Commit Graph

21951 Commits

Author SHA1 Message Date
Ivan Pavlov
395afc4c58 hostapd: update to 2.11 release tag
Release 2.11 has been quite a few new features and fixes since the 2.10
release. The following ChangeLog entries highlight some of the main
changes:

* Wi-Fi Easy Connect
  - add support for DPP release 3
  - allow Configurator parameters to be provided during config exchange
* HE/IEEE 802.11ax/Wi-Fi 6
  - various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
  - add preliminary support
* SAE: add support for fetching the password from a RADIUS server
* support OpenSSL 3.0 API changes
* support background radar detection and CAC with some additional
  drivers
* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
* EAP-SIM/AKA: support IMSI privacy
* improve 4-way handshake operations
  - use Secure=1 in message 3 during PTK rekeying

...and many more

Remove upstreamed patches:
  023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch
  030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch
  040-mesh-allow-processing-authentication-frames-in-block.patch
  181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch
  182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch
  183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch
  210-build-de-duplicate-_DIRS-before-calling-mkdir.patch
  253-qos_map_set_without_interworking.patch
  751-qos_map_ignore_when_unsupported.patch
  800-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
  801-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
  802-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch

Other patches has been updated.

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16338
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-16 10:32:43 +02:00
Mauri Sandberg
fea2264d9f ramips: mt7621: Add DNA Valokuitu Plus EX400
Specifications:
- Device: DNA Valokuitu Plus EX400
- SoC: MT7621A
- Flash: 256MB NAND
- RAM: 256MB
- Ethernet: Built-in, 2 x 1GbE
- Wifi: MT7603 2.4 GHz, MT7615 5 GHz (4x internal antennas)
- USB: 1x 3.0
- LED: 1x green/red, 1x green
- Buttons: Reset

MAC addresses:
- LAN:     u-boot 'ethaddr' (label)
- WAN:     label + 1
- 2.4 GHz: label + 6
- 5 GHz:   label + 7

Serial:
 There is a black block connector next to the red ethernet connector. It
 is accessible also through holes in the casing.

Pinout (TTL 3.3V)
 +---+---+
 |Tx |Rx |
 +---+---+
 |Vcc|Gnd|
 +---+---+

Firmware:
 The vendor firmware is a fork of OpenWrt (Reboot) with a kernel version
 4.4.93. The flash is arranged as below and there is a dual boot
 mechanism alternating between rootfs_0 and rootfs_1.

 +-------+------+------+-----------+-----------+
 |       | env1 | env2 | rootfs_0  |  rootfs_1 |
 |       +------+------+-----------+-----------+
 |       |         UBI volumes                 |
 +-------+-------------------------------------+
 |U-Boot |             UBI                     |
 +-------+-------------------------------------+
 |mtd0   |             mtd1                    |
 +-------+-------------------------------------+
 |                     NAND                    |
 +---------------------------------------------+

 In OpenWrt rootfs_0 will be used as a boot partition that will contain the
 kernel and the dtb. The squashfs rootfs and overlay are standard OpenWrt
 behaviour.

 +-------+------+------+-----------+--------+------------+
 |       | env1 | env2 | rootfs_0  | rootfs | rootfs_data|
 |       +------+------+-----------+--------+------------+
 |       |         UBI volumes                           |
 +-------+-----------------------------------------------+
 |U-Boot |             UBI                               |
 +-------+-----------------------------------------------+
 |mtd0   |             mtd1                              |
 +-------+-----------------------------------------------+
 |                     NAND                              |
 +-------------------------------------------------------+

U-boot:
 With proper serial access booting can be halted to U-boot by pressing any
 key. TFTP and flash writes are available, but only the first one has been
 tested.

 NOTE: Recovery mode can be accessed by holding down the reset button while
 powering on the device. The led 'Update' will show a solid green light
 once ready. A web server will be running at 192.168.1.1:80 and it will
 allow flashing a firmware package. You can cycle between rootfs_0 and
 rootfs_1 by pressing the reset button once.

Root password:
 With the vendor web UI create a backup of your settings and download the
 archive to your computer. Within the archive in the file
 /etc/shadow replace the password hash for root with that of a password you
 know. Restore the configuration with the vendor web UI and you will have
 changed the root password.

SSH access:
 You might need to enable the SSH service for LAN interface as by default
 it's enabled for WAN only.

Installing OpenWrt:
 With the vendor web UI install the OpenWrt factory image. Alternatively,
 ssh to the device and use sysupgrade -n from cli.

 Finalize by installing the OpenWrt sysupgrade image to get a fully
 functioning system.

Reverting to the vendor firmware:

 Boot with OpenWrt initramfs image
  - Remove volumes rootfs_0, rootfs and rootfs_data and create vendor
    volumes.

    ubirmvol /dev/ubi0 -n 2
    ubirmvol /dev/ubi0 -n 3
    ubirmvol /dev/ubi0 -n 4
    ubimkvol /dev/ubi0 -N rootfs_0 -S 990
    ubimkvol /dev/ubi0 -N rootfs_1 -S 990

 Power off and enter to the U-boot recovery to install the vendor
 firmware.

Known issues:
 - MACs for wifi are stored in currently unknown place but it seems
   to persist over power-off. They might be stored on the chip.

Signed-off-by: Mauri Sandberg <maukka@ext.kapsi.fi>
[rmilecki: try NVMEM for MACs]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-09-16 08:52:55 +02:00
David Bauer
9d663c7435 ucode: fix missing backslash
Fixes: ae42ecaad4 ("ucode: fix host installation")

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-09-15 03:30:06 +02:00
Robert Marko
a40c26ea4b ipq-wifi: update to Git HEAD (2024-09-14)
2ca41d755d93 qcn9074: add Linksys MX8500 BDF

Link: https://github.com/openwrt/openwrt/pull/16387
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-14 13:45:32 +02:00
Robert Marko
47370eb9ba ipq-wifi: update to Git HEAD (2024-09-13)
e5b7fb1c606d ipq8074: add Linksys MX8500 BDF

Link: https://github.com/openwrt/openwrt/pull/16382
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-13 22:17:35 +02:00
Konstantin Demin
844701f1c0 bpf-headers: fix llvm invocation
- specify CC target explicitly
- define KBUILD_SYM32=n to select "native" build format (if building with 64-bit arch)
- rewrap lines (for good)

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15702
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-13 12:20:01 +02:00
Daniel Golle
2f7369150b netifd: revert problematic ethtool hack
02aa43d Revert "system-linux: re-apply ethtool on phy attachment"

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-09-12 15:42:20 +02:00
Rosen Penev
0f347c8211 ct-bugcheck: use . for RELEASE
Adds compatibility for APK.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16355
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-12 11:49:43 +02:00
David Bauer
ae42ecaad4 ucode: fix host installation
The path for linking libucode.so was not specified for the ucode binary.
This breaks execution of ucode in the host context.

Signed-off-by: David Bauer <david.bauer@uniberg.com>
2024-09-11 00:37:34 +02:00
David Bauer
8d7676dfba treewide: update contact information
Change contact information of comitter as requested.

Reviewed-by: Sarah Mädel <openwrt@tbspace.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
2024-09-11 00:37:34 +02:00
John Crispin
0db6f9a856 uboot-mediatek: fix OpenWrt One NAND size
The final version of the PCB has 256MB NAND instead of 128MB.

Signed-off-by: John Crispin <john@phrozen.org>
2024-09-10 17:23:04 +02:00
John Crispin
28d8f33925 uboot-envtools: add support for OpenWrt One
Signed-off-by: John Crispin <john@phrozen.org>
2024-09-10 17:23:04 +02:00
Tianling Shen
89b1d0ed9c uboot-rockchip: sort build target alphabetically
move nanopc-t6 recipes above rock 5b.

Fixes: 9482341a47 ("rockchip: add support for nanopc t6")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16340
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-08 18:31:11 +02:00
George Witt
9b33645566 ipq807x: add support for TP-Link EAP660 HD v1
Specifications:
* SoC: Qualcomm IPQ8072A (64-bit Quad-core Arm Cortex-A53 @ 2200MHz)
* Memory: 2x ESMT M15T4G16256A-DEBG2G (1 GiB DDR3-1866 13-13-13)
* Serial Port: 3v3 TTL 115200n8
* Wi-Fi: QCN5054 (4x4 5 GHz 802.11ax)
* Wi-Fi: QCN5024 (4x4 2.4 GHz 802.11b/g/n/ax)
* Ethernet: QCA8081 (10/100/1000/2.5GBASE-T)
* Flash: Winbond W29N01HZSINF (128 MiB)
* LEDs: 1x Blue Status (GPIO 42 Active High)
* Buttons: 1x Reset (GPIO 50 Active Low)

Installation Instructions (Serial+TFTP):
1. Solder 4 pin header to JP1 and bridge pads of R58 and R62.
2. Connect 3V3 TTL port to TX, RX, and GND, which are positions 1, 2,
   and 3 respectively. Be sure to crossover TX and RX.
3. Copy RAM firmware image
   openwrt-qualcommax-ipq807x-tplink_eap660hd-v1-initramfs-uImage.itb
   to TFTP server root, available at 192.168.10.1.
4. Connect PoE ethernet cable to the RJ45 port and hold Ctrl+B in the
   serial console (115200 baud) until autoboot is halted.
5. Run the following commands in the U-boot prompt:
   # tftpboot 0x44000000 openwrt-qualcommax-ipq807x-tplink_eap660hd-v1-initramfs-uImage.itb
   # bootm
   You may need to type Ctrl+C and Enter before running these commands
   to clear invisible characters from the buffer.
6. Run the following command in a terminal to copy the sysupgrade image
   to be installed (check IP address):
   $ scp openwrt-qualcommax-ipq807x-tplink_eap660hd-v1-squashfs-sysupgrade.bin root@192.168.1.1:/tmp/
7. Activate the OpenWrt serial console and run the following commands:
   # cd /tmp
   # sysupgrade -n openwrt-qualcommax-ipq807x-tplink_eap660hd-v1-squashfs-sysupgrade.bin
8. The AP will reboot and OpenWrt will be successfully installed.

Signed-off-by: George Witt <george.witt@nltsproject.org>
Link: https://github.com/openwrt/openwrt/pull/15832
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-08 12:01:19 +02:00
Rosen Penev
fe6c079681 uboot-laniq: fix compilation with GCC14
GCC errors on returning int in void function now.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16348
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-08 11:49:20 +02:00
Ivan Pavlov
62d3773bf1 openssl: update to 3.0.15
OpenSSL 3.0.15 is a security patch release. The most severe CVE fixed in this release is Moderate.

This release incorporates the following bug fixes and mitigations:

  * Fixed possible denial of service in X.509 name checks (CVE-2024-6119)

  * Fixed possible buffer overread in SSL_select_next_proto() (CVE-2024-5535)

Added github releases url as source mirror

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16332
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 23:44:56 +02:00
Ivan Pavlov
2b2a98b3eb uboot-envtools: add u-boot system env config for Xiaomi Redmi AX6S
Adds u-boot config for access to system env variables on this board

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16312
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 23:40:04 +02:00
Christian Svensson
01ae39a0b2 wireguard-tools: accept iproute2 as dependency
If the user has ip-tiny or ip-full installed there is no need to depend on
BusyBox having any form of `ip` or `ip link` applets.

Signed-off-by: Christian Svensson <blue@cmd.nu>
Link: https://github.com/openwrt/openwrt/pull/16062
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 23:35:02 +02:00
Gioacchino Mazzurco
d760576132 hostapd: ensure that interface name is not null
Include hotfix suggested by Sebastian Gottschall to fix bug introduced
with APuP patchset

Signed-off-by: Gioacchino Mazzurco <gio@polymathes.cc>
Link: 0c3001a69e
Link: https://github.com/openwrt/openwrt/pull/16298
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 22:42:42 +02:00
Rosen Penev
4b7e7046ba ltq-ptm: propagate reset errors to probe
Instead of avoiding returning, propagate error so that the kernel
infrastructure can handle it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16262
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 22:23:16 +02:00
Rosen Penev
42a763ef04 ltq-atm: propagate EPROBE_DEFER to probe
Instead of ignoring errors, let the linux infrastructure handle it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16262
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 22:23:15 +02:00
Felix Fietkau
a1c7f794da mt76: update to Git HEAD (2024-09-05)
5c5e685eb028 wifi: mt76: mt7915: improve hardware recovery
a897606f7c26 wifi: mt76: mt76x0: fix locking regression
65cc3daf2a33 wifi: mt76: support per-band MAC addresses from OF child nodes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-05 15:12:33 +02:00
Felix Fietkau
e7ea93e1e3 netifd: update to Git HEAD (2024-09-05)
61c606d6e66b device: simplify external device settings handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-05 10:16:19 +02:00
Eric Long
21b155e0ff bpftool: add host build
Besides probing BPF information in running system, bpftool is also used in
generating skeleton, dumping BTF, etc. that is widely used in modern BPF
development. Make it available as a host tool so that we can use it in
package build.

Tested build targeting malta/le on Arch Linux x86_64. bpftools currently
does not support processing cross-endian BPF objects, so big-endian host
is needed to build for big-endian targets using bpftools.

Signed-off-by: Eric Long <i@hack3r.moe>
Link: https://github.com/openwrt/openwrt/pull/16122
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-04 00:06:34 +02:00
Felix Fietkau
2bec6f48e6 netifd: update to Git HEAD (2024-09-03)
480551a3adc4 interface: add support for disabling renew on topology change
b7b294266781 device: add more debugging code
595094f5c213 device: do not pull device present state from hotplug events
4e11e52e9b98 main: add messages to udebug regardless of their log level
091d063f4a9d wireless: handle link updates even if devices are present already
a8e90853c936 interface: improve hotplug handling reliability
cdb41673ceea device: remove redundant newlines from debug messages
cd2a7964f2c0 device: revert to explicit device_set_present calls

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-03 15:14:42 +02:00
Felix Fietkau
bc2e5f10d4 uboot-mediatek: add missing dependency for mt7988_rfb-spim-nand
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-02 12:42:05 +02:00
Felix Fietkau
978aa43e55 uboot-mediatek: fix build error on mt7981-rfb and openwrt-one
Remove an unnecessary config option that was breaking the build

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-02 12:42:05 +02:00
Felix Fietkau
cb44f7ce3b uboot-mediatek: fix broken patch
Add missing --- line

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-02 12:42:05 +02:00
Jan Hoffmann
cf6d52f45a ltq-vdsl-vr11-app: perform orderly shutdown on exit
Try to do a clean disconnection via L3 request before the connection is
stopped.

Because this might take up to 6 seconds (the driver does 3 attempts with
a timeout of 2 seconds each), a termination timeout needs to be defined
in the init script.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
23826115e1 ltq-vdsl-vr11-app: always disconnect on exit
Move the code for disconnection on exit to a separate function, and also
call it in the code paths for SIGINT and the "quit" CLI command.

While at it, make the patch description a bit clearer.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
663389c4cf ltq-vdsl-vr9-app: always disconnect on exit
Move the code for disconnection on exit to a separate function, and also
call it in the code path for the "quit" CLI command.

While at it, make the patch description a bit clearer.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
a78ad43d1d ltq-vdsl-vr11-app: fix error handling during disconnection
Use the correct return value in error message.

Fixes: 6e4c9738be ("ltq-vdsl-vr11-app: add version 4.23.1 for vr11 targets")
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
df6284b079 ltq-vdsl-vr9-app: fix error handling during disconnection
Use the correct return value in error message.

Fixes: 1daaef31b3 ("ltq-vdsl-app: disconnect when service is stopped")
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Florian Eckert
378272f0a4 kernel: modules: usb: remove deprecated Kconfig option CONFIG_USB_XHCI_HCD_DEBUGGING
The Kconfig option 'CONFIG_USB_XHCI_HCD_DEBUGGING' has been removed with the
following commit upstream in the Linux kernel.

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=b2497509df002e9a09c8550cd0ecd2f77c9640d8

This Kconfig option is therefore no longer valid for the kernel version
6.6 and could be removed.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-08-31 19:28:04 +02:00
Paweł Owoc
2c48cda28b uboot-envtools: ath79: add Belkin F9K1115v2/F9J1108v2 u-boot env support
Add support for Belkin F9K1115v2/F9J1108v2 u-boot env

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16033
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-30 00:43:58 +02:00
Matthias Schiffer
9bbaa6f2c0
base-files: fix merge of passwd/shadow/group lines with trailing colons
Empty trailing fields get lost when the lines are split and merged again
at colons, resulting in unparsable entries. Only use the split fields for
matching against the other file, but emit the original line unchanged
to fix the issue.

Fixes: de7ca7dafa ("base-files: merge /etc/passwd et al at sysupgrade config restore")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2024-08-29 21:07:15 +02:00
Til Kaiser
f1812d5901 kernel: netdevices: adjust mlxsw network drivers
* Adds the x86_64 dependency for mlxsw_core

* Removes the redundant mlxsw_core dependency
from mlxsw-minimal and mlxsw-spectrum

* Removes the DCB configuration symbols because
they were moved into the generic configuration

Signed-off-by: Til Kaiser <mail@tk154.de>
Link: https://github.com/openwrt/openwrt/pull/15362
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:39:48 +02:00
Til Kaiser
ababc2d0a7 linux-firmware: add firmware for all Mellanox Spectrum Switches
This commit adds the currently missing Mellanox
Spectrum-2, Spectrum-3, and Spectrum-4 firmware files.

Signed-off-by: Til Kaiser <mail@tk154.de>
Link: https://github.com/openwrt/openwrt/pull/15362
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:39:48 +02:00
Til Kaiser
ad3a7fc129 kernel: modules: add x86 dependency for leds-mlxcpld
This commit adds the missing x86 dependency for
the Mellanox mlxcpld LED driver.

Signed-off-by: Til Kaiser <mail@tk154.de>
Link: https://github.com/openwrt/openwrt/pull/15362
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:39:48 +02:00
FUKAUMI Naoki
61878706f9 rockchip: add support for Radxa ROCK 3B
Radxa ROCK 3B is a Pico-ITX form factor SBC[1] using the Rockchip
RK3568(J).

Hardware
--------
- Rockchip RK3568(J) SoC
- Quad A55 CPU
- Mali-G52 GPU
- 1 TOPS @ INT8 NPU
- 2GB/4GB/8GB LPDDR4 RAM
- eMMC connector
- Micro SD Card slot
- NVMe SSD through the M.2 M Key (2-lane PCIe 3.0)
- SPI Flash for bootloader
- 2x Gigabit ethernet port (one supports PoE with add-on PoE HAT)
- 1x M.2 E Key socket with SDIO, UART and USB interfaces
- 1x M.2 B Key socket with PCIe, SATA, and USB interfaces
- 1x SIM card socket
- 1x USB 3.0 Type-A HOST port
- 1x USB 3.0 Type-A OTG port
- 2x USB 2.0 Type-A HOST ports
- 40 Pin GPIO header

[1] https://radxa.com/products/rock3/3b

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16185
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:16:26 +02:00
FUKAUMI Naoki
59fc334ed0 rockchip: add support for Radxa ZERO 3E and 3W
Radxa ZERO 3E and 3W are light, compact and tiny SBC[1][2] using the
Rockchip RK3566.

Hardware
--------
- Rockchip RK3566 SoC
- Quad A55 CPU
- Mali-G52-2EE GPU
- 1 TOPS @ INT8 NPU
- 1GB/2GB/4GB/8G LPDDR4 RAM
- Optional 8GB/16GB/32GB/64GB eMMC (3E)
- Micro SD Card slot
- 1x Gigabit ethernet port (supports PoE with add-on PoE HAT) (3E)
- WiFi6/BT5.4 (3W) (not supported yet on OpenWrt)
- 1x USB 3.0 Type-C HOST port
- 1x USB 2.0 Type-C OTG port
- Optional 40 Pin GPIO header

[1] https://radxa.com/products/zeros/zero3e
[2] https://radxa.com/products/zeros/zero3w

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16185
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:16:26 +02:00
FUKAUMI Naoki
8384c6d796 rockchip: add support for Radxa ROCK 3C
Radxa ROCK 3C is a high-performance, low-cost SBC[1] using the
Rockchip RK3566.

Hardware
--------
- Rockchip RK3566 SoC
- Quad A55 CPU
- Mali-G52-2EE GPU
- 1 TOPS @ INT8 NPU
- 1GB/2GB/4GB LPDDR4 RAM
- eMMC connector
- Micro SD Card slot
- NVMe SSD through the M.2 M Key connector(2230) or M.2 Extension
  board(2232/2260/2280)
- SATA through the Radxa Penta SATA HAT
- 1x Gigabit ethernet port(supports PoE with add-on PoE HAT)
- WiFi6/BT5.4 (not supported yet on OpenWrt)
- 1x USB 3.0 Type-A HOST port
- 2x USB 2.0 Type-A HOST ports
- 1x USB 2.0 Type-A OTG port
- 40 Pin GPIO header

[1] https://radxa.com/products/rock3/3c

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16185
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:16:26 +02:00
FUKAUMI Naoki
e231cdd0c6 uboot-rockchip: renumber patches
renumber patches for upcoming new device support

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16185
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-29 20:16:26 +02:00
Daniel Golle
e64b92c63b uboot-mediatek: detect rootdisk on MT7981
Set /chosen/rootdisk according to boot_mode register, similar to
MT7986.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-28 15:11:51 +01:00
Sarah Maedel
8de185a176 hostapd: fix anqp_3gpp_cell_net list delimiter
This patch fixes the list delimiter between 3GPP networks
passed to hostapd.

> list iw_anqp_3gpp_cell_net '262,001'
> list iw_anqp_3gpp_cell_net '262,002'

When passing a list of "iw_anqp_3gpp_cell_net" parameters via UCI,
hostapd would crash at startup:
> daemon.err hostapd: Line 73: Invalid anqp_3gpp_cell_net: 262,001:262,002

Using a semicolon as a delimiter, hostapd will start as expected.

Signed-off-by: Sarah Maedel <git@tbspace.de>
2024-08-28 11:57:23 +02:00
David Bauer
ebe7c5f1a3 uqmi: update to latest HEAD
28b48a1 uim: add support for ICC communication channel
f582e00 qmi: fix dynamic array macro
d381f80 data: add support for ICC channel

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-08-25 23:25:45 +02:00
Felix Fietkau
ecfb095866 mt76: update to Git HEAD (2024-08-25)
dbc9b0df7c01 linux-firmware: update firmware for MT7996
4e8167b94175 wifi: mt76: connac: fix checksum offload fields of connac3 RXD
084eaaf4792e wifi: mt76: mt7915: fix sta poll list corruption on hw restart
aea16bfe8d50 firmware: update MT7981 firmware to version 20240507201102
65bbd4c394a9 firmware: update MT7986 firmware to version 20240507160203
1f4ac8faa529 wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac
b76f16ea6521 wifi: mt76: mt7915: improve hardware restart reliability
e6afe9218a27 wifi: mt76: mt7915: fix unused variable error
d6611d015efd firmware: update mt7916/mt7981/mt7986 firmware to version 20240823
ddeb304aae6d wifi: mt76: mt7921: fix wrong UNII-4 freq range check for the channel usage
904ef52a8d04 wifi: mt76: mt7996: fix uninitialized TLV data

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-08-25 21:24:44 +02:00
Petr Štetiar
0e8b701794 ustream-ssl: update to Git HEAD (2024-07-28)
99bd3d2b167c ustream-openssl: fix compilation with OPENSSL_NO_DEPRECATED

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Link: https://github.com/openwrt/openwrt/pull/16020
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 17:27:32 +02:00
Goetz Goerisch
3774f3272e treewide: rename ZyXEL to Zyxel
The company Zyxel rebranded some years ago.
Currently the casing is according to the old branding even
for newer devices which already use the new branding.

This commit aligns the casing of Zyxel everywhere.

Signed-off-by: Goetz Goerisch <ggoerisch@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15652
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 15:08:25 +02:00
FUKAUMI Naoki
eae339fa72 uboot-rockchip: fix model name for Radxa ROCK 3A, 5A, and 5B
This patch fixes model name in dts as below:

Radxa ROCK3 model A  -> Radxa ROCK 3A
Radxa ROCK 5 model A -> Radxa ROCK 5A
Radxa ROCK 5 model B -> Radxa ROCK 5B

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16232
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 14:46:27 +02:00
Rosen Penev
7a7ea98400 trace-cmd: update to 3.3
Use local tarballs instead of upstream generated ones. Smaller.

Fix version to be compatible with apk.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16219
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-24 21:26:55 +02:00
Carsten Schuette
57c600dc27 dnsmasq: Add EDNS0 Upstream support
Forward client mac address and subnet on dns queries. Pi-hole and Adguard use this feature to send the originators ip address/subnet so it can be logged and not just the nat address of the router. This feature has been added since version 2.56 of dnsmasq and would be nice to expose this feature in openwrt.

Signed-off-by: Carsten Schuette <schuettecarsten@googlemail.com>
Link: https://github.com/openwrt/openwrt/pull/15965
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-24 21:25:17 +02:00
Daniel Pawlik
b68e34c837 mt76: Change AutoLoad macro call for mt7925e and mt7925u
There was a typo done for mt7925e and mt7925u in the KernelPackage
definitions, which caused the system to load the wrong kernel modules.

Signed-off-by: Daniel Pawlik <pawlik.dan@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16236
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 15:10:39 +02:00
xiaobo tian
9482341a47 rockchip: add support for nanopc t6
SoC: Rockchip RK3588
CPU: Quad-core ARM Cortex-A76(up to 2.4GHz) and quad-core Cortex-A55 CPU (up to 1.8GHz)
GPU: Mali-G610 MP4, compatible with OpenGLES 1.1, 2.0, and 3.2, OpenCL up to 2.2 and Vulkan1.2
VPU: 8K@60fps H.265 and VP9 decoder, 8K@30fps H.264 decoder, 4K@60fps AV1 decoder, 8K@30fps H.264 and H.265 encoder
NPU: 6TOPs, supports INT4/INT8/INT16/FP16
RAM: 64-bit 4GB/8GB/16GB LPDDR4X at 2133MHz
Flash: 32GB/64GB/256GB eMMC, at HS400 mode
microSD: support up to SDR104 mode
Ethernet: 2x PCIe 2.5G Ethernet

Signed-off-by: xiaobo tian <peterwillcn@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16158
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:55:02 +02:00
Daniel Pawlik
da502be941 mt76: Add firmware files into mt7925-firmware package
The firmware binaries were missing in kmod-mt7925-firmware package.

Signed-off-by: Daniel Pawlik <pawlik.dan@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16239
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:50:20 +02:00
Johannes Truschnigg
b6ac37110f linux-firmware: add Intel CPU-integrated GPU (iGPU) firmware
On latest Intel x86 CPUs, DMC firmware is required for the iGPU to reach
its lowest power states. If the driver cannot load it, it will print a
warning and unnecessarily make the iGPU draw a bit more power when idle.

GUC firmware (various "offload" mechanisms that deal with scheduling GPU
workloads) and HUC firmware (required for accelerated media codec
operations for HEVC/H.265) are probably more niche, but could also
provde useful for some - for example, when building an
Intel/OpenWrt-based security camera.

Signed-off-by: Johannes Truschnigg <johannes@truschnigg.info>
Link: https://github.com/openwrt/openwrt/pull/16069
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:46:28 +02:00
Rosen Penev
5d107bbbbb tmon: make version apk compatible
No need to override version.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-08-22 17:53:28 +02:00
Felix Fietkau
580ad3e6bb mt76: update to Git HEAD (2024-08-21)
5c9fbdd64313 wifi: mt7915: fix wcid allocation leak
d547c25cabab wifi: mt76: mt7915: fix last argument to mt7915_mcu_add_sta
caed4843c5cd wifi: mt76: fix station muar index
3cd1c1740280 wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker
a5e630ef458c wifi: mt76: mt7916: fix regression in .sta_state migration

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-08-21 16:52:07 +02:00
Tianling Shen
ea249af456 uboot-rockchip: add ROCK 5B support
Add support for the Radxa ROCK 5B board.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16149
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-21 00:10:47 +02:00
Tianling Shen
d44fcee73c uboot-rockchip: add ROCK 5A support
Add support for the Radxa ROCK 5A board.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16149
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-21 00:10:47 +02:00
Mark Mentovai
1310e4f1ae failsafe: fix console failsafe shell
When running a failsafe shell on a console, job control was unavailable,
and ^C did not function correctly.

This change invokes console failsafe shells via `setsid`, making them
session leaders and allowing them to claim controlling terminals, which
makes job control function properly. To support this, the busybox
`setsid` utility is enabled. This has a minimal 149-byte size impact on
a test x86_64 squashfs rootfs image.

^C was ignored in subprocesses of failsafe shells: it was not possible
to ^C out of a program that would not exit on its own, such as many
typical `ping` invocations. As job control was unavailable, it was not
possible to suspend these subprocesses either, causing a hung program to
tie up a console indefinitely, unless another means to signal the
program was available. This was caused by SIGINT being placed at
disposition SIG_IGN by the shell running preinit, which it did because
the console shell was executed asynchronously with &. That disposition
was inherited by the console shell and its subprocesses, generally
causing ^C to have no effect.

As there is no way in busybox `ash` to reset the disposition of a signal
already ignored at shell entry, and no apparent way to avoid SIGINT
being placed at SIG_IGN when & is used in preinit, an alternative
construct is needed. Now, `start-stop-daemon` is used to start (-S) the
console failsafe shell in the background (-b). This approach does not
alter SIGINT, allowing the console shell to be started with that
signal's handling intact, and normal ^C processing to occur.

busybox `ash` has some behaviors conditional on SHLVL, and while the
console shells ought to run at SHLVL=1, they were not by virtue of being
started by the shell-based preinit system. Additionally, a variety of
detritus was present in the console shell's environment, carried over
from preinit. These conditions are corrected by running the console
shell via `env -i` to clear the environment and establish a minimum and
correct set of environment variables for operation, in the same manner
as `login`. HOME is not explicitly set, because it's addressed in
/etc/profile. For non-failsafe console shells when
system.@system[0].ttylogin = 0, `login -f root` achieves a similar
effect. (`login` already started non-failsafe console shells when
ttylogin = 1 and behaved correctly. This brings the ttylogin = 0 case to
parity.) Note that even `login -f` is somewhat undesirable for failsafe
shells because it requires a viable /etc/passwd, hence the `env -i`
construct in that case.

The TERM environment variable from the preinit environment, with value
"linux", would rarely be correct for serial consoles. Now, the preinit
TERM value is preserved (or set to "linux" if unset) only when the
console is /dev/console or /dev/tty[0-9]*. Otherwise, it will be set to
a safe default appropriate for serial consoles, "vt102", as used for
serial consoles by busybox init. This "linux"/"vt102" TERM setting is
also duplicated for non-failsafe console shells.

This also indicates failsafe mode by showing "- failsafe -" on all
consoles (not just the last-defined one). It sets a hostname of
"OpenWrt-failsafe" in failsafe mode which is rendered in the shell's
prompt as a reminder of the mode during interactive failsafe use.
Previously, no hostname was set, which resulted in the kernel-default
hostname, "(none)", appearing in failsafe shell prompts.

Signed-off-by: Mark Mentovai <mark@mentovai.com>
Link: https://github.com/openwrt/openwrt/pull/16113
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-19 18:55:00 +02:00
Matt Eaton
60951f0515 xfrm: remove requirement for underlying device
Since kernel 5.3, phydev (dev) is no longer required

   torvalds/linux@22d6552

Signed-off-by: Matt Eaton <git@divinehawk.com>
Link: https://github.com/openwrt/openwrt/pull/16046
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-19 18:49:49 +02:00
Sylvain Monné
88186c85f9 uhttpd: restart daemon if certificate has changed
Fixes #16075

When the SSL certificate used by uhttpd has been changed, calling
`/etc/init.d/uhttpd reload` will now have the effect of restarting the
daemon to make the change effective.

Signed-off-by: Sylvain Monné <sylvain@monne.contact>
Link: https://github.com/openwrt/openwrt/pull/16076
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-19 18:46:08 +02:00
Álvaro Fernández Rojas
5d2a008670 kernel: r8126: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-08-18 19:57:47 +02:00
Álvaro Fernández Rojas
a57a3e5cc5 kernel: r8125: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-08-18 19:57:41 +02:00
Álvaro Fernández Rojas
2f846a3315 kernel: r8168: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-08-18 19:57:36 +02:00
Álvaro Fernández Rojas
fe0240f27e kernel: r8101: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-18 19:31:55 +02:00
Álvaro Fernández Rojas
8d9893ff34 kernel: r8126: ignore the rss rxnfc log
This log is noisy and useless, just ignore it.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-08-18 11:38:40 +02:00
Chukun Pan
2fd0102cc3 kernel: r8125: ignore the rss rxnfc log
This log is noisy and useless, just ignore it.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-08-18 11:38:40 +02:00
Felix Fietkau
8d25723865 mt76: update to Git HEAD (2024-08-18)
0ac3041a9ac8 wifi: mt76: fix off-channel wcid pending queue handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-08-18 09:55:46 +02:00
Álvaro Fernández Rojas
b72c4b5386 package: add kmod-r8101 ethernet driver
r8101 is an out of tree driver provided by Realtek for RTL8101 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-16 20:40:34 +02:00
Álvaro Fernández Rojas
8208d36220 kernel: r8168/r8125/r8126: update PKG_SOURCE_URL
r8168, r8125 and r8126 have been transferred from https://github.com/noltari to
https://github.com/openwrt.
The old URL should still work after the transfer, but let's update it anyway.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-16 20:37:41 +02:00
Felix Fietkau
20bf5f35e7 mt76: update to Git HEAD (2024-08-16)
58d187e4a97c wifi: mt76: mt792x: add struct mt792x_bss_conf
eb278f9863be wifi: mt76: mt792x: add struct mt792x_link_sta
156bd77d3264 wifi: mt76: mt792x: add struct mt792x_chanctx
017001536f34 wifi: mt76: mt7925: support for split bss_info_changed method
f6979f7bac2d wifi: mt76: mt792x: extend mt76_connac_mcu_uni_add_dev for per-link BSS
a72414b0929b wifi: mt76: mt7925: extend mt7925_mcu_set_tx with for per-link BSS
ccc741182b32 wifi: mt76: mt7925: extend mt7925_mcu_add_bss_info for per-link BSS
a6072c1cb337 wifi: mt76: mt7925: extend mt7925_mcu_set_timing for per-link BSS
8bc843c9a1bc wifi: mt76: mt7925: extend mt7925_mcu_bss_ifs_tlv for per-link BSS
57770675f269 wifi: mt76: mt7925: extend mt7925_mcu_bss_color_tlv for per-link BSS
69cbc0f03c2e wifi: mt76: mt7925: extend mt7925_mcu_bss_he_tlv for per-link BSS
36712505c8c6 wifi: mt76: mt7925: extend mt7925_mcu_bss_qos_tlv for per-link BSS
5399d0439cc6 wifi: mt76: mt7925: extend mt7925_mcu_bss_mld_tlv for per-link BSS
92abc8b3efb4 wifi: mt76: mt7925: extend mt7925_mcu_bss_bmc_tlv for per-link BSS
cca65ef81a47 wifi: mt76: mt7925: remove unused parameters in mt7925_mcu_bss_bmc_tlv
7a4997a2fc70 wifi: mt76: mt7925: extend mt7925_mcu_bss_sec_tlv for per-link BSS
eafc690d3e00 wifi: mt76: mt7925: extend mt7925_mcu_bss_basic_tlv for per-link BSS
a215af375b85 wifi: mt76: mt7925: extend mt7925_mcu_set_bss_pm for per-link BSS
b310e0dd4245 wifi: mt76: mt7925: extend mt7925_mcu_[abort, set]_roc for per-link BSS
b71940427ae7 wifi: mt76: mt7925: extend mt7925_mcu_uni_bss_bcnft for per-link BSS
4e2eadef7d59 wifi: mt76: mt7925: extend mt7925_mcu_uni_bss_ps for per-link BSS
0bec7c7124f7 wifi: mt76: mt7925: add mt7925_mcu_bss_rlm_tlv to constitue the RLM TLV
21d15e680a6d wifi: mt76: mt7925: mt7925_mcu_set_chctx rely on mt7925_mcu_bss_rlm_tlv
63e0bb14bd71 wifi: mt76: mt7925: extend mt7925_mcu_sta_update for per-link STA
f5a819c97e71 wifi: mt76: mt7925: extend mt7925_mcu_sta_state_v2_tlv for per-link STA
737235764c4c wifi: mt76: mt7925: extend mt7925_mcu_sta_rate_ctrl_tlv with per-link STA
a59201b4f003 wifi: mt76: mt7925: extend mt7925_mcu_sta_eht_tlv for per-link STA
25e12096e568 wifi: mt76: mt7925: extend mt7925_mcu_sta_he_6g_tlv for per-link STA
5e326a87bc46 wifi: mt76: mt7925: extend mt7925_mcu_sta_he_tlv for per-link STA
5c21555c6c79 wifi: mt76: mt7925: extend mt7925_mcu_sta_amsdu_tlv for per-link STA
d5bb9a9e735c wifi: mt76: mt7925: extend mt7925_mcu_sta_vht_tlv for per-link STA
a9e4e795652c wifi: mt76: mt7925: extend mt7925_mcu_sta_ht_tlv for per-link STA
daccf349f24f wifi: mt76: mt7925: extend mt7925_mcu_sta_phy_tlv for per-link STA
454b8f332428 wifi: mt76: mt7925: extend mt7925_get_phy_mode_ext for per-link STA
54dad0c287a5 wifi: mt76: mt7925: extend mt7925_get_phy_mode for per-link STA
c7248fea9557 wifi: mt76: mt792x: extend mt76_connac_get_phy_mode_v2 for per-link STA
afe6c142b1ee wifi: mt76: mt762x: extend mt76_connac_mcu_sta_basic_tlv for per-link STA
bb8bc43f3400 wifi: mt76: mt7925: extend mt7925_mcu_sta_hdr_trans_tlv for per-link STA
92262378ae20 wifi: mt76: mt7925: extend mt7925_mcu_add_bss_info for per-link STA
371667695674 wifi: mt76: mt7925: extend mt7925_mcu_bss_mld_tlv for per-link STA
990e9c62a7f2 wifi: mt76: mt7925: extend mt7925_mcu_bss_basic_tlv for per-link STA
070efb705591 wifi: mt76: mt7925: add mt7925_mac_link_sta_add to create per-link STA
90a7976363a7 wifi: mt76: mt7925: add mt7925_mac_link_sta_assoc to associate per-link STA
8695a2500bbd wifi: mt76: mt7925: add mt7925_mac_link_sta_remove to remove per-link STA
ac251c6d65e1 wifi: mt76: mt7925: add mt7925_mac_link_bss_add to create per-link BSS
f4f4e3238dc1 wifi: mt76: mt7925: add mt7925_mac_link_bss_remove to remove per-link BSS
64378d3a036e wifi: mt76: mt7925: simpify mt7925_mcu_sta_cmd logic by removing fw_offload
436e75a67e40 wifi: mt76: mt7925: update mt76_connac_mcu_uni_add_dev for MLO
aa913a43f20c wifi: mt76: mt7925: update mt7925_mac_link_sta_[add, assoc, remove] for MLO
74d518be9812 wifi: mt76: mt7925: set Tx queue parameters according to link id
94e751a0f549 wifi: mt76: mt7925: set mt7925_mcu_sta_key_tlv according to link id
15054d71a61a wifi: mt76: mt7925: add mt7925_set_link_key
41e7149458ef wifi: mt76: mt7925: extend mt7925_mcu_uni_roc_event
56064fc172b7 wifi: mt76: mt7925: add mt7925_change_vif_links
74138b229be6 wifi: mt76: mt7925: add mt7925_change_sta_links
6f628298f9ae wifi: mt76: mt7925: add link handling in mt7925_mac_sta_add
79f3aaf2765a wifi: mt76: mt7925: add link handling in mt7925_mac_sta_remove
950578348506 wifi: mt76: mt7925: add link handling to txwi
b6a07bce6000 wifi: mt76: mt7925: add link handling in mt7925_set_key
f1a7ab0544ae wifi: mt76: mt7925: add link handling to mt7925_change_chanctx
14d2ae0cdf16 wifi: mt76: mt7925: add link handling in the BSS_CHANGED_PS handler
f68bdb9b9d64 wifi: mt76: mt7925: add link handling in mt7925_mcu_set_beacon_filter
18ee40e548d1 wifi: mt76: mt7925: add link handling in mt7925_txwi_free
415503c237cf wifi: mt76: mt7925: add link handling in mt7925_mac_sta_assoc
6dfcb265aa97 wifi: mt76: mt7925: add link handling in mt7925_sta_set_decap_offload
18471bb0d671 wifi: mt76: mt7925: add link handling in mt7925_vif_connect_iter
ac8ab0853432 wifi: mt76: mt7925: add link handling in the BSS_CHANGED_ARP_FILTER handler
b14f7c02c79c wifi: mt76: mt7925: add link handling in the mt7925_ipv6_addr_change
6ebeb5f0150d wifi: mt76: mt7925: update rate index according to link id
ebd522981ba6 wifi: mt76: mt7925: report link information in rx status
2304e6146cf9 wifi: mt76: add def_wcid to struct mt76_wcid
1fc2bab3f510 wifi: mt76: mt7925: add mt7925_[assign,unassign]_vif_chanctx
2a23c1e5fef2 wifi: mt76: mt7925: update mt7925_mcu_sta_mld_tlv for MLO
2a226b8c06f7 wifi: mt76: mt7925: update mt7925_mcu_bss_mld_tlv for MLO
45df65348e26 wifi: mt76: mt7925: update mt7925_mcu_add_bss_info for MLO
7eb17943de6b wifi: mt76: mt7925: update mt7925_mcu_sta_update for MLO
d2b28297551e wifi: mt76: mt7925: add mt7925_mcu_sta_eht_mld_tlv for MLO
e385735a67a1 wifi: mt76: mt7925: update mt7925_mcu_sta_rate_ctrl_tlv for MLO
aedb640a90ad wifi: mt76: mt7925: update mt7925_mcu_sta_phy_tlv for MLO
6a3af6e618e4 wifi: mt76: mt7925: update mt7925_mcu_set_timing for MLO
783bb8314585 wifi: mt76: mt7925: update mt7925_mcu_bss_basic_tlv for MLO
17f5ef8058ef wifi: mt76: mt7925: update mt7925_mac_link_bss_add for MLO
94fe68018774 wifi: mt76: mt7925: remove the unused mt7925_mcu_set_chan_info
e0b4763428eb wifi: mt76: mt7925: enabling MLO when the firmware supports it
3a367258d9d6 wifi: mt76: mt792x: fix scheduler interference in drv own process
b6fd8fe5d260 wifi: mt76: mt7996: Use DECLARE_FLEX_ARRAY() and fix -Warray-bounds warnings
e25fb9a010f9 wifi: mt76: mt7921: add missing bss_conf vif init
6585a4353a51 wifi: mt76: mt7921: fix crash on ipv6 addr notification during vif bringup
fdba7f408873 wifi: mt76: fix mt76_get_rate
c13032ba4721 wifi: mt76: mt7915: always query station rx rate from firmware
d5286f465f83 wifi: mt76: connac: add support for IEEE 802.11 fragmentation
c4c66f6b119d wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation
b4da028f990a wifi: mt76: mt7915: fix rx filter setting for bfee functionality
6ccafa50c647 firmware: update firmware for MT7915 to 20240429200502
b80c997b3ff6 wifi: mt76: partially move channel change code to core
891031ee051d wifi: mt76: add separate tx scheduling queue for off-channel tx
4eea0786d83f wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable
e0a409af5526 wifi: mt76: mt7915: allocate vif wcid in the same range as stations
1305484d044a wifi: mt76: connac: add support for passing connection state directly
ea8c3eac128e wifi: mt76: change .sta_assoc callback to .sta_event
5af2f7c8e884 wifi: mt76: mt7915: use mac80211 .sta_state op
863b3a5f521e wifi: mt76: mt7915: set MT76_MCU_RESET early in mt7915_mac_full_reset
a1a65d860812 wifi: mt76: mt7915: retry mcu messages
362fec004cea wifi: mt76: mt7915: reset the device after MCU timeout
37955a4d08db wifi: mt76: mt7996: use hweight16 to get correct tx antenna
b980637b11e8 wifi: mt76: mt7996: fix traffic delay when switching back to working channel
a5aa259fb137 wifi: mt76: mt7996: fix wmm set of station interface to 3
8e2f906cb154 wifi: mt76: mt7996: advertize beacon_int_min_gcd
bf2eeec731c6 wifi: mt76: mt7996: fix HE and EHT beamforming capabilities
c2c6940e60c4 wifi: mt76: mt7996: set correct beamformee SS capability
5cf02b0a2682 wifi: mt76: mt7996: fix EHT beamforming capability check
4a90f927311c wifi: mt76: mt7996: set correct value in beamforming mcu command for mt7992
c4e34c8bb963 wifi: mt76: mt7996: fix handling mbss enable/disable
bb6a5dbbb7aa wifi: mt76: connac: add IEEE 802.11 fragmentation support for mt7996
437ec1b9e282 wifi: mt76: mt7996: set IEEE80211_KEY_FLAG_GENERATE_MMIE for other ciphers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-08-16 19:58:57 +02:00
Daniel Golle
1591e2d4cc arm-trusted-firmware-mediatek: build RAM boot images for MT7622
Build images for use with mtk_uartboot also for MT7622.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-16 13:17:55 +01:00
Daniel Golle
6347bf799a arm-trusted-firmware-mediatek: only build bl2 for RAM boot images
There is no need to build BL31 as anyway only the bl2 image is
relevant for use with mtk_uartboot. Build only bl2 in this case.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-16 13:17:55 +01:00
Roland Reinl
2fbffb3643 mediatek: Add support for Linksys EA7500 v3
Specification:
- MT7629 CPU
- MT7531 switch
- MT7761N and MT7762N wifi
- 256 MB RAM
- 128 MB NAND flash with dual-boot partitions
- 2 buttons: WPS and reset
- 1 WAN port (1G)
- 4 LAN ports (1G)
- 1 USB port

Limitations (same as other MT7629/MT7761N/MT7762N devices):
- Wifi is not working
- Second core is not working (kernel error message "CPU1: failed to come online")

Disassembly:
- There are two screws under the front rubber feet and two under the label on the bottom (in the corners towards the back, you should be able to feel them).

Serial Interface:
- UART pin header is already soldered on the board. Pinning from front to back:
1 - VCC
2 - TX
3 - RX
4 - n/a
5 - GND

GPIO:
- 1 white LED, connected to GPIO 52
- 1 reset button, connected to GPIO 60
- 1 WPS button, connected to GPIO 58

MAC Adresses:
- The MAC address printed on the device label is used for LAN and WAN
- The MAC address is stored in the devinfo partition in ASCII format (hw_mac_addr=aa:bb:cc:dd:ee)
- 2.4 GHz wifi uses MAC of the device label + 1
- 5 GHz wifi uses MAC of the device label + 2

Flashing:
- OpenWrt is only runnig in the first partition of dual boot
- To ensure to be able to go back to the factory image, flash the last OEM firmware via OEM web interface. This will ensure that the OEM firmware is present on both partitions
- Because of dual boot partitions, flashing via OEM interface is not supported
- Start a TFTP server and provide the initramfs image. Default settings:
  - Router IP: 192.168.1.1
  - TFTP server IP: 192.168.1.100
  - TFTP file name: 7531.bin
- Open the device, connect UART and select " 1. System Load Linux to SDRAM via TFTP." during startup
- Adapt the settings to your environment, if required
- After initramfs is booted, flash the sysupgrade image

Return to OEM firmware:
- Run the following commands in OpenWrt to switch to the second partition
  fw_setenv boot_part 2
  fw_setenv bootimage 2
- Reboot the device. OEM firmware will start up again

Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16067
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-15 00:13:20 +02:00
Antonio Flores
63412038dc mac80211: add rtw89 driver
This commits adds the RTW89 driver from Realtek.
Supports the Realtek 8851BE/8852AE/8852BE/8852CE PCIe wireless chips.

Signed-off-by: Antonio Flores <antflores627@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16131
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-14 23:26:26 +02:00
Hannu Nyman
0b7d99147b uhttpd: Decrease the default validity time of certificate
The recommended maximum validity period is currently 397 days
and some browsers throw warning with longer periods.

Reference to
https://cabforum.org/working-groups/server/baseline-requirements/
 6.3.2 Certificate operational periods and key pair usage periods
 Subscriber Certificates issued on or after 1 September 2020
 SHOULD NOT have a Validity Period greater than 397 days and
 MUST NOT have a Validity Period greater than 398 days.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/15366
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-13 21:07:13 +02:00
Pat Fruth
db4e8ef952 uhttpd: Include new extensions in uhttpd self-signed certs
The introduction of MacOS Catalina includes new requirements for self-signed certificates.
See: https://support.apple.com/en-us/HT210176
These new requirements include the addition of two TLS server certificate extensions.
- extendedKeyUsage
- subjectAltName
The extendedKeyUsage must be set to serverAuth.
The subjectAltName must be set to the DNS name of the server.
In the absense of these new extensions, when the LUCI web interface is configured to use HTTPS and
self-signed certs, MacOS user running Google Chrome browsers will not be able to access the LUCI web enterface.
If you are generating self-signed certs which do not include that extension, Chrome will
report "NET::ERR_CERT_INVALID" instead of "NET::ERR_CERT_AUTHORITY_INVALID".  You can click through to
ignore the latter, but not the former.

This change updates the uhttpd init script to generate self-signed cert that meets the new requirements.
Signed-off-by: Pat Fruth <pat@patfruth.com>
Link: https://github.com/openwrt/openwrt/pull/15366
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-13 21:07:13 +02:00
Hannu Nyman
efca89daef px5g-mbedtls: add subjectAltName and extendedKeyUsage to SSL certs
To better acommodate with the current browsers' requirements, also
self-signed certificates should have subjectAltName and
extendedKeyUsage defined in the self-signed x509 SSL certificates.

The following case sensitive options are now possible:
-addext subjectAltName=DNS:...
-addext subjectAltName=EMAIL:...
-addext subjectAltName=IP:...
-addext subjectAltName=URI:...
-addext extendedKeyUsage=serverAuth OR -addext extendedKeyUsage=any

Initial draft by Paul Donald <newtwen@gmail.com>

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/15366
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-13 21:07:13 +02:00
Marek Behún
ccc06f6716 firmware: omnia-mcu-firmware: Bump to 4.1
Bump `omnia-mcu-firmware` to version 4.1.

This version fixes the following issue on boards with GD32 MCU:
* the user has old GD32 MCU bootloader and application (version 2.0)
* the user upgraded MCU application firmware to newer version (from
  2.99 to 4.0)
* the user wants to upgrade application again, but it is impossible,
  because when MCU application firmware jumps into the old MCU
  bootloader firmware (2.0), the old bootloader firmware gets stuck in
  exception
* the user has to restart the board and upgrade the bootloader firmware
  first, which is not ideal, since if bootloader firmware upgrade is
  interrupted, the board gets bricked

Therefore the `omnia-mcutool` utility version 0.3-rc3 will refuse to
upgrade MCU application firmware to versions 2.99 to 4.0 if the MCU
bootloader firmware is at version 2.0.

For users to be able to upgrade MCU application firmware on GD32
boards, they will need this new 4.1 version.

Users that already upgraded the MCU application firmware to a version
version between 2.99 and 4.0 (using a previous version of the
`omnia-mcutool` utility) have no other choice but to upgrade MCU
bootloader firmware as well.

Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/16159
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-13 12:22:33 +02:00
Gioacchino Mazzurco
e80520197c hostapd: Add support for APuP
Add support for hostapd Access Point Micro Peering

Signed-off-by: Gioacchino Mazzurco <gio@polymathes.cc>
Link: https://gitlab.com/g10h4ck/hostap/-/commits/APuP
Link: https://github.com/openwrt/openwrt/pull/15442
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-13 00:28:32 +02:00
Vyacheslav Ivanov
7305bf616e uboot-envtools: Add support for Orange Pi R1 Plus & LTS
Add support this boards to envtools config
This commit integrates the latest changes from new U-Boot, which includes important updates to the DTSI files for the Orange Pi R1 Plus and Orange Pi R1 Plus LTS boards.

Signed-off-by: Vyacheslav Ivanov <islavaivanov76@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16090
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-12 21:00:36 +02:00
Hannu Nyman
879ee70ea4 ath10k-ct: bump to version 6.9
Use ath10k-ct 6.9 to better match mac80211 backports 6.9.x

Drop patch 010 that is merged upstream.
Add patch 001 to fix version to 6.9 (overlooked by upstream).
Refresh patches.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/16036
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-12 20:56:59 +02:00
Daniel Golle
74bf11570f base-files: get rid of forgotten traces of fitblk_get_bootdev
The function fitblk_get_bootdev doesn't exist any more, using it in
export_bootdevice anyway never made much sense and only worked for
classic block devices.
Just drop /dev/fit* handling there, it isn't needed anywhere.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-12 19:16:58 +01:00
Daniel Golle
c22ba7544e arm-trusted-firmware-mediatek: fix NAND read failure on SNFI
A bug has plagued bl2 which caused failure to boot and bricked Linksys
E8450 and Belkin RT3200 devices in case of correctable bitflips being
detected during a read operation. A simple logic error resulted in read
to be considered errornous instead of just continueing in case of
correctable bitflips.

Address this by importing a patch fixing that logic error.

The issue, which has been dubbed as the "OpenWrt Kiss of Death", and is
now a thing of the past.

Users should preemptively update bl2 to prevent their devices being at
risk.

Link: https://github.com/mtk-openwrt/arm-trusted-firmware/pull/11
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-12 11:31:37 +01:00
Ben Whitten
7ac6739a4c uboot-rockchip: add nanopi r6s rk3588s board support
Backporting support for the NanoPi R6S from upstream
uboot.

Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15607
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-11 18:56:27 +02:00
Ben Whitten
e6ffbcb2d2 uboot-rockchip: backport upstream dts sync
Upstream uboot have merged in kernel dts files, we need
the update for the rk3588 boards.

Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15607
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-11 18:56:27 +02:00
Ben Whitten
76071a8bb0 rkbin: add rk3588 support
Adding support for the rk3588 platform

Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15607
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-11 18:56:27 +02:00
Álvaro Fernández Rojas
bfeef9b3d7 kernel: r8126: add RSS variant
Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-11 15:51:37 +02:00
Álvaro Fernández Rojas
f063f4620c kernel: r8125: add RSS variant
Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-11 15:51:31 +02:00
Álvaro Fernández Rojas
1565eeda4e package: add kmod-r8168 ethernet driver
r8168 is an out of tree driver provided by Realtek for RTL8168 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-11 12:06:14 +02:00
Álvaro Fernández Rojas
ddb4070c96 package: add kmod-r8125 ethernet driver
r8125 is an out of tree driver provided by Realtek for RTL8125 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-10 20:39:59 +02:00
Álvaro Fernández Rojas
54623c6a1d package: add kmod-r8126 ethernet driver
r8126 is an out of tree driver provided by Realtek for RTL8126 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-10 20:36:31 +02:00
Joel Low
824f7ea52d uboot-envtools: add env settings for ubnt,unifi-6-lr-v3
Using the same configuration as my earlier Unifi 6-LRv2s:

```bash
$ cat /etc/fw_env.config
/dev/mtd3 0x0 0x1000 0x1000 1
$ fw_printenv
arch=arm
baudrate=115200
board=mt7622_evb
board_name=mt7622_evb
bootcmd=bootubnt
bootdelay=3
bootfile=uImage
cpu=armv7
device_model=U6-LR
ethact=mtk_eth
ethaddr=<redacted>
ipaddr=<redacted>
is_ble_stp=true
is_default=true
loadaddr=0x5007FF28
macaddr=<redacted>
serverip=<redacted>
soc=mt7622
stderr=serial
stdin=serial
stdout=serial
vendor=mediatek
```

Signed-off-by: Joel Low <joel@joelsplace.sg>
Link: https://github.com/openwrt/openwrt/pull/16127
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-10 18:02:27 +02:00
Paul Spooren
44b6df3184 sdk: fix APK key creation
The keys are created differently compared to the old OPKG keys. Instead
of being part of base-files/configure, they are created as a Makefile
requirement of `package/compile`, which is a cleaner solution.

This requirement would only be added to non SDK environments, however
APK always requires keys to be available. Add an `else` case for the SDK
and create keys.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-08-09 01:47:05 +02:00
Kristian Skramstad
d62648d58c qualcommax: ipq60xx: add support for Cambium Networks XE3-4
Cambium Networks XE3-4 is a tri-radio Wi-Fi 6/6E 4×4/2×2 AP.

Hardware:
    Model:    Cambium Networks XE3-4
    CPU:      IPQ6010/AP-CP01-C3, SoC Version: 1.0 @ 800 MHz
    Memory:   1 GiB
    Flash:    512 MiB Macronix MX30UF2G18AC + W25Q128FW
    Ethernet: 1x 1 GbE   (QCA8072)
              1x 2.5 GbE (QCA8081)
    Buttons:  1x Reset
    Serial:   TX, RX, GND
    Baudrate: 115200
    Radios:   Qualcomm Atheros IPQ6018 802.11ax - 2x2 - 2GHz
              Qualcomm Atheros IPQ6018 802.11ax - 2x2 - 5GHz
              Qualcomm Atheros QCN9074 802.11ax - 4x4 - 5GHz or 6GHz
              BLE 4.1
    Power:    32.0W 802.3bt5 PoE++
              25.5W 802.3at with USB, BT disabled
    Size:     215mm x 215mm
    Ports:    1x USB 2.0
    Antenna:  6 GHz: 6.29 dBi, Omni    30 dBm
              5 GHz: 6.12 dBi, Omni    31 dBm
              2.4 GHz: 4.85 dBi, Omni  29 dBm
    LEDs:     Multi-color status LEDs
    Mounting: Wall, ceiling or T-bar

Installation: Serial connection
1. Open the AP to get access to the board. Connect RX, TX and GND.
2. Power on the AP, and short the CS pin of the SPI flash with
   one of the APs GND pins.
3. Transfer the initramfs image with TFTP
   (Default server IP is 192.168.0.120)
   # tftpboot factory.ubi
4. Flash the rootfs partition
   # flash rootfs
5. Reboot the AP
   # reset

Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Link: https://github.com/openwrt/openwrt/pull/15633
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-08 22:57:22 +02:00
Aleksey Vasilenko
f8ed29932f libunistring: update to 1.2
Release notes:
  https://git.savannah.gnu.org/gitweb/?p=libunistring.git;a=blob_plain;f=NEWS

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16065
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-07 18:05:32 +02:00
Zxl hhyccc
58a8b882ce kernel: mtdtests: update for 6.1 as well
6.1.103 and 6.6.44 introduced breakage complaining about missing mtd_test.ko
for some targets.

Signed-off-by: Zxl hhyccc <zxlhhy@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16093
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-07 10:07:49 +02:00
Paul Spooren
ef8c1adb61 apk: switch to index-trust branch
Initially APK would sign packages and package index and verify
signatures individually. With the latest change, all packages inside a
trusted index are automatically trusted.

This is important within the OpenWrt eco-system since signing the index
happens on another machine than the package creation.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-08-06 18:07:30 +02:00
Mieczyslaw Nalewaj
ce6145b818 kernel: Add kmod-mfd-test for kernel 6.6 only
Compilation of mtd_test.ko should be added only for kernel 6.6 or above.

Fixes 26df88a ("kernel: Add kmod-mfd-test")

Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/16085
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-06 14:04:31 +02:00
Marek Behún
38f2d26f1b utils: omnia-mcutool: Bump to 0.3-rc3
Bump omnia-mcutool to 0.3-rc3:

* The `--upgrade` option will now work even if MCU is in bootloader (for
  example if previous upgrade was aborted).

* On boards with GD32 MCUs, `omnia-mcutool` will now refuse to upgrade
  application firmware to version lower than 4.1 if bootloader version
  is 2.0 (the original for first batch of boards with GD32 MCUs) since
  these versions of application and bootloader are not compatible.

  If user already upgraded to such a combination, an upgrade of
  bootloader firmware is required.

  The `--upgrade` option will inform about this and will automatically
  upgrade bootloader firmware if the `--force` option is given.

  (Note that version 4.1 of the MCU firmware was will be released soon,
   once it is properly tested.)

* Various other improvements.

Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/16086
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-06 10:49:21 +02:00
John Audia
26df88a7df kernel: Add kmod-mfd-test
6.6.44 introduced breakage complaining about missing mtd_test.ko
for some targets.

Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/16061
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-06 00:40:14 +02:00
Rany Hany
db7f70fe61 hostapd: fix SAE H2E security vulnerability
This patch backports fixes for a security vulnerability impacting the
hostapd implementation of SAE H2E.

As upgrading hostapd would require more testing, the second mitigation
step which involves backporting several patches was adopted as outlined
in the official advisory[1].

An explanation of the impact of the vulnerability is provided from the
advisory[1]:

This vulnerability allows the attacker to downgrade the negotiated group
to another enabled group if both the AP and STA have enabled SAE H2E and
multiple groups. It should be noted that the H2E option is not enabled
by default and the attack is not applicable to the default option, i.e.,
hunting-and-pecking, since it does not have any downgrade protection for
group negotiation. In addition, the default configuration for enabled
SAE groups in hostapd is to enable only a single group, so the
vulnerability is not applicable unless hostapd has been explicitly
configured to enable more groups for SAE.

[1]: https://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt

Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16042
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-02 23:13:44 +02:00
Marek Mojík
17ecd37c6a utils: Add the omnia-mcutool utility
Add a new utility, omnia-mcutool, which main purpose is to upgrade the
firmware on the microcontroller on the Turris Omnia router. Depends on
omnia-mcu-firmware, and the upgrade process is pretty simple:

  omnia-mcutool --upgrade

Besides firmware upgrade, the utility can be used to show and configure
various firmware settings.

Signed-off-by: Marek Mojík <marek.mojik@nic.cz>
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-02 22:11:05 +02:00
Marek Mojík
56706d33cf firmware: Add CZ.NIC Turris Omnia MCU firmware
Add a new package, omnia-mcu-firmware, containing firmware binaries for
the microcontroller on the Turris Omnia router.

Signed-off-by: Marek Mojík <marek.mojik@nic.cz>
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-02 22:11:05 +02:00
Marek Behún
cbc8d072c8 gpio-button-hotplug: add vendor button handling
Handle the KEY_VENDOR key in gpio-button-hotplug driver. This is used
by Turris Omnia.

Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/13799
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-02 22:11:05 +02:00
Daniel Golle
ee8c05f9b6 netifd: update to git HEAD
68c8a4f system-linux: re-apply ethtool on phy attachment
 890929b wireless: add support for defining wifi interfaces via procd service data
 b57e40b wireless: use blobmsg_parse_attr
 7a6532f proto-shell: add proto property for skipping device config
 33ec3da CMake: bump the minimum required CMake version to 3.5

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-01 20:48:24 +01:00
FUKAUMI Naoki
7e06815257 mac80211: realtek: rtw88: add support for RTL8723DS and RTL8723DU
add Realtek RTL8723DS and RTL8723DU support to rtw88 package.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15910
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-01 00:04:41 +02:00
Hauke Mehrtens
4e6212e62f linux-firmware: amd64-microcode: Remove TARGET_x86 dependency
Build the amd64-microcode package on all architectures even if it only
makes sense to use it on x86. If the package build is done by a builder
not building for x86 it will not include the package otherwise.

Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
Hauke Mehrtens
4992946bc9 firmware-utils: Mark as nonshared to build in step 1
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different  target.

Fixes: 24d6abe2d7 ("firmware-utils: new package replacing otrx")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
Hauke Mehrtens
9ac50c0aa3 dns320l-mcu: Mark as nonshared to build in step 1
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different  target.

Fixes: 8619d7af67 ("kirkwood: add D-Link DNS-320L support")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
Hauke Mehrtens
54258c396f kobs-ng: Mark as nonshared to build in step 1
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different  target.

Fixes: 1eb21b87bd ("kobs-ng: add new package")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
Hauke Mehrtens
9a981ffb51 imx-bootlets: Mark as nonshared to build in step 1
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step
2. In the build step 2 it may be left out if we build it using a
different  target.

Fixes: 07043a853a ("imx23: rename imx23 to mxs for upcoming imx23/28 support")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
Hauke Mehrtens
fe62370e55 firmware: Mark Intel/Lantiq firmware packages as nonshared
Package the firmware files in the target specific build step and not in
the architecture common step. The architecture common step is not
necessary build for the ipq40xx target. If it is build for a different
target these packages are not packaged at all. This moves the build to
the ipq40xx target specific build step. This change is needed to make
the firmware files show up in the buildbot images.

Fixes: 02db8a19cb ("firmware: add Intel/Lantiq VRX518 ACA firmware package")
Fixes: 07b0e6f3d9 ("firmware: add Intel/Lantiq VRX518 PPE firmware package")
Fixes: 13eb1f564a ("firmware: add Intel/Lantiq VRX518 DSL firmware package")
Link: https://github.com/openwrt/openwrt/pull/16031
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-30 21:42:33 +02:00
FUKAUMI Naoki
649bc715b2 rockchip: add support for Radxa ROCK Pi E v3.0
Radxa ROCK Pi E v3.0 is a compact networking SBC[1] using the Rockchip
RK3328 SoC.

Hardware
--------
- Rockchip RK3328 SoC
- Quad A53 CPU
- 512MB/1GB/2GB DDR4 RAM
- 4/8/16/32GB eMMC
- Micro SD Card slot
- WiFi 4 and BT 4, or WiFi 5 and BT 5 (not supported yet)
- 1x 1000M Ethernet with PoE support (additional PoE HAT required)
- 1x 100M Ethernet
- 1x USB 3.0 Type-A port (Host)
- 1x 4-ring 3.5mm headphone jack
- 40 Pin GPIO header

[1] https://radxa.com/products/rockpi/pie

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15984
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-29 23:00:14 +02:00
Hauke Mehrtens
91573ac145 ncurses: Fix path in ncursesw.pc
The file contains the the /usr/lib path from the toolchain directory and
not from the target directory. The /usr/lib directory for the toolchain
is empty and the shared library is not in the specified paths. On RISCV
the linker of util-linux was finding the libncursesw.so in my host
system, tried to link against it and failed. Fix the .pc file.

Fixes: #15942
Co-authored-by: Thomas Weißschuh <thomas@t-8ch.de>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/16018
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-28 19:30:35 +02:00
Aleksey Vasilenko
d261be1d9e mwlwifi: fix mac80211 broken after update to 6.9.9
Port of kernel commit: https://github.com/torvalds/linux/commit/0a44dfc
Fixes: https://github.com/openwrt/openwrt/issues/15975
Fixes: 1bfcc1e ("mac80211: update to version 6.9.9")

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16016
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-28 19:16:34 +02:00
INAGAKI Hiroshi
08705d4481 uboot-ath79: add support for NEC Aterm series based on AR9344
Add support for NEC Aterm series devices based on Atheros AR9344.
The following devices have almost the same hardware, so the same U-Boot
binary can be used for them.

- NEC Aterm WR8750N
- NEC Aterm WR9500N
- NEC Aterm WG600HP

By the way, on NetBSD-based NEC Aterm devices, only 0x20000 (128KiB) is
available for a bootloader on the flash chip and that limitation is too
small for mainline U-Boot with the default options. So many
features/commands not required for booting OpenWrt and recoverying are
disabled on that devices, like the followings.

- networking support
- FIT support
- all decompression methods support

etc...

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15432
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-28 18:47:56 +02:00
INAGAKI Hiroshi
e08b4bab8f uboot-ath79: add new U-Boot package for Atheros/QCA devices
Add U-Boot package for the devices that based on Atheros/Qualcomm
Atheros SoCs.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15432
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-28 18:47:56 +02:00
Hauke Mehrtens
e33ebdd00e ltq-ptm: Fix netdev ioctls with kernel > 5.15
.ndo_do_ioctl is not called for SIOCDEVPRIVATE any more, the kernel
calls .ndo_siocdevprivate now.

The function gets the data pointer from the callback directly, make use
of it.

See upstream Linux kernel commit:
https://git.kernel.org/linus/b9067f5dc4a07c8e24e01a1b277c6722d91be39e

Link: https://github.com/openwrt/openwrt/pull/16005
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-28 16:12:51 +02:00
Thomas Weißschuh
edf927690e util-linux: update to v2.40.2
Release Notes:
        https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40-ReleaseNotes
        https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40.1-ReleaseNotes
        https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40.2-ReleaseNotes

Remove upstreamed:
        0001-meson-Fix-build-python-option.patch

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
Link: https://github.com/openwrt/openwrt/pull/15995
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-27 18:59:42 +02:00
Rafał Miłecki
a67b20e3d5 base-files: upgrade: nand: allow custom fw extraction in nand_do_upgrade()
By default nand_do_upgrade() can only deal with raw and gzipped firmware
files. Vendors often use custom firmware containers. Allow passing
custom extraction command to allow using nand_do_upgrade() with vendor
firmwares.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-07-26 13:41:25 +02:00
Chukun Pan
ee382f65a9 uboot-mediatek: add TP-LINK TL-XTR8488 support
Same as TP-Link TL-XDR608x, this router comes with locked vendor
loader. Add U-Boot build for replacement loader for this device.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Link: https://github.com/openwrt/openwrt/pull/15930
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-25 22:54:16 +02:00
FUKAUMI Naoki
d94d14a5ed rockchip: add support for Radxa ROCK 3A
Radxa ROCK 3A is a credit card sized SBC with rich interfaces[1] using
the Rockchip RK3328 SoC.

Hardware
--------
- Rockchip RK3568 SoC
- Quad Cortex-A55 CPU
- Mail G52 GPU
- 1 TOPs NPU
- 2/4/8GB LPDDR4 RAM
- 1x eMMC connector
- 1x M.2 M Key (2-lane PCIe 3.0) supporting NVMe SSD
- 1x Micro SD card slot
- 1x 1000M Ethernet with PoE support (additional PoE HAT required)
- 1x USB 3.0 Type-A port (Host)
- 1x USB 3.0 Type-A port (OTG)
- 2x USB 2.0 Type-A ports (Host)
- 40 pin color GPIO header

[1] https://radxa.com/products/rock3/3a

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15985
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-25 22:50:28 +02:00
FUKAUMI Naoki
bbcd5111cb rockchip: add support for Radxa ROCK Pi S
Radxa ROCK Pi S is a small in size, full in features SBC[1] using the
Rockchip RK3308B SoC.

Hardware
--------
- Rockchip RK3308B SoC
- Quad A35 CPU
- 256/512MB DDR3 RAM
- Optional 4/8GB eMMC
- Micro SD Card slot
- Optional WiFi 4 and BT 4 (not supported yet)
- 1x 100M Ethernet with PoE support (additional PoE HAT required)
- 1x USB 2.0 Type-A port (Host)
- 1x USB 2.0 Type-C port (OTG)
- 2x 26 Pin GPIO header

[1] https://radxa.com/products/rockpi/pis

Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15933
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-24 00:03:02 +02:00
FUKAUMI Naoki
2d31004133 wifi-scripts: add missing dependency on ucode-mod-rtnl
rtnl is used in hostap/common.uc.

$ grep -r rtnl files
files/usr/share/hostap/common.uc:import * as rtnl from "rtnl";
files/usr/share/hostap/common.uc:	     rtnl.request(rtnl.const.RTM_SETLINK, 0, { dev: reuse_ifname, ifname: name}) != false))
files/usr/share/hostap/common.uc:	rtnl.request(rtnl.const.RTM_SETLINK, 0, { dev: name, change: 1, flags: up ? 1 : 0 });

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15922
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-23 23:49:36 +02:00
Martin Schiller
13eb1f564a firmware: add Intel/Lantiq VRX518 DSL firmware package
This is required by the DSL CPE API driver.

Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[update for new license]
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15550
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 21:42:09 +02:00
Martin Schiller
07b0e6f3d9 firmware: add Intel/Lantiq VRX518 PPE firmware package
This firmware is used by the vrx518 tc driver.

Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[update for new license]
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15550
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 21:42:09 +02:00
Martin Schiller
02db8a19cb firmware: add Intel/Lantiq VRX518 ACA firmware package
This firmware is used by the vrx518 ep driver.

Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[update for new license]
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15550
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 21:42:09 +02:00
Borys Zhukov
f25cd55bd1 ramips: add support for Netgear WAX214v2
Netgear WAX214v2 is an 802.11ax (Wi-Fi 6) wireless access point.

Specifications:
* SoC: MediaTek MT7621AT
* RAM: 512 MiB
* Flash: NAND 128 MiB (ESMT PSU1GA30DT)
* Wi-Fi: 2.4/5 GHz 4T4R (MediaTek MT7915E)
* Ethernet: 1x 10/100/1000 Mbps LAN
* Switch: MediaTek MT7530 (SoC built-in)
* LEDs/Keys
  * Power (green, blue, amber)
  * LAN (green, amber)
  * WLAN 2.4GHz (green, blue)
  * WLAN 5GHz (green, blue)
  * Reset button
* USB: None
* UART: Marked J1 on board, 115200 8N1
* Power
  * 12 VDC, 1.5 A
  * IEEE 802.3at (PoE+)

Load addresses (same as Netgear WAX202):
* stock
  * 0x80010000: FIT image
  * 0x81001000: kernel image -> entry
* OpenWrt
  * 0x80010000: FIT image
  * 0x82000000: uncompressed kernel+relocate image
  * 0x80001000: relocated kernel image -> entry

MAC addresses as verified by OEM firmware:

vendor   OpenWrt   address
eth0     lan       label
ra0      phy0      label + 2
rax0     phy1      label + 3

Installation:
* Flash the factory image by TFTP to the bootloader.
  NMRP can be used to TFTP without opening the case.

Revert to stock firmware:
* Flash the stock firmware to the bootloader using TFTP/NMRP.

References to WAX214v2 GPL source:
https://www.downloads.netgear.com/files/GPL/WAX214v2-V1.0.1.5-gpl-src.tar.gz

* openwrt/target/linux/ramips/dts/mt7621-ax-nand-wax214v2.dts
  DTS file for this device.

Signed-off-by: Borys Zhukov <borys@zhukov.org>
Link: https://github.com/openwrt/openwrt/pull/14401
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 20:05:14 +02:00
Luiz Angelo Daros de Luca
403c17cadf kernel: modules: video: add kmod-video-gspca-pac7302
Add the package for the Pixart PAC7302 USB Camera Driver kernel module.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15886
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 19:01:23 +02:00
Philip Prindeville
0037100e12 base-files: ipcalc.sh handle start and range being empty strings
If we're being paranoid and quote all the arguments to ipcalc.sh,
it's possible to pass in empty start and range arguments.  This
should be handled the same as their being absent.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Link: https://github.com/openwrt/openwrt/pull/15946
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 17:31:59 +02:00
Marco von Rosenberg
f84a9f7dc0 ath79: add support for Huawei AP6010DN
Huawei AP6010DN is a dual-band, dual-radio 802.11a/b/g/n 2x2 MIMO
enterprise access point with one Gigabit Ethernet port and PoE
support.

Hardware highlights:
- CPU: AR9344 SoC at 480MHz
- RAM: 128MB DDR2
- Flash: 32MB SPI-NOR
- Wi-Fi 2.4GHz: AR9344-internal radio
- Wi-Fi 5GHz: AR9580 PCIe WLAN SoC
- Ethernet: 10/100/1000 Mbps Ethernet through Atheros AR8035 PHY
- PoE: yes
- Standalone 12V/2A power input
- Serial console externally available through RJ45 port
- External watchdog: CAT706SVI (1.6s timeout)

Serial console:
  9600n8 (9600 baud, no stop bits, no parity, 8 data bits)

MAC addresses:
  Each device has 32 consecutive MAC addresses allocated by
  the vendor, which don't overlap between devices.
  This was confirmed with multiple devices with consecutive
  serial numbers.
  The MAC address range starts with the address on the label.
  To be able to distinguish between the interfaces,
  the following MAC address scheme is used:
    - eth0 = label MAC
    - radio0 (Wi-Fi 2.4GHz) = label MAC + 1
    - radio1 (Wi-Fi 5GHz) = label MAC + 2

Installation:
0. Connect some sort of RJ45-to-USB adapter to "Console" port of the AP

1. Power up the AP

2. At prompt "Press f or F  to stop Auto-Boot in 3 seconds",
   do what they say.
   Log in with default admin password "admin@huawei.com".

3. Boot the OpenWrt initramfs from TFTP using the hidden script "run ramboot".
   Replace IP address as needed:

   > setenv serverip 192.168.1.10
   > setenv ipaddr 192.168.1.1
   > setenv rambootfile openwrt-ath79-generic-huawei_ap6010dn-initramfs-kernel.bin
   > saveenv
   > run ramboot

4. Optional but recommended as the factory firmware cannot be downloaded publicly:
   Back up contents of "firmware" partition using the web interface or ssh:

   $ ssh root@192.168.1.1 cat /dev/mtd11 > huawei_ap6010dn_fw_backup.bin

5. Run sysupgrade using sysupgrade image. OpenWrt
   shall boot from flash afterwards.

Return to factory firmware (using firmware upgrade package downloaded from non-public Huawei website):
1. Start a TFTP server in the directory where
   the firmware upgrade package is located

2. Boot to u-boot as described above

3. Install firmware upgrade package and format the config partitions:

   > update system FatAP6X10XN_SOMEVERSION.bin
   > format_fs

Return to factory firmware (from previously created backup):
1. Copy over the firmware partition backup to /tmp,
   for example using scp

2. Use sysupgrade with force to restore the backup:
   sysupgrade -F huawei_ap6010dn_fw_backup.bin

3. Boot AP to U-Boot as described above

Quirks and known issues:
- The stock firmware has a semi dual boot concept where the primary
kernel uses a squashfs as root partition and the secondary kernel uses
an initramfs. This dual boot concept is circumvented on purpose to gain
more flash space and since the stock firmware's flash layout isn't
compatible with mtdsplit.
- The external watchdog's timeout of 1.6s is very hard to satisfy
during bootup. This is why the GPIO15 pin connected to the watchdog input
is configured directly in the LZMA loader to output the AHB_CLK/2 signal
which keeps the watchdog happy until the wdt-gpio kernel driver takes
over. Because it would also take too long to read the whole kernel image
from flash, the uImage header only includes the loader which then reads
the kernel image from flash after GPIO15 is configured.

Signed-off-by: Marco von Rosenberg <marcovr@selfnet.de>
Link: https://github.com/openwrt/openwrt/pull/15941
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 16:51:52 +02:00
Tianling Shen
f2f428c699 mediatek: add ABT ASR3000 support
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: 128 MB SPI-NAND
  RAM: 256MB
  Ethernet: 4x 10/100/1000 Mbps
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, Mesh
  Power: DC 12V 1A

Gain telnet access:
1. Login into web interface, and download the configuration.
2. Decode and uncompress the configuration:
     * Enter fakeroot if you are not login as root.
   base64 -d e-xxxxxxxxxxxx-cfg.tar.gz | tar -zx
3. Edit 'etc/passwd', remove root password: 'root::1:0:99999:7:::'.
4. Edit 'etc/rc.local', insert telnetd command before 'exit 0':
   ( sleep 3s; /usr/sbin/telnetd; ) &
5. Repack the configuration:
   tar -zc etc/ | base64 > e-xxxxxxxxxxxx-cfg.tar.gz
6. Upload new configuration via web interface, now you can connect to
   ASR3000 via telnet.

Flash instructions:
1. Connect to ASR3000, backup everything, especially 'Factory' part.
2. Write new BL2:
   mtd write openwrt-mediatek-filogic-abt_asr3000-preloader.bin BL2
3. Write new FIP:
   mtd write openwrt-mediatek-filogic-abt_asr3000-bl31-uboot.fip FIP
4. Set static IP on your PC:
   IP 192.168.1.254/24, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, perform sysupgrade.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15887
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 16:13:06 +02:00
Sean Khan
02e8285051 mac80211: fix kconf build warnings
This patch cleans up the following warnings during build:

"warning: format not a string literal"

```
conf.c: In function 'conf_askvalue':
conf.c:89:17: warning: format not a string literal and no format arguments [-Wformat-security]
    89 |                 printf(_("(NEW) "));
      |                 ^~~~~~
conf.c: In function 'conf_choice':
conf.c:285:33: warning: format not a string literal and no format arguments [-Wformat-security]
  285 |                                 printf(_(" (NEW)"));
      |                                 ^~~~~~
conf.c: In function 'check_conf':
conf.c:440:41: warning: format not a string literal and no format arguments [-Wformat-security]
  440 |                                         printf(_("*\n* Restart config...\n*\n"));
      |                                         ^~~~~~
conf.c: In function 'main':
conf.c:617:41: warning: format not a string literal and no format arguments [-Wformat-security]
  617 |                                         _("\n*** The configuration requires explicit update.\n\n"));
      |                                         ^
conf.c:669:25: warning: format not a string literal and no format arguments [-Wformat-security]
  669 |                         fprintf(stderr, _("\n*** Error during writing of the configuration.\n\n"));
      |                         ^~~~~~~
conf.c:673:25: warning: format not a string literal and no format arguments [-Wformat-security]
  673 |                         fprintf(stderr, _("\n*** Error during update of the configuration.\n\n"));
      |                         ^~~~~~~
conf.c:684:25: warning: format not a string literal and no format arguments [-Wformat-security]
  684 |                         fprintf(stderr, _("\n*** Error during writing of the configuration.\n\n"));
      |                         ^~~~~~~
```

And POSIX Yacc warnings
```
lex -ozconf.lex.c -L zconf.l
yacc -ozconf.tab.c -t -l zconf.y
zconf.y:34.1-7: warning: POSIX Yacc does not support %expect [-Wyacc]
    34 | %expect 32
      | ^~~~~~~
zconf.y:97.1-11: warning: POSIX Yacc does not support %destructor [-Wyacc]
    97 | %destructor {
      | ^~~~~~~~~~~
gcc -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -DKBUILD_NO_NLS   -c -o zconf.tab.o zconf.tab.c
gcc   conf.o zconf.tab.o   -o conf
```

After:

gcc -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -DKBUILD_NO_NLS   -c -o conf.o conf.c
yacc -Wno-yacc -ozconf.tab.c -t -l zconf.y
gcc -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -DKBUILD_NO_NLS   -c -o zconf.tab.o zconf.tab.c
gcc   conf.o zconf.tab.o   -o conf

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15953
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-21 14:01:21 +02:00
Tony Ambardar
2bebf13357 libbpf: Update to v1.4.5
Update to the latest upstream release to include recent improvements and
bugfixes.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.5
Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.4
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-07-19 12:14:47 -07:00
Rafał Miłecki
715634e6d1 base-files: upgrade: nand: use "cmd" argument for extracting command
NAND code uses either "cat" or "zcat" for getting firmware image
content. Code was full of duplicated ${gz}cat calls. Use "cmd" variable
that is determined by a caller and passed to lower level functions. This
avoids code duplication and allows adding support for more formats.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-07-19 08:48:51 +02:00
Rafał Miłecki
4565699ebe base-files: upgrade: nand: document nand_do_upgrade()
Describe what firmware files are supported.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-07-19 08:48:51 +02:00
Tianling Shen
39c824f846 mediatek: switch to fitblk for cmcc rax3000m
Use the new fitblk driver.

Tested-by: Yangyu Chen <cyy@cyyself.name>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-18 13:20:58 +01:00
Daniel Golle
de2df0f2c5 base-files: remove fitblk_get_bootdev() from /lib/upgrade/common.sh
The function was moved to /lib/upgrade/fit.sh which is part of the fitblk
package. Remove it from /lib/upgrade/common.sh to safe space on boards
not using unified uImage.FIT images.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-18 11:48:53 +01:00
Daniel Golle
386855dca8 uboot-envtools: use /lib/upgrade/fit.sh
Use export_fitblk_bootdev() in /lib/upgrade/fit.sh instead of now
deprecated fitblk_get_bootdev() function. Include /lib/upgrade/fit.sh
instead of /lib/upgrade/common.sh to allow removing the function there.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-18 11:48:53 +01:00
Daniel Golle
ec2dc60d57 fitblk: move shell functions to common file
Move shell functions used for sysupgrade into /lib/upgrade/fit.sh.
Introduce improved fitblk boot device detection function which
works also in case ubiblock devices have not yet been created or
even UBI itself not yet being attached.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-18 11:48:53 +01:00
Hauke Mehrtens
3a0232ffd3 wolfssl: Update to version 5.7.2
This fixes multiple security problems:
 * [Medium] CVE-2024-1544
   Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls.

 * [Medium] CVE-2024-5288
   A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations.

 * [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS.

 * [Low] CVE-2024-5991
   In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.

 * [Medium] CVE-2024-5814
   A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection.

 * [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received.

 * [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt.

Unset DISABLE_NLS to prevent setting the unsupported configuration
option --disable-nls which breaks the build now.

Link: https://github.com/openwrt/openwrt/pull/15948
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-15 23:57:44 +02:00
Felix Fietkau
37f5a3bb01 uboot-mediatek: fix build error on mt7988-rfb
Remove an unnecessary config option that was breaking the build

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-07-15 11:55:48 +02:00
Daniel Golle
850a5caaa3 fstools: update to git HEAD
408c2cc libfstools: skip JFFS2 padding when BLOCKSIZE was given
 013050f fstools: remove redundant F2FS_MINSIZE definition

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-14 19:45:21 +01:00
Daniel Golle
3a85467427 uboot-mediatek: remove hard-coded UBI volume numbers
There is no point in hard-coding the UBI volume numbers as we are
dynamically looking up the volume by volume name in all cases by now.

Remove this relict as it causes problems without being useful for
anything.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-14 16:29:49 +01:00
Shiji Yang
a40e0c7529 uboot-mediatek: refresh device defconfig files
It seems that most of them are manually modified. However, we can
use `make savedefconfig` to generate a clean defconfig file.

Refreshed by:
```
Boards=(
	mt7623n_bpir2_defconfig \
	mt7623a_unielec_u7623_02_defconfig \
	mt7622_bananapi_bpi-r64-sdmmc_defconfig \
	mt7622_bananapi_bpi-r64-emmc_defconfig \
	mt7622_bananapi_bpi-r64-snand_defconfig \
	mt7622_linksys_e8450_defconfig \
	mt7622_ubnt_unifi-6-lr-v1_defconfig \
	mt7622_ubnt_unifi-6-lr-v2_defconfig \
	mt7622_ubnt_unifi-6-lr-v3_defconfig \
	ravpower-rp-wd009-ram_defconfig \
	mt7621_zbtlink_zbt-wg3526-16m_defconfig \
	mt7986_netcore_n60_defconfig \
	mt7986a_bpi-r3-emmc_defconfig \
	mt7986a_bpi-r3-nor_defconfig \
	mt7986a_bpi-r3-sd_defconfig \
	mt7986a_bpi-r3-snand_defconfig \
	mt7986_xiaomi_redmi-ax6000_defconfig \
	mt7986_tplink_tl-xdr4288_defconfig \
	mt7986_tplink_tl-xdr6086_defconfig \
	mt7986_tplink_tl-xdr6088_defconfig \
	mt7981_qihoo-360t7_defconfig \
	mt7981_xiaomi_mi-router-wr30u_defconfig \
	mt7981_h3c_magic-nx30-pro_defconfig \
	mt7986a_glinet_gl-mt6000_defconfig \
	mt7981_cmcc_rax3000m-emmc_defconfig \
	mt7981_cmcc_rax3000m-nand_defconfig \
	mt7981_jcg_q30-pro_defconfig \
	mt7986_zyxel_ex5601-t0_defconfig \
	mt7981_xiaomi_mi-router-ax3000t_defconfig \
	mt7986a_jdcloud_re-cp-03_defconfig \
	mt7986a_bpi-r3-mini-emmc_defconfig \
	mt7986a_bpi-r3-mini-snand_defconfig \
	mt7981_nokia_ea0326gmp_defconfig \
	mt7988a_bananapi_bpi-r4-emmc_defconfig \
	mt7988a_bananapi_bpi-r4-sdmmc_defconfig \
	mt7988a_bananapi_bpi-r4-snand_defconfig \
	mt7988a_bananapi_bpi-r4-poe-emmc_defconfig \
	mt7988a_bananapi_bpi-r4-poe-sdmmc_defconfig \
	mt7988a_bananapi_bpi-r4-poe-snand_defconfig \
	mt7622_xiaomi_redmi-router-ax6s-ubi-loader_defconfig \
	mt7981_openwrt-one-nor_defconfig \
	mt7981_openwrt-one-spi-nand_defconfig \
	)

for Board in ${Boards[@]}
do
	echo "Refresh board ${Board}"
	make ${Board}
	make savedefconfig
	cat ./defconfig > ./configs/${Board}
done
```

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-07-14 16:29:49 +01:00
Shiji Yang
6951526792 uboot-mediatek: update to U-Boot release v2024.07
1. Rename function _do_env_set() to env_do_env_set().
2. Replace kwbimage hack with UBOOT_CUSTOMIZE_CONFIG:
   "--disable TOOLS_KWBIMAGE" and "--disable TOOLS_LIBCRYPTO".
3. Disable CONFIG_CMD_BOOTEFI_BOOTMGR for all supported devices
   because the newly added UEFI bootmenu entries doesn't work.
4. Enable CONFIG_VERSION_VARIABLE for the OpenWrt One.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Co-authored-by: Daniel Golle <daniel@makrotopia.org>
2024-07-14 16:29:49 +01:00
Felix Fietkau
7f44f8d8d6 mt76: update to Git HEAD (2024-07-13)
564cd93961fc mt76: sync with upstream changes
3b47d9df427c wifi: mt76: mt7915: fix oops on non-dbdc mt7986

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-07-13 15:31:32 +02:00