Starting with GCC 12, we have the possibility of mitigating straight-line
speculation vulnerabilities in x86-64 targets. Make it so.
Reported-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
No patches required a rebase, just updated checksum.
Build system: x86_64
Build-tested: ipq806x/R7800
Signed-off-by: John Audia <therealgraysky@proton.me>
Changes:
9c44557 opkg_remove: avoid remove pkg repeatly with option --force-removal-of-dependent-packages
2edcfad libopkg: set 'const' attribute for argv
This should fix the CI error in the packages repository, which happens with perl.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Mostly backports by a Red Hat employee as 0.62 and newer demands Python
3.7+. Same reason 0.61 is kept here.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
9eabf30 Release version 5.18.
2b3ddcb ethtool: fec: Change the prompt string to adapt to current situations
d660dde pretty: add missing message descriptions for rings
aaeb16a pretty: support u8 enumerated types
6b320b8 rings: add support to set/get cqe size
41fddc0 update UAPI header copies
42e6c28 help: fix alignment of rx-buf-len parameter
e1d0a19 ethtool.8: Fix typo in man page
37f0586 Release version 5.17.
8c2984c strset: do not put a pointer to a local variable to nlctx
8fd02a2 ioctl: add the memory free operation after send_ioctl call fails
b9f25ea ethtool: Add support for OSFP transceiver modules
6e79542 features: add --json support
5ed5ce5 Merge branch 'next' into master
b90abbb man: document recently added parameters
51a9312 tunables: add support to get/set tx copybreak buf size
a081c2a rings: add support to set/get rx buf len
d699bab Merge branch 'master' into next
52db6b9 Merge branch 'review/module-extstate' into next
6407b52 monitor: add option for --show-module/--set-module
1f35786 ethtool: Add transceiver module extended state
2d4c5b7 ethtool: Add ability to control transceiver modules' power mode
005908b Update UAPI header copies
Signed-off-by: Nick Hainke <vincent@systemli.org>
WolfSSL is crashing with an illegal opcode in some x86_64 CPUs that have
AES instructions but lack other extensions that are used by WolfSSL
when AES-NI is enabled.
Disable the option by default for now until the issue is properly fixed.
People can enable them in a custom build if they are sure it will work
for them.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Setting up DSA bond silently fails if mode is not 802.3ad. Add log message
to fix it. As we are already here harmonize all logging messages in the
add/delete functions.
Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
This reverts the airtime scheduler back from the virtual-time based scheduler
to the deficit round robin scheduler implementation.
This reduces burstiness and improves fairness by improving interaction with AQL.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The SFP cages 9F and 10F share the same SCL line. Currently, there
isn't a good way to model this. Thus, only one SFP port can be fully
supported.
Cage 10F is fully supported with an I2C bus and sfp handle. Linux
automatically handles enabling or disabling the TX laser.
Cage 9F is only parially supported, without the sfp handle. The SDA
line is hogged as an input, so that it remains high. SCL transitions
sould not affect modules connected to this cage. The default value of
the tx-disable line is high (active). It is exported as a gpio, but
the laser is off by default. To enable the laser:
echo 0 > /sys/class/gpio/sff-p9-tx-disable/value
Thus, both modules can be used for networking, but only 10F will be
able to detect and identify a plugged in SFP module.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Add support for the Engenius EWS2910P PoE switch. This is an RTL8380
based switch with two SFP slots, and PoE 802.3af one every RJ-45 port.
The specs say 802.3af, but the vendor firmware configures the PSE for
a budget of 31W, indicating 802.3at support.
Specifications:
---------------
* SoC: Realtek RTL8380M
* Flash: 32 MiB SPI flash Macronix MX25L25635E
* RAM: 256 MiB (As reported by bootloader)
* Ethernet: 16x 10/100/1000 Mbps with PoE
2x SFP slots
* Buttons: 1 "Reset" button on front panel
1 "LED mode: button on front panel
1 "On/Off" Toggle switch on the back
* Power: 48V-54V DC barrel jack
* UART: 1 serial header (JP1) with populated 2.54mm pitch header
Labeled GRTV for ground, rx, tx, and 3.3V respectively
* PoE: 1 STM ST32F100 microcontroller
2 BCM59111 PSE chips
Works:
------
- (8) RJ-45 ethernet ports
- Switch functions
- LEDs and buttons
Not yet enabled:
----------------
- SFP ports (will be enabled in a subsequent change)
- Power-over-Ethernet (requires realtek-poe package)
Install via web interface:
-------------------------
The factory firmware will accept and flash the initramfs image. It is
recommended to flash to "Partition 0". Flashing to "Partition 1" is
not supported at this point.
The factory web GUI will show the following warning:
" Warning: The firmware version is v0.00.00-c0.0.00
The firmware image you are uploading is older than the current
firmware of the switch. The device will reset back to default
settings. Are you sure you want to proceed?"
This is expected when flashing OpenWrt. After the initramfs image
boots, flash the -sysupgrade using either the commandline or LuCI.
Install via serial console/tftp:
--------------------------------
The u-boot firmware will not stop the boot, regardless of which key is
pressed. To access the u-boot console, ground out the CLK (pin 16) of
the ROM (U22) when u-boot is reading the linux image. If timed
correctly, the image CRC will fail, and u-boot will drop to a shell:
> rtk network on
> setenv ipaddr <address of tftp server>
> tftp $(freemem) <name-of-initramfs-image.bin>
> bootm
Then flash the -sysupgrade using either the commandline or luci.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[gpio-led node names, OpenWrt and LuCI capitalization in commit message]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Asus RT-N12+ B1 and Asus RT-N300 B1 are the same device
with a different name.
The OEM firmwares have the same MD5 with Asus RT-N11P B1.
Same instructions for Asus RT-N11P B1 see:
commit c3dc52e39a ("ramips: add support for Asus RT-N10P V3 / RT-N11P B1 / RT-N12 VP B1")
Signed-off-by: Semih Baskan <strstgs@gmail.com>
(Added id from the PR review to commit message)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Specifications:
- Device: ASUS RT-AX53U
- SoC: MT7621AT
- Flash: 128MB
- RAM: 256MB
- Switch: 1 WAN, 3 LAN (10/100/1000 Mbps)
- WiFi: MT7905 2x2 2.4G + MT7975 2x2 5G
- Ports: USB 3.0
- LEDs: 1x POWER (blue, configurable)
3x LAN (blue, configurable)
1x WAN (blue, configurable)
1x USB (blue, not configurable)
1x 2.4G (blue, not configurable)
1x 5G (blue, not configurable)
Flash by U-Boot TFTP method:
- Configure your PC with IP 192.168.1.2
- Set up TFTP server and put the factory.bin image on your PC
- Connect serial port(rate:115200) and turn on AP, then interrupt "U-Boot Boot Menu" by hitting any key
Select "2. Upgrade firmware"
Press enter when show "Run firmware after upgrading? (Y/n):"
Select 0 for TFTP method
Input U-Boot's IP address: 192.168.1.1
Input TFTP server's IP address: 192.168.1.2
Input IP netmask: 255.255.255.0
Input file name: openwrt-ramips-mt7621-asus_rt-ax53u-squashfs-factory.bin
- Restart AP aftre see the log "Firmware upgrade completed!"
Signed-off-by: Chuncheng Chen <ccchen1984@gmail.com>
(replaced led label, added key-* prefix to buttons, added note about
BBT)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Tim Small reported:
| Viewing the 'Network' -> 'Switch' config page in LuCI:
|
| The LuCI LAN 1 port corresponds to the port physically
| labelled 2 at the rear of the device.
| [...]
|
| When a patch cord is attached to the port labelled 1 [...],
| the LED labelled 2 illuminates. [...]
=> Ports, LuCI and LEDs are reversed/don't match.
Reported-by: Tim Small
Fixes: #10111
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Restore CONFIG_I8K + CONFIG_INTEL_INT0002_VGPIO that got
removed when I refreshed the config. Each x86 target gets
its own CONFIG_CRYPTO_BLAKE2S + LIB settings as only the
x86_64 can use the accelerated x86 version.
Also remove two extra spaces that sneaked into geode's config.
Fixes: 539e60539a ("generic: enable CRYPTO_LIB_BLAKE2S[_X86|_ARM]")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Ubiquiti UniFi Security Gateway (USG) is largely identical to
the EdgeRouter Lite (ERLite-3) apart from a different board ID
and two dome leds.
Device data (from WikiDev):
CPU: Cavium Octeon Plus CN5020 @500MHz 2-cores
Ethernet: 3x Atheros AR8035-A GbE PHY's
Flash: On-board 4MB Flash
Storage: Internal 3.8GB USB Flash (Kingston ID) drive
w/ 1.5GB free for use occupies single internal USB port.
Serial: 1x RJ45 port on front panel. 115200, 8N1
Buttons: 1x Reset
Flash instructions are identical to EdgeRouter Lite.
Signed-off-by: Clemens Hopfer <openwrt@wireloss.net>
1696f9eb8b40 mt76: mt7915: do not copy ieee80211_ops pointer in mt7915_mmio_probe
a4db5869d660 mt76: mt7915: update mpdu density in 6g capability
500c18014d95 mt76: mt7915: add sta_rec with EXTRA_INFO_NEW for the first time only
3ef66fc7c714 mt76: do not check the ccmp pn for ONLY_MONITOR frame
dd682eead016 mt76: mt7915: update the maximum size of beacon offload
4fb991f2c997 mt76: mt7615: add sta_rec with EXTRA_INFO_NEW for the first time only
ba39ed3b44f1 mt76: mt76x02: improve reliability of the beacon hang check
fd8211cf7c59 mt76: mt7921: sync with updated patch
f2edd340ddb4 mt76: allow receiving frames with invalid CCMP PN via monitor interfaces
b6e865e2cc70 mt76: mt7615: fix throughput regression on DFS channels
Signed-off-by: Felix Fietkau <nbd@nbd.name>
It was observed that `rootfs_data` was sometimes not correctly erased
after performing sysupgrade, resulting in previous settings to prevail.
Add call to `wrgg-pad-rootfs` in sysupgrade image recipe to ensure any
previous jffs2 will be wiped, consistent with DAP-2610 from the ipq40xx
target, which introduced the double-flashing procedure for these devices.
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
The MAC can be stored in OTP memory or in flash memory, currently the
driver could read it only from OTP. Backport the patch allowing setting
the MAC address from flash. Some modules have the OTP programmed but
the ODM/OEM decided to overwrite it with value stored in flash.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
This is now built-in, enable so it won't propagate on target configs.
Link: https://lkml.org/lkml/2022/1/3/168
Fixes: 79e7a2552e ("kernel: bump 5.15 to 5.15.44")
Fixes: 0ca9367069 ("kernel: bump 5.10 to 5.10.119")
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(Link to Kernel's commit taht made it built-in,
CRYPTO_LIB_BLAKE2S[_ARM|_X86] as it's selectable, 5.10 backport)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
These narrowments are no longer useful, since there's no lower version
than 5.10 supported in tree.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Remove backport:
- 001-examples-compile-with-make-check.patch
87fdf683 build: Bump version to 1.0.3
c4ec825b nft: simplify chain lookup in do_list_chain
4f6724f1 intervals: fix compilation --with-mini-gmp
4c20fe95 json: update json output ordering to place rules after chains
57741350 netlink_delinearize: release last register on exit
d6fdb0d8 sets_with_ifnames: add test case for concatenated range
88b2345a segtree: add pretty-print support for wildcard strings in concatenated sets
806ab081 netlink: swap byteorder for host-endian concat data
c224aa6b intervals: deletion should adjust range not yet in the kernel
ea1f1c9f optimize: memleak in statement matrix
0a6dbfce optimize: merge nat rules with same selectors into map
743b0e81 optimize: do not clone unsupported statement
c8b35039 optimize: incorrect logic in verdict comparison
fc4da141 src: fix always-true assertions
d1289bff intervals: set on EXPR_F_KERNEL flag for new elements in set cache
721b9dec tests: add concat test case with integer base type subkey
22b750aa src: allow use of base integer types as set keys in concatenations
3ed9fada intervals: build list of elements to be added from cache
e45b4939 intervals: fix deletion of multiple ranges with automerge
3b7b22ae intervals: add elements with EXPR_F_KERNEL to purge list only
ea31855d netlink: remove unused argument from helper function
48204bd7 intervals: Simplify element sanity checks
ab1b21be intervals: unset EXPR_F_KERNEL for adjusted elements
e0beff27 src: restore interval sets work with string datatypes
3e8d934e intervals: support to partial deletion with automerge
7a6e1604 evaluate: allow for zero length ranges
3da9643f intervals: add support to automerge with kernel elements
7b061e63 mnl: update mnl_nft_setelem_del() to allow for more reuse
fdb8e0ff src: remove rbtree datastructure
81e36530 src: replace interval segment tree overlap and automerge
f1cc44ed src: add EXPR_F_KERNEL to identify expression in the kernel
ad43b84e segtree: add support for get element with sets that contain ifnames
06db2308 segtree: use correct byte order for 'element get'
4c6681a7 tests: add testcases for interface names in sets
5e393ea1 segtree: add string "range" reversal support
2fb4d7ea src: make interval sets work with string datatypes
403936c1 evaluate: string prefix expression must retain original length
ada50f84 segtree: split prefix and range creation to a helper function
ae7d32fc evaluate: keep prefix expression length
d2b23984 evaluate: make byteorder conversion on string base type a no-op
c36ecfc2 tests: py: Add meta time tests without 'meta' keyword
6fa4ff56 tests: py: Don't colorize output if stderr is redirected
f561a0cc tests: monitor: Hide temporary file names from error output
75fea8a5 tests: py: extend meta time coverage
4460b839 meta: fix compiler warning in date_type_parse()
02100978 meta: time: use uint64_t instead of time_t
4e0026dc include: add missing `#include`
ab74fb5b examples: add .gitignore file
bcad4761 tests: py: add inet/vmap tests
214494aa optimize: Restore optimization for raw payload expressions
82762ab6 src: allow to use integer type header fields via typeof set declaration
64bb3f43 src: allow to use typeof of raw expressions in set declaration
ff0f30e3 expression: typeof verdict needs verdict datatype
60f5c107 src: copy field_count for anonymous object maps as well
4cf97abf rule: Avoid segfault with anonymous chains
4e718641 evaluate: init cmd pointer for new on-stack context
1ea71c23 optimize: do not assume log prefix
3f36cc6c optimize: do not merge unsupported statement expressions
19960c8d optimize: incorrect assert() for unexpected expression type
3de1dbd2 optimize: more robust statement merge with vmap
99eb4696 optimize: fix vmap with anonymous sets
e8f0fa21 scanner: Fix for ipportmap nat statements
59d184be scanner: dup, fwd, tproxy: Move to own scopes
069a0450 scanner: meta: Move to own scope
2165324d scanner: at: Move to own scope
a67fce7f scanner: nat: Move to own scope
578467c1 scanner: policy: move to own scope
a1669709 scanner: flags: move to own scope
020372d9 scanner: reject: Move to own scope
543bf3c2 scanner: import, export: Move to own scopes
88105810 scanner: reset: move to own Scope
8a7e430a scanner: monitor: Move to own Scope
e5547017 scanner: rt: Extend scope over rt0, rt2 and srh
04c95f14 scanner: type: Move to own scope
62a95698 scanner: dst, frag, hbh, mh: Move to own scopes
a060d912 scanner: ah, esp: Move to own scopes
4e215fdf scanner: osf: Move to own scope
5166b298 scanner: dccp, th: Move to own scopes
3e04a6e2 scanner: udp{,lite}: Move to own scope
bbdcfbfa scanner: comp: Move to own scope.
232f2c32 scanner: synproxy: Move to own scope
26b53653 scanner: tcp: Move to own scope
f5722119 scanner: igmp: Move to own scope
a7d8cca9 scanner: icmp{,v6}: Move to own scope
5d837d27 src: add tcp option reset support
1d507ce7 build: explicitly pass --version-script to linker
e98a9b83 libnftables.map: export new nft_ctx_{get,set}_optimize API
9eb98b3b tests: add test case for flowtable with owner flag
18a08fb7 examples: compile with `make check' and add AM_CPPFLAGS
Signed-off-by: Nick Hainke <vincent@systemli.org>
The redboot-fis parser has option to specify the location of FIS
directory, use that, instead of patching the parser to scan for it, and
specifying location in kernel config.
Tested-by: Brian Gonyer <bgonyer@gmail.com>
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
This image is supposed to be written with help of bootloader to the
flash, but as it stands, it's not aligned to block size and RedBoot will
happily create non-aligned partition size in FIS directory. This could
lead to kernel to mark the partition as read-only, therefore pad the
image to block erase size boundary.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
The bootloader on this board hid the partition containig MAC addresses
and prevented adding this space to FIS directory, therefore those had to
be stored in RedBoot configuration as aliases to be able to assigne them
to proper interfaces. Now that fixed partition size are used instead of
redboot-fis parser, the partition containig MAC addresses could be
specified, and with marking it as nvmem cell, we can assign them without
userspace involvement.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Don't comence the switch to RAMFS when the image format is wrong. This
led to rebooting the device, which could lead to false impression that
upgrade succeded.
Being here, factor out the code responsible for upgrading RedBoot
devices to separate file.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
After the kernel has switched version to 5.10, JA76PF2 and
RouterStations lost the capability to sysupgrade the OpenWrt version.
The cause is the lack of porting the patches responsible for partial
flash erase block writing and these boards FIS directory and RedBoot
config partitions share the same erase block. Because of that the FIS
directory can't be updated to accommodate kernel/rootfs partition size
changes. This could be remedied by bootloader update, but it is very
intrusive and could potentially lead to non-trivial recovery procedure,
if something went wrong. The less difficult option is to use OpenWrt
kernel loader, which will let us use static partition sizes and employ
mtd splitter to dynamically adjust kernel and rootfs partition sizes.
On sysupgrade from ath79 19.07 or 21.02 image, which still let to modify
FIS directory, the loader will be written to kernel partition, while the
kernel+rootfs to rootfs partition.
The caveats are:
* image format changes, no possible upgrade from ar71xx target images
* downgrade to any older OpenWrt version will require TFTP recovery or
usage of bootloader command line interface
To downgrade to 19.07 or 21.02, or to upgrade if one is already on
OpenWrt with kernel 5.10, for RouterStations use TFTP recovery
procedure. For JA76PF2 use instructions from this commit message:
commit 0cc87b3bac ("ath79: image: disable sysupgrade images for routerstations and ja76pf2"),
replacing kernel image with loader (loader.bin suffix) and rootfs
image with firmware (firmware.bin suffix).
Fixes: b10d604459 ("kernel: add linux 5.10 support")
Fixes: 15aa53d7ee ("ath79: switch to Kernel 5.10")
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(mkubntimage was moved to generic-ubnt.mk)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This SBC has Microchip TCN75 sensor, wich measures ambient temperature.
Specify it in dts to allow readout by applications using kernel hwmon
API.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
This updates prereq-build.mk to find a suitable realpath utility, and
adds another place to look for a suitable getopt utility.
realpath has been used most notably by scripts/ipkg-build since
commit bb95be9265 ("scripts,ipkg-build: use realpath for pkg_dir")
and there are assorted other uses of it during a build.
It is ordinarily provided by GNU coreutils. This adds a SetupHostCommand
to locate it either under its own name or under grealpath, the name that
it will be available as under MacPorts or Homebrew, which use
--program-prefix=g.
Similarly, update the SetupHostCommand for getopt to be able to locate a
util-linux getopt at the default path used by MacPorts, in the same
fashion that
commit cc16f5d73e ("build: try to find getopt in macOS homebrew's standard location")'
did for Homebrew. As there is no standard alternative --program-prefix
for util-linux utilities in the way that GNU packages often use a "g"
prefix, this path-based approach is required in case a non-util-linux
getopt (such as one provided by an OS) shadows the util-linux getopt
in the PATH.
Signed-off-by: Mark Mentovai <mark@moxienet.com>
Add support for LEDs of the CZ.NIC Turris Omnia using the upstream
driver.
There is no generic way to control the LEDs in UCI manner, however
the kernel module is the first step to actually use the RGB LEDs in
custom logic.
Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
(removed DMARC notice, added driver to Turris Omnia, moved module
recipe to target/linux/mvebu/modules.mk)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Make sure BootingFlag points to the system partition we install to.
The BootingFlag variable selects which system partition the system
boots from (0 => "Kernel", 1 => "Kernel2"). OpenWrt does not yet have
device specific support for this dual image scheme, and can therefore
only boot from "Kernel".
This has not been an issue until now, since all known OEM firmware
versions have ignored "Kernel2" - leaving the BootingFlag fixed at 0.
But the newest OEM firmware has a new upgrade procedure, installing
to the "inactive" system partition and setting BootingFlag accordingly.
This workaround is needed until the dual image scheme is fully
supported.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
For a TX->TX connected external phy to transmit/receive data, the rgmii2
pin group needs to be claimed with gpio function, at least for EdgeRouter X
SFP. We already claim the pin group under the pinctrl node with gpio
function on the gpio node on mt7621_ubnt_edgerouter-x.dtsi.
However, we should claim a pin group under its consumer node. It's the
ethernet node in this case, which we already claim the rgmii2 pin group
under it on mt7621.dtsi. Therefore, set the function as gpio on the rgmii2
node for EdgeRouter X SFP and get rid of claiming the rgmii2 pin group
under the pinctrl node. With this change, we also get to remove a
definition from mt7621_ubnt_edgerouter-x.dtsi which is specific to
EdgeRouter X SFP.
This change is tested on an EdgeRouter X SFP.
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>