From 3a23eed4dcb3dddbe41812dd69f6956e86189205 Mon Sep 17 00:00:00 2001 From: Stijn Segers Date: Sun, 4 Feb 2024 13:20:32 +0100 Subject: [PATCH 1/5] realtek: fix zyxel-vers usage for XGS1250-12 Commit daefc646e6d4 ("realtek: fix ZyXEL initramfs image generation") fixed a shell expansion issue with zyxel-vers usage. Commit 045baca10b15 ("realtek: deduplicate GS1900 recipes") took care of this for the rtl838x and rtl839x subtargets, but the single device officially supported in rtl930x - the XGS1250-12 - was overlooked. This commit updates the XGS1250-12 build recipe as well. Signed-off-by: Stijn Segers (cherry picked from commit 557db5106ce7809a5b2f1ec6d2407c1f32d10ef7) --- target/linux/realtek/image/rtl930x.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/linux/realtek/image/rtl930x.mk b/target/linux/realtek/image/rtl930x.mk index f55c5c002b..891a18c517 100644 --- a/target/linux/realtek/image/rtl930x.mk +++ b/target/linux/realtek/image/rtl930x.mk @@ -11,7 +11,7 @@ define Device/zyxel_xgs1250-12 kernel-bin | \ append-dtb | \ gzip | \ - zyxel-vers $$$$(ZYXEL_VERS) | \ + zyxel-vers | \ uImage gzip endef TARGET_DEVICES += zyxel_xgs1250-12 From 9ee626f94505eeb71e9cdab19af216eb1c9f2a15 Mon Sep 17 00:00:00 2001 From: Chad Monroe Date: Tue, 16 Jan 2024 15:44:33 -0800 Subject: [PATCH 2/5] ucode: add libjson-c/host dependency ensure host libjson-c is built prior to ucode Signed-off-by: Chad Monroe (cherry picked from commit 5a3f6c50ef29c8b11fe6967e65277b8331be0ff0) --- package/utils/ucode/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/package/utils/ucode/Makefile b/package/utils/ucode/Makefile index 8a6274739e..c1fadd817a 100644 --- a/package/utils/ucode/Makefile +++ b/package/utils/ucode/Makefile @@ -19,6 +19,7 @@ PKG_MAINTAINER:=Jo-Philipp Wich PKG_LICENSE:=ISC PKG_ABI_VERSION:=20230711 +HOST_BUILD_DEPENDS:=libjson-c/host include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/host-build.mk From aa762ada8089e588f1734cd25dc8c236a867661f Mon Sep 17 00:00:00 2001 From: Ivan Pavlov Date: Fri, 2 Feb 2024 08:46:52 +0300 Subject: [PATCH 3/5] openssl: update to 3.0.13 Major changes between OpenSSL 3.0.12 and OpenSSL 3.0.13 [30 Jan 2024] * Fixed PKCS12 Decoding crashes ([CVE-2024-0727]) * Fixed Excessive time spent checking invalid RSA public keys ([CVE-2023-6237]) * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129]) * Fix excessive time spent in DH check / generation with large Q parameter value ([CVE-2023-5678]) Signed-off-by: Ivan Pavlov (cherry picked from commit 44cd90c49a7457345c0fba186d5d762d3a04d854) --- package/libs/openssl/Makefile | 4 ++-- .../libs/openssl/patches/100-Configure-afalg-support.patch | 2 +- .../libs/openssl/patches/140-allow-prefer-chacha20.patch | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index 4b1388e7af..3bb60bc5ed 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssl -PKG_VERSION:=3.0.12 +PKG_VERSION:=3.0.13 PKG_RELEASE:=1 PKG_BUILD_FLAGS:=no-mips16 gc-sections no-lto @@ -24,7 +24,7 @@ PKG_SOURCE_URL:= \ ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \ ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/old/$(PKG_BASE)/ -PKG_HASH:=f93c9e8edde5e9166119de31755fc87b4aa34863662f67ddfcba14d0b6b69b61 +PKG_HASH:=88525753f79d3bec27d2fa7c66aa0b92b3aa9498dafd93d7cfa4b3780cdae313 PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE diff --git a/package/libs/openssl/patches/100-Configure-afalg-support.patch b/package/libs/openssl/patches/100-Configure-afalg-support.patch index 307e23b809..e9cd7bf9c1 100644 --- a/package/libs/openssl/patches/100-Configure-afalg-support.patch +++ b/package/libs/openssl/patches/100-Configure-afalg-support.patch @@ -10,7 +10,7 @@ Signed-off-by: Eneas U de Queiroz --- a/Configure +++ b/Configure -@@ -1674,7 +1674,9 @@ $config{CFLAGS} = [ map { $_ eq '--ossl- +@@ -1677,7 +1677,9 @@ $config{CFLAGS} = [ map { $_ eq '--ossl- unless ($disabled{afalgeng}) { $config{afalgeng}=""; diff --git a/package/libs/openssl/patches/140-allow-prefer-chacha20.patch b/package/libs/openssl/patches/140-allow-prefer-chacha20.patch index 43fd92e388..fb7bc84361 100644 --- a/package/libs/openssl/patches/140-allow-prefer-chacha20.patch +++ b/package/libs/openssl/patches/140-allow-prefer-chacha20.patch @@ -16,7 +16,7 @@ Signed-off-by: Eneas U de Queiroz --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c -@@ -1505,11 +1505,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ +@@ -1506,11 +1506,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail); @@ -46,7 +46,7 @@ Signed-off-by: Eneas U de Queiroz /* * ...and generally, our preferred cipher is AES. -@@ -1564,7 +1582,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ +@@ -1565,7 +1583,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ * Within each group, ciphers remain sorted by strength and previous * preference, i.e., * 1) ECDHE > DHE @@ -55,7 +55,7 @@ Signed-off-by: Eneas U de Queiroz * 3) AES > rest * 4) TLS 1.2 > legacy * -@@ -2235,7 +2253,13 @@ const char *OSSL_default_cipher_list(voi +@@ -2236,7 +2254,13 @@ const char *OSSL_default_cipher_list(voi */ const char *OSSL_default_ciphersuites(void) { From c51d49ba3974ff9e350261bc023970f1d809962e Mon Sep 17 00:00:00 2001 From: Yuu Toriyama Date: Sun, 4 Feb 2024 04:09:14 +0900 Subject: [PATCH 4/5] wireless-regdb: update to 2024.01.23 The maintainer and repository of wireless-regdb has changed. https://lore.kernel.org/all/CAGb2v657baNMPKU3QADijx7hZa=GUcSv2LEDdn6N=QQaFX8r-g@mail.gmail.com/ Changes: 37dcea0 wireless-regdb: Update keys and maintainer information 9e0aee6 wireless-regdb: Makefile: Reproducible signatures 8c784a1 wireless-regdb: Update regulatory rules for China (CN) 149c709 wireless-regdb: Update regulatory rules for Japan (JP) for December 2023 bd69898 wireless-regdb: Update regulatory rules for Singapore (SG) for September 2023 d695bf2 wireless-regdb: Update and disable 5470-5730MHz band according to TPC requirement for Singapore (SG) 4541300 wireless-regdb: update regulatory database based on preceding changes Signed-off-by: Yuu Toriyama (cherry picked from commit b463737826eaa6c519eba93e13757a0cd3e09d47) --- package/firmware/wireless-regdb/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package/firmware/wireless-regdb/Makefile b/package/firmware/wireless-regdb/Makefile index dfff35ff4d..431d07c35b 100644 --- a/package/firmware/wireless-regdb/Makefile +++ b/package/firmware/wireless-regdb/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wireless-regdb -PKG_VERSION:=2023.09.01 +PKG_VERSION:=2024.01.23 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@KERNEL/software/network/wireless-regdb/ -PKG_HASH:=26d4c2a727cc59239b84735aad856b7c7d0b04e30aa5c235c4f7f47f5f053491 +PKG_HASH:=c8a61c9acf76fa7eb4239e89f640dee3e87098d9f69b4d3518c9c60fc6d20c55 PKG_MAINTAINER:=Felix Fietkau @@ -16,7 +16,7 @@ define Package/wireless-regdb PKGARCH:=all SECTION:=firmware CATEGORY:=Firmware - URL:=https://git.kernel.org/pub/scm/linux/kernel/git/sforshee/wireless-regdb.git/ + URL:=https://git.kernel.org/pub/scm/linux/kernel/git/wens/wireless-regdb.git/ TITLE:=Wireless Regulatory Database endef From 9e41117953e31ffe355416e962ecf0e000dc594d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= Date: Wed, 7 Feb 2024 09:17:50 +0100 Subject: [PATCH 5/5] ipq40xx: fix PHY subsystem compilation (phy_interface_num_ports()) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes: drivers/net/phy/phy-core.c: In function 'phy_interface_num_ports': drivers/net/phy/phy-core.c:107:9: error: enumeration value 'PHY_INTERFACE_MODE_PSGMII' not handled in switch [-Werror=switch] 107 | switch (interface) { | ^~~~~~ Fixes: 8a7f667fb53e ("kernel: 5.15: backport v6.1 PHY changes required for Aquantia") Fixes: https://github.com/openwrt/openwrt/issues/14560 Signed-off-by: Rafał Miłecki --- ...704-net-phy-define-PSGMII-PHY-interface-mode.patch | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/target/linux/ipq40xx/patches-5.15/704-net-phy-define-PSGMII-PHY-interface-mode.patch b/target/linux/ipq40xx/patches-5.15/704-net-phy-define-PSGMII-PHY-interface-mode.patch index c707e5c8ff..1cc8ec1f03 100644 --- a/target/linux/ipq40xx/patches-5.15/704-net-phy-define-PSGMII-PHY-interface-mode.patch +++ b/target/linux/ipq40xx/patches-5.15/704-net-phy-define-PSGMII-PHY-interface-mode.patch @@ -30,6 +30,17 @@ Signed-off-by: Gabor Juhos - qsgmii - tbi - rev-mii +--- a/drivers/net/phy/phy-core.c ++++ b/drivers/net/phy/phy-core.c +@@ -140,6 +140,8 @@ int phy_interface_num_ports(phy_interfac + case PHY_INTERFACE_MODE_QSGMII: + case PHY_INTERFACE_MODE_QUSGMII: + return 4; ++ case PHY_INTERFACE_MODE_PSGMII: ++ return 5; + case PHY_INTERFACE_MODE_MAX: + WARN_ONCE(1, "PHY_INTERFACE_MODE_MAX isn't a valid interface mode"); + return 0; --- a/drivers/net/phy/phylink.c +++ b/drivers/net/phy/phylink.c @@ -371,6 +371,7 @@ void phylink_get_linkmodes(unsigned long