Commit Graph

50498 Commits

Author SHA1 Message Date
Adrian Schmutzler
3f4d1dad00 ramips: replace full-text licenses by SPDX identifier
This replaces several full-text and abbreviated licenses found in
DTS files by the corresponding SPDX identifiers.

This should make it easier to identify the license both by humans
and machines.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-02-05 18:18:00 +01:00
David Bentham
4a18039785 ramips: add support for UniElec U7621-01
UniElec U7621-01 is a router platform board, the smaller model of
the U7621-06.
The device has the following specifications:

- MT7621AT (880 MHz)
- 256 of RAM (DDR3)
- 16 MB of FLASH (SPI NOR)
- 5x 1 Gbps Ethernet (MT7621 built-in switch)
- 1x 2.4Ghz MT7603E
- 1x 5Ghz MT7612
- 1x miniPCIe slots (PCIe bus only)
- 1x miniSIM slot
- 1x USB 2.0 (uses the usb 3.0 driver)
- 8x LEDs (1x GPIO-controlled)
- 1x reset button
- 1x UART header (4-pins)
- 1x GPIO header (30-pins)
- 1x DC jack for main power (12 V)

The following has been tested and is working:

- Ethernet switch
- 1x 2.4Ghz MT7603E (wifi)
- 1x 5Ghz MT7612 (wifi)
- miniPCIe slots (tested with Wi-Fi cards and LTE modem cards)
- miniSIM slot (works with normal size simcard)
- sysupgrade
- reset button

Installation:

This board has no locked down bootloader. The seller can be asked to
install openwrt v18.06, so upgrades are standard sysupgrade method.

Recovery:

This board contains a Chinese, closed-source bootloader called Breed
(Boot and Recovery Environment for Embedded Devices). Breed supports web
recovery and to enter it, you keep the reset button pressed for around
5 seconds during boot. Your machine will be assigned an IP through DHCP
and the router will use IP address 192.168.1.1. The recovery website is
in Chinese, but is easy to use. Click on the second item in the list to
access the recovery page, then the second item on the next page is where
you select the firmware. In order to start the recovery, you click the
button at the bottom.

LEDs list (left to right):

- ESW_P0_LED_0
- ESW_P1_LED_0
- ESW_P2_LED_0
- ESW_P3_LED_0
- ESW_P4_LED_0
- CTS2_N (GPIO10, configured as "status" LED)
- LED_WLAN# (connected with pin 44 in wifi1 slot)

Signed-off-by: David Bentham <db260179@gmail.com>
[add DEVICE_VARIANT, fix DEVICE_PACKAGES, remove &gpio]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-02-05 17:31:51 +01:00
Martin Kennedy
55d2db0e8c ath79: add support for Meraki MR12
Port device support for Meraki MR12 from the ar71xx target to ath79.

Specifications:

  - SoC: AR7242-AH1A CPU
  - RAM: 64MiB (NANYA NT5DS32M16DS-5T)
  - NOR Flash: 16MiB (MXIC MX25L12845EMI-10G)
  - Ethernet: 1 x PoE Gigabit Ethernet Port (SoC MAC + AR8021-BL1E PHY)
  - Ethernet: 1 x 100Mbit port (SoC MAC+PHY)
  - Wi-Fi: Atheros AR9283-AL1A (2T2R, 11n)

Installation:

  1. Requires TFTP server at 192.168.1.101, w/ initramfs & sysupgrade .bins
  2. Open shell case
  3. Connect a USB->TTL cable to headers furthest from the RF shield
  4. Power on the router; connect to U-boot over 115200-baud connection
  5. Interrupt U-boot process to boot Openwrt by running:
       setenv bootcmd bootm 0xbf0a0000; saveenv;
       tftpboot 0c00000 <filename-of-initramfs-kernel>.bin;
       bootm 0c00000;
  6. Copy sysupgrade image to /tmp on MR12
  7. sysupgrade /tmp/<filename-of-sysupgrade>.bin

Notes:

  - kmod-owl-loader is still required to load the ART partition into the
    driver.

  - The manner of storing MAC addresses is updated from ar71xx; it is
    at 0x66 of the 'config' partition, where it was discovered that the
    OEM firmware stores it. This is set as read-only. If you are
    migrating from ar71xx and used the method mentioned above to
    upgrade, use kmod-mtd-rw or UCI to add the MAC back in. One more
    method for doing this is described below.

  - Migrating directly from ar71xx has not been thoroughly tested, but
    one method has been used a couple of times with good success,
    migrating 18.06.2 to a full image produced as of this commit. Please
    note that these instructions are only for experienced users, and/or
    those still able to open their device up to flash it via the serial
    headers should anything go wrong.

    1) Install kmod-mtd-rw and uboot-envtools
    2) Run `insmod mtd-rw.ko i_want_a_brick=1`
    3) Modify /etc/fw_env.config to point to the u-boot-env partition.
       The file /etc/fw_env.config should contain:

       # MTD device   env offset  env size    sector size
       /dev/mtd1      0x00000     0x10000     0x10000

       See https://openwrt.org/docs/techref/bootloader/uboot.config
       for more details.

    4) Run `fw_printenv` to verify everything is correct, as per the
       link above.
    5) Run `fw_setenv bootcmd bootm 0xbf0a0000` to set a new boot address.
    6) Manually modify /lib/upgrade/common.sh's get_image function:
       Change ...

       cat "$from" 2>/dev/null | $cmd

       ... into ...

       (
         dd if=/dev/zero bs=1 count=$((0x66)) ; # Pad the first 102 bytes
         echo -ne '\x00\x18\x0a\x12\x34\x56'  ; # Add in MAC address
         dd if=/dev/zero bs=1 count=$((0x20000-0x66-0x6)) ; # Pad the rest
         cat "$from" 2>/dev/null
       ) | $cmd

       ... which, during the upgrade process, will pad the image by
       128K of zeroes-plus-MAC-address, in order for the ar71xx's
       firmware partition -- which starts at 0xbf080000 -- to be
       instead aligned with the ath79 firmware partition, which
       starts 128K later at 0xbf0a0000.

    7) Copy the sysupgrade image into /tmp, as above
    8) Run `sysupgrade -F /tmp/<sysupgrade>.bin`, then wait

    Again, this may BRICK YOUR DEVICE, so make *sure* to have your
    serial cable handy.

Signed-off-by: Martin Kennedy <hurricos@gmail.com>
[add LED migration and extend compat message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-02-05 16:56:08 +01:00
Ewan Parker
ddafcc7947 ramips: add support for Hi-Link HLK-7688A
Specifications:

  - SoC: MediaTek MT7688AN
  - RAM: 128 MB
  - Flash: 32 MB
  - Ethernet: 5x 10/100 (1x WAN, 4x LAN)
  - Wireless: built in 2.4GHz (bgn)
  - USB: 1x USB 2.0 port
  - Buttons: 1x Reset
  - LEDs: 1x (WiFi)

Flash instructions:

  - Configure TFTP server with IP address 10.10.10.3
  - Name the firmware file as firmware.bin
  - Connect any Ethernet port to the TFTP server's LAN
  - Choose option 2 in U-Boot
  - Alternatively choose option 7 to upload firmware to the built-in
    web server

MAC addresses as verified by OEM firmware:

  use   address   source
  2g    *:XX      factory 0x4
  LAN   *:XX+1    factory 0x28
  WAN   *:XX+1    factory 0x2e

Notes:

This board is ostensibly a module containing the MediaTek MT7688AN SoC,
128 MB DDR2 SDRAM and 32 MB flash storage.  The SoC can be operated in
IoT Gateway Mode or IoT Device Mode.

From some vendors the U-Boot that comes installed operates on UART 2
which is inaccessible in gateway mode and operates unreliably in the
Linux kernel when using more than 64 MB of RAM.  For those, updating
U-Boot is recommended.

Signed-off-by: Ewan Parker <ewan@ewan.cc>
[add WLAN to 01_leds]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-02-05 14:54:47 +01:00
Paul Spooren
a17b8eaa2e build: use SPDX license tags
The license folder is a core part of OpenWrt and all GPL-2.0 licensed.
Use SPDX license tags to allow machines to check licenses.

Signed-off-by: Paul Spooren <mail@aparcar.org>
[rebase, keep some Copyright lines, sharpen commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-02-05 14:54:47 +01:00
Daniel Golle
381a458d58 selinux-policy: update to version 0.6
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-05 13:17:49 +00:00
Daniel Golle
a21be2a703 kernel: add defaults for new SELinux options
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-05 13:17:49 +00:00
John Audia
36c9cf3e51 kernel: bump 5.4 to 5.4.95
Ran update_kernel.sh in a fresh clone without any existing toolchains.

Removed upstreamed patches:
 imx6: 303-ARM-dts-imx6qdl-gw52xx-fix-duplicate-regulator-namin.patch

Build system: x86_64
Build-tested: ipq806x/R7800, bcm27xx/bcm2711
Run-tested: ipq806x/R7800

No dmesg regressions, everything functional

Signed-off-by: John Audia <graysky@archlinux.us>
2021-02-04 22:07:32 +01:00
Petr Štetiar
43ff6e641e hostapd: add forgotten patch for P2P vulnerability fix
Commit 7c8c4f1be6 ("hostapd: fix P2P group information processing
vulnerability") was missing the actual patch for the vulnerability.

Fixes: 7c8c4f1be6 ("hostapd: fix P2P group information processing vulnerability")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2021-02-04 09:11:50 +01:00
Daniel Golle
7c8c4f1be6 hostapd: fix P2P group information processing vulnerability
A vulnerability was discovered in how wpa_supplicant processing P2P
(Wi-Fi Direct) group information from active group owners.
This issue was discovered by fuzz testing of wpa_supplicant by Google's
OSS-Fuzz.

https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-04 01:05:32 +00:00
Daniel Golle
104d60fe94 trusted-firmware-a.mk: add PKG_CPE_ID
Vulnerabilities of Trusted Firmware A are tracked as
cpe:/a:arm:arm_trusted_firmware

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-04 01:05:12 +00:00
Daniel Golle
c3959cd54f arm-trusted-firmware-mediatek: make use of trusted-firmware-a.mk
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-03 15:19:14 +00:00
Daniel Golle
84bc7d31e0 tfa-layerscape: don't build fiptool
tfa-fiptool is now provided by an extra package. Use that instead.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-03 15:19:14 +00:00
Daniel Golle
1f1d8d4f47 arm-trusted-firmware-tools: add package
Package ARM Trusted Firmware host tools separately.
(instead of building tfa-fiptool as part of tfa-layerscape)

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-03 15:19:14 +00:00
Curtis Deptuck
abe348168b iptables: update to 1.8.7
ChangeLog:
https://netfilter.org/projects/iptables/files/changes-iptables-1.8.7.txt

Refresh patch:
None required

Signed-off-by: Curtis Deptuck <curtdept@me.com>
2021-02-02 21:06:45 +01:00
Daniel González Cabanelas
a0e0e621ca bcm63xx: sprom: override the PCI device ID
The PCI device ID detected by the wifi drivers on devices using a fallback
SPROM is wrong. Currently the chipnum is used for this parameter.

Most SSB based Broadcom wifi chips are 2.4 and 5GHz capable. But on
devices without a physical SPROM, the only one way to detect if the device
suports both bands or only the 5GHz band, is by reading the device ID from
the fallback SPROM.

In some devices, this may lead to a non working wifi on a 5GHz-only card,
or in the best case a working 2.4GHz-only in a dual band wifi card.

The offset for the deviceid in SSB SPROMs is 0x0008, whereas in BCMA is
0x0060. This is true for any SPROM version.

Override the PCI device ID with the one defined at the fallback SPROM, to
detect the correct wifi card model and allow using the 5GHz band if
supported.

The patch has been tested with the following wifi radios:

BCM43222: b43: both 2.4/5GHz working
          brcm-wl: both 2.4/5GHz working

BCM43225: b43: 2.4GHz, working
	 brcmsmac: working
	 brcm-wl: it lacks support

BCM43217: b43: 2.4GHz, working
	 brcmsmac: it lacks support
	 brcm-wl: it lacks support

Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
[amend commit description, rework patch to avoid using a new global variable
and keep ssb sprom extraction code as close to ssb/pci.c as possible]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2021-02-02 20:40:31 +01:00
Álvaro Fernández Rojas
e23a90674e bcm63xx: backport upstream SSB SPROM extraction
New upstream changes extract more SPROM values and fix the antenna gain.
These changes can be found in linux drivers/ssb/pci.c.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2021-02-02 20:40:29 +01:00
Daniel Golle
a3b55ae510 arm-trusted-firmware-mediatek: add ATF builds for MT7622
ATF bl2 comes in 4 variants for MT7622 depending on the boot media:
 * nor
 * snand
 * emmc
 * sdmmc

Additional binary headers needed for emmc and sdmmc are downloaded as
well and provided along with bl2*.bin and bl31.bin to allow building
images including ATF for MT7622.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-02 18:13:15 +00:00
Daniel Golle
740af59b9c procd: update to git HEAD
0aee1c3 hotplug.c: set nl_pid to zero
 d6dda31 procd: fix compiler warning
 92c8e8f jail: remove duplicate check for hook file permissions
 0a74c06 jail: only output BPF instr. table header if debugging
 fd18379 jail: cgroups: fix uninitialized variabl

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-02 13:29:36 +00:00
John Audia
d33cd383ed kernel: bump 5.4 to 5.4.94
All modification made by update_kernel.sh in a fresh clone without
existing toolchains.

Build-tested: bcm27xx/bcm2711, ipq806x/R7800,
Run-tested: ipq806x/R7800

No dmesg regressions, everything functional

Signed-off-by: John Audia <graysky@archlinux.us>
2021-02-01 19:10:43 +01:00
Felix Fietkau
84fa59b5a8 mac80211: fix station rate table updates on assoc
If the driver uses .sta_add, station entries are only uploaded after the sta
is in assoc state. Fix early station rate table updates by deferring them
until the sta has been uploaded

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-01 10:00:23 +01:00
David Bauer
8019c54d8a mac80211: fix incorrect parameter
he_mu_beamformer only accepts values of 0 and 1 according to the hostapd
documentation.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-02-01 00:48:37 +01:00
Leon Leijssen
eff03cea27 ath79: ag71xx: add ethtool statistics support
Add statistics to ethtool. The statistics can be useful to
debug network issues.

The code is backported from mainline ag71xx.c driver.

Signed-off-by: Leon Leijssen <leon.git@leijssen.info>
2021-02-01 00:48:12 +01:00
Marty Jones
1735026632 uboot-rockchip: fix RockPro64 boot from eMMC
With upstream commit f81f9f0ebac5 ("rockchip: rockpro64: initialize USB in
preboot") CONFIG_USE_PREBOOT was enabled on the RockPro64, which is causing
boot issues when a eMMC is used, as a workaround will temporarily disable
this option.

Signed-off-by: Marty Jones <mj8263788@gmail.com>
[Improve patch description]
Signed-off-by: David Bauer <mail@david-bauer.net>
2021-02-01 00:48:06 +01:00
David Bauer
51f578efa5 ath79: add support for Ubiquiti UniFi AP Outdoor+
Hardware
--------
Atheros AR7241
16M SPI-NOR
64M DDR2
Atheros AR9283 2T2R b/g/n
2x Fast Ethernet (built-in)

Installation
------------

Transfer the Firmware update to the device using SCP.

Install using fwupdate.real -m <openwrt.bin> -d

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-02-01 00:47:46 +01:00
David Bauer
0c499f6068 mac80211: convert UniFi Outdoor+ HSR support to OF
Enable support for the Ubiquiti UniFi Outdoor+ RF filter via
device-tree. The old way of using platform data is not required anymore,
as it was only used on the now removed ar71xx target.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-02-01 00:47:36 +01:00
Rosen Penev
cbedb5de75 util-linux: remove custom pkgconfig patch
Replace with sed as done elsewhere.

Fixes error with at least btrfs-progs:

Package '@LIBSELINUX@', required by 'mount', not found
Package '@LIBCRYPTSETUP@', required by 'mount', not foun

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-01-31 16:25:08 +01:00
Daniel Golle
f4d974d7f8 selinux-policy: update to git tag v0.5
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-01-31 14:02:19 +00:00
Hans Dedecker
fc72d07b46 glibc: update to latest 2.32 commit (bug 27256)
760e1d2878 gconv: Fix assertion failure in ISO-2022-JP-3 module (bug 27256)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2021-01-31 12:16:16 +01:00
Petr Štetiar
337ff74894 mvebu: omnia: make initramfs image usable out of the box
Currently it's not possible to boot the device with just initramfs image
without additional effort as the initramfs image doesn't contain device
tree.  Fix it by producing FIT based image which could be booted with
following commands:

 setenv bootargs earlyprintk console=ttyS0,115200
 tftpboot ${kernel_addr_r} openwrt-mvebu-cortexa9-cznic_turris-omnia-initramfs-kernel.bin
 bootm ${kernel_addr_r}

Acked-by: Klaus Kudielka <klaus.kudielka@gmail.com>
Reviewed-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2021-01-31 11:39:19 +01:00
Rosen Penev
ec0c6c1143 tools/zstd: compile with cmake
It's faster and more reliable.

Removed ccache cmake build dependency as it's now implicit.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-01-30 18:14:50 -10:00
Rosen Penev
7534c8a2e1 tools/zstd: update to 1.4.8
Switch to the normal tarball instead of the codeload generated one. The
latter has the potential to change hashes based on changes in the repo.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-01-30 18:14:50 -10:00
Paul Spooren
ddab795b37 rules: fix empty COMMITCOUNT/AUTORELEASE
Packages that are in-tree only often lack a PKG_VERSION and only use the
PKG_RELEASE to mark changes. Using COMMITCOUNT/AUTORELEASE variables
causes an issue as both variables are empty during the metadata DUMP
phase.

Instead of leaving these variables empty and causing an error message
like below, set the variables to 0 during dumping. On actual building
the variable is evaluated causing in a value above 0.

ERROR: please fix package/utils/px5g-wolfssl/Makefile - \
	see logs/package/utils/px5g-wolfssl/dump.txt for details

Makefile:48: *** Package/px5g-wolfssl is missing the VERSION field.  Stop.

Reported-by: Daniel Golle <daniel@makrotopia.org>
Reported-by: Stijn Segers <foss@volatilesystems.org>
Reported-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-01-30 12:21:58 -10:00
Hans Dedecker
1b484f1a12 odhcpd: update to latest git HEAD
8d8a8cd dhcpv6-ia: apply prefix_filter on dhcpv6

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2021-01-30 21:25:09 +01:00
Andre Heider
4c6c1c6dd0 trusted-firmware-a.mk: pass package version as version identifier
Upon boot it now prints:
NOTICE:  BL1: v2.4(release):OpenWRT v2.4-1 (espressobin-v3-v5-1gb-2cs) (Marvell-devel-18.12.0)

Signed-off-by: Andre Heider <a.heider@gmail.com>
2021-01-30 14:46:32 +01:00
Andre Heider
a04bffebba arm-trusted-firmware-mvebu: pass commit ids to a3700-utils/mv-ddr-marvell
The two required tools fail to identify their version when not compiling
from a git clone, patch that in and pass on the used commit hashes.

Upon boot it now prints "WTMI-devel-18.12.1-5598e150".

Signed-off-by: Andre Heider <a.heider@gmail.com>
2021-01-30 14:46:32 +01:00
Andre Heider
5fae94d987 arm-trusted-firmware-mvebu: bump espressobin boards to CPU_1000_DDR_800
The cpufreq issue has been identified and a fix is in the process of beeing
upstreamed [0].

Bump the boards to the default 1000MHz so they can run at that frequency
once the fix is merged. Until then the boards are stuck at 800MHz (just
claiming to run 1000Hz, which is a lie).

[0] https://lore.kernel.org/linux-arm-kernel/20210114124032.12765-1-pali@kernel.org/

Signed-off-by: Andre Heider <a.heider@gmail.com>
2021-01-30 14:46:32 +01:00
Andre Heider
8f3bd881c9 arm-trusted-firmware-mvebu: update to v2.4
Signed-off-by: Andre Heider <a.heider@gmail.com>
2021-01-30 14:46:32 +01:00
Andre Heider
a9c20d56f1 uboot-mvebu: update to v2021.01
u-boot now detects emmc variants at runtime, we don't need to build
seperate binaries anymore.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2021-01-30 14:46:32 +01:00
Andre Heider
00bf2c0cbe arm-trusted-firmware-mvebu: don't build emmc variants
Starting with u-boot v2021.01 a single binary will be used for non-emmc
and emmc variants.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2021-01-30 14:46:32 +01:00
Daniel González Cabanelas
24b910dca2 mvebu: LS421DE: fix the thermal zones
The thermal zones kernel documentation is misleading, we cannot use more
than one sensor in a thermal zone node.

Furthermore the drivetemp driver for some reason it only catches one
sensor from the hard drives array (the first available).

In the Buffalo Linkstation LS421DE board there is also a sensor at the
ethernet phy chip that can also be monitored. Very useful to stop the fan
when there are no hard drives in the bays.

(It might be also possible to add the CPU sensor, but it requires kernel
patching for registering the sensor via device tree, using the function:
devm_thermal_zone_of_sensor_register)

Fix the thermal zones to use only one sensor per node and add the ethernet
phy sensor. Also adjust the hdd temperatures to be more conservative for
a mechanical hard drive.

Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
2021-01-30 01:03:00 +01:00
Geordan Neukum
e9d551fac1 strace: update package to v5.10
v5.10 has been released for strace. As such, let's go ahead bring in the
latest version of this package.

See here for the changelog:
    https://github.com/strace/strace/releases/tag/v5.10

Signed-off-by: Geordan Neukum <gneukum1@gmail.com>
2021-01-30 01:03:00 +01:00
Brian Norris
95b30f84d2 base-files: mount pstore if present
Pstore (persistent store) can be used to stash debug information (kernel
console, panics, ftrace) across reboots or crashes. If the filesystem is
present, mount it.

Signed-off-by: Brian Norris <computersforpeace@gmail.com>
2021-01-29 22:26:36 +01:00
Michael Yartys
5b66c447f3 ath10k-ct: update to latest version
Changelog:
- ath10k-ct: Pull in some upstream patches.

Runtime-tested on ipq806x (Netgear R7800).

Signed-off-by: Michael Yartys <michael.yartys@gmail.com>
2021-01-29 21:22:28 +01:00
Paul Menzel
ea1cdd1901 ca-certicficates: Update to version 20210119
Update the ca-certificates and ca-bundle package from version 20200601 to
version 2021019.

This version uses Python 3 for the build, fixing a build issue on systems,
where `/usr/bin/python3` is a wrapper script [1].

Debian change-log entry [2]:

>   [ Julien Cristau ]
>   * New maintainer (closes: #976406)
>   * mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate
> authority
>     bundle to version 2.46.
>     The following certificate authorities were added (+):
>     + "certSIGN ROOT CA G2"
>     + "e-Szigno Root CA 2017"
>     + "Microsoft ECC Root Certificate Authority 2017"
>     + "Microsoft RSA Root Certificate Authority 2017"
>     + "NAVER Global Root Certification Authority"
>     + "Trustwave Global Certification Authority"
>     + "Trustwave Global ECC P256 Certification Authority"
>     + "Trustwave Global ECC P384 Certification Authority"
>     The following certificate authorities were removed (-):
>     - "EE Certification Centre Root CA"
>     - "GeoTrust Universal CA 2"
>     - "LuxTrust Global Root 2"
>     - "OISTE WISeKey Global Root GA CA"
>     - "Staat der Nederlanden Root CA - G2" (closes: #962079)
>     - "Taiwan GRCA"
>     - "Verisign Class 3 Public Primary Certification Authority - G3"
>
>   [ Michael Shuler ]
>   * mozilla/blacklist:
>     Revert Symantec CA blacklist (#911289). Closes: #962596
>     The following root certificates were added back (+):
>     + "GeoTrust Primary Certification Authority - G2"
>     + "VeriSign Universal Root Certification Authority"
>
>   [ Gianfranco Costamagna ]
>   * debian/{rules,control}:
>     Merge Ubuntu patch from Matthias Klose to use Python3 during build.
>     Closes: #942915

[1]: https://github.molgen.mpg.de/mariux64/mxtools/issues/148
[2]: https://metadata.ftp-master.debian.org/changelogs//main/c/ca-certificates/ca-certificates_20210119_changelog

Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
2021-01-29 21:20:40 +01:00
INAGAKI Hiroshi
eb11cd9ea3 ramips: add support for ELECOM WRC-2533GHBK-I
ELECOM WRC-2533GHBK-I is a 2.4/5 GHz band 11ac (Wi-Fi 5) router, based
on MT7621A.

Specification:

- SoC		: MediaTek MT7621A
- RAM		: DDR3 128 MiB
- Flash		: SPI-NOR 16 MiB
- WLAN		: 2.4/5 GHz 4T4R (2x MediaTek MT7615)
- Ethernet	: 10/100/1000 Mbps x5
  - Switch	: MediaTek MT7530 (SoC)
- LED/keys	: 4x/3x (2x buttons, 1x slide-switch)
- UART		: through-hole on PCB
  - J4: 3.3V, RX, GND, TX from SoC side
  - 57600n8
- Power		: 12VDC, 1.5A

Flash instruction using factory image:

1. Boot WRC-2533GHBK-I normally
2. Access to "http://192.168.2.1/" and open firmware update page
   ("ファームウェア更新")
3. Select the OpenWrt factory image and click apply ("適用") button
4. Wait ~150 seconds to complete flashing

MAC addresses:

LAN	: BC:5C:4C:xx:xx:89 (Config, ethaddr (text))
WAN	: BC:5C:4C:xx:xx:88 (Config, wanaddr (text))
2.4GHz	: BC:5C:4C:xx:xx:8A (Factory, 0x4    (hex))
5GHz	: BC:5C:4C:xx:xx:8B (Factory, 0x8004 (hex))

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Reviewed-by: Sungbo Eo <mans0n@gorani.run>
2021-01-29 15:32:07 +01:00
INAGAKI Hiroshi
0071c7cd82 build: add elecom-product-header for ELECOM devices
A header used in ELECOM WRC-300GHBK2-I and WRC-1750GHBK2-I/C is also
used in ELECOM WRC-2533GHBK-I, so split the code to generate the header
and move it to image-commands.mk to use from ramips target.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Reviewed-by: Sungbo Eo <mans0n@gorani.run>
2021-01-29 15:28:12 +01:00
Adrian Schmutzler
396a35dd51 base-files: remove execute bit and shebang from functions.sh
/lib/functions.sh was executable for no obvious reason and its
execute property was even checked in package-ipkg.mk just to
source it afterwards.

Remove the execute bit and shebang as this is clearly a library.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
2021-01-29 14:30:32 +01:00
Adrian Schmutzler
331892f85f treewide: drop shebang from non-executable lib files
This drops the shebang from another bunch of files in various /lib
folders, as these are sourced and the shebang is useless.

Fix execute bit in one case, too.

This should cover almost all trivial cases now, i.e. where /lib is
actually used for library files.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-01-29 14:29:41 +01:00
John Audia
2c35899d81 kernel: bump 5.4 to 5.4.93
All modification made by update_kernel.sh in a fresh clone without
existing toolchains.

Build system:       x86_64
Build-tested:       ipq806x/R7800, bcm27xx/bcm2711
Run-tested:         ipq806x/R7800
Compile-tested [*]: ath79/{tiny,generic}, ipq40xx, octeon,
                    ramips/mt7621, realtek, x86/64
Run-tested [*]:     ath79/generic, ipq40xx, octeon, ramips/mt7621

No dmesg regressions, everything functional

Signed-off-by: John Audia <graysky@archlinux.us>
Tested-by: Stijn Segers <foss@volatilesystems.org> [*]
2021-01-29 14:22:09 +01:00