Commit Graph

57624 Commits

Author SHA1 Message Date
Linhui Liu
65b5b72cb7 selinux-policy: update to 1.2.5
30d503a uci jsonfilter: pipe and leak
e13cb64 rpcd leds
144781f jsonfilter, luci, ubus
1210762 rpcd and all agents get fd's leaked
ab9227c rpcd
2f99e0e luci rpcd
b43aaf3 rpcd (enable/disable services) luci peeraddr
f20f03e rpcd
7bc74f6 rpcd reads all subj state and luci-bwc leaks
9634b17 adds inotify perms to anon_inode
3d3c17c adds bare anon_inode (linux 5.15)
7104b20 dnsmasq and luci
0de2c66 luci,rpcd, ucode, wpad
14f5cf9 luci and ucode
e3ce84c rpcd, ucode and cgiio loose ends
96a2401 misc updates
9fe0490 initscript: remove redundant rules
71bd77e allow all init scripts to log to logd
f697331 sandbox: make ttydev handling more robust
a471877 simplify pty tty console access
f738984 sandbox: also remove TIOSCTI from all ttydevs

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
(cherry picked from commit 4c5a9da869)
2023-05-31 23:10:06 +02:00
Tianling Shen
14cbf041ea ca-certificates: Update to version 20230311
Update the ca-certificates and ca-bundle package from version 20211016 to
version 20230311.

Use TAR_OPTIONS instead of hacking Build/Prepare, refresh patches.

Debian change-log entry [1]:
|[...]
|[ Đoàn Trần Công Danh ]
|* ca-certificates: compat with non-GNU mktemp (closes: #1000847)
|
|[ Ilya Lipnitskiy ]
|* certdata2pem.py: use UTC time when checking cert validity
|
|[ Julien Cristau ]
|* Update Mozilla certificate authority bundle to version 2.60
|   The following certificate authorities were added (+):
|   + "Autoridad de Certificacion Firmaprofesional CIF A62634068"
|   + "Certainly Root E1"
|   + "Certainly Root R1"
|   + "D-TRUST BR Root CA 1 2020"
|   + "D-TRUST EV Root CA 1 2020"
|   + "DigiCert TLS ECC P384 Root G5"
|   + "DigiCert TLS RSA4096 Root G5"
|   + "E-Tugra Global Root CA ECC v3"
|   + "E-Tugra Global Root CA RSA v3"
|   + "HARICA TLS ECC Root CA 2021"
|   + "HARICA TLS RSA Root CA 2021"
|   + "HiPKI Root CA - G1"
|   + "ISRG Root X2"
|   + "Security Communication ECC RootCA1"
|   + "Security Communication RootCA3"
|   + "Telia Root CA v2"
|   + "TunTrust Root CA"
|   + "vTrus ECC Root CA"
|   + "vTrus Root CA"
|  The following certificate authorities were removed (-):
|  - "Cybertrust Global Root" (expired)
|  - "EC-ACC"
|  - "GlobalSign Root CA - R2" (expired)
|  - "Hellenic Academic and Research Institutions RootCA 2011"
|  - "Network Solutions Certificate Authority"
|  - "Staat der Nederlanden EV Root CA" (expired)
|* Drop trailing space from debconf template causing misformatting
|  (closes: #980821)
|
|[ Wataru Ashihara ]
|* Make certdata2pem.py compatible with cryptography >= 35 (closes: #1008244)
|[...]

[1]: https://metadata.ftp-master.debian.org/changelogs/main/c/ca-certificates/ca-certificates_20230311_changelog

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 7c83b6ac86)
2023-05-31 23:10:06 +02:00
Petr Štetiar
20295c071a pcre2: fix host compilation of libselinux by enabling PIC
libselinux-3.5 fails to compile in Fedora 38 container due to the
following:

 cc -O2 -I/openwrt/staging_dir/host/include -I/openwrt/staging_dir/hostpkg/include -I/openwrt/staging_dir/target-x86_64_musl/host/include -I../include -D_GNU_SOURCE -DNO_ANDROID_BACKEND -DUSE_PCRE2 -DPCRE2_CODE_UNIT_WIDTH=8 -I/openwrt/staging_dir/hostpkg/include -L/openwrt/staging_dir/host/lib -L/openwrt/staging_dir/hostpkg/lib -L/openwrt/staging_dir/target-x86_64_musl/host/lib -Wl,-rpath=/openwrt/staging_dir/hostpkg/lib -shared -o libselinux.so.1 avc.lo avc_internal.lo avc_sidtab.lo booleans.lo callbacks.lo canonicalize_context.lo checkAccess.lo check_context.lo checkreqprot.lo compute_av.lo compute_create.lo compute_member.lo compute_relabel.lo compute_user.lo context.lo deny_unknown.lo disable.lo enabled.lo fgetfilecon.lo freecon.lo freeconary.lo fsetfilecon.lo get_context_list.lo get_default_type.lo get_initial_context.lo getenforce.lo getfilecon.lo getpeercon.lo init.lo is_customizable_type.lo label.lo label_db.lo label_file.lo label_media.lo label_support.lo label_x.lo lgetfilecon.lo load_policy.lo lsetfilecon.lo mapping.lo matchmediacon.lo matchpathcon.lo policyvers.lo procattr.lo query_user_context.lo regex.lo reject_unknown.lo selinux_check_securetty_context.lo selinux_config.lo selinux_internal.lo selinux_restorecon.lo sestatus.lo setenforce.lo setexecfilecon.lo setfilecon.lo setrans_client.lo seusers.lo sha1.lo stringrep.lo validatetrans.lo -L/openwrt/staging_dir/hostpkg/lib -lpcre2-8 -lfts -ldl -Wl,-soname,libselinux.so.1,--version-script=libselinux.map,-z,defs,-z,relro
 /usr/bin/ld: /openwrt/staging_dir/hostpkg/lib/libpcre2-8.a(pcre2_compile.c.o): relocation R_X86_64_32S against symbol `_pcre2_ucd_stage1_8' can not be used when making a shared object; recompile with -fPIC
 /usr/bin/ld: failed to set dynamic section sizes: bad value

So lets fix it by enabling build of host static library with the
position independent code option enabled.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 12494f5b8a)
2023-05-31 23:10:06 +02:00
Michał Kwiatek
9c45c58c7c netfilter: add kmod-nft-dup-inet
Add kmod-nft-dup-inet package to allow packet duplication in ip/ip6/inet nftables family

Signed-off-by: Michał Kwiatek <michal@kwiatek.it>
(cherry picked from commit a7e9445975)
2023-05-31 23:07:55 +02:00
Petr Štetiar
478a3e609f
Revert "feeds: use git-src-full to allow Git versioning"
This partially reverts commit 7fae1e5677
as it should be no longer necessary to do a full clone since commit
48ed07bc0b ("treewide: replace AUTORELEASE with real PKG_RELEASE").

Suggested-by: Thibaut VARÈNE <hacks@slashdirt.org>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 11bb5337b8)
[adjusted to 23.05]
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
2023-05-31 15:45:45 +02:00
John Audia
e2e7dd4450
x86: disable CONFIG_X86_PLATFORM_DRIVERS_HP
New config option defaulted to N for this bump.

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 3664c57e34)
2023-05-29 20:10:37 +02:00
Shiji Yang
e8231a43e0 ramips: correct page read return value of the mt7621 nand driver
read_page() need to return maximum number of bitflips instead of the
accumulated number. Change takes from upstream mt7621 u-boot [1].

 * @read_page:  function to read a page according to the ECC generator
 *              requirements; returns maximum number of bitflips
 *              corrected in any single ECC step, -EIO hw error

[1] https://lore.kernel.org/all/cover.1653015383.git.weijie.gao@mediatek.com/

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit 2fbb91d73f)
2023-05-29 14:17:52 +02:00
Stan Grishin
570618b844 base-files: x86 fix 01_leds Syntax error
Cezary Jackiewicz reported:
| Syntax error in line /etc/board.d/01_leds#L22 - missing "\"

Fixes: c191c2d46f ("x86: base-files add support for Sophos 135r3/135r3w")
Reported-by: Cezary Jackiewicz <cezary@eko.one.pl>
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(buffed up commit message)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 4b8b2f4f97)
2023-05-29 14:17:52 +02:00
Pawel Dembicki
3d05d54679 layerscape: kernel: enable MC userspace support
Management Complex (MC) userspace support is required for userspace
helpers working with DPAA2 objects exported by the Management Complex BUS.

Without it, there is the error:

```
root@OpenWrt:/# ls-addni dpmac.1
error: Did not find a device file
Restool wrapper scripts only support the latest major MC version
that currently is MC10.x. Use with caution.
error: Did not find a device file
```

This patch fixes it.

Suggested-by: Alexandra Alth <alexandra@alth.de>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
(cherry picked from commit d04d6a82da)
2023-05-29 14:17:52 +02:00
Pawel Dembicki
6fc6ea4d3a package: layerscape: change loadaddr address
At this moment loadaddr in most layerscape boards are configured to
0x81000000. 5.15 kernel on some boards is bigger than 5.10 and it cause error:

Loading kernel from FIT Image at 81000000 ...

Using 'config-1' configuration
Trying 'kernel-1' kernel subimage
Description: ARM64 OpenWrt Linux-5.15.112
Created: 2023-05-21 17:39:35 UTC
Type: Kernel Image
Compression: gzip compressed
Data Start: 0x810000ec
Data Size: 7513944 Bytes = 7.2 MiB
Architecture: AArch64
OS: Linux
Load Address: 0x80000000
Entry Point: 0x80000000
Hash algo: crc32
Hash value: 6fd69550
Hash algo: sha1
Hash value: ee34c753ffb615e199a428762824ad4a0aaef90a
Verifying Hash Integrity ... crc32+ sha1+ OK
Loading fdt from FIT Image at 81000000 ...

Using 'config-1' configuration
Trying 'fdt-1' fdt subimage
Description: ARM64 OpenWrt fsl_ls1088a-rdb-sdboot device tree blob
Created: 2023-05-21 17:39:35 UTC
Type: Flat Device Tree
Compression: uncompressed
Data Start: 0x8172a98c
Data Size: 19794 Bytes = 19.3 KiB
Architecture: AArch64
Hash algo: crc32
Hash value: 59792ba3
Hash algo: sha1
Hash value: 135585a49f86cd85acea559b78b0098ae99d5e12
Verifying Hash Integrity ... crc32+ sha1+ OK
Booting using the fdt blob at 0x8172a98c
Uncompressing Kernel Image
ERROR: new format image overwritten - must RESET the board to recover
resetting ...

This patch changes loadaddr to 0x88000000 (like LS1012A-FRDM board) to
avoid overlapping for bigger images (like initramfs) too.

Tested-by: Alexandra Alth <alexandra@alth.de> [LS1088ARDB]
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
(cherry picked from commit 0822040671)
2023-05-29 14:17:52 +02:00
Daniel Golle
94884f3904 mediatek: sync MT7988 USXGMII with SDK driver
The USXGMII driver in SDK was heavily refactored, some bugs have been
fixed and it has switched to use phylink_pcs. Follow up with changes
in SDK driver and sync our on-top-of-mainline driver with the SDK
driver.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ba58245e83)
2023-05-29 13:04:14 +01:00
Daniel Golle
cd36c6f52b mediatek: follow-up with renamed Build/bl2 and Build/bl31-uboot
Use renamed build step names for all boards which were not handled by
commit c620409d58 ("mediatek: filogic: add uboot build for mt7981")
and now breaking the build.

Fixes: c620409d58 ("mediatek: filogic: add uboot build for mt7981")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 037ce27244)
2023-05-29 13:04:14 +01:00
Chukun Pan
e018afcfc6 mediatek: filogic: add Qihoo 360T7 support
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: ESMT F50L1G41LB 128MB
  RAM: MT5CC128M16JR-EK 256MB
  Ethernet: 4x 10/100/1000 Mbps
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, WPS
  Power: DC 12V 1A

Flash instructions:
  1. Attach UART, boot the stock firmware until
     the message about failsafe mode appears.
  2. Enter failsafe mode by pressing "f" and "Enter"
  3. Type "mount_root", then run
     "fw_setenv bootmenu_delay 3"
  4. Back up all mtd partitions before flashing.
  5. Reboot, U-Boot now presents a menu.
  6. Connect to your PC via the Gigabit port of the router,
     set a static ip on the ethernet interface of your PC.
     (ip 192.168.1.254, gateway 192.168.1.1)
  7. Select "Upgrade ATF BL2", then use this file:
     openwrt-mediatek-filogic-qihoo_360t7-preloader.bin
  8. Select "Upgrade ATF FIP", then use this file:
     openwrt-mediatek-filogic-qihoo_360t7-bl31-uboot.fip
  9. Download the initramfs image, and type "reset",
     waiting for tftp recovery to complete.
  a. After openwrt boots up, perform sysupgrade.

Note:
  1. Since NMBM is disabled, we must back up all partitions.
  2. Flash instructions is based on commit 28df7f7.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit dc2d4d7393)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-29 13:04:14 +01:00
Chukun Pan
99c94c6696 uboot-mediatek: add Qihoo 360T7 support
The vendor uboot will verify firmware at boot.
So add a custom uboot build for this device.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit c51eb17730)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-29 13:04:14 +01:00
Chukun Pan
f588da89a3 arm-trusted-firmware-mediatek: add build for MT7981 DDR3
Add new build option BOARD_QFN/BOARD_BGA.
This option is only useful for MT7981 device.
MT7981A/B: BOARD_BGA, MT7981C: BOARD_QFN.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 602cb4f325)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-29 13:04:14 +01:00
Chukun Pan
c55bcf7772 mediatek: filogic: add uboot build for mt7981
Rename previous uboot build to mt7986-*.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit c620409d58)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-29 13:04:14 +01:00
Alexander Couzens
5d0d04e238 mediatek: mt7981: add reserved memory to support pstore
Add reserved memory for pstore/ramoops to device tree used by Linux
as well as U-Boot.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3eb354f999)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-29 13:04:14 +01:00
Daniel Golle
7f0e1373f4 mediatek: cleanly backport and add fix for I2C driver
Pick accepted patches from upstream Linux tree instead of having to
maintain our slightly different downstream patches.
Import pending patch fixing I2C on MT7981 by making sure all clocks
are enabled before accessing I2C registers.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 213b728276)
2023-05-29 13:04:14 +01:00
Nick Hainke
dc2841045d ramips: mark patches accepted upstream
Add kernel tags to the patches that got accepted upstream.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 2388b119de)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-29 13:04:14 +01:00
Daniel Golle
912974cc15 mediatek: fix, clean and unify SD card image generation
Make sure sub-images on the SD card are size-checked, allow
generating SD card without squashfs and/or initramfs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 43d27b0252)
2023-05-29 13:04:14 +01:00
John Audia
afe2722f6d kernel: bump 5.15 to 5.15.113
All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, ramips/tplink_archer-a6-v3, filogic/xiaomi_redmi-router-ax6000-ubootmod
Run-tested: bcm2711/RPi4B, ramips/tplink_archer-a6-v3, filogic/xiaomi_redmi-router-ax6000-ubootmod

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit c815ecdebd)
2023-05-29 13:04:14 +01:00
Christian Marangi
3a1cb63336
CI: use toolchain container for label workflow
Use toolchain container for label workflow to skip downloading external
toolchain from openwrt servers.

Fixes: 0fe5776f4a ("CI: build: Add support to use container included external toolchain")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 66fd0aa6ef)
2023-05-28 03:47:01 +02:00
Christian Marangi
4174768d9f
CI: don't add "" in target and subtarget for label workflow
Don't add "" in target and subtarget for label workflow from label
detection as it does cause problem in build workflow on container
target/subtarget matching.

Fixes: bf8187d5dc ("CI: use split target and subtarget in label workflow")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 1fa84354a9)
2023-05-27 19:59:29 +02:00
Christian Marangi
ec6bbc5255
CI: build: fix parse toolchain step failing for git strict rules
Commit 1cb8cdb ("ci: use new buildbot worker images with Debian 11")
introduced new Git version with strict rules for owner of the git
directory.

To handle this and not cause major change, just move the parsing before
the change of ownership of the openwrt directory permitting the correct
run of git fetch command with the same user that did the repository
checkout.

Fixes: 1cb8cdb ("ci: use new buildbot worker images with Debian 11")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 0063e71d66)
2023-05-25 23:49:33 +02:00
Christian Marangi
962334bc82
CI: correctly output subtarget in label workflow
Commit bf8187d5dc ("CI: use split target and subtarget in label
workflow") didn't correctly output subtarget resulting in calling with
an empty subtarget. Fix this and correctly output generated subtarget.

Fixes: bf8187d5dc ("CI: use split target and subtarget in label workflow")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 8aa5a86010)
2023-05-25 23:15:26 +02:00
Christian Marangi
7666503f68
CI: use split target and subtarget in label workflow
With eecc6e4811 ("CI: rework build workflow to have split target and
subtarget directly") target and subtarget are split in 2 different
variables. Label workflow were not aligned to this change and are
currently broken.

Fix them and correctly pass split target and subtarget.

Fixes: eecc6e4811 ("CI: rework build workflow to have split target and subtarget directly")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit bf8187d5dc)
2023-05-25 23:15:26 +02:00
Robert Marko
8f2dcd0c3d generic: filter out CONFIG_PAHOLE_HAS_SPLIT_BTF
CONFIG_PAHOLE_HAS_SPLIT_BTF should be runtime detected as it depends on
pahole being available on the host, so filter it out of configs.

Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 3591353f51)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-25 09:35:31 +01:00
Tony Ambardar
f54bea12b6 bpftools: update, split off bpftool and libbpf packages
My original bpftools package made "variant" builds of bpftool and libbpf
as a convenience, since both used the same local kernel sources with the
same versioning. This is no longer the case, since the commit below
switched to using an out-of-tree build mirror hosting repos for each.

Replace bpftools with separate bpftool and libbpf packages, each simplified
and correctly versioned. Also fix the broken libbpf ABI introduced in the
same commit. Existing build .config files are not impacted.

Fixes: 00cbf6f6ab ("bpftools: update to standalone bpftools + libbpf, use the latest version")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit afe1bf11f2)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-25 09:33:59 +01:00
Daniel Golle
e996c6eb19 Revert "kernel: add MODULE_ALLOW_BTF_MISMATCH option"
This reverts commit c07038da27.
MODULE_ALLOW_BTF_MISMATCH is not available in Linux 5.15.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:52 +01:00
Sam Shih
e458cfc214 mediatek: add basic mt7988 device tree support
This add basic device tree support for mediatek MT7988 SoC

Signed-off-by: Sam Shih <sam.shih@mediatek.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit e3a681bab4)
2023-05-24 19:26:52 +01:00
Daniel Golle
670dedbbd7 mediatek: backport cpufreq changes to support MT7988
Backport cpufreq changes from upstream so that the MediaTek MT7988 SoC
can be supported.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit e4555d69a1)
2023-05-24 19:26:52 +01:00
Daniel Golle
fd17917951 mediatek: filogic: add driver for Richtek RT5190A regulator
The Richtek RT5190A is used on the MT7988 reference board. Backport and
enable the driver on the filogic subtarget, so we can support cpufreq
on the MT7988 reference board.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit a3cf3e2c48)
2023-05-24 19:26:52 +01:00
Daniel Golle
84e3d27355 mediatek: add driver for built-in 2.5G Ethernet PHY
Add driver for the built-in 2.5G Ethernet PHY found in the MT7988 SoC.
To function the PHY also needs firmware files which have not yet been
published via linux-firmware.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ef2a831dab)
2023-05-24 19:26:52 +01:00
Daniel Golle
98e6233202 mediatek: update pending SoC Ethernet PHY driver
Update driver for MediaTek's built-in Gigabit Ethernet PHYs which can be
found in the MT7981 and MT7988 SoCs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 987a0b2b30)
2023-05-24 19:26:52 +01:00
Daniel Golle
f7d0a4797f generic: mt7530: backport support for the MT7988 built-in switch
Backport commits adding support for the MT7988 built-in switch to the
mt7530 driver.

This change results in the Kconfig symbol NET_DSA_MT7530 to be extended
by NET_DSA_MT7530_MDIO (everything formally covered by NET_DSA_MT7530)
and NET_DSA_MT7530_MMIO (a new driver for the MMIO-connected built-in
switch of the MT7988 SoC).

Select NET_DSA_MT7530_MDIO for all targets previously selecting
NET_DSA_MT7530, with the exception of mediatek/filogic which also
selects NET_DSA_MT7530_MMIO.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 958fdf36e3)
2023-05-24 19:26:52 +01:00
Daniel Golle
5970f5d027 generic: add support for MediaTek NETSYS v3
In order to support Ethernet on the MT7988 SoC add support for NETSYS v3
as well as new paths and USXGMII SerDes to the mtk_eth_soc driver.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 6983a215d9)
2023-05-24 19:26:52 +01:00
Sam Shih
d5dc84f44e mediatek: add mt7988 pinctrl driver support
This adds provisional pinctrl driver support for the MediaTek MT7988 SoC.

Signed-off-by: Sam Shih <sam.shih@mediatek.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 9e6a7e808f)
2023-05-24 19:26:52 +01:00
Sam Shih
d74c3d8895 mediatek: add mt7988 clock drivers support
This adds clock drivers for the MediaTek MT7988 SoC

Signed-off-by: Sam Shih <sam.shih@mediatek.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit b33c185876)
2023-05-24 19:26:52 +01:00
Daniel Golle
918c0e5f41 mediatek: mt7981: setup all clocks needed for eMMC
Setup all necessary clocks to get MMC to work on MT7981, similar to
how it is done also on MT7986.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit a9989b30d0)
2023-05-24 19:26:52 +01:00
Chukun Pan
3ff5e9e8de mediatek: mt7981: usb enable 3.0 by default
There is no reason to limit USB to 2.0 mode
by default, delete this limit.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit b2beb4c688)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:46 +01:00
Tony Ambardar
5df84814bb kernel: enable (ARM|ARM64)_MODULE_PLTS in generic config
This allows loading modules with large memory requirements, recently needed
while testing on armvirt/32. Past forum discussions [1] and bug reports [2]
also raised this and the ipq806x target already set it in response [3].
Given this increases kernel image size by only ~1KB, is generally useful on
multi-platform kernels, and enabled by default on upstream arm32 Linux, add
it to the generic config.

The setting has similar utility on arm64, is a requirement for KASLR, and
already enabled on most OpenWrt aarch64 targets, so pull this into the
top-level generic config.

[1]: https://forum.openwrt.org/t/vmap-allocation-for-size-442368-failed-use-vmalloc-size-to-increase-size/34545/7
[2]: https://github.com/openwrt/openwrt/issues/8282
[3]: f81e148eb6 ("ipq806x: update 4.19 kernel config").

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit c2d194a34e)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:41 +01:00
Daniel Golle
34b19a8520 mediatek: mt7623: build SD card without all filesystems
Allow building SD card images without having both initramfs and squashfs
present on the card, just like it has already been done for the mt7622
and filogic subtargets.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit d6fef27f2d)
2023-05-24 19:26:41 +01:00
Nick Hainke
d4b4926320 busybox: update to 1.36.1
Release Notes:
http://lists.busybox.net/pipermail/busybox-cvs/2023-May/041510.html

Refresh commands, run after busybox is first built once (nothing changed
compared to 1.36.0):

  cd package/utils/busybox/config/
  ../convert_menuconfig.pl ../../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1
  cd ..
  ./convert_defaults.pl ../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1/.config > Config-defaults.in

Manual edits needed afterward:

* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
  BUSYBOX_DEFAULT_FEATURE_IPV6

* Config-defaults.in: OpenWrt config TARGET_bcm53xx logic applied to
  BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)

* Config-defaults.in: OpenWrt logic applied to
  BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)

* Config-defaults.in: correct the default ports that get reset
  BUSYBOX_DEFAULT_FEATURE_HTTPD_PORT_DEFAULT    80
  BUSYBOX_DEFAULT_FEATURE_TELNETD_PORT_DEFAULT  23

* config/editors/Config.in: Add USE_GLIBC dependency to
  BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)

* config/shell/Config.in: change at "Options common to all shells" the conditional symbol
  SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
  (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
  Apparently our script does not see the hidden option while
  prepending config options with "BUSYBOX_CONFIG_" which leads to a
  missed dependency when the options are later evaluated.)

* Edit a few Config.in files by adding quotes to sourced items in
  config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)

Tested-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 3b76f6eee4)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:32 +01:00
Nick Hainke
ea9a7f1250 libxml2: update to 2.11.4
Release Notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.4

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit c520d682f0)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:28 +01:00
Nick Hainke
f1fbf61fcf libcap: update to 2.69
Release Notes:
https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.iuvg7sbjg8pe

Fixes: CVE-2023-2602 CVE-2023-2603
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 78c45c1e59)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:24 +01:00
Nick Hainke
60b6220028 lldpd: update to 1.0.17
Release Notes:
https://github.com/lldpd/lldpd/releases/tag/1.0.17

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 17fbbafdcb)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:19 +01:00
Pietro Ameruoso
22d7148689 mediatek: add support for Zyxel EX5601-T0 router
Zyxel EX5601-T0 specifics
--------------
The operator specific firmware running on the Zyxel branded
EX5601-T0 includes  U-Boot modifications affecting the OpenWrt
installation.

Partition Table
| dev  | size     | erasesize | name          |
| ---- | -------- | --------- | ------------- |
| mtd0 | 20000000 | 00040000  | "spi0.1"      |
| mtd1 | 00100000 | 00040000  | "BL2"         |
| mtd2 | 00080000 | 00040000  | "u-boot-env"  |
| mtd3 | 00200000 | 00040000  | "Factory"     |
| mtd4 | 001c0000 | 00040000  | "FIP"         |
| mtd5 | 00040000 | 00040000  | "zloader"     |
| mtd6 | 04000000 | 00040000  | "ubi"         |
| mtd7 | 04000000 | 00040000  | "ubi2"        |
| mtd8 | 15a80000 | 00040000  | "zyubi"       |

The router boots BL2 which than loads FIP (u-boot).
U-boot has hardcoded a command to always launch Zloader "mtd read zloader 0x46000000" and than "bootm". Bootargs are deactivated.
Zloader is the zyxel booloader which allow to dual-boot ubi or ubi2, by default access to zloader is blocked.
Too zloader checks that the firmware contains a particolar file called zyfwinfo.
Additional details regarding Zloader can be found here:
https://hack-gpon.github.io/zyxel/
https://forum.openwrt.org/t/adding-openwrt-support-for-zyxel-ex5601-t0/155914

Hardware
--------
SOC: MediaTek MT7986a
CPU: 4 core cortex-a53 (2000MHz)
RAM: 1GB DDR4
FLASH: 512MB SPI-NAND (Micron xxx)
WIFI: Wifi6 Mediatek MT7976 802.11ax 5 GHz 4x4 + 2.4GHZ 4x4
ETH: MediaTek MT7531 Switch + SoC
3 x builtin 1G phy (lan1, lan2, lan3)
1 x MaxLinear GPY211B 2.5 N-Base-T phy5 (lan4)
1 x MaxLinear GPY211B 2.5Gbit xor SFP/N-Base-T phy6 (wan)
USB: 1 x USB 3.2 Enhanced SuperSpeed port
UART: 3V3 115200 8N1 (Pinout: GND KEY RX TX VCC)
VOIP: 2 FXS ports for analog phones

MAC Address Table
-----------------
eth0/lan    Factory 0x002a
eth1/wan    Factory 0x0024
wifi 2.4Ghz Factory 0x0004
wifi 5Ghz   Factory 0x0004 + 1

Serial console (UART)
---------------------
+-------+-------+-------+-------+-------+
| +3.3V |  RX   |  TX   |  KEY  |  GND  |
+---+---+-------+-------+-------+-------+
    |
    +--- Don't connect

Installation
------------
Keep in mind that openwrt can only run on the UBI partition, the openwrt firmware is not able to understand the zloader bootargs.
The procedure allows restoring the UBI partition with the Zyxel firmware and retains all the OEM functionalities.

1. Unlock Zloader (this will allow to swap manually between partitions UBI and UBI2):
- Attach a usb-ttl adapter to your computer and boot the router.
- While the router is booting at some point you will read the following: `Please press Enter to activate this console.`
- As soon as you read that press enter, type root and than press enter again (just do it, don't care about the logs scrolling).
- Most likely the router is still printing the boot log, leave it boot until it stops.
- If everything went ok you should have full root access "root@EX5601-T0:/#".
- Type the following command and press enter: "fw_setenv EngDebugFlag 0x1".
- Reboot the router.
- As soon as you read `Hit any key to stop autoboot:` press Enter.
- If everything went ok you should have the following prompt: "ZHAL>".
- You have successfully unlocked zloader access, this procedure must be done only once.

2. Check the current active partition:
- Boot the router and repeat the steps above to gain root access.
- Type the following command to check the current active image: "cat /proc/cmdline".
- If `rootubi=ubi` it means that the active partition is `mtd6`
- If `rootubi=ubi2` it means that the active partition is `mtd7`
- As mentioned earlier we need to flash openwrt into ubi/mtd6 and never overwrite ubi2/mtd7 to be able to fully roll-back.
- To activate and boot from mtd7 (ubi2) enter into ZHAL> command prompt and type the following commands:
atbt 1  # unlock write
atsw    # swap boot partition
atsr    # reboot the router
- After rebooting check again with "cat /proc/cmdline" that you are correctly booting from mtd7/ubi2
- If yes proceed with the installation guide. If not probably you don't have a firmware into ubi2 or you did something wrong.

3. Flashing:
- Download the sysupgrade file for the router from openwrt, than we need to add the zyfwinfo file into the sysupgrade tar.
Zloader only checks for the magic (which is a fixed value 'EXYZ') and the crc of the file itself (256bytes).
I created a script to create a valid zyfwinfo file but you can use anything that does exactly the same:
https://raw.githubusercontent.com/pameruoso/OpenWRT-Zyxel-EX5601-T0/main/gen_zyfwinfo.sh
- Add the zyfwinfo file into the sysupgrade tar.
- Enter via telnet or ssh into the router with admin credentials
- Enter the following commands to disable the firmware and model checks
"zycli fwidcheck off" and "zycli modelcheck off"
- Open the router web interface and in the update firmware page select the "restore default settings option"
- Select the sysupgrade file and click on upload.
- The router will flash and reboot itself into openwrt from UBI

4. Restoring and going back to Zyxel firmware.
- Use the ZHAL> command line to manually swap the boot parition to UBI2 with the following:
atbt 1  # unlock write
atsw    # swap boot partition
atsr    # reboot the router
- You will boot again the Zyxel firmware you have into UBI2 and you can flash the zyxel firmware to overwrite the UBI partition and openwrt.

Working features
----------------
3 gbit lan ports
Wifi
Zyxel partitioning for coexistance with Zloader and dual boot.
WAN SFP port (only after exporting pins 57 and 10. gpiobase411)
leds
reset button
serial interface
usb port
lan ethernet 2.5 gbit port (autosense)
wan ethernet 2.5 gbit port (autosense)

Not working
----------------
voip (missing drivers or proper zyxel platform software)

Swapping the wan ethernet/sfp xor port
----------------
The way to swap the wan port between sfp and ethernet is the following:
export the pins 57 and 10.
Pin 57 is used to probe if an sfp is present.
If pin 57 value is 0 it means that an sfp is present into the cage (cat /sys/class/gpio/gpio468/value).
If pin 57 value is 1 it means that no sfp is inserted into the cage.
In conclusion by default both 57 an 10 pins are by default 1, which means that the active port is the ethernet one.
After inserting an SFP pin 57 will become 0 and you have to manually change the value of pin 10 to 0 too.
This is totally scriptable of course.

Leds description
------------
All the leds are working out of the box but the leds managed by the 2 maxlinear phy (phy 5 lan, phy6 wan).
To activate the phy5 led (rj45 ethernet port led on the back of the router) you have to use mdio-tools.
To activate the phy6 led (led on the front of the router for 2.5gbit link) you have to use mdio-tools.
Example:
Set lan5 led to fast blink on 2500/1000, slow blink on 10/100:
mdio mdio-bus mmd 5:30 raw 0x0001 0x33FC

Set wan 2.5gbit led to constant on when wan is 2.5gbit:
mdio mdio-bus mmd 6:30 raw 0x0001 0x0080

Signed-off-by: Pietro Ameruoso <p.ameruoso@live.it>
(cherry picked from commit 1c05388ab0)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:11 +01:00
Christian Marangi
b79ed14dd1 CI: rework build workflow to have split target and subtarget directly
Instead of referring to a redundant job and ENV variables, rework build
workflow to accept and require split target and subtarget and use them
directly from inputs.

Rework each user and pass a JSON of tuple to matrix include with each
target/subtarget combination to test. Special notice this doesn't use
the github actions matrix combination feature but reference each
specific tuple of target and subtarget to test.

Just a cleanup no behaviour change intended.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit eecc6e4811)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:06 +01:00
Christian Marangi
bf82648bf7 CI: check-kernel-patches: use buildbot user on git diff check
Use buildbot user on git diff check instead of using git config
safe directory.

This should accomplish the same result but should be a better approach
following safe practice enforced by git.

Fixes: a7747e8670 ("ci: fix check kernel patches job")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 6c80a578a4)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:02 +01:00
Shiji Yang
635d5488c9 ath79: add support for D-Link DIR-859 A3
Specifications:
  SOC:      QCA9563 775 MHz + QCA9880
  Switch:   QCA8337N-AL3C
  RAM:      Winbond W9751G6KB-25 64 MiB
  Flash:    Winbond W25Q128FVSG 16 MiB
  WLAN:     Wi-Fi4 2.4 GHz 3*3 + 5 GHz 3*3
  LAN:      LAN ports *4
  WAN:      WAN port *1
  Buttons:  reset *1 + wps *1
  LEDs: ethernet *5, power, wlan, wps

MAC Address:
  use      address               source1          source2
  label    40:9b:xx:xx:xx:3c     lan && wlan      u-boot,env@ethaddr
  lan      40:9b:xx:xx:xx:3c     devdata@0x3f     $label
  wan      40:9b:xx:xx:xx:3f     devdata@0x8f     $label + 3
  wlan2g   40:9b:xx:xx:xx:3c     devdata@0x5b     $label
  wlan5g   40:9b:xx:xx:xx:3e     devdata@0x76     $label + 2

Install via Web UI:
  Apply factory image in the stock firmware's Web UI.

Install via Emergency Room Mode:
  DIR-859 A1 will enter recovery mode when the system fails to boot
  or press reset button for about 10 seconds.

  First, set computer IP to 192.168.0.5 and Gateway to 192.168.0.1.
  Then we can open http://192.168.0.1 in the web browser to upload
  OpenWrt factory image or stock firmware. Some modern browsers may
  need to turn on compatibility mode.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit 0ffbef9317)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:25:56 +01:00