aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ltq-deu: remove driver disablement for kernel 5.4 and aboveDaniel Kestrel2022-01-061-1/+1
| | | | | | | | Remove the dependency on kernel 5.4 from the Makefile to allow the driver to compile with kernel 5.10 or kernel versions higher than 5.4. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: add aes_xts algorithmDaniel Kestrel2022-01-061-0/+324
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The lantiq AES hardware does not support the xts algorithm. Apart from the cipher text stealing (XTS), the AES XTS implementation is just an XOR with the IV, followed by AES ECB, followed by another XOR with the IV and as such can be also implemented by using the lantiq hardware's CBC AES implemention plus one additional XOR with the IV in the driver. The output IV by CBC AES is also not usable and the gfmul operation not supported by lantiq hardware. Both need to be done in the driver too in addition to the IV treatment which is the initial encryption by the other half of the input key and to set the IV to the IV registers for every block. In the generic kernel implementation, the block size for XTS is set to 16 bytes, although the algorithm is designed to process any size of input larger than 16 bytes. But since there is no way to indicate a minimum input length, the block size is used. This leads to certain issues when the skcipher walk functions are used, e.g. processing less than block size bytes is not supported by calling skcipher_walk_done. The walksize is 2 AES blocks because otherwise for splitted input or output data, less than blocksize is to be returned in some cases, which cannot be processed. Another issue was that depending on possible split of input/output data, just 16 bytes are returned while less than 16 bytes were remaining, while cipher text stealing requires 17 bytes or more for processing. For example, if the input is 60 bytes and the walk is 48, then processing 48 bytes leads to a return code of -EINVAL for skcipher_walk_done. Therefor the processed counter is used to figure out, when the actual cipher text stealing for the remaining bytes less than blocksize needs to be applied. Measured with cryptsetup benchmark, this XTS AES implementation is about 19% faster than the kernels XTS implementation that uses the hardware ECB AES (ca. 18.6 MiB/s vs. 15.8 MiB/s decryption 256b key). The implementation was tested with the kernels crypto testmgr against the kernels generic XTS AES implementation including extended tests. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: update initialisations for hmac algorithmsDaniel Kestrel2022-01-062-6/+4
| | | | | | | | | | | | The processing in the hmac algorithms depends on the status fields: count, dbn and started. Not all were initialised in the init method and after finishing the final method. Added missing fields to init method and call init method after finishing final. The memsets have the wrong size in the original driver and did not clear everything and are not necessary. Since no memset is done in the kernels generic implementation, memsets were removed. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: remove compiler warning and shorten locked sectionsDaniel Kestrel2022-01-067-43/+7
| | | | | | | | | | | | Removing hash pointer in _hmac_setkey since its not needed and causes a compiler warning. Make the spinlock control sections shorter and move initializations out of the control sections to free the spinlock faster for allowing other threads to use the hash engine. Minor improvements for indentation and removal of blanks and blank lines in some areas. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: fix temp size exceed in hmac algorithmsDaniel Kestrel2022-01-062-71/+146
| | | | | | | | | | | | | | | | | | | | | | | | | Exceeding the temp array size was not checked and instead storage not allocated by the driver was used/overwritten which in most cases resulted in reboots. This patch implements processing the input to the hash algorithm in tempsize chunks. The _hmac_final methods were changed to _hmac_final_impl adding a parameter that indicates intermediate or final processing. The started variable was added to the context to indicate, if there is an intermediate result in the context. For sha1_hmac the variable to store the intermediate hash was added to the context too. In order to avoid md5_hmac_final_impl being recursively called if the padding of the input and the resulting last transform during the hmac algorighms final processing causes the temp array to overflow and to make sure that there is at least one block in the temp array when the _hmac_final for final processing is called, the check for exceeding the temp array in _hmac_transform was moved before copying the block and incrementing dbn. dbn needs to be at least 1 at final processing time to let the hash engine apply the opad operation. To make the hash engine not apply the hmac algorithms final opad operation, for intermediate processing the dbn in the control register is set to a higher value than number of dbns are actually processed. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: fix setkey errors and static shared temp for hmac algosDaniel Kestrel2022-01-062-52/+137
| | | | | | | | | | | | | | | | | | | The hmac algorithms state, that keys larger than the key size should be hashed with the underlying hash algorithms and then those hashes are to be used as keys. This patch implements this. In order to avoid allocating a descriptor during setkey, a shash_desc pointer is added to the context. Another issue for multithreaded callers is the shared temp array. The temp array is static and as such would be shared among multithreaded callers, which obviously would neither work nor produce correct results. The temp array (4k size) is moved to the context and since the size of the context is limited, it can only be defined as pointer otherwise the initialisation of the hash algorithm fails. The allocations and freeing of both the temp and the desc pointer in the context are done by implementing cra_init and cra_exit functions for the hmac algorithms. Also improved indentation in some areas. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: fix ifxdeu-ctr-rfc3686(aes) not matching generic implDaniel Kestrel2022-01-061-1/+2
| | | | | | | | Error ifxdeu-ctr-rfc3686(aes) (16) doesn't match generic impl (20) occurs when running the cryptomgr extra tests that compare against the linux kernels generic implementation. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: changes for hash multithread callers and md5 endianessDaniel Kestrel2022-01-066-79/+45
| | | | | | | | | | | | | | | | | | | | | | | | | The algorithms sha1, sha1_hmac and md5_hmac all use ENDI=1. The md5 algorithm uses ENDI=0 and the endian_swap methods to reverse the endianess switch by using user CPU time, which is unnecessary overhead. Danube and AR9 devices do not set endianess for SHA1, so is done for MD5. Furthermore the patch replaces endian_swap with le32_to_cpu for md5 and md5 hmac algorithms and removes endian_swap for them. The init functions initialize the algorithm in the hardware. The lock is not used to write to the control register. If another thread calls another hash algo before update or final, the result will be wrong. Therefore move the algorithm init to the lock protected sections in the transform or final methods. Setting the hw key for the hmac algorithms is now done from within the lock protected sections in their final methods. The lock protecting is removed from the _hmac_setkey_hw functions. In final for md5 and sha1 the lock section is removed, because all the work was already done in transform (which is called from final). As such only copying the hash to the output is required. MD5 and MD5_HMAC produce 16 byte hashes (4 DWORDS) only, therefor writing register D5R to the hash output is removed for MD5_HMAC. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: make deu hash lock global and remove md5_hmac_ exportsDaniel Kestrel2022-01-066-48/+23
| | | | | | | | | | | All hash algorithms use the same base IFX_HASH_CON to access the hash unit. Parallel threads should not be able to call different hash algorithms and therefor a global lock is required. Fixed linker warning, that md5_hmac_init, md5_hmac_update and md5_hmac_final are static export symbols. The export symbols are not required, because the functions are exposed using shash_alg structure. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: add aes_ofb and aes_cfb algorithmsDaniel Kestrel2022-01-061-0/+194
| | | | | | | | | The functions ifx_deu_aes_cfg and ifx_deu_aes_ofb have been part of the driver ever since. But the functions and definitions to make the algorithms actually usable were missing. This patch adds the neccessary code for aes_ofb and aes_cfb algorithms. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: fix cryptomgr test errors for aesDaniel Kestrel2022-01-061-45/+44
| | | | | | | | | | | When running cryptomgr tests against the driver, there are several occurences of different errors for even and uneven splitted data in the underlying scatterlists for the ctr and ctr_rfc3686 algorithms which are now fixed. Fixed error in ctr_rfc3686_aes_decrypt function which was introduced with the previous commit by using CRYPTO_DIR_ENCRYPT in the decrypt function. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: fix cryptomgr test errors for desDaniel Kestrel2022-01-062-31/+58
| | | | | | | | | | | | | | | | | | | | | | When running cryptomgr tests against the driver, there are several occurences of different errors for setkey of des and des3-ede algorithms. Those key checks are already implemented in the kernels des implementation, so this is added as dependency and the kernel methods are called. It also required adding the kernels des/des3 context definitions to the des_ctx internal structure to be able to call the kernel methods. Fixed ifxdeu-des... setkey unexpectedly succeeded on test vector x; expected_error=-22. Fixed ifxdeu-des... setkey failed on test vector x; expected_error=0, actual_error=-22. Renamed des_ctx internal structure and des_encrypt/des_decrypt methods because they are already defined in the kernel module. Fixed wrong DES_xxx constant definitions in crypto_alg definition for ifxdeu_des3_ede_alg. Fixed method comment errors. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: convert SHA1 after library impl of SHA1 was removedDaniel Kestrel2022-01-062-9/+9
| | | | | | | | | The <linux/cryptohash.h> was removed with Linux 5.8, because it only contained the library implementation of SHA1, which was folded into <crypto/sha.h>. So switch this driver away from using <linux/cryptohash.h>. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: convert blkcipher to skcipherDaniel Kestrel2022-01-063-464/+413
| | | | | | | | | Convert blkcipher to skcipher for the synchronous versions of AES, DES and ARC4. The Block Cipher API was depracated for a while and was removed with Linux 5.5. So switch this driver to the skcipher API. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: set correct control register for AESDaniel Kestrel2022-01-061-1/+1
| | | | | | | | | | | | Some devices initialize AES during boot and AES works out of the box and the correct endianess is set. NDC means (No Danube Compatibility Mode) and the endianess setting has no effect if its set to 0. NDC 0: OFF ENDI bit cannot be written as in Danube To make it work for other devices, the NDC control register needs to be set to 1. Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: make cipher/digest usable by opensslMathias Kresin2022-01-059-28/+28
| | | | | | | | | | OpenSSL with cryptdev support uses the data encryption unit (DEU) driver for hard accelerated processing of ciphers/digests, if the flag CRYPTO_ALG_KERN_DRIVER_ONLY is set. Signed-off-by: Mathias Kresin <dev@kresin.me> [fix commit title prefix] Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: aes-ctr: process all input dataMathias Kresin2022-01-051-31/+21
| | | | | | | | | | | | | | | | | | | | | | | Even if the minimum blocksize is set to 16 (AES_BLOCK_SIZE), the crypto manager tests pass 499 bytes of data to the aes-ctr encryption, from which only 496 bytes are actually encrypted. Reading the comment regarding the minimum blocksize, it only states that it's the "smallest possible unit which can be transformed with this algorithm". Which doesn't necessarily mean, the data have to be a multiple of the minimal blocksize. All kernel hardware crypto driver enforce a minimum blocksize of 1, which perfect fine works for the lantiq data encryption unit as well. Lower the blocksize limit to 1, to process not padded data as well. In AES for processing the remaining bytes, uninitialized pointers were used. This patch fixes using uninitialized pointers and wrong offsets. Signed-off-by: Mathias Kresin <dev@kresin.me> [fix commit title prefix] Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: aes: do not read/write behind bufferMathias Kresin2022-01-051-12/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When handling non-aligned remaining data (not padded to 16 byte [AES_BLOCK_SIZE]), a full 16 byte block is read from the input buffer and written to the output buffer after en-/decryption. While code already assumes that an input buffer could have less than 16 byte remaining, as it can be seen by the code zeroing the remaining bytes till AES_BLOCK_SIZE, the full AES_BLOCK_SIZE is read. An output buffer size of a multiple of AES_BLOCK_SIZE is expected but never validated. To get rid of the read/write behind buffer, use a temporary buffer when dealing with not padded data and only write as much bytes to the output as we read. Do not memcpy directly to the register, to make used of the endian swap macro and to trigger the crypto start operator via the ID0R to trigger the register. Since we might need an endian swap for the output in future, use a temporary buffer for the output as well. The issue could not be observed so far, since all caller of ifx_deu_aes will ignore the padded (remaining) data. Considering that the minimum blocksize for the algorithm is set to AES_BLOCK_SIZE, the behaviour could be called expected. Signed-off-by: Mathias Kresin <dev@kresin.me> [fix commit title prefix] Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* ltq-deu: init des/aes before registering crpyto algorithmsMathias Kresin2022-01-052-3/+2
| | | | | | | | | | | | | | The crypto algorithms are registered and available to the system before the chip is actually powered on and the generic parameter for the DEU behaviour set. The issue can mainly be observed if the crypto manager tests are enabled in the kernel config. The crypto manager test run directly after an algorithm is registered. Signed-off-by: Mathias Kresin <dev@kresin.me> [fix commit title prefix] Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
* mediatek: Clause-45 MDIO patch accepted upstreamDaniel Golle2022-01-056-255/+310
| | | | | | | To easy future maintainance, replace the local patch with what has been accepted into net-next and is likely to end up in Linux 5.17. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* qoriq: Expand generic subtarget descriptionMatt Fawcett2022-01-051-1/+3
| | | | | | Signed-off-by: Matt Fawcett <mattytap@icloud.com> [remove trailing whitespace] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* mediatek: let mtk_eth_soc MAC announce 2500Base-T modeDaniel Golle2022-01-051-0/+10
| | | | | | | | To allows Ethernet phys supporting 2500Base-T mode to announce that speed, enable the corresponding bit in mtk_eth_soc driver. This should hopefully unlock 2500Base-T speed on the UniFi 6 LR. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: improve driver support for gen-3 Aquantia Ethernet PHYsDaniel Golle2022-01-054-11/+61
| | | | | | | | | | | | | | * correctly set system side interface, the original patch was errornous and there is a follow-up fix for it * enable phy statistics for AQR112(+R/C) and ARQ412 (ethtool --phy-statistics ethX) Tested, including phy-statistics, on - IEI Puzzle M901 (AQR112, AQR112C, AQR112R) - IEI Puzzle M902 (AQR113, AQR112R) - Ubiquiti UniFi 6 LR (AQR112C) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uml: drop Kernel 5.4Paul Spooren2022-01-043-477/+0
| | | | | | After the switch to Kernel 5.10 the old files are no longer required. Signed-off-by: Paul Spooren <mail@aparcar.org>
* uml: switch to Kernel 5.10Paul Spooren2022-01-041-2/+1
| | | | | | Switch over from testing version. Signed-off-by: Paul Spooren <mail@aparcar.org>
* ipq807x: drop targetPaul Spooren2022-01-034-705/+0
| | | | | | | | | | | The target is in an incomplete state and will not receive Kernel 5.10 support, ego it should be dropped before the next release. People are working on ipq807x with Kernel 5.15 which is only relevant for the second next release. Once a working patchset exists the target can be added again. Signed-off-by: Paul Spooren <mail@aparcar.org>
* lua: add HOST_FPIC for host buildsPaul Spooren2022-01-032-4/+4
| | | | | | | | | Compiling without fPIC causes linking issues for packages using liblua. Add $(HOST_FPIC) to host builds for both lua and lua5.3. Suggested-by: Rosen Penev <rosenp@gmail.com> Signed-off-by: Paul Spooren <mail@aparcar.org>
* kernel: 5.10: backport qca8k new featureAnsuel Smith2022-01-0310-1/+1274
| | | | | | | | | | | Backport qca8k new feature: - Ageing configuration support - Add 2 missing counter on qca8337 - Convert to regmap - Standardize define and code with GENMASK AND BITFILED macro - Add mdb add/del support Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* kernel: 5.10: backport additional qca8k fixesAnsuel Smith2022-01-033-0/+123
| | | | | | | | | Backport 3 additional fixes for qca8k. - Fix MTU calculation - Fix a bug with config set to the wrong PAD when secondary cpu port is defined. - Fix redundant check in parse_port_config Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* kernel: bump 5.10 to 5.10.89Rui Salvaterra2022-01-0313-128/+18
| | | | | | | | | | | Deleted (upstreamed): bcm27xx/patches-5.10/950-0186-pinctrl-bcm2835-Change-init-order-for-gpio-hogs.patch [1] sunxi/patches-5.10/103-arm64-dts-allwinner-orangepi-zero-plus-fix-PHY-mo.patch [2] [1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.89&id=ba696b470839d70c6b8290c1f798bac7fb2a584c [2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.89&id=93a957bbf46ceb224b959de61fe85cfc6f71b6c7 Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* kernel: bump 5.4 to 5.4.169John Audia2022-01-039-16/+16
| | | | | | | | | | | All patches automatically rebased. Build system: x86_64 Build-tested: ramips/mt7621* *Had to revert 7f1edbd in order to build due to FS#4149 Signed-off-by: John Audia <graysky@archlinux.us>
* ipq806x: ASRock g10: fix bogus read errorsStefan Lippers-Hollmann2022-01-021-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Properly declare that the g10 is booting from NAND and define its correct (larger than on other devices-) boot_pages_size, to prevent the kernel from constantly falling over missing OOB error correction for the bootloader. This patch prevents a constant slew of (bogus) read errors reported by the kernel and keeping the CPU busy and fixes: blk_update_request: I/O error, dev mtdblock0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 16 op 0x0:(READ) flags 0x80700 phys_seg 2 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 24 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 Buffer I/O error on dev mtdblock0, logical block 0, async page read blk_update_request: I/O error, dev mtdblock0, sector 32 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 40 op 0x0:(READ) flags 0x80700 phys_seg 7 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 48 op 0x0:(READ) flags 0x80700 phys_seg 6 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 56 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 64 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 0 Buffer I/O error on dev mtdblock0, logical block 1, async page read Buffer I/O error on dev mtdblock1, logical block 0, async page read Buffer I/O error on dev mtdblock1, logical block 1, async page read Buffer I/O error on dev mtdblock2, logical block 0, async page read Buffer I/O error on dev mtdblock2, logical block 1, async page read Buffer I/O error on dev mtdblock3, logical block 0, async page read Buffer I/O error on dev mtdblock3, logical block 0, async page read Buffer I/O error on dev mtdblock4, logical block 0, async page read Buffer I/O error on dev mtdblock4, logical block 1, async page read Suggested-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
* binutils: fix compiling with arch-based distrosNick Hainke2022-01-021-2/+2
| | | | | | | | | | | | | | | | | | | Arch Linux users have encountered problems with packages that have a dependency on binutils. This error happens when libtool is doing: libtool: relink: ... So change PKG_FIXUP to "patch-libtool". Fixes error in the form of: libtool: install: error: relink `libctf.la' with the above command before installing it Upstream Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=28545 OpenWrt Bug: https://bugs.openwrt.org/index.php?do=details&task_id=4149 Acked-by: John Audia <graysky@archlinux.us> Signed-off-by: Nick Hainke <vincent@systemli.org>
* openssl: bump to 1.1.1mEneas U de Queiroz2022-01-013-14/+7
| | | | | | | | | | | | | This is a bugfix release. Changelog: *) Avoid loading of a dynamic engine twice. *) Fixed building on Debian with kfreebsd kernels *) Prioritise DANE TLSA issuer certs over peer certs *) Fixed random API for MacOS prior to 10.12 Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* ramips: add ASUS RT-AC1200GU as alt nameShiji Yang2022-01-021-0/+2
| | | | | | | | | | | | RT-AC57U and RT-AC1200GU are the same models sold in different countries. The purpose of this commit is to allow users to easily find the corresponding firmware through the model number on the device label. More specifications: 14e0e4f138e3 ("ramips: add support for ASUS RT-AC57U") Signed-off-by: Shiji Yang <yangshiji66@qq.com> [reword commit title/message] Signed-off-by: Sungbo Eo <mans0n@gorani.run>
* ramips: add support for ipTIME T5004Sungbo Eo2022-01-024-0/+141
| | | | | | | | | | | | | | | | | | | | | | | | ipTIME T5004 is a 5-port Gigabit Ethernet router, based on MediaTek MT7621A. Specifications: * SoC: MT7621AT * RAM: 128 MiB * Flash: NAND 128 MiB * Ethernet: 5x 1GbE * Switch: SoC built-in * UART: J4 (57600 baud) * Pinout: [3V3] (TXD) (RXD) (GND) Installation via web interface: 1. Flash **initramfs** image through the stock web interface. 2. Boot into OpenWrt and perform sysupgrade with sysupgrade image. Revert to stock firmware via recovery mode: 1. Press reset button, power up the device, wait >15s for CPU LED to stop blinking. 2. Upload stock image to TFTP server at 192.168.0.1. Signed-off-by: Sungbo Eo <mans0n@gorani.run>
* tools/cmake: update to version 3.22.1Josef Schlehofer2021-12-311-2/+2
| | | | Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* hostapd: refresh patchsetNick Hainke2021-12-314-11/+11
| | | | | | | | | | | | | | Recently the hostapd has undergone many changes. The patches were not refreshed. Refreshed with make package/hostapd/{clean,refresh} Refreshed: - 380-disable_ctrl_iface_mib.patch - 600-ubus_support.patch - 700-wifi-reload.patch - 720-iface_max_num_sta.patch Signed-off-by: Nick Hainke <vincent@systemli.org>
* nftables: allow quoted string in flowtable_expr_memberStijn Tintel2021-12-312-1/+45
| | | | | | | This is required to be able to use flow offloading on devices with ifnames that start with a digit, like 6in4-wan6. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* x86: add/improve support for Sophos SG/XG productsRaylynn Knight2021-12-292-2/+12
| | | | | | | | * Add support for Sophos SG/XG-115 r1, r2 with/without wireless * Add support for Sophos SG/XG-125 r1, r2 with/without wireless * Add wireless support for SG/XG-105 Signed-off-by: Raylynn Knight <rayknight@me.com>
* ath79: add usb-phy-analog to reset list in qca953x.dtsiJinfan Lei2021-12-291-2/+2
| | | | | | | | | | | | | On startup the USB of QCA9531 board can't be initialized successfully. lsusb result as below: root@OpenWrt:~# lsusb unable to initialize libusb: -99 This is because usb-phy-analog is not added to reset list. Signed-off-by: Jinfan Lei <153869379@qq.com> (added linebreaks and small little changes to the commit message) Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* kernel: 5.10: add patches to fix macronix flashNick Hainke2021-12-293-1/+65
| | | | | | | | | | | | | | | | | | | | | | | mtd: spi-nor: locking support for MX25L6405D Macronix MX25L6405D supports locking with four block-protection bits. Currently, the driver only sets three bits. If the bootloader does not sustain the flash chip in an unlocked state, the flash might be non-writeable. Add the corresponding flag to enable locking support with four bits in the status register. mtd: spi-nor: disable 16-bit-sr for macronix Macronix flash chips seem to consist of only one status register. These chips will not work with the "16-bit Write Status (01h) Command". Disable SNOR_F_HAS_16BIT_SR for all Macronix chips. Refreshed: - 0052-mtd-spi-nor-use-4-bit-locking-for-MX25L12805D.patch Fixes: 15aa53d7ee65 ("ath79: switch to Kernel 5.10") Signed-off-by: Nick Hainke <vincent@systemli.org>
* utils/px5g-wolfssl: make selfsigned certicates compatible with chromiumSergey V. Lobanov2021-12-292-1/+21
| | | | | | | | | | | | | | Chromium based web-browsers (version >58) checks x509v3 extended attributes. If this check fails then chromium does not allow to click "Proceed to ... (unsafe)" link. This patch add three x509v3 extended attributes to self-signed certificate: 1. SAN (Subject Alternative Name) (DNS Name) = CN (common name) 2. Key Usage = Digital Signature, Non Repudiation, Key Encipherment 3. Extended Key Usage = TLS Web Server Authentication SAN will be added only if CONFIG_WOLFSSL_ALT_NAMES=y Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
* libs/wolfssl: add SAN (Subject Alternative Name) supportSergey V. Lobanov2021-12-292-2/+7
| | | | | | | | | x509v3 SAN extension is required to generate a certificate compatible with chromium-based web browsers (version >58) It can be disabled via unsetting CONFIG_WOLFSSL_ALT_NAMES Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
* ramips: add support for ipTIME A3004TWonJung Kim2021-12-293-0/+190
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ipTIME A3004T is a 2.4/5GHz band router, based on Mediatek MT7621. Specifications: - SoC: MT7621 (880MHz) - RAM: DDR3 256M - Flash: NAND 128MB (Macronix NAND 128MiB 3,3V 8-bit) - WiFi: - 2.4GHz: MT7615E - 5GHz : MT7615E - Ethernet: - 4x LAN - 1x WAN - USB: 1 * USB3.0 port - UART: - 3.3V, TX, RX, GND / 57600 8N1 Installation via web interface: 1. Flash initramfs image using OEM's Recovery mode 2. Boot into OpenWrt and perform sysupgrade with sysupgrade image. Revert to stock firmware: - Flash stock firmware via OEM's Recovery mode How to use OEM's Recovery mode: 1. Power up with holding down the reset key until CPU LED stop blinking. 2. Set fixed ip with `192.168.0.2` with subnet mask `255.255.255.0` 3. Flash image via tftp to `192.168.0.1` Additional Notes: This router shares one MT7915E chip for both 2.4Ghz/5Ghz. radio0 will not working on 5Ghz as it's not connected to the antenna. Signed-off-by: WonJung Kim <git@won-jung.kim> (added led dt-bindings) Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* ramips: add support for WeVO AIR DUOSungbo Eo2021-12-293-1/+216
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WeVO AIR DUO is a 1-bay NAS & 802.11ac (Wi-Fi 5) router, based on MediaTek MT7620A. Specifications: * SoC: MT7620A * RAM: 64 MiB * Flash: SPI NOR 16 MiB * USB & SATA bridge controller: JMicron JMS567 * SATA 6Gb/s: 2.5" drive slot * USB 3.0: Micro-B * USB 2.0: connected to SoC * Wi-Fi: * 2.4 GHz: SoC built-in * 5 GHz: MT7612EN * Ethernet: 5x 1GbE * Switch: MT7530WU * UART: 4-pin 1.27 mm pitch through-hole (57600 baud) * Pinout: (3V3)|(RXD) (TXD) (GND) Notes: * The drive is accessible through the external USB port only when the router is turned off. Installation via web interface: 1. Flash **initramfs** image through the stock web interface. The image filename should have ".upload" extension. 2. Boot into OpenWrt and perform sysupgrade with sysupgrade image. Revert to stock firmware: 1. Perform sysupgrade with stock image. Signed-off-by: Sungbo Eo <mans0n@gorani.run>
* bcm27xx: add AMP2 to HifiBerry DAC+ / DAC+ Pro packageTorsten Duwe2021-12-291-6/+9
| | | | | | | | | | | | | According to the vendor [1] these HATs share the same DT overlay: hifiberry-dacplus. The PCM512x-compatible control unit is attached to I2C, so the additional snd-soc-pcm512x-i2c kernel module is required. Also explicitly note the Amp2 support to reduce confusion for those users. [1] <https://www.hifiberry.com/docs/software/configuring-linux-3-18-x/> Signed-off-by: Torsten Duwe <duwe@lst.de> (added bcm27xx tag, changed commit message) Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* kirkwood: add support for two clones from EndianPawel Dembicki2021-12-294-0/+241
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | They are Endian 4i Edge 200 and his clone Endian UTM Mini. Hardware: - SoC: Marvell 88F6281-A1 ARMv5TE Processor 1.2GHz - Ram: 512MB (4x Nanya NT5TU128M8GE-AC) - NAND Flash: 512MB (Micron 29F4G08AAC) - Lan 1-4: 4x GBE (Marvell 88E6171R-TFJ2) - Lan 5: 1x GBE (Marvell 88E1116R-NNC1) - Storage: MicroSD Slot - WLAN: MiniPCIe Slot present, and fitted with SparkLan WPEA-110N/E (Atheros AR9280 chipset) (ONLY Endian UTM Mini WLAN) - USB: 1x USB 2.0 port - Console: RJ-45 port - LEDs: 3x GPIO controlled Notes: - WLAN led (Endian UTM Mini) is drived by MPCIE card Installation by TFTP + serial: - Setup TFTP server and copy initramfs image - Connect serial console - Stop booting in u-boot - Do: setenv bootargs 'console=ttyS0,115200n8 earlyprintk' saveenv setenv serverip 192.168.1.1 setenv ipaddr 192.168.1.2 tftpboot 0x1200000 openwrt-kirkwood-endian_4i-edge-200-initramfs-uImage bootm 0x1200000 - copy sysupgrade image via ssh. - run sysupgrade Installation by USB + serial: - Copy initramfs image to fat32 usb drive - Connect pendrive to USB 2.0 front socket - Connect serial console - Stop booting in u-boot - Do: setenv bootargs 'console=ttyS0,115200n8 earlyprintk' saveenv usb reset fatload usb 0:1 0x1200000 openwrt-kirkwood-endian_4i-edge-200-initramfs-uImage bootm 0x1200000 - copy sysupgrade image via ssh. - run sysupgrade Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
* kirkwood: add support for NETGEAR ReadyNAS Duo v2Pawel Dembicki2021-12-2913-2/+601
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NETGEAR ReadyNAS Duo v2 is a NAS based on Marvell kirkwood SoC. Specification: - Processor Marvell 88F6282 (1.6 GHz) - 256MB RAM - 128MB NAND - 1x GBE LAN port (PHY: Marvell 88E1318) - 1x USB 2.0 - 2x USB 3.0 - 2x SATA - 3x button - 5x leds - serial on J5 connector accessible from rear panel (115200 8N1) (VCC,TX,RX,GND) (3V3 LOGIC!) Installation by USB + serial: - Copy initramfs image to fat32 usb drive - Connect pendrive to USB 2.0 front socket - Connect serial console - Stop booting in u-boot - Do: usb reset setenv bootargs 'console=ttyS0,115200n8 earlyprintk' setenv bootcmd 'nand read.e 0x1200000 0x200000 0x600000;bootm 0x1200000' saveenv fatload usb 0:1 0x1200000 openwrt-kirkwood-netgear_readynas-duo-v2-initramfs-uImage bootm 0x1200000 - copy sysupgrade image via ssh. - run sysupgrade Installation by TFTP + serial: - Setup TFTP server and copy initramfs image - Connect serial console - Stop booting in u-boot - Do: setenv bootargs 'console=ttyS0,115200n8 earlyprintk' setenv bootcmd 'nand read.e 0x1200000 0x200000 0x600000;bootm 0x1200000' saveenv setenv serverip 192.168.1.1 setenv ipaddr 192.168.1.2 tftpboot 0x1200000 openwrt-kirkwood-netgear_readynas-duo-v2-initramfs-uImage bootm 0x1200000 - copy sysupgrade image via ssh. - run sysupgrade Known issues: - Power button and PHY INTn pin are connected to the same GPIO. It causes that every network restart button is pressed in system. As workaround, button is used as regular BTN_1. For more info please look at file: RND_5.3.13_WW.src/u-boot/board/mv_feroceon/mv_hal/usibootup/usibootup.c from Netgear GPL sources. Tested-by: Raylynn Knight <rayknight@me.com> Tested-by: Lech Perczak <lech.perczak@gmail.com> Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
* kernel: generic: backport linkstation-poweroff driverPawel Dembicki2021-12-294-0/+254
| | | | | | | | | | | Linkstation poweroff driver was added to mvebu target, but is required for kirkwood target too. This commit make two changes: - move linkstation-poweroff support patch from mvebu to generic and replace upstream accepted version - backport small linkstation-poweroff fix from 5.12 Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>