49833 Commits

Author SHA1 Message Date
Yanase Yuki
cba79b1de2 ath79: move device specific nodes to DTS files for Devolo 1xxx
qca9558_devolo_dvl1xxx.dtsi contains device specific nodes which
are inherited for some DTS files and overwritten for others.

This is considered confusing, so move the relevant nodes/properties
to the devices and only keep the shared stuff in the DTSI.

Signed-off-by: Yanase Yuki <dev@zpc.sakura.ne.jp>
[clarify commit title/message, move &gmac_config in DTS]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-11-24 14:40:55 +01:00
Sander Vanheule
b0ecae504b ath79: support for TP-Link EAP225 v3
TP-Link EAP225 v3 is an AC1350 (802.11ac Wave-2) ceiling mount access
point. Serial port access for debricking requires fine soldering.

Device specifications:
* SoC: QCA9563 @ 775MHz
* RAM: 128MiB DDR2
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (SoC): b/g/n, 3x3
* Wireless 5Ghz (QCA9886): a/n/ac, 2x2 MU-MINO
* Ethernet (AR8033): 1× 1GbE, 802.3at PoE

Flashing instructions:
* ssh into target device and run `cliclientd stopcs`
* Upgrade with factory image via web interface

Debricking:
* Serial port can be soldered on PCB J3 (1: TXD, 2: RXD, 3: GND, 4: VCC)
    * Bridge unpopulated resistors R225 (TXD) and R237 (RXD).
      Do NOT bridge R230.
    * Use 3.3V, 115200 baud, 8n1
* Interrupt bootloader by holding CTRL+B during boot
* tftp initramfs to flash via LuCI web interface
    setenv ipaddr 192.168.1.1 # default, change as required
    setenv serverip 192.168.1.10 # default, change as required
    tftp 0x80800000 initramfs.bin
    bootelf $fileaddr

MAC addresses:
MAC address (as on device label) is stored in device info partition at
an offset of 8 bytes. ath9k device has same address as ethernet, ath10k
uses address incremented by 1.
From OEM boot log:

    Using interface ath0 with hwaddr b0:...:3e and ssid "..."
    Using interface ath10 with hwaddr b0:...:3f and ssid "..."

Tested by forum user blinkstar88

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-11-23 22:53:15 +01:00
Sander Vanheule
4f86edf477 ath79: support for TP-Link EAP225-Outdoor v1
TP-Link EAP225-Outdoor v1 is an AC1200 (802.11ac Wave-2) pole or wall
mount access point. Debricking requires access to the serial port, which
is non-trivial.

Device specifications:
* SoC: QCA9563 @ 775MHz
* Memory: 128MiB DDR2
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (SoC): b/g/n 2x2
* Wireless 5GHz (QCA9886): a/n/ac 2x2 MU-MIMO
* Ethernet (AR8033): 1× 1GbE, PoE

Flashing instructions:
* ssh into target device with recent (>= v1.6.0) firmware
* run `cliclientd stopcs` on target device
* upload factory image via web interface

Debricking:
To recover the device, you need access to the serial port. This requires
fine soldering to test points, or the use of probe pins.
* Open the case and solder wires to the test points: RXD, TXD and TPGND4
  * Use a 3.3V UART, 115200 baud, 8n1
* Interrupt bootloader by holding ctrl+B during boot
* upload initramfs via built-in tftp client and perform sysupgrade
    setenv ipaddr 192.168.1.1 # default, change as required
    setenv serverip 192.168.1.10 # default, change as required
    tftp 0x80800000 initramfs.bin
    bootelf $fileaddr

MAC addresses:
MAC address (as on device label) is stored in device info partition at
an offset of 8 bytes. ath9k device has same address as ethernet, ath10k
uses address incremented by 1.
From stock ifconfig:

    ath0      Link encap:Ethernet  HWaddr D8:...:2E
    ath10     Link encap:Ethernet  HWaddr D8:...:2F
    br0       Link encap:Ethernet  HWaddr D8:...:2E
    eth0      Link encap:Ethernet  HWaddr D8:...:2E

Tested by forum user PolynomialDivision on firmware v1.7.0.
UART access tested by forum user arinc9.

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-11-23 22:53:15 +01:00
Sander Vanheule
b11ad48764 ath79: support for TP-Link EAP245 v1
TP-Link EAP245 v1 is an AC1750 (802.11ac Wave-1) ceiling mount access point.

Device specifications:
* SoC: QCA9563 @ 775MHz
* RAM: 128MiB DDR2
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (SoC): b/g/n, 3x3
* Wireless 5Ghz (QCA9880): a/n/ac, 3x3
* Ethernet (AR8033): 1× 1GbE, 802.3at PoE

Flashing instructions:
* Upgrade the device to firmware v1.4.0 if necessary
* Exploit the user management page in the web interface to start telnetd
  by changing the username to `;/usr/sbin/telnetd -l/bin/sh&`.
* Immediately change the malformed username back to something valid
  (e.g. 'admin') to make ssh work again.
* Use the root shell via telnet to make /tmp world writeable (chmod 777)
* Extract /usr/bin/uclited from the device via ssh and apply the binary
  patch listed below. The patch is required to prevent `uclited -u` in
  the last step from crashing.
* Copy the patched uclited programme back to the device at /tmp/uclited
  (via ssh)
* Upload the factory image to /tmp/upgrade.bin (via ssh)
* Run `chmod +x /tmp/uclited && /tmp/uclited -u` to install OpenWrt.

    --- xxd uclited
    +++ xxd uclited-patched
    @@ -53796,7 +53796,7 @@
     000d2240: 8c44 0000 0320 f809 0000 0000 8fbc 0010  .D... ..........
     000d2250: 8fa6 0a4c 02c0 2821 8f82 87b8 0000 0000  ...L..(!........
    -000d2260: 8c44 0000 0c13 45e0 27a7 0018 8fbc 0010  .D....E.'.......
    +000d2260: 8c44 0000 2402 0000 0000 0000 8fbc 0010  .D..$...........
     000d2270: 1040 001d 0000 1821 8f99 8374 3c04 0058  .@.....!...t<..X
     000d2280: 3c05 0056 2484 a898 24a5 9a30 0320 f809  <..V$...$..0. ..

Debricking:
* Serial port can be soldered on PCB J3 (1: TXD, 2: RXD, 3: GND, 4: VCC)
    * Bridge unpopulated resistors R225 (TXD) and R237 (RXD).
      Do NOT bridge R230.
    * Use 3.3V, 115200 baud, 8n1
* Interrupt bootloader by holding CTRL+B during boot
* tftp initramfs to flash via the LuCI web interface
    setenv ipaddr 192.168.1.1 # default, change as required
    setenv serverip 192.168.1.10 # default, change as required
    tftp 0x80800000 initramfs.bin
    bootelf $fileaddr

Tested on the EAP245 v1 running the latest firmware (v1.4.0). The binary
patch might not apply to uclited from other firmware versions.

EAP245 v1 device support was originally developed and maintained by
Julien Dusser out-of-tree. This patch and "ath79: prepare for 1-port
TP-Link EAP2x5 devices" are based on that work.

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-11-23 22:53:15 +01:00
Sander Vanheule
7a875d155e ath79: prepare for 1-port TP-Link EAP2x5 devices
TP-Link has developed a number of access points based on the AP152
reference board. In the EAP-series of 802.11ac access points, this
includes the following devices with one ethernet port:
* EAP225 v1/v2
* EAP225 v3
* EAP225-Outdoor v1
* EAP245 v1

Since the only differences between these devices are the ath10k wireless
radios and LEDs, a common base is provided for the overlapping support
requirements.

Hardware commonalities:
* SoC: QCA9563-AL3A MIPS 74kc v5.0 @ 775MHz, AHB @ 258MHz
* RAM: 128MiB DDR2 @ 650MHz
* Flash: 16MiB SPI NOR
* Wi-Fi 2.4GHz: provided by SoC
* Wi-Fi 5Ghz: ath10k chip on PCIe
* Ethernet: AR8033-AL1A, one 1GbE port (802.3at PoE)

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-11-23 22:53:15 +01:00
Julien Dusser
87627b2d76 ath79: add QCA956x SERDES init workaround
This commit add a workaround for non working SGMII link observed on some
QCA956x SoCs. The workaround originates part from the U-Boot source code
from QCA, part from the implementation from TP-Link found in the GPL
tarball for the EAP245v1.

Extends commit 0d416a8d3b990e3b78628f0e7546527709c877f7 for QCA956x.
Note that reset is the same on QCA955x and QCA956x, same register offset
and values.

Auto calibration is done on u-boot, but always fall back to default value
0x7. Add a DTS entry serdes-cal in case a device require another value.

Signed-off-by: Julien Dusser <julien.dusser@free.fr>
[Sander Vanheule:
    Minor code style fixes,
    Remove hunk adding qca956x-serdes-fixup to a missing DTS,
    Remove variable err that was only assigned,
    Rename function to sgmii_serdes_init,
    Lower priority of serdes call message to pr_debug]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-11-23 22:53:15 +01:00
Sander Vanheule
8dd2a1715b ath79: ensure QCA956x gmac0 mux selects sgmii
Some bootloaders do not set up gmac0 properly, leaving it disconnected
from the sgmii interface. If the user specificies phy-mode sgmii, then
use the gmac-config/device node to ensure the mux is configured
correctly.

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-11-23 22:53:15 +01:00
Vladimir Vid
c0af4a0ca2 mvebu: add initial support for Globalscale ESPRESSObin-Ultra
This patch adds support for Globalscale ESPRESSObin-Ultra. Device uses
the same Armada-3720 SoC with extended hardware support.

- SoC: Armada-3720
- RAM: 1 GB DDR4
- Flash: 4MB SPI NOR (mx25u3235f) + 8 GB eMMC
- Ethernet: Topaz 6341 88e6341 (4x GB LAN + 1x WAN with 30W PoE)
- WiFI: 2x2 802.11ac Wi-Fi marvell (88w8997 PCIe+USB)
- 1x USB 2.0 port
- 1x USB 3.0 port
- 1x microSD slot
- 1x mini-PCIe slot (USB [with nano-sim slot])
- 1x mini-USB debug UART
- 1x RTC Clock and battery
- 1x reset button
- 1x power button
- 4x LED (RGBY)
- Optional 1x M.2 2280 slot

** Installation **

Copy dtb from build_dir to bin/ and run tftpserver there:
$ cp ./build_dir/target-aarch64_cortex-a53_musl/linux-mvebu_cortexa53/
linux-5.4.65/arch/arm64/boot/dts/marvell/armada-3720-espressobin-ultra.dtb
bin/targets/mvebu/cortexa53/
$ in.tftpd -L -s bin/targets/mvebu/cortexa53/

Connect to the device UART via microUSB port on the back side and power on the device.

Power on the device and hit any key to stop the autoboot.

Set serverip (host IP) and ipaddr (any free IP address on the same subnet), e.g:
$ setenv serverip 192.168.1.10 # Host
$ setenv ipaddr 192.168.1.15 # Device

Ping server to confirm network is working:
$ ping $serverip
Using neta@30000 device
host 192.168.1.15 is alive

Tftpboot the firmware:
$ tftpboot $kernel_addr_r openwrt-mvebu-cortexa53-globalscale_espressobin-ultra-initramfs-kernel.bin
$ tftpboot $fdt_addr_r armada-3720-espressobin-ultra.dtb

Set the console and boot the image:
$ setenv bootargs $console
$ booti $kernel_addr_r - $fdt_addr_r

Once the initramfs is booted, transfer openwrt-mvebu-cortexa53-globalscale_espressobin-ultra-squashfs-sdcard.img.gz
to /tmp dir on the device.

Gunzip and dd the image:
$ gunzip /tmp/openwrt-mvebu-cortexa53-globalscale_espressobin-ultra-squashfs-sdcard.img.gz
$ dd if=/tmp/openwrt-mvebu-cortexa53-globalscale_espressobin-ultra-squashfs-sdcard.img of=/dev/mmcblk0 && sync

Reboot the device.

Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
2020-11-23 22:53:15 +01:00
Leon M. George
651f0c0999 hostapd: fix patch offset
Fixes the offset of the patch added in 93bbd998aa696a
  ("hostapd: enter DFS state if no available channel is found").

Signed-off-by: Leon M. George <leon@georgemail.eu>
2020-11-23 22:53:15 +01:00
Pawel Dembicki
cdff729b27 layerscape: enable spi-uart in LS1012A-FRDM
This patch add missing support of SC16IS740 serial controller, installed
on LS1012A-FRDM board.

It was required to change RCW bits, because SPI was disabled by default.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2020-11-23 22:53:15 +01:00
Pawel Dembicki
4dc27a026b layerscape: add i2c peripherials on LS1012A-RDB
LS1012A-RDB equipped in some i2c devices:
  - 3x GPIO Expander: PCAL9555A (NXP)
  - Gyro: FXAS21002 (NXP)
  - Accelerometer: FXOS8700 (NXP)
  - Current & Power Monitor: INA220 (TI)

This patch enables i2c peripherials installed on LS1012A-RDB.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2020-11-23 22:53:15 +01:00
Pawel Dembicki
a1158b3170 kernel: iio: add fxas21002c driver support
This patch adds kernel modules for Freescale FXAS21002C 3-axis gyro driver.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2020-11-23 22:53:15 +01:00
Pawel Dembicki
65f8d7360c layerscape: make initramfs kernel fit packed
This will make developing process easier, because dtb will be included
into image.
Not need to enable initramfs image by default.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2020-11-23 22:53:15 +01:00
René van Dorst
6e1a4496f5 ramips: phy: at803x: Select SFP interface mode that both sides supports.
Currently sfp_select_interface() return the fastest interface that
the sfp modules supports even if the phy don't support that mode.

For example an GPON module that support both 2500basex and 1000basex.
Currently sfp_select_interface() picks 2500basex instead of 1000basex.

So limit the interfaces which both sides supports before calling
sfp_select_interface() or return an error if we don't have match.

Reviewed-by: John Thomson <git@johnthomson.fastmail.com.au>
Tested-by: Braihan Cantera <bcanterac@gmail.com> [MikroTik RB760iGS + Nokia G-010S-A 3FE46541AA SFP]
Tested-by: John Thomson <git@johnthomson.fastmail.com.au> [Mikrotik rb760igs + SFP SM/LC, SFP base1000T, SFP+ passive DAC]
Signed-off-by: René van Dorst <opensource@vdorst.com>
2020-11-23 22:53:15 +01:00
John Audia
991e6f8ccc linux-firmware: update to 20201118
git log --pretty=oneline --abbrev-commit 20201022..20201118
2ea8667 (tag: 20201118) rtlwifi: v88.2 firmware files for RTL8192CU
e850cf3 Merge https://github.com/rjliao-qca/qca-btfw into main
65370db rtw88: RTL8822C: Update firmware to v9.9.4
e371b7c Revert "rtw88: RTL8822C: Update firmware to v9.9.4"
51d2c81 vpdma: Move firmware to ti directory
d7a24c9 Merge branch 'master' of https://github.com/shahasit/video-linux-firmware into main
9ee1543 Merge branch 'master' of https://github.com/shahasit/bt-linux-firmware into main
3bcc4c1 amdgpu: update picasso VCN firmware
b6b4542 amdgpu: update raven2 VCN firmware
79aa335 amdgpu: update raven VCN firmware
c93834e rtw88: RTL8822C: Update firmware to v9.9.4
3ef6c93 rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099A_281A
b503c96 Merge branch 'ath10k-20201023' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/linux-firmware into main
463fdea QCA: Update Bluetooth firmware for QCA6390
8a46c32 qcom : updated venus firmware files for v5.4
d7793e5 QCA : Fixed BT SSR due to command timeout / IO fatal error
d842d8c ath11k: QCA6390 hw2.0: add to WLAN.HST.1.0.1-01740-QCAHSTSWPLZ_V2_TO_X86-1
8fb1a6e ath11k: QCA6390 hw2.0: add board-2.bin
34cb5fc ath11k: IPQ8074 hw2.0: add to WLAN.HK.2.1.0.1-01238-QCAHKSWPL_SILICONZ-2
c0a8efd ath11k: IPQ8074 hw2.0: add board-2.bin
ac7f5e9 ath11k: IPQ6018 hw1.0: add to WLAN.HK.2.1.0.1-01238-QCAHKSWPL_SILICONZ-2
2594e51 ath11k: IPQ6018 hw1.0: add board-2.bin
d8f10d4 ath10k: QCA6174 hw3.0: add firmware-sdio-6.bin version WLAN.RMH.4.4.1-00077
6652297 ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00131
36059aa ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00131
1e5629d ath10k: QCA6174 hw3.0: update board-2.bin
e315d1a ath10k: QCA6174 hw3.0: update firmware-6.bin to WLAN.RM.4.4.1-00157-QCARMSWPZ-1

Signed-off-by: John Audia <graysky@archlinux.us>
2020-11-23 22:53:15 +01:00
Sven Eckelmann
223eec7e81 kernel: mtd: parser: cmdline: Fix parsing of part-names with colons
Some devices (especially QCA ones) are already using hardcoded partition
names with colons in it. The OpenMesh A62 for example provides following
mtd relevant information via cmdline:

  root=31:11 mtdparts=spi0.0:256k(0:SBL1),128k(0:MIBIB),384k(0:QSEE),64k(0:CDT),64k(0:DDRPARAMS),64k(0:APPSBLENV),512k(0:APPSBL),64k(0:ART),64k(custom),64k(0:KEYS),0x002b0000(kernel),0x00c80000(rootfs),15552k(inactive) rootfsname=rootfs rootwait

The change to split only on the last colon between mtd-id and partitions
will cause newpart to see following string for the first partition:

  KEYS),0x002b0000(kernel),0x00c80000(rootfs),15552k(inactive)

Such a partition list cannot be parsed and thus the device fails to boot.

Avoid this behavior by making sure that the start of the first part-name
("(") will also be the last byte the mtd-id split algorithm is using for
its colon search.

Fixes: d6a9a92e3217 ("kernel: bump 5.4 to 5.4.69")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2020-11-23 22:53:15 +01:00
Sven Eckelmann
8231994d3f ipq40xx: DTS style updates for OpenMesh devices
The OpenMesh related files were not updated since a while and the new
coding style requirements weren't integrated. This can cause problems
for new devices when an author uses these files as starting point.

* use SPDX-License-Identifiers instead of full license texts
* drop linux,default-trigger with value default-off for LEDs
* led nodes with label "abc:xyz" should have name "xyz_abc"
* led DT labels for "xyz_abc" should be "led_xyz_abc"
* "m25p80@0" flash node should be renamed to "flash@0"
* drop unnecessary empty lines

Signed-off-by: Sven Eckelmann <sven@narfation.org>
[minor commit title and message adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-11-23 13:44:47 +01:00
Rui Salvaterra
eb087ae4f4 ath79: move the squashfs feature to the parent target
All subtargets define it. Move it to the parent target and remove
it from all subtargets.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2020-11-23 13:20:53 +01:00
Felix Fietkau
4799810745 netifd: update to the latest version
213748a9bcd9 system-linux: implement full device present state management for force-external devices
3abe1fc87151 system-linux: add retry for adding member devices to a bridge

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-11-23 12:52:11 +01:00
Paulo Machado
b19a684f46 imagebuilder: fix main entry makefile
Remove a syntax error from ImageBuider Makefile

Acked-by: Paul Spooren <mail@aparcar.org>
Signed-off-by: Paulo Machado <pffmachado@yahoo.com>
2020-11-23 03:13:46 +00:00
Rui Salvaterra
dd4e6a70f2 hostapd: enable the epoll-based event loop
Hostapd supports epoll() since 2014. Let's enable it for better performance.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2020-11-23 03:02:21 +00:00
Daniel Golle
97ac290090 uhttpd: update to git HEAD
f53a639 ubus: fix uhttpd crash

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-11-23 02:06:35 +00:00
Filip Moc
0d65177658 ramips: add support for TP-Link MR6400 v4
You can flash via tftp recovery:
 - serve tftp-recovery image as /tp_recovery.bin on 192.168.0.225/24
 - connect to any ethernet port
 - power on the device while holding the reset button
 - wait at least 8 seconds before releasing reset button

Flashing via OEM web interface does not work.

LTE module does not support DHCP so it must be configured via QMI.

Hardware Specification (v4.0 EU):
 - SoC: MT7628NN
 - Flash: Winbond W25Q64JVS (8MiB)
 - RAM: ESMT M14D5121632A (64MiB)
 - Wireless: SoC platform only (2.4GHz b/g/n, 2x internal antenna)
 - Ethernet: 1NIC (4x100M)
 - WWAN: TP-LINK LTE MODULE (2x external detachable antenna)
 - Power: DC 9V 0.85A

Signed-off-by: Filip Moc <lede@moc6.cz>
2020-11-23 00:46:40 +00:00
Filip Moc
1e69106e34 generic: add DTR quirk patch for MR400 LTE
This is required for LTE module MR400 in TL-MR6400 v4.

Signed-off-by: Filip Moc <lede@moc6.cz>
2020-11-23 00:45:44 +00:00
Daniel Golle
2eb0d711a4 procd: update to git HEAD
d4d78db uxc: also delete procd runtime state on 'delete'
 e935c0c jail: add 'debug' extern variable to preload_seccomp

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-11-23 00:32:48 +00:00
Daniel Golle
e065c9184c uqmi: update to git HEAD
65796a6 nas: add --get-plmn
 0a19b5b uqmi: add timeout parameter

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-11-22 21:58:22 +00:00
Filip Moc
ce293cd3ac uqmi: set device-operating-mode to online
This is required for LTE module MR400 (in TL-MR6400 v4).
Otherwise LTE module won't register to GSM network.

Signed-off-by: Filip Moc <lede@moc6.cz>
2020-11-22 21:14:09 +00:00
Filip Moc
9ebbb55113 uqmi: add support for IPv4 autoconf from QMI
There already was an option for autoconfiguring IPv4 from QMI but this
was removed by commit 3b9b963e6e08 ("uqmi: always use DHCP for IPv4").

DHCP does not work on MR400 LTE module (in TL-MR6400 v4) so let's readd
support for IPv4 autoconf from QMI but this time allow to configure this
for IPv4 and IPv6 independently and keep DHCP default on IPv4.

Signed-off-by: Filip Moc <lede@moc6.cz>
2020-11-22 21:13:39 +00:00
Thomas Richard
2b3a0cabea uqmi: wait forever registration if timeout set to 0
Give possibility to wait forever the registration by setting timeout
option to 0.

No timeout can be useful if the interface starts whereas no network is
available, because at the end of timeout the interface will be stopped
and never restarted.

Signed-off-by: Thomas Richard <thomas.richard@kontron.com>
2020-11-22 21:13:18 +00:00
Daniel Golle
6e9b707ee2 Revert "refpolicy: add variant that builds modular policy"
This reverts commit 9eb9943f82e0b2d5e32ffe1c63f5a82caca5094d.
Building the 'modular' variant requires 'semodule_package' from
'selinux-python' to be installed on the buildhost.
Apart from that, this change also broke the monolithic refpolicy
'targeted' build.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-11-22 15:20:35 +00:00
Daniel Golle
8262c99fc3 procd: update to git HEAD
04a2edd uxc: make force-delete kill container process
 be6da62 seccomp: silence 'unknown syscall' warnings
 b22e625 jail: cgroup hack: rewrite cgroup -> cgroup2
 df7fa7b uxc: fix incomplete commit

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-11-22 03:24:33 +00:00
Hannu Nyman
39fa0c0959 tools/mpc: update to 1.2.1
Update mpc to 1.2.1

http://www.multiprecision.org/mpc/
  Bug fixes:
    Fix an incompatibility problem with GMP 6.0 and before.
    Fix an intermediate overflow in asin.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-11-21 18:49:27 +01:00
Hannu Nyman
c977bd033e tools/gmp: update to 6.2.1
Update gmp to 6.2.1

Release notes: https://gmplib.org/gmp6.2

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-11-21 18:49:17 +01:00
Hannu Nyman
9d5eceae91 tools/bison: update to 3.7.4
Update bison to 3.7.4

Release notes:
http://git.savannah.gnu.org/cgit/bison.git/tree/NEWS?id=7a11a9308cb

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-11-21 18:49:08 +01:00
Hannu Nyman
7d03e90390 tools/cmake: update to 3.18.5
Update cmake to 3.18.5

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-11-21 18:48:59 +01:00
Hannu Nyman
a233e3a9af tools/expat: update to 2.2.10
Update expat to 2.2.10

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-11-21 18:48:39 +01:00
Felix Fietkau
5242bf7cf7 netifd: update to the latest version
351d690f1a09 wireless: fix passing bridge name for vlan hotplug pass-through
c1c2728946b5 config: initialize bridge and bridge vlans before other devices
5e18d5b9ccb1 interface: do not force link-ext hotplug interfaces to present by default
4544f026bb09 bridge-vlan: add support for defining aliases for vlan ids

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-11-21 10:24:37 +01:00
Petr Štetiar
4d4ef1058c musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928)
The wcsnrtombs function in all musl libc versions up through 1.2.1 has
been found to have multiple bugs in handling of destination buffer
size when limiting the input character count, which can lead to
infinite loop with no forward progress (no overflow) or writing past
the end of the destination buffera.

This function is not used internally in musl and is not widely used,
but does appear in some applications. The non-input-limiting form
wcsrtombs is not affected.

All users of musl 1.2.1 and prior versions should apply the attached
patch, which replaces the overly complex and erroneous implementation.
The upcoming 1.2.2 release will adopt this new implementation.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-11-20 13:24:48 +01:00
David Bauer
d369993898 scripts: download.pl: retry download using filename
With this commit, the download script will try downloading source files
using the filename instead of the url-filename in case the previous
download attempt using the url-filename failed.

This is required, as the OpenWrt sources mirrors serve files using the
filename files might be renamed to after downloading. If the original
mirror for a file where url-filename and filename do not match goes
down, the download failed prior to this patch.

Further improvement can be done by performing this only for the
OpenWrt sources mirrors.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-11-20 02:35:43 +01:00
Paul Spooren
418362b1cc imagebuilder: add package signature verification
The ImageBuilder downloads pre-built packages and adds them to images.
This process uses `opkg` which has the capability to verify package list
signatures via `usign`, as enabled per default on running OpenWrt
devices.

Until now this was disabled for ImageBuilders because neither the `opkg`
keys nor the `opkg-add` script was present during first packagelist
update.

To harden the ImageBuilder against *drive-by-download-attacks* both keys
and verification script are added to the ImageBuilder allowing `opkg` to
verify downloaded package indices.

This commit adds `opkg-add` to the ImageBuilder scripts folder. The keys
folder is added to ImageBuilder $TOPDIR to have an obvious place for users to
store their own keys. The `option check_signature` is appended to the
repositories.conf file. All of the above only happens if the Buildbot
runs with the SIGNATURE_CHECK option.

The keys stored in the ImageBuilder keys/ are the same as included in
the openwrt-keyring package. To avoid the chicken-egg problem of
downloading and verifying a package, containing signing keys, the keys
are added during the ImageBuilder generation. They are same as in
shipped images (stored at `/etc/opkg/keys/`).

To allow a local package feed in which the user can add additional
packages, a local set of `usign` and `ucert` keys is generated, same as
building OpenWrt from source. The private key signs the local repository
inside the packages/ folder. The local public key is added to the keys/
folder to be considered by `opkg` when updating repositories. This way a
local package feed can be modified while requiring `opkg` to check
signatures for remote feed, making HTTPS optional.

The new option `ADD_LOCAL_KEY` allows to add the local key inside the
created images, adding the advantage that sysupgrades can validate the
ImageBuilders local key.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-11-19 22:15:00 +00:00
Sebastian Kemper
2127accd44 build: create $(PKG_SYMVERS_DIR) if non-existent
Commit 5d76065 moved the creation of the symvers directory to
include/kernel-build.mk. This is fine when building from scratch. But
when unpacking an SDK the directory doesn't exist and because the kernel
won't be built (again) this directory will not be created by the build
system, causing build failure if make tries to copy files into it.

This moves the creation of the symvers directory back into
include/kernel.mk so that the directory is created in any case.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
2020-11-19 18:52:15 +01:00
John Crispin
8134c542e2 base-files: generated named bridge-vlan sections
Signed-off-by: John Crispin <john@phrozen.org>
2020-11-19 15:38:37 +01:00
Marc Egerton
f276395cda ramips: add support for the Hak5 WiFi Pineapple Mark 7
This patch adds support for the WiFi Pineapple Mark 7, a wireless
penetration testing tool.

Specifications:
    * SoC: MediaTek MT7628 (580MHz)
    * RAM: 256MiB (DDR2)
    * Storage 1: 32MiB NOR (SPI)
    * Storage 2: 2GB eMMC
    * Wireless 1: 802.11b/g/n 2.4GHz (Built In)
    * Wireless 2: 802.11b/g/n 2.4GHz (MT7601)
    * Wireless 3: 802.11b/g/n 2.4GHz (MT7601)
    * USB: 1x USB Type-A 2.0 Host Port
    * Ethernet: 1x USB Type-C AX88772C Ethernet
    * UART: 57600 8N1 on PCB
    * Inputs: 1x Reset Button
    * Outputs: 1x RGB LED
    * FCCID: 2AA52MK7

Flash Instructions:
    Original firmware is based on OpenWRT.
    Use sysupgrade via SSH to flash.

Signed-off-by: Marc Egerton <foxtrot@realloc.me>
[pepe2k@gmail.com: set only required/used gpio groups to gpio function]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2020-11-18 23:49:34 +01:00
Piotr Dymacz
a92d55efcf ath79: fix reset button support on 8devices Lima
This fixes 'linux,code' property name and value for the 'reset' key node
in 8devices Lima DTS file.

Problem and solution were reported on the forum, see:
https://forum.openwrt.org/t/resetbutton-not-working-ath79-8devices-lima/78810

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2020-11-18 23:49:34 +01:00
Piotr Dymacz
6d65e3af9b ath79: calculate Eth MACs from WLAN on ALFA Network R36A
New batches of the R36A board series might no longer keep separated
Ethernet MAC addresses stored in flash. Use same approach as on the
N2Q and calculate Ethernet MACs from WLAN one which is kept in ART.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2020-11-18 23:49:34 +01:00
Piotr Dymacz
1bce45fc0f uboot-envtools: ath79: add support for ALFA Network Pi-WiFi4
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2020-11-18 23:49:34 +01:00
Piotr Dymacz
64a6f4a9c1 ath79: add support for ALFA Network Pi-WiFi4
ALFA Network Pi-WiFi4 is a Qualcomm QCA9531 v2 based, high-power 802.11n
WiFi board in Raspberry Pi 3B shape, equipped with 1x FE and 4x USB 2.0.

Specifications:

- Qualcomm/Atheros QCA9531 v2
- 650/400/200 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 16+ MB of flash (SPI NOR)
- 1x 10/100 Mbps Ethernet
- 2T2R 2.4 GHz Wi-Fi with Qorvo RFFM8228P FEM
- 2x IPEX/U.FL connectors on PCB
- 4x USB 2.0 Type-A
- Genesys Logic GL850G 4-port USB HUB
- USB power is controlled by GPIO
- 5x LED (3x on PCB, 2x in RJ45, 4x driven by GPIO)
- 1x button (reset)
- external h/w watchdog (EM6324QYSP5B, enabled by default)
- 1x micro USB Type-B for power and system console (Holtek HT42B534)
- UART and GPIO (8-pin, 1.27 mm pitch) header on PCB

Flash instruction:

You can use sysupgrade image directly in vendor firmware which is based
on LEDE/OpenWrt. Alternatively, you can use web recovery mode in U-Boot:

1. Configure PC with static IP 192.168.1.2/24.
2. Connect PC with one of RJ45 ports, press the reset button, power up
   device, wait for first blink of all LEDs (indicates network setup),
   then keep button for 3 following blinks and release it.
3. Open 192.168.1.1 address in your browser and upload sysupgrade image.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2020-11-18 23:49:34 +01:00
Piotr Dymacz
d44463b087 ath79: add label MAC address for ALFA Network N5Q
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2020-11-18 23:49:34 +01:00
Adrian Schmutzler
7e7470b517 scripts: add const_structs.checkpatch for checkpatch.pl
Kernel has separated the structs that are reported to be const in
checkpatch.pl into a file of its own, const_structs.checkpatch.

This file has been missing after the recent update of checkpatch.pl,
leading to the following message:

  No structs that should be const will be found - file
  '/data/openwrt/scripts/const_structs.checkpatch': No such file
  or directory

This commit adds the relevant file from v5.10-rc4.

Fixes: 086ee09bbcac ("scripts: Update checkpatch.pl to 2020-06-11")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-11-18 21:50:58 +01:00
Adrian Schmutzler
6fdd4187e0 scripts: checkpatch.pl: suppress warnings about MAINTAINERS
The kernel expects changes to MAINTAINERS for all removed or added
files, printing warnings like:

  WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
  #828:
  deleted file mode 100644

Since this does not apply to "our" files in OpenWrt repo, this
warning should be disabled.

This can be achieved easiest by setting $reported_maintainer_file
to 1. While this is a hack that tricks the script into believing
the proper MAINTAINERS changes have been made, it's the easiest
solution as it does not require to touch any other code.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-11-18 21:50:53 +01:00