aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* OpenWrt v22.03.5: adjust config defaultsv22.03.5Hauke Mehrtens2023-04-275-9/+11
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ramips: reduce Archer AX23 / MR70X SPI-frequencyDavid Bauer2023-04-272-2/+2
| | | | | | | | | | | | | | | It was brought to attention the Archer AX23 v1 fails to read jffs2 data from time to time. While this is not reproducible on my unit, it is on others. Reducing the SPI frequency does the trick. While it worked with at lest 40 MHz, opt for the cautious side and choose a save frequency of 25 MHz. Apply the same treatment to the Mercusys MR70X which uses a similar design just in case. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 2c530fcb972c112e7a2b10f9c21ac6d276624b5e)
* ccache: update to 4.6.3Nick Hainke2023-04-273-35/+3
| | | | | | | | | | | Release Notes: https://ccache.dev/releasenotes.html#_ccache_4_6_3 Refresh patch: - 100-honour-copts.patch Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit 83ea2e11b4b7872642bc7ac587361ccd783308f2)
* tools/ccache: update to 4.6.2Nick Hainke2023-04-273-5/+5
| | | | | | | | Release notes: https://ccache.dev/releasenotes.html#_ccache_4_6_2 Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit ac61cf596cc4cdfb93981361b093c1d97e4a1b96)
* tools/ccache: update to 4.6.1Nick Hainke2023-04-272-3/+3
| | | | | | | | Release notes: https://ccache.dev/releasenotes.html#_ccache_4_6_1 Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit 2e87e24e43c49565e23643eb6eceef8455434647)
* ramips: fix lzma-loader for buffalo_WSR_600DHPHaoan Li2023-04-231-0/+1
| | | | | | | | | This fixes a well known "LZMA ERROR 1" error, reported previously on numerous of similar devices. Fixes: #11919 Signed-off-by: Haoan Li <lihaoan1001@163.com> (cherry picked from commit c7b484f3647c58da2f86395228a9927290a6f6ed)
* ath79: create Aruba AP-105 APBoot compatible imageDavid Bauer2023-04-181-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Alter the Aruba AP-105 image generation process so OpenWrt can be loaded with the vendor Aruba APBoot. This works by prepending the OpenWrt LZMA loader to the uImage and jumping directly to the loader. Aruba does not offer bootm on these boards. This approach keeps compatibility to devices which had their U-Boot replaced. Both bootloaders can boot the same image. The same modification is most likely also possible for the Aruba AP-175. With this patch, new installations do not require replacing the bootloader and can be performed from the serial console without opening the case. Installation ------------ 1. Attach to the serial console of the AP-105. Interrupt autoboot and change the U-Boot env. $ setenv apb_rb_openwrt "setenv ipaddr 192.168.1.1; setenv serverip 192.168.1.66; netget 0x84000000 ap105.bin; go 0x84000040" $ setenv apb_fb_openwrt "cp.b 0xbf040000 0x84000000 0x10000; go 0x84000040" $ setenv bootcmd "run apb_fb_openwrt" $ saveenv 2. Load the OpenWrt initramfs image on the device using TFTP. Place the initramfs image as "ap105.bin" in the TFTP server root directory, connect it to the AP and make the server reachable at 192.168.1.66/24. $ run apb_rb_openwrt 3. Once OpenWrt booted, transfer the sysupgrade image to the device using scp and use sysupgrade to install the firmware. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit e11d00d44c66b1534fbc399fda55951cd0a2168a)
* openssl: fix CVE-2023-464 and CVE-2023-465Eneas U de Queiroz2023-04-173-1/+263
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Apply two patches fixing low-severity vulnerabilities related to certificate policies validation: - Excessive Resource Usage Verifying X.509 Policy Constraints (CVE-2023-0464) Severity: Low A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. - Invalid certificate policies in leaf certificates are silently ignored (CVE-2023-0465) Severity: Low Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Note: OpenSSL also released a fix for low-severity security advisory CVE-2023-466. It is not included here because the fix only changes the documentation, which is not built nor included in any OpenWrt package. Due to the low-severity of these issues, there will be not be an immediate new release of OpenSSL. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* kernel: backport fix for recently introduced UBI bugDaniel Golle2023-04-152-2/+71
| | | | | | | | | | Import commit "ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size" which did not yet make it to stable upstream Linux trees. Fixes: #12232 Fixes: #12339 Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit aad34818b50029e07ed9221ae46f9770d6e29785)
* uclient: update to Git version 2023-04-13Matthias Schiffer2023-04-131-3/+3
| | | | | | | | | 007d94546749 uclient: cancel state change timeout in uclient_disconnect() 644d3c7e13c6 ci: improve wolfSSL test coverage dc54d2b544a1 tests: add certificate check against letsencrypt.org Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> (cherry picked from commit 4f1c2e8deef10e9ca34ceff5a096e62aaa668e90)
* OpenWrt v22.03.4: revert to branch defaultsDaniel Golle2023-04-095-11/+9
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* OpenWrt v22.03.4: adjust config defaultsv22.03.4Daniel Golle2023-04-095-9/+11
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* imagebuilder: allow to specific ROOTFS_PARTSIZEPaul Spooren2023-04-091-1/+3
| | | | | | | | | | | | Setting this options modifies the rootfs size of created images. When installing a large number of packages it may become necessary to increase the size to have enough storage. This option is only useful for supported devices, i.e. with an attached SD Card or installed on a hard drive. Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 7b7edd25a571568438c886529d3443054e02f55f)
* ramips: define remapping-range for DAP-X1860David Bauer2023-04-081-0/+7
| | | | | | | | | | Prevent the BBT translation layer from remapping the UBI used for storing rootfs. Explicitly define the number of blocks reserved for remapping. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 076da59f17803e9412ef5e50988aff6c7e536292)
* ramips: add support for D-Link DAP-X1860 A1Sebastian Schaper2023-04-086-0/+234
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The DAP-X1860 is a wall-plug AX1800 repeater. Specifications: - MT7621, 256 MiB RAM, 128 MiB SPI NAND - MT7915 + MT7975 2x2 802.11ax (DBDC) - Ethernet: 1 port 10/100/1000 - LED RSSI bargraph (2x green, 1x red/orange), status and RSSI LEDs are incorrectly populated red/orange (should be red/green according to documentation) Installation: - Keep reset button pressed during plug-in - Web Recovery Updater is at 192.168.0.50 - Upload factory.bin, confirm flashing (seems to work best with Chromium-based browsers) Revert to OEM firmware: - tar -xvf DAP-X1860_RevA_Firmware_101b94.bin - openssl enc -d -md md5 -aes-256-cbc -in FWImage.st2 \ -out FWImage.st1 -k MB0dBx62oXJXDvt12lETWQ== - tar -xvf FWImage.st1 - flash kernel_DAP-X1860.bin via Recovery Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net> (cherry picked from commit 3c31f6b521bb5fc49e222a8f2bcd454b73452a0e)
* ramips: lower re305-v3 spi-max-frequencyJoe Mullally2023-04-081-1/+1
| | | | | | | | | | | | | | Fix flash I/O instability observed in newer devices with cFeon QH64A-104HIP (detected as en25qh64). Ref: https://forum.openwrt.org/t/support-for-tp-link-re305-v3/75893/91 Reported-by: Dimitri Souza <dimitri.souza@gmail.com> Tested-by: Dimitri Souza <dimitri.souza@gmail.com> Signed-off-by: Joe Mullally <jwmullally@gmail.com> [alter commit-message - target master] Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 2122c80b321d439cf8b669ae26fcfeec605cf2cc)
* lantiq: fix lzma-loader for Netgear DGN 3500(B)Maik Goette2023-04-022-5/+18
| | | | | | | | Fixes Uncompressing Kernel Image ... ERROR: LzmaDecode.c, 561 Fixes: #11701 for both 3500(B) Signed-off-by: Maik Goette <github@beeit.de> (cherry picked from commit 4d9c38d654fdfb72ef641573bbf5b0f73f638f2e)
* iproute2: add missing libbpf dependencyKien Truong2023-04-021-1/+1
| | | | | | | | | | | | | | | | | | | This patch adds libbpf to the dependencies of tc-mod-iptables. The package tc-mod-iptables is missing libbpf as a dependency, which leads to the build failure described in bug #9491 LIBBPF_FORCE=on set, but couldn't find a usable libbpf The build dependency is already automatically added because some other packages from iproute2 depend on libbpf, but bpftools has multiple build variants. With multiple build variants none gets build by default and the build system will not build bpftools before iproute2. Fixes: #9491 Signed-off-by: Kien Truong <duckientruong@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit fa468d4bcdc7e6eb84ea51d9b05368ed87c43aae)
* ath79: tiny: Do not build TPLink WPA8630Pv2 by defaultJoe Mullally2023-04-021-0/+1
| | | | | | | | | | | 22.03.1+ and snapshot builds no longer fit the 6M flash space available for these models. This disables failing buildbot image builds for these devices. Images can still be built manually with ImageBuilder. Signed-off-by: Joe Mullally <jwmullally@gmail.com> (cherry picked from commit 4965cbd259bb9001e8724f53520f4be1e4723212)
* ramips: mt7621: mikrotik 760igs (hEX S) fix SFPJohn Thomson2023-04-021-0/+1
| | | | | | | | | | | | | | This device uses an AR8031/AR8033 chip to convert SoC gmac1 RGMII to 1000base-x or sgmii for the SFP fibre cage. The SFP cage requires phy-mode rgmii-rxid, and without it will not recieve any packets: ethtool -S sfp rx_fcs_errors will increase when packets should be being received, but no other _rx counters will change. Fixes: c77858aa792 ("ramips: mt7621-dts: change phy-mode of gmac1 to rgmii") Reviewed-by: Robert Marko <robimarko@gmail.com> Reviewed-by: Arınç ÜNAL <arinc.unal@arinc9.com> Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au> (cherry picked from commit 7ea965b57803ceec20222279377e611652ac217f)
* openssl: fix variable reference in conffilesEneas U de Queiroz2023-04-021-3/+3
| | | | | | | | | | | | | Fix the trivial abscence of $() when assigning engine config files to the main libopenssl-config package even if the corresponding engines were not built into the main library. This is mostly cosmetic, since scripts/ipkg-build tests the file's presence before it is actually included in the package's conffiles. Fixes: 30b0351039 "openssl: configure engine packages during install" Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit c75cd5f6028da6ceb1fb3438da93e2305cd720b1)
* ath79: use lzma-loader for Senao initramfs imagesMichael Pratt2023-04-021-0/+1
| | | | | | | | | | Some vendors of Senao boards have put a bootloader that cannot handle both large gzip or large lzma files. There is no disadvantage by doing this for all of them. Signed-off-by: Michael Pratt <mcpratt@pm.me> (cherry picked from commit 8342c092a03caedbf160d4ac3982c6a9be91261f)
* ath79: Fix glinet ar300m usb not workingLuo Chongjun2023-04-022-13/+8
| | | | | | | | | | | | | | | | | | | glinet forum users reported the problem at https://forum.gl-inet.com/t/gl-ar300m16-openwrt-22-03-0-rc5-usb-port-power-off-by-default/23199 The current code uses the regulator framework to control the USB power supply. Although usb0 described in DTS refers to the regulator by vbus-supply, but there is no code related to regulator implemented in the USB driver of QCA953X, so the USB of the device cannot work. Under the regulator framework, adding the regulator-always-on attribute fixes this problem, but it means that USB power will not be able to be turned off. Since we need to control the USB power supply in user space, I didn't find any other better way under the regulator framework of Linux, so I directly export gpio. Signed-off-by: Luo Chongjun <luochongjun@gl-inet.com> (cherry picked from commit b352124cd2115fec648a00956a848660df9477d3)
* toolchain: musl: Fix symbol loading in gdbHauke Mehrtens2023-04-021-0/+61
| | | | | | | | | | Fix DT_DEBUG handling on MIPS in musl libc. With this change gdb will load the symbol files for shared libraries on MIPS too. This patch was taken from this thread: https://www.openwall.com/lists/musl/2022/01/09/4 Signed-off-by: Hauke Mehrtens <hmehrtens@maxlinear.com> (cherry picked from commit fcdd407e8e16b90e1995789ba217be5591a88d2f)
* wireless-regdb: update to 2023.02.13Yuu Toriyama2023-04-021-2/+2
| | | | | | | | | | | | | Changes: 7f7a9f7 wireless-regdb: update regulatory database based on preceding changes 660a1ae wireless-regdb: Update regulatory info for Russia (RU) on 5GHz fe05cc9 wireless-regdb: Update regulatory rules for Japan (JP) on 6GHz d8584dc wireless-regdb: Update regulatory rules for Japan (JP) on 5GHz c04fd9b wireless-regdb: update regulatory rules for Switzerland (CH) f29772a wireless-regdb: Update regulatory rules for Brazil (BR) Signed-off-by: Yuu Toriyama <PascalCoffeeLake@gmail.com> (cherry picked from commit 1173edf23b3440137d60162d1ef9f48ffa13e3e2)
* build: fix for sourcing targets image config installed via feedsPrasun Maiti2023-04-021-0/+1
| | | | | | | | | Sourcing of image/Config.in will not happen When a target is installed from target/linux/feeds/ Signed-off-by: Prasun Maiti <prasunmaiti87@gmail.com> Acked-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 522a60cd31686a3d1b6d7ed1229eb68568aa89ac)
* ramips: rt5350: enable lzma-loader for ALLNET ALL5003Sergio Paracuellos2023-04-021-0/+1
| | | | | | | | Fixes the boot loader LZMA decompression issue: LZMA ERROR 1 - must RESET board to recover Signed-off-by: Sergio Paracuellos <sergio.paracuellos@gmail.com> (cherry picked from commit 84c04ff4069a652755267d126418b211379c1cbf)
* bpf-headers: fix package categoryChukun Pan2023-04-021-1/+1
| | | | | | | | This removes the non-selectable 'Kernel' item when make menuconfig. Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn> (cherry picked from commit 3e4c014008659c760b2e4638f606da90df1e3c93)
* sdk: expose PATENTED an NLS build optionsTomasz Maciej Nowak2023-04-021-0/+17
| | | | | | | | | | Some packages offer functionalities guarded by these options and it'll be impossible to reach them without changing Config-build.in. So allow to toggle these in more friendly way, by exposing them in configuration menu. Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com> (cherry picked from commit 477ff0821a5e532adc0861d4093029967f5e1178)
* ksmbd: update to 3.4.7Rosen Penev2023-04-023-103/+4
| | | | | | | | | Remove upstreamed patches. Switch to normal tarballs. Codeload recently had a reproducibility issue. Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 44c24b3ac5d4523c0f9f55691d28387508e93de5)
* hostapd: add missing return code for the bss_mgmt_enable ubus methodFelix Fietkau2023-04-021-0/+2
| | | | | | | Fixes bogus errors on ubus calls Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit cf992ca862f271936f61367236378378f0d91b6d)
* kernel: filter out pahole versionRobert Marko2023-04-021-0/+1
| | | | | | | | | Pahole version is being autodetected during runtime since kernel 5.15.96 via in-kernel scripts/pahole-version.sh so add CONFIG_PAHOLE_VERSION to kernel filter in order to prevent it from being added to target configs. Signed-off-by: Robert Marko <robimarko@gmail.com> (cherry picked from commit 5d8f14bfefc6f12e93425ee522bdce75a7c979d6)
* dnsmasq: add dhcphostsfile to ujail sandboxRuben Jenster2023-04-021-0/+1
| | | | | | | | The dhcphostsfile must be mounted into the (ujail) sandbox. The file can not be accessed without this mount. Signed-off-by: Ruben Jenster <rjenster@gmail.com> (cherry picked from commit 936df715de3d33947ce38ca232b05c2bd3ef58f1)
* netifd: strip mask from IP address in DHCP client paramsAndrey Erokhin2023-04-021-1/+1
| | | | | | | | ipaddr option can be in CIDR notation, but udhcp wants just an IP address Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com> (cherry picked from commit 506bb436c678779e8ee54e83a7fb3e4e880037ec)
* lantiq: nand: don't yield while holding spinlockThomas Nixon2023-04-021-0/+38
| | | | | | | | | | | | | | | | | | | | The nand driver normally while waiting for the device to become ready; this is normally fine, but xway_nand holds the ebu_lock spinlock, and this can cause lockups if other threads which use ebu_lock are interleaved. Fix this by waiting instead of polling. This mainly showed up as crashes in ath9k_pci_owl_loader (see https://github.com/openwrt/openwrt/issues/9829 ), but turning on spinlock debugging shows this happening in other places too. This doesn't seem to measurably impact boot time. Tested on bt_homehub-v5a with 5.10 and 5.15. Signed-off-by: Thomas Nixon <tom@tomn.co.uk> [Add commit description into patch] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit d3b47909b199b876f67a0387b5545cb73bd6b815)
* mac80211: fix invalid calls to drv_sta_pre_rcu_removeFelix Fietkau2023-04-021-0/+25
| | | | | | | | | Potentially fixes some driver data structure corruption issues Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 9779ee021d30508eb9e7ebf1ec0a28a4be3c4c19) [Change patch number] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ramips: mt7621: ASUS RT-AX53U add NMBM, nest firmwareFelix Baumann2023-04-021-7/+26
| | | | | | | | | | | | | Nests kernel and ubi into firmware partition in-order to be compatible with OEM firmware. This allows restoring oem firmware from a backup of firmware2. Add jffs2 partition which is present in the oem firmware. Add support for mediatek NMBM (wear leveling on newer mediatek devices). Exclude UBI partition from NMBM management. Continues PR #10685. Tested-by: Felix Baumann <felix.bau@gmx.de> Signed-off-by: Felix Baumann <felix.bau@gmx.de> (cherry picked from commit 787ecdf66de6798540fb8b756404566341b4733c)
* ramips: Alternative name Asus RT-AX1800U for Asus RT-AX53UFelix Baumann2023-04-021-0/+2
| | | | | | | | | The Asus RT-AX1800U is identical to the already supported Asus RT-AX53U. Use the ALT0 buildroot tags to show both devices. Tested-by: Marian Sarcinschi <znevna@gmail.com> Signed-off-by: Felix Baumann <felix.bau@gmx.de> (cherry picked from commit acd3b5e83b99879b326a940907a9ff334586f86b)
* ramips: add missing LEDs to Asus RT-AX53UMarian Sarcinschi2023-04-023-3/+19
| | | | | | | | | | | | | | | | | This patch adds the missing LEDs to Asus RT-AX53U. Based on PR #10400 and patch provided in #11068 - enable the two LEDs controlled by mt7915e for wireless; - add label to power LED so it works properly and fix formatting; - add the USB LED; - switch LEDs are best left to be controlled by hardware for now. Co-Authored-By: Ivan Rozhuk <rozhuk.im@gmail.com> Co-Authored-By: Shiji Yang <yangshiji66@qq.com> Co-Authored-By: Hartmut Birr <e9hack@gmail.com> Tested-by: Felix Baumann <felix.bau@gmx.de> Tested-by: Marian Sarcinschi <znevna@gmail.com> Signed-off-by: Marian Sarcinschi <znevna@gmail.com> (cherry picked from commit c4b806d5c4ccc653968620e6e9aec93bc4e370e5)
* uboot-envtools: add support for ramips Asus RX-AX53UFelix Baumann2023-04-021-0/+1
| | | | | | | | | | Adds uboot-envtools support for ramips Asus RX-AX53U now that partition can be correctly read. Signed-off-by: Felix Baumann <felix.bau@gmx.de> [ improve commit title and description ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> (cherry picked from commit 75451681d03e609ac8a3d1cd7469eefa53e18ca4)
* ramips: add support for read/write uboot env to Asus RX-AX53UFelix Baumann2023-04-021-2/+11
| | | | | | | | | | | | | | | | | | | Add support for read/writing uboot env by renaming the second partition to its stock label "nvram" and remove the deemed unnecessary "read-only". Split the first partition "u-boot" in two, in order to allow `fw_setenv` safe write-access to the uboot environment variables. This implements hauke's request from [1]. Based on the patch provided by Shiji Yang. [1] https://github.com/openwrt/openwrt/pull/10400#discussion_r945153224 Co-Authored-By: Shiji Yang <yangshiji66@qq.com> Signed-off-by: Felix Baumann <felix.bau@gmx.de> [ improve commit title and description, fix some whitespace problem ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> (cherry picked from commit 3f1e9f6f3b14385cab7ca6d1dcc2a4b658475bc3)
* comgt: ncm: support Mikrotik R11e-LTE6 modemSzabolcs Hubai2023-04-011-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Mikrotik R11e-LTE6 modem is similar to ZTE MF286R modem, added earlier: it has a Marvel chip, able to work in ACM+RNDIS mode, knows ZTE specific commands, runs OpenWrt Barrier Breaker fork. While the modem is able to offer IPv6 address, the RNDIS setup is unable to complete if there is an IPv6 adress. While it works in ACM+RNDIS mode, the user experience isn't as good as with "proto 3g": the modem happily serves a local IP (192.168.1.xxx) without internet access. Of course, if the modem has enough time (for example at the second dialup), it will serve a public IP. Modifing the DHCP Lease (to a short interval before connect and back to default while finalizing) is a workaround to get a public IP at the first try. A safe workaround for this is to excercise an offline script of the pingcheck program: simply restart (ifdown - ifup) the connection. Another pitfall is that the modem writes a few messages at startup, which confuses the manufacturer detection algorithm and got disabled. daemon.notice netifd: Interface 'mikrotik' is setting up now daemon.notice netifd: mikrotik (2366): Failed to parse message data daemon.notice netifd: mikrotik (2366): WARNING: Variable 'ok' does not exist or is not an array/object daemon.notice netifd: mikrotik (2366): Unsupported modem daemon.notice netifd: mikrotik (2426): Stopping network mikrotik daemon.notice netifd: mikrotik (2426): Failed to parse message data daemon.notice netifd: mikrotik (2426): WARNING: Variable '*simdetec:1,sim' does not exist or is not an array/object daemon.notice netifd: mikrotik (2426): Unsupported modem daemon.notice netifd: Interface 'mikrotik' is now down A workaround for this is to use the "delay" option in the interface configuration. I want to thank Forum members dchard (in topic Adding support for MikroTik hAP ac3 LTE6 kit (D53GR_5HacD2HnD)) [1] and mrhaav (in topic OpenWrt X86_64 + Mikrotik R11e-LTE6) [2] for sharing their experiments and works. Another information page was found at eko.one.pl [3]. [1]: https://forum.openwrt.org/t/137555 [2]: https://forum.openwrt.org/t/151743 [3]: https://eko.one.pl/?p=modem-r11elte Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com> (cherry picked from commit dbd6ebd6d84b35599a0446559576df41f487200e)
* comgt: add quirk for Mikrotik modems based on Mikrotik R11e-LTE6Szabolcs Hubai2023-04-012-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The MikroTik R11e-LTE6 modem goes into flight mode (CFUN=4) at startup and the radio is off (*RADIOPOWER: 0): AT+RESET OK OK *SIMDETEC:2,NOS *SIMDETEC:1,SIM *ICCID: 8936500119010596302 *EUICC: 1 +MSTK: 11, D025....74F3 *ADMINDATA: 0, 2, 0 +CPIN: READY *EUICC: 1 *ECCLIST: 5, 0, 112, 0, 000, 0, 08, 0, 118, 0, 911 +CREG: 0 $CREG: 0 +CESQ: 99,99,255,255,255,255 *CESQ: 99,99,255,255,255,255,0 +CGREG: 0 +CEREG: 0 +CESQ: 99,99,255,255,255,255 *CESQ: 99,99,255,255,255,255,0 *RADIOPOWER: 0 +MMSG: 0, 0 +MMSG: 0, 0 +MMSG: 1, 0 +MPBK: 1 While the chat script is able to establish the PPP connection, it's closed instantly by the modem: LCP terminated by peer. local2.info chat[7000]: send (ATD*99***1#^M) local2.info chat[7000]: expect (CONNECT) local2.info chat[7000]: ^M local2.info chat[7000]: ATD*99***1#^M^M local2.info chat[7000]: CONNECT local2.info chat[7000]: -- got it local2.info chat[7000]: send ( ^M) daemon.info pppd[6997]: Serial connection established. kern.info kernel: [ 453.659146] 3g-mikrotik: renamed from ppp0 daemon.info pppd[6997]: Renamed interface ppp0 to 3g-mikrotik daemon.info pppd[6997]: Using interface 3g-mikrotik daemon.notice pppd[6997]: Connect: 3g-mikrotik <--> /dev/ttyACM0 daemon.info pppd[6997]: LCP terminated by peer daemon.notice pppd[6997]: Connection terminated. daemon.notice pppd[6997]: Modem hangup daemon.info pppd[6997]: Exit. daemon.notice netifd: Interface 'mikrotik' is now down Sending "AT+CFUN=1" to modem deactivates the flight mode and solves the issue: daemon.notice netifd: Interface 'mikrotik' is setting up now daemon.notice netifd: mikrotik (7051): sending -> AT+CFUN=1 daemon.notice pppd[7137]: pppd 2.4.9 started by root, uid 0 local2.info chat[7140]: abort on (BUSY) local2.info chat[7140]: abort on (NO CARRIER) local2.info chat[7140]: abort on (ERROR) local2.info chat[7140]: report (CONNECT) local2.info chat[7140]: timeout set to 10 seconds local2.info chat[7140]: send (AT&F^M) local2.info chat[7140]: expect (OK) local2.info chat[7140]: ^M local2.info chat[7140]: +CESQ: 99,99,255,255,255,255^M local2.info chat[7140]: ^M local2.info chat[7140]: *CESQ: 99,99,255,255,255,255,0^M local2.info chat[7140]: AT&F^MAT&F^M^M local2.info chat[7140]: OK local2.info chat[7140]: -- got it ... local2.info chat[7140]: send (ATD*99***1#^M) local2.info chat[7140]: expect (CONNECT) local2.info chat[7140]: ^M local2.info chat[7140]: ATD*99***1#^M^M local2.info chat[7140]: CONNECT local2.info chat[7140]: -- got it local2.info chat[7140]: send ( ^M) daemon.info pppd[7137]: Serial connection established. kern.info kernel: [ 463.094254] 3g-mikrotik: renamed from ppp0 daemon.info pppd[7137]: Renamed interface ppp0 to 3g-mikrotik daemon.info pppd[7137]: Using interface 3g-mikrotik daemon.notice pppd[7137]: Connect: 3g-mikrotik <--> /dev/ttyACM0 daemon.warn pppd[7137]: Could not determine remote IP address: defaulting to 10.64.64.64 daemon.notice pppd[7137]: local IP address 100.112.63.62 daemon.notice pppd[7137]: remote IP address 10.64.64.64 daemon.notice pppd[7137]: primary DNS address 185.29.83.64 daemon.notice pppd[7137]: secondary DNS address 185.62.131.64 daemon.notice netifd: Network device '3g-mikrotik' link is up daemon.notice netifd: Interface 'mikrotik' is now up To send this AT command to the modem the "runcommand.gcom" script dependency is moved from comgt-ncm to comgt. As the comgt-ncm package depends on comgt already, this change is a NOOP from that point of view. But from the modem's point it is a low hanging fruit as the modem is usable with installing comgt and kmod-usb-ncm packages. Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com> (cherry picked from commit 91eca7b04ff1309c7408baa1f1631d7623ce50cf)
* kernel: add support for XMC XM25QH64CJoe Mullally2023-04-011-0/+22
| | | | | | | | The XMC XM25QH64C is a 8MB SPI NOR chip. The patch is verified on TL-WPA8631P v3. Datasheet available at https://www.xmcwh.com/uploads/442/XM25QH64C.pdf Signed-off-by: Joe Mullally <jwmullally@gmail.com> (cherry picked from commit 19752bdfa3e75da8290f525186e9fd8349df9c93)
* ath79: Refresh patchesHauke Mehrtens2023-04-011-1/+1
| | | | | | | Refresh the kernel patches. Fixes: c2331038b257 ("kernel: remove obsolete netfilter tcp window size check bypass patch") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: remove obsolete netfilter tcp window size check bypass patchFelix Fietkau2023-03-301-73/+0
| | | | | | | | On any currently supported hardware, the performance impact should not matter anymore. Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 75e78bcaab847557ce1782eb2dea9dff9a029171)
* mac80211, mt76: add fixes for recently discovered security issuesFelix Fietkau2023-03-307-0/+660
| | | | | | | Fixes CVE-2022-47522 Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit d54c91bd9ab3c54ee06923eafbd67047816a37e4)
* ncm: add error check and retry mechanism for gcom callMike Wilson2023-03-301-4/+19
| | | | | | | | | | | | | This patch solves the problem of receiving "error" responses when initially calling gcom. This avoids unnecessary NO_DEVICE failures. A retry loop retries the call after an "error" response within the specified delay. A successful response will continue with the connection immediately without waiting for max specified delay, bringing the interface up sooner. Signed-off-by: Mike Wilson <mikewse@hotmail.com> (cherry picked from commit 8f27093ce784daad5a9b1c89f51d0a76a8bbb07b)
* kernel: bump 5.10 to 5.10.176John Audia2023-03-2718-36/+36
| | | | | | | All patches automatically rebased. Signed-off-by: John Audia <therealgraysky@proton.me> (cherry picked from commit f598880162e83ddc0139e00c5248497d06f5fff7)
* kernel: bump 5.10 to 5.10.175John Audia2023-03-2743-142/+142
| | | | | | | | | | Manually rebased: backport-5.10/611-v5.12-net-ethernet-mediatek-support-setting-MTU.patch All other patches automatically rebased. Signed-off-by: John Audia <therealgraysky@proton.me> (cherry picked from commit 3ca98495897126113912f7ee4537f69459d21332)