Commit Graph

58415 Commits

Author SHA1 Message Date
Hauke Mehrtens
7f833b8180 kernel: Fix kmod-lib-lz4 packaging
The kernel provides two variants of the lz4 compression a normal version
and a high compression mode version. The old kmod-lib-lz4 package
contained the normal version plus one part of the lz4hc version. There
was already code which selected the kmod-lib-lz4hc package which did
not exists.

I split this into 3 packages. kmod-lib-lz4 and kmod-lib-lz4hc for the
normal the and high compression algorithm which contain the specific
code and the kmod-lib-lz4-decompress which contains the common
decompressor.

New we are also packaging lz4hc.ko

Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit fac507606d)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:24 +02:00
Hauke Mehrtens
1f701c9b04 kernel: Extract kmod-nf-dup-inet
The nf_dup_ipv4.ko and nf_dup_ipv6.ko kernel module were packaged by
kmod-ipt-tee and kmod-nft-dup-inet at the same time. Extract them into a
separate package used by both.

Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit b0953c4fbf)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:24 +02:00
Paweł Owoc
e82759fd67 mac80211: add missing config for third 160MHz width for 5GHz radio
Without this configuration it is not possible to run the radio using HE160 on channels 149-177.

Fixes: #14906
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
(cherry picked from commit a91b79fd04)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:24 +02:00
Felix Fietkau
c145f0f8f6 mac80211: add fix for receiving STP frames on mesh
Fix length in ethernet header

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 8f7be2a2ba)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:24 +02:00
Oldřich Jedlička
bed2272605 mac80211: fix flush during station removal
This fixes WARN_ONs when using AP_VLANs after station removal. The flush
call passed AP_VLAN vif to driver, but because these vifs are virtual and
not registered with drivers, we need to translate to the correct AP vif
first.

Fixes: openwrt#12420
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
[Rename to 360-wifi-mac80211-do-not-pass-ap_vlan-vif-pointer-to-dri.patch]
(cherry picked from commit 3e738781a9)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:24 +02:00
David Bauer
feb5b072ef mediatek: add missing SPDX header
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 36f7ececc2)
2024-07-08 12:33:11 +02:00
Chukun Pan
5632227f44 mediatek: filogic: add Netcore N60 support
Hardware specification:
  SoC: MediaTek MT7986A 4x A53
  Flash: ESMT F50L1G41LB 128MB
  RAM: W632GU6NB DDR3 256MB
  Ethernet: 1x 2.5G + 4x 1G
  WiFi1: MT7975N 2.4GHz 4T4R
  WiFi2: MT7975PN 5GHz 4T4R
  Button: Reset, WPS
  Power: DC 12V 2A

Flash instructions:
  1. Connect to the router using ssh or telnet,
     username: useradmin, password is the web
     login password of the router.
  2. Use scp to upload bl31-uboot.fip and flash:
     "mtd write xxx-preloader.bin spi0.0"
     "mtd write xxx-bl31-uboot.fip FIP"
     "mtd erase ubi"
  3. Connect to the router via the Lan port,
     set a static ip of your PC.
     (ip 192.168.1.254, gateway 192.168.1.1)
  4. Download initramfs image, reboot router,
     waiting for tftp recovery to complete.
  5. After openwrt boots up, perform sysupgrade.

Note:
  1. Back up all mtd partitions before flashing.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 4ae474afbd)
2024-07-08 12:00:39 +02:00
Chukun Pan
7bfdc4ea3a uboot-mediatek: add Netcore N60 support
The vendor uboot requires special fit verification.
So add a custom uboot build for this device.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 0170666d89)
2024-07-08 12:00:39 +02:00
Tianling Shen
2a25de25fa mediatek: add support for JDCloud RE-CP-03
Hardware specification:
  SoC: MediaTek MT7986A 4x A53
  Flash: 128GB eMMC
  RAM: 1GB DDR4
  Ethernet: 4x 1GbE, 1x 2.5GbE (RTL8221B)
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, Joylink
  Power: DC 12V 2A

Flash instructions:
1. Download and flash the vendor migration firmware via webUI:
   https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7986-jdcloud_re-cp-03-vendor-migration.bin
   (Default address is 192.168.68.1, user root, no password)
2. After device has booted up, write new GPT table:
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-gpt.bin of=/dev/mmcblk0 bs=512 seek=0 count=34 conv=fsync
3. Erase and write new BL2:
   echo 0 > /sys/block/mmcblk0boot0/force_ro
   dd if=/dev/zero of=/dev/mmcblk0boot0 bs=512 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-preloader.bin of=/dev/mmcblk0boot0 bs=512 conv=fsync
4. Erase and write new FIP:
   dd if=/dev/zero of=/dev/mmcblk0 bs=512 seek=13312 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-bl31-uboot.fip of=/dev/mmcblk0 bs=512 seek=13312 conv=fsync
5. Set static IP on your PC:
   IP 192.168.1.254/24, GW 192.168.1.1
6. Serve OpenWrt initramfs image using TFTP server.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt has booted, perform sysupgrade.
9. Additionally, if you want to have eMMC recovery boot feature:
     (Don't worry! You will always have TFTP recovery boot feature.)
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-initramfs-recovery.itb of=/dev/mmcblk0p4 bs=512 conv=fsync

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit c0c3234e17)
2024-07-08 09:08:48 +02:00
Tianling Shen
b67b3a6ce6 uboot-mediatek: add support for JDCloud RE-CP-03
The vendor U-Boot has enabled signature verification, so add
a custom U-Boot build for OpenWrt.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 6fa4fbbc52)
2024-07-08 09:08:15 +02:00
Luis Mita
3fcf619e76 ramips: mt76x8: sync Cudy TR1200 v1 naming
Cudy assigns hardware versions to its devices on its website, and
the Cudy TR1200 router is now Cudy TR1200 v1.
OpenWrt currently uses both variants, and this commit removes
inconsistencies using only the new name.

Signed-off-by: Luis Mita <luis@luismita.com>
(cherry picked from commit d780d530dd)
Link: https://github.com/openwrt/openwrt/pull/15875
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-07 23:53:30 +02:00
Luis Mita
7be58ccacc ramips: mt76x8: add support for Cudy TR1200 v1
Hardware:
 - SoC: MediaTek MT7628AN (MIPS 580MHz)
 - Flash: 16 MiB XMC 25QH128CH10
 - RAM: 128 MiB ESMT M14D1G1664A
 - WLAN: 2.4 GHz (MT7628), 5 GHz (MT7613BEN 802.11ac)
 - Ethernet: 1x 10/100 Mbps WAN, 1x 10/100 LAN (MT7628)
 - USB 2.0 port
 - Buttons: 1 Reset button, 1 slider button
 - LEDs: 1x Red, 1x White
 - Serial console: unpopulated header, 115200 8n1
 - Power: 5 VDC, 2 A

MAC addresses:
+---------+-------------------+-----------+
|         | MAC               | Algorithm |
+---------+-------------------+-----------+
| WAN     | 80:af:ca:xx:xx:x0 | label     |
| LAN     | 80:af:ca:xx:xx:x0 | label     |
| WLAN 2g | 80:af:ca:xx:xx:x0 | label     |
| WLAN 5g | 80:af:ca:xx:xx:x2 | label+2   |
+---------+-------------------+-----------+

Installation:
The installation must be done via TFTP by disassembling the router.
On other occasions Cudy has distributed intermediate firmware to make
installation easier, and so I recommend checking the Wiki for this
device if there is a more convenient solution than the one below.

To install using TFTP:
1. Upgrade to a beta firmware (signed by Cudy) that can be downloaded
from the wiki. This is required in order to use an unlocked u-boot.
2. Connect to UART.
3. While the router is turning on, press 1.
4. Connect to LAN and set your IP to 192.168.1.88/24. Configure a TFTP
server and an OpenWrt initramfs-kernel.bin firmware file as recovery.bin.
5. Press Enter three times. Verify the filename.
6. If you can reach LuCI or SSH now, just use the sysupgrade image with
the 'Keep settings' option turned off.

If you don't want to use the beta firmware nor the unlocked u-boot, you
can install the firmware writing the sysupgrade image on the firmware
partition of the SPI flash.

Signed-off-by: Luis Mita <luis@luismita.com>
(cherry picked from commit f1091ef7ac)
Link: https://github.com/openwrt/openwrt/pull/15875
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-07 23:53:30 +02:00
Hauke Mehrtens
e1eac53f74 mt76: Fix PKG_MIRROR_HASH
The PKG_MIRROR_HASH was updated to a wrong version.

Fixes: f64576f367 ("mt76: update to Git HEAD (2024-04-03)")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-07 21:56:12 +02:00
Hauke Mehrtens
323e249ce8 mac80211: Update to version 6.1.97-1
This updates mac80211 to version 6.1.97-1. This code is based on Linux
6.1.97 and contains all fixes included in the upstream wireless
subsystem from that kernel version. This includes many bugfixes and also
some security fixes.

The removed patches are already integrated in upstream Linux 6.1.97 or
in backports.

The following patches were integrated in upstream Linux:
   ath11k/0013-wifi-ath11k-synchronize-ath11k_mac_he_gi_to_nl80211_.patch
   ath11k/0035-wifi-ath11k-Use-platform_get_irq-to-get-the-interrup.patch
   ath11k/0036-wifi-ath11k-fix-SAC-bug-on-peer-addition-with-sta-ba.patch
   ath11k/0047-wifi-ath11k-fix-deinitialization-of-firmware-resourc.patch
   ath11k/0053-wifi-ath11k-fix-writing-to-unintended-memory-region.patch
   ath11k/0060-wifi-ath11k-Ignore-frags-from-uninitialized-peer-in-.patch
   ath11k/0065-wifi-ath11k-fix-tx-status-reporting-in-encap-offload.patch
   ath11k/0067-wifi-ath11k-Fix-SKB-corruption-in-REO-destination-ri.patch
   ath11k/0069-wifi-ath11k-fix-registration-of-6Ghz-only-phy-withou.patch
   ath11k/0080-wifi-ath11k-add-support-default-regdb-while-searchin.patch
   ath11k/0085-wifi-ath11k-fix-memory-leak-in-WMI-firmware-stats.patch
   ath11k/0086-wifi-ath11k-Add-missing-check-for-ioremap.patch
   ath11k/0096-wifi-ath11k-fix-boot-failure-with-one-MSI-vector.patch
   subsys/337-wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch

The following patches were integrated in upstream backports:
   ath11k/901-wifi-ath11k-pci-fix-compilation-in-5.16-and-older.patch
   build/080-resv_start_op.patch
   build/110-backport_napi_build_skb.patch

The following files are missing in backports, we do not have to remove
them any more. Some were already missing before some were removed in
this update:
   include/linux/cordic.h
   include/linux/crc8.h
   include/linux/eeprom_93cx6.h
   include/linux/wl12xx.h
   include/net/ieee80211.h
   backport-include/linux/bcm47xx_nvram.h
   include/linux/ath9k_platform.h
   include/net/bluetooth/

backports ships a dummy Mediatek wed header for older kernel versions.
We backported the feature in our kernel, remove the dummy header:
   backport-include/linux/soc/mediatek/mtk_wed.h

Remove header files for subsystems used form the mainline kernel:
   include/trace/events/qrtr.h
   include/net/rsi_91x.h
   backport-include/linux/platform_data/brcmnand.h

Link: https://github.com/openwrt/openwrt/pull/15827
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-07 18:30:37 +02:00
Hauke Mehrtens
e0837a1257 iw: sync nl80211.h
Update the nl80211.h file in iw with the version from backports.

The files were out of sync already before the mac80211 update. If iw set
the NL80211_ATTR_WIPHY_ANTENNA_GAIN attribute the kernel assumed it set
the NL80211_ATTR_PUNCT_BITMAP attribute because the id was the same.

Link: https://github.com/openwrt/openwrt/pull/15827
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-07 18:30:37 +02:00
Lu jicong
4c03fe22b7
target.mk: fix arm architecture level detection
Now kernel configs of armv6k CPUs don't include CONFIG_CPU_V6.
So armv6k CPUs cannot be detected as arm_v6.
Fix this by adding detection for CONFIG_CPU_V6K.

Signed-off-by: Lu jicong <jiconglu58@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15855
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit d55083fbca)
2024-07-07 13:56:14 +02:00
Mathew McBride
2a099d36a7 armsr: add realtek and smsc ethernet phy drivers to the default image
This adds two more common PHY brands to the image.
Realtek is used on the Google Coral "Phanbell" board (i.MX8MQ).
SMSC has been used on various Raspberry Pi boards.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit bcbdde00c3)
Link: https://github.com/openwrt/openwrt/pull/15808
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:37:39 +02:00
Mathew McBride
7a4f468d07 armsr: enable framebuffer emulation for virtio-gpu/drm displays
This was discovered when trying to run OpenWrt on Hetzner Cloud's
Arm-based instances.

Hetzner uses QEMU/KVM with virtio-gpu as the main display device,
together with an ACPI firmware. This was not displaying a console
previously.

This setup can be emulated by qemu using options below:
qemu-system-aarch64 \
    -machine virt \
    -bios QEMU_EFI.fd \
    -device virtio-gpu \
    -usb \
    -device qemu-xhci,id=xhci \
    -device usb-tablet,bus=xhci.0 \
    -device usb-kbd,bus=xhci.0 \
    -vnc :0

Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit ea7383e721)
Link: https://github.com/openwrt/openwrt/pull/15808
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:37:39 +02:00
John Vincent
299893c9c9 kernel: armsr: Renesas: RZ: Ethernet module and ttySC0
Ethernet module enable for Renesas RZ platform
inittab fix for ttySC0

Fixes: #15284
Signed-off-by: John Vincent <john.vincent.xa@bp.renesas.com>
(cherry picked from commit 531b3f667c)
Link: https://github.com/openwrt/openwrt/pull/15808
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:37:39 +02:00
Mathew McBride
be4d0d0cd6 armsr: armv8: enable serial console for Renesas platforms
Support for Renesas Arm families was added in commit 1ff4f4df23
("armsr: armv8: enable CONFIG_ARCH_RENESAS"), but this did not
enable the console/tty hardware for these SoCs, which is derived
from the SuperH family (CONFIG_SERIAL_SH_SCI).

Link: https://github.com/openwrt/openwrt/issues/15284
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 683355d0a6)
Link: https://github.com/openwrt/openwrt/pull/15808
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:37:39 +02:00
Roland Reinl
d0744c1f66 mediatek: Add support for D-Link EAGLE PRO AI R32
R32 is like the M32 part of the EAGLE PRO AI series from D-Link.

Specification:
 - MT7622BV SoC with 2.4GHz wifi
 - MT7975AN + MT7915AN for 5GHz
 - MT7531BE Switch
 - 512MB RAM
 - 128 MB flash
 - 2 LEDs (Status and Internet, both can be either orange or white)
 - 2 buttons (WPS and Reset)

Compared to M32, the R32 has the following differences:
 - 4 LAN ports instead of 2
 - The recory image starts with DLK6E6015001 instaed of DLK6E6010001
 - Individual LEDs for power and internet
 - MAC address is stored at another offset in the ODM partition

MAC addresses:
 - WAN MAC is stored in partition "Odm" at offset 0x81
 - LAN (as printed on the device) is WAN MAC + 1
 - WLAN MAC (2.4 GHz) is WAN MAC + 2
 - WLAN MAC (5GHz) is WAN MAC + 3

Flashing via Recovery Web Interface:
 - Set your IP address to 192.168.0.10, subnetmask 255.255.255.0
 - Press the reset button while powering on the deivce
 - Keep the reset button pressed until the internet LED blinks fast
 - Open a Chromium based and goto http://192.168.0.1
 - Download openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-a1-squashfs-recovery.bin

Flashing via uBoot:
 - Open the case, connect to the UART console
 - Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
 - Run a tftp server which provides openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-initramfs-kernel.bin.
 - You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
 - Power on the device and select "1. System Load Linux to SDRAM via TFTP." in the boot menu
 - Enter image file, tftp server IP and device IP (if they differ from the default).
 - TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
 - The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
 - Create a backup of the Kernel1 partition, this file is required if a revert to stock should be done later
 - Perform a sysupgrade using openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-squashfs-sysupgrade.bin
 - Reboot the device. OpenWrt should start from flash now

Revert back to stock using the Recovery Web Interface:
 - Set your IP address to 192.168.0.10, subnetmask 255.255.255.0
 - Press the reset button while powering on the deivce
 - Keep the reset button pressed until the internet LED blinks fast
 - Open a Chromium based and goto http://192.168.0.1
 - Flash a decrypted firmware image from D-Link. Decrypting an firmware image is described below.

Decrypting a D-Link firmware image:
 - Download https://github.com/RolandoMagico/firmware-utils/blob/M32/src/m32-firmware-util.c
 - Compile a binary from the downloaded file, e.g. gcc m32-firmware-util.c -lcrypto -o m32-firmware-util
 - Run ./m32-firmware-util R32 --DecryptFactoryImage <OriginalFirmware> <OutputFile>
 - Example for firmware R32A1_FW103B01: ./m32-firmware-util R32 --DecryptFactoryImage R32A1_FW103B01.bin R32A1_FW103B01.decrypted.bin

Revert back to stock using uBoot:
 - Open the case, connect to the UART console
 - Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
 - Run a tftp server which provides the previously created backup of the Kernel1 partition.
 - You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
 - Power on the device and select "2. System Load Linux Kernel then write to Flash via TFTP." in the boot menu
 - Enter image file, tftp server IP and device IP (if they differ from the default).
 - TFTP download to FLASH will start. After a few seconds the stock firmware should start again

There is also an image openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-a1-squashfs-tftp.bin which can directly be flashed via U-Boot and TFTP.
It can be used if no backup of the Kernel1 partition is reuqired.

Flahsing via OEM web interface is currently not possible, the OEM images are encrypted. Creating images is only possible manually at the moment.
The support for the M32/R32 already includes support for flashing from the OEM web interface:
 - The device tree contains both partitions (Kernel1 and Kernel2) with conditions to select the correct one based on the kernel command line
 - The U-Boot variable "boot_part" is set accordingly during startup to finish the partition swap after flashing from the OEM web interface
 - OpenWrt sysupgrade flashing always uses the partition where it was initially flashed to (no partition swap)

Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
(cherry picked from commit fdb87a91b4)
Link: https://github.com/openwrt/openwrt/pull/15776
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:32:57 +02:00
Fabrice Fontaine
95fac7d0e4 package/utils/secilc: drop PKG_CPE_ID
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️selinuxproject:secilc

Fixes: 9ee7c1ec60 (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 58a5877846)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
16601bbd42 package/network/utils/iptables: fix PKG_CPE_ID
cpe:/a:netfilter:iptables is the correct CPE ID for iptables:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️netfilter:iptables

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15297
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 6e5edec159)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
8c20083c1d package/libs/libjson-c: fix PKG_CPE_ID
cpe:/a:json-c:json-c is the correct CPE ID for libjson-c:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️json-c:json-c

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15292
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit a4f723e04e)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
6ea9cf3203 package/network/services/dropbear: fix PKG_CPE_ID
cpe:/a:dropbear_ssh_project:dropbear_ssh is the correct CPE ID for dropbear:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️dropbear_ssh_project:dropbear_ssh

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15290
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 289f811abb)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
6b39170c90 toolchain/nasm: fix PKG_CPE_ID
cpe:/a:nasm:netwide_assembler is the correct CPE ID for nasm:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️nasm:netwide_assembler

Fixes: bcf02c5d31 (toolchain: assign PKG_CPE_ID)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit e1ca08518e)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
11b8b62fd8 tools/flex: fix PKG_CPE_ID
cpe:/a:westes:flex is the correct CPE ID for flex:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️westes:flex

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 832460b452)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
c587573710 tools/zlib: fix PKG_CPE_ID
cpe:/a:zlib:zlib is the correct CPE ID for zlib:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️zlib:zlib

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit e9ecaade6f)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
b110c337d3 package/libs/pcre2: fix PKG_CPE_ID
cpe:/a:pcre:pcre2 is the correct CPE ID for pcre2:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️pcre:pcre2

Fixes: c39b0646f3 (pcre2: import pcre2 from packages feed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 27d1ebb46a)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Sean Khan
318db3bde4 openssl: conditionally disable engine section
Currently, the build option to enable/disable engine support isn't
reflected in the final '/etc/ssl/openssl.cnf' config. It assumes `engines`
is always enabled, producing an error whenever running any
commands in openssl util or programs that explicitly use settings
from '/etc/ssl/openssl.cnf'.

```
➤ openssl version
FATAL: Startup failure (dev note: apps_startup()) for openssl
307D1EA97F000000:error:12800067:lib(37):dlfcn_load:reason(103):crypto/dso/dso_dlfcn.c:118:filename(libengines.so):
Error loading shared library libengines.so: No such file or directory
307D1EA97F000000:error:12800067:lib(37):DSO_load:reason(103):crypto/dso/dso_lib.c:152:
307D1EA97F000000:error:0700006E:lib(14):module_load_dso:reason(110):crypto/conf/conf_mod.c:321:module=engines, path=engines
307D1EA97F000000:error:07000071:lib(14):module_run:reason(113):crypto/conf/conf_mod.c:266:module=engines
```

Build should check for the `CONFIG_OPENSSL_ENGINE` option, and comment out `engines`
if not explicitly enabled.

Example:
```
[openssl_init]
providers = provider_sect
```

After this change, openssl util works correctly.

```
➤ openssl version
OpenSSL 3.0.14 4 Jun 2024 (Library: OpenSSL 3.0.14 4 Jun 2024)
```

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15661
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 31ec4515c3)
Link: https://github.com/openwrt/openwrt/pull/15873
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:29:23 +02:00
John Audia
4aabbd6746 openssl: update to 3.0.14
Major changes between OpenSSL 3.0.13 and OpenSSL 3.0.14 [04-Jun-2024]

* Fixed potential use after free after SSL_free_buffers() is called.
  [CVE-2024-4741]
* Fixed checking excessively long DSA keys or parameters may be very slow.
  [CVE-2024-4603]
* Fixed an issue where some non-default TLS server configurations can cause
  unbounded memory growth when processing TLSv1.3 sessions. An attacker may
  exploit certain server configurations to trigger unbounded memory growth that
  would lead to a Denial of Service.  [CVE-2024-2511]
* New atexit configuration switch, which controls whether the OPENSSL_cleanup
  is registered when libcrypto is unloaded. This can be used on platforms
  where using atexit() from shared libraries causes crashes on exit

Signed-off-by: John Audia <therealgraysky@proton.me>

Build system: x86/64
Build-tested: x86/64/AMD Cezanne

(cherry picked from commit bac2f1bed6)
Link: https://github.com/openwrt/openwrt/pull/15873
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:29:23 +02:00
Hauke Mehrtens
2410b4c07b wolfssl: Update to 5.7.0
This fixes multiple security problems:
 * [High] CVE-2024-0901 Potential denial of service and out of bounds
   read. Affects TLS 1.3 on the server side when accepting a connection
   from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
   it is recommended to update the version of wolfSSL used.

 * [Med] CVE-2024-1545 Fault Injection vulnerability in
   RsaPrivateDecryption function that potentially allows an attacker
   that has access to the same system with a victims process to perform
   a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin
   Zhang, Qingni Shen for the report (Peking University, The University
   of Western Australia)."

 * [Med] Fault injection attack with EdDSA signature operations. This
   affects ed25519 sign operations where the system could be susceptible
   to Rowhammer attacks. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang,
   Qingni Shen for the report (Peking University, The University of
   Western Australia).

Size increased a little:
wolfssl 5.6.6:
516880 bin/packages/mips_24kc/base/libwolfssl5.6.6.e624513f_5.6.6-stable-r1_mips_24kc.ipk
wolfssl: 5.7.0:
519429 bin/packages/mips_24kc/base/libwolfssl5.7.0.e624513f_5.7.0-stable-r1_mips_24kc.ipk

(cherry picked from commit f475a44c03)
Link: https://github.com/openwrt/openwrt/pull/15872
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:27:20 +02:00
Nick Hainke
97c588e1ba wolfssl: update to 5.6.6
Release Notes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable

Refresh patches:
- 100-disable-hardening-check.patch

Fixes: CVE-2023-6935 CVE-2023-6936 CVE-2023-6937
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 511578c128)
Link: https://github.com/openwrt/openwrt/pull/15872
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:27:20 +02:00
David Bentham
9ac1523062 mediatek: add Comfast CF-E393AX support
Comfast CF-E393AX is a dual-band Wi-Fi 6 POE ceiling mount access point.

Oem firmware is a custom openwrt 21.02 snapshot version.

We can gain access via ssh once we remove the root password.

Hardware specification:
  SoC: MediaTek MT7981A 2x A53
  Flash: 128 MB SPI-NAND
  RAM: 256MB DDR3
  Ethernet: 1x 10/100/1000 Mbps built-in PHY (WAN)
            1x 10/100/1000/2500 Mbps MaxLinear GPY211C (LAN)
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976D
  LEDS: 1x (Red, Blue and Green)
  Button: Reset
  UART: 3.3v, 115200n8
  --------------------------
  | Layout |
  | ----------------- |
  | 4 | VCC GND TX RX | <= |
  | ----------------- |
  --------------------------

Gain SSH access:
1. Login into web interface (http://apipaddress/computer/login.html),
   and download the
   configuration(http://apipaddress/computer/config.html).

2. Rename downloaded backup config - 'backup.file to backup.tar.gz',
   Enter 'fakeroot' command then decompress the configuration:
   tar -zxf backup.tar.gz

3. Edit 'etc/shadow', update (remove) root password:
   With password =
   'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
   'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
   to
   Without password =
   'root::0:99999:7:::'
   'root::0:99999:7:::'

4. Repack 'etc' directory back to a new backup file:
   tar -zcf backup-ssh.tar.gz etc/
5. Rename new config tar.gz file to 'backup-ssh.file'
   Exit fakeroot - 'exit'

6. Upload new configuration via web interface, now you
   can SSH with the following:

   'ssh -vv -o HostKeyAlgorithms=+ssh-rsa \
   -o PubkeyAcceptedAlgorithms=+ssh-rsa root@192.168.10.1'.

   Backup the mtd partitions
   - https://openwrt.org/docs/guide-user/installation/generic.backup

7. Copy openwrt factory firmware to the tmp folder to install via ssh:

   'scp -o HostKeyAlgorithms=+ssh-rsa \
   -o PubkeyAcceptedAlgorithms=+ssh-rsa \
   *-mediatek-filogic-comfast_cf-e393ax-squashfs-factory.bin \
   root@192.168.10.1:/tmp/'

   'sysupgrade -n -F \
   /tmp/*--mediatek-filogic-comfast_cf-e393ax-squashfs-factory.bin'

8. Once led has stopped flashing - Connect via ssh with the
   default openwrt ip address - 'ssh root@192.168.1.1'

9. SSH copy the openwrt sysupgrade firmware and upgrade
   as per the default instructions.

Signed-off-by: David Bentham <db260179@gmail.com>
(cherry picked from commit d8f4453bf2)
2024-07-04 15:54:27 +02:00
Leon M. Busch-George
f377e7fade mediatek: add support for YunCore AX835
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: 16MB NOR
  RAM: 256MB
  Ethernet: 2x 10/100/1000 Mbps
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset
  Power: DC 12V 1A, PoE 802.3af 48V

Flash instructions:

Option #1 - SSH

  I was able to SSH into the stock firmware of my device.

  1. Attach the router to the network
  2. Use scp (-O) to copy the sysupgrade image
  3. Connect using SSH and run `sysupgrade -n`

Option #2 - U-Boot

  One way to use the bootloader for flashing is using TFTP:

  1. Connect to the router using an ethernet cable
  2  Spin up a TFTP server serving the sysupgrade file
  3. Open the case and attach a UART
  4. Attach power to the router and interrupt the countdown by pressing
     any key
  5. Select option #2 (Upgrade firmware)
  6. Enter IP address information and image name
  7. Wait patiently

Co-Authored-By: Enrique Rodríguez Valencia <enrique.rodriguez@galgus.net>
Co-Authored-By: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
(cherry picked from commit b4086f44cd)
2024-07-04 15:39:47 +02:00
Daniel Golle
387e143c68 mediatek: add support for Adtran SmartRG Bonanza Peak series
The Bonanza Peak series are a couple of MT7986-powered 2.5 GBit/s
Wi-Fi 6 residential gateway, access point and mesh router products.

All of them come with an eMMC to boot from, are powered via USB-C and
got a USB 3.0 type-A port. All of them got a Dialog (Renesas) DA14531
Bluetooth module connected via UART. If the device was previously
running stock firmware, the BT chip's internal flash has been loaded
with firmware and it can be attached using hciattach when using
OpenWrt.

SOC: MediaTek MT7986A
RAM: 2 GiB DDR4
eMMC: 8 GiB
Bluetooth: BLE5 (DA14531)
Serial: 3.3V level, 115200 8n1 on 4-pin connector

 * SDG-8612 - Dual-band RJ-45 gateway
   2x 2.5G MaxLinear PHY for WAN port
   3x 1GE LAN ports via MT7531 switch

 * SDG-8614 - Dual-band SFP gateway
   1x SFP cage with up to 2.5G speed
   1x 2.5G MaxLinear PHY for LAN port
   3x 1GE LAN ports via MT7531 switch

 * SDG-8622 - Tri-band mesh router
   2x 2.5G MaxLinear PHY
   The MT7986 2G and 5G are used as 2G and 5G high band.
   There’s a MT7915 PCIe card for 5G low band.

 * SDG-8632 - Tri-band mesh router with 6 GHz
   2x 2.5G MaxLinear PHY
   The MT7986 serves the 2G and 6G bands.
   There’s a MT7915 PCIe card for 5G.

Installation via U-Boot serial console:
0. setup TFTP server with IP 192.168.1.10/24, place initramfs image
renamed to openwrt.XXX where XXX is the internal product number:
 SDG-8612: XXX = 412
 SDG-8614: XXX = 414
 SDG-8622: XXX = 422
 SDG-8632: XXX = 432

1. connect to the serial console and power on the device.
   Interrupt the bootloader by pressing 'st'
2. setenv boot_mode openwrt ; saveenv
3. run boot1
   Load firmware via TFTP and write to flash
4. run boot2
   Now OpenWrt initramfs should boot
5. upload sysupgrade.bin via scp to /tmp
6. sysupgrade

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3aa686f8d4)
2024-07-04 15:39:47 +02:00
Chukun Pan
e4015c446b uboot-envtools: filogic: reorder alphabetically
Reorder scripts to keep alphabetical order.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 4825defe44)
2024-07-04 15:39:22 +02:00
Rafał Miłecki
355bc644a9 kernel: backport some useful LED_FUNCTION_* defines for DT
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 081cd769fc)
2024-07-03 14:39:10 +02:00
Shiji Yang
85f3603047 generic: add more DT LED color and function definitions
Openwrt supports hundreds of devices. These newly added LED colors
and functions can help developers better describe LED indicators.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit 6c41c585e3)
2024-07-03 14:38:29 +02:00
Felix Fietkau
f64576f367 mt76: update to Git HEAD (2024-04-03)
605624a4e17b mt76: fix path to page_pool helper include
e4de3592c4e3 wifi: mt76: mt7603: fix tx queue of loopback packets
446f652c967c wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset
669aba47a145 wifi: mt76: mt7915: fix HE PHY capability regression
5914ea57a31f wifi: mt76: mt7915: workaround dubious x | !y warning
e8b5991f7dac wifi: mt76: mt7915: workaround too long expansion sparse warnings
e507b4e32ead wifi: mt76: mt7921: fix fw used for offload check for mt7922
725f531c1459 wifi: mt76: connac: check for null before dereferencing
b108dda7e201 wifi: mt76: mt7996: fix size of txpower MCU command
5b7616491f07 wifi: mt76: mt7921: introduce mt7920 PCIe support
0436995feca9 wifi: mt76: mt7921s: fix potential hung tasks during chip recovery
75759dca73d5 wifi: mt76: mt7925: ensure 4-byte alignment for suspend & wow command
b96ab5e62010 wifi: mt76: mt7996: fix uninitialized variable in mt7996_irq_tasklet()
7ff11c7259a3 wifi: mt76: sdio: move mcu queue size check inside critical section
02846a5d0f0f wifi: mt76: mt7915: Remove unused of_gpio.h
cb8df32e0475 wifi: mt76: mt7996: disable rx header translation for BMC entry
a4c4b550512e wifi: mt76: connac: use peer address for station BMC entry
260c5b7c3ba0 wifi: mt76: mt7996: set RCPI value in rate control command
0b7e645db9c2 wifi: mt76: connac: enable HW CSO module for mt7996
f19035fe0b4d wifi: mt76: mt7996: fix non-main BSS no beacon issue for MBSS scenario
424e9df466ce wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature
f70cb4f0508e wifi: mt76: connac: enable critical packet mode support for mt7992
5f1bf8865247 wifi: mt76: mt7996: add sanity checks for background radar trigger
1e336a8582dc wifi: mt76: connac: use muar idx 0xe for non-mt799x as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a10a6fbac7)
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-07-03 09:59:49 +02:00
Ian Oderon
77354213b7 mediatek: add support for Zbtlink ZBT-Z8103AX
Specifications:
SoC: MediaTek MT7981B
RAM: 256MiB
Flash: SPI-NAND 128 MiB
Switch: 1 WAN, 3 LAN (Gigabit)
Buttons: Reset, Mesh
Power: DC 12V 1A
WiFi: MT7976CN
UART: 115200n8
UART Layout:
VCC-RX-TX-GND

No. of Antennas: 6
Note: Upon opening the router, only 5 antennas were connected
to the mainboard.

Led Layout:
Power-Mesh-5gwifi-WAN-LAN3-LAN2-LAN1-2gWiFi

Buttons:
Reset-Mesh

Installation:
A. Through OpenWrt Dashboard:
If your router comes with OpenWrt preinstalled (modified by the seller),
you can easily upgrade by going to the dashboard (192.168.1.1) and then
navigate to System -> Backup/Flash firmware, then flash the firmware

B. Through TFTP
Standard installation via UART:

1. Connect USB Serial Adapter to the UART, (NOTE: Don't connect the VCC pin).
2. Power on the router. Make sure that you can access your router via UART.
3. Restart the router then repeatedly press ctrl + c to skip default boot.
4. Type > bootmenu
5. Press '2' to select upgrade firmware
6. Press 'Y' on 'Run image after upgrading?'
7. Press '0' and hit 'enter' to select TFTP client (default)
8. Fill the U-Boot's IP address and TFTP server's IP address.
9. Finally, enter the 'firmware' filename.

Signed-off-by: Ian Oderon <ianoderon@gmail.com>
(cherry picked from commit 4300bc6688)
2024-07-03 09:19:41 +02:00
Rodrigo Balerdi
9988f8adf8 base-files: minor fix to mmc_get_mac_ascii function
This is mostly a cosmetic cleanup. The absence of
the return statement was not causing any problems.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
(cherry picked from commit 8cf4ac5195)
2024-07-02 09:05:52 +02:00
Daniel Golle
4058d0e990 base-files: add mmc_get_mac_ascii function
Similar to the *_get_mac_binary function, also split the common parts
off mtd_get_mac_ascii into new get_mac_ascii function and introduce
mmc_get_mac_ascii which uses it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 45c85c1827)
2024-07-02 09:05:52 +02:00
Daniel Golle
46aa8c7732 mediatek: add kmod-usb3 to default package set of the ZBT-Z8102AX
Include XHCI USB drivers on the ZBT-Z8102AX router, the drivers are
required to be able to use the USB-connected M.2 slots for 4G/5G modems.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 507ad4f078)
2024-07-02 07:34:08 +02:00
Hauke Mehrtens
866b1bb2b3 kernel: bump 5.15 to 5.15.161
No manual changes needed.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 19305aff72)
2024-07-01 22:32:52 +02:00
Hauke Mehrtens
1589572576 kernel: bump 5.15 to 5.15.160
No manual changes needed.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c569b7d21a)
2024-07-01 22:32:51 +02:00
Hauke Mehrtens
cd2fdaf717 kernel: bump 5.15 to 5.15.159
Removed because they are upstream:
   generic/pending-5.15/778-net-l2tp-drop-flow-hash-on-forward.patch
   https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=e97e0051056b6dbcc43ae1862dcfcb05d06517c3

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6cfa186544)
2024-07-01 22:32:51 +02:00
Ryan Castellucci
a0d2ddac30 ipq40xx: eap1300: add eap1300ext as alt model
The EnGenius EAP1300 and EAP1300EXT use identical boards and firmware
(as flashed) from the vendor.

As with the EAP1300, the EAP1300EXT requires a specific firmware version
to flash OpenWRT. Unfortunately, the required firmware is truncated on
the vendor's website.

A working file can be created as follows:

```
curl \
https://www.engeniustech.com/wp_firmware/eap1300-all-v3.5.3.5_c1.9.04.bin \
| perl -pe 's/\x09EAP1300_A/\x0cEAP1300EXT_A/' \
> eap1300ext-all-v3.5.3.5_c1.9.04.bin
```

The file should have sha256:
`58a1197a426139a12b03fd432334e677124cbe3384349bd7337f2ee71f1dcfd4`.

Please see commit 2b4ac79 for further
details.

The vendor firmware must be decrypted before it can be flashed from
OpenWRT. A tool able to do that is available from:

https://github.com/ryancdotorg/enfringement/blob/main/decrypt.py

Signed-off-by: Ryan Castellucci <code@ryanc.org>
(cherry picked from commit 85f6f88223)
2024-07-01 07:14:18 +02:00
David Bauer
ef4fc5cc1d hostapd: bump PKG_RELEASE
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 89d7051485)
2024-06-30 22:31:51 +02:00
David Bauer
85ff47c6be hostapd: don't ignore probe-requests with invalid DSSS params
Don't ignore probe requests which contain an invalid DS parameter for the
current operating channel.

As the comment outlines, the drop shall only apply if
dot11RadioMeasurementActivated is set to 1.

However, it was observed Linux clients (Debian 12 / NixOS 23.11)
with an Intel 8265 NIC may generate a probe request frame with
dot11RadioMeasurementActivated set to false and an invalid DSSS
parameter.

These were also dropped even though they should not have been. They
however should not have contained this parameter in the first place.

Don't drop Probe Requests which contain such an invalid field. This may
lead to more probe responses being sent, however it does fix very
frequent connection issues for these clients on 2.4 GHz.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 68e4cc9be5)
2024-06-30 22:31:51 +02:00