This updates mac80211 to version 5.15.58-1 which is based on kernel
5.15.58.
The removed patches were applied upstream.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3aa18f71f9)
Apply upstream patch[1] to fix breakage around math libraries.
This can likely be removed when 5.5.0-stable is tagged and released.
Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B
1. https://github.com/wolfSSL/wolfssl/pull/5390
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit c2aa816f28)
the hash and timestamp of the remote copy of the archive
has changed since last bump
meaning the remote archive copy was recreated
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit ba7da73680)
Buidbots are throwing the following compile error:
In file included from tools/aisimage.c:9:
include/image.h:1133:12: fatal error: openssl/evp.h: No such file or directory
^~~~~~~~~~~~~~~
compilation terminated.
Fix it by passing `UBOOT_MAKE_FLAGS` variable to make.
Suggested-by: Petr Štetiar <ynezz@true.cz>
Fixes: 6d5611af28 ("uboot-at91: update to linux4sam-2022.04")
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
(cherry picked from commit 95a24b5479)
Update uboot-at91 to linux4sam-2022.04. As linux4sam-2022.04 is based on
U-Boot v2022.01 which contains commit
93b196532254 ("Makefile: Only build dtc if needed") removed also the DTC
variable passed to MAKE to force the compilation of DTC.
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
(cherry picked from commit 6d5611af28)
Disable the usage of target specific CPU crypto instructions by default
to allow the package being shared again. Since WolfSSL does not offer
a stable ABI or a long term support version suitable for OpenWrt release
timeframes, we're forced to frequently update it which is greatly
complicated by the package being nonshared.
People who want or need CPU crypto instruction support can enable it in
menuconfig while building custom images for the few platforms that support
them.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 0063e3421d)
All patches automatically rebased.
The following patch was replaced by a similar version upstream:
bcm27xx/patches-5.10/950-0036-tty-amba-pl011-Add-un-throttle-support.patch
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 7d3c0928de)
Using the BOARD_NAME variable results for both er and erlite devices to
identify themselfs as `er` and `erlite` (via `ubus call system board`).
This is problematic when devices search for firmware upgrades since the
OpenWrt profile is actually called `ubnt_edgerouter` and
`ubnt_edgerouter-lite`.
By adding the `SUPPORTED_DEVICE` a mapping is created to point devices
called `er` or `erlite` to the corresponding profile.
FIXES: https://github.com/openwrt/asu/issues/348
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 2a07270180)
This fixes problem of overwriting BCM4908 U-Boot and DTB files by
BCM4912 ones. That bug didn't allow booting BCM4908 devices.
Fixes: f4c2dab544 ("uboot-bcm4908: add BCM4912 build")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a8e1e30543)
In theory we could have just 1 bootfs image for all devices as each
device has its own entry in the "configurations" node. It doesn't work
well with default configuration though.
If something goes wrong U-Boot SPL can be interrupted (by pressing A) to
enter its minimalistic menu. It allows ignoring boardid. In such case
bootfs default configuration is used.
For above reason each SoC family (BCM4908, BCM4912) should have its own
bootfs built. It allows each of them to have working default
configuration.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 6ae2f7ff47)
There are forum reports that 2 LAN ports are not working, the
GPIO settings are adjusted to fix the problem.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
(cherry picked from commit 0f301b0b1d)
The order of LAN ports shown in Luci is reversed compared to what is
written on the case of the device. Fix the order so that they match.
Fixes: #10275
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 69ea671320)
The change of the PKG_VERSION caused the hash of the package to
change. This is because the PKG_VERSION is present in the
internal directory structure of the archive.
Fixes: 038d5bdab1 ("layerscape: use semantic versions for LSDK")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit e879cccaa2)
(cherry picked from commit d4391ef073)
moves and extends the current facilities, which have been
added some time ago for the the usbip utility, to support
more utilites that are shipped with the Linux kernel tree
to the SDK.
this allows to drop all the hand-waving and code for
failed previous attempts to mitigate the SDK build failures.
Fixes: bdaaf66e28 ("utils/spidev_test: build package directly from Linux")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit b479db9062)
Destination switch ports for outgoing frame can range from 0 to
CPU_PORT-1.
Refactor the code to only generate egress frame CPU headers when a valid
destination port number is available, and make the code a bit more
consistent between different switch generations. Change the dest_port
argument's type to 'unsigned int', since only positive values are valid.
This fixes the issue where egress frames on switch port 0 did not
receive a VLAN tag, because they are sent out without a CPU header.
Also fixes a potential issue with invalid (negative) egress port numbers
on RTL93xx switches.
Reported-by: Arınç ÜNAL <arinc.unal@xeront.com>
Suggested-by: Birger Koblitz <mail@birger-koblitz.de>
Tested-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit 1773264a0c)
Priority values passed to the egress (TX) frame header initialiser are
invalid when smaller than 0, and should not be assigned to the frame.
Queue assignment is then left to the switch core logic.
Current code for RTL83xx forces the passed priority value to be
positive, by always masking it to the lower bits, resulting in the
priority always being set and enabled. RTL93xx code doesn't even check
the value and unconditionally assigns the (32 bit) value to the (5 bit)
QID field without masking.
Fix priority assignment by only setting the AS_QID/AS_PRI flag when a
valid value is passed, and properly mask the value to not overflow the
QID/PRI field.
For RTL839x, also assign the priority to the right part of the frame
header. Counting from the leftmost bit, AS_PRI and PRI are in bits 36
and 37-39. The means they should be assigned to the third 16 bit value,
containing bits 32-47.
Tested-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit 0b35a08a05)
The flag to enable L2 address learning on egress frames is in CPU header
bit 40, with bit 0 being the leftmost bit of the header. This
corresponds to BIT(7) in the third 16-bit value of the header.
Correctly set L2LEARNING by fixing the off-by-one error.
Fixes: 9eab76c84e ("realtek: Improve TX CPU-Tag usage")
Tested-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit d6165ea75b)
The flag to enable the outgoing port mask is in CPU header bit 43, with
bit 0 being the leftmost bit of the header. This corresponds to BIT(4)
in the third 16-bit value of the header.
Correctly set AS_DPM by fixing the off-by-one error.
Fixes: 9eab76c84e ("realtek: Improve TX CPU-Tag usage")
Tested-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit d9516cacb0)
Netgear WAX202 is an 802.11ax (Wi-Fi 6) router.
Specifications:
* SoC: MT7621A
* RAM: 512 MiB NT5CC256M16ER-EK
* Flash: NAND 128 MiB F59L1G81MB-25T
* Wi-Fi:
* MT7915D: 2.4/5 GHz (DBDC)
* Ethernet: 4x 1GbE
* Switch: SoC built-in
* USB: None
* UART: 115200 baud (labeled on board)
Load addresses (same as ipTIME AX2004M):
* stock
* 0x80010000: FIT image
* 0x81001000: kernel image -> entry
* OpenWrt
* 0x80010000: FIT image
* 0x82000000: uncompressed kernel+relocate image
* 0x80001000: relocated kernel image -> entry
Installation:
* Flash the factory image through the stock web interface, or TFTP to
the bootloader. NMRP can be used to TFTP without opening the case.
* Note that the bootloader accepts both encrypted and unencrypted
images, while the stock web interface only accepts encrypted ones.
Revert to stock firmware:
* Flash the stock firmware to the bootloader using TFTP/NMRP.
References in WAX202 GPL source:
https://www.downloads.netgear.com/files/GPL/WAX202_V1.0.5.1_Source.rar
* openwrt/target/linux/ramips/dts/mt7621-ax-nand-wax202.dts
DTS file for this device.
Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
(cherry picked from commit 0f068e7c4a)
Netgear encrypted image is used in various devices including WAX202,
WAX206, and EX6400v3. This image format also requires a dummy squashfs4
image which is added here as well.
References in WAX202 GPL source:
https://www.downloads.netgear.com/files/GPL/WAX202_V1.0.5.1_Source.rar
* openwrt/bootloader/u-boot-mt7621-2018.09-gitb178829-20200526/board/ralink/common/dual_image.c
Bootloader code that verifies the presence of a squashfs4 image, thus
a dummy image is added here.
* openwrt/tools/imgencoder/src/gj_enc.c
Contains code that generates the encrypted image. There is support for
adding an RSA signature, but it does not look like the signature is
verified by the stock firmware or bootloader.
* openwrt/tools/imgencoder/src/imagekey.h
Contains the encryption key and IV. It appears the same key/IV is used
for other Netgear devices including WAX206 and EX6400v3.
Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
(cherry picked from commit efca76ffce)
The armvirt target is also used to run OpenWrt in lxc on other targets
like a Raspberry Pi. If we set WOLFSSL_HAS_CPU_CRYPTO by default the
wolfssl binray is only working when the CPU supports the hardware crypto
extension.
Some targets like the Raspberry Pi do not support the ARM CPU crypto
extension, compile wolfssl without it by default. It is still possible
to activate it in custom builds.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d1b5d17d03)
This fix allows trigger a rerun of Build/Configure when
rpcapd was selected.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit 6902af4f30)
Without this, WOLFSSL_HAS_DH can be disabled even if WOLFSSL_HAS_WPAS is
enabled, resulting in an "Anonymous suite requires DH" error when trying
to compile wolfssl.
Signed-off-by: Pascal Ernster <git@hardfalcon.net>
Reviewed-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 21825af2da)
Changes:
9c44557 opkg_remove: avoid remove pkg repeatly with option --force-removal-of-dependent-packages
2edcfad libopkg: set 'const' attribute for argv
This should fix the CI error in the packages repository, which happens with perl.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit e21fea9289)
Changes between 1.1.1p and 1.1.1q [5 Jul 2022]
*) AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised
implementation would not encrypt the entirety of the data under some
circumstances. This could reveal sixteen bytes of data that was
preexisting in the memory that wasn't written. In the special case of
"in place" encryption, sixteen bytes of the plaintext would be revealed.
Since OpenSSL does not support OCB based cipher suites for TLS and DTLS,
they are both unaffected.
(CVE-2022-2097)
[Alex Chernyakhovsky, David Benjamin, Alejandro Sedeño]
Signed-off-by: Dustin Lundquist <dustin@null-ptr.net>
(cherry picked from commit 3899f68b54)
This version fixes two vulnerabilities:
-CVE-2022-34293[high]: Potential for DTLS DoS attack
-[medium]: Ciphertext side channel attack on ECC and DH operations.
The patch fixing x86 aesni build has been merged upstream.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 9710fe70a6)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This image is supposed to be written with help of bootloader to the
flash, but as it stands, it's not aligned to block size and RedBoot will
happily create non-aligned partition size in FIS directory. This could
lead to kernel to mark the partition as read-only, therefore pad the
image to block erase size boundary.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(cherry picked from commit 9decd2a843)
The bootloader on this board hid the partition containig MAC addresses
and prevented adding this space to FIS directory, therefore those had to
be stored in RedBoot configuration as aliases to be able to assigne them
to proper interfaces. Now that fixed partition size are used instead of
redboot-fis parser, the partition containig MAC addresses could be
specified, and with marking it as nvmem cell, we can assign them without
userspace involvement.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(cherry picked from commit b52719b71a)
Don't comence the switch to RAMFS when the image format is wrong. This
led to rebooting the device, which could lead to false impression that
upgrade succeded.
Being here, factor out the code responsible for upgrading RedBoot
devices to separate file.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(cherry picked from commit 5897c52e78)
After the kernel has switched version to 5.10, JA76PF2 and
RouterStations lost the capability to sysupgrade the OpenWrt version.
The cause is the lack of porting the patches responsible for partial
flash erase block writing and these boards FIS directory and RedBoot
config partitions share the same erase block. Because of that the FIS
directory can't be updated to accommodate kernel/rootfs partition size
changes. This could be remedied by bootloader update, but it is very
intrusive and could potentially lead to non-trivial recovery procedure,
if something went wrong. The less difficult option is to use OpenWrt
kernel loader, which will let us use static partition sizes and employ
mtd splitter to dynamically adjust kernel and rootfs partition sizes.
On sysupgrade from ath79 19.07 or 21.02 image, which still let to modify
FIS directory, the loader will be written to kernel partition, while the
kernel+rootfs to rootfs partition.
The caveats are:
* image format changes, no possible upgrade from ar71xx target images
* downgrade to any older OpenWrt version will require TFTP recovery or
usage of bootloader command line interface
To downgrade to 19.07 or 21.02, or to upgrade if one is already on
OpenWrt with kernel 5.10, for RouterStations use TFTP recovery
procedure. For JA76PF2 use instructions from this commit message:
commit 0cc87b3bac ("ath79: image: disable sysupgrade images for routerstations and ja76pf2"),
replacing kernel image with loader (loader.bin suffix) and rootfs
image with firmware (firmware.bin suffix).
Fixes: b10d604459 ("kernel: add linux 5.10 support")
Fixes: 15aa53d7ee ("ath79: switch to Kernel 5.10")
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(mkubntimage was moved to generic-ubnt.mk)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 5c142aad7b)
On the NanoPI R4S it takes an average of 3..5 seconds for the network devices
to appear in '/proc/interrupts'.
Wait up to 10 seconds to ensure that the distribution of the interrupts
really happens.
Signed-off-by: Ronny Kotzschmar <ro.ok@me.com>
(cherry picked from commit 9b00e97956)
Apply an upstream patch that removes unnecessary CFLAGs, avoiding
generation of incompatible code.
Commit 0bd5367233 is reverted so the
accelerated version builds by default on x86_64.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 639419ec4f)
During upload of firmware images the WebUI and CLI patch process
extracts a version information from the uploaded file and stores it
onto the jffs2 partition. To be precise it is written into the
flash.txt or flash2.txt files depending on the selected target image.
This data is not used anywhere else. The current OpenWrt factory
image misses this label. Therefore version information shows only
garbage. Fix this.
Before:
DGS-1210-20> show firmware information
IMAGE ONE:
Version : xfo/QE~WQD"A\Scxq...
Size : 5505185 Bytes
After:
DGS-1210-20> show firmware information
IMAGE ONE:
Version : OpenWrt
Size : 5505200 Bytes
Tested-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
(cherry picked from commit fae3ac3560)
Currently we build factory images only for DGS-1210-28 model. Relax
that constraint and take care about all models. Tested on DGS-1210-20
and should work on other models too because of common flash layout.
Tested-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
(cherry picked from commit 2b49ec3a28)
What should have been only cosmetic changes, ended up in breaking the
script. Rename UIMAGE_CRC_SLICE back to (the original) UIMAGE_CRC_OFF.
Fixes issue #10204 "cameo-tag.py broken"
Reported-by: Markus Stockhausen <markus.stockhausen@gmx.de>
Fixes: f9e840b657 ("scripts: add CAMEO tag generator")
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit ebfe66e494)
From now on we will insert CAMEO tags into sysupgrade images for
DGS-1210 devices. This will make the "OS:...FAILED" and "FS:...FAILED"
messages go away.
Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
(cherry picked from commit e763c4c89f)
This script inserts CAMEO tags into an uImage to make U-Boot
of DGS-1210 switches happy.
Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
Suggested-by: Sander Vanheule <sander@svanheule.net> # Mutual checksum algorithm
[commit title prefix, trailing whitespace, OpenWrt capitalisation, move
CRC calculation comment, use UIMAGE_NAME_*, remove parentheses for
return, use f-string instead of str()]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit f9e840b657)
DGS-1210 switches support dual image, with each image composed of a
kernel and a rootfs partition. For image1, kernel and rootfs are in
sequence. The current OpenWrt image (written using a serial console),
uses those partitions together as the firmware partition, ignoring the
partition division. The current OEM u-boot fails to validate image1 but
it will only trigger firmware recovery if both image1 and image2 fail,
and it does not switch the boot image in case one of them fails the
check.
The OEM factory image is composed of concatenated blocks of data, each
one prefixed with a 0x40-byte cameo header. A normal OEM firmware will
have two of these blocks (kernel, rootfs). The OEM firmware only checks
the header before writing unconditionally the data (except the header)
to the correspoding partition.
The OpenWrt factory image mimics the OEM image by cutting the
kernel+rootfs firmware at the exact size of the OEM kernel partition
and packing it as "the kernel partition" and the rest of the kernel and
the rootfs as "the rootfs partition". It will only work if written to
image1 because image2 has a sysinfo partition between kernel2 and
rootfs2, cutting the kernel code in the middle.
Steps to install:
1) switch to image2 (containing an OEM image), using web or these CLI
commands:
- config firmware image_id 2 boot_up
- reboot
2) flash the factory_image1.bin to image1. OEM web (v6.30.016)
is crashing for any upload (ssh keys, firmware), even applying OEM
firmwares. These CLI commands can upload a new firmware to the other
image location (not used to boot):
- download firmware_fromTFTP <tftpserver> factory_image1.bin
- config firmware image_id 1 boot_up
- reboot
To debrick the device, you'll need serial access. If you want to
recover to an OpenWrt, you can replay the serial installation
instructions. For returning to the original firmware, press ESC during
the boot to trigger the emergency firmware recovery procedure. After
that, use D-Link Network Assistant v2.0.2.4 to flash a new firmware.
The device documentation does describe that holding RESET for 12s
trigger the firmware recovery. However, the latest shipped U-Boot
"2011.12.(2.1.5.67086)-Candidate1" from "Aug 24 2021 - 17:33:09" cannot
trigger that from a cold boot. In fact, any U-Boot procedure that relies
on the RESET button, like reset settings, will only work if started from
a running original firmware. That, in practice, cancels the benefit of
having two images and a firmware recovery procedure (if you are not
consider dual-booting OpenWrt).
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 1005dc0a64)
The cameo header is a 0x40-byte header used by D-Link DGS 1210 switches
and Apresia ApresiaLightGS series. cameo-imghdr.py is a clean-room
reimplementation of imghdr present in the DGS-1210-28-GPL package.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
[fix board_version argument's help text]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit 2fd66e058b)
This improves NAT masquarade network performance.
An alternative to kernel change would be runtime setup but that requires
ethtool and identifying relevant network interface and all related
switch ports interfaces.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 82d0dd8f8a)
Bumping max frame size has significantly affected network performance.
It was done by upstream commit that first appeared in the 5.7 release.
This change bumps NAT masquarade speed from 196 Mb/s to 383 Mb/s for the
BCM4708 SoC.
Ref: f55f1dbaad ("bcm53xx: switch to the kernel 5.10")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 230c9da963)
This uses kernel's generic variable and doesn't require patching it with
a custom Makefile change. It's expected *not* to change any behaviour.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1d42af720c)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 24e27bec9a)
When building the mediatek/mt7629 target in OpenWrt 22.03 the kernel
does not have a configuration option for CONFIG_CRYPTO_DEV_MEDIATEK. Add
this option to the generic kernel configuration and also add two other
configuration options which are removed when we refresh the mt7629
kernel configuration.
Fixes: 2bea35cb55 ("mediatek: remove crypto-hw-mtk package")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit dcc0fe24ea)
Changes between 1.1.1o and 1.1.1p [21 Jun 2022]
*) In addition to the c_rehash shell command injection identified in
CVE-2022-1292, further bugs where the c_rehash script does not
properly sanitise shell metacharacters to prevent command injection have been
fixed.
When the CVE-2022-1292 was fixed it was not discovered that there
are other places in the script where the file names of certificates
being hashed were possibly passed to a command executed through the shell.
This script is distributed by some operating systems in a manner where
it is automatically executed. On such operating systems, an attacker
could execute arbitrary commands with the privileges of the script.
Use of the c_rehash script is considered obsolete and should be replaced
by the OpenSSL rehash command line tool.
(CVE-2022-2068)
[Daniel Fiala, Tomáš Mráz]
*) When OpenSSL TLS client is connecting without any supported elliptic
curves and TLS-1.3 protocol is disabled the connection will no longer fail
if a ciphersuite that does not use a key exchange based on elliptic
curves can be negotiated.
[Tomáš Mráz]
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit eb7d2abbf0)
The recent differentiation between v1 and v2 of the UniFi 6 LR added
support for the v2 version which has GPIO-controlled LEDs instead of
using an additional microcontroller to drive an RGB led.
The polarity of the white LED, however, was inverted and the default
states didn't make a lot of sense after all. Fix that.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit f58e562b07)
The line trying to generate the standard sdcard.img.gz fails due to
boot.scr not being generated.
Remove the line in order to use the default sdcard.img.gz which is
exactly the same but includes generating the boot.scr file.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1d3b57dbee)
Select matching U-Boot for both v1 and v2 variants.
Fixes: 15a02471bb ("mediatek: new target mt7622-ubnt-unifi-6-lr-v1")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2caa03ec86)
Add targets:
* Ubiquiti UniFi 6 LR v2
* Ubiquiti UniFi 6 LR v2 (U-Boot mod)
This target does not have a RGB led bar like v1 did
Used target/linux/ramips/dts/mt7621_ubnt_unifi.dtsi as inspiration
The white dome LED is default-on, blue will turn on when the system is
in running state
Signed-off-by: Henrik Riomar <henrik.riomar@gmail.com>
(cherry picked from commit 31d86a1a11)
based on current ubnt_unifi-6-lr-ubootmod
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[added SUPPORTED_DEVICES for compatibility with existing setups]
Signed-off-by: Henrik Riomar <henrik.riomar@gmail.com>
(cherry picked from commit 5c8d3893a7)
Based on current mt7622-ubnt-unifi-6-lr, this is a preparation for
adding a v2 version of this target
* v1 - with led-bar
* v2 - two simple GPIO connected LEDs (in later commits)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[added SUPPORTED_DEVICES for compatibility with existing setups]
Signed-off-by: Henrik Riomar <henrik.riomar@gmail.com>
(cherry picked from commit 15a02471bb)
The config for LEDS_UBNT_LEDBAR doesn't stay in mt7629 kconfig because
of its I2C dependency. Build it as a module and let buildroot handle
this config option instead.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit d9ea9c06e9)
The MediaTek's Crypto Engine module is only available for mt7623, in
which case it is built into the kernel.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 3f2d0703b6)
Fix the wps button to prevent wrongly detected recovery procedures.
In the official banana pi r64 git the wps button is set to
GPIO_ACTIVE_LOW and not GPIO_ACTIVE_HIGH.
Import patch to fix on boot unwanted recovery entering:
Press the [f] key and hit [enter] to enter failsafe mode
Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level
- failsafe button wps was pressed -
- failsafe -
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry-picked from commit 6686194255)
The kernel configuration option CONFIG_MACH_MT7629 selects
CONFIG_HAVE_ARM_ARCH_TIMER now. Handle this change in the config-5.10.
This fixes some build problems.
Fixes: 81530d69ef ("kernel: bump 5.10 to 5.10.121")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
93e3fce916c6 mt76: pass original queue id from __mt76_tx_queue_skb to the driver
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 06d0cc2fb3)
c07f45927839 firmware: update mt7622 firmware to version 20220630
af406a2d1c36 mt76: do not use skb_set_queue_mapping for internal purposes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8e90abb396)
At least two AX820 hardware variants are known to exist, but they cannot
be distinguished (same hardware revision, no specific markings).
They appear to have the same LED hardware, but wired differently:
- One has a red system LED at GPIO 15, a green wlan2g LED at GPIO 14 and
a blue wlan5g LED at GPIO 16;
- The other only offers a green system LED at GPIO 15, with GPIO 14 and
16 being apparently not connected
Finally, a Yuncore datasheet says the canonical wiring should be:
- Blue wlan2g GPIO 14, green system GPIO 15, red wlan5g GPIO 16
All GPIOs are tied to a single RGB LED which is exposed via lightpipe on
the device front casing.
Considering the above, this patch exposes all three LEDs, preserves the
common system LED (GPIO 15) as the openwrt status LED, and removes the
color information from the LEDs names since it is not consistent across
hardware. The LED naming is made consistent with other YunCore devices.
A note is added in DTS to ensure this information is always available
and prevent unwanted changes in the future.
Fixes: #10131 "YunCore AX820: GPIO LED not correct"
Reviewed-by: Sander Vanheule <sander@svanheule.net>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
No patches rebased, just checksum update for this refresh.
Build system: x86_64
Build-tested: ipq806x/R7800
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit c5882c33a7)
Enable PowerPC Book-E Watchdog Timer support. Having this enabled
in-kernel will result in procd starting it during boot.
This effectively solves the problem of the WDT in the Winbond W83793 chip
potentially resetting the system during sysupgrade, which could result
in an unbootable device. While the driver is modular, resulting in procd
not starting the WDT during boot (because that happens before kmod
load), the WDT handover during sysupgrade results in the WDT being
started. This normally shouldn't be a problem, but the W83793 WDT does
not like procd's defaults, nor the handover happening during sysupgrade.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 04071cb111)
Avoid shipping ath10k board file in Mikrotik initram images
Most will only ever need to use these initram images once—to initially
load OpenWrt, but fix these images for more consistent Wi-Fi performance
between the initram and installed squashfs images.
OpenWrt BUILDBOT config ignores -cut packages in the initram images build.
This results in BUILDBOT initram images including the linux-firmware
qca4019 board-2.bin, and (initram image booted) Mikrotik devices loading
a generic BDF, rather than the intended BDF data loaded
from NOR as an api 1 board_file.
buildbot snapshot booted as initram image:
cat /etc/openwrt_version
r19679-810eac8c7f
dmesg | grep ath10k | grep -E board\|BDF
[ 9.794556] ath10k_ahb a000000.wifi: Loading BDF type 0
[ 9.807192] ath10k_ahb a000000.wifi: board_file api 2 bmi_id 0:16
crc32 11892f9b
[ 12.457105] ath10k_ahb a800000.wifi: Loading BDF type 0
[ 12.464945] ath10k_ahb a800000.wifi: board_file api 2 bmi_id 0:17
crc32 11892f9b
CC: Robert Marko <robimarko@gmail.com>
Fixes: 5eee67a72f ("ipq40xx: mikrotik: dont include ath10k-board-qca4019 by default")
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
Reviewed-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 602b5f6c60)
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Since MikroTik subtarget now uses dynamic BDF loading its crucial that it
doesnt include the board-2.bin at all which is provided by the
ath10k-board-qca4019 package.
So to resolve this dont include the ath10k-board-qca4019 package on the
MikroTik subtarget.
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 5eee67a72f)
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Since we now provide the BDF-s for MikroTik IPQ40xx devices on the fly,
there is noneed to include package and ship them like we do now.
This also resolves the performance issues that happen as MikroTik
changes the boards and ships them under the same revision but they
actually ship with and require a different BDF.
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit ab141a6e2c)
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Since we now can pass the API 1 BDF-s aka board.bin to the ath10k
driver per radio lets use that to provide the BDF-s for MikroTik devices.
This also resolves the performance issues that happen as MikroTik changes
the boards and ships them under the same revision but they actually ship
with and require a different BDF.
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 4d4462cc2a)
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Some ath10k IPQ40xx devices like the MikroTik hAP ac2 and ac3 require the
BDF-s to be extracted from the device storage instead of shipping packaged
API 2 BDF-s.
This is required as MikroTik has started shipping boards that require BDF-s
to be updated, as otherwise their WLAN performance really suffers.
This is however impossible as the devices that require this are release under
the same revision and its not possible to differentiate them from devices
using the older BDF-s.
In OpenWrt we are extracting the calibration data during runtime and we are
able to extract the BDF-s in the same manner, however we cannot package the
BDF-s to API 2 format on the fly and can only use API 1 to provide BDF-s on
the fly.
This is an issue as the ath10k driver explicitly looks only for the board.bin
file and not for something like board-bus-device.bin like it does for pre-cal
data.
Due to this we have no way of providing correct BDF-s on the fly, so lets
extend the ath10k driver to first look for BDF-s in the board-bus-device.bin
format, for example: board-ahb-a800000.wifi.bin
If that fails, look for the default board file name as defined previously.
So, backport the upstream ath10k patch.
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 3daf2d477e)
[prune unrelated patch refreshes]
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Update ath10k-ct to the latest version which includes the backported
ath10k commit for requesting API 1 BDF-s with a unique name like caldata.
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit ab97b2a25d)
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
11f5c7b fw4.uc: fix zone helper assignment
b9d35ff fw4.uc: don't skip zone for unavailable helper
e35e26b tests: add test for zone helpers
a063317 ruleset: fix conntrack helpers
e1cb763 ruleset: reuse zone-jump.uc template for notrack and helper chain jumps
11410b8 ruleset: reorder declarations & output tweaks
880dd31 fw4: fix skipping invalid IPv6 ipset entries
5994466 fw4: simplify `is_loopback_dev()`
53886e5 fw4: fix crash in parse_cthelper() if no helpers are present
11256ff fw4: add support for configurable includes
3b5a033 tests: add test coverage for firewall includes
d79911c fw4: support sets with timeout capability but without default expiry
15c3831 fw4: add support for `option log` in rule and redirect sections
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit e8433fb433)
The random crashes observed with HARDENED_USERCOPY enabled no longer
seem to occur. Enable HARDENED_USERCOPY to improve security.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 61587c9242)
We do not need support for 32 bit applications, as we're building
everything for 64 bit.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 3e1848ee0f)
This patch provides support for the Firebox M300 reset button.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit 19231cf838)
This patch provides support for the Firebox M300 only user-controllable
bi-color LED, and makes the green "shield" LED act as the typical
OpenWrt status led.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit 4ab421b81d)
The MikroTik mAP-2nd (sold as mAP) is an indoor 2.4Ghz AP with
802.3af/at PoE input and passive PoE passthrough.
See https://mikrotik.com/product/RBmAP2nD for more details.
Specifications:
- SoC: QCA9533
- RAM: 64MB
- Storage: 16MB NOR
- Wireless: QCA9533 802.11b/g/n 2x2
- Ethernet: 2x 10/100 ports,
802.3af/at PoE in port 1, 500 mA passive PoE out on port 2
- 7 user-controllable LEDs
Note: the device is a tiny AP and does not distinguish between both
ethernet ports roles, so they are both assigned to lan.
With the current setup, ETH1 is connected to eth1 and ETH2 is connected
to eth0 via the embedded switch port 2.
Flashing:
TFTP boot initramfs image and then perform sysupgrade. The "ETH1" port
must be used to upload the TFTP image. Follow common MikroTik procedure
as in https://openwrt.org/toh/mikrotik/common.
Tested-By: Andrew Powers-Holmes <aholmes@omnom.net>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit e1223dbee3)
Linux MTD requires the parent partition be writable for a child
partition to be allowed write permission.
In order for soft_config to be writeable (and modifiable via sysfs),
the parent RouterBoot partition must be writeable
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit bb929a0f9c)
Linux MTD requires the parent partition be writable for a child
partition to be allowed write permission.
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
(cherry picked from commit 86fb287ad5)
Update this pending patch to remove the untested (variable eraseregions)
section, alongside simplifying the patch.
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
[refresh and split out unrelated refreshes]
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit 4f7065ed25)
This adds the igc driver for the Intel 2.5GBit Ethernet chip to the
default packages.
Fixes: #10064
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit aae3a8a254)
OpenWrt now uses firewall4 (nft) by default,
so iptables should also default to nftables backend.
When multiple packages provide the same virtual package,
opkg pick the first one by alphabetical order,
so we rename iptables-legacy to iptables-zz-legacy and add
iptables-legacy in PROVIDES.
We also need to remove IPTABLES_NFTABLES config as
this cause recursive dependencies.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 35fec487e3)
Kernel 5.10.124 introduced a new symbol 'LIB_MEMNEQ'. Add it to the
generic 5.10 config.
Fixes: 9e5d743422 ("kernel: bump 5.10 to 5.10.124")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit f3caba679b)
This requires U-Boot environment changes:
setenv OpenWrt_kernel watchguard_firebox-m300-fit-uImage.itb
setenv loadaddr 0x20000000
setenv wgBootSysA 'setenv bootargs root=/dev/mmcblk0p2 rw rootdelay=2 console=$consoledev,$baudrate fsl_dpaa_fman.fsl_fm_max_frm=1530; mmc dev 0; ext2load mmc 0:1 $loadaddr $OpenWrt_kernel; bootm $loadaddr'
Trying to sysupgrade an image containing this change on an M300 already
running OpenWrt will fail with the following error:
Tue Jun 14 12:06:21 EEST 2022 upgrade: The device is supported, but the config is incompatible to the new image (1.0->1.1). Please upgrade without keeping config (sysupgrade -n).
Tue Jun 14 12:06:21 EEST 2022 upgrade: Kernel switched to FIT uImage. Update U-Boot environment.
Tue Jun 14 12:06:21 EEST 2022 upgrade: Reading partition table from bootdisk...
Tue Jun 14 12:06:21 EEST 2022 upgrade: Extract boot sector from the image
Tue Jun 14 12:06:21 EEST 2022 upgrade: Reading partition table from image...
Image check failed.
This is to prevent rendering your device unbootable. Make the U-Boot
environment changes as instruced above, and then flash the image using
sysupgrade -F. The config can be kept, there is no need to use -n.
After the new image booted successfully, you can increase the compat_version:
uci set system.@system[0].compat_version='1.1'
uci commit
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit c4b499bc03)
Use the KERNEL_SUFFIX variable in Build/sdcard-img, rather than
using hardcoded "-kernel.bin", to allow overriding KERNEL_SUFFIX for a
device.
Fixes: 080a769b4d ("qoriq: new target")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 86948716db)
No patches required a rebase, just updated checksum.
Build system: x86_64
Build-tested: ipq806x/R7800
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 5202a511cc)
WolfSSL is crashing with an illegal opcode in some x86_64 CPUs that have
AES instructions but lack other extensions that are used by WolfSSL
when AES-NI is enabled.
Disable the option by default for now until the issue is properly fixed.
People can enable them in a custom build if they are sure it will work
for them.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 0bd5367233)
Restore CONFIG_I8K + CONFIG_INTEL_INT0002_VGPIO that got
removed when I refreshed the config. Each x86 target gets
its own CONFIG_CRYPTO_BLAKE2S + LIB settings as only the
x86_64 can use the accelerated x86 version.
Also remove two extra spaces that sneaked into geode's config.
Fixes: 539e60539a ("generic: enable CRYPTO_LIB_BLAKE2S[_X86|_ARM]")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 9fc2d58bf8)
This is now built-in, enable so it won't propagate on target configs.
Link: https://lkml.org/lkml/2022/1/3/168
Fixes: 79e7a2552e ("kernel: bump 5.15 to 5.15.44")
Fixes: 0ca9367069 ("kernel: bump 5.10 to 5.10.119")
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(Link to Kernel's commit taht made it built-in,
CRYPTO_LIB_BLAKE2S[_ARM|_X86] as it's selectable, 5.10 backport)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 539e60539a)
This updates prereq-build.mk to find a suitable realpath utility, and
adds another place to look for a suitable getopt utility.
realpath has been used most notably by scripts/ipkg-build since
commit bb95be9265 ("scripts,ipkg-build: use realpath for pkg_dir")
and there are assorted other uses of it during a build.
It is ordinarily provided by GNU coreutils. This adds a SetupHostCommand
to locate it either under its own name or under grealpath, the name that
it will be available as under MacPorts or Homebrew, which use
--program-prefix=g.
Similarly, update the SetupHostCommand for getopt to be able to locate a
util-linux getopt at the default path used by MacPorts, in the same
fashion that
commit cc16f5d73e ("build: try to find getopt in macOS homebrew's standard location")'
did for Homebrew. As there is no standard alternative --program-prefix
for util-linux utilities in the way that GNU packages often use a "g"
prefix, this path-based approach is required in case a non-util-linux
getopt (such as one provided by an OS) shadows the util-linux getopt
in the PATH.
Signed-off-by: Mark Mentovai <mark@moxienet.com>
(cherry picked from commit f614332197)
This adds a few fixes for compiling against Linux 5.10:
1. segment_eq() has been removed with upstream commit
428e2976a5bf7e7f5554286d7a5a33b8147b106a ("uaccess: remove
segment_eq") and can use uaccess_kernel() instead
2. ioremap_nocache() is removed and is now an alias for ioremap() with
upstream commit 4bdc0d676a643140bdf17dbf7eafedee3d496a3c ("remove
ioremap_nocache and devm_ioremap_nocache")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit cd3de51bb4)
Existing conntracks will continue to be SNATed to 192.0.0.1 even after
464xlat interface gets teared down. To prevent this, matching
conntracks must be killed.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(cherry picked from commit 289c46869b)
There is not RTC battery connected to the SoC of the UniFi 6 LR board.
Disable the RTC to prevent the system coming up with time set to
2000-01-01 00:00:00 after each reboot.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 692d87a27b)
Some K2P comes with the worse boards with GD25Q128 (may be A2), which
only works with 50MHz frequency and less. Reduce spi frequency so that
these routers can boot.
remove m25p,fast-read because it isn't needed for 50MHz SPI.
Signed-off-by: Aviana Cruz <gwencroft@proton.me>
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit 857ea3f690)
902b321 wireless-regdb: Update regulatory rules for Israel (IL)
20f6f34 wireless-regdb: add missing spaces for US S1G rules
25652b6 wireless-regdb: Update regulatory rules for Australia (AU)
081873f wireless-regdb: update regulatory database based on preceding changes
166fbdd wireless-regdb: add db files missing from previous commit
e3f03f9 Regulatory update for 6 GHz operation in Canada (CA)
888da5f Regulatory update for 6 GHz operation in United States (US)
647bcaa Regulatory update for 6 GHz operation in FI
c6b079d wireless-regdb: update regulatory rules for Bulgaria (BG) on 6GHz
2ed39be wireless-regdb: Remove AUTO-BW from 6 GHz rules
7a6ad1a wireless-regdb: Unify 6 GHz rules for EU contries
68a8f2f wireless-regdb: update regulatory database based on preceding changes
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit e3e9eb31a2)
With some OS (Guix) the git submodule command is wrapped in
a script. Current logic parse the git submodule script directly.
If it's wrapped the prereq check wrongly fails while 'git submodule
--recursive' is actually available.
Add an additional check that try to directly use the 'git submodule'
command to check if the prereq is satisfied.
Fixes: #9986
Reported-by: Attila Lendvai <attila@lendvai.name>
Suggested-by: Attila Lendvai <attila@lendvai.name>
Signed-off-by: Christian 'Ansuel' Marangi <ansuelsmth@gmail.com>
(cherry picked from commit ab1f3a8706)
This reverts the airtime scheduler back from the virtual-time based scheduler
to the deficit round robin scheduler implementation.
This reduces burstiness and improves fairness by improving interaction with AQL.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 6d49a25804)
Tim Small reported:
| Viewing the 'Network' -> 'Switch' config page in LuCI:
|
| The LuCI LAN 1 port corresponds to the port physically
| labelled 2 at the rear of the device.
| [...]
|
| When a patch cord is attached to the port labelled 1 [...],
| the LED labelled °2 illuminates.
=> essentially, the Ports and LEDs are reversed.
Reported-by: Tim Small
Fixes: #10111
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 36483600d3)
For a TX->TX connected external phy to transmit/receive data, the rgmii2
pin group needs to be claimed with gpio function, at least for EdgeRouter X
SFP. We already claim the pin group under the pinctrl node with gpio
function on the gpio node on mt7621_ubnt_edgerouter-x.dtsi.
However, we should claim a pin group under its consumer node. It's the
ethernet node in this case, which we already claim the rgmii2 pin group
under it on mt7621.dtsi. Therefore, set the function as gpio on the rgmii2
node for EdgeRouter X SFP and get rid of claiming the rgmii2 pin group
under the pinctrl node. With this change, we also get to remove a
definition from mt7621_ubnt_edgerouter-x.dtsi which is specific to
EdgeRouter X SFP.
This change is tested on an EdgeRouter X SFP.
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
(cherry picked from commit a1ad837735)
Make sure BootingFlag points to the system partition we install to.
The BootingFlag variable selects which system partition the system
boots from (0 => "Kernel", 1 => "Kernel2"). OpenWrt does not yet have
device specific support for this dual image scheme, and can therefore
only boot from "Kernel".
This has not been an issue until now, since all known OEM firmware
versions have ignored "Kernel2" - leaving the BootingFlag fixed at 0.
But the newest OEM firmware has a new upgrade procedure, installing
to the "inactive" system partition and setting BootingFlag accordingly.
This workaround is needed until the dual image scheme is fully
supported.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit 79112e7d47)
It was observed that `rootfs_data` was sometimes not correctly erased
after performing sysupgrade, resulting in previous settings to prevail.
Add call to `wrgg-pad-rootfs` in sysupgrade image recipe to ensure any
previous jffs2 will be wiped, consistent with DAP-2610 from the ipq40xx
target, which introduced the double-flashing procedure for these devices.
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
(cherry picked from commit f770c33d7b)
If the RTC module is compiled as a module, the hctosys fails to
initialize because ds1307 is loaded later.
Fixes:
[ 2.004145] hctosys: unable to open rtc device (rtc0)
[ 11.957997] rtc-ds1307 0-006f: registered as rtc0
This is similar to commit 5481ce9a11,
which was done for imx6 target.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit dc7f78da97)
with the switch to DSA setup, the switch gets correctly
programmed via the device-tree now. This hack is no
longer necessary.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 554ca44730)
adds `libusb-1.0.so` link on the target root again.
Fixes: 43539a6aab ("libusb: make InstallDev explicit")
Signed-off-by: Leo Soares <leo@hyper.ag>
(added fixed tag, reworded commit)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit dc59a22f1d)
65042bfd759c mt76: mt7915: introduce 802.11ax multi-bss support
e756ea3bd069 mt76: fix wrong HE data rate in sniffer tool
47b64131e820 mt76: mt7921: don't enable beacon filter when IEEE80211_CONF_CHANGE_MONITOR is set
7a05f4628e76 mt76: fix monitor rx FCS error in DFS channel
104dd5cb0a40 mt76: mt7915: fix DBDC default band selection on MT7915D
a7805e4e1d58 mt76: reduce tx queue lock hold time
0b1deb9292cd mt76: dma: use kzalloc instead of devm_kzalloc for txwi
2e51013b38c9 mt76: dma: reduce lock contention in mt76_dma_tx_cleanup
c96fbb86f7e5 mt76: mt7915: rework hardware/phy initialization
c2bb44cab51e mt76: mt7915: accept rx frames with non-standard VHT MCS10-11
36c23a4a8422 mt76: mt7921: accept rx frames with non-standard VHT MCS10-11
5b7dd093c8f0 mt76: fix use-after-free by removing a non-RCU wcid pointer
c692aacb9bde mt76: fix MBSS index condition in DBDC mode
fd6541905aa4 mt76: mt7921u: add suspend/resume support
201b33cf42c2 mt76: mt7921: rely on mt76_dev rxfilter in mt7921_configure_filter
9666c08228e7 mt76: mt7921: honor pm user configuration in mt7921_sniffer_interface_iter
1442710d7936 mt76: mt7915: always call mt7915_wfsys_reset() during init
ec4d9b9e8b70 mt76: mt7915: fix unbounded shift in mt7915_mcu_beacon_mbss
6b1efcd72946 mt76: mt7915: fix wfsys reset regression
376ea8152b2b mt76: mt7915: add missing chunk from wfsys reset fix
eed44048ca57 Revert "mt76: dma: reduce lock contention in mt76_dma_tx_cleanup"
5beb87716e70 mt76: dma: add wrapper macro for accessing queue registers
e0bc736d5617 mt76: add support for overriding the device used for DMA mapping
b8c842daa081 mt76: make number of tokens configurable dynamically
87a962e0608f mt76: mt7915: add Wireless Ethernet Dispatch support
2accb74e6be3 mt76: mt7915: fix using null pointer when wfsys on
e5227f2f3120 mt76: mt7921: Fix the error handling path of mt7921_pci_probe()
ec0e9f4da32f mt76: mt7915: fix possible uninitialized pointer dereference in mt7986_wmac_gpio_setup
5a87be892ba7 mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector
fe441e5d3dcf mt76: mt7915: do not pass data pointer to mt7915_mcu_muru_debug_set
f3ddfe886283 mt76: mt7915: report rx mode value in mt7915_mac_fill_rx_rate
2a0d370cb5fe mt76: mt7915: use 0xff to initialize bitrate_mask in mt7915_init_bitrate_mask
506bb0605e3e mt76: mt7921: Add AP mode support
d4937118ec4f mt76: fix rx reordering with non explicit / psmp ack policy
f50672518bcc mt76: do not attempt to reorder received 802.3 packets without agg session
75e046e3c9ae mt76: fix antenna config missing in 6G cap
64ede85f14b5 mt76: mt7915: remove SCS feature
db0a67582028 mt76: mt7915: make read-only array ppet16_ppet8_ru3_ru0 static const
68a2f68d5c01 mt76: mt7921: make read-only array ppet16_ppet8_ru3_ru0 static const
1e7b77294e97 mt76: mt7921: fix kernel crash at mt7921_pci_remove
795830a99a6c mt76: mt7915: add debugfs knob for RF registers read/write
60a8ec12a8eb mt76: mt7603: move spin_lock_bh() to spin_lock()
5ec7a2eac867 mt76: mt7915: disable RX_HDR_TRANS_SHORT
eecbb4992073 mt76: fix encap offload ethernet type check
a666d5637bc3 mt76: fix tx status related use-after-free race on station removal
6da21a0b7280 linux-firmware: update firmware for MT7921 WiFi device
4876688c41dc linux-firmware: update firmware for MT7915
79b1b86040de linux-firmware: add firmware for MT7986
784c27b159b9 linux-firmware: add firmware for MT7922
079e41dc71a1 mt76: mt7915: configure soc clocks in mt7986_wmac_init
747c70fc6c89 mt76: connac: use skb_put_data instead of open coding
e98f58815018 mt76: mt7915: update mt7986 patch in mt7986_wmac_adie_patch_7976()
b7104b4b2f2d mt76: mt7915: fix twt table_mask to u16 in mt7915_dev
d39368f336ee mt76: mt7915: reject duplicated twt flows
4718ed04a655 mt76: mt7915: limit minimum twt duration
84319691b742 mt76: mt7915: reowrk SER debugfs knob
bac5f22365a2 mt76: mt7915: introduce mt7915_mac_severe_check()
81524067686c mt76: mt7915: move MT_INT_MASK_CSR to init.c
2b7f5e85290e mt76: mt7915: add support for 6G in-band discovery
31273183ea0a mt76: mt7615/mt7915: do reset_work with mt76's work queue
bb54f5e1c115 mt76: mt7915: improve error handling for fw_debug knobs
838529da6470 mt76: mt7915: add more statistics from fw_util debugfs knobs
3a65deb93737 mt76: add gfp to mt76_mcu_msg_alloc signature
8e87669eefcf mt76: mt7921: add ipv6 NS offload support
e1b2c18eee29 mt76: mt7915: fix endianness in mt7915_rf_regval_get
0742eaeafee2 mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
d299ad96d867 mt76: mt7915: fix endian bug in mt7915_rf_regval_set()
380eac6f31ec mt76: add 6 GHz band support in mt76_sar_freq_ranges
268ce38e9e36 mt76: mt7921: introduce ACPI SAR support
8c27300b4271 mt76: mt7921: introduce ACPI SAR config in tx power
54b6504a3ef8 mt76: mt7915: add more ethtool stats
cdd66d642977 mt76: add DBDC rxq handlings into mac_reset_work
b284684f5cba mt76: mt7921: add PATCH_FINISH_REQ cmd response handling
f8b9be4287cc mt76: mt7921s: fix firmware download random fail
28b19d2cc53f mt76: mt7915: add missing bh-disable around tx napi enable/schedule
1d8af168e86f mt76: mt7615: add missing bh-disable around rx napi enable/schedule
4554ee652caf mt76: mt7921: fix warning Using plain integer as NULL pointer
a3f1d6ccf3ca mt76: mt7921: add missing bh-disable around rx napi schedule
9aeca2a5ce47 mt76: mt7921: get rid of mt7921_mcu_exit
fee8a5911c76 mt76: connac: move shared fw structures in connac module
db4d784ae7ba mt76: mt7921: move fw toggle in mt7921_load_firmware
16ab6bf49556 mt76: connac: move mt76_connac2_load_ram in connac module
29fd748801c6 mt76: connac: move mt76_connac2_load_patch in connac module
051c68d18214 mt76: mt7663: rely on mt76_connac2_fw_trailer
d6ae3505ac6c mt76: enable the VHT extended NSS BW feature
488a5ccc9762 mt76: mt7921: rely on mt76_dev in mt7921_mac_write_txwi signature
934029bb93e2 mt76: mt7915: rely on mt76_dev in mt7915_mac_write_txwi signature
ecefae4c7d72 mt76: connac: move mac connac2 defs in mt76_connac2_mac.h
b5eecc841df8 mt76: connac: move connac2_mac_write_txwi in mt76_connac module
012e619a07b9 mt76: connac: move mt76_connac2_mac_add_txs_skb in connac module
1b492be795ea mt76: mt7921: not support beacon offload disable command
f1f46d3b4b19 mt76: mt7921: fix command timeout in AP stop period
cae61112ef1d mt76: connac: move HE radiotap parsing in connac module
487674062643 mt76: connac: move mt76_connac2_reverse_frag0_hdr_trans in mt76-connac module
649bdc4983c4 mt76: connac: move mt76_connac2_mac_fill_rx_rate in connac module
cb75aaa39252 mt76: mt7921s: remove unnecessary goto in mt7921s_mcu_drv_pmctrl
e0eaf66eaebb mt76: mt7615: do not update pm stats in case of error
f8d125b4ea30 mt76: mt7921: do not update pm states in case of error
6329a834907e mt76: mt7921s: fix possible sdio deadlock in command fail
8a04f1b04662 mt76: mt7921: fix aggregation subframes setting to HE max
e52283439094 mt76: mt7915: disable UL MU-MIMO for mt7915
fd3958970e3d mt76: mt7921: enlarge maximum VHT MPDU length to 11454
18df38fe77f7 mt76: mt7915: get rid of unnecessary new line in mt7915_mac_write_txwi
149e95f5d7a6 mt76: connac: move mt76_connac_fw_txp in common module
899d192e8a79 mt76: move mt7615_txp_ptr in mt76_connac module
7184f0a6f6a5 mt76: connac: move mt76_connac_tx_free in shared code
c42d45278fa5 mt76: connac: move mt76_connac_tx_complete_skb in shared code
0993f4ef96f8 mt76: connac: move mt76_connac_write_hw_txp in shared code
467960fab791 mt76: connac: move mt7615_txp_skb_unmap in common code
2e758064b085 mt76: mt7915: rely on mt76_connac_tx_free
2065a7901671 mt76: move mcu_txd/mcu_rxd structures in shared code
576c1b7c472b mt76: move mt76_connac2_mcu_fill_message in mt76_connac module
7275f7758090 mt76: mt7915: fix incorrect testmode ipg on band 1 caused by wmm_idx
1696f9eb8b40 mt76: mt7915: do not copy ieee80211_ops pointer in mt7915_mmio_probe
a4db5869d660 mt76: mt7915: update mpdu density in 6g capability
500c18014d95 mt76: mt7915: add sta_rec with EXTRA_INFO_NEW for the first time only
3ef66fc7c714 mt76: do not check the ccmp pn for ONLY_MONITOR frame
dd682eead016 mt76: mt7915: update the maximum size of beacon offload
4fb991f2c997 mt76: mt7615: add sta_rec with EXTRA_INFO_NEW for the first time only
ba39ed3b44f1 mt76: mt76x02: improve reliability of the beacon hang check
fd8211cf7c59 mt76: mt7921: sync with updated patch
f2edd340ddb4 mt76: allow receiving frames with invalid CCMP PN via monitor interfaces
b6e865e2cc70 mt76: mt7615: fix throughput regression on DFS channels
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 29ed58c8be)
The Netgear GS3xx devices do not properly initialise the port LEDs during
startup unless the boot command in U-Boot is changed. Making the U-Boot
env partition writable allows this modification to be done from within
OpenWrt by calling "fw_setenv bootcmd rtk network on\; boota".
Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit d9e12c21fa)
Make the u-boot environment partition for the NETGEAR
GS108T v3 and GS110TPP writable (they share a DTS), so
the values can be manipulated from userspace.
See https://forum.openwrt.org/t/57875/1567 for a real
world example.
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
(cherry picked from commit 9c381d3386)
Downstream projects might re-generate device-specific configuration
based on OpenWrt's defaults on each upgrade, thus being unaffected by
forward- as well as backwards-breaking configuration.
Add a new sysupgrade parameter, which allows sysupgrades between minor
compat-versions. Upgrades will still fail upon mismatching major compat
versions.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 34437af888)
The Netgear GS108Tv3 is already supported by OpenWrt, but is missing LED
support. After OpenWrt installation, all LEDs are off which makes the
installation quite confusing.
This enables support for the green/amber power LED to give feedback
about the current status.
This is basically just a verbatim copy of commit c4927747d2 ("realtek:
add support for power LED on Netgear GS308Tv1").
Please note that both LEDs are wired up in an anti-parallel fashion,
which means that only one of both LEDs/colors can be switched on at the
same time. If both LEDs/colors are switched on simultanously, the LED
goes dark.
Tested-by: Pascal Ernster <git@hardfalcon.net>
Signed-off-by: Pascal Ernster <git@hardfalcon.net>
[add title to commit reference]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit adbdfc9366)
The Netgear GS308Tv1 is already supported by OpenWrt, but is missing LED
support. After OpenWrt installation, all LEDs are off which makes the
installation quite confusing.
This enables support for the green/amber power LED to give feedback
about the current status.
Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit c4927747d2)
This reverts commit 33df033b73.
It was reported this commit breaks 802.11s mesh connections, failing
link establishment.
Reported-by: Andreas Ziegler <dev@andreas-ziegler.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
Both buttons on the RT-AC57U are active-low. Fix the GPIO flag for the
WPS cutton to fix button behavior.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 535b0c70b1)
All Freescale processors used in this target are capable to detect error
and correction. [1] It can not be used as kernel module. [2] This is
helpful to report hardware errors.
It enables three kernel options:
- EDAC, which is a subsystem
- EDAC_LEGACY_SYSFS, it enables sysfq nodes
- MP85XX, support for Freescale MPC8349, MPC8560, MPC8540, MPC8548, T4240
EDAC is already enabled for following targets:
qoriq, octeon, octeontx and zynq.
[1] https://cateee.net/lkddb/web-lkddb/EDAC.html
[2] https://patchwork.ozlabs.org/patch/554908/
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit bfc73f42df)
We don't need to make sure that we want to have enabled
CONFIG_CMD_SETEXPR by default, since this is already done in U-boot [1].
This was actually needed only for clearfog board [2], which was added in
commit: da0005a6d08ae33d958a6d8a6c0c12dc07b5b2b8 ("uboot-mvebu: add
patch to enable setexpr for clearfog boards) and send to U-boot to fix
it properly. After a while, there was added support for Turris Omnia,
which uses setexpr as well [3], but for this board, there are no fixes
needed in U-boot and that's why we can remove this option here.
It is helpful with shell scripting. If some downstream distributions are
using it, they should correct it in defconfig for related boards.
[1] e95afa5675/cmd/Kconfig (L1504)
[2] 852126680e/target/linux/mvebu/image/clearfog.bootscript (L7)
[3] 852126680e/target/linux/mvebu/image/turris-omnia.bootscript (L2)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 69cef74c67)
Needed by strongSwan IPsec VPN for strongswan-mod-chapoly. Not to be confused with
kmod-crypto-LIB-chacha20poly1305, which is an 8-byte nonce version used
by wireguard.
Signed-off-by: Xu Wang <xwang1498@gmx.com>
(cherry picked from commit 197b672c40)
This enables armv8 crypto extensions version of AES, GHASH, SHA1, and
CRC T10 algorithms in the kernel.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 9be35180f4)
This enables armv8 crypto extensions version of AES, GHASH, and CRC T10
algorithms in the kernel.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit b1346d35e4)
Adds the crypto extensions version of the CRC T10 algorithm that is
already built into the kernel.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 1b94e4aab8)
This enables armv8 crypto extensions version of AES, GHASH, SHA1,
SHA256, and SHA512 algorithms in the kernel.
The choice of algorithms match the 32-bit versions that are enabled in
the target config-5.10 file, but were only used by the cortexa9
subtarget.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 06bb5ac1f2)
This is result of a plain make kernel_oldconfig CONFIG_TARGET=subtarget.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 39b6af1147)
This enables armv8 crypto extensions version of AES, GHASH, SHA1,
SHA256, and SHA512 algorithms in the kernel.
The choice of algorithms match the 32-bit versions that are enabled in
the target config-5.10 file, but were only used by the cortexa9
subtarget.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit f5167e11bf)
This is result of a plain make kernel_oldconfig CONFIG_TARGET=subtarget.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit a4c6384d93)
This enables armv8 crypto extensions version of AES, GHASH, SHA256 and
CRC T10 algorithms in the kernel.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit eb33232420)
This enables armv8 crypto extensions version of AES and GHASH algorithms
in the kernel.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit b2cb87bc98)
This enables arm64/neon version of AES, SHA256 and SHA512 algorithms in
the kernel. bcm2711 does not support armv8 crypto extensions, so they
are not included.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7b6beb7489)
This enables arm64/neon version of AES, SHA256 and SHA512 algorithms in
the kernel. bcm2710 does not support armv8 crypto extensions, so they
are not included.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 38ebb210a9)
v "The device is supported, but the config is incompatible to the new image ($devicecompat->$imagecompat). Please upgrade without keeping config (sysupgrade -n)."
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
