 mac80211: backport an upstream patch needed by mt76 for AES_GMAC key support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-07 06:02:13 +02:00
Paul Spooren
eea666d583
apk: bump to 2024-05-23
containing fixes around tar and internal checksums.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Link: https://github.com/openwrt/openwrt/pull/15646
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-06 19:20:59 +02:00
Tim Harvey
892b654629 kernel: modules: video: adapt imx modules for 6.6
the ipuv3 based video kernel modules moved into the ipuv3 directory for
6.6.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2024-06-06 22:04:23 +02:00
Tim Harvey
eebe2d1a83 kernel: modules: video: fix imx-ldb
Commit ae8bf1a26e ("imx: add imx8m support") configured the
drm-imx-ldb kmod for imx_cortexa9 and imx_cortexa7 however it is only
applicable to imx_cortexa9 (imx6).

Fix this so that we can avoid a missing module config for cortexa7 when
moving to the 6.6 kernel.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2024-06-06 22:04:23 +02:00
Rosen Penev
32671b36a1 mdadm: update to 4.3
Backport three patches, add one for GCC14, and add Alpine time_t patch for
musl.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-06-06 22:02:21 +02:00
Felix Fietkau
a3d1583317 Revert "hostapd: add support for authenticating with multiple PSKs via ubus helper"
This reverts commit c67d5189a4.
Revert until reported issues have been resolved

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-06 21:34:20 +02:00
Tianling Shen
40e7fab9e4 mediatek: add Nokia EA0326GMP support
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: 128 MB SPI-NAND
  RAM: 256MB
  Ethernet: 4x 10/100/1000 Mbps
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, WPS/Mesh
  Power: DC 12V 1A

Gain SSH access:
1. Login into web interface, and download the configuration.
2. Download the configration utilities:
   https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7981-nokia-ea0326gmp-config-utils.tar.gz
     These binaries are extraced from the factory firmware, which are
     dynamically linked with aarch64 musl 1.1.24. To use them, you
     must run them under the same runtime environment, otherwise the
     binaries will not work properly!
3. Upload the configuration and utilities to a suitable environment.
4. Uncompress the utilities, move them to '/bin' and give them executable permisison:
   tar -zxf openwrt-mediatek-mt7981-nokia-ea0326gmp-config-utils.tar.gz
   mv mkconfig seama /bin
   chmod +x /bin/mkconfig
   chmod +x /bin/seama
5. Decrypt and uncompress the configuration:
     Enter fakeroot if you are not login as root.
   mkconfig -a de-enca -m EA0326GMP_3FE79221BAAA -i EA0326GMP_3FE79221BAAA-xxxxxxxx-backup.tar.gz -o backup.tar.gz
   tar -zxf backup.tar.gz
6. Edit 'etc/config/dropbear', set 'enable' to '1'.
7. Edit 'etc/passwd', remove root password: 'root::1:0:99999:7:::'.
8. Repack the configuration:
   tar -zcf backup.tar.gz etc/
   mkconfig -a enca -m EA0326GMP_3FE79221BAAA -i backup.tar.gz -o EA0326GMP_3FE79221BAAA-xxxxxxxx-backup.tar.gz
9. Upload new configuration via web interface, now you can SSH to EA0326GMP.

A minimum configuration which enabled SSH access is also provided
to simplify the process:
https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7981-nokia-ea0326gmp-enable-ssh.tar.gz

Flash instructions:
1. SSH to EA0326GMP, backup everything, especially 'Factory' part.
2. Write new BL2:
   mtd write openwrt-mediatek-filogic-nokia_ea0326gmp-preloader.bin BL2
3. Write new FIP:
   mtd write openwrt-mediatek-filogic-nokia_ea0326gmp-bl31-uboot.fip FIP
4. Set static IP on your PC:
   IP 192.168.1.254/24, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, perform sysupgrade.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-06-06 18:56:32 +01:00
Felix Fietkau
c67d5189a4 hostapd: add support for authenticating with multiple PSKs via ubus helper
Also supports assigning a VLAN ID based on the PSK

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-06 11:47:59 +02:00
Daniel Golle
a6487e393b uboot-mediatek: snfi: FM35Q1GA is x4-only
Dont allow x2 read and cache read operations on FM35Q1GA as they seem
to be unstable. Also the Linux drivers does not allow x2 ops.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-05 21:05:52 +01:00
Daniel Golle
24bf241f8c arm-trusted-firmware-mediatek: import patchset for Fidelix flash on SNFI
Import pending patches to set pinconf settings for SPI-NAND pins on
MT7622 identical to what the old proprietary preloader did.

Should further increase the reliability of some SNFI-attached SPI-NAND
flash chips.

Link: https://github.com/mtk-openwrt/arm-trusted-firmware/pull/7
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-05 21:05:52 +01:00
Daniel Golle
4a2908f3bc arm-trusted-firmware-mediatek: update to MediaTek-patched v2.10.0
Update ARM TrustedFirmware-A to the most recent release of
MediaTek downstream patched version released 2024-01-17.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-05 21:05:52 +01:00
INAGAKI Hiroshi
fbeff10b5a mtd: enable trx feature on ramips
Enable trx feature of mtd command to fixup trx length and crc32 while
booting for some Buffalo devices.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2024-06-05 21:14:16 +02:00
Michał Kępień
3152c440bb yafut: sync version between tools/ and package/ directories
Use the same Yafut code revision for both updating devices with NAND
flash and preparing firmware images for devices with NOR flash.

Signed-off-by: Michał Kępień <openwrt@kempniu.pl>
Link: https://github.com/openwrt/openwrt/pull/13453
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-05 17:03:24 +02:00
Linus Walleij
5b3f6b4d96 kernel: modules: Break out a submenu for RTCs
There are too many RTC drivers in other.mk, they deserve their
own menu and .mk-file, so let's break them out to a separate
entity.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-06-04 09:28:25 +02:00
Fabrice Fontaine
58a5877846 package/utils/secilc: drop PKG_CPE_ID
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️selinuxproject:secilc

Fixes: 9ee7c1ec60 (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-02 20:49:48 +02:00
Hauke Mehrtens
e4f323ed56 uboot-tegra: Set UBOOT_USE_INTREE_DTC
U-Boot 2024.04 for tegra needs swig installed on the host, this
dependency is only checked if UBOOT_USE_INTREE_DTC is set. add the
missing definition.

Fixes: 6832faf340 ("uboot-tegra: bump version to 2024.04")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-06-02 18:06:39 +02:00
Hauke Mehrtens
8647ce0800 kernel: Split kmod-video-dma into two kmods
Split the kmod-video-dma into kmod-video-dma-sg and
kmod-video-dma-contig. The old one contained two kmods, but sometimes
only one of them is build which caused problems. The configuration
options are not manually selectable in the kernel and hidden in OpenWrt.

Currently this causes build failures on some targets.

Fixes: 4d7cbe0a55 ("kernel: video-dma: explicitly state packaged modules")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-06-02 17:38:23 +02:00
Zoltan HERPAI
8619d7af67 kirkwood: add D-Link DNS-320L support
Dual-slot NAS based on Marvell Kirkwood.

Specifications:
 - Marvell 88F6702 @1GHz
 - 256Mb RAM
 - 128Mb NAND
 - 1x GbE LAN (Marvell 88E1318R)
 - 1x USB 2.0
 - 2x SATA
 - Weltrend WT69P3 ("supervisor" MCU chip)
 - Serial on J2 (115200,8n1)
 - Newer bootROM so kwboot-ing via serial is possible

Notes:
 - The Weltrend MCU is controlled by the package added in utils/dns320l-mcu.
 - The original MAC address is stored in the "mini firmware" image's first
   17 bytes.
 - Compared to the original MTD layout, the uImage+rootfs are now stored in
   a common ubi partition.

Installation:
1. Serial console
 - Connect your levelshifter to the serial console
   on J2 (refer to the wiki page for pinout)
2. Update u-boot
 - Download the u-boot.kwb image for the device
 - Powercycle the NAS
 - Run "kwboot -b u-boot-dns320l/u-boot.kwb /dev/ttyUSB0 -p"
 - Connect to the serial console with minicom
 - tftp 0x0800000 u-boot-dns320l/u-boot.kwb
   (Please note that "PHY reset timed out" seems to be customary
    on kirkwood devices, the egiga0 interface works regardless.)
 - nand erase 0x0 100000
 - nand write 0x0800000 0x0 0x100000
 - reset
3. Install OpenWrt
 - Boot up the initramfs image
 - tftpboot 0x800000 openwrt-kirkwood-generic-dlink_dns320l-initramfs-uImage; bootm 0x800000
 - Download the sysupgrade image and perform sysupgrade

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Reviewed-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-06-01 01:29:09 +02:00
Tomasz Maciej Nowak
4d7cbe0a55 kernel: video-dma: explicitly state packaged modules
Because wildcard in variable stating packaged modules, the filtering for
built-in kernel modules didn't work and would cause a packaging failure.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2024-05-31 14:38:17 +02:00
Tony Ambardar
87d5d38e2a ply: add dynamic tracing package using BPF
ply is a light-weight dynamic tracer for Linux that leverages the kernel's
BPF VM in concert with kprobes/tracepoints to attach probes to arbitrary
points in the kernel.

Most tracers that generate BPF bytecode are based on the LLVM-based BCC
toolchain; ply on the other hand has no external dependencies outside libc,
making it suitable for use on constrained embedded systems.

Currently ply supports x86_64, aarch64, arm, riscv64, riscv32, powerpc,
mips(el), and mips64(el) architectures.

Further documentation, examples and implementation details may be found at:
https://github.com/iovisor/ply.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-05-31 11:51:45 +02:00
Rosen Penev
2f4bb69664 packages: refresh patches
CI is supposed to catch all of these. Some of these predate CI.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-05-31 11:30:06 +02:00
Hauke Mehrtens
0cf4c8a986 kernel: Add CONFIG_FB_DEVICE to kmod-fb
At least kmod-fb-tft depends on CONFIG_FB_DEVICE and can not be
activated without it.

This configuration option was added with kernel 6.6, before this featre
was always activated.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-31 11:27:17 +02:00
Rui Salvaterra
2ae1330a22 iproute2: update to 6.9.0
Support for iptables action has been dropped. Remove tc-mod-iptables and related
patch (175-reduce-dynamic-syms.patch).

We also add the missing libbpf dependency for `ss` since iproute 8740ca9
("ss: add support for BPF socket-local storage") now means that `ss` requires
libbpf as well.

Fix 170-ip_tiny.patch, as the help text didn't match all the included functions.

Drop upstreamed patches 402-bpf-fix-warning-from-basename.patch
and 403-bpf-include-libgen.h-for-basename.patch.

All other patches automatically rebased.

Co-authored-by: Rany Hany <rany_hany@riseup.net>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 11:13:31 +02:00
Rany Hany
b2e0775bc6 iproute2: fix build on GCC 14
Upstream patches:

401-bridge-vlan.c-bridge-vlan.c-fix-build-with-gcc-14-on.patch
402-bpf-fix-warning-from-basename.patch
403-bpf-include-libgen.h-for-basename.patch

The patch (400-rdma-include-libgen.h-for-basename.patch) was not
submitted upstream but just adds a missing include for basename.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 11:13:31 +02:00
Rany Hany
a41747ac8e mbedtls: fix build on GCC 14
Without this patch, GCC 14 incorrectly complains about the following error:

In file included from /home/user/workspace/mbedtls/library/ctr_drbg.c:13:
In function ‘mbedtls_xor’,
    inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:17: error: array subscript 48 is outside array bounds of ‘unsigned char[48]’ [-Werror=array-bounds=]
  235 |         r[i] = a[i] ^ b[i];
      |                ~^~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:335:19: note: at offset 48 into object ‘tmp’ of size 48
  335 |     unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
      |                   ^~~
In function ‘mbedtls_xor’,
    inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:24: error: array subscript 48 is outside array bounds of ‘const unsigned char[48]’ [-Werror=array-bounds=]
  235 |         r[i] = a[i] ^ b[i];
      |                       ~^~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:333:57: note: at offset 48 into object ‘data’ of size [0, 48]
  333 |                                     const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN])
      |                                     ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘mbedtls_xor’,
    inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:14: error: array subscript 48 is outside array bounds of ‘unsigned char[48]’ [-Werror=array-bounds=]
  235 |         r[i] = a[i] ^ b[i];
      |         ~~~~~^~~~~~~~~~~~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:335:19: note: at offset 48 into object ‘tmp’ of size 48
  335 |     unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
      |                   ^~~

This change adds a basic check to silence the warning until a solution is worked on upstream.
As this check is already used by another compiler, it shouldn't cause any issues for us.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 10:33:06 +02:00
Hauke Mehrtens
72f0e5184e kernel: kmod-ipt-clusterip: Depend on kernel 5.15 and 6.1
The kernel module was removed in kernel 6.3.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9db5d918e2c07fa09fab18bc7addf3408da0c76f

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-28 22:07:43 +02:00
Hauke Mehrtens
ee1983a2ff kernel: kmod-can-usb-esd: Fix build on kernel 6.6
The kernel module and configuration option was renamed from esd_usb2.ko
to esd_usb.ko in kernel 6.0. Adapt the kernel package.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5e910bdedc84c1f196863cebdf27c1806449c27c

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-28 22:07:43 +02:00
Hauke Mehrtens
2650e7ac1b linux-firmware: Update to version 20240513
This updates the following firmware files:
airoha-en8811h-firmware/lib/firmware/airoha/EthMD32.DSP.bin
airoha-en8811h-firmware/lib/firmware/airoha/EthMD32.dm.bin
amdgpu-firmware/ (Many files)
ibt-firmware/lib/firmware/intel/ibt-0040-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-0040-1020.sfi
ibt-firmware/lib/firmware/intel/ibt-0040-1050.sfi
ibt-firmware/lib/firmware/intel/ibt-0040-2120.sfi
ibt-firmware/lib/firmware/intel/ibt-0040-4150.sfi
ibt-firmware/lib/firmware/intel/ibt-0041-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-0180-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-0180-1050.sfi
ibt-firmware/lib/firmware/intel/ibt-0180-4150.sfi
ibt-firmware/lib/firmware/intel/ibt-0291-0291.ddc
ibt-firmware/lib/firmware/intel/ibt-0291-0291.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-1020.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-1050.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-2120.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-4150.sfi
ibt-firmware/lib/firmware/intel/ibt-17-16-1.sfi
ibt-firmware/lib/firmware/intel/ibt-17-2.sfi
ibt-firmware/lib/firmware/intel/ibt-18-16-1.sfi
ibt-firmware/lib/firmware/intel/ibt-18-2.sfi
ibt-firmware/lib/firmware/intel/ibt-19-0-0.sfi
ibt-firmware/lib/firmware/intel/ibt-19-0-1.sfi
ibt-firmware/lib/firmware/intel/ibt-19-0-4.sfi
ibt-firmware/lib/firmware/intel/ibt-19-16-4.sfi
ibt-firmware/lib/firmware/intel/ibt-19-240-1.sfi
ibt-firmware/lib/firmware/intel/ibt-19-240-4.sfi
ibt-firmware/lib/firmware/intel/ibt-19-32-0.sfi
ibt-firmware/lib/firmware/intel/ibt-19-32-1.sfi
ibt-firmware/lib/firmware/intel/ibt-19-32-4.sfi
ibt-firmware/lib/firmware/intel/ibt-20-0-3.sfi
ibt-firmware/lib/firmware/intel/ibt-20-1-3.sfi
ibt-firmware/lib/firmware/intel/ibt-20-1-4.sfi
iwlwifi-firmware-ax200/lib/firmware/iwlwifi-cc-a0-77.ucode
iwlwifi-firmware-ax201/lib/firmware/iwlwifi-QuZ-a0-hr-b0-77.ucode
iwlwifi-firmware-ax210/lib/firmware/iwlwifi-ty-a0-gf-a0.pnvm
iwlwifi-firmware-be200/lib/firmware/iwlwifi-gl-c0-fm-c0.pnvm
iwlwifi-firmware-iwl9000/lib/firmware/iwlwifi-9000-pu-b0-jf-b0-46.ucode
iwlwifi-firmware-iwl9260/lib/firmware/iwlwifi-9260-th-b0-jf-b0-46.ucode
mt7921bt-firmware/lib/firmware/mediatek/BT_RAM_CODE_MT7961_1_2_hdr.bin
mt7922bt-firmware/lib/firmware/mediatek/BT_RAM_CODE_MT7922_1_1_hdr.bin
rtl8852ce-firmware/lib/firmware/rtw89/rtw8852c_fw.bin

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-28 22:04:34 +02:00
Georgi Valkov
32e4c50d24 ebtables: fix compilation with GCC14
Remove 100-musl_fix.patch, which is no longer needed
and causes a build error with gcc-14.

Fixes:
useful_functions.c:63:41: error: passing argument 1 of 'ether_ntoa' from incompatible pointer type [-Wincompatible-pointer-types]
   63 |                 printf("%s", ether_ntoa((struct ether_addr *) mac));
      |                                         ^~~~~~~~~~~~~~~~~~~~~~~~~
      |                                         |
      |                                         struct ether_addr *
In file included from include/ebtables_u.h:28,
                 from useful_functions.c:25:
/Volumes/wrt3200/openwrt/staging_dir/toolchain-arm_cortex-a9+vfpv3-d16_gcc-14.1.0_musl_eabi/include/netinet/ether.h:10:19: note: expected 'const struct ether_addr *' but argument is of type 'struct ether_addr *'
   10 | char *ether_ntoa (const struct ether_addr *);
      |                   ^~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15576
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-28 10:41:45 +02:00
Tomasz Maciej Nowak
f7f8099aa3 ath79: add support for Dell SonicPoint ACe APL26-0AE
Dell/SonicWall APL26-0AE (marketed as SonicPoint ACe) is a dual band
wireless access point. End of life as of 2022-07-31.

Specification
SoC: QualcommAtheros QCA9550
RAM: 256 MB DDR2
Flash: 32 MB SPI NOR
WIFI: 2.4 GHz 3T3R integrated
      5 GHz 3T3R QCA9890 oversized Mini PCIe card
Ethernet: 2x 10/100/1000 Mbps QCA8334
          port labeled lan1 is PoE capable (802.3at)
USB: 1x 2.0
LEDs: LEDs: 6x which 5 are GPIO controlled and two of them are dual color
Buttons: 2x GPIO controlled
Serial: RJ-45 port, SonicWall pinout
        baud: 115200, parity: none, flow control: none

Before flashing, be sure to have a copy of factory firmware, in case You
wish to revert to original firmware.
All described procedures were done in following environment:
ROM Version: SonicROM (U-Boot) 8.0.0.0-11o
SafeMode Firmware Version: SonicOS 8.0.0.0-14o
Firmware Version: SonicOS 9.0.1.0
In case of other versions, following installation instructions might be
ineffective.

Installation
1. Prepare TFTP server with OpenWrt sysupgrade image and rename that
   image to "sp_fw.bin".
2. Connect to one of LAN ports.
3. Connect to serial port.
4. Hold the reset button (small through hole on side of the unit),
   power on the device and when prompted to stop autoboot, hit any key.
   The held button can now be released.
5. Alter U-Boot environment with following commands:
    setenv bootcmd bootm 0x9F110000
    saveenv
6. Adjust "ipaddr" (access point, default is 192.168.1.1) and "serverip"
   (TFTP server, default is 192.168.1.10) addresses in U-Boot
   environment, then run following commands:
    tftp 0x80060000 sp_fw.bin
    erase 0x9F110000 +0x1EF0000
    cp.b 0x80060000 0x9F110000 $filesize
7. After successful flashing, execute:
    boot
8. The access point will boot to OpenWrt. Wait few minutes, until the
    wrench LED will stop blinking, then it's ready for configuration.

Known issues
Initramfs image can't be bigger than specified kernel size, otherwise
bootloader will throw LZMA decompressing error. Switching to lzma-loader
should workaround that.
This device has Winbond 25Q256FVFG and doesn't have reliable reset, which
causes hang on reboot, thus broken-flash-reset needs to be added. This
property addition causes dispaly of "scary" warning on each boot, take
this warnig into consideration.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2024-05-27 00:32:57 +02:00
Til Kaiser
0a861a0c0f kernel/modules/other/mlxreg: add new package
This commit adds a new mlxreg package, which allows access
to Mellanox programmable device register space through sysfs
interface for thermal control and hardware management.

It also adds required Mellanox I²C drivers and packages
for the "special" MSN4800 series and SN2201 platform.

Signed-off-by: Til Kaiser <mail@tk154.de>
2024-05-25 20:36:32 +02:00
Til Kaiser
0e56bd3eb5 kernel/modules/other/mlx_wdt: add new package
This commit adds a new driver for the hardware watchdog
on Mellanox systems.

Signed-off-by: Til Kaiser <mail@tk154.de>
2024-05-25 20:36:32 +02:00
Pawel Dembicki
9d44340952 tfa-layerscape: Bump to lf-6.6.3-1.0.0
This commit bumps tfa-layerscape package to version lf-6.6.3-1.0.0

Manually rebased:
001-fiptool-hostbuild-fixes.patch
004-plat-nxp-restore-ls1012afrdm-support.patch

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
Pawel Dembicki
35efee1329 uboot-layerscape: bump to lf-6.6.3-1.0.0
This commit bumps u-boot layerscape package to lf-6.6.3-1.0.0 version.

Removed upstreamed:
0001-board-ls1046ardb-force-PCI-device-enumeration.patch
0002-board-ls1043ardb-force-PCI-device-enumeration.patch

Manually rebased:
0900-layerscape-adjust-LS1021A-IOT-config-for-OpenWrt.patch

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
Pawel Dembicki
322f2c1424 ppfe-firmware: Bump to lf-6.6.3-1.0.0
Bump ppfe-firmware package to lf-6.6.3-1.0.0

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
Pawel Dembicki
1cceadf3ce ls-rcw: Bump to lf-6.6.3-1.0.0
Bump ls-rcw package to lf-6.6.3-1.0.0.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
Pawel Dembicki
b6af057cbf ls-ddr-phy: bump to lf-6.6.3-1.0.0
Bump ls-ddr-phy to version lf-6.6.3-1.0.0.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
Pawel Dembicki
00c59f8d04 fman-ucode: Bump to lf-6.6.3-1.0.0
Bump fman-ucode to version lf-6.6.3-1.0.0.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
INAGAKI Hiroshi
8366e0d606 uboot-envtools: add support for ELECOM WRC-X1800GS
Add support for ELECOM WRC-X1800GS on uboot-envtools, to update
bootmenu_delay variable on sysupgrade.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2024-05-25 19:33:28 +02:00
Daniel Golle
17ca4cccc6 uboot-mediatek: fix white-space in package Makefile
Replace accidental spaces with tabs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-25 03:54:20 +01:00
Daniel Golle
ac424d0983 uboot-mediatek: refresh patches
Patch 290-mt7981-add-USB-nodes.patch needs a refresh.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-25 03:54:20 +01:00
Daniel Golle
c71b68acdd mediatek: filogic: add Adtran SmartRG Mount Stuart series
Common specifications:
 * Mediatek MT7988A (4x Cortex-A73, up to 1.8 GHz clock speed)
 * 8 GiB eMMC
 * 2 GiB DDR4 RAM
 * 1x 10000M/1000M/100M + 3x 1000M/100M/10M LAN ports
 * MT7996 Tri-band (2.4G, 5G, 6G) 4T4R 802.11be Wi-Fi
 * Airoha AG3352 GPS
 * Renesas DA14531MOD Bluetooth
 * 2 buttons (Reset, Mesh/WPS)
 * uC-controlled RGB LED via I2C
 * 2x LED for each 1G port, 3x LED for each 10G port
 * USB 3.0 type A port
 * 3.3V-level 115200 baud UART console via 4-pin Dupont connector
   exposed at the bottom of the device
 * USB-C PD power input

SDG-8733: 1x 10000M/1000M/100M WAN port
SDG-8734: 1x USXGMII/10GBase-R/5GBase-R/2500Base-X/1000Base-X/SGMII SFP+

Both models are also available in versions including 2x FXS POTS interfaces
for analog phones. Those interfaces are not supported by OpenWrt.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-24 18:34:13 +01:00
Rany Hany
3e024022c3 linux-atm: fix build with GCC 14
Basic changes to make linux-atm build without any issues with GCC 14.

Besides some errors caused by -Wpointer-sign, there was also an issue
with socklen_t not being used for getsockopt() and accept()
sometimes.

I also updated the Debian patch to include the latest changes from
version "1:2.5.1-5.1" in Debian Sid. This allowed me to drop
"600-fix-format-errors.patch" and "700-include_sockios.patch".

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-24 00:09:47 +02:00
Didier 'OdyX' Raboud
6febb93cfd usbmode: add Huawei E5785
This 4G/LTE modem is a WiFi hotspot, and also works as cdc_ether modem
when plugged over USB. It needs usb-modeswitching. With HuaweiNewMode,
it will modeswitch from 3426:1f01 (mass-storage) to 3426:14db
(cdc_ether).

Signed-off-by: Didier 'OdyX' Raboud <odyx@raksha.ch>
Link: https://github.com/openwrt/openwrt/pull/15497
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-23 22:49:25 +02:00
Daniel Golle
9a11bc3682 build: generate private key for APK early
Other than OPKG which only uses signed package list, APK uses
individually signed packages in addition to signed package lists. Hence,
in order to be able to generate package, the private key needs to be
generated before compiling packages. Express that dependency and
generate the private key before building any packages instead of doing
so as part of the base-files package build.

Fixes: d788ab376f ("build: add APK package build capabilities")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-22 19:28:20 +02:00
Andrew Smith
0f5c28b96b qualcommax: ipq807x support Netgear Orbi Pro SXK80
This commit adds support for Netgear Orbi Pro SXR80 and SXS80 (collectively known as SXK80)

Specifications:
---------------
* CPU: Qualcomm IPQ8074A Quad core Cortex-A53
* RAM: 1024MB
* Storage: SPI-NAND 512 MiB (Winbond W29N04GZ)
* Ethernet: 4x 1G RJ45 ports (QCA8075) 1x 2.5G RJ45 LAN/WAN (QCA8081)
* WLAN:
    - 2.4 GHz: Qualcomm QCN5024 4x4
    - 2x 5 GHz: Qualcomm QCN5054 4x4 (second radio high channels only)
* LEDs:
    - Power: (Green and red)
    - Front: (Blue, green, red and white)
* Buttons:
    - 1x Soft reset
    - 1x Sync/WPS
* Power: 12V DC Jack

Installation instructions (Telnet):
-----------------------------------

*Note, this guide assumes SXR80, for SXS80 change the firmware file name as appropriate

1. Put firmware file openwrt-qualcommax-ipq807x-netgear_sxr80-initramfs-uImage.itb in root of TFTP server available at 192.168.1.10.
2. Enable telnet by going to http://[ip of device]/debug.htm and clicking on the tickbox 'Enable telnet'
3. Telnet into the device and login using the same username and password as the web interface:
4. Run the following command:

`fw_setenv bootcmd 'env default -a; saveenv; reset'`

5. Reboot the router, once the web interface is available again re-enable telnet via http://[ip of device]/debug.htm and telnet into the device.

6. Run the following command:

`fw_printenv`

It should look similar to the below:

```
baudrate=115200
bootargs=console=ttyMSM0,115200n8
bootcmd=mii write 0x0 0x0 0x800; sleep 1; nmrp; bootdni; boot_DNI_secureboot
bootdelay=2
ipaddr=192.168.1.1
netmask=255.255.255.0
serverip=192.168.1.10
soc_version_major=2
soc_version_minor=0
```

**If you see the message:**
`Warning: Bad CRC, using default environment`
**DO NOT CONTINUE, YOU WILL BRICK YOUR DEVICE**

7. Run the following command:

`fw_setenv originalboot 'mii write 0x0 0x0 0x800; sleep 1; nmrp; bootdni; boot_DNI_secureboot'`

(This should match what's in the bootcmd variable displayed in step 6)

8. Run the following commands:
```
fw_setenv wrttftp 'mii write 0x0 0x0 0x800; sleep 1; nmrp; if tftpboot openwrt-qualcommax-ipq807x-netgear_sxr80-initramfs-uImage.itb; then bootm; fi; bootdni; boot_DNI_secureboot'
fw_setenv wrtboot 'mii write 0x0 0x0 0x800; sleep 1; nmrp; nand read 0x40000000 0x1980000 0x06d00000; bootm 0x40000000'
fw_setenv bootcmd 'run wrttftp'
```

9. Ensure SXR/S device is attached via ethernet (LAN port) to the same ethernet segment as the TFTP server.

10. Reboot the device, it should reboot into OpenWrt and be available on 192.168.1.1

11. Once OpenWrt has booted, update the bootcmd using the following command:

`fw_setenv bootcmd 'run wrtboot'`

12. Flash the sysupgrade image

13. It should boot into OpenWrt

References to SXK80 GPL source:
https://www.downloads.netgear.com/files/GPL/SXK80-V3.2.0.108_gpl_src.tar.bz2.zip

Signed-off-by: Flole Systems <flole@flole.de>
Signed-off-by: Andrew Smith <gul.code@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/14939
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-22 14:51:36 +02:00
Robert Marko
1082c6556e kernel: qca-nss-dp: add back printing attached PHY-s
During the last update to 12.5.r2 printing of the attached PHY-s was
removed, so lets bring it back as it is very helpfull for debugging
OpenWrt issues without users having to modify NSS-DP to know if a PHY
was attached.

Refresh patches since nss_dp_main.c was edited.

Link: https://github.com/openwrt/openwrt/pull/15537
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-21 12:29:33 +02:00
John Crispin
a46ebf6fc2 uboot-mediatek: add support for OpenWrt One
Signed-off-by: John Crispin <john@phrozen.org>
2024-05-21 10:26:06 +02:00
John Crispin
9746b6f1fc uboot-mediatek: add USB support to mt7981.dtsi
Signed-off-by: John Crispin <john@phrozen.org>
2024-05-21 10:26:06 +02:00
John Crispin
41655c81c1 arm-trusted-firmware-mediatek: add mt7981-nor-ddr4 and mt7981-spim-nand-ubi-ddr4 builds
Signed-off-by: John Crispin <john@phrozen.org>
2024-05-21 10:26:06 +02:00
Felix Fietkau
bc5d9779da mt76: install mt7981_eeprom_mt7976_dbdc.bin to STAGING_DIR_IMAGE
It will be used in the image building code

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-21 10:13:31 +02:00
Felix Fietkau
ed23d4d00d mt76: update to Git HEAD (2024-05-17)
8f301a5c5fe3 firmware: add mt7981 default eeprom
2d264aecbf5a mt76: mt7915: make pre-cal freq lists static const
d9c62742bed6 wifi: mt76: make const arrays in functions static
8986ba5492a8 wifi: mt76: mt7921: cqm rssi low/high event notify
3afbb8ed8015 wifi: mt76: mt7996: let upper layer handle MGMT frame protection
1d0bd57e5889 wifi: mt76: mt7921e: add LED control support
1d6e4f7de8a6 wifi: mt76: mt7925: add EHT radiotap support in monitor mode
c40e648b8929 wifi: mt76: enable spectrum management
14d5ee9f3369 mt76: shrink mt76_queue_buf
513c131c6309 mt76: mt7603: fix mixed declarations and code

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-21 10:13:31 +02:00
Jo-Philipp Wich
61330ddef8 firewall4: update to Git HEAD (2024-05-21)
4c01d1ebf99e fw4: substitute double quotes in strings

Fixes: https://github.com/openwrt/luci/issues/7091
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-05-21 08:59:13 +02:00
Tony Ambardar
d44d35f106 libbpf: Update to v1.4.2
Update to the latest upstream release to include recent improvements and
bugfixes.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.2
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-05-21 08:02:55 +02:00
Linus Walleij
2eef4f7354 ixp4xx: Bump to kernel v6.6
The IXP4xx is well supported upstream and can readily be
supported with kernel v6.6. To simplify things after the
DTS directory was renamed, switch to v6.6 only.

Bring in some outstanding patches.

Tested on the Gateworks GW2348-4.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-05-20 21:04:08 +02:00
Paul Spooren
5a5d126954 apk: update to latest HEAD 2024-05-19
Upstream refactoring caused some mbedtls issues, now fixed again.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-20 18:10:42 +03:00
Rui Salvaterra
2b8e875a85 linux-firmware: realtek: update rtl8821ae firmware
A newer version, rtl8821aefw_29.bin, has been available for over 7 years [1].
Let's use it.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f70e4df2b384d21e36a7c30a591639592692e0ec

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2024-05-20 14:06:42 +01:00
Yuu Toriyama
65c1f0d433 wireless-regdb: update to 2024.05.08
Changes:
  73529a8 Revert "wireless-regdb: Update and disable 5470-5730MHz band according to TPC requirement for Singapore (SG)"
  87941e4 wireless-regdb: Update regulatory rules for Taiwan (TW) on 6GHz
  33797ae wireless-regdb: update regulatory database based on preceding changes

Signed-off-by: Yuu Toriyama <PascalCoffeeLake@gmail.com>
2024-05-19 16:17:44 +03:00
Felix Fietkau
59ac0440b1 mediatek: convert mt7988a-rfb to keep bl31/uboot in UBI
Add ubi volumes for mt7988a-rfb and support for using factory data
for Ethernet MAC addresses and MT7996 WLAN calibration data.
Also add rootdisk handle. Removes the need to keep using nmbm

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-19 09:47:04 +02:00
Felix Fietkau
3bc9ac2942 uboot-mediatek: add missing options for mt7988-rfb
Fixes autoboot and storing env in UBI

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-19 09:47:04 +02:00
Paul Spooren
99636d4dd8
apk: update to latest HEAD 2024-05-18
Drop downstream mbedtls patch since it went upstream.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Link: https://github.com/openwrt/openwrt/pull/15522
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-18 15:05:55 +02:00
Paul Spooren
a96354bcfb
base-files: correctly split install-key function for APK
The function incorrectly tried to APK keys even if there were none.
Correctly separate it into its own `ifdef` section.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Link: https://github.com/openwrt/openwrt/pull/15519
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-17 23:34:23 +03:00
Paul Spooren
b773ca1a96 apk: disable helptext for host build
The host build would need Lua to compile which currently adds a race
condition. Instead of tracking that down just disable helptext for the
host build.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 23:21:26 +03:00
Paul Spooren
bcc641504d base-files: add compatibility for APK and OPKG
Both package managers work slightly different, i.e. stores files at
different places. Modify the `functions.sh` file to cover those.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 23:21:26 +03:00
Paul Spooren
3010ab87bc base-files: add update_alternatives function
The APK package manager does not support handling of package
alternatives itself, so implement it via a simple shell script.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 23:21:26 +03:00
Paul Spooren
d788ab376f build: add APK package build capabilities
A new option called `USE_APK` is added which generated APK packages
(.apk) instead of OPKG packages (.ipk).

Some features like fstools `snapshot` command are not yet ported

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 23:21:26 +03:00
Paul Spooren
ad4bd9c5d8 apk: add missing PROVIDES
Add PROVIDES:=apk to the Makefile so we can default to install `apk` by
default as a dependency.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 21:56:20 +03:00
Paul Spooren
081a59e0f2 rpcd: fix package dependency for APK
Version dependencies must not contain spaces to be compatible with both
OPKG and APK.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 21:55:51 +03:00
Tomasz Maciej Nowak
6832faf340 uboot-tegra: bump version to 2024.04
Since swig is mentioned as build dependency and buildbots have it
installed we can safely bump version.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2024-05-17 17:17:06 +03:00
Paweł Owoc
9bdaebaff3 qualcommax: ipq807x: add support for Linksys MX8500
Hardware specification:
========
SoC: Qualcomm IPQ8072A
Flash: 512MB (Fidelix FMND4G08S3J-ID)
RAM: 1GB (2x Kingston DDR3L D2516ECMDXGJD)
Ethernet: 1x 10/100/1000/2500/5000Mbps (Marvell AQR114C)
Ethernet: 4x 10/100/1000Mbps (Qualcomm QCA8075)
WiFi1: 6GHz ax 4x4 (Qualcomm QCN9024 + Skyworks SKY85784-11) - channels 33-229
WiFi2: 5GHz ax 4x4 (Qualcomm QCN5054 + Skyworks SKY85755-11) - channels 36-177
WiFi3: 2.4GHz ax 4x4 (Qualcomm QCN5024 + Skyworks SKY8340-11)
IoT: Bluetooth 5, Zigbee and Thread (NXP K32W041)
LED: 1x RGB status (NXP PCA9633)
USB: 1x USB 3.0
Button: WPS, Reset

Flash instructions:
========
1. Manually upgrade firmware using openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin image.
More details can be found here: https://www.linksys.com/support-article?articleNum=47547
After first boot check actual partition:
- fw_printenv -n boot_part
and install firmware on second partition using command in case of 2:
- mtd -r -e kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin kernel
and in case of 1:
- mtd -r -e alt_kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin alt_kernel

2. Installation using serial connection from OEM firmware (default login: root, password: admin):
- fw_printenv -n boot_part
In case of 2:
- flash_erase /dev/mtd21 0 0
- nandwrite -p /dev/mtd21 openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin
or in case of 1:
- flash_erase /dev/mtd23 0 0
- nandwrite -p /dev/mtd23 openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin
After first boot install firmware on second partition:
- mtd -r -e kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin kernel
or:
- mtd -r -e alt_kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin alt_kernel

3. Installation from initramfs image using USB drive:
Put the initramfs image on the USB drive:
- dd bs=1M if=openwrt-qualcommax-ipq807x-linksys_mx8500-initramfs-uImage.itb of=/dev/sda
Stop u-boot and run:
- usb start && usbboot $loadaddr 0 && bootm $loadaddr
Write firmware to the flash from initramfs:
- mtd -e kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin kernel
and:
- mtd -r -e alt_kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin alt_kernel

4. Back to the OEM firmware:
- mtd -e kernel -n write FW_MX8500_1.0.11.208937_prod.img kernel
and:
- mtd -r -e alt_kernel -n write FW_MX8500_1.0.11.208937_prod.img alt_kernel

5. USB recovery:
Put the initramfs image on the USB:
- dd bs=1M if=openwrt-qualcommax-ipq807x-linksys_mx8500-initramfs-uImage.itb of=/dev/sda
Set u-boot env:
- fw_setenv bootusb 'usb start && usbboot $loadaddr 0 && bootm $loadaddr'
- fw_setenv bootcmd 'run bootusb; if test $auto_recovery = no; then bootipq; elif test $boot_part = 1; then run bootpart1; else run bootpart2; fi'

AQR firmware:
========
1. Firmware loading:
To properly load the firmware and initialize AQR PHY, we must use the u-boot aq_load_fw function.
To do this, you need to modify u-boot env:
With USB recovery:
- fw_setenv bootcmd 'aq_load_fw; run bootusb; if test $auto_recovery = no; then bootipq; elif test $boot_part = 1; then run bootpart1; else run bootpart2; fi'
and without:
- fw_setenv bootcmd 'aq_load_fw; if test $auto_recovery = no; then bootipq; elif test $boot_part = 1; then run bootpart1; else run bootpart2; fi'

2. Firmware updating:
Newer firmware (AQR-G4_v5.6.5-AQR_WNC_SAQA-L2_GT_ID45287_VER24005.cld) is available in the latest OEM firmware.
To load this firmware via u-boot, we need to add the MBN header and update 0:ethphyfw partition.
For MBN header we can use script from this repository: https://github.com/testuser7/aqr_mbn_tool
- python aqr_mbn_tool.py AQR-G4_v5.6.5-AQR_WNC_SAQA-L2_GT_ID45287_VER24005.cld
To update partition we need to install kmod-mtd-rw package first:
- insmod mtd-rw.ko i_want_a_brick=1
- mtd -e /dev/mtd26 -n write aqr_fw.mbn /dev/mtd26

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14883
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-16 20:27:36 +02:00
Paweł Owoc
0354f6baae qca-ssdk: add patch to support AQR114C-B0 PHY
Add support for AQR114C-B0 PHY.

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14883
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-16 20:27:36 +02:00
David Adriao
8b0fa6d30b mac80211: Add support for RTL8723BE
This adds support for the RTL8723BE PCIe Wi-Fi Adapter by adding backports drivers

Signed-off-by: David Adriao <davidadriao@dglitch.com>
[Do not remove rtl8xxxu and add dependency to rtl8723be-firmware]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-16 12:40:02 +03:00
Martin Schiller
daa109b42f lantiq: ltq-adsl-mei: use platform_get_irq to get irqs
This is required for linux-6.1 compatibility.

IRQs are not automatically mapped from HW to virtual IRQ numbers when
the IRQ domain is registered. This happens when the IRQ number is read
from the device tree based on the IRQ domain from the device tree now.
In kernel 5.15 it was done when the IRQ domain was registered.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Martin Schiller
807d9a0f62 lantiq: ltq-vmmc: get irqs from kernel-in-tree vmmc driver
Let's get the IRQs from the kernel-in-tree vmmc driver like it is
already done for the cp1 base addr.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Martin Schiller
5c9817775e lantiq: ltq-vmmc: fix write beyond size of field
This fixes the write beyond size of field compile warning/error.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Martin Schiller
c143fd9091 lantiq: ltq-atm: use platform_get_irq to get irqs
This is required for linux-6.1 compatibility.

IRQs are not automatically mapped from HW to virtual IRQ numbers when
the IRQ domain is registered. This happens when the IRQ number is read
from the device tree based on the IRQ domain from the device tree now.
In kernel 5.15 it was done when the IRQ domain was registered.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Martin Schiller
52719d90c2 lantiq: ltq-ptm: use platform_get_irq to get irqs
This is required for linux-6.1 compatibility.

IRQs are not automatically mapped from HW to virtual IRQ numbers when
the IRQ domain is registered. This happens when the IRQ number is read
from the device tree based on the IRQ domain from the device tree now.
In kernel 5.15 it was done when the IRQ domain was registered.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Martin Schiller
7bc487c12e kernel: ltq-vdsl-vr9-mei: fix warning about field-spanning write
We need to use unsafe_memcpy() here, because the code do the field-
spanning write intentionally.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Hauke Mehrtens
11baab9fac lantiq: Fix compile of lantiq components with kernel 6.1
This makes the components used on the lantiq SoCs compile with kernel
6.1.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
[also fix ifxmips_ptm_adsl.c]
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Georgi Valkov
eb1b022043 opkg: fix stray \ warnings with grep-3.8
We simply grep for "src/". So no need for "\/".
Furthermore, since grep-3.8 this creates warnings.

As written in the grep-3.8 announcement:
  Regular expressions with stray backslashes now cause warnings, as
  their unspecified behavior can lead to unexpected results.
  For example, '\a' and 'a' are not always equivalent
  <https://bugs.gnu.org/39678>.

Fixes a warning during the first boot:
  grep: warning: stray \ before /

Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
2024-05-14 00:27:12 +02:00
Rosen Penev
4f87a4d84f gpio-nct5104d: fix compilation with kernel 6.6
gpio.h has been deprecated for a while and no longer compiles with 6.6.
Include the proper header.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15471
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-13 10:15:17 +02:00
Yanase Yuki
f1b4fc4c47 audit: fix compile error on some systems
On Fedora 40, -Wimplictit-function-declaration error
is occur when compiling audit package.

Upstream fixed this problem, so backport the patch.
https://github.com/linux-audit/audit-userspace/pull/371

Signed-off-by: Yanase Yuki <dev@zpc.st>
Link: https://github.com/openwrt/openwrt/pull/15441
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-13 10:12:06 +02:00
Rui Salvaterra
da0cd9d764 mtd: fix build with GCC 14
Also fix a couple of warnings while at it.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2024-05-12 12:49:39 +01:00
Robert Marko
856840d953 kernel: qca-ssdk: use bash as shell
Currently, trying to compile qca-ssdk on macOS will fail in a weird way:
make[6]: *** No rule to make target 'openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-qualcommax_ipq807x/qca-ssdk-2024.04.17~3d060f7a/-n',
needed by 'openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-qualcommax_ipq807x/qca-ssdk-2024.04.17~3d060f7a/qca-ssdk.o'. Stop.

After looking looking at src_list.dep from which KBuild cmd_mod will
generate the list of objects to compile it looked like:
-n /src/adpt/adpt.c
-n
-n

Which was rather suspicous so after comparing to the same file but with
Fedora as host:
/src/adpt/adpt.c src/adpt/hppe/adpt_hppe_fdb.c src/adpt/hppe/adpt_hppe_mib.c

It was clear that echo -n which was used in SSDK-s target.mk was not
working as intented, and it looked like the POSIX only version of echo
was being used which does not honor -n.

So, after failling to reproduce it externally, replacing the call to echo
with a full path to coreutils echo fixed the compilation.

After further debugging, it was determined that SSDK does not honor
CONFIG_SHELL like other kernel modules so it was defaulting to /bin/sh as
the shell make was calling thus calling the /bin/sh built-in echo which on
macOS is the old Bash 3.2 one and it does not respect -n.

So, we have to explicitly pass SHELL=$(BASH) to SSDK to make it use bash
like kernel build or other kernel modules.

This is not an issue since on macOS we always build bash anyway.

Link: https://github.com/openwrt/openwrt/pull/15459
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-12 11:38:51 +02:00
Kevin Abraham
1045bd4a04 uboot-envtools: ath79: remove env config for Senao Loader devices
uboot-envtools can automatically parse the 'u-boot,env' compatible string from the dts.

Signed-off-by: Kevin Abraham <kevin@westhousefarm.com>
2024-05-11 16:57:28 +02:00
Kevin Abraham
1dd036a659 ath79: add support for Senao Engenius ENS1750
FCC ID: A8J-EWS660AP

Engenius ENS1750 is an outdoor wireless access point with
2 gigabit ethernet ports, dual-band wireless,
internal antenna plates, and 802.3at PoE+

Engenius EWS660AP, ENS1750, and ENS1200 are "electrically identical,
different model names are for marketing purpose" according to docs
provided by Engenius to the FCC.

**Specification:**

  - QCA9558 SOC		2.4 GHz, 3x3
  - QCA9880 WLAN	mini PCIe card, 5 GHz, 3x3, 26dBm
  - AR8035-A PHY	RGMII GbE with PoE+ IN
  - AR8033 PHY		SGMII GbE with PoE+ OUT
  - 40 MHz clock
  - 16 MB FLASH		MX25L12845EMI-10G
  - 2x 64 MB RAM
  - UART at J1		populated, RX grounded
  - 6 internal antenna plates (5 dbi, omni-directional)
  - 5 LEDs, 1 button (power, eth0, eth1, 2G, 5G) (reset)

**MAC addresses:**

  Base MAC addressed labeled as "MAC"
  Only one Vendor MAC address in flash

  eth0 *:d4 MAC art 0x0
  eth1 *:d5 --- art 0x0 +1
  phy1 *:d6 --- art 0x0 +2
  phy0 *:d7 --- art 0x0 +3

**Serial Access:**

  the RX line on the board for UART is shorted to ground by resistor R176
  therefore it must be removed to use the console
  but it is not necessary to remove to view boot log

  optionally, R175 can be replaced with a solder bridge short

  the resistors R175 and R176 are next to the UART RX pin

**Installation:**

  2 ways to flash factory.bin from OEM:

  Method 1: Firmware upgrade page:

    OEM webpage at 192.168.1.1
    username and password "admin"
    Navigate to "Firmware Upgrade" page from left pane
    Click Browse and select the factory.bin image
    Upload and verify checksum
    Click Continue to confirm and wait 3 minutes

  Method 2: Serial to load Failsafe webpage:

    After connecting to serial console and rebooting...
    Interrupt uboot with any key pressed rapidly
    execute `run failsafe_boot` OR `bootm 0x9fd70000`
    wait a minute
    connect to ethernet and navigate to
    "192.168.1.1/index.htm"
    Select the factory.bin image and upload
    wait about 3 minutes

**Return to OEM:**

  If you have a serial cable, see Serial Failsafe instructions
  otherwise, uboot-env can be used to make uboot load the failsafe image

  ssh into openwrt and run
  `fw_setenv rootfs_checksum 0`
  reboot, wait 3 minutes
  connect to ethernet and navigate to 192.168.1.1/index.htm
  select OEM firmware image from Engenius and click upgrade

**TFTP recovery:**

  Requires serial console, reset button does nothing

  rename initramfs.bin to '0101A8C0.img'
  make available on TFTP server at 192.168.1.101
  power board, interrupt boot
  execute tftpboot and bootm 0x81000000

**Format of OEM firmware image:**

  The OEM software of ENS1750 is a heavily modified version
  of Openwrt Kamikaze. One of the many modifications
  is to the sysupgrade program. Image verification is performed
  simply by the successful ungzip and untar of the supplied file
  and name check and header verification of the resulting contents.
  To form a factory.bin that is accepted by OEM Openwrt build,
  the kernel and rootfs must have specific names...

    openwrt-ar71xx-generic-ens1750-uImage-lzma.bin
    openwrt-ar71xx-generic-ens1750-root.squashfs

  and begin with the respective headers (uImage, squashfs).
  Then the files must be tarballed and gzipped.
  The resulting binary is actually a tar.gz file in disguise.
  This can be verified by using binwalk on the OEM firmware images,
  ungzipping then untaring.

  Newer EnGenius software requires more checks but their script
  includes a way to skip them, otherwise the tar must include
  a text file with the version and md5sums in a deprecated format.

  The OEM upgrade script is at /etc/fwupgrade.sh.

  OKLI kernel loader is required because the OEM software
  expects the kernel to be no greater than 1536k
  and the factory.bin upgrade procedure would otherwise
  overwrite part of the kernel when writing rootfs.

Note on PLL-data cells:

  The default PLL register values will not work
  because of the external AR8035 switch between
  the SOC and the ethernet port.

  For QCA955x series, the PLL registers for eth0 and eth1
  can be see in the DTSI as 0x28 and 0x48 respectively.
  Therefore the PLL registers can be read from uboot
  for each link speed after attempting tftpboot
  or another network action using that link speed
  with `md 0x18050028 1` and `md 0x18050048 1`.

  The clock delay required for RGMII can be applied
  at the PHY side, using the at803x driver `phy-mode`.
  Therefore the PLL registers for GMAC0
  do not need the bits for delay on the MAC side.
  This is possible due to fixes in at803x driver
  since Linux 5.1 and 5.3

Tested-by: Kevin Abraham <kevin@westhousefarm.com>
Signed-off-by: Kevin Abraham <kevin@westhousefarm.com>
2024-05-11 16:57:28 +02:00
Sven Wegener
0162174e7e ubnt-ledbar: adapt for kernel v6.6
Linux kernel commit torvalds/linux@b8a1a4cd5a
added a temporary probe_new member to struct i2c_driver, to drop the
rarely used second parameter of the probe function and not break API for
out of tree drivers. With torvalds/linux@5eb1e6e459,
which is part of v6.6, this probe_new member is dropped and the
signature of the probe function is updated.

ubnt-ledbar is used by the mediatek and ramips targets and both have
been updated to v6.6, so adapt the probe function signature and remove
other compat code for versions before v6.6.

Signed-off-by: Sven Wegener <sven.wegener@stealer.net>
Link: https://github.com/openwrt/openwrt/pull/15443
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-11 12:38:13 +02:00
Thomas Winkler
140b48a9e9 base-files: fix uid/gid auto-enumeration to avoid 16-bit limit
uid/gid range should be limited to 16bit unsigned integer range to
avoid "wraparound" issues with permissions where jffs2
is employed for storage and chown 65536 (first auto-created user)
becomes equivalent to chown 0

Fixes: #13927

Signed-off-by: Thomas Winkler <tewinkler86@gmail.com>
2024-05-10 22:39:57 +02:00
Álvaro Fernández Rojas
752f6bf64e bcm27xx-utils: update to latest version
Full changelog:
e65f5ec102...451b9881b7

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-05-10 09:17:52 +02:00
Álvaro Fernández Rojas
eee2300026 bcm27xx-gpu-fw: update to v1.20240424
This includes multiple updates for BCM2711 and BCM2712.

Full changelog:
0968de2871...1.20240424

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-05-10 09:15:15 +02:00
Rosen Penev
39f595d1d8 gperf: build as C++11
Newer compilers default to building with C++17 as default, which has the
register keyword removed and thus errors.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-05-10 00:11:10 +02:00
Konstantin Demin
2cd414c33e dropbear: clarify DROPBEAR_MODERN_ONLY option
don't mention SHA1 in order to not confuse users - SHA1 support is already disabled (except RSA-SHA1 signagures).

ref: https://github.com/openwrt/openwrt/issues/15281

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-05-09 19:35:36 +02:00
Konstantin Demin
f230d00e64 dropbear: bump to 2024.85
- update dropbear to latest stable 2024.85;
  for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- drop cherry-picked patches (merged in release 2024.84)
- refresh remaining patches

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-05-09 19:35:20 +02:00
Jo-Philipp Wich
51c70e459d ucode: update to Git HEAD (2024-05-09)
cfe137be068a uci: remove incorrectly documentated reorder() parameter
e8d78a26da0c lib: introduce socket library
a0ad1d127ae6 build: fix symbol and library detection
674f65ee551d jsdoc: disable default module titles
a33d16a86493 socket: rework error handling
e2b81d869222 uloop: add documentation
953f36c96e8a socket: make socket.send() accept non-string data
f211d5ac666f ubus: fix uc_ubus_have_uloop for eloop+uloop combination
0662de64bd1f socket: add AF_PACKET socket type support
b594ff8a2841 socket: remove leftover debug code
0d823e702bfe socket: fix addrinfo() with omitted service argument

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-05-09 00:56:56 +02:00
Daniel Golle
4e53a3f47e mtd-utils: nand-tuils: build and package 'nandbiterrs'
The 'nandbiterrs' tool is useful to find out of bit error correction of
NAND is working as expected by deliberately introducing bit errors and
telling up to which number they can be corrected.

Enable build of the testing tools and package the 'nandbiterrs' tool as
part of the nand-utils package.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-08 22:26:02 +01:00
Daniel Golle
71e3e3b892 uboot-mediatek: bpi-r2: fix root= default cmdline parameter
With the switch from the uImage.FIT partition parser to fitblk the
cmdline needs to be adjusted as well. Do this now as it has been
forgotten when the switch was done.

Fixes: 6368ed1ae5 ("mediatek: mt7623: phase out uImage.FIT partition parser")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-08 01:54:32 +01:00
Christian Marangi
21ddd1164d
odhcpd: update to Git HEAD (2024-05-08)
99dd990690bc treewide: refactor pref(erred) to preferred_lt (lifetime)
4c2b51eab368 treewide: refactor valid to valid_lt (lifetime)
3b4e06055900 router: inherit user-assigned preferred_lifetime
e164414aa184 router: limit prefix preferred_lt to valid_lt in accordance with RFC4861
a2176af7bdeb treewide: spell-fixes and new comments for extra clarification
4590efd3a2b3 treewide: normalize spaces to tabs
2edc60cb7c7a router: rename minvalid to lowest_found_lifetime
7ee72ee17bfa router: disambiguate and clarify 'no route' messages
a29882318a4c config: set RFC defaults for preferred lifetime

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-08 00:11:19 +02:00
Felix Fietkau
c9709d38cb arm-trusted-firmware-mediatek: add ram-download bl2 images
Support for MT7981-MT7988. Can be used for mtk_uartboot recovery

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-07 22:02:55 +02:00
Felix Fietkau
1a2c171909 mbedtls: export cmake files
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-07 12:50:27 +02:00
Kristian Skramstad
a5d12e7839 kernel: qca-nss-dp: update to 12.5.r2 for kernel 6.6
There is a new branch 12.5.r2 for kernel 6.6, so refresh
and update patches.

Delete patch 0010-nss-dp-include-net-netdev_rx_queue.h.patch

Changes:
2024-04-04 -5bf8b91 [qca-nss-dp] Adding support for port ID 3 & 4 in MHT switch
2024-03-28 -ce1e4cf [qca-nss-dp] Use skb_queue_head_init instead of __skb_queue_head_init.
2024-03-11 -0d26366 [qca-nss-dp] Read MHT LAN port status for ErP phase2
2024-03-22 -8382f14 [qca-nss-dp] Fix compilation issues seen on ginger branch for Miami profile
2023-05-02 -09b0983 [qca-nss-dp] vp list processing for capwap
2024-02-22 -bc09a01 [qca-nss-dp] EDMA ring reset for PPE-DS
2024-03-12 -2fcb586 [qca-nss-dp] Fix the EDMA clock frequency for the mitigation timer configuration
2024-02-23 -44ba1be [qca-nss-dp] Add API to retrieve ethernet netdevs for ErP
2024-02-09 -a5979b7 [qca-nss-dp] send napi and ip checksum for VP handler
2024-01-12 -1b9cb5d qca-nss-dp: User netdev_alloc_skb_fast instead of dev_alloc_skb
2024-01-08 -a859b48 [qca-nss-dp] NAPI Budget and EDMA Rx size change for KPI improvement.
2024-01-06 -8935523 [qca-nss-dp] Offload L3, L4 checksum to hardware for ppe-vp.
2023-12-07 -bbd9547 [qca-nss-dp] Fix Compilation issues on kernel6.6
2023-10-12 -bc55f75 [qca-nss-dp]: Enable legacy SCS for PPE-VP.
2023-09-08 -6bd771f [qca-nss-dp] Invalidate secondary descriptor before use.
2023-12-19 -b143df8 [qca-nss-dp] Fixed nss_dp_hal_hw_reset functionality for ipq53xx.
2023-12-16 -7cfde1d [qca-nss-dp] Added nss_dp_hal_hw_reset functionality for ipq53xx.
2023-11-02 -70af6c2 [qca-nss-dp] Implement EDMA hang recovery support
2023-11-27 -2202b29 [qca-nss-dp] Add support for adding the link speed for the Miami's port connected to the internal Switch.
2023-12-06 -bef68a8 [qca-nss-dp] Resolve ring utilization reporting issue in EDMA driver
2023-12-06 -eaa7627 [qca-nss-dp] Add/Delete static fdb entries only for physical ports
2023-10-16 -4551d0f [qca-nss-dp]: Support HLOST_TID_override from PPE_VP path.
2023-11-09 -42ad3f3 [qca-nss-dp] Correct the NAPI poll implementation for DS Rx fill handling
2023-10-16 -dfeb7d3 [qca-nss-dp] Check for disabled ethernet port in ErP functions
2023-11-09 -42ad3f3 [qca-nss-dp] Correct the NAPI poll implementation for DS Rx fill handling
2023-10-16 -dfeb7d3 [qca-nss-dp] Check for disabled ethernet port in ErP functions
2023-09-22 -03f83d6 [qca-nss-dp] Correct the mht device flag
2023-08-18 -5efd7f4 [qca-nss-dp] Add EDMA Tx rings for MHT ports
2023-09-11 -7808ba2 [qca-nss-dp] Move DP standby code to new file and use new SSDK API
2023-09-28 -22ade1e [qca-nss-dp] : enable PPE-DS support in 6.x kernel
2023-08-28 -1943922 [qca-nss-dp] Support for bitmap based CPU selection.
2023-08-16 -dcb82a7 qca-nss-dp: 512M profile changes for Miami+Pebble
2023-09-01 -18e51f3 [qca-nss-dp] Fix tx descriptor completion error.
2023-08-28 -0bfde2d [qca-nss-dp] Changes to enable ErP mode
2023-09-05 -f1d635a [qca-nss-dp] Enable fast recycled changes in dp for kernel 6.1
2023-06-15 -55d35bd [qca-nss-dp] Tracking the full utilization of EDMA rings
2023-08-25 -89b9c19 [qca-nss-dp] Restricting the MTU as 9216 for all interfaces in DP
2023-01-03 -5098a4f [qca-nss-dp] Requeue Tx packet in case of Tx-failure.
2023-04-06 -3576dbb [qca-nss-dp] Adding tx napi with four queue per interface.
2023-08-10 -d2b6921 [qca-nss-dp] : changes to support ppe-qdisc for linux 6.x
2023-08-08 -a1941fb [qca-nss-dp] moving SET_NETDEV_DEV for all netdev to set.
2023-07-18 -74d3178 [qca-nss-dp] Reordering the CPU code and ACL index processing.
2023-06-30 -ab03139 [qca-nss-dp] Configure port level PPE offload flag in PPE
2023-06-06 -e9bb8c5 [qca-nss-dp] Rate limit the debug logs.
2023-07-18 -43afb9b [qca-nss-dp] Support Core selection for PPE mirrored packets.
2023-07-11 -92edcfd [qca-nss-dp] Add sysctl to invalidate RX secondary descriptor.

Tested and working on WAX620.

Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Link: https://github.com/openwrt/openwrt/pull/15383
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-07 10:04:00 +02:00
Sean Khan
cae1b504e9 kernel: qca-ssdk: update to 12.5 for kernel 6.6
Qualcomm recently committed a new branch (12.5.r2) targeting kernel
6.6. This lets us clean up a few patches particularly the one for
"C22/C45" mdio.

A quick way to see what changed for IPQ807x/6018 was to list the files produced
during build (**/*.o), replace the extension with ".c", and doing a
`git log`.

Filtering from those commits, ones of particular interest are listed
below:

```
2024-04-16 - 0d8f30aa - fix compile issue on hk with linux style build
2024-01-29 - 636464f7 - update the check for port link notify
2024-01-24 - 30c10e7f - enable and disable loopback for xgmac to fix qm stuck issue
2024-01-15 - b6ea10aa - update the the APIs to access switch
2024-01-08 - a1687502 - Disable Tx bridge mac before power off the PHY
2024-01-07 - 3eafb613 - support led configure for malibu phy
2024-01-07 - 5c1af60d - remove phy type check from mac reset when mode switch
2023-12-17 - 79d0b1e8 - remove the PHY access APIs in ssdk_plat.c
2023-12-16 - b2953740 - Update mii read/write functions
2023-12-11 - 37f2eac3 - add port id check for fdb entry
2023-12-11 - d040ca4d - support mdio clause45 on kernel6.6
2023-12-07 - 11494fbc - use barrier mw() during access fdb entry table
2023-12-03 - 8e40a284 - fix build warnings on kernel6.6
2023-11-10 - 10aa0a02 - change speed value when call ssdk_port_link_notify
2023-11-06 - ee4c4a60 - Update mac bitmap value of L3 table on MAC delete
2023-11-03 - 7cd27d39 - support 10G phy common feature
2023-10-30 - 383cc0d2 - fix mactype and mux select issue
2023-10-24 - decf534a - support autoneg status query on force port
2023-10-11 - 111d574e - move ssdk_led_init to regi_init
2023-10-08 - 6b14c142 - the combo port also need to parse SFP pins
2023-10-03 - fb2e0401 - fix port5 interface mode switch issue in erp case
```

Verified with users on QNAP 301W, NBG7815, and myself on Dynalink
DL-WRX36 that everything is functional, including LEDS.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15379
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-07 10:03:39 +02:00
Tony Ambardar
8cf28cc6a5 libbpf: Update to v1.4.1
Update to the latest upstream release to include recent improvements and
bugfixes.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.1
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-05-06 22:41:31 +02:00
Tony Ambardar
708e6b840e kselftests-bpf: update for kernel 6.6
Enable building multiple test programs and related kernel modules, with
initial support for the bpf_testmod.ko module required since kernel 6.4.
Explicitly disable LTO and clean up makefile variables and formatting.

Fix a musl-related build failure by adding a kernel 6.6 patch:

     360-selftests-bpf-portability-of-unprivileged-tests.patch

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-05-06 22:39:18 +02:00
Joel Low
587f3531fa
uboot-envtools: add env settings for ubnt,unifi-6-lr-v2
This has been tested on two of my Unifi 6 LR v2s:

```bash
$ fw_printenv # before
Cannot parse config file '/etc/fw_env.config': No such file or directory
$ cat /etc/fw_env.config
/dev/mtd3 0x0000 0x1000 0x1000 1
$ fw_printenv
arch=arm
baudrate=115200
board=mt7622_evb
board_name=mt7622_evb
bootcmd=bootubnt
bootdelay=3
bootfile=uImage
cpu=armv7
device_model=U6-LR
ethact=mtk_eth
ethaddr=<redacted>
ethcard=AQR112C
ipaddr=<redacted>
is_default=true
loadaddr=0x5007FF28
macaddr=<redacted>
serverip=<redacted>
soc=mt7622
stderr=serial
stdin=serial
stdout=serial
vendor=mediatek
is_ble_stp=true
```

I had to reverse-engineer the working settings above to the UCI script.

Signed-off-by: Joel Low <joel@joelsplace.sg>
Link: https://github.com/openwrt/openwrt/pull/13897
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-06 13:49:19 +02:00
Sergey Ponomarev
1d4b88265b
dropbear: use ssh-keygen as an alias for dropbearkey
The DropBear's dropbearkey supports limited set of arguments of
OpenSSH ssh-keygen:  -t, -q -N -Y
After the change you can generate a key with the same command.
Still many features of the original OpenSSH ssh-keygen are absent in
the dropbearkey.
If it's needed then users should install openssh-keygen package that
will replace the /usr/bin/ssh-keygen with the full version.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14174
[ wrap commit description to 80 columns ]
Link: https://github.com/openwrt/openwrt/pull/14174
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-06 13:41:43 +02:00
Martin Schiller
357fe33d2c uboot-envtools: filogic: add support for BananaPi R4 PoE
This adds support for the bpi-r4 variant with internal 2.5G PHY and
additional ethernet port instead of second sfp.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-06 09:12:05 +02:00
Martin Schiller
10bf949ea5 uboot-mediatek: bpi-r4: add support for 2.5GE PoE variant
This adds support for the bpi-r4 variant with internal 2.5G PHY and
additional ethernet port instead of second sfp.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-06 09:12:05 +02:00
Pascal Ernster
064d4a8083 libxml2: update to 2.12.6
Release Notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.6

Changelog (taken from the release notes):
- Regressions
  - parser: Fix detection of duplicate attributes in XML namespace
  - xmlreader: Fix xmlTextReaderConstEncoding
  - html: Fix htmlCreatePushParserCtxt with encoding
  - xmllint: Return error code if XPath returns empty nodeset

Compile-tested: x86_x64, Q35 VM, OpenWRT SNAPSHOT r26135-a8bfdf2ed4d9
Run-tested: x86_x64, Q35 VM, OpenWRT SNAPSHOT r26135-a8bfdf2ed4d9
Signed-off-by: Pascal Ernster <git@hardfalcon.net>
2024-05-05 21:45:52 +02:00
Rodrigo Balerdi
c904875562 ipq40xx: add support for Linksys WHW03 V1
Hardware:
=========
SOC:             Qualcomm IPQ4019
WiFi 1:          QCA4019 IEEE 802.11b/g/n
WiFi 2:          QCA4019 IEEE 802.11a/n/ac
WiFi 3:          QCA9886 IEEE 802.11a/n/ac
Bluetooth:       Qualcomm CSR8510 (A10)
Zigbee:          Silicon Labs EM3581 NCP + Skyworks SE2432L
Ethernet:        Qualcomm Atheros QCA8072 (2-port)
Flash:           Samsung KLM4G1FEPD (4GB eMMC)
RAM (NAND):      512MB
LED Controller:  NXP PCA9633 (I2C)
Buttons:         Single reset button (GPIO).

Ethernet:
=========
The device has 2 ethernet ports, configured as follows by default:
- left port: WAN
- right port: LAN

Wifi:
=====
The Wifi radios are turned off by default. To configure the router,
you will need to connect your computer to the LAN port of the device.

Bluetooth and Zigbee:
=====================
Configuration included but not tested.

Storage:
========
For compatibility with stock firmware, all of OpenWrt runs in a 136 MiB
eMMC partition (of which there are two copies, see below). You can also
use partition /dev/mmcblk0p19 "syscfg" (3.4 GiB) any way you see fit.
During very limited tests, stock firmware did not mount this partition.
However, backing up its stock content before use is recommended anyway.

Firmware:
=========
The device uses a dual firmware mechanism: it automatically reverts to
the previous firmware after 3 failed boot attempts.

You can switch to the inactive firmware copy by changing the "boot_part"
U-Boot environment variable. You can also do it by turning on the device
for a couple of seconds and then back off, 3 times in a row.

Installation:
=============
OpenWrt's "factory" image can be installed via the stock web UI:
1. Login to the UI. (The default password is printed on the label.)
2. Enter support mode by clicking on the "CA" link at the bottom.
3. Click "Connectivity", "Choose file", "Start", and ignore warnings.

This port is based on work done by flipy (https://github.com/flipy).

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15345
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-05 10:33:13 +02:00
Antonio Flores
cfb7df2991 kernel: add kmod-ata-ahci-dwc
Add kmod-ata-ahci-dwc for the rockchip target.

33629d3509

Signed-off-by: Antonio Flores <antflores627@gmail.com>
2024-05-05 00:46:48 +02:00
Antonio Flores
4a6e3e1bc8 uboot-rockchip: add Bananapi-R2 Pro support
add uboot support for Bananapi-R2 Pro

Signed-off-by: Antonio Flores <antflores627@gmail.com>
2024-05-05 00:46:48 +02:00
Weijie Gao
3f28c422ba libunwind: add support for loongarch64
Modify package depends to allow building for loongarch64.
Also fix for building with musl.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
33cd87079b openssl: add linux64-loongarch64 into the targets list
Add "linux64-loongarch64-openwrt" into openssl configurations to enable
building on loongarch64 machines.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
b98355ed0f grub2: add EFI support for loongarch64
Add a new package for loongarch64 which only supports EFI.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
159a285736 kernel: modules: video: adapt for loongarch64
* Allow kmod-acpi-video to be built for loongarch64:
The x86-specific CONFIG_ACPI_WMI will be split from default
kmod-acpi-video as a board-specific addition.

* Allow kmod-drm-amdgpu to be built for loongarch64:
Also add loongarch64-specific configs and modules.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
886a507fa6 kernel: modules: netdevices: add depedency required for loongarch64
Add TARGET_loongarch64 as dependency for kmod-mdio-devres,
kmod-mdio-gpio and kmod-switch-rtl8366-smi

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
6eafcd86b8 toolchain: Disable libtsan and liblsan sanitizer on loongarch64
libtsan and liblsan are not supported by glibc on loongarch64

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Zoltan HERPAI
3f7d8e20cd sunxi: add support for Lichee Pi Zero Dock (V3s) board
CPU:     Allwinner V3s single-core Cortex-A7 @ 1.2GHz
Memory:  64Mb DDR2 integrated into SoC package
Storage: 1x SDcard on board, 1x SDcard on dock
Network: 10/100M ethernet
Other:   4x buttons via LRADC, CSI

Flashing instructions:
  Standard sunxi SD card installation procedure - copy image to SD card,
  insert into SD card slot on the device and boot.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-05-04 00:41:02 +02:00
Christian Marangi
23de46c913
xdp-tools: fix wrong matching for OPENWRT_VERBOSE
To enable verbose log for xdp-tools compilation, we check for "c" in
the OPENWRT_VERBOSE, but verbose.mk supports only "w" and "s" for V=1
and V=99.

Fix the wrong matching and correctly enable verbose output matching for
"s".

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-03 14:53:11 +02:00
Christian Marangi
0d436fc8b1
xdp-tools: refresh patches
Refresh xdp-tools patches with make package/xdp-tools/refresh

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-03 14:53:10 +02:00
Zoltan HERPAI
095efad4fe opensbi: bump to 1.4
Upgrade the OpenSBI firmware used by RISC-V CPUs to 1.4.

Runtime-tested:
 - d1 (Lichee RV)
 - sifiveu (SiFive Unleashed)

Updates since last release:

1.4:
Synopsys DesignWare APB GPIO driver
Zicntr and Zihpm support
Console print improvements
Smepmp support
Simple FDT based syscon regmap driver
Syscon based reboot and poweroff driver
Non-contiguous hpm counters
Smcntrpmf support
Full sparse hartid support
IPI improvements
RFENCE improvements
Zkr support
Andes custom PMU support

1.3.1:
ACLINT driver fix for disabled CPUs
SBI PMU fix for out-of-bound access
Designware GPIO driver

1.3:
Allow platform to influence cold boot HART selection
Starfive JH7110 platform support
Split RX and RW firmware regions
Advertise non-retentive suspend for allwinner D1 platform
Byteorder/endianness conversion macros
SBI debug console extension (Experimental)
Configure the PMA regions for RZ/Five platform
SBI system suspend extension (Experimental)
SBI PMU platform firmware events (Experimental)
SBI CPPC extension (Experimental)
Optimized remote TLB flushes
Simple heap for boot time memory allocations
Bring back no-map DT property for reserved memory nodes

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-05-03 11:09:22 +02:00
Linus Walleij
f789454df1 uboot-bmips: Add U-Boot for the BMIPS target
This is needed to boot the BCM6238-based Inteno XG6846.
Currently this is restricted to the XG6846 board.

Reviewed-by: Paul Donald <newtwen+github@gmail.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-05-01 21:30:32 +02:00
Christian Marangi
5acc4f919c
xdp-tools: fix compilation wrongly using host header
Currently it's needed to have gcc-multilib on the host to correctly
compile xdp-tools. This is wrong and means that we are using host header
to compile a tool.

By some searching in how the makefile works it was discovered that
BPF_CFLAGS were not used and required to be appended to config.mk

Only one single header was added but we should include each BPF_CFLAGS
from bpf.mk. To make this some patching to bpf-header were required and
some patches to xdp-tools were required.
Also it's needed to pass the correct target to BPF_CFLAGS.

With the following changes xdp-tools can correctly compile with each
header from bpf-headers and should not use any host header.

Co-Developed-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/11825
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-01 19:11:34 +02:00
Christian Marangi
dfcc0ff5d2
bpf-headers: fix use of netlink.h header
netlink.h header have NL_SET_ERR_MSG_MOD that is tied to kmods. We don't
need kmods on bpf tools and this cause compilation error if the header
is included. Fix it by dropping NL_SET_ERR_MSG_MOD.

Link: https://github.com/openwrt/openwrt/pull/11825
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-01 19:11:33 +02:00
Felix Fietkau
b6f1e2e5b0 ucode: fix ubus defer when running from within eloop (integrated with uloop)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-01 19:00:21 +02:00
Felix Fietkau
52a5f4491c hostapd: fix a null pointer dereference in wpa_supplicant on teardown
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-01 19:00:21 +02:00
Tianling Shen
790082098e
mediatek: switch to fitblk for JDCloud RE-CP-03
Use the new fitblk driver.

Tested-By: Yangyu Chen <cyy@cyyself.name>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-04-30 03:28:13 +01:00
Christian Marangi
4b04304713
procd: make mDNS TXT record parsing more solid
mDNS broadcast can't accept empty TXT record and would fail
registration.

Current procd_add_mdns_service checks only if the first passed arg is
empty but don't make any verification on the other args permittins
insertion of empty values in TXT record.

Example:

	procd_add_mdns "blah" \
				"tcp" "50" \
				"1" \
				"" \
				"3"

Produce:

{ "blah_50": { "service": "_blah._tcp.local", "port": 50, "txt": [ "1", "", "3" ] } }

The middle empty TXT record should never be included as it's empty.

This can happen with scripts that make fragile parsing and include
variables even if they are empty.

Prevent this and make the TXT record more solid by checking every
provided TXT record and include only the non-empty ones.

The fixed JSON is the following:

{ "blah_50": { "service": "_blah._tcp.local", "port": 50, "txt": [ "1", "3" ] } }

Fixes: b0d9dcf84d ("procd: update to latest git HEAD")
Reported-by: Paul Donald <newtwen@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15331
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-29 23:24:58 +02:00
Robert Marko
5c833329ce
arm-trusted-firmware-mvebu: refresh cryptopp hash
Well, it seems that cryptopp hash was never refreshed since calling
make package/boot/arm-trusted-firmware-mvebu/check FIXUP=1 V=s does not
actually refresh the download calls hashes so refresh it manually.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2024-04-29 13:02:23 +02:00
Robert Marko
e909746665
arm-trusted-firmware-mvebu: use SOURCE_VERSION instead of VERSION
Since ("download: don't overwrite VERSION variable") trying to download the
required sources for mvebu ATF will fail with:
Makefile:247: *** Download/mox-boot-builder is missing the SOURCE_VERSION field..  Stop.

This also broke the buildbot mvebu/cortex-a53 builds.

So, fix it by switching to SOURCE_VERSION instead.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2024-04-29 12:05:45 +02:00
Paul Spooren
00b86168bd apk: add package
APK (Alpine Package Keeper) is the package manager of Alpine Linux and
has multiple advantages over OPKG. While Alpine uses APK version 2, this
commit adds version 3 with a heavily optimised database structure and
additional feature making it suitable for OpenWrt.

This commit will be followed by many more to add APK build capabilities
to the OpenWrt build system, firstly enabling side by side builds of APK
and OPKG packages, later replacing OPKG entirely.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-04-29 11:36:03 +02:00
Hauke Mehrtens
adc29202c2 mbedtls: Remove Kconfig options removed from mbedtls 3.6.0
These options are not available in mbedtls 3.6.0 and selecting them
causes an error.

MBEDTLS_CERTS_C was removed in:
1aec64642c

MBEDTLS_XTEA_C was removed in:
10e8cf5fef

MBEDTLS_SSL_TRUNCATED_HMAC was removed in:
4a7010d1aa

Fixes: 0e06642643 ("mbedtls: Update to version 3.6.0")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-29 01:32:36 +02:00
Marius Dinu
ff0bb196eb libaudit: update to 3.1.4, join with daemon and utils, rename
Changes:
- new URL for sources (old address is dead)
- daemon and utils from packages feed are merged in here
  - only build once
  - no need to update at the same time in both places
- update to v3.1.4
  - removed unneeded patches
  - added audisp-syslog
  - removed audispd (no longer exists)
- rename and move to package/utils/audit
  - update new path in one dependent package

Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
2024-04-29 00:53:43 +02:00
Jean Thomas
30245a869e uqmi: set dangling-pointer as error
With "ebfe8b4 CMakeLists: set no-dangling-pointer" the compilation
option is set in uqmi, and can therefore be removed from no-error.

Signed-off-by: Jean Thomas <jean.thomas@wifirst.fr>
2024-04-28 23:51:19 +02:00
Jean Thomas
4d058d5e4d uqmi: update to git HEAD
e7207be uqmi: print radio interfaces in serving system command
6ef41d6 uqmi: create function to print radio interface string
e25d042 uqmi: Add basic 5G NR support
3e782be uqmi: sync data from libqmi project
368d46c uqmi: support C reserved keywords in upstream JSON files
02e42c0 reorganize source code in common and uqmi specific parts
4591f0a .gitignore build/ directories
2b57ee1 uqmi: commands-uim: fix uninitialized use of card_application_state
7c77e77 data/code-gen: add support for indications
ddbf864 qmi-struct.h: add missing includes
5320c1d move qmi_get_error_str to into utils.c
1503bc7 dev.c: add missing import strings.h
bae945f commands-nas: add missing includes
9ffd0e2 commands: make `struct blob_buf status` public
a4fbdcc commands-nas: fix gcc warning
8ff632a dev.c: add comment to qmi_request_wait()
a043a74 CMakeLists: refactor SOURCES variable to allow later adding uqmid
ebfe8b4 CMakeLists: set no-dangling-pointer
c47125d CMakeLists: improve generated files
0f64b69 CMakeLists: update cmake minimum version to 3.5

As the built uqmi binary is now moved to a dedicated directory,
update the Makefile accordingly.

Signed-off-by: Jean Thomas <jean.thomas@wifirst.fr>
2024-04-28 23:51:19 +02:00
Weijie Gao
f9e3fb59c7 libunwind: update to 1.8.1
Rebased patches:
- 003-fix-missing-ef_reg-defs-with-musl.patch
- 004-ppc-musl.patch

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-04-28 23:32:08 +02:00
Weijie Gao
8968675247 grub2: update to 2.12
compile tested: x86_64,i386,loongarch64

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
{Refresh patches}
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 23:26:35 +02:00
Hauke Mehrtens
0e06642643 mbedtls: Update to version 3.6.0
This adds support for mbedtls 3.6.0.
The 3.6 version is the next LTS version of mbedtls.
This version supports TLS 1.3.

This switches to download using git. The codeload tar file misses some
git submodules.

Add some extra options added in mbedtls 3.6.0.

The size of the compressed ipkg increases:
230933 bin/packages/mips_24kc/base/libmbedtls13_2.28.7-r2_mips_24kc.ipk
300154 bin/packages/mips_24kc/base/libmbedtls14_3.6.0-r1_mips_24kc.ipk

The removed patch was integrated upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:37 +02:00
Hauke Mehrtens
00a1671248 hostapd: Fix compile against mbedtsl 3.6
Fix compile of the mbedtls extension for hostapd.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:18 +02:00
Hauke Mehrtens
6c80f34c07 uencrypt: Fix mbedtls 3.6 compatibility
This makes it compile with mbedtls 3.6.0.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:18 +02:00
Hauke Mehrtens
0fd9acb471 uencrypt: Fix compile warnings
keylen and ivlen are of type long and not size_t.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:18 +02:00
Josef Schlehofer
1b190dfd3a uboot-mvebu: backport patch for Turris Omnia to enable LTO
Fixes issue while building package uboot-mvebu on OpenWrt 23.05:

u-boot-with-spl.kwb exceeds file size limit:
  limit:  0xf0000 bytes
  actual: 0xf0100 bytes
  excess: 0x100 bytes
make[3]: *** [Makefile:1466: u-boot-with-spl.kwb] Error 1
make[3]: *** Deleting file 'u-boot-with-spl.kwb'
make[3]: Leaving directory '/workspaces/openwrt/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/u-boot-omnia/u-boot-2024.04'
make[2]: *** [Makefile:83: /workspaces/openwrt/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/u-boot-omnia/u-boot-2024.04/.built] Error 2

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15307
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-28 11:39:42 +02:00
Fabrice Fontaine
6e5edec159 package/network/utils/iptables: fix PKG_CPE_ID
cpe:/a:netfilter:iptables is the correct CPE ID for iptables:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️netfilter:iptables

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15297
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:44:48 +02:00
Fabrice Fontaine
a4f723e04e package/libs/libjson-c: fix PKG_CPE_ID
cpe:/a:json-c:json-c is the correct CPE ID for libjson-c:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️json-c:json-c

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15292
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:44:20 +02:00
Fabrice Fontaine
289f811abb package/network/services/dropbear: fix PKG_CPE_ID
cpe:/a:dropbear_ssh_project:dropbear_ssh is the correct CPE ID for dropbear:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️dropbear_ssh_project:dropbear_ssh

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15290
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:43:58 +02:00
Robert Marko
cf3520ba66 ipq-wifi: correct PKG_MIRROR_HASH
It seems that somehow a wrong hash has been used for ipq-wifi, so refresh
it.

Fixes: f10d55df9e ("ipq-wifi: update to Git HEAD (2024-04-26)")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:29:48 +02:00
Felix Fietkau
2d6fd937c3 netifd: packet_steering: fix shell error on unset steering_flows option
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-27 20:59:52 +02:00
Felix Fietkau
994f71e0f0 netifd: fix bogus warnings in packet_steering init script
Avoids warnings if options are unset

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-27 20:57:19 +02:00
Robert Marko
0fc87ddf44
ubox: update to Git HEAD (2024-04-26)
85f1053019ca kmodloader: fix insmod path logic

Signed-off-by: Robert Marko <robimarko@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15288
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-27 13:34:13 +02:00
Paul Donald
708101c141 lldpd: fix reload bug: advertisements shall default to on
Because these capability advertisements default to on in lldpd, they
became absent at reload, and not restart, due to how the reload logic
works ( keep daemon running, send unconfigured and then the new config
via socket ), and it was not evident unless you happened to be looking
for it (e.g. via pcap or tcpdump). It was also not evident from the
manpage ( have now sent patches upstream ).

At reload time, the unconfigure logic disabled them unless they were
explicitly enabled (compare with other settings where 'unconfigure' just
resets them). Now they default to on/enabled at init time, and are
explicitly 'unconfigure'd at startup if the user disables them via:

lldp_mgmt_addr_advertisements=0
lldp_capability_advertisements=0

In other words: explicit is necessary to disable the advertisements.

The same applies to 'configure system capabilities enabled'. Technically
'unconfigure'd is the default but now it is explicit at reload.

Tested on: 23.05.3

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-27 12:11:27 +02:00
Fabrice Fontaine
27d1ebb46a package/libs/pcre2: fix PKG_CPE_ID
cpe:/a:pcre:pcre2 is the correct CPE ID for pcre2:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️pcre:pcre2

Fixes: c39b0646f3 (pcre2: import pcre2 from packages feed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-04-27 12:05:43 +02:00
Paul Donald
01cdeb531b ustp: update to Git HEAD (2023-05-29)
a85a5bc83bde netif_utils: correctly close fd on read error

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-27 11:40:04 +02:00
Stijn Tintel
f434643857 perf: fix build on PowerPC
Building perf's intel-pt-decoder fails on both PPC32 and PPC64:

/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-13.2.0_musl/lib/gcc/powerpc64-openwrt-linux-musl/13.2.0/../../../../powerpc64-openwrt-linux-musl/bin/ld.bfd:
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-powerpc64_e5500_musl/linux-qoriq_generic/linux-6.1.86/tools/
perf-target-powerpc64_e5500_musl/perf-in.o: in function `insn_set_byte':
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-powerpc64_e5500_musl/linux-qoriq_generic/linux-6.1.86/tools/perf/util/intel-pt-decoder/../../../arch/x86/include/asm/insn.h:64:
undefined reference to `__le32_to_cpu'

Add NO_AUXTRACE=1 to MAKE_FLAGS for LINUX_KARCH powerpc, which disables
build of intel-pt-decoder on both PPC32 and PPC64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2024-04-26 15:19:48 +03:00
Christian Marangi
f10d55df9e
ipq-wifi: update to Git HEAD (2024-04-26)
fab9e29f6b92 ipq6018: update regdb in TPLink EAP610-Outdoor BDF
6d02b65fadf3 ipq8074: update RegDB in new submitted BDF
644ba9ea2e66 ipq6018: update RegDB in new submitted BDF

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-26 13:28:09 +02:00
Felix Fietkau
7ebcf2fb9c netifd: add flow steering mode to the packet steering script
This allows directing processing of locally received packets to the CPUs
of the tasks receiving them

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-26 06:31:27 +02:00
Felix Fietkau
c4d394c6cc netifd: add a packet steering mode matching the old script
This spreads packet processing across all cores

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-26 06:31:27 +02:00
Tony Ambardar
098bde1f3e gettext-full: update to 0.22.5
Release Announcement:
https://savannah.gnu.org/news/?group_id=425

Refresh:
- 200-libunistring-missing-link.patch

Tested-by: Georgi Valkov <gvalkov@gmail.com> # MacOS
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-25 21:33:51 +02:00
Tim Lunn
99eb0d0e33 uboot-envtools: add env settings for Edgerouter-X
uboot-envtools is currently missing config for Edgerouter-X
and its not immediately obvious what settings to manually
apply.

Provide default configuration for envtools on Edgerouter-X.

Signed-off-by: Tim Lunn <tim@feathertop.org>
2024-04-25 21:33:16 +02:00
Linus Walleij
9c8f2d7c2d modules: Add kernel module for MV88E6xxx DSA switch
This adds a kernel module package for the Marvell
MV88E6XXX DSA switch and a separate module package for
the DSA tagger since it can in theory be used by multiple
DSA switches. Enable both DSA and EDSA tags in the
tagger.

We can't just compile this in because just a few devices
has this DSA, and it depends on e.g. the I2C and SFP
to be loaded as modules first.

We have no examples of DSA switches being packaged as
modules before, all seem to be compiled in, but it
actually works just fine to do this.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-04-24 23:15:58 +02:00
Hauke Mehrtens
f475a44c03 wolfssl: Update to 5.7.0
This fixes multiple security problems:
 * [High] CVE-2024-0901 Potential denial of service and out of bounds
   read. Affects TLS 1.3 on the server side when accepting a connection
   from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
   it is recommended to update the version of wolfSSL used.

 * [Med] CVE-2024-1545 Fault Injection vulnerability in
   RsaPrivateDecryption function that potentially allows an attacker
   that has access to the same system with a victims process to perform
   a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin
   Zhang, Qingni Shen for the report (Peking University, The University
   of Western Australia)."

 * [Med] Fault injection attack with EdDSA signature operations. This
   affects ed25519 sign operations where the system could be susceptible
   to Rowhammer attacks. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang,
   Qingni Shen for the report (Peking University, The University of
   Western Australia).

Size increased a little:
wolfssl 5.6.6:
516880 bin/packages/mips_24kc/base/libwolfssl5.6.6.e624513f_5.6.6-stable-r1_mips_24kc.ipk
wolfssl: 5.7.0:
519429 bin/packages/mips_24kc/base/libwolfssl5.7.0.e624513f_5.7.0-stable-r1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-24 23:01:03 +02:00
Hauke Mehrtens
360ac07eb9 mbedtls: Update to 2.28.8
This contains a fix for:
CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x
before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto
API mishandles shared memory.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-24 22:24:11 +02:00
Nick Hainke
6ca8305598 oxnas: drop target
The Upstream Linux community has discontinued support for the target.
Maintaining support for it downstream would require too much effort.
Moreover, it seems that the supported hardware is no longer deemed worthy
of it.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-04-24 14:12:15 +02:00
Paweł Owoc
652a6677d5 base-files: Add new functions for ath11k caldata
Add new functions for ath11k caldata:
- ath11k_patch_mac (from 0 to 5)
- ath11k_remove_regdomain
- ath11k_set_macflag (some pre-caldata have the nvMacFlag flag unset which is needed to change the MAC address)

Additionaly for ath10k caldata:
- ath10k_remove_regdomain

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
2024-04-23 22:35:57 +02:00