Daniel Kestrel [Thu, 8 Jul 2021 05:59:41 +0000 (07:59 +0200)]
ltq-deu: add shash cbcmac-aes algorithm to the driver
Since commit
53b6783 hostapd is using the kernel api which includes the
cbcmac-aes shash algorithm. The kernels implementation is a wrapper around
the aes encryption algorithm, which encrypts block (16 bytes) by block.
When the ltq-deu driver is present, it uses hardware aes, but every 16 byte
encrypt requires setting the key. This is very inefficient and is a huge
overhead. Since the cbcmac-aes is simply a hash that uses the cbc aes
algorithm starting with an iv set to x'00' with an optional ecb aes
encryption of a possible last incomplete block that is padded with the
positional bytes of the last cbc encrypted block, this algorithm is now
added to the driver. Most of the code is derived from md5-hmac and
tailored for aes. Tested with the kernels crypto testmgr including extra
tests against the kernels generic ccm module implementation.
This patch also fixes the overallocation in the aes_ctx that is caused
by using u32 instead of u8 for the aes keys.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Thu, 1 Jul 2021 09:38:05 +0000 (11:38 +0200)]
ltq-deu: remove driver disablement for kernel 5.4 and above
Remove the dependency on kernel 5.4 from the Makefile to allow the
driver to compile with kernel 5.10 or kernel versions higher than
5.4.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Thu, 24 Jun 2021 15:41:33 +0000 (17:41 +0200)]
ltq-deu: add aes_xts algorithm
The lantiq AES hardware does not support the xts algorithm. Apart
from the cipher text stealing (XTS), the AES XTS implementation is
just an XOR with the IV, followed by AES ECB, followed by another
XOR with the IV and as such can be also implemented by using the
lantiq hardware's CBC AES implemention plus one additional XOR with
the IV in the driver. The output IV by CBC AES is also not usable
and the gfmul operation not supported by lantiq hardware. Both need
to be done in the driver too in addition to the IV treatment which is
the initial encryption by the other half of the input key and to
set the IV to the IV registers for every block.
In the generic kernel implementation, the block size for XTS is set
to 16 bytes, although the algorithm is designed to process any size
of input larger than 16 bytes. But since there is no way to
indicate a minimum input length, the block size is used. This leads
to certain issues when the skcipher walk functions are used, e.g.
processing less than block size bytes is not supported by calling
skcipher_walk_done.
The walksize is 2 AES blocks because otherwise for splitted input
or output data, less than blocksize is to be returned in some cases,
which cannot be processed. Another issue was that depending on
possible split of input/output data, just 16 bytes are returned while
less than 16 bytes were remaining, while cipher text stealing
requires 17 bytes or more for processing.
For example, if the input is 60 bytes and the walk is 48, then
processing 48 bytes leads to a return code of -EINVAL for
skcipher_walk_done. Therefor the processed counter is used to
figure out, when the actual cipher text stealing for the remaining
bytes less than blocksize needs to be applied.
Measured with cryptsetup benchmark, this XTS AES implementation is
about 19% faster than the kernels XTS implementation that uses the
hardware ECB AES (ca. 18.6 MiB/s vs. 15.8 MiB/s decryption 256b key).
The implementation was tested with the kernels crypto testmgr against
the kernels generic XTS AES implementation including extended tests.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Sun, 20 Jun 2021 19:33:22 +0000 (21:33 +0200)]
ltq-deu: update initialisations for hmac algorithms
The processing in the hmac algorithms depends on the status fields:
count, dbn and started. Not all were initialised in the init method
and after finishing the final method. Added missing fields to init
method and call init method after finishing final.
The memsets have the wrong size in the original driver and did not
clear everything and are not necessary. Since no memset is done in
the kernels generic implementation, memsets were removed.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Tue, 15 Jun 2021 15:33:24 +0000 (17:33 +0200)]
ltq-deu: remove compiler warning and shorten locked sections
Removing hash pointer in _hmac_setkey since its not needed and causes
a compiler warning.
Make the spinlock control sections shorter and move initializations
out of the control sections to free the spinlock faster for allowing
other threads to use the hash engine.
Minor improvements for indentation and removal of blanks and blank
lines in some areas.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Tue, 15 Jun 2021 15:23:05 +0000 (17:23 +0200)]
ltq-deu: fix temp size exceed in hmac algorithms
Exceeding the temp array size was not checked and instead storage not
allocated by the driver was used/overwritten which in most cases
resulted in reboots. This patch implements processing the input to the
hash algorithm in tempsize chunks.
The _hmac_final methods were changed to _hmac_final_impl adding a
parameter that indicates intermediate or final processing. The started
variable was added to the context to indicate, if there is an
intermediate result in the context. For sha1_hmac the variable to store
the intermediate hash was added to the context too.
In order to avoid md5_hmac_final_impl being recursively called if the
padding of the input and the resulting last transform during the hmac
algorighms final processing causes the temp array to overflow and to
make sure that there is at least one block in the temp array when the
_hmac_final for final processing is called, the check for exceeding
the temp array in _hmac_transform was moved before copying the block
and incrementing dbn. dbn needs to be at least 1 at final processing
time to let the hash engine apply the opad operation.
To make the hash engine not apply the hmac algorithms final opad
operation, for intermediate processing the dbn in the control register
is set to a higher value than number of dbns are actually processed.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Sun, 6 Jun 2021 19:16:32 +0000 (21:16 +0200)]
ltq-deu: fix setkey errors and static shared temp for hmac algos
The hmac algorithms state, that keys larger than the key size should be
hashed with the underlying hash algorithms and then those hashes are to
be used as keys. This patch implements this. In order to avoid allocating
a descriptor during setkey, a shash_desc pointer is added to the context.
Another issue for multithreaded callers is the shared temp array.
The temp array is static and as such would be shared among multithreaded
callers, which obviously would neither work nor produce correct results.
The temp array (4k size) is moved to the context and since the size of
the context is limited, it can only be defined as pointer otherwise the
initialisation of the hash algorithm fails.
The allocations and freeing of both the temp and the desc pointer in the
context are done by implementing cra_init and cra_exit functions for
the hmac algorithms.
Also improved indentation in some areas.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Sat, 5 Jun 2021 21:49:59 +0000 (23:49 +0200)]
ltq-deu: fix ifxdeu-ctr-rfc3686(aes) not matching generic impl
Error ifxdeu-ctr-rfc3686(aes) (16) doesn't match generic impl (20) occurs
when running the cryptomgr extra tests that compare against the linux
kernels generic implementation.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Sat, 5 Jun 2021 21:46:58 +0000 (23:46 +0200)]
ltq-deu: changes for hash multithread callers and md5 endianess
The algorithms sha1, sha1_hmac and md5_hmac all use ENDI=1. The md5
algorithm uses ENDI=0 and the endian_swap methods to reverse the
endianess switch by using user CPU time, which is unnecessary overhead.
Danube and AR9 devices do not set endianess for SHA1, so is done for
MD5.
Furthermore the patch replaces endian_swap with le32_to_cpu for md5 and
md5 hmac algorithms and removes endian_swap for them.
The init functions initialize the algorithm in the hardware. The lock is
not used to write to the control register. If another thread calls
another hash algo before update or final, the result will be wrong.
Therefore move the algorithm init to the lock protected sections in the
transform or final methods.
Setting the hw key for the hmac algorithms is now done from within the
lock protected sections in their final methods. The lock protecting is
removed from the _hmac_setkey_hw functions.
In final for md5 and sha1 the lock section is removed, because all the
work was already done in transform (which is called from final). As such
only copying the hash to the output is required.
MD5 and MD5_HMAC produce 16 byte hashes (4 DWORDS) only, therefor
writing register D5R to the hash output is removed for MD5_HMAC.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Sat, 5 Jun 2021 19:37:53 +0000 (21:37 +0200)]
ltq-deu: make deu hash lock global and remove md5_hmac_ exports
All hash algorithms use the same base IFX_HASH_CON to access the hash unit.
Parallel threads should not be able to call different hash algorithms and
therefor a global lock is required.
Fixed linker warning, that md5_hmac_init, md5_hmac_update and
md5_hmac_final are static export symbols. The export symbols are not
required, because the functions are exposed using shash_alg structure.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Mon, 31 May 2021 13:22:43 +0000 (15:22 +0200)]
ltq-deu: add aes_ofb and aes_cfb algorithms
The functions ifx_deu_aes_cfg and ifx_deu_aes_ofb have been part of the
driver ever since. But the functions and definitions to make the
algorithms actually usable were missing.
This patch adds the neccessary code for aes_ofb and aes_cfb algorithms.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Mon, 31 May 2021 13:17:16 +0000 (15:17 +0200)]
ltq-deu: fix cryptomgr test errors for aes
When running cryptomgr tests against the driver, there are several
occurences of different errors for even and uneven splitted data in the
underlying scatterlists for the ctr and ctr_rfc3686 algorithms which are
now fixed.
Fixed error in ctr_rfc3686_aes_decrypt function which was introduced with
the previous commit by using CRYPTO_DIR_ENCRYPT in the decrypt function.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Mon, 31 May 2021 12:43:08 +0000 (14:43 +0200)]
ltq-deu: fix cryptomgr test errors for des
When running cryptomgr tests against the driver, there are several
occurences of different errors for setkey of des and des3-ede
algorithms.
Those key checks are already implemented in the kernels des
implementation, so this is added as dependency and the kernel methods
are called. It also required adding the kernels des/des3 context
definitions to the des_ctx internal structure to be able to call the
kernel methods.
Fixed ifxdeu-des... setkey unexpectedly succeeded on test vector x;
expected_error=-22.
Fixed ifxdeu-des... setkey failed on test vector x; expected_error=0,
actual_error=-22.
Renamed des_ctx internal structure and des_encrypt/des_decrypt methods
because they are already defined in the kernel module.
Fixed wrong DES_xxx constant definitions in crypto_alg definition for
ifxdeu_des3_ede_alg.
Fixed method comment errors.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Mon, 31 May 2021 12:32:27 +0000 (14:32 +0200)]
ltq-deu: convert SHA1 after library impl of SHA1 was removed
The <linux/cryptohash.h> was removed with Linux 5.8, because it only
contained the library implementation of SHA1, which was folded
into <crypto/sha.h>.
So switch this driver away from using <linux/cryptohash.h>.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Mon, 31 May 2021 12:25:00 +0000 (14:25 +0200)]
ltq-deu: convert blkcipher to skcipher
Convert blkcipher to skcipher for the synchronous versions of AES,
DES and ARC4.
The Block Cipher API was depracated for a while and was removed with
Linux 5.5. So switch this driver to the skcipher API.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Kestrel [Mon, 31 May 2021 12:13:42 +0000 (14:13 +0200)]
ltq-deu: set correct control register for AES
Some devices initialize AES during boot and AES works out of the box
and the correct endianess is set.
NDC means (No Danube Compatibility Mode) and the endianess setting has
no effect if its set to 0.
NDC 0: OFF ENDI bit cannot be written as in Danube
To make it work for other devices, the NDC control register needs to
be set to 1.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Mathias Kresin [Wed, 14 Apr 2021 22:38:36 +0000 (00:38 +0200)]
ltq-deu: make cipher/digest usable by openssl
OpenSSL with cryptdev support uses the data encryption unit (DEU) driver
for hard accelerated processing of ciphers/digests, if the flag
CRYPTO_ALG_KERN_DRIVER_ONLY is set.
Signed-off-by: Mathias Kresin <dev@kresin.me>
[fix commit title prefix]
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Mathias Kresin [Sun, 18 Apr 2021 12:37:24 +0000 (14:37 +0200)]
ltq-deu: aes-ctr: process all input data
Even if the minimum blocksize is set to 16 (AES_BLOCK_SIZE), the crypto
manager tests pass 499 bytes of data to the aes-ctr encryption, from
which only 496 bytes are actually encrypted.
Reading the comment regarding the minimum blocksize, it only states that
it's the "smallest possible unit which can be transformed with this
algorithm". Which doesn't necessarily mean, the data have to be a
multiple of the minimal blocksize.
All kernel hardware crypto driver enforce a minimum blocksize of 1,
which perfect fine works for the lantiq data encryption unit as well.
Lower the blocksize limit to 1, to process not padded data as well.
In AES for processing the remaining bytes, uninitialized pointers
were used.
This patch fixes using uninitialized pointers and wrong offsets.
Signed-off-by: Mathias Kresin <dev@kresin.me>
[fix commit title prefix]
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Mathias Kresin [Sun, 18 Apr 2021 12:26:01 +0000 (14:26 +0200)]
ltq-deu: aes: do not read/write behind buffer
When handling non-aligned remaining data (not padded to 16 byte
[AES_BLOCK_SIZE]), a full 16 byte block is read from the input buffer
and written to the output buffer after en-/decryption.
While code already assumes that an input buffer could have less than 16
byte remaining, as it can be seen by the code zeroing the remaining
bytes till AES_BLOCK_SIZE, the full AES_BLOCK_SIZE is read.
An output buffer size of a multiple of AES_BLOCK_SIZE is expected but
never validated.
To get rid of the read/write behind buffer, use a temporary buffer when
dealing with not padded data and only write as much bytes to the output
as we read.
Do not memcpy directly to the register, to make used of the endian swap
macro and to trigger the crypto start operator via the ID0R to trigger
the register. Since we might need an endian swap for the output in
future, use a temporary buffer for the output as well.
The issue could not be observed so far, since all caller of ifx_deu_aes
will ignore the padded (remaining) data. Considering that the minimum
blocksize for the algorithm is set to AES_BLOCK_SIZE, the behaviour
could be called expected.
Signed-off-by: Mathias Kresin <dev@kresin.me>
[fix commit title prefix]
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Mathias Kresin [Mon, 19 Apr 2021 18:36:58 +0000 (20:36 +0200)]
ltq-deu: init des/aes before registering crpyto algorithms
The crypto algorithms are registered and available to the system before
the chip is actually powered on and the generic parameter for the DEU
behaviour set.
The issue can mainly be observed if the crypto manager tests are enabled
in the kernel config. The crypto manager test run directly after an
algorithm is registered.
Signed-off-by: Mathias Kresin <dev@kresin.me>
[fix commit title prefix]
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Daniel Golle [Wed, 5 Jan 2022 14:11:06 +0000 (14:11 +0000)]
mediatek: Clause-45 MDIO patch accepted upstream
To easy future maintainance, replace the local patch with what has been
accepted into net-next and is likely to end up in Linux 5.17.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Matt Fawcett [Fri, 24 Dec 2021 06:45:13 +0000 (06:45 +0000)]
qoriq: Expand generic subtarget description
Signed-off-by: Matt Fawcett <mattytap@icloud.com>
[remove trailing whitespace]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Daniel Golle [Tue, 4 Jan 2022 23:34:23 +0000 (23:34 +0000)]
mediatek: let mtk_eth_soc MAC announce 2500Base-T mode
To allows Ethernet phys supporting 2500Base-T mode to announce that
speed, enable the corresponding bit in mtk_eth_soc driver.
This should hopefully unlock 2500Base-T speed on the UniFi 6 LR.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 4 Jan 2022 23:01:53 +0000 (23:01 +0000)]
kernel: improve driver support for gen-3 Aquantia Ethernet PHYs
* correctly set system side interface, the original patch was
errornous and there is a follow-up fix for it
* enable phy statistics for AQR112(+R/C) and ARQ412
(ethtool --phy-statistics ethX)
Tested, including phy-statistics, on
- IEI Puzzle M901 (AQR112, AQR112C, AQR112R)
- IEI Puzzle M902 (AQR113, AQR112R)
- Ubiquiti UniFi 6 LR (AQR112C)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Paul Spooren [Tue, 4 Jan 2022 12:06:03 +0000 (13:06 +0100)]
uml: drop Kernel 5.4
After the switch to Kernel 5.10 the old files are no longer required.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Paul Spooren [Tue, 4 Jan 2022 12:05:13 +0000 (13:05 +0100)]
uml: switch to Kernel 5.10
Switch over from testing version.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Paul Spooren [Sat, 1 Jan 2022 17:42:30 +0000 (17:42 +0000)]
ipq807x: drop target
The target is in an incomplete state and will not receive Kernel 5.10
support, ego it should be dropped before the next release.
People are working on ipq807x with Kernel 5.15 which is only relevant
for the second next release. Once a working patchset exists the target
can be added again.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Paul Spooren [Fri, 31 Dec 2021 10:19:57 +0000 (10:19 +0000)]
lua: add HOST_FPIC for host builds
Compiling without fPIC causes linking issues for packages using liblua.
Add $(HOST_FPIC) to host builds for both lua and lua5.3.
Suggested-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Paul Spooren <mail@aparcar.org>
Ansuel Smith [Sun, 19 Dec 2021 01:41:24 +0000 (02:41 +0100)]
kernel: 5.10: backport qca8k new feature
Backport qca8k new feature:
- Ageing configuration support
- Add 2 missing counter on qca8337
- Convert to regmap
- Standardize define and code with GENMASK AND BITFILED macro
- Add mdb add/del support
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Ansuel Smith [Sun, 19 Dec 2021 00:16:11 +0000 (01:16 +0100)]
kernel: 5.10: backport additional qca8k fixes
Backport 3 additional fixes for qca8k.
- Fix MTU calculation
- Fix a bug with config set to the wrong PAD when secondary cpu port is defined.
- Fix redundant check in parse_port_config
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Rui Salvaterra [Wed, 29 Dec 2021 13:13:29 +0000 (13:13 +0000)]
kernel: bump 5.10 to 5.10.89
Deleted (upstreamed):
bcm27xx/patches-5.10/950-0186-pinctrl-bcm2835-Change-init-order-for-gpio-hogs.patch [1]
sunxi/patches-5.10/103-arm64-dts-allwinner-orangepi-zero-plus-fix-PHY-mo.patch [2]
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.89&id=
ba696b470839d70c6b8290c1f798bac7fb2a584c
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.89&id=
93a957bbf46ceb224b959de61fe85cfc6f71b6c7
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
John Audia [Wed, 29 Dec 2021 15:23:53 +0000 (10:23 -0500)]
kernel: bump 5.4 to 5.4.169
All patches automatically rebased.
Build system: x86_64
Build-tested: ramips/mt7621*
*Had to revert
7f1edbd in order to build due to FS#4149
Signed-off-by: John Audia <graysky@archlinux.us>
Stefan Lippers-Hollmann [Thu, 30 Dec 2021 03:31:42 +0000 (04:31 +0100)]
ipq806x: ASRock g10: fix bogus read errors
Properly declare that the g10 is booting from NAND and define its
correct (larger than on other devices-) boot_pages_size, to prevent
the kernel from constantly falling over missing OOB error correction
for the bootloader.
This patch prevents a constant slew of (bogus) read errors reported
by the kernel and keeping the CPU busy and fixes:
blk_update_request: I/O error, dev mtdblock0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 0
blk_update_request: I/O error, dev mtdblock0, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0
blk_update_request: I/O error, dev mtdblock0, sector 16 op 0x0:(READ) flags 0x80700 phys_seg 2 prio class 0
blk_update_request: I/O error, dev mtdblock0, sector 24 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
blk_update_request: I/O error, dev mtdblock0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
Buffer I/O error on dev mtdblock0, logical block 0, async page read
blk_update_request: I/O error, dev mtdblock0, sector 32 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
blk_update_request: I/O error, dev mtdblock0, sector 40 op 0x0:(READ) flags 0x80700 phys_seg 7 prio class 0
blk_update_request: I/O error, dev mtdblock0, sector 48 op 0x0:(READ) flags 0x80700 phys_seg 6 prio class 0
blk_update_request: I/O error, dev mtdblock0, sector 56 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 0
blk_update_request: I/O error, dev mtdblock0, sector 64 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 0
Buffer I/O error on dev mtdblock0, logical block 1, async page read
Buffer I/O error on dev mtdblock1, logical block 0, async page read
Buffer I/O error on dev mtdblock1, logical block 1, async page read
Buffer I/O error on dev mtdblock2, logical block 0, async page read
Buffer I/O error on dev mtdblock2, logical block 1, async page read
Buffer I/O error on dev mtdblock3, logical block 0, async page read
Buffer I/O error on dev mtdblock3, logical block 0, async page read
Buffer I/O error on dev mtdblock4, logical block 0, async page read
Buffer I/O error on dev mtdblock4, logical block 1, async page read
Suggested-by: Ansuel Smith <ansuelsmth@gmail.com>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Nick Hainke [Thu, 30 Dec 2021 22:49:27 +0000 (23:49 +0100)]
binutils: fix compiling with arch-based distros
Arch Linux users have encountered problems with packages that have a dependency on binutils. This error happens when libtool is doing:
libtool: relink: ...
So change PKG_FIXUP to "patch-libtool".
Fixes error in the form of:
libtool: install: error: relink `libctf.la' with the above command
before installing it
Upstream Bug:
https://sourceware.org/bugzilla/show_bug.cgi?id=28545
OpenWrt Bug:
https://bugs.openwrt.org/index.php?do=details&task_id=4149
Acked-by: John Audia <graysky@archlinux.us>
Signed-off-by: Nick Hainke <vincent@systemli.org>
Eneas U de Queiroz [Fri, 31 Dec 2021 14:06:25 +0000 (11:06 -0300)]
openssl: bump to 1.1.1m
This is a bugfix release. Changelog:
*) Avoid loading of a dynamic engine twice.
*) Fixed building on Debian with kfreebsd kernels
*) Prioritise DANE TLSA issuer certs over peer certs
*) Fixed random API for MacOS prior to 10.12
Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Shiji Yang [Fri, 24 Dec 2021 06:25:01 +0000 (14:25 +0800)]
ramips: add ASUS RT-AC1200GU as alt name
RT-AC57U and RT-AC1200GU are the same models sold in different countries.
The purpose of this commit is to allow users to easily find the
corresponding firmware through the model number on the device label.
More specifications:
14e0e4f138e3 ("ramips: add support for ASUS RT-AC57U")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[reword commit title/message]
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Sungbo Eo [Sun, 1 Aug 2021 15:43:34 +0000 (00:43 +0900)]
ramips: add support for ipTIME T5004
ipTIME T5004 is a 5-port Gigabit Ethernet router, based on MediaTek MT7621A.
Specifications:
* SoC: MT7621AT
* RAM: 128 MiB
* Flash: NAND 128 MiB
* Ethernet: 5x 1GbE
* Switch: SoC built-in
* UART: J4 (57600 baud)
* Pinout: [3V3] (TXD) (RXD) (GND)
Installation via web interface:
1. Flash **initramfs** image through the stock web interface.
2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Revert to stock firmware via recovery mode:
1. Press reset button, power up the device, wait >15s for CPU LED
to stop blinking.
2. Upload stock image to TFTP server at 192.168.0.1.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Josef Schlehofer [Wed, 29 Dec 2021 19:52:22 +0000 (20:52 +0100)]
tools/cmake: update to version 3.22.1
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Nick Hainke [Sat, 25 Dec 2021 07:17:38 +0000 (08:17 +0100)]
hostapd: refresh patchset
Recently the hostapd has undergone many changes. The patches were not refreshed.
Refreshed with
make package/hostapd/{clean,refresh}
Refreshed:
- 380-disable_ctrl_iface_mib.patch
- 600-ubus_support.patch
- 700-wifi-reload.patch
- 720-iface_max_num_sta.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
Stijn Tintel [Sat, 27 Nov 2021 01:34:33 +0000 (03:34 +0200)]
nftables: allow quoted string in flowtable_expr_member
This is required to be able to use flow offloading on devices with
ifnames that start with a digit, like 6in4-wan6.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Raylynn Knight [Mon, 27 Dec 2021 05:12:03 +0000 (00:12 -0500)]
x86: add/improve support for Sophos SG/XG products
* Add support for Sophos SG/XG-115 r1, r2 with/without wireless
* Add support for Sophos SG/XG-125 r1, r2 with/without wireless
* Add wireless support for SG/XG-105
Signed-off-by: Raylynn Knight <rayknight@me.com>
Jinfan Lei [Mon, 27 Dec 2021 02:27:55 +0000 (10:27 +0800)]
ath79: add usb-phy-analog to reset list in qca953x.dtsi
On startup the USB of QCA9531 board can't be initialized successfully.
lsusb result as below:
root@OpenWrt:~# lsusb unable to initialize libusb: -99
This is because usb-phy-analog is not added to reset list.
Signed-off-by: Jinfan Lei <153869379@qq.com>
(added linebreaks and small little changes to the commit message)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Nick Hainke [Mon, 27 Dec 2021 01:17:43 +0000 (02:17 +0100)]
kernel: 5.10: add patches to fix macronix flash
mtd: spi-nor: locking support for MX25L6405D
Macronix MX25L6405D supports locking with four block-protection bits.
Currently, the driver only sets three bits. If the bootloader does not
sustain the flash chip in an unlocked state, the flash might be
non-writeable. Add the corresponding flag to enable locking support with
four bits in the status register.
mtd: spi-nor: disable 16-bit-sr for macronix
Macronix flash chips seem to consist of only one status register.
These chips will not work with the "16-bit Write Status (01h) Command".
Disable SNOR_F_HAS_16BIT_SR for all Macronix chips.
Refreshed:
- 0052-mtd-spi-nor-use-4-bit-locking-for-MX25L12805D.patch
Fixes: 15aa53d7ee65 ("ath79: switch to Kernel 5.10")
Signed-off-by: Nick Hainke <vincent@systemli.org>
Sergey V. Lobanov [Fri, 24 Dec 2021 23:05:35 +0000 (02:05 +0300)]
utils/px5g-wolfssl: make selfsigned certicates compatible with chromium
Chromium based web-browsers (version >58) checks x509v3 extended attributes.
If this check fails then chromium does not allow to click "Proceed to ...
(unsafe)" link. This patch add three x509v3 extended attributes to self-signed
certificate:
1. SAN (Subject Alternative Name) (DNS Name) = CN (common name)
2. Key Usage = Digital Signature, Non Repudiation, Key Encipherment
3. Extended Key Usage = TLS Web Server Authentication
SAN will be added only if CONFIG_WOLFSSL_ALT_NAMES=y
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Sergey V. Lobanov [Fri, 24 Dec 2021 23:04:50 +0000 (02:04 +0300)]
libs/wolfssl: add SAN (Subject Alternative Name) support
x509v3 SAN extension is required to generate a certificate compatible with
chromium-based web browsers (version >58)
It can be disabled via unsetting CONFIG_WOLFSSL_ALT_NAMES
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
WonJung Kim [Wed, 22 Dec 2021 06:59:00 +0000 (15:59 +0900)]
ramips: add support for ipTIME A3004T
ipTIME A3004T is a 2.4/5GHz band router, based on Mediatek MT7621.
Specifications:
- SoC: MT7621 (880MHz)
- RAM: DDR3 256M
- Flash: NAND 128MB (Macronix NAND 128MiB 3,3V 8-bit)
- WiFi:
- 2.4GHz: MT7615E
- 5GHz : MT7615E
- Ethernet:
- 4x LAN
- 1x WAN
- USB: 1 * USB3.0 port
- UART:
- 3.3V, TX, RX, GND / 57600 8N1
Installation via web interface:
1. Flash initramfs image using OEM's Recovery mode
2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Revert to stock firmware:
- Flash stock firmware via OEM's Recovery mode
How to use OEM's Recovery mode:
1. Power up with holding down the reset key until CPU LED stop blinking.
2. Set fixed ip with `192.168.0.2` with subnet mask `255.255.255.0`
3. Flash image via tftp to `192.168.0.1`
Additional Notes:
This router shares one MT7915E chip for both 2.4Ghz/5Ghz.
radio0 will not working on 5Ghz as it's not connected to the antenna.
Signed-off-by: WonJung Kim <git@won-jung.kim>
(added led dt-bindings)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Sungbo Eo [Sat, 18 Dec 2021 13:19:06 +0000 (22:19 +0900)]
ramips: add support for WeVO AIR DUO
WeVO AIR DUO is a 1-bay NAS & 802.11ac (Wi-Fi 5) router, based on
MediaTek MT7620A.
Specifications:
* SoC: MT7620A
* RAM: 64 MiB
* Flash: SPI NOR 16 MiB
* USB & SATA bridge controller: JMicron JMS567
* SATA 6Gb/s: 2.5" drive slot
* USB 3.0: Micro-B
* USB 2.0: connected to SoC
* Wi-Fi:
* 2.4 GHz: SoC built-in
* 5 GHz: MT7612EN
* Ethernet: 5x 1GbE
* Switch: MT7530WU
* UART: 4-pin 1.27 mm pitch through-hole (57600 baud)
* Pinout: (3V3)|(RXD) (TXD) (GND)
Notes:
* The drive is accessible through the external USB port only when the
router is turned off.
Installation via web interface:
1. Flash **initramfs** image through the stock web interface.
The image filename should have ".upload" extension.
2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Revert to stock firmware:
1. Perform sysupgrade with stock image.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Torsten Duwe [Wed, 22 Sep 2021 08:52:51 +0000 (10:52 +0200)]
bcm27xx: add AMP2 to HifiBerry DAC+ / DAC+ Pro package
According to the vendor [1] these HATs share the same DT overlay:
hifiberry-dacplus. The PCM512x-compatible control unit is attached to
I2C, so the additional snd-soc-pcm512x-i2c kernel module is required.
Also explicitly note the Amp2 support to reduce confusion for those
users.
[1] <https://www.hifiberry.com/docs/software/configuring-linux-3-18-x/>
Signed-off-by: Torsten Duwe <duwe@lst.de>
(added bcm27xx tag, changed commit message)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Pawel Dembicki [Wed, 21 Jul 2021 12:24:52 +0000 (14:24 +0200)]
kirkwood: add support for two clones from Endian
They are Endian 4i Edge 200 and his clone Endian UTM Mini.
Hardware:
- SoC: Marvell
88F6281-A1 ARMv5TE Processor 1.2GHz
- Ram: 512MB (4x Nanya NT5TU128M8GE-AC)
- NAND Flash: 512MB (Micron 29F4G08AAC)
- Lan 1-4: 4x GBE (Marvell 88E6171R-TFJ2)
- Lan 5: 1x GBE (Marvell 88E1116R-NNC1)
- Storage: MicroSD Slot
- WLAN: MiniPCIe Slot present, and fitted with SparkLan WPEA-110N/E
(Atheros AR9280 chipset) (ONLY Endian UTM Mini WLAN)
- USB: 1x USB 2.0 port
- Console: RJ-45 port
- LEDs: 3x GPIO controlled
Notes:
- WLAN led (Endian UTM Mini) is drived by MPCIE card
Installation by TFTP + serial:
- Setup TFTP server and copy initramfs image
- Connect serial console
- Stop booting in u-boot
- Do:
setenv bootargs 'console=ttyS0,115200n8 earlyprintk'
saveenv
setenv serverip 192.168.1.1
setenv ipaddr 192.168.1.2
tftpboot 0x1200000 openwrt-kirkwood-endian_4i-edge-200-initramfs-uImage
bootm 0x1200000
- copy sysupgrade image via ssh.
- run sysupgrade
Installation by USB + serial:
- Copy initramfs image to fat32 usb drive
- Connect pendrive to USB 2.0 front socket
- Connect serial console
- Stop booting in u-boot
- Do:
setenv bootargs 'console=ttyS0,115200n8 earlyprintk'
saveenv
usb reset
fatload usb 0:1 0x1200000 openwrt-kirkwood-endian_4i-edge-200-initramfs-uImage
bootm 0x1200000
- copy sysupgrade image via ssh.
- run sysupgrade
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Pawel Dembicki [Sun, 30 Aug 2020 20:26:14 +0000 (22:26 +0200)]
kirkwood: add support for NETGEAR ReadyNAS Duo v2
NETGEAR ReadyNAS Duo v2 is a NAS based on Marvell kirkwood SoC.
Specification:
- Processor Marvell
88F6282 (1.6 GHz)
- 256MB RAM
- 128MB NAND
- 1x GBE LAN port (PHY: Marvell
88E1318)
- 1x USB 2.0
- 2x USB 3.0
- 2x SATA
- 3x button
- 5x leds
- serial on J5 connector accessible from rear panel
(115200 8N1) (VCC,TX,RX,GND) (3V3 LOGIC!)
Installation by USB + serial:
- Copy initramfs image to fat32 usb drive
- Connect pendrive to USB 2.0 front socket
- Connect serial console
- Stop booting in u-boot
- Do:
usb reset
setenv bootargs 'console=ttyS0,115200n8 earlyprintk'
setenv bootcmd 'nand read.e 0x1200000 0x200000 0x600000;bootm 0x1200000'
saveenv
fatload usb 0:1 0x1200000 openwrt-kirkwood-netgear_readynas-duo-v2-initramfs-uImage
bootm 0x1200000
- copy sysupgrade image via ssh.
- run sysupgrade
Installation by TFTP + serial:
- Setup TFTP server and copy initramfs image
- Connect serial console
- Stop booting in u-boot
- Do:
setenv bootargs 'console=ttyS0,115200n8 earlyprintk'
setenv bootcmd 'nand read.e 0x1200000 0x200000 0x600000;bootm 0x1200000'
saveenv
setenv serverip 192.168.1.1
setenv ipaddr 192.168.1.2
tftpboot 0x1200000 openwrt-kirkwood-netgear_readynas-duo-v2-initramfs-uImage
bootm 0x1200000
- copy sysupgrade image via ssh.
- run sysupgrade
Known issues:
- Power button and PHY INTn pin are connected to the same GPIO. It
causes that every network restart button is pressed in system.
As workaround, button is used as regular BTN_1.
For more info please look at file:
RND_5.3.13_WW.src/u-boot/board/mv_feroceon/mv_hal/usibootup/usibootup.c
from Netgear GPL sources.
Tested-by: Raylynn Knight <rayknight@me.com>
Tested-by: Lech Perczak <lech.perczak@gmail.com>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Pawel Dembicki [Fri, 18 Jun 2021 13:34:49 +0000 (15:34 +0200)]
kernel: generic: backport linkstation-poweroff driver
Linkstation poweroff driver was added to mvebu target, but is required
for kirkwood target too.
This commit make two changes:
- move linkstation-poweroff support patch from mvebu to generic and
replace upstream accepted version
- backport small linkstation-poweroff fix from 5.12
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Pawel Dembicki [Sun, 30 Aug 2020 20:29:15 +0000 (22:29 +0200)]
packages: kernel: add i2c hwmon g762 kmod package
This patch adds kernel module for Global Mixed-mode Technology Inc
G762 and G763 fan speed PWM controller chips.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Paul Spooren [Wed, 3 Nov 2021 02:17:57 +0000 (16:17 -1000)]
scripts: dump-target-info print kernel versions
This commits adds the ability to print Kernel versions of all
targets/subtargets. If a testing Kernel is set print that version as
well.
Example output:
apm821xx/nand 5.10
apm821xx/sata 5.10
arc770/generic 5.4
archs38/generic 5.4
armvirt/32 5.10
armvirt/64 5.10
at91/sam9x 5.10
at91/sama5 5.10
ath25/generic 5.4
ath79/generic 5.4 5.10
ath79/mikrotik 5.4 5.10
--- %< ---
This should help to get a quick update on the state of Kernels.
Signed-off-by: Paul Spooren <mail@aparcar.org>
David Bauer [Tue, 21 Dec 2021 21:00:06 +0000 (22:00 +0100)]
ath79: remove pre-5.10 specific kernel code
With Kernel 5.4 support removed, we can get rid of this legacy code.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Wed, 29 Dec 2021 02:39:44 +0000 (03:39 +0100)]
ramips: aw9523: add can_sleep flag for GPIO chip
The GPIO expander is connected via I2C, thus the can_sleep flag has to
be set to true. This should fix spurious "scheduling while atomic" bugs
in the kernel ringbuffer.
Signed-off-by: David Bauer <mail@david-bauer.net>
Hauke Mehrtens [Tue, 28 Dec 2021 15:10:37 +0000 (16:10 +0100)]
tfa-layerscape: fix build on systems without openssl headers
The build fails when the openssl/sha.h header file is not installed on
the host system. Fix this by setting the HOSTCCFLAGS variable to the
OpenWrt HOST_CFLAGS variable, without setting this the include paths and
other modifications in the host flags done by OpenWrt will be ignored by
the build.
This fixes the following build problem:
gcc -c -D_GNU_SOURCE -D_XOPEN_SOURCE=700 -Wall -Werror -pedantic -std=c99 -O2 -I../../include/tools_share fiptool.c -o fiptool.o
In file included from fiptool.h:16,
from fiptool.c:19:
fiptool_platform.h:19:11: fatal error: openssl/sha.h: No such file or directory
19 | # include <openssl/sha.h>
| ^~~~~~~~~~~~~~~
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 28 Dec 2021 15:06:03 +0000 (16:06 +0100)]
layerscape: restool: Remove build of manpages
The build of the manpages needs the pandoc tool, this is not in the
minimal requirements of OpenWrt, just remove the build of the restool
manpage. This fixes the build on systems without pandoc like the OpenWrt build bots.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Daniel Golle [Mon, 27 Dec 2021 20:08:04 +0000 (20:08 +0000)]
mediatek: yet again, replace patch with updated pending patch
Upon comment of Russell King ('Oh no, not this "-1 disease" again.')
clean up mdio read and write return type and value in mtk_eth_soc
driver and also use appropriate return values for bus-busy-timeout-
errors in newly added Clause 45 access code.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Raphaël Mélotte [Fri, 29 Oct 2021 08:45:06 +0000 (10:45 +0200)]
hostapd: add fallback for WPS on stations
Up to now the WPS script triggered WPS on the stations only if it
could not trigger it successfully on any hostapd instance.
In a Multi-AP context, there can be a need (to establish a new
wireless backhaul link) to trigger WPS on the stations, regardless of
whether there is already a hostapd instance configured or not. The
current script makes it impossible, as if hostapd is running and
configured, WPS would always be triggered on hostapd only.
To allow both possibilities, the following changes are made:
- Change the "pressed" action to "release", so that we can make use of
the "$SEEN" variables (to know for how long the button was pressed).
- If the button is pressed for less than 3 seconds, keep the original
behavior.
- If the button is pressed for 3 seconds or more, trigger WPS on the
stations, regardless of the status of any running hostapd instance.
- Add comments explaining both behaviors.
- While at it, replace the usage of '-a' with a '[] && []'
construct (see [1]).
This gives users a "fallback" mechanism to onboard a device to a
Multi-AP network, even if the device already has a configured hostapd
instance running.
[1]: https://github.com/koalaman/shellcheck/wiki/SC2166
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Daniel Golle [Mon, 27 Dec 2021 15:26:18 +0000 (15:26 +0000)]
mediatek: replace patch with version sent upstream
Replace recently added patch
701-net-ethernet-mtk_eth_soc-add-support-for-clause-45-mdio.patch
with version sent upstream
701-net-ethernet-mtk_eth_soc-implement-Clause-45-MDIO-access.patch
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Sergey Ryazanov [Sun, 19 Dec 2021 14:31:53 +0000 (17:31 +0300)]
ath25: add kernel 5.10 support
Copy and refresh patches and config from 5.4 to 5.10. Most patches
require no more then automatic refresh. The only exception is the
Ethernet driver patch, which requires some more work:
* drop eth_change_mtu() usage since it was removed from the kernel,
it anyway useless for drivers that utilizes alloc_etherdev();
* add the txqueue number argument to the .ndo_tx_timeout callback
function;
* replace ioremap_nocache() which was finally removed from the kernel by
the ioremap() with the same behaviour.
Switch target to the new kernel version.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[use KERNEL_TESTING_PATCHVER for now]
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Sergey Ryazanov [Sun, 19 Dec 2021 14:31:52 +0000 (17:31 +0300)]
ath25: refresh kernel 5.4 config
The target config require some refresh due to the just introduced
filtering of the "run-time" options, MIPS eBPF JIT backporting, and so
on.
The configuration is easily updated using make kernel_oldconfig. So
let's update it now in preparation for v5.10 support to reduce the new
kernel configuration diff.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Sergey Ryazanov [Sun, 19 Dec 2021 14:31:51 +0000 (17:31 +0300)]
Move mvswitch
88E6060 driver to the ath25
ath25 requires a
88E6060 driver to support boards such as Fonera 2.0g
(FON2202). The swconfig based mvswitch driver has not yet been ported to
the 5.10 kernel as the only user is the ath25 target while all other
targets have been switched to the upstream DSA implementation.
Switching ath25 to the DSA implementation is a complex task, since we
need either per-board platform data or DTS support. ath25 lacks both of
them and builds only a single generic image. So we need to keep the
swconfig driver implementation to easly and quickly port ath25 to the
5.10 kernel.
Since porting the mvswitch driver to 5.10 as a generic driver is not an
option, and since the ath25 is its only user, make mvswitch a target
specific driver to be able to port it to the 5.10 kernel as part of the
kernel version update of the target. This will allow us quickly migrate
to the next kernel version and not delay the next firmware release.
Suggested-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Rui Salvaterra [Wed, 22 Dec 2021 10:13:25 +0000 (10:13 +0000)]
kernel: bump 5.10 to 5.10.88
Deleted (upstreamed):
mpc85xx/patches-5.10/002-powerpc-85xx-fix-oops-when-CONFIG_FSL_PMC-n.patch [1]
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.88&id=
151ffac3ac277ad7c2a5f201b566b56d97ed3a99
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Christian Lamparter [Fri, 24 Dec 2021 13:42:35 +0000 (14:42 +0100)]
apm821xx: remove broken PCIe MSI support
These never worked and upstream is in the process of removing
them as well. Legacy PCI interrupt signaling is still working
as before.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Thu, 23 Dec 2021 20:45:19 +0000 (21:45 +0100)]
apm821xx: remove overlapping partitions
Apart from the dtb partition, these were all "read-only;"
they serve no purpose other than being a copy of what
netgear had defined in their original firmware.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Fri, 24 Dec 2021 13:44:08 +0000 (14:44 +0100)]
apm821xx: fix WD MyBook Live DUO USB-Port
where to begin? the USB regulator settings were just
a part of the issue. With them changed, according to
the forum it still failed when a USB device was
connected to the port with:
dwc2
4bff80000.usbotg: dwc2_restore_global_registers: no global registers to restore
dwc2
4bff80000.usbotg: dwc2_exit_partial_power_down: failed to restore registers
dwc2
4bff80000.usbotg: exit partial_power_down failed
dwc2
4bff80000.usbotg: HC died; cleaning up
One clue was found upstream in
commit
cc10ce0c51b1 ("usb: dwc2: disable power_down on Amlogic devices")
|Disable power_down by setting the parameter to
|DWC2_POWER_DOWN_PARAM_NONE. This fixes a problem on various Amlogic
|Meson SoCs where USB devices are only recognized when plugged in before
|booting Linux. A hot-plugged USB device was not detected even though the
|device got power (my USB thumb drive for example has an LED which lit
|up).
|[...]
the same method proposed there worked with APM821xx's USB IP-Core.
Link: https://forum.openwrt.org/t/wd-my-book-duo-usb/111926/2
Reported-by: thwe and takimata (openwrt forum)
Fixes: b70d3557e05 ("apm821xx: clean up gpio-hogs")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Sun, 19 Dec 2021 12:51:41 +0000 (13:51 +0100)]
linux-firmware: amd: consolidate amd's linux-firmware entries
this patch consolidates the amd64-microcode
(moved to linux-firmware.git, previously this was an extra
debian source package download), amdgpu and radeon firmwares
into a shared "amd" makefile.
With the upcoming
20211216 linux-firmware bump,
this will include a microcode update for ZEN 3 CPUs.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Huangbin Zhan [Fri, 26 Nov 2021 00:38:31 +0000 (08:38 +0800)]
tools/mkimage: update to 2021.10
Changelog:
- upstream now needs OpenSSL in order to be able to sign FITs. See:
commit
cb9faa6f98ae ("tools: Use a single target-independent config to enable OpenSSL")
- removes upstream patches.
Link: https://github.com/u-boot/u-boot/commit/cb9faa6f98ae56d70d59505dad290dd3d381cb7b
Tested-by: Sergey V. Lobanov <sergey@lobanov.in>
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Martin Schiller [Fri, 15 Jan 2021 14:24:23 +0000 (15:24 +0100)]
umbim: add missing json_close_object call
Otherwise, connection setup may fail due to JSON parse error in netifd.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
[Updated commit description]
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Martin Schiller [Fri, 7 Feb 2020 11:41:59 +0000 (12:41 +0100)]
umbim: explicitly check for PIN1 state
PIN2 is used only to restrict changing of fixed dialling feature,
does not affect network registration. Therefore explicitly check for
PIN1 state during connection setup, which is required for network
registration.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
[Updated commit description]
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Martin Schiller [Fri, 7 Feb 2020 11:38:36 +0000 (12:38 +0100)]
umbim: call umbim disconnect in error case
This is needed to properly close the control channel.
Otherwise, on the next try the caps call may fail.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Christian Lamparter [Mon, 20 Dec 2021 19:43:07 +0000 (20:43 +0100)]
apm821xx: drop 5.4 config and patches
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Sander Vanheule [Thu, 25 Nov 2021 05:50:10 +0000 (06:50 +0100)]
realtek: netgear-gs110tpp: Add system LEDs
The GS110TPP has an RGB LED used for system status indication. Expose
all three components as separate GPIO LEDs connected via the device's
RTL8231.
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Sander Vanheule [Thu, 25 Nov 2021 05:50:09 +0000 (06:50 +0100)]
realtek: netgear-gigabit: Enable RTL8231
Since the move to 5.10, there are now two GPIO drivers. The gpio0 node
refers to the internal GPIOs, so the indirect-access-bus-id is no longer
relevant for that node.
Set indirect-access-bus-id to the correct value (31) on the correct node
(gpio1) and enable the device.
Cc: Raylynn Knight <rayknight@me.com>
Cc: Michael Mohr <akihana@gmail.com>
Cc: Stijn Segers <foss@volatilesystems.org>
Cc: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Tested-by: Bjørn Mork <bjorn@mork.no>
Ansuel Smith [Sat, 30 Oct 2021 23:32:31 +0000 (01:32 +0200)]
kernel: mtd: parsers: add nvmem support to cmdlinepart
Assuming cmdlinepart is only one level deep partition scheme and that
static partition are also defined in DTS, we can assign an of_node for
partition declared from bootargs.
The cmdlinepart parser is the first parser checked and if it does find
some partition declared in the bootargs, every other parser is ignored.
This means that the fixed-partition parser is ignored and an of_node for
the mtd is never assigned.
Fix this by searching a defined of_node using a similar fixed_partition
parsing logig, check if a partition is present with the same label, check
that it has the same offset and size and finally assign an of_node to the
mtd. The NVMEM can now find the of_node for the mtd and correctly works.
Fixes: abc17bf306ac ("ath79: convert mtd-mac-address to nvmem implementation")
Tested-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Javier Marcet [Sat, 4 Apr 2020 15:52:29 +0000 (17:52 +0200)]
base-files: upgrade: fix efi partitions size calculation
We were missing (not using) the last sector of each partition,
compared with the output of gparted.
Signed-off-by: Javier Marcet <javier@marcet.info>
[moved the dot]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Petr Štetiar [Tue, 14 Dec 2021 11:12:18 +0000 (12:12 +0100)]
toolchain: musl: disable crypt size hack by default
Enable this option and thus re-include crypt() support for the SHA256,
SHA512 and Blowfish ciphers on all devices. According to commit
9365745f8e7b ("musl: add a hack to remove unused crypt() algorithms,
saves ~14k after lzma") it should add about ~14k to the resulting image,
which seems to be a reasonable size increase for consistent crypt()
support.
Decided to not remove this hack completely as it might be still useful
for people trying to fit custom images onto smaller devices and the
patch is rather simple so we can afford to keep it for now.
References: https://github.com/openwrt/openwrt/pull/1331
Signed-off-by: Petr Štetiar <ynezz@true.cz>
David Bauer [Tue, 21 Dec 2021 20:54:32 +0000 (21:54 +0100)]
rockchip: remove Kernel 5.4
As v5.10 is the default kernel version now, the files for v5.4 can be
dropped.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Tue, 21 Dec 2021 20:56:04 +0000 (21:56 +0100)]
mpc85xx: remove kernel 5.4
As v5.10 is the default kernel version now, the files for v5.4 can be
dropped.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Tue, 21 Dec 2021 21:00:34 +0000 (22:00 +0100)]
ath79: remove kernel 5.4
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Mon, 20 Dec 2021 16:29:49 +0000 (17:29 +0100)]
hostapd: add missing function declaration
Signed-off-by: David Bauer <mail@david-bauer.net>
Nick Hainke [Sun, 26 Dec 2021 10:59:44 +0000 (11:59 +0100)]
ath79: add missing UBNT_REVISION
The UBNT_REVISION was already added for the ubnt-xw target because:
U-boot bootloader on M-XW devices expects factory image revision
version in specific format. On airOS v6.1.7 with `U-Boot 1.1.4-s1039
(May 24 2017 - 15:58:18)` bootloader checks if the revision major(?)
number is actually a number, but in currently generated images there's
OpenWrt text and so the check fails
...
By placing arbitrary correct number first in major version, we make the
bootloader happy and we can flash factory images over TFTP again.
commit
d42a7c469909 ("ath79: ubnt-m-xw: Fix factory image flashing using TFTP recovery method")
Fixes errors in the form of (tftp flashing):
sent DATA <block=8577, 412 bytes>
received ERROR <code=2, msg=Firmware check failed>
Error code 2: Firmware check failed
The missing UBNT_REVISION was not noticed before, since the
UBNT_REVISION field for the ubnt-xm target was also set to:
"42.OpenWrt-..."
Probably, UBNT_REVISION for the ubnt-xm target was set by the ubnt-xw
and was never overridden somewhere else. However, it is missing and
should be part of the ubnt-xm device.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Hauke Mehrtens [Sun, 26 Dec 2021 23:57:19 +0000 (00:57 +0100)]
sunxi: Use rtl8723bu-firmware instead of rtl8723bs-firmware
The firmware for the rtl8723bs chip is now included in the
rtl8723bu-firmware package.
Fixes: 397dfe4a97e6 ("linux-firmware: Update to version 20121216")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 26 Dec 2021 22:38:52 +0000 (23:38 +0100)]
tcpdump: libpcap: Remove www.us.tcpdump.org mirror
The http://www.us.tcpdump.org mirror will go offline soon, only use the
normal download URL.
Reported-by: Denis Ovsienko <denis@ovsienko.info>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 18 Dec 2021 11:01:27 +0000 (12:01 +0100)]
linux-firmware: Update to version
20121216
The rtl8723bs firmware was removed and a symlink to the rtl8723bu
firmware was created like it is done in upstream linux-firmware.
The following OpenWrt packages are changing:
* amdgpu-firmware: Multiple updates and new files
* ar3k-firmware: Multiple updates and new files
* ath10k-firmware-qca6174: Updated ath10k/QCA6174/hw3.0/board-2.bin
* bnx2x-firmware: Added bnx2x-e1-7.13.21.0.fw, bnx2x-e1h-7.13.21.0.fw and bnx2x-e2-7.13.21.0.fw
* iwlwifi-firmware-iwl8260c: Updated iwlwifi-8000C-36.ucode
* iwlwifi-firmware-iwl8265: Updated iwlwifi-8265-36.ucode
* iwlwifi-firmware-iwl9000: Updated iwlwifi-9000-pu-b0-jf-b0-46.ucode
* iwlwifi-firmware-iwl9260: Updated iwlwifi-9260-th-b0-jf-b0-46.ucode
* r8169-firmware: Updated rtl8153c-1.fw
* rtl8723bs-firmware: removed
* rtl8723bu-firmware: Added rtlwifi/rtl8723bs_nic.bin symlink
* rtl8822ce-firmware: Updated rtw8822c_fw.bin
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Daniel Golle [Tue, 2 Nov 2021 04:03:15 +0000 (04:03 +0000)]
mediatek: mt7622: unifi6lr: properly register Ethernet PHY
This change enables proper Ethernet link status and speed reporting on
the Ubiquiti UniFi 6 LR access point:
mtk_soc_eth
1b100000.ethernet eth0: PHY [mdio-bus:08] driver [Aquantia AQR112C] (irq=POLL)
mtk_soc_eth
1b100000.ethernet eth0: configuring for phy/2500base-x link mode
mtk_soc_eth
1b100000.ethernet eth0: Link is Up - 1Gbps/Full - flow control rx/tx
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 2 Nov 2021 00:57:36 +0000 (00:57 +0000)]
mediatek: mt7622: enable driver for Aquantia PHYs
Enable Aquantia Ethernet PHY driver as there is an AQR112C 2500Base-T
PHY in the Ubiquiti UniFi 6 LR access point.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 2 Nov 2021 04:02:49 +0000 (04:02 +0000)]
mediatek: add support for Clause 45 MDIO access
Add support for Clause 45 MDIO PHY register read and write operations
to mtk_eth_soc driver.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sun, 26 Dec 2021 18:45:57 +0000 (18:45 +0000)]
kernel: generic: refresh patch
722-net-phy-aquantia-Add-AQR113-driver-support.patch needs refresh.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Nick Hainke [Mon, 20 Dec 2021 20:55:21 +0000 (21:55 +0100)]
kernel: mac80211: refresh patchset
Refreshed:
- 311-mac80211-use-coarse-boottime-for-airtime-fairness-co.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
Nick Hainke [Mon, 20 Dec 2021 20:48:38 +0000 (21:48 +0100)]
kernel: ath10k: provide a build variant for small RAM devices
Based on:
1ac627024de9 ("kernel: ath10k-ct: provide a build variant for
small RAM devices")
Like described in the ath10k-ct-smallbuffers version, oom-killer gets
triggered frequently by devices with small RAM.
That change is necessary for many community mesh networks which use
ath10k based devices with too little RAM. The -ct driver has been
proven unstable if used with 11s meshing and only wave2 chipsets are
supporting 11s. Freifunk Berlin is nowadays assembling its
firmware-based completely of vanilla OpenWRT with some package additions
which are made through the imagebuilder. Therefore we cannot take the
approach other freifunk communities have taken to maintain that patch
downstream [1]. Other communities consider these devices as broken and
that change would pretty much give those devices a second life [2].
[1] - https://git.freifunk-franken.de/mirror/openwrt/commit/
450b306e540bc0f2c8a8841bbe4d9612f2b8cdea
[2] - https://github.com/freifunk-gluon/gluon/issues/1988#issuecomment-
619532909
Signed-off-by: Simon Polack <spolack+git@mailbox.org>
Signed-off-by: Nick Hainke <vincent@systemli.org>
Rafał Miłecki [Fri, 24 Dec 2021 22:07:39 +0000 (23:07 +0100)]
bcm4908: include ATF in bootfs images
It's required for proper booting.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Fri, 17 Dec 2021 10:40:54 +0000 (11:40 +0100)]
arm-trusted-firmware-bcm63xx: add ATF for Broadcom devices
Right now it includes bcm4908 variant only that is required by BCM4908
family devices with U-Boot.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Daniel Golle [Thu, 23 Dec 2021 19:01:48 +0000 (19:01 +0000)]
mvebu: puzzle: wan LED and fix default network
Fix default network configuration of the Puzzle-M902 so all LAN ports
are included in the LAN bridge.
Setup network LED to indicate WAN port link status, like vendor
firmware does as well.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 23 Dec 2021 18:10:05 +0000 (18:10 +0000)]
mvebu: enable Aquantia phy driver for Puzzle devices
Fixes Ethernet link status on all ports and makes 2.5G ports usable
in 2.5G and 1G full-duplex mode.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 23 Dec 2021 17:36:48 +0000 (17:36 +0000)]
kernel: add id for AQR112 Ethernet phy variants
Add ids for AQR112R and AQR112C 2.5G Ethernet PHYs.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 23 Dec 2021 17:36:01 +0000 (17:36 +0000)]
kernel: import patch enabling AQR113 PHY
Add PHY ID for the Aquantia AQR113 PHY.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 2 Nov 2021 00:55:40 +0000 (00:55 +0000)]
kernel: import patch enabling AQR112 and AQR412 PHY
Copy and refresh patch enabling AQR112 and AQR412 Ethernet PHY from
layerscape (5.4) target to generic (5.10) as AQR112 can also be found
on other targets as well.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Felix Fietkau [Thu, 23 Dec 2021 18:18:33 +0000 (19:18 +0100)]
hostapd: only attempt to set qos map if supported by the driver
Fixes issues with brcmfmac
Signed-off-by: Felix Fietkau <nbd@nbd.name>