openwrt/staging/jow.git
2 years agoramips: fix TP-Link RE200 v3/v4 LEDs
Sungbo Eo [Sun, 20 Feb 2022 01:20:35 +0000 (10:20 +0900)]
ramips: fix TP-Link RE200 v3/v4 LEDs

Set power LED to gpio 43 instead of 44 for v3 and v4.
Set red wifi LED to gpio 40 (was assigned to `red:wifi5g`).

Tested by the author of the initial v3 and v4 commit.

Reported-by: Richard Fröhning <misanthropos@gmx.de>
Tested-by: Richard Fröhning <misanthropos@gmx.de>
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
2 years agodnsmasq: remove backported CVE patch
Kevin Darbyshire-Bryant [Sun, 6 Nov 2022 20:38:23 +0000 (20:38 +0000)]
dnsmasq: remove backported CVE patch

Patch no longer applies/required since bump to v2.87

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2 years agodnsmasq: Support nftables nftsets
Kevin Darbyshire-Bryant [Mon, 29 Nov 2021 17:16:39 +0000 (17:16 +0000)]
dnsmasq: Support nftables nftsets

Add build option for nftables sets. By default disable iptables ipset
support.  By default enable nftable nftset support since this is what
fw4 uses.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
dnsmasq: nftset: serve from ipset config

Use existing ipset configs as source for nftsets to be compatible with
existing configs. As the OS can either have iptables XOR nftables
support, it's fine to provide both to dnsmasq. dnsmasq will silently
fail for the present one. Depending on the dnsmasq compile time options,
the ipsets or nftsets option will not be added to the dnsmasq config
file.

dnsmasq will try to add the IP addresses to all sets, regardless of the
IP version defined for the set. Adding an IPv6 to an IPv4 set and vice
versa will silently fail.

Signed-off-by: Mathias Kresin <dev@kresin.me>
dnsmasq: support populating nftsets in addition to ipsets

Tell dnsmasq to populate nftsets instead of ipsets, if firewall4 is present in
the system. Keep the same configuration syntax in /etc/config/dhcp, for
compatibility purposes.

Huge thanks to Jo-Philipp Wich for basically writing the function.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
dnsmasq: obtain nftset ip family from nft

Unfortunately dnsmasq nft is noisy if an attempt to add a mismatched ip address
family to an nft set is made.

Heuristic to guess which ip family a nft set might belong by inferring
from the set name.

In order of preference:

If setname ends with standalone '4' or '6' use that, else
if setname has '4' or '6' delimited by '-' or '_' use that (eg
foo-4-bar) else
If setname begins with '4' or '6' standalone use that.

By standalone I mean not as part of a larger number eg. 24

If the above fails then use the existing nft set query mechanism and if
that fails, well you're stuffed!

With-thanks-to: Jo-Philipp Wich <jo@mein.io> who improved my regexp
knowledge.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
dnsmasq: specify firewall table for nftset

Permit ipsets to specify an nftables table for the set.  New config
parameter is 'table'.  If not specified the default of 'fw4' is used.

config ipset
list name 'BK_4,BK_6'
option table 'dscpclassify'
option table_family 'ip'
option family '4'
list domain 'ms-acdc.office.com'
list domain 'windowsupdate.com'
list domain 'update.microsoft.com'
list domain 'graph.microsoft.com'
list domain '1drv.ms'
list domain '1drv.com'

The table family can also be specified, usually 'ip' or 'ip6' else the
default 'inet' capable of both ipv4 & ipv6 is used.

If the table family is not specified then finally a family option is
available to specify either '4' or '6' for ipv4 or ipv6 respectively.

This is all in addition to the existing heuristic that will look in the
nftset name for an ip family clue, or in total desperation, query the
value from the nftset itself.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2 years agodnsmasq: add uci-defaults script for ipset migration
Mathias Kresin [Wed, 4 May 2022 19:50:41 +0000 (21:50 +0200)]
dnsmasq: add uci-defaults script for ipset migration

When running sysupgrade from an existing configuration, move existing
ipset definitions to a dedicated config section. Later on, it will allow
to serve ipset as well as nftable sets from the same configuration.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2 years agodnsmasq: bump to 2.87
Kevin Darbyshire-Bryant [Wed, 15 Sep 2021 20:15:33 +0000 (21:15 +0100)]
dnsmasq: bump to 2.87

Bump dnsmasq to 2.87 & refresh patches

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2 years agosdk: use git-src-full to allow Git versioning
Kuan-Yi Li [Fri, 4 Nov 2022 16:16:36 +0000 (00:16 +0800)]
sdk: use git-src-full to allow Git versioning

$(AUTORELEASE) uses Git log to determine releases and package timestamps.

Base feed is shallow cloned by default in generated SDK, resulting in
an incomplete Git log and therefore different local package versions than
offered upstream.

This patch complements commit 7fae1e5677 by setting the base feed to use
`src-git-full` to solve that.

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2 years agoath79: expand rootfs for DIR-825-B1 with unused space
Alan Luck [Fri, 14 Oct 2022 06:26:27 +0000 (17:26 +1100)]
ath79: expand rootfs for DIR-825-B1 with unused space

Expand currently unused flash space to roofs for DIR-825-B1 by using the same
flash space as the old ar71xx big image without moving the caldata.

With some testing this partition is use by the OEM firmware
but if changed is regenerated which allows reverting to OEM firmware

Signed-off-by: Alan Luck <luckyhome2008@gmail.com>
2 years agoath79: add support to TrendNet TEW-673GRU
Korey Caro [Sun, 13 Mar 2022 04:36:30 +0000 (23:36 -0500)]
ath79: add support to TrendNet TEW-673GRU

Add support for the TrendNet TEW-673GRU to ath79.
This device was supported in 19.07.9 but was deprecated with ar71xx.
This is mostly a copy of D-Link DIR-825 B1.
Updates have been completed to enable factory.bin and sysupgrade.bin both.
Code improvements to DTS file and makefile.

Architecture   |  MIPS
Vendor         |  Qualcomm Atheros
bootloader     |  U-Boot
System-On-Chip |  AR7161 rev 2 (MIPS 24Kc V7.4)
CPU/Speed      |  24Kc V7.4 680 MHz
Flash-Chip     |  Macronix MX25L6405D
Flash size     |  8192 KiB
RAM Chip:      |  ProMOS V58C2256164SCI5 × 2
RAM size       |  64 MiB
Wireless       |  2 x Atheros AR922X 2.4GHz/5.0GHz 802.11abgn
Ethernet       |  RealTek RTL8366S Gigabit w/ port based vlan support
USB            |  Yes 2 x 2.0

Initial Flashing Process:
1) Download 22.03 tew-673gru factory bin
2) Flash 22.03 using TrendNet GUI

OpenWRT Upgrade Process
3) Download 22.03 tew-673gru sysupgrade.bin
4) Flash 22.03 using OpenWRT GUI

Signed-off-by: Korey Caro <korey.caro@gmail.com>
2 years agoCI: packages.yml: Fix usage of pre-build tools
Hauke Mehrtens [Wed, 2 Nov 2022 21:17:51 +0000 (22:17 +0100)]
CI: packages.yml: Fix usage of pre-build tools

Activate CONFIG_AUTOREMOVE to match the settings used to build the
pre-build tools. This has to match the pre-build tools to not rebuild
them.

This prevents the tools being rebuild in packages.yml.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agoramips: add support for TP-Link MR600 V2(EU)
Linos Giannopoulos [Sun, 2 Oct 2022 22:30:28 +0000 (01:30 +0300)]
ramips: add support for TP-Link MR600 V2(EU)

MR600 V2(EU) is an LTE router that also supports 4G+ band aggregation
etc. and can reportedly achieve higher bandwidth with it.

- Specifications:

* SoC: Mediatek MT7621DAT 880MHz
* RAM: 128MB DDR3
* Flash: 16MB SPI NOR flash (GD25Q128C)
* LTE Modem: Qualcomm MDM9240
* WiFi 5GHz: Mediatek MT7613BEN
* WiFi 2.4GHz: Mediatek MT7603EN
* Ethernet: MT7530, 4x 1000Base-T.
* UART: Serial console (115200 8n1), J1(GND:3)
* Buttons: Reset, WPS.
* LED: Power, WAN, LTE, WiFi 2GHz and 5GHz, LAN, Signal1, Signal2,
  Signal3

- MAC Addresses:

OEM firmware configuration:
54:af:97:xx:xx:7b : 2.4G
54:af:97:xx:xx:7a : 5G
54:af:97:xx:xx:7c : LTE
54:af:97:xx:xx:7b : LAN (label)
54:af:97:xx:xx:7c : WAN

- Installation:

1. Download the OpenWrt initramfs-image.

Place it into a TFTP server root directory and rename it to openwrt.img
Configure the TFTP server to listen at 192.168.0.5/24.

3. Connect to the serial console.

Attach power and interrupt the boot procedure when prompted (type `tpl`).

Credentials are admin / 1234

4. Configure U-Boot for booting OpenWrt from ram

 $ tftpboot
 $ bootm

5. Transfer the OpenWrt sysupgrade image to the device.

- LTE:

In order to setup the wwan0 interface:
1. Add a `qmi` proto interface under `/etc/config/network`, e.g.:
```
config interface 'wwan0'
        option device '/dev/cdc-wdm0'
        option proto 'qmi'
        option pincode 'XXXX'
        option apn 'your_isp_apn'
```

2. Add `wwan0` interface to the `wan` firewall zone
3. `/etc/init.d/network restart`

Signed-off-by: Linos Giannopoulos <linosgian00@gmail.com>
2 years agoramips: add support for SIM SIMAX1800T and Haier HAR-20S2U1
Shiji Yang [Thu, 15 Sep 2022 17:10:52 +0000 (01:10 +0800)]
ramips: add support for SIM SIMAX1800T and Haier HAR-20S2U1

SIM AX18T and Haier HAR-20S2U1 Wi-Fi6 AX1800 routers are designed based
on Tenbay WR1800K. They have the same hardware circuits and u-boot.
SIM AX18T has three carrier customized models: SIMAX1800M (China Mobile),
SIMAX1800T (China Telecom) and SIMAX1800U (China Unicom). All of these
models run the same firmware.

Specifications:
 SOC:      MT7621 + MT7905 + MT7975
 ROM:      128 MiB
 RAM:      256 MiB
 LED:      status *3 R/G/B
 Button:   reset *1 + wps/mesh *1
 Ethernet:      lan *3 + wan *1 (10/100/1000Mbps)
 TTL Baudrate:  115200
 TFTP Server:   192.168.1.254
 TFTP IP:       192.168.1.28 or 192.168.1.160 (when envs is broken)

MAC Address:
 use        address               source
 label      30:xx:xx:xx:xx:62     wan
 lan        30:xx:xx:xx:xx:65     factory.0x8004
 wan        30:xx:xx:xx:xx:62     factory.0x8004 -3
 wlan2g     30:xx:xx:xx:xx:64     factory.0x0004
 wlan5g     32:xx:xx:xx:xx:64     factory.0x0004 set 7th bit

TFTP Installation (initramfs image only & recommend):
1. Set local tftp server IP: 192.168.1.254 and NetMask: 255.255.255.0
2. Rename initramfs-kernel.bin to "factory.bin" and put it in the root
   directory of the tftp server. (tftpd64 is a good choice for Windows)
3. Start the TFTP server, plug in the power supply, and wait for the
   system to boot.
4. Backup "firmware" partition and rename it to "firmware.bin", we need
   it to back to stock firmware.
5. Use "fw_printenv" command to list envs.
   If "firmware_select=2" is observed then set u-boot enviroment:
   /# fw_setenv firmware_select 1
6. Apply sysupgrade.bin in OpenWrt LuCI.

Web UI Installation:
1. Apply update by uploading initramfs-factory.bin to the web UI.
2. Use "fw_printenv" command to list envs.
   If "firmware_select=2" is observed then set u-boot enviroment:
   /# fw_setenv firmware_select 1
3. Apply squashfs-sysupgrade.bin in OpenWrt LuCI.

Recovery to stock firmware:
a. Upload "firmware.bin" to OpenWrt /tmp, then execute:
   /# mtd -r write /tmp/firmware.bin firmware
b. We can also write factory image "UploadBrush-bin.img" to firmware
   partition to recovery. Upload image file to /tmp, then execute:
   /# mtd erase firmware
   /# mtd -r write /tmp/UploadBrush-bin.img firmware

How to extract stock firmware image:
  Download stock firmware, then use openssl:
  openssl aes-256-cbc -d -salt -in [Downloaded_Firmware] \
  -out "firmware.tar.tgz" -k QiLunSmartWL

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2 years agoltq-tapi: Fix compile with kernel 5.15
Hauke Mehrtens [Tue, 1 Nov 2022 22:18:08 +0000 (23:18 +0100)]
ltq-tapi: Fix compile with kernel 5.15

Do not use find_vpid(), but get_task_pid() to get the pid from
pThrCntrl->tid. This is now a ponter to struct task_struct instead of
an integer.

This fixes the build of ltq-tapi with lantiq/xway.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agoltq-ifxos: Fix compile with ltq-tapi
Hauke Mehrtens [Tue, 1 Nov 2022 22:14:58 +0000 (23:14 +0100)]
ltq-ifxos: Fix compile with ltq-tapi

Do not include asm/irq.h directly, but include linux/interrupt.h instead.
This fixes the build of ltq-tapi with lantiq/xway.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agobusybox: awk: fix use after free (CVE-2022-30065)
Hauke Mehrtens [Tue, 1 Nov 2022 14:23:17 +0000 (15:23 +0100)]
busybox: awk: fix use after free (CVE-2022-30065)

This backports a commit which fixes a use after free bug in awk.

CVE-2022-30065 description:
A use-after-free in Busybox 1.35-x's awk applet leads to denial of
service and possibly code execution when processing a crafted awk
pattern in the copyvar function.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agodnsmasq: Backport DHCPv6 server fix (CVE-2022-0934)
Hauke Mehrtens [Tue, 1 Nov 2022 14:17:03 +0000 (15:17 +0100)]
dnsmasq: Backport DHCPv6 server fix (CVE-2022-0934)

This backports a commit from upstream dnsmasq to fix CVE-2022-0934.

CVE-2022-0934 description:
A single-byte, non-arbitrary write/use-after-free flaw was found in
dnsmasq. This flaw allows an attacker who sends a crafted packet
processed by dnsmasq, potentially causing a denial of service.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agoramips: add support for Zbtlink ZBT-WG1602-V04
Alexander Horner [Mon, 26 Sep 2022 19:17:40 +0000 (20:17 +0100)]
ramips: add support for Zbtlink ZBT-WG1602-V04

Description heavily based on commit
7e89421a7c3855d66a20350a5bf9ca4cc7a2caf9 by
Sergey Ryazanov <ryazanov.s.a@gmail.com> Details I cannot confirm have
been removed

Completed with great help from \x on IRC. Thanks, \x!

Zbtlink ZBT-WG1602-V04 is a Wi-Fi router intendend for use with WWAN
(UMTS/LTE/3G/4G) modems. The router board offers a couple of miniPCIe
slots with USB and SIM only and another one which is a pure miniPCIe
slot as well as five Gigabit Ethernet ports (4xLAN + WAN).

Specification:

* SoC: MT7621A
* RAM: 256/512 MiB
* Flash: 16/32 MiB
* Eth: 10/100/1000 Mbps Ethernet x5 ports (4xLAN + WAN)
* WLAN 2GHz: MT7603E (.11bgn, MIMO 2x2)
* WLAN 5GHz: MT7662E (.11nac, MIMO 2x2)
* WLAN Ants: detachable x2, shared by 2GHz & 5GHz radios
* miniPCIe: 2x slots with USB&SIM + 1x slot with regular PCIe bus
* WWAN Ants: detachable x4
* External storage: microSD (SDXC) slot
* USB: 3.0 Type-A port
* LED: 11 (5 per Eth phy, 3 SoC controlled, 2 WLAN 2/5 controlled,
  1 power indicator)
* Button: 1 (reset)
* UART: console (115200 baud)
* Power: DC jack (12 V / 2.5 A)

Additional HW information:

* SoC USB port 1 is shared by internal miniPCIe slot and external
  Type-A USB port, USB D+/D- lines are toggled between ports using a
  GPIO controlled DPDT switch.

Installation:

The kernel image can be installed directly onto the device via a browser
to 192.168.1.1 using the built in firmware recovery Web UI available.
It can be accessed by pushing the reset button in, applying power and
holding the reset button for approximately 10 seconds. When the kernel
image has been flashed, you can access LuCI and upload the sysupgrade
as normal.

Signed-off-by: Alexander Horner <ahorner@programmer.net>
2 years agoramips: add support for Youku X2
Shiji Yang [Sat, 5 Nov 2022 11:52:08 +0000 (19:52 +0800)]
ramips: add support for Youku X2

Specifications:
  SOC:      MT7620AN + MT7612EN
  RAM:      128 MiB DDR2
  Flash:    16 MiB (Winbond W25Q28FVFG)
  WLAN:     2.4G + 5G
  LAN:      LAN ports *2
  WAN:      WAN port *1
  USB:      USB2.0 *1
  SD Card:  MicroSD *1
  Buttons:  Reset *1
  LEDs: ethernet *3, system, usb, wlan2g, wlan5g

MAC Address:
  use        address               source
  label      54:36:9b:xx:xx:ac     lan
  lan        54:36:9b:xx:xx:ac     factory.0x0028
  wan        54:36:9b:xx:xx:ad     factory.0x002e
  wlan2g     54:36:9b:xx:xx:ae     factory.0x0004
  wlan5g     54:36:9b:xx:xx:af     factory.0x8004

Installation:
1. Apply initramfs-kernel.bin in stock firmware Web UI.
2. Install sysupgrade.bin on OpenWrt and do not retain any configuration.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2 years agoramips: improve compatibility for Youku YK-L2 and YK-L1 series
Shiji Yang [Sat, 5 Nov 2022 11:52:08 +0000 (19:52 +0800)]
ramips: improve compatibility for Youku YK-L2 and YK-L1 series

Add UIMAGE_NAME and UIMAGE_MAGIC to allow users to directly install
initramfs-kernel.bin from the stock firmware Web UI. At the same time,
this change makes it possible to boot OpenWrt with the official u-boot.

Notice:
Since the stock firmware is based on OpenWrt and the configuration
will be retained by default during the upgrade process, so we must use
initramfs-kernel.bin to do a initial installation. After the system
restarts, install sysupgrade.bin and do not retain any configuration.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2 years agouboot-layerscape: adjust LS1012A-IOT config and env
Pawel Dembicki [Mon, 24 Oct 2022 13:11:07 +0000 (15:11 +0200)]
uboot-layerscape: adjust LS1012A-IOT config and env

In a254279a6c30 LS1012A-IOT kernel image was switched to FIT.

But u-boot config is lack of FIT and ext4 support.

This patch enables it.

It also fix envs, because for some reason this board need to use "loadaddr"
variable in brackets.

Fixes: #9894
Fixes: a254279a6c30 ("layerscape: Change to combined rootfs on sd images")
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2 years agovalgrind: update to 3.20.0
Nick Hainke [Mon, 31 Oct 2022 23:36:37 +0000 (00:36 +0100)]
valgrind: update to 3.20.0

Release Notes:
https://valgrind.org/docs/manual/dist.news.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agokernel: further cleanup of xfrm[4|6]_mode*
Martin Schiller [Wed, 2 Nov 2022 06:41:04 +0000 (07:41 +0100)]
kernel: further cleanup of xfrm[4|6]_mode*

In my commit da5c45f4d886 ("kernel: remove handling of xfrm[4|6]_mode_*
modules") I missed a few default config options and description entries.
Those should be gone as well.

Fixes: da5c45f4d886 ("kernel: remove handling of xfrm[4|6]_mode_* modules")
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2 years agorealtek: fix typo in debug message
Luiz Angelo Daros de Luca [Thu, 3 Nov 2022 16:34:22 +0000 (13:34 -0300)]
realtek: fix typo in debug message

vid_end was mentioned twice.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2 years agokernel: bump 5.15 to 5.15.77
John Audia [Thu, 3 Nov 2022 16:07:30 +0000 (12:07 -0400)]
kernel: bump 5.15 to 5.15.77

Manually rebased:
   bcm27xx/patches-5.15/950-0600-xhci-quirks-add-link-TRB-quirk-for-VL805.patch
   bcm27xx/patches-5.15/950-0606-usb-xhci-add-VLI_TRB_CACHE_BUG-quirk.patch
   bcm27xx/patches-5.15/950-0717-usb-xhci-add-a-quirk-for-Superspeed-bulk-OUT-transfe.patch
   bcm53xx/patches-5.15/180-usb-xhci-add-support-for-performing-fake-doorbell.patch
   lantiq/patches-5.15/0028-NET-lantiq-various-etop-fixes.patch

All other patches automatically rebased

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agokernel: bump 5.10 to 5.10.153
John Audia [Thu, 3 Nov 2022 16:54:01 +0000 (12:54 -0400)]
kernel: bump 5.10 to 5.10.153

Manually rebased:
  bcm53xx/patches-5.10/180-usb-xhci-add-support-for-performing-fake-doorbell.patch
  lantiq/patches-5.10/0028-NET-lantiq-various-etop-fixes.patch

All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agotools/fakeroot: update to 1.30.1
Nick Hainke [Fri, 4 Nov 2022 22:34:02 +0000 (23:34 +0100)]
tools/fakeroot: update to 1.30.1

Release Notes:
https://tracker.debian.org/news/1381350/accepted-fakeroot-1301-1-source-into-unstable/

Refresh patches:
- 600-macOS.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agoopenssl: bump to 1.1.1s
John Audia [Thu, 3 Nov 2022 13:27:49 +0000 (09:27 -0400)]
openssl: bump to 1.1.1s

Changes between 1.1.1r and 1.1.1s [1 Nov 2022]

  *) Fixed a regression introduced in 1.1.1r version not refreshing the
     certificate data to be signed before signing the certificate.
     [Gibeom Gwon]

 Changes between 1.1.1q and 1.1.1r [11 Oct 2022]

  *) Fixed the linux-mips64 Configure target which was missing the
     SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
     platform.
     [Adam Joseph]

  *) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
     causing incorrect results in some cases as a result.
     [Paul Dale]

  *) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
     report correct results in some cases
     [Matt Caswell]

  *) Fixed a regression introduced in 1.1.1o for re-signing certificates with
     different key sizes
     [Todd Short]

  *) Added the loongarch64 target
     [Shi Pujin]

  *) Fixed a DRBG seed propagation thread safety issue
     [Bernd Edlinger]

  *) Fixed a memory leak in tls13_generate_secret
     [Bernd Edlinger]

  *) Fixed reported performance degradation on aarch64. Restored the
     implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
     32-bit lane assignment in CTR mode") for 64bit targets only, since it is
     reportedly 2-17% slower and the silicon errata only affects 32bit targets.
     The new algorithm is still used for 32 bit targets.
     [Bernd Edlinger]

  *) Added a missing header for memcmp that caused compilation failure on some
     platforms
     [Gregor Jasny]

Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agoelfutils: update to 1.88
Nick Hainke [Wed, 2 Nov 2022 15:18:34 +0000 (16:18 +0100)]
elfutils: update to 1.88

Release Notes:
https://sourceware.org/pipermail/elfutils-devel/2022q4/005561.html

Refresh patches:
- 003-libintl-compatibility.patch
- 100-musl-compat.patch
- 101-no-fts.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agotools/elfutils: update to 1.88
Nick Hainke [Wed, 2 Nov 2022 15:14:22 +0000 (16:14 +0100)]
tools/elfutils: update to 1.88

Release Notes:
https://sourceware.org/pipermail/elfutils-devel/2022q4/005561.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agostrace: update to 6.0
Nick Hainke [Wed, 2 Nov 2022 15:04:52 +0000 (16:04 +0100)]
strace: update to 6.0

Release Notes:
https://github.com/strace/strace/releases/tag/v6.0

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agotools/mtd-utils: update to 2.1.5
Nick Hainke [Wed, 2 Nov 2022 14:25:36 +0000 (15:25 +0100)]
tools/mtd-utils: update to 2.1.5

Release Notes:
https://lore.kernel.org/buildroot/c0992bbb-9487-9a51-ea9f-39cf074b61ec@sigma-star.at/

Refresh patches:
- 130-lzma_jffs2.patch
- 320-mkfs.jffs2-SOURCE_DATE_EPOCH.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agotools/mtools: update to 4.0.42
Nick Hainke [Wed, 2 Nov 2022 14:13:53 +0000 (15:13 +0100)]
tools/mtools: update to 4.0.42

Release Notes:
https://lists.gnu.org/archive/html/info-mtools/2022-10/msg00000.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agomediatek: replace mt7986 watchdog assert patch with upstream
Nick Hainke [Thu, 3 Nov 2022 12:48:25 +0000 (13:48 +0100)]
mediatek: replace mt7986 watchdog assert patch with upstream

Replace "920-watchdog-add-mt7986-assert.patch" with upstreamed
- 920-v5.16-watchdog-mtk-add-disable_wdt_extrst-support.patch
- 921-v5.19-watchdog-mtk_wdt-mt7986-Add-toprgu-reset-controller.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agomediatek: mt7629: add tag to upstreamed patches
Nick Hainke [Thu, 3 Nov 2022 12:00:17 +0000 (13:00 +0100)]
mediatek: mt7629: add tag to upstreamed patches

The patches were upstreamed.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agomediatek: add tag for upstreamed patches
Nick Hainke [Thu, 3 Nov 2022 10:41:44 +0000 (11:41 +0100)]
mediatek: add tag for upstreamed patches

The patches were upstreamed.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agomediatek: mt7986: add tag to upstreamed patches
Nick Hainke [Thu, 3 Nov 2022 10:18:49 +0000 (11:18 +0100)]
mediatek: mt7986: add tag to upstreamed patches

The patch "210-pinctrl-mediatek-add-support-for-MT7986-SoC.patch" and
"212-clk-mediatek-add-mt7986-clock-support.patch" are upstreamed.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agomediatek: mt7622: add tag to upstreamed patches
Nick Hainke [Thu, 3 Nov 2022 10:02:02 +0000 (11:02 +0100)]
mediatek: mt7622: add tag to upstreamed patches

The patches "191-arm64-dts-mt7622-specify-the-L2-cache-topology.patch"
and "192-arm64-dts-mt7622-specify-the-number-of-DMA-requests.patch" are
upstreamed to 5.19.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agomediatek: filogic: disable swconfig
Aleksander Jan Bajkowski [Sat, 22 Oct 2022 14:16:14 +0000 (16:16 +0200)]
mediatek: filogic: disable swconfig

This subtarget supports 3 devices:
 * Bananapi BPi-R3 (added in a96382c1bb204698cd43e82193877c10e4b63027),
 * MediaTek MTK7986 rfba AP (added in cffc77ae55ed0e5b9e70417d6a1e1d280cea92cf),
 * MediaTek MTK7986 rfbb AP (added in cffc77ae55ed0e5b9e70417d6a1e1d280cea92cf).

This subtarget supports DSA from the beginning. It looks like CONFIG_SWCONFIG
was copied from another config when the subtarget was created.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2 years agomediatek: filogic: refresh config
Aleksander Jan Bajkowski [Sat, 22 Oct 2022 14:13:32 +0000 (16:13 +0200)]
mediatek: filogic: refresh config

This was done by executing these command:
$ time make kernel_oldconfig CONFIG_TARGET=subtarget

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2 years agouhttpd: use procd to reload on acme renew
Glen Huang [Mon, 24 Oct 2022 15:39:55 +0000 (23:39 +0800)]
uhttpd: use procd to reload on acme renew

Calling /etc/init.d/uhttpd reload directly in the acme hotplug script
can inadvertently start a stopped instance.

Signed-off-by: Glen Huang <i@glenhuang.com>
2 years agobcm4908: backport upstream BQL support for bcm4908_enet
Rafał Miłecki [Thu, 3 Nov 2022 06:37:42 +0000 (07:37 +0100)]
bcm4908: backport upstream BQL support for bcm4908_enet

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agokernel: Refresh generic patches
Hauke Mehrtens [Wed, 2 Nov 2022 23:20:30 +0000 (00:20 +0100)]
kernel: Refresh generic patches

This patch was out of sync.

Fixes: 1673b7dca384 ("kernel: backport fixes for MediaTek Ethernet driver")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agokernel: sort filesystems symbols alphabetically
Rafał Miłecki [Wed, 2 Nov 2022 19:09:04 +0000 (20:09 +0100)]
kernel: sort filesystems symbols alphabetically

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agokernel: backport fixes for MediaTek Ethernet driver
Daniel Golle [Wed, 2 Nov 2022 12:41:40 +0000 (12:41 +0000)]
kernel: backport fixes for MediaTek Ethernet driver

Backport patches from net-next which fix possible memory and resource
leaks in the error codepaths of WED initialization.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agokernel: support hw flow-offloading counters on newer MediaTek SoCs
Daniel Golle [Wed, 2 Nov 2022 11:24:56 +0000 (11:24 +0000)]
kernel: support hw flow-offloading counters on newer MediaTek SoCs

The packet processing engine (PPE) found in newer ARM-based MediaTek
SoCs provides packet and byte counters for offloaded streams.
Import pending patch reading and using those counters.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agomediatek: remove obsolete patch
Daniel Golle [Wed, 2 Nov 2022 11:27:47 +0000 (11:27 +0000)]
mediatek: remove obsolete patch

The patch enabling hardware flow offloading support on the MT7623 SoC
has been merged upstream as of Linux 5.13. Remove our local patch which
wrongly got forward-ported and now actually enables hardware flow
offloading for the MT2701 SoC family (unsupported in OpenWrt).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agofirewall: config: drop input traffic by default
Baptiste Jonglez [Wed, 19 Oct 2022 14:49:03 +0000 (16:49 +0200)]
firewall: config: drop input traffic by default

This is necessary with firewall4 to avoid a hard-to-diagnose race
condition during boot, causing DNAT rules not to be taken into account
correctly.

The root cause is that, during boot, the ruleset is mostly empty, and
interface-related rules (including DNAT rules) are added incrementally.
If a packet hits the input chain before the DNAT rules are setup, it can
create buggy conntrack entries that will persist indefinitely.

This new default should be safe because firewall4 explicitly accepts
authorized traffic and rejects the rest.  Thus, in normal operations, the
default policy is not used.

Fixes: #10749
Ref: https://github.com/openwrt/openwrt/issues/10749
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
2 years agolibnl-tiny: update to the latest version
Hauke Mehrtens [Tue, 1 Nov 2022 17:03:33 +0000 (18:03 +0100)]
libnl-tiny: update to the latest version

db3b2cd libnl-tiny: set SOCK_CLOEXEC if available

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agoiwinfo: update to the latest version
Hauke Mehrtens [Tue, 1 Nov 2022 17:00:54 +0000 (18:00 +0100)]
iwinfo: update to the latest version

00aab87 Correctly identify key management algorithms starting with "FT-"

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agouboot-envtools: Fix format of autogenerated sectors
Sven Eckelmann [Thu, 29 Sep 2022 10:10:32 +0000 (12:10 +0200)]
uboot-envtools: Fix format of autogenerated sectors

The sector number must be stored in hex. Otherwise, the number (like 16)
will be parsed as hex and any write to the partition will end up with an
error like:

  MTD erase error on /dev/mtd5: Invalid argument

Fixes: 9adfeccd8415 ("uboot-envtools: Add support for IPQ806x AP148 and DB149")
Fixes: 54b275c8ed3a ("ipq40xx: add target")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@fungible.com>
2 years agokernel: Add kmod-drm-ttm-helper
Hauke Mehrtens [Tue, 1 Nov 2022 13:47:14 +0000 (14:47 +0100)]
kernel: Add kmod-drm-ttm-helper

Add a package for drm_ttm_helper.ko. CONFIG_DRM_TTM_HELPER is compiled
into the kernel on armvirt/64, x86/64, x86/generic and x86/legacy
because also some DRM drivers are compiled into the kernel. On x86/geode
it is not compiled into the kernel, but kmod-drm-amdgpu and
kmod-drm-radeon depend on it.

This fixes the x86/geode build.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agorealtek: mark clock source as continuous
Sander Vanheule [Mon, 31 Oct 2022 09:11:04 +0000 (10:11 +0100)]
realtek: mark clock source as continuous

After replacing the R4K event timer and clock source with the new
Realtek Otto timer, performance for RTL839x devices was severely
impacted, as reported by Hiroshi.

Research by Markus showed that after commit 4657a5301eb5 ("realtek:
avoid busy waiting for RTL839x PHY read/write"), the ethernet driver
could only update a phy once per timer interval, which also heavily
impacted boot time. On e.g. a Zyxel GS1900-48, this added around a
minute to the time to fully initialise the switch.

By marking the otto clocksource as continuous, the kernel enables it to
be used for high resolution timers. This allows readx_poll_timeout() to
sleep for less than one system timer interval, reducing system dead
time.

Link: https://github.com/openwrt/openwrt/issues/11117
Reported-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Cc: Markus Stockhausen <markus.stockhausen@gmx.de>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Tested-by: INAGAKI Hiroshi <musashino.open@gmail.com> # Panasonic Switch-M48eG PN28480K
Tested-by: Jan Hoffmann <jan@3e8.eu> # HPE 1920-8G, HPE 1920-48G
2 years agotarget/realtek: use netif_receive_skb_list
Rosen Penev [Sun, 30 Oct 2022 19:25:19 +0000 (12:25 -0700)]
target/realtek: use netif_receive_skb_list

Small performance improvement on rx.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agomediatek: consider adc_oe thermal calibration value in efuse
Daniel Golle [Mon, 31 Oct 2022 19:50:40 +0000 (19:50 +0000)]
mediatek: consider adc_oe thermal calibration value in efuse

The use of the adc_oe value stored in the efuse has been dropped in
MediaTek's SDK during a recent refactorization of the temperature
calculation formula. Don't ignore this offset value and again include
it in raw-to-deg-celsius calculation.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agoramips: add support for YunCore FAP690
Volodymyr Puiul [Wed, 22 Jun 2022 12:41:36 +0000 (16:41 +0400)]
ramips: add support for YunCore FAP690

It is an in-wall 802.11ax (Wi-Fi 6) router, based on MediaTek MT7621A.

Specifications:
- SoC: MT7621AT (880MHz, 2 Cores)
- RAM: 128 MB
- Flash: 16 MB SPI NOR
- Wi-Fi:
    - MT7915DN + MT7905DAN: 2.4/5 GHz
- Ethernet: 1x 1GiE via MT7530
- UART: J4 (115200 baud)
    - Pinout: [3V3] (TXD) (RXD) (GND)

- Bootloader: U-Boot
- Buttons:
    - SW1 - no label on the box, combined with led
- Led: Status. RGB controlled by
    - GPIO 14 - green color
    - GPIO 15 - red color
    - GPIO 16 - blue color

Installation:
OEM firmware is based on LEDE with custom UI and support standard sysupgrade
variant of firmware. However it requires "*.ubin" extension for sysupgrade file.
Always select "Factory reset" switch on upgrade to OpenWRT, otherwise
it will not boot.

MAC addresses as verified by OEM firmware:
vendor   source
LAN      factory 0x4 (label)
5g       factory 0x4 (label)
2g       label with flipped bits bit in 1-st byte and bits 5, 6, 7 in
4-th byte

Example
label:  44:xx:xx:b7:xx:xx
lan:    44:xx:xx:b7:xx:xx
2g      46:xx:xx:c7:xx:xx
5g      44:xx:xx:b7:xx:xx

Signed-off-by: Volodymyr Puiul <volodymyr.puiul@gmail.com>
2 years agotools/ccache: update to 4.7.2
Raihaan Shouhell [Mon, 31 Oct 2022 03:16:57 +0000 (11:16 +0800)]
tools/ccache: update to 4.7.2

Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_7_2

Signed-off-by: Raihaan Shouhell <raihaanhimself@gmail.com>
2 years agotools/ccache: update to 4.7.1
Raihaan Shouhell [Sun, 23 Oct 2022 17:01:25 +0000 (01:01 +0800)]
tools/ccache: update to 4.7.1

Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_7_1

Signed-off-by: Raihaan Shouhell <raihaanhimself@gmail.com>
2 years agotools/ccache: update to 4.7
Raihaan Shouhell [Sat, 22 Oct 2022 13:10:34 +0000 (21:10 +0800)]
tools/ccache: update to 4.7

Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_7

Signed-off-by: Raihaan Shouhell <raihaanhimself@gmail.com>
2 years agokernel: remove handling of xfrm[4|6]_mode_* modules
Martin Schiller [Wed, 19 Oct 2022 09:21:58 +0000 (11:21 +0200)]
kernel: remove handling of xfrm[4|6]_mode_* modules

For kernel versions before 5.2, the required IPsec modes have to be
enabled explicitly (they are built-in for newer kernels).

Commit 1556ed155a9a ("kernel: mode_beet mode_transport mode_tunnel xfram
modules") tried to handle this, but it does not really work.

Since we don't support these kernel versions anymore and the code is
also broken, let's remove it.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
[Remove old generic config options too]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agoexpat: update to 2.5.0
Nick Hainke [Wed, 26 Oct 2022 08:43:19 +0000 (10:43 +0200)]
expat: update to 2.5.0

Fixes CVE-2022-43680.

Changes:
https://github.com/libexpat/libexpat/blob/R_2_5_0/expat/Changes

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agoodhcpd: update to git HEAD
Hans Dedecker [Mon, 31 Oct 2022 16:53:50 +0000 (17:53 +0100)]
odhcpd: update to git HEAD

a92c0a7 dhcpv6-ia: make tmp lease file hidden
4a673e1 fix null pointer dereference for INFORM messages
860ca90 odhcpd: Support for Option NTP and SNTP

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2 years agoCI: packages: Add github CI job to build all packages
Hauke Mehrtens [Sun, 7 Aug 2022 16:46:11 +0000 (18:46 +0200)]
CI: packages: Add github CI job to build all packages

This will build OpenWrt for MIPS malta BE and x86 64 Bit with all
packages and kernel modules activated. It is triggered when something
changes in the build system or when a package definition is changed.
This task probably needs 90 minutes to execute, but I hope that it
will find build problems in pull requests early.

This intentionally does not activate the feeds, because building them
too would take too long. We only build x86/64 and malta/be to save
resources.

I would like to detect build problems when a package is changed. We
often had build breaks when a package version was increased sometime
even in other packages which used it as a dependency.

This is based on the .github/workflows/packages.yml workflow.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agobpf: check llvm version only when used
Hauke Mehrtens [Wed, 26 Oct 2022 21:05:31 +0000 (23:05 +0200)]
bpf: check llvm version only when used

unetd always includes $(INCLUDE_DIR)/bpf.mk. This file always checks if
the LLVM version is supported in CLANG_VER_VALID. unetd only needs bpf
when UNETD_VXLAN_SUPPORT is set. It fails when UNETD_VXLAN_SUPPORT is
not set and llvm is not installed.

Fix it by only checking the LLVM version when a LLVM toolchain is
available.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agoat91: Remove CONFIG_PINCTRL_MCP23S08 configuration option
Hauke Mehrtens [Sun, 30 Oct 2022 22:37:53 +0000 (23:37 +0100)]
at91: Remove CONFIG_PINCTRL_MCP23S08 configuration option

The CONFIG_PINCTRL_MCP23S08 configuration option is already unset in the
generic kernel configuration.

Fixes: f938512af639 ("target/at91: replace gpio-mcp23s08 with pinctrl-mcp23s08-spi update config")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agoRevert "at91:"
Hauke Mehrtens [Sun, 30 Oct 2022 23:43:40 +0000 (00:43 +0100)]
Revert "at91:"

This reverts commit 7cc6ffa1b903524fe478804fd215bb858ae8c9b7.

This should have been folded in an other commit.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agoat91:
Hauke Mehrtens [Sun, 30 Oct 2022 22:37:53 +0000 (23:37 +0100)]
at91:

[CONFIG_PINCTRL_MCP23S08 is already unset in generic config]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agoramips: add support for YunCore FAP640
Volodymyr Puiul [Wed, 19 Oct 2022 20:05:16 +0000 (00:05 +0400)]
ramips: add support for YunCore FAP640

It is an in-wall 802.11ax (Wi-Fi 6) router, based on MediaTek MT7621A.

Specifications:
- SoC: MT7621AT (880MHz, 2 Cores)
- RAM: 128 MB
- Flash: 16 MB SPI
- Wi-Fi:
    - MT7915DN + MT7905DAN: 2.4/5 GHz
- Ethernet: 5x1GiE via MT7530, 1xWAN with POE and 4xLAN
- UART: J4 (115200 baud)
    - Pinout: [3V3] (TXD) (RXD) (GND)
- Power: 802.11af/at PoE;

- Bootloader: U-Boot
- Buttons:
    - Reset
- LEDs:
    - Status - RGB controlled by
      - GPIO 14 LOW - green color
      - GPIO 15 LOW- red color
      - GPIO 16 LOW - blue color
    - WAN - gren color, controlled by switch GPIO 12 LOW
    - LAN1 - gren color, controlled by switch GPIO 9 HIGH
    - LAN2 - gren color, controlled by switch GPIO 6 LOW
    - LAN3 - gren color, controlled by switch GPIO 3 LOW
    - LAN4 - gren color, controlled by switch GPIO 0 LOW

Installation:
OEM firmware is based on LEDE with custom UI and support standard sysupgrade
variant of firmware. However it requires "*.ubin" extension for sysupgrade file.
Always select "Factory reset" switch on upgrade to OpenWRT, otherwise
router will not boot.

MAC addresses with OEM firmware:
vendor   source
lan      factory 0x4 (label)
5g       factory 0x4 (label)
2g       label with flipped bits bit in 1-st byte and bits 5, 6, 7 in
  4-th byte

Example
label:  44:xx:xx:b7:xx:xx
lan:    44:xx:xx:b7:xx:xx
2g      46:xx:xx:c7:xx:xx
5g      44:xx:xx:b7:xx:xx

Signed-off-by: Volodymyr Puiul <volodymyr.puiul@gmail.com>
2 years agoipq40xx: add support for MikroTik hAP ac3 LTE6 kit
Csaba Sipos [Mon, 3 Oct 2022 17:13:22 +0000 (19:13 +0200)]
ipq40xx: add support for MikroTik hAP ac3 LTE6 kit

This adds support for the MikroTik RouterBOARD RBD53GR-5HacD2HnD
(hAP ac³ LTE6 kit), an  indoor dual band, dual-radio 802.11ac
wireless AP with built-in Mini PCI-E LTE modem, one USB port, five
10/100/1000 Mbps Ethernet ports.

See https://mikrotik.com/product/hap_ac3_lte6_kit for more info.

Specifications:
 - SoC: Qualcomm Atheros IPQ4019
 - RAM: 256 MB
 - Storage: 16 MB NOR
 - Wireless:
   · Built-in IPQ4019 (SoC) 802.11b/g/n 2x2:2, 3 dBi internal antennae
   · Built-in IPQ4019 (SoC) 802.11a/n/ac 2x2:2, 5.5 dBi internal antennae
 - Ethernet: Built-in IPQ4019 (SoC, QCA8075) , 5x 1000/100/10 port
 - 1x USB Type A port
 - 1x Mini PCI-E port (supporting USB)
 - 1x Mini PCI-E LTE modem (MikroTik R11e-LTE6, Cat.6)

Installation:

Make sure your unit is runnning RouterOS v6 and RouterBOOT v6 (tested on 6.49.6).

0. Export your MikroTik license key (in case you want to use the device with RouterOS later)
1. Boot the initramfs image via TFTP
2. Upload the "openwrt-ipq40xx-mikrotik-mikrotik_hap-ac3-lte6-kit-squashfs-sysupgrade.bin" via SCP to the /tmp folder
3. Use sysupgrade to flash the image: sysupgrade -n /tmp/openwrt-ipq40xx-mikrotik-mikrotik_hap-ac3-lte6-kit-squashfs-sysupgrade.bin
4. Recovery to factory software is possible via Netinstall:
   https://help.mikrotik.com/docs/display/ROS/Netinstall

Signed-off-by: Csaba Sipos <metro4@freemail.hu>
2 years agotarget/mxs: replace gpio-mcp23s08 with pinctrl-mcp23s08
Florian Eckert [Wed, 26 Jan 2022 15:12:12 +0000 (16:12 +0100)]
target/mxs: replace gpio-mcp23s08 with pinctrl-mcp23s08

The dependency on the kernel module gpio-mcp23s08 is replaced by
pinctrl-mcp23s08-spi and pinctrl-mcp23s08-i2c, as the gpio-mpc23s08 kernel
module no longer exists.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agokernel: remove CONFIG_GPIO_MCP23S08 from default kernel configs
Florian Eckert [Wed, 26 Jan 2022 15:11:09 +0000 (16:11 +0100)]
kernel: remove CONFIG_GPIO_MCP23S08 from default kernel configs

The kernel config option 'CONFIG_GPIO_MCP23S08' no longer exists.
Therefore, it is removed from the generic kernel configuration for
linux-5.10 and linux-5.15.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agotarget/at91: replace gpio-mcp23s08 with pinctrl-mcp23s08-spi update config
Florian Eckert [Wed, 26 Jan 2022 15:04:54 +0000 (16:04 +0100)]
target/at91: replace gpio-mcp23s08 with pinctrl-mcp23s08-spi update config

Adapt the device package to no longer use the gpio-mcp23s08 but instead
use the pinctrl-mcp23s08-spi. In addition, the kernel configuration was
adapted so that this can be built as a module and does not have to be
integrated directly into the kernel for this target.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agokernel: replace gpio-mcp23s08 with pinctrl-mcp23s08*
Florian Eckert [Wed, 26 Jan 2022 14:29:18 +0000 (15:29 +0100)]
kernel: replace gpio-mcp23s08 with pinctrl-mcp23s08*

The kernel module gpio-mcp23s08 has been replaced by the new
pinctrl-mcp23s08* kernel modules.

There are now 3 kernel modules for this device
- Common module for both I2C and SPI kmod-pinctrl-mcp23s08
- Module for I2C kmod-pinctrl-mcp23s08-i2c
- Module for SPI kmod-pinctrl-mcp23s08-spi

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agoltq-vdsl-vr9-app: extend ubus call to provide DSL statistics
Roland Barenbrug [Mon, 8 Aug 2022 21:44:10 +0000 (23:44 +0200)]
ltq-vdsl-vr9-app: extend ubus call to provide DSL statistics

Adding a new method to `ubus call dsl` to retrieve DSL statistics
used to feed the DSL charts (bit allocation, SNR, QLN and HLOG)

Signed-off-by: Roland Barenbrug <roland@treslong.com>
[fix pointer error, clean up]
Signed-off-by: Andre Heider <a.heider@gmail.com>
2 years agoltq-vdsl-vr9-app: skip invalid line status values
Roland Barenbrug [Wed, 10 Aug 2022 18:46:02 +0000 (20:46 +0200)]
ltq-vdsl-vr9-app: skip invalid line status values

DSL_G997_LineStatusData_t defines special invalid values, skip these
metrics.

Signed-off-by: Roland Barenbrug <roland@treslong.com>
[split patch]
Signed-off-by: Andre Heider <a.heider@gmail.com>
2 years agoscripts: fix missing character '0' issue in linksys image
Shiji Yang [Sat, 29 Oct 2022 14:06:24 +0000 (22:06 +0800)]
scripts: fix missing character '0' issue in linksys image

In the stock firmware of Linksys, there is a '0' after the crc checksum.
Validated on EA6350V3, EA7300 and EA7300V2's stock images.

Fixes: 892d741259 build: add a script for generating Linksys factory images
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2 years agoath79: add support for Linksys EA4500 v3
Edward Chow [Wed, 14 Sep 2022 00:15:58 +0000 (08:15 +0800)]
ath79: add support for Linksys EA4500 v3

Add support for the Linksys EA4500 v3 wireless router

Hardware
--------
SoC:    Qualcomm Atheros QCA9558
RAM:    128M DDR2 (Winbond W971GG6KB-25)
FLASH:  128M SPI-NAND (Spansion S34ML01G100TFI00)
WLAN:   QCA9558 3T3R 802.11 bgn
        QCA9580 3T3R 802.11 an
ETH:    Qualcomm Atheros QCA8337
UART:   115200 8n1, same as ea4500 v2
USB: 1 single USB 2.0 host port
BUTTON: Reset - WPS
LED:    1x system-LED
        LEDs besides the ethernet ports are controlled
        by the ethernet switch

MAC Address:
 use        address(sample 1)    source
 label      94:10:3e:xx:xx:6f   caldata@cal_macaddr
 lan        94:10:3e:xx:xx:6f   $label
 wan        94:10:3e:xx:xx:6f   $label
 WiFi4_2G   94:10:3e:xx:xx:70   caldata@cal_ath9k_soc
 WiFi4_5G   94:10:3e:xx:xx:71   caldata@cal_ath9k_pci

Installation from Serial Console
------------

1. Connect to the serial console. Power up the device and interrupt
   autoboot when prompted

2. Connect a TFTP server reachable at 192.168.1.0/24
   (e.g. 192.168.1.66) to the ethernet port. Serve the OpenWrt
   initramfs image as "openwrt.bin"

3. To test OpenWrt only, go to step 4 and never execute step 5;
   To install, auto_recovery should be disabled first, and boot_part
   should be set to 1 if its current value is not.

   ath> setenv auto_recovery no
   ath> setenv boot_part 1
   ath> saveenv

4. Boot the initramfs image using U-Boot

   ath> setenv serverip 192.168.1.66
   ath> tftpboot 0x84000000 openwrt.bin
   ath> bootm

5. Copy the OpenWrt sysupgrade image to the device using scp and
   install it like a normal upgrade (with no need to keeping config
   since no config from "previous OpenWRT installation" could be kept
   at all)

   # sysupgrade -n /path/to/openwrt/sysupgrade.bin

Note: Like many other routers produced by Linksys, it has a dual
      firmware flash layout, but because I do not know how to handle
      it, I decide to disable it for more usable space. (That is why
      the "auto_recovery" above should be disabled before installing
      OpenWRT.) If someone is interested in generating factory
      firmware image capable to flash from stock firmware, as well as
      restoring the dual firmware layout, commented-out layout for the
      original secondary partitions left in the device tree may be a
      useful hint.

Installation from Web Interface
------------

1. Login to the router via its web interface (default password: admin)

2. Find the firmware update interface under "Connectivity/Basic"

3. Choose the OpenWrt factory image and click "Start"

4. If the router still boots into the stock firmware, it means that
   the OpenWrt factory image has been installed to the secondary
   partitions and failed to boot (since OpenWrt on EA4500 v3 does not
   support dual boot yet), and the router switched back to the stock
   firmware on the primary partitions. You have to install a stock
   firmware (e.g. 3.1.6.172023, downloadable from
   https://www.linksys.com/support-article?articleNum=148385 ) first
   (to the secondary partitions) , and after that, install OpenWrt
   factory image (to the primary partitions). After successful
   installation of OpenWrt, auto_recovery will be automatically
   disabled and router will only boot from the primary partitions.

Signed-off-by: Edward Chow <equu@openmail.cc>
2 years agobase-files: bring back nand_do_upgrade_success
Daniel Golle [Sun, 30 Oct 2022 20:22:06 +0000 (20:22 +0000)]
base-files: bring back nand_do_upgrade_success

Several Broadcom targets were using the nand_do_upgrade_success
shell function which has been removed by commit e25e6d8e54
("base-files: fix and clean up nand sysupgrade code"). Refactor the
new nand_do_upgrade to bring back nand_do_upgrade_success with the
behavior expected by those users.

Fixes: e25e6d8e54 ("base-files: fix and clean up nand sysupgrade code")
Reported-by: Chen Minqiang <ptpt52@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agokernel: bump 5.15 to 5.15.76
John Audia [Sat, 29 Oct 2022 10:34:51 +0000 (06:34 -0400)]
kernel: bump 5.15 to 5.15.76

All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agorockchip: armv8: add CONFIG_ARM64_ERRATUM_1742098
John Audia [Sat, 29 Oct 2022 11:28:23 +0000 (07:28 -0400)]
rockchip: armv8: add CONFIG_ARM64_ERRATUM_1742098

5.15.76 introduces a new symbol that applies Cortex-A72 SoCs so enable it[1].

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/arch/arm64/Kconfig?id=v5.15.76&id2=v5.15.75

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agomvebu: cortexa72: add CONFIG_ARM64_ERRATUM_1742098
John Audia [Sat, 29 Oct 2022 11:05:34 +0000 (07:05 -0400)]
mvebu: cortexa72: add CONFIG_ARM64_ERRATUM_1742098

5.15.76 introduces a new symbol that applies Cortex-A72 SoCs so enable it[1].

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/arch/arm64/Kconfig?id=v5.15.76&id2=v5.15.75

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agokernel: add # CONFIG_ARM64_ERRATUM_1742098
John Audia [Sat, 29 Oct 2022 10:54:59 +0000 (06:54 -0400)]
kernel: add # CONFIG_ARM64_ERRATUM_1742098

Introduced with 5.15.76[1]

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/arch/arm64/Kconfig?id=v5.15.76&id2=v5.15.75

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agokernel: bump 5.15 to 5.15.75
John Audia [Wed, 26 Oct 2022 22:31:12 +0000 (18:31 -0400)]
kernel: bump 5.15 to 5.15.75

Removed upstreamed:
   bcm27xx/patches-5.15/950-0446-drm-vc4-Fix-timings-for-VEC-modes.patch[1]

Manually rebased:
   patches-5.15/950-0600-xhci-quirks-add-link-TRB-quirk-for-VL805.patch
   bcm27xx/patches-5.15/950-0606-usb-xhci-add-VLI_TRB_CACHE_BUG-quirk.patch
   bcm27xx/patches-5.15/950-0717-usb-xhci-add-a-quirk-for-Superspeed-bulk-OUT-transfe.patch
   bcm53xx/patches-5.15/180-usb-xhci-add-support-for-performing-fake-doorbell.patch

All other patches automatically rebased

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.75&id=2810061452f9b748b096ad023d318690ca519aa3

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agokernel: add # CONFIG_ARM64_ERRATUM_2441007 symbol
John Audia [Thu, 27 Oct 2022 07:47:53 +0000 (03:47 -0400)]
kernel: add # CONFIG_ARM64_ERRATUM_2441007 symbol

Introduced with 5.15.75.[1]

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/arch/arm64/Kconfig?id=v5.15.75&id2=v5.15.74

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agokernel: bump 5.10 to 5.10.152
John Audia [Sun, 30 Oct 2022 12:32:36 +0000 (08:32 -0400)]
kernel: bump 5.10 to 5.10.152

All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agolayerscape: armv8_64b: add CONFIG_ARM64_ERRATUM_1742098
John Audia [Sun, 30 Oct 2022 09:38:39 +0000 (05:38 -0400)]
layerscape: armv8_64b: add CONFIG_ARM64_ERRATUM_1742098

5.10.152 introduces a new symbol that applies Cortex-A72 SoCs so enable it[1].

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/arch/arm64/Kconfig?id=v5.10.152&id2=v5.10.151

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agokernel: bump 5.10 to 5.10.151
John Audia [Fri, 28 Oct 2022 12:03:27 +0000 (08:03 -0400)]
kernel: bump 5.10 to 5.10.151

All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agokernel: bump 5.10 to 5.10.150
John Audia [Thu, 27 Oct 2022 10:26:25 +0000 (06:26 -0400)]
kernel: bump 5.10 to 5.10.150

Manually rebased:
  bcm53xx/patches-5.10/180-usb-xhci-add-support-for-performing-fake-doorbell.patch

All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
[Move gro_skip in 680-NET-skip-GRO-for-foreign-MAC-addresses.patch to old position]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agomediatek: add Xiaomi Redmi Router AX6000 support
Chukun Pan [Sun, 18 Sep 2022 15:16:18 +0000 (23:16 +0800)]
mediatek: add Xiaomi Redmi Router AX6000 support

Hardware specification:
  SoC: MediaTek MT7986A 4x A53
  Flash: ESMT F50L1G41LB 128 MB
  RAM: K4A4G165WF-BCWE 512 MB
  Ethernet: 4x 10/100/1000 Mbps
  WiFi1: MT7976GN 2.4GHz ax 4x4
  WiFi2: MT7976AN 5GHz ax 4x4
  Button: Mesh, Reset

Flash instructions:
  1. Gain ssh and serial port access, see the link below:
     https://openwrt.org/toh/xiaomi/redmi_ax6000#installation
  2. Use ssh or serial port to log in to the router, and
     execute the following command:
     nvram set boot_wait=on
     nvram set flag_boot_rootfs=0
     nvram set flag_boot_success=1
     nvram set flag_last_success=1
     nvram set flag_try_sys1_failed=8
     nvram set flag_try_sys2_failed=8
     nvram commit
  3. Set a static ip on the ethernet interface of your computer
     (e.g. default: ip 192.168.31.100, gateway 192.168.31.1)
  4. Download the initramfs image, rename it to initramfs.bin,
     and host it with the tftp server.
  5. Interrupt U-Boot and run these commands:
     setenv mtdparts nmbm0:1024k(bl2),256k(Nvram),256k(Bdata),2048k(factory),2048k(fip),256k(crash),256k(crash_log),112640k(ubi)
     saveenv
     tftpboot initramfs.bin
     bootm
  6. After openwrt boots up, use scp or luci web
     to upload sysupgrade.bin to upgrade.

Revert to stock firmware:
  Restore mtdparts back to default, then use the
  vendor's recovery tool (Windows only).

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2 years agobase-files: verify nand sysupgrade images
Rodrigo Balerdi [Wed, 4 May 2022 02:54:58 +0000 (23:54 -0300)]
base-files: verify nand sysupgrade images

For nand sysupgrade image files having tar/gzip/tgz envelopes, verify
envelope integrity before starting sysupgrade.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2 years agobase-files: accept gzipped nand sysupgrade images
Rodrigo Balerdi [Tue, 3 May 2022 10:09:33 +0000 (07:09 -0300)]
base-files: accept gzipped nand sysupgrade images

When firmware images only contained compressed kernels and squashfs roots,
uncompressed tar files were a good option. We are now using UBIFS images,
both raw and tarred, as well as ubinized (full UBI partition) images, all
of which benefit greatly from compression.

For example, a raw ubinized backup taken from a running Askey RT4230W REV6
(such full backups can be restored via the LUCI's sysupgrade UI) is over
400 MB, but compresses to less than 10 MB.

This commit adds support for gzipped versions of all file types already
accepted by the nand sysupgrade mechanism, be them raw or tarred.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2 years agobase-files: fix ubinized nand sysupgrade
Rodrigo Balerdi [Tue, 3 May 2022 06:47:43 +0000 (03:47 -0300)]
base-files: fix ubinized nand sysupgrade

It has been reported that ubinized nand sysupgrade fails under certain
circumstances, being unable to detach the existing ubi partition due to
volumes within the partition being mounted.

This is an attempt to solve such issues by unmounting and removing
ubiblock devices and unmounting ubi volumes within the target partition
prior to detaching and formatting it.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2 years agobase-files: fix and clean up nand sysupgrade code
Rodrigo Balerdi [Tue, 3 May 2022 06:31:48 +0000 (03:31 -0300)]
base-files: fix and clean up nand sysupgrade code

- Never return from 'nand_do_upgrade', not even in case of errors, as that
  would cause execution of sysupgrade code not intended for NAND devices.
- Unify handling of sysupgrade success and failure.
- Detect and report more error conditions.
- Fix outdated/incorrect/unclear comments.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2 years agorealtek: Fix CRC offloading for rtl83xx
Olliver Schinagl [Thu, 27 Oct 2022 18:53:08 +0000 (20:53 +0200)]
realtek: Fix CRC offloading for rtl83xx

In rtl83xx_set_features we set bit 3 to enable, and bit 4 to disable
checksuming. Looking at rtl93xx_set_features we however see that for
both enable and disable the same bit is used (bit 4). This can't be
right, especially as bit 4 for rtl83xx seems to be Collision threshold
occupying 2 bits. Change this to make this more logical.

Fixes: 9e8d62e42117 ("realtek: enable CRC offloading")
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
2 years agoipq806x: disable ea8500 image by default
Christian Marangi [Thu, 27 Oct 2022 23:06:07 +0000 (01:06 +0200)]
ipq806x: disable ea8500 image by default

Linksys EA8500 is currently broken after the kernel 5.15 bump. Disable
compiling it by default from buildbot to prevent brick from the user.

Don't mark it as BROKEN to permit user to compile images and permit devs
to bisect the problem with the users.

The current problem with the device is that the switch is not detected
and we can't comunicate with it via MDIO.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agoipq806x: disable ea8500 image by default
Christian Marangi [Thu, 27 Oct 2022 23:06:07 +0000 (01:06 +0200)]
ipq806x: disable ea8500 image by default

Linksys EA8500 is currently broken after the kernel 5.15 bump. Disable
compiling it by default from buildbot to prevent brick from the user.

Don't mark it as BROKEN to permit user to compile images and permit devs
to bisect the problem with the users.

The current problem with the device is that the switch is not detected
and we can't comunicate with it via MDIO.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agobcm4908: add pending BQL support for bcm4908_enet
Rafał Miłecki [Thu, 27 Oct 2022 20:33:14 +0000 (22:33 +0200)]
bcm4908: add pending BQL support for bcm4908_enet

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agobcm4908: backport bcm4908_enet fix for NULL dereference
Rafał Miłecki [Thu, 27 Oct 2022 19:05:20 +0000 (21:05 +0200)]
bcm4908: backport bcm4908_enet fix for NULL dereference

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agobcm4908: optimize Ethernet driver by using build_skb()
Rafał Miłecki [Thu, 27 Oct 2022 16:57:39 +0000 (18:57 +0200)]
bcm4908: optimize Ethernet driver by using build_skb()

This should slightly improve performance thanks to the better cache
usage.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agorealtek: use assisted learning on CPU port
Jan Hoffmann [Tue, 25 Oct 2022 22:20:05 +0000 (00:20 +0200)]
realtek: use assisted learning on CPU port

L2 learning on the CPU port is currently not consistently configured and
relies on the default configuration of the device. On RTL83xx, it is
disabled for packets transmitted with a TX header, as hardware learning
corrupts the forwarding table otherwise. As a result, unneeded flooding
of traffic for the CPU port can already happen on some devices now. It
is also likely that similar issues exist on RTL93xx, which doesn't have
a field to disable learning in the TX header.

To address this, disable hardware learning for the CPU port globally on
all devices. Instead, enable assisted learning to let DSA write FDB
entries to the switch.

For now, this does not sync local/bridge entries to the switch. However,
support for that was added in Linux 5.14, so the next switch to a newer
kernel version is going to fix this.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2 years agorealtek: set up L2 table entries properly
Jan Hoffmann [Tue, 25 Oct 2022 22:20:04 +0000 (00:20 +0200)]
realtek: set up L2 table entries properly

Initialize the data structure using memset to avoid the possibility of
writing garbage values to the hardware.

Always set a valid entry type, which should fix writing unicast entries
on RTL930x.

For unicast entries, set the is_static flag to prevent the switch from
aging them out.

Also set the rvid field for unicast entries. This is not strictly
necessary, as the switch fills it in automatically from a non-zero vid.
However, this makes the code consistent with multicast entry setup.

While at it, reorder the statements and fix some style issues (double
space, comma instead of semicolon at end of statement). Also remove the
unneeded priv parameter and debug print for the multicast entry setup
function.

Fixes: cde31976e37 ("realtek: Add support for Layer 2 Multicast")
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2 years agobase-files: wifi: for wifi reconf, scan_wifi after network reload
Bob Cantor [Sun, 4 Jul 2021 17:26:46 +0000 (03:26 +1000)]
base-files: wifi: for wifi reconf, scan_wifi after network reload

Commit e8b542960921 included an unintended change and we now call
scan_wifi before a network reload.

Restore the original behaviour and call scan_wifi only after a network
reload.

Fixes: e8b542960921 ("base-files: wifi: tidy up the reconf code")
Signed-off-by: Bob Cantor <bobc@confidesk.com>