Changes between 3.0.9 and 3.0.10 [1 Aug 2023]
* Fix excessive time spent checking DH q parameter value ([CVE-2023-3817])
* Fix DH_check() excessive time with over sized modulus ([CVE-2023-3446])
* Do not ignore empty associated data entries with AES-SIV ([CVE-2023-2975])
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Tear down all interfaces if the antenna settings change, so that the
capabilities can be recalculated properly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Fixes this error: hostapd: nl80211: kernel reports: integer out of range
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Check the phy before removing unrelated netdevs on the same hw device
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Package kernel module for Marvell 10G Ethernet PHYs found also in many
10G/1G/100M/10M RJ-45 SFP+ modules.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
When building xdp-tools with CONFIG_USE_LLVM_HOST=y, on a host that
enabled stack protector by default in Clang, compilation fails with the
following error:
CLANG xdp-dispatcher.o
clang-16: error: ignoring '-fstack-protector-strong' option as it is not currently supported for target 'bpfeb' [-Werror,-Woption-ignored]
Add -fno-stack-protector to BPF_CFLAGS to fix this.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Include AP ucode source file
Fixes: e56c5f7b276a ("hostapd: add ucode support, use ucode for the main ubus object")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
ChangeLog:
46952ef trace-cmd: Version 3.2
f5871a1 libtracecmd: Version 1.4.0
d498af1 trace-cmd build: Add trace-attach.c to meson build
736df06 trace-cmd: Add initial support for meson
e183566 libtracecmd: Add initial support for meson
c508713 trace-cmd test: Quiet valgrind from reporting forked children
8ec026f trace-cmd test: Close handle after opening
4c179a6 trace-cmd library: Fix memory leaks of followers
aa21520 trace-cmd: Add Makefile target for memory test
925e15f trace-cmd and library: Update the version to the development
4fa31c0 trace-cmd attach: Add new command "attach"
7e721ef trace-cmd library: Add tracecmd_get_tsc2nsec() API
8908555 tracecmd library: Unlock records in tracecmd_iterate_events()
2668b13 trace-cmd agent: Add "IP" to -N argument in help message
22ad81e trace-cmd record: Remove redundant check of instance in allocate_instance()
d7ce897 libtracecmd: Free buf_from in error path of tracecmd_compress_copy_from()
6776d7a trace-cmd: Update v7 trace.dat documentation to clarify the strings section
9d6f3ba trace-cmd record/extract: Do not destroy existing instances
9c9d5ed trace-cmd extract: Do not extract top level unless told to
4b92132 libtracecmd: Fix tracecmd_compress_copy_from() write size return
f30abfd documentation: trace-cmd-report: Document filter scope
7a390c5 trace-cmd-report: Support global filters
04ad2c6 trace-cmd report: Ensure filter is applied to single input file
edf9424 trace-cmd: Open code execvp routine to avoid multiple execve syscalls
Signed-off-by: Nick Hainke <vincent@systemli.org>
ChangeLog:
aebab37 libtracefs: version 1.7
a3237c3 libtracefs: Add initial support for meson
b25019f libtarcefs doc: Add tracefs_kprobe_destroy() to index man page
4c2194f libtracefs doc: State that tracefs_dynevent_create() is needed for tracefs_kprobe_alloc()
df53d43 libtracefs Documentation: Add missing prototypes in top level man page
9a2df4a libtracefs: Update version to 1.7.dev
18ede68 libtracefs: Add tracefs_kprobe_destory() API
309b1ba libtracefs tests: Add helper function to destroy dynamic events
53dce80 tracefs: Add tracefs_time_conversion() API
5ea4128 libtracefs: Add tracefs_find_cid_pid() API
857dd3e libtracefs/utest: Fix crashing of synth test when synths exist
6332309 libtracefs/utest: Do not use synth for test_synth element
25cd206 libtracefs: Clarify the tracefs_synth_create() man page
6b6d43f libtracefs: Do not allow tracefs_synth_set_instance() on created synth
c860f93 libtracefs: Documentation for tracefs_synth_set_instance
0039173 libtracefs: New API to set synthetic event instance
e97c311 libtracefs: Do not segfault in tests if synthetic events are not configured
185019c libtracefs: Add tracefs_instance_tracers() API
6775d23 libtracefs: Do not use hwlat tracer and fdb_delete event for tests
5a1a01e libtracefs: Add stacktrace to tracefs_sql()
b1b234e libtracefs: Unit test for tracefs_instance_reset()
dd620f4 libtracefs: Documentation for tracefs_instance_reset()
789e82d libtracefs: New API to reset ftrace instance
Signed-off-by: Nick Hainke <vincent@systemli.org>
8c2758b4fbbb wireless: add support for replacing data blobs at runtime
0ff22a6a68ce wireless: enable dynamic reconfiguration by default
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This implements vastly improved dynamic configuration reload support.
It can handle configuration changes on individual wifi interfaces, as well
as adding/removing interfaces.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This can be used to run a standalone EAP server that can be used from
other APs. It uses json as user database format and can automatically
handle reload.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Changelog from quic:
Bug fixes, stability improvements from previous releases
are present. There are no backward comatibility issues
with this release.
Reviewed-by: Robert Marko <robimarko@gmail.com>
Tested-by: Michał Kwiatek <michal@kwiatek.it> # Xiaomi AX3600
Signed-off-by: Michał Kwiatek <michal@kwiatek.it>
Add patch to fix build failure caused by a missing header which had
previously been implicitely included.
Fixes: 6ddb5f5a65 ("uboot-mediatek: update to version 2023.07.02")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Among the patches adding support for MT7988 also came the switch to
use fdtdec_setup_mem_size_base() and no longer rely on CFG_SYS_SDRAM_BASE.
Take care of our downstream boards which did not have a 'memory' node in
their device trees.
Fixes: 572ea68070 ("uboot-mediatek: add patches for MT7988 and builds for RFB")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Instead of using the hash of the Github-generated tarball use the
hash of the tarball generated by the OpenWrt build system (in this
case they are different, unfortunately).
Reported-by: Chen Minqiang <ptpt52@gmail.com>
Fixes: 07dbeb430e ("arm-trusted-firmware-mediatek: update to sources of 2023-07-24")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add support for the SKBPRIO queuing discipline. This is subtly
different than prio as it also drops packets from the lower priority
flows.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Fix more compilation error with kernel 6.1 and make it possible to
compile.
Multiple fix are done due to kernel bump:
- PDE_DATA (now deprecated) to pde_data
- dev_addr now const and require some cast
- prandom_u32 (now deprecated) to get_random_u32
Also other minor fix for always true condition and tasklet type cast not
compatible.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Due to some hiccup my local urngd-2023-07-25-7aefb47b.tar.xz ended up
being different from archived one. Repackaging it locally confirmed the
previous hash was incorrect.
Fixes: c74b5e09e692 ("urngd: update to the latest master")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This patch makes some improvements to the MT7620 RF calibration.
1. Move MT7620 PA/LNA calibration code to dedicated functions.
2. Restore RF and BBP registers before R-Calibration.
3. Do Rx DCOC calibration again before RXIQ calibration.
4. Use SoC specific AGC initial LNA value.
5. Correct MAC_RX_EN mask in rt2800_r_calibration()[1].
[1] This change may fix the "BBP/RF register access failed" error:
ieee80211 phy0: rt2800_wait_bbp_rf_ready: Error - BBP/RF register access failed, aborting
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Import pending patches adding support for MT7988 and provide builds
for the reference board for all possible boot media.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Release 2023.07 got tagged wrongly and replaced by follow-up release
2023.07.02.
Now using upstream DTS for BPi-R3.
Removed two patches which made it upstream, refreshed the rest.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Use updated Trusted Firmware-A sources from MediaTek, now stacked
on top of the ARM Trusted Firmware-A v2.9 release.
Add builds for the newly added MT7988 SoC.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Since 2021.07 multiple bugs were introduced that made it impossible to
create a bootable target for mvebu. Those issues should be now fixed since
2023.07-rc1.
References: #11661
Signed-off-by: Oli Ze <olze@trustserv.de>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Tested-by: Andre Heider <a.heider@gmail.com> # espressobin-v3-v5-1gb-2cs
Signed-off-by: Petr Štetiar <ynezz@true.cz> [facelift]
Because this device enable NMBM by default, most users use custom
U-Boot with NMBM-Enabled in Chinese forums.
This layout is the same as the ubootmod layout but enabling NMBM.
Signed-off-by: Hank Moretti <mchank9999@gmail.com>
The existing implementation incorrectly reported `running` for services
without any instances or with all instances stopped/terminated.
Improve the default implementation of `/etc/init.d/* status` to properly
report services with not running instances. In case a service exists,
but without running instance, the status call will now report
"not running" with exit code 5. In case some instances are running and
some are stopped/terminated, the call will report "running (X/Y)" where
`X` denoted the amount of running instances and `Y` the amount of total
registered ones.
Ref: https://forum.openwrt.org/t/x/159443
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
8667347 build: allow passing SOVERSION value for dynamic library
Also adjust packaging of the library to only ship the SOVERSION
suffixed library object, to allow for concurrent installation of
ABI-incompible versions in the future.
Fixes: #13082
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
350b960 add support for multi GNSS solutions
fb87d0f ugps: add baud rate command line option
a8171a0 main.c: -S does not take any options
Build-tested: ramips/ltap-2hnd
Run-tested: ramips/ltap-2hnd
Signed-off-by: Arne Zachlod <arne@nerdkeller.org>
At least Fedora and RHEL 9 set RSAMinSize=2048, so when trying to use
failsafe, we get 'Bad server host key: Invalid key length'
To workaround the issue, we can use: ssh -o RSAMinSize=1024 ...
Generating 2048 bits RSA is extremely slow, so add ed25519.
We keep RSA 1024 to be as compatible as possible.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
53edfc7aaa34 wifi: mt76: mt7603: fix beacon interval after disabling a single vif
7ef4dd12d982 wifi: mt76: mt7603: fix tx filter/flush function
152608a40aa7 wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
cacac3902a63 wifi: mt76: split get_of_eeprom in subfunction
cd3dfe392769 wifi: mt76: add support for providing eeprom in nvmem cells
Signed-off-by: Felix Fietkau <nbd@nbd.name>
7aefb47 jitterentropy-rngd: update to the v1.2.0
What's interesting about jitterentropy-rngd v1.2.0 release is that it
bumps its copy of jitterentropy-library from v2.2.0 to the v3.0.0. That
bump includes a relevant commit 3130cd9 ("replace LSFR with SHA-3 256").
When initializing entropy jent calculates time delta. Time values are
obtained using clock_gettime() + CLOCK_REALTIME. There is no guarantee
from CLOCK_REALTIME of unique values and slow devices often return
duplicated ones.
A switch from jent_lfsr_time() to jent_hash_time() resulted in many less
cases of zero delta and avoids ECOARSETIME.
Long story short: on some system this fixes:
[ 6.722725] urngd: jent-rng init failed, err: 2
This is important change for BCM53573 which doesn't include hwrng and
seems to have arch_timer running at 36,8 Hz.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Kernel 6.1 have renamed complete_and_exit to kthread_complete_and_exit.
This was just a rename and nothing is changed implementation wise.
Fix compilation error by using the new symbol name.
Fix compilation error:
In file included from /builder/shared-workdir/build/sdk/build_dir/target-aarch64_cortex-a53_musl/linux-bcm27xx_bcm2710/rtl8812au-ct-2021-11-07-39df5596/include/osdep_service.h:41,
from /builder/shared-workdir/build/sdk/build_dir/target-aarch64_cortex-a53_musl/linux-bcm27xx_bcm2710/rtl8812au-ct-2021-11-07-39df5596/include/drv_types.h:32,
from /builder/shared-workdir/build/sdk/build_dir/target-aarch64_cortex-a53_musl/linux-bcm27xx_bcm2710/rtl8812au-ct-2021-11-07-39df5596/core/rtw_cmd.c:22:
/builder/shared-workdir/build/sdk/build_dir/target-aarch64_cortex-a53_musl/linux-bcm27xx_bcm2710/rtl8812au-ct-2021-11-07-39df5596/core/rtw_cmd.c: In function 'rtw_cmd_thread':
/builder/shared-workdir/build/sdk/build_dir/target-aarch64_cortex-a53_musl/linux-bcm27xx_bcm2710/rtl8812au-ct-2021-11-07-39df5596/include/osdep_service_linux.h:166:23: error: implicit declaration of function 'complete_and_exit' [-Werror=implicit-function-declaration]
166 | #define thread_exit() complete_and_exit(NULL, 0)
| ^~~~~~~~~~~~~~~~~
/builder/shared-workdir/build/sdk/build_dir/target-aarch64_cortex-a53_musl/linux-bcm27xx_bcm2710/rtl8812au-ct-2021-11-07-39df5596/core/rtw_cmd.c:706:9: note: in expansion of macro 'thread_exit'
706 | thread_exit();
| ^~~~~~~~~~~
/builder/shared-workdir/build/sdk/build_dir/target-aarch64_cortex-a53_musl/linux-bcm27xx_bcm2710/rtl8812au-ct-2021-11-07-39df5596/core/rtw_cmd.c:708:1: error: control reaches end of non-void function [-Werror=return-type]
708 | }
| ^
cc1: all warnings being treated as errors
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This patch adds basic TX power control for the MT7620 and limits its
maximum TX power. This can avoid the link speed decrease caused by
chip overheating.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Hardware
--------
CPU: Mediatek MT7981
RAM: 512M DDR4
FLASH: 256M NAND
ETH: MaxLinear GPY211 (2.5GbE N Base-T)
WiFi: Mediatek MT7981 (2.4GHz 2T2R:2 5GHz 3T3R:2 802.11ax)
BTN: 1x Reset
LED: 1x Multi-Color
UART Console
------------
Available below the rubber cover next to the ethernet port.
Settings: 115200 8N1
Layout:
<12V> <LAN> GND-RX-TX-VCC
Logic-Level is 3V3. Don't connect VCC to your UART adapter!
Installation Web-UI
-------------------
Upload the Factory image using the devices Web-Interface.
As the device uses a dual-image partition layout, OpenWrt can only
installed on Slot A. This requires the current active image prior
flashing the device to be on Slot B.
In case this is not the case, OpenWrt will boot only one time, returning
to the ZyXEL firmware the second boot.
If this happens, first install a ZyXEL firmware upgrade of any version
and install OpenWrt after that.
Installation TFTP / Recovery
----------------------------
This installation routine is especially useful in case of a bricked
device.
Attach to the UART console header of the device. Interrupt the boot
procedure by pressing Enter.
The bootloader has a reduced command-set available from CLI, but more
commands can be executed by abusing the atns command.
Boot a OpenWrt initramfs image available on a TFTP server at
192.168.1.66. Rename the image to nwa50axpro-openwrt-initramfs.bin.
$ atnf nwa50axpro-openwrt-initramfs.bin
$ atna 192.168.1.88
$ atns "192.168.1.66; tftpboot; setenv fdt_high 0xffffffffffffffff;
bootm"
Upon booting, set the booted image to the correct slot:
$ zyxel-bootconfig /dev/mtd9 get-status
$ zyxel-bootconfig /dev/mtd9 set-image-status 0 valid
$ zyxel-bootconfig /dev/mtd9 set-active-image 0
Copy the OpenWrt sysupgrade image to the device using scp.
Write the sysupgrade image to NAND using sysupgrade.
$ sysupgrade -n image.bin
Signed-off-by: David Bauer <mail@david-bauer.net>