aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ramips: add led driver to UniFi FlexHD defaut package setDaniel Golle2022-09-301-1/+1
| | | | | | | Add kmod-leds-ubnt-ledbar to the packages selected by default on the UniFi FlexHD access point. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ubnt-ledbar: make package available on other targetsDaniel Golle2022-09-301-2/+2
| | | | | | | | As also ramips/mt7621 now has a user of the ubnt-ledbar driver, make the package available on all targets by removing the dependency on @TARGET_mediatek_mt7622. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mediatek: add support t-phy settings from efuse on MT7986Daniel Golle2022-09-303-1/+405
| | | | | | | Import patches from mtk-openwrt-feeds (MTK SDK) to support reading t-phy settings affecting PCIe as well as USB2 and USB3 from efuse. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mediatek: filogic: add efuse layout to mt7986a.dtsiDaniel Golle2022-09-301-0/+93
| | | | | | | | efuse is used to store board-specific settings of some of the in-SoC peripherals. Add it to device tree, so it gets probed on boot and can be accessed by other drivers. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mediatek: add patch allowing 1-byte wide access to efuseDaniel Golle2022-09-301-0/+46
| | | | | | | Allow byte-wise access to mtk-efuse as some drivers require that. Patch imported from mtk-openwrt-feeds (MTK SDK). Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: fold lzma debloat patch into the patch adding the codeFelix Fietkau2022-09-304-3374/+96
| | | | | | Reduces the number of hack patches Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: move kernel image cmdline hack to the octeon targetFelix Fietkau2022-09-306-17/+0
| | | | | | It is the only remaining user of this hack Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: remove hack patch, move kirkwood specific kmods to target modules.mkFelix Fietkau2022-09-305-78/+30
| | | | | | | Tweaking the KCONFIG line of kmod-ata-marvell-sata makes the hack patch unnecessary Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: move ubnt ledbar driver to a separate packageFelix Fietkau2022-09-3013-87/+45
| | | | | | | Simplifies the tree by removing a non-upstream kernel patch and related kconfig symbols Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: remove udp tunnel kconfig selection hackFelix Fietkau2022-09-302-31/+0
| | | | | | | | The corresponding kmod package is marked as HIDDEN and selected by all other kernel modules that need it, so the kconfig side will be in sync without manual selection Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix decap offload for stations on AP_VLAN interfacesFelix Fietkau2022-09-301-0/+37
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tools/cmake: Build without some included libsRosen Penev2022-09-294-3/+46
| | | | | | | | | Saves a little bit of time when compiling cmake. Added patches to fix searching liblzma and zlib. The issue is that because pkgconfig is not used, the system libraries get used. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/expat: build with autotools againRosen Penev2022-09-292-16/+15
| | | | | | | Allows to set expat as a dependency to cmake and save on compilation time. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/zlib: switch to configure scriptRosen Penev2022-09-292-15/+14
| | | | | | A future commit will make tools/cmake use this. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)Petr Štetiar2022-09-291-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Fixes denial of service attack and buffer overflow against TLS 1.3 servers using session ticket resumption. When built with --enable-session-ticket and making use of TLS 1.3 server code in wolfSSL, there is the possibility of a malicious client to craft a malformed second ClientHello packet that causes the server to crash. This issue is limited to when using both --enable-session-ticket and TLS 1.3 on the server side. Users with TLS 1.3 servers, and having --enable-session-ticket, should update to the latest version of wolfSSL. Thanks to Max at Trail of Bits for the report and "LORIA, INRIA, France" for research on tlspuffin. Complete release notes https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable Fixes: CVE-2022-39173 Fixes: https://github.com/openwrt/luci/issues/5962 References: https://github.com/wolfSSL/wolfssl/issues/5629 Tested-by: Kien Truong <duckientruong@gmail.com> Reported-by: Kien Truong <duckientruong@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* Revert "wolfssl: fix TLSv1.3 RCE in uhttpd by using latest 5.5.1-stable release"Petr Štetiar2022-09-291-2/+2
| | | | | | | | This reverts commit a596a8396b1ef23cd0eda22d9a628392e70e1e1a as I've just discovered private email, that the issue has CVE-2022-39173 assigned so I'm going to reword the commit and push it again. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* wolfssl: refresh patchesPetr Štetiar2022-09-292-3/+3
| | | | | | So they're tidy and apply cleanly. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* wolfssl: fix TLSv1.3 RCE in uhttpd by using latest 5.5.1-stable releasePetr Štetiar2022-09-291-2/+2
| | | | | | | | | | | | | | | | | | | | | Fixes denial of service attack and buffer overflow against TLS 1.3 servers using session ticket resumption. When built with --enable-session-ticket and making use of TLS 1.3 server code in wolfSSL, there is the possibility of a malicious client to craft a malformed second ClientHello packet that causes the server to crash. This issue is limited to when using both --enable-session-ticket and TLS 1.3 on the server side. Users with TLS 1.3 servers, and having --enable-session-ticket, should update to the latest version of wolfSSL. Thanks to Max at Trail of Bits for the report and "LORIA, INRIA, France" for research on tlspuffin. Complete release notes https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable Fixes: https://github.com/openwrt/luci/issues/5962 References: https://github.com/wolfSSL/wolfssl/issues/5629 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* bcm53xx: backport clk driver fix for DT nodes namesRafał Miłecki2022-09-294-124/+144
| | | | | | It allows dropping downstream patch renaming DT nodes. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* build: fix warnings from grepChris Osgood2022-09-281-1/+1
| | | | | | | Fixes build warnings when using newer versions of grep. Signed-off-by: Chris Osgood <chris_github@functionalfuture.com> Tested-by: Georgi Valkov <gvalkov@gmail.com>
* scripts/download.pl: generilize and simplify download tool checkChristian Marangi2022-09-281-16/+17
| | | | | | | | | Generilize download tool check and skip other check if a download tool has been found. While at it also reintroduce c836ca84e8f641e10a8349a8f9b7432b33d6cec1 that was previously dropped with aria2c support. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* ramips: update MAC address configuration for Buffalo WSR-1166DHPKazuhiro Ito2022-09-281-2/+2
| | | | | | | | | | | | Convert MAC address and label_mac configuration of Buffalo WSR-1166DHP to use the generic function of OpenWrt. Apply commit 770cfe9 for WCR-1166DS to WSR-1166DHP too. Tested on the device and MAC address is kept before and after this change. Signed-off-by: Kazuhiro Ito <kzhr@d1.dion.ne.jp>
* kernel: mtk_ppe: use MTK_FOE_STATE_INVALID instead of *_UNBINDDaniel Golle2022-09-288-0/+78
| | | | | | | | | | Instead of dropping *fix-typo-in-__mtk_foe_entry.patch which effectively means keeping the (also wrong) assignment of MTK_FOE_STATE_BIND, rather use MTK_FOE_STATE_INVALID as that works well on both older (NETSYS_V1) and newer (NETSYS_V2) MediaTek SoCs. Suggested-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* realtek: rtl931x: fix missing CONFIG_COMMON_CLK_REALTEK config flagChristian Marangi2022-09-281-0/+1
| | | | | | | | | When the realtek clock driver was introduced, CONFIG_COMMON_CLK_REALTEK was not correctly disabled for other subtarget. Add the missing config flag to fix compilation error on buildbot. Fixes: 4850bd887c3a ("realtek: add RTL83XX clock driver") Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* tools: fix firmware-utils dependsRosen Penev2022-09-271-1/+1
| | | | | | | When firmware-utils was converted to use cmake, the dependency was not updated. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* Revert "toolchain/gcc: use zstd from tools"Christian Marangi2022-09-271-1/+0
| | | | | | | This reverts commit e6cc3ded0709aa6c7a190c31575bb5c19e204cd2. Require more testing as it does cause compilation error. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* Revert "tools/zstd: build libraries as static"Christian Marangi2022-09-271-1/+1
| | | | | | | This reverts commit e3989094b801da63b7b65b2460ea30dfeb324cd3. Require more testing as it does cause compilation error. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* tools/zstd: build libraries as staticRosen Penev2022-09-271-1/+1
| | | | | | Enables to get rid of rpath hack for all users. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* ccache: update to 4.6.3Nick Hainke2022-09-272-3/+3
| | | | | | | | | | Release Notes: https://ccache.dev/releasenotes.html#_ccache_4_6_3 Refresh patch: - 100-honour-copts.patch Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools/ccache: update to 4.6.2Nick Hainke2022-09-271-2/+2
| | | | | | | Release notes: https://ccache.dev/releasenotes.html#_ccache_4_6_2 Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools/ccache: update to 4.6.1Nick Hainke2022-09-271-2/+2
| | | | | | | Release notes: https://ccache.dev/releasenotes.html#_ccache_4_6_1 Signed-off-by: Nick Hainke <vincent@systemli.org>
* kernel: rename upstreamed patches and import fixesDaniel Golle2022-09-2716-42/+155
| | | | | | | | | | | | Move and rename patches which were merged upstream and import follow-up fixes for MediaTek Ethernet offloading features on MT7622 and Filogic platforms. Remove patch 793-net-ethernet-mtk_eth_soc-fix-typo-in-__mtk_foe_entry.patch which breaks hardware flow offloading on MT7622, it will be reverted upstream as well. Fixes: c93c5365c0 ("kernel: pick patches for MediaTek Ethernet from linux-next") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* qos-scripts: fix trailing whitespace in config filesManas Sambhus2022-09-274-8/+7
| | | | Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
* qos-scripts: replace modprobe by rmmodManas Sambhus2022-09-271-2/+1
| | | | | | modprobe -r is not available on all platforms, hence use rmmod Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
* kernel: netsupport: replace insmod by modprobeManas Sambhus2022-09-271-1/+1
| | | | | | Replace insmod by modprobe in TEQL hotplug script Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
* ppp: use modprobe in place of insmodManas Sambhus2022-09-272-15/+5
| | | | | | | This will prevent `module is already loaded` lines from appearing in the logs when a PPP connection is reconnecting Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
* include/prereq-build: fix ldconfig-stub symlink on macos and BSD OSsChristian Marangi2022-09-271-1/+1
| | | | | | | | | | | | Some OS may have the true bin to a different location than /bin/true. BSD based system and macos have true on /usr/bin/true. Fix this by checking both location and take the one available in the system. Reported-by: Sergey V. Lobanov <sergey@lobanov.in> Suggested-by: Huangbin Zhan <zhanhb88@gmail.com> Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* Makefile: fix stray \ warnings with grep-3.8Nick Hainke2022-09-271-1/+1
| | | | | | | | | | | | | | | | We simply grep for "/usr". So no need for "-E" or "\/". Furthermore, in the new grep versions this creates warnings. As written in the grep-3.8 announcement: Regular expressions with stray backslashes now cause warnings, as their unspecified behavior can lead to unexpected results. For example, '\a' and 'a' are not always equivalent <https://bugs.gnu.org/39678>. Fixes warnings in the form of: grep: warning: stray \ before / Signed-off-by: Nick Hainke <vincent@systemli.org>
* toolchain/gdb: fix expat locationRosen Penev2022-09-271-1/+1
| | | | | | | GDB is not finding tools/expat. This fixes it. Move it up with the other tools. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* toolchain/gcc: use zstd from toolsRosen Penev2022-09-271-0/+1
| | | | | | pkgconfig is not used for some reason. Match other used tools. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* build: fix issues with targets installed via feedsFelix Fietkau2022-09-273-5/+6
| | | | | | | - fix including modules.mk when a target is being replaced - fix calling make targets from target/linux Signed-off-by: Felix Fietkau <nbd@nbd.name>
* scripts/download.pl: fix support for aria2c download tool on macosChristian Marangi2022-09-261-6/+8
| | | | | | | | | Currently we use /dev/shm to place aria2c tmp file. This is not present on macos. Use the openwrt tmp directory instead of the linux-only /dev/shm to save compatibility with more os. Fixes: d39123626931 ("download.pl: add aria2c support") Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts/download.pl: fix mirrors regression for curl and wgetChristian Marangi2022-09-261-1/+1
| | | | | | | | | With the introduction of aria2c support, curl and wget no longer try to download the file from mirrors. Fix this regression by emptying the remaining mirrors list only when aria2c is used. Fixes: d39123626931 ("download.pl: add aria2c support") Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* nftables: backport fix to interval based rulesKevin Darbyshire-Bryant2022-09-262-1/+24
| | | | | | | | | 'rule inet dscpclassify dscp_match meta l4proto { udp } th dport { 3478 } th sport { 3478-3497, 16384-16387 } goto ct_set_ef' works with 'nft add', but not 'nft insert', the latter yields: "BUG: unhandled op 4". Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* sysfsutils: Define START early in fileKevin Darbyshire-Bryant2022-09-262-2/+3
| | | | | | | | | | The luci ucode rewrite exposed the definition of START as being over 1K from start of file. Initial versions limited the search for START & STOP to within the 1st 1K of a file. Whilst the search has been expanded, it doesn't do any harm to define START early in the file like all other init scripts seen so far. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* Revert "mt76: fix compilation error with mt7915 and kernel >= 5.15.61"Christian Marangi2022-09-251-38/+0
| | | | | | | | | | | This reverts commit 6e9613844ca1ddea7e36abc44a513c89ef0598ff. The patch was wrong in the first place as we base everything on backports package and the compilation error was caused by an ath11k present downstream. (will be needed later when backports package will be updated but not now) Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* realtek: fix RTL839x egress tag for ports >= 32Jan Hoffmann2022-09-251-1/+1
| | | | | | | Don't overwrite AS_DPM and L2LEARNING flags when dest_port is >= 32. Fixes: 1773264a0c6d ("realtek: correct egress frame port verification") Signed-off-by: Jan Hoffmann <jan@3e8.eu>
* mt76: fix compilation error with mt7915 and kernel >= 5.15.61Christian Marangi2022-09-251-0/+38
| | | | | | | | With kernel 5.15.61 the define IEEE80211_MAX_AMPDU_BUF got changed to IEEE80211_MAX_AMPDU_BUF_HE. Add patch to fix compilation error on next 5.15 kernel versions. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts/download.pl: fix whitespace in mirror urls and drop forChristian Marangi2022-09-251-7/+2
| | | | | | | Fix whitespace in mirror urls and replace for loop with join+map logic. Fixes: d39123626931 ("download.pl: add aria2c support") Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* wolfssl: prefer regular libwolfssl over cpu-cryptoEneas U de Queiroz2022-09-253-16/+16
| | | | | | | | | | | | | | | | | Rename libwolfssl-cpu-crypto to libwolfsslcpu-crypto so that the regular libwolfssl version comes first when running: opkg install libwolfssl Normally, if the package name matches the opkg parameter, that package is preferred. However, for libraries, the ABI version string is appended to the package official name, and the short name won't match. Failing a name match, the candidate packages are sorted in alphabetical order, and a dash will come before any number. So in order to prefer the original library, the dash should be removed from the alternative library. Fixes: c3e7d86d2b (wolfssl: add libwolfssl-cpu-crypto package) Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>