Major changes between OpenSSL 3.0.11 and OpenSSL 3.0.12 [24 Oct 2023]
* Mitigate incorrect resize handling for symmetric cipher keys and IVs. (CVE-2023-5363)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
c8c9f10 uim: fix help formatting
aac0776 uqmi: add APN profile commands
ffc5eea uim: support SIM card power-up/down
d6c963d uim: add application state to SIM status
Signed-off-by: David Bauer <mail@david-bauer.net>
The IXP4xx crypto module must be loaded after the rootfs is
up as it depends on loading some NPE microcode from the file
system.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
This resurrects the support for IXP4xx using device tree
rather than the old (deleted) board files. The final pieces
of IXP4xx board files were deleted in Linux v5.19.
Ext4 root filesystems on CF and USB are supported by the
default config.
We support these three initial targets:
- The Gateworks Avila GW2348 reference design has 64MB of RAM
and 32MB of flash and also supports USB and CompactFlash.
- The Gateworks Cambria GW2358 reference design has 128MB of
RAM and 32MB of flash and also supports USB and CompactFlash.
- The old and stable Linksys NSLU2 works fine as well, albeit
it only has 32MB of RAM so it has been marked as non-default.
The 8MB of flash can only fit the kernel, so it has been
patched to boot from exteral media on USB. I have used
it successfully as a NAS with ksmbd and LUCI web API, see:
https://dflund.se/~triad/krad/ixp4xx/
Signed-off-by: Howard Harte <hharte@magicandroidapps.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Tomasz Maciej Nowak <tmn505@gmail.com>
The firmware package for the IXP4xx microcode was deleted but
the source files are still in the file cache so we can easily
resurrect it.
The firmware either supports ethernet (the most common) or
WAN (less common), image targets select the firmware they
want depending on usecase.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
This is a backport of the patch to support the Altima AMI101L
PHY which is merged for the v6.7 kernel. This PHY is used in the
IXP4xx-based USRobotics USR8200.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
This is a backport of the patch for byte addressed IO to the
Epson RTC7301 driver. This is used by the IXP4xx-based
USRobotics USR8200.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Among other changes this commit makes Linux use correct switch ports
again.
Fixes: a4792d79e8 ("bcm53xx: backport DT changes from v6.5")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Sometimes it's useful to be able to prepend to a variable as
well, such as when dealing with domain names, e.g.
prepend fdqn "$subdomain" "."
will result in:
fqdn="$subdomain.$fqdn"
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
This backports patches
leds: turris-omnia: convert to use dev_groups
leds: turris-omnia: Use sysfs_emit() instead of sprintf()
leds: turris-omnia: Drop unnecessary mutex locking
leds: turris-omnia: Do not use SMBUS calls
leds: turris-omnia: Make set_brightness() more efficient
leds: turris-omnia: Support HW controlled mode via private trigger
leds: turris-omnia: Add support for enabling/disabling HW gamma correction
leds: turris-omnia: Fix brightness setting and trigger activating
into backport-5.15.
The above patches replace:
leds: turris-omnia: support HW controlled mode via private trigger
leds: turris-omnia: initialize multi-intensity to full
leds: turris-omnia: change max brightness from 255 to 1
from mvebu/patches-5.15.
Signed-off-by: Marek Behún <kabel@kernel.org>
This reverts commit 0c117e1f6c.
Activate the lantiq/xrx200 target again.
There are still some problems with the GSWIP, but it is not leaking
packets to the wrong bridge in normal operations.
It shows some error messages at configuration like these:
[ 54.308861] gswip 1e108000.switch: port 5 failed to add ce:9d:84:d1:81:f0 vid 1 to fdb: -22
[ 54.325633] gswip 1e108000.switch: port 5 failed to add e8🇩🇪27:95:c1:b4 vid 0 to fdb: -22
[ 54.351242] gswip 1e108000.switch: port 5 failed to add e8🇩🇪27:95:c1:b4 vid 1 to fdb: -22
[ 54.358311] gswip 1e108000.switch: port 5 failed to delete ce:9d:84:d1:81:f0 vid 1 from fdb: -2
The problems are described in this pull request:
https://github.com/openwrt/openwrt/pull/13200
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
With patch 101-03-spi-mtk_spim-get-spi-clk-rate-only-once.patch
a new system to calculate the SPI clocks has been added.
Unfortunately, the do_div macro overrides the global
priv->pll_clk_rate field. This will cause to have a reduced
clock rate on each subsequent SPI call.
Signed-off-by: Valerio 'ftp21' Mancini <ftp21@ftp21.eu>
Signed-off-by: Nicolò Veronese <nicveronese@gmail.com>
Some packages (like wavemon >= 0.9.4) depend on libnl-cli. Add support
for this part of the lib. libnl-cli itself depends on libnl-genl and
libnl-nf. On MIPS, this component adds 81kB.
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
(punctuation correction and reorganisation of commit message)
Signed-off-by: Nick Hainke <vincent@systemli.org>
1) clear nvram partialboots upon successful boot
This behavior is already defined for EA9500; enabled for EA9200 too.
2) fix MAC address in board.d/02_network
Use the correct nvram variable to derive lan/wan MAC address.
Signed-off-by: Rani Hod <rani.hod@gmail.com>
Set correct GPIO (10) for the WPS button. This matches GPIO settings in
vendor GPL sources. Note that GPL sources also mention a USB indicator
LED (GPIO 13) but the device has neither an external USB port nor a USB LED.
In addition, prefixes (button-, led-) are added to relevant DT entries,
as well as color and function specifications for LEDs.
Closes: #13736
Reported-by: Waldemar Czabaj <kaball@wp.pl>
Signed-off-by: Rani Hod <rani.hod@gmail.com>
(added led mitigations for wifi leds)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This backports patches
leds: turris-omnia: Use sysfs_emit() instead of sprintf()
leds: turris-omnia: Drop unnecessary mutex locking
leds: turris-omnia: Do not use SMBUS calls
leds: turris-omnia: Make set_brightness() more efficient
leds: turris-omnia: Support HW controlled mode via private trigger
leds: turris-omnia: Add support for enabling/disabling HW gamma correction
leds: turris-omnia: Fix brightness setting and trigger activating
into backport-6.1.
The above patches replace:
leds: turris-omnia: support HW controlled mode via private trigger
leds: turris-omnia: initialize multi-intensity to full
leds: turris-omnia: change max brightness from 255 to 1
from mvebu/patches-6.1.
Signed-off-by: Marek Mojík <marek.mojik@nic.cz>
When using an external toolchain, ldd is not linked into the rootfs.
This causes subsequent upgrades to fail with 'Failed to exec upgraded'.
This patch adds the symlink when using an external toolchain and musl.
Signed-off-by: Arien Judge <arienjudge@outlook.com>
This is an RTL8382-based switch with 24 copper ports + 4 SFP ports
Specifications:
---------------
* SoC: Realtek RTL8382M
* Flash: 32 MiB SPI flash
* RAM: 256 MiB
* Ethernet: 24x 10/100/1000 Mbps
* Buttons: 1x "Reset" button
* UART: 1x serial header, unpopulated
* SFP: 4 SFP ports
Works:
------
- (24) RJ-45 ethernet ports
- Switch functions
- Buttons
- Sys LED on front panel (no port LEDs)
Not yet enabled:
----------------
- Port LEDs (no driver for RTL8231 in this mode)
- SFP cages (no driver for PHY)
Install via web interface:
-------------------------
Not supported at this time.
Install via serial console/tftp:
--------------------------------
The U-Boot firmware drops to a TP-Link specific "BOOTUTIL" shell at
38400 baud. There is no known way to exit out of this shell, and no
way to do anything useful.
Ideally, one would trick the bootloader into flashing the sysupgrade
image first. However, if the image exceeds 6MiB in size, it will not
work. To install OpenWRT:
Prepare a tftp server with:
1. server address: 192.168.0.146
2. the image as: "uImage.img"
Power on device, and stop boot by pressing any key.
Once the shell is active:
1. Ground out the CLK (pin 16) of the ROM (U6)
2. Select option "3. Start"
3. Bootloader notes that "The kernel has been damaged!"
4. Release CLK as soon as bootloader thinks image is corrupted.
5. Bootloader enters automatic recovery -- details printed on console
6. Watch as the bootloader flashes and boots OpenWRT.
Blind install via tftp:
-----------------------
This method works when it's not feasible to install a serial header.
Prepare a tftp server with:
1. server address: 192.168.0.146
2. the image as: "uImage.img"
3. Watch network traffic (tcpdump or wireshark works)
4. Power on the device.
5. Wait 1-2 seconds then ground out the CLK (pin 16) of the ROM (U6)
6. When 192.168.0.30 makes tftp requests, release pin 16
7. Wait 2-3 minutes for device to auto-flash and boot OpenWRT
Signed-off-by: Andreas Böhler <dev@aboehler.at>
Like with some other ipq40xx devices, the kernel image size for the WPJ428
is limited in stock u-boot. For that reason, the current release doesn't
include an image for the board.
By switching to the zImage format, the kernel image size is reduced which
re-enables the build process. The image boots and behaved normally through
a few days of testing.
Before the switch to kernel version 6.1, it was possible to reduce the
image size by enough when disabling UBIFS and its otherwise unneeded
dependencies.
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
prepend-dtb got extended to handle the Meraki devices too,
the problem here was that the Netgear WNDR4700 expects an
u-boot header in front of the DTB, whereas Meraki devices
don't.
Since the header was dropped, the WNDR4700's uboot started
to complain:
Bad Magic Number,it is forbidden to be written to flash!!
when flashing the factory.img since it expects an u-boot
header there.
Fixes: 5dece2d9355a ("apm821xx: switch over from DTB_SIZE to DEVICE_DTC_FLAGS")
Reported-by: @kisgezenguz
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Make use of new toolchain define. TOOLCHAIN_DIR should be used only for
toolchain related packages and for everything else TOOLCHAIN_ROOT_DIR
and other define should be used instead.
Switch to new entry where possible.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Make toolchain dirs define more consistent between internal and external
toolchains.
Make use of specific dirs also for intenral toolchain and generilize
include and lib inclusion.
Also set TOOLCHAIN_ROOT_DIR for internal toolchain as this is what
packages should use to reference staging toolchain directory.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Some package may needs to enable compatibility option based on the GCC
version.
Currently the GCC version is set based on the default value and doesn't
actually reflect the real value provided by the external toolchain if
used.
Fix this by correctly detecting the GCC version in the external
toolchain and set the correct value in CONFIG_GCC_VERSION.
A new option is added in menuconfig to manually set the GCC version if
needed.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Some packages won't ever have something to patch as they normally
install files or are meta-packages.
For these special packages, disable QUILT refresh.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The option 31 in the RA specifies the DNS search list, the support
to configure this via UCI is missing in case dnsmasq-dhcpv6 is used.
This commit uses the uci option domain (same as is done by odhcpd) to
read and pass the DNS search list to dnsmasq, which is then used by RA.
Hence, with this commit, we are able to configure DNS search list for the
RA messages via the uci config when dnsmsaq-dhcpv6 is used.
Signed-off-by: Rahul Thakur <rahul.thakur@iopsys.eu>
Doing a simple ping to my device shows this:
64 bytes from 10.0.253.101: icmp_seq=1 ttl=64 time=2.00 ms
64 bytes from 10.0.253.101: icmp_seq=2 ttl=64 time=2.02 ms
64 bytes from 10.0.253.101: icmp_seq=3 ttl=64 time=1.68 ms
64 bytes from 10.0.253.101: icmp_seq=4 ttl=64 time=1.91 ms
64 bytes from 10.0.253.101: icmp_seq=5 ttl=64 time=1.92 ms
64 bytes from 10.0.253.101: icmp_seq=6 ttl=64 time=2.04 ms
Some users even report higher values on older kernels:
64 bytes from 192.168.1.10: seq=0 ttl=64 time=0.612 ms
64 bytes from 192.168.1.10: seq=1 ttl=64 time=2.852 ms
64 bytes from 192.168.1.10: seq=2 ttl=64 time=2.719 ms
64 bytes from 192.168.1.10: seq=3 ttl=64 time=2.741 ms
64 bytes from 192.168.1.10: seq=4 ttl=64 time=2.808 ms
The problem is that the governor is set to Ondemand, which causes
the CPU to clock all the way down to 48MHz in some cases.
Switching to performance governor:
64 bytes from 10.0.253.101: icmp_seq=1 ttl=64 time=0.528 ms
64 bytes from 10.0.253.101: icmp_seq=2 ttl=64 time=0.561 ms
64 bytes from 10.0.253.101: icmp_seq=3 ttl=64 time=0.633 ms
64 bytes from 10.0.253.101: icmp_seq=4 ttl=64 time=0.526 ms
In theory, using the Performance governor should increase power draw,
but it looks like it really does not matter for this soc.
Using a calibrated precision DC power supply (cpu idle):
Ondemand
24.00V * 0.134A = 3.216 Watts
48.00V * 0.096A = 4.608 Watts
Performance
24.00V * 0.135A = 3.240 Watts
48.00V * 0.096A = 4.608 Watts
Let's simply switch to the Performance governor by default
to fix the general jittery behaviour on devices using this soc.
Tested on: MikroTik wAP ac
Fixes: #13649
Reviewed-by: Robert Marko <robimarko@gmail.com>
Reviewed-by: Thibaut VARÈNE <hacks@slashdirt.org>
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
To support the IXP42x platforms we need a kernel module
for the Epson R7301 RTC so we can load it as an optional
module.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Robert Marko <robimarko@gmail.com>
To support the IXP42x platforms we need a kernel module
for the X1205 RTC so we can load it as an optional module.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Robert Marko <robimarko@gmail.com>
The lib-chacha20 library is missing build rules for big endian
ARM, and since IXP4xx is big endian ARM we need those rules to
build for IXP4xx.
Suggested-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
This is a partial revert of the deletion of the IXP4xx
target: we restore the APEX boot loader so we can use it
for the NSLU2 and related targets.
The APEX upstream is as dead as it gets so I have applied
OpenWrts old patches on top of the never released
v1.6.10 version and forked it into an OpenWrt variant
on GitHub. If the upstream comes back alive I will
happily switch over to it.
The file refers to the external GitHub, I suppose when
integrating this patch the file should be copied to OpenWrts
file repository and the file link changed.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>