Commit Graph

20951 Commits

Author SHA1 Message Date
Lech Perczak
bd6dc4bffa mac80211: ath9k-htc: support "eeprom" in debugfs
ath9k-htc USB-based adapterssupport 5/10MHz channel bandwidth, the
same as standard ath9k ones.
Move the code handling the features in debugfs to common-debug.c,
and create proper registration functions to use in debug.c and
htc_drv_debug.c, leaving only debugfs registration there.

While at that, refresh one patch that would conflict otherwise.

Tested on TP-Link Archer C7v2 (ath79) and TP-Link WN722Nv1 (AR9287)
and WN822Nv2 (AR7010+AR9287).

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2023-11-12 16:27:16 +01:00
Lech Perczak
10b130161d kernel: kmod-usb-serial-mos7720: support parallel port in MCS7715
In-kernel driver for MCS7715 USB-serial bridge has a bool option,
enabling support for parallel port on that chip - which is tied to the
same kernel module. Enable it and select kmod-ppdev, as the image size
increase is minimal and the package isn't bundled in the images by
default.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2023-11-12 15:37:33 +01:00
Christian Marangi
3d6b89c514
iptables: backport patch fixing bug with string module
Backport patch fixing critical bug with string module merged upstream.

Fixes: #13812
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-12 14:13:41 +01:00
Hannu Nyman
36b1dd75fd
ath10k-ct: Restore functionality after switch to 6.4 version
Adjust our local ath10k-ct patches to the change
from the -ct 6.2 version to 6.4.

This restores e.g. the LED functionality.

Fixes: 7d3651f1b9 ("ath10k-ct: switch to 6.4")
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2023-11-11 23:49:15 +01:00
Christian Marangi
8cce00bc9d
qca-ssdk: fix unsupported scenario with PORT1 not declared in switch bmp
Commit 947b44d9ae ("ipq807x: fix wrong define for LAN and WAN ess mask")
started fixing wrong switch_lan_bmp that defined lan there weren't
actually present. This displayed a fragility in the malibu phy init code
in qca-ssdk.

Add patch to fix this.

Quoting the patch detailed description:

I'm very confused by this and to me it's not clear the real usage of
this logic.

From what I can see the usage of this is EXTREMELY FRAGILE and results
in dangerous results if the OEM (or anyone that by chance try to
implement things in a logical manner) deviates from the default values
from the "magical template".

To be in more details. With QSDK 12.4, some tweaks were done to improve
autoneg and now on every call of port status, the phydev is tried to
add. This resulted in the call and log spam of an error with ports that
are actually not present on the system with qsdk reporting phydev is
NULL. This itself is not an error and printing the error is correct.

What is actually an error from ages is setting generic bitmap reporting
presence of port that are actually not present. This is very common on
OEM where the switch_lan_bmp is always a variant of 0x1e (that on bitmap
results in PORT1 PORT2 PORT3 PORT4 present) or 0x3e (PORT1 PORT2 PORT3
PORT4 PORT5). Reality is that many device are used as AP with one LAN
port or one WAN port. (or even exotic configuration with PORT1 not
present and PORT2 PORT3 PORT4 present (Xiaomi 3600)

With this finding one can say... ok nice, then lets update the DT and
set the correct bitmap...

Again world is a bad place and reality is that this cause wonderful
regression in some case of by extreme luck the first ever connected
port working and the rest of the switch dead.

The problem has been bisected to all the device that doesn't have the
PORT1 declared in any of the bitmap.

With this perfection in mind, on to the REAL problem.

malibu_phy_hw_init FOR SOME REASON, set a global variable first_phy_addr
to the first detected PHY addr that coincidentally is always PORT1.
PORT1 addr is 0x0. The entire code in malibu_phy use this variable to
derive the phy addrs in some function.

Declaring a bitmap where the PORT1 is missing (or worse PORT4 the only
one connected) result in first_phy_addr set to 1 or whatever phy addr is
detected first setting wrong value all over the init stage.

To fix this, just drop this variable and hardcode everything to assume
the first phy adrr is ALWAYS 0 and remove calculation and use define for
special case.

With the following change normal switch traffic is restored and ports
function is recovered.

Fixes: #13945
Fixes: 947b44d9ae ("ipq807x: fix wrong define for LAN and WAN ess mask")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-11 23:39:32 +01:00
Christian Marangi
a69367933d
netifd: update to Git HEAD (2023-11-11)
c739dee0a37b system-linux: refresh MAC address on DSA port conduit change

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-11 23:38:30 +01:00
Petr Štetiar
b7cf706539
debugcc: add licensing information
Information about package license is important, so lets add it.

Fixes: 79ee0d2cee ("debugcc: add new package to debug IPQ based SoC clocks")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-11-11 06:11:25 +00:00
Christian Marangi
79ee0d2cee
debugcc: add new package to debug IPQ based SoC clocks
Add new package to debug IPQ clocks using debug regs and hardware
oscillator.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-10 21:16:09 +01:00
Robert Marko
8376eaaa28
dtc: add option for a static build
I find myself manually compiling dtc as a staticly linked binary rather
often while porting a new device to OpenWrt as dtc is rarely included in
various vendor modifications of OpenWrt.

So, since dtc offers a convenient meson option to build it as staticaly
linked binary, lets make it a compile time option.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-11-10 20:27:55 +01:00
Nick Hainke
d83231603c wolfssl: update to 5.6.4
Releae Notes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.4-stable

Remove upstreamed patch:
- 001-fix-detection-of-cut-tool-in-configure.ac.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-11-10 19:28:27 +01:00
Felix Fietkau
d45d72a6da netifd: update to the latest version
eee02ccca8c8 device: add support to configure eee
bb28f6a291d9 wireless: fix sign comparison warning
35facc8306f5 wireless: fix premature removal of hotplug devices due to down state

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-10 15:37:42 +01:00
Christian Marangi
07b5b3978d
ipq-wifi: update to Git HEAD (2023-11-10)
0c2e810e71ed qcn9074: fix prpl Foundation Haze BDF for old mac80211 version

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-10 13:20:31 +01:00
Christian Marangi
01d675687c
base-files: add additional uci-defaults function for GRO and conduit
Add additional uci-defaults function for configuring GRO settings and
conduit for network devices.

Tweaking the GRO values might increase performance on some low spec
device that lack some offload feature on gmac.

Tweaking conduit interface is specific to DSA based devices and is
useful for multi-CPU scenario where one CPU is dedicated to one single
port.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-10 12:30:34 +01:00
Christian Marangi
da7ad22931
base-files: generalize ucidef_set_network_device
Generalize ucidef_set_network_device functions to use a more generic
_ucidef_set_network_device_common that takes as args the option and the
value to apply instead of hardcoding.

This is to reduce duplicated code in preparation for addition of
additional option for board.d usage.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-10 12:30:33 +01:00
Christian Marangi
1714087442
netifd: update to Git HEAD (2023-11-09)
841b05fbb91e system-linux: fix compilation error if IFLA_DSA_MASTER is not supported
5c9ecc1ff74f system-linux: make system_if_get_master_ifindex static
2dc7f450f3a2 system-linux: add option to configure DSA conduit device
838f815db5ef system-linux: add support for configurable GRO option

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-10 12:30:33 +01:00
Hannu Nyman
f79de8ec65 gdb: Update to 13.2
Update the devel/gdb package to version 13.2

* Remove the upstreamed patch 001-Add-support-for-readline-8.2.patch
* Adjust 130-gdb-ctrl-c.patch to upstream changes

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2023-11-10 08:39:38 +01:00
Isaev Ruslan
3763a6a075
ipq807x: add support for Yuncore AX880
SPECIFICATION:
    - Chipset:  IPQ8072A +QCN5054+QCN5024+QCA8081*2
    - Flash NOR-8MB AND NAND-128MB
    - RAM 1Gb DDR
    - IEEE 802.11:  802.11ax/ac/b/g/n
    - 4*4 2.4G Wi-Fi standard   802.11b/g/n/ax
    - 4*4 5.8G Wi-Fi Standard   802.11 a/n/ac/ax
    - 2x 1 Gbps Ethernet (QCA8081) with 802.3at PoE input support
    - 1x  Reset
    - 1x  Bluetooth(optional)
    - 1x  DC Port 12V 3A
    - 4x Antenna    IPEX Connector, 3dBi omni antennas
    - Data Rate:    3657Mbps ( 2.4G: 1182Mbps (11ax 4x4); 5.8G: 2475Mbps (11ax 4x4))
    - RF Power: 2.4g ≤ 20dBm; 5.8g ≤ 19dBm
    - LED light:    Sys; 5.8G wifi; 2.4G wifi; WAN; LAN
    - Max Power Consumption:    ≤ 22W
    - Size: 198mm * 198mm * 41.02mm

BACKUP YOUR STOCK FIRMWARE:
```
export device=ax880
mkdir -p /tmp/fw_dump_$device
cd /tmp/fw_dump_$device
dmesg > dmesg_$device.log
dtc -I fs /sys/firmware/devicetree/base > $device.dts
cat /proc/device-tree/model > model
cat /proc/mtd > proc_mtd
while read p; do
mtd_dev=$(echo $p | cut -d: -f1)
echo $mtd_dev
dd if=/dev/$mtd_dev of=$mtd_dev
done < proc_mtd
md5sum * > md5sum.log
tar -cvzf ../$device.tar.gz .
export sum=$(md5sum /tmp/$device.tar.gz | cut -d' ' -f1)
mv ../$device.tar.gz /tmp/${device}_${sum}.tar.gz
echo fw backup saved to: /tmp/${device}_${sum}.tar.gz
```
Upload your backup via tftp to the safe place.

INSTALLATION:
1. stock firmware web ui
Rename factory.bin fw image file to factory.ubin. Flash this image
like ordinary stock fw upgrade.

2. stock firmware telnet method
Enter telnet cli (login: root, password: 476t*_f0%g09y) and upload
 factory.bin fw image and rename it to factory.ubin
`cd /tmp && wget <your_web_server_ip>/factory.ubin`
`sysupgrade factory.ubin

3. initramfs method
    Put openwrt-ipq807x-generic-yuncore_ax880-initramfs-uImage.itb to your
    TFTP server and rename it to ax880.initram
    Enable serial console and enter to the u-boot cli.
    Exec these commands:
    `tftpboot <your_tftp_server_ip>:ax880.initram`
    `dhcp`

    When downloading is finished:
    `bootm`
    After booting the device, you need to upload to the device factory.ubi fw image.
    ```
    cd /tmp && wget <your_web_server_ip>/factory.ubi`
    export rootfs=$(cat /proc/mtd | grep rootfs | cut -d: -f1)
    export rootfs_1=$(cat /proc/mtd | grep rootfs_1 | cut -d: -f1)
    ubiformat /dev/${rootfs} -y -f factory.ubi
    ubiformat /dev/${rootfs_1} -y -f factory.ubi
    reboot
    ```

4. u-boot factory.ubi image method
    Put openwrt-ipq807x-generic-yuncore_ax880-squashfs-factory.ubi to your
    TFTP server and rename it to ax880.ubi
    Enter u-boot cli and exec these commands:
    `tftpboot <your_tftp_server_ip>:ax880.ubi`
    `dhcp`
    After downloading is finished:
    `flash rootfs`
    `flash rootfs_1`
    `reset`

5. u-boot factory.bin method
    Put openwrt-ipq807x-generic-yuncore_ax880-squashfs-factory.bin to your
    TFTP server and rename it to ax880.bin
    Enter u-boot cli and exec these commands:
    `tftpboot <your_tftp_server_ip>:ax880.bin`
    `dhcp`
    After downloading is finished:
    `imgaddr=$fileaddr && nand device 0`
    Erase rootfs memory:
    `nand erase 0x00000000 0x03400000`
    Write rootfs:
    `nand write $fileaddr 0x00000000 $filesize`
    Erase rootfs_1 memory:
    `nand erase 0x3c00000 0x3400000`
    Write rootfs_1
    `nand write $fileaddr 0x3c00000 $filesize`
    `reset`

STOCK FIRMWARE RECOVERY:
Boot initramfs image.
Upload your rootfs mtd partition to the device using scp or download
it from the device using wget.
Enter device ssh cli and exec:
```
cd /tmp && wget <your_web_server_ip>/mtd21`
export rootfs=$(cat /proc/mtd | grep rootfs | cut -d: -f1)
export rootfs_1=$(cat /proc/mtd | grep rootfs_1 | cut -d: -f1)
ubiformat /dev/${rootfs} -y -f /tmp/mtd21
ubiformat /dev/${rootfs_1} -y -f /tmp/mtd21
reboot
```

Signed-off-by: Isaev Ruslan <legale.legale@gmail.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
2023-11-09 16:52:10 +01:00
Christian Marangi
05e516b12d
hostapd: refresh patches
Refresh patches for hostapd using make package/hostapd/refresh.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-09 16:07:55 +01:00
Christian Marangi
6c9ac57d58
hostapd: permit 40MHz in 802.1s only also for 2.4GHz g/n with noscan
Currently for 802.1s only, for wifi 2.4GHz in g/n mode, 40MHz is never
permitted.

This is probably due to the complexity of setting periodic check for the
intolerant bit. When noscan option is set, we ignore the presence of the
intoleran bit in near AP, so we can enable 40MHz and ignore any complex
logic for checking.

Fixes: #13112
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-09 15:58:38 +01:00
Christian Marangi
b1c7b1bd67
hostapd: permit also channel 7 for 2.5GHz to be set to HT40PLUS
Also channel 7 for 2.4GHz can be set to HT40PLUS. Permit this and add it
to the list of the channels.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-09 15:58:37 +01:00
Christian Marangi
1b5ea2e199
hostapd: fix broke noscan option for mesh
noscan option for mesh was broken and actually never applied.

This is caused by a typo where ssid->noscan value is check instead of
conf->noscan resulting in the logic swapped and broken.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-09 15:58:37 +01:00
Christian Marangi
1070fbce6e
mac80211: fix not set noscan option for wpa_supplicant
noscan option was changed to hostapd_noscan but the entry in
wpa_supplicant was never updated resulting in the noscan option actually
never set.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-09 15:58:34 +01:00
Robert Marko
eea264fead
kernel: qca-ssdk: update to 12.4
Update SSDK version to 12.4, this fixes weird SFP port link up/downs
while there is no SFP module plugged in.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-11-09 13:21:55 +01:00
Jo-Philipp Wich
551963662b ucode: update to Git HEAD (2023-11-07)
0352a33 uloop: support new interval and signal APIs
1468cc4 syntax: don't treat `as` and `from` as reserved keywords

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2023-11-09 12:40:42 +01:00
Daniel Golle
c63e3c98e8 fstools: bump to git HEAD
3a07943 block: support skipping uuid check
 56a9b4e block: consider currently mounted root device first
 9cd09d4 block: try to find the root device on both / and /rom
 c1a8d95 block: support extroot on already mounted overlay

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-11-09 11:15:42 +00:00
Daniel Golle
d6a06acaa5 arm-trusted-firmware-mediatek: update to release 2023-10-13
Drop local patches now upstream.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-11-09 00:34:38 +00:00
Felix Fietkau
c2a30b6e01 hostapd: use rtnl to set up interfaces
In wpa_supplicant, set up wlan interfaces before adding them

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-08 12:46:29 +01:00
Felix Fietkau
531314260d wifi: fix applying mesh parameters when wpa_supplicant is in use
Apply them directly using nl80211 after setting up the interface.
Use the same method in wdev.uc as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-08 12:46:29 +01:00
Hauke Mehrtens
6aad5ab099 px5g-wolfssl: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.

OpenSSL does this in the same way already.

With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.*
-rw-r--r--    1 root     root           749 Nov  6 23:14 /etc/uhttpd.crt
-rw-------    1 root     root           121 Nov  6 23:14 /etc/uhttpd.key

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-11-07 21:55:55 +01:00
Hauke Mehrtens
929c9a58c9 px5g-mbedtls: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.

OpenSSL does this in the same way already.

With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.crt /etc/uhttpd.key
-rw-r--r--    1 root     root           519 Nov  6 22:58 /etc/uhttpd.crt
-rw-------    1 root     root           121 Nov  6 22:58 /etc/uhttpd.key

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-11-07 21:55:55 +01:00
Felix Fietkau
41d7439af5 netifd: update to the latest version
383753dd65ae device/bridge: support passing extra vlans in the device_set_state call
b6e75eafc1af device: send notifications for device events via ubus
cab415c7aefd bridge: add auth-required bridge members with auth_status=0 if vlan is enabled
827a02f0343c bridge: add support for configuring vlans for auth=1,auth_status=false
40ed7363caf2 device: fix build error on 32 bit systems
516ab774cc16 system-linux: fix race condition on bringing up wireless devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-11-07 13:36:54 +01:00
Hauke Mehrtens
a15eb1cda0 bpf-headers: Fix download URL with kernel 6.1
This fixes the download of the kernel 5.15 for the bpf-headers when
kernel 6.1 is build for the target.

Even if kernel 6.1 was selected for the target we still use kernel 5.15
for the bpf-headers. The download script tried to download the 5.15
kernel from the 6.x directory on kernel,org and this failed. Define
PKG_SOURCE_URL based on PKG_PATCHVER and not KERNEL_BASE like done in
kernel.mk.

Without this change it tries to download the kernel from this URL:
ttps://cdn.kernel.org/pub/linux/kernel/v6.x/linux-5.15.129.tar.xz

Fixes: #13190
Fixes: #13671
Fixes: #13814
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-11-06 23:20:14 +01:00
Hauke Mehrtens
3c17cdbc36 mbedtls: Activate secp521r1 curve by default
Activate the secp521r1 ecliptic curve by default. This curve is allowed
by the CA/Browser forum, see
https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-v2.0.1-redlined.pdf#page=110

This increases the size of libmbedtls12_2.28.5-1_aarch64_generic.ipk by
about 400 bytes:
Without:
252,696 libmbedtls12_2.28.5-1_aarch64_generic.ipk
With:
253,088 libmbedtls12_2.28.5-2_aarch64_generic.ipk

Fixes: #13774
Acked-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-11-06 23:04:00 +01:00
Daniel Golle
f8414f1a6f uboot-envtools: add environment config for MeiG SLT866
Add configuration to access U-Boot environment on MeiG SLT866.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-11-03 21:16:29 +00:00
Jo-Philipp Wich
5bb3b5d46c firewall4: update to latest Git HEAD
4101dd4 fw4: perform strict validation of zone and set names
a923c88 fw4: pass zone to templates whenever possible
597dc90 fw4: add support for zone log_limit
1874050 fw4: add log_limit to rules and redirects
19a8caf ruleset: dispatch ct states using verdict map
a5553da ruleset: reduce ksoftirqd load by refering to looopback by numeric id
de3483c tests: adjust zone log limit testcases
7392792 ruleset: do not emit redundant drop invalid rules
698a533 ruleset: apply egress MSS fixup later to apply final MTU before wire

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2023-11-03 15:55:15 +01:00
Christian Marangi
a0fa3a17a2
ath10k-ct: add patch fixing compilation error in debug
ath10k-ct based on kernel 6.4 doesn't have a fix present in previous
kernel. Add patch that port the compilation error fix from previous
kernel in the new 6.4 kernel.

Fixes: 7d3651f1b9 ("ath10k-ct: switch to 6.4")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-03 04:10:03 +01:00
Koen Vandeputte
7d3651f1b9
ath10k-ct: switch to 6.4
Switch to the latest version so we match as close as possible to
our own mac80211 version.

Run-time tested on hundreds of devices in the field for months now:
- qca988x (wave 1)
- qca4019 (wave 2)

Tested-by: Enrico Mioso <mrkiko.rs@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
2023-11-02 20:38:34 +01:00
Koen Vandeputte
8de3ee2e79
ath10k-ct: bump to latest upstream
92900bf("at10k-ct: fixup version info")

Tested-by: Enrico Mioso <mrkiko.rs@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
2023-11-02 20:38:34 +01:00
Philip Prindeville
ac199c57c5
dnsmasq: don't source functions.sh twice
It's already pulled in from /etc/rc.common.

Fixes: #13758

Fixes: 6b23836071 ("package: avoid the use of eval to parse ipcalc.sh output")

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2023-11-02 20:29:38 +01:00
Petr Štetiar
bc47613cf0
Revert "uboot-sunxi: add missing type __u64"
This reverts commit 3cc57ba462 as it
should be fixed in commit 78cbd5a57e11 ("tools: macOS: types.h: fix
missing unsigned types").

References: #13833
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-11-02 20:20:56 +01:00
Petr Štetiar
f691830307
Revert "uboot-mediatek: fix build on Mac OS X"
This reverts commit 997ff740dc.
78cbd5apick as it should be fixed in commit 78cbd5a57e11 ("tools: macOS:
types.h: fix missing unsigned types").

References: #13833
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-11-02 20:20:56 +01:00
Jo-Philipp Wich
6f5f9a0218 ucode: update to latest Git HEAD
cfb24ea build: avoid redefining _FORTIFY_SOURCE
448c763 lib: enforce consistent `index()` behavior with empty needle argument
cdc0203 nl80211: fix maybe uninitialized variable
a69b5c8 vm: fix unused result warning
ea046bd build: enable source fortification by default

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2023-11-02 10:52:36 +01:00
Hauke Mehrtens
d62726b1e4 urngd: update to version 2023-11-01
Fix compilation with glibc

44365eb Deactivate _FORTIFY_SOURCE in jitterentropy-base.c

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-11-01 22:10:46 +01:00
Petr Štetiar
6dca88aa4a
hostapd: fix broken WPS on broadcom-wl and ath11k
Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl/ath11k
based adapters. The reason for it is hostapd tries to install additional
IEs for scanning while the driver does not support this.

The kernel indicates the maximum number of bytes for additional scan IEs
using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and
only add additional scan IEs in case the driver can accommodate these
additional IEs.

Bug: http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
Bug-Debian: https://bugs.debian.org/1004524
Bug-ArchLinux: https://bugs.archlinux.org/task/73495
Upstream-Status: Changes Requested [https://patchwork.ozlabs.org/project/hostap/patch/20220130192200.10883-1-mail@david-bauer.net]
Reported-by: Étienne Morice <neon.emorice@mail.com>
Tested-by: Étienne Morice <neon.emorice@mail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-11-01 12:23:01 +00:00
Petr Štetiar
d604a07225
build: add CycloneDX SBOM JSON support
CycloneDX is an open source standard developed by the OWASP foundation.
It supports a wide range of development ecosystems, a comprehensive set
of use cases, and focuses on automation, ease of adoption, and
progressive enhancement of SBOMs (Software Bill Of Materials) throughout
build pipelines.

So lets add support for CycloneDX SBOM for packages and images
manifests.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-11-01 11:14:41 +00:00
Jianhui Zhao
3bbc1d5fba uboot-mediatek: fix determine the size of an uImage.FIT using 'imsz' or 'imszb'.
It must read the entire image for previous code of 'imsz' or 'imszb'.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Suggested-by: Chuanhong Guo <gch981213@gmail.com>
2023-10-31 22:12:30 +00:00
David Bauer
9a47688eee uqmi: update to latest HEAD
eea2924 uqmi: add slot number to uim-sim-status output

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
39341f422f hostapd: fix OWE association with mbedtls
The code for hostapd-mbedtls did not work when used for OWE association.

When handling association requests, the buffer offsets and length
assumptions were incorrect, leading to never calculating the y point,
thus denying association.

Also when crafting the association response, the buffer contained the
trailing key-type.

Fix up both issues to adhere to the specification and make
hostapd-mbedtls work with the OWE security type.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
79912a9531 uqmi: configure PDP type and APN to modem
Configure the PLMN and APN to the modem. This is required in cases,
where either the SGSN or GGSN does not permit the selection of IPv4v6
pdp type.

Previously, the modem always tried to establish a dual-stacked PDP
context regardless of the configured PDP type in uci. As this setting
can not be parameterized when creating a WDS context, configure it to
the modems internal list of profiles. This way, the PDP type is taken
into account when creating the WDS context.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
c4321462e4 uqmi: fix non-working PLMN selection
The PLMN selection was reset when calling network-register, thus
rendering the sepcific selection of a carrier unapplied.

Set the PLMN selection after executing network-register. This seems to
cause the modem to re-select the carrier eventually.

That being said, qmi does allow the parameterization of the
network-register to include dpecific PLMN settings, however this is
currently not implemented in uqmi.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
c1fcce1112 uqmi: set RAT preference before attach
Set the RAT preference before attaching. This handles cases better,
where a network might be available but not with the preferred RAT.

If RAT is changed to a non-available RAT after attach, QMI does not fail
with missing registration but with failing to establish a PDP session.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
0bc2b2a780 uqmi: increase wait time before checking connection state
Increase the wait time before polling the connection state for the first
time.

Depending on the prior state of the modem, the first poll might still
return a connected state. The script then tries to establish a PDP
session, which subsequently fails as the modem by then is in scan state.

Increasing the wait-time to 3 seconds mitigates this from happening.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
696c9f723d uqmi: add illegal SIM state recovery
On some network-triggered disconnections the UIM state might end up in
"illegal". This prevents the modem from attaching to any network in
non-restricted service modes.

Detect this state and reset the SIM card. This way, the modem can attach
to networks again.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
David Bauer
ead0c19348 uqmi: don't block restart on failed registration
Failing the registration does not necessarily mean we can not bring this
interface up. For example, roaming SIM cards are possibly steered by the
home-operator.

Don't block restart of the QMI interface in this case.

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-31 21:12:15 +01:00
Til Kaiser
76713f4b82 packages: add needed packages for Mellanox Spectrum Switches
Add needed kernel and firmware packages for Mellanox Spectrum
SN2000 Series Switches.

Signed-off-by: Til Kaiser <til.kaiser@gmx.de>
2023-10-31 21:12:15 +01:00
Shiji Yang
2d314984b1 mac80211: ath: add struct_group for struct ath_cycle_counters
Add a struct_group to around all members in struct ath_cycle_counters.
It can help the compiler detect the intended bounds of the memcpy() and
memset().

This patch fixes the following build warning:

In function 'fortify_memset_chk',
    inlined from 'ath9k_ps_wakeup' at /home/db/openwrt/build_dir/target-mips_24kc_musl/linux-ath79_generic/backports-6.1.24/drivers/net/wireless/ath/ath9k/main.c:140:3:
./include/linux/fortify-string.h:314:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
  314 |                         __write_overflow_field(p_size_field, size);
      |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2023-10-31 21:12:15 +01:00
Weiping Yang
c7baca3bb6 ath79: add support for GL.iNet GL-S200
Specifications:
SoC: QCA9531(650MHz)
RAM: DDR2 128M
Flash: SPI NOR 16M + SPI NAND 128M
WiFi: 2.4GHz with 2 antennas(WiFi/Thread)
Ethernet:
    1xLAN(10/100M)
    2xWAN(10/100M)
Button: 1x Reset Button
Switch: 1x Mode switch
LED: 1x Blue LED + 1x White LED + 1x Orange LED
IOT: Thread + ZigBee/Zwave

By uboot web failsafe:
Push the reset button for 5 seconds util the power led flash faster,
then use broswer to access http://192.168.1.1

Afterwards upgrade can use sysupgrade image.

Signed-off-by: Weiping Yang <weiping.yang@gl-inet.com>
2023-10-31 13:53:11 +01:00
Felix Fietkau
a2d8226c4f hostapd: do not trim trailing whitespace, except for newline
Fixes adding SSID or key with trailing whitespace

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-10-31 13:29:32 +01:00
Daniel Danzberger
9eecf49053 mt76: Add firmware package for MT7922
Adds the 2 required firmware files for MT7922 chips.

Signed-off-by: Daniel Danzberger <dd@embedd.com>
2023-10-29 22:39:16 +01:00
Anari Jalakas
5dbdf3bb3a iptables: opt-out of lto usage
This fixes building with USE_LTO enabled.

<artificial>:(.text+0xc22): relocation R_MIPS16_26 against `libxt_DNAT_init' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol printf
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
2023-10-29 19:42:32 +01:00
Anari Jalakas
246b97b607 lua: opt-out of lto usage
This fixes building with USE_LTO enabled.

<artificial>:(.text+0xcc8): relocation R_MIPS16_26 against `luaL_argerror' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol strcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
2023-10-29 19:42:32 +01:00
Anari Jalakas
1925a183a3 libsepol: opt-out of lto usage
This fixes building with USE_LTO enabled.

<artificial>:(.text+0x4194): relocation R_MIPS16_26 against `cil_printf.lto_priv.0' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol memcmp
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
2023-10-29 19:42:32 +01:00
Anari Jalakas
2a33d26d21 libselinux: opt-out of lto usage
This fixes building with USE_LTO enabled:

<artificial>:(.text.exit+0x6e): relocation R_MIPS16_26 against `pthread_key_delete' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol stpcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
2023-10-29 19:42:32 +01:00
Anari Jalakas
fbacc5ae52 iwinfo: opt-out of lto usage
This fixes building with USE_LTO enabled.

<artificial>:(.text+0x400c): relocation R_MIPS16_26 against `iwinfo_close' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol strcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
2023-10-29 19:42:32 +01:00
Rani Hod
62ada26de2 build: hide kmod-zram config unless enabled
Currently the zram default compressor choice is displayed whether or not
zram is activated. Since the default choice is lzo-rle, this adds a
false dependency on kmod-lib-lzo.
With this patch, the choice options appear only when activating zram.

Signed-off-by: Rani Hod <rani.hod@gmail.com>
2023-10-29 19:39:54 +01:00
Milan Krstic
17465fc77e ramips: add support for ZyXEL LTE5398-M904
ZyXEL LTE5398-M904 is a dual band 802.11ac indoor LTE/3G CPE with an FXS
port.

Specifications:

* SoC: Mediatek MT7621AT
* RAM: 256 MB
* Flash: 128MB NAND (MX30LF1G18AC)
* WiFi: MediaTek MT7603 2.4G + MediaTek MT7615 5G
* Switch: 2 GbE ports MT7530
* LTE/3G: Quectel EG18-EA LTE-A Cat. 18
* SIM: 1 micro-SIM card slot
* Buttons: Reset, WPS
* LEDs: power (G/B), internet (G), LTE (R/G/Orange), WiFi (G), voice (G)
* VoIP: 1 FXS RJ11 port
* Power: 12V, 2A

UART serial console:

57600,8N1
Unpopulated header J5:

 [o] GND
 [ ] key - no pin
 [o] RX
 [o] TX
 [o] 3.3V Vcc

Installation:

* Log in as root using ssh to 192.168.1.1
* scp OpenWrt initramfs-recovery.bin image to root@192.168.1.1:/tmp/
* Prepare bootloader config by running:
   nvram setro uboot DebugFlag 0x1
   nvram setro uboot CheckBypass 0
   nvram commit
* Run "mtd_write -w write /tmp/initramfs-recovery.bin Kernel" and reboot
* Wait for OpenWrt to boot and ssh to root@192.168.1.1
* Run sysupgrade with OpenWrt squashfs-sysupgrade.bin image

For mode details about flashing see:
2449a63208 (ramips: mt7621: Add support for ZyXEL NR7101, 2021-04-19)

Unsupported:

* FXS/Voice

Signed-off-by: Milan Krstic <milan.krstic@gmail.com>
2023-10-29 18:51:11 +01:00
Zeyu Dong
4b0b90d3fa
mac80211: compile kconf with host gcc
Fix the building issue setting CC to KERNEL_CC in kernel.mk. The
kernel backports by default uses CC to compile kconf. A new patch is
added to mac80211 to compile kconf with host gcc.

Signed-off-by: Zeyu Dong <dzy201415@gmail.com>
[ refresh patches ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-28 21:34:23 +02:00
Kevin Darbyshire-Bryant
0221b86032 odhcpd: Bump to latest commits
d8118f6 config: make sure timer is not on the timeouts list before freeing
4bbc6e7 add hostsfile output in addition to statefile

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2023-10-28 22:33:32 +01:00
Furong Xu
03987d2d11 uboot-mediatek: Sync phy-mode for Xiaomi Redmi Router AX6000
Commit 572ea68070 ("uboot-mediatek: add patches for MT7988 and
builds for RFB") renamed HSGMII to 2500basex, but forgot to update
the dts of Redmi Router AX6000, makes the network unusable.
This patch makes the network usable again.

Fixes: #13724
Fixes: 572ea68070 ("uboot-mediatek: add patches for MT7988 and builds for RFB")
Signed-off-by: Furong Xu <xfr@outlook.com>
2023-10-28 23:25:31 +02:00
Kristian Skramstad
5e33fdfc47 qualcommax: ipq807x: add support for Netgear WAX630
```
Specifications:
* CPU: Qualcomm IPQ8074A, SoC Version: 2.0, Quad core 1651 MHz
* RAM: 1 GiB of DDR3 466 MHz
* Flash: NAND 512 MiB (Winbond W29N04GZ)
* 6 RGB LEDs: Power, LAN1, LAN2, 2.4GHz, 5GHz H and 5GHz L
* UART: One 4-pin populated header next to the heatsink and a chip.
  GND RXD TXD, beginning from the external antennas. 115200n8.

Lan:
* One 100/1000/2.5GBASE-T Gigabit Ethernet 802.3bt/at
* One 100/1000 Gigabit Ethernet

Wlan:
* 4x4 in 2.4GHz  : 802.11b/g/n/ax
* 4x4 in 5.0GHz L: 802.11a/n/ac/ax
* 4x4 in 5.0GHz H: 802.11a/n/ac/ax
* OFDM and OFDMA
* Bidir and MU-MIMO
* Internal antenna 2.86/4.41/4.98 dBi (2.4GHz/5GHz L/5GHz H)

Power:
* 802.3bt/at 30.1W
* DC 12V/3.5A

Mounting: Wall and ceiling
```

```
1.  Download the OpenWrt initramfs image. Copy the image to a TFTP server
2.  Connect to the console on the AP, and connect the LAN port to your LAN
3.  Stop auto boot to get to U-boot shell, interrupt the autoboot process by pressing '0' when prompted
4.  Set active_fw in env
4.  Set active_fw in env
    # setenv active_fw 1
5.  Transfer the initramfs image with TFTP
    # setenv serverip 192.168.1.10 (IP of TFTP server host)
    # setenv ipaddr 192.168.1.1 (IP used by the router for getting the image, must be in the same subnet as the TFTP host)
    # tftpboot openwrt-qualcommax-ipq807x-netgear_wax630-initramfs-uImage.itb
6.  Reboot and load the image
    # bootm
7.  SCP factory image to the AP
    # scp openwrt-qualcommax-ipq807x-netgear_wax630-squashfs-factory.ubi root@192.168.1.1:/tmp/
8.  Connect to device using SSH (use the LAN port)
9.  Flash squashfs-factory.ubi from within the initramfs instance of OpenWRT
    Before you flash, please check your mtd partitions where mtdX is the right mtd rootfs partition.
    # cat /proc/mtd (To check MTD partitions)
    # ubiformat /dev/mtd18 -y -f /tmp/openwrt-qualcommax-ipq807x-netgear_wax630-squashfs-factory.ubi
10. Set active_fw to 0
    # /usr/sbin/fw_setenv active_fw 0
11. Reboot the AP and your done
    # reboot
```

Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Kristian Skramstad <kristian+github@83.no>
2023-10-28 19:49:18 +02:00
Kristian Skramstad
f9e6218b82 ipq-wifi: update to version 2023-10-12
Contains the following update:
52a1c29 ipq8074: add Netgear WAX630 Board file for Netgear WAX630. Extracted from stock (WAX630_BDF.bin) firmware and repacked.
e7701b8 ipq8074: update RegDB in new submitted BDF
cd04ab7 qcn9074: update RegDB in new submitted BDF

Signed-off-by: Kristian Skramstad <kristian+github@83.no>
2023-10-28 19:49:18 +02:00
Tianling Shen
423186d7d8 mediatek: add CMCC RAX3000M support
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: 64GB eMMC or 128 MB SPI-NAND
  RAM: 512MB
  Ethernet: 4x 10/100/1000 Mbps
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, Mesh
  Power: DC 12V 1A
- UART: 3.3v, 115200n8
  --------------------------
  |         Layout         |
  |   -----------------    |
  | 4 | GND TX VCC RX | <= |
  |   -----------------    |
  --------------------------

Gain SSH access:
1. Login into web interface, and download the configuration.
2. Enter fakeroot, decompress the configuration:
   tar -zxf cfg_export_config_file.conf
3. Edit 'etc/config/dropbear', set 'enable' to '1'.
4. Edit 'etc/shadow', update (remove) root password:
   'root::19523:0:99999:7:::'
5. Repack 'etc' directory:
   tar -zcf cfg_export_config_file.conf etc/
   * If you find an error about 'etc/wireless/mediatek/DBDC_card0.dat',
     just ignore it.
6. Upload new configuration via web interface, now you can SSH to RAX3000M.

Check stroage type:
Check the label on the back of the device:
"CH EC CMIIT ID: xxxx" is eMMC version
"CH    CMIIT ID: xxxx" is NAND version

eMMC Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'factory' part.
   ('data' partition can be ignored, it's useless.)
2. Write new GPT table:
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-gpt.bin of=/dev/mmcblk0 bs=512 seek=0 count=34 conv=fsync
3. Erase and write new BL2:
   echo 0 > /sys/block/mmcblk0boot0/force_ro
   dd if=/dev/zero of=/dev/mmcblk0boot0 bs=512 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-preloader.bin of=/dev/mmcblk0boot0 bs=512 conv=fsync
4. Erase and write new FIP:
   dd if=/dev/zero of=/dev/mmcblk0 bs=512 seek=13312 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-bl31-uboot.fip of=/dev/mmcblk0 bs=512 seek=13312 conv=fsync
5. Set static IP on your PC:
   IP 192.168.1.254, GW 192.168.1.1
6. Serve OpenWrt initramfs image using TFTP server.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt has booted, perform sysupgrade.
9. Additionally, if you want to have eMMC recovery boot feature:
     (Don't worry! You will always have TFTP recovery boot feature.)
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb of=/dev/mmcblk0p4 bs=512 conv=fsync

NAND Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'Factory' part.
2. Erase and write new BL2:
   mtd erase BL2
   mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin BL2
3. Erase and write new FIP:
   mtd erase FIP
   mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip FIP
4. Set static IP on your PC:
   IP 192.168.1.254, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, erase UBI volumes:
   ubidetach -p /dev/mtd0
   ubiformat -y /dev/mtd0
   ubiattach -p /dev/mtd0
8. Create new ubootenv volumes:
   ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
   ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
9. Additionally, if you want to have NAND recovery boot feature:
     (Don't worry! You will always have TFTP recovery boot feature.)
   ubimkvol /dev/ubi0 -n 2 -N recovery -s 20MiB
   ubiupdatevol /dev/ubi0_2 openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb
10. Perform sysupgrade.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-10-28 19:05:07 +02:00
Tianling Shen
fddd735dd5 uboot-mediatek: add support for CMCC RAX3000M
The OEM U-Boot uses dual boot and signature verification which does not
support by OpenWrt. So add a custom U-Boot build for OpenWrt.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-10-28 19:05:07 +02:00
Tianling Shen
7d8ffe941d arm-trusted-firmware-mediatek: add emmc/spim-nand ddr4 build for mt7981
They will be used on CMCC RAX3000M.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-10-28 19:05:07 +02:00
Felix Fietkau
5eb8a21ba5 ucode: fix build on macos
Remove ABI version, since its format is not accepted by the linker.
Enable rpath to avoid clash with system libraries

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-10-28 15:38:16 +02:00
Jo-Philipp Wich
eacc885816 ucode: update to latest Git HEAD
- Introduces signal handling facilities
 - Fixes potentially incorrect object equality tests
 - Introduces debug library
 - Introduces log library
 - ABI version bump due to changed VM structure layout
 - Revised packaging

Changelog:

07c0317 jsdoc: switch to own custom theme
6ca08b0 jsdoc: properly handle indented documentation blocks
2a67f22 lib: add/improve documentation for require(), loadfile(), loadstring()
9993ccb uci: fix potential memory leaks in `configs()`
f56394f ci: re-trigger workflows on pull request pushes
1c18993 lib: various documentation fixes
d25dcb1 uci: add module documentation
4a8ece2 docs: use CSS and local JavaScript fixups to improve formatting
8f21cfa lib: introduce log library
8a3aefe build: auto-enable module depending on present libraries
6a01adc build: convert CMakeLists.txt into lowercase
8700665 ci: don't skip pull request workflows for `master` branch
0184d23 include: fix execvpe compat function on macOS
8b23884 uloop: rename environ variable to avoid clashing with system macro on macOS
7c209d7 types: ensure double serializatiion with decimal places
d150425 rtnl: update the link attr TODOs
d394174 rtnl: add IFLA_TARGET_NETNSID for operating in other namespaces
1227733 lib: fix documented return value for `splice()`
c9982de docs: add struct module documentation
7dde493 docs: add missing headline to debug module documentation
8f852ea types: improve comparison reliability of binary strings
6940c28 lib: introduce debug library
be07107 treewide: consolidate platform specific code in platform.c
2593270 uloop: interrupt on VM signals
97a5292 lib: add `signal()` stdlib function
1dbbb6a main: enable signal dispatching in the standalone cli interpreter
1623245 types: treat signal handler array as GC root
29b1c0d vm: introduce basic signal handling infrastructure
093684d fs: explicitly compare isatty() result
4f4f38f types: don't rely on implicit type conversion in ucv_compare()
4bee0ef docs: disable GitHub Jekyll post processing
5efb7a0 docs: further rework
33bc7bf docs: fix markup quirks
9d5e420 docs: add information about memory management and operator precedence
f1190ef docs: various improvements
f0cc841 fs: use `fseeko()` and `ftello()`
cba0c3c fs: complete function documentation coverage
f9260f7 github: drop superfluous CNAME file
c85bc74 Create CNAME
5309294 lib: add JSDoc documentation
b0f2f90 fs: add JSDoc documentation
fe086da math: add JSDoc documentation
70f9348 docs: add initial JSDoc infrastructure
24f1a56 source: fix source offset accounting
9df9160 lexer: don't count EOF token as newline
b9d8f06 ci: switch to official openwrt/gh-action-sdk

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2023-10-27 00:57:34 +02:00
Liangbin Lian
7d6314851a kernel: usb-audio remove Kconfig USB_AUDIO
CONFIG_USB_AUDIO is a "USB Audio Gadget" driver, not a usb device driver

CONFIG_USB_AUDIO is "USB Audio support" before linux 2.6

Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
2023-10-26 22:30:36 +02:00
Luca Barbato
0f9a281e6f kernel: Enable hwmon for nvme
Expose the temperature sensors as hwmon, it improves the overall
user experience since on tiny boards the nvme can become a substantial
source of heat.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Reviewed-by: Robert Marko <robimarko@gmail.com>
2023-10-26 22:19:58 +02:00
Hauke Mehrtens
e4ebc7b566 openssl: update to 3.0.12
Major changes between OpenSSL 3.0.11 and OpenSSL 3.0.12 [24 Oct 2023]
 * Mitigate incorrect resize handling for symmetric cipher keys and IVs. (CVE-2023-5363)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-10-26 00:00:18 +02:00
David Bauer
0da74dbb45 uqmi: update to latest HEAD
c8c9f10 uim: fix help formatting
aac0776 uqmi: add APN profile commands
ffc5eea uim: support SIM card power-up/down
d6c963d uim: add application state to SIM status

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-10-25 22:09:42 +02:00
Nick Hainke
7ecc240cc7 mtd-utils: update to 2.1.6
Release Notes:
https://lists.infradead.org/pipermail/linux-mtd/2023-August/100922.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-25 16:16:42 +02:00
Linus Walleij
c1318bc73e
ixp4xx: Add a ixp4xx hardware crypto kernel module
The IXP4xx crypto module must be loaded after the rootfs is
up as it depends on loading some NPE microcode from the file
system.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2023-10-25 11:29:05 +02:00
Linus Walleij
0be0b357b2
firmware: Resurrect the ixp4xx microcode package
The firmware package for the IXP4xx microcode was deleted but
the source files are still in the file cache so we can easily
resurrect it.

The firmware either supports ethernet (the most common) or
WAN (less common), image targets select the firmware they
want depending on usecase.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2023-10-25 11:28:15 +02:00
Linus Walleij
fcd1c9cbcc
kernel: netdevices: Package AMD PHY
This adds a package for the AMD and Altima PHY, found in some
odd devices.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2023-10-25 11:23:57 +02:00
Philip Prindeville
1998027d7c base-files: functions.sh: Add prepend() homologue to append()
Sometimes it's useful to be able to prepend to a variable as
well, such as when dealing with domain names, e.g.

    prepend fdqn "$subdomain" "."

will result in:

   fqdn="$subdomain.$fqdn"

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2023-10-23 19:18:04 +02:00
Nicolò Veronese
8849ccb995 uboot-mediatek: fix global pll clock override on mtk_spim
With patch 101-03-spi-mtk_spim-get-spi-clk-rate-only-once.patch
 a new system to calculate the SPI clocks has been added.

Unfortunately, the do_div macro overrides the global
 priv->pll_clk_rate field. This will cause to have a reduced
 clock rate on each subsequent SPI call.

Signed-off-by: Valerio 'ftp21' Mancini <ftp21@ftp21.eu>
Signed-off-by: Nicolò Veronese <nicveronese@gmail.com>
2023-10-22 18:14:03 +02:00
Koen Vandeputte
4bdd1c1a13 libnl: add support for cli
Some packages (like wavemon >= 0.9.4) depend on libnl-cli. Add support
for this part of the lib. libnl-cli itself depends on libnl-genl and
libnl-nf. On MIPS, this component adds 81kB.

Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
(punctuation correction and reorganisation of commit message)
Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-22 12:08:09 +02:00
Rani Hod
9c42d23c5f bcm53xx: Linksys EA9200 nvram and 02_network fixes
1) clear nvram partialboots upon successful boot
This behavior is already defined for EA9500; enabled for EA9200 too.

2) fix MAC address in board.d/02_network
Use the correct nvram variable to derive lan/wan MAC address.

Signed-off-by: Rani Hod <rani.hod@gmail.com>
2023-10-22 11:11:43 +02:00
Josua Mayer
71e2c64bef uboot-mvebu: armada 388 clearfog: support additional ddr configurations
Fixes Issue #13632.

Patches as submitted in v1 to u-boot mailinglist:
https://lists.denx.de/pipermail/u-boot/2023-October/533148.html

Signed-off-by: Josua Mayer <josua@solid-run.com>
2023-10-22 10:52:40 +02:00
Christian Marangi
e6281720f2
kernel: fix missing regmap-mmio dependency for rtc-r7301
Add missing regmap-mmio dependency for rtc-r7301 to fix packaging error.

Fixes: f2bc4c1f15 ("kernel: Add kmod-rtc-r7301")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-20 19:19:42 +02:00
Arien Judge
c46ae366cf
toolchain: link ldd when using external toolchain
When using an external toolchain, ldd is not linked into the rootfs.
This causes subsequent upgrades to fail with 'Failed to exec upgraded'.
This patch adds the symlink when using an external toolchain and musl.

Signed-off-by: Arien Judge <arienjudge@outlook.com>
2023-10-20 18:55:55 +02:00
Jianhui Zhao
4536fb4c5c uboot-mediatek: fix typo in bootmenu for GL-MT6000
Fixes: fe10f97 ("filogic: add support for GL.iNet GL-MT6000")

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
2023-10-20 18:13:57 +02:00
Christian Marangi
d82c5884c6
treewide: make use of new toolchain define
Make use of new toolchain define. TOOLCHAIN_DIR should be used only for
toolchain related packages and for everything else TOOLCHAIN_ROOT_DIR
and other define should be used instead.

Switch to new entry where possible.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-20 16:13:56 +02:00
Christian Marangi
c0e30b17eb
treewide: disable QUILT refresh for unsupported packages
Some packages won't ever have something to patch as they normally
install files or are meta-packages.

For these special packages, disable QUILT refresh.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-20 16:13:13 +02:00
Rahul Thakur
002f180a97
dnsmasq: add support for RA option 31
The option 31 in the RA specifies the DNS search list, the support
to configure this via UCI is missing in case dnsmasq-dhcpv6 is used.

This commit uses the uci option domain (same as is done by odhcpd) to
read and pass the DNS search list to dnsmasq, which is then used by RA.

Hence, with this commit, we are able to configure DNS search list for the
RA messages via the uci config when dnsmsaq-dhcpv6 is used.

Signed-off-by: Rahul Thakur <rahul.thakur@iopsys.eu>
2023-10-20 16:04:59 +02:00
Nick Hainke
141780222c nftables: update to 1.0.9
ChangeLog:
https://www.netfilter.org/projects/nftables/files/changes-nftables-1.0.9.txt

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-20 14:42:31 +02:00
Linus Walleij
f2bc4c1f15
kernel: Add kmod-rtc-r7301
To support the IXP42x platforms we need a kernel module
for the Epson R7301 RTC so we can load it as an optional
module.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Robert Marko <robimarko@gmail.com>
2023-10-20 13:27:48 +02:00
Linus Walleij
806b359bbc
kernel: Add kmod-rtc-x1205
To support the IXP42x platforms we need a kernel module
for the X1205 RTC so we can load it as an optional module.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Robert Marko <robimarko@gmail.com>
2023-10-20 13:27:28 +02:00
Linus Walleij
743dc8dd15
kernel: crypto: armeb build rules for lib-chacha20
The lib-chacha20 library is missing build rules for big endian
ARM, and since IXP4xx is big endian ARM we need those rules to
build for IXP4xx.

Suggested-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2023-10-20 13:27:07 +02:00
Linus Walleij
9340babdcb
boot/apex: Restore the APEX boot loader
This is a partial revert of the deletion of the IXP4xx
target: we restore the APEX boot loader so we can use it
for the NSLU2 and related targets.

The APEX upstream is as dead as it gets so I have applied
OpenWrts old patches on top of the never released
v1.6.10 version and forked it into an OpenWrt variant
on GitHub. If the upstream comes back alive I will
happily switch over to it.

The file refers to the external GitHub, I suppose when
integrating this patch the file should be copied to OpenWrts
file repository and the file link changed.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2023-10-20 13:26:45 +02:00
Christian Marangi
53039bf7f5
netifd: update to latest git HEAD
5590a80e2566 config: fix incompatible with jshn network-device entry

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-20 13:02:44 +02:00
Michael 'ASAP' Weinrich
12bc79d6d5
base-files: fix wrong ucidef_set_network_device_mac network-device entry
The ucidef_set_network_device_* functions in uci-defaults.sh disagree
on whether to use "network-device" or "network_device" in board.json.
With the additional caveat that jshn will translate hyphens (-) into
underscores (_). This casues problems in netifd which expected
"network_device" causing boards which depend on assigning MACs in
board.json via uci-defaults.sh (or jshn in general) to fail.

This commit addresses the issue by using network_device in
uci-defaults.sh.

The bug was uncovered in the forums here:
https://forum.openwrt.org/t/support-for-rtl838x-based-managed-switches/57875/2596

This was exposed by commit 4ebba8a05d ("realtek: add support for HPE
1920-8g-poe+") where the board_config_load call from 03_gpio introduced
the key normalization by jshn.

Fixes: 9290539ca9 ("base-files: allow setting device and bridge macs")
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Michael 'ASAP' Weinrich <michael@a5ap.net>
[ improve commit title, description and fix wrong Tested-by tag ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-20 12:53:43 +02:00
Felix Fietkau
3e1ac00ccb umdns: update to the latest version
479c7f8676d9 cache: make record/hostname lookup case-insensitive
26c97a5a50bf ubus: add a browse flag for suppressing cached ip addresses
c286c51a9bd9 Fix AVL tree traversal in cache_record_find and cache_host_is_known
4035fe42df58 interface: use a global socket instead of per-interface ones
c63d465698c7 cache: dump hostname target from srv records
b42b22152d73 use hostname from SRV record to look up IP addresses
d45c443aa1e6 ubus: add array flag support for the hosts method

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-10-19 19:15:32 +02:00
Nick Hainke
c9e6831a89 gmp: update to 6.3
Release Notes:
https://gmplib.org/gmp6.3

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-17 11:05:16 +02:00
Nick Hainke
79e9bdda68 zlib: update to 1.3
Changes in 1.3 (18 Aug 2023)
- Remove K&R function definitions and zlib2ansi
- Fix bug in deflateBound() for level 0 and memLevel 9
- Fix bug when gzungetc() is used immediately after gzopen()
- Fix bug when using gzflush() with a very small buffer
- Fix crash when gzsetparams() attempted for transparent write
- Fix test/example.c to work with FORCE_STORED
- Rewrite of zran in examples (see zran.c version history)
- Fix minizip to allow it to open an empty zip file
- Fix reading disk number start on zip64 files in minizip
- Fix logic error in minizip argument processing
- Add minizip testing to Makefile
- Read multiple bytes instead of byte-by-byte in minizip unzip.c
- Add memory sanitizer to configure (--memory)
- Various portability improvements
- Various documentation improvements
- Various spelling and typo corrections

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-17 11:05:08 +02:00
Nick Hainke
dd43a89f77 binutils: update to 2.41
Release Notes:
https://lists.gnu.org/archive/html/info-gnu/2023-07/msg00009.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-17 11:05:00 +02:00
Christian Marangi
bea4f50207
mac80211: rt2x00: improve EEPROM load patches
Improve EEPROME load patches. Reorganize and rework them.

The current patch are bugged and with the case of MTD loading, leaks and
never free the EEPROM read values.

Also add support for loading EEPROM using NVMEM cells.

As a cleanup, change the binding to swap EEPROM read from mtd to
ralink,eeprom-swap and generilize it.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-16 14:16:55 +02:00
Hauke Mehrtens
9e1c5ad4b0 mbedtls: Update to version 2.28.5
This fixes some minor security problems.
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-10-14 15:48:31 +02:00
Robert Marko
359a6e36e9 mac80211: ath11k: sync with ath-next
Synchronize the ath11k backports with the current ath-next tree.

All of the changes are various bugfixes, there is no new major feature.
Notable bugfixes are:
* WCN6855 board name fixes
* One MSI vector booting is working again
This is rather important for most of the older platforms.

* DFS CAC state in virtual interfaces was fixed
* TX power during CAC reporting

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-10-14 08:26:56 +02:00
Robert Marko
aab2e6d9ae mac80211: backport upstream DFS CAC time export
DFS CAC time export is required for backport of a ath11k fix so lets
backport the required cfg80211 upstream commit as well.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-10-14 08:26:56 +02:00
Nick Hainke
5b85c19642 iproute2: update to 6.5.0
Release Notes:
https://lore.kernel.org/netdev/20230906093918.394a1b1d@hermes.local/T/

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-14 08:01:56 +02:00
Nick Hainke
abe908ca53 ethtool: update to 6.5
Release Notes:
https://lore.kernel.org/netdev/20230912223336.zywfpavr3ln3trp3@lion.mk-sys.cz/T/

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-14 08:01:45 +02:00
Nick Hainke
316b8e0909 strace: update to 6.5
Release Notes:
https://github.com/strace/strace/releases/tag/v6.5

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-14 08:01:34 +02:00
Nick Hainke
4e5d45f1e6 libnl: update to 3.8.0
Changes:
6b2533c0 libnl-3.8.0 release
1558bd62 build: replace old "NOTE" in configure output and add summary
f66383a4 build: avoid aclocal warning about missing "m4" directory
e4402a4c build: run `autoupdate` for AM_PROG_LIBTOOL
5761b6af build: add "-Wno-portability" to AC_INIT_AUTOMAKE()
661f10a1 license: fix/adjust license for "src/nl-cls-add.c"
c8fcb412 license: fix/adjust license for "src/nl-addr-{add,delete,list}.c"
e3e6fd6d tests: use thread-safe localtime_r() instead of localtime()
f520471c lib/xfrm: use thread-safe gmtime_r() instead of gmtime()
be5add72 tests: avoid srandom()/random() in favor of _nltst_rand_u32()
40578a62 lib: use getprotobyname_r(), getprotobynumber_r() if available
8ee8b05f lib: fix error handling in nl_str2ip_proto()
09f03f29 tests: check nl_str2ip_proto()
74bffbf6 route: fix documentation comment for nl_nh_group_info
59f8db0d clang-format: add "-l" alias for option in "tools/clang-format.sh"
935cc90a clang-format: ignore reformatting commit in ".git-blame-ignore-revs"
53da4712 clang-format: reformat files with new format
65c43bfe clang-format: update ".clang-format" from linux kernel
4c39a2ce include: use <linux/$file> instead of <linux-private/linux/$file>
a1e9fb3d include/linux: add all linux headers that we use
d37ffe15 include/linux: update all linux headers
1af767a8 include: add missing "extern "C"" specifier to public headers
e0a5d12b all: drop "extern "C"" from internal code
d9a1e0ce build: add "check-local-build-headers" test target to build public headers
02b87012 build: add a "check-local" build target
f9413915 include: fix headers "include/netlink/route/{netconf.h,route/qdisc/red.h}" to be self-contained
680df173 idiag: "fix" license for "idiag-socket-details" tool
2f210d9a github: test build on alpine:latest for musl
dcc4c0a5 Revert "gitignore: ignore patch files"
39106309 github: add test for linking with mold and fail on unknown versions
f475c3b2 route/nh: drop not implemented "nh" API from headers
4c681e77 build: fix exporting symbol rtnl_link_info_ops_get
260c9575 include: don't explicitly include headers from "nl-default.h"
98c1e696 tests: cleanup include of netlink headers
42bec462 build: cleanup default include list in Makefile.am
4c1a119a include: include private linux headers with explicit path
ca063725 python: add make target for python build
25c90193 python: drop unused "python/netlink/fixes.h"
3f3da7fd gitignore: ignore python build artifacts
61ef5609 gitignore: ignore generated doc files
298c5dc6 include: drop "netlink-private/netlink.h" and move declarations
862eed54 all: cleanup includes and use "nm-default.h"
2b3cd741 include: add "nl-default.h" header
8952ce6f build: move "lib/defs.h" to "include/config.h"
1010776d include: split and drop "netlink-private/types.h"
d1d57846 include: rename "nl-shared-core" to "nl-priv-dynamic-core"
fc91c4f8 include: rename "nl-hidden-route" to "nl-priv-dynamic-route"
9bb6f770 include: rename "nl-intern-route" to "nl-priv-static-route"
b5195db9 genl: rename private header "nl-priv-genl.h" to "nl-genl.h"
0eacf658 include: make "netlink/route/link/{inet,inet6}.h" self-contained
ad014ad1 route/tc: avoid unalinged access in rtnl_tc_msg_parse()
05bd6366 add support for TC action statistics
776fc5a6 lib: move "include/netlink-private/object-api" to include/nl-shared-core
fad34560 lib: move "include/netlink-private/cache-api" to include/nl-shared-core
ed2be537 route: move "include/netlink-private/route/link/sriov.h" to lib/route/link-sriov.h
97f61eda lib: move "include/netlink-private/socket.h" to lib/nl-core.h
96e1cc5b route: move "include/netlink-private/route/nexthop-encap.h" to lib/route
391e03d3 route: merge "include/netlink-private/tc.h" to lib/route/tc-api.h
7fc4f5b3 route: move rtnl_tc_build_rate_table() to "tc-api.h"
cf41e14d route: move "include/netlink-private/route/tc-api.h" to lib/route
db810cfb route: move hidden symbols from "include/netlink-private/route/tc-api.h"
ff08e618 build: don't add lib/route to include directory for all libs
eb8da16d include: move "include/netlink-private/route/link/api.h" to lib/route
8b2074aa include: move "include/netlink-private/route/utils.h" to nl-intern-route
fd470c06 include: move "include/netlink-private/route/mpls.h" to "lib/mpls.h"
78056ad2 genl: add comment about wrongly exported symbol genl_resolve_id()
befc4ab4 include: move "include/netlink-private/genl.h" to "lib/genl/nl-priv-genl.h"
f6c26127 nl-aux: add "include/nl-aux-{core,route}" headers
2da8481b base: move "netlink-private/utils.h" to "base/nl-base-utils.h"
d3e9b513 include/utils: move nl-auto base defines to "utils.h"
543b9f8f clang-format: reformat "include/netlink-private/nl-auto.h"
aa565460 route: cleanup ATTR_DIFF() macros
beba5a18 cli: add nl-nh-list utility
780d06ae route: add nh type
1b6433d9 neigh: add support of NHID attribute
e0140c5f include: import kernel headers "linux/{neighbour,nexthop,rtnetlink}.h"
eef06744 utils: add static-assert for signedness of arguments of _NL_CMP_DIRECT() macro
679c4c51 cli: use <netlink-private/utils.h> in cli and _nl_{init,exit}
a9c5de52 lib: use _nl_{init,exit} instead of __{init,exit}
102f9bd2 include/private: add _nl_init/_nl_exit macros
6782678e include/private: drop unused __deprecated macro
a0535a58 all: use "_nl_packed" macro instead of "__attribute__((packed))"
8c9f98cf all: rework ATTR_DIFF() macros to not generate attribute names
ca34ad52 lib: handle negative and zero size in nla_memcpy()
859b89dc include: drop now unused min()/max()/min_t()/max_t() macros
2e0ae977 all: use _NL_{MIN,MAX}() macros
57c451fa utils: add various helpers to "include/netlink-private/utils.h"
a9a9dcea style: format "include/netlink-private/utils.h" with clang-format
590e8a61 tools: improve failure message with "tools/clang-format.sh -n"
06dc5ae0 github: fix format checking with clang-format
7738f239 route/trivial: sort entries in "libnl-route-3.sym" asciibetically
fc805c56 route/bond: Add support for link_info for bond
6af26981 lib: accept NULL argument in nla_nest_cancel() for robustness
e9662091 macsec: Drop offload capability validation check
35a68109 github: update flake8 linter to not explicitly select checks
9a266405 python: add ".flake8" file for configuring "flake8"
e6b934a5 python: fix flake8 warnings E712
2cea738b python: fix flake8 warnings E711
d561096c python: fix flake8 warnings E302
29b06d0f python: fix flake8 warnings E741
4dc1f498 python: fix flake8 warnings F841
f4875c69 python: fix flake8 warnings W605
9a3d91df python: fix flake8 warnings F401
6baf2339 clang-format: add "tools/clang-format-container.sh" script
ee2876e3 github: add test for checking clang-format style
45c7aae3 clang-format: add "tools/clang-format.sh" script
02e0fd3f github: check python-black code formatting in github actions
2dd53895 build: add ".git-blame-ignore-revs" file for "blame.ignoreRevsFile" git config
3c753e3c python: reformat all Python files with python-black
298ee58e python add "pyproject.toml" for configuring black
a0e4b7f9 github: skip Python flake8 test with clang build
c4240c0b github: run "Build Release" test also with clang
143cee1d bridge: fix bridge info parsing
96bbe55c test-cache-mngr: Flush output after object dumps
cf5dcbcd test-cache-mngr: Add option to print timestamps
bd570952 test-cache-mngr: Add an option to iterate over all supported address families
bf80da90 test-cache-mngr: Add dump interval options
80febeea test-cache-mngr: Add an option to control which oo_dump function is used
6519a917 route/link: prevent segfault in af_request_type()
a68260f8 github: fix installing python dependencies via pip
39c04bc7 build: drop redundant "autogen.sh" call from "tools/build_release.sh"
d411b88d build: change proper working directory in "doc/autogen.sh"
2fa73ce0 build: ensure "autogen.sh" scripts fail on error
fc786296 gitignore: ignore "*~" files
4c4e614b docs: rtnl_link_put() 'releases' instead of 'returns'
336b15dc include/linux: update copy of kernel header "linux/ipv6.h"
e2cacc26 route/link: improve handling of IFLA_INET6_CONF
ec8c493c route/link: remove rtnl_link_inet6_set_conf() API
e790f8ad route/link: various fixes for rtnl_link_inet6_get_conf() API
d83c6d54 route/link: add accessor API for IPv6 DEVCONF
9167504d bridge: drop unnecessary goto in bridge_info_parse()
984d6e93 bridge: don't normalize the u8 argument in rtnl_link_bridge_set_vlan_filtering() to boolean
3662a5da bridge: expose rtnl_link_bridge_get_vlan_protocol() in host byte order
5a1ef219 bridge: fix parsing vlan-protocol in bridge_info_parse()
ad1c2927 bridge: minor cleanups in "bridge_info.c"
1c74725a bridge: use SPDX license identifiers in bridge_info files
26ca549d bridge: reformat bridge_info file with clang-format
08dc5d9c bridge: extend libnl with options needed for VLAN aware forwarding
7391a38e bridge: Add support for link_info of a bridge
1f1e8385 route/vlan: drop unnecessary "else" in vlan_put_attrs()
2bc30e57 route/vlan: fix error handling in 'lib/route/link/vlan.c'
8273d6ce build: add comments to linker version scripts about the version tags
6ac7a812 doc: fix typo
07d274ab doc: fix typo
0461a425 attr: reject zero length addresses
8d40d9eb route: construct all-zero addresses for default route destination
25d42a4f addr: allow constructing all-zero addresses
0c0aee82 addr: create an all-zero addresses when parsing "any" or "default"

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-12 09:50:38 +02:00
Nick Hainke
22174e7c2a libmd: update to 1.1.0
Changes:
16d68ab Release libmd 1.1.0
054bca1 build: Terminate lists in variables with «# EOL»
84d269e test: Add cases for SHA224 and SHA512-256
a677e68 test: Add a new test_eq() helper function
4c5931f Sync SHA2 changes from OpenBSD
9934d94 Sync SHA1 changes from OpenBSD
457e30a Sync RMD160 changes from OpenBSD
b2e54bc Sync MD5 changes from OpenBSD
ee56a52 Sync MD4 changes from OpenBSD
b9496ac Sync MD2 changes from NetBSD
09d5824 Remove unused <assert.h>
08b2c5d build: Rename libmd_alias() to libmd_strong_alias()
ed69599 On Darwin use assembler to support symbol aliases
b74b777 build: Do not use strong aliases on macOS
94838ec build: Require automake 1.11
39cbc7b build: Fix configure.ac indentation
4620a04 build: Switch to debian:latest Docker image
e408786 build: Fix version script linker support detection
0ef1e4d doc: Move mailing list reference to the end
a3f1671 man: Add new libmd(7) man page

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-12 09:50:25 +02:00
Nick Hainke
bf4092cf61 libjson-c: update to 0.17
Release Notes:
ad8b8afa7d/ChangeLog (L2)

Refresh patch:
- 001-dont-build-docs.patch

Delete upstreamed patch:
- 010-fix-build-with-clang-15.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-12 09:50:06 +02:00
Nick Hainke
67e465b32e util-linux: update to 2.39.2
Changelog:
4d3079ad4 build-sys: release++ (v2.39.2)
9dc7d9808 docs: update v2.39.2-ReleaseNotes
4ffb7ac7c docs: update AUTHORS file
20781132f po-man: merge changes
76228ce1c po: merge changes
86c851c27 po-man: update sr.po (from translationproject.org)
c695dce97 po: update sr.po (from translationproject.org)
b168eef36 po: update ja.po (from translationproject.org)
83557da34 po: update hr.po (from translationproject.org)
5495eeb64 po: update es.po (from translationproject.org)
7de55c1ea setarch: add PER_LINUX_FDPIC fallback
b101de3d0 libblkid: fix topology chain types mismatch
131098cc8 uuidd: improve man page for -cont-clock
112d2245e zramctl: add hint about supported algorithms
f5b01cd95 meson: check for HAVE_STRUCT_STATX_STX_MNT_ID
a1f803340 include: define pidfd syscalls if needed
032c502d5 wall: do not error for ttys that do not exist
140404e1f column: fix -l
1632bd6d4 lscpu: Even more Arm part numbers (early 2023)
fc0a64480 chrt: (man) add note about --sched-period lower limit
073d02941 meson: add check for struct statx
9d54f7c99 meson: add check for linux/mount.h
d14d39cbd libmount: improve EPERM interpretation
ce266c9e1 libmount: ifdef statx() call
a64cec15a libmount: check for struct statx
396798d6b libmount: check for linux/mount.h
03435a7c6 libmount: (utils) fix statx fallback
993581379 libmount: cleanup --fake mode
501227232 libmount: (python): work around python 3.12 bug
8950e9852 build-sys: add AX_COMPARE_VERSION
1e05167df libmount: update documentation for MNT_ERR_APPLYFLAGS
e7c34902f libmount: fix typo
e5858dbb6 libmount: use some MS_* flags as superblock flags
f1875239b libmount: use mount(2) for remount on Linux < 5.14
58cb00c63 github: check apt-cache in more robust way
0a9bf6166 libmount: handle failure to apply flags as part of a mount operation
e98ef85a8 build-sys: release++ (v2.39.1)
12169133e docs: update v2.39.1-ReleaseNotes
508e25110 docs: update AUTHORS file
6b865e1b0 po-man: merge changes
aa4f94cb5 po: merge changes
cad75b635 po-man: add ro.po (from translationproject.org)
8acfe93b7 po-man: add ko.po (from translationproject.org)
5f31e774c po-man: update uk.po (from translationproject.org)
29626b095 po: update hr.po (from translationproject.org)
90835e74a cal: fix long option name for -c
7826c3ebe cal: fix error message for bad -c argument
07e6b9a12 lib/strutils: fix typo
cc99bfd06 build-sys: don't call pkg-config --static if unnecessary
3b59942da logger: initialize socket credentials contol union
4746cf936 unshare: fix error message for unexpected time offsets
a34e6aced losetup: deduplicate find_unused() logic
423d9efab lib/loopdev: consistently return error values from loopcxt_find_unused()
8feec98a8 lib/loopdev: document function return values
36ce0c250 tests: (run.sh) detect builddir from working directory
1943ad6cd hardlink: (man) add missing comma
1a4522541 libmount: fix sync options between context and fs structs
3aba3fb95 tests: (lsfd) add a case for verifying ENDPOINTS column output in JSON mode
c289c152a lsfd: use ARRAY_STRING for ENDPOINTS column in JSON output mode
665e28c30 lsfd: (filter) weakly support ARRAY_STRING and ARRAY_NUMBER json types
d9fca2b62 sfdisk: add hint about duplicate UUIDs when use dump
d84ee5a46 lib: remove pager.c from libcommon
c50da4b07 lib/ include/: cleanup license headers
d5adeed7a lib/color-names: fix license header
868f7f10c tests: fix update special mount test output
2278e2f91 tests: backport special mount script
d8a4e680f libmount: always ignore user=<name>
22d0a6557 meson: check for _NL_TIME_WEEK_1STDAY in langinfo.h
205e88e51 meson: conditionalize waitpid
aebfa97d5 meson: add conditionalization for test progs
bbe24d5b1 meson: implement HAVE_PTY
bc58e3b35 meson: install write setgid
f5a411883 meson: install wall setgid
64e67f720 meson: install umount setuid
4c3c05006 meson: install mount setuid
58c107277 meson: install newgrp setuid
8549017af meson: install su setuid
fa818dc8d meson: install chsh setuid
1e9fc724e meson: install chfn setuid
53ff0fcda libmount: introduce LIBMOUNT_FORCE_MOUNT2={always,never,auto}
61307a950 libmount: (optlist) correctly detect ro status
8c85b0805 tests: backport mount_setattr test
5004732d8 libblkid: jfs - avoid undefined shift
c082e6182 build-sys: fix typo in waitpid check
b04446bfd Update fsck.8.adoc
9429cc72b dmesg: make kmsg read() buffer big enough for kernel
198fd3fb2 Fix Blizzard-M2-Max
20c04a509 Add recent Apple ARM cores
9d4d768f2 libmount: don't call hooks after mount.<type> helper
98ed3edf8 meson: install symlink for vigr man page
f25cc3372 meson: include bash-completion for write
760c01641 meson: include bash-completion for newgrp
ddf48064f libmount: cleanup enosys returns from mount hoop
230459358 libmount: don't call mount.<type> helper with usernames
6fa034d0a libmount: fix options prepend/insert and merging
f8c9ef62e libmount: check for availability of mount_setattr
9422991c9 libmount: don't pass option "defaults" to helper
2806759b5 build-sys: add --disable-waitpid
01e3ec515 mesg.1 cleanups/updates
00a19fb8c libblkid: (bcache) also calculate checksum over journal buckets
158639a2a libblkid: (bcache) extend superblock definition
43926e0b0 ci: prevent prompts during installation
01bb5d12d tools: (asciidoctor) explicitly require extensions module
da22c179c build-sys: only pass --failure-level if supported
1bfc285fa lsfd: (tests) fix typo
66fac3e71 blkzone: don't take address of struct blk_zone
d2e3ac959 enosys: add support for loongarch
a369feacc meson: require 0.57
f084562c3 enosys: split audit arch detection into dedicated header
88f76e37a enosys: add support for sparc
f65c49002 waitpid: only build when pidfd_open is available
ddf9b36ea libsmartcols: (samples): fix format truncation warning
0d0766fbe test_uuidd: make pthread_t formatting more robust
873a896e0 mkfs.minix: handle 64bit time on 32bit system
69d8400e4 enosys: add support for MIPS, PowerPC and ARC
0ee8ac065 test_enosys: fix build on old kernels

Remove upstreamed patches:
- 0001-test_enosys-add-support-for-mips.patch
- 200-meson-no-po.patch

Backport patch:
- 001-meson-properly-handle-gettext-non-existence.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-10-11 08:08:36 +02:00
Hauke Mehrtens
cac723e8b8 bsdiff: Add patches for CVEs
Add two patches from Debian fixing CVEs in the bsdiff application.
CVE-2014-9862: Heap vulnerability in bspatch
CVE-2020-14315: Memory Corruption Vulnerability in bspatch

Copied the patches from this location:
https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/20-CVE-2014-9862.patch
https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/33-CVE-2020-14315.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-10-09 23:42:37 +02:00
Martin Schiller
e53ed6af87 linux-atm: use target specific kernel headers
There are a few targets that mess with the atm kernel headers. To avoid
incompatibility between kernel and user space during compilation, the
correct headers should be used.

Consequently, the package must also be marked as nonshared.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2023-10-05 10:31:39 +02:00
Glen Lee
3aef61060e
ipq806x: add support for Extreme Networks AP3935
Extreme Networks AP3935i/e -
https://www.extremenetworks.com/support/documentation/access-points-ap3935i-e/

SoC: IPQ8068 QYY AT46279K45060I
RAM: NANYA 1527 NT5CC256M16DP-DI 515073W0EF 7 TW
FLASH: NOR - S25FL256S1 - 32MB
       NAND - Macronix MX30UF4G28AB - 512MB
LAN: Atheros AR8035-A J5150WL 1515 CN - RGMII
LAN2: Atheros AR8033-AL1A SKCSR.AJ1 1444 China - SGMII
WLAN2: QCA9990 OVV FNPV209 K451406
WLAN5: QCA9990 OVV FNPV209 K451406
SERIAL: RS232 Port (115200 8n1) Cisco console cable and
        4pin Serial Header | 3.3 | GND | RX | TX

MAC address for LAN1/LAN2/WLAN 2G/WLAN 5G in uboot env

 * Installation via either RJ45 console or on-board 4 PIN header

Install Method
--------------
1) Setup TFTP server, and place
     openwrt-ipq806x-generic-extreme_ap3935-initramfs-uImage image
     in /srv/tftp or similar
2) Connect to console on router and connect ethernet port "LAN1" to
     your LAN
3) Interupt the boot with any character
4) Login with admin/new2day for default password
     (use reset/FactoryDefault if password needs to be reset)
5) Set serverip to TFTP IP: set serverip 192.168.1.2
6) Set ipaddr to another IP: set ipaddr 192.168.1.101
7) Make uboot ping something to activate eth0 on boot:
     set bootcmd 'ping 192.168.1.1; run boot_flash'
     saveenv
8) TFTP image to RAM:
     tftpboot 0x42000000
openwrt-ipq806x-generic-extreme_ap3935i-initramfs-uImage
9) Boot image: bootm 0x42000000
     In OpenWRT, "LAN1" is LAN, "LAN2" is WAN
10) SFTP openwrt-ipq806x-generic-extreme_ap3935-squashfs-nand-sysupgrade.bin
     image to /tmp
11) sysupgrade /tmp/openwrt-*-nand-sysupgrade.bin

Signed-off-by: Glen Lee <g2lee@yahoo.com>
2023-10-05 00:56:57 +02:00
Uwe Niethammer
32a696f9e4 uqmi: added timeout to fix hanging qmi.sh
Modems which are using qmi do not reply on the 1st sync but they do
on subsequent. So qmi.sh is hanging on the first call. Since 2020 uqmi
supports a timeout parameter. Unfortunately qmi.sh didn't make use of
this parameter. So qmi.sh is now invoking an early dummy access to
unlock the modem

Signed-off-by: Uwe Niethammer <uwe@dr-niethammer.de>
2023-10-03 18:50:01 +02:00
Christian Marangi
a181b9f0f9
yafut: add missing PKG_MIRROR_HASH
Add missing PKG_MIRROR_HASH. This is always needed as is used to
generate and use a tar instead of git clone and validate the hash of it.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-02 22:13:10 +02:00
Christian Marangi
93182ff272
ipq-wifi: improve and update instructions on how to add board files
Improve and update instructions on how to add board files and both
describe the needed step to upstream a board file or to use it locally.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-02 19:00:14 +02:00
Hauke Mehrtens
954142f477 rtl8812au-ct: Fix PKG_MIRROR_HASH
The PKG_MIRROR_HASH is wrong, fix it.
Found and fixed using this command:
make package download check FIXUP=1

Fixes: c123e4f053 ("rtl8812au-ct: bump to fix kernel 6.1 compile")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-10-02 13:01:35 +02:00
Oskari Rauta
c354c069b3 uci: fix Makefile formatting
Fix wrong declaration for PKG_SROUCE_URL and PKG_VERSION variables and add missing colon

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
2023-10-01 23:18:02 +03:00
Nick Hainke
91d2ead3c3 hostapd: increase PKG_RELEASE to fix builds
Recent hostapd changes just edited the ucode files. It is required to
bump the PKG_RELEASE to include the newest changes in the latest builds.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-09-29 11:26:49 +02:00
Jianhui Zhao
fe10f97439 filogic: add support for GL.iNet GL-MT6000
Hardware specification:
* SoC: MediaTek MT7986A 4x A53
* Flash: 8GB EMMC
* RAM: 1GB DDR4
* Ethernet:
  * 2x2.5G RJ45 port (RTL8221B)
  * 4x1G RJ45 ports (MT7531AE)
* WLAN:
  * 2.4GHz: MT7976GN 4T4R
  * 5GHz: MT7976AN 4T4R
* Button: Reset
* LED: 1 x dual color LED
* USB: 1 x USB 3.0
* Power: DC 12V 4A
* UART: 3V3 115200 8N1 (Pinout: GND TX RX VCC)
* JTAG: 9 PIN

If you want to use u-boot from OpenWrt, you can upgrade it safely.
* bl2: openwrt-mediatek-filogic-glinet_gl-mt6000-preloader.bin
* fip: openwrt-mediatek-filogic-glinet_gl-mt6000-bl31-uboot.fip

`openwrt-mediatek-filogic-glinet_gl-mt6000-squashfs-factory.bin` is used in OpenWrt's u-boot.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
2023-09-29 00:18:26 +01:00
Chukun Pan
e3aa645b26 mt76: drop default eeprom file for mt7986-firmware
The mt76 driver usually reads the eeprom on the mtd partition at dts.
For emmc device we need to use caldata_extract script to read the
eeprom. However, the default eeprom file breaks the caldata script
execution, so remove it.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2023-09-29 00:18:26 +01:00
Chukun Pan
eb273ef640 uboot-mediatek: sync spi-nand driver with SDK
When adding new router support, I found that uboot
could not recognize flash: "unknown raw ID xxx".

Sync SPI-NAND driver for mediatek to fixes this:
 * Add support for Winbond W25N01KV 1Gbit chip.
 * Add support for Etron SPI-NAND chip.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2023-09-29 00:07:50 +01:00
Felix Fietkau
abceef120d hostapd: fix wpa_supplicant mac address allocation on ap+sta
If the full interface is restarted while bringing up an AP, it can trigger a
wpa_supplicant interface start before wpa_supplicant is notified of the
allocated mac addresses.
Fix this by moving the iface_update_supplicant_macaddr call to just after
the point where mac addresses are allocated.

Reported-by: Michael-cy Lee (李峻宇) <Michael-cy.Lee@mediatek.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-28 10:30:14 +02:00
Felix Fietkau
0c43a48735 hostapd: fix mac address of interfaces created via wdev.uc
Use the wdev config with the generated MAC address

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-27 15:04:25 +02:00
Hauke Mehrtens
d2b5f4b2cd treewide: Add extra CPE identifier
This adds some Common Platform Enumerations (CPE) identifiers which I
found.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-09-25 23:06:33 +02:00
Felix Fietkau
f1bb528ae7 hostapd: fix rare crash with AP+STA and ACS enabled
Ensure that the iface disable in uc_hostapd_iface_start also clears the ACS
state.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-25 18:46:22 +02:00
Leon M. Busch-George
25aab738ef base-files: ipcalc.sh: make check slightly more future-proof
The previous code handling the equal-condition might be removed or
altered in the future and the case might be overlooked.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
270f694f11 base-files: ipcalc.sh: turn error into warning
Some users have their routers configured to supply a DHCP range that
includes the local interface address.
That worked with dnsmasq because it automatically skips the local
address.

Re-enable those existing configurations for the release and hint at
possible future problems.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
[ wrap commit description and remove unecessary text ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
d7978e1f39 base-files: ipcalc.sh clarify range parameters in comment
To avoid confusion when working with ipcalc.sh, clarify that the last two
parameters belong to the range calculation and rename 'num' to the slightly
less ambiguous 'size'.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
9f52a57c99 package: dnsmasq: remove off-by-one mitigation for limit
In the dnsmasq init script, an off-by-one in the range calculation of
ipcalc.sh was mitigated by passing the limit as if its counting started
at zero. This patch removes the mitigation as the off-by-one has been
fixed.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
6b23836071 package: avoid the use of eval to parse ipcalc.sh output
Add a function 'ipcalc' to /lib/functions.sh that sets variables more
safely using export.
With this new function, dnsmasq also handles the return value of ipcalc
correctly.

Fixes: e4bd3de1be ("dnsmasq: refuse to add empty DHCP range")
Co-Authored-By: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
59e681eea1 base-files: ipcalc.sh: don't print broadcast addr for prefix > 30
Printing a broadcast address doesn't make any sense for /31 and /32
prefixes.
Strictly speaking, the same goes for the network address but it is useful
to get the first address in the prefix, e.g. to create a canonical
CIDR notation "$NETWORK/$PREFIX".

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
9b2f8a33b6 base-files: ipcalc.sh: correctly set limit for prefix > 30
For /31 and /32 prefixes, there are only host addresses - no network and
broadcast address with all-zero and all-one bits.
Reflect this when setting the limit.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Leon M. Busch-George
9e8bbd4265 base-files: ipcalc.sh: correctly interpret num parameter
The start and end addresses are inclusive.
Thus, adding num without substracting one results in num + 1 addresses.
Add the substraction and to implement the documented behaviour.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-09-25 15:02:49 +02:00
Elbert Mai
75ee5546e9 mediatek: filogic: add support for Ubiquiti UniFi 6 Plus (U6+)
Ubiquiti U6+ is a dual-band WiFi 6 PoE access point.
It is a drop-in upgrade of the U6 lite.

Specifications
---

- SoC: MediaTek MT7981A dual-core ARM Cortex-A53 1.3 GHz
- RAM: 256 MB DDR3-2133 RAM
- Flash: 16 MB SPI NOR and 4 GB eMMC
- LAN: 1x Gigabit Ethernet with 802.3af/at support
- WLAN: MediaTek MT7976C 2x2 MIMO dual-band WiFi 6
- LEDs: 1x blue and 1x white
- Buttons: 1x reset button

Installation
---

1. Power device using a PoE injector or switch
2. Connect via Ethernet to the device with static IP 192.168.1.2
3. SSH into the device with password: ubnt

        $ ssh ubnt@192.168.1.20

4. Unlock kernel partitions for writing

        $ echo 5edfacbf > /proc/ubnthal/.uf

5. Confirm correct partitions

        $ grep PARTNAME /sys/block/mmcblk0/mmcblk0p6/uevent
        PARTNAME=kernel0
        $ grep PARTNAME /sys/block/mmcblk0/mmcblk0p7/uevent
        PARTNAME=kernel1
        $ grep PARTNAME /sys/block/mmcblk0/mmcblk0p8/uevent
        PARTNAME=bs

6. Set and confirm bootloader environment

        $ fw_setenv boot_openwrt "fdt addr \$(fdtcontroladdr); fdt rm /signature; bootubnt"
        $ fw_setenv bootcmd_real "run boot_openwrt"
        $ fw_printenv

7. Copy sysupgrade image to /tmp/openwrt.bin via scp
8. Copy kernel and rootfs to mmcblk0p6 and mmcblk0p7, respectively

        $ tar xf /tmp/openwrt.bin sysupgrade-ubnt_unifi-6-plus/kernel -O | dd of=/dev/mmcblk0p6
        $ tar xf /tmp/openwrt.bin sysupgrade-ubnt_unifi-6-plus/root -O | dd of=/dev/mmcblk0p7

9. Ensure device boots from mmcblk0p6

        $ echo -ne "\x00\x00\x00\x00\x2b\xe8\x4d\xa3" > /dev/mmcblk0p8

10. Reboot the device

        $ reboot

Signed-off-by: Elbert Mai <code@elbertmai.com>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
2023-09-24 17:16:16 +02:00
Sebastian Pflieger
03123a3ae5 arm-trusted-firmware-sunxi: update to version 2.9
- detect die revision used in variants of the Allwinner H616 SoC (H313, T507)
- support for H6 boards without PMIC

Tested on Pine64+ and Orange PI Zero2

Signed-off-by: Sebastian Pflieger <sebastian@pflieger.email>
2023-09-24 17:12:24 +02:00
Sebastian Pflieger
3ce909914a lldpd: add lldp_syscapabilities config option
allow to overwrite the detected system capabilities e.g. if devices
does not operate as bridge.

Signed-off-by: Sebastian Pflieger <sebastian@pflieger.email>
2023-09-24 17:07:28 +02:00
Kristian Skramstad
76e419288f ipq807x: add support for Netgear WAX620
```
Specifications:
* CPU: Qualcomm IPQ8072A, SoC Version: 2.0, Quad core Cortex-A53 1.6896 GHz
* RAM: 1 GiB of DDR4 600 MHz
* Flash: NAND 2x256 MiB (Macronix MX30UF2G18AC)
* 4 RGB LEDs: Power, LAN, 2.4GHz and 5GHz
* UART: Two 4-pin unpopulated headers under the LEDs.
  Use the header closest to LED 4 and 5.
  They are marked with a white stroke.
  TX RX GND, beginning from "4". 115200n8.

Lan:
* One 100/1000/2.5GBASE-T Gigabit Ethernet (QCA8081)

Wlan:
* 4x4 in 2.4GHz: 802.11b/g/n/ax
* 4x4 in 5.0GHz: 802.11a/n/ac/ax
* OFDM and OFDMA
* Bidir and MU-MIMO
* Internal antenna 3.1/4.3 dBi (2.4GHz/5GHz)

Power:
* PoE+ 802.3at/af 25.5W
* DC 12V 2.5A
```

```
Note: The OpenWrt image is setup with DHCP and not a static IP.
1.  Download the OpenWrt initramfs image. Copy the image to a TFTP server
2.  Connect to console on the AP, and connect the LAN port to your LAN
3.  Stop auto boot to get to U-boot shell, interrupt the autoboot process by pressing '0' when prompted
4.  Set active_fw in env
    # setenv active_fw 1
5.  Transfer the initramfs image with TFTP
    # setenv serverip 192.168.1.10 (IP of TFTP server host)
    # setenv ipaddr 192.168.1.1 (IP used by the router for getting the image, must be in the same subnet as the TFTP host)
    # tftpboot openwrt-qualcommax-ipq807x-netgear_wax620-initramfs-uImage.itb
6.  Reboot and load the image
    # bootm
7.  SCP factory image to the AP
    # scp openwrt-qualcommax-ipq807x-netgear_wax620-squashfs-factory.ubi root@192.168.1.1:/tmp/
8.  Connect to device using SSH (use the LAN port)
9.  Flash squashfs-factory.ubi from within the initramfs instance of OpenWRT
    Before you flash, please check your mtd partitions where mtdX is the right mtd rootfs partition.
    # cat /proc/mtd (To check MTD partitions)
    # ubiformat /dev/mtd19 -y -f /tmp/openwrt-qualcommax-ipq807x-netgear_wax620-squashfs-factory.ubi
10. Set active_fw to 0
    # /usr/sbin/fw_setenv active_fw 0
11. Reboot the AP and your done
    # reboot
```

Signed-off-by: Kristian Skramstad <kristian+github@83.no>
2023-09-24 13:09:16 +02:00
Ivan Pavlov
bfd54529fa openssl: update to 3.0.11
Changes between 3.0.10 and 3.0.11 [19 Sep 2023]
 * Fix POLY1305 MAC implementation corrupting XMM registers on Windows. ([CVE-2023-4807])

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
2023-09-24 12:41:54 +02:00
Shiji Yang
d152188906 mac80211: rt2x00: fix MT7620 low RSSI issue
Introducing SoC specific RSSI base value to fix the low RSSI issue
on MT7620. With this fix[1], the RSSI value reported by MT7620 will
increase by 10 dB.

[1] https://lore.kernel.org/linux-wireless/TYAP286MB031571CDB146C414A908A66DBCFEA@TYAP286MB0315.JPNP286.PROD.OUTLOOK.COM/

Fixes: https://github.com/openwrt/openwrt/issues/11036
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2023-09-23 03:30:00 +01:00
Felix Fietkau
3a5ad6e3d7 hostapd: fix patch rebase after a crash fix
The patch refresh accidentally moved the hostapd_ucode_free_iface call to
the wrong function

Fixes: e9722aef9e ("hostapd: fix a crash when disabling an interface during channel list update")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-22 20:00:13 +02:00
Felix Fietkau
fd6d7aafb2 hostapd: fix wpa_supplicant bringup with non-nl80211 drivers
Needed for wired 802.1x

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-22 07:59:27 +02:00
Daniel Golle
8428bed15d uboot-mediatek: add build for mt7981 rfb
Improve and package builds for various boot media configurations of the
MediaTek MT7981 reference board.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-09-21 10:15:08 +01:00