Andre Heider [Tue, 21 Jun 2022 12:08:55 +0000 (14:08 +0200)]
arm-trusted-firmware-mvebu: bump a3700-utils to current version
1d97715 wtmi: Discard ELF symbols from firmware binary
2d2a21c wtmi: Allow access to the 43th OTP row
e733e9f Fix boot from SATA build
4392eaf wtmi: Fix sending status code of cmd execution
14b3c61 Wtpdownloader: Remove out-of-dated x86-64 ELF binary WtpDownload_linux
e345b95 Wtpdownloader: Fix setting tty c_cflag options
0c502d5 Wtpdownloader: Call HandlePendingMessages() after Port->WtpCmd is freed
d91761a Wtpdownloader: Fix memory leaks
bc11d18 Wtpdownloader: Check for number of read bytes prior touching read buffer
58db335 Wtpdownloader: Add missing check in SendContinuousForceConsoleMode() if byte was really read
a4029c0 Wtpdownloader: Fix 32/64-bit host detection
3679034 Wtpdownloader: Print missing newline at the end of output
Signed-off-by: Andre Heider <a.heider@gmail.com>
Andre Heider [Mon, 11 Jul 2022 17:49:21 +0000 (19:49 +0200)]
uboot-mvebu: update to v2022.07
Remove one merged patch.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Tested-by: Josef Schlehofer <pepe.schlehofer@gmail.com> [Turris Omnia]
Michael Pratt [Wed, 20 Jul 2022 23:17:22 +0000 (19:17 -0400)]
tools/libressl: disable assembly code for all hosts
This SSL library is for hosts only
and not shipped as a build product,
therefore its performance quality (speed) is not critical.
Assembly code is broken in LibreSSL for some x86_64 hosts (part of git history)
and for some RISC host archs like armv7l, aarch64, powerpc, ppc64, etc...
so let's just disable it for all hosts.
For example, this fixes an instance on ARM hosts
where the host Python 3 builds broken modules which link to LibreSSL,
even with patches that enable LibreSSL support
with the import error "unexpected reloc type 3".
Ref:
a395563f6 ("build: fix libressl build on x32 (amd64ilp32) host ")
Suggested-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Michael Pratt [Wed, 20 Jul 2022 23:14:10 +0000 (19:14 -0400)]
tools/libressl: ensure PIC-only object compilation
Line up configure arguments for cleaner git diff and editing and grepping.
LibreSSL must be built with PIC, and has the flags for it already in CFLAGS.
Add the configure option native to LibreSSL to use only PIC in objects,
which further enforces that each object in the library has the PIC flag
to prevent a mixture of PIC / non-PIC objects within it.
Ref:
96a940308 ("tools: libressl: always build as PIC")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Hauke Mehrtens [Sat, 30 Jul 2022 23:24:00 +0000 (01:24 +0200)]
mac80211: Update to version 5.15.58-1
This updates mac80211 to version 5.15.58-1 which is based on kernel
5.15.58.
The removed patches were applied upstream.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Sander Vanheule [Sun, 31 Jul 2022 13:19:29 +0000 (15:19 +0200)]
tools: bump 7z package to 22.01
Version 22.00 of 7z causes build failures on systems using GCC 12 with
the following error:
../../../../C/LzmaEnc.c: In function 'LzmaEnc_CodeOneMemBlock':
../../../../C/LzmaEnc.c:2996:19: error: storing the address of local
variable 'outStream' in '*p.rc.outStream' [-Werror=dangling-pointer=]
2996 | p->rc.outStream = &outStream.vt;
| ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~
../../../../C/LzmaEnc.c:2979:28: note: 'outStream' declared here
2979 | CLzmaEnc_SeqOutStreamBuf outStream;
| ^~~~~~~~~
../../../../C/LzmaEnc.c:2979:28: note: 'pp' declared here
Upgrade to version 22.01 which contains the required fix.
Fixes: 5fcc6f0f1942 ("tools: add 7z host package")
Suggested-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Boris Krasnovskiy [Fri, 22 Jul 2022 15:06:38 +0000 (11:06 -0400)]
ustream-ssl: prevent unused crypto lib dependencies from being compiled
Prevented unused crypto lib dependencies from being compiled
Signed-off-by: Boris Krasnovskiy <borkra@gmail.com>
Boris Krasnovskiy [Fri, 22 Jul 2022 15:06:10 +0000 (11:06 -0400)]
hostapd: prevent unused crypto lib dependencies from being compiled
Prevented unused crypto lib dependencies from being compiled
Signed-off-by: Boris Krasnovskiy <borkra@gmail.com>
John Audia [Thu, 21 Jul 2022 19:59:30 +0000 (15:59 -0400)]
wolfssl: fix math library build
Apply upstream patch[1] to fix breakage around math libraries.
This can likely be removed when 5.5.0-stable is tagged and released.
Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B
1. https://github.com/wolfSSL/wolfssl/pull/5390
Signed-off-by: John Audia <therealgraysky@proton.me>
Nick Hainke [Tue, 26 Jul 2022 14:18:51 +0000 (16:18 +0200)]
libcap: update to 2.65
Changes:
a47d86d Up the release version to 2.65
fc99e56 Include more signatures in pgp.keys.asc.
52288cc Close out this comment in the go/Makefile
eb0f1df Prevent 'capsh --user=xxx --' from generating a bash error.
9a95791 Improve documentation for cap_get_pid and cap_reset_ambient.
21d08b0 Fix syntax error in DEBUG protected setcap.c code.
9425048 More useful captree usage string and man page.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Nick Hainke [Tue, 26 Jul 2022 14:16:27 +0000 (16:16 +0200)]
libcap: update to 2.64
Changes:
38cfa2e Up the release version to 2.64
7617af6 Avoid a deadlock in forked psx thread exit.
fc029cb Include LIBCAP_{MAJOR,MINOR} #define's in sys/capability.h
ceaa591 Clarify how the cap_get_pid() argument is interpreted.
15cacf2 Fix prctl return code/errno handling in libcap.
aae9374 Be explicit about CGO_ENABLED=1 for compare-cap build.
66a8a14 psx: free allocated memory at exit.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Nick Hainke [Tue, 26 Jul 2022 14:46:44 +0000 (16:46 +0200)]
mtools: update to 4.0.40
Changes:
- Remove libbsd dependency
- Better compatibility with legacy platforms such as AT&T UnixPC
- Upgraded to autoconf 2.71
Signed-off-by: Nick Hainke <vincent@systemli.org>
Dávid Benko [Fri, 29 Jul 2022 12:55:21 +0000 (14:55 +0200)]
odhcp6c: update to latest git HEAD
9212bfc odhcp6c: fix IA discard when T1 > 0 and T2 = 0
Signed-off-by: Dávid Benko <davidbenko@davidbenko.dev>
Daniel Golle [Tue, 26 Jul 2022 08:17:07 +0000 (10:17 +0200)]
kernel: add kmod-nvme package
Add driver for NVM Express block devices, ie. PCIe connected SSDs.
Targets which allow booting from NVMe (x86, maybe some mvebu boards come
to mind) should have it built-in, so rootfs can be mounted from there.
For targets without NVMe support in bootloader or BIOS/firmware it's
sufficient to provide the kernel module package.
On targets having the NVMe driver built-in the resulting kmod package
is an empty dummy. In any case, depending on or installing kmod-nvme
results in driver support being available (either because it was already
built-in or because the relevant kernel modules are added and loaded).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 14 Jul 2022 03:25:36 +0000 (04:25 +0100)]
image-commands: fix generating out-of-tree DTO
Hack path so DTO generation works also for out-of-tree device tree
sources which currently fail.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sun, 17 Jul 2022 20:41:31 +0000 (21:41 +0100)]
uboot-mediatek: reorder patches
Rename/reorder patches to avoid duplicate usage of 300-* prefix.
No functional changes.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Jo-Philipp Wich [Sun, 24 Jul 2022 11:23:36 +0000 (13:23 +0200)]
wolfssl: make shared again
Disable the usage of target specific CPU crypto instructions by default
to allow the package being shared again. Since WolfSSL does not offer
a stable ABI or a long term support version suitable for OpenWrt release
timeframes, we're forced to frequently update it which is greatly
complicated by the package being nonshared.
People who want or need CPU crypto instruction support can enable it in
menuconfig while building custom images for the few platforms that support
them.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
John Audia [Fri, 29 Jul 2022 16:25:26 +0000 (12:25 -0400)]
kernel: bump 5.10 to 5.10.134
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
John Audia [Mon, 25 Jul 2022 14:16:43 +0000 (10:16 -0400)]
x86: update defconfig for 5.10.133
Add some new/missing symbols relating to speculative execution mitigations[1].
1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/arch/x86/Kconfig?id=v5.10.133&id2=v5.10.132
Signed-off-by: John Audia <therealgraysky@proton.me>
John Audia [Mon, 25 Jul 2022 13:21:12 +0000 (09:21 -0400)]
kernel: bump 5.10 to 5.10.133
All patches automatically rebased.
Build system: x86_64
Build-tested: ipq806x/R7800
Signed-off-by: John Audia <therealgraysky@proton.me>
John Audia [Thu, 21 Jul 2022 20:19:32 +0000 (16:19 -0400)]
kernel: bump 5.10 to 5.10.132
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
Rafał Miłecki [Thu, 28 Jul 2022 15:46:33 +0000 (17:46 +0200)]
bcm4908: enable & setup packet steering
Without packet steering NAT masquarade speed on BCM4908 /jumps/ between
two speeds:
1. 826 Mb/s (±3 Mb/s)
2. 909 Mb/s (±8 Mb/s)
and it never reaches ~940 Mb/s.
Proper packet steering can improve it. Below are testing results for
running iperf TCP traffic from LAN to WAN. They were used to pick up
golden values.
┌──────────┬──────────┬───────────┐
│ eth0 │ br-lan │ speed │
│ rps_cpus │ rps_cpus │ [Mbps] │
├──────────┼──────────┼───────────┤
│ 0 │ 0 │ 743 / 804 │
│ 0 │ 1 │ 738 / 821 │
│ 0 │ 2 │ ✓ 940 │
│ 0 │ 4 │ ✓ 938 │
│ 0 │ 8 │ ✓ 941 │
├──────────┼──────────┼───────────┤
│ 1 │ 0 │ 829 │
│ 1 │ 1 │ 829 │
│ 1 │ 2 │ ✓ 942 │
│ 1 │ 4 │ ✓ 941 │
│ 1 │ 8 │ ✓ 941 │
├──────────┼──────────┼───────────┤
│ 2 │ 0 │ ✓ 942 │
│ 2 │ 1 │ 926 │
│ 2 │ 2 │ ✓ 942 │
│ 2 │ 4 │ ✓ 942 │
│ 2 │ 8 │ ✓ 941 │
├──────────┼──────────┼───────────┤
│ 4 │ 0 │ ✓ 941 │
│ 4 │ 1 │ 925 │
│ 4 │ 2 │ ✓ 941 │
│ 4 │ 4 │ ✓ 941 │
│ 4 │ 8 │ ✓ 941 │
├──────────┼──────────┼───────────┤
│ 8 │ 0 │ ✓ 942 │
│ 8 │ 1 │ 925 │
│ 8 │ 2 │ ✓ 941 │
│ 8 │ 4 │ ✓ 942 │
│ 8 │ 8 │ ✓ 942 │
└──────────┴──────────┴───────────┘
Ref:
fcbd39689ebfe ("bcm53xx: enable & setup packet steering")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Daniel Golle [Thu, 28 Jul 2022 14:45:03 +0000 (16:45 +0200)]
Revert "realtek: remove support for HPE 1920 series"
This reverts commit
a63aeaecf1f3387df020854c9b22a365207399ce.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 28 Jul 2022 14:43:17 +0000 (16:43 +0200)]
firmware-utils: update to git HEAD
4f8d03d mkh3cimg: add image tool for H3C devices
2483fe7 mkh3cvfs: add filesystem tool for H3C devices
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Sander Vanheule [Thu, 28 Jul 2022 13:13:52 +0000 (15:13 +0200)]
realtek: remove support for HPE 1920 series
Support for HPE 1920 images depends on two non-existent tools (mkh3cimg
and mkh3cvfs) from the in the firmware-utils package. Revert commit
f2f09bc00280 ("realtek: add support for HPE 1920 series") until support
for these tools is merged and made available in OpenWrt.
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Jan Hoffmann [Sat, 23 Jul 2022 20:53:19 +0000 (22:53 +0200)]
realtek: add support for HPE 1920 series
Hardware information:
---------------------
- HPE 1920-8G:
- RTL8380 SoC
- 8 Gigabit RJ45 ports (built-in RTL8218B)
- 2 SFP ports (built-in SerDes)
- HPE 1920-16G / HPE 1920-24G (same board):
- RTL8382 SoC
- 16/24 Gigabit RJ45 ports (built-in RTL8218B, 1/2 external RTL8218D)
- 4 SFP ports (external RTL8214FC)
- Common:
- RJ45 RS232 port on front panel
- 32 MiB NOR Flash
- 128 MiB DDR3 DRAM
- PT7A7514 watchdog
Booting initramfs image:
------------------------
- Prepare a FTP or TFTP server serving the OpenWrt initramfs image and
connect the server to a switch port.
- Connect to the console port of the device and enter the extended
boot menu by typing Ctrl+B when prompted.
- Choose the menu option "<3> Enter Ethernet SubMenu".
- Set network parameters via the option "<5> Modify Ethernet Parameter".
Enter the FTP/TFTP filename as "Load File Name" ("Target File Name"
can be left blank, it is not required for booting from RAM). Note that
the configuration is saved on flash, so it only needs to be done once.
- Select "<1> Download Application Program To SDRAM And Run".
Initial installation:
---------------------
- Boot an initramfs image as described above, then use sysupgrade to
install OpenWrt permanently. After initial installation, the
bootloader needs to be configured to load the correct image file
- Enter the extended boot menu again and choose "<4> File Control",
then select "<2> Set Application File type".
- Enter the number of the file "openwrt-kernel.bin" (should be 1), and
use the option "<1> +Main" to select it as boot image.
- Choose "<0> Exit To Main Menu" and then "<1> Boot System".
NOTE: The bootloader on these devices can only boot from the VFS
filesystem which normally spans most of the flash. With OpenWrt, only
the first part of the firmware partition contains a valid filesystem,
the rest is used for rootfs. As the bootloader does not know about this,
you must not do any file operations in the bootloader, as this may
corrupt the OpenWrt installation (selecting the boot image is an
exception, as it only stores a flag in the bootloader data, but doesn't
write to the filesystem).
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Jan Hoffmann [Sat, 23 Jul 2022 20:53:18 +0000 (22:53 +0200)]
tools: add 7z host package
Add the 7zr command line tool, which is a version of the 7z application
that only supports 7z archives.
7z is one of the two compression formats supported in H3C firmware
images (the alternative would be ARJ).
(Alternatively, the 7zr command line tool could also be built from a
current version of the public-domain LZMA SDK. That would require
repackaging the source package, as it is only provided in 7z format.)
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Jan Hoffmann [Sat, 23 Jul 2022 20:53:17 +0000 (22:53 +0200)]
kernel: mtdsplit: add support for H3C VFS filesystem
The bootloader on some H3C devices (for example HPE 1920 switches) only
supports booting from flash by reading an image from an "VFS" filesystem
which spans most of the available flash. The filesystem size is hard-
coded in the bootloader. However, as long as no write operations are
performed in the bootloader menu, it is sufficient if the start of the
partition contains a valid filesystem with the kernel image.
This mtdsplit parser reads the size and location of the kernel image and
finds the location of the rootfs stored after it. It assumes that the
filesystem image matches the layout of one generated by mkh3cvfs, with
a filename of "openwrt-kernel.bin" for the kernel image.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Jan Hoffmann [Sat, 23 Jul 2022 20:53:16 +0000 (22:53 +0200)]
realtek: clean up rtl838x MDIO busy wait loop
Don't use udelay to allow other kernel tasks to execute if the kernel
has been built without preemption. Also determine the timeout based on
jiffies instead of loop iterations.
This is especially important on devices containing a watchdog with a
short timeout. Without this change, the watchdog is not serviced during
PHY patching which can take multiple seconds.
Tested-by: Birger Koblitz <mail@birger-koblitz.de>
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Jan Hoffmann [Sat, 23 Jul 2022 20:53:15 +0000 (22:53 +0200)]
realtek: add SFP support for RTL8214FC PHY
Probe the SFP module during PHY initialization and implement
insertion/removal handlers to automatically configure the media type
of the respective port.
Suggested-by: Birger Koblitz <git@birger-koblitz.de>
Tested-by: Birger Koblitz <mail@birger-koblitz.de>
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Jan Hoffmann [Sat, 23 Jul 2022 20:53:14 +0000 (22:53 +0200)]
realtek: rtl83xx-phy: decouple RTL8214FC media change and power config
Move RTL8214FC power configuration to newly created suspend and resume
methods. A media change now only results in power configuration if the
PHY is not suspended, to avoid powering up a port when the interface is
currently not up.
While at it, remove the rtl8380 prefix from function names, as this is
actually not SoC-specific.
Tested-by: Birger Koblitz <mail@birger-koblitz.de>
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Jan Hoffmann [Sat, 23 Jul 2022 20:53:13 +0000 (22:53 +0200)]
realtek: rtl83xx-phy: fix RTL8214FC media change
Toggle power on the individual PHY instead of the package. Otherwise
a media change always toggles power on the first port, and not the one
that is being configured.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Markus Stockhausen [Fri, 8 Jul 2022 15:27:22 +0000 (17:27 +0200)]
realtek: make DGS-1210 u-boot-env partition writeable
We are close to provide enduser friendly OpenWrt images for DGS-1210
switches that do not need serial console. Nevertheless a small bit is
missing. We cannot switch back to the vendor partition or initiate a
download of a vendor firmware image. To issue this from inside OpenWrt
we need write access to U-Boot environment.
Case 1: Switch back to secondary (vendor) image
> fw_setenv bootcmd run addargs\; bootm 0xb4e80000
> fw_setenv image /dev/mtdblock7
> reboot
Case 2: Issue D-Link Network Assistant based download on next reboot.
This is a combination of some vendor specific protocol (DDP) and a
TFTP download afterwards.
> fw_setenv bootstop on
> reboot
Allow these commands by opening up u-boot-env for write access.
Tested on DGS-1210-20.
Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
Rafał Miłecki [Wed, 20 Jul 2022 11:47:06 +0000 (13:47 +0200)]
uboot-bcm4908: include SoC in output files
This fixes problem of overwriting BCM4908 U-Boot and DTB files by
BCM4912 ones. That bug didn't allow booting BCM4908 devices.
Fixes: f4c2dab544ec2 ("uboot-bcm4908: add BCM4912 build")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Wed, 20 Jul 2022 11:47:05 +0000 (13:47 +0200)]
bcm4908: build bootfs image per-SoC
In theory we could have just 1 bootfs image for all devices as each
device has its own entry in the "configurations" node. It doesn't work
well with default configuration though.
If something goes wrong U-Boot SPL can be interrupted (by pressing A) to
enter its minimalistic menu. It allows ignoring boardid. In such case
bootfs default configuration is used.
For above reason each SoC family (BCM4908, BCM4912) should have its own
bootfs built. It allows each of them to have working default
configuration.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Paul Spooren [Sun, 20 Mar 2022 15:31:24 +0000 (15:31 +0000)]
CI: run inside the buildbot docker container
Run github actions insider buildbot docker container.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[ run container under buildbot user ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Paul Spooren [Wed, 9 Mar 2022 17:22:22 +0000 (18:22 +0100)]
CI: add Kernel compile tests
Add Github Actions yaml script to build test kernel PR changes for
each target.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[ add commit description ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Sun, 17 Jul 2022 15:56:59 +0000 (17:56 +0200)]
scripts: ext-toolchain: add support for musl
Openwrt now supports only glibc and musl. Add support for musl and
rework the libc check to handle the new config flags and correctly
compile package basend on that.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Sun, 17 Jul 2022 15:56:36 +0000 (17:56 +0200)]
scripts: ext-toolchain: add support for info.mk in probe_cc
Openwrt generate info.mk that contains the libc type. For probe_cc check
if the file exist and parse directly it for LIBC type.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Sun, 17 Jul 2022 15:53:58 +0000 (17:53 +0200)]
scripts: ext-toolchain: actually probe libc type on config generation
Currently we never call probe_cc before config generation, this cause
the script to never actually detect the correct libc type.
Call probe_cc before config generation to correctl set the .config file.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Mon, 4 Jul 2022 16:22:18 +0000 (18:22 +0200)]
scripts: ext-toolchain: add option to overwrite config
It can be useful to overwrite an already generated config.
Option are simply added at the end of the config and make defconfig
will overwrite the relevant option with the new one.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Sun, 3 Jul 2022 00:20:11 +0000 (02:20 +0200)]
scripts: ext-toolchain: fix wrong prefix in print_config generation
The parsed prefix in print_config is wrong and this produce broken
generated .config that won't work with any external toolchain.
Currently the prefix from a CC of
'arm-openwrt-linux-muslgnueabi-gcc-12.1.0'
produce a prefix
'arm-openwrt-linux-muslgnueabi-gcc-'
This is wrong as the real prefix should be
'arm-openwrt-linux-muslgnueabi-'
This is probably caused by a change in how the toolchain is now handled
that now append also the gcc version. Probably in ancient days the
version wasn't part of the name and the prefix generation stripped the
'-gcc' instead of the gcc version.
Fix this and correctly strip the gcc version and the gcc suffix to
correctly call toolchain bins.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Sun, 3 Jul 2022 00:06:21 +0000 (02:06 +0200)]
rules_mk: don't include wrapped bin with external toolchains
Don't add wrapped bin to the TARGET_PATH as it does cause compilation
error.
cmake.mk will use the "command -v" and will use the wrapped bin instead
of the external toolchain bin as they have the same name and command
will select the first result.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Vincent Wiemann [Mon, 28 Dec 2020 15:00:13 +0000 (16:00 +0100)]
rules_mk: use gcc versions for external toolchain
When using the OpenWrt toolchain as an external toolchain the build
failed due to missing LTO support. By choosing the GCC wrappers of
the tools this commit makes sure that the LTO-enabled executables
are being used.
Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
[ wrap the commit description to 72 char ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Daniel Kestrel [Fri, 22 Jul 2022 19:01:49 +0000 (21:01 +0200)]
lantiq: fix network port GPIO settings for Fritzbox 3390
There are forum reports that 2 LAN ports are not working, the
GPIO settings are adjusted to fix the problem.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Christian Lamparter [Tue, 19 Jul 2022 17:46:38 +0000 (19:46 +0200)]
ipq806x: Archer VR2600: fix switch ports numbering
The order of LAN ports shown in Luci is reversed compared to what is
written on the case of the device. Fix the order so that they match.
Fixes: #10275
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Tue, 19 Jul 2022 18:11:02 +0000 (20:11 +0200)]
layerscape: update remaining PKG_HASH / PKG_MIRROR_HASH
The change of the PKG_VERSION caused the hash of the package to
change. This is because the PKG_VERSION is present in the
internal directory structure of the archive.
Fixes: e879cccaa215 ("uboot-layerscape: update PKG_HASH")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Martin Blumenstingl [Mon, 21 Mar 2022 17:50:11 +0000 (18:50 +0100)]
generic: 5.15: Disable more config symbols
These came up while trying to build the lantiq target with Linux 5.15.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Sander Vanheule [Thu, 21 Jul 2022 20:43:39 +0000 (22:43 +0200)]
realtek: clear spurious GPIO interrupts
The interrupt controller in the internal GPIO peripheral will sometimes
generate spurious interrupts. If these are not properly acknowledged, the
system will be held busy until reboot. These spurious interrupts are identified
by the fact that there is no system IRQ number associated, since the interrupt
line was never allocated. Although most prevalent on RTL839x, RTL838x SoCs have
also displayed this behaviour.
Reported-by: Luiz Angelo Daros de Luca <luizluca@gmail.com> # DGS-1210-52
Reported-by: Birger Koblitz <mail@birger-koblitz.de> # Netgear GS724TP v2
Reported-by: Jan Hoffmann <jan@3e8.eu> # HPE 1920-16G
Signed-off-by: Sander Vanheule <sander@svanheule.net>
David Bauer [Fri, 27 May 2022 15:48:06 +0000 (17:48 +0200)]
ramips: add support for ZyXEL NWA50AX / NWA55AXE
Hardware
--------
CPU: Mediatek MT7621
RAM: 256M DDR3
FLASH: 128M NAND
ETH: 1x Gigabit Ethernet
WiFi: Mediatek MT7915 (2.4/5GHz 802.11ax 2x2 DBDC)
BTN: 1x Reset (NWA50AX only)
LED: 1x Multi-Color (NWA50AX only)
UART Console
------------
NWA50AX:
Available below the rubber cover next to the ethernet port.
NWA55AXE:
Available on the board when disassembling the device.
Settings: 115200 8N1
Layout:
<12V> <LAN> GND-RX-TX-VCC
Logic-Level is 3V3. Don't connect VCC to your UART adapter!
Installation Web-UI
-------------------
Upload the Factory image using the devices Web-Interface.
As the device uses a dual-image partition layout, OpenWrt can only
installed on Slot A. This requires the current active image prior
flashing the device to be on Slot B.
If the currently installed image is started from Slot A, the device will
flash OpenWrt to Slot B. OpenWrt will panic upon first boot in this case
and the device will return to the ZyXEL firmware upon next boot.
If this happens, first install a ZyXEL firmware upgrade of any version
and install OpenWrt after that.
Installation TFTP
-----------------
This installation routine is especially useful in case
* unknown device password (NWA55AXE lacks reset button)
* bricked device
Attach to the UART console header of the device. Interrupt the boot
procedure by pressing Enter.
The bootloader has a reduced command-set available from CLI, but more
commands can be executed by abusing the atns command.
Boot a OpenWrt initramfs image available on a TFTP server at
192.168.1.66. Rename the image to owrt.bin
$ atnf owrt.bin
$ atna 192.168.1.88
$ atns "192.168.1.66; tftpboot; bootm"
Upon booting, set the booted image to the correct slot:
$ zyxel-bootconfig /dev/mtd10 get-status
$ zyxel-bootconfig /dev/mtd10 set-image-status 0 valid
$ zyxel-bootconfig /dev/mtd10 set-active-image 0
Copy the OpenWrt ramboot-factory image to the device using scp.
Write the factory image to NAND and reboot the device.
$ mtd write ramboot-factory.bin firmware
$ reboot
Signed-off-by: David Bauer <mail@david-bauer.net>
Rafał Miłecki [Wed, 20 Jul 2022 18:03:56 +0000 (20:03 +0200)]
bcm4908: prepare for Asus GT-AX6000 support
It isn't tested & Linux DT will surely need more work.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Wed, 20 Jul 2022 16:12:31 +0000 (18:12 +0200)]
bcm4908: backport bcmbca DT patches queued for 5.20
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Hauke Mehrtens [Mon, 18 Jul 2022 21:06:00 +0000 (23:06 +0200)]
wolfssl: Do not activate HW acceleration on armvirt by default
The armvirt target is also used to run OpenWrt in lxc on other targets
like a Raspberry Pi. If we set WOLFSSL_HAS_CPU_CRYPTO by default the
wolfssl binray is only working when the CPU supports the hardware crypto
extension.
Some targets like the Raspberry Pi do not support the ARM CPU crypto
extension, compile wolfssl without it by default. It is still possible
to activate it in custom builds.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Andre Heider [Tue, 19 Jul 2022 11:31:31 +0000 (13:31 +0200)]
tools/libressl: bump to v3.5.3
This includes API additions required for u-boot v2022.07 and Python 3.10.
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.0-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.1-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.2-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.3-relnotes.txt
Signed-off-by: Andre Heider <a.heider@gmail.com>
Eneas U de Queiroz [Fri, 8 Jul 2022 14:08:21 +0000 (11:08 -0300)]
uencrypt: add package to decrypt WG4хх223 config
This adds a simple AES-128-CBC encryption/decryption program using
either wolfSSL or OpenSSL as backend to decrypt Arcadyan WG4xx223
configuration partitions. The ipk size is 3,355 bytes.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Wenli Looi [Sat, 2 Jul 2022 20:18:59 +0000 (20:18 +0000)]
ramips: add support for Netgear WAX202
Netgear WAX202 is an 802.11ax (Wi-Fi 6) router.
Specifications:
* SoC: MT7621A
* RAM: 512 MiB NT5CC256M16ER-EK
* Flash: NAND 128 MiB F59L1G81MB-25T
* Wi-Fi:
* MT7915D: 2.4/5 GHz (DBDC)
* Ethernet: 4x 1GbE
* Switch: SoC built-in
* USB: None
* UART: 115200 baud (labeled on board)
Load addresses (same as ipTIME AX2004M):
* stock
* 0x80010000: FIT image
* 0x81001000: kernel image -> entry
* OpenWrt
* 0x80010000: FIT image
* 0x82000000: uncompressed kernel+relocate image
* 0x80001000: relocated kernel image -> entry
Installation:
* Flash the factory image through the stock web interface, or TFTP to
the bootloader. NMRP can be used to TFTP without opening the case.
* Note that the bootloader accepts both encrypted and unencrypted
images, while the stock web interface only accepts encrypted ones.
Revert to stock firmware:
* Flash the stock firmware to the bootloader using TFTP/NMRP.
References in WAX202 GPL source:
https://www.downloads.netgear.com/files/GPL/WAX202_V1.0.5.1_Source.rar
* openwrt/target/linux/ramips/dts/mt7621-ax-nand-wax202.dts
DTS file for this device.
Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
Wenli Looi [Sat, 2 Jul 2022 20:16:21 +0000 (20:16 +0000)]
image: add support for Netgear encrypted image
Netgear encrypted image is used in various devices including WAX202,
WAX206, and EX6400v3. This image format also requires a dummy squashfs4
image which is added here as well.
References in WAX202 GPL source:
https://www.downloads.netgear.com/files/GPL/WAX202_V1.0.5.1_Source.rar
* openwrt/bootloader/u-boot-mt7621-2018.09-gitb178829-
20200526/board/ralink/common/dual_image.c
Bootloader code that verifies the presence of a squashfs4 image, thus
a dummy image is added here.
* openwrt/tools/imgencoder/src/gj_enc.c
Contains code that generates the encrypted image. There is support for
adding an RSA signature, but it does not look like the signature is
verified by the stock firmware or bootloader.
* openwrt/tools/imgencoder/src/imagekey.h
Contains the encryption key and IV. It appears the same key/IV is used
for other Netgear devices including WAX206 and EX6400v3.
Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
Oleg S [Tue, 19 Jul 2022 12:06:50 +0000 (15:06 +0300)]
ramips: Add support command fw_setsys for Xiaomi routers
The system parameters are contained in the Bdata partition.
To use the fw_setsys command, you need to create a file
fw_sys.config.
This file is created after calling the functions
ubootenv_add_uci_sys_config and ubootenv_add_app_config.
Signed-off-by: Oleg S <remittor@gmail.com>
[ wrapped commit description to 72 char ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
John Audia [Wed, 6 Jul 2022 15:49:50 +0000 (11:49 -0400)]
mt7622: remove 300 MHz from dts
Due to the bug described here[1], remove the 300 MHz clock to avoid a low
voltage condition that can cause a hang when rebooting the RT3200/E8450.
This solution is probably better than the script-based work-around[2].
1. https://forum.openwrt.org/t/belkin-rt3200-linksys-e8450-wifi-ax-discussion/94302/1490
2. https://github.com/openwrt/openwrt/pull/5025
Signed-off-by: John Audia <therealgraysky@proton.me>
Tested-by: Rui Salvaterra <rsalvaterra@gmail.com>
Tested-by: John Audia <therealgraysky@proton.me>
Rafał Miłecki [Tue, 19 Jul 2022 04:22:31 +0000 (06:22 +0200)]
kernel: switch back 5.15 to fw_devlink=permissive
Kernel switching to fw_devlink=on as default broke probing some devices.
Revert it until we get a proper fix.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
John Audia [Fri, 15 Jul 2022 21:56:32 +0000 (17:56 -0400)]
kernel: bump 5.10 to 5.10.131
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
John Audia [Tue, 12 Jul 2022 15:51:28 +0000 (11:51 -0400)]
kernel: bump 5.10 to 5.10.130
All patches automatically rebased.
Build system: x86_64
Build-tested: ipq806x/R7800
Signed-off-by: John Audia <therealgraysky@proton.me>
John Audia [Mon, 11 Jul 2022 15:04:30 +0000 (11:04 -0400)]
kernel: bump 5.10 to 5.10.129
All patches automatically rebased.
Build system: x86_64
Build-tested: ipq806x/R7800
Signed-off-by: John Audia <therealgraysky@proton.me>
John Audia [Mon, 11 Jul 2022 13:23:19 +0000 (09:23 -0400)]
kernel: bump 5.10 to 5.10.128
No patches needed to be rebased, just updated checksums
Signed-off-by: John Audia <therealgraysky@proton.me>
Rafał Miłecki [Mon, 18 Jul 2022 13:44:32 +0000 (15:44 +0200)]
bcm4908: use upstream-accepted watchdog patches
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Mon, 18 Jul 2022 13:11:02 +0000 (15:11 +0200)]
bcm4908: backport latest DT patches
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Mon, 18 Jul 2022 13:06:11 +0000 (15:06 +0200)]
kernel: update leds-bcm63138 driver
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Felix Fietkau [Mon, 18 Jul 2022 13:13:56 +0000 (15:13 +0200)]
kernel: backport mtk wlan flow offloading fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Mark Mentovai [Mon, 4 Oct 2021 14:48:29 +0000 (10:48 -0400)]
ipq40xx: add MikroTik wAP ac (RBwAPG-5HacD2HnD) support
The MikroTik wAP ac (RBwAPG-5HacD2HnD) is a dual-band dual-radio
802.11ac wireless access point with integrated antenna and two Ethernet
ports in a weatherproof enclosure. See
https://mikrotik.com/product/wap_ac for more information.
Important: this is the new ipq40xx-based wAP ac, not the older
ath79-based wAP ac (RBwAPG-5HacT2HnD), already supported in OpenWrt.
Specifications:
- SoC: Qualcomm Atheros IPQ4018
- CPU: 4x ARM Cortex A7
- RAM: 128MB
- Storage: 16MB NOR flash
- Wireless
- 2.4GHz: Built-in IPQ4018 (SoC) 802.11b/g/n 2x2:2, 2.5 dBi antennae
- 5GHz: Built-in IPQ4018 (SoC) 802.11a/n/ac 2x2:2, 2.5 dBi antennae
- Ethernet: Built-in IPQ4018 (SoC, QCA8075), 2x 1000/100/10Mb/s ports,
one with 802.3af/at PoE in
Installation:
Boot the initramfs image via TFTP, then flash the sysupgrade image using
sysupgrade. Details at https://openwrt.org/toh/mikrotik/common.
Notes:
This preserves the MAC addresses of the physical Ethernet ports:
- eth0 corresponds to the physical port labeled ETH1 and has the base
MAC address. This port can be used to power the device.
- eth1 corresponds to the physical port labeled ETH2 and has a MAC
address one greater than the base.
MAC addresses are set from /lib/preinit/05_set_iface_mac_ipq40xx.sh
rather than /etc/board.d/02_network so that they are in effect for
preinit. This should likely be done for other MikroTik devices and
possibly other non-MikroTik devices as well.
As this device has 2 physical ports, they are each connected to their
respective PHYs, allowing the link status to be visible to software.
Since they are not marked on the case with any role (such as LAN or
WAN), both are bridged to the lan network by default, although this can
easily be changed if needed.
Signed-off-by: Mark Mentovai <mark@mentovai.com>
Rafał Miłecki [Sun, 17 Jul 2022 13:10:01 +0000 (15:10 +0200)]
kernel: backport LEDs driver for BCMBCA devices
This includes BCM63xx and BCM4908 families.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rosen Penev [Thu, 21 Oct 2021 23:09:59 +0000 (16:09 -0700)]
libiconv-full: add host build
Now that libiconv-stub is gone, a replacement for its host build is
needed.
Fixes: c0ba4201f837 ("libiconv-stub: remove")
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Fri, 15 Jul 2022 23:34:44 +0000 (01:34 +0200)]
sdk: add spidev-test to the bundle of userspace sources
moves and extends the current facilities, which have been
added some time ago for the the usbip utility, to support
more utilites that are shipped with the Linux kernel tree
to the SDK.
this allows to drop all the hand-waving and code for
failed previous attempts to mitigate the SDK build failures.
Fixes: bdaaf66e28bd ("utils/spidev_test: build package directly from Linux")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Catalin Toda [Fri, 15 Jul 2022 17:18:23 +0000 (10:18 -0700)]
kernel: netconsole: add network console logging support
Accessing the console on many devices is difficult.
netconsole eases debugging on devices that crash
after the network is up.
Reference to the netconsole documentation in upstream Linux:
<https://www.kernel.org/doc/html/latest/networking/netconsole.html>
|
|netconsole=[+][src-port]@[src-ip]/[<dev>],[tgt-port]@<tgt-ip>/[tgt-macaddr]
|
| where
| + if present, enable extended console support
| src-port source for UDP packets (defaults to 6665)
| src-ip source IP to use (interface address)
| dev network interface (eth0)
| tgt-port port for logging agent (6666)
| tgt-ip IP address for logging agent
| tgt-macaddr ethernet MAC address for logging agent (broadcast)
OpenWrt specific notes:
OpenWrt's device userspace scripts are attaching the network
interface (i.e. eth0) to a (virtual) bridge (br-lan) device.
This will cause netconsole to report:
|network logging stopped on interface eth0 as it is joining a master device
(and unfortunately the traffic/logs to stop at this point)
As a workaround, the netconsole module can be manually loaded
again after the bridge has been setup with:
insmod netconsole netconsole=@/br-lan,@192.168.1.x/MA:C...
One way of catching errors before the handoff, try to
append the /etc/modules.conf file with the following extra line:
options netconsole netconsole=@/eth0,@192.168.1.x/MA:C...
and install the kmod-netconsole (=y) into the base image.
Signed-off-by: Catalin Toda <catalinii@yahoo.com>
(Added commit message from PR, added links to documentation)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Fri, 15 Jul 2022 19:07:42 +0000 (21:07 +0200)]
uboot-layerscape: update PKG_HASH
The change of the PKG_VERSION caused the hash of the package to
change. This is because the PKG_VERSION is present in the
internal directory structure of the uboot-layerscape-21.08.tar.xz
archive.
i.e:
# tar tf uboot-layerscape-21.08.tar.xz:
uboot-layerscape-21.08/
uboot-layerscape-21.08/.azure-pipelines.yml
uboot-layerscape-21.08/.checkpatch.conf
uboot-layerscape-21.08/.gitattributes
uboot-layerscape-21.08/.github/
[...]
vs.
# tar tf uboot-layerscape-LSDK-21.08.tar.xz
uboot-layerscape-LSDK-21.08/
uboot-layerscape-LSDK-21.08/.azure-pipelines.yml
uboot-layerscape-LSDK-21.08/.checkpatch.conf
uboot-layerscape-LSDK-21.08/.gitattributes
uboot-layerscape-LSDK-21.08/.github/
[...]
the (file) content of both archives are otherwise the same.
The PKG_HASH was taken from the builder log:
| Hash of the local file uboot-layerscape-21.08.tar.xz does not match
|(file:
54909a98bdcc26c7f9b35b35fcae09b977ecbf044be7bffa6dad9306c47cccf6,
|requested:
874e871755ef84ebbf3[...]) - deleting download.
without this update, the uboot-layerscape-21.08 package would
always try to download (from git), repacked the archive and
reupload to sources.openwrt.org (~14 MiB saved).
Fixes: 038d5bdab117 ("layerscape: use semantic versions for LSDK")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Rosen Penev [Sat, 9 Jul 2022 03:50:44 +0000 (20:50 -0700)]
mbedtls: build with PIC
Fixes compilation with GCC12 and dependent packages for some reason.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Christian Lamparter [Fri, 15 Jul 2022 22:45:45 +0000 (00:45 +0200)]
ipq-wifi: remove dangling GL.iNet GL-B2200 boardfiles
those board files can/should be dropped now too.
Fixes: 50c232d6f446 ("ipq-wifi: drop upstreamed board-2.bin")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Fri, 15 Jul 2022 23:56:53 +0000 (01:56 +0200)]
nu801: fix DEPENDS on bcm53xx
the tacked on @TARGET_bcm53xx causes warnings:
tmp/.config-package.in:14027:warning: ignoring unsupported character '@'
tmp/.config-package.in:26028:warning: ignoring unsupported character '@'
this was wrong.
Fixes: be1761fa1488 ("nu801: add MR26 to the table")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Marangi [Sun, 17 Jul 2022 11:20:16 +0000 (13:20 +0200)]
procd: update to git HEAD
ef5d3e3 jail: fix various ignoring return value compilation warning
8e4a956 jail: add WARNING macro to log non critical warning message
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Sun, 17 Jul 2022 11:18:42 +0000 (13:18 +0200)]
fstools: update to git HEAD
ebf7e90 libfstools: handle gzip return value in block_volume_format
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Sander Vanheule [Sun, 19 Jun 2022 08:29:35 +0000 (10:29 +0200)]
realtek: correct egress frame port verification
Destination switch ports for outgoing frame can range from 0 to
CPU_PORT-1.
Refactor the code to only generate egress frame CPU headers when a valid
destination port number is available, and make the code a bit more
consistent between different switch generations. Change the dest_port
argument's type to 'unsigned int', since only positive values are valid.
This fixes the issue where egress frames on switch port 0 did not
receive a VLAN tag, because they are sent out without a CPU header.
Also fixes a potential issue with invalid (negative) egress port numbers
on RTL93xx switches.
Reported-by: Arınç ÜNAL <arinc.unal@xeront.com>
Suggested-by: Birger Koblitz <mail@birger-koblitz.de>
Tested-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Sander Vanheule [Sun, 19 Jun 2022 10:38:49 +0000 (12:38 +0200)]
realtek: correct egress frame priority assignment
Priority values passed to the egress (TX) frame header initialiser are
invalid when smaller than 0, and should not be assigned to the frame.
Queue assignment is then left to the switch core logic.
Current code for RTL83xx forces the passed priority value to be
positive, by always masking it to the lower bits, resulting in the
priority always being set and enabled. RTL93xx code doesn't even check
the value and unconditionally assigns the (32 bit) value to the (5 bit)
QID field without masking.
Fix priority assignment by only setting the AS_QID/AS_PRI flag when a
valid value is passed, and properly mask the value to not overflow the
QID/PRI field.
For RTL839x, also assign the priority to the right part of the frame
header. Counting from the leftmost bit, AS_PRI and PRI are in bits 36
and 37-39. The means they should be assigned to the third 16 bit value,
containing bits 32-47.
Tested-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Sander Vanheule [Tue, 28 Jun 2022 19:15:00 +0000 (21:15 +0200)]
realtek: fix egress L2 learning on rtl839x
The flag to enable L2 address learning on egress frames is in CPU header
bit 40, with bit 0 being the leftmost bit of the header. This
corresponds to BIT(7) in the third 16-bit value of the header.
Correctly set L2LEARNING by fixing the off-by-one error.
Fixes: 9eab76c84e31 ("realtek: Improve TX CPU-Tag usage")
Tested-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Sander Vanheule [Tue, 28 Jun 2022 19:14:03 +0000 (21:14 +0200)]
realtek: fix egress port mask on rtl839x
The flag to enable the outgoing port mask is in CPU header bit 43, with
bit 0 being the leftmost bit of the header. This corresponds to BIT(4)
in the third 16-bit value of the header.
Correctly set AS_DPM by fixing the off-by-one error.
Fixes: 9eab76c84e31 ("realtek: Improve TX CPU-Tag usage")
Tested-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Christian Marangi [Sun, 17 Jul 2022 01:12:45 +0000 (03:12 +0200)]
ubox: update to latest git HEAD
46a33b8 kmodloader: fix compilation warning with not checking return of asprintf
Also switch PKG_RELEASE to AUTORELEASE.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Eneas U de Queiroz [Fri, 15 Jul 2022 19:09:58 +0000 (16:09 -0300)]
wolfssl: bump to 5.4.0
This version fixes two vulnerabilities:
-CVE-2022-34293[high]: Potential for DTLS DoS attack
-[medium]: Ciphertext side channel attack on ECC and DH operations.
The patch fixing x86 aesni build has been merged upstream.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Christian Lamparter [Fri, 10 Jun 2022 20:22:39 +0000 (22:22 +0200)]
bcm53xx: add support for Meraki MR26
Meraki MR26 is an EOL wireless access point featuring a
PoE ethernet port and two dual-band 3x3 MIMO 802.11n
radios and 1x1 dual-band WIFI dedicated to scanning.
Thank you Amir for the unit and PSU.
Hardware info:
SOC : Broadcom BCM53015A1KFEBG (dual-core Cortex-A9 CPU at 800 MHz)
RAM : SK hynix Inc. H5TQ1G63EFR, 1 Gbit DDR3 SDRAM = 128 MiB
NAND : Spansion S34ML01G100TF100, 1 Gbit SLC NAND Flash = 128 MiB
ETH : 1 GBit Ethernet Port - PoE
WIFI1 : Broadcom BCM43431KMLG, BCM43431 802.11 abgn
WIFI1 : Broadcom BCM43431KMLG, BCM43431 802.11 abgn
WIFI3 : Broadcom BCM43428 abgn (1x1:1 - id: 43428)
BUTTON: one reset button
LEDS : RGB-LED
MISC : Atmel AT24C64 8KiB EEPROM (i2c - seems empty)
: Ti INA219 26V, 12-bit, i2c output current/voltage/power monitor
: TPS23754, High Power/High Efficiency PoE Interface+DC/DC Controller
SERIAL:
WARNING: The serial port needs a TTL/RS-232 3V3 level converter!
The Serial setting is 115200-8-N-1. The board has a populated
right angle 1x4 0.1" pinheader.
The pinout is: VCC (next to J3, has little white arrow), RX, TX, GND.
This flashing procedure for the MR26 was tested with firmware:
"
22-143410M-gf25cbf5a-asa".
U-Boot
2012.10-00063-g83f9fe4 (Jun 04 2014 - 21:22:39)
A guide how to open up the device is available on the wiki:
<https://openwrt.org/toh/meraki/mr26>
Notes:
- The WIFI do work to a degree. Limited to 802.11bg in the 2.4GHz band.
- the WIFI macs are made up.
0. Create a separate Ethernet LAN which can't have access to the internet.
Ideally use 192.168.1.2 for your PC. The new OpenWrt firmware will setup
the network via DHCP Discovery, so make sure your PC is running
a DHCP-Server (i.e.: dnsmasq)
'# dnsmasq -i eth# -F 192.168.1.5,192.168.1.50
Download the openwrt-meraki-mr26 initramfs file from openwrt.org and
rename it to something simple like mr26.bin. Then put it into the tftp's
server directory.
1. Disassemble the MR26 device by removing all screws (4 screws are located
under the 4 rubber feets!) and prying open the plastic covers without
breaking the plastic retention clips. Once inside, remove the plastic
back casing. Be careful, there some "hidden" retention clips on both
sides of the LAN port, you need a light to see those. Next, you want to
remove all the screws on the outer metal shielding to get to the PCB.
It's not necessary to remove the antennas!
2. Connect the serial cable to the serial header and Ethernet patch cable
to the device.
4. Before connecting the power, get ready flood the serial console program
with the magic: xyzzy . This is necessary in order to get into the
u-boot prompt. Once Ready: connect power cable.
5. If you don't get the "u-boot>" prompt within the first few seconds,
you have to disconnect and reconnect the power cable and try again.
6. In the u-boot prompt enter:
setenv ipaddr 192.168.1.4
setenv serverip 192.168.1.2
tftpboot ${meraki_loadaddr} mr26.bin; bootm
this will boot a in-ram-only OpenWrt image.
7. Once it booted use sysupgrade to permanently install OpenWrt.
To do this: Download the latest sysupgrade.bin file and move
it to the device. Then use sysupgrade *sysupgrade.bin to install it.
WARNING: DO NOT DELETE the "storage" ubi volume!
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Sat, 25 Jun 2022 16:29:22 +0000 (18:29 +0200)]
nu801: add MR26 to the table
The MR26 uses a NU801 for the RGB-Leds. Make the LEDs
available.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Fri, 1 Jul 2022 19:39:10 +0000 (21:39 +0200)]
module/firmware: remove intersil PRISM54 support
the legacy driver was dropped in linux 5.14-rc3:
commit
d249ff28b1d8 ("intersil: remove obsolete prism54 wireless driver")
Quoting Lukas Bulwahn:
"p54 replaces prism54 so users should be unaffected."
Reported-by: Marius Dinu <m95d+git@psihoexpert.ro>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Thu, 7 Jul 2022 12:10:17 +0000 (14:10 +0200)]
utils/spidev_test: side-step build-system woes
The spidev_test is build in phase2 even though it should be disabled.
My best guess is that we hit the same issue that I had with nu801.
The build-system thinks it's a tool that is necessary for
building the kernel.
In this case, the same fix (adding a dependency on the presence of
the module) could work in this case as well?
Fixes: bdaaf66e28bd ("utils/spidev_test: build package directly from Linux")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Sun, 26 Jun 2022 13:05:27 +0000 (15:05 +0200)]
ipq-wifi: drop upstreamed board-2.bin
The BDFs for the:
GL.iNet GL-B2200
were upstreamed to the ath10k-firmware repository
and landed in linux-firmware.git
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Sun, 26 Jun 2022 12:58:49 +0000 (14:58 +0200)]
linux-firmware: Update to version
20220610
git log --pretty=oneline --abbrev-commit
20220509..
20220610 (sorted)
amdgpu:
4458bb4 amdgpu: update yellow carp DMCUB firmware
9ed4d42 amdgpu: update Yellow Carp VCN firmware
251d290 amdgpu: update beige goby firmware for 22.10
d4346b3 amdgpu: update renoir firmware for 22.10
b3df9c4 amdgpu: update dimgrey cavefish firmware for 22.10
e1b0a1c amdgpu: update vega20 firmware for 22.10
4a0d163 amdgpu: update yellow carp firmware for 22.10
e8f2e54 amdgpu: update vega12 firmware for 22.10
7a7f84a amdgpu: update navy flounder firmware for 22.10
5a6a482 amdgpu: update vega10 firmware for 22.10
4ee52ee amdgpu: update raven2 firmware for 22.10
e2d460f amdgpu: update raven firmware for 22.10
5b52a90 amdgpu: update sienna cichlid firmware for 22.10
c8268e6 amdgpu: update green sardine firmware for 22.10
f29f5b5 amdgpu: update PCO firmware for 22.10
95b5b3f amdgpu: update vangogh firmware for 22.10
6dcbd01 amdgpu: update navi14 firmware for 22.10
f803fbd amdgpu: update navi12 firmware for 22.10
8923000 amdgpu: update navi10 firmware for 22.10
4b2af01 amdgpu: update aldebaran firmware for 22.10
ath10k:
2aa4da3 ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00157
f7cc4b4 ath10k: QCA9888 hw2.0: update board-2.bin
e9e987d ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00157
866b5b2 ath10k: QCA4019 hw1.0: update board-2.bin
intel:
ac640f0 linux-firmware: Update firmware file for Intel Bluetooth 9462
38dd3f2 linux-firmware: Update firmware file for Intel Bluetooth 9462
72e1216 linux-firmware: Update firmware file for Intel Bluetooth 9560
94c49b4 linux-firmware: Update firmware file for Intel Bluetooth 9560
e4971d1 linux-firmware: Update firmware file for Intel Bluetooth AX201
78c3731 linux-firmware: Update firmware file for Intel Bluetooth AX201
12564a2 linux-firmware: Update firmware file for Intel Bluetooth AX211
edc709e linux-firmware: Update firmware file for Intel Bluetooth AX211
9546d55 linux-firmware: Update firmware file for Intel Bluetooth AX210
111bd14 linux-firmware: Update firmware file for Intel Bluetooth AX200
ac67ec3 linux-firmware: Update firmware file for Intel Bluetooth AX201
99cb4b0 iwlwifi: add new FWs from core70-87 release
7073b8a iwlwifi: update 9000-family firmwares to core70-87
f9e0b9f iwlwifi: remove old unsupported 3160/7260/7265/8000/8265 firmware
7d118ce linux-firmware: Update firmware file for Intel Bluetooth 9462
30dcf82 linux-firmware: Update firmware file for Intel Bluetooth 9462
7d141a6 linux-firmware: Update firmware file for Intel Bluetooth 9560
741fee8 linux-firmware: Update firmware file for Intel Bluetooth 9560
e7214a2 linux-firmware: Update firmware file for Intel Bluetooth AX201
0e3e49a linux-firmware: Update firmware file for Intel Bluetooth AX201
46cfae6 linux-firmware: Update firmware file for Intel Bluetooth AX211
16c926e linux-firmware: Update firmware file for Intel Bluetooth AX211
f293900 linux-firmware: Update firmware file for Intel Bluetooth AX210
41386cc linux-firmware: Update firmware file for Intel Bluetooth AX200
62235c9 linux-firmware: Update firmware file for Intel Bluetooth AX201
realtek:
7eef50f rtw88: 8822c: Update normal firmware to v9.9.13
23b5428 rtw88: 8822c: Update normal firmware to v9.9.12
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Rosen Penev [Thu, 9 Jun 2022 19:19:22 +0000 (12:19 -0700)]
libiconv-stub: remove
No longer used.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 9 Jun 2022 19:18:13 +0000 (12:18 -0700)]
nls.mk: remove libiconv-stub
This was previously needed for uClibc-ng. Now that it's gone, it can go
away in nls.mk too.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Sebastian Kemper [Sun, 5 Jun 2022 18:02:08 +0000 (20:02 +0200)]
nls.mk: clean up INTL flags
gettext (libintl-stub) was removed in commit [1], so the libintl-stub
lib and include directories aren't existing anymore. This commit cleans
up the INTL flags for the BUILD_NLS=n case.
[1]
e6f569406ffe1d9e35b9b9ea36f38cdd5837728d
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Reviewed-by: Rosen Penev <rosenp@gmail.com>
Christian Lamparter [Sat, 25 Jun 2022 21:24:40 +0000 (23:24 +0200)]
firmware: intel-microcode: update to
20220510
Debians' changelog by Henrique de Moraes Holschuh <hmh@debian.org>:
* New upstream microcode datafile
20220419
* Fixes errata APLI-11 in Atom E3900 series processors
* Updated Microcodes:
sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384
* New upstream microcode datafile
20220510
* Fixes INTEL-SA-000617, CVE-2022-21151:
Processor optimization removal or modification of security-critical
code may allow an authenticated user to potentially enable information
disclosure via local access (closes: #
1010947)
* Fixes several errata (functional issues) on Xeon Scalable, Atom C3000,
Atom E3900
* New Microcodes:
sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
* Updated Microcodes:
sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224
sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496
sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816
sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008
sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888
sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888
sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696
sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408
sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568
sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264
sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912
sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776
sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776
sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640
sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816
sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568
sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280
sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400
sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472
sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472
sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472
sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480
sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480
sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544
sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472
sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448
sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256
sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280
sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256
sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256
sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256
sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Thu, 30 Jun 2022 08:03:14 +0000 (10:03 +0200)]
ipq40xx: R619AC: replace space with - separator in variant string
Kalle:
"I see that variant has a space in it, does that work it correctly? My
original idea was that spaces would not be allowed, but didn't realise
to add a check for that."
Is this an easy change? Because the original author (Tim Davis) noted:
"You may substitute the & and space with something else saner if they
prove to be problematic."
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Manuel Giganto [Mon, 12 Oct 2020 09:44:09 +0000 (09:44 +0000)]
hostapd: add ppsk option (private psk)
This PR allows a user to enable a private psk, where each station
may have it's own psk or use a common psk if it is not defined.
The private psk is defined using the sta's mac and a radius server
is required.
ppsk option should be enabled in the wireless configuration along with
radius server details. When using PPSK, the key is ignored, it will be
retrieved from radius server. SAE is not yet supported (private sae) in
hostapd.
Wireless example configuration:
option encryption 'psk2+ccmp'
option ppsk '1'
option auth_server '127.0.0.1'
option auth_secret 'radiusServerPassword'
If you want to use dynamic VLAN on PPSK also include:
option dynamic_vlan '2'
option vlan_tagged_interface 'eth0'
option vlan_bridge 'br-vlan'
option vlan_naming '0'
It works enabling mac address verification on radius server and
requiring the tunnel-password (the private psk) from radius server.
In the radius server we need to configure the users. In case of
freeradius: /etc/freeradius3/mods-config/files/authorize
The user and Cleartext-Password should be the mac lower case using the
format "
aabbccddeeff"
<sta mac> Cleartext-Password := "<sta mac>"
Tunnel-Password = <Private Password>
Example of a user configured in radius and using dynamic VLAN5:
8cb84a000000 Cleartext-Password := "
8cb84a000000"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID = 5,
Tunnel-Password = MyPrivPw
If we want to have a default or shared psk, used when the mac is not
found in the list, we need to add the following at the end of the radius
authorize file:
DEFAULT Auth-Type := Accept
Tunnel-Password = SharedPw
And if using VLANs, for example VLAN6 for default users:
DEFAULT Auth-Type := Accept
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID = 6,
Tunnel-Password = SharedPw
Signed-off-by: Manuel Giganto <mgigantoregistros@gmail.com>
Rosen Penev [Mon, 11 Jul 2022 01:00:59 +0000 (18:00 -0700)]
strace: add nls.mk
Needed when building with libdw and CONFIG_BUILD_NLS, mostly for the
rpath-link.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Leonardo Mörlein [Mon, 9 Aug 2021 22:48:40 +0000 (00:48 +0200)]
automake: always use correct path for aclocal.real
Before this commit, it was assumed that aclocal.real is in the PATH. While
this was fine for the normal build workflow, this led to some issues if
make TOPDIR="$(pwd)" -C "$pkgdir" compile
was called manually. The command failed with:
/home/.../openwrt/staging_dir/host/bin/aclocal: line 2: aclocal.real: command not found
autoreconf: /home/.../openwrt/staging_dir/host/bin/aclocal failed with exit status: 127
After the commit, the package is built sucessfully.
Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
Sieng-Piaw Liew [Fri, 8 Jul 2022 01:03:53 +0000 (09:03 +0800)]
ath79: fix Tx cleanup when NAPI poll budget is zero
NAPI poll() function may be passed a budget value of zero, i.e. during
netpoll, which isn't NAPI context.
Therefore, napi_consume_skb() must be given budget value instead of
!flush to truly discern netpoll-like scenarios.
https://lore.kernel.org/netdev/
20220707141056.2644-1-liew.s.piaw@gmail.com/t/#m470f5c20225e76fb08c44d6cfa2f1b739ffaaea4
Signed-off-by: Sieng-Piaw Liew <liew.s.piaw@gmail.com>