383753dd65ae device/bridge: support passing extra vlans in the device_set_state call
b6e75eafc1af device: send notifications for device events via ubus
cab415c7aefd bridge: add auth-required bridge members with auth_status=0 if vlan is enabled
827a02f0343c bridge: add support for configuring vlans for auth=1,auth_status=false
40ed7363caf2 device: fix build error on 32 bit systems
516ab774cc16 system-linux: fix race condition on bringing up wireless devices
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This fixes the download of the kernel 5.15 for the bpf-headers when
kernel 6.1 is build for the target.
Even if kernel 6.1 was selected for the target we still use kernel 5.15
for the bpf-headers. The download script tried to download the 5.15
kernel from the 6.x directory on kernel,org and this failed. Define
PKG_SOURCE_URL based on PKG_PATCHVER and not KERNEL_BASE like done in
kernel.mk.
Without this change it tries to download the kernel from this URL:
ttps://cdn.kernel.org/pub/linux/kernel/v6.x/linux-5.15.129.tar.xz
Fixes: #13190Fixes: #13671Fixes: #13814
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Activate the secp521r1 ecliptic curve by default. This curve is allowed
by the CA/Browser forum, see
https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-v2.0.1-redlined.pdf#page=110
This increases the size of libmbedtls12_2.28.5-1_aarch64_generic.ipk by
about 400 bytes:
Without:
252,696 libmbedtls12_2.28.5-1_aarch64_generic.ipk
With:
253,088 libmbedtls12_2.28.5-2_aarch64_generic.ipk
Fixes: #13774
Acked-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4101dd4 fw4: perform strict validation of zone and set names
a923c88 fw4: pass zone to templates whenever possible
597dc90 fw4: add support for zone log_limit
1874050 fw4: add log_limit to rules and redirects
19a8caf ruleset: dispatch ct states using verdict map
a5553da ruleset: reduce ksoftirqd load by refering to looopback by numeric id
de3483c tests: adjust zone log limit testcases
7392792 ruleset: do not emit redundant drop invalid rules
698a533 ruleset: apply egress MSS fixup later to apply final MTU before wire
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
ath10k-ct based on kernel 6.4 doesn't have a fix present in previous
kernel. Add patch that port the compilation error fix from previous
kernel in the new 6.4 kernel.
Fixes: 7d3651f1b9 ("ath10k-ct: switch to 6.4")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Switch to the latest version so we match as close as possible to
our own mac80211 version.
Run-time tested on hundreds of devices in the field for months now:
- qca988x (wave 1)
- qca4019 (wave 2)
Tested-by: Enrico Mioso <mrkiko.rs@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
It's already pulled in from /etc/rc.common.
Fixes: #13758
Fixes: 6b23836071 ("package: avoid the use of eval to parse ipcalc.sh output")
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
This reverts commit 3cc57ba462 as it
should be fixed in commit 78cbd5a57e11 ("tools: macOS: types.h: fix
missing unsigned types").
References: #13833
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This reverts commit 997ff740dc.
78cbd5apick as it should be fixed in commit 78cbd5a57e11 ("tools: macOS:
types.h: fix missing unsigned types").
References: #13833
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl/ath11k
based adapters. The reason for it is hostapd tries to install additional
IEs for scanning while the driver does not support this.
The kernel indicates the maximum number of bytes for additional scan IEs
using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and
only add additional scan IEs in case the driver can accommodate these
additional IEs.
Bug: http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
Bug-Debian: https://bugs.debian.org/1004524
Bug-ArchLinux: https://bugs.archlinux.org/task/73495
Upstream-Status: Changes Requested [https://patchwork.ozlabs.org/project/hostap/patch/20220130192200.10883-1-mail@david-bauer.net]
Reported-by: Étienne Morice <neon.emorice@mail.com>
Tested-by: Étienne Morice <neon.emorice@mail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
CycloneDX is an open source standard developed by the OWASP foundation.
It supports a wide range of development ecosystems, a comprehensive set
of use cases, and focuses on automation, ease of adoption, and
progressive enhancement of SBOMs (Software Bill Of Materials) throughout
build pipelines.
So lets add support for CycloneDX SBOM for packages and images
manifests.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
It must read the entire image for previous code of 'imsz' or 'imszb'.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Suggested-by: Chuanhong Guo <gch981213@gmail.com>
The code for hostapd-mbedtls did not work when used for OWE association.
When handling association requests, the buffer offsets and length
assumptions were incorrect, leading to never calculating the y point,
thus denying association.
Also when crafting the association response, the buffer contained the
trailing key-type.
Fix up both issues to adhere to the specification and make
hostapd-mbedtls work with the OWE security type.
Signed-off-by: David Bauer <mail@david-bauer.net>
Configure the PLMN and APN to the modem. This is required in cases,
where either the SGSN or GGSN does not permit the selection of IPv4v6
pdp type.
Previously, the modem always tried to establish a dual-stacked PDP
context regardless of the configured PDP type in uci. As this setting
can not be parameterized when creating a WDS context, configure it to
the modems internal list of profiles. This way, the PDP type is taken
into account when creating the WDS context.
Signed-off-by: David Bauer <mail@david-bauer.net>
The PLMN selection was reset when calling network-register, thus
rendering the sepcific selection of a carrier unapplied.
Set the PLMN selection after executing network-register. This seems to
cause the modem to re-select the carrier eventually.
That being said, qmi does allow the parameterization of the
network-register to include dpecific PLMN settings, however this is
currently not implemented in uqmi.
Signed-off-by: David Bauer <mail@david-bauer.net>
Set the RAT preference before attaching. This handles cases better,
where a network might be available but not with the preferred RAT.
If RAT is changed to a non-available RAT after attach, QMI does not fail
with missing registration but with failing to establish a PDP session.
Signed-off-by: David Bauer <mail@david-bauer.net>
Increase the wait time before polling the connection state for the first
time.
Depending on the prior state of the modem, the first poll might still
return a connected state. The script then tries to establish a PDP
session, which subsequently fails as the modem by then is in scan state.
Increasing the wait-time to 3 seconds mitigates this from happening.
Signed-off-by: David Bauer <mail@david-bauer.net>
On some network-triggered disconnections the UIM state might end up in
"illegal". This prevents the modem from attaching to any network in
non-restricted service modes.
Detect this state and reset the SIM card. This way, the modem can attach
to networks again.
Signed-off-by: David Bauer <mail@david-bauer.net>
Failing the registration does not necessarily mean we can not bring this
interface up. For example, roaming SIM cards are possibly steered by the
home-operator.
Don't block restart of the QMI interface in this case.
Signed-off-by: David Bauer <mail@david-bauer.net>
Add a struct_group to around all members in struct ath_cycle_counters.
It can help the compiler detect the intended bounds of the memcpy() and
memset().
This patch fixes the following build warning:
In function 'fortify_memset_chk',
inlined from 'ath9k_ps_wakeup' at /home/db/openwrt/build_dir/target-mips_24kc_musl/linux-ath79_generic/backports-6.1.24/drivers/net/wireless/ath/ath9k/main.c:140:3:
./include/linux/fortify-string.h:314:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
314 | __write_overflow_field(p_size_field, size);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Specifications:
SoC: QCA9531(650MHz)
RAM: DDR2 128M
Flash: SPI NOR 16M + SPI NAND 128M
WiFi: 2.4GHz with 2 antennas(WiFi/Thread)
Ethernet:
1xLAN(10/100M)
2xWAN(10/100M)
Button: 1x Reset Button
Switch: 1x Mode switch
LED: 1x Blue LED + 1x White LED + 1x Orange LED
IOT: Thread + ZigBee/Zwave
By uboot web failsafe:
Push the reset button for 5 seconds util the power led flash faster,
then use broswer to access http://192.168.1.1
Afterwards upgrade can use sysupgrade image.
Signed-off-by: Weiping Yang <weiping.yang@gl-inet.com>
This fixes building with USE_LTO enabled.
<artificial>:(.text+0xc22): relocation R_MIPS16_26 against `libxt_DNAT_init' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol printf
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
This fixes building with USE_LTO enabled.
<artificial>:(.text+0xcc8): relocation R_MIPS16_26 against `luaL_argerror' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol strcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
This fixes building with USE_LTO enabled.
<artificial>:(.text+0x4194): relocation R_MIPS16_26 against `cil_printf.lto_priv.0' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol memcmp
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
This fixes building with USE_LTO enabled:
<artificial>:(.text.exit+0x6e): relocation R_MIPS16_26 against `pthread_key_delete' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol stpcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
This fixes building with USE_LTO enabled.
<artificial>:(.text+0x400c): relocation R_MIPS16_26 against `iwinfo_close' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol strcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
Currently the zram default compressor choice is displayed whether or not
zram is activated. Since the default choice is lzo-rle, this adds a
false dependency on kmod-lib-lzo.
With this patch, the choice options appear only when activating zram.
Signed-off-by: Rani Hod <rani.hod@gmail.com>
Fix the building issue setting CC to KERNEL_CC in kernel.mk. The
kernel backports by default uses CC to compile kconf. A new patch is
added to mac80211 to compile kconf with host gcc.
Signed-off-by: Zeyu Dong <dzy201415@gmail.com>
[ refresh patches ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
d8118f6 config: make sure timer is not on the timeouts list before freeing
4bbc6e7 add hostsfile output in addition to statefile
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Commit 572ea68070 ("uboot-mediatek: add patches for MT7988 and
builds for RFB") renamed HSGMII to 2500basex, but forgot to update
the dts of Redmi Router AX6000, makes the network unusable.
This patch makes the network usable again.
Fixes: #13724
Fixes: 572ea68070 ("uboot-mediatek: add patches for MT7988 and builds for RFB")
Signed-off-by: Furong Xu <xfr@outlook.com>
```
Specifications:
* CPU: Qualcomm IPQ8074A, SoC Version: 2.0, Quad core 1651 MHz
* RAM: 1 GiB of DDR3 466 MHz
* Flash: NAND 512 MiB (Winbond W29N04GZ)
* 6 RGB LEDs: Power, LAN1, LAN2, 2.4GHz, 5GHz H and 5GHz L
* UART: One 4-pin populated header next to the heatsink and a chip.
GND RXD TXD, beginning from the external antennas. 115200n8.
Lan:
* One 100/1000/2.5GBASE-T Gigabit Ethernet 802.3bt/at
* One 100/1000 Gigabit Ethernet
Wlan:
* 4x4 in 2.4GHz : 802.11b/g/n/ax
* 4x4 in 5.0GHz L: 802.11a/n/ac/ax
* 4x4 in 5.0GHz H: 802.11a/n/ac/ax
* OFDM and OFDMA
* Bidir and MU-MIMO
* Internal antenna 2.86/4.41/4.98 dBi (2.4GHz/5GHz L/5GHz H)
Power:
* 802.3bt/at 30.1W
* DC 12V/3.5A
Mounting: Wall and ceiling
```
```
1. Download the OpenWrt initramfs image. Copy the image to a TFTP server
2. Connect to the console on the AP, and connect the LAN port to your LAN
3. Stop auto boot to get to U-boot shell, interrupt the autoboot process by pressing '0' when prompted
4. Set active_fw in env
4. Set active_fw in env
# setenv active_fw 1
5. Transfer the initramfs image with TFTP
# setenv serverip 192.168.1.10 (IP of TFTP server host)
# setenv ipaddr 192.168.1.1 (IP used by the router for getting the image, must be in the same subnet as the TFTP host)
# tftpboot openwrt-qualcommax-ipq807x-netgear_wax630-initramfs-uImage.itb
6. Reboot and load the image
# bootm
7. SCP factory image to the AP
# scp openwrt-qualcommax-ipq807x-netgear_wax630-squashfs-factory.ubi root@192.168.1.1:/tmp/
8. Connect to device using SSH (use the LAN port)
9. Flash squashfs-factory.ubi from within the initramfs instance of OpenWRT
Before you flash, please check your mtd partitions where mtdX is the right mtd rootfs partition.
# cat /proc/mtd (To check MTD partitions)
# ubiformat /dev/mtd18 -y -f /tmp/openwrt-qualcommax-ipq807x-netgear_wax630-squashfs-factory.ubi
10. Set active_fw to 0
# /usr/sbin/fw_setenv active_fw 0
11. Reboot the AP and your done
# reboot
```
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Contains the following update:
52a1c29 ipq8074: add Netgear WAX630 Board file for Netgear WAX630. Extracted from stock (WAX630_BDF.bin) firmware and repacked.
e7701b8 ipq8074: update RegDB in new submitted BDF
cd04ab7 qcn9074: update RegDB in new submitted BDF
Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Hardware specification:
SoC: MediaTek MT7981B 2x A53
Flash: 64GB eMMC or 128 MB SPI-NAND
RAM: 512MB
Ethernet: 4x 10/100/1000 Mbps
Switch: MediaTek MT7531AE
WiFi: MediaTek MT7976C
Button: Reset, Mesh
Power: DC 12V 1A
- UART: 3.3v, 115200n8
--------------------------
| Layout |
| ----------------- |
| 4 | GND TX VCC RX | <= |
| ----------------- |
--------------------------
Gain SSH access:
1. Login into web interface, and download the configuration.
2. Enter fakeroot, decompress the configuration:
tar -zxf cfg_export_config_file.conf
3. Edit 'etc/config/dropbear', set 'enable' to '1'.
4. Edit 'etc/shadow', update (remove) root password:
'root::19523:0:99999:7:::'
5. Repack 'etc' directory:
tar -zcf cfg_export_config_file.conf etc/
* If you find an error about 'etc/wireless/mediatek/DBDC_card0.dat',
just ignore it.
6. Upload new configuration via web interface, now you can SSH to RAX3000M.
Check stroage type:
Check the label on the back of the device:
"CH EC CMIIT ID: xxxx" is eMMC version
"CH CMIIT ID: xxxx" is NAND version
eMMC Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'factory' part.
('data' partition can be ignored, it's useless.)
2. Write new GPT table:
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-gpt.bin of=/dev/mmcblk0 bs=512 seek=0 count=34 conv=fsync
3. Erase and write new BL2:
echo 0 > /sys/block/mmcblk0boot0/force_ro
dd if=/dev/zero of=/dev/mmcblk0boot0 bs=512 count=8192 conv=fsync
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-preloader.bin of=/dev/mmcblk0boot0 bs=512 conv=fsync
4. Erase and write new FIP:
dd if=/dev/zero of=/dev/mmcblk0 bs=512 seek=13312 count=8192 conv=fsync
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-bl31-uboot.fip of=/dev/mmcblk0 bs=512 seek=13312 conv=fsync
5. Set static IP on your PC:
IP 192.168.1.254, GW 192.168.1.1
6. Serve OpenWrt initramfs image using TFTP server.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt has booted, perform sysupgrade.
9. Additionally, if you want to have eMMC recovery boot feature:
(Don't worry! You will always have TFTP recovery boot feature.)
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb of=/dev/mmcblk0p4 bs=512 conv=fsync
NAND Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'Factory' part.
2. Erase and write new BL2:
mtd erase BL2
mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin BL2
3. Erase and write new FIP:
mtd erase FIP
mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip FIP
4. Set static IP on your PC:
IP 192.168.1.254, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, erase UBI volumes:
ubidetach -p /dev/mtd0
ubiformat -y /dev/mtd0
ubiattach -p /dev/mtd0
8. Create new ubootenv volumes:
ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
9. Additionally, if you want to have NAND recovery boot feature:
(Don't worry! You will always have TFTP recovery boot feature.)
ubimkvol /dev/ubi0 -n 2 -N recovery -s 20MiB
ubiupdatevol /dev/ubi0_2 openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb
10. Perform sysupgrade.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
The OEM U-Boot uses dual boot and signature verification which does not
support by OpenWrt. So add a custom U-Boot build for OpenWrt.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Remove ABI version, since its format is not accepted by the linker.
Enable rpath to avoid clash with system libraries
Signed-off-by: Felix Fietkau <nbd@nbd.name>
CONFIG_USB_AUDIO is a "USB Audio Gadget" driver, not a usb device driver
CONFIG_USB_AUDIO is "USB Audio support" before linux 2.6
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
Expose the temperature sensors as hwmon, it improves the overall
user experience since on tiny boards the nvme can become a substantial
source of heat.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Major changes between OpenSSL 3.0.11 and OpenSSL 3.0.12 [24 Oct 2023]
* Mitigate incorrect resize handling for symmetric cipher keys and IVs. (CVE-2023-5363)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
c8c9f10 uim: fix help formatting
aac0776 uqmi: add APN profile commands
ffc5eea uim: support SIM card power-up/down
d6c963d uim: add application state to SIM status
Signed-off-by: David Bauer <mail@david-bauer.net>
