Commit Graph

20807 Commits

Author SHA1 Message Date
Álvaro Fernández Rojas
c615bcf438 kernel: r8126: add RSS variant
Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from bfeef9b3d7)
2024-08-17 12:40:26 +02:00
Álvaro Fernández Rojas
a79157f257 package: add kmod-r8126 ethernet driver
r8126 is an out of tree driver provided by Realtek for RTL8126 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from 54623c6a1d)
2024-08-17 12:40:22 +02:00
Álvaro Fernández Rojas
4d0dc5e15e kernel: r8125: add RSS variant
Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from f063f4620c)
2024-08-17 12:35:09 +02:00
Álvaro Fernández Rojas
68d5ed7526 package: add kmod-r8125 ethernet driver
r8125 is an out of tree driver provided by Realtek for RTL8125 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from ddb4070c96)
2024-08-17 12:34:50 +02:00
Álvaro Fernández Rojas
7d6366dcd7 package: add kmod-r8168 ethernet driver
r8168 is an out of tree driver provided by Realtek for RTL8168 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
((cherry picked from commit 1565eeda4e)
2024-08-17 08:06:25 +02:00
Álvaro Fernández Rojas
d1de7d3c92 package: add kmod-r8101 ethernet driver
r8101 is an out of tree driver provided by Realtek for RTL8101 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit b72c4b5386)
2024-08-17 08:03:48 +02:00
Tianling Shen
a591f9cd14 mediatek: enable rootwait for cmcc rax3000m emmc version
Sometimes the mmc deivce may come up later than kernel attempts to
mount rootfs, resulting kernel panic. Enable rootwait to fix it.

Reported-by: Yangyu Chen <cyy@cyyself.name>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15077
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-11 19:18:39 +02:00
Bjørn Mork
c241885687 kernel: ubootenv-nvram: driver for RAM backed environments
The vendor U-Boot implementaion on Telenor branded ZyXEL EX5700
devices does not store its environment on flash. It is instead
kept in a memory region.  This is persistent over reboots, but
not over power cycling.

The dual partition failsafe system used by the vendor U-Boot
requires the OS to modify a variable in this memory environment.
This driver allows the ordinary uboot-envtools to access a
memory region like it was a partition on NOR flash.

The specific vendor U-Boot adds a "no-map" /reserved-memory
section and a top level /ubootenv node pointing to the memory
environment.  The driver uses this device specific fact to
locate the region.  The matching and probing code will likely
have to be adjusted for any other devices to be supported.

Example partial device tree:

 / {
    ..
    ubootenv {
        memory-region = <&uenv>;
        compatible = "ubootenv";
    };
    ..
    reserved-memory {
        ..
        uenv: ubootenv@7ffe8000 {
            no-map;
            reg = <0 0x7ffe8000 0 0x4000>;
        };

Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit b2e810f495)
2024-08-07 12:12:30 +02:00
Rany Hany
e4625c37c4 hostapd: fix SAE H2E security vulnerability
This patch backports fixes for a security vulnerability impacting the
hostapd implementation of SAE H2E.

As upgrading hostapd would require more testing, the second mitigation
step which involves backporting several patches was adopted as outlined
in the official advisory[1].

An explanation of the impact of the vulnerability is provided from the
advisory[1]:

This vulnerability allows the attacker to downgrade the negotiated group
to another enabled group if both the AP and STA have enabled SAE H2E and
multiple groups. It should be noted that the H2E option is not enabled
by default and the attack is not applicable to the default option, i.e.,
hunting-and-pecking, since it does not have any downgrade protection for
group negotiation. In addition, the default configuration for enabled
SAE groups in hostapd is to enable only a single group, so the
vulnerability is not applicable unless hostapd has been explicitly
configured to enable more groups for SAE.

[1]: https://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt

Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16043
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit db7f70fe61)
2024-08-02 23:18:03 +02:00
Hauke Mehrtens
f99dffcaca mac80211: Update to version 6.1.102-1
Upstream removed SSB and BCMA, the drivers are now compiled against the
in kernel versions. No need to patch this for OpenWrt.

Link: https://github.com/openwrt/openwrt/pull/15983
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-29 23:09:51 +02:00
Hauke Mehrtens
1478f641bd ltq-ptm: Fix netdev ioctls with kernel > 5.15
.ndo_do_ioctl is not called for SIOCDEVPRIVATE any more, the kernel
calls .ndo_siocdevprivate now.

The function gets the data pointer from the callback directly, make use
of it.

See upstream Linux kernel commit:
https://git.kernel.org/linus/b9067f5dc4a07c8e24e01a1b277c6722d91be39e

Link: https://github.com/openwrt/openwrt/pull/16005
(cherry picked from commit e33ebdd00e)
Link: https://github.com/openwrt/openwrt/pull/16023
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-28 23:56:35 +02:00
Hauke Mehrtens
56a84b3c47 mac80211: Fix wifi throughput
Backport 2 patches from upstream Linux to fix a Wifi throughput
problem.

Fixes: 323e249ce8 ("mac80211: Update to version 6.1.97-1")
Link: https://github.com/openwrt/openwrt/pull/16007
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-27 00:38:46 +02:00
Hauke Mehrtens
76a0c2932c OpenWrt v23.05.4: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-16 23:51:26 +02:00
Hauke Mehrtens
b9510660ce OpenWrt v23.05.4: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-16 23:51:19 +02:00
Hauke Mehrtens
84b000e5d0 wolfssl: Update to version 5.7.2
This fixes multiple security problems:
 * [Medium] CVE-2024-1544
   Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls.

 * [Medium] CVE-2024-5288
   A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations.

 * [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS.

 * [Low] CVE-2024-5991
   In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.

 * [Medium] CVE-2024-5814
   A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection.

 * [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received.

 * [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt.

Unset DISABLE_NLS to prevent setting the unsupported configuration
option --disable-nls which breaks the build now.

Link: https://github.com/openwrt/openwrt/pull/15948
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3a0232ffd3)
2024-07-16 00:05:18 +02:00
Tianling Shen
a0645675d4 uboot-mediatek: enable rootwait for jdcloud re-cp-03
Sometimes the mmc deivce may come up later than kernel attempts to
mount rootfs, resulting kernel panic. Enable rootwait to fix it.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-15 16:10:16 +02:00
Daniel Golle
9f739daf05 uboot-mediatek: fix patch order
Make sure patch sequence number is unique by moving patch
440-add-jdcloud_re-cp-03.patch -> 441-add-jdcloud_re-cp-03.patch

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2302a7c5ad)
2024-07-15 16:10:06 +02:00
Jo-Philipp Wich
553a7a3265 ucode: update to Git 1a8a0bcf725520820802ad433db22d8f64fbed6c (2024-07-11)
96f74b5be829 ubus: make ubus_context first in uc_ubus_connection_t
7e5830edfb38 nl80211: fix datatype of NL80211_BAND_IFTYPE_ATTR_HE_CAP_{MAC,PHY} attrs
5c8fd34bac42 nl80211: fix parsing of NL80211_BAND_ATTR_VHT_MCS_SET attribute
e8d4e4fe967d nl80211: fix decoding of NL80211_BAND_IFTYPE_ATTR_HE_CAP_MCS_SET attribute
30a3f7ad0433 rtnl: store callback in listener registry only on success
9cbe8294909f rtnl: optimize reception of rtnl events
534417132e18 rtnl: increase event socket rx buffer size limit to 1 MiB
3f9811d2f7b7 compiler: close upvalues on loop control statements
ee4af9b55cb4 vm: rework object iteration
a275399dd8e2 uci: refactor uci.changes() to match documentation
1220992631d5 ubus: automatically clear error information
d6fd94014eea uci: automatically clear error information
99837f280b61 uloop: automatically clear error information
ba3855ae3775 lib: fix documentation typo for `pop()` function
be767ae197ba vm: rework `in` operator semantics
4ade84e8fb81 ubus: add explicit support for deferring incoming requests
cfe137be068a uci: remove incorrectly documentated reorder() parameter
e8d78a26da0c lib: introduce socket library
a0ad1d127ae6 build: fix symbol and library detection
674f65ee551d jsdoc: disable default module titles
a33d16a86493 socket: rework error handling
e2b81d869222 uloop: add documentation
953f36c96e8a socket: make socket.send() accept non-string data
f211d5ac666f ubus: fix uc_ubus_have_uloop for eloop+uloop combination
0662de64bd1f socket: add AF_PACKET socket type support
b594ff8a2841 socket: remove leftover debug code
0d823e702bfe socket: fix addrinfo() with omitted service argument
8cf816d615fd socket: fix potential memory leak in connect()
8f5f231d66cd socket: optimize poll() argument handling
36f106056069 socket: remove wrong documentation fragment
525fca224012 socket: uv_to_sockaddr(): fix length calculation for AF_UNIX addresses
3938645ad9e3 socket: support IPv6 addresses in struct conversion routines
3a586dc7ddbe socket: improve uc_socket_connect() behavior
7b269f1cd3d2 socket: improve uc_socket_listen() behavior
fc6f2b89febf socket: handle further socket option value types
d6f25797dad1 socket: add IPv6 socket options
7611487b9a05 socket: implement recvmsg(), sendmsg() and cmsg support
d2e44bfa8b54 core-lib: improved documentation
e0bab40c8578 fs: add truncate() file method
5d305cfb2ab7 fs: add lock() file method
8b0318f7fabe lib: introduce zlib library
73644a036f5a nl80211: move access to tb array out of uc_nl_convert_attr and below
6e3cf83a77a7 nl80211: add support for multi-attribute arrays
6ff24d5488a9 nl80211: update nl80211.h to latest wireless-next
abc2aef28641 nl80211: add wiphy multi-radio support

Fixes: https://github.com/jow-/ucode/issues/186
Fixes: https://github.com/jow-/ucode/issues/187
Fixes: https://github.com/jow-/ucode/issues/188
Fixes: https://github.com/jow-/ucode/issues/193
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-07-14 01:27:28 +02:00
Hauke Mehrtens
0cdbbd8868 wireless-regdb: Update to version 2024.07.04
Changes:
  2a768c4 wireless-regdb: Update regulatory rules for Mongolia (MN) on 6GHz
  04875d9 wireless-regdb: Update regulatory rules for Saudi Arabia (SA) on 6GHz
  b7bced8 wireless-regdb: Update regulatory rules for South Africa (ZA) on 6GHz
  7bc8615 wireless-regdb: Update regulatory info for Thailand (TH) on 6GHz
  f901fa9 wireless-regdb: Update regulatory info for Malaysia (MY) for 2022
  d72d288 wireless-regdb: Update regulatory info for Morocco (MA) on 6GHz
  414face wireless-regdb: Update regulatory info for Chile (CL) on 6GHz
  1156a08 wireless-regdb: Update regulatory info for Mexico (MX) on 6GHz
  cc6cf7c wireless-regdb: Update regulatory info for Iceland (IS) on 6GHz
  ce03cc0 wireless-regdb: Update regulatory info for Mauritius(MU) on 6GHz
  7e37778 wireless-regdb: Update regulatory info for Argentina (AR) on 6GHz
  56f3a43 wireless-regdb: Update regulatory info for United Arab Emirates (AE) on 6GHz
  3cb8b91 wireless-regdb: Update regulatory info for Colombia (CO) on 6GHz
  3682ce5 wireless-regdb: Update regulatory info for Costa Rica (CR) for 2021
  dd4ffe7 wireless-regdb: Update regulatory info for Dominican Republic (DO) on 6GHz
  f8ef7da wireless-regdb: Update regulatory info for Liechtenstein (LI) on 6GHz
  a9ecabe wireless-regdb: Update regulatory info for Jordan (JO) for 2022
  5a9fdad wireless-regdb: Update regulatory info for Kenya (KE) for 2022
  19326c3 wireless-regdb: Update regulatory info for Macao (MO) for 2024
  4838054 wireless-regdb: update regulatory database based on preceding changes

Link: https://github.com/openwrt/openwrt/pull/15921
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 0a24fd9155)
2024-07-11 00:23:36 +02:00
Felix Fietkau
2b1ed7b33d mac80211: fix mesh id corruption on 32 bit systems
increase size of ifmsh->mbss_changed

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 20bd3502d3)
Link: https://github.com/openwrt/openwrt/pull/15836
[Moved the patch to the end of the patch queue]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-10 23:36:36 +02:00
Florian Eckert
130aa67675 linux-firmware: add missing LICENSE_FILES info
Where it is clear which lincense the firmware package has, the missing
information are added.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [backport]
(cherry picked from commit 535d487c41)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-10 23:07:36 +02:00
Florian Eckert
437d1988b1 linux-firmware: add LICENSE_FILES and LICENSE file handling
The firmware blobs have all different licenses from the different
manufacturers of the binary blobs. This information is contained in the
upstream 'linux-firmware' repositroy.

This commit extends the package handling so that this information can be
added as an additional argument during packages generation.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 5c14de1d7e)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-10 23:07:36 +02:00
Florian Eckert
6f72d62a53 kernel: update deprecated license information
Update the deprecated license information from GPL-2.0 to GPL-2.0-only
as written in the COPYING file of the linux source tree.

Also add the 'COPYING' file to the PKG_LICENSE_FILES variable.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 879826154f)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-10 23:07:36 +02:00
Florian Eckert
f5d64e36fb mac80211: add missing license information
The lincense information for the packages mac80211 are missing.
This commit adds the missing information.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [backport]
(cherry picked from commit 3128157ec7)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-10 23:07:36 +02:00
Florian Eckert
9b12d41476 ca-certificates: add missing license information
The package has no licence information. So let's fix it.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 0da116f25b)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-10 23:07:36 +02:00
Florian Eckert
42dada5713 wireless-regdb: add missing license information
Add the missing license information PKG_LICENSE and PKG_LICENSE_FILES.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 7a3deadf91)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-10 23:07:36 +02:00
Wenli Looi
29280638e8 ramips: add support for Netgear EAX12 series
Netgear EAX12, EAX11v2, EAX15v2 are wall-plug 802.11ax (Wi-Fi 6)
extenders that share the SoC, WiFi chip, and image format with the
WAX202.

Specifications:
* MT7621, 256 MiB RAM, 128 MiB NAND
* MT7915: 2.4/5 GHz 2x2 802.11ax (DBDC)
* Ethernet: 1 port 10/100/1000
* UART: 115200 baud (labeled on board)

All LEDs and buttons appear to work without state_default.

Installation:
* Flash the factory image through the stock web interface, or TFTP to
  the bootloader. NMRP can be used to TFTP without opening the case.

Revert to stock firmware:
* Flash the stock firmware to the bootloader using TFTP/NMRP.

References in GPL source:
https://www.downloads.netgear.com/files/GPL/EAX12_EAX11v2_EAX15v2_GPL_V1.0.3.34_src.tar.gz

* target/linux/ramips/dts/mt7621-rfb-ax-nand.dts
  DTS file for this device.

Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
(cherry picked from commit 32ea8a9a7e)
2024-07-09 09:33:37 +02:00
Alexey Bartenev
e573b6b557 ramips: add support for D-Link DIR-806A B1 router
General specification:
SoC Type: MediaTek MT7620A (580MHz)
ROM: 8 MB SPI-NOR (MX25L6406E)
RAM: 64 MB DDR (W9751G6KB-25)
Switch: MediaTek MT7530
Ethernet: 5 ports - 5×100MbE (WAN, LAN1-4)
Wireless: 2.4 GHz (MediaTek RT5390): b/g/n
Wireless: 5 GHz (MediaTek MT7610EN): ac/n
Buttons: 2 button (POWER, WPS/RESET)
Bootloader: U-Boot 1.1.3
Power: 12 VDC, 0.5 A

MACs:
| LAN	| [Factory + 0x04] - 2		|
| WLAN 2.4g	| [Factory + 0x04] - 1		|
| WLAN 5g	| [Factory + 0x8004] - 3	|
| WAN	| [Factory + 0x04] - 2		|

OEM easy installation:

1. Use a PC to browse to http://192.168.0.1.
2. Go to the System section and open the Firmware Update section.
3. Under the Local Update at the right, click on the CHOOSE FILE...
4. When a modal window appears, choose the firmware file and click on
 the Open.
5. Next click on the UPDATE FIRMWARE button and upload the firmware image.
Wait for the router to flash and reboot.

OEM installation using the TFTP method (need level converter):

1. Download the latest firmware image.
2. Set up a Tftp server on a PC (e.g. Tftpd32) and place the firmware
 image to the root directory of the server.
3. Power off the router and use a twisted pair cable to connect the PC
 to any of the router's LAN ports.
4. Configure the network adapter of the PC to use IP address 192.168.0.180
 and subnet mask 255.255.255.0.
5. Connect serial port (57600 8N1) and turn on the router.
6. Then interrupt "U-Boot Boot Menu" by hitting 2 key (select "2: Load
 system code then write to Flash via TFTP.").
7. Press Y key when show "Warning!! Erase Linux in Flash then burn new
 one. Are you sure? (Y/N)"
Input device IP (192.168.0.1) ==:192.168.0.1
Input server IP (192.168.0.180) ==:192.168.0.180
Input Linux Kernel filename () ==:firmware_name
The router should download the firmware via TFTP and complete flashing in
 a few minutes.
After flashing is complete, use the PC to browse to http://192.168.1.1 or
 ssh to proceed with the configuration.

Signed-off-by: Alexey Bartenev <41exey@proton.me>
(cherry picked from commit ce998cb6e1)
2024-07-09 08:54:41 +02:00
Roland Reinl
6e51ff88b0 filogic: Add support for D-Link AQUILA PRO AI M30
Specification:
 - MT7981 CPU using 2.4GHz and 5GHz WiFi (both AX)
 - MT7531 switch
 - 512MB RAM
 - 128MB NAND flash with two UBI partitions with identical size
 - 1 multi color LED (red, green, blue, white) connected via GCA230718
 - 3 buttons (WPS, reset, LED on/off)
 - 1 1Gbit WAN port
 - 4 1Gbit LAN ports

Disassembly:
 - There are four screws at the bottom: 2 under the rubber feets, 2 under the label.
 - After removing the screws, the white plastic part can be shifted out of the blue part.
 - Be careful because the antennas are mounted on the side and the top of the white part.

Serial Interface
 - The serial interface can be connected to the 4 pin holes on the side of the board.
 - Pins (from front to rear):
   - 3.3V
   - RX
   - TX
   - GND
 - Settings: 115200, 8N1

MAC addresses:
 - WAN MAC is stored in partition "Odm" at offset 0x81
 - LAN (as printed on the device) is WAN MAC + 1
 - WLAN MAC (2.4 GHz) is WAN MAC + 2
 - WLAN MAC (5GHz) is WAN MAC + 3

Flashing via Recovery Web Interface:
 - The recovery web interface always flashes to the currently active partition.
 - If OpenWrt is flahsed to the second partition, it will not boot.
 - Ensure that you have an OEM image available (encrypted and decrypted version). Decryption is described in the end.
 - Set your IP address to 192.168.200.10, subnetmask 255.255.255.0
 - Press the reset button while powering on the device
 - Keep the reset button pressed until the LED blinks red
 - Open a Chromium based and goto http://192.168.200.1 (recovery web interface)
 - Download openwrt-mediatek-filogic-dlink_aquila-pro-ai-m30-a1-squashfs-recovery.bin
 - The recovery web interface always reports successful flashing, even if it fails
 - After flashing, the recovery web interface will try to forward the browser to 192.168.0.1 (can be ignored)
 - If OpenWrt was flashed to the first partition, OpenWrt will boot (The status LED will start blinking white and stay white in the end). In this case you're done and can use OpenWrt.
 - If OpenWrt was flashed to the second partition, OpenWrt won't boot (The status LED will stay red forever). In this case, the following steps are reuqired:
   - Start the web recovery interface again and flash the **decrypted OEM image**. This will be flashed to the second partition as well. The OEM firmware web interface is afterwards accessible via http://192.168.200.1.
   - Now flash the **encrypted OEM image** via OEM firmware web interface. In this case, the new firmware is flashed to the first partition. After flashing and the following reboot, the OEM firmware web interface should still be accessible via http://192.168.200.1.
   - Start the web recovery interface again and flash the OpenWrt recovery image. Now it will be flashed to the first partition, OpenWrt will boot correctly afterwards and is accessible via 192.168.1.1.

Flashing via U-Boot:
 - Open the case, connect to the UART console
 - Set your IP address to 192.168.200.2, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
 - Run a tftp server which provides openwrt-mediatek-filogic-dlink_aquila-pro-ai-m30-a1-initramfs-kernel.bin.
 - Power on the device and select "7. Load image" in the U-Boot menu
 - Enter image file, tftp server IP and device IP (if they differ from the default).
 - TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
 - The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
 - Perform a sysupgrade using openwrt-mediatek-filogic-dlink_aquila-pro-ai-m30-a1-squashfs-sysupgrade.bin
 - Reboot the device. OpenWrt should start from flash now

Revert back to stock using the Recovery Web Interface:
 - Set your IP address to 192.168.200.2, subnetmask 255.255.255.0
 - Press the reset button while powering on the device
 - Keep the reset button pressed until the LED blinks red
 - Open a Chromium based and goto http://192.168.200.1 (recovery web interface)
 - Flash a decrypted firmware image from D-Link. Decrypting an firmware image is described below.

Decrypting a D-Link firmware image:
 - Download https://github.com/RolandoMagico/firmware-utils/blob/M32/src/m32-firmware-util.c
 - Compile a binary from the downloaded file, e.g. gcc m32-firmware-util.c -lcrypto -o m32-firmware-util
 - Run ./m32-firmware-util M30 --DecryptFactoryImage <OriginalFirmware> <OutputFile>
 - Example for firmware M30A1_FW101B05: ./m32-firmware-util M30 --DecryptFactoryImage M30A1_FW101B05\(0725091522\).bin M30A1_FW101B05\(0725091522\)_decrypted.bin

Flashing via OEM web interface is not possible, as it will change the active partition and OpenWrt is only running on the first UBI partition.

Controlling the LEDs:
 - The LEDs are controlled by a chip called "GCA230718" which is connected to the main CPU via I2C (address 0x40)
 - I didn't find any documentation or driver for it, so the information below is purely based on my investigations
 - If there is already I driver for it, please tell me. Maybe I didn't search enough
 - I implemented a kernel module (leds-gca230718) to access the LEDs via DTS
 - The LED controller supports PWM for brightness control and ramp control for smooth blinking. This is not implemented in the driver
 - The LED controller supports toggling (on -> off -> on -> off) where the brightness of the LEDs can be set individually for each on cycle
 - Until now, only simple active/inactive control is implemented (like when the LEDs would have been connected via GPIO)
 - Controlling the LEDs requires three sequences sent to the chip. Each sequence consists of
   - A reset command (0x81 0xE4) written to register 0x00
   - A control command (for example 0x0C 0x02 0x01 0x00 0x00 0x00 0xFF 0x01 0x00 0x00 0x00 0xFF 0x87 written to register 0x03)
 - The reset command is always the same
 - In the control command
   - byte 0 is always the same
   - byte 1 (0x02 in the example above) must be changed in every sequence: 0x02 -> 0x01 -> 0x03)
   - byte 2 is set to 0x01 which disables toggling. 0x02 would be LED toggling without ramp control, 0x03 would be toggling with ramp control
   - byte 3 to 6 define the brightness values for the LEDs (R,G,B,W) for the first on cycle when toggling
   - byte 7 defines the toggling frequency (if toggling enabled)
   - byte 8 to 11 define the brightness values for the LEDs (R,G,B,W) for the second on cycle when toggling
   - byte 12 is constant 0x87

Comparison to M32/R32:
 - The algorithms for decrypting the OEM firmware are the same for M30/M32/R32, only the keys differ
 - The keys are available in the GPL sources for the M32
 - The M32/R32 contained raw data in the firmware images (kernel, rootfs), the R30 uses a sysupgrade tar instead
 - Creation of the recovery image is quite similar, only the header start string changes. So mostly takeover from M32/R32 for that.
 - Turned out that the bytes at offset 0x0E and 0x0F in the recovery image header are the checksum over the data area
 - This checksum was not checked in the recovery web interface of M32/R32 devices, but is now active in R30
 - I adapted the recovery image creation to also calculate the checksum over the data area
 - The recovery image header for M30 contains addresses which don't match the memory layout in the DTS. The same addresses are also present in the OEM images
 - The recovery web interface either calculates the correct addresses from it or has it's own logic to determine where which information must be written

Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
(cherry picked from commit 29cca6cfee)
2024-07-08 23:06:38 +02:00
Roland Reinl
c439003497 filogic: Add LED driver for GCA230718
Add basic support for the LED driver for GCA230718.

 - I didn't find any documentation or driver for it, so the information below is purely based on my investigations
 - If there is already I driver for it, please tell me. Maybe I didn't search enough
 - I implemented a kernel module (leds-gca230718) to access the LEDs via DTS
 - The LED controller supports PWM for brightness control and ramp control for smooth blinking. This is not implemented in the driver
 - The LED controller supports toggling (on -> off -> on -> off) where the brightness of the LEDs can be set individually for each on cycle
 - Until now, only simple active/inactive control is implemented (like when the LEDs would have been connected via GPIO)
 - Controlling the LEDs requires three sequences sent to the chip. Each sequence consists of
   - A reset command (0x81 0xE4) written to register 0x00
   - A control command (for example 0x0C 0x02 0x01 0x00 0x00 0x00 0xFF 0x01 0x00 0x00 0x00 0xFF 0x87 written to register 0x03)
 - The reset command is always the same
 - In the control command
   - byte 0 is always the same
   - byte 1 (0x02 in the example above) must be changed in every sequence: 0x02 -> 0x01 -> 0x03)
   - byte 2 is set to 0x01 which disables toggling. 0x02 would be LED toggling without ramp control, 0x03 would be toggling with ramp control
   - byte 3 to 6 define the brightness values for the LEDs (R,G,B,W) for the first on cycle when toggling
   - byte 7 defines the toggling frequency (if toggling enabled)
   - byte 8 to 11 define the brightness values for the LEDs (R,G,B,W) for the second on cycle when toggling
   - byte 12 is constant 0x87

Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
(cherry picked from commit 0682974aa8)
2024-07-08 22:51:11 +02:00
Petr Štetiar
242f193f34 linux-firmware: package Intel AX201 firmware
Alexander reported following:

 iwlwifi 0000:00:14.3: Detected crf-id 0x3617, cnv-id 0x20000302 wfpm id 0x80000000
 iwlwifi 0000:00:14.3: PCI dev a0f0/0074, rev=0x351, rfid=0x10a100
 iwlwifi 0000:00:14.3: Direct firmware load for iwlwifi-QuZ-a0-hr-b0-77.ucode failed with error -2

It seems, that as of the current date, the highest firmware API version
supported by Linux 6.8-rc7 is still 77.

Closes: #14771
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 8db83d4cc0)
[Reduce to API version 72 for older mac80211]
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:27 +02:00
Felix Fietkau
7d135dc038 libxml2: add host build dependency on libiconv-full
Fixes build on macOS

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 4ef13c4a49)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:26 +02:00
Felix Fietkau
d0c7b19db8 hostapd: fix a crash corner case
On some setup failures, iface->bss can be NULL

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 1ee5b7e506)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:26 +02:00
Hauke Mehrtens
dee4309bdf mbedtls: Update to 2.28.8
This contains a fix for:
CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x
before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto
API mishandles shared memory.

(cherry picked from commit 360ac07eb9)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:26 +02:00
Hauke Mehrtens
3941633dd7 uencrypt: Fix compile warnings
keylen and ivlen are of type long and not size_t.

(cherry picked from commit 0fd9acb471)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:26 +02:00
Thomas Winkler
ccac75a37f base-files: fix uid/gid auto-enumeration to avoid 16-bit limit
uid/gid range should be limited to 16bit unsigned integer range to
avoid "wraparound" issues with permissions where jffs2
is employed for storage and chown 65536 (first auto-created user)
becomes equivalent to chown 0

Fixes: #13927

Signed-off-by: Thomas Winkler <tewinkler86@gmail.com>
(cherry picked from commit 140b48a9e9)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:26 +02:00
Rui Salvaterra
add63dd508 linux-firmware: realtek: update rtl8821ae firmware
A newer version, rtl8821aefw_29.bin, has been available for over 7 years [1].
Let's use it.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f70e4df2b384d21e36a7c30a591639592692e0ec

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit 2b8e875a85)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:26 +02:00
Daniel Golle
9f3f5cff30 mt76: mt7996: select required kernel and hostap options
Select DRIVER_11AX_SUPPORT and KERNEL_RELAY also for kmod-mt7996 to
prevent build failure if only this driver is selected during build and
end up with (most) required hostap features (IEEE 802.11be rates are not
yet supported).

Reported-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 83311b7470)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:26 +02:00
Christian Lamparter
0fb2ee44f9 firmware: intel-microcode: update to 20240531
Debian changelog:

intel-microcode (3.20240531.1) unstable; urgency=medium

  * New upstream microcode datafile 20240531
    * Fix unspecified functional issues on Pentium Silver N/J5xxx,
      Celeron N/J4xxx
    * Updated Microcodes:
      sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800
  * source: update symlinks to reflect id of the latest release, 20240531

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Sat, 01 Jun 2024 11:49:47 -0300

intel-microcode (3.20240514.1) unstable; urgency=medium

  * New upstream microcode datafile 20240514
    * Mitigations for INTEL-SA-01051 (CVE-2023-45733)
      Hardware logic contains race conditions in some Intel Processors may
      allow an authenticated user to potentially enable partial information
      disclosure via local access.
    * Mitigations for INTEL-SA-01052 (CVE-2023-46103)
      Sequence of processor instructions leads to unexpected behavior in
      Intel Core Ultra Processors may allow an authenticated user to
      potentially enable denial of service via local access.
    * Mitigations for INTEL-SA-01036 (CVE-2023-45745,  CVE-2023-47855)
      Improper input validation in some Intel TDX module software before
      version 1.5.05.46.698 may allow a privileged user to potentially enable
      escalation of privilege via local access.
    * Fix for unspecified functional issues on 4th gen and 5th gen Xeon
      Scalable, 12th, 13th and 14th gen Intel Core processors, as well as for
      Core i3 N-series processors.
    * Updated microcodes:
      sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632
      sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400
      sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256
      sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208
      sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433
      sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808
      sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040
      sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240
      sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960
      sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230
  * source: update symlinks to reflect id of the latest release, 20240514

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Thu, 16 May 2024 21:40:52 -0300

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 7d9b9762c9)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:25 +02:00
Felix Fietkau
287e2565e2 hostapd: fix crash on interface setup failure
Add a missing NULL pointer check when deleting beacons

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 3984fb0582)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:25 +02:00
Felix Fietkau
80a36594f9 hostapd: use strdup on string passed to hostapd_add_iface
The data is modified within hostapd_add_iface

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 032d3fcf7a)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:25 +02:00
Nathaniel Wesley Filardo
aa27bd7087 kernel: crypto: remove FCRYPT from miscellany
It has its own dedicated knob

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15761
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 7d71c03ab1)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:25 +02:00
Hauke Mehrtens
ffe97a61fc kernel: Add kmod-mfd
Package the mfd-core.ko kernel module. It is selected by the
kmod-hwmon-gsc already.

Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 8b4fd1c0de)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:25 +02:00
Hauke Mehrtens
9bf10898ba kernel: Add kmod-crypto-xxhash
kxxhash_generic.ko is a soft dependency of kmod-fs-btrfs, but we did not
package it. Extract the kmod-lib-xxhash and then package
xxhash_generic.ko.

Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 2ebeda0294)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:25 +02:00
Hauke Mehrtens
03299b3b52 kernel: Add kmod-crypto-blake2b
The kmod-fs-btrfs package has a soft dependency to kmod-crypto-blake2b

The CONFIG_BTRFS_FS kernel build option selects CONFIG_CRYPTO_BLAKE2B,
but we did not package it before.

Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit f89091bba6)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:25 +02:00
Hauke Mehrtens
7f833b8180 kernel: Fix kmod-lib-lz4 packaging
The kernel provides two variants of the lz4 compression a normal version
and a high compression mode version. The old kmod-lib-lz4 package
contained the normal version plus one part of the lz4hc version. There
was already code which selected the kmod-lib-lz4hc package which did
not exists.

I split this into 3 packages. kmod-lib-lz4 and kmod-lib-lz4hc for the
normal the and high compression algorithm which contain the specific
code and the kmod-lib-lz4-decompress which contains the common
decompressor.

New we are also packaging lz4hc.ko

Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit fac507606d)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:24 +02:00
Hauke Mehrtens
1f701c9b04 kernel: Extract kmod-nf-dup-inet
The nf_dup_ipv4.ko and nf_dup_ipv6.ko kernel module were packaged by
kmod-ipt-tee and kmod-nft-dup-inet at the same time. Extract them into a
separate package used by both.

Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit b0953c4fbf)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:24 +02:00
Paweł Owoc
e82759fd67 mac80211: add missing config for third 160MHz width for 5GHz radio
Without this configuration it is not possible to run the radio using HE160 on channels 149-177.

Fixes: #14906
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
(cherry picked from commit a91b79fd04)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:24 +02:00
Felix Fietkau
c145f0f8f6 mac80211: add fix for receiving STP frames on mesh
Fix length in ethernet header

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 8f7be2a2ba)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:24 +02:00
Oldřich Jedlička
bed2272605 mac80211: fix flush during station removal
This fixes WARN_ONs when using AP_VLANs after station removal. The flush
call passed AP_VLAN vif to driver, but because these vifs are virtual and
not registered with drivers, we need to translate to the correct AP vif
first.

Fixes: openwrt#12420
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
[Rename to 360-wifi-mac80211-do-not-pass-ap_vlan-vif-pointer-to-dri.patch]
(cherry picked from commit 3e738781a9)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-08 21:13:24 +02:00
Chukun Pan
7bfdc4ea3a uboot-mediatek: add Netcore N60 support
The vendor uboot requires special fit verification.
So add a custom uboot build for this device.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 0170666d89)
2024-07-08 12:00:39 +02:00
Tianling Shen
2a25de25fa mediatek: add support for JDCloud RE-CP-03
Hardware specification:
  SoC: MediaTek MT7986A 4x A53
  Flash: 128GB eMMC
  RAM: 1GB DDR4
  Ethernet: 4x 1GbE, 1x 2.5GbE (RTL8221B)
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, Joylink
  Power: DC 12V 2A

Flash instructions:
1. Download and flash the vendor migration firmware via webUI:
   https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7986-jdcloud_re-cp-03-vendor-migration.bin
   (Default address is 192.168.68.1, user root, no password)
2. After device has booted up, write new GPT table:
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-gpt.bin of=/dev/mmcblk0 bs=512 seek=0 count=34 conv=fsync
3. Erase and write new BL2:
   echo 0 > /sys/block/mmcblk0boot0/force_ro
   dd if=/dev/zero of=/dev/mmcblk0boot0 bs=512 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-preloader.bin of=/dev/mmcblk0boot0 bs=512 conv=fsync
4. Erase and write new FIP:
   dd if=/dev/zero of=/dev/mmcblk0 bs=512 seek=13312 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-bl31-uboot.fip of=/dev/mmcblk0 bs=512 seek=13312 conv=fsync
5. Set static IP on your PC:
   IP 192.168.1.254/24, GW 192.168.1.1
6. Serve OpenWrt initramfs image using TFTP server.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt has booted, perform sysupgrade.
9. Additionally, if you want to have eMMC recovery boot feature:
     (Don't worry! You will always have TFTP recovery boot feature.)
   dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-initramfs-recovery.itb of=/dev/mmcblk0p4 bs=512 conv=fsync

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit c0c3234e17)
2024-07-08 09:08:48 +02:00
Tianling Shen
b67b3a6ce6 uboot-mediatek: add support for JDCloud RE-CP-03
The vendor U-Boot has enabled signature verification, so add
a custom U-Boot build for OpenWrt.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 6fa4fbbc52)
2024-07-08 09:08:15 +02:00
Hauke Mehrtens
e1eac53f74 mt76: Fix PKG_MIRROR_HASH
The PKG_MIRROR_HASH was updated to a wrong version.

Fixes: f64576f367 ("mt76: update to Git HEAD (2024-04-03)")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-07 21:56:12 +02:00
Hauke Mehrtens
323e249ce8 mac80211: Update to version 6.1.97-1
This updates mac80211 to version 6.1.97-1. This code is based on Linux
6.1.97 and contains all fixes included in the upstream wireless
subsystem from that kernel version. This includes many bugfixes and also
some security fixes.

The removed patches are already integrated in upstream Linux 6.1.97 or
in backports.

The following patches were integrated in upstream Linux:
   ath11k/0013-wifi-ath11k-synchronize-ath11k_mac_he_gi_to_nl80211_.patch
   ath11k/0035-wifi-ath11k-Use-platform_get_irq-to-get-the-interrup.patch
   ath11k/0036-wifi-ath11k-fix-SAC-bug-on-peer-addition-with-sta-ba.patch
   ath11k/0047-wifi-ath11k-fix-deinitialization-of-firmware-resourc.patch
   ath11k/0053-wifi-ath11k-fix-writing-to-unintended-memory-region.patch
   ath11k/0060-wifi-ath11k-Ignore-frags-from-uninitialized-peer-in-.patch
   ath11k/0065-wifi-ath11k-fix-tx-status-reporting-in-encap-offload.patch
   ath11k/0067-wifi-ath11k-Fix-SKB-corruption-in-REO-destination-ri.patch
   ath11k/0069-wifi-ath11k-fix-registration-of-6Ghz-only-phy-withou.patch
   ath11k/0080-wifi-ath11k-add-support-default-regdb-while-searchin.patch
   ath11k/0085-wifi-ath11k-fix-memory-leak-in-WMI-firmware-stats.patch
   ath11k/0086-wifi-ath11k-Add-missing-check-for-ioremap.patch
   ath11k/0096-wifi-ath11k-fix-boot-failure-with-one-MSI-vector.patch
   subsys/337-wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch

The following patches were integrated in upstream backports:
   ath11k/901-wifi-ath11k-pci-fix-compilation-in-5.16-and-older.patch
   build/080-resv_start_op.patch
   build/110-backport_napi_build_skb.patch

The following files are missing in backports, we do not have to remove
them any more. Some were already missing before some were removed in
this update:
   include/linux/cordic.h
   include/linux/crc8.h
   include/linux/eeprom_93cx6.h
   include/linux/wl12xx.h
   include/net/ieee80211.h
   backport-include/linux/bcm47xx_nvram.h
   include/linux/ath9k_platform.h
   include/net/bluetooth/

backports ships a dummy Mediatek wed header for older kernel versions.
We backported the feature in our kernel, remove the dummy header:
   backport-include/linux/soc/mediatek/mtk_wed.h

Remove header files for subsystems used form the mainline kernel:
   include/trace/events/qrtr.h
   include/net/rsi_91x.h
   backport-include/linux/platform_data/brcmnand.h

Link: https://github.com/openwrt/openwrt/pull/15827
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-07 18:30:37 +02:00
Hauke Mehrtens
e0837a1257 iw: sync nl80211.h
Update the nl80211.h file in iw with the version from backports.

The files were out of sync already before the mac80211 update. If iw set
the NL80211_ATTR_WIPHY_ANTENNA_GAIN attribute the kernel assumed it set
the NL80211_ATTR_PUNCT_BITMAP attribute because the id was the same.

Link: https://github.com/openwrt/openwrt/pull/15827
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-07 18:30:37 +02:00
Roland Reinl
d0744c1f66 mediatek: Add support for D-Link EAGLE PRO AI R32
R32 is like the M32 part of the EAGLE PRO AI series from D-Link.

Specification:
 - MT7622BV SoC with 2.4GHz wifi
 - MT7975AN + MT7915AN for 5GHz
 - MT7531BE Switch
 - 512MB RAM
 - 128 MB flash
 - 2 LEDs (Status and Internet, both can be either orange or white)
 - 2 buttons (WPS and Reset)

Compared to M32, the R32 has the following differences:
 - 4 LAN ports instead of 2
 - The recory image starts with DLK6E6015001 instaed of DLK6E6010001
 - Individual LEDs for power and internet
 - MAC address is stored at another offset in the ODM partition

MAC addresses:
 - WAN MAC is stored in partition "Odm" at offset 0x81
 - LAN (as printed on the device) is WAN MAC + 1
 - WLAN MAC (2.4 GHz) is WAN MAC + 2
 - WLAN MAC (5GHz) is WAN MAC + 3

Flashing via Recovery Web Interface:
 - Set your IP address to 192.168.0.10, subnetmask 255.255.255.0
 - Press the reset button while powering on the deivce
 - Keep the reset button pressed until the internet LED blinks fast
 - Open a Chromium based and goto http://192.168.0.1
 - Download openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-a1-squashfs-recovery.bin

Flashing via uBoot:
 - Open the case, connect to the UART console
 - Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
 - Run a tftp server which provides openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-initramfs-kernel.bin.
 - You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
 - Power on the device and select "1. System Load Linux to SDRAM via TFTP." in the boot menu
 - Enter image file, tftp server IP and device IP (if they differ from the default).
 - TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
 - The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
 - Create a backup of the Kernel1 partition, this file is required if a revert to stock should be done later
 - Perform a sysupgrade using openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-squashfs-sysupgrade.bin
 - Reboot the device. OpenWrt should start from flash now

Revert back to stock using the Recovery Web Interface:
 - Set your IP address to 192.168.0.10, subnetmask 255.255.255.0
 - Press the reset button while powering on the deivce
 - Keep the reset button pressed until the internet LED blinks fast
 - Open a Chromium based and goto http://192.168.0.1
 - Flash a decrypted firmware image from D-Link. Decrypting an firmware image is described below.

Decrypting a D-Link firmware image:
 - Download https://github.com/RolandoMagico/firmware-utils/blob/M32/src/m32-firmware-util.c
 - Compile a binary from the downloaded file, e.g. gcc m32-firmware-util.c -lcrypto -o m32-firmware-util
 - Run ./m32-firmware-util R32 --DecryptFactoryImage <OriginalFirmware> <OutputFile>
 - Example for firmware R32A1_FW103B01: ./m32-firmware-util R32 --DecryptFactoryImage R32A1_FW103B01.bin R32A1_FW103B01.decrypted.bin

Revert back to stock using uBoot:
 - Open the case, connect to the UART console
 - Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
 - Run a tftp server which provides the previously created backup of the Kernel1 partition.
 - You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
 - Power on the device and select "2. System Load Linux Kernel then write to Flash via TFTP." in the boot menu
 - Enter image file, tftp server IP and device IP (if they differ from the default).
 - TFTP download to FLASH will start. After a few seconds the stock firmware should start again

There is also an image openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-a1-squashfs-tftp.bin which can directly be flashed via U-Boot and TFTP.
It can be used if no backup of the Kernel1 partition is reuqired.

Flahsing via OEM web interface is currently not possible, the OEM images are encrypted. Creating images is only possible manually at the moment.
The support for the M32/R32 already includes support for flashing from the OEM web interface:
 - The device tree contains both partitions (Kernel1 and Kernel2) with conditions to select the correct one based on the kernel command line
 - The U-Boot variable "boot_part" is set accordingly during startup to finish the partition swap after flashing from the OEM web interface
 - OpenWrt sysupgrade flashing always uses the partition where it was initially flashed to (no partition swap)

Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
(cherry picked from commit fdb87a91b4)
Link: https://github.com/openwrt/openwrt/pull/15776
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:32:57 +02:00
Fabrice Fontaine
95fac7d0e4 package/utils/secilc: drop PKG_CPE_ID
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️selinuxproject:secilc

Fixes: 9ee7c1ec60 (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 58a5877846)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
16601bbd42 package/network/utils/iptables: fix PKG_CPE_ID
cpe:/a:netfilter:iptables is the correct CPE ID for iptables:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️netfilter:iptables

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15297
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 6e5edec159)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
8c20083c1d package/libs/libjson-c: fix PKG_CPE_ID
cpe:/a:json-c:json-c is the correct CPE ID for libjson-c:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️json-c:json-c

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15292
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit a4f723e04e)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
6ea9cf3203 package/network/services/dropbear: fix PKG_CPE_ID
cpe:/a:dropbear_ssh_project:dropbear_ssh is the correct CPE ID for dropbear:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️dropbear_ssh_project:dropbear_ssh

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15290
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 289f811abb)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Fabrice Fontaine
b110c337d3 package/libs/pcre2: fix PKG_CPE_ID
cpe:/a:pcre:pcre2 is the correct CPE ID for pcre2:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️pcre:pcre2

Fixes: c39b0646f3 (pcre2: import pcre2 from packages feed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 27d1ebb46a)
Link: https://github.com/openwrt/openwrt/pull/15881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:31:14 +02:00
Sean Khan
318db3bde4 openssl: conditionally disable engine section
Currently, the build option to enable/disable engine support isn't
reflected in the final '/etc/ssl/openssl.cnf' config. It assumes `engines`
is always enabled, producing an error whenever running any
commands in openssl util or programs that explicitly use settings
from '/etc/ssl/openssl.cnf'.

```
➤ openssl version
FATAL: Startup failure (dev note: apps_startup()) for openssl
307D1EA97F000000:error:12800067:lib(37):dlfcn_load:reason(103):crypto/dso/dso_dlfcn.c:118:filename(libengines.so):
Error loading shared library libengines.so: No such file or directory
307D1EA97F000000:error:12800067:lib(37):DSO_load:reason(103):crypto/dso/dso_lib.c:152:
307D1EA97F000000:error:0700006E:lib(14):module_load_dso:reason(110):crypto/conf/conf_mod.c:321:module=engines, path=engines
307D1EA97F000000:error:07000071:lib(14):module_run:reason(113):crypto/conf/conf_mod.c:266:module=engines
```

Build should check for the `CONFIG_OPENSSL_ENGINE` option, and comment out `engines`
if not explicitly enabled.

Example:
```
[openssl_init]
providers = provider_sect
```

After this change, openssl util works correctly.

```
➤ openssl version
OpenSSL 3.0.14 4 Jun 2024 (Library: OpenSSL 3.0.14 4 Jun 2024)
```

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15661
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 31ec4515c3)
Link: https://github.com/openwrt/openwrt/pull/15873
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:29:23 +02:00
John Audia
4aabbd6746 openssl: update to 3.0.14
Major changes between OpenSSL 3.0.13 and OpenSSL 3.0.14 [04-Jun-2024]

* Fixed potential use after free after SSL_free_buffers() is called.
  [CVE-2024-4741]
* Fixed checking excessively long DSA keys or parameters may be very slow.
  [CVE-2024-4603]
* Fixed an issue where some non-default TLS server configurations can cause
  unbounded memory growth when processing TLSv1.3 sessions. An attacker may
  exploit certain server configurations to trigger unbounded memory growth that
  would lead to a Denial of Service.  [CVE-2024-2511]
* New atexit configuration switch, which controls whether the OPENSSL_cleanup
  is registered when libcrypto is unloaded. This can be used on platforms
  where using atexit() from shared libraries causes crashes on exit

Signed-off-by: John Audia <therealgraysky@proton.me>

Build system: x86/64
Build-tested: x86/64/AMD Cezanne

(cherry picked from commit bac2f1bed6)
Link: https://github.com/openwrt/openwrt/pull/15873
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:29:23 +02:00
Hauke Mehrtens
2410b4c07b wolfssl: Update to 5.7.0
This fixes multiple security problems:
 * [High] CVE-2024-0901 Potential denial of service and out of bounds
   read. Affects TLS 1.3 on the server side when accepting a connection
   from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
   it is recommended to update the version of wolfSSL used.

 * [Med] CVE-2024-1545 Fault Injection vulnerability in
   RsaPrivateDecryption function that potentially allows an attacker
   that has access to the same system with a victims process to perform
   a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin
   Zhang, Qingni Shen for the report (Peking University, The University
   of Western Australia)."

 * [Med] Fault injection attack with EdDSA signature operations. This
   affects ed25519 sign operations where the system could be susceptible
   to Rowhammer attacks. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang,
   Qingni Shen for the report (Peking University, The University of
   Western Australia).

Size increased a little:
wolfssl 5.6.6:
516880 bin/packages/mips_24kc/base/libwolfssl5.6.6.e624513f_5.6.6-stable-r1_mips_24kc.ipk
wolfssl: 5.7.0:
519429 bin/packages/mips_24kc/base/libwolfssl5.7.0.e624513f_5.7.0-stable-r1_mips_24kc.ipk

(cherry picked from commit f475a44c03)
Link: https://github.com/openwrt/openwrt/pull/15872
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:27:20 +02:00
Nick Hainke
97c588e1ba wolfssl: update to 5.6.6
Release Notes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable

Refresh patches:
- 100-disable-hardening-check.patch

Fixes: CVE-2023-6935 CVE-2023-6936 CVE-2023-6937
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 511578c128)
Link: https://github.com/openwrt/openwrt/pull/15872
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:27:20 +02:00
David Bentham
9ac1523062 mediatek: add Comfast CF-E393AX support
Comfast CF-E393AX is a dual-band Wi-Fi 6 POE ceiling mount access point.

Oem firmware is a custom openwrt 21.02 snapshot version.

We can gain access via ssh once we remove the root password.

Hardware specification:
  SoC: MediaTek MT7981A 2x A53
  Flash: 128 MB SPI-NAND
  RAM: 256MB DDR3
  Ethernet: 1x 10/100/1000 Mbps built-in PHY (WAN)
            1x 10/100/1000/2500 Mbps MaxLinear GPY211C (LAN)
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976D
  LEDS: 1x (Red, Blue and Green)
  Button: Reset
  UART: 3.3v, 115200n8
  --------------------------
  | Layout |
  | ----------------- |
  | 4 | VCC GND TX RX | <= |
  | ----------------- |
  --------------------------

Gain SSH access:
1. Login into web interface (http://apipaddress/computer/login.html),
   and download the
   configuration(http://apipaddress/computer/config.html).

2. Rename downloaded backup config - 'backup.file to backup.tar.gz',
   Enter 'fakeroot' command then decompress the configuration:
   tar -zxf backup.tar.gz

3. Edit 'etc/shadow', update (remove) root password:
   With password =
   'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
   'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
   to
   Without password =
   'root::0:99999:7:::'
   'root::0:99999:7:::'

4. Repack 'etc' directory back to a new backup file:
   tar -zcf backup-ssh.tar.gz etc/
5. Rename new config tar.gz file to 'backup-ssh.file'
   Exit fakeroot - 'exit'

6. Upload new configuration via web interface, now you
   can SSH with the following:

   'ssh -vv -o HostKeyAlgorithms=+ssh-rsa \
   -o PubkeyAcceptedAlgorithms=+ssh-rsa root@192.168.10.1'.

   Backup the mtd partitions
   - https://openwrt.org/docs/guide-user/installation/generic.backup

7. Copy openwrt factory firmware to the tmp folder to install via ssh:

   'scp -o HostKeyAlgorithms=+ssh-rsa \
   -o PubkeyAcceptedAlgorithms=+ssh-rsa \
   *-mediatek-filogic-comfast_cf-e393ax-squashfs-factory.bin \
   root@192.168.10.1:/tmp/'

   'sysupgrade -n -F \
   /tmp/*--mediatek-filogic-comfast_cf-e393ax-squashfs-factory.bin'

8. Once led has stopped flashing - Connect via ssh with the
   default openwrt ip address - 'ssh root@192.168.1.1'

9. SSH copy the openwrt sysupgrade firmware and upgrade
   as per the default instructions.

Signed-off-by: David Bentham <db260179@gmail.com>
(cherry picked from commit d8f4453bf2)
2024-07-04 15:54:27 +02:00
Chukun Pan
e4015c446b uboot-envtools: filogic: reorder alphabetically
Reorder scripts to keep alphabetical order.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 4825defe44)
2024-07-04 15:39:22 +02:00
Felix Fietkau
f64576f367 mt76: update to Git HEAD (2024-04-03)
605624a4e17b mt76: fix path to page_pool helper include
e4de3592c4e3 wifi: mt76: mt7603: fix tx queue of loopback packets
446f652c967c wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset
669aba47a145 wifi: mt76: mt7915: fix HE PHY capability regression
5914ea57a31f wifi: mt76: mt7915: workaround dubious x | !y warning
e8b5991f7dac wifi: mt76: mt7915: workaround too long expansion sparse warnings
e507b4e32ead wifi: mt76: mt7921: fix fw used for offload check for mt7922
725f531c1459 wifi: mt76: connac: check for null before dereferencing
b108dda7e201 wifi: mt76: mt7996: fix size of txpower MCU command
5b7616491f07 wifi: mt76: mt7921: introduce mt7920 PCIe support
0436995feca9 wifi: mt76: mt7921s: fix potential hung tasks during chip recovery
75759dca73d5 wifi: mt76: mt7925: ensure 4-byte alignment for suspend & wow command
b96ab5e62010 wifi: mt76: mt7996: fix uninitialized variable in mt7996_irq_tasklet()
7ff11c7259a3 wifi: mt76: sdio: move mcu queue size check inside critical section
02846a5d0f0f wifi: mt76: mt7915: Remove unused of_gpio.h
cb8df32e0475 wifi: mt76: mt7996: disable rx header translation for BMC entry
a4c4b550512e wifi: mt76: connac: use peer address for station BMC entry
260c5b7c3ba0 wifi: mt76: mt7996: set RCPI value in rate control command
0b7e645db9c2 wifi: mt76: connac: enable HW CSO module for mt7996
f19035fe0b4d wifi: mt76: mt7996: fix non-main BSS no beacon issue for MBSS scenario
424e9df466ce wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature
f70cb4f0508e wifi: mt76: connac: enable critical packet mode support for mt7992
5f1bf8865247 wifi: mt76: mt7996: add sanity checks for background radar trigger
1e336a8582dc wifi: mt76: connac: use muar idx 0xe for non-mt799x as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a10a6fbac7)
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-07-03 09:59:49 +02:00
Ian Oderon
77354213b7 mediatek: add support for Zbtlink ZBT-Z8103AX
Specifications:
SoC: MediaTek MT7981B
RAM: 256MiB
Flash: SPI-NAND 128 MiB
Switch: 1 WAN, 3 LAN (Gigabit)
Buttons: Reset, Mesh
Power: DC 12V 1A
WiFi: MT7976CN
UART: 115200n8
UART Layout:
VCC-RX-TX-GND

No. of Antennas: 6
Note: Upon opening the router, only 5 antennas were connected
to the mainboard.

Led Layout:
Power-Mesh-5gwifi-WAN-LAN3-LAN2-LAN1-2gWiFi

Buttons:
Reset-Mesh

Installation:
A. Through OpenWrt Dashboard:
If your router comes with OpenWrt preinstalled (modified by the seller),
you can easily upgrade by going to the dashboard (192.168.1.1) and then
navigate to System -> Backup/Flash firmware, then flash the firmware

B. Through TFTP
Standard installation via UART:

1. Connect USB Serial Adapter to the UART, (NOTE: Don't connect the VCC pin).
2. Power on the router. Make sure that you can access your router via UART.
3. Restart the router then repeatedly press ctrl + c to skip default boot.
4. Type > bootmenu
5. Press '2' to select upgrade firmware
6. Press 'Y' on 'Run image after upgrading?'
7. Press '0' and hit 'enter' to select TFTP client (default)
8. Fill the U-Boot's IP address and TFTP server's IP address.
9. Finally, enter the 'firmware' filename.

Signed-off-by: Ian Oderon <ianoderon@gmail.com>
(cherry picked from commit 4300bc6688)
2024-07-03 09:19:41 +02:00
Rodrigo Balerdi
9988f8adf8 base-files: minor fix to mmc_get_mac_ascii function
This is mostly a cosmetic cleanup. The absence of
the return statement was not causing any problems.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
(cherry picked from commit 8cf4ac5195)
2024-07-02 09:05:52 +02:00
Daniel Golle
4058d0e990 base-files: add mmc_get_mac_ascii function
Similar to the *_get_mac_binary function, also split the common parts
off mtd_get_mac_ascii into new get_mac_ascii function and introduce
mmc_get_mac_ascii which uses it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 45c85c1827)
2024-07-02 09:05:52 +02:00
David Bauer
ef4fc5cc1d hostapd: bump PKG_RELEASE
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 89d7051485)
2024-06-30 22:31:51 +02:00
David Bauer
85ff47c6be hostapd: don't ignore probe-requests with invalid DSSS params
Don't ignore probe requests which contain an invalid DS parameter for the
current operating channel.

As the comment outlines, the drop shall only apply if
dot11RadioMeasurementActivated is set to 1.

However, it was observed Linux clients (Debian 12 / NixOS 23.11)
with an Intel 8265 NIC may generate a probe request frame with
dot11RadioMeasurementActivated set to false and an invalid DSSS
parameter.

These were also dropped even though they should not have been. They
however should not have contained this parameter in the first place.

Don't drop Probe Requests which contain such an invalid field. This may
lead to more probe responses being sent, however it does fix very
frequent connection issues for these clients on 2.4 GHz.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 68e4cc9be5)
2024-06-30 22:31:51 +02:00
Felix Fietkau
50148a40d2 mt76: update to Git HEAD (2024-03-18)
a903d3169193 wifi: mt76: mt7921: fix a potential association failure upon resuming
eb0d0ce344f3 wifi: mt76: mt7921: fix suspend issue on MediaTek COB platform
841bf82e9958 wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177
ce7ccc540168 wifi: mt76: Remove redundant assignment to variable tidno
a238df940d6f wifi: mt76: mt7915: initialize rssi on adding stations
46c7d1849dbd wifi: mt76: replace skb_put with skb_put_zero
b5640b3153c7 wifi: mt76: fix tx packet loss when scanning on DBDC
7b054e5cb3af wifi: mt76: mt7915: fix mcu command format for mt7915 tx stats
3f27a64a8010 wifi: mt76: mt7915: fix bogus Tx/Rx airtime duration values
4f681a8fbc91 wifi: mt76: mt7915: fix HE PHY capabilities IE for station mode
8ede229eb8b5 wifi: mt76: mt7915: only set MT76_MCU_RESET for the main phy
2330781b8c5f wifi: mt76: mt7996: only set MT76_MCU_RESET for the main phy
e5fb6995e7eb wifi: mt76: mt7915: add support for disabling in-band discovery
b4a917417c85 wifi: mt76: mt7915: add mt7986, mt7916 and mt7981 pre-calibration
2135e201e7a9 mt76: mt7915: add fallback in case of missing precal data

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 85ad6b9569)
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-06-18 15:19:51 +02:00
Yanase Yuki
a691e7d8ad gettext-full: link libiconv when building host pkg
On Fedora 40 system, some compile error happens when
building iconv-ostream.c. Linking to libiconv-full
fixes this.

Signed-off-by: Yanase Yuki <dev@zpc.st>
(cherry picked from commit 63dd14b906)
Link: https://github.com/openwrt/openwrt/pull/15627
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-04 14:27:35 +02:00
Nick Hainke
968d9430c6 libxml2: update to 2.12.5
Release Notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.5

Fixes: CVE-2024-25062
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit c47b7571f0)
2024-05-23 22:09:05 +02:00
Nick Hainke
ced6809554 libxml2: update to 2.12.4
Release Notes:
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.4

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit d82930c7c7)
2024-05-23 22:09:05 +02:00
Nick Hainke
6ea90db857 libxml2: update to 2.12.3
Release Notes:
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.2
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.3

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 08ad3c9633)
2024-05-23 22:09:05 +02:00
Nick Hainke
a8a8fbcaff libxml2: update to 2.12.1
Release Notes:
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.0
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.1

Remove patch:
- 010-iconv.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 2963e1687b)
2024-05-23 22:09:05 +02:00
Nick Hainke
6d6384fb45 libxml2: update to 2.11.6
Release Notes:
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.5
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.6

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 62277c485e)
2024-05-23 22:09:05 +02:00
Chuanhong Guo
51822a907e mediatek: drop NMBM layout for Xiaomi WR30U
This reverts commit dcdcfc1511.

This is a firmware for third-party u-boot mod, which should not
be carried here by us.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit 1b7e62b20b)
2024-05-23 21:50:00 +02:00
Dim Fish
f11e6e221e mediatek: filogic: add support for Xiaomi AX3000T
**SoC**: MediaTek MT7981B 2x A53
  **Flash**: ESMT F50L1G41LB 128MB
  **RAM**: NT52B128M16JR-FL 256MB
  **Ethernet**: 4x 10/100/1000 Mbps
  **Switch**: MediaTek MT7531AE
  **WiFi**: MediaTek MT7976C
  **Buttons**: Reset, Mesh
  **Power**: DC 12V 1A

1. Get ssh access. Supported stock firmware **1.0.47**
   ```
   curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0Anvram%20set%20ssh_en%3D1%0A"
   curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0Anvram%20commit%0A"
   curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0Ased%20-i%20's%2Fchannel%3D.*%2Fchannel%3D%22debug%22%2Fg'%20%2Fetc%2Finit.d%2Fdropbear%0A"
   curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0A%2Fetc%2Finit.d%2Fdropbear%20start%0A"
   curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=********/api/misystem/arn_switch" -d "open=1&model=1&level=%0Apasswd%20-d%20root%0A
   ```

2. Backup stock partitions
   ```
   nanddump -f /tmp/BL2.bin /dev/mtd1
   nanddump -f /tmp/Nvram.bin /dev/mtd2
   nanddump -f /tmp/Bdata.bin /dev/mtd3
   nanddump -f /tmp/Factory.bin /dev/mtd4
   nanddump -f /tmp/FIP.bin /dev/mtd5
   nanddump -f /tmp/ubi.bin /dev/mtd8
   nanddump -f /tmp/KF.bin /dev/mtd12
   ```
   Then transfer them to your computer in a safe place.

3. Get firmware information `cat /proc/cmdline`

4. Copy openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-initramfs-factory.ubi to **/tmp** and flash
   If **firmware=0**
   ```
   ubiformat /dev/mtd9 -y -f /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-initramfs-factory.ubi
   nvram set boot_wait=on
   nvram set uart_en=1
   nvram set flag_boot_rootfs=1
   nvram set flag_last_success=1
   nvram set flag_boot_success=1
   nvram set flag_try_sys1_failed=0
   nvram set flag_try_sys2_failed=0
   nvram commit
   reboot
   ```
   If **firmware=1**
   ```
   ubiformat /dev/mtd8 -y -f /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-initramfs-factory.ubi
   nvram set boot_wait=on
   nvram set uart_en=1
   nvram set flag_boot_rootfs=0
   nvram set flag_last_success=0
   nvram set flag_boot_success=1
   nvram set flag_try_sys1_failed=0
   nvram set flag_try_sys2_failed=0
   nvram commit
   reboot
   ```

   Then reboot your router, it should boot to the OpenWrt initramfs system now.

5. Flash openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-squashfs-sysupgrade.bin
   `sysupgrade -n /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-squashfs-sysupgrade.bin`

1. Flash openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-initramfs-recovery.itb
   `ubiformat /dev/mtd8 -y -f /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-initramfs-recovery.itb`

   `reboot`

2. Install kmod-mtd-rw
   `opkg update && opkg install kmod-mtd-rw`

   `insmod /lib/modules/$(uname -r)/mtd-rw.ko i_want_a_brick=1`

3. Format ubi and create new ubootenv volume
   ```
   ubidetach -p /dev/mtd8; ubiformat /dev/mtd8 -y; ubiattach -p /dev/mtd8
   ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
   ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
   ```

4. *(Optional **-10Mb** free space) Add recovery boot feature.*
   ```
   ubimkvol /dev/ubi0 -n 2 -N recovery -s 10MiB
   ubiupdatevol /dev/ubi0_2 /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-initramfs-recovery.itb
   ```

5. Flash Openwrt U-Boot
   ```
   mtd write /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-preloader.bin BL2
   mtd write /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-bl31-uboot.fip FIP
   ```

6. Flash openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-squashfs-sysupgrade.itb
   `sysupgrade -n /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-squashfs-sysupgrade.itb`

1. Force flash openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-initramfs-recovery.itb
   `sysupgrade -F -n /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-ubootmod-initramfs-recovery.itb`

2. Format ubi and Nvram
   ```
   ubidetach -p /dev/mtd8; ubiformat /dev/mtd8 -y; ubiattach -p /dev/mtd8
   mtd erase Nvram
   ```

3. Install kmod-mtd-rw
   `opkg update && opkg install kmod-mtd-rw`

   `insmod /lib/modules/$(uname -r)/mtd-rw.ko i_want_a_brick=1`

4. Flash stock images from backup
   ```
   mtd write /tmp/BL2.bin BL2
   mtd write /tmp/FIP.bin FIP
   mtd write /tmp/ubi.bin ubi
   ```
   Then reboot your router, waiting it finished rollback in minutes.

   `ubiformat /dev/mtd7 -y -f /tmp/ubi.bin`
   Then reboot your router, waiting it finished rollback in minutes.

Signed-off-by: Dim Fish <dimfish@gmail.com>
(cherry picked from commit 7dbcc1215a)
2024-05-23 21:50:00 +02:00
Alexandru Gagniuc
a6bb1df40b wifi-scripts: fix creation of IBSS in legacy (non-HT) mode
When an IBBS interface is configured for IBSS legacy mode, wdev.htmode
is empty. This is empty string results in an empty positional argument
to the "ibbs join" command, for example:

    iw dev phy0-ibss0 ibss join crymesh 2412 '' fixed-freq beacon-interval 100

This empty argument is interpreted as an invalid HT mode by 'iw',
causing the entire command to fail and print a "usage" message:

    daemon.notice netifd: radio0 (4527): Usage:    iw [options] \
        dev <devname> ibss join <SSID> <freq in MHz> ...

Although nobody will ever need more than 640K of IBSS, explicitly use
"NOHT" if an HT mode is not given. This fixes the problem.

Fixes: e56c5f7b27 ("hostapd: add ucode support, use ucode for the main ubus object")
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [extend to cover more cases]
(cherry picked from commit cee9fcdb73)
2024-05-23 21:35:53 +02:00
Yuu Toriyama
09a8f75077 wireless-regdb: update to 2024.05.08
Changes:
  73529a8 Revert "wireless-regdb: Update and disable 5470-5730MHz band according to TPC requirement for Singapore (SG)"
  87941e4 wireless-regdb: Update regulatory rules for Taiwan (TW) on 6GHz
  33797ae wireless-regdb: update regulatory database based on preceding changes

Signed-off-by: Yuu Toriyama <PascalCoffeeLake@gmail.com>
(cherry picked from commit 65c1f0d433)
2024-05-19 16:20:43 +03:00
Rafał Miłecki
a9e117e03f mt76: fix mt7603 compilation
This fixes:
mt7603/dma.c: In function 'mt7603_rx_loopback_skb':
mt7603/dma.c:60:17: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement]

Fixes: 2568b30285 ("mt76: backport mt7603 fixes important for its stability")
Fixes: https://github.com/openwrt/openwrt/issues/15510
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-05-18 14:58:39 +02:00
Rafał Miłecki
2568b30285 mt76: backport mt7603 fixes important for its stability
Those are required for stable MT7603E & on-SoC MT7628/MT7688 wireless
support. After mt76 receiving more testing we may just update codebase
and drop those backports.

Fixes: https://github.com/openwrt/mt76/issues/865
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-05-16 14:44:27 +02:00
Felix Fietkau
ffd0074694 mt76: update to Git HEAD (2024-02-03)
a9693e1979c2 linux-firmware: add firmware for MT7996
0258dc90e3a1 wifi: mt76: mt7603: fix reading target power from eeprom
3e81173d9e2b wifi: mt76: mt7603: initialize chainmask
786a339bac36 wifi: mt76: mt7996: fix fortify warning
bc37a7ebc267 wifi: mt76: mt7996: fix fw loading timeout
027bab6a88a3 wifi: mt76: usb: create a dedicated queue for psd traffic
e8909c610c3b wifi: mt76: usb: store usb endpoint in mt76_queue
8b3d96fa4ead wifi: mt76: mt792xu: enable dmashdl support
7864d7ad0ed0 wifi: mt76: mt76x2u: add netgear wdna3100v3 to device table
27c81f7c1480 wifi: mt76: mt7925: fix connect to 80211b mode fail in 2Ghz band
b7443c63069a wifi: mt76: mt7925: fix SAP no beacon issue in 5Ghz and 6Ghz band
bab721a65f5a wifi: mt76: mt7925: fix mcu query command fail
1f0f71ed81e8 wifi: mt76: mt7925: fix wmm queue mapping
bcfe2ad966f3 wifi: mt76: mt7925: fix fw download fail
f982c3d67a29 wifi: mt76: mt7925: fix WoW failed in encrypted mode
6a72716ec213 wifi: mt76: mt7925: fix the wrong header translation config
50928b7e1359 wifi: mt76: mt7925: add flow to avoid chip bt function fail
762ab4530e8f wifi: mt76: mt7925: add support to set ifs time by mcu command
87deaf82efa4 wifi: mt76: mt7925: update PCIe DMA settings
c190c1576522 wifi: mt76: mt7925: support temperature sensor
025d5734caba wifi: mt76: mt7996: check txs format before getting skb by pid
4768bfa2baca wifi: mt76: mt7996: fix TWT issues
a65e3eced907 wifi: mt76: mt7996: disable AMSDU for non-data frames
d71716d93aee wifi: mt76: mt7996: fix incorrect interpretation of EHT MCS caps
f21728f3f4bd wifi: mt76: mt7996: ensure 4-byte alignment for beacon commands
68dad7dacd2a wifi: mt76: mt7996: fix HE beamformer phy cap for station vif
66a28f340cdc wifi: mt76: mt7996: mark GCMP IGTK unsupported
b47ad8a7764e wifi: mt76: mt7996: fix efuse reading issue
c2fc7dae7b72 wifi: mt76: mt7996: remove TXS queue setting
e0f1ed168ed5 wifi: mt76: mt7996: add locking for accessing mapped registers
d0cc92c1fd08 wifi: mt76: connac: set correct muar_idx for mt799x chipsets
ae0c62279adc wifi: mt76: mt7996: fix HIF_TXD_V2_1 value
ecc14276af54 wifi: mt76: mt792x: fix ethtool warning
9827df56b241 wifi: mt76: move wed common utilities in wed.c
dccbd2598505 wifi: mt76: mt7925: fix the wrong data type for scan command
9907f4f20261 wifi: mt76: mt792x: add the illegal value check for mtcl table of acpi
1b088a7ac06d wifi: mt76: mt7921e: fix use-after-free in free_irq()
f3c5b4820d7f wifi: mt76: mt7925e: fix use-after-free in free_irq()
d75eac9f5531 wifi: mt76: mt7921: fix incorrect type conversion for CLC command
7bd5401f5bb1 wifi: mt76: mt792x: fix a potential loading failure of the 6Ghz channel config from ACPI
ea55196bc4a0 wifi: mt76: mt792x: update the country list of EU for ACPI SAR
6124ea9135ed wifi: mt76: mt7921: fix the unfinished command of regd_notifier before suspend

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 114190d8ae)
[rmilecki: add patches/fixes for regressions from this commit]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-05-16 14:44:27 +02:00
Felix Fietkau
a39e47e0c9 mt76: update to Git HEAD (2024-01-18)
83e3947e2c52 linux-firmware: update firmware for MT7922 WiFi device
ddaa8cb6e81a linux-firmware: update firmware for MT7921 WiFi device
f83b1601cc10 linux-firmware: update firmware for MT7922 WiFi device
61d334ab0f33 linux-firmware: add firmware for MT7925
a7836e4c8a60 wifi: mt76: disable HW AMSDU when using fixed rate
a8571ebbcd95 wifi: mt76: check txs format before getting skb by pid
3d5890e2cab3 wifi: mt76: mt7915: fix error recovery with WED enabled
703c26d01197 wifi: mt76: mt7915: add locking for accessing mapped registers
f77188160441 wifi: mt76: mt7915: update mt798x_wmac_adie_patch_7976

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a28cedbdab)
2024-05-16 14:06:06 +02:00
Felix Fietkau
4be4d20662 mt76: update to Git HEAD (2023-12-18)
bebd9cffc2ae wifi: mt76: mt7921: fix 6GHz disabled by the missing default CLC config

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 1a57d758f2)
[rmilecki: it's a no-change for 23.05 as we had that fix backported]
2024-05-10 11:45:43 +02:00
Felix Fietkau
e32782b2df mt76: update to Git HEAD (2023-12-11)
f63f87cd5b45 wifi: mt76: mt7996: fix shift overflow warning on 32 bit systems

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit da7b0351fc)
[rmilecki: it's a no-change for 23.05 as we had that fix backported]
2024-05-10 11:45:43 +02:00
Felix Fietkau
06be957f86 mt76: update to Git HEAD (2023-12-08)
890ae4d717f1 wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling
fcc2f3d82bc9 wifi: mt76: fix lock dependency problem for wed_lock
77cc14596202 wifi: mt76: mt792x: move mt7921_skb_add_usb_sdio_hdr in mt792x module
bc85355885d1 wifi: mt76: mt792x: move some common usb code in mt792x module
c27f01c4c834 wifi: mt76: mt7996: get tx_retries and tx_failed from txfree
30aba4c18307 wifi: mt76: mt7996: Add mcu commands for getting sta tx statistic
119bebff244b wifi: mt76: mt7996: enable PPDU-TxS to host
a4005e0e83e7 wifi: mt76: mt7996: remove periodic MPDU TXS request
d6cc20bf5913 wifi: mt76: reduce spin_lock_bh held up in mt76_dma_rx_cleanup
5d94251d641c wifi: mt76: mt7921: move connac nic capability handling to mt7921
266341b5019d wifi: mt76: mt7921: enable set txpower for UNII-4
581449ac5274 wifi: mt76: mt7921: add 6GHz power type support for clc
9bfd669e9477 wifi: mt76: mt7921: get regulatory information from the clc event
4a0f839da0f1 wifi: mt76: mt7921: update the channel usage when the regd domain changed
f4df423d3d56 wifi: mt76: add ability to explicitly forbid LED registration with DT
54d369e79972 wifi: mt76: mt7921: support 5.9/6GHz channel config in acpi
b39b6cba220f wifi: mt76: mt7996: fix uninitialized variable in parsing txfree
77194e652885 wifi: mt76: fix typo in mt76_get_of_eeprom_from_nvmem function
c37738fc9097 wifi: mt76: limit support of precal loading for mt7915 to MTD only
d6e8aa634a19 wifi: mt76: make mt76_get_of_eeprom static again
d1c671a90eba wifi: mt76: permit to use alternative cell name to eeprom NVMEM load
5539001fe4e3 wifi: mt76: permit to load precal from NVMEM cell for mt7915
48d413380685 wifi: mt76: Remove unnecessary (void*) conversions
ea2814289147 wifi: mt76: mmio: move mt76_mmio_wed_{init,release}_rx_buf in common code
9fb0277d7ee8 wifi: mt76: move mt76_mmio_wed_offload_{enable,disable} in common code
4b47145ecf44 wifi: mt76: move mt76_net_setup_tc in common code
d798d5d6f770 wifi: mt76: introduce mt76_queue_is_wed_tx_free utility routine
48b0cedbf83f wifi: mt76: introduce wed pointer in mt76_queue
c550204e347d wifi: mt76: increase MT_QFLAG_WED_TYPE size
2e7f30f22cfd wifi: mt76: mt7996: add wed tx support
ec8765a02fc8 wifi: mt76: dma: introduce __mt76_dma_queue_reset utility routine
a469aaac9784 wifi: mt76: mt7996: use u16 for val field in mt7996_mcu_set_rro signature
abca260a15c4 wifi: mt76: mt7996: add wed rx support
be2e74c0c495 wifi: mt76: move wed reset common code in mt76 module
7f17e164fbb4 wifi: mt76: mt7996: add wed reset support
0f89bf58efda wifi: mt76: mt7996: add wed rro delete session garbage collector
a58b75f863ca wifi: mt76: mt7915: fallback to non-wed mode if platform_get_resource fails in mt7915_mmio_wed_init()
36d2ddd94eeb wifi: mt76: mt7996: add support for variants with auxiliary RX path
cec7720c9341 wifi: mt76: mt7996: add TX statistics for EHT mode in debugfs
9852093062e8 wifi: mt76: connac: add thermal protection support for mt7996
955540a4df74 wifi: mt76: mt7996: add thermal sensor device support
af41374a3b8e wifi: mt76: connac: add beacon duplicate TX mode support for mt7996
3c98d7b7fa23 wifi: mt76: mt7996: fix the size of struct bss_rate_tlv
ee2169c00539 wifi: mt76: mt7996: adjust WFDMA settings to improve performance
0aead5de68a7 wifi: mt76: connac: set fixed_bw bit in TX descriptor for fixed rate frames
ab5580ff5a4f wifi: mt76: mt7996: handle IEEE80211_RC_SMPS_CHANGED
eed234afed7e wifi: mt76: mt7996: align the format of fixed rate command
d9a855285b95 wifi: mt76: mt7996: fix rate usage of inband discovery frames
47799aefe263 wifi: mt76: change txpower init to per-phy
264e1ecfe1b4 wifi: mt76: mt7996: add txpower setting support
c7b243b127eb wifi: mt76: use chainmask for power delta calculation
05f433900a02 wifi: mt76: mt7996: switch to mcu command for TX GI report
ae963198e605 wifi: mt76: mt7996: fix alignment of sta info event
d0d2e03591d6 wifi: mt76: mt7996: rework ampdu params setting
e87f4efc7638 wifi: mt76: connac: add beacon protection support for mt7996
0dfcc53a8e5d wifi: mt76: connac: fix EHT phy mode check
30c54a53bf8b wifi: mt76: mt7915: fix EEPROM offset of TSSI flag on MT7981
17297c97b737 wifi: mt76: mt7915: also MT7981 is 3T3R but nss2 on 5 GHz band
eeb48c081034 wifi: mt76: mt7996: fix mt7996_mcu_all_sta_info_event struct packing
b74ad922659c wifi: mt76: mt7996: introduce mt7996_band_valid()
51cb541c1e53 wifi: mt76: connac: add firmware support for mt7992
c0eda4d96ec8 wifi: mt76: mt7996: add DMA support for mt7992
f12471968a53 wifi: mt76: mt7996: rework register offsets for mt7992
8d11dae73eb8 wifi: mt76: mt7996: support mt7992 eeprom loading
6c2b2c37abd7 wifi: mt76: mt7996: adjust interface num and wtbl size for mt7992
df1d3b3c67e5 wifi: mt76: connac: add new definition of tx descriptor
f997e759cea5 wifi: mt76: mt7996: add PCI IDs for mt7992
94e3632e4e93 wifi: mt76: mt7925: remove iftype from mt7925_init_eht_caps signature
9c7b98c03173 net: ethernet: mtk_wed: rename mtk_rxbm_desc in mtk_wed_bm_desc
4423b4eb69fb wifi: mt76: mt7996: fix endianness in mt7996_mcu_wed_rro_event
b97d899a7907 wifi: mt76: mt7921: fix kernel panic by accessing invalid 6GHz channel info
9ef06028d4fe wifi: mt76: mt7921s: fix workqueue problem causes STA association fail
95c14207d2a9 wifi: mt76: mt7996: set DMA mask to 36 bits for boards with more than 4GB of RAM
dbea5151412b wifi: mt76: mt7921: reduce the size of MCU firmware download Rx queue
a84a355d2e0a wifi: mt76: mt7921: fix country count limitation for CLC
c498f27ad075 wifi: mt76: mt7921: fix CLC command timeout when suspend/resume
3098d968abe4 wifi: mt76: mt7921: fix wrong 6Ghz power type
7730fc91dd15 wifi: mt76: fix shift overflow warnings on 32 bit systems
f559adf1849c wifi: mt76: fix crash with WED rx support enabled

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 8f782ed07d)
[rmilecki: add patches/fixes for regressions from this commit]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-05-08 15:17:51 +02:00
Felix Fietkau
5c4c9ae059 mt76: update to the latest version
b5d13611d35e mt76: mt7915: fix monitor mode issues
bbbac7deee3d wifi: mt76: rename mt76_packet_id_init/flush to mt76_wcid_init/cleanup
f1e1e67d97d1 wifi: mt76: fix race condition related to checking tx queue fill status
b3f739a64e6b wifi: mt76: mt7996: add eht rx rate support
ca4917062f17 wifi: mt76: mt76x0: remove dead code in mt76x0_phy_get_target_power
325a0c493199 wifi: mt76: mt7996: fill txd by host driver
cd371fcc98d4 mt76: mt7996: sync with upstream
d71f8d1b172b wifi: mt76: use atomic iface iteration for pre-TBTT work
8d5ea32d4895 wifi: mt76: remove unused error path in mt76_connac_tx_complete_skb
01860c02c505 wifi: mt76: add DMA mapping error check in mt76_alloc_txwi()
62ddb6d46a97 wifi: mt76: connac: introduce helper for mt7925 chipset
0837f37e998b wifi: mt76: mt792x: support mt7925 chip init
899ff378082b wifi: mt76: connac: export functions for mt7925
c3858b5bf347 wifi: mt76: connac: add eht support for phy mode config
5df6b26a9fc5 wifi: mt76: connac: add eht support for tx power
a8081345c636 wifi: mt76: connac: add data field in struct tlv
9b38aebecf78 wifi: mt76: connac: add more unified command IDs
84984e6dc87d wifi: mt76: connac: add more unified event IDs
6fe92398c9ce wifi: mt76: mt7996: set correct wcid in txp
2cfe2fb0bb80 wifi: mt76: mt7996: fix beamform mcu cmd configuration
e512241bb5bb wifi: mt76: mt7996: fix beamformee ss subfield in EHT PHY cap
719a98f832c7 wifi: mt76: mt7996: fix wmm queue mapping
9723562f2a5b wifi: mt76: mt7996: fix rx rate report for CBW320-2
1bb5a6a54943 wifi: mt76: mt7996: fix TWT command format
751b054891f6 wifi: mt76: mt7996: only set vif teardown cmds at remove interface
fea1e10c7741 wifi: mt76: mt7996: support more options for mt7996_set_bitrate_mask()
d497ee8aa2f5 wifi: mt76: mt7996: support per-band LED control
8ccc84111141 wifi: mt76: Use PTR_ERR_OR_ZERO() to simplify code
161f70217edf wifi: mt76: mt7921e: Support MT7992 IP in Xiaomi Redmibook 15 Pro (2023)
7d25bfc3f0cc wifi: mt76: fix clang-specific fortify warnings
5971aa968401 wifi: mt76: connac: add MBSSID support for mt7996
5a47dd323be1 wifi: mt76: update beacon size limitation
d5b4b81dcc9e wifi: mt76: check sta rx control frame to multibss capability
af0e1f6dafb5 wifi: mt76: fix potential memory leak of beacon commands
65d91a833b01 wifi: mt76: get rid of false alamrs of tx emission issues
29411e52059f wifi: mt76: fix per-band IEEE80211_CONF_MONITOR flag comparison
4da62774038a wifi: mt76: check vif type before reporting cca and csa
4a85678fe089 wifi: mt76: mt7915: update mpdu density capability
791a45cffadf wifi: mt76: mt7915: fix beamforming availability check
08e1e6cb7d41 wifi: mt76: Drop unnecessary error check for debugfs_create_dir()
d1881b1b2bf6 wifi: mt76: move struct ieee80211_chanctx_conf up to struct mt76_vif
66d5694e1898 wifi: mt76: mt7921: fix the wrong rate pickup for the chanctx driver
9fc37b0ac546 wifi: mt76: mt7921: fix the wrong rate selected in fw for the chanctx driver
2afc7285f75d wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for mt7925 chips

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit ef8e2f66f5)
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-05-08 13:39:34 +02:00
Rosen Penev
507f9439e7 lua: fix CVE-2014-5461
Patch taken from Debian.

Refresh patches

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 78b0106f7d)
2024-04-30 23:46:11 +02:00
Christian Marangi
2541ff391f
procd: make mDNS TXT record parsing more solid
mDNS broadcast can't accept empty TXT record and would fail
registration.

Current procd_add_mdns_service checks only if the first passed arg is
empty but don't make any verification on the other args permittins
insertion of empty values in TXT record.

Example:

	procd_add_mdns "blah" \
				"tcp" "50" \
				"1" \
				"" \
				"3"

Produce:

{ "blah_50": { "service": "_blah._tcp.local", "port": 50, "txt": [ "1", "", "3" ] } }

The middle empty TXT record should never be included as it's empty.

This can happen with scripts that make fragile parsing and include
variables even if they are empty.

Prevent this and make the TXT record more solid by checking every
provided TXT record and include only the non-empty ones.

The fixed JSON is the following:

{ "blah_50": { "service": "_blah._tcp.local", "port": 50, "txt": [ "1", "3" ] } }

Fixes: b0d9dcf84d ("procd: update to latest git HEAD")
Reported-by: Paul Donald <newtwen@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15331
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 4b04304713)
2024-04-29 23:30:04 +02:00
Petr Štetiar
8695bc3442
Revert "uboot-mediatek: fix build on Mac OS X"
This reverts commit 997ff740dc.
78cbd5apick as it should be fixed in commit 78cbd5a57e11 ("tools: macOS:
types.h: fix missing unsigned types").

References: #13833
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f691830307)
2024-04-27 06:53:23 +00:00
Petr Štetiar
c19f5076a5
Revert "uboot-sunxi: add missing type __u64"
This reverts commit 3cc57ba462 as it
should be fixed in commit 78cbd5a57e11 ("tools: macOS: types.h: fix
missing unsigned types").

References: #13833
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit bc47613cf0)
2024-04-27 06:53:22 +00:00
Rafał Miłecki
c69482a912 mac80211: backport ieee80211_set_sband_iftype_data()
It's needed by some drivers, e.g. mt7925, see:
mt7925/main.c:264:9: error: implicit declaration of function '_ieee80211_set_sband_iftype_data' [-Werror=implicit-function-declaration]

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-04-26 11:37:07 +02:00
Rafał Miłecki
17501f822f mac80211: backport ieee80211_vif_is_mld()
It's needed by some drivers, e.g. mt7925, see:
mt7925/mcu.c:2181:23: error: implicit declaration of function 'ieee80211_vif_is_mld' [-Werror=implicit-function-declaration]

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-04-26 11:37:07 +02:00
Christian Marangi
afb5fdd79a
netifd: packet-steering: silence error on applying queue mask
Some queues can't be tweaked and return -ENOENT if it's not multiqueue.

Silence any error from echo to produce a more clean bootlog.

Fixes: #12095
Suggested-by: Andris PE <neandris@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-18 12:43:06 +02:00