Bump to 2.90 to get upstream's fix for DNSSEC KeyTrap (CVE-2023-50387,
CVE-2023-50868) among many other goodies and fixes (notably, upstream
568fb024... fixes a UAF in cache_remove_uid that was routinely crashing
dnsmasq in my deployment).
Catch up our 200-ubus_dns.patch, too.
Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
For years, we have struggled and been frustrated at loosing history of
files in git, due to the 'copy + add' strategy. This could have been
prevented with a double-commit 'mv + add' trick.
On the mailing list [0] the discussion was started to put the
instructions in a wiki. Instead, it is much better to just script it and
put it in the repo.
Instead of doing mv + copy, which leads to two commits, but no history
on the copied files, it uses move, + copy and merge, which results in
three (merge) commits, but keeps the history of all files. As always
with renames, `--follow` will be needed.
The tool is trivial and works either in the OpenWrt git root directory,
or in the actual target directory.
Tested on the `realtek` and generic targets.
Note, that the tool does not do any of the labor needed after the move,
such as updating configs, dropping patches etc.
To make sure this script is easily found by any developer, who just
wants to do a kernel bump, the script is added here and not to
maintainer-tools repo as those scripts are a little bit more specialized.
Bumping a kernel is a trivial task that often regular developers do,
where most do not even know the existence of maintainer tools, are not
part of the main repo they'd clone, not part of the docker container
they'd use and so discoverability is probably much more important.
[0]: https://lists.openwrt.org/pipermail/openwrt-devel/2023-October/041673.html
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Tested-by: Robert Marko <robimarko@gmail.com>
Tested-by: Weijie Gao <hackpascal@gmail.com>
Specifications:
- SoC: Broadcom BCM63168 dual 400MHz MIPS
- Flash: 16MB SPI NOR W25Q128WFG
- RAM: 128MB DDR3 W631GG6KB-15
- Ethernet: 1x 1000M, 3x 100M
- Wifi: BCM435F
- 1x USB 2.0 port
- 3x Button
- 12x LED
Flashing via serial
- Connect to the 3.3V TTL UART on the board
(J6 pinout Vcc Rx Tx Gnd) at 115200-8-N-1
- Press any key in the serial console when powering up the board to enter
the CFE prompt
- Configure an interface on your workstation to static IP 192.168.1.100
and connect it to the board
- Start a TFTP server with the firmware image
- On the CFE prompt, enter the command
"f 192.168.1.100:openwrt-bmips-bcm63268-smartrg_sr505n-squashfs-cfe.bin"
Signed-off-by: Kyle Hendry <kylehendrydev@gmail.com>
[Remove unneeded LED labels]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
As the Visionfive V1 board has an Ampak module connected via SDIO, enable
support for SDIO in the brcmfmac module.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
CDNS3 is a SuperSpeed (SS) USB 3.0 Dual-Role-Device (DRD) controller from
Cadence. Add support for this device, and add the required symbols into
the generic configs.
Compile-tested: apm821xx, bcm4908, imx, mpc85xx, pistachio, starfive
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* Increase flash SPI frequency to 50MHz
The maximum SPI frequency of MX25L6406EM2I is 86 MHz,
but in this patch 50 MHz was chosen as a safe value.
* Update Ethernet MAC addresses
Till now LAN/WAN MAC addresses were flipped
compared to stock firmware.
* Fix Wi-Fi LEDs by adding mt76 led nodes
* Fix LAN port order
LAN ports are in reverse order of switch ports.
* Fix the well-known "LZMA ERROR 1" error by using lzma-loader
* Set uImage name, which enables installation via stock web interface:
1. Upload **initramfs** image file to the web page.
2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Unlike the recovery image, this initramfs-factory image can be flashed
using the stock firmware web interface (from any active boot partition),
as well as the bootloader recovery web page. Drop the recovery image in
favor of the factory image.
Installation via stock/recovery web interface:
1. Flash **initramfs-factory** image through the web page.
2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
The "0x80001000" address logically comes from "loadaddr-y" variable for
mt7621 subtarget. Let's replace the hardcoded value with the predefined
variable. This change is purely cosmetic.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Contrary to common ipTIME NOR devices, the "Config" partition of T5004
and AX2004M contain normal U-Boot environment variables. Renaming the
partition into "u-boot-env" serves for better description, and it also
conforms to common naming practice in OpenWrt.
This patch might also be extended to A3004T, but its u-boot-env
partition layout has not been confirmed yet.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
AX2004M uses NMBM on its NAND flash, but it was not enabled in DTS as the
device support [1] had been added before NMBM feature in mtk_bmt driver [2].
Let's enable it now.
With this change, there is a low possibility of boot failure after
sysupgrade from older versions. As AX2004M already has gone through
two stable releases in the meantime, it would be safe to warn users
by bumping DEVICE_COMPAT_VERSION.
[1] 37753f34ac68 ("ramips: add support for ipTIME AX2004M")
[2] 06382d1af7b2 ("kernel: add support for mediatek NMBM flash mapping support")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Realtek RTL8188F is an 802.11n 1x1 USB Wi-Fi adapter. It has been
supported by the upstream rtl8xxxu driver since Linux 6.2 kernel.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
The COVR-C1200 devices are sold as "Whole Home Mesh Wi-Fi"
sets in packs of two (COVR-C1202) and three (COVR-C1203).
Specifications:
* QCA9563, 16 MiB flash, 128 MiB RAM, 2x3:2 802.11n
* QCA9886 2x2:2 801.11ac Wave 2
* AR8337, 2 Gigabit ports (1: WAN; 2: LAN)
* USB Type-C power connector (5V, 3A)
Installation COVR Point A:
* In factory reset state: OEM Web UI is at 192.168.0.50
no DHCP, skip wizard by directly accessing:
http://192.168.0.50/UpdateFirmware_Simple.html
* After completing setup wizard: Web UI is at 192.168.0.1
DHCP enabled, login with empty password
* Flash factory.bin
* Perform a factory reset to restore OpenWrt UCI defaults
Installation COVR Points B:
* OEM Web UI is at 192.168.0.50, no DHCP, empty password
* Flash factory.bin
* Perform a factory reset to restore OpenWrt UCI defaults
Recovery:
* Keep reset button pressed during power on
* Recovery Web UI is at 192.168.0.50, no DHCP
* Flash factory.bin
used to work best with Chromium-based browsers or curl:
curl -F firmware=@factory.bin \
http://192.168.0.50/upgrade.cgi
since this fails to work on modern Linux systems,
there is also a script dlink_recovery_upload.py
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
This reverts commit 75505c5ec724b9b961dcb411bac1d4b9aede3e1d.
The issue has been fixed upstream.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Include a statement about having to run the installer in the
sysupgrade compat warning for the Linksys E8450 (UBI).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Probing of the fitblk driver in some situations happens after the kernel
attempts to mount rootfs, which then fails.
Always use 'rootwait' when using fitblk for rootfs.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Probing of the fitblk driver in some situations happens after Linux
attempts to mount rootfs, which then fails.
Always use 'rootwait' kernel parameter when using fitblk for rootfs.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The AQL limit for buffered broadcast packets is higher than the maximum
total pending airtime limit. This can get unicast data stuck whenever there
is too much pending broadcast data. Fix this by excluding broadcast AQL from
the total limit.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Fixes libssh, which requires it. Bump ABI_VERSION, since enabling this
option affects data structures in mbedtls include files.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Cleanup uart1-related node on ELECOM WAB-I1750-PS and enable it for
"SERIAL" port on the case.
"SERIAL" port can be used for OpenWrt console by adding the following
line to /etc/inittab and rebooting:
ttyATH1::askfirst:/usr/libexec/login.sh
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Add aliases with "serialN = &uartN;" of uart0/1 on QCA955x SoCs to
qca955x.dtsi, to enable uart1 on Linux Kernel.
without this:
[ 0.342915] ar933x-uart 18500000.uart: unable to get alias id, err=-19
Additionally, remove "serial0 = &uart;" alias from QCA955x device
dts/dtsi files.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Add HighSpeed UART support to QCA955x series SoCs as a secondary UART
(uart1). This UART is compatible with qca,ar9330-uart.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Rename the DT label of the primary UART on Qualcomm Atheros QCA955x
series SoCs to "uart0" from "uart" for the preparation to add HighSpeed
UART (uart1) support.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
with 6.1, the kernel no longer fitted into the 16 MiB and
kicking down the can and increasing KERNEL_SIZE to 20 MiB
didn't help as the device failed to boot.
Using 'kernel-bin | gzip | uimage gzip' didn't work since the
uboot does not have enough heap to decompress these big kernels.
And finally playing around with uboot was more a hassle than
converting this device to take the simpleImage-boot-route in
the future.
Note: The device now takes even longer on the first boot-up after
the flash due to JFFS2 initializing all the remaining flash.
Be prepared to wait up to 10 minutes before the green status LED
stops blinking and will shine a solid green!
(On the plus site: the device now has ~10 MiB of additional
space for rootfs+rootfs_data).
Note2: This patch includes a kernel patch refresh.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Kernel and initramfs size grows. Now uncompressed initramfs image and
regular kernel image overlaps configured area:
Initramfs:
WRAP arch/powerpc/boot/simpleImage.br200-wp
INFO: Uncompressed kernel (size 0x1428688) overlaps the address of the
wrapper(0x1000000)
INFO: Fixing the link_address of wrapper to (0x1500000)
WRAP arch/powerpc/boot/simpleImage.tl-wdr4900-v1
INFO: Uncompressed kernel (size 0x1428688) overlaps the address of the
wrapper(0x1000000)
INFO: Fixing the link_address of wrapper to (0x1500000)
WRAP arch/powerpc/boot/simpleImage.ws-ap3715i
INFO: Uncompressed kernel (size 0x1428688) overlaps the address of the
wrapper(0x1000000)
INFO: Fixing the link_address of wrapper to (0x1500000)
Regular image:
WRAP arch/powerpc/boot/simpleImage.br200-wp
INFO: Uncompressed kernel (size 0x10e0688) overlaps the address of the
wrapper(0x1000000)
INFO: Fixing the link_address of wrapper to (0x1100000)
WRAP arch/powerpc/boot/simpleImage.tl-wdr4900-v1
INFO: Uncompressed kernel (size 0x10e0688) overlaps the address of the
wrapper(0x1000000)
INFO: Fixing the link_address of wrapper to (0x1100000)
WRAP arch/powerpc/boot/simpleImage.ws-ap3715i
INFO: Uncompressed kernel (size 0x10e0688) overlaps the address of the
wrapper(0x1000000)
INFO: Fixing the link_address of wrapper to (0x1100000)
Let's change wrapper address to safe value.
Tested on: TL-WDR4900, BR200-WP
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
This patch replaces 'of_flat_dt_is_compatible' with 'of_machine_is_compatible'.
The TL-WDR4900 platform file won't compile in the 6.1 kernel. The platform
files for the rest of the routers have been reworked or based on newer
solutions.
Let's make the TL-WDR4900 consistent with them.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
At start I only set qualcommax to use the Crypto Extensions optimized
version of SHA256 as I knew it supports the optional Crypto Extensions.
However, after looking into the tree there are more targets/subtargets
that I could find at least a specification sheet that says the support
Cryptographic Extensions, so lets add them.
Signed-off-by: Robert Marko <robimarko@gmail.com>
At start I only set qualcommax to use the Crypto Extensions optimized
version of SHA1 as I knew it supports the optional Crypto Extensions.
However, after looking into the tree there are more targets/subtargets
that I could find at least a specification sheet that says the support
Cryptographic Extensions, so lets add them.
Signed-off-by: Robert Marko <robimarko@gmail.com>
This fixes the following compile problem:
````
CC arch/mips/kernel/vpe-mt.o
arch/mips/kernel/vpe-mt.c: In function 'vpe_run':
arch/mips/kernel/vpe-mt.c:32:23: error: unused variable 'physical_memsize' [-Werror=unused-variable]
32 | unsigned long physical_memsize = 0L;
| ^~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[6]: *** [scripts/Makefile.build:289: arch/mips/kernel/vpe-mt.o] Error 1
````
physical_memsize was removed from upstream kernel, see:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=5b4f6c5ff65c8551018ccea40c569afd759734c0
Fixes: 387fde0da0e8 ("kernel: bump 5.15 to 5.15.150")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
KASAN has supported more architectures, such as ARM, PPC32 and RISC-V 64.
Enable KASAN option for those architectures.
Signed-off-by: Qingfang Deng <dqfext@gmail.com>
Commit 2d63d42f5e2f ("mediatek: convert to new LED color/function
format where possible") leaves Xiaomi Redmi AX6000 un-converted,
the two LEDs become dead.
Now, LEDs are alive again.
Fixes: 2d63d42f5e2f ("mediatek: convert to new LED color/function
format where possible")
Signed-off-by: Furong Xu <xfr@outlook.com>