Christian Marangi [Sun, 12 Nov 2023 13:10:23 +0000 (14:10 +0100)]
iptables: backport patch fixing bug with string module
Backport patch fixing critical bug with string module merged upstream.
Fixes: #13812
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Rosen Penev [Thu, 9 Nov 2023 18:53:02 +0000 (10:53 -0800)]
prereq-build: add Python 3.12 support
Fixes build on Fedora 39.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hannu Nyman [Sat, 11 Nov 2023 17:03:57 +0000 (19:03 +0200)]
ath10k-ct: Restore functionality after switch to 6.4 version
Adjust our local ath10k-ct patches to the change
from the -ct 6.2 version to 6.4.
This restores e.g. the LED functionality.
Fixes: 7d3651f1b9b ("ath10k-ct: switch to 6.4")
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Christian Marangi [Sat, 11 Nov 2023 17:34:27 +0000 (18:34 +0100)]
qca-ssdk: fix unsupported scenario with PORT1 not declared in switch bmp
Commit
947b44d9ae17 ("ipq807x: fix wrong define for LAN and WAN ess mask")
started fixing wrong switch_lan_bmp that defined lan there weren't
actually present. This displayed a fragility in the malibu phy init code
in qca-ssdk.
Add patch to fix this.
Quoting the patch detailed description:
I'm very confused by this and to me it's not clear the real usage of
this logic.
From what I can see the usage of this is EXTREMELY FRAGILE and results
in dangerous results if the OEM (or anyone that by chance try to
implement things in a logical manner) deviates from the default values
from the "magical template".
To be in more details. With QSDK 12.4, some tweaks were done to improve
autoneg and now on every call of port status, the phydev is tried to
add. This resulted in the call and log spam of an error with ports that
are actually not present on the system with qsdk reporting phydev is
NULL. This itself is not an error and printing the error is correct.
What is actually an error from ages is setting generic bitmap reporting
presence of port that are actually not present. This is very common on
OEM where the switch_lan_bmp is always a variant of 0x1e (that on bitmap
results in PORT1 PORT2 PORT3 PORT4 present) or 0x3e (PORT1 PORT2 PORT3
PORT4 PORT5). Reality is that many device are used as AP with one LAN
port or one WAN port. (or even exotic configuration with PORT1 not
present and PORT2 PORT3 PORT4 present (Xiaomi 3600)
With this finding one can say... ok nice, then lets update the DT and
set the correct bitmap...
Again world is a bad place and reality is that this cause wonderful
regression in some case of by extreme luck the first ever connected
port working and the rest of the switch dead.
The problem has been bisected to all the device that doesn't have the
PORT1 declared in any of the bitmap.
With this perfection in mind, on to the REAL problem.
malibu_phy_hw_init FOR SOME REASON, set a global variable first_phy_addr
to the first detected PHY addr that coincidentally is always PORT1.
PORT1 addr is 0x0. The entire code in malibu_phy use this variable to
derive the phy addrs in some function.
Declaring a bitmap where the PORT1 is missing (or worse PORT4 the only
one connected) result in first_phy_addr set to 1 or whatever phy addr is
detected first setting wrong value all over the init stage.
To fix this, just drop this variable and hardcode everything to assume
the first phy adrr is ALWAYS 0 and remove calculation and use define for
special case.
With the following change normal switch traffic is restored and ports
function is recovered.
Fixes: #13945
Fixes: 947b44d9ae17 ("ipq807x: fix wrong define for LAN and WAN ess mask")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Sat, 11 Nov 2023 22:38:30 +0000 (23:38 +0100)]
netifd: update to Git HEAD (2023-11-11)
c739dee0a37b system-linux: refresh MAC address on DSA port conduit change
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Petr Štetiar [Fri, 10 Nov 2023 21:42:34 +0000 (21:42 +0000)]
debugcc: add licensing information
Information about package license is important, so lets add it.
Fixes: 79ee0d2ceead ("debugcc: add new package to debug IPQ based SoC clocks")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Christian Marangi [Fri, 10 Nov 2023 20:14:29 +0000 (21:14 +0100)]
debugcc: add new package to debug IPQ based SoC clocks
Add new package to debug IPQ clocks using debug regs and hardware
oscillator.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Robert Marko [Wed, 8 Nov 2023 22:09:44 +0000 (23:09 +0100)]
dtc: add option for a static build
I find myself manually compiling dtc as a staticly linked binary rather
often while porting a new device to OpenWrt as dtc is rarely included in
various vendor modifications of OpenWrt.
So, since dtc offers a convenient meson option to build it as staticaly
linked binary, lets make it a compile time option.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Christian Marangi [Fri, 10 Nov 2023 17:38:34 +0000 (18:38 +0100)]
ipq807x: fix wrong define for LAN and WAN ess mask
switch_lan_bmp and switch_wan_bmp have wrong values and now cause
problems with the new version of the qca-ssdk.
Fix the wrong entry and drop the redundant switch_cpu_bmp.
Also introduce some convenient define to better understand values in
this map.
Fixes: eea264feadcf ("kernel: qca-ssdk: update to 12.4")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Tested-by: Robert Marko <robimarko@gmail.com> # Dynalink AX3600 and Qnap 301W
Reviewed by: Robert Marko <robimarko@gmail.com>
Nick Hainke [Fri, 10 Nov 2023 08:01:56 +0000 (09:01 +0100)]
wolfssl: update to 5.6.4
Releae Notes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.4-stable
Remove upstreamed patch:
- 001-fix-detection-of-cut-tool-in-configure.ac.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
John Audia [Wed, 8 Nov 2023 19:38:58 +0000 (14:38 -0500)]
kernel: bump 6.1 to 6.1.62
Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.62
All patches automatically rebased.
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
John Audia [Wed, 8 Nov 2023 20:50:55 +0000 (15:50 -0500)]
kernel: bump 5.15 to 5.15.138
Changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.138
Removed upstreamed:
generic/backport-5.15/819-v6.6-0018-nvmem-imx-correct-nregs-for-i.MX6SLL.patch[1]
generic/backport-5.15/819-v6.6-0019-nvmem-imx-correct-nregs-for-i.MX6UL.patch[2]
generic/backport-5.15/819-v6.6-0020-nvmem-imx-correct-nregs-for-i.MX6ULL.patch[3]
All other patches automatically rebased.
1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.138&id=
6e22bf6f00d593b0a7e0b2f418fde89317424671
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.138&id=
6efd498009b987a92f57f3bdae476f0503364fb7
3. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.138&id=
6e22bf6f00d593b0a7e0b2f418fde89317424671
Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3
Signed-off-by: John Audia <therealgraysky@proton.me>
Felix Fietkau [Fri, 10 Nov 2023 14:37:32 +0000 (15:37 +0100)]
netifd: update to the latest version
eee02ccca8c8 device: add support to configure eee
bb28f6a291d9 wireless: fix sign comparison warning
35facc8306f5 wireless: fix premature removal of hotplug devices due to down state
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Christian Marangi [Fri, 10 Nov 2023 12:20:31 +0000 (13:20 +0100)]
ipq-wifi: update to Git HEAD (2023-11-10)
0c2e810e71ed qcn9074: fix prpl Foundation Haze BDF for old mac80211 version
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Thu, 9 Nov 2023 14:29:39 +0000 (15:29 +0100)]
ipq806x: setup DSA port conduit in board.d
Now that netifd and uci-defaults.sh supports a way to setup DSA port
conduit without using iproute2 tool, set DSA port conduit directly in
board.d, that will fill board.d and will instruct netifd to setup the
port.
Drop special init.d qca8k_set_port script and ip-tiny from target dep as
they are not required anymore.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Thu, 9 Nov 2023 14:18:39 +0000 (15:18 +0100)]
base-files: add additional uci-defaults function for GRO and conduit
Add additional uci-defaults function for configuring GRO settings and
conduit for network devices.
Tweaking the GRO values might increase performance on some low spec
device that lack some offload feature on gmac.
Tweaking conduit interface is specific to DSA based devices and is
useful for multi-CPU scenario where one CPU is dedicated to one single
port.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Thu, 9 Nov 2023 14:11:50 +0000 (15:11 +0100)]
base-files: generalize ucidef_set_network_device
Generalize ucidef_set_network_device functions to use a more generic
_ucidef_set_network_device_common that takes as args the option and the
value to apply instead of hardcoding.
This is to reduce duplicated code in preparation for addition of
additional option for board.d usage.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Thu, 9 Nov 2023 14:10:03 +0000 (15:10 +0100)]
netifd: update to Git HEAD (2023-11-09)
841b05fbb91e system-linux: fix compilation error if IFLA_DSA_MASTER is not supported
5c9ecc1ff74f system-linux: make system_if_get_master_ifindex static
2dc7f450f3a2 system-linux: add option to configure DSA conduit device
838f815db5ef system-linux: add support for configurable GRO option
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Hannu Nyman [Tue, 7 Nov 2023 18:55:58 +0000 (20:55 +0200)]
gdb: Update to 13.2
Update the devel/gdb package to version 13.2
* Remove the upstreamed patch 001-Add-support-for-readline-8.2.patch
* Adjust 130-gdb-ctrl-c.patch to upstream changes
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Hannu Nyman [Tue, 7 Nov 2023 18:54:51 +0000 (20:54 +0200)]
toolchain/gdb: update to 13.2
Update the toolchain gdb to version 13.2.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Rafał Miłecki [Tue, 7 Nov 2023 22:25:52 +0000 (23:25 +0100)]
kernel: provide better control & help for SLUB configuration
Allow selecting KERNEL_SLUB_DEBUG and KERNEL_SLUB_DEBUG_ON manually and
provide detailed help for both.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Tue, 7 Nov 2023 12:54:14 +0000 (13:54 +0100)]
treewide: disable CONFIG_SLUB_DEBUG in target configs
From the symbol help message:
> SLUB has extensive debug support features. Disabling these can result
> in significant savings in code size.
There seems to be no need to enable those debugging features for
standard use.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Isaev Ruslan [Thu, 2 Nov 2023 03:08:53 +0000 (06:08 +0300)]
ipq807x: add support for Yuncore AX880
SPECIFICATION:
- Chipset: IPQ8072A +QCN5054+QCN5024+QCA8081*2
- Flash NOR-8MB AND NAND-128MB
- RAM 1Gb DDR
- IEEE 802.11: 802.11ax/ac/b/g/n
- 4*4 2.4G Wi-Fi standard 802.11b/g/n/ax
- 4*4 5.8G Wi-Fi Standard 802.11 a/n/ac/ax
- 2x 1 Gbps Ethernet (QCA8081) with 802.3at PoE input support
- 1x Reset
- 1x Bluetooth(optional)
- 1x DC Port 12V 3A
- 4x Antenna IPEX Connector, 3dBi omni antennas
- Data Rate: 3657Mbps ( 2.4G: 1182Mbps (11ax 4x4); 5.8G: 2475Mbps (11ax 4x4))
- RF Power: 2.4g ≤ 20dBm; 5.8g ≤ 19dBm
- LED light: Sys; 5.8G wifi; 2.4G wifi; WAN; LAN
- Max Power Consumption: ≤ 22W
- Size: 198mm * 198mm * 41.02mm
BACKUP YOUR STOCK FIRMWARE:
```
export device=ax880
mkdir -p /tmp/fw_dump_$device
cd /tmp/fw_dump_$device
dmesg > dmesg_$device.log
dtc -I fs /sys/firmware/devicetree/base > $device.dts
cat /proc/device-tree/model > model
cat /proc/mtd > proc_mtd
while read p; do
mtd_dev=$(echo $p | cut -d: -f1)
echo $mtd_dev
dd if=/dev/$mtd_dev of=$mtd_dev
done < proc_mtd
md5sum * > md5sum.log
tar -cvzf ../$device.tar.gz .
export sum=$(md5sum /tmp/$device.tar.gz | cut -d' ' -f1)
mv ../$device.tar.gz /tmp/${device}_${sum}.tar.gz
echo fw backup saved to: /tmp/${device}_${sum}.tar.gz
```
Upload your backup via tftp to the safe place.
INSTALLATION:
1. stock firmware web ui
Rename factory.bin fw image file to factory.ubin. Flash this image
like ordinary stock fw upgrade.
2. stock firmware telnet method
Enter telnet cli (login: root, password: 476t*_f0%g09y) and upload
factory.bin fw image and rename it to factory.ubin
`cd /tmp && wget <your_web_server_ip>/factory.ubin`
`sysupgrade factory.ubin
3. initramfs method
Put openwrt-ipq807x-generic-yuncore_ax880-initramfs-uImage.itb to your
TFTP server and rename it to ax880.initram
Enable serial console and enter to the u-boot cli.
Exec these commands:
`tftpboot <your_tftp_server_ip>:ax880.initram`
`dhcp`
When downloading is finished:
`bootm`
After booting the device, you need to upload to the device factory.ubi fw image.
```
cd /tmp && wget <your_web_server_ip>/factory.ubi`
export rootfs=$(cat /proc/mtd | grep rootfs | cut -d: -f1)
export rootfs_1=$(cat /proc/mtd | grep rootfs_1 | cut -d: -f1)
ubiformat /dev/${rootfs} -y -f factory.ubi
ubiformat /dev/${rootfs_1} -y -f factory.ubi
reboot
```
4. u-boot factory.ubi image method
Put openwrt-ipq807x-generic-yuncore_ax880-squashfs-factory.ubi to your
TFTP server and rename it to ax880.ubi
Enter u-boot cli and exec these commands:
`tftpboot <your_tftp_server_ip>:ax880.ubi`
`dhcp`
After downloading is finished:
`flash rootfs`
`flash rootfs_1`
`reset`
5. u-boot factory.bin method
Put openwrt-ipq807x-generic-yuncore_ax880-squashfs-factory.bin to your
TFTP server and rename it to ax880.bin
Enter u-boot cli and exec these commands:
`tftpboot <your_tftp_server_ip>:ax880.bin`
`dhcp`
After downloading is finished:
`imgaddr=$fileaddr && nand device 0`
Erase rootfs memory:
`nand erase 0x00000000 0x03400000`
Write rootfs:
`nand write $fileaddr 0x00000000 $filesize`
Erase rootfs_1 memory:
`nand erase 0x3c00000 0x3400000`
Write rootfs_1
`nand write $fileaddr 0x3c00000 $filesize`
`reset`
STOCK FIRMWARE RECOVERY:
Boot initramfs image.
Upload your rootfs mtd partition to the device using scp or download
it from the device using wget.
Enter device ssh cli and exec:
```
cd /tmp && wget <your_web_server_ip>/mtd21`
export rootfs=$(cat /proc/mtd | grep rootfs | cut -d: -f1)
export rootfs_1=$(cat /proc/mtd | grep rootfs_1 | cut -d: -f1)
ubiformat /dev/${rootfs} -y -f /tmp/mtd21
ubiformat /dev/${rootfs_1} -y -f /tmp/mtd21
reboot
```
Signed-off-by: Isaev Ruslan <legale.legale@gmail.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Christian Marangi [Thu, 9 Nov 2023 15:07:55 +0000 (16:07 +0100)]
hostapd: refresh patches
Refresh patches for hostapd using make package/hostapd/refresh.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Wed, 8 Nov 2023 15:48:57 +0000 (16:48 +0100)]
hostapd: permit 40MHz in 802.1s only also for 2.4GHz g/n with noscan
Currently for 802.1s only, for wifi 2.4GHz in g/n mode, 40MHz is never
permitted.
This is probably due to the complexity of setting periodic check for the
intolerant bit. When noscan option is set, we ignore the presence of the
intoleran bit in near AP, so we can enable 40MHz and ignore any complex
logic for checking.
Fixes: #13112
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Wed, 8 Nov 2023 15:48:05 +0000 (16:48 +0100)]
hostapd: permit also channel 7 for 2.5GHz to be set to HT40PLUS
Also channel 7 for 2.4GHz can be set to HT40PLUS. Permit this and add it
to the list of the channels.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Wed, 8 Nov 2023 15:46:12 +0000 (16:46 +0100)]
hostapd: fix broke noscan option for mesh
noscan option for mesh was broken and actually never applied.
This is caused by a typo where ssid->noscan value is check instead of
conf->noscan resulting in the logic swapped and broken.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Wed, 8 Nov 2023 15:44:38 +0000 (16:44 +0100)]
mac80211: fix not set noscan option for wpa_supplicant
noscan option was changed to hostapd_noscan but the entry in
wpa_supplicant was never updated resulting in the noscan option actually
never set.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Robert Marko [Tue, 7 Nov 2023 13:47:15 +0000 (14:47 +0100)]
kernel: qca-ssdk: update to 12.4
Update SSDK version to 12.4, this fixes weird SFP port link up/downs
while there is no SFP module plugged in.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Robert Marko [Tue, 7 Nov 2023 13:48:41 +0000 (14:48 +0100)]
qualcommax: backport missing SMEM ID-s for SSDK
SSDK has switched to using the upstream SMEM helper to get the SoC ID and
then look it up in the QCA SMEM ID header, so we need these in order for
SSDK to compile as they are currently undefined.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Nick Hainke [Sat, 4 Nov 2023 08:57:48 +0000 (09:57 +0100)]
tools/mkimage: update to 2023.10
Update to latest version.
Remove "100-increase-tmpfile-name-length-limit.patch" because project
is now using limits.h with PATH_MAX [0].
Automatically refreshed:
- 030-allow-to-use-different-magic.patch
[0] - https://github.com/u-boot/u-boot/commit/
99d430f344bfdb0641022fd3efa26c29c957df02
Signed-off-by: Nick Hainke <vincent@systemli.org>
Jo-Philipp Wich [Thu, 9 Nov 2023 11:40:22 +0000 (12:40 +0100)]
ucode: update to Git HEAD (2023-11-07)
0352a33 uloop: support new interval and signal APIs
1468cc4 syntax: don't treat `as` and `from` as reserved keywords
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Daniel Golle [Thu, 9 Nov 2023 11:14:59 +0000 (11:14 +0000)]
fstools: bump to git HEAD
3a07943 block: support skipping uuid check
56a9b4e block: consider currently mounted root device first
9cd09d4 block: try to find the root device on both / and /rom
c1a8d95 block: support extroot on already mounted overlay
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Fri, 27 Oct 2023 23:27:12 +0000 (00:27 +0100)]
arm-trusted-firmware-mediatek: update to release 2023-10-13
Drop local patches now upstream.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Robert Marko [Wed, 8 Nov 2023 12:24:37 +0000 (13:24 +0100)]
gemini: usb-fotg210: remove uneeded dependency on @USB_SUPPORT
$(call AddDepends/usb) will add the dependency on @USB_SUPPORT so there
is no need to duplicate it.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Robert Marko [Wed, 8 Nov 2023 12:23:09 +0000 (13:23 +0100)]
gemini: usb-fotg210: add missing module name to AutoLoad
AutoLoad expects the module name to be present after the load index.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Robert Marko [Wed, 8 Nov 2023 12:08:55 +0000 (13:08 +0100)]
gemini: dont select USB driver as module via config
The FOTG210 USB driver is currently being selected as a module directly via
the target kernel config which should not be done and via kmod as well.
So, lets drop the driver selection in the target kernel module as kmod is
sufficient.
Fixes: 585360f0c0ec ("gemini: refresh kernel config")
Signed-off-by: Robert Marko <robimarko@gmail.com>
Robert Marko [Wed, 8 Nov 2023 12:31:12 +0000 (13:31 +0100)]
gemini: usb-fotg210: enable OTG support
The usb-fotg210 does not currently select CONFIG_USB_FOTG210_UDC which
enable OTG support, but it was previously selected directly in the target
kernel config so lets enable it to keep the functionality identical.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Robert Marko [Wed, 8 Nov 2023 12:19:37 +0000 (13:19 +0100)]
gemini: usb-fotg210: fix FOTG210_HCD setting
CONFIG_USB_FOTG210_HCD is a boolean symbol, so it must be set to "y"
instead of the default which is to set it as "m".
Otherwise you will get prompted to set the symbol during kernel building.
Fixes: 585360f0c0ec ("gemini: refresh kernel config")
Signed-off-by: Robert Marko <robimarko@gmail.com>
Filip Milivojevic [Fri, 3 Nov 2023 09:10:14 +0000 (10:10 +0100)]
ramips: Cudy WR1300v2 fix mt7613 calibration data length
Since MT7613 is handled by MT7615 driver, and other devices using MT7615
have reg = <0x8000 0x4da8>; this needs updating or eeprom data fails to load.
Signed-off-by: Filip Milivojevic <zekica@gmail.com>
Felix Fietkau [Wed, 8 Nov 2023 10:20:41 +0000 (11:20 +0100)]
hostapd: use rtnl to set up interfaces
In wpa_supplicant, set up wlan interfaces before adding them
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 8 Nov 2023 09:45:55 +0000 (10:45 +0100)]
wifi: fix applying mesh parameters when wpa_supplicant is in use
Apply them directly using nl80211 after setting up the interface.
Use the same method in wdev.uc as well
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Robert Marko [Tue, 7 Nov 2023 14:14:15 +0000 (15:14 +0100)]
qualcommax: refresh patches
It seems that patches were not refreshed during last kernel bump, so lets
refresh them.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Robert Marko [Tue, 7 Nov 2023 13:38:21 +0000 (14:38 +0100)]
qualcommax: fixup patch numbering
It seems that I forgot one zero in the patch numbering while marking these
as backports, so lets fix it.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Hauke Mehrtens [Mon, 6 Nov 2023 23:33:38 +0000 (00:33 +0100)]
px5g-wolfssl: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.
OpenSSL does this in the same way already.
With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.*
-rw-r--r-- 1 root root 749 Nov 6 23:14 /etc/uhttpd.crt
-rw------- 1 root root 121 Nov 6 23:14 /etc/uhttpd.key
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 5 Nov 2023 22:05:24 +0000 (23:05 +0100)]
px5g-mbedtls: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.
OpenSSL does this in the same way already.
With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.crt /etc/uhttpd.key
-rw-r--r-- 1 root root 519 Nov 6 22:58 /etc/uhttpd.crt
-rw------- 1 root root 121 Nov 6 22:58 /etc/uhttpd.key
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Rafał Miłecki [Tue, 7 Nov 2023 12:38:23 +0000 (13:38 +0100)]
rockchip: refresh kernel config
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Tue, 7 Nov 2023 12:38:23 +0000 (13:38 +0100)]
gemini: refresh kernel config
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Tue, 7 Nov 2023 12:38:23 +0000 (13:38 +0100)]
sifiveu: refresh kernel config
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Tue, 7 Nov 2023 12:38:23 +0000 (13:38 +0100)]
qoriq: refresh kernel config
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Felix Fietkau [Tue, 7 Nov 2023 12:36:39 +0000 (13:36 +0100)]
netifd: update to the latest version
383753dd65ae device/bridge: support passing extra vlans in the device_set_state call
b6e75eafc1af device: send notifications for device events via ubus
cab415c7aefd bridge: add auth-required bridge members with auth_status=0 if vlan is enabled
827a02f0343c bridge: add support for configuring vlans for auth=1,auth_status=false
40ed7363caf2 device: fix build error on 32 bit systems
516ab774cc16 system-linux: fix race condition on bringing up wireless devices
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Hauke Mehrtens [Mon, 6 Nov 2023 00:30:31 +0000 (01:30 +0100)]
bpf-headers: Fix download URL with kernel 6.1
This fixes the download of the kernel 5.15 for the bpf-headers when
kernel 6.1 is build for the target.
Even if kernel 6.1 was selected for the target we still use kernel 5.15
for the bpf-headers. The download script tried to download the 5.15
kernel from the 6.x directory on kernel,org and this failed. Define
PKG_SOURCE_URL based on PKG_PATCHVER and not KERNEL_BASE like done in
kernel.mk.
Without this change it tries to download the kernel from this URL:
ttps://cdn.kernel.org/pub/linux/kernel/v6.x/linux-5.15.129.tar.xz
Fixes: #13190
Fixes: #13671
Fixes: #13814
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 5 Nov 2023 22:05:24 +0000 (23:05 +0100)]
mbedtls: Activate secp521r1 curve by default
Activate the secp521r1 ecliptic curve by default. This curve is allowed
by the CA/Browser forum, see
https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-v2.0.1-redlined.pdf#page=110
This increases the size of libmbedtls12_2.28.5-1_aarch64_generic.ipk by
about 400 bytes:
Without:
252,696 libmbedtls12_2.28.5-1_aarch64_generic.ipk
With:
253,088 libmbedtls12_2.28.5-2_aarch64_generic.ipk
Fixes: #13774
Acked-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Rafał Miłecki [Mon, 6 Nov 2023 12:25:34 +0000 (13:25 +0100)]
bcm53xx: refresh kernel config for 6.1
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Petr Štetiar [Mon, 6 Nov 2023 08:52:24 +0000 (08:52 +0000)]
image: fix image generation within ImageBuilder
Changes introduced in commit
d604a07225c5 ("build: add CycloneDX SBOM
JSON support") broke ImageBuilder:
Cannot open '/openwrt-imagebuilder-ath79-generic.Linux-x86_64/tmp/.packageinfo': No such file or directory
So lets fix it by wrapping the BOM generation behind condition of IB
feature check.
Fixes: #13881
Fixes: d604a07225c5 ("build: add CycloneDX SBOM JSON support")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
David Bauer [Fri, 3 Nov 2023 21:05:04 +0000 (22:05 +0100)]
mediatek: add label-mac for GL.iNet GL-MT3000
The MAC-address of gmac0 matches the one printed on the bottom label.
Signed-off-by: David Bauer <mail@david-bauer.net>
Łukasz M [Tue, 31 Oct 2023 15:15:06 +0000 (16:15 +0100)]
mediatek: mt7981: improve fan behaviour
This doubles the number of cooling-levels.
In addition the fan is turned on with a low speed at lower temperatures
and with a higher speed at higher temperatures.
This also attempts to reduce the likelihood of constant start-stop actions.
The change only affects the GL.iNet MT3000 and has been tested with it.
Signed-off-by: Łukasz M <lukasz1992m@gmail.com>
Lech Perczak [Sat, 22 Jul 2023 16:44:20 +0000 (18:44 +0200)]
ath79: support Fortinet FAP-220-B
Fortinet FAP-220-B is a dual-radio, dual-band 802.11n enterprise managed
access point with PoE input and single gigabit Ethernet interface.
Hardware highlights:
Power: 802.3af PoE input on Ethernet port, +12V input on 5.5/2.1mm DC jack.
SoC: Atheros AR7161 (MIPS 24kc at 680MHz)
RAM: 64MB DDR400
Flash: 16MB SPI-NOR
Wi-Fi 1: Atheros AR9220 2T2R 802.11abgn (dual-band)
Wi-Fi 2: Atheros AR9223 2T2R 802.11bgn (single-band)
Ethernet: Atheros AR8021 single gigabit Phy (RGMII)
Console: External RS232 port using Cisco 8P8C connector (9600-8-N-1)
USB: Single USB 2.0 host port
LEDs: Power (single colour, green), Wi-Fi 1, Wi-Fi 2, Ethernet, Mode, Status
(dual-colour, green and yellow)
Buttons: reset button hidden in bottom grill,
in the top row, 2nd column from the right.
Label MAC address: eth0
FCC ID: TVE-220102
Serial port pinout:
3 - TxD
4 - GND
6 - RxD
Installation: The same methods apply as for already supported FAP-221-B.
For both methods, a backup of flash partitions is recommended, as stock firmware
is not freely available on the internet.
(a) Using factory image:
1. Connect console cable to the console port
2. Connect Ethernet interface to your PC
3. Start preferred terminal at 9600-8-N-1
4. Have a TFTP server running on the PC.
5. Put the "factory" image in TFTP root
6. Power on the device
7. Break boot sequence by pressing "Ctrl+C"
8. Press "G". The console will ask you for device IP, server IP, and filename.
Enter them appropriately.
The defaults are:
Server IP: 192.168.1.1 # Update accordingly
Device IP: 192.168.1.2 # Update accordingly
Image file: image.out # Use for example: openwrt-ath79-generic-fortinet_fap-220-b-squashfs-factory.bin
9. The device will load the firmware over TFTP, and verify it. When
verification passes, press "D" to continue installation. The device
will reboot on completion.
(b) Using initramfs + sysupgrade
1. Connect console cable to the console port
2. Connect Ethernet interface to your PC
3. Start preferred terminal at 9600-8-N-1
4. Have a TFTP server running on the PC.
5. Put the "initramfs" image in TFTP root
6. Power on the device.
7. Break boot sequence by pressing "Ctrl+C"
8. Enter hidden U-boot shell by pressing "K". The password is literal "1".
9. Load the initramfs over TFTP:
> setenv serverip 192.168.1.1 # Your PC IP
> setenv ipaddr 192.168.1.22 # Device IP, both have to share a subnet.
> tftpboot
81000000 openwrt-ath79-generic-fortinet_fap-220-b-initramfs-kernel.bin
> bootm
81000000
10. (Optional) Copy over contents of at least "fwconcat0", "loader", and "fwconcat1"
partitions, to allow restoring factory firmware in future:
# cat /dev/mtd1 > /tmp/mtd1_fwconcat0.bin
# cat /dev/mtd2 > /tmp/mtd2_loader.bin
# cat /dev/mtd3 > /tmp/mtd3_fwconcat1.bin
and then SCP them over to safety at your PC.
11. When the device boots, copy over the sysupgrade image, and execute
normal upgrade:
# sysupgrade openwrt-ath79-generic-fortinet_fap-220-b-squashfs-sysupgrade.bin
Return to stock firmware:
1. Boot initramfs image as per initial installation up to point 9
2. Copy over the previously backed up contents over network
3. Write the backed up contents back:
# mtd write /tmp/mtd1_fwconcat0.bin fwconcat0
# mtd write /tmp/mtd2_loader.bin loader
# mtd write /tmp/mtd3_fwconcat1.bin fwconcat1
4. Erase the reserved partition:
# mtd erase reserved
5. Reboot the device
Quirks and known issues:
- The power LED blinking pattern is disrupted during boot, probably due
to very slow serial console, which prints a lot during boot compared
to stock FW.
- "mac-address-ascii" device tree binding cannot yet be used for address
stored in U-boot partition, because it expects the colons as delimiters,
which this address lacks. Addresses found in ART partition are used
instead.
- Due to using kmod-owl-loader, the device will lack wireless interfaces
while in initramfs, unless you compile it in.
- The device heats up A LOT on the bottom, even when idle. It even
contains a warning sticker there.
- Stock firmware uses a fully read-write filesystem for its rootfs.
- Stock firmware loads a lot of USB-serial converter drivers for use
with built-in host, probably meant for hosting modem devices.
- U-boot build of the device is stripped of all branding, despite that
evidence of it (obviously) being U-boot can be found in the binary.
- The user can break into hidden U-boot shell using key "K" after
breaking boot sequence. The password is "1" (without quotes).
- Telnet is available by default, with login "admin", without password.
The same is true for serial console, both drop straight to the Busybox
shell.
- The web interface drops to the login page again, after successfull
login.
- Whole image authentication boils down to comparing a device ID against
one stored in U-boot.
- And this device is apparently made by a security company.
Big thanks for Michael Pratt for providing support for FAP-221-B, which
shares the entirety of image configuration with this device, this saved
me a ton of work.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Lech Perczak [Wed, 26 Jul 2023 01:01:02 +0000 (03:01 +0200)]
ath79: image: extract common part for Fortinet FAP series
In preparation for FAP-220-B support, extract the common part of image
recipe for FAP-221-B.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Lech Perczak [Wed, 26 Jul 2023 00:55:05 +0000 (02:55 +0200)]
ath79: dts: fortinet_loader: extract common part
In preparation for FAP-220-B support, rename ar934x_fortinet_loader.dtsi
to arxxxx_fortinet_loader.dtsi, to avoid confusion, as FAP-220-B shares
flash layout with FAP-221-B exactly despite different SoC.
While at that, add a label to U-boot partition to allow for nvmem MAC
binding in future.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Ilya Katsnelson [Sun, 29 Oct 2023 22:39:31 +0000 (01:39 +0300)]
build: replace `true` with a custom noop script
`true` might be a shell built-in, or simply not accessible in the hardcoded locations.
Replace it with a custom script that does nothing.
Signed-off-by: Ilya Katsnelson <me@0upti.me>
Mikhail Zhilkin [Sun, 29 Oct 2023 14:51:32 +0000 (14:51 +0000)]
treewide: fix MERCUSYS brand spelling
This commit fixes MERCUSYS brand spelling. The proper name is capitalized.
Link: https://www.mercusys.com/
Link: https://github.com/torvalds/linux/blob/master/drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c#L7779
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Patryk Kowalczyk [Thu, 2 Nov 2023 08:46:36 +0000 (09:46 +0100)]
filogic: fix wifi eeprom filename for tuf-ax6000
The router use mt7986_eeprom_mt7976_dual.bin
Fixes: d522ccecb2 ("filogic: add support for ASUS TUF AX6000")
Signed-off-by: Patryk Kowalczyk <patryk@kowalczyk.ws>
Daniel Golle [Tue, 24 Oct 2023 17:05:28 +0000 (18:05 +0100)]
ramips: add support for MeiG SLT866 4G CPE
Hardware:
- SoC: Mediatek MT7621 (MT7621AT)
- Flash: 32 MiB SPI-NOR (Macronix MX25L25635E)
- RAM: 128 MiB
- Ethernet: Built-in, 2 x 1GbE
- 3G/4G Modem: MEIG SLM828 (currently only supported with ModemManager)
- SLIC: Si32185 (unsupported)
- Power: 12V via barrel connector
- Wifi 2.4GHz: Mediatek MT7603BE 802.11b/g/b
- Wifi 5GHz: Mediatek MT7613BE 802.11ac/n/a
- LEDs: 8x (7 controllable)
- Buttons: 2x (RESET, WPS)
Installing OpenWrt:
- sysupgrade image is compatible with vendor firmware.
Recovery:
- Connect to any of the Ethernet ports, configure local IP:
10.10.10.3/24 (or 192.168.10.19/24, depending on OEM)
- Provide firmware file named 'mt7621.img' on TFTP server.
- Hold down both, RESET and WPS, then power on the board.
- Watch network traffic using tcpdump or wireshark in realtime to
observe progress of device requesting firmware. Once download has
completed, release both buttons and wait until firmware comes up.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sun, 29 Oct 2023 16:01:05 +0000 (16:01 +0000)]
uboot-envtools: add environment config for MeiG SLT866
Add configuration to access U-Boot environment on MeiG SLT866.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 26 Oct 2023 02:50:40 +0000 (03:50 +0100)]
kernel: support reading hex MAC address from NVMEM
In addition to binary and ASCII-formatted MAC addresses, add support
for processing hexadecimal encoded MAC addresses from NVMEM.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 26 Oct 2023 02:46:44 +0000 (03:46 +0100)]
kernel: add support MeigLink SLM828 modem
Another Qualcomm-based USB-connected modem, offering endpoints
0 : rndis_host (link to voip subsystem listening on 169.254.5.100)
1 : rndis_host (?)
2 : option (?)
3 : option (at)
4 : option (at)
5 : option (?)
6 : GobiNet (qmi)
7 : ?
Add support for this modem in rndis_host, option and qmi_wwan driver
which allows the modem to be used with ModemManager.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Jo-Philipp Wich [Fri, 3 Nov 2023 14:13:58 +0000 (15:13 +0100)]
firewall4: update to latest Git HEAD
4101dd4 fw4: perform strict validation of zone and set names
a923c88 fw4: pass zone to templates whenever possible
597dc90 fw4: add support for zone log_limit
1874050 fw4: add log_limit to rules and redirects
19a8caf ruleset: dispatch ct states using verdict map
a5553da ruleset: reduce ksoftirqd load by refering to looopback by numeric id
de3483c tests: adjust zone log limit testcases
7392792 ruleset: do not emit redundant drop invalid rules
698a533 ruleset: apply egress MSS fixup later to apply final MTU before wire
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
John Audia [Thu, 2 Nov 2023 10:06:02 +0000 (06:06 -0400)]
kernel: bump 6.1 to 6.1.61
Changelog: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.61
Removed upstreamed:
generic/backport-6.1/814-v6.6-0018-nvmem-imx-correct-nregs-for-i.MX6SLL.patch[1]
generic/backport-6.1/814-v6.6-0019-nvmem-imx-correct-nregs-for-i.MX6UL.patch[2]
generic/backport-6.1/814-v6.6-0020-nvmem-imx-correct-nregs-for-i.MX6ULL.patch[3]
All other patches automatically rebased.
1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.1.61&id=
b90b8633ef62314f3a5f5675106e6dcdec981b6f
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.1.61&id=
37495846b1efc23c1767b17ddd6645cc0ccb9946
3. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.1.61&id=
116671d25915b913374ccdb2956b5fdaff939dc9
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
Paul Spooren [Thu, 2 Nov 2023 23:51:47 +0000 (00:51 +0100)]
firmware-utils: bump to git HEAD
ba5bc4e add dlink-sge-image for D-Link devices by SGE
Signed-off-by: Paul Spooren <mail@aparcar.org>
Christian Marangi [Fri, 3 Nov 2023 03:10:03 +0000 (04:10 +0100)]
ath10k-ct: add patch fixing compilation error in debug
ath10k-ct based on kernel 6.4 doesn't have a fix present in previous
kernel. Add patch that port the compilation error fix from previous
kernel in the new 6.4 kernel.
Fixes: 7d3651f1b9be ("ath10k-ct: switch to 6.4")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Mikhail Zhilkin [Sun, 29 Oct 2023 15:10:58 +0000 (15:10 +0000)]
ramips: fix wrong permissions on dts files
This commit fixes wrong permissions on dts files. Before the commit these
dts files are executable:
-rwxrwxr-x mt7620a_dlink_dir-806a-b1.dts
-rwxrwxr-x mt7621_wavlink_wl-wn573hx1.dts
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Koen Vandeputte [Wed, 20 Sep 2023 12:14:05 +0000 (14:14 +0200)]
ath10k-ct: switch to 6.4
Switch to the latest version so we match as close as possible to
our own mac80211 version.
Run-time tested on hundreds of devices in the field for months now:
- qca988x (wave 1)
- qca4019 (wave 2)
Tested-by: Enrico Mioso <mrkiko.rs@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Koen Vandeputte [Tue, 6 Jun 2023 11:21:53 +0000 (13:21 +0200)]
ath10k-ct: bump to latest upstream
92900bf("at10k-ct: fixup version info")
Tested-by: Enrico Mioso <mrkiko.rs@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Philip Prindeville [Sun, 22 Oct 2023 20:26:48 +0000 (14:26 -0600)]
dnsmasq: don't source functions.sh twice
It's already pulled in from /etc/rc.common.
Fixes: #13758
Fixes: 6b23836071b1 ("package: avoid the use of eval to parse ipcalc.sh output")
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Sandro Jäckel [Wed, 1 Nov 2023 15:49:20 +0000 (16:49 +0100)]
build: fix pkg-config detection when inside of a nix-shell
The output of command_all when inside a nix-shell looks like the below
where /usr does not match:
➜ scripts/command_all.sh pkg-config
/nix/store/ifr6srqgpvygd5vp14748d109ri31isv-pkg-config-wrapper-0.29.2/bin/pkg-config
Signed-off-by: Sandro Jäckel <sandro.jaeckel@gmail.com>
Robert Marko [Sun, 29 Oct 2023 16:00:29 +0000 (17:00 +0100)]
qualcommax: ipq807x: move subtarget specific kernel options
Currently, qualcommax target contains the full kernel config for the
ipq807x subtarget, but since I am working on ipq60xx as well it makes
sense to split out the ipq807x specific kernel options to subtarget
config.
ipq60xx will use the same approach and use subtarget config.
Should result in the same end kernel config, verified by comparing the
generated kernel .config.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Petr Štetiar [Mon, 30 Oct 2023 19:38:04 +0000 (19:38 +0000)]
Revert "uboot-sunxi: add missing type __u64"
This reverts commit
3cc57ba4627c9c7555f8ad86e4f78d86d8f9ddf0 as it
should be fixed in commit
78cbd5a57e11 ("tools: macOS: types.h: fix
missing unsigned types").
References: #13833
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 30 Oct 2023 19:37:59 +0000 (19:37 +0000)]
Revert "uboot-mediatek: fix build on Mac OS X"
This reverts commit
997ff740dc44045390680eaa30b6566d40bca322.
78cbd5apick as it should be fixed in commit
78cbd5a57e11 ("tools: macOS:
types.h: fix missing unsigned types").
References: #13833
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 30 Oct 2023 19:31:03 +0000 (19:31 +0000)]
tools: macOS: types.h: fix missing unsigned types
For some reason unsigned types were not added in commit
0a06fcf608dd
("build: fix kernel 5.4 on macos"), which led to bunch of hacks, like
commit
3cc57ba4627c ("uboot-sunxi: add missing type __u64") or
commit
997ff740dc44 ("uboot-mediatek: fix build on Mac OS X").
So lets add the missing unsigned types to workaround it in a bit more
maintainable way.
Fixes: #13833
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Sandro Jäckel [Thu, 2 Nov 2023 02:16:52 +0000 (03:16 +0100)]
build: use long hashes when generating feed.buildinfo
Short hashes are not guaranteed to be unambiguous forever and could
collide if the repo grows over time. Git also estimates how many
characters are roughly required to prevent such a collision and slowly
increases the amount of characters beginning from 6, OpenWrt is already
at 8. Lets use the full hash the have a predictable length and keep
hashes unambiguous forever.
Signed-off-by: Sandro Jäckel <sandro.jaeckel@gmail.com>
Jo-Philipp Wich [Thu, 2 Nov 2023 09:36:05 +0000 (10:36 +0100)]
ucode: update to latest Git HEAD
cfb24ea build: avoid redefining _FORTIFY_SOURCE
448c763 lib: enforce consistent `index()` behavior with empty needle argument
cdc0203 nl80211: fix maybe uninitialized variable
a69b5c8 vm: fix unused result warning
ea046bd build: enable source fortification by default
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Rafał Miłecki [Thu, 2 Nov 2023 08:08:54 +0000 (09:08 +0100)]
bcm53xx: add the latest fix version of brcm_nvram
It was just sent for upstream.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Hauke Mehrtens [Wed, 1 Nov 2023 21:10:46 +0000 (22:10 +0100)]
urngd: update to version 2023-11-01
Fix compilation with glibc
44365eb Deactivate _FORTIFY_SOURCE in jitterentropy-base.c
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Felix Fietkau [Wed, 1 Nov 2023 18:20:16 +0000 (19:20 +0100)]
tools/elfutils: fix missing _ in auxv info alias
Fixes dwarves compile issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 1 Nov 2023 17:37:45 +0000 (18:37 +0100)]
tools/elfutils: disable bzlib support
It is not needed
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 1 Nov 2023 16:44:43 +0000 (17:44 +0100)]
tools/elfutils: add -fPIC to fix linker errors (#13841)
Resolves issues with building PIE binaries that link against libdw or libelf
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Petr Štetiar [Thu, 19 Oct 2023 04:09:25 +0000 (04:09 +0000)]
ci: add workflow for automated GitHub release
Implement a GitHub Actions workflow for automated project releases.
The workflow triggers on Git tags, ensuring that a GitHub release is
created whenever a new tag is pushed.
That new release is going to be created in draft and pre-release mode
and needs to be manually promoted to the proper release, once its
decided, that its good enough and prepared.
This is a start of a streamlined and consistent release process for
GitHub, reducing manual intervention.
Acked-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Fri, 27 Oct 2023 07:37:52 +0000 (07:37 +0000)]
hostapd: fix broken WPS on broadcom-wl and ath11k
Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl/ath11k
based adapters. The reason for it is hostapd tries to install additional
IEs for scanning while the driver does not support this.
The kernel indicates the maximum number of bytes for additional scan IEs
using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and
only add additional scan IEs in case the driver can accommodate these
additional IEs.
Bug: http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
Bug-Debian: https://bugs.debian.org/
1004524
Bug-ArchLinux: https://bugs.archlinux.org/task/73495
Upstream-Status: Changes Requested [https://patchwork.ozlabs.org/project/hostap/patch/
20220130192200.10883-1-mail@david-bauer.net]
Reported-by: Étienne Morice <neon.emorice@mail.com>
Tested-by: Étienne Morice <neon.emorice@mail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Tue, 24 Oct 2023 08:27:13 +0000 (08:27 +0000)]
build: add CycloneDX SBOM JSON support
CycloneDX is an open source standard developed by the OWASP foundation.
It supports a wide range of development ecosystems, a comprehensive set
of use cases, and focuses on automation, ease of adoption, and
progressive enhancement of SBOMs (Software Bill Of Materials) throughout
build pipelines.
So lets add support for CycloneDX SBOM for packages and images
manifests.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Thu, 26 Oct 2023 16:11:47 +0000 (16:11 +0000)]
package-dumpinfo,metadata: add ABI version information to package index
There is no standard for ABI versioning, so its not possible to find out
from `libext2fs2`, `libiwinfo20230701` or `libss2` package names if
thats just package name or package name with ABI version included. To
help with the decision, lets make ABI version aviable in package index.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Wed, 19 Oct 2022 13:46:45 +0000 (15:46 +0200)]
package-metadata: add CPE information to JSON package manifests
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.
In order for the information to be processed further, it should also be
available in JSON package manifests.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Wed, 19 Oct 2022 13:43:37 +0000 (15:43 +0200)]
package-dumpinfo: add CPE information to package index
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.
In order for the information to be processed further, it should also be
available in package index files.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Jianhui Zhao [Fri, 20 Oct 2023 03:59:34 +0000 (11:59 +0800)]
uboot-mediatek: fix determine the size of an uImage.FIT using 'imsz' or 'imszb'.
It must read the entire image for previous code of 'imsz' or 'imszb'.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Suggested-by: Chuanhong Guo <gch981213@gmail.com>
David Bauer [Tue, 31 Oct 2023 11:33:42 +0000 (12:33 +0100)]
uqmi: update to latest HEAD
eea2924 uqmi: add slot number to uim-sim-status output
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Tue, 24 Oct 2023 01:07:48 +0000 (03:07 +0200)]
hostapd: fix OWE association with mbedtls
The code for hostapd-mbedtls did not work when used for OWE association.
When handling association requests, the buffer offsets and length
assumptions were incorrect, leading to never calculating the y point,
thus denying association.
Also when crafting the association response, the buffer contained the
trailing key-type.
Fix up both issues to adhere to the specification and make
hostapd-mbedtls work with the OWE security type.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Mon, 9 Oct 2023 21:10:10 +0000 (23:10 +0200)]
uqmi: configure PDP type and APN to modem
Configure the PLMN and APN to the modem. This is required in cases,
where either the SGSN or GGSN does not permit the selection of IPv4v6
pdp type.
Previously, the modem always tried to establish a dual-stacked PDP
context regardless of the configured PDP type in uci. As this setting
can not be parameterized when creating a WDS context, configure it to
the modems internal list of profiles. This way, the PDP type is taken
into account when creating the WDS context.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Mon, 9 Oct 2023 21:08:01 +0000 (23:08 +0200)]
uqmi: fix non-working PLMN selection
The PLMN selection was reset when calling network-register, thus
rendering the sepcific selection of a carrier unapplied.
Set the PLMN selection after executing network-register. This seems to
cause the modem to re-select the carrier eventually.
That being said, qmi does allow the parameterization of the
network-register to include dpecific PLMN settings, however this is
currently not implemented in uqmi.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Mon, 9 Oct 2023 14:29:59 +0000 (16:29 +0200)]
uqmi: set RAT preference before attach
Set the RAT preference before attaching. This handles cases better,
where a network might be available but not with the preferred RAT.
If RAT is changed to a non-available RAT after attach, QMI does not fail
with missing registration but with failing to establish a PDP session.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Sat, 7 Oct 2023 20:28:00 +0000 (22:28 +0200)]
uqmi: increase wait time before checking connection state
Increase the wait time before polling the connection state for the first
time.
Depending on the prior state of the modem, the first poll might still
return a connected state. The script then tries to establish a PDP
session, which subsequently fails as the modem by then is in scan state.
Increasing the wait-time to 3 seconds mitigates this from happening.
Signed-off-by: David Bauer <mail@david-bauer.net>