Commit Graph

62902 Commits

Author SHA1 Message Date
Felix Fietkau
53e312e193 netifd: update to Git HEAD (2024-12-17)
058a099f5bc5 interface: fix memleak and reload issue for the zone attribute
ea01ed41f321 interface: remove unnecessary NULL checks before free()

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-12-17 21:54:54 +01:00
Felix Fietkau
f8a16524c4 unetd: add firewall input rule for global port
Ensure that peers can be exchanged over any interface

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-12-17 21:54:54 +01:00
Linus Walleij
8a7239009c kirkwood: Make the Marvell DSA switch a module
Some checks failed
Build Kernel / Build all affected Kernels (push) Has been cancelled
Not all Kirkwood systems have the Marvell MV88E6XXX switches.
Drop those from the generic config and add them as modules
in the systems that have it.

This was inferred by inspecting the upstream DTS files for any
mv88e* strings and adding the mv88e6xxx kmod package to those
that have an upstream device tree with an MV88E6xxx switch
and an OpenWrt image target.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-12-16 22:03:05 +01:00
Felix Fietkau
af1740a28b unetd: update to Git HEAD (2024-12-16)
Some checks failed
Build Kernel / Build all affected Kernels (push) Waiting to run
Build all core packages / Build all core packages for selected target (push) Has been cancelled
d22d7db581d5 bpf_skb_utils.h: add missing include to fix build against newer kernel headers
bbd3e0eb1419 host: fix peer routes on a node acting as gateway
b17164751fc7 unet-tool: add support for generating keys from salt + seed passphrase
041e05870c20 unet-tool: add support for dumping pubkey from signed file
b58920d420cb unet-tool: add support for extracting network data from signed bin file
f335f5b40b4e unet-cli: add support for generating key from seed
8b1f1d099352 unet-cli: add support for importing networks from signed data
188ba05eadf2 unet-cli: add missing command line help for import
8f15fc306a40 unet-cli: fix add-ssh-host with seed keys
486bc3b86dc2 pex-msg: enable broadcast for global PEX socket
e4a24cdfbc1c unet-cli: fix defaults on create

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-12-16 13:03:55 +01:00
Rosen Penev
0634ebed9f ath79: fix tl-wa eth1 mac
This is using mac-base and so a 0 needs to be added.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17274
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-12-16 11:06:11 +01:00
Daniel Golle
f71ce1c34e mediatek: add pending patches fixing video output on MT7623N
Some checks are pending
Build Kernel / Build all affected Kernels (push) Waiting to run
Build all core packages / Build all core packages for selected target (push) Waiting to run
Add a bunch of fixes for HDMI output and Mali-450 GPU rendering on
MT7623N, ie. the BananaPi R2.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-12-16 00:46:38 +00:00
Andrew MacIntyre
e63326e26a lantiq/xrx200: move 8M flash devices to a small flash subtarget
Images for xrx200 8M flash are either not building due to image
size (TD-W8970, TD-W8980) or building such that the available
free space in the overlayfs is too little to be useful.

To keep images for these devices buildable, move them into a
small flash variant of the xrx200 subtarget.  As these devices
are NOR flash only, remove NAND and UBI references from the
kernel config to gain some additional image size reduction.

The apparent 8M flash devices Arcadyan VGV7510KW22-brn,
Arcadyan VGV7519-brn and Lantiq Easy80920-nor seem to exist in
order to create special "factory" installation images for these
devices (which actually have larger flash: 16MB for the
Arcardyan devices; 64MB for the Lantiq device).  As a
considerable amount of surgery would appear to be required to
the uboot-lantiq package structure to separate the "factory"
from the "sysupgrade" device recipes for these devices they
remain in the xrx200 target - if factory images aren't now
created, 23.05.x factory images should suffice for initial
installation.

Tested on: Netgear DM200, TP-Link TD-W8980,
           AVM Fritz7490 (xrx200 subtarget: image build only)

Fixes: https://github.com/openwrt/openwrt/issues/16761
Signed-off-by: Andrew MacIntyre <andymac@pcug.org.au>
Link: https://github.com/openwrt/openwrt/pull/17113
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-16 00:59:55 +01:00
John Audia
a3c484c3b9 kernel: generic: tg3: Fix DMA allocations on 57766 devices
At the request of rsalvaterra, add this patch to fix an issue
affecting tg3 ethernet interfaces[1].

1. https://github.com/openwrt/openwrt/pull/17271#issuecomment-2543836518

Tested-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/17282
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-16 00:54:04 +01:00
Shiji Yang
96eb12e961 ath79: fix ath9k calibration data size for AR9132
For ath9k NICs older than AR9287, The eeprom size is 0xeb8.

Fixes: https://github.com/openwrt/openwrt/issues/17196
Fixes: 74f2df9dbc ("ath79: mtd-cal-data removals")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Link: https://github.com/openwrt/openwrt/pull/17261
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-15 22:31:31 +01:00
Shiji Yang
5a24850de1 ramips: fix 2.4G wmac eeprom offset for TL-WR902AC v4
Some checks failed
Build Kernel / Build all affected Kernels (push) Has been cancelled
Build all core packages / Build all core packages for selected target (push) Has been cancelled
The eeprom data offset on 2.4GHz wmac is wrong. It is obvious that
this is a copy & paste issue.

Suggested-by: @cgm999 on https://github.com/openwrt/openwrt/issues/13969
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Link: https://github.com/openwrt/openwrt/pull/17263
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-14 20:32:53 +01:00
Andre Heider
3c7134fa32 base-files: fix shell scope error for the default LED brightness
This fixes "sh: write error: Invalid argument" for all default!=1 LEDs
as an empty $brightness was used.

Setting up LEDs via luci also now works again.

Fixes cbdfd03e: "base-files: add option to set LED brightness"
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/issues/17269
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-14 19:51:50 +01:00
John Audia
15e173bf7e kernel: bump 6.6 to 6.6.65
Some checks failed
Build Kernel / Build all affected Kernels (push) Waiting to run
Build all core packages / Build all core packages for selected target (push) Waiting to run
Build host tools / Build host tools for linux and macos based systems (push) Has been cancelled
Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.65

Update to checksum only/no patches required a rebase.
Per the changelog, this is a trivial upstream bump with only 4
commits, 2 of which being reverts.

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne

Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/17217
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-12-13 21:40:02 +01:00
John Audia
5158e28769 kernel: bump 6.6 to 6.6.64
Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.64

Manually rebased:
	generic/hack-6.6/780-usb-net-MeigLink_modem_support.patch
	bcm27xx/patches-6.6/950-0585-drm-vc4-Introduce-generation-number-enum.patch
	bcm27xx/patches-6.6/950-0610-drm-vc4-hvs-Support-BCM2712-HVS.patch
	bcm27xx/patches-6.6/950-0829-vc4-hvs-Add-support-for-D0-register-changes.patch

Removed upstreamed:
	bcm27xx/patches-6.6/950-0597-drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch[1]
	bcm27xx/patches-6.6/950-0599-drm-vc4-Fix-dlist-debug-not-resetting-the-next-entry.patch[2]
	bcm27xx/patches-6.6/950-0600-drm-vc4-Remove-incorrect-limit-from-hvs_dlist-debugf.patch[3]
	bcm27xx/patches-6.6/950-0708-drm-vc4-Correct-logic-on-stopping-an-HVS-channel.patch[4]
	ramips/patches-6.6/002-01-v6.13-clk-ralink-mtmips-fix-clock-plan-for-Ralink-SoC-RT38.patch[5]
	ramips/patches-6.6/002-02-v6.13-clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch[6]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.64&id=223ee2567a55e4f80315c768d2969e6a3b9fb23d
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.64&id=8182b5ca19c6f173b6498d1c6d3e4b034b76bbde
3. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.64&id=52c1716f65a558174e381360bd88f18dae4be85c
4. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.64&id=9728b508b01a5eeeac79ceb676364c674dd951ac
5. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.64&id=f85a1d06afbcc57ac44176db8f9d7a934979952c
6. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.64&id=fbb13732c6ffa9d58cedafabcd5ce8fd7ef8ae5a

Build system: x86/64
Build-tested: x86/64/AMD Cezanne, flogic/xiaomi_redmi-router-ax6000-ubootmod, ramips/tplink_archer-a6-v3
Run-tested: x86/64/AMD Cezanne, flogic/xiaomi_redmi-router-ax6000-ubootmod, ramips/tplink_archer-a6-v3

Co-authored-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/17217
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-12-13 21:40:02 +01:00
Rosen Penev
1306237fab qualcommax: use PHY regulator for USB GPIO
The PHY can handle turning off the GPIOs when turning off all USB ports.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17192
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-12-13 21:04:53 +01:00
Chuncheng Chen
502916468e ramips: add support for ASUS 4G-AX56
Some checks failed
Build Kernel / Build all affected Kernels (push) Waiting to run
Build all core packages / Build all core packages for selected target (push) Waiting to run
Coverity scan build / Coverity x86/64 build (push) Has been cancelled
Specifications:
- Device: ASUS 4g-AX56
- SoC: MT7621AT
- Flash: 128MB
- RAM: 512MB
- Switch: 1 WAN, 4 LAN (10/100/1000 Mbps)
- WiFi: MT7905 2x2 2.4G + MT7975 2x2 5G
- LTE : Fibocom FG621-EA
- LEDs: 1x POWER (white, configurable)
	1x 2.4G (white, not configurable)
	1x 5G (white, not configurable)
        1x WAN (white, not configurable)
        1x 3G/4G (white, not configurable)
	3x signal (white, not configurable)

Flash by U-Boot TFTP method:
- Configure your PC with IP 192.168.0.2
- Set up TFTP server and put the factory.bin image on your PC
- Connect serial port(rate:115200) and turn on AP, then interrupt "U-Boot Boot Menu" by hitting any key
   Select "2. Upgrade firmware"
   Press enter when show "Run firmware after upgrading? (Y/n):"
   Select 0 for TFTP method
   Input U-Boot's IP address: 192.168.0.1
   Input TFTP server's IP address: 192.168.0.2
   Input IP netmask: 255.255.255.0
   Input file name: openwrt-ramips-mt7621-asus_4g-ax56-squashfs-factory.bin
- Restart AP aftre see the log "Firmware upgrade completed!"

Notice:
- LTE module is disable after flash openwrt image so you must active LTE by following two AT command
   echo -e "AT+GTAUTOCONNECT=1\r\n" > /dev/ttyUSB0
   echo -e "AT+GTRNDIS=1,1\r\n" > /dev/ttyUSB0
- After finish AT command once, you don't need to input command later even if reboot/restore default

Signed-off-by: Chuncheng Chen <ccchen1984@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16752
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-13 15:29:04 +01:00
Die Peter Pan
9e78db0229 ramips: mt7620: add support for THA-103AC (Version v1.0R)
Hardware
* Mediatek MT7620A + Mediatek MT7610EN
* 64MB RAM
* 8MB NAND (Winbond 25064FVSIG )

Both 2.4GHZ and 5GHZ are working, it is enabled by default since there is no
physical ethernet port in the device.

All LED's and buttons work.

UART: 57600 8N1 3.3V

Installation
Upload the openwrt-ramips-mt7620-trendnet_tha103ac-initramfs-kernel.bin via
the manufacturer firmware upgrade page on the device.

Upon reboot wait +- 3 mins until the green power LED is not flashing anymore
(do not be tempted to switch the device off while the LED is flashing, unless
you are ready for soldering and TTL) and then press the WPS button to enable
the default OpenWrt Wifi AP, the BLUE wifi LED will start flash.

Then install openwrt-ramips-mt7620-trendnet_tha103ac-squashfs-sysupgrade.bin
via OpenWrt.

The integrated power monitoring and relay do not work in OpenWrt as the PL7223
chip source/documentation is unavailable.

Recovery
Mis-configuration can be dealt with using the RESET button to reset to factory,
worst case scenario will require some serious work and soldering, there's pads
on the PCB for both the UART and ETH0, and I soldered and tested that it does
work.

You will have to power the board using the header pins GND & 5V, see the 8-pin
header socket.

Signed-off-by: Die Peter Pan <diepeterpan@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17114
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-13 15:29:04 +01:00
Rosen Penev
c90842b0d1 ath79: pqi-air-pen: adjust mac addresses
The original ar71xx version of this device used 1002 as mac address for
both ethernet and wireless. The ath79 version inexplicably changes this
to 2, which seems to be done nowhere else in ath79, indicating it's
bogus.

Restore previous ar71xx assignment. 1002 is used as an ethernet
interface with some other devices as well.

Also remove the bogus caldata userspace extraction. The size is bogus
and it's already handled in dts.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17083
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-13 15:29:04 +01:00
Yaoguang Bai
6b32a5d768 mediatek: filogic: add support for NRadio C8-668GL
NRadio C8-668GL is a Wi-Fi 6 5G cellular router based on MediaTek MT7981B SoC.

- **SoC**: MediaTek MT7981B (2x Cortex-A53, 1.3GHz)
- **RAM**: Nanya NT5AD512M16C4-JR 1GB DDR4
- **Flash**: ESMT FC51L08SFY3A 8GB eMMC
- **Ethernet**:
  - 1x 2.5GbE (via GMAC0 and GPY211 PHY, shared with MT7531AE)
  - 3x 10/100/1000 Mbps (via MT7531AE, connected to GMAC0)
  - 5G Modem: GMAC1 (via GPY211 PHY - RTL8125BG - RM520N-GL)
- **Wi-Fi**: MediaTek MT7976CN (2.4GHz/5GHz, 802.11ax, 2x2 MIMO, AX3000)
- **Buttons**: Reset, WPS
- **LEDs**: Power, 5G, 4G, WiFi
- **SIM Slot**: 1x Nano SIM
- **5G Modem**: Quectel RM520N-GL (Snapdragon™ X62)
- **Power**: 12V/2A DC, 5.5×2.1 connector

The MAC addresses are derived from the `fac_mac` field in the `bdinfo` partition, formatted as `fac_mac = HWMAC`. The allocation is as follows:

| Vendor  | OpenWrt Interface | Address       | Notes                                          |
|---------|-------------------|---------------|------------------------------------------------|
| LAN     | br-lan            | Label MAC     | Default                                        |
| WAN     | lan4              | Label MAC+1   | Only when lan4 is switched to WAN             |
| 2.4GHz  | phy0-ap0          | Label MAC     |                                                |
| 5GHz    | phy1-ap0          | Label MAC     | (Local Admin bit set)                         |
| Modem   | eth1              | Label MAC+2   |                                                |

1. Log in to the router via `http://192.168.66.1`/.
2. Upgrade the official firmware to dual-system mode.
3. Select **Burn second system** and upload the `sysupgrade.bin` image.
   - Download the image from the OpenWrt build system or build it yourself using the OpenWrt buildroot.
4. Wait for 30 seconds and click **Switch system**.
5. The device will reboot and switch to OpenWrt.

Set the U-Boot environment variable `boot_system=0` and reboot:
```bash
fw_setenv boot_system 0
```

Power off the router, hold the **WPS button**, and power it back on.

1. Rename the stock firmware file to **`recovery.bin`**.
2. Set your PC's Ethernet IP to **192.168.1.88** and connect it to the lan1 port on the router.
3. Run a TFTP server and place the `recovery.bin` file in its root directory.
4. Power off the router, press and hold the **Reset button**, and power it back on.
5. Release the Reset button when the TFTP server shows activity.
6. Wait for the router to flash the firmware and reboot automatically.

- By default, `lan4` is part of `br-lan` and uses the label MAC address.
- To query the RM520N-GL module, use the following command:
  ```bash
  cat /dev/ttyUSB2 & printf 'ATI\r\n' > /dev/ttyUSB2
  ```

Signed-off-by: Yaoguang Bai <0xdeadc0de@badguys.club>
Link: https://github.com/openwrt/openwrt/pull/17093
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-13 15:29:04 +01:00
Rosen Penev
481bf5805a ath79: usb: remove reset names
Upstream uses devm_reset_control_array_get_optional_shared, which does
not use names. reset-names is also not specified in the documentation.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17118
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-13 15:29:04 +01:00
Rosen Penev
787cb9d87e ath79: change phy-names to only usb
Both generic-ehci.yaml and generic-ohci.yaml state that phy-names is to
only be usb.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17118
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-13 15:29:04 +01:00
Rosen Penev
dcef169319 ath79: usb: remove usb- from reset-names
This matches the upstream PHY driver, which removed it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17118
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-13 15:29:04 +01:00
David Bauer
76fabd909e wifi-scripts: don't fail on unset PSK
Don't fail wireless interface bringup on empty PSK set. This is a valid
configuration, resulting in a PSK network which can't be connected to.
It does not fail the bringup of the hostapd process.

Keep failing the interface setup in case a password with invalid length
is used.

This is also beneficial when intending to configure a PPSK network. It
allows to create a network where no PPSK is yet set.

Signed-off-by: David Bauer <mail@david-bauer.net>
Link: https://github.com/openwrt/openwrt/pull/17197
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-13 15:29:03 +01:00
Georgi Valkov
fb17914f65 mac80211: refresh patch for ath12k
refresh the following patch for ath12k
001-wifi-ath12k-add-11d-scan-offload-support-and-handle-country-code-for-WCN7850.patch

Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17246
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-13 15:29:03 +01:00
Rosen Penev
508bf7ca0f lantiq: use regulator for USB GPIO
One is already present. The other one can be implemented in terms of the
PHY.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17250
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-13 15:29:03 +01:00
Felix Fietkau
225b84d583 hostapd: fix building mini variants
Some checks are pending
Build all core packages / Build all core packages for selected target (push) Waiting to run
Move function and add ifdef to avoid undefined reference to hmac_sha256_kdf.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-12-13 11:04:48 +01:00
Felix Fietkau
b6c7d8a0d6 wifi-scripts: fix mesh/sta setup with ucode scripts
Ensure that the code doesn't pass macaddr_base with the wrong type (null)
to the supplicant setup/start call.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-12-13 10:57:18 +01:00
Andreas Gnau
a2f0cd35ac dropbear: Name pid file by uci section name
Some checks are pending
Build Kernel / Build all affected Kernels (push) Waiting to run
Build all core packages / Build all core packages for selected target (push) Waiting to run
Name the pidfile of each dropbear instance according to the
corresponding uci section name. This enables a 1:1 mapping between the
definition of the service instance and its process.

Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>

Link: https://github.com/openwrt/openwrt/pull/15177
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 20:02:38 +01:00
Rosen Penev
3bd2cee9bf ipq40xx: use PHY to control USB GPIO
Instead of using regulator-output to manually control USB GPIO, let the
PHY handle it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

Link: https://github.com/openwrt/openwrt/pull/17221
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 19:54:09 +01:00
Jiale Liu
4a08383339 base-files: fix luci TZ default show zonename
fix default timezone to correct GMT0,
origin value 'UTC' is zonename, not timezone.

Signed-off-by: Jiale Liu <admin@licsber.site>

Link: https://github.com/openwrt/openwrt/pull/15128
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 19:54:09 +01:00
Sybil127
7306ae401c hostapd: add support for rxkh_file
Initial support for dynamic reload of RxKHs.

In order to check if RxKHs need reloading.
RxKHs defined in the rxkh_file first has to be parsed and formated,
the same way as hostapd will read from the file and also output,
with the command GET_RXKHS.
Then each list of RxKHs can be hashed and compared.

Ucode implementation of hostapds rkh_derive_key() function.
Hostapd converts hex keys with 128-bits or more when less than 256-bits
to 256-bits, and truncates those that are more than 256-bits.
See: https://w1.fi/cgit/hostap/commit/hostapd/config_file.c?id=245fc96e5f4b1c566b7eaa19180c774307ebed79

Signed-off-by: Sybil127 <sybil127@outlook.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-12-12 19:19:33 +01:00
Sybil127
97c8a94ec5 wifi-scripts: introduce rxkh_file uci option
With rxkh_file, hostapd will read a list of RxKHs from a text file.
This also makes it possible for hostapd to dynamically reload RxKHs.

RxKHs defined in rxkh_file should be formated as described in hostapd.conf,
with one entry per line.

R0KH/R1KH format:
r0kh=<MAC address> <NAS Identifier> <256-bit key as hex string>
r1kh=<MAC address> <R1KH-ID> <256-bit key as hex string>

Reworked behavior of the uci options r0kh and r1kh.

When rxkh_file is not configured:
  Instead of appending the RxKHs to the hostapd bss configuration.
  They will be added to a interface specific file with name
  /var/run/hostapd-phyX-apX.rxkh.
  This file will be used as the rxkh_file in the hostapd bss configuration.

When rxkh_file is configured:
  The specified file will be used in the hostapd bss configuration,
  and will be the only source for configured RxKHs.
  All RxKHs defined with the uci options r0kh or r1kh will be ignored.

Signed-off-by: Sybil127 <sybil127@outlook.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-12-12 19:19:05 +01:00
Felix Fietkau
00860e485b wifi-scripts: add macaddr_base wifi-device option
This can be used to configure the base mac address from which all
interface mac addresses are derived

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-12-12 19:19:05 +01:00
David Bauer
1be18c6daa wifi-scripts: fix failing mesh setup with missing wpa_supplicant
Some checks are pending
Build Kernel / Build all affected Kernels (push) Waiting to run
Build all core packages / Build all core packages for selected target (push) Waiting to run
The initialization of mesh interfaces currently fail when wpa_supplicant
is not installed. This is due to the script calling the wpa_supplicant
feature indicator without verifying wpa_supplicant is installed at all.

To avoid failing, first check if wpa_supplicant is installed before
determining the available featureset.

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-12-12 16:40:14 +01:00
John Crispin
1375a7bae0 Revert "kernel: modules: fix led-group-multi-color patch"
This reverts commit 1cea889c96.
This reverts commit 5fd86d66c1.

The patch is causing build servers to fail. Revert it for now.

Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 15:44:30 +01:00
John Crispin
1cea889c96 kernel: modules: fix led-group-multi-color patch
Fixes: 5fd86d6 ("kernel: modules: add support for led-group-multicolor")
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 13:53:54 +01:00
Jonathan Brophy
5fd86d66c1 kernel: modules: add support for led-group-multicolor
This option enables support for monochrome LEDs that are grouped into multicolor
LEDs which is useful in the case where LEDs of different colors are physically
grouped in a single multi-color LED and driven by a controller that doesn't have
multi-color support.

Signed-off-by: Jonathan Brophy <professor_jonny@hotmail.com>

Link: https://github.com/openwrt/openwrt/pull/16397
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 12:17:01 +01:00
Rodrigo Balerdi
06c2d5524c base-files: fix cleanup after settings restore
Some devices use file '/tmp/sysupgrade.tar' during settings restore and
this potentially big file was not being cleaned up from RAM afterwards.

See: do_mount_root() (base-files/files/lib/preinit/80_mount_root)

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>

Link: https://github.com/openwrt/openwrt/pull/15339
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 11:01:56 +01:00
Rouven Czerwinski
d67963943b ipq40xx: disable SPI DMA for Fritzbox 4040
We have seen hung devices and failures during SPI transactions on
Fritzbox devices with a gluon based freifunk network. We have narrowed
down that disabling DMA for spi fixes the problem, so disable dma for
the SPI controller on the Fritzbox 4040.

Signed-off-by: Rouven Czerwinski <rouven@czerwinskis.de>

Link: https://github.com/openwrt/openwrt/pull/15966
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 11:01:56 +01:00
Mark Mentovai
ebf1866d09 .gitattributes: ignore some whitespace "violations" in .patch files
git's default core.whitespace[1] setting doesn't agree with .patch
files. This causes whitespace warnings when running `git apply`,
(including via `git am`) and causes red highlighting when viewing diffs
to .patch files via `git diff` (including via `git show`) when
outputting to a terminal.

These types of whitespace “violations” will now be explicitly disabled
for .patch files in the repository-wide .gitattributes file to prevent
git from suggesting that there’s anything wrong with checked-in .patch
files.

A .patch file will naturally have `space-before-tab` if a context line
(not a +/- line) begins with a tab character (as is common in patches to
files that use the tab indent convention), and will also naturally have
`trailing-space` if a context line is blank (also common).

Neither `indent-with-non-tab` nor `tab-in-indent` are enabled in
core.whitespace by default, but could also occur naturally in .patch
files, and are also explicitly disabled here for completeness to cover
cases where they may be enabled in core.whitespace at the global or
system level.

These false violations may be flagged frequently in OpenWrt, because the
repository contains many .patch files. There are currently just over
5,000 .patch files, representing slightly more than half of all files.

[1] https://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration#_core_whitespace

Link: https://github.com/openwrt/openwrt/pull/16012
Signed-off-by: Mark Mentovai <mark@mentovai.com>

Link: https://github.com/openwrt/openwrt/pull/16015
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 11:01:56 +01:00
Markus Gothe
3859e8eeb8 rules.mk: Update ccache's compiler check.
Update the compiler check for ccache so we don't
end up with the wrong binaries. Right now the
compiler check will not be able to correctly
distinguish the compiler used for build
ARMv8 binaries from the one used to build
ARMv7 binaries.

Signed-off-by: Markus Gothe <markus.gothe@genexis.eu>

Link: https://github.com/openwrt/openwrt/pull/16290
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 11:01:56 +01:00
Markus Gothe
1f11912138 ccache: Speed up building.
- Disable compression for ccache's cached files.
- Disable the hashing of the CWD inside debug information. This
  increases the cache hits drastically.

Signed-off-by: Markus Gothe <markus.gothe@genexis.eu>
2024-12-12 11:01:56 +01:00
Chuck R
36f309af05 dnsmasq: pass environment variables to hotplug
dnsmasq passes a limited amount of information via DHCP script arguments. Much
more information is available through environment variables starting with
DNSMASQ_, such as DNSMASQ_INTERFACE. However, when the dhcp-script builds its
JSON environment and passes it to hotplug, all of this information is discarded
since it is not copied to the JSON environment.

Personally, I have a custom-made set of DDNS scripts and rely on environment
variables such as DNSMASQ_INTERFACE in order to determine which DNS zones
to update. So, not being able to access these variables was detrimental to me.
I patched in a quick copy of all DNSMASQ_ variables to the JSON environment
so that they can be used in hotplug scripts. In order to do so I also copied
/usr/bin/env into dnsmasq's chroot jail.

Signed-off-by: Chuck R <github@chuck.cloud>

Link: https://github.com/openwrt/openwrt/pull/16354
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 11:00:38 +01:00
David Bentham
794291bbdf mediatek: add Comfast CF-E395AX support by adding an alternative model name
both these devices share the board and same config, just different model number

Install instructions are the same as the CF-E393AX commit - https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=d8f4453bf2de9fd9baf3d660ed12e0797ff2cfdb

Signed-off-by: David Bentham <db260179@gmail.com>

Link: https://github.com/openwrt/openwrt/pull/16389
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 09:46:38 +01:00
Leon M. Busch-George
821ebce8c1 mbim: sort config variables a little and fix minor bugs
Group 'local' declarations and 'json_get_vars', sort alphabetically within groups, and split off more generic parameters.

- delegate and sourcefilter were not declared as local variables

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>

Link: https://github.com/openwrt/openwrt/pull/16734
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 09:46:38 +01:00
Leon M. Busch-George
650410fca4 ncm: sort config variables a little and fix minor bugs
Group 'local' declarations and 'json_get_vars', sort alphabetically within groups, and split off more generic parameters.

- delegate and sourcefilter were not declared as local variables

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2024-12-12 09:46:38 +01:00
Leon M. Busch-George
bf768867dc qmi: sort config variables a little and fix minor bugs
Group 'local' declarations and 'json_get_vars', sort alphabetically within groups, and split off more generic parameters.

- delegate and sourcefilter were not declared as local variables

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2024-12-12 09:46:38 +01:00
Paweł Owoc
cbdfd03e42 base-files: add option to set LED brightness
Add option to set LED brightness via uci:

config led 'led_blue'
        option name 'blue'
        option sysfs 'blue:status'
        option brightness '1'

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>

Link: https://github.com/openwrt/openwrt/pull/17190
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 09:46:38 +01:00
Liangbin Lian
3710323a46 package/firewall: fix config typo
change Support-UDP-Traceroute rule from 'enabled false' to 'enabled 0'

Signed-off-by: Liangbin Lian <jjm2473@gmail.com>

Link: https://github.com/openwrt/openwrt/pull/17133
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 09:46:38 +01:00
Rany Hany
65a1c666f2 hostapd: add SAE support for wifi-station and optimize PSK file creation
Regarding SAE support in wifi-station:

Important Note: Unlike PSK wifi-stations, both `mac` and `key` options are required
to make it work. With PSK, hostapd used to perform a brute-force match to find which
PSK entry to use, but with SAE this is infeasible due to SAE's design.

When `mac` is omitted, it will allow any MAC address to use the SAE password if it
didn't have a MAC address assigned to it, but this could only be done once.
The last wildcard entry would be used.

Also, unlike "hostapd: add support for SAE in PPSK option" (commit 913368a),
it is not required to set `sae_pwe` to `0`. This gives it a slight advantage
over using PPSK that goes beyond not needing RADIUS.

Example Configuration:

```
config wifi-vlan
        option iface default_radio0
        option name 999
        option vid 999
        option network management

config wifi-station
        # Allow user with MAC address 00:11:22:33:44:55 and matching
        # key "secretadminpass" to access the management network.
        option iface default_radio0
        option vid 999
        option mac '00:11:22:33:44:55'
        option key secretadminpass

config wifi-vlan
        option iface default_radio0
        option name 100
        option vid 100
        option network guest

config wifi-station
        # With SAE, when 'mac' is omitted it will be the fallback in case no
        # other MAC address matches. It won't be possible for a user that
        # has a matching MAC to use this network (i.e., 00:11:22:33:44:55
        # in this example).
        option iface default_radio0
        option vid 100
        option key guestpass
```

Regarding PSK file creation optimization:

This patch now conditionally runs `hostapd_set_psk_file` depending on `auth_type`.
Previously, `hostapd_set_psk` would always execute `hostapd_set_psk_file`, which
would create a new file if `wifi-station` was in use even if PSK was not enabled.
This change checks the `auth_type` to ensure that it is appropriate to parse the
`wifi-station` entries and create those files.

Furthermore, we now only configure `wpa_psk_file` when it is a supported option
(i.e., psk or psk-sae is used). Previously, we used to configure it when it was
not necessary. While it didn't cause any issues, it would litter `/var/run` with
unnecessary files. This patch fixes that case by configuring it depending on the
`auth_type`.

The new SAE support is aligned with these PSK file changes.

Signed-off-by: Rany Hany <rany_hany@riseup.net>

Link: https://github.com/openwrt/openwrt/pull/17145
Signed-off-by: John Crispin <john@phrozen.org>
2024-12-12 09:46:38 +01:00
Chukun Pan
8108967e27 qualcommax: use ath11k_patch_mac for MR7350
Some checks are pending
Build Kernel / Build all affected Kernels (push) Waiting to run
Build all core packages / Build all core packages for selected target (push) Waiting to run
Use ath11k_patch_mac and ath11k_set_macflag functions
instead of fix_wifi_mac script.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Link: https://github.com/openwrt/openwrt/pull/17230
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-12-11 17:02:14 +01:00