Commit Graph

54503 Commits

Author SHA1 Message Date
Stijn Tintel
f2982bcc89 hostapd: introduce background_radar option
Introduce a new option background_radar to toggle hostapd's background
radar feature. Enabling this allows DFS CAC to run on dedicated radio RF
chains while the radio(s) are otherwise running normal AP activities on
other channels.

As OpenWrt configures hostapd to use a channel list even when a single
channel is configured, using this feature requires a list of channels in
/etc/config/wireless. Alternatively, channel can be set to auto.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:51 +03:00
Stijn Tintel
5c57f9bbea hostapd: support MBO in bss_transition_request
Support the use of MBO in the bss_transition_request ubus method.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:51 +03:00
Stijn Tintel
6eee983656 hostapd: introduce mbo option
Introduce a new option mbo to toggle Multi Band Operation aka Agile
Multiband for a BSS.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:51 +03:00
Stijn Tintel
eaad8dfc22 hostapd: enable MBO if 802.11ax is enabled
Multi Band Operation is required for 802.11ax certification, so let's
enable it if 802.11ax support is enabled.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:51 +03:00
Stijn Tintel
48c321082c hostapd: add config symbol to enable MBO
Multi Band Operation aka Agile Multiband introduces new Transition
and Transition Rejection Reason Codes that should improve client
steering. Add a config symbol to enable it, and enable it by default for
the full variants.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: David Bauer <mail@david-bauer.net>
2022-06-28 03:23:50 +03:00
Sander Vanheule
7bf73e270e kernel: backport RTL8211F clkout-disable patch
In Linux v5.14 an extra feature was introduced for the RTL8211F phy,
allowing to disable a clock output from the phy. Part of that patch is to
always (soft) reset the phy upon initialisation.

This phy reset is required to have a working ethernet on the TP-Link
EAP225-Outdoor v3 and EAP225 v4 after a reboot. Otherwise the ethernet
port will only function properly on cold boots.

Tested-by: Andre Klärner <kandre@ak-online.be> # EAP225-Outdoor v3
Tested-by: Sven Hauer <sven.hauer+github@uniku.de> # EAP225 v4
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-27 21:56:20 +02:00
Sander Vanheule
6445415809 firmware-utils: bump to git HEAD
The support-list partition for the EAP225-V3 board ID became larger than
the allocated size, resulting in factory image generation for the
EAP225-Outdoor v3 and EAP225 v3 to fail. The make directive
Build/tplink-safeloader ignores this failure however, resulting in a
seemingly successful build with empty factory images.

Included changes:
    e609c5d75186 tplink-safeloader: drop unqualified EAP225-V3 IDs

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-27 21:56:20 +02:00
Tiago Gaspar
40c2cd8bd0 ath10k: enable encapsulation offload by default
Enable ath10k offload by default. This improves wireless performance
without requiring user configuration.
This adds ath10k_core to the AUTOLOAD section so that the frame_mode
paramter can be added to /etc/modules.d and passed to the driver.
The frame_mode 2 enables ethernet mode on the firmware/driver.
This parameter is set by passing a different value to the frame_mode
value on kmod insmod.
Link to the original patchset:
https://patchwork.kernel.org/project/linux-wireless/cover/20220516032519.29831-1-ryazanov.s.a@gmail.com/

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
2022-06-27 21:33:16 +02:00
Martin Blumenstingl
9d06e5a773 lantiq: dts: td-w8980: Remove duplicate PCI properties
lantiq,bus-clock, interrupt-map-mask and interrupt-map are already
defined with these exact values in vr9.dtsi. Drop them from
vr9_tplink_tdw8980.dts to just have one place where these are
maintained.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-06-27 00:57:16 +02:00
Rui Salvaterra
f1cd144482 kernel: bump 5.15 to 5.15.49
Deleted (upstreamed):
generic/backport-5.15/702-v5.19-34-net-ethernet-mtk_eth_soc-fix-misuse-of-mem-alloc-int.patch [1]

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.49&id=fcba12a4308143f1f1dcb0face8b3ffb51edcc5c

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-06-27 00:57:16 +02:00
Rui Salvaterra
f2795132ba kernel: bump 5.15 to 5.15.48
No patches needed rebasing.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-06-27 00:57:16 +02:00
Rui Salvaterra
b55efebb1f kernel: bump 5.15 to 5.15.47
Deleted (upstreamed):
generic/backport-5.15/702-v5.19-32-net-ethernet-mtk_eth_soc-out-of-bounds-read-in-mtk_h.patch [01]

[01] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.47&id=b24ca1cf846273361d5bd73a35de95a486a54b6d

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
[Removed 702-v5.19-32-net-ethernet-mtk_eth_soc-out-of-bounds-read-in-mtk_h.patch]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-06-27 00:57:16 +02:00
Rui Salvaterra
251a382c28 kernel: bump 5.15 to 5.15.46
Deleted (upstreamed):
generic/backport-5.15/400-mtdblock-warn-if-opened-on-NAND.patch [01]
generic/backport-5.15/420-v5.19-01-mtd-spinand-gigadevice-fix-Quad-IO-for-GD5F1GQ5UExxG.patch [02]
bcm27xx/patches-5.15/950-0029-Revert-mailbox-avoid-timer-start-from-callback.patch [03]
bcm27xx/patches-5.15/950-0417-bcm2711_thermal-Don-t-clamp-temperature-at-zero.patch [04]
bcm27xx/patches-5.15/950-0740-drm-vc4-hvs-Fix-frame-count-register-readout.patch [05]
bcm27xx/patches-5.15/950-0755-drm-vc4-hvs-Reset-muxes-at-probe-time.patch [06]
bcm27xx/patches-5.15/950-0759-drm-vc4-txp-Don-t-set-TXP_VSTART_AT_EOF.patch [07]
bcm27xx/patches-5.15/950-0760-drm-vc4-txp-Force-alpha-to-be-0xff-if-it-s-disabled.patch [08]
bcm53xx/patches-5.15/031-v5.17-0005-ARM-dts-BCM5301X-update-CRU-block-description.patch [09]
mediatek/patches-5.15/102-mt7629-enable-arch-timer.patch [10]

Manually rebased:
bcm27xx/patches-5.15/950-0741-drm-vc4-hvs-Use-pointer-to-HVS-in-HVS_READ-and-HVS_W.patch

[01] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=f41c9418c5898c01634675150696da290fb86796
[02] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=d5b66645305c6f3a1b2cf75cee4157b07f293309
[03] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=119f99209d8531359bcb935f252ec435f9d21b13
[04] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=c4e1280abead1552e1764684079a43e222ccd163
[05] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=08465a1889cb48ec64431e9db745b5be15399251
[06] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=0e26a6da02e63b75b629573d13966c36aa6264f0
[07] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=01c9020b2e7c85e394879f34851805179ac3d1d8
[08] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=d47f85cc0171a5d3c5bd8cbb8a98983ca3357cbd
[09] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=5151f24ac937ff7eb1f078257c66e3c0f0296010
[10] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.46&id=ffea838686b82fbb2801cdfad6ba5309d15c032d

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-06-27 00:57:16 +02:00
Rui Salvaterra
aee1215c0e kernel: 5.15: x86-64: enable CONFIG_SLS
Starting with GCC 12, we have the possibility of mitigating straight-line
speculation vulnerabilities in x86-64 targets. Make it so.

Reported-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-06-27 00:57:16 +02:00
John Audia
53d99fedc7 kernel: bump 5.10 to 5.10.125
All patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-06-27 00:57:16 +02:00
John Audia
9e5d743422 kernel: bump 5.10 to 5.10.124
All patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-06-27 00:57:15 +02:00
John Audia
5202a511cc kernel: bump 5.10 to 5.10.123
No patches required a rebase, just updated checksum.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-06-27 00:57:15 +02:00
John Audia
9edc514e3d kernel: bump 5.10 to 5.10.122
All patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-06-27 00:57:15 +02:00
John Audia
706a4ec40c kernel: bump 5.10 to 5.10.121
Manually rebased:
    oxnas/patches-5.10/100-oxnas-clk-plla-pllb.patch

All other patches automatically rebased.

Build system: x86_64
Build-tested: ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-06-27 00:57:15 +02:00
Rui Salvaterra
d075bb3f4a valgrind: bump to 3.19.0
Patches automatically rebased.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-06-27 00:57:15 +02:00
Josef Schlehofer
e21fea9289 opkg: update to 2022-02-24
Changes:
9c44557 opkg_remove: avoid remove pkg repeatly with option --force-removal-of-dependent-packages
2edcfad libopkg: set 'const' attribute for argv

This should fix the CI error in the packages repository, which happens with perl.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-06-27 00:57:15 +02:00
Konstantin Demin
f98bb1ffe5 dropbear: cherry-pick upstream commit 544f28a0
Resolves #10081

Reported-By: Chen Minqiang <ptpt52@gmail.com>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2022-06-27 00:57:15 +02:00
Rosen Penev
d60cfa5a9e tools/meson: update to 0.61.5
Mostly backports by a Red Hat employee as 0.62 and newer demands Python
3.7+. Same reason 0.61 is kept here.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-06-27 00:57:15 +02:00
Nick Hainke
71b211d304 arptables: update to 0.0.5 and cleanup
Update to 0.0.5:

efae894 arptables 0.0.5 release
1f3c6bc libarptc: Simplify alloc_handle by using calloc()
4e5e23a Eliminate compiler warning about size passed to strncmp()
bf11d72 Add .gitignore
28b22d5 arptables: legacy renaming
988d6a4 arptables: cleanup sysvinit script
f4ab8f6 src: Remove support for libc5
047f37b src: Use stdint types
4bb2f83 arptables: Add MARK target
dbbe9f7 arptables: Add revision field for arptables userspace
935acea src: fix compilation warning
5700dbf src: cache in tree and use x_tables.h
4b7d6b0 arptables: remove dead dynamic hooks code
c299484 arptables: fix potential buffer overflow (author: dcb)
9fcaf70 arptables: add missing long option --set-counters and update documentation
36daba3 arptables: install man pages
f79b957 Add man pages for arptables-{save,restore}
c492c16 add GPL text
8f58693 fix potential buffer overflows reported by static analysis
ee4ec13 make static analysis tool happy (false positive)
b064d44 build an libarptc.a archive

Cleanup Makefile:
- Switch to release versions
- Use ftp(http) mirror
- Add PKG_LICENSE_FILES

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-06-27 00:57:15 +02:00
Nick Hainke
fe5d3a4204 ethtool: update to 5.18
9eabf30 Release version 5.18.
2b3ddcb ethtool: fec: Change the prompt string to adapt to current situations
d660dde pretty: add missing message descriptions for rings
aaeb16a pretty: support u8 enumerated types
6b320b8 rings: add support to set/get cqe size
41fddc0 update UAPI header copies
42e6c28 help: fix alignment of rx-buf-len parameter
e1d0a19 ethtool.8: Fix typo in man page
37f0586 Release version 5.17.
8c2984c strset: do not put a pointer to a local variable to nlctx
8fd02a2 ioctl: add the memory free operation after send_ioctl call fails
b9f25ea ethtool: Add support for OSFP transceiver modules
6e79542 features: add --json support
5ed5ce5 Merge branch 'next' into  master
b90abbb man: document recently added parameters
51a9312 tunables: add support to get/set tx copybreak buf size
a081c2a rings: add support to set/get rx buf len
d699bab Merge branch 'master' into next
52db6b9 Merge branch 'review/module-extstate' into next
6407b52 monitor: add option for --show-module/--set-module
1f35786 ethtool: Add transceiver module extended state
2d4c5b7 ethtool: Add ability to control transceiver modules' power mode
005908b Update UAPI header copies

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-06-27 00:57:15 +02:00
Eneas U de Queiroz
0bd5367233 wolfssl: disable AES-NI by default for x86_64
WolfSSL is crashing with an illegal opcode in some x86_64 CPUs that have
AES instructions but lack other extensions that are used by WolfSSL
when AES-NI is enabled.

Disable the option by default for now until the issue is properly fixed.
People can enable them in a custom build if they are sure it will work
for them.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-06-27 00:57:15 +02:00
Sander Vanheule
326e109f24 firmware-utils: bump to git HEAD
Fixes the safeloader model identifiers for EAP225-Outdoor v1/v3 devices.

1e3d47292b2e tplink-safeloader: fix EAP225-Outdoor model IDs
9563fe8e78cb tplink-safeloader: add regionless EAP225-V3 IDs

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-26 16:58:05 +02:00
Felix Fietkau
7bf5233a2a mac80211: increase airtime scheduler quantum
improves performance by requiring fewer iterations over tx queues

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-06-26 11:48:11 +02:00
Markus Stockhausen
78b7be9f6c realtek: cleanup LAG logging
Setting up DSA bond silently fails if mode is not 802.3ad. Add log message
to fix it. As we are already here harmonize all logging messages in the
add/delete functions.

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
2022-06-26 11:02:15 +02:00
Felix Fietkau
6d49a25804 mac80211: add airtime fairness improvements
This reverts the airtime scheduler back from the virtual-time based scheduler
to the deficit round robin scheduler implementation.
This reduces burstiness and improves fairness by improving interaction with AQL.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-06-25 23:28:09 +02:00
Alexandru Gagniuc
4d1fc8916c realtek: EnGenius EWS2910P: add support for SFP ports
The SFP cages 9F and 10F share the same SCL line. Currently, there
isn't a good way to model this. Thus, only one SFP port can be fully
supported.

Cage 10F is fully supported with an I2C bus and sfp handle. Linux
automatically handles enabling or disabling the TX laser.

Cage 9F is only parially supported, without the sfp handle. The SDA
line is hogged as an input, so that it remains high. SCL transitions
sould not affect modules connected to this cage. The default value of
the tx-disable line is high (active). It is exported as a gpio, but
the laser is off by default. To enable the laser:

    echo 0 > /sys/class/gpio/sff-p9-tx-disable/value

Thus, both modules can be used for networking, but only 10F will be
able to detect and identify a plugged in SFP module.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2022-06-25 15:45:30 +02:00
Alexandru Gagniuc
2cfaab4549 realtek: add support for EnGenius EWS2910P
Add support for the Engenius EWS2910P PoE switch. This is an RTL8380
based switch with two SFP slots, and PoE 802.3af one every RJ-45 port.

The specs say 802.3af, but the vendor firmware configures the PSE for
a budget of 31W, indicating 802.3at support.

Specifications:
---------------
* SoC:       Realtek RTL8380M
* Flash:     32 MiB SPI flash Macronix MX25L25635E
* RAM:       256 MiB (As reported by bootloader)
* Ethernet:  16x 10/100/1000 Mbps with PoE
              2x SFP slots
* Buttons:   1 "Reset" button on front panel
             1 "LED mode: button on front panel
             1 "On/Off" Toggle switch on the back
* Power:     48V-54V DC barrel jack
* UART:      1 serial header (JP1) with populated 2.54mm pitch header
             Labeled GRTV for ground, rx, tx, and 3.3V respectively
* PoE:       1 STM ST32F100 microcontroller
             2 BCM59111 PSE chips
Works:
------
  - (8) RJ-45 ethernet ports
  - Switch functions
  - LEDs and buttons

Not yet enabled:
----------------
  - SFP ports (will be enabled in a subsequent change)
  - Power-over-Ethernet (requires realtek-poe package)

Install via web interface:
-------------------------

The factory firmware will accept and flash the initramfs image. It is
recommended to flash to "Partition 0". Flashing to "Partition 1" is
not supported at this point.

The factory web GUI will show the following warning:

 " Warning: The firmware version is v0.00.00-c0.0.00
     The firmware image you are uploading is older than the current
     firmware of the switch. The device will reset back to default
     settings. Are you sure you want to proceed?"

This is expected when flashing OpenWrt. After the initramfs image
boots, flash the -sysupgrade using either the commandline or LuCI.

Install via serial console/tftp:
--------------------------------

The u-boot firmware will not stop the boot, regardless of which key is
pressed. To access the u-boot console, ground out the CLK (pin 16) of
the ROM (U22) when u-boot is reading the linux image. If timed
correctly, the image CRC will fail, and u-boot will drop to a shell:
    > rtk network on
    > setenv ipaddr <address of tftp server>
    > tftp $(freemem) <name-of-initramfs-image.bin>
    > bootm

Then flash the -sysupgrade using either the commandline or luci.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[gpio-led node names, OpenWrt and LuCI capitalization in commit message]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-25 15:43:46 +02:00
Semih Baskan
530c0a2068 ramips: add support for Asus RT-N12+ B1 and RT-N300 B1
Asus RT-N12+ B1 and Asus RT-N300 B1 are the same device
with a different name.

The OEM firmwares have the same MD5 with Asus RT-N11P B1.

Same instructions for Asus RT-N11P B1 see:
commit c3dc52e39a ("ramips: add support for Asus RT-N10P V3 / RT-N11P B1 / RT-N12 VP B1")

Signed-off-by: Semih Baskan <strstgs@gmail.com>
(Added id from the PR review to commit message)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-06-25 10:14:18 +02:00
Chuncheng Chen
8c00fd9b45 ramips: add support for ASUS RT-AX53U
Specifications:
- Device: ASUS RT-AX53U
- SoC: MT7621AT
- Flash: 128MB
- RAM: 256MB
- Switch: 1 WAN, 3 LAN (10/100/1000 Mbps)
- WiFi: MT7905 2x2 2.4G + MT7975 2x2 5G
- Ports: USB 3.0
- LEDs: 1x POWER (blue, configurable)
        3x LAN (blue, configurable)
        1x WAN (blue, configurable)
        1x USB (blue, not configurable)
	1x 2.4G (blue, not configurable)
	1x 5G (blue, not configurable)

Flash by U-Boot TFTP method:
- Configure your PC with IP 192.168.1.2
- Set up TFTP server and put the factory.bin image on your PC
- Connect serial port(rate:115200) and turn on AP, then interrupt "U-Boot Boot Menu" by hitting any key
   Select "2. Upgrade firmware"
   Press enter when show "Run firmware after upgrading? (Y/n):"
   Select 0 for TFTP method
   Input U-Boot's IP address: 192.168.1.1
   Input TFTP server's IP address: 192.168.1.2
   Input IP netmask: 255.255.255.0
   Input file name: openwrt-ramips-mt7621-asus_rt-ax53u-squashfs-factory.bin
- Restart AP aftre see the log "Firmware upgrade completed!"

Signed-off-by: Chuncheng Chen <ccchen1984@gmail.com>
(replaced led label, added key-* prefix to buttons, added note about
BBT)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-06-25 10:14:18 +02:00
Chen Minqiang
e0d8f7ef1f kexec-tools: add kdump scripts util
This add back kdump scripts to save crashlog or vmcore to disk

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2022-06-25 10:14:18 +02:00
Christian Lamparter
36483600d3 apm821xx: WNDAP660: fix ethernet port ordering
Tim Small reported:
| Viewing the 'Network' -> 'Switch' config page in LuCI:
|
| The LuCI LAN 1 port corresponds to the port physically
|     labelled 2 at the rear of the device.
| [...]
|
| When a patch cord is attached to the port labelled 1 [...],
| the LED labelled 2 illuminates. [...]

=> Ports, LuCI and LEDs are reversed/don't match.

Reported-by: Tim Small
Fixes: #10111
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-06-25 00:06:46 +02:00
Christian Lamparter
9fc2d58bf8 x86: fix damaged config 5.10 refresh
Restore CONFIG_I8K + CONFIG_INTEL_INT0002_VGPIO that got
removed when I refreshed the config. Each x86 target gets
its own CONFIG_CRYPTO_BLAKE2S + LIB settings as only the
x86_64 can use the accelerated x86 version.

Also remove two extra spaces that sneaked into geode's config.

Fixes: 539e60539a ("generic: enable CRYPTO_LIB_BLAKE2S[_X86|_ARM]")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-06-24 23:59:14 +02:00
Clemens Hopfer
8c0930b70b octeon: add support for Ubiquiti UniFi Security Gateway
Ubiquiti UniFi Security Gateway (USG) is largely identical to
the EdgeRouter Lite (ERLite-3) apart from a different board ID
and two dome leds.

Device data (from WikiDev):
  CPU: Cavium Octeon Plus CN5020 @500MHz 2-cores
  Ethernet: 3x Atheros AR8035-A GbE PHY's
  Flash: On-board 4MB Flash
  Storage: Internal 3.8GB USB Flash (Kingston ID) drive
    w/ 1.5GB free for use occupies single internal USB port.
  Serial: 1x RJ45 port on front panel. 115200, 8N1
  Buttons: 1x Reset

Flash instructions are identical to EdgeRouter Lite.

Signed-off-by: Clemens Hopfer <openwrt@wireloss.net>
2022-06-24 23:59:14 +02:00
Felix Fietkau
29ed58c8be mt76: update to the latest version
1696f9eb8b40 mt76: mt7915: do not copy ieee80211_ops pointer in mt7915_mmio_probe
a4db5869d660 mt76: mt7915: update mpdu density in 6g capability
500c18014d95 mt76: mt7915: add sta_rec with EXTRA_INFO_NEW for the first time only
3ef66fc7c714 mt76: do not check the ccmp pn for ONLY_MONITOR frame
dd682eead016 mt76: mt7915: update the maximum size of beacon offload
4fb991f2c997 mt76: mt7615: add sta_rec with EXTRA_INFO_NEW for the first time only
ba39ed3b44f1 mt76: mt76x02: improve reliability of the beacon hang check
fd8211cf7c59 mt76: mt7921: sync with updated patch
f2edd340ddb4 mt76: allow receiving frames with invalid CCMP PN via monitor interfaces
b6e865e2cc70 mt76: mt7615: fix throughput regression on DFS channels

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-06-24 21:15:41 +02:00
Sebastian Schaper
f770c33d7b ath79: fix rootfs padding for D-Link DAP-2xxx
It was observed that `rootfs_data` was sometimes not correctly erased
after performing sysupgrade, resulting in previous settings to prevail.

Add call to `wrgg-pad-rootfs` in sysupgrade image recipe to ensure any
previous jffs2 will be wiped, consistent with DAP-2610 from the ipq40xx
target, which introduced the double-flashing procedure for these devices.

Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
2022-06-24 17:10:24 +02:00
Tomasz Maciej Nowak
946e42ed89 mac80211: brcmfmac: allow setting MAC from NVMEM cells
The MAC can be stored in OTP memory or in flash memory, currently the
driver could read it only from OTP. Backport the patch allowing setting
the MAC address from flash. Some modules have the OTP programmed but
the ODM/OEM decided to overwrite it with value stored in flash.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2022-06-24 17:10:24 +02:00
Tomasz Maciej Nowak
539e60539a generic: enable CRYPTO_LIB_BLAKE2S[_X86|_ARM]
This is now built-in, enable so it won't propagate on target configs.

Link: https://lkml.org/lkml/2022/1/3/168
Fixes: 79e7a2552e ("kernel: bump 5.15 to 5.15.44")
Fixes: 0ca9367069 ("kernel: bump 5.10 to 5.10.119")
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(Link to Kernel's commit taht made it built-in,
CRYPTO_LIB_BLAKE2S[_ARM|_X86] as it's selectable, 5.10 backport)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-06-24 17:10:24 +02:00
Tomasz Maciej Nowak
9bad3451b6 kernel: clean-up after kernel 5.4 removal
These narrowments are no longer useful, since there's no lower version
than 5.10 supported in tree.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2022-06-24 17:10:24 +02:00
Nick Hainke
a74a853d0d nftables: update to 1.0.4
Needs libnftnl 1.2.2.

3eb0da9f build: Bump version to 1.0.4
a964d1b5 tests: shell: remove leftover modules on cleanup
818f7dde evaluate: reset ctx->set after set interval evaluation
3835de19 tests: shell: sets_with_ifnames release netns on exit
59bd944f optimize: segfault when releasing unsupported statement

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-06-24 17:10:24 +02:00
Nick Hainke
bde367255c libnftnl: update to 1.2.2
build: libnftnl 1.2.2 release
accee9a set_elem: missing export symbol
e2514c0 exthdr: tcp option reset support

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-06-24 17:10:24 +02:00
Nick Hainke
879dd95f43 nftables: clean up Makefile
Add PKG_LICENSE_FILES. Use SPDX.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-06-24 17:10:24 +02:00
Nick Hainke
8704e75d25 nftables: update to 1.0.3
Remove backport:
- 001-examples-compile-with-make-check.patch

87fdf683 build: Bump version to 1.0.3
c4ec825b nft: simplify chain lookup in do_list_chain
4f6724f1 intervals: fix compilation --with-mini-gmp
4c20fe95 json: update json output ordering to place rules after chains
57741350 netlink_delinearize: release last register on exit
d6fdb0d8 sets_with_ifnames: add test case for concatenated range
88b2345a segtree: add pretty-print support for wildcard strings in concatenated sets
806ab081 netlink: swap byteorder for host-endian concat data
c224aa6b intervals: deletion should adjust range not yet in the kernel
ea1f1c9f optimize: memleak in statement matrix
0a6dbfce optimize: merge nat rules with same selectors into map
743b0e81 optimize: do not clone unsupported statement
c8b35039 optimize: incorrect logic in verdict comparison
fc4da141 src: fix always-true assertions
d1289bff intervals: set on EXPR_F_KERNEL flag for new elements in set cache
721b9dec tests: add concat test case with integer base type subkey
22b750aa src: allow use of base integer types as set keys in concatenations
3ed9fada intervals: build list of elements to be added from cache
e45b4939 intervals: fix deletion of multiple ranges with automerge
3b7b22ae intervals: add elements with EXPR_F_KERNEL to purge list only
ea31855d netlink: remove unused argument from helper function
48204bd7 intervals: Simplify element sanity checks
ab1b21be intervals: unset EXPR_F_KERNEL for adjusted elements
e0beff27 src: restore interval sets work with string datatypes
3e8d934e intervals: support to partial deletion with automerge
7a6e1604 evaluate: allow for zero length ranges
3da9643f intervals: add support to automerge with kernel elements
7b061e63 mnl: update mnl_nft_setelem_del() to allow for more reuse
fdb8e0ff src: remove rbtree datastructure
81e36530 src: replace interval segment tree overlap and automerge
f1cc44ed src: add EXPR_F_KERNEL to identify expression in the kernel
ad43b84e segtree: add support for get element with sets that contain ifnames
06db2308 segtree: use correct byte order for 'element get'
4c6681a7 tests: add testcases for interface names in sets
5e393ea1 segtree: add string "range" reversal support
2fb4d7ea src: make interval sets work with string datatypes
403936c1 evaluate: string prefix expression must retain original length
ada50f84 segtree: split prefix and range creation to a helper function
ae7d32fc evaluate: keep prefix expression length
d2b23984 evaluate: make byteorder conversion on string base type a no-op
c36ecfc2 tests: py: Add meta time tests without 'meta' keyword
6fa4ff56 tests: py: Don't colorize output if stderr is redirected
f561a0cc tests: monitor: Hide temporary file names from error output
75fea8a5 tests: py: extend meta time coverage
4460b839 meta: fix compiler warning in date_type_parse()
02100978 meta: time: use uint64_t instead of time_t
4e0026dc include: add missing `#include`
ab74fb5b examples: add .gitignore file
bcad4761 tests: py: add inet/vmap tests
214494aa optimize: Restore optimization for raw payload expressions
82762ab6 src: allow to use integer type header fields via typeof set declaration
64bb3f43 src: allow to use typeof of raw expressions in set declaration
ff0f30e3 expression: typeof verdict needs verdict datatype
60f5c107 src: copy field_count for anonymous object maps as well
4cf97abf rule: Avoid segfault with anonymous chains
4e718641 evaluate: init cmd pointer for new on-stack context
1ea71c23 optimize: do not assume log prefix
3f36cc6c optimize: do not merge unsupported statement expressions
19960c8d optimize: incorrect assert() for unexpected expression type
3de1dbd2 optimize: more robust statement merge with vmap
99eb4696 optimize: fix vmap with anonymous sets
e8f0fa21 scanner: Fix for ipportmap nat statements
59d184be scanner: dup, fwd, tproxy: Move to own scopes
069a0450 scanner: meta: Move to own scope
2165324d scanner: at: Move to own scope
a67fce7f scanner: nat: Move to own scope
578467c1 scanner: policy: move to own scope
a1669709 scanner: flags: move to own scope
020372d9 scanner: reject: Move to own scope
543bf3c2 scanner: import, export: Move to own scopes
88105810 scanner: reset: move to own Scope
8a7e430a scanner: monitor: Move to own Scope
e5547017 scanner: rt: Extend scope over rt0, rt2 and srh
04c95f14 scanner: type: Move to own scope
62a95698 scanner: dst, frag, hbh, mh: Move to own scopes
a060d912 scanner: ah, esp: Move to own scopes
4e215fdf scanner: osf: Move to own scope
5166b298 scanner: dccp, th: Move to own scopes
3e04a6e2 scanner: udp{,lite}: Move to own scope
bbdcfbfa scanner: comp: Move to own scope.
232f2c32 scanner: synproxy: Move to own scope
26b53653 scanner: tcp: Move to own scope
f5722119 scanner: igmp: Move to own scope
a7d8cca9 scanner: icmp{,v6}: Move to own scope
5d837d27 src: add tcp option reset support
1d507ce7 build: explicitly pass --version-script to linker
e98a9b83 libnftables.map: export new nft_ctx_{get,set}_optimize API
9eb98b3b tests: add test case for flowtable with owner flag
18a08fb7 examples: compile with `make check' and add AM_CPPFLAGS

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-06-24 17:10:24 +02:00
Tomasz Maciej Nowak
ecf936a70c ath79: bsap18x0: specify FIS directory location in dts
The redboot-fis parser has option to specify the location of FIS
directory, use that, instead of patching the parser to scan for it, and
specifying location in kernel config.

Tested-by: Brian Gonyer <bgonyer@gmail.com>
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2022-06-24 17:10:24 +02:00
Tomasz Maciej Nowak
5fca475b1a treewide: use upstream compatible for RedBoot FIS parser
No reason to keep that around, since upstream one does the same.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2022-06-24 17:10:24 +02:00
Tomasz Maciej Nowak
9decd2a843 ath79: bsap18x0: pad rootfs image
This image is supposed to be written with help of bootloader to the
flash, but as it stands, it's not aligned to block size and RedBoot will
happily create non-aligned partition size in FIS directory. This could
lead to kernel to mark the partition as read-only, therefore pad the
image to block erase size boundary.

Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
2022-06-24 17:10:24 +02:00