Felix Fietkau [Thu, 3 Jun 2021 03:38:53 +0000 (05:38 +0200)]
mac80211: fix typo
Remove stray parenthesis
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
2cd1a108290f48fd35373f91056c05277c289687)
Felix Fietkau [Wed, 2 Jun 2021 05:45:31 +0000 (07:45 +0200)]
mac80211: do not enable VHT in the default config on 2.4 GHz
Some drivers advertise it, but it's not supported at the moment
Reported-by: John Thomson <git@johnthomson.fastmail.com.au>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
42a99b18ff23fa768a6ae5f1076f15cbfa494f24)
Felix Fietkau [Wed, 2 Jun 2021 05:42:40 +0000 (07:42 +0200)]
mac80211: fix detecting VHT capabilities when generating the default config
The colon does not directly follow the "VHT Capabilities" string
Reported-by: John Thomson <git@johnthomson.fastmail.com.au>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
3518b793a2f2293e7e9124b5beae7b09887c5e32)
Felix Fietkau [Tue, 25 May 2021 09:10:51 +0000 (11:10 +0200)]
mac80211: add more HE capabilities
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
fbd6f099f50e77d2bb95708c62e86a358779251a)
Felix Fietkau [Tue, 25 May 2021 08:57:01 +0000 (10:57 +0200)]
mac80211: fix center freq selection for 6 GHz
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
8d79915327b7b9ed221f513589281328e4fdc6ef)
Felix Fietkau [Mon, 24 May 2021 16:45:57 +0000 (18:45 +0200)]
mac80211: set hostapd op_class for 6 GHz
This is needed to disambiguate it from 5 GHz channels
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
c8bcdd561909034a14cbfd785e13848cbd5f5e50)
Felix Fietkau [Mon, 24 May 2021 12:56:02 +0000 (14:56 +0200)]
mac80211: rework default config script
Emit the new band option instead of hwmode
Support 6 GHz band and HE options
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
8504212f65865449dd6b9ed9daa0ba9781f8f287)
Felix Fietkau [Mon, 24 May 2021 12:55:01 +0000 (14:55 +0200)]
mac80211: make use of the new 'band' option
Use it to look up frequencies only in the configured band to better deal
with channel number overlap
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
8b8c1cb09bf2259e647a15d0c881b5dea15330da)
Felix Fietkau [Tue, 23 Nov 2021 16:55:12 +0000 (17:55 +0100)]
netifd: update to the master branch
Sync with commit
4eba313065f372ef0edf4abdbe00538fdbe7538f
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Jianhui Zhao [Mon, 2 Aug 2021 07:08:46 +0000 (07:08 +0000)]
iw: enable print wpa ie for scan
This increases the size of the iw_5.9-
8fab0c9e-3_mips_24kc.ipk from
41166 to 41942 bytes by 776 bytes.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry-picked from commit
9df7eadcfd3129cecfb30ec78a43ae9b3175869e)
Hans Dedecker [Wed, 17 Nov 2021 19:43:19 +0000 (20:43 +0100)]
netifd: fix deletion of ip tunnels (FS#4058)
a68e805 system-linux: fix deletion of ip tunnels (FS#4058)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Mathias Kresin [Fri, 5 Nov 2021 09:41:26 +0000 (10:41 +0100)]
uboot-lantiq: danube: fix hanging lzma kernel uncompression
At least since gcc 7.3.0 (OpenWrt 18.06) lwr/lwl are used in the
assembly of LzmaProps_Decode. While the decission made by the compiler
looks perfect fine, it triggers some obscure hang on lantiq danube-s
v1.5 with MX29LV640EB NOR flash chips.
Only if the offset 1 is used, the hang can be observed. Using any other
offset works fine:
lwl s0,0(a1) - s0 == 0x6d000080
lwl s0,1(a1) - hangs
lwl s0,2(a1) - s0 == 0x0080xxxx
lwl s0,3(a1) - s0 == 0x80xxxxxx
It isn't clear whether it is a limitation of the flash chip, the EBU or
something else.
Force 8bit reads to prevent gcc optimizing the read with lwr/lwl
instructions.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Christian Lamparter [Sat, 23 Oct 2021 16:08:51 +0000 (18:08 +0200)]
wireless-regdb: update to version 2021.08.28
e983a25 Update regulatory rules for Ecuador (EC)
a0bcb88 wireless-regdb: Update regulatory rules for Norway (NO) on 6 and 60 GHz
cdf854d wireless-regdb: Update regulatory rules for Germany (DE) on 6GHz
86cba52 wireless-regdb: reduce bandwidth for 5730-5850 and 5850-5895 MHz in US
6fa2384 wireless-regdb: remove PTMP-ONLY from 5850-5895 MHz for US
9839e1e wireless-regdb: recent FCC report and order allows 5850-5895 immediately
42dfaf4 wireless-regdb: update 5725-5850 MHz rule for GB
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
dbb4c47798b17112cb1eed2a309cdefd33b5f193)
Hauke Mehrtens [Sat, 6 Nov 2021 19:29:39 +0000 (19:29 +0000)]
kernel: bump 5.4 to 5.4.158
Removed upstreamed:
generic/backport-5.4/790-v5.7-net-switchdev-do-not-propagate-bridge-updates-across.patch
All others updated automatically.
Compile-tested on: lantiq/xrx200, armvirt/64
Runtime-tested on: lantiq/xrx200, armvirt/64
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Deomid Ryabkov [Sat, 23 Oct 2021 13:22:39 +0000 (16:22 +0300)]
base-files: chmod 1777 /var/lock
Per FHS 3.0, /var/lock is the location for lock files [1].
However its current permissions (755) are too restrictive
for use by unprivileged processes.
Debian and Ubuntu set them to 1777, and now so do we.
[1] <https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#varlockLockFiles>
Signed-off-by: Deomid Ryabkov <rojer@rojer.me>
[fixed typo in commit message, had to remove "rojer" due to git hooks]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
430f69194388ad6a7826a51e0e2b2dd478e27f0f)
Stephan Schmidtmer [Tue, 10 Aug 2021 20:21:30 +0000 (20:21 +0000)]
libpcap: add rpcapd as package
This enables building of rpcapd and adds it as a package.
It is a daemon that allows remote packet capturing from another machine.
E.g. Wireshark can talk to it using the Remote Capture Protocol (RPCAP).
https://www.tcpdump.org/manpages/rpcapd.8.html
Compile and run tested:
OpenWrt 21.02.0-rc4 r16256-
2d5ee43dc6 on x86/64 and mvebu/cortexa9
Signed-off-by: Stephan Schmidtmer <hurz@gmx.org>
(cherry picked from commit
891c8676a1602d31adf3ab9f913664ae0d3b4029)
Christian Lamparter [Thu, 5 Aug 2021 13:29:25 +0000 (15:29 +0200)]
gpio-button-hotplug: convert to gpio descriptor (gpiod_) API
OpenWrt's special gpio-button-hotplug driver is still using
exclusively the legacy GPIO Subsystem gpio_ API.
While it still does work fine for most devices, upstream
linux is starting to convert platform support like that of
the APU2/3/4 to the new GPIOD LOOKUP tables that are not
supported by it.
Hence, this patch replaces the gpio_ calls present in
gpio-button-hotplug with gpiod_ equivalent wherever
it's possible. This allows the driver to use the
gpiod lookup tables and still have a fallback for
legacy platform data code that just sets button->gpio
set to the real button/switch GPIO.
As a bonus: the active_low logic is now being handled
by the linux's gpio subsystem too. Another issue that
was address is the of_handle leak in the dt parser
error path.
Tested with legacy platform data: x86_64: APU2, MX-100
Tested on OF: ATH79; MR18, APM821xx: Netgear WNDR4700,
RAMIPS: WL-330N3G
LANTIQ: AVM FritzBox 7360v1
Reported-by: Chris Blake <chrisrblake93@gmail.com>
Tested-by: Chris Blake <chrisrblake93@gmail.com>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
2b0378cf9f3163bac29fa9946b3aa1607fc03802)
Sungbo Eo [Sun, 1 Aug 2021 13:17:04 +0000 (22:17 +0900)]
bcm4908: fix calculation of new cferam index
The arithmetic expansion fails when idx becomes a two digit number.
Fix this by relying on expr command.
root@OpenWrt:/# echo $(((028 + 0) % 1000))
/bin/ash: arithmetic syntax error
root@OpenWrt:/# echo $(($(expr 028 + 0) % 1000))
28
Fixes: a6a0b252baa6 ("bcm4908: add sysupgrade support")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit
f4323538501d58298f4df73a034a51375a477cfc)
Bruno Randolf [Mon, 25 Oct 2021 10:38:15 +0000 (11:38 +0100)]
ramips: minew g1-c: Allow dynamic RAM sizes
Allow RAM size to be passed thru U-Boot. There are 128MB and 64MB
versions of Minew G1-C. This is also in line with the behaviour of
most other RAMIPS boards.
Signed-off-by: Bruno Randolf <br1@einfach.org>
Roman Yeryomin [Fri, 3 Sep 2021 14:31:11 +0000 (17:31 +0300)]
iproute2: m_xt.so depends on dynsyms.list
When doing parallel build on a fast machine with bottleneck in i/o,
m_xt.so may start linking faster than dynsyms.list gets populated,
resulting in error:
ld:dynsyms.list:0: syntax error in dynamic list
Fix this by adding dynsyms.list as make dependency to m_xt.so
Described also here:
https://bugs.openwrt.org/index.php?do=details&task_id=3353
Change from v1:
- add dynsysms.list dependancy only when shared libs are enabled
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Fixes: FS#3353
(cherry-picked from commit
edd53df16843a0a6380920ed17b88bfe7d26d71b)
Hauke Mehrtens [Mon, 25 Oct 2021 19:45:09 +0000 (21:45 +0200)]
OpenWrt v21.02.1: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Mon, 25 Oct 2021 19:44:54 +0000 (21:44 +0200)]
OpenWrt v21.02.1: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
David Bauer [Fri, 13 Aug 2021 21:28:44 +0000 (23:28 +0200)]
ipq40xx: ar40xx: reset port status register
This resolves incosnsitencies of the configured RX / TX flow control
modes between different boards or bootloaders.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
4d81f087715524994448ecaefd3ca87c8ba7e0a3)
Ivan Pavlov [Fri, 15 Oct 2021 05:11:10 +0000 (08:11 +0300)]
wolfssl: fix compile when enable-devcrypto is set
fixing linking error when --enable-devcrypto=yes
fixes:
7d92bb050961 wolfssl: update to 4.8.1-stable
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit
be3e260f92643a841f4f83b03cbb07b9a26cff66)
Andre Heider [Sat, 2 Oct 2021 08:40:00 +0000 (10:40 +0200)]
wolfssl: remove --enable-sha512 configure switch
It's the default anyway and this just looks confusing, as if it wasn't.
Switch to AUTORELEASE while at it.
The binary size is unchanged.
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit
7cb5af30f48d6788cd471138820a772610a7f8e0)
Andre Heider [Sat, 2 Oct 2021 08:50:49 +0000 (10:50 +0200)]
wolfssl: always build with --enable-reproducible-build
This gates out anything that might introduce semantically frivolous jitter,
maximizing chance of identical object files.
The binary size shrinks by 8kb:
1244352 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.
39c36f2f
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.
39c36f2f
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit
c76300707e8d705d9efc7ed4bb1b7449d0a5fe00)
Roger Pueyo Centelles [Tue, 31 Aug 2021 14:45:17 +0000 (16:45 +0200)]
ath79: mikrotik: use 64 KiB SPI NOR erase sectors
This patch removes CONFIG_MTD_SPI_NOR_USE_4K_SECTORS from the default
symbols for the ath79/mikrotik target.
MikroTik devices hold some of their user-configurable settings in the
soft_config partition, which is typically sized 4 KiB, of the SPI NOR
flash memory. Previously, in the ar71xx target, it was possible to use
64 KiB erase sectors but also smaller 4 KiB ones when needed. This is
no longer the case in ath79 with newer kernels so, to be able to write
to these 4 KiB small partitions without erasing 60 KiB around, the
CONFIG_MTD_SPI_NOR_USE_4K_SECTORS symbol was added to the defaults.
However, this ended up making sysupgrade images which were built with
64 KiB size blocks not to keep settings (e.g., the files under
/etc/config/) over the flashing process.
Using 4 KiB erase sector size on the sysupgrade images (by setting
BLOCKSIZE = 4k) allows keeping settings over a flashing process, but
renders the process terribly slow, possibly causing a user to
mistakenly force a manual device reboot while the process is still on-
going. Instead, ditching the 4 KiB erase sectors for the default
64 KiB erase size provides normal SPI write speed and sysupgrade times,
at the expense of not being able to modify the soft_config partition
(which is rarely a required thing).
An OpenWrt patch for MTD_SPI_NOR_USE_4K_SECTORS_LIMIT may once have
allowed to use different per-partition erase sector sizes. Due to
changes on recent kernels it now only works on a per-device basis.
Also, partial eraseblock write can be performed in ath79 with kernels
5.4 and lower, by copying the blocks from the 64 KiB, erasing the whole
sector and restoring those blocks not meant to be modified. A kernel
bump had that patch broken for a long time, but got fixed in
bf2870c.
Note: the settings in the soft_config partition can be reset to their
defaults by holding the reset button for 5 seconds (and less than 10
seconds) at device boot.
Fixes: FS#3492 (sysupgrade […] loses settings...)
Fixes: a66eee63368e (ath79: add mikrotik subtarget)
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit
68d91f08edd0efd47841a2e53d3437d570a61612)
Ivan Pavlov [Tue, 14 Sep 2021 15:06:32 +0000 (12:06 -0300)]
wolfssl: update to 4.8.1-stable
Changes from 4.7.0:
Fix one high (OCSP verification issue) and two low vulnerabilities
Improve compatibility layer
Other improvements and fixes
For detailed changes refer to https://github.com/wolfSSL/wolfssl/releases
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit
7d92bb0509615550b98e2dc71091073c8258d564)
[Added patch to allow compilation with libtool 2.4]
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Stijn Tintel [Tue, 14 Sep 2021 15:06:31 +0000 (12:06 -0300)]
wolfssl: fix build with GCC 10 on 32 x86 targets
Backport upstream patch to fix build with GCC 10 on 32 x86 targets.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
718a4f47806da8f68cb8f1fe2ebecf403e14ae96)
Hauke Mehrtens [Fri, 22 Oct 2021 19:30:02 +0000 (21:30 +0200)]
layerscape: Add missing config option
This option is not set when building the target.
In master this is also unset.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Fri, 22 Oct 2021 20:09:16 +0000 (22:09 +0200)]
layerscape: Fix build in dtb
This fixes a kernel build problem.
The removed parts of the patch are already applied upstream.
Fixes: b4ed8a92751f ("kernel: bump 5.4 to 5.4.154")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
9501ce909f54b87dab95f17c0408a4962365e130)
Jitao Lu [Sun, 17 Oct 2021 06:16:57 +0000 (14:16 +0800)]
ncurses: add tmux terminfo
They're preferred terminal descriptions for tmux, with additional support to
some special characters and italic fonts. More info can be found at:
https://github.com/tmux/tmux/wiki/FAQ
Fixes: FS#3404
Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
(cherry picked from commit
917126ff4cfb1ea4795cfc93820ed5d304b084c3)
Paul Spooren [Mon, 29 Mar 2021 08:31:21 +0000 (22:31 -1000)]
ncurses: add screen-256color terminfo
The terminfo is required by the popular terminal multiplexer screen and
tmux, offer it by default as the size impact is minimal with 885 Bytes.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
6a6b5a677e8c245f6c82ad40cc718e614aa9f7a1)
Paul Spooren [Mon, 29 Mar 2021 08:21:49 +0000 (22:21 -1000)]
ncurses: split long line of supported terminfo
The terminfo files were all in one row which is terrible to read.
Split them over multiple lines to improve readability.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
75ea474b9002c758e9a23023f7636258a467704c)
Hans Dedecker [Sun, 12 Sep 2021 13:59:51 +0000 (15:59 +0200)]
glibc: update to latest 2.33 HEAD (bug 28213)
9b01145592 MIPS: Setup errno for {f,l,}xstat
9c676ef514 RISC-V: Update rv64 ULPs
c6cadbf83a linux: Remove shmmax check from tst-sysvshm-linux
22d37364ae librt: add test (bug 28213)
27a78fd712 librt: fix NULL pointer dereference (bug 28213)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
c6a2ffd505cf7b8ce7ea0424a7709bb8f73e6999)
Rui Salvaterra [Thu, 21 Oct 2021 19:09:49 +0000 (20:09 +0100)]
tools/isl: update the download URL
isl.gforge.inria.fr has been dead since early this month [1]. Switch to
libisl.sourceforge.io for the time being.
[1] https://groups.google.com/g/isl-development/c/JGaMo2VUu_8
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit
dd0ad9b661b604163d1736fcfe18714ff47c3728)
Andrew Robbins [Tue, 5 Oct 2021 15:00:16 +0000 (11:00 -0400)]
ath10k-ct: update to version from 2021-09-22
Add in a fix for 160Mhz dfs on 5.10 and higher.
Add support for 5.13 and 5.15 kernels.
Add of_get_mac_address support for 5.15 driver.
Signed-off-by: Andrew Robbins <andrew@robbinsa.me>
(cherry picked from commit
1d2bc94f786434e89bc87003b2a2202e92ad84e7)
Rosen Penev [Thu, 4 Mar 2021 02:00:26 +0000 (18:00 -0800)]
tools/m4: update to 1.4.19
Remove upstreamed patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
fc9682ed3961e098ace708ca1ca41c2239a4e2ee)
Hauke Mehrtens [Tue, 19 Oct 2021 22:35:22 +0000 (00:35 +0200)]
kernel: bump 5.4 to 5.4.154
Removed upstreamed:
generic/backport-5.4/070-v5.5-MIPS-BPF-Restore-MIPS32-cBPF-JIT.patch
All others updated automatically.
Compile-tested on: lantiq/xrx200, armvirt/64
Runtime-tested on: lantiq/xrx200, armvirt/64
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
David Bauer [Tue, 19 Oct 2021 07:08:30 +0000 (09:08 +0200)]
wolfssl: bump PKG_RELEASE
Fixes commit
4b212b1306a9 ("wolfssl: build with WOLFSSL_ALT_CERT_CHAINS")
Signed-off-by: David Bauer <mail@david-bauer.net>
Andre Heider [Wed, 6 Oct 2021 08:54:48 +0000 (10:54 +0200)]
wolfssl: build with WOLFSSL_ALT_CERT_CHAINS
"Alternate certification chains, as oppossed to requiring full chain
validataion. Certificate validation behavior is relaxed, similar to
openssl and browsers. Only the peer certificate must validate to a trusted
certificate. Without this, all certificates sent by a peer must be
used in the trust chain or the connection will be rejected."
This fixes e.g. uclient-fetch and curl connecting to servers using a Let's
Encrypt certificate which are cross-signed by the now expired
DST Root CA X3, see [0].
This is the recommended solution from upstream [1].
The binary size increases by ~12.3kb:
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.
39c36f2f
1248704 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.
39c36f2f
[0] https://github.com/openwrt/packages/issues/16674
[1] https://github.com/wolfSSL/wolfssl/issues/4443#issuecomment-
934926793
Signed-off-by: Andre Heider <a.heider@gmail.com>
[bump PKG_RELEASE]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
28d8e6a8711ba78f1684a205e11b0dbd4ff2b2f3)
Ian Chang [Thu, 2 Sep 2021 09:47:20 +0000 (17:47 +0800)]
mvebu: add support for iEi Puzzle-M901/Puzzle-M902
Hardware specification
----------------------
* CN9130 SoC, Quad-core ARMv8 Cortex-72 @ 2200 MHz
* 4 GB DDR
* 4 GB eMMC
* mmcblk0
- mmcblk0p1 64M kernel_1
- mmcblk0p2 64M kernel_2
- mmcblk0p3 512M rootfs_1
- mmcblk0p4 512M rootfs_2
- mmcblk0p5 512M Reserved
- mmcblk0p6 64M Reserved
- mmcblk0p7 1.8G rootfs_data
* 4 MB (SPI Flash)
* 6 x 2.5 Gigabit ports (Puzzle-M901)
- External PHY with 6 ports (AQR112R)
* 6 x 2.5 Gigabit ports (Puzzle-M902)
- External PHY with 6 ports (AQR112R)
3 x 10 Gigabit ports (Puzzle-M902)
- External PHY with 3 ports (AQR113R)
* 4 x Front panel LED
* 1 x USB 3.0
* Reset button on Rear panel
* UART (115200 8N1,header on PCB)
Flash instructions:
The original firmware is based on OpenWrt.
Flash firmware using LuCI and CLI
Signed-off-by: Ian Chang <ianchang@ieiworld.com>
(cherry picked from commit
70c75965a97799b44871249c205bad48fea9a4ae)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Ian Chang [Thu, 2 Sep 2021 09:47:01 +0000 (17:47 +0800)]
mvebu: backport CN9130 dts necessary files changes to 5.4
1. Add support for Marvell CN9130 SoC
2. Add support for CP115,and create an armada-cp11x.dtsi file which will be used to instantiate both CP110 and CP115
3. Add support for AP807/AP807-quad,AP807 is a major component of CN9130 SoC series
4. Drop PCIe I/O ranges from CP11x file and externalize PCIe macros from CP11x file
Signed-off-by: Ian Chang <ianchang@ieiworld.com>
(cherry picked from commit
c98ddf0f019986bbb4c868bfcaf97e0d1f4ee2dc)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Paul Spooren [Sun, 10 Oct 2021 09:09:46 +0000 (23:09 -1000)]
build: prereq detect Python 3.10 for `python3` binary
While the binary `python3.10` is correctly detected by the build system
the default `python3` binary is currently not detected if pointing to a
Python 3.10 installation.
Fix this by extending the grep regex.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
56ea2bf2eec431ccd3c566190a444ad63db39b65)
David Bauer [Wed, 2 Jun 2021 17:34:01 +0000 (19:34 +0200)]
kernel: ar8216: add get_features method
Modifying PHY capabilities in the probe function broke with upstream
commit
92ed2eb7f4b7 ("net: phy: probe the PHY before determining the
supported features").
AR8316 switches only support 10/100 Mbit/s link modes because of this
change.
Provide a get_features method for the PHY driver, so Gigabit link mode
will be advertised to link partners again.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
766e0f584a325b0b80a97bbc86ca515d97c63001)
Marcin Juszkiewicz [Tue, 28 Sep 2021 13:03:24 +0000 (15:03 +0200)]
prereq-build: recognize Python 3.10
Fedora 35 contains Python 3.10 as default version. Make use of it.
Signed-off-by: Marcin Juszkiewicz <marcin@juszkiewicz.com.pl>
[fix commit subject]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
e1c03ca18519f9683f6bfce1795e58d99575d895)
Paul Spooren [Sat, 2 Oct 2021 01:56:27 +0000 (15:56 -1000)]
build: fix `which` detection on Fedora & MacOS
Fix Fedora 34/35 issue where 'which' detection of 'which' wasn't working
because Fedora use alias and proc
Fixup of
fca5ad55d2 prereq-build: fix `which` detection on Fedora
Reported-by: Jani Partanen <rtfm@iki.fi>
Suggest-by: Etienne Champetier <champetier.etienne@gmail.com>
Tested-by: Georgi Valkov <gvalkov@abv.bg>
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
0d1ebf0d6d20f0439ab45b293f9daa7662c44ba6)
Martin Schiller [Mon, 4 May 2020 14:13:13 +0000 (16:13 +0200)]
uhttpd: make organization (O=) of the cert configurable via uci
Make the organization (O=) of the cert configurable via uci. If not
configured, use a combination of "OpenWrt" and an unique id like it was
done before.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit
2c6c1501af664490ec9b701b46a201e21c670b96)
Alan Swanson [Fri, 1 Oct 2021 15:46:32 +0000 (16:46 +0100)]
uboot-lantiq: fix sha1.h header clash when system libmd installed
Backport of u-boot commit "includes: move openssl headers to include/u-boot"
https://github.com/u-boot/u-boot/commit/
2b9912e6a7df7b1f60beb7942bd0e6fa5f9d0167
Fixes: FS#3955
Signed-off-by: Alan Swanson <reiver@improbability.net>
(cherry picked from commit
8db641049292035604f0e1fb788608fdea879eca)
Hauke Mehrtens [Sat, 2 Oct 2021 13:29:16 +0000 (15:29 +0200)]
kernel: bump 5.4 to 5.4.150
Manually rebased:
generic/backport-5.4/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch
generic/pending-5.4/800-bcma-get-SoC-device-struct-copy-its-DMA-params-to-th.patch
mvebu/patches-5.4/021-arm64-dts-marvell-armada-37xx-Move-PCIe-comphy-handl.patch
Removed upstreamed:
generic/backport-5.4/040-ARM-8918-2-only-build-return_address-if-needed.patch
layerscape/patches-5.4/819-uart-0004-MLK-18137-fsl_lpuart-Fix-loopback-mode.patch
All others updated automatically.
Compile-tested on: lantiq/xrx200, armvirt/64
Runtime-tested on: lantiq/xrx200, armvirt/64
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Sven Eckelmann [Wed, 22 Sep 2021 15:56:30 +0000 (17:56 +0200)]
ipq-wifi: Work around Plasma Cloud PA1200 5GHz crash
It was noticed [1] that the ath10k firmware crashes on 5GHz since OpenWrt
21.02.0. The problem seems to be triggered by the the nonLinearTxFir field
in the 5GHz BDF. If baseEepHeader.nonLinearTxFir (offset 0xc2) is 1 then
the firmware just crashes when setting up the 5Ghz radio using `ifconfig
wlan1 up`:
ath10k_ahb
a800000.wifi: firmware crashed! (guid
9e36ee82-4d2c-4c63-b20b-
609a1eaca30c)
ath10k_ahb
a800000.wifi: qca4019 hw1.0 target 0x01000000 chip_id 0x003b00ff sub 0000:0000
ath10k_ahb
a800000.wifi: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0
ath10k_ahb
a800000.wifi: firmware ver 10.4-3.6-00140 api 5 features no-p2p,mfp,peer-flow-ctrl,btcoex-param,allows-mesh-bcast,no-ps crc32
ba79b746
ath10k_ahb
a800000.wifi: board_file api 2 bmi_id 0:17 crc32
5f400efc
ath10k_ahb
a800000.wifi: htt-ver 2.2 wmi-op 6 htt-op 4 cal pre-cal-file max-sta 512 raw 0 hwcrypto 1
ath10k_ahb
a800000.wifi: firmware register dump:
ath10k_ahb
a800000.wifi: [00]: 0x0000000B 0x000015B3 0x009C3C27 0x00975B31
ath10k_ahb
a800000.wifi: [04]: 0x009C3C27 0x00060530 0x00000018 0x004176B8
ath10k_ahb
a800000.wifi: [08]: 0x00405A50 0x00412A30 0x00000000 0x00000000
ath10k_ahb
a800000.wifi: [12]: 0x00000009 0x00000000 0x009B9742 0x009B974F
ath10k_ahb
a800000.wifi: [16]: 0x00971238 0x009B9742 0x00000000 0x00000000
ath10k_ahb
a800000.wifi: [20]: 0x409C3C27 0x004053DC 0x00000D2C 0x00405A60
ath10k_ahb
a800000.wifi: [24]: 0x809C3E13 0x0040543C 0x00000000 0xC09C3C27
ath10k_ahb
a800000.wifi: [28]: 0x809B9AC5 0x0040547C 0x00412A30 0x0040549C
ath10k_ahb
a800000.wifi: [32]: 0x809B8ECD 0x0040549C 0x00000001 0x00412A30
ath10k_ahb
a800000.wifi: [36]: 0x809B8FF3 0x004054CC 0x00412838 0x00000014
ath10k_ahb
a800000.wifi: [40]: 0x809BEF98 0x0040551C 0x0041627C 0x00000002
ath10k_ahb
a800000.wifi: [44]: 0x80986D47 0x0040553C 0x0041627C 0x00416A88
ath10k_ahb
a800000.wifi: [48]: 0x809CBB0A 0x0040559C 0x0041ACC0 0x00000000
ath10k_ahb
a800000.wifi: [52]: 0x809864EE 0x0040560C 0x0041ACC0 0x00000001
ath10k_ahb
a800000.wifi: [56]: 0x809CA8A4 0x0040564C 0x0041ACC0 0x00000001
ath10k_ahb
a800000.wifi: Copy Engine register dump:
ath10k_ahb
a800000.wifi: [00]: 0x0004a000 14 14 3 3
ath10k_ahb
a800000.wifi: [01]: 0x0004a400 16 16 22 23
ath10k_ahb
a800000.wifi: [02]: 0x0004a800 3 3 2 3
ath10k_ahb
a800000.wifi: [03]: 0x0004ac00 15 15 15 15
ath10k_ahb
a800000.wifi: [04]: 0x0004b000 4 4 44 4
ath10k_ahb
a800000.wifi: [05]: 0x0004b400 3 3 2 3
ath10k_ahb
a800000.wifi: [06]: 0x0004b800 1 1 1 1
ath10k_ahb
a800000.wifi: [07]: 0x0004bc00 1 1 1 1
ath10k_ahb
a800000.wifi: [08]: 0x0004c000 0 0 127 0
ath10k_ahb
a800000.wifi: [09]: 0x0004c400 0 0 0 0
ath10k_ahb
a800000.wifi: [10]: 0x0004c800 0 0 0 0
ath10k_ahb
a800000.wifi: [11]: 0x0004cc00 0 0 0 0
ath10k_ahb
a800000.wifi: failed to update channel list: -108
ath10k_ahb
a800000.wifi: failed to set pdev regdomain: -108
ath10k_ahb
a800000.wifi: failed to create WMI vdev 0: -108
ieee80211 phy1: Hardware restart was requested
Since no actual solution is known (besides downgrading the ath10k firmware)
it seems to be better to disable the nonLinearTxFir for now.
[1] https://lore.kernel.org/ath10k/
3423718.UToCqzeSYe@ripper/
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit
8b090708208501a60e71d0118b9860dd401d7d8d)
Sven Eckelmann [Wed, 22 Sep 2021 15:56:30 +0000 (17:56 +0200)]
ipq-wifi: Update Plasma Cloud PA1200 BDFs to firmware 3.5.12
The official Plasma Cloud firmware adjusted the BDFs to contain new
conformance test limits and target power values. These should be imported
to avoid emissions outside the allowed limits.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit
e0721608f9620b570c7f18d94681e86b01c0b9a0)
Jesus Fernandez Manzano [Tue, 21 Sep 2021 10:49:30 +0000 (12:49 +0200)]
hostapd: fix segfault when deinit mesh ifaces
In hostapd_ubus_add_bss(), ubus objects are not registered for mesh
interfaces. This provokes a segfault when accessing the ubus object in
mesh deinit.
This commit adds the same condition to hostapd_ubus_free_bss() for
discarding those mesh interfaces.
Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
(cherry picked from commit
5269c47e8db549695ceaf6a19afdd0cb90074622)
David Bauer [Thu, 23 Sep 2021 19:01:37 +0000 (21:01 +0200)]
rockchip: fix broken squashfs sysupgrade
The rockchip platform supports squashfs SD card images. However, the
resulting image is not padded to completely fill the rootfs partition.
Because of that, the f2fs overlay might not be erased, resulting in
uci-defaults not bing executed or the configuration not being erased,
even though drop config was selected.
Modify the image generation process so the image is padded to cover the
entire root filesystem partition.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
b56f7407d999d29c200c8c5880655926ef9874b7)
Christian Lamparter [Thu, 23 Sep 2021 16:37:38 +0000 (18:37 +0200)]
apm821xx: MBL: band-aid MBL DUO
Takimata reported on the OpenWrt forum in thread [0], that his
MyBook Live Duo wasn't booting OpenWrt 21.02 after upgrading
from the previous OpenWrt 19.07.
The last logged entries on his console
|[ 0.531599] sata1-regulator GPIO handle specifies active low - ignored
|[ 0.538391] sata0-regulator GPIO handle specifies active low - ignored
|[ 0.759791] ata2: SATA link down (SStatus 0 SControl 300)
|[ 0.765251] ata1: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
|[ 5.909555] ata1.00: qc timeout (cmd 0xec)
|[ 5.913656] ata1.00: failed to IDENTIFY (I/O error, err_mask=0x4)
|[ 6.231757] ata1: SATA link down (SStatus 0 SControl 300)
This extract clearly showed that the HDD on which OpenWrt is installed,
simply disappeared after the SATA power regulators had been initialized.
Since the device-tree regulators haven't changed since the OpenWrt 19.07
days this will require further investigation on the snapshot/master/trunk
branch.
For the time being, it was requested to just delete the nodes so,
the device will boot again. Which unfortunately, will have to wait
until 21.02.1 is released.
He also confirmed that the My Book Live Single wasn't affected.
It works with or without this change.
[0] <https://forum.openwrt.org/t/21-02-0-and-snapshot-fail-to-boot-on-my-book-live-duo/106585>
Reported-by: Takimata (forum.openwrt.org/u/takimata)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Hauke Mehrtens [Tue, 14 Sep 2021 21:51:34 +0000 (23:51 +0200)]
mac80211: Update to backports-5.10.68
Refresh all patches.
The removed patches were integrated upstream.
This contains fixes for CVE-2020-3702
1. These patches (ath, ath9k, mac80211) were included in kernel
versions since 4.14.245 and 4.19.205. They fix security vulnerability
CVE-2020-3702 [1] similar to KrØØk, which was found by ESET [2].
Thank you Josef Schlehofer for reporting this problem.
[1] https://nvd.nist.gov/vuln/detail/CVE-2020-3702
[2] https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Alexander Couzens [Tue, 1 Jun 2021 21:09:26 +0000 (21:09 +0000)]
ramips: add support for minew g1-c
The minew g1-c is a smart home gateway / BLE gateway.
A Nordic nRF52832 is available via USB UART (cp210x) to support BLE.
The LED ring is a ring of 24x ws2812b connect to a generic GPIO (unsupported).
There is a small LED which is only visible when the device is open which
will be used as LED until the ws2812b is supported.
The board has also a micro sdcard/tfcard slot (untested).
The Nordic nRF52832 exposes SWD over a 5pin header (GND, VCC, SWD, SWC, RST).
The vendor uses an older OpenWrt version, sysupgrade can be used via
serial or ssh.
CPU: MT7628AN / 580MHz
RAM: DDR2 128 MiB RAM
Flash: SPI NOR 16 MiB W25Q128
Ethernet: 1x 100 mbit (Port 0) (PoE in)
USB: USB hub, 2x external, 1x internal to USB UART
Power: via micro usb or PoE 802.11af
UART: 3.3V, 115200 8n1
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Sven Eckelmann [Sat, 11 Sep 2021 06:33:30 +0000 (08:33 +0200)]
ipq40xx: Fix board-2.bin package name for Plasma Cloud PA2200
The board data file for the Plasma Cloud PA2200 is not part of the default
board-2.bin which is shipped by ath10k-board-qca4019. A typo in the device
package name resulted in a not correctly selected package for the device
specific board-2.bin. The wifi driver has therefore loaded the wrong
calibration information into the wifi chip.
Fixes: 4871fd2616ac ("ipq40xx: add support for Plasma Cloud PA2200")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit
c7e9335e4c23f3bd074cb2b215a289b8b75f319c)
Sven Eckelmann [Sat, 11 Sep 2021 06:33:30 +0000 (08:33 +0200)]
ipq40xx: Fix board-2.bin package name for Plasma Cloud PA1200
The board data file for the Plasma Cloud PA1200 is not part of the default
board-2.bin which is shipped by ath10k-board-qca4019. A typo in the device
package name resulted in a not correctly selected package for the device
specific board-2.bin. The wifi driver has therefore loaded the wrong
calibration information into the wifi chip.
Fixes: ea5bb6bbfee0 ("ipq40xx: add support for Plasma Cloud PA1200")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit
d0ffc175350f2be6174932dc0afd4d2737afe52d)
Sven Eckelmann [Sat, 11 Sep 2021 06:33:30 +0000 (08:33 +0200)]
ipq40xx: Select correct board-2.bin for EnGenius EMR3500
The board data file for the EnGenius EMR3500 is not part of the default
board-2.bin which is shipped by ath10k-board-qca4019. As result, the wrong
calibration information will be loaded into the wifi chip.
Fixes: 3f61e5e1b97e ("ipq40xx: add support for EnGenius EMR3500")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit
14bd392a1cd0b8e267e4402ae27b3c5a8f66b933)
Sven Eckelmann [Sat, 11 Sep 2021 06:33:30 +0000 (08:33 +0200)]
ipq40xx: Select correct board-2.bin for EnGenius EMD1
The board data file for the EnGenius EMD1 is not part of the default
board-2.bin which is shipped by ath10k-board-qca4019. As result, the wrong
calibration information will be loaded into the wifi chip.
Fixes: 51f303597839 ("ipq40xx: add support for EnGenius EMD1")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit
d9f4a4280e674ddb4ec75ae2d73b0f86e0c282cc)
Fabian Bläse [Sun, 29 Aug 2021 19:21:35 +0000 (21:21 +0200)]
kernel: backport switchdev fix for bridge in bridge configurations
This patch fixes the forwarding behavior of bridge in bridge
configurations with DSA.
Without it, the configuration of the upper bridge might overwrite
settings of the lower bridge. For example, a vlan-aware bridge
with DSA interfaces in it might be offloaded to the DSA hardware. If the
bridge interface itself gets slave of a different bridge without vlan
filtering, the vlan filtering setting of the lower bridge is overwritten
by the upper bridge, which results in an incorrect hardware
configuration.
This was backported from kernel 5.7.
Ref: https://lore.kernel.org/netdev/
20191222192235.GK25745@shell.armlinux.org.uk/
Fixes: FS#3996
Signed-off-by: Fabian Bläse <fabian@blaese.de>
(cherry picked from commit
c50ece58c41647880cc74c927d98b465cdfbdad8)
Hauke Mehrtens [Sun, 12 Sep 2021 11:05:30 +0000 (13:05 +0200)]
kernel: Add missing kernel config options
These options are selectable when some of the kernel debug options like
KERNEL_SOFTLOCKUP_DETECTOR are selected.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
1a3b3dc7974c98843baeb22251dc4c580dc771d6)
Hauke Mehrtens [Sun, 12 Sep 2021 10:56:48 +0000 (12:56 +0200)]
build: Replace KERNEL_LOCKUP_DETECTOR with KERNEL_SOFTLOCKUP_DETECTOR
The LOCKUP_DETECTOR configuration option split into the
SOFTLOCKUP_DETECTOR and HARDLOCKUP_DETECTOR configuration option some
time ago. The HARDLOCKUP_DETECTOR option is only working on some
architectures, but SOFTLOCKUP_DETECTOR should work everywhere. Replace
KERNEL_LOCKUP_DETECTOR with KERNEL_SOFTLOCKUP_DETECTOR.
LOCKUP_DETECTOR will be selected by SOFTLOCKUP_DETECTOR automatically.
Fixes: b951f53fbae3 ("build: Add additional kernel debug options")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
d27f6e2c5d2a2315cc8fe684d117c80aa9984ca8)
Pawel Dembicki [Thu, 24 Jun 2021 11:10:09 +0000 (13:10 +0200)]
kirkwood: increase kernel partition of Linksyses
At this moment kernel partition in Linksyses EA3500/E4200/EA4500 is
ended before start of rootfs partition. It was introduced in
9808b9ae02
and it broke easy revert to stock. Sysupgrade, when OFW is used, write
whole stock image to kernel partition. Most likeley image will be bigger
than small kernel partition and it make stock system invalid.
This patch change size of kernel partitions and now it overlaps rootfs.
Revert to stock will be possible again.
Fixes: 9808b9ae02 ("kirkwood: switch to kernel 4.9")
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Tomasz Maciej Nowak [Mon, 12 Jul 2021 16:16:30 +0000 (18:16 +0200)]
mvebu: limit mvneta tx queue workaround to 32 bit SoC
This patch has been carried since introduction throughout every kernel
major bump and no one has tested if the later kernels improved the
situation. The Armada 3720 SoC can only process GbE interrupts on Core 0
and this is already limited in all stable kernels, so ditch this
workaround for 64 bit SoCs.
Ref: https://git.kernel.org/torvalds/c/
cf9bf871280d
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(cherry picked from commit
cbdd2b62e4d5e0572204c37d874d32dc8610840e)
Hauke Mehrtens [Wed, 1 Sep 2021 19:53:58 +0000 (21:53 +0200)]
OpenWrt v21.02.0: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Wed, 1 Sep 2021 19:53:53 +0000 (21:53 +0200)]
OpenWrt v21.02.0: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Jan-Niklas Burfeind [Fri, 27 Aug 2021 17:25:47 +0000 (19:25 +0200)]
ath79: add support for onion omega
The Onion Omega is a hardware development platform with built-in WiFi.
https://onioniot.github.io/wiki/
Specifications:
- QCA9331 @ 400 MHz (MIPS 24Kc Big-Endian Processor)
- 64MB of DDR2 RAM running at 400 MHz
- 16MB of on-board flash storage
- Support for USB 2.0
- Support for Ethernet at 100 Mbps
- 802.11b/g/n WiFi at 150 Mbps
- 18 digital GPIOs
- A single Serial UART
- Support for SPI
- Support for I2S
Flash instructions:
The device is running OpenWrt upon release using the ar71xx target.
Both a sysupgrade
and uploading the factory image using u-boots web-UI do work fine.
Depending on the ssh client, it might be necessary to enable outdated
KeyExchange methods e.g. in the clients ssh-config:
Host 192.168.1.1
KexAlgorithms +diffie-hellman-group1-sha1
The stock credentials are: root onioneer
For u-boots web-UI manually configure `192.168.1.2/24` on your computer,
connect to `192.168.1.1`.
MAC addresses as verified by OEM firmware:
2G phy0 label
LAN eth0 label - 1
LAN is only available in combination with an optional expansion dock.
Based on vendor acked commit:
commit
5cd49bb067ca ("ar71xx: add support for Onion Omega")
Partly reverts:
commit
fc553c7e4c8e ("ath79: drop unused/incomplete dts")
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit
d98738b5c118fc45068b45f07b8b6938e91f35d2)
Hauke Mehrtens [Sun, 29 Aug 2021 19:27:20 +0000 (21:27 +0200)]
kernel: bump 5.4 to 5.4.143
Manually rebased:
bcm27xx/patches-5.4/950-1031-net-lan78xx-Ack-pending-PHY-ints-when-resetting.patch
Removed upstreamed:
mvebu/patches-5.4/100-cpufreq-armada-37xx-forbid-cpufreq-for-1.2-GHz-variant.patch
All others updated automatically.
Compile-tested on: lantiq/xrx200, armvirt/64
Runtime-tested on: lantiq/xrx200, armvirt/64
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Eneas U de Queiroz [Thu, 26 Aug 2021 17:37:56 +0000 (14:37 -0300)]
openssl: bump to 1.1.1l
This version fixes two vulnerabilities:
- SM2 Decryption Buffer Overflow (CVE-2021-3711)
Severity: High
- Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
Severity: Medium
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
7119fd32d397567931e63dbbf72014e95624018f)
Andre Heider [Tue, 10 Aug 2021 10:22:17 +0000 (12:22 +0200)]
prereq-build: require python3-distutils
Debian and Ubuntu ship a python3-minimal package which does not include
the distutils module. This is not supported by upstream and can be
considered a broken python distribution.
In practice, many scripts depend on said module, and this is a reoccuring
pain point for building various OpenWrt packages.
Require and check for said module, enough time has been wasted on this.
A list of just the most recent issues:
https://github.com/openwrt/packages/pull/16304
https://github.com/openwrt/packages/pull/16027
https://github.com/openwrt/packages/pull/15443
https://github.com/openwrt/packages/pull/14394
https://github.com/openwrt/packages/pull/12909
https://github.com/openwrt/packages/issues/12443
https://github.com/openwrt/packages/pull/11035
https://github.com/openwrt/packages/issues/10993
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit
60af8d753343691c4a647bfc7c51ef6eb92df9f2)
Hauke Mehrtens [Sun, 8 Aug 2021 22:03:43 +0000 (00:03 +0200)]
uboot-layerscape: fix dtc compilation on host gcc 10
Backport a patch from upstream U-Boot to fix the compile with host GCC 10.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
8d143784cb8fafccdbcdc0bd5d1aa47d3d676f70)
Hauke Mehrtens [Fri, 20 Aug 2021 22:07:54 +0000 (00:07 +0200)]
uboot-at91: fix dtc compilation on host gcc 10
Backport a patch from upstream U-Boot to fix the compile with host GCC 10.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
a1034afba8ea8bec48e2528fdae0fb74a6757e53)
David Bauer [Thu, 19 Aug 2021 18:40:29 +0000 (20:40 +0200)]
kernel: bump 5.4 to 5.4.142
Compile-tested: ath79-generic ipq40xx-generic
Run-tested: ipq40xx-generic
Signed-off-by: David Bauer <mail@david-bauer.net>
Stijn Tintel [Wed, 18 Aug 2021 13:11:11 +0000 (16:11 +0300)]
ipq40xx: fix Edgecore ECW5211 boot
The bootloader will look for a configuration section named ap.dk01.1-c2
in the FIT image. If this doesn't exist, the device won't boot.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
a43da1be43ae251f0edaa6419612e600fc6ec972)
Paul Blazejowski [Wed, 21 Jul 2021 22:28:20 +0000 (18:28 -0400)]
ath79: kernel: Add missing quote to drivers/mfd/Kconfig
A missing quote in target/linux/ath79/patches-5.x/920-mikrotik-rb4xx.patch
produces:
...
scripts/kconfig/conf --syncconfig Kconfig
drivers/mfd/Kconfig:2016:warning: multi-line strings not supported
...
This patch adds missing closing quote, fixing the above warning.
Signed-off-by: Paul Blazejowski <paulb@blazebox.homeip.net>
(cherry picked from commit
f7374bce00a97fda78ace3acaef48369e8246814)
Álvaro Fernández Rojas [Sat, 21 Aug 2021 17:03:24 +0000 (19:03 +0200)]
bcm27xx-userland: update to latest version
Properly recognise all BCM2711 variants
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Michael Heimpold [Sat, 27 Mar 2021 19:48:30 +0000 (20:48 +0100)]
bcm27xx-userland: factor out a -dev package
Installing headers and static libraries to the target system seems
to be not required for most use cases, so let's factor them
out into a dedicated -dev package.
This cuts down to disk usage to around 50% of the original
package to ~ 2MB - not that disk space is an issue normally,
but when using inside an initramfs only project, it counts.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Edgar Su [Mon, 12 Jul 2021 13:22:48 +0000 (21:22 +0800)]
x86: kernel: set NR_CPUS to 512
NR_CPUS limits the number of CPUs supported to 8. This makes total sense
on hardware-restircted platforms, but not on x86_64, where CPUs with
more than 8 cores can be easily acquired and with less physical limitaions.
see also: https://forum.openwrt.org/t/x86-64-8-cpu-limitation-on-vanilla-release/100946
Signed-off-by: Edgar Su <sjs333@outlook.com>
(cherry picked from commit
df554e6fcab171ec499d8fb2ed10a0da328323f3)
Daniel Kestrel [Sun, 25 Jul 2021 18:32:05 +0000 (20:32 +0200)]
fritz-tools: fix returning wrong values due to strncmp usage
When having two keys that start with the same characters and the second
key just has one character more nand_tffs_read and tffs_read return the
wrong value for the longer key. This is due to the usage of strncmp in
combination with the length of the shorter key which is usually first in
the list before the longer key and when strncmp matches, the search is
stopped. The problem only occurs when the length of the two keys is
different, not if just the last character is different. The fix is to
use strcmp and as such it will only return the value if the key (name)
and the key to look for (namefilter) have the same value and length. A
sample case returning wrong values is when keys macwlan and macwlan2 are
defined and querying macwlan2 returns the value for macwlan.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
(cherry picked from commit
12564c5b860f9849c9a2fb7026c2c11150b9a4fc)
Rosen Penev [Tue, 13 Jul 2021 20:27:09 +0000 (13:27 -0700)]
mbedtls: update to 2.16.11
Switched to AUTORELEASE to avoid manual increments.
Release notes:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.11
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
fcfd741eb83520e496eb09de5f8b2f2b62792a80)
Josef Schlehofer [Tue, 27 Jul 2021 11:22:31 +0000 (13:22 +0200)]
mvebu: armada-37xx: add patch to forbid cpufreq for 1.2 GHz
This patch is backported from linux-arm-kernel [1] to improve situation, when
it was reported that 1.2 GHz variant is unstable with DFS.
It waits to be accepted upstream, however, it waits for Marvell people to respond.
[1] https://patchwork.kernel.org/project/linux-arm-kernel/patch/
20210630225601.6372-1-kabel@kernel.org/
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
d3794768177293f584cc74f90c921276793da1e7)
Josef Schlehofer [Tue, 27 Jul 2021 11:22:30 +0000 (13:22 +0200)]
Revert "mvebu: 5.4 fix DVFS caused random boot crashes"
Based on the discussion on the mailing list [1], the patch which was
reverted, it reverts only one patch without the subsequent ones.
This leads to the SoC scaling issue not using a CPU parent clock, but
it uses DDR clock. This is done for all variants, and it's wrong because
commits (hacks) that were using the DDR clock are no longer in the mainline kernel.
If someone has stability issues on 1.2 GHz, it should not affect all
routers (1 GHz, 800 MHz) and it should be rather consulted with guys, who are trying to
improve the situation in the kernel and not making the situation worse.
There are two solutions in cases of instability:
a) disable cpufreq
b) underclock it up to 1 GHz
This reverts commit
080a0b74e39d159eecf69c468debec42f28bf4d8.
[1] https://lists.openwrt.org/pipermail/openwrt-devel/2021-June/035702.html
CC: Pali Rohár <pali@kernel.org>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
7b868fe04a8961048feec1143e72fe47bde52a12)
Daniel Golle [Sun, 1 Aug 2021 14:05:18 +0000 (15:05 +0100)]
dnsmasq: reset EXTRA_MOUNT in the right place
EXTRA_MOUNT variable should be reset in dnsmasq_start() rather than
just once at the beginning of the script.
Fixes: ac4e8aa2f8 ("dnsmasq: fix more dnsmasq jail issues")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
ddc8d085f39dea998f59680fb556ca72d779a3b1)
Daniel Golle [Sun, 1 Aug 2021 10:25:41 +0000 (11:25 +0100)]
dnsmasq: fix more dnsmasq jail issues
* remove superflus mounts of /dev/null and /dev/urandom
* reset EXTRA_MOUNTS at the beginning of the script
* add mount according to ignore_hosts_dir
* don't add mount for file which is inside a directory already in the
EXTRA_MOUNTS list
Fixes: 59c63224e1 ("dnsmasq: rework jail mounts")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
ac4e8aa2f8d98158ea7b749f877269f1f5fa9c5a)
Daniel Golle [Sun, 1 Aug 2021 02:33:52 +0000 (03:33 +0100)]
dnsmasq: rework jail mounts
* split into multiple lines to improve readability
* use EXTRA_MOUNT for addnhosts instead of blindly adding /tmp/hosts
* remove no longer needed mount for /sbin/hotplug-call
* add dhcp-script.sh dependencies (jshn, ubus)
Fixes: 3a94c2ca5c ("dnsmasq: add /tmp/hosts/ to jail_mount")
Fixes: aed95c4cb8 ("dnsmasq: switch to ubus-based hotplug call")
Reported-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
59c63224e11d6c4eca27131a73bf16218e47a271)
Kevin Darbyshire-Bryant [Thu, 1 Jul 2021 18:50:22 +0000 (19:50 +0100)]
dnsmasq: use local option for local domain parameter
'--local' is a synonym for '--server' so let's use '--local' in the
resultant config file for uci's 'local' instead of uci's local
parameter being turned into '--server'. Slightly less confusion all
round.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
e4cfefa9fc3d22da5705b554785ba9c533c373d0)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
João Henriques [Sun, 18 Apr 2021 22:41:30 +0000 (23:41 +0100)]
dnsmasq: add ignore hosts dir to dnsmasq init script
When running multiple instances of dnsmasq, for example one being for the lan
and another for a guest network, it might not be desirable to have the same dns names
configured in both networks
Signed-off-by: João Henriques <joaoh88@gmail.com>
(cherry picked from commit
e8a5670122e04574fdb5855ecd63d18f317c5bfd)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hauke Mehrtens [Sun, 1 Aug 2021 17:39:03 +0000 (19:39 +0200)]
OpenWrt v21.02.0-rc4: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 1 Aug 2021 17:38:53 +0000 (19:38 +0200)]
OpenWrt v21.02.0-rc4: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Thu, 29 Jul 2021 20:42:38 +0000 (22:42 +0200)]
kernel: bump 5.4 to 5.4.137
Manually rebased
generic/pending-5.4/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
All others updated automatically.
Compile-tested on: ramips/mt7621, armvirt/32
Runtime-tested on: ramips/mt7621, armvirt/32
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
David Bauer [Thu, 29 Jul 2021 20:58:57 +0000 (22:58 +0200)]
ramips: mt76x8: add missing config symbol
PWM_MEDIATEK was not defined, breaking builds for the mt76x8 subtarget.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Thu, 29 Jul 2021 20:58:09 +0000 (22:58 +0200)]
x86: move Kconfig symbol to common config
This is required for all x86 targets. x86-legacy missed this config
symbol, breaking the build.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Thu, 29 Jul 2021 20:57:24 +0000 (22:57 +0200)]
generic: add missing Kconfig symbol
Fixes build errors for sunxi as well as rockchip targets.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Wed, 28 Jul 2021 12:17:13 +0000 (14:17 +0200)]
ath79: fix JT-OR750i switch LED assignment
The LEDs for LAN1 and LAN3 were swapped. Link on port 1 would illuminate
the LED on port 3 and vice versa.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
f0a885ed8636b9762d12f2eb2755f63297ff0cb5)
David Bauer [Wed, 28 Jul 2021 11:52:22 +0000 (13:52 +0200)]
ath79: enable missing pinmux for JT-OR750i
Without explicit configuration of these pins the ethernet as well as
status LED of the device do not work correctly.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
4feb9a4211d4c8e118e6b8f01fa0bbd4eab5d35c)
Vincent Wiemann [Sun, 20 Jun 2021 14:56:21 +0000 (16:56 +0200)]
ath79: add support for Joy-IT JT-OR750i
Specifications:
* QCA9531, 16 MiB flash (Winbond W25Q128JVSQ), 128 MiB RAM
* 802.11n 2T2R (external antennas)
* QCA9887, 802.11ac 1T1R (connected with diplexer to one of the antennas)
* 3x 10/100 LAN, 1x 10/100 WAN
* UART header with pinout printed on PCB
Installation:
* The device comes with a bootloader installed only
* The bootloader offers DHCP and is reachable at http://10.123.123.1
* Accept the agreement and flash sysupgrade.bin
* Use Firefox if flashing does not work
TFTP recovery with static IP:
* Rename sysupgrade.bin to jt-or750i_firmware.bin
* Offer it via TFTP server at 192.168.0.66
* Keep the reset button pressed for 4 seconds after connecting power
TFTP recovery with dynamic IP:
* Rename sysupgrade.bin to jt-or750i_firmware.bin
* Offer it via TFTP server with a DHCP server running at the same address
* Keep the reset button pressed for 6 seconds after connecting power
Co-authored-by: Sebastian Schaper <openwrt@sebastianschaper.net>
Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
(cherry picked from commit
55b4b3655263984b92e4b9fc515a5e6b8003c655)
Felix Fietkau [Mon, 26 Jul 2021 18:42:48 +0000 (20:42 +0200)]
netifd: update to the latest version
440eb0647708 bridge: fix regression in bringing up bridge ports
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
39f81b0bf687017b4d086255c94166e662ac177e)
Felix Fietkau [Sun, 25 Jul 2021 04:26:20 +0000 (06:26 +0200)]
netifd: update to the latest version
85f01c44a950 bridge: check bridge port vlan membership on link-up events
17e453bd68b4 wireless: add back regular virtual interfaces on hotplug-add events as well
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
2801fe6132c4e2e364e2d5a304594185351b501b)