Commit Graph

58422 Commits

Author SHA1 Message Date
Felix Fietkau
7049ea9e95 firewall4: update to the latest version
23a434d0d15d tests: fix expected test output
840ccdeeabce fw4: avoid emitting invalid rule jump targets
20da9933fd7e fw4: fix another instance of invalid rule jump targets
598d9fbb5179 fw4: remove special cases around hw flow offloading

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-01 14:01:06 +02:00
Felix Fietkau
c5b7be8316 kernel: allow adding devices without hw offload to a hw flowtable
This allows supporting a mix of devices with or without hw offloading support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-01 12:43:10 +02:00
Felix Fietkau
6c3eff9dd8 scripts/package-metadata.pl: fix handling transitive conditional dependencies
When a package foo depends on PACKAGE_foo:bar (in order to make build
dependencies conditional), tracking transitive dependencies can fail because
the internal seen flag is checked/set before eliminating the fake conditional
dependency. This can show up as a depends on not properly turned into a
select further down in the dependency chain

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-01 12:18:13 +02:00
Felix Fietkau
821cf6dd38 hostapd: remove cfg80211 dependency
Always enable nl80211 driver support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-01 12:18:13 +02:00
Rafał Miłecki
bcd76dc7d8 bcm53xx: store a copy of NVRAM content in NVMEM driver
This stops NVMEM driver from using MMIO access past booting and messing
with NAND controller state.

Link: https://forum.openwrt.org/t/asus-rt-ac88u-hw-a6-broken-in-22-03-3/147882
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2023-09-01 11:37:16 +02:00
Daniel Golle
9a4bd3b1e4 netifd: update to latest git HEAD
1a07f1dff32b make_ethtool_modes_h.sh: apply anti-bashism

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-09-01 01:03:13 +01:00
Daniel Golle
b85646f32f netifd: update to latest git HEAD
f429bd94f99e system-linux: switch to new ETHTOOL_xLINKSETTINGS API

Fixes AN announcement for speeds beyond 1 GBit/s.
Adds new UCI options for Ethernet devices:
 - autoneg: switch on or off auto-negotiation
 - pause: if set to 0, do not announce symmetric flow control capability
 - asym_pause: if set to 0, do not announce asymmetric flow control
               capability.
 - rxpause: if set overrides AN and forces RX pause accordingly
 - txpause: if set overrides AN and forces TX pause accordingly

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-31 21:54:40 +01:00
Daniel Golle
a8cbee8e2d mediatek: mt7622: set DEVICE_DTC_ADDR for BPi-R64
Relocating the device tree is required for being apply to apply
device tree overylay at boot.

Fixes: 34bb33094a ("mediatek: use updated device tree overlay mechanism for BPi-R64")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-31 19:22:15 +01:00
Felix Fietkau
560965d582 hostapd: select libopenssl-legacy for openssl variants
Without it, a lot of authentication modes fail without obvious error messages

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-08-31 13:12:25 +02:00
Felix Fietkau
b0501d380f hostapd: remove eap-eap192 auth type value
It is no longer used

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-08-31 13:05:13 +02:00
Felix Fietkau
8c03dc962f netifd: update to the latest version
db3934d2f740 scripts/netifd-wireless.sh: properly fix WPA3 Enterprise support

Support the following values for the different WPA3 Enterprise modes:

- wpa3-mixed: WPA3 Enterprise transitional mode
	This supports EAP with both SHA1 and SHA-256, with optional MFP
- wpa3: WPA3 Enterprise only mode
	This supports only SHA256 with mandatory MFP
- wpa3-192: WPA3 Enterprise with mandatory 192 bit support
	This uses only GCMP-256 ciphers

Disable 192 bit support and GCMP-256 ciphers for the regular "wpa3" mode.
It seems that even leaving in optional 192 bit support breaks auth on some
clients, including iOS devices.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-08-31 13:05:13 +02:00
Felix Fietkau
b63df6ce5d hostapd: support eap-eap2 and eap2 auth_type values
WPA3 Enterprise-transitional requires optional MFP support and SHA1+SHA256
WPA3 Enterprise-only requires SHA1 support disabled and mandatory MFP.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-08-31 13:05:13 +02:00
Felix Fietkau
f0d1349b52 hostapd: fix FILS key mgmt type for WPA3 Enterprise 192 bit
Use the SHA384 variant to account for longer keys with more security

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-08-31 13:05:13 +02:00
Rafał Miłecki
79283e8fb5 kernel: add unset CONFIG_INPUT_IBM_PANEL symbol to config-6.1
This symbol was added by commit 2e6f34faa7e0 ("Input: Add IBM Operation
Panel driver") to v6.1. It depends on I2C so it's available to limited
amount of targets. It needs to be specified thought to allow kernel
configuration.

For bcm53xx this fixes:
IBM Operation Panel driver (INPUT_IBM_PANEL) [N/m/?] (NEW)

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
2023-08-31 09:13:00 +02:00
Rafał Miłecki
52c365f055 kernel: backport v6.6 nvmem changes
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2023-08-31 00:49:29 +02:00
Felix Fietkau
99a98b3024 mac80211: remove non-upstream antenna gain configuration patch
It seems that this was not functioning properly and was likely completely unused.
Keeping this out of tree also introduced some annoying churn when updating, because
of the iw nl80211.h sync patch.
If this is needed, it will be reintroduced when/if it is added upstream

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-08-30 12:28:30 +02:00
Mathew McBride
abc536f547 kernel: ensure VFIO related suboptions are disabled
These suboptions (PLATFORM, FSL_MC and MLX5_VFIO_PCI)
may be prompted for when VFIO is enabled, regardless of
architecture.

These are not related to the main vfio use case
(passthrough of PCIe devices)

Signed-off-by: Mathew McBride <matt@traverse.com.au>
2023-08-29 23:41:05 +02:00
Mathew McBride
9ac01aac0a kernel: enable vfio and vfio-pci for armsr-armv8
Arm platforms with the right hardware blocks (such as
GICv3.0+ interrupt controller and SMMU/IOMMU) are
able to use vfio-pci to pass through PCI devices
to a VM.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
2023-08-29 23:41:05 +02:00
Mathew McBride
7ad8612a23 kernel: vfio: remove unneeded enable_unsafe_noiommu_mode parameter
The vfio module only exposes the enable_unsafe_noiommu_mode parameter
if CONFIG_VFIO_NOIOMMU is enabled. When it isn't, the module
will complain about an unknown parameter:

vfio: unknown parameter 'enable_unsafe_noiommu_mode' ignored

As CONFIG_VFIO_NOIOMMU is disabled by the module package,
we can remove the module loading parameter.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
2023-08-29 23:41:04 +02:00
John Audia
5d039f0b16 kernel: bump 6.1 to 6.1.49
Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.49

All no patches automatically rebased, just update to checksum for new version.

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne

Signed-off-by: John Audia <therealgraysky@proton.me>
2023-08-29 23:39:14 +02:00
Daniel Golle
33046d2a47 arm-trusted-firmware-mediatek: enable built-in 2.5G PHY on MT7988
Always enable built-in 2.5G PHY on MT7988 for now, so that it can be
used. In future it would be nice to be able to switch power and MDIO
access via address 0 at run-time in Linux, both, to be able to use
external PHYs at address 0 and to reduce power consumption on systems
not using the built-in 2.5G PHY.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 23:44:52 +01:00
Daniel Golle
78e3adcaf9 uboot-mediatek: fix dependency on TF-A for MT7988 RFB (sdmmc)
The U-Boot build for the MT7988 reference board booting from SD card
wrongly depended on the 'ddr4' variant of the ARM TrustedFirmware-A build
even though the 'comb' variant is used. Fix that dependency.

Fixes: 572ea68070 ("uboot-mediatek: add patches for MT7988 and builds for RFB")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 23:43:49 +01:00
Linhui Liu
49eedc146a tools/mpfr: update to 4.2.1
Changes from version 4.2.0 to version 4.2.1:
- Bug fixes (see <https://www.mpfr.org/mpfr-4.2.0/#fixed> and/or the
  ChangeLog file).
- Improved MPFR manual.
- Configure tests: replaced the test of the link with GMP, in order to
  avoid the use of a function without a prototype (Autoconf issue), as
  this is obsolescent in ISO C. The new test should be more robust.

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2023-08-28 23:45:58 +02:00
Daniel Golle
8f5986355c mediatek: filogic: remove stray quote
When adapting the network configuration for MT7988 RFB a stray quote
was left in a script. Remove it to fix generating the default network
configuration.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 21:54:02 +01:00
Daniel Golle
f631c7bbb1 generic: sync MediaTek Ethernet driver with upstream
Import commits from upstream Linux replacing some downstream patches.
Move accepted patches from pending-{5.15,6.1} to backport-{5.15,6.1}.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 16:35:22 +01:00
Daniel Golle
a0f4eadf6a mediatek: add support for Ubiquiti UniFi 6 LR v3
Some recent models of the Ubiquiti Networks UniFi 6 LR access point
come with a RealTek RTL8211FS 1000M/100M/10M PHY instead of the
Aquantia AQR112 2500M/1000M/100M/10M PHY used in both v1 and v2. Add
build for this variant so we can support Ethernet with the PHY.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 16:35:22 +01:00
Daniel Golle
fff4441135 uboot-mediatek: add builds for UniFi 6 LR v2 and v3
While the v2 is nearly identical to v1, v3 uses a different PHY and
needs a different build for Ethernet to work in U-Boot.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 16:35:22 +01:00
Daniel Golle
035a88ae55 mediatek: generate bootloader artifacts for mt7988_rfb
Switch to OpenWrt uImage.FIT bootmethod and include various bootloader
artifacts with the generated binaries.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 16:35:22 +01:00
Daniel Golle
1d5778e18d uboot-mediatek: build fully-featured U-Boot for MT7988 RFB
Select many potentially useful options for the MT7988 RFB U-Boot builds.
The resulting loader is intended as a development tool and intends to be
generic. It does *not* have a default bootcmd set, but allows to boot
pretty much everything, including EFI executables.

To install this U-Boot build to the eMMC:
  opkg install mmc-utils partx-utils
  mmc bootpart enable 1 1 /dev/mmcblk0
  echo 0 > /sys/block/mmcblk0boot0/force_ro
  dd if=*mediatek_mt7988a-rfb-nand-emmc-preloader.bin of=/dev/mmcblk0boot0
  dd if=*mediatek_mt7988a-rfb-nand-emmc-gpt.bin of=/dev/mmcblk0
  partx -a /dev/mmcblk0
  dd if=*mediatek_mt7988a-rfb-nand-emmc-bl31-uboot.fip of=/dev/mmcblk0p3

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 16:35:22 +01:00
Daniel Golle
3ef8760e87 mediatek: improve mt7981.dtsi
* re-factor WED components to boot fine also on limited loaders
 * add LEDs of integrated GE PHY

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 13:55:38 +01:00
Daniel Golle
9f8fde216d mediatek: filogic: improve pinctrl drivers
Set correct pull-type data and add additional uart groups for MT7981.
Assign functions to configure pin bias for MT7986.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 13:55:38 +01:00
Daniel Golle
2544dc34f2 mediatek: i2c: mt65xx: allow optional pmic clock
Using the I2C host controller on the MT7981 SoC requires 4 clocks to
be enabled. One of them, the pmic clk, is only enabled in case
'mediatek,have-pmic' is also set which has other consequences which
are not desired in this case.

Allow defining a pmic clk even in case the 'mediatek,have-pmic' propterty
is not present and the bus is not used to connect to a pmic, but may
still require to enable the pmic clock.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 13:55:38 +01:00
Daniel Golle
69a498f953 mediatek: re-add missing patch for Linux 6.1
The patch was wrongly tagged as being part of Linux 6.0 even though it
was only committed with Linux 6.2 and hence needs to be backported for
Linux 6.1.

Fixes: fa79baf4a6 ("generic: copy backport, hack, pending patch and config from 5.15 to 6.1")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 13:55:38 +01:00
Daniel Golle
06a150aed7 mediatek: re-add dropped properties on BPi-R3
Unfortunately some device tree properties have slipped under the table
when switching from our downstream device tree.

Bring back 3W power for SFP cages and restore thermal trip points to
make sense again.

Fixes: 7a0ec001ff ("mediatek: sync MT7986 device trees with upstream")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-28 13:55:38 +01:00
Linus Walleij
ef76b6ff3e bcm53xx: Add support for D-Link DIR-890L
The DIR-890L is very similar to DIR-885L, but has both USB2
and USB3. The signature for the wrgac36 board was copied from
DD-Wrt.

The DIR-890L bootstrap will only load the first 2 MB after
the SEAMA header in the NAND flash, uncompress it with LZMA
and execute it. Since the compressed kernel will not fit in
2 MB we have a problem. Solve this by putting a LZMA
compressed U-Boot into the first 128 KB of the flash
followed by the kernel. The bootstrap will then uncompress
and execute U-Boot and then we let U-Boot read the kernel
from flash and execute it.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2023-08-28 08:13:39 +02:00
Brian Norris
1611c21ac6 ipq806x: onhub: Enable adm_dma node
One of our SPI devices references this node, but we never enabled it.
This clutters up probe deferral logs.

(NB: this SPI device still doesn't have a real driver, so it's just here
for documentation and/or tinkering.)

Signed-off-by: Brian Norris <computersforpeace@gmail.com>
2023-08-27 22:47:02 +02:00
Brian Norris
9ea5487ea5 ipq806x: chromium: Disable kernel's CONFIG_QCOM_SPM
The qcom spm driver is currently broken for IPQ8064 OnHub devices on
kernel 6.1, such that it hangs the system when booting, much to the
consternation of users. This is especially bad as these devices don't
yet have a fully-supported release branch, and are still sometimes
landing on snapshot builds.

OnHub devices have their own kernel config, so it's not that wide of an
impact to disable this.

I haven't fully gotten to the bottom of this, but:

(a) The vendor kernel didn't have any SPM driver at all, and didn't
    utilize cpuidle.
(b) The device tree has never included any (non-disabled) cpuidle
    states, so even when this driver was present on 5.15 (last
    known-working kernel), it didn't actually do anything -- it bailed
    early, before ever doing any SPM initialization.
(c) Refactoring in Linux 5.16 [1] caused the SPM driver to be activated
    unconditionally, including setting us into standby mode
    (PM_SLEEP_MODE_STBY) by default.

Removing the one PM_SLEEP_MODE_STBY line from drivers/soc/qcom/spm.c
seems to fix the problem, but that isn't much different than simply
disabling the driver, so I go with that for now.

I also disable CONFIG_ARM_QCOM_SPM_CPUIDLE, becuase it 'select's
QCOM_SPM.

NB: it's possible there's some other deeper root cause involved in here.
For one, I notice that CPU hotplug (e.g., echo 0 >
/sys/devices/system/cpu/cpu1/online, echo 1 > ...) doesn't work right
either. Perhaps there's some mismatch on upstream Linux qcom-scm
behavior and the old boot firmware used for these systems? It wouldn't
be the first time, as we've had some similar incompatibilities on the
next generation of these devices, Google WiFi [2].

[1] Commit 60f3692b5f0b ("cpuidle: qcom_spm: Detach state machine from
    main SPM handling")
[2] [RFC] qcom_scm: IPQ4019 firmware does not support atomic API?
    https://lore.kernel.org/linux-arm-kernel/20200913201608.GA3162100@bDebian/

Signed-off-by: Brian Norris <computersforpeace@gmail.com>
2023-08-27 22:47:02 +02:00
Andre Heider
520ade686b ltq-vdsl-vr11-mei: fix compilation error with kernel 6.1
Define the old PDE_DATA marco to the new pde_data function.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-08-27 19:26:53 +02:00
Andre Heider
63635696dc vrx518_tc: fix compilation error with kernel 6.1
Define the old PDE_DATA marco to the new pde_data function and
conditionally use the newer APIs.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-08-27 19:26:53 +02:00
Andre Heider
e8e5dbc3c9 vrx518_ep: fix compilation error with kernel 6.1
Unconditionally use the newer APIs, since our oldest supported kernel
contains them too.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-08-27 19:26:53 +02:00
Andre Heider
27633cefac ltq-ifxos: fix compilation error with kernel 6.1
Conditionally use the newer APIs.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-08-27 19:26:53 +02:00
Antonio Flores
f0138de3e5 rockchip: add support for PINE64 ROCK64
This add support for PINE64 ROCK64, rockchip rk3328 board.

Specifications:

 4 x ARM Cortex A53 cores @ 1.5 GHz
 ARM Mali 450 MP2 GPU
 LPDDR3 RAM (up to 4GB)
 Gigabit Ethernet
 Micro SD Slot
 eMMC module slot
 SPI Flash 128Mbit
 4K digital video out
 2x USB 2.0 Host
 1x USB 3.0 Host
 PI-2 bus
 PI-P5+ bus
 IR R/X port
 Real Time Clock (RTC) port
 Power Over Ethernet (POE) (when using optional HAT module)
 A/V jack
 Power, Reset and Recovery buttons
 3.5mm barrel power (5V 3A) port

To install write image to the sd using dd (dd if=*.img of=/*)

Signed-off-by: Antonio Flores <antflores627@gmail.com>
2023-08-27 19:20:11 +02:00
Antonio Flores
c0c4efe6f1 uboot-rockchip: fix swig dependency for ROCK64
Pre build files to fix swig dependency.

Signed-off-by: Antonio Flores <antflores627@gmail.com>
2023-08-27 19:20:11 +02:00
Antonio Flores
0405e11a71 uboot-rockchip: add support for PINE64 ROCK64
Add uboot support for PINE64 ROCK64, rockchip rk3328 board.

Signed-off-by: Antonio Flores <antflores627@gmail.com>
2023-08-27 19:20:11 +02:00
Rani Hod
a4eb1ea331 ramips: add support for D-Link DRA-1360
The DRA-1360 rev A is a wall-plug AC1300 repeater.
Hardware is identical (same FCC ID, black case instead of white)
to D-Link DAP-1620 rev B, which is already supported, but a
different model name, revision, and hardware ID are needed.
Thus, the bulk of the DAP-1620 device tree is extracted to a
common dtsi included by the two models' device trees.

Repeating specs and installation instructions from e4c7703:
(note that the RAM size mentioned there was incorrect, oops)

Specs:
- SoC: MT7621AT (880MHz dual-core MIPS1004Kc)
- Memory: 128 MiB RAM, 16 MiB NOR SPI
- WiFi: MT7615DN 2x2 802.11n + 2x2 802.11ac (DBDC)
- Ethernet: 1 RJ45 port 10/100/1000
- Power/status LED: red+green
- LED RSSI bargraph: 2x green, 1x red+green

Installation:
- Keep reset button pressed during plug-in
- Web Recovery Updater is at 192.168.0.50
  (pings are ignored, it listens only for http)
- Upload factory.bin, confirm flashing
  (seems to work best with Chromium-based browsers)

Revert to OEM firmware:
- tail -c+117 DRA1360A1_FW112B03.bin | \
  openssl aes-256-cbc -d -md md5 -out decrypted.bin \
  -k c471706398cb147c6619f8a04a18d53e9c17ede8
- flash decrypted.bin via D-Link Web Recovery

Signed-off-by: Rani Hod <rani.hod@gmail.com>
2023-08-27 19:13:36 +02:00
John Audia
e80a387517 kernel: bump 5.15 to 5.15.128
Changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.128

All patches automatically rebased.

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
2023-08-27 16:15:22 +02:00
John Audia
9e50708687 kernel: bump 6.1 to 6.1.48
Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.48

No patches changed in this bump, only update was to checksum.

Build system: x86/64
Build-tested: x86/64/AMD Cezanne, filogic/xiaomi_redmi-router-ax6000-ubootmod
Run-tested: x86/64/AMD Cezanne, filogic/xiaomi_redmi-router-ax6000-ubootmod

Signed-off-by: John Audia <therealgraysky@proton.me>
2023-08-27 16:14:22 +02:00
Fabian Bläse
b22d382ae4 ipq40xx: re-add label MAC address for FritzBox 4040
The MAC address of the GMAC is contained inside the CWMP-Account
number on the label.

The label MAC address alias was defined previously, but it has been
removed with the switch to IPQESS / DSA.

Restore the label MAC address alias.

Fixes: 27b441cbaf ("ipq40xx: drop ESSEDMA + AR40xx DTS nodes")
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Marko <robimarko@gmail.com>
2023-08-27 16:09:11 +02:00
Zoltan HERPAI
53c2f174ad uboot-sunxi: bump to 2023.04
Compile-tested: all boards
Runtime-tested:
 - Cortex-A8: pcDuino
 - Cortex-A7: Bananapro, Bananapi M3
 - Cortex-A53:Pine64+

Notes:
 - binman tries to add firmware for the SCP (system control processor), which
   we don't build, and is optional for the boot process on 64-bit. Disable this
   via setting the SCP envvar to /dev/null. For further info, see [1] .

[1] https://github.com/u-boot/u-boot/blob/master/board/sunxi/README.sunxi64

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2023-08-26 15:04:16 +02:00
Mathew McBride
8b1cc1582a x86: remove built-in vhost-net driver
This is now available as a kmod package (kmod-vhost-net).

Signed-off-by: Mathew McBride <matt@traverse.com.au>
2023-08-26 14:08:10 +02:00