Reduce calls and pipes and read from urandom once directly with hexdump
for the necessary 5 bytes of random data to build the 48 bit ULA Prefix.
Fewer calls and forks; finish quicker; less memory used.
Tested on: 23.05.3
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
It seems that move to kernel 6.6 somehow fixed the remoteproc restart so
now it properly restarts and thus coldboot calibration works as well.
ipq60xx still seems to be broken in a different way so keep it disabled.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add patch fixing rmmod and insmod. Lots of flawed logic fixed that
permits the module to correctly rmmod and insmod later.
Just to quote some change, use phy_detach instead of phy_disconnect, fix
exclusive reset_control that could only be used once, fix kernel panic
on second edma_cleanup, stop traffic before module exit...
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This reverts commit a9e22ffa50.
After doing a clean rebuild, it turns out that this change is not necessary
Signed-off-by: Felix Fietkau <nbd@nbd.name>
3159bbe0a2eb improve isolation when selecting a fixed output port
c77a7a1ff74d nl: fix getting flow offload stats
a08e51e679dd add support for disabling bridge-local flows via config
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The new script uses a different strategy compared to the previous one.
Instead of trying to split flows by hash and spread them to all CPUs,
use RPS to redirect packets to a single core only.
Try to spread NAPI thread and RPS target CPUs across available CPUs
and try to ensure that the NAPI thread is on a different CPU than the
RPS target. This significantly reduces cycles wasted on the scheduler.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Limiting allowed channels per device may be required and is commonly
supported on other drivers, so include a pending patch to add support for
the same.
Signed-off-by: Robert Marko <robimarko@gmail.com>
As commit 3ce1e4c3d3 ("d1: define subtarget specifically") added the
'generic' subtarget, without 'BUILD_SUBTARGET' the correspond U-Boot
package will be no longer selected automatically.
Fixes: 3ce1e4c3d3 ("d1: define subtarget specifically")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Update to the latest upstream release to include recent improvements and
bugfixes. Update copyright, fix typo in PKG_NAME, and remove unneeded use
of MAKE_VARS definition in Makefile. Drop 001-cflags.patch and simplify
002-includes.patch after refreshing. Also simplify LTO/DCE build flags.
Link: https://github.com/libbpf/bpftool/releases/tag/v7.4.0
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Update to the latest upstream release to include recent improvements and
bugfixes, and update copyright. Remove MAKE_VARS usage in Makefile and drop
001-cflags.patch which are no longer needed. Also add flags to disable LTO,
mistakenly dropped earlier.
Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.0
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
only available from >= 1.0.15
Comments are useful. Apparently this config parameter was committed when
openwrt used an older version of lldpd which did not yet support it.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Starting with Linux 6.3 the .probe call no longer got the id parameter,
see also commit torvalds/linux@03c835f498
("i2c: Switch .probe() to not take an id parameter").
As the parameter is anyway unused by the driver, drop it when
building the GCA230718 LED driver for newer kernels.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
HW specifications:
* Mediatek MT7981A
* 256MB SPI-NAND
* 512MB DRAM
* Uplink: 1 x 10/100/1000Base-T Ethernet, Auto MDIX, RJ-45 with 802.3at
PoE (Built-in GBe PHY)
* LAN: 1 x 10/100/1000Base-T Ethernet, Auto MDIX, RJ-45 (Airoha EN8801SC)
* 1 Tricolor LED
* Reset button
* 12V/2.0A DC input
Installation:
Board comes with OpenWifi/TIP which is OpenWrt based, so sysupgrade can
be used directly over SSH.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
This module supports the Microchip Technology Inc (SMSC)
EMC2301/EMC2302/EMC2303/EMC2305 fan speed PWM controller chips.
Signed-off-by: Oleg S <remittor@gmail.com>
Historically it's possible to leave the `SUBTARGETS` undefined and
automatically fallback to a "generic" subtarget. This however breaks
various downstream scripts which may have expectations around filenames:
While some targets with an explicit generic subtarget contain `generic`
in the filenames of artifacts, implicit "subtargets" don't.
Right now this breaks the CI[1], possibly also scripts using the ImageBuilders.
This commit removes all code that support implicit handling of
subtargets and instead requires every target to define "SUBTARGETS".
[1]: https://github.com/openwrt/openwrt/actions/runs/8592821105/job/23548273630
Signed-off-by: Paul Spooren <mail@aparcar.org>
e209a4ced1d8 add strdupa macro for compatibility
af1962b9a609 uclient: add helper function for getting ustream-ssl context/ops
488f1d52cfd2 http: add helper function for checking redirect status
b6e5548a3ecc uclient: defer read notifications to uloop timer
352fb3eeb408 http: call ustream_poll if not enough read data is available
e611e6d0ff0b add ucode binding
ddb18d265757 uclient: add function for getting the amount of pending read/write data
980220ad1762 ucode: fix a few ucode binding issues
6c16331e4bf5 ucode: add support for using a prototype for cb, pass it to callbacks
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This is mostly a cosmetic cleanup. The absence of
the return statement was not causing any problems.
Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
So, when updating the hash for at91bootstrap it was done via CHECK_ALL=1
so that updated the PKG_MIRROR_HASH for the main v4 version hash, but
at91bootstrap checkout version depends on the subtarget as well.
Choosing to build for sam9x will change the at91bootstrap version to v3
and this hash was not refreshed thus causing the CI to fail.
Fixes: 6918c637b7 ("treewide: package: update missed hashes after switch to ZSTD")
Signed-off-by: Robert Marko <robimarko@gmail.com>
With the switch to ZSTD for git clone packaging, hashes have changed so
fixup remaining package hashes that were missed in the inital update.
Fixes: b3c1c57 ("treewide: update PKG_MIRROR_HASH to zst")
Signed-off-by: Robert Marko <robimarko@gmail.com>
When using zst instead of xz, the hash changes.
This was missed in the initial treewide updated.
Fixes: b3c1c57a35 ("treewide: update PKG_MIRROR_HASH to zst")
Signed-off-by: Robert Marko <robimarko@gmail.com>
When an IBBS interface is configured for IBSS legacy mode, wdev.htmode
is empty. This is empty string results in an empty positional argument
to the "ibbs join" command, for example:
iw dev phy0-ibss0 ibss join crymesh 2412 '' fixed-freq beacon-interval 100
This empty argument is interpreted as an invalid HT mode by 'iw',
causing the entire command to fail and print a "usage" message:
daemon.notice netifd: radio0 (4527): Usage: iw [options] \
dev <devname> ibss join <SSID> <freq in MHz> ...
Although nobody will ever need more than 640K of IBSS, explicitly use
"NOHT" if an HT mode is not given. This fixes the problem.
Fixes: e56c5f7b27 ("hostapd: add ucode support, use ucode for the main ubus object")
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [extend to cover more cases]
When using zst instead of xz, the hash changes. This commit fixes the
hash for packages and tools in core.
Signed-off-by: Paul Spooren <mail@aparcar.org>
On Fedora 40 system, some compile error happens when
building iconv-ostream.c. Linking to libiconv-full
fixes this.
Signed-off-by: Yanase Yuki <dev@zpc.st>
hostapd packages were accidentally left out. Clean up this mess by
changing the dependencies to hostapd-common
Signed-off-by: Felix Fietkau <nbd@nbd.name>
With the default BUILD_BOT configuration on a linux 6.6 kernel,
the WNDR4700's kernel no longer fits into the alloted ~3.5MiB,
even with LZMA compression.
Bigger kernels are possible, but there's a problem with Netgear's
"bootcmd":
> if loadn_dniimg 0 0x180000 0x4e0000 && chk_dniimg 0x4e0000; then nand read 0x800000 0x180000 0x20000;bootm 0x500000 - 0x800040;else fw_recovery; fi"
This loads the dni-image starting offset 0x180000 from the NAND
flash (which is the DTB partition) to 0x4e0000 in the RAM. It then
checks whenever the provided image is "valid". If it is then it
reads the DTB again to 0x800000 in the RAM and starts the extraction
and boot process. (If the image wasn't valid then it starts the
automated firmware recovery).
The issues here are that first: the kernel image gets "squeezed"
between 0x500040 and 0x7fffff... And second, the decompressor
only has area 0x0 - 0x500000 for decompression.
Hence the image now requires to update the bootcmd by providing
new values (which have been successfully tested with the original
Netgear WNDR4700 v1.0.0.56 firmware) for the RAM locations and
make full use of the fact that loadn_dniimg loads the DTB as well.
This needs to be done only once. Just connect a serial adapter to
interface with uboot and overwrite (and save) the new bootcmd.
WARNING: The serial port needs a TTL/RS-232 3.3v level converter!
Steps:
0. Power-off the WNDR4700
1. Connect the serial interface (you need to open the WNDR4700)
2. Power-up the WNDR4700
3. Monitor the boot-sequence and hit "Enter"-key when it says:
"Hit any key to stop autoboot" (Be quick, you have a ~2 second window)
4. in the Prompt enter the following commands (copy & paste)
setenv bootcmd "if loadn_dniimg 0 0x180000 0xce0000 && chk_dniimg 0xce0000; then bootm 0xd00000 - 0xce0040;else fw_recovery; fi"
saveenv
run bootcmd
Note: This new bootcmd will also unbrick devices that were bricked
by the bigger 4.19-6.1 kernels.
Note2: This method was tested with a WNDR4700. A big kernel with most
debug features enabled on v6.6.22 measured 4.30 MiB when compressed
with lzma. The uncompressed kernel is 12.34 MiB. This is over the 3 MiB,
the device reserves for the kernel... But it booted! For bigger kernels,
the device needs repartitioning of the the ubi partition due to the
kernel+dtb not fitting into the partition.
Note3: For initramfs development. I would advice to load the initramfs
images to 0x800000 (or higher). i.e.: tftp 800000 wndr4700.bin
Note4: the fw_recovery uboot command to transfer the factory image to
the flash still works.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The PKG_MIRROR_HASH was wrong (again), likely due to an old set of tools
which did not contain the downgrade of xz.
Ref 2070049 unetd: fix PKG_MIRROR_HASH
Fix 89c594e libubox: update to Git HEAD (2024-03-29)"
Signed-off-by: Paul Spooren <mail@aparcar.org>
Fix compilation warning enum-int-mismatch which results in failure to
build kmod-ltq-vmmc in case CONFIG_KERNEL_WERROR is set.
.../build_dir/target-mips_24kc_musl/linux-lantiq_xrx200/drv_vmmc-1.9.0/src/mps/drv_mps_vmmc_common.c:392:14: error: conflicting types for 'ifx_mps_fastbuf_init' due to enum/integer mismatch; have 'IFX_return_t(void)' [-Werror=enum-int-mismatch]
392 | IFX_return_t ifx_mps_fastbuf_init (IFX_void_t)
| ^~~~~~~~~~~~~~~~~~~~
.../build_dir/target-mips_24kc_musl/linux-lantiq_xrx200/drv_vmmc-1.9.0/src/mps/drv_mps_vmmc_common.c:120:13: note: previous declaration of 'ifx_mps_fastbuf_init' with type 'IFX_int32_t(void)' {aka 'int(void)'}
120 | IFX_int32_t ifx_mps_fastbuf_init (IFX_void_t);
| ^~~~~~~~~~~~~~~~~~~~
.../build_dir/target-mips_24kc_musl/linux-lantiq_xrx200/drv_vmmc-1.9.0/src/mps/drv_mps_vmmc_common.c:420:14: error: conflicting types for 'ifx_mps_fastbuf_close' due to enum/integer mismatch; have 'IFX_return_t(void)' [-Werror=enum-int-mismatch]
420 | IFX_return_t ifx_mps_fastbuf_close (IFX_void_t)
| ^~~~~~~~~~~~~~~~~~~~~
.../build_dir/target-mips_24kc_musl/linux-lantiq_xrx200/drv_vmmc-1.9.0/src/mps/drv_mps_vmmc_common.c:121:13: note: previous declaration of 'ifx_mps_fastbuf_close' with type 'IFX_int32_t(void)' {aka 'int(void)'}
121 | IFX_int32_t ifx_mps_fastbuf_close (IFX_void_t);
| ^~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
Refresh patches and bump PKG_RELEASE while at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
- move build/ifdef related changes together to the 200 patch range
- reduce adding/removing include statements across patches
- move patches away from the 99x patch range to simplify maintenance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This adds From:, Date: and Subject: to patches, allowing one to run 'git
am' to import the patches to a hostapd git repository.
From: and Date: fields were taken from the OpenWrt commit where the
patches were first introduced.
Most of the Subject: also followed suit, except for:
- 300-noscan.patch: Took the description from the LuCI web interface
- 350-nl80211_del_beacon_bss.patch: Used the file name
The order of the files in the patch was changed to match what git
format-patch does.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Patch 050-build_fix.patch fixes the abscence of sha384-kdf.o from the
list of needed objetct files when FILS is selected without any other
option that will select the .o file.
While it is a bug waiting to be fixes upstream, it is not needed for
OpenWrt use case, because OWE already selects sha384-kdf.o, and FILS is
selected along with OWE.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This brings many changes, including fixes for a couple of memory leaks,
and improved interoperability with 802.11r. There are also many changes
related to 802.11be, which is not enabled at this time.
Fixed upstream:
- 022-hostapd-fix-use-of-uninitialized-stack-variables.patch
- 180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch
- 993-2023-10-28-ACS-Fix-typo-in-bw_40-frequency-array.patch
Switch PKG_SOURCE_URL to https, since http is not currently working.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tested-by: Ilya Katsnelson <me@0upti.me>
Tested by: Andrew Sim <andrewsimz@gmail.com>
a2fce001819e CI: add build test run
12bda4bdb197 CI: add CodeQL workflow tests
eb9bcb64185a ustream: prevent recursive calls to the read callback
Signed-off-by: Felix Fietkau <nbd@nbd.name>
It seems that somehow a wrong hash has slipped past PR CI again.
Fixes: 9ef4f7f919 ("qualcommax: ipq60xx: add yuncore fap650 support")
Signed-off-by: Robert Marko <robimarko@gmail.com>
Include the CONFIG_KVM_SMM option in the kvm-x86 package to enable system management mode emulation on KVM.
Co-authored-by: Stefan Hellermann <stefan@the2masters.de>
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Fix error: Package kmod-lan743x is missing dependencies for the following libraries:
fixed_phy.ko
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Kernel 6.2 folded virqfd (eventd interface for VFIO interrupts)
into the base vfio module, it is no longer a tristate option.
Change suggested by vincejv on GitHub:
https://github.com/openwrt/openwrt/pull/14868#issuecomment-1998260124
Signed-off-by: Mathew McBride <matt@traverse.com.au>
Instead of redefining the version schema in cryptodev, use the one
automatically defined via `kernel.mk`.
Specifically this changes the version from <kernel>+<package> to
<kernel>.<package> and thereby making it compatible with APK.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Our CI on GitHub as well as my local machine generates a different
PKG_MIRROR_HASH from what Felix uploaded the other day.
After receiving Felix file, both have indeed different hashes, however
when unpackaged via `xz -d` both have the same tarball content.
Below the checksums to compare:
a62bef497078c7b825f11fc8358c1a43f5db3e6d4b97812044f7653d60747d5b dl/unetd-2024.03.31~80645766.tar.xz
fbdac59581742bf208c18995b1d69d9848c93bfce487e57ba780d959e0d62fc4 dl/unetd-2024.03.31~80645766_felix.tar.xz
After unpacking:
a7189cae90bc600abf3a3bff3620dc17a9143be8c27d27412de6eb66a1cf1b7d dl/unetd-2024.03.31~80645766.tar
a7189cae90bc600abf3a3bff3620dc17a9143be8c27d27412de6eb66a1cf1b7d dl/unetd-2024.03.31~80645766_felix.tar
The tarball with the wrong hash was accidentally generated without the xz
revert to version 5.4.6
Signed-off-by: Paul Spooren <mail@aparcar.org>
Add patch fixing compilation with kernel 6.6.
class_create now require only the name instead of the module ownership
reference.
Also the kernel enabled checks for enum.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add patch fixing compilation with kernel 6.6.
class_create now require only the name instead of the module ownership
reference.
Also the kernel enabled checks for enum.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
254810d16cf1 watchdog: always close fd on watchdog stop
946552a7b598 trace: use standard POSIX header for basename()
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add debugfs entry for disabling frames buffering that may be a reason
for mt7603 instability. This patch was sent upstream for review and at
least wasn't rejected yet. Let's add it to let OpenWrt users test if it
really helps.
Example usage:
echo N > /sys/kernel/debug/ieee80211/phy0/mt76/frames_buffering
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Build files shouldn't be symlinked into the staging directory, as doing so
would create a race condition if the build folder for 'qca-nss-dp' gets
deleted for any reason.
We should instead just copy over the required platform file to avoid
breaking compilation for any dependent packages.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
The current build procedure always wipes away build files, this is
costly as ssdk is a parent dependency on a whole host of packages and
will always end up rebuilding (and in serial) the whole package.
This patch includes:
1. Module Building Optimization: Instead of creating a temporary
directory (temp) and copying files into it for module building,
the directly invoke the module build command with the
necessary paths. This simplifies the build process
and avoids unnecessary file operations, speeding up
the build process and reducing disk usage.
2. Parallel Build Support: By removing the explicit creation of
the temporary directory and associated file copying operations,
and passing in $(MAKE) $(PKG_JOBS) allows building in parallel.
3. Fix `EXTRA_CFLAGS`: This variable is referenced and set within MAKE_FLAGS,
so doesn't preserve spaces. Should have its defined value quoted.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
52144f723bec pex: after receiving data update req, notify peer of local address/port
29aacb9386e0 pex: track indirect hosts (reachable via gateway) as peers without adding them to wg
48049524d4fc pex: do not send peer notifications for hosts with a gateway
12ac684ee22a pex: do not query for hosts with a gateway
203c88857354 pex: fix endian issues on config transfer
a29d45c71bca network: fix endian issue in converting port to network id
cbbe9d337a17 unet-cli: emit id by default
806457664ab6 unet-cli: strip initial newline in usage message
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Specification:
- MT7981 CPU using 2.4GHz and 5GHz WiFi (both AX)
- MT7531 switch
- 512MB RAM
- 128MB NAND flash with two UBI partitions with identical size
- 1 multi color LED (red, green, blue, white) connected via GCA230718
- 3 buttons (WPS, reset, LED on/off)
- 1 1Gbit WAN port
- 4 1Gbit LAN ports
Disassembly:
- There are four screws at the bottom: 2 under the rubber feets, 2 under the label.
- After removing the screws, the white plastic part can be shifted out of the blue part.
- Be careful because the antennas are mounted on the side and the top of the white part.
Serial Interface
- The serial interface can be connected to the 4 pin holes on the side of the board.
- Pins (from front to rear):
- 3.3V
- RX
- TX
- GND
- Settings: 115200, 8N1
MAC addresses:
- WAN MAC is stored in partition "Odm" at offset 0x81
- LAN (as printed on the device) is WAN MAC + 1
- WLAN MAC (2.4 GHz) is WAN MAC + 2
- WLAN MAC (5GHz) is WAN MAC + 3
Flashing via Recovery Web Interface:
- The recovery web interface always flashes to the currently active partition.
- If OpenWrt is flahsed to the second partition, it will not boot.
- Ensure that you have an OEM image available (encrypted and decrypted version). Decryption is described in the end.
- Set your IP address to 192.168.200.10, subnetmask 255.255.255.0
- Press the reset button while powering on the device
- Keep the reset button pressed until the LED blinks red
- Open a Chromium based and goto http://192.168.200.1 (recovery web interface)
- Download openwrt-mediatek-filogic-dlink_aquila-pro-ai-m30-a1-squashfs-recovery.bin
- The recovery web interface always reports successful flashing, even if it fails
- After flashing, the recovery web interface will try to forward the browser to 192.168.0.1 (can be ignored)
- If OpenWrt was flashed to the first partition, OpenWrt will boot (The status LED will start blinking white and stay white in the end). In this case you're done and can use OpenWrt.
- If OpenWrt was flashed to the second partition, OpenWrt won't boot (The status LED will stay red forever). In this case, the following steps are reuqired:
- Start the web recovery interface again and flash the **decrypted OEM image**. This will be flashed to the second partition as well. The OEM firmware web interface is afterwards accessible via http://192.168.200.1.
- Now flash the **encrypted OEM image** via OEM firmware web interface. In this case, the new firmware is flashed to the first partition. After flashing and the following reboot, the OEM firmware web interface should still be accessible via http://192.168.200.1.
- Start the web recovery interface again and flash the OpenWrt recovery image. Now it will be flashed to the first partition, OpenWrt will boot correctly afterwards and is accessible via 192.168.1.1.
Flashing via U-Boot:
- Open the case, connect to the UART console
- Set your IP address to 192.168.200.2, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
- Run a tftp server which provides openwrt-mediatek-filogic-dlink_aquila-pro-ai-m30-a1-initramfs-kernel.bin.
- Power on the device and select "7. Load image" in the U-Boot menu
- Enter image file, tftp server IP and device IP (if they differ from the default).
- TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
- The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
- Perform a sysupgrade using openwrt-mediatek-filogic-dlink_aquila-pro-ai-m30-a1-squashfs-sysupgrade.bin
- Reboot the device. OpenWrt should start from flash now
Revert back to stock using the Recovery Web Interface:
- Set your IP address to 192.168.200.2, subnetmask 255.255.255.0
- Press the reset button while powering on the device
- Keep the reset button pressed until the LED blinks red
- Open a Chromium based and goto http://192.168.200.1 (recovery web interface)
- Flash a decrypted firmware image from D-Link. Decrypting an firmware image is described below.
Decrypting a D-Link firmware image:
- Download https://github.com/RolandoMagico/firmware-utils/blob/M32/src/m32-firmware-util.c
- Compile a binary from the downloaded file, e.g. gcc m32-firmware-util.c -lcrypto -o m32-firmware-util
- Run ./m32-firmware-util M30 --DecryptFactoryImage <OriginalFirmware> <OutputFile>
- Example for firmware M30A1_FW101B05: ./m32-firmware-util M30 --DecryptFactoryImage M30A1_FW101B05\(0725091522\).bin M30A1_FW101B05\(0725091522\)_decrypted.bin
Flashing via OEM web interface is not possible, as it will change the active partition and OpenWrt is only running on the first UBI partition.
Controlling the LEDs:
- The LEDs are controlled by a chip called "GCA230718" which is connected to the main CPU via I2C (address 0x40)
- I didn't find any documentation or driver for it, so the information below is purely based on my investigations
- If there is already I driver for it, please tell me. Maybe I didn't search enough
- I implemented a kernel module (leds-gca230718) to access the LEDs via DTS
- The LED controller supports PWM for brightness control and ramp control for smooth blinking. This is not implemented in the driver
- The LED controller supports toggling (on -> off -> on -> off) where the brightness of the LEDs can be set individually for each on cycle
- Until now, only simple active/inactive control is implemented (like when the LEDs would have been connected via GPIO)
- Controlling the LEDs requires three sequences sent to the chip. Each sequence consists of
- A reset command (0x81 0xE4) written to register 0x00
- A control command (for example 0x0C 0x02 0x01 0x00 0x00 0x00 0xFF 0x01 0x00 0x00 0x00 0xFF 0x87 written to register 0x03)
- The reset command is always the same
- In the control command
- byte 0 is always the same
- byte 1 (0x02 in the example above) must be changed in every sequence: 0x02 -> 0x01 -> 0x03)
- byte 2 is set to 0x01 which disables toggling. 0x02 would be LED toggling without ramp control, 0x03 would be toggling with ramp control
- byte 3 to 6 define the brightness values for the LEDs (R,G,B,W) for the first on cycle when toggling
- byte 7 defines the toggling frequency (if toggling enabled)
- byte 8 to 11 define the brightness values for the LEDs (R,G,B,W) for the second on cycle when toggling
- byte 12 is constant 0x87
Comparison to M32/R32:
- The algorithms for decrypting the OEM firmware are the same for M30/M32/R32, only the keys differ
- The keys are available in the GPL sources for the M32
- The M32/R32 contained raw data in the firmware images (kernel, rootfs), the R30 uses a sysupgrade tar instead
- Creation of the recovery image is quite similar, only the header start string changes. So mostly takeover from M32/R32 for that.
- Turned out that the bytes at offset 0x0E and 0x0F in the recovery image header are the checksum over the data area
- This checksum was not checked in the recovery web interface of M32/R32 devices, but is now active in R30
- I adapted the recovery image creation to also calculate the checksum over the data area
- The recovery image header for M30 contains addresses which don't match the memory layout in the DTS. The same addresses are also present in the OEM images
- The recovery web interface either calculates the correct addresses from it or has it's own logic to determine where which information must be written
Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
Add basic support for the LED driver for GCA230718.
- I didn't find any documentation or driver for it, so the information below is purely based on my investigations
- If there is already I driver for it, please tell me. Maybe I didn't search enough
- I implemented a kernel module (leds-gca230718) to access the LEDs via DTS
- The LED controller supports PWM for brightness control and ramp control for smooth blinking. This is not implemented in the driver
- The LED controller supports toggling (on -> off -> on -> off) where the brightness of the LEDs can be set individually for each on cycle
- Until now, only simple active/inactive control is implemented (like when the LEDs would have been connected via GPIO)
- Controlling the LEDs requires three sequences sent to the chip. Each sequence consists of
- A reset command (0x81 0xE4) written to register 0x00
- A control command (for example 0x0C 0x02 0x01 0x00 0x00 0x00 0xFF 0x01 0x00 0x00 0x00 0xFF 0x87 written to register 0x03)
- The reset command is always the same
- In the control command
- byte 0 is always the same
- byte 1 (0x02 in the example above) must be changed in every sequence: 0x02 -> 0x01 -> 0x03)
- byte 2 is set to 0x01 which disables toggling. 0x02 would be LED toggling without ramp control, 0x03 would be toggling with ramp control
- byte 3 to 6 define the brightness values for the LEDs (R,G,B,W) for the first on cycle when toggling
- byte 7 defines the toggling frequency (if toggling enabled)
- byte 8 to 11 define the brightness values for the LEDs (R,G,B,W) for the second on cycle when toggling
- byte 12 is constant 0x87
Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
Huawei AP5030DN is a dual-band, dual-radio 802.11ac Wave 1 3x3 MIMO
enterprise access point with two Gigabit Ethernet ports and PoE
support.
Hardware highlights:
- CPU: QCA9550 SoC at 720MHz
- RAM: 256MB DDR2
- Flash: 32MB SPI-NOR
- Wi-Fi 2.4GHz: QCA9550-internal radio
- Wi-Fi 5GHz: QCA9880 PCIe WLAN SoC
- Ethernet 1: 10/100/1000 Mbps Ethernet through Broadcom B50612E PHY
- Ethernet 2: 10/100/1000 Mbps Ethernet through Marvell 88E1510 PHY
- PoE: input through Ethernet 1 port
- Standalone 12V/2A power input
- Serial console externally available through RJ45 port
- External watchdog: SGM706 (1.6s timeout)
Serial console:
9600n8 (9600 baud, no stop bits, no parity, 8 data bits)
MAC addresses:
Each device has 32 consecutive MAC addresses allocated by
the vendor, which don't overlap between devices.
This was confirmed with multiple devices with consecutive
serial numbers.
The MAC address range starts with the address on the label.
To be able to distinguish between the interfaces,
the following MAC address scheme is used:
- eth0 = label MAC
- eth1 = label MAC + 1
- radio0 (Wi-Fi 5GHz) = label MAC + 2
- radio1 (Wi-Fi 2.4GHz) = label MAC + 3
Installation:
0. Connect some sort of RJ45-to-USB adapter to "Console" port of the AP
1. Power up the AP
2. At prompt "Press f or F to stop Auto-Boot in 3 seconds",
do what they say.
Log in with default admin password "admin@huawei.com".
3. Boot the OpenWrt initramfs from TFTP using the hidden script
"run ramboot". Replace IP address as needed:
> setenv serverip 192.168.1.10
> setenv ipaddr 192.168.1.1
> setenv rambootfile
openwrt-ath79-generic-huawei_ap5030dn-initramfs-kernel.bin
> saveenv
> run ramboot
4. Optional but recommended as the factory firmware cannot
be downloaded publicly:
Back up contents of "firmware" partition using the web interface or ssh:
$ ssh root@192.168.1.1 cat /dev/mtd11 > huawei_ap5030dn_fw_backup.bin
5. Run sysupgrade using sysupgrade image. OpenWrt
shall boot from flash afterwards.
Return to factory firmware (using firmware upgrade package downloaded from
non-public Huawei website):
1. Start a TFTP server in the directory where
the firmware upgrade package is located
2. Boot to u-boot as described above
3. Install firmware upgrade package and format the config partitions:
> update system FatAP5X30XN_SOMEVERSION.bin
> format_fs
Return to factory firmware (from previously created backup):
1. Copy over the firmware partition backup to /tmp,
for example using scp
2. Use sysupgrade with force to restore the backup:
sysupgrade -F huawei_ap5030dn_fw_backup.bin
3. Boot AP to U-Boot as described above
Quirks and known issues
-----------------------
- On initial power-up, the Huawei-modified bootloader suspends both
ethernet PHYs (it sets the "Power Down" bit in the MII control
register). Unfortunately, at the time of the initial port, the kernel
driver for the B50612E/BCM54612E PHY behind eth0 doesn't have a resume
callback defined which would clear this bit. This makes the PHY unusable
since it remains suspended forever. This is why the backported kernel
patches in this commit are required which add this callback and for
completeness also a suspend callback.
- The stock firmware has a semi dual boot concept where the primary
kernel uses a squashfs as root partition and the secondary kernel uses
an initramfs. This dual boot concept is circumvented on purpose to gain
more flash space and since the stock firmware's flash layout isn't
compatible with mtdsplit.
- The external watchdog's timeout of 1.6s is very hard to satisfy
during bootup. This is why the GPIO15 pin connected to the watchdog input
is configured directly in the LZMA loader to output the CPU_CLK/4 signal
which keeps the watchdog happy until the wdt-gpio kernel driver takes
over. Because it would also take too long to read the whole kernel image
from flash, the uImage header only includes the loader which then reads
the kernel image from flash after GPIO15 is configured.
Signed-off-by: Marco von Rosenberg <marcovr@selfnet.de>
[fixed 6.6 backport patch naming]
Signed-off-by: David Bauer <mail@david-bauer.net>
The uboot-envtools can automatically parse the dts 'u-boot,env'
compatible string. So the env config file is now useless.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
- use Makefile.perf to prevent overriding MAKEFLAGS
- fix path to PKG_CONFIG
- link libstdc++ statically (only used for demangling)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The firmware blobs have all different licenses from the different
manufacturers of the binary blobs. This information is contained in the
upstream 'linux-firmware' repositroy.
This commit extends the package handling so that this information can be
added as an additional argument during packages generation.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Key features:
Allwinner H618 SoC (Quad core Cortex-A53)
1/1.5/2/4 GiB LPDDR4 DRAM
1 USB 2.0 type C port (Power + OTG)
1 USB 2.0 host port
1Gbps Ethernet port
Micro-HDMI port
MicroSD slot
Installation:
Write the image to SD Card with dd.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
This version supports LPDDR4 DRAM of H618 SoC.
Runtime-tested:
Olimex Olinuxino Micro (A20)
Orange Pi Zero 3 (H618)
Pine64 SoPine (A64)
Tested-by: Zoltan HERPAI <wigyori@uid0.hu>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Kernel 6.3 has introduced separate C45 read/write operations, and thus
split them out of the C22 operations completely so the old way of marking
C45 reads and writes via the register value does not work anymore.
This is causing SSDK to fail and find C45 only PHY-s such as Aquantia ones:
[ 22.187877] ssdk_phy_driver_init[371]:INFO:dev_id = 0, phy_adress = 8, phy_id = 0x0 phytype doesn't match
[ 22.209924] ssdk_phy_driver_init[371]:INFO:dev_id = 0, phy_adress = 0, phy_id = 0x0 phytype doesn't match
This in turn causes USXGMII MAC autoneg bit to not get set and then UNIPHY
autoneg will time out, causing the 10G ports not to work:
[ 37.292784] uniphy autoneg time out!
So, lets detect C45 reads and writes by the magic BIT(30) in the register
argument and if so call separate C45 mdiobus read/write functions.
Signed-off-by: Robert Marko <robimarko@gmail.com>
79f8cfa58ee7 ci: add github test workflow
428f40e7984f test commit fixing warnings
63058d1f81a5 ci: enable ujail builds
49ea930a862c utils: add key-value offset support to get_cmdline_val()
ca8c30208d5e inittab: fallback when multiple "console=" is detected
Required for the recent Elecom multiple console commits.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Currently, both CI and local builds of wpa-supplicant will fail with:
/bin/sh: Argument list too long
Its happening as the argument list for mkdir in build.rules is too large
and over the MAX_ARG_STRLEN limit.
It seems that recent introduction of APK compatible version schema has
increased the argument size and thus pushed it over the limit uncovering
the issue.
Fixes: e8725a932e ("treewide: use APK compatible version schema")
Signed-off-by: Robert Marko <robimarko@gmail.com>
With the change in version schema the downloaded files changed, too,
mostly the hash is now prefixed with a tilde `~` instead of a dash `-`.
Since each downloaded archive contains folder with the same name as the
archive, the checksum changed.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Add imx8m support:
- add a cortexa53 subtarget to imx
- move ARCH and KERNELNAME to subtargets
- account for kernel modules that are not used for cortexa53
No device-specific targets or firmware images are created yet but all
imx8m* dtbs will be built.
enabling CONFIG_TARGET_ROOTFS_INITRAMFS results in
openwrt-imx-cortexa53-imx8m-initramfs-kernel.bin which has been
successfully booted on an imx8mm-evk using the following:
u-boot=> tftpboot $fdt_addr_r image-imx8mm-evk.dtb && \
tftpboot $kernel_addr_r openwrt-imx-cortexa53-imx8m-initramfs-kernel.bin && \
booti $kernel_addr_r - $fdt_addr_r
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Alexander reported following:
iwlwifi 0000:00:14.3: Detected crf-id 0x3617, cnv-id 0x20000302 wfpm id 0x80000000
iwlwifi 0000:00:14.3: PCI dev a0f0/0074, rev=0x351, rfid=0x10a100
iwlwifi 0000:00:14.3: Direct firmware load for iwlwifi-QuZ-a0-hr-b0-77.ucode failed with error -2
It seems, that as of the current date, the highest firmware API version
supported by Linux 6.8-rc7 is still 77.
Closes: #14771
Signed-off-by: Petr Štetiar <ynezz@true.cz>
3aa2b6b devices: add device id for MediaTek MT7601U
79a9615 devices: add device id for Realtek RTL8188CU and RTL8188FTV
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Without this configuration it is not possible to run the radio using HE160 on channels 149-177.
Fixes: #14906
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
The carl9170_tx_release() function sometimes triggers a fortified-memset
warning in my randconfig builds:
In file included from include/linux/string.h:254,
from drivers/net/wireless/ath/carl9170/tx.c:40:
In function 'fortify_memset_chk',
inlined from 'carl9170_tx_release' at drivers/net/wireless/ath/carl9170/tx.c:283:2,
inlined from 'kref_put' at include/linux/kref.h:65:3,
inlined from 'carl9170_tx_put_skb' at drivers/net/wireless/ath/carl9170/tx.c:342:9:
include/linux/fortify-string.h:493:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
493 | __write_overflow_field(p_size_field, size);
Kees previously tried to avoid this by using memset_after(), but it seems
this does not fully address the problem. I noticed that the memset_after()
here is done on a different part of the union (status) than the original
cast was from (rate_driver_data), which may confuse the compiler.
Unfortunately, the memset_after() trick does not work on driver_rates[]
because that is part of an anonymous struct, and I could not get
struct_group() to do this either. Using two separate memset() calls
on the two members does address the warning though.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
enable support for RK35xx in kmod-ata-ahci-platform kernel module
Suggested-by: Tianling Shen <cnsztl@immortalwrt.org>
Signed-off-by: Marius Durbaca <mariusd84@gmail.com>
Different from OPKG, APK uses a deterministic version schema which chips
the version into chunks and compares them individually. This enforces a
certain schema which was previously entirely flexible.
- Releases are added at the very and end prefixed with an `r` like
`1.2.3-r3`.
- Hashes are prefixed with a `~` like `1.2.3~abc123`.
- Dates become semantic versions, like `2024.04.01`
- Extra tags are possible like `_git`, `_alpha` and more.
For full details see the APK test list:
https://gitlab.alpinelinux.org/alpine/apk-tools/-/blob/master/test/version.data
Signed-off-by: Paul Spooren <mail@aparcar.org>
Since 6.5 netdev_rx_queue was moved out of netdevice.h so include the new
header since that is where it lives now.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Update the deprecated license information from GPL-2.0 to GPL-2.0-only
as written in the COPYING file of the linux source tree.
Also add the 'COPYING' file to the PKG_LICENSE_FILES variable.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The lincense information for the packages mac80211 are missing.
This commit adds the missing information.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Add support for Xiaomi Redmi AX6S to be used as a second-stage
UBI loader.
The defconfig/env is minimal: Boot fit from UBI. If that failed,
load and boot initramfs image from TFTP.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
PKG_MIRROR_HASH was accidentally generated with already APK-adapted
version string in the filename. That can't work (yet). Regenerate and
hash the file with the currently used version scheme to fix that.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
e91ed40 ubus: assume that the service iface can be NULL
4094a3c interface: remove unused peer field
8a0c9db interface: add missing cache cleanup on interface free
3b341f4 add the ability to announce additional hostnames
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Make sure /etc/umdns/ is accessiable for the umdns process if it
exists and umdns is run with umdns.@umdns[0].jail='1'.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
That new version seems to work more stable including mesh.
On version 2.4.0.1-01746 rproc was immediately crashing if mesh was
active.
Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>
a903d3169193 wifi: mt76: mt7921: fix a potential association failure upon resuming
eb0d0ce344f3 wifi: mt76: mt7921: fix suspend issue on MediaTek COB platform
841bf82e9958 wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177
ce7ccc540168 wifi: mt76: Remove redundant assignment to variable tidno
a238df940d6f wifi: mt76: mt7915: initialize rssi on adding stations
46c7d1849dbd wifi: mt76: replace skb_put with skb_put_zero
b5640b3153c7 wifi: mt76: fix tx packet loss when scanning on DBDC
7b054e5cb3af wifi: mt76: mt7915: fix mcu command format for mt7915 tx stats
3f27a64a8010 wifi: mt76: mt7915: fix bogus Tx/Rx airtime duration values
4f681a8fbc91 wifi: mt76: mt7915: fix HE PHY capabilities IE for station mode
8ede229eb8b5 wifi: mt76: mt7915: only set MT76_MCU_RESET for the main phy
2330781b8c5f wifi: mt76: mt7996: only set MT76_MCU_RESET for the main phy
e5fb6995e7eb wifi: mt76: mt7915: add support for disabling in-band discovery
b4a917417c85 wifi: mt76: mt7915: add mt7986, mt7916 and mt7981 pre-calibration
2135e201e7a9 mt76: mt7915: add fallback in case of missing precal data
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Build and package driver for MediaTek PCIe 5G WWAN modem T7xx device
available in Linux 6.1 and 6.6 as kmod-mtk-t7xx.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Using := doesn't fly well when including other variables. In fact this
would cause the variable to be empty and break cloning of the git repo.
Fix: "c354c069b3 uci: fix Makefile formatting"
Signed-off-by: Paul Spooren <mail@aparcar.org>
Dual-slot NAS based on Marvell Kirkwood.
Specifications:
- Marvell 88F6281 @1GHz
- 128Mb RAM
- 256Mb NAND
- 1x GbE LAN (Marvell 88E1116)
- 1x USB 2.0
- 2x SATA
- PCF8563 RTC
- LM75 sensor
- TC654 PWM fan controller
- Serial on J2 (115200,8n1)
- Newer bootROM so kwboot-ing via serial is possible
Installation:
1. Serial console
- Connect your levelshifter to the serial console
on J2 (refer to the wiki page for pinout)
2. Update u-boot
- Download the u-boot.kwb image for the device
- Powercycle the NAS
- Run "kwboot -b ./u-boot.kwb /dev/ttyUSB0 -p"
- Connect to the serial console with minicom
- tftp 0x0800000 netgear_stora-u-boot.kwb
- nand erase 0x0 100000
- nand write 0x0800000 0x0 0x100000
- reset
3. Install OpenWrt
- Boot up the initramfs image
- tftpboot 0x800000 openwrt-kirkwood-netgear_stora-initramfs-uImage; bootm 0x800000
- Download the sysupgrade image and perform sysupgrade
The fan is controlled in 3 stages by a script running every minute
from cron, measuring the CPU temperature.
Snippets taken from bodhi <mibodhi@gmail.com>
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Add a separate bit in struct ieee80211_tx_info to indicate airtime tracked
as broadcast/multicast. This avoids a race condition where airtime from
stations that were just removed wasn't getting subtracted from the total
PHY airtime.
Fixes: 95e633efbd ("mac80211: add AQL support for broadcast/multicast packets")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
drm-amdgpu and drm-radeon require drm-exec and/or drm-suballoc-helper in
6.6, so since we have them packaged separately include them when required.
Fixes: 5b08b56007 ("kernel: modules: video: adapt for kernel 6.6")
Signed-off-by: Robert Marko <robimarko@gmail.com>
Linux 6.4 has split out the previously AMDGPU specific suballocation
helper into a generic one and it has its own symbol now.
So, lets package it as a separate helper as AMDGPU still requires it
for 6.6.
Signed-off-by: Robert Marko <robimarko@gmail.com>
As part of adding kernel 6.6 support, DRM_EXEC and DRM_SUBALLOC_HELPER were
added to the kmod-drm, however these are only used by drm-amdgpu and
drm-radeon which are only supported on x86.
So, lets start fixing building of other targets by removing these from the
main kmod-drm, in follow-up commits they will be packaged separately and
selected when required.
Fixes: 5b08b56007 ("kernel: modules: video: adapt for kernel 6.6")
Signed-off-by: Robert Marko <robimarko@gmail.com>
After a long time QCA has pushed an updated release of 2.9.0.1 firmware
for IPQ8074 and QCN9074, so lets update to 2.9.0.1-01977.
Sadly, still nothing new for IPQ6018.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Many can kernel modules are now gated by the newly introduced
CONFIG_CAN_NETLINK configuration option. Activate it to build the can
drivers again.
This was changed in this upstream Linux commit:
https://git.kernel.org/linus/df6ad5dd838e0fa543ca28ca6154901fa65a9443
This should fix these warnings with kernel 6.1 and 6.6:
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-c-can is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-c-can-pci is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-c-can-platform is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-mcp251x is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-slcan is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-usb-8dev is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-usb-ems is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-usb-kvaser is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-usb-peak is not available in the kernel config - generating empty package
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The algif_rng.ko kernel module depends on the rng.ko kernel module with
kernel 6.6 when compiling for MIPS malta.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Debian changelog:
intel-microcode (3.20240312.1) unstable; urgency=medium
* New upstream microcode datafile 20240312 (closes: #1066108)
- Mitigations for INTEL-SA-INTEL-SA-00972 (CVE-2023-39368):
Protection mechanism failure of bus lock regulator for some Intel
Processors may allow an unauthenticated user to potentially enable
denial of service via network access.
- Mitigations for INTEL-SA-INTEL-SA-00982 (CVE-2023-38575):
Non-transparent sharing of return predictor targets between contexts in
some Intel Processors may allow an authorized user to potentially
enable information disclosure via local access. Affects SGX as well.
- Mitigations for INTEL-SA-INTEL-SA-00898 (CVE-2023-28746), aka RFDS:
Information exposure through microarchitectural state after transient
execution from some register files for some Intel Atom Processors and
E-cores of Intel Core Processors may allow an authenticated user to
potentially enable information disclosure via local access. Enhances
VERW instruction to clear stale register buffers. Affects SGX as well.
Requires kernel update to be effective.
- Mitigations for INTEL-SA-INTEL-SA-00960 (CVE-2023-22655), aka TECRA:
Protection mechanism failure in some 3rd and 4th Generation Intel Xeon
Processors when using Intel SGX or Intel TDX may allow a privileged
user to potentially enable escalation of privilege via local access.
NOTE: effective only when loaded by firmware. Allows SMM firmware to
attack SGX/TDX.
- Mitigations for INTEL-SA-INTEL-SA-01045 (CVE-2023-43490):
Incorrect calculation in microcode keying mechanism for some Intel
Xeon D Processors with Intel SGX may allow a privileged user to
potentially enable information disclosure via local access.
* Fixes for other unspecified functional issues on many processors
* Updated microcodes:
sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864
sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912
sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888
sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720
sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552
sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264
sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200
sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008
sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800
sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800
sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688
sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616
sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304
sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448
sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496
sig 0x000806f8, pf_mask 0x87, 2024-01-03, rev 0x2b000590, size 579584
sig 0x000806f7, pf_mask 0x87, 2024-01-03, rev 0x2b000590
sig 0x000806f6, pf_mask 0x87, 2024-01-03, rev 0x2b000590
sig 0x000806f5, pf_mask 0x87, 2024-01-03, rev 0x2b000590
sig 0x000806f4, pf_mask 0x87, 2024-01-03, rev 0x2b000590
sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480
sig 0x00090672, pf_mask 0x07, 2023-09-19, rev 0x0034, size 224256
sig 0x00090675, pf_mask 0x07, 2023-09-19, rev 0x0034
sig 0x000b06f2, pf_mask 0x07, 2023-09-19, rev 0x0034
sig 0x000b06f5, pf_mask 0x07, 2023-09-19, rev 0x0034
sig 0x000906a3, pf_mask 0x80, 2023-09-19, rev 0x0432, size 222208
sig 0x000906a4, pf_mask 0x80, 2023-09-19, rev 0x0432
sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480
sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544
sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472
sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496
sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496
sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280
sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280
sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256
sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544
sig 0x000b0671, pf_mask 0x32, 2023-12-14, rev 0x0122, size 215040
sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121
sig 0x000b06e0, pf_mask 0x11, 2023-09-25, rev 0x0015, size 138240
* New microcodes:
sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192
sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
sig 0x000c06f2, pf_mask 0x87, 2023-11-20, rev 0x21000200, size 549888
sig 0x000c06f1, pf_mask 0x87, 2023-11-20, rev 0x21000200
* source: update symlinks to reflect id of the latest release, 20240312
* changelog, debian/changelog: fix typos
-- Henrique de Moraes Holschuh <hmh@debian.org> Tue, 12 Mar 2024 20:28:17 -0300
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
dnsmasq was recently updated to 2.90, but PKG_RELEASE was not reset to 1.
Fixes: 838a27f64f ("dnsmasq: version 2.90")
Signed-off-by: Robert Marko <robimarko@gmail.com>
libevent2's cmake use absolute path, then cmake cannot find it when cross compiling:
```
-- Found libevent include directory: /builder/staging_dir/target-mips_24kc_musl/usr/include
-- Found libevent component: /builder/staging_dir/target-mips_24kc_musl/usr/lib/libevent_core.so
-- Found libevent component: /builder/staging_dir/target-mips_24kc_musl/usr/lib/libevent_extra.so
-- Found libevent component: /builder/staging_dir/target-mips_24kc_musl/usr/lib/libevent_openssl.so
-- Found libevent 2.1.12 in /builder/staging_dir/target-mips_24kc_musl/usr
CMake Error at /builder/staging_dir/target-mips_24kc_musl/usr/lib/cmake/libevent/LibeventTargets-shared.cmake:102 (message):
The imported target "libevent::core" references the file
"/usr/lib/libevent_core-2.1.so.7.0.1"
but this file does not exist. Possible reasons include:
* The file was deleted, renamed, or moved to another location.
* An install or uninstall procedure did not complete successfully.
* The installation package was faulty and contained
"/builder/staging_dir/target-mips_24kc_musl/usr/lib/cmake/libevent/LibeventTargets-shared.cmake"
but not all the files it references.
Call Stack (most recent call first):
/builder/staging_dir/target-mips_24kc_musl/usr/lib/cmake/libevent/LibeventConfig.cmake:168 (include)
CMakeLists.txt:34 (find_package)
```
This patch make cmake use relative imported path, so it can find libevent.
Signed-off-by: Liu Dongmiao <liudongmiao@gmail.com>
For certain lldp_class scenarios (2 & 3) a policy must be set also.
Class 4 is default, although it's good to handle the policy eventuality.
Here, set a default lldp_policy for all lldp_class scenarios. Any
lldp_policy can now be set.
Depends on PR #14584 (which introduced an `if` block)
Tested on 22.03.5, 22.03.6
Signed-off-by: Paul Donald <newtwen@gmail.com>
Recent changes for Linux 6.6 broke things when building with older
kernels:
Package kmod-fs-jfs is missing dependencies for the following libraries:
nls_base.ko
Fix this by adding NLS dependencies after the added dependency applying
on Linux 6.6.
Fixes: f9198480da ("kernel: modules: fs: adapt for kernel 6.6")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
A commit introduced in kernel 6.6 has splitted page_pool.h into
several headers. Thus the included header must be modified for a
successful build.
Ref: a9ca9f9ceff3 (page_pool: split types and declarations from
page_pool.h)
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
Now that geniv is packaged separately for kernel 6.6, we need to add it
as a dependency to kmod-crypto-seqiv and kmod-crypto-echainiv that require
it under kernel 6.6.
Signed-off-by: Robert Marko <robimarko@gmail.com>
geniv was separated intentionally from aead in kernel 6.5, and since
we now have it packaged separately as well remove it from kmod-aead
in 6.6.
Signed-off-by: Robert Marko <robimarko@gmail.com>
In kernel 6.5 geniv was split from AEAD config symbol, in order to manage
its dependencies on other code.
So, lets do the same in OpenWrt and split it from aead module so others
can depend on geniv directly.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Adapt hwmon kmods for building under kernel 6.6:
* ad7418 now requires regmap
* Invert criteria to allow adt7410 be built with Linux 6.1 as well
as Linux 6.6.
Signed-off-by: Tan Zien <nabsdh9@gmail.com>
Adapt crypto kmods for building under kernel 6.6:
* mpi.ko moved from lib/mpi/mpi.ko to lib/crypto/mpi/mpi.ko
* jitterentropy_rng requires SHA3 support for kernel 6.6
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Tan Zien <nabsdh9@gmail.com>
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
Adapt video kmods for building under kernel 6.6:
* Add drm_exec.ko and drm_suballoc_helper.ko for kmod-drm as they
are added since 6.6 and 6.4
* Add uvc.ko for kmod-video-uvc as related contents was split as a
new module since 6.3
Signed-off-by: Tan Zien <nabsdh9@gmail.com>
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
Adapt block kmods for building under kernel 6.6:
* To build scsi_transport_iscsi.ko, change CONFIG_SCSI_ISCSI_ATTRS
from =y to =m as this config is always tristate since 2.6.
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
Adapt fs kmods for building under kernel 6.6:
* Add kmod-fs-netfs as dependency for kmod-fs-9p
* Add kmod-fs-netfs as dependency for fs-smbfs-common as netfs is
required for cifs since 6.3
* Add new kmod-nls-ucs2-utils as dependency for smbfs/jfs as UCS2
support was split as new module since 6.6.
* Add kmod-lib-zlib-deflate and kmod-lib-zlib-inflate as
dependencies for kmod-pstore due to crypto API compression was
replaced with zlib_deflate library calls since 6.6
* Remove nfs_ssc.ko from kmod-fs-nfs-common. The nfs_ssc was no
longer a kernel module described by NFS_V4_2_SSC_HELPER since 5.13 [1]
Link:
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/Kconfig?id=d9092b4bb2109502eb8972021a3f74febc931a63
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
Adapt usb kmods for building under kernel 6.6:
* Add kmod-phylink as dependency for usb-net-asix
* Add kmod-net-selftests as dependency for usb-net-smsc95xx
* Add kmod-iio-core as dependency for usb-hid-mcp2221 as ADC/DAC
support was added since 6.2 which requires IIO.
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
Adapt netdevices kmods for building under kernel 6.6:
* Add missing module dependency for kmod-stmmac-core on kmod-of-mdio.
* Invert criteria to allow Airoha EN8811H PHY driver to build with
Linux 6.1 as well as Linux 6.6.
* Mellanox mlx5 driver started exposing thermal sensors and now it requires
hwmon
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Adapt netsupport kmods for building under kernel 6.6:
* common part of mqprio was split into a new Kconfig since 6.3.
Add new kmod-sched-mqprio-common as dependency for kmod-sched-mqprio.
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
Adapt input kmods for building under kernel 6.6:
* kmod-input-touchscreen-edt-ft5x06 depends on kmod-regmap-i2c
from 6.3 as it starts to use regmap to access registers
* CONFIG_HID_SUPPORT needs to be set in addition to CONFIG_HID.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
Adapt iio kmods for building under kernel 6.6:
* kmod-iio-lsm6dsx depends on kmod-kmod-industrialio-triggered-buffer
from 6.2
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
Make sure patch sequence number is unique by moving patch
440-add-jdcloud_re-cp-03.patch -> 441-add-jdcloud_re-cp-03.patch
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Previously only partially implemented. After commit
5007f488bb lldp_location was never removed
Now, add the value of lldp_location to the generated config.
The location param has a few syntaxes, so the config acquires the first
usage from the man page: 'address country EU'
Supplementary fix for PR #14193 (this param was included in the original
PR #13018 but the lldp_location fixes were absent from PR #14193).
Tested on 22.03.5, 22.03.6
Signed-off-by: Paul Donald <newtwen@gmail.com>
from commit 3ce909914a
The lldpd man page says that "configure lldp tx-interval" can
specify an interval value in milliseconds by appending a "ms" suffix to
the figure. Thus mandating string handling, and not integer comparison.
Tested on 22.03.5
Signed-off-by: Paul Donald <newtwen@gmail.com>
from commit 909f063066
Now pass two params to get_config_cid_ifaces() for:
cid_interface
interface
Each of which is a CSV of interfaces.
Tested on 22.03.5
Signed-off-by: Paul Donald <newtwen@gmail.com>
from commit ac771313eb
portidsubtype takes 1 of 2 possible keywords which do not need quoting:
configure lldp portidsubtype ifname | macaddress
The third keyword 'local' is used in the syntax when individual ports
are being defined:
configure [ports ethX [,…]] lldp portidsubtype local value
When this syntax is used, quoting is useful (see test cases for lldpd).
In the init file, the 'local' syntax is unused.
Tested on 22.03.5
Signed-off-by: Paul Donald <newtwen@gmail.com>
from commit c98ee4dbb3
agent-type takes 1 of 3 possible keywords which do not require quoting:
configure lldp agent-type nearest-bridge | nearest-non-tpmr-bridge
| nearest-customer-bridge
Tested on 22.03.5
Signed-off-by: Paul Donald <newtwen@gmail.com>
Bump to 2.90 to get upstream's fix for DNSSEC KeyTrap (CVE-2023-50387,
CVE-2023-50868) among many other goodies and fixes (notably, upstream
568fb024... fixes a UAF in cache_remove_uid that was routinely crashing
dnsmasq in my deployment).
Catch up our 200-ubus_dns.patch, too.
Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
As the Visionfive V1 board has an Ampak module connected via SDIO, enable
support for SDIO in the brcmfmac module.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
CDNS3 is a SuperSpeed (SS) USB 3.0 Dual-Role-Device (DRD) controller from
Cadence. Add support for this device, and add the required symbols into
the generic configs.
Compile-tested: apm821xx, bcm4908, imx, mpc85xx, pistachio, starfive
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Contrary to common ipTIME NOR devices, the "Config" partition of T5004
and AX2004M contain normal U-Boot environment variables. Renaming the
partition into "u-boot-env" serves for better description, and it also
conforms to common naming practice in OpenWrt.
This patch might also be extended to A3004T, but its u-boot-env
partition layout has not been confirmed yet.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Realtek RTL8188F is an 802.11n 1x1 USB Wi-Fi adapter. It has been
supported by the upstream rtl8xxxu driver since Linux 6.2 kernel.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Probing of the fitblk driver in some situations happens after Linux
attempts to mount rootfs, which then fails.
Always use 'rootwait' kernel parameter when using fitblk for rootfs.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The AQL limit for buffered broadcast packets is higher than the maximum
total pending airtime limit. This can get unicast data stuck whenever there
is too much pending broadcast data. Fix this by excluding broadcast AQL from
the total limit.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Fixes libssh, which requires it. Bump ABI_VERSION, since enabling this
option affects data structures in mbedtls include files.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
At start I only set qualcommax to use the Crypto Extensions optimized
version of SHA256 as I knew it supports the optional Crypto Extensions.
However, after looking into the tree there are more targets/subtargets
that I could find at least a specification sheet that says the support
Cryptographic Extensions, so lets add them.
Signed-off-by: Robert Marko <robimarko@gmail.com>
At start I only set qualcommax to use the Crypto Extensions optimized
version of SHA1 as I knew it supports the optional Crypto Extensions.
However, after looking into the tree there are more targets/subtargets
that I could find at least a specification sheet that says the support
Cryptographic Extensions, so lets add them.
Signed-off-by: Robert Marko <robimarko@gmail.com>
ath25 has been on life support for the last couple of releases, eventually
leading to marking it as source-only in 2023.
It has been basically only touched to do a kernel bump so that we can make
the new OpenWrt release which was a challenge due to small RAM amount.
However, with the attempt of kernel 6.1 update it turns out that kernel
cannot even finish booting due to RAM constraints, so its time to let this
target go.
Signed-off-by: Robert Marko <robimarko@gmail.com>
It was announced [1] that the original staging repositories are no longer
used for staging of new firmware binaries. And that the old repository will
be removed [2] in June 2024.
The ath11k-firmware package must therefore point to the new repository
before the old one is no longer accessible.
[1] https://lore.kernel.org/r/bac97f31-4a70-4c4c-8179-4ede0b32f869@quicinc.com
[2] 8d2cc160f3
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Kernel has an ASM optimized version of SHA512 that was ported from
OpenSSL, so lets package it as it provides significant perfomance
improvement compared to the generic implementation.
There is a Cryptographic Extension based version as well, but that relies
on ARMv8.2 ISA which I am not aware any of the OpenWrt supported SoC-s use.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Kernel has optimized version of SHA2(224 and 256) using the ARMv8 Crypto
Extensions, so lets package it.
Use it by default for qualcommax as it uses Cortex-A53 core and has ARMv8
CE extensions present.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Kernel has an ASM optimized version of SHA256 that was ported from
OpenSSL, so lets package it as it provides significant perfomance
improvement compared to the generic implementation.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Kernel has optimized version of SHA1 using the ARMv8 Crypto Extensions,
so lets package it.
Use it by default for qualcommax as it uses Cortex-A53 core and has ARMv8
CE extensions present.
Signed-off-by: Robert Marko <robimarko@gmail.com>
SHA3 is now required by jitterentropy_rng in kernel 6.6, so lets start
preparing by packaging SHA3 support as its supported in 5.15 and 6.1
kernels as well.
AFAIK, only ARMv8.2 has a crypto extension for SHA3, however I am not aware
of any SoC we support that uses ARMv8.2 ISA so its not enabled currently.
Signed-off-by: Robert Marko <robimarko@gmail.com>
1. Return error if any step of generating tar file fails
2. Use pipefail to avoid calling "gzip" if tar failed
Fixes: e36cc53092 ("base-files: sysupgrade: use tar helper to include installed_packages.txt")
Reported-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Cc: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Netgear WAX214 is a 802.11 ax dual-band AP
with PoE. (similar to Engenius EWS357APV3)
Specifications:
• CPU: Qualcomm IPQ6010 Quad core Cortex-A53
• RAM: 512MB of DDR3
• Storage: 128MB NAND (Macronix MX30UF1G18AC)
• Ethernet: 1x 1G RJ45 port (QCA8072) PoE
• WIFI:
2.4GHz: Qualcomm QCN5022 2x2 802.11b/g/n/ax 574 Mbps PHY rate
5GHz: Qualcomm QCN5052 2x2 802.11a/b/g/n/ac/ax 1201 PHY rate
• LEDs:
4 x GPIO-controlled LEDs
- 1 Power LED (orange)
- 1 LAN LED (blue)
- 1 WIFI 5g LED (blue)
- 1 WIFI 2g LED (blue)
black_small_square Buttons: 1x soft reset
black_small_square Power: 12V DC jack or PoE (802.3af )
An populated serial header is onboard, format is
1.25mm 4p (DF13A-4P-1.25H)
RX/TX is working, bootwait is active, secure boot is not
enabled.
The root password of the stock firmware is unknown,
but failsafe mode can be entered to reset the password.
Installation Instructions:
- obtain serial access
- stop auto boot (press "4", Entr boot command line
interface)
- setenv active_fw 0 (to boot from the primary rootfs,
or set to 1 to boot from the secondary rootfs
partition)
- saveenv
- tftpboot the initramfs image
- bootm
- copy
openwrt-qualcommax-ipq60xx-netgear_wax214-squashfs-factory.ubi
to the device
- write the image to the NAND:
- cat /proc/mtd and look for rootfs partition (should
be mtd11,
or mtd12 if you choose active_fw 1)
- ubiformat /dev/mtd11 -f -y
openwrt-qualcommax-ipq60xx-netgear_wax214-squashfs-factory.ubi
- reboot
Note: the firmware is senao-based. But I was unable to build
a valid senao-header into the image.
Maybe they changed the header format and senaoFW isn't
working any more.
Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>