Commit Graph

55009 Commits

Author SHA1 Message Date
Hauke Mehrtens
f3870546a5 mbedtls: update to version 2.28.1
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.1
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.

The build problem was reported upstream:
https://github.com/Mbed-TLS/mbedtls/issues/6243

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-08-28 12:37:54 +02:00
Markus Stockhausen
48f3746fe5 realtek: switch RTL838X/RTL839X DT to new clock driver
Use new DT clockdriver syntax for RTL838X/RTL839X targets. To make it work
we need to change some nodes:
- define the external oscillator speed (25MHz)
- define SRAM
- add clock controller
- Add second CPU for RTL839X
- map all devices to new clocks
- Remove dummy LXB clock
- add CPU OPP table

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
2022-08-28 11:48:30 +02:00
Markus Stockhausen
7c18aab6e0 realtek: activate clock driver for RTL838X/RTL839X targets
Make use the new clock driver for RTL838X and RTL839x target devices. Of course
we will enable their primary consumer (cpufreq-dt) too. To be careful just set
the default governor to userspace. As we rely on SRAM activate that module too.

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
2022-08-28 11:48:30 +02:00
Markus Stockhausen
5df36d4849 realtek: enable basic config for cpufreq framework
A new clock driver makes more sense if it can be used from consumers
like cpufreq.  Before we enable the driver we must tell the config that
the RTL838X and RTL839X targets allow CPU frequency changing.

Even though these targets currently rely on the CPU's internal R4K
timer, MIPS_EXTERNAL_TIMER is selected to allow for CPU frequency change
testing. The Realtek timers, which are clocked by the Lexra bus, still
need to be supported and used in order to provide correct wall times
when reclocking the CPU.

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
[add paragraph about MIPS_EXTERNAL_TIMER to commit message]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-08-28 11:45:03 +02:00
Markus Stockhausen
800d5fb3c6 realtek: add patch to enable new clock driver in kernel
Allow building the clock driver with kernel config options.

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
2022-08-28 11:31:21 +02:00
Markus Stockhausen
4850bd887c realtek: add RTL83XX clock driver
Add a new self-contained combined clock & platform driver that allows to
access the PLL hardware clocks of RTL83XX devices. Currently it provides
info about CPU, MEM and LXB clocks on RTL838X and RTL839X devices and
additionally allows to change the CPU clocks. Changing the clocks
multiple times on a DGS-1210-20 and a DGS-1210-52 already works well and
is multithreading safe on the RTL839X. Even a cpufreq initiated change
of the CPU clock works fine. Loading the driver will add some meaningful
logging.

[0.000000] rtl83xx-clk: initialized, CPU 500 MHz, MEM 300 MHz (8 Bit DDR3), LXB 200 MHz
[0.279456] rtl83xx-clk soc:clock-controller: rate setting enabled, CPU 325-600 MHz,
           MEM 300-300 MHz, LXB 200-200 MHz, OVERCLOCK AT OWN RISK

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
[remove trailing whitespaces, C-style SPDX comments for ASM and headers]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-08-28 11:30:58 +02:00
Markus Stockhausen
1efaad03bb realtek: add PLL DT binding includes
Add some constants for sharing between DT and drivers.

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
2022-08-28 11:03:34 +02:00
Etienne Champetier
0c8d7e34ab iptables: default to ip(6)tables-nft when using buildroot
35fec487e3 fixed opkg usage,
but when using buildroot we were still defaulting to
ip(6)tables-legacy

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-08-27 22:39:32 +02:00
Felix Fietkau
104de8abe4 unetd: add WireGuard based VPN connection manager for OpenWrt
This package simplifies setting up wireguard networks on OpenWrt by a wireguard
network as a JSON file, which can be shared across all participating nodes.
It can be signed with an authentication key and automatically kept in sync.
unetd also supports deterministically generating ipv6 addresses for each host
based on the public key and storing those in a hosts file that can be used with
dnsmasq. It also supports automatically creating VXLAN tunnels between multiple
endpoints.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-08-27 15:24:58 +02:00
Daniel Golle
09b086eeca kernel: add quirk for Huawei-compatible OEM SFP GE-T
Ignore TX_FAULT signal on certain cheap copper/TP gigabit Ethernet SFP
modules.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-08-26 22:32:47 +01:00
Daniel Golle
1f84d45e18 ltq-vdsl-fw: fix firmware installer
The downloaded filename was wrong in multiple places. Fix that.

Fixes: 2f95dd8ff0 ("ltq-vdsl-fw: update w921v firmware download URL")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-08-26 22:32:47 +01:00
Felix Fietkau
ec7d32f376 mt76: update to the latest version
9485e3b47066 mt76: remove q->qid
e5674c4aa402 mt76: mt7921: enable HW beacon filter not depending on PM flag
7fd299e3c921 mt76: mt7921: enable HW beacon filter in the initialization stage
d5459efaaf14 mt76: mt7921: make mt7921_pci_driver static
b8304b456e23 mt76: connac: move tx initialization/cleanup in mt76_connac module
6e0d7077486c mt76: mt7921: reduce log severity levels for informative messages
cb80da974fe6 mt76: mt7921: reduce the mutex lock scope during reset
a2d61f4f4063 mt76: mt7915 add ht mpdu density
08ea730c1130 mt76: add len parameter to __mt76_mcu_msg_alloc signature
60ef85fa352c mt76: introduce MT_RXQ_BAND2 and MT_RXQ_BAND2_WA in mt76_rxq_id
8ccbb38ca6e6 mt76: add phy_idx in mt76_rx_status
eb19ac83c07e mt76: introduce phys array in mt76_dev structure
30887591e3ab mt76: add phy_idx to mt76_wcid
4bf8c20a9524 mt76: convert MT_TX_HW_QUEUE_EXT_PHY to MT_TX_HW_QUEUE_PHY
e6c6bf8cee09 mt76: get rid of mt76_wcid_hw routine
120f73ad992a mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
111e92cf8c22 mediatek: mt76: eeprom: fix missing of_node_put() in mt76_find_power_limits_node()
13bedd62ff4a mt76: connac: introduce mt76_connac_reg_map structure
5ec78e1ec43d wifi: mt76: fix reading current per-tid starting sequence number for aggregation

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-08-26 19:49:16 +02:00
Petr Štetiar
15cae55cec bcm53xx: 5.15: add missing LEDS_BCM63138 config symbol
Fixes following build issue found during build testing with 5.15.63
kernel:

 LED Support for Broadcom BCM63138 SoC (LEDS_BCM63138) [N/m/y/?] (NEW)

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-08-25 22:07:43 +02:00
John Audia
edeae512c0 kernel: bump 5.15 to 5.15.63
All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-08-25 22:07:43 +02:00
Felix Fietkau
31648c4b59 netifd: update to the latest version
76d2d41b7355 interface: fix use-after-free bug when rewriting resolv.conf

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-08-25 21:16:26 +02:00
John Audia
fc89ec0692 kernel: bump 5.10 to 5.10.138
All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-08-25 20:23:59 +02:00
Petr Štetiar
34ddd2e545 rpcd: bump version to 2022-08-24
gcc 10 with -O2 reports following:

 In function ‘strncpy’,
     inlined from ‘rpc_sys_packagelist’ at /opt/devel/openwrt/c-projects/rpcd/sys.c:244:4:
 /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 128 equals destination size [-Werror=stringop-truncation]
   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 In function ‘strncpy’,
     inlined from ‘rpc_sys_packagelist’ at /opt/devel/openwrt/c-projects/rpcd/sys.c:227:4:
 /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 128 equals destination size [-Werror=stringop-truncation]
   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Since it is not possible to avoid truncation by strncpy, it is necessary
to make sure the result of strncpy is properly NUL-terminated and the
NUL must be inserted explicitly, after strncpy has returned.

References: #10442
Reported-by: Alexey Smirnov <s.alexey@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-08-25 06:59:41 +02:00
Jo-Philipp Wich
fe86b2ffaa firewall4: update to latest Git HEAD
a4484d4 fw4: support automatic includes
ca7e3a1 fw4: honour enabled option of include sections
5a02f74 tests: add missing fs.stat) mock data for `nf_conntrack_dummy`
111a7f7 fw4: don't inherit zone family from ct helpers

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-08-24 23:25:11 +02:00
Jo-Philipp Wich
66a360206e rpcd: update to latest Git HEAD
ae5afea ucode: parse ucode plugin scripts in raw mode, init search path

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-08-24 23:25:11 +02:00
Jo-Philipp Wich
4ee77cfcfa uhttpd: update to latest Git HEAD
e3395cd ucode: initialize search path before VM init
8cb3f85 ucode: initialize default library search path
188dea2 utils: accept '?' as path terminator in uh_path_match()
c5eac5d file: support using dynamic script handlers as error pages
290ff88 relay: trigger close if in header read state with pending data
f9db538 ucode: ignore exit exceptions
8ba0b64 cmake: use variables and find_library for dependency

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-08-24 23:25:11 +02:00
Jo-Philipp Wich
3446d32616 ucode: update to latest Git HEAD
bcdd2cb examples: add module search path initialization and freeing
ee1946f ubus: fix GCC strncpy() truncation warning
131d99c lib: introduce three new functions call(), loadstring() and loadfile()
8e8dae0 lib: introduce helper function for indenting error messages
476f02b lib: simplify include_path()
d84b53a source: avoid null pointer access in uc_source_runpath_set()
c43a54f types: gracefully handle unpatched upvalues in ucv_free()
e2fb11a README.md: document gc() function
b41cb2d main: introduce -g flag to allow enabling periodic gc from cli
85d7885 lib: implement gc()
47528f0 vm: support automatic periodic GC runs
381cc75 types: treat vm->exports as GC roots
fcc49e6 compiler: add import statement support for dynamic extensions
c9442f1 vm: introduce new I_DYNLOAD opcode
b6fd8a2 lib: internally expose new uc_require_library() helper
a486adc vm: don't treat offset 0 special for exceptions
41ccd19 compiler: don't treat offset 0 special at syntax errors
b4a3f68 compiler: improve formatting of nested syntax error messages
5d5dadc program: remove now unused uc_program_export_lookup()
304995b compiler: rework export index allocation
506cc37 compiler: fix deriving module path from source runpath
54b7fac compiler: enforce stricter module compilation rules
d62e372 vm: don't initialize upvalues for module functions
b856602 program: add serialization and deserialization for module function flag
d7d1bde compiler: add a flag denoting module functions
156d584 treewide: unexport libucode internal functions
10e056d compiler: add support for import/export statements
862e49d compiler: resolve predeclared upvalues
78dfb08 compiler: require a name in function declarations
afd78c1 compiler: fix reported source position in inc/dec operator error
e1c3db0 tests: run_tests.sh: substitute dynamic test directory path in output
3c168b5 vm, cli: move search path into global configuration structure
d85bc71 vm: introduce import and export opcodes
365782e vm: honor constant flag of objects and arrays
6becc64 vm: transparently resolve upvalue references
3418967 vm: gracefully handle unresolved upvalues
50cf572 program: add function to globally lookup exported name
c441f65 program: add infrastructure to handle multiple sources per program
2322468 program: fix reporting source position of first instruction
9c9a9ec program: fix en/decoding debuginfo upvalue slots in precompiled bytecode
41114a0 source: add tracking of exported symbols
70ae304 lib: honor constant flag of arrays
3c104f5 types: resolve upvalue references on stringification
3a6f9cb types: add ability to mark array and object values as constant
b738f3a lexer: recognize module related keywords
03c8e4b lexer: rewrite token scanner
fd433aa lexer: fix parsing with disabled block left stripping
557577a rtnl: fix parsing/creation of IFLA_AF_SPEC RTA for the AF_BRIDGE family
35c6b73 compiler: fix stack mismatch on continue statements nested in switches
f673096 uloop: end uloop on exceptions in managed code
2e5426c ubus: end uloop on exceptions in managed code
c024270 rtnl: expose IFLA_STATS64 contents
d3c58c0 rtnl: expose ifinfomsg.ifi_change member
c4dde50 rtnl: update NETLINK_GET_STRICT_CHK socket flag with every request
7ef0d02 nl80211: fix NL80211_SURVEY_INFO_NOISE datatype
9a2e592 compiler: fix stack mismatch on nonmatching switch statements with locals
03c8ca5 nl80211: recognize further NL80211_STA_INFO_* NLAs
a1ed566 struct: add optional offset argument to `unpack()`
230e595 rtnl: fix segmentation fault on parsing linkinfo RTA without data
523566d rtnl: zero request message headers
56be30d rtnl: fix premature netlink reply receive abort
1347440 rtnl: avoid stray "netlink: %d bytes leftover after parsing attributes."
44b0a3b struct: fix packing `*` format after other repeated formats

Also package uloop binding module which has been introduced by a previous
ucode update and introduce a host build with the basic set of modules.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-08-24 23:25:11 +02:00
Petr Štetiar
ca5c695a45 kernel: bump 5.15 to 5.15.62
Deleted following upstreamed patches:

 bcm27xx: 950-0006-drm-vc4-hdmi-Fix-HPD-GPIO-detection.patch
 bcm27xx: 950-0420-drm-vc4-Adopt-the-dma-configuration-from-the-HVS-or-.patch
 bcm27xx: 950-0425-drm-vc4-A-present-but-empty-dmas-disables-audio.patch
 bcm27xx: 950-0432-vc4-drm-Avoid-full-hdmi-audio-fifo-writes.patch
 bcm27xx: 950-0433-vc4-drm-vc4_plane-Remove-subpixel-positioning-check.patch
 bcm27xx: 950-0435-drm-vc4-Correct-pixel-order-for-DSI0.patch
 bcm27xx: 950-0436-drm-vc4-Register-dsi0-as-the-correct-vc4-encoder-typ.patch
 bcm27xx: 950-0437-drm-vc4-Fix-dsi0-interrupt-support.patch
 bcm27xx: 950-0438-drm-vc4-Add-correct-stop-condition-to-vc4_dsi_encode.patch
 bcm27xx: 950-0443-drm-vc4-Fix-timings-for-interlaced-modes.patch
 bcm27xx: 950-0445-drm-vc4-Fix-margin-calculations-for-the-right-bottom.patch
 bcm27xx: 950-0475-drm-vc4-Reset-HDMI-MISC_CONTROL-register.patch
 bcm27xx: 950-0476-drm-vc4-Release-workaround-buffer-and-DMA-in-error-p.patch
 bcm27xx: 950-0477-drm-vc4-Correct-DSI-divider-calculations.patch
 bcm27xx: 950-0664-drm-vc4-dsi-Correct-max-divider-to-255-not-7.patch

 bcm53xx: 072-next-ARM_dts_BCM53015-add-mr26.patch

 mediatek: 920-linux-next-dts-mt7622-bpi-r64-fix-wps-button.patch

Manually rebased following patches:

 bcm27xx: 950-0004-drm-vc4-hdmi-Remove-the-DDC-probing-for-status-detec.patch
 bcm27xx: 950-0700-net-phy-lan87xx-Decrease-phy-polling-rate.patch
 bcm27xx: 950-0711-drm-vc4-Rename-bridge-to-out_bridge.patch
 bcm27xx: 950-0713-drm-vc4-Remove-splitting-the-bridge-chain-from-the-d.patch
 bcm27xx: 950-0715-drm-vc4-Convert-vc4_dsi-to-using-a-bridge-instead-of.patch
 bcm27xx: 950-0787-vc4-drm-vc4_plane-Keep-fractional-source-coords-insi.patch
 bcm27xx: 950-0914-mmc-block-Don-t-do-single-sector-reads-during-recove.patch

Runtime tested on turris-omnia and glinet-b1300.

Tested-by: John Audia <therealgraysky@proton.me> [bcm2711/RPi4B, mt7622/RT3200]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-08-23 10:37:04 +02:00
Petr Štetiar
d1163fd13f kernel: bump 5.10 to 5.10.137
Removed following upstreamed patch:

 * bcm53xx: 081-next-ARM_dts_BCM53015-add-mr26.patch

All other patches automagically rebased.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-08-23 10:37:04 +02:00
Christian Marangi
d6994c53cd
ipq806x: add missing scaling_available_frequencies for dedicated cpufreq
Add missing scaling_available_frequencies sysfs entry for dedicated
cpufreq driver.
This sysfs entry is not standard and each cpufreq driver needs to
provide it and declare it in the cpufreq driver struct attr.

Fixes: 5dbbefcbcc ("ipq806x: introduce dedicated krait cpufreq")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-08-21 18:52:52 +02:00
Sebastian Schaper
a434795809 ath79: add support for ZyXEL NWA1100-NH
Specifications:
 * AR9342, 16 MiB Flash, 64 MiB RAM, 802.11n 2T2R, 2.4 GHz
 * 1x Gigabit Ethernet (AR8035), 802.3af PoE

Installation:
* OEM Web UI is at 192.168.1.2
  login as `admin` with password `1234`
* Flash factory-AASI.bin

The string `AASI` needs to be present within the file name of the uploaded
image to be accepted by the OEM Web-based updater, the factory image is
named accordingly to save the user from the hassle of manual renaming.

TFTP Recovery:
* Open the case, connect to TTL UART port (this is the official method
  described by Zyxel, the reset button is useless during power-on)
* Extract factory image (.tar.bz2), serve `vmlinux_mi124_f1e.lzma.uImage`
  and `mi124_f1e-jffs2` via tftp at 192.168.1.10
* Interrupt uboot countdown, execute commands
  `run lk`
  `run lf`
  to flash the kernel / filesystem accordingly

MAC addresses as verified by OEM firmware:
use   address   source
LAN   *:cc      mib0 0x30 ('eth0mac'), art 0x1002 (label)
2g    *:cd      mib0 0x4b ('wifi0mac')

Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
2022-08-21 00:09:53 +02:00
Sebastian Schaper
a6e0ca96da ath79: add support for ZyXEL NWA1123-AC
Specifications:
 * AR9342, 16 MiB Flash, 64 MiB RAM, 802.11n 2T2R, 2.4 GHz
 * QCA9882 PCIe card, 802.11ac 2T2R
 * 1x Gigabit Ethernet (AR8035), 802.3af PoE

Installation:
* OEM Web UI is at 192.168.1.2
  login as `admin` with password `1234`
* Flash factory-AAOX.bin

The string `AAOX` needs to be present within the file name of the uploaded
image to be accepted by the OEM Web-based updater, the factory image is
named accordingly to save the user from the hassle of manual renaming.

TFTP Recovery:
* Open the case, connect to TTL UART port (this is the official method
  described by Zyxel, the reset button is useless during power-on)
* Extract factory image (.tar.bz2), serve `vmlinux_mi124_f1e.lzma.uImage`
  and `mi124_f1e-jffs2` via tftp at 192.168.1.10
* Interrupt uboot countdown, execute commands
  `run lk`
  `run lf`
  to flash the kernel / filesystem accordingly

MAC addresses as verified by OEM firmware:
use   address   source
LAN   *:1c      mib0 0x30 ('eth0mac'), art 0x1002 (label)
2g    *:1c      mib0 0x4b ('wifi0mac')
5g    *:1e      mib0 0x66 ('wifi1mac')

Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
2022-08-21 00:09:53 +02:00
Sebastian Schaper
527be5a456 ath79: add support for ZyXEL NWA1123-NI
Specifications:
 * AR9342, 16 MiB Flash, 64 MiB RAM, 802.11n 2T2R, 2.4 GHz
 * AR9382 PCIe card, 802.11n 2T2R, 5 GHz
 * 1x Gigabit Ethernet (AR8035), 802.3af PoE

Installation:
* OEM Web UI is at 192.168.1.2
  login as `admin` with password `1234`
* Flash factory-AAEO.bin

The string `AAEO` needs to be present within the file name of the uploaded
image to be accepted by the OEM Web-based updater, the factory image is
named accordingly to save the user from the hassle of manual renaming.

TFTP Recovery:
* Open the case, connect to TTL UART port (this is the official method
  described by Zyxel, the reset button is useless during power-on)
* Extract factory image (.tar.bz2), serve `vmlinux_mi124_f1e.lzma.uImage`
  and `mi124_f1e-jffs2` via tftp at 192.168.1.10
* Interrupt uboot countdown, execute commands
  `run lk`
  `run lf`
  to flash the kernel / filesystem accordingly

MAC addresses as verified by OEM firmware:
use   address   source
LAN   *:fb      mib0 0x30 ('eth0mac'), art 0x1002 (label)
2g    *:fc      mib0 0x4b ('wifi0mac')
5g    *:fd      mib0 0x66 ('wifi1mac')

Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
2022-08-21 00:09:53 +02:00
Sebastian Schaper
251ecfe379 ath79: add support for ZyXEL NWA1121-NI
Specifications:
 * AR9342, 16 MiB Flash, 64 MiB RAM, 802.11n 2T2R, 2.4 GHz
 * 1x Gigabit Ethernet (AR8035), 802.3af PoE

Installation:
* OEM Web UI is at 192.168.1.2
  login as `admin` with password `1234`
* Flash factory-AABJ.bin

The string `AABJ` needs to be present within the file name of the uploaded
image to be accepted by the OEM Web-based updater, the factory image is
named accordingly to save the user from the hassle of manual renaming.

TFTP Recovery:
* Open the case, connect to TTL UART port (this is the official method
  described by Zyxel, the reset button is useless during power-on)
* Extract factory image (.tar.bz2), serve `vmlinux_mi124_f1e.lzma.uImage`
  and `mi124_f1e-jffs2` via tftp at 192.168.1.10
* Interrupt uboot countdown, execute commands
  `run lk`
  `run lf`
  to flash the kernel / filesystem accordingly

MAC addresses as verified by OEM firmware:
use   address   source
LAN   *:cc      mib0 0x30 ('eth0mac'), art 0x1002 (label)
2g    *:cd      mib0 0x4b ('wifi0mac')

Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
2022-08-21 00:09:53 +02:00
Nick Hainke
3b2f19271c tools/cmake: update to 3.24.1
Update cmake to newest version.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-08-20 23:26:36 +02:00
Nick Hainke
ce3e467d61 tools/isl: update to 0.25
Update isl to latest version.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-08-20 23:25:52 +02:00
Nick Hainke
20f8101a26 tools/xz: update to 5.2.6
This update contains a security fix to xzgrep (CVE-2022-1271,
ZDI-CAN-16587). Release notes:
https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;hb=HEAD

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-08-20 23:25:32 +02:00
Arınç ÜNAL
f1c9afd801 ramips: mt7621-dts: mux phy0/4 to gmac1
Mux the MT7530 switch's phy0/4 to the SoC's gmac1 on devices where RGMII2
pins are available. This achieves 2 Gbps total bandwidth to the CPU using
the second RGMII.

The ports called "wan" are muxed where possible. On a minority of devices,
this is not possible. Those cases:

mt7621_ampedwireless_ally-r1900k.dts: lan3
mt7621_ubnt_edgerouter-x.dts: eth0
mt7621_gnubee_gb-pc1.dts: ethblue
mt7621_linksys_re6500.dts: lan1
mt7621_netgear_wac104.dts: lan4
mt7621_tplink_eap235-wall-v1.dts: lan0
mt7621_tplink_eap615-wall-v1.dts: lan0
mt7621_ubnt_usw-flex.dts: lan1

The "wan" port is just what the vendor designated on the board/plastic
chasis of the device. On a technical level, there is no difference between
a lan and wan port on MT7621AT, MT7621DAT and MT7621ST SoCs. Prefer
connecting to WAN via the port described above for these devices to benefit
the feature brought with this patch.

mt7621_d-team_newifi-d2.dts cannot benefit this feature, although it looks
like it should, because the rgmii2 pins are wired to unused components.

Tested on a range of devices documented on the GitHub PR.

Link: https://github.com/openwrt/openwrt/pull/10238
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
2022-08-20 22:56:12 +02:00
Arınç ÜNAL
81bd10e4a2 ramips: mt7621-dts: remove DTS_LEGACY from ethernet node
Remove DTS_LEGACY put for claiming pin groups for the ethernet node from
the ethernet node. It's not an old kernel trait. These bindings need to be
there on the newer kernels as well.

Fixes: a3764ee29d ("ramips: add linux 5.15 support for mt7621")
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
2022-08-20 22:56:12 +02:00
Arınç ÜNAL
271456abd8 ramips: mt7621-dts: do not claim rgmii2 group as gpio for certain devices
These devices do not use rgmii2 as gpio, therefore remove rgmii2 pin group
from state-default. Remove overwriting the ethernet node for these devices.

Move claiming the rgmii2 group from mt7621_zyxel_nwa-ax.dtsi to
mt7621_zyxel_nwa50ax.dts as it's only the latter using rgmii2 pins as gpio.

Remove duplicate ethernet overwrite from mt7621_tplink_archer-x6-v3.dtsi.

Claim rgmii2 group as gpio on mt7621_bolt_arion.dts as it uses an rgmii2
pin, 26, as gpio.

Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
2022-08-20 22:56:12 +02:00
Arınç ÜNAL
4807bd6a00 ramips: fix GB-PC1 and GB-PC2 device support
Change switch port labels to ethblack & ethblue.
Change lan1 & lan2 LEDs to ethblack_act & ethblue_act and fix GPIO pins.
Add the external phy with ethyellow label on the GB-PC2 devicetree.
Do not claim rgmii2 as gpio, it's used for ethernet with rgmii2 function.
Enable ICPlus PHY driver for IP1001 which GB-PC2 has got.
Update interface name and change netdev function.
Enable lzma compression to make up for the increased size of the kernel.
Make spi flash bindings on par with mainline Linux to fix read errors.

Tested on GB-PC2 by Petr.

Tested-by: Petr Louda <petr.louda@outlook.cz>
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
2022-08-20 22:56:12 +02:00
Joerg Werner
9fbb76c047 hostapd: fix WPA3 enterprise keys and ciphers
WPA3 enterprise requires group_mgmt_cipher=BIP-GMAC-256 and if 802.11r is
active also wpa_key_mgmt FT-EAP-SHA384. This commit also requires
corresponding changes in netifd.

Signed-off-by: Joerg Werner <schreibubi@gmail.com>
2022-08-20 22:56:12 +02:00
Hauke Mehrtens
8008816a2c netifd: update to git HEAD
87fbefd interface: support "zone" config option
bfa039c netifd: fix WPA3 enterprise ciphers

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-08-20 22:56:12 +02:00
Hauke Mehrtens
cc6a323e23 iwinfo: update to latest HEAD
0dad3e6 Add support for CCMP-256 and GCMP-256 ciphers

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-08-20 22:56:12 +02:00
Thibaut VARÈNE
832e7b8172 build: always set CONFIG_IPV6
Disabling this build tunable breaks build and seems unrealistically
likely to be fixed.

This patch sets the related CONFIG to always true and removes the
config prompt, keeping the change minimal, and, should !CONFIG_IPV6 ever
be fixed, easy to revert.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Paul Spooren <mail@aparcar.org>
Acked-by: Josef.Schlehofer <pepe.schlehofer@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2022-08-20 21:41:03 +03:00
Sultan Alsawaf
f338f76a66 mac80211: parse the correct set of HE capabilities for AP mode
It is common for 802.11ax NICs to support more than just AP mode, which
results in there being a distinct set of HE capabilities for each mode. As
(bad) luck would have it, iw prints out info for each HE mode in sequential
order according to `enum nl80211_iftype`, and AP mode isn't always first.

As a result, the wrong set of HE capabilities can be parsed if an AP NIC
supports station (managed) mode or any other mode preceding AP mode, since
only the first set of HE capabilities printed by iw is parsed from awk's
output.

This has a noticeable impact on beamforming for example, since managed mode
usually doesn't have beamformer capabilities enabled, while AP mode does.
Hostapd won't be set up with the configs to enable beamformer capabilities
in this scenario, causing hostapd to disable beamforming to HE stations
even when it's supported by the AP.

Always parse the correct set of HE capabilities for AP mode to fix this.
This is achieved by trimming all of iw's output prior to the AP mode
capabilities, which ensures that the first set of HE capabilities are
always for AP mode.

Signed-off-by: Sultan Alsawaf <sultan@kerneltoast.com>
2022-08-20 12:33:50 +02:00
Markus Stockhausen
396e190f0b realtek: more generic platform initialization
Platform startup still "guesses" the CPU clock speed by DT fixed values.
If possible take clock rates from a to be developed driver and align to
MIPS generic platfom initialization code. Pack old behaviour into a
fallback function. We might get rid of that some day.

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
2022-08-20 11:49:30 +02:00
Daniel Groth
8c04a5c456 realtek: d-link: add support for dgs-1210-10mp
General hardware info:
-------------------------------------------------------------------------------

D-Link DGS-1210-10MP is a switch with 8 ethernet ports and 2 SFP ports, all
ports Gbit capable. It is based on a RTL8380 SoC @ 500MHz, DRAM 128MB and
32MB flash. All ethernet ports are 802.3af/at PoE capable
with a total PoE power budget of 130W.

File info:
-------------------------------------------------------------------------------
The dgs-1210-10mp is very similar to dgs-1210-10p so I used that as a start.

rtl838x.mk:
 - Removed lua-rs232 package since it was a leftover from the old rtl83xx-poe
   package.
 - Updated the soc to 8380.
 - Specified device variant: F.
 - Installed the new realtek-poe package.

rtl8380_d-link_dgs-1210-10mp.dts:
 - Moved dgs-1210 family common parts and non PoE related ports on rtl8231
   to the new device tree dtsi files.

Serial connection:
-------------------------------------------------------------------------------
The UART for the SoC (115200 8N1) is available close to the front panel next
to the LED/key card connector via unpopulated standard 0.1" pin header
marked j4. Pin1 is marked with arrow and square.

Pin 1: Vcc 3,3V
Pin 2: Tx
Pin 3: Rx
Pin 4: Gnd

Installation with TFTP from u-boot
-------------------------------------------------------------------------------
I originally used the install procedure:
'OpenWrt installation using the TFTP method and serial console access' found
in the device wiki for the dgs-1210-16.
< https://openwrt.org/toh/d-link/dgs-1210-16_g1#openwrt_installation_using
_the_tftp_method_and_serial_console_access >

About the realtek-poe package
-------------------------------------------------------------------------------
The realtek-poe package is installed but there isn't any automatic PoE config
setting at this time so for now the PoE config must be edited manually.

Original OEM hardware/firmware data at first installation
-------------------------------------------------------------------------------
It has been installed, developed, and tested on a device with these OEM
hardware and firmware versions.

- U-boot: 2011.12.(2.1.5.67086)-Candidate1 (Jun 22 2020 - 15:03:58)
- Boot version: 1.01.001
- Firmware version: 6.20.007
- Hardware version: F1

Things to be done when support are developed
-------------------------------------------------------------------------------
 - realtek-poe has been included in OpenWrt but the automatic config handling
   has not been solved yet so in the future there will probably be some minor
   updates for this device to handle the poe config.
 - LED link_act and poe are per function supposed to be connected to the PoE
   system.
   But some software development is also needed to make this LED work and
   shift the LED array between act and poe indication and to shift the mode
   lights with mode key.
 - LED poe_max should probably be used as straight forward error output from
   the realtek-poe package error handling. But no code has been written for
   this.
 - SFP is currently not hot pluggable. Development is under progress to get
   working I2C communication with SFP and have them hot pluggable.
   When any device in the dgs-1210 family gets this working, I expect it
   should be possible to implement the same solution in this device.

Signed-off-by: Daniel Groth <flygarn12@gmail.com>
[Capitalisation of abbreviations, DEVICE_VARIANT and update filenames,
device compatibles on single line]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-08-20 09:02:44 +02:00
Daniel Groth
51ec9b3864 realtek: d-link: dgs-1210 remake of the device tree
I have collected the known information from the dts files we have.
After that I made a new device tree that should work for this whole D-Link
switch family.
This device tree is based on modules where you first select which SoC group
the device belongs to. Then you include the GPIO dtsi file depending on what
hardware your device has, see examples below.
This tree is also expandable for more hardware,
see the part 'Future expansion possibilities' further down.

-------------------------------------------------------------------------------
The device tree now looks like this:
                            ----------------
                            | rtl838x.dtsi |    // Note 1.
                            ----------------
                                    |
                                    |
                    ---------------------------------------
                    | rtl838x_d-link_dgs-1210_common.dtsi | // Note 2.
                    ---------------------------------------
                                |
                                |       --------------
                                |-------| device.dts |      // Note 3.
                                |       --------------
                                |
                -------------------------------------
                | rtl83xx_d-link_dgs-1210_gpio.dtsi |       // Note 4.
                -------------------------------------
                                |
                                |       --------------
                                |-------| device.dts |      // Note 5.
                                        --------------

Note 1; Included in rtl838x_d-link_dgs-1210_common.dtsi.

Note 2; SoC level information and memory mapping. Choose which one to include
		in the device dts.

Note 3; At this point dgs-1210-16 will come out here.

Note 4; In this dtsi only common board hardware based on the rtl8231 is found.
	No PoE based hardware in this dtsi.
	In this dtsi there is no <#include> to above *_common.dtsi.

Note 5; Device dts with only rtl8231 based hardware without PoE will come out
		here.

-------------------------------------------------------------------------------
How to set up in dts file:

The device dts will have one of these two <#include> alternatives.

This alternative includes only common features:
<#include "rtl838x_d-link_dgs-1210_common.dtsi">

This alternative includes common and the rtl8231 GPIO (no PoE) features:

<#include "rtl838x_d-link_dgs-1210_common.dtsi">
<#include "rtl83xx_d-link_dgs-1210_gpio.dtsi">

-------------------------------------------------------------------------------
Implementation:

Finally, I also implemented this new family device tree on the current
supported devices:
dgs-1210-10p
dgs-1210-16
dgs-1210-20
dgs-1210-28

The implementation for the dgs-1210-10p is different. I have removed the
information from the rtl8382_d-link_dgs-1210-10p.dts that is already present
in rtl838x_d-link_dgs-1210_common.dtsi.
Since the rest isn't officially probed in the device dts I do not want to
include the rtl83xx_d-link_dgs-1210_gpio.dtsi with dgs-1210-10p.dts.

Since I don't have these devices to test on I have built the original firmware
for each one of these devices before this change and saved the dtb file and
then compared the original dtb file with the dtb file built with this new
device tree.

-------------------------------------------------------------------------------
Future expansion possibilities:

In parallel with the rtl838x_d-link_dgs-1210_common.dtsi in the tree map
we can make a rtl839x_d-link_dgs-1210_common.dtsi to use the rtl839x.dtsi if
the need arises with more devices based on rtl839x soc.

When we have more PoE devices so the hardware map for these gets more clear
we can make a rtl83xx_d-link_dgs-1210_poe.dtsi below
the rtl83xx_d-link_dgs-1210_gpio.dtsi in the tree map.

I looked at the port and switch setup to see if it could be moved to the dtsi.
I decided not to touch this part now. The reason was that there isn't really
any meaningful way this could be shared between the devices.
The only thing in common over the family is the 8+2sfp ports on the
dgs-1210-10xx device.
And then there is the hot plug SFP and I2C ports that aren’t implemented
on any device. So maybe when we see the whole port map for the family
then maybe the ports can be moved to a *_common.dtsi but I don't think it is
the right moment for that now.

Signed-off-by: Daniel Groth <flygarn12@gmail.com>
[Capitalisation of abbreviations and 'D-Link']
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-08-20 09:02:44 +02:00
Nick French
764600648f
uencrypt: support all available ciphers
Modify uencrypt to support any cipher provided by ssl library.

Original tool supported only AES-128-CBC to decrypt the config
mtd of Arcadyan WG430223/WG443223.

TP-Link Deco S4 has mtd configuration encrypted with DES-ECB,
so make the cipher generic to support both routers.

Signed-off-by: Nick French <nickfrench@gmail.com>
Reviewed-by: Eneas U de Queiroz >cotequeiroz@gmail.com>
2022-08-19 22:20:00 +02:00
Mikhail Zhilkin
a6b0d08060
ramips: get MAC addr from the encrypted partition (WG4хх223)
This commit resolves #10062. Adds decryption of the Arcadyan WG4xx223
configuration partition (board_data)to get base MAC address from it.
As a result, after this change the hack with saving MAC addressees to
u-boot-env before installation of OpenWrt is no longer necessary.

This is necessary for the following devices:
- Beeline Smartbox Flash (Arcadyan WG443223)
- MTS WG430223 (Arcadyan WG430223)

Example:
+----------------+-------------------+------------------------+
|                |    MTS WG430223   | Beeline Smartbox Flash |
+----------------+-------------------+------------------------+
| base mac (mtd) | A4:xx:xx:51:xx:F4 | 30:xx:xx:51:xx:06      |
| label          | A4:xx:xx:51:xx:F4 | 30:xx:xx:51:xx:09      |
| LAN            | A4:xx:xx:51:xx:F6 | 30:xx:xx:51:xx:09      |
| WAN            | A4:xx:xx:51:xx:F4 | 30:xx:xx:51:xx:06      |
| WLAN_2g        | A4:xx:xx:51:xx:F5 | 30:xx:xx:51:xx:07      |
| WLAN_5g        | A6:xx:xx:21:xx:F5 | 32:xx:xx:41:xx:07      |
+----------------+-------------------+------------------------+

Collected statistic shows that the 2-4th bits of the 7th byte of the
WLAN_5g MAC are the constant (see #10062 for more details):
- Beeline Smartbox Flash - 100
- MTS WG430223 - 010

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
2022-08-19 14:41:18 +02:00
Mikhail Zhilkin
12c971bc26
base-files: add mtd_get_mac_encrypted_arcadyan function
Some Arcadyan devices (e.g. MTS WG430223) keep their config in encrypted
mtd. This adds mtd_get_mac_encrypted_arcadyan() function to get the MAC
address from the encrypted partition. Function uses uencrypt utility for
decryption (and openssl if the uencrypt wasn't found).

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
2022-08-19 14:41:14 +02:00
David Bauer
9c8605dee2 ramips: fix ZyXEL NWA55AXE model name
The model name was missing a letter.

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-08-18 18:02:51 +02:00
Hauke Mehrtens
60738feded iproute2: Fix KERNEL_INCLUDE in SDK
In the SDK the folder $(LINUX_DIR)/user_headers/include does not exist,
but it more or less contains the same content as
$(LINUX_DIR)/include/uapi which also exists in the SDK.

Since iproute2 commit 1d819dcc741e ("configure: fix parsing issue on
include_dir option") it checks if this folder exists and aborts the
build if it does not exists.
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=1d819dcc741e25958190e31f8186c940713fa0a8

With this commit the KERNEL_INCLUDE variable points to a valid folder
with the kernel include headers. I am not sure if they are actually
needed because the build worked before even with an invalid path.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-08-18 00:07:32 +02:00
Rafał Miłecki
fb47b9fa1a bcm4908: enable NVMEM U-Boot env data driver
It's needed for devices with U-Boot bootloader.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-08-17 22:46:19 +02:00
Rafał Miłecki
d79048e9e5 kernel: add CONFIG_NVMEM_U_BOOT_ENV symbol to configs
This fixes:
  U-Boot environment variables support (NVMEM_U_BOOT_ENV) [N/m/y/?] (NEW)

Fixes: 34cf310435 ("kernel: backport U-Boot environment data NVMEM driver")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-08-17 22:46:19 +02:00