修改编译脚本权限

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

README.md

@@ -45,15 +45,15 @@ To build your own firmware you need a GNU/Linux, BSD or MacOSX system (case sens
       ```
 
   Note:
-  - For the for love of god please do __not__ use ROOT user to build your image.
+  - Do everything as an unprivileged user, not root, without sudo.
   - Using CPUs based on other architectures should be fine to compile ImmortalWrt, but more hacks are needed - No warranty at all.
-  - You must __not__ have spaces in PATH or in the work folders on the drive.
+  - You must __not__ have spaces or non-ascii characters in PATH or in the work folders on the drive.
   - If you're using Windows Subsystem for Linux (or WSL), removing Windows folders from PATH is required, please see [Build system setup WSL](https://openwrt.org/docs/guide-developer/build-system/wsl) documentation.
   - Using macOS as the host build OS is __not__ recommended. No warranty at all. You can get tips from [Build system setup macOS](https://openwrt.org/docs/guide-developer/build-system/buildroot.exigence.macosx) documentation.
   - For more details, please see [Build system setup](https://openwrt.org/docs/guide-developer/build-system/install-buildsystem) documentation.
 
   ### Quickstart
-  1. Run `git clone -b <branch> --single-branch https://github.com/immortalwrt/immortalwrt` to clone the source code.
+  1. Run `git clone -b <branch> --single-branch --filter=blob:none https://github.com/immortalwrt/immortalwrt` to clone the source code.
   2. Run `cd immortalwrt` to enter source directory.
   3. Run `./scripts/feeds update -a` to obtain all the latest package definitions defined in feeds.conf / feeds.conf.default
   4. Run `./scripts/feeds install -a` to install symlinks for all obtained packages into package/feeds/
@@ -86,6 +86,6 @@ ImmortalWrt is licensed under [GPL-2.0-only](https://spdx.org/licenses/GPL-2.0-o
   <tr>
     <td><a href="https://dlercloud.com/"><img src="https://user-images.githubusercontent.com/22235437/111103249-f9ec6e00-8588-11eb-9bfc-67cc55574555.png" width="183" height="52" border="0" alt="Dler Cloud"></a></td>
     <td><a href="https://www.jetbrains.com/"><img src="https://resources.jetbrains.com/storage/products/company/brand/logos/jb_square.png" width="120" height="120" border="0" alt="JetBrains Black Box Logo logo"></a></td>
-    <td><a href="https://osdn.net/"><img src="https://osdn.net/sflogo.php?group_id=13647&type=2" width="125" height="39" border="0" alt="OSDN"></a></td>
+    <td><a href="https://sourceforge.net/"><img src="https://sourceforge.net/sflogo.php?type=17&group_id=3663829" alt="SourceForge" width=200></a></td>
   </tr>
 </table>

build_openwrt.sh

@@ -0,0 +1,749 @@
+#!/usr/bin/env bash
+
+#====================================================
+# OpenWrt 构建管理脚本
+# 功能：提供交互式菜单，可选择执行特定操作
+# 更新：2025-04-05
+#====================================================
+
+#---------------基础配置---------------#
+# 日志目录设置
+LOGS_ROOT="openwrt_logs"
+SESSION_DIR="${LOGS_ROOT}/$(date +%Y%m%d_%H%M%S)"
+LOG_FILE="${SESSION_DIR}/main_build_script.log" # 主脚本日志文件名更改，更清晰
+
+#---------------清理配置---------------#
+# 需要移除的目录列表 (示例，根据你的需要添加)
+declare -a REMOVE_DIRS=(
+    # "feeds/packages/net/v2ray-geodata" # 示例
+)
+
+# 需要移除的包列表 (示例，根据你的需要添加)
+declare -a REMOVE_PACKAGES=(
+    # "package/feeds/luci/luci-app-example" # 示例
+)
+
+#---------------自定义包配置---------------#
+# 定义自定义包配置，格式：[包名]=[目标目录]=[仓库URL]=[分支]=[是否使用--depth 1]
+declare -A CUSTOM_PACKAGES=(
+    ["partexp"]="package/luci-app-partexp=https://github.com/sirpdboy/luci-app-partexp=main=false"
+    ["openclash"]="package/openclash=https://github.com/vernesong/OpenClash=dev=true"
+    ["zerotier"]="package/luci-app-zerotier=https://github.com/Firsgith/luci-app-zerotier.git=main=false"
+    ["5gsupport"]="package/5G-Modem-Support=https://nanako.site/gitea/Nanako/openwrt-app-actions.git=main=false"
+    ["pcat"]="package/pcat-manager=https://github.com/photonicat/rockchip_rk3568_pcat_manager.git=master=true"
+)
+
+#---------------日志系统---------------#
+# 保存原始的标准输出和错误输出文件描述符
+exec {STDOUT_ORIG}>&1
+exec {STDERR_ORIG}>&2
+
+# 全局变量标记日志是否启用
+LOGGING_ENABLED=false # 初始为 false，由 init_logger 启用
+
+# 初始化日志系统
+init_logger() {
+    # 创建日志目录结构
+    mkdir -p "$SESSION_DIR" || {
+        echo "错误: 无法创建日志目录: $SESSION_DIR" >&2
+        exit 1
+    }
+
+    LOGGING_ENABLED=true
+    echo "日志将保存在: $SESSION_DIR"
+    echo "主脚本日志: $LOG_FILE"
+
+    # 重定向主脚本的 stdout 和 stderr 到 tee，同时输出到控制台和主日志文件
+    # 使用 process substitution 和 tee
+    exec > >(tee -a "$LOG_FILE")
+    exec 2> >(tee -a "$LOG_FILE" >&2)
+
+    # 记录初始信息到日志
+    echo "[$(date "+%Y-%m-%d %H:%M:%S")] [INFO]: 日志系统初始化完成。主日志文件: $LOG_FILE"
+}
+
+# 创建新的特定构建阶段的日志文件
+create_build_log() {
+    local build_type=$1
+    local timestamp=$(date +%Y%m%d_%H%M%S)
+    # 使用更明确的文件名
+    BUILD_LOG_FILE="${SESSION_DIR}/${build_type}_build_${timestamp}.log"
+    # 确保文件被创建，即使命令没有输出
+    touch "$BUILD_LOG_FILE" || {
+        log "ERROR" "无法创建构建日志文件: $BUILD_LOG_FILE"
+        return 1
+    }
+    # 返回创建的日志文件名
+    echo "$BUILD_LOG_FILE"
+    return 0
+}
+
+# 禁用日志重定向 (用于 menuconfig 等交互场景)
+disable_logging() {
+    if [ "$LOGGING_ENABLED" = true ]; then
+        log "DEBUG" "禁用日志重定向，恢复原始标准输出/错误。"
+        exec >&$STDOUT_ORIG
+        exec 2>&$STDERR_ORIG
+        LOGGING_ENABLED=false # 标记为禁用
+    fi
+}
+
+# 启用日志重定向 (恢复)
+enable_logging() {
+    # 仅在之前被禁用的情况下才重新启用
+    if [ "$LOGGING_ENABLED" = false ]; then
+        # 重新应用重定向到主日志
+        exec > >(tee -a "$LOG_FILE")
+        exec 2> >(tee -a "$LOG_FILE" >&2)
+        LOGGING_ENABLED=true # 标记为启用
+        log "DEBUG" "重新启用日志重定向到主日志。"
+    fi
+}
+
+# 设置终端颜色
+setup_colors() {
+    if [[ -t 1 ]]; then # 检查标准输出是否连接到终端
+        RED='\033[0;31m'
+        GREEN='\033[0;32m'
+        YELLOW='\033[1;33m'
+        BLUE='\033[0;34m'
+        NC='\033[0m' # No Color
+    else
+        RED='' GREEN='' YELLOW='' BLUE='' NC=''
+    fi
+}
+
+# 记录日志函数 - 使用此函数来明确日志级别
+# 注意：此函数输出会经过 init_logger 设置的全局重定向
+log() {
+    local level=$1
+    local message=$2
+    local timestamp
+    timestamp=$(date "+%Y-%m-%d %H:%M:%S")
+    local color="" level_str=""
+
+    case $level in
+        "INFO")  color="$GREEN";  level_str="INFO " ;; # 加空格对齐
+        "WARN")  color="$YELLOW"; level_str="WARN " ;;
+        "ERROR") color="$RED";    level_str="ERROR" ;;
+        "DEBUG") color="$BLUE";   level_str="DEBUG" ;;
+        *)       color="";        level_str="LOG  " ;; # 默认级别
+    esac
+
+    # 使用 printf 保证原子写入，减少并发问题
+    printf "[%s] %b[%s]%b: %s\n" "$timestamp" "$color" "$level_str" "$NC" "$message"
+}
+
+# 同时记录消息到主日志和特定的构建日志
+log_to_both() {
+    local level=$1
+    local message=$2
+    local build_log_file=$3 # 明确参数名
+
+    # 1. 输出到主日志（通过全局重定向和 log 函数）
+    log "$level" "$message"
+
+    # 2. 追加到指定的构建日志文件
+    local timestamp
+    timestamp=$(date "+%Y-%m-%d %H:%M:%S")
+    # 直接追加，不需要颜色代码
+    printf "[%s] [%s]: %s\n" "$timestamp" "$level" "$message" >> "$build_log_file"
+}
+
+
+#---------------自定义包管理函数---------------#
+# 更新单个自定义包
+update_single_package() {
+    local pkg_name=$1
+    local config=$2
+
+    # 解析配置 (保持 cut 的方式，假设路径/URL/分支名不含 '=')
+    # 如果遇到问题，可以切换到 IFS/read
+    local target_dir repo_url branch use_depth
+    target_dir=$(echo "$config" | cut -d= -f1)
+    repo_url=$(echo "$config" | cut -d= -f2)
+    branch=$(echo "$config" | cut -d= -f3)
+    use_depth=$(echo "$config" | cut -d= -f4)
+
+    # 基础验证
+    if [ -z "$target_dir" ] || [ -z "$repo_url" ]; then
+        log "ERROR" "包 '$pkg_name' 的配置无效: $config"
+        return 1
+    fi
+
+    log "INFO" "更新自定义包: $pkg_name..."
+
+    # 检查目标目录的父目录是否存在
+    local parent_dir
+    parent_dir=$(dirname "$target_dir")
+    if [ ! -d "$parent_dir" ]; then
+        log "INFO" "创建父目录: $parent_dir"
+        mkdir -p "$parent_dir" || {
+            log "ERROR" "无法创建父目录: $parent_dir"
+            return 1
+        }
+    fi
+
+    # 移除现有目录
+    if [ -d "$target_dir" ]; then
+        log "INFO" "移除现有目录: $target_dir"
+        rm -rf "$target_dir" || {
+            log "ERROR" "无法删除目录: $target_dir"
+            return 1
+        }
+    fi
+
+    # 准备 git clone 命令参数数组 (移除 eval)
+    local git_options=("--progress") # 总是显示进度
+    # 处理分支
+    if [ -n "$branch" ] && [ "$branch" != "master" ]; then
+        git_options+=("-b" "$branch")
+    fi
+    # 处理 depth
+    if [ "$use_depth" = "true" ]; then
+        git_options+=("--depth" "1")
+    fi
+
+    # 执行克隆
+    log "INFO" "执行: git clone ${git_options[*]} $repo_url $target_dir"
+    if git clone "${git_options[@]}" "$repo_url" "$target_dir"; then
+        log "INFO" "包 '$pkg_name' 更新成功"
+        return 0
+    else
+        log "ERROR" "克隆包 '$pkg_name' 失败 (仓库: $repo_url)"
+        # 尝试给出更具体的错误提示
+        log "ERROR" "请检查网络连接、仓库 URL、分支名称以及目标目录权限。"
+        # 保留可能存在的空目录或部分克隆，让用户检查
+        # rm -rf "$target_dir" # 不再自动删除失败的克隆
+        return 1
+    fi
+}
+
+# 更新所有自定义包的主函数
+update_custom_package() {
+    local failed_packages=()
+    local success_count=0
+    local total_packages=${#CUSTOM_PACKAGES[@]}
+
+    if [ "$total_packages" -eq 0 ]; then
+        log "INFO" "没有配置自定义包，跳过更新。"
+        return 0
+    fi
+
+    log "INFO" "开始更新 $total_packages 个自定义包..."
+
+    for pkg_name in "${!CUSTOM_PACKAGES[@]}"; do
+        # 使用 subshell 执行，避免污染当前环境的变量，但这里影响不大
+        if update_single_package "$pkg_name" "${CUSTOM_PACKAGES[$pkg_name]}"; then
+             ((success_count++))
+        else
+            failed_packages+=("$pkg_name")
+        fi
+    done
+
+    # 显示更新结果
+    if [ ${#failed_packages[@]} -eq 0 ]; then
+        log "INFO" "所有自定义包更新成功 ($success_count/$total_packages)"
+        return 0
+    else
+        log "WARN" "部分自定义包更新失败 (成功: $success_count/$total_packages)"
+        log "ERROR" "更新失败的包: ${failed_packages[*]}"
+        return 1 # 返回失败状态码
+    fi
+}
+
+# 更新特定自定义包
+update_specific_package() {
+    local pkg_name=$1
+
+    if [ -z "$pkg_name" ]; then
+        log "ERROR" "未指定包名"
+        return 1
+    fi
+
+    if [ -z "${CUSTOM_PACKAGES[$pkg_name]}" ]; then
+        log "ERROR" "未找到包配置：'$pkg_name'"
+        log "INFO" "可用的包名: ${!CUSTOM_PACKAGES[*]}"
+        return 1
+    fi
+
+    update_single_package "$pkg_name" "${CUSTOM_PACKAGES[$pkg_name]}"
+}
+
+#---------------基础功能函数---------------#
+# 清理工作区 (make clean 的替代方案，更彻底)
+clean_workspace() {
+    log "INFO" "开始彻底清理工作区..."
+
+    # 清理 feeds (可选，如果 feeds 内容经常变动或出问题可以启用)
+    # log "INFO" "执行 ./scripts/feeds clean ..."
+    # ./scripts/feeds clean || log "WARN" "./scripts/feeds clean 执行时遇到问题。"
+
+    # 清理编译产物和临时文件
+    log "INFO" "执行 rm -rf ./tmp ./logs ./staging_dir ./build_dir ./bin ..."
+    # 注意：这里移除了 logs 目录，但我们的脚本日志在 openwrt_logs 下，不会被删
+    # 如果 OpenWrt 自身有 logs 目录且需要保留，则从下面移除 ./logs
+    rm -rf ./tmp ./logs ./staging_dir ./build_dir ./bin || {
+        log "ERROR" "删除部分工作区目录失败，请检查权限或文件占用。"
+        return 1
+    }
+
+    log "INFO" "工作区清理完成。"
+    return 0
+}
+
+# 清理编译临时文件 (make clean 的快速版)
+clean_build_temp() {
+    log "INFO" "开始清理编译临时文件..."
+
+    log "INFO" "执行 rm -rf ./tmp ./staging_dir ./build_dir ..."
+    rm -rf ./tmp ./staging_dir ./build_dir || {
+         log "ERROR" "删除部分编译临时目录失败。"
+         return 1
+    }
+
+    log "INFO" "编译临时文件清理完成。"
+    return 0
+}
+
+# 更新源码
+update_source() {
+    log "INFO" "开始更新 OpenWrt 源码 (git pull)..."
+    if git pull --rebase; then # 使用 rebase 避免不必要的 merge commit
+        log "INFO" "源码更新完成"
+        return 0
+    else
+        log "ERROR" "源码更新失败 (git pull --rebase)"
+        log "WARN" "请检查本地是否有未提交的修改，或尝试手动解决 Git 冲突。"
+        return 1
+    fi
+}
+
+# 更新并安装 feeds
+update_feeds() {
+    log "INFO" "开始更新 Feeds (update -a)..."
+    if ./scripts/feeds update -a; then
+        log "INFO" "Feeds 更新成功，开始安装 (install -a)..."
+        if ./scripts/feeds install -a; then
+            log "INFO" "Feeds 安装成功"
+            return 0
+        else
+            log "ERROR" "Feeds 安装失败 (install -a)"
+            return 1
+        fi
+    else
+        log "ERROR" "Feeds 更新失败 (update -a)"
+        return 1
+    fi
+}
+
+# 执行构建相关命令，并将 stdout 重定向到日志，stderr 同时输出到控制台和日志
+run_build_command() {
+    local cmd=$1              # 要执行的命令字符串
+    local log_file=$2         # 目标日志文件
+    local description=$3      # 操作描述
+
+    log_to_both "INFO" "开始执行: $description" "$log_file"
+    log "DEBUG" "命令详情: $cmd" # 只记录到主日志
+
+    # 执行命令
+    # stdout (>>) 追加到日志文件
+    # stderr (2>) 通过管道给 tee
+    #   tee -a "$log_file" 将 stderr 追加到日志文件
+    #   tee 默认将其标准输入复制到标准输出，这里即脚本的 stderr，因此会显示在控制台
+    local start_time end_time duration
+    start_time=$(date +%s)
+    if eval "$cmd" >> "$log_file" 2> >(tee -a "$log_file" >&2); then
+        end_time=$(date +%s)
+        duration=$((end_time - start_time))
+        log_to_both "INFO" "$description 完成 (耗时: ${duration}s)" "$log_file"
+        return 0 # 成功返回 0
+    else
+        end_time=$(date +%s)
+        duration=$((end_time - start_time))
+        local exit_code=$? # 获取命令的退出码
+        # 错误信息已经通过 stderr 的 tee 输出到控制台了
+        log_to_both "ERROR" "$description 失败 (退出码: $exit_code, 耗时: ${duration}s)" "$log_file"
+        log "ERROR" "详细错误请查看控制台输出以及日志文件: $log_file"
+        return $exit_code # 失败返回命令的退出码
+    fi
+}
+
+# 编译固件
+build_firmware() {
+    # 创建新的固件编译日志文件
+    local current_log
+    current_log=$(create_build_log "firmware") || return 1 # 创建失败则退出
+
+    log "INFO" "开始编译固件..."
+    log "INFO" "详细编译日志将保存在: $current_log"
+
+    # 1. 下载依赖包
+    local download_cmd="make download -j$(nproc) V=s"
+    run_build_command "$download_cmd" "$current_log" "下载依赖包" || {
+        log "ERROR" "依赖包下载失败，编译中止。"
+        # 即使下载失败，日志文件也已包含错误信息
+        return 1
+    }
+
+    # 2. 多线程编译
+    local cpu_cores
+    cpu_cores=$(nproc)
+    log "INFO" "检测到 $cpu_cores 个 CPU 核心，开始多线程编译..."
+    local build_cmd="make -j${cpu_cores} V=s"
+
+    if run_build_command "$build_cmd" "$current_log" "固件编译 (多线程)"; then
+        log "INFO" "${GREEN}固件编译成功完成！${NC}"
+        log "INFO" "固件输出目录: ./bin/targets/"
+        return 0 # 编译成功
+    else
+        # 多线程编译失败，询问用户是否重试
+        log "WARN" "多线程编译失败。"
+        local retry_choice
+        # -r: raw input, -p: prompt, -n 1: read only one char (optional but nice), -t 15: timeout (optional)
+        # Default to No
+        read -rp "$(echo -e ${YELLOW}"是否尝试使用单线程重新编译? (y/N): "${NC})" -n 1 -t 30 retry_choice
+        echo # Add a newline after read -n
+
+        if [[ "$retry_choice" =~ ^[Yy]$ ]]; then
+            log "INFO" "用户选择使用单线程重试编译..."
+
+            # 3. 单线程编译重试
+            local build_cmd_single="make -j1 V=s"
+            if run_build_command "$build_cmd_single" "$current_log" "固件编译 (单线程重试)"; then
+                log "INFO" "${GREEN}单线程编译成功完成！${NC}"
+                log "INFO" "固件输出目录: ./bin/targets/"
+                return 0 # 单线程编译成功
+            else
+                log "ERROR" "${RED}单线程编译也失败了。${NC}"
+                log "ERROR" "请仔细检查控制台错误输出以及日志文件: $current_log"
+                return 1 # 最终编译失败
+            fi
+        else
+            log "INFO" "用户选择不进行单线程重试编译。"
+            log "ERROR" "${RED}编译失败，未进行单线程重试。${NC}"
+            log "ERROR" "请仔细检查控制台错误输出以及日志文件: $current_log"
+            return 1 # 用户取消重试，编译失败
+        fi
+    fi
+}
+
+# 清理配置文件中指定的旧包/目录
+clean_packages() {
+    log "INFO" "开始清理配置文件中指定的旧包和目录..."
+    local removed_count=0
+    local failed_count=0
+    local total_to_remove=$((${#REMOVE_DIRS[@]} + ${#REMOVE_PACKAGES[@]}))
+
+    if [ "$total_to_remove" -eq 0 ]; then
+        log "INFO" "配置文件中未指定需要移除的包或目录。"
+        return 0
+    fi
+
+    # 清理目录
+    for dir in "${REMOVE_DIRS[@]}"; do
+        if [ -e "$dir" ]; then # 使用 -e 检查文件或目录是否存在
+            log "INFO" "正在删除目录: $dir"
+            if rm -rf "$dir"; then
+                log "INFO" "已删除: $dir"
+                ((removed_count++))
+            else
+                log "ERROR" "删除失败: $dir (请检查权限或是否被占用)"
+                ((failed_count++))
+            fi
+        else
+             log "WARN" "指定的目录不存在，跳过: $dir"
+        fi
+    done
+
+    # 清理包 (通常包也是目录)
+    for pkg in "${REMOVE_PACKAGES[@]}"; do
+         if [ -e "$pkg" ]; then
+            log "INFO" "正在删除包/目录: $pkg"
+            if rm -rf "$pkg"; then
+                log "INFO" "已删除: $pkg"
+                ((removed_count++))
+            else
+                log "ERROR" "删除失败: $pkg (请检查权限或是否被占用)"
+                ((failed_count++))
+            fi
+        else
+             log "WARN" "指定的包/目录不存在，跳过: $pkg"
+        fi
+    done
+
+    if [ $failed_count -eq 0 ]; then
+        log "INFO" "旧包/目录清理完成，共处理 $removed_count 个项目。"
+        return 0
+    else
+        log "WARN" "旧包/目录清理部分完成 (成功: $removed_count, 失败: $failed_count)"
+        return 1 # 返回失败状态码
+    fi
+}
+
+# 更新所有组件 (源码 -> 清理旧包 -> 自定义包 -> feeds)
+update_all_components() {
+    log "INFO" "开始更新所有组件..."
+    local success=true # 假设成功
+
+    # 1. 更新源码
+    log "INFO" "[1/4] 更新 OpenWrt 源码..."
+    update_source || success=false
+
+    # 2. 清理旧包 (即使上一步失败也尝试清理)
+    log "INFO" "[2/4] 清理配置文件指定的旧包/目录..."
+    clean_packages || log "WARN" "清理旧包/目录时遇到问题，继续执行..." # 清理失败通常不阻止后续
+
+    # 3. 更新自定义包 (只有在源码更新成功时才执行较好)
+    if [ "$success" = true ]; then
+        log "INFO" "[3/4] 更新自定义包..."
+        update_custom_package || success=false
+    else
+        log "WARN" "[3/4] 跳过更新自定义包，因为源码更新失败。"
+    fi
+
+    # 4. 更新 Feeds (只有在源码和自定义包都成功时执行较好)
+    if [ "$success" = true ]; then
+        log "INFO" "[4/4] 更新 Feeds..."
+        update_feeds || success=false
+    else
+        log "WARN" "[4/4] 跳过更新 Feeds，因为之前的步骤失败。"
+    fi
+
+    # 总结
+    if [ "$success" = true ]; then
+        log "INFO" "所有组件更新完成！"
+        return 0
+    else
+        log "ERROR" "部分或全部组件更新失败，请检查上面的日志。"
+        return 1
+    fi
+}
+
+# 菜单配置 (make menuconfig)
+menuconfig() {
+    log "INFO" "准备进入菜单配置 (make menuconfig)..."
+    log "INFO" "注意：日志重定向将暂时禁用以进行交互。"
+
+    # 禁用日志重定向，否则 menuconfig 界面可能显示不正常
+    disable_logging
+
+    # 执行 menuconfig
+    if make menuconfig; then
+        # 配置成功后重新启用日志
+        enable_logging
+        log "INFO" "菜单配置完成。新配置已保存到 .config"
+        # 询问是否保存 defconfig (可选)
+        # read -p "是否将当前配置保存为 defconfig? (y/N): " save_defconfig
+        # if [[ "$save_defconfig" =~ ^[Yy]$ ]]; then
+        #     ./scripts/diffconfig.sh > my_defconfig
+        #     log "INFO" "当前配置已保存到 my_defconfig"
+        # fi
+        return 0
+    else
+        # 配置失败或被取消，也要恢复日志
+        enable_logging
+        log "WARN" "菜单配置未完成或被取消。"
+        return 1 # 返回失败状态码
+    fi
+}
+
+#---------------组合功能函数---------------#
+# 完整构建流程
+full_build() {
+    log "INFO" "启动完整构建流程..."
+    local step=1
+    local total_steps=6 # 预估步骤数
+
+    # 1. 清理工作区
+    log "INFO" "[${step}/${total_steps}] 清理工作区..."
+    clean_workspace || { log "WARN" "工作区清理可能不完整，尝试继续..."; } # 清理失败通常不致命
+    ((step++))
+
+    # 2. 更新源码
+    log "INFO" "[${step}/${total_steps}] 更新源码..."
+    update_source || { log "ERROR" "源码更新失败，终止构建流程。"; return 1; }
+    ((step++))
+
+    # 3. 清理旧包
+    log "INFO" "[${step}/${total_steps}] 清理配置文件指定的旧包..."
+    clean_packages || log "WARN" "清理旧包时遇到问题，继续执行..."
+    ((step++))
+
+    # 4. 更新自定义包
+    log "INFO" "[${step}/${total_steps}] 更新自定义包..."
+    update_custom_package || { log "ERROR" "自定义包更新失败，终止构建流程。"; return 1; }
+    ((step++))
+
+    # 5. 更新 Feeds
+    log "INFO" "[${step}/${total_steps}] 更新 Feeds..."
+    update_feeds || { log "ERROR" "Feeds 更新失败，终止构建流程。"; return 1; }
+    ((step++))
+
+    # 6. 菜单配置
+    log "INFO" "[${step}/${total_steps}] 进入菜单配置 (make menuconfig)..."
+    menuconfig || { log "WARN" "菜单配置未完成或取消，但继续尝试编译..."; } # 允许使用现有配置编译
+    ((step++)) # 无论成功与否，都算一步
+
+    # 7. 编译固件 (独立步骤，不计入前面的 total_steps)
+    log "INFO" "所有准备工作完成，开始编译固件..."
+    if build_firmware; then
+        log "INFO" "${GREEN}完整构建流程成功完成！${NC}"
+        return 0
+    else
+        log "ERROR" "${RED}完整构建流程失败于编译阶段。${NC}"
+        return 1
+    fi
+}
+
+#---------------菜单函数---------------#
+# 打印主菜单
+print_menu() {
+    echo -e "\n${BLUE}======= OpenWrt 构建管理菜单 =======${NC}"
+    echo -e " ${YELLOW}会话日志目录: ${SESSION_DIR}${NC}"
+    echo -e "${GREEN} 1.${NC} ${BOLD}完整构建流程${NC} (清理 > 更新源码/包/feeds > 配置 > 编译)"
+    echo -e "${GREEN} 2.${NC} 清理工作区 (删除 tmp, bin, build_dir 等)"
+    echo -e "${GREEN} 3.${NC} 更新所有组件 (源码 + 旧包清理 + 自定义包 + feeds)"
+    echo -e "${GREEN} 4.${NC} 清理配置文件指定的旧包/目录"
+    echo -e "${GREEN} 5.${NC} ${BOLD}编译固件${NC} (make V=s)"
+    echo -e "${GREEN} 6.${NC} 调整配置 (make menuconfig)"
+    echo -e "${GREEN} 7.${NC} 更新所有自定义包"
+    echo -e "${GREEN} 8.${NC} 更新特定的自定义包"
+    echo -e "${GREEN} 9.${NC} 更新 OpenWrt 源码 (git pull)"
+    echo -e "${GREEN}10.${NC} 更新并安装 Feeds"
+    echo -e "-------------------------------------"
+    echo -e "${GREEN} 0.${NC} 退出脚本"
+    echo -e "${BLUE}====================================${NC}"
+    # 使用 read -p 提供提示
+    read -rp "请输入选项 [0-10]: " choice
+}
+
+# 打印并选择特定自定义包进行更新
+select_specific_package() {
+    local pkg_names=("${!CUSTOM_PACKAGES[@]}") # 获取所有包名
+    local num_packages=${#pkg_names[@]}
+
+    if [ "$num_packages" -eq 0 ]; then
+        log "WARN" "没有配置任何自定义包。"
+        return 1
+    fi
+
+    echo -e "\n${BLUE}--- 选择要更新的自定义包 ---${NC}"
+    local i=1
+    # 使用 sort 命令让包名按字母排序显示
+    local sorted_pkg_names=($(printf "%s\n" "${pkg_names[@]}" | sort))
+
+    for pkg_name in "${sorted_pkg_names[@]}"; do
+        echo -e " ${GREEN}$i.${NC} $pkg_name"
+        ((i++))
+    done
+    echo -e " ${GREEN}0.${NC} 返回主菜单"
+    echo -e "${BLUE}----------------------------${NC}"
+
+    local choice_pkg
+    read -rp "请输入包的序号 [0-$num_packages]: " choice_pkg
+
+    # 验证选择
+    if [[ ! "$choice_pkg" =~ ^[0-9]+$ ]]; then
+        log "ERROR" "无效输入，请输入数字。"
+        return 1
+    fi
+
+    if [ "$choice_pkg" -eq 0 ]; then
+        log "INFO" "返回主菜单。"
+        return 0 # 返回成功，表示正常退出选择
+    elif [ "$choice_pkg" -ge 1 ] && [ "$choice_pkg" -le "$num_packages" ]; then
+        local selected_pkg=${sorted_pkg_names[$((choice_pkg-1))]}
+        log "INFO" "选择更新包: $selected_pkg"
+        update_specific_package "$selected_pkg" # 调用更新函数
+        return $? # 返回更新函数的执行结果
+    else
+        log "ERROR" "无效的选择序号: $choice_pkg"
+        return 1
+    fi
+}
+
+#---------------主函数---------------#
+main() {
+    # 0. 设置颜色变量
+    setup_colors
+
+    # 1. 初始化日志系统 (会进行第一次输出重定向)
+    init_logger || exit 1 # 初始化失败则退出
+
+    # 2. 检查运行环境和依赖
+    log "INFO" "检查运行环境..."
+    local dep_missing=false
+    if [ ! -f "Makefile" ] || [ ! -d "scripts" ] || [ ! -d ".git" ]; then
+        log "ERROR" "脚本必须在 OpenWrt 源码的根目录下运行 (需要存在 Makefile, scripts, .git)。"
+        dep_missing=true
+    fi
+    for cmd in git make nproc tee cut dirname mkdir rm git date printf sort read; do
+        if ! command -v "$cmd" &> /dev/null; then
+            log "ERROR" "缺少必要的系统命令: $cmd"
+            dep_missing=true
+        fi
+    done
+     if [ "$dep_missing" = true ]; then
+        log "ERROR" "环境或依赖检查失败，请修正后重试。"
+        # 恢复原始输出，避免后续可能的错误信息无法显示
+        exec >&$STDOUT_ORIG
+        exec 2>&$STDERR_ORIG
+        exit 1
+    fi
+    log "INFO" "环境检查通过。"
+
+    # 记录脚本启动信息
+    log "INFO" "${BOLD}OpenWrt 构建管理脚本已启动${NC}"
+    log "INFO" "PID: $$"
+    log "INFO" "会话日志目录: $SESSION_DIR"
+
+    # 3. 主菜单循环
+    local choice # 提前声明 choice
+    while true; do
+        print_menu # 显示菜单并获取输入到 choice 变量
+        log "DEBUG" "用户选择了: $choice" # 记录用户选择
+
+        # 根据选择执行操作
+        case $choice in
+            1) full_build ;;
+            2) clean_workspace ;;
+            3) update_all_components ;;
+            4) clean_packages ;;
+            5) build_firmware ;;
+            6) menuconfig ;;
+            7) update_custom_package ;;
+            8) select_specific_package ;;
+            9) update_source ;;
+            10) update_feeds ;;
+            0)
+                log "INFO" "收到退出命令，正在退出脚本..."
+                # 恢复原始输出流 (好习惯)
+                exec >&$STDOUT_ORIG
+                exec 2>&$STDERR_ORIG
+                echo -e "${GREEN}脚本已退出。${NC}"
+                exit 0
+                ;;
+            *)
+                log "WARN" "无效的选项: '$choice'，请输入 0 到 10 之间的数字。"
+                ;;
+        esac
+
+        local last_exit_code=$? # 获取上一个命令的退出状态码
+        # 操作完成后暂停，给用户查看结果的时间
+        if [[ $choice != 0 ]]; then
+            if [ $last_exit_code -eq 0 ]; then
+                echo -e "\n${GREEN}操作 '$choice' 执行完成。${NC}"
+            else
+                 echo -e "\n${RED}操作 '$choice' 执行时遇到错误 (退出码: $last_exit_code)。${NC}"
+            fi
+             echo -e "${YELLOW}按 Enter 键返回主菜单...${NC}"
+             read -r # 等待用户按回车
+        fi
+    done
+}
+
+#---------------脚本入口---------------#
+# 将所有主逻辑放入 main 函数，并在最后调用它
+# "$@" 将所有命令行参数传递给 main 函数 (虽然本脚本目前未使用)
+main "$@"

feeds.conf.default

@@ -1,4 +1,4 @@
-src-git-full packages https://github.com/immortalwrt/packages.git^b5f328296fa427a8bf4bc7e42a51a08b5897af9e
-src-git-full luci https://github.com/immortalwrt/luci.git^4094fcb084b71d625d538c0c98e72b15347282f2
-src-git-full routing https://github.com/openwrt/routing.git^0621622dc5653127f5656010905f71daebf85ad0
-src-git-full telephony https://github.com/openwrt/telephony.git^920fbc5c0a2e4badf51bceff42e9a1e3eb693462
+src-git-full packages https://github.com/immortalwrt/packages.git;openwrt-21.02
+src-git-full luci https://github.com/immortalwrt/luci.git;openwrt-21.02
+src-git-full routing https://github.com/openwrt/routing.git;openwrt-21.02
+src-git-full telephony https://github.com/openwrt/telephony.git;openwrt-21.02

include/download.mk

@@ -203,7 +203,7 @@ define DownloadMethod/rawgit
 	cd $(TMP_DIR)/dl && \
 	rm -rf $(SUBDIR) && \
 	[ \! -d $(SUBDIR) ] && \
-	git clone $(OPTS) $(URL) $(SUBDIR) && \
+	git clone --filter=blob:none $(OPTS) $(URL) $(SUBDIR) && \
 	(cd $(SUBDIR) && git checkout $(VERSION) && \
 	git submodule update --init --recursive) && \
 	echo "Packing checkout..." && \

include/image-commands.mk

@@ -338,6 +338,13 @@ define Build/qemu-image
 	fi
 endef
 
+define Build/qsdk-ipq-factory-mmc
+	$(TOPDIR)/scripts/mkits-qsdk-ipq-image.sh \
+		$@.its kernel $(IMAGE_KERNEL) rootfs $(IMAGE_ROOTFS)
+	PATH=$(LINUX_DIR)/scripts/dtc:$(PATH) mkimage -f $@.its $@.new
+	@mv $@.new $@
+endef
+
 define Build/qsdk-ipq-factory-nand
 	$(TOPDIR)/scripts/mkits-qsdk-ipq-image.sh \
 		$@.its ubi $@

include/kernel-5.4

@@ -1,2 +1,2 @@
-LINUX_VERSION-5.4 = .230
-LINUX_KERNEL_HASH-5.4.230 = a74fd32ccc1025b72f3ba7183208761f7c6190fb96e8f484f6d543a5a183e62f
+LINUX_VERSION-5.4 = .255
+LINUX_KERNEL_HASH-5.4.255 = 34d5ed902f47d90f27b9d5d6b8db0d3fa660834111f9452e166d920968a4a061

include/version.mk

@@ -23,13 +23,13 @@ PKG_CONFIG_DEPENDS += \
 sanitize = $(call tolower,$(subst _,-,$(subst $(space),-,$(1))))
 
 VERSION_NUMBER:=$(call qstrip,$(CONFIG_VERSION_NUMBER))
-VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),21.02.4)
+VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),21.02-SNAPSHOT)
 
 VERSION_CODE:=$(call qstrip,$(CONFIG_VERSION_CODE))
-VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r19892-a6dce2ceb7)
+VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),$(REVISION))
 
 VERSION_REPO:=$(call qstrip,$(CONFIG_VERSION_REPO))
-VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),https://downloads.immortalwrt.org/releases/21.02.4)
+VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),https://downloads.immortalwrt.org/releases/21.02-SNAPSHOT)
 
 VERSION_DIST:=$(call qstrip,$(CONFIG_VERSION_DIST))
 VERSION_DIST:=$(if $(VERSION_DIST),$(VERSION_DIST),ImmortalWrt)

package/Makefile

@@ -92,6 +92,10 @@ $(curdir)/index: FORCE
 			$(call ERROR_MESSAGE,WARNING: Applying padding in $$d/Packages to workaround usign SHA-512 bug!); \
 			{ echo ""; echo ""; } >> Packages;; \
 		esac; \
+		echo -n '{"architecture": "$(ARCH_PACKAGES)", "packages":{' > index.json; \
+		sed -n -e 's/^Package: \(.*\)$$/"\1":/p' -e 's/^Version: \(.*\)$$/"\1",/p' Packages | tr '\n' ' ' >> index.json; \
+		echo '}}' >> index.json; \
+		sed -i 's/, }}/}}/' index.json; \
 		gzip -9nc Packages > Packages.gz; \
 	); done
 ifdef CONFIG_SIGNED_PACKAGES

package/base-files/Makefile

@@ -23,6 +23,7 @@ PKG_LICENSE:=GPL-2.0
 PKG_CONFIG_DEPENDS += \
 	CONFIG_SIGNED_PACKAGES CONFIG_TARGET_INIT_PATH CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE \
 	CONFIG_NAND_SUPPORT \
+	CONFIG_EMMC_SUPPORT \
 	CONFIG_CLEAN_IPKG \
 	CONFIG_PER_FEED_REPO \
 	$(foreach feed,$(FEEDS_AVAILABLE),CONFIG_FEED_$(feed))
@@ -124,10 +125,18 @@ ifeq ($(CONFIG_NAND_SUPPORT),)
   endef
 endif
 
+ifeq ($(CONFIG_EMMC_SUPPORT),)
+  define Package/base-files/emmc-support
+	rm -f $(1)/lib/upgrade/emmc.sh
+  endef
+endif
+
+
 define Package/base-files/install
 	$(CP) ./files/* $(1)/
 	$(Package/base-files/install-key)
 	$(Package/base-files/nand-support)
+	$(Package/base-files/emmc-support)
 	if [ -d $(GENERIC_PLATFORM_DIR)/base-files/. ]; then \
 		$(CP) $(GENERIC_PLATFORM_DIR)/base-files/* $(1)/; \
 	fi

package/base-files/files/bin/config_generate

@@ -49,6 +49,7 @@ generate_static_network() {
 			uci -q batch <<-EOF
 				delete network.globals
 				set network.globals='globals'
+				set network.globals.ula_prefix='auto'
 			EOF
 		}
 

package/base-files/files/lib/functions.sh

@@ -313,6 +313,25 @@ find_mtd_part() {
 	echo "${INDEX:+$PREFIX$INDEX}"
 }
 
+find_mmc_part() {
+	local DEVNAME PARTNAME ROOTDEV
+
+	if grep -q "$1" /proc/mtd; then
+		echo "" && return 0
+	fi
+
+	if [ -n "$2" ]; then
+		ROOTDEV="$2"
+	else
+		ROOTDEV="mmcblk*"
+	fi
+
+	for DEVNAME in /sys/block/$ROOTDEV/mmcblk*p*; do
+		PARTNAME="$(grep PARTNAME ${DEVNAME}/uevent | cut -f2 -d'=')"
+		[ "$PARTNAME" = "$1" ] && echo "/dev/$(basename $DEVNAME)" && return 0
+	done
+}
+
 group_add() {
 	local name="$1"
 	local gid="$2"

package/base-files/files/lib/functions/caldata.sh

@@ -48,6 +48,19 @@ caldata_extract_ubi() {
 		caldata_die "failed to extract calibration data from $ubi"
 }
 
+caldata_extract_mmc() {
+	local part=$1
+	local offset=$(($2))
+	local count=$(($3))
+	local mmc_part
+
+	mmc_part=$(find_mmc_part $part)
+	[ -n "$mmc_part" ] || caldata_die "no mmc partition found for partition $part"
+
+	caldata_dd $mmc_part /lib/firmware/$FIRMWARE $count $offset || \
+		caldata_die "failed to extract calibration data from $mmc_part"
+}
+
 caldata_extract_reverse() {
 	local part=$1
 	local offset=$2

package/base-files/files/lib/functions/system.sh

@@ -135,6 +135,15 @@ mtd_get_part_size() {
 	done < /proc/mtd
 }
 
+mmc_get_mac_binary() {
+	local part_name="$1"
+	local offset="$2"
+	local part
+
+	part=$(find_mmc_part "$part_name")
+	get_mac_binary "$part" "$offset"
+}
+
 macaddr_add() {
 	local mac=$1
 	local val=$2
@@ -145,6 +154,14 @@ macaddr_add() {
 	echo $oui:$nic
 }
 
+macaddr_generate_from_mmc_cid() {
+	local mmc_dev=$1
+
+	local sd_hash=$(sha256sum /sys/class/block/$mmc_dev/device/cid)
+	local mac_base=$(macaddr_canonicalize "$(echo "${sd_hash}" | dd bs=1 count=12 2>/dev/null)")
+	echo "$(macaddr_unsetbit_mc "$(macaddr_setbit_la "${mac_base}")")"
+}
+
 macaddr_geteui() {
 	local mac=$1
 	local sep=$2

package/base-files/files/lib/upgrade/common.sh

@@ -135,6 +135,30 @@ get_magic_fat32() {
 	(get_image "$@" | dd bs=1 count=5 skip=82) 2>/dev/null
 }
 
+identify_magic_long() {
+	local magic=$1
+	case "$magic" in
+		"55424923")
+			echo "ubi"
+			;;
+		"31181006")
+			echo "ubifs"
+			;;
+		"68737173")
+			echo "squashfs"
+			;;
+		"d00dfeed")
+			echo "fit"
+			;;
+		"4349"*)
+			echo "combined"
+			;;
+		*)
+			echo "unknown $magic"
+			;;
+	esac
+}
+
 part_magic_efi() {
 	local magic=$(get_magic_gpt "$@")
 	[ "$magic" = "EFI PART" ]

package/base-files/files/lib/upgrade/emmc.sh

@@ -0,0 +1,67 @@
+# Copyright (C) 2021 OpenWrt.org
+#
+
+. /lib/functions.sh
+
+emmc_upgrade_tar() {
+	local tar_file="$1"
+	[ "$CI_KERNPART" -a -z "$EMMC_KERN_DEV" ] && export EMMC_KERN_DEV="$(find_mmc_part $CI_KERNPART $CI_ROOTDEV)"
+	[ "$CI_ROOTPART" -a -z "$EMMC_ROOT_DEV" ] && export EMMC_ROOT_DEV="$(find_mmc_part $CI_ROOTPART $CI_ROOTDEV)"
+	[ "$CI_DATAPART" -a -z "$EMMC_DATA_DEV" ] && export EMMC_DATA_DEV="$(find_mmc_part $CI_DATAPART $CI_ROOTDEV)"
+	local has_kernel
+	local has_rootfs
+	local board_dir=$(tar tf "$tar_file" | grep -m 1 '^sysupgrade-.*/$')
+	board_dir=${board_dir%/}
+
+	tar tf "$tar_file" ${board_dir}/kernel 1>/dev/null 2>/dev/null && has_kernel=1
+	tar tf "$tar_file" ${board_dir}/root 1>/dev/null 2>/dev/null && has_rootfs=1
+
+	[ "$has_kernel" = 1 -a "$EMMC_KERN_DEV" ] &&
+		export EMMC_KERNEL_BLOCKS=$(($(tar xf "$tar_file" ${board_dir}/kernel -O | dd of="$EMMC_KERN_DEV" bs=512 2>&1 | grep "records out" | cut -d' ' -f1)))
+
+	[ "$has_rootfs" = 1 -a "$EMMC_ROOT_DEV" ] && {
+		export EMMC_ROOTFS_BLOCKS=$(($(tar xf "$tar_file" ${board_dir}/root -O | dd of="$EMMC_ROOT_DEV" bs=512 2>&1 | grep "records out" | cut -d' ' -f1)))
+		# Account for 64KiB ROOTDEV_OVERLAY_ALIGN in libfstools
+		EMMC_ROOTFS_BLOCKS=$(((EMMC_ROOTFS_BLOCKS + 127) & ~127))
+	}
+
+	if [ -z "$UPGRADE_BACKUP" ]; then
+		if [ "$EMMC_DATA_DEV" ]; then
+			dd if=/dev/zero of="$EMMC_DATA_DEV" bs=512 count=8
+		elif [ "$EMMC_ROOTFS_BLOCKS" ]; then
+			dd if=/dev/zero of="$EMMC_ROOT_DEV" bs=512 seek=$EMMC_ROOTFS_BLOCKS count=8
+		elif [ "$EMMC_KERNEL_BLOCKS" ]; then
+			dd if=/dev/zero of="$EMMC_KERN_DEV" bs=512 seek=$EMMC_KERNEL_BLOCKS count=8
+		fi
+	fi
+}
+
+emmc_upgrade_fit() {
+	local fit_file="$1"
+	[ "$CI_KERNPART" -a -z "$EMMC_KERN_DEV" ] && export EMMC_KERN_DEV="$(find_mmc_part $CI_KERNPART $CI_ROOTDEV)"
+
+	if [ "$EMMC_KERN_DEV" ]; then
+		export EMMC_KERNEL_BLOCKS=$(($(get_image "$fit_file" | fwtool -i /dev/null -T - | dd of="$EMMC_KERN_DEV" bs=512 2>&1 | grep "records out" | cut -d' ' -f1)))
+
+		[ -z "$UPGRADE_BACKUP" ] && dd if=/dev/zero of="$EMMC_KERN_DEV" bs=512 seek=$EMMC_KERNEL_BLOCKS count=8
+	fi
+}
+
+emmc_copy_config() {
+	if [ "$EMMC_DATA_DEV" ]; then
+		dd if="$UPGRADE_BACKUP" of="$EMMC_DATA_DEV" bs=512
+	elif [ "$EMMC_ROOTFS_BLOCKS" ]; then
+		dd if="$UPGRADE_BACKUP" of="$EMMC_ROOT_DEV" bs=512 seek=$EMMC_ROOTFS_BLOCKS
+	elif [ "$EMMC_KERNEL_BLOCKS" ]; then
+		dd if="$UPGRADE_BACKUP" of="$EMMC_KERN_DEV" bs=512 seek=$EMMC_KERNEL_BLOCKS
+	fi
+}
+
+emmc_do_upgrade() {
+	local file_type=$(identify_magic_long "$(get_magic_long "$1")")
+
+	case "$file_type" in
+		"fit")  emmc_upgrade_fit $1;;
+		*)      emmc_upgrade_tar $1;;
+	esac
+}

package/base-files/files/lib/upgrade/nand.sh

@@ -63,37 +63,12 @@ get_magic_long_tar() {
 	( tar xf $1 $2 -O | dd bs=4 count=1 | hexdump -v -n 4 -e '1/1 "%02x"') 2> /dev/null
 }
 
-identify_magic() {
-	local magic=$1
-	case "$magic" in
-		"55424923")
-			echo "ubi"
-			;;
-		"31181006")
-			echo "ubifs"
-			;;
-		"68737173")
-			echo "squashfs"
-			;;
-		"d00dfeed")
-			echo "fit"
-			;;
-		"4349"*)
-			echo "combined"
-			;;
-		*)
-			echo "unknown $magic"
-			;;
-	esac
-}
-
-
 identify() {
-	identify_magic $(nand_get_magic_long "$1" "${2:-0}")
+	identify_magic_long $(nand_get_magic_long "$1" "${2:-0}")
 }
 
 identify_tar() {
-	identify_magic $(get_magic_long_tar "$1" "$2")
+	identify_magic_long $(get_magic_long_tar "$1" "$2")
 }
 
 nand_restore_config() {

package/base-files/image-config.in

@@ -183,7 +183,7 @@ if VERSIONOPT
 	config VERSION_REPO
 		string
 		prompt "Release repository"
-		default "https://downloads.immortalwrt.org/releases/21.02.4"
+		default "https://downloads.immortalwrt.org/releases/21.02-SNAPSHOT"
 		help
 			This is the repository address embedded in the image, it defaults
 			to the trunk snapshot repo; the url may contain the following placeholders:
@@ -259,7 +259,7 @@ if VERSIONOPT
 	config VERSION_CODE_FILENAMES
 		bool
 		prompt "Revision code in filenames"
-		default n
+		default y
 		help
 			Enable this to include the revision identifier or the configured
 			version code into the firmware image, SDK- and Image Builder archive

package/boot/at91bootstrap/Makefile

@@ -10,6 +10,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=at91bootstrap
 PKG_VERSION:=v3.9.3
+PKG_CPE_ID:=cpe:/a:linux4sam:at91bootstrap
 PKG_RELEASE:=2
 
 PKG_SOURCE_PROTO:=git

package/boot/uboot-bcm4908/Makefile

@@ -7,9 +7,9 @@ PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://git.openwrt.org/project/bcm63xx/u-boot.git
-PKG_SOURCE_DATE:=2022-03-15
-PKG_SOURCE_VERSION:=0625aad74d1f5b6f9c068955ad3fd7f6df635e50
-PKG_MIRROR_HASH:=0602e0e4f101ead206940eccca832b75191905c1e81290340a89b07dbee7a6ce
+PKG_SOURCE_DATE:=2022-12-08
+PKG_SOURCE_VERSION:=4435700d18a791dca0d8d767e5414dfac9df4451
+PKG_MIRROR_HASH:=6062ce611d7222eb3b9768bb4944ff1c7bcf26b997280adf5ea8d7afe83f28a8
 
 include $(INCLUDE_DIR)/u-boot.mk
 include $(INCLUDE_DIR)/package.mk

package/boot/uboot-envtools/Makefile

@@ -61,6 +61,7 @@ MAKE_FLAGS += \
 define Package/uboot-envtools/conffiles
 /etc/config/ubootenv
 /etc/fw_env.config
+/etc/fw_sys.config
 endef
 
 define Package/uboot-envtools/install

package/boot/uboot-envtools/files/ipq806x

@@ -31,6 +31,9 @@ ubootenv_mtdinfo () {
 }
 
 case "$board" in
+askey,rt4230w-rev6)
+	ubootenv_add_uci_config "/dev/mtd9" "0x0" "0x40000" "0x20000"
+	;;
 edgecore,ecw5410)
 	ubootenv_add_uci_config "/dev/mtd11" "0x0" "0x10000" "0x10000"
 	;;

package/boot/uboot-envtools/files/ramips

@@ -47,7 +47,9 @@ zte,mf283plus)
 h3c,tx1800-plus|\
 h3c,tx1801-plus|\
 h3c,tx1806|\
-jcg,q20)
+jcg,q20|\
+jcg,q20-lzma-loader|\
+jcg,q20-pb-boot)
 	ubootenv_add_uci_config "/dev/mtd1" "0x0" "0x20000" "0x20000"
 	;;
 hootoo,ht-tm05|\

package/boot/uboot-envtools/files/realtek

@@ -18,15 +18,21 @@ zyxel,gs1900-10hp)
 	idx="$(find_mtd_index u-boot-env)"
 	[ -n "$idx" ] && \
 		ubootenv_add_uci_config "/dev/mtd$idx" "0x0" "0x400" "0x10000"
+	idx2="$(find_mtd_index u-boot-env2)"
+	[ -n "$idx2" ] && \
+		ubootenv_add_uci_sys_config "/dev/mtd$idx2" "0x0" "0x1000" "0x10000"
 	;;
 *)
 	idx="$(find_mtd_index u-boot-env)"
 	[ -n "$idx" ] && \
 		ubootenv_add_uci_config "/dev/mtd$idx" "0x0" "0x10000" "0x10000"
+	idx2="$(find_mtd_index u-boot-env2)"
+	[ -n "$idx2" ] && \
+		ubootenv_add_uci_sys_config "/dev/mtd$idx2" "0x0" "0x1000" "0x10000"
 	;;
 esac
 
 config_load ubootenv
-config_foreach ubootenv_add_app_config ubootenv
+config_foreach ubootenv_add_app_config
 
 exit 0

package/boot/uboot-envtools/files/uboot-envtools.sh

@@ -3,34 +3,44 @@
 # Copyright (C) 2011-2012 OpenWrt.org
 #
 
-ubootenv_add_uci_config() {
-	local dev=$1
-	local offset=$2
-	local envsize=$3
-	local secsize=$4
-	local numsec=$5
+_ubootenv_add_uci_config() {
+	local cfgtype=$1
+	local dev=$2
+	local offset=$3
+	local envsize=$4
+	local secsize=$5
+	local numsec=$6
 	uci batch <<EOF
-add ubootenv ubootenv
-set ubootenv.@ubootenv[-1].dev='$dev'
-set ubootenv.@ubootenv[-1].offset='$offset'
-set ubootenv.@ubootenv[-1].envsize='$envsize'
-set ubootenv.@ubootenv[-1].secsize='$secsize'
-set ubootenv.@ubootenv[-1].numsec='$numsec'
+add ubootenv $cfgtype
+set ubootenv.@$cfgtype[-1].dev='$dev'
+set ubootenv.@$cfgtype[-1].offset='$offset'
+set ubootenv.@$cfgtype[-1].envsize='$envsize'
+set ubootenv.@$cfgtype[-1].secsize='$secsize'
+set ubootenv.@$cfgtype[-1].numsec='$numsec'
 EOF
 	uci commit ubootenv
 }
 
+ubootenv_add_uci_config() {
+	_ubootenv_add_uci_config "ubootenv" "$@"
+}
+
+ubootenv_add_uci_sys_config() {
+	_ubootenv_add_uci_config "ubootsys" "$@"
+}
+
 ubootenv_add_app_config() {
+	local cfgtype
 	local dev
 	local offset
 	local envsize
 	local secsize
 	local numsec
+	config_get cfgtype "$1" TYPE
 	config_get dev "$1" dev
 	config_get offset "$1" offset
 	config_get envsize "$1" envsize
 	config_get secsize "$1" secsize
 	config_get numsec "$1" numsec
-	grep -q "^[[:space:]]*${dev}[[:space:]]*${offset}" /etc/fw_env.config || echo "$dev $offset $envsize $secsize $numsec" >>/etc/fw_env.config
+	grep -q "^[[:space:]]*${dev}[[:space:]]*${offset}" "/etc/fw_${cfgtype#uboot}.config" || echo "$dev $offset $envsize $secsize $numsec" >>"/etc/fw_${cfgtype#uboot}.config"
 }
-

package/boot/uboot-rockchip/Makefile

@@ -72,6 +72,18 @@ define U-Boot/orangepi-r1-plus-lts-rk3328
   USE_RKBIN:=1
 endef
 
+define U-Boot/roc-cc-rk3328
+  BUILD_SUBTARGET:=armv8
+  NAME:=ROC-RK3328-CC
+  BUILD_DEVICES:= \
+    firefly_roc-rk3328-cc
+  DEPENDS:=+PACKAGE_u-boot-roc-cc-rk3328:arm-trusted-firmware-rk3328
+  PKG_BUILD_DEPENDS:=arm-trusted-firmware-rockchip-vendor
+  ATF:=rk322xh_bl31_v1.46.elf
+  OF_PLATDATA:=$(1)
+  USE_RKBIN:=1
+endef
+
 
 # RK3399 boards
 
@@ -86,6 +98,17 @@ define U-Boot/nanopi-r4s-rk3399
   USE_RKBIN:=1
 endef
 
+define U-Boot/nanopi-r4se-rk3399
+  BUILD_SUBTARGET:=armv8
+  NAME:=NanoPi R4SE
+  BUILD_DEVICES:= \
+    friendlyarm_nanopi-r4se
+  DEPENDS:=+PACKAGE_u-boot-nanopi-r4se-rk3399:arm-trusted-firmware-rk3399
+  PKG_BUILD_DEPENDS:=arm-trusted-firmware-rockchip-vendor
+  ATF:=rk3399_bl31_v1.35.elf
+  USE_RKBIN:=1
+endef
+
 define U-Boot/rock-pi-4-rk3399
   BUILD_SUBTARGET:=armv8
   NAME:=Rock Pi 4
@@ -108,12 +131,14 @@ endef
 
 UBOOT_TARGETS := \
   nanopi-r4s-rk3399 \
+  nanopi-r4se-rk3399 \
   rock-pi-4-rk3399 \
   rockpro64-rk3399 \
   nanopi-r2c-rk3328 \
   nanopi-r2s-rk3328 \
   orangepi-r1-plus-rk3328 \
-  orangepi-r1-plus-lts-rk3328
+  orangepi-r1-plus-lts-rk3328 \
+  roc-cc-rk3328
 
 UBOOT_CONFIGURE_VARS += USE_PRIVATE_LIBGCC=yes
 

package/boot/uboot-rockchip/patches/101-rock64pro-disable-CONFIG_USE_PREBOOT.patch

@@ -17,9 +17,9 @@ Signed-off-by: Marty Jones <mj8263788@gmail.com>
 
 --- a/configs/rockpro64-rk3399_defconfig
 +++ b/configs/rockpro64-rk3399_defconfig
-@@ -12,7 +12,6 @@ CONFIG_SPL_SPI_FLASH_SUPPORT=y
+@@ -12,7 +12,6 @@ CONFIG_DEBUG_UART_CLOCK=24000000
+ CONFIG_SPL_SPI_FLASH_SUPPORT=y
  CONFIG_SPL_SPI_SUPPORT=y
- CONFIG_DEFAULT_DEVICE_TREE="rk3399-rockpro64"
  CONFIG_DEBUG_UART=y
 -CONFIG_USE_PREBOOT=y
  CONFIG_DEFAULT_FDT_FILE="rockchip/rk3399-rockpro64.dtb"

package/boot/uboot-rockchip/patches/200-rockchip-rk3328-Add-support-for-Orangepi-R1-Plus.patch

@@ -10,7 +10,7 @@
  	rk3328-rock-pi-e.dtb
 --- /dev/null
 +++ b/arch/arm/dts/rk3328-orangepi-r1-plus-u-boot.dtsi
-@@ -0,0 +1,1 @@
+@@ -0,0 +1 @@
 +#include "rk3328-nanopi-r2s-u-boot.dtsi"
 --- /dev/null
 +++ b/arch/arm/dts/rk3328-orangepi-r1-plus.dts
@@ -55,7 +55,7 @@
 +};
 --- a/board/rockchip/evb_rk3328/MAINTAINERS
 +++ b/board/rockchip/evb_rk3328/MAINTAINERS
-@@ -12,6 +12,13 @@ F:      configs/nanopi-r2s-rk3328_defconfig
+@@ -12,6 +12,13 @@ F:      configs/nanopi-r2s-rk3328_defcon
  F:      arch/arm/dts/rk3328-nanopi-r2s-u-boot.dtsi
  F:      arch/arm/dts/rk3328-nanopi-r2s.dts
  

package/boot/uboot-rockchip/patches/201-rockchip-rk3328-Add-support-for-FriendlyARM-NanoPi-R.patch

@@ -1,5 +1,3 @@
-diff --git a/arch/arm/dts/Makefile b/arch/arm/dts/Makefile
-index d3e89ca3ba..d5f64ac432 100644
 --- a/arch/arm/dts/Makefile
 +++ b/arch/arm/dts/Makefile
 @@ -108,6 +108,7 @@ dtb-$(CONFIG_ROCKCHIP_RK3308) += \
@@ -10,9 +8,6 @@ index d3e89ca3ba..d5f64ac432 100644
  	rk3328-nanopi-r2s.dtb \
  	rk3328-orangepi-r1-plus.dtb \
  	rk3328-roc-cc.dtb \
-diff --git a/arch/arm/dts/rk3328-nanopi-r2c-u-boot.dtsi b/arch/arm/dts/rk3328-nanopi-r2c-u-boot.dtsi
-new file mode 100644
-index 0000000000..c2e86d0f0e
 --- /dev/null
 +++ b/arch/arm/dts/rk3328-nanopi-r2c-u-boot.dtsi
 @@ -0,0 +1,7 @@
@@ -23,9 +18,6 @@ index 0000000000..c2e86d0f0e
 + */
 +
 +#include "rk3328-nanopi-r2s-u-boot.dtsi"
-diff --git a/arch/arm/dts/rk3328-nanopi-r2c.dts b/arch/arm/dts/rk3328-nanopi-r2c.dts
-new file mode 100644
-index 0000000000..adf91a0306
 --- /dev/null
 +++ b/arch/arm/dts/rk3328-nanopi-r2c.dts
 @@ -0,0 +1,47 @@
@@ -76,9 +68,6 @@ index 0000000000..adf91a0306
 +&wan_led {
 +	label = "nanopi-r2c:green:wan";
 +};
-diff --git a/configs/nanopi-r2c-rk3328_defconfig b/configs/nanopi-r2c-rk3328_defconfig
-new file mode 100644
-index 0000000000..7bc7a3274f
 --- /dev/null
 +++ b/configs/nanopi-r2c-rk3328_defconfig
 @@ -0,0 +1,98 @@

package/boot/uboot-rockchip/patches/203-rockchip-rk3399-Add-support-for-FriendlyARM-NanoPi-R.patch

@@ -0,0 +1,101 @@
+--- a/arch/arm/dts/Makefile
++++ b/arch/arm/dts/Makefile
+@@ -137,6 +137,7 @@ dtb-$(CONFIG_ROCKCHIP_RK3399) += \
+ 	rk3399-nanopi-m4b.dtb \
+ 	rk3399-nanopi-neo4.dtb \
+ 	rk3399-nanopi-r4s.dtb \
++	rk3399-nanopi-r4se.dtb \
+ 	rk3399-orangepi.dtb \
+ 	rk3399-pinebook-pro.dtb \
+ 	rk3399-puma-haikou.dtb \
+--- /dev/null
++++ b/arch/arm/dts/rk3399-nanopi-r4se-u-boot.dtsi
+@@ -0,0 +1,3 @@
++// SPDX-License-Identifier: GPL-2.0-or-later OR MIT
++
++#include "rk3399-nanopi-r4s-u-boot.dtsi"
+--- /dev/null
++++ b/arch/arm/dts/rk3399-nanopi-r4se.dts
+@@ -0,0 +1,17 @@
++// SPDX-License-Identifier: GPL-2.0-or-later OR MIT)
++
++/dts-v1/;
++#include "rk3399-nanopi-r4s.dts"
++
++/ {
++	model = "FriendlyElec NanoPi R4SE";
++	compatible = "friendlyarm,nanopi-r4se", "rockchip,rk3399";
++};
++
++&emmc_phy {
++	status = "okay";
++};
++
++&sdhci {
++	status = "okay";
++};
+--- /dev/null
++++ b/configs/nanopi-r4se-rk3399_defconfig
+@@ -0,0 +1,62 @@
++CONFIG_ARM=y
++CONFIG_ARCH_ROCKCHIP=y
++CONFIG_SYS_TEXT_BASE=0x00200000
++CONFIG_NR_DRAM_BANKS=1
++CONFIG_ENV_OFFSET=0x3F8000
++CONFIG_DEFAULT_DEVICE_TREE="rk3399-nanopi-r4se"
++CONFIG_ROCKCHIP_RK3399=y
++CONFIG_TARGET_EVB_RK3399=y
++CONFIG_DEBUG_UART_BASE=0xFF1A0000
++CONFIG_DEBUG_UART_CLOCK=24000000
++CONFIG_DEBUG_UART=y
++CONFIG_DEFAULT_FDT_FILE="rockchip/rk3399-nanopi-r4se.dtb"
++CONFIG_DISPLAY_BOARDINFO_LATE=y
++# CONFIG_SPL_RAW_IMAGE_SUPPORT is not set
++CONFIG_SPL_STACK_R=y
++CONFIG_SPL_STACK_R_MALLOC_SIMPLE_LEN=0x10000
++CONFIG_TPL=y
++CONFIG_CMD_BOOTZ=y
++CONFIG_CMD_GPT=y
++CONFIG_CMD_MMC=y
++CONFIG_CMD_USB=y
++# CONFIG_CMD_SETEXPR is not set
++CONFIG_CMD_TIME=y
++CONFIG_SPL_OF_CONTROL=y
++CONFIG_OF_SPL_REMOVE_PROPS="pinctrl-0 pinctrl-names clock-names interrupt-parent assigned-clocks assigned-clock-rates assigned-clock-parents"
++CONFIG_ENV_IS_IN_MMC=y
++CONFIG_SYS_RELOC_GD_ENV_ADDR=y
++CONFIG_ROCKCHIP_GPIO=y
++CONFIG_SYS_I2C_ROCKCHIP=y
++CONFIG_MMC_DW=y
++CONFIG_MMC_DW_ROCKCHIP=y
++CONFIG_MMC_SDHCI=y
++CONFIG_MMC_SDHCI_ROCKCHIP=y
++CONFIG_DM_ETH=y
++CONFIG_ETH_DESIGNWARE=y
++CONFIG_GMAC_ROCKCHIP=y
++CONFIG_PMIC_RK8XX=y
++CONFIG_REGULATOR_PWM=y
++CONFIG_REGULATOR_RK8XX=y
++CONFIG_PWM_ROCKCHIP=y
++CONFIG_RAM_RK3399_LPDDR4=y
++CONFIG_BAUDRATE=1500000
++CONFIG_DEBUG_UART_SHIFT=2
++CONFIG_SYSRESET=y
++CONFIG_USB=y
++CONFIG_USB_XHCI_HCD=y
++CONFIG_USB_XHCI_DWC3=y
++CONFIG_USB_EHCI_HCD=y
++CONFIG_USB_EHCI_GENERIC=y
++CONFIG_USB_KEYBOARD=y
++CONFIG_USB_HOST_ETHER=y
++CONFIG_USB_ETHER_ASIX=y
++CONFIG_USB_ETHER_ASIX88179=y
++CONFIG_USB_ETHER_MCS7830=y
++CONFIG_USB_ETHER_RTL8152=y
++CONFIG_USB_ETHER_SMSC95XX=y
++CONFIG_DM_VIDEO=y
++CONFIG_DISPLAY=y
++CONFIG_VIDEO_ROCKCHIP=y
++CONFIG_DISPLAY_ROCKCHIP_HDMI=y
++CONFIG_SPL_TINY_MEMSET=y
++CONFIG_ERRNO_STR=y

package/boot/uboot-rockchip/src/of-platdata/roc-cc-rk3328/dt-decl.h

@@ -0,0 +1,24 @@
+/*
+ * DO NOT MODIFY
+ *
+ * Declares externs for all device/uclass instances.
+ * This was generated by dtoc from a .dtb (device tree binary) file.
+ */
+
+#include <dm/device-internal.h>
+#include <dm/uclass-internal.h>
+
+/* driver declarations - these allow DM_DRIVER_GET() to be used */
+extern U_BOOT_DRIVER(rockchip_rk3328_cru);
+extern U_BOOT_DRIVER(rockchip_rk3328_dmc);
+extern U_BOOT_DRIVER(rockchip_rk3288_dw_mshc);
+extern U_BOOT_DRIVER(rockchip_rk3288_dw_mshc);
+extern U_BOOT_DRIVER(ns16550_serial);
+extern U_BOOT_DRIVER(rockchip_rk3328_grf);
+
+/* uclass driver declarations - needed for DM_UCLASS_DRIVER_REF() */
+extern UCLASS_DRIVER(clk);
+extern UCLASS_DRIVER(mmc);
+extern UCLASS_DRIVER(ram);
+extern UCLASS_DRIVER(serial);
+extern UCLASS_DRIVER(syscon);

package/boot/uboot-rockchip/src/of-platdata/roc-cc-rk3328/dt-plat.c

@@ -0,0 +1,189 @@
+/*
+ * DO NOT MODIFY
+ *
+ * Declares the U_BOOT_DRIVER() records and platform data.
+ * This was generated by dtoc from a .dtb (device tree binary) file.
+ */
+
+/* Allow use of U_BOOT_DRVINFO() in this file */
+#define DT_PLAT_C
+
+#include <common.h>
+#include <dm.h>
+#include <dt-structs.h>
+
+/*
+ * driver_info declarations, ordered by 'struct driver_info' linker_list idx:
+ *
+ * idx  driver_info          driver
+ * ---  -------------------- --------------------
+ *   0: clock_controller_at_ff440000 rockchip_rk3328_cru
+ *   1: dmc                  rockchip_rk3328_dmc
+ *   2: mmc_at_ff500000      rockchip_rk3288_dw_mshc
+ *   3: mmc_at_ff520000      rockchip_rk3288_dw_mshc
+ *   4: serial_at_ff130000   ns16550_serial
+ *   5: syscon_at_ff100000   rockchip_rk3328_grf
+ * ---  -------------------- --------------------
+ */
+
+/*
+ * Node /clock-controller@ff440000 index 0
+ * driver rockchip_rk3328_cru parent None
+ */
+static struct dtd_rockchip_rk3328_cru dtv_clock_controller_at_ff440000 = {
+	.reg			= {0xff440000, 0x1000},
+	.rockchip_grf		= 0x3a,
+};
+U_BOOT_DRVINFO(clock_controller_at_ff440000) = {
+	.name		= "rockchip_rk3328_cru",
+	.plat		= &dtv_clock_controller_at_ff440000,
+	.plat_size	= sizeof(dtv_clock_controller_at_ff440000),
+	.parent_idx	= -1,
+};
+
+/*
+ * Node /dmc index 1
+ * driver rockchip_rk3328_dmc parent None
+ */
+static struct dtd_rockchip_rk3328_dmc dtv_dmc = {
+	.reg			= {0xff400000, 0x1000, 0xff780000, 0x3000, 0xff100000, 0x1000, 0xff440000, 0x1000,
+		0xff720000, 0x1000, 0xff798000, 0x1000},
+	.rockchip_sdram_params	= {0x1, 0xa, 0x2, 0x1, 0x0, 0x0, 0x11, 0x0,
+		0x11, 0x0, 0x0, 0x94291288, 0x0, 0x27, 0x462, 0x15,
+		0x242, 0xff, 0x14d, 0x0, 0x1, 0x0, 0x0, 0x0,
+		0x43049010, 0x64, 0x28003b, 0xd0, 0x20053, 0xd4, 0x220000, 0xd8,
+		0x100, 0xdc, 0x40000, 0xe0, 0x0, 0xe4, 0x110000, 0xe8,
+		0x420, 0xec, 0x400, 0xf4, 0xf011f, 0x100, 0x9060b06, 0x104,
+		0x20209, 0x108, 0x505040a, 0x10c, 0x40400c, 0x110, 0x5030206, 0x114,
+		0x3030202, 0x120, 0x3030b03, 0x124, 0x20208, 0x180, 0x1000040, 0x184,
+		0x0, 0x190, 0x7030003, 0x198, 0x5001100, 0x1a0, 0xc0400003, 0x240,
+		0x6000604, 0x244, 0x201, 0x250, 0xf00, 0x490, 0x1, 0xffffffff,
+		0xffffffff, 0xffffffff, 0xffffffff, 0x4, 0xc, 0x28, 0xa, 0x2c,
+		0x0, 0x30, 0x9, 0xffffffff, 0xffffffff, 0x77, 0x88, 0x79,
+		0x79, 0x87, 0x97, 0x87, 0x78, 0x77, 0x78, 0x87,
+		0x88, 0x87, 0x87, 0x77, 0x78, 0x78, 0x78, 0x78,
+		0x78, 0x78, 0x78, 0x78, 0x78, 0x69, 0x9, 0x77,
+		0x78, 0x77, 0x78, 0x77, 0x78, 0x77, 0x78, 0x77,
+		0x79, 0x9, 0x78, 0x78, 0x78, 0x78, 0x78, 0x78,
+		0x78, 0x78, 0x78, 0x69, 0x9, 0x77, 0x78, 0x77,
+		0x77, 0x77, 0x77, 0x77, 0x77, 0x77, 0x79, 0x9,
+		0x78, 0x78, 0x78, 0x78, 0x78, 0x78, 0x78, 0x78,
+		0x78, 0x69, 0x9, 0x77, 0x78, 0x77, 0x78, 0x77,
+		0x78, 0x77, 0x78, 0x77, 0x79, 0x9, 0x78, 0x78,
+		0x78, 0x78, 0x78, 0x78, 0x78, 0x78, 0x78, 0x69,
+		0x9, 0x77, 0x78, 0x77, 0x77, 0x77, 0x77, 0x77,
+		0x77, 0x77, 0x79, 0x9},
+};
+U_BOOT_DRVINFO(dmc) = {
+	.name		= "rockchip_rk3328_dmc",
+	.plat		= &dtv_dmc,
+	.plat_size	= sizeof(dtv_dmc),
+	.parent_idx	= -1,
+};
+
+/*
+ * Node /mmc@ff500000 index 2
+ * driver rockchip_rk3288_dw_mshc parent None
+ */
+static struct dtd_rockchip_rk3288_dw_mshc dtv_mmc_at_ff500000 = {
+	.bus_width		= 0x4,
+	.cap_mmc_highspeed	= true,
+	.cap_sd_highspeed	= true,
+	.clocks			= {
+			{0, {317}},
+			{0, {33}},
+			{0, {74}},
+			{0, {78}},},
+	.disable_wp		= true,
+	.fifo_depth		= 0x100,
+	.interrupts		= {0x0, 0xc, 0x4},
+	.max_frequency		= 0x8f0d180,
+	.pinctrl_0		= {0x47, 0x48, 0x49, 0x4a},
+	.pinctrl_names		= "default",
+	.reg			= {0xff500000, 0x4000},
+	.sd_uhs_sdr104		= true,
+	.sd_uhs_sdr12		= true,
+	.sd_uhs_sdr25		= true,
+	.sd_uhs_sdr50		= true,
+	.u_boot_spl_fifo_mode	= true,
+	.vmmc_supply		= 0x4b,
+	.vqmmc_supply		= 0x1e,
+};
+U_BOOT_DRVINFO(mmc_at_ff500000) = {
+	.name		= "rockchip_rk3288_dw_mshc",
+	.plat		= &dtv_mmc_at_ff500000,
+	.plat_size	= sizeof(dtv_mmc_at_ff500000),
+	.parent_idx	= -1,
+};
+
+/*
+ * Node /mmc@ff520000 index 3
+ * driver rockchip_rk3288_dw_mshc parent None
+ */
+static struct dtd_rockchip_rk3288_dw_mshc dtv_mmc_at_ff520000 = {
+	.bus_width		= 0x8,
+	.cap_mmc_highspeed	= true,
+	.clocks			= {
+			{0, {319}},
+			{0, {35}},
+			{0, {76}},
+			{0, {80}},},
+	.fifo_depth		= 0x100,
+	.interrupts		= {0x0, 0xe, 0x4},
+	.max_frequency		= 0x8f0d180,
+	.mmc_ddr_1_8v		= true,
+	.mmc_hs200_1_8v		= true,
+	.non_removable		= true,
+	.pinctrl_0		= {0x4c, 0x4d, 0x4e, 0x0},
+	.pinctrl_names		= "default",
+	.reg			= {0xff520000, 0x4000},
+	.u_boot_spl_fifo_mode	= true,
+	.vmmc_supply		= 0x1c,
+	.vqmmc_supply		= 0x1d,
+};
+U_BOOT_DRVINFO(mmc_at_ff520000) = {
+	.name		= "rockchip_rk3288_dw_mshc",
+	.plat		= &dtv_mmc_at_ff520000,
+	.plat_size	= sizeof(dtv_mmc_at_ff520000),
+	.parent_idx	= -1,
+};
+
+/*
+ * Node /serial@ff130000 index 4
+ * driver ns16550_serial parent None
+ */
+static struct dtd_ns16550_serial dtv_serial_at_ff130000 = {
+	.clock_frequency	= 0x16e3600,
+	.clocks			= {
+			{0, {40}},
+			{0, {212}},},
+	.dma_names		= {"tx", "rx"},
+	.dmas			= {0x10, 0x6, 0x10, 0x7},
+	.interrupts		= {0x0, 0x39, 0x4},
+	.pinctrl_0		= 0x26,
+	.pinctrl_names		= "default",
+	.reg			= {0xff130000, 0x100},
+	.reg_io_width		= 0x4,
+	.reg_shift		= 0x2,
+};
+U_BOOT_DRVINFO(serial_at_ff130000) = {
+	.name		= "ns16550_serial",
+	.plat		= &dtv_serial_at_ff130000,
+	.plat_size	= sizeof(dtv_serial_at_ff130000),
+	.parent_idx	= -1,
+};
+
+/*
+ * Node /syscon@ff100000 index 5
+ * driver rockchip_rk3328_grf parent None
+ */
+static struct dtd_rockchip_rk3328_grf dtv_syscon_at_ff100000 = {
+	.reg			= {0xff100000, 0x1000},
+};
+U_BOOT_DRVINFO(syscon_at_ff100000) = {
+	.name		= "rockchip_rk3328_grf",
+	.plat		= &dtv_syscon_at_ff100000,
+	.plat_size	= sizeof(dtv_syscon_at_ff100000),
+	.parent_idx	= -1,
+};
+

package/boot/uboot-rockchip/src/of-platdata/roc-cc-rk3328/dt-structs-gen.h

@@ -0,0 +1,55 @@
+/*
+ * DO NOT MODIFY
+ *
+ * Defines the structs used to hold devicetree data.
+ * This was generated by dtoc from a .dtb (device tree binary) file.
+ */
+
+#include <stdbool.h>
+#include <linux/libfdt.h>
+struct dtd_ns16550_serial {
+	fdt32_t		clock_frequency;
+	struct phandle_1_arg clocks[2];
+	const char *	dma_names[2];
+	fdt32_t		dmas[4];
+	fdt32_t		interrupts[3];
+	fdt32_t		pinctrl_0;
+	const char *	pinctrl_names;
+	fdt64_t		reg[2];
+	fdt32_t		reg_io_width;
+	fdt32_t		reg_shift;
+};
+struct dtd_rockchip_rk3288_dw_mshc {
+	fdt32_t		bus_width;
+	bool		cap_mmc_highspeed;
+	bool		cap_sd_highspeed;
+	struct phandle_1_arg clocks[4];
+	bool		disable_wp;
+	fdt32_t		fifo_depth;
+	fdt32_t		interrupts[3];
+	fdt32_t		max_frequency;
+	bool		mmc_ddr_1_8v;
+	bool		mmc_hs200_1_8v;
+	bool		non_removable;
+	fdt32_t		pinctrl_0[4];
+	const char *	pinctrl_names;
+	fdt64_t		reg[2];
+	bool		sd_uhs_sdr104;
+	bool		sd_uhs_sdr12;
+	bool		sd_uhs_sdr25;
+	bool		sd_uhs_sdr50;
+	bool		u_boot_spl_fifo_mode;
+	fdt32_t		vmmc_supply;
+	fdt32_t		vqmmc_supply;
+};
+struct dtd_rockchip_rk3328_cru {
+	fdt64_t		reg[2];
+	fdt32_t		rockchip_grf;
+};
+struct dtd_rockchip_rk3328_dmc {
+	fdt64_t		reg[12];
+	fdt32_t		rockchip_sdram_params[196];
+};
+struct dtd_rockchip_rk3328_grf {
+	fdt64_t		reg[2];
+};

package/emortal/autocore/Makefile

@@ -43,13 +43,16 @@ define Package/autocore/install/Default
 
 	$(INSTALL_DIR) $(1)/sbin
 	$(INSTALL_BIN) ./files/generic/cpuinfo $(1)/sbin/
-	$(INSTALL_BIN) ./files/generic/ethinfo $(1)/sbin/
 
 	$(INSTALL_DIR) $(1)/usr/share/rpcd/acl.d
 	$(CP) ./files/generic/luci-mod-status-autocore.json $(1)/usr/share/rpcd/acl.d/
 
+ifeq ($(filter ipq%, $(TARGETID)),)
+	$(INSTALL_BIN) ./files/generic/ethinfo $(1)/sbin/
+
 	$(INSTALL_DIR) $(1)/www/luci-static/resources/view/status/include
 	$(INSTALL_DATA) ./files/generic/21_ethinfo.js $(1)/www/luci-static/resources/view/status/include/
+endif
 endef
 
 define Package/autocore-arm/install

package/emortal/autocore/files/x86/autocore

@@ -22,18 +22,21 @@ start() {
 	uci set network.@globals[0].packet_steering="1"
 	uci commit network
 
-	for i in $(ip address | awk -F ': ' '/eth[0-9]+/ {print $2}' | xargs)
+	for i in $(ip address | awk -F ': ' '/eth[0-9]+/ {print $2}' | grep -v '@' | xargs)
 	do
-		{
-			ethtool -K "$i" rx-checksum on
-			ethtool -K "$i" tx-checksum-ip-generic on || {
-				ethtool -K "$i" tx-checksum-ipv4 on
-				ethtool -K "$i" tx-checksum-ipv6 on
-			}
-			ethtool -K "$i" tx-scatter-gather on
-			ethtool -K "$i" gso on
-			ethtool -K "$i" tso on
-			ethtool -K "$i" ufo on
+		ethtool -K "$i" rx-checksum on
+		ethtool -K "$i" tx-checksum-ip-generic on || {
+			ethtool -K "$i" tx-checksum-ipv4 on
+			ethtool -K "$i" tx-checksum-ipv6 on
 		}
+		ethtool -K "$i" tx-scatter-gather on
+		ethtool -K "$i" gso on
+		ethtool -K "$i" tso on
+		ethtool -K "$i" ufo on
+
+		if ethtool -i "$i" | grep -q "driver: igc"; then
+			ethtool -G "$i" rx "$(ethtool -g "$i" | awk '/^RX:/ {print $2; exit}')"
+			ethtool -G "$i" tx "$(ethtool -g "$i" | awk '/^TX:/ {print $2; exit}')"
+		fi
 	done
 } >"/dev/null" 2>&1

package/emortal/automount/Makefile

@@ -20,6 +20,7 @@ define Package/automount
   MAINTAINER:=Lean
   DEPENDS:= \
     +block-mount \
+    +e2fsprogs \
     +kmod-usb-storage \
     +kmod-usb-storage-extras \
     +!TARGET_ramips:kmod-usb-storage-uas \

package/emortal/default-settings/Makefile

@@ -22,6 +22,7 @@ define Package/default-settings
   SECTION:=luci
   CATEGORY:=LuCI
   TITLE:=LuCI support for Default Settings
+  DEPENDS:=+luci
   PKGARCH:=all
   DEPENDS:=+luci-lib-base
 endef
@@ -29,7 +30,7 @@ endef
 define Package/default-settings-chn
   $(Package/default-settings)
   TITLE+= (Optimize for CHN users)
-  DEPENDS:=+default-settings +@LUCI_LANG_zh_Hans
+  DEPENDS:=+default-settings +@LUCI_LANG_zh_Hans +luci-i18n-base-zh-cn
 endef
 
 define Build/Compile

package/emortal/default-settings/files/99-default-settings

@@ -1,29 +1,31 @@
 #!/bin/sh
 
-uci set luci.main.lang=auto
-uci commit luci
+uci -q get system.@imm_init[0] > "/dev/null" || uci -q add system imm_init > "/dev/null"
 
-uci set fstab.@global[0].anon_mount=1
-uci commit fstab
+if ! uci -q get system.@imm_init[0].lang > "/dev/null"; then
+	uci -q set luci.main.lang="auto"
+	uci -q commit luci
 
-rm -f /www/luci-static/resources/view/status/include/50_dsl.js
-rm -f /www/luci-static/resources/view/status/include/70_ddns.js
-rm -f /www/luci-static/resources/view/status/include/80_minidlna.js
-rm -f /www/luci-static/resources/view/status/include/80_upnp.js
+	uci -q set system.@imm_init[0].lang="1"
+	uci -q commit system
+fi
 
-ln -sf /sbin/ip /usr/bin/ip
+if ! uci -q get system.@imm_init[0].anon_mount > "/dev/null"; then
+	uci -q set fstab.@global[0].anon_mount="1"
+	uci -q commit fstab
 
-[ -f '/bin/bash' ] && sed -i 's|root:x:0:0:root:/root:/bin/ash|root:x:0:0:root:/root:/bin/bash|g' /etc/passwd
-[ -f '/etc/openwrt_banner' ] && mv '/etc/openwrt_banner' '/etc/banner'
+	uci -q set system.@imm_init[0].anon_mount="1"
+	uci -q commit system
+fi
 
-sed -i '/option disabled/d' /etc/config/wireless
-sed -i '/set wireless.radio${devidx}.disabled/d' /lib/wifi/mac80211.sh
-wifi up
+ln -sf "/sbin/ip" "/usr/bin/ip"
 
-sed -i '/log-facility/d' /etc/dnsmasq.conf
-echo 'log-facility=/dev/null' >> /etc/dnsmasq.conf
+[ ! -e "/bin/bash" ] || sed -i "s|root:x:0:0:root:/root:/bin/ash|root:x:0:0:root:/root:/bin/bash|g" "/etc/passwd"
 
-rm -rf /tmp/luci-modulecache/
-rm -f /tmp/luci-indexcache
+sed -i "/log-facility/d" "/etc/dnsmasq.conf"
+echo "log-facility=/dev/null" >> "/etc/dnsmasq.conf"
+
+rm -rf "/tmp/luci-modulecache"
+rm -f "/tmp/luci-indexcache"
 
 exit 0

package/emortal/default-settings/files/99-default-settings-chinese

@@ -1,17 +1,23 @@
 #!/bin/sh
 
-uci -q batch <<-EOF
-	set system.@system[0].timezone='CST-8'
-	set system.@system[0].zonename='Asia/Shanghai'
+uci -q get system.@imm_init[0] > "/dev/null" || uci -q add system imm_init > "/dev/null"
 
-	delete system.ntp.server
-	add_list system.ntp.server='ntp.tencent.com'
-	add_list system.ntp.server='ntp1.aliyun.com'
-	add_list system.ntp.server='ntp.ntsc.ac.cn'
-	add_list system.ntp.server='cn.ntp.org.cn'
-EOF
-uci commit system
+if ! uci -q get system.@imm_init[0].system_chn > "/dev/null"; then
+	uci -q batch <<-EOF
+		set system.@system[0].timezone="CST-8"
+		set system.@system[0].zonename="Asia/Shanghai"
 
-sed -i 's,downloads.immortalwrt.org,mirrors.vsean.net/openwrt,g' /etc/opkg/distfeeds.conf
+		delete system.ntp.server
+		add_list system.ntp.server="ntp.tencent.com"
+		add_list system.ntp.server="ntp1.aliyun.com"
+		add_list system.ntp.server="ntp.ntsc.ac.cn"
+		add_list system.ntp.server="cn.ntp.org.cn"
+
+		set system.@imm_init[0].system_chn="1"
+		commit system
+	EOF
+fi
+
+sed -i.bak "s,downloads.immortalwrt.org,mirrors.vsean.net/openwrt,g" "/etc/opkg/distfeeds.conf"
 
 exit 0

package/emortal/ipv6-helper/files/60-6in4

@@ -1,12 +1,15 @@
 #!/bin/sh
 . /lib/functions.sh
+
 if [ "$ACTION" != "ifup" ]; then
     exit
 fi
+
 config_load network
-config_get tunnelid $INTERFACE tunnelid
-config_get username $INTERFACE username
-config_get password $INTERFACE password
+config_get tunnelid "$INTERFACE" tunnelid
+config_get username "$INTERFACE" username
+config_get password "$INTERFACE" password
+
 if [ "$tunnelid" != "" ]; then
-    wget -O - https://$username:$password@ipv4.tunnelbroker.net/nic/update?hostname=$tunnelid --no-check-certificate
+    wget -O - "https://$username:$password@ipv4.tunnelbroker.net/nic/update?hostname=$tunnelid"
 fi

package/emortal/ipv6-helper/files/60-ipv6-hybrid

@@ -1,9 +1,15 @@
 #!/bin/sh
 
-uci set dhcp.lan.ra='hybrid'
-uci set dhcp.lan.ndp='hybrid'
-uci set dhcp.lan.dhcpv6='hybrid'
-uci set dhcp.lan.ra_management='1'
-uci commit dhcp
+uci -q get system.@imm_init[0] > "/dev/null" || uci -q add system imm_init > "/dev/null"
+uci -q get system.@imm_init[0].ipv6 > "/dev/null" && exit 0
+
+uci -q set dhcp.lan.ra="hybrid"
+uci -q set dhcp.lan.ndp="hybrid"
+uci -q set dhcp.lan.dhcpv6="hybrid"
+uci -q set dhcp.lan.ra_management="1"
+uci -q commit dhcp
+
+uci -q set system.@imm_init[0].ipv6="1"
+uci -q commit system
 
 exit 0

package/firmware/intel-microcode/Makefile

@@ -8,13 +8,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=intel-microcode
-PKG_VERSION:=20220809
+PKG_VERSION:=20230808
 PKG_RELEASE:=1
 
 PKG_SOURCE:=intel-microcode_3.$(PKG_VERSION).1.tar.xz
-PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/non-free/i/intel-microcode/
-PKG_HASH:=4cf6c3638bb52d9d45c1916af866fd0929628a6f459daac3edfd369149e9c665
+PKG_SOURCE_URL:=@DEBIAN/pool/non-free-firmware/i/intel-microcode/
+PKG_HASH:=29e77c275b3f60a691832c0844f70effbd94a4594d04af21e0c2e6e0c1ac1894
 PKG_BUILD_DIR:=$(BUILD_DIR)/intel-microcode-3.$(PKG_VERSION).1
+PKG_CPE_ID:=cpe:/a:intel:microcode
 
 PKG_BUILD_DEPENDS:=iucode-tool/host
 

package/firmware/linux-firmware/intel.mk

@@ -7,6 +7,13 @@ define Package/ibt-firmware/install
 endef
 $(eval $(call BuildPackage,ibt-firmware))
 
+Package/iwlwifi-firmware-ax200 = $(call Package/firmware-default,Intel AX200 firmware)
+define Package/iwlwifi-firmware-ax200/install
+	$(INSTALL_DIR) $(1)/lib/firmware
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/iwlwifi-cc-a0-62.ucode $(1)/lib/firmware
+endef
+$(eval $(call BuildPackage,iwlwifi-firmware-ax200))
+
 Package/iwl3945-firmware = $(call Package/firmware-default,Intel IWL3945 firmware)
 define Package/iwl3945-firmware/install
 	$(INSTALL_DIR) $(1)/lib/firmware

package/kernel/i40e/Makefile

@@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=i40e
-PKG_VERSION:=2.22.8
-PKG_RELEASE:=2
+PKG_VERSION:=2.23.17
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=@IMMORTALWRT
-PKG_HASH:=938eac24067e385d6e7e47788c7a1c47987bbe0ed36f3360809cbaa8caf85c6b
+PKG_SOURCE_URL:=@SF/e1000/i40e%20stable/$(PKG_VERSION)/
+PKG_HASH:=7d5a107a49e0c2cede2facba93086dde6fa5cbf529a92dbe57c5407b62d3c31d
 
 PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
 PKG_LICENSE:=GPL-2.0-only
@@ -37,6 +37,17 @@ define KernelPackage/i40e-vendor/description
   Kernel modules for Intel(R) Ethernet Controller XL710 Family 40 Gigabit Ethernet adapters.
 endef
 
+define Build/Configure
+	( \
+		pushd $(PKG_BUILD_DIR)/src ; \
+		KSRC=$(LINUX_DIR) \
+		OUT=kcompat_generated_defs.h \
+		CONFFILE=$(LINUX_DIR)/include/generated/autoconf.h \
+		bash kcompat-generator.sh ; \
+		popd ; \
+	)
+endef
+
 define Build/Compile
 	+$(KERNEL_MAKE) $(PKG_JOBS) \
 		M=$(PKG_BUILD_DIR)/src \

package/kernel/i40e/patches/100-dcb-condition.patch

@@ -0,0 +1,28 @@
+--- a/src/i40e_virtchnl_pf.c
++++ b/src/i40e_virtchnl_pf.c
+@@ -6661,7 +6661,6 @@ int i40e_get_vf_stats(struct net_device
+ #endif /* HAVE_VF_STATS */
+ #endif /* IFLA_VF_MAX */
+ #ifdef HAVE_NDO_SET_VF_LINK_STATE
+-#ifdef CONFIG_DCB
+ #ifdef CONFIG_PCI_IOV
+ /**
+  * i40e_configure_vf_link
+@@ -6739,6 +6738,7 @@ error_out:
+ 	return ret;
+ }
+ 
++#ifdef CONFIG_DCB
+ /**
+  * i40e_enable_vf_queues
+  * @vsi: PCI device information struct
+@@ -6792,8 +6792,8 @@ int i40e_enable_vf_queues(struct i40e_vs
+ err_out:
+ 	return ret;
+ }
+-#endif /* PCI_IOV */
+ #endif /* CONFIG_DCB */
++#endif /* PCI_IOV */
+ /**
+  * i40e_get_vlan_anti_spoof
+  * @pdev: PCI device information struct

package/kernel/iavf/Makefile

@@ -0,0 +1,58 @@
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Copyright (C) 2023 ImmortalWrt.org
+
+include $(TOPDIR)/rules.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+PKG_NAME:=iavf
+PKG_VERSION:=4.9.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=@SF/e1000/iavf%20stable/$(PKG_VERSION)/
+PKG_HASH:=6bf25bd7179b5bca1b10168f57ca4ce9fe54d08574e8d7613fad7c15800c7f71
+
+PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
+PKG_LICENSE:=GPL-2.0-only
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define KernelPackage/iavf-vendor
+  SUBMENU:=Network Devices
+  TITLE:=Intel(R) Ethernet Adaptive Virtual Function support (vendor driver)
+  VERSION:=$(LINUX_VERSION)+$(PKG_VERSION)-$(BOARD)-$(PKG_RELEASE)
+  DEPENDS:=@PCI_SUPPORT +kmod-i40e-vendor
+  CONFLICTS:=kmod-iavf
+  FILES:=$(PKG_BUILD_DIR)/src/iavf.ko
+  AUTOLOAD:=$(call AutoProbe,iavf)
+endef
+
+define KernelPackage/iavf-vendor/description
+  Kernel modules for Intel XL710,
+          X710, X722, XXV710, and all devices advertising support for
+          Intel Ethernet Adaptive Virtual Function devices.
+endef
+
+define Build/Configure
+	( \
+		pushd $(PKG_BUILD_DIR)/src ; \
+		KSRC=$(LINUX_DIR) \
+		OUT=kcompat_generated_defs.h \
+		CONFFILE=$(LINUX_DIR)/include/generated/autoconf.h \
+		bash kcompat-generator.sh ; \
+		popd ; \
+	)
+endef
+
+define Build/Compile
+	+$(KERNEL_MAKE) $(PKG_JOBS) \
+		M=$(PKG_BUILD_DIR)/src \
+		NEED_AUX_BUS=2 \
+		modules
+endef
+
+$(eval $(call KernelPackage,iavf-vendor))

package/kernel/ice/Makefile

@@ -0,0 +1,55 @@
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Copyright (C) 2023 ImmortalWrt.org
+
+include $(TOPDIR)/rules.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+PKG_NAME:=ice
+PKG_VERSION:=1.12.6
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=@SF/e1000/ice%20stable/$(PKG_VERSION)/
+PKG_HASH:=55a7fb96c516c178180e07451beb621997148301f1b1be0bc52bf970850bc5cc
+
+PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
+PKG_LICENSE:=GPL-2.0-only
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define KernelPackage/ice-vendor
+  SUBMENU:=Network Devices
+  TITLE:=Intel(R) Ethernet Controller E810 Family support (vendor driver)
+  VERSION:=$(LINUX_VERSION)+$(PKG_VERSION)-$(BOARD)-$(PKG_RELEASE)
+  DEPENDS:=@PCI_SUPPORT +kmod-ptp @TARGET_x86
+  CONFLICTS:=kmod-ice
+  FILES:=$(PKG_BUILD_DIR)/src/ice.ko
+  AUTOLOAD:=$(call AutoProbe,ice)
+endef
+
+define KernelPackage/ice-vendor/description
+  Kernel modules for Intel(R) Ethernet Controller E810 Series
+endef
+
+define Build/Configure
+	( \
+		pushd $(PKG_BUILD_DIR)/src ; \
+		KSRC=$(LINUX_DIR) \
+		OUT=kcompat_generated_defs.h \
+		CONFFILE=$(LINUX_DIR)/include/generated/autoconf.h \
+		bash kcompat-generator.sh ; \
+		popd ; \
+	)
+endef
+
+define Build/Compile
+	+$(KERNEL_MAKE) $(PKG_JOBS) \
+		M=$(PKG_BUILD_DIR)/src \
+		modules
+endef
+
+$(eval $(call KernelPackage,ice-vendor))

package/kernel/igb/Makefile

@@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=igb
-PKG_VERSION:=5.13.7
+PKG_VERSION:=5.14.16
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=@IMMORTALWRT
-PKG_HASH:=4ccae73110f3c871a17b7cc6df7dbdf6295fc90f4941e8b2978a471c2fec83cb
+PKG_SOURCE_URL:=@SF/e1000/igb%20stable/$(PKG_VERSION)/
+PKG_HASH:=59969b19ce0286f4dc8143895ecff16ac18de30e71a5afc8ed73cc16af219db3
 
 PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
 PKG_LICENSE:=GPL-2.0-only
@@ -25,7 +25,7 @@ define KernelPackage/igb-vendor
   SUBMENU:=Network Devices
   TITLE:=Intel(R) 82575/82576 PCI-Express Gigabit Ethernet support (vendor driver)
   VERSION:=$(LINUX_VERSION)+$(PKG_VERSION)-$(BOARD)-$(PKG_RELEASE)
-  DEPENDS:=@PCI_SUPPORT +kmod-i2c-core +kmod-i2c-algo-bit +kmod-ptp +kmod-hwmon-core
+  DEPENDS:=@PCI_SUPPORT +kmod-i2c-core +kmod-i2c-algo-bit +kmod-ptp +kmod-hwmon-core @TARGET_x86
   CONFLICTS:=kmod-igb
   FILES:=$(PKG_BUILD_DIR)/src/igb.ko
   AUTOLOAD:=$(call AutoProbe,igb)
@@ -35,6 +35,17 @@ define KernelPackage/igb-vendor/description
   Kernel modules for Intel(R) 82575/82576 PCI-Express Gigabit Ethernet adapters.
 endef
 
+define Build/Configure
+	( \
+		pushd $(PKG_BUILD_DIR)/src ; \
+		KSRC=$(LINUX_DIR) \
+		OUT=kcompat_generated_defs.h \
+		CONFFILE=$(LINUX_DIR)/include/generated/autoconf.h \
+		bash kcompat-generator.sh ; \
+		popd ; \
+	)
+endef
+
 define Build/Compile
 	+$(KERNEL_MAKE) $(PKG_JOBS) \
 		M=$(PKG_BUILD_DIR)/src \

package/kernel/igb/patches/100-headers.patch

@@ -1,10 +0,0 @@
---- a/src/igb_main.c
-+++ b/src/igb_main.c
-@@ -25,6 +25,7 @@
- #ifdef CONFIG_PM_RUNTIME
- #include <linux/pm_runtime.h>
- #endif /* CONFIG_PM_RUNTIME */
-+#include <linux/ctype.h>
- 
- #include <linux/if_bridge.h>
- #include "igb.h"

package/kernel/ixgbe/Makefile

@@ -0,0 +1,56 @@
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Copyright (C) 2023 ImmortalWrt.org
+
+include $(TOPDIR)/rules.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+PKG_NAME:=ixgbe
+PKG_VERSION:=5.19.6
+PKG_RELEASE:=2
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=@SF/e1000/ixgbe%20stable/$(PKG_VERSION)/
+PKG_HASH:=a844f1fea8064e30b276792455c3b286c1d7af26731e8f865d4a4e9ed1dcf4ab
+
+PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
+PKG_LICENSE:=GPL-2.0-only
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define KernelPackage/ixgbe-vendor
+  SUBMENU:=Network Devices
+  TITLE:=Intel(R) 82598/82599 PCI-Express 10 Gigabit Ethernet support (vendor driver)
+  VERSION:=$(LINUX_VERSION)+$(PKG_VERSION)-$(BOARD)-$(PKG_RELEASE)
+  DEPENDS:=@PCI_SUPPORT +kmod-ptp +kmod-libphy @TARGET_x86
+  CONFLICTS:=kmod-ixgbe
+  FILES:=$(PKG_BUILD_DIR)/src/ixgbe.ko
+  AUTOLOAD:=$(call AutoProbe,ixgbe)
+endef
+
+define KernelPackage/ixgbe-vendor/description
+  Kernel modules for Intel(R) 82598/82599 PCI-Express 10 Gigabit Ethernet adapters.
+endef
+
+define Build/Configure
+	( \
+		pushd $(PKG_BUILD_DIR)/src ; \
+		KSRC=$(LINUX_DIR) \
+		OUT=kcompat_generated_defs.h \
+		CONFFILE=$(LINUX_DIR)/include/generated/autoconf.h \
+		bash kcompat-generator.sh ; \
+		popd ; \
+	)
+endef
+
+define Build/Compile
+	+$(KERNEL_MAKE) $(PKG_JOBS) \
+		M=$(PKG_BUILD_DIR)/src \
+		CONFIG_IXGBE=m \
+		modules
+endef
+
+$(eval $(call KernelPackage,ixgbe-vendor))

package/kernel/ixgbe/patches/010-VXLAN_HEADROOM-header.patch

@@ -0,0 +1,11 @@
+--- a/src/ixgbe_main.c
++++ b/src/ixgbe_main.c
+@@ -9869,7 +9869,7 @@ static void ixgbe_atr(struct ixgbe_ring
+ 		struct ixgbe_adapter *adapter = q_vector->adapter;
+ 
+ 		if (unlikely(skb_tail_pointer(skb) < hdr.network +
+-			     VXLAN_HEADROOM))
++			     vxlan_headroom(0)))
+ 			return;
+ 
+ 		/* verify the port is recognized as VXLAN or GENEVE*/

package/kernel/ixgbevf/Makefile

@@ -0,0 +1,56 @@
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Copyright (C) 2023 ImmortalWrt.org
+
+include $(TOPDIR)/rules.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+PKG_NAME:=ixgbevf
+PKG_VERSION:=4.18.7
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=@SF/e1000/ixgbevf%20stable/$(PKG_VERSION)/
+PKG_HASH:=90f6cd614008839b6fc748ae0f4ad3503435f8b788318d4f40cfc83c7029025e
+
+PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
+PKG_LICENSE:=GPL-2.0-only
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define KernelPackage/ixgbevf-vendor
+  SUBMENU:=Network Devices
+  TITLE:=Intel(R) 82599 Virtual Function Ethernet support (vendor driver)
+  VERSION:=$(LINUX_VERSION)+$(PKG_VERSION)-$(BOARD)-$(PKG_RELEASE)
+  DEPENDS:=@PCI_SUPPORT +kmod-ixgbe-vendor
+  CONFLICTS:=kmod-ixgbevf
+  FILES:=$(PKG_BUILD_DIR)/src/ixgbevf.ko
+  AUTOLOAD:=$(call AutoProbe,ixgbevf)
+endef
+
+define KernelPackage/ixgbevf-vendor/description
+  Kernel modules for Intel(R) 82599 Virtual Function Ethernet adapters.
+endef
+
+define Build/Configure
+	( \
+		pushd $(PKG_BUILD_DIR)/src ; \
+		KSRC=$(LINUX_DIR) \
+		OUT=kcompat_generated_defs.h \
+		CONFFILE=$(LINUX_DIR)/include/generated/autoconf.h \
+		bash kcompat-generator.sh ; \
+		popd ; \
+	)
+endef
+
+define Build/Compile
+	+$(KERNEL_MAKE) $(PKG_JOBS) \
+		M=$(PKG_BUILD_DIR)/src \
+		CONFIG_IXGBEVF=m \
+		modules
+endef
+
+$(eval $(call KernelPackage,ixgbevf-vendor))

package/kernel/lantiq/ltq-atm/src/ltq_atm.c

@@ -41,6 +41,7 @@
 #include <linux/atm.h>
 #include <linux/clk.h>
 #include <linux/interrupt.h>
+#include <linux/version.h>
 #ifdef CONFIG_XFRM
   #include <net/xfrm.h>
 #endif
@@ -199,7 +200,12 @@ static inline void mailbox_aal_rx_handler(void);
 static irqreturn_t mailbox_irq_handler(int, void *);
 static inline void mailbox_signal(unsigned int, int);
 static void do_ppe_tasklet(unsigned long);
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5,9,0) && \
+    !(LINUX_VERSION_CODE < KERNEL_VERSION(5,5,0) && LINUX_VERSION_CODE > KERNEL_VERSION(5,4,235))
 DECLARE_TASKLET(g_dma_tasklet, do_ppe_tasklet, 0);
+#else
+DECLARE_TASKLET_OLD(g_dma_tasklet, do_ppe_tasklet);
+#endif
 
 /*
  *  QSB & HTU setting functions

package/kernel/lantiq/ltq-ptm/src/ifxmips_ptm_adsl.c

@@ -127,7 +127,11 @@ static int ptm_stop(struct net_device *);
   static int ptm_napi_poll(struct napi_struct *, int);
 static int ptm_hard_start_xmit(struct sk_buff *, struct net_device *);
 static int ptm_ioctl(struct net_device *, struct ifreq *, int);
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5,6,0)
 static void ptm_tx_timeout(struct net_device *);
+#else
+static void ptm_tx_timeout(struct net_device *, unsigned int txqueue);
+#endif
 
 /*
  *  DSL Data LED
@@ -511,7 +515,11 @@ static int ptm_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
     return 0;
 }
 
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5,6,0)
 static void ptm_tx_timeout(struct net_device *dev)
+#else
+static void ptm_tx_timeout(struct net_device *dev, unsigned int txqueue)
+#endif
 {
     int ndev;
 

package/kernel/lantiq/ltq-ptm/src/ifxmips_ptm_vdsl.c

@@ -77,7 +77,11 @@ static int ptm_stop(struct net_device *);
   static int ptm_napi_poll(struct napi_struct *, int);
 static int ptm_hard_start_xmit(struct sk_buff *, struct net_device *);
 static int ptm_ioctl(struct net_device *, struct ifreq *, int);
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5,6,0)
 static void ptm_tx_timeout(struct net_device *);
+#else
+static void ptm_tx_timeout(struct net_device *, unsigned int txqueue);
+#endif
 
 static inline struct sk_buff* alloc_skb_rx(void);
 static inline struct sk_buff* alloc_skb_tx(unsigned int);
@@ -125,7 +129,12 @@ static char *g_net_dev_name[1] = {"dsl0"};
 
 static int g_ptm_prio_queue_map[8];
 
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5,9,0) && \
+    !(LINUX_VERSION_CODE < KERNEL_VERSION(5,5,0) && LINUX_VERSION_CODE > KERNEL_VERSION(5,4,235))
 static DECLARE_TASKLET(g_swap_desc_tasklet, do_swap_desc_tasklet, 0);
+#else
+static DECLARE_TASKLET_OLD(g_swap_desc_tasklet, do_swap_desc_tasklet);
+#endif
 
 
 unsigned int ifx_ptm_dbg_enable = DBG_ENABLE_MASK_ERR;
@@ -451,7 +460,11 @@ static int ptm_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
     return 0;
 }
 
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5,6,0)
 static void ptm_tx_timeout(struct net_device *dev)
+#else
+static void ptm_tx_timeout(struct net_device *dev, unsigned int txqueue)
+#endif
 {
     ASSERT(dev == g_net_dev[0], "incorrect device");
 

package/kernel/lantiq/ltq-tapi/patches/500-linux-509.patch

@@ -0,0 +1,51 @@
+--- a/src/drv_tapi_linux.c
++++ b/src/drv_tapi_linux.c
+@@ -3287,10 +3287,13 @@ static IFX_void_t proc_EntriesRemove(IFX
+ */
+ static IFX_void_t tapi_wq_setscheduler (IFX_int32_t foo)
+ {
++#if LINUX_VERSION_CODE < KERNEL_VERSION(5,9,0)
+    struct sched_param sched_params;
+-
+    sched_params.sched_priority = TAPI_OS_THREAD_PRIO_HIGH;
+    sched_setscheduler(current, SCHED_FIFO, &sched_params);
++#else
++   sched_set_fifo_low(current);
++#endif
+ }
+ #endif /* LINUX_2_6 */
+ 
+@@ -3727,6 +3730,7 @@ static IFX_int32_t TAPI_SelectCh (TAPI_F
+ */
+ IFX_int32_t TAPI_OS_ThreadPriorityModify(IFX_uint32_t newPriority)
+ {
++#if (LINUX_VERSION_CODE < KERNEL_VERSION(5,9,0))
+    struct sched_param sched_params;
+    IFX_int32_t ret;
+ 
+@@ -3744,6 +3748,10 @@ IFX_int32_t TAPI_OS_ThreadPriorityModify
+    }
+ 
+    return (ret < 0) ? IFX_ERROR : IFX_SUCCESS;
++#else
++   sched_set_fifo_low(current);
++   return IFX_SUCCESS;
++#endif
+ }
+ 
+ 
+--- a/src/drv_tapi_kpi.c
++++ b/src/drv_tapi_kpi.c
+@@ -134,7 +134,12 @@ extern IFX_int32_t           block_ingre
+ /* ========================================================================== */
+ static IFX_void_t ifx_tapi_KPI_IngressHandler (IFX_ulong_t foo);
+ #ifdef KPI_TASKLET
++#if LINUX_VERSION_CODE < KERNEL_VERSION(5,9,0) && \
++    !(LINUX_VERSION_CODE < KERNEL_VERSION(5,5,0) && LINUX_VERSION_CODE > KERNEL_VERSION(5,4,235))
+ DECLARE_TASKLET(tl_kpi_ingress, ifx_tapi_KPI_IngressHandler, 0L);
++#else
++DECLARE_TASKLET_OLD(tl_kpi_ingress, ifx_tapi_KPI_IngressHandler);
++#endif
+ #endif /* KPI_TASKLET */
+ static IFX_int32_t ifx_tapi_KPI_IngressThread (IFXOS_ThreadParams_t *pThread);
+ static IFX_return_t ifx_tapi_KPI_GroupInit(IFX_uint32_t nKpiGroup);

package/kernel/linux/modules/netdevices.mk

@@ -744,6 +744,22 @@ endef
 $(eval $(call KernelPackage,iavf))
 
 
+define KernelPackage/ice
+  SUBMENU:=$(NETWORK_DEVICES_MENU)
+  TITLE:=Intel(R) Ethernet Controller E810 Series support
+  DEPENDS:=@PCI_SUPPORT +kmod-ptp
+  KCONFIG:=CONFIG_ICE
+  FILES:=$(LINUX_DIR)/drivers/net/ethernet/intel/ice/ice.ko
+  AUTOLOAD:=$(call AutoProbe,ice)
+endef
+
+define KernelPackage/ice/description
+  Kernel modules for Intel(R) Ethernet Controller E810 Series
+endef
+
+$(eval $(call KernelPackage,ice))
+
+
 define KernelPackage/b44
   TITLE:=Broadcom 44xx driver
   KCONFIG:=CONFIG_B44
@@ -1180,12 +1196,13 @@ define KernelPackage/mlx5-core
 	CONFIG_MLX5_EN_IPSEC=n \
 	CONFIG_MLX5_EN_RXNFC=y \
 	CONFIG_MLX5_EN_TLS=n \
-	CONFIG_MLX5_ESWITCH=n \
+	CONFIG_MLX5_ESWITCH=y \
 	CONFIG_MLX5_FPGA=n \
 	CONFIG_MLX5_FPGA_IPSEC=n \
 	CONFIG_MLX5_FPGA_TLS=n \
 	CONFIG_MLX5_MPFS=y \
 	CONFIG_MLX5_SW_STEERING=n \
+	CONFIG_MLX5_CLS_ACT=n \
 	CONFIG_MLX5_TC_CT=n \
 	CONFIG_MLX5_TLS=n
   AUTOLOAD:=$(call AutoProbe,mlx5_core)
@@ -1198,6 +1215,50 @@ endef
 $(eval $(call KernelPackage,mlx5-core))
 
 
+define KernelPackage/qlcnic
+  SUBMENU:=$(NETWORK_DEVICES_MENU)
+  DEPENDS:=@PCI_SUPPORT +kmod-hwmon-core
+  TITLE:=QLogic QLE8240 and QLE8242 device support
+  KCONFIG:= \
+	CONFIG_QLCNIC \
+	CONFIG_QLCNIC_HWMON=y \
+	CONFIG_QLCNIC_SRIOV=y
+  FILES:=$(LINUX_DIR)/drivers/net/ethernet/qlogic/qlcnic/qlcnic.ko
+  AUTOLOAD:=$(call AutoProbe,qlcnic)
+endef
+
+define KernelPackage/qlcnic/description
+  This driver supports QLogic QLE8240 and QLE8242 Converged Ethernet
+  devices.
+endef
+
+$(eval $(call KernelPackage,qlcnic))
+
+
+define KernelPackage/qede
+  SUBMENU:=$(NETWORK_DEVICES_MENU)
+  DEPENDS:=@PCI_SUPPORT +kmod-ptp +kmod-lib-crc8 +kmod-lib-zlib-inflate
+  TITLE:=QLogic FastLinQ 10/25/40/100Gb Ethernet NIC device support
+  KCONFIG:= \
+	CONFIG_QED \
+	CONFIG_QED_SRIOV=y \
+	CONFIG_QEDE \
+	CONFIG_QEDF=n \
+	CONFIG_QEDI=n
+  FILES:= \
+	$(LINUX_DIR)/drivers/net/ethernet/qlogic/qed/qed.ko \
+	$(LINUX_DIR)/drivers/net/ethernet/qlogic/qede/qede.ko
+  AUTOLOAD:=$(call AutoProbe,qed qede)
+endef
+
+define KernelPackage/qede/description
+  This driver supports QLogic FastLinQ 25/40/100Gb Ethernet NIC
+  devices.
+endef
+
+$(eval $(call KernelPackage,qede))
+
+
 define KernelPackage/sfp
   SUBMENU:=$(NETWORK_DEVICES_MENU)
   TITLE:=SFP cage support

package/kernel/linux/modules/netsupport.mk

@@ -689,7 +689,7 @@ $(eval $(call KernelPackage,mppe))
 
 
 SCHED_MODULES = $(patsubst $(LINUX_DIR)/net/sched/%.ko,%,$(wildcard $(LINUX_DIR)/net/sched/*.ko))
-SCHED_MODULES_CORE = sch_ingress sch_fq_codel sch_hfsc sch_htb sch_tbf cls_basic cls_fw cls_route cls_flow cls_tcindex cls_u32 em_u32 act_gact act_mirred act_skbedit cls_matchall
+SCHED_MODULES_CORE = sch_ingress sch_fq_codel sch_hfsc sch_htb sch_tbf cls_basic cls_fw cls_route cls_flow cls_u32 em_u32 act_gact act_mirred act_skbedit cls_matchall
 SCHED_MODULES_FILTER = $(SCHED_MODULES_CORE) act_connmark act_ctinfo sch_cake sch_netem sch_mqprio em_ipset cls_bpf cls_flower act_bpf act_vlan
 SCHED_MODULES_EXTRA = $(filter-out $(SCHED_MODULES_FILTER),$(SCHED_MODULES))
 SCHED_FILES = $(patsubst %,$(LINUX_DIR)/net/sched/%.ko,$(filter $(SCHED_MODULES_CORE),$(SCHED_MODULES)))
@@ -711,7 +711,6 @@ define KernelPackage/sched-core
 	CONFIG_NET_CLS_FLOW \
 	CONFIG_NET_CLS_FW \
 	CONFIG_NET_CLS_ROUTE4 \
-	CONFIG_NET_CLS_TCINDEX \
 	CONFIG_NET_CLS_U32 \
 	CONFIG_NET_ACT_GACT \
 	CONFIG_NET_ACT_MIRRED \

package/kernel/mac80211/files/lib/wifi/mac80211.sh

@@ -174,7 +174,7 @@ detect_mac80211() {
 			set wireless.radio${devidx}.channel=${channel}
 			set wireless.radio${devidx}.band=${mode_band}
 			set wireless.radio${devidx}.htmode=$htmode
-			set wireless.radio${devidx}.country=US
+			set wireless.radio${devidx}.country=CN
 			set wireless.radio${devidx}.disabled=0
 
 			set wireless.default_radio${devidx}=wifi-iface

package/kernel/mac80211/patches/ath10k/921-ath10k_init_devices_synchronously.patch

@@ -14,7 +14,7 @@ Signed-off-by: Sven Eckelmann <sven@open-mesh.com>
 
 --- a/drivers/net/wireless/ath/ath10k/core.c
 +++ b/drivers/net/wireless/ath/ath10k/core.c
-@@ -3443,6 +3443,16 @@ int ath10k_core_register(struct ath10k *
+@@ -3383,6 +3383,16 @@ int ath10k_core_register(struct ath10k *
  
  	queue_work(ar->workqueue, &ar->register_work);
  

package/kernel/mac80211/patches/ath10k/974-ath10k_add-LED-and-GPIO-controlling-support-for-various-chipsets.patch

@@ -124,7 +124,7 @@ v13:
  WCN36XX=
 --- a/drivers/net/wireless/ath/ath10k/core.c
 +++ b/drivers/net/wireless/ath/ath10k/core.c
-@@ -26,6 +26,7 @@
+@@ -25,6 +25,7 @@
  #include "testmode.h"
  #include "wmi-ops.h"
  #include "coredump.h"
@@ -132,7 +132,7 @@ v13:
  
  unsigned int ath10k_debug_mask;
  EXPORT_SYMBOL(ath10k_debug_mask);
-@@ -65,6 +66,7 @@ static const struct ath10k_hw_params ath
+@@ -64,6 +65,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA988X_2_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca988x hw2.0",
@@ -140,7 +140,7 @@ v13:
  		.patch_load_addr = QCA988X_HW_2_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_ALL,
-@@ -138,6 +140,7 @@ static const struct ath10k_hw_params ath
+@@ -137,6 +139,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA9887_1_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca9887 hw1.0",
@@ -148,7 +148,7 @@ v13:
  		.patch_load_addr = QCA9887_HW_1_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_ALL,
-@@ -355,6 +358,7 @@ static const struct ath10k_hw_params ath
+@@ -354,6 +357,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA99X0_2_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca99x0 hw2.0",
@@ -156,7 +156,7 @@ v13:
  		.patch_load_addr = QCA99X0_HW_2_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.otp_exe_param = 0x00000700,
-@@ -397,6 +401,7 @@ static const struct ath10k_hw_params ath
+@@ -396,6 +400,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA9984_1_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca9984/qca9994 hw1.0",
@@ -164,7 +164,7 @@ v13:
  		.patch_load_addr = QCA9984_HW_1_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_EACH,
-@@ -446,6 +451,7 @@ static const struct ath10k_hw_params ath
+@@ -445,6 +450,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA9888_2_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca9888 hw2.0",
@@ -172,7 +172,7 @@ v13:
  		.patch_load_addr = QCA9888_HW_2_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_EACH,
-@@ -3158,6 +3164,10 @@ int ath10k_core_start(struct ath10k *ar,
+@@ -3098,6 +3104,10 @@ int ath10k_core_start(struct ath10k *ar,
  		goto err_hif_stop;
  	}
  
@@ -183,7 +183,7 @@ v13:
  	return 0;
  
  err_hif_stop:
-@@ -3416,9 +3426,18 @@ static void ath10k_core_register_work(st
+@@ -3356,9 +3366,18 @@ static void ath10k_core_register_work(st
  		goto err_spectral_destroy;
  	}
  
@@ -202,7 +202,7 @@ v13:
  err_spectral_destroy:
  	ath10k_spectral_destroy(ar);
  err_debug_destroy:
-@@ -3464,6 +3483,8 @@ void ath10k_core_unregister(struct ath10
+@@ -3404,6 +3423,8 @@ void ath10k_core_unregister(struct ath10
  	if (!test_bit(ATH10K_FLAG_CORE_REGISTERED, &ar->dev_flags))
  		return;
  
@@ -221,7 +221,7 @@ v13:
  
  #include "htt.h"
  #include "htc.h"
-@@ -1256,6 +1257,13 @@ struct ath10k {
+@@ -1250,6 +1251,13 @@ struct ath10k {
  	} testmode;
  
  	struct {

package/kernel/mac80211/patches/ath10k/975-ath10k-use-tpt-trigger-by-default.patch

@@ -16,7 +16,7 @@ Signed-off-by: Mathias Kresin <dev@kresin.me>
 
 --- a/drivers/net/wireless/ath/ath10k/core.h
 +++ b/drivers/net/wireless/ath/ath10k/core.h
-@@ -1312,6 +1312,10 @@ struct ath10k {
+@@ -1306,6 +1306,10 @@ struct ath10k {
  	s32 tx_power_2g_limit;
  	s32 tx_power_5g_limit;
  

package/kernel/mac80211/patches/ath10k/983-ath10k-allow-vht-on-2g.patch

@@ -1,6 +1,6 @@
 --- a/drivers/net/wireless/ath/ath10k/mac.c
 +++ b/drivers/net/wireless/ath/ath10k/mac.c
-@@ -4718,6 +4718,7 @@ static void ath10k_mac_setup_ht_vht_cap(
+@@ -5032,6 +5032,7 @@ static void ath10k_mac_setup_ht_vht_cap(
  	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
  		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
  		band->ht_cap = ht_cap;

package/kernel/mac80211/patches/brcm/865-brcmfmac-Read-alternative-firmware-names-from-DT.patch

@@ -111,7 +111,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.com>
  #define TXCTL_CREDITS	2
  
  static void pkt_align(struct sk_buff *p, int len, int align)
-@@ -4140,7 +4144,7 @@ int brcmf_sdio_get_fwname(struct device
+@@ -4141,7 +4145,7 @@ int brcmf_sdio_get_fwname(struct device
  
  	fwreq = brcmf_fw_alloc_request(bus_if->chip, bus_if->chiprev,
  				       brcmf_sdio_fwnames,
@@ -120,7 +120,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.com>
  				       fwnames, ARRAY_SIZE(fwnames));
  	if (!fwreq)
  		return -ENOMEM;
-@@ -4196,6 +4200,9 @@ static const struct brcmf_bus_ops brcmf_
+@@ -4197,6 +4201,9 @@ static const struct brcmf_bus_ops brcmf_
  #define BRCMF_SDIO_FW_CODE	0
  #define BRCMF_SDIO_FW_NVRAM	1
  
@@ -130,7 +130,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.com>
  static void brcmf_sdio_firmware_callback(struct device *dev, int err,
  					 struct brcmf_fw_request *fwreq)
  {
-@@ -4211,6 +4218,22 @@ static void brcmf_sdio_firmware_callback
+@@ -4212,6 +4219,22 @@ static void brcmf_sdio_firmware_callback
  
  	brcmf_dbg(TRACE, "Enter: dev=%s, err=%d\n", dev_name(dev), err);
  
@@ -153,7 +153,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.com>
  	if (err)
  		goto fail;
  
-@@ -4419,7 +4442,7 @@ brcmf_sdio_prepare_fw_request(struct brc
+@@ -4420,7 +4443,7 @@ brcmf_sdio_prepare_fw_request(struct brc
  
  	fwreq = brcmf_fw_alloc_request(bus->ci->chip, bus->ci->chiprev,
  				       brcmf_sdio_fwnames,
@@ -162,7 +162,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.com>
  				       fwnames, ARRAY_SIZE(fwnames));
  	if (!fwreq)
  		return NULL;
-@@ -4437,6 +4460,9 @@ struct brcmf_sdio *brcmf_sdio_probe(stru
+@@ -4438,6 +4461,9 @@ struct brcmf_sdio *brcmf_sdio_probe(stru
  	struct brcmf_sdio *bus;
  	struct workqueue_struct *wq;
  	struct brcmf_fw_request *fwreq;
@@ -172,7 +172,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.com>
  
  	brcmf_dbg(TRACE, "Enter\n");
  
-@@ -4519,6 +4545,21 @@ struct brcmf_sdio *brcmf_sdio_probe(stru
+@@ -4520,6 +4546,21 @@ struct brcmf_sdio *brcmf_sdio_probe(stru
  
  	brcmf_dbg(INFO, "completed!!\n");
  

package/kernel/mac80211/patches/subsys/347-wifi-ieee80211-correctly-mark-FTM-frames-non-buffera.patch

@@ -0,0 +1,134 @@
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Wed, 29 Mar 2023 16:46:26 +0200
+Subject: [PATCH] wifi: ieee80211: correctly mark FTM frames non-bufferable
+
+The checks of whether or not a frame is bufferable were not
+taking into account that some action frames aren't, such as
+FTM. Check this, which requires some changes to the function
+ieee80211_is_bufferable_mmpdu() since we need the whole skb
+for the checks now.
+
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Reviewed-by: Greenman, Gregory <gregory.greenman@intel.com>
+Reviewed-by: Peer, Ilan <ilan.peer@intel.com>
+---
+
+--- a/drivers/net/wireless/intel/iwlwifi/mvm/tx.c
++++ b/drivers/net/wireless/intel/iwlwifi/mvm/tx.c
+@@ -551,8 +551,9 @@ static void iwl_mvm_skb_prepare_status(s
+ 
+ static int iwl_mvm_get_ctrl_vif_queue(struct iwl_mvm *mvm,
+ 				      struct ieee80211_tx_info *info,
+-				      struct ieee80211_hdr *hdr)
++				      struct sk_buff *skb)
+ {
++	struct ieee80211_hdr *hdr = (void *)skb->data;
+ 	struct iwl_mvm_vif *mvmvif =
+ 		iwl_mvm_vif_from_mac80211(info->control.vif);
+ 	__le16 fc = hdr->frame_control;
+@@ -571,7 +572,7 @@ static int iwl_mvm_get_ctrl_vif_queue(st
+ 		 * reason 7 ("Class 3 frame received from nonassociated STA").
+ 		 */
+ 		if (ieee80211_is_mgmt(fc) &&
+-		    (!ieee80211_is_bufferable_mmpdu(fc) ||
++		    (!ieee80211_is_bufferable_mmpdu(skb) ||
+ 		     ieee80211_is_deauth(fc) || ieee80211_is_disassoc(fc)))
+ 			return mvm->probe_queue;
+ 
+@@ -689,7 +690,7 @@ int iwl_mvm_tx_skb_non_sta(struct iwl_mv
+ 			else
+ 				sta_id = mvmvif->mcast_sta.sta_id;
+ 
+-			queue = iwl_mvm_get_ctrl_vif_queue(mvm, &info, hdr);
++			queue = iwl_mvm_get_ctrl_vif_queue(mvm, &info, skb);
+ 		} else if (info.control.vif->type == NL80211_IFTYPE_MONITOR) {
+ 			queue = mvm->snif_queue;
+ 			sta_id = mvm->snif_sta.sta_id;
+--- a/include/linux/ieee80211.h
++++ b/include/linux/ieee80211.h
+@@ -738,20 +738,6 @@ static inline bool ieee80211_is_any_null
+ }
+ 
+ /**
+- * ieee80211_is_bufferable_mmpdu - check if frame is bufferable MMPDU
+- * @fc: frame control field in little-endian byteorder
+- */
+-static inline bool ieee80211_is_bufferable_mmpdu(__le16 fc)
+-{
+-	/* IEEE 802.11-2012, definition of "bufferable management frame";
+-	 * note that this ignores the IBSS special case. */
+-	return ieee80211_is_mgmt(fc) &&
+-	       (ieee80211_is_action(fc) ||
+-		ieee80211_is_disassoc(fc) ||
+-		ieee80211_is_deauth(fc));
+-}
+-
+-/**
+  * ieee80211_is_first_frag - check if IEEE80211_SCTL_FRAG is not set
+  * @seq_ctrl: frame sequence control bytes in little-endian byteorder
+  */
+@@ -3672,6 +3658,44 @@ static inline u8 *ieee80211_get_DA(struc
+ }
+ 
+ /**
++ * ieee80211_is_bufferable_mmpdu - check if frame is bufferable MMPDU
++ * @skb: the skb to check, starting with the 802.11 header
++ */
++static inline bool ieee80211_is_bufferable_mmpdu(struct sk_buff *skb)
++{
++	struct ieee80211_mgmt *mgmt = (void *)skb->data;
++	__le16 fc = mgmt->frame_control;
++
++	/*
++	 * IEEE 802.11 REVme D2.0 definition of bufferable MMPDU;
++	 * note that this ignores the IBSS special case.
++	 */
++	if (!ieee80211_is_mgmt(fc))
++		return false;
++
++	if (ieee80211_is_disassoc(fc) || ieee80211_is_deauth(fc))
++		return true;
++
++	if (!ieee80211_is_action(fc))
++		return false;
++
++	if (skb->len < offsetofend(typeof(*mgmt), u.action.u.ftm.action_code))
++		return true;
++
++	/* action frame - additionally check for non-bufferable FTM */
++
++	if (mgmt->u.action.category != WLAN_CATEGORY_PUBLIC &&
++	    mgmt->u.action.category != WLAN_CATEGORY_PROTECTED_DUAL_OF_ACTION)
++		return true;
++
++	if (mgmt->u.action.u.ftm.action_code == WLAN_PUB_ACTION_FTM_REQUEST ||
++	    mgmt->u.action.u.ftm.action_code == WLAN_PUB_ACTION_FTM)
++		return false;
++
++	return true;
++}
++
++/**
+  * _ieee80211_is_robust_mgmt_frame - check if frame is a robust management frame
+  * @hdr: the frame (buffer must include at least the first octet of payload)
+  */
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -487,7 +487,7 @@ ieee80211_tx_h_unicast_ps_buf(struct iee
+ 		int ac = skb_get_queue_mapping(tx->skb);
+ 
+ 		if (ieee80211_is_mgmt(hdr->frame_control) &&
+-		    !ieee80211_is_bufferable_mmpdu(hdr->frame_control)) {
++		    !ieee80211_is_bufferable_mmpdu(tx->skb)) {
+ 			info->flags |= IEEE80211_TX_CTL_NO_PS_BUFFER;
+ 			return TX_CONTINUE;
+ 		}
+@@ -1282,7 +1282,7 @@ static struct txq_info *ieee80211_get_tx
+ 	if (!(info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP) &&
+ 	    unlikely(!ieee80211_is_data_present(hdr->frame_control))) {
+ 		if ((!ieee80211_is_mgmt(hdr->frame_control) ||
+-		     ieee80211_is_bufferable_mmpdu(hdr->frame_control) ||
++		     ieee80211_is_bufferable_mmpdu(skb) ||
+ 		     vif->type == NL80211_IFTYPE_STATION) &&
+ 		    sta && sta->uploaded) {
+ 			/*

package/kernel/mac80211/patches/subsys/348-wifi-mac80211-flush-queues-on-STA-removal.patch

@@ -0,0 +1,36 @@
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Mon, 13 Mar 2023 11:42:12 +0100
+Subject: [PATCH] wifi: mac80211: flush queues on STA removal
+
+When we remove a station, we first make it unreachable,
+then we (must) remove its keys, and then remove the
+station itself. Depending on the hardware design, if
+we have hardware crypto at all, frames still sitting
+on hardware queues may then be transmitted without a
+valid key, possibly unencrypted or with a fixed key.
+
+Fix this by flushing the queues when removing stations
+so this cannot happen.
+
+Cc: stable@vger.kernel.org
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Reviewed-by: Greenman, Gregory <gregory.greenman@intel.com>
+---
+
+--- a/net/mac80211/sta_info.c
++++ b/net/mac80211/sta_info.c
+@@ -1070,6 +1070,14 @@ static void __sta_info_destroy_part2(str
+ 		WARN_ON_ONCE(ret);
+ 	}
+ 
++	/* Flush queues before removing keys, as that might remove them
++	 * from hardware, and then depending on the offload method, any
++	 * frames sitting on hardware queues might be sent out without
++	 * any encryption at all.
++	 */
++	if (local->ops->set_key)
++		ieee80211_flush_queues(local, sta->sdata, false);
++
+ 	/* now keys can no longer be reached */
+ 	ieee80211_free_sta_keys(local, sta);
+ 

package/kernel/mac80211/patches/subsys/349-wifi-iwlwifi-mvm-support-flush-on-AP-interfaces.patch

@@ -0,0 +1,34 @@
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Mon, 13 Mar 2023 12:02:58 +0100
+Subject: [PATCH] wifi: iwlwifi: mvm: support flush on AP interfaces
+
+Support TX flush on AP interfaces so that we will do a
+proper flush for frames on the queue before keys are
+removed.
+
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Reviewed-by: Greenman, Gregory <gregory.greenman@intel.com>
+---
+
+--- a/drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c
++++ b/drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c
+@@ -4817,9 +4817,6 @@ static void iwl_mvm_mac_flush(struct iee
+ 		return;
+ 	}
+ 
+-	if (vif->type != NL80211_IFTYPE_STATION)
+-		return;
+-
+ 	/* Make sure we're done with the deferred traffic before flushing */
+ 	flush_work(&mvm->add_stream_wk);
+ 
+@@ -4837,9 +4834,6 @@ static void iwl_mvm_mac_flush(struct iee
+ 		if (mvmsta->vif != vif)
+ 			continue;
+ 
+-		/* make sure only TDLS peers or the AP are flushed */
+-		WARN_ON(i != mvmvif->ap_sta_id && !sta->tdls);
+-
+ 		if (drop) {
+ 			if (iwl_mvm_flush_sta(mvm, mvmsta, false))
+ 				IWL_ERR(mvm, "flush request fail\n");

package/kernel/mac80211/patches/subsys/350-wifi-mac80211-add-flush_sta-method.patch

@@ -0,0 +1,91 @@
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Mon, 13 Mar 2023 11:53:51 +0100
+Subject: [PATCH] wifi: mac80211: add flush_sta method
+
+Some drivers like iwlwifi might have per-STA queues, so we
+may want to flush/drop just those queues rather than all
+when removing a station. Add a separate method for that.
+
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Reviewed-by: Greenman, Gregory <gregory.greenman@intel.com>
+---
+
+--- a/include/net/mac80211.h
++++ b/include/net/mac80211.h
+@@ -3688,6 +3688,10 @@ struct ieee80211_prep_tx_info {
+  *	Note that vif can be NULL.
+  *	The callback can sleep.
+  *
++ * @flush_sta: Flush or drop all pending frames from the hardware queue(s) for
++ *	the given station, as it's about to be removed.
++ *	The callback can sleep.
++ *
+  * @channel_switch: Drivers that need (or want) to offload the channel
+  *	switch operation for CSAs received from the AP may implement this
+  *	callback. They must then call ieee80211_chswitch_done() to indicate
+@@ -4116,6 +4120,8 @@ struct ieee80211_ops {
+ #endif
+ 	void (*flush)(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
+ 		      u32 queues, bool drop);
++	void (*flush_sta)(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
++			  struct ieee80211_sta *sta);
+ 	void (*channel_switch)(struct ieee80211_hw *hw,
+ 			       struct ieee80211_vif *vif,
+ 			       struct ieee80211_channel_switch *ch_switch);
+--- a/net/mac80211/driver-ops.h
++++ b/net/mac80211/driver-ops.h
+@@ -639,6 +639,21 @@ static inline void drv_flush(struct ieee
+ 	trace_drv_return_void(local);
+ }
+ 
++static inline void drv_flush_sta(struct ieee80211_local *local,
++				 struct ieee80211_sub_if_data *sdata,
++				 struct sta_info *sta)
++{
++	might_sleep();
++
++	if (sdata && !check_sdata_in_driver(sdata))
++		return;
++
++	trace_drv_flush_sta(local, sdata, &sta->sta);
++	if (local->ops->flush_sta)
++		local->ops->flush_sta(&local->hw, &sdata->vif, &sta->sta);
++	trace_drv_return_void(local);
++}
++
+ static inline void drv_channel_switch(struct ieee80211_local *local,
+ 				      struct ieee80211_sub_if_data *sdata,
+ 				      struct ieee80211_channel_switch *ch_switch)
+--- a/net/mac80211/sta_info.c
++++ b/net/mac80211/sta_info.c
+@@ -1075,8 +1075,12 @@ static void __sta_info_destroy_part2(str
+ 	 * frames sitting on hardware queues might be sent out without
+ 	 * any encryption at all.
+ 	 */
+-	if (local->ops->set_key)
+-		ieee80211_flush_queues(local, sta->sdata, false);
++	if (local->ops->set_key) {
++		if (local->ops->flush_sta)
++			drv_flush_sta(local, sta->sdata, sta);
++		else
++			ieee80211_flush_queues(local, sta->sdata, false);
++	}
+ 
+ 	/* now keys can no longer be reached */
+ 	ieee80211_free_sta_keys(local, sta);
+--- a/net/mac80211/trace.h
++++ b/net/mac80211/trace.h
+@@ -1140,6 +1140,13 @@ TRACE_EVENT(drv_flush,
+ 	)
+ );
+ 
++DEFINE_EVENT(sta_event, drv_flush_sta,
++	TP_PROTO(struct ieee80211_local *local,
++		 struct ieee80211_sub_if_data *sdata,
++		 struct ieee80211_sta *sta),
++	TP_ARGS(local, sdata, sta)
++);
++
+ TRACE_EVENT(drv_channel_switch,
+ 	TP_PROTO(struct ieee80211_local *local,
+ 		 struct ieee80211_sub_if_data *sdata,

package/kernel/mac80211/patches/subsys/351-wifi-iwlwifi-mvm-support-new-flush_sta-method.patch

@@ -0,0 +1,53 @@
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Mon, 13 Mar 2023 12:05:35 +0100
+Subject: [PATCH] wifi: iwlwifi: mvm: support new flush_sta method
+
+For iwlwifi this is simple to implement, and on newer hardware
+it's an improvement since we have per-station queues.
+
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Reviewed-by: Greenman, Gregory <gregory.greenman@intel.com>
+---
+
+--- a/drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c
++++ b/drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c
+@@ -4853,6 +4853,31 @@ static void iwl_mvm_mac_flush(struct iee
+ 		iwl_trans_wait_tx_queues_empty(mvm->trans, msk);
+ }
+ 
++static void iwl_mvm_mac_flush_sta(struct ieee80211_hw *hw,
++				  struct ieee80211_vif *vif,
++				  struct ieee80211_sta *sta)
++{
++	struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
++	int i;
++
++	mutex_lock(&mvm->mutex);
++	for (i = 0; i < mvm->fw->ucode_capa.num_stations; i++) {
++		struct iwl_mvm_sta *mvmsta;
++		struct ieee80211_sta *tmp;
++
++		tmp = rcu_dereference_protected(mvm->fw_id_to_mac_id[i],
++						lockdep_is_held(&mvm->mutex));
++		if (tmp != sta)
++			continue;
++
++		mvmsta = iwl_mvm_sta_from_mac80211(sta);
++
++		if (iwl_mvm_flush_sta(mvm, mvmsta, false))
++			IWL_ERR(mvm, "flush request fail\n");
++	}
++	mutex_unlock(&mvm->mutex);
++}
++
+ static int iwl_mvm_mac_get_survey(struct ieee80211_hw *hw, int idx,
+ 				  struct survey_info *survey)
+ {
+@@ -5366,6 +5391,7 @@ const struct ieee80211_ops iwl_mvm_hw_op
+ 	.mgd_prepare_tx = iwl_mvm_mac_mgd_prepare_tx,
+ 	.mgd_protect_tdls_discover = iwl_mvm_mac_mgd_protect_tdls_discover,
+ 	.flush = iwl_mvm_mac_flush,
++	.flush_sta = iwl_mvm_mac_flush_sta,
+ 	.sched_scan_start = iwl_mvm_mac_sched_scan_start,
+ 	.sched_scan_stop = iwl_mvm_mac_sched_scan_stop,
+ 	.set_key = iwl_mvm_mac_set_key,

package/kernel/mac80211/patches/subsys/600-mac80211-allow-vht-on-2g.patch

@@ -5,31 +5,31 @@
  	for (i = 0; i < sband->n_channels; i++) {
  		if (sband->channels[i].flags & (IEEE80211_CHAN_DISABLED |
 -						IEEE80211_CHAN_NO_80MHZ))
-+						IEEE80211_CHAN_NO_80MHZ) &&
++						IEEE80211_CHAN_NO_80MHZ) &
 +						(sband->band != NL80211_BAND_2GHZ))
  			continue;
  
  		have_80mhz = true;
 --- a/net/mac80211/util.c
 +++ b/net/mac80211/util.c
-@@ -1769,7 +1769,8 @@ static int ieee80211_build_preq_ies_band
+@@ -1925,7 +1925,8 @@ static int ieee80211_build_preq_ies_band
  	/* Check if any channel in this sband supports at least 80 MHz */
  	for (i = 0; i < sband->n_channels; i++) {
  		if (sband->channels[i].flags & (IEEE80211_CHAN_DISABLED |
 -						IEEE80211_CHAN_NO_80MHZ))
-+						IEEE80211_CHAN_NO_80MHZ) &&
++						IEEE80211_CHAN_NO_80MHZ) &
 +						(sband->band != NL80211_BAND_2GHZ))
  			continue;
  
  		have_80mhz = true;
 --- a/net/mac80211/mlme.c
 +++ b/net/mac80211/mlme.c
-@@ -4824,7 +4824,8 @@ static int ieee80211_prep_channel(struct
+@@ -5122,7 +5122,8 @@ static int ieee80211_prep_channel(struct
  	have_80mhz = false;
  	for (i = 0; i < sband->n_channels; i++) {
  		if (sband->channels[i].flags & (IEEE80211_CHAN_DISABLED |
 -						IEEE80211_CHAN_NO_80MHZ))
-+						IEEE80211_CHAN_NO_80MHZ) &&
++						IEEE80211_CHAN_NO_80MHZ) &
 +						(sband->band != NL80211_BAND_2GHZ))
  			continue;
  

package/kernel/mac80211/patches/subsys/901-wifi-mt7601u-Add-AP-mode-support.patch

@@ -0,0 +1,36 @@
+From: Chukun Pan <amadeus@jmu.edu.cn>
+To: Jakub Kicinski <kubakici@wp.pl>
+Cc: Kalle Valo <kvalo@kernel.org>,
+	"David S . Miller" <davem@davemloft.net>,
+	Eric Dumazet <edumazet@google.com>,
+	Paolo Abeni <pabeni@redhat.com>,
+	Matthias Brugger <matthias.bgg@gmail.com>,
+	Lintel Huang <lintel.huang@gmail.com>,
+	linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
+	linux-kernel@vger.kernel.org, Chukun Pan <amadeus@jmu.edu.cn>
+Subject: [PATCH] wifi: mt7601u: Add AP mode support
+Date: Tue, 26 Jul 2022 00:16:03 +0800	[thread overview]
+Message-ID: <20220725161603.15201-1-amadeus@jmu.edu.cn> (raw)
+
+Add AP mode support to mt7601u chipset.
+Simply tested it with firmware version
+201302052146 and it seems working fine.
+
+Run-tested-by: Lintel Huang <lintel.huang@gmail.com>
+Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
+---
+ drivers/net/wireless/mediatek/mt7601u/init.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/drivers/net/wireless/mediatek/mt7601u/init.c
++++ b/drivers/net/wireless/mediatek/mt7601u/init.c
+@@ -609,7 +609,8 @@ int mt7601u_register_device(struct mt760
+ 	SET_IEEE80211_PERM_ADDR(hw, dev->macaddr);
+ 
+ 	wiphy->features |= NL80211_FEATURE_ACTIVE_MONITOR;
+-	wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION);
++	wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
++				 BIT(NL80211_IFTYPE_AP);
+ 	wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
+ 
+ 	wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);

package/kernel/mac80211/patches/subsys/997-backport-API-from-v6.1.patch

@@ -0,0 +1,314 @@
+--- a/include/net/mac80211.h
++++ b/include/net/mac80211.h
+@@ -702,6 +702,8 @@ struct ieee80211_bss_conf {
+ 	u32 unsol_bcast_probe_resp_interval;
+ 	bool s1g;
+ 	struct cfg80211_bitrate_mask beacon_tx_rate;
++	
++	bool csa_active;
+ };
+ 
+ /**
+@@ -1672,6 +1674,46 @@ enum ieee80211_offload_flags {
+ };
+ 
+ /**
++ * struct ieee80211_vif_cfg - interface configuration
++ * @assoc: association status
++ * @ibss_joined: indicates whether this station is part of an IBSS or not
++ * @ibss_creator: indicates if a new IBSS network is being created
++ * @ps: power-save mode (STA only). This flag is NOT affected by
++ *	offchannel/dynamic_ps operations.
++ * @aid: association ID number, valid only when @assoc is true
++ * @arp_addr_list: List of IPv4 addresses for hardware ARP filtering. The
++ *	may filter ARP queries targeted for other addresses than listed here.
++ *	The driver must allow ARP queries targeted for all address listed here
++ *	to pass through. An empty list implies no ARP queries need to pass.
++ * @arp_addr_cnt: Number of addresses currently on the list. Note that this
++ *	may be larger than %IEEE80211_BSS_ARP_ADDR_LIST_LEN (the arp_addr_list
++ *	array size), it's up to the driver what to do in that case.
++ * @ssid: The SSID of the current vif. Valid in AP and IBSS mode.
++ * @ssid_len: Length of SSID given in @ssid.
++ * @s1g: BSS is S1G BSS (affects Association Request format).
++ * @idle: This interface is idle. There's also a global idle flag in the
++ *	hardware config which may be more appropriate depending on what
++ *	your driver/device needs to do.
++ * @ap_addr: AP MLD address, or BSSID for non-MLO connections
++ *	(station mode only)
++ */
++struct ieee80211_vif_cfg {
++	/* association related data */
++	bool assoc, ibss_joined;
++	bool ibss_creator;
++	bool ps;
++	u16 aid;
++
++	__be32 arp_addr_list[IEEE80211_BSS_ARP_ADDR_LIST_LEN];
++	int arp_addr_cnt;
++	u8 ssid[IEEE80211_MAX_SSID_LEN];
++	size_t ssid_len;
++	bool s1g;
++	bool idle;
++	u8 ap_addr[ETH_ALEN] __aligned(2);
++};
++
++/**
+  * struct ieee80211_vif - per-interface data
+  *
+  * Data in this structure is continually present for driver
+@@ -1725,6 +1767,7 @@ enum ieee80211_offload_flags {
+  */
+ struct ieee80211_vif {
+ 	enum nl80211_iftype type;
++	struct ieee80211_vif_cfg cfg;
+ 	struct ieee80211_bss_conf bss_conf;
+ 	u8 addr[ETH_ALEN] __aligned(2);
+ 	bool p2p;
+@@ -2045,6 +2088,80 @@ struct ieee80211_sta_txpwr {
+ };
+ 
+ /**
++ * struct ieee80211_sta_aggregates - info that is aggregated from active links
++ *
++ * Used for any per-link data that needs to be aggregated and updated in the
++ * main &struct ieee80211_sta when updated or the active links change.
++ *
++ * @max_amsdu_len: indicates the maximal length of an A-MSDU in bytes.
++ *	This field is always valid for packets with a VHT preamble.
++ *	For packets with a HT preamble, additional limits apply:
++ *
++ *	* If the skb is transmitted as part of a BA agreement, the
++ *	  A-MSDU maximal size is min(max_amsdu_len, 4065) bytes.
++ *	* If the skb is not part of a BA agreement, the A-MSDU maximal
++ *	  size is min(max_amsdu_len, 7935) bytes.
++ *
++ * Both additional HT limits must be enforced by the low level
++ * driver. This is defined by the spec (IEEE 802.11-2012 section
++ * 8.3.2.2 NOTE 2).
++ * @max_rc_amsdu_len: Maximum A-MSDU size in bytes recommended by rate control.
++ * @max_tid_amsdu_len: Maximum A-MSDU size in bytes for this TID
++ */
++struct ieee80211_sta_aggregates {
++	u16 max_amsdu_len;
++
++	u16 max_rc_amsdu_len;
++	u16 max_tid_amsdu_len[IEEE80211_NUM_TIDS];
++};
++
++/**
++ * struct ieee80211_link_sta - station Link specific info
++ * All link specific info for a STA link for a non MLD STA(single)
++ * or a MLD STA(multiple entries) are stored here.
++ *
++ * @sta: reference to owning STA
++ * @addr: MAC address of the Link STA. For non-MLO STA this is same as the addr
++ *	in ieee80211_sta. For MLO Link STA this addr can be same or different
++ *	from addr in ieee80211_sta (representing MLD STA addr)
++ * @link_id: the link ID for this link STA (0 for deflink)
++ * @smps_mode: current SMPS mode (off, static or dynamic)
++ * @supp_rates: Bitmap of supported rates
++ * @ht_cap: HT capabilities of this STA; restricted to our own capabilities
++ * @vht_cap: VHT capabilities of this STA; restricted to our own capabilities
++ * @he_cap: HE capabilities of this STA
++ * @he_6ghz_capa: on 6 GHz, holds the HE 6 GHz band capabilities
++ * @eht_cap: EHT capabilities of this STA
++ * @bandwidth: current bandwidth the station can receive with
++ * @rx_nss: in HT/VHT, the maximum number of spatial streams the
++ *	station can receive at the moment, changed by operating mode
++ *	notifications and capabilities. The value is only valid after
++ *	the station moves to associated state.
++ * @txpwr: the station tx power configuration
++ *
++ */
++struct ieee80211_link_sta {
++	struct ieee80211_sta *sta;
++
++	u8 addr[ETH_ALEN];
++	u8 link_id;
++	enum ieee80211_smps_mode smps_mode;
++
++	u32 supp_rates[NUM_NL80211_BANDS];
++	struct ieee80211_sta_ht_cap ht_cap;
++	struct ieee80211_sta_vht_cap vht_cap;
++	struct ieee80211_sta_he_cap he_cap;
++	struct ieee80211_he_6ghz_capa he_6ghz_capa;
++	struct ieee80211_sta_eht_cap eht_cap;
++
++	struct ieee80211_sta_aggregates agg;
++
++	u8 rx_nss;
++	enum ieee80211_sta_rx_bandwidth bandwidth;
++	struct ieee80211_sta_txpwr txpwr;
++};
++
++/**
+  * struct ieee80211_sta - station table entry
+  *
+  * A station table entry represents a station we are possibly
+@@ -2136,6 +2253,10 @@ struct ieee80211_sta {
+ 	struct ieee80211_sta_txpwr txpwr;
+ 
+ 	struct ieee80211_txq *txq[IEEE80211_NUM_TIDS + 1];
++	
++	u16 valid_links;
++	struct ieee80211_link_sta deflink;
++	struct ieee80211_link_sta __rcu *link[IEEE80211_MLD_MAX_NUM_LINKS];
+ 
+ 	/* must be last */
+ 	u8 drv_priv[] __aligned(sizeof(void *));
+--- a/include/linux/ieee80211.h
++++ b/include/linux/ieee80211.h
+@@ -1902,6 +1902,73 @@ struct ieee80211_he_mu_edca_param_ac_rec
+ } __packed;
+ 
+ /**
++ * struct ieee80211_eht_mcs_nss_supp_20mhz_only - EHT 20MHz only station max
++ * supported NSS for per MCS.
++ *
++ * For each field below, bits 0 - 3 indicate the maximal number of spatial
++ * streams for Rx, and bits 4 - 7 indicate the maximal number of spatial streams
++ * for Tx.
++ *
++ * @rx_tx_mcs7_max_nss: indicates the maximum number of spatial streams
++ *     supported for reception and the maximum number of spatial streams
++ *     supported for transmission for MCS 0 - 7.
++ * @rx_tx_mcs9_max_nss: indicates the maximum number of spatial streams
++ *     supported for reception and the maximum number of spatial streams
++ *     supported for transmission for MCS 8 - 9.
++ * @rx_tx_mcs11_max_nss: indicates the maximum number of spatial streams
++ *     supported for reception and the maximum number of spatial streams
++ *     supported for transmission for MCS 10 - 11.
++ * @rx_tx_mcs13_max_nss: indicates the maximum number of spatial streams
++ *     supported for reception and the maximum number of spatial streams
++ *     supported for transmission for MCS 12 - 13.
++ */
++struct ieee80211_eht_mcs_nss_supp_20mhz_only {
++	u8 rx_tx_mcs7_max_nss;
++	u8 rx_tx_mcs9_max_nss;
++	u8 rx_tx_mcs11_max_nss;
++	u8 rx_tx_mcs13_max_nss;
++};
++
++/**
++ * struct ieee80211_eht_mcs_nss_supp_bw - EHT max supported NSS per MCS (except
++ * 20MHz only stations).
++ *
++ * For each field below, bits 0 - 3 indicate the maximal number of spatial
++ * streams for Rx, and bits 4 - 7 indicate the maximal number of spatial streams
++ * for Tx.
++ *
++ * @rx_tx_mcs9_max_nss: indicates the maximum number of spatial streams
++ *     supported for reception and the maximum number of spatial streams
++ *     supported for transmission for MCS 0 - 9.
++ * @rx_tx_mcs11_max_nss: indicates the maximum number of spatial streams
++ *     supported for reception and the maximum number of spatial streams
++ *     supported for transmission for MCS 10 - 11.
++ * @rx_tx_mcs13_max_nss: indicates the maximum number of spatial streams
++ *     supported for reception and the maximum number of spatial streams
++ *     supported for transmission for MCS 12 - 13.
++ */
++struct ieee80211_eht_mcs_nss_supp_bw {
++	u8 rx_tx_mcs9_max_nss;
++	u8 rx_tx_mcs11_max_nss;
++	u8 rx_tx_mcs13_max_nss;
++};
++
++/**
++ * struct ieee80211_eht_cap_elem_fixed - EHT capabilities fixed data
++ *
++ * This structure is the "EHT Capabilities element" fixed fields as
++ * described in P802.11be_D2.0 section 9.4.2.313.
++ *
++ * @mac_cap_info: MAC capabilities, see IEEE80211_EHT_MAC_CAP*
++ * @phy_cap_info: PHY capabilities, see IEEE80211_EHT_PHY_CAP*
++ */
++struct ieee80211_eht_cap_elem_fixed {
++	u8 mac_cap_info[2];
++	u8 phy_cap_info[9];
++} __packed;
++
++
++/**
+  * struct ieee80211_mu_edca_param_set - MU EDCA Parameter Set element
+  *
+  * This structure is the "MU EDCA Parameter Set element" fields as
+@@ -2214,6 +2281,12 @@ int ieee80211_get_vht_max_nss(struct iee
+ #define IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_16US			0x80
+ #define IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_RESERVED		0xc0
+ #define IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_MASK			0xc0
++#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_0US			0x0
++#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_8US			0x1
++#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_16US			0x2
++#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_RESERVED		0x3
++#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_POS			6
++#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_MASK			0xc0
+ 
+ #define IEEE80211_HE_PHY_CAP10_HE_MU_M1RU_MAX_LTF			0x01
+ 
+@@ -4006,4 +4079,7 @@ enum ieee80211_range_params_max_total_lt
+ 	IEEE80211_RANGE_PARAMS_MAX_TOTAL_LTF_UNSPECIFIED,
+ };
+ 
++/* multi-link device */
++#define IEEE80211_MLD_MAX_NUM_LINKS	15
++
+ #endif /* LINUX_IEEE80211_H */
+--- a/include/net/cfg80211.h
++++ b/include/net/cfg80211.h
+@@ -348,6 +348,31 @@ struct ieee80211_sta_vht_cap {
+ #define IEEE80211_HE_PPE_THRES_MAX_LEN		25
+ 
+ /**
++ * struct ieee80211_eht_mcs_nss_supp - EHT max supported NSS per MCS
++ *
++ * See P802.11be_D1.3 Table 9-401k - "Subfields of the Supported EHT-MCS
++ * and NSS Set field"
++ *
++ * @only_20mhz: MCS/NSS support for 20 MHz-only STA.
++ * @bw: MCS/NSS support for 80, 160 and 320 MHz
++ * @bw._80: MCS/NSS support for BW <= 80 MHz
++ * @bw._160: MCS/NSS support for BW = 160 MHz
++ * @bw._320: MCS/NSS support for BW = 320 MHz
++ */
++struct ieee80211_eht_mcs_nss_supp {
++	union {
++		struct ieee80211_eht_mcs_nss_supp_20mhz_only only_20mhz;
++		struct {
++			struct ieee80211_eht_mcs_nss_supp_bw _80;
++			struct ieee80211_eht_mcs_nss_supp_bw _160;
++			struct ieee80211_eht_mcs_nss_supp_bw _320;
++		} __packed bw;
++	} __packed;
++} __packed;
++
++#define IEEE80211_EHT_PPE_THRES_MAX_LEN		32
++
++/**
+  * struct ieee80211_sta_he_cap - STA's HE capabilities
+  *
+  * This structure describes most essential parameters needed
+@@ -366,6 +391,24 @@ struct ieee80211_sta_he_cap {
+ };
+ 
+ /**
++ * struct ieee80211_sta_eht_cap - STA's EHT capabilities
++ *
++ * This structure describes most essential parameters needed
++ * to describe 802.11be EHT capabilities for a STA.
++ *
++ * @has_eht: true iff EHT data is valid.
++ * @eht_cap_elem: Fixed portion of the eht capabilities element.
++ * @eht_mcs_nss_supp: The supported NSS/MCS combinations.
++ * @eht_ppe_thres: Holds the PPE Thresholds data.
++ */
++struct ieee80211_sta_eht_cap {
++	bool has_eht;
++	struct ieee80211_eht_cap_elem_fixed eht_cap_elem;
++	struct ieee80211_eht_mcs_nss_supp eht_mcs_nss_supp;
++	u8 eht_ppe_thres[IEEE80211_EHT_PPE_THRES_MAX_LEN];
++};
++
++/**
+  * struct ieee80211_sband_iftype_data - sband data per interface type
+  *
+  * This structure encapsulates sband data that is relevant for the

package/kernel/mt76/Makefile

@@ -1,16 +1,16 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mt76
-PKG_RELEASE=4
+PKG_RELEASE=5
 
 PKG_LICENSE:=GPLv2
 PKG_LICENSE_FILES:=
 
 PKG_SOURCE_URL:=https://github.com/openwrt/mt76
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2022-11-12
-PKG_SOURCE_VERSION:=4bf2607362fc64fc4cb7d662feb736b7536c0811
-PKG_MIRROR_HASH:=fd4291ac89e14750073cc8c345772883d756bf32cf19fc7205fa344b5b3b91d0
+PKG_SOURCE_DATE:=2022-12-22
+PKG_SOURCE_VERSION:=5b509e80384ab019ac11aa90c81ec0dbb5b0d7f2
+PKG_MIRROR_HASH:=6fc25df4d28becd010ff4971b23731c08b53e69381a9e4c868091899712f78a9
 
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 PKG_USE_NINJA:=0
@@ -221,16 +221,21 @@ endef
 define KernelPackage/mt7915e
   $(KernelPackage/mt76-default)
   TITLE:=MediaTek MT7915e wireless driver
-  DEPENDS+=@PCI_SUPPORT +kmod-mt7615-common +kmod-hwmon-core +kmod-thermal +@DRIVER_11AX_SUPPORT +@KERNEL_RELAY
+  DEPENDS+=@PCI_SUPPORT +kmod-mt76-connac +kmod-hwmon-core +kmod-thermal +@DRIVER_11AX_SUPPORT +@KERNEL_RELAY
   FILES:= $(PKG_BUILD_DIR)/mt7915/mt7915e.ko
   AUTOLOAD:=$(call AutoProbe,mt7915e)
 endef
 
+define KernelPackage/mt7921-firmware
+  $(KernelPackage/mt76-default)
+  TITLE:=MediaTek MT7921 firmware
+endef
+
 define KernelPackage/mt7921-common
   $(KernelPackage/mt76-default)
   TITLE:=MediaTek MT7615 wireless driver common code
   HIDDEN:=1
-  DEPENDS+=+kmod-mt76-connac +@DRIVER_11AX_SUPPORT
+  DEPENDS+=+kmod-mt76-connac +kmod-mt7921-firmware +@DRIVER_11AX_SUPPORT
   FILES:= $(PKG_BUILD_DIR)/mt7921/mt7921-common.ko
 endef
 
@@ -450,7 +455,7 @@ define KernelPackage/mt7915e/install
 		$(1)/lib/firmware/mediatek
 endef
 
-define KernelPackage/mt7921e/install
+define KernelPackage/mt7921-firmware/install
 	$(INSTALL_DIR) $(1)/lib/firmware/mediatek
 	cp \
 		$(PKG_BUILD_DIR)/firmware/WIFI_MT7961_patch_mcu_1_2_hdr.bin \
@@ -485,6 +490,7 @@ $(eval $(call KernelPackage,mt7663-usb-sdio))
 $(eval $(call KernelPackage,mt7663u))
 $(eval $(call KernelPackage,mt7663s))
 $(eval $(call KernelPackage,mt7915e))
+$(eval $(call KernelPackage,mt7921-firmware))
 $(eval $(call KernelPackage,mt7921-common))
 $(eval $(call KernelPackage,mt7921u))
 $(eval $(call KernelPackage,mt7921s))

package/kernel/mt76/patches/002-Revert-wifi-mt76-mt7921-introduce-chanctx-support.patch

@@ -0,0 +1,296 @@
+From dab03e40b8c614d18dfeec054767275de25ff8ab Mon Sep 17 00:00:00 2001
+From: coolsnowwolf <coolsnowwolf@gmail.com>
+Date: Tue, 20 Dec 2022 23:01:27 +0800
+Subject: [PATCH 2/2] Revert "wifi: mt76: mt7921: introduce chanctx support"
+
+This reverts commit 2575de3aea332837a0784629b11146efa1c55e58.
+---
+ mt7921/init.c   |  33 +++-----------
+ mt7921/mac.c    |   8 ++++
+ mt7921/main.c   | 111 ++----------------------------------------------
+ mt7921/mt7921.h |   1 -
+ mt7921/pci.c    |   7 ---
+ mt7921/sdio.c   |   7 ---
+ mt7921/usb.c    |   7 ---
+ 7 files changed, 17 insertions(+), 157 deletions(-)
+
+--- a/mt7921/init.c
++++ b/mt7921/init.c
+@@ -26,27 +26,6 @@ static const struct ieee80211_iface_comb
+ 		.max_interfaces = MT7921_MAX_INTERFACES,
+ 		.num_different_channels = 1,
+ 		.beacon_int_infra_match = true,
+-	},
+-};
+-
+-static const struct ieee80211_iface_limit if_limits_chanctx[] = {
+-	{
+-		.max = 2,
+-		.types = BIT(NL80211_IFTYPE_STATION),
+-	},
+-	{
+-		.max = 1,
+-		.types = BIT(NL80211_IFTYPE_AP),
+-	}
+-};
+-
+-static const struct ieee80211_iface_combination if_comb_chanctx[] = {
+-	{
+-		.limits = if_limits_chanctx,
+-		.n_limits = ARRAY_SIZE(if_limits_chanctx),
+-		.max_interfaces = 2,
+-		.num_different_channels = 2,
+-		.beacon_int_infra_match = false,
+ 	}
+ };
+ 
+@@ -88,19 +67,17 @@ mt7921_init_wiphy(struct ieee80211_hw *h
+ 	hw->sta_data_size = sizeof(struct mt7921_sta);
+ 	hw->vif_data_size = sizeof(struct mt7921_vif);
+ 
+-	if (dev->fw_features & MT7921_FW_CAP_CNM) {
++	if (dev->fw_features & MT7921_FW_CAP_CNM)
+ 		wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
+-		wiphy->iface_combinations = if_comb_chanctx;
+-		wiphy->n_iface_combinations = ARRAY_SIZE(if_comb_chanctx);
+-	} else {
++	else
+ 		wiphy->flags &= ~WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
+-		wiphy->iface_combinations = if_comb;
+-		wiphy->n_iface_combinations = ARRAY_SIZE(if_comb);
+-	}
++
++	wiphy->iface_combinations = if_comb;
+ 	wiphy->flags &= ~(WIPHY_FLAG_IBSS_RSN | WIPHY_FLAG_4ADDR_AP |
+ 			  WIPHY_FLAG_4ADDR_STATION);
+ 	wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
+ 				 BIT(NL80211_IFTYPE_AP);
++	wiphy->n_iface_combinations = ARRAY_SIZE(if_comb);
+ 	wiphy->max_remain_on_channel_duration = 5000;
+ 	wiphy->max_scan_ie_len = MT76_CONNAC_SCAN_IE_LEN;
+ 	wiphy->max_scan_ssids = 4;
+--- a/mt7921/mac.c
++++ b/mt7921/mac.c
+@@ -168,6 +168,14 @@ static void
+ mt7921_get_status_freq_info(struct mt7921_dev *dev, struct mt76_phy *mphy,
+ 			    struct mt76_rx_status *status, u8 chfreq)
+ {
++	if (!test_bit(MT76_HW_SCANNING, &mphy->state) &&
++	    !test_bit(MT76_HW_SCHED_SCANNING, &mphy->state) &&
++	    !test_bit(MT76_STATE_ROC, &mphy->state)) {
++		status->freq = mphy->chandef.chan->center_freq;
++		status->band = mphy->chandef.chan->band;
++		return;
++	}
++
+ 	if (chfreq > 180) {
+ 		status->band = NL80211_BAND_6GHZ;
+ 		chfreq = (chfreq - 181) * 4 + 1;
+--- a/mt7921/main.c
++++ b/mt7921/main.c
+@@ -851,7 +851,7 @@ void mt7921_mac_sta_assoc(struct mt76_de
+ 
+ 	if (vif->type == NL80211_IFTYPE_STATION && !sta->tdls)
+ 		mt76_connac_mcu_uni_add_bss(&dev->mphy, vif, &mvif->sta.wcid,
+-					    true, mvif->ctx);
++					    true, NULL);
+ 
+ 	mt7921_mac_wtbl_update(dev, msta->wcid.idx,
+ 			       MT_WTBL_UPDATE_ADM_COUNT_CLEAR);
+@@ -884,7 +884,7 @@ void mt7921_mac_sta_remove(struct mt76_d
+ 		if (!sta->tdls)
+ 			mt76_connac_mcu_uni_add_bss(&dev->mphy, vif,
+ 						    &mvif->sta.wcid, false,
+-						    mvif->ctx);
++						    NULL);
+ 	}
+ 
+ 	spin_lock_bh(&dev->sta_poll_lock);
+@@ -1644,7 +1644,7 @@ mt7921_start_ap(struct ieee80211_hw *hw,
+ 	mt7921_mutex_acquire(dev);
+ 
+ 	err = mt76_connac_mcu_uni_add_bss(phy->mt76, vif, &mvif->sta.wcid,
+-					  true, mvif->ctx);
++					  true, NULL);
+ 	if (err)
+ 		goto out;
+ 
+@@ -1676,105 +1676,12 @@ mt7921_stop_ap(struct ieee80211_hw *hw,
+ 		goto out;
+ 
+ 	mt76_connac_mcu_uni_add_bss(phy->mt76, vif, &mvif->sta.wcid, false,
+-				    mvif->ctx);
++				    NULL);
+ 
+ out:
+ 	mt7921_mutex_release(dev);
+ }
+ 
+-static int
+-mt7921_add_chanctx(struct ieee80211_hw *hw,
+-		   struct ieee80211_chanctx_conf *ctx)
+-{
+-	return 0;
+-}
+-
+-static void
+-mt7921_remove_chanctx(struct ieee80211_hw *hw,
+-		      struct ieee80211_chanctx_conf *ctx)
+-{
+-}
+-
+-static void mt7921_ctx_iter(void *priv, u8 *mac,
+-			    struct ieee80211_vif *vif)
+-{
+-	struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
+-	struct ieee80211_chanctx_conf *ctx = priv;
+-
+-	if (ctx != mvif->ctx)
+-		return;
+-
+-	mt76_connac_mcu_uni_set_chctx(mvif->phy->mt76, &mvif->mt76, ctx);
+-}
+-
+-static void
+-mt7921_change_chanctx(struct ieee80211_hw *hw,
+-		      struct ieee80211_chanctx_conf *ctx,
+-		      u32 changed)
+-{
+-	struct mt7921_phy *phy = mt7921_hw_phy(hw);
+-
+-	mt7921_mutex_acquire(phy->dev);
+-	ieee80211_iterate_active_interfaces(phy->mt76->hw,
+-					    IEEE80211_IFACE_ITER_ACTIVE,
+-					    mt7921_ctx_iter, ctx);
+-	mt7921_mutex_release(phy->dev);
+-}
+-
+-static int
+-mt7921_assign_vif_chanctx(struct ieee80211_hw *hw,
+-			  struct ieee80211_vif *vif,
+-			  struct ieee80211_bss_conf *link_conf,
+-			  struct ieee80211_chanctx_conf *ctx)
+-{
+-	struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
+-	struct mt7921_dev *dev = mt7921_hw_dev(hw);
+-
+-	mutex_lock(&dev->mt76.mutex);
+-	mvif->ctx = ctx;
+-	mutex_unlock(&dev->mt76.mutex);
+-
+-	return 0;
+-}
+-
+-static void
+-mt7921_unassign_vif_chanctx(struct ieee80211_hw *hw,
+-			    struct ieee80211_vif *vif,
+-			    struct ieee80211_bss_conf *link_conf,
+-			    struct ieee80211_chanctx_conf *ctx)
+-{
+-	struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
+-	struct mt7921_dev *dev = mt7921_hw_dev(hw);
+-
+-	mutex_lock(&dev->mt76.mutex);
+-	mvif->ctx = NULL;
+-	mutex_unlock(&dev->mt76.mutex);
+-}
+-
+-static void mt7921_mgd_prepare_tx(struct ieee80211_hw *hw,
+-				  struct ieee80211_vif *vif,
+-				  struct ieee80211_prep_tx_info *info)
+-{
+-	struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
+-	struct mt7921_dev *dev = mt7921_hw_dev(hw);
+-	u16 duration = info->duration ? info->duration :
+-		       jiffies_to_msecs(HZ);
+-
+-	mt7921_mutex_acquire(dev);
+-	mt7921_set_roc(mvif->phy, mvif, mvif->ctx->def.chan, duration,
+-		       MT7921_ROC_REQ_JOIN);
+-	mt7921_mutex_release(dev);
+-}
+-
+-static void mt7921_mgd_complete_tx(struct ieee80211_hw *hw,
+-				   struct ieee80211_vif *vif,
+-				   struct ieee80211_prep_tx_info *info)
+-{
+-	struct mt7921_vif *mvif = (struct mt7921_vif *)vif->drv_priv;
+-
+-	mt7921_abort_roc(mvif->phy, mvif);
+-}
+-
+ const struct ieee80211_ops mt7921_ops = {
+ 	.tx = mt7921_tx,
+ 	.start = mt7921_start,
+@@ -1827,13 +1734,6 @@ const struct ieee80211_ops mt7921_ops =
+ 	.set_sar_specs = mt7921_set_sar_specs,
+ 	.remain_on_channel = mt7921_remain_on_channel,
+ 	.cancel_remain_on_channel = mt7921_cancel_remain_on_channel,
+-	.add_chanctx = mt7921_add_chanctx,
+-	.remove_chanctx = mt7921_remove_chanctx,
+-	.change_chanctx = mt7921_change_chanctx,
+-	.assign_vif_chanctx = mt7921_assign_vif_chanctx,
+-	.unassign_vif_chanctx = mt7921_unassign_vif_chanctx,
+-	.mgd_prepare_tx = mt7921_mgd_prepare_tx,
+-	.mgd_complete_tx = mt7921_mgd_complete_tx,
+ };
+ EXPORT_SYMBOL_GPL(mt7921_ops);
+ 
+--- a/mt7921/mt7921.h
++++ b/mt7921/mt7921.h
+@@ -171,7 +171,6 @@ struct mt7921_vif {
+ 	struct ewma_rssi rssi;
+ 
+ 	struct ieee80211_tx_queue_params queue_params[IEEE80211_NUM_ACS];
+-	struct ieee80211_chanctx_conf *ctx;
+ };
+ 
+ struct mib_stats {
+--- a/mt7921/pci.c
++++ b/mt7921/pci.c
+@@ -297,13 +297,6 @@ static int mt7921_pci_probe(struct pci_d
+ 	if (!(features & MT7921_FW_CAP_CNM)) {
+ 		ops->remain_on_channel = NULL;
+ 		ops->cancel_remain_on_channel = NULL;
+-		ops->add_chanctx = NULL;
+-		ops->remove_chanctx = NULL;
+-		ops->change_chanctx = NULL;
+-		ops->assign_vif_chanctx = NULL;
+-		ops->unassign_vif_chanctx = NULL;
+-		ops->mgd_prepare_tx = NULL;
+-		ops->mgd_complete_tx = NULL;
+ 	}
+ 
+ 	mdev = mt76_alloc_device(&pdev->dev, sizeof(*dev), ops, &drv_ops);
+--- a/mt7921/sdio.c
++++ b/mt7921/sdio.c
+@@ -140,13 +140,6 @@ static int mt7921s_probe(struct sdio_fun
+ 	if (!(features & MT7921_FW_CAP_CNM)) {
+ 		ops->remain_on_channel = NULL;
+ 		ops->cancel_remain_on_channel = NULL;
+-		ops->add_chanctx = NULL;
+-		ops->remove_chanctx = NULL;
+-		ops->change_chanctx = NULL;
+-		ops->assign_vif_chanctx = NULL;
+-		ops->unassign_vif_chanctx = NULL;
+-		ops->mgd_prepare_tx = NULL;
+-		ops->mgd_complete_tx = NULL;
+ 	}
+ 
+ 	mdev = mt76_alloc_device(&func->dev, sizeof(*dev), ops, &drv_ops);
+--- a/mt7921/usb.c
++++ b/mt7921/usb.c
+@@ -218,13 +218,6 @@ static int mt7921u_probe(struct usb_inte
+ 	if (!(features & MT7921_FW_CAP_CNM)) {
+ 		ops->remain_on_channel = NULL;
+ 		ops->cancel_remain_on_channel = NULL;
+-		ops->add_chanctx = NULL;
+-		ops->remove_chanctx = NULL;
+-		ops->change_chanctx = NULL;
+-		ops->assign_vif_chanctx = NULL;
+-		ops->unassign_vif_chanctx = NULL;
+-		ops->mgd_prepare_tx = NULL;
+-		ops->mgd_complete_tx = NULL;
+ 	}
+ 
+ 	ops->stop = mt7921u_stop;

package/kernel/mt76/patches/010-mt76-allow-VHT-rate-on-2.4GHz.patch

@@ -1,4 +1,4 @@
-From fcddb155b538beb0ca7614260a1323d64bfc656a Mon Sep 17 00:00:00 2001
+From 62468f0b5a72e506915cf50176b701626767e353 Mon Sep 17 00:00:00 2001
 From: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
 Date: Mon, 23 Nov 2020 10:46:37 +0800
 Subject: [PATCH] mt76: allow VHT rate on 2.4GHz
@@ -7,13 +7,12 @@ Allow chips that support 11ac to use 256QAM on 2.4GHz
 
 Signed-off-by: DENG Qingfang <dqfext@gmail.com>
 ---
- mac80211.c    | 10 +++++-----
- mt7615/init.c |  2 ++
- 2 files changed, 7 insertions(+), 5 deletions(-)
+ mac80211.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
 
 --- a/mac80211.c
 +++ b/mac80211.c
-@@ -275,7 +275,7 @@ static void mt76_init_stream_cap(struct
+@@ -281,7 +281,7 @@ static void mt76_init_stream_cap(struct
  void mt76_set_stream_caps(struct mt76_phy *phy, bool vht)
  {
  	if (phy->cap.has_2ghz)
@@ -22,7 +21,7 @@ Signed-off-by: DENG Qingfang <dqfext@gmail.com>
  	if (phy->cap.has_5ghz)
  		mt76_init_stream_cap(phy, &phy->sband_5g.sband, vht);
  	if (phy->cap.has_6ghz)
-@@ -342,13 +342,13 @@ mt76_init_sband(struct mt76_phy *phy, st
+@@ -348,13 +348,13 @@ mt76_init_sband(struct mt76_phy *phy, st
  
  static int
  mt76_init_sband_2g(struct mt76_phy *phy, struct ieee80211_rate *rates,
@@ -38,7 +37,7 @@ Signed-off-by: DENG Qingfang <dqfext@gmail.com>
  }
  
  static int
-@@ -496,7 +496,7 @@ int mt76_register_phy(struct mt76_phy *p
+@@ -506,7 +506,7 @@ int mt76_register_phy(struct mt76_phy *p
  		return ret;
  
  	if (phy->cap.has_2ghz) {
@@ -47,7 +46,7 @@ Signed-off-by: DENG Qingfang <dqfext@gmail.com>
  		if (ret)
  			return ret;
  	}
-@@ -621,7 +621,7 @@ int mt76_register_device(struct mt76_dev
+@@ -644,7 +644,7 @@ int mt76_register_device(struct mt76_dev
  		return ret;
  
  	if (phy->cap.has_2ghz) {
@@ -56,14 +55,3 @@ Signed-off-by: DENG Qingfang <dqfext@gmail.com>
  		if (ret)
  			return ret;
  	}
---- a/mt7615/init.c
-+++ b/mt7615/init.c
-@@ -409,6 +409,8 @@ mt7615_init_wiphy(struct ieee80211_hw *h
- 		hw->max_tx_fragments = MT_HW_TXP_MAX_BUF_NUM;
- 
- 	phy->mt76->sband_2g.sband.ht_cap.cap |= IEEE80211_HT_CAP_LDPC_CODING;
-+	phy->mt76->sband_2g.sband.vht_cap.cap |=
-+			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK;
- 	phy->mt76->sband_5g.sband.ht_cap.cap |= IEEE80211_HT_CAP_LDPC_CODING;
- 	phy->mt76->sband_5g.sband.vht_cap.cap |=
- 			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK;

package/kernel/mt76/patches/110-api_update.patch

@@ -0,0 +1,11 @@
+--- a/tx.c
++++ b/tx.c
+@@ -325,7 +325,7 @@ mt76_tx(struct mt76_phy *phy, struct iee
+ 	if ((dev->drv->drv_flags & MT_DRV_HW_MGMT_TXQ) &&
+ 	    !(info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP) &&
+ 	    !ieee80211_is_data(hdr->frame_control) &&
+-	    !ieee80211_is_bufferable_mmpdu(hdr->frame_control)) {
++	    !ieee80211_is_bufferable_mmpdu(skb)) {
+ 		qid = MT_TXQ_PSD;
+ 	}
+ 

package/kernel/mt76/patches/120-wifi-mt76-ignore-key-disable-commands.patch

@@ -0,0 +1,301 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Wed, 22 Mar 2023 10:17:49 +0100
+Subject: [PATCH] wifi: mt76: ignore key disable commands
+
+This helps avoid cleartext leakage of already queued or powersave buffered
+packets, when a reassoc triggers the key deletion.
+
+Cc: stable@vger.kernel.org
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/mt7603/main.c
++++ b/mt7603/main.c
+@@ -512,15 +512,15 @@ mt7603_set_key(struct ieee80211_hw *hw,
+ 	    !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
+ 		return -EOPNOTSUPP;
+ 
+-	if (cmd == SET_KEY) {
+-		key->hw_key_idx = wcid->idx;
+-		wcid->hw_key_idx = idx;
+-	} else {
++	if (cmd != SET_KEY) {
+ 		if (idx == wcid->hw_key_idx)
+ 			wcid->hw_key_idx = -1;
+ 
+-		key = NULL;
++		return 0;
+ 	}
++
++	key->hw_key_idx = wcid->idx;
++	wcid->hw_key_idx = idx;
+ 	mt76_wcid_key_setup(&dev->mt76, wcid, key);
+ 
+ 	return mt7603_wtbl_set_key(dev, wcid->idx, key);
+--- a/mt7615/mac.c
++++ b/mt7615/mac.c
+@@ -1193,8 +1193,7 @@ EXPORT_SYMBOL_GPL(mt7615_mac_enable_rtsc
+ static int
+ mt7615_mac_wtbl_update_key(struct mt7615_dev *dev, struct mt76_wcid *wcid,
+ 			   struct ieee80211_key_conf *key,
+-			   enum mt76_cipher_type cipher, u16 cipher_mask,
+-			   enum set_key_cmd cmd)
++			   enum mt76_cipher_type cipher, u16 cipher_mask)
+ {
+ 	u32 addr = mt7615_mac_wtbl_addr(dev, wcid->idx) + 30 * 4;
+ 	u8 data[32] = {};
+@@ -1203,27 +1202,18 @@ mt7615_mac_wtbl_update_key(struct mt7615
+ 		return -EINVAL;
+ 
+ 	mt76_rr_copy(dev, addr, data, sizeof(data));
+-	if (cmd == SET_KEY) {
+-		if (cipher == MT_CIPHER_TKIP) {
+-			/* Rx/Tx MIC keys are swapped */
+-			memcpy(data, key->key, 16);
+-			memcpy(data + 16, key->key + 24, 8);
+-			memcpy(data + 24, key->key + 16, 8);
+-		} else {
+-			if (cipher_mask == BIT(cipher))
+-				memcpy(data, key->key, key->keylen);
+-			else if (cipher != MT_CIPHER_BIP_CMAC_128)
+-				memcpy(data, key->key, 16);
+-			if (cipher == MT_CIPHER_BIP_CMAC_128)
+-				memcpy(data + 16, key->key, 16);
+-		}
++	if (cipher == MT_CIPHER_TKIP) {
++		/* Rx/Tx MIC keys are swapped */
++		memcpy(data, key->key, 16);
++		memcpy(data + 16, key->key + 24, 8);
++		memcpy(data + 24, key->key + 16, 8);
+ 	} else {
++		if (cipher_mask == BIT(cipher))
++			memcpy(data, key->key, key->keylen);
++		else if (cipher != MT_CIPHER_BIP_CMAC_128)
++			memcpy(data, key->key, 16);
+ 		if (cipher == MT_CIPHER_BIP_CMAC_128)
+-			memset(data + 16, 0, 16);
+-		else if (cipher_mask)
+-			memset(data, 0, 16);
+-		if (!cipher_mask)
+-			memset(data, 0, sizeof(data));
++			memcpy(data + 16, key->key, 16);
+ 	}
+ 
+ 	mt76_wr_copy(dev, addr, data, sizeof(data));
+@@ -1234,7 +1224,7 @@ mt7615_mac_wtbl_update_key(struct mt7615
+ static int
+ mt7615_mac_wtbl_update_pk(struct mt7615_dev *dev, struct mt76_wcid *wcid,
+ 			  enum mt76_cipher_type cipher, u16 cipher_mask,
+-			  int keyidx, enum set_key_cmd cmd)
++			  int keyidx)
+ {
+ 	u32 addr = mt7615_mac_wtbl_addr(dev, wcid->idx), w0, w1;
+ 
+@@ -1253,9 +1243,7 @@ mt7615_mac_wtbl_update_pk(struct mt7615_
+ 	else
+ 		w0 &= ~MT_WTBL_W0_RX_IK_VALID;
+ 
+-	if (cmd == SET_KEY &&
+-	    (cipher != MT_CIPHER_BIP_CMAC_128 ||
+-	     cipher_mask == BIT(cipher))) {
++	if (cipher != MT_CIPHER_BIP_CMAC_128 || cipher_mask == BIT(cipher)) {
+ 		w0 &= ~MT_WTBL_W0_KEY_IDX;
+ 		w0 |= FIELD_PREP(MT_WTBL_W0_KEY_IDX, keyidx);
+ 	}
+@@ -1272,19 +1260,10 @@ mt7615_mac_wtbl_update_pk(struct mt7615_
+ 
+ static void
+ mt7615_mac_wtbl_update_cipher(struct mt7615_dev *dev, struct mt76_wcid *wcid,
+-			      enum mt76_cipher_type cipher, u16 cipher_mask,
+-			      enum set_key_cmd cmd)
++			      enum mt76_cipher_type cipher, u16 cipher_mask)
+ {
+ 	u32 addr = mt7615_mac_wtbl_addr(dev, wcid->idx);
+ 
+-	if (!cipher_mask) {
+-		mt76_clear(dev, addr + 2 * 4, MT_WTBL_W2_KEY_TYPE);
+-		return;
+-	}
+-
+-	if (cmd != SET_KEY)
+-		return;
+-
+ 	if (cipher == MT_CIPHER_BIP_CMAC_128 &&
+ 	    cipher_mask & ~BIT(MT_CIPHER_BIP_CMAC_128))
+ 		return;
+@@ -1295,8 +1274,7 @@ mt7615_mac_wtbl_update_cipher(struct mt7
+ 
+ int __mt7615_mac_wtbl_set_key(struct mt7615_dev *dev,
+ 			      struct mt76_wcid *wcid,
+-			      struct ieee80211_key_conf *key,
+-			      enum set_key_cmd cmd)
++			      struct ieee80211_key_conf *key)
+ {
+ 	enum mt76_cipher_type cipher;
+ 	u16 cipher_mask = wcid->cipher;
+@@ -1306,19 +1284,14 @@ int __mt7615_mac_wtbl_set_key(struct mt7
+ 	if (cipher == MT_CIPHER_NONE)
+ 		return -EOPNOTSUPP;
+ 
+-	if (cmd == SET_KEY)
+-		cipher_mask |= BIT(cipher);
+-	else
+-		cipher_mask &= ~BIT(cipher);
+-
+-	mt7615_mac_wtbl_update_cipher(dev, wcid, cipher, cipher_mask, cmd);
+-	err = mt7615_mac_wtbl_update_key(dev, wcid, key, cipher, cipher_mask,
+-					 cmd);
++	cipher_mask |= BIT(cipher);
++	mt7615_mac_wtbl_update_cipher(dev, wcid, cipher, cipher_mask);
++	err = mt7615_mac_wtbl_update_key(dev, wcid, key, cipher, cipher_mask);
+ 	if (err < 0)
+ 		return err;
+ 
+ 	err = mt7615_mac_wtbl_update_pk(dev, wcid, cipher, cipher_mask,
+-					key->keyidx, cmd);
++					key->keyidx);
+ 	if (err < 0)
+ 		return err;
+ 
+@@ -1329,13 +1302,12 @@ int __mt7615_mac_wtbl_set_key(struct mt7
+ 
+ int mt7615_mac_wtbl_set_key(struct mt7615_dev *dev,
+ 			    struct mt76_wcid *wcid,
+-			    struct ieee80211_key_conf *key,
+-			    enum set_key_cmd cmd)
++			    struct ieee80211_key_conf *key)
+ {
+ 	int err;
+ 
+ 	spin_lock_bh(&dev->mt76.lock);
+-	err = __mt7615_mac_wtbl_set_key(dev, wcid, key, cmd);
++	err = __mt7615_mac_wtbl_set_key(dev, wcid, key);
+ 	spin_unlock_bh(&dev->mt76.lock);
+ 
+ 	return err;
+--- a/mt7615/main.c
++++ b/mt7615/main.c
+@@ -391,18 +391,17 @@ static int mt7615_set_key(struct ieee802
+ 
+ 	if (cmd == SET_KEY)
+ 		*wcid_keyidx = idx;
+-	else if (idx == *wcid_keyidx)
+-		*wcid_keyidx = -1;
+-	else
++	else {
++		if (idx == *wcid_keyidx)
++			*wcid_keyidx = -1;
+ 		goto out;
++	}
+ 
+-	mt76_wcid_key_setup(&dev->mt76, wcid,
+-			    cmd == SET_KEY ? key : NULL);
+-
++	mt76_wcid_key_setup(&dev->mt76, wcid, key);
+ 	if (mt76_is_mmio(&dev->mt76))
+-		err = mt7615_mac_wtbl_set_key(dev, wcid, key, cmd);
++		err = mt7615_mac_wtbl_set_key(dev, wcid, key);
+ 	else
+-		err = __mt7615_mac_wtbl_set_key(dev, wcid, key, cmd);
++		err = __mt7615_mac_wtbl_set_key(dev, wcid, key);
+ 
+ out:
+ 	mt7615_mutex_release(dev);
+--- a/mt7615/mt7615.h
++++ b/mt7615/mt7615.h
+@@ -491,11 +491,9 @@ int mt7615_mac_write_txwi(struct mt7615_
+ void mt7615_mac_set_timing(struct mt7615_phy *phy);
+ int __mt7615_mac_wtbl_set_key(struct mt7615_dev *dev,
+ 			      struct mt76_wcid *wcid,
+-			      struct ieee80211_key_conf *key,
+-			      enum set_key_cmd cmd);
++			      struct ieee80211_key_conf *key);
+ int mt7615_mac_wtbl_set_key(struct mt7615_dev *dev, struct mt76_wcid *wcid,
+-			    struct ieee80211_key_conf *key,
+-			    enum set_key_cmd cmd);
++			    struct ieee80211_key_conf *key);
+ void mt7615_mac_reset_work(struct work_struct *work);
+ u32 mt7615_mac_get_sta_tid_sn(struct mt7615_dev *dev, int wcid, u8 tid);
+ 
+--- a/mt76x02_util.c
++++ b/mt76x02_util.c
+@@ -454,20 +454,20 @@ int mt76x02_set_key(struct ieee80211_hw
+ 	msta = sta ? (struct mt76x02_sta *)sta->drv_priv : NULL;
+ 	wcid = msta ? &msta->wcid : &mvif->group_wcid;
+ 
+-	if (cmd == SET_KEY) {
+-		key->hw_key_idx = wcid->idx;
+-		wcid->hw_key_idx = idx;
+-		if (key->flags & IEEE80211_KEY_FLAG_RX_MGMT) {
+-			key->flags |= IEEE80211_KEY_FLAG_SW_MGMT_TX;
+-			wcid->sw_iv = true;
+-		}
+-	} else {
++	if (cmd != SET_KEY) {
+ 		if (idx == wcid->hw_key_idx) {
+ 			wcid->hw_key_idx = -1;
+ 			wcid->sw_iv = false;
+ 		}
+ 
+-		key = NULL;
++		return 0;
++	}
++
++	key->hw_key_idx = wcid->idx;
++	wcid->hw_key_idx = idx;
++	if (key->flags & IEEE80211_KEY_FLAG_RX_MGMT) {
++		key->flags |= IEEE80211_KEY_FLAG_SW_MGMT_TX;
++		wcid->sw_iv = true;
+ 	}
+ 	mt76_wcid_key_setup(&dev->mt76, wcid, key);
+ 
+--- a/mt7915/main.c
++++ b/mt7915/main.c
+@@ -399,16 +399,15 @@ static int mt7915_set_key(struct ieee802
+ 		mt7915_mcu_add_bss_info(phy, vif, true);
+ 	}
+ 
+-	if (cmd == SET_KEY)
++	if (cmd == SET_KEY) {
+ 		*wcid_keyidx = idx;
+-	else if (idx == *wcid_keyidx)
+-		*wcid_keyidx = -1;
+-	else
++	} else {
++		if (idx == *wcid_keyidx)
++			*wcid_keyidx = -1;
+ 		goto out;
++	}
+ 
+-	mt76_wcid_key_setup(&dev->mt76, wcid,
+-			    cmd == SET_KEY ? key : NULL);
+-
++	mt76_wcid_key_setup(&dev->mt76, wcid, key);
+ 	err = mt76_connac_mcu_add_key(&dev->mt76, vif, &msta->bip,
+ 				      key, MCU_EXT_CMD(STA_REC_UPDATE),
+ 				      &msta->wcid, cmd);
+--- a/mt7921/main.c
++++ b/mt7921/main.c
+@@ -568,16 +568,15 @@ static int mt7921_set_key(struct ieee802
+ 
+ 	mt7921_mutex_acquire(dev);
+ 
+-	if (cmd == SET_KEY)
++	if (cmd == SET_KEY) {
+ 		*wcid_keyidx = idx;
+-	else if (idx == *wcid_keyidx)
+-		*wcid_keyidx = -1;
+-	else
++	} else {
++		if (idx == *wcid_keyidx)
++			*wcid_keyidx = -1;
+ 		goto out;
++	}
+ 
+-	mt76_wcid_key_setup(&dev->mt76, wcid,
+-			    cmd == SET_KEY ? key : NULL);
+-
++	mt76_wcid_key_setup(&dev->mt76, wcid, key);
+ 	err = mt76_connac_mcu_add_key(&dev->mt76, vif, &msta->bip,
+ 				      key, MCU_UNI_CMD(STA_REC_UPDATE),
+ 				      &msta->wcid, cmd);

package/kernel/r8125/Makefile

@@ -7,12 +7,12 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=r8125
-PKG_VERSION:=9.011.00-1
+PKG_VERSION:=9.010.01-2
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/awesometic/realtek-r8125-dkms/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=750a05c05f318fc5e1e05e6b2d1f61a76fffa3133eae1bf9ce5ff6d03ae29cb7
+PKG_HASH:=b3e1b36578ba92a775049535e7434a9fc46710a721846c3706aca3d265db8cb9
 PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/realtek-$(PKG_NAME)-dkms-$(PKG_VERSION)
 
 PKG_LICENSE:=GPL-2.0-only

package/kernel/r8152/patches/010-kernel-5.4.252.patch

@@ -0,0 +1,22 @@
+--- a/compatibility.h
++++ b/compatibility.h
+@@ -21,7 +21,6 @@
+ #endif /* LINUX_VERSION_CODE >= KERNEL_VERSION(3,7,0) */
+ #endif /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31) */
+ 
+-#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+ #if LINUX_VERSION_CODE < KERNEL_VERSION(5,12,0)
+ 	#define PHY_MAC_INTERRUPT		PHY_IGNORE_INTERRUPT
+ #if LINUX_VERSION_CODE < KERNEL_VERSION(5,9,0)
+@@ -608,11 +607,6 @@
+ #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(5,8,0) */
+ #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(5,9,0) */
+ #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(5,12,0) */
+-	static inline void eth_hw_addr_set(struct net_device *dev, const u8 *addr)
+-	{
+-		memcpy(dev->dev_addr, addr, 6);
+-	}
+-#endif /* LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0) */
+ 
+ #ifndef FALSE
+ 	#define TRUE	1

package/kernel/rtl8189es/patches/030-kernel-5.4.252.patch

@@ -0,0 +1,21 @@
+--- a/include/osdep_service_linux.h
++++ b/include/osdep_service_linux.h
+@@ -220,18 +220,6 @@ typedef void *timer_hdl_context;
+ 	#define DMA_BIT_MASK(n) (((n) == 64) ? ~0ULL : ((1ULL<<(n))-1))
+ #endif
+ 
+-#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 15, 0))
+-/* Porting from linux kernel commits 
+-48eab831ae8b9f7002a533fa4235eed63ea1f1a3 
+-3f6cffb8604b537e3d7ea040d7f4368689638eaf
+-adeef3e32146a8d2a73c399dc6f5d76a449131b1
+-*/
+-static inline void eth_hw_addr_set(struct net_device *dev, const u8 *addr)
+-{
+-	memcpy(dev->dev_addr, addr, ETH_ALEN);
+-}
+-#endif
+-
+ typedef unsigned long systime;
+ typedef struct tasklet_struct _tasklet;
+ 

package/kernel/rtl8192eu/patches/040-kernel-5.4.252.patch

@@ -0,0 +1,17 @@
+--- a/include/osdep_service_linux.h
++++ b/include/osdep_service_linux.h
+@@ -217,14 +217,6 @@ typedef void *timer_hdl_context;
+ 
+ typedef unsigned long systime;
+ 
+-#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 15, 0))
+-/* Porting from linux kernel v5.15-rc1 48eab831ae8b9f7002a533fa4235eed63ea1f1a3 */
+-static inline void eth_hw_addr_set(struct net_device *dev, const u8 *addr)
+-{
+-	memcpy(dev->dev_addr, addr, ETH_ALEN);
+-}
+-#endif
+-
+ #if (LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 22))
+ /* Porting from linux kernel, for compatible with old kernel. */
+ static inline unsigned char *skb_tail_pointer(const struct sk_buff *skb)

package/libs/gmp/Makefile

@@ -19,6 +19,7 @@ PKG_BUILD_PARALLEL:=1
 PKG_INSTALL:=1
 PKG_FIXUP:=autoreconf
 PKG_LICENSE:=GPL-2.0-or-later
+PKG_CPE_ID:=cpe:/a:gmplib:gmp
 
 PKG_USE_MIPS16:=0
 

package/libs/libbsd/Makefile

@@ -10,6 +10,7 @@ PKG_HASH:=34b8adc726883d0e85b3118fa13605e179a62b31ba51f676136ecb2d0bc1a887
 
 PKG_LICENSE:=BSD-4-Clause
 PKG_LICENSE_FILES:=COPYING
+PKG_CPE_ID:=cpe:/a:freedesktop:libbsd
 
 PKG_INSTALL:=1
 PKG_BUILD_PARALLEL:=1

package/libs/libnetfilter-conntrack/Makefile

@@ -18,6 +18,7 @@ PKG_HASH:=0cd13be008923528687af6c6b860f35392d49251c04ee0648282d36b1faec1cf
 PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
 PKG_LICENSE:=GPL-2.0-or-later
 PKG_LICENSE_FILES:=COPYING
+PKG_CPE_ID:=cpe:/a:netfilter:libnetfilter_conntrack
 
 PKG_INSTALL:=1
 PKG_BUILD_PARALLEL:=1

package/libs/libpcap/Makefile

@@ -16,6 +16,7 @@ PKG_SOURCE_URL:=http://www.tcpdump.org/release/
 PKG_HASH:=635237637c5b619bcceba91900666b64d56ecb7be63f298f601ec786ce087094
 
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
+PKG_CPE_ID:=cpe:/a:tcpdump:libpcap
 
 PKG_ASLR_PIE_REGULAR:=1
 PKG_BUILD_PARALLEL:=1

package/libs/openssl/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
 PKG_BASE:=1.1.1
-PKG_BUGFIX:=t
+PKG_BUGFIX:=w
 PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
 PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
@@ -28,7 +28,7 @@ PKG_SOURCE_URL:= \
 	ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
 	ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/old/$(PKG_BASE)/
 
-PKG_HASH:=8dee9b24bdb1dcbf0c3d1e9b02fb8f6bf22165e807f45adeb7c9677536859d3b
+PKG_HASH:=cf3098950cb4d853ad95c0841f1f9c6d3dc102dccfcacd521d93925208b76ac8
 
 PKG_LICENSE:=OpenSSL
 PKG_LICENSE_FILES:=LICENSE
@@ -338,6 +338,7 @@ define Build/Configure
 			--libdir=lib \
 			--openssldir=/etc/ssl \
 			--cross-compile-prefix="$(TARGET_CROSS)" \
+			$(TARGET_CFLAGS) \
 			$(TARGET_CPPFLAGS) \
 			$(TARGET_LDFLAGS) \
 			$(OPENSSL_OPTIONS) && \

package/libs/popt/Makefile

@@ -18,6 +18,7 @@ PKG_SOURCE_URL:= \
 	http://rpm5.org/files/popt/
 PKG_HASH:=e728ed296fe9f069a0e005003c3d6b2dde3d9cad453422a10d6558616d304cc8
 PKG_LICENSE:=MIT
+PKG_CPE_ID:=cpe:/a:popt_project:popt
 
 PKG_FIXUP:=autoreconf
 PKG_REMOVE_FILES:=autogen.sh aclocal.m4

package/libs/sysfsutils/Makefile

@@ -15,6 +15,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=@SF/linux-diag
 PKG_HASH:=e865de2c1f559fff0d3fc936e660c0efaf7afe662064f2fb97ccad1ec28d208a
 PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
+PKG_CPE_ID:=cpe:/a:sysfsutils_project:sysfsutils
 
 PKG_LICENSE:=LGPL-2.1
 PKG_LICENSE_FILES:=COPYING cmd/GPL lib/LGPL

package/libs/uclient/Makefile

@@ -5,9 +5,9 @@ PKG_RELEASE=1
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(PROJECT_GIT)/project/uclient.git
-PKG_MIRROR_HASH:=7c443cac02a734dd312c65618f4de17248d188317f30a9fac192c1503b3d5c05
-PKG_SOURCE_DATE:=2021-05-14
-PKG_SOURCE_VERSION:=6a6011df3429ffa5958d12b1327eeda4fd9daa47
+PKG_MIRROR_HASH:=16c6c97f45d9737fb40628ea22ae347541a1e37d8d1576e04ffbaa5fc92f3b6d
+PKG_SOURCE_DATE:=2023-04-13
+PKG_SOURCE_VERSION:=007d945467499f43656b141171d31f5643b83a6c
 CMAKE_INSTALL:=1
 
 PKG_BUILD_DEPENDS:=ustream-ssl

package/libs/wolfssl/Makefile

@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wolfssl
-PKG_VERSION:=5.5.4-stable
-PKG_RELEASE:=$(AUTORELEASE)
+PKG_VERSION:=5.6.3-stable
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
-PKG_HASH:=b7ee150e49def77c765bc02aac92ddeb0bebefd4cb12aa263d8f95e405221fb8
+PKG_HASH:=2e74a397fa797c2902d7467d500de904907666afb4ff80f6464f6efd5afb114a
 
 PKG_FIXUP:=libtool libtool-abiver
 PKG_INSTALL:=1
@@ -151,6 +151,33 @@ CONFIGURE_ARGS += \
 	--$(if $(CONFIG_WOLFSSL_HAS_ECC448),enable,disable)-curve448 \
 	--$(if $(CONFIG_WOLFSSL_HAS_OPENVPN),enable,disable)-openvpn
 
+define Package/libwolfsslcpu-crypto/preinst-aarch64
+#!/bin/sh
+exec >&2
+printf "[libwolfsslcpu-crypto] Checking for Arm v8-A Cryptographic Extension support: "
+if [ -n "$${IPKG_INSTROOT}" ]; then
+    printf "...[offline]... "
+    eval "$$(grep '^DISTRIB_TARGET=' "$${IPKG_INSTROOT}/etc/openwrt_release")"
+    echo "$${DISTRIB_TARGET}" | grep '^bcm27xx/.*' > /dev/null && {
+	echo "not supported"
+	echo "Error: Target $${DISTRIB_TARGET} does not support Arm Cryptographic Extension."
+	echo "Install the regular libwolfssl package instead of libwolfsslcpu-crypto."
+	exit 1
+    }
+else
+    grep -q '^Features.*\baes\b' /proc/cpuinfo || {
+	echo "not supported"
+	echo "Error: Arm v8-A Cryptographic Extension not supported."
+	echo "Install the regular libwolfssl package instead of libwolfsslcpu-crypto."
+	echo "Contents of /proc/cpuinfo:"
+	cat /proc/cpuinfo
+	exit 1
+    }
+fi
+echo OK
+exit 0
+endef
+
 ifeq ($(BUILD_VARIANT),regular)
 CONFIGURE_ARGS += \
 	--$(if $(CONFIG_WOLFSSL_HAS_AFALG),enable,disable)-afalg \
@@ -160,9 +187,7 @@ CONFIGURE_ARGS += \
 else ifdef CONFIG_aarch64
     CONFIGURE_ARGS += --enable-armasm
     TARGET_CFLAGS:=$(TARGET_CFLAGS:-mcpu%=-mcpu%+crypto)
-    WOLFSSL_NOASM_REGEX:=^bcm27xx/.*
-    Package/libwolfsslcpu-crypto/preinst=\
-	$(subst @@WOLFSSL_NOASM_REGEX@@,$(WOLFSSL_NOASM_REGEX),$(file <preinst.arm-ce))
+    Package/libwolfsslcpu-crypto/preinst=$(Package/libwolfsslcpu-crypto/preinst-aarch64)
 else ifdef CONFIG_TARGET_x86_64
 	CONFIGURE_ARGS += --enable-intelasm
 endif

package/libs/wolfssl/patches/001-fix-detection-of-cut-tool-in-configure.ac.patch

@@ -0,0 +1,25 @@
+From 41d248461bd9ad44193a4806ecb5361513e8944e Mon Sep 17 00:00:00 2001
+From: jordan <jordan@wolfssl.com>
+Date: Tue, 27 Jun 2023 13:18:25 -0500
+Subject: [PATCH] fix detection of cut tool in configure.ac
+
+---
+ configure.ac | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -8723,10 +8723,11 @@ echo "extern \"C\" {" >> $OPTION_FILE
+ echo "#endif" >> $OPTION_FILE
+ echo "" >> $OPTION_FILE
+ 
+-# check for supported command to trim option with
++# Check for supported command to trim option with.
++# note: cut requires an argument to exit with success.
+ if colrm >/dev/null 2>&1 </dev/null; then
+     TRIM="colrm 3"
+-elif cut >/dev/null 2>&1 </dev/null; then
++elif cut --version >/dev/null 2>&1 </dev/null; then
+     TRIM="cut -c1-2"
+ else
+     AC_MSG_ERROR([Could not find colrm or cut to make options file])

package/libs/wolfssl/patches/100-disable-hardening-check.patch

@@ -1,10 +1,10 @@
 --- a/wolfssl/wolfcrypt/settings.h
 +++ b/wolfssl/wolfcrypt/settings.h
-@@ -2496,7 +2496,7 @@ extern void uITRON4_free(void *p) ;
- #endif
+@@ -2630,7 +2630,7 @@ extern void uITRON4_free(void *p) ;
  
  /* warning for not using harden build options (default with ./configure) */
--#ifndef WC_NO_HARDEN
+ /* do not warn if big integer support is disabled */
+-#if !defined(WC_NO_HARDEN) && !defined(NO_BIG_INT)
 +#if 0
      #if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
          (defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \