Commit Graph

57943 Commits

Author SHA1 Message Date
Nick Hainke
7fe85ce1f2 hostapd: increase PKG_RELEASE to fix builds
Recent hostapd changes just edited the ucode files. It is required to
bump the PKG_RELEASE to include the newest changes in the latest builds.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 91d2ead3c3)
2023-09-29 11:29:36 +02:00
Felix Fietkau
02ed2b0271 hostapd: fix wpa_supplicant mac address allocation on ap+sta
If the full interface is restarted while bringing up an AP, it can trigger a
wpa_supplicant interface start before wpa_supplicant is notified of the
allocated mac addresses.
Fix this by moving the iface_update_supplicant_macaddr call to just after
the point where mac addresses are allocated.

Reported-by: Michael-cy Lee (李峻宇) <Michael-cy.Lee@mediatek.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit abceef120d)
2023-09-28 10:32:59 +02:00
David Bauer
186747a169 mpc85xx: add Enterasys WS-AP3715i reset button
The reset button was missing from the Enterasys WS-AP3715i DTS.
Add the node required for making the reset button work.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 0e8641d3b0)
2023-09-27 23:14:05 +02:00
Hauke Mehrtens
679f89ab65
treewide: Add extra CPE identifier
This adds some Common Platform Enumerations (CPE) identifiers which I
found.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-09-27 22:37:13 +02:00
Arne Zachlod
ba9b93d913 toolchain: musl: add PKG_CPE_ID
Vulnerabilities of musl libc are tracked as
cpe:/a:musl-libc:musl

Signed-off-by: Arne Zachlod <arne@nerdkeller.org>
2023-09-27 22:37:01 +02:00
Alexander Couzens
0ba56ae446 toolchain: assign PKG_CPE_ID
The PKG_CPE_ID links to NIST CPE version 2.2.
Assign PKG_CPE_ID to all remaining package which have a CPE ID.
Not every package has a CPE id.

Related: https://github.com/openwrt/packages/issues/8534
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2023-09-27 22:37:01 +02:00
Alexander Couzens
1b7d48dc5f tools: assign PKG_CPE_ID
The PKG_CPE_ID links to NIST CPE version 2.2.
Assign PKG_CPE_ID to all remaining tools which have a CPE ID.
Not every tool has CPE id.

Related: https://github.com/openwrt/packages/issues/8534
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2023-09-27 22:37:01 +02:00
Alexander Couzens
388d213392 packages: assign PKG_CPE_ID for all missing packages
The PKG_CPE_ID links to NIST CPE version 2.2.
Assign PKG_CPE_ID to all remaining package which have a CPE ID.
Not every package has CPE id.

Related: https://github.com/openwrt/packages/issues/8534
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2023-09-27 22:37:01 +02:00
Felix Fietkau
782341458c hostapd: fix mac address of interfaces created via wdev.uc
Use the wdev config with the generated MAC address

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 0c43a48735)
2023-09-27 15:04:36 +02:00
Felix Fietkau
849f0ea65c hostapd: fix rare crash with AP+STA and ACS enabled
Ensure that the iface disable in uc_hostapd_iface_start also clears the ACS
state.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit f1bb528ae7)
2023-09-27 14:05:40 +02:00
David Bauer
f4e4943d1a mpc85xx: drop WS-AP3715i label-mac
Label MAC detection does not work properly, as MAC address is assigned
on preinit. Thus, remove the label-mac definition.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit cd14b17cb0)
2023-09-26 14:33:05 +02:00
Oskari Lemmela
34d8a7f63f
ipq806x: 5.15: revert upstream commit to fix #11676
Commit d5a05e69ac6e4 ("net: stmmac: Use hrtimer for TX coalescing") causes
high CPU usage due to hrtimer raw spin locks.

Fixes: #11676
Signed-off-by: Oskari Lemmela <oskari@lemmela.net>
[ renumber and rename revert patch ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-26 13:15:37 +02:00
John Audia
dee4e7b40c kernel: bump 5.15 to 5.15.132
Changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.132

Removed upstreamed:
	bcm53xx/patches-5.15/037-v6.6-0006-ARM-dts-BCM53573-Add-cells-sizes-to-PCIe-node.patch[1]
	bcm53xx/patches-5.15/037-v6.6-0007-ARM-dts-BCM53573-Use-updated-spi-gpio-binding-proper.patch[2]
	bcm53xx/patches-5.15/037-v6.6-0008-ARM-dts-BCM5301X-Extend-RAM-to-full-256MB-for-Linksy.patch[3]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.132&id=b35f3ca1877e024887df205ede952863d65dad36
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.132&id=2840d9b9c8750be270fb1153ccd5b983cbb5d592
3. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.132&id=f086e859ddc252c32f0438edff241859c0f022ce

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit ac422c9788)
[Refresh on top of OpenWrt 23.05]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-09-25 23:04:37 +02:00
John Audia
442f7406a9 kernel: bump 5.15 to 5.15.131
Changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.131

All patches automatically rebased.

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 58bb5e147a)
[Refresh on top of OpenWrt 23.05]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-09-25 23:04:37 +02:00
Andreas Böhler
39320d4b58
ipq40xx: ZTE MF287 fix sysupgrade
While refactoring support for the MF287 series, an entry in platform.sh
was overlooked - this fixes sysupgrade on this devices.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit 964b576fc1)
2023-09-25 20:52:39 +02:00
Oskari Rauta
9349302bca ccache: add missing \
-DREDIS_STORAGE_BACKEND=OFF option is ignored due to missing \

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit b61ac68b67)
2023-09-24 13:22:34 +02:00
Ivan Pavlov
912eded06c openssl: update to 3.0.11
Changes between 3.0.10 and 3.0.11 [19 Sep 2023]
 * Fix POLY1305 MAC implementation corrupting XMM registers on Windows. ([CVE-2023-4807])

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit bfd54529fa)
2023-09-24 13:22:34 +02:00
Erik Karlsson
2d812f0b72 procd: create /dev/fd symlink
This is needed for ksh/bash style process substitution such as
<(command) and >(command) which was introduced in ash as of busybox
version 1.34.0 to work.

Signed-off-by: Erik Karlsson <erik.karlsson@genexis.eu>
(cherry picked from commit fdce970dbb)
2023-09-24 13:22:34 +02:00
Yuu Toriyama
4c2f44c859 wireless-regdb: update to 2023.09.01
Changes:
    9dc0800 wireless-regdb: Update regulatory rules for Philippines (PH)
    111ba89 wireless-regdb: Update regulatory rules for Egypt (EG) from March 2022 guidelines
    ae1421f wireless-regdb: Update regulatory info for Türkiye (TR)
    20e5b73 wireless-regdb: Update regulatory rules for Australia (AU) for June 2023
    991b1ef wireless-regdb: update regulatory database based on preceding changes

Signed-off-by: Yuu Toriyama <PascalCoffeeLake@gmail.com>
(cherry picked from commit 0e13363de6)
2023-09-24 13:22:33 +02:00
Tomasz Maciej Nowak
06ff4dd562 mvebu: cortexa72: enable USB PHY
Since kernel 5.13 this is needed to enable USB ports on all devices in
subtarget. Previously TF-A and COMPHY driver might have set up this PHY,
but not anymore.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Tested-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit eac1928430)
2023-09-24 13:14:11 +02:00
Andreas Böhler
457a12a834 ipq40xx: ZTE MF287 series: move to gpio-export for modem-reset GPIO
Turn the "gpio-restart" node into a "gpio-export" node for all MF287
variants, similar to the MF287 Pro. Unfortunately, there doesn't seem to be
a "power button blocker" GPIO for the MF287 and MF287 Plus, so a modem
reset always triggers a system reset.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit 053f8f92d1)
2023-09-24 12:55:18 +02:00
Andreas Böhler
a684b512e5 ipq40xx: refactor ZTE MF287 series
The ZTE MF287 requires a different board calibration file for ath10k than
the ZTE MF287+. The two devices receive their own DTS, thus the device tree
is slightly refactored.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit 9c7578d560)
2023-09-24 12:55:18 +02:00
Felix Fietkau
2f30dec3cb hostapd: fix patch rebase after a crash fix
The patch refresh accidentally moved the hostapd_ucode_free_iface call to
the wrong function

Fixes: e9722aef9e ("hostapd: fix a crash when disabling an interface during channel list update")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 3a5ad6e3d7)
2023-09-22 20:01:43 +02:00
Felix Fietkau
fe1028e89c hostapd: fix wpa_supplicant bringup with non-nl80211 drivers
Needed for wired 802.1x

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit fd6d7aafb2)
2023-09-22 08:11:04 +02:00
David Bauer
43e9cded06 mpc85xx: correct WS-AP3715i eth LED assignment
Ethernet LED assignments were incorrectly swapped. Fix the assignment
logic so the correct LED is illuminated for the LAN LEDs.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 8037417744)
2023-09-21 01:11:11 +02:00
Felix Fietkau
eda1545e6e hostapd: add missing NULL pointer check in uc_hostapd_iface_stop
Avoid crashing if the interface has already been removed

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 4145ff4d8a)
2023-09-20 18:43:35 +02:00
Felix Fietkau
6019945e96 hostapd: fix a crash when disabling an interface during channel list update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit e9722aef9e)
2023-09-20 14:11:53 +02:00
Leon M. Busch-George
83bf45ea5c
package: base-files: turn error into warning
Some users have their routers configured to supply a DHCP range that
includes the local interface address.
That worked with dnsmasq because it automatically skips the local
address.

Re-enable those existing configurations for the release and hint at
possible future problems.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
[ wrap commit description and remove unecessary text ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-19 15:38:59 +02:00
Felix Fietkau
829196e1b1 netifd: update to the latest version
7a58b995fdbe wireless: update prev_config on SET_DATA notify

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit f52e008d04)
2023-09-19 11:57:19 +02:00
Felix Fietkau
09b9d732ec hostapd: use phy name for hostapd interfaces instead of first-bss ifname
Improves reliability in error handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a511480368)
2023-09-19 11:57:18 +02:00
Felix Fietkau
8b385a45a6 mac80211: fix AP reconfiguration on DFS channels in non-ETSI regdomain
Allow grace period for DFS available after shutting down beacons on the channel

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 16889141d9)
2023-09-18 16:52:25 +02:00
Felix Fietkau
0d1859c258 netifd: update to the latest version
f429bd94f99e system-linux: switch to new ETHTOOL_xLINKSETTINGS API
1a07f1dff32b make_ethtool_modes_h.sh: apply anti-bashism
3d425f16d6a6 wireless: rework and fix vlan/station config reload handling
88a3a9e2be07 wireless: clean up prev_config handling
afcd3825dad9 wireless: dynamically enable/disable virtual interfaces base on network interface autostart

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a33f1d3515)
2023-09-18 16:52:25 +02:00
Felix Fietkau
5e3f86a101 hostapd: select libopenssl-legacy for openssl variants
Without it, a lot of authentication modes fail without obvious error messages

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 560965d582)
2023-09-18 16:52:25 +02:00
Felix Fietkau
90d5961751 hostapd: remove eap-eap192 auth type value
It is no longer used

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit b0501d380f)
2023-09-18 16:52:25 +02:00
Felix Fietkau
6e09f88d29 netifd: update to the latest version
db3934d2f740 scripts/netifd-wireless.sh: properly fix WPA3 Enterprise support

Support the following values for the different WPA3 Enterprise modes:

- wpa3-mixed: WPA3 Enterprise transitional mode
	This supports EAP with both SHA1 and SHA-256, with optional MFP
- wpa3: WPA3 Enterprise only mode
	This supports only SHA256 with mandatory MFP
- wpa3-192: WPA3 Enterprise with mandatory 192 bit support
	This uses only GCMP-256 ciphers

Disable 192 bit support and GCMP-256 ciphers for the regular "wpa3" mode.
It seems that even leaving in optional 192 bit support breaks auth on some
clients, including iOS devices.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 8c03dc962f)
2023-09-18 16:52:25 +02:00
Felix Fietkau
6798f156f9 hostapd: support eap-eap2 and eap2 auth_type values
WPA3 Enterprise-transitional requires optional MFP support and SHA1+SHA256
WPA3 Enterprise-only requires SHA1 support disabled and mandatory MFP.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit b63df6ce5d)
2023-09-18 16:52:25 +02:00
Felix Fietkau
98d0ee9dbf hostapd: fix FILS key mgmt type for WPA3 Enterprise 192 bit
Use the SHA384 variant to account for longer keys with more security

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit f0d1349b52)
2023-09-18 16:52:25 +02:00
Felix Fietkau
a701e6e1c2 netifd: update to the latest version
077e05f2b129 vlan/vlandev: pass through extra vlan information passed via hotplug
40fad91eb5be wireless: add network_vlan config attribute
1571e18e4a69 bridge: add support for configuring extra tagged vlans on member devices
b719f189f243 bridge: make hotplug-added vlans default to tagged
edf3aced9f9a bridge: add support for adding vlan ranges via hotplug
493e1589bc8b bridge: fix coverity false positive report
03a619947717 bridge: add support for configuring extra vlans for the bridge itself
4bea6d21a9ab wireless: fix changing reconf/serialize options in configuration
255b4d5c472e wireless: fix handling config reload with reconf=1
1ab992a74b43 wireless: fix another reconf issue
e94f7a81a039 bridge: fix config reload on 32 bit systems
8c2758b4fbbb wireless: add support for replacing data blobs at runtime
0ff22a6a68ce wireless: enable dynamic reconfiguration by default
4711f74479e2 netifd: fix disabling radio via config if reconf is being used

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 09fd59938b)
2023-09-18 16:52:25 +02:00
Felix Fietkau
9720b094ae hostapd: backport from master, including ucode based reload support
This significantly improves config reload behavior and also fixes some
corner cases related to running AP + mesh interfaces at the same time.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-18 16:52:25 +02:00
Felix Fietkau
263583dc1e ubus: update to the latest version
f787c97b3489 libubus: add missing uloop_fd_delete call in ubus_shutdown

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit fdadfb633f)
2023-09-18 14:25:18 +02:00
Felix Fietkau
9af2ad5111 ucode: update to the latest version
9986b839595d ci: unbreak failing builds by using fixed gh-actions-openwrt-ci-sdk
77c961e20eda ci: fix broken imx6-generic SDK build
86107a647cb0 ci: cancel concurrent builds
ed543d8bf481 ci: update the workflows
11d5f8840002 Merge pull request #151 from ynezz/ynezz/unbreak-ci
b934ce815ff2 program: fix memory leak in read_sourceinfo
b0baf043e64c Merge pull request #152 from Ansuel/fix-memory-leak
740e2501fdca main: add user specified library search paths before default path
15f1a669e8e2 struct: remove state->len
29edb011caf1 ubus: add support for strings containing null bytes
2b4346bfdc67 vm: clear vm->alloc_refs in uc_gc_common
b213bd120d55 Merge pull request #150 from nbd168/misc-improvements
66520ebe27ae vm: immediately release arguments on calls with invalid spreads
07cc72a77e3b README.md: fix debian dependencies
d048ea88fe71 compiler: fix memory leak in uc_compiler_compile_import on early exit
7b7e22dcdf02 Merge pull request #155 from luizluca/luizluca-patch-1
d656d150905e types: implement ucv_object_sort()
d72eebeb168b lib: support object ordering in `uc_sort()`
ed1f0133c870 nl80211: add constants for iftypes
3ffb046c59a6 Merge pull request #156 from nbd168/nl80211-iftypes
c7d84aae0969 Merge pull request #153 from jow-/lib-sort-object-support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 9419a50242)
2023-09-18 14:25:18 +02:00
Felix Fietkau
7e55f20c1f kernel: backport support for renaming netdevs while up
Will be used in upcoming hostapd changes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 77c45ddd86)
2023-09-18 14:25:18 +02:00
Andreas Böhler
385a50f02d
ipq40xx: fix image building for ZTE MF287 series
For the ZTE MF287 series, a special recovery image is built. The Makefile
worked fine on snapshot, but created corrupt images on the 23.05 images.
By using the appropriate variable, this should be fixed.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit a9cc3708e0)
2023-09-18 11:50:08 +02:00
Max Qian
2dc284a79a
ramips: RT1800: fix invalid octal number error
This commit removes the padded zeros in the date formatting.
The padded zeros from the date command causes the numbers
to be interpreted as an octal number by printf. Months, days,
and years with the number 08 or 09 raise an error in printf as an
"invalid octal number" and get interpreted as a zero.

Signed-off-by: Max Qian <public@maxqia.com>
(cherry picked from commit 794349a28a)
2023-09-17 22:46:01 +02:00
Matthijs Kooijman
c3be832427
ath79: fix packetloss on some WLR-7100
On some WLR-7100 routers, significant packet loss was observed. This is
fixed by configuring a delay on the GMAC0 RXD and RXDV lines.

The values used in this commit are copied from the values used by the
stock firmare (based on register dumping).

Out of four test routers, the problem was consistently observed on two.
It is unclear what the relevant difference is exactly (the two working
routers were v1 001 with AR1022 and v1 002 with AR9342, the two broken
routers were both v1 002 with AR1022). All PCB routing also seems
identical, so maybe there is some stray capacitance on some of these
that adds just enough delay or so...

With this change, the packet loss disappears on the broken routers,
without introducing new packet loss on the previously working routers.

Note that the PHY *also* has delays enabled (through
`qca,ar8327-initvals`) on both RX and TX lines, but apparently that is
not enough, or it is not effective (registers have been verified to be
written).

For detailed discussion of this issue and debug history, see
https://forum.openwrt.org/t/sitecom-wlr-7100-development-progress/79641

Signed-off-by: Matthijs Kooijman <matthijs@stdin.nl>
(cherry picked from commit d2ce3a61aa)
2023-09-17 16:39:47 +02:00
Mathew McBride
d536f398eb kernel: ensure VFIO related suboptions are disabled
These suboptions (PLATFORM, FSL_MC and MLX5_VFIO_PCI)
may be prompted for when VFIO is enabled, regardless of
architecture.

These are not related to the main vfio use case
(passthrough of PCIe devices)

Signed-off-by: Mathew McBride <matt@traverse.com.au>
(5.15 version of abc536f547)
2023-09-16 21:00:38 +02:00
Mathew McBride
3c8825e5f8 kernel: enable vfio and vfio-pci for armsr-armv8
Arm platforms with the right hardware blocks (such as
GICv3.0+ interrupt controller and SMMU/IOMMU) are
able to use vfio-pci to pass through PCI devices
to a VM.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 9ac01aac0a)
2023-09-16 21:00:38 +02:00
Mathew McBride
c79854e9fc kernel: vfio: remove unneeded enable_unsafe_noiommu_mode parameter
The vfio module only exposes the enable_unsafe_noiommu_mode parameter
if CONFIG_VFIO_NOIOMMU is enabled. When it isn't, the module
will complain about an unknown parameter:

vfio: unknown parameter 'enable_unsafe_noiommu_mode' ignored

As CONFIG_VFIO_NOIOMMU is disabled by the module package,
we can remove the module loading parameter.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 7ad8612a23)
2023-09-16 21:00:38 +02:00
Mathew McBride
c90005c58a x86: remove built-in vhost-net driver
This is now available as a kmod package (kmod-vhost-net).

Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 8b1cc1582a)
2023-09-16 21:00:38 +02:00
Mathew McBride
5edeb1ee0c kernel: add vhost-net module
vhost-net is used to accelerate traffic to virtualisation
guests that use the virtio-net network card in QEMU.

Generally it is invoked by specifying "vhost=on" to a
QEMU -netdev device:

qemu-system-aarch64 -nographic -M virt -cpu host \
        --enable-kvm -bios u-boot.bin -smp 1 -m 2048 \
        -drive file=openwrt-armsr-armv8.img,format=raw,index=0,media=disk \
        -device "virtio-net,netdev=landev,disable-legacy=off,disable-modern=off" \
        -netdev "tap,id=landev,helper=/usr/lib/qemu-bridge-helper --br=br-lan,vhost=on"

Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit d188db8aed)
2023-09-16 21:00:38 +02:00