Commit Graph

61699 Commits

Author SHA1 Message Date
Daniel Golle
ee7aacb3e7 mediatek: filogic: convert Qihoo 360T7 to fitblk
Use fitblk driver instead of deprecated partition parser.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-28 15:11:51 +01:00
Daniel Golle
609f29da62 mediatek: filogic: convert JCG Q30 PRO to fitblk
Use fitblk driver instead of deprecated partition parser.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-28 15:11:51 +01:00
Daniel Golle
52ef01672c mediatek: filogic: convert H3C Magic NX30 Pro to fitblk
Use fitblk driver instead of deprecated partition parser.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-28 15:11:51 +01:00
Daniel Golle
ffd5cca73e mediatek: filogic: convert MT7981 RFB to fitblk
Use fitblk driver instead of deprecated uImage.FIT partition parser.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-28 15:11:51 +01:00
Daniel Golle
e64b92c63b uboot-mediatek: detect rootdisk on MT7981
Set /chosen/rootdisk according to boot_mode register, similar to
MT7986.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-28 15:11:51 +01:00
Daniel Golle
2de5528fc6 generic: hack: fix patch description
That patch title of 911-kobject_add_broadcast_uevent.patch has been
wrongly copied from 910-kobject_uevent.patch.
Change the description from "lib: add uevent_next_seqnum()" to
"lib: add broadcast_uevent()", so that the git history doesn't look
all weird when importing both patches to a git tree.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-28 15:10:54 +01:00
Sarah Maedel
8de185a176 hostapd: fix anqp_3gpp_cell_net list delimiter
This patch fixes the list delimiter between 3GPP networks
passed to hostapd.

> list iw_anqp_3gpp_cell_net '262,001'
> list iw_anqp_3gpp_cell_net '262,002'

When passing a list of "iw_anqp_3gpp_cell_net" parameters via UCI,
hostapd would crash at startup:
> daemon.err hostapd: Line 73: Invalid anqp_3gpp_cell_net: 262,001:262,002

Using a semicolon as a delimiter, hostapd will start as expected.

Signed-off-by: Sarah Maedel <git@tbspace.de>
2024-08-28 11:57:23 +02:00
Robert Marko
b870c16534 Revert "CI: update actions/labeler to v5"
This reverts commit a70555fb4f.

It is breaking GH PR-s currently, so revert until fixed.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-26 23:29:06 +02:00
Goetz Goerisch
a70555fb4f CI: update actions/labeler to v5
* Version 5 of this action updated the runtime to Node.js 20. All scripts are now run with Node.js 20 instead of Node.js 16 and are affected by any breaking changes between Node.js 16 and 20.

Signed-off-by: Goetz Goerisch <ggoerisch@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16251
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-26 20:30:14 +02:00
David Bauer
ebe7c5f1a3 uqmi: update to latest HEAD
28b48a1 uim: add support for ICC communication channel
f582e00 qmi: fix dynamic array macro
d381f80 data: add support for ICC channel

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-08-25 23:25:45 +02:00
Felix Fietkau
ecfb095866 mt76: update to Git HEAD (2024-08-25)
dbc9b0df7c01 linux-firmware: update firmware for MT7996
4e8167b94175 wifi: mt76: connac: fix checksum offload fields of connac3 RXD
084eaaf4792e wifi: mt76: mt7915: fix sta poll list corruption on hw restart
aea16bfe8d50 firmware: update MT7981 firmware to version 20240507201102
65bbd4c394a9 firmware: update MT7986 firmware to version 20240507160203
1f4ac8faa529 wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac
b76f16ea6521 wifi: mt76: mt7915: improve hardware restart reliability
e6afe9218a27 wifi: mt76: mt7915: fix unused variable error
d6611d015efd firmware: update mt7916/mt7981/mt7986 firmware to version 20240823
ddeb304aae6d wifi: mt76: mt7921: fix wrong UNII-4 freq range check for the channel usage
904ef52a8d04 wifi: mt76: mt7996: fix uninitialized TLV data

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-08-25 21:24:44 +02:00
Petr Štetiar
0e8b701794 ustream-ssl: update to Git HEAD (2024-07-28)
99bd3d2b167c ustream-openssl: fix compilation with OPENSSL_NO_DEPRECATED

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Link: https://github.com/openwrt/openwrt/pull/16020
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 17:27:32 +02:00
Pawel Dembicki
19d770d7b9 mediatek: filogic: add support for Cudy AP3000 Outdoor
Hardware highlights:
  - MediaTek MT7981 WiSoC
  - 256MB DDR3 RAM
  - 64MB SPI-NAND
  - MediaTek MT7981 2x2 DBDC 802.11ax 2T2R (2.4 / 5)
  - 1x LED in two colors
  - 2x Button
  - 1x 1GbE
  - Two detachable antenas, two internal pcb antenas
  - PoE powered (standalone)

MAC:
LAN MAC: label mac
2.4G MAC: label mac -1
5G MAC: label mac

How to install:
1. Apply Cudy Intermediate OpenWrt image for AP3000 Outdoor V1
2. Install OpenWrt sysupgrade image

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16156
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 15:35:53 +02:00
Goetz Goerisch
3774f3272e treewide: rename ZyXEL to Zyxel
The company Zyxel rebranded some years ago.
Currently the casing is according to the old branding even
for newer devices which already use the new branding.

This commit aligns the casing of Zyxel everywhere.

Signed-off-by: Goetz Goerisch <ggoerisch@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15652
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 15:08:25 +02:00
FUKAUMI Naoki
f1c83cf1d5 rockchip: fix model name for Radxa ROCK 3A
This patch fixes model name in dts as below:

Radxa ROCK3 model A -> Radxa ROCK 3A

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16232
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 14:46:27 +02:00
FUKAUMI Naoki
eae339fa72 uboot-rockchip: fix model name for Radxa ROCK 3A, 5A, and 5B
This patch fixes model name in dts as below:

Radxa ROCK3 model A  -> Radxa ROCK 3A
Radxa ROCK 5 model A -> Radxa ROCK 5A
Radxa ROCK 5 model B -> Radxa ROCK 5B

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16232
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-25 14:46:27 +02:00
Mark Mentovai
c099523d66 armsr: use console=tty1 to make console more readily available
Like x86, armsr is frequently virtualized, and is used for development
and debugging. Kernel messages should be more readily apparent by
default. This can be achieved by adding console=tty1 to the kernel
command line, enabling the console on a (possibly virtual) display and
keyboard, in addition to a serial port.

This also enables failsafe on tty1. Failsafe mode operates on consoles
known by the kernel, without regard to /etc/inittab.

armsr's /etc/inittab is also updated to specify tty1 instead of tty0.
tty1 is technically more correct: tty1 is the first virtual console,
where tty0 reflects the current active virtual console (which is likely
to be tty1).

This configuration matches x86, which is another target commonly used
for virtualization, development, and debugging in the same way. x86's
kernel command line had specified console=tty0, although console=tty1 is
more correct for the reasons given above. This also brings x86's kernel
command line console= into agreement with its /etc/inittab, which
already used tty1.

Signed-off-by: Mark Mentovai <mark@mentovai.com>
Link: https://github.com/openwrt/openwrt/pull/16213
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-25 13:15:33 +02:00
Rosen Penev
4f2dadcf95 ramips: mt7621_nand: don't set owner
Found with coccinelle:

No need to set .owner here. The core will do it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16217
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-25 13:14:07 +02:00
Rosen Penev
7a7ea98400 trace-cmd: update to 3.3
Use local tarballs instead of upstream generated ones. Smaller.

Fix version to be compatible with apk.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16219
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-24 21:26:55 +02:00
Carsten Schuette
57c600dc27 dnsmasq: Add EDNS0 Upstream support
Forward client mac address and subnet on dns queries. Pi-hole and Adguard use this feature to send the originators ip address/subnet so it can be logged and not just the nat address of the router. This feature has been added since version 2.56 of dnsmasq and would be nice to expose this feature in openwrt.

Signed-off-by: Carsten Schuette <schuettecarsten@googlemail.com>
Link: https://github.com/openwrt/openwrt/pull/15965
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-24 21:25:17 +02:00
Mathesh Velayudan
1d976f83e4 bmips: add support for TP-Link TD-W8968 V3
TP-Link TD-W8968 v3 is an 300Mbps Wireless N USB ADSL2+ Modem Router based on
Broadcom BCM6318 SoC.

Hardware:
   CPU:          Broadcom BCM6318, 333 MHz, 1 core
   Flash:        8MB
   RAM:          64 MB
   Ethernet:     4x 10/100 Mbps
   Wireless:     802.11b/g/n, BCM43217
   LEDs/Buttons: 10x / 3x
   USB:          1x 2.0

Flash instructions:
* Assign static IP 192.168.1.100 to PC
* Unplug the power source
* Press the RESET button at the router, don't release it yet!
* Plug the power source. Wait for some seconds
* Release the RESET button
* Browse to http://192.168.1.1
* Upload the openwrt-bmips-bcm6318-tp-link_td-w8968-v3-squashfs-cfe.bin file
* Wait some minutes until the firmware upgrade finish.

Signed-off-by: Mathesh Velayudan <123v.mathesh@gmail.com>
2024-08-24 20:35:30 +02:00
Álvaro Fernández Rojas
ae5489e578 generic: 6.6: backport upstream Realtek PHY patch
- Fix setting of PHY LEDs Mode B bit on RTL8211F.
- Rename pending Realtek PHY patches.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2024-08-24 15:14:40 +02:00
Daniel Pawlik
b68e34c837 mt76: Change AutoLoad macro call for mt7925e and mt7925u
There was a typo done for mt7925e and mt7925u in the KernelPackage
definitions, which caused the system to load the wrong kernel modules.

Signed-off-by: Daniel Pawlik <pawlik.dan@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16236
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 15:10:39 +02:00
FUKAUMI Naoki
0db32940a2 rockchip: fix compatible string for Radxa ROCK 5A
revert unwanted change for compatible string.

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/16221
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:59:15 +02:00
xiaobo tian
9482341a47 rockchip: add support for nanopc t6
SoC: Rockchip RK3588
CPU: Quad-core ARM Cortex-A76(up to 2.4GHz) and quad-core Cortex-A55 CPU (up to 1.8GHz)
GPU: Mali-G610 MP4, compatible with OpenGLES 1.1, 2.0, and 3.2, OpenCL up to 2.2 and Vulkan1.2
VPU: 8K@60fps H.265 and VP9 decoder, 8K@30fps H.264 decoder, 4K@60fps AV1 decoder, 8K@30fps H.264 and H.265 encoder
NPU: 6TOPs, supports INT4/INT8/INT16/FP16
RAM: 64-bit 4GB/8GB/16GB LPDDR4X at 2133MHz
Flash: 32GB/64GB/256GB eMMC, at HS400 mode
microSD: support up to SDR104 mode
Ethernet: 2x PCIe 2.5G Ethernet

Signed-off-by: xiaobo tian <peterwillcn@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16158
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:55:02 +02:00
Daniel Pawlik
da502be941 mt76: Add firmware files into mt7925-firmware package
The firmware binaries were missing in kmod-mt7925-firmware package.

Signed-off-by: Daniel Pawlik <pawlik.dan@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16239
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:50:20 +02:00
Johannes Truschnigg
b6ac37110f linux-firmware: add Intel CPU-integrated GPU (iGPU) firmware
On latest Intel x86 CPUs, DMC firmware is required for the iGPU to reach
its lowest power states. If the driver cannot load it, it will print a
warning and unnecessarily make the iGPU draw a bit more power when idle.

GUC firmware (various "offload" mechanisms that deal with scheduling GPU
workloads) and HUC firmware (required for accelerated media codec
operations for HEVC/H.265) are probably more niche, but could also
provde useful for some - for example, when building an
Intel/OpenWrt-based security camera.

Signed-off-by: Johannes Truschnigg <johannes@truschnigg.info>
Link: https://github.com/openwrt/openwrt/pull/16069
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:46:28 +02:00
Martin Blumenstingl
fc31261c33 ath79: update Sophos AP15 to indicate that it uses an QCA9557 SoC
Device support for Sophos AP15 is based on Sophos AP55(C) and AP100(C).
Those other Sophos access points uss a QCA9558 SoC (some of them with
one of the three chains on the built-in SoC's wifi disabled) while the
AP15 uses a QCA9557 SoC (which only has two chains enabled in the
package or silicon).

This is mostly cosmetic since QCA9558 and QCA9557 are virtually
identical and all differences are automatically detected and/or managed
by the ART calibration.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Link: https://github.com/openwrt/openwrt/pull/16187
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:38:57 +02:00
Martin Blumenstingl
b35bb09175 ath79: remove 5GHz wifi bits from Sophos AP15
Sophos AP15 only uses the SoC's built-in wifi. There's no external PCIe
chipset.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Link: https://github.com/openwrt/openwrt/pull/16187
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-24 14:38:57 +02:00
Rosen Penev
002fdd3781 lantiq: vgv7510kw22: use NVMEM for mac addresses
Userspace handling is deprecated.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16230
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-24 12:43:33 +02:00
Pawel Dembicki
cf765b1be6 mpc85xx: Add QCA8327 LED nodes to tl-wdr4900-v1 dts
This commit introduces led nodes in tl-wdr4900-v1 dts.
It allows to configure switch leds from userspace.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16226
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-23 10:53:29 +02:00
Pawel Dembicki
71c6d99d57 mpc85xx: add usb trigger to tl-wdr4900-v1 leds
TP-Link tl-wdr4900-v1 has two usb leds. Modern kernels can handle usb
led trigger. Let's enable it.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16226
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-23 10:53:29 +02:00
Pawel Dembicki
c43480c2dc mpc85xx: refresh tl-wdr4900-v1 led configuration
This commit change led description in dts file from old method to new
approach accepted by upstream.

USB power gpio is handled by gpio-export now.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16226
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-23 10:53:29 +02:00
Rosen Penev
5d107bbbbb tmon: make version apk compatible
No need to override version.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-08-22 17:53:28 +02:00
Robert Marko
b42f7a1b30 generic: 5.15, 6.1: enable CNP support
Ever since CONFIG_ARM64_PAN was enabled Common Not Private (CNP) is now
visible and kernel builds will stop as they are not set in kernel config
for 5.15 and 6.1.

So, lets enable Common Not Private (CNP) which is ARMv8.2 feature and will
be NOP of CPU-s that dont support it.

Fixes: a2662309aa ("kernel: Enable CONFIG_ARM64_PAN to restrict kernel access to user space memory")
Link: https://github.com/openwrt/openwrt/pull/16211
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-22 13:36:15 +02:00
Robert Marko
9c0179ff13 generic: 6.6: disable EPAN support
Enhanced Privileged Access Never (EPAN) is an ARMv8.7 feature, and since
we dont have any SoC-s implementing it lets disable it.

Link: https://github.com/openwrt/openwrt/pull/16211
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-22 13:36:15 +02:00
Rany Hany
fca306c563 mediatek/mt7622: fix config symbol for 2.5GE MTK driver
The commit backporting new MTK patches did not update the
Kernel config for mediatek/mt7622 causing the build to
fail.

Simply use the new config symbol name for the driver to
fix the issue.

Fixes: 1069514978 ("mediatek: backport pending Ethernet PHY driver patches")
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16225
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-22 11:42:34 +02:00
Daniel Golle
1069514978 mediatek: backport pending Ethernet PHY driver patches
Use pending patchset for 2.5GE PHY driver, unifying LED handling
accross all MediaTek Ethernet PHYs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-22 00:20:02 +01:00
Daniel Golle
963be1423f kernel: add missing config symbols
Kconfig symbols CONFIG_ARM64_CNP and CONFIG_ARM64_EPAN got exposed
by enabling CONFIG_ARM64_PAN. Enable them as well, as just like for
PAN, also EPAN and CNP will be detected at runtime at no cost.

Fixes: a2662309aa ("kernel: Enable CONFIG_ARM64_PAN to restrict kernel access to user space memory")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-22 00:20:02 +01:00
Rosen Penev
949e1a0856 mpc85xx: tl-wdr4900: move platform code to dts
No benefit in doing so in platform file. Code for dts has already been
written. Might as well use it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16125
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-21 21:39:24 +02:00
Rosen Penev
7ac8279bd4 mpc85xx: use NVMEM for wifi
Userspace handling is deprecated. No need for any of this.

Calibration size was adjusted to 440, which is the standard value for
ath9k radios.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16125
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-21 21:39:24 +02:00
Rosen Penev
e031ea8aab mpc85xx: tl-wdr4900: use NVMEM for WAN
Now that the ports are defined in DTS, this is trivial to do.

Avoids userspace handling.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16125
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-21 21:39:24 +02:00
Felix Fietkau
580ad3e6bb mt76: update to Git HEAD (2024-08-21)
5c9fbdd64313 wifi: mt7915: fix wcid allocation leak
d547c25cabab wifi: mt76: mt7915: fix last argument to mt7915_mcu_add_sta
caed4843c5cd wifi: mt76: fix station muar index
3cd1c1740280 wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker
a5e630ef458c wifi: mt76: mt7916: fix regression in .sta_state migration

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-08-21 16:52:07 +02:00
Mark Mentovai
cddda1d44d x86: enable console keyboard
The kernel support necessary to use a console keyboard was not built on
x86, affecting real and virtual machines alike. The console keyboard
would function properly in GRUB, but would not work at all once Linux
booted. It appeared that the console was intended to work because
console video appeared on the display, including prompts to enter
failsafe or select the debug log level from the keyboard, and the prompt
to "Press Enter to activate this console", but there was no way to
provide input to it. All keystrokes were ignored.

This enables several kernel configuration options to enable HID and USB
HID support (CONFIG_HID, CONFIG_HID_SUPPORT, CONFIG_HID_GENERIC, and
CONFIG_USB_HID), making the keyboard functional. For alignment with
armsr, CONFIG_USB_HIDDEV is also added, although not strictly necessary
for keyboard support. Note that this change also causes
CONFIG_HID_HYPERV_MOUSE to be enabled for x86/64 and x86/generic: it was
already set in these subarchitectures' kernel configurations, but was
ineffective due to CONFIG_HID being absent.

The omission of keyboard support on x86 may not have been widely noticed
because USB HID is not used on production OpenWrt x86 machines such as
pc-engines,apu2 which only have a serial console, or with the default
x86 configuration used by scripts/qemustart, which uses -nographic and
does not configure a virtual physical console but instead uses a serial
console.

This configuration change results in, for x86_64, +40kB in kernel.bin
and just over +40kB in gzip-compressed "combined" images. This should
not be a problem for the non-storage-constrained x86 target.

Until 2a86425de1, CONFIG_HID, CONFIG_USB_HID, and CONFIG_USB_HIDDEV
were set in the target-level kernel configuration, and
CONFIG_HID_GENERIC was set at the subtarget level. These are
reintroduced strictly at the subtarget level by request. This applies to
the 64, generic, and legacy subtargets, omitting geode.

Fixes: https://github.com/openwrt/openwrt/issues/16157
Signed-off-by: Mark Mentovai <mark@mentovai.com>
Link: https://github.com/openwrt/openwrt/pull/16208
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-21 12:15:21 +02:00
Hauke Mehrtens
a2662309aa kernel: Enable CONFIG_ARM64_PAN to restrict kernel access to user space memory
Enable the CONFIG_ARM64_PAN kernel security option, which leverages the
ARMv8.1 Privileged Access Never (PAN) extension to prevent the kernel
from directly accessing user space memory.

Instead, copy_to_user and similar functions must be used for data
transfer between kernel and user space. This feature is automatically
disabled at runtime on CPUs without PAN support, making it a no-op in
those cases.

Link: https://github.com/openwrt/openwrt/pull/16189
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-21 00:21:05 +02:00
Hauke Mehrtens
fd6ce0dea9 kernel: Activate CONFIG_LIST_HARDENED
Activate the kernel option CONFIG_LIST_HARDENED for all targets.
This adds some inline checks to list_add() and list_del() operations
in the kernel. Before kernel 6.6 these checks were only available with
CONFIG_DEBUG_LIST option, but now a light version is available which
should only add very few extra instructions to such operations.

The performance penalty is very low from my point of view. It should
make it much harder to use bugs in Linux kernel list handling when
exploiting the Linux kernel.

Link: https://github.com/openwrt/openwrt/pull/16189
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-21 00:20:27 +02:00
Tianling Shen
1c61a8f958 rockchip: add Radxa ROCK 5B support
Hardware
--------
RockChip RK3588 ARM64 (8 cores)
4/8/16/32GB LPDDR4X RAM
2500 Base-T
RGB LED
eMMC Connector
SPI-NOR 16MB
Micro-SD Slot
2x USB 2.0 Port
2x USB 3.0 Port
Headphone Jack
M.2 E-Key
M.2 M-Key
USB PD 5/9/12/15/20V Power

Install
--------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16149
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-21 00:10:47 +02:00
Tianling Shen
ea249af456 uboot-rockchip: add ROCK 5B support
Add support for the Radxa ROCK 5B board.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16149
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-21 00:10:47 +02:00
Tianling Shen
0cfd254913 rockchip: add Radxa ROCK 5A support
Hardware
--------
RockChip RK3588 ARM64 (8 cores)
4/8/16/32GB LPDDR4X RAM
1000 Base-T
Status LED
eMMC/SPI Connector
Micro-SD Slot
2x USB 3.0 Port
2x USB 2.0 Port
Headphone Jack
M.2 E-Key
USB PD/QC 5/9/12/15/20V Power

Install
--------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16149
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-21 00:10:47 +02:00
Tianling Shen
d44fcee73c uboot-rockchip: add ROCK 5A support
Add support for the Radxa ROCK 5A board.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16149
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-21 00:10:47 +02:00