add option portidsubtype to correct port identifiers and descriptions
Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit ac771313ebedd2c4bfda8adef47650d45d77c32d)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
add option to set agent-type to control propogation
Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit c98ee4dbb3db0f064d990941cdd82e872da76946)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
add option to enable LLDP MED fast-start and set fast-start timer
Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 24176a6bdd8f26040a97960868fd0d9ee968d695)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
add option to disable LLDP-MED inventory TLV transmission
Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 1753498b01d86b8d63349b01cb04026c07c343d9)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
add option to disable advertising kernel version
Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 058f284b1a802fafafb2cfde522693bd43aeaf4d)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
add filter option to init script.
Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit ac3ed75309e7db93bf2316eccba8106e3fe8f9fc)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
Bind to the configured system interfaces only. Switchport interfaces
are no longer ignored and uci interface values for LLDPD are honored.
Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 064b4999ad1f37f4c6ccf95a0404007b990ed0ef)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
Init script reload with trigger to detect config file update.
Reload command added to attempt non-impactful lldpd reload where
lldpcli can be used to update config without process restart.
Config hash function used to track whether process restart is needed.
Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit e483c247dc75723a32d03b5b1149f7fd61ac8ac6)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
allow to overwrite the detected system capabilities e.g. if devices
does not operate as bridge.
Signed-off-by: Sebastian Pflieger <sebastian@pflieger.email>
(cherry picked from commit 3ce909914a12647bec52bcee0a162dd6d158a4f6)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
The file contains the the /usr/lib path from the toolchain directory and
not from the target directory. The /usr/lib directory for the toolchain
is empty and the shared library is not in the specified paths. On RISCV
the linker of util-linux was finding the libncursesw.so in my host
system, tried to link against it and failed. Fix the .pc file.
Fixes: #15942
Co-authored-by: Thomas Weißschuh <thomas@t-8ch.de>
Link: https://github.com/openwrt/openwrt/pull/16018
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 91573ac145aa70a12b0984ec75507ac648569240)
Link: https://github.com/openwrt/openwrt/pull/16390
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
MUSL and eglibc provide these symbols.
Bind needs setresuid() to build properly in recent versions.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Link: https://github.com/openwrt/openwrt/pull/15952
(cherry picked from commit 0bd129a5d3b298340e1f6351942a8ccc2ba6eaea)
Link: https://github.com/openwrt/openwrt/pull/16390
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
configure 2.5G PHY LEDs to:
2500/1000: green with blink on TX/RX
100/10: green+yellow with blink on TX/RX
which is similar to other 1G PHY LEDs, which are:
1000: green with blink on TX/RX
100/10: green+yellow with blink on TX/RX
Fixes: 6cc14bf66aa ("filogic: support Telenor branded ZyXEL EX5700")
Signed-off-by: Yan Cangang <nalanzeyu@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16082
(cherry picked from commit 3de653a0af35c2d6fbc0fd14909f362c6b977e4a)
Link: https://github.com/openwrt/openwrt/pull/16390
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This updates mac80211 to version 6.1.110-1. This code is based on Linux
6.1.110 and contains all fixes included in the upstream wireless
subsystem from that kernel version. This includes many bugfixes and also
some security fixes.
The removed patches are already integrated in upstream Linux 6.1.110.
The following patches were integrated in upstream Linux:
subsys/311-v6.2-wifi-mac80211-fix-and-simplify-unencrypted-drop-chec.patch
subsys/312-v6.3-wifi-cfg80211-move-A-MSDU-check-in-ieee80211_data_to.patch
subsys/313-v6.3-wifi-cfg80211-factor-out-bridge-tunnel-RFC1042-heade.patch
subsys/314-v6.3-wifi-mac80211-remove-mesh-forwarding-congestion-chec.patch
subsys/315-v6.3-wifi-mac80211-fix-receiving-A-MSDU-frames-on-mesh-in.patch
subsys/316-v6.3-wifi-mac80211-add-a-workaround-for-receiving-non-sta.patch
subsys/321-mac80211-fix-mesh-forwarding.patch
subsys/322-wifi-mac80211-fix-mesh-path-discovery-based-on-unica.patch
subsys/329-wifi-mac80211-fix-receiving-mesh-packets-in-forwardi.patch
subsys/339-wifi-cfg80211-fix-receving-mesh-packets-without-RFC1.patch
subsys/350-v6.3-wifi-mac80211-Allow-NSS-change-only-up-to-capability.patch
subsys/351-v6.9-wifi-mac80211-track-capability-opmode-NSS-separately.patch
Link: https://github.com/openwrt/openwrt/pull/16368
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
OpenSSL 3.0.15 is a security patch release. The most severe CVE fixed in this release is Moderate.
This release incorporates the following bug fixes and mitigations:
* Fixed possible denial of service in X.509 name checks (CVE-2024-6119)
* Fixed possible buffer overread in SSL_select_next_proto() (CVE-2024-5535)
Added github releases url as source mirror
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16332
(cherry picked from commit 62d3773bf19a3e2f39935c08a8b5b2186777f314)
Link: https://github.com/openwrt/openwrt/pull/16346
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This contains a fix for:
CVE-2024-45157:
Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does
not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when
MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled.
Link: https://github.com/openwrt/openwrt/pull/16367
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The path for linking libucode.so was not specified for the ucode binary.
This breaks execution of ucode in the host context.
Signed-off-by: David Bauer <david.bauer@uniberg.com>
(cherry picked from commit ae42ecaad4e7b4878083f08a2cba6ce511ac6c43)
Ubiquiti has a set of UniFi 802.11ax (Wi-Fi 6) AP devices. All models
include "U6" in their names and also have code names with no special
characters (including spaces).
Examples:
1. U6 Lite (codename U6-Lite)
2. U6 Long-Range (codename U6-LR)
3. U6+ (codename U6-PLUS)
4. U6 Pro (codename U6-Pro)
5. U6 Mesh (codename U6-Mesh)
6. U6 Mesh Pro (codename U6-Mesh-Pro)
7. U6 Enterprise (codename U6-Enterprise)
Use proper full names for those devices. Names in OpenWrt/DTS code may
need updating too but it can be handled later.
Cc: Elbert Mai <code@elbertmai.com>
Cc: Daniel Golle <daniel@makrotopia.org>
Cc: Henrik Riomar <henrik.riomar@gmail.com>
Cc: David Bauer <mail@david-bauer.net>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 74879140a1aa0b8a8c237e0b67e94c3508e2e249)
Aruba boards now ship with multiple DTS and image-configurations per
image. Newer apboot revs expect a configuration for their hardware to be
present.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c7ba5574f52f25334add66c15190b578ac873739)
Empty trailing fields get lost when the lines are split and merged again
at colons, resulting in unparsable entries. Only use the split fields for
matching against the other file, but emit the original line unchanged
to fix the issue.
Fixes: de7ca7dafadf ("base-files: merge /etc/passwd et al at sysupgrade config restore")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 9bbaa6f2c0419739fb85d48d0f527cb1622946ee)
Another instance of files in build_dir symlinking to staging_dir. While
the symlinks do not currently cause any bugs in the libtool package,
such symlinks were found to make the build more fragile, as writing to
the symlink may accidentally modify the shared file in staging_dir. Pass
--copy to bootstrap to disable the symlinking.
Link: https://github.com/openwrt/openwrt/pull/15825
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit d6e54593198851235906c6ab77c20c6209ab19f5)
In Gluon's Github Actions CI, we were occasionally seeing bizarre build
errors that looked like a config.sub file had been corrupted, or changed
while it was being executed.
The cause turned out to be an interaction of the symlinks created by
autoreconf (pointing from individual tools' build dirs into
`staging_dir/host/share/automake-1.16`) and OpenWrt's host-build.mk,
which replaced config.guess and config.sub *after* autoreconf. The
result was that the replacement of these files ended up following the
symlinks and writing the files in `staging_dir/host/share/automake-1.16`
instead of a package's build dir. This could cause other packages' builds
to fail if they were currently executing the scripts while they were
being written.
To fix this, disable autoreconf's symlinking feature, so that modifying
these files in a package's build directory can't accidentally affect the
staged versions.
Link: https://github.com/openwrt/openwrt/pull/15825
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit c364cb8e469f9a7de1ed8960163c90e26b2df1ad)
This patch fixes the list delimiter between 3GPP networks
passed to hostapd.
> list iw_anqp_3gpp_cell_net '262,001'
> list iw_anqp_3gpp_cell_net '262,002'
When passing a list of "iw_anqp_3gpp_cell_net" parameters via UCI,
hostapd would crash at startup:
> daemon.err hostapd: Line 73: Invalid anqp_3gpp_cell_net: 262,001:262,002
Using a semicolon as a delimiter, hostapd will start as expected.
Signed-off-by: Sarah Maedel <git@tbspace.de>
(cherry picked from commit 8de185a176079e738984ab0fc89841bc2e613fb1)
Some devices lock up on PCIe initialization:
[ 64.309697] PCIe: Port 0 in endpoint mode, skipping.
[ 64.320496] PCIe: Initializing port 1
[ 64.325257] PCIe: BIST FAILED for port 1 (0xffffffffffffffff)
(system hangs here)
Given the ER contains no PCIe peripherals, has no way to attach any
and the stock kernel doesn't have PCIe support either, just disable it.
(cherry picked from commit 308630aea6da1b5618d169d6ebf208aaa249ef72)
Signed-off-by: Jakob Haufe <sur5r@sur5r.net>
Link: https://github.com/openwrt/openwrt/pull/16223
Signed-off-by: Robert Marko <robimarko@gmail.com>
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 5d2a008670122f3f69eb3ab4f776d9fe9b6d76dd)
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from a57a3e5cc5942b309941d19143b7097a690eb014)
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 2f846a33157e32d52c26cf06825f8eb1db13181d)
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from fe0240f27e9df2d0b8c0981741360f2f87b09536)
This log is noisy and useless, just ignore it.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 8d9893ff34242f887f40ca271a39e4c67c87b88d)
This log is noisy and useless, just ignore it.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 2fd0102cc3dfd81f4585e8599bf671157a4450b8)
Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from bfeef9b3d786b76510837014648db8d6c8106989)
r8126 is an out of tree driver provided by Realtek for RTL8126 devices.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from 54623c6a1daeb029858aab96a58e0ee8607f738b)
Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from f063f4620c32b1cb6f43dd249c9cdfb4ee2bd12c)
r8125 is an out of tree driver provided by Realtek for RTL8125 devices.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from ddb4070c96728394c22b4beb1070a26efd1c2d28)
r8168 is an out of tree driver provided by Realtek for RTL8168 devices.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
((cherry picked from commit 1565eeda4e670cd02e9ba90179d53ac50aa8c6d0)
r8101 is an out of tree driver provided by Realtek for RTL8101 devices.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit b72c4b53860ef7a65f486212c7393e2c2b57344b)
Sometimes the mmc deivce may come up later than kernel attempts to
mount rootfs, resulting kernel panic. Enable rootwait to fix it.
Reported-by: Yangyu Chen <cyy@cyyself.name>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15077
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
According to RTL8221B's datasheet, the PHY requires at least 10ms
for assert and 68ms (recommended) for de-assert. So increase the
assert/de-assert time to 15ms and 68ms respectively.
Fixes: c0c3234e1720 ("mediatek: add support for JDCloud RE-CP-03")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16106
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d1954aa5353eca59bb76d860b09a68a01e7ec05a)
The vendor U-Boot implementaion on Telenor branded ZyXEL EX5700
devices does not store its environment on flash. It is instead
kept in a memory region. This is persistent over reboots, but
not over power cycling.
The dual partition failsafe system used by the vendor U-Boot
requires the OS to modify a variable in this memory environment.
This driver allows the ordinary uboot-envtools to access a
memory region like it was a partition on NOR flash.
The specific vendor U-Boot adds a "no-map" /reserved-memory
section and a top level /ubootenv node pointing to the memory
environment. The driver uses this device specific fact to
locate the region. The matching and probing code will likely
have to be adjusted for any other devices to be supported.
Example partial device tree:
/ {
..
ubootenv {
memory-region = <&uenv>;
compatible = "ubootenv";
};
..
reserved-memory {
..
uenv: ubootenv@7ffe8000 {
no-map;
reg = <0 0x7ffe8000 0 0x4000>;
};
Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit b2e810f49588d1bbc90f657826e94b32474b482c)
This patch backports fixes for a security vulnerability impacting the
hostapd implementation of SAE H2E.
As upgrading hostapd would require more testing, the second mitigation
step which involves backporting several patches was adopted as outlined
in the official advisory[1].
An explanation of the impact of the vulnerability is provided from the
advisory[1]:
This vulnerability allows the attacker to downgrade the negotiated group
to another enabled group if both the AP and STA have enabled SAE H2E and
multiple groups. It should be noted that the H2E option is not enabled
by default and the attack is not applicable to the default option, i.e.,
hunting-and-pecking, since it does not have any downgrade protection for
group negotiation. In addition, the default configuration for enabled
SAE groups in hostapd is to enable only a single group, so the
vulnerability is not applicable unless hostapd has been explicitly
configured to enable more groups for SAE.
[1]: https://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16043
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit db7f70fe6140e99ae709c7bf2a25eb983cb725ed)
Upstream removed SSB and BCMA, the drivers are now compiled against the
in kernel versions. No need to patch this for OpenWrt.
Link: https://github.com/openwrt/openwrt/pull/15983
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
