OpenWrt v22.03.0-rc1: adjust config defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

feeds.conf.default

@@ -1,8 +1,4 @@
-src-git-full packages https://git.openwrt.org/feed/packages.git
-src-git-full luci https://git.openwrt.org/project/luci.git
-src-git-full routing https://git.openwrt.org/feed/routing.git
-src-git-full telephony https://git.openwrt.org/feed/telephony.git
-#src-git-full video https://github.com/openwrt/video.git
-#src-git-full targets https://github.com/openwrt/targets.git
-#src-git-full oldpackages http://git.openwrt.org/packages.git
-#src-link custom /usr/src/openwrt/custom-feed
+src-git-full packages https://git.openwrt.org/feed/packages.git^3d33fa3b09414f8a79e1e8f98d64d41b26235e12
+src-git-full luci https://git.openwrt.org/project/luci.git^990aa4fc6b80706cafec8d63e05085b45217c364
+src-git-full routing https://git.openwrt.org/feed/routing.git^48f6120ad4b8c1515d29110c6291ff7e264fef29
+src-git-full telephony https://git.openwrt.org/feed/telephony.git^4c148548df2aae3c036a5e309ff0474dbb1f48ac

include/autotools.mk

@@ -35,7 +35,7 @@ define autoreconf
 		$(patsubst %,rm -f %;,$(2)) \
 		$(foreach p,$(3), \
 			if [ -f $(p)/configure.ac ] || [ -f $(p)/configure.in ]; then \
-				[ -d $(p)/autom4te.cache ] && rm -rf autom4te.cache; \
+				[ -d $(p)/autom4te.cache ] && rm -rf $(p)/autom4te.cache; \
 				[ -e $(p)/config.rpath ] || \
 						ln -s $(SCRIPT_DIR)/config.rpath $(p)/config.rpath; \
 				touch NEWS AUTHORS COPYING ABOUT-NLS ChangeLog; \

include/image-commands.mk

@@ -37,7 +37,11 @@ define Build/package-kernel-ubifs
 endef
 
 define Build/append-image
-	dd if=$(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1) >> $@
+	cp "$(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1)" "$@.stripmeta"
+	fwtool -s /dev/null -t "$@.stripmeta" || :
+	fwtool -i /dev/null -t "$@.stripmeta" || :
+	dd if="$@.stripmeta" >> "$@"
+	rm "$@.stripmeta"
 endef
 
 ifdef IB
@@ -46,8 +50,12 @@ define Build/append-image-stage
 endef
 else
 define Build/append-image-stage
-	dd if=$(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1) of=$(STAGING_DIR_IMAGE)/$(BOARD)$(if $(SUBTARGET),-$(SUBTARGET))-$(DEVICE_NAME)-$(1)
-	dd if=$(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1) >> $@
+	cp "$(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1)" "$@.stripmeta"
+	fwtool -s /dev/null -t "$@.stripmeta" || :
+	fwtool -i /dev/null -t "$@.stripmeta" || :
+	dd if="$@.stripmeta" of="$(STAGING_DIR_IMAGE)/$(BOARD)$(if $(SUBTARGET),-$(SUBTARGET))-$(DEVICE_NAME)-$(1)"
+	dd if="$@.stripmeta" >> "$@"
+	rm "$@.stripmeta"
 endef
 endif
 
@@ -81,6 +89,7 @@ metadata_json = \
 
 define Build/append-metadata
 	$(if $(SUPPORTED_DEVICES),-echo $(call metadata_json) | fwtool -I - $@)
+	sha256sum "$@" | cut -d" " -f1 > "$@.sha256sum"
 	[ ! -s "$(BUILD_KEY)" -o ! -s "$(BUILD_KEY).ucert" -o ! -s "$@" ] || { \
 		cp "$(BUILD_KEY).ucert" "$@.ucert" ;\
 		usign -S -m "$@" -s "$(BUILD_KEY)" -x "$@.sig" ;\

include/image.mk

@@ -229,8 +229,7 @@ $(eval $(foreach S,$(NAND_BLOCKSIZE),$(call Image/mkfs/jffs2-nand/template,$(S))
 define Image/mkfs/squashfs-common
 	$(STAGING_DIR_HOST)/bin/mksquashfs4 $(call mkfs_target_dir,$(1)) $@ \
 		-nopad -noappend -root-owned \
-		-comp $(SQUASHFSCOMP) $(SQUASHFSOPT) \
-		-processors 1
+		-comp $(SQUASHFSCOMP) $(SQUASHFSOPT)
 endef
 
 ifeq ($(CONFIG_TARGET_ROOTFS_SECURITY_LABELS),y)
@@ -493,9 +492,9 @@ define Device/Build/initramfs
   $(BUILD_DIR)/json_info_files/$$(KERNEL_INITRAMFS_IMAGE).json: $(BIN_DIR)/$$(KERNEL_INITRAMFS_IMAGE)
 	@mkdir -p $$(shell dirname $$@)
 	DEVICE_ID="$(1)" \
-	BIN_DIR="$(BIN_DIR)" \
 	SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) \
 	FILE_NAME="$$(notdir $$^)" \
+	FILE_DIR="$(KDIR)/tmp" \
 	FILE_TYPE="kernel" \
 	FILE_FILESYSTEM="initramfs" \
 	DEVICE_IMG_PREFIX="$$(DEVICE_IMG_PREFIX)" \
@@ -600,9 +599,9 @@ define Device/Build/image
   $(BUILD_DIR)/json_info_files/$(call DEVICE_IMG_NAME,$(1),$(2)).json: $(BIN_DIR)/$(call DEVICE_IMG_NAME,$(1),$(2))$$(GZ_SUFFIX)
 	@mkdir -p $$(shell dirname $$@)
 	DEVICE_ID="$(DEVICE_NAME)" \
-	BIN_DIR="$(BIN_DIR)" \
 	SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) \
 	FILE_NAME="$(DEVICE_IMG_NAME)" \
+	FILE_DIR="$(KDIR)/tmp" \
 	FILE_TYPE=$(word 1,$(subst ., ,$(2))) \
 	FILE_FILESYSTEM="$(1)" \
 	DEVICE_IMG_PREFIX="$(DEVICE_IMG_PREFIX)" \
@@ -646,9 +645,9 @@ define Device/Build/artifact
   $(BUILD_DIR)/json_info_files/$(DEVICE_IMG_PREFIX)-$(1).json: $(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1)
 	@mkdir -p $$(shell dirname $$@)
 	DEVICE_ID="$(DEVICE_NAME)" \
-	BIN_DIR="$(BIN_DIR)" \
 	SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) \
 	FILE_NAME="$(DEVICE_IMG_PREFIX)-$(1)" \
+	FILE_DIR="$(KDIR)/tmp" \
 	FILE_TYPE="$(1)" \
 	DEVICE_IMG_PREFIX="$(DEVICE_IMG_PREFIX)" \
 	DEVICE_VENDOR="$(DEVICE_VENDOR)" \

include/kernel-5.10

@@ -1,2 +1,2 @@
-LINUX_VERSION-5.10 = .107
-LINUX_KERNEL_HASH-5.10.107 = c467c3077946370fb26c9277313b601d6c48bb557abc889f4892caf627fcdfea
+LINUX_VERSION-5.10 = .111
+LINUX_KERNEL_HASH-5.10.111 = 1831b3d8765592ce91e51441bb179d908f6bcfe8c78d03c2bec8c675c4a0ab1a

include/kernel-5.4

@@ -1,2 +0,0 @@
-LINUX_VERSION-5.4 = .175
-LINUX_KERNEL_HASH-5.4.175 = ac901bdffb1488d6c730ca7ab42322163dd331b240e2f06ad83d199e251a4840

include/kernel-defaults.mk

@@ -168,19 +168,20 @@ ifneq ($(CONFIG_TARGET_ROOTFS_INITRAMFS),)
 define Kernel/CompileImage/Initramfs
 	$(call Kernel/Configure/Initramfs)
 	$(CP) $(GENERIC_PLATFORM_DIR)/other-files/init $(TARGET_DIR)/init
-	$(if $(SOURCE_DATE_EPOCH),touch -hcd "@$(SOURCE_DATE_EPOCH)" $(TARGET_DIR)/init)
+	$(if $(SOURCE_DATE_EPOCH),touch -hcd "@$(SOURCE_DATE_EPOCH)" $(TARGET_DIR) $(TARGET_DIR)/init)
 	rm -rf $(KERNEL_BUILD_DIR)/linux-$(LINUX_VERSION)/usr/initramfs_data.cpio*
 ifeq ($(CONFIG_TARGET_ROOTFS_INITRAMFS_SEPARATE),y)
 ifneq ($(qstrip $(CONFIG_EXTERNAL_CPIO)),)
 	$(CP) $(CONFIG_EXTERNAL_CPIO) $(KERNEL_BUILD_DIR)/initrd.cpio
 else
-	( cd $(TARGET_DIR); find . | $(STAGING_DIR_HOST)/bin/cpio -o -H newc -R 0:0 > $(KERNEL_BUILD_DIR)/initrd.cpio )
+	( cd $(TARGET_DIR); find . | LC_ALL=C sort | $(STAGING_DIR_HOST)/bin/cpio --reproducible -o -H newc -R 0:0 > $(KERNEL_BUILD_DIR)/initrd.cpio )
 endif
+	$(if $(SOURCE_DATE_EPOCH),touch -hcd "@$(SOURCE_DATE_EPOCH)" $(KERNEL_BUILD_DIR)/initrd.cpio)
 	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_BZIP2),bzip2 -9 -c < $(KERNEL_BUILD_DIR)/initrd.cpio > $(KERNEL_BUILD_DIR)/initrd.cpio.bzip2)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_GZIP),gzip -f -S .gzip -9n $(KERNEL_BUILD_DIR)/initrd.cpio)
+	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_GZIP),gzip -n -f -S .gzip -9n $(KERNEL_BUILD_DIR)/initrd.cpio)
 	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZMA),$(STAGING_DIR_HOST)/bin/lzma e -lc1 -lp2 -pb2 $(KERNEL_BUILD_DIR)/initrd.cpio $(KERNEL_BUILD_DIR)/initrd.cpio.lzma)
 # ?	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZO),)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_XZ),$(STAGING_DIR_HOST)/bin/xz -9 -fz --check=crc32 $(KERNEL_BUILD_DIR)/initrd.cpio)
+	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_XZ),$(STAGING_DIR_HOST)/bin/xz -T$(if $(filter 1,$(NPROC)),2,0) -9 -fz --check=crc32 $(KERNEL_BUILD_DIR)/initrd.cpio)
 # ?	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZ4),)
 	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_ZSTD),$(STAGING_DIR_HOST)/bin/zstd -T0 -f -o $(KERNEL_BUILD_DIR)/initrd.cpio.zstd $(KERNEL_BUILD_DIR)/initrd.cpio)
 endif

include/meson.mk

@@ -65,6 +65,7 @@ define Meson/CreateNativeFile
 		-e "s|@CXX@|$(foreach BIN,$(HOSTCXX),'$(BIN)',)|" \
 		-e "s|@PKGCONFIG@|$(PKG_CONFIG)|" \
 		-e "s|@CMAKE@|$(STAGING_DIR_HOST)/bin/cmake|" \
+		-e "s|@PYTHON@|$(STAGING_DIR_HOST)/bin/python3|" \
 		-e "s|@CFLAGS@|$(foreach FLAG,$(HOST_CFLAGS) $(HOST_CPPFLAGS),'$(FLAG)',)|" \
 		-e "s|@CXXFLAGS@|$(foreach FLAG,$(HOST_CXXFLAGS) $(HOST_CPPFLAGS),'$(FLAG)',)|" \
 		-e "s|@LDFLAGS@|$(foreach FLAG,$(HOST_LDFLAGS),'$(FLAG)',)|" \
@@ -82,6 +83,7 @@ define Meson/CreateCrossFile
 		-e "s|@NM@|$(TARGET_NM)|" \
 		-e "s|@PKGCONFIG@|$(PKG_CONFIG)|" \
 		-e "s|@CMAKE@|$(STAGING_DIR_HOST)/bin/cmake|" \
+		-e "s|@PYTHON@|$(STAGING_DIR_HOST)/bin/python3|" \
 		-e "s|@CFLAGS@|$(foreach FLAG,$(TARGET_CFLAGS) $(EXTRA_CFLAGS) $(TARGET_CPPFLAGS) $(EXTRA_CPPFLAGS),'$(FLAG)',)|" \
 		-e "s|@CXXFLAGS@|$(foreach FLAG,$(TARGET_CXXFLAGS) $(EXTRA_CXXFLAGS) $(TARGET_CPPFLAGS) $(EXTRA_CPPFLAGS),'$(FLAG)',)|" \
 		-e "s|@LDFLAGS@|$(foreach FLAG,$(TARGET_LDFLAGS) $(EXTRA_LDFLAGS),'$(FLAG)',)|" \

include/netfilter.mk

@@ -48,8 +48,6 @@ $(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_MATCH_COMMENT, $(P_XT)xt_comme
 $(eval $(call nf_add,IPT_CLUSTER,CONFIG_NETFILTER_XT_MATCH_CLUSTER, $(P_XT)xt_cluster))
 
 $(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_TARGET_LOG, $(P_XT)xt_LOG))
-$(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_TARGET_LOG, $(P_XT)nf_log_common))
-$(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_TARGET_LOG, $(P_V4)nf_log_ipv4))
 $(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_TARGET_TCPMSS, $(P_XT)xt_TCPMSS))
 $(eval $(call nf_add,IPT_CORE,CONFIG_IP_NF_TARGET_REJECT, $(P_V4)ipt_REJECT))
 $(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_MATCH_TIME, $(P_XT)xt_time))
@@ -156,7 +154,6 @@ $(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK,CONFIG_NF_DEFRAG_IPV6, $(P_V6)
 
 $(eval $(if $(NF_KMOD),$(call nf_add,IPT_IPV6,CONFIG_IP6_NF_FILTER, $(P_V6)ip6table_filter),))
 $(eval $(if $(NF_KMOD),$(call nf_add,IPT_IPV6,CONFIG_IP6_NF_MANGLE, $(P_V6)ip6table_mangle),))
-$(eval $(if $(NF_KMOD),$(call nf_add,IPT_IPV6,CONFIG_NF_LOG_IPV6, $(P_V6)nf_log_ipv6),))
 
 $(eval $(if $(NF_KMOD),,$(call nf_add,IPT_IPV6,CONFIG_IP6_NF_IPTABLES, ip6t_icmp6)))
 
@@ -172,6 +169,12 @@ $(eval $(call nf_add,IPT_IPV6_EXTRA,CONFIG_IP6_NF_MATCH_OPTS, $(P_V6)ip6t_hbh))
 $(eval $(call nf_add,IPT_IPV6_EXTRA,CONFIG_IP6_NF_MATCH_FRAG, $(P_V6)ip6t_frag))
 $(eval $(call nf_add,IPT_IPV6_EXTRA,CONFIG_IP6_NF_MATCH_RT, $(P_V6)ip6t_rt))
 
+# log
+
+$(eval $(call nf_add,NF_LOG,CONFIG_NF_LOG_COMMON, $(P_XT)nf_log_common))
+$(eval $(call nf_add,NF_LOG,CONFIG_NF_LOG_IPV4, $(P_V4)nf_log_ipv4))
+$(eval $(if $(NF_KMOD),$(call nf_add,NF_LOG6,CONFIG_NF_LOG_IPV6, $(P_V6)nf_log_ipv6),))
+
 # nat
 
 # kernel only

include/target.mk

@@ -173,22 +173,30 @@ USE_SUBTARGET_CONFIG = $(if $(wildcard $(LINUX_TARGET_CONFIG)),,$(if $(LINUX_SUB
 LINUX_RECONFIG_LIST = $(wildcard $(GENERIC_LINUX_CONFIG) $(LINUX_TARGET_CONFIG) $(if $(USE_SUBTARGET_CONFIG),$(LINUX_SUBTARGET_CONFIG)))
 LINUX_RECONFIG_TARGET = $(if $(USE_SUBTARGET_CONFIG),$(LINUX_SUBTARGET_CONFIG),$(LINUX_TARGET_CONFIG))
 
+CFG_TARGET = $(CONFIG_TARGET)
+ifeq ($(CFG_TARGET),platform)
+  CFG_TARGET = target
+  $(warning Deprecation warning: use CONFIG_TARGET=target instead.)
+else ifeq ($(CFG_TARGET),subtarget_platform)
+  CFG_TARGET = subtarget_target
+  $(warning Deprecation warning: use CONFIG_TARGET=subtarget_target instead.)
+endif
+
 # select the config file to be changed by kernel_menuconfig/kernel_oldconfig
-ifeq ($(CONFIG_TARGET),platform)
+ifeq ($(CFG_TARGET),target)
   LINUX_RECONFIG_LIST = $(wildcard $(GENERIC_LINUX_CONFIG) $(LINUX_TARGET_CONFIG))
   LINUX_RECONFIG_TARGET = $(LINUX_TARGET_CONFIG)
-endif
-ifeq ($(CONFIG_TARGET),subtarget)
+else ifeq ($(CFG_TARGET),subtarget)
   LINUX_RECONFIG_LIST = $(wildcard $(GENERIC_LINUX_CONFIG) $(LINUX_TARGET_CONFIG) $(LINUX_SUBTARGET_CONFIG))
   LINUX_RECONFIG_TARGET = $(LINUX_SUBTARGET_CONFIG)
-endif
-ifeq ($(CONFIG_TARGET),subtarget_platform)
+else ifeq ($(CFG_TARGET),subtarget_target)
   LINUX_RECONFIG_LIST = $(wildcard $(GENERIC_LINUX_CONFIG) $(LINUX_SUBTARGET_CONFIG) $(LINUX_TARGET_CONFIG))
   LINUX_RECONFIG_TARGET = $(LINUX_TARGET_CONFIG)
-endif
-ifeq ($(CONFIG_TARGET),env)
+else ifeq ($(CFG_TARGET),env)
   LINUX_RECONFIG_LIST = $(LINUX_KCONFIG_LIST)
   LINUX_RECONFIG_TARGET = $(TOPDIR)/env/kernel-config
+else ifneq ($(strip $(CFG_TARGET)),)
+  $(error CONFIG_TARGET=$(CFG_TARGET) is invalid. Valid: target|subtarget|subtarget_target|env)
 endif
 
 __linux_confcmd = $(2) $(patsubst %,+,$(wordlist 2,9999,$(1))) $(1)

include/trusted-firmware-a.mk

@@ -68,6 +68,9 @@ define Build/Trusted-Firmware-A/Target
   endef
 endef
 
+define Build/Configure/Trusted-Firmware-A
+	$(INSTALL_DIR) $(STAGING_DIR)/usr/include
+endef
 
 define Build/Compile/Trusted-Firmware-A
 	+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \

include/version.mk

@@ -23,13 +23,13 @@ PKG_CONFIG_DEPENDS += \
 sanitize = $(call tolower,$(subst _,-,$(subst $(space),-,$(1))))
 
 VERSION_NUMBER:=$(call qstrip,$(CONFIG_VERSION_NUMBER))
-VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),SNAPSHOT)
+VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),22.03.0-rc1)
 
 VERSION_CODE:=$(call qstrip,$(CONFIG_VERSION_CODE))
-VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),$(REVISION))
+VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r19302-df622768da)
 
 VERSION_REPO:=$(call qstrip,$(CONFIG_VERSION_REPO))
-VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),https://downloads.openwrt.org/snapshots)
+VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),https://downloads.openwrt.org/releases/22.03.0-rc1)
 
 VERSION_DIST:=$(call qstrip,$(CONFIG_VERSION_DIST))
 VERSION_DIST:=$(if $(VERSION_DIST),$(VERSION_DIST),OpenWrt)

package/base-files/files/lib/upgrade/nand.sh

@@ -143,6 +143,7 @@ nand_upgrade_prepare_ubi() {
 		ubiattach -m "$mtdnum"
 		sync
 		ubidev="$( nand_find_ubi "$CI_UBIPART" )"
+		[ ! "$ubidev" ] && return 1
 		[ "$has_env" -gt 0 ] && {
 			ubimkvol /dev/$ubidev -n 0 -N ubootenv -s 1MiB
 			ubimkvol /dev/$ubidev -n 1 -N ubootenv2 -s 1MiB
@@ -154,8 +155,13 @@ nand_upgrade_prepare_ubi() {
 	local data_ubivol="$( nand_find_volume $ubidev rootfs_data )"
 
 	local ubiblk ubiblkvol
-	for ubiblk in /dev/ubiblock*_? ; do
+	for ubiblk in /dev/ubiblock${ubidev:3}_* ; do
 		[ -e "$ubiblk" ] || continue
+		case "$ubiblk" in
+		/dev/ubiblock*_*p*)
+			continue
+			;;
+		esac
 		echo "removing ubiblock${ubiblk:13}"
 		ubiblkvol=ubi${ubiblk:13}
 		if ! ubiblock -r /dev/$ubiblkvol; then
@@ -165,9 +171,9 @@ nand_upgrade_prepare_ubi() {
 	done
 
 	# kill volumes
-	[ "$kern_ubivol" ] && ubirmvol /dev/$ubidev -N $CI_KERNPART || true
-	[ "$root_ubivol" -a "$root_ubivol" != "$kern_ubivol" ] && ubirmvol /dev/$ubidev -N $CI_ROOTPART || true
-	[ "$data_ubivol" ] && ubirmvol /dev/$ubidev -N rootfs_data || true
+	[ "$kern_ubivol" ] && ubirmvol /dev/$ubidev -N $CI_KERNPART || :
+	[ "$root_ubivol" -a "$root_ubivol" != "$kern_ubivol" ] && ubirmvol /dev/$ubidev -N $CI_ROOTPART || :
+	[ "$data_ubivol" ] && ubirmvol /dev/$ubidev -N rootfs_data || :
 
 	# update kernel
 	if [ -n "$kernel_length" ]; then

package/base-files/image-config.in

@@ -183,7 +183,7 @@ if VERSIONOPT
 	config VERSION_REPO
 		string
 		prompt "Release repository"
-		default "https://downloads.openwrt.org/snapshots"
+		default "https://downloads.openwrt.org/releases/22.03.0-rc1"
 		help
 			This is the repository address embedded in the image, it defaults
 			to the trunk snapshot repo; the url may contain the following placeholders:
@@ -259,7 +259,7 @@ if VERSIONOPT
 	config VERSION_CODE_FILENAMES
 		bool
 		prompt "Revision code in filenames"
-		default y
+		default n
 		help
 			Enable this to include the revision identifier or the configured
 			version code into the firmware image, SDK- and Image Builder archive

package/boot/arm-trusted-firmware-mediatek/Makefile

@@ -91,10 +91,6 @@ TFA_MAKE_FLAGS += \
 	$(if $(DDR3_FLYBY),DDR3_FLYBY=1) \
 	all
 
-define Build/Configure
-	$(call Build/Configure/Default)
-endef
-
 define Package/trusted-firmware-a/install
 	$(INSTALL_DIR) $(STAGING_DIR_IMAGE)
 	$(INSTALL_DATA) $(PKG_BUILD_DIR)/build/mt7622/release/bl2.img $(STAGING_DIR_IMAGE)/$(BUILD_VARIANT)-bl2.img

package/boot/grub2/Makefile

@@ -6,7 +6,6 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=grub
-PKG_CPE_ID:=cpe:/a:gnu:grub2
 PKG_VERSION:=2.06
 PKG_RELEASE:=$(AUTORELEASE)
 
@@ -14,6 +13,9 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@GNU/grub
 PKG_HASH:=b79ea44af91b93d17cd3fe80bdae6ed43770678a9a5ae192ccea803ebb657ee1
 
+PKG_LICENSE:=GPL-3.0-or-later
+PKG_CPE_ID:=cpe:/a:gnu:grub2
+
 HOST_BUILD_PARALLEL:=1
 PKG_BUILD_DEPENDS:=grub2/host
 

package/boot/uboot-envtools/files/ath79

@@ -69,6 +69,8 @@ samsung,wam250|\
 ubnt,nanostation-m|\
 yuncore,a770|\
 yuncore,a782|\
+yuncore,a930|\
+yuncore,xd3200|\
 yuncore,xd4200|\
 ziking,cpe46b|\
 zyxel,nbg6616)
@@ -123,6 +125,12 @@ plasmacloud,pa300e)
 qihoo,c301)
 	ubootenv_add_uci_config "/dev/mtd9" "0x0" "0x10000" "0x10000"
 	;;
+sophos,ap55|\
+sophos,ap55c|\
+sophos,ap100|\
+sophos,ap100c)
+	ubootenv_add_uci_config "/dev/mtd1" "0x0" "0x1000" "0x10000"
+	;;
 wallys,dr531)
 	ubootenv_add_uci_config "/dev/mtd1" "0x0" "0xf800" "0x10000"
 	;;

package/boot/uboot-envtools/files/mediatek_mt7622

@@ -41,6 +41,9 @@ ruijie,rg-ew3200gx-pro)
 ubnt,unifi-6-lr-ubootmod)
 	ubootenv_add_uci_config "/dev/mtd2" "0x0" "0x4000" "0x10000"
 	;;
+xiaomi,redmi-router-ax6s)
+	ubootenv_add_uci_config "/dev/mtd3" "0x0" "0x10000" "0x40000"
+	;;
 esac
 
 config_load ubootenv

package/boot/uboot-envtools/files/oxnas

@@ -14,7 +14,7 @@ board=$(board_name)
 case "$board" in
 "cloudengines,pogoplug"*|\
 "shuttle,kd20")
-	ubootenv_add_uci_config "/dev/mtd2" "0x0" "0x2000" "0x2000" "1"
+	ubootenv_add_uci_config "/dev/mtd2" "0x0" "0x2000" "0x20000" "1"
 	;;
 "mitrastar,stg-212")
 	ubootenv_add_uci_config "/dev/mtd2" "0x0" "0x20000" "0x20000" "1"

package/boot/uboot-envtools/files/ramips

@@ -71,6 +71,7 @@ zyxel,nr7101)
 	[ -n "$idx" ] && \
 		ubootenv_add_uci_config "/dev/mtd$idx" "0x0" "0x1000" "0x80000"
 	;;
+bolt,arion|\
 xiaomi,mi-router-cr6606|\
 xiaomi,mi-router-cr6608|\
 xiaomi,mi-router-cr6609)

package/boot/uboot-envtools/files/realtek

@@ -16,6 +16,7 @@ zyxel,gs1900-8hp-v1|\
 zyxel,gs1900-8hp-v2|\
 zyxel,gs1900-10hp|\
 zyxel,gs1900-24-v1|\
+zyxel,gs1900-24hp-v1|\
 zyxel,gs1900-24hp-v2)
 	idx="$(find_mtd_index u-boot-env)"
 	[ -n "$idx" ] && \

package/boot/uboot-mediatek/patches/280-image-fdt-save-name-of-FIT-configuration-in-chosen-node.patch

@@ -0,0 +1,60 @@
+From patchwork Mon Mar 21 23:22:23 2022
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+X-Patchwork-Submitter: Daniel Golle <daniel@makrotopia.org>
+X-Patchwork-Id: 1607954
+Return-Path: <u-boot-bounces@lists.denx.de>
+X-Original-To: incoming@patchwork.ozlabs.org
+Delivered-To: patchwork-incoming@bilbo.ozlabs.org
+Date: Mon, 21 Mar 2022 23:22:23 +0000
+From: Daniel Golle <daniel@makrotopia.org>
+To: u-boot@lists.denx.de
+Cc: Simon Glass <sjg@chromium.org>, Alexandru Gagniuc <mr.nuke.me@gmail.com>,
+ Patrick Delaunay <patrick.delaunay@foss.st.com>,
+ Heinrich Schuchardt <xypron.glpk@gmx.de>
+Subject: [PATCH] image-fdt: save name of FIT configuration in '/chosen' node
+Message-ID: <YjkIr8wmz1XEOVNh@makrotopia.org>
+MIME-Version: 1.0
+Content-Disposition: inline
+X-BeenThere: u-boot@lists.denx.de
+X-Mailman-Version: 2.1.39
+Precedence: list
+List-Id: U-Boot discussion <u-boot.lists.denx.de>
+List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
+ <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
+List-Archive: <https://lists.denx.de/pipermail/u-boot/>
+List-Post: <mailto:u-boot@lists.denx.de>
+List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
+List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
+ <mailto:u-boot-request@lists.denx.de?subject=subscribe>
+Errors-To: u-boot-bounces@lists.denx.de
+Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
+
+It can be useful for the OS (Linux) to know which configuration has
+been chosen by U-Boot when launching a FIT image.
+Store the name of the FIT configuration node used in a new string
+attribute called 'bootconf' in the '/chosen' node in device tree.
+
+Signed-off-by: Daniel Golle <daniel@makrotopia.org>
+---
+ boot/image-fdt.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/boot/image-fdt.c b/boot/image-fdt.c
+index 692a9ad3e4..4017bc94a6 100644
+--- a/boot/image-fdt.c
++++ b/boot/image-fdt.c
+@@ -601,6 +601,12 @@ int image_setup_libfdt(bootm_headers_t *images, void *blob,
+ 		goto err;
+ 	}
+ 
++	/* Store name of configuration node as bootconf in /chosen node */
++	if (images->fit_uname_cfg)
++		fdt_find_and_setprop(blob, "/chosen", "bootconf",
++					images->fit_uname_cfg,
++					strlen(images->fit_uname_cfg) + 1, 1);
++
+ 	/* Update ethernet nodes */
+ 	fdt_fixup_ethernet(blob);
+ #if CONFIG_IS_ENABLED(CMD_PSTORE)

package/boot/uboot-mvebu/patches/013-mmc-xenon_sdhci-remove-wait_dat0-SDHCI-OP.patch

@@ -0,0 +1,64 @@
+From 0f3466f52fbacce67e147b9234e6323edff26a6d Mon Sep 17 00:00:00 2001
+From: Robert Marko <robert.marko@sartura.hr>
+Date: Fri, 11 Mar 2022 19:14:07 +0100
+Subject: [PATCH] mmc: xenon_sdhci: remove wait_dat0 SDHCI OP
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Generic SDHCI driver received support for checking the busy status by
+polling the DAT[0] level instead of waiting for the worst MMC switch time.
+
+Unfortunately, it appears that this does not work for Xenon controllers
+despite being a part of the standard SDHCI registers and the Armada 3720
+datasheet itself telling that BIT(20) is useful for detecting the DAT[0]
+busy signal.
+
+I have tried increasing the timeout value, but I have newer managed to
+catch DAT_LEVEL bits change from 0 at all.
+
+This issue appears to hit most if not all SoC-s supported by Xenon driver,
+at least A3720, A8040 and CN9130 have non working eMMC currently.
+
+So, until a better solution is found drop the wait_dat0 OP for Xenon.
+I was able to only test it on A3720, but it should work for others as well.
+
+Fixes: 40e6f52454fc ("drivers: mmc: Add wait_dat0 support for sdhci driver")
+Signed-off-by: Robert Marko <robert.marko@sartura.hr>
+Reviewed-by: Marek Behún <marek.behun@nic.cz>
+Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
+Reviewed-by: Stefan Roese <sr@denx.de>
+---
+ drivers/mmc/xenon_sdhci.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+--- a/drivers/mmc/xenon_sdhci.c
++++ b/drivers/mmc/xenon_sdhci.c
+@@ -439,6 +439,8 @@ static const struct sdhci_ops xenon_sdhc
+ 	.set_ios_post = xenon_sdhci_set_ios_post
+ };
+ 
++static struct dm_mmc_ops xenon_mmc_ops;
++
+ static int xenon_sdhci_probe(struct udevice *dev)
+ {
+ 	struct xenon_sdhci_plat *plat = dev_get_plat(dev);
+@@ -452,6 +454,9 @@ static int xenon_sdhci_probe(struct udev
+ 	host->mmc->dev = dev;
+ 	upriv->mmc = host->mmc;
+ 
++	xenon_mmc_ops = sdhci_ops;
++	xenon_mmc_ops.wait_dat0 = NULL;
++
+ 	/* Set quirks */
+ 	host->quirks = SDHCI_QUIRK_WAIT_SEND_CMD | SDHCI_QUIRK_32BIT_DMA_ADDR;
+ 
+@@ -568,7 +573,7 @@ U_BOOT_DRIVER(xenon_sdhci_drv) = {
+ 	.id		= UCLASS_MMC,
+ 	.of_match	= xenon_sdhci_ids,
+ 	.of_to_plat = xenon_sdhci_of_to_plat,
+-	.ops		= &sdhci_ops,
++	.ops		= &xenon_mmc_ops,
+ 	.bind		= xenon_sdhci_bind,
+ 	.probe		= xenon_sdhci_probe,
+ 	.remove		= xenon_sdhci_remove,

package/firmware/cypress-firmware/Makefile

@@ -208,42 +208,6 @@ endef
 
 $(eval $(call BuildPackage,cypress-firmware-43570-pcie))
 
-# Cypress 4359 PCIe Firmware
-define Package/cypress-firmware-4359-pcie
-  $(Package/cypress-firmware-default)
-  TITLE:=CYW4359 FullMac PCIe firmware
-endef
-
-define Package/cypress-firmware-4359-pcie/install
-	$(INSTALL_DIR) $(1)/lib/firmware/brcm
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/cyfmac4359-pcie.bin \
-		$(1)/lib/firmware/brcm/brcmfmac4359-pcie.bin
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/cyfmac4359-pcie.clm_blob \
-		$(1)/lib/firmware/brcm/brcmfmac4359-pcie.clm_blob
-endef
-
-$(eval $(call BuildPackage,cypress-firmware-4359-pcie))
-
-# Cypress 4359 SDIO Firmware
-define Package/cypress-firmware-4359-sdio
-  $(Package/cypress-firmware-default)
-  TITLE:=CYW4359 FullMac SDIO firmware
-endef
-
-define Package/cypress-firmware-4359-sdio/install
-	$(INSTALL_DIR) $(1)/lib/firmware/brcm
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/cyfmac4359-sdio.bin \
-		$(1)/lib/firmware/brcm/brcmfmac4359-sdio.bin
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/cyfmac4359-sdio.clm_blob \
-		$(1)/lib/firmware/brcm/brcmfmac4359-sdio.clm_blob
-endef
-
-$(eval $(call BuildPackage,cypress-firmware-4359-sdio))
-
 # Cypress 4373 SDIO Firmware
 define Package/cypress-firmware-4373-sdio
   $(Package/cypress-firmware-default)
@@ -297,21 +261,3 @@ define Package/cypress-firmware-54591-pcie/install
 endef
 
 $(eval $(call BuildPackage,cypress-firmware-54591-pcie))
-
-# Cypress 89459 PCIe Firmware
-define Package/cypress-firmware-89459-pcie
-  $(Package/cypress-firmware-default)
-  TITLE:=CYW89459 FullMac PCIe firmware
-endef
-
-define Package/cypress-firmware-89459-pcie/install
-	$(INSTALL_DIR) $(1)/lib/firmware/brcm
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/cyfmac89459-pcie.bin \
-		$(1)/lib/firmware/brcm/brcmfmac89459-pcie.bin
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/firmware/cyfmac89459-pcie.clm_blob \
-		$(1)/lib/firmware/brcm/brcmfmac89459-pcie.clm_blob
-endef
-
-$(eval $(call BuildPackage,cypress-firmware-89459-pcie))

package/firmware/ipq-wifi/Makefile

@@ -54,7 +54,8 @@ ALLWIFIBOARDS:= \
 	p2w_r619ac \
 	plasmacloud_pa1200 \
 	plasmacloud_pa2200 \
-	qxwlan_e2600ac \
+	qxwlan_e2600ac-c1 \
+	qxwlan_e2600ac-c2 \
 	teltonika_rutx \
 	zte_mf286d
 
@@ -146,7 +147,8 @@ $(eval $(call generate-ipq-wifi-package,nec_wg2600hp3,NEC Platforms WG2600HP3))
 $(eval $(call generate-ipq-wifi-package,p2w_r619ac,P&W R619AC))
 $(eval $(call generate-ipq-wifi-package,plasmacloud_pa1200,Plasma Cloud PA1200))
 $(eval $(call generate-ipq-wifi-package,plasmacloud_pa2200,Plasma Cloud PA2200))
-$(eval $(call generate-ipq-wifi-package,qxwlan_e2600ac,Qxwlan E2600AC))
+$(eval $(call generate-ipq-wifi-package,qxwlan_e2600ac-c1,Qxwlan E2600AC C1))
+$(eval $(call generate-ipq-wifi-package,qxwlan_e2600ac-c2,Qxwlan E2600AC C2))
 $(eval $(call generate-ipq-wifi-package,teltonika_rutx,Teltonika RUTX))
 $(eval $(call generate-ipq-wifi-package,zte_mf286d,ZTE MF286D))
 

package/firmware/linux-firmware/Makefile

@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=linux-firmware
-PKG_VERSION:=20220209
+PKG_VERSION:=20220411
 PKG_RELEASE:=1
 
 PKG_SOURCE_URL:=@KERNEL/linux/kernel/firmware
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=e2e46fa618414952bbf2f6920cd3abcddbef45bfb7d1352994b4bfc35394d177
+PKG_HASH:=020b11f6412f4956f5a6f98de7d41867d2b30ea0ce81b1e2d206ec9840363849
 
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 

package/kernel/gpio-button-hotplug/src/gpio-button-hotplug.c

@@ -107,7 +107,7 @@ static struct bh_map button_map[] = {
 static __printf(3, 4)
 int bh_event_add_var(struct bh_event *event, int argv, const char *format, ...)
 {
-	static char buf[128];
+	char buf[128];
 	char *s;
 	va_list args;
 	int len;

package/kernel/linux/modules/block.mk

@@ -243,7 +243,7 @@ define KernelPackage/dm
     $(LINUX_DIR)/drivers/md/dm-log.ko \
     $(LINUX_DIR)/drivers/md/dm-mirror.ko \
     $(LINUX_DIR)/drivers/md/dm-region-hash.ko
-  AUTOLOAD:=$(call AutoLoad,30,dm-mod dm-log dm-region-hash dm-mirror dm-crypt)
+  AUTOLOAD:=$(call AutoLoad,30,dm-mod dm-log dm-region-hash dm-mirror dm-crypt,1)
 endef
 
 define KernelPackage/dm/description

package/kernel/linux/modules/lib.mk

@@ -109,9 +109,10 @@ define KernelPackage/lib-lzo
   HIDDEN:=1
   FILES:= \
 	$(LINUX_DIR)/crypto/lzo.ko \
+	$(LINUX_DIR)/crypto/lzo-rle.ko \
 	$(LINUX_DIR)/lib/lzo/lzo_compress.ko \
 	$(LINUX_DIR)/lib/lzo/lzo_decompress.ko
-  AUTOLOAD:=$(call AutoProbe,lzo lzo_compress lzo_decompress)
+  AUTOLOAD:=$(call AutoProbe,lzo lzo-rle lzo_compress lzo_decompress)
 endef
 
 define KernelPackage/lib-lzo/description

package/kernel/linux/modules/netfilter.mk

@@ -57,7 +57,7 @@ define KernelPackage/nf-ipt6
   KCONFIG:=$(KCONFIG_NF_IPT6)
   FILES:=$(foreach mod,$(NF_IPT6-m),$(LINUX_DIR)/net/$(mod).ko)
   AUTOLOAD:=$(call AutoProbe,$(notdir $(NF_IPT6-m)))
-  DEPENDS:=+kmod-nf-ipt
+  DEPENDS:=+kmod-nf-ipt +kmod-nf-log6
 endef
 
 $(eval $(call KernelPackage,nf-ipt6))
@@ -70,7 +70,7 @@ define KernelPackage/ipt-core
   KCONFIG:=$(KCONFIG_IPT_CORE)
   FILES:=$(foreach mod,$(IPT_CORE-m),$(LINUX_DIR)/net/$(mod).ko)
   AUTOLOAD:=$(call AutoProbe,$(notdir $(IPT_CORE-m)))
-  DEPENDS:=+kmod-nf-reject +kmod-nf-ipt
+  DEPENDS:=+kmod-nf-reject +kmod-nf-ipt +kmod-nf-log
 endef
 
 define KernelPackage/ipt-core/description
@@ -121,6 +121,29 @@ endef
 $(eval $(call KernelPackage,nf-conntrack6))
 
 
+define KernelPackage/nf-log
+  SUBMENU:=$(NF_MENU)
+  TITLE:=Netfilter Logging
+  KCONFIG:=$(KCONFIG_NF_LOG)
+  FILES:=$(foreach mod,$(NF_LOG-m),$(LINUX_DIR)/net/$(mod).ko)
+  AUTOLOAD:=$(call AutoProbe,$(notdir $(NF_LOG-m)))
+endef
+
+$(eval $(call KernelPackage,nf-log))
+
+
+define KernelPackage/nf-log6
+  SUBMENU:=$(NF_MENU)
+  TITLE:=Netfilter IPV6 Logging
+  KCONFIG:=$(KCONFIG_NF_LOG6)
+  DEPENDS:=@IPV6 +kmod-nf-log
+  FILES:=$(foreach mod,$(NF_LOG6-m),$(LINUX_DIR)/net/$(mod).ko)
+  AUTOLOAD:=$(call AutoProbe,$(notdir $(NF_LOG6-m)))
+endef
+
+$(eval $(call KernelPackage,nf-log6))
+
+
 define KernelPackage/nf-nat
   SUBMENU:=$(NF_MENU)
   TITLE:=Netfilter NAT
@@ -1089,7 +1112,7 @@ $(eval $(call KernelPackage,ipt-rpfilter))
 define KernelPackage/nft-core
   SUBMENU:=$(NF_MENU)
   TITLE:=Netfilter nf_tables support
-  DEPENDS:=+kmod-nfnetlink +kmod-nf-reject +IPV6:kmod-nf-reject6 +IPV6:kmod-nf-conntrack6 +kmod-nf-nat +kmod-lib-crc32c
+  DEPENDS:=+kmod-nfnetlink +kmod-nf-reject +IPV6:kmod-nf-reject6 +IPV6:kmod-nf-conntrack6 +kmod-nf-nat +kmod-nf-log +IPV6:kmod-nf-log6 +kmod-lib-crc32c
   FILES:=$(foreach mod,$(NFT_CORE-m),$(LINUX_DIR)/net/$(mod).ko)
   AUTOLOAD:=$(call AutoProbe,$(notdir $(NFT_CORE-m)))
   KCONFIG:= \

package/kernel/linux/modules/other.mk

@@ -71,7 +71,6 @@ define KernelPackage/ath3k
   KCONFIG:= \
 	CONFIG_BT_ATH3K \
 	CONFIG_BT_HCIUART_ATH3K=y
-  $(call AddDepends/bluetooth)
   FILES:= \
 	$(LINUX_DIR)/drivers/bluetooth/ath3k.ko
   AUTOLOAD:=$(call AutoProbe,ath3k)
@@ -107,7 +106,6 @@ define KernelPackage/btmrvl
   KCONFIG:= \
 	CONFIG_BT_MRVL \
 	CONFIG_BT_MRVL_SDIO
-  $(call AddDepends/bluetooth)
   FILES:= \
 	$(LINUX_DIR)/drivers/bluetooth/btmrvl.ko \
 	$(LINUX_DIR)/drivers/bluetooth/btmrvl_sdio.ko

package/kernel/mac80211/Makefile

@@ -10,10 +10,10 @@ include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=mac80211
 
-PKG_VERSION:=5.15.8-1
-PKG_RELEASE:=2
-PKG_SOURCE_URL:=@KERNEL/linux/kernel/projects/backports/stable/v5.15.8/
-PKG_HASH:=9f71b659c034f19d156532ec780fcb606cee3c4ccc42e2f8ef18dd3e9f1b6820
+PKG_VERSION:=5.15.33-1
+PKG_RELEASE:=1
+PKG_SOURCE_URL:=@KERNEL/linux/kernel/projects/backports/stable/v5.15.33/
+PKG_HASH:=1b6b3bded4c81814ebebe2d194c2f8966d2399005b85ebb0557285b6e73f5422
 
 PKG_SOURCE:=backports-$(PKG_VERSION).tar.xz
 PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/backports-$(PKG_VERSION)

package/kernel/mac80211/patches/ath/402-ath_regd_optional.patch

@@ -82,7 +82,7 @@
  	help
 --- a/local-symbols
 +++ b/local-symbols
-@@ -76,6 +76,7 @@ ADM8211=
+@@ -83,6 +83,7 @@ ADM8211=
  ATH_COMMON=
  WLAN_VENDOR_ATH=
  ATH_DEBUG=

package/kernel/mac80211/patches/ath/404-regd_no_assoc_hints.patch

@@ -1,6 +1,6 @@
 --- a/net/wireless/reg.c
 +++ b/net/wireless/reg.c
-@@ -3299,6 +3299,8 @@ void regulatory_hint_country_ie(struct w
+@@ -3304,6 +3304,8 @@ void regulatory_hint_country_ie(struct w
  	enum environment_cap env = ENVIRON_ANY;
  	struct regulatory_request *request = NULL, *lr;
  
@@ -9,7 +9,7 @@
  	/* IE len must be evenly divisible by 2 */
  	if (country_ie_len & 0x01)
  		return;
-@@ -3550,6 +3552,7 @@ static bool is_wiphy_all_set_reg_flag(en
+@@ -3555,6 +3557,7 @@ static bool is_wiphy_all_set_reg_flag(en
  
  void regulatory_hint_disconnect(void)
  {

package/kernel/mac80211/patches/ath10k/080-ath10k_thermal_config.patch

@@ -37,7 +37,7 @@
  void ath10k_thermal_event_temperature(struct ath10k *ar, int temperature);
 --- a/local-symbols
 +++ b/local-symbols
-@@ -135,6 +135,7 @@ ATH10K_SNOC=
+@@ -142,6 +142,7 @@ ATH10K_SNOC=
  ATH10K_DEBUG=
  ATH10K_DEBUGFS=
  ATH10K_SPECTRAL=

package/kernel/mac80211/patches/ath10k/120-ath10k-fetch-calibration-data-via-nvmem-subsystem.patch

@@ -34,7 +34,7 @@ Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
  #include <asm/byteorder.h>
  
  #include "core.h"
-@@ -935,7 +936,8 @@ static int ath10k_core_get_board_id_from
+@@ -952,7 +953,8 @@ static int ath10k_core_get_board_id_from
  	}
  
  	if (ar->cal_mode == ATH10K_PRE_CAL_MODE_DT ||
@@ -44,7 +44,7 @@ Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
  		bmi_board_id_param = BMI_PARAM_GET_FLASH_BOARD_ID;
  	else
  		bmi_board_id_param = BMI_PARAM_GET_EEPROM_BOARD_ID;
-@@ -1726,7 +1728,8 @@ static int ath10k_download_and_run_otp(s
+@@ -1743,7 +1745,8 @@ static int ath10k_download_and_run_otp(s
  
  	/* As of now pre-cal is valid for 10_4 variants */
  	if (ar->cal_mode == ATH10K_PRE_CAL_MODE_DT ||
@@ -54,7 +54,7 @@ Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
  		bmi_otp_exe_param = BMI_PARAM_FLASH_SECTION_ALL;
  
  	ret = ath10k_bmi_execute(ar, address, bmi_otp_exe_param, &result);
-@@ -1853,6 +1856,39 @@ out_free:
+@@ -1870,6 +1873,39 @@ out_free:
  	return ret;
  }
  
@@ -94,7 +94,7 @@ Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
  int ath10k_core_fetch_firmware_api_n(struct ath10k *ar, const char *name,
  				     struct ath10k_fw_file *fw_file)
  {
-@@ -2087,6 +2123,18 @@ static int ath10k_core_pre_cal_download(
+@@ -2104,6 +2140,18 @@ static int ath10k_core_pre_cal_download(
  {
  	int ret;
  
@@ -113,7 +113,7 @@ Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
  	ret = ath10k_download_cal_file(ar, ar->pre_cal_file);
  	if (ret == 0) {
  		ar->cal_mode = ATH10K_PRE_CAL_MODE_FILE;
-@@ -2153,6 +2201,18 @@ static int ath10k_download_cal_data(stru
+@@ -2170,6 +2218,18 @@ static int ath10k_download_cal_data(stru
  		   "pre cal download procedure failed, try cal file: %d\n",
  		   ret);
  

package/kernel/mac80211/patches/ath10k/921-ath10k_init_devices_synchronously.patch

@@ -14,7 +14,7 @@ Signed-off-by: Sven Eckelmann <sven@open-mesh.com>
 
 --- a/drivers/net/wireless/ath/ath10k/core.c
 +++ b/drivers/net/wireless/ath/ath10k/core.c
-@@ -3412,6 +3412,16 @@ int ath10k_core_register(struct ath10k *
+@@ -3429,6 +3429,16 @@ int ath10k_core_register(struct ath10k *
  
  	queue_work(ar->workqueue, &ar->register_work);
  

package/kernel/mac80211/patches/ath10k/974-ath10k_add-LED-and-GPIO-controlling-support-for-various-chipsets.patch

@@ -114,7 +114,7 @@ v13:
  ath10k_core-$(CONFIG_DEV_COREDUMP) += coredump.o
 --- a/local-symbols
 +++ b/local-symbols
-@@ -136,6 +136,7 @@ ATH10K_DEBUG=
+@@ -143,6 +143,7 @@ ATH10K_DEBUG=
  ATH10K_DEBUGFS=
  ATH10K_SPECTRAL=
  ATH10K_THERMAL=
@@ -140,7 +140,7 @@ v13:
  		.patch_load_addr = QCA988X_HW_2_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_ALL,
-@@ -133,6 +135,7 @@ static const struct ath10k_hw_params ath
+@@ -135,6 +137,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA9887_1_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca9887 hw1.0",
@@ -148,7 +148,7 @@ v13:
  		.patch_load_addr = QCA9887_HW_1_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_ALL,
-@@ -344,6 +347,7 @@ static const struct ath10k_hw_params ath
+@@ -352,6 +355,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA99X0_2_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca99x0 hw2.0",
@@ -156,7 +156,7 @@ v13:
  		.patch_load_addr = QCA99X0_HW_2_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.otp_exe_param = 0x00000700,
-@@ -385,6 +389,7 @@ static const struct ath10k_hw_params ath
+@@ -394,6 +398,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA9984_1_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca9984/qca9994 hw1.0",
@@ -164,7 +164,7 @@ v13:
  		.patch_load_addr = QCA9984_HW_1_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_EACH,
-@@ -433,6 +438,7 @@ static const struct ath10k_hw_params ath
+@@ -443,6 +448,7 @@ static const struct ath10k_hw_params ath
  		.dev_id = QCA9888_2_0_DEVICE_ID,
  		.bus = ATH10K_BUS_PCI,
  		.name = "qca9888 hw2.0",
@@ -172,7 +172,7 @@ v13:
  		.patch_load_addr = QCA9888_HW_2_0_PATCH_LOAD_ADDR,
  		.uart_pin = 7,
  		.cc_wraparound_type = ATH10K_HW_CC_WRAP_SHIFTED_EACH,
-@@ -3127,6 +3133,10 @@ int ath10k_core_start(struct ath10k *ar,
+@@ -3144,6 +3150,10 @@ int ath10k_core_start(struct ath10k *ar,
  		goto err_hif_stop;
  	}
  
@@ -183,7 +183,7 @@ v13:
  	return 0;
  
  err_hif_stop:
-@@ -3385,9 +3395,18 @@ static void ath10k_core_register_work(st
+@@ -3402,9 +3412,18 @@ static void ath10k_core_register_work(st
  		goto err_spectral_destroy;
  	}
  
@@ -202,7 +202,7 @@ v13:
  err_spectral_destroy:
  	ath10k_spectral_destroy(ar);
  err_debug_destroy:
-@@ -3433,6 +3452,8 @@ void ath10k_core_unregister(struct ath10
+@@ -3450,6 +3469,8 @@ void ath10k_core_unregister(struct ath10
  	if (!test_bit(ATH10K_FLAG_CORE_REGISTERED, &ar->dev_flags))
  		return;
  

package/kernel/mac80211/patches/ath10k/984-ath10k-Try-to-get-mac-address-from-dts.patch

@@ -26,7 +26,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
  #include <linux/property.h>
  #include <linux/dmi.h>
  #include <linux/ctype.h>
-@@ -3303,6 +3304,8 @@ static int ath10k_core_probe_fw(struct a
+@@ -3320,6 +3321,8 @@ static int ath10k_core_probe_fw(struct a
  
  	device_get_mac_address(ar->dev, ar->mac_addr, sizeof(ar->mac_addr));
  

package/kernel/mac80211/patches/ath9k/551-ath9k_ubnt_uap_plus_hsr.patch

@@ -371,7 +371,7 @@
  
 --- a/local-symbols
 +++ b/local-symbols
-@@ -103,6 +103,7 @@ ATH9K_WOW=
+@@ -110,6 +110,7 @@ ATH9K_WOW=
  ATH9K_RFKILL=
  ATH9K_CHANNEL_CONTEXT=
  ATH9K_PCOEM=

package/kernel/mac80211/patches/ath9k/580-ath9k_ar9561_fix_bias_level.patch

@@ -0,0 +1,47 @@
+From 4509e523dba46f789377cfec6f20579adf743416 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Thibaut=20VAR=C3=88NE?= <hacks+kernel@slashdirt.org>
+Date: Sun, 17 Apr 2022 11:31:35 +0200
+Subject: [PATCH v2] ath9k: fix QCA9561 PA bias level
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This patch fixes an invalid TX PA DC bias level on QCA9561, which
+results in a very low output power and very low throughput as devices
+are further away from the AP (compared to other 2.4GHz APs).
+
+This patch was suggested by Felix Fietkau, who noted[1]:
+"The value written to that register is wrong, because while the mask
+definition AR_CH0_TOP2_XPABIASLVL uses a different value for 9561, the
+shift definition AR_CH0_TOP2_XPABIASLVL_S is hardcoded to 12, which is
+wrong for 9561."
+
+In real life testing, without this patch the 2.4GHz throughput on
+Yuncore XD3200 is around 10Mbps sitting next to the AP, and closer to
+practical maximum with the patch applied.
+
+[1] https://lore.kernel.org/all/91c58969-c60e-2f41-00ac-737786d435ae@nbd.name
+
+Signed-off-by: Thibaut VARÈNE <hacks+kernel@slashdirt.org>
+---
+v2: Adjust #define per Felix's suggestion
+---
+ drivers/net/wireless/ath/ath9k/ar9003_phy.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/net/wireless/ath/ath9k/ar9003_phy.h b/drivers/net/wireless/ath/ath9k/ar9003_phy.h
+index a171dbb29..ad949eb02 100644
+--- a/drivers/net/wireless/ath/ath9k/ar9003_phy.h
++++ b/drivers/net/wireless/ath/ath9k/ar9003_phy.h
+@@ -720,7 +720,7 @@
+ #define AR_CH0_TOP2		(AR_SREV_9300(ah) ? 0x1628c : \
+ 					(AR_SREV_9462(ah) ? 0x16290 : 0x16284))
+ #define AR_CH0_TOP2_XPABIASLVL		(AR_SREV_9561(ah) ? 0x1e00 : 0xf000)
+-#define AR_CH0_TOP2_XPABIASLVL_S	12
++#define AR_CH0_TOP2_XPABIASLVL_S	(AR_SREV_9561(ah) ? 9 : 12)
+ 
+ #define AR_CH0_XTAL		(AR_SREV_9300(ah) ? 0x16294 : \
+ 				 ((AR_SREV_9462(ah) || AR_SREV_9565(ah)) ? 0x16298 : \
+-- 
+2.30.2
+

package/kernel/mac80211/patches/brcm/860-brcmfmac-register-wiphy-s-during-module_init.patch

@@ -13,7 +13,7 @@ Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/firmware.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/firmware.c
-@@ -429,6 +429,7 @@ struct brcmf_fw {
+@@ -431,6 +431,7 @@ struct brcmf_fw {
  	struct brcmf_fw_request *req;
  	u32 curpos;
  	void (*done)(struct device *dev, int err, struct brcmf_fw_request *req);
@@ -21,7 +21,7 @@ Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
  };
  
  #ifdef CONFIG_EFI
-@@ -653,6 +654,8 @@ static void brcmf_fw_request_done(const
+@@ -655,6 +656,8 @@ static void brcmf_fw_request_done(const
  		fwctx->req = NULL;
  	}
  	fwctx->done(fwctx->dev, ret, fwctx->req);
@@ -30,16 +30,16 @@ Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
  	kfree(fwctx);
  }
  
-@@ -693,6 +696,8 @@ int brcmf_fw_get_firmwares(struct device
+@@ -695,6 +698,8 @@ int brcmf_fw_get_firmwares(struct device
  {
  	struct brcmf_fw_item *first = &req->items[0];
  	struct brcmf_fw *fwctx;
 +	struct completion completion;
 +	unsigned long time_left;
- 	char *alt_path;
+ 	char *alt_path = NULL;
  	int ret;
  
-@@ -710,6 +715,9 @@ int brcmf_fw_get_firmwares(struct device
+@@ -712,6 +717,9 @@ int brcmf_fw_get_firmwares(struct device
  	fwctx->dev = dev;
  	fwctx->req = req;
  	fwctx->done = fw_cb;
@@ -48,8 +48,8 @@ Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
 +	fwctx->completion = &completion;
  
  	/* First try alternative board-specific path if any */
- 	alt_path = brcm_alt_fw_path(first->path, fwctx->req->board_type);
-@@ -726,6 +734,12 @@ int brcmf_fw_get_firmwares(struct device
+ 	if (fwctx->req->board_type)
+@@ -730,6 +738,12 @@ int brcmf_fw_get_firmwares(struct device
  	if (ret < 0)
  		brcmf_fw_request_done(NULL, fwctx);
  

package/kernel/mac80211/patches/build/060-no_local_ssb_bcma.patch

@@ -1,6 +1,6 @@
 --- a/local-symbols
 +++ b/local-symbols
-@@ -421,43 +421,6 @@ USB_VL600=
+@@ -428,43 +428,6 @@ USB_VL600=
  USB_NET_CH9200=
  USB_NET_AQC111=
  USB_RTL8153_ECM=
@@ -192,7 +192,7 @@
  	select BRCMUTIL
 --- a/Kconfig.local
 +++ b/Kconfig.local
-@@ -1267,117 +1267,6 @@ config BACKPORTED_USB_NET_AQC111
+@@ -1288,117 +1288,6 @@ config BACKPORTED_USB_NET_AQC111
  config BACKPORTED_USB_RTL8153_ECM
  	tristate
  	default USB_RTL8153_ECM
@@ -312,7 +312,7 @@
  	default USB_ACM
 --- a/Kconfig.sources
 +++ b/Kconfig.sources
-@@ -7,9 +7,6 @@ source "$BACKPORT_DIR/net/mac80211/Kconf
+@@ -9,9 +9,6 @@ source "$BACKPORT_DIR/drivers/bus/mhi/Kc
  source "$BACKPORT_DIR/drivers/net/wireless/Kconfig"
  source "$BACKPORT_DIR/drivers/net/usb/Kconfig"
  
@@ -324,9 +324,9 @@
  source "$BACKPORT_DIR/drivers/staging/Kconfig"
 --- a/Makefile.kernel
 +++ b/Makefile.kernel
-@@ -40,8 +40,6 @@ obj-y += compat/
- obj-$(CPTCFG_CFG80211) += net/wireless/
- obj-$(CPTCFG_MAC80211) += net/mac80211/
+@@ -42,8 +42,6 @@ obj-$(CPTCFG_MAC80211) += net/mac80211/
+ obj-$(CPTCFG_QRTR) += net/qrtr/
+ obj-$(CPTCFG_MHI_BUS) += drivers/bus/mhi/
  obj-$(CPTCFG_WLAN) += drivers/net/wireless/
 -obj-$(CPTCFG_SSB) += drivers/ssb/
 -obj-$(CPTCFG_BCMA) += drivers/bcma/

package/kernel/mac80211/patches/build/070-headers-fix-lockdep_assert_not_held.patch

@@ -1,39 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20=C5=A0tetiar?= <ynezz@true.cz>
-Date: Fri, 11 Mar 2022 18:21:04 +0100
-Subject: [PATCH] headers: fix lockdep_assert_not_held()
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-LOCK_STATE_HELD define was omitted during backport of
-lockdep_assert_not_held() which leads to build failures of kernels with
-CONFIG_LOCKDEP=y:
-
- backports-5.15.8-1/backport-include/linux/lockdep.h:16:47: error: 'LOCK_STATE_HELD' undeclared (first use in this function)
-
-Fix it by adding missing LOCK_STATE_HELD define.
-
-References: https://github.com/openwrt/openwrt/pull/9373
-References: https://lore.kernel.org/backports/20220311194800.452-1-ynezz@true.cz/T/#u
-Fixes: af58b27b1b1a ("headers: Add lockdep_assert_not_held()")
-Reported-by: Oskari Rauta <oskari.rauta@gmail.com>
-Signed-off-by: Petr Štetiar <ynezz@true.cz>
----
- backport-include/linux/lockdep.h | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/backport-include/linux/lockdep.h b/backport-include/linux/lockdep.h
-index ed5ea67894e4..842e24b7ff8f 100644
---- a/backport-include/linux/lockdep.h
-+++ b/backport-include/linux/lockdep.h
-@@ -11,6 +11,9 @@ struct lockdep_map { };
- 
- #ifndef lockdep_assert_not_held
- #ifdef CONFIG_LOCKDEP
-+#ifndef LOCK_STATE_HELD
-+#define LOCK_STATE_HELD		1
-+#endif /* LOCK_STATE_HELD */
- #define lockdep_assert_not_held(l)	do {				\
- 		WARN_ON(debug_locks &&					\
- 			lockdep_is_held(l) == LOCK_STATE_HELD);		\

package/kernel/mac80211/patches/rt2x00/602-rt2x00-introduce-rt2x00eeprom.patch

@@ -1,6 +1,6 @@
 --- a/local-symbols
 +++ b/local-symbols
-@@ -315,6 +315,7 @@ RT2X00_LIB_FIRMWARE=
+@@ -322,6 +322,7 @@ RT2X00_LIB_FIRMWARE=
  RT2X00_LIB_CRYPTO=
  RT2X00_LIB_LEDS=
  RT2X00_LIB_DEBUGFS=

package/kernel/mac80211/patches/subsys/110-mac80211_keep_keys_on_stop_ap.patch

@@ -2,7 +2,7 @@ Used for AP+STA support in OpenWrt - preserve AP mode keys across STA reconnects
 
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c
-@@ -1316,7 +1316,6 @@ static int ieee80211_stop_ap(struct wiph
+@@ -1319,7 +1319,6 @@ static int ieee80211_stop_ap(struct wiph
  	sdata->vif.bss_conf.ftmr_params = NULL;
  
  	__sta_info_flush(sdata, true);

package/kernel/mac80211/patches/subsys/150-disable_addr_notifier.patch

@@ -18,7 +18,7 @@
  static int ieee80211_ifa6_changed(struct notifier_block *nb,
  				  unsigned long data, void *arg)
  {
-@@ -1324,14 +1324,14 @@ int ieee80211_register_hw(struct ieee802
+@@ -1321,14 +1321,14 @@ int ieee80211_register_hw(struct ieee802
  	wiphy_unlock(hw->wiphy);
  	rtnl_unlock();
  
@@ -35,7 +35,7 @@
  	local->ifa6_notifier.notifier_call = ieee80211_ifa6_changed;
  	result = register_inet6addr_notifier(&local->ifa6_notifier);
  	if (result)
-@@ -1340,13 +1340,13 @@ int ieee80211_register_hw(struct ieee802
+@@ -1337,13 +1337,13 @@ int ieee80211_register_hw(struct ieee802
  
  	return 0;
  
@@ -52,7 +52,7 @@
   fail_ifa:
  #endif
  	wiphy_unregister(local->hw.wiphy);
-@@ -1374,10 +1374,10 @@ void ieee80211_unregister_hw(struct ieee
+@@ -1371,10 +1371,10 @@ void ieee80211_unregister_hw(struct ieee
  	tasklet_kill(&local->tx_pending_tasklet);
  	tasklet_kill(&local->tasklet);
  

package/kernel/mac80211/patches/subsys/300-mac80211-fix-rate-control-for-retransmitted-frames.patch

@@ -1,35 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Mon, 22 Nov 2021 21:39:38 +0100
-Subject: [PATCH] mac80211: fix rate control for retransmitted frames
-
-Since retransmission clears info->control, rate control needs to be called
-again, otherwise the driver might crash due to invalid rates.
-
-Cc: stable@vger.kernel.org # 5.14+
-Reported-by: Aaro Koskinen <aaro.koskinen@iki.fi>
-Reported-by: Robert W <rwbugreport@lost-in-the-void.net>
-Fixes: 03c3911d2d67 ("mac80211: call ieee80211_tx_h_rate_ctrl() when dequeue")
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/net/mac80211/tx.c
-+++ b/net/mac80211/tx.c
-@@ -1821,15 +1821,15 @@ static int invoke_tx_handlers_late(struc
- 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
- 	ieee80211_tx_result res = TX_CONTINUE;
- 
-+	if (!ieee80211_hw_check(&tx->local->hw, HAS_RATE_CONTROL))
-+		CALL_TXH(ieee80211_tx_h_rate_ctrl);
-+
- 	if (unlikely(info->flags & IEEE80211_TX_INTFL_RETRANSMISSION)) {
- 		__skb_queue_tail(&tx->skbs, tx->skb);
- 		tx->skb = NULL;
- 		goto txh_done;
- 	}
- 
--	if (!ieee80211_hw_check(&tx->local->hw, HAS_RATE_CONTROL))
--		CALL_TXH(ieee80211_tx_h_rate_ctrl);
--
- 	CALL_TXH(ieee80211_tx_h_michael_mic_add);
- 	CALL_TXH(ieee80211_tx_h_sequence);
- 	CALL_TXH(ieee80211_tx_h_fragment);

package/kernel/mac80211/patches/subsys/302-mac80211-fix-regression-in-SSN-handling-of-addba-tx.patch

@@ -1,44 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Wed, 24 Nov 2021 10:30:41 +0100
-Subject: [PATCH] mac80211: fix regression in SSN handling of addba tx
-
-Some drivers that do their own sequence number allocation (e.g. ath9k) rely
-on being able to modify params->ssn on starting tx ampdu sessions.
-This was broken by a change that modified it to use sta->tid_seq[tid] instead.
-
-Cc: stable@vger.kernel.org
-Fixes: 31d8bb4e07f8 ("mac80211: agg-tx: refactor sending addba")
-Reported-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/net/mac80211/agg-tx.c
-+++ b/net/mac80211/agg-tx.c
-@@ -480,8 +480,7 @@ static void ieee80211_send_addba_with_ti
- 
- 	/* send AddBA request */
- 	ieee80211_send_addba_request(sdata, sta->sta.addr, tid,
--				     tid_tx->dialog_token,
--				     sta->tid_seq[tid] >> 4,
-+				     tid_tx->dialog_token, tid_tx->ssn,
- 				     buf_size, tid_tx->timeout);
- 
- 	WARN_ON(test_and_set_bit(HT_AGG_STATE_SENT_ADDBA, &tid_tx->state));
-@@ -523,6 +522,7 @@ void ieee80211_tx_ba_session_handle_star
- 
- 	params.ssn = sta->tid_seq[tid] >> 4;
- 	ret = drv_ampdu_action(local, sdata, &params);
-+	tid_tx->ssn = params.ssn;
- 	if (ret == IEEE80211_AMPDU_TX_START_DELAY_ADDBA) {
- 		return;
- 	} else if (ret == IEEE80211_AMPDU_TX_START_IMMEDIATE) {
---- a/net/mac80211/sta_info.h
-+++ b/net/mac80211/sta_info.h
-@@ -199,6 +199,7 @@ struct tid_ampdu_tx {
- 	u8 stop_initiator;
- 	bool tx_stop;
- 	u16 buf_size;
-+	u16 ssn;
- 
- 	u16 failed_bar_ssn;
- 	bool bar_pending;

package/kernel/mac80211/patches/subsys/303-mac80211-set-up-the-fwd_skb-dev-for-mesh-forwarding.patch

@@ -52,7 +52,7 @@ Signed-off-by: Xing Song <xing.song@mediatek.com>
 
 --- a/net/mac80211/rx.c
 +++ b/net/mac80211/rx.c
-@@ -2948,6 +2948,7 @@ ieee80211_rx_h_mesh_fwding(struct ieee80
+@@ -2949,6 +2949,7 @@ ieee80211_rx_h_mesh_fwding(struct ieee80
  	if (!fwd_skb)
  		goto out;
  

package/kernel/mac80211/patches/subsys/304-mac80211-send-ADDBA-requests-using-the-tid-queue-of-.patch

@@ -1,28 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Thu, 2 Dec 2021 13:30:05 +0100
-Subject: [PATCH] mac80211: send ADDBA requests using the tid/queue of the
- aggregation session
-
-Sending them out on a different queue can cause a race condition where a
-number of packets in the queue may be discarded by the receiver, because
-the ADDBA request is sent too early.
-This affects any driver with software A-MPDU setup which does not allocate
-packet seqno in hardware on tx, regardless of whether iTXQ is used or not.
-The only driver I've seen that explicitly deals with this issue internally
-is mwl8k.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/net/mac80211/agg-tx.c
-+++ b/net/mac80211/agg-tx.c
-@@ -106,7 +106,7 @@ static void ieee80211_send_addba_request
- 	mgmt->u.action.u.addba_req.start_seq_num =
- 					cpu_to_le16(start_seq_num << 4);
- 
--	ieee80211_tx_skb(sdata, skb);
-+	ieee80211_tx_skb_tid(sdata, skb, tid);
- }
- 
- void ieee80211_send_bar(struct ieee80211_vif *vif, u8 *ra, u16 tid, u16 ssn)

package/kernel/mac80211/patches/subsys/305-mac80211-agg-tx-don-t-schedule_and_wake_txq-under-st.patch

@@ -1,79 +0,0 @@
-From: Johannes Berg <johannes.berg@intel.com>
-Date: Mon, 29 Nov 2021 15:32:47 +0200
-Subject: [PATCH] mac80211: agg-tx: don't schedule_and_wake_txq() under
- sta->lock
-
-When we call ieee80211_agg_start_txq(), that will in turn call
-schedule_and_wake_txq(). Called from ieee80211_stop_tx_ba_cb()
-this is done under sta->lock, which leads to certain circular
-lock dependencies, as reported by Chris Murphy:
-https://lore.kernel.org/r/CAJCQCtSXJ5qA4bqSPY=oLRMbv-irihVvP7A2uGutEbXQVkoNaw@mail.gmail.com
-
-In general, ieee80211_agg_start_txq() is usually not called
-with sta->lock held, only in this one place. But it's always
-called with sta->ampdu_mlme.mtx held, and that's therefore
-clearly sufficient.
-
-Change ieee80211_stop_tx_ba_cb() to also call it without the
-sta->lock held, by factoring it out of ieee80211_remove_tid_tx()
-(which is only called in this one place).
-
-This breaks the locking chain and makes it less likely that
-we'll have similar locking chain problems in the future.
-
-Reported-by: Chris Murphy <lists@colorremedies.com>
-Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
----
-
---- a/net/mac80211/agg-tx.c
-+++ b/net/mac80211/agg-tx.c
-@@ -9,7 +9,7 @@
-  * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
-  * Copyright 2007-2010, Intel Corporation
-  * Copyright(c) 2015-2017 Intel Deutschland GmbH
-- * Copyright (C) 2018 - 2020 Intel Corporation
-+ * Copyright (C) 2018 - 2021 Intel Corporation
-  */
- 
- #include <linux/ieee80211.h>
-@@ -213,6 +213,8 @@ ieee80211_agg_start_txq(struct sta_info
- 	struct ieee80211_txq *txq = sta->sta.txq[tid];
- 	struct txq_info *txqi;
- 
-+	lockdep_assert_held(&sta->ampdu_mlme.mtx);
-+
- 	if (!txq)
- 		return;
- 
-@@ -290,7 +292,6 @@ static void ieee80211_remove_tid_tx(stru
- 	ieee80211_assign_tid_tx(sta, tid, NULL);
- 
- 	ieee80211_agg_splice_finish(sta->sdata, tid);
--	ieee80211_agg_start_txq(sta, tid, false);
- 
- 	kfree_rcu(tid_tx, rcu_head);
- }
-@@ -889,6 +890,7 @@ void ieee80211_stop_tx_ba_cb(struct sta_
- {
- 	struct ieee80211_sub_if_data *sdata = sta->sdata;
- 	bool send_delba = false;
-+	bool start_txq = false;
- 
- 	ht_dbg(sdata, "Stopping Tx BA session for %pM tid %d\n",
- 	       sta->sta.addr, tid);
-@@ -906,10 +908,14 @@ void ieee80211_stop_tx_ba_cb(struct sta_
- 		send_delba = true;
- 
- 	ieee80211_remove_tid_tx(sta, tid);
-+	start_txq = true;
- 
-  unlock_sta:
- 	spin_unlock_bh(&sta->lock);
- 
-+	if (start_txq)
-+		ieee80211_agg_start_txq(sta, tid, false);
-+
- 	if (send_delba)
- 		ieee80211_send_delba(sdata, sta->sta.addr, tid,
- 			WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);

package/kernel/mac80211/patches/subsys/307-mac80211_hwsim-make-6-GHz-channels-usable.patch

@@ -11,7 +11,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 --- a/drivers/net/wireless/mac80211_hwsim.c
 +++ b/drivers/net/wireless/mac80211_hwsim.c
-@@ -2992,15 +2992,19 @@ static void mac80211_hwsim_he_capab(stru
+@@ -3001,15 +3001,19 @@ static void mac80211_hwsim_he_capab(stru
  {
  	u16 n_iftype_data;
  
@@ -34,7 +34,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  		return;
  	}
  
-@@ -3290,6 +3294,12 @@ static int mac80211_hwsim_new_radio(stru
+@@ -3299,6 +3303,12 @@ static int mac80211_hwsim_new_radio(stru
  			sband->vht_cap.vht_mcs.tx_mcs_map =
  				sband->vht_cap.vht_mcs.rx_mcs_map;
  			break;
@@ -47,7 +47,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  		case NL80211_BAND_S1GHZ:
  			memcpy(&sband->s1g_cap, &hwsim_s1g_cap,
  			       sizeof(sband->s1g_cap));
-@@ -3300,6 +3310,13 @@ static int mac80211_hwsim_new_radio(stru
+@@ -3309,6 +3319,13 @@ static int mac80211_hwsim_new_radio(stru
  			continue;
  		}
  
@@ -61,7 +61,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  		sband->ht_cap.ht_supported = true;
  		sband->ht_cap.cap = IEEE80211_HT_CAP_SUP_WIDTH_20_40 |
  				    IEEE80211_HT_CAP_GRN_FLD |
-@@ -3313,10 +3330,6 @@ static int mac80211_hwsim_new_radio(stru
+@@ -3322,10 +3339,6 @@ static int mac80211_hwsim_new_radio(stru
  		sband->ht_cap.mcs.rx_mask[0] = 0xff;
  		sband->ht_cap.mcs.rx_mask[1] = 0xff;
  		sband->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;

package/kernel/mac80211/patches/subsys/308-mac80211-add-support-for-.ndo_fill_forward_path.patch

@@ -38,10 +38,10 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  /**
 --- a/net/mac80211/driver-ops.h
 +++ b/net/mac80211/driver-ops.h
-@@ -1483,4 +1483,28 @@ static inline void drv_twt_teardown_requ
+@@ -1486,4 +1486,28 @@ static inline void drv_twt_teardown_requ
  	trace_drv_return_void(local);
  }
-
+ 
 +#if LINUX_VERSION_IS_GEQ(5,10,0)
 +static inline int drv_net_fill_forward_path(struct ieee80211_local *local,
 +					    struct ieee80211_sub_if_data *sdata,
@@ -69,7 +69,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  #endif /* __MAC80211_DRIVER_OPS */
 --- a/net/mac80211/ieee80211_i.h
 +++ b/net/mac80211/ieee80211_i.h
-@@ -1465,7 +1465,7 @@ struct ieee80211_local {
+@@ -1485,7 +1485,7 @@ struct ieee80211_local {
  };
  
  static inline struct ieee80211_sub_if_data *
@@ -147,7 +147,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  static const struct net_device_ops ieee80211_dataif_8023_ops = {
  #if LINUX_VERSION_IS_LESS(4,10,0)
  	.ndo_change_mtu = __change_mtu,
-@@ -839,7 +901,9 @@ static const struct net_device_ops ieee8
+@@ -839,7 +899,9 @@ static const struct net_device_ops ieee8
  #else
  	.ndo_get_stats64 = bp_ieee80211_get_stats64,
  #endif
@@ -163,7 +163,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
 @@ -2892,6 +2892,15 @@ TRACE_EVENT(drv_twt_teardown_request,
  	)
  );
-
+ 
 +#if LINUX_VERSION_IS_GEQ(5,10,0)
 +DEFINE_EVENT(sta_event, drv_net_fill_forward_path,
 +	TP_PROTO(struct ieee80211_local *local,

package/kernel/mac80211/patches/subsys/313-nl80211-MBSSID-and-EMA-support-in-AP-mode.patch

@@ -221,7 +221,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  #endif /* __LINUX_NL80211_H */
 --- a/net/wireless/nl80211.c
 +++ b/net/wireless/nl80211.c
-@@ -439,6 +439,16 @@ sar_policy[NL80211_SAR_ATTR_MAX + 1] = {
+@@ -442,6 +442,16 @@ sar_policy[NL80211_SAR_ATTR_MAX + 1] = {
  	[NL80211_SAR_ATTR_SPECS] = NLA_POLICY_NESTED_ARRAY(sar_specs_policy),
  };
  
@@ -238,7 +238,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
  	[0] = { .strict_start_type = NL80211_ATTR_HE_OBSS_PD },
  	[NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
-@@ -780,6 +790,9 @@ static const struct nla_policy nl80211_p
+@@ -783,6 +793,9 @@ static const struct nla_policy nl80211_p
  	[NL80211_ATTR_COLOR_CHANGE_COUNT] = { .type = NLA_U8 },
  	[NL80211_ATTR_COLOR_CHANGE_COLOR] = { .type = NLA_U8 },
  	[NL80211_ATTR_COLOR_CHANGE_ELEMS] = NLA_POLICY_NESTED(nl80211_policy),
@@ -248,7 +248,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  };
  
  /* policy for the key attributes */
-@@ -2228,6 +2241,35 @@ fail:
+@@ -2231,6 +2244,35 @@ fail:
  	return -ENOBUFS;
  }
  
@@ -284,7 +284,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  struct nl80211_dump_wiphy_state {
  	s64 filter_wiphy;
  	long start;
-@@ -2813,6 +2855,9 @@ static int nl80211_send_wiphy(struct cfg
+@@ -2816,6 +2858,9 @@ static int nl80211_send_wiphy(struct cfg
  		if (nl80211_put_sar_specs(rdev, msg))
  			goto nla_put_failure;
  
@@ -294,7 +294,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  		/* done */
  		state->split_start = 0;
  		break;
-@@ -5002,6 +5047,96 @@ static int validate_beacon_tx_rate(struc
+@@ -5005,6 +5050,96 @@ static int validate_beacon_tx_rate(struc
  	return 0;
  }
  
@@ -391,7 +391,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  static int nl80211_parse_beacon(struct cfg80211_registered_device *rdev,
  				struct nlattr *attrs[],
  				struct cfg80211_beacon_data *bcn)
-@@ -5082,6 +5217,17 @@ static int nl80211_parse_beacon(struct c
+@@ -5085,6 +5220,17 @@ static int nl80211_parse_beacon(struct c
  		bcn->ftm_responder = -1;
  	}
  
@@ -409,7 +409,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	return 0;
  }
  
-@@ -5538,6 +5684,17 @@ static int nl80211_start_ap(struct sk_bu
+@@ -5541,6 +5687,17 @@ static int nl80211_start_ap(struct sk_bu
  			goto out;
  	}
  
@@ -427,7 +427,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	nl80211_calculate_ap_params(&params);
  
  	if (info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT])
-@@ -5559,6 +5716,11 @@ static int nl80211_start_ap(struct sk_bu
+@@ -5562,6 +5719,11 @@ static int nl80211_start_ap(struct sk_bu
  
  out:
  	kfree(params.acl);
@@ -439,7 +439,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  	return err;
  }
-@@ -5583,12 +5745,14 @@ static int nl80211_set_beacon(struct sk_
+@@ -5586,12 +5748,14 @@ static int nl80211_set_beacon(struct sk_
  
  	err = nl80211_parse_beacon(rdev, info->attrs, &params);
  	if (err)
@@ -455,7 +455,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	return err;
  }
  
-@@ -9265,12 +9429,14 @@ static int nl80211_channel_switch(struct
+@@ -9268,12 +9432,14 @@ static int nl80211_channel_switch(struct
  
  	err = nl80211_parse_beacon(rdev, info->attrs, &params.beacon_after);
  	if (err)
@@ -473,7 +473,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  	err = nla_parse_nested_deprecated(csa_attrs, NL80211_ATTR_MAX,
  					  info->attrs[NL80211_ATTR_CSA_IES],
-@@ -9389,6 +9555,8 @@ skip_beacons:
+@@ -9392,6 +9558,8 @@ skip_beacons:
  	wdev_unlock(wdev);
  
  free:
@@ -482,7 +482,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	kfree(csa_attrs);
  	return err;
  }
-@@ -14924,6 +15092,8 @@ static int nl80211_color_change(struct s
+@@ -14939,6 +15107,8 @@ static int nl80211_color_change(struct s
  	wdev_unlock(wdev);
  
  out:

package/kernel/mac80211/patches/subsys/314-cfg80211-implement-APIs-for-dedicated-radar-detectio.patch

@@ -119,7 +119,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	NUM_NL80211_EXT_FEATURES,
 --- a/net/wireless/core.c
 +++ b/net/wireless/core.c
-@@ -552,6 +552,7 @@ use_default_name:
+@@ -543,6 +543,7 @@ use_default_name:
  	INIT_WORK(&rdev->rfkill_block, cfg80211_rfkill_block_work);
  	INIT_WORK(&rdev->conn_work, cfg80211_conn_work);
  	INIT_WORK(&rdev->event_work, cfg80211_event_work);
@@ -127,7 +127,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  	init_waitqueue_head(&rdev->dev_wait);
  
-@@ -1214,6 +1215,8 @@ void __cfg80211_leave(struct cfg80211_re
+@@ -1205,6 +1206,8 @@ void __cfg80211_leave(struct cfg80211_re
  
  	cfg80211_pmsr_wdev_down(wdev);
  
@@ -286,7 +286,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
 +}
 --- a/net/wireless/nl80211.c
 +++ b/net/wireless/nl80211.c
-@@ -793,6 +793,7 @@ static const struct nla_policy nl80211_p
+@@ -796,6 +796,7 @@ static const struct nla_policy nl80211_p
  	[NL80211_ATTR_MBSSID_CONFIG] =
  			NLA_POLICY_NESTED(nl80211_mbssid_config_policy),
  	[NL80211_ATTR_MBSSID_ELEMS] = { .type = NLA_NESTED },
@@ -294,7 +294,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  };
  
  /* policy for the key attributes */
-@@ -9269,12 +9270,6 @@ static int nl80211_start_radar_detection
+@@ -9272,12 +9273,6 @@ static int nl80211_start_radar_detection
  	if (err)
  		return err;
  
@@ -307,7 +307,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	err = cfg80211_chandef_dfs_required(wiphy, &chandef, wdev->iftype);
  	if (err < 0)
  		return err;
-@@ -9285,6 +9280,16 @@ static int nl80211_start_radar_detection
+@@ -9288,6 +9283,16 @@ static int nl80211_start_radar_detection
  	if (!cfg80211_chandef_dfs_usable(wiphy, &chandef))
  		return -EINVAL;
  

package/kernel/mac80211/patches/subsys/315-cfg80211-move-offchan_cac_event-to-a-dedicated-work.patch

@@ -43,7 +43,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
   * cfg80211_gtk_rekey_notify - notify userspace about driver rekeying
 --- a/net/wireless/core.c
 +++ b/net/wireless/core.c
-@@ -552,7 +552,9 @@ use_default_name:
+@@ -543,7 +543,9 @@ use_default_name:
  	INIT_WORK(&rdev->rfkill_block, cfg80211_rfkill_block_work);
  	INIT_WORK(&rdev->conn_work, cfg80211_conn_work);
  	INIT_WORK(&rdev->event_work, cfg80211_event_work);
@@ -54,7 +54,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  	init_waitqueue_head(&rdev->dev_wait);
  
-@@ -1062,11 +1064,13 @@ void wiphy_unregister(struct wiphy *wiph
+@@ -1053,11 +1055,13 @@ void wiphy_unregister(struct wiphy *wiph
  	cancel_work_sync(&rdev->conn_work);
  	flush_work(&rdev->event_work);
  	cancel_delayed_work_sync(&rdev->dfs_update_channels_wk);

package/kernel/mac80211/patches/subsys/318-cfg80211-allow-continuous-radar-monitoring-on-offcha.patch

@@ -118,7 +118,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  				     NL80211_RADAR_CAC_ABORTED);
 --- a/net/wireless/nl80211.c
 +++ b/net/wireless/nl80211.c
-@@ -9260,42 +9260,60 @@ static int nl80211_start_radar_detection
+@@ -9263,42 +9263,60 @@ static int nl80211_start_radar_detection
  	struct cfg80211_chan_def chandef;
  	enum nl80211_dfs_regions dfs_region;
  	unsigned int cac_time_ms;
@@ -198,7 +198,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  	cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, &chandef);
  	if (WARN_ON(!cac_time_ms))
-@@ -9308,6 +9326,9 @@ static int nl80211_start_radar_detection
+@@ -9311,6 +9329,9 @@ static int nl80211_start_radar_detection
  		wdev->cac_start_time = jiffies;
  		wdev->cac_time_ms = cac_time_ms;
  	}
@@ -208,7 +208,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	return err;
  }
  
-@@ -15926,7 +15947,8 @@ static const struct genl_small_ops nl802
+@@ -15941,7 +15962,8 @@ static const struct genl_small_ops nl802
  		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  		.doit = nl80211_start_radar_detection,
  		.flags = GENL_UNS_ADMIN_PERM,

package/kernel/mac80211/patches/subsys/320-cfg80211-rename-offchannel_chain-structs-to-backgrou.patch

@@ -204,7 +204,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  bool cfg80211_any_wiphy_oper_chan(struct wiphy *wiphy,
 --- a/net/wireless/core.c
 +++ b/net/wireless/core.c
-@@ -552,9 +552,10 @@ use_default_name:
+@@ -543,9 +543,10 @@ use_default_name:
  	INIT_WORK(&rdev->rfkill_block, cfg80211_rfkill_block_work);
  	INIT_WORK(&rdev->conn_work, cfg80211_conn_work);
  	INIT_WORK(&rdev->event_work, cfg80211_event_work);
@@ -218,7 +218,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  	init_waitqueue_head(&rdev->dev_wait);
  
-@@ -1064,13 +1065,13 @@ void wiphy_unregister(struct wiphy *wiph
+@@ -1055,13 +1056,13 @@ void wiphy_unregister(struct wiphy *wiph
  	cancel_work_sync(&rdev->conn_work);
  	flush_work(&rdev->event_work);
  	cancel_delayed_work_sync(&rdev->dfs_update_channels_wk);
@@ -234,7 +234,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  #ifdef CONFIG_PM
  	if (rdev->wiphy.wowlan_config && rdev->ops->set_wakeup)
-@@ -1219,7 +1220,7 @@ void __cfg80211_leave(struct cfg80211_re
+@@ -1210,7 +1211,7 @@ void __cfg80211_leave(struct cfg80211_re
  
  	cfg80211_pmsr_wdev_down(wdev);
  
@@ -472,7 +472,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  }
 --- a/net/wireless/nl80211.c
 +++ b/net/wireless/nl80211.c
-@@ -793,7 +793,7 @@ static const struct nla_policy nl80211_p
+@@ -796,7 +796,7 @@ static const struct nla_policy nl80211_p
  	[NL80211_ATTR_MBSSID_CONFIG] =
  			NLA_POLICY_NESTED(nl80211_mbssid_config_policy),
  	[NL80211_ATTR_MBSSID_ELEMS] = { .type = NLA_NESTED },
@@ -481,7 +481,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  };
  
  /* policy for the key attributes */
-@@ -9288,9 +9288,9 @@ static int nl80211_start_radar_detection
+@@ -9291,9 +9291,9 @@ static int nl80211_start_radar_detection
  		goto unlock;
  	}
  

package/kernel/mac80211/patches/subsys/321-mac80211-fix-EAPoL-rekey-fail-in-802.3-rx-path.patch

@@ -1,43 +0,0 @@
-From: Deren Wu <deren.wu@mediatek.com>
-Date: Sun, 13 Feb 2022 00:20:15 +0800
-Subject: [PATCH] mac80211: fix EAPoL rekey fail in 802.3 rx path
-
-mac80211 set capability NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211
-to upper layer by default. That means we should pass EAPoL packets through
-nl80211 path only, and should not send the EAPoL skb to netdevice diretly.
-At the meanwhile, wpa_supplicant would not regist sock to listen EAPoL skb
-on the netdevice.
-
-However, there is no contorl_port_protocol handler in mac80211 for 802.3 RX
-packets, mac80211 driver would pass up the EAPoL rekey frame to netdevice
-and wpa_supplicant would be never interactive with this kind of packets,
-if SUPPORTS_RX_DECAP_OFFLOAD is enabled. This causes STA always rekey fail
-if EAPoL frame go through 802.3 path.
-
-To avoid this problem, align the same process as 802.11 type to handle
-this frame before put it into network stack.
-
-Fixes: 80a915ec4427 ("mac80211: add rx decapsulation offload support")
-Signed-off-by: Deren Wu <deren.wu@mediatek.com>
----
-
---- a/net/mac80211/rx.c
-+++ b/net/mac80211/rx.c
-@@ -4523,16 +4523,7 @@ static void ieee80211_rx_8023(struct iee
- 
- 	/* deliver to local stack */
- 	skb->protocol = eth_type_trans(skb, fast_rx->dev);
--	memset(skb->cb, 0, sizeof(skb->cb));
--	if (rx->list)
--#if LINUX_VERSION_IS_GEQ(4,19,0)
--		list_add_tail(&skb->list, rx->list);
--#else
--		__skb_queue_tail(rx->list, skb);
--#endif
--	else
--		netif_receive_skb(skb);
--
-+	ieee80211_deliver_skb_to_local_stack(skb, rx);
- }
- 
- static bool ieee80211_invoke_fast_rx(struct ieee80211_rx_data *rx,

package/kernel/mac80211/patches/subsys/322-mac80211-fix-forwarded-mesh-frames-AC-queue-selectio.patch

@@ -1,50 +0,0 @@
-From: Nicolas Escande <nico.escande@gmail.com>
-Date: Mon, 14 Feb 2022 18:32:14 +0100
-Subject: [PATCH] mac80211: fix forwarded mesh frames AC & queue selection
-
-There are two problems with the current code that have been highlighted
-with the AQL feature that is now enbaled by default.
-
-First problem is in ieee80211_rx_h_mesh_fwding(),
-ieee80211_select_queue_80211() is used on received packets to choose
-the sending AC queue of the forwarding packet although this function
-should only be called on TX packet (it uses ieee80211_tx_info).
-This ends with forwarded mesh packets been sent on unrelated random AC
-queue. To fix that, AC queue can directly be infered from skb->priority
-which has been extracted from QOS info (see ieee80211_parse_qos()).
-
-Second problem is the value of queue_mapping set on forwarded mesh
-frames via skb_set_queue_mapping() is not the AC of the packet but a
-hardware queue index. This may or may not work depending on AC to HW
-queue mapping which is driver specific.
-
-Both of these issues lead to improper AC selection while forwarding
-mesh packets but more importantly due to improper airtime accounting
-(which is done on a per STA, per AC basis) caused traffic stall with
-the introduction of AQL.
-
-Fixes: cf44012810cc ("mac80211: fix unnecessary frame drops in mesh fwding")
-Fixes: d3c1597b8d1b ("mac80211: fix forwarded mesh frame queue mapping")
-Co-developed-by: Remi Pommarel <repk@triplefau.lt>
-Signed-off-by: Remi Pommarel <repk@triplefau.lt>
-Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
----
-
---- a/net/mac80211/rx.c
-+++ b/net/mac80211/rx.c
-@@ -2921,13 +2921,13 @@ ieee80211_rx_h_mesh_fwding(struct ieee80
- 	    ether_addr_equal(sdata->vif.addr, hdr->addr3))
- 		return RX_CONTINUE;
- 
--	ac = ieee80211_select_queue_80211(sdata, skb, hdr);
-+	ac = ieee802_1d_to_ac[skb->priority];
- 	q = sdata->vif.hw_queue[ac];
- 	if (ieee80211_queue_stopped(&local->hw, q)) {
- 		IEEE80211_IFSTA_MESH_CTR_INC(ifmsh, dropped_frames_congestion);
- 		return RX_DROP_MONITOR;
- 	}
--	skb_set_queue_mapping(skb, q);
-+	skb_set_queue_mapping(skb, ac);
- 
- 	if (!--mesh_hdr->ttl) {
- 		if (!is_multicast_ether_addr(hdr->addr1))

package/kernel/mac80211/patches/subsys/324-mac80211-MBSSID-beacon-handling-in-AP-mode.patch

@@ -106,7 +106,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
  	if (csa) {
  		new->cntdwn_current_counter = csa->count;
-@@ -1329,8 +1366,11 @@ static int ieee80211_stop_ap(struct wiph
+@@ -1332,8 +1369,11 @@ static int ieee80211_stop_ap(struct wiph
  
  	mutex_unlock(&local->mtx);
  
@@ -246,7 +246,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  	struct rcu_head rcu_head;
  };
  
-@@ -1063,6 +1064,20 @@ ieee80211_vif_get_shift(struct ieee80211
+@@ -1083,6 +1084,20 @@ ieee80211_vif_get_shift(struct ieee80211
  	return shift;
  }
  

package/kernel/mac80211/patches/subsys/329-mac80211-minstrel_ht-fix-where-rate-stats-are-stored.patch

@@ -0,0 +1,61 @@
+From: Peter Seiderer <ps.report@gmx.net>
+Date: Mon, 4 Apr 2022 18:54:14 +0200
+Subject: [PATCH] mac80211: minstrel_ht: fix where rate stats are stored (fixes
+ debugfs output)
+
+Using an ath9k card the debugfs output of minstrel_ht looks like the following
+(note the zero values for the first four rates sum-of success/attempts):
+
+             best    ____________rate__________    ____statistics___    _____last____    ______sum-of________
+mode guard #  rate   [name   idx airtime  max_tp]  [avg(tp) avg(prob)]  [retry|suc|att]  [#success | #attempts]
+OFDM       1    DP     6.0M  272    1640     5.2       3.1      53.8       3     0 0             0   0
+OFDM       1   C       9.0M  273    1104     7.7       4.6      53.8       4     0 0             0   0
+OFDM       1  B       12.0M  274     836    10.0       6.0      53.8       4     0 0             0   0
+OFDM       1 A    S   18.0M  275     568    14.3       8.5      53.8       5     0 0             0   0
+OFDM       1      S   24.0M  276     436    18.1       0.0       0.0       5     0 1            80   1778
+OFDM       1          36.0M  277     300    24.9       0.0       0.0       0     0 1             0   107
+OFDM       1      S   48.0M  278     236    30.4       0.0       0.0       0     0 0             0   75
+OFDM       1          54.0M  279     212    33.0       0.0       0.0       0     0 0             0   72
+
+Total packet count::    ideal 16582      lookaround 885
+Average # of aggregated frames per A-MPDU: 1.0
+
+Debugging showed that the rate statistics for the first four rates where
+stored in the MINSTREL_CCK_GROUP instead of the MINSTREL_OFDM_GROUP because
+in minstrel_ht_get_stats() the supported check was not honoured as done in
+various other places, e.g net/mac80211/rc80211_minstrel_ht_debugfs.c:
+
+ 74                 if (!(mi->supported[i] & BIT(j)))
+ 75                         continue;
+
+With the patch applied the output looks good:
+
+              best    ____________rate__________    ____statistics___    _____last____    ______sum-of________
+mode guard #  rate   [name   idx airtime  max_tp]  [avg(tp) avg(prob)]  [retry|suc|att]  [#success | #attempts]
+OFDM       1    D      6.0M  272    1640     5.2       5.2     100.0       3     0 0             1   1
+OFDM       1   C       9.0M  273    1104     7.7       7.7     100.0       4     0 0            38   38
+OFDM       1  B       12.0M  274     836    10.0       9.9      89.5       4     2 2           372   395
+OFDM       1 A   P    18.0M  275     568    14.3      14.3      97.2       5    52 53         6956   7181
+OFDM       1      S   24.0M  276     436    18.1       0.0       0.0       0     0 1             6   163
+OFDM       1          36.0M  277     300    24.9       0.0       0.0       0     0 1             0   35
+OFDM       1      S   48.0M  278     236    30.4       0.0       0.0       0     0 0             0   38
+OFDM       1      S   54.0M  279     212    33.0       0.0       0.0       0     0 0             0   38
+
+Total packet count::    ideal 7097      lookaround 287
+Average # of aggregated frames per A-MPDU: 1.0
+
+Signed-off-by: Peter Seiderer <ps.report@gmx.net>
+---
+
+--- a/net/mac80211/rc80211_minstrel_ht.c
++++ b/net/mac80211/rc80211_minstrel_ht.c
+@@ -364,6 +364,9 @@ minstrel_ht_get_stats(struct minstrel_pr
+ 
+ 	group = MINSTREL_CCK_GROUP;
+ 	for (idx = 0; idx < ARRAY_SIZE(mp->cck_rates); idx++) {
++		if (!(mi->supported[group] & BIT(idx)))
++			continue;
++
+ 		if (rate->idx != mp->cck_rates[idx])
+ 			continue;
+ 

package/kernel/mac80211/patches/subsys/400-allow-ibss-mixed.patch

@@ -5,7 +5,7 @@ and we should ignore this.
 
 --- a/net/wireless/core.c
 +++ b/net/wireless/core.c
-@@ -634,21 +634,6 @@ static int wiphy_verify_combinations(str
+@@ -625,21 +625,6 @@ static int wiphy_verify_combinations(str
  				    c->limits[j].max > 1))
  				return -EINVAL;
  

package/kernel/mac80211/patches/subsys/500-mac80211_configure_antenna_gain.patch

@@ -87,7 +87,7 @@
  	CFG80211_TESTMODE_DUMP(ieee80211_testmode_dump)
 --- a/net/mac80211/ieee80211_i.h
 +++ b/net/mac80211/ieee80211_i.h
-@@ -1444,6 +1444,7 @@ struct ieee80211_local {
+@@ -1464,6 +1464,7 @@ struct ieee80211_local {
  	int dynamic_ps_forced_timeout;
  
  	int user_power_level; /* in dBm, for all interfaces */
@@ -129,7 +129,7 @@
  	local->hw.max_mtu = IEEE80211_MAX_DATA_LEN;
 --- a/net/wireless/nl80211.c
 +++ b/net/wireless/nl80211.c
-@@ -794,6 +794,7 @@ static const struct nla_policy nl80211_p
+@@ -797,6 +797,7 @@ static const struct nla_policy nl80211_p
  			NLA_POLICY_NESTED(nl80211_mbssid_config_policy),
  	[NL80211_ATTR_MBSSID_ELEMS] = { .type = NLA_NESTED },
  	[NL80211_ATTR_RADAR_BACKGROUND] = { .type = NLA_FLAG },
@@ -137,7 +137,7 @@
  };
  
  /* policy for the key attributes */
-@@ -3374,6 +3375,22 @@ static int nl80211_set_wiphy(struct sk_b
+@@ -3377,6 +3378,22 @@ static int nl80211_set_wiphy(struct sk_b
  		if (result)
  			goto out;
  	}

package/libs/gettext-full/Makefile

@@ -88,6 +88,11 @@ define Build/InstallDev
 	$(SED) '/read dummy/d' $(STAGING_DIR_HOSTPKG)/bin/gettextize
 endef
 
+define Host/Install
+	$(call Host/Install/Default)
+	$(LN) msgfmt $(STAGING_DIR_HOSTPKG)/bin/gmsgfmt
+endef
+
 define Package/libintl-full/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libintl.so.* $(1)/usr/lib/

package/libs/libmnl/Makefile

@@ -8,14 +8,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libmnl
-PKG_VERSION:=1.0.4
-PKG_RELEASE:=2
+PKG_VERSION:=1.0.5
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:= \
 	http://www.netfilter.org/projects/libmnl/files \
 	ftp://ftp.netfilter.org/pub/libmnl
-PKG_HASH:=171f89699f286a5854b72b91d06e8f8e3683064c5901fb09d954a9ab6f551f81
+PKG_HASH:=274b9b919ef3152bfb3da3a13c950dd60d6e2bcd54230ffeca298d03b40d0525
 
 PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
 

package/libs/libnfnetlink/Makefile

@@ -8,14 +8,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libnfnetlink
-PKG_VERSION:=1.0.1
-PKG_RELEASE:=4
+PKG_VERSION:=1.0.2
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:= \
 	http://www.netfilter.org/projects/libnfnetlink/files/ \
 	ftp://ftp.netfilter.org/pub/libnfnetlink/
-PKG_HASH:=f270e19de9127642d2a11589ef2ec97ef90a649a74f56cf9a96306b04817b51a
+PKG_HASH:=b064c7c3d426efb4786e60a8e6859b82ee2f2c5e49ffeea640cfe4fe33cbc376
 PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
 PKG_LICENSE:=GPL-2.0+
 

package/libs/libnfnetlink/patches/100-missing_include.patch

@@ -1,20 +0,0 @@
---- a/include/libnfnetlink/libnfnetlink.h
-+++ b/include/libnfnetlink/libnfnetlink.h
-@@ -15,6 +15,7 @@
- #define aligned_u64 unsigned long long __attribute__((aligned(8)))
- #endif
- 
-+#include <sys/types.h>
- #include <sys/socket.h>	/* for sa_family_t */
- #include <linux/netlink.h>
- #include <libnfnetlink/linux_nfnetlink.h>
---- a/include/libnfnetlink/linux_nfnetlink.h
-+++ b/include/libnfnetlink/linux_nfnetlink.h
-@@ -1,6 +1,6 @@
- #ifndef _NFNETLINK_H
- #define _NFNETLINK_H
--#include <linux/types.h>
-+#include <sys/types.h>
- #include <libnfnetlink/linux_nfnetlink_compat.h>
- 
- enum nfnetlink_groups {

package/libs/libselinux/Makefile

@@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libselinux
 PKG_VERSION:=3.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION)
@@ -18,6 +18,8 @@ PKG_LICENSE:=libselinux-1.0
 PKG_LICENSE_FILES:=LICENSE
 PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 
+HOST_BUILD_DEPENDS:=libsepol/host musl-fts/host pcre/host
+
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/host-build.mk
 
@@ -107,7 +109,8 @@ HOST_LDFLAGS += -Wl,-rpath="$(STAGING_DIR_HOSTPKG)/lib"
 
 HOST_MAKE_FLAGS += \
 	PREFIX=$(STAGING_DIR_HOSTPKG) \
-	SHLIBDIR=$(STAGING_DIR_HOSTPKG)/lib
+	SHLIBDIR=$(STAGING_DIR_HOSTPKG)/lib \
+	FTS_LDLIBS=-lfts
 
 ifeq ($(CONFIG_USE_MUSL),y)
 MAKE_FLAGS += FTS_LDLIBS=-lfts

package/libs/musl-fts/Makefile

@@ -30,6 +30,7 @@ PKG_BUILD_PARALLEL:=1
 PKG_INSTALL:=1
 
 include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/host-build.mk
 
 define Package/musl-fts
   SECTION:=libs
@@ -43,6 +44,7 @@ define Package/musl-fts/description
   The musl-fts package implements the fts(3) functions fts_open, fts_read, fts_children, fts_set and fts_close, which are missing in musl libc.
 endef
 
+HOST_CONFIGURE_ARGS += --disable-shared --with-pic
 
 define Build/InstallDev
 	$(INSTALL_DIR) $(1)/usr/include
@@ -58,3 +60,4 @@ define Package/musl-fts/install
 endef
 
 $(eval $(call BuildPackage,musl-fts))
+$(eval $(call HostBuild))

package/libs/pcre/Makefile

@@ -62,6 +62,7 @@ define Package/libpcrecpp
 endef
 
 HOST_CONFIGURE_ARGS += \
+	--disable-shared \
 	--enable-utf8 \
 	--enable-unicode-properties \
 	--enable-pcre16 \

package/libs/readline/Makefile

@@ -53,6 +53,7 @@ CONFIGURE_VARS += \
 	bash_cv_func_sigsetjmp=yes \
 
 TARGET_CFLAGS += $(FPIC)
+HOST_CFLAGS += $(FPIC)
 
 define Build/InstallDev
 	$(INSTALL_DIR) $(1)/usr/include

package/libs/toolchain/Makefile

@@ -7,7 +7,7 @@
 
 include $(TOPDIR)/rules.mk
 PKG_NAME:=toolchain
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 PKG_LICENSE:=GPL-3.0-with-GCC-exception
@@ -490,6 +490,7 @@ ifeq ($(CONFIG_EXTERNAL_TOOLCHAIN),)
   define Package/libstdcpp/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(CP) $(TOOLCHAIN_DIR)/lib/libstdc++.so.* $(1)/usr/lib/
+	rm -rf $(1)/usr/lib/*-gdb.py
   endef
 
   define Package/libasan/install

package/libs/wolfssl/Makefile

@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wolfssl
-PKG_VERSION:=5.1.1-stable
+PKG_VERSION:=5.2.0-stable
 PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
-PKG_HASH:=d3e0544dbe7e9587c0f6538cdc671b6492663bb7a4281819538abe6c99cdbd92
+PKG_HASH:=409b4646c5f54f642de0e9f3544c3b83de7238134f5b1ff93fb44527bf119d05
 
 PKG_FIXUP:=libtool libtool-abiver
 PKG_INSTALL:=1

package/libs/wolfssl/patches/100-disable-hardening-check.patch

@@ -1,6 +1,6 @@
 --- a/wolfssl/wolfcrypt/settings.h
 +++ b/wolfssl/wolfcrypt/settings.h
-@@ -2346,7 +2346,7 @@ extern void uITRON4_free(void *p) ;
+@@ -2338,7 +2338,7 @@ extern void uITRON4_free(void *p) ;
  #endif
  
  /* warning for not using harden build options (default with ./configure) */

package/libs/wolfssl/patches/200-ecc-rng.patch

@@ -11,7 +11,7 @@ RNG regardless of the built settings for wolfssl.
 
 --- a/wolfcrypt/src/ecc.c
 +++ b/wolfcrypt/src/ecc.c
-@@ -11647,21 +11647,21 @@ void wc_ecc_fp_free(void)
+@@ -11655,21 +11655,21 @@ void wc_ecc_fp_free(void)
  
  #endif /* FP_ECC */
  
@@ -37,7 +37,7 @@ RNG regardless of the built settings for wolfssl.
  
 --- a/wolfssl/wolfcrypt/ecc.h
 +++ b/wolfssl/wolfcrypt/ecc.h
-@@ -647,10 +647,8 @@ WOLFSSL_API
+@@ -650,10 +650,8 @@ WOLFSSL_API
  void wc_ecc_fp_free(void);
  WOLFSSL_LOCAL
  void wc_ecc_fp_init(void);

package/libs/wolfssl/patches/300-fix-SSL_get_verify_result-regression.patch

@@ -1,4 +1,4 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From 87e43dd63ba429297e439f2dfd1ee8b45981e18b Mon Sep 17 00:00:00 2001
 From: Juliusz Sosinowicz <juliusz@wolfssl.com>
 Date: Sat, 12 Feb 2022 00:34:24 +0100
 Subject: [PATCH] Reported in ZD13631
@@ -10,11 +10,9 @@ References: https://github.com/wolfSSL/wolfssl/issues/4879
  src/internal.c | 3 +++
  1 file changed, 3 insertions(+)
 
-diff --git a/src/internal.c b/src/internal.c
-index 0dded42a76c4..f5814d30607c 100644
 --- a/src/internal.c
 +++ b/src/internal.c
-@@ -12372,6 +12372,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
+@@ -12342,6 +12342,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte*
                              }
  
                              ret = 0; /* clear errors and continue */

package/libs/wolfssl/patches/400-wolfcrypt-src-port-devcrypto-devcrypto_aes.c-remove-.patch

@@ -0,0 +1,19 @@
+From 096889927d9528d4fbeb3aab56d1fe8225d2e7ec Mon Sep 17 00:00:00 2001
+From: Daniel Pouzzner <douzzer@wolfssl.com>
+Date: Thu, 14 Apr 2022 20:23:31 -0500
+Subject: [PATCH] wolfcrypt/src/port/devcrypto/devcrypto_aes.c: remove
+ redundant "int ret" in wc_AesCtrEncrypt() (supersedes #5052).
+
+
+diff --git a/wolfcrypt/src/port/devcrypto/devcrypto_aes.c b/wolfcrypt/src/port/devcrypto/devcrypto_aes.c
+index 3bc1d5bb1..28e145e27 100644
+--- a/wolfcrypt/src/port/devcrypto/devcrypto_aes.c
++++ b/wolfcrypt/src/port/devcrypto/devcrypto_aes.c
+@@ -208,7 +208,6 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+     int ret;
+     struct crypt_op crt;
+     byte* tmp;
+-    int ret;
+ 
+     if (aes == NULL || out == NULL || in == NULL) {
+         return BAD_FUNC_ARG;

package/libs/zlib/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=zlib
 PKG_VERSION:=1.2.11
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@SF/libpng http://www.zlib.net

package/libs/zlib/patches/006-fix-compressor-crash-on-certain-inputs.patch

@@ -0,0 +1,343 @@
+From 5c44459c3b28a9bd3283aaceab7c615f8020c531 Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Tue, 17 Apr 2018 22:09:22 -0700
+Subject: [PATCH] Fix a bug that can crash deflate on some input when using
+ Z_FIXED.
+
+This bug was reported by Danilo Ramos of Eideticom, Inc. It has
+lain in wait 13 years before being found! The bug was introduced
+in zlib 1.2.2.2, with the addition of the Z_FIXED option. That
+option forces the use of fixed Huffman codes. For rare inputs with
+a large number of distant matches, the pending buffer into which
+the compressed data is written can overwrite the distance symbol
+table which it overlays. That results in corrupted output due to
+invalid distances, and can result in out-of-bound accesses,
+crashing the application.
+
+The fix here combines the distance buffer and literal/length
+buffers into a single symbol buffer. Now three bytes of pending
+buffer space are opened up for each literal or length/distance
+pair consumed, instead of the previous two bytes. This assures
+that the pending buffer cannot overwrite the symbol table, since
+the maximum fixed code compressed length/distance is 31 bits, and
+since there are four bytes of pending space for every three bytes
+of symbol space.
+---
+ deflate.c | 74 ++++++++++++++++++++++++++++++++++++++++---------------
+ deflate.h | 25 +++++++++----------
+ trees.c   | 50 +++++++++++--------------------------
+ 3 files changed, 79 insertions(+), 70 deletions(-)
+
+diff --git a/deflate.c b/deflate.c
+index 425babc00..19cba873a 100644
+--- a/deflate.c
++++ b/deflate.c
+@@ -255,11 +255,6 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+     int wrap = 1;
+     static const char my_version[] = ZLIB_VERSION;
+ 
+-    ushf *overlay;
+-    /* We overlay pending_buf and d_buf+l_buf. This works since the average
+-     * output size for (length,distance) codes is <= 24 bits.
+-     */
+-
+     if (version == Z_NULL || version[0] != my_version[0] ||
+         stream_size != sizeof(z_stream)) {
+         return Z_VERSION_ERROR;
+@@ -329,9 +324,47 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+ 
+     s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
+ 
+-    overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
+-    s->pending_buf = (uchf *) overlay;
+-    s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L);
++    /* We overlay pending_buf and sym_buf. This works since the average size
++     * for length/distance pairs over any compressed block is assured to be 31
++     * bits or less.
++     *
++     * Analysis: The longest fixed codes are a length code of 8 bits plus 5
++     * extra bits, for lengths 131 to 257. The longest fixed distance codes are
++     * 5 bits plus 13 extra bits, for distances 16385 to 32768. The longest
++     * possible fixed-codes length/distance pair is then 31 bits total.
++     *
++     * sym_buf starts one-fourth of the way into pending_buf. So there are
++     * three bytes in sym_buf for every four bytes in pending_buf. Each symbol
++     * in sym_buf is three bytes -- two for the distance and one for the
++     * literal/length. As each symbol is consumed, the pointer to the next
++     * sym_buf value to read moves forward three bytes. From that symbol, up to
++     * 31 bits are written to pending_buf. The closest the written pending_buf
++     * bits gets to the next sym_buf symbol to read is just before the last
++     * code is written. At that time, 31*(n-2) bits have been written, just
++     * after 24*(n-2) bits have been consumed from sym_buf. sym_buf starts at
++     * 8*n bits into pending_buf. (Note that the symbol buffer fills when n-1
++     * symbols are written.) The closest the writing gets to what is unread is
++     * then n+14 bits. Here n is lit_bufsize, which is 16384 by default, and
++     * can range from 128 to 32768.
++     *
++     * Therefore, at a minimum, there are 142 bits of space between what is
++     * written and what is read in the overlain buffers, so the symbols cannot
++     * be overwritten by the compressed data. That space is actually 139 bits,
++     * due to the three-bit fixed-code block header.
++     *
++     * That covers the case where either Z_FIXED is specified, forcing fixed
++     * codes, or when the use of fixed codes is chosen, because that choice
++     * results in a smaller compressed block than dynamic codes. That latter
++     * condition then assures that the above analysis also covers all dynamic
++     * blocks. A dynamic-code block will only be chosen to be emitted if it has
++     * fewer bits than a fixed-code block would for the same set of symbols.
++     * Therefore its average symbol length is assured to be less than 31. So
++     * the compressed data for a dynamic block also cannot overwrite the
++     * symbols from which it is being constructed.
++     */
++
++    s->pending_buf = (uchf *) ZALLOC(strm, s->lit_bufsize, 4);
++    s->pending_buf_size = (ulg)s->lit_bufsize * 4;
+ 
+     if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
+         s->pending_buf == Z_NULL) {
+@@ -340,8 +373,12 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+         deflateEnd (strm);
+         return Z_MEM_ERROR;
+     }
+-    s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
+-    s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
++    s->sym_buf = s->pending_buf + s->lit_bufsize;
++    s->sym_end = (s->lit_bufsize - 1) * 3;
++    /* We avoid equality with lit_bufsize*3 because of wraparound at 64K
++     * on 16 bit machines and because stored blocks are restricted to
++     * 64K-1 bytes.
++     */
+ 
+     s->level = level;
+     s->strategy = strategy;
+@@ -552,7 +589,7 @@ int ZEXPORT deflatePrime (strm, bits, value)
+ 
+     if (deflateStateCheck(strm)) return Z_STREAM_ERROR;
+     s = strm->state;
+-    if ((Bytef *)(s->d_buf) < s->pending_out + ((Buf_size + 7) >> 3))
++    if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
+         return Z_BUF_ERROR;
+     do {
+         put = Buf_size - s->bi_valid;
+@@ -1113,7 +1150,6 @@ int ZEXPORT deflateCopy (dest, source)
+ #else
+     deflate_state *ds;
+     deflate_state *ss;
+-    ushf *overlay;
+ 
+ 
+     if (deflateStateCheck(source) || dest == Z_NULL) {
+@@ -1133,8 +1169,7 @@ int ZEXPORT deflateCopy (dest, source)
+     ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
+     ds->prev   = (Posf *)  ZALLOC(dest, ds->w_size, sizeof(Pos));
+     ds->head   = (Posf *)  ZALLOC(dest, ds->hash_size, sizeof(Pos));
+-    overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2);
+-    ds->pending_buf = (uchf *) overlay;
++    ds->pending_buf = (uchf *) ZALLOC(dest, ds->lit_bufsize, 4);
+ 
+     if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
+         ds->pending_buf == Z_NULL) {
+@@ -1148,8 +1183,7 @@ int ZEXPORT deflateCopy (dest, source)
+     zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
+ 
+     ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
+-    ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush);
+-    ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize;
++    ds->sym_buf = ds->pending_buf + ds->lit_bufsize;
+ 
+     ds->l_desc.dyn_tree = ds->dyn_ltree;
+     ds->d_desc.dyn_tree = ds->dyn_dtree;
+@@ -1925,7 +1959,7 @@ local block_state deflate_fast(s, flush)
+         FLUSH_BLOCK(s, 1);
+         return finish_done;
+     }
+-    if (s->last_lit)
++    if (s->sym_next)
+         FLUSH_BLOCK(s, 0);
+     return block_done;
+ }
+@@ -2056,7 +2090,7 @@ local block_state deflate_slow(s, flush)
+         FLUSH_BLOCK(s, 1);
+         return finish_done;
+     }
+-    if (s->last_lit)
++    if (s->sym_next)
+         FLUSH_BLOCK(s, 0);
+     return block_done;
+ }
+@@ -2131,7 +2165,7 @@ local block_state deflate_rle(s, flush)
+         FLUSH_BLOCK(s, 1);
+         return finish_done;
+     }
+-    if (s->last_lit)
++    if (s->sym_next)
+         FLUSH_BLOCK(s, 0);
+     return block_done;
+ }
+@@ -2170,7 +2204,7 @@ local block_state deflate_huff(s, flush)
+         FLUSH_BLOCK(s, 1);
+         return finish_done;
+     }
+-    if (s->last_lit)
++    if (s->sym_next)
+         FLUSH_BLOCK(s, 0);
+     return block_done;
+ }
+diff --git a/deflate.h b/deflate.h
+index 23ecdd312..d4cf1a98b 100644
+--- a/deflate.h
++++ b/deflate.h
+@@ -217,7 +217,7 @@ typedef struct internal_state {
+     /* Depth of each subtree used as tie breaker for trees of equal frequency
+      */
+ 
+-    uchf *l_buf;          /* buffer for literals or lengths */
++    uchf *sym_buf;        /* buffer for distances and literals/lengths */
+ 
+     uInt  lit_bufsize;
+     /* Size of match buffer for literals/lengths.  There are 4 reasons for
+@@ -239,13 +239,8 @@ typedef struct internal_state {
+      *   - I can't count above 4
+      */
+ 
+-    uInt last_lit;      /* running index in l_buf */
+-
+-    ushf *d_buf;
+-    /* Buffer for distances. To simplify the code, d_buf and l_buf have
+-     * the same number of elements. To use different lengths, an extra flag
+-     * array would be necessary.
+-     */
++    uInt sym_next;      /* running index in sym_buf */
++    uInt sym_end;       /* symbol table full when sym_next reaches this */
+ 
+     ulg opt_len;        /* bit length of current block with optimal trees */
+     ulg static_len;     /* bit length of current block with static trees */
+@@ -325,20 +320,22 @@ void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf,
+ 
+ # define _tr_tally_lit(s, c, flush) \
+   { uch cc = (c); \
+-    s->d_buf[s->last_lit] = 0; \
+-    s->l_buf[s->last_lit++] = cc; \
++    s->sym_buf[s->sym_next++] = 0; \
++    s->sym_buf[s->sym_next++] = 0; \
++    s->sym_buf[s->sym_next++] = cc; \
+     s->dyn_ltree[cc].Freq++; \
+-    flush = (s->last_lit == s->lit_bufsize-1); \
++    flush = (s->sym_next == s->sym_end); \
+    }
+ # define _tr_tally_dist(s, distance, length, flush) \
+   { uch len = (uch)(length); \
+     ush dist = (ush)(distance); \
+-    s->d_buf[s->last_lit] = dist; \
+-    s->l_buf[s->last_lit++] = len; \
++    s->sym_buf[s->sym_next++] = dist; \
++    s->sym_buf[s->sym_next++] = dist >> 8; \
++    s->sym_buf[s->sym_next++] = len; \
+     dist--; \
+     s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \
+     s->dyn_dtree[d_code(dist)].Freq++; \
+-    flush = (s->last_lit == s->lit_bufsize-1); \
++    flush = (s->sym_next == s->sym_end); \
+   }
+ #else
+ # define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c)
+diff --git a/trees.c b/trees.c
+index 4f4a65011..decaeb7c3 100644
+--- a/trees.c
++++ b/trees.c
+@@ -416,7 +416,7 @@ local void init_block(s)
+ 
+     s->dyn_ltree[END_BLOCK].Freq = 1;
+     s->opt_len = s->static_len = 0L;
+-    s->last_lit = s->matches = 0;
++    s->sym_next = s->matches = 0;
+ }
+ 
+ #define SMALLEST 1
+@@ -948,7 +948,7 @@ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last)
+ 
+         Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
+                 opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
+-                s->last_lit));
++                s->sym_next / 3));
+ 
+         if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
+ 
+@@ -1017,8 +1017,9 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc)
+     unsigned dist;  /* distance of matched string */
+     unsigned lc;    /* match length-MIN_MATCH or unmatched char (if dist==0) */
+ {
+-    s->d_buf[s->last_lit] = (ush)dist;
+-    s->l_buf[s->last_lit++] = (uch)lc;
++    s->sym_buf[s->sym_next++] = dist;
++    s->sym_buf[s->sym_next++] = dist >> 8;
++    s->sym_buf[s->sym_next++] = lc;
+     if (dist == 0) {
+         /* lc is the unmatched char */
+         s->dyn_ltree[lc].Freq++;
+@@ -1033,30 +1034,7 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc)
+         s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++;
+         s->dyn_dtree[d_code(dist)].Freq++;
+     }
+-
+-#ifdef TRUNCATE_BLOCK
+-    /* Try to guess if it is profitable to stop the current block here */
+-    if ((s->last_lit & 0x1fff) == 0 && s->level > 2) {
+-        /* Compute an upper bound for the compressed length */
+-        ulg out_length = (ulg)s->last_lit*8L;
+-        ulg in_length = (ulg)((long)s->strstart - s->block_start);
+-        int dcode;
+-        for (dcode = 0; dcode < D_CODES; dcode++) {
+-            out_length += (ulg)s->dyn_dtree[dcode].Freq *
+-                (5L+extra_dbits[dcode]);
+-        }
+-        out_length >>= 3;
+-        Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
+-               s->last_lit, in_length, out_length,
+-               100L - out_length*100L/in_length));
+-        if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
+-    }
+-#endif
+-    return (s->last_lit == s->lit_bufsize-1);
+-    /* We avoid equality with lit_bufsize because of wraparound at 64K
+-     * on 16 bit machines and because stored blocks are restricted to
+-     * 64K-1 bytes.
+-     */
++    return (s->sym_next == s->sym_end);
+ }
+ 
+ /* ===========================================================================
+@@ -1069,13 +1047,14 @@ local void compress_block(s, ltree, dtree)
+ {
+     unsigned dist;      /* distance of matched string */
+     int lc;             /* match length or unmatched char (if dist == 0) */
+-    unsigned lx = 0;    /* running index in l_buf */
++    unsigned sx = 0;    /* running index in sym_buf */
+     unsigned code;      /* the code to send */
+     int extra;          /* number of extra bits to send */
+ 
+-    if (s->last_lit != 0) do {
+-        dist = s->d_buf[lx];
+-        lc = s->l_buf[lx++];
++    if (s->sym_next != 0) do {
++        dist = s->sym_buf[sx++] & 0xff;
++        dist += (unsigned)(s->sym_buf[sx++] & 0xff) << 8;
++        lc = s->sym_buf[sx++];
+         if (dist == 0) {
+             send_code(s, lc, ltree); /* send a literal byte */
+             Tracecv(isgraph(lc), (stderr," '%c' ", lc));
+@@ -1100,11 +1079,10 @@ local void compress_block(s, ltree, dtree)
+             }
+         } /* literal or match pair ? */
+ 
+-        /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
+-        Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx,
+-               "pendingBuf overflow");
++        /* Check that the overlay between pending_buf and sym_buf is ok: */
++        Assert(s->pending < s->lit_bufsize + sx, "pendingBuf overflow");
+ 
+-    } while (lx < s->last_lit);
++    } while (sx < s->sym_next);
+ 
+     send_code(s, END_BLOCK, ltree);
+ }

package/network/config/netifd/files/lib/netifd/proto/dhcp.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 
-[ -L /sbin/udhcpc ] || exit 0
+[ -x /sbin/udhcpc ] || exit 0
 
 . /lib/functions.sh
 . ../netifd-proto.sh

package/network/config/qosify/Makefile

@@ -11,9 +11,9 @@ include $(INCLUDE_DIR)/kernel.mk
 PKG_NAME:=qosify
 PKG_SOURCE_URL=$(PROJECT_GIT)/project/qosify.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2022-03-06
-PKG_SOURCE_VERSION:=f13b67c9a786567df240a8f3f608e2724ddaadba
-PKG_MIRROR_HASH:=3d8629e711e46a6be79a46a6394165fd1761687f24b8ed954dc4f16f177cd90f
+PKG_SOURCE_DATE:=2022-03-22
+PKG_SOURCE_VERSION:=57c7817f91c2ff2f247b2d7eb8554e861c4aec33
+PKG_MIRROR_HASH:=409f7db13a36334557de861a016a8d9f241070b2bbf6f738e992281b36f41cd4
 PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_LICENSE:=GPL-2.0

package/network/services/dnsmasq/files/dnsmasq.init

@@ -1156,6 +1156,11 @@ dnsmasq_start()
 	[ -n "$user_dhcpscript" ] && procd_set_param env USER_DHCPSCRIPT="$user_dhcpscript"
 	procd_set_param respawn
 
+	local instance_ifc instance_netdev
+	config_get instance_ifc "$cfg" interface
+	[ -n "$instance_ifc" ] && network_get_device instance_netdev "$instance_ifc" &&
+		[ -n "$instance_netdev" ] && procd_set_param netdev $instance_netdev
+
 	procd_add_jail dnsmasq ubus log
 	procd_add_jail_mount $CONFIGFILE $DHCPBOGUSHOSTNAMEFILE $DHCPSCRIPT $DHCPSCRIPT_DEPENDS
 	procd_add_jail_mount $EXTRA_MOUNT $RFC6761FILE $TRUSTANCHORSFILE

package/network/services/dropbear/Makefile

@@ -8,14 +8,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dropbear
-PKG_VERSION:=2020.81
-PKG_RELEASE:=2
+PKG_VERSION:=2022.82
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:= \
-	http://matt.ucc.asn.au/dropbear/releases/ \
+	https://matt.ucc.asn.au/dropbear/releases/ \
 	https://dropbear.nl/mirror/releases/
-PKG_HASH:=48235d10b37775dbda59341ac0c4b239b82ad6318c31568b985730c788aac53b
+PKG_HASH:=3a038d2bbc02bf28bbdd20c012091f741a3ec5cbe460691811d714876aad75d1
 
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE
@@ -42,7 +42,7 @@ ifneq ($(DUMP),1)
 endif
 
 define Package/dropbear/Default
-  URL:=http://matt.ucc.asn.au/dropbear/
+  URL:=https://matt.ucc.asn.au/dropbear/
 endef
 
 define Package/dropbear/config
@@ -130,8 +130,10 @@ DB_OPT_COMMON = \
 DB_OPT_CONFIG = \
 	DROPBEAR_CURVE25519|CONFIG_DROPBEAR_CURVE25519|1|0 \
 	DROPBEAR_ED25519|CONFIG_DROPBEAR_ED25519|1|0 \
+	DROPBEAR_SK_ED25519|CONFIG_DROPBEAR_ED25519|1|0 \
 	DROPBEAR_CHACHA20POLY1305|CONFIG_DROPBEAR_CHACHA20POLY1305|1|0 \
 	DROPBEAR_ECDSA|CONFIG_DROPBEAR_ECC|1|0 \
+	DROPBEAR_SK_ECDSA|CONFIG_DROPBEAR_ECC|1|0 \
 	DROPBEAR_ECDH|CONFIG_DROPBEAR_ECC|1|0 \
 	!!DROPBEAR_ECC_384|CONFIG_DROPBEAR_ECC_FULL|1|0 \
 	!!DROPBEAR_ECC_521|CONFIG_DROPBEAR_ECC_FULL|1|0 \

package/network/services/dropbear/patches/100-pubkey_path.patch

@@ -1,34 +1,50 @@
 --- a/svr-authpubkey.c
 +++ b/svr-authpubkey.c
-@@ -386,14 +386,19 @@ static int checkpubkey(const char* keyal
- 		goto out;
- 	}
+@@ -77,6 +77,13 @@ static void send_msg_userauth_pk_ok(cons
+ 		const unsigned char* keyblob, unsigned int keybloblen);
+ static int checkfileperm(char * filename);
  
--	/* we don't need to check pw and pw_dir for validity, since
--	 * its been done in checkpubkeyperms. */
--	len = strlen(ses.authstate.pw_dir);
--	/* allocate max required pathname storage,
--	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
--	filename = m_malloc(len + 22);
--	snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
--				ses.authstate.pw_dir);
-+	if (ses.authstate.pw_uid != 0) {
-+		/* we don't need to check pw and pw_dir for validity, since
-+		 * its been done in checkpubkeyperms. */
-+		len = strlen(ses.authstate.pw_dir);
-+		/* allocate max required pathname storage,
-+		 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
-+		filename = m_malloc(len + 22);
-+		snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
-+					ses.authstate.pw_dir);
-+	} else {
-+		filename = m_malloc(30);
-+		strncpy(filename, "/etc/dropbear/authorized_keys", 30);
-+	}
++static const char * const global_authkeys_dir = "/etc/dropbear";
++static const int        n_global_authkeys_dir = 14; /* + 1 extra byte */
++static const char * const user_authkeys_dir = ".ssh";
++static const int        n_user_authkeys_dir = 5; /* + 1 extra byte */
++static const char * const authkeys_file = "authorized_keys";
++static const int        n_authkeys_file = 16; /* + 1 extra byte */
++
+ /* process a pubkey auth request, sending success or failure message as
+  * appropriate */
+ void svr_auth_pubkey(int valid_user) {
+@@ -439,14 +446,21 @@ static int checkpubkey(const char* keyal
+ 	if (checkpubkeyperms() == DROPBEAR_FAILURE) {
+ 		TRACE(("bad authorized_keys permissions, or file doesn't exist"))
+ 	} else {
+-		/* we don't need to check pw and pw_dir for validity, since
+-		 * its been done in checkpubkeyperms. */
+-		len = strlen(ses.authstate.pw_dir);
+-		/* allocate max required pathname storage,
+-		 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+-		filename = m_malloc(len + 22);
+-		snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
+-					ses.authstate.pw_dir);
++		if (ses.authstate.pw_uid == 0) {
++			len = n_global_authkeys_dir + n_authkeys_file;
++			filename = m_malloc(len);
++			snprintf(filename, len, "%s/%s", global_authkeys_dir, authkeys_file);
++		} else {
++			/* we don't need to check pw and pw_dir for validity, since
++			 * its been done in checkpubkeyperms. */
++			len = strlen(ses.authstate.pw_dir);
++			/* allocate max required pathname storage,
++			 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
++			len += n_user_authkeys_dir + n_authkeys_file + 1;
++			filename = m_malloc(len);
++			snprintf(filename, len, "%s/%s/%s", ses.authstate.pw_dir,
++			        user_authkeys_dir, authkeys_file);
++		}
  
- #if DROPBEAR_SVR_MULTIUSER
- 	/* open the file as the authenticating user. */
-@@ -474,27 +479,36 @@ static int checkpubkeyperms() {
+ 		authfile = fopen(filename, "r");
+ 		if (!authfile) {
+@@ -520,27 +534,41 @@ static int checkpubkeyperms() {
  		goto out;
  	}
  
@@ -37,47 +53,51 @@
 -	len += 22;
 -	filename = m_malloc(len);
 -	strlcpy(filename, ses.authstate.pw_dir, len);
--
++	if (ses.authstate.pw_uid == 0) {
++		if (checkfileperm(global_authkeys_dir) != DROPBEAR_SUCCESS) {
++			goto out;
++		}
+ 
 -	/* check ~ */
 -	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
 -		goto out;
 -	}
-+	if (ses.authstate.pw_uid == 0) {
-+		if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
-+			goto out;
-+		}
-+		if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
-+			goto out;
-+		}
-+	} else {
-+		/* allocate max required pathname storage,
-+		 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
-+		len += 22;
++		len = n_global_authkeys_dir + n_authkeys_file;
 +		filename = m_malloc(len);
-+		strlcpy(filename, ses.authstate.pw_dir, len);
-+
-+		/* check ~ */
-+		if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
-+			goto out;
-+		}
  
 -	/* check ~/.ssh */
 -	strlcat(filename, "/.ssh", len);
 -	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
 -		goto out;
 -	}
-+		/* check ~/.ssh */
-+		strlcat(filename, "/.ssh", len);
++		snprintf(filename, len, "%s/%s", global_authkeys_dir, authkeys_file);
 +		if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
 +			goto out;
 +		}
++	} else {
++		/* check ~ */
++		if (checkfileperm(ses.authstate.pw_dir) != DROPBEAR_SUCCESS) {
++			goto out;
++		}
  
 -	/* now check ~/.ssh/authorized_keys */
 -	strlcat(filename, "/authorized_keys", len);
 -	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
 -		goto out;
++		/* allocate max required pathname storage,
++		 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
++		len += n_user_authkeys_dir + n_authkeys_file + 1;
++		filename = m_malloc(len);
++
++		/* check ~/.ssh */
++		snprintf(filename, len, "%s/%s", ses.authstate.pw_dir, user_authkeys_dir);
++		if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
++			goto out;
++		}
++
 +		/* now check ~/.ssh/authorized_keys */
-+		strlcat(filename, "/authorized_keys", len);
++		snprintf(filename, len, "%s/%s/%s", ses.authstate.pw_dir,
++		         user_authkeys_dir, authkeys_file);
 +		if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
 +			goto out;
 +		}

package/network/services/dropbear/patches/110-change_user.patch

@@ -1,6 +1,6 @@
 --- a/svr-chansession.c
 +++ b/svr-chansession.c
-@@ -954,12 +954,12 @@ static void execchild(const void *user_d
+@@ -985,12 +985,12 @@ static void execchild(const void *user_d
  	/* We can only change uid/gid as root ... */
  	if (getuid() == 0) {
  

package/network/services/dropbear/patches/130-ssh_ignore_x_args.patch

@@ -1,11 +1,13 @@
 --- a/cli-runopts.c
 +++ b/cli-runopts.c
-@@ -299,6 +299,8 @@ void cli_getopts(int argc, char ** argv)
- 					debug_trace = 1;
+@@ -325,6 +325,10 @@ void cli_getopts(int argc, char ** argv)
+ 				case 'b':
+ 					next = &bind_arg;
  					break;
- #endif
 +				case 'x':
++					/* compatibility with openssh cli
++					 * ("-x" disables X11 forwarding) */
 +					break;
- 				case 'F':
- 				case 'e':
- #if !DROPBEAR_USER_ALGO_LIST
+ 				default:
+ 					fprintf(stderr,
+ 						"WARNING: Ignoring unknown option -%c\n", c);

package/network/services/dropbear/patches/140-disable_assert.patch

@@ -1,6 +1,6 @@
 --- a/dbutil.h
 +++ b/dbutil.h
-@@ -75,7 +75,11 @@ int m_str_to_uint(const char* str, unsig
+@@ -80,7 +80,11 @@ int m_snprintf(char *str, size_t size, c
  #define DEF_MP_INT(X) mp_int X = {0, 0, 0, NULL}
  
  /* Dropbear assertion */

package/network/services/dropbear/patches/160-lto-jobserver.patch

@@ -1,6 +1,6 @@
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -198,17 +198,17 @@ dropbearkey: $(dropbearkeyobjs)
+@@ -200,17 +200,17 @@ dropbearkey: $(dropbearkeyobjs)
  dropbearconvert: $(dropbearconvertobjs)
  
  dropbear: $(HEADERS) $(LIBTOM_DEPS) Makefile
@@ -22,7 +22,7 @@
  
  
  # multi-binary compilation.
-@@ -219,7 +219,7 @@ ifeq ($(MULTI),1)
+@@ -221,7 +221,7 @@ ifeq ($(MULTI),1)
  endif
  
  dropbearmulti$(EXEEXT): $(HEADERS) $(MULTIOBJS) $(LIBTOM_DEPS) Makefile

package/network/services/dropbear/patches/600-allow-blank-root-password.patch

@@ -1,6 +1,6 @@
 --- a/svr-auth.c
 +++ b/svr-auth.c
-@@ -125,7 +125,7 @@ void recv_msg_userauth_request() {
+@@ -124,7 +124,7 @@ void recv_msg_userauth_request() {
  				AUTH_METHOD_NONE_LEN) == 0) {
  		TRACE(("recv_msg_userauth_request: 'none' request"))
  		if (valid_user

package/network/services/dropbear/patches/900-configure-hardening.patch

@@ -1,6 +1,6 @@
 --- a/configure.ac
 +++ b/configure.ac
-@@ -70,53 +70,6 @@ AC_ARG_ENABLE(harden,
+@@ -74,53 +74,6 @@ AC_ARG_ENABLE(harden,
  
  if test "$hardenbuild" -eq 1; then
  	AC_MSG_NOTICE(Checking for available hardened build flags:)

package/network/services/dropbear/patches/910-signkey-fix-use-of-rsa-sha2-256-pubkeys.patch

@@ -21,7 +21,7 @@ Signed-off-by: Petr Štetiar <ynezz@true.cz>
 
 --- a/signkey.c
 +++ b/signkey.c
-@@ -657,8 +657,12 @@ int buf_verify(buffer * buf, sign_key *k
+@@ -646,8 +646,12 @@ int buf_verify(buffer * buf, sign_key *k
  	sigtype = signature_type_from_name(type_name, type_name_len);
  	m_free(type_name);
  

package/network/services/hostapd/patches/600-ubus_support.patch

@@ -423,6 +423,16 @@
  }
  
  
+@@ -352,6 +355,9 @@ void hostapd_handle_radio_measurement(st
+ 		   mgmt->u.action.u.rrm.action, MAC2STR(mgmt->sa));
+ 
+ 	switch (mgmt->u.action.u.rrm.action) {
++	case WLAN_RRM_LINK_MEASUREMENT_REPORT:
++		hostapd_ubus_handle_link_measurement(hapd, buf, len);
++		break;
+ 	case WLAN_RRM_RADIO_MEASUREMENT_REPORT:
+ 		hostapd_handle_radio_msmt_report(hapd, buf, len);
+ 		break;
 --- a/src/ap/vlan_init.c
 +++ b/src/ap/vlan_init.c
 @@ -22,6 +22,7 @@

package/network/services/hostapd/src/src/ap/ubus.c

@@ -995,6 +995,7 @@ hostapd_rrm_print_nr(struct hostapd_neighbor_entry *nr)
 enum {
 	BSS_MGMT_EN_NEIGHBOR,
 	BSS_MGMT_EN_BEACON,
+	BSS_MGMT_EN_LINK_MEASUREMENT,
 #ifdef CONFIG_WNM_AP
 	BSS_MGMT_EN_BSS_TRANSITION,
 #endif
@@ -1022,6 +1023,14 @@ __hostapd_bss_mgmt_enable_f(struct hostapd_data *hapd, int flag)
 			WLAN_RRM_CAPS_BEACON_REPORT_ACTIVE |
 			WLAN_RRM_CAPS_BEACON_REPORT_TABLE;
 
+		if (bss->radio_measurements[0] & flags == flags)
+			return false;
+
+		bss->radio_measurements[0] |= (u8) flags;
+		return true;
+	case BSS_MGMT_EN_LINK_MEASUREMENT:
+		flags = WLAN_RRM_CAPS_LINK_MEASUREMENT;
+
 		if (bss->radio_measurements[0] & flags == flags)
 			return false;
 
@@ -1059,6 +1068,7 @@ __hostapd_bss_mgmt_enable(struct hostapd_data *hapd, uint32_t flags)
 static const struct blobmsg_policy bss_mgmt_enable_policy[__BSS_MGMT_EN_MAX] = {
 	[BSS_MGMT_EN_NEIGHBOR] = { "neighbor_report", BLOBMSG_TYPE_BOOL },
 	[BSS_MGMT_EN_BEACON] = { "beacon_report", BLOBMSG_TYPE_BOOL },
+	[BSS_MGMT_EN_LINK_MEASUREMENT] = { "link_measurement", BLOBMSG_TYPE_BOOL },
 #ifdef CONFIG_WNM_AP
 	[BSS_MGMT_EN_BSS_TRANSITION] = { "bss_transition", BLOBMSG_TYPE_BOOL },
 #endif
@@ -1337,6 +1347,98 @@ hostapd_rrm_beacon_req(struct ubus_context *ctx, struct ubus_object *obj,
 	return 0;
 }
 
+enum {
+	LM_REQ_ADDR,
+	LM_REQ_TX_POWER_USED,
+	LM_REQ_TX_POWER_MAX,
+	__LM_REQ_MAX,
+};
+
+static const struct blobmsg_policy lm_req_policy[__LM_REQ_MAX] = {
+	[LM_REQ_ADDR] = { "addr", BLOBMSG_TYPE_STRING },
+	[LM_REQ_TX_POWER_USED] = { "tx-power-used", BLOBMSG_TYPE_INT32 },
+	[LM_REQ_TX_POWER_MAX] = { "tx-power-max", BLOBMSG_TYPE_INT32 },
+};
+
+static int
+hostapd_rrm_lm_req(struct ubus_context *ctx, struct ubus_object *obj,
+		   struct ubus_request_data *ureq, const char *method,
+		   struct blob_attr *msg)
+{
+	struct hostapd_data *hapd = container_of(obj, struct hostapd_data, ubus.obj);
+	struct blob_attr *tb[__LM_REQ_MAX];
+	struct wpabuf *buf;
+	u8 addr[ETH_ALEN];
+	int ret;
+	int8_t txp_used, txp_max;
+
+	txp_used = 0;
+	txp_max = 0;
+
+	blobmsg_parse(lm_req_policy, __LM_REQ_MAX, tb, blob_data(msg), blob_len(msg));
+
+	if (!tb[LM_REQ_ADDR])
+		return UBUS_STATUS_INVALID_ARGUMENT;
+
+	if (tb[LM_REQ_TX_POWER_USED])
+		txp_used = (int8_t) blobmsg_get_u32(tb[LM_REQ_TX_POWER_USED]);
+
+	if (tb[LM_REQ_TX_POWER_MAX])
+		txp_max = (int8_t) blobmsg_get_u32(tb[LM_REQ_TX_POWER_MAX]);
+
+	if (hwaddr_aton(blobmsg_data(tb[LM_REQ_ADDR]), addr))
+		return UBUS_STATUS_INVALID_ARGUMENT;
+
+	buf = wpabuf_alloc(5);
+	if (!buf)
+		return UBUS_STATUS_UNKNOWN_ERROR;
+
+	wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
+	wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REQUEST);
+	wpabuf_put_u8(buf, 1);
+	/* TX-Power used */
+	wpabuf_put_u8(buf, txp_used);
+	/* Max TX Power */
+	wpabuf_put_u8(buf, txp_max);
+
+	ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
+				      wpabuf_head(buf), wpabuf_len(buf));
+
+	wpabuf_free(buf);
+	if (ret < 0)
+		return -ret;
+
+	return 0;
+}
+
+
+void hostapd_ubus_handle_link_measurement(struct hostapd_data *hapd, const u8 *data, size_t len)
+{
+	const struct ieee80211_mgmt *mgmt = (const struct ieee80211_mgmt *) data;
+	const u8 *pos, *end;
+	u8 token;
+
+	end = data + len;
+	token = mgmt->u.action.u.rrm.dialog_token;
+	pos = mgmt->u.action.u.rrm.variable;
+
+	if (end - pos < 8)
+		return;
+
+	if (!hapd->ubus.obj.has_subscribers)
+		return;
+
+	blob_buf_init(&b, 0);
+	blobmsg_add_macaddr(&b, "address", mgmt->sa);
+	blobmsg_add_u16(&b, "dialog-token", token);
+	blobmsg_add_u16(&b, "rx-antenna-id", pos[4]);
+	blobmsg_add_u16(&b, "tx-antenna-id", pos[5]);
+	blobmsg_add_u16(&b, "rcpi", pos[6]);
+	blobmsg_add_u16(&b, "rsni", pos[7]);
+
+	ubus_notify(ctx, &hapd->ubus.obj, "link-measurement-report", b.head, -1);
+}
+
 
 #ifdef CONFIG_WNM_AP
 
@@ -1594,6 +1696,7 @@ static const struct ubus_method bss_methods[] = {
 	UBUS_METHOD_NOARG("rrm_nr_list", hostapd_rrm_nr_list),
 	UBUS_METHOD("rrm_nr_set", hostapd_rrm_nr_set, nr_set_policy),
 	UBUS_METHOD("rrm_beacon_req", hostapd_rrm_beacon_req, beacon_req_policy),
+	UBUS_METHOD("link_measurement_req", hostapd_rrm_lm_req, lm_req_policy),
 #ifdef CONFIG_WNM_AP
 	UBUS_METHOD("wnm_disassoc_imminent", hostapd_wnm_disassoc_imminent, wnm_disassoc_policy),
 	UBUS_METHOD("bss_transition_request", hostapd_bss_transition_request, bss_tr_policy),

package/network/services/hostapd/src/src/ap/ubus.h

@@ -47,6 +47,7 @@ void hostapd_ubus_add_vlan(struct hostapd_data *hapd, struct hostapd_vlan *vlan)
 void hostapd_ubus_remove_vlan(struct hostapd_data *hapd, struct hostapd_vlan *vlan);
 
 int hostapd_ubus_handle_event(struct hostapd_data *hapd, struct hostapd_ubus_request *req);
+void hostapd_ubus_handle_link_measurement(struct hostapd_data *hapd, const u8 *data, size_t len);
 void hostapd_ubus_notify(struct hostapd_data *hapd, const char *type, const u8 *mac);
 void hostapd_ubus_notify_beacon_report(struct hostapd_data *hapd,
 				       const u8 *addr, u8 token, u8 rep_mode,
@@ -98,6 +99,10 @@ static inline int hostapd_ubus_handle_event(struct hostapd_data *hapd, struct ho
 	return 0;
 }
 
+static inline void hostapd_ubus_handle_link_measurement(struct hostapd_data *hapd, const u8 *data, size_t len)
+{
+}
+
 static inline void hostapd_ubus_notify(struct hostapd_data *hapd, const char *type, const u8 *mac)
 {
 }

package/network/utils/comgt/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=comgt
 PKG_VERSION:=0.32
-PKG_RELEASE:=33
+PKG_RELEASE:=34
 
 PKG_SOURCE:=$(PKG_NAME).$(PKG_VERSION).tgz
 PKG_SOURCE_URL:=@SF/comgt

package/network/utils/comgt/files/ncm.json

@@ -74,5 +74,27 @@
 		"connect": "AT+CGACT=1,${profile}",
 		"finalize": "AT+CGDATA=\\\"M-MBIM\\\",${profile},1",
 		"disconnect": "AT+CGACT=0,${profile}"
+	},
+	"\"zte": {
+		"initialize": [
+			"AT+CFUN=1"
+		],
+		"configure": [
+			"AT+ZGDCONT=${profile},\\\"${pdptype}\\\",\\\"${apn}\\\",\\\"\\\",0,0",
+			"AT+ZGPCOAUTH=${profile},\\\"${username}\\\",\\\"${password}\\\",0"
+		],
+		"connect": "AT+ZGACT=1,${profile}",
+		"disconnect": "AT+ZGACT=0,${profile}"
+	},
+	"\"marvell\"": {
+		"initialize": [
+			"AT+CFUN=1"
+		],
+		"configure": [
+			"AT+ZGDCONT=${profile},\\\"${pdptype}\\\",\\\"${apn}\\\",\\\"\\\",0,0",
+			"AT+ZGPCOAUTH=${profile},\\\"${username}\\\",\\\"${password}\\\",0"
+		],
+		"connect": "AT+ZGACT=1,${profile}",
+		"disconnect": "AT+ZGACT=0,${profile}"
 	}
 }