openwrt/openwrt.git
3 months agolldpd: remove unneeded quotes and variable quoting
Paul Donald [Thu, 8 Feb 2024 20:44:56 +0000 (21:44 +0100)]
lldpd: remove unneeded quotes and variable quoting

from commit ac771313ebedd2c4bfda8adef47650d45d77c32d

portidsubtype takes 1 of 2 possible keywords which do not need quoting:

         configure lldp portidsubtype ifname | macaddress

The third keyword 'local' is used in the syntax when individual ports
are being defined:

         configure [ports ethX [,…]] lldp portidsubtype local value

When this syntax is used, quoting is useful (see test cases for lldpd).
In the init file, the 'local' syntax is unused.

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit bd1b17d589bc622408cebdd9fa0f43386cc3ef5a)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: remove unneeded quotes and variable quoting
Paul Donald [Thu, 8 Feb 2024 20:42:11 +0000 (21:42 +0100)]
lldpd: remove unneeded quotes and variable quoting

from commit c98ee4dbb3db0f064d990941cdd82e872da76946

agent-type takes 1 of 3 possible keywords which do not require quoting:

         configure lldp agent-type nearest-bridge | nearest-non-tpmr-bridge
         | nearest-customer-bridge

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 24a4da527f7e70d9916439a78298de2f4e4af653)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: remove unneeded quotes and variable quoting
Paul Donald [Thu, 8 Feb 2024 20:29:37 +0000 (21:29 +0100)]
lldpd: remove unneeded quotes and variable quoting

from commit 3ce909914a12647bec52bcee0a162dd6d158a4f6

'capabilities enabled x' where x is a string of CSV

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit b039641071b1e9ee9654513ef3229bb97cc379af)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: remove unneeded quotes
Paul Donald [Thu, 8 Feb 2024 20:31:29 +0000 (21:31 +0100)]
lldpd: remove unneeded quotes

from commit 3ce909914a12647bec52bcee0a162dd6d158a4f6

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 82ec853284e44fb85ad702879d18857bd566c7db)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: remove unneeded quotes and variable quoting
Paul Donald [Thu, 8 Feb 2024 20:31:57 +0000 (21:31 +0100)]
lldpd: remove unneeded quotes and variable quoting

from commit 24176a6bdd8f26040a97960868fd0d9ee968d695

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 20a4dddeb0366a56c14f9128392ffe8d0b62e32d)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: fix a paste error
Paul Donald [Thu, 8 Feb 2024 19:26:13 +0000 (20:26 +0100)]
lldpd: fix a paste error
from commit 1be2088a5247b2cfabe8be991c1e52ddaf780a16

The original PR #13018 did not exhibit this.

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 4fb8fea6de363aeeeca029ed9801b85cdbf45f0c)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: spell fixes
Paul Donald [Thu, 8 Feb 2024 14:59:27 +0000 (15:59 +0100)]
lldpd: spell fixes

Supplementary fix for PR #14193

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 1909b6f8835c1381f859c85394defe993e016edd)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: fix -k 'lldp_no_version' row
Paul Donald [Thu, 8 Feb 2024 14:57:28 +0000 (15:57 +0100)]
lldpd: fix -k 'lldp_no_version' row

Supplementary fix for PR #14193 and commit
b67182008fd124706be0ec3ce67347447554ffd5

Tested on 22.03.5

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 97eb3bf76c17328f80554e6a3603de00d835e4c5)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: add option to force EDP
Stephen Howell [Sat, 3 Feb 2024 14:16:09 +0000 (14:16 +0000)]
lldpd: add option to force EDP

allow EDP support if compiled and add force EDP option

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit d274867c217cade795537af93ff9b209e472e19c)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: only use snmp options when compiled in
Stephen Howell [Sat, 3 Feb 2024 13:51:49 +0000 (13:51 +0000)]
lldpd: only use snmp options when compiled in

prevent SNMP options being passed unless lldpd supports them

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 8b2d02e48cd2559a52e1cbf04143028e50da6a88)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: Update Makefile package release
Stephen Howell [Sun, 17 Dec 2023 00:43:09 +0000 (00:43 +0000)]
lldpd: Update Makefile package release

increment Makefile package release to reflect changes to init script

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 1b36d44323cdd467980f83318be0837b8a1fd487)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: add option for tx delay and tx hold
Stephen Howell [Sun, 17 Dec 2023 00:39:48 +0000 (00:39 +0000)]
lldpd: add option for tx delay and tx hold

add option to set LLDP transmit delay, hold timers to set update frequency

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit a5f715da713304972467612d6934130ce3aa2837)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: add option to set system platform
Stephen Howell [Sun, 17 Dec 2023 00:34:37 +0000 (00:34 +0000)]
lldpd: add option to set system platform

add option to override system platform instead of using kernel name

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 4159acceebeec646fb2ebecdd85561ba140f1ce4)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: add option to force SONMP enabled
Stephen Howell [Sun, 17 Dec 2023 00:28:43 +0000 (00:28 +0000)]
lldpd: add option to force SONMP enabled

add option to force SONMP to be enabled even when no peer detected

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 4ac134aa78d2b4441b0afd485d1d26dbd53d7276)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: add option to force FDP on
Stephen Howell [Sun, 17 Dec 2023 00:26:21 +0000 (00:26 +0000)]
lldpd: add option to force FDP on

add option to force FDP when no peers detected

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 1be2088a5247b2cfabe8be991c1e52ddaf780a16)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: set CDP version and allow forcing CDP on
Stephen Howell [Sun, 17 Dec 2023 00:21:12 +0000 (00:21 +0000)]
lldpd: set CDP version and allow forcing CDP on

add option to specify CDPv1 or CDPv2 and separately enable or force each

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit b67182008fd124706be0ec3ce67347447554ffd5)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: allow disabling LLDP protcol
Stephen Howell [Sun, 17 Dec 2023 00:17:14 +0000 (00:17 +0000)]
lldpd: allow disabling LLDP protcol

add option to allow LLDP disabling while using other supported protocols

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 61dbe756d8edc1adcd152920f71d6dce26232662)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: add portidsubtype option
Stephen Howell [Sat, 16 Dec 2023 23:49:44 +0000 (23:49 +0000)]
lldpd: add portidsubtype option

add option portidsubtype to correct port identifiers and descriptions

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit ac771313ebedd2c4bfda8adef47650d45d77c32d)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: add agent-type option
Stephen Howell [Sat, 16 Dec 2023 23:49:21 +0000 (23:49 +0000)]
lldpd: add agent-type option

add option to set agent-type to control propogation

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit c98ee4dbb3db0f064d990941cdd82e872da76946)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: add LLDP MED options
Stephen Howell [Sat, 16 Dec 2023 23:46:53 +0000 (23:46 +0000)]
lldpd: add LLDP MED options

add option to enable LLDP MED fast-start and set fast-start timer

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 24176a6bdd8f26040a97960868fd0d9ee968d695)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: option to disable LLDP-MED inventory TLV
Stephen Howell [Sat, 16 Dec 2023 23:08:08 +0000 (23:08 +0000)]
lldpd: option to disable LLDP-MED inventory TLV

add option to disable LLDP-MED inventory TLV transmission

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 1753498b01d86b8d63349b01cb04026c07c343d9)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: Init adds no-version option
Stephen Howell [Sat, 16 Dec 2023 22:57:18 +0000 (22:57 +0000)]
lldpd: Init adds no-version option

add option to disable advertising kernel version

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 058f284b1a802fafafb2cfde522693bd43aeaf4d)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: Allow neighbour filtering
Stephen Howell [Sat, 16 Dec 2023 22:52:10 +0000 (22:52 +0000)]
lldpd: Allow neighbour filtering

add filter option to init script.

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit ac3ed75309e7db93bf2316eccba8106e3fe8f9fc)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: LLDPD binds to only specified interfaces
Stephen Howell [Sat, 16 Dec 2023 22:41:22 +0000 (22:41 +0000)]
lldpd: LLDPD binds to only specified interfaces

Bind to the configured system interfaces only. Switchport interfaces
are no longer ignored and uci interface values for LLDPD are honored.

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit 064b4999ad1f37f4c6ccf95a0404007b990ed0ef)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: Init config read on reload
Stephen Howell [Sat, 16 Dec 2023 22:32:19 +0000 (22:32 +0000)]
lldpd: Init config read on reload

Init script reload with trigger to detect config file update.
Reload command added to attempt non-impactful lldpd reload where
lldpcli can be used to update config without process restart.
Config hash function used to track whether process restart is needed.

Signed-off-by: Stephen Howell <howels@allthatwemight.be>
(cherry picked from commit e483c247dc75723a32d03b5b1149f7fd61ac8ac6)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agolldpd: add lldp_syscapabilities config option
Sebastian Pflieger [Wed, 20 Sep 2023 18:13:14 +0000 (20:13 +0200)]
lldpd: add lldp_syscapabilities config option

allow to overwrite the detected system capabilities e.g. if devices
does not operate as bridge.

Signed-off-by: Sebastian Pflieger <sebastian@pflieger.email>
(cherry picked from commit 3ce909914a12647bec52bcee0a162dd6d158a4f6)
Link: https://github.com/openwrt/openwrt/pull/15299
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agoucode: fix missing backslash
David Bauer [Sun, 15 Sep 2024 01:26:58 +0000 (03:26 +0200)]
ucode: fix missing backslash

Fixes: ae42ecaad4e7 ("ucode: fix host installation")
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 9d663c7435752bf17ecec4bfc66c73cde55ed04c)

3 months agoncurses: Fix path in ncursesw.pc
Hauke Mehrtens [Sat, 27 Jul 2024 17:29:04 +0000 (19:29 +0200)]
ncurses: Fix path in ncursesw.pc

The file contains the the /usr/lib path from the toolchain directory and
not from the target directory. The /usr/lib directory for the toolchain
is empty and the shared library is not in the specified paths. On RISCV
the linker of util-linux was finding the libncursesw.so in my host
system, tried to link against it and failed. Fix the .pc file.

Fixes: #15942
Co-authored-by: Thomas Weißschuh <thomas@t-8ch.de>
Link: https://github.com/openwrt/openwrt/pull/16018
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 91573ac145aa70a12b0984ec75507ac648569240)
Link: https://github.com/openwrt/openwrt/pull/16390
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 months agobuild: autoconf: set ac_cv_func_setresuid=true
Philip Prindeville [Mon, 15 Jul 2024 14:54:22 +0000 (08:54 -0600)]
build: autoconf: set ac_cv_func_setresuid=true

MUSL and eglibc provide these symbols.

Bind needs setresuid() to build properly in recent versions.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Link: https://github.com/openwrt/openwrt/pull/15952
(cherry picked from commit 0bd129a5d3b298340e1f6351942a8ccc2ba6eaea)
Link: https://github.com/openwrt/openwrt/pull/16390
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 months agofilogic: add missing 2.5G PHY LEDs configuration for Zyxel EX5700
Yan Cangang [Mon, 5 Aug 2024 12:35:56 +0000 (12:35 +0000)]
filogic: add missing 2.5G PHY LEDs configuration for Zyxel EX5700

configure 2.5G PHY LEDs to:

2500/1000: green with blink on TX/RX
100/10: green+yellow with blink on TX/RX

which is similar to other 1G PHY LEDs, which are:

1000: green with blink on TX/RX
100/10: green+yellow with blink on TX/RX

Fixes: 6cc14bf66aa ("filogic: support Telenor branded ZyXEL EX5700")
Signed-off-by: Yan Cangang <nalanzeyu@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16082
(cherry picked from commit 3de653a0af35c2d6fbc0fd14909f362c6b977e4a)
Link: https://github.com/openwrt/openwrt/pull/16390
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 months agomac80211: Update to version 6.1.110-1
Hauke Mehrtens [Wed, 11 Sep 2024 21:37:15 +0000 (23:37 +0200)]
mac80211: Update to version 6.1.110-1

This updates mac80211 to version 6.1.110-1. This code is based on Linux
6.1.110 and contains all fixes included in the upstream wireless
subsystem from that kernel version. This includes many bugfixes and also
some security fixes.

The removed patches are already integrated in upstream Linux 6.1.110.

The following patches were integrated in upstream Linux:
   subsys/311-v6.2-wifi-mac80211-fix-and-simplify-unencrypted-drop-chec.patch
   subsys/312-v6.3-wifi-cfg80211-move-A-MSDU-check-in-ieee80211_data_to.patch
   subsys/313-v6.3-wifi-cfg80211-factor-out-bridge-tunnel-RFC1042-heade.patch
   subsys/314-v6.3-wifi-mac80211-remove-mesh-forwarding-congestion-chec.patch
   subsys/315-v6.3-wifi-mac80211-fix-receiving-A-MSDU-frames-on-mesh-in.patch
   subsys/316-v6.3-wifi-mac80211-add-a-workaround-for-receiving-non-sta.patch
   subsys/321-mac80211-fix-mesh-forwarding.patch
   subsys/322-wifi-mac80211-fix-mesh-path-discovery-based-on-unica.patch
   subsys/329-wifi-mac80211-fix-receiving-mesh-packets-in-forwardi.patch
   subsys/339-wifi-cfg80211-fix-receving-mesh-packets-without-RFC1.patch
   subsys/350-v6.3-wifi-mac80211-Allow-NSS-change-only-up-to-capability.patch
   subsys/351-v6.9-wifi-mac80211-track-capability-opmode-NSS-separately.patch

Link: https://github.com/openwrt/openwrt/pull/16368
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 months agoopenssl: update to 3.0.15
Ivan Pavlov [Thu, 5 Sep 2024 08:21:57 +0000 (11:21 +0300)]
openssl: update to 3.0.15

OpenSSL 3.0.15 is a security patch release. The most severe CVE fixed in this release is Moderate.

This release incorporates the following bug fixes and mitigations:

  * Fixed possible denial of service in X.509 name checks (CVE-2024-6119)

  * Fixed possible buffer overread in SSL_select_next_proto() (CVE-2024-5535)

Added github releases url as source mirror

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16332
(cherry picked from commit 62d3773bf19a3e2f39935c08a8b5b2186777f314)
Link: https://github.com/openwrt/openwrt/pull/16346
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 months agombedtls: Update to 2.28.9
Hauke Mehrtens [Wed, 11 Sep 2024 21:03:50 +0000 (23:03 +0200)]
mbedtls: Update to 2.28.9

This contains a fix for:
CVE-2024-45157:
Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does
not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when
MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled.

Link: https://github.com/openwrt/openwrt/pull/16367
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 months agokernel: bump 5.15 to 5.15.167
Hauke Mehrtens [Thu, 12 Sep 2024 20:48:35 +0000 (22:48 +0200)]
kernel: bump 5.15 to 5.15.167

Manually adapted:
   generic/backport-5.15/020-v6.1-05-mm-multi-gen-LRU-groundwork.patch
   ramips/patches-5.15/311-MIPS-use-set_mode-to-enable-disable-the-cevt-r4k-irq.patch

Link: https://github.com/openwrt/openwrt/pull/16366
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 months agokernel: bump 5.15 to 5.15.166
Hauke Mehrtens [Tue, 10 Sep 2024 21:08:30 +0000 (23:08 +0200)]
kernel: bump 5.15 to 5.15.166

Manually adapted:
   bcm27xx/patches-5.15/950-0030-Revert-Bluetooth-Always-request-for-user-confirmatio.patch

Link: https://github.com/openwrt/openwrt/pull/16366
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 months agokernel: bump 5.15 to 5.15.165
Hauke Mehrtens [Mon, 9 Sep 2024 21:02:26 +0000 (23:02 +0200)]
kernel: bump 5.15 to 5.15.165

Removed because they are upstream:
   generic/pending-5.15/110-v6.3-0001-spidev-Add-Silicon-Labs-EM3581-device-compatible.patch
   https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=bff165a3993683daddf3f00563960e7675966f91

   ipq807x/patches-5.15/0004-v5.16-arm64-dts-qcom-msm8996-Move-clock-cells-to-QMP-PHY-c.patch
   https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=32f0e52f16d45d743b473659329f93d4a27c68bf

Manually adapted:
   bcm27xx/patches-5.15/950-0040-spi-spidev-Completely-disable-the-spidev-warning.patch
   bcm27xx/patches-5.15/950-0578-spi-spidev-Restore-loading-from-Device-Tree.patch
   generic/pending-5.15/110-v6.3-0002-spidev-Add-Silicon-Labs-SI3210-device-compatible.patch

Adapt kernel configuration for newly added option
CONFIG_ARM64_ERRATUM_3194386.

The leddev_list_lock attribute changed from rwlock_t to spinlock_t in:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=590304b798a3b89e716b6b564f8ad14bc9373d93

Link: https://github.com/openwrt/openwrt/pull/16366
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 months agoucode: fix host installation
David Bauer [Mon, 19 Aug 2024 13:25:10 +0000 (15:25 +0200)]
ucode: fix host installation

The path for linking libucode.so was not specified for the ucode binary.
This breaks execution of ucode in the host context.

Signed-off-by: David Bauer <david.bauer@uniberg.com>
(cherry picked from commit ae42ecaad4e7b4878083f08a2cba6ce511ac6c43)

3 months agotreewide: fixup models names for UniFi U6 series
Rafał Miłecki [Thu, 18 Jul 2024 08:37:38 +0000 (10:37 +0200)]
treewide: fixup models names for UniFi U6 series

Ubiquiti has a set of UniFi 802.11ax (Wi-Fi 6) AP devices. All models
include "U6" in their names and also have code names with no special
characters (including spaces).

Examples:
1. U6 Lite (codename U6-Lite)
2. U6 Long-Range (codename U6-LR)
3. U6+ (codename U6-PLUS)
4. U6 Pro (codename U6-Pro)
5. U6 Mesh (codename U6-Mesh)
6. U6 Mesh Pro (codename U6-Mesh-Pro)
7. U6 Enterprise (codename U6-Enterprise)

Use proper full names for those devices. Names in OpenWrt/DTS code may
need updating too but it can be handled later.

Cc: Elbert Mai <code@elbertmai.com>
Cc: Daniel Golle <daniel@makrotopia.org>
Cc: Henrik Riomar <henrik.riomar@gmail.com>
Cc: David Bauer <mail@david-bauer.net>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 74879140a1aa0b8a8c237e0b67e94c3508e2e249)

3 months agoipq40xx: define config-names for Aruba boards
David Bauer [Tue, 10 Sep 2024 02:25:59 +0000 (04:25 +0200)]
ipq40xx: define config-names for Aruba boards

Aruba boards now ship with multiple DTS and image-configurations per
image. Newer apboot revs expect a configuration for their hardware to be
present.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c7ba5574f52f25334add66c15190b578ac873739)

3 months agobase-files: fix merge of passwd/shadow/group lines with trailing colons
Matthias Schiffer [Thu, 29 Aug 2024 18:24:02 +0000 (20:24 +0200)]
base-files: fix merge of passwd/shadow/group lines with trailing colons

Empty trailing fields get lost when the lines are split and merged again
at colons, resulting in unparsable entries. Only use the split fields for
matching against the other file, but emit the original line unchanged
to fix the issue.

Fixes: de7ca7dafadf ("base-files: merge /etc/passwd et al at sysupgrade config restore")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 9bbaa6f2c0419739fb85d48d0f527cb1622946ee)

3 months agotools: libtool: do not symlink files in bootstrap
Matthias Schiffer [Thu, 29 Aug 2024 18:04:02 +0000 (20:04 +0200)]
tools: libtool: do not symlink files in bootstrap

Another instance of files in build_dir symlinking to staging_dir. While
the symlinks do not currently cause any bugs in the libtool package,
such symlinks were found to make the build more fragile, as writing to
the symlink may accidentally modify the shared file in staging_dir. Pass
--copy to bootstrap to disable the symlinking.

Link: https://github.com/openwrt/openwrt/pull/15825
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit d6e54593198851235906c6ab77c20c6209ab19f5)

3 months agoinclude: autotools: do not symlink files in autoreconf
Matthias Schiffer [Thu, 29 Aug 2024 18:04:02 +0000 (20:04 +0200)]
include: autotools: do not symlink files in autoreconf

In Gluon's Github Actions CI, we were occasionally seeing bizarre build
errors that looked like a config.sub file had been corrupted, or changed
while it was being executed.

The cause turned out to be an interaction of the symlinks created by
autoreconf (pointing from individual tools' build dirs into
`staging_dir/host/share/automake-1.16`) and OpenWrt's host-build.mk,
which replaced config.guess and config.sub *after* autoreconf. The
result was that the replacement of these files ended up following the
symlinks and writing the files in `staging_dir/host/share/automake-1.16`
instead of a package's build dir. This could cause other packages' builds
to fail if they were currently executing the scripts while they were
being written.

To fix this, disable autoreconf's symlinking feature, so that modifying
these files in a package's build directory can't accidentally affect the
staged versions.

Link: https://github.com/openwrt/openwrt/pull/15825
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit c364cb8e469f9a7de1ed8960163c90e26b2df1ad)

3 months agohostapd: fix anqp_3gpp_cell_net list delimiter
Sarah Maedel [Wed, 28 Aug 2024 09:27:05 +0000 (11:27 +0200)]
hostapd: fix anqp_3gpp_cell_net list delimiter

This patch fixes the list delimiter between 3GPP networks
passed to hostapd.

> list iw_anqp_3gpp_cell_net '262,001'
> list iw_anqp_3gpp_cell_net '262,002'

When passing a list of "iw_anqp_3gpp_cell_net" parameters via UCI,
hostapd would crash at startup:
> daemon.err hostapd: Line 73: Invalid anqp_3gpp_cell_net: 262,001:262,002

Using a semicolon as a delimiter, hostapd will start as expected.

Signed-off-by: Sarah Maedel <git@tbspace.de>
(cherry picked from commit 8de185a176079e738984ab0fc89841bc2e613fb1)

3 months agoocteon: ubnt-edgerouter: Disable PCIe
Jakob Haufe [Mon, 22 Jul 2024 18:53:47 +0000 (20:53 +0200)]
octeon: ubnt-edgerouter: Disable PCIe

Some devices lock up on PCIe initialization:

[   64.309697] PCIe: Port 0 in endpoint mode, skipping.
[   64.320496] PCIe: Initializing port 1
[   64.325257] PCIe: BIST FAILED for port 1 (0xffffffffffffffff)
(system hangs here)

Given the ER contains no PCIe peripherals, has no way to attach any
and the stock kernel doesn't have PCIe support either, just disable it.

(cherry picked from commit 308630aea6da1b5618d169d6ebf208aaa249ef72)
Signed-off-by: Jakob Haufe <sur5r@sur5r.net>
Link: https://github.com/openwrt/openwrt/pull/16223
Signed-off-by: Robert Marko <robimarko@gmail.com>
3 months agokernel: r8126: print link status when link up
Álvaro Fernández Rojas [Sat, 17 Aug 2024 19:55:42 +0000 (21:55 +0200)]
kernel: r8126: print link status when link up

Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 5d2a008670122f3f69eb3ab4f776d9fe9b6d76dd)

3 months agokernel: r8125: print link status when link up
Álvaro Fernández Rojas [Sat, 17 Aug 2024 19:49:37 +0000 (21:49 +0200)]
kernel: r8125: print link status when link up

Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from a57a3e5cc5942b309941d19143b7097a690eb014)

3 months agokernel: r8168: print link status when link up
Álvaro Fernández Rojas [Sat, 17 Aug 2024 19:41:31 +0000 (21:41 +0200)]
kernel: r8168: print link status when link up

Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 2f846a33157e32d52c26cf06825f8eb1db13181d)

3 months agokernel: r8101: print link status when link up
Álvaro Fernández Rojas [Sat, 17 Aug 2024 19:30:35 +0000 (21:30 +0200)]
kernel: r8101: print link status when link up

Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from fe0240f27e9df2d0b8c0981741360f2f87b09536)

3 months agokernel: r8126: ignore the rss rxnfc log
Álvaro Fernández Rojas [Mon, 12 Aug 2024 13:26:01 +0000 (21:26 +0800)]
kernel: r8126: ignore the rss rxnfc log

This log is noisy and useless, just ignore it.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 8d9893ff34242f887f40ca271a39e4c67c87b88d)

3 months agokernel: r8125: ignore the rss rxnfc log
Chukun Pan [Mon, 12 Aug 2024 13:26:01 +0000 (21:26 +0800)]
kernel: r8125: ignore the rss rxnfc log

This log is noisy and useless, just ignore it.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 2fd0102cc3dfd81f4585e8599bf671157a4450b8)

4 months agokernel: r8126: add RSS variant
Álvaro Fernández Rojas [Sun, 11 Aug 2024 13:30:07 +0000 (15:30 +0200)]
kernel: r8126: add RSS variant

Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from bfeef9b3d786b76510837014648db8d6c8106989)

4 months agopackage: add kmod-r8126 ethernet driver
Álvaro Fernández Rojas [Sat, 22 Jun 2024 14:04:24 +0000 (16:04 +0200)]
package: add kmod-r8126 ethernet driver

r8126 is an out of tree driver provided by Realtek for RTL8126 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from 54623c6a1daeb029858aab96a58e0ee8607f738b)

4 months agokernel: r8125: add RSS variant
Álvaro Fernández Rojas [Sun, 11 Aug 2024 13:29:32 +0000 (15:29 +0200)]
kernel: r8125: add RSS variant

Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from f063f4620c32b1cb6f43dd249c9cdfb4ee2bd12c)

4 months agopackage: add kmod-r8125 ethernet driver
Álvaro Fernández Rojas [Sat, 22 Jun 2024 14:04:24 +0000 (16:04 +0200)]
package: add kmod-r8125 ethernet driver

r8125 is an out of tree driver provided by Realtek for RTL8125 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from ddb4070c96728394c22b4beb1070a26efd1c2d28)

4 months agopackage: add kmod-r8168 ethernet driver
Álvaro Fernández Rojas [Sat, 22 Jun 2024 14:04:24 +0000 (16:04 +0200)]
package: add kmod-r8168 ethernet driver

r8168 is an out of tree driver provided by Realtek for RTL8168 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
((cherry picked from commit 1565eeda4e670cd02e9ba90179d53ac50aa8c6d0)

4 months agopackage: add kmod-r8101 ethernet driver
Álvaro Fernández Rojas [Fri, 16 Aug 2024 18:22:56 +0000 (20:22 +0200)]
package: add kmod-r8101 ethernet driver

r8101 is an out of tree driver provided by Realtek for RTL8101 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit b72c4b53860ef7a65f486212c7393e2c2b57344b)

4 months agomediatek: fix lan/wan macaddr for cmcc rax3000m
Tianling Shen [Thu, 6 Jun 2024 08:54:38 +0000 (16:54 +0800)]
mediatek: fix lan/wan macaddr for cmcc rax3000m

The MAC address assigned to lan/wan was reversed on eMMC boards.

Fixes: d3c193525e62 ("mediatek: add CMCC RAX3000M support")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15077
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agomediatek: enable rootwait for cmcc rax3000m emmc version
Tianling Shen [Fri, 5 Apr 2024 07:44:24 +0000 (15:44 +0800)]
mediatek: enable rootwait for cmcc rax3000m emmc version

Sometimes the mmc deivce may come up later than kernel attempts to
mount rootfs, resulting kernel panic. Enable rootwait to fix it.

Reported-by: Yangyu Chen <cyy@cyyself.name>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15077
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agomediatek: increase phy assert time for jdcloud re-cp-03
Tianling Shen [Wed, 7 Aug 2024 18:53:51 +0000 (02:53 +0800)]
mediatek: increase phy assert time for jdcloud re-cp-03

According to RTL8221B's datasheet, the PHY requires at least 10ms
for assert and 68ms (recommended) for de-assert. So increase the
assert/de-assert time to 15ms and 68ms respectively.

Fixes: c0c3234e1720 ("mediatek: add support for JDCloud RE-CP-03")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16106
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d1954aa5353eca59bb76d860b09a68a01e7ec05a)

4 months agokernel: ubootenv-nvram: driver for RAM backed environments
Bjørn Mork [Tue, 28 Mar 2023 11:32:29 +0000 (13:32 +0200)]
kernel: ubootenv-nvram: driver for RAM backed environments

The vendor U-Boot implementaion on Telenor branded ZyXEL EX5700
devices does not store its environment on flash. It is instead
kept in a memory region.  This is persistent over reboots, but
not over power cycling.

The dual partition failsafe system used by the vendor U-Boot
requires the OS to modify a variable in this memory environment.
This driver allows the ordinary uboot-envtools to access a
memory region like it was a partition on NOR flash.

The specific vendor U-Boot adds a "no-map" /reserved-memory
section and a top level /ubootenv node pointing to the memory
environment.  The driver uses this device specific fact to
locate the region.  The matching and probing code will likely
have to be adjusted for any other devices to be supported.

Example partial device tree:

 / {
    ..
    ubootenv {
        memory-region = <&uenv>;
        compatible = "ubootenv";
    };
    ..
    reserved-memory {
        ..
        uenv: ubootenv@7ffe8000 {
            no-map;
            reg = <0 0x7ffe8000 0 0x4000>;
        };

Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit b2e810f49588d1bbc90f657826e94b32474b482c)

4 months agohostapd: fix SAE H2E security vulnerability
Rany Hany [Wed, 31 Jul 2024 17:16:55 +0000 (17:16 +0000)]
hostapd: fix SAE H2E security vulnerability

This patch backports fixes for a security vulnerability impacting the
hostapd implementation of SAE H2E.

As upgrading hostapd would require more testing, the second mitigation
step which involves backporting several patches was adopted as outlined
in the official advisory[1].

An explanation of the impact of the vulnerability is provided from the
advisory[1]:

This vulnerability allows the attacker to downgrade the negotiated group
to another enabled group if both the AP and STA have enabled SAE H2E and
multiple groups. It should be noted that the H2E option is not enabled
by default and the attack is not applicable to the default option, i.e.,
hunting-and-pecking, since it does not have any downgrade protection for
group negotiation. In addition, the default configuration for enabled
SAE groups in hostapd is to enable only a single group, so the
vulnerability is not applicable unless hostapd has been explicitly
configured to enable more groups for SAE.

[1]: https://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt

Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16043
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit db7f70fe6140e99ae709c7bf2a25eb983cb725ed)

4 months agokernel: bump 5.15 to 5.15.164
Hauke Mehrtens [Sun, 28 Jul 2024 22:28:51 +0000 (00:28 +0200)]
kernel: bump 5.15 to 5.15.164

No manual changes needed.

Link: https://github.com/openwrt/openwrt/pull/16027
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agomac80211: Update to version 6.1.102-1
Hauke Mehrtens [Sun, 21 Jul 2024 23:02:41 +0000 (01:02 +0200)]
mac80211: Update to version 6.1.102-1

Upstream removed SSB and BCMA, the drivers are now compiled against the
in kernel versions. No need to patch this for OpenWrt.

Link: https://github.com/openwrt/openwrt/pull/15983
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agoath25: eth: Fix PHY access over ar2313 driver
Hauke Mehrtens [Sun, 28 Jul 2024 18:31:48 +0000 (20:31 +0200)]
ath25: eth: Fix PHY access over ar2313 driver

.ndo_do_ioctl is not called any more. For PHY MII ioctl handling, the
kernel calls .ndo_eth_ioctl now.

See upstream Linux kernel commit:
https://git.kernel.org/linus/a76053707dbf0dc020a73b4d90cd952409ef3691

Link: https://github.com/openwrt/openwrt/pull/16023
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agoipq40xx: eth: Fix PHY access over ipqess driver
Hauke Mehrtens [Thu, 25 Jul 2024 20:13:35 +0000 (22:13 +0200)]
ipq40xx: eth: Fix PHY access over ipqess driver

.ndo_do_ioctl is not called any more. For PHY MII ioctl handling, the
kernel calls .ndo_eth_ioctl now.

See upstream Linux kernel commit:
https://git.kernel.org/linus/a76053707dbf0dc020a73b4d90cd952409ef3691

Link: https://github.com/openwrt/openwrt/pull/16005
(cherry picked from commit f0bb25aba2ded7bad98188cebe46efff4baa090f)
Link: https://github.com/openwrt/openwrt/pull/16023
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agoramips: eth: Fix PHY access over mtk_eth_soc driver
Hauke Mehrtens [Thu, 25 Jul 2024 20:09:04 +0000 (22:09 +0200)]
ramips: eth: Fix PHY access over mtk_eth_soc driver

.ndo_do_ioctl is not called any more. For PHY MII ioctl handling, the
kernel calls .ndo_eth_ioctl now.

See upstream Linux kernel commit:
https://git.kernel.org/linus/a76053707dbf0dc020a73b4d90cd952409ef3691

Link: https://github.com/openwrt/openwrt/pull/16005
(cherry picked from commit dbccc9cf9161103448737785617e6ad537c7da9f)
Link: https://github.com/openwrt/openwrt/pull/16023
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agoath79: Fix PHY access over ag71xx driver
Hauke Mehrtens [Thu, 25 Jul 2024 20:05:11 +0000 (22:05 +0200)]
ath79: Fix PHY access over ag71xx driver

.ndo_do_ioctl is not called any more. For PHY MII ioctl handling, the
kernel calls .ndo_eth_ioctl now.

The SIOCSIFHWADDR and SIOCGIFHWADDR operation are handled in the generic
code in the same way just with more input validation.

See upstream Linux kernel commit:
https://git.kernel.org/linus/a76053707dbf0dc020a73b4d90cd952409ef3691

Reported-by: Cthulhu88 in https://forum.openwrt.org/t/ethernet-leds-control-for-tp-link-tl-wr1043nd-v2-v3/202378
Link: https://github.com/openwrt/openwrt/pull/16005
(cherry picked from commit f86273e742b9f01565018494733d38438e7f0098)
Link: https://github.com/openwrt/openwrt/pull/16023
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agoltq-ptm: Fix netdev ioctls with kernel > 5.15
Hauke Mehrtens [Thu, 25 Jul 2024 19:51:42 +0000 (21:51 +0200)]
ltq-ptm: Fix netdev ioctls with kernel > 5.15

.ndo_do_ioctl is not called for SIOCDEVPRIVATE any more, the kernel
calls .ndo_siocdevprivate now.

The function gets the data pointer from the callback directly, make use
of it.

See upstream Linux kernel commit:
https://git.kernel.org/linus/b9067f5dc4a07c8e24e01a1b277c6722d91be39e

Link: https://github.com/openwrt/openwrt/pull/16005
(cherry picked from commit e33ebdd00e5aedacb996fd48987067c77e43f5f4)
Link: https://github.com/openwrt/openwrt/pull/16023
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agokernel: bump 5.15 to 5.15.163
Hauke Mehrtens [Sun, 21 Jul 2024 22:45:48 +0000 (00:45 +0200)]
kernel: bump 5.15 to 5.15.163

Manually adapted:
   lantiq/patches-5.15/0028-NET-lantiq-various-etop-fixes.patch

Link: https://github.com/openwrt/openwrt/pull/15982
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agomac80211: Fix wifi throughput
Hauke Mehrtens [Thu, 25 Jul 2024 23:13:51 +0000 (01:13 +0200)]
mac80211: Fix wifi throughput

Backport 2 patches from upstream Linux to fix a Wifi throughput
problem.

Fixes: 323e249ce8ed ("mac80211: Update to version 6.1.97-1")
Link: https://github.com/openwrt/openwrt/pull/16007
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agoOpenWrt v23.05.4: revert to branch defaults
Hauke Mehrtens [Tue, 16 Jul 2024 21:51:26 +0000 (23:51 +0200)]
OpenWrt v23.05.4: revert to branch defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agoOpenWrt v23.05.4: adjust config defaults v23.05.4
Hauke Mehrtens [Tue, 16 Jul 2024 21:51:19 +0000 (23:51 +0200)]
OpenWrt v23.05.4: adjust config defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agobuild: include tests/Makefile if available
Paul Spooren [Thu, 6 Jun 2024 17:28:52 +0000 (19:28 +0200)]
build: include tests/Makefile if available

Testing OpenWrt is important, and there is a test suite in the making.
For maximum convenience and minimal CI over-usage, make it simple to run
tests locally. The main Makefile now attempts to include
`tests/Makefile` and silently fails if it doesn't.

While the test suite[1] is still young, it provides good examples of how
to test things around OpenWrt: starting with shell scripts using
`bats`[2], followed by QEMU tests, and finally real device tests using
LabGrid[3]. This could lead to the creation of the best OpenWrt version
yet.

Please consult the `openwrt-tests.git` README.md for details on the
setup. Once installed you may run commands like the following:

* make tests/shell  # run shell tests
* make tests/x86-64 # run  and test x86/64 in QEMU

[1]: http://github.com/aparcar/openwrt-tests/
[2]: https://bats-core.readthedocs.io
[3]: https://labgrid.readthedocs.io

Signed-off-by: Paul Spooren <mail@aparcar.org>
Link: https://github.com/openwrt/openwrt/pull/15647
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit a8ff0c1b7e5aefb8bcd31e0eeb82d2c11399223f)

5 months agowolfssl: Update to version 5.7.2
Hauke Mehrtens [Sun, 14 Jul 2024 23:06:38 +0000 (01:06 +0200)]
wolfssl: Update to version 5.7.2

This fixes multiple security problems:
 * [Medium] CVE-2024-1544
   Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls.

 * [Medium] CVE-2024-5288
   A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations.

 * [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS.

 * [Low] CVE-2024-5991
   In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.

 * [Medium] CVE-2024-5814
   A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection.

 * [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received.

 * [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt.

Unset DISABLE_NLS to prevent setting the unsupported configuration
option --disable-nls which breaks the build now.

Link: https://github.com/openwrt/openwrt/pull/15948
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3a0232ffd33f2dc894c671d90de6b2766399f4dc)

5 months agomediatek: filogic: prevent faulty mac address assignment
Leon M. Busch-George [Fri, 17 May 2024 18:10:25 +0000 (20:10 +0200)]
mediatek: filogic: prevent faulty mac address assignment

The vendor U-Boot on the Cudy M3000 and the Yuncore AX835 assign random
mac addresses on boot and set the 'local-mac-address' property which
prevents Openwrt from assigning the correct address from evmem.

This patch removes the alias for ethernet0 so that U-Boot doesn't add the
property, removes the workaround from 02_network, and adds back the nvmem
definition for the M3000.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
(cherry picked from commit a55ab9e1343e85021253e9c55f67adf33ad68f09)

5 months agomediatek: filogic: add support for Cudy M3000 v1
Leon M. Busch-George [Fri, 12 Jan 2024 15:10:40 +0000 (16:10 +0100)]
mediatek: filogic: add support for Cudy M3000 v1

Hardware:
  SoC:     MT7981b
  RAM:     256 MB
  Flash:   128 MB SPI NAND
  Ethernet:
    1x 2.5Gbps (rtl8221b)
    1x 1Gbps (integrated phy)
  WiFi:    2x2 MT7981
  Buttons: Reset, WPS
  LED:     1x multicolor

Solder on UART:
  - remove rubber ring on the bottom
  - remove screws
  - pull up the cylinder, maybe help by push on an ethernet socket with a screwdriver
  - remove the (3) screws holding the board in the frame
  - remove the board from the frame to get to the screws for the silver, flat heat shield
  - remove the (3) screws holding the heat shield
  - solder UART pins to the back of the board
    - make sure to have the pins point out on side with the black, finned heat spread
    - the markings for the pins are going to be below the silver heat shield
    - Vcc is not needed

If you don't intend on using the UART outside of the installation process, you might not
want to solder:

  - carefully scrape off the thin layer of epoxy on the holes (not the copper)
  - place your pin header with the UART attached in the holes
  - the pins, starting with the one closest to the socket:
    - Vcc (not required)
    - GND
    - RX
    - TX
  - either wedge the header or hold it with your fingers so that the pins stay in contact with the board

Installation (UART):
  - attach an Ethernet cable to the 1Gbps port (black) on the router
  - hold the reset button while powering the router
  - press CTRL-C or wait for the timeout to get to the U-Boot prompt
  - prepare a TFTP server on the network to supply ..-initramfs-kernel.bin
  - use 'tftpboot' in the U-Boot shell to pull the image
  - boot the image using 'bootm'
  - push the ..-sysupgrade to the router using your preferred method
  - perform the upgrade with 'sysupgrade -n'

There is a recovery mechanism that involves fetching a file called 'recovery.bin' but that is not understood yet.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
(cherry picked from commit 20e4a18feb3f766b0f6ebec1afc154b345398a7a)

5 months agouboot-mediatek: enable rootwait for jdcloud re-cp-03
Tianling Shen [Tue, 2 Apr 2024 11:49:42 +0000 (19:49 +0800)]
uboot-mediatek: enable rootwait for jdcloud re-cp-03

Sometimes the mmc deivce may come up later than kernel attempts to
mount rootfs, resulting kernel panic. Enable rootwait to fix it.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
5 months agouboot-mediatek: fix patch order
Daniel Golle [Sun, 10 Mar 2024 13:29:14 +0000 (13:29 +0000)]
uboot-mediatek: fix patch order

Make sure patch sequence number is unique by moving patch
440-add-jdcloud_re-cp-03.patch -> 441-add-jdcloud_re-cp-03.patch

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2302a7c5ad9c894d0530b7700409b2f4ea4bcc91)

5 months agomediatek: fix lan/wan macaddr for jdcloud re-cp-03
Tianling Shen [Thu, 6 Jun 2024 09:08:48 +0000 (17:08 +0800)]
mediatek: fix lan/wan macaddr for jdcloud re-cp-03

The MAC address assigned to lan/wan was reversed.

Fixes: 6e51ff88b053 ("mediatek: add support for JDCloud RE-CP-03")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
5 months agoath79: replace "mac-address-ascii" with "mac-base"
Rafał Miłecki [Fri, 21 Jul 2023 05:34:25 +0000 (07:34 +0200)]
ath79: replace "mac-address-ascii" with "mac-base"

With upstream accepted "mac-base" binding there is no need for a
downstream "mac-address-ascii" workaround anymore.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit daaa0c1b250498acbf91697dfc75c9d3fbac3596)
Link: https://github.com/openwrt/openwrt/pull/15917
5 months agoucode: update to Git 1a8a0bcf725520820802ad433db22d8f64fbed6c (2024-07-11)
Jo-Philipp Wich [Sat, 13 Jul 2024 23:27:28 +0000 (01:27 +0200)]
ucode: update to Git 1a8a0bcf725520820802ad433db22d8f64fbed6c (2024-07-11)

96f74b5be829 ubus: make ubus_context first in uc_ubus_connection_t
7e5830edfb38 nl80211: fix datatype of NL80211_BAND_IFTYPE_ATTR_HE_CAP_{MAC,PHY} attrs
5c8fd34bac42 nl80211: fix parsing of NL80211_BAND_ATTR_VHT_MCS_SET attribute
e8d4e4fe967d nl80211: fix decoding of NL80211_BAND_IFTYPE_ATTR_HE_CAP_MCS_SET attribute
30a3f7ad0433 rtnl: store callback in listener registry only on success
9cbe8294909f rtnl: optimize reception of rtnl events
534417132e18 rtnl: increase event socket rx buffer size limit to 1 MiB
3f9811d2f7b7 compiler: close upvalues on loop control statements
ee4af9b55cb4 vm: rework object iteration
a275399dd8e2 uci: refactor uci.changes() to match documentation
1220992631d5 ubus: automatically clear error information
d6fd94014eea uci: automatically clear error information
99837f280b61 uloop: automatically clear error information
ba3855ae3775 lib: fix documentation typo for `pop()` function
be767ae197ba vm: rework `in` operator semantics
4ade84e8fb81 ubus: add explicit support for deferring incoming requests
cfe137be068a uci: remove incorrectly documentated reorder() parameter
e8d78a26da0c lib: introduce socket library
a0ad1d127ae6 build: fix symbol and library detection
674f65ee551d jsdoc: disable default module titles
a33d16a86493 socket: rework error handling
e2b81d869222 uloop: add documentation
953f36c96e8a socket: make socket.send() accept non-string data
f211d5ac666f ubus: fix uc_ubus_have_uloop for eloop+uloop combination
0662de64bd1f socket: add AF_PACKET socket type support
b594ff8a2841 socket: remove leftover debug code
0d823e702bfe socket: fix addrinfo() with omitted service argument
8cf816d615fd socket: fix potential memory leak in connect()
8f5f231d66cd socket: optimize poll() argument handling
36f106056069 socket: remove wrong documentation fragment
525fca224012 socket: uv_to_sockaddr(): fix length calculation for AF_UNIX addresses
3938645ad9e3 socket: support IPv6 addresses in struct conversion routines
3a586dc7ddbe socket: improve uc_socket_connect() behavior
7b269f1cd3d2 socket: improve uc_socket_listen() behavior
fc6f2b89febf socket: handle further socket option value types
d6f25797dad1 socket: add IPv6 socket options
7611487b9a05 socket: implement recvmsg(), sendmsg() and cmsg support
d2e44bfa8b54 core-lib: improved documentation
e0bab40c8578 fs: add truncate() file method
5d305cfb2ab7 fs: add lock() file method
8b0318f7fabe lib: introduce zlib library
73644a036f5a nl80211: move access to tb array out of uc_nl_convert_attr and below
6e3cf83a77a7 nl80211: add support for multi-attribute arrays
6ff24d5488a9 nl80211: update nl80211.h to latest wireless-next
abc2aef28641 nl80211: add wiphy multi-radio support

Fixes: https://github.com/jow-/ucode/issues/186
Fixes: https://github.com/jow-/ucode/issues/187
Fixes: https://github.com/jow-/ucode/issues/188
Fixes: https://github.com/jow-/ucode/issues/193
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 months agowireless-regdb: Update to version 2024.07.04
Hauke Mehrtens [Wed, 10 Jul 2024 21:52:41 +0000 (23:52 +0200)]
wireless-regdb: Update to version 2024.07.04

Changes:
  2a768c4 wireless-regdb: Update regulatory rules for Mongolia (MN) on 6GHz
  04875d9 wireless-regdb: Update regulatory rules for Saudi Arabia (SA) on 6GHz
  b7bced8 wireless-regdb: Update regulatory rules for South Africa (ZA) on 6GHz
  7bc8615 wireless-regdb: Update regulatory info for Thailand (TH) on 6GHz
  f901fa9 wireless-regdb: Update regulatory info for Malaysia (MY) for 2022
  d72d288 wireless-regdb: Update regulatory info for Morocco (MA) on 6GHz
  414face wireless-regdb: Update regulatory info for Chile (CL) on 6GHz
  1156a08 wireless-regdb: Update regulatory info for Mexico (MX) on 6GHz
  cc6cf7c wireless-regdb: Update regulatory info for Iceland (IS) on 6GHz
  ce03cc0 wireless-regdb: Update regulatory info for Mauritius(MU) on 6GHz
  7e37778 wireless-regdb: Update regulatory info for Argentina (AR) on 6GHz
  56f3a43 wireless-regdb: Update regulatory info for United Arab Emirates (AE) on 6GHz
  3cb8b91 wireless-regdb: Update regulatory info for Colombia (CO) on 6GHz
  3682ce5 wireless-regdb: Update regulatory info for Costa Rica (CR) for 2021
  dd4ffe7 wireless-regdb: Update regulatory info for Dominican Republic (DO) on 6GHz
  f8ef7da wireless-regdb: Update regulatory info for Liechtenstein (LI) on 6GHz
  a9ecabe wireless-regdb: Update regulatory info for Jordan (JO) for 2022
  5a9fdad wireless-regdb: Update regulatory info for Kenya (KE) for 2022
  19326c3 wireless-regdb: Update regulatory info for Macao (MO) for 2024
  4838054 wireless-regdb: update regulatory database based on preceding changes

Link: https://github.com/openwrt/openwrt/pull/15921
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 0a24fd91556e7bd4751676b5ce6324193b7a4aca)

5 months agoramips: limit max spi clock frequency to 50 MHz
Shiji Yang [Sun, 7 Jul 2024 16:05:14 +0000 (00:05 +0800)]
ramips: limit max spi clock frequency to 50 MHz

In the past few years, we have received several reports about SPI
Flash not working properly. This is caused by excessively fast
clock frequency. It's really annoying to fix them one by one. Let's
reduce these aggressive frequencies to 50 MHz. This is a safe and
suggested value in the vendor SDK.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit 73eeac49be566d389df728b5335f7146d03d2f90)
Link: https://github.com/openwrt/openwrt/pull/15919
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agomac80211: fix mesh id corruption on 32 bit systems
Felix Fietkau [Tue, 12 Sep 2023 13:17:23 +0000 (15:17 +0200)]
mac80211: fix mesh id corruption on 32 bit systems

increase size of ifmsh->mbss_changed

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 20bd3502d3a841457cc06b3aa45646258fdcba9e)
Link: https://github.com/openwrt/openwrt/pull/15836
[Moved the patch to the end of the patch queue]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agolinux-firmware: add missing LICENSE_FILES info
Florian Eckert [Wed, 13 Mar 2024 12:22:20 +0000 (13:22 +0100)]
linux-firmware: add missing LICENSE_FILES info

Where it is clear which lincense the firmware package has, the missing
information are added.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [backport]
(cherry picked from commit 535d487c41fa09b02c215799449fcd571d1dacac)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agolinux-firmware: add LICENSE_FILES and LICENSE file handling
Florian Eckert [Wed, 13 Mar 2024 12:21:34 +0000 (13:21 +0100)]
linux-firmware: add LICENSE_FILES and LICENSE file handling

The firmware blobs have all different licenses from the different
manufacturers of the binary blobs. This information is contained in the
upstream 'linux-firmware' repositroy.

This commit extends the package handling so that this information can be
added as an additional argument during packages generation.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 5c14de1d7e715ef882f34925ee6702b847efcbbd)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agokernel: update deprecated license information
Florian Eckert [Thu, 21 Mar 2024 11:55:01 +0000 (12:55 +0100)]
kernel: update deprecated license information

Update the deprecated license information from GPL-2.0 to GPL-2.0-only
as written in the COPYING file of the linux source tree.

Also add the 'COPYING' file to the PKG_LICENSE_FILES variable.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 879826154fd3e5ec353117a9c00cecf5e38c4a16)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agomac80211: add missing license information
Florian Eckert [Fri, 15 Mar 2024 10:57:14 +0000 (11:57 +0100)]
mac80211: add missing license information

The lincense information for the packages mac80211 are missing.
This commit adds the missing information.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [backport]
(cherry picked from commit 3128157ec71c7be5c2e26a04b1f4b5080ebf870a)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agoca-certificates: add missing license information
Florian Eckert [Wed, 13 Mar 2024 11:41:38 +0000 (12:41 +0100)]
ca-certificates: add missing license information

The package has no licence information. So let's fix it.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 0da116f25b1a80ac9429fd7d13ee30130494f19e)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agowireless-regdb: add missing license information
Florian Eckert [Tue, 19 Mar 2024 14:44:44 +0000 (15:44 +0100)]
wireless-regdb: add missing license information

Add the missing license information PKG_LICENSE and PKG_LICENSE_FILES.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 7a3deadf91a356b6b0ac25771854f8fa1c3e6980)
Link: https://github.com/openwrt/openwrt/pull/15918
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agoramips: Refresh kernel patches
Hauke Mehrtens [Wed, 10 Jul 2024 21:03:33 +0000 (23:03 +0200)]
ramips: Refresh kernel patches

The last patches broke this patch, refresh it again.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 months agomediatek: fix WED + wifi reset
Felix Fietkau [Fri, 19 Jan 2024 13:48:05 +0000 (14:48 +0100)]
mediatek: fix WED + wifi reset

The WLAN + WED reset sequence relies on being able to receive interrupts from
the card, in order to synchronize individual steps with the firmware.
When WED is stopped, leave interrupts running and rely on the driver turning
off unwanted ones.
WED DMA also needs to be disabled before resetting.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 2c5b3bee38eb0d76f5afe90f9969b73e19d28685)

5 months agogeneric: 6.6: mtk_eth_soc: add support for flow-control settings
Daniel Golle [Thu, 4 Jul 2024 01:19:01 +0000 (02:19 +0100)]
generic: 6.6: mtk_eth_soc: add support for flow-control settings

Add patch implementing operations to get and set flow-control link
parameters of mtk_eth_soc via ethtool.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 4a2f712f85b5e29c5763e92a0cc47265580157a3)

5 months agogeneric: 5.15: mtk_eth_soc: import accepted patches
Daniel Golle [Sat, 6 Jul 2024 03:02:31 +0000 (04:02 +0100)]
generic: 5.15: mtk_eth_soc: import accepted patches

Import patch accepted upstream.

Initial import:
 - net: ethernet: mtk_ppe: Change PPE entries number to 16K

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 27b6838afacfcd79be52b2563b870ae7b3caf8f6)

5 months agogeneric: 6.6: backport upstream commits for mtk_eth_soc
Daniel Golle [Sun, 16 Jun 2024 12:20:37 +0000 (13:20 +0100)]
generic: 6.6: backport upstream commits for mtk_eth_soc

Backport commit for mtk_eth_soc:
 * net: ethernet: mtk_eth_soc: handle dma buffer size soc specific
   (torvalds/linux@c57e558194430d10d5e5f4acd8a8655b68dade13)

Refresh pending patches which require that.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 98ddfbc56a7ffd5afef7776244998030675faa24)

5 months agokernel: backport mtd_wed/mtk_eth_soc patch for devices with more than 4GB of dram
Rafał Miłecki [Tue, 9 Jul 2024 22:29:06 +0000 (00:29 +0200)]
kernel: backport mtd_wed/mtk_eth_soc patch for devices with more than 4GB of dram

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
5 months agogeneric: move accepted patches for mtk_eth_soc to backport-5.15
Daniel Golle [Tue, 28 May 2024 22:48:16 +0000 (23:48 +0100)]
generic: move accepted patches for mtk_eth_soc to backport-5.15

In preparation to update mtk_eth_soc move accepted patches from mediatek
target to backport folder, so other patches on top can be applied more
easily.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 8730f9e5365956887b75632df29c4b2305cd82e4)

5 months agoimage: exclude initramfs-images dependency with IB
Christian Marangi [Tue, 9 Jul 2024 02:41:21 +0000 (04:41 +0200)]
image: exclude initramfs-images dependency with IB

Exclude initramfs-images dependency with IB as the target is not defined
in such context.

Fixes: cc6a0abcabf7 ("image: make images and artifacts dependent of initramfs")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit e5d23b5aa5346de30befc2b05000a3967ca5b460)

5 months agoimage: make images and artifacts dependent of initramfs
Christian Marangi [Mon, 8 Jul 2024 11:10:52 +0000 (13:10 +0200)]
image: make images and artifacts dependent of initramfs

There is currently a BIG bug in how the images dependency is handled and
recent Per Device Rootfs made this more clear and less statistical.

There is currently no dependency between images/artifacts build with
initramfs build. This cause whatever additional image that depends on an
initramfs image to fail as it might happen that image and initramfs
build are called at the same time and the additional image is called
before initramfs build has finished.

Each image-command assume the source image to be taken from the /bin
directory but that is only copied from the /tmp directory only at the
end of the process.

Artifacts currently depends on image with the use of the
BOARD-NAME-images Makefile target, but this is not the case for
initramfs that also define a -images Makefile target but that is not
accounted in images (that might depend on some initramfs images)

To actually fix this, introduce a new Makefile target, -initramfs-images
and make image and artifacts build to depend on this. Since initramfs
images are optional, this dependency is actived only when initramfs
image are built.

With this change we correctly enforce the build order:
- Initramfs Images (optional)
- Images
- Artifacts

(cherry picked from commit cc6a0abcabf718df872c0f6876d1121d3dd09953)
[ rebased on openwrt-23.05 ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
5 months agoramips: add Edimax BR-6208AC V2 support
Stefan Weil [Thu, 2 Mar 2023 20:45:50 +0000 (21:45 +0100)]
ramips: add Edimax BR-6208AC V2 support

Specifications:
- Device: Edimax BR-6208AC V2
- SoC: MT7620A
- Flash: 16 MiB
- RAM: 64 MiB
- Switch: 1 WAN, 3 LAN (10/100 Mbps)
- WiFi: MT7620 2.4 GHz + MT7610E 5 GHz
- LEDs: 1x POWER (green, not configurable)
        1x Firmware (green, configurable)
        1x Internet (green, configurable)
        1x VPN (green, configurable)
        1x 2.4G (green, not configurable)
        1x 5G (green, not configurable)

Normal installation:
- Upload the sysupgrade image via the default web interface

Installation with U-Boot and TFTP:
- Requires a TFTP server which provides the sysupgrade image
- Requires a connection to the serial port of the device, rate 57600

Signed-off-by: Stefan Weil <sw@weilnetz.de>
(cherry picked from commit 8d06bc175154db42a0550212a4b8474008939b34)