Commit Graph

21216 Commits

Author SHA1 Message Date
Konstantin Demin
a97e0dad6e dropbear: 'rsakeyfile' -> 'keyfile' transition
end users should have done this since OpenWrt 19.07.
if they didn't do this yet - perform auto-transition.

schedule 'rsakeyfile' removal for next year release.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
ff1ccd85e8 dropbear: failsafe: handle all supported key types
dropbear may be configured and compiled with support for different host key types

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
55218bcedb dropbear: minor config reorder
move DROPBEAR_ASKPASS under DROPBEAR_DBCLIENT (in all meanings)

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
c87a192386 dropbear: split U2F/FIDO support
these options allow one to configure U2F/FIDO support in more granular way

inspired by upstream commit aa6559db

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
bf900e02c7 dropbear: add option to enable modern crypto only
reduces binary/package size and increases overall performance

also:
- adjust 910-signkey-fix-use-of-rsa-sha2-256-pubkeys.patch
  to build without DROPBEAR_RSA/DROPBEAR_RSA_SHA256

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
88c8053d47 dropbear: adjust allowed shell list
this takes an effect only if getusershell(3) is missing

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
7f6fcaa3bf dropbear: honor CONFIG_TARGET_INIT_PATH
fixes 65256aee

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
2d9a0be307 dropbear: disable two weak kex/mac algorithms
hmac-sha1 and diffie-hellman-group14-sha1 are weak algorithms.
A future deprecation notice of ssh-rsa (2048-bit) has been issued. [1]

It has no place in a potentially internet-facing daemon like dropbear.
Upstream has acknowledged this and offered this solution to disable
these two until this is made to be the default in the next release
of dropbear next year. [2]

1. https://www.openssh.com/txt/release-8.2
2. https://github.com/mkj/dropbear/issues/138

Signed-off-by: John Audia <therealgraysky@proton.me>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
0b277f8659 dropbear: minor config clarification
- "default n" is not needed: options are not selected by default
- wrap config on 80 characters width (assuming tab is 8 characters long)
- add feature cost size and security notes for DROPBEAR_AGENTFORWARD
  and DROPBEAR_DBCLIENT_AGENTFORWARD:
  describe why and where it should be disabled

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
fa849fd411 dropbear: better object cleanup
improves b78aae79

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
f2b2293663 dropbear: allow more complex configuration
- switch DB_OPT_COMMON and DB_OPT_CONFIG to comma-separated lists:
  this allows to have values with "|" in DB_OPT_COMMON and DB_OPT_CONFIG
  which is more likely to be than values with commas;
  use $(comma) variable for values with commas.
- sort DB_OPT_COMMON and DB_OPT_CONFIG to have "overrides" on top of list.
- allow DB_OPT_COMMON to have values with commas.
- allow to replace multiline definitions in sysoptions.h.

improves e1bd9645

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
b5cde26048 dropbear: cherry-pick upstream patches
critical fixes:
- libtommath: possible integer overflow (CVE-2023-36328)
- implement Strict KEX mode (CVE-2023-48795)

various fixes:
- fix DROPBEAR_DSS and DROPBEAR_RSA config options
- y2038 issues
- remove SO_LINGER socket option
- make banner reading failure non-fatal
- fix "noremotetcp" behavior
- don't try to shutdown a pty
- fix test for multiuser kernels

adds new features:
- option to bind to interface
- allow inetd with non-syslog
- ignore unsupported command line options with dropbearkey

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
d4dfb566e2 dropbear: bump to 2022.83
- update dropbear to latest stable 2022.83;
  for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- drop patches:
  - 001-fix-MAX_UNAUTH_CLIENTS-regression.patch
- rework patches:
  - 901-bundled-libs-cflags.patch
- refresh remaining patches

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Stephen Howell
d274867c21 lldpd: add option to force EDP
allow EDP support if compiled and add force EDP option

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
8b2d02e48c lldpd: only use snmp options when compiled in
prevent SNMP options being passed unless lldpd supports them

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
1b36d44323 lldpd: Update Makefile package release
increment Makefile package release to reflect changes to init script

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
a5f715da71 lldpd: add option for tx delay and tx hold
add option to set LLDP transmit delay, hold timers to set update frequency

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
4159acceeb lldpd: add option to set system platform
add option to override system platform instead of using kernel name

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
4ac134aa78 lldpd: add option to force SONMP enabled
add option to force SONMP to be enabled even when no peer detected

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
1be2088a52 lldpd: add option to force FDP on
add option to force FDP when no peers detected

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
b67182008f lldpd: set CDP version and allow forcing CDP on
add option to specify CDPv1 or CDPv2 and separately enable or force each

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
61dbe756d8 lldpd: allow disabling LLDP protcol
add option to allow LLDP disabling while using other supported protocols

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
ac771313eb lldpd: add portidsubtype option
add option portidsubtype to correct port identifiers and descriptions

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
c98ee4dbb3 lldpd: add agent-type option
add option to set agent-type to control propogation

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
24176a6bdd lldpd: add LLDP MED options
add option to enable LLDP MED fast-start and set fast-start timer

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
1753498b01 lldpd: option to disable LLDP-MED inventory TLV
add option to disable LLDP-MED inventory TLV transmission

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
058f284b1a lldpd: Init adds no-version option
add option to disable advertising kernel version

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
ac3ed75309 lldpd: Allow neighbour filtering
add filter option to init script.

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
064b4999ad lldpd: LLDPD binds to only specified interfaces
Bind to the configured system interfaces only. Switchport interfaces
are no longer ignored and uci interface values for LLDPD are honored.

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
e483c247dc lldpd: Init config read on reload
Init script reload with trigger to detect config file update.
Reload command added to attempt non-impactful lldpd reload where
lldpcli can be used to update config without process restart.
Config hash function used to track whether process restart is needed.

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Nick Hainke
21ca43d28a strace: update to 6.7
Release Notes:
https://github.com/strace/strace/releases/tag/v6.7

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-07 20:13:06 +01:00
Florian Eckert
c6fabd0bc3 base-files/leds: add setting the LED color via uci
Add the possibility that colored LEDs can also be configured via the uci.

config led 'led1'
	option name '<name>'
	option sysfs '<path>'
	option trigger 'default-on'
	option default '1'
-->	option color_{$color} '<0-255>'

The supported names of the variable "${color}" for the selected LED can be
queried in the file with the name 'multi_index'.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-02-07 15:34:43 +01:00
Florian Eckert
3aa812d8be base-files/leds: merging code sequences that belongs together
Setting the trigger and checking whether the trigger can be set belong
together and should not be interrupted by other lines of code.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-02-07 15:34:43 +01:00
Florian Eckert
102855b3c1 base-files/leds: save led color value if available
There are monochrome LEDs that can only display one color. However, there
are also LEDs that can display multiple colors. This can be tested in the
led subsystem of the kernel if the files 'multi_index' and 'multi_intensity'
are present in the folder '/sys/class/leds/<ledname>'.

Until now it was not possible to reset the default color. This commit adds
the missing information in the file '/var/run/led.state' so that the bootup
color can be seen on the LED again when the LED configuration has been changed.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-02-07 15:34:43 +01:00
Nick Hainke
1c02b874fa kexec-tools: update to 2.0.28
Release Notes:
- https://www.spinics.net/lists/kexec/msg32139.html
- https://www.spinics.net/lists/kexec/msg33447.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-06 12:10:05 +01:00
Felix Fietkau
4cd8ae67c5 wifi-scripts: fix copy&paste issue in metadata
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-06 10:47:22 +01:00
Álvaro Fernández Rojas
c9e6045032 kernel: modules: video: add missing video-mem2mem symbol
v4l2-mem2mem.ko needs CONFIG_V4L2_MEM2MEM_DEV symbol.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-02-05 18:25:16 +01:00
Álvaro Fernández Rojas
ee79da92dc kernel: modules: video: add missing video-videobuf2 symbol
videobuf2-v4l2.ko needs CONFIG_VIDEOBUF2_V4L2 symbol.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-02-05 18:25:16 +01:00
Álvaro Fernández Rojas
5c48b65738 kernel: modules: video: remove v4l2-common from video-core
v4l2-common.ko was merged into videodev.ko and no longer exists.

Fixes: ac5671f46c ("kernel: remove obsolete kernel version switches for 4.19")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-02-05 18:25:16 +01:00
Yuu Toriyama
b463737826 wireless-regdb: update to 2024.01.23
The maintainer and repository of wireless-regdb has changed.
    https://lore.kernel.org/all/CAGb2v657baNMPKU3QADijx7hZa=GUcSv2LEDdn6N=QQaFX8r-g@mail.gmail.com/

Changes:
    37dcea0 wireless-regdb: Update keys and maintainer information
    9e0aee6 wireless-regdb: Makefile: Reproducible signatures
    8c784a1 wireless-regdb: Update regulatory rules for China (CN)
    149c709 wireless-regdb: Update regulatory rules for Japan (JP) for December 2023
    bd69898 wireless-regdb: Update regulatory rules for Singapore (SG) for September 2023
    d695bf2 wireless-regdb: Update and disable 5470-5730MHz band according to TPC requirement for Singapore (SG)
    4541300 wireless-regdb: update regulatory database based on preceding changes

Signed-off-by: Yuu Toriyama <PascalCoffeeLake@gmail.com>
2024-02-04 18:47:07 +01:00
Felix Fietkau
114190d8ae mt76: update to Git HEAD (2024-02-03)
a9693e1979c2 linux-firmware: add firmware for MT7996
0258dc90e3a1 wifi: mt76: mt7603: fix reading target power from eeprom
3e81173d9e2b wifi: mt76: mt7603: initialize chainmask
786a339bac36 wifi: mt76: mt7996: fix fortify warning
bc37a7ebc267 wifi: mt76: mt7996: fix fw loading timeout
027bab6a88a3 wifi: mt76: usb: create a dedicated queue for psd traffic
e8909c610c3b wifi: mt76: usb: store usb endpoint in mt76_queue
8b3d96fa4ead wifi: mt76: mt792xu: enable dmashdl support
7864d7ad0ed0 wifi: mt76: mt76x2u: add netgear wdna3100v3 to device table
27c81f7c1480 wifi: mt76: mt7925: fix connect to 80211b mode fail in 2Ghz band
b7443c63069a wifi: mt76: mt7925: fix SAP no beacon issue in 5Ghz and 6Ghz band
bab721a65f5a wifi: mt76: mt7925: fix mcu query command fail
1f0f71ed81e8 wifi: mt76: mt7925: fix wmm queue mapping
bcfe2ad966f3 wifi: mt76: mt7925: fix fw download fail
f982c3d67a29 wifi: mt76: mt7925: fix WoW failed in encrypted mode
6a72716ec213 wifi: mt76: mt7925: fix the wrong header translation config
50928b7e1359 wifi: mt76: mt7925: add flow to avoid chip bt function fail
762ab4530e8f wifi: mt76: mt7925: add support to set ifs time by mcu command
87deaf82efa4 wifi: mt76: mt7925: update PCIe DMA settings
c190c1576522 wifi: mt76: mt7925: support temperature sensor
025d5734caba wifi: mt76: mt7996: check txs format before getting skb by pid
4768bfa2baca wifi: mt76: mt7996: fix TWT issues
a65e3eced907 wifi: mt76: mt7996: disable AMSDU for non-data frames
d71716d93aee wifi: mt76: mt7996: fix incorrect interpretation of EHT MCS caps
f21728f3f4bd wifi: mt76: mt7996: ensure 4-byte alignment for beacon commands
68dad7dacd2a wifi: mt76: mt7996: fix HE beamformer phy cap for station vif
66a28f340cdc wifi: mt76: mt7996: mark GCMP IGTK unsupported
b47ad8a7764e wifi: mt76: mt7996: fix efuse reading issue
c2fc7dae7b72 wifi: mt76: mt7996: remove TXS queue setting
e0f1ed168ed5 wifi: mt76: mt7996: add locking for accessing mapped registers
d0cc92c1fd08 wifi: mt76: connac: set correct muar_idx for mt799x chipsets
ae0c62279adc wifi: mt76: mt7996: fix HIF_TXD_V2_1 value
ecc14276af54 wifi: mt76: mt792x: fix ethtool warning
9827df56b241 wifi: mt76: move wed common utilities in wed.c
dccbd2598505 wifi: mt76: mt7925: fix the wrong data type for scan command
9907f4f20261 wifi: mt76: mt792x: add the illegal value check for mtcl table of acpi
1b088a7ac06d wifi: mt76: mt7921e: fix use-after-free in free_irq()
f3c5b4820d7f wifi: mt76: mt7925e: fix use-after-free in free_irq()
d75eac9f5531 wifi: mt76: mt7921: fix incorrect type conversion for CLC command
7bd5401f5bb1 wifi: mt76: mt792x: fix a potential loading failure of the 6Ghz channel config from ACPI
ea55196bc4a0 wifi: mt76: mt792x: update the country list of EU for ACPI SAR
6124ea9135ed wifi: mt76: mt7921: fix the unfinished command of regd_notifier before suspend

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-03 16:21:16 +01:00
Felix Fietkau
e772b75d5d broadcom-wl: remove package
Also remove remaining wireless extension support, since this package
was the only in-tree user of it

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-03 16:16:36 +01:00
Felix Fietkau
0e3f147574 wifi-scripts: add script to add phy capabilities to board.json
Useful for UI and config generators. Will be used as intermediate
step for generating the default wifi configuration

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-03 16:16:36 +01:00
Felix Fietkau
2716853132 wifi-scripts: add new package, move wifi scripts to a single place
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-03 16:16:36 +01:00
Tim Harvey
dd53aeaaa2
kernel: modules: video: fix video-coda for 6.1
The coda kernel modules were moved between 5.15 and 6.1.
Adapt the coda-vpu and imx-vdoa modules for that.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2024-02-02 17:31:44 +01:00
Tim Harvey
f91286a436
kernel: modules: video: fix drm-imx for 6.1
Linux 6.1 changed DRM_GEM_DMA_HELPER to a module (drm_dma_helper.ko).

Add this to the drm-imx to fix module dependencies.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2024-02-02 17:31:44 +01:00
Lech Perczak
93cc4f784d
kernel: modules: video: fix kmod-imx-pxp build for 6.1
Location of the module file was changed between 5.15 and 6.1. Adapt the
recipe for that.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2024-02-02 17:31:44 +01:00
Tim Harvey
76b0d24157
kernel: modules: video: fix video-core for 6.1
Linux 6.1 wraps core video drivers in a MEDIA_PLATFORM_DRIVERS submenu.
Enable that for 6.1 and add some new necessary undefines to
target/linux/generic/config-6.1 to avoid build failures.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2024-02-02 17:31:44 +01:00
Lech Perczak
6a78fb0a9e
kernel: modules: video: fix kmod-video-imx-ldb build under 6.1
drm_dp_aux_bus.ko isn't built or required anymore under kernel 6.1. Mark
that in the recipe.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2024-02-02 17:31:43 +01:00
Lech Perczak
92fb853bd7
kernel: modules: video: fix deps for kmod-drm-imx-hdmi for 6.1
kmod-drm-imx-hdmi depends on kmod-drm-display-helper since 6.1. Include
that in OpenWrt's recipes.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2024-02-02 17:31:43 +01:00
Nick Hainke
8456e84891 zlib: update to 1.3.1
Release Notes:
https://github.com/madler/zlib/releases/tag/v1.3.1

Refresh patch:
- 004-attach-sourcefiles-in-patch-002-to-buildsystem.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-02 17:26:29 +01:00
Daniel Kestrel
bb46f0484d lantiq: add support for AVM Fritzbox 7490
This adds support for the Fritzbox 7490 device. It contains two
SoCs, one Lantiq without WiFi and one QCA9558 with 2.4GHz
and 5 GHz WiFi. Only the Lantiq has access to the flash memory,
the Atheros runs fully from RAM and is booted by using a remoteproc
kernel module and is not supported with this commit.
The devices were manufactured with varying NAND chips which
requires Micron and non-Micron versions of the images.

Specifications:
 - SoC: Lantiq 500 MHz
 - RAM: 256 MB
 - Storage: 512 MB NAND, 1MB FLASH
 - Wireless, separate SOC QCA9558 with 128MB RAM (not supported yet):
   · Qualcomm-QCA9558 w/ 3×3 MIMO for 2.4GHz 802.11b/g/n
   · Qualcomm-QCA9880 w/ 3×3 MIMO for 5GHz 802.11a/ac
   · AG71xx ethernet
 - Ethernet: Built-in AR 803x, 7 port 4 phy switch,
   4x 1000/100/10 port, Port 5 is fixed and connected to the WASP SOC
 - Renesas µPD720202 USB3 PCIe, requires firmware binary on the device
 - VDSL2 modem

Unsupported:
 - DECT and ISDN telephony

Installation:
Check which NAND the device has by using the following procedure with
stock firmware:
Go to to http://<fritzbox_ip>/support.lua, download the support data
file and search for string "NAND device" to get the manufacturer kernel
output.
Use Micron image if Micron is displayed otherwise the non-Micron image.
Use the eva_ramboot.py script to boot the initramfs image. Follow the
procedure to interrupt booting by ftp into 192.168.178.1 within
5 seconds after poweron.
Then transfer the sysupgrade image to the device and run sysupgrade to
flash it to the NAND.
For making USB work, an renesas xhci firmware file (e.g. v2026) is
needed and it should be copied to /lib/firmware/ (file name
renesas_usb_fw.mem).

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2024-02-02 15:07:07 +01:00
David Bentham
d8f4453bf2 mediatek: add Comfast CF-E393AX support
Comfast CF-E393AX is a dual-band Wi-Fi 6 POE ceiling mount access point.

Oem firmware is a custom openwrt 21.02 snapshot version.

We can gain access via ssh once we remove the root password.

Hardware specification:
  SoC: MediaTek MT7981A 2x A53
  Flash: 128 MB SPI-NAND
  RAM: 256MB DDR3
  Ethernet: 1x 10/100/1000 Mbps built-in PHY (WAN)
            1x 10/100/1000/2500 Mbps MaxLinear GPY211C (LAN)
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976D
  LEDS: 1x (Red, Blue and Green)
  Button: Reset
  UART: 3.3v, 115200n8
  --------------------------
  | Layout |
  | ----------------- |
  | 4 | VCC GND TX RX | <= |
  | ----------------- |
  --------------------------

Gain SSH access:
1. Login into web interface (http://apipaddress/computer/login.html),
   and download the
   configuration(http://apipaddress/computer/config.html).

2. Rename downloaded backup config - 'backup.file to backup.tar.gz',
   Enter 'fakeroot' command then decompress the configuration:
   tar -zxf backup.tar.gz

3. Edit 'etc/shadow', update (remove) root password:
   With password =
   'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
   'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
   to
   Without password =
   'root::0:99999:7:::'
   'root::0:99999:7:::'

4. Repack 'etc' directory back to a new backup file:
   tar -zcf backup-ssh.tar.gz etc/
5. Rename new config tar.gz file to 'backup-ssh.file'
   Exit fakeroot - 'exit'

6. Upload new configuration via web interface, now you
   can SSH with the following:

   'ssh -vv -o HostKeyAlgorithms=+ssh-rsa \
   -o PubkeyAcceptedAlgorithms=+ssh-rsa root@192.168.10.1'.

   Backup the mtd partitions
   - https://openwrt.org/docs/guide-user/installation/generic.backup

7. Copy openwrt factory firmware to the tmp folder to install via ssh:

   'scp -o HostKeyAlgorithms=+ssh-rsa \
   -o PubkeyAcceptedAlgorithms=+ssh-rsa \
   *-mediatek-filogic-comfast_cf-e393ax-squashfs-factory.bin \
   root@192.168.10.1:/tmp/'

   'sysupgrade -n -F \
   /tmp/*--mediatek-filogic-comfast_cf-e393ax-squashfs-factory.bin'

8. Once led has stopped flashing - Connect via ssh with the
   default openwrt ip address - 'ssh root@192.168.1.1'

9. SSH copy the openwrt sysupgrade firmware and upgrade
   as per the default instructions.

Signed-off-by: David Bentham <db260179@gmail.com>
2024-02-02 13:01:38 +01:00
Ivan Pavlov
44cd90c49a openssl: update to 3.0.13
Major changes between OpenSSL 3.0.12 and OpenSSL 3.0.13 [30 Jan 2024]

  * Fixed PKCS12 Decoding crashes
    ([CVE-2024-0727])
  * Fixed Excessive time spent checking invalid RSA public keys
    ([CVE-2023-6237])
  * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
    CPUs which support PowerISA 2.07
    ([CVE-2023-6129])
  * Fix excessive time spent in DH check / generation with large Q parameter
    value ([CVE-2023-5678])

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
2024-02-02 08:46:52 +03:00
Daniel Golle
7eee094f01 uhttpd: bump PKG_RELEASE
Bump PKG_RELEASE which should have been done by commit 7b1c3068b7
("uhttpd: restart when interface to listen becomes available").

Fixes: 7b1c3068b7 ("uhttpd: restart when interface to listen becomes available")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-02 04:22:17 +00:00
Chukun Pan
dbe2a0c091
kernel: move gpio packages to gpio menu
Move gpio packages to the 'GPIO support' menu.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-02-01 17:04:54 +01:00
Chukun Pan
3d24668f99
kernel: modules: move gpio modules to gpio menu
Since we have the 'GPIO support' menu, it is strange to look up
gpio related modules in 'Other modules' menu. So move these
modules and put them in the gpio menu.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-02-01 17:04:54 +01:00
Chukun Pan
45554ffb96
kernel: modules: gpio.mk: renamed from gpio-cascade.mk
This can be used to place the gpio module, so rename it.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-02-01 17:04:51 +01:00
Chad Monroe
5a3f6c50ef
ucode: add libjson-c/host dependency
ensure host libjson-c is built prior to ucode

Signed-off-by: Chad Monroe <chad@monroe.io>
2024-02-01 16:22:11 +01:00
Daniel Golle
efcc100ef0 base-files: upgrade: nand.sh: mute umount error
Send error output of umount to /dev/null to mute error in case
ubiblock device has already been unmounted (which is usually the
case).
Gets rid of bogus error message:
umount: can't unmount /dev/ubiblock0_4: Invalid argument

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-01 00:52:54 +00:00
Daniel Golle
7b1c3068b7 uhttpd: restart when interface to listen becomes available
Currently uhttpd won't start with a listening interface configured if
the interface isn't already up at the time uhttpd starts. Make sure we
attempt to start uhttpd when it comes up.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-01 00:52:54 +00:00
Nick Hainke
097f0f035e libbsd: update to 0.11.8
Changelog:
edddd80 Release libbsd 0.11.8
dd0bdb5 test: Close all descriptors before initializing them for closefrom()
0813f37 build: Check out-of-tree builds in CI
df116b5 Adjust strlcpy() and strlcat() per glibc adoption
ecb44e1 Do not add a pointer to the NULL constant
459b7f7 Do not confuse code analyzers with out-of-bounds array access look alike
a44f885 test: Fix short-lived memory leak
3f5ca0a build: Add a coverage regex to the CI job
9d3e59a man: Use VARIANTS instead of ALTERNATIVES in libbsd(7)
f02562d man: Markup function references with Xr instead of Fn
b7367c9 build: Add missing dash to macro title bar
6777eb6 pwcache: Do not declare uidtb and gidtb when not used
d4e0cdc fgetln: Include <stdio.h> after <sys/*>
f41d6c1 build: Refactor GNU .init_array support check into a new m4 function
30b48ed build: Refactor linker script detection into a new m4 function
d0d8d01 build: Do not provide prototypes for arc4random() on Solaris
cf61ebb build: Do not build the progname module if it is not needed
73b25a8 build: Sort entries alphabetically
5434ba1 build: Conditionalize wcslcpy() and wcslcat() functions on macOS
dc1bd1a build: Conditionalize only id-from-name functions not the entire pwcache
edc746e build: Conditionalize getprogname()/setprogname on macOS
8f998d1 progname: Include <procinfo.h> if available
d08163b build: Check whether we need libperfstat on AIX
1186cf8 build: Annotate droppable functions for musl on next SOVERSION bump
6385ccc build: Conditionalize bsd_getopt() on macOS
c120681 Move the version script comments before the symbols
9fa0676 Port getprogname() to AIX
92337b1 Make getprogname() porting mandatory
90b7f3a test: Do not use /dev/null as compiler output file
426bf45 build: Add generated *.sym files to .gitignore
21d12b0 build: On macOS do not build functions provided by the system
bc65806 build: Select whether to include funopen() in the build system
8b7a4d9 build: Move Windows OS detection to the OS features section
ccbfd1c build: Remove __MUSL__ definition from configure
e0976d7 build: Add a new libbsd_strong_alias() macro and switch users to it
49c7dd1 build: Only emit link warnings for ELF objects
8622767 build: Use an export symbols file if there is no version script support
8f61036 build: Add -no-undefined libtool flag
ae7942b build: Do not override the default DEPENDENCIES for libbsd
a5faf17 Only use <stdio_ext.h> if present
06e8a1b Define _NSIG if it is not defined by the system
44824ac Declare environ if the system does not do so
1fb6c3f Use lockf() when flock() is not available
fe16f38 test: Use open_memstream() only if available
7c652a9 test: Do not hardcode root:root user and group names
ed2eb31 test: Fix closefrom() test on macOS
0f8bcdf test: Fix closefrom() test to handle open file descriptor limits
07192b3 test: Disable blank_stack_side_effects() on non-Hurd systems
ca3db5e build: Do not enable ASAN for musl CI pipelines
ff46386 man: Add HISTORY section to arc4random(3bsd)
4c6da57 man: Switch arc4random(3bsd) man page from OpenBSD to NetBSD
830dd88 doc: Remove written-by attribution
257800a build: Add support for sanitizer compiler flags
536a7d4 test: Exempt blank_stack_side_effects() from sanitizer checks
7ed5de0 test: Import explicit_bzero() sanitizer support changes from OpenBSD
05a802a test: Fix memory leaks in fpurge test
5962e03 man: Fix BSD and glibc versions
59a21c7 man: Update STANDARDS and HISTORY sections
7b4ebd6 include: Adjust closefrom() per glibc adoption
0dfbe76 build: Switch to debian:latest Docker image
dec783d build: Fix version script linker support detection
fe21244 include: Use __has_builtin to detect __builtin_offsetof support
ec88b7b funopen: Replace off64_t with off_t in funopen_seek()
2337719 man: Prune unneeded <sys/types.h> include in setproctitle(3)
5dea9da build: Improve C99 compatibility of __progname configure check
b9bf42d build: Enable -Wall for automake
e57c078 build: Add missing AM_PROG_AR macro call to configure.ac
80f1927 build: Fix configure.ac indentation
b7a8bc2 build: Require automake 1.11
e508962 build: Do not require funopen() to be ported
00b538f build: Terminate lists in variables with «# EOL»
5cfa39e build: Use «yes» instead of «true» for AC_CHECK_FUNCS cache value

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-30 10:39:21 +01:00
orangepizza
920414ca88
mbedtls: security bump to version 2.28.7
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for following security issues:

* Timing side channel in private key RSA operations (CVE-2024-23170)

  Mbed TLS is vulnerable to a timing side channel in private key RSA
  operations. This side channel could be sufficient for an attacker to
  recover the plaintext. A local attacker or a remote attacker who is
  close to the victim on the network might have precise enough timing
  measurements to exploit this. It requires the attacker to send a large
  number of messages for decryption.

* Buffer overflow in mbedtls_x509_set_extension() (CVE-2024-23775)

  When writing x509 extensions we failed to validate inputs passed in to
  mbedtls_x509_set_extension(), which could result in an integer overflow,
  causing a zero-length buffer to be allocated to hold the extension. The
  extension would then be copied into the buffer, causing a heap buffer
  overflow.

Fixes: CVE-2024-23170, CVE-2024-23775
References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-1/
References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/
Signed-off-by: orangepizza <tjtncks@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [formal fixes]
2024-01-29 09:28:41 +00:00
Álvaro Fernández Rojas
60ffcfdabc packages: drop bcm27xx-userland
bcm27xx-userland is deprecated and bcm27xx-utils should be used instead.
96a7334ae9

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-28 10:07:55 +01:00
Christian Marangi
7f0f838767
qca-ssdk: disable compiling qca8081 PHY driver in favor of upstream
Disable compiling qca8081 PHY driver in favor of upstream to better
support it and add better control of attached LEDs.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-27 19:04:11 +01:00
Álvaro Fernández Rojas
0c45d2cfc6 mac80211: brcm: fix warning on ARCH_BCM2835
Completely disable dump_survey code on ARCH_BCM2835 to fix defined but not
used warning.
512b762ddb (commitcomment-137899352)

Fixes: 512b762ddb ("mac80211: brcm: disable dump_survey on Raspberry Pi")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-27 10:30:47 +01:00
Felix Fietkau
5485d27f4d libubox: update to Git HEAD (2024-01-26)
6339204c212b CMakeLists.txt: bump minimum cmake version
c1be505732e6 udebug: fix crash in udebug_entry_vprintf with longer strings

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-26 21:08:07 +01:00
Álvaro Fernández Rojas
e5efc638a7 iwinfo: update to latest git HEAD
Adds MediaTek MT7916AN and Cypress CYW43455 (Raspberry Pi 5) devices.

a34977c devices: add device id for Cypress CYW43455
3eb34df devices: add device id for MediaTek MT7916AN

There are no ABI changes.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-26 18:29:54 +01:00
Álvaro Fernández Rojas
512b762ddb mac80211: brcm: disable dump_survey on Raspberry Pi
Enabling this causes slow iwinfo calls on Raspberry Pi and LuCI slows down
when wireless is enabled.
Fixes: https://github.com/openwrt/openwrt/issues/14013

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-26 18:29:22 +01:00
Álvaro Fernández Rojas
8dcc695633 mac80211: brcm: remove alternative DT firmware names patch
This patch has been reverted in the Raspberry Pi linux repository.
Also refresh the rest of the patches.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-26 18:29:22 +01:00
Christian Marangi
1b3259eb5c generic: 5.15: backport upstream Aquantia PHY firmware loader patches
Backport merged upstream patch that adds support for firmware loader
from NVMEM or attached filesystem for Aquantia PHYs.

Refresh all kernel patches affected by this change.

Also update the path for aquantia .ko that got moved to dedicated
directory upstream.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
[rmilecki: port to 5.15]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-01-26 17:52:24 +01:00
Felix Fietkau
e617fa33b5 mac80211: fix typo in getting path from board.json
Use json_get_vars in order to avoid getting bogus values when extra properties
are present

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-26 14:37:30 +01:00
Álvaro Fernández Rojas
a1364fcd09 bcm27xx: switch to bcm27xx-utils
bcm27xx-userland is now deprecated and utils should be used instead.
96a7334ae9

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-26 12:29:30 +01:00
Marty Jones
beccf65a93 linux-firmware: add Raspberry Pi 5 NVRAM
The RPi 5 expects the same NVRAM as the one from RPi 4 on a different file.

Signed-off-by: Marty Jones <mj8263788@gmail.com>
[Reword commit description, add missing PKG_RELEASE bump]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-25 17:46:46 +01:00
Rany Hany
59f67b2010 hostapd: fail R0KH and R1KH derivation when wpa_psk_file is used
When wpa_psk_file is used, there is a chance that no PSK is set. This means
that the FT key will be generated using only the mobility domain which
could be considered a security vulnerability but only for a very specific
and niche config.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-01-25 20:02:40 +01:00
Jesus Fernandez Manzano
e2f6bfb833 hostapd: fix 11r defaults when using SAE
When using WPA3-SAE or WPA2/WPA3 Personal Mixed, we can not use
ft_psk_generate_local because it will break FT for SAE. Instead
use the r0kh and r1kh configuration approach.

Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.ai>
2024-01-25 20:02:40 +01:00
Jesus Fernandez Manzano
cdc4c55175 hostapd: fix 11r defaults when using WPA
802.11r can not be used when selecting WPA. It needs at least WPA2.

This is because 802.11r advertises FT support in-part through the
Authentication and Key Management (AKM) suites in the Robust
Security Network (RSN) Information Element, which was included in
the 802.11i amendment and WPA2 certification program.

Pre-standard WPA did not include the RSN IE, but the WPA IE.
This IE can not advertise the AKM suite for FT.

Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.ai>
2024-01-25 20:02:40 +01:00
Felix Fietkau
195cf4b58d hostapd: remove obsolete function
Leftover from authsae, which was removed a long time ago

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-25 20:02:30 +01:00
Nick Hainke
aa06f68c52 libtracefs: update to 1.8
Changes:
67f3b2a libtracefs: version 1.8
8a1322f libtracefs utest: Add tests to use mapping if supported
0a65b79 libtracefs: Add tracefs_mapped_is_supported() API
805f650 libtracefs: Call mmap ioctl if a refresh happens
cf7e2a5 libtracefs: Fix tracefs_mmap() kbuf usage
3a26b26 libtracefs: Have nonblock tracefs_cpu reads set errno EAGAIN
2b5bb09 libtracefs: Have tracefs_mmap_read() include subbuf meta data
dee0448 libtracefs: Have mapping work with the other tracefs_cpu* functions
28eebc1 libtracefs: Have tracefs_cpu_flush(_buf)() use mapping
065d914 libtracefs: Use mmapping for iterating raw events
1124e0e libtracefs: Use tracefs_cpu_*_buf() calls for iterator
f43b293 libtracefs: Unmap mmap mapping on tracefs_cpu close
0d24516 libtracefs Documentation: Fix tracefs_cpu_snapshot_open() man pages
5ff31c0 libtracefs Documentation: Add tracefs_follow_events_clear() to main man page
0c7d9f7 libtracefs: Add man pages for tracefs_snapshot_*() functions
b2dc3e0 libtracefs sql: Rename TIMESTAMP_USECS_DELTA to TIMESTAMP_DELTA_USECS
585ec77 libtracefs: Force off trace mmapping
2ed14b5 libtracefs: Add ring buffer memory mapping APIs
173ffc0 libtracefs meson: Add option to disable samples
a55e2e8 libtracefs meson: Add option to disable documentation
93e20af libtracefs: Fix tracefs_instance_reset to clear synthetic events
a1ecbff libtracefs utest: Add more tests to test tracefs_sql()
975c37c libtracefs utest: Add matches to trace_sql() tests
0567e2d libtracefs synthetic: Handle hashed name variables
fcb3a83 libtracefs synthetic: Remove multiple adding of action in tracefs_synth_save()
a9dae65 libtracefs: Fix sqlhist used uninitialized error
fe7a467 libtracefs: Add updating and reading snapshot buffers
1ad57ab libtracefs: Add PID filtering API
d8726bf libtracefs: Also clear max_graph_depth on reset
eb4dd60 libtracefs: Add TIMESTAMP_USECS_DELTA to simplify SQL timestamp compares
8c57eb4 libtracefs: Add tracefs_instance_set/get_subbuf_size()
9bafb21 libtracefs: Add API to extract ring buffer statistics
141d25e libtracefs: Add tracefs_load_headers() API
ef3fae7 libtracefs: Add kerneldoc comments to tracefs_instance_set_buffer_size()
31acfe1 libtracefs utest: Add test to test tracefs_instance_set/get_buffer_percent()
3e6d975 libtracefs: Add tracefs_instance_clear() API
c4efaaf libtracefs: Add tracefs_instance_get/set_buffer_percent()
1e1cc54 libtracefs: Add API to read tracefs_cpu and return a kbuffer
7d395b1 libtracefs: Add tracefs_instance_file_write_number()
e34cbd8 libtracefs: Increase splice to use pipe max size
1f50965 libtracefs: Add API to remove followers from an instance or toplevel
576ee0b libtracefs: Reset tracing before and after unit tests
118b694 libtracefs: Free dynamic event list in utest
5159973 libtracefs: Free tracing_dir in case of remount
df563eb libtracefs: Free buf in clear_func_filter()
3cbac37 libtracefs: Free "missed_followers" of instance
0cbe56e libtracefs testing: Use one tep handle for most tests
adac30f libtracefs Documentation: Fix tracefs_event_file_exists() issues
07ab199 libtracefs: Pass enum value where expected instead of int
bb299b4 libtracefs: fix cscope makefile rule
420d677 libtracefs: Free "followers" when freeing instance
3f436fc libtracefs: Fix documentation of tracefs_trace_pipe_stream() flags
1fde9df libtracefs: Add explicit pthread dependency to meson
d1989ae tracefs-perf: Add missing headers for syscall() and SYS_* defines

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-25 17:31:50 +01:00
Nick Hainke
409052eade libtraceevent: update to 1.8.2
Changelog:
6f6d580 libtraceevent: 1.8.2
b29b192 kbuffer: Update kbuf->next in kbuffer_refresh
4b2286c kbuffer: Always walk the events to calculate timestamp in kbuffer_read_buffer()
ce0acec libtraceevent meson: Add libdl dependency to meson
15a0121 libtraceevent Documentation: Fix tep_kbuffer() prototype
85a2078 libtraceevent: 1.8.1
6b21b4c libtraceevent: Add tep_get_sub_buffer_data_size()
8cf5315 libtraceevent: 1.8
7a4d5b2 kbuffer: Add kbuffer_refresh() API
33bad32 kbuffer: Add kbuffer_subbuffer() API
f6bdff7 kbuffer: Add kbuffer_dup()
0582118 kbuffer: Add kbuffer_read_buffer()
014ca24 libtraceevent: Fix tep_kbuffer() to have kbuf assign long_size
afead9a libtraceevent: Add tep_get_sub_buffer_commit_offset()
3152506 libtraceevent plugins: Parse sched_switch "prev_state" field for state info
4be92aa libtraceevent: Bump meson version to >=0.58.0
9b2e543 libtraceevent: sync state char array with the kernel
5b89385 libtraceevent: Add option to disable documentation
a496a39 libtraceevent: Add tep_record_is_event() API

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-25 17:31:50 +01:00
Nick Hainke
6f90118533 iproute2: update to 6.7.0
Release Notes:
https://lwn.net/Articles/957171/

Remove patch "100-configure.patch" because support for ATM was dropped [0].

Manually refresh:
- 200-drop_libbsd_dependency.patch

Automatic refresh:
- 130-no_netem_tipc_dcb_man_vdpa.patch
- 140-keep_libmnl_optional.patch
- 145-keep_libelf_optional.patch
- 150-keep_libcap_optional.patch
- 155-keep_tirpc_optional.patch
- 190-fix-nls-rpath-link.patch
- 300-selinux-configurable.patch

[0] - https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=a66a73af6db74fdb64439316c69aa0e35dd02c47

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-25 16:08:25 +01:00
Nick Hainke
d82930c7c7 libxml2: update to 2.12.4
Release Notes:
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.4

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-24 16:40:15 +01:00
Christian Marangi
b34e6de7da
ubox: update to Git HEAD (2024-01-24)
2c5887cb4688 kmodloader: fix invalid read outside mapped region

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-24 13:08:36 +01:00
Chuanhong Guo
1b7e62b20b mediatek: drop NMBM layout for Xiaomi WR30U
This reverts commit dcdcfc1511.

This is a firmware for third-party u-boot mod, which should not
be carried here by us.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2024-01-23 19:24:32 +08:00
Jo-Philipp Wich
039f8a1241 wireguard-tools: avoid redundant jsonfilter calls
Use a single jsonfilter expression to yield the list of logical wireguard
interface names in shell compatible notation.

Supersedes: #12344
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-01-23 09:19:35 +01:00
Jo-Philipp Wich
33f15dd6d4 jsonfilter: update to Git HEAD (2024-01-23)
013b75ab0598 jsonfilter: drop legacy json-c support
594cfa86469c main: fix spurious premature parse aborts in array mode

Fixes: https://bugs.openwrt.org/?task_id=3683
Fixes: https://github.com/openwrt/openwrt/issues/8703
Fixes: https://github.com/openwrt/openwrt/issues/11649
Fixes: https://github.com/openwrt/openwrt/issues/12344
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-01-23 09:07:16 +01:00
Christian Marangi
b66a340837
fstools: update to Git HEAD (2024-01-22)
2171f6261556 libfstools: force mkfs when formatting overlay
08cd7083cac4 libfstools: fit: improve fit_volume_find string handling

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-22 01:46:43 +01:00
Christian Marangi
4d2a82a73c
ubox: update to Git HEAD (2024-01-22)
b2f6da671f7c kmodloader: Fix NULL pointer dereferences error
202d7c05029a kmodloader: fix memory leak in print_modinfo
6cf7d837ee7e kmodloader: fix TOCTOU problem with scan_builtin_modules

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-22 01:28:52 +01:00
Tianling Shen
7939df9587 uboot-rockchip: Update to 2024.01
Runtime tested on Orange Pi R1 Plus LTS and NanoPi R4S.

Removed upstreamed patches:
- 100-rockchip-rk3328-Add-support-for-Orange-Pi-R1-Plus.patch
- 101-rockchip-rk3328-Add-support-for-Orange-Pi-R1-Plus-LT.patch
- 103-rockchip-rk3568-Add-support-for-FriendlyARM-NanoPi-R.patch
- 104-rockchip-rk3568-Add-support-for-FriendlyARM-NanoPi-R.patch

Refreshed remaining patches.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-01-20 21:11:22 +01:00
Tianling Shen
d531c34479 arm-trusted-firmware-rockchip: Update to 2.10
Runtime tested on Orange Pi R1 Plus LTS (RK3328) and NanoPi R4S (RK3399).

Changelog: https://trustedfirmware-a.readthedocs.io/en/v2.10/change-log.html

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-01-20 21:11:22 +01:00
Linus Walleij
f1a447bdb5 uboot-bcm53xx: bump to 2024.01
Bump the U-Boot version used for BCM53xx to the 2024.01
version that includes all the needed patches upstream, so we
can get rid of those in the process.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-01-20 19:38:20 +01:00
Paul Spooren
10180295b8 busybox: switch to sha256 for passwd
Right now sha256 is considered more secure than md5, use it to harden
against password decryption.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-01-20 13:22:58 +00:00
Paul Spooren
86e3016896 busybox: enable sha hash for /etc/shadow
It appears `md5` is no longer state of the art. Let's switch it to
something slightly newer to increase security.

Suggested-by: abnoeh <abnoeh@mail.com>
Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-01-20 13:22:58 +00:00
Christian Marangi
ced3fbcda1
ubox: update to Git HEAD (2024-01-15)
11cb29e15d68 kmodloader: remove unneeded uname() call
811ca6c2234a kmodloader: fix memory leak in scan_loaded_modules()
8c95fc7039cb kmodloader: support loadable module parameters in modinfo
4ffc29e4041c kmodloader: add basic support for builtin modules
ba3908351232 kmodloader: add modinfo support for builtin modules
c006dccecb6f kmodloader: cleanup duplicated mmap() code

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-19 21:45:19 +01:00
Tianling Shen
c0c3234e17 mediatek: add support for JDCloud RE-CP-03
Hardware specification:
  SoC: MediaTek MT7986A 4x A53
  Flash: 128GB eMMC
  RAM: 1GB DDR4
  Ethernet: 4x 1GbE, 1x 2.5GbE (RTL8221B)
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, Joylink
  Power: DC 12V 2A

Flash instructions:
1. Download and flash the vendor migration firmware via webUI:
   https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7986-jdcloud_re-cp-03-vendor-migration.bin
   (Default address is 192.168.68.1, user root, no password)
2. After device has booted up, write new GPT table:
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-gpt.bin of=/dev/mmcblk0 bs=512 seek=0 count=34 conv=fsync
3. Erase and write new BL2:
   echo 0 > /sys/block/mmcblk0boot0/force_ro
   dd if=/dev/zero of=/dev/mmcblk0boot0 bs=512 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-preloader.bin of=/dev/mmcblk0boot0 bs=512 conv=fsync
4. Erase and write new FIP:
   dd if=/dev/zero of=/dev/mmcblk0 bs=512 seek=13312 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-bl31-uboot.fip of=/dev/mmcblk0 bs=512 seek=13312 conv=fsync
5. Set static IP on your PC:
   IP 192.168.1.254/24, GW 192.168.1.1
6. Serve OpenWrt initramfs image using TFTP server.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt has booted, perform sysupgrade.
9. Additionally, if you want to have eMMC recovery boot feature:
     (Don't worry! You will always have TFTP recovery boot feature.)
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-initramfs-recovery.itb of=/dev/mmcblk0p4 bs=512 conv=fsync

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-01-19 21:43:32 +01:00
Tianling Shen
6fa4fbbc52 uboot-mediatek: add support for JDCloud RE-CP-03
The vendor U-Boot has enabled signature verification, so add
a custom U-Boot build for OpenWrt.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-01-19 21:43:32 +01:00
Felix Fietkau
a28cedbdab mt76: update to Git HEAD (2024-01-18)
83e3947e2c52 linux-firmware: update firmware for MT7922 WiFi device
ddaa8cb6e81a linux-firmware: update firmware for MT7921 WiFi device
f83b1601cc10 linux-firmware: update firmware for MT7922 WiFi device
61d334ab0f33 linux-firmware: add firmware for MT7925
a7836e4c8a60 wifi: mt76: disable HW AMSDU when using fixed rate
a8571ebbcd95 wifi: mt76: check txs format before getting skb by pid
3d5890e2cab3 wifi: mt76: mt7915: fix error recovery with WED enabled
703c26d01197 wifi: mt76: mt7915: add locking for accessing mapped registers
f77188160441 wifi: mt76: mt7915: update mt798x_wmac_adie_patch_7976

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-19 10:59:23 +01:00
David Bauer
56d7887917 hostapd: ACS: Fix typo in bw_40 frequency array
[Upstream Backport]

The range for the 5 GHz channel 118 was encoded with an incorrect
channel number.

Fixes: ed8e13decc71 (ACS: Extract bw40/80/160 freqs out of acs_usable_bwXXX_chan())
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
2024-01-18 23:22:33 +01:00
Álvaro Fernández Rojas
90644fb2d0 bcm27xx-utils: update to latest version
Fixes build with GCC 13.
Disable LTO to fix build with CONFIG_USE_LTO.

Changelog:
e65f5ec eeptools: eepdump: init type before calling eepio_atom_start

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-18 12:47:37 +01:00
Álvaro Fernández Rojas
e57eb9f28e bcm27xx-utils: add new package
The raspberypi/userland repository has been deprecated and the RPi tools have
been moved to the raspberrypi/utils repository.
96a7334ae9

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-18 09:22:00 +01:00
Daniel Golle
a8cf9f860f uqmi: update to git HEAD
c3488b8 uqmi: cancel all requests on SYNC indication reception
dfa612e uqmi: improve response detection

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-01-16 23:36:37 +00:00
Álvaro Fernández Rojas
e8f5581701 bcm27xx-gpu-fw: update to latest version
raspberrypi/firmware is about 40G, so getting the full history log isn't an
option.
There have been multiple improvements and also support for the RPi 5 has been
added.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-01-16 13:57:14 +01:00
Marty Jones
3df664101a bcm27xx-userland: update to latest version
This is the last update for bcm27xx-userland as it has been
deprecated but funcional up to raspberry pi 5.

96a7334 README: Update to make it clear that most code in this repo is deprecated
3c97f76 userland: dtoverlay: /boot/firmware is a valid path
153a235 Assorted clang static analysis fixes
eca070c bcm_host: Update kms/fkms check for pi5
06a7618 dtoverlay: Support bcm2712 as a platform
0489c07 dtoverlay: Add dtoverlay_first/next_subnode
a1c7f81 dtoverlay: Support literal assignments of path strings
44a3953 raspivid: Also flush PTS file if flush is enabled
cc1ca18 userland: dtoverlay: Use os_prefix if set
9d5250f libfdt: Add null-ptr check for prop-data to resolve clang --analyzer warning
50527c6 mmal: Only include Videocore components if not running on Videocore
df245ea tvservice: Update unsupported message to recommend kmsprint
de0cfe8 dtoverlay: Fix clang warnings
0182f05 dtoverlay: Fix various compiler warnings
2a6306b dtoverlay: Fix path rebasing and exports
d1e92d7 dtoverlay: Add support for string escape sequences
b1ee39e gencmd: Add a fallback to mailbox interface if vchiq is not available
54fd97a hello_pi: Fix some build issues

Signed-off-by: Marty Jones <mj8263788@gmail.com>
2024-01-16 13:57:14 +01:00
Philip Prindeville
95157dde04 base-files: functions.sh: prepend() always adds separator
It shouldn't gate on the value, since the value will ostensibly
always be set; instead it should depend on the variable being
prepended to being non-empty.

Fixes #14403

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2024-01-15 10:41:09 -07:00
Alexander Egorenkov
5bfdd83393
gettext-full: use autoreconf host fixup
To prevent use of host's library path on Void Linux:

   /usr/lib/libacl.so: file not recognized: file format not recognized
   collect2: error: ld returned 1 exit status
   libtool:   error: error: relink 'libgettextlib.la' with the above command before installing it

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
2024-01-15 17:35:31 +01:00
Christian Marangi
66527d28ea
fstools: update to Git HEAD (2024-01-15)
325d63d67006 mount_root: fix compilation error for wrong condition

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-15 17:31:47 +01:00
CheWei Chien
b33fa6ac90
kernel: add kmod-leds-lp5562 and kmod-leds-lp55xx-common
Add kernel module for lp5562 LED driver.
The kmod-leds-lp5562 depends on kmod-leds-lp55xx-common.

Signed-off-by: CheWei Chien <chewei.chien@wnc.com.tw>
2024-01-15 16:59:56 +01:00
Paweł Owoc
45f86a1278
ipq807x: fix whitespace usage
Replace with tab and remove unused whitespaces

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
2024-01-15 16:52:08 +01:00
Christian Marangi
0b23d3608c
base-files: add support for rootfs mount options from cmdline
Add support for configuring rootfs mount options from cmdline.

Rootfs mount options can be passed by declaring in the kernel
cmdline as much options as needed prefixed with "rootfs_mount_options."

An example usage is with rootfs with F2FS filesystem to enable
compress_algorithm to reduce flash wear by compressing the files before
writing to flash.

Example usage:
"... rootfs_mount_options.compress_algorithm=zstd ..."

To pass multiple options:
"... rootfs_mount_options.compress_algorithm=zstd rootfs_mount_options.noinline_data ..."

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-15 16:44:29 +01:00
Christian Marangi
ba9c1b1314
fstools: update to Git HEAD (2024-01-15)
97bacb70138a libfstools: query drivers by priority
41e619ed1352 block: recognize /dev/fit* block devices
bc3b8cdd3de3 libfstools: add uImage.FIT fitblk driver
846302d09246 libfstools: partname: raise priority to 25
1a5695925ecf mount_root: add support for passing args to mount_root start
1858a492c300 mount_root: permit to pass mount options for rootfs mount

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-01-15 16:37:11 +01:00
Felix Fietkau
912e573127 hostapd: add back missing function for updating wpa_supplicant macaddr list
Make the call deferred instead of blocking to avoid deadlock issues

Fixes: 3df9322771 ("hostapd: make ubus calls to wpa_supplicant asynchronous")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-13 16:12:34 +01:00
Felix Fietkau
12c8bba731 hostapd: fix an exception in hostapd.uc on interface add failure
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-13 15:22:27 +01:00
Felix Fietkau
5b8f188c0f Revert "mac80211: rework interface setup, fix race condition"
This reverts commit b7f9742da8.
There are several reports of regressions with this commit. Will be added
back once I've figured out and fixed the cause

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-13 11:19:34 +01:00
Felix Fietkau
b7f9742da8 mac80211: rework interface setup, fix race condition
Only tell netifd about vifs when the setup is complete and hostapd +
wpa_supplicant have been notified

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-11 10:40:43 +01:00
Felix Fietkau
d5a1de17ad mac80211.sh: fix deadlock on configuring multiple PHYs simultaneously
When hitting a timing window where ubus configuration calls are hitting hostapd
and wpa_supplicant simultaneously, they can deadlock waiting for each other.
Fix this by using a lock around the ubus calls.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-11 10:40:43 +01:00
Felix Fietkau
3df9322771 hostapd: make ubus calls to wpa_supplicant asynchronous
This fixes a deadlock issue where depending on the setup order, hostapd and
wpa_supplicant could end up waiting for each other

Reported-by: Michael-cy Lee (李峻宇) <Michael-cy.Lee@mediatek.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-11 09:15:54 +01:00
Uwe Niethammer
6b0db8592a uqmi: added timeouts in qmi.sh
Modems which are using qmi do not reply on the 1st sync but they do
on subsequent. Sometimes uqmi is hanging - even when using an early
dummy access to unlock the modem. To always guarantee a proper
initialisation, running or hanging uqmi processes must be stopped
before. All uqmi calls have now a timeout option -t to avoid hanging.

Signed-off-by: Uwe Niethammer <uwe@dr-niethammer.de>
2024-01-10 22:43:32 +01:00
Rafał Miłecki
1f11a4e283 uhttpd: handle reload after uhttpd-mod-ubus installation using postinst
Use postinst script to reload service instead of uci-defaults hack. It's
possible thanks to recent base-files change that executes postinst after
uci-defaults.

This fixes support for uhttpd customizations. It's possible (again) to
adjust uhttpd config with custom uci-defaults before it gets started.

Cc: Hauke Mehrtens <hauke@hauke-m.de>
Fixes: d25d281fd6 ("uhttpd: Reload config after uhttpd-mod-ubus was added")
Ref: b799dd3c70 ("base-files: execute package's "postinst" after executing uci-defaults")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-01-10 17:06:56 +01:00
Felix Fietkau
80e4e2285f mac80211: do not emit VHT160 capabilities if channel width is less than 160 MHz
Fixes compatibility issues with VHT160 capable clients

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-09 14:36:46 +01:00
Felix Fietkau
d864f68232 hostapd: add missing NULL pointer check on radar notification
Fixes a race condition that can lead to a hostapd crash

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-09 11:06:24 +01:00
Felix Fietkau
32d2443476 libubox: work around recent macOS linker change
rpath handling seems to be more restrictive now. To deal with this,
link the libubox library from STAGING_DIR_HOST to STAGING_DIR_HOSTPKG, so that
packages installed to STAGING_DIR_HOSTPKG can pick it up. This mainly affects
ucode, but possibly other host builds as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-09 11:06:24 +01:00
Manuel Fombuena
c7c2257f82 ipq-wifi: fix PKG_MIRROR_HASH
Incorrect PKG_MIRROR_HASH introduced on #14356

Fixes: 934873f451 ("ipq-wifi: bump version to 2024-01-06-71f45cff")
Signed-off-by: Manuel Fombuena <mfombuena@innovara.co.uk>
2024-01-08 23:58:30 +01:00
Manuel Fombuena
934873f451 ipq-wifi: bump version to 2024-01-06-71f45cff
673662f ipq8074: add Wallys DR8072V01 BDF
7e8b237 ipq40xx: add ZyXEL WSQ50 QCA4019 BDF
831c1bd ipq40xx: add ZyXEL WSQ50 QCA9984 BDF
f9ff251 ipq40xx: add ASUS MAP-AC2200 QCA9888 BDF
71f45cf ipq8074: Update MX4200 BDF

Signed-off-by: Manuel Fombuena <mfombuena@innovara.co.uk>
Reviewed-by: Robert Marko <robimarko@gmail.com>
2024-01-08 00:07:26 +01:00
David Bauer
1278d47bea mac80211: avoid crashing on invalid band info
Frequent crashes have been observed on MT7916 based platforms. While the
root of these crashes are currently unknown, they happen when decoding
rate information of connected STAs in AP mode. The rate-information is
associated with a band which is not available on the PHY.

Check for this condition in order to avoid crashing the whole system.
This patch should be removed once the roout cause has been found and
fixed.

Link: https://github.com/freifunk-gluon/gluon/issues/2980

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-01-07 23:06:17 +01:00
Dim Fish
7dbcc1215a mediatek: filogic: add support for Xiaomi AX3000T
**SoC**: MediaTek MT7981B 2x A53
  **Flash**: ESMT F50L1G41LB 128MB
  **RAM**: NT52B128M16JR-FL 256MB
  **Ethernet**: 4x 10/100/1000 Mbps
  **Switch**: MediaTek MT7531AE
  **WiFi**: MediaTek MT7976C
  **Buttons**: Reset, Mesh
  **Power**: DC 12V 1A

1. Get ssh access. Supported stock firmware **1.0.47**
   ```
   curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0Anvram%20set%20ssh_en%3D1%0A"
   curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0Anvram%20commit%0A"
   curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0Ased%20-i%20's%2Fchannel%3D.*%2Fchannel%3D%22debug%22%2Fg'%20%2Fetc%2Finit.d%2Fdropbear%0A"
   curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0A%2Fetc%2Finit.d%2Fdropbear%20start%0A"
   curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=********/api/misystem/arn_switch" -d "open=1&model=1&level=%0Apasswd%20-d%20root%0A
   ```

2. Backup stock partitions
   ```
   nanddump -f /tmp/BL2.bin /dev/mtd1
   nanddump -f /tmp/Nvram.bin /dev/mtd2
   nanddump -f /tmp/Bdata.bin /dev/mtd3
   nanddump -f /tmp/Factory.bin /dev/mtd4
   nanddump -f /tmp/FIP.bin /dev/mtd5
   nanddump -f /tmp/ubi.bin /dev/mtd8
   nanddump -f /tmp/KF.bin /dev/mtd12
   ```
   Then transfer them to your computer in a safe place.

3. Get firmware information `cat /proc/cmdline`

4. Copy openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-initramfs-factory.ubi to **/tmp** and flash
   If **firmware=0**
   ```
   ubiformat /dev/mtd9 -y -f /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-initramfs-factory.ubi
   nvram set boot_wait=on
   nvram set uart_en=1
   nvram set flag_boot_rootfs=1
   nvram set flag_last_success=1
   nvram set flag_boot_success=1
   nvram set flag_try_sys1_failed=0
   nvram set flag_try_sys2_failed=0
   nvram commit
   reboot
   ```
   If **firmware=1**
   ```
   ubiformat /dev/mtd8 -y -f /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-initramfs-factory.ubi
   nvram set boot_wait=on
   nvram set uart_en=1
   nvram set flag_boot_rootfs=0
   nvram set flag_last_success=0
   nvram set flag_boot_success=1
   nvram set flag_try_sys1_failed=0
   nvram set flag_try_sys2_failed=0
   nvram commit
   reboot
   ```

   Then reboot your router, it should boot to the OpenWrt initramfs system now.

5. Flash openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-squashfs-sysupgrade.bin
   `sysupgrade -n /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-squashfs-sysupgrade.bin`

1. Flash openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-initramfs-recovery.itb
   `ubiformat /dev/mtd8 -y -f /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-initramfs-recovery.itb`

   `reboot`

2. Install kmod-mtd-rw
   `opkg update && opkg install kmod-mtd-rw`

   `insmod /lib/modules/$(uname -r)/mtd-rw.ko i_want_a_brick=1`

3. Format ubi and create new ubootenv volume
   ```
   ubidetach -p /dev/mtd8; ubiformat /dev/mtd8 -y; ubiattach -p /dev/mtd8
   ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
   ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
   ```

4. *(Optional **-10Mb** free space) Add recovery boot feature.*
   ```
   ubimkvol /dev/ubi0 -n 2 -N recovery -s 10MiB
   ubiupdatevol /dev/ubi0_2 /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-initramfs-recovery.itb
   ```

5. Flash Openwrt U-Boot
   ```
   mtd write /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-preloader.bin BL2
   mtd write /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-bl31-uboot.fip FIP
   ```

6. Flash openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-squashfs-sysupgrade.itb
   `sysupgrade -n /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-squashfs-sysupgrade.itb`

1. Force flash openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-initramfs-recovery.itb
   `sysupgrade -F -n /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-initramfs-recovery.itb`

2. Format ubi and Nvram
   ```
   ubidetach -p /dev/mtd8; ubiformat /dev/mtd8 -y; ubiattach -p /dev/mtd8
   mtd erase Nvram
   ```

3. Install kmod-mtd-rw
   `opkg update && opkg install kmod-mtd-rw`

   `insmod /lib/modules/$(uname -r)/mtd-rw.ko i_want_a_brick=1`

4. Flash stock images from backup
   ```
   mtd write /tmp/BL2.bin BL2
   mtd write /tmp/FIP.bin FIP
   mtd write /tmp/ubi.bin ubi
   ```
   Then reboot your router, waiting it finished rollback in minutes.

   `ubiformat /dev/mtd7 -y -f /tmp/ubi.bin`
   Then reboot your router, waiting it finished rollback in minutes.

Signed-off-by: Dim Fish <dimfish@gmail.com>
2024-01-06 17:51:11 +01:00
Tony Ambardar
e1d8e57614 kernel: include modinfo for built-in modules
Add modules.builtin.modinfo to the kernel package, to support presence
testing using module aliases and printing module details with 'modinfo'.

With related kmodloader changes this adds ~2 KB to compressed image sizes.

     root@OpenWrt:/# modinfo unix
     name:           unix
     filename:       (builtin)
     alias:          net-pf-1
     license:        GPL

     root@OpenWrt:/# modprobe net-pf-1 && echo SUCCESS || echo FAIL
     SUCCESS

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-01-06 08:34:18 -08:00
Tony Ambardar
29f6da4340 kernel: include built-in module list
Add modules.builtin to the kernel package for improved handling of loadable
and builtin modules. As with other distros, this allows 'modprobe <module>'
to consistently return success for both loaded/built-in modules, a useful
feature for presence-testing.

Given OpenWrt's few built-in modules, this change and related kmodloader
support add ~1 KB to the compressed image size.

Using sch_fq_codel (builtin) and sch_cake (loadable) for example:

     root@OpenWrt:/# modprobe sch_fq_codel && echo SUCCESS || echo FAIL
     SUCCESS
     root@OpenWrt:/# modprobe sch_cake && echo SUCCESS || echo FAIL
     SUCCESS

     root@OpenWrt:/# rmmod sch_fq_codel
     module is builtin

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-01-06 08:34:17 -08:00
Mohammad Sayful Islam
46a2490e8f ipq807x: add support for Linksys MX4200 V1 and V2
Linksys MX4200 is a 802.11ax Tri-band router/AP.
Specifications:
* CPU: Qualcomm IPQ8174 Quad core Cortex-A53 1.4GHz
* RAM: 512MB of DDR3
* Storage: 512Mb NAND
* Ethernet: 4x1G RJ45 ports (QCA8075)
* WLAN:
	* 2.4GHz: Qualcomm QCN5024 2x2 802.11b/g/n/ax 574 Mbps PHY rate
	* 5GHz: Qualcomm QCN5054 2x2@80MHz or 2x2@160MHz 802.11a/b/g/n/ac/ax 2402 PHY rate
	* 5GHz: Qualcomm QCN5054 4x4@80MHz or 2x2@160MHz 802.11a/b/g/n/ac/ax 2402 PHY rate
* LED-s:
	* RGB system led

* Buttons: 1x Soft reset 1x WPS
* Power: 12V DC Jack

Installation instructions:
Open Linksys Web UI - http://192.168.1.1/ca or http://10.65.1.1/ca depending on your setup.
Login with your admin password. The default password can be found on a sticker under the device.
To enter into the support mode, click on the “CA” link and the bottom of the page.
Open the “Connectivity” menu and upload the squash-factory image with the “Choose file” button.
Click start. Ignore all the prompts and warnings by click “yes” in all the popups.
The Wifi radios are turned off by default. To configure the router, you will need to connect your computer to the LAN port of the device.
Then you would need to write openwrt to the other partition for it to work
- First Check booted partition
fw_printenv -n boot_part

- Then install Openwrt to the other partition if booted in slot 1:
mtd -r -e alt_kernel -n write openwrt-qualcommax-ipq807x-linksys_mx4200v(X)-squashfs-factory.bin alt_kernel

- If in slot 2:
mtd -r -e kernel -n write openwrt-qualcommax-ipq807x-linksys_mx4200v(X)-squashfs-factory.bin kernel

Replace (X) with your model version either 1 or 2

Signed-off-by: Mohammad Sayful Islam <sayf.mohammad01@gmail.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
2024-01-06 16:13:23 +01:00
Rany Hany
6ca8752a9c
mac80211: add missing newline for "min_tx_power"
This prevents min_tx_power from functioning properly in some circumstances.
Add the missing newline.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-01-05 16:33:52 +01:00
Hannu Nyman
4a5d1d0e95 devel/gdb: Update to 14.1
Update the gdb package to 14.1

* mpfr is now required, remove the 'without' and add dependency
* remove mpc 'without' that is parsed wrongly, causing "-Lno/lib"
* refresh patches

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2024-01-04 22:40:05 +01:00
Hannu Nyman
309c2cd4fb mpfr: import from packages feed
Import mpfr from the packages feed to the main OpenWrt repo,
as gdb 14 requires mpfr.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2024-01-04 22:40:05 +01:00
John Audia
5067863d67 linux/modules: remove deprecated module
Remove upstream deprecated module from our build, see[1]

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?h=v5.15.145&id=6cd90c01b032f335d18966b2d979eef43eb2cfc1

Suggested-by: Shiji Yang <yangshiji66@qq.com>
Signed-off-by: John Audia <therealgraysky@proton.me>
2024-01-04 22:25:17 +01:00
Felix Fietkau
438a97fab6 mac80211: fix a race condition related to enabling fast-xmit
fast-xmit must only be enabled after the sta has been uploaded to the driver,
otherwise it could end up passing the not-yet-uploaded sta via drv_tx calls
to the driver, leading to potential crashes because of uninitialized drv_priv
data.
Add a missing sta->uploaded check and re-check fast xmit after inserting a sta.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-04 18:01:31 +01:00
Nick Hainke
adf9133547 libnl: update to 3.9.0
Changes:
bdf83151 libnl-3.9.0 release
aa7353fd include/linux-private: import 'seg6 local' headers from kernel tree
9466f680 lib: remove unused assignment in nl_addr_parse()
acd05d6e route/tc: avoid integer overflow in rtnl_tc_calc_cell_log()
daa8efcb xfrm: return -NLE_MISSING_ATTR from xfrmnl_sa_get_auth_params()
d8a1ff30 xfrm: fix leaking usertemplate in xfrmnl_sp_parse()
4fcb0757 socket: workaround coverity warning about time_t handling
f743c62f github: update Fedora image and version for clang-format
f33e8cd6 clang-format: rework container script
aea3f9f2 lib: fix signed overflow warning in nl_object_diff()
57e01706 socket: explicitly cast time() to uint32_t
46e8739e src: fix leak in "nl-cls-add"
a06c8f76 route/cls: add get/take wrappers for rtnl_act_append()
7912b4f9 route/cls: fix leak in error handling of rtnl_flower_append_action()
efd65feb route: fix just introduced use-after-free in rtnl_act_parse()
105a6be1 route: use cleanup macro in rtnl_act_parse()
78246da7 nl-aux-route: add cleanup macro for rtnl_act_put_all()
72762b20 base: add _NL_AUTO_DEFINE_FCN_INDIRECT0() macro
a70f789a route: fix memleak in rtnl_act_parse()
65ab16f2 base: don't use static array indices for buffer argument of _nl_inet_ntop()
444e2c04 route/can: implement can_device_stats
a4718e67 github: build with "-fexceptions" CFLAGS
2f485cc7 xfrm: refactor error handling in XFRM parsing
01bd8fb0 include: add "nl-aux-xfrm" helpers
49c20efa xfrm: fix crashes in case of ENOMEM
9e7b5c86 xfrm: refactor nl_addr_build() calls in XFRM code
dbfd87b1 xfrm: use cleanup attribute for nl_addr in XFRM parsing
db424835 xfrm: fix error code for NLE_ENOMEM in xfrmnl_ae_parse()
9c97deff xfrm: fix parsing address in xfrmnl_ae_parse()
8b6dc834 nl-aux-core: add _nl_addr_build() helper
057aac13 nl-base-utils: add _nl_addr_family_to_size() helper
664f8f1b xfrm: clear XFRM_SP_ATTR_TMPL when removing the last template from a policy
c4c22d26 xfrm/sp: fix reference counters of sa selector/tmpl addresses
5979fcb0 route/link: add bonding interface options set rtnl apis
a735989c build: fix declaring special targets as ".PHONY"
052a97cb Makefile.am: avoid use of non-portable echo arguments
9aab12df python: Use correct decorator syntax in HTBQdisc

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-04 16:06:44 +01:00
Nick Hainke
08ad3c9633 libxml2: update to 2.12.3
Release Notes:
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.2
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.3

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-04 16:05:26 +01:00
Felix Fietkau
0f1b3d5c02 netifd: update to Git HEAD (2024-01-04)
4219e99eeec7 system-linux: fix race condition in netlink socket error handing
f01345ec13b9 device: restore cleared flags on device down

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-01-04 13:52:02 +01:00
Roland Reinl
fdb87a91b4 mediatek: Add support for D-Link EAGLE PRO AI R32
R32 is like the M32 part of the EAGLE PRO AI series from D-Link.

Specification:
 - MT7622BV SoC with 2.4GHz wifi
 - MT7975AN + MT7915AN for 5GHz
 - MT7531BE Switch
 - 512MB RAM
 - 128 MB flash
 - 2 LEDs (Status and Internet, both can be either orange or white)
 - 2 buttons (WPS and Reset)

Compared to M32, the R32 has the following differences:
 - 4 LAN ports instead of 2
 - The recory image starts with DLK6E6015001 instaed of DLK6E6010001
 - Individual LEDs for power and internet
 - MAC address is stored at another offset in the ODM partition

MAC addresses:
 - WAN MAC is stored in partition "Odm" at offset 0x81
 - LAN (as printed on the device) is WAN MAC + 1
 - WLAN MAC (2.4 GHz) is WAN MAC + 2
 - WLAN MAC (5GHz) is WAN MAC + 3

Flashing via Recovery Web Interface:
 - Set your IP address to 192.168.0.10, subnetmask 255.255.255.0
 - Press the reset button while powering on the deivce
 - Keep the reset button pressed until the internet LED blinks fast
 - Open a Chromium based and goto http://192.168.0.1
 - Download openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-a1-squashfs-recovery.bin

Flashing via uBoot:
 - Open the case, connect to the UART console
 - Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
 - Run a tftp server which provides openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-initramfs-kernel.bin.
 - You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
 - Power on the device and select "1. System Load Linux to SDRAM via TFTP." in the boot menu
 - Enter image file, tftp server IP and device IP (if they differ from the default).
 - TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
 - The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
 - Create a backup of the Kernel1 partition, this file is required if a revert to stock should be done later
 - Perform a sysupgrade using openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-squashfs-sysupgrade.bin
 - Reboot the device. OpenWrt should start from flash now

Revert back to stock using the Recovery Web Interface:
 - Set your IP address to 192.168.0.10, subnetmask 255.255.255.0
 - Press the reset button while powering on the deivce
 - Keep the reset button pressed until the internet LED blinks fast
 - Open a Chromium based and goto http://192.168.0.1
 - Flash a decrypted firmware image from D-Link. Decrypting an firmware image is described below.

Decrypting a D-Link firmware image:
 - Download https://github.com/RolandoMagico/firmware-utils/blob/M32/src/m32-firmware-util.c
 - Compile a binary from the downloaded file, e.g. gcc m32-firmware-util.c -lcrypto -o m32-firmware-util
 - Run ./m32-firmware-util R32 --DecryptFactoryImage <OriginalFirmware> <OutputFile>
 - Example for firmware R32A1_FW103B01: ./m32-firmware-util R32 --DecryptFactoryImage R32A1_FW103B01.bin R32A1_FW103B01.decrypted.bin

Revert back to stock using uBoot:
 - Open the case, connect to the UART console
 - Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
 - Run a tftp server which provides the previously created backup of the Kernel1 partition.
 - You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
 - Power on the device and select "2. System Load Linux Kernel then write to Flash via TFTP." in the boot menu
 - Enter image file, tftp server IP and device IP (if they differ from the default).
 - TFTP download to FLASH will start. After a few seconds the stock firmware should start again

There is also an image openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-a1-squashfs-tftp.bin which can directly be flashed via U-Boot and TFTP.
It can be used if no backup of the Kernel1 partition is reuqired.

Flahsing via OEM web interface is currently not possible, the OEM images are encrypted. Creating images is only possible manually at the moment.
The support for the M32/R32 already includes support for flashing from the OEM web interface:
 - The device tree contains both partitions (Kernel1 and Kernel2) with conditions to select the correct one based on the kernel command line
 - The U-Boot variable "boot_part" is set accordingly during startup to finish the partition swap after flashing from the OEM web interface
 - OpenWrt sysupgrade flashing always uses the partition where it was initially flashed to (no partition swap)

Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
2024-01-02 21:22:46 +01:00
Nick Hainke
511578c128 wolfssl: update to 5.6.6
Release Notes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable

Refresh patches:
- 100-disable-hardening-check.patch

Fixes: CVE-2023-6935 CVE-2023-6936 CVE-2023-6937
Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-01-02 18:23:09 +01:00
Xavier Franquet
782eb05008 mediatek: filogic: add support ASUS RT-AX59U
(based on support for ASUS RT-AX59U by liushiyou006)

SOC: MediaTek MT7986
RAM: 512MB DDR4
FLASH: 128MB SPI-NAND (Winbond W25N01GV)
WIFI: Mediatek MT7986 DBDC 802.11ax 2.4/5 GHz
ETH: MediaTek MT7531 Switch
UART: 3V3 115200 8N1 (Pinout silkscreened / Do not connect VCC)

Upgrade from AsusWRT to OpenWRT using UART

    Download the OpenWrt initramfs image.
    Copy the image to a TFTP server reachable at 192.168.1.70/24. Rename the image to rtax59u.bin.

    Connect the PC with TFTP server to the RT-AX59U.
    Set a static ip on the ethernet interface of your PC.
    (ip address: 192.168.1.70, subnet mask:255.255.255.0)
    Conect to the serial console, interrupt the autoboot process by pressing '4' when prompted.

    Download & Boot the OpenWrt initramfs image.

    $ setenv ipaddr 192.168.1.1
    $ setenv serverip 192.168.1.70
    $ tftpboot 0x46000000 rtax59u.bin
    $ bootm 0x46000000

    Wait for OpenWrt to boot. Transfer the sysupgrade image to the device using scp and install using sysupgrade.

    $ sysupgrade -n <path-to-sysupgrade.bin>

Upgrade from AsusWRT to OpenWRT using WebUI

    Download transit TRX file from https://drive.google.com/drive/folders/1A20QdjK7Udagu31FSszpWAk8-cGlCwsq

    Upgrade firmware from WebUI (192.168.50.1) using downloaded TRX file

    Wait for OpenWRT to boot (192.168.1.1).

    Upgrade system with sysupgrade image using luci or uploading it through scp and executing sysupgrade command

MAC Address for WLAN 5g is not following the same algorithm as in AsusWRT.
We have increased by one the WLAN 5g to avoid collisions with other networks from WLAN 2g
when bit 28 is already set.

              : Stock             : OpenWrt
  WLAN 2g (1) : C8:xx:xx:0D:xx:D4 : C8:xx:xx:0D:xx:D4
  WLAN 2g (2) :                   : CA:xx:xx:0D:xx:D4
  WLAN 2g (3) :                   : CE:xx:xx:0D:xx:D4
  WLAN 5g (1) : CA:xx:xx:1D:xx:D4 : CA:xx:xx:1D:xx:D5
  WLAN 5g (2) :                   : CE:xx:xx:1D:xx:D5
  WLAN 5g (3) :                   : C2:xx:xx:1D:xx:D5

  WLAN 2g (1) : 08:xx:xx:76:xx:BE : 08:xx:xx:76:xx:BE
  WLAN 2g (2) :                   : 0A:xx:xx:76:xx:BE
  WLAN 2g (3) :                   : 0E:xx:xx:76:xx:BE
  WLAN 5g (1) : 0A:xx:xx:76:xx:BE : 0A:xx:xx:76:xx:BF
  WLAN 5g (2) :                   : 0E:xx:xx:76:xx:BF
  WLAN 5g (3) :                   : 02:xx:xx:76:xx:BF

Signed-off-by: Xavier Franquet <xavier@franquet.es>
2023-12-31 00:03:24 +01:00
David Bauer
f95eecfb21 dropbear: increase default receive window size
Increasing the receive window size improves throughout on higher-latency
links such as WAN connections. The current default of 24KB caps out at
around 500 KB/s.

Increasing the receive buffer to 256KB increases the throughput to at
least 11 MB/s.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-12-28 23:37:51 +01:00
Chuanhong Guo
b196a9f6ce package: new package for usb gadget setup
Setting up usb gadgets using g_* kernel modules are considered a
legacy approach, but the usb_gadget configfs is a bit annoying
to use directly.
The usb_gadget configfs works by creating magic directories
and writing to magic files under /sys/kernel/config/usbgadget.
This new package is an init script to setup usb_gadget configfs
using uci. In the config file, gadget/configuration/function
sections create corresponding directories. UCI options are magic
files available in the configfs and strings/0x409 directories,
grabbed with a 'find' command. UDC option in gadget writes
the UDC file under the 'gadget' directory to attach the
generated gadget config.

It's also possible to apply pre-made config templates under
/usr/share/usbgadget. The templates use the same UCI config
format, with the 'gadget' entry named 'g1'. Currently, there
are templates for CDC-ACM and CDC-NCM gadgets written based
on existing g_*.ko module code.

Certain SBCs come with only a USB device port (e.g. Raspberry Pi
Zero). With this script, it's now possible to perform initial
setup on them by adding a default NCM gadget.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2023-12-28 13:10:32 +08:00
Rafał Miłecki
b799dd3c70 base-files: execute package's "postinst" after executing uci-defaults
Allow "postinst" scripts to perform extra actions after applying all
kind of fixups implemented using uci-defaults.

This is needed e.g. by uhttpd-mod-ubus which after installation in a
running systems needs to:
1. Update uhttpd config using its uci-defaults script
2. Reload uhttpd

While this approach makes sense there is a risk it'll blow up some
corner case postinst usages. There is only 1 way to find out.

Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2023-12-27 16:01:30 +01:00
Mikhail Zhilkin
485adc9d3c mediatek: add support for Routerich AX3000
This PR is continuation of work under "mediatek: add support for Routerich
AX3000" #13703 by the agreement with PR #13703 original author (Maximilian
Weinmann <x1@disroot.org>). All reviews from the previous PR were taken
into into account.

Routerich AX3000 is a wireless WiFi 6 router.

Specification
-------------
- SoC       : MediaTek MT7981BA dual-core ARM Cortex-A53 1.3 GHz
- RAM       : DDR3 256 MiB (ESMT M15T2G16128A)
- Flash     : SPI-NAND 128 MiB (ESMT F50L1G41LB)
- WLAN      : MediaTek MT7976CN dual-band WiFi 6
  - 2.4 GHz : b/g/n/ax, MIMO 2x2
  - 5 GHz   : a/n/ac/ax, MIMO 2x2
- Ethernet  : 10/100/1000 Mbps x4 (MediaTek MT7531AE)
- USB       : 1x 2.0
- UART      : through-hole on PCB
  - [J500] GND, TX, RX, 3.3V (115200n8)
- Buttons   : Mesh, Reset
- LEDs      : 1x Power (Blue)
              1x WiFi 2.4 GHz (Blue)
              1x WiFi 5 GHz (Red)
              1x Mesh (Blue)
              3x LAN activity (Blue)
              1x WAN activity (Blue)
              2x WAN no-internet (Red)
- Power     : 12 VDC, 1.5 A

Installation
------------
Flash OpenWrt 'sysupgrade.bin' image using stock firmware web-interface
(without keeping settings).

Return to stock
---------------
Install stock firmware image (without keeping settings) using OpenWrt
sysupgrade method.

Recovery
--------
Connect uart, use u-boot menu to flash stock firmware image or boot
OpenWrt initramfs image.

MAC addresses
-------------
+---------+-------------------+-----------+
|         | MAC               | Algorithm |
+---------+-------------------+-----------+
| WAN     | 24:0f:5e:xx:xx:b4 | label     |
| LAN     | 24:0f:5e:xx:xx:b5 | label+1   |
| WLAN 2g | 24:0f:5e:xx:xx:b6 | label+2   |
| WLAN 5g | 24:0f:5e:xx:xx:b7 | label+3   |
+---------+-------------------+-----------+
The WLAN 2g MAC was found in 'Factory', 0x4

Co-authored-by: Maximilian Weinmann <x1@disroot.org>
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
2023-12-26 17:17:23 +01:00
Ian Oderon
4300bc6688 mediatek: add support for Zbtlink ZBT-Z8103AX
Specifications:
SoC: MediaTek MT7981B
RAM: 256MiB
Flash: SPI-NAND 128 MiB
Switch: 1 WAN, 3 LAN (Gigabit)
Buttons: Reset, Mesh
Power: DC 12V 1A
WiFi: MT7976CN
UART: 115200n8
UART Layout:
VCC-RX-TX-GND

No. of Antennas: 6
Note: Upon opening the router, only 5 antennas were connected
to the mainboard.

Led Layout:
Power-Mesh-5gwifi-WAN-LAN3-LAN2-LAN1-2gWiFi

Buttons:
Reset-Mesh

Installation:
A. Through OpenWrt Dashboard:
If your router comes with OpenWrt preinstalled (modified by the seller),
you can easily upgrade by going to the dashboard (192.168.1.1) and then
navigate to System -> Backup/Flash firmware, then flash the firmware

B. Through TFTP
Standard installation via UART:

1. Connect USB Serial Adapter to the UART, (NOTE: Don't connect the VCC pin).
2. Power on the router. Make sure that you can access your router via UART.
3. Restart the router then repeatedly press ctrl + c to skip default boot.
4. Type > bootmenu
5. Press '2' to select upgrade firmware
6. Press 'Y' on 'Run image after upgrading?'
7. Press '0' and hit 'enter' to select TFTP client (default)
8. Fill the U-Boot's IP address and TFTP server's IP address.
9. Finally, enter the 'firmware' filename.

Signed-off-by: Ian Oderon <ianoderon@gmail.com>
2023-12-26 00:02:19 +01:00
Oldřich Jedlička
3e738781a9 mac80211: fix flush during station removal
This fixes WARN_ONs when using AP_VLANs after station removal. The flush
call passed AP_VLAN vif to driver, but because these vifs are virtual and
not registered with drivers, we need to translate to the correct AP vif
first.

Fixes: openwrt#12420
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
2023-12-24 10:34:46 +01:00
Tianling Shen
4cc6e7192f
arm-trusted-firmware-sunxi: Update to 2.10
Runtime tested on NanoPi R1S H5 and Orange Pi Zero3.

Changelog: https://trustedfirmware-a.readthedocs.io/en/v2.10/change-log.html

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-12-20 10:53:48 +08:00
Felix Fietkau
44be35890b netifd: update to Git HEAD (2023-12-19)
a2d32f0dcf16 Revert "system-linux: set pending to 0 on ifindex found or error for if_get_master"

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-12-19 22:35:22 +01:00
Tianling Shen
8e948ca20b linux-firmware: update to 20231211
06fa7dd2 cxgb4: Update firmware to revision 1.27.4.0
fd44bdae amdgpu: DMCUB updates for various AMDGPU asics
7ed62638 Revert "rtl_bt: Update RTL8852C BT USB firmware to 0x040D_7225"
42d31f8f rtl_bt: Add firmware v2 file for RTL8852C
0ab353f8 Merge branch 'for-upstream' of http://git.chelsio.net/pub/git/linux-firmware
f2eb058a linux-firmware: Update AMD cpu microcode
980373f5 cirrus: Add CS35L41 firmware for HP G11 models
789aa815 amdgpu: partially revert firmware for GC 11.0.0 and GC 11.0.2
ae80f1f1 Revert "amdgpu: partially revert firmware for GC 11.0.0 and GC 11.0.2"
6c089c10 amdgpu: DMCUB updates for various AMDGPU asics
0e048b06 Merge branch 'for-upstream' of https://github.com/CirrusLogic/linux-firmware
5eeda20d amdgpu: DMCUB updates for various AMDGPU asics
81caac98 i915: add GSC 102.0.0.1655 for MTL
ca49c8cf rtw89: 8851b: update fw to v0.29.41.2
ef41ae8f rtw89: 8852b: update fw to v0.29.29.3
a33f8f1a amdgpu: update DMCUB to 0.0.181.0 for various AMDGPU ASICs
97e88a0d linux-firmware: Update AMD SEV firmware
d0172b89 linux-firmware: update firmware for qat_4xxx devices
50da38ee Merge branch 'mtl_gsc_1655' of git://anongit.freedesktop.org/drm/drm-firmware
fc45c425 linux-firmware: Update firmware file for Intel Bluetooth AX201
3892dc01 linux-firmware: Update firmware file for Intel Bluetooth AX200
606a17b1 linux-firmware: Update firmware file for Intel Bluetooth AX210
55545299 linux-firmware: Update firmware file for Intel Bluetooth AX211
904880ad linux-firmware: Update firmware file for Intel Bluetooth AX211
e6c09397 linux-firmware: Update firmware file for Intel Bluetooth AX203
51e9ea58 linux-firmware: Update firmware file for Intel Bluetooth AX203
58773db5 Merge https://github.com/pkshih/linux-firmware
2bad80e7 copy-firmware: Support additional compressor options
db99828b copy-firmware: Introduce 'RawFile' keyword
becc678d Merge tag 'amd-2023-08-18' of https://gitlab.freedesktop.org/drm/firmware
659dfe64 Merge tag 'amd-2023-08-25' of https://gitlab.freedesktop.org/drm/firmware
49f9e347 i915: Update MTL DMC to v2.16
8e1fe1bd Merge branch 'dmc-mtl_2.16' of git://anongit.freedesktop.org/drm/drm-firmware
27fb2f63 check_whence: reformat using python black
c442a500 Add pre-commit hooks and codespell template
5e2367f8 Wire up pre-commit to `make check`
408eb34a Rewrite README in markdown
5ebb5914 Merge branch 'mlimonci/update-ci' into 'main'
792115b2 Add Dockerfile used to build CI image
69e68cde Add gitlab ci for calling pre-commit and ci-fairy
b2f03c84 Add a rule for automatic tagging releases by pipeline schedule
c79933a8 Fix carl9170fw shell scripts for shellcheck errors
8976d8c3 Add shellcheck pre-commit target
1edd2d6f QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00605
61501389 Merge branch 'mlimonci/enable-pre-commit-ci' into 'main'
6c097314 Merge branch 'mlimonci/shellcheck' into 'main'
3e79f6b8 Create symlinks for all firmware that is duplicate using rdfind
bcc397d6 Add new toplevel 'make dist' target.
f12059b7 Capture artifacts from `make dist` to save at release time.
d5c485f9 Only run ci-fairy on merge requests
bb4f6589 Merge branch 'mlimonci/skip-ci-fairy-for-main' into 'main'
c57a9388 Merge https://github.com/tjiang1234/btfw-wcn6855-605
80de4d8a check_whence: Recognize RawFile keyword
c6ce6ac0 WHENCE: amd-ucode: Use new RawFile keyword
e805619f WHENCE: Don't compress qcom json files
7d8f2d95 Merge branch 'RawFile' into 'main'
a0142c57 ath10k/WCN3990: move wlanmdsp to qcom/sdm845
fe85b0c7 Merge branch 'qcom' into 'main'
20d250e3 Merge branch 'mlimonci/make-dist' into 'main'
9f3ec3a8 qcom: add GPU firmware for QCM2290 / QRB2210
a32c8568 qcom: add firmware for QCM2290 platforms
89659cb9 qcom: add firmware for QRB4210 platforms
106ff9f9 qcom: add venus firmware files for v6.0
74cc8ca8 qcom: add firmware for the onboard WiFi on qcm2290 / qrb4210
1346f922 qcom: sm8250: update DSP firmware
adeabfda qcom: Update vpu-1.0 firmware
bb3d5bc9 qcom: sm8250: add RB5 sensors DSP firmware
7d94e0fa linux-firmware: add link to sc8280xp audioreach firmware
ad03b851 Merge branch 'rb12-fw-v2' into 'main'
28935de4 Merge branch 'rb5-update' of https://github.com/lumag/linux-firmware into rb5-update
473be1c4 Merge branch 'rb5-update' into 'main'
60458657 Merge branch 'sc8280xp-audio-fw-fixes' of https://git.kernel.org/pub/scm/linux/kernel/git/srini/linux-firmware into sc8280xp-audio-fw-fixes
cb926295 Merge branch 'sc8280xp-audio-fw-fixes' into 'main'
c801b3b8 Turn off textwidth check
dfa11466 Merge branch 'main' into 'main'
2bbca647 amdgpu: update DMCUB to 0.0.183.0 for various AMDGPU ASICs
a5dbe400 i915: update MTL HuC to version 8.5.4
3a9bcf45 Merge branch 'main' into 'main'
d252e92d linux-firmware: amd-ucode: Add note on fam19h warnings
3a07aa51 Merge branch 'amd-ucode' into 'main'
3786ca8f Merge branch 'mtl_huc_8.5.4' of git://anongit.freedesktop.org/drm/drm-firmware into mtl_huc
919300d1 Merge branch 'mtl_huc' into 'main'
f48da6da Run merge request pipelines for pre-commit.
3672ccab Merge branch 'mlimonci/fix-merge-requests-ci' into 'main'
08532e36 iwlwifi: update cc/Qu/QuZ firmwares for core81-65 release
765492b8 iwlwifi: add new FWs from core81-65 release
29b47c59 Merge branch 'main' into 'main'
addc3392 rtl_bt: Update RTL8851B BT USB firmware to 0x048A_D230
1ed8d8bf linux-firmware: Update FW files for MRVL PCIE 8997 chipsets
7d1f06ab Merge branch 'rtl_bt' into 'main'
74830f66 Merge branch 'mrvl' into 'main'
328beacb amd_pmf: Add initial PMF TA for Smart PC Solution Builder
8b855f37 Merge branch 'main' into 'main'
a6744df8 iwlwifi: add FWs for new GL and MA device types with multiple RF modules
1c285c0a amdgpu: update aldebaran firmware from 5.7 branch
f9366fa1 amdgpu: update GC 11.0.3 firmware from 5.7 branch
b21bd580 amdgpu: update PSP 13.0.10 firmware from 5.7 branch
5a99cd50 amdgpu: update SMU 13.0.10 firmware from 5.7 branch
abe39de3 amdgpu: update raven2 firmware from 5.7 branch
7f027004 amdgpu: update navi10 firmware from 5.7 branch
c25d0ef6 amdgpu: update yellow carp firmware from 5.7 branch
aa67101a amdgpu: update GC 11.0.2 firmware from 5.7 branch
22ca16ee amdgpu: update PSP 13.0.7 firmware from 5.7 branch
a3b30e39 amdgpu: update SDMA 6.0.2 firmware from 5.7 branch
971fe4bd amdgpu: update SMU 13.0.7 firmware from 5.7 branch
fd688e37 amdgpu: update VCN 4.0.4 firmware from 5.7 branch
17a48ca2 amdgpu: update navi12 firmware from 5.7 branch
d850220b amdgpu: update renoir firmware from 5.7 branch
fcf92700 amdgpu: update navi14 firmware from 5.7 branch
a34604d3 amdgpu: update GC 11.0.1 firmware from 5.7 branch
7b785ce1 amdgpu: update PSP 13.0.4 firmware from 5.7 branch
ab618fa5 amdgpu: update SDMA 6.0.1 firmware from 5.7 branch
4ee8dc91 amdgpu: update GC 11.0.4 firmware from 5.7 branch
c09f4219 amdgpu: update PSP 13.0.11 firmware from 5.7 branch
b828f43c amdgpu: update sienna cichlid firmware from 5.7 branch
f8f3d52e amdgpu: update green sardine firmware from 5.7 branch
7d8a4a06 amdgpu: update vangogh firmware from 5.7 branch
e6a3c06e amdgpu: update navy flounder firmware from 5.7 branch
5e40e6c2 amdgpu: update picasso firmware from 5.7 branch
51637156 amdgpu: update dimgrey cavefish firmware from 5.7 branch
08e23f2c amdgpu: update vega10 firmware from 5.7 branch
050fe578 amdgpu: update vega12 firmware from 5.7 branch
ee81c65c amdgpu: update beige goby firmware from 5.7 branch
0923446e amdgpu: update vega20 firmware from 5.7 branch
c321aeee amdgpu: update GC 11.0.0 firmware from 5.7 branch
7baff8dd amdgpu: update PSP 13.0.0 firmware from 5.7 branch
9973966a amdgpu: update SDMA 6.0.0 firmware from 5.7 branch
af3d18b3 amdgpu: update SMU 13.0.0 firmware from 5.7 branch
b65ac01b amdgpu: update VCN 4.0.0 firmware from 5.7 branch
a92f8f21 amdgpu: update GC 10.3.6 firmware from 5.7 branch
fc627e98 amdgpu: update PSP 13.0.5 firmware from 5.7 branch
f5b7964e amdgpu: update SDMA 5.2.6 firmware from 5.7 branch
5837f76c amdgpu: update DCN 3.1.6 firmware from 5.7 branch
35d98aaf amdgpu: update GC 10.3.7 firmware from 5.7 branch
8ba97109 amdgpu: update PSP 13.0.8 firmware from 5.7 branch
75e5b634 amdgpu: update SDMA 5.2.7 firmware from 5.7 branch
95ec6f69 amdgpu: update raven firmware from 5.7 branch
18b60f44 i915: Update MTL DMC to v2.17
cef80743 Add new Makefile target to build a deb and rpm package
ce33c671 Build debian and fedora images
312b5d8a Merge branch 'iwlwifi-fw-2023-09-27' into 'main'
957828e1 linux-firmware: Update firmware file for Intel Bluetooth 9260
717c1a5d linux-firmware: Update firmware file for Intel Bluetooth 9560
a3e18aff linux-firmware: Update firmware file for Intel Bluetooth AX210
3fed6fb8 linux-firmware: Update firmware file for Intel Bluetooth AX211
3ce0e06b linux-firmware: Update firmware file for Intel Bluetooth AX211
8c1e8c66 linux-firmware: Update firmware file for Intel Bluetooth AX201
bbf94191 linux-firmware: Update firmware file for Intel Bluetooth AX201
ab0c0a78 linux-firmware: Add firmware file for Intel Bluetooth AX211
2316c3d0 Merge branch 'intel-bt-20231004' into 'main'
58b8d3f3 Merge branch 'dmc-mtl_2.17' of git://anongit.freedesktop.org/drm/drm-firmware into dmc-mtl
8e57de05 Merge branch 'dmc-mtl' into 'main'
5105ff4b Merge branch 'mlimonci/upstream-packaging' into 'main'
389575a8 WHENCE: add symlink for BananaPi M64
7727f7e3 Merge branch 'patch-1696561325' into 'main'
92e24e04 iwlwifi: add a missing FW from core80-39 release
44a9510c i915: Add GuC v70.13.1 for DG2, TGL, ADL-P and MTL
1be48f85 Merge branch 'pr-24-1697222431' into 'main'
4d619071 Add a script for a robot to open up pull requests
0da49b90 linux-firmware: add Amlogic bluetooth firmware
63e8aa40 Merge branch 'main' into 'main'
a3bcbbf2 amdgpu: update SMU 13.0.0 firmware
8ff933de Merge branch 'robot/pr-0-1697570762' into 'main'
f893135f Merge branch 'robot/pr-0-1697658135' into 'main'
ecaeef5d Add support for sending emails while processing a PR/patch
29e9aa86 Merge branch 'mlimonci/robot' into 'main'
06afd7f9 linux-firmware: Update AMD cpu microcode
1115cf5c Merge branch 'robot/patch-0-1697735493' into 'main'
6ed75465 Fix the robot email script
d983107a Merge branch 'mlimonci/fix-email' into 'main'
7bfa5f4d Catch unicode decode errors
3de241ed rtl_nic: update firmware of RTL8156B
39d55392 Use `git am` instead of `b4 shazam`
ad84593d Merge branch 'robot/patch-23-1698074268' into 'main'
5f560c1e Merge branch 'mlimonci/unicode' into 'main'
4ee01756 Merge branch 'mlimonci/use-am' into 'main'
b22703ca Disable deb and rpm CI other than at release
80703e05 Merge branch 'mlimonci/less-ci' into 'main'
37761e2b Intel Bluetooth: Update firmware file for Intel Bluetooth BE200
dd6368d9 Intel Bluetooth: Update firmware file for Intel Bluetooth Magnetor AX211
fabc67bf Intel Bluetooth: Update firmware file for Intel Bluetooth Magnetor AX201
581a25e6 Intel Bluetooth: Update firmware file for Intel Bluetooth AX203
bc0b7dfa Intel Bluetooth: Update firmware file for Intel Bluetooth AX203
2ceaa29d Merge branch 'core80' into 'main'
dcec764d Intel Bluetooth: Update firmware file for Intel Bluetooth Magnetor AX101
1962446e Intel Bluetooth: Update firmware file for Intel Bluetooth AX210
4c092813 Intel Bluetooth: Update firmware file for Intel Bluetooth AX211
59aaeac9 Intel Bluetooth: Update firmware file for Intel Bluetooth AX211
2b304bfe Merge branch 'main' into 'main'
02df6e4f rtw89: 8851b: update fw to v0.29.41.3
7a916315 rtw89: 8852b: update fw to v0.29.29.4
2afd1423 rtw89: 8852b: update fw to v0.29.29.5
1ba9408e linux-firmware: ixp4xx: Add the IXP4xx firmware
411938ad Merge branch 'mlimonci/rtw89' into 'main'
185e84b8 Merge branch 'ixp4xx' into 'main'
724c77e5 qca: add bluetooth firmware for WCN3988
19342f15 Merge branch 'apbtfw' into 'main'
65a89b16 amdgpu: DMCUB updates for various AMDGPU ASICs
df98199f Merge tag 'amd-2023-11-03'
9a3bf241 Merge branch 'main' into 'main'
9a170370 Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX210
cdecf243 Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX211
be41333c Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX211
34600f06 Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX203
8563348b Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX203
ed34505f Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX211
92faee69 Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX203
19c3c023 Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX101
a5a6dded Intel Bluetooth: Update firmware file for Intel Bluetooth BE200
2340796d Merge branch 'main' into 'main'
f4a3c72e nvidia: add GSP-RM version 535.113.01 firmware images
16b92b8d Merge branch 'mlimonci/nvidia-gsp-rm-535' into 'main'
cc8a7d10 Fix classification of some pull requests
4c55675d Fix symlink creation for some files
195eae59 Add checks for destination directory being specified
cf8315de Ensure rdfind is installed
b79f31cf Merge branch 'mlimonci/fix-symlinks' into 'main'
1ee89a11 Merge branch 'mlimonci/robot-fix' into 'main'
c57c8384 amdgpu: DMCUB updates for various AMDGPU ASICs
1737b581 Merge tag 'amd-2023-11-10' into amd-2023-11-10
74158e7a Merge branch 'amd-2023-11-10' into 'main'
bf5150dd Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX210
80a378a2 Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX211
b021ad7c Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX211
bfc7dbe7 Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX203
4eb64f9b Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX203
c7c5ca39 Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX101
80907d76 Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX101
8b5a4168 Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX211
5e40b6aa Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX203
307a4e50 Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX101
6910095b linux-firmware: add firmware for mt7988 internal 2.5G ethernet phy
bd4df953 Merge branch 'main' into 'main'
398b4605 Merge branch 'robot/patch-0-1699862686' into 'main'
1f8f61d5 Process pull requets directly from mbox
05ac293b Add extra debugging output when processing pull requests
d011ba69 Add a workaround for gitlab.freedesktop.org pull requests
b72eeb60 Merge branch 'mlimonci/robot-pr-improvements' into 'main'
978dff67 linux-firmware: Add firmware for Cirrus CS35L41 on 2024 ASUS Zenbook Laptops
4f498d09 linux-firmware: Add firmware for Cirrus CS35L41 on HP G11 Laptops
4fc5801e iwlwifi: update cc/Qu/QuZ firmwares for core83-55 release
a07fd0b9 iwlwifi: add new FWs from core83-55 release
124b6639 Merge branch 'robot/pr-0-1700068965' into 'main'
9009038b Enable deb and rpm builds on tags
f27dec61 iwlwifi: fix for the new FWs from core83-55 release
58ec4325 Merge branch 'mlimonci/release-packages' into 'main'
8228c222 Try both utf-8 and windows-1252 for decoding email
b486a13b Merge branch 'robot/pr-17-1700153404' into 'main'
6723a8d9 Merge branch 'robot/pr-5-1700153542' into 'main'
bfd5f0b9 Make email replies more resilient
45109014 i915: Update MTL DMC to v2.19
f81145a0 Merge branch 'robot/pr-0-1700234575' into 'main'
7124ce30 Merge branch 'mlimonci/encoding' into 'main'
c03db704 amdgpu: update DMCUB firmware to 0.0.193.0 for DCN31 and DCN314
ba1aa06f Intel Bluetooth: Update firmware file for Intel Bluetooth BE200
a41fa7c5 mediatek: Sync shared memory structure changes
c3ce13b3 Merge branch 'main' into 'main'
9552083a Merge branch 'robot/pr-0-1700470117' into 'main'
0c211dbe Merge branch 'amd-staging' into 'main'
5e9fdab5 mediatek: Remove an unused packed library
bef5a36d Merge branch 'robot/patch-1-1700555775' into 'main'
47582844 ice: update ice DDP package to 1.3.35.0
0628ba79 ice: update ice DDP comms package to 1.3.45.0
ad0bbae4 Merge branch 'robot/patch-1-1700674626' into 'main'
a5539dc1 Merge branch 'robot/patch-2-1700674629' into 'main'
9afbbf25 powervr: add firmware for Imagination Technologies AXE-1-16M GPU
fad38ab8 Merge branch 'powervr-2023-11-23' into 'main'
ea682fba qcom: update Venus firmware file for v6.0
18f56bf3 qcom: update qcm2290/qrb4210 WiFi firmware file
0bba2c99 qcom: update qcm2290 firmware
6cfedcbb qcom: update qrb4210 firmware
87427f23 amdgpu: update DMCUB firmware to 0.0.194.0 for DCN321 and DCN32
f6d61ded Merge branch 'robot/pr-0-1700887115' into 'main'
c6823ce2 Makefile, copy-firmware: Use portable "command -v" to detect installed programs
9fdcf639 Merge branch 'robot/patch-0-1701018572' into 'main'
0a18a729 linux-firmware: update firmware for MT7921 WiFi device
6b91b2ef linux-firmware: update firmware for MT7922 WiFi device
cc44f3b8 Merge branch 'mt7921-wifi' into 'main'
1366b827 linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
5955de2f Merge branch 'mt7922-wifi' into 'main'
1180974e linux-firmware: update firmware for mediatek bluetooth chip (MT7922)
351f0c67 Merge branch 'mt7921-bt' into 'main'
f440b984 ice: update ice DDP wireless_edge package to 1.3.13.0
adbdc241 Merge branch 'mt7922-bt' into 'main'
f8c611e7 Merge branch 'ice-edge' into 'main'
4124f8f9 Make rdfind optional
4fab4e51 Merge branch 'rdfind-opt' into 'main'
98eed92e rtl_bt: Update RTL8852A BT USB firmware to 0xDFC8_145F
5aadb590 Merge branch 'robot/patch-0-1701175489' into 'main'
d9f6088f Add a COPYOPTS variable
aae60524 Merge branch 'make-opts' into 'main'
37db2a09 s5p-mfc: Add MFC v12 Firmware
034e24b8 Merge branch 's5p-mfc-v12' into 'main'
ddc99b3d linux-firmware: add firmware for en8811h 2.5G ethernet phy
dbf82492 cxgb4: Update firmware to revision 1.27.5.0
129e07d9 Merge branch 'robot/pr-0-1701358064' into 'main'
f63dd70d Merge branch 'robot/patch-0-1701352637' into 'main'
b9d971b9 Merge branch 'rb12-update' into 'main'
bfc33c1e linux-firmware: Update AMD cpu microcode
c004dbee Merge branch 'robot/patch-0-1701808157' into 'main'
23feb609 wfx: fix broken firmware
1505c948 wfx: update to firmware 3.17
f2e52a1c Merge branch 'wfx' into 'main'

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-12-19 14:22:28 +01:00
Felix Fietkau
1a57d758f2 mt76: update to Git HEAD (2023-12-18)
bebd9cffc2ae wifi: mt76: mt7921: fix 6GHz disabled by the missing default CLC config

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-12-18 18:56:20 +01:00
Felix Fietkau
62a2af6555 netifd: update to Git HEAD (2023-12-18)
730b4656e6b1 netifd: fix undefined va_list value which can cause crashes
c59457f69709 device: Log error message if device initialization failed

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-12-18 11:49:15 +01:00