Commit Graph

20396 Commits

Author SHA1 Message Date
Tony Ambardar
3886ea9b87 kselftests-bpf: add kernel BPF tests
Build and package kernel self-tests used for BPF testing, program and JIT
development. This package, together with the existing 'kmod-bpf-test', was
extensively used for past upstream Linux JIT submissions [1].

Currently this includes only 'test_verifier'; building 'test_progs' will
fail due to known endian limitations with bpftool skeletons.

[1]:https://lore.kernel.org/bpf/cover.1633392335.git.Tony.Ambardar@gmail.com

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2023-06-02 20:59:05 +02:00
Tony Ambardar
b3aaede2a7 base-files: enable BPF JIT kallsyms by default
Set net.core.bpf_jit_kallsyms=1 in /etc/sysctl.d/10-default.conf.

For privileged users, this exports addresses of JIT-compiled programs to
appear in /proc/kallsyms when present, allowing their use for debugging
and in traces.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2023-06-02 20:53:49 +02:00
Mathew McBride
3a7c8fd15e
kernel: kmod-amazon-ena: move to top level netdevices
The Amazon ENA network devices are also used on the
AWS Arm (Graviton) instance types, so move it from
the x86-only module file to the top level netdevices.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
2023-06-02 11:36:39 +02:00
Mathew McBride
2dbeb60725
kernel: add mdio-bus-mux support
The MDIO bus multiplexing framework is used by some drivers
such as dwmac-sun8i.

As this is a per-driver requirement, set it to be hidden in the menu.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
2023-06-02 11:36:31 +02:00
Mathew McBride
8f29b1573d
grub2: enable EFI for armvirt
This adds a separate package for EFI on Arm SystemReady
compatible machines. 32-bit Arm UEFI is supported as well.

It is very similar to x86-64 EFI setup, without the
need for BIOS backward compatibility and slightly
different default modules.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
2023-06-02 11:36:12 +02:00
Tianling Shen
6f607ba043 firmware-utils: add missing build dependencies
Fixes the following build error:

```
CMake Error at CMakeLists.txt:9 (MESSAGE):
  Unable to find zlib library.
CMake Error at CMakeLists.txt:13 (MESSAGE):
  Unable to find OpenSSL librry.
```

Fixes: 24d6abe2d7 ("firmware-utils: new package replacing otrx")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-06-01 23:54:20 +02:00
Linus Walleij
33abdc07fb kernel: Package the new FOTG210 module properly
When using the Gemini, we apply patches that create a single
module that support both host and device mode these days.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
(move module to gemini target, keep both 6.1+2-ish + 5.15 module
CONFIG and files around until 5.15 is dropped)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2023-06-01 23:54:20 +02:00
Linhui Liu
4c5a9da869 selinux-policy: update to 1.2.5
30d503a uci jsonfilter: pipe and leak
e13cb64 rpcd leds
144781f jsonfilter, luci, ubus
1210762 rpcd and all agents get fd's leaked
ab9227c rpcd
2f99e0e luci rpcd
b43aaf3 rpcd (enable/disable services) luci peeraddr
f20f03e rpcd
7bc74f6 rpcd reads all subj state and luci-bwc leaks
9634b17 adds inotify perms to anon_inode
3d3c17c adds bare anon_inode (linux 5.15)
7104b20 dnsmasq and luci
0de2c66 luci,rpcd, ucode, wpad
14f5cf9 luci and ucode
e3ce84c rpcd, ucode and cgiio loose ends
96a2401 misc updates
9fe0490 initscript: remove redundant rules
71bd77e allow all init scripts to log to logd
f697331 sandbox: make ttydev handling more robust
a471877 simplify pty tty console access
f738984 sandbox: also remove TIOSCTI from all ttydevs

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2023-05-31 22:00:48 +02:00
Tianling Shen
37fed89166 uboot-rockchip: add Orange Pi R1 Plus LTS support
Add support for the Xunlong Orange Pi R1 Plus LTS.
Manually generated of-platdata files to avoid swig dependency.

Tested-by: Volkan Yetik <no3iverson@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-05-31 21:41:46 +02:00
Tianling Shen
043f8a4f5e uboot-rockchip: add Orange Pi R1 Plus support
Add support for the Xunlong Orange Pi R1 Plus.
Manually generated of-platdata files to avoid swig dependency.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-05-31 21:41:46 +02:00
Hauke Mehrtens
0f6b8e6516 kernel: Make kmod-usb-net-smsc95xx depend on kmod-net-selftests
The smsc95xx driver got selftest support with kernel 5.18, add the new
dependency fixing the all kernel modules build on MIPS malta with kernel
6.1.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-05-31 21:29:36 +02:00
Hauke Mehrtens
3c55d8698a kernel: Make kmod-phylink depend on kmod-libphy
The CONFIG_PHYLINK Kconfig option in the kernel selects CONFIG_LIBPHY.
Add this dependency to fix the all kernel modules build on MIPS malta
and armvirt with kernel 6.1.

With kernel 5.15 mod-phylink and kmod-sfp are empty packages because
no OpenWrt kmod is selecting a module which needs sfp or phylink
support.

Fixes: #12758
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-05-31 21:28:37 +02:00
Petr Štetiar
d2ecaaca34
netifd: update to version 2023-05-31
Contains following changes:

 * bridge: bridge_dump_info: add dumping of bridge attributes
 * bridge: make it more clear why the config was applied
 * cmake: fix build by reordering the cflags definitions
 * treewide: fix multiple compiler warnings

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-05-31 19:13:38 +02:00
Rafał Miłecki
1d9d0ca376 firmware-utils: package oseama
It's required by bcm53xx. This allows dropping separated oseama package
and avoids some code duplication.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2023-05-29 12:22:38 +02:00
Rafał Miłecki
24d6abe2d7 firmware-utils: new package replacing otrx
Some of firmware utils may be required on target devices. It's useful
e.g. for dealing with some firmware formats. That is often required
(supporting specific format) to provide an option to revert to original
firmware.

So far we had packaged "otrx" util only for use on Broadcom targets.
Refactor that to package the whole firmware-utils project so we can
package any single util needed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2023-05-29 12:22:38 +02:00
Pawel Dembicki
0822040671 package: layerscape: change loadaddr address
At this moment loadaddr in most layerscape boards are configured to
0x81000000. 5.15 kernel on some boards is bigger than 5.10 and it cause error:

Loading kernel from FIT Image at 81000000 ...

Using 'config-1' configuration
Trying 'kernel-1' kernel subimage
Description: ARM64 OpenWrt Linux-5.15.112
Created: 2023-05-21 17:39:35 UTC
Type: Kernel Image
Compression: gzip compressed
Data Start: 0x810000ec
Data Size: 7513944 Bytes = 7.2 MiB
Architecture: AArch64
OS: Linux
Load Address: 0x80000000
Entry Point: 0x80000000
Hash algo: crc32
Hash value: 6fd69550
Hash algo: sha1
Hash value: ee34c753ffb615e199a428762824ad4a0aaef90a
Verifying Hash Integrity ... crc32+ sha1+ OK
Loading fdt from FIT Image at 81000000 ...

Using 'config-1' configuration
Trying 'fdt-1' fdt subimage
Description: ARM64 OpenWrt fsl_ls1088a-rdb-sdboot device tree blob
Created: 2023-05-21 17:39:35 UTC
Type: Flat Device Tree
Compression: uncompressed
Data Start: 0x8172a98c
Data Size: 19794 Bytes = 19.3 KiB
Architecture: AArch64
Hash algo: crc32
Hash value: 59792ba3
Hash algo: sha1
Hash value: 135585a49f86cd85acea559b78b0098ae99d5e12
Verifying Hash Integrity ... crc32+ sha1+ OK
Booting using the fdt blob at 0x8172a98c
Uncompressing Kernel Image
ERROR: new format image overwritten - must RESET the board to recover
resetting ...

This patch changes loadaddr to 0x88000000 (like LS1012A-FRDM board) to
avoid overlapping for bigger images (like initramfs) too.

Tested-by: Alexandra Alth <alexandra@alth.de> [LS1088ARDB]
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2023-05-28 20:22:23 +02:00
Michał Kwiatek
a7e9445975 netfilter: add kmod-nft-dup-inet
Add kmod-nft-dup-inet package to allow packet duplication in ip/ip6/inet nftables family

Signed-off-by: Michał Kwiatek <michal@kwiatek.it>
2023-05-28 20:22:23 +02:00
Petr Štetiar
12494f5b8a
pcre2: fix host compilation of libselinux by enabling PIC
libselinux-3.5 fails to compile in Fedora 38 container due to the
following:

 cc -O2 -I/openwrt/staging_dir/host/include -I/openwrt/staging_dir/hostpkg/include -I/openwrt/staging_dir/target-x86_64_musl/host/include -I../include -D_GNU_SOURCE -DNO_ANDROID_BACKEND -DUSE_PCRE2 -DPCRE2_CODE_UNIT_WIDTH=8 -I/openwrt/staging_dir/hostpkg/include -L/openwrt/staging_dir/host/lib -L/openwrt/staging_dir/hostpkg/lib -L/openwrt/staging_dir/target-x86_64_musl/host/lib -Wl,-rpath=/openwrt/staging_dir/hostpkg/lib -shared -o libselinux.so.1 avc.lo avc_internal.lo avc_sidtab.lo booleans.lo callbacks.lo canonicalize_context.lo checkAccess.lo check_context.lo checkreqprot.lo compute_av.lo compute_create.lo compute_member.lo compute_relabel.lo compute_user.lo context.lo deny_unknown.lo disable.lo enabled.lo fgetfilecon.lo freecon.lo freeconary.lo fsetfilecon.lo get_context_list.lo get_default_type.lo get_initial_context.lo getenforce.lo getfilecon.lo getpeercon.lo init.lo is_customizable_type.lo label.lo label_db.lo label_file.lo label_media.lo label_support.lo label_x.lo lgetfilecon.lo load_policy.lo lsetfilecon.lo mapping.lo matchmediacon.lo matchpathcon.lo policyvers.lo procattr.lo query_user_context.lo regex.lo reject_unknown.lo selinux_check_securetty_context.lo selinux_config.lo selinux_internal.lo selinux_restorecon.lo sestatus.lo setenforce.lo setexecfilecon.lo setfilecon.lo setrans_client.lo seusers.lo sha1.lo stringrep.lo validatetrans.lo -L/openwrt/staging_dir/hostpkg/lib -lpcre2-8 -lfts -ldl -Wl,-soname,libselinux.so.1,--version-script=libselinux.map,-z,defs,-z,relro
 /usr/bin/ld: /openwrt/staging_dir/hostpkg/lib/libpcre2-8.a(pcre2_compile.c.o): relocation R_X86_64_32S against symbol `_pcre2_ucd_stage1_8' can not be used when making a shared object; recompile with -fPIC
 /usr/bin/ld: failed to set dynamic section sizes: bad value

So lets fix it by enabling build of host static library with the
position independent code option enabled.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-05-28 08:58:07 +02:00
Robert Marko
87b03d9961
kernel: qca-nss-dp: add kernel 6.1 support
Add the required changes for kernel 6.1 support.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-05-28 08:57:08 +02:00
Robert Marko
8cae215d4d
kernel: qca-ssdk: add kernel 6.1 support
Add kernel 6.1 support to SSDK, it was just a case of adding the kernel
version identification and fixing up get_random_u32.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-05-28 08:57:08 +02:00
Robert Marko
e6d10b85ef
ath10k-ct: drop spectral fix for 5.10
This was needed when we had 5.10 kernel as well, but now that all
targets are running 5.15 or 6.1 we can safely drop it.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-05-28 08:56:42 +02:00
Robert Marko
e537ebbc23
ath10k-ct: use 6.2 version
ath10k-ct now offers 6.2 and 6.4 versions, so lets update to use 6.2
so we can get rid of the API update patch as well as NVMEM as that is
already present in the newer driver.
Ben merged the debug compilation patch so we can remove that one as well.

Update patches to point to 6.2 version and refresh them.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-05-28 08:56:39 +02:00
Zoltan HERPAI
91406797f9 uboot-sifiveu: add bootloader package for SiFive Ux40 boards
Add new package for building bootloader for the SiFive U-series boards. Supported
boards at this stage are the HiFive Unleashed and HiFive Unmatched.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2023-05-28 13:19:11 +02:00
Zoltan HERPAI
a0840ecd53 openssl: add linux-riscv64 into the targets list
Add "linux-riscv64-openwrt" into openssl configurations to enable building
on riscv64.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2023-05-28 13:19:11 +02:00
Zoltan HERPAI
944b13b3ee opensbi: add package for RISC-V
OpenSBI is a form of a first-stage bootloader, which initializes
certain parts of an SoC and then passes on control to the second
stage bootloader i.e. an u-boot image.

We're introducing the package with release v1.2, which provides
SBI v0.3 and the SBI SRST extensions which helps to gracefully
reboot/shutdown various HiFive-U SoCs.

Tested on SiFive Unleashed and Unmatched boards.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2023-05-28 13:19:11 +02:00
Tony Ambardar
ecc5324094 kernel: kmod-rxrpc: add missing dependencies
From commit dc0e6056de ("rxrpc: Fix missing dependency on NET_UDP_TUNNEL")
upstream, kmod-rxrpc uses functions enabled by CONFIG_NET_UDP_TUNNEL.

Add package dependencies on kmod-udptunnel4 and kmod-udptunnel6 to avoid
build errors like:

  Package kmod-rxrpc is missing dependencies for the following libraries:
    ip6_udp_tunnel.ko
    udp_tunnel.ko

This change applies to both kernels 5.15 and 6.1.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2023-05-28 07:45:50 +02:00
Tianling Shen
7c83b6ac86 ca-certificates: Update to version 20230311
Update the ca-certificates and ca-bundle package from version 20211016 to
version 20230311.

Use TAR_OPTIONS instead of hacking Build/Prepare, refresh patches.

Debian change-log entry [1]:
|[...]
|[ Đoàn Trần Công Danh ]
|* ca-certificates: compat with non-GNU mktemp (closes: #1000847)
|
|[ Ilya Lipnitskiy ]
|* certdata2pem.py: use UTC time when checking cert validity
|
|[ Julien Cristau ]
|* Update Mozilla certificate authority bundle to version 2.60
|   The following certificate authorities were added (+):
|   + "Autoridad de Certificacion Firmaprofesional CIF A62634068"
|   + "Certainly Root E1"
|   + "Certainly Root R1"
|   + "D-TRUST BR Root CA 1 2020"
|   + "D-TRUST EV Root CA 1 2020"
|   + "DigiCert TLS ECC P384 Root G5"
|   + "DigiCert TLS RSA4096 Root G5"
|   + "E-Tugra Global Root CA ECC v3"
|   + "E-Tugra Global Root CA RSA v3"
|   + "HARICA TLS ECC Root CA 2021"
|   + "HARICA TLS RSA Root CA 2021"
|   + "HiPKI Root CA - G1"
|   + "ISRG Root X2"
|   + "Security Communication ECC RootCA1"
|   + "Security Communication RootCA3"
|   + "Telia Root CA v2"
|   + "TunTrust Root CA"
|   + "vTrus ECC Root CA"
|   + "vTrus Root CA"
|  The following certificate authorities were removed (-):
|  - "Cybertrust Global Root" (expired)
|  - "EC-ACC"
|  - "GlobalSign Root CA - R2" (expired)
|  - "Hellenic Academic and Research Institutions RootCA 2011"
|  - "Network Solutions Certificate Authority"
|  - "Staat der Nederlanden EV Root CA" (expired)
|* Drop trailing space from debconf template causing misformatting
|  (closes: #980821)
|
|[ Wataru Ashihara ]
|* Make certdata2pem.py compatible with cryptography >= 35 (closes: #1008244)
|[...]

[1]: https://metadata.ftp-master.debian.org/changelogs/main/c/ca-certificates/ca-certificates_20230311_changelog

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-05-27 22:51:18 +02:00
Chukun Pan
c51eb17730 uboot-mediatek: add Qihoo 360T7 support
The vendor uboot will verify firmware at boot.
So add a custom uboot build for this device.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2023-05-27 11:17:08 +01:00
Chukun Pan
602cb4f325 arm-trusted-firmware-mediatek: add build for MT7981 DDR3
Add new build option BOARD_QFN/BOARD_BGA.
This option is only useful for MT7981 device.
MT7981A/B: BOARD_BGA, MT7981C: BOARD_QFN.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2023-05-27 11:01:45 +01:00
Alexander Couzens
3eb354f999 mediatek: mt7981: add reserved memory to support pstore
Add reserved memory for pstore/ramoops to device tree used by Linux
as well as U-Boot.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-27 11:01:36 +01:00
Felix Fietkau
9713d62c01 mac80211: remove legacy unused lib80211 support patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-05-26 13:38:34 +02:00
Felix Fietkau
67e8cc07f9 hostapd: remove unused legacy wireless extension support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-05-26 13:33:45 +02:00
Antti Nykänen
86e7614e0d ipq-wifi: bump to latest git HEAD
0f73d32 ipq8074: update RegDB in new submitted BDF
a4cd21f ipq8074: add Compex WPQ873 BDF
c888dd0 qca-wireless: ipq40xx: Add BDFs for Eero Cento
6388ba9 ipq8074: update regdb for Netgear SXK80 BDF
77775d2 ipq8074: add Netgear SXK80

Signed-off-by: Antti Nykänen <antti.nykanen@nokia.com>
2023-05-26 13:05:02 +03:00
Antti Nykänen
07c45c0859 ipq807x: add support for Compex WPQ873
The Compex WPQ873 is a development board with two M.2 B-key
 slots for cellular modems.

Device info:
 - IPQ8072A SoC
 - 512MiB RAM
 - 256MiB NAND flash
 - 8MiB SPI NOR
 - 3x 1GigE ports
 - 1x 2.5GigE port
 - 2.4GHz/5GHz AX WLAN
 - 1x USB 3.0 port
 - 1x M.2 B-key socket with PCIe 3.0
 - 1x M.2 B-key socket with PCIe 2.0 and USB 3.0
 - 4x SIM card slots
 - Bluetooth LE 5.0 (QCA4024)

Prerequisites
1) TFTP server
2) 3.3V USB to TTL cable for UART console
   2.54mm pitch 4-pin header for UART is readily provided on board, no modifications are necessary to access it
   TTL connector pinout: 2=TX, 3=RX, 4=GND
   Arrow marks pin 1 which is 3.3V
   Serial port settings: 115200 8N1 no flow control

The device will most likely ship with a QSDK-based firmware.

1. Power on device and interrupt u-boot to obtain u-boot CLI

2. set serverip to IP address of the TFTP server, for example:

        `setenv serverip 192.168.1.10`

3. Download image from TFTP server:

        `tftpboot 0x44000000 openwrt-ipq807x-generic-compex_wpq873-squashfs-factory.ubi`

4. Flash ubi image to both partitions and reset:

        `sf probe
         imxtract 0x44000000 ubi
         nand device 0
         nand erase 0x0 0x3400000
         nand erase 0x3c00000 0x3400000
         nand write $fileaddr 0x0 $filesize
         nand write $fileaddr 0x3c00000 $filesize
         reset`

Afterwards, you can use sysupgrade to flash new OpenWRT images.

Signed-off-by: Antti Nykänen <antti.nykanen@nokia.com>
2023-05-26 13:05:02 +03:00
Tony Ambardar
afe1bf11f2 bpftools: update, split off bpftool and libbpf packages
My original bpftools package made "variant" builds of bpftool and libbpf
as a convenience, since both used the same local kernel sources with the
same versioning. This is no longer the case, since the commit below
switched to using an out-of-tree build mirror hosting repos for each.

Replace bpftools with separate bpftool and libbpf packages, each simplified
and correctly versioned. Also fix the broken libbpf ABI introduced in the
same commit. Existing build .config files are not impacted.

Fixes: 00cbf6f6ab ("bpftools: update to standalone bpftools + libbpf, use the latest version")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2023-05-24 21:17:20 +02:00
Tomasz Maciej Nowak
e81298463e
ubnt-ledbar: depend on mediatek and ramips subtargets
It's only used on devices in mt7621 and mt7622 subtargets, so no reason
to compile it for others.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2023-05-24 00:56:54 +02:00
Tomasz Maciej Nowak
3d63bf4da7
ubnt-ledbar: add kernel 6.1 compat
As of ed5c2f5fd10d ("i2c: Make remove callback return void") return
value of remove function is ignored.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2023-05-24 00:56:35 +02:00
Robert Marko
957f1ee85e
kernel: qca-ssdk: backport support for building as kernel module
Currently, SSDK is rather special in the sense that its not being built as
a proper out of tree module at all but rather like a userspace application
and that involves a lot of make magic which unfortunately broke with make
version 4.4 and newer.

Luckily QCA finally added a way to build SSDK as an out of tree module
and it uses the kernel buildsystem which makes it compile with make 4.4
as well.
So lets backport the support for it and switch to using it.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-05-23 23:51:39 +02:00
Robert Marko
bc4ba54a09 mac80211: backport merged version of A-MSDU mesh patch
Kernel 6.1 now has fortify_memcpy_chk() and it is causing the following
warning while trying to compile backports:
  CC [M]  /home/robimarko/Building/AX3600/ipq807x-5.15/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/backports-6.1.24/net/wireless/util.o
In file included from ./include/linux/string.h:253,
                 from /home/robimarko/Building/AX3600/ipq807x-5.15/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/backports-6.1.24/backport-include/linux/string.h:3,
                 from ./include/linux/bitmap.h:11,
                 from ./include/linux/cpumask.h:12,
                 from ./include/linux/smp.h:13,
                 from ./arch/arm64/include/asm/arch_timer.h:18,
                 from ./arch/arm64/include/asm/timex.h:8,
                 from ./include/linux/timex.h:67,
                 from ./include/linux/time32.h:13,
                 from ./include/linux/time.h:60,
                 from /home/robimarko/Building/AX3600/ipq807x-5.15/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/backports-6.1.24/backport-include/linux/time.h:3,
                 from ./include/linux/skbuff.h:15,
                 from /home/robimarko/Building/AX3600/ipq807x-5.15/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/backports-6.1.24/backport-include/linux/skbuff.h:3,
                 from ./include/linux/if_ether.h:19,
                 from /home/robimarko/Building/AX3600/ipq807x-5.15/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/backports-6.1.24/backport-include/linux/if_ether.h:3,
                 from ./include/linux/etherdevice.h:20,
                 from /home/robimarko/Building/AX3600/ipq807x-5.15/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/backports-6.1.24/backport-include/linux/etherdevice.h:3,
                 from /home/robimarko/Building/AX3600/ipq807x-5.15/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/backports-6.1.24/net/wireless/util.c:12:
In function 'fortify_memcpy_chk',
    inlined from 'ieee80211_strip_8023_mesh_hdr' at /home/robimarko/Building/AX3600/ipq807x-5.15/build_dir/target-aarch64_cortex-a53_musl/linux-ipq807x_generic/backports-6.1.24/net/wireless/util.c:590:3:
./include/linux/fortify-string.h:404:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
  404 |                         __write_overflow_field(p_size_field, size);
      |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

This issue was fixed in the final version of
("wifi: mac80211: fix receiving A-MSDU frames on mesh interfaces") that was
merged upstream but we have a older version that is using:
memcpy(&payload.eth.h_dest, mesh_addr, 2 * ETH_ALEN);
instead of:
memcpy(&payload.eth, mesh_addr, 2 * ETH_ALEN);

So, lets just backport the merged version of patch to fix the issue.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-05-23 13:37:28 +02:00
Robert Marko
6dce5a7b58
kernel: modules: fs: adapt for kernel 6.1
Adapt filesystem kmods for building under kernel 6.1:
* Depend on kernel not being 5.10 rather than only 5.15
* kmod-fs-9p depends on kmod-fs-netfs from 5.17 as they started using
netfs helpers
* Set new KConfig options to N

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-05-22 22:28:20 +02:00
Robert Marko
4a02c5954f
kernel: modules: wwan: adapt for kernel 6.1
Update the WWAN kmods for compilation under kernel 6.1:
* Depend on kernel not being 5.10 rather than only 5.15
* Enable CONFIG_WWAN_DEBUGFS as its now optional from 5.17
* Add missing symbols for new WWAN drivers to generic config

Signed-off-by: Robert Marko <robimarko@gmail.com>
2023-05-22 22:28:20 +02:00
Christian Marangi
a511887644
kernel: modules: adapt for kernel 6.1
Adapt kernel modules to support kernel 6.1.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-05-22 22:28:20 +02:00
Nick Hainke
3b76f6eee4 busybox: update to 1.36.1
Release Notes:
http://lists.busybox.net/pipermail/busybox-cvs/2023-May/041510.html

Refresh commands, run after busybox is first built once (nothing changed
compared to 1.36.0):

  cd package/utils/busybox/config/
  ../convert_menuconfig.pl ../../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1
  cd ..
  ./convert_defaults.pl ../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1/.config > Config-defaults.in

Manual edits needed afterward:

* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
  BUSYBOX_DEFAULT_FEATURE_IPV6

* Config-defaults.in: OpenWrt config TARGET_bcm53xx logic applied to
  BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)

* Config-defaults.in: OpenWrt logic applied to
  BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)

* Config-defaults.in: correct the default ports that get reset
  BUSYBOX_DEFAULT_FEATURE_HTTPD_PORT_DEFAULT    80
  BUSYBOX_DEFAULT_FEATURE_TELNETD_PORT_DEFAULT  23

* config/editors/Config.in: Add USE_GLIBC dependency to
  BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)

* config/shell/Config.in: change at "Options common to all shells" the conditional symbol
  SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
  (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
  Apparently our script does not see the hidden option while
  prepending config options with "BUSYBOX_CONFIG_" which leads to a
  missed dependency when the options are later evaluated.)

* Edit a few Config.in files by adding quotes to sourced items in
  config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)

Tested-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-22 20:55:33 +02:00
Nick Hainke
c520d682f0 libxml2: update to 2.11.4
Release Notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.4

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-22 18:52:59 +02:00
Nick Hainke
78c45c1e59 libcap: update to 2.69
Release Notes:
https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.iuvg7sbjg8pe

Fixes: CVE-2023-2602 CVE-2023-2603
Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-22 18:51:31 +02:00
Nick Hainke
17fbbafdcb lldpd: update to 1.0.17
Release Notes:
https://github.com/lldpd/lldpd/releases/tag/1.0.17

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-22 18:48:36 +02:00
Pietro Ameruoso
1c05388ab0 mediatek: add support for Zyxel EX5601-T0 router
Zyxel EX5601-T0 specifics
--------------
The operator specific firmware running on the Zyxel branded
EX5601-T0 includes  U-Boot modifications affecting the OpenWrt
installation.

Partition Table
| dev  | size     | erasesize | name          |
| ---- | -------- | --------- | ------------- |
| mtd0 | 20000000 | 00040000  | "spi0.1"      |
| mtd1 | 00100000 | 00040000  | "BL2"         |
| mtd2 | 00080000 | 00040000  | "u-boot-env"  |
| mtd3 | 00200000 | 00040000  | "Factory"     |
| mtd4 | 001c0000 | 00040000  | "FIP"         |
| mtd5 | 00040000 | 00040000  | "zloader"     |
| mtd6 | 04000000 | 00040000  | "ubi"         |
| mtd7 | 04000000 | 00040000  | "ubi2"        |
| mtd8 | 15a80000 | 00040000  | "zyubi"       |

The router boots BL2 which than loads FIP (u-boot).
U-boot has hardcoded a command to always launch Zloader "mtd read zloader 0x46000000" and than "bootm". Bootargs are deactivated.
Zloader is the zyxel booloader which allow to dual-boot ubi or ubi2, by default access to zloader is blocked.
Too zloader checks that the firmware contains a particolar file called zyfwinfo.
Additional details regarding Zloader can be found here:
https://hack-gpon.github.io/zyxel/
https://forum.openwrt.org/t/adding-openwrt-support-for-zyxel-ex5601-t0/155914

Hardware
--------
SOC: MediaTek MT7986a
CPU: 4 core cortex-a53 (2000MHz)
RAM: 1GB DDR4
FLASH: 512MB SPI-NAND (Micron xxx)
WIFI: Wifi6 Mediatek MT7976 802.11ax 5 GHz 4x4 + 2.4GHZ 4x4
ETH: MediaTek MT7531 Switch + SoC
3 x builtin 1G phy (lan1, lan2, lan3)
1 x MaxLinear GPY211B 2.5 N-Base-T phy5 (lan4)
1 x MaxLinear GPY211B 2.5Gbit xor SFP/N-Base-T phy6 (wan)
USB: 1 x USB 3.2 Enhanced SuperSpeed port
UART: 3V3 115200 8N1 (Pinout: GND KEY RX TX VCC)
VOIP: 2 FXS ports for analog phones

MAC Address Table
-----------------
eth0/lan    Factory 0x002a
eth1/wan    Factory 0x0024
wifi 2.4Ghz Factory 0x0004
wifi 5Ghz   Factory 0x0004 + 1

Serial console (UART)
---------------------
+-------+-------+-------+-------+-------+
| +3.3V |  RX   |  TX   |  KEY  |  GND  |
+---+---+-------+-------+-------+-------+
    |
    +--- Don't connect

Installation
------------
Keep in mind that openwrt can only run on the UBI partition, the openwrt firmware is not able to understand the zloader bootargs.
The procedure allows restoring the UBI partition with the Zyxel firmware and retains all the OEM functionalities.

1. Unlock Zloader (this will allow to swap manually between partitions UBI and UBI2):
- Attach a usb-ttl adapter to your computer and boot the router.
- While the router is booting at some point you will read the following: `Please press Enter to activate this console.`
- As soon as you read that press enter, type root and than press enter again (just do it, don't care about the logs scrolling).
- Most likely the router is still printing the boot log, leave it boot until it stops.
- If everything went ok you should have full root access "root@EX5601-T0:/#".
- Type the following command and press enter: "fw_setenv EngDebugFlag 0x1".
- Reboot the router.
- As soon as you read `Hit any key to stop autoboot:` press Enter.
- If everything went ok you should have the following prompt: "ZHAL>".
- You have successfully unlocked zloader access, this procedure must be done only once.

2. Check the current active partition:
- Boot the router and repeat the steps above to gain root access.
- Type the following command to check the current active image: "cat /proc/cmdline".
- If `rootubi=ubi` it means that the active partition is `mtd6`
- If `rootubi=ubi2` it means that the active partition is `mtd7`
- As mentioned earlier we need to flash openwrt into ubi/mtd6 and never overwrite ubi2/mtd7 to be able to fully roll-back.
- To activate and boot from mtd7 (ubi2) enter into ZHAL> command prompt and type the following commands:
atbt 1  # unlock write
atsw    # swap boot partition
atsr    # reboot the router
- After rebooting check again with "cat /proc/cmdline" that you are correctly booting from mtd7/ubi2
- If yes proceed with the installation guide. If not probably you don't have a firmware into ubi2 or you did something wrong.

3. Flashing:
- Download the sysupgrade file for the router from openwrt, than we need to add the zyfwinfo file into the sysupgrade tar.
Zloader only checks for the magic (which is a fixed value 'EXYZ') and the crc of the file itself (256bytes).
I created a script to create a valid zyfwinfo file but you can use anything that does exactly the same:
https://raw.githubusercontent.com/pameruoso/OpenWRT-Zyxel-EX5601-T0/main/gen_zyfwinfo.sh
- Add the zyfwinfo file into the sysupgrade tar.
- Enter via telnet or ssh into the router with admin credentials
- Enter the following commands to disable the firmware and model checks
"zycli fwidcheck off" and "zycli modelcheck off"
- Open the router web interface and in the update firmware page select the "restore default settings option"
- Select the sysupgrade file and click on upload.
- The router will flash and reboot itself into openwrt from UBI

4. Restoring and going back to Zyxel firmware.
- Use the ZHAL> command line to manually swap the boot parition to UBI2 with the following:
atbt 1  # unlock write
atsw    # swap boot partition
atsr    # reboot the router
- You will boot again the Zyxel firmware you have into UBI2 and you can flash the zyxel firmware to overwrite the UBI partition and openwrt.

Working features
----------------
3 gbit lan ports
Wifi
Zyxel partitioning for coexistance with Zloader and dual boot.
WAN SFP port (only after exporting pins 57 and 10. gpiobase411)
leds
reset button
serial interface
usb port
lan ethernet 2.5 gbit port (autosense)
wan ethernet 2.5 gbit port (autosense)

Not working
----------------
voip (missing drivers or proper zyxel platform software)

Swapping the wan ethernet/sfp xor port
----------------
The way to swap the wan port between sfp and ethernet is the following:
export the pins 57 and 10.
Pin 57 is used to probe if an sfp is present.
If pin 57 value is 0 it means that an sfp is present into the cage (cat /sys/class/gpio/gpio468/value).
If pin 57 value is 1 it means that no sfp is inserted into the cage.
In conclusion by default both 57 an 10 pins are by default 1, which means that the active port is the ethernet one.
After inserting an SFP pin 57 will become 0 and you have to manually change the value of pin 10 to 0 too.
This is totally scriptable of course.

Leds description
------------
All the leds are working out of the box but the leds managed by the 2 maxlinear phy (phy 5 lan, phy6 wan).
To activate the phy5 led (rj45 ethernet port led on the back of the router) you have to use mdio-tools.
To activate the phy6 led (led on the front of the router for 2.5gbit link) you have to use mdio-tools.
Example:
Set lan5 led to fast blink on 2500/1000, slow blink on 10/100:
mdio mdio-bus mmd 5:30 raw 0x0001 0x33FC

Set wan 2.5gbit led to constant on when wan is 2.5gbit:
mdio mdio-bus mmd 6:30 raw 0x0001 0x0080

Signed-off-by: Pietro Ameruoso <p.ameruoso@live.it>
2023-05-22 17:58:59 +02:00
Shiji Yang
0ffbef9317 ath79: add support for D-Link DIR-859 A3
Specifications:
  SOC:      QCA9563 775 MHz + QCA9880
  Switch:   QCA8337N-AL3C
  RAM:      Winbond W9751G6KB-25 64 MiB
  Flash:    Winbond W25Q128FVSG 16 MiB
  WLAN:     Wi-Fi4 2.4 GHz 3*3 + 5 GHz 3*3
  LAN:      LAN ports *4
  WAN:      WAN port *1
  Buttons:  reset *1 + wps *1
  LEDs: ethernet *5, power, wlan, wps

MAC Address:
  use      address               source1          source2
  label    40:9b:xx:xx:xx:3c     lan && wlan      u-boot,env@ethaddr
  lan      40:9b:xx:xx:xx:3c     devdata@0x3f     $label
  wan      40:9b:xx:xx:xx:3f     devdata@0x8f     $label + 3
  wlan2g   40:9b:xx:xx:xx:3c     devdata@0x5b     $label
  wlan5g   40:9b:xx:xx:xx:3e     devdata@0x76     $label + 2

Install via Web UI:
  Apply factory image in the stock firmware's Web UI.

Install via Emergency Room Mode:
  DIR-859 A1 will enter recovery mode when the system fails to boot
  or press reset button for about 10 seconds.

  First, set computer IP to 192.168.0.5 and Gateway to 192.168.0.1.
  Then we can open http://192.168.0.1 in the web browser to upload
  OpenWrt factory image or stock firmware. Some modern browsers may
  need to turn on compatibility mode.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2023-05-22 14:45:03 +02:00
Shiji Yang
e5d8739aa8 ath79: improve support for D-Link DIR-8x9 A1 series
1. Remove unnecessary new lines in the dts.
2. Remove duplicate included file "gpio.h" in the device dts.
3. Add missing button labels "reset" and "wps".
4. Unify the format of the reg properties.
5. Add u-boot environment support.
6. Reduce spi clock frequency since the max value suggested by the
   chip datasheet is only 25 MHz.
7. Add seama header fixup for DIR-859 A1. Without this header fixup,
   u-boot checksum for kernel will fail after the first boot.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2023-05-22 14:45:03 +02:00
Christian Lamparter
959563fb81 uml: exclude some /arch/x86 optimizations
The x86_64 UML target wants to include SSSE3 optimized
crypto code which lives under /arch/x86/crypto.

However, these are not built and this causes an error.
| ERROR: module '[...]/arch/x86/crypto/sha512-ssse3.ko' is missing.
| make[3]: *** [modules/crypto.mk:990: [...]/kmod-crypto-sha512_5.15.112-1_x86_64.ipk] Error 1

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2023-05-22 14:45:03 +02:00