Commit Graph

22241 Commits

Author SHA1 Message Date
Tianling Shen
7a96d36188 rockchip: fix baudrate for Radxa E25
According to the documentation[1], the serial baudrate of E25 is
115.2 Kbps, and setting it to 1.5 Mbps will cause onboard CH340B
USB-UART chip unstable.

Since mainline TPL is yet available, download patched TPL binary
from Radxa.

1. https://wiki.radxa.com/Rock3/CM/CM3I/E25/getting_started

Fixes: https://github.com/openwrt/openwrt/issues/15814
Fixes: f7c732bf9e ("rockchip: add Radxa E25 board support")
Tested-by: FUKAUMI Naoki <naoki@radxa.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15870
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-10 09:46:19 +02:00
Tan Zien
9a8111fb25 libiwinfo: update to Git HEAD (2024-07-06)
2158201 devices: add device id for Atheros AR9590

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15889
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-10 09:40:26 +02:00
Rosen Penev
2beadefaa0 readline: override termlib for host
For some reason, it's not working right locally. Override as is done
with the target build.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15916
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-10 09:39:32 +02:00
Robert Marko
3d7cb14211 qualcommax: ipq807x: add Asus RT-AX89X BX revision
This commit adds support for Asus RT-AX89X BX revision.

WARNING: Only the BX revision boards (So B1, B2 etc) are supported because
AX revision boards use IPQ8074 v1 SoC which is unsupported.

Specifications:
---------------
* CPU: Qualcomm IPQ8074A Quad core Cortex-A53 @ 2.2GHz
* RAM: 1024MB
* Storage: 256MB SLC NAND (Macronix MX30UF2G18AC)
* Ethernet:
	* 5x 1G RJ45 ports via QCA8337 switch
	* 3x 1G RJ45 ports via internal switch (QCA8075 PHY)
	* 1x 10G RJ45 via internal switch (AQR113C PHY)
	* 1x 10G SFP+ slot via internal switch
* WLAN:
	* 2.4GHz 4x4
	* 5GHz 8x8
	* 8 external antennas
* USB: 2x USB 3.0 Type-A
* Buttons:
	* Power switch
	* WPS
	* Reset
	* Wireless ON/OFF
	* LED ON/OFF
LED-s:
	* Power
	* Wi-Fi
	* WAN
	* 10G
	* SFP+
Power:
	* 19.5V via DC jack

Installation instructions:
--------------------------
1. Flash temporary OpenWrt initramfs:
* Flash openwrt-qualcommax-ipq807x-asus_rt-ax89x-initramfs-factory.trx
via the stock firmware.
Administration -> Firmware Upgrade -> Manual Firmware update (Upload)

After flashing the device will reboot with OpenWrt initramfs and it can
be accesed via any of the LAN ports via SSH with the usual OpenWrt
default credentials.

2. Sysupgrade from OpenWrt initramfs:
* Copy openwrt-qualcommax-ipq807x-asus_rt-ax89x-squashfs-sysupgrade.bin to
/tmp/openwrt-qualcommax-ipq807x-asus_rt-ax89x-squashfs-sysupgrade.bin of
the running initramfs image.
* Simply sysupgrade -n /tmp/openwrt-qualcommax-ipq807x-asus_rt-ax89x-squashfs-sysupgrade.bin

After flashing the device will reboot with OpenWrt initramfs and it can
be accesed via any of the LAN ports via SSH with the usual OpenWrt
default credentials.

Link: https://github.com/openwrt/openwrt/pull/15840
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-09 12:33:17 +02:00
Robert Marko
cc459f55e1 firmware: ipq-wifi: add Asus RT-AX89X BDF
Include the Asus RT-AX89X BDF.

Link: https://github.com/openwrt/openwrt/pull/15840
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-09 12:33:17 +02:00
Robert Marko
d55f4aeee0 kernel: qca-ssdk: set OF node for the SFP PHY
Currently, SSDK is creating a fake SFP PHY which has no OF node populated,
thus making it impossible to pass it to NSS-DP so port can actually work.

We eliminated QCA-s connecting of the PHY by manually creating a string
and then matching by name and instead only support passing the PHY as
phandle via phy-handle.

So, lets just use the switch port node to which the SFP is connected to
anyway and set it as the PHY device OF node so we can pass it to NSS-DP.

Link: https://github.com/openwrt/openwrt/pull/15840
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-09 12:33:17 +02:00
Rosen Penev
d7a76fc351 readline: fix pkgconfig usage
ncurses is built with wide support enabled, which enables libncursesw.
The problem is, the ncurses build system only supplies ncursesw or
ncurses.pc but not both. The other problem is, the readline build tests
for libncurses before the w variant, making its pc file unusable as
there is no ncurses.pc file to satisfy the Required: ncurses section.

Just override the library.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15864
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-08 09:44:21 +02:00
Rosen Penev
1b141cb3d1 ncurses: enable pc files in the host build
Needed for things such as readline that depend on ncurses.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15864
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-08 09:44:21 +02:00
Daniel Golle
a307f8f84b procd: bump to git HEAD
f230c11 utils: use strlcpy when appropriate
 a8cf548 jail: fix copy & paste error in parseOCIlinux()
 1e411a5 utils: get_cmdline_val: add missing error check

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-07-07 21:25:52 +01:00
Martin Schiller
4624711139 kernel: ltq-adsl: fix enum missmatch on linux 6.6
Convert DSL_XTUDir_t to DSL_AccessDir_t to get rid of enum-conversion
warning.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Link: https://github.com/openwrt/openwrt/pull/15811
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 17:50:23 +02:00
Daniel Golle
8a40d49a56 ltq-tapi: fix build with Linux 6.6
Satisfy compiler expectations in a hell of typedef's and get rid of
system-wide workqueue flush. Results in warning-free compile of the TAPI
driver also with Linux 6.6.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Link: https://github.com/openwrt/openwrt/pull/15811
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 17:50:23 +02:00
Dirk Buchwalder
9e49593ff7 mediatek: filogic: add support for TP-LINK RE6000XD
This commit adds support for TP-LINK RE6000XD.
The device is quite similar to the Mercusys MR90X V1,
except only 3 LAN ports and more LEDs.
So thanks to csharper2005 for doing all the groundwork.

Device specification
--------------------
SoC Type:   MediaTek MT7986BLA, Cortex-A53, 64-bit
RAM:        MediaTek MT7986BLA (512MB)
Flash:      SPI NAND GigaDevice (128 MB)
Ethernet:   MediaTek MT7531AE + 2.5GbE MaxLinear GPY211C0VC (SLNW8)
Ethernet:   1x2.5Gbe (LAN3 2.5Gbps), 2xGbE (LAN 1Gbps, LAN1,
            LAN2)
WLAN 2g:    MediaTek MT7975N, b/g/n/ax, MIMO 4x4
WLAN 5g:    MediaTek MT7975P(N), a/n/ac/ax, MIMO 4x4
LEDs:       8 LEDs, 1 status blue, 2x WIFI blue, 2x signal
	    blue/red, 3 LAN blue gpio-controlled
Button:     2 (Reset, WPS)
USB ports:  No
Power:      12 VDC, 2 A
Connector:  Barrel
Bootloader: Main U-Boot - U-Boot 2022.01-rc4. Additionally, ubi0
            partition contain "seconduboot" (also U-Boot 2022.01-rc4)

Serial console (UART), unpopulated
---------------------
                            V
+-------+-------+-------+-------+
| +3.3V |  GND  |  TX   |  RX   |
+---+---+-------+-------+-------+
    |
    +--- Don't connect

Disassemble: rm the 2 screws at the bottom and the one at the backside.
            un-clip the case starting at the edge above the LEDs.

Installation (UART)
-------------------
1. Place OpenWrt initramfs image on tftp server with IP 192.168.1.2
2. Attach UART, switch on the router and interrupt the boot process by
   pressing 'Ctrl-C'
3. Load and run OpenWrt initramfs image:
      tftpboot openwrt-mediatek-filogic-tplink_re6000xd-initramfs-kernel.bin bootm
4. Run 'sysupgrade -n' with the sysupgrade OpenWrt image

Notice: while I was successfull at activating ssh (as described
        here:
        https://www.lisenet.com/2023/gaining-ssh-access-to-tp-link-re200-wi-fi-range-extender/)

        Unfortunately I haven't found the correct root password.
        Looks like they are using a static password
        (md5crypt, salt + 21 characters) that is not the web
        interface admin password.

        The TP-LINK RE900XD looks like the very same device,
        according to the pictures and the firmware.
        But I haven't checked if the OpenWrt firmware works as well
        on that device.

        The second ubi partition (ubi1) is empty and there is no known
        dual-partition mechanism, neither in u-boot nor in the stock firmware.

Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>
2024-07-04 22:14:32 +02:00
Tianling Shen
18f04617f4 uboot-rockchip: Update to 2024.07
Re-enable FIT signature verification since we switched to use hyphen
for node name separators in commit 2b133ab19c ("scripts: use sep-char for hash nodes").

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-04 21:21:36 +02:00
Shiji Yang
cdfd0b74a2 uboot-envtools: update to U-Boot release v2024.07
Remove upstreamed patches:
010-fw_env-fix-reading-NVMEM-device-s-compatible-value.patch
[commit f29c5ca33df4c77b9af2cbfb7ed90bf336613522]

011-fw_env-keep-calling-read-until-whole-flash-block-is-.patch
[commit 9e3003f79d168eac7ee65cd457e3904e2fb4eea8]

012-fw_env-autodetect-NAND-erase-size-and-env-sectors.patch
[commit d73a6641868029b5cae53ed00c5766921c9d8b1f]

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-07-04 21:16:02 +02:00
FUKAUMI Naoki
1664e506ac uboot-rockchip: use u-boot-rockchip.bin
use u-boot-rockchip.bin to copy SPL/TPL/U-Boot to the image.

since binman was used in mainline u-boot for rockchip, we can use
u-boot-rockchip.bin instead of idbloader.img and u-boot.itb.

Reviewed-by: Tianling Shen <cnsztl@immortalwrt.org>
Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15815
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-04 19:26:00 +02:00
Rodrigo Balerdi
702bad7212 ipq40xx: add BDFs for Linksys WHW03 V1
BDFs come from latest firmware, version 1.1.19.209880 (2022-06-20):
- /lib/firmware/IPQ4019/v1/FCC/boardData_1_0_IPQ4019_DK04_2G.bin
- /lib/firmware/IPQ4019/v1/FCC/boardData_1_0_IPQ4019_DK04_5G.bin
- /lib/firmware/QCA9888/v1/FCC/boardData_2_0_QCA9888_5G_Y9690_SBS_HB.bin

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15844
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-04 19:14:20 +02:00
Rodrigo Balerdi
799829f418 ipq-wifi: update to Git HEAD (2024-06-30)
f54581d ipq6018: add BDF for Edgecore EAP101
6df42f9 ipq40xx: add BDFs for Linksys WHW03 V1
e82cba7 ipq8074: add TP-Link EAP660 HD v1 BDF

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15844
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-04 19:14:20 +02:00
Hauke Mehrtens
4cc69a6542
kernel: Add kmod-sctp-diag
Package the sctp_diag.ko file which already gets build when kmod-sctp
and kmod-inet-diag are selected.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:02 +02:00
Hauke Mehrtens
8b4fd1c0de
kernel: Add kmod-mfd
Package the mfd-core.ko kernel module. It is selected by the
kmod-hwmon-gsc already.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:02 +02:00
Hauke Mehrtens
4e33427965
kernel: Add mtd_nandbiterrs.ko to kmod-mtdtests
The mtd_nandbiterrs.ko kernel module was added with kernel 3.7. We
should package it like the other test modules.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:01 +02:00
Hauke Mehrtens
2ebeda0294
kernel: Add kmod-crypto-xxhash
kxxhash_generic.ko is a soft dependency of kmod-fs-btrfs, but we did not
package it. Extract the kmod-lib-xxhash and then package
xxhash_generic.ko.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:01 +02:00
Hauke Mehrtens
f89091bba6
kernel: Add kmod-crypto-blake2b
The kmod-fs-btrfs package has a soft dependency to kmod-crypto-blake2b

The CONFIG_BTRFS_FS kernel build option selects CONFIG_CRYPTO_BLAKE2B,
but we did not package it before.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:00 +02:00
Hauke Mehrtens
fac507606d
kernel: Fix kmod-lib-lz4 packaging
The kernel provides two variants of the lz4 compression a normal version
and a high compression mode version. The old kmod-lib-lz4 package
contained the normal version plus one part of the lz4hc version. There
was already code which selected the kmod-lib-lz4hc package which did
not exists.

I split this into 3 packages. kmod-lib-lz4 and kmod-lib-lz4hc for the
normal the and high compression algorithm which contain the specific
code and the kmod-lib-lz4-decompress which contains the common
decompressor.

New we are also packaging lz4hc.ko

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:11:00 +02:00
Hauke Mehrtens
b0953c4fbf
kernel: Extract kmod-nf-dup-inet
The nf_dup_ipv4.ko and nf_dup_ipv6.ko kernel module were packaged by
kmod-ipt-tee and kmod-nft-dup-inet at the same time. Extract them into a
separate package used by both.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-07-03 13:10:59 +02:00
Sean Khan
c27fd6fd97 f2fs-tools: Add missing 'f2fslabel' symlink
`f2fslabel` is already built into `f2fs.fsck`, but is missing its symlink
in the final package.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15851
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-03 11:14:42 +02:00
Stijn Tintel
6b16eaf840 wifi-scripts: add missing dependency on ucode-mod-uci
Fixes the following error:

Syntax error: Unable to resolve path for module 'uci'
In line 3, byte 27:

 `import * as uci from 'uci';`
  Near here ----------------^

Fixes: 4a3ed518b2 ("wifi-scripts: rewrite wifi detect code in ucode")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2024-07-03 01:40:15 +03:00
David Bauer
89d7051485 hostapd: bump PKG_RELEASE
Signed-off-by: David Bauer <mail@david-bauer.net>
2024-06-30 22:23:11 +02:00
David Bauer
68e4cc9be5 hostapd: don't ignore probe-requests with invalid DSSS params
Don't ignore probe requests which contain an invalid DS parameter for the
current operating channel.

As the comment outlines, the drop shall only apply if
dot11RadioMeasurementActivated is set to 1.

However, it was observed Linux clients (Debian 12 / NixOS 23.11)
with an Intel 8265 NIC may generate a probe request frame with
dot11RadioMeasurementActivated set to false and an invalid DSSS
parameter.

These were also dropped even though they should not have been. They
however should not have contained this parameter in the first place.

Don't drop Probe Requests which contain such an invalid field. This may
lead to more probe responses being sent, however it does fix very
frequent connection issues for these clients on 2.4 GHz.

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-06-30 22:23:11 +02:00
Rosen Penev
7c32295b00 e2fsprogs: remove HostBuild
These things already get built and installed by tools/e2fsprogs. No need
to duplicate.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15822
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-28 11:25:58 +02:00
Álvaro Fernández Rojas
e04533ae7b bcm63xx-cfe: update to latest version
sagem: fast-3864-op:add cferam.000 file
tp-link: archer vr400 v1: add cfe file

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-06-26 19:26:34 +02:00
Robert Marko
2b666bb827 utils: mtd-utils: update to 2.2.0
Release notes:
https://lists.infradead.org/pipermail/linux-mtd/2024-March/104058.html

mtd-utils are currently depending on zlib, however it is not expressed
as a dependency and it is somehow being only pulled-in by lincurses-devel
so mtd-utils were able to compile.

Since 2.2.0 zlib is optional so lets disable support for it like for other
compressors since we dont package the mkfs.ubifs or mkfs.jffs2 that
are only users of compressors anyway.

Link: https://github.com/openwrt/openwrt/pull/15802
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-26 09:23:27 +02:00
Robert Marko
116903082b utils: mtd-utils: drop autoreconf
Now that we are not patching mtd-utils with JFFS2 LZMA support there
is no need for autoreconf to be run.

Link: https://github.com/openwrt/openwrt/pull/15802
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-26 09:23:26 +02:00
Robert Marko
fb2fa8f7c2 utils: mtd-utils: drop patches
We have been carrying the 100-fix_includes.patch and 130-lzma_jffs2.patch
for a long time but the reason is lost to history.

We dont need to carry the JFFS2 LZMA support patch as mkfs.jffs2 is not
even being packaged so its not even being used.

As for the 100-fix_includes.patch that also seems like a relic of history
as mtd-utils compiles fine without it.

So, lets drop both patches.

Link: https://github.com/openwrt/openwrt/pull/15790
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-25 13:01:45 +02:00
Christian Marangi
be26643e91
generic: 6.6: backport patch for G671 PWM Fan controller support
Backport patch for G761 PWM Fan controller support. This is used by
an ipq807x RAX120v2 and have an internal clock that was currently
unconfigured making the device not working.

Link: https://github.com/openwrt/openwrt/pull/15796
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-25 12:52:43 +02:00
Robert Marko
14bf60deb8 uboot-mvebu: add support for MikroTik RB5009
MikroTik RB5009 uses RouterBoot as its bootloader like all MikroTik devices
running RouterOS, meaning that its not FIT compatible and can only boot
ELF images.

Now this is not so much of an issue on ARM or MIPS since kernel supports
appending DTB-s to it (Or we patch the kernel to embed it), but on ARM64
there is intentionally no such support.

RouterBoot will pass a DTB, but its the broken MikroTik one which is a
modified reference DTB and incorrect in more places than its valid so we
cannot use it to boot our kernel.

Thus, the solution is to use an intermediary loader and luckily for us
Armada 7040 is well supported in U-Boot which makes it a great option since
it supports anything that we will ever need to boot.

Upstream U-Boot currently requires the Armada boards to be converted to
OF_UPSTREAM before adding anything new and this requires updating all of
the drivers to accomodate the Linux DTS, while I plan to do this eventually
we will need to keep this board downstream for now.

Most stuff is supported in U-Boot, including networking since the switch
is preconfigured by RouterBoot.

A custom environment is used to try and boot from the following devices:
1. NAND (UBI)
2. USB
3. Networking

If NAND boot fails then U-Boot will attempt to boot OpenWrt initramfs from
USB or via networking.

There is a manual recovery mechanism implemented where if the reset button
is held when U-Boot is booting it will try to boot OpenWrt initramfs from:
1. USB
2. Networking

When U-Boot is in recovery mode it will light all of the LED-s except the
switch ones.

Link: https://github.com/openwrt/openwrt/pull/15765
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-24 09:46:19 +02:00
Álvaro Fernández Rojas
ea2ff25d4c generic: 6.6: backport upstream r8169 patches
Backport a bunch of upstream r8169 patches:
- RTL8168/RTL8101 LEDs support.
- RTL8126A support.
- RTL8125/RTL8126 LEDs support.
- RTL8168M support.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-06-24 05:36:14 +02:00
Álvaro Fernández Rojas
2f5c57ced6 linux-firmware: add RTL8126 firmware
This commit adds RTL8126 firmwares to r8169-firmware package.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-06-23 22:36:28 +02:00
Robert Marko
de5d1f44ae qca-ssdk: fix compiling for ipq60xx
Trying to compile for ipq60xx will fail with:
ERROR: modpost: "qca808x_phy_reset" [build_dir/target-aarch64_cortex-a53_musl/linux-qualcommax_ipq60xx/qca-ssdk-2024.06.13~c451136b/qca-ssdk.ko] undefined!

So, lets fix this by disabling Manhattan switch and PHY support as this is
the new 2.5G quad port switch that is not present on ipq60xx boards.

Fixes: 87a45ea432 ("kernel: qca-ssdk: update 12.5 to 2024-06-13")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 17:43:36 +02:00
Kristian Skramstad
87a45ea432 kernel: qca-ssdk: update 12.5 to 2024-06-13
There are some new commits, so refresh and update patches.
Some build warnings have been fixed upstream too.

Add backport target/linux/generic/backport-6.6/722-v6.10-dt-bindings-arm-qcom-ids-Add-SoC-ID-for-IPQ5321.patch.

Removed upstream:
[-] qca-ssdk/patches/101-hsl_phy-add-support-for-detection-PSGMII-PHY-mode.patch
[-] qca-ssdk/patches/201-fix-compile-warnings.patch

List of changes:
2024-04-16  -c451136b-  qca-ssdk: strip MRPPE code
2024-06-05  -f455a820-  [qca-ssdk]: fix enum-int-mismatch warnings
2024-05-31  -bbfc0fa9-  Merge "[qca-ssdk]: update eee status of phydev"
2024-05-31  -adbe9dc5-  Merge "[qca-ssdk]: support psgmii and uqsxgmii mode of kernel"
2024-05-31  -d06ca777-  Merge "[qca-ssdk]: fix 5G issue with the AQR FW that use 5gbaser for 5G speed"
2024-05-31  -c6f539a5-  Merge "qca-ssdk: support mrppe pktedit padding functions"
2024-04-29  -c321e2a9-  qca-ssdk: support mrppe pktedit padding functions
2024-05-24  -ee6e201e-  qca-ssdk: Fix the big endian compile error
2024-05-15  -8c116bb9-  [qca-ssdk]: update eee status of phydev
2024-05-20  -f0341a2c-  Merge "qca-ssdk: Enable igmp for PPE MINI profile"
2024-05-16  -44a0ce93-  qca-ssdk: Enable igmp for PPE MINI profile
2024-05-15  -8b91bbf6-  [qca-ssdk]: support psgmii and uqsxgmii mode of kernel
2024-05-14  -7eec1658-  [qca-ssdk]: fix 5G issue with the AQR FW that use 5gbaser for 5G speed
2024-05-12  -b9f5ea0e-  [qca-ssdk]: ethtool support, do not change wake-up timer when the requested timer is 0
2024-05-09  -5e2c15ed-  Merge "[qca-ssdk]: remove check when mht clock enable"
2024-05-09  -a1563b90-  Merge "[qca-ssdk] support new sku IPQ5321"
2024-04-23  -f04b7680-  [qca-ssdk]: show unknown status when link down
2024-03-22  -33b91b30-  [qca-ssdk]: remove check when mht clock enable
2024-04-29  -b6362f2b-  Merge "qca-ssdk:fix bug in marina nptv6 iid cal"
2024-04-29  -097033ae-  Merge "[qca-ssdk] support cypress uniphy0 connecting MHT switch port0"
2024-04-24  -d45560fd-  qca-ssdk:fix bug in marina nptv6 iid cal
2024-04-24  -7d7a42af-  qca-ssdk: enable policer counter on low memory profile
2024-04-18  -e36cf6ea-  Merge "[qca-ssdk]: change portvlan egress mode initial value as untouched"
2024-04-18  -27817881-  Merge "[qca-ssdk]: update the aqr phy supported ability"
2024-04-18  -5a3a693c-  Merge "qca-ssdk:support marina nptv6"
2024-04-16  -129fe9b3-  Merge "qca-ssdk: support tunnel fields and innner fields inverse"
2024-01-09  -fc8f6abd-  qca-ssdk:support marina nptv6

Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Link: https://github.com/openwrt/openwrt/pull/15771
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 17:42:17 +02:00
Nathaniel Wesley Filardo
7d71c03ab1 kernel: crypto: remove FCRYPT from miscellany
It has its own dedicated knob

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15761
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 14:07:17 +02:00
Nathaniel Wesley Filardo
98793e02f7 kernel: catch up rxrpc
New dependencies required for the module to be useful, and correct IPv6 support

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15761
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-23 14:07:17 +02:00
Sean Khan
31ec4515c3 openssl: conditionally disable engine section
Currently, the build option to enable/disable engine support isn't
reflected in the final '/etc/ssl/openssl.cnf' config. It assumes `engines`
is always enabled, producing an error whenever running any
commands in openssl util or programs that explicitly use settings
from '/etc/ssl/openssl.cnf'.

```
➤ openssl version
FATAL: Startup failure (dev note: apps_startup()) for openssl
307D1EA97F000000:error:12800067:lib(37):dlfcn_load:reason(103):crypto/dso/dso_dlfcn.c:118:filename(libengines.so):
Error loading shared library libengines.so: No such file or directory
307D1EA97F000000:error:12800067:lib(37):DSO_load:reason(103):crypto/dso/dso_lib.c:152:
307D1EA97F000000:error:0700006E:lib(14):module_load_dso:reason(110):crypto/conf/conf_mod.c:321:module=engines, path=engines
307D1EA97F000000:error:07000071:lib(14):module_run:reason(113):crypto/conf/conf_mod.c:266:module=engines
```

Build should check for the `CONFIG_OPENSSL_ENGINE` option, and comment out `engines`
if not explicitly enabled.

Example:
```
[openssl_init]
providers = provider_sect
```

After this change, openssl util works correctly.

```
➤ openssl version
OpenSSL 3.0.14 4 Jun 2024 (Library: OpenSSL 3.0.14 4 Jun 2024)
```

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15661
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-22 16:31:23 +02:00
Sean Khan
d648ee4c58 wifi-scripts: ensure get_freq returns int (iw-6.9)
With `iw` version 6.9 frequencies are now being reported as float,
which is incompatible with wpa_supplicant's config option 'frequency'
which expects an integer.

iwinfo phy0 info output:

Version: 5.19
```
Frequencies:
  * 5180 MHz [36] (30.0 dBm)
  * 5200 MHz [40] (30.0 dBm)
  * 5220 MHz [44] (30.0 dBm)
  * 5240 MHz [48] (30.0 dBm)
  * 5260 MHz [52] (24.0 dBm)
  * 5280 MHz [56] (24.0 dBm)
  * 5300 MHz [60] (24.0 dBm)
  * 5320 MHz [64] (24.0 dBm)
  * 5500 MHz [100] (24.0 dBm)
  * 5520 MHz [104] (24.0 dBm)
  * 5540 MHz [108] (24.0 dBm)
  * 5560 MHz [112] (24.0 dBm)
  * 5580 MHz [116] (24.0 dBm)
  * 5600 MHz [120] (24.0 dBm)
  * 5620 MHz [124] (24.0 dBm)
  * 5640 MHz [128] (24.0 dBm)
  * 5660 MHz [132] (24.0 dBm)
  * 5680 MHz [136] (24.0 dBm)
  * 5700 MHz [140] (24.0 dBm)
  * 5720 MHz [144] (24.0 dBm)
  * 5745 MHz [149] (30.0 dBm)
  * 5765 MHz [153] (30.0 dBm)
  * 5785 MHz [157] (30.0 dBm)
  * 5805 MHz [161] (30.0 dBm)
  * 5825 MHz [165] (30.0 dBm)
  * 5845 MHz [169] (disabled)
  * 5865 MHz [173] (disabled)
  * 5885 MHz [177] (disabled)
```

Version: 6.9
```
Frequencies:
  * 5180.0 MHz [36] (30.0 dBm)
  * 5200.0 MHz [40] (30.0 dBm)
  * 5220.0 MHz [44] (30.0 dBm)
  * 5240.0 MHz [48] (30.0 dBm)
  * 5260.0 MHz [52] (24.0 dBm)
  * 5280.0 MHz [56] (24.0 dBm)
  * 5300.0 MHz [60] (24.0 dBm)
  * 5320.0 MHz [64] (24.0 dBm)
  * 5500.0 MHz [100] (24.0 dBm)
  * 5520.0 MHz [104] (24.0 dBm)
  * 5540.0 MHz [108] (24.0 dBm)
  * 5560.0 MHz [112] (24.0 dBm)
  * 5580.0 MHz [116] (24.0 dBm)
  * 5600.0 MHz [120] (24.0 dBm)
  * 5620.0 MHz [124] (24.0 dBm)
  * 5640.0 MHz [128] (24.0 dBm)
  * 5660.0 MHz [132] (24.0 dBm)
  * 5680.0 MHz [136] (24.0 dBm)
  * 5700.0 MHz [140] (24.0 dBm)
  * 5720.0 MHz [144] (24.0 dBm)
  * 5745.0 MHz [149] (30.0 dBm)
  * 5765.0 MHz [153] (30.0 dBm)
  * 5785.0 MHz [157] (30.0 dBm)
  * 5805.0 MHz [161] (30.0 dBm)
  * 5825.0 MHz [165] (30.0 dBm)
  * 5845.0 MHz [169] (disabled)
  * 5865.0 MHz [173] (disabled)
  * 5885.0 MHz [177] (disabled)
```

Error reported from wpa_supplicant
```console
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 10: invalid number "5320.0"
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 10: failed to parse frequency '5320.0'.
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 16: failed to parse network block.
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Failed to read or parse configuration '/var/run/wpa_supplicant-phy1-mesh0.conf'.
```

This affects mesh, adhoc, and client-mode WDS.

Until hostapd/wpa_supplicant is updated (or patched) to support float
frequencies, ensure `get_freq` prints out an integer.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15770
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-22 11:34:46 +02:00
Felix Fietkau
4a3ed518b2 wifi-scripts: rewrite wifi detect code in ucode
Rely entirely on /etc/board.json instead of screen scraping iw cli output

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
31aa61503e wifi-scripts: add default channel to board.json in wifi-detect.uc
Preparation for avoiding iw calls in /lib/wifi/mac80211.sh

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
33420f039d ucode: update to Git HEAD (2024-06-18)
8cf816d615fd socket: fix potential memory leak in connect()
8f5f231d66cd socket: optimize poll() argument handling
36f106056069 socket: remove wrong documentation fragment
525fca224012 socket: uv_to_sockaddr(): fix length calculation for AF_UNIX addresses
3938645ad9e3 socket: support IPv6 addresses in struct conversion routines
3a586dc7ddbe socket: improve uc_socket_connect() behavior
7b269f1cd3d2 socket: improve uc_socket_listen() behavior
fc6f2b89febf socket: handle further socket option value types
d6f25797dad1 socket: add IPv6 socket options
7611487b9a05 socket: implement recvmsg(), sendmsg() and cmsg support
d2e44bfa8b54 core-lib: improved documentation
e0bab40c8578 fs: add truncate() file method
5d305cfb2ab7 fs: add lock() file method
8b0318f7fabe lib: introduce zlib library

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
a6e1c5f01e iw: update to version 6.9
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Felix Fietkau
032d3fcf7a hostapd: use strdup on string passed to hostapd_add_iface
The data is modified within hostapd_add_iface

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Felix Fietkau
3984fb0582 hostapd: fix crash on interface setup failure
Add a missing NULL pointer check when deleting beacons

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Christian Marangi
2b6772c82c
firmware-utils: update to Git HEAD (2024-06-20)
224d497dd94f srec2bin: drop unused "dum" variable
6777b2d51961 uimage_sgehdr: use "char" type for header struct strings
81db3025aac5 uimage_sgehdr: drop unused "ltmp" variable
bd7fcc74b43e pc1crypt: make decrypt/encrypt functions take void * as argument
6ac44974185a linksys: add magic header generation tool for e8350 v1

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-20 23:23:30 +02:00
Thomas Weißschuh
f1b7f45f8c util-linux: update to v2.40.1
Release Notes:
	https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40-ReleaseNotes
	https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.40/v2.40.1-ReleaseNotes

Remove upstreamed:
	001-meson-properly-handle-gettext-non-existence.patch

New:
	0001-meson-Fix-build-python-option.patch

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
2024-06-20 14:06:41 +02:00
Christian Marangi
cf2b689d03
Revert "apk: limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG"
This reverts commit 25bbefcdd9.

Only the Config-build.in change needed to be merged and this contains
leftover from previous revision of the feature.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-20 05:52:05 +02:00
Daniel Golle
5e7955171c generic: backport pending driver for Winchip CH348 USB serial
Import patch and package kernel module for Winchip CH348
USB-to-8x-UART chip.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-20 01:11:09 +01:00
Christian Marangi
e6e4d90b69
mac80211: backport upstream patch for tim->virtual_map flex array warn
Backport upstream patch for tim->virtual_map flex array warning for
invalid write.

This has been notice with the bump of ath10k-ct to version 6.7.

Link: https://github.com/openwrt/openwrt/pull/15760
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-19 23:38:27 +02:00
Rafał Miłecki
156f5e8f48 base-files: migrate old UCI network sections defining bridges
Old "interface" sections for bridges were mixing layer 2 and layer 3.
That syntax got deprecated and UCI section "device" is used for bridge
configuration now.

Backward compatibility may be dropped from netifd soon now so migrate
old configs using uci-defaults script.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-06-19 12:47:58 +02:00
Rafał Miłecki
c8e68dce61 base-files: migrate old UCI network bridge ports syntax
netifd supports more accurate "ports" option (instead of "ifname") for
years now. Relevant changes were even backported to OpenWrt 21.02. Add
uci-defaults script that translates config files using deprecated
syntax.

Identical commit f716c30241 ended up reverted back in 2021 by
80be798d4a due to breaking downgrades. With 19.07 support ended it
should no longer be an issue.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-06-19 09:11:44 +02:00
Christian Marangi
d14670aea8
ath10k-ct: bump to version 6.7
Bump ath10k-ct to version 6.7.

Drop patch 100 that got merged upstream.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:42 +02:00
Christian Marangi
0134270319
mac80211: backport RX timestamp flags patch
Backport RX timestamp flags patch needed for ath10k-ct to compile with
newer versions.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:42 +02:00
Christian Marangi
3b2a81ec24
ath10k-ct: replace LEDs patch with upstream patch
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:41 +02:00
Christian Marangi
6b71ab630a
mac80211: ath10k: replace LEDs patch with upstream patch
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.

Link: https://github.com/openwrt/openwrt/pull/15735
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-18 14:09:40 +02:00
Christian Marangi
29b98a0192
Revert "mac80211: ath10k: replace LEDs patch with upstream patch"
This reverts commit dc9c5d1ee7.

Additional file for ath10k-ct slipped in, revert for a better version
pushed later.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 18:33:25 +02:00
Christian Marangi
dc9c5d1ee7
mac80211: ath10k: replace LEDs patch with upstream patch
LEDs support for ath10k has finally merged upstream hence replace it
with the upstream version.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 18:23:44 +02:00
Leon M. Busch-George
bff0e1cfd8
base-files: fix ipcalc bound calculation for /31 prefix
A small regress from the translation to shell.
Fixes #12921, originally fixed in #12925 (Github).

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Link: https://github.com/openwrt/openwrt/pull/15430
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 13:45:37 +02:00
Konstantin Demin
f3080677f5
xdp-tools: update to v1.4.2
- release notes:
  https://github.com/xdp-project/xdp-tools/releases/tag/v1.4.2
- patches rebased manually:
  - 010-configure-respect-LDFLAGS.patch

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15705
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 13:26:37 +02:00
Carlos Miguel Ferreira
76c863fe60
libquadmath: Add libquadmath to the toolchain
This commit makes the libquadmath library available to the GCC
toolchain. This library is important for libraries such as
Boost.charconv

Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15637
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 13:12:29 +02:00
John Audia
f34620f146 kernel: bump 6.6 to 6.6.33 and adjust subarches
This commit accomplishes three goals:
1. bump 6.6 to 6.6.33
2. kernel: modules: video: change package definition for fb for
   upstream changes[1]
3. kernel/multiple subtargets: add CONFIG_FB_IOMEM_FOPS=y to all
   subtargets which also set CONFIG_FB_CORE=y.

Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.33

Removed upstreamed:
	pending-6.6/195-block-fix-and-simplify-blkdevparts-cmdline-parsing.patch[2]
	gemini/patches-6.6/0003-net-ethernet-cortina-Locking-fixes.patch[3]

Manually rebased:
	ramips/patches-6.6/810-uvc-add-iPassion-iP2970-support.patch

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.6.y&id=c00e8fd749502c02085534c60b1edca4fc479c91
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.33&id=99bbbd9aea059f8a206736dc601be2ae61d366fb
3. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.6.33&id=8f6f82d6a205ceb3aba8d279f9ff6eeea0b1689b

Build system: x86/64
Build-tested: x86/64/AMD Cezanne, flogic/xiaomi_redmi-router-ax6000-ubootmod, ramips/tplink_archer-a6-v3
Run-tested: x86/64/AMD Cezanne, flogic/xiaomi_redmi-router-ax6000-ubootmod, ramips/tplink_archer-a6-v3

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: John Audia <therealgraysky@proton.me>
2024-06-15 22:44:06 +02:00
Christian Lamparter
7d9b9762c9 firmware: intel-microcode: update to 20240531
Debian changelog:

intel-microcode (3.20240531.1) unstable; urgency=medium

  * New upstream microcode datafile 20240531
    * Fix unspecified functional issues on Pentium Silver N/J5xxx,
      Celeron N/J4xxx
    * Updated Microcodes:
      sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800
  * source: update symlinks to reflect id of the latest release, 20240531

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Sat, 01 Jun 2024 11:49:47 -0300

intel-microcode (3.20240514.1) unstable; urgency=medium

  * New upstream microcode datafile 20240514
    * Mitigations for INTEL-SA-01051 (CVE-2023-45733)
      Hardware logic contains race conditions in some Intel Processors may
      allow an authenticated user to potentially enable partial information
      disclosure via local access.
    * Mitigations for INTEL-SA-01052 (CVE-2023-46103)
      Sequence of processor instructions leads to unexpected behavior in
      Intel Core Ultra Processors may allow an authenticated user to
      potentially enable denial of service via local access.
    * Mitigations for INTEL-SA-01036 (CVE-2023-45745,  CVE-2023-47855)
      Improper input validation in some Intel TDX module software before
      version 1.5.05.46.698 may allow a privileged user to potentially enable
      escalation of privilege via local access.
    * Fix for unspecified functional issues on 4th gen and 5th gen Xeon
      Scalable, 12th, 13th and 14th gen Intel Core processors, as well as for
      Core i3 N-series processors.
    * Updated microcodes:
      sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632
      sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
      sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400
      sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390
      sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256
      sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035
      sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208
      sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433
      sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808
      sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040
      sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240
      sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960
      sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230
  * source: update symlinks to reflect id of the latest release, 20240514

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Thu, 16 May 2024 21:40:52 -0300

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2024-06-15 11:20:13 +02:00
Aleksander Jan Bajkowski
1b846fe208 kernel: ltq-adsl: fix compilation warning on 6.6
Fix compilation warning:
./include/linux/export.h:29:22: error: passing argument 1 of 'class_create' from incompatible pointer type [-Werror=incompatible-pointer-types]
   29 | #define THIS_MODULE (&__this_module)
      |                     ~^~~~~~~~~~~~~~~
      |                      |
      |                      struct module *
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:1105:29: note: in expansion of macro 'THIS_MODULE'
 1105 |    dsl_class = class_create(THIS_MODULE, "dsl_cpe_api");
      |                             ^~~~~~~~~~~
In file included from ./include/linux/device.h:31,
                 from ./include/linux/platform_device.h:13,
                 from ./include/linux/of_device.h:5,
                 from ./include/linux/of_platform.h:10,
                 from /home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:15:
./include/linux/device/class.h:230:54: note: expected 'const char *' but argument is of type 'struct module *'
  230 | struct class * __must_check class_create(const char *name);
      |                                          ~~~~~~~~~~~~^~~~
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-dsl-ar9/drv_dsl_cpe_api-3.24.4.4/src/common/drv_dsl_cpe_os_linux.c:1105:16: error: too many arguments to function 'class_>
 1105 |    dsl_class = class_create(THIS_MODULE, "dsl_cpe_api");
      |                ^~~~~~~~~~~~
./include/linux/device/class.h:230:29: note: declared here
  230 | struct class * __must_check class_create(const char *name);
      |                             ^~~~~~~~~~~~
cc1: all warnings being treated as errors

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2024-06-14 14:32:28 +02:00
Aleksander Jan Bajkowski
fda7563c9a kernel: ltq-adsl-mei: fix compilation warning on 6.6
Fix compilation warning:
./include/linux/export.h:29:22: error: passing argument 1 of 'class_create' from incompatible pointer type [-Werror=incompatible-pointer-types]
   29 | #define THIS_MODULE (&__this_module)
      |                     ~^~~~~~~~~~~~~~~
      |                      |
      |                      struct module *
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:2774:34: note: in expansion of macro 'THIS_MODULE'
 2774 |         dsl_class = class_create(THIS_MODULE, "ifx_mei");
      |                                  ^~~~~~~~~~~
In file included from ./include/linux/device.h:31,
                 from ./include/linux/dma-mapping.h:8,
                 from ./include/linux/skbuff.h:28,
                 from ./include/net/net_namespace.h:43,
                 from ./include/linux/netdevice.h:38,
                 from /home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:39:
./include/linux/device/class.h:230:54: note: expected 'const char *' but argument is of type 'struct module *'
  230 | struct class * __must_check class_create(const char *name);
      |                                          ~~~~~~~~~~~~^~~~
/home/aleksander/workspace/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/ltq-adsl-mei-ar9/ltq-adsl-mei/drv_mei_cpe.c:2774:21: error: too many arguments to function 'class_create'
 2774 |         dsl_class = class_create(THIS_MODULE, "ifx_mei");
      |                     ^~~~~~~~~~~~
./include/linux/device/class.h:230:29: note: declared here
  230 | struct class * __must_check class_create(const char *name);
      |                             ^~~~~~~~~~~~
cc1: all warnings being treated as errors

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2024-06-14 14:32:28 +02:00
Rosen Penev
6b03050192 mac80211: remove mtd-cal-data
All usages of mtd-cal-data have been removed. To avoid submissions that
rely on this deprecated behavior, remove it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15671
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-13 18:10:27 +02:00
Paul Spooren
213bd273ed base-files: Reapply fixed "Ignore exit code of uci.sh inclusion"
This reverts commit 80d1c353b7 with the
fix which won't break running systems. A logic error on how shell
handles && and || more the init process.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-06-12 11:12:13 +02:00
Petr Štetiar
b2a84c86e3
apk: host: make the help available
Currently, the apk utility lacks accessible help documentation, making
it cumbersome for human users:

 apk-tools 3.0.0_pre20240519, compiled for x86_64.

 ERROR: This apk-tools has been built without help

This absence of help forces users to delve into the apk's build
directory to understand its functionality. To enhance usability, we will
enable the help feature for the host build. The host environment can
accommodate the 3% increase in binary size for the added convenience.

On Ubuntu 22.04, x86_64 platform, the apk size increases by 17,816 bytes
(from 594,144 to 611,960 bytes), a 2.99% increase. This is a reasonable
trade-off for improved ergonomics.

Additionally fix the Lua host build dependency as apk-tools uses during
the build Lua to convert SCDOC manpages to apk-tools help messages.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:20 +02:00
Christian Marangi
25bbefcdd9
apk: limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG
Limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG as APK have different
way to validate package integrity (apk audit)

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:19 +02:00
Christian Marangi
8ca2e2852e
base-files: skip fix-group-user uci-default for APK installation
For APK installation we don't have /usr/lib/opkg/info and user fixup are
handled dirrectly. Skip the script in such case.

Also remove this uci-defaults if we have CONFIG_USE_APK enabled.

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:18 +02:00
Christian Marangi
9f6fc4f524
dropbear: don't install /usr/lib/opkg/info in package install
Don't install /usr/lib/opkg/info in package install as it doesn't make
sense and conflicts with APK installations.

Fixes: a377aa9ab5 ("add dropkey ssh keys and config files to the conffiles section (#2014)")
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:17 +02:00
Christian Marangi
93d49529a1
apk: provide csum for static conffiles
For non-overlay configuration we need checksum for config file that
weren't modified by the user. For OPKG in sysupgrade we check the status
file for the Conffiles: entry of every package. this entry contains
checksum for every static file that the package contains.

Provide the same info for APK by creating a conffiles_static file and
parse this file on sysupgrade for non-overlay configurations.

This is also used by the sysupgrade -u option to exclude non-changed
files from the final backup.

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:17 +02:00
Petr Štetiar
617431685e
build: package: fix missing host apk dependency
Currently the build with USE_APK=y fails in package/libs/toolchain:

 staging_dir/host/bin/fakeroot: line 182: staging_dir/host/bin/apk: No such file or directory
 make[2]: *** [Makefile:758: bin/targets/mediatek/filogic/packages/libgcc1-13.2.0-r4.apk] Error 127

as commit d788ab376f ("build: add APK package build capabilities") added
dependency on apk in packaging step, but there is no host build
dependency defined, thus apk binary is missing when libgcc1 apk package is being
created. So lets fix it by adding explicit apk/host dependency to all
targets in the subdirectories.

Fixes: d788ab376f ("build: add APK package build capabilities")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[ rework logic to be more self contained ]
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:14 +02:00
Robert Marko
b47fbca97f yafut: update to fix basename() issue
Since musl 1.2.5 update yafut would throw a warning about implicit
declaration of basename() but would still somehow compile.
However, trying to use it on a device will cause it to instantly
Segmentation fault.

So, to fix this lets update to the current upstream repository version
that has removed the use of basename() completely.

Link: https://github.com/openwrt/openwrt/pull/15685
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-11 14:27:47 +02:00
Daniel Golle
83311b7470 mt76: mt7996: select required kernel and hostap options
Select DRIVER_11AX_SUPPORT and KERNEL_RELAY also for kmod-mt7996 to
prevent build failure if only this driver is selected during build and
end up with (most) required hostap features (IEEE 802.11be rates are not
yet supported).

Reported-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-11 00:10:21 +01:00
Florian Eckert
fe5fe3c8e7 kernel: modules: netdevice: remove kmod-of-mdio dependency for kmod-stmmac-core
The 'kmod-stmmac-core' package is referenced by the following packages:
* kmod-dwmac-intel
* kmod-dwmac-imx
* kmod-dwmac-sun8i

The problem is that 'kmod-of-mdio' is not selectable for 'TARGET_x86'.
That means the package 'kmod-dwmac-intel' is not available on this
architecture and so the package 'kmod-dwmac-intel' could not be enabled.

To fix this remove the dependencies 'kmod-of-mdio' from 'kmod-stmmac-core'.
This is not needed on this level, because the modules 'kmod-of-mdio' is
already selected by the packages 'kmod-dwmac-imx' and 'kmod-dwmac-sun8i'.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-06-10 16:50:29 +02:00
John Audia
bac2f1bed6 openssl: update to 3.0.14
Major changes between OpenSSL 3.0.13 and OpenSSL 3.0.14 [04-Jun-2024]

* Fixed potential use after free after SSL_free_buffers() is called.
  [CVE-2024-4741]
* Fixed checking excessively long DSA keys or parameters may be very slow.
  [CVE-2024-4603]
* Fixed an issue where some non-default TLS server configurations can cause
  unbounded memory growth when processing TLSv1.3 sessions. An attacker may
  exploit certain server configurations to trigger unbounded memory growth that
  would lead to a Denial of Service.  [CVE-2024-2511]
* New atexit configuration switch, which controls whether the OPENSSL_cleanup
  is registered when libcrypto is unloaded. This can be used on platforms
  where using atexit() from shared libraries causes crashes on exit

Signed-off-by: John Audia <therealgraysky@proton.me>

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
2024-06-08 23:29:31 +02:00
Martin Schiller
abf1c4e67d kernel: ltq-vdsl-vr9: fix compilation with linux 6.6
This adds some compile fixes for linux 6.6 compatibility.

class_create now require only the name instead of the module ownership
reference.

Also the kernel enabled checks for enum.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Martin Schiller
45eeedbbfc kernel: ltq-vdsl-vr9-mei: fix compilation with linux 6.6
This adds some compile fixes for linux 6.6 compatibility.

class_create now require only the name instead of the module ownership
reference.

Also the kernel enabled checks for enum.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Martin Schiller
10f8a14eca kernel: ltq-deu: fix compilation with linux 6.6
struct u128 and u128_xor() was removed by upstream commit f413e724818c
("cyrpto/b128ops: Remove struct u128").

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Martin Schiller
c7648273d0 kernel: ltq-vectoring: Avoid flush_scheduled_work() usage
This fixes some compile warnings for linux 6.6.

Flushing system-wide workqueues is dangerous and will be forbidden.
Replace system_wq with local vectoring_wq.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-06-08 23:25:35 +02:00
Tony Ambardar
56b15913af libbpf: Update to v1.4.3
Update to the latest upstream release to include recent improvements and
bugfixes, and simplify use of PKG_SOURCE_VERSION.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.3
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-06-08 14:21:40 +02:00
Tony Ambardar
1cb489c784 kexec-tools: fix multiple compile errors
Add two patches to fix compile errors being repeatedly seen on OpenWrt CI.

The first is an upstream backport to fix this i386-related error:

  x86_64-openwrt-linux-musl-gcc  -mcmodel=large -I./purgatory/include
  -I./purgatory/arch/x86_64/include -I./util_lib/include -I./include -Iinclude
  -I/builder/shared-workdir/build/sdk/staging_dir/toolchain-x86_64_gcc-13.3.0_musl/lib/gcc/x86_64-openwrt-linux-musl/13.3.0/include
  -c -MD -o purgatory/arch/i386/entry32-16.o purgatory/arch/i386/entry32-16.S
  purgatory/arch/i386/entry32-16.S: Assembler messages:
  purgatory/arch/i386/entry32-16.S:23: Error: 64bit mode not supported on `i386'.

The second addresses an error using basename() on musl libc:

  kexec/arch/i386/x86-linux-setup.c: In function 'add_edd_entry':
  kexec/arch/i386/x86-linux-setup.c:332:20: warning: implicit declaration of function 'basename' [-Wimplicit-function-declaration]
    332 |         if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) {
        |                    ^~~~~~~~
  kexec/arch/i386/x86-linux-setup.c:332:20: warning: passing argument 1 of 'sscanf' makes pointer from integer without a cast [-Wint-conversion]
    332 |         if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) {
        |                    ^~~~~~~~~~~~~~~~~~~~
        |                    |
        |                    int
  ...

Fixes: #14621
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-06-08 14:08:38 +02:00
Robert Marko
80d1c353b7 Revert "base-files: Ignore exit code of uci.sh inclusion"
This reverts commit 17d8c5825e.
This commit is breaking init somehow, even the hostname is not set,
so until its fixed, revert it.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-08 12:57:18 +02:00
Paul Spooren
17d8c5825e base-files: Ignore exit code of uci.sh inclusion
When running unit tests this causes trouble since `/lib/config/uci.sh`
isn't available in those cases. Instead exit with a clean status fo the
unit test framework don't wrongly interpret things as an error.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-06-07 21:49:09 +02:00
Tianling Shen
4edde98768 mediatek: fix wps button for nokia ea0326gmp
The gpio is actually low active, fix it.

Fixes: 40e7fab9e4 ("mediatek: add Nokia EA0326GMP support")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15651
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-07 14:19:39 +02:00
Felix Fietkau
b9650de249 mac80211: backport an upstream patch needed by mt76 for AES_GMAC key support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-07 06:02:13 +02:00
Paul Spooren
eea666d583
apk: bump to 2024-05-23
containing fixes around tar and internal checksums.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Link: https://github.com/openwrt/openwrt/pull/15646
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-06 19:20:59 +02:00
Tim Harvey
892b654629 kernel: modules: video: adapt imx modules for 6.6
the ipuv3 based video kernel modules moved into the ipuv3 directory for
6.6.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2024-06-06 22:04:23 +02:00
Tim Harvey
eebe2d1a83 kernel: modules: video: fix imx-ldb
Commit ae8bf1a26e ("imx: add imx8m support") configured the
drm-imx-ldb kmod for imx_cortexa9 and imx_cortexa7 however it is only
applicable to imx_cortexa9 (imx6).

Fix this so that we can avoid a missing module config for cortexa7 when
moving to the 6.6 kernel.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2024-06-06 22:04:23 +02:00
Rosen Penev
32671b36a1 mdadm: update to 4.3
Backport three patches, add one for GCC14, and add Alpine time_t patch for
musl.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-06-06 22:02:21 +02:00
Felix Fietkau
a3d1583317 Revert "hostapd: add support for authenticating with multiple PSKs via ubus helper"
This reverts commit c67d5189a4.
Revert until reported issues have been resolved

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-06 21:34:20 +02:00
Tianling Shen
40e7fab9e4 mediatek: add Nokia EA0326GMP support
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: 128 MB SPI-NAND
  RAM: 256MB
  Ethernet: 4x 10/100/1000 Mbps
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, WPS/Mesh
  Power: DC 12V 1A

Gain SSH access:
1. Login into web interface, and download the configuration.
2. Download the configration utilities:
   https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7981-nokia-ea0326gmp-config-utils.tar.gz
     These binaries are extraced from the factory firmware, which are
     dynamically linked with aarch64 musl 1.1.24. To use them, you
     must run them under the same runtime environment, otherwise the
     binaries will not work properly!
3. Upload the configuration and utilities to a suitable environment.
4. Uncompress the utilities, move them to '/bin' and give them executable permisison:
   tar -zxf openwrt-mediatek-mt7981-nokia-ea0326gmp-config-utils.tar.gz
   mv mkconfig seama /bin
   chmod +x /bin/mkconfig
   chmod +x /bin/seama
5. Decrypt and uncompress the configuration:
     Enter fakeroot if you are not login as root.
   mkconfig -a de-enca -m EA0326GMP_3FE79221BAAA -i EA0326GMP_3FE79221BAAA-xxxxxxxx-backup.tar.gz -o backup.tar.gz
   tar -zxf backup.tar.gz
6. Edit 'etc/config/dropbear', set 'enable' to '1'.
7. Edit 'etc/passwd', remove root password: 'root::1:0:99999:7:::'.
8. Repack the configuration:
   tar -zcf backup.tar.gz etc/
   mkconfig -a enca -m EA0326GMP_3FE79221BAAA -i backup.tar.gz -o EA0326GMP_3FE79221BAAA-xxxxxxxx-backup.tar.gz
9. Upload new configuration via web interface, now you can SSH to EA0326GMP.

A minimum configuration which enabled SSH access is also provided
to simplify the process:
https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7981-nokia-ea0326gmp-enable-ssh.tar.gz

Flash instructions:
1. SSH to EA0326GMP, backup everything, especially 'Factory' part.
2. Write new BL2:
   mtd write openwrt-mediatek-filogic-nokia_ea0326gmp-preloader.bin BL2
3. Write new FIP:
   mtd write openwrt-mediatek-filogic-nokia_ea0326gmp-bl31-uboot.fip FIP
4. Set static IP on your PC:
   IP 192.168.1.254/24, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, perform sysupgrade.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-06-06 18:56:32 +01:00
Felix Fietkau
c67d5189a4 hostapd: add support for authenticating with multiple PSKs via ubus helper
Also supports assigning a VLAN ID based on the PSK

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-06 11:47:59 +02:00
Daniel Golle
a6487e393b uboot-mediatek: snfi: FM35Q1GA is x4-only
Dont allow x2 read and cache read operations on FM35Q1GA as they seem
to be unstable. Also the Linux drivers does not allow x2 ops.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-05 21:05:52 +01:00
Daniel Golle
24bf241f8c arm-trusted-firmware-mediatek: import patchset for Fidelix flash on SNFI
Import pending patches to set pinconf settings for SPI-NAND pins on
MT7622 identical to what the old proprietary preloader did.

Should further increase the reliability of some SNFI-attached SPI-NAND
flash chips.

Link: https://github.com/mtk-openwrt/arm-trusted-firmware/pull/7
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-05 21:05:52 +01:00
Daniel Golle
4a2908f3bc arm-trusted-firmware-mediatek: update to MediaTek-patched v2.10.0
Update ARM TrustedFirmware-A to the most recent release of
MediaTek downstream patched version released 2024-01-17.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-05 21:05:52 +01:00
INAGAKI Hiroshi
fbeff10b5a mtd: enable trx feature on ramips
Enable trx feature of mtd command to fixup trx length and crc32 while
booting for some Buffalo devices.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2024-06-05 21:14:16 +02:00
Michał Kępień
3152c440bb yafut: sync version between tools/ and package/ directories
Use the same Yafut code revision for both updating devices with NAND
flash and preparing firmware images for devices with NOR flash.

Signed-off-by: Michał Kępień <openwrt@kempniu.pl>
Link: https://github.com/openwrt/openwrt/pull/13453
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-05 17:03:24 +02:00
Linus Walleij
5b3f6b4d96 kernel: modules: Break out a submenu for RTCs
There are too many RTC drivers in other.mk, they deserve their
own menu and .mk-file, so let's break them out to a separate
entity.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-06-04 09:28:25 +02:00
Fabrice Fontaine
58a5877846 package/utils/secilc: drop PKG_CPE_ID
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️selinuxproject:secilc

Fixes: 9ee7c1ec60 (secilc: adds new package)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15298
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-02 20:49:48 +02:00
Hauke Mehrtens
e4f323ed56 uboot-tegra: Set UBOOT_USE_INTREE_DTC
U-Boot 2024.04 for tegra needs swig installed on the host, this
dependency is only checked if UBOOT_USE_INTREE_DTC is set. add the
missing definition.

Fixes: 6832faf340 ("uboot-tegra: bump version to 2024.04")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-06-02 18:06:39 +02:00
Hauke Mehrtens
8647ce0800 kernel: Split kmod-video-dma into two kmods
Split the kmod-video-dma into kmod-video-dma-sg and
kmod-video-dma-contig. The old one contained two kmods, but sometimes
only one of them is build which caused problems. The configuration
options are not manually selectable in the kernel and hidden in OpenWrt.

Currently this causes build failures on some targets.

Fixes: 4d7cbe0a55 ("kernel: video-dma: explicitly state packaged modules")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-06-02 17:38:23 +02:00
Zoltan HERPAI
8619d7af67 kirkwood: add D-Link DNS-320L support
Dual-slot NAS based on Marvell Kirkwood.

Specifications:
 - Marvell 88F6702 @1GHz
 - 256Mb RAM
 - 128Mb NAND
 - 1x GbE LAN (Marvell 88E1318R)
 - 1x USB 2.0
 - 2x SATA
 - Weltrend WT69P3 ("supervisor" MCU chip)
 - Serial on J2 (115200,8n1)
 - Newer bootROM so kwboot-ing via serial is possible

Notes:
 - The Weltrend MCU is controlled by the package added in utils/dns320l-mcu.
 - The original MAC address is stored in the "mini firmware" image's first
   17 bytes.
 - Compared to the original MTD layout, the uImage+rootfs are now stored in
   a common ubi partition.

Installation:
1. Serial console
 - Connect your levelshifter to the serial console
   on J2 (refer to the wiki page for pinout)
2. Update u-boot
 - Download the u-boot.kwb image for the device
 - Powercycle the NAS
 - Run "kwboot -b u-boot-dns320l/u-boot.kwb /dev/ttyUSB0 -p"
 - Connect to the serial console with minicom
 - tftp 0x0800000 u-boot-dns320l/u-boot.kwb
   (Please note that "PHY reset timed out" seems to be customary
    on kirkwood devices, the egiga0 interface works regardless.)
 - nand erase 0x0 100000
 - nand write 0x0800000 0x0 0x100000
 - reset
3. Install OpenWrt
 - Boot up the initramfs image
 - tftpboot 0x800000 openwrt-kirkwood-generic-dlink_dns320l-initramfs-uImage; bootm 0x800000
 - Download the sysupgrade image and perform sysupgrade

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Reviewed-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-06-01 01:29:09 +02:00
Tomasz Maciej Nowak
4d7cbe0a55 kernel: video-dma: explicitly state packaged modules
Because wildcard in variable stating packaged modules, the filtering for
built-in kernel modules didn't work and would cause a packaging failure.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2024-05-31 14:38:17 +02:00
Tony Ambardar
87d5d38e2a ply: add dynamic tracing package using BPF
ply is a light-weight dynamic tracer for Linux that leverages the kernel's
BPF VM in concert with kprobes/tracepoints to attach probes to arbitrary
points in the kernel.

Most tracers that generate BPF bytecode are based on the LLVM-based BCC
toolchain; ply on the other hand has no external dependencies outside libc,
making it suitable for use on constrained embedded systems.

Currently ply supports x86_64, aarch64, arm, riscv64, riscv32, powerpc,
mips(el), and mips64(el) architectures.

Further documentation, examples and implementation details may be found at:
https://github.com/iovisor/ply.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-05-31 11:51:45 +02:00
Rosen Penev
2f4bb69664 packages: refresh patches
CI is supposed to catch all of these. Some of these predate CI.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-05-31 11:30:06 +02:00
Hauke Mehrtens
0cf4c8a986 kernel: Add CONFIG_FB_DEVICE to kmod-fb
At least kmod-fb-tft depends on CONFIG_FB_DEVICE and can not be
activated without it.

This configuration option was added with kernel 6.6, before this featre
was always activated.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-31 11:27:17 +02:00
Rui Salvaterra
2ae1330a22 iproute2: update to 6.9.0
Support for iptables action has been dropped. Remove tc-mod-iptables and related
patch (175-reduce-dynamic-syms.patch).

We also add the missing libbpf dependency for `ss` since iproute 8740ca9
("ss: add support for BPF socket-local storage") now means that `ss` requires
libbpf as well.

Fix 170-ip_tiny.patch, as the help text didn't match all the included functions.

Drop upstreamed patches 402-bpf-fix-warning-from-basename.patch
and 403-bpf-include-libgen.h-for-basename.patch.

All other patches automatically rebased.

Co-authored-by: Rany Hany <rany_hany@riseup.net>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 11:13:31 +02:00
Rany Hany
b2e0775bc6 iproute2: fix build on GCC 14
Upstream patches:

401-bridge-vlan.c-bridge-vlan.c-fix-build-with-gcc-14-on.patch
402-bpf-fix-warning-from-basename.patch
403-bpf-include-libgen.h-for-basename.patch

The patch (400-rdma-include-libgen.h-for-basename.patch) was not
submitted upstream but just adds a missing include for basename.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 11:13:31 +02:00
Rany Hany
a41747ac8e mbedtls: fix build on GCC 14
Without this patch, GCC 14 incorrectly complains about the following error:

In file included from /home/user/workspace/mbedtls/library/ctr_drbg.c:13:
In function ‘mbedtls_xor’,
    inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:17: error: array subscript 48 is outside array bounds of ‘unsigned char[48]’ [-Werror=array-bounds=]
  235 |         r[i] = a[i] ^ b[i];
      |                ~^~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:335:19: note: at offset 48 into object ‘tmp’ of size 48
  335 |     unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
      |                   ^~~
In function ‘mbedtls_xor’,
    inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:24: error: array subscript 48 is outside array bounds of ‘const unsigned char[48]’ [-Werror=array-bounds=]
  235 |         r[i] = a[i] ^ b[i];
      |                       ~^~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:333:57: note: at offset 48 into object ‘data’ of size [0, 48]
  333 |                                     const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN])
      |                                     ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘mbedtls_xor’,
    inlined from ‘ctr_drbg_update_internal’ at /home/user/workspace/mbedtls/library/ctr_drbg.c:372:5:
/home/user/workspace/mbedtls/library/common.h:235:14: error: array subscript 48 is outside array bounds of ‘unsigned char[48]’ [-Werror=array-bounds=]
  235 |         r[i] = a[i] ^ b[i];
      |         ~~~~~^~~~~~~~~~~~~
/home/user/workspace/mbedtls/library/ctr_drbg.c: In function ‘ctr_drbg_update_internal’:
/home/user/workspace/mbedtls/library/ctr_drbg.c:335:19: note: at offset 48 into object ‘tmp’ of size 48
  335 |     unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
      |                   ^~~

This change adds a basic check to silence the warning until a solution is worked on upstream.
As this check is already used by another compiler, it shouldn't cause any issues for us.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 10:33:06 +02:00
Hauke Mehrtens
72f0e5184e kernel: kmod-ipt-clusterip: Depend on kernel 5.15 and 6.1
The kernel module was removed in kernel 6.3.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9db5d918e2c07fa09fab18bc7addf3408da0c76f

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-28 22:07:43 +02:00
Hauke Mehrtens
ee1983a2ff kernel: kmod-can-usb-esd: Fix build on kernel 6.6
The kernel module and configuration option was renamed from esd_usb2.ko
to esd_usb.ko in kernel 6.0. Adapt the kernel package.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5e910bdedc84c1f196863cebdf27c1806449c27c

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-28 22:07:43 +02:00
Hauke Mehrtens
2650e7ac1b linux-firmware: Update to version 20240513
This updates the following firmware files:
airoha-en8811h-firmware/lib/firmware/airoha/EthMD32.DSP.bin
airoha-en8811h-firmware/lib/firmware/airoha/EthMD32.dm.bin
amdgpu-firmware/ (Many files)
ibt-firmware/lib/firmware/intel/ibt-0040-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-0040-1020.sfi
ibt-firmware/lib/firmware/intel/ibt-0040-1050.sfi
ibt-firmware/lib/firmware/intel/ibt-0040-2120.sfi
ibt-firmware/lib/firmware/intel/ibt-0040-4150.sfi
ibt-firmware/lib/firmware/intel/ibt-0041-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-0180-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-0180-1050.sfi
ibt-firmware/lib/firmware/intel/ibt-0180-4150.sfi
ibt-firmware/lib/firmware/intel/ibt-0291-0291.ddc
ibt-firmware/lib/firmware/intel/ibt-0291-0291.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-1020.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-1050.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-2120.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-4150.sfi
ibt-firmware/lib/firmware/intel/ibt-17-16-1.sfi
ibt-firmware/lib/firmware/intel/ibt-17-2.sfi
ibt-firmware/lib/firmware/intel/ibt-18-16-1.sfi
ibt-firmware/lib/firmware/intel/ibt-18-2.sfi
ibt-firmware/lib/firmware/intel/ibt-19-0-0.sfi
ibt-firmware/lib/firmware/intel/ibt-19-0-1.sfi
ibt-firmware/lib/firmware/intel/ibt-19-0-4.sfi
ibt-firmware/lib/firmware/intel/ibt-19-16-4.sfi
ibt-firmware/lib/firmware/intel/ibt-19-240-1.sfi
ibt-firmware/lib/firmware/intel/ibt-19-240-4.sfi
ibt-firmware/lib/firmware/intel/ibt-19-32-0.sfi
ibt-firmware/lib/firmware/intel/ibt-19-32-1.sfi
ibt-firmware/lib/firmware/intel/ibt-19-32-4.sfi
ibt-firmware/lib/firmware/intel/ibt-20-0-3.sfi
ibt-firmware/lib/firmware/intel/ibt-20-1-3.sfi
ibt-firmware/lib/firmware/intel/ibt-20-1-4.sfi
iwlwifi-firmware-ax200/lib/firmware/iwlwifi-cc-a0-77.ucode
iwlwifi-firmware-ax201/lib/firmware/iwlwifi-QuZ-a0-hr-b0-77.ucode
iwlwifi-firmware-ax210/lib/firmware/iwlwifi-ty-a0-gf-a0.pnvm
iwlwifi-firmware-be200/lib/firmware/iwlwifi-gl-c0-fm-c0.pnvm
iwlwifi-firmware-iwl9000/lib/firmware/iwlwifi-9000-pu-b0-jf-b0-46.ucode
iwlwifi-firmware-iwl9260/lib/firmware/iwlwifi-9260-th-b0-jf-b0-46.ucode
mt7921bt-firmware/lib/firmware/mediatek/BT_RAM_CODE_MT7961_1_2_hdr.bin
mt7922bt-firmware/lib/firmware/mediatek/BT_RAM_CODE_MT7922_1_1_hdr.bin
rtl8852ce-firmware/lib/firmware/rtw89/rtw8852c_fw.bin

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-28 22:04:34 +02:00
Georgi Valkov
32e4c50d24 ebtables: fix compilation with GCC14
Remove 100-musl_fix.patch, which is no longer needed
and causes a build error with gcc-14.

Fixes:
useful_functions.c:63:41: error: passing argument 1 of 'ether_ntoa' from incompatible pointer type [-Wincompatible-pointer-types]
   63 |                 printf("%s", ether_ntoa((struct ether_addr *) mac));
      |                                         ^~~~~~~~~~~~~~~~~~~~~~~~~
      |                                         |
      |                                         struct ether_addr *
In file included from include/ebtables_u.h:28,
                 from useful_functions.c:25:
/Volumes/wrt3200/openwrt/staging_dir/toolchain-arm_cortex-a9+vfpv3-d16_gcc-14.1.0_musl_eabi/include/netinet/ether.h:10:19: note: expected 'const struct ether_addr *' but argument is of type 'struct ether_addr *'
   10 | char *ether_ntoa (const struct ether_addr *);
      |                   ^~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15576
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-28 10:41:45 +02:00
Tomasz Maciej Nowak
f7f8099aa3 ath79: add support for Dell SonicPoint ACe APL26-0AE
Dell/SonicWall APL26-0AE (marketed as SonicPoint ACe) is a dual band
wireless access point. End of life as of 2022-07-31.

Specification
SoC: QualcommAtheros QCA9550
RAM: 256 MB DDR2
Flash: 32 MB SPI NOR
WIFI: 2.4 GHz 3T3R integrated
      5 GHz 3T3R QCA9890 oversized Mini PCIe card
Ethernet: 2x 10/100/1000 Mbps QCA8334
          port labeled lan1 is PoE capable (802.3at)
USB: 1x 2.0
LEDs: LEDs: 6x which 5 are GPIO controlled and two of them are dual color
Buttons: 2x GPIO controlled
Serial: RJ-45 port, SonicWall pinout
        baud: 115200, parity: none, flow control: none

Before flashing, be sure to have a copy of factory firmware, in case You
wish to revert to original firmware.
All described procedures were done in following environment:
ROM Version: SonicROM (U-Boot) 8.0.0.0-11o
SafeMode Firmware Version: SonicOS 8.0.0.0-14o
Firmware Version: SonicOS 9.0.1.0
In case of other versions, following installation instructions might be
ineffective.

Installation
1. Prepare TFTP server with OpenWrt sysupgrade image and rename that
   image to "sp_fw.bin".
2. Connect to one of LAN ports.
3. Connect to serial port.
4. Hold the reset button (small through hole on side of the unit),
   power on the device and when prompted to stop autoboot, hit any key.
   The held button can now be released.
5. Alter U-Boot environment with following commands:
    setenv bootcmd bootm 0x9F110000
    saveenv
6. Adjust "ipaddr" (access point, default is 192.168.1.1) and "serverip"
   (TFTP server, default is 192.168.1.10) addresses in U-Boot
   environment, then run following commands:
    tftp 0x80060000 sp_fw.bin
    erase 0x9F110000 +0x1EF0000
    cp.b 0x80060000 0x9F110000 $filesize
7. After successful flashing, execute:
    boot
8. The access point will boot to OpenWrt. Wait few minutes, until the
    wrench LED will stop blinking, then it's ready for configuration.

Known issues
Initramfs image can't be bigger than specified kernel size, otherwise
bootloader will throw LZMA decompressing error. Switching to lzma-loader
should workaround that.
This device has Winbond 25Q256FVFG and doesn't have reliable reset, which
causes hang on reboot, thus broken-flash-reset needs to be added. This
property addition causes dispaly of "scary" warning on each boot, take
this warnig into consideration.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2024-05-27 00:32:57 +02:00
Til Kaiser
0a861a0c0f kernel/modules/other/mlxreg: add new package
This commit adds a new mlxreg package, which allows access
to Mellanox programmable device register space through sysfs
interface for thermal control and hardware management.

It also adds required Mellanox I²C drivers and packages
for the "special" MSN4800 series and SN2201 platform.

Signed-off-by: Til Kaiser <mail@tk154.de>
2024-05-25 20:36:32 +02:00
Til Kaiser
0e56bd3eb5 kernel/modules/other/mlx_wdt: add new package
This commit adds a new driver for the hardware watchdog
on Mellanox systems.

Signed-off-by: Til Kaiser <mail@tk154.de>
2024-05-25 20:36:32 +02:00
Pawel Dembicki
9d44340952 tfa-layerscape: Bump to lf-6.6.3-1.0.0
This commit bumps tfa-layerscape package to version lf-6.6.3-1.0.0

Manually rebased:
001-fiptool-hostbuild-fixes.patch
004-plat-nxp-restore-ls1012afrdm-support.patch

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
Pawel Dembicki
35efee1329 uboot-layerscape: bump to lf-6.6.3-1.0.0
This commit bumps u-boot layerscape package to lf-6.6.3-1.0.0 version.

Removed upstreamed:
0001-board-ls1046ardb-force-PCI-device-enumeration.patch
0002-board-ls1043ardb-force-PCI-device-enumeration.patch

Manually rebased:
0900-layerscape-adjust-LS1021A-IOT-config-for-OpenWrt.patch

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
Pawel Dembicki
322f2c1424 ppfe-firmware: Bump to lf-6.6.3-1.0.0
Bump ppfe-firmware package to lf-6.6.3-1.0.0

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
Pawel Dembicki
1cceadf3ce ls-rcw: Bump to lf-6.6.3-1.0.0
Bump ls-rcw package to lf-6.6.3-1.0.0.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
Pawel Dembicki
b6af057cbf ls-ddr-phy: bump to lf-6.6.3-1.0.0
Bump ls-ddr-phy to version lf-6.6.3-1.0.0.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
Pawel Dembicki
00c59f8d04 fman-ucode: Bump to lf-6.6.3-1.0.0
Bump fman-ucode to version lf-6.6.3-1.0.0.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-05-25 20:18:23 +02:00
INAGAKI Hiroshi
8366e0d606 uboot-envtools: add support for ELECOM WRC-X1800GS
Add support for ELECOM WRC-X1800GS on uboot-envtools, to update
bootmenu_delay variable on sysupgrade.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2024-05-25 19:33:28 +02:00
Daniel Golle
17ca4cccc6 uboot-mediatek: fix white-space in package Makefile
Replace accidental spaces with tabs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-25 03:54:20 +01:00
Daniel Golle
ac424d0983 uboot-mediatek: refresh patches
Patch 290-mt7981-add-USB-nodes.patch needs a refresh.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-25 03:54:20 +01:00
Daniel Golle
c71b68acdd mediatek: filogic: add Adtran SmartRG Mount Stuart series
Common specifications:
 * Mediatek MT7988A (4x Cortex-A73, up to 1.8 GHz clock speed)
 * 8 GiB eMMC
 * 2 GiB DDR4 RAM
 * 1x 10000M/1000M/100M + 3x 1000M/100M/10M LAN ports
 * MT7996 Tri-band (2.4G, 5G, 6G) 4T4R 802.11be Wi-Fi
 * Airoha AG3352 GPS
 * Renesas DA14531MOD Bluetooth
 * 2 buttons (Reset, Mesh/WPS)
 * uC-controlled RGB LED via I2C
 * 2x LED for each 1G port, 3x LED for each 10G port
 * USB 3.0 type A port
 * 3.3V-level 115200 baud UART console via 4-pin Dupont connector
   exposed at the bottom of the device
 * USB-C PD power input

SDG-8733: 1x 10000M/1000M/100M WAN port
SDG-8734: 1x USXGMII/10GBase-R/5GBase-R/2500Base-X/1000Base-X/SGMII SFP+

Both models are also available in versions including 2x FXS POTS interfaces
for analog phones. Those interfaces are not supported by OpenWrt.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-24 18:34:13 +01:00
Rany Hany
3e024022c3 linux-atm: fix build with GCC 14
Basic changes to make linux-atm build without any issues with GCC 14.

Besides some errors caused by -Wpointer-sign, there was also an issue
with socklen_t not being used for getsockopt() and accept()
sometimes.

I also updated the Debian patch to include the latest changes from
version "1:2.5.1-5.1" in Debian Sid. This allowed me to drop
"600-fix-format-errors.patch" and "700-include_sockios.patch".

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-24 00:09:47 +02:00
Didier 'OdyX' Raboud
6febb93cfd usbmode: add Huawei E5785
This 4G/LTE modem is a WiFi hotspot, and also works as cdc_ether modem
when plugged over USB. It needs usb-modeswitching. With HuaweiNewMode,
it will modeswitch from 3426:1f01 (mass-storage) to 3426:14db
(cdc_ether).

Signed-off-by: Didier 'OdyX' Raboud <odyx@raksha.ch>
Link: https://github.com/openwrt/openwrt/pull/15497
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-23 22:49:25 +02:00
Daniel Golle
9a11bc3682 build: generate private key for APK early
Other than OPKG which only uses signed package list, APK uses
individually signed packages in addition to signed package lists. Hence,
in order to be able to generate package, the private key needs to be
generated before compiling packages. Express that dependency and
generate the private key before building any packages instead of doing
so as part of the base-files package build.

Fixes: d788ab376f ("build: add APK package build capabilities")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-22 19:28:20 +02:00
Andrew Smith
0f5c28b96b qualcommax: ipq807x support Netgear Orbi Pro SXK80
This commit adds support for Netgear Orbi Pro SXR80 and SXS80 (collectively known as SXK80)

Specifications:
---------------
* CPU: Qualcomm IPQ8074A Quad core Cortex-A53
* RAM: 1024MB
* Storage: SPI-NAND 512 MiB (Winbond W29N04GZ)
* Ethernet: 4x 1G RJ45 ports (QCA8075) 1x 2.5G RJ45 LAN/WAN (QCA8081)
* WLAN:
    - 2.4 GHz: Qualcomm QCN5024 4x4
    - 2x 5 GHz: Qualcomm QCN5054 4x4 (second radio high channels only)
* LEDs:
    - Power: (Green and red)
    - Front: (Blue, green, red and white)
* Buttons:
    - 1x Soft reset
    - 1x Sync/WPS
* Power: 12V DC Jack

Installation instructions (Telnet):
-----------------------------------

*Note, this guide assumes SXR80, for SXS80 change the firmware file name as appropriate

1. Put firmware file openwrt-qualcommax-ipq807x-netgear_sxr80-initramfs-uImage.itb in root of TFTP server available at 192.168.1.10.
2. Enable telnet by going to http://[ip of device]/debug.htm and clicking on the tickbox 'Enable telnet'
3. Telnet into the device and login using the same username and password as the web interface:
4. Run the following command:

`fw_setenv bootcmd 'env default -a; saveenv; reset'`

5. Reboot the router, once the web interface is available again re-enable telnet via http://[ip of device]/debug.htm and telnet into the device.

6. Run the following command:

`fw_printenv`

It should look similar to the below:

```
baudrate=115200
bootargs=console=ttyMSM0,115200n8
bootcmd=mii write 0x0 0x0 0x800; sleep 1; nmrp; bootdni; boot_DNI_secureboot
bootdelay=2
ipaddr=192.168.1.1
netmask=255.255.255.0
serverip=192.168.1.10
soc_version_major=2
soc_version_minor=0
```

**If you see the message:**
`Warning: Bad CRC, using default environment`
**DO NOT CONTINUE, YOU WILL BRICK YOUR DEVICE**

7. Run the following command:

`fw_setenv originalboot 'mii write 0x0 0x0 0x800; sleep 1; nmrp; bootdni; boot_DNI_secureboot'`

(This should match what's in the bootcmd variable displayed in step 6)

8. Run the following commands:
```
fw_setenv wrttftp 'mii write 0x0 0x0 0x800; sleep 1; nmrp; if tftpboot openwrt-qualcommax-ipq807x-netgear_sxr80-initramfs-uImage.itb; then bootm; fi; bootdni; boot_DNI_secureboot'
fw_setenv wrtboot 'mii write 0x0 0x0 0x800; sleep 1; nmrp; nand read 0x40000000 0x1980000 0x06d00000; bootm 0x40000000'
fw_setenv bootcmd 'run wrttftp'
```

9. Ensure SXR/S device is attached via ethernet (LAN port) to the same ethernet segment as the TFTP server.

10. Reboot the device, it should reboot into OpenWrt and be available on 192.168.1.1

11. Once OpenWrt has booted, update the bootcmd using the following command:

`fw_setenv bootcmd 'run wrtboot'`

12. Flash the sysupgrade image

13. It should boot into OpenWrt

References to SXK80 GPL source:
https://www.downloads.netgear.com/files/GPL/SXK80-V3.2.0.108_gpl_src.tar.bz2.zip

Signed-off-by: Flole Systems <flole@flole.de>
Signed-off-by: Andrew Smith <gul.code@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/14939
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-22 14:51:36 +02:00
Robert Marko
1082c6556e kernel: qca-nss-dp: add back printing attached PHY-s
During the last update to 12.5.r2 printing of the attached PHY-s was
removed, so lets bring it back as it is very helpfull for debugging
OpenWrt issues without users having to modify NSS-DP to know if a PHY
was attached.

Refresh patches since nss_dp_main.c was edited.

Link: https://github.com/openwrt/openwrt/pull/15537
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-21 12:29:33 +02:00
John Crispin
a46ebf6fc2 uboot-mediatek: add support for OpenWrt One
Signed-off-by: John Crispin <john@phrozen.org>
2024-05-21 10:26:06 +02:00
John Crispin
9746b6f1fc uboot-mediatek: add USB support to mt7981.dtsi
Signed-off-by: John Crispin <john@phrozen.org>
2024-05-21 10:26:06 +02:00
John Crispin
41655c81c1 arm-trusted-firmware-mediatek: add mt7981-nor-ddr4 and mt7981-spim-nand-ubi-ddr4 builds
Signed-off-by: John Crispin <john@phrozen.org>
2024-05-21 10:26:06 +02:00
Felix Fietkau
bc5d9779da mt76: install mt7981_eeprom_mt7976_dbdc.bin to STAGING_DIR_IMAGE
It will be used in the image building code

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-21 10:13:31 +02:00
Felix Fietkau
ed23d4d00d mt76: update to Git HEAD (2024-05-17)
8f301a5c5fe3 firmware: add mt7981 default eeprom
2d264aecbf5a mt76: mt7915: make pre-cal freq lists static const
d9c62742bed6 wifi: mt76: make const arrays in functions static
8986ba5492a8 wifi: mt76: mt7921: cqm rssi low/high event notify
3afbb8ed8015 wifi: mt76: mt7996: let upper layer handle MGMT frame protection
1d0bd57e5889 wifi: mt76: mt7921e: add LED control support
1d6e4f7de8a6 wifi: mt76: mt7925: add EHT radiotap support in monitor mode
c40e648b8929 wifi: mt76: enable spectrum management
14d5ee9f3369 mt76: shrink mt76_queue_buf
513c131c6309 mt76: mt7603: fix mixed declarations and code

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-21 10:13:31 +02:00
Jo-Philipp Wich
61330ddef8 firewall4: update to Git HEAD (2024-05-21)
4c01d1ebf99e fw4: substitute double quotes in strings

Fixes: https://github.com/openwrt/luci/issues/7091
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-05-21 08:59:13 +02:00
Tony Ambardar
d44d35f106 libbpf: Update to v1.4.2
Update to the latest upstream release to include recent improvements and
bugfixes.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.2
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-05-21 08:02:55 +02:00
Linus Walleij
2eef4f7354 ixp4xx: Bump to kernel v6.6
The IXP4xx is well supported upstream and can readily be
supported with kernel v6.6. To simplify things after the
DTS directory was renamed, switch to v6.6 only.

Bring in some outstanding patches.

Tested on the Gateworks GW2348-4.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-05-20 21:04:08 +02:00
Paul Spooren
5a5d126954 apk: update to latest HEAD 2024-05-19
Upstream refactoring caused some mbedtls issues, now fixed again.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-20 18:10:42 +03:00
Rui Salvaterra
2b8e875a85 linux-firmware: realtek: update rtl8821ae firmware
A newer version, rtl8821aefw_29.bin, has been available for over 7 years [1].
Let's use it.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f70e4df2b384d21e36a7c30a591639592692e0ec

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2024-05-20 14:06:42 +01:00
Yuu Toriyama
65c1f0d433 wireless-regdb: update to 2024.05.08
Changes:
  73529a8 Revert "wireless-regdb: Update and disable 5470-5730MHz band according to TPC requirement for Singapore (SG)"
  87941e4 wireless-regdb: Update regulatory rules for Taiwan (TW) on 6GHz
  33797ae wireless-regdb: update regulatory database based on preceding changes

Signed-off-by: Yuu Toriyama <PascalCoffeeLake@gmail.com>
2024-05-19 16:17:44 +03:00
Felix Fietkau
59ac0440b1 mediatek: convert mt7988a-rfb to keep bl31/uboot in UBI
Add ubi volumes for mt7988a-rfb and support for using factory data
for Ethernet MAC addresses and MT7996 WLAN calibration data.
Also add rootdisk handle. Removes the need to keep using nmbm

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-19 09:47:04 +02:00
Felix Fietkau
3bc9ac2942 uboot-mediatek: add missing options for mt7988-rfb
Fixes autoboot and storing env in UBI

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-19 09:47:04 +02:00
Paul Spooren
99636d4dd8
apk: update to latest HEAD 2024-05-18
Drop downstream mbedtls patch since it went upstream.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Link: https://github.com/openwrt/openwrt/pull/15522
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-18 15:05:55 +02:00
Paul Spooren
a96354bcfb
base-files: correctly split install-key function for APK
The function incorrectly tried to APK keys even if there were none.
Correctly separate it into its own `ifdef` section.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Link: https://github.com/openwrt/openwrt/pull/15519
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-17 23:34:23 +03:00
Paul Spooren
b773ca1a96 apk: disable helptext for host build
The host build would need Lua to compile which currently adds a race
condition. Instead of tracking that down just disable helptext for the
host build.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 23:21:26 +03:00
Paul Spooren
bcc641504d base-files: add compatibility for APK and OPKG
Both package managers work slightly different, i.e. stores files at
different places. Modify the `functions.sh` file to cover those.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 23:21:26 +03:00
Paul Spooren
3010ab87bc base-files: add update_alternatives function
The APK package manager does not support handling of package
alternatives itself, so implement it via a simple shell script.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 23:21:26 +03:00
Paul Spooren
d788ab376f build: add APK package build capabilities
A new option called `USE_APK` is added which generated APK packages
(.apk) instead of OPKG packages (.ipk).

Some features like fstools `snapshot` command are not yet ported

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 23:21:26 +03:00
Paul Spooren
ad4bd9c5d8 apk: add missing PROVIDES
Add PROVIDES:=apk to the Makefile so we can default to install `apk` by
default as a dependency.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 21:56:20 +03:00
Paul Spooren
081a59e0f2 rpcd: fix package dependency for APK
Version dependencies must not contain spaces to be compatible with both
OPKG and APK.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 21:55:51 +03:00
Tomasz Maciej Nowak
6832faf340 uboot-tegra: bump version to 2024.04
Since swig is mentioned as build dependency and buildbots have it
installed we can safely bump version.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2024-05-17 17:17:06 +03:00
Paweł Owoc
9bdaebaff3 qualcommax: ipq807x: add support for Linksys MX8500
Hardware specification:
========
SoC: Qualcomm IPQ8072A
Flash: 512MB (Fidelix FMND4G08S3J-ID)
RAM: 1GB (2x Kingston DDR3L D2516ECMDXGJD)
Ethernet: 1x 10/100/1000/2500/5000Mbps (Marvell AQR114C)
Ethernet: 4x 10/100/1000Mbps (Qualcomm QCA8075)
WiFi1: 6GHz ax 4x4 (Qualcomm QCN9024 + Skyworks SKY85784-11) - channels 33-229
WiFi2: 5GHz ax 4x4 (Qualcomm QCN5054 + Skyworks SKY85755-11) - channels 36-177
WiFi3: 2.4GHz ax 4x4 (Qualcomm QCN5024 + Skyworks SKY8340-11)
IoT: Bluetooth 5, Zigbee and Thread (NXP K32W041)
LED: 1x RGB status (NXP PCA9633)
USB: 1x USB 3.0
Button: WPS, Reset

Flash instructions:
========
1. Manually upgrade firmware using openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin image.
More details can be found here: https://www.linksys.com/support-article?articleNum=47547
After first boot check actual partition:
- fw_printenv -n boot_part
and install firmware on second partition using command in case of 2:
- mtd -r -e kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin kernel
and in case of 1:
- mtd -r -e alt_kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin alt_kernel

2. Installation using serial connection from OEM firmware (default login: root, password: admin):
- fw_printenv -n boot_part
In case of 2:
- flash_erase /dev/mtd21 0 0
- nandwrite -p /dev/mtd21 openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin
or in case of 1:
- flash_erase /dev/mtd23 0 0
- nandwrite -p /dev/mtd23 openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin
After first boot install firmware on second partition:
- mtd -r -e kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin kernel
or:
- mtd -r -e alt_kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin alt_kernel

3. Installation from initramfs image using USB drive:
Put the initramfs image on the USB drive:
- dd bs=1M if=openwrt-qualcommax-ipq807x-linksys_mx8500-initramfs-uImage.itb of=/dev/sda
Stop u-boot and run:
- usb start && usbboot $loadaddr 0 && bootm $loadaddr
Write firmware to the flash from initramfs:
- mtd -e kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin kernel
and:
- mtd -r -e alt_kernel -n write openwrt-qualcommax-ipq807x-linksys_mx8500-squashfs-factory.bin alt_kernel

4. Back to the OEM firmware:
- mtd -e kernel -n write FW_MX8500_1.0.11.208937_prod.img kernel
and:
- mtd -r -e alt_kernel -n write FW_MX8500_1.0.11.208937_prod.img alt_kernel

5. USB recovery:
Put the initramfs image on the USB:
- dd bs=1M if=openwrt-qualcommax-ipq807x-linksys_mx8500-initramfs-uImage.itb of=/dev/sda
Set u-boot env:
- fw_setenv bootusb 'usb start && usbboot $loadaddr 0 && bootm $loadaddr'
- fw_setenv bootcmd 'run bootusb; if test $auto_recovery = no; then bootipq; elif test $boot_part = 1; then run bootpart1; else run bootpart2; fi'

AQR firmware:
========
1. Firmware loading:
To properly load the firmware and initialize AQR PHY, we must use the u-boot aq_load_fw function.
To do this, you need to modify u-boot env:
With USB recovery:
- fw_setenv bootcmd 'aq_load_fw; run bootusb; if test $auto_recovery = no; then bootipq; elif test $boot_part = 1; then run bootpart1; else run bootpart2; fi'
and without:
- fw_setenv bootcmd 'aq_load_fw; if test $auto_recovery = no; then bootipq; elif test $boot_part = 1; then run bootpart1; else run bootpart2; fi'

2. Firmware updating:
Newer firmware (AQR-G4_v5.6.5-AQR_WNC_SAQA-L2_GT_ID45287_VER24005.cld) is available in the latest OEM firmware.
To load this firmware via u-boot, we need to add the MBN header and update 0:ethphyfw partition.
For MBN header we can use script from this repository: https://github.com/testuser7/aqr_mbn_tool
- python aqr_mbn_tool.py AQR-G4_v5.6.5-AQR_WNC_SAQA-L2_GT_ID45287_VER24005.cld
To update partition we need to install kmod-mtd-rw package first:
- insmod mtd-rw.ko i_want_a_brick=1
- mtd -e /dev/mtd26 -n write aqr_fw.mbn /dev/mtd26

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14883
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-16 20:27:36 +02:00
Paweł Owoc
0354f6baae qca-ssdk: add patch to support AQR114C-B0 PHY
Add support for AQR114C-B0 PHY.

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14883
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-16 20:27:36 +02:00
David Adriao
8b0fa6d30b mac80211: Add support for RTL8723BE
This adds support for the RTL8723BE PCIe Wi-Fi Adapter by adding backports drivers

Signed-off-by: David Adriao <davidadriao@dglitch.com>
[Do not remove rtl8xxxu and add dependency to rtl8723be-firmware]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-16 12:40:02 +03:00
Martin Schiller
daa109b42f lantiq: ltq-adsl-mei: use platform_get_irq to get irqs
This is required for linux-6.1 compatibility.

IRQs are not automatically mapped from HW to virtual IRQ numbers when
the IRQ domain is registered. This happens when the IRQ number is read
from the device tree based on the IRQ domain from the device tree now.
In kernel 5.15 it was done when the IRQ domain was registered.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Martin Schiller
807d9a0f62 lantiq: ltq-vmmc: get irqs from kernel-in-tree vmmc driver
Let's get the IRQs from the kernel-in-tree vmmc driver like it is
already done for the cp1 base addr.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Martin Schiller
5c9817775e lantiq: ltq-vmmc: fix write beyond size of field
This fixes the write beyond size of field compile warning/error.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Martin Schiller
c143fd9091 lantiq: ltq-atm: use platform_get_irq to get irqs
This is required for linux-6.1 compatibility.

IRQs are not automatically mapped from HW to virtual IRQ numbers when
the IRQ domain is registered. This happens when the IRQ number is read
from the device tree based on the IRQ domain from the device tree now.
In kernel 5.15 it was done when the IRQ domain was registered.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Martin Schiller
52719d90c2 lantiq: ltq-ptm: use platform_get_irq to get irqs
This is required for linux-6.1 compatibility.

IRQs are not automatically mapped from HW to virtual IRQ numbers when
the IRQ domain is registered. This happens when the IRQ number is read
from the device tree based on the IRQ domain from the device tree now.
In kernel 5.15 it was done when the IRQ domain was registered.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Martin Schiller
7bc487c12e kernel: ltq-vdsl-vr9-mei: fix warning about field-spanning write
We need to use unsafe_memcpy() here, because the code do the field-
spanning write intentionally.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Hauke Mehrtens
11baab9fac lantiq: Fix compile of lantiq components with kernel 6.1
This makes the components used on the lantiq SoCs compile with kernel
6.1.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
[also fix ifxmips_ptm_adsl.c]
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-15 08:54:58 +02:00
Georgi Valkov
eb1b022043 opkg: fix stray \ warnings with grep-3.8
We simply grep for "src/". So no need for "\/".
Furthermore, since grep-3.8 this creates warnings.

As written in the grep-3.8 announcement:
  Regular expressions with stray backslashes now cause warnings, as
  their unspecified behavior can lead to unexpected results.
  For example, '\a' and 'a' are not always equivalent
  <https://bugs.gnu.org/39678>.

Fixes a warning during the first boot:
  grep: warning: stray \ before /

Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
2024-05-14 00:27:12 +02:00
Rosen Penev
4f87a4d84f gpio-nct5104d: fix compilation with kernel 6.6
gpio.h has been deprecated for a while and no longer compiles with 6.6.
Include the proper header.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15471
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-13 10:15:17 +02:00
Yanase Yuki
f1b4fc4c47 audit: fix compile error on some systems
On Fedora 40, -Wimplictit-function-declaration error
is occur when compiling audit package.

Upstream fixed this problem, so backport the patch.
https://github.com/linux-audit/audit-userspace/pull/371

Signed-off-by: Yanase Yuki <dev@zpc.st>
Link: https://github.com/openwrt/openwrt/pull/15441
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-13 10:12:06 +02:00
Rui Salvaterra
da0cd9d764 mtd: fix build with GCC 14
Also fix a couple of warnings while at it.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2024-05-12 12:49:39 +01:00
Robert Marko
856840d953 kernel: qca-ssdk: use bash as shell
Currently, trying to compile qca-ssdk on macOS will fail in a weird way:
make[6]: *** No rule to make target 'openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-qualcommax_ipq807x/qca-ssdk-2024.04.17~3d060f7a/-n',
needed by 'openwrt/build_dir/target-aarch64_cortex-a53_musl/linux-qualcommax_ipq807x/qca-ssdk-2024.04.17~3d060f7a/qca-ssdk.o'. Stop.

After looking looking at src_list.dep from which KBuild cmd_mod will
generate the list of objects to compile it looked like:
-n /src/adpt/adpt.c
-n
-n

Which was rather suspicous so after comparing to the same file but with
Fedora as host:
/src/adpt/adpt.c src/adpt/hppe/adpt_hppe_fdb.c src/adpt/hppe/adpt_hppe_mib.c

It was clear that echo -n which was used in SSDK-s target.mk was not
working as intented, and it looked like the POSIX only version of echo
was being used which does not honor -n.

So, after failling to reproduce it externally, replacing the call to echo
with a full path to coreutils echo fixed the compilation.

After further debugging, it was determined that SSDK does not honor
CONFIG_SHELL like other kernel modules so it was defaulting to /bin/sh as
the shell make was calling thus calling the /bin/sh built-in echo which on
macOS is the old Bash 3.2 one and it does not respect -n.

So, we have to explicitly pass SHELL=$(BASH) to SSDK to make it use bash
like kernel build or other kernel modules.

This is not an issue since on macOS we always build bash anyway.

Link: https://github.com/openwrt/openwrt/pull/15459
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-12 11:38:51 +02:00
Kevin Abraham
1045bd4a04 uboot-envtools: ath79: remove env config for Senao Loader devices
uboot-envtools can automatically parse the 'u-boot,env' compatible string from the dts.

Signed-off-by: Kevin Abraham <kevin@westhousefarm.com>
2024-05-11 16:57:28 +02:00
Kevin Abraham
1dd036a659 ath79: add support for Senao Engenius ENS1750
FCC ID: A8J-EWS660AP

Engenius ENS1750 is an outdoor wireless access point with
2 gigabit ethernet ports, dual-band wireless,
internal antenna plates, and 802.3at PoE+

Engenius EWS660AP, ENS1750, and ENS1200 are "electrically identical,
different model names are for marketing purpose" according to docs
provided by Engenius to the FCC.

**Specification:**

  - QCA9558 SOC		2.4 GHz, 3x3
  - QCA9880 WLAN	mini PCIe card, 5 GHz, 3x3, 26dBm
  - AR8035-A PHY	RGMII GbE with PoE+ IN
  - AR8033 PHY		SGMII GbE with PoE+ OUT
  - 40 MHz clock
  - 16 MB FLASH		MX25L12845EMI-10G
  - 2x 64 MB RAM
  - UART at J1		populated, RX grounded
  - 6 internal antenna plates (5 dbi, omni-directional)
  - 5 LEDs, 1 button (power, eth0, eth1, 2G, 5G) (reset)

**MAC addresses:**

  Base MAC addressed labeled as "MAC"
  Only one Vendor MAC address in flash

  eth0 *:d4 MAC art 0x0
  eth1 *:d5 --- art 0x0 +1
  phy1 *:d6 --- art 0x0 +2
  phy0 *:d7 --- art 0x0 +3

**Serial Access:**

  the RX line on the board for UART is shorted to ground by resistor R176
  therefore it must be removed to use the console
  but it is not necessary to remove to view boot log

  optionally, R175 can be replaced with a solder bridge short

  the resistors R175 and R176 are next to the UART RX pin

**Installation:**

  2 ways to flash factory.bin from OEM:

  Method 1: Firmware upgrade page:

    OEM webpage at 192.168.1.1
    username and password "admin"
    Navigate to "Firmware Upgrade" page from left pane
    Click Browse and select the factory.bin image
    Upload and verify checksum
    Click Continue to confirm and wait 3 minutes

  Method 2: Serial to load Failsafe webpage:

    After connecting to serial console and rebooting...
    Interrupt uboot with any key pressed rapidly
    execute `run failsafe_boot` OR `bootm 0x9fd70000`
    wait a minute
    connect to ethernet and navigate to
    "192.168.1.1/index.htm"
    Select the factory.bin image and upload
    wait about 3 minutes

**Return to OEM:**

  If you have a serial cable, see Serial Failsafe instructions
  otherwise, uboot-env can be used to make uboot load the failsafe image

  ssh into openwrt and run
  `fw_setenv rootfs_checksum 0`
  reboot, wait 3 minutes
  connect to ethernet and navigate to 192.168.1.1/index.htm
  select OEM firmware image from Engenius and click upgrade

**TFTP recovery:**

  Requires serial console, reset button does nothing

  rename initramfs.bin to '0101A8C0.img'
  make available on TFTP server at 192.168.1.101
  power board, interrupt boot
  execute tftpboot and bootm 0x81000000

**Format of OEM firmware image:**

  The OEM software of ENS1750 is a heavily modified version
  of Openwrt Kamikaze. One of the many modifications
  is to the sysupgrade program. Image verification is performed
  simply by the successful ungzip and untar of the supplied file
  and name check and header verification of the resulting contents.
  To form a factory.bin that is accepted by OEM Openwrt build,
  the kernel and rootfs must have specific names...

    openwrt-ar71xx-generic-ens1750-uImage-lzma.bin
    openwrt-ar71xx-generic-ens1750-root.squashfs

  and begin with the respective headers (uImage, squashfs).
  Then the files must be tarballed and gzipped.
  The resulting binary is actually a tar.gz file in disguise.
  This can be verified by using binwalk on the OEM firmware images,
  ungzipping then untaring.

  Newer EnGenius software requires more checks but their script
  includes a way to skip them, otherwise the tar must include
  a text file with the version and md5sums in a deprecated format.

  The OEM upgrade script is at /etc/fwupgrade.sh.

  OKLI kernel loader is required because the OEM software
  expects the kernel to be no greater than 1536k
  and the factory.bin upgrade procedure would otherwise
  overwrite part of the kernel when writing rootfs.

Note on PLL-data cells:

  The default PLL register values will not work
  because of the external AR8035 switch between
  the SOC and the ethernet port.

  For QCA955x series, the PLL registers for eth0 and eth1
  can be see in the DTSI as 0x28 and 0x48 respectively.
  Therefore the PLL registers can be read from uboot
  for each link speed after attempting tftpboot
  or another network action using that link speed
  with `md 0x18050028 1` and `md 0x18050048 1`.

  The clock delay required for RGMII can be applied
  at the PHY side, using the at803x driver `phy-mode`.
  Therefore the PLL registers for GMAC0
  do not need the bits for delay on the MAC side.
  This is possible due to fixes in at803x driver
  since Linux 5.1 and 5.3

Tested-by: Kevin Abraham <kevin@westhousefarm.com>
Signed-off-by: Kevin Abraham <kevin@westhousefarm.com>
2024-05-11 16:57:28 +02:00
Sven Wegener
0162174e7e ubnt-ledbar: adapt for kernel v6.6
Linux kernel commit torvalds/linux@b8a1a4cd5a
added a temporary probe_new member to struct i2c_driver, to drop the
rarely used second parameter of the probe function and not break API for
out of tree drivers. With torvalds/linux@5eb1e6e459,
which is part of v6.6, this probe_new member is dropped and the
signature of the probe function is updated.

ubnt-ledbar is used by the mediatek and ramips targets and both have
been updated to v6.6, so adapt the probe function signature and remove
other compat code for versions before v6.6.

Signed-off-by: Sven Wegener <sven.wegener@stealer.net>
Link: https://github.com/openwrt/openwrt/pull/15443
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-11 12:38:13 +02:00
Thomas Winkler
140b48a9e9 base-files: fix uid/gid auto-enumeration to avoid 16-bit limit
uid/gid range should be limited to 16bit unsigned integer range to
avoid "wraparound" issues with permissions where jffs2
is employed for storage and chown 65536 (first auto-created user)
becomes equivalent to chown 0

Fixes: #13927

Signed-off-by: Thomas Winkler <tewinkler86@gmail.com>
2024-05-10 22:39:57 +02:00
Álvaro Fernández Rojas
752f6bf64e bcm27xx-utils: update to latest version
Full changelog:
e65f5ec102...451b9881b7

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-05-10 09:17:52 +02:00
Álvaro Fernández Rojas
eee2300026 bcm27xx-gpu-fw: update to v1.20240424
This includes multiple updates for BCM2711 and BCM2712.

Full changelog:
0968de2871...1.20240424

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-05-10 09:15:15 +02:00
Rosen Penev
39f595d1d8 gperf: build as C++11
Newer compilers default to building with C++17 as default, which has the
register keyword removed and thus errors.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-05-10 00:11:10 +02:00
Konstantin Demin
2cd414c33e dropbear: clarify DROPBEAR_MODERN_ONLY option
don't mention SHA1 in order to not confuse users - SHA1 support is already disabled (except RSA-SHA1 signagures).

ref: https://github.com/openwrt/openwrt/issues/15281

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-05-09 19:35:36 +02:00
Konstantin Demin
f230d00e64 dropbear: bump to 2024.85
- update dropbear to latest stable 2024.85;
  for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- drop cherry-picked patches (merged in release 2024.84)
- refresh remaining patches

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-05-09 19:35:20 +02:00
Jo-Philipp Wich
51c70e459d ucode: update to Git HEAD (2024-05-09)
cfe137be068a uci: remove incorrectly documentated reorder() parameter
e8d78a26da0c lib: introduce socket library
a0ad1d127ae6 build: fix symbol and library detection
674f65ee551d jsdoc: disable default module titles
a33d16a86493 socket: rework error handling
e2b81d869222 uloop: add documentation
953f36c96e8a socket: make socket.send() accept non-string data
f211d5ac666f ubus: fix uc_ubus_have_uloop for eloop+uloop combination
0662de64bd1f socket: add AF_PACKET socket type support
b594ff8a2841 socket: remove leftover debug code
0d823e702bfe socket: fix addrinfo() with omitted service argument

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-05-09 00:56:56 +02:00
Daniel Golle
4e53a3f47e mtd-utils: nand-tuils: build and package 'nandbiterrs'
The 'nandbiterrs' tool is useful to find out of bit error correction of
NAND is working as expected by deliberately introducing bit errors and
telling up to which number they can be corrected.

Enable build of the testing tools and package the 'nandbiterrs' tool as
part of the nand-utils package.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-08 22:26:02 +01:00
Daniel Golle
71e3e3b892 uboot-mediatek: bpi-r2: fix root= default cmdline parameter
With the switch from the uImage.FIT partition parser to fitblk the
cmdline needs to be adjusted as well. Do this now as it has been
forgotten when the switch was done.

Fixes: 6368ed1ae5 ("mediatek: mt7623: phase out uImage.FIT partition parser")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-05-08 01:54:32 +01:00
Christian Marangi
21ddd1164d
odhcpd: update to Git HEAD (2024-05-08)
99dd990690bc treewide: refactor pref(erred) to preferred_lt (lifetime)
4c2b51eab368 treewide: refactor valid to valid_lt (lifetime)
3b4e06055900 router: inherit user-assigned preferred_lifetime
e164414aa184 router: limit prefix preferred_lt to valid_lt in accordance with RFC4861
a2176af7bdeb treewide: spell-fixes and new comments for extra clarification
4590efd3a2b3 treewide: normalize spaces to tabs
2edc60cb7c7a router: rename minvalid to lowest_found_lifetime
7ee72ee17bfa router: disambiguate and clarify 'no route' messages
a29882318a4c config: set RFC defaults for preferred lifetime

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-08 00:11:19 +02:00
Felix Fietkau
c9709d38cb arm-trusted-firmware-mediatek: add ram-download bl2 images
Support for MT7981-MT7988. Can be used for mtk_uartboot recovery

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-07 22:02:55 +02:00
Felix Fietkau
1a2c171909 mbedtls: export cmake files
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-07 12:50:27 +02:00
Kristian Skramstad
a5d12e7839 kernel: qca-nss-dp: update to 12.5.r2 for kernel 6.6
There is a new branch 12.5.r2 for kernel 6.6, so refresh
and update patches.

Delete patch 0010-nss-dp-include-net-netdev_rx_queue.h.patch

Changes:
2024-04-04 -5bf8b91 [qca-nss-dp] Adding support for port ID 3 & 4 in MHT switch
2024-03-28 -ce1e4cf [qca-nss-dp] Use skb_queue_head_init instead of __skb_queue_head_init.
2024-03-11 -0d26366 [qca-nss-dp] Read MHT LAN port status for ErP phase2
2024-03-22 -8382f14 [qca-nss-dp] Fix compilation issues seen on ginger branch for Miami profile
2023-05-02 -09b0983 [qca-nss-dp] vp list processing for capwap
2024-02-22 -bc09a01 [qca-nss-dp] EDMA ring reset for PPE-DS
2024-03-12 -2fcb586 [qca-nss-dp] Fix the EDMA clock frequency for the mitigation timer configuration
2024-02-23 -44ba1be [qca-nss-dp] Add API to retrieve ethernet netdevs for ErP
2024-02-09 -a5979b7 [qca-nss-dp] send napi and ip checksum for VP handler
2024-01-12 -1b9cb5d qca-nss-dp: User netdev_alloc_skb_fast instead of dev_alloc_skb
2024-01-08 -a859b48 [qca-nss-dp] NAPI Budget and EDMA Rx size change for KPI improvement.
2024-01-06 -8935523 [qca-nss-dp] Offload L3, L4 checksum to hardware for ppe-vp.
2023-12-07 -bbd9547 [qca-nss-dp] Fix Compilation issues on kernel6.6
2023-10-12 -bc55f75 [qca-nss-dp]: Enable legacy SCS for PPE-VP.
2023-09-08 -6bd771f [qca-nss-dp] Invalidate secondary descriptor before use.
2023-12-19 -b143df8 [qca-nss-dp] Fixed nss_dp_hal_hw_reset functionality for ipq53xx.
2023-12-16 -7cfde1d [qca-nss-dp] Added nss_dp_hal_hw_reset functionality for ipq53xx.
2023-11-02 -70af6c2 [qca-nss-dp] Implement EDMA hang recovery support
2023-11-27 -2202b29 [qca-nss-dp] Add support for adding the link speed for the Miami's port connected to the internal Switch.
2023-12-06 -bef68a8 [qca-nss-dp] Resolve ring utilization reporting issue in EDMA driver
2023-12-06 -eaa7627 [qca-nss-dp] Add/Delete static fdb entries only for physical ports
2023-10-16 -4551d0f [qca-nss-dp]: Support HLOST_TID_override from PPE_VP path.
2023-11-09 -42ad3f3 [qca-nss-dp] Correct the NAPI poll implementation for DS Rx fill handling
2023-10-16 -dfeb7d3 [qca-nss-dp] Check for disabled ethernet port in ErP functions
2023-11-09 -42ad3f3 [qca-nss-dp] Correct the NAPI poll implementation for DS Rx fill handling
2023-10-16 -dfeb7d3 [qca-nss-dp] Check for disabled ethernet port in ErP functions
2023-09-22 -03f83d6 [qca-nss-dp] Correct the mht device flag
2023-08-18 -5efd7f4 [qca-nss-dp] Add EDMA Tx rings for MHT ports
2023-09-11 -7808ba2 [qca-nss-dp] Move DP standby code to new file and use new SSDK API
2023-09-28 -22ade1e [qca-nss-dp] : enable PPE-DS support in 6.x kernel
2023-08-28 -1943922 [qca-nss-dp] Support for bitmap based CPU selection.
2023-08-16 -dcb82a7 qca-nss-dp: 512M profile changes for Miami+Pebble
2023-09-01 -18e51f3 [qca-nss-dp] Fix tx descriptor completion error.
2023-08-28 -0bfde2d [qca-nss-dp] Changes to enable ErP mode
2023-09-05 -f1d635a [qca-nss-dp] Enable fast recycled changes in dp for kernel 6.1
2023-06-15 -55d35bd [qca-nss-dp] Tracking the full utilization of EDMA rings
2023-08-25 -89b9c19 [qca-nss-dp] Restricting the MTU as 9216 for all interfaces in DP
2023-01-03 -5098a4f [qca-nss-dp] Requeue Tx packet in case of Tx-failure.
2023-04-06 -3576dbb [qca-nss-dp] Adding tx napi with four queue per interface.
2023-08-10 -d2b6921 [qca-nss-dp] : changes to support ppe-qdisc for linux 6.x
2023-08-08 -a1941fb [qca-nss-dp] moving SET_NETDEV_DEV for all netdev to set.
2023-07-18 -74d3178 [qca-nss-dp] Reordering the CPU code and ACL index processing.
2023-06-30 -ab03139 [qca-nss-dp] Configure port level PPE offload flag in PPE
2023-06-06 -e9bb8c5 [qca-nss-dp] Rate limit the debug logs.
2023-07-18 -43afb9b [qca-nss-dp] Support Core selection for PPE mirrored packets.
2023-07-11 -92edcfd [qca-nss-dp] Add sysctl to invalidate RX secondary descriptor.

Tested and working on WAX620.

Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Link: https://github.com/openwrt/openwrt/pull/15383
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-07 10:04:00 +02:00
Sean Khan
cae1b504e9 kernel: qca-ssdk: update to 12.5 for kernel 6.6
Qualcomm recently committed a new branch (12.5.r2) targeting kernel
6.6. This lets us clean up a few patches particularly the one for
"C22/C45" mdio.

A quick way to see what changed for IPQ807x/6018 was to list the files produced
during build (**/*.o), replace the extension with ".c", and doing a
`git log`.

Filtering from those commits, ones of particular interest are listed
below:

```
2024-04-16 - 0d8f30aa - fix compile issue on hk with linux style build
2024-01-29 - 636464f7 - update the check for port link notify
2024-01-24 - 30c10e7f - enable and disable loopback for xgmac to fix qm stuck issue
2024-01-15 - b6ea10aa - update the the APIs to access switch
2024-01-08 - a1687502 - Disable Tx bridge mac before power off the PHY
2024-01-07 - 3eafb613 - support led configure for malibu phy
2024-01-07 - 5c1af60d - remove phy type check from mac reset when mode switch
2023-12-17 - 79d0b1e8 - remove the PHY access APIs in ssdk_plat.c
2023-12-16 - b2953740 - Update mii read/write functions
2023-12-11 - 37f2eac3 - add port id check for fdb entry
2023-12-11 - d040ca4d - support mdio clause45 on kernel6.6
2023-12-07 - 11494fbc - use barrier mw() during access fdb entry table
2023-12-03 - 8e40a284 - fix build warnings on kernel6.6
2023-11-10 - 10aa0a02 - change speed value when call ssdk_port_link_notify
2023-11-06 - ee4c4a60 - Update mac bitmap value of L3 table on MAC delete
2023-11-03 - 7cd27d39 - support 10G phy common feature
2023-10-30 - 383cc0d2 - fix mactype and mux select issue
2023-10-24 - decf534a - support autoneg status query on force port
2023-10-11 - 111d574e - move ssdk_led_init to regi_init
2023-10-08 - 6b14c142 - the combo port also need to parse SFP pins
2023-10-03 - fb2e0401 - fix port5 interface mode switch issue in erp case
```

Verified with users on QNAP 301W, NBG7815, and myself on Dynalink
DL-WRX36 that everything is functional, including LEDS.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15379
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-07 10:03:39 +02:00
Tony Ambardar
8cf28cc6a5 libbpf: Update to v1.4.1
Update to the latest upstream release to include recent improvements and
bugfixes.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.1
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-05-06 22:41:31 +02:00
Tony Ambardar
708e6b840e kselftests-bpf: update for kernel 6.6
Enable building multiple test programs and related kernel modules, with
initial support for the bpf_testmod.ko module required since kernel 6.4.
Explicitly disable LTO and clean up makefile variables and formatting.

Fix a musl-related build failure by adding a kernel 6.6 patch:

     360-selftests-bpf-portability-of-unprivileged-tests.patch

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-05-06 22:39:18 +02:00
Joel Low
587f3531fa
uboot-envtools: add env settings for ubnt,unifi-6-lr-v2
This has been tested on two of my Unifi 6 LR v2s:

```bash
$ fw_printenv # before
Cannot parse config file '/etc/fw_env.config': No such file or directory
$ cat /etc/fw_env.config
/dev/mtd3 0x0000 0x1000 0x1000 1
$ fw_printenv
arch=arm
baudrate=115200
board=mt7622_evb
board_name=mt7622_evb
bootcmd=bootubnt
bootdelay=3
bootfile=uImage
cpu=armv7
device_model=U6-LR
ethact=mtk_eth
ethaddr=<redacted>
ethcard=AQR112C
ipaddr=<redacted>
is_default=true
loadaddr=0x5007FF28
macaddr=<redacted>
serverip=<redacted>
soc=mt7622
stderr=serial
stdin=serial
stdout=serial
vendor=mediatek
is_ble_stp=true
```

I had to reverse-engineer the working settings above to the UCI script.

Signed-off-by: Joel Low <joel@joelsplace.sg>
Link: https://github.com/openwrt/openwrt/pull/13897
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-06 13:49:19 +02:00
Sergey Ponomarev
1d4b88265b
dropbear: use ssh-keygen as an alias for dropbearkey
The DropBear's dropbearkey supports limited set of arguments of
OpenSSH ssh-keygen:  -t, -q -N -Y
After the change you can generate a key with the same command.
Still many features of the original OpenSSH ssh-keygen are absent in
the dropbearkey.
If it's needed then users should install openssh-keygen package that
will replace the /usr/bin/ssh-keygen with the full version.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14174
[ wrap commit description to 80 columns ]
Link: https://github.com/openwrt/openwrt/pull/14174
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-06 13:41:43 +02:00
Martin Schiller
357fe33d2c uboot-envtools: filogic: add support for BananaPi R4 PoE
This adds support for the bpi-r4 variant with internal 2.5G PHY and
additional ethernet port instead of second sfp.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-06 09:12:05 +02:00
Martin Schiller
10bf949ea5 uboot-mediatek: bpi-r4: add support for 2.5GE PoE variant
This adds support for the bpi-r4 variant with internal 2.5G PHY and
additional ethernet port instead of second sfp.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2024-05-06 09:12:05 +02:00
Pascal Ernster
064d4a8083 libxml2: update to 2.12.6
Release Notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.6

Changelog (taken from the release notes):
- Regressions
  - parser: Fix detection of duplicate attributes in XML namespace
  - xmlreader: Fix xmlTextReaderConstEncoding
  - html: Fix htmlCreatePushParserCtxt with encoding
  - xmllint: Return error code if XPath returns empty nodeset

Compile-tested: x86_x64, Q35 VM, OpenWRT SNAPSHOT r26135-a8bfdf2ed4d9
Run-tested: x86_x64, Q35 VM, OpenWRT SNAPSHOT r26135-a8bfdf2ed4d9
Signed-off-by: Pascal Ernster <git@hardfalcon.net>
2024-05-05 21:45:52 +02:00
Rodrigo Balerdi
c904875562 ipq40xx: add support for Linksys WHW03 V1
Hardware:
=========
SOC:             Qualcomm IPQ4019
WiFi 1:          QCA4019 IEEE 802.11b/g/n
WiFi 2:          QCA4019 IEEE 802.11a/n/ac
WiFi 3:          QCA9886 IEEE 802.11a/n/ac
Bluetooth:       Qualcomm CSR8510 (A10)
Zigbee:          Silicon Labs EM3581 NCP + Skyworks SE2432L
Ethernet:        Qualcomm Atheros QCA8072 (2-port)
Flash:           Samsung KLM4G1FEPD (4GB eMMC)
RAM (NAND):      512MB
LED Controller:  NXP PCA9633 (I2C)
Buttons:         Single reset button (GPIO).

Ethernet:
=========
The device has 2 ethernet ports, configured as follows by default:
- left port: WAN
- right port: LAN

Wifi:
=====
The Wifi radios are turned off by default. To configure the router,
you will need to connect your computer to the LAN port of the device.

Bluetooth and Zigbee:
=====================
Configuration included but not tested.

Storage:
========
For compatibility with stock firmware, all of OpenWrt runs in a 136 MiB
eMMC partition (of which there are two copies, see below). You can also
use partition /dev/mmcblk0p19 "syscfg" (3.4 GiB) any way you see fit.
During very limited tests, stock firmware did not mount this partition.
However, backing up its stock content before use is recommended anyway.

Firmware:
=========
The device uses a dual firmware mechanism: it automatically reverts to
the previous firmware after 3 failed boot attempts.

You can switch to the inactive firmware copy by changing the "boot_part"
U-Boot environment variable. You can also do it by turning on the device
for a couple of seconds and then back off, 3 times in a row.

Installation:
=============
OpenWrt's "factory" image can be installed via the stock web UI:
1. Login to the UI. (The default password is printed on the label.)
2. Enter support mode by clicking on the "CA" link at the bottom.
3. Click "Connectivity", "Choose file", "Start", and ignore warnings.

This port is based on work done by flipy (https://github.com/flipy).

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15345
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-05 10:33:13 +02:00
Antonio Flores
cfb7df2991 kernel: add kmod-ata-ahci-dwc
Add kmod-ata-ahci-dwc for the rockchip target.

33629d3509

Signed-off-by: Antonio Flores <antflores627@gmail.com>
2024-05-05 00:46:48 +02:00
Antonio Flores
4a6e3e1bc8 uboot-rockchip: add Bananapi-R2 Pro support
add uboot support for Bananapi-R2 Pro

Signed-off-by: Antonio Flores <antflores627@gmail.com>
2024-05-05 00:46:48 +02:00
Weijie Gao
3f28c422ba libunwind: add support for loongarch64
Modify package depends to allow building for loongarch64.
Also fix for building with musl.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
33cd87079b openssl: add linux64-loongarch64 into the targets list
Add "linux64-loongarch64-openwrt" into openssl configurations to enable
building on loongarch64 machines.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
b98355ed0f grub2: add EFI support for loongarch64
Add a new package for loongarch64 which only supports EFI.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
159a285736 kernel: modules: video: adapt for loongarch64
* Allow kmod-acpi-video to be built for loongarch64:
The x86-specific CONFIG_ACPI_WMI will be split from default
kmod-acpi-video as a board-specific addition.

* Allow kmod-drm-amdgpu to be built for loongarch64:
Also add loongarch64-specific configs and modules.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
886a507fa6 kernel: modules: netdevices: add depedency required for loongarch64
Add TARGET_loongarch64 as dependency for kmod-mdio-devres,
kmod-mdio-gpio and kmod-switch-rtl8366-smi

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Weijie Gao
6eafcd86b8 toolchain: Disable libtsan and liblsan sanitizer on loongarch64
libtsan and liblsan are not supported by glibc on loongarch64

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:24 +08:00
Zoltan HERPAI
3f7d8e20cd sunxi: add support for Lichee Pi Zero Dock (V3s) board
CPU:     Allwinner V3s single-core Cortex-A7 @ 1.2GHz
Memory:  64Mb DDR2 integrated into SoC package
Storage: 1x SDcard on board, 1x SDcard on dock
Network: 10/100M ethernet
Other:   4x buttons via LRADC, CSI

Flashing instructions:
  Standard sunxi SD card installation procedure - copy image to SD card,
  insert into SD card slot on the device and boot.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-05-04 00:41:02 +02:00
Christian Marangi
23de46c913
xdp-tools: fix wrong matching for OPENWRT_VERBOSE
To enable verbose log for xdp-tools compilation, we check for "c" in
the OPENWRT_VERBOSE, but verbose.mk supports only "w" and "s" for V=1
and V=99.

Fix the wrong matching and correctly enable verbose output matching for
"s".

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-03 14:53:11 +02:00
Christian Marangi
0d436fc8b1
xdp-tools: refresh patches
Refresh xdp-tools patches with make package/xdp-tools/refresh

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-03 14:53:10 +02:00
Zoltan HERPAI
095efad4fe opensbi: bump to 1.4
Upgrade the OpenSBI firmware used by RISC-V CPUs to 1.4.

Runtime-tested:
 - d1 (Lichee RV)
 - sifiveu (SiFive Unleashed)

Updates since last release:

1.4:
Synopsys DesignWare APB GPIO driver
Zicntr and Zihpm support
Console print improvements
Smepmp support
Simple FDT based syscon regmap driver
Syscon based reboot and poweroff driver
Non-contiguous hpm counters
Smcntrpmf support
Full sparse hartid support
IPI improvements
RFENCE improvements
Zkr support
Andes custom PMU support

1.3.1:
ACLINT driver fix for disabled CPUs
SBI PMU fix for out-of-bound access
Designware GPIO driver

1.3:
Allow platform to influence cold boot HART selection
Starfive JH7110 platform support
Split RX and RW firmware regions
Advertise non-retentive suspend for allwinner D1 platform
Byteorder/endianness conversion macros
SBI debug console extension (Experimental)
Configure the PMA regions for RZ/Five platform
SBI system suspend extension (Experimental)
SBI PMU platform firmware events (Experimental)
SBI CPPC extension (Experimental)
Optimized remote TLB flushes
Simple heap for boot time memory allocations
Bring back no-map DT property for reserved memory nodes

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-05-03 11:09:22 +02:00
Linus Walleij
f789454df1 uboot-bmips: Add U-Boot for the BMIPS target
This is needed to boot the BCM6238-based Inteno XG6846.
Currently this is restricted to the XG6846 board.

Reviewed-by: Paul Donald <newtwen+github@gmail.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-05-01 21:30:32 +02:00
Christian Marangi
5acc4f919c
xdp-tools: fix compilation wrongly using host header
Currently it's needed to have gcc-multilib on the host to correctly
compile xdp-tools. This is wrong and means that we are using host header
to compile a tool.

By some searching in how the makefile works it was discovered that
BPF_CFLAGS were not used and required to be appended to config.mk

Only one single header was added but we should include each BPF_CFLAGS
from bpf.mk. To make this some patching to bpf-header were required and
some patches to xdp-tools were required.
Also it's needed to pass the correct target to BPF_CFLAGS.

With the following changes xdp-tools can correctly compile with each
header from bpf-headers and should not use any host header.

Co-Developed-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/11825
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-01 19:11:34 +02:00
Christian Marangi
dfcc0ff5d2
bpf-headers: fix use of netlink.h header
netlink.h header have NL_SET_ERR_MSG_MOD that is tied to kmods. We don't
need kmods on bpf tools and this cause compilation error if the header
is included. Fix it by dropping NL_SET_ERR_MSG_MOD.

Link: https://github.com/openwrt/openwrt/pull/11825
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-01 19:11:33 +02:00
Felix Fietkau
b6f1e2e5b0 ucode: fix ubus defer when running from within eloop (integrated with uloop)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-01 19:00:21 +02:00
Felix Fietkau
52a5f4491c hostapd: fix a null pointer dereference in wpa_supplicant on teardown
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-01 19:00:21 +02:00
Tianling Shen
790082098e
mediatek: switch to fitblk for JDCloud RE-CP-03
Use the new fitblk driver.

Tested-By: Yangyu Chen <cyy@cyyself.name>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-04-30 03:28:13 +01:00
Christian Marangi
4b04304713
procd: make mDNS TXT record parsing more solid
mDNS broadcast can't accept empty TXT record and would fail
registration.

Current procd_add_mdns_service checks only if the first passed arg is
empty but don't make any verification on the other args permittins
insertion of empty values in TXT record.

Example:

	procd_add_mdns "blah" \
				"tcp" "50" \
				"1" \
				"" \
				"3"

Produce:

{ "blah_50": { "service": "_blah._tcp.local", "port": 50, "txt": [ "1", "", "3" ] } }

The middle empty TXT record should never be included as it's empty.

This can happen with scripts that make fragile parsing and include
variables even if they are empty.

Prevent this and make the TXT record more solid by checking every
provided TXT record and include only the non-empty ones.

The fixed JSON is the following:

{ "blah_50": { "service": "_blah._tcp.local", "port": 50, "txt": [ "1", "3" ] } }

Fixes: b0d9dcf84d ("procd: update to latest git HEAD")
Reported-by: Paul Donald <newtwen@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15331
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-29 23:24:58 +02:00
Robert Marko
5c833329ce
arm-trusted-firmware-mvebu: refresh cryptopp hash
Well, it seems that cryptopp hash was never refreshed since calling
make package/boot/arm-trusted-firmware-mvebu/check FIXUP=1 V=s does not
actually refresh the download calls hashes so refresh it manually.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2024-04-29 13:02:23 +02:00
Robert Marko
e909746665
arm-trusted-firmware-mvebu: use SOURCE_VERSION instead of VERSION
Since ("download: don't overwrite VERSION variable") trying to download the
required sources for mvebu ATF will fail with:
Makefile:247: *** Download/mox-boot-builder is missing the SOURCE_VERSION field..  Stop.

This also broke the buildbot mvebu/cortex-a53 builds.

So, fix it by switching to SOURCE_VERSION instead.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2024-04-29 12:05:45 +02:00
Paul Spooren
00b86168bd apk: add package
APK (Alpine Package Keeper) is the package manager of Alpine Linux and
has multiple advantages over OPKG. While Alpine uses APK version 2, this
commit adds version 3 with a heavily optimised database structure and
additional feature making it suitable for OpenWrt.

This commit will be followed by many more to add APK build capabilities
to the OpenWrt build system, firstly enabling side by side builds of APK
and OPKG packages, later replacing OPKG entirely.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-04-29 11:36:03 +02:00
Hauke Mehrtens
adc29202c2 mbedtls: Remove Kconfig options removed from mbedtls 3.6.0
These options are not available in mbedtls 3.6.0 and selecting them
causes an error.

MBEDTLS_CERTS_C was removed in:
1aec64642c

MBEDTLS_XTEA_C was removed in:
10e8cf5fef

MBEDTLS_SSL_TRUNCATED_HMAC was removed in:
4a7010d1aa

Fixes: 0e06642643 ("mbedtls: Update to version 3.6.0")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-29 01:32:36 +02:00
Marius Dinu
ff0bb196eb libaudit: update to 3.1.4, join with daemon and utils, rename
Changes:
- new URL for sources (old address is dead)
- daemon and utils from packages feed are merged in here
  - only build once
  - no need to update at the same time in both places
- update to v3.1.4
  - removed unneeded patches
  - added audisp-syslog
  - removed audispd (no longer exists)
- rename and move to package/utils/audit
  - update new path in one dependent package

Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
2024-04-29 00:53:43 +02:00
Jean Thomas
30245a869e uqmi: set dangling-pointer as error
With "ebfe8b4 CMakeLists: set no-dangling-pointer" the compilation
option is set in uqmi, and can therefore be removed from no-error.

Signed-off-by: Jean Thomas <jean.thomas@wifirst.fr>
2024-04-28 23:51:19 +02:00
Jean Thomas
4d058d5e4d uqmi: update to git HEAD
e7207be uqmi: print radio interfaces in serving system command
6ef41d6 uqmi: create function to print radio interface string
e25d042 uqmi: Add basic 5G NR support
3e782be uqmi: sync data from libqmi project
368d46c uqmi: support C reserved keywords in upstream JSON files
02e42c0 reorganize source code in common and uqmi specific parts
4591f0a .gitignore build/ directories
2b57ee1 uqmi: commands-uim: fix uninitialized use of card_application_state
7c77e77 data/code-gen: add support for indications
ddbf864 qmi-struct.h: add missing includes
5320c1d move qmi_get_error_str to into utils.c
1503bc7 dev.c: add missing import strings.h
bae945f commands-nas: add missing includes
9ffd0e2 commands: make `struct blob_buf status` public
a4fbdcc commands-nas: fix gcc warning
8ff632a dev.c: add comment to qmi_request_wait()
a043a74 CMakeLists: refactor SOURCES variable to allow later adding uqmid
ebfe8b4 CMakeLists: set no-dangling-pointer
c47125d CMakeLists: improve generated files
0f64b69 CMakeLists: update cmake minimum version to 3.5

As the built uqmi binary is now moved to a dedicated directory,
update the Makefile accordingly.

Signed-off-by: Jean Thomas <jean.thomas@wifirst.fr>
2024-04-28 23:51:19 +02:00
Weijie Gao
f9e3fb59c7 libunwind: update to 1.8.1
Rebased patches:
- 003-fix-missing-ef_reg-defs-with-musl.patch
- 004-ppc-musl.patch

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-04-28 23:32:08 +02:00
Weijie Gao
8968675247 grub2: update to 2.12
compile tested: x86_64,i386,loongarch64

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
{Refresh patches}
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 23:26:35 +02:00
Hauke Mehrtens
0e06642643 mbedtls: Update to version 3.6.0
This adds support for mbedtls 3.6.0.
The 3.6 version is the next LTS version of mbedtls.
This version supports TLS 1.3.

This switches to download using git. The codeload tar file misses some
git submodules.

Add some extra options added in mbedtls 3.6.0.

The size of the compressed ipkg increases:
230933 bin/packages/mips_24kc/base/libmbedtls13_2.28.7-r2_mips_24kc.ipk
300154 bin/packages/mips_24kc/base/libmbedtls14_3.6.0-r1_mips_24kc.ipk

The removed patch was integrated upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:37 +02:00
Hauke Mehrtens
00a1671248 hostapd: Fix compile against mbedtsl 3.6
Fix compile of the mbedtls extension for hostapd.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:18 +02:00
Hauke Mehrtens
6c80f34c07 uencrypt: Fix mbedtls 3.6 compatibility
This makes it compile with mbedtls 3.6.0.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:18 +02:00
Hauke Mehrtens
0fd9acb471 uencrypt: Fix compile warnings
keylen and ivlen are of type long and not size_t.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:18 +02:00
Josef Schlehofer
1b190dfd3a uboot-mvebu: backport patch for Turris Omnia to enable LTO
Fixes issue while building package uboot-mvebu on OpenWrt 23.05:

u-boot-with-spl.kwb exceeds file size limit:
  limit:  0xf0000 bytes
  actual: 0xf0100 bytes
  excess: 0x100 bytes
make[3]: *** [Makefile:1466: u-boot-with-spl.kwb] Error 1
make[3]: *** Deleting file 'u-boot-with-spl.kwb'
make[3]: Leaving directory '/workspaces/openwrt/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/u-boot-omnia/u-boot-2024.04'
make[2]: *** [Makefile:83: /workspaces/openwrt/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/u-boot-omnia/u-boot-2024.04/.built] Error 2

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15307
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-28 11:39:42 +02:00
Fabrice Fontaine
6e5edec159 package/network/utils/iptables: fix PKG_CPE_ID
cpe:/a:netfilter:iptables is the correct CPE ID for iptables:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️netfilter:iptables

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15297
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:44:48 +02:00
Fabrice Fontaine
a4f723e04e package/libs/libjson-c: fix PKG_CPE_ID
cpe:/a:json-c:json-c is the correct CPE ID for libjson-c:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️json-c:json-c

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15292
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:44:20 +02:00
Fabrice Fontaine
289f811abb package/network/services/dropbear: fix PKG_CPE_ID
cpe:/a:dropbear_ssh_project:dropbear_ssh is the correct CPE ID for dropbear:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️dropbear_ssh_project:dropbear_ssh

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15290
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:43:58 +02:00
Robert Marko
cf3520ba66 ipq-wifi: correct PKG_MIRROR_HASH
It seems that somehow a wrong hash has been used for ipq-wifi, so refresh
it.

Fixes: f10d55df9e ("ipq-wifi: update to Git HEAD (2024-04-26)")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:29:48 +02:00
Felix Fietkau
2d6fd937c3 netifd: packet_steering: fix shell error on unset steering_flows option
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-27 20:59:52 +02:00
Felix Fietkau
994f71e0f0 netifd: fix bogus warnings in packet_steering init script
Avoids warnings if options are unset

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-27 20:57:19 +02:00
Robert Marko
0fc87ddf44
ubox: update to Git HEAD (2024-04-26)
85f1053019ca kmodloader: fix insmod path logic

Signed-off-by: Robert Marko <robimarko@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15288
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-27 13:34:13 +02:00
Paul Donald
708101c141 lldpd: fix reload bug: advertisements shall default to on
Because these capability advertisements default to on in lldpd, they
became absent at reload, and not restart, due to how the reload logic
works ( keep daemon running, send unconfigured and then the new config
via socket ), and it was not evident unless you happened to be looking
for it (e.g. via pcap or tcpdump). It was also not evident from the
manpage ( have now sent patches upstream ).

At reload time, the unconfigure logic disabled them unless they were
explicitly enabled (compare with other settings where 'unconfigure' just
resets them). Now they default to on/enabled at init time, and are
explicitly 'unconfigure'd at startup if the user disables them via:

lldp_mgmt_addr_advertisements=0
lldp_capability_advertisements=0

In other words: explicit is necessary to disable the advertisements.

The same applies to 'configure system capabilities enabled'. Technically
'unconfigure'd is the default but now it is explicit at reload.

Tested on: 23.05.3

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-27 12:11:27 +02:00
Fabrice Fontaine
27d1ebb46a package/libs/pcre2: fix PKG_CPE_ID
cpe:/a:pcre:pcre2 is the correct CPE ID for pcre2:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️pcre:pcre2

Fixes: c39b0646f3 (pcre2: import pcre2 from packages feed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-04-27 12:05:43 +02:00
Paul Donald
01cdeb531b ustp: update to Git HEAD (2023-05-29)
a85a5bc83bde netif_utils: correctly close fd on read error

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-27 11:40:04 +02:00
Stijn Tintel
f434643857 perf: fix build on PowerPC
Building perf's intel-pt-decoder fails on both PPC32 and PPC64:

/home/stijn/Development/OpenWrt/openwrt/staging_dir/toolchain-powerpc64_e5500_gcc-13.2.0_musl/lib/gcc/powerpc64-openwrt-linux-musl/13.2.0/../../../../powerpc64-openwrt-linux-musl/bin/ld.bfd:
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-powerpc64_e5500_musl/linux-qoriq_generic/linux-6.1.86/tools/
perf-target-powerpc64_e5500_musl/perf-in.o: in function `insn_set_byte':
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-powerpc64_e5500_musl/linux-qoriq_generic/linux-6.1.86/tools/perf/util/intel-pt-decoder/../../../arch/x86/include/asm/insn.h:64:
undefined reference to `__le32_to_cpu'

Add NO_AUXTRACE=1 to MAKE_FLAGS for LINUX_KARCH powerpc, which disables
build of intel-pt-decoder on both PPC32 and PPC64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2024-04-26 15:19:48 +03:00
Christian Marangi
f10d55df9e
ipq-wifi: update to Git HEAD (2024-04-26)
fab9e29f6b92 ipq6018: update regdb in TPLink EAP610-Outdoor BDF
6d02b65fadf3 ipq8074: update RegDB in new submitted BDF
644ba9ea2e66 ipq6018: update RegDB in new submitted BDF

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-26 13:28:09 +02:00
Felix Fietkau
7ebcf2fb9c netifd: add flow steering mode to the packet steering script
This allows directing processing of locally received packets to the CPUs
of the tasks receiving them

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-26 06:31:27 +02:00
Felix Fietkau
c4d394c6cc netifd: add a packet steering mode matching the old script
This spreads packet processing across all cores

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-26 06:31:27 +02:00
Tony Ambardar
098bde1f3e gettext-full: update to 0.22.5
Release Announcement:
https://savannah.gnu.org/news/?group_id=425

Refresh:
- 200-libunistring-missing-link.patch

Tested-by: Georgi Valkov <gvalkov@gmail.com> # MacOS
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-25 21:33:51 +02:00
Tim Lunn
99eb0d0e33 uboot-envtools: add env settings for Edgerouter-X
uboot-envtools is currently missing config for Edgerouter-X
and its not immediately obvious what settings to manually
apply.

Provide default configuration for envtools on Edgerouter-X.

Signed-off-by: Tim Lunn <tim@feathertop.org>
2024-04-25 21:33:16 +02:00
Linus Walleij
9c8f2d7c2d modules: Add kernel module for MV88E6xxx DSA switch
This adds a kernel module package for the Marvell
MV88E6XXX DSA switch and a separate module package for
the DSA tagger since it can in theory be used by multiple
DSA switches. Enable both DSA and EDSA tags in the
tagger.

We can't just compile this in because just a few devices
has this DSA, and it depends on e.g. the I2C and SFP
to be loaded as modules first.

We have no examples of DSA switches being packaged as
modules before, all seem to be compiled in, but it
actually works just fine to do this.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-04-24 23:15:58 +02:00
Hauke Mehrtens
f475a44c03 wolfssl: Update to 5.7.0
This fixes multiple security problems:
 * [High] CVE-2024-0901 Potential denial of service and out of bounds
   read. Affects TLS 1.3 on the server side when accepting a connection
   from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
   it is recommended to update the version of wolfSSL used.

 * [Med] CVE-2024-1545 Fault Injection vulnerability in
   RsaPrivateDecryption function that potentially allows an attacker
   that has access to the same system with a victims process to perform
   a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin
   Zhang, Qingni Shen for the report (Peking University, The University
   of Western Australia)."

 * [Med] Fault injection attack with EdDSA signature operations. This
   affects ed25519 sign operations where the system could be susceptible
   to Rowhammer attacks. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang,
   Qingni Shen for the report (Peking University, The University of
   Western Australia).

Size increased a little:
wolfssl 5.6.6:
516880 bin/packages/mips_24kc/base/libwolfssl5.6.6.e624513f_5.6.6-stable-r1_mips_24kc.ipk
wolfssl: 5.7.0:
519429 bin/packages/mips_24kc/base/libwolfssl5.7.0.e624513f_5.7.0-stable-r1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-24 23:01:03 +02:00
Hauke Mehrtens
360ac07eb9 mbedtls: Update to 2.28.8
This contains a fix for:
CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x
before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto
API mishandles shared memory.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-24 22:24:11 +02:00
Nick Hainke
6ca8305598 oxnas: drop target
The Upstream Linux community has discontinued support for the target.
Maintaining support for it downstream would require too much effort.
Moreover, it seems that the supported hardware is no longer deemed worthy
of it.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-04-24 14:12:15 +02:00
Paweł Owoc
652a6677d5 base-files: Add new functions for ath11k caldata
Add new functions for ath11k caldata:
- ath11k_patch_mac (from 0 to 5)
- ath11k_remove_regdomain
- ath11k_set_macflag (some pre-caldata have the nvMacFlag flag unset which is needed to change the MAC address)

Additionaly for ath10k caldata:
- ath10k_remove_regdomain

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
2024-04-23 22:35:57 +02:00
Stefan Kalscheuer
63dd3f74ac mwlwifi: update to version 10.4.10-20240419
This update contains a minor fix to resolve "detected write beyond size
of field" warning during compilation:
* "replace [0] with []" (1d0d08c)

All patches still apply.

References:
* https://github.com/openwrt/openwrt/issues/15108

Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
2024-04-23 22:33:56 +02:00
Connor Yoon
3569b37b15 ipq807x: add Spectrum SAX1V1K
Spectrum SAX1V1K is a AX WIFI router with 3 1G and 1 2.5G ports.
The router is provided to Spectrum customers.
It is OEM of Askey RT5010W
https://forum.openwrt.org/t/spectrum-sax1v1k-askey-rt5010w-openwrt-support/149923

It continues the original work by @MeisterLone to get this device supported.

Specifications:
```
  •  CPU: Qualcomm IPQ8072A Quad core Cortex-A53 2.2GHz
  •  RAM: 2048MB of DDR3
  •  Storage: 1024MB eMMC
  •  Ethernet: 3x 1G RJ45 ports (QCA8075) + 1 2.5G Port (QCA8081)
  •  WLAN:
     • 2.4GHz: Qualcomm QCN5024 4x4 802.11b/g/n/ax 1174 Mbps PHY rate
     • 5GHz: Qualcomm QCN5054 4x4 802.11a/b/g/n/ac/ax 2402 PHY rate

  •  LED: 1 gpio-controlled dual color led (blue/red)
  •  Buttons: 1x reset
  •  Power: 12V DC jack
```

Notes:
```
  •  This commit adds only single partition support, that means
     sysupgrade is upgrading the current rootfs partition.
  •  Installation can be done by serial connection only.
  •  A poulated serial header is onboard
     https://forum.openwrt.org/t/spectrum-sax1v1k-askey-rt5010w-openwrt-support/149923/6
  •  RX/TX is working, u-boot bootwait is active, secure boot is enabled.
```

Installation Instructions:

	**Most part of the installation is performed from an initramfs image.**

	Boot initramfs : Using serial connection
	1. Boot up the device and wait till it displays "VERIFY_IB: Success. verify IB ok"
	2. Once that message appears,
	    login with username 'root'
	    password serial number of your router in uppercase.
	3. Use vi to paste the 'open.sh' script from @MeisterLone github on your device
	    https://github.com/MeisterLone/Askey-RT5010W-D187-REV6/blob/master/Patch/open.sh
	4. chmod 755 open.sh
	5. ./open.sh
	6. Set your ip to 192.168.0.1
	7. Run a TFTP server and host the initramfs image on the TFTP server and name it "recovery.img"
	8. Reboot device. On boot it will try TFTP.

	Install OpenWrt from initramfs image:
	1. Use SCP (or other way) to transfer OpenWrt factory image
	2. Connect to device using SSH (on a LAN port)
	3. Flash firmware: sysupgrade
	   # sysupgrade -n -v /tmp/openwrt_sysupgrade.bin
	4. Set U-boot env variable: bootcmd
	   # fw_setenv bootcmd "run fix_uboot; run setup_and_boot"
	5. Reboot the device
	   # reboot
	6. Once device is booted, residue of previous firmware will prevent openwrt to work properly.
	    Factory Reset is MUST required
	    # Once serial console is displaying to login, hold reset button for 10 sec
	7. Now everything should be operational.

        Note: this PR adds only single partition support, that means sysupgrade is
              upgrading the current rootfs partition

Signed-off-by: Connor Yoon <j_connor@taliaent.com>
2024-04-23 21:48:34 +02:00
Tony Ambardar
c6e6d26f4b ubox: update to Git HEAD (2024-03-02)
d413903016c4 kmodloader: support duplicate module names and aliases
1c9aaefc119a kmodloader: fix memleak adding to avl tree
4c5c45c6beac kmodloader: fix invalid write during insmod, CodeQL warnings
6a59975afc2c kmodloader: improve memory accounting and deallocation

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-23 20:58:18 +02:00
Felix Fietkau
786e3dec01 bridger: update to Git HEAD (2024-04-22)
ec8c620fd5f4 split bridge-local disable into rx and tx
40b1c5b6be4e flow: do not attempt to offload bridge-local flows

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-22 11:02:52 +02:00
Chen Minqiang
3416144418 ppp: add sourcefilter option support
This make source based IPv6 routing option available for
ppp/pptp/pppoe/pppoa

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-22 15:11:44 +08:00
Paul Donald
4a81d868db
lldpd: extended interface(s) parsing to handle patterns
For interface type parameters, the man page documents patterns:
```
*,!eth*,!!eth1

uses all interfaces, except interfaces starting with "eth",
but including "eth1".
```

* Renamed `_ifname` to `_l2dev`.
* get the l2dev via network_get_physdev (and not l3dev)
* Glob pattern `*` is also valid - use noglob for this

The net result is that now interface 'names' including globs '*' and '!'
inversions are included in the generated lldpd configs.

Temporarily `set -o noglob` and then `set +o noglob` to disable & enable
globbing respectively, because when we pass `*` as an interface choice,
other file and pathnames get sucked in from where the init script runs,
and the `*` never makes it to lldpd.

Tested extensively on: 22.03.6, 23.05.3

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
[ squash with commit bumping release version ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-21 17:57:03 +02:00
Felix Fietkau
ea609fe486 uclient: update to Git HEAD (2024-04-19)
e8780fa7792a uclient: fix http regression

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-19 20:06:47 +02:00
Felix Fietkau
a339894691 uclient: update to Git HEAD (2024-04-19)
704c78111a92 uclient-http: use ustream_ssl without ustream_fd

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-19 18:00:23 +02:00
Felix Fietkau
7334337064 ustream-ssl: update to Git HEAD (2024-04-19)
524a76e5af78 ustream-ssl: add support for using a fd instead of ustream as backing

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-19 18:00:23 +02:00
Robert Marko
040af127e7
uboot-mvebu: update to version 2024.04
Lets update to 2024.04 in order to drop all of the patches as they have
been merged upstream.

Tested on Methode eDPU.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2024-04-19 10:50:55 +02:00
Felix Fietkau
66019e456f uclient: update to Git HEAD (2024-04-18)
c2bf660d88ec lib: add log_msg callback to get more detailed log messages
9adb4ca5219d uclient-fetch: add uclient / ustream-ssl log messages (enabled via -v)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-18 22:27:51 +02:00
Felix Fietkau
8992767956 ustream-ssl: update to Git HEAD (2024-04-18)
f9a28a9ce864 ustream-ssl: poll connection on incomplete reads
3c49e70c4622 ustream-ssl: increase number of read buffers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-18 22:27:50 +02:00
Felix Fietkau
e4453d1f81 ustream-ssl: update to Git HEAD (2024-04-18)
60d8fbb5e669 mbedtls: handle session tickets for TLS 1.3
ac42af7981ae mbedtls: add ifdefs to fix legacy compatibility
af7c3532ad49 mbedtls: another cosmetic ifdef fix

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-18 13:18:48 +02:00
Paul Donald
27edf28b11
base-files: reduce IPv6 ULA prefix generation to a single call
Reduce calls and pipes and read from urandom once directly with hexdump
for the necessary 5 bytes of random data to build the 48 bit ULA Prefix.

Fewer calls and forks; finish quicker; less memory used.

Tested on: 23.05.3

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-18 12:55:31 +02:00
Robert Marko
b0422af1b3
mac80211: ath11k: re-enable ipq807x coldboot calibration
It seems that move to kernel 6.6 somehow fixed the remoteproc restart so
now it properly restarts and thus coldboot calibration works as well.

ipq60xx still seems to be broken in a different way so keep it disabled.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-18 11:55:36 +02:00
Christian Marangi
918e2fca1e
qca-nss-dp: add patch fixing rmmod and insmod
Add patch fixing rmmod and insmod. Lots of flawed logic fixed that
permits the module to correctly rmmod and insmod later.

Just to quote some change, use phy_detach instead of phy_disconnect, fix
exclusive reset_control that could only be used once, fix kernel panic
on second edma_cleanup, stop traffic before module exit...

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-18 11:54:21 +02:00
Chukun Pan
9cef2bc224 ipq807x: add support for Zbtlink ZBT-Z800AX
Hardware specifications:
  SoC: Qualcomm IPQ8072A
  RAM: 1GB of DDR4 600MHz
  Flash1: Winbond W25Q64DW 8MB
  Flash2: MX30UF2G28AD 256MB
  WiFi1: QCN5024 2.4GHz AX 4x4
  WiFi2: QCN5054 5GHz AX 4x4
  Ethernet: 5x 1G RJ45 port
  USB: 2x USB 3.0 (1x M.2)
  Button: Reset, WPS

Flash instructions:
  Upload factory.bin in stock firmware's
  upgrade page, do not preserve settings.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-04-17 12:08:56 +02:00
Chukun Pan
74eb718871 ipq-wifi: update to version 2024-04-16
Contains following updates:

 * ipq8074: add Spectrum SAX1V1K BDF
 * ipq8074: add Zbtlink ZBT-Z800AX BDF
 * ipq8074: update regdb in Spectrum SAX1V1K BDF
 * ipq6018: add Linksys MR7350 BDF

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-04-17 12:08:56 +02:00
Chen Minqiang
44a3c18a31 qmi: add sourcefilter option support
This make source based IPv6 routing option available for qmi

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-17 12:34:27 +08:00
Chen Minqiang
044fb8fc13 mbim: add sourcefilter option support
This make source based IPv6 routing option available for mbim

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-17 12:34:27 +08:00
Chen Minqiang
01e8d822e8 ncm: add sourcefilter option support
This make source based IPv6 routing option available for ncm

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-17 12:34:27 +08:00
Chuanhong Guo
9f6a28b91e ipset: update to 7.21
release notes:
7.21: https://www.spinics.net/lists/netfilter-devel/msg85299.html
7.20: https://www.spinics.net/lists/netfilter-devel/msg85120.html
7.19: https://www.spinics.net/lists/netfilter-devel/msg82985.html

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2024-04-17 12:14:20 +08:00
Chuanhong Guo
c7fb5d4cac ipset: include libgen.h for basename
musl dropped the GNU version of basename prototype from string.h
in 1.2.5.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2024-04-17 12:14:20 +08:00
Felix Fietkau
d4742de1d7 Revert "elfutils: fix a missing typedef in the last update"
This reverts commit a9e22ffa50.
After doing a clean rebuild, it turns out that this change is not necessary

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-15 22:05:24 +02:00
Felix Fietkau
123282d9f9 netifd: add missing error checks to packet steering script
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-15 13:46:05 +02:00
Felix Fietkau
a9e22ffa50 elfutils: fix a missing typedef in the last update
Fixes perf

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-15 13:46:05 +02:00
Felix Fietkau
93d75f8401 bridger: update to Git HEAD (2024-04-15)
3159bbe0a2eb improve isolation when selecting a fixed output port
c77a7a1ff74d nl: fix getting flow offload stats
a08e51e679dd add support for disabling bridge-local flows via config

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-15 11:29:24 +02:00
Tianling Shen
a65fceb078 uboot-rockchip: Update to 2024.04
Removed upstreamed patch.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-04-14 18:29:44 +02:00
Tianling Shen
d2d064e06e rkbin: bump to latest git HEAD
Fixed bugs for memory initialization/training,
improved memory compatibility/stability.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-04-14 18:29:44 +02:00
Tony Ambardar
e609b7486f elfutils: update to 1.91
Release Notes:
https://sourceware.org/pipermail/elfutils-devel/2024q1/006876.html

Refresh patch:
- 005-build_only_libs.patch

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-14 17:38:09 +02:00
Felix Fietkau
a205a5734e netifd: rewrite packet steering script
The new script uses a different strategy compared to the previous one.
Instead of trying to split flows by hash and spread them to all CPUs,
use RPS to redirect packets to a single core only.
Try to spread NAPI thread and RPS target CPUs across available CPUs
and try to ensure that the NAPI thread is on a different CPU than the
RPS target. This significantly reduces cycles wasted on the scheduler.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-14 16:24:37 +02:00
Robert Marko
5fe0d296c1 mac80211: ath11k: support DT property to limit channels
Limiting allowed channels per device may be required and is commonly
supported on other drivers, so include a pending patch to add support for
the same.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-13 20:05:01 +02:00
Felix Fietkau
ab9a29a320 mac80211: improve mesh fast tx patch
Change hash key struct size for faster lookup.
Fix clearing cache entries for forwarding

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-13 16:33:45 +02:00
Felix Fietkau
1ee5b7e506 hostapd: fix a crash corner case
On some setup failures, iface->bss can be NULL

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-13 16:33:45 +02:00
Tianling Shen
0db68a789f uboot-d1: define default BUILD_SUBTARGET
As commit 3ce1e4c3d3 ("d1: define subtarget specifically") added the
'generic' subtarget, without 'BUILD_SUBTARGET' the correspond U-Boot
package will be no longer selected automatically.

Fixes: 3ce1e4c3d3 ("d1: define subtarget specifically")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-04-13 13:41:41 +02:00
Tony Ambardar
4d8a9a954a bpftool: Update to v7.4.0
Update to the latest upstream release to include recent improvements and
bugfixes. Update copyright, fix typo in PKG_NAME, and remove unneeded use
of MAKE_VARS definition in Makefile. Drop 001-cflags.patch and simplify
002-includes.patch after refreshing. Also simplify LTO/DCE build flags.

Link: https://github.com/libbpf/bpftool/releases/tag/v7.4.0
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-13 11:20:41 +02:00
Tony Ambardar
5b07c37dfa libbpf: Update to v1.4.0
Update to the latest upstream release to include recent improvements and
bugfixes, and update copyright. Remove MAKE_VARS usage in Makefile and drop
001-cflags.patch which are no longer needed. Also add flags to disable LTO,
mistakenly dropped earlier.

Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.0
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2024-04-13 11:20:41 +02:00
Paul Donald
50021d3222
lldpd: make management address advertisement controllable
Defaults to off.

Available from >= 0.7.15

These are sent in TLV

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-12 13:45:48 +02:00
Paul Donald
4d8f56bd59
lldpd: make capabilities advertisement controllable
Defaults to off.

Only available from >= 1.0.15

These capabilities are sent in TLV.

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-12 13:45:48 +02:00
Paul Donald
b476917502
lldpd: note about capabilities
only available from >= 1.0.15

Comments are useful. Apparently this config parameter was committed when
openwrt used an older version of lldpd which did not yet support it.

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-12 13:20:40 +02:00
Paul Donald
8cf1dce428
lldpd: fix restart
Redirection broke in 5364fe0f01 ("lldpd: shellcheck fixes")

redirects to /dev/null shall be handled correctly (i.e. last).

This fixes these errors on `/etc/init.d/lldpd reload`:

2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`
2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`
2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`
2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`

Tested-on: 22.03.6
Fixes: 5364fe0f01 ("lldpd: shellcheck fixes")
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
[ improve commit description, add fixes tag ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-12 13:20:06 +02:00
Daniel Golle
07918e6612 package: kernel: leds-gca230718: fix build with Linux 6.6
Starting with Linux 6.3 the .probe call no longer got the id parameter,
see also commit torvalds/linux@03c835f498
("i2c: Switch .probe() to not take an id parameter").

As the parameter is anyway unused by the driver, drop it when
building the GCA230718 LED driver for newer kernels.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-04-12 02:07:30 +01:00
Robert Marko
923d7c5531
mediatek: filogic: add support for Edgecore EAP111
HW specifications:
* Mediatek MT7981A
* 256MB SPI-NAND
* 512MB DRAM
* Uplink: 1 x 10/100/1000Base-T Ethernet, Auto MDIX, RJ-45 with 802.3at
PoE (Built-in GBe PHY)
* LAN: 1 x 10/100/1000Base-T Ethernet, Auto MDIX, RJ-45 (Airoha EN8801SC)
* 1 Tricolor LED
* Reset button
* 12V/2.0A DC input

Installation:
Board comes with OpenWifi/TIP which is OpenWrt based, so sysupgrade can
be used directly over SSH.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2024-04-11 13:25:11 +02:00
Oleg S
d668c74fe6 kernel: add kmod-hwmon-emc2305 support
This module supports the Microchip Technology Inc (SMSC)
EMC2301/EMC2302/EMC2303/EMC2305 fan speed PWM controller chips.

Signed-off-by: Oleg S <remittor@gmail.com>
2024-04-10 10:50:17 +02:00
Felix Fietkau
08639a5e47 ucode: update to Git HEAD (2024-04-07)
1220992631d5 ubus: automatically clear error information
d6fd94014eea uci: automatically clear error information
99837f280b61 uloop: automatically clear error information
be767ae197ba vm: rework `in` operator semantics
4ade84e8fb81 ubus: add explicit support for deferring incoming requests

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-09 21:33:02 +02:00
Paul Spooren
d997477775 treewide: remove implicit SUBTARGET
Historically it's possible to leave the `SUBTARGETS` undefined and
automatically fallback to a "generic" subtarget. This however breaks
various downstream scripts which may have expectations around filenames:

While some targets with an explicit generic subtarget contain `generic`
in the filenames of artifacts, implicit "subtargets" don't.

Right now this breaks the CI[1], possibly also scripts using the ImageBuilders.

This commit removes all code that support implicit handling of
subtargets and instead requires every target to define "SUBTARGETS".

[1]: https://github.com/openwrt/openwrt/actions/runs/8592821105/job/23548273630

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-04-08 21:53:05 +02:00
Felix Fietkau
5e0587b8d1 uclient: update to Git HEAD (2024-04-05)
e209a4ced1d8 add strdupa macro for compatibility
af1962b9a609 uclient: add helper function for getting ustream-ssl context/ops
488f1d52cfd2 http: add helper function for checking redirect status
b6e5548a3ecc uclient: defer read notifications to uloop timer
352fb3eeb408 http: call ustream_poll if not enough read data is available
e611e6d0ff0b add ucode binding
ddb18d265757 uclient: add function for getting the amount of pending read/write data
980220ad1762 ucode: fix a few ucode binding issues
6c16331e4bf5 ucode: add support for using a prototype for cb, pass it to callbacks

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-07 23:29:59 +02:00
Rodrigo Balerdi
8cf4ac5195 base-files: minor fix to mmc_get_mac_ascii function
This is mostly a cosmetic cleanup. The absence of
the return statement was not causing any problems.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2024-04-07 20:06:11 +01:00
Felix Fietkau
507b0286d9 ustream-ssl: update to Git HEAD (2024-04-07)
7621339d7694 mbedtls: fix build on non-linux systems
268050964b08 ustream-mbedtls: add missing psa_crypto_init call
956fba242ac0 add callbacks for debug messages
9fdf3fb87af5 mbedtls: add TLS 1.3 ciphers
28c4c1e6471b mbedtls: disable TLS 1.3 in client mode when skipping verification
d61493a44204 mbedtls: add missing ifdef for build with disabled debug

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-07 20:01:09 +02:00
Robert Marko
57c9cb421e at91bootstrap: update PKG_MIRROR_HASH to zstd for v3 at91bootstrap
So, when updating the hash for at91bootstrap it was done via CHECK_ALL=1
so that updated the PKG_MIRROR_HASH for the main v4 version hash, but
at91bootstrap checkout version depends on the subtarget as well.

Choosing to build for sam9x will change the at91bootstrap version to v3
and this hash was not refreshed thus causing the CI to fail.

Fixes: 6918c637b7 ("treewide: package: update missed hashes after switch to ZSTD")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-07 17:10:30 +02:00
Robert Marko
6918c637b7 treewide: package: update missed hashes after switch to ZSTD
With the switch to ZSTD for git clone packaging, hashes have changed so
fixup remaining package hashes that were missed in the inital update.

Fixes: b3c1c57 ("treewide: update PKG_MIRROR_HASH to zst")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-07 14:56:04 +02:00
Robert Marko
1ea6ddacc2 nu801: update PKG_MIRROR_HASH to zst
When using zst instead of xz, the hash changes.
This was missed in the initial treewide updated.

Fixes: b3c1c57a35 ("treewide: update PKG_MIRROR_HASH to zst")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-07 11:49:53 +02:00
Alexandru Gagniuc
cee9fcdb73 wifi-scripts: fix creation of IBSS in legacy (non-HT) mode
When an IBBS interface is configured for IBSS legacy mode, wdev.htmode
is empty. This is empty string results in an empty positional argument
to the "ibbs join" command, for example:

    iw dev phy0-ibss0 ibss join crymesh 2412 '' fixed-freq beacon-interval 100

This empty argument is interpreted as an invalid HT mode by 'iw',
causing the entire command to fail and print a "usage" message:

    daemon.notice netifd: radio0 (4527): Usage:    iw [options] \
        dev <devname> ibss join <SSID> <freq in MHz> ...

Although nobody will ever need more than 640K of IBSS, explicitly use
"NOHT" if an HT mode is not given. This fixes the problem.

Fixes: e56c5f7b27 ("hostapd: add ucode support, use ucode for the main ubus object")
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [extend to cover more cases]
2024-04-07 11:12:43 +02:00
Paul Spooren
b3c1c57a35 treewide: update PKG_MIRROR_HASH to zst
When using zst instead of xz, the hash changes. This commit fixes the
hash for packages and tools in core.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-04-06 11:24:18 +02:00
Yanase Yuki
63dd14b906 gettext-full: link libiconv when building host pkg
On Fedora 40 system, some compile error happens when
building iconv-ostream.c. Linking to libiconv-full
fixes this.

Signed-off-by: Yanase Yuki <dev@zpc.st>
2024-04-05 15:08:38 +02:00
Felix Fietkau
27a2b54cba hostapd: fix Config.in dependencies
hostapd packages were accidentally left out. Clean up this mess by
changing the dependencies to hostapd-common

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-05 14:55:59 +02:00
Christian Lamparter
82c8c38a5c apm821xx: prepare WNDR4700 for 6.6 - add preliminary u-boot-env access
With the default BUILD_BOT configuration on a linux 6.6 kernel,
the WNDR4700's kernel no longer fits into the alloted ~3.5MiB,
even with LZMA compression.

Bigger kernels are possible, but there's a problem with Netgear's
"bootcmd":

> if loadn_dniimg 0 0x180000 0x4e0000 && chk_dniimg 0x4e0000; then nand read 0x800000 0x180000 0x20000;bootm 0x500000 - 0x800040;else fw_recovery; fi"

This loads the dni-image starting offset 0x180000 from the NAND
flash (which is the DTB partition) to 0x4e0000 in the RAM. It then
checks whenever the provided image is "valid". If it is then it
reads the DTB again to 0x800000 in the RAM and starts the extraction
and boot process. (If the image wasn't valid then it starts the
automated firmware recovery).

The issues here are that first: the kernel image gets "squeezed"
between 0x500040 and 0x7fffff... And second, the decompressor
only has area 0x0 - 0x500000 for decompression.

Hence the image now requires to update the bootcmd by providing
new values (which have been successfully tested with the original
Netgear WNDR4700 v1.0.0.56 firmware) for the RAM locations and
make full use of the fact that loadn_dniimg loads the DTB as well.

This needs to be done only once. Just connect a serial adapter to
interface with uboot and overwrite (and save) the new bootcmd.

WARNING: The serial port needs a TTL/RS-232 3.3v level converter!

Steps:
 0. Power-off the WNDR4700
 1. Connect the serial interface (you need to open the WNDR4700)
 2. Power-up the WNDR4700
 3. Monitor the boot-sequence and hit "Enter"-key when it says:

  "Hit any key to stop autoboot" (Be quick, you have a ~2 second window)

 4. in the Prompt enter the following commands (copy & paste)

 setenv bootcmd "if loadn_dniimg 0 0x180000 0xce0000 && chk_dniimg 0xce0000; then bootm 0xd00000 - 0xce0040;else fw_recovery; fi"
 saveenv
 run bootcmd

Note: This new bootcmd will also unbrick devices that were bricked
by the bigger 4.19-6.1 kernels.

Note2: This method was tested with a WNDR4700. A big kernel with most
debug features enabled on v6.6.22 measured 4.30 MiB when compressed
with lzma. The uncompressed kernel is 12.34 MiB. This is over the 3 MiB,
the device reserves for the kernel... But it booted! For bigger kernels,
the device needs repartitioning of the the ubi partition due to the
kernel+dtb not fitting into the partition.

Note3: For initramfs development. I would advice to load the initramfs
images to 0x800000 (or higher). i.e.: tftp 800000 wndr4700.bin

Note4: the fw_recovery uboot command to transfer the factory image to
the flash still works.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2024-04-05 09:26:26 +02:00
Paul Spooren
b906a9c78e libubox: fix PKG_MIRROR_HASH of 2024-03-29
The PKG_MIRROR_HASH was wrong (again), likely due to an old set of tools
which did not contain the downgrade of xz.

Ref 2070049 unetd: fix PKG_MIRROR_HASH
Fix 89c594e libubox: update to Git HEAD (2024-03-29)"

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-04-04 22:39:27 +02:00
Daniel Golle
000d25c312 kernel: ltq-vmmc: fix compilation warning/error
Fix compilation warning enum-int-mismatch which results in failure to
build kmod-ltq-vmmc in case CONFIG_KERNEL_WERROR is set.
.../build_dir/target-mips_24kc_musl/linux-lantiq_xrx200/drv_vmmc-1.9.0/src/mps/drv_mps_vmmc_common.c:392:14: error: conflicting types for 'ifx_mps_fastbuf_init' due to enum/integer mismatch; have 'IFX_return_t(void)' [-Werror=enum-int-mismatch]
  392 | IFX_return_t ifx_mps_fastbuf_init (IFX_void_t)
      |              ^~~~~~~~~~~~~~~~~~~~
.../build_dir/target-mips_24kc_musl/linux-lantiq_xrx200/drv_vmmc-1.9.0/src/mps/drv_mps_vmmc_common.c:120:13: note: previous declaration of 'ifx_mps_fastbuf_init' with type 'IFX_int32_t(void)' {aka 'int(void)'}
  120 | IFX_int32_t ifx_mps_fastbuf_init (IFX_void_t);
      |             ^~~~~~~~~~~~~~~~~~~~
.../build_dir/target-mips_24kc_musl/linux-lantiq_xrx200/drv_vmmc-1.9.0/src/mps/drv_mps_vmmc_common.c:420:14: error: conflicting types for 'ifx_mps_fastbuf_close' due to enum/integer mismatch; have 'IFX_return_t(void)' [-Werror=enum-int-mismatch]
  420 | IFX_return_t ifx_mps_fastbuf_close (IFX_void_t)
      |              ^~~~~~~~~~~~~~~~~~~~~
.../build_dir/target-mips_24kc_musl/linux-lantiq_xrx200/drv_vmmc-1.9.0/src/mps/drv_mps_vmmc_common.c:121:13: note: previous declaration of 'ifx_mps_fastbuf_close' with type 'IFX_int32_t(void)' {aka 'int(void)'}
  121 | IFX_int32_t ifx_mps_fastbuf_close (IFX_void_t);
      |             ^~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

Refresh patches and bump PKG_RELEASE while at it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-04-04 15:12:45 +01:00
Felix Fietkau
4ef13c4a49 libxml2: add host build dependency on libiconv-full
Fixes build on macOS

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-04 13:45:46 +02:00
Felix Fietkau
5aab43f933 hostapd: slightly clean up patches
- move build/ifdef related changes together to the 200 patch range
- reduce adding/removing include statements across patches
- move patches away from the 99x patch range to simplify maintenance

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-04 13:38:18 +02:00
Felix Fietkau
7b9996d107 hostapd: replace "argument list too long" fix with a simpler version
Less convoluted and more robust

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-04 13:38:18 +02:00
Felix Fietkau
6e391325af hostapd: remove workaround for broken WPA IEs in ancient devices
Affected devices were already quite old when this patch was added.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-04 13:38:18 +02:00
Eneas U de Queiroz
92379080ea hostapd: adjust patches to work with git am
This adds From:, Date: and Subject: to patches, allowing one to run 'git
am' to import the patches to a hostapd git repository.

From: and Date: fields were taken from the OpenWrt commit where the
patches were first introduced.

Most of the Subject: also followed suit, except for:
 - 300-noscan.patch: Took the description from the LuCI web interface
 - 350-nl80211_del_beacon_bss.patch: Used the file name

The order of the files in the patch was changed to match what git
format-patch does.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2024-04-04 12:12:43 +02:00
Eneas U de Queiroz
3f5a9e80da hostapd: remove unused fix
Patch 050-build_fix.patch fixes the abscence of sha384-kdf.o from the
list of needed objetct files when FILS is selected without any other
option that will select the .o file.

While it is a bug waiting to be fixes upstream, it is not needed for
OpenWrt use case, because OWE already selects sha384-kdf.o, and FILS is
selected along with OWE.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2024-04-04 12:12:43 +02:00
Eneas U de Queiroz
24d0e74627 hostapd: bump to 2024-03-09
This brings many changes, including fixes for a couple of memory leaks,
and improved interoperability with 802.11r.  There are also many changes
related to 802.11be, which is not enabled at this time.

Fixed upstream:
 - 022-hostapd-fix-use-of-uninitialized-stack-variables.patch
 - 180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch
 - 993-2023-10-28-ACS-Fix-typo-in-bw_40-frequency-array.patch

Switch PKG_SOURCE_URL to https, since http is not currently working.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tested-by: Ilya Katsnelson <me@0upti.me>
Tested by: Andrew Sim <andrewsimz@gmail.com>
2024-04-04 12:12:43 +02:00
Felix Fietkau
89c594e8b2 libubox: update to Git HEAD (2024-03-29)
a2fce001819e CI: add build test run
12bda4bdb197 CI: add CodeQL workflow tests
eb9bcb64185a ustream: prevent recursive calls to the read callback

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-04 11:15:03 +02:00
Robert Marko
b01d9bcc9d ipq-wifi: fixup hash
It seems that somehow a wrong hash has slipped past PR CI again.

Fixes: 9ef4f7f919 ("qualcommax: ipq60xx: add yuncore fap650 support")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-04 10:00:57 +02:00
Isaev Ruslan
9ef4f7f919 qualcommax: ipq60xx: add yuncore fap650 support
This commit adds support for the Yuncore FAP650 device.

Specifications:
- Qualcomm IPQ6018+QCA8075+QCN5022+QCN5052
- 512 MB of RAM (DDR3)
- 8 MB of serial flash (SPI NOR)
- 128 MB of parallel flash (NAND)
- 2x2 2.4 GHz WiFi (IPQ6010)
- 2x2 5 GHz WiFi (IPQ6010)
- 2x 2dBi 2.4G MIMO antenna
- 2x 3dBi 5.8G MIMO antenna
- 5x 1 Gbps Ethernet (QCA8075)
- POE: 48V (IEEE 802.3af)
- power: 12V (~1.5A)
- 1x passthru port (rj45 - rj45)
- 1x cisco rj45 console port
- size: 160mm*86mm*29mm

BACKUP YOUR STOCK FIRMWARE:
```
export device=fap650
mkdir -p /tmp/fw_dump_$device
cd /tmp/fw_dump_$device
dmesg > dmesg_$device.log
dtc -I fs /sys/firmware/devicetree/base > $device.dts
cat /proc/device-tree/model > model
cat /proc/mtd > proc_mtd
while read p; do
mtd_dev=$(echo $p | cut -d: -f1)
echo $mtd_dev
dd if=/dev/$mtd_dev of=$mtd_dev
done < proc_mtd
md5sum * > md5sum.log
tar -cvzf ../$device.tar.gz .
export sum=$(md5sum /tmp/$device.tar.gz | cut -d' ' -f1)
mv ../$device.tar.gz /tmp/${device}_${sum}.tar.gz
echo fw backup saved to: /tmp/${device}_${sum}.tar.gz
```
Upload your backup via tftp to the safe place.

INSTALLATION:
1. stock firmware web ui
Rename factory.bin fw image file to factory.ubin. Flash this image
like ordinary stock fw upgrade.

2. stock firmware telnet method
Enter telnet cli (login: root, password: 476t*_f0%g09y) and upload
 factory.bin fw image and rename it to factory.ubin
`cd /tmp && wget <your_web_server_ip>/factory.ubin`
`sysupgrade factory.ubin

3. initramfs method
    Put imitramfs image to your TFTP server and rename it for example to fap650.initram
    Enable serial console and enter to the u-boot cli.
    Exec these commands:
    `tftpboot <your_tftp_server_ip>:fap650.initram`
    `dhcp`

    When downloading is finished:
    `bootm`
    After booting the device, you need to upload to the device factory.ubi fw image.
    ```
    cd /tmp && wget <your_web_server_ip>/factory.ubi`
    export rootfs=$(cat /proc/mtd | grep rootfs | cut -d: -f1)
    export rootfs_1=$(cat /proc/mtd | grep rootfs_1 | cut -d: -f1)
    ubiformat /dev/${rootfs} -y -f factory.ubi
    ubiformat /dev/${rootfs_1} -y -f factory.ubi
    reboot
    ```

4. u-boot factory.ubi image method
    Put factory.ubi to your TFTP server
    Enter u-boot cli and exec these commands:
    `tftpboot <your_tftp_server_ip>:factory.ubi`
    `dhcp`
    After downloading is finished:
    `flash rootfs`
    `flash rootfs_1`
    `reset`

STOCK FIRMWARE RECOVERY:
Boot initramfs image.
Upload your rootfs mtd partition to the device using scp or download
it from the device using wget.
Enter device ssh cli and exec:
```
cd /tmp && wget <your_web_server_ip>/rootfs_mtd`
export rootfs=$(cat /proc/mtd | grep rootfs | cut -d: -f1)
export rootfs_1=$(cat /proc/mtd | grep rootfs_1 | cut -d: -f1)
ubiformat /dev/${rootfs} -y -f /tmp/rootfs_mtd
ubiformat /dev/${rootfs_1} -y -f /tmp/rootfs_mtd
reboot
```

Signed-off-by: Isaev Ruslan <legale.legale@gmail.com>
2024-04-04 09:29:17 +02:00
Mieczyslaw Nalewaj
667baaf1d9 x86: 6.6: enable System Management Mode emulation on KVM
Include the CONFIG_KVM_SMM option in the kvm-x86 package to enable system management mode emulation on KVM.

Co-authored-by: Stefan Hellermann <stefan@the2masters.de>
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
2024-04-04 08:56:10 +02:00
Mieczyslaw Nalewaj
7e5cf372a4 kernel: 6.6: modules: netdevices: lan743x: add missing dependency
Fix error: Package kmod-lan743x is missing dependencies for the following libraries:
fixed_phy.ko

Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
2024-04-04 08:56:10 +02:00
Mathew McBride
77e03f3c83 kernel: vfio: flag vfio_virqfd as only kernel 6.2 and earlier
Kernel 6.2 folded virqfd (eventd interface for VFIO interrupts)
into the base vfio module, it is no longer a tristate option.

Change suggested by vincejv on GitHub:
https://github.com/openwrt/openwrt/pull/14868#issuecomment-1998260124

Signed-off-by: Mathew McBride <matt@traverse.com.au>
2024-04-04 08:56:10 +02:00
Felix Fietkau
766ec55966 mbedtls: copy psa includes in InstallDev
They are required for some of the crypto API

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-03 22:42:46 +02:00
Paul Spooren
7bb9663dfe cryptodev: follow kernel.mk versioning
Instead of redefining the version schema in cryptodev, use the one
automatically defined via `kernel.mk`.

Specifically this changes the version from <kernel>+<package> to
<kernel>.<package> and thereby making it compatible with APK.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-04-03 18:41:40 +02:00
Paul Spooren
2070049c1c unetd: fix PKG_MIRROR_HASH
Our CI on GitHub as well as my local machine generates a different
PKG_MIRROR_HASH from what Felix uploaded the other day.

After receiving Felix file, both have indeed different hashes, however
when unpackaged via `xz -d` both have the same tarball content.

Below the checksums to compare:

a62bef497078c7b825f11fc8358c1a43f5db3e6d4b97812044f7653d60747d5b  dl/unetd-2024.03.31~80645766.tar.xz
fbdac59581742bf208c18995b1d69d9848c93bfce487e57ba780d959e0d62fc4  dl/unetd-2024.03.31~80645766_felix.tar.xz

After unpacking:

a7189cae90bc600abf3a3bff3620dc17a9143be8c27d27412de6eb66a1cf1b7d  dl/unetd-2024.03.31~80645766.tar
a7189cae90bc600abf3a3bff3620dc17a9143be8c27d27412de6eb66a1cf1b7d  dl/unetd-2024.03.31~80645766_felix.tar

The tarball with the wrong hash was accidentally generated without the xz
revert to version 5.4.6

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-04-03 13:27:20 +02:00
Felix Fietkau
a10a6fbac7 mt76: update to Git HEAD (2024-04-03)
605624a4e17b mt76: fix path to page_pool helper include
e4de3592c4e3 wifi: mt76: mt7603: fix tx queue of loopback packets
446f652c967c wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset
669aba47a145 wifi: mt76: mt7915: fix HE PHY capability regression
5914ea57a31f wifi: mt76: mt7915: workaround dubious x | !y warning
e8b5991f7dac wifi: mt76: mt7915: workaround too long expansion sparse warnings
e507b4e32ead wifi: mt76: mt7921: fix fw used for offload check for mt7922
725f531c1459 wifi: mt76: connac: check for null before dereferencing
b108dda7e201 wifi: mt76: mt7996: fix size of txpower MCU command
5b7616491f07 wifi: mt76: mt7921: introduce mt7920 PCIe support
0436995feca9 wifi: mt76: mt7921s: fix potential hung tasks during chip recovery
75759dca73d5 wifi: mt76: mt7925: ensure 4-byte alignment for suspend & wow command
b96ab5e62010 wifi: mt76: mt7996: fix uninitialized variable in mt7996_irq_tasklet()
7ff11c7259a3 wifi: mt76: sdio: move mcu queue size check inside critical section
02846a5d0f0f wifi: mt76: mt7915: Remove unused of_gpio.h
cb8df32e0475 wifi: mt76: mt7996: disable rx header translation for BMC entry
a4c4b550512e wifi: mt76: connac: use peer address for station BMC entry
260c5b7c3ba0 wifi: mt76: mt7996: set RCPI value in rate control command
0b7e645db9c2 wifi: mt76: connac: enable HW CSO module for mt7996
f19035fe0b4d wifi: mt76: mt7996: fix non-main BSS no beacon issue for MBSS scenario
424e9df466ce wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature
f70cb4f0508e wifi: mt76: connac: enable critical packet mode support for mt7992
5f1bf8865247 wifi: mt76: mt7996: add sanity checks for background radar trigger
1e336a8582dc wifi: mt76: connac: use muar idx 0xe for non-mt799x as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-03 13:09:15 +02:00
Christian Marangi
844a41f745
ltq-vdsl-vr11-mei: add patch fixing compilation with kernel 6.6
Add patch fixing compilation with kernel 6.6.

class_create now require only the name instead of the module ownership
reference.

Also the kernel enabled checks for enum.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-02 23:45:22 +02:00
Christian Marangi
3b7169f786
ltq-vdsl-vr11: add patch fixing compilation with kernel 6.6
Add patch fixing compilation with kernel 6.6.

class_create now require only the name instead of the module ownership
reference.

Also the kernel enabled checks for enum.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-02 23:45:22 +02:00
Robert Marko
d1eb0bec39 procd: update to Git HEAD (2024-03-30)
254810d16cf1 watchdog: always close fd on watchdog stop
946552a7b598 trace: use standard POSIX header for basename()

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-02 18:35:55 +02:00
Rafał Miłecki
7236d4f82b mt76: add mt7603 possible workaround for MT7603EN / MT7628AN stability
Add debugfs entry for disabling frames buffering that may be a reason
for mt7603 instability. This patch was sent upstream for review and at
least wasn't rejected yet. Let's add it to let OpenWrt users test if it
really helps.

Example usage:
echo N > /sys/kernel/debug/ieee80211/phy0/mt76/frames_buffering

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-04-02 07:30:27 +02:00
Sean Khan
a0962e8c04 qca-nss-dp: cp instead of symlink for nss_dp_arch.h
Build files shouldn't be symlinked into the staging directory, as doing so
would create a race condition if the build folder for 'qca-nss-dp' gets
deleted for any reason.

We should instead just copy over the required platform file to avoid
breaking compilation for any dependent packages.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
2024-04-01 19:44:45 +02:00
Sean Khan
00f8c86624 qca-ssdk: rework make to allow parallel building
The current build procedure always wipes away build files, this is
costly as ssdk is a parent dependency on a whole host of packages and
will always end up rebuilding (and in serial) the whole package.

This patch includes:

1. Module Building Optimization: Instead of creating a temporary
directory (temp) and copying files into it for module building,
the directly invoke the module build command with the
necessary paths. This simplifies the build process
and avoids unnecessary file operations, speeding up
the build process and reducing disk usage.

2. Parallel Build Support: By removing the explicit creation of
the temporary directory and associated file copying operations,
and passing in $(MAKE) $(PKG_JOBS) allows building in parallel.

3. Fix `EXTRA_CFLAGS`: This variable is referenced and set within MAKE_FLAGS,
so doesn't preserve spaces. Should have its defined value quoted.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
2024-04-01 11:08:57 +02:00
Tianling Shen
cc6c3a6ee8 mediatek: add support for OpenEmbed SOM7981
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: 256 MiB SPI-NAND, 32 GB eMMC optional
  RAM: 0.5/1 GB DDR4
  Ethernet: 1x 1GbE, 1x 2.5GbE (RTL8221B)
  WiFi: MediaTek MT7976C
  USB: 1x USB 3.0
  GPIO: 26-Pin header
  UART: 6 GND, 8 TX, 10 RX (in Pin header)
  Button: Reset, WPS
  Power: Type-C PD

Installation:
The board comes with a third-party custom OpenWrt image, you can upload
sysupgrade image via LuCI directly WITHOUT keeping configurations.

Or power on the board with pressing reset button for 5 second, then visit
http://192.168.1.1 and upload -factory.bin firmware.

Signed-off-by: Tianling Shen <cnsztl@gmail.com>
2024-03-31 20:20:59 +02:00
Felix Fietkau
a112ed4126 unetd: update to Git HEAD (2024-03-31)
52144f723bec pex: after receiving data update req, notify peer of local address/port
29aacb9386e0 pex: track indirect hosts (reachable via gateway) as peers without adding them to wg
48049524d4fc pex: do not send peer notifications for hosts with a gateway
12ac684ee22a pex: do not query for hosts with a gateway
203c88857354 pex: fix endian issues on config transfer
a29d45c71bca network: fix endian issue in converting port to network id
cbbe9d337a17 unet-cli: emit id by default
806457664ab6 unet-cli: strip initial newline in usage message

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-03-31 19:42:30 +02:00
Roland Reinl
29cca6cfee filogic: Add support for D-Link AQUILA PRO AI M30
Specification:
 - MT7981 CPU using 2.4GHz and 5GHz WiFi (both AX)
 - MT7531 switch
 - 512MB RAM
 - 128MB NAND flash with two UBI partitions with identical size
 - 1 multi color LED (red, green, blue, white) connected via GCA230718
 - 3 buttons (WPS, reset, LED on/off)
 - 1 1Gbit WAN port
 - 4 1Gbit LAN ports

Disassembly:
 - There are four screws at the bottom: 2 under the rubber feets, 2 under the label.
 - After removing the screws, the white plastic part can be shifted out of the blue part.
 - Be careful because the antennas are mounted on the side and the top of the white part.

Serial Interface
 - The serial interface can be connected to the 4 pin holes on the side of the board.
 - Pins (from front to rear):
   - 3.3V
   - RX
   - TX
   - GND
 - Settings: 115200, 8N1

MAC addresses:
 - WAN MAC is stored in partition "Odm" at offset 0x81
 - LAN (as printed on the device) is WAN MAC + 1
 - WLAN MAC (2.4 GHz) is WAN MAC + 2
 - WLAN MAC (5GHz) is WAN MAC + 3

Flashing via Recovery Web Interface:
 - The recovery web interface always flashes to the currently active partition.
 - If OpenWrt is flahsed to the second partition, it will not boot.
 - Ensure that you have an OEM image available (encrypted and decrypted version). Decryption is described in the end.
 - Set your IP address to 192.168.200.10, subnetmask 255.255.255.0
 - Press the reset button while powering on the device
 - Keep the reset button pressed until the LED blinks red
 - Open a Chromium based and goto http://192.168.200.1 (recovery web interface)
 - Download openwrt-mediatek-filogic-dlink_aquila-pro-ai-m30-a1-squashfs-recovery.bin
 - The recovery web interface always reports successful flashing, even if it fails
 - After flashing, the recovery web interface will try to forward the browser to 192.168.0.1 (can be ignored)
 - If OpenWrt was flashed to the first partition, OpenWrt will boot (The status LED will start blinking white and stay white in the end). In this case you're done and can use OpenWrt.
 - If OpenWrt was flashed to the second partition, OpenWrt won't boot (The status LED will stay red forever). In this case, the following steps are reuqired:
   - Start the web recovery interface again and flash the **decrypted OEM image**. This will be flashed to the second partition as well. The OEM firmware web interface is afterwards accessible via http://192.168.200.1.
   - Now flash the **encrypted OEM image** via OEM firmware web interface. In this case, the new firmware is flashed to the first partition. After flashing and the following reboot, the OEM firmware web interface should still be accessible via http://192.168.200.1.
   - Start the web recovery interface again and flash the OpenWrt recovery image. Now it will be flashed to the first partition, OpenWrt will boot correctly afterwards and is accessible via 192.168.1.1.

Flashing via U-Boot:
 - Open the case, connect to the UART console
 - Set your IP address to 192.168.200.2, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
 - Run a tftp server which provides openwrt-mediatek-filogic-dlink_aquila-pro-ai-m30-a1-initramfs-kernel.bin.
 - Power on the device and select "7. Load image" in the U-Boot menu
 - Enter image file, tftp server IP and device IP (if they differ from the default).
 - TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
 - The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
 - Perform a sysupgrade using openwrt-mediatek-filogic-dlink_aquila-pro-ai-m30-a1-squashfs-sysupgrade.bin
 - Reboot the device. OpenWrt should start from flash now

Revert back to stock using the Recovery Web Interface:
 - Set your IP address to 192.168.200.2, subnetmask 255.255.255.0
 - Press the reset button while powering on the device
 - Keep the reset button pressed until the LED blinks red
 - Open a Chromium based and goto http://192.168.200.1 (recovery web interface)
 - Flash a decrypted firmware image from D-Link. Decrypting an firmware image is described below.

Decrypting a D-Link firmware image:
 - Download https://github.com/RolandoMagico/firmware-utils/blob/M32/src/m32-firmware-util.c
 - Compile a binary from the downloaded file, e.g. gcc m32-firmware-util.c -lcrypto -o m32-firmware-util
 - Run ./m32-firmware-util M30 --DecryptFactoryImage <OriginalFirmware> <OutputFile>
 - Example for firmware M30A1_FW101B05: ./m32-firmware-util M30 --DecryptFactoryImage M30A1_FW101B05\(0725091522\).bin M30A1_FW101B05\(0725091522\)_decrypted.bin

Flashing via OEM web interface is not possible, as it will change the active partition and OpenWrt is only running on the first UBI partition.

Controlling the LEDs:
 - The LEDs are controlled by a chip called "GCA230718" which is connected to the main CPU via I2C (address 0x40)
 - I didn't find any documentation or driver for it, so the information below is purely based on my investigations
 - If there is already I driver for it, please tell me. Maybe I didn't search enough
 - I implemented a kernel module (leds-gca230718) to access the LEDs via DTS
 - The LED controller supports PWM for brightness control and ramp control for smooth blinking. This is not implemented in the driver
 - The LED controller supports toggling (on -> off -> on -> off) where the brightness of the LEDs can be set individually for each on cycle
 - Until now, only simple active/inactive control is implemented (like when the LEDs would have been connected via GPIO)
 - Controlling the LEDs requires three sequences sent to the chip. Each sequence consists of
   - A reset command (0x81 0xE4) written to register 0x00
   - A control command (for example 0x0C 0x02 0x01 0x00 0x00 0x00 0xFF 0x01 0x00 0x00 0x00 0xFF 0x87 written to register 0x03)
 - The reset command is always the same
 - In the control command
   - byte 0 is always the same
   - byte 1 (0x02 in the example above) must be changed in every sequence: 0x02 -> 0x01 -> 0x03)
   - byte 2 is set to 0x01 which disables toggling. 0x02 would be LED toggling without ramp control, 0x03 would be toggling with ramp control
   - byte 3 to 6 define the brightness values for the LEDs (R,G,B,W) for the first on cycle when toggling
   - byte 7 defines the toggling frequency (if toggling enabled)
   - byte 8 to 11 define the brightness values for the LEDs (R,G,B,W) for the second on cycle when toggling
   - byte 12 is constant 0x87

Comparison to M32/R32:
 - The algorithms for decrypting the OEM firmware are the same for M30/M32/R32, only the keys differ
 - The keys are available in the GPL sources for the M32
 - The M32/R32 contained raw data in the firmware images (kernel, rootfs), the R30 uses a sysupgrade tar instead
 - Creation of the recovery image is quite similar, only the header start string changes. So mostly takeover from M32/R32 for that.
 - Turned out that the bytes at offset 0x0E and 0x0F in the recovery image header are the checksum over the data area
 - This checksum was not checked in the recovery web interface of M32/R32 devices, but is now active in R30
 - I adapted the recovery image creation to also calculate the checksum over the data area
 - The recovery image header for M30 contains addresses which don't match the memory layout in the DTS. The same addresses are also present in the OEM images
 - The recovery web interface either calculates the correct addresses from it or has it's own logic to determine where which information must be written

Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
2024-03-31 19:01:20 +02:00
Roland Reinl
0682974aa8 filogic: Add LED driver for GCA230718
Add basic support for the LED driver for GCA230718.

 - I didn't find any documentation or driver for it, so the information below is purely based on my investigations
 - If there is already I driver for it, please tell me. Maybe I didn't search enough
 - I implemented a kernel module (leds-gca230718) to access the LEDs via DTS
 - The LED controller supports PWM for brightness control and ramp control for smooth blinking. This is not implemented in the driver
 - The LED controller supports toggling (on -> off -> on -> off) where the brightness of the LEDs can be set individually for each on cycle
 - Until now, only simple active/inactive control is implemented (like when the LEDs would have been connected via GPIO)
 - Controlling the LEDs requires three sequences sent to the chip. Each sequence consists of
   - A reset command (0x81 0xE4) written to register 0x00
   - A control command (for example 0x0C 0x02 0x01 0x00 0x00 0x00 0xFF 0x01 0x00 0x00 0x00 0xFF 0x87 written to register 0x03)
 - The reset command is always the same
 - In the control command
   - byte 0 is always the same
   - byte 1 (0x02 in the example above) must be changed in every sequence: 0x02 -> 0x01 -> 0x03)
   - byte 2 is set to 0x01 which disables toggling. 0x02 would be LED toggling without ramp control, 0x03 would be toggling with ramp control
   - byte 3 to 6 define the brightness values for the LEDs (R,G,B,W) for the first on cycle when toggling
   - byte 7 defines the toggling frequency (if toggling enabled)
   - byte 8 to 11 define the brightness values for the LEDs (R,G,B,W) for the second on cycle when toggling
   - byte 12 is constant 0x87

Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
2024-03-31 19:01:19 +02:00
Marco von Rosenberg
06cdc07f8c ath79: add support for Huawei AP5030DN
Huawei AP5030DN is a dual-band, dual-radio 802.11ac Wave 1 3x3 MIMO
enterprise access point with two Gigabit Ethernet ports and PoE
support.

Hardware highlights:
- CPU: QCA9550 SoC at 720MHz
- RAM: 256MB DDR2
- Flash: 32MB SPI-NOR
- Wi-Fi 2.4GHz: QCA9550-internal radio
- Wi-Fi 5GHz: QCA9880 PCIe WLAN SoC
- Ethernet 1: 10/100/1000 Mbps Ethernet through Broadcom B50612E PHY
- Ethernet 2: 10/100/1000 Mbps Ethernet through Marvell 88E1510 PHY
- PoE: input through Ethernet 1 port
- Standalone 12V/2A power input
- Serial console externally available through RJ45 port
- External watchdog: SGM706 (1.6s timeout)

Serial console:
  9600n8 (9600 baud, no stop bits, no parity, 8 data bits)

MAC addresses:
  Each device has 32 consecutive MAC addresses allocated by
  the vendor, which don't overlap between devices.
  This was confirmed with multiple devices with consecutive
  serial numbers.
  The MAC address range starts with the address on the label.
  To be able to distinguish between the interfaces,
  the following MAC address scheme is used:
    - eth0 = label MAC
    - eth1 = label MAC + 1
    - radio0 (Wi-Fi 5GHz) = label MAC + 2
    - radio1 (Wi-Fi 2.4GHz) = label MAC + 3

Installation:
0. Connect some sort of RJ45-to-USB adapter to "Console" port of the AP

1. Power up the AP

2. At prompt "Press f or F  to stop Auto-Boot in 3 seconds",
   do what they say.
   Log in with default admin password "admin@huawei.com".

3. Boot the OpenWrt initramfs from TFTP using the hidden script
   "run ramboot". Replace IP address as needed:

   > setenv serverip 192.168.1.10
   > setenv ipaddr 192.168.1.1
   > setenv rambootfile
     openwrt-ath79-generic-huawei_ap5030dn-initramfs-kernel.bin
   > saveenv
   > run ramboot

4. Optional but recommended as the factory firmware cannot
   be downloaded publicly:
   Back up contents of "firmware" partition using the web interface or ssh:

   $ ssh root@192.168.1.1 cat /dev/mtd11 > huawei_ap5030dn_fw_backup.bin

5. Run sysupgrade using sysupgrade image. OpenWrt
   shall boot from flash afterwards.

Return to factory firmware (using firmware upgrade package downloaded from
non-public Huawei website):
1. Start a TFTP server in the directory where
   the firmware upgrade package is located

2. Boot to u-boot as described above

3. Install firmware upgrade package and format the config partitions:

   > update system FatAP5X30XN_SOMEVERSION.bin
   > format_fs

Return to factory firmware (from previously created backup):
1. Copy over the firmware partition backup to /tmp,
   for example using scp

2. Use sysupgrade with force to restore the backup:
   sysupgrade -F huawei_ap5030dn_fw_backup.bin

3. Boot AP to U-Boot as described above

Quirks and known issues
-----------------------

- On initial power-up, the Huawei-modified bootloader suspends both
ethernet PHYs (it sets the "Power Down" bit in the MII control
register). Unfortunately, at the time of the initial port, the kernel
driver for the B50612E/BCM54612E PHY behind eth0 doesn't have a resume
callback defined which would clear this bit. This makes the PHY unusable
since it remains suspended forever. This is why the backported kernel
patches in this commit are required which add this callback and for
completeness also a suspend callback.

- The stock firmware has a semi dual boot concept where the primary
kernel uses a squashfs as root partition and the secondary kernel uses
an initramfs. This dual boot concept is circumvented on purpose to gain
more flash space and since the stock firmware's flash layout isn't
compatible with mtdsplit.

- The external watchdog's timeout of 1.6s is very hard to satisfy
during bootup. This is why the GPIO15 pin connected to the watchdog input
is configured directly in the LZMA loader to output the CPU_CLK/4 signal
which keeps the watchdog happy until the wdt-gpio kernel driver takes
over. Because it would also take too long to read the whole kernel image
from flash, the uImage header only includes the loader which then reads
the kernel image from flash after GPIO15 is configured.

Signed-off-by: Marco von Rosenberg <marcovr@selfnet.de>
[fixed 6.6 backport patch naming]
Signed-off-by: David Bauer <mail@david-bauer.net>
2024-03-31 18:09:43 +02:00
Shiji Yang
d7d94a8d91 uboot-envtools: ath79: remove D-Link DIR-8x9 and DAP-1720 env config
The uboot-envtools can automatically parse the dts 'u-boot,env'
compatible string. So the env config file is now useless.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-03-30 01:04:17 +01:00
Rosen Penev
cd5c0054bd dtc: fix compilation with both libraries
Upstream backports.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-03-29 23:42:22 +01:00
Chukun Pan
0170666d89 uboot-mediatek: add Netcore N60 support
The vendor uboot requires special fit verification.
So add a custom uboot build for this device.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-03-29 22:53:53 +01:00
Tomasz Maciej Nowak
d506ea3e80 kernel: kmod-phy-smsc: add dependency on crc16
Introduced WoL feature needs CRC16 support.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2024-03-29 17:32:26 +01:00
Felix Fietkau
87de62dcb8 perf: fix build on linux 6.6
- use Makefile.perf to prevent overriding MAKEFLAGS
- fix path to PKG_CONFIG
- link libstdc++ statically (only used for demangling)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-03-29 15:41:16 +01:00
Florian Eckert
535d487c41 linux-firmware: add missing LICENSE_FILES info
Where it is clear which lincense the firmware package has, the missing
information are added.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-03-29 13:11:47 +01:00
Florian Eckert
5c14de1d7e linux-firmware: add LICENSE_FILES and LICENSE file handling
The firmware blobs have all different licenses from the different
manufacturers of the binary blobs. This information is contained in the
upstream 'linux-firmware' repositroy.

This commit extends the package handling so that this information can be
added as an additional argument during packages generation.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-03-29 13:11:47 +01:00
Chukun Pan
29b8ba75fa sunxi: add support for Orange Pi Zero 3
Key features:
  Allwinner H618 SoC (Quad core Cortex-A53)
  1/1.5/2/4 GiB LPDDR4 DRAM
  1 USB 2.0 type C port (Power + OTG)
  1 USB 2.0 host port
  1Gbps Ethernet port
  Micro-HDMI port
  MicroSD slot

Installation:
  Write the image to SD Card with dd.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-03-26 21:56:57 +01:00
Chukun Pan
9a19ec79f9 uboot-sunxi: bump to 2024.01
This version supports LPDDR4 DRAM of H618 SoC.

Runtime-tested:
  Olimex Olinuxino Micro (A20)
  Orange Pi Zero 3 (H618)
  Pine64 SoPine (A64)

Tested-by: Zoltan HERPAI <wigyori@uid0.hu>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2024-03-26 21:56:57 +01:00
Robert Marko
1d33ee019f kernel: qca-ssdk: fix C45 MDIO support on kernel 6.6
Kernel 6.3 has introduced separate C45 read/write operations, and thus
split them out of the C22 operations completely so the old way of marking
C45 reads and writes via the register value does not work anymore.

This is causing SSDK to fail and find C45 only PHY-s such as Aquantia ones:
[   22.187877] ssdk_phy_driver_init[371]:INFO:dev_id = 0, phy_adress = 8, phy_id = 0x0 phytype doesn't match
[   22.209924] ssdk_phy_driver_init[371]:INFO:dev_id = 0, phy_adress = 0, phy_id = 0x0 phytype doesn't match

This in turn causes USXGMII MAC autoneg bit to not get set and then UNIPHY
autoneg will time out, causing the 10G ports not to work:
[   37.292784] uniphy autoneg time out!

So, lets detect C45 reads and writes by the magic BIT(30) in the register
argument and if so call separate C45 mdiobus read/write functions.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-26 18:10:50 +01:00
Robert Marko
ff064b68d4 procd: update to Git HEAD (2024-03-25)
79f8cfa58ee7 ci: add github test workflow
428f40e7984f test commit fixing warnings
63058d1f81a5 ci: enable ujail builds
49ea930a862c utils: add key-value offset support to get_cmdline_val()
ca8c30208d5e inittab: fallback when multiple "console=" is detected

Required for the recent Elecom multiple console commits.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-25 11:50:19 +01:00
Robert Marko
bf4c04a4d0 hostapd: fix Argument list too long build error
Currently, both CI and local builds of wpa-supplicant will fail with:
/bin/sh: Argument list too long

Its happening as the argument list for mkdir in build.rules is too large
and over the MAX_ARG_STRLEN limit.

It seems that recent introduction of APK compatible version schema has
increased the argument size and thus pushed it over the limit uncovering
the issue.

Fixes: e8725a932e ("treewide: use APK compatible version schema")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-25 11:02:16 +01:00
Paul Spooren
c02a2db05e treewide: update PKG_MIRROR_HASH after APK version schema
With the change in version schema the downloaded files changed, too,
mostly the hash is now prefixed with a tilde `~` instead of a dash `-`.

Since each downloaded archive contains folder with the same name as the
archive, the checksum changed.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-03-25 09:32:48 +01:00
Tim Harvey
ae8bf1a26e imx: add imx8m support
Add imx8m support:
 - add a cortexa53 subtarget to imx
 - move ARCH and KERNELNAME to subtargets
 - account for kernel modules that are not used for cortexa53

No device-specific targets or firmware images are created yet but all
imx8m* dtbs will be built.

enabling CONFIG_TARGET_ROOTFS_INITRAMFS results in
openwrt-imx-cortexa53-imx8m-initramfs-kernel.bin which has been
successfully booted on an imx8mm-evk using the following:

u-boot=> tftpboot $fdt_addr_r image-imx8mm-evk.dtb && \
tftpboot $kernel_addr_r openwrt-imx-cortexa53-imx8m-initramfs-kernel.bin && \
booti $kernel_addr_r - $fdt_addr_r

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2024-03-24 21:19:10 +01:00
Petr Štetiar
8db83d4cc0 linux-firmware: package Intel AX201 firmware
Alexander reported following:

 iwlwifi 0000:00:14.3: Detected crf-id 0x3617, cnv-id 0x20000302 wfpm id 0x80000000
 iwlwifi 0000:00:14.3: PCI dev a0f0/0074, rev=0x351, rfid=0x10a100
 iwlwifi 0000:00:14.3: Direct firmware load for iwlwifi-QuZ-a0-hr-b0-77.ucode failed with error -2

It seems, that as of the current date, the highest firmware API version
supported by Linux 6.8-rc7 is still 77.

Closes: #14771
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-03-24 21:12:13 +01:00
Hauke Mehrtens
a693291ca9 libiwinfo: update to Git HEAD (2024-03-23)
3aa2b6b devices: add device id for MediaTek MT7601U
79a9615 devices: add device id for Realtek RTL8188CU and RTL8188FTV

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-23 19:36:34 +01:00
Paweł Owoc
a91b79fd04 mac80211: add missing config for third 160MHz width for 5GHz radio
Without this configuration it is not possible to run the radio using HE160 on channels 149-177.

Fixes: #14906
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
2024-03-23 16:57:24 +01:00
Hauke Mehrtens
f403824a6f firmware-utils: update to git HEAD
9067281 tplink-safeloader: add RE365 v1
e87f238 zycast: new tool for ZyXEL bootloader flashing
c1e69e6 tplink-safeloader: show compat_level with FW info
335d063 tplink-safeloader: bump EAP225-Outdoor v1 compat
c1e06da tplink-safeloader: bump EAP225-V3 compat_level
a5dfb5f tplink-safeloader: add TP-Link RE205 v3 support
17de365 zycast: disable build on non-Linux OS
6b24299 ptgen: fix limitation for active partition in GPT

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-23 15:51:15 +01:00
Sander van Deijck
2cfe86d383 kirkwood: add ix4-200d support to uboot-envtools
This adds support for the Iomega ix4-200d device in uboot-envtools.

Signed-off-by: Sander van Deijck <sander@vandeijck.com>
2024-03-23 14:56:50 +01:00
Mieczyslaw Nalewaj
bce7b4f8e5 mac80211: carl9170: re-fix fortified-memset warning
The carl9170_tx_release() function sometimes triggers a fortified-memset
warning in my randconfig builds:

In file included from include/linux/string.h:254,
                 from drivers/net/wireless/ath/carl9170/tx.c:40:
In function 'fortify_memset_chk',
    inlined from 'carl9170_tx_release' at drivers/net/wireless/ath/carl9170/tx.c:283:2,
    inlined from 'kref_put' at include/linux/kref.h:65:3,
    inlined from 'carl9170_tx_put_skb' at drivers/net/wireless/ath/carl9170/tx.c:342:9:
include/linux/fortify-string.h:493:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
  493 |                         __write_overflow_field(p_size_field, size);

Kees previously tried to avoid this by using memset_after(), but it seems
this does not fully address the problem. I noticed that the memset_after()
here is done on a different part of the union (status) than the original
cast was from (rate_driver_data), which may confuse the compiler.

Unfortunately, the memset_after() trick does not work on driver_rates[]
because that is part of an anonymous struct, and I could not get
struct_group() to do this either. Using two separate memset() calls
on the two members does address the warning though.

Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
2024-03-23 14:26:05 +01:00
Marius Durbaca
ce5661e455 uboot-rockchip: add Radxa E25 board support
add Radxa E25 board support in uboot-rockchip

Signed-off-by: Marius Durbaca <mariusd84@gmail.com>
Reviewed-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-03-23 07:55:43 +01:00
Marius Durbaca
28ee115673 kernel: kmod-ata-ahci-platform: enable support for RK35xx
enable support for RK35xx in kmod-ata-ahci-platform kernel module

Suggested-by: Tianling Shen <cnsztl@immortalwrt.org>
Signed-off-by: Marius Durbaca <mariusd84@gmail.com>
2024-03-23 07:55:43 +01:00
Paul Spooren
e8725a932e treewide: use APK compatible version schema
Different from OPKG, APK uses a deterministic version schema which chips
the version into chunks and compares them individually. This enforces a
certain schema which was previously entirely flexible.

 - Releases are added at the very and end prefixed with an `r` like
`1.2.3-r3`.
- Hashes are prefixed with a `~` like `1.2.3~abc123`.
- Dates become semantic versions, like `2024.04.01`
- Extra tags are possible like `_git`, `_alpha` and more.

For full details see the APK test list:
https://gitlab.alpinelinux.org/alpine/apk-tools/-/blob/master/test/version.data

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-03-22 22:14:22 +01:00
Robert Marko
d9a2886263 kernel: qca-nss-dp: enable compiling against 6.6
Since 6.5 netdev_rx_queue was moved out of netdevice.h so include the new
header since that is where it lives now.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-22 21:19:21 +01:00
Robert Marko
6a44115338 kernel: qca-ssdk: allow compiling against 6.6
Add a patch that makes SSDK recognize kernel 6.6 and thus allows
compiling against it.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-22 21:19:21 +01:00
Florian Eckert
879826154f kernel: update deprecated license information
Update the deprecated license information from GPL-2.0 to GPL-2.0-only
as written in the COPYING file of the linux source tree.

Also add the 'COPYING' file to the PKG_LICENSE_FILES variable.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-03-21 21:49:07 +01:00
Florian Eckert
3128157ec7 mac80211: add missing license information
The lincense information for the packages mac80211 are missing.
This commit adds the missing information.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-03-21 21:49:07 +01:00
Florian Eckert
0da116f25b ca-certificates: add missing license information
The package has no licence information. So let's fix it.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-03-21 21:44:53 +01:00
Florian Eckert
7a3deadf91 wireless-regdb: add missing license information
Add the missing license information PKG_LICENSE and PKG_LICENSE_FILES.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2024-03-21 13:44:44 +01:00
Chuanhong Guo
ec8c3dc701 uboot-mediatek: add support for GD5F1GQ5UE
This patch adds support for GigaDevice GD5F1GQ5UExxG to the
mtk-snfi driver in u-boot.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2024-03-21 16:52:09 +08:00
Chuanhong Guo
2ea8610e4f uboot-mediatek: add Redmi AX6S as UBI loader
Add support for Xiaomi Redmi AX6S to be used as a second-stage
UBI loader.
The defconfig/env is minimal: Boot fit from UBI. If that failed,
load and boot initramfs image from TFTP.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2024-03-21 16:52:09 +08:00
Daniel Golle
5305dbbe9f glibc: don't ship /etc/localtime -> /tmp/localtime symlink
The symlink is already part of the base-files package. We don't need
to ship it with glibc again.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-20 23:44:10 +00:00
Daniel Golle
56448cc8c1 umdns: fix PKG_MIRROR_HASH
PKG_MIRROR_HASH was accidentally generated with already APK-adapted
version string in the filename. That can't work (yet). Regenerate and
hash the file with the currently used version scheme to fix that.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-20 23:44:10 +00:00
Daniel Golle
5d34c835a1 umdns: update to git HEAD
e91ed40 ubus: assume that the service iface can be NULL
 4094a3c interface: remove unused peer field
 8a0c9db interface: add missing cache cleanup on interface free
 3b341f4 add the ability to announce additional hostnames

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-20 19:43:10 +00:00
Daniel Golle
330d67ecc0 umdns: add /etc/umdns/ to mount namespace jail
Make sure /etc/umdns/ is accessiable for the umdns process if it
exists and umdns is run with umdns.@umdns[0].jail='1'.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-20 19:23:50 +00:00
Hauke Mehrtens
28c87d7ecd dnsmasq: Backport 2 upstream patches
These two patches are fixing minor problems with DNSSEC found shortly
after the dnsmasq 2.90 release.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-20 01:18:21 +01:00
Dirk Buchwalder
f84ed09d2c ath11k-firmware: update IPQ6018 to 2.5.0.1-03982
That new version seems to work more stable including mesh.
On version 2.4.0.1-01746 rproc was immediately crashing if mesh was
active.

Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>
2024-03-19 07:20:26 +01:00
Hauke Mehrtens
57bc07fb89 linux-firmware: Update Intel wifi firmware
Update Intel wifi firmware to most recent versions supported by the
iwlwifi driver from kernel 6.6.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-18 23:07:00 +01:00
Felix Fietkau
85ad6b9569 mt76: update to Git HEAD (2024-03-18)
a903d3169193 wifi: mt76: mt7921: fix a potential association failure upon resuming
eb0d0ce344f3 wifi: mt76: mt7921: fix suspend issue on MediaTek COB platform
841bf82e9958 wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177
ce7ccc540168 wifi: mt76: Remove redundant assignment to variable tidno
a238df940d6f wifi: mt76: mt7915: initialize rssi on adding stations
46c7d1849dbd wifi: mt76: replace skb_put with skb_put_zero
b5640b3153c7 wifi: mt76: fix tx packet loss when scanning on DBDC
7b054e5cb3af wifi: mt76: mt7915: fix mcu command format for mt7915 tx stats
3f27a64a8010 wifi: mt76: mt7915: fix bogus Tx/Rx airtime duration values
4f681a8fbc91 wifi: mt76: mt7915: fix HE PHY capabilities IE for station mode
8ede229eb8b5 wifi: mt76: mt7915: only set MT76_MCU_RESET for the main phy
2330781b8c5f wifi: mt76: mt7996: only set MT76_MCU_RESET for the main phy
e5fb6995e7eb wifi: mt76: mt7915: add support for disabling in-band discovery
b4a917417c85 wifi: mt76: mt7915: add mt7986, mt7916 and mt7981 pre-calibration
2135e201e7a9 mt76: mt7915: add fallback in case of missing precal data

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-03-18 13:25:11 +01:00
Daniel Golle
40fce9dcb8 kernel: modules: package driver for MediaTek T7xx PCIe 5G modem
Build and package driver for MediaTek PCIe 5G WWAN modem T7xx device
available in Linux 6.1 and 6.6 as kmod-mtk-t7xx.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-17 22:41:03 +00:00
Paul Spooren
7ac030876c uci: fix variable declaration
Using := doesn't fly well when including other variables. In fact this
would cause the variable to be empty and break cloning of the git repo.

Fix: "c354c069b3 uci: fix Makefile formatting"

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-03-17 18:24:04 +01:00
Zoltan HERPAI
0dfc0495fc kirkwood: add support for Netgear Stora (MS2000/2110) NAS
Dual-slot NAS based on Marvell Kirkwood.

Specifications:
 - Marvell 88F6281 @1GHz
 - 128Mb RAM
 - 256Mb NAND
 - 1x GbE LAN (Marvell 88E1116)
 - 1x USB 2.0
 - 2x SATA
 - PCF8563 RTC
 - LM75 sensor
 - TC654 PWM fan controller
 - Serial on J2 (115200,8n1)
 - Newer bootROM so kwboot-ing via serial is possible

Installation:

1. Serial console
 - Connect your levelshifter to the serial console
   on J2 (refer to the wiki page for pinout)
2. Update u-boot
 - Download the u-boot.kwb image for the device
 - Powercycle the NAS
 - Run "kwboot -b ./u-boot.kwb /dev/ttyUSB0 -p"
 - Connect to the serial console with minicom
 - tftp 0x0800000 netgear_stora-u-boot.kwb
 - nand erase 0x0 100000
 - nand write 0x0800000 0x0 0x100000
 - reset
3. Install OpenWrt
 - Boot up the initramfs image
 - tftpboot 0x800000 openwrt-kirkwood-netgear_stora-initramfs-uImage; bootm 0x800000
 - Download the sysupgrade image and perform sysupgrade

The fan is controlled in 3 stages by a script running every minute
from cron, measuring the CPU temperature.

Snippets taken from bodhi <mibodhi@gmail.com>

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-03-17 00:19:22 +01:00
Zoltan HERPAI
afd5926e37 hwmon: add TC654 fan-controller support
Add support for the Microchip TC654 PWM fan-controller.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-03-17 00:19:20 +01:00
Felix Fietkau
dea42f67ab mac80211: fix a crash triggered by sta disconnect with per-sta VLANs
Reported-by: ranygh@riseup.net
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-03-16 08:50:52 +01:00
Arayuki Mago
21eeb45420 ds-lite: Add support for IPIP6(RFC2473) tunnel
Add Generic Packet Tunneling in IPv6 Specification (RFC 2473) support.

Signed-off-by: Arayuki Mago <ms@missing233.com>
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2024-03-16 13:15:18 +08:00
Felix Fietkau
163c87dfc2 mac80211: fix another regression in the broadcast AQL patch
Add a separate bit in struct ieee80211_tx_info to indicate airtime tracked
as broadcast/multicast. This avoids a race condition where airtime from
stations that were just removed wasn't getting subtracted from the total
PHY airtime.

Fixes: 95e633efbd ("mac80211: add AQL support for broadcast/multicast packets")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-03-15 20:37:21 +01:00
Robert Marko
8fb23465ca kernel: modules: video: select drm-exec and drm-suballoc-helper for AMDGPU
drm-amdgpu and drm-radeon require drm-exec and/or drm-suballoc-helper in
6.6, so since we have them packaged separately include them when required.

Fixes: 5b08b56007 ("kernel: modules: video: adapt for kernel 6.6")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-15 15:25:03 +01:00
Robert Marko
08f1c36d00 kernel: modules: video: package DRM suballocation helper
Linux 6.4 has split out the previously AMDGPU specific suballocation
helper into a generic one and it has its own symbol now.

So, lets package it as a separate helper as AMDGPU still requires it
for 6.6.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-15 15:25:03 +01:00
Robert Marko
a6b3cc95f2 kernel: modules: video: package DRM EXEC
Linux 6.6 has added DRM EXEC as a separate symbol, so package it separately
as AMDGPU requires it.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-15 15:25:03 +01:00
Robert Marko
5c7400e932 kernel: modules: video: drm: remove DRM_EXEC and DRM_SUBALLOC_HELPER
As part of adding kernel 6.6 support, DRM_EXEC and DRM_SUBALLOC_HELPER were
added to the kmod-drm, however these are only used by drm-amdgpu and
drm-radeon which are only supported on x86.

So, lets start fixing building of other targets by removing these from the
main kmod-drm, in follow-up commits they will be packaged separately and
selected when required.

Fixes: 5b08b56007 ("kernel: modules: video: adapt for kernel 6.6")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-15 15:25:03 +01:00
Robert Marko
af7d5a40a9 ath11k-firmware: update IPQ8074 and QCN9074 to 2.9.0.1-01977
After a long time QCA has pushed an updated release of 2.9.0.1 firmware
for IPQ8074 and QCN9074, so lets update to 2.9.0.1-01977.

Sadly, still nothing new for IPQ6018.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-15 15:22:53 +01:00
Hauke Mehrtens
d2898c273d kernel: kmod-hwmon-coretemp: Depend on x86
This kernel module depends on x86, it works only on some Intel CPUs.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-14 20:56:18 +01:00
Hauke Mehrtens
9c6cf8e77c kernel: kmod-video-cpia2: Depend on kernel 5.15
This driver was moved to staging in kernel 6.1 and then removed in
kernel 6.3, see these commits:
https://git.kernel.org/linus/be8cebc46d9d38166a1b3fda22a018ae52b0928e
https://git.kernel.org/linus/9ea8a9c72a9b4d24e6045ee25f5e465dc22f9f55

Build it only on older kernel versions.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-14 20:56:18 +01:00
Hauke Mehrtens
fcf0453549 kernel: kmod-can: Fix build of can drivers
Many can kernel modules are now gated by the newly introduced
CONFIG_CAN_NETLINK configuration option. Activate it to build the can
drivers again.
This was changed in this upstream Linux commit:
https://git.kernel.org/linus/df6ad5dd838e0fa543ca28ca6154901fa65a9443

This should fix these warnings with kernel 6.1 and 6.6:
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-c-can is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-c-can-pci is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-c-can-platform is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-mcp251x is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-slcan is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-usb-8dev is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-usb-ems is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-usb-kvaser is not available in the kernel config - generating empty package
logs/package/kernel/linux/compile.txt:WARNING: kmod-can-usb-peak is not available in the kernel config - generating empty package

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-14 20:56:11 +01:00
Hauke Mehrtens
d249635c5b kernel: kmod-can-flexcan: Fix flexcan.ko location
The flexcan.ko file was moved in upstream Linux:
https://git.kernel.org/linus/bfd00e021cf162049946a9e0047b0997d2b35fec
This fixes the build with kernel >= 5.17. This module was never build
with kernel 6.1 before.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-14 20:53:34 +01:00
Hauke Mehrtens
712cda1351 kernel: kmod-can-slcan: Fix can-slcan.ko location
The slcan.ko file was moved in upstream Linux:
https://git.kernel.org/linus/98b12064591d635db86da4957b547067dc6897cc
This fixes the build with kernel >= 6.0. This module was never build
with kernel 6.1 before.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-14 20:53:34 +01:00
Hauke Mehrtens
c00fbba57c kernel: kmod-crypto-gf128: Fix build with kernel 6.6
The gf128mul.ko module was moved in kernel 6.2:
https://git.kernel.org/linus/61c581a46a9668747d355436bd4b2505594539bd

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-14 20:53:34 +01:00
Hauke Mehrtens
091897fad2 kernel: kmod-crypto-user: Add missing dependency
The algif_rng.ko kernel module depends on the rng.ko kernel module with
kernel 6.6 when compiling for MIPS malta.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-14 20:53:34 +01:00
Christian Lamparter
7b911a9c49 firmware: intel-microcode: update to 20240312
Debian changelog:

intel-microcode (3.20240312.1) unstable; urgency=medium

  * New upstream microcode datafile 20240312 (closes: #1066108)
    - Mitigations for INTEL-SA-INTEL-SA-00972 (CVE-2023-39368):
      Protection mechanism failure of bus lock regulator for some Intel
      Processors may allow an unauthenticated user to potentially enable
      denial of service via network access.
    - Mitigations for INTEL-SA-INTEL-SA-00982 (CVE-2023-38575):
      Non-transparent sharing of return predictor targets between contexts in
      some Intel Processors may allow an authorized user to potentially
      enable information disclosure via local access.  Affects SGX as well.
    - Mitigations for INTEL-SA-INTEL-SA-00898 (CVE-2023-28746), aka RFDS:
      Information exposure through microarchitectural state after transient
      execution from some register files for some Intel Atom Processors and
      E-cores of Intel Core Processors may allow an authenticated user to
      potentially enable information disclosure via local access.  Enhances
      VERW instruction to clear stale register buffers.  Affects SGX as well.
      Requires kernel update to be effective.
    - Mitigations for INTEL-SA-INTEL-SA-00960 (CVE-2023-22655), aka TECRA:
      Protection mechanism failure in some 3rd and 4th Generation Intel Xeon
      Processors when using Intel SGX or Intel TDX may allow a privileged
      user to potentially enable escalation of privilege via local access.
      NOTE: effective only when loaded by firmware.  Allows SMM firmware to
      attack SGX/TDX.
    - Mitigations for INTEL-SA-INTEL-SA-01045 (CVE-2023-43490):
      Incorrect calculation in microcode keying mechanism for some Intel
      Xeon D Processors with Intel SGX may allow a privileged user to
      potentially enable information disclosure via local access.
  * Fixes for other unspecified functional issues on many processors
  * Updated microcodes:
    sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864
    sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912
    sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888
    sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720
    sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552
    sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264
    sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200
    sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008
    sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800
    sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800
    sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688
    sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616
    sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304
    sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448
    sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496
    sig 0x000806f8, pf_mask 0x87, 2024-01-03, rev 0x2b000590, size 579584
    sig 0x000806f7, pf_mask 0x87, 2024-01-03, rev 0x2b000590
    sig 0x000806f6, pf_mask 0x87, 2024-01-03, rev 0x2b000590
    sig 0x000806f5, pf_mask 0x87, 2024-01-03, rev 0x2b000590
    sig 0x000806f4, pf_mask 0x87, 2024-01-03, rev 0x2b000590
    sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480
    sig 0x00090672, pf_mask 0x07, 2023-09-19, rev 0x0034, size 224256
    sig 0x00090675, pf_mask 0x07, 2023-09-19, rev 0x0034
    sig 0x000b06f2, pf_mask 0x07, 2023-09-19, rev 0x0034
    sig 0x000b06f5, pf_mask 0x07, 2023-09-19, rev 0x0034
    sig 0x000906a3, pf_mask 0x80, 2023-09-19, rev 0x0432, size 222208
    sig 0x000906a4, pf_mask 0x80, 2023-09-19, rev 0x0432
    sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480
    sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544
    sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472
    sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496
    sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496
    sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280
    sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
    sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
    sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280
    sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256
    sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544
    sig 0x000b0671, pf_mask 0x32, 2023-12-14, rev 0x0122, size 215040
    sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
    sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121
    sig 0x000b06e0, pf_mask 0x11, 2023-09-25, rev 0x0015, size 138240
  * New microcodes:
    sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192
    sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
    sig 0x000c06f2, pf_mask 0x87, 2023-11-20, rev 0x21000200, size 549888
    sig 0x000c06f1, pf_mask 0x87, 2023-11-20, rev 0x21000200
  * source: update symlinks to reflect id of the latest release, 20240312
  * changelog, debian/changelog: fix typos

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Tue, 12 Mar 2024 20:28:17 -0300

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2024-03-14 20:22:08 +01:00
Robert Marko
694e647784 dnsmasq: reset PKG_RELEASE
dnsmasq was recently updated to 2.90, but PKG_RELEASE was not reset to 1.

Fixes: 838a27f64f ("dnsmasq: version 2.90")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-13 14:02:23 +01:00
Liu Dongmiao
51752fa14b libevent2: make cmake use relative imported path
libevent2's cmake use absolute path, then cmake cannot find it when cross compiling:

```
-- Found libevent include directory: /builder/staging_dir/target-mips_24kc_musl/usr/include
-- Found libevent component: /builder/staging_dir/target-mips_24kc_musl/usr/lib/libevent_core.so
-- Found libevent component: /builder/staging_dir/target-mips_24kc_musl/usr/lib/libevent_extra.so
-- Found libevent component: /builder/staging_dir/target-mips_24kc_musl/usr/lib/libevent_openssl.so
-- Found libevent 2.1.12 in /builder/staging_dir/target-mips_24kc_musl/usr
CMake Error at /builder/staging_dir/target-mips_24kc_musl/usr/lib/cmake/libevent/LibeventTargets-shared.cmake:102 (message):
  The imported target "libevent::core" references the file

     "/usr/lib/libevent_core-2.1.so.7.0.1"

  but this file does not exist.  Possible reasons include:

  * The file was deleted, renamed, or moved to another location.

  * An install or uninstall procedure did not complete successfully.

  * The installation package was faulty and contained

     "/builder/staging_dir/target-mips_24kc_musl/usr/lib/cmake/libevent/LibeventTargets-shared.cmake"

  but not all the files it references.

Call Stack (most recent call first):
  /builder/staging_dir/target-mips_24kc_musl/usr/lib/cmake/libevent/LibeventConfig.cmake:168 (include)
  CMakeLists.txt:34 (find_package)
```

This patch make cmake use relative imported path, so it can find libevent.

Signed-off-by: Liu Dongmiao <liudongmiao@gmail.com>
2024-03-13 00:24:43 +00:00
Paul Donald
f753d3152f lldpd: update URL
update Makefile URL

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-12 20:41:01 +01:00
Paul Donald
5364fe0f01 lldpd: shellcheck fixes
No functionality/behaviour changes; code is synonymous

Tested on: 22.03.6

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-12 20:40:25 +01:00
Paul Donald
497fafb8ae lldpd: implement lldp_policy parameter
For certain lldp_class scenarios (2 & 3) a policy must be set also.
Class 4 is default, although it's good to handle the policy eventuality.

Here, set a default lldp_policy for all lldp_class scenarios. Any
lldp_policy can now be set.

Depends on PR #14584 (which introduced an `if` block)

Tested on 22.03.5, 22.03.6

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-12 20:39:06 +01:00
Daniel Golle
f7a68458b4 kernel: modules: don't override NLS dependencies
Recent changes for Linux 6.6 broke things when building with older
kernels:
Package kmod-fs-jfs is missing dependencies for the following libraries:
nls_base.ko

Fix this by adding NLS dependencies after the added dependency applying
on Linux 6.6.

Fixes: f9198480da ("kernel: modules: fs: adapt for kernel 6.6")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-11 23:49:25 +00:00
Daniel Golle
b72a7bf186 fitblk: invert kernel version dependency
Allow building fitblk with Linux 6.6 by depending on !LINUX_5_15
instead of LINUX_6_1.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-11 20:17:26 +01:00
Weijie Gao
ba521e5cf2 ath10k-ct: fix build error on linux kernel 6.6
Fix a build error caused by fortify checking memcpy data range.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
01f0453970 rtl8812au-ct: fix build failure on linux kernel 6.6
Use the correct return status code to avoid incompatible type error

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
504cf50eea mt76: fix build failure on linux kernel 6.6
A commit introduced in kernel 6.6 has splitted page_pool.h into
several headers. Thus the included header must be modified for a
successful build.

Ref: a9ca9f9ceff3 (page_pool: split types and declarations from
page_pool.h)

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
a325c5fa01 mac80211: fix build with linux kernel 6.6
Fix build failure with linux kernel 6.6

Related kernel commits:

20b0b53aca43 (genetlink: introduce split op representation)

bffcc6882a1b (genetlink: remove userhdr from struct genl_info)

e9a688bcb193 (random: use rejection sampling for uniform bounded
random integers)

3c202d14a9d7 (prandom: remove prandom_u32_max())

3d2f20ad46f8 (wifi: iwlwifi: Use generic thermal_zone_get_trip()
function)

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
7fcbcea751 gpio-button-hotplug: fix 6.2 build failure
devm_gpiod_get_from_of_node() was removed since linux 6.2.
devm_fwnode_gpiod_get() is the recommended replacement.

Link:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/gpio/gpiolib-devres.c?id=650f2dc970539b3344a98c4bd18efa309e66623b

Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Robert Marko
729ad2feb3 kernel: crypto: add kmod-crypto-geniv as dependency to modules that use it
Now that geniv is packaged separately for kernel 6.6, we need to add it
as a dependency to kmod-crypto-seqiv and kmod-crypto-echainiv that require
it under kernel 6.6.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-11 20:17:26 +01:00
Robert Marko
e129450321 kernel: crypto: remove geniv from aead with kernel 6.6
geniv was separated intentionally from aead in kernel 6.5, and since
we now have it packaged separately as well remove it from kmod-aead
in 6.6.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-11 20:17:26 +01:00
Robert Marko
b065981e15 kernel: crypto: package geniv as a separate module for 6.6
In kernel 6.5 geniv was split from AEAD config symbol, in order to manage
its dependencies on other code.

So, lets do the same in OpenWrt and split it from aead module so others
can depend on geniv directly.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-11 20:17:26 +01:00
Tan Zien
faf3d80bf1 kernel: modules: hwmon: adapt for kernel 6.6
Adapt hwmon kmods for building under kernel 6.6:
* ad7418 now requires regmap
* Invert criteria to allow adt7410 be built with Linux 6.1 as well
  as Linux 6.6.

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
35b04bafa1 kernel: modules: crypto: adapt for kernel 6.6
Adapt crypto kmods for building under kernel 6.6:
* mpi.ko moved from lib/mpi/mpi.ko to lib/crypto/mpi/mpi.ko
* jitterentropy_rng requires SHA3 support for kernel 6.6

Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Tan Zien <nabsdh9@gmail.com>
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
5b08b56007 kernel: modules: video: adapt for kernel 6.6
Adapt video kmods for building under kernel 6.6:
* Add drm_exec.ko and drm_suballoc_helper.ko for kmod-drm as they
are added since 6.6 and 6.4
* Add uvc.ko for kmod-video-uvc as related contents was split as a
new module since 6.3

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
85ede9291b kernel: modules: block: adapt for kernel 6.6
Adapt block kmods for building under kernel 6.6:
* To build scsi_transport_iscsi.ko, change CONFIG_SCSI_ISCSI_ATTRS
from =y to =m as this config is always tristate since 2.6.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
f9198480da kernel: modules: fs: adapt for kernel 6.6
Adapt fs kmods for building under kernel 6.6:
* Add kmod-fs-netfs as dependency for kmod-fs-9p
* Add kmod-fs-netfs as dependency for fs-smbfs-common as netfs is
required for cifs since 6.3
* Add new kmod-nls-ucs2-utils as dependency for smbfs/jfs as UCS2
support was split as new module since 6.6.
* Add kmod-lib-zlib-deflate and kmod-lib-zlib-inflate as
dependencies for kmod-pstore due to crypto API compression was
replaced with zlib_deflate library calls since 6.6
* Remove nfs_ssc.ko from kmod-fs-nfs-common. The nfs_ssc was no
longer a kernel module described by NFS_V4_2_SSC_HELPER since 5.13 [1]

Link:
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/Kconfig?id=d9092b4bb2109502eb8972021a3f74febc931a63

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
ef523fdb07 kernel: modules: usb: adapt for kernel 6.6
Adapt usb kmods for building under kernel 6.6:
* Add kmod-phylink as dependency for usb-net-asix
* Add kmod-net-selftests as dependency for usb-net-smsc95xx
* Add kmod-iio-core as dependency for usb-hid-mcp2221 as ADC/DAC
support was added since 6.2 which requires IIO.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Daniel Golle
ad2906b405 kernel: modules: netdevices: adapt for kernel 6.6
Adapt netdevices kmods for building under kernel 6.6:
* Add missing module dependency for kmod-stmmac-core on kmod-of-mdio.
* Invert criteria to allow Airoha EN8811H PHY driver to build with
  Linux 6.1 as well as Linux 6.6.
* Mellanox mlx5 driver started exposing thermal sensors and now it requires
  hwmon

Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-11 20:17:26 +01:00
Weijie Gao
48b52d51dc kernel: modules: netsupport: adapt for kernel 6.6
Adapt netsupport kmods for building under kernel 6.6:
* common part of mqprio was split into a new Kconfig since 6.3.
Add new kmod-sched-mqprio-common as dependency for kmod-sched-mqprio.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
0c98d99c5e kernel: modules: input: adapt for kernel 6.6
Adapt input kmods for building under kernel 6.6:
* kmod-input-touchscreen-edt-ft5x06 depends on kmod-regmap-i2c
from 6.3 as it starts to use regmap to access registers
* CONFIG_HID_SUPPORT needs to be set in addition to CONFIG_HID.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Weijie Gao
8d83b9ee2d kernel: modules: iio: adapt for kernel 6.6
Adapt iio kmods for building under kernel 6.6:
* kmod-iio-lsm6dsx depends on kmod-kmod-industrialio-triggered-buffer
from 6.2

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-11 20:17:26 +01:00
Daniel Golle
5f230cd0b1 uboot-mediatek: fix typo patch filename
311-mt7986-select-roodisk.patch -> 311-mt7986-select-rootdisk.patch

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-11 19:14:14 +00:00
Daniel Golle
2302a7c5ad uboot-mediatek: fix patch order
Make sure patch sequence number is unique by moving patch
440-add-jdcloud_re-cp-03.patch -> 441-add-jdcloud_re-cp-03.patch

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-11 19:14:14 +00:00
Paul Donald
53252eeb3b lldpd: Implement location parameter
Previously only partially implemented. After commit
5007f488bb lldp_location was never removed

Now, add the value of lldp_location to the generated config.

The location param has a few syntaxes, so the config acquires the first
usage from the man page: 'address country EU'

Supplementary fix for PR #14193 (this param was included in the original
PR #13018 but the lldp_location fixes were absent from PR #14193).

Tested on 22.03.5, 22.03.6

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 15:35:58 +01:00
Paul Donald
79ee4cb039 lldpd: fix error "sh: XXXms: bad number"
from commit 3ce909914a

The lldpd man page says that "configure lldp tx-interval" can
specify an interval value in milliseconds by appending a "ms" suffix to
the figure. Thus mandating string handling, and not integer comparison.

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Paul Donald
228d4e7f1b lldpd: refactor out ifaces derivation; reuse function
from commit 909f063066

Now pass two params to get_config_cid_ifaces() for:

cid_interface
interface

Each of which is a CSV of interfaces.

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Paul Donald
4dcece46a7 lldpd: remove unneeded quotes
from commit a5f715da71

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Paul Donald
bd1b17d589 lldpd: remove unneeded quotes and variable quoting
from commit ac771313eb

portidsubtype takes 1 of 2 possible keywords which do not need quoting:

         configure lldp portidsubtype ifname | macaddress

The third keyword 'local' is used in the syntax when individual ports
are being defined:

         configure [ports ethX [,…]] lldp portidsubtype local value

When this syntax is used, quoting is useful (see test cases for lldpd).
In the init file, the 'local' syntax is unused.

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Paul Donald
24a4da527f lldpd: remove unneeded quotes and variable quoting
from commit c98ee4dbb3

agent-type takes 1 of 3 possible keywords which do not require quoting:

         configure lldp agent-type nearest-bridge | nearest-non-tpmr-bridge
         | nearest-customer-bridge

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Paul Donald
b039641071 lldpd: remove unneeded quotes and variable quoting
from commit 3ce909914a

'capabilities enabled x' where x is a string of CSV

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Paul Donald
82ec853284 lldpd: remove unneeded quotes
from commit 3ce909914a

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Paul Donald
20a4dddeb0 lldpd: remove unneeded quotes and variable quoting
from commit 24176a6bdd

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Paul Donald
4fb8fea6de lldpd: fix a paste error
from commit 1be2088a52

The original PR #13018 did not exhibit this.

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Paul Donald
1909b6f883 lldpd: spell fixes
Supplementary fix for PR #14193

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Paul Donald
97eb3bf76c lldpd: fix -k 'lldp_no_version' row
Supplementary fix for PR #14193 and commit
b67182008f

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-03-11 09:58:20 +01:00
Nathaniel Wesley Filardo
838a27f64f dnsmasq: version 2.90
Bump to 2.90 to get upstream's fix for DNSSEC KeyTrap (CVE-2023-50387,
CVE-2023-50868) among many other goodies and fixes (notably, upstream
568fb024... fixes a UAF in cache_remove_uid that was routinely crashing
dnsmasq in my deployment).

Catch up our 200-ubus_dns.patch, too.

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
2024-03-11 09:55:15 +01:00
Zoltan HERPAI
ce1138867c mac80211: select BRCMFMAC_SDIO on starfive
As the Visionfive V1 board has an Ampak module connected via SDIO, enable
support for SDIO in the brcmfmac module.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-03-10 18:21:50 +01:00
Zoltan HERPAI
db0d7cf6a1 usb: add cdns3 support
CDNS3 is a SuperSpeed (SS) USB 3.0 Dual-Role-Device (DRD) controller from
Cadence. Add support for this device, and add the required symbols into
the generic configs.

Compile-tested: apm821xx, bcm4908, imx, mpc85xx, pistachio, starfive

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-03-10 18:21:41 +01:00
Sungbo Eo
ec45f2f246 ramips: rename mtd partition of ipTIME NAND devices
Contrary to common ipTIME NOR devices, the "Config" partition of T5004
and AX2004M contain normal U-Boot environment variables. Renaming the
partition into "u-boot-env" serves for better description, and it also
conforms to common naming practice in OpenWrt.

This patch might also be extended to A3004T, but its u-boot-env
partition layout has not been confirmed yet.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2024-03-10 16:32:14 +09:00
Shiji Yang
97f542238a mac80211: rtl8xxxu: sync with linux-next 20240229
Backporting upstream patches to improve RTL8188F support.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-03-09 23:42:37 +01:00
Shiji Yang
860dd27617 firmware: add firmware package for Realtek RTL8188FU
Realtek RTL8188F is an 802.11n 1x1 USB Wi-Fi adapter. It has been
supported by the upstream rtl8xxxu driver since Linux 6.2 kernel.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-03-09 23:42:37 +01:00
Christian Lamparter
7241a91c94 firmware: intel-microcode: update to 20231114
Debian changelog:

intel-microcode (3.20231114.1) unstable; urgency=medium

  * New upstream microcode datafile 20231114 (closes: #1055962)
    Mitigations for "reptar", INTEL-SA-00950 (CVE-2023-23583)
    Sequence of processor instructions leads to unexpected behavior for some
    Intel(R) Processors, may allow an authenticated user to potentially enable
    escalation of privilege and/or information disclosure and/or denial of
    service via local access.
    Note: "retvar" on 4th gen Xeon Scalable (sig 0x806f8 pfm 0x87), 12th gen
    Core mobile (sig 0x906a4 pfm 0x80), 13th gen Core desktop (sig 0xb0671 pfm
    0x01) were already mitigated by a previous microcode update.
  * Fixes for unspecified functional issues
  * Updated microcodes:
    sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008
    sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816
    sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664
    sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616
    sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304
    sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448
    sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416
    sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
    sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
    sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
    sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
    sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
    sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184
    sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290
    sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290
    sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290
    sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290
    sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208
    sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032
    sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032
    sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032
    sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032
    sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160
    sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430
    sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430
    sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760
    sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448
    sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944
    sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064
    sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c
    sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c
    sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192
  * Updated 2023-08-08 changelog entry:
    Mitigations for "retvar" on a few processors, refer to the 2023-11-14
    entry for details.  This information was disclosed in 2023-11-14.
  * source: update symlinks to reflect id of the latest release, 20231114

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Thu, 16 Nov 2023 08:09:43 -0300

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2024-03-09 20:00:11 +01:00
Christian Lamparter
0671803bc5 Revert "ipq-wifi: fix upstream board-2.bin ZTE M289F snafu"
This reverts commit 75505c5ec7.
The issue has been fixed upstream.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2024-03-09 20:00:11 +01:00
Daniel Golle
efa71c532e uboot-mediatek: add 'rootwait' to bootargs where needed
Probing of the fitblk driver in some situations happens after Linux
attempts to mount rootfs, which then fails.
Always use 'rootwait' kernel parameter when using fitblk for rootfs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-09 13:59:58 +00:00
Felix Fietkau
1f5fd5cb97 mac80211: fix a regression in the broadcast AQL patch
The AQL limit for buffered broadcast packets is higher than the maximum
total pending airtime limit. This can get unicast data stuck whenever there
is too much pending broadcast data. Fix this by excluding broadcast AQL from
the total limit.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-03-08 22:46:32 +01:00
Felix Fietkau
e3bb01b30e mbedtls: enable threading support
Fixes libssh, which requires it. Bump ABI_VERSION, since enabling this
option affects data structures in mbedtls include files.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-03-08 22:46:32 +01:00
Robert Marko
ce2b302ca4 kernel: crypto: use ARM64 SHA256 CE optimized module for more targets
At start I only set qualcommax to use the Crypto Extensions optimized
version of SHA256 as I knew it supports the optional Crypto Extensions.

However, after looking into the tree there are more targets/subtargets
that I could find at least a specification sheet that says the support
Cryptographic Extensions, so lets add them.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-08 17:16:18 +01:00
Robert Marko
90c09ede93 kernel: crypto: use ARM64 SHA1 CE optimized module for more targets
At start I only set qualcommax to use the Crypto Extensions optimized
version of SHA1 as I knew it supports the optional Crypto Extensions.

However, after looking into the tree there are more targets/subtargets
that I could find at least a specification sheet that says the support
Cryptographic Extensions, so lets add them.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-08 17:16:18 +01:00
Christian Marangi
abbe909569
libiwinfo: update to Git HEAD (2024-03-08)
163a640fef30 devices: add device id for Qualcomm Atheros QCA6174
8ffb8bfd1115 devices: add add Qualcomm Atheros IPQ6018 WiSoC compatible

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-03-08 14:26:34 +01:00
Sergey Ponomarev
9da90971ab ubox: make logread as an alternative
The logread can be replaced with syslog-ng.
To support this it should be an alternative itself.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
2024-03-08 15:38:37 +08:00
Hauke Mehrtens
662e052588 linux-firmware: Update to version 20240220
This updates the following firmware files:
airoha-en8811h-firmware/lib/firmware/airoha/EthMD32.DSP.bin
airoha-en8811h-firmware/lib/firmware/airoha/EthMD32.dm.bin
amdgpu-firmware (Many files)
ar3k-firmware/lib/firmware/qca/hpnv21.bin
ar3k-firmware/lib/firmware/qca/hpnv21g.bin
ath10k-board-qca4019/lib/firmware/ath10k/QCA4019/hw1.0/board-2.bin
ath10k-board-qca9888/lib/firmware/ath10k/QCA9888/hw2.0/board-2.bin
ath10k-firmware-qca6174/lib/firmware/ath10k/QCA6174/hw3.0/firmware-6.bin
ath11k-firmware-wcn6750/lib/firmware/ath11k/WCN6750/hw1.0/board-2.bin
ath11k-firmware-wcn6855/lib/firmware/ath11k/WCN6855/hw2.0/amss.bin
ath11k-firmware-wcn6855/lib/firmware/ath11k/WCN6855/hw2.0/board-2.bin
ath11k-firmware-wcn6855/lib/firmware/ath11k/WCN6855/hw2.1/amss.bin
ath11k-firmware-wcn6855/lib/firmware/ath11k/WCN6855/hw2.1/board-2.bin
ibt-firmware/lib/firmware/intel/ibt-0040-0041.ddc
ibt-firmware/lib/firmware/intel/ibt-0040-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-0040-1050.sfi
ibt-firmware/lib/firmware/intel/ibt-0040-4150.sfi
ibt-firmware/lib/firmware/intel/ibt-0041-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-0180-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-0180-1050.sfi
ibt-firmware/lib/firmware/intel/ibt-0180-4150.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-0041.sfi
ibt-firmware/lib/firmware/intel/ibt-1040-4150.sfi
iwlwifi-firmware-be200/lib/firmware/iwlwifi-gl-c0-fm-c0-83.ucode
iwlwifi-firmware-be200/lib/firmware/iwlwifi-gl-c0-fm-c0.pnvm

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-07 19:37:36 +01:00
Robert Marko
e247763617 ath25: drop target
ath25 has been on life support for the last couple of releases, eventually
leading to marking it as source-only in 2023.

It has been basically only touched to do a kernel bump so that we can make
the new OpenWrt release which was a challenge due to small RAM amount.

However, with the attempt of kernel 6.1 update it turns out that kernel
cannot even finish booting due to RAM constraints, so its time to let this
target go.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-07 12:15:51 +01:00
Sven Eckelmann
71411cb8b8 ath11k-firmware: Move from kvalo to new upstream repository
It was announced [1] that the original staging repositories are no longer
used for staging of new firmware binaries. And that the old repository will
be removed [2] in June 2024.

The ath11k-firmware package must therefore point to the new repository
before the old one is no longer accessible.

[1] https://lore.kernel.org/r/bac97f31-4a70-4c4c-8179-4ede0b32f869@quicinc.com
[2] 8d2cc160f3

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2024-03-07 09:37:42 +01:00
Robert Marko
5b1d6d4607 kernel: crypto: add SHA512 ARM64 ASM optimized module
Kernel has an ASM optimized version of SHA512 that was ported from
OpenSSL, so lets package it as it provides significant perfomance
improvement compared to the generic implementation.

There is a Cryptographic Extension based version as well, but that relies
on ARMv8.2 ISA which I am not aware any of the OpenWrt supported SoC-s use.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-06 22:00:58 +01:00
Robert Marko
4443470a57 kernel: crypto: add SHA2(224 and 256) ARM64 CE optimized module
Kernel has optimized version of SHA2(224 and 256) using the ARMv8 Crypto
Extensions, so lets package it.

Use it by default for qualcommax as it uses Cortex-A53 core and has ARMv8
CE extensions present.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-06 18:38:28 +01:00
Robert Marko
09207c0348 kernel: crypto: add SHA256 ARM64 ASM optimized module
Kernel has an ASM optimized version of SHA256 that was ported from
OpenSSL, so lets package it as it provides significant perfomance
improvement compared to the generic implementation.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-06 18:30:21 +01:00
Robert Marko
9425064bdb kernel: crypto: add SHA1 ARM64 CE optimized module
Kernel has optimized version of SHA1 using the ARMv8 Crypto Extensions,
so lets package it.

Use it by default for qualcommax as it uses Cortex-A53 core and has ARMv8
CE extensions present.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-06 12:16:11 +01:00
Weijie Gao
d40d64fc62 cryptodev-linux: update to 1.13
Update to 1.13 with upstream backports.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-03-06 10:17:45 +01:00
Robert Marko
fdb563c1a5 kernel: qca-ssdk: refresh PCS patch
Recently added PCS patch requires a refresh, so lets do it.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-05 21:43:54 +01:00
Robert Marko
3e6f64d443 kernel: crypto: package SHA3
SHA3 is now required by jitterentropy_rng in kernel 6.6, so lets start
preparing by packaging SHA3 support as its supported in 5.15 and 6.1
kernels as well.

AFAIK, only ARMv8.2 has a crypto extension for SHA3, however I am not aware
of any SoC we support that uses ARMv8.2 ISA so its not enabled currently.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-03-05 20:23:46 +01:00
Rafał Miłecki
4efbfcd996 base-files: sysupgrade: handle errors when generating backup
1. Return error if any step of generating tar file fails
2. Use pipefail to avoid calling "gzip" if tar failed

Fixes: e36cc53092 ("base-files: sysupgrade: use tar helper to include installed_packages.txt")
Reported-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Cc: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-03-05 11:54:55 +01:00
Dirk Buchwalder
93610492b6 qualcommax: ipq60xx: add support for netgear wax214
Netgear WAX214 is a 802.11 ax dual-band AP
    with PoE. (similar to Engenius EWS357APV3)

    Specifications:

        •     CPU: Qualcomm IPQ6010 Quad core Cortex-A53
        •     RAM: 512MB of DDR3
        •     Storage: 128MB NAND (Macronix MX30UF1G18AC)
        •     Ethernet: 1x 1G RJ45 port (QCA8072) PoE
        •     WIFI:
              2.4GHz: Qualcomm QCN5022 2x2 802.11b/g/n/ax 574 Mbps PHY rate
              5GHz: Qualcomm QCN5052 2x2 802.11a/b/g/n/ac/ax 1201 PHY rate

        •     LEDs:
              4 x GPIO-controlled LEDs
                - 1 Power LED (orange)
                - 1 LAN LED (blue)
                - 1 WIFI 5g LED (blue)
                - 1 WIFI 2g LED (blue)
                black_small_square  Buttons: 1x soft reset
                black_small_square  Power: 12V DC jack or PoE (802.3af )

            An populated serial header is onboard, format is
             1.25mm 4p (DF13A-4P-1.25H)
            RX/TX is working, bootwait is active, secure boot is not
            enabled.

            The root password of the stock firmware is unknown,
            but failsafe mode can be entered to reset the password.

            Installation Instructions:

                - obtain serial access
                - stop auto boot (press "4", Entr boot command line
		  interface)
                - setenv active_fw 0 (to boot from the primary rootfs,
                  or set to 1 to boot from the secondary rootfs
                  partition)
                - saveenv

                - tftpboot the initramfs image
                - bootm

                - copy
		  openwrt-qualcommax-ipq60xx-netgear_wax214-squashfs-factory.ubi
                  to the device
                - write the image to the NAND:
                   - cat /proc/mtd and look for rootfs partition (should
		     be mtd11,
                     or mtd12 if you choose active_fw 1)
                   - ubiformat /dev/mtd11 -f -y
		     openwrt-qualcommax-ipq60xx-netgear_wax214-squashfs-factory.ubi
                - reboot

            Note: the firmware is senao-based. But I was unable to build
                  a valid senao-header into the image.
                  Maybe they changed the header format and senaoFW isn't
                  working any more.

Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>
2024-03-05 06:34:35 +01:00
Dirk Buchwalder
e8a2fd241d ipq-wifi: update to version 2024-03-04
The new version adds support for the Netgear WAX214.

Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>
2024-03-05 06:34:35 +01:00
John Audia
bd6b37f463 kernel: Remove dsmark support
dsmark support was removed in kernel 5.15.150 and 6.1.80. Remove it from
the kmod package as well

Signed-off-by: John Audia <therealgraysky@proton.me>
2024-03-05 00:23:59 +01:00
Matthias Schiffer
2b46cbef81
build: do not depend on $(STAGING_DIR)/.prepared when in SDK
The dependency can't be satisfied when building using the SDK, breaking
package builds. As the staging and bin dirs are distributed with the SDK
archive, ignoring the dependency is fine when SDK is set.

Fixes: fbb924abff ("build: add $(STAGING_DIR) and $(BIN_DIR) ...")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2024-03-04 23:45:15 +01:00
Álvaro Fernández Rojas
4b3c1251a4 base-files: sysupgrade: allow overriding config restore
Some platforms like Raspberry Pi require patching some backup files like
cmdline.txt in order to set the correct root PARTUUID.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-03-04 16:27:39 +01:00
Jo-Philipp Wich
6f6406a132 base-files: sysupgrade: fix streaming backup archives to stdout
Due to previous refactoring in sysupgrade, writing backup archives to
stdout became impossible since the hardcoded gzip output redirection
did not account for the `-` special case filename.

Fix this issue by substituting `-` with `/proc/self/fd/1` in the tar
archive output path variable.

Also remove a redundant `rm -f` of the target file path that occurs
before the file could've possibly been written.

Fixes: #14773
Fixes: https://github.com/openwrt/luci/issues/6961
Fixes: e36cc53092 ("base-files: sysupgrade: use tar helper to include installed_packages.txt")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-03-04 14:58:10 +01:00
Matthias Schiffer
fbb924abff
build: add $(STAGING_DIR) and $(BIN_DIR) preparation to target and package subdir compile dependencies
In a pristine build, these directories are created as dependencies of
the tools subdir compile, however this step never runs when the tools
compile stamp already exists. Since commit ed6ba2801c ("tools: keep
stamp file in $(STAGING_DIR_HOST)"), this will happen after `make clean`:
$(STAGING_DIR) has been deleted, but the tools stamp still exists, so
the next build will fail because $(STAGING_DIR) has not been set up
correctly.

Fix builds after `make clean` by adding the preparation as dependencies
for the target and package directories as well.

Fixes: ed6ba2801c ("tools: keep stamp file in $(STAGING_DIR_HOST)")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2024-03-03 23:13:59 +01:00
Daniel Golle
37bbed6f95 kernel: lantiq: ltq-vmmc: introduce user group for vmmc
asterisk-chan-lantiq is by now the only user of the VMMC interface.
And asterisk runs as user 'asterisk' which doesn't give it permission
to open the /dev/vmmc* devices.
Introduce a new user group 'vmmc' and give permission to access the
/dev/vmmc* devices to that group.
Another commit for asterisk-chan-lantiq will add the 'asterisk' user
to that group.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-03 15:44:52 +00:00
Tianling Shen
4f668091bf u-boot.mk: override default PATH to avoid pick hostpkg python
hostpkg python from packages feed can be picked when do a incremental
build because hostpkg has higher priority in PATH. It may lead build
faliure as it's heavily trimmed (e.g. lacks necessary modules).

For uboot which uses binman and intree dtc, this is forced as hostpkg
python will never provide those modules by default.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-03-02 14:17:31 +01:00
Pawel Dembicki
766e688b30 ls-mc: bump to 10.38.0
Update ls-mc to latest 10.38.0 version.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-03-02 14:08:08 +01:00
Pawel Dembicki
16d9d91fed ls-dpl: bump to 10.38.0
Update ls-dpl to latest 10.38.0 version.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2024-03-02 14:08:08 +01:00
Daniel Golle
f08e63bd83 uboot-mediatek: remove rootfs_data before attempting to replace fip
Make sure there is enough space to replace 'fip' volume and always
remove rootfs_data before.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-03-01 00:59:49 +00:00
Linus Walleij
ef34f8f5b5 kirkwood: Add Marvell RTC to all machines with nothing else
The Kirkwood SoCs all have an onchip RTC that can hold the time
over e.g. a reboot which will help if no NTP servers are available.

Create a kernel module package for the Marvell RTC, and add it to
all Kirkwood devices that do not have their own discrete
battery-backed RTC. Adding it to platforms with a proper RTC
is just surplus.

All Kirkwoods have at least one RTC so add RTC to the features
list for Kirkwood as well.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2024-02-29 23:01:38 +01:00
Zoltan HERPAI
55c7b2cdaf uboot-d1: cleanup Makefile
Clean up leftover PKG_HASH.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-02-29 17:06:04 +01:00
Zoltan HERPAI
d41d9befb9 uboot-d1: add bootloader for upcoming d1 target
Add u-boot bootloader based on 2023.01 to support D1-based boards, currently:

 - Dongshan Nezha STU
 - LicheePi RV Dock
 - MangoPi MQ-Pro
 - Nezha D1

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-02-29 16:50:20 +01:00
Zoltan HERPAI
f8436018fd opensbi: allow building on upcoming d1 target
U-boot on D1 also uses OpenSBI as its payload. As the current version of
OpenSBI already supports D1 with no further patches required, allow
building it on the upcoming TARGET_d1 too.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2024-02-29 16:50:19 +01:00
Rafał Miłecki
0ad062a21b base-files: sysupgrade: add uci-defaults script disabling services #2
Disabled services should be kept disabled after sysupgrade. This can be
easily handled using a proper uci-defaults script.

Extend sysupgrade to check for disabled services, generate uci-defaults
script disabling them and include it in backup.

Cc: Christian Marangi <ansuelsmth@gmail.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Cc: Jonas Gorski <jonas.gorski@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2024-02-29 16:12:06 +01:00
Rafał Miłecki
e36cc53092 base-files: sysupgrade: use tar helper to include installed_packages.txt
Replace mount + overlay with manually built tar archive that gets
prepended to the actual config files backup. This allows more
flexibility with including extra backup files. They can be included at
any paths and don't require writing to flash or mounting an overlay
which has its own limitations (mount points).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2024-02-29 16:12:06 +01:00
Jo-Philipp Wich
08495b7f24 base-files: sysupgrade: add tar.sh with helpers for building archives
This allows building uncompressed tar archives from shell scripts (and
compressing them later if needed)

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
[rmilecki: adapt to sysupgrade needs]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-02-29 16:11:47 +01:00
Tianling Shen
d6e008ace9 uboot-mediatek: correct board name for BananaPi BPi-R3 Mini
It should be "BananaPi BPi-R3 Mini" instead of just "BananaPi BPi-R3".

Fixes: bc25519f98 ("uboot-mediatek: add builds for BananaPi BPi-R3 mini")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-02-28 12:48:43 +08:00
Paul Donald
dd8850756d umdns: prevent a few 'uci: Entry not found'
pass '-q' switch to uci to prevent spurious output

Signed-off-by: Paul Donald <newtwen@gmail.com>
2024-02-27 20:10:08 +01:00
Julius Lehmann
1d456c5e7a dnsmasq: Fix wrong format for --dhcp-boot option
dnsmasq --dhcp-boot option uses 'tag' instead of 'net' to specify tags

Signed-off-by: Julius Lehmann <lehmanju@devpi.de>
2024-02-26 21:24:37 +01:00
Oskari Rauta
597f9cf6b3 e2fsprogs: add libe2p and development headers
this patch separates libe2p from e2fsprogs package, like all other
provided libraries are their own packages. Also some development headers
were missing so I added those along with pkg-config files.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
2024-02-26 21:19:10 +01:00
Daniel Golle
0c18c5679a base-files: export whole disk of fitblk backing partition
After commit ad62247800 ("base-files: improve lib/upgrade/common.sh")
behavior of export_bootdevice has been made consistent in such way that
always the whole disk device is exported (as that was the case already
when matching via UUID) rather than the partition device.
Do the same for the device holding the fitblk backing partition.

Fixes: 5992f976b3 ("base-files: recognize bootdevice on devices using fitblk")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-26 04:01:10 +00:00
Daniel Golle
fc865eb3ae uboot-envtools: replace use of platform_get_bootdev
Use new function fitblk_get_bootdev in /lib/upgrade/common.sh instead.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-26 01:29:22 +00:00
Daniel Golle
5992f976b3 base-files: recognize bootdevice on devices using fitblk
Boards using the fitblk driver need special treatment when it comes to
detecting the actual block device used to store the image used to boot
from. Transparently handle this in 'export_bootdevice' and provide new
'fitblk_get_bootdev' function to replace implementations in
/lib/upgrade/platform.sh.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-26 01:29:22 +00:00
Paweł Owoc
c2537f3c8f ipq-wifi: update to version 2024-02-25, remove unused ipq8174 extension
fc30aee ipq8074: remove regdomain, update regdb and rename MX4200 BDF
Remove unused ipq8174 extension

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
2024-02-25 15:04:31 +01:00
Daniel Golle
c378927ef8 procd: update to git HEAD
2f94972 hotplug-dispatch: don't filter empty env variables
 1901aba system: break infite loop resolving rootfs type

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-24 04:00:15 +00:00
Daniel Golle
6368ed1ae5 mediatek: mt7623: phase out uImage.FIT partition parser
Use the new fitblk driver on the BananaPi R2 as well as UniElec U7623.
Introduce boot device selection for fitblk's /chosen/rootdisk
handle, similar to how it is already done on MT7622, MT7986 and MT7988.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-24 03:02:35 +00:00
Daniel Golle
9b6427e908 uboot-mediatek: fix truncated patch
The default environment for the Linksys E8450 and Belkin RT3200 got
truncated by one line due to a broken patch. While the impact was
luckily only cosmetic, fix it so bootmenu title also shows U-Boot
version again.

Fixes: 6aec3c7b5b ("mediatek: mt7622: modernize Linksys E8450 / Belkin RT3200 UBI build")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-24 03:02:35 +00:00
Marcin Gajda
07b9186e88 ipq40xx: Add support Netgear LBR20
**Netgear LBR20** is a router with two gigabit ethernets , three wifi radios and integrated LTE cat.18 modem.

SoC Type: Qualcomm IPQ4019
RAM: 512 MiB
Flash: 256 MiB , SLC NAND, 2 Gbit (Macronix MX30LF2G18AC)
Bootloader: U-Boot
Modem: LTE CAT.18 Quectel EG-18EA ,  Max. 1.2Gbps downlink / 150Mbps uplink

WiFi class AC2200:
- radio0 : 5G on QCA9888 , WiFi5- 802.11a/n/ac MU-MIMO 2x2 , 887Mbps , 80MHz - limited for low channels
- radio1: 2,4G on IPQ4019 ,WiFi4- 802.11b/g/n MIMO2x2 300Mbps 40Mhz
- radio2: 5G on IPQ4019 , WiFi5- 802.11a/n/ac MU-MIMO 2x2 , 887Mbps ,80Mhz - limited for high channels  (from 100 up to 165) . Becouse of DFS remember to set country before turning on.

Ethernet: 2x1GbE (WAN/LAN1, LAN2)
LEDs:  section power : green and red  , section on top (orbi) drived by TLC59208F: red, green ,blue and white
USB ports: No
Buttons:  2 Reset and SYNC(WPS)
Power: 12 VDC, 2,5 A
Connector type: Barrel

OpenWRT Installation
1. Simplest way is just do upgrade from webpage with *factory.img
2. You can also do it with standard tool for Netgear's debricking - NMPRFlash
3. Most advanced way is to open device , connect to UART console and :
- Prepare OpenWrt initramfs image in TFTP server root (server IP 192.168.1.10)
- Connect serial console (115200,8n1) to UART connector
- Connect TFTP server to RJ-45 port
- Stop in u-Boot and run u-Boot command:

> setenv serverip 192.168.1.10
> set fdt_high 0x85000000
> tftpboot 0x83000000 openwrt-ipq40xx-generic-netgear_lbr20-initramfs-zImage.itb
> bootm 0x83000000

- Login via ssh
- upload or download *sysupgrade.bin ( like wget ... or scp transfer)
-  Install image via "sysupgrade -n" (like “sysupgrade -n /tmp/openwrt-ipq40xx-generic-netgear_lbr20-squashfs-sysupgrade.bin”)

Back to Stock
- Download firmware from official Netgear's webpage , it will be *.img file after decompressing.
- Use NMRPFlash tool  ( detailed insructions on project page https://github.com/jclehner/nmrpflash )

Open the case
- Unscrew nuts and remove washers from antenna's conectors.
- There are two Torx T10 screws under the label next to antenna conectors. You have to unglue this label from left and right corner to get it
- Two parts of shell covers will slide out from eachother , you have to unglue two small rubber pads and namplate sticker on bottom to do that.
- PCB is screwed with 4Pcs of Torx T10 screws
- Before lifting up PCB remove pigtiles for LTE antennas and release them from PCB and radiator (black and white wires)
- On other side of PCB ,in left bottom corner there is already soldered with 4 pins UART connector for console. Counting from left it is  +3,3V , TX , RX ,GND (reffer to this picture: https://i.ibb.co/Pmrf9KB/20240116-103524.jpg )

BDF's files are in firmware_qca-wireless  https://github.com/openwrt/firmware_qca-wireless/ and in parallel sent to ath10k@lists.infradead.org.

Signed-off-by: Marcin Gajda <mgajda@o2.pl>
2024-02-23 19:46:23 +01:00
Daniel Golle
ae2dced6ce
rpcd: update to latest git HEAD
8ef4c25 sys: use "Auto-Installed" field for packagelist

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-23 15:59:05 +01:00
Robert Marko
9bd7d8b756 ipq-wifi: fix archive hash
It seems that ipq-wifi bump included and incorrect PKG_MIRROR_HASH value,
so fix it by using:
make package/firmware/ipq-wifi/check FIXUP=1

Fixes: 70fd815e57 ("qualcommax: ipq807x: add support for Linksys MX5300")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-02-23 14:14:05 +01:00
Eneas U de Queiroz
375dd23011 mac80211: only build ath10k with smallbuffers
When both variants of ath10k drivers are selected, any driver that is
selected along is being built twice, one for each ath10k variant.

Avoid these redundant builds by introducing an optional second parameter
to config_package that lists the variants for which the package is to be
built.

If the symbol is to be set for all of the variants, $(ALL_VARIANTS) can
be used.  This is the case for the mac80211 and cfg80211 modules.  If
the parameter is empty, then the module will be selected and thus built
when the first variant is compiled.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2024-02-23 14:02:53 +01:00
Eneas U de Queiroz
4390ea484d mac80211: build each variant in its own dir
Having different build directories is the default when the package
Makefile defines more than one variant.

Mac80211 overrides PKG_BUILD_DIR, not taking different variants in
consideration, which causes clobbering the directories when both
variants are built.

When compiled with AUTOREMOVE=y, the effect is that the package is
unnecessarily rebuilt when the package is compiled again.

Wihout AUTOREMOVE, the problem is worse: the second variant will not be
rebuilt, and you end up with the smallbuffers variant being a copy of
the regular one.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2024-02-23 14:02:53 +01:00
Paweł Owoc
70fd815e57 qualcommax: ipq807x: add support for Linksys MX5300
Hardware specification:
========
SoC: Qualcomm IPQ8072A
Flash: 512MB (Winbond W29N04GZBIBA)
RAM: 1GB (2x Nanya DDR3L NT5CC256M16ER-EK)
Ethernet: 5x 10/100/1000Mbps (Qualcomm QCA8075)
WiFi1: 5GHz ac 4x4 (Qualcomm QCA9984 + Skyworks SKY85746-11) - channels 100-169
WiFi2: 5GHz ax 4x4 (Qualcomm QCN5054 + Skyworks SKY85755-11) - channels 36-64
WiFi3: 2.4GHz ax 4x4 (Qualcomm QCN5024 + Skyworks SKY8340-11)
IoT: Bluetooth 5, Zigbee and Thread (Qualcomm QCA4024 + Skyworks SE2433T-R)
IoT Flash: 4MB (Macronix MX25R3235F)
RTC: ST M41T00S
LED: 1x RGB status (NXP PCA9633)
USB: 1x USB 3.0
Button: WPS, Reset

Flash instructions:
========
1. Manually upgrade firmware using openwrt-qualcommax-ipq807x-linksys_mx5300-squashfs-factory.bin image.
More details can be found here: https://www.linksys.com/hk/support-article?articleNum=274497
After first boot check actual partition:
- fw_printenv -n boot_part
and install firmware on second partition using command in case of 2:
- mtd -r -e kernel -n write openwrt-qualcommax-ipq807x-linksys_mx5300-squashfs-factory.bin kernel
and in case of 1:
- mtd -r -e alt_kernel -n write openwrt-qualcommax-ipq807x-linksys_mx5300-squashfs-factory.bin alt_kernel

2. Installation using serial connection from OEM firmware (default login: root, password: admin):
- fw_printenv -n boot_part
In case of 2:
- flash_erase /dev/mtd21 0 0
  nandwrite -p /dev/mtd21 openwrt-qualcommax-ipq807x-linksys_mx5300-squashfs-factory.bin
or in case of 1:
- flash_erase /dev/mtd23 0 0
  nandwrite -p /dev/mtd23 openwrt-qualcommax-ipq807x-linksys_mx5300-squashfs-factory.bin
After first boot install firmware on second partition:
- mtd -r -e kernel -n write openwrt-qualcommax-ipq807x-linksys_mx5300-squashfs-factory.bin kernel
or:
- mtd -r -e alt_kernel -n write openwrt-qualcommax-ipq807x-linksys_mx5300-squashfs-factory.bin alt_kernel

3. Installation from initramfs image using USB FAT32 formatted drive:
Stop u-boot and run:
- usb start && fatload usb 0:1 $loadaddr openwrt-qualcommax-ipq807x-linksys_mx5300-initramfs-uImage.itb && bootm $loadaddr
Write firmware to the flash from initramfs:
- mtd -e kernel -n write openwrt-qualcommax-ipq807x-linksys_mx5300-squashfs-factory.bin kernel
and:
- mtd -r -e alt_kernel -n write openwrt-qualcommax-ipq807x-linksys_mx5300-squashfs-factory.bin alt_kernel

4. Back to the OEM firmware:
- mtd -e kernel -n write FW_MX5300_1.1.9.200251_prod.img kernel
and:
- mtd -r -e alt_kernel -n write FW_MX5300_1.1.9.200251_prod.img alt_kernel

5. USB recovery:
- fw_setenv usbimage 'openwrt-qualcommax-ipq807x-linksys_mx5300-initramfs-uImage.itb'
  fw_setenv bootusb 'usb start && fatload usb 0:1 $loadaddr $usbimage && bootm $loadaddr'
  fw_setenv bootcmd 'run bootusb; aq_load_fw && if test $auto_recovery = no; then bootipq; elif test $boot_part = 1; then run bootpart1; else run bootpart2; fi'

Notes:
========
IoT device is accesible over spi. Not yet supported.

Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
2024-02-23 13:34:59 +01:00
Rafał Miłecki
788122cc12 base-files: sysupgrade: rename add_*files() functions
Usage of word "add" was somehow misleading in those functions:
1. They don't really add (as in: append) anything. Result files are
   created from scratch.
2. It wasn't clear what adding files means. It could be understood as
   adding actual files somewhere (to existing archive?).

Also the word "add" was also a bit ambiguous.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-02-22 22:19:13 +01:00
Rafał Miłecki
4a1b94adba base-files: sysupgrade: s/do_save_conffiles/create_backup_archive/
Rename function to more accurate and self-explanatory name:
1. Use "archive" in name as this functions creates tar archive
2. Avoid "conffiles" as this function may archive more than that

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-02-22 22:19:01 +01:00
Rafał Miłecki
4ba5eba94c base-files: sysupgrade: exit with no error for --help
Calling "sysupgrade --help" should result in printing help and exiting
with 0 code.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-02-22 22:18:36 +01:00
Rafał Miłecki
73da77fd00 base-files: sysupgrade: group & cleanup global variables
Group & describe them by type, drop unneeded exports.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-02-22 22:18:36 +01:00
Rafał Miłecki
57be93c16d base-files: sysupgrade: replace UMOUNT_ETCBACKUP_DIR with a local variable
It was used inside do_save_conffiles() only.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-02-22 22:18:36 +01:00
Luiz Angelo Daros de Luca
61ac147bb6 base-files: sysupgrade: fix error message and typo
Some minor error message and comment fixes.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2024-02-22 22:14:54 +01:00
Rafał Miłecki
157d6019df Revert "base-files: sysupgrade: always setup overlay when creating backup"
This reverts commit 4fa9aaf0be.

That seemed like a good idea allowing us to include any runtime
generated file in archive. Unfortuantely it broke backups with files
from mounted directories.

When mounting overlay with / as lowerdir its mounts don't propagete in
the mountpoint. That resulted in empty directories:
/tmp/overlay.XXXXXX/backup/tmp/
/tmp/overlay.XXXXXX/backup/var/
/tmp/overlay.XXXXXX/backup/dev/
/tmp/overlay.XXXXXX/backup/proc/
etc.

As some platforms / users try to backup files like /var/dhcp.leases or
/boot/cmdline.txt it means we can't use that solution.

Link: http://lists.openwrt.org/pipermail/openwrt-devel/2024-February/042320.html
Link: https://lore.kernel.org/linux-fsdevel/67bb0571-a6e0-44ea-9ab6-91c267d0642f@gmail.com/T/#u
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-02-22 22:08:14 +01:00
Rafał Miłecki
7bffa8ab10 Revert "base-files: sysupgrade: include uci-defaults script disabling services"
This reverts commit bf304d10e9.

That uci-defaults script worked great but generating it required
mounting root dir as overlay lowerdir that needs to be reverted.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-02-22 22:08:04 +01:00
Hauke Mehrtens
5df7a78e82 wifi-scripts: Support HE Iftypes with multiple entries
With mac80211_hwsim I have seen such entries in OpenWrt 22.03:
    HE Iftypes: managed, AP
The mac80211.sh script did not detect the entry and failed. Allow
arbitrary other entries before to fix this problem.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-02-22 21:45:44 +01:00
Yegor Yefremov
62acd9a2f9 dnsmasq: rework network interface ignore
In some situations (slow protocol or interfaces with auto 0), the
interfaces are not available during the dnsmasq initialization and
hence, the ignore setting will be skipped.

Install an interface trigger for ignored interfaces in case their
ifname cannot be resolved.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-02-22 09:17:25 +01:00
Jo-Philipp Wich
97ad8501ad ucode: update to Git HEAD (2024-02-21)
ee4af9b55cb4 vm: rework object iteration
a275399dd8e2 uci: refactor uci.changes() to match documentation
ba3855ae3775 lib: fix documentation typo for `pop()` function

Fixes: https://github.com/jow-/ucode/issues/188
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-02-22 09:17:25 +01:00
Mantas Pucka
44168fda78 qualcommax: ipq60xx: Add 8devices Mango DVK
8devices Mango DVK is a single board computer / devkit for 8devices Mango
system-on-module (SoM).

Specifications:
* CPU: Qualcomm IPQ6010 Quad core Cortex-A53 1.8GHz
* RAM: 512 MB
* Storage:
    * 32 MB serial NOR flash (on SoM)
    * 256 MB parallel NAND flash (on DVK)
* Ethernet:
    * 2x1G RJ45 ports(QCA8072 or QCA8075)
    * 1x2.5G RJ45 port (QCA8081)
    * 1xSFP (shares SGMII with QCA8081)
* Switch: Qualcomm Atheros IPQ6010
* WLAN:
    * 2.4GHz: QCN5121 2x2 802.11b/g/n/ax 574 Mbps PHY rate
    * 5GHz: QCN5152 2x2 802.11a/n/ac/ax 1201 Mbps PHY rate
* USB:
    * 1x USB3.0 Type-A port
    * 1x USB2.0 available at mini PCIe slot
* PCIe: 1x mini PCIe slot 1xLane Gen3 (8GT/s)
* SD/eMMC (on a single shared bus - only one can be active):
    * micro SD slot
    * eMMC module connector
* LEDs:
    * Green power led (not controllable)
    * Green 2.4GHz radio led (GPIO 67)
    * Green 5GHz radio led (GPIO 66)
* Buttons:
    * 1x (WPS GPIO79) button
* GPIOs: 2.54mm header brings out 18 GPIOs (1.8V level)
* UART: 4-pin UART header (3.3V level)
    * 115200 8N1, 3.3V-Tx-Rx-GND (3.3V is pin 1 close to boot-switch SW2)
* Power:
    * PoE IN on 2.5G port (passive 24-48V)
    * DC power terminal (12-58V)

Installation instructions:

Vendor image format is compatible with squashfs-sysupgrade image. Run:

sysupgrade -n -F openwrt-qualcommax-ipq60xx-8devices_mango-dvk-squashfs-sysupgrade.bin

Signed-off-by: Mantas Pucka <mantas@8devices.com>
2024-02-21 21:42:23 +01:00
Mantas Pucka
10ba730b7b ipq-wifi: add support for 8devices Mango board
Add support for .ipq6018 BDF suffix and add Mango board entry

Signed-off-by: Mantas Pucka <mantas@8devices.com>
2024-02-21 21:42:23 +01:00
Mantas Pucka
03935cf7de ipq-wifi: update to Git HEAD (2024-02-19)
1cc59e1 ipq6018: add 8devices Mango BDF
10279cc ipq40xx:Add support for Netgear LBR20 with two BDF's

Signed-off-by: Mantas Pucka <mantas@8devices.com>
2024-02-21 21:42:23 +01:00
Mantas Pucka
586a051d4d ath11k-firmware: add wifi firmware for ipq6018
So far only stable FW is v2.4. It exists in a different
git repo, so add custom download routine.

Signed-off-by: Mantas Pucka <mantas@8devices.com>
2024-02-21 21:42:23 +01:00
Mantas Pucka
aa6cc0a52b mac80211: ath11k: disable coldboot for ipq6018
Coldboot calibration does not work at the moment and causes failure during
wifi startup.

Signed-off-by: Mantas Pucka <mantas@8devices.com>
2024-02-21 21:42:23 +01:00
Mantas Pucka
d08d53346b qca-ssdk: support selecting PCS channel for PORT3 on IPQ6018
When QCA8072 is used in PSGMII mode with IPQ6018, PCS used for second
PHY port would overlap with one used by SGMII+ port. SoC has register
to select different PCS in such case.

Original code used PHY_ID for this decision, which also had other
issues, but is no longer viable since we moved to upstream QCA807x
driver.

Introduce DT property port3_pcs_channel to allow describing this in DT.
Default value is <2>, and for some QCA8072 designs <4> would be needed.

Signed-off-by: Mantas Pucka <mantas@8devices.com>
2024-02-21 21:42:23 +01:00
Felix Fietkau
2a752ff028 mac80211: add a fix for racy drv_sta_rc_update calls
Fixes potential crash issues in mt76 and other drivers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-21 15:28:53 +01:00
Marius Durbaca
4821cb24ed uboot-rockchip: add Radxa CM3 IO board support
Add support for the Radxa CM3 IO board.

Reviewed-by: Tianling Shen <cnsztl@immortalwrt.org>
Signed-off-by: Marius Durbaca <mariusd84@gmail.com>
2024-02-21 13:29:26 +01:00
Marius Durbaca
eec0bec630 rkbin: add rk3566 atf/tpl blobs
Currently there are no atf/tpl blobs for rk3566 SoCs
so this commit adds the prebuilt firmware from the vendor.

Signed-off-by: Marius Durbaca <mariusd84@gmail.com>
2024-02-21 13:29:26 +01:00
Felix Fietkau
95e633efbd mac80211: add AQL support for broadcast/multicast packets
Should improve performance/reliability with lots of mcast packets

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-21 10:56:22 +01:00
Robert Marko
fb45887e85 mac80211: update to 6.6.15
Update backports to the latest 6.6 point release.

Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-21 10:56:22 +01:00
Tianling Shen
afca1236f3 rockchip: add NanoPi R4S Enterprise Edition build
FriendlyElec renamed the NanoPi R4S board with EEPROM (mac address)
to "enterprise" edition, and it was added as a "new" board in upstream
kernel.

This patch switched to use that upstreamed dts and removed local
EEPROM patch.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-02-19 20:52:06 +01:00
Tianling Shen
23cb2b1636 uboot-rockchip: add NanoPi R2C Plus support
Add support for the FriendlyARM NanoPi R2C Plus.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-02-19 16:23:32 +01:00
Rafał Miłecki
bf304d10e9 base-files: sysupgrade: include uci-defaults script disabling services
Disabled services should be kept disabled after sysupgrade. This can be
easily handled using a proper uci-defaults script.

Extend sysupgrade to check for disabled services, generate uci-defaults
script disabling them and include it in backup.

Cc: Christian Marangi <ansuelsmth@gmail.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Cc: Jonas Gorski <jonas.gorski@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2024-02-19 13:53:14 +01:00
Rafał Miłecki
4fa9aaf0be base-files: sysupgrade: always setup overlay when creating backup
Setting overlay while creating backup allows including extra files in
archive without actually writing them to flash. Right now this feature
is limited to /etc/backup/ directory and is used only for including
installed_packages.txt.

Extend this solution to make it more generic:
1. Always mount overlay while creating backup
2. Overlay whole / to don't limit it to /etc/backup/

This allows including any additional files in backups and adding more
sysupgrade features.

Cc: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Cc: Christian Marangi <ansuelsmth@gmail.com>
Cc: Jo-Philipp Wich <jo@mein.io>
Cc: Jonas Gorski <jonas.gorski@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-02-19 13:53:14 +01:00
Luiz Angelo Daros de Luca
700907bc63 base-files: sysupgrade: always cleanup after backups
When tar was failing, it was exiting immediately. Some files and the
tmpfs mount (-k) would remain breaking the next backup attempt.

Also remove redundant $? from exit builtin call as exit already returns
the last command exit code when called.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2024-02-19 12:41:40 +01:00
Luiz Angelo Daros de Luca
14ac91c68c base-files: sysupgrade: do not hide tar errors
tar stderr was probably discarded only to remove this message:

  tar: removing leading '/' from member names

However, together with that, any other error would also be discarded.
It is easier to fix that allowing the error message to be printed.

In sysupgrade, the backup file list only uses absolute paths. That way,
the solution is to remove the leading '/' from all files (sed) and chdir
to / (option -C /)

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2024-02-19 12:41:40 +01:00
Janusz Dziedzic
a56292d9f5 linux-firmware: intel: add BE200 wifi firmware
Add option to install Intel BE200 firmware
required by iwlwifi driver and Wifi7 hardware.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2024-02-18 13:49:12 +01:00
Seo Suchan
6b904fa95b ca-certificates: update to version 20240203
Update Mozilla certificate authority bundle to version 2.64

Signed-off-by: Seo Suchan <tjtncks@gmail.com>
2024-02-18 11:49:04 +01:00
Eneas U de Queiroz
472312f83f
wifi-scripts: fix FILS AKM selection with EAP-192
Fix netifd hostapd.sh selection of FILS-SHA384 algorithm with eap-192.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2024-02-17 08:36:48 -03:00
Rosen Penev
24d3eb7629
lua5.3: backport CVE fix
Also refreshed some patches

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-02-17 01:55:49 +01:00
Rosen Penev
78b0106f7d
lua: fix CVE-2014-5461
Patch taken from Debian.

Refresh patches

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-02-17 01:55:21 +01:00
Daniel Golle
f96289ddff uboot-mediatek: bpi-r3-mini: fix typo in bootmenu
Fix typo in eMMC bootmenu.

Fixes: bc25519f98 ("uboot-mediatek: add builds for BananaPi BPi-R3 mini")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-16 13:56:01 +00:00
Daniel Golle
ae1c0f1b15 mediatek: filogic: bpi-r3-mini: fix NAND flash layout
Fix NAND flash layout which was out-of-sync with the definition in
ARM TrustedFirmware-A which expects UBI to start at 0x200000.

Fixes: b03d3644cf ("mediatek: filogic: add BananaPi BPi-R3 mini")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-16 05:40:14 +00:00
Daniel Golle
b03d3644cf mediatek: filogic: add BananaPi BPi-R3 mini
Hardware specification
----------------------
 SoC: MediaTek MT7986A 4x A53
 Flash: 128MB SPI-NAND, 8GB eMMC
 RAM: 2GB DDR4
 Ethernet: 2x 2.5GbE (Airoha EN8811H)
 WiFi: MediaTek MT7976C 2x2 2.4G + 3x3 5G
 Interfaces:
  * M.2 Key-M: PCIe 2.0 x2 for NVMe SSD
  * M.2 Key-B: USB 3.0 with SIM slot
  * front USB 2.0 port
 LED: Power, Status, WLAN2G, WLAN5G, LTE, SSD
 Button: Reset, internal boot switch
 Fan: PWM-controlled 5V fan
 Power: 12V Type-C PD

Installation instructions for eMMC
----------------------------------
0. Set boot switch to boot from SPI-NAND (assuming stock rom or immortalwrt
   running there).
1. Write GPT partition table to eMMC
   Move openwrt-mediatek-filogic-bananapi_bpi-r3-mini-emmc-gpt.bin to
   the device /tmp using scp and write it to /dev/mmcblk0:
    dd if=/tmp/openwrt-*-r3-mini-emmc-gpt.bin of=/dev/mmcblk0
2. Reboot (to reload partition table)
3. Write bootloader and OpenWrt images
   Move files to the device /tmp using scp:
    - openwrt-*-bananapi_bpi-r3-mini-emmc-preloader.bin
    - openwrt-*-bananapi_bpi-r3-mini-emmc-bl31-uboot.fip
    - openwrt-*-bananapi_bpi-r3-mini-initramfs-recovery.itb
    - openwrt-*-bananapi_bpi-r3-mini-squashfs-sysupgrade.itb
   Write them to the appropriate partitions:
    echo 0 > /sys/block/mmcblk0boot0/force_ro
    dd if=/tmp/openwrt-*-bananapi_bpi-r3-mini-emmc-preloader.bin of=/dev/mmcblk0boot0
    dd if=/tmp/openwrt-*-bananapi_bpi-r3-mini-emmc-bl31-uboot.fip of=/dev/mmcblk0p3
    dd if=/tmp/openwrt-*-bananapi_bpi-r3-mini-initramfs-recovery.itb of=/dev/mmcblk0p4
    dd if=/tmp/openwrt-*-bananapi_bpi-r3-mini-squashfs-sysupgrade.itb of=/dev/mmcblk0p5
    sync

4. Remove the device from power, set boot switch to eMMC and boot into
   OpenWrt. The device will come up with IP 192.168.1.1 and assume the
   Ethernet port closer to the USB-C power connector as LAN port.

5. If you like to have Ethernet support inside U-Boot (eg. to boot via
   TFTP) you also need to write the PHY firmware to /dev/mmcblk0boot1:
    echo 0 > /sys/block/mmcblk0boot1/force_ro
    dd if=/lib/firmware/airoha/EthMD32.dm.bin of=/dev/mmcblk0boot1
    dd if=/lib/firmware/airoha/EthMD32.DSP.bin bs=16384 seek=1 of=/dev/mmcblk0boot1

Installation instructions for NAND
----------------------------------
0. Set boot switch to boot from eMMC (assuming OpenWrt is installed there
   by instructions above. Using stock rom or immortalwrt does NOT work!)

1. Write things to NAND
   Move files to the device /tmp using scp:
    - openwrt-*-bananapi_bpi-r3-mini-snand-preloader.bin
    - openwrt-*-bananapi_bpi-r3-mini-snand-bl31-uboot.fip
    - openwrt-*-bananapi_bpi-r3-mini-initramfs-recovery.itb
    - openwrt-*-bananapi_bpi-r3-mini-squashfs-sysupgrade.itb
   Write them to the appropriate locations:
    mtd write /tmp/openwrt-*-bananapi_bpi-r3-mini-snand-preloader.bin /dev/mtd0
    ubidetach -m 1
    ubiformat /dev/mtd1
    ubiattach -m 1
    volsize=$(wc -c < /tmp/openwrt-*-bananapi_bpi-r3-mini-snand-bl31-uboot.fip)
    ubimkvol /dev/ubi0 -N fip -n 0 -s $volsize -t static
    ubiupdatevol /dev/ubi0_0 /tmp/openwrt-*-bananapi_bpi-r3-mini-snand-bl31-uboot.fip
    cd /lib/firmware/airoha
    cat EthMD32.dm.bin EthMD32.DSP.bin > /tmp/en8811h-fw.bin
    ubimkvol /dev/ubi0 -N en8811h-firmware -n 1 -s 147456 -t static
    ubiupdatevol /dev/ubi0_1 /tmp/en8811h-fw.bin
    ubimkvol /dev/ubi0 -n 2 -N ubootenv -s 126976
    ubimkvol /dev/ubi0 -n 3 -N ubootenv2 -s 126976
    volsize=$(wc -c < /tmp/openwrt-*-bananapi_bpi-r3-mini-initramfs-recovery.itb)
    ubimkvol /dev/ubi0 -n 4 -N recovery -s $volsize
    ubiupdatevol /dev/ubi0_4 /tmp/openwrt-*-bananapi_bpi-r3-mini-initramfs-recovery.itb
    volsize=$(wc -c < /tmp/openwrt-*-bananapi_bpi-r3-mini-squashfs-sysupgrade.itb)
    ubimkvol /dev/ubi0 -n 4 -N recovery -s $volsize
    ubiupdatevol /dev/ubi0_4 /tmp/openwrt-*-bananapi_bpi-r3-mini-squashfs-sysupgrade.itb

3. Remove the device from power, set boot switch to NAND, power up and
   boot into OpenWrt.

Partially based on immortalwrt support for the R3 mini, big thanks for
doing the ground work!

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
5a2eb8082f kernel: add driver for Airoha EN8811H PHY as module
Add PHY driver for Airoha EN8811H PHY and package it as kernel module.
The PHY needs to load firmware from rootfs, so there is no point in
having the driver built-into the kernel.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
bc25519f98 uboot-mediatek: add builds for BananaPi BPi-R3 mini
The R3 mini comes with two Airoha EN8811H PHYs for 2.5G Ethernet.
The driver added to U-Boot expects the firmware for the PHY to be
stored inside UBI volume en8811h-fw or MMC boot1 hardware partition.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
adb1e30b7e linux-firmware: package firmware for Airoha EN8811H PHY
Add package with firmware for Airoha EN8811H 2.5G Ethernet PHY which
needs to be loaded via MDIO before the PHY can be used.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
1e58ce7652 firmware: package firmware for built-in 2.5G PHY on MT7988
Firmware for the built-in 2.5G Ethernet PHY of the MediaTek MT7988 SoC
is now part of linux-firmware, so we can package it.
Only a single file is needed with recent driver.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
6aec3c7b5b mediatek: mt7622: modernize Linksys E8450 / Belkin RT3200 UBI build
Move fip and factory into UBI static volumes.
Use fitblk instead of partition parser.

 !! RUN INSTALLER FIRST !!
Existing users of previous OpenWrt releases or snapshot builds will
have to **re-run the updated installer** before upgrading to firmware
after this commit.
DO NOT flash or run even just the initramfs image unless you have
run the updated installer which moves the content of the 'factory'
partition into a UBI volume.

tl;dr: DON'T USE YET!

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
41c053141e mediatek: mt7622: convert unifi6lr-v{1,2,3}-ubootmod to fitblk
No bootloader changes needed in this case, smooth transition.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
208f6c1232 mediatek: mt7622: convert BPi-R64 to all-UBI layout and fitblk
Modernize bootloader and flash memory layout of the BPi-R64 similar to
how it has also been done for the BPi-R3.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
8f9b10d917 arm-trusted-firmware-mediatek: add UBI-enabled builds for MT7622
Use custom UBI start address 0x80000 on MT7622 which is more than
enough for a single bl2 (MT7622 BootROM doesn't support redundant bl2).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
8afce4893b uboot-envtools: mediatek_filogic: update bpi-r3
Unify env configuration now that BPi-R4 and BPi-R3 both use fitblk.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
033db3a95d uboot-mediatek: bpi-r3: all-UBI NAND layout, use fitblk
Modernize U-Boot to provide a better reference:
 * store fip image in UBI now that TF-A supports that
 * switch from uImage.FIT partition parser to new fitblk
   virtual firmware block driver (root=/dev/fit0)
 * automatically set root device according to boot_mode register

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
91b55ca4c8 arm-trusted-firmware-mediatek: add mt7986-spim-nand-ubi-ddr4
Add UBI-enabled build for MT7986 with SPIM-NAND and DDR4 for use with
the BananaPi R3 board.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
1192554d56 uboot-envtools: filogic: add support for BananaPi R4
Add environment settings for the BananaPi BPI-R4 router board which
can boot from (and store its bootloader environment on) micro SD card,
SPI-NAND and eMMC.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
13ddc65b2c uboot-envtools: filogic: de-duplicate UBI env settings
Use function instead of duplicating the env settings on UBI for
OpenWrt-built U-Boot over and over.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:30:08 +00:00
Daniel Golle
74a8f416f4 uboot-mediatek: update to U-Boot 2024.01 release
Rebase local patches on top of quarterly timed release, allowing to
drop numerous patches which have been accepted upstream since the
release of U-Boot 2023.07.02.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:06:37 +00:00
Daniel Golle
54f99ebe5c uboot-mediatek: add build for BPi-R4
Add build for the BananaPi R4 board which can boot from micro SD,
SPI-NAND or eMMC.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:06:37 +00:00
Daniel Golle
b165d451bd uboot-mediatek: mt7988: set rootdisk according to boot device
If nodes /chosen/rootdisk-${bootdevice} exists, set /chosen/rootdisk
phandle according to boot device selected by the bootstrap pins.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:06:37 +00:00
Daniel Golle
89fcf211cb uboot-mediatek: fix MMC erase timeout
When erasing large amounts of blocks at once this can take a long
time on slow cards. Instead of a fixed timeout, wait longer if more
blocks are being erased.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:06:37 +00:00
Daniel Golle
927334a8f7 uboot-mediatek: add basic build for ZBT-WG3526 (MT7621, 16M SPI-NOR)
Add basic U-Boot drop-in replacement compatible with the flash layout
of the vendor loader of the Zbtlink WG3526 (16M) MT7621 router board.
The idea here is a to have a reference build of uboot-mediatek also for
a simple MIPS boards more popular than MT7621 RFB.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:06:37 +00:00
Daniel Golle
ddcc8f9f4e package: add fitblk util to release /dev/fit* devices
Add minimalistic tool to allow releasing /dev/fit* devices which is
needed on sysupgrade when using the fitblk driver.
The package is hidden in menuconfig, it should only be selected by
adding it to the default package selection of boards using it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:06:36 +00:00
Daniel Golle
7cecabbe34 arm-trusted-firmware-mediatek: use UBI on new NAND targets
Make use of recently added UBI support in MediaTek's ARM
TrustedFirmware-A on new MT7988 SoC.

Load fip from static UBI volume instead of fixed offset on SPIM-NAND
and SNFI.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:06:36 +00:00
Daniel Golle
c55c56b3fd arm-trusted-firmware-mediatek: set HIDDEN=y
Hide arm-trusted-firmware-mediatek packages from interactive config.
Exposing them only causes confusion and needed variants are anyway
selected as dependencies by uboot-mediatek packages.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-02-15 19:06:36 +00:00
Chukun Pan
b61ecb7d75 ipq807x: add support for CMCC RM2-6
Hardware specifications:
  SoC: Qualcomm IPQ8070A
  RAM: 512MB of DDR3
  Flash: 256MB Micron NAND
  Ethernet: 2x 1G RJ45 port
  WiFi1: QCN5024 2x2 2.4GHz
  WiFi2: QCN5054 2x2 5GHz
  Fan: 1x GPIO controlled
  Button: Reset, WPS

Flash instructions:
  Upload factory.bin in stock firmware's upgrade page.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Reviewed-by: Robert Marko <robimarko@gmail.com>
2024-02-15 18:44:35 +01:00
Robert Marko
588b5df50a qca-ssdk: drop not used Malibu PHY patch
Now that Malibu (QCA807x) PHY-s use an upstream driver we dont need support
for defining address of the first PHY in the package so drop the patch.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-02-15 18:25:48 +01:00
Petr Štetiar
79888f9127
ugps: update to Git HEAD (2024-02-14)
69561a074d6f ugps: add quality measurement parameters

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-02-14 10:02:25 +00:00
Felix Fietkau
2a2abed0be wifi-scripts: create the wlan object in board_data if not present
Fixes an error in wifi detection

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-13 19:26:58 +01:00
Jo-Philipp Wich
7a1fac2dda ucode: update to Git HEAD (2024-02-13)
7e5830edfb38 nl80211: fix datatype of NL80211_BAND_IFTYPE_ATTR_HE_CAP_{MAC,PHY} attrs
5c8fd34bac42 nl80211: fix parsing of NL80211_BAND_ATTR_VHT_MCS_SET attribute
e8d4e4fe967d nl80211: fix decoding of NL80211_BAND_IFTYPE_ATTR_HE_CAP_MCS_SET attribute
30a3f7ad0433 rtnl: store callback in listener registry only on success
9cbe8294909f rtnl: optimize reception of rtnl events
534417132e18 rtnl: increase event socket rx buffer size limit to 1 MiB
3f9811d2f7b7 compiler: close upvalues on loop control statements

Fixes: https://github.com/jow-/ucode.git/issues/187
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-02-13 17:16:04 +01:00
Nick Hainke
c47b7571f0 libxml2: update to 2.12.5
Release Notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.5

Fixes: CVE-2024-25062
Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-13 12:34:56 +01:00
Nick Hainke
a42075435a binutils: update to 2.42
Refresh patch:
- 001-replace-attribute_const.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-12 23:41:03 +01:00
Sander Vanheule
6f83a708c8 base-files: move uci_set_poe() to uci-defaults.sh
PoE devices in the realtek target have the possibility to add PSE info
to the board description via 02_network. Make this available for all
targets, by moving the uci_set_poe() function to the globally available
uci-default.sh script.

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2024-02-12 20:46:51 +01:00
Christian Marangi
dfc1e8cfee
qca-ssdk: drop deprecated Xiaomi LEDs quirk patch
Drop deprecated Xiaomi LEDs quirk patches as they are not needed anymore
as LEDs are now supported by the upstream qca807x driver.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-11 21:15:31 +01:00
Christian Marangi
c8aded65c1
qca-ssdk: add patch to support detection of PSGMII mode for PHY
If a PHY doesn't use the integrated driver, SSDK use poll the phydev to
get the real PHY mode. qca807x use PSGMII as PHY mode and this specific
mode is not detected in qca SSDK while used in the entire driver.

Add support for it in the hsl_port_phydev_interface_mode_status_get
function used to translate PHY mode to the internal SSDK value.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-11 21:12:29 +01:00
Christian Marangi
8d7f747757
qca-ssdk: disable Malibu PHY in favor of upstream version
Disable Malibu PHY driver in Qca SSDK in favor of the upstream version.
The same workaround are applied and the version upstream is just a drop
in replacement and is well tested from the ipq40xx target.

Also using the upstream version permits further support for LEDs.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-11 21:09:34 +01:00
Shiji Yang
3b74ae780c uboot-envtools: backport some usefull patches from v2024.04-rc1
Highlights:
- Silence small page read warning.
- Autodetect NAND erase size and env sectors.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2024-02-11 10:48:59 +01:00
Robert Marko
a79efe4cdf
qca-ssdk: add support for ipq60xx
IPQ60xx uses a different codename for SSDK, so lets pass the correct one
as otherwise SSDK asumes we are building for the old MIPS SoC-s.

Signed-off-by: Robert Marko <robimarko@gmail.com>
[ drop outdated commit description info ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-02-09 14:01:51 +01:00
Nick Hainke
5a016cc3af uboot-envtools: update to 2024.01
Update to latest version.

Refresh patches:
- 002-Revert-tools-env-use-run-to-store-lockfile.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-09 13:55:18 +01:00
Felix Fietkau
2b4941a6f1 wifi-scripts: fix fullmac phy detection
Checking for AP_VLAN misdetects ath10k-ath12k as fullmac, because of software
crypto limitations. Check for monitor mode support instead, which is more
reliable.

Fixes: https://github.com/openwrt/openwrt/issues/14575
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-02-09 12:18:59 +01:00
Konstantin Demin
3f96246e97 dropbear: better handle interfaces
- introduce 'DirectInterface' option to bind exactly to specified interface;
  fixes #9666 and late IPv4/IPv6 address assignment
- option 'DirectInterface' takes precedence over 'Interface'
- improve interface/address handling,
  e.g. verify count of listening endpoints due to dropbear limit (10 for now)

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
865ae1c10c dropbear: better handle receive window size
- correct maximum receive window size
- adjust receive window size against maximum allowed value
- warn about too high receive window size in syslog

improves f95eecfb

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
05100d8651 dropbear: adjust file permissions
runtime:
- adjust ownership/permissions while starting dropbear
build time:
- correct file permissions for preseed files in $(TOPDIR)/files/etc/dropbear/ (if any)

closes #10849

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
a97e0dad6e dropbear: 'rsakeyfile' -> 'keyfile' transition
end users should have done this since OpenWrt 19.07.
if they didn't do this yet - perform auto-transition.

schedule 'rsakeyfile' removal for next year release.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
ff1ccd85e8 dropbear: failsafe: handle all supported key types
dropbear may be configured and compiled with support for different host key types

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
55218bcedb dropbear: minor config reorder
move DROPBEAR_ASKPASS under DROPBEAR_DBCLIENT (in all meanings)

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
c87a192386 dropbear: split U2F/FIDO support
these options allow one to configure U2F/FIDO support in more granular way

inspired by upstream commit aa6559db

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
bf900e02c7 dropbear: add option to enable modern crypto only
reduces binary/package size and increases overall performance

also:
- adjust 910-signkey-fix-use-of-rsa-sha2-256-pubkeys.patch
  to build without DROPBEAR_RSA/DROPBEAR_RSA_SHA256

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
88c8053d47 dropbear: adjust allowed shell list
this takes an effect only if getusershell(3) is missing

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
7f6fcaa3bf dropbear: honor CONFIG_TARGET_INIT_PATH
fixes 65256aee

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
2d9a0be307 dropbear: disable two weak kex/mac algorithms
hmac-sha1 and diffie-hellman-group14-sha1 are weak algorithms.
A future deprecation notice of ssh-rsa (2048-bit) has been issued. [1]

It has no place in a potentially internet-facing daemon like dropbear.
Upstream has acknowledged this and offered this solution to disable
these two until this is made to be the default in the next release
of dropbear next year. [2]

1. https://www.openssh.com/txt/release-8.2
2. https://github.com/mkj/dropbear/issues/138

Signed-off-by: John Audia <therealgraysky@proton.me>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
0b277f8659 dropbear: minor config clarification
- "default n" is not needed: options are not selected by default
- wrap config on 80 characters width (assuming tab is 8 characters long)
- add feature cost size and security notes for DROPBEAR_AGENTFORWARD
  and DROPBEAR_DBCLIENT_AGENTFORWARD:
  describe why and where it should be disabled

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
fa849fd411 dropbear: better object cleanup
improves b78aae79

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
f2b2293663 dropbear: allow more complex configuration
- switch DB_OPT_COMMON and DB_OPT_CONFIG to comma-separated lists:
  this allows to have values with "|" in DB_OPT_COMMON and DB_OPT_CONFIG
  which is more likely to be than values with commas;
  use $(comma) variable for values with commas.
- sort DB_OPT_COMMON and DB_OPT_CONFIG to have "overrides" on top of list.
- allow DB_OPT_COMMON to have values with commas.
- allow to replace multiline definitions in sysoptions.h.

improves e1bd9645

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
b5cde26048 dropbear: cherry-pick upstream patches
critical fixes:
- libtommath: possible integer overflow (CVE-2023-36328)
- implement Strict KEX mode (CVE-2023-48795)

various fixes:
- fix DROPBEAR_DSS and DROPBEAR_RSA config options
- y2038 issues
- remove SO_LINGER socket option
- make banner reading failure non-fatal
- fix "noremotetcp" behavior
- don't try to shutdown a pty
- fix test for multiuser kernels

adds new features:
- option to bind to interface
- allow inetd with non-syslog
- ignore unsupported command line options with dropbearkey

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Konstantin Demin
d4dfb566e2 dropbear: bump to 2022.83
- update dropbear to latest stable 2022.83;
  for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- drop patches:
  - 001-fix-MAX_UNAUTH_CLIENTS-regression.patch
- rework patches:
  - 901-bundled-libs-cflags.patch
- refresh remaining patches

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-09 09:13:05 +00:00
Stephen Howell
d274867c21 lldpd: add option to force EDP
allow EDP support if compiled and add force EDP option

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
8b2d02e48c lldpd: only use snmp options when compiled in
prevent SNMP options being passed unless lldpd supports them

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
1b36d44323 lldpd: Update Makefile package release
increment Makefile package release to reflect changes to init script

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
a5f715da71 lldpd: add option for tx delay and tx hold
add option to set LLDP transmit delay, hold timers to set update frequency

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
4159acceeb lldpd: add option to set system platform
add option to override system platform instead of using kernel name

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:37 +02:00
Stephen Howell
4ac134aa78 lldpd: add option to force SONMP enabled
add option to force SONMP to be enabled even when no peer detected

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
1be2088a52 lldpd: add option to force FDP on
add option to force FDP when no peers detected

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
b67182008f lldpd: set CDP version and allow forcing CDP on
add option to specify CDPv1 or CDPv2 and separately enable or force each

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
61dbe756d8 lldpd: allow disabling LLDP protcol
add option to allow LLDP disabling while using other supported protocols

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
ac771313eb lldpd: add portidsubtype option
add option portidsubtype to correct port identifiers and descriptions

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
c98ee4dbb3 lldpd: add agent-type option
add option to set agent-type to control propogation

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00
Stephen Howell
24176a6bdd lldpd: add LLDP MED options
add option to enable LLDP MED fast-start and set fast-start timer

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
2024-02-08 12:35:36 +02:00