openwrt/staging/pepe2k.git
2 years agobuild: store sha256_unsigned in JSON
Paul Spooren [Mon, 28 Mar 2022 02:29:09 +0000 (03:29 +0100)]
build: store sha256_unsigned in JSON

Introduce `sha256_unsigned` which is a checksum of the image _before_ a
signature is attached. This is helpful to compare image reproducibility.

Since the `.sha256sum` file is located in the $(KDIR) folder, switch
$(BIN_DIR) with $(KDIR) to simplify the code. The value of $(BIN_DIR)
itself is not stored inside the resulting JSON file, so it can be
replaced.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 8822a8d850ba2df69b81289758959bb90643a696)

2 years agokernel: fix initramfs reproducibility
Daniel Golle [Tue, 29 Mar 2022 12:54:14 +0000 (13:54 +0100)]
kernel: fix initramfs reproducibility

Make sure xz uses at least 2 threads so compression always runs in
multi-threaded mode as the resulting file in single-threaded mode
differs.

Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit fc6a83e63b187ecfd0e427c062ae09e3c104e291)

2 years agoimage: let mksquashfs4 use all processors
Stijn Tintel [Sat, 19 Feb 2022 15:54:22 +0000 (17:54 +0200)]
image: let mksquashfs4 use all processors

Drop the -processors argument from the mksquashfs4 call, so it will use
all available processors. This dramatically reduces the time to create
squashfs filesystems.

The times below are observed when building an image for my main router,
the WatchGuard Firebox M300 (qoriq target):

Before:
real    4m45,973s

After:
real    0m23,497s

With this commit `mksquashfs` may use more cores than defined via `-j`.
This is the same behaviour as for archive creation of ImageBuilder, SDK
or toolchain. There is no trivial way to limit `mksquashfs` CPU core
usage to the amount of "free" make jobs since two running `mksquashfs`
instances would each run with the total allowed number (-j) of threads.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
[extended reasoning in commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit df2ae8826ced4f374bcb693b44d8a113ad150d70)

2 years agoscripts: make sure conffiles are sorted
Paul Spooren [Thu, 31 Mar 2022 21:51:29 +0000 (22:51 +0100)]
scripts: make sure conffiles are sorted

It may happen that conffiles are in different order on different builds.
Make sure they have the same order by sorting them.

FIX: #9612

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 56ce110b73970bcd65d309440baada84c8e1504b)

2 years agotoolchain: reproducible libstdcpp
Paul Spooren [Thu, 31 Mar 2022 16:13:37 +0000 (17:13 +0100)]
toolchain: reproducible libstdcpp

A Python script containing an unreproducible path is copied by default.
Remove it before generating the package.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 950bd40a275d1a834c95d8f9830e1bfed4737a82)

2 years agogrub2: add missing license
Paul Spooren [Mon, 4 Apr 2022 11:17:25 +0000 (13:17 +0200)]
grub2: add missing license

The PKG_LICENSE field was missing.
While at it, normalize the Makefile a bit.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 839b1ff1fc0d6bcd74131a78fb9286df7f3b7b97)

2 years agoqoriq: enable support for Marvell Alaska PHYs
Stijn Tintel [Sun, 3 Apr 2022 18:31:19 +0000 (21:31 +0300)]
qoriq: enable support for Marvell Alaska PHYs

The WatchGuard Firebox M200 and M300 use a Marvell 88e1543 PHY for the
first 3 ethernet ports. This PHY is supported by the Marvell Alaska PHY
driver, so enable it.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit d7eba8059b3bfe89f90f1d18f1f0d23cbbb42423)

2 years agokernel: load device-mapper early on boot
Daniel Golle [Sun, 3 Apr 2022 15:19:31 +0000 (16:19 +0100)]
kernel: load device-mapper early on boot

Previously commit openwrt/packages@3abb7cb ("lvm2: Added script and updated Makefile[...]")
couldn't actually work and allow rootfs_data to be stored on a LVM2 as
the necessary kernel modules had not been loaded at this point.
Fix this by loading device-mapper modules early at boot.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 82f9ad6ab21ca4925278429a3e1b31d26c306d9f)

2 years agokernel: modules: drop 'AddDepends/bluetooth' calls
Piotr Dymacz [Fri, 11 Mar 2022 17:58:36 +0000 (18:58 +0100)]
kernel: modules: drop 'AddDepends/bluetooth' calls

Function 'AddDepends/bluetooth' doesn't exist in our codebase.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit 173198e35a898ff7ec97749247f75cd82fa3c3ab)

2 years agobusybox: Fix snprintf arguments in lock
Hauke Mehrtens [Thu, 31 Mar 2022 16:43:09 +0000 (18:43 +0200)]
busybox: Fix snprintf arguments in lock

The first argument for snprintf is the buffer and the 2. one is the
size. Fix the order. This broke the lock application.

Fixes: 9d2b26d5a705 ("busybox: fix busybox lock applet pidstr buffer overflow")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d80336e1a970b088c235dcf2773052537e6f5d72)

2 years agobusybox: fix busybox lock applet pidstr buffer overflow
Qichao Zhang [Sun, 20 Mar 2022 01:43:22 +0000 (09:43 +0800)]
busybox: fix busybox lock applet pidstr buffer overflow

Kernel setting `/proc/sys/kernel/pid_max` can be set up to 4194304 (7
digits) which will cause buffer overflow in busbox lock patch, this
often happens when running in a rootfs container environment.
This commit enlarges `pidstr` to 12 bytes to ensure a sufficient buffer
for pid number and an additional char '\n'.

Signed-off-by: Qichao Zhang <njuzhangqichao@gmail.com>
(cherry picked from commit 34567750db2c3a84fc9f971189c223e2eefd93b0)

2 years agobuild: autotools: fix cache path
Huangbin Zhan [Sat, 30 Oct 2021 07:28:28 +0000 (15:28 +0800)]
build: autotools: fix cache path

the cache directory should be autom4te.cache in all $(PKG_AUTOMAKE_PATHS)
rather than $(PKG_BUILD_DIR)/autom4te.cache only

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
(cherry picked from commit 044ca149f36a08f56fe827a20aa113837c58cb40)

2 years agopcre: disable shared libraries for host builds
Rosen Penev [Sat, 19 Mar 2022 23:18:49 +0000 (16:18 -0700)]
pcre: disable shared libraries for host builds

Getting rid of shared libraries for hostpkg avoids having to use rpath
hacks to find the library. It also fixes compilation with host glib2
binaries.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f8571749a77ea23b418c84692220083858c1df79)

2 years agomusl-fts: remove shared libraries from host
Rosen Penev [Fri, 24 Sep 2021 06:44:57 +0000 (23:44 -0700)]
musl-fts: remove shared libraries from host

Avoids having to add rpath to the various packages using it. Also add
PIC to fix compilation as static libraries do not use PIC by default.

Fixes: 1fb099341e58 ("musl-fts: add host build")
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 8a75ed4ba07b9d64ae547ce36873e51ba54f0eaf)

2 years agokernel: mark CONFIG_PSTORE_COMPRESS_DEFAULT as "is not set"
Christian Lamparter [Fri, 25 Mar 2022 22:57:29 +0000 (23:57 +0100)]
kernel: mark CONFIG_PSTORE_COMPRESS_DEFAULT as "is not set"

 # CONFIG_PSTORE_COMPRESS_DEFAULT="deflate"
this can lead to confusion. Thankfully, in the KConfig
world this setting is still interpreted as disabled.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit de4879c1ae92bf625a91ff3f07a65ec0e4bb8ed1)

2 years agoipq40xx: add support for FRITZ!Box 7520
Andre Heider [Sun, 5 Dec 2021 11:14:45 +0000 (12:14 +0100)]
ipq40xx: add support for FRITZ!Box 7520

This model, also know as "1&1 HomeServer", shares the same features as 7530.

The vendor firmware has artificial software limitations: only 2 of the 4
LAN-Ports are GBit, and the USB-Host is only v2.0.

With OpenWrt, USB is already working at v3.0.

Signed-off-by: Andre Heider <a.heider@gmail.com>
(updated commit message to reflect current state)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit cb6f4be13703f0224fc462caaeac14e725c72986)

2 years agogettext-full: add gmsgfmt symlink in host install
Stijn Tintel [Fri, 25 Mar 2022 13:03:53 +0000 (15:03 +0200)]
gettext-full: add gmsgfmt symlink in host install

Some configure scripts look for msgfmt and gmsgfmt. As we don't install
the latter, configure might pick up one from staging_dir/hostpkg, and
the other from the host:

checking for msgfmt... /home/stijn/Development/OpenWrt/openwrt/staging_dir/hostpkg/bin/msgfmt
checking for gmsgfmt... /usr/bin/gmsgfmt

This could potentially lead to hard to debug undefined behaviour.
Install a symlink in the host install phase to avoid this.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 636cb00ecc8d693c36e48952f6d154f91e0e569e)

2 years agouboot-mvebu: backport patch to fix eMMC
Robert Marko [Mon, 21 Mar 2022 11:39:54 +0000 (12:39 +0100)]
uboot-mvebu: backport patch to fix eMMC

v2022.01 has a regression that broke eMMC usage on most if not all Armada
SoC-s, thus breaking boards like uDPU which use eMMC for storage.

Fix it by backporting a recent upstream patch.

Fixes: 782d4c8306c8 ("uboot-mvebu: update to version 2022.01")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit a70383080694f26d13db8341a83261f6b1c45f12)

2 years agoRevert "octeon: mark source-only"
Stijn Tintel [Sun, 3 Apr 2022 02:24:17 +0000 (05:24 +0300)]
Revert "octeon: mark source-only"

The memory leak is fixed by the kernel patches backported in the
previous commit.

This reverts commit 1fa8780056a8c7a2e26c8b4d5e6979232f117349.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit f6cda9f06b09c94457e838a28ef300b2f3c6be77)

2 years agokernel: backport pgalloc memory leak fix
Stijn Tintel [Sun, 3 Apr 2022 02:14:06 +0000 (05:14 +0300)]
kernel: backport pgalloc memory leak fix

Backport a fix for the massive memory leak observed in Octeon after
switching to kernel 5.10.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 9283359bd53a889a270da4a7d5bbe3eaaa771e70)

2 years agoocteon: mark source-only
Stijn Tintel [Fri, 1 Apr 2022 10:05:10 +0000 (13:05 +0300)]
octeon: mark source-only

There is a hard to reproduce, even harder to track down memory leak in
Octeon since kernel 5.10. Mark octeon source-only until it is plugged.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 1fa8780056a8c7a2e26c8b4d5e6979232f117349)

2 years agoath79: migrate Archer C5 5GHz radio device paths
Jan-Niklas Burfeind [Mon, 28 Mar 2022 16:07:59 +0000 (18:07 +0200)]
ath79: migrate Archer C5 5GHz radio device paths

When upgrading a TP-Link Archer C5 v1 from ar71xx to ath79,
the 5ghz radio stops working because the device path changed.

Same has been done for the Archer C7 before:

commit e19506f20618 ("ath79: migrate Archer C7 5GHz radio device paths")

Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit c6eb63d48f942f1e54737ed182776cf9a08de542)

2 years agoath79: fix label MAC address for Ubiquiti UniFi AP Outdoor+
Matthias Schiffer [Tue, 29 Mar 2022 22:20:39 +0000 (00:20 +0200)]
ath79: fix label MAC address for Ubiquiti UniFi AP Outdoor+

The label has the MAC address of eth0, not the WLAN PHY address. We can
merge the definition back into ar7241_ubnt_unifi.dtsi, as both DTS
derived from it use the same interface for their label MAC addresses
after all.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit aee9ccf5c1b536189ebee8c232273657334da843)

2 years agorealtek: Fix tc default package
Hauke Mehrtens [Mon, 28 Feb 2022 21:32:08 +0000 (22:32 +0100)]
realtek: Fix tc default package

The tc package does not exits any more, it was split into tc-tiny,
tc-full and tc-bpf. Include tc-bpf by default into realtek images.

This increases the compressed image size by about 232KBytes.

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 34fb36e165d5b6e6e37d33b4b0da789a8f1430bb)

2 years agorealtek: Use firewall4
Hauke Mehrtens [Mon, 28 Feb 2022 20:57:55 +0000 (21:57 +0100)]
realtek: Use firewall4

The realtek target is not a router, but basic device, see DEVICE_TYPE.
The basic device type does not come with firewall by default, see
include/target.mk for details. The realtek target extended
DEFAULT_PACKAGES manually with firewall.

This changes the defaults to take firewall4 and nftables instead of
firewall and iptables. This also adds the additional package
kmod-nft-offload.

The only difference to the router type is the missing ppp,
ppp-mod-pppoe, dnsmasq and odhcpd-ipv6only package.

This increases the compressed image size by about 422KBytes.

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 469030659c5cb140bdbff1b3d8fc9691f98f984b)

2 years agorealtek: Remove dnsmasq and odhcpd-ipv6only from default
Hauke Mehrtens [Fri, 25 Mar 2022 12:57:40 +0000 (13:57 +0100)]
realtek: Remove dnsmasq and odhcpd-ipv6only from default

Do not include the dnsmasq and odhcpd-ipv6only package by default any
more. These services are not needed on a switch. If someone needs this
it is still possible to use opkg or image builder to add them.

This decreases the compressed image size by about 165KBytes.

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 2acebbdcaafbdfd3f677052c28bc0af04c6b5ab8)

2 years agoipq40xx: WAC510: device-tree overhauling
Christian Lamparter [Mon, 21 Feb 2022 19:13:53 +0000 (20:13 +0100)]
ipq40xx: WAC510: device-tree overhauling

removes usb-port remains as neither the WAC510 nor the WAC505
come with a USB port. Update the LED properties to phase out
labels and introduce generic node-names as well as adding
the color, function and function-enumerator properties.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 026fda10a5c45d56fd856628b6e9e69b95fd5e58)

2 years agolantiq: xrx200: replace patch with upstream version
Aleksander Jan Bajkowski [Tue, 8 Mar 2022 20:20:37 +0000 (21:20 +0100)]
lantiq: xrx200: replace patch with upstream version

This commit replaces patch number 0703 with the upstream accepted
version. This patch requires backporting an additional patch to
avoid conflicts.

The only significant change is the lower maximum MTU. Packets with
lengths over 2400 may be dropped.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
(cherry picked from commit b4970dab6b0c3e13715f4b13de42d72a74c1c9e9)

2 years agouqmi: fix acquiring PIN status
Daniel Golle [Thu, 24 Mar 2022 18:40:14 +0000 (18:40 +0000)]
uqmi: fix acquiring PIN status

Evaluating the return value of 'json_load' didn't work in the
intended way resulting in PIN status no longer being read on modems
where --get-pin-status doesn't fail.
Fix this by trying --get-pin-status first and checking if pin1_status
field exists in JSON, and if it doesn't try again with
--uim-get-sim-state.

Fixes: #9501
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ee7cb5e885118b78fb5f692d8ed6c93bb7e35853)

2 years agokernel: bump 5.10 to 5.10.108
Rui Salvaterra [Wed, 23 Mar 2022 09:47:19 +0000 (09:47 +0000)]
kernel: bump 5.10 to 5.10.108

Patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200
Tested-by: John Audia <graysky@archlinux.us>
Build-tested: ath79/generic, ramips/mt76{20,21,x8}, ipq40xx, mvebu, realtek/rtl{838,930}x, x86/64
Run-tested: ramips/mt7621, mvebu
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit 2c26eb4e484fe6d7a8159a22f97b6db7ca6e9221)

2 years agox86: Add support for Sophos XG 85 and XG 86 devices
Raylynn Knight [Mon, 21 Mar 2022 03:53:38 +0000 (23:53 -0400)]
x86: Add support for Sophos XG 85 and XG 86 devices

This commit builds on previous efforts to add support
for Sophos devices.

* Add support for Sophos XG 85 with/without wireless
* Add support for Sophos XG 86 with/without wireless

Tested on Sophos XG 85w rev1 and XG 86 rev 1

Signed-off-by: Raylynn Knight <rayknight@me.com>
(cherry picked from commit c7bcbcd49280a79b287cc072cd0ca7de777a7ac4)

2 years agomac80211: backport patch that allows receiving packets with non-standard VHT MCS10...
Felix Fietkau [Fri, 25 Mar 2022 20:09:14 +0000 (21:09 +0100)]
mac80211: backport patch that allows receiving packets with non-standard VHT MCS10-11 rates

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 56ae4eb90864373dd4663f579851290be74430aa)

2 years agoscripts/mkits.sh: replace forgotten '-' with ${REFERENCE_CHAR}
Daniel Golle [Wed, 23 Mar 2022 19:34:06 +0000 (19:34 +0000)]
scripts/mkits.sh: replace forgotten '-' with ${REFERENCE_CHAR}

Cosmetical change to improve style in mkits.sh.

Fixes: fd679086473 ("scripts: mkits.sh: Allow legacy @ mode for dts creation")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit e89c85249e311e9a376d07cda33c9dc39b12a906)

2 years agokernel: set options to make external initramfs reproducible
Daniel Golle [Thu, 24 Mar 2022 03:25:28 +0000 (03:25 +0000)]
kernel: set options to make external initramfs reproducible

Run cpio as well as compressors in such ways that they are generating
reproducible output.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 29d7461d1135b91905120a44dc028b786693ecc4)

2 years agogeneric: sync mtd rootfs hack with part_bits
Daniel Golle [Sat, 26 Mar 2022 22:51:21 +0000 (22:51 +0000)]
generic: sync mtd rootfs hack with part_bits

In commit ab143647ef ("kernel: generic: improve FIT partition parser")
part_bits was bumped to 2 in order to allow up to 3 additional FIT
sub-images mapped into sub-partitions.
This change has to be reflected also in our local patch
420-mtd-set-rootfs-to-be-root-dev.patch
which still assumed part_bits==1 for mtdblock devices in case of
CONFIG_FIT_PARTITION=y.

Fixes: #9557
Fixes: ab143647ef ("kernel: generic: improve FIT partition parser")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 13960fb0e0babcd99530fcb234073af0c0a5e2f5)

2 years agokernel: generic: fix warning in FIT partition parser
Daniel Golle [Thu, 24 Mar 2022 02:56:01 +0000 (02:56 +0000)]
kernel: generic: fix warning in FIT partition parser

Use 'const char *' where necessary to make gcc get quiet.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit d3a4607fc61f890d5d4bedef6e542046038294d9)

2 years agokernel: generic: improve FIT partition parser
Daniel Golle [Wed, 23 Mar 2022 19:29:07 +0000 (19:29 +0000)]
kernel: generic: improve FIT partition parser

 * only map filesystems configured in 'loadables'
 * allow mapping more than one filesystem (e.g. customization/branding
   or localization in addition to rootfs)
 * small cleaning here and there

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ab143647efef2a13bcce2f28a2797899fbc83946)

2 years agokernel: generic: use chosen bootconf in FIT partition parser
Daniel Golle [Mon, 21 Mar 2022 23:31:38 +0000 (23:31 +0000)]
kernel: generic: use chosen bootconf in FIT partition parser

If the selected boot configuration is stored by U-Boot in '/chosen'
node as 'bootconf' attribute, use that configuration to resolve the
block device used as rootfs. Fall back to use the default configuration
in case 'bootconf' is not present.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 503f3b9f0e9693bb983a0f259aa4ba106a690140)

2 years agouboot-mediatek: add patch to allow accessing bootconf from Linux
Daniel Golle [Mon, 21 Mar 2022 23:30:10 +0000 (23:30 +0000)]
uboot-mediatek: add patch to allow accessing bootconf from Linux

Store selected boot configuration in '/chosen' node in device tree, so
it can be accessed by Linux (and used for fine-tuning the FIT partition
parser).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit dfc3ea6810904f4f498d4a1304443c1a4c9f1e3c)

2 years agouboot-envtools: oxnas: fix wrong eraseblock size for shuttle,kd20
Daniel Golle [Mon, 21 Mar 2022 20:14:48 +0000 (20:14 +0000)]
uboot-envtools: oxnas: fix wrong eraseblock size for shuttle,kd20

Shuttle KD20 has NAND flash with 0x20000 (128KiB) erase blocks.
Correctly set that in uboot-envtools as well to allow writing to the
bootloader environment using fw_setenv.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit fa676395136b17d753fd90137e58f02a4fcdb09e)

2 years agoopenwrt-keyring: fix broken install step
Petr Štetiar [Sun, 27 Mar 2022 09:48:31 +0000 (11:48 +0200)]
openwrt-keyring: fix broken install step

In commit 2d03f27f0f07 ("openwrt-keyring: make opkg use 22.03 usign
key") I've accidentally removed the `endef` keyword, so fix it by adding
it back.

Fixes: 2d03f27f0f07 ("openwrt-keyring: make opkg use 22.03 usign key")
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2 years agoopenwrt-keyring: make opkg use 22.03 usign key
Petr Štetiar [Sun, 27 Mar 2022 09:06:40 +0000 (11:06 +0200)]
openwrt-keyring: make opkg use 22.03 usign key

In order to make opkg usable with artifacts produced by project's
buildbot:

 Downloading https://downloads.openwrt.org/releases/22.03-SNAPSHOT/packages/x86_64/luci/Packages.sig
 Signature check failed.
 Remove wrong Signature file.

References: https://gitlab.com/openwrt/docker/-/jobs/2255191689
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2 years agokernel: add (disabled) ASYMMETRIC_TPM_KEY_SUBTYPE symbol
Christian Lamparter [Fri, 25 Mar 2022 20:28:56 +0000 (21:28 +0100)]
kernel: add (disabled) ASYMMETRIC_TPM_KEY_SUBTYPE symbol

at91/sama7 fails to build due to:

| Asymmetric (public-key cryptographic) key type (ASYMMETRIC_KEY_TYPE) [Y/?] y
|  Asymmetric public-key crypto algorithm subtype (ASYMMETRIC_PUBLIC_KEY_SUBTYPE) [Y/?] y
|  Asymmetric TPM backed private key subtype (ASYMMETRIC_TPM_KEY_SUBTYPE) [N/m/?] (NEW)
|Error in reading or end of file.

please note that asym_tpm (module) has been removed in 5.17:
<https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d3cff4a9>

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 638771509383cf36617c49b9cc1e0c4a9aedaa0d)

2 years agoipq40xx: update E2600AC c1/c2 board
张 鹏 [Fri, 25 Mar 2022 09:39:07 +0000 (17:39 +0800)]
ipq40xx: update E2600AC c1/c2 board

Modified the radio frequency hardware part of e2600ac c1/c2,
need to cooperate with the modified board.bin file, the device
can work normally.

Signed-off-by: 张 鹏 <sd20@qxwlan.com>
(cherry picked from commit bdc786e82c13547b01bd8f699d00598a974c14f6)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2 years agokernel: backport two intel igc patches from 5.15
Pascal Coudurier [Sat, 19 Mar 2022 17:39:04 +0000 (18:39 +0100)]
kernel: backport two intel igc patches from 5.15

to allow proper initialization of device

- igc: Remove _I_PHY_ID checking
- igc: Remove phy->type checking

Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
(refreshed)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit dd45cc2123b75abb0b41eb90c21d8d3506f2a3c2)

2 years agocypress-firmware: drop several packages
Josef Schlehofer [Sun, 20 Mar 2022 22:28:41 +0000 (23:28 +0100)]
cypress-firmware: drop several packages

1. Drop package: cypress-firmware-4359-pcie
This binary is no longer provided and there are not many details what
happened.

2. Drop package: cypress-firmware-4359-sdio
This binary is no longer provided, but in this case, to compare it with
PCIe package mention as first, there was added
support in Linux-firmware [1], but no sign of firmware file.

4. Drop package: cypress-firmware-89459-pcie [2]
According to Infineon: "CYW89459 is an automotive Wi-Fi chip which is not
supported in the broad market community."

[1] https://patchwork.kernel.org/project/linux-wireless/patch/20191211235253.2539-6-smoch@web.de/

[2] https://community.infineon.com/t5/Wi-Fi-Bluetooth-for-Linux/the-wifi-driver-for-CYW89459-in-linux4-14-98-2-3-00/m-p/138971

Fixes: 7ca7e0b22de6 ("cypress-firmware: update it to version 5.4.18-2021_0812")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 51dee3f4f7bac26cae8a6355f5a9adb4823f63a5)

2 years agoapm821xx: fix crash/panic related to SATA/SSD choice
Christian Lamparter [Thu, 24 Mar 2022 20:05:11 +0000 (21:05 +0100)]
apm821xx: fix crash/panic related to SATA/SSD choice

Ticerex on the OpenWrt Forum reported a gnarly crash when
he was using Samsung 840 and 850 EVOs with his MyBook Live:

| BUG: Kernel NULL pointer dereference at 0x00000000
| Faulting instruction address: 0xc03ed4b8
| Oops: Kernel access of bad area, sig: 11 [#1]
| BE PAGE_SIZE=4K PowerPC 44x Platform
| CPU: 0 PID: 362 Comm: scsi_eh_1 Not tainted 5.4.163 #0
| NIP:  c03ed4b8 LR: c03d27e8 CTR: c03ed36c
| REGS: cfa59950 TRAP: 0300   Not tainted  (5.4.163)
| MSR:  00021000 <CE,ME>  CR: 42000222  XER: 00000000
| DEAR: 00000000 ESR: 00000000
| GPR00: c03d27e8 cfa59a08 cfa55fe0 00000000 0fa46bc0 [...]
| [..]
| NIP [c03ed4b8] sata_dwc_qc_issue+0x14c/0x254
| LR [c03d27e8] ata_qc_issue+0x1c8/0x2dc
| Call Trace:
| [cfa59a08] [c003f4e0] __cancel_work_timer+0x124/0x194 (unreliable)
| [cfa59a78] [c03d27e8] ata_qc_issue+0x1c8/0x2dc
| [cfa59a98] [c03d2b3c] ata_exec_internal_sg+0x240/0x524
| [cfa59b08] [c03d2e98] ata_exec_internal+0x78/0xe0
| [cfa59b58] [c03d30fc] ata_read_log_page.part.38+0x1dc/0x204
| [cfa59bc8] [c03d324c] ata_identify_page_supported+0x68/0x130
| [...]

This turned out this is an issue with upstream changing
ATA_TAG_INTERNAL's value from 31 to 32 during 4.18 release.
Update "SATA_DWC_QCMD_MAX" to account for that.

Link: https://forum.openwrt.org/t/my-book-live-duo-reboot-loop/122464
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit e95dec811661f60ae931e09e320249187922bd67)

2 years agoipq40xx: disable non-building tel(co Electronics) x1pro
Christian Lamparter [Thu, 24 Mar 2022 19:34:16 +0000 (20:34 +0100)]
ipq40xx: disable non-building tel(co Electronics) x1pro

Tel(co Electronics) X1 Pro is preventing ipq40xx generic
from building due to the KERNEL_SIZE.

Whenever bigger kernels are possible, if lzma is supported
is unknown.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 4ce52de450922dc671f08fb4551c066cfcf55bf4)

2 years agoath79: fix link for long cables with OCEDO Raccoon
David Bauer [Fri, 25 Mar 2022 21:58:34 +0000 (22:58 +0100)]
ath79: fix link for long cables with OCEDO Raccoon

The OCEDO Raccoon had significant packet-loss with cables longer than 50
meter. Disabling EEE restores normal operation.

Also change the ethernet config to reduce loss on sub-1G links.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4551bfd91f31be5987727c77e58333fa06ba3acd)

2 years agoath79: fix TPLINK_HWREV field for TL-WR1043ND v4
Matthias Schiffer [Fri, 25 Mar 2022 16:32:24 +0000 (17:32 +0100)]
ath79: fix TPLINK_HWREV field for TL-WR1043ND v4

Required to allow sysupgrades from OpenWrt 19.07.

Closes #7071

Fixes: 98fbf2edc021 ("ath79: move TPLINK_HWID/_HWREV to parent for tplink-safeloader")
Tested-by: J. Burfeind <git@aiyionpri.me>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 8ba71f1f6f2359f9cf54201e9fc037df33f123c0)

2 years agoimagebuilder: fix broken image generation with external targets
Petr Štetiar [Thu, 24 Mar 2022 05:52:37 +0000 (06:52 +0100)]
imagebuilder: fix broken image generation with external targets

When using external targets there is a symlink being created for the
target under target/linux which then becomes dangling under Image
Builder. Fix it by dereferencing the possible symlink.

Tested on IB with external target, ipq40xx and mvebu.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 621f39d1f438bf95dbae667c575926fa16a6d797)

2 years agoopenwrt-keyring: add OpenWrt 22.03 GPG/usign keys
Petr Štetiar [Fri, 25 Mar 2022 13:26:52 +0000 (14:26 +0100)]
openwrt-keyring: add OpenWrt 22.03 GPG/usign keys

 62471e693b4f usign: add 22.03 release build public key
 70817cffc905 gpg: add OpenWrt 22.03 signing key

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 759886345d900139f38bd9200a32ce12868d3343)

2 years agoath79: change Ubiquiti UniFi AP model name to include "AP"
Matthias Schiffer [Thu, 24 Mar 2022 08:26:01 +0000 (09:26 +0100)]
ath79: change Ubiquiti UniFi AP model name to include "AP"

While it hasn't always been clear whether the "AP" is part of the model
name on the Ubiquiti website, we include it for all other pre-AC
variants (AP Pro and the AP Outdoor+). Add it to the original UniFi AP
as well for consistency.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit dc23df8a8ca728871d84f0a140f4b52c36b03f1d)

2 years agoath79: fix label MAC address for Ubiquiti UniFi
Matthias Schiffer [Wed, 23 Mar 2022 21:06:50 +0000 (22:06 +0100)]
ath79: fix label MAC address for Ubiquiti UniFi

The label has the MAC address of eth0, not the WLAN PHY address.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 2a02b7049966dc77ae9519ca165f29b75e0dbf0e)

2 years agomvebu: udpu: fix initramfs booting
Robert Marko [Mon, 21 Mar 2022 10:47:27 +0000 (11:47 +0100)]
mvebu: udpu: fix initramfs booting

uDPU provides a FIT based initramfs, but currently gets stuck after U-boot
starts the kernel at "Starting kernel..".

It is due to the load address being too low, so increase it in order to get
the initramfs booting again.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit 80f21e53360d52d493c51a4a263d9b7607b7494e)

2 years agomvebu: udpu: include LM75 kmod by default
Robert Marko [Mon, 21 Mar 2022 10:47:28 +0000 (11:47 +0100)]
mvebu: udpu: include LM75 kmod by default

uDPU has 2 LM75 compatible temperature sensors, so include the driver for
them by default in order to utilize them.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit a8b2d3590329386d0ae6873460b2d5126f63ddaa)

2 years agokernel: Fix patch header
Marek Behún [Mon, 21 Mar 2022 16:35:27 +0000 (17:35 +0100)]
kernel: Fix patch header

Remove "a" character from the first line of patch
  738-v5.14-01-net-dsa-qca8k-fix-an-endian-bug-in-qca8k-get-ethtool.patch

Otherwise `git am` fails to apply this patch which is annoying when
trying to do some development / rebasing.

Signed-off-by: Marek Behún <kabel@kernel.org>
(cherry picked from commit f811c33b197138d8e9ab7bc9fbdc3836e95827b8)

2 years agosunxi: cortexa7: fix ethernet link detection on a20-olinuxino-lime2
Petr Štetiar [Tue, 8 Mar 2022 09:41:24 +0000 (10:41 +0100)]
sunxi: cortexa7: fix ethernet link detection on a20-olinuxino-lime2

a20-olinuxino-lime2 is currently having hard time with link detection of
certain 1000Mbit partners due to usage of generic PHY driver, probably
due to following missing workaround introduced in upstream in commit
3aed3e2a143c ("net: phy: micrel: add Asym Pause workaround"):

 The Micrel KSZ9031 PHY may fail to establish a link when the Asymmetric
 Pause capability is set. This issue is described in a Silicon Errata
 (DS80000691D or DS80000692D), which advises to always disable the
 capability. This patch implements the workaround by defining a KSZ9031
 specific get_feature callback to force the Asymmetric Pause capability
 bit to be cleared.

 This fixes issues where the link would not come up at boot time, or when
 the Asym Pause bit was set later on.

As a20-olinuxino-lime2 has Micrel KSZ9031RNXCC-TR Gigabit PHY since
revision H, so we need to use Micrel PHY driver on those devices.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit ffa1088f63267f817a3adf34c84b8e8089b1a938)

2 years agozlib: backport security fix for a reproducible crash in compressor
Petr Štetiar [Thu, 24 Mar 2022 05:45:04 +0000 (06:45 +0100)]
zlib: backport security fix for a reproducible crash in compressor

Tavis has just reported, that he was recently trying to track down a
reproducible crash in a compressor. Believe it or not, it really was a
bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.

Tavis has reported it upstream, but it turns out the issue has been
public since 2018, but the patch never made it into a release. As far as
he knows, nobody ever assigned it a CVE.

Suggested-by: Tavis Ormandy <taviso@gmail.com>
References: https://www.openwall.com/lists/oss-security/2022/03/24/1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b3aa2909a79aeff20d594160b207a89dc807c033)

2 years agoqosify: update to the latest version
Felix Fietkau [Mon, 21 Mar 2022 19:26:56 +0000 (20:26 +0100)]
qosify: update to the latest version

391a9fbd5ace dns: fix parsing vlan encapsulated protocol
6aeeddbc91ad interface: extend dns filters to cover vlan tagged traffic as well
1ab53d4ca601 bpf: return TC_ACT_UNSPEC to allow other filters to proceed
ca21e729af23 interface: switch to using clsact for filters
5d158f6b3c15 interface: run ingress bpf filter on main device ingress instead of ifb egress
bdfcb11847ce interface: fix duplicated dns filter line
b97405aa632a Revert "ubus: remove dnsmasq subscriber"
8fbaf39dbc95 interface: rework adding/removing filters, do not delete clsact
d7ba5804eae4 interface: replace open-coded ifb-dns string with QOSIFY_DNS_IFNAME
91cf440db9e2 loader: fix use of deprecated functions
57c7817f91c2 qosify: fix dscp values of ubus-added dns host entries

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit af434e0da2485bd7a82895b5bb63b1182154b98e)

2 years agokmod-lzo: include the lzo-rle kmod in the package
Rui Salvaterra [Wed, 9 Dec 2020 16:11:40 +0000 (16:11 +0000)]
kmod-lzo: include the lzo-rle kmod in the package

Albeit a separate crypto module, lzo-rle uses the same kernel library as lzo.
Crypto API users (zram, for example) expect both lzo and lzo-rle to be
available, so let's include lzo-rle (about 5.5 kiB) in the lib-lzo package.

Based on e9hack's original patch: https://patchwork.ozlabs.org/project/openwrt/patch/541cbfbd-76f2-59b3-a867-47b6f0fc7da9@gmail.com/

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit aaa0c09785bee4c9e2baf18c026882d1ff3bacd2)

2 years agokernel: delete Linux 5.4 config and patches
Daniel Golle [Mon, 21 Mar 2022 01:16:48 +0000 (01:16 +0000)]
kernel: delete Linux 5.4 config and patches

As the upcoming release will be based on Linux 5.10 only, remove all
kernel configuration as well as patches for Linux 5.4.
There were no targets still actively using Linux 5.4.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3a14580411adfb75f9a44eded9f41245b9e44606)

2 years agomediatek: Add support for Xiaomi Redmi Router AX6S
Richard Huynh [Wed, 1 Dec 2021 01:27:39 +0000 (12:27 +1100)]
mediatek: Add support for Xiaomi Redmi Router AX6S

Also known as the "Xiaomi Router AX3200" in western markets,
but only the AX6S is widely installation-capable at this time.

SoC: MediaTek MT7622B
RAM: DDR3 256 MiB (ESMT M15T2G16128A)
Flash: SPI-NAND 128 MiB (ESMT F50L1G41LB or Gigadevice GD5F1GQ5xExxG)
WLAN: 2.4/5 GHz 4T4R
2.4 GHz: MediaTek MT7622B
5 GHz: MediaTek MT7915E
Ethernet: 4x 10/100/1000 Mbps
Switch: MediaTek MT7531B
LEDs/Keys: 2/2 (Internet + System LED, Mesh button + Reset pin)
UART: Marked J1 on board VCC RX GND TX, beginning from "1". 3.3v, 115200n8
Power: 12 VDC, 1.5 A

Notes:
U-Boot passes through the ethaddr from uboot-env partition,
but also has been known to reset it to a generic mac address
hardcoded in the bootloader.

However, bdata is also populated with the ethernet mac addresses,
but is also typically never written to. Thus this is used instead.

Installation:
1. Flash stock Xiaomi "closed beta" image labelled
'miwifi_rb03_firmware_stable_1.2.7_closedbeta.bin'.
(MD5: 5eedf1632ac97bb5a6bb072c08603ed7)

2. Calculate telnet password from serial number and login

3. Execute commands to prepare device
nvram set ssh_en=1
nvram set uart_en=1
nvram set boot_wait=on
nvram set flag_boot_success=1
nvram set flag_try_sys1_failed=0
nvram set flag_try_sys2_failed=0
nvram commit

4. Download and flash image
On computer:
python -m http.server
On router:
cd /tmp
wget http://<IP>:8000/factory.bin
mtd -r write factory.bin firmware

Device should reboot at this point.

Reverting to stock:
Stock Xiaomi recovery tftp that accepts their signed images,
with default ips of 192.168.31.1 + 192.168.31.100.
Stock image should be renamed to tftp server ip in hex (Eg. C0A81F64.img)
Triggered by holding reset pin on powerup.

A simple implementation of this would be via dnsmasq's
dhcp-boot option or using the vendor's (Windows only)
recovery tool available on their website.

Signed-off-by: Richard Huynh <voxlympha@gmail.com>
(cherry picked from commit 9f9477b2751231d57cdd8c227149b88c93491d93)

2 years agomediatek: Add GD5F1GQ5xExxG to mtk-snand
Richard Huynh [Mon, 27 Dec 2021 02:07:29 +0000 (13:07 +1100)]
mediatek: Add GD5F1GQ5xExxG to mtk-snand

Some units of the Xiaomi Redmi Router AX6S/Xiaomi Router AX3200 contain this part.

Signed-off-by: Richard Huynh <voxlympha@gmail.com>
(cherry picked from commit 4177de10df384e0106191e5b204b0aa11431fe77)

2 years agobuild: switch VERSION_REPO again to HTTPS
Paul Spooren [Sun, 20 Mar 2022 13:34:22 +0000 (13:34 +0000)]
build: switch VERSION_REPO again to HTTPS

The maintainer-tools.git script still defaults to `http` while
eveyrthing moved over to `https`. This commit switches VERSION_REPO
again back to encrypted connections.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2 years agoOpenWrt v22.03: set branch defaults
Paul Spooren [Sun, 20 Mar 2022 13:02:58 +0000 (13:02 +0000)]
OpenWrt v22.03: set branch defaults

Signed-off-by: Paul Spooren <mail@aparcar.org>
2 years agoipq40xx: add support for Telco X1 Pro
Nicholas Smith [Fri, 11 Mar 2022 03:54:07 +0000 (13:54 +1000)]
ipq40xx: add support for Telco X1 Pro

Telco X1 Pro is a Cat12 LTE-A Pro modem router.
Vendor firmware is based on a recent version of OpenWrt.
Flashing is possible via CLI using sysupgrade -F -n
The serial headers allow bootloader and console access
Serial setting: 115200  8N1

Brief Specifications:
IPQ4019 SoC
32MB flash
512MB RAM
4x gigabit LAN
1x gigabit WAN
Dual-band Wave-2 wifi
2x SMA LTE antenna connectors
2x RP-SMA wifi antennas
1x USB 2.0 port
1x Reset button
Serial headers installed
1x Nano SIM tray
1x Quectel EM-12G LTE-A Pro modem
1x M.2 slot attached to USB 3.0
1x internal micro SD card slot

Signed-off-by: Nicholas Smith <nicholas@nbembedded.com>
2 years agoramips: add support for D-Link DIR-878 R1
Igor Nazarov [Wed, 16 Mar 2022 21:51:35 +0000 (00:51 +0300)]
ramips: add support for D-Link DIR-878 R1

Specifications:
- SoC: MediaTek MT7621AT
- RAM: 128 MB (DDR3)
- Flash: 16 MB (SPI NOR)
- WiFi: MT7615N (2.4GHz) and MT7615N (5Ghz)
- Switch: 1 WAN, 4 LAN (Gigabit)
- Buttons: Reset, WiFi Toggle, WPS
- LEDs: Power, Internet, WiFi 2.4G WiFi 5G

The R1 revision is identical to the A1 revision except
- No Config2 Parition, therefore
- factory partition resized to 64k from 128K
- Firmware partition offset is 0x50000 not 0x60000
- Firmware partitions size increased by 64K
- Firmware partition type is "denx,uimage", not "sge,uimage"
- Padding of image creation "uimage-padhdr 96" removed

Installation:
Update to the last D-Link firmware through web-ui before OpenWRT
installation then follow the instructions to patch your device using
D-Link FailsafeUI.

- D-Link FailsafeUI:
Power down the router, press and hold the reset button, then
re-plug it. Keep the reset button pressed until the internet LED stops
flashing, then jack into any lan port and manually assign a static IP
address in 192.168.0.0/24 other than 192.168.0.1 (e.g. 192.168.0.2)
and go to http://192.168.0.1
Flash with the factory image.

Signed-off-by: Igor Nazarov <tigron.dev@gmail.com>
2 years agokernel: bump 5.10 to 5.10.107
John Audia [Sat, 19 Mar 2022 16:16:47 +0000 (12:16 -0400)]
kernel: bump 5.10 to 5.10.107

All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <graysky@archlinux.us>
2 years agoncurses: update to 6.3
Huangbin Zhan [Mon, 15 Nov 2021 14:03:45 +0000 (22:03 +0800)]
ncurses: update to 6.3

release notes: https://invisible-island.net/ncurses/announce-6.3.html

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
2 years agoramips: add support for Beeline SmartBox Flash
Mikhail Zhilkin [Wed, 5 Jan 2022 13:11:56 +0000 (13:11 +0000)]
ramips: add support for Beeline SmartBox Flash

Beeline SmartBox Flash is a wireless AC1300 (WiFi 5) router manufactured
by Arcadyan company.

Device specification
--------------------
SoC Type: MediaTek MT7621AT
RAM: 256 MiB, Winbond W632GU6NB
Flash: 128 MiB (NAND), Winbond W29N01HVSINF
Wireless 2.4 GHz (MT7615DN): b/g/n, 2x2
Wireless 5 GHz (MT7615DN): a/n/ac, 2x2
Ethernet: 3xGbE (WAN, LAN1, LAN2)
USB ports: 1xUSB3.0
Button: 1 (Reset/WPS)
LEDs: 1 RGB LED
Power: 12 VDC, 1.5 A
Connector type: Barrel
Bootloader: U-Boot (Ralink UBoot Version: 5.0.0.2)
OEM: Arcadyan WE42022

Installation
------------
1. Place *factory.trx on any web server (192.168.1.2 in this example)
2. Connect to the router using telnet shell (no password required)
3. Save MAC adresses to U-Boot environment:
   uboot_env --set --name eth2macaddr --value $(ifconfig | grep eth2 | \
    awk '{print $5}')
   uboot_env --set --name eth3macaddr --value $(ifconfig | grep eth3 | \
    awk '{print $5}')
   uboot_env --set --name ra0macaddr --value $(ifconfig | grep ra0 | \
    awk '{print $5}')
   uboot_env --set --name rax0macaddr --value $(ifconfig | grep rax0 | \
    awk '{print $5}')
4. Ensure that MACs were saved correctly:
   uboot_env --get --name eth2macaddr
   uboot_env --get --name eth3macaddr
   uboot_env --get --name ra0macaddr
   uboot_env --get --name rax0macaddr
5. Download and write the OpenWrt images:
   cd /tmp
   wget http://192.168.1.2/factory.trx
   mtd_write erase /dev/mtd4
   mtd_write write factory.trx /dev/mtd4
6. Set 1st boot partition and reboot:
   uboot_env --set --name bootpartition --value 0
   reboot

Back to Stock
-------------
1. Run in the OpenWrt shell:
   fw_setenv bootpartition 1
   reboot
2. Optional step. Upgrade the stock firmware with any version to
   overwrite the OpenWrt in Slot 1.

MAC addresses
-------------
+-----------+-------------------+----------------+
| Interface | MAC               | Source         |
+-----------+-------------------+----------------+
| label     | 30:xx:xx:51:xx:09 | No MACs was    |
| LAN       | 30:xx:xx:51:xx:09 | found on Flash |
| WAN       | 30:xx:xx:51:xx:06 | [1]            |
| WLAN_2g   | 30:xx:xx:51:xx:07 |                |
| WLAN_5g   | 32:xx:xx:41:xx:07 |                |
+-----------+-------------------+----------------+
[1]:
a. Label wasb't found neither in factory nor in other places.
b. MAC addresses are stored in encrypted partition "glbcfg". Encryption
   key hasn't known yet. To ensure the correct MACs in OpenWrt, a hack
   with saving of the MACs to u-boot-env during the installation was
   applied.
c. Default Ralink ethernet MAC address (00:0C:43:28:80:36) was found in
   "Factory" 0xfff0. It's the same for all Smartbox Flash devices. OEM
   firmware also uses this MAC when initialazes ethernet driver. In
   OpenWrt we use it only as internal GMAC (eth0), all other MACs are
   unique. Therefore, there is no any barriers to the operation of several
   Smartbox Flash devices even within the same broadcast domain.

Stock firmware image format
---------------------------
+--------------+---------------+----------------------------------------+
| Offset       | 1.0.15        | Description                            |
+==============+===============+========================================+
| 0x0          | 5d 43 6f 74   | TRX magic "]Cot"                       |
+--------------+---------------+----------------------------------------+
| 0x4          | 00 70 ff 00   | Length (reverse)                       |
+--------------+---------------+----------------------------------------+
|              |               | htonl(~crc) from 0xc ("flag_version")  |
| 0x8          | 72 b3 93 16   | to "Length"                            |
+--------------+---------------+----------------------------------------+
| 0xc          | 00 00 01 00   | Flags                                  |
+--------------+---------------+----------------------------------------+
|              |               | Offset (reverse) of Kernel partition   |
| 0x10         | 1c 00 00 00   | from the start of the header           |
+--------------+---------------+----------------------------------------+
|              |               | Offset (reverse) of RootFS partition   |
| 0x14         | 00 00 42 00   | from the start of the header           |
+--------------+---------------+----------------------------------------+
| 0x18         | 00 00 00 00   | Zeroes                                 |
+--------------+---------------+----------------------------------------+
| 0x1c         | 27 05 19 56 … | Kernel data + zero padding             |
+--------------+---------------+----------------------------------------+
|              |               | RootFS data (starting with "hsqs") +   |
| 0x420000     | 68 73 71 73 … | zero padding to "Length"               |
+--------------+---------------+----------------------------------------+
|              |               | Some signature data (format is         |
|              |               | unknown). Necessary for the fw         |
| "Lenght"     | 00 00 00 00 … | update via oem fw web interface.       |
+--------------+---------------+----------------------------------------+
| "Lenght" +   |               | TRX magic "HDR0". U-Boot is            |
| 0x10c        | 48 44 52 30   | checking it at every boot.             |
+--------------+---------------+----------------------------------------+
|              |               | 1.00:                                  |
|              |               |   Zero padding to ("Lenght" + 0x23000) |
|              |               | 1.0.12:                                |
|              |               |   Zero padding to ("Lenght" + 0x2a000) |
| "Lenght" +   |               | 1.0.13, 1.0.15, 1.0.16:                |
| 0x110        | 00 00 00 00   |   Zero padding to ("Lenght" + 0x10000) |
+--------------+---------------+----------------------------------------+

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
2 years agobase-files: add wrapper for procd service list command
Florian Eckert [Wed, 22 Dec 2021 07:59:43 +0000 (08:59 +0100)]
base-files: add wrapper for procd service list command

A service managed by procd does have a json object with usefull information.
This information could by dumped with the following command.

ubus call service list "{ 'verbose':true, 'name': '<service-name>)'". }"

This line is long and complicated to enter. This commit adds a wrapper
call to the procd service section tool to simplify the input and get the
output faster.

We could now enter the command /etc/initd/<service> info to get the info
faster.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agoprocd: move service command to procd
Florian Eckert [Tue, 30 Nov 2021 15:01:14 +0000 (16:01 +0100)]
procd: move service command to procd

The service command belongs to the procd and does not belong in the
shinit. In the course of the move, the script was also checked with
shellcheck and cleaned up.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agokernel: bump 5.10 to 5.10.106
John Audia [Wed, 16 Mar 2022 20:06:23 +0000 (16:06 -0400)]
kernel: bump 5.10 to 5.10.106

All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <graysky@archlinux.us>
2 years agokernel: bump 5.10 to 5.10.105
John Audia [Fri, 11 Mar 2022 12:15:14 +0000 (07:15 -0500)]
kernel: bump 5.10 to 5.10.105

Updated default config with new sym (CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY=y).

Manually rebased:
    generic/hack-5.10/220-arm-gc_sections.patch

All other patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <graysky@archlinux.us>
2 years agoiptables: bump PKG_RELEASE
Etienne Champetier [Fri, 18 Mar 2022 00:05:28 +0000 (20:05 -0400)]
iptables: bump PKG_RELEASE

Following {arp,eb}tables-nft addition, bump PKG_RELEASE

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2 years agoiptables: add {arp,eb}tables-nft
Etienne Champetier [Tue, 1 Mar 2022 04:14:48 +0000 (23:14 -0500)]
iptables: add {arp,eb}tables-nft

Add a patch to add some missing init_extensions{a,b}() calls
Package lib{arp,eb}t_*.so

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2 years agoiptables: add xtables-nft package
Etienne Champetier [Tue, 1 Mar 2022 04:32:53 +0000 (23:32 -0500)]
iptables: add xtables-nft package

This allows to install ip6tables-nft without iptables-nft
This prepare the addition of {arp,eb}tables-nft

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2 years agoiptables: add xtables-legacy package
Etienne Champetier [Tue, 1 Mar 2022 04:24:11 +0000 (23:24 -0500)]
iptables: add xtables-legacy package

This allows to install ip6tables-legacy without iptables-legacy

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2 years agoebtables: rename to ebtables-legacy
Etienne Champetier [Tue, 1 Mar 2022 04:00:22 +0000 (23:00 -0500)]
ebtables: rename to ebtables-legacy

This prepare the introduction of ebtables-nft.
Add PROVIDES so dependencies are not broken,
use ALTERNATIVES.

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2 years agoarptables: rename package to arptables-legacy
Etienne Champetier [Tue, 1 Mar 2022 03:37:41 +0000 (22:37 -0500)]
arptables: rename package to arptables-legacy

This prepare the introduction of arptables-nft.
Add PROVIDES so dependencies are not broken,
use ALTERNATIVES.

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2 years agoquilt.mk: fix typo in the Host section
Rosen Penev [Fri, 26 Mar 2021 10:09:34 +0000 (03:09 -0700)]
quilt.mk: fix typo in the Host section

HOST_PATCH_DIR is used for host patches, not PATCH_DIR.

Fixes refreshing patches with a custom HOST_PATCH_DIR.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agocypress-firmware: update it to version 5.4.18-2021_0812
Josef Schlehofer [Wed, 16 Mar 2022 12:14:57 +0000 (13:14 +0100)]
cypress-firmware: update it to version 5.4.18-2021_0812

- Binary files were renamed to cyfmac from brcmfmac, but the files needs
  to be on the router with the previous naming

[    6.656165] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6
[    6.665182] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.bin failed with error -2
[    6.674928] brcmfmac mmc1:0001:1: Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.bin

- Cypress were acquired by Infineon Technologies
Thus change the project URL and switch to download files from their
GitHub repository. This is much better than the previous solution, which
requires finding new threads on their community forum about new driver
updates, and it will be necessary to change the URL each time.

Unfortunately, it seems that there is not published changelog, but
according to this forum thread [1], be careful by opening the link from
solution since it contains ending bracket ), it brings fixes for various
security vulnerabilities, which were fixed in 7_45_234.

Fixes:
- FragAttacks
- Kr00k

Also add LICENSE file

Run tested on Seeedstudio router powered by Raspberry Pi 4 CM with
package cypress-firmware-43455-sdio.

Before:
root@OpenWrt:~# dmesg | grep 'Firmware: BCM4345/6'
[    6.895050] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM4345/6 wl0: Mar 23 2020 02:20:01 version 7.45.206 (r725000 CY) FWID 01-febaba43

After:
root@OpenWrt:~# dmesg | grep 'Firmware: BCM4345/6'
[    6.829805] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM4345/6 wl0: Apr 15 2021 03:03:20 version 7.45.234 (4ca95bb CY) FWID 01-996384e2

[1] https://community.infineon.com/t5/Wi-Fi-Bluetooth-for-Linux/Outdated-brcmfmac-firmware-for-Raspberry-Pi-4-in-OpenWrt-21-02-1/m-p/331593#M2269

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agobcm27xx: bcm2711: add kmod-usb-net-lan78xx
Josef Schlehofer [Thu, 17 Mar 2022 17:49:57 +0000 (18:49 +0100)]
bcm27xx: bcm2711: add kmod-usb-net-lan78xx

Some vendors like Seeedstudio in their product [1] with Raspberry Pi
Compute Module 4 uses Microchip LAN7800 (USB 3.0 to Gigabit
Ethernet Bridge) - USB 3.0 extended from PCIe of CM4.

lsusb output:
```
Bus 002 Device 002: ID 0424:7800 Microchip LAN7800
```

Raspberry Pi 4 and even Compute Module 4 has many resources available
and for just one kernel module it is not necessary to add additional specific CM4 profiles.
Let's include it by default, so the both Ethernet ports will be usable
to have better user-experience. Because previous generation of Raspberry
Pi included LAN7800 Gigabit Ethernet by default and it is enabled there
[2] in kernel without additional kernel module, which was added recently [3].

After this commit in dmesg can be found this:

```
root@OpenWrt:~# dmesg | grep lan
[    7.038889] lan78xx 2-3:1.0 (unnamed net_device) (uninitialized): int urb period 64
[    7.090484] usbcore: registered new interface driver lan78xx
```

Tested and works with sysupgrade image.

[1] https://www.seeedstudio.com/Dual-GbE-Carrier-Board-with-4GB-RAM-32GB-eMMC-RPi-CM4-Case-p-5029.html
[2] https://github.com/openwrt/openwrt/blob/32c74552b2310531af593ee0f859a3935a3a7cbd/target/linux/bcm27xx/bcm2709/config-5.4#L437
[3] https://github.com/openwrt/openwrt/commit/31647d8be8c60bfb6690c87c739b8abe6dc03950

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agoiwinfo: update to latest Git head
Josef Schlehofer [Thu, 17 Mar 2022 23:07:50 +0000 (00:07 +0100)]
iwinfo: update to latest Git head

Changelog:
90bfbb9 devices: Add Cypress CYW43455
234075b devices: fix AMD RZ608 format
0e2a318 devices: add AMD RZ608 device-id

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agobpftools: fix library path on 64 bit systems
Felix Fietkau [Sat, 19 Mar 2022 12:28:41 +0000 (13:28 +0100)]
bpftools: fix library path on 64 bit systems

drop the use of LIB_SUFFIX

Fixes: 00cbf6f6ab1d ("bpftools: update to standalone bpftools + libbpf, use the latest version")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agobpftools: update to standalone bpftools + libbpf, use the latest version
Felix Fietkau [Tue, 15 Mar 2022 13:33:59 +0000 (14:33 +0100)]
bpftools: update to standalone bpftools + libbpf, use the latest version

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomac80211: backport MBSSID support
Felix Fietkau [Fri, 18 Mar 2022 13:36:57 +0000 (14:36 +0100)]
mac80211: backport MBSSID support

Required for an upcoming mt76 update

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agokernel: enable SERIAL_8250_16550A_VARIANTS
Stijn Tintel [Mon, 14 Mar 2022 19:56:55 +0000 (21:56 +0200)]
kernel: enable SERIAL_8250_16550A_VARIANTS

Kernel 5.6 introduced a new config symbol SERIAL_8250_16550A_VARIANTS.
In kernel 5.8, this symbol was changed to default to on on !x86, as some
embedded devices still use 16650A variants. Let's play safe here and
enable this symbol in the generic config, to avoid others from running
into this problem and having to spend several hours trying to bisect
this problem. While we could disable the symbol in the x86 target
configs, a 20ms boot time reduction really isn't worth the time wasted
on bisecting this issue.

Matt discovered this problem while working on adding support for the
WatchGuard Firebox M200 to the qoriq target, where it caused some
characters to be missing on the console output.

Reported-by: Matt Fawcett <mattytap@icloud.com>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Reviewed-by: Rui Salvaterra <rsalvaterra@gmail.com>
2 years agoath79: improve support for GL.iNet GL-XE300
Pascal Coudurier [Tue, 25 Jan 2022 20:18:28 +0000 (21:18 +0100)]
ath79: improve support for GL.iNet GL-XE300

- fix eth0 eth1 sharing same mac so it conforms to the behavior stated
  in the original commit and the way it is in vendor firmware :
  WAN is label, LAN is label +1 and WLAN is label +2
- add default leds config
- add default network config

Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
2 years agompc85xx: fix missing kernel config symbol and DTS whitespace issue
Petr Štetiar [Thu, 17 Mar 2022 06:53:55 +0000 (07:53 +0100)]
mpc85xx: fix missing kernel config symbol and DTS whitespace issue

Buildbot has reported following issue while crunching mpc85xx/p1010
subtarget:

 Extreme Networks WS-AP3825i (WS_AP3825I) [N/y/?] (NEW)

Fix it by disabling that config symbol in target kernel config and while
at it fix DTS whitespace issue.

Fixes: 7e614820a892 ("mpc85xx: add support for Extreme Networks WS-AP3825i")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2 years agolantiq: fritz7362sl: add partition subnode for SPI flash
Jan Hoffmann [Wed, 16 Mar 2022 17:24:23 +0000 (18:24 +0100)]
lantiq: fritz7362sl: add partition subnode for SPI flash

Without a partition subnode ofpart_core still parses direct subnodes as
partitions, but it ignores nodes with a compatible property. Due to
this, the switch to nvmem-cells made the urlader partition inaccessible.
As a result, the wireless network was broken, as the calibration data
is read from that partition by a script.

Fixes: #8983
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2 years agolantiq: fritz7362sl: fix SPI flash node reg property
Martin Blumenstingl [Tue, 15 Mar 2022 21:53:04 +0000 (22:53 +0100)]
lantiq: fritz7362sl: fix SPI flash node reg property

The &spi node has #address-cells = <1> and #size-cells = <0>. Drop the
extra 0 in the reg property from the SPI flash node to ensure it's
number of cells matches the definition in the parent node. This also
makes the reg property for the SPI flash node consistent with all other
VR9 boards.

Fixes: eae6cac6a30b ("lantiq: add support for AVM FRITZ!Box 7362 SL")
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2 years agoipq806x: fix TP-Link Archer VR2600v bootlooping
Christian Lamparter [Wed, 16 Mar 2022 16:34:24 +0000 (17:34 +0100)]
ipq806x: fix TP-Link Archer VR2600v bootlooping

Timo Schroeder reported:
"The TP-Link Archer VR2600v is stuck in a boot loop on written
snapshot image. It's able to boot using the snapshot uimage
though, but there ath10k firmware can't be found.
21.02.2 release version doesn't have either problem."

The VR2600v has a 512 byte header at the beginning of the
firmware that needs to be accounted for.

Fixes: f6a01d7f5c3d ("ipq806x: convert TP-Link Archer VR2600v to denx,uimage")
Reported-by: Timo Schroeder <der.timosch@gmail.com>
References: <https://github.com/openwrt/openwrt/issues/9467>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2 years agompc85xx: add support for Extreme Networks WS-AP3825i
Martin Kennedy [Sun, 28 Nov 2021 01:59:18 +0000 (20:59 -0500)]
mpc85xx: add support for Extreme Networks WS-AP3825i

Hardware:

- SoC:     Freescale P1020
  - CPU:     2x e500v2 @ 800MHz
- Flash:   64MiB NOR (1x Intel JS28F512)
- Memory:  256MiB (2x ProMOS DDR3 V73CAG01168RBJ-I9H 1Gb)
- WiFi1:   2.4+5GHz abgn 3x3 (Atheros AR9590)
- Wifi2:   5GHz an+ac 3x3 (Qualcomm Atheros QCA9890)
- ETH:     2x PoE Gigabit Ethernet (2x Atheros AR8035)
- Power:   12V (center-positive barrel) or 48V PoE (active or passive)
- Serial:  Cisco-compatible RJ45 next to 12V power socket (115200 baud)
- LED Driver: TI LV164A
  - LEDs: (not functioning)
    - 2x Power (Green + Orange)
    - 4x ETH (ETH1 + ETH2) x (Green + Orange)
    - 2x WiFi (WiFi2 + WiFi1)

Installation:

1. Grab the OpenWrt initramfs <openwrt-initramfs-bin>, e.g.
   openwrt-mpc85xx-p1020-extreme-networks_ws-ap3825i-initramfs-kernel.bin.
   Place it in the root directory of a DHCP+TFTP server, e.g. OpenWrt
   `dnsmasq` with configuration `dhcp.server.enable_tftp='1'`.

2. Connect to the serial port and boot the AP with options
   e.g. 115200,N,8. Stop autoboot in U-Boot by pressing Enter after
   'Scanning JFFS2 FS:' begins, then waiting for the prompt to be
   interrupted. Credentials are identical to the one in the APs
   interface. By default it is admin / new2day: if these do not work,
   follow the OEM's reset procedure using the reset button.

3. Set the bootcmd so the AP can boot OpenWrt by executing:

```uboot
setenv boot_openwrt "cp.b 0xEC000000 0x2000000 0x2000000; interrupts off; bootm start 0x2000000; bootm loados; fdt resize; fdt boardsetup; fdt chosen; bootm prep; bootm go;"
setenv bootcmd "run boot_openwrt"
saveenv
```

   If you plan on going back to the vendor firmware - the bootcmd for it
   is stored in the boot_flash variable.

4. Load the initramfs image to RAM and boot by executing

```uboot
setenv ipaddr <ipv4 client address>;
setenv serverip <tftp server address>;
tftpboot 0x2000000 <openwrt-initramfs-bin>;
interrupts off;
bootm start 0x2000000;
bootm loados;
fdt resize;
fdt boardsetup;
fdt chosen;
bootm prep;
bootm go;
```

5. Make a backup of the "firmware" partition if you ever wish to go back
   to the vendor firmware.

6. Upload the OpenWrt sysupgrade image via SCP to the devices /tmp
   folder.

7. Flash OpenWrt using sysupgrade.

```ash
sysupgrade /tmp/<openwrt-sysupgrade-bin>
```

Notes:

- We must step through the `bootm` process manually to avoid fdt
  relocation. To explain: the stock U-boot (and stock Linux) are configured
  with a very large CONFIG_SYS_BOOTMAPSZ (and the device's stock Linux
  kernel is configured to be able to handle it). The U-boot version
  predates the check for the `fdt_high` variable, meaning that upon fdt
  relocation, the fdt can (and will) be moved to a very high address; the
  default appears to be 0x9ffa000. This address is so high that when the
  Linux kernel starts reading the fdt at the beginning of the boot process,
  it encounters a memory access exception and panics[5]. While it is
  possible to reduce the highest address the fdt will be relocated to by
  setting `bootm_size`, this also has the side effect of limiting the
  amount of RAM the kernel can use[3].

- Because it is not relocated, the flattened device tree needs to be
  padded in the build process to guarantee that `fdt resize` has
  enough space.

- The primary ethernet MAC address is stored (and set) in U-boot; they are
  shimmed into the device tree by 'fdt boardsetup' through the
  'local-mac-address' property of the respective ethernet node, so OpenWrt
  does not need to set this at runtime. Note that U-boot indexes the
  ethernet nodes by alias, which is why the device tree explicitly aliases
  ethernet1 to enet2.

- LEDs do not function under OpenWrt. Each of 8 LEDs is connected to an
  output of a TI LV164A shift register, which is wired to GPIO lines and
  operates through bit-banged SPI. Unfortunately, I am unable to get the
  spi-gpio driver to recognize the `led_spi` device tree node at all, as
  confirmed by patching in printk messages demonstrating
  spi-gpio.c::spi_gpio_probe never runs. It is possible to manually
  articulate the shift register by exporting the GPIO lines and stepping
  their values through the sysfs.

- Though they do not function under OpenWrt, I have left the pinout details
  of the LEDs and shift register in the device tree to represent real
  hardware.

- An archive of the u-boot and Linux source for the AP3825i (which is one
  device of a range of devices code-named 'CHANTRY') be found here[1].

- The device has an identical case to both the Enterasys WS-AP3725i and
  Adtran BSAP-2030[2] (and potentially other Adtran BSAPs). Given that
  there is no FCC ID for the board itself (only its WLAN modules), it's
  likely these are generic boards, and even that the WS-AP3725i is
  identical, with only a change in WLAN card. I have ordered one to confirm
  this.

- For additional information: the process of porting the board is
  documented in an OpenWrt forum thread[4].

[1]: magnet:?xt=urn:btih:f5306a5dfd06d42319e4554565429f84dde96bbc
[2]: https://forum.openwrt.org/t/support-for-adtran-bluesocket-bsap-2030/48538
[3]: https://forum.openwrt.org/t/adding-openwrt-support-for-ws-ap3825i/101168/29
[4]: https://forum.openwrt.org/t/adding-openwrt-support-for-ws-ap3825i/101168
[5]: https://forum.openwrt.org/t/adding-openwrt-support-for-ws-ap3825i/101168/26

Tested-by: Martin Kennedy <hurricos@gmail.com>
Signed-off-by: Martin Kennedy <hurricos@gmail.com>
2 years agoargp-standalone: fix compilation with Alpine Linux
Rosen Penev [Thu, 10 Mar 2022 06:31:14 +0000 (22:31 -0800)]
argp-standalone: fix compilation with Alpine Linux

This package is a C89 one. Add the proper CFLAG to fix compilation.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agobase-files: Align rootfs_data upgrades to 64KiB on eMMC
Brian Norris [Sun, 13 Mar 2022 06:04:30 +0000 (22:04 -0800)]
base-files: Align rootfs_data upgrades to 64KiB on eMMC

Rootfs overlays get created at a ROOTDEV_OVERLAY_ALIGN (64KiB)
alignment after the rootfs, but emmc_do_upgrade() is assuming
it comes at the very next 512-byte sector.

Suggested-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
(move spaces around, mention fstools' libtoolfs)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2 years agoopenssl: bump to 1.1.1n
Martin Schiller [Wed, 16 Mar 2022 14:04:56 +0000 (15:04 +0100)]
openssl: bump to 1.1.1n

This is a bugfix release. Changelog:

  *) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
     forever for non-prime moduli. (CVE-2022-0778)

  *) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK
     (RFC 5489) to the list of ciphersuites providing Perfect Forward
     Secrecy as required by SECLEVEL >= 3.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2 years agoramips: add support for Netgear WN3100RPv2
Rodolphe de Saint Léger [Wed, 16 Mar 2022 09:19:30 +0000 (10:19 +0100)]
ramips: add support for Netgear WN3100RPv2

This patch adds support for the Netgear WN3100RPv2
http://www.netgear.com/support/product/wn3100rpv2.aspx

Specifications:
- SoC: MediaTek MT7620A (580MHz, ramips)
- RAM: 32MB DDR
- Storage: 8MB NOR SPI flash
- Wireless: builtin MT7620A, 2x2:2 with u.FL connectors
- Ethernet: 1x100M
- Stock firmware based on OpenWRT Kamikaze

Like the EX2700, the bootloader expects a secondary image signature,
see https://forum.openwrt.org/viewtopic.php?pid=312577#p312577

This device seems to be same hardware as a WN3000RPv3

Flash instructions:
- Use the Netgear WebUI to upgrade to OpenWRT using the factory image
  (see note below),
- Use the sysupgrade image for upgrading versions from OpenWRT,
- TFTP recovery procedure can be used to flash the factory image
  (preferred method).

Note:
- The WebUI may not reboot automatically, wait at least 5 minutes before
  powercycling the device

Flashing using TFTP:
- Set you IP address to 192.168.1.10/24 (no gateway)
- Connect your machine to the Ethernet port
- Power off the device and wait for 10 seconds,
- Hold the reset button and power on the device (do not release reset),
- Hold the reset button until the green light is flashing (Approx. 15s)
- launch tftp, set mode to binary and connect to 192.168.1.1
- put the factory firmware image
- All leds will switch off (like a power off), this is normal
- Wait for the device to reboot in the new OpenWRT image (max 5 mins)
- The first boot will take longer than usual.
- After boot, the Device IP on the ethernet port is 192.168.1.1

Signed-off-by: Rodolphe de Saint Léger <rdesaintleger@gmail.com>
[drop unneeded includes in dts, wrap commit message]
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2 years agoRevert "ramips: add support for Netgear WN3000RPv3"
Sungbo Eo [Wed, 16 Mar 2022 14:10:45 +0000 (23:10 +0900)]
Revert "ramips: add support for Netgear WN3000RPv3"

This reverts commit 7bc20cb6143e089fae6ad4b173fc42b55bdbecfe.

It adds support for Netgear WN3100RPv2, but the commit title is wrong.
It will be re-added with the correct title.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>