openwrt/staging/blocktrron.git
2 years agomac80211: fix compile error when mesh is disabled
Koen Vandeputte [Tue, 4 Oct 2022 08:48:18 +0000 (10:48 +0200)]
mac80211: fix compile error when mesh is disabled

This fixes following compile error seen when
building mac80211 with mesh disabled:

.../backports-5.15.58-1/net/mac80211/agg-rx.c: In function 'ieee80211_send_addba_resp':
...backports-5.15.58-1/net/mac80211/agg-rx.c:255:17: error: 'struct sta_info' has no member named 'mesh'
  255 |         if (!sta->mesh)
      |                 ^~

sta_info.h shows this item as being optional based on flags:

struct mesh_sta *mesh;

Guard the check to fix this.

Fixes: f96744ba6b ("mac80211: mask nested A-MSDU support for mesh")
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
2 years agoCI: Add workaround for github uppercase usernames
Edward Chow [Mon, 3 Oct 2022 11:39:58 +0000 (19:39 +0800)]
CI: Add workaround for github uppercase usernames

The workflow defined in tools.yml and kernel.yml used to fail on
forked repositories of contributers whose github username contains
uppercase letters.

A workaround mentioned in
https://github.com/orgs/community/discussions/27086 and
https://stackoverflow.com/questions/70326569/ is applied.

Signed-off-by: Edward Chow <equu@openmail.cc>
2 years agotreewide: fix security issues by bumping all packages using libwolfssl
Petr Štetiar [Thu, 29 Sep 2022 16:45:40 +0000 (18:45 +0200)]
treewide: fix security issues by bumping all packages using libwolfssl

As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.

So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all
packages using wolfSSL library.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2 years agoramips: fix switch setup for ASUS RT-AX53U
Matthias Schiffer [Mon, 3 Oct 2022 11:23:41 +0000 (13:23 +0200)]
ramips: fix switch setup for ASUS RT-AX53U

The device has only 1 WAN + 3 LAN ports. Remove "lan4" interface
corresponding to the non-existing port.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2 years agoipq40xx: glinet-b1300: fix LAN and WAN MAC address assigments
Petr Štetiar [Fri, 12 Aug 2022 11:51:40 +0000 (13:51 +0200)]
ipq40xx: glinet-b1300: fix LAN and WAN MAC address assigments

When testing the DSA changes with 5.15.60 kernel, I've noticed, that the
MAC addresses are not properly configured, there is single MAC being
used for LAN and WAN interfaces:

 eth0: 94:83:c4:XX:YY:4a (MAC on sticker)
 lan1@eth0: 94:83:c4:XX:YY:4a
 lan2@eth0: 94:83:c4:XX:YY:4a
 wan@eth0: 94:83:c4:XX:YY:4a
 wlan0: 94:83:c4:XX:YY:4a
 wlan1: 94:83:c4:XX:YY:4b

The same config, prior to the DSA conversion:

 lan/eth0: 94:83:c4:XX:YY:4a (MAC on sticker)
 wan/eth1: 94:83:c4:XX:YY:4b
 wlan0: 94:83:c4:XX:YY:4a
 wlan1: 94:83:c4:XX:YY:4b

Settings in ART partition:

 root@OpenWrt:/# hexdump -C /dev/mtd7 | grep '94 83'
 00000000  94 83 c4 XX YY 4a 94 83  c4 0e YY 4b ff ff ff ff  |.....J.....K....|
 00001000  20 2f 8d 8c 01 01 94 83  c4 XX YY 4a 00 00 20 00  | /.........J.. .|
 00005000  20 2f 5a 3a 01 01 94 83  c4 XX YY 4b 00 00 20 00  | /Z:.......K.. .|

So let's fix it by keeping same MAC address assigment as was done before
DSA conversion and while at it, define `label-mac-device` as well.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2 years agorockchip: switch to 5.15 kernel
Tomas Lara [Sun, 26 Jun 2022 02:28:42 +0000 (22:28 -0400)]
rockchip: switch to 5.15 kernel

Run tested: NanoPI R4S

Signed-off-by: Tomas Lara <tl849670@gmail.com>
2 years agokernel: add missing config symbols for 5.15
Tomas Lara [Sun, 26 Jun 2022 02:13:25 +0000 (22:13 -0400)]
kernel: add missing config symbols for 5.15

Add missing symbols, needed when rockchip kernel 5.15 is compile with ALL_KMODS=y

Signed-off-by: Tomas Lara <tl849670@gmail.com>
2 years agorockchip: refresh kernel 5.15 config
Tomas Lara [Sun, 26 Jun 2022 01:48:38 +0000 (21:48 -0400)]
rockchip: refresh kernel 5.15 config

Refreshed using make kernel oldconfig CONFIG TARGET=rockchip .

Signed-off-by: Tomas Lara <tl849670@gmail.com>
2 years agoipq40xx: disable boards not converted to DSA
David Bauer [Wed, 28 Sep 2022 15:42:48 +0000 (17:42 +0200)]
ipq40xx: disable boards not converted to DSA

Signed-off-by: David Bauer <mail@david-bauer.net>
2 years agoipq40xx: remove non-converted network configs
Robert Marko [Wed, 7 Sep 2022 10:06:47 +0000 (12:06 +0200)]
ipq40xx: remove non-converted network configs

Remove networking configs for non DSA converted boards in ipq40xx.
Currently, they are just causing clutter.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: ipqess: enable threaded NAPI
Robert Marko [Mon, 27 Jun 2022 12:40:43 +0000 (14:40 +0200)]
ipq40xx: ipqess: enable threaded NAPI

Enable threaded NAPI by default in IPQESS driver as it significantly
improves network perfromance, in my testing about 100+ Mbps in WAN-LAN
routing.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: Meraki MR33: convert MAC addresses to nvmem
Lech Perczak [Wed, 15 Dec 2021 20:10:11 +0000 (21:10 +0100)]
ipq40xx: Meraki MR33: convert MAC addresses to nvmem

This fixes assigning random MAC to br-lan interface upon boot.
While at that, rename at24@50 node to eeprom@50, to align with upstream
device tree style.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2 years agoipq40xx: convert some boards to DSA
Robert Marko [Tue, 14 Dec 2021 00:00:00 +0000 (01:00 +0100)]
ipq40xx: convert some boards to DSA

Convert IPQ40xx boards to DSA setup.

Signed-off-by: Leon M. George <leon@georgemail.eu>
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: ChunAm See <z1250747241@gmail.com>
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: qca8k: introduce proper PSGMII calibration
Serhii Serhieiev [Mon, 25 Apr 2022 13:09:43 +0000 (15:09 +0200)]
ipq40xx: qca8k: introduce proper PSGMII calibration

Serhii and others have experienced PSGMII link degradation up to point
that it actually does not pass packets at all or packets arrive as zeros.
This usually happened after a couple of hot reboots.

Serhii has managed to track it down to PSGMII calibration not being done
properly and has fixed it, so all of the code is Serhii-s work.

Signed-off-by: Serhii Serhieiev <adron@mstnt.com>
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: qca807x: drop kernel version checks
Robert Marko [Sun, 20 Mar 2022 18:34:18 +0000 (19:34 +0100)]
ipq40xx: qca807x: drop kernel version checks

Since kernel 5.4 has been droppped from IPQ40xx, there is no need to keep
the version checks for kernels older than 5.10.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: qca807x: add suspend and resume ops
Serhii Serhieiev [Sun, 20 Mar 2022 18:26:32 +0000 (19:26 +0100)]
ipq40xx: qca807x: add suspend and resume ops

Currently, suspend and resume ops are not present, this means that if user
disables a DSA interface that the PHY-s remain alive and the link is up.

Fix it by using generic PHY suspend and resume ops.

Signed-off-by: Serhii Serhieiev <adron@mstnt.com>
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: sxtsq-5-ac: correct TCSR ESS type
Robert Marko [Mon, 27 Dec 2021 14:20:58 +0000 (15:20 +0100)]
ipq40xx: sxtsq-5-ac: correct TCSR ESS type

SXTsq 5 ac uses RGMII on the port 5 and not PSGMII, so correct the TCSR
interface type property.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: enable ethernet and DSA driver combo
Robert Marko [Mon, 1 Nov 2021 17:30:00 +0000 (18:30 +0100)]
ipq40xx: enable ethernet and DSA driver combo

Select the Ethernet driver, DSA tag driver and the DSA driver itself to
be built in the kernel config.
They automatically pull in switchdev and phylink.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: add DSA switch driver
Robert Marko [Mon, 27 Dec 2021 14:11:18 +0000 (15:11 +0100)]
ipq40xx: add DSA switch driver

Qualcomm IPQ40xx SoC-s have a variant of QCA8337N switch built-in.

It shares most of the stuff with its external counterpart, however it is
modified for the SoC.
Namely, it doesn't have second CPU port (Port 6), so it has 6 ports
instead of 7.
It also has no built-in PHY-s but rather requires external PSGMII based
companion PHY-s (QCA8072 and QCA8075) for which it first needs to carry
out calibration before using them.
PSGMII has a SoC built-in PHY that is used to connect to the PHY-s which
unfortunately requires some magic values as the datasheet doesnt document
the bits that are being set or the register at all.

Since its built-in it is MMIO like other peripherals and doesn't have its
own MDIO bus but depends on the SoC provided one.

CPU connection is at Port 0 and it uses some kind of a internal connection
and no traditional RGMII/SGMII.
It also doesn't use in-band tagging like other qca8k switches so a shinfo
based tagger is used.

This is based on the current OpenWrt qca8k version that has been imported
from generic target.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: import qca8k from generic
Robert Marko [Mon, 1 Nov 2021 17:59:46 +0000 (18:59 +0100)]
ipq40xx: import qca8k from generic

This is just importing the qca8k driver from the generic target.
It will be used as the based for IPQ40xx version, this is just
to be able to see the diff.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: add PSGMII PHY mode define
Robert Marko [Mon, 1 Nov 2021 12:02:53 +0000 (13:02 +0100)]
ipq40xx: add PSGMII PHY mode define

PSGMII is a Qualcomm specific mode similar to QSGMII but it has 5 SGMII
lines instead of 4 in QSGMII.

This just adds the support for the PHY layer to be able to identify the
mode for further use.
It is required for the DSA driver.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: add IPQESS ethernet driver
Robert Marko [Wed, 15 Dec 2021 20:09:38 +0000 (21:09 +0100)]
ipq40xx: add IPQESS ethernet driver

IPQESS is the EDMA replacement driver for the IPQ40xx SoC built-in
ethernet controller.

Unlike EDMA it is Phylink based and doesnt touch PHY-s directly.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: qca807x: always set PSGMII AZ WAR
Robert Marko [Mon, 8 Nov 2021 22:06:02 +0000 (23:06 +0100)]
ipq40xx: qca807x: always set PSGMII AZ WAR

There is no point in using a DT property to trigger setting the PSGMII
PHY AZ transmitting ability.
Especially since EEE can be disabled using ethtool anyway.

Fixup the mask for setting the workaround as only BIT(0) is actually being
changed and use the phy_clear_bits_mmd helper instead of reading, then
clearing the bit and writing back as it does everything for us.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: add shinfo based DSA tag driver
Robert Marko [Mon, 1 Nov 2021 11:32:34 +0000 (12:32 +0100)]
ipq40xx: add shinfo based DSA tag driver

IPQ40xx requires a special DSA tag driver despite using the QCA8337N
switch.
However they have changed the header format and the existing QCA tag
driver cannot be reused.

For details on how it actually works and else read the patch commit
description.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: disable nodes instead of deleting them
Robert Marko [Wed, 8 Dec 2021 13:44:05 +0000 (14:44 +0100)]
ipq40xx: disable nodes instead of deleting them

There is no reason to delete the DT PHY nodes
as you can just disable them.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: qca807x: add SFP improvements
Robert Marko [Mon, 25 Oct 2021 16:30:00 +0000 (18:30 +0200)]
ipq40xx: qca807x: add SFP improvements

Currently, QCA807x doesnt do any kind of validation to see whether it
actually supports the inserted module.

So lets add checks to allow only 1000BaseX and 100BaseFX based modules.

While adding validation, move fiber configuration to insert/remove events
instead of always doing it at config time.
This allows getting rid of the DT property for fiber enable and now only
the upstream sfp phandle is required.

Since we are refactoring fiber related code, lets heavily simplify the
status polling as the current logic is overcomplicated due to previous
wish to support non standard SFP cages that dont have pins properly
connected, that is removed now and only proper SFP cages will work.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: drop ESSEDMA + AR40xx DTS nodes
Robert Marko [Sat, 19 Feb 2022 12:48:36 +0000 (13:48 +0100)]
ipq40xx: drop ESSEDMA + AR40xx DTS nodes

In order to start working on IPQESS + DSA drop
the old ESSEDMA + AR40xx DTS nodes.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agoipq40xx: drop ESSEDMA + AR40xx
Robert Marko [Mon, 25 Oct 2021 16:33:32 +0000 (18:33 +0200)]
ipq40xx: drop ESSEDMA + AR40xx

In order to start working on IPQESS + DSA drop the old ESSEDMA + AR40xx
driver combo.

Remove the kernel symbols, disable swconfig and drop swconfig package
as they are not needed anymore.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2 years agomac80211: mask nested A-MSDU support for mesh
David Bauer [Thu, 7 Oct 2021 22:30:23 +0000 (00:30 +0200)]
mac80211: mask nested A-MSDU support for mesh

mac80211 incorrectly processes A-MSDUs contained in A-MPDU frames. This
results in dropped packets and severely impacted throughput.

As a workaround, don't indicate support for A-MSDUs contained in
A-MPDUs. This improves throughput over mesh links by factor 10.

Ref: https://github.com/openwrt/mt76/issues/450

Signed-off-by: David Bauer <mail@david-bauer.net>
2 years agouboot-mvebu: backport LibreSSL patches for older version of LibreSSL
Josef Schlehofer [Wed, 14 Sep 2022 13:23:45 +0000 (15:23 +0200)]
uboot-mvebu: backport LibreSSL patches for older version of LibreSSL

If you would like to compile the newest version of U-boot together with the stable
OpenWrt version, which does not have LibreSSL >= 3.5, which was updated
in the master branch by commit 5451b03b7ceb2315445c683fe174e28bbdd49c2f
("tools/libressl: bump to v3.5.3"), then you need these two patches to
fix it. They are backported from U-boot repository.

This should be backported to stable OpenWrt versions.

Reported-by: Michal Vasilek <michal.vasilek@nic.cz>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agouboot-mvebu: backport patch to fix compilation on non glibc system
Josef Schlehofer [Wed, 14 Sep 2022 13:19:56 +0000 (15:19 +0200)]
uboot-mvebu: backport patch to fix compilation on non glibc system

This issue was reported by @paper42, who is using Void Linux with musl
to compile OpenWrt and its packages and found out it is not possible to
compile U-boot for Turris Omnia (neither any other).

It fixes following output:
```
  HOSTCC  tools/kwboot
tools/kwboot.c: In function 'kwboot_tty_change_baudrate':
tools/kwboot.c:662:6: error: 'struct termios' has no member named 'c_ospeed'
  662 |   tio.c_ospeed = tio.c_ispeed = baudrate;
      |      ^
tools/kwboot.c:662:21: error: 'struct termios' has no member named 'c_ispeed'
  662 |   tio.c_ospeed = tio.c_ispeed = baudrate;
      |                     ^
tools/kwboot.c:690:31: error: 'struct termios' has no member named 'c_ospeed'
  690 |  if (!_is_within_tolerance(tio.c_ospeed, baudrate, 3))
      |                               ^
tools/kwboot.c:693:31: error: 'struct termios' has no member named 'c_ispeed'
  693 |  if (!_is_within_tolerance(tio.c_ispeed, baudrate, 3))
      |
```

Tested-by: Michal Vasilek <michal.vasilek@nic.cz>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agotrace-cmd: update to v3.1.3
Nick Hainke [Sun, 25 Sep 2022 09:12:31 +0000 (11:12 +0200)]
trace-cmd: update to v3.1.3

Remove upstremed patch:
- 100-tracecmd-add-NO_LIBZSTD-option-to-disable-libzstd.patch

Changes:
c65c02c trace-cmd: Version 3.1.3
14a7aca trace-cmd library: Add API for mapping between host and guests
9191b8e tracecmd extract: Allow using --compression.
d63ae35 trace-cmd report: Add callback for kvm plugin to show guest functions
0c7ef72 trace-cmd library: Add man pages for iterator functions
3cd1b55 trace-cmd library: Add tracecmd_follow_event()
27ea9e1 libtracecmd: Add documentation on tracecmd_set/get_private()
3c544ad libtracecmd: Add a man pages for handling of time stamps
5baf7a3 libtracecmd: Add check-manpages.sh
ee007a1 trace-cmd library: Make tracecmd_filter_match() local
cb04105 tracecmd library documentation: Use star and not underscore for function names
54931be trace-cmd: Do not return zero length name for guest by name
43ffa27 trace-cmd: Close socket descriptor on failed connection
4744ca3 trace-cmd record/agent: Add --notimeout option
e512b22 trace-cmd: Add compile time overrides for libraries
a6fe935 trace-cmd: README: Add note on installing libtracecmd
067f45f trace-cmd: libtracecmd: Fixing linking to C++ code
689a0d4 tracecmd: Add NO_LIBZSTD option to disable libzstd
6bbcd3e trace-cmd report: Use library tracecmd_filter_*() logic
955d05f trace-cmd report: Make filter arguments match their files
82ed4a9 trace-cmd library: Add filtering logic for iterating events
dbd8777 trace-cmd report: Use tracecmd_iterate_events_multi()
78a74b1 trace-cmd library: Allow callers to save private data in tracecmd_input handlers
b37903a tracecmd library: Add tracecmd_iterate_events_multi()
d83b662 tracecmd utest: Add test to test using the libraries to read
2cb6cc2 tracecmd library: Add tracecmd_iterate_events()
762839a tracecmd: Use make variable instead of if statement for zlib test
1504f3f trace-cmd: Document new proxy args for {agent,record}
9a1c5d7 trace-cmd record: Keep --proxy from being passed to agents
ef8a8d7 trace-cmd libs: Initialize msg to NULL tracecmd_msg_read_data()
39ec10a trace-cmd: Do not use instance from trace context

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agolibtracefs: update to 1.5.0
Nick Hainke [Sun, 25 Sep 2022 09:10:15 +0000 (11:10 +0200)]
libtracefs: update to 1.5.0

Changes:
93f4d52 libtracefs: version 1.5
bc857db libtracefs: Add tracefs_u{ret}probe_alloc to generic man page
db55441 libtracefs: Add tracefs_debug_dir() to generic libtracefs man page
d2d5924 libtracefs: Add test instructions for openSUSE
4a7b475 libtracefs: Fix test suite typo
ee8c644 libtracefs: Add tracefs_tracer_available() helper
799d88e libtracefs: Add API to set custom tracing directory
1bb00d1 libtracefs: allow pthread inclusion overrideable in Makefile
04651d0 libtracefs sqlhist: Allow pointers to match longs
9de59a0 libtracefs: Remove double free attempt of new_event in tracefs_synth_echo_cmd()
0aaa86a libtracefs: Fix use after free in tracefs_synth_alloc()
d2d5340 libtracefs: Add missed_events to record
9aaa8b0 libtracefs: Set the number of CPUs in tracefs_local_events_system()
56a0ba0 libtracefs: Return negative number when tracefs_filter_string_append() fails
c5f849f libtracefs: Set the long size of the tep handle in tracefs_local_events_system()
5c8103e revert: 0de961e74f96 ("libtracefs: Set visibility of parser symbols as 'internal'")

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agolibtraceevent: update to 1.6.3
Nick Hainke [Sun, 25 Sep 2022 09:09:42 +0000 (11:09 +0200)]
libtraceevent: update to 1.6.3

Changes:
fda4ad9 libtraceevent: version 1.6.3
d02a61e libtraceevent: Add man pages for tep_plugin_kvm_get/put_func()
6643bf9 libtraceevent: Have kvm_exit/enter be able to show guest function
a596299 libtraceevent: Add tep_print_field() to check-manpages.sh deprecated
065c9cd libtraceevent: Add man page documentation of tep_get_sub_buffer_size()
6e18ecc libtraceevent: Add man page for tep_plugin_add_option()
6738713 libtraceevent: Add some missing functions to generic libtraceevent man page
deefe29 libtraceevent: Include meta data functions in libtraceevent man pages
cf6dd2d libtraceevent: Add tep_get_function_count() to libtraceevent man page
5bfc11e libtraceevent: Add printk documentation to libtraceevent man page
65c767b libtraceevent: Update man page to reflect tep_is_pid_registered() rename
7cd173f libtraceevent: Add check-manpages.sh
fd6efc9 libtraceevent: Documentation: Correct typo in example
5c375b0 libtraceevent: Fixing linking to C++ code
7839fc2 libtraceevent: Makefile - set LIBS as conditional assignment
c5493e7 libtraceevent: Remove double assignment of val in eval_num_arg()
efd3289 libtraceevent: Add warnings if fields are outside the event

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agopopt: update to 1.19
Nick Hainke [Sun, 25 Sep 2022 09:58:04 +0000 (11:58 +0200)]
popt: update to 1.19

Add patch to fix compilation:
- 100-configure.ac-remove-require-gettext-version.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agolibcap: update to 2.66
Nick Hainke [Mon, 26 Sep 2022 18:23:21 +0000 (20:23 +0200)]
libcap: update to 2.66

4f96e67 Up the release version to 2.66
60ff008 Fix typos in the cap_from_text.3 man page.
281b6e4 Add captrace to .gitignore file
09a2c1d Add an example of using BPF kprobing to trace capability use.
26e3a09 Clean up getpcaps code.
fc804ac getpcaps: catch PID parsing errors.
fc437fd Fix an issue with bash displaying an error.
7db9589 Some more simplifications for building
27e801b Fix for "make clean ; make -j48 test"

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agolantiq: enable interrupts on second VPEs
Aleksander Jan Bajkowski [Sat, 10 Sep 2022 18:13:58 +0000 (20:13 +0200)]
lantiq: enable interrupts on second VPEs

This patch is needed to handle interrupts by the second VPE on the Lantiq
ARX100, xRX200, xRX300 and xRX330 SoCs. Switching some ICU interrupts to
the second VPE results in a hang. Currently, the vsmp_init_secondary()
function is responsible for enabling these interrupts. It only enables
Malta-specific interrupts (SW0, SW1, HW4 and HW5).

The MIPS core has 8 interrupts defined. On Lantiq SoCs, hardware
interrupts are wired to an ICU instance. Each VPE has an independent
instance of the ICU. The mapping of the ICU interrupts is shown below:
SW0(IP0) - IPI call,
SW1(IP1) - IPI resched,
HW0(IP2) - ICU 0-31,
HW1(IP3) - ICU 32-63,
HW2(IP4) - ICU 64-95,
HW3(IP5) - ICU 96-127,
HW4(IP6) - ICU 128-159,
HW5(IP7) - timer.

This patch enables all interrupt lines on the second VPE.

This problem affects multithreaded SoCs with a custom interrupt controller.
SOCs with 1004Kc core and newer use the MIPS GIC. At this point, I am aware
that the Realtek RTL839x and RTL930x SoCs may need a similar fix. In the
future, this may be replaced with some generic solution.

Tested on Lantiq xRX200.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2 years agoramips: add support for SNR SNR-CPE-ME2-Lite
Alexey Kosmakov [Mon, 30 May 2022 08:46:34 +0000 (13:46 +0500)]
ramips: add support for SNR SNR-CPE-ME2-Lite

SNR SNR-CPE-ME2-Lite is a 2.4/5 GHz band 11ac (Wi-Fi 5) router, based on MT7621A.

Specification:
    - SoC           : MediaTek MT7621A
    - RAM           : DDR3 128 MiB
    - Flash         : SPI-NOR 16 MiB
    - WLAN          : 2.4 GHz 2T2R (MediaTek MT7603E)
                      5 GHz 2T2R (MediaTek MT7613BE)
    - Ethernet      : 10/100/1000 Mbps x5
      - Switch      : MediaTek MT7530 (SoC)
    - UART          : through-hole on PCB
      - J4: 3.3V, GND, TX, RX
      - 57600n8
    - Power         : 12 VDC, 1.5 A

Flash instruction via WEB (firmware 1.10.4 and later)
    1. Boot SNR-CPE-ME2-Lite normally with "Router" mode
    2. Access to "http://192.168.1.1/" and open "Administration -> Management" page
    3. Select the OpenWrt factory image in "Firmware update" section and click "Update" button
    4. Wait ~120 seconds to complete flashing

Flash instruction via TFTP (all version):
    1. Boot SNR-CPE-ME2-Lite to recovery mode (hold the reset button while power on)
    2. Send firmware via TFTP client:
       TFTP Server address: 192.168.1.1
       TFTP Client address: 192.168.1.131
    3. Wait ~120 seconds to complete flashing

Signed-off-by: Alexey Kosmakov <a.kosmakov@nagtech.ru>
2 years agoramips: enable LZMA loader to fix Linksys RE6500 boot
Mark King [Sun, 25 Sep 2022 20:53:52 +0000 (21:53 +0100)]
ramips: enable LZMA loader to fix Linksys RE6500 boot

At some point after 21.02.3 and before 22.03.0, the size limits of the
Linksys RE6500 were reached and prevent booting from the 22.03.0 release
or builds of current SNAPSHOT. This patch allows builds of master to boot
again and has been tested on my device.

Fixes: #8577
Signed-off-by: Mark King <mark@vemek.co>
2 years agokernel: bump 5.10 to 5.10.146
John Audia [Wed, 28 Sep 2022 20:05:00 +0000 (16:05 -0400)]
kernel: bump 5.10 to 5.10.146

All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agokernel: bump 5.10 to 5.10.145
John Audia [Fri, 23 Sep 2022 20:58:05 +0000 (16:58 -0400)]
kernel: bump 5.10 to 5.10.145

Manually rebased:
  hack-5.10/780-usb-net-MeigLink_modem_support.patch

Removed upstreamed:
  patches-5.10/110-gpio-mpc8xxx-Fix-support-for-IRQ_TYPE_LEVEL_LOW-flow.patch[1]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.145&id=24196210b198e8e39296e277bb93b362aa207775

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agokernel: bump 5.15 to 5.15.71
John Audia [Wed, 28 Sep 2022 17:26:15 +0000 (13:26 -0400)]
kernel: bump 5.15 to 5.15.71

Removed upstreamed:
  uml/patches-5.15/001-um-fix-default-console-kernel-parameter.patch[1]

All other patches automatically rebased

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.71&id=e1dbe8a62098b20f5093cf75ade2f2dc9259b006

Signed-off-by: John Audia <therealgraysky@proton.me>
Compile-tested: mvebu/cortexa72 (RB5009UG+S+IN)
Run-tested: mvebu/cortexa72 (RB5009UG+S+IN)

2 years agokernel: bump 5.15 to 5.15.70
John Audia [Fri, 23 Sep 2022 19:27:54 +0000 (15:27 -0400)]
kernel: bump 5.15 to 5.15.70

Manually rebased:
  hack-5.15/780-usb-net-MeigLink_modem_support.patch

Removed upstreamed:
  patches-5.15/110-gpio-mpc8xxx-Fix-support-for-IRQ_TYPE_LEVEL_LOW-flow.patch[1]

All other patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.70&id=89cfddd416bac41ff35f37f928ed3d7fefef908e

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agotools/cmake: update to 3.24.2
Nick Hainke [Wed, 14 Sep 2022 13:04:13 +0000 (15:04 +0200)]
tools/cmake: update to 3.24.2

Release Notes:
https://www.kitware.com/cmake-3-24-2-is-available-for-download/

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agotools/expat: switch to tar.xz to save bandwidth
Nick Hainke [Sun, 2 Oct 2022 09:22:23 +0000 (11:22 +0200)]
tools/expat: switch to tar.xz to save bandwidth

The tar.xz download is a bit smaller. Use this download to save traffic.

Suggested-by: hardfalcon
Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agotools/expat: update to 2.4.9
Nick Hainke [Fri, 30 Sep 2022 06:27:44 +0000 (08:27 +0200)]
tools/expat: update to 2.4.9

Fixes CVE-2022-40674.

Release Notes:
https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agotools/meson: backport WSL2 fix
Rosen Penev [Thu, 22 Sep 2022 22:41:28 +0000 (15:41 -0700)]
tools/meson: backport WSL2 fix

For some reason, Microsoft's Plan9 driver returns IOError on missing
file.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoath79: fix LibreRouter-v1 watchdog and poe_pass
Santiago Piccinini [Fri, 30 Sep 2022 13:44:04 +0000 (10:44 -0300)]
ath79: fix LibreRouter-v1 watchdog and poe_pass

Watchdog and poe_passthrough gpios require the jtag disabled.

Signed-off-by: Santiago Piccinini <spiccinini@altermundi.net>
2 years agomt76: update to the latest version
Felix Fietkau [Sat, 1 Oct 2022 14:05:05 +0000 (16:05 +0200)]
mt76: update to the latest version

e4fa68a9b3b3 linux-firmware: update firmware for MT7921 WiFi device
60fcf08fe659 linux-firmware: update firmware for MT7921 WiFi device
9d601f4eee8f linux-firmware: update firmware for MT7922 WiFi device
e49b6063fb4b wifi: mt76: move mt76_rate_power from core to mt76x02 driver code
3f27f6adb1ab wifi: mt76: mt76x02: simplify struct mt76x02_rate_power
c07f3d2d5ede wifi: mt76: mt7921: fix antenna signal are way off in monitor mode
9059a5de3bd0 wifi: mt76: Remove unused inline function mt76_wcid_mask_test()
d75f15ddeb90 wifi: mt76: mt7915: fix bounds checking for tx-free-done command
06df7e689294 wifi: mt76: mt7915: reserve 8 bits for the index of rf registers
ad3d0f8db00b wifi: mt76: mt7915: rework eeprom tx paths and streams init
66065073177b wifi: mt76: mt7915: deal with special variant of mt7916
b0114a0abb57 wifi: mt76: mt7915: rework testmode tx antenna setting
6dee964e1f36 wifi: mt76: connac: introduce mt76_connac_spe_idx()
48c116d92939 wifi: mt76: mt7915: add spatial extension index support
db6db4ded0fd wifi: mt76: mt7915: set correct antenna for radar detection on MT7915D
2b8f56a72d76 wifi: mt76: mt7915: fix mt7915_mac_set_timing()
d554a02554db wifi: mt76: mt7915: move wed init routines in mmio.c
61ce40e65852 wifi: mt76: mt7915: enable wed for mt7986 chipset
584a96ec4a0f wifi: mt76: mt7915: enable wed for mt7986-wmac chipset
172d68b6253d mt76: mt76x02: fix vht rate power array overrun
72b87836d368 Revert "mt76: use IEEE80211_OFFLOAD_ENCAP_ENABLED instead of MT_DRV_AMSDU_OFFLOAD"

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agorealtek: use correct CAUSEF_DC macro in prom.c
Sander Vanheule [Sat, 1 Oct 2022 07:55:01 +0000 (09:55 +0200)]
realtek: use correct CAUSEF_DC macro in prom.c

The workaround for an already-enabled R4K timer used a non-existent
macro CAUSE_DC. Fix compiling by using the actual macro CAUSEF_DC.

Fixes: b7aab1958591 ("realtek: SMP handling of R4K timer interrupts")
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2 years agorealtek: SMP handling of R4K timer interrupts
Markus Stockhausen [Fri, 30 Sep 2022 06:03:38 +0000 (08:03 +0200)]
realtek: SMP handling of R4K timer interrupts

Until now there has been no good explanation why we mess with the R4K
timer on SMP. After extensive testing and looking at the SDK code it
becomes clear what it is all about.

When we disable the CEVT_R4K module (we will do with the new timer
driver) the R4K timer hardware still fires interrupts on the secondary
CPU. To get around this we have two options:

- Disable IRQ 7
- Stop the counter completely

This patch selects option two because this is the root of evil.. To be
on the safe side we will do it only in case the CEVT_R4K module is
disabled.

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
2 years agorealtek: fix SMP startup
Markus Stockhausen [Mon, 26 Sep 2022 06:46:08 +0000 (08:46 +0200)]
realtek: fix SMP startup

The scope of the SMP startup structure is wrong. It is created on the
stack and not as a global variable. This can lead to startup failures.

Fixes: 3f41360eb70c ("realtek: use upstream recommendation for CPU start")
Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de
2 years agorealtek: Convert incorrect v5.10 patches
Olliver Schinagl [Tue, 20 Sep 2022 10:01:48 +0000 (12:01 +0200)]
realtek: Convert incorrect v5.10 patches

OpenWRT's developer guide prefers having actual patches so they an be
sent upstream more easily.

However, in this case, Adding proper fields also allows for `git am` to
properly function. Some of these patches are quite old, and lack much
traceable history.

This commit tries to rectify that, by digging in the history to find
where and how it was first added.

It is by no means perfect and also shows some patches that should have
been long gone.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
2 years agoath79: Convert incorrect 5.10 and 5.15 patches
Olliver Schinagl [Tue, 20 Sep 2022 10:01:48 +0000 (12:01 +0200)]
ath79: Convert incorrect 5.10 and 5.15 patches

OpenWRT's developer guide prefers having actual patches so they an be
sent upstream more easily.

However, in this case, Adding proper fields also allows for `git am` to
properly function. Some of these patches are quite old, and lack much
traceable history.

This commit tries to rectify that, by digging in the history to find
where and how it was first added.

It is by no means perfect and also shows some patches that should have
been long gone.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
2 years agogeneric: Convert incorrect generic/5.10 patches
Olliver Schinagl [Tue, 20 Sep 2022 10:01:48 +0000 (12:01 +0200)]
generic: Convert incorrect generic/5.10 patches

OpenWRT's developer guide prefers having actual patches so they an be
sent upstream more easily.

However, in this case, Adding proper fields also allows for `git am` to
properly function. Some of these patches are quite old, and lack much
traceable history.

This commit tries to rectify that, by digging in the history to find
where and how it was first added.

It is by no means perfect and also shows some patches that should have
been long gone.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
2 years agoCI: use tools:latest container to speedup kernel workflow
Christian Marangi [Mon, 5 Sep 2022 21:18:00 +0000 (23:18 +0200)]
CI: use tools:latest container to speedup kernel workflow

Use tools:latest container with prebuilt host tools to speedup kernel
compilation in kernel workflow.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agoscripts/ext-tools: introduce new script to install prebuilt tools
Christian Marangi [Fri, 30 Sep 2022 17:36:06 +0000 (19:36 +0200)]
scripts/ext-tools: introduce new script to install prebuilt tools

Add a simple script to make it easier to install a prebuilt tools tar.
Currently it will be used by our tools container and kernel workflow on
github.

Simple script that take a tar that contains prebuilt host tools, extract
them and refresh the timestamps to skip recompilation of such host
tools.

By default it refresh timestamps of build_dir/host and
staging_dir/host/stamp.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agoCI: create Docker container containing compiled tools
Paul Spooren [Mon, 8 Aug 2022 21:37:54 +0000 (23:37 +0200)]
CI: create Docker container containing compiled tools

Currently each Kernel compilation takes about 30 minutes of which 20
minutes are used to compile our tools. While the toolchain is downloaded
and instantly ready the tools are missing.

This commit starts uploading a Docker container including compiled tools
which are ready to use. It is automatically updated whenever any tools
are changed.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Co-Developed-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agotools: add option BUILD_ALL_HOST_TOOLS to compile all host tools
Christian Marangi [Fri, 9 Sep 2022 20:53:01 +0000 (22:53 +0200)]
tools: add option BUILD_ALL_HOST_TOOLS to compile all host tools

Add option to compile all host tools even if not needed.
This can be useful to prepare a universal precompiled host tools
archive to use in another buildroot and speedup compilation.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agobuild: make find_md5 reproducible with AUTOREMOVE
Christian Marangi [Tue, 6 Sep 2022 14:48:37 +0000 (16:48 +0200)]
build: make find_md5 reproducible with AUTOREMOVE

While experimenting with the AUTOREMOVE option in search of a way to use
prebuilt host tools in different buildroot, it was discovered that the
md5 generated by find_md5 in depends.mk is not reproducible.

Currently the hash is generated by the path of the file in addition to
the file mod time. Out of confusion, probably, there was an idea that
such command was used on the package build_dir. Reality is that this
command is run on the package files. (Makefile, patches, src)

This is problematic because the package Makefile (for example) change at
each git clone and base the hash on the Makefile mtime doesn't really
reflect if the Makefile actually changes across a buildroot or not.

A better approach is to generate an hash of each file and then generate
an hash on the sort hash list. This way we remove the problem of git
clone setting a wrong mtime while keeping the integrity of checking if a
file changed for the package as any change will result in a different
hash.

Introduce a new kind of find_md5 function, find_md5_reproducible that
apply this new logic and limit it only with AUTOREMOVE option set to
prevent any kind of slowdown due to additional hash generation.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agotools/cmake: fix compilation with host libzstd-dev
Rosen Penev [Fri, 30 Sep 2022 08:42:51 +0000 (01:42 -0700)]
tools/cmake: fix compilation with host libzstd-dev

cmake's find_package looks at host paths first for some reason. Switch
to using pkgconfig for the search, matching other modules.

Fixes: 3848cf458ef9 ("tools/cmake: Build without some included libs")
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoCI: use buildbot container for building
Paul Spooren [Sun, 20 Mar 2022 20:02:08 +0000 (20:02 +0000)]
CI: use buildbot container for building

Instead of using a fresh Linux installation which is setup every time
use the Buildbot container which is used for our own Buildbot
infrastructure, too.
While at it also tidy up the workflow to make it more consistent with
other workflow.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Co-Developed-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agoscripts/download.pl: add tsinghua and ustc mirrors
Bradford Zhang [Fri, 30 Sep 2022 05:28:28 +0000 (13:28 +0800)]
scripts/download.pl: add tsinghua and ustc mirrors

Add https://mirrors.tuna.tsinghua.edu.cn/ and https://mirrors.ustc.edu.cn/ mirrors into download.pl to speed up download in China.

Signed-off-by: Bradford Zhang <zyc@zyc.name>
2 years agoramips: add led driver to UniFi FlexHD defaut package set
Daniel Golle [Fri, 30 Sep 2022 12:21:16 +0000 (13:21 +0100)]
ramips: add led driver to UniFi FlexHD defaut package set

Add kmod-leds-ubnt-ledbar to the packages selected by default on the
UniFi FlexHD access point.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agoubnt-ledbar: make package available on other targets
Daniel Golle [Fri, 30 Sep 2022 12:17:07 +0000 (13:17 +0100)]
ubnt-ledbar: make package available on other targets

As also ramips/mt7621 now has a user of the ubnt-ledbar driver, make
the package available on all targets by removing the dependency on
@TARGET_mediatek_mt7622.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agomediatek: add support t-phy settings from efuse on MT7986
Daniel Golle [Wed, 28 Sep 2022 18:37:43 +0000 (19:37 +0100)]
mediatek: add support t-phy settings from efuse on MT7986

Import patches from mtk-openwrt-feeds (MTK SDK) to support reading
t-phy settings affecting PCIe as well as USB2 and USB3 from efuse.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agomediatek: filogic: add efuse layout to mt7986a.dtsi
Daniel Golle [Thu, 29 Sep 2022 17:50:23 +0000 (18:50 +0100)]
mediatek: filogic: add efuse layout to mt7986a.dtsi

efuse is used to store board-specific settings of some of the in-SoC
peripherals. Add it to device tree, so it gets probed on boot and can
be accessed by other drivers.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agomediatek: add patch allowing 1-byte wide access to efuse
Daniel Golle [Wed, 14 Sep 2022 01:15:32 +0000 (02:15 +0100)]
mediatek: add patch allowing 1-byte wide access to efuse

Allow byte-wise access to mtk-efuse as some drivers require that.
Patch imported from mtk-openwrt-feeds (MTK SDK).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agokernel: fold lzma debloat patch into the patch adding the code
Felix Fietkau [Fri, 30 Sep 2022 10:52:35 +0000 (12:52 +0200)]
kernel: fold lzma debloat patch into the patch adding the code

Reduces the number of hack patches

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agokernel: move kernel image cmdline hack to the octeon target
Felix Fietkau [Fri, 30 Sep 2022 09:48:21 +0000 (11:48 +0200)]
kernel: move kernel image cmdline hack to the octeon target

It is the only remaining user of this hack

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agokernel: remove hack patch, move kirkwood specific kmods to target modules.mk
Felix Fietkau [Fri, 30 Sep 2022 09:42:06 +0000 (11:42 +0200)]
kernel: remove hack patch, move kirkwood specific kmods to target modules.mk

Tweaking the KCONFIG line of kmod-ata-marvell-sata makes the hack patch
unnecessary

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agokernel: move ubnt ledbar driver to a separate package
Felix Fietkau [Fri, 30 Sep 2022 09:26:47 +0000 (11:26 +0200)]
kernel: move ubnt ledbar driver to a separate package

Simplifies the tree by removing a non-upstream kernel patch and related kconfig
symbols

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agokernel: remove udp tunnel kconfig selection hack
Felix Fietkau [Fri, 30 Sep 2022 09:07:02 +0000 (11:07 +0200)]
kernel: remove udp tunnel kconfig selection hack

The corresponding kmod package is marked as HIDDEN and selected by all
other kernel modules that need it, so the kconfig side will be in sync
without manual selection

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomac80211: fix decap offload for stations on AP_VLAN interfaces
Felix Fietkau [Wed, 28 Sep 2022 11:57:55 +0000 (13:57 +0200)]
mac80211: fix decap offload for stations on AP_VLAN interfaces

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agotools/cmake: Build without some included libs
Rosen Penev [Sat, 24 Sep 2022 23:57:40 +0000 (16:57 -0700)]
tools/cmake: Build without some included libs

Saves a little bit of time when compiling cmake.

Added patches to fix searching liblzma and zlib. The issue is that
because pkgconfig is not used, the system libraries get used.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agotools/expat: build with autotools again
Rosen Penev [Sun, 25 Sep 2022 00:11:52 +0000 (17:11 -0700)]
tools/expat: build with autotools again

Allows to set expat as a dependency to cmake and save on compilation
time.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agotools/zlib: switch to configure script
Rosen Penev [Sun, 25 Sep 2022 07:22:24 +0000 (00:22 -0700)]
tools/zlib: switch to configure script

A future commit will make tools/cmake use this.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agowolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)
Petr Štetiar [Wed, 28 Sep 2022 09:28:06 +0000 (11:28 +0200)]
wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)

Fixes denial of service attack and buffer overflow against TLS 1.3
servers using session ticket resumption. When built with
--enable-session-ticket and making use of TLS 1.3 server code in
wolfSSL, there is the possibility of a malicious client to craft a
malformed second ClientHello packet that causes the server to crash.

This issue is limited to when using both --enable-session-ticket and TLS
1.3 on the server side. Users with TLS 1.3 servers, and having
--enable-session-ticket, should update to the latest version of wolfSSL.

Thanks to Max at Trail of Bits for the report and "LORIA, INRIA, France"
for research on tlspuffin.

Complete release notes https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable

Fixes: CVE-2022-39173
Fixes: https://github.com/openwrt/luci/issues/5962
References: https://github.com/wolfSSL/wolfssl/issues/5629
Tested-by: Kien Truong <duckientruong@gmail.com>
Reported-by: Kien Truong <duckientruong@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2 years agoRevert "wolfssl: fix TLSv1.3 RCE in uhttpd by using latest 5.5.1-stable release"
Petr Štetiar [Thu, 29 Sep 2022 05:50:07 +0000 (07:50 +0200)]
Revert "wolfssl: fix TLSv1.3 RCE in uhttpd by using latest 5.5.1-stable release"

This reverts commit a596a8396b1ef23cd0eda22d9a628392e70e1e1a as I've
just discovered private email, that the issue has CVE-2022-39173
assigned so I'm going to reword the commit and push it again.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2 years agowolfssl: refresh patches
Petr Štetiar [Wed, 28 Sep 2022 09:58:22 +0000 (11:58 +0200)]
wolfssl: refresh patches

So they're tidy and apply cleanly.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2 years agowolfssl: fix TLSv1.3 RCE in uhttpd by using latest 5.5.1-stable release
Petr Štetiar [Wed, 28 Sep 2022 09:28:06 +0000 (11:28 +0200)]
wolfssl: fix TLSv1.3 RCE in uhttpd by using latest 5.5.1-stable release

Fixes denial of service attack and buffer overflow against TLS 1.3
servers using session ticket resumption. When built with
--enable-session-ticket and making use of TLS 1.3 server code in
wolfSSL, there is the possibility of a malicious client to craft a
malformed second ClientHello packet that causes the server to crash.

This issue is limited to when using both --enable-session-ticket and TLS
1.3 on the server side. Users with TLS 1.3 servers, and having
--enable-session-ticket, should update to the latest version of wolfSSL.

Thanks to Max at Trail of Bits for the report and "LORIA, INRIA, France"
for research on tlspuffin.

Complete release notes https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable

Fixes: https://github.com/openwrt/luci/issues/5962
References: https://github.com/wolfSSL/wolfssl/issues/5629
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2 years agobcm53xx: backport clk driver fix for DT nodes names
Rafał Miłecki [Thu, 29 Sep 2022 03:51:25 +0000 (05:51 +0200)]
bcm53xx: backport clk driver fix for DT nodes names

It allows dropping downstream patch renaming DT nodes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agobuild: fix warnings from grep
Chris Osgood [Thu, 15 Sep 2022 12:09:38 +0000 (08:09 -0400)]
build: fix warnings from grep

Fixes build warnings when using newer versions of grep.

Signed-off-by: Chris Osgood <chris_github@functionalfuture.com>
Tested-by: Georgi Valkov <gvalkov@gmail.com>
2 years agoscripts/download.pl: generilize and simplify download tool check
Christian Marangi [Wed, 28 Sep 2022 12:22:49 +0000 (14:22 +0200)]
scripts/download.pl: generilize and simplify download tool check

Generilize download tool check and skip other check if a download tool
has been found.
While at it also reintroduce c836ca84e8f641e10a8349a8f9b7432b33d6cec1
that was previously dropped with aria2c support.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agoramips: update MAC address configuration for Buffalo WSR-1166DHP
Kazuhiro Ito [Tue, 30 Aug 2022 12:54:38 +0000 (21:54 +0900)]
ramips: update MAC address configuration for Buffalo WSR-1166DHP

Convert MAC address and label_mac configuration of Buffalo
WSR-1166DHP to use the generic function of OpenWrt.

Apply commit 770cfe9 for WCR-1166DS to WSR-1166DHP too.

Tested on the device and MAC address is kept before and after this
change.

Signed-off-by: Kazuhiro Ito <kzhr@d1.dion.ne.jp>
2 years agokernel: mtk_ppe: use MTK_FOE_STATE_INVALID instead of *_UNBIND
Daniel Golle [Tue, 27 Sep 2022 20:08:04 +0000 (21:08 +0100)]
kernel: mtk_ppe: use MTK_FOE_STATE_INVALID instead of *_UNBIND

Instead of dropping *fix-typo-in-__mtk_foe_entry.patch which effectively
means keeping the (also wrong) assignment of MTK_FOE_STATE_BIND, rather
use MTK_FOE_STATE_INVALID as that works well on both older (NETSYS_V1)
and newer (NETSYS_V2) MediaTek SoCs.

Suggested-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agorealtek: rtl931x: fix missing CONFIG_COMMON_CLK_REALTEK config flag
Christian Marangi [Tue, 27 Sep 2022 23:13:24 +0000 (01:13 +0200)]
realtek: rtl931x: fix missing CONFIG_COMMON_CLK_REALTEK config flag

When the realtek clock driver was introduced, CONFIG_COMMON_CLK_REALTEK
was not correctly disabled for other subtarget. Add the missing config
flag to fix compilation error on buildbot.

Fixes: 4850bd887c3a ("realtek: add RTL83XX clock driver")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agotools: fix firmware-utils depends
Rosen Penev [Tue, 27 Sep 2022 22:35:41 +0000 (15:35 -0700)]
tools: fix firmware-utils depends

When firmware-utils was converted to use cmake, the dependency was not
updated.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoRevert "toolchain/gcc: use zstd from tools"
Christian Marangi [Tue, 27 Sep 2022 21:17:03 +0000 (23:17 +0200)]
Revert "toolchain/gcc: use zstd from tools"

This reverts commit e6cc3ded0709aa6c7a190c31575bb5c19e204cd2.
Require more testing as it does cause compilation error.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agoRevert "tools/zstd: build libraries as static"
Christian Marangi [Tue, 27 Sep 2022 21:16:46 +0000 (23:16 +0200)]
Revert "tools/zstd: build libraries as static"

This reverts commit e3989094b801da63b7b65b2460ea30dfeb324cd3.
Require more testing as it does cause compilation error.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2 years agotools/zstd: build libraries as static
Rosen Penev [Sun, 25 Sep 2022 01:42:59 +0000 (18:42 -0700)]
tools/zstd: build libraries as static

Enables to get rid of rpath hack for all users.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoccache: update to 4.6.3
Nick Hainke [Sun, 28 Aug 2022 13:00:54 +0000 (15:00 +0200)]
ccache: update to 4.6.3

Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_3

Refresh patch:
- 100-honour-copts.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agotools/ccache: update to 4.6.2
Nick Hainke [Wed, 24 Aug 2022 08:57:35 +0000 (10:57 +0200)]
tools/ccache: update to 4.6.2

Release notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_2

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agotools/ccache: update to 4.6.1
Nick Hainke [Thu, 18 Aug 2022 05:53:00 +0000 (07:53 +0200)]
tools/ccache: update to 4.6.1

Release notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_1

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agokernel: rename upstreamed patches and import fixes
Daniel Golle [Sun, 25 Sep 2022 15:56:45 +0000 (16:56 +0100)]
kernel: rename upstreamed patches and import fixes

Move and rename patches which were merged upstream and import follow-up
fixes for MediaTek Ethernet offloading features on MT7622 and Filogic
platforms. Remove patch
793-net-ethernet-mtk_eth_soc-fix-typo-in-__mtk_foe_entry.patch
which breaks hardware flow offloading on MT7622, it will be reverted
upstream as well.

Fixes: c93c5365c0 ("kernel: pick patches for MediaTek Ethernet from linux-next")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agoqos-scripts: fix trailing whitespace in config files
Manas Sambhus [Thu, 4 Aug 2022 11:24:18 +0000 (16:54 +0530)]
qos-scripts: fix trailing whitespace in config files

Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
2 years agoqos-scripts: replace modprobe by rmmod
Manas Sambhus [Sat, 9 Jul 2022 06:33:43 +0000 (12:03 +0530)]
qos-scripts: replace modprobe by rmmod

modprobe -r is not available on all platforms, hence use rmmod

Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
2 years agokernel: netsupport: replace insmod by modprobe
Manas Sambhus [Sat, 9 Jul 2022 06:30:25 +0000 (12:00 +0530)]
kernel: netsupport: replace insmod by modprobe

Replace insmod by modprobe in TEQL hotplug script

Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
2 years agoppp: use modprobe in place of insmod
Manas Sambhus [Sat, 9 Jul 2022 06:26:09 +0000 (11:56 +0530)]
ppp: use modprobe in place of insmod

This will prevent `module is already loaded` lines from
appearing in the logs when a PPP connection is reconnecting

Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
2 years agoinclude/prereq-build: fix ldconfig-stub symlink on macos and BSD OSs
Christian Marangi [Tue, 27 Sep 2022 14:54:42 +0000 (16:54 +0200)]
include/prereq-build: fix ldconfig-stub symlink on macos and BSD OSs

Some OS may have the true bin to a different location than /bin/true.
BSD based system and macos have true on /usr/bin/true.

Fix this by checking both location and take the one available in the
system.

Reported-by: Sergey V. Lobanov <sergey@lobanov.in>
Suggested-by: Huangbin Zhan <zhanhb88@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>