The ARIA block cipher is pretty uncommon in TLS, deactivate it for now.
This saves some space and reduces the possible variations and attack
vectors of mbedtls.
ARIA support was deactivated in OpenWrt 23.05 by default.
Link: https://github.com/openwrt/openwrt/pull/17342
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3c0ef48bc8)
The commit 7160820d742a ("phy: rockchip: naneng-combphy: fix phy reset")
was backported to kernel 6.6 branch by upstream, however the correspond
dtsi fixes was not, resulting the following error:
```
[ 0.225521] rockchip-naneng-combphy fe830000.phy: error -ENOENT: failed to get phy reset
[ 0.227467] rockchip-naneng-combphy fe840000.phy: error -ENOENT: failed to get phy reset
```
So backport the dtsi fixes here manually.
Fixes: 89b2356b8c ("kernel: bump 6.6 to 6.6.69")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/17468
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 8a477bafb4)
defer_list skbs held by NAPI can block releasing page pools.
Work around this by scheduling rx softirq on all CPUs while trying to release
a page pool.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 2b70b32aef)
The MAC address of the GMAC is contained inside the CWMP-Account number on the label.
Similar fix as to the 4040 in b22d382ae4
Link #13240
Signed-off-by: Florian Maurer <f.maurer@outlook.de>
Link: https://github.com/openwrt/openwrt/pull/17467
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit b2b6955f80)
d996988ae55b libubus: close file descriptor after sending it from a request
afa57cce0aff libubus: add support for using channels
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit f0df6e3a4a)
It seems that we have some kind of a symbol name conflict which causes
CONFIG_SECCOMP to always be read as y.
Unfortunatelly, I could not figure out what is causing this, but simply
renaming SECCOMP to USE_SECCOMP seems to properly work and leaves the
symbol unset unless arch dependencies are satisfied.
This fixes qoriq and others that dont support seccomp from failing due
to procd-seccomp package being selected to get included but it cannot be
built for them:
ERROR: unable to select packages:
procd-seccomp (no such package):
required by: base-files-1637~52b6c92479[procd-seccomp]
Fixes: 4c65359af4 ("build: fix including busybox, procd and apk/opkg in imagebuilder")
Link: https://github.com/openwrt/openwrt/pull/17048
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit a48ec449cc)
Robert reported, that in firmware images generated by ASU, there is
`apk` package manager missing after the commit 44598c233d ("build:
remove broken dependency of metadata on toplevel .config variables").
That is happening, because apk got removed from `default_packages` list in
`profiles.json`, which is being generated by `json_overview_image_info` Make
target, which uses `scripts/json_overview_image_info.py` helper script,
which gets the information from `DEFAULT_PACKAGES` Make variable.
So lets fix it by providing `DEFAULT_PACKAGES` variable when its needed.
The reason why we didn't added those packages as a dependency to
base-files like any other packages, was to allow disabling them (in
order to save space).
Fixes: #16969
Fixes: openwrt/asu/issues/1084
Fixes: 44598c233d ("build: remove broken dependency of metadata on toplevel .config variables")
Reported-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Link: https://github.com/openwrt/openwrt/pull/16986
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 90f0be8521)
It seems, that handling of DEFAULT_PACKAGES is needed in more places, so
lets move it into dedicated include file so it can be easily shared.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Link: https://github.com/openwrt/openwrt/pull/16986
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 40be892a02)
Since the image builder pulls package lists from metadata directly,
add procd and busybox as depdendencies to base-files.
As for the package manager itself, since it can be disabled it needs
to be added directly in the image builder makefile
Fixes: 44598c233d ("build: remove broken dependency of metadata on toplevel .config variables")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 4c65359af4)
Instead of relying on .config symbols for metadata, alter the DEFAULT
variable of affected packages. Fixes enabling opkg vs apk among others.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 44598c233d)
109114146f9c mt76: only enable tx worker after setting the channel
5fe42ec88fd1 mt76: mt7915: ensure that only one sta entry is active per mac address
1884f568ba02 wifi: mt76: do not add wcid entries to sta poll list during MCU reset
71fa9124d107 wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he
eb85bb3fd5bf wifi: mt76: mt7915: fix eifs value on older chipsets
83e4d4a82e65 wifi: mt76: introduce mt792x_config_mac_addr_list routine
b47e20b440ae wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links
3e3c484726f3 wifi: mt76: mt7925: fix wrong band_idx setting when enable sniffer mode
3f1401a0f035 wifi: mt76: mt7925: fix get wrong chip cap from incorrect pointer
eede99f524e8 wifi: mt76: mt7925: fix the invalid ip address for arp offload
c99e4d51b340 wifi: mt76: mt7996: fix overflows seen when writing limit attributes
af983b2543ed wifi: mt76: mt7915: fix overflows seen when writing limit attributes
af494e2dcc94 wifi: mt76: mt7915: exclude tx backoff time from airtime
6f6a1f7cb381 wifi: mt76: mt7996: exclude tx backoff time from airtime
7f65b1b28b4c wifi: mt76: connac: Extend mt76_connac_mcu_uni_add_dev for MLO
1b5e6abc2e7a wifi: mt76: mt7925: Fix incorrect MLD address in bss_mld_tlv for MLO support
72b4688b3912 wifi: mt76: mt7925: Fix incorrect WCID assignment for MLO
6bd2c044e67a wifi: mt76: mt7925: Fix incorrect WCID phy_idx assignment
1c04e9693466 wifi: mt76: mt7925: fix wrong parameter for related cmd of chan info
01e02947bdbf wifi: mt76: mt7925: Fix CNM Timeout with Single Active Link in MLO
b90b1a1dc71b wifi: mt76: mt7925: Enhance mt7925_mac_link_bss_add to support MLO
53ec7a551f17 wifi: mt76: Enhance mt7925_mac_link_sta_add to support MLO
3c99ef40e0e7 wifi: mt76: mt7925: Update mt7925_mcu_sta_update for BC in ASSOC state
285efc6afaec wifi: mt76: mt7925: Update mt792x_rx_get_wcid for per-link STA
e5c0d1289e6c wifi: mt76: mt7925: Update mt7925_unassign_vif_chanctx for per-link BSS
67dcd5c888c4 wifi: mt76: mt7925: Update secondary link PS flow
fd4d6f87072f wifi: mt76: mt7925: Init secondary link PM state
6d972b5b9d6a wifi: mt76: mt7925: Update mt7925_mcu_uni_[tx,rx]_ba for MLO
3acc6cbb9556 wifi: mt76: mt7925: Cleanup MLO settings post-disconnection
0aab0c61ce92 wifi: mt76: mt7925: Properly handle responses for commands with events
15bead1b0041 wifi: mt76: do not hold queue lock during initial rx buffer alloc
732044a949d5 wifi: mt76: mt7925: config the dwell time by firmware
9ba311ec6afa wifi: mt76: mt7921: introduce CSA support
5d12c7404c22 wifi: mt76: mt7921: add rfkill_poll for hardware rfkill
ef965d408b79 wifi: mt76: mt7925: replace zero-length array with flexible-array member
f8563589c72d wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit bff5260d7b)
- drop patches accepted upstream
- include build fixes in the tarball
- based on https://github.com/nbd168/backports commit 410656ef04d2
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a85059438f)
refresh the following patch for ath12k
001-wifi-ath12k-add-11d-scan-offload-support-and-handle-country-code-for-WCN7850.patch
Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17246
Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit fb17914f65)
Add 1920-24g-poe-180w to the mac address retrieval part of 02_network to
properly set the device's port MAC addresses.
This piece was missed when this device was added.
Fixes: b948c1e39b ("realtek: add support for HPE 1920-24G PoE-180W (JG925A)")
Link: https://github.com/openwrt/openwrt/pull/17460
Signed-off-by: James Sweeney <code@swny.io>
(cherry picked from commit 0b54029a6e)
The extraneous closing parenthesis inside the case matching breaks
syntax of the network initialization script 02_network.
/bin/board_detect: /etc/board.d/02_network:
line 40: syntax error: unexpected newline (expecting ")")
Remove this character so board init is functional again.
Fixes: c8ea1aa970 ("realtek: add support for HPE 1920-24G-PoE-370w")
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit a3391d871d)
Switch to using loader-kernel to accommodate
larger image sizes that are problematic for
many mt7621 uboots.
Signed-off-by: Jonathan Sturges <jsturges@redhat.com>
Link: https://github.com/openwrt/openwrt/pull/17389
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f8a8a2c5c7)
This commit adds kmod-leds-ktd202x to the OpenWrt image for the device
"Acer Connect Vero W6m" which is equipped with one KTD2026 controlling the
device's status LED via I2C.
Signed-off-by: George Oldfort <openwrt@10099.de>
Link: https://github.com/openwrt/openwrt/pull/16860
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit e44180d45c)
Commit 56d97fff55 backported leds-ktd202x from upstream but didn't add the
generic config symbol.
Fixes: 56d97fff55 ("generic: backport support for KTD2026/7 rgb(w) led controller")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17396
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit c846f48f6a)
This commit adds the Linux kernel mainline driver "leds-ktd202x" for the
KinetIC KTD2026 and KTD2027 RGB/RBGW controller with I2C interface that was
introduced in kernel version 6.7, last changed in mainline on 2024-05-31.
At least the Acer Connect Vero W6m (a variant of the Acer Predator Connect
W6 without 2.5G eth1 port, usb3 port, and the 6 on-board gpio RGB LEDs) is
equipped with a KTD2026 (and a single RGB LED attached to it used by the
stock firmware as status LED), and maybe other router devices also are.
Signed-off-by: George Oldfort <openwrt@10099.de>
Link: https://github.com/openwrt/openwrt/pull/16860
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 56d97fff55)
Hardware information: (largely copied from 11275be)
---------------------
The HPE 1920-24G-PoE+ (180W) (JG925A) is a switch that is
part of the 1920 family which has 180W nominal PoE+ support.
Common with HPE 1920-24G:
- RTL8382 SoC
- 24 Gigabit RJ45 ports (built-in RTL8218B, 2 external RTL8218D)
- 4 SFP ports (external RTL8214FC)
- RJ45 RS232 port on front panel
- 32 MiB NOR Flash
- 128 MiB DDR3 DRAM
- PT7A7514 watchdog
HPE 1920-24G-PoE+ (180W):
- PoE chip
- 2 fans (40mm)
Known issues:
---------------------
- PoE LEDs are uncontrolled.
(Manual taken from f2f09bc)
Booting initramfs image:
------------------------
- Prepare a FTP or TFTP server serving the OpenWrt initramfs image and
connect the server to a switch port.
- Connect to the console port of the device and enter the extended
boot menu by typing Ctrl+B when prompted.
- Choose the menu option "<3> Enter Ethernet SubMenu".
- Set network parameters via the option "<5> Modify Ethernet Parameter".
Enter the FTP/TFTP filename as "Load File Name" ("Target File Name"
can be left blank, it is not required for booting from RAM). Note that
the configuration is saved on flash, so it only needs to be done once.
- Select "<1> Download Application Program To SDRAM And Run".
Initial installation:
---------------------
- Boot an initramfs image as described above, then use sysupgrade to
install OpenWrt permanently. After initial installation, the
bootloader needs to be configured to load the correct image file
- Enter the extended boot menu again and choose "<4> File Control",
then select "<2> Set Application File type".
- Enter the number of the file "openwrt-kernel.bin" (should be 1), and
use the option "<1> +Main" to select it as boot image.
- Choose "<0> Exit To Main Menu" and then "<1> Boot System".
NOTE: The bootloader on these devices can only boot from the VFS
filesystem which normally spans most of the flash. With OpenWrt, only
the first part of the firmware partition contains a valid filesystem,
the rest is used for rootfs. As the bootloader does not know about this,
you must not do any file operations in the bootloader, as this may
corrupt the OpenWrt installation (selecting the boot image is an
exception, as it only stores a flag in the bootloader data, but doesn't
write to the filesystem).
Example PoE config file (/etc/config/poe):
---------------------
config global
option budget '180'
config port
option enable '1'
option id '1'
option name 'lan8'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '2'
option name 'lan7'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '3'
option name 'lan6'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '4'
option name 'lan5'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '5'
option name 'lan4'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '6'
option name 'lan3'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '7'
option name 'lan2'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '8'
option name 'lan1'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '9'
option name 'lan16'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '10'
option name 'lan15'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '11'
option name 'lan14'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '12'
option name 'lan13'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '13'
option name 'lan12'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '14'
option name 'lan11'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '15'
option name 'lan10'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '16'
option name 'lan9'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '17'
option name 'lan24'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '18'
option name 'lan23'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '19'
option name 'lan22'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '20'
option name 'lan21'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '21'
option name 'lan20'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '22'
option name 'lan19'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '23'
option name 'lan18'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '24'
option name 'lan17'
option poe_plus '1'
option priority '2'
Signed-off-by: James Sweeney <code@swny.io>
Link: https://github.com/openwrt/openwrt/pull/17444
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit b948c1e39b)
Update to the latest upstream release to include recent improvements and
bugfixes, and simplify use of PKG_SOURCE_VERSION.
This version supports BPF objects of either endianness, allowing for
introspection, linking and skeleton creation, and enables cross-compiling
modern BPF applications for targets with non-native byteorder.
Link: https://github.com/libbpf/bpftool/releases/tag/v7.5.0
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/17404
(cherry picked from commit 5bcad34154)
Link: https://github.com/openwrt/openwrt/pull/17418
Signed-off-by: Nick Hainke <vincent@systemli.org>
Hardware information:
---------------------
The HPE 1920-24G-PoE+ (370W) (JG926A) is a switch that is
part of the 1920 family wich 370W nominal PoE+ support.
Common with HPE 1920-24G:
- RTL8382 SoC
- 24 Gigabit RJ45 ports (built-in RTL8218B, 2 external RTL8218D)
- 4 SFP ports (external RTL8214FC)
- RJ45 RS232 port on front panel
- 32 MiB NOR Flash
- 128 MiB DDR3 DRAM
- PT7A7514 watchdog
HPE 1920-24G-PoE+ (370W):
- PoE chip
- 3 fans (40mm)
Known issues:
---------------------
- PoE LEDs are uncontrolled.
(Manual taken from f2f09bc)
Booting initramfs image:
------------------------
- Prepare a FTP or TFTP server serving the OpenWrt initramfs image and
connect the server to a switch port.
- Connect to the console port of the device and enter the extended
boot menu by typing Ctrl+B when prompted.
- Choose the menu option "<3> Enter Ethernet SubMenu".
- Set network parameters via the option "<5> Modify Ethernet Parameter".
Enter the FTP/TFTP filename as "Load File Name" ("Target File Name"
can be left blank, it is not required for booting from RAM). Note that
the configuration is saved on flash, so it only needs to be done once.
- Select "<1> Download Application Program To SDRAM And Run".
Initial installation:
---------------------
- Boot an initramfs image as described above, then use sysupgrade to
install OpenWrt permanently. After initial installation, the
bootloader needs to be configured to load the correct image file
- Enter the extended boot menu again and choose "<4> File Control",
then select "<2> Set Application File type".
- Enter the number of the file "openwrt-kernel.bin" (should be 1), and
use the option "<1> +Main" to select it as boot image.
- Choose "<0> Exit To Main Menu" and then "<1> Boot System".
NOTE: The bootloader on these devices can only boot from the VFS
filesystem which normally spans most of the flash. With OpenWrt, only
the first part of the firmware partition contains a valid filesystem,
the rest is used for rootfs. As the bootloader does not know about this,
you must not do any file operations in the bootloader, as this may
corrupt the OpenWrt installation (selecting the boot image is an
exception, as it only stores a flag in the bootloader data, but doesn't
write to the filesystem).
Example PoE config file (/etc/config/poe):
---------------------
config global
option budget '370'
config port
option enable '1'
option id '1'
option name 'lan8'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '2'
option name 'lan7'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '3'
option name 'lan6'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '4'
option name 'lan5'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '5'
option name 'lan4'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '6'
option name 'lan3'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '7'
option name 'lan2'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '8'
option name 'lan1'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '9'
option name 'lan16'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '10'
option name 'lan15'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '11'
option name 'lan14'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '12'
option name 'lan13'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '13'
option name 'lan12'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '14'
option name 'lan11'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '15'
option name 'lan10'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '16'
option name 'lan9'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '17'
option name 'lan24'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '18'
option name 'lan23'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '19'
option name 'lan22'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '20'
option name 'lan21'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '21'
option name 'lan20'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '22'
option name 'lan19'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '23'
option name 'lan18'
option poe_plus '1'
option priority '2'
config port
option enable '1'
option id '24'
option name 'lan17'
option poe_plus '1'
option priority '2'
Signed-off-by: Evan Jobling <evan.jobling@mslsc.com.au>
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
Link: https://github.com/openwrt/openwrt/pull/17436
[fix space indentation in DTS]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit c8ea1aa970)
The HPE JG924A, JG925A and JG926A share the same base.
Prepare base device for adding the PoE enabled switch support.
Signed-off-by: Evan Jobling <evan.jobling@mslsc.com.au>
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
Link: https://github.com/openwrt/openwrt/pull/17436
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit 41b49a157a)
Netgear Orbi devices rely on ethernet0 alias to be present to U-Boot will
populate the MAC.
This fixes the random MAC on each boot after the ethernet0 alias was
dropped from the SoC DTSI.
Fixes: cd9c721124 ("ipq40xx: 6.1: use latest DSA and ethernet patches")
Fixes: #17384
Link: https://github.com/openwrt/openwrt/pull/17414
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 9ea174c7bf)
When doing LTO builds, the target related CFLAGS need to be passed to the
linker, so that they are considered for target code generation.
Pass TARGET_CFLAGS in EXTRA_LDFLAGS to ensure that this is handled properly.
Fixes: #17200
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit e6ce868c3a)
Right now there's no way to know what state CFE will leave the pinctrl
registers in, so they should be explicitly set by linux on boot. This
patch adds a gpio configuration for drivers that need it, i.e. gpio-leds.
Signed-off-by: Kyle Hendry <kylehendrydev@gmail.com>
[improve patch and fix warnings]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit e44daa4fa5)
This reverts commit 15b21c474e.
The issue seems to appear spuriously.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 84ca1c28f7)
Adds latest 6.6 patches from the Raspberry Pi repository.
These patches were generated from:
https://github.com/raspberrypi/linux/commits/rpi-6.6.y/
With the following command:
git format-patch -N v6.6.67..HEAD
(HEAD -> 811ff707533bcd67cdcd368bbd46223082009b12)
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 692205305d)
Add kmods for the following RP1 options that not all users
will necessarily need or want compiled in:
* Composite video
* Display video
* LED control
* PWM control
* Serial video
Build system: x86/64
Build-tested: bcm2712/RPi5B
Run-tested: bcm2712/RPi5B
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/17233
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit d6c5805db3)
Build in several options RP1-specific features rather than
generating additional kmods for them since bcm2712 is unique to
RPi5B only.
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/17233
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 87309edba4)
Cherry-pick patches to support building RP1 modules.
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/17233
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 613dd79d5e)
MX30LFxG18AC OTP area access has been fixed upstream:
e87161321a
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 15b21c474e)
Conversion to DSA broke 802.2+LLC+SNAP packet processing. Frames
received by napi_complete_done with GRO and DSA have transport_header
set two bytes short, or pointing 2 bytes before network_header &
skb->data. As snap_rcv expects transport_header to point to SNAP
header (OID:PID) after LLC processing advances offset over LLC header
(llc_rcv & llc_fixup_skb), code doesn't find a match and packet is
dropped.
Image built at this commit operates properly:
86dadeba48 - generic: add patch for GPON-ONU-34-20BI quirk
Image built at following commit exhibits the issue:
337e36e0ef - ipq806x: convert each device to DSA implementation
As issue is LLC specific, to avoid impacting non-LLC traffic, and to
follow up on original assumption made on kernel commit fda55eca5a33
("net: introduce skb_transport_header_was_set()") stating "network
stacks usually reset the transport header anyway", llc_fixup_skb to
reset and advance the offset. llc_fixup_skb already assumes the LLC
header is at skb->data, and by definition SNAP header immediately
follows.
Signed-off-by: Antonio Pastor <antonio.pastor@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17220
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit da7ab64f1f)
Fix bogus reference to kmod-nf-conntrack-timeout, fixing the warning
`WARNING: Makefile 'package/kernel/linux/Makefile' has a dependency on
'kmod-nf-conntrack-timeout', which does not exist`.
Fixes: 0e2dcfc4f4 ("netfilter: add kmod-nfnetlink-ct{helper,timeout}")
Signed-off-by: Joel Low <joel@joelsplace.sg>
Link: https://github.com/openwrt/openwrt/pull/17388
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 74354fb463)
Kernel 6.6 requires LED node names to be prefixed via "led-", otherwise
probing the LED will fail, so update our downstream patch adding the LED.
Signed-off-by: Richard Schneidt <ricsc@users.noreply.github.com>
Link: https://github.com/openwrt/openwrt/pull/17330
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit f491001f0c)
Regarding SAE support in wifi-station:
Important Note: Unlike PSK wifi-stations, both `mac` and `key` options are required
to make it work. With PSK, hostapd used to perform a brute-force match to find which
PSK entry to use, but with SAE this is infeasible due to SAE's design.
When `mac` is omitted, it will allow any MAC address to use the SAE password if it
didn't have a MAC address assigned to it, but this could only be done once.
The last wildcard entry would be used.
Also, unlike "hostapd: add support for SAE in PPSK option" (commit 913368a),
it is not required to set `sae_pwe` to `0`. This gives it a slight advantage
over using PPSK that goes beyond not needing RADIUS.
Example Configuration:
```
config wifi-vlan
option iface default_radio0
option name 999
option vid 999
option network management
config wifi-station
# Allow user with MAC address 00:11:22:33:44:55 and matching
# key "secretadminpass" to access the management network.
option iface default_radio0
option vid 999
option mac '00:11:22:33:44:55'
option key secretadminpass
config wifi-vlan
option iface default_radio0
option name 100
option vid 100
option network guest
config wifi-station
# With SAE, when 'mac' is omitted it will be the fallback in case no
# other MAC address matches. It won't be possible for a user that
# has a matching MAC to use this network (i.e., 00:11:22:33:44:55
# in this example).
option iface default_radio0
option vid 100
option key guestpass
```
Regarding PSK file creation optimization:
This patch now conditionally runs `hostapd_set_psk_file` depending on `auth_type`.
Previously, `hostapd_set_psk` would always execute `hostapd_set_psk_file`, which
would create a new file if `wifi-station` was in use even if PSK was not enabled.
This change checks the `auth_type` to ensure that it is appropriate to parse the
`wifi-station` entries and create those files.
Furthermore, we now only configure `wpa_psk_file` when it is a supported option
(i.e., psk or psk-sae is used). Previously, we used to configure it when it was
not necessary. While it didn't cause any issues, it would litter `/var/run` with
unnecessary files. This patch fixes that case by configuring it depending on the
`auth_type`.
The new SAE support is aligned with these PSK file changes.
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/17145
Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 65a1c666f2)
Link: https://github.com/openwrt/openwrt/pull/17248
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>