Commit Graph

21726 Commits

Author SHA1 Message Date
Rodrigo Balerdi
702bad7212 ipq40xx: add BDFs for Linksys WHW03 V1
BDFs come from latest firmware, version 1.1.19.209880 (2022-06-20):
- /lib/firmware/IPQ4019/v1/FCC/boardData_1_0_IPQ4019_DK04_2G.bin
- /lib/firmware/IPQ4019/v1/FCC/boardData_1_0_IPQ4019_DK04_5G.bin
- /lib/firmware/QCA9888/v1/FCC/boardData_2_0_QCA9888_5G_Y9690_SBS_HB.bin

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15844
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-04 19:14:20 +02:00
Rodrigo Balerdi
799829f418 ipq-wifi: update to Git HEAD (2024-06-30)
f54581d ipq6018: add BDF for Edgecore EAP101
6df42f9 ipq40xx: add BDFs for Linksys WHW03 V1
e82cba7 ipq8074: add TP-Link EAP660 HD v1 BDF

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15844
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-04 19:14:20 +02:00
Hauke Mehrtens
4cc69a6542
kernel: Add kmod-sctp-diag
Package the sctp_diag.ko file which already gets build when kmod-sctp
and kmod-inet-diag are selected.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:02 +02:00
Hauke Mehrtens
8b4fd1c0de
kernel: Add kmod-mfd
Package the mfd-core.ko kernel module. It is selected by the
kmod-hwmon-gsc already.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:02 +02:00
Hauke Mehrtens
4e33427965
kernel: Add mtd_nandbiterrs.ko to kmod-mtdtests
The mtd_nandbiterrs.ko kernel module was added with kernel 3.7. We
should package it like the other test modules.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:01 +02:00
Hauke Mehrtens
2ebeda0294
kernel: Add kmod-crypto-xxhash
kxxhash_generic.ko is a soft dependency of kmod-fs-btrfs, but we did not
package it. Extract the kmod-lib-xxhash and then package
xxhash_generic.ko.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:01 +02:00
Hauke Mehrtens
f89091bba6
kernel: Add kmod-crypto-blake2b
The kmod-fs-btrfs package has a soft dependency to kmod-crypto-blake2b

The CONFIG_BTRFS_FS kernel build option selects CONFIG_CRYPTO_BLAKE2B,
but we did not package it before.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:00 +02:00
Hauke Mehrtens
fac507606d
kernel: Fix kmod-lib-lz4 packaging
The kernel provides two variants of the lz4 compression a normal version
and a high compression mode version. The old kmod-lib-lz4 package
contained the normal version plus one part of the lz4hc version. There
was already code which selected the kmod-lib-lz4hc package which did
not exists.

I split this into 3 packages. kmod-lib-lz4 and kmod-lib-lz4hc for the
normal the and high compression algorithm which contain the specific
code and the kmod-lib-lz4-decompress which contains the common
decompressor.

New we are also packaging lz4hc.ko

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:00 +02:00
Hauke Mehrtens
b0953c4fbf
kernel: Extract kmod-nf-dup-inet
The nf_dup_ipv4.ko and nf_dup_ipv6.ko kernel module were packaged by
kmod-ipt-tee and kmod-nft-dup-inet at the same time. Extract them into a
separate package used by both.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:10:59 +02:00
Sean Khan
c27fd6fd97 f2fs-tools: Add missing 'f2fslabel' symlink
`f2fslabel` is already built into `f2fs.fsck`, but is missing its symlink
in the final package.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15851
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-03 11:14:42 +02:00
Stijn Tintel
6b16eaf840 wifi-scripts: add missing dependency on ucode-mod-uci
Fixes the following error:

Syntax error: Unable to resolve path for module 'uci'
In line 3, byte 27:

 `import * as uci from 'uci';`
  Near here ----------------^

Fixes: 4a3ed518b2 ("wifi-scripts: rewrite wifi detect code in ucode")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2024-07-03 01:40:15 +03:00
David Bauer
89d7051485 hostapd: bump PKG_RELEASE
Signed-off-by: David Bauer <mail@david-bauer.net>
2024-06-30 22:23:11 +02:00
David Bauer
68e4cc9be5 hostapd: don't ignore probe-requests with invalid DSSS params
Don't ignore probe requests which contain an invalid DS parameter for the
current operating channel.

As the comment outlines, the drop shall only apply if
dot11RadioMeasurementActivated is set to 1.

However, it was observed Linux clients (Debian 12 / NixOS 23.11)
with an Intel 8265 NIC may generate a probe request frame with
dot11RadioMeasurementActivated set to false and an invalid DSSS
parameter.

These were also dropped even though they should not have been. They
however should not have contained this parameter in the first place.

Don't drop Probe Requests which contain such an invalid field. This may
lead to more probe responses being sent, however it does fix very
frequent connection issues for these clients on 2.4 GHz.

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-06-30 22:23:11 +02:00
Rosen Penev
7c32295b00 e2fsprogs: remove HostBuild
These things already get built and installed by tools/e2fsprogs. No need
to duplicate.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15822
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-28 11:25:58 +02:00
Álvaro Fernández Rojas
e04533ae7b bcm63xx-cfe: update to latest version
sagem: fast-3864-op:add cferam.000 file
tp-link: archer vr400 v1: add cfe file

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-06-26 19:26:34 +02:00
Robert Marko
2b666bb827 utils: mtd-utils: update to 2.2.0
Release notes:
https://lists.infradead.org/pipermail/linux-mtd/2024-March/104058.html

mtd-utils are currently depending on zlib, however it is not expressed
as a dependency and it is somehow being only pulled-in by lincurses-devel
so mtd-utils were able to compile.

Since 2.2.0 zlib is optional so lets disable support for it like for other
compressors since we dont package the mkfs.ubifs or mkfs.jffs2 that
are only users of compressors anyway.

Link: https://github.com/openwrt/openwrt/pull/15802
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-26 09:23:27 +02:00
Robert Marko
116903082b utils: mtd-utils: drop autoreconf
Now that we are not patching mtd-utils with JFFS2 LZMA support there
is no need for autoreconf to be run.

Link: https://github.com/openwrt/openwrt/pull/15802
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-26 09:23:26 +02:00
Robert Marko
fb2fa8f7c2 utils: mtd-utils: drop patches
We have been carrying the 100-fix_includes.patch and 130-lzma_jffs2.patch
for a long time but the reason is lost to history.

We dont need to carry the JFFS2 LZMA support patch as mkfs.jffs2 is not
even being packaged so its not even being used.

As for the 100-fix_includes.patch that also seems like a relic of history
as mtd-utils compiles fine without it.

So, lets drop both patches.

Link: https://github.com/openwrt/openwrt/pull/15790
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-25 13:01:45 +02:00
Christian Marangi
be26643e91
generic: 6.6: backport patch for G671 PWM Fan controller support
Backport patch for G761 PWM Fan controller support. This is used by
an ipq807x RAX120v2 and have an internal clock that was currently
unconfigured making the device not working.

Link: https://github.com/openwrt/openwrt/pull/15796
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-25 12:52:43 +02:00
Robert Marko
14bf60deb8 uboot-mvebu: add support for MikroTik RB5009
MikroTik RB5009 uses RouterBoot as its bootloader like all MikroTik devices
running RouterOS, meaning that its not FIT compatible and can only boot
ELF images.

Now this is not so much of an issue on ARM or MIPS since kernel supports
appending DTB-s to it (Or we patch the kernel to embed it), but on ARM64
there is intentionally no such support.

RouterBoot will pass a DTB, but its the broken MikroTik one which is a
modified reference DTB and incorrect in more places than its valid so we
cannot use it to boot our kernel.

Thus, the solution is to use an intermediary loader and luckily for us
Armada 7040 is well supported in U-Boot which makes it a great option since
it supports anything that we will ever need to boot.

Upstream U-Boot currently requires the Armada boards to be converted to
OF_UPSTREAM before adding anything new and this requires updating all of
the drivers to accomodate the Linux DTS, while I plan to do this eventually
we will need to keep this board downstream for now.

Most stuff is supported in U-Boot, including networking since the switch
is preconfigured by RouterBoot.

A custom environment is used to try and boot from the following devices:
1. NAND (UBI)
2. USB
3. Networking

If NAND boot fails then U-Boot will attempt to boot OpenWrt initramfs from
USB or via networking.

There is a manual recovery mechanism implemented where if the reset button
is held when U-Boot is booting it will try to boot OpenWrt initramfs from:
1. USB
2. Networking

When U-Boot is in recovery mode it will light all of the LED-s except the
switch ones.

Link: https://github.com/openwrt/openwrt/pull/15765
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-24 09:46:19 +02:00
Álvaro Fernández Rojas
ea2ff25d4c generic: 6.6: backport upstream r8169 patches
Backport a bunch of upstream r8169 patches:
- RTL8168/RTL8101 LEDs support.
- RTL8126A support.
- RTL8125/RTL8126 LEDs support.
- RTL8168M support.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-06-24 05:36:14 +02:00
Álvaro Fernández Rojas
2f5c57ced6 linux-firmware: add RTL8126 firmware
This commit adds RTL8126 firmwares to r8169-firmware package.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-06-23 22:36:28 +02:00
Robert Marko
de5d1f44ae qca-ssdk: fix compiling for ipq60xx
Trying to compile for ipq60xx will fail with:
ERROR: modpost: "qca808x_phy_reset" [build_dir/target-aarch64_cortex-a53_musl/linux-qualcommax_ipq60xx/qca-ssdk-2024.06.13~c451136b/qca-ssdk.ko] undefined!

So, lets fix this by disabling Manhattan switch and PHY support as this is
the new 2.5G quad port switch that is not present on ipq60xx boards.

Fixes: 87a45ea432 ("kernel: qca-ssdk: update 12.5 to 2024-06-13")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 17:43:36 +02:00
Kristian Skramstad
87a45ea432 kernel: qca-ssdk: update 12.5 to 2024-06-13
There are some new commits, so refresh and update patches.
Some build warnings have been fixed upstream too.

Add backport target/linux/generic/backport-6.6/722-v6.10-dt-bindings-arm-qcom-ids-Add-SoC-ID-for-IPQ5321.patch.

Removed upstream:
[-] qca-ssdk/patches/101-hsl_phy-add-support-for-detection-PSGMII-PHY-mode.patch
[-] qca-ssdk/patches/201-fix-compile-warnings.patch

List of changes:
2024-04-16  -c451136b-  qca-ssdk: strip MRPPE code
2024-06-05  -f455a820-  [qca-ssdk]: fix enum-int-mismatch warnings
2024-05-31  -bbfc0fa9-  Merge "[qca-ssdk]: update eee status of phydev"
2024-05-31  -adbe9dc5-  Merge "[qca-ssdk]: support psgmii and uqsxgmii mode of kernel"
2024-05-31  -d06ca777-  Merge "[qca-ssdk]: fix 5G issue with the AQR FW that use 5gbaser for 5G speed"
2024-05-31  -c6f539a5-  Merge "qca-ssdk: support mrppe pktedit padding functions"
2024-04-29  -c321e2a9-  qca-ssdk: support mrppe pktedit padding functions
2024-05-24  -ee6e201e-  qca-ssdk: Fix the big endian compile error
2024-05-15  -8c116bb9-  [qca-ssdk]: update eee status of phydev
2024-05-20  -f0341a2c-  Merge "qca-ssdk: Enable igmp for PPE MINI profile"
2024-05-16  -44a0ce93-  qca-ssdk: Enable igmp for PPE MINI profile
2024-05-15  -8b91bbf6-  [qca-ssdk]: support psgmii and uqsxgmii mode of kernel
2024-05-14  -7eec1658-  [qca-ssdk]: fix 5G issue with the AQR FW that use 5gbaser for 5G speed
2024-05-12  -b9f5ea0e-  [qca-ssdk]: ethtool support, do not change wake-up timer when the requested timer is 0
2024-05-09  -5e2c15ed-  Merge "[qca-ssdk]: remove check when mht clock enable"
2024-05-09  -a1563b90-  Merge "[qca-ssdk] support new sku IPQ5321"
2024-04-23  -f04b7680-  [qca-ssdk]: show unknown status when link down
2024-03-22  -33b91b30-  [qca-ssdk]: remove check when mht clock enable
2024-04-29  -b6362f2b-  Merge "qca-ssdk:fix bug in marina nptv6 iid cal"
2024-04-29  -097033ae-  Merge "[qca-ssdk] support cypress uniphy0 connecting MHT switch port0"
2024-04-24  -d45560fd-  qca-ssdk:fix bug in marina nptv6 iid cal
2024-04-24  -7d7a42af-  qca-ssdk: enable policer counter on low memory profile
2024-04-18  -e36cf6ea-  Merge "[qca-ssdk]: change portvlan egress mode initial value as untouched"
2024-04-18  -27817881-  Merge "[qca-ssdk]: update the aqr phy supported ability"
2024-04-18  -5a3a693c-  Merge "qca-ssdk:support marina nptv6"
2024-04-16  -129fe9b3-  Merge "qca-ssdk: support tunnel fields and innner fields inverse"
2024-01-09  -fc8f6abd-  qca-ssdk:support marina nptv6

Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Link: https://github.com/openwrt/openwrt/pull/15771
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 17:42:17 +02:00
Nathaniel Wesley Filardo
7d71c03ab1 kernel: crypto: remove FCRYPT from miscellany
It has its own dedicated knob

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15761
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 14:07:17 +02:00
Nathaniel Wesley Filardo
98793e02f7 kernel: catch up rxrpc
New dependencies required for the module to be useful, and correct IPv6 support

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15761
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 14:07:17 +02:00
Sean Khan
31ec4515c3 openssl: conditionally disable engine section
Currently, the build option to enable/disable engine support isn't
reflected in the final '/etc/ssl/openssl.cnf' config. It assumes `engines`
is always enabled, producing an error whenever running any
commands in openssl util or programs that explicitly use settings
from '/etc/ssl/openssl.cnf'.

```
➤ openssl version
FATAL: Startup failure (dev note: apps_startup()) for openssl
307D1EA97F000000:error:12800067:lib(37):dlfcn_load:reason(103):crypto/dso/dso_dlfcn.c:118:filename(libengines.so):
Error loading shared library libengines.so: No such file or directory
307D1EA97F000000:error:12800067:lib(37):DSO_load:reason(103):crypto/dso/dso_lib.c:152:
307D1EA97F000000:error:0700006E:lib(14):module_load_dso:reason(110):crypto/conf/conf_mod.c:321:module=engines, path=engines
307D1EA97F000000:error:07000071:lib(14):module_run:reason(113):crypto/conf/conf_mod.c:266:module=engines
```

Build should check for the `CONFIG_OPENSSL_ENGINE` option, and comment out `engines`
if not explicitly enabled.

Example:
```
[openssl_init]
providers = provider_sect
```

After this change, openssl util works correctly.

```
➤ openssl version
OpenSSL 3.0.14 4 Jun 2024 (Library: OpenSSL 3.0.14 4 Jun 2024)
```

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15661
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-22 16:31:23 +02:00
Sean Khan
d648ee4c58 wifi-scripts: ensure get_freq returns int (iw-6.9)
With `iw` version 6.9 frequencies are now being reported as float,
which is incompatible with wpa_supplicant's config option 'frequency'
which expects an integer.

iwinfo phy0 info output:

Version: 5.19
```
Frequencies:
  * 5180 MHz [36] (30.0 dBm)
  * 5200 MHz [40] (30.0 dBm)
  * 5220 MHz [44] (30.0 dBm)
  * 5240 MHz [48] (30.0 dBm)
  * 5260 MHz [52] (24.0 dBm)
  * 5280 MHz [56] (24.0 dBm)
  * 5300 MHz [60] (24.0 dBm)
  * 5320 MHz [64] (24.0 dBm)
  * 5500 MHz [100] (24.0 dBm)
  * 5520 MHz [104] (24.0 dBm)
  * 5540 MHz [108] (24.0 dBm)
  * 5560 MHz [112] (24.0 dBm)
  * 5580 MHz [116] (24.0 dBm)
  * 5600 MHz [120] (24.0 dBm)
  * 5620 MHz [124] (24.0 dBm)
  * 5640 MHz [128] (24.0 dBm)
  * 5660 MHz [132] (24.0 dBm)
  * 5680 MHz [136] (24.0 dBm)
  * 5700 MHz [140] (24.0 dBm)
  * 5720 MHz [144] (24.0 dBm)
  * 5745 MHz [149] (30.0 dBm)
  * 5765 MHz [153] (30.0 dBm)
  * 5785 MHz [157] (30.0 dBm)
  * 5805 MHz [161] (30.0 dBm)
  * 5825 MHz [165] (30.0 dBm)
  * 5845 MHz [169] (disabled)
  * 5865 MHz [173] (disabled)
  * 5885 MHz [177] (disabled)
```

Version: 6.9
```
Frequencies:
  * 5180.0 MHz [36] (30.0 dBm)
  * 5200.0 MHz [40] (30.0 dBm)
  * 5220.0 MHz [44] (30.0 dBm)
  * 5240.0 MHz [48] (30.0 dBm)
  * 5260.0 MHz [52] (24.0 dBm)
  * 5280.0 MHz [56] (24.0 dBm)
  * 5300.0 MHz [60] (24.0 dBm)
  * 5320.0 MHz [64] (24.0 dBm)
  * 5500.0 MHz [100] (24.0 dBm)
  * 5520.0 MHz [104] (24.0 dBm)
  * 5540.0 MHz [108] (24.0 dBm)
  * 5560.0 MHz [112] (24.0 dBm)
  * 5580.0 MHz [116] (24.0 dBm)
  * 5600.0 MHz [120] (24.0 dBm)
  * 5620.0 MHz [124] (24.0 dBm)
  * 5640.0 MHz [128] (24.0 dBm)
  * 5660.0 MHz [132] (24.0 dBm)
  * 5680.0 MHz [136] (24.0 dBm)
  * 5700.0 MHz [140] (24.0 dBm)
  * 5720.0 MHz [144] (24.0 dBm)
  * 5745.0 MHz [149] (30.0 dBm)
  * 5765.0 MHz [153] (30.0 dBm)
  * 5785.0 MHz [157] (30.0 dBm)
  * 5805.0 MHz [161] (30.0 dBm)
  * 5825.0 MHz [165] (30.0 dBm)
  * 5845.0 MHz [169] (disabled)
  * 5865.0 MHz [173] (disabled)
  * 5885.0 MHz [177] (disabled)
```

Error reported from wpa_supplicant
```console
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 10: invalid number "5320.0"
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 10: failed to parse frequency '5320.0'.
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 16: failed to parse network block.
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Failed to read or parse configuration '/var/run/wpa_supplicant-phy1-mesh0.conf'.
```

This affects mesh, adhoc, and client-mode WDS.

Until hostapd/wpa_supplicant is updated (or patched) to support float
frequencies, ensure `get_freq` prints out an integer.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15770
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-22 11:34:46 +02:00
Felix Fietkau
4a3ed518b2 wifi-scripts: rewrite wifi detect code in ucode
Rely entirely on /etc/board.json instead of screen scraping iw cli output

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
31aa61503e wifi-scripts: add default channel to board.json in wifi-detect.uc
Preparation for avoiding iw calls in /lib/wifi/mac80211.sh

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
33420f039d ucode: update to Git HEAD (2024-06-18)
8cf816d615fd socket: fix potential memory leak in connect()
8f5f231d66cd socket: optimize poll() argument handling
36f106056069 socket: remove wrong documentation fragment
525fca224012 socket: uv_to_sockaddr(): fix length calculation for AF_UNIX addresses
3938645ad9e3 socket: support IPv6 addresses in struct conversion routines
3a586dc7ddbe socket: improve uc_socket_connect() behavior
7b269f1cd3d2 socket: improve uc_socket_listen() behavior
fc6f2b89febf socket: handle further socket option value types
d6f25797dad1 socket: add IPv6 socket options
7611487b9a05 socket: implement recvmsg(), sendmsg() and cmsg support
d2e44bfa8b54 core-lib: improved documentation
e0bab40c8578 fs: add truncate() file method
5d305cfb2ab7 fs: add lock() file method
8b0318f7fabe lib: introduce zlib library

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
a6e1c5f01e iw: update to version 6.9
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Felix Fietkau
032d3fcf7a hostapd: use strdup on string passed to hostapd_add_iface
The data is modified within hostapd_add_iface

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Felix Fietkau
3984fb0582 hostapd: fix crash on interface setup failure
Add a missing NULL pointer check when deleting beacons

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Christian Marangi
2b6772c82c
firmware-utils: update to Git HEAD (2024-06-20)
224d497dd94f srec2bin: drop unused "dum" variable
6777b2d51961 uimage_sgehdr: use "char" type for header struct strings
81db3025aac5 uimage_sgehdr: drop unused "ltmp" variable
bd7fcc74b43e pc1crypt: make decrypt/encrypt functions take void * as argument
6ac44974185a linksys: add magic header generation tool for e8350 v1

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-20 23:23:30 +02:00
Thomas Weißschuh
f1b7f45f8c util-linux: update to v2.40.1
Release Notes:
	https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40-ReleaseNotes
	https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40.1-ReleaseNotes

Remove upstreamed:
	001-meson-properly-handle-gettext-non-existence.patch

New:
	0001-meson-Fix-build-python-option.patch

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
2024-06-20 14:06:41 +02:00
Christian Marangi
cf2b689d03
Revert "apk: limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG"
This reverts commit 25bbefcdd9.

Only the Config-build.in change needed to be merged and this contains
leftover from previous revision of the feature.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-20 05:52:05 +02:00
Daniel Golle
5e7955171c generic: backport pending driver for Winchip CH348 USB serial
Import patch and package kernel module for Winchip CH348
USB-to-8x-UART chip.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-20 01:11:09 +01:00
Christian Marangi
e6e4d90b69
mac80211: backport upstream patch for tim->virtual_map flex array warn
Backport upstream patch for tim->virtual_map flex array warning for
invalid write.

This has been notice with the bump of ath10k-ct to version 6.7.

Link: https://github.com/openwrt/openwrt/pull/15760
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-19 23:38:27 +02:00
Rafał Miłecki
156f5e8f48 base-files: migrate old UCI network sections defining bridges
Old "interface" sections for bridges were mixing layer 2 and layer 3.
That syntax got deprecated and UCI section "device" is used for bridge
configuration now.

Backward compatibility may be dropped from netifd soon now so migrate
old configs using uci-defaults script.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-06-19 12:47:58 +02:00
Rafał Miłecki
c8e68dce61 base-files: migrate old UCI network bridge ports syntax
netifd supports more accurate "ports" option (instead of "ifname") for
years now. Relevant changes were even backported to OpenWrt 21.02. Add
uci-defaults script that translates config files using deprecated
syntax.

Identical commit f716c30241 ended up reverted back in 2021 by
80be798d4a due to breaking downgrades. With 19.07 support ended it
should no longer be an issue.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-06-19 09:11:44 +02:00
Christian Marangi
d14670aea8
ath10k-ct: bump to version 6.7
Bump ath10k-ct to version 6.7.

Drop patch 100 that got merged upstream.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:42 +02:00
Christian Marangi
0134270319
mac80211: backport RX timestamp flags patch
Backport RX timestamp flags patch needed for ath10k-ct to compile with
newer versions.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:42 +02:00
Christian Marangi
3b2a81ec24
ath10k-ct: replace LEDs patch with upstream patch
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:41 +02:00
Christian Marangi
6b71ab630a
mac80211: ath10k: replace LEDs patch with upstream patch
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:40 +02:00
Christian Marangi
29b98a0192
Revert "mac80211: ath10k: replace LEDs patch with upstream patch"
This reverts commit dc9c5d1ee7.

Additional file for ath10k-ct slipped in, revert for a better version
pushed later.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 18:33:25 +02:00
Christian Marangi
dc9c5d1ee7
mac80211: ath10k: replace LEDs patch with upstream patch
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 18:23:44 +02:00
Leon M. Busch-George
bff0e1cfd8
base-files: fix ipcalc bound calculation for /31 prefix
A small regress from the translation to shell.
Fixes #12921, originally fixed in #12925 (Github).

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Link: https://github.com/openwrt/openwrt/pull/15430
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 13:45:37 +02:00
Konstantin Demin
f3080677f5
xdp-tools: update to v1.4.2
- release notes:
  https://github.com/xdp-project/xdp-tools/releases/tag/v1.4.2
- patches rebased manually:
  - 010-configure-respect-LDFLAGS.patch

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15705
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 13:26:37 +02:00
Carlos Miguel Ferreira
76c863fe60
libquadmath: Add libquadmath to the toolchain
This commit makes the libquadmath library available to the GCC
toolchain. This library is important for libraries such as
Boost.charconv

Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15637
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 13:12:29 +02:00
John Audia
f34620f146 kernel: bump 6.6 to 6.6.33 and adjust subarches
This commit accomplishes three goals:
1. bump 6.6 to 6.6.33
2. kernel: modules: video: change package definition for fb for
   upstream changes[1]
3. kernel/multiple subtargets: add CONFIG_FB_IOMEM_FOPS=y to all
   subtargets which also set CONFIG_FB_CORE=y.

Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.33

Removed upstreamed:
	pending-6.6/195-block-fix-and-simplify-blkdevparts-cmdline-parsing.patch[2]
	gemini/patches-6.6/0003-net-ethernet-cortina-Locking-fixes.patch[3]

Manually rebased:
	ramips/patches-6.6/810-uvc-add-iPassion-iP2970-support.patch

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.6.y&id=c00e8fd749502c02085534c60b1edca4fc479c91
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.33&id=99bbbd9aea059f8a206736dc601be2ae61d366fb
3. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.33&id=8f6f82d6a205ceb3aba8d279f9ff6eeea0b1689b

Build system: x86/64
Build-tested: x86/64/AMD Cezanne, flogic/xiaomi_redmi-router-ax6000-ubootmod, ramips/tplink_archer-a6-v3
Run-tested: x86/64/AMD Cezanne, flogic/xiaomi_redmi-router-ax6000-ubootmod, ramips/tplink_archer-a6-v3

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: John Audia <therealgraysky@proton.me>
2024-06-15 22:44:06 +02:00
Christian Lamparter
7d9b9762c9 firmware: intel-microcode: update to 20240531
Debian changelog:

intel-microcode (3.20240531.1) unstable; urgency=medium

  * New upstream microcode datafile 20240531
    * Fix unspecified functional issues on Pentium Silver N/J5xxx,
      Celeron N/J4xxx
    * Updated Microcodes:
      sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800
  * source: update symlinks to reflect id of the latest release, 20240531

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Sat, 01 Jun 2024 11:49:47 -0300

intel-microcode (3.20240514.1) unstable; urgency=medium

  * New upstream microcode datafile 20240514
    * Mitigations for INTEL-SA-01051 (CVE-2023-45733)
      Hardware logic contains race conditions in some Intel Processors may
      allow an authenticated user to potentially enable partial information
      disclosure via local access.
    * Mitigations for INTEL-SA-01052 (CVE-2023-46103)
      Sequence of processor instructions leads to unexpected behavior in
      Intel Core Ultra Processors may allow an authenticated user to
      potentially enable denial of service via local access.
    * Mitigations for INTEL-SA-01036 (CVE-2023-45745,  CVE-2023-47855)
      Improper input validation in some Intel TDX module software before
      version 1.5.05.46.698 may allow a privileged user to potentially enable
      escalation of privilege via local access.
    * Fix for unspecified functional issues on 4th gen and 5th gen Xeon
      Scalable, 12th, 13th and 14th gen Intel Core processors, as well as for
      Core i3 N-series processors.
    * Updated microcodes:
      sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632
      sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400
      sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256
      sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208
      sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433
      sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808
      sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040
      sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240
      sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960
      sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230
  * source: update symlinks to reflect id of the latest release, 20240514

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Thu, 16 May 2024 21:40:52 -0300

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2024-06-15 11:20:13 +02:00
Aleksander Jan Bajkowski
1b846fe208 kernel: ltq-adsl: fix compilation warning on 6.6
Fix compilation warning:
./include/linux/export.h:29:22: error: passing argument 1 of 'class_create' from incompatible pointer type [-Werror=incompatible-pointer-types]
   29 | #define THIS_MODULE (&__this_module)
      |                     ~^~~~~~~~~~~~~~~
      |                      |
      |                      struct module *
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:1105:29: note: in expansion of macro 'THIS_MODULE'
 1105 |    dsl_class = class_create(THIS_MODULE, "dsl_cpe_api");
      |                             ^~~~~~~~~~~
In file included from ./include/linux/device.h:31,
                 from ./include/linux/platform_device.h:13,
                 from ./include/linux/of_device.h:5,
                 from ./include/linux/of_platform.h:10,
                 from /home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:15:
./include/linux/device/class.h:230:54: note: expected 'const char *' but argument is of type 'struct module *'
  230 | struct class * __must_check class_create(const char *name);
      |                                          ~~~~~~~~~~~~^~~~
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:1105:16: error: too many arguments to function 'class_>
 1105 |    dsl_class = class_create(THIS_MODULE, "dsl_cpe_api");
      |                ^~~~~~~~~~~~
./include/linux/device/class.h:230:29: note: declared here
  230 | struct class * __must_check class_create(const char *name);
      |                             ^~~~~~~~~~~~
cc1: all warnings being treated as errors

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2024-06-14 14:32:28 +02:00
Aleksander Jan Bajkowski
fda7563c9a kernel: ltq-adsl-mei: fix compilation warning on 6.6
Fix compilation warning:
./include/linux/export.h:29:22: error: passing argument 1 of 'class_create' from incompatible pointer type [-Werror=incompatible-pointer-types]
   29 | #define THIS_MODULE (&__this_module)
      |                     ~^~~~~~~~~~~~~~~
      |                      |
      |                      struct module *
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:2774:34: note: in expansion of macro 'THIS_MODULE'
 2774 |         dsl_class = class_create(THIS_MODULE, "ifx_mei");
      |                                  ^~~~~~~~~~~
In file included from ./include/linux/device.h:31,
                 from ./include/linux/dma-mapping.h:8,
                 from ./include/linux/skbuff.h:28,
                 from ./include/net/net_namespace.h:43,
                 from ./include/linux/netdevice.h:38,
                 from /home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:39:
./include/linux/device/class.h:230:54: note: expected 'const char *' but argument is of type 'struct module *'
  230 | struct class * __must_check class_create(const char *name);
      |                                          ~~~~~~~~~~~~^~~~
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:2774:21: error: too many arguments to function 'class_create'
 2774 |         dsl_class = class_create(THIS_MODULE, "ifx_mei");
      |                     ^~~~~~~~~~~~
./include/linux/device/class.h:230:29: note: declared here
  230 | struct class * __must_check class_create(const char *name);
      |                             ^~~~~~~~~~~~
cc1: all warnings being treated as errors

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2024-06-14 14:32:28 +02:00
Rosen Penev
6b03050192 mac80211: remove mtd-cal-data
All usages of mtd-cal-data have been removed. To avoid submissions that
rely on this deprecated behavior, remove it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15671
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-13 18:10:27 +02:00
Paul Spooren
213bd273ed base-files: Reapply fixed "Ignore exit code of uci.sh inclusion"
This reverts commit 80d1c353b7 with the
fix which won't break running systems. A logic error on how shell
handles && and || more the init process.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-06-12 11:12:13 +02:00
Petr Štetiar
b2a84c86e3
apk: host: make the help available
Currently, the apk utility lacks accessible help documentation, making
it cumbersome for human users:

 apk-tools 3.0.0_pre20240519, compiled for x86_64.

 ERROR: This apk-tools has been built without help

This absence of help forces users to delve into the apk's build
directory to understand its functionality. To enhance usability, we will
enable the help feature for the host build. The host environment can
accommodate the 3% increase in binary size for the added convenience.

On Ubuntu 22.04, x86_64 platform, the apk size increases by 17,816 bytes
(from 594,144 to 611,960 bytes), a 2.99% increase. This is a reasonable
trade-off for improved ergonomics.

Additionally fix the Lua host build dependency as apk-tools uses during
the build Lua to convert SCDOC manpages to apk-tools help messages.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:20 +02:00
Christian Marangi
25bbefcdd9
apk: limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG
Limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG as APK have different
way to validate package integrity (apk audit)

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:19 +02:00
Christian Marangi
8ca2e2852e
base-files: skip fix-group-user uci-default for APK installation
For APK installation we don't have /usr/lib/opkg/info and user fixup are
handled dirrectly. Skip the script in such case.

Also remove this uci-defaults if we have CONFIG_USE_APK enabled.

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:18 +02:00
Christian Marangi
9f6fc4f524
dropbear: don't install /usr/lib/opkg/info in package install
Don't install /usr/lib/opkg/info in package install as it doesn't make
sense and conflicts with APK installations.

Fixes: a377aa9ab5 ("add dropkey ssh keys and config files to the conffiles section (#2014)")
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:17 +02:00
Christian Marangi
93d49529a1
apk: provide csum for static conffiles
For non-overlay configuration we need checksum for config file that
weren't modified by the user. For OPKG in sysupgrade we check the status
file for the Conffiles: entry of every package. this entry contains
checksum for every static file that the package contains.

Provide the same info for APK by creating a conffiles_static file and
parse this file on sysupgrade for non-overlay configurations.

This is also used by the sysupgrade -u option to exclude non-changed
files from the final backup.

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:17 +02:00
Petr Štetiar
617431685e
build: package: fix missing host apk dependency
Currently the build with USE_APK=y fails in package/libs/toolchain:

 staging_dir/host/bin/fakeroot: line 182: staging_dir/host/bin/apk: No such file or directory
 make[2]: *** [Makefile:758: bin/targets/mediatek/filogic/packages/libgcc1-13.2.0-r4.apk] Error 127

as commit d788ab376f ("build: add APK package build capabilities") added
dependency on apk in packaging step, but there is no host build
dependency defined, thus apk binary is missing when libgcc1 apk package is being
created. So lets fix it by adding explicit apk/host dependency to all
targets in the subdirectories.

Fixes: d788ab376f ("build: add APK package build capabilities")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[ rework logic to be more self contained ]
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:14 +02:00
Robert Marko
b47fbca97f yafut: update to fix basename() issue
Since musl 1.2.5 update yafut would throw a warning about implicit
declaration of basename() but would still somehow compile.
However, trying to use it on a device will cause it to instantly
Segmentation fault.

So, to fix this lets update to the current upstream repository version
that has removed the use of basename() completely.

Link: https://github.com/openwrt/openwrt/pull/15685
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-11 14:27:47 +02:00
Daniel Golle
83311b7470 mt76: mt7996: select required kernel and hostap options
Select DRIVER_11AX_SUPPORT and KERNEL_RELAY also for kmod-mt7996 to
prevent build failure if only this driver is selected during build and
end up with (most) required hostap features (IEEE 802.11be rates are not
yet supported).

Reported-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-11 00:10:21 +01:00
Florian Eckert
fe5fe3c8e7 kernel: modules: netdevice: remove kmod-of-mdio dependency for kmod-stmmac-core
The 'kmod-stmmac-core' package is referenced by the following packages:
* kmod-dwmac-intel
* kmod-dwmac-imx
* kmod-dwmac-sun8i

The problem is that 'kmod-of-mdio' is not selectable for 'TARGET_x86'.
That means the package 'kmod-dwmac-intel' is not available on this
architecture and so the package 'kmod-dwmac-intel' could not be enabled.

To fix this remove the dependencies 'kmod-of-mdio' from 'kmod-stmmac-core'.
This is not needed on this level, because the modules 'kmod-of-mdio' is
already selected by the packages 'kmod-dwmac-imx' and 'kmod-dwmac-sun8i'.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-06-10 16:50:29 +02:00
John Audia
bac2f1bed6 openssl: update to 3.0.14
Major changes between OpenSSL 3.0.13 and OpenSSL 3.0.14 [04-Jun-2024]

* Fixed potential use after free after SSL_free_buffers() is called.
  [CVE-2024-4741]
* Fixed checking excessively long DSA keys or parameters may be very slow.
  [CVE-2024-4603]
* Fixed an issue where some non-default TLS server configurations can cause
  unbounded memory growth when processing TLSv1.3 sessions. An attacker may
  exploit certain server configurations to trigger unbounded memory growth that
  would lead to a Denial of Service.  [CVE-2024-2511]
* New atexit configuration switch, which controls whether the OPENSSL_cleanup
  is registered when libcrypto is unloaded. This can be used on platforms
  where using atexit() from shared libraries causes crashes on exit

Signed-off-by: John Audia <therealgraysky@proton.me>

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
2024-06-08 23:29:31 +02:00
Martin Schiller
abf1c4e67d kernel: ltq-vdsl-vr9: fix compilation with linux 6.6
This adds some compile fixes for linux 6.6 compatibility.

class_create now require only the name instead of the module ownership
reference.

Also the kernel enabled checks for enum.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Martin Schiller
45eeedbbfc kernel: ltq-vdsl-vr9-mei: fix compilation with linux 6.6
This adds some compile fixes for linux 6.6 compatibility.

class_create now require only the name instead of the module ownership
reference.

Also the kernel enabled checks for enum.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Martin Schiller
10f8a14eca kernel: ltq-deu: fix compilation with linux 6.6
struct u128 and u128_xor() was removed by upstream commit f413e724818c
("cyrpto/b128ops: Remove struct u128").

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Martin Schiller
c7648273d0 kernel: ltq-vectoring: Avoid flush_scheduled_work() usage
This fixes some compile warnings for linux 6.6.

Flushing system-wide workqueues is dangerous and will be forbidden.
Replace system_wq with local vectoring_wq.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Tony Ambardar
56b15913af libbpf: Update to v1.4.3
Update to the latest upstream release to include recent improvements and
bugfixes, and simplify use of PKG_SOURCE_VERSION.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.3
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-06-08 14:21:40 +02:00
Tony Ambardar
1cb489c784 kexec-tools: fix multiple compile errors
Add two patches to fix compile errors being repeatedly seen on OpenWrt CI.

The first is an upstream backport to fix this i386-related error:

  x86_64-openwrt-linux-musl-gcc  -mcmodel=large -I./purgatory/include
  -I./purgatory/arch/x86_64/include -I./util_lib/include -I./include -Iinclude
  -I/builder/shared-workdir/build/sdk/staging_dir/toolchain-x86_64_gcc-13.3.0_musl/lib/gcc/x86_64-openwrt-linux-musl/13.3.0/include
  -c -MD -o purgatory/arch/i386/entry32-16.o purgatory/arch/i386/entry32-16.S
  purgatory/arch/i386/entry32-16.S: Assembler messages:
  purgatory/arch/i386/entry32-16.S:23: Error: 64bit mode not supported on `i386'.

The second addresses an error using basename() on musl libc:

  kexec/arch/i386/x86-linux-setup.c: In function 'add_edd_entry':
  kexec/arch/i386/x86-linux-setup.c:332:20: warning: implicit declaration of function 'basename' [-Wimplicit-function-declaration]
    332 |         if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) {
        |                    ^~~~~~~~
  kexec/arch/i386/x86-linux-setup.c:332:20: warning: passing argument 1 of 'sscanf' makes pointer from integer without a cast [-Wint-conversion]
    332 |         if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) {
        |                    ^~~~~~~~~~~~~~~~~~~~
        |                    |
        |                    int
  ...

Fixes: #14621
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-06-08 14:08:38 +02:00
Robert Marko
80d1c353b7 Revert "base-files: Ignore exit code of uci.sh inclusion"
This reverts commit 17d8c5825e.
This commit is breaking init somehow, even the hostname is not set,
so until its fixed, revert it.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-08 12:57:18 +02:00
Paul Spooren
17d8c5825e base-files: Ignore exit code of uci.sh inclusion
When running unit tests this causes trouble since `/lib/config/uci.sh`
isn't available in those cases. Instead exit with a clean status fo the
unit test framework don't wrongly interpret things as an error.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-06-07 21:49:09 +02:00
Tianling Shen
4edde98768 mediatek: fix wps button for nokia ea0326gmp
The gpio is actually low active, fix it.

Fixes: 40e7fab9e4 ("mediatek: add Nokia EA0326GMP support")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15651
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-07 14:19:39 +02:00
Felix Fietkau
b9650de249 mac80211: backport an upstream patch needed by mt76 for AES_GMAC key support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-07 06:02:13 +02:00
Paul Spooren
eea666d583
apk: bump to 2024-05-23
containing fixes around tar and internal checksums.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Link: https://github.com/openwrt/openwrt/pull/15646
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-06 19:20:59 +02:00
Tim Harvey
892b654629 kernel: modules: video: adapt imx modules for 6.6
the ipuv3 based video kernel modules moved into the ipuv3 directory for
6.6.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2024-06-06 22:04:23 +02:00
Tim Harvey
eebe2d1a83 kernel: modules: video: fix imx-ldb
Commit ae8bf1a26e ("imx: add imx8m support") configured the
drm-imx-ldb kmod for imx_cortexa9 and imx_cortexa7 however it is only
applicable to imx_cortexa9 (imx6).

Fix this so that we can avoid a missing module config for cortexa7 when
moving to the 6.6 kernel.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2024-06-06 22:04:23 +02:00
Rosen Penev
32671b36a1 mdadm: update to 4.3
Backport three patches, add one for GCC14, and add Alpine time_t patch for
musl.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-06-06 22:02:21 +02:00
Felix Fietkau
a3d1583317 Revert "hostapd: add support for authenticating with multiple PSKs via ubus helper"
This reverts commit c67d5189a4.
Revert until reported issues have been resolved

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-06 21:34:20 +02:00
Tianling Shen
40e7fab9e4 mediatek: add Nokia EA0326GMP support
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: 128 MB SPI-NAND
  RAM: 256MB
  Ethernet: 4x 10/100/1000 Mbps
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, WPS/Mesh
  Power: DC 12V 1A

Gain SSH access:
1. Login into web interface, and download the configuration.
2. Download the configration utilities:
   https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7981-nokia-ea0326gmp-config-utils.tar.gz
     These binaries are extraced from the factory firmware, which are
     dynamically linked with aarch64 musl 1.1.24. To use them, you
     must run them under the same runtime environment, otherwise the
     binaries will not work properly!
3. Upload the configuration and utilities to a suitable environment.
4. Uncompress the utilities, move them to '/bin' and give them executable permisison:
   tar -zxf openwrt-mediatek-mt7981-nokia-ea0326gmp-config-utils.tar.gz
   mv mkconfig seama /bin
   chmod +x /bin/mkconfig
   chmod +x /bin/seama
5. Decrypt and uncompress the configuration:
     Enter fakeroot if you are not login as root.
   mkconfig -a de-enca -m EA0326GMP_3FE79221BAAA -i EA0326GMP_3FE79221BAAA-xxxxxxxx-backup.tar.gz -o backup.tar.gz
   tar -zxf backup.tar.gz
6. Edit 'etc/config/dropbear', set 'enable' to '1'.
7. Edit 'etc/passwd', remove root password: 'root::1:0:99999:7:::'.
8. Repack the configuration:
   tar -zcf backup.tar.gz etc/
   mkconfig -a enca -m EA0326GMP_3FE79221BAAA -i backup.tar.gz -o EA0326GMP_3FE79221BAAA-xxxxxxxx-backup.tar.gz
9. Upload new configuration via web interface, now you can SSH to EA0326GMP.

A minimum configuration which enabled SSH access is also provided
to simplify the process:
https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7981-nokia-ea0326gmp-enable-ssh.tar.gz

Flash instructions:
1. SSH to EA0326GMP, backup everything, especially 'Factory' part.
2. Write new BL2:
   mtd write openwrt-mediatek-filogic-nokia_ea0326gmp-preloader.bin BL2
3. Write new FIP:
   mtd write openwrt-mediatek-filogic-nokia_ea0326gmp-bl31-uboot.fip FIP
4. Set static IP on your PC:
   IP 192.168.1.254/24, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, perform sysupgrade.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-06-06 18:56:32 +01:00
Felix Fietkau
c67d5189a4 hostapd: add support for authenticating with multiple PSKs via ubus helper
Also supports assigning a VLAN ID based on the PSK

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-06 11:47:59 +02:00
Daniel Golle
a6487e393b uboot-mediatek: snfi: FM35Q1GA is x4-only
Dont allow x2 read and cache read operations on FM35Q1GA as they seem
to be unstable. Also the Linux drivers does not allow x2 ops.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-05 21:05:52 +01:00
Daniel Golle
24bf241f8c arm-trusted-firmware-mediatek: import patchset for Fidelix flash on SNFI
Import pending patches to set pinconf settings for SPI-NAND pins on
MT7622 identical to what the old proprietary preloader did.

Should further increase the reliability of some SNFI-attached SPI-NAND
flash chips.

Link: https://github.com/mtk-openwrt/arm-trusted-firmware/pull/7
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-05 21:05:52 +01:00
Daniel Golle
4a2908f3bc arm-trusted-firmware-mediatek: update to MediaTek-patched v2.10.0
Update ARM TrustedFirmware-A to the most recent release of
MediaTek downstream patched version released 2024-01-17.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-05 21:05:52 +01:00
INAGAKI Hiroshi
fbeff10b5a mtd: enable trx feature on ramips
Enable trx feature of mtd command to fixup trx length and crc32 while
booting for some Buffalo devices.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2024-06-05 21:14:16 +02:00
Michał Kępień
3152c440bb yafut: sync version between tools/ and package/ directories
Use the same Yafut code revision for both updating devices with NAND
flash and preparing firmware images for devices with NOR flash.

Signed-off-by: Michał Kępień <openwrt@kempniu.pl>
Link: https://github.com/openwrt/openwrt/pull/13453
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-05 17:03:24 +02:00
Linus Walleij
5b3f6b4d96 kernel: modules: Break out a submenu for RTCs
There are too many RTC drivers in other.mk, they deserve their
own menu and .mk-file, so let's break them out to a separate
entity.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-06-04 09:28:25 +02:00
Fabrice Fontaine
58a5877846 package/utils/secilc: drop PKG_CPE_ID
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️selinuxproject:secilc

Fixes: 9ee7c1ec60 (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-02 20:49:48 +02:00
Hauke Mehrtens
e4f323ed56 uboot-tegra: Set UBOOT_USE_INTREE_DTC
U-Boot 2024.04 for tegra needs swig installed on the host, this
dependency is only checked if UBOOT_USE_INTREE_DTC is set. add the
missing definition.

Fixes: 6832faf340 ("uboot-tegra: bump version to 2024.04")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-06-02 18:06:39 +02:00
Hauke Mehrtens
8647ce0800 kernel: Split kmod-video-dma into two kmods
Split the kmod-video-dma into kmod-video-dma-sg and
kmod-video-dma-contig. The old one contained two kmods, but sometimes
only one of them is build which caused problems. The configuration
options are not manually selectable in the kernel and hidden in OpenWrt.

Currently this causes build failures on some targets.

Fixes: 4d7cbe0a55 ("kernel: video-dma: explicitly state packaged modules")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-06-02 17:38:23 +02:00
Zoltan HERPAI
8619d7af67 kirkwood: add D-Link DNS-320L support
Dual-slot NAS based on Marvell Kirkwood.

Specifications:
 - Marvell 88F6702 @1GHz
 - 256Mb RAM
 - 128Mb NAND
 - 1x GbE LAN (Marvell 88E1318R)
 - 1x USB 2.0
 - 2x SATA
 - Weltrend WT69P3 ("supervisor" MCU chip)
 - Serial on J2 (115200,8n1)
 - Newer bootROM so kwboot-ing via serial is possible

Notes:
 - The Weltrend MCU is controlled by the package added in utils/dns320l-mcu.
 - The original MAC address is stored in the "mini firmware" image's first
   17 bytes.
 - Compared to the original MTD layout, the uImage+rootfs are now stored in
   a common ubi partition.

Installation:
1. Serial console
 - Connect your levelshifter to the serial console
   on J2 (refer to the wiki page for pinout)
2. Update u-boot
 - Download the u-boot.kwb image for the device
 - Powercycle the NAS
 - Run "kwboot -b u-boot-dns320l/u-boot.kwb /dev/ttyUSB0 -p"
 - Connect to the serial console with minicom
 - tftp 0x0800000 u-boot-dns320l/u-boot.kwb
   (Please note that "PHY reset timed out" seems to be customary
    on kirkwood devices, the egiga0 interface works regardless.)
 - nand erase 0x0 100000
 - nand write 0x0800000 0x0 0x100000
 - reset
3. Install OpenWrt
 - Boot up the initramfs image
 - tftpboot 0x800000 openwrt-kirkwood-generic-dlink_dns320l-initramfs-uImage; bootm 0x800000
 - Download the sysupgrade image and perform sysupgrade

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Reviewed-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-06-01 01:29:09 +02:00
Tomasz Maciej Nowak
4d7cbe0a55 kernel: video-dma: explicitly state packaged modules
Because wildcard in variable stating packaged modules, the filtering for
built-in kernel modules didn't work and would cause a packaging failure.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2024-05-31 14:38:17 +02:00
Tony Ambardar
87d5d38e2a ply: add dynamic tracing package using BPF
ply is a light-weight dynamic tracer for Linux that leverages the kernel's
BPF VM in concert with kprobes/tracepoints to attach probes to arbitrary
points in the kernel.

Most tracers that generate BPF bytecode are based on the LLVM-based BCC
toolchain; ply on the other hand has no external dependencies outside libc,
making it suitable for use on constrained embedded systems.

Currently ply supports x86_64, aarch64, arm, riscv64, riscv32, powerpc,
mips(el), and mips64(el) architectures.

Further documentation, examples and implementation details may be found at:
https://github.com/iovisor/ply.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-05-31 11:51:45 +02:00
Rosen Penev
2f4bb69664 packages: refresh patches
CI is supposed to catch all of these. Some of these predate CI.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-05-31 11:30:06 +02:00
Hauke Mehrtens
0cf4c8a986 kernel: Add CONFIG_FB_DEVICE to kmod-fb
At least kmod-fb-tft depends on CONFIG_FB_DEVICE and can not be
activated without it.

This configuration option was added with kernel 6.6, before this featre
was always activated.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-31 11:27:17 +02:00
Rui Salvaterra
2ae1330a22 iproute2: update to 6.9.0
Support for iptables action has been dropped. Remove tc-mod-iptables and related
patch (175-reduce-dynamic-syms.patch).

We also add the missing libbpf dependency for `ss` since iproute 8740ca9
("ss: add support for BPF socket-local storage") now means that `ss` requires
libbpf as well.

Fix 170-ip_tiny.patch, as the help text didn't match all the included functions.

Drop upstreamed patches 402-bpf-fix-warning-from-basename.patch
and 403-bpf-include-libgen.h-for-basename.patch.

All other patches automatically rebased.

Co-authored-by: Rany Hany <rany_hany@riseup.net>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 11:13:31 +02:00
Rany Hany
b2e0775bc6 iproute2: fix build on GCC 14
Upstream patches:

401-bridge-vlan.c-bridge-vlan.c-fix-build-with-gcc-14-on.patch
402-bpf-fix-warning-from-basename.patch
403-bpf-include-libgen.h-for-basename.patch

The patch (400-rdma-include-libgen.h-for-basename.patch) was not
submitted upstream but just adds a missing include for basename.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 11:13:31 +02:00
Rany Hany
a41747ac8e mbedtls: fix build on GCC 14
Without this patch, GCC 14 incorrectly complains about the following error:

In file included from /home/user/workspace/mbedtls/library/ctr_drbg.c:13:
In function ‘mbedtls_xor’,
    inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:17: error: array subscript 48 is outside array bounds of ‘unsigned char[48]’ [-Werror=array-bounds=]
  235 |         r[i] = a[i] ^ b[i];
      |                ~^~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:335:19: note: at offset 48 into object ‘tmp’ of size 48
  335 |     unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
      |                   ^~~
In function ‘mbedtls_xor’,
    inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:24: error: array subscript 48 is outside array bounds of ‘const unsigned char[48]’ [-Werror=array-bounds=]
  235 |         r[i] = a[i] ^ b[i];
      |                       ~^~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:333:57: note: at offset 48 into object ‘data’ of size [0, 48]
  333 |                                     const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN])
      |                                     ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘mbedtls_xor’,
    inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:14: error: array subscript 48 is outside array bounds of ‘unsigned char[48]’ [-Werror=array-bounds=]
  235 |         r[i] = a[i] ^ b[i];
      |         ~~~~~^~~~~~~~~~~~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:335:19: note: at offset 48 into object ‘tmp’ of size 48
  335 |     unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
      |                   ^~~

This change adds a basic check to silence the warning until a solution is worked on upstream.
As this check is already used by another compiler, it shouldn't cause any issues for us.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 10:33:06 +02:00