Commit Graph

50726 Commits

Author SHA1 Message Date
Mathias Kresin
2638c9801f lantiq: set maximum kernel size
These boards have a fixed size kernel partition but do not limit the
kernel size during image building.

Disable image building for both boards as well, since the kernel of the
last release as well as master are to big to fit into the 2 MByte kernel
partition.

Signed-off-by: Mathias Kresin <dev@kresin.me>
(cherry picked from commit 23dd786734)
2021-03-01 00:23:30 +01:00
Adrian Schmutzler
adc3a75d48 octeon: re-enable CONFIG_CAVIUM_CN63XXP1 and EdgeRouter image
The symbol CONFIG_CAVIUM_CN63XXP1 was disabled during the bump to
4.19 (see Fixes:) with the following reason:

  No supported hardware uses CN63XXP1 and it causes "slight decrease
  in performance"

However, it later turned out that the edgerouter image needed it,
which led to having the device disabled in [1].
Still, dropping support of a device seems a harsh action for just
removing a "slight" decrease in performance from the other devices.

Thus, this enables CONFIG_CAVIUM_CN63XXP1 again, and essentially
restores the situation present until (including) kernel 4.14 on
this target.

For OpenWrt as a platform, it seems more desirable to support all
devices (and have them tested regularly via the snapshots) in this
case.
Users interested in maximum performance might still just remove
the symbol again in their local build.

[1] 3824fa26d2 ("octeon: disable edgerouter image")

Fixes: 6c22545225 ("target/octeon: Add Linux 4.19 support")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit cfd1a40583)
2021-02-28 21:56:39 +01:00
Adrian Schmutzler
3feef9c555 ath79: enable UART node for GL-USB150
This was overlooked when adding support for this device.
(It has recently been discovered that this was the only device in
ath79 having &uart disabled.)

Fixes: acc6263013 ("ath79: add support for GL.iNet GL-USB150")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 722f1bd549)
2021-02-25 15:13:13 +01:00
Adrian Schmutzler
7054721cf9 ath79: enable UART in SoC DTSI files
The uart node is enabled on all devices except one (GL-USB150 *).
Thus, let's not have a few hundred nodes to enable it, but do not
disable it in the first place.

Where the majority of devices is using it, also move the serial0
alias to the DTSI.

*) Since GL-USB150 even defines serial0 alias, the missing uart
   is probably just a mistake. Anyway, disable it for now so this
   patch stays cosmetic.

Apply this to 21.02 as well to remove an unnecessary backporting
pitfall.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 3a4b751110)
2021-02-25 14:42:11 +01:00
Adrian Schmutzler
f6b175a9bf zlib: properly split patches
This package had two patches (with two headers etc.) in one file,
which would have quilt merging them during a refresh.

Separate these patches into two files, as the original intent seems
to be having them separate.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 221eefaf6b)
2021-02-25 14:41:40 +01:00
David Bauer
a75520c678 openssl: update package sources
OpenSSL downloads itself are distributed using Akamai CDN, so use these
sources as the highest priority.

Remove a stale mirror which seems to be offline for a longer time
already.

Add fallbacks to the old release path also for the mirrors.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 10e84bde36)
2021-02-24 20:24:18 +01:00
Christian Lamparter
86801bd3d8 wolfssl: fix Ed25519 typo in config prompt
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 09e66112f1)
2021-02-24 20:24:13 +01:00
David Bauer
f647d9e6bb download: remove broken mirrors
These mirrors don't exist anymore. Remove them.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f04e007491)
2021-02-24 20:24:09 +01:00
Eneas U de Queiroz
0e8d67023b wolfssl: bump to v4.7.0-stable
Biggest fix for this version is CVE-2021-3336, which has already been
applied here.  There are a couple of low severity security bug fixes as
well.

Three patches are no longer needed, and were removed; the one remaining
was refreshed.

This tool shows no ABI changes:
https://abi-laboratory.pro/index.php?view=objects_report&l=wolfssl&v1=4.6.0&v2=4.7.0

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit d1dfb577f1)
2021-02-24 20:24:04 +01:00
Sander Vanheule
c53a86806d ramips: mt7621: enable SX150x driver
The Netgear R6800 and R6700v2 devices have a Semtech SX1503 GPIO
expander controlling the device LEDs. This expander was initially
supported on 4.14, but support was lost in the transition to 5.4.

Since this driver cannot be built as a kernel module, enable it in the
kernel config for all mt7621 devices.

Run-tested on a Netgear R6800.

Cc: Stijn Segers <foss@volatilesystems.org>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Tested-by: Stijn Segers <foss@volatilesystems.org>
(cherry picked from commit 773949c152)
2021-02-24 20:23:59 +01:00
Stijn Segers
0a19f77f32 ramips: overwrite reset gpio properties in DIR-860L DTS
As suggested by Sergio, this adds GPIOs 19 and 8 explicitly into the
DIR-860L DTS, so the PCI-E ports get reset and the N radio (radio1)
on PCI-E port 1 comes up reliably.

Fixes the following error that popped up in dmesg:

    [    1.638942] mt7621-pci 1e140000.pcie: pcie1 no card, disable it (RST & CLK)

Suggested-by: Sergio Paracuellos <sergio.paracuellos@gmail.com>
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Reviewed-by: Sergio Paracuellos <sergio.paracuellos@gmail.com>
(cherry picked from commit 06356f0020)
2021-02-24 20:23:52 +01:00
Daniel Golle
75abdc4b46 arm-trusted-firmware-mediatek: bring back package
* use binary provided by MediaTek to work-around 'bromimage' issue
 * use @OPENWRT mirror for blobs
 * refactor Makefile
 * add mt7622 1c variants (using binaries provided by MTK)

(cherry picked from commit 068c82039f and
commit 9cd089dbbf)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-24 11:02:04 +00:00
Daniel González Cabanelas
8f7a905ffb bcm63xx: pinctrl: fix BCM6348 groups
The current driver has some troubles:
 - Some groupings are wrong.
 - The pinctrl group0 owns pins never used (at least in Openwrt) for any
   pinmux. The driver hijacks all the pins on the group avoiding any other
   use, spite they're free. I.e. for buttons, causing this kernel error:
   [  4.735928] gpio-keys-polled keys: unable to claim gpio 479, err=-22
   [  4.742642] gpio-keys-polled: probe of keys failed with error -22
 - Minor errors about groupings on the documentation
 - Missing "diag" grouping in dtsi
 - Wrong groupings in dtsi

Fix it by setting the correct groups.
And relax the pin capturing, letting the gpios belonging to any group to
be used for other purposes like buttons. This was the behavior with stock
firmwares and old OpenWrt versions which never caused any trouble.

Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
(Cherry-picked from commit 50cb3a750f)
2021-02-23 11:17:51 +01:00
Álvaro Fernández Rojas
e3e6ec3cda bcm63xx: limit name metadata to model name
Since there are only 16 characters available, on most cases the vendor name
will fit in the metadata, but the model name won't fit.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit c27532742d)
2021-02-23 08:35:59 +01:00
Álvaro Fernández Rojas
eb8726f9f4 image: add ModelNameLimit16
This script returns the model name limited to 16 characters.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from 1235ea7c20)
2021-02-23 08:35:41 +01:00
Shiji Yang
3c1aabd445 ramips: fix Phicomm PSG1218A switch port labels
The lan port sequence was reversed compared to the labels.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[improve commit title/message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 567a88e4b9)
2021-02-22 18:51:55 +01:00
Shiji Yang
64ca28a881 ramips: correct/add Phicomm K2x WAN/label MAC address
Phicomm K2G:
add missing label_mac

Phicomm PSG1218A & PSG1218B:
The previous wan mac was set as factory@0x28 +1 (originally based
on the default case for the ramips target), but the correct wan mac
is factory@0x28 -1, being equal to factory@0x2e.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[minor commit title/message adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 55263ffedb)
2021-02-22 17:33:43 +01:00
Álvaro Fernández Rojas
4b3958da39 bcm63xx: bcm63268: fix GPIO interrupts
pinctrl should rely on external interrupt controller for GPIO interrupts.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 36e35b8d81)
2021-02-22 09:10:08 +01:00
Baptiste Jonglez
cb5c93f12a scripts: getver.sh: fix version based on stable branch
When building from a local branch based off the "openwrt-21.02" branch,
version computation is wrong, because the number of local commits is
computed against master.  As a result, it wrongly counts *all* commits
since the beginning of the openwrt-21.02 branch as local commits.

The fix is to compare to the openwrt-21.02 branch instead, which gives the
expected result.

A similar change had been applied to the openwrt-19.07 branch:
891022918d ("scripts: getver.sh: fix version based on stable branch")

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
2021-02-21 18:42:38 +01:00
Adrian Schmutzler
1b46554895 tfa-layerscape: build fiptool again
The ls-ddr-phy package needs fiptool options that are not
available via the version from arm-trusted-firmware-tools.
This breaks build for layerscape with the recently added LX2160a:

  create: unrecognized option '--ddr-immem-udimm-1d'

Use the tfa-layerscape variant again for now, but rename it to
fiptool-layerscape to indicate that it's a specific variant.

This reverts 84bc7d31e0 ("tfa-layerscape: don't build fiptool").

Fixes: f59d7aab2a ("layerscape: add ddr-phy package")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 910b5d669f)
2021-02-21 13:55:30 +01:00
Álvaro Fernández Rojas
8cb50639c7 bcm27xx: remove urngd package
Now that khwrngd is working on all subtargets we can remove urgnd.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 9dc84018ee)
2021-02-20 19:57:33 +01:00
Álvaro Fernández Rojas
b7c5924f1f bcm27xx: enable bcm2711 HW RNG
Also add a patch setting its quality, which should make it usable by khwrngd.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 670526efa3)
2021-02-20 19:57:15 +01:00
Álvaro Fernández Rojas
906c87814d generic: add bcm2835-rng quality patch
This patch allows devices without a high resolution timer to boot up faster.
It should speed up boots for bcm2708 and bcm63xx.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 7747b3fa36)
2021-02-20 19:02:18 +01:00
Petr Štetiar
5808c8c6ba openwrt-keyring: add OpenWrt 21.02 GPG/usign keys
49283916005d usign: add 21.02 release build pubkey
bc4d80f064f2 gpg: add OpenWrt 21.02 signing key

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 1bf6d70e60)
2021-02-20 16:01:17 +01:00
Raphaël Mélotte
60823c67cb hostapd: backport ignoring 4addr mode enabling error
This is a backport of the upstream commit 58bbbb598144 ("nl80211: Ignore
4addr mode enabling error if it was already enabled") which fixes same
issue as in the current fix contained in '130-wpa_supplicant-multi_ap_roam.patch',
but in a different way:

 nl80211_set_4addr_mode() could fail when trying to enable 4addr mode on
 an interface that is in a bridge and has 4addr mode already enabled.
 This operation would not have been necessary in the first place and this
 failure results in disconnecting, e.g., when roaming from one backhaul
 BSS to another BSS with Multi AP.

 Avoid this issue by ignoring the nl80211 command failure in the case
 where 4addr mode is being enabled while it has already been enabled.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
[bump PKG_RELEASE, more verbose commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit fb860b4e41)
2021-02-20 10:39:42 +01:00
Stijn Segers
7a0cd1ede4 ramips: overwrite reset gpio properties in EX6150 DTS
The Netgear EX6150 can, just like the D-Link DIR-860L rev B1, fail to
initialise both radios in some cases. Add the reset GPIOs explicitly
so the PCI-E devices get re-initialised properly. See also FS #3632.

Error shows up in dmesg as follows:

  [    1.560764] mt7621-pci 1e140000.pcie: pcie1 no card, disable it (RST & CLK)

Tested-by: Kurt Roeckx <kurt@roeckx.be>
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
[removed period from commit title]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit af1b6799c6)
2021-02-20 09:39:58 +01:00
Yangbo Lu
ef47bc424c layerscape: add new devices in README and clean up
Support new devices LS1046AFRWY and LX2160ARDB in README.
Clean up README, and add missing LS1021ATWR deploy guide.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[adjust set of devices added, update commit message/title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a31842e7fd)
2021-02-19 20:09:29 +01:00
Yangbo Lu
2e1ad2473e layerscape: add LX2160ARDB (Rev2.0 silicon) board support
The QorIQ LX2160A reference design board provides a comprehensive platform
that enables design and evaluation of the LX2160A processor.

- Enables network intelligence with the next generation Datapath (DPPA2)
  which provides differentiated offload and a rich set of IO, including
  10GE, 25GE, 40GE, and PCIe Gen4

- Delivers unprecedented efficiency and new virtualized networks

- Supports designs in 5G packet processing, network function
  virtualization, storage controller, white box switching, network
  interface cards, and mobile edge computing

- Supports all three LX2 family members (16-core LX2160A; 12-core LX2120A;
  and 8-core LX2080A)

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[use AUTORELEASE, add dtb to firmware part]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 80dcd14abe)
2021-02-19 20:09:29 +01:00
Yangbo Lu
7272793330 layerscape: add ddr-phy package
Add ddr-phy package for layerscape. Currently only LX2160ARDB
requires the package.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[use AUTORELEASE]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit f59d7aab2a)
2021-02-19 20:09:29 +01:00
Yangbo Lu
7f933db108 layerscape: add FRWY-LS1046A board support
The LS1046A Freeway board (FRWY) is a high-performance computing,
evaluation, and development platform that supports the QorIQ
LS1046A architecture processor capable of support more than 32,000
CoreMark performance. The FRWY-LS1046A board supports the QorIQ
LS1046A processor, onboard DDR4 memory, multiple Gigabit Ethernet,
USB3.0 and M2_Type_E interfaces for Wi-Fi.

The FRWY-LS1046A-TP includes the Coral Tensor Flow Processing Unit
that offloads AI/ML inferencing from the CPU to provide significant
boost for AI/ML applications. The FRWY-LS1046A-TP includes one M.2
TPU module and more modules can easily be added including USB
versions of the module to scale the AI/ML performance.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[rebase, use AUTORELEASE, fix sorting, add dtb to firmware part]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 2c2d77bd3b)
2021-02-19 20:09:28 +01:00
Adrian Schmutzler
9f8bf18c7f layerscape: move rework-sdcard-images out of fsl-sdboot
Upcoming devices will not need the migration setup, so let's move
it out of the common definition.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a9075d42d7)
2021-02-19 20:09:28 +01:00
Seo Suchan
800a568df5 ramips: use lzma-loader for Wevo devices
As kernel size increased it start to fail to load squishfs image,
using lzma-loader fixed it.
wevo_11acnas is almost same device as w2914ns-v2 except ram size,
so I expect same thing would've happen in that device too.

Signed-off-by: Seo Suchan <abnoeh@mail.com>
Reviewed-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit ca6954e2dc)
2021-02-19 20:09:28 +01:00
Sander Vanheule
a7c0c9bb7e ramips: mt7621: add TP-Link EAP235-Wall support
The TP-Link EAP235-Wall is a wall-mounted, PoE-powered AC1200 access
point with four gigabit ethernet ports.

When connecting to the device's serial port, it is strongly advised to
use an isolated UART adapter. This prevents linking different power
domains created by the PoE power supply, which may damage your devices.

The device's U-Boot supports saving modified environments with
`saveenv`. However, there is no u-boot-env partition, and saving
modifications will cause the partition table to be overwritten. This is
not an issue for running OpenWrt, but will prevent the vendor FW from
functioning properly.

Device specifications:
* SoC: MT7621DAT
* RAM: 128MiB
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (MT7603EN): b/g/n, 2x2
* Wireless 5GHz (MT7613BEN): a/n/ac, 2x2
* Ethernet: 4× GbE
  * Back side: ETH0, PoE PD port
  * Bottom side: ETH1, ETH2, ETH3
* Single white device LED
* LED button, reset button (available for failsafe)
* PoE pass-through on port ETH3 (enabled with GPIO)

Datasheet of the flash chip specifies a maximum frequency of 33MHz, but
that didn't work. 20MHz gives no errors with reading (flash dump) or
writing (sysupgrade).

Device mac addresses:
Stock firmware uses the same MAC address for ethernet (on device label)
and 2.4GHz wireless. The 5GHz wireless address is incremented by one.
This address is stored in the 'info' ('default-mac') partition at an
offset of 8 bytes.
From OEM ifconfig:
    eth     a4:2b:b0:...:88
    ra0     a4:2b:b0:...:88
    rai0    a4:2b:b0:...:89

Flashing instructions:
* Enable SSH in the web interface, and SSH into the target device
* run `cliclientd stopcs`, this should return "success"
* upload the factory image via the web interface

Debricking:
U-boot can be interrupted during boot, serial console is 57600 baud, 8n1
This allows installing a sysupgrade image, or fixing the device in
another way.
* Access serial header from the side of the board, close to ETH3,
  pin-out is (1:TX, 2:RX, 3:GND, 4:3.3V), with pin 1 closest to ETH3.
* Interrupt bootloader by holding '4' during boot, which drops the
  bootloader into its shell
* Change default 'serverip' and 'ipaddr' variables (optional)
* Download initramfs with `tftpboot`, and boot image with `bootm`
    # tftpboot 84000000 openwrt-initramfs.bin
    # bootm

Revert to stock:
Using the tplink-safeloader utility from the firmware-utils package,
TP-Link's firmware image can be converted to an OpenWrt-compatible
sysupgrade image:
  $ ./staging_dir/host/bin/tplink-safeloader -B EAP235-WALL-V1 \
      -z EAP235-WALLv1_XXX_up_signed.bin -o eap235-sysupgrade.bin

This can then be flashed using the OpenWrt sysupgrade interface. The
image will appear to be incompatible and must be force flashed, without
keeping the current configuration.

Known issues:
- DFS support is incomplete (known issue with MT7613)
- MT7613 radio may stop responding when idling, reboot required.
  This was an issue with the ddc75ff704 version of mt76, but appears to
  have improved/disappeared with bc3963764d.
  Error notice example:
  [ 7099.554067] mt7615e 0000:02:00.0: Message 73 (seq 1) timeout

Hardware was kindly provided for porting by Stijn Segers.

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit 1e75909a35)
2021-02-19 20:09:28 +01:00
Stijn Segers
425c4c89b0 ramips: remove factory image for TP-Link Archer C20 v1
Similarly to the Archer C2 v1, the Archer C20 v1 will brick when one
tries to flash an OpenWrt factory image through the TP-Link web UI.
The wiki page contains an explicit warning about this [1].

Disable the factory image altogether since it serves no purpose.

[1] https://openwrt.org/toh/tp-link/tp-link_archer_c20_v1#installation

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
(cherry picked from commit 0265cba40a)
2021-02-19 20:09:28 +01:00
Álvaro Fernández Rojas
c74df745fd bcm63xx: update ethernet kernel panics fix
Use new patch from Sieng Piaw Liew.

Signed-off-by: Sieng Piaw Liew <liew.s.piaw@gmail.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 31a06f8fcc)
2021-02-19 13:19:59 +01:00
Álvaro Fernández Rojas
6a4dcb4719 cypress-firmware: fix PKG_SOURCE_URL
Download link has been moved.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 7febba3e50)
2021-02-19 11:09:28 +01:00
Álvaro Fernández Rojas
a7c4d94342 bcm27xx: add diag LEDs
We can now use the power LED for diag in more devices thanks to the latest
patches from the RPi foundation.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 5bab472a11)
2021-02-19 08:11:07 +01:00
Álvaro Fernández Rojas
9e2acdbccd bcm27xx: bcm2708: add missing RPi B DTS file
RPI 1B DTS has been splitted into 2 files:
 - bcm2708-rpi-b.dts: Newest (rev2) RPI 1B
 - bcm2708-rpi-b-rev1.dts: Old (rev1) RPI 1B

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 0aaa2cce1c)
2021-02-19 08:10:32 +01:00
Álvaro Fernández Rojas
1c22b7a1f2 bcm27xx: add support for RPI CM4 and RPI 400
Support added to bcm2709 (32 bits) and bcm2711 (64 bits).

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 8ad61118fd)
2021-02-19 07:19:46 +01:00
Álvaro Fernández Rojas
2e3983e387 bcm27xx-userland: update to latest version
Adds some fixes and removes upstreamed patch.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 1d3a9b1c00)
2021-02-19 07:18:56 +01:00
Álvaro Fernández Rojas
be423be931 bcm27xx-gpu-fw: update to latest version
This is needed to add support for CM4 and RPI 400.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit f41e653da9)
2021-02-19 07:18:23 +01:00
Álvaro Fernández Rojas
62b7f5931c bcm27xx: import latest patches from the RPi foundation
bcm2708: boot tested on RPi B+ v1.2
bcm2709: boot tested on RPi 3B v1.2 and RPi 4B v1.1 4G
bcm2710: boot tested on RPi 3B v1.2
bcm2711: boot tested on RPi 4B v1.1 4G

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit f07e572f64)
2021-02-19 07:17:21 +01:00
John Audia
76d1168d0d kernel: bump 5.4 to 5.4.99
Ran update_kernel.sh in a fresh clone without any existing toolchains.
No manual changes needed.

Build system: x86_64
Build-tested: bcm27xx/bcm2711

Signed-off-by: John Audia <graysky@archlinux.us>
(cherry-picked from commit 5d3a6fd970)
2021-02-19 07:15:59 +01:00
Felix Fietkau
cbe4beb442 build: fix ABI version for PROVIDES symbols
GetABISuffix does not work for intra-package ABI version of provided symbols,
since ABIV_$(provided) is not set.
Fix ABI version by using $(ABIV_$(1)) directly

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 0db9d11865)
2021-02-18 19:58:53 +01:00
David Bauer
194e85e7db mediatek: add support for Ubiquiti UniFi 6 LR
Hardware
--------

MediaTek MT7622
512MB DDR3 RAM
64M SPI-NOR Flash (Winbond W25Q512JV)
MediaTek MT7622 802.11bgn 4T4R WMAC
MediaTek MT7915 802.11ax 4T4R
Marvell AQR1112 100/1000/2500 NBase-T PHY
Holtek HT32F52241 LED controller
Reset Switch

UART
----

CPU UART0 at the pinout next to the Holtek MCU.

Pinout (first pin next to SoC / MCU)

0 3V3
1 RX
2 TX
3 GND

Settings are 115200 8N1.

Opening the case
----------------

Opening the case is not a nice task, as itis glued together. Insert a
flat knife between the front and back casing below the ethernet port.
Open up a gap this way and insert a flat scredriver, remove the knife.

Work your way around the casing by applying force to seperate the front
and back casing. This losens the glue and opens the plastic clips. Be
gentle, as these clips are very cheap and break quickly.

Installation
------------

1. Connect to the booted device at 192.168.1.20 using username/password
   "ubnt".

2. Transfer the OpenWrt sysupgrade image to the device using SCP.

3. Check the mtd partition number for bs / kernel0 / kernel1

   $ cat /proc/mtd

4. Set the bootselect flag to boot from kernel0

   $ dd if=/dev/zero bs=1 count=1 of=/dev/mtdblock6

5. Write the OpenWrt sysupgrade image to both kernel0 as well as kernel1

   $ dd if=openwrt.bin of=/dev/mtdblock8
   $ dd if=openwrt.bin of=/dev/mtdblock9

6. Reboot the device. It should boot into OpenWrt.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 634c13c186)
2021-02-18 12:14:34 +01:00
David Bauer
ee6349fbe5 mediatek: add Ubiquiti LED driver
Add a driver for controlling the RGB LED via Ubiquitis own "LEDBAR" LED
controller based on the Holtek HT32F52241 MCU.

This driver is initially used by the Ubiquiti UniFi 6 LR, however
judging from FCC pictures the MCU is also found on the U6-Mesh as well
as the U6-Extender.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c9137e2ddf)
2021-02-18 12:14:25 +01:00
Mathias Kresin
0011c7ad12 lantiq: fritz7320: enable USB power supply
The USB ports if a FRIZZ!Box 7320 do not supply power to connected
devices.

Add the GPIOs enabling USB power as regulator, to enable USB power
supply as soon as the USB driver is loaded.

Fixes FS#3624

Signed-off-by: Mathias Kresin <dev@kresin.me>
(cherry picked from commit 6e4e97b2256327bb380ee2a83da9a1ddf657e395)
2021-02-18 00:14:51 +01:00
Eneas U de Queiroz
c6319239d8 openssl: bump to 1.1.1j
This fixes 4 security vulnerabilities/bugs:

- CVE-2021-2839 - SSLv2 vulnerability. Openssl 1.1.1 does not support
  SSLv2, but the affected functions still exist. Considered just a bug.

- CVE-2021-2840 - calls EVP_CipherUpdate, EVP_EncryptUpdate and
  EVP_DecryptUpdate may overflow the output length argument in some
  cases where the input length is close to the maximum permissable
  length for an integer on the platform. In such cases the return value
  from the function call will be 1 (indicating success), but the output
  length value will be negative.

- CVE-2021-2841 - The X509_issuer_and_serial_hash() function attempts to
  create a unique hash value based on the issuer and serial number data
  contained within an X509 certificate. However it was failing to
  correctly handle any errors that may occur while parsing the issuer
  field (which might occur if the issuer field is maliciously
  constructed). This may subsequently result in a NULL pointer deref and
  a crash leading to a potential denial of service attack.

- Fixed SRP_Calc_client_key so that it runs in constant time. This could
  be exploited in a side channel attack to recover the password.

The 3 CVEs above are currently awaiting analysis.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 482c9ff289)
2021-02-17 09:26:10 +01:00
Adrian Schmutzler
865cab8c6e kernel: 5.4: fix .patch file extension
File extension was truncated for
pending-5.4/770-11-net-ethernet-mtk_eth_soc-avoid-rearming-interrupt-if.pa

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 487b7ae5eb)
2021-02-17 01:32:28 +01:00
Adrian Schmutzler
b95f3caaa1 ipq807x: drop target
This target is not ready for stable release yet.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-02-16 14:00:58 +01:00