aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* ramips: add support for Linksys EA8100 v1Tee Hao Wei2021-06-101-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Specifications: - SoC: MT7621AT - RAM: 256MB - Flash: 128MB NAND - Ethernet: 5 Gigabit ports - WiFi: 2.4G/5G MT7615N - USB: 1 USB 3.0, 1 USB 2.0 This device is very similar to the EA7300 v1/v2 and EA7500 v2. Installation: Upload the generated factory image through the factory web interface. (following part taken from EA7300 v2 commit message:) This might fail due to the A/B nature of this device. When flashing, OEM firmware writes over the non-booted partition. If booted from 'A', flashing over 'B' won't work. To get around this, you should flash the OEM image over itself. This will then boot the router from 'B' and allow you to flash OpenWRT without problems. Reverting to factory firmware: Hard-reset the router three times to force it to boot from 'B.' This is where the stock firmware resides. To remove any traces of OpenWRT from your router simply flash the OEM image at this point. With thanks to Leon Poon (@LeonPoon) for the initial bringup. Signed-off-by: Tee Hao Wei <angelsl@in04.sg> [add missing entry in 10_fix_wifi_mac] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit b232680f847f4ea8d058849a51dedebb8e398a01)
* ramips: add support for Amped Wireless ALLY router and extenderJonathan Sturges2021-06-101-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Amped Wireless ALLY is a whole-home WiFi kit, with a router (model ALLY-R1900K) and an Extender (model ALLY-00X19K). Both are devices are 11ac and based on MediaTek MT7621AT and MT7615N chips. The units are nearly identical, except the Extender lacks a USB port and has a single Ethernet port. Specification: - SoC: MediaTek MT7621AT (2C/4T) @ 880MHz - RAM: 128MB DDR3 (Nanya NT5CC64M16GP-DI) - FLASH: 128MB NAND (Winbond W29N01GVSIAA) - WiFi: 2.4/5 GHz 4T4R - 2.4GHz MediaTek MT7615N bgn - 5GHz MediaTek MT7615N nac - Switch: SoC integrated Gigabit Switch - USB: 1x USB3 (Router only) - BTN: Reset, WPS - LED: single RGB - UART: through-hole on PCB. J1: pin1 (square pad, towards rear)=3.3V, pin2=RX, pin3=GND, pin4=TX. Settings: 57600/8N1. Note regarding dual system partitions ------------------------------------- The vendor firmware and boot loader use a dual partition scheme. The boot partition is decided by the bootImage U-boot environment variable: 0 for the 1st partition, 1 for the 2nd. OpenWrt does not support this scheme and will always use the first OS partition. It will set bootImage to 0 during installation, making sure the first partition is selected by the boot loader. Also, because we can't be sure which partition is active to begin with, a 2-step flash process is used. We first flash an initramfs image, then follow with a regular sysupgrade. Installation: Router (ALLY-R1900K) 1) Install the flashable initramfs image via the OEM web-interface. (Alternatively, you can use the TFTP recovery method below.) You can use WiFi or Ethernet. The direct URL is: http://192.168.3.1/07_06_00_firmware.html a. No login is needed, and you'll be in their setup wizard. b. You might get a warning about not being connected to the Internet. c. Towards the bottom of the page will be a section entitled "Or Manually Upgrade Firmware from a File:" where you can manually choose and upload a firmware file. d: Click "Choose File", select the OpenWRT "initramfs" image and click "Upload." 2) The Router will flash the OpenWrt initramfs image and reboot. After booting, LuCI will be available on 192.168.1.1. 3) Log into LuCI as root; there is no password. 4) Optional (but recommended) is to backup the OEM firmware before continuing; see process below. 5) Complete the Installation by flashing a full OpenWRT image. Note: you may use the sysupgrade command line tool in lieu of the UI if you prefer. a. Choose System -> Backup/Flash Firmware. b. Click "Flash Image..." under "Flash new firmware image" c. Click "Browse..." and then select the sysupgrade file. d. Click Upload to upload the sysupgrade file. e. Important: uncheck "Keep settings and retain the current configuration" for this initial installation. f. Click "Continue" to flash the firmware. g. The device will reboot and OpenWRT is installed. Extender (ALLY-00X19K) 1) This device requires a TFTP recovery procedure to do an initial load of OpenWRT. Start by configuring a computer as a TFTP client: a. Install a TFTP client (server not necessary) b. Configure an Ethernet interface to 192.168.1.x/24; don't use .1 or .6 c. Connect the Ethernet to the sole Ethernet port on the X19K. 2) Put the ALLY Extender in TFTP recovery mode. a. Do this by pressing and holding the reset button on the bottom while connecting the power. b. As soon as the LED lights up green (roughly 2-3 seconds), release the button. 3) Start the TFTP transfer of the Initramfs image from your setup machine. For example, from Linux: tftp -v -m binary 192.168.1.6 69 -c put initramfs.bin 4) The Extender will flash the OpenWrt initramfs image and reboot. After booting, LuCI will be available on 192.168.1.1. 5) Log into LuCI as root; there is no password. 6) Optional (but recommended) is to backup the OEM firmware before continuing; see process below. 7) Complete the Installation by flashing a full OpenWRT image. Note: you may use the sysupgrade command line tool in lieu of the UI if you prefer. a. Choose System -> Backup/Flash Firmware. b. Click "Flash Image..." under "Flash new firmware image" c. Click "Browse..." and then select the sysupgrade file. d. Click Upload to upload the sysupgrade file. e. Important: uncheck "Keep settings and retain the current configuration" for this initial installation. f. Click "Continue" to flash the firmware. g. The device will reboot and OpenWRT is installed. Backup the OEM Firmware: ----------------------- There isn't any downloadable firmware for the ALLY devices on the Amped Wireless web site. Reverting back to the OEM firmware is not possible unless we have a backup of the original OEM firmware. The OEM firmware may be stored on either /dev/mtd3 ("firmware") or /dev/mtd6 ("oem"). We can't be sure which was overwritten with the initramfs image, so backup both partitions to be safe. 1) Once logged into LuCI, navigate to System -> Backup/Flash Firmware. 2) Under "Save mtdblock contents," first select "firmware" and click "Save mtdblock" to download the image. 3) Repeat the process, but select "oem" from the pull-down menu. Revert to the OEM Firmware: -------------------------- * U-boot TFTP: Follow the TFTP recovery steps for the Extender, and use the backup image. * OpenWrt "Flash Firmware" interface: Upload the backup image and select "Force update" before continuing. Signed-off-by: Jonathan Sturges <jsturges@redhat.com> (cherry picked from commit 6d23e474ad9d0eba935696c66db4fb6e2037bb72)
* ramips: add support for JCG Q20Chukun Pan2021-06-101-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | JCG Q20 is an AX 1800M router. Hardware specs: SoC: MediaTek MT7621AT Flash: Winbond W29N01HV 128 MiB RAM: Winbond W632GU6NB-11 256 MiB WiFi: MT7915 2.4/5 GHz 2T2R Ethernet: 10/100/1000 Mbps x3 LED: Status (red / blue) Button: Reset, WPS Power: DC 12V,1A Flash instructions: Upload factory.bin in stock firmware's upgrade page, do not preserve settings. MAC addresses map: 0x00004 *:3e wlan2g/wlan5g 0x3fff4 *:3c lan/label 0x3fffa *:3c wan Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn> (cherry picked from commit 57cb387cfeee2a07902a2f1383ca471ef47265f3)
* ramips: mt7621: Add support for ZyXEL NR7101Bjørn Mork2021-06-101-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ZyXEL NR7101 is an 802.3at PoE powered 5G outdoor (IP68) CPE with integrated directional 5G/LTE antennas. Specifications: - SoC: MediaTek MT7621AT - RAM: 256 MB - Flash: 128 MB MB NAND (MX30LF1G18AC) - WiFi: MediaTek MT7603E - Switch: 1 LAN port (Gigabiti) - 5G/LTE: Quectel RG502Q-EA connected by USB3 to SoC - SIM: 2 micro-SIM slots under transparent cover - Buttons: Reset, WLAN under same cover - LEDs: Multicolour green/red/yellow under same cover (visible) - Power: 802.3at PoE via LAN port The device is built as an outdoor ethernet to 5G/LTE bridge or router. The Wifi interface is intended for installation and/or temporary management purposes only. UART Serial: 57600N1 Located on populated 5 pin header J5: [o] GND [ ] key - no pin [o] RX [o] TX [o] 3.3V Vcc Remove the SIM/button/LED cover, the WLAN button and 12 screws holding the back plate and antenna cover together. The GPS antenna is fixed to the cover, so be careful with the cable. Remove 4 screws fixing the antenna board to the main board, again being careful with the cables. A bluetooth TTL adapter is recommended for permanent console access, to keep the router water and dustproof. The 3.3V pin is able to power such an adapter. MAC addresses: OpenWrt OEM Address Found as lan eth2 08:26:97:*:*:BC Factory 0xe000 (hex), label wlan0 ra0 08:26:97:*:*:BD Factory 0x4 (hex) wwan0 usb0 random WARNING!! ISP managed firmware might at any time update itself to a version where all known workarounds have been disabled. Never boot an ISP managed firmware with a SIM in any of the slots if you intend to use the router with OpenWrt. The bootloader lock can only be disabled with root access to running firmware. The flash chip is physically inaccessible without soldering. Installation from OEM web GUI: - Log in as "supervisor" on https://172.17.1.1/ - Upload OpenWrt initramfs-recovery.bin image on the Maintenance -> Firmware page - Wait for OpenWrt to boot and ssh to root@192.168.1.1 - (optional) Copy OpenWrt to the recovery partition. See below - Sysupgrade to the OpenWrt sysupgrade image and reboot Installation from OEM ssh: - Log in as "root" on 172.17.1.1 port 22022 - scp OpenWrt initramfs-recovery.bin image to 172.17.1.1:/tmp - Prepare bootloader config by running: nvram setro uboot DebugFlag 0x1 nvram setro uboot CheckBypass 0 nvram commit - Run "mtd_write -w write initramfs-recovery.bin Kernel" and reboot - Wait for OpenWrt to boot and ssh to root@192.168.1.1 - (optional) Copy OpenWrt to the recovery partition. See below - Sysupgrade to the OpenWrt sysupgrade image and reboot Copying OpenWrt to the recovery partition: - Verify that you are running a working OpenWrt recovery image from flash - ssh to root@192.168.1.1 and run: fw_setenv CheckBypass 0 mtd -r erase Kernel2 - Wait while the bootloader mirrors Image1 to Image2 NOTE: This should only be done after successfully booting the OpenWrt recovery image from the primary partition during installation. Do not do this after having sysupgraded OpenWrt! Reinstalling the recovery image on normal upgrades is not required or recommended. Installation from Z-Loader: - Halt boot by pressing Escape on console - Set up a tftp server to serve the OpenWrt initramfs-recovery.bin image at 10.10.10.3 - Type "ATNR 1,initramfs-recovery.bin" at the "ZLB>" prompt - Wait for OpenWrt to boot and ssh to root@192.168.1.1 - Sysupgrade to the OpenWrt sysupgrade image NOTE: ATNR will write the recovery image to both primary and recovery partitions in one go. Booting from RAM: - Halt boot by pressing Escape on console - Type "ATGU" at the "ZLB>" prompt to enter the U-Boot menu - Press "4" to select "4: Entr boot command line interface." - Set up a tftp server to serve the OpenWrt initramfs-recovery.bin image at 10.10.10.3 - Load it using "tftpboot 0x88000000 initramfs-recovery.bin" - Boot with "bootm 0x8800017C" to skip the 380 (0x17C) bytes ZyXEL header This method can also be used to RAM boot OEM firmware. The warning regarding OEM applies! Never boot an unknown OEM firmware, or any OEM firmware with a SIM in any slot. NOTE: U-Boot configuration is incomplete (on some devices?). You may have to configure a working mac address before running tftp using "setenv eth0addr <mac>" Unlocking the bootloader: If you are unebale to halt boot, then the bootloader is locked. The OEM firmware locks the bootloader on every boot by setting DebugFlag to 0. Setting it to 1 is therefore only temporary when OEM firmware is installed. - Run "nvram setro uboot DebugFlag 0x1; nvram commit" in OEM firmware - Run "fw_setenv DebugFlag 0x1" in OpenWrt NOTE: OpenWrt does this automatically on first boot if necessary NOTE2: Setting the flag to 0x1 avoids the reset to 0 in known OEM versions, but this might change. WARNING: Writing anything to flash while the bootloader is locked is considered extremely risky. Errors might cause a permanent brick! Enabling management access from LAN: Temporary workaround to allow installing OpenWrt if OEM firmware has disabled LAN management: - Connect to console - Log in as "root" - Run "iptables -I INPUT -i br0 -j ACCEPT" Notes on the OEM/bootloader dual partition scheme The dual partition scheme on this device uses Image2 as a recovery image only. The device will always boot from Image1, but the bootloader might copy Image2 to Image1 under specific conditions. This scheme prevents repurposing of the space occupied by Image2 in any useful way. Validation of primary and recovery images is controlled by the variables CheckBypass, Image1Stable, and Image1Try. The bootloader sets CheckBypass to 0 and reboots if Image1 fails validation. If CheckBypass is 0 and Image1 is invalid then Image2 is copied to Image1. If CheckBypass is 0 and Image2 is invalid, then Image1 is copied to Image2. If CheckBypass is 1 then all tests are skipped and Image1 is booted unconditionally. CheckBypass is set to 1 after each successful validation of Image1. Image1Try is incremented if Image1Stable is 0, and Image2 is copied to Image1 if Image1Try is 3 or larger. But the bootloader only tests Image1Try if CheckBypass is 0, which is impossible unless the booted image sets it to 0 before failing. The system is therefore not resilient against runtime errors like failure to mount the rootfs, unless the kernel image sets CheckBypass to 0 before failing. This is not yet implemented in OpenWrt. Setting Image1Stable to 1 prevents the bootloader from updating Image1Try on every boot, saving unnecessary writes to the environment partition. Keeping an OpenWrt initramfs recovery as Image2 is recommended primarily to avoid unwanted OEM firmware boots on failure. Ref the warning above. It enables console-less recovery in case of some failures to boot from Image1. Signed-off-by: Bjørn Mork <bjorn@mork.no> Tested-by: Bjørn Mork <bjorn@mork.no> (cherry picked from commit 2449a632084b29632605e5a79ce5d73028eb15dd)
* treewide: make AddDepends/usb-serial selectiveAdrian Schmutzler2021-06-081-1/+1
| | | | | | | | Make packages depending on usb-serial selective, so we do not have to add kmod-usb-serial manually for every device. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit 9397b22df1473f315552578b58322db7f7750361)
* wireless-regdb: update to version 2021.04.21Felix Fietkau2021-06-081-2/+2
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit d76535c45e6e970b212744781431e152e90c1ce6)
* umbim: fix return value of proto_mbim_setup()Adrian Schmutzler2021-06-081-1/+1
| | | | | | | | The variable name appears to be mistyped. Suggested-by: Howard Chu <hyc@symas.com> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit 6bc4c0ae3eb3dff6e410b5b012ab0bec267adb5a)
* mac80211: Update to backports-5.10.42Hauke Mehrtens2021-06-0633-1532/+63
| | | | | | | | | | | | | The removed patches were integrated upstream. The brcmf_driver_work workqueue was removed in brcmfmac with kernel 5.10.42, the asynchronous call was covered to a synchronous call. There is no need to wait any more. This part was removed manually from this patch: brcm/860-brcmfmac-register-wiphy-s-during-module_init.patch Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 04a260911ca0f10a0e37c487c220e1aae3623dda)
* ubus: update to version 2021-06-03Petr Štetiar2021-06-031-3/+3
| | | | | | | | | | | | This update contains following changes: * ubusd: protect against too-short messages * ubusd: add per-client tx queue limit * ubusd: convert tx_queue to linked list Fixes: FS#1525 Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 4f2243d40a400aa1ce6ae5d06325f93b4d9463a5)
* ramips: add support for ZTE MF283+Lech Perczak2021-06-021-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ZTE MF283+ is a dual-antenna LTE category 4 router, based on Ralink RT3352 SoC, and built-in ZTE P685M PCIe MiniCard LTE modem. Hardware highlighs: - CPU: MIPS24KEc at 400MHz, - RAM: 64MB DDR2, - Flash: 16MB SPI, - Ethernet: 4 10/100M port switch with VLAN support, - Wireless: Dual-stream 802.11n (RT2860), with two internal antennas, - WWAN: Built-in ZTE P685M modem, with two internal antennas and two switching SMA connectors for external antennas, - FXS: Single ATA, with two connectors marked PHONE1 and PHONE2, internally wired in parallel by 0-Ohm resistors, handled entirely by internal WWAN modem. - USB: internal miniPCIe slot for modem, unpopulated USB A connector on PCB. - SIM slot for the WWAN modem. - UART connector for the console (unpopulated) at 3.3V, pinout: 1: VCC, 2: TXD, 3: RXD, 4: GND, settings: 57600-8-N-1. - LEDs: Power (fixed), WLAN, WWAN (RGB), phone (bicolor, controlled by modem), Signal, 4 link/act LEDs for LAN1-4. - Buttons: WPS, reset. Installation: As the modem is, for most of the time, provided by carriers, there is no possibility to flash through web interface, only built-in FOTA update and TFTP recovery are supported. There are two installation methods: (1) Using serial console and initramfs-kernel - recommended, as it allows you to back up original firmware, or (2) Using TFTP recovery - does not require disassembly. (1) Using serial console: To install OpenWrt, one needs to disassemble the router and flash it via TFTP by using serial console: - Locate unpopulated 4-pin header on the top of the board, near buttons. - Connect UART adapter to the connector. Use 3.3V voltage level only, omit VCC connection. Pin 1 (VCC) is marked by square pad. - Put your initramfs-kernel image in TFTP server directory. - Power-up the device. - Press "1" to load initramfs image to RAM. - Enter IP address chosen for the device (defaults to 192.168.0.1). - Enter TFTP server IP address (defaults to 192.168.0.22). - Enter image filename as put inside TFTP server - something short, like firmware.bin is recommended. - Hit enter to load the image. U-boot will store above values in persistent environment for next installation. - If you ever might want to return to vendor firmware, BACK UP CONTENTS OF YOUR FLASH NOW. For this router, commonly used by mobile networks, plain vendor images are not officially available. To do so, copy contents of each /dev/mtd[0-3], "firmware" - mtd3 being the most important, and copy them over network to your PC. But in case anything goes wrong, PLEASE do back up ALL OF THEM. - From under OpenWrt just booted, load the sysupgrade image to tmpfs, and execute sysupgrade. (2) Using TFTP recovery - Set your host IP to 192.168.0.22 - for example using: sudo ip addr add 192.168.0.22/24 dev <interface> - Set up a TFTP server on your machine - Put the sysupgrade image in TFTP server root named as 'root_uImage' (no quotes), for example using tftpd: cp openwrt-ramips-rt305x-zte_mf283plus-squashfs-sysupgrade.bin /srv/tftp/root_uImage - Power on the router holding BOTH Reset and WPS buttons held for around 5 seconds, until after WWAN and Signal LEDs blink. - Wait for OpenWrt to start booting up, this should take around a minute. Return to original firmware: Here, again there are two possibilities are possible, just like for installation: (1) Using initramfs-kernel image and serial console (2) Using TFTP recovery (1) Using initramfs-kernel image and serial console - Boot OpenWrt initramfs-kernel image via TFTP the same as for installation. - Copy over the backed up "firmware.bin" image of "mtd3" to /tmp/ - Use "mtd write /tmp/firmware.bin /dev/mtd3", where firmware.bin is your backup taken before OpenWrt installation, and /dev/mtd3 is the "firmware" partition. (2) Using TFTP recovery - Follow the same steps as for installation, but replacing 'root_uImage' with firmware backup you took during installation, or by vendor firmware obtained elsewhere. A few quirks of the device, noted from my instance: - Wired and wireless MAC addresses written in flash are the same, despite being in separate locations. - Power LED is hardwired to 3.3V, so there is no status LED per se, and WLAN LED is controlled by WLAN driver, so I had to hijack 3G/4G LED for status - original firmware also does this in bootup. - FXS subsystem and its LED is controlled by the modem, so it work independently of OpenWrt. Tested to work even before OpenWrt booted. I managed to open up modem's shell via ADB, and found from its kernel logs, that FXS and its LED is indeed controlled by modem. - While finding LEDs, I had no GPL source drop from ZTE, so I had to probe for each and every one of them manually, so this might not be complete - it looks like bicolor LED is used for FXS, possibly to support dual-ported variant in other device sharing the PCB. - Flash performance is very low, despite enabling 50MHz clock and fast read command, due to using 4k sectors throughout the target. I decided to keep it at the moment, to avoid breaking existing devices - I identified one potentially affected, should this be limited to under 4MB of Flash. The difference between sysupgrade durations is whopping 3min vs 8min, so this is worth pursuing. In vendor firmware, WWAN LED behaviour is as follows, citing the manual: - red - no registration, - green - 3G, - blue - 4G. Blinking indicates activity, so netdev trigger mapped from wwan0 to blue:wwan looks reasonable at the moment, for full replacement, a script similar to "rssileds" would need to be developed. Behaviour of "Signal LED" in vendor firmware is as follows: - Off - no signal, - Blinking - poor coverage - Solid - good coverage. A few more details on the built-in LTE modem: Modem is not fully supported upstream in Linux - only two CDC ports (DIAG and one for QMI) probe. I sent patches upstream to add required device IDs for full support. The mapping of USB functions is as follows: - CDC (QCDM) - dedicated to comunicating with proprietary Qualcomm tools. - CDC (PCUI) - not supported by upstream 'option' driver yet. Patch submitted upstream. - CDC (Modem) - Exactly the same as above - QMI - A patch is sent upstream to add device ID, with that in place, uqmi did connect successfully, once I selected correct PDP context type for my SIM (IPv4-only, not default IPv4v6). - ADB - self-explanatory, one can access the ADB shell with a device ID added to 51-android.rules like so: SUBSYSTEM!="usb", GOTO="android_usb_rules_end" LABEL="android_usb_rules_begin" SUBSYSTEM=="usb", ATTR{idVendor}=="19d2", ATTR{idProduct}=="1275", ENV{adb_user}="yes" ENV{adb_user}=="yes", MODE="0660", GROUP="plugdev", TAG+="uaccess" LABEL="android_usb_rules_end" While not really needed in OpenWrt, it might come useful if one decides to move the modem to their PC to hack it further, insides seem to be pretty interesting. ADB also works well from within OpenWrt without that. O course it isn't needed for normal operation, so I left it out of DEVICE_PACKAGES. Signed-off-by: Lech Perczak <lech.perczak@gmail.com> [remove kmod-usb-ledtrig-usbport, take merged upstream patches] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit 59d065c9f81c4d1a89464d071134a50529449f34) [Manually remove no longer needed patches for modem] Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
* OpenWrt v21.02.0-rc2: revert to branch defaultsHauke Mehrtens2021-05-291-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v21.02.0-rc2: adjust config defaultsv21.02.0-rc2Hauke Mehrtens2021-05-291-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: simplify setting device MACRafał Miłecki2021-05-281-11/+8
| | | | | | | | | | | | | | | 1. Move code above interface generation It results in more logical order. Device gets its config section above interface section. 2. Drop the loop We have separated code handling bridges now so $device should be guaranteed to contain a single device name. 3. Drop section name It's not required by netifd or LuCI & it's not needed by this script as $device contains a single device name now. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit e002179a6d2eea8640e262160030336bea54ec26)
* ubox: fix init script validation of log_ip optionJo-Philipp Wich2021-05-282-2/+2
| | | | | | | | | The underlying logread process uses usock() to handle remote connections which is able to handle both hostnames and IP addresses. Ref: https://github.com/openwrt/luci/issues/5077 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit ec83fb9ced138b7945135adffb9ff0ba63b695ec)
* base-files: generate network config with "device" optionsRafał Miłecki2021-05-272-18/+18
| | | | | | | | Replace "ifname" with "device" as netifd has been recently patches to used the later one. It's more clear and accurate. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 4b9a67362d70c544b85078b8d5c661f43f7472d9)
* base-files: fix configuration generation of network if "bridge" existsINAGAKI Hiroshi2021-05-271-2/+3
| | | | | | | | | | | | | | | | | After the commit 43fc720657c6e3b30c6ed89d7227ee6e646c158b ("base-files: generate "device UCI type section for bridge"), the wrong network configuration is generated for the devices that already have the bridge device section for VLAN, such as the devices in realtek target. As a result, the bridge device by additional "device" section is specified to the "ports" option in the "bridge-vlan" section and netifd shuts down the switch and the ethernet when the network service started. Fixes: 43fc720657 ("base-files: generate "device" UCI type section for bridge") Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com> [rmilecki: use $ports for generate_bridge_vlan argument] Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 8cc4e87a2f81df02dbe481759ae6c36cf056c13b)
* base-files: support setting bridge MAC addressRafał Miłecki2021-05-271-0/+2
| | | | | | Fixes: 43fc720657c6 ("base-files: generate "device" UCI type section for bridge") Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 7a90ad3c431031191afe51b163bf97d3ec820d54)
* base-files: generate bridge device sections with br- name prefixRafał Miłecki2021-05-271-2/+2
| | | | | | | | | | | | Missing br- prefix could result in name conflict between DSA port interface and bridge interface. Some devices with just one LAN port use "lan" interface name for DSA port. Trying to create bridge with the same "lan" name was failing. Reported-by: David Bauer <mail@david-bauer.net> Fixes: 43fc720657c6 ("base-files: generate "device" UCI type section for bridge") Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 0e459668c5b3b158991803204f628b1b7dce9034)
* base-files: generate "device" UCI type section for bridgeRafał Miłecki2021-05-271-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This switches from the old way of defining bridges in an "interface" UCI section type (that should be used for layer 3 only). From now a defualt board switch will have its own "device" UCI section type. It's a new & preferred way of defining L2 devices. Before: config interface 'lan' option type 'bridge' option ifname 'lan1 lan2 lan3 lan4' option proto 'static' option ipaddr '192.168.1.1' option netmask '255.255.255.0' After: config device option name 'lan' option type 'bridge' list ports 'lan1' list ports 'lan2' list ports 'lan3' list ports 'lan4' config interface 'lan' option ifname 'lan' option proto 'static' option ipaddr '192.168.1.1' option netmask '255.255.255.0' Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 43fc720657c6e3b30c6ed89d7227ee6e646c158b)
* busybox: show reproducible timestampPaul Spooren2021-05-272-4/+80
| | | | | | | | | | | | | | | | | | | | | On login busybox shows a timestamp per default contianing the build date. Since the build date isn't reproducible per default this behaviour was disabled by default via 34df4d40 "busybox: disable timestamp in version". This commit modifies busybox so that the printed timestamp reproducible using SOURCE_DATE_EPOCH and therefore shouldn't be disabled anymore. Before: BusyBox v1.33.1 () built-in shell (ash) After: BusyBox v1.33.1 (2021-05-13 09:34:34 UTC) built-in shell (ash) Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit a725382978515abfb2eb7be3bafef735dca97dbd)
* busybox: use $(AUTORELEASE) and SPDXPaul Spooren2021-05-271-6/+3
| | | | | | | | | use AUTORELEASE since BusyBox is often updaten and PKG_RELEASE is not consistently bumped. Also use SPDX license headers to be machine readable and bump the copyright year to 2021. Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 25fdb42249aef7b5eb53675f82f0091c532bf90c)
* netifd: update to the latest masterRafał Miłecki2021-05-261-3/+3
| | | | | | | | 899c2a4 interface: support "device" attribute and deprecate "ifname" 62e3cb5 scripts/netifd-wireless.sh: add support for specifying the operating band Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 5fe549836fefea5ed656d73a0040dd0451f84705)
* netifd: update to the latest masterRafał Miłecki2021-05-261-3/+3
| | | | | | | | config: fix ifname->ports compat rename Fixes: 829b5c2ba32f ("netifd: update to the latest version") Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit cea6631cdf09c577ae87a21bc3b03273a233c17e)
* netifd: update to the latest versionFelix Fietkau2021-05-261-4/+4
| | | | | | | | | | | 02dd2f2df7cb fix unannotated fall-through warnings 3052f2f67686 extdev: remove unused function 2a97fd006c3b device: add support for configuring devices with external auth handler 87e469be0c08 wireless: fix memory corruption bug when using vlans/station entries in the config 7277764bf817 bridge: rename "ifname" attribute to "ports" Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 829b5c2ba32f5ec821eab6762deecdf3522470a9)
* libubox: update to the latest versionFelix Fietkau2021-05-261-3/+3
| | | | | | | | | | | | | 870acee325fe tests: cram: test_base64: fix failing tests 4d8995e91d56 tests: cram: test_base64: really fix failing tests 551d75b5662c libubox: tests: add more blobmsg/json test cases a0dbcf8b8f96 tests: add blob-buffer overflow test b36a3a90098d blob: fix exceeding maximum buffer length b8abed749423 utils.h: add fallthrough macro b14c4688612c json_script: fix unannotated fall-through warning Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 04d21604fd72f337c8a0410d13b3d878914b7e7e)
* netifd: read udhcpc user scripts from directoryLeon M. George2021-05-262-1/+6
| | | | | | | | | | | | | | | Placeholder DHCP user scripts were added recently. These files make package-based installations of such scripts more difficult. Pull user callbacks from directories instead to allow packages and users to install co-existing scripts more easily. References: 130118f7a netifd: add a udhcpc.user placeholder script Signed-off-by: Leon M. George <leon@georgemail.eu> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase] (cherry picked from commit 467c32600cc575fcb67c5f01ad32e02141220ceb)
* netifd: update to Git version 2021-04-03Hauke Mehrtens2021-05-261-3/+3
| | | | | | | | f8899b9 netifd: bridge: set default value for igmp_snoop 327da98 netifd: add possibility to switch off route config Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit b974293efa24b8e1bf859b1ed253ca0042ab273e)
* netifd: update to git HEADDaniel Golle2021-05-261-3/+3
| | | | | | | | | | | 09632d4 device: remove left-over comment b22f83d handler: add mechanism to generate external device handler stubs 80bf9d7 extdev: add support for external device handlers 44c0f40 system-linux: reorder sysctl functions c84f3b0 system-linux: add device options used by wpad Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit e62ace0ecf228f3a8bc86cea2252539ac7fd988c)
* netifd: add a udhcpc.user placeholder scriptRui Salvaterra2021-05-262-1/+6
| | | | | | | | | Document the existence of this feature. This allows the user to execute a script at each DHCPv4 event. This is useful, for example, as an ad-hoc way to update a DDNS entry when (and only when) required. Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com> (cherry picked from commit 130118f7aa3191a2afd244d49e3057d4c5688676)
* libubox: update to git HEADDaniel Golle2021-05-261-3/+3
| | | | | | | 2e52c7e libubox: fix BLOBMSG_CAST_INT64 (do not override BLOBMSG_TYPE_DOUBLE) Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit c82cc4407adebd683593d8f0b71d10e694ff8804)
* base-files: use "ports" array in board.json network for bridgesRafał Miłecki2021-05-242-7/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | Bridge aggregates multiple ports so use a more accurate name ("ports") and format (array) for storing them in board.json. Example: "network": { "lan": { "ports": [ "lan1", "lan2", "lan3", "lan4" ], "protocol": "static" }, "wan": { "ifname": "wan", "protocol": "dhcp" } } Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit d42640e389a8b22a31fb0061c12cd9dfbddb87b8)
* treewide: Mark packages nonshared if they depend on @TARGET_Hauke Mehrtens2021-05-2412-0/+24
| | | | | | | | | | | | | | | This marks all packages which depend on a target with @TARGET nonshared. If they are not marked nonshared they would be build by the SDK build and if this happens with a different SDK, then the SDK from the target the package depends on, the package would not be added to the index. This should fix the image builder for some of these packages. This should fix the image builder at least for bcm27xx/bcm2710 and bcm4908/generic. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 1903233f2b312caf87aa369cd325d9689c45a1c6)
* uclient: update to Git version 2021-05-14Baptiste Jonglez2021-05-171-3/+3
| | | | | | | | | 6a6011d uclient-http: set eof mark when content-length is 0 19571e4 tests: fix help usage test for uclient built with sanitizer c5fc04b tests: fix help usage test Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org> (cherry picked from commit 1ec6fc4dcba16045a6bfcc493bdbe892de1265a9)
* uclient: update to Git version 2021-04-03Hauke Mehrtens2021-05-171-3/+3
| | | | | | | | 83efca2 tests: fix possibly longer start of HTTP server 64e00d6 uclient-fetch: document missing options Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 1371910b76f021486810b18f371b3dc528d952ea)
* busybox: disable PREFER_IPV4_ADDRESSBaptiste Jonglez2021-05-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PREFER_IPV4_ADDRESS is broken on IPv6-only hosts, as it causes busybox utilities (ping, traceroute, ntpd) to forcibly use the A record instead of the AAAA record when resolving a DNS name. This obviously fails when there is no IPv4 connectivity. Since IPv6-only hosts or routers will only become more common over time, disable PREFER_IPV4_ADDRESS to support this use-case. As a side-effect, disabling PREFER_IPV4_ADDRESS changes the default resolution behaviour of busybox utilities on dual-stack hosts. Busybox utilities now simply use the order given by getaddrinfo(), so they will now prefer IPv6 addresses when resolving a name with both A and AAAA records if there is IPv6 connectivity. This is in line with RFC 6724. PREFER_IPV4_ADDRESS was likely intended to work around naive implementations of getaddrinfo() that could return AAAA records first, even on an IPv4-only host. But both musl (since 1.1.3) and glibc correctly implement RFC 6724 for getaddrinfo() and check connectivity to determine the correct order in which to return records. On IPv4-only hosts, getaddrinfo() will return A records first, so there is no need for the PREFER_IPV4_ADDRESS hack. See also: https://bugs.busybox.net/show_bug.cgi?id=12381 Fixes: FS#84 Fixes: FS#2608 References: https://github.com/openwrt/openwrt/pull/4167 Signed-off-by: Alexander Traud <pabstraud@compuserve.com> Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org> (cherry picked from commit 7fea9d9f5dd282a7049d77cc6b75e0a703ead26c)
* openwrt-keyring: Only copy sign key for 21.02Hauke Mehrtens2021-05-171-2/+3
| | | | | | | | | | Instead of adding all public signature keys from the openwrt-keyring repository only add the key which is used to sign the OpenWrt 21.02 feeds. If one of the other keys would be compromised this would not affect users of 21.02 release builds. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* procd: update to git HEADDaniel Golle2021-05-161-3/+3
| | | | | | | | 2be57ed cosmetics: provide compatible system info on Aarch64 37eed13 system: expose if system was booted from initramfs Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry-picked from commit 5f1bd952785e3257199879248e0b82216757b0b6)
* mt76: update to the latest versionFelix Fietkau2021-05-161-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Includes fix for CVE-2020-24588 186af01047b2 mt76: mt7921: introduce MCU_EVENT_LP_INFO event parsing 93b5c28c97d5 mt76: mt7921: add rcu section in mt7921_mcu_tx_rate_report a8e89c5a1d1f mt76: testmode: add support to send larger packet a0cc9a9e3877 mt76: mt7915: rework mt7915_tm_set_tx_len() c8b96630324e mt76: mt7915: fix rate setting of tx descriptor in testmode 22fd2958c42a mt76: mt7615: fix memleak when mt7615_unregister_device() 7401e0db3143 mt76: mt7915: fix memleak when mt7915_unregister_device() c3656268b3f6 mt76: mt7915: only free skbs after mt7915_dma_reset() when reset happens 0ce955b04ba8 mt76: mt7615: only free skbs after mt7615_dma_reset() when reset happens b03d1e62acf7 mt76: mt7615: use ieee80211_free_txskb() in mt7615_tx_token_put() 5ac02e22fb03 mt76: flush tx status queue on DMA reset c71f609b398a mt76: sync with upstream changes 23ecadd4af77 mt76: mt7615: fix hardware error recovery for mt7663 57a899ee3c3c mt76: mt7615: fix entering driver-own state on mt7663 42a2dddb706b mt76: mt7615: load ROM patch before checking patch semaphore status cf0e406af84a mt76: mt7915: add support for applying pre-calibration data 459940ccbc58 mt76: mt7921: move hw configuration in mt7921_register_device 0a094b11f3c0 mt76: improve mcu error logging bf536832e37d mt76: mt7921: run mt7921_mcu_fw_log_2_host holding mt76 mutex 7616f4f78163 mt76: mt7921: add wifisys reset support in debugfs e620bd881ef5 mt76: mt7921: abort uncompleted scan by wifi reset e8dacf59ab1c mt76: mt7915: rework the flow of txpower setting c8c78e577236 mt76: mt7915: directly read per-rate tx power from registers 1622bf4f8705 mt76: mt7921: add mt7921_dma_cleanup in mt7921_unregister_device ef96fafad8a9 mt76: Convert to DEFINE_SHOW_ATTRIBUTE 90e4bfea2948 mt76: mt7921: do not use 0 as NULL pointer 0a139d7f5966 mt76: connac: move mcu_update_arp_filter in mt76_connac module de26c73ce3c2 mt76: mt7921: remove leftover function declaration 1c0b6cb4f942 mt76: mt7921: fix a race between mt7921_mcu_drv_pmctrl and mt7921_mcu_fw_pmctrl 2923e3e2b8e4 mt76: mt7663: fix a race between mt7615_mcu_drv_pmctrl and mt7615_mcu_fw_pmctrl 74d0fdaa7a99 mt76: connac: introduce wake counter for fw_pmctrl synchronization 28c87e09a5ea mt76: mt7921: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx path 36f664edc7db mt76: mt7663: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx path 51b3d1a9a2b7 mt76: dma: add the capability to define a custom rx napi poll routine 4f1339c9fb72 mt76: mt7921: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx/rx napi 1bc5e67a60be mt76: mt7663: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx/rx napi 325f7b451c03 mt76: connac: unschedule ps_work in mt76_connac_pm_wake 12115052a02f mt76: connac: check wake refcount in mcu_fw_pmctrl e5d28e3cef66 mt76: connac: remove MT76_STATE_PM in mac_tx_free 475112a3cdcc mt76: mt7921: get rid of useless MT76_STATE_PM in mt7921_mac_work 112998f32d85 mt76: connac: alaways wake the device before scanning 4334f3e2fc43 mt76: mt7615: rely on pm refcounting in mt7615_led_set_config 0562380659ad mt76: connac: do not run mt76_txq_schedule_all directly acfa78df5708 mt76: connac: use waitqueue for runtime-pm ca74a4cd0722 mt76: remove MT76_STATE_PM in tx path 0c2d3e74852e mt76: mt7921: add awake and doze time accounting 45e0eefffe9f mt76: mt7921: enable sw interrupts fd2ff641166f mt76: mt7615: Fix a dereference of pointer sta before it is null checked 7e2521468767 mt76: mt7921: move mt7921_dma_reset in dma.c c9dd6b1fa171 mt76: mt7921: introduce mt7921_wpdma_reset utility routine 2ac7c7e9c568 mt76: mt7921: introduce mt7921_dma_{enable,disable} utilities 662a89f2b9d1 mt76: mt7921: introduce mt7921_wpdma_reinit_cond utility routine 614efe9e9180 mt76: connac: introduce mt76_connac_mcu_set_deep_sleep utility 0dbb16ef39d8 mt76: mt7921: enable deep sleep when the device suspends 3c19f569cc70 mt76: mt7921: fix possible invalid register access ade1f5aad4c6 mt76: move token_lock, token and token_count in mt76_dev 8d5c456be1ff mt76: move token utilities in mt76 common module fb04d9df5e52 mt76: mt7915: do not read rf value from efuse in flash mode 2126b2176336 mt76: mt7921: get rid of mcu_reset function pointer d325b7eff1b1 mt76: mt7921: improve doze opportunity 2ae25c7e547e mt76: mt7663: add awake and doze time accounting 349bbb9d6f13 mt76: connac: unschedule mac_work before going to sleep 98a235004dea mt76: mt7921: mt7921_stop should put device in fw_own state 63d80b9ab251 mt76: mt7921: introduce mt7921_mcu_sta_add routine 3c5bf837fdbd mt76: mt7615: fix a precision vs width bug in printk ded14da5eacc mt76: mt7915: fix a precision vs width bug in printk aaf0d254f9ea mt76: mt7921: fix a precision vs width bug in printk 757af5c67d32 mt76: move mt76_token_init in mt76_alloc_device ed41ed73a495 mt76: mt7921: reinit wpdma during drv_own if necessary 92fb81e085c6 mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report 53d915a23bc9 mt76: connac: do not schedule wake_work if the runtime-pm is disabled 23fe1bdcf15a mt76: connac: do not schedule mac_work if the device is not running e5b19336c58e mt76: mt7615: do not set MT76_STATE_PM at bootstrap 0fc2136a61dd mt76_connac_mcu: move mt76_connac_mcu_update_arp_filter outside of CONFIG_PM e693f3e23e06 mt76: mt7915: add MSI support 5231e7300fa4 mt7915: disable ASPM 554b50dabf54 mt76: connac: fix uninitialized HT A-MPDU setting field in STA_REC_PHY 43b9c0a838bb mt76: mt7921: fix max aggregation subframes setting 5a387a0a3004 mt76: mt7921: enable rx hw de-amsdu c8cbcb87be07 mt76: connac: add missing configuration in mt76_connac_mcu_wtbl_hdr_trans_tlv 55921e57b380 mt76: mt7921: enable rx header traslation offload 01441f67d8b2 mt76: mt7921: enable rx csum offload c9ab76dd93a0 mt76: mt7915: move mt7915_queue_rx_skb to mac.c caedb4c4ee41 mt76: mt7615: fix fixed-rate tx status reporting c6ae95d43e6d mt76: improve tx status codepath 27d468d094e6 mt76: mt7915: rework tx rate reporting 3b4ca5b09e2c mt76: mt7615: avoid use of ieee80211_tx_info_clear_status e1f07d7f1cb9 mt76: mt7603: avoid use of ieee80211_tx_info_clear_status 18513ba5fbc2 mt76: mt7915: add support for tx status reporting 35f189cf81b2 mt76: mt7915: fix uninitialized variable in MSI error handling 9e928ac1ea9b mt76: dma: use ieee80211_tx_status_ext to free packets when tx fails 628eee9c386c mt76: fill queue entry wcid for all skbs with a station a9bc4d94b7a1 mt76: intialize tx queue entry wcid to 0xffff by default 998ca8af7d17 mt76: mt7915: fix tssi indication field of DBDC NICs 7dd24b3cfacf mt76: mt7915: fix a signedness bug in mt7915_mcu_apply_tx_dpd() 535025d65d8d mt76: mt7915: cleanup mt7915_mcu_sta_rate_ctrl_tlv() ff8bbe22dd87 mt76: mt7915: add .set_bitrate_mask() callback c7dd54a22e30 mt76: connac: skip wtbl reset on sta disconnect 3511fd430356 mt76: validate rx A-MSDU subframes aedc3145de6e mt76: fix possible NULL pointer dereference in mt76_tx 5c2baab92cd0 mt76: mt7615: fix NULL pointer dereference in tx_prepare_skb() af21659ee834 mt76: mt76x0: use dev_debug instead of dev_err for hw_rf_ctrl e423c16f16f7 mt76: mt7615: free irq if mt7615_mmio_probe fails f2d0da8da9b7 mt76: mt7663: enable hw rx header translation d2713a5d9de9 mt76: mt7921: fix mt7921_wfsys_reset sequence ce5f32d84f33 mt76: mt7921: Don't alter Rx path classifier 8ab8c7747197 mt76: connac: fw_own rely on all packet memory all being free a747b0bb4956 mt76: mt7921: enable deep sleep at runtime 2e6e999509b1 mt76: mt7921: add deep sleep control to runtime-pm knob 30bcb2338ce2 mt76: connac: fix WoW with disconnetion and bitmap pattern 56518f4a126e mt76: mt7921: consider the invalid value for to_rssi e969ab10a034 mt76: mt7921: add back connection monitor support 28b162366d09 mt76: fix calling mt76_get_of_eeprom with an offset for pre-cal data 9d736545bb5a mt76: mt7915: disable pre-calibration support for now Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit f62aa9e7816fd0601a7997d87c89767939a6afcf)
* mac80211: backport upstream fixes for FragAttacksFelix Fietkau2021-05-1623-7/+1466
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From the patch series description: Several security issues in the 802.11 implementations were found by Mathy Vanhoef (New York University Abu Dhabi), who has published all the details at https://papers.mathyvanhoef.com/usenix2021.pdf Specifically, the following CVEs were assigned: * CVE-2020-24586 - Fragmentation cache not cleared on reconnection * CVE-2020-24587 - Reassembling fragments encrypted under different keys * CVE-2020-24588 - Accepting non-SPP A-MSDU frames, which leads to payload being parsed as an L2 frame under an A-MSDU bit toggling attack * CVE-2020-26139 - Forwarding EAPOL from unauthenticated sender * CVE-2020-26140 - Accepting plaintext data frames in protected networks * CVE-2020-26141 - Not verifying TKIP MIC of fragmented frames * CVE-2020-26142 - Processing fragmented frames as full frames * CVE-2020-26143 - Accepting fragmented plaintext frames in protected networks * CVE-2020-26144 - Always accepting unencrypted A-MSDU frames that start with RFC1042 header with EAPOL ethertype * CVE-2020-26145 - Accepting plaintext broadcast fragments as full frames * CVE-2020-26146 - Reassembling encrypted fragments with non-consecutive packet numbers * CVE-2020-26147 - Reassembling mixed encrypted/plaintext fragments In general, the scope of these attacks is that they may allow an attacker to * inject L2 frames that they can more or less control (depending on the vulnerability and attack method) into an otherwise protected network; * exfiltrate (some) network data under certain conditions, this is specific to the fragmentation issues. A subset of these issues is known to apply to the Linux IEEE 802.11 implementation (mac80211). Where it is affected, the attached patches fix the issues, even if not all of them reference the exact CVE IDs. In addition, driver and/or firmware updates may be necessary, as well as potentially more fixes to mac80211, depending on how drivers are using it. Specifically, for Intel devices, firmware needs to be updated to the most recently released versions (which was done without any reference to the security issues) to address some of the vulnerabilities. To have a single set of patches, I'm also including patches for the ath10k and ath11k drivers here. We currently don't have information about how other drivers are, if at all, affected. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* busybox: update to 1.33.1Nick Hainke2021-05-145-132/+3
| | | | | | | | | | | | | | | Remove backports: - 001-backport1330fix-ash-make-strdup-copy.patch - 002-backport1330fix-traceroute.patch - 005-backport-CVE-2021-28831.patch Remove upstreamed: - 010-fix-wrong-variable.patch Signed-off-by: Nick Hainke <vincent@systemli.org> [don't use $(AUTORELEASE) for now] Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 6713fe030fca32fc3d5ad9761f3b2f96501aedd6)
* mac80211/rtl: backport a rtl8192cu AP mode fixRui Salvaterra2021-05-141-0/+118
| | | | | | | | | | Running USB devices in AP mode is never a good idea. That said, fix the TIM issue in rtl8192cu [1], allowing these devices to "work" in AP mode. [1] https://patchwork.kernel.org/project/linux-wireless/patch/20210419065956.6085-1-pkshih@realtek.com/ Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com> (cherry picked from commit eeda8652f1655d4f9c11e9c9f51ddcd3377d119a)
* busybox: add SRV support to nslookup_lede.c patchPerry Melange2021-05-142-2/+22
| | | | | | | | | | | Add support for querying and parsing SRV DNS records to nslookup_lede.c This patch is based on http://lists.busybox.net/pipermail/busybox/2019-June/087359.html Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com> [reword subject, bump PKG_RELEASE] Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 3a359398f04f3f4c4a42d1ca274bb1a0f0303e05)
* base-files: shinit: properly handle dashes in service namesJo-Philipp Wich2021-05-121-1/+1
| | | | | | Fixes: FS#3801 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 75ea878d1ba05610121a732dc0abf7c914e83ca1)
* uqmi: fix network registration loopThomas Richard2021-05-112-10/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With some debug in qmi.sh using following patch, some errors are visible in the registration step @@ -29,6 +29,7 @@ proto_qmi_init_config() { } proto_qmi_setup() { + set -x local interface="$1" local dataformat connstat plmn_mode mcc mnc local device apn auth username password pincode delay modes pdptype @@ -224,6 +225,8 @@ proto_qmi_setup() { fi done + registration=$(uqmi -s -d "$device" --get-serving-system) + [ -n "$modes" ] && uqmi -s -d "$device" --set-network-modes "$modes" > /dev/null 2>&1 echo "Starting network $interface" During the boot of the system, modem could not start automatically its network registration. netifd: wan (9235): + echo 'Waiting for network registration' netifd: wan (9235): Waiting for network registration netifd: wan (9235): + local 'registration_timeout=0' netifd: wan (9235): + uqmi -s -d /dev/cdc-wdm1 --get-serving-system netifd: wan (9235): + grep '"searching"' netifd: wan (9235): + uqmi -s -d /dev/cdc-wdm1 --get-serving-system netifd: wan (9235): + registration='{"registration":"not_registered","plmn_mcc":208,"plmn_mnc":20,"plmn_description":"","roaming":true}' netifd: wan (9235): + '[' -n ] netifd: wan (9235): + echo 'Starting network wan' As the while loop checks only "searching" pattern, uqmi.sh script quits searching loop and continues whereas the modem is not registered Other issue, after X seconds modem stops searching. netifd: wan (9213): + uqmi -s -d /dev/cdc-wdm0 --get-serving-system netifd: wan (9213): + grep '"searching"' netifd: wan (9213): + '[' -e /dev/cdc-wdm0 ] netifd: wan (9213): + '[' 3 -lt 0 -o 0 '=' 0 ] netifd: wan (9213): + let registration_timeout++ netifd: wan (9213): + sleep 1 netifd: wan (9213): + uqmi -s -d /dev/cdc-wdm0 --get-serving-system netifd: wan (9213): + grep '"searching"' netifd: wan (9213): + uqmi -s -d /dev/cdc-wdm0 --get-serving-system netifd: wan (9213): + registration='{"registration":"not_registered"}' netifd: wan (9213): + '[' -n ] netifd: wan (9213): + echo 'Starting network wan' netifd: wan (9213): Starting network wan If registration_timeout is not expired, registration can be restarted Signed-off-by: Thomas Richard <thomas.richard@kontron.com> Tested-by: Florian Eckert <fe@dev.tdt.de> (cherry picked from commit 2eda042d553c23590c9d6ade8a1a17ffcfb4be7c)
* dnsmasq: Update to version 2.85Alan Swanson2021-05-054-92/+6
| | | | | | | | | | | | | | | | | | | | | | Fixes issue with merged DNS requests in 2.83/2.84 not being retried on the firsts failed request causing lookup failures. Also fixes the following security problem in dnsmasq: * CVE-2021-3448: If specifiying the source address or interface to be used when contacting upstream name servers such as: server=8.8.8.8@1.2.3.4, server=8.8.8.8@1.2.3.4#66 and server=8.8.8.8@eth0 then all would use the same socket bound to the explicitly configured port. Now only server=8.8.8.8@1.2.3.4#66 will use the explicitly configured port and the others random source ports. Remove upstreamed patches and update remaining patch. Signed-off-by: Alan Swanson <reiver@improbability.net> [refreshed old runtime support patch] Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (cherry picked from commit 3980daffa4e284377cd1ae803fba78331c1fc40b)
* ltq-dsl-base: Make package nonshared to fix image builderHauke Mehrtens2021-05-041-0/+2
| | | | | | | | | | | This package depends on the lantiq target and is only build for that target. A normal package would be build by the SDK builder probably under a different target and then this package will not be selected. Mark it as nonshared to build it when the lantiq target gets build. Fixes: FS#3773, FS#3774 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 454d514f4647d6f1f0d93d8f67abdef94cd66a7d)
* mac80211: Update to version 5.10.34-1Hauke Mehrtens2021-05-0421-188/+48
| | | | | | | The removed patches were applied upstream and are not needed anymore. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 17ac9849d3ff687c8c14d63e46f3e205adc22a3e)
* busybox: backport fix for CVE-2021-28831Hauke Mehrtens2021-05-042-1/+53
| | | | | | | | | | This backports a fix for the low priority CVE-2021-28831: decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 13397b2b95b4800fb0a29c3d483fa280d10f0eb0)
* ipq40xx: add support for MikroTik SXTsq 5 acRoger Pueyo Centelles2021-05-032-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit adds support for the MikroTik SXTsq 5 ac (RBSXTsqG-5acD), an outdoor 802.11ac wireless CPE with one 10/100/1000 Mbps Ethernet port. Specifications: - SoC: Qualcomm Atheros IPQ4018 - RAM: 256 MB - Storage: 16 MB NOR - Wireless: IPQ4018 (SoC) 802.11a/n/ac 2x2:2, 16 dBi antennae - Ethernet: IPQ4018 (SoC) 1x 10/100/1000 port, 10-28 Vdc PoE in - 1x Ethernet LED (green) - 7x user-controllable LEDs · 1x power (blue) · 1x user (green) · 5x rssi (green) Note: Serial UART is probably available on the board, but it has not been tested. Flashing: Boot via TFTP the initramfs image. Then, upload a sysupgrade image via SSH and flash it normally. More info at the "Common procedures for MikroTik products" page https://openwrt.org/toh/mikrotik/common. Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net> (cherry picked from commit d1f1e5269ed992e6fc30d575b43b0913c9e58ca2) [Compile and Run Tested] Signed-off-by: Nick Hainke <vincent@systemli.org>
* ipq40xx: add MikroTik hAP ac2 supportRobert Marko2021-05-032-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds support for the MikroTik RouterBOARD RBD52G-5HacD2HnD-TC (hAP ac²), a indoor dual band, dual-radio 802.11ac wireless AP with integrated omnidirectional antennae, USB port and five 10/100/1000 Mbps Ethernet ports. See https://mikrotik.com/product/hap_ac2 for more info. Specifications: - SoC: Qualcomm Atheros IPQ4018 - RAM: 128 MB - Storage: 16 MB NOR - Wireless: · Built-in IPQ4018 (SoC) 802.11b/g/n 2x2:2, 2.5 dBi antennae · Built-in IPQ4018 (SoC) 802.11a/n/ac 2x2:2, 2.5 dBi antennae - Ethernet: Built-in IPQ4018 (SoC, QCA8075) , 5x 1000/100/10 port, passive PoE in - 1x USB Type A port Installation: Boot the initramfs image via TFTP and then flash the sysupgrade image using "sysupgrade -n" Signed-off-by: Robert Marko <robimarko@gmail.com> (cherry picked from commit faea7becafc634dc882f0ad8f9388862ccd5bd0d) [Compile Tested] Signed-off-by: Nick Hainke <vincent@systemli.org>