This adds a kernel module package for the Marvell
MV88E6XXX DSA switch and a separate module package for
the DSA tagger since it can in theory be used by multiple
DSA switches. Enable both DSA and EDSA tags in the
tagger.
We can't just compile this in because just a few devices
has this DSA, and it depends on e.g. the I2C and SFP
to be loaded as modules first.
We have no examples of DSA switches being packaged as
modules before, all seem to be compiled in, but it
actually works just fine to do this.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
This fixes multiple security problems:
* [High] CVE-2024-0901 Potential denial of service and out of bounds
read. Affects TLS 1.3 on the server side when accepting a connection
from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
it is recommended to update the version of wolfSSL used.
* [Med] CVE-2024-1545 Fault Injection vulnerability in
RsaPrivateDecryption function that potentially allows an attacker
that has access to the same system with a victims process to perform
a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin
Zhang, Qingni Shen for the report (Peking University, The University
of Western Australia)."
* [Med] Fault injection attack with EdDSA signature operations. This
affects ed25519 sign operations where the system could be susceptible
to Rowhammer attacks. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang,
Qingni Shen for the report (Peking University, The University of
Western Australia).
Size increased a little:
wolfssl 5.6.6:
516880 bin/packages/mips_24kc/base/libwolfssl5.6.6.e624513f_5.6.6-stable-r1_mips_24kc.ipk
wolfssl: 5.7.0:
519429 bin/packages/mips_24kc/base/libwolfssl5.7.0.e624513f_5.7.0-stable-r1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This contains a fix for:
CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x
before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto
API mishandles shared memory.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The compatible string for the MediaTek MT7988 SoC ended up being
'mediatek,mt7988a' instead of 'mediatek,mt7988' in the now upstream
dtsi. Adapt the cpufreq driver so support for frequency scaling is
again usable.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
net: dsa: mt7530: explain exposing MDIO bus of MT7531AE better
net: dsa: mt7530: do not pass port variable to mt7531_rgmii_setup()
net: dsa: mt7530: use priv->ds->num_ports instead of MT7530_NUM_PORTS
net: dsa: mt7530: get rid of mac_port_validate member of mt753x_info
net: dsa: mt7530: refactor MT7530_PMEEECR_P()
net: dsa: mt7530: get rid of function sanity check
net: dsa: mt7530: define MAC speed capabilities per switch model
net: dsa: mt7530: return mt7530_setup_mdio & mt7531_setup_common on error
net: dsa: mt7530: move MT753X_MTRAP operations for MT7530
net: dsa: mt7530: refactor MT7530_HWTRAP and MT7530_MHWTRAP
net: dsa: mt7530: refactor MT7530_MFC and MT7531_CFC, add MT7531_QRY_FFP
net: dsa: mt7530: rename mt753x_bpdu_port_fw enum to mt753x_to_cpu_fw
net: dsa: mt7530: rename p5_intf_sel and use only for MT7530 switch
net: dsa: mt7530: refactor MT7530_PMCR_P()
net: dsa: mt7530: disable EEE abilities on failure on MT7531 and MT7988
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Import patches for the MT7530 DSA driver from net-next tree:
cae425cb43fe net: dsa: allow DSA switch drivers to provide their own phylink mac ops
dd0c9855b413 net: dsa: introduce dsa_phylink_to_port()
7c5e37d7ee78 net: dsa: mt7530: simplify core operations
868ff5f4944a net: dsa: mt7530-mdio: read PHY address of switch from device tree
2c606d138518 net: dsa: mt7530: fix port mirroring for MT7988 SoC switch
d59cf049c837 net: dsa: mt7530: fix mirroring frames received on local port
62d6d91db98a net: dsa: mt7530: provide own phylink MAC operations
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
For all boards currently working with the mt7530 DSA driver we can
be sure that the address of the switch on the MDIO bus is 31 --
simply because that address is hard-coded in the driver and the
address from the Device Tree is being ignore.
An upcoming patch will add support for MT753x ICs which are programmed
to addresses different from 0x1f using bootstrap pins. As a result the
address from the Device Tree will then be taken into account, which
will break currently working boards which got the address set to
anything else than 31.
While at it also unify the syntax in Device Tree to always us a decimal
value for the 'reg' property.
* mt7622-buffalo-wsr-3200ax4s.dts
Cosmetic change 'reg = <0x1f>' -> 'reg = <31>'
* mt7622-dlink-eagle-pro-ai-ax3200-a1.dtsi
Wrong address: 0 -> 31
* mt7622-elecom-wrc-x3200gst3.dts
Wrong address: 0 -> 31
* mt7622-linksys-e8450.dtsi
Wrong address: 0 -> 31
* mt7622-ruijie-rg-ew3200.dtsi
Wrong address: 0 -> 31
* mt7622-xiaomi-redmi-router-ax6s.dts
Wrong address: 0 -> 31
* mt7629-iptime-a6004mx.dts
Wrong address: 2 -> 31
* mt7981b-zbtlink-zbt-z8102ax.dts
Cosmetic change 'reg = <0x1f>' -> 'reg = <31>'
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The Upstream Linux community has discontinued support for the target.
Maintaining support for it downstream would require too much effort.
Moreover, it seems that the supported hardware is no longer deemed worthy
of it.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Currently, trying to compile LLVM-BPF will fail with:
[2225/3517] Linking CXX shared library lib/libLLVM-15.so
FAILED: lib/libLLVM-15.so
/usr/bin/ld: staging_dir/host/lib/libzstd.a(zstd_common.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC
/usr/bin/ld: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
So, to fix it enable PIC for the host ZSTD.
Fixes: #15247
Signed-off-by: Bryan Roessler <bryanroessler@gmail.com>
Apart from being misspelled ('dymamic' vs. 'dynamic') and a mismatch of
the number of parameters, there is also simply no need to add the 'dynamic'
volume type keyword as 6th parameter as that's the default anyway.
Fix and simplify the ubinize-image.sh script to work as intended.
Fixes: 6c17d71973 ("scripts: ubinize-image.sh: support static volumes, make size optional")
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Use 'mediatek,mt7988a' instead of 'mediatek,mt7988' as compatible
string to be in-sync with upstream and no longer break the cpufreq
driver which was also kept in sync with upstream.
Fixes: 56dd6b473b ("mediatek: sync cpufreq support with changed compatible string")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Kernel 6.6 checks for orphan sections and prints a warning about them,
which in turn will make CI fails as we have Werror enabled there.
Issue is that cache-v7-min.S produces .init.text section which is an
orphan section since it is not being handled by the vmlinux.lds.S linker
script.
So, lets put the generated .init.text section under .text.
Fixes: f0d8ce4f48 ("bcm53xx: add testing support for kernel 6.6")
Signed-off-by: Robert Marko <robimarko@gmail.com>
Use ath11k_patch_mac and ath11k_set_macflag functions for RAX120v2 (pre-caldata does not contain valid MAC addresses)
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Use ath11k_patch_mac, ath11k_remove_regdomain and ath11k_set_macflag functions for MX4200
(only v2 variant requires MAC patching)
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Add new functions for ath11k caldata:
- ath11k_patch_mac (from 0 to 5)
- ath11k_remove_regdomain
- ath11k_set_macflag (some pre-caldata have the nvMacFlag flag unset which is needed to change the MAC address)
Additionaly for ath10k caldata:
- ath10k_remove_regdomain
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
This update contains a minor fix to resolve "detected write beyond size
of field" warning during compilation:
* "replace [0] with []" (1d0d08c)
All patches still apply.
References:
* https://github.com/openwrt/openwrt/issues/15108
Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
Spectrum SAX1V1K is a AX WIFI router with 3 1G and 1 2.5G ports.
The router is provided to Spectrum customers.
It is OEM of Askey RT5010W
https://forum.openwrt.org/t/spectrum-sax1v1k-askey-rt5010w-openwrt-support/149923
It continues the original work by @MeisterLone to get this device supported.
Specifications:
```
• CPU: Qualcomm IPQ8072A Quad core Cortex-A53 2.2GHz
• RAM: 2048MB of DDR3
• Storage: 1024MB eMMC
• Ethernet: 3x 1G RJ45 ports (QCA8075) + 1 2.5G Port (QCA8081)
• WLAN:
• 2.4GHz: Qualcomm QCN5024 4x4 802.11b/g/n/ax 1174 Mbps PHY rate
• 5GHz: Qualcomm QCN5054 4x4 802.11a/b/g/n/ac/ax 2402 PHY rate
• LED: 1 gpio-controlled dual color led (blue/red)
• Buttons: 1x reset
• Power: 12V DC jack
```
Notes:
```
• This commit adds only single partition support, that means
sysupgrade is upgrading the current rootfs partition.
• Installation can be done by serial connection only.
• A poulated serial header is onboard
https://forum.openwrt.org/t/spectrum-sax1v1k-askey-rt5010w-openwrt-support/149923/6
• RX/TX is working, u-boot bootwait is active, secure boot is enabled.
```
Installation Instructions:
**Most part of the installation is performed from an initramfs image.**
Boot initramfs : Using serial connection
1. Boot up the device and wait till it displays "VERIFY_IB: Success. verify IB ok"
2. Once that message appears,
login with username 'root'
password serial number of your router in uppercase.
3. Use vi to paste the 'open.sh' script from @MeisterLone github on your device
https://github.com/MeisterLone/Askey-RT5010W-D187-REV6/blob/master/Patch/open.sh
4. chmod 755 open.sh
5. ./open.sh
6. Set your ip to 192.168.0.1
7. Run a TFTP server and host the initramfs image on the TFTP server and name it "recovery.img"
8. Reboot device. On boot it will try TFTP.
Install OpenWrt from initramfs image:
1. Use SCP (or other way) to transfer OpenWrt factory image
2. Connect to device using SSH (on a LAN port)
3. Flash firmware: sysupgrade
# sysupgrade -n -v /tmp/openwrt_sysupgrade.bin
4. Set U-boot env variable: bootcmd
# fw_setenv bootcmd "run fix_uboot; run setup_and_boot"
5. Reboot the device
# reboot
6. Once device is booted, residue of previous firmware will prevent openwrt to work properly.
Factory Reset is MUST required
# Once serial console is displaying to login, hold reset button for 10 sec
7. Now everything should be operational.
Note: this PR adds only single partition support, that means sysupgrade is
upgrading the current rootfs partition
Signed-off-by: Connor Yoon <j_connor@taliaent.com>
Fix broken BoHong bh25q128as patch that used wrong define for kernel
5.15.
Fixes: 4cb814d403 ("generic: 5.15: Make support for BoHong bh25q128as generic")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
ec8c620fd5f4 split bridge-local disable into rx and tx
40b1c5b6be4e flow: do not attempt to offload bridge-local flows
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Fixes error in the form of [0]:
drivers/pinctrl/pinctrl-at91.c:1668:12: error: 'at91_gpio_resume' defined but not used [-Werror=unused-function]
1668 | static int at91_gpio_resume(struct device *dev)
| ^~~~~~~~~~~~~~~~
drivers/pinctrl/pinctrl-at91.c:1650:12: error: 'at91_gpio_suspend' defined but not used [-Werror=unused-function]
1650 | static int at91_gpio_suspend(struct device *dev)
| ^~~~~~~~~~~~~~~~~
[0] - https://lore.kernel.org/all/20221215164301.934805-1-arnd@kernel.org/
Signed-off-by: Nick Hainke <vincent@systemli.org>
This is an automatically generated commit which aids following Kernel patch history,
as git will see the move and copy as a rename thus defeating the purpose.
See: https://lists.openwrt.org/pipermail/openwrt-devel/2023-October/041673.html
for the original discussion.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Fixes no communication with tethered iOS devices in CDC NCM mode.
Freshly booted iOS devices start in legacy mode, but are put into
NCM mode by the official Apple driver.
[1] a2d274c62eFixes: #12566
Tested-by: Georgi Valkov <gvalkov@gmail.com>
Signed-off-by: Foster Snowhill <forst@pen.gy>
Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
[ better reference fixed issue ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add labels to bug-report issue to better identify type.
Also introduce label to-triage to better handle issue by CI actions.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Blank issue might be used by devs to create tracking issue or by
advanced user to report more strange issue.
These kind of issue won't be parsed and won't be tagged. Normally bBug
report should be used for 99% of the cases.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Move the patch for BoHong bh25q128as out of ramips to make it
generic. Not including 6.1.y since the mtd subsystem has changed,
and does not need these changes.
Patch was dropped with ramips updating to 6.1, hence we reintroudce it
here for 5.15 generic.
5.15.y functionality was verified on a Wavlink WL-WN586X3 Rev.a.
Signed-off-by: R Maru <deviantmaru@gmail.com>
[ rebase and add extra info in commit description ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Backport patches for support of generic spi-nor from SFDP data for
kernel 6.1.
Kernel 5.15 have major rework of the info flags and it's not trustable
to backport this amount of changes and expect correct function of it.
All affected patches automatically refreshed using make
target/linux/refresh.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Currently when external toolchain is used, a info.mk is created (with
to-be-filled values) but is never actually filled with real values and
is never actually used in rules.mk.
This info.mk is used down the code with special packages like libgcc to
reference info like gcc version and package special library.
To mimic what is done with internal toolchain, add the include in
rules.mk for info.mk also for external library and in fix
toolchain/wrapper to fill the staging_dir info.mk.
The logic is to check if the external toolchain provide an info.mk and
if it doesn't we at least fill the GCC_VERSION with the value set in the
.config file.
With this special library like libgcc correctly reference and have set the
GCC_VERSION variable.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
For interface type parameters, the man page documents patterns:
```
*,!eth*,!!eth1
uses all interfaces, except interfaces starting with "eth",
but including "eth1".
```
* Renamed `_ifname` to `_l2dev`.
* get the l2dev via network_get_physdev (and not l3dev)
* Glob pattern `*` is also valid - use noglob for this
The net result is that now interface 'names' including globs '*' and '!'
inversions are included in the generated lldpd configs.
Temporarily `set -o noglob` and then `set +o noglob` to disable & enable
globbing respectively, because when we pass `*` as an interface choice,
other file and pathnames get sucked in from where the init script runs,
and the `*` never makes it to lldpd.
Tested extensively on: 22.03.6, 23.05.3
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
[ squash with commit bumping release version ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
As preparation for the arm926ej-s support which has a different
load address, move the KERNEL_LOADADDR into the subtargets.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
This is an automatically generated commit which aids following Kernel patch history,
as git will see the move and copy as a rename thus defeating the purpose.
See: https://lists.openwrt.org/pipermail/openwrt-devel/2023-October/041673.html
for the original discussion.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
This is an automatically generated commit.
During a `git bisect` session, `git bisect --skip` is recommended.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
For the ARM arch on 6.6, DTS files are moved into their vendor directories,
mimicking arm64. Reflect this in the image Makefile.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>