Commit Graph

55256 Commits

Author SHA1 Message Date
Daniel Golle
b18b5a7ca3 mediatek: filogic: add efuse layout to mt7986a.dtsi
efuse is used to store board-specific settings of some of the in-SoC
peripherals. Add it to device tree, so it gets probed on boot and can
be accessed by other drivers.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-09-30 13:29:58 +01:00
Daniel Golle
243a2184f2 mediatek: add patch allowing 1-byte wide access to efuse
Allow byte-wise access to mtk-efuse as some drivers require that.
Patch imported from mtk-openwrt-feeds (MTK SDK).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-09-30 13:29:58 +01:00
Felix Fietkau
c7c7905bce kernel: fold lzma debloat patch into the patch adding the code
Reduces the number of hack patches

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-09-30 13:13:51 +02:00
Felix Fietkau
36f2ab4bfd kernel: move kernel image cmdline hack to the octeon target
It is the only remaining user of this hack

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-09-30 13:13:51 +02:00
Felix Fietkau
2e375e9b31 kernel: remove hack patch, move kirkwood specific kmods to target modules.mk
Tweaking the KCONFIG line of kmod-ata-marvell-sata makes the hack patch
unnecessary

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-09-30 12:59:19 +02:00
Felix Fietkau
4363faef8a kernel: move ubnt ledbar driver to a separate package
Simplifies the tree by removing a non-upstream kernel patch and related kconfig
symbols

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-09-30 11:28:51 +02:00
Felix Fietkau
a0a4cfd83b kernel: remove udp tunnel kconfig selection hack
The corresponding kmod package is marked as HIDDEN and selected by all
other kernel modules that need it, so the kconfig side will be in sync
without manual selection

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-09-30 11:28:51 +02:00
Felix Fietkau
eb07020de2 mac80211: fix decap offload for stations on AP_VLAN interfaces
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-09-30 11:28:51 +02:00
Rosen Penev
3848cf458e
tools/cmake: Build without some included libs
Saves a little bit of time when compiling cmake.

Added patches to fix searching liblzma and zlib. The issue is that
because pkgconfig is not used, the system libraries get used.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-29 19:33:17 +02:00
Rosen Penev
89df3589e6
tools/expat: build with autotools again
Allows to set expat as a dependency to cmake and save on compilation
time.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-29 19:33:17 +02:00
Rosen Penev
d602e7a969
tools/zlib: switch to configure script
A future commit will make tools/cmake use this.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-29 19:33:13 +02:00
Petr Štetiar
ec8fb542ec wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)
Fixes denial of service attack and buffer overflow against TLS 1.3
servers using session ticket resumption. When built with
--enable-session-ticket and making use of TLS 1.3 server code in
wolfSSL, there is the possibility of a malicious client to craft a
malformed second ClientHello packet that causes the server to crash.

This issue is limited to when using both --enable-session-ticket and TLS
1.3 on the server side. Users with TLS 1.3 servers, and having
--enable-session-ticket, should update to the latest version of wolfSSL.

Thanks to Max at Trail of Bits for the report and "LORIA, INRIA, France"
for research on tlspuffin.

Complete release notes https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable

Fixes: CVE-2022-39173
Fixes: https://github.com/openwrt/luci/issues/5962
References: https://github.com/wolfSSL/wolfssl/issues/5629
Tested-by: Kien Truong <duckientruong@gmail.com>
Reported-by: Kien Truong <duckientruong@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-09-29 07:53:56 +02:00
Petr Štetiar
a0cd133fde Revert "wolfssl: fix TLSv1.3 RCE in uhttpd by using latest 5.5.1-stable release"
This reverts commit a596a8396b as I've
just discovered private email, that the issue has CVE-2022-39173
assigned so I'm going to reword the commit and push it again.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-09-29 07:53:12 +02:00
Petr Štetiar
8ad9a72cbe wolfssl: refresh patches
So they're tidy and apply cleanly.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-09-29 07:36:19 +02:00
Petr Štetiar
a596a8396b wolfssl: fix TLSv1.3 RCE in uhttpd by using latest 5.5.1-stable release
Fixes denial of service attack and buffer overflow against TLS 1.3
servers using session ticket resumption. When built with
--enable-session-ticket and making use of TLS 1.3 server code in
wolfSSL, there is the possibility of a malicious client to craft a
malformed second ClientHello packet that causes the server to crash.

This issue is limited to when using both --enable-session-ticket and TLS
1.3 on the server side. Users with TLS 1.3 servers, and having
--enable-session-ticket, should update to the latest version of wolfSSL.

Thanks to Max at Trail of Bits for the report and "LORIA, INRIA, France"
for research on tlspuffin.

Complete release notes https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable

Fixes: https://github.com/openwrt/luci/issues/5962
References: https://github.com/wolfSSL/wolfssl/issues/5629
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-09-29 07:36:19 +02:00
Rafał Miłecki
77d9cce604 bcm53xx: backport clk driver fix for DT nodes names
It allows dropping downstream patch renaming DT nodes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-09-29 05:51:25 +02:00
Chris Osgood
c5e167e0d6
build: fix warnings from grep
Fixes build warnings when using newer versions of grep.

Signed-off-by: Chris Osgood <chris_github@functionalfuture.com>
Tested-by: Georgi Valkov <gvalkov@gmail.com>
2022-09-28 17:17:48 +02:00
Christian Marangi
261925a869
scripts/download.pl: generilize and simplify download tool check
Generilize download tool check and skip other check if a download tool
has been found.
While at it also reintroduce c836ca84e8
that was previously dropped with aria2c support.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-28 16:55:10 +02:00
Kazuhiro Ito
e739ccb2f6 ramips: update MAC address configuration for Buffalo WSR-1166DHP
Convert MAC address and label_mac configuration of Buffalo
WSR-1166DHP to use the generic function of OpenWrt.

Apply commit 770cfe9 for WCR-1166DS to WSR-1166DHP too.

Tested on the device and MAC address is kept before and after this
change.

Signed-off-by: Kazuhiro Ito <kzhr@d1.dion.ne.jp>
2022-09-28 22:35:02 +09:00
Daniel Golle
9e08724634 kernel: mtk_ppe: use MTK_FOE_STATE_INVALID instead of *_UNBIND
Instead of dropping *fix-typo-in-__mtk_foe_entry.patch which effectively
means keeping the (also wrong) assignment of MTK_FOE_STATE_BIND, rather
use MTK_FOE_STATE_INVALID as that works well on both older (NETSYS_V1)
and newer (NETSYS_V2) MediaTek SoCs.

Suggested-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-09-28 03:34:47 +01:00
Christian Marangi
165b66d910
realtek: rtl931x: fix missing CONFIG_COMMON_CLK_REALTEK config flag
When the realtek clock driver was introduced, CONFIG_COMMON_CLK_REALTEK
was not correctly disabled for other subtarget. Add the missing config
flag to fix compilation error on buildbot.

Fixes: 4850bd887c ("realtek: add RTL83XX clock driver")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-28 01:15:47 +02:00
Rosen Penev
b71affaf8b tools: fix firmware-utils depends
When firmware-utils was converted to use cmake, the dependency was not
updated.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-27 15:35:41 -07:00
Christian Marangi
b51c52533b
Revert "toolchain/gcc: use zstd from tools"
This reverts commit e6cc3ded07.
Require more testing as it does cause compilation error.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-27 23:18:37 +02:00
Christian Marangi
6e90cb60e4
Revert "tools/zstd: build libraries as static"
This reverts commit e3989094b8.
Require more testing as it does cause compilation error.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-27 23:17:51 +02:00
Rosen Penev
e3989094b8
tools/zstd: build libraries as static
Enables to get rid of rpath hack for all users.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-27 21:28:49 +02:00
Nick Hainke
83ea2e11b4
ccache: update to 4.6.3
Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_3

Refresh patch:
- 100-honour-copts.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-27 18:22:31 +02:00
Nick Hainke
ac61cf596c
tools/ccache: update to 4.6.2
Release notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_2

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-27 18:22:30 +02:00
Nick Hainke
2e87e24e43
tools/ccache: update to 4.6.1
Release notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_1

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-27 18:22:27 +02:00
Daniel Golle
e8b00cfdcb kernel: rename upstreamed patches and import fixes
Move and rename patches which were merged upstream and import follow-up
fixes for MediaTek Ethernet offloading features on MT7622 and Filogic
platforms. Remove patch
793-net-ethernet-mtk_eth_soc-fix-typo-in-__mtk_foe_entry.patch
which breaks hardware flow offloading on MT7622, it will be reverted
upstream as well.

Fixes: c93c5365c0 ("kernel: pick patches for MediaTek Ethernet from linux-next")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-09-27 17:07:20 +01:00
Manas Sambhus
3e2ea10e5e
qos-scripts: fix trailing whitespace in config files
Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
2022-09-27 17:16:46 +02:00
Manas Sambhus
0ca634e9ef
qos-scripts: replace modprobe by rmmod
modprobe -r is not available on all platforms, hence use rmmod

Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
2022-09-27 17:16:45 +02:00
Manas Sambhus
4cc7011da0
kernel: netsupport: replace insmod by modprobe
Replace insmod by modprobe in TEQL hotplug script

Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
2022-09-27 17:16:45 +02:00
Manas Sambhus
db0c0a31d8
ppp: use modprobe in place of insmod
This will prevent `module is already loaded` lines from
appearing in the logs when a PPP connection is reconnecting

Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
2022-09-27 17:16:42 +02:00
Christian Marangi
c092b3ba63
include/prereq-build: fix ldconfig-stub symlink on macos and BSD OSs
Some OS may have the true bin to a different location than /bin/true.
BSD based system and macos have true on /usr/bin/true.

Fix this by checking both location and take the one available in the
system.

Reported-by: Sergey V. Lobanov <sergey@lobanov.in>
Suggested-by: Huangbin Zhan <zhanhb88@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-27 16:54:42 +02:00
Nick Hainke
a29d3bc48c
Makefile: fix stray \ warnings with grep-3.8
We simply grep for "/usr". So no need for "-E" or "\/". Furthermore, in
the new grep versions this creates warnings.

As written in the grep-3.8 announcement:
  Regular expressions with stray backslashes now cause warnings, as
  their unspecified behavior can lead to unexpected results.
  For example, '\a' and 'a' are not always equivalent
  <https://bugs.gnu.org/39678>.

Fixes warnings in the form of:
  grep: warning: stray \ before /

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-27 16:45:08 +02:00
Rosen Penev
fcaea8b551
toolchain/gdb: fix expat location
GDB is not finding tools/expat. This fixes it. Move it up with the other
tools.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-27 16:39:37 +02:00
Rosen Penev
e6cc3ded07
toolchain/gcc: use zstd from tools
pkgconfig is not used for some reason. Match other used tools.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-27 16:38:14 +02:00
Felix Fietkau
3a8825ad6a build: fix issues with targets installed via feeds
- fix including modules.mk when a target is being replaced
- fix calling make targets from target/linux

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-09-27 13:41:12 +02:00
Christian Marangi
f1b3958d02
scripts/download.pl: fix support for aria2c download tool on macos
Currently we use /dev/shm to place aria2c tmp file. This is not present
on macos. Use the openwrt tmp directory instead of the linux-only
/dev/shm to save compatibility with more os.

Fixes: d391236269 ("download.pl: add aria2c support")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-26 20:50:10 +02:00
Christian Marangi
5df60f5c24
scripts/download.pl: fix mirrors regression for curl and wget
With the introduction of aria2c support, curl and wget no longer try to
download the file from mirrors. Fix this regression by emptying the
remaining mirrors list only when aria2c is used.

Fixes: d391236269 ("download.pl: add aria2c support")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-26 20:50:09 +02:00
Kevin Darbyshire-Bryant
582c098c09 nftables: backport fix to interval based rules
'rule inet dscpclassify dscp_match  meta l4proto { udp }  th dport { 3478 }
 th sport { 3478-3497, 16384-16387 } goto ct_set_ef' works with
'nft add', but not 'nft insert', the latter yields:
"BUG: unhandled op 4".

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2022-09-26 18:02:15 +01:00
Kevin Darbyshire-Bryant
dafa663012 sysfsutils: Define START early in file
The luci ucode rewrite exposed the definition of START as being over 1K
from start of file.  Initial versions limited the search for START &
STOP to within the 1st 1K of a file.  Whilst the search has been
expanded, it doesn't do any harm to define START early in the file like
all other init scripts seen so far.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2022-09-26 17:58:32 +01:00
Christian Marangi
4ed90e84f8
Revert "mt76: fix compilation error with mt7915 and kernel >= 5.15.61"
This reverts commit 6e9613844c.

The patch was wrong in the first place as we base everything on
backports package and the compilation error was caused by an ath11k
present downstream. (will be needed later when backports package will be
updated but not now)

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-25 20:36:42 +02:00
Jan Hoffmann
d924a75be3 realtek: fix RTL839x egress tag for ports >= 32
Don't overwrite AS_DPM and L2LEARNING flags when dest_port is >= 32.

Fixes: 1773264a0c ("realtek: correct egress frame port verification")
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2022-09-25 20:53:24 +02:00
Christian Marangi
6e9613844c
mt76: fix compilation error with mt7915 and kernel >= 5.15.61
With kernel 5.15.61 the define IEEE80211_MAX_AMPDU_BUF got changed to
IEEE80211_MAX_AMPDU_BUF_HE. Add patch to fix compilation error on next
5.15 kernel versions.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-25 16:07:16 +02:00
Christian Marangi
295e0ed7a9
scripts/download.pl: fix whitespace in mirror urls and drop for
Fix whitespace in mirror urls and replace for loop with join+map logic.

Fixes: d391236269 ("download.pl: add aria2c support")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-25 15:54:12 +02:00
Eneas U de Queiroz
d08c9da43c
wolfssl: prefer regular libwolfssl over cpu-crypto
Rename libwolfssl-cpu-crypto to libwolfsslcpu-crypto so that the
regular libwolfssl version comes first when running:
opkg install libwolfssl

Normally, if the package name matches the opkg parameter, that package
is preferred.  However, for libraries, the ABI version string is
appended to the package official name, and the short name won't match.
Failing a name match, the candidate packages are sorted in alphabetical
order, and a dash will come before any number.  So in order to prefer
the original library, the dash should be removed from the alternative
library.

Fixes: c3e7d86d2b (wolfssl: add libwolfssl-cpu-crypto package)
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-09-25 15:19:10 +02:00
Eneas U de Queiroz
50d0b41b38
wolfssl: ABI version shouldn't depend on benchmark
Move CONFIG_PACKAGE_libwolfssl-benchmark from the top of
PKG_CONFIG_DEPENDS to after PKG_ABI_VERSION is set.

This avoids changing the ABI version hash whether the bnechmark package
package is selected or not.

Fixes: 05df135cac (wolfssl: Rebuild when libwolfssl-benchmark gets changes)
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-09-25 15:19:07 +02:00
Bradford Zhang
d391236269
download.pl: add aria2c support
Use aria2c download tool by default on package download if available in
the system.
aria2c permits to use multiple mirrors and may improve download speed on
special context where servers are hard to reach.

Co-authored-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Bradford Zhang <zyc@zyc.name>
[ fix wrong var in the script and improve commit description ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-25 14:56:45 +02:00
Nick Hainke
a67f484e67 octeon: fix imagebuilder generation by introducing generic target
The generic imagebuilder does not have a generic in the name, although
this is the default naming scheme. Use bcm53xx as template for this fix.

Before the fix:
  openwrt-imagebuilder-octeon.Linux-x86_64.tar.xz

After:
  openwrt-imagebuilder-octeon-generic.Linux-x86_64.tar.xz

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-24 23:53:53 +02:00