Felix Fietkau [Tue, 30 Nov 2021 10:55:46 +0000 (11:55 +0100)]
mac80211: backport support for ndo_fill_forward_path
Will be used in an upcoming mt76 update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Etienne Champetier [Wed, 26 Jan 2022 19:23:23 +0000 (14:23 -0500)]
iptables: add ip{,6}tables-legacy{,-restore,-save} symlinks
Now that we can have both legacy and nft iptables variants
installed at the same time, install the legacy symlinks
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Etienne Champetier [Wed, 26 Jan 2022 22:09:44 +0000 (17:09 -0500)]
iptables: use ALTERNATIVES for ip(6)tables(-nft)
As nftables is now the default, ip(6)tables-nft gets higher priority
The removed symlinks ("$(CP)" line) will now be installed by the
ALTERNATIVES mechanism
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Etienne Champetier [Wed, 26 Jan 2022 19:33:52 +0000 (14:33 -0500)]
iptables: rework ip(6)tables-nft dependencies
according to iptables-nft man page,
"These tools use the libxtables framework extensions and hook to the nf_tables
kernel subsystem using the nft_compat module."
This means that to work, iptables-nft needs the same modules as
iptables legacy except the ip(6)table-{filter,mangle,nat,raw}
ip_tables, ip6tables.
When those modules are loaded iptables-nft-save output contains
"# Warning: iptables-legacy tables present, use iptables-legacy-save to see them"
But as long as it's empty it should not be a problem.
To have nft properly display the rules created by ip(6)tables-nft we need
all iptables targets and matches to be built as extension and not built-in
(/usr/lib/iptables/libip(6)t_*.so)
When switching a package to iptables-nft, you need to keep the
iptables-mod-* dependencies
This patch does minimal changes:
- remove the direct iptables-nft -> iptables dependency
- and more important add nft-compat dependency
The rule
iptables-nft -A OUTPUT -d 8.8.8.8 -m comment --comment "aaa" -j REJECT
becomes
table ip filter {
chain OUTPUT {
type filter hook output priority filter; policy accept;
ip daddr 8.8.8.8 # xt_comment counter packets 0 bytes 0 # xt_REJECT
}
}
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Etienne Champetier [Thu, 27 Jan 2022 21:00:21 +0000 (16:00 -0500)]
netfilter: add kmod-nft-compat
This modules is required by iptables-nft
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Etienne Champetier [Thu, 27 Jan 2022 19:03:02 +0000 (14:03 -0500)]
iptables: fix ip6tables-nft description
ip6tables-nft packages ip6tables* utils not iptables*
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Etienne Champetier [Wed, 26 Jan 2022 19:20:37 +0000 (14:20 -0500)]
iptables: fix ip6tables-extra description
The define was referencing ip6tables-mod-extra instead of ip6tables-extra
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Daniel Golle [Wed, 2 Feb 2022 02:35:04 +0000 (02:35 +0000)]
uqmi: update to git HEAD
f254fc5 uqmi: add support for get operating mode
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hauke Mehrtens [Tue, 1 Feb 2022 22:00:50 +0000 (23:00 +0100)]
bcm63xx: Remove patch already in Linux stable
Remove the 434-nand-brcmnand-fix-OOB-R-W-with-Hamming-ECC.patch, it was
already applied to Linux 5.10.37 and is not needed any more.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Rui Salvaterra [Tue, 1 Feb 2022 20:07:47 +0000 (20:07 +0000)]
kernel: bump 5.10 to 5.10.96
Patches automatically rebased.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Rui Salvaterra [Sun, 30 Jan 2022 20:25:58 +0000 (20:25 +0000)]
kernel: bump 5.10 to 5.10.95
Patches automatically rebased.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Rui Salvaterra [Thu, 27 Jan 2022 12:08:41 +0000 (12:08 +0000)]
kernel: bump 5.10 to 5.10.94
Deleted (upstreamed):
bcm27xx/patches-5.10/950-0669-drm-vc4-hdmi-Make-sure-the-device-is-powered-with-CE.patch [1]
bcm27xx/patches-5.10/950-0672-drm-vc4-hdmi-Move-initial-register-read-after-pm_run.patch [1]
gemini/patches-5.10/0003-ARM-dts-gemini-NAS4220-B-fis-index-block-with-128-Ki.patch [2]
Manually rebased:
bcm27xx/patches-5.10/950-0675-drm-vc4-hdmi-Drop-devm-interrupt-handler-for-CEC-int.patch
Manually reverted:
generic/pending-5.10/860-Revert-ASoC-mediatek-Check-for-error-clk-pointer.patch [3]
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.94&id=
55b10b88ac8654fc2f31518aa349a2e643b37f18
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.94&id=
958a8819d41420d7a74ed922a09cacc0ba3a4218
[3] https://lore.kernel.org/all/trinity-
2a727d96-0335-4d03-8f30-
e22a0e10112d-
1643363480085@3c-app-gmx-bap33/
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Rui Salvaterra [Thu, 20 Jan 2022 10:45:31 +0000 (10:45 +0000)]
kernel: bump 5.10 to 5.10.93
No patches required rebasing.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Alar Aun [Tue, 6 Apr 2021 16:38:31 +0000 (19:38 +0300)]
ipq40xx: add MikroTik cAP ac support
This adds support for the MikroTik RouterBOARD RBcAPGi-5acD2nD
(cAP ac), a indoor dual band, dual-radio 802.11ac wireless AP, two
10/100/1000 Mbps Ethernet ports.
See https://mikrotik.com/product/cap_ac for more info.
Specifications:
- SoC: Qualcomm Atheros IPQ4018
- RAM: 128 MB
- Storage: 16 MB NOR
- Wireless:
· Built-in IPQ4018 (SoC) 802.11b/g/n 2x2:2, 2.5 dBi antennae
· Built-in IPQ4018 (SoC) 802.11a/n/ac 2x2:2, 2.5 dBi antennae
- Ethernet: Built-in IPQ4018 (SoC, QCA8075) , 2x 1000/100/10 port,
PoE in and passive PoE out
Unsupported:
- PoE out
Installation:
Boot the initramfs image via TFTP and then flash the sysupgrade
image using "sysupgrade -n"
Signed-off-by: Alar Aun <alar.aun@gmail.com>
Sergey V. Lobanov [Sat, 1 Jan 2022 19:37:13 +0000 (22:37 +0300)]
wolfssl: update to 5.1.1-stable
Bump from 4.8.1-stable to 5.1.1-stable
Detailed release notes: https://github.com/wolfSSL/wolfssl/releases
Upstreamed patches:
001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch -
https://github.com/wolfSSL/wolfssl/commit/
fa8f23284d4689c2a737204b337b58d966dcbd8c
002-Update-macro-guard-on-SHA256-transform-call.patch -
https://github.com/wolfSSL/wolfssl/commit/
f447e4c1fa4c932c0286fa0331966756e243db81
Refreshed patches:
100-disable-hardening-check.patch
200-ecc-rng.patch
CFLAG -DWOLFSSL_ALT_CERT_CHAINS replaced to --enable-altcertchains
configure option
The size of the ipk changed on aarch64 like this:
491341 libwolfssl4.8.1.31258522_4.8.1-stable-7_aarch64_cortex-a53.ipk
520322 libwolfssl5.1.1.31258522_5.1.1-stable-1_aarch64_cortex-a53.ipk
Tested-by: Alozxy <alozxy@users.noreply.github.com>
Acked-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Marek Behún [Thu, 20 Jan 2022 13:21:36 +0000 (14:21 +0100)]
kernel: add kmod-vrf
Add option to compile kmod-vrf, support for Virtual Routing and
Forwarding (Lite).
This module depends on NET_L3_MASTER_DEV, which is a boolean kernel
option, so we need to create a configuration option also for this, and
make kmod-vrf depend on it.
Signed-off-by: Marek Behún <kabel@kernel.org>
John Audia [Sat, 29 Jan 2022 17:25:48 +0000 (12:25 -0500)]
kernel: bump 5.4 to 5.4.175
All patches automatically rebased.
Signed-off-by: John Audia <graysky@archlinux.us>
Hauke Mehrtens [Sat, 29 Jan 2022 12:37:23 +0000 (13:37 +0100)]
toolchain: glibc: Remove patch for ARC700
The ARC700 target was renoved, this patch is not needed any more.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 16:32:42 +0000 (17:32 +0100)]
kernel: Make kmod-usb-net-lan78xx depend on kmod-of-mdio
kmod-usb-net-lan78xx depends on kmod-of-mdio when this package is
activated.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 12:10:00 +0000 (13:10 +0100)]
uboot-envtools: Update to version 2022.01
The sizes of the ipk changed on MIPS 24Kc like this:
13281 uboot-envtools_2021.01-54_mips_24kc.ipk
13308 uboot-envtools_2022.01-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 11:23:56 +0000 (12:23 +0100)]
libcap: Update to version 2.63
The sizes of the ipk changed on MIPS 24Kc like this:
11248 libcap_2.51-1_mips_24kc.ipk
14461 libcap_2.63-1_mips_24kc.ipk
18864 libcap-bin_2.51-1_mips_24kc.ipk
20576 libcap-bin_2.63-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 11:15:20 +0000 (12:15 +0100)]
e2fsprogs: Update to version 1.46.5
The sizes of the ipk changed on MIPS 24Kc like this:
8788 badblocks_1.45.6-2_mips_24kc.ipk
8861 badblocks_1.46.5-1_mips_24kc.ipk
3652 chattr_1.45.6-2_mips_24kc.ipk
3657 chattr_1.46.5-1_mips_24kc.ipk
58128 debugfs_1.45.6-2_mips_24kc.ipk
60279 debugfs_1.46.5-1_mips_24kc.ipk
8551 dumpe2fs_1.45.6-2_mips_24kc.ipk
8567 dumpe2fs_1.46.5-1_mips_24kc.ipk
4797 e2freefrag_1.45.6-2_mips_24kc.ipk
4791 e2freefrag_1.46.5-1_mips_24kc.ipk
159790 e2fsprogs_1.45.6-2_mips_24kc.ipk
168212 e2fsprogs_1.46.5-1_mips_24kc.ipk
7083 e4crypt_1.45.6-2_mips_24kc.ipk
7134 e4crypt_1.46.5-1_mips_24kc.ipk
5749 filefrag_1.45.6-2_mips_24kc.ipk
6233 filefrag_1.46.5-1_mips_24kc.ipk
4361 libcomerr0_1.45.6-2_mips_24kc.ipk
4355 libcomerr0_1.46.5-1_mips_24kc.ipk
168040 libext2fs2_1.45.6-2_mips_24kc.ipk
174209 libext2fs2_1.46.5-1_mips_24kc.ipk
8514 libss2_1.45.6-2_mips_24kc.ipk
8613 libss2_1.46.5-1_mips_24kc.ipk
3148 lsattr_1.45.6-2_mips_24kc.ipk
3227 lsattr_1.46.5-1_mips_24kc.ipk
22530 resize2fs_1.45.6-2_mips_24kc.ipk
22909 resize2fs_1.46.5-1_mips_24kc.ipk
33315 tune2fs_1.45.6-2_mips_24kc.ipk
34511 tune2fs_1.46.5-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 11:01:19 +0000 (12:01 +0100)]
util-linux: Update to version 2.37.3
This release fixes two security mount(8) and umount(8) issues:
CVE-2021-3996
Improper UID check in libmount allows an unprivileged user to unmount FUSE
filesystems of users with similar UID.
CVE-2021-3995
This issue is related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 16:35:19 +0000 (17:35 +0100)]
util-linux: Do not build raw any more.
The man page of the raw tool does not build because the disk-utils/raw.8
file is missing. It looks like it should be in the tar.xz file we
download, but it is missing.
We do not package the raw tool, so this is not a problem.
This fixes the following build error:
No rule to make target 'disk-utils/raw.8', needed by 'all-am'. Stop.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 10:59:19 +0000 (11:59 +0100)]
strace: Update to version 5.16
The sizes of the ipk changed on MIPS 24Kc like this:
289764 strace_5.14-1_mips_24kc.ipk
310899 strace_5.16-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 10:57:25 +0000 (11:57 +0100)]
ethtool: Update to version 5.16
795f420 cmis: Rename CMIS parsing functions
369b43a cmis: Initialize CMIS memory map
da16288 cmis: Use memory map during parsing
6acaeb9 cmis: Consolidate code between IOCTL and netlink paths
d7d15f7 sff-8636: Rename SFF-8636 parsing functions
4230597 sff-8636: Initialize SFF-8636 memory map
b74c040 sff-8636: Use memory map during parsing
799572f sff-8636: Consolidate code between IOCTL and netlink paths
9fdf45c sff-8079: Split SFF-8079 parsing function
2ccda25 netlink: eeprom: Export a function to request an EEPROM page
86792db cmis: Request specific pages for parsing in netlink path
6e2b32a sff-8636: Request specific pages for parsing in netlink path
c2170d4 sff-8079: Request specific pages for parsing in netlink path
9538f38 netlink: eeprom: Defer page requests to individual parsers
664586e Merge branch 'review/next/module-mem-map' into master
50fdaec ethtool: Set mask correctly for dumping advertised FEC modes
c5e7133 cable-test: Fix premature process termination
73091cd sff-8636: Use an SFF-8636 specific define for maximum number of channels
837c166 sff-common: Move OFFSET_TO_U16_PTR() to common header file
8658852 cmis: Initialize Page 02h in memory map
27b42a9 cmis: Initialize Banked Page 11h in memory map
340d88e cmis: Parse and print diagnostic information
eae6a99 cmis: Print Module State and Fault Cause
82012f2 cmis: Print Module-Level Controls
d7b1007 sff-8636: Print Power set and Power override bits
429f2fc Merge branch 'review/cmis-diag' into master
32457a9 monitor: do not show duplicate options in help text
c01963e Release version 5.16.
The sizes of the ipk changed on MIPS 24Kc like this:
34317 ethtool_5.15-1_mips_24kc.ipk
34311 ethtool_5.16-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 10:56:27 +0000 (11:56 +0100)]
mbedtls: Update to version 2.16.12
This fixes the following security problems:
* Zeroize several intermediate variables used to calculate the expected
value when verifying a MAC or AEAD tag. This hardens the library in
case the value leaks through a memory disclosure vulnerability. For
example, a memory disclosure vulnerability could have allowed a
man-in-the-middle to inject fake ciphertext into a DTLS connection.
* Fix a double-free that happened after mbedtls_ssl_set_session() or
mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
(out of memory). After that, calling mbedtls_ssl_session_free()
and mbedtls_ssl_free() would cause an internal session buffer to
be free()'d twice. CVE-2021-44732
The sizes of the ipk changed on MIPS 24Kc like this:
182454 libmbedtls12_2.16.11-2_mips_24kc.ipk
182742 libmbedtls12_2.16.12-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 10:54:49 +0000 (11:54 +0100)]
gdb: Update gdb to version 11.2
This is a minor corrective release over GDB 11.1, fixing the following issues:
* PR sim/28302 (gdb fails to build with glibc 2.34)
* PR build/28318 (std::thread support configure check does not use CXX_DIALECT)
* PR gdb/28405 (arm-none-eabi: internal-error: ptid_t remote_target::select_thread_for_ambiguous_stop_reply(const target_waitstatus*): Assertion `first_resumed_thread != nullptr' failed)
* PR tui/28483 ([gdb/tui] breakpoint creation not displayed)
* PR build/28555 (uclibc compile failure since commit
4655f8509fd44e6efabefa373650d9982ff37fd6)
* PR rust/28637 (Rust characters will be encoded using DW_ATE_UTF)
* PR gdb/28758 (GDB 11 doesn't work correctly on binaries with a SHT_RELR (.relr.dyn) section)
* PR gdb/28785 (Support SHT_RELR (.relr.dyn) section)
The sizes of the ipk changed on mips 24Kc like this:
2285775 gdb_11.1-3_mips_24kc.ipk
2287441 gdb_11.2-4_mips_24kc.ipk
191828 gdbserver_11.1-3_mips_24kc.ipk
191811 gdbserver_11.2-4_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 29 Jan 2022 10:55:03 +0000 (11:55 +0100)]
toolchain: gdb: Update to version 11.2
This is a minor corrective release over GDB 11.1, fixing the following issues:
* PR sim/28302 (gdb fails to build with glibc 2.34)
* PR build/28318 (std::thread support configure check does not use CXX_DIALECT)
* PR gdb/28405 (arm-none-eabi: internal-error: ptid_t remote_target::select_thread_for_ambiguous_stop_reply(const target_waitstatus*): Assertion `first_resumed_thread != nullptr' failed)
* PR tui/28483 ([gdb/tui] breakpoint creation not displayed)
* PR build/28555 (uclibc compile failure since commit
4655f8509fd44e6efabefa373650d9982ff37fd6)
* PR rust/28637 (Rust characters will be encoded using DW_ATE_UTF)
* PR gdb/28758 (GDB 11 doesn't work correctly on binaries with a SHT_RELR (.relr.dyn) section)
* PR gdb/28785 (Support SHT_RELR (.relr.dyn) section)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Stijn Tintel [Tue, 1 Feb 2022 19:35:06 +0000 (21:35 +0200)]
Revert "ramips: add support for ipTIME AX2004M"
Commit
f4a79148f8cb ("ramips: add support for ipTIME AX2004M") seems to
leak KERNEL_LOADADDR 0x82000000 to other devices, causing the to no
longer boot. The leak is visible in u-boot:
Using 'config-1' configuration
Trying 'kernel-1' kernel subimage
Description: MIPS OpenWrt Linux-5.10.92
Type: Kernel Image
Compression: lzma compressed
Data Start: 0x840000e4
Data Size:
10750165 Bytes = 10.3 MiB
Architecture: MIPS
OS: Linux
Load Address: 0x82000000
Entry Point: 0x82000000
Normally, it should look like this:
Using 'config-1' configuration
Trying 'kernel-1' kernel subimage
Description: MIPS OpenWrt Linux-5.10.92
Type: Kernel Image
Compression: lzma compressed
Data Start: 0xbfca00e4
Data Size:
2652547 Bytes = 2.5 MiB
Architecture: MIPS
OS: Linux
Load Address: 0x80001000
Entry Point: 0x80001000
Revert the commit to avoid more people soft-bricking their devices.
This reverts commit
f4a79148f8cbb7dfbcddfb0c1128caec45a01596.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Rafał Miłecki [Tue, 1 Feb 2022 09:45:38 +0000 (10:45 +0100)]
bcm4908: backport first 5.18 DTS changes
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Sungbo Eo [Mon, 31 Jan 2022 17:36:11 +0000 (02:36 +0900)]
ath79: convert remaining mtd-mac-address-increment
Commit
d284e6ef0f06 ("treewide: convert mtd-mac-address-increment* to
generic implementation") renamed "mtd-mac-address-increment" property
to "mac-address-increment". Convert remaining usages that have been
added after that.
Fixes: af8a059bb41d ("ath79: add support for GL.iNet GL-XE300")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Mon, 31 Jan 2022 17:35:26 +0000 (02:35 +0900)]
ipq806x: convert remaining mtd-mac-address-increment
Commit
d284e6ef0f06 ("treewide: convert mtd-mac-address-increment* to
generic implementation") renamed "mtd-mac-address-increment" property
to "mac-address-increment". Convert remaining usages that have been
added after that.
Fixes: f44e933458b1 ("ipq806x: provide WiFI mac-addresses from dts")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Mon, 31 Jan 2022 04:21:47 +0000 (13:21 +0900)]
ath79: improve support for Dongwon T&I DW02-412H
* Move &nand node to DTSI
* Utilize nvmem for fetching caldata
* Rename build recipe, clean before build
* Simplify KERNEL definition
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Mon, 31 Jan 2022 17:10:01 +0000 (02:10 +0900)]
linux-firmware: intel: add firmware for AX210
Add the most recent supported firmware file for Intel Wi-Fi 6E AX210
wireless chip. The API version 67 is not yet supported by the driver.
Additional PNVM file is required since API version 62.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Daniel Golle [Mon, 31 Jan 2022 15:00:13 +0000 (15:00 +0000)]
ubox: fix broken deferred start of logfile writer
Just use 'start' action which will have the desired effect instead of
trying to introduce a 'start_file' action which didn't work that way
because procd jshn magic would have to wrap around it.
Fixes: 88baf6ce2c ("ubox: only start log to file when filesystem has been mounted")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 31 Jan 2022 00:45:10 +0000 (00:45 +0000)]
mediatek: mt7623: simplify partition generation
The two options 'emmc' and 'sdmmc' now became identical lines after
introducing CONFIG_TARGET_ROOTFS_PARTSIZE.
Remove the now useless if-clauses.
Fixes: a40b4d335a ("mediatek: use CONFIG_TARGET_ROOTFS_PARTSIZE")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 31 Jan 2022 00:07:32 +0000 (00:07 +0000)]
procd: seccomp/jail: Fix build error on arm with glibc
From: Peter Lundkvist <peter.lundkvist@gmail.com>
This fixes the make_syscall_h.sh script to recognize both
__NR_Linux, used by mips, and __NR_SYSCALL_BASE and
__ARM_NR_BASE used by arm.
Run-tested on arm (ipq806x) and mips (ath79), both with glibc.
Compile-tested and checked resulting syscall_names.h file wuth
glibc: aarch64, powerpc, x86_64, i486
musl: arm, mips
Fixes: FS#4194, FS#4195
Signed-off-by: Peter Lundkvist <peter.lundkvist@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sun, 30 Jan 2022 22:46:44 +0000 (22:46 +0000)]
mediatek: u7623-02: enable early console also in legacy image
Append 'earlycon=uart8250,mmio32,0x11004000' to the boot arguments
embedded in device-tree in order to enable early console on the
UniElec U7623 board when using the vendor/stock bootloader.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Rafał Miłecki [Sun, 30 Jan 2022 23:57:17 +0000 (00:57 +0100)]
bcm4908: backport bcm_sf2 patch for better LED registers support
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Sun, 30 Jan 2022 23:34:01 +0000 (00:34 +0100)]
bcm4908: fixup pinctrl patches for kernel 5.4
Fixes: b0145891676f ("bcm4908: backport BCM4908 pinctrl driver")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Sun, 30 Jan 2022 22:30:16 +0000 (23:30 +0100)]
bcm4908: backport BCM4908 pinctrl driver
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Hans Dedecker [Sun, 30 Jan 2022 21:19:34 +0000 (22:19 +0100)]
glibc: update to 2.34 HEAD
72123e1b56 NEWS: Add a bug entry for BZ #28755
08beb3a3f4 x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755]
b50d5b746c x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755]
1b9cd6a721 NEWS: add bug entry for BZ #28769 and BZ #28770
3438bbca90 Linux: Detect user namespace support in io/tst-getcwd-smallbuff
d084965adc realpath: Avoid overwriting preexisting error (CVE-2021-3998)
472e799a5f getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999)
8c8a71c85f tst-realpath-toolong: Fix hurd build
f7a79879c0 realpath: Set errno to ENAMETOOLONG for result larger than PATH_MAX [BZ #28770]
73c362840c stdlib: Fix formatting of tests list in Makefile
269eb9d930 stdlib: Sort tests in Makefile
062ff490c1 support: Add helpers to create paths longer than PATH_MAX
82b1acd9de powerpc: Fix unrecognized instruction errors with recent binutils
1d401d1fcc x86: use default cache size if it cannot be determined [BZ #28784]
6890b8a3ae CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug 28768)
1081f1d3dd sunrpc: Test case for clnt_create "unix" buffer overflow (bug 22542)
7b5d433fd0 CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" (bug 22542)
5575daae50 socket: Add the __sockaddr_un_set function
03e6e02e6a Disable debuginfod in printer tests [BZ #28757]
705f1e4606 Update syscall lists for Linux 5.16
2fe2af88ab i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bug 28771)
73558ffe84 Update syscall lists for Linux 5.15
e64235ff42 powerpc: Fix unrecognized instruction errors with recent GCC
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Daniel Golle [Sun, 30 Jan 2022 19:39:21 +0000 (19:39 +0000)]
ubox: only start log to file when filesystem has been mounted
If log_file is on an filesystem mounted using /etc/config/fstab we have
to wait for that to happen before starting the logread process.
Inhibit the start of the file-writer process and use a mount trigger to
fire it up once the filesystem actually becomes available.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sun, 30 Jan 2022 19:37:41 +0000 (19:37 +0000)]
procd: support generic mount triggers and clean up
Allow init scripts to trigger free-form actions by exposing
procd_add_action_mount_trigger.
Clean up mount trigger wrappers while at it to reduce code duplication.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Tamas Balogh [Tue, 25 Jan 2022 13:16:37 +0000 (14:16 +0100)]
ath79: ASUS RP-AC66 use flash till the end
This makes available the additional space,
which was occupied by OEM's jffs2 partition before:
"0x000000f80000-0x000001000000 : jffs2"
Reverting to the OEM firmware will also recover
this partition, i.e. it is not needed and can be
used by OpenWrt.
Signed-off-by: Tamas Balogh <tamasbalogh@hotmail.com>
Davide Fioravanti [Sat, 4 Dec 2021 03:15:30 +0000 (04:15 +0100)]
ramips: add support for Wavlink WL-WN535K1
The Wavlink WL-WN535K1 is a "mesh" router with 2 gigabit ethernet ports
and one fast ethernet port. Mine is branded as Talius TAL-WMESH1.
It can be found in kits of 2 or 3 (WL-WN535K2 or WL-WN535K3).
The motherboard is labelled as WS-WN535G3-B-V1.2 so this image could
potentially work for WL-WN535G3R and WS-WN535G3R with little to none
effort, but it's untested.
Hardware
--------
SoC: Mediatek MT7620A
RAM: 64MB
FLASH: 8MB NOR (GigaDevice GD25Q64CS)
ETH:
- 2x 10/100/1000 Mbps Ethernet (RTL8211F)
- 1x 10/100 Mbps Ethernet (integrated in SOC)
WIFI:
- 2.4GHz: 1x (integrated in SOC) (2x2:2)
- 5GHz: 1x MT7612E (2x2:2)
- 4 internal antennas
BTN:
- 1x Reset button
- 1x Touchlink button (set to WPS)
- 1x ON/OFF switch
LEDS:
- 1x Red led (system status)
- 1x Blue led (system status)
- 3x Green leds (ethernet port status/act)
UART:
- 57600-8-N-1
Everything works correctly.
Currently there is no firmware update available. Because of this, in
order to restore the OEM firmware, you must firstly dump the OEM
firmware from your router before you flash the OpenWrt image.
Backup the OEM Firmware
-----------------------
The following steps are to be intended for users having little to none
experience in linux. Obviously there are many ways to backup the OEM
firmware, but probably this is the easiest way for this router.
Procedure tested on WN535K1_V1510_200916 firmware version.
1) Go to http://192.168.10.1/webcmd.shtml
2) Type the following line in the "Command" input box and then press enter:
mkdir /etc_ro/lighttpd/www/dev; dd if=/dev/mtd0ro of=/etc_ro/lighttpd/www/dev/mtd0ro
3) After few seconds in the textarea should appear this output:
16384+0 records in
16384+0 records out
If your output doesn't match mine, stop reading and ask for
help in the forum.
4) Open in another tab http://192.168.10.1/dev/mtd0ro to download the
content of the whole NOR. If the file size is 0 byte, stop reading
and ask for help in the forum.
5) Come back to the http://192.168.10.1/webcmd.shtml webpage and type:
rm /etc_ro/lighttpd/www/dev/mtd0ro;for i in 1 2 3 4 5; do dd if=/dev/mtd${i}ro of=/etc_ro/lighttpd/www/dev/mtd${i}ro; done
6) After few seconds, in the textarea should appear this output:
384+0 records in
384+0 records out
128+0 records in
128+0 records out
128+0 records in
128+0 records out
14720+0 records in
14720+0 records out
1024+0 records in
1024+0 records out
If your output doesn't match mine, stop reading and ask for
help in the forum.
7) Open the following links to download the partitions of the OEM FW:
http://192.168.10.1/dev/mtd1ro
http://192.168.10.1/dev/mtd2ro
http://192.168.10.1/dev/mtd3ro
http://192.168.10.1/dev/mtd4ro
http://192.168.10.1/dev/mtd5ro
If one (or more) of these files are 0 byte, stop reading and ask
for help in the forum.
8) Store these downloaded files in a safe place.
9) Reboot your router to remove any temporary file in ram.
Installation
------------
Flash the initramfs image in the OEM firmware interface
(http://192.168.10.1/update_mesh.shtml).
When Openwrt boots, flash the sysupgrade image otherwise you won't be
able to keep configuration between reboots.
Restore OEM Firmware
--------------------
Flash the "mtd4ro" file you previously backed-up directly from LUCI.
Warning: Remember to not keep settings!
Warning2: Remember to force the flash.
Notes
-----
1) Router mac addresses:
LAN XX:XX:XX:XX:XX:E2 (factory @ 0x28)
WAN XX:XX:XX:XX:XX:E3 (factory @ 0x2e)
WIFI 2G XX:XX:XX:XX:XX:E4 (factory @ 0x04)
WIFI 5G XX:XX:XX:XX:XX:E5 (factory @ 0x8004)
LABEL XX:XX:XX:XX:XX:E5
2) The OEM firmware upgrade page accepts only files containing the
string "WN535K1" in the filename.
3) Additional notes 1,2,3 in the WS-WN583A6 commit are still valid
(https://github.com/openwrt/openwrt/commit/
92780d80ab6f5f03fac2407c06eb267dd83914a1)
Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
[remove trailing whitespace]
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Paul Spooren [Thu, 27 Jan 2022 09:25:19 +0000 (10:25 +0100)]
CI: add formal checks
The formal checks verify the following things:
- Commits does not contain any merge commits
- Signed by a real name
- Commit titles starts with an `<area>:`
- Author name matches signed of name
- Commit message is not empty
Signed-off-by: Paul Spooren <mail@aparcar.org>
Sungbo Eo [Sat, 29 Jan 2022 14:25:32 +0000 (23:25 +0900)]
ramips: add support for ipTIME AX2004M
ipTIME AX2004M is an 802.11ax (Wi-Fi 6) router, based on MediaTek
MT7621A.
Specification:
* SoC: MT7621A
* RAM: 256 MiB
* Flash: NAND 128 MiB
* Wi-Fi:
* MT7915D: 2.4/5 GHz (DBDC)
* Ethernet: 5x 1GbE
* Switch: SoC built-in
* USB: 1x 3.0
* UART: J4 (115200 baud)
* Pinout: [3V3] (TXD) (RXD) (GND)
MAC address:
| interface | MAC | source | comment
|-----------|-------------------|----------------|---------
| LAN | 58:XX:XX:00:XX:9B | | [1]
| WAN | 58:XX:XX:00:XX:99 | |
| WLAN 2G | 58:XX:XX:00:XX:98 | factory 0x4 |
| WLAN 5G | 5A:XX:XX:40:XX:98 | |
| | | |
| | 58:XX:XX:00:XX:98 | config ethaddr |
[1] Used in this patch as WLAN 5G MAC address with the local bit set
Load address:
* stock
* 0x80010000: FIT image
* 0x81001000: kernel image -> entry
* OpenWrt
* 0x80010000: FIT image
* 0x82000000: uncompressed kernel+relocate image
* 0x80001000: relocated kernel image -> entry
Installation via **recovery** mode:
1. Press reset button, power up the device, wait >10s for CPU LED
to stop blinking.
2. Upload recovery image through the recovery web page at 192.168.0.1.
Revert to stock firmware:
1. Install stock image via recovery mode.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Sat, 29 Jan 2022 14:24:07 +0000 (23:24 +0900)]
ramips: make the relocation address configurable
If no argument is given to relocate-kernel, KERNEL_LOADADDR will be used
just as before.
This is a preparation for ramips support of ipTIME AX2004M.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Sat, 1 Jan 2022 14:47:43 +0000 (23:47 +0900)]
mvebu: add support for ipTIME NAS1dual
ipTIME NAS1dual is a 1-bay NAS, based on Marvell Armada 385 SoC.
Specifications:
* SoC:
88F6820
* RAM: 2 GiB
* Flash: SPI NOR 64 MiB
* SATA: 1x 3Gb/s
* Ethernet: 2x 1GbE
* USB: 1x 3.0
* Fan: 2 speed level
* UART: J11 (115200 8N1)
* Pinout: [3V3] (TXD) (RXD) (GND)
Installation via web interface:
1. Flash **initramfs** image through the stock web interface.
2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Revert to stock firmware:
1. Perform sysupgrade with stock image.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Sat, 1 Jan 2022 13:00:56 +0000 (22:00 +0900)]
mvebu: remove duplicate CONFIG_POWER_RESET entries
The option is already enabled in the target config since
9149ed4f05f8
("mvebu: cortexa9: Add support for Ctera C200-V2").
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Sat, 1 Jan 2022 12:57:47 +0000 (21:57 +0900)]
kernel: add disabled POWER_RESET_QNAP
Move the disabled symbol from target configs to generic configs.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Sat, 1 Jan 2022 12:00:36 +0000 (21:00 +0900)]
kirkwood: add support for ipTIME NAS1
ipTIME NAS1 is a 1-bay NAS, based on Marvell Kirkwood SoC.
Specifications:
* SoC:
88F6281
* RAM: 256 MiB
* Flash: SPI NOR 16 MiB
* SATA: 1x 3Gb/s
* Ethernet: 1x 1GbE
* USB: 1x 2.0
* Fan: 2 speed level
* UART: JP1 (115200 8N1)
* Pinout: [3V3] (TXD) (RXD) (GND)
Notes:
* There are several variants of the model name: "NAS-I", "NASI", "NAS1".
Here "NAS1" is adopted for consistent naming scheme.
* The reset button is also a USB copy button in stock FW,
but in this patch the former is the only default behavior.
Installation via web interface:
1. Flash sysupgrade image through the stock web interface.
Revert to stock firmware:
1. Perform sysupgrade with stock image.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Sat, 22 Jan 2022 11:30:05 +0000 (20:30 +0900)]
kirkwood: rework 02_network
Just like other targets do, introduce two setup functions for interfaces
and MAC addresses.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Sat, 1 Jan 2022 09:46:39 +0000 (18:46 +0900)]
kirkwood: drop kernel 5.4 support
It has been 3 months since we switched this target to 5.10, now we can
remove the 5.4 files.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Tue, 4 Jan 2022 15:36:13 +0000 (00:36 +0900)]
kernel: move bootargs-append patch to generic
This moves bootargs-append support patch from ipq40xx and ipq806x to
generic. This way we can append additional boot arguments from DTS instead
of only being able to overwrite them.
This is a preparation for kirkwood support of ipTIME NAS1.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Sat, 29 Jan 2022 14:49:39 +0000 (23:49 +0900)]
firmware-utils: bump to git HEAD
0c15cad iptime-naspkg: add image header tool for ipTIME NAS series
872c87c iptime-crc32: add image header tool for new ipTIME models
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Roman Azarenko [Tue, 25 Jan 2022 17:16:30 +0000 (18:16 +0100)]
util-linux: add lslocks
This change adds the "lslocks" utility from util-linux.
Signed-off-by: Roman Azarenko <roman.azarenko@iopsys.eu>
John Audia [Thu, 27 Jan 2022 10:44:38 +0000 (05:44 -0500)]
kernel: bump 5.4 to 5.4.174
Removed upstreamed patches:
layerscape/patches-5.4/302-dts-0083-arm64-ls1028a-qds-correct-bus-of-rtc.patch[1]
All other patches automatically rebased.
1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.4.174&id=
65816c1034769e714edb70f59a33bc5472d9e55f
Build system: x86_64
Build-tested: ramips/mt7621
Signed-off-by: John Audia <graysky@archlinux.us>
John Audia [Thu, 20 Jan 2022 21:41:22 +0000 (16:41 -0500)]
kernel: bump 5.4 to 5.4.173
All patches automatically rebased.
Signed-off-by: John Audia <graysky@archlinux.us>
Etienne Champetier [Mon, 24 Jan 2022 22:30:43 +0000 (17:30 -0500)]
netfilter.mk: add conntrack support to nft bridge
This allows to implement statefull bridge filtering
As the uncompressed size is only 7.6k (arm64), just add
nf_conntrack_bridge.ko to kmod-nft-bridge package
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Hauke Mehrtens [Sun, 23 Jan 2022 16:04:26 +0000 (17:04 +0100)]
octeontx: Refresh kernel configuration
Refresh the kernel configuration.
No manual changes done.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 23 Jan 2022 16:02:04 +0000 (17:02 +0100)]
kernel: Add CONFIG_CRYPTO_DEV_OCTEONTX_CPT kernel config option
This new kernel configuration option is available when building the
octeontx target.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 23 Jan 2022 00:48:28 +0000 (01:48 +0100)]
kernel: Fix compile warning
This fixes the following compile warning:
CC init/do_mounts.o
init/do_mounts.c:478:19: warning: 'mount_ubi_rootfs' defined but not used [-Wunused-function]
478 | static int __init mount_ubi_rootfs(void)
| ^~~~~~~~~~~~~~~~
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 22 Jan 2022 18:57:49 +0000 (19:57 +0100)]
arc770: Remove arc770 target
The arc700 target is not booting up since some time, see here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/issues/400
It looks like there is a problem in the toolchain when using glibc.
Currently no one is working on fixing this problem, remove the target
instead. This target also does not have many users we are aware of.
If someone wants to have this target back, feel free to add a fixed
version of this target again.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Jo-Philipp Wich [Fri, 28 Jan 2022 10:14:01 +0000 (11:14 +0100)]
firewall4: update to latest Git HEAD
16a1070 fw4.uc: handle zone masq6 option
5f61dbf ruleset: fix chain selection for mark and dscp targets
0bc844b ruleset: properly deal with wildcards in zone device selectors
101988d fw4: fix family comparisons
127dbc0 ruleset: emit AF specific rules for DSCP matches
d63cb89 fw4: fix parsing inverted numeric DSCP values
8c8a867 fw4: fix wrong `parse_network()` return value on `parse_subnet()` failure
f85bb2d ruleset: consolidate zone matches for raw_prerouting and raw_output chains
5669bc7 fw4: consolidate device grouping logic
94f03e0 ruleset: properly render redirect targets without port
fff9779 fw4: fix family selection logic for redirect rules
ca88fcd tests: update interface dump mock data
e60bb4b ruleset: support non-contiguous address masks
8fec51a fw4: fix potential crashes when parsing invalid redirect sections
c08eb44 fw4: fix redirect destination zone resolving
0df6ba0 fw4: fix address selection logic for DNAT reflection rules
60a2518 tests: add test coverage for redirect rules
e479eff fw4: add RFC-8622 'Least Effort' (LE) DSCP mark
ac8a737 ruleset: remove redundant syn check
bd5dc4b tests: run testcases in strict mode
3ee6a5c ruleset: fix undeclared variable access uncovered by strict mode
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Jo-Philipp Wich [Mon, 1 Nov 2021 18:27:00 +0000 (19:27 +0100)]
ucode: update to latest Git HEAD
c6dae42 LICENSE: add ISC license file
402f603 lib: introduce struct library
dcb6ffd struct: fix PowerPC specific compiler pragma name
a0512ea treewide: fix typo in exported function names and types
eaaaf88 nl80211: fix wiphy dump reply merge logic
e6efadb fs: add utility functions
54ef6c0 nl80211: fix premature netlink reply receive abort
07802f3 syntax: disallow keywords in object property shorthand notation
3489b75 vm: support object property access on resource value types
dc8027c types: consider resource prototypes when marking reachable objects
5680fab treewide: fix upvalue reference type name
0d29b25 treewide: fix "resource" misspellings
99fdafd vm: introduce value registry
66f7c00 ubus: add support for async requests
5c77dd5 fs: implement fdopen(), file.fileno() and proc.fileno()
b605dbf treewide: rework numeric value handling
599d233 vallist: store double values in a platform neutral manner
5bb9ab7 struct: reuse double packing routines from core
2fd7ab5 vm: optimize string concatenation
eafa321 lib: implement uniq() function
6b2e79a types: add initial infrastructure for function serialization
725bb75 compiler, vm: use a program wide constant list
6c2caf9 source: refactor source file handling
371ba45 program: implement support for precompiling source files
3578afe build: support building without compile capabilities
61d0a34 lib: replace usages of vasprintf() with xvasprintf()
03b6a8e syntax: drop legacy syntax support
01132db lib: fix %J string formats with precision specifier
3f44c42 lib: rework format string handling
a1b3c5d struct: implement `*` format, fix invalid memory accesses
34a04a2 run_tests.sh: fix exitcode evaluation
abe38e7 run_tests.sh: add ability to define environment variables for testcases
04fa2ba tests: reorganize testcase files
6a55d10 lib: fix exists() error return value
aa860a3 vm: fix `null` loose equality/inequality checks
3f6d199 vallist: uc_number_parse(): parse empty strings as `0`, not `NaN`
ddc5aa7 vm: fix NaN strict equality tests
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Stijn Tintel [Fri, 28 Jan 2022 16:56:34 +0000 (18:56 +0200)]
ramips: enable I2C_CHARDEV in mt7621/config-5.10
I2C_CHARDEV used to be enabled in mt7621/config-5.4. Enable it in the
5.10 config, as it's required for PoE control on Unifi Switch Flex.
Fixes: b4aad29a1d7a ("ramips: add support for kernel 5.10")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Chuanhong Guo [Fri, 28 Jan 2022 11:46:51 +0000 (19:46 +0800)]
kernel: 5.10: drop broken-flash-reset patch
Flash accessing instruction templates are determined during probe since
v5.6 for spimem-dirmap support in spi-nor driver in upstream commit:
df5c21002cf4 ("mtd: spi-nor: use spi-mem dirmap API")
As a result, changing bus_width on the fly doesn't work anymore and this
patch will cause executing spi-mem ops with 3-byte address on 16-32M
flash area.
We can't easily revert that behavioral change upstream so drop the patch
to prevent u-boot and eeprom from being erased.
Fixes: b10d604459("kernel: add linux 5.10 support")
Reported-by: Frank Di Matteo <dimatto@foxmail.com>
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
Daniel Golle [Fri, 28 Jan 2022 12:58:45 +0000 (12:58 +0000)]
firmware-utils: update to git HEAD of 2022-01-28
6c95945 ptgen: add Chromium OS kernel partition support
8e7274e cros-vbutil: add Chrome OS vboot kernel-signing utility
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Florian Fainelli [Sat, 8 Jan 2022 16:45:29 +0000 (08:45 -0800)]
perf: Depend on libbfd and libopcodes when enabled
bpftool will enabled libbfd and libopcodes which gets picked up by perf
as libraries to link against. Add those missing dependencies when either
of these packages are enabled.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Felix Fietkau [Thu, 27 Jan 2022 12:25:39 +0000 (13:25 +0100)]
tools: build bash on macOS and use it for ipkg-build
On macOS, system binaries silently drop the environment variables for injecting
extra shared libraries (used by fakeroot). This is done for security reasons.
Work around this by building bash from source, so that it gets an ad-hoc signature
and does not have these restrictions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Thu, 27 Jan 2022 12:21:04 +0000 (13:21 +0100)]
tools/coreutils: build chown
On ARM macOS, injecting extra shared libraries does not work for system
binaries. This causes fakeroot to fail for chown calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Thu, 27 Jan 2022 12:20:15 +0000 (13:20 +0100)]
tools/fakeroot: fix unresolved symbols on arm64 macOS
The $INODE64 symbol variants are not present, since the base system
always uses 64-bit file offsets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 26 Jan 2022 12:52:07 +0000 (13:52 +0100)]
sdk: ship llvm toolchain
This allows ebpf packages like qosify to be built with it
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Tiago Gaspar [Sun, 23 Jan 2022 00:44:01 +0000 (00:44 +0000)]
netfilter: correct some dependencies
nf-nathelper-extra and nf-conntrack-netlink had iptables related
dependencies, yet, when looking for the respective kernel symbols and
checking it's dependencies it was confirmed that iptables wasn't
required and that these were either it's own moodule or tool independent
(nftables or iptables).
Correct these and make sure no unneeded extras are pulled in.
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
David Bauer [Tue, 25 Jan 2022 20:46:54 +0000 (21:46 +0100)]
rockchip: disable UHS modes for NanoPi R4S
The NanoPi R4S leaves the SD card in 1.8V signalling when rebooting
while U-Boot requires the card to be in 3.3V mode.
Remove UHS support from the SD controller so the card remains in 3.3V
mode. This reduces transfer speeds but ensures a reboot whether from
userspace or following a kernel panic is always working.
Signed-off-by: David Bauer <mail@david-bauer.net>
Paul Spooren [Tue, 25 Jan 2022 09:53:20 +0000 (10:53 +0100)]
meta: create FUNDING.yml
By adding this file a badge should appear in the GitHub web interface to
motivate people donate money to the OpenWrt project.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Daniel Golle [Tue, 25 Jan 2022 00:05:43 +0000 (00:05 +0000)]
mediatek: mt7623: include regular AHCI PCI driver
The legacy image for the UniElec U7623-02 until now included
kmod-ata-ahci-mtk. The MT7623 chip doesn't have that IP and that
board uses a PCIe-connected AHCI controller for the SATA port and
mSATA-pins of the mPCIe socket. Hence include kmod-ata-ahci instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Felix Fietkau [Mon, 24 Jan 2022 12:28:36 +0000 (13:28 +0100)]
scripts/feeds: install targets to target/linux/feeds and support overriding
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Mon, 24 Jan 2022 12:16:00 +0000 (13:16 +0100)]
scripts/feeds: fix installing targets without explicitly specifying the feed
Add similar code to what is done on packages
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Mon, 24 Jan 2022 10:23:57 +0000 (11:23 +0100)]
build: increase scan depth for finding targets
This allows targets to be put into target/linux/feeds
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Mon, 24 Jan 2022 10:22:31 +0000 (11:22 +0100)]
build: change PYTHON to python3
On recent macOS, /usr/bin/python3 is a wrapper that finds the right python executable
It checks argv[0] to determine if python2 or python3 should be called. Always execute
it as python3 to ensure it calls the right version
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Robert Marko [Tue, 19 Oct 2021 18:27:37 +0000 (20:27 +0200)]
ipq40xx: drop 5.4 kernel
Since 5.10 is now default, no point in keeping
5.4 around.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Daniel Golle [Tue, 11 Jan 2022 21:26:43 +0000 (21:26 +0000)]
uboot-mediatek: update to version 2022.01
Tested on BananaPi R2 (SD, eMMC), BananaPi R64 (SD, eMMC, SPI-NAND) and
UniElec U7623-02 (eMMC).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 11 Jan 2022 12:58:50 +0000 (12:58 +0000)]
mediatek: store random MAC address in U-Boot env on first boot
For devboards without a MAC address assigned from factory, store
the random MAC in U-Boot env on first boot to make it persistent.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 10 Jan 2022 17:09:27 +0000 (17:09 +0000)]
uboot-envtools: add configuration for UniElec U7623 board
Add U-Boot env settings to allow accessing the environment using
fw_printenv and fw_setenv tools on the UniElec U7623 board.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Fri, 20 Aug 2021 20:11:32 +0000 (21:11 +0100)]
mediatek: mt7623: rework images for U7623-02 board
Users of older OpenWrt versions need sysupgrade using the *emmc.img.gz
file once which will upgrade U-Boot and switch to the new image layout.
Users of the vendor firmware need to first flash the legacy image to
then sunsequently carry out a full-flash upgrade.
Alternatively the board can also be flashed using MediaTek's
proprietary SP Flash Tool.
Configuration as well as persistent MAC address will be lost once at
this point and you will have to redo (or restore) all configuration
manually. To restore the previous persistent MAC address users may set
it manually using
fw_setenv ethaddr 00:11:22:33:44:55
For future upgrades once running OpenWrt past this commit, the usual
*sysupgrade.itb file can be used.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Fri, 20 Aug 2021 20:12:28 +0000 (21:12 +0100)]
uboot-mediatek: update build for the U7623-02 board
Brings bootmenu and production/recovery dual-boot scheme like on
the BPi-R2, BPi-R64, E8450 and UniFi 6 LR.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 10 Jan 2022 17:05:26 +0000 (17:05 +0000)]
mediatek: add common DTS aliases for UniElec U7623 board
* Use serial0 instead of serial2 for the only serial port
* Add LED aliases
* Add ethernet0 alias to inherit ethaddr from U-Boot env
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sat, 22 Jan 2022 00:26:52 +0000 (00:26 +0000)]
uml: make use of 'rootfs-part' feature
Use 'rootfs-part' feature instead of referencing the TARGET_uml in
Config-images.in.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sat, 22 Jan 2022 00:25:52 +0000 (00:25 +0000)]
sunxi: make use of 'rootfs-part' feature
Use 'rootfs-part' feature instead of referencing the TARGET_sunxi in
Config-images.in.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sat, 22 Jan 2022 00:24:02 +0000 (00:24 +0000)]
omap: make use of 'rootfs-part' feature
Use 'rootfs-part' feature instead of referencing the TARGET_omap in
Config-images.in.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sat, 22 Jan 2022 00:20:53 +0000 (00:20 +0000)]
mediatek: use CONFIG_TARGET_ROOTFS_PARTSIZE
Enable 'rootfs-part' feature to make the size of the partition of the
production image configurable instead of hard-coding it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hans Dedecker [Sun, 23 Jan 2022 17:52:53 +0000 (18:52 +0100)]
netifd: update to git HEAD
ed71876 iprule: add support for uidrange
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Jo-Philipp Wich [Sat, 22 Jan 2022 23:51:11 +0000 (00:51 +0100)]
ucode: add temporary fix for integer formatting on 32bit systems
The ucode VM always passes 64bit integer values to sprintf implementation
while the `%d` format expects 32bit integers on 32bit platforms, leading
to incorrect formatting results.
Temporarily solve the issue by casting the numeric argument to int until
a more thorough fix arrives with the next update.
Fixes: FS#4234
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Victorien Molle [Fri, 20 Aug 2021 19:41:19 +0000 (21:41 +0200)]
ath79: add support for GL.iNet GL-XE300
The GL.iNet GL-XE300 is a 4G LTE Wireless router, based on QCA9531 SoC.
Specifications:
- SoC: QCA9531 (650MHz)
- RAM: DDR2 128M
- Flash: SPI NOR 16M + SPI NAND 128M
- WiFi: 2.4GHz with 2 antennas
- Ethernet:
- 1x LAN (10/100M)
- 1x WAN (10/100M)
- LTE:
- USB: 1x USB 2.0 port
- UART:
- 3.3V, TX, RX, GND / 115200 8N1
MAC addresses as verified by OEM firmware:
use address source
LAN *:c5 art 0x0 (label)
WAN *:c6 label + 1
WLAN *:c7 art 0x1002
Installation via U-Boot rescue:
1. Press and hold reset and power buttons simultaneously
2. Wait for the LAN led to blink 5 times
3. Release reset and power buttons
4. The rescue page is accessible via http://192.168.1.1
5. Select the OpenWrt factory image and start upgrade
6. Wait for the router to flash new firmware and reboot
Revert to stock firmware:
i. Download the stock firmware from GL.Inet website
ii. Use the same method explained above to flash the stock firmware
Signed-off-by: Victorien Molle <victorien.molle@wifirst.fr>
[update commit message]
Signed-off-by: David Bauer <mail@david-bauer.net>
Rodrigo Araujo [Tue, 18 Jan 2022 14:43:28 +0000 (14:43 +0000)]
ramips: correct vendor name for COMFAST/Joowin
When Joowin WR758AC V1 and V2 devices were added, they should have been
added with the primary manufacturer name which is COMFAST, since Joowin
is just an alternate vendor name on some coutries or stores.
Fix this by changing the the vendor name on the respective files and set
Joowin as ALT0 variants while ensuring compatibility for early users.
Also adjust the model names to better follow the naming rules.
As a side effect, fix mt76x8 network script which was left incorrectly
unsorted on the case block conditions.
Fixes: 766733e172 ("ramips: add support for Joowin WR758AC V1 and V2")
Signed-off-by: Rodrigo Araujo <araujo.rm@gmail.com>
David Bauer [Wed, 19 Jan 2022 21:58:17 +0000 (22:58 +0100)]
ramips: read Tenbay T-MB5EU address from single location
Currently the WAN MAC address is read from a different offset contrary
to all other addresses.
There's conflicting information whether offset 0x28 on the factory
partition contains the valid WAN mac for all devices while 0x4 seems to
be uniform.
Read the WAN mac from this location and calculate it.
Signed-off-by: David Bauer <mail@david-bauer.net>