openwrt/openwrt.git
19 months agoRevert "image: update LZMA_XZ_OPTIONS with new squashfs4 tool"
Christian Marangi [Wed, 12 Apr 2023 10:13:46 +0000 (12:13 +0200)]
Revert "image: update LZMA_XZ_OPTIONS with new squashfs4 tool"

This reverts commit a33b97dcb1bd6e68f01c571e92ef02c3ab721523.

A new version of the squashfs4 tool patch reintroduced the -Xe option.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agoipq-wifi: bump to latest git HEAD
Christian Marangi [Wed, 12 Apr 2023 10:02:57 +0000 (12:02 +0200)]
ipq-wifi: bump to latest git HEAD

b22487d ath11k: qcn8074: Update regDb in every BDF
3add8be ath11k: ipq8074: Update regDb in every BDF
8bb6039 ath11k: ipq8074: add Netgear RAX120v2

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agomac80211: ath11k: Remove regulatory intersection
Robert Marko [Tue, 11 Apr 2023 18:20:18 +0000 (20:20 +0200)]
mac80211: ath11k: Remove regulatory intersection

Currently, during initialization ath11k will receive a regulatory event
from the firmware in which it will receive the default regulatory domain
code and accompanying rules list and report those to the kernel.

Then if you try to change the regulatory domain to a different country code
it will do a weird thing in which it will send that to the FW and after
receiving the appropriate regulatory event it will parse the rules.
However, while its parsing there is a weird thing being done, and that is
that new raw rules from FW get intersected with the rules from the default
domain.
This is creating a big issue as the default domain is almost always set to
"US" or just "00" aka world so ath11k will unfairly limit you to the most
restrictive combination of rules based on the default domain and your
desired domain.
For example, in ETSI countries this is causing channels 12 and 13 on 2.4GHz
to not be usable since "US" limits 2.4GHz to 2472MHz instead of 2482MHz
like ETSI countries do.

So, lets do what TIP and even QCA do in their ath11k downstream tree and
completely get rid of the interesection code in ath11k.

Signed-off-by: Robert Marko <robimarko@gmail.com>
19 months agotools/mkimage: update to 2023.04
Nick Hainke [Sun, 9 Apr 2023 09:26:20 +0000 (11:26 +0200)]
tools/mkimage: update to 2023.04

Update to latest version.

Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agouboot-envtools: update to 2023.04
Nick Hainke [Sun, 9 Apr 2023 09:17:43 +0000 (11:17 +0200)]
uboot-envtools: update to 2023.04

Update to latest version.

Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agobase-files: fix nand_upgrade_ubinized()
Rafał Miłecki [Mon, 10 Apr 2023 17:01:35 +0000 (19:01 +0200)]
base-files: fix nand_upgrade_ubinized()

When using "ubiformat" with stdin it requires passing image size using
the -S argument. Provide it just like we do for "ubiupdatevol".

This fixes:
ubiformat: error!: must use '-S' with non-zero value when reading from stdin

This change fixes sysupgrade for bcm53xx and bcm4908 NAND devices
possibly some other targets too.

Cc: Rodrigo Balerdi <lanchon@gmail.com>
Cc: Daniel Golle <daniel@makrotopia.org>
Fixes: 971071212052 ("base-files: accept gzipped nand sysupgrade images")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Daniel Golle <daniel@makrotopia.org>
Tested-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
19 months agobase-files: fix Linksys upgrade, restore config step
Michael Trinidad [Fri, 7 Apr 2023 13:10:29 +0000 (09:10 -0400)]
base-files: fix Linksys upgrade, restore config step

It appears that the refactor of the upgrade process for NAND devices                                                                                                                            resulted in the nand_do_upgrade_success step not being called for
devices using the linksys.sh script. As a result, configuration was
not preserved over sysupgrade steps.

This corrects a typo in the call of nand_do_upgrade_failed for ipq40xx
and ipq806x devices using the linksys.sh script.

Fixes: 8634c1080d50 ("ipq40xx: Fix Linksys upgrade, restore config step")
Fixes: 2715aff5df83 ("ipq806x: Fix Linksys upgrade, restore config step")
Signed-off-by: Michael Trinidad <trinidude4@hotmail.com>
19 months agomvebu: cortexa9: fix Linksys upgrade, restore config step
Michael Trinidad [Fri, 7 Apr 2023 13:02:37 +0000 (09:02 -0400)]
mvebu: cortexa9: fix Linksys upgrade, restore config step

It appears that the refactor of the upgrade process for NAND devices                                                                                                                            resulted in the nand_do_upgrade_success step not being called for
devices using the linksys.sh script. As a result, configuration was
not preserved over sysupgrade steps.

This restores the preservation of configs for mvebu/cortexa9 devices using the
linksys.sh script.

Fixes: e25e6d8e5407 ("base-files: fix and clean up nand sysupgrade code")
Signed-off-by: Michael Trinidad <trinidude4@hotmail.com>
19 months agokirkwood: fix Linksys upgrade, restore config step
Michael Trinidad [Sat, 1 Apr 2023 19:04:02 +0000 (15:04 -0400)]
kirkwood: fix Linksys upgrade, restore config step

It appears that the refactor of the upgrade process for NAND devices
resulted in the nand_do_upgrade_success step not being called for
devices using the linksys.sh script. As a result, configuration was
not preserved over sysupgrade steps.

This restores the preservation of configs for kirkwood devices using the
linksys.sh script.

Fixes: e25e6d8e5407 ("base-files: fix and clean up nand sysupgrade code")
Fixes: #12298
Signed-off-by: Michael Trinidad <trinidude4@hotmail.com>
19 months agobcm53xx: switch to Kernel 5.15 by default
Paul Spooren [Wed, 22 Feb 2023 18:48:25 +0000 (19:48 +0100)]
bcm53xx: switch to Kernel 5.15 by default

Getting ready for the next release.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Tested-by: Rafał Miłecki <rafal@milecki.pl>
19 months agobcm4908: switch to Kernel 5.15 by default
Paul Spooren [Wed, 22 Feb 2023 18:52:13 +0000 (19:52 +0100)]
bcm4908: switch to Kernel 5.15 by default

Getting ready for the next release.

Signed-off-by: Paul Spooren <mail@aparcar.org>
[rmilecki: tested on GT-AC5300: boot, sysupgrade & 940 Mbps NAT]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
19 months agouboot-sunxi: update support for FriendlyARM ZeroPI
Arturas Moskvinas [Sat, 8 Apr 2023 20:12:13 +0000 (23:12 +0300)]
uboot-sunxi: update support for FriendlyARM ZeroPI

Since commit torvalds/linux@bbc4d71 ("net: phy: realtek: fix rtl8211e rx/tx
delay config") network is broken on the FriendlyELEC(ARM) ZeroPi.

Replaces custom patches with upstream uboot patch:
https://source.denx.de/u-boot/u-boot/-/commit/2527b24f39d8f27ba2fd922ca27a1f14119cfa1b

Signed-off-by: Arturas Moskvinas <arturas.moskvinas@gmail.com>
19 months agombedtls: Update to version 2.28.3
Hauke Mehrtens [Sun, 2 Apr 2023 22:52:52 +0000 (00:52 +0200)]
mbedtls: Update to version 2.28.3

This only fixes minor problems.
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.3

The 100-fix-compile.patch patch was merged upstream, see:
https://github.com/Mbed-TLS/mbedtls/issues/6243
https://github.com/Mbed-TLS/mbedtls/pull/7013

The code style of all files in mbedtls 2.28.3 was changed. I took a new
version of the 100-x509-crt-verify-SAN-iPAddress.patch patch from this
pull request: https://github.com/Mbed-TLS/mbedtls/pull/6475

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
19 months agobmips: dts: add missing phy modes
Álvaro Fernández Rojas [Mon, 10 Apr 2023 08:06:22 +0000 (10:06 +0200)]
bmips: dts: add missing phy modes

PHY modes should be defined in the device tree for the bcm63xx internal switch.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agobmips: remove source-only flag
Álvaro Fernández Rojas [Sun, 9 Apr 2023 19:06:54 +0000 (21:06 +0200)]
bmips: remove source-only flag

bmips target is now more stable and it's time to start generating buildbot
images in order to receive a wider testing, which will be essential to replace
bcm63xx target in the future.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agobmips: add subtargets for each SoC
Álvaro Fernández Rojas [Sun, 9 Apr 2023 19:01:11 +0000 (21:01 +0200)]
bmips: add subtargets for each SoC

BMIPS is a generic arch that can be used for multiple Broadcom SoCs, each one
with its own specific drivers, so instead of having a huge kernel supporting
all of them, let's switch to a subtarget per SoC like other OpenWrt targets.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agobmips: b43-sprom: fix build when SSB/BCMA disabled
Álvaro Fernández Rojas [Sun, 9 Apr 2023 19:00:03 +0000 (21:00 +0200)]
bmips: b43-sprom: fix build when SSB/BCMA disabled

Fix build of B43 SPROM fallback when SSB or BCMA are disabled.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agobmips: allow disabling mdio-mux-bcm6368
Álvaro Fernández Rojas [Sun, 9 Apr 2023 18:59:11 +0000 (20:59 +0200)]
bmips: allow disabling mdio-mux-bcm6368

This controller is only present on SoCs with B53 MMAP switch.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agokernel: disable CONFIG_HW_RANDOM_BCM2835
Álvaro Fernández Rojas [Sun, 9 Apr 2023 18:58:14 +0000 (20:58 +0200)]
kernel: disable CONFIG_HW_RANDOM_BCM2835

This HW RNG is present on some Broadcom 63XX SoCs, but not all of them.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agokernel: crypto: fix missing dependecies for CRYPTO_USER_API_ENABLE_OBSOLETE
Petr Štetiar [Sun, 9 Apr 2023 06:29:26 +0000 (08:29 +0200)]
kernel: crypto: fix missing dependecies for CRYPTO_USER_API_ENABLE_OBSOLETE

CRYPTO_USER_API_ENABLE_OBSOLETE config symbol depends on CRYPTO_USER so
lets add this dependency to relevant modules.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
19 months agokernel: crypto: fix architecture specific modules
Petr Štetiar [Sat, 8 Apr 2023 08:29:06 +0000 (10:29 +0200)]
kernel: crypto: fix architecture specific modules

While tracking one bug report related to wrong package dependencies I've
noticed, that a bunch of the crypto modules are actually not
architecture specific, but either board/subtarget (x86/64) or board
(mpc85xx) specific.

So lets fix it, by making those modules architecture specific:

 x86/64  -> x86_64
 mpc85xx -> powerpc

Signed-off-by: Petr Štetiar <ynezz@true.cz>
19 months agokernel: bump 5.15 to 5.15.106
John Audia [Sat, 8 Apr 2023 16:08:25 +0000 (12:08 -0400)]
kernel: bump 5.15 to 5.15.106

Removed upstreamed:
        generic/735-net-ethernet-mtk_eth_soc-fix-flow_offload-related-re.patch[1]
        pending-5.15/350-mips-bmips-BCM6358-disable-RAC-flush-for-TP1.patch[2]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.106&id=76f09582a191dcf11118fd4bdbf50f538c90fa8d

2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/arch/mips/bmips?h=v5.15.106&id=65b723644294f1d79770704162c0e8d1f700b6f1

Build system: x86_64
Build-tested: bcm2711/RPi4B, ramips/tplink_archer-a6-v3, filogic/xiaomi_redmi-router-ax6000-ubootmod, ipq806x/R7800
Run-tested: bcm2711/RPi4B, ramips/tplink_archer-a6-v3, filogic/xiaomi_redmi-router-ax6000-ubootmod, ipq806x/R7800

Signed-off-by: John Audia <therealgraysky@proton.me>
19 months agobmips: switch to LED kernel modules
Álvaro Fernández Rojas [Sun, 9 Apr 2023 08:40:56 +0000 (10:40 +0200)]
bmips: switch to LED kernel modules

Disable LED controllers from kernel config and switch to per device kernel
modules.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agobmips: add LED kernel modules
Álvaro Fernández Rojas [Sun, 9 Apr 2023 08:34:05 +0000 (10:34 +0200)]
bmips: add LED kernel modules

Add BCM6328 and BCM6358 LED kernel modules.
This allows selecting the LED controllers only for those devices using them.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agobmips: add support for Sercomm SHG2500
Álvaro Fernández Rojas [Thu, 30 Mar 2023 21:14:13 +0000 (23:14 +0200)]
bmips: add support for Sercomm SHG2500

Sercomm SHG2500 is a BCM63168 with 128M of RAM, 256M of NAND, an external
BCM53124S switch for the LAN ports and internal/external Broadcom wifi.
LEDs are connected to an external MSP430G2513 MCU controlled via SPI.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agobmips: use sercomm-pid script
Álvaro Fernández Rojas [Sun, 9 Apr 2023 08:10:28 +0000 (10:10 +0200)]
bmips: use sercomm-pid script

Make use of sercomm-pid script for generating the Sercomm PID, which avoids
having to add an array of hex bytes for every new Sercomm device.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agobmips: image: rename SERCOMM_VERSION to SERCOMM_FSVER
Álvaro Fernández Rojas [Sun, 9 Apr 2023 08:06:26 +0000 (10:06 +0200)]
bmips: image: rename SERCOMM_VERSION to SERCOMM_FSVER

SERCOMM_VERSION is ambiguous and it should be more clear that it refers to the
version used for the filesystem.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agoscripts: sercomm-pid: add bmips support
Álvaro Fernández Rojas [Sun, 9 Apr 2023 08:01:03 +0000 (10:01 +0200)]
scripts: sercomm-pid: add bmips support

Apparently, Sercomm sets 2 padding bytes instead of 1 (ramips).
The HW version is a bit different than the one used for ramips.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agoramips: sercomm-payload: use pide-file argument
Álvaro Fernández Rojas [Sun, 9 Apr 2023 07:59:21 +0000 (09:59 +0200)]
ramips: sercomm-payload: use pide-file argument

Instead of passing an array of hex bytes for the Sercomm PID we can now use
the --pid-file parameter.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agoscripts: sercomm-payload: add PID file support
Álvaro Fernández Rojas [Sun, 9 Apr 2023 07:55:57 +0000 (09:55 +0200)]
scripts: sercomm-payload: add PID file support

Allow passing Sercomm PID from file.
Until now, Sercomm PID could only be passed as an array of hex bytes.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agolibcap: update to 2.68
Nick Hainke [Sun, 2 Apr 2023 21:38:57 +0000 (23:38 +0200)]
libcap: update to 2.68

Release Notes:
https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.vdh3d47czmle

Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agotools/mtools: update to 4.0.43
Nick Hainke [Sun, 2 Apr 2023 22:04:04 +0000 (00:04 +0200)]
tools/mtools: update to 4.0.43

Release Notes:
https://lists.gnu.org/archive/html/info-gnu/2023-03/msg00006.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agokernel: bump 5.10 to 5.10.177
John Audia [Wed, 5 Apr 2023 15:56:48 +0000 (11:56 -0400)]
kernel: bump 5.10 to 5.10.177

All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
19 months agoramips: lower re305-v3 spi-max-frequency
Joe Mullally [Sun, 2 Apr 2023 18:51:21 +0000 (21:51 +0300)]
ramips: lower re305-v3 spi-max-frequency

Fix flash I/O instability observed in newer devices with cFeon
QH64A-104HIP (detected as en25qh64).

Ref: https://forum.openwrt.org/t/support-for-tp-link-re305-v3/75893/91

Reported-by: Dimitri Souza <dimitri.souza@gmail.com>
Tested-by: Dimitri Souza <dimitri.souza@gmail.com>
Signed-off-by: Joe Mullally <jwmullally@gmail.com>
[alter commit-message - target master]
Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agompc85xx: refresh patches
David Bauer [Tue, 4 Apr 2023 10:52:19 +0000 (12:52 +0200)]
mpc85xx: refresh patches

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agompc85xx: add support for Enterasys WS-AP3715i
David Bauer [Sat, 18 Mar 2023 01:28:23 +0000 (02:28 +0100)]
mpc85xx: add support for Enterasys WS-AP3715i

Hardware
--------

SoC:   NXP P1010 (1x e500 @ 800MHz)
RAM:   256M DDR3 (2x Samsung K4B1G1646G-BCH9)
FLASH: 32M NOR (Spansion S25FL256S)
BTN:   1x Reset
WiFi:  1x Atheros AR9590 2.4 bgn 3x3
       2x Atheros AR9590 5.0 an 3x3
ETH:   2x Gigabit Ethernet (Atheros AR8033 / AR8035)
UART:  115200 8N1 (RJ-45 Cisco)

Installation
------------
1. Grab the OpenWrt initramfs, rename it to ap3715.bin. Place it in
   the root directory of a TFTP server and serve it at
   192.168.1.66/24.

2. Connect to the serial port and boot the AP. Stop autoboot in U-Boot
   by pressing Enter when prompted. Credentials are identical to the one
   in the APs interface. By default it is admin / new2day.

3. Alter the bootcmd in U-Boot:

 $ setenv ramboot_openwrt "setenv ipaddr 192.168.1.1;
   setenv serverip 192.168.1.66; tftpboot 0x2000000 ap3715.bin; bootm"

 $ setenv boot_openwrt "sf probe 0; sf read 0x2000000 0x140000 0x1000000;
   bootm 0x2000000"

 $ setenv bootcmd "run boot_openwrt"

 $ saveenv

4. Boot the initramfs image

 $ run ramboot_openwrt

5. Transfer the OpenWrt sysupgrade image to the AP using SCP. Install
   using sysupgrade.

 $ sysupgrade -n <path-to-sysupgrade.bin>

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agompc85xx: don't compress kernel image for WS-AP3825i
David Bauer [Sun, 2 Apr 2023 16:57:09 +0000 (18:57 +0200)]
mpc85xx: don't compress kernel image for WS-AP3825i

The kernel is already compressed with XZ by the bootwrapper, thus we
gain nothing by compressing it a second time.

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agompc85xx: reserve upper 1MB of RAM for WS-AP3825i
David Bauer [Sun, 2 Apr 2023 15:52:16 +0000 (17:52 +0200)]
mpc85xx: reserve upper 1MB of RAM for WS-AP3825i

The bootpage for the second core is placed by U-Boot in the upper 128k
of syste-memory.

This could either be a reserved-area or deducted from the total
system-memory. As only the latter is parsed by the bootwrapper, reduce
the available system memory for linux in order to preserve the bootpage
from being overwritten.

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agompc85xx: backport bootwrapper patch to kernel 5.10
David Bauer [Sun, 2 Apr 2023 02:52:28 +0000 (04:52 +0200)]
mpc85xx: backport bootwrapper patch to kernel 5.10

Kernel 5.10 builds currently fail because the patch for using the
simpleImage bootwrapper were not added to 5.10.

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agompc85xx: add properties normally added by U-Boot
David Bauer [Sun, 2 Apr 2023 00:59:35 +0000 (02:59 +0200)]
mpc85xx: add properties normally added by U-Boot

This adds properties to PCIe as well as ethernet nodes which are
normally added by the Extreme Networks U-Boot.

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agompc85xx: fix incorrect CPU node / properties
David Bauer [Sat, 1 Apr 2023 22:45:31 +0000 (00:45 +0200)]
mpc85xx: fix incorrect CPU node / properties

This adds properties normally filled by U-Boot. Also it fixes the node
name, which is incorrectly referring to a P1010 core.

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agompc85xx: add localbus frequency for WS-AP3825i
David Bauer [Sun, 2 Apr 2023 02:25:00 +0000 (04:25 +0200)]
mpc85xx: add localbus frequency for WS-AP3825i

This is normally filled by U-Boot.

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agompc85xx: add linux,stdout-path for WS-AP3825i
David Bauer [Sun, 2 Apr 2023 02:11:12 +0000 (04:11 +0200)]
mpc85xx: add linux,stdout-path for WS-AP3825i

This is normally filled by U-Boot. Prevents double-printing of early
console messages. Also enables debug-output by the zImage wrapper.

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agoramips: define remapping-range for DAP-X1860
David Bauer [Thu, 30 Mar 2023 01:51:08 +0000 (03:51 +0200)]
ramips: define remapping-range for DAP-X1860

Prevent the BBT translation layer from remapping the UBI used for
storing rootfs.

Explicitly define the number of blocks reserved for remapping.

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agoocteon: switch to Kernel 5.15 by default
Paul Spooren [Wed, 22 Feb 2023 18:59:58 +0000 (19:59 +0100)]
octeon: switch to Kernel 5.15 by default

Getting ready for the next release.

Signed-off-by: Paul Spooren <mail@aparcar.org>
19 months agokirkwood: switch to Kernel 5.15 by default
Paul Spooren [Wed, 22 Feb 2023 18:53:58 +0000 (19:53 +0100)]
kirkwood: switch to Kernel 5.15 by default

Getting ready for the next release.

Signed-off-by: Paul Spooren <mail@aparcar.org>
19 months agotegra: switch to Kernel 5.15 by default
Paul Spooren [Wed, 22 Feb 2023 19:07:30 +0000 (20:07 +0100)]
tegra: switch to Kernel 5.15 by default

Getting ready for the next release.

Acked-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Signed-off-by: Paul Spooren <mail@aparcar.org>
19 months agoopenssl: fix CVE-2023-464 and CVE-2023-465
Eneas U de Queiroz [Tue, 4 Apr 2023 18:39:56 +0000 (15:39 -0300)]
openssl: fix CVE-2023-464 and CVE-2023-465

Apply two patches fixing low-severity vulnerabilities related to
certificate policies validation:

- Excessive Resource Usage Verifying X.509 Policy Constraints
  (CVE-2023-0464)
  Severity: Low
  A security vulnerability has been identified in all supported versions
  of OpenSSL related to the verification of X.509 certificate chains
  that include policy constraints.  Attackers may be able to exploit
  this vulnerability by creating a malicious certificate chain that
  triggers exponential use of computational resources, leading to a
  denial-of-service (DoS) attack on affected systems.
  Policy processing is disabled by default but can be enabled by passing
  the `-policy' argument to the command line utilities or by calling the
  `X509_VERIFY_PARAM_set1_policies()' function.

- Invalid certificate policies in leaf certificates are silently ignored
  (CVE-2023-0465)
  Severity: Low
  Applications that use a non-default option when verifying certificates
  may be vulnerable to an attack from a malicious CA to circumvent
  certain checks.
  Invalid certificate policies in leaf certificates are silently ignored
  by OpenSSL and other certificate policy checks are skipped for that
  certificate.  A malicious CA could use this to deliberately assert
  invalid certificate policies in order to circumvent policy checking on
  the certificate altogether.
  Policy processing is disabled by default but can be enabled by passing
  the `-policy' argument to the command line utilities or by calling the
  `X509_VERIFY_PARAM_set1_policies()' function.

Note: OpenSSL also released a fix for low-severity security advisory
CVE-2023-466.  It is not included here because the fix only changes the
documentation, which is not built nor included in any OpenWrt package.

Due to the low-severity of these issues, there will be not be an
immediate new release of OpenSSL.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
19 months agorealtek: Fix typo for EnGenius EWS2910P
Raylynn Knight [Sun, 2 Apr 2023 08:27:21 +0000 (04:27 -0400)]
realtek: Fix typo for EnGenius EWS2910P

Fix mis-typed DEVICE-MODEL in mk file for EnGenius EWS2910P.

Signed-off-by: Raylynn Knight <rayknight@me.com>
[ fix wrong SoB format and improve commit title/description ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agotools/zstd: update to 1.5.5
Nick Hainke [Wed, 5 Apr 2023 11:30:14 +0000 (13:30 +0200)]
tools/zstd: update to 1.5.5

Release Notes:
https://github.com/facebook/zstd/releases/tag/v1.5.5

Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agomac80211: ath11k: Fix invalid mgmt rx frame length issue
Robert Marko [Tue, 4 Apr 2023 19:49:43 +0000 (21:49 +0200)]
mac80211: ath11k: Fix invalid mgmt rx frame length issue

FW 2.9 uses multiple TLV-s for the RX mgmt even which driver currently does
not support, so import a pending upstream patch to fix that [1].

[1] https://patchwork.kernel.org/project/linux-wireless/patch/20230320133840.30162-1-quic_nmaran@quicinc.com/

Signed-off-by: Robert Marko <robimarko@gmail.com>
19 months agoath11k-firmware: update to WLAN.HK.2.9.0.1-01385-QCAHKSWPL_SILICONZ-1
Robert Marko [Tue, 4 Apr 2023 19:48:42 +0000 (21:48 +0200)]
ath11k-firmware: update to WLAN.HK.2.9.0.1-01385-QCAHKSWPL_SILICONZ-1

Current WLAN.HK.2.5.0.1 FW is quite old and buggy, but we had to hold off
from updating to 2.6.0.1 and 2.7.0.1 as they had compatibility regressions,
but now QCA finally released 2.9.0.1 FW which is working on all of the
boards.

So finally update IPQ8074 and QCN9074 FW to the latest
WLAN.HK.2.9.0.1-01385-QCAHKSWPL_SILICONZ-1 firmware.

In order to do so, we have to switch to using QCA-s QUIC repo instead of
Kalle-s.
QCA-s QUIC repo does not have BDF-s so we have to get the QCN9074 BDF from
Kalles repo.

Tested-by: Mireia Fernández Casals <meirin.f@gmail.com> # Xiaomi AX3600
Tested-by: Francisco G Luna <frangonlun@gmail.com> #Netgear WAX218
Signed-off-by: Robert Marko <robimarko@gmail.com>
19 months agokernel: backport NVMEM patch for U-Boot env data "ethaddr" cell
Rafał Miłecki [Thu, 6 Apr 2023 10:14:30 +0000 (12:14 +0200)]
kernel: backport NVMEM patch for U-Boot env data "ethaddr" cell

Adjust our local code to avoid breakage.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
19 months agokernel: backport NVMEM patches queued for the v6.4
Rafał Miłecki [Thu, 6 Apr 2023 07:15:49 +0000 (09:15 +0200)]
kernel: backport NVMEM patches queued for the v6.4

They add NVMEM layouts support. It allows handling NVMEM content
independently of NVMEM device access.

Skip U-Boot env data patch for now as it break our downstream MAC hacks.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
19 months agokernel: backport mtd fixes for nvmem
Rafał Miłecki [Thu, 6 Apr 2023 05:26:11 +0000 (07:26 +0200)]
kernel: backport mtd fixes for nvmem

They are needed for NVMEM changes pending for v6.4.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
19 months agokernel: backport of_request_module()
Rafał Miłecki [Wed, 5 Apr 2023 21:32:57 +0000 (23:32 +0200)]
kernel: backport of_request_module()

It's needed by NVMEM changes queued for 6.4.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
19 months agomediatek: introduce KERNEL_LOADADDR to Device/Default template
Daniel Golle [Wed, 5 Apr 2023 15:56:54 +0000 (16:56 +0100)]
mediatek: introduce KERNEL_LOADADDR to Device/Default template

We need to reset KERNEL_LOADADDR if we use it on a per-device base.
Otherwise the previous value will be kept in case a device doesn't
define KERNEL_LOADADDR and relies on the default.

Move initializing KERNEL_LOADADDR to target/linux/mediatek/image/Makefile,
similar to how it's done also on the ramips target.

This fixes image size related breakage on devices which rely on the
default value of KERNEL_LOADADDR.

While at it use 0x48000000 which is more common than the previous default
0x44000000 for the filogic subtarget.

Fixed: e7c399bee6 ("filogic: add support for ASUS TUF-AX4200")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
19 months agoopenssl: add legacy provider
Eneas U de Queiroz [Fri, 10 Mar 2023 20:53:25 +0000 (17:53 -0300)]
openssl: add legacy provider

This adapts the engine build infrastructure to allow building providers,
and packages the legacy provider.  Providers are the successors of
engines, which have been deprecated.

The legacy provider supplies OpenSSL implementations of algorithms that
have been deemed legacy, including DES, IDEA, MDC2, SEED, and Whirlpool.

Even though these algorithms are implemented in a separate package,
their removal makes the regular library smaller by 3%, so the build
options will remain to allow lean custom builds.  Their defaults will
change to 'y' if not bulding for a small flash, so that the regular
legacy package will contain a complete set of algorithms.

The engine build and configuration structure was changed to accomodate
providers, and adapt to the new style of openssl.cnf in version 3.0.

There is not a clean upgrade path for the /etc/ssl/openssl.cnf file,
installed by the openssl-conf package.  It is recommended to rename or
remove the old config file when flashing an image with the updated
openssl-conf package, then apply the changes manually.

An old openssl.cnf file will silently work, but new engine or provider
packages will not be enabled.  Any remaining engine config files under
/etc/ssl/engines.cnf.d can be removed.

On the build side, the include file used by engine packages was renamed
to openssl-module.mk, so the engine packages in other feeds need to
adapt.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
19 months agoopenssl: make UCI config aware of built-in engines
Eneas U de Queiroz [Tue, 14 Mar 2023 21:51:45 +0000 (18:51 -0300)]
openssl: make UCI config aware of built-in engines

Engines that are built into the main libcrypto OpenSSL library can't be
disabled through UCI.  Add a 'builtin' setting to signal that the engine
can't be disabled through UCI, and show a message explaining this in
case buitin=1 and enabled=0.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
19 months agoopenssl: avoid OPENSSL_SMALL_FOOTPRINT, no-asm
Eneas U de Queiroz [Fri, 10 Mar 2023 20:21:11 +0000 (17:21 -0300)]
openssl: avoid OPENSSL_SMALL_FOOTPRINT, no-asm

Building openssl with OPENSSL_SMALL_FOOTPRINT yelds only from 1% to 3%
decrease in size, dropping performance from 2% to 91%, depending on the
target and algorithm.

For example, using AES256-GCM with 1456-bytes operations, X86_64 appears
to be the least affected with 2% performance penalty and 1% reduction in
size; mips drops performance by 13%, size by 3%;  Arm drops 29% in
performance, 2% in size.

On aarch64, it slows down ghash so much that I consider it broken
(-91%).  SMALL_FOOTPRINT will reduce AES256-GCM performance by 88%, and
size by only 1%.  It makes an AES-capable CPU run AES128-GCM at 35% of
the speed of Chacha20-Poly1305:

Block-size=1456 bytes   AES256-GCM   AES128-GCM  ChaCha20-Poly1305
SMALL_FOOTPRINT           62014.44     65063.23          177090.50
regular                  504220.08    565630.28          182706.16

OpenSSL 1.1.1 numbers are about the same, so this should have been
noticed a long time ago.

This creates an option to use OPENSSL_SMALL_FOOTPRINT, but it is turned
off by default unless SMALL_FLASH or LOW_MEMORY_FOOTPRINT is used.

Compiling with -O3 instead of -Os, for comparison, will increase size by
about 14-15%, with no measureable effect on AES256-GCM performance, and
about 2% increase in Chacha20-Poly1305 performance on Aarch64.

There are no Arm devices with the small flash feature, so drop the
conditional default.  The package is built on phase2, so even if we
include an Arm device with small flash later, a no-asm library would
have to be built from source anyway.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
19 months agoodhcpd: bump to latest git HEAD
Christian Marangi [Tue, 4 Apr 2023 04:43:23 +0000 (06:43 +0200)]
odhcpd: bump to latest git HEAD

40ab806 config: use dedicated link local function to check interface
a84bff2 netlink: add support for getting interface linklocal
2ea065f Revert "config: recheck have_link_local on interface reload if already init"
4b38e6b config: fix feature for enabling service only when interface RUNNING

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agomediatek: make TUF-AX4200 KERNEL simply expanded
David Bauer [Tue, 4 Apr 2023 00:08:32 +0000 (02:08 +0200)]
mediatek: make TUF-AX4200 KERNEL simply expanded

The KERNEL variable was recursively expanded, breaking other devices.

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agogeneric: disable SGMII in-band AN for RealTek 2.5G PHYs
Daniel Golle [Sun, 2 Apr 2023 22:21:57 +0000 (01:21 +0300)]
generic: disable SGMII in-band AN for RealTek 2.5G PHYs

MAC drivers don't use SGMII in-band autonegotiation unless told to do so
in device tree using 'managed = "in-band-status"'. When using MDIO to
access a PHY, in-band-status is unneeded as we have link-status via
MDIO. Switch off SGMII in-band autonegotiation using magic values.

Reported-by: Chen Minqiang <ptpt52@gmail.com>
Reported-by: Chukun Pan <amadeus@jmu.edu.cn>
Reported-by: Yevhen Kolomeiko <jarvis2709@gmail.com>
Tested-by: Yevhen Kolomeiko <jarvis2709@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
19 months agogeneric: use genphy_soft_reset for RealTek 2.5G PHYs
Daniel Golle [Sun, 2 Apr 2023 22:20:28 +0000 (01:20 +0300)]
generic: use genphy_soft_reset for RealTek 2.5G PHYs

Some vendor bootloaders do weird things with those PHYs which result in
link modes being reported wrongly. Start from a clean sheet by resetting
the PHY.

Reported-by: Yevhen Kolomeiko <jarvis2709@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
19 months agogeneric: interface mode switch for RTL8221B PHY
Chukun Pan [Wed, 8 Feb 2023 15:40:02 +0000 (23:40 +0800)]
generic: interface mode switch for RTL8221B PHY

Add dynamic interface mode update for the rtl8221 phy to match various
wire speeds. 10M/100M/1000M use SGMII, 2500M uses 2500Base-X.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
19 months agorealtek: refresh patches
Daniel Golle [Mon, 3 Apr 2023 01:29:17 +0000 (02:29 +0100)]
realtek: refresh patches

Refresh patches which were no longer applying cleanly after a recently
added SFP quirk.

Fixes: 658b45ce48 ("generic: add quirk for HG MXPD-483II 2500M fiber SFP")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
19 months agoRevert "mpc85xx: remove Watchguard T10 MAC override"
David Bauer [Mon, 3 Apr 2023 01:06:45 +0000 (03:06 +0200)]
Revert "mpc85xx: remove Watchguard T10 MAC override"

This reverts commit aa4a9058fbf4d2ca7ef3af9ebb5bbec896625e93.

The assumption the bootloader fills out the MAC-address is not
correct. The MAC-address has to be set from userspace based on
information found in the device_id partition.

Signed-off-by: David Bauer <mail@david-bauer.net>
19 months agogeneric: add quirk for HG MXPD-483II 2500M fiber SFP
Daniel Golle [Sun, 2 Apr 2023 23:06:46 +0000 (00:06 +0100)]
generic: add quirk for HG MXPD-483II 2500M fiber SFP

The HG MXPD-483II 1310nm SFP module is meant to operate with 2500Base-X,
however, in their EEPROM they incorrectly specify:
    Transceiver type                          : Ethernet: 1000BASE-LX
    ...
    BR, Nominal                               : 2600MBd

Use sfp_quirk_2500basex for this module to allow 2500Base-X mode anyway.

https://forum.banana-pi.org/t/bpi-r3-sfp-module-compatibility/14573/60

X-Patchwork-Id: 13197378
X-Mailing-List: netdev@vger.kernel.org
X-Patchwork-Delegate: kuba@kernel.org
Reported-by: chowtom <chowtom@gmail.com>
Tested-by: chowtom <chowtom@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
19 months agolantiq: fix lzma-loader for Netgear DGN 3500(B)
Maik Goette [Sun, 8 Jan 2023 17:35:10 +0000 (18:35 +0100)]
lantiq: fix lzma-loader for Netgear DGN 3500(B)

Fixes Uncompressing Kernel Image ... ERROR: LzmaDecode.c, 561

Fixes: #11701 for both 3500(B)
Signed-off-by: Maik Goette <github@beeit.de>
19 months agotools/7z: Allow building on alpine
Olliver Schinagl [Thu, 16 Feb 2023 14:25:12 +0000 (15:25 +0100)]
tools/7z: Allow building on alpine

When using alpine as host, things start to fail. Lets pull in the
upstream alpine patches to make things work. This should not affect
other hosts.

Note, that Alpine has the '_GNU_SOURCE' define in the APKBUILD file, but
here we add this flag to the needed fix flags patch, which does similar
things too.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
19 months agoramips: add support for OrayBox X1
Bin We [Thu, 22 Sep 2022 17:04:01 +0000 (01:04 +0800)]
ramips: add support for OrayBox X1

Add support for OrayBox X1. It is a 802.11n router, based on MediaTek MT7628N.

Specifications:
SoC: MediaTek MT7628N (580MHz)
RAM: 64 MiB
Flash: 16 MiB NOR (Winbond W25Q128JVSIQ)
Wireless: 802.11b/g/n 2x2 2.4GHz (Built In)
Ethernet: 1x 100Mbps only
USB: 1x USB Type-A 2.0 Host Port
Button: 1x "Reset" button
LED: 1x Blue LED + 1x Red LED + 1x White LED
Power: 5V Micro-USB input

Manufacturer Page:
https://pgy.oray.com/router/x1.html/parameter

Flash Layout:
0x000000000000-0x000000030000 : "u-boot"
0x000000030000-0x000000040000 : "kpanic"
0x000000040000-0x000000050000 : "factory"
0x000000050000-0x000000fe0000 : "firmware"
0x000000fe0000-0x000000ff0000 : "bdinfo"
0x000000ff0000-0x000001000000 : "reserve"

Install via SSH:
Original firmware is based on OpenWRT, but SSH is not start by default,
You should enable it first

1. Login into web admin (10.168.1.1), default password is 'admin'
2. Open the following link, and the result should be {"code":0};
SSH is now started, username is root, password is same as web admin password
http://10.168.1.1/cgi-bin/oraybox?_api=ssh_set&enabled=1
4. You can flash firmware via mtd: mtd write /tmp/firmware_image.bin firmware

Signed-off-by: Bin We <me@udp.pw>
19 months agouqmi: explicitly disconnect IPv6 address family
Lech Perczak [Tue, 15 Mar 2022 18:27:48 +0000 (19:27 +0100)]
uqmi: explicitly disconnect IPv6 address family

Some modems (namely, Telit LE910C4) require the IPv6 connection state to
be cleared explicitly, to avoid reporting "no effect" if IPv6
connection is already connected through autoconnect mechanism, or during
LTE default bearer attach, which would lead to established session, but
without a way to inform protocol handler of the status.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
19 months agouqmi: set IPv6 family explicitly in status check
Lech Perczak [Tue, 15 Mar 2022 18:29:59 +0000 (19:29 +0100)]
uqmi: set IPv6 family explicitly in status check

Some modems require CID to be set explicitly during IPv6 connection
status check, others require IPv6 address family to be checked explicitly
after establishing connection, in order to provide correct status.
Set both fields in the request to satisfy them.

Fixes: c8a88118af46 ("uqmi: set CID during 'query-data-status' operation")
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
19 months agotools/ccache: bump to 4.8
Linhui Liu [Fri, 17 Mar 2023 14:35:16 +0000 (22:35 +0800)]
tools/ccache: bump to 4.8

Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_8

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
19 months agotools/ccache: always disable documentation compilation
Linhui Liu [Wed, 22 Mar 2023 05:20:23 +0000 (13:20 +0800)]
tools/ccache: always disable documentation compilation

Speed up compilation.

Also remove useless include target.mk
(b492e69bd2d09aaa2c3c76b52203cbb3527eb2f7).

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
19 months agolantiq: nand: don't yield while holding spinlock
Thomas Nixon [Sun, 26 Mar 2023 10:19:21 +0000 (10:19 +0000)]
lantiq: nand: don't yield while holding spinlock

The nand driver normally while waiting for the device to become ready;
this is normally fine, but xway_nand holds the ebu_lock spinlock, and
this can cause lockups if other threads which use ebu_lock are
interleaved. Fix this by waiting instead of polling.

This mainly showed up as crashes in ath9k_pci_owl_loader (see
https://github.com/openwrt/openwrt/issues/9829 ), but turning on
spinlock debugging shows this happening in other places too.

This doesn't seem to measurably impact boot time.

Tested on bt_homehub-v5a with 5.10 and 5.15.

Signed-off-by: Thomas Nixon <tom@tomn.co.uk>
[Add commit description into patch]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
19 months agotools/coreutils: update to 9.2
Georgi Valkov [Tue, 21 Mar 2023 09:39:21 +0000 (11:39 +0200)]
tools/coreutils: update to 9.2

This resolves an error when building toolchain/musl on macOS due to
improper hole-detection caused by a bug in macOS/APFS [1].

As long as we don't reconfigure, 001-m4.patch is not needed.
If we keep it, it will force reconfigure the project,
since m4 files are changed. This works, but may not be optimal,
because the build should use files from coreutils/m4, but
OpenWRT uses legacy files from staging_dir/host/share/aclocal [2].

backport a couple of upstream patches
date: diagnose -f read errors
copy: fix --reflink=auto to fallback in more cases

[1] https://debbugs.gnu.org/cgi/bugreport.cgi?bug=61386
[2] https://github.com/openwrt/openwrt/pull/12233#issuecomment-1481097456

Co-developed-by: Michael Pratt <mcpratt@pm.me>
Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
19 months agoipq806x: Fix Linksys upgrade, restore config step
Jacob Aharon [Mon, 27 Mar 2023 01:12:48 +0000 (12:12 +1100)]
ipq806x: Fix Linksys upgrade, restore config step

It appears that the refactor of the upgrade process for NAND devices
resulted in the nand_do_upgrade_success step not being called for
devices using the linksys.sh script. As a result, configuration
was not preserved over sysupgrade steps.

This restores the preservation of configs for ipq806x devices using the
linksys.sh script. Other devices and targets have not been examined.

This commit uses the same functionality and terminology used in commit
8634c10 ("ipq40xx: Fix Linksys upgrade, restore config step")

Fixes: e25e6d8 ("base-files: fix and clean up nand sysupgrade code")
Tested-on: EA8500

Signed-off-by: Jacob Aharon <ah.jacob@gmail.com>
19 months agolibnl-tiny: update to the latest version
Hauke Mehrtens [Sun, 2 Apr 2023 00:24:15 +0000 (02:24 +0200)]
libnl-tiny: update to the latest version

f5d9b7e libnl-tiny: fix duplicated branch in family.h
11b7c5f attr: add NLA_S* definitions

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
19 months agonetifd: strip mask from IP address in DHCP client params
Andrey Erokhin [Tue, 7 Mar 2023 11:52:58 +0000 (16:52 +0500)]
netifd: strip mask from IP address in DHCP client params

ipaddr option can be in CIDR notation,
but udhcp wants just an IP address

Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com>
19 months agokernel: backport upstreamed DSA B53 MMAP patch
Álvaro Fernández Rojas [Sat, 1 Apr 2023 18:58:54 +0000 (20:58 +0200)]
kernel: backport upstreamed DSA B53 MMAP patch

Move the patch from pending to backport, since it has been accepted upstream:
https://github.com/torvalds/linux/commit/45977e58ce65ed0459edc9a0466d9dfea09463f5

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
19 months agodnsmasq: configure dynamic dhcp6 and dhcp4 independently
Ian Dall [Fri, 10 Mar 2023 06:32:34 +0000 (17:02 +1030)]
dnsmasq: configure dynamic dhcp6 and dhcp4 independently

Given ipv6 has SLAAC it is quite plausible to wish to use dynamic
dhcp4 but static dhcp6. This patch keeps dynamicdhcp as the default
option for both, but is overridden by dynamicdhcpv6 or dynamicdhcpv4

Signed-off-by: Ian Dall <ian@beware.dropbear.id.au>
19 months agoramips: mt7621: add migration script for WLAN PCI paths
Felix Baumann [Sat, 18 Mar 2023 05:55:12 +0000 (06:55 +0100)]
ramips: mt7621: add migration script for WLAN PCI paths

PCI paths of the WLAN devices have changed between kernel 5.10 and 5.15;
migrate config so existing wifi-iface definitions don't break.

This is implemented as a hotplug handler rather than a uci-defaults script
as the migration script must run before the 10-wifi-detect hotplug handler.

based on b452af23a8602ebf7bfb0eb084383ecd595face5

migration was forgotten when device trees were adjusted in
688697889c9ceb9d2d8d413d1abcc5fa7edb402b
c77913be5be5f11a0f20dba1b45b96470099e8a8

fixes #9374

affected devices:
Netgear R6220
Netgear WAC104
Netgear WNDR3700 v5
Zbtlink ZBT-WE1326
Wiflyer WF3526-P
Arcadyan WE420223-99
Beeline Smartbox Flash (Arcadyan WG443223)
MTS WG430223 (Arcadyan WG430223)

Tested-by: Maximilian Baumgartner <aufhaxer@googlemail.com>
Tested-by: Mikhail Zhilkin <csharper2005@gmail.com>
Signed-off-by: Felix Baumann <felix.bau@gmx.de>
19 months agodnsmasq: add dhcphostsfile to ujail sandbox
Ruben Jenster [Thu, 23 Mar 2023 10:15:52 +0000 (11:15 +0100)]
dnsmasq: add dhcphostsfile to ujail sandbox

The dhcphostsfile must be mounted into the (ujail) sandbox.
The file can not be accessed without this mount.

Signed-off-by: Ruben Jenster <rjenster@gmail.com>
19 months agoramips: Add support for CJ-Hello HYC-G920
Muhammad AL-Qadhy [Tue, 21 Mar 2023 06:49:22 +0000 (08:49 +0200)]
ramips: Add support for CJ-Hello HYC-G920

Hanyang Digitech Co., Ltd.
MSIP-CMM-HYD-HYC-G920
CJ-Hello HYC-G920

SoC : MediaTek MT7621AT
RAM : 256M (SK hynix H5TQ2G63FFR)
FLASH : 16MB (Winbond W25Q128BV)
WiFi : MediaTek MT7602EN bgn 2SS
WiFi : MediaTek MT7612EN nac 2SS
BTN : Reset
LED : - Power RED
  - WAN Green
  - LAN {1-4}
  - WiFi 2.4 GHz Blue
  - WiFi 5 GHz Blue
  - USB Green

**For MT7621 stage1 DDR Test**

UART : J4 GND - 3V3 - TX - RX - GND / 57600-8N1

```
                MT7621   stage1 code 10:33:55 (ASIC)
                CPU=500000000 HZ BUS=166666666 HZ
```

**For u boot environment**

UART : J4 GND - 3V3 - TX - RX - GND / 115200-8N1

**UART Menu**

```
Please choose the operation:
1: Load system code to SDRAM via TFTP.
2: Load system code then write to Flash via TFTP.
3: Boot system code via Flash (default).
4: Entr boot command line interface.
7: Load Boot Loader code then write to Flash via Serial.
9: Load Boot Loader code then write to Flash via TFTP.
```

**Steps**

Press 4: Entr boot command line interface.

On the pormpt enter.
`setenv firmware_size 0xf60000`
Then enter.
`saveenv`
Then enter.
`reset`

**Device will reboot**

Set your IP 192.168.100.100/24
Connect your lan cable to wan port.

**On the UART Menu**

Press 2: Load system code then write to Flash via TFTP.

 Warning!! Erase Linux in Flash then burn new one. Are you sure?(Y/N) **enter** `Y`
 Please Input new ones /or Ctrl-C to discard
        Input device IP (192.168.100.55) ==:`192.168.100.55`
        Input server IP (192.168.100.100) ==:`192.168.100.100`
        Input Linux Kernel filename () ==:`openwrt-22.03.0-ramips-mt7621-hanyang_hyc-g920-squashfs-sysupgrade.bin`

After uploading firmware image, device will boot Openwrt.

Signed-off-by: Muhammad AL-Qadhy <m.ismael@gmail.com>
19 months agokernel: modules: tg3: limit to devices with pci support
Aleksander Jan Bajkowski [Fri, 2 Dec 2022 22:38:51 +0000 (23:38 +0100)]
kernel: modules: tg3: limit to devices with pci support

Kmod-tg3 supports Ethernet adapters over PCIe bus. On targets without
PCI support, this package is empty. Symbol CONFIG_TIGON3 depends on
CONFIG_PCI.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
19 months agokernel: modules: hfcpci: limit to devices with pci support
Aleksander Jan Bajkowski [Fri, 2 Dec 2022 22:12:23 +0000 (23:12 +0100)]
kernel: modules: hfcpci: limit to devices with pci support

Kmod-hfcpci and kmod-hfcmulti supports ISDN adapters over PCI. On targets
without PCI support, this package is empty. Symbol CONFIG_MISDN_HFCMULTI
and CONFIG_MISDN_HFCPCI depends on CONFIG_PCI.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
19 months agolibtraceevent: update to 1.7.2
Nick Hainke [Tue, 28 Mar 2023 22:29:47 +0000 (00:29 +0200)]
libtraceevent: update to 1.7.2

Changes:
1c6f0f3 libtraceevent: version 1.7.2
73f6a8a libtraceevent: Fix some missing commas in big endian blocks
da2ea6b libtraceevent: Rename "ok" to "token_has_paren" in process_sizeof()
e6f7cfa libtraceevent: No need for testing ok in else if (!ok) in process_sizeof()
a4b1ba5 libtraceevent: Fix double free in parsing sizeof()

Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agotools/squashfs4: bump to 4.6.1
Linhui Liu [Fri, 31 Mar 2023 13:42:09 +0000 (21:42 +0800)]
tools/squashfs4: bump to 4.6.1

Changelogs:
https://github.com/plougher/squashfs-tools/blob/4.6.1/CHANGES

Removed upstreamed patches:
- 001-Unsquashfs-Add-and-make-some-header-includes-conditi.patch
- 002-Mksquashfs-Make-sysinfo-conditional.patch
- 003-Only-use-available-CPUs.patch
- 004-action-rework-strdupa-with-POSIX-strdup-and-free.patch
- 005-Don-t-use-sigwaitinfo-sigtimedwait-if-not-supported.patch
- 006-Move-sysinfo.h-into-the-linux-only-section-should-fi.patch
- 007-Unsquashfs-fix-compilation-error-for-missing-sysctl..patch
- 100-portability.patch

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
19 months agotools/squashfs4: enable parallel builds
Linhui Liu [Fri, 31 Mar 2023 13:34:01 +0000 (21:34 +0800)]
tools/squashfs4: enable parallel builds

Run `time make tools/squashfs4/{clean,compile} -j$(nproc)`
Before:
real    0m8.803s
user    0m12.415s
sys     0m1.317s
After:
real    0m13.781s
user    0m13.290s
sys     0m1.528s

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
19 months agoramips: mt7621: remove set-affinity script
Rosen Penev [Tue, 28 Mar 2023 22:29:19 +0000 (15:29 -0700)]
ramips: mt7621: remove set-affinity script

From https://github.com/openwrt/openwrt/pull/12280#issuecomment-1489279860
On Ethernet and WLAN, NAPI is threaded for all queues. This means that the
processing work is not stuck on the CPU that fired the IRQ. Under heavy
load, IRQs get disabled anyway, so it should not matter at all which CPUs
the IRQs fire on.

Basic testing indicates this to be true. There's no speedup or slowdown.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
19 months agoramips: mt7621: ASUS RT-AX53U add NMBM, nest firmware
Felix Baumann [Fri, 31 Mar 2023 04:16:04 +0000 (06:16 +0200)]
ramips: mt7621: ASUS RT-AX53U add NMBM, nest firmware

Nests kernel and ubi into firmware partition in-order to be compatible
with OEM firmware. This allows restoring oem firmware from a backup of
firmware2. Add jffs2 partition which is present in the oem firmware.
Add support for mediatek NMBM (wear leveling on newer mediatek devices).
Exclude UBI partition from NMBM management.
Continues PR #10685.

Tested-by: Felix Baumann <felix.bau@gmx.de>
Signed-off-by: Felix Baumann <felix.bau@gmx.de>
19 months agokernel: bump 5.15 to 5.15.105
John Audia [Thu, 30 Mar 2023 15:39:17 +0000 (11:39 -0400)]
kernel: bump 5.15 to 5.15.105

Manually rebased:

Removed upstreamed:
backport-5.15/743-v6.3-0005-net-dsa-b53-mmap-fix-device-tree-support.patch[1]
backport-5.15/743-v6.3-0006-net-dsa-tag_brcm-legacy-fix-daisy-chained-switches.patch[2]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.105&id=9bbb3d3f218f1cf51f57a43cf8fd63b05be1b821
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.105&id=48f52431af9980582b6faa32ff8b581edb10486c

Build system: x86_64
Build-tested: bcm2711/RPi4B, ramips/tplink_archer-a6-v3, filogic/xiaomi_redmi-router-ax6000-ubootmod
Run-tested: bcm2711/RPi4B, ramips/tplink_archer-a6-v3, filogic/xiaomi_redmi-router-ax6000-ubootmod

Signed-off-by: John Audia <therealgraysky@proton.me>
19 months agokernel: add support for XMC XM25QH64C
Joe Mullally [Sun, 26 Feb 2023 22:01:22 +0000 (22:01 +0000)]
kernel: add support for XMC XM25QH64C

The XMC XM25QH64C is a 8MB SPI NOR chip. The patch is verified on TL-WPA8631P v3.
Datasheet available at https://www.xmcwh.com/uploads/442/XM25QH64C.pdf

Signed-off-by: Joe Mullally <jwmullally@gmail.com>
19 months agomac80211: ath11k: restore 160MHz support
Robert Marko [Tue, 28 Mar 2023 11:38:57 +0000 (13:38 +0200)]
mac80211: ath11k: restore 160MHz support

Recent ath11k sync introduced a regression causing 80+80 and 160MHz to
stop being advertised and thus not selectable due to the respective feature
flags being cleared.

So, until we get answers upstream to what was the reasoning behind this and
it gets fixed, lets just remove the flag clearing to reanable 160MHz.

Fixes: 789a0bac3535 ("mac80211: ath11k: sync with ath-next")
Signed-off-by: Robert Marko <robimarko@gmail.com>
19 months agobusybox: enable taskset by default
Felix Fietkau [Sat, 1 Apr 2023 07:07:54 +0000 (09:07 +0200)]
busybox: enable taskset by default

This is useful for controlling process affinity on SMP systems

Signed-off-by: Felix Fietkau <nbd@nbd.name>
19 months agokernel: fix mtk_eth_soc flow accounting for MT7986
Felix Fietkau [Sat, 1 Apr 2023 07:07:22 +0000 (09:07 +0200)]
kernel: fix mtk_eth_soc flow accounting for MT7986

This was accidentally dropped when MT7981 support was added

Signed-off-by: Felix Fietkau <nbd@nbd.name>
19 months agoarm-trusted-firmware-sunxi: bump to 2.8
Stijn Tintel [Tue, 20 Dec 2022 18:05:40 +0000 (20:05 +0200)]
arm-trusted-firmware-sunxi: bump to 2.8

Use latest release build instead of a git snapshot. As this tarball
extracts in a trusted-firmware-a-2.8 subdirectory, we no longer need to
override the PKG_NAME defined in trusted-firmware-a.mk. The actual
package name is still the same, so we don't need to update any
dependencies.

Tested on A64-OLinuXino-1Ge16GW.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
19 months agouboot-sunxi: bump to 2020.07
Stijn Tintel [Wed, 21 Dec 2022 20:00:49 +0000 (22:00 +0200)]
uboot-sunxi: bump to 2020.07

This is the newest release where 210-sunxi-deactivate-binman.patch still
applies.

Tested on A64-Olinuxino-eMMC.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
19 months agoipq40xx: add LED functions for Google WiFi
Jan-Niklas Burfeind [Mon, 27 Mar 2023 05:29:39 +0000 (07:29 +0200)]
ipq40xx: add LED functions for Google WiFi

Add LED function properties for the LED controller to avoid failing
driver probe with kernel 5.15.

While at it, also define the OpenWrt LED indicator patterns for this
device.

Ref commit 583ac0e11df7 ("mpc85xx: update lp5521 led-controller node for 5.10")

Google uses white for running and red for an issue

Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
Tested-by: Andrijan Möcker <amo@ct.de>
Reviewed-by: Brian Norris <computersforpeace@gmail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>