aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* OpenWrt v22.03.0-rc5: revert to branch defaultsHauke Mehrtens2022-07-061-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0-rc5: adjust config defaultsv22.03.0-rc5Hauke Mehrtens2022-07-061-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openssl: bump to 1.1.1pAndre Heider2022-07-041-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes between 1.1.1o and 1.1.1p [21 Jun 2022] *) In addition to the c_rehash shell command injection identified in CVE-2022-1292, further bugs where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection have been fixed. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. (CVE-2022-2068) [Daniel Fiala, Tomáš Mráz] *) When OpenSSL TLS client is connecting without any supported elliptic curves and TLS-1.3 protocol is disabled the connection will no longer fail if a ciphersuite that does not use a key exchange based on elliptic curves can be negotiated. [Tomáš Mráz] Signed-off-by: Andre Heider <a.heider@gmail.com> (cherry picked from commit eb7d2abbf06f0a3fe700df5dc6b57ee90016f1f1)
* uboot-mediatek: update UniFi 6 LR board nameDaniel Golle2022-07-041-1/+1
| | | | | | | | Select matching U-Boot for both v1 and v2 variants. Fixes: 15a02471bb ("mediatek: new target mt7622-ubnt-unifi-6-lr-v1") Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 2caa03ec8607fb38e11ac1ce3c7b698f80191b49)
* mt76: update to the latest versionFelix Fietkau2022-07-031-3/+3
| | | | | | | 93e3fce916c6 mt76: pass original queue id from __mt76_tx_queue_skb to the driver Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 06d0cc2fb365485dd1ddd32937afd5091fa4b8a8)
* mt76: update to the latest versionFelix Fietkau2022-07-021-3/+3
| | | | | | | | c07f45927839 firmware: update mt7622 firmware to version 20220630 af406a2d1c36 mt76: do not use skb_set_queue_mapping for internal purposes Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 8e90abb39615e25a03f255f2c16c9203ab976ae7)
* mac80211: fix mesh queue selection issueFelix Fietkau2022-07-021-0/+28
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 51e9d496ba7958fb9f2d3eb4bc7f257837145dd0)
* ipq-wifi: remove packaged BDF-s for MikroTik devicesRobert Marko2022-07-015-8/+0
| | | | | | | | | | | | | Since we now provide the BDF-s for MikroTik IPQ40xx devices on the fly, there is noneed to include package and ship them like we do now. This also resolves the performance issues that happen as MikroTik changes the boards and ships them under the same revision but they actually ship with and require a different BDF. Signed-off-by: Robert Marko <robimarko@gmail.com> (cherry picked from commit ab141a6e2cb645ff64adb107af2e8973a720c1c7) Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* mac80211: ath10k: backport bus and device specific API 1 BDF selectionRobert Marko2022-07-011-0/+65
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some ath10k IPQ40xx devices like the MikroTik hAP ac2 and ac3 require the BDF-s to be extracted from the device storage instead of shipping packaged API 2 BDF-s. This is required as MikroTik has started shipping boards that require BDF-s to be updated, as otherwise their WLAN performance really suffers. This is however impossible as the devices that require this are release under the same revision and its not possible to differentiate them from devices using the older BDF-s. In OpenWrt we are extracting the calibration data during runtime and we are able to extract the BDF-s in the same manner, however we cannot package the BDF-s to API 2 format on the fly and can only use API 1 to provide BDF-s on the fly. This is an issue as the ath10k driver explicitly looks only for the board.bin file and not for something like board-bus-device.bin like it does for pre-cal data. Due to this we have no way of providing correct BDF-s on the fly, so lets extend the ath10k driver to first look for BDF-s in the board-bus-device.bin format, for example: board-ahb-a800000.wifi.bin If that fails, look for the default board file name as defined previously. So, backport the upstream ath10k patch. Signed-off-by: Robert Marko <robimarko@gmail.com> (cherry picked from commit 3daf2d477ee728b5b066fe7f31808a5f19bb98a1) [prune unrelated patch refreshes] Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* ath10k-ct: update to 2022-05-13Robert Marko2022-07-014-22/+22
| | | | | | | | | Update ath10k-ct to the latest version which includes the backported ath10k commit for requesting API 1 BDF-s with a unique name like caldata. Signed-off-by: Robert Marko <robimarko@gmail.com> (cherry picked from commit ab97b2a25d69215dcc0d9621e491aa7b17f315cb) Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* firewall4: bump to git HEADStijn Tintel2022-07-011-3/+3
| | | | | | | | | | | | | | | | | | | 11f5c7b fw4.uc: fix zone helper assignment b9d35ff fw4.uc: don't skip zone for unavailable helper e35e26b tests: add test for zone helpers a063317 ruleset: fix conntrack helpers e1cb763 ruleset: reuse zone-jump.uc template for notrack and helper chain jumps 11410b8 ruleset: reorder declarations & output tweaks 880dd31 fw4: fix skipping invalid IPv6 ipset entries 5994466 fw4: simplify `is_loopback_dev()` 53886e5 fw4: fix crash in parse_cthelper() if no helpers are present 11256ff fw4: add support for configurable includes 3b5a033 tests: add test coverage for firewall includes d79911c fw4: support sets with timeout capability but without default expiry 15c3831 fw4: add support for `option log` in rule and redirect sections Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit e8433fb4336b72e44a40cb667ee2eb06e0a31109)
* iptables: default to ip(6)tables-nftEtienne Champetier2022-06-291-19/+12
| | | | | | | | | | | | | | | | OpenWrt now uses firewall4 (nft) by default, so iptables should also default to nftables backend. When multiple packages provide the same virtual package, opkg pick the first one by alphabetical order, so we rename iptables-legacy to iptables-zz-legacy and add iptables-legacy in PROVIDES. We also need to remove IPTABLES_NFTABLES config as this cause recursive dependencies. Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> (cherry picked from commit 35fec487e30f05c81bd135326a993dad7f861812)
* dropbear: cherry-pick upstream commit 544f28a0Konstantin Demin2022-06-271-0/+134
| | | | | | | | Resolves #10081 Reported-By: Chen Minqiang <ptpt52@gmail.com> Signed-off-by: Konstantin Demin <rockdrilla@gmail.com> (cherry picked from commit f98bb1ffe5327d7309f11a3647efd8116d637b33)
* wolfssl: disable AES-NI by default for x86_64Eneas U de Queiroz2022-06-271-1/+6
| | | | | | | | | | | | | WolfSSL is crashing with an illegal opcode in some x86_64 CPUs that have AES instructions but lack other extensions that are used by WolfSSL when AES-NI is enabled. Disable the option by default for now until the issue is properly fixed. People can enable them in a custom build if they are sure it will work for them. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 0bd536723303ccd178e289690d073740c928bb34)
* broadcom-wl: Fix compilation with kernel 5.10Florian Fainelli2022-06-274-8/+50
| | | | | | | | | | | | | | This adds a few fixes for compiling against Linux 5.10: 1. segment_eq() has been removed with upstream commit 428e2976a5bf7e7f5554286d7a5a33b8147b106a ("uaccess: remove segment_eq") and can use uaccess_kernel() instead 2. ioremap_nocache() is removed and is now an alias for ioremap() with upstream commit 4bdc0d676a643140bdf17dbf7eafedee3d496a3c ("remove ioremap_nocache and devm_ioremap_nocache") Signed-off-by: Florian Fainelli <f.fainelli@gmail.com> (cherry picked from commit cd3de51bb4a18f922a961fdeb42c1c8f1f80b425)
* 464xlat: delete SNATed conntracks on interface teardownAlin Nastac2022-06-272-1/+4
| | | | | | | | | | Existing conntracks will continue to be SNATed to 192.0.0.1 even after 464xlat interface gets teared down. To prevent this, matching conntracks must be killed. Signed-off-by: Alin Nastac <alin.nastac@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase] (cherry picked from commit 289c46869b969864676cf9abde4e1e0df33bcf37)
* wireless-regdb: bump to 2022.06.06Stijn Tintel2022-06-272-3/+3
| | | | | | | | | | | | | | | | | | 902b321 wireless-regdb: Update regulatory rules for Israel (IL) 20f6f34 wireless-regdb: add missing spaces for US S1G rules 25652b6 wireless-regdb: Update regulatory rules for Australia (AU) 081873f wireless-regdb: update regulatory database based on preceding changes 166fbdd wireless-regdb: add db files missing from previous commit e3f03f9 Regulatory update for 6 GHz operation in Canada (CA) 888da5f Regulatory update for 6 GHz operation in United States (US) 647bcaa Regulatory update for 6 GHz operation in FI c6b079d wireless-regdb: update regulatory rules for Bulgaria (BG) on 6GHz 2ed39be wireless-regdb: Remove AUTO-BW from 6 GHz rules 7a6ad1a wireless-regdb: Unify 6 GHz rules for EU contries 68a8f2f wireless-regdb: update regulatory database based on preceding changes Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit e3e9eb31a281643737142e8e80c6f49204b5ba18)
* mac80211: increase airtime scheduler quantumFelix Fietkau2022-06-271-0/+53
| | | | | | | improves performance by requiring fewer iterations over tx queues Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 7bf5233a2a2b1c81fae2f3a85bb971ef2a7f9b27)
* mac80211: add airtime fairness improvementsFelix Fietkau2022-06-278-3/+1695
| | | | | | | | | This reverts the airtime scheduler back from the virtual-time based scheduler to the deficit round robin scheduler implementation. This reduces burstiness and improves fairness by improving interaction with AQL. Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 6d49a25804d78d639e08a67c86b26991ce6485d8)
* netfilter: kmod-nft-xfrmFlorian Eckert2022-06-251-0/+11
| | | | | | | Add kmod-nft-xfrm package. Signed-off-by: Florian Eckert <fe@dev.tdt.de> (cherry picked from commit 9379bc2fcf905568ef329a121c8c8a11fc98b02c)
* libusb: fix missing linkLeo Soares2022-06-251-1/+1
| | | | | | | | | | adds `libusb-1.0.so` link on the target root again. Fixes: 43539a6aabbe ("libusb: make InstallDev explicit") Signed-off-by: Leo Soares <leo@hyper.ag> (added fixed tag, reworded commit) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (cherry picked from commit dc59a22f1d0f3a98eee9fa2043f03a764fbefe10)
* mt76: update to the latest versionFelix Fietkau2022-06-241-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 65042bfd759c mt76: mt7915: introduce 802.11ax multi-bss support e756ea3bd069 mt76: fix wrong HE data rate in sniffer tool 47b64131e820 mt76: mt7921: don't enable beacon filter when IEEE80211_CONF_CHANGE_MONITOR is set 7a05f4628e76 mt76: fix monitor rx FCS error in DFS channel 104dd5cb0a40 mt76: mt7915: fix DBDC default band selection on MT7915D a7805e4e1d58 mt76: reduce tx queue lock hold time 0b1deb9292cd mt76: dma: use kzalloc instead of devm_kzalloc for txwi 2e51013b38c9 mt76: dma: reduce lock contention in mt76_dma_tx_cleanup c96fbb86f7e5 mt76: mt7915: rework hardware/phy initialization c2bb44cab51e mt76: mt7915: accept rx frames with non-standard VHT MCS10-11 36c23a4a8422 mt76: mt7921: accept rx frames with non-standard VHT MCS10-11 5b7dd093c8f0 mt76: fix use-after-free by removing a non-RCU wcid pointer c692aacb9bde mt76: fix MBSS index condition in DBDC mode fd6541905aa4 mt76: mt7921u: add suspend/resume support 201b33cf42c2 mt76: mt7921: rely on mt76_dev rxfilter in mt7921_configure_filter 9666c08228e7 mt76: mt7921: honor pm user configuration in mt7921_sniffer_interface_iter 1442710d7936 mt76: mt7915: always call mt7915_wfsys_reset() during init ec4d9b9e8b70 mt76: mt7915: fix unbounded shift in mt7915_mcu_beacon_mbss 6b1efcd72946 mt76: mt7915: fix wfsys reset regression 376ea8152b2b mt76: mt7915: add missing chunk from wfsys reset fix eed44048ca57 Revert "mt76: dma: reduce lock contention in mt76_dma_tx_cleanup" 5beb87716e70 mt76: dma: add wrapper macro for accessing queue registers e0bc736d5617 mt76: add support for overriding the device used for DMA mapping b8c842daa081 mt76: make number of tokens configurable dynamically 87a962e0608f mt76: mt7915: add Wireless Ethernet Dispatch support 2accb74e6be3 mt76: mt7915: fix using null pointer when wfsys on e5227f2f3120 mt76: mt7921: Fix the error handling path of mt7921_pci_probe() ec0e9f4da32f mt76: mt7915: fix possible uninitialized pointer dereference in mt7986_wmac_gpio_setup 5a87be892ba7 mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector fe441e5d3dcf mt76: mt7915: do not pass data pointer to mt7915_mcu_muru_debug_set f3ddfe886283 mt76: mt7915: report rx mode value in mt7915_mac_fill_rx_rate 2a0d370cb5fe mt76: mt7915: use 0xff to initialize bitrate_mask in mt7915_init_bitrate_mask 506bb0605e3e mt76: mt7921: Add AP mode support d4937118ec4f mt76: fix rx reordering with non explicit / psmp ack policy f50672518bcc mt76: do not attempt to reorder received 802.3 packets without agg session 75e046e3c9ae mt76: fix antenna config missing in 6G cap 64ede85f14b5 mt76: mt7915: remove SCS feature db0a67582028 mt76: mt7915: make read-only array ppet16_ppet8_ru3_ru0 static const 68a2f68d5c01 mt76: mt7921: make read-only array ppet16_ppet8_ru3_ru0 static const 1e7b77294e97 mt76: mt7921: fix kernel crash at mt7921_pci_remove 795830a99a6c mt76: mt7915: add debugfs knob for RF registers read/write 60a8ec12a8eb mt76: mt7603: move spin_lock_bh() to spin_lock() 5ec7a2eac867 mt76: mt7915: disable RX_HDR_TRANS_SHORT eecbb4992073 mt76: fix encap offload ethernet type check a666d5637bc3 mt76: fix tx status related use-after-free race on station removal 6da21a0b7280 linux-firmware: update firmware for MT7921 WiFi device 4876688c41dc linux-firmware: update firmware for MT7915 79b1b86040de linux-firmware: add firmware for MT7986 784c27b159b9 linux-firmware: add firmware for MT7922 079e41dc71a1 mt76: mt7915: configure soc clocks in mt7986_wmac_init 747c70fc6c89 mt76: connac: use skb_put_data instead of open coding e98f58815018 mt76: mt7915: update mt7986 patch in mt7986_wmac_adie_patch_7976() b7104b4b2f2d mt76: mt7915: fix twt table_mask to u16 in mt7915_dev d39368f336ee mt76: mt7915: reject duplicated twt flows 4718ed04a655 mt76: mt7915: limit minimum twt duration 84319691b742 mt76: mt7915: reowrk SER debugfs knob bac5f22365a2 mt76: mt7915: introduce mt7915_mac_severe_check() 81524067686c mt76: mt7915: move MT_INT_MASK_CSR to init.c 2b7f5e85290e mt76: mt7915: add support for 6G in-band discovery 31273183ea0a mt76: mt7615/mt7915: do reset_work with mt76's work queue bb54f5e1c115 mt76: mt7915: improve error handling for fw_debug knobs 838529da6470 mt76: mt7915: add more statistics from fw_util debugfs knobs 3a65deb93737 mt76: add gfp to mt76_mcu_msg_alloc signature 8e87669eefcf mt76: mt7921: add ipv6 NS offload support e1b2c18eee29 mt76: mt7915: fix endianness in mt7915_rf_regval_get 0742eaeafee2 mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg d299ad96d867 mt76: mt7915: fix endian bug in mt7915_rf_regval_set() 380eac6f31ec mt76: add 6 GHz band support in mt76_sar_freq_ranges 268ce38e9e36 mt76: mt7921: introduce ACPI SAR support 8c27300b4271 mt76: mt7921: introduce ACPI SAR config in tx power 54b6504a3ef8 mt76: mt7915: add more ethtool stats cdd66d642977 mt76: add DBDC rxq handlings into mac_reset_work b284684f5cba mt76: mt7921: add PATCH_FINISH_REQ cmd response handling f8b9be4287cc mt76: mt7921s: fix firmware download random fail 28b19d2cc53f mt76: mt7915: add missing bh-disable around tx napi enable/schedule 1d8af168e86f mt76: mt7615: add missing bh-disable around rx napi enable/schedule 4554ee652caf mt76: mt7921: fix warning Using plain integer as NULL pointer a3f1d6ccf3ca mt76: mt7921: add missing bh-disable around rx napi schedule 9aeca2a5ce47 mt76: mt7921: get rid of mt7921_mcu_exit fee8a5911c76 mt76: connac: move shared fw structures in connac module db4d784ae7ba mt76: mt7921: move fw toggle in mt7921_load_firmware 16ab6bf49556 mt76: connac: move mt76_connac2_load_ram in connac module 29fd748801c6 mt76: connac: move mt76_connac2_load_patch in connac module 051c68d18214 mt76: mt7663: rely on mt76_connac2_fw_trailer d6ae3505ac6c mt76: enable the VHT extended NSS BW feature 488a5ccc9762 mt76: mt7921: rely on mt76_dev in mt7921_mac_write_txwi signature 934029bb93e2 mt76: mt7915: rely on mt76_dev in mt7915_mac_write_txwi signature ecefae4c7d72 mt76: connac: move mac connac2 defs in mt76_connac2_mac.h b5eecc841df8 mt76: connac: move connac2_mac_write_txwi in mt76_connac module 012e619a07b9 mt76: connac: move mt76_connac2_mac_add_txs_skb in connac module 1b492be795ea mt76: mt7921: not support beacon offload disable command f1f46d3b4b19 mt76: mt7921: fix command timeout in AP stop period cae61112ef1d mt76: connac: move HE radiotap parsing in connac module 487674062643 mt76: connac: move mt76_connac2_reverse_frag0_hdr_trans in mt76-connac module 649bdc4983c4 mt76: connac: move mt76_connac2_mac_fill_rx_rate in connac module cb75aaa39252 mt76: mt7921s: remove unnecessary goto in mt7921s_mcu_drv_pmctrl e0eaf66eaebb mt76: mt7615: do not update pm stats in case of error f8d125b4ea30 mt76: mt7921: do not update pm states in case of error 6329a834907e mt76: mt7921s: fix possible sdio deadlock in command fail 8a04f1b04662 mt76: mt7921: fix aggregation subframes setting to HE max e52283439094 mt76: mt7915: disable UL MU-MIMO for mt7915 fd3958970e3d mt76: mt7921: enlarge maximum VHT MPDU length to 11454 18df38fe77f7 mt76: mt7915: get rid of unnecessary new line in mt7915_mac_write_txwi 149e95f5d7a6 mt76: connac: move mt76_connac_fw_txp in common module 899d192e8a79 mt76: move mt7615_txp_ptr in mt76_connac module 7184f0a6f6a5 mt76: connac: move mt76_connac_tx_free in shared code c42d45278fa5 mt76: connac: move mt76_connac_tx_complete_skb in shared code 0993f4ef96f8 mt76: connac: move mt76_connac_write_hw_txp in shared code 467960fab791 mt76: connac: move mt7615_txp_skb_unmap in common code 2e758064b085 mt76: mt7915: rely on mt76_connac_tx_free 2065a7901671 mt76: move mcu_txd/mcu_rxd structures in shared code 576c1b7c472b mt76: move mt76_connac2_mcu_fill_message in mt76_connac module 7275f7758090 mt76: mt7915: fix incorrect testmode ipg on band 1 caused by wmm_idx 1696f9eb8b40 mt76: mt7915: do not copy ieee80211_ops pointer in mt7915_mmio_probe a4db5869d660 mt76: mt7915: update mpdu density in 6g capability 500c18014d95 mt76: mt7915: add sta_rec with EXTRA_INFO_NEW for the first time only 3ef66fc7c714 mt76: do not check the ccmp pn for ONLY_MONITOR frame dd682eead016 mt76: mt7915: update the maximum size of beacon offload 4fb991f2c997 mt76: mt7615: add sta_rec with EXTRA_INFO_NEW for the first time only ba39ed3b44f1 mt76: mt76x02: improve reliability of the beacon hang check fd8211cf7c59 mt76: mt7921: sync with updated patch f2edd340ddb4 mt76: allow receiving frames with invalid CCMP PN via monitor interfaces b6e865e2cc70 mt76: mt7615: fix throughput regression on DFS channels Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 29ed58c8bee1de5b1779494e88620862edc44700)
* base-files: allow ignoring minor compat-version checkDavid Bauer2022-06-232-0/+5
| | | | | | | | | | | | | Downstream projects might re-generate device-specific configuration based on OpenWrt's defaults on each upgrade, thus being unaffected by forward- as well as backwards-breaking configuration. Add a new sysupgrade parameter, which allows sysupgrades between minor compat-versions. Upgrades will still fail upon mismatching major compat versions. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 34437af88867c4435add8a144417290b7fd4362a)
* Revert "mac80211: add a bug fix for a rare crash"David Bauer2022-06-181-38/+0
| | | | | | | | | | This reverts commit 33df033b73365487c5bb5a58b77aed04d4ca6ac1. It was reported this commit breaks 802.11s mesh connections, failing link establishment. Reported-by: Andreas Ziegler <dev@andreas-ziegler.de> Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: add owe_transition_ifnameDavid Bauer2022-06-161-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the owe_transition_ifname config option to wifi-ifaces. This allows to configure OWE transition VAPs without adding SSID / BSSID to the uci conifg but instead autodiscovering these parameters from other networks on the same PHY. The following configuration creates a OWE transition mode network constellation. config wifi-iface 'open0' option device 'radio0' option ifname 'open0' option network 'lan' option mode 'ap' option ssid 'FreeNet' option encryption 'none' option owe_transition_ifname 'owe0' config wifi-iface 'owe0' option device 'radio0' option ifname 'owe0' option network 'lan' option mode 'ap' option ssid 'owe_tm.FreeNet' option encryption 'owe' option hidden '1' option owe_transition_ifname 'open0' Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 574539ee2cdbb3dd54086423c6dfdd19bb1c06a6)
* uboot-mvebu: update to version v2022.04Josef Schlehofer2022-06-148-524/+2
| | | | | | | | | | | | | | | Release announcement: https://lore.kernel.org/u-boot/20220404143253.GQ14476@bill-the-cat/ Release notes between tags: https://source.denx.de/u-boot/u-boot/-/compare/v2022.01...v2022.04?from_project_id=531 All patches were removed, since they are included in this release. Run tested: Turris Omnia, mvebu/cortex-a9, OpenWrt daily snapshots Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com> (cherry picked from commit 4f51f1fc9b3597d24de442cfff253fddce478d17)
* uboot-mvebu: remove enabled CONFIG_CMD_SETEXPRJosef Schlehofer2022-06-141-7/+0
| | | | | | | | | | | | | | | | | | | | | | | We don't need to make sure that we want to have enabled CONFIG_CMD_SETEXPR by default, since this is already done in U-boot [1]. This was actually needed only for clearfog board [2], which was added in commit: da0005a6d08ae33d958a6d8a6c0c12dc07b5b2b8 ("uboot-mvebu: add patch to enable setexpr for clearfog boards) and send to U-boot to fix it properly. After a while, there was added support for Turris Omnia, which uses setexpr as well [3], but for this board, there are no fixes needed in U-boot and that's why we can remove this option here. It is helpful with shell scripting. If some downstream distributions are using it, they should correct it in defconfig for related boards. [1] https://source.denx.de/u-boot/u-boot/-/blob/e95afa56753cebcd20a5114b6d121f281b789006/cmd/Kconfig#L1504 [2] https://github.com/openwrt/openwrt/blob/852126680e21edc71c0c66561ae5a6d7479dcc67/target/linux/mvebu/image/clearfog.bootscript#L7 [3] https://github.com/openwrt/openwrt/blob/852126680e21edc71c0c66561ae5a6d7479dcc67/target/linux/mvebu/image/turris-omnia.bootscript#L2 Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com> (cherry picked from commit 69cef74c671cb7fa738a5a4c9a283c29f45326c7)
* uboot-mvebu: add patch to enable setexpr for clearfog boardsJosef Schlehofer2022-06-141-0/+31
| | | | | | | | | | | | | | | Option CMD_SETEXPR is already default in U-boot [1], since this was disabled since initial version for this board, there is send this patch to U-boot mailing list to enable it. It is required to use in OpenWrt bootscript for these boards [2]. [1] https://source.denx.de/u-boot/u-boot/-/blob/e95afa56753cebcd20a5114b6d121f281b789006/cmd/Kconfig#L1504 [2] https://github.com/openwrt/openwrt/blob/852126680e21edc71c0c66561ae5a6d7479dcc67/target/linux/mvebu/image/clearfog.bootscript#L7 Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com> (cherry picked from commit b3c2072504867b8ca00dde37f531edf0cfbe3359)
* kernel: crypto: add kmod-crypto-chacha20poly1305Xu Wang2022-06-111-0/+12
| | | | | | | | | Needed by strongSwan IPsec VPN for strongswan-mod-chapoly. Not to be confused with kmod-crypto-LIB-chacha20poly1305, which is an 8-byte nonce version used by wireguard. Signed-off-by: Xu Wang <xwang1498@gmx.com> (cherry picked from commit 197b672c40613a53a78a568a1957f2c23c343c1f)
* OpenWrt v22.03.0-rc4: revert to branch defaultsHauke Mehrtens2022-06-101-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0-rc4: adjust config defaultsv22.03.0-rc4Hauke Mehrtens2022-06-101-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* wolfssl: make WOLFSSL_HAS_OPENVPN default to yEneas U de Queiroz2022-06-091-1/+1
| | | | | | | | | | | | | Openvpn forces CONFIG_WOLFSSL_HAS_OPENVPN=y. When the phase1 bots build the now non-shared package, openvpn will not be selected, and WolfSSL will be built without it. Then phase2 bots have CONFIG_ALL=y, which will select openvpn and force CONFIG_WOLFSSL_HAS_OPENVPN=y. This changes the version hash, causing dependency failures, as shared packages expect the phase2 hash. Fixes: #9738 Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* wolfssl: enable CPU crypto instructionsEneas U de Queiroz2022-06-092-0/+23
| | | | | | | | | | | | | | | | | | | This enables AES & SHA CPU instructions for compatible armv8, and x86_64 architectures. Add this to the hardware acceleration choice, since they can't be enabled at the same time. The package was marked non-shared, since the arm CPUs may or may not have crypto extensions enabled based on licensing; bcm27xx does not enable them. There is no run-time detection of this for arm. NOTE: Should this be backported to a release branch, it must be done shortly before a new minor release, because the change to nonshared will remove libwolfssl from the shared packages, but the nonshared are only built in a subsequent release! Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 0a2edc2714dcda10be902c32525723ce2cbcb138)
* wolfssl: add benchmark utilityEneas U de Queiroz2022-06-091-3/+23
| | | | | | | This packages the wolfssl benchmark utility. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 18fd12edb810f9dfbf8410bb81f639df052134cb)
* wolfssl: don't change ABI because of hw cryptoEneas U de Queiroz2022-06-091-10/+21
| | | | | | | | | Enabling different hardware crypto acceleration should not change the library ABI. Add them to PKG_CONFIG_DEPENDS after the ABI version hash has been computed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 677774d445ced1a56e73fe62df47b4eb66441721)
* kernel: bump 5.10 to 5.10.119John Audia2022-06-072-24/+0
| | | | | | | | | | | Delete the crypto-lib-blake2s kmod package, as BLAKE2s is now built-in. Patches automatically rebased. Build system: x86_64 Build-tested: ipq806x/R7800, x86/64 Signed-off-by: John Audia <therealgraysky@proton.me> (cherry picked from commit cd634afe6cb6565eb6865931c8d73d97cab3600a)
* ksmbd: update to 3.4.5Rosen Penev2022-06-071-2/+2
| | | | | | | | | | | | Major changes are: Add support for smbd-direct multi-desctriptor. Add support for dkms. Add support for key exchange. Fix seveal bugs. Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 95adbc24e73db8370b99636b3c98205c34d7e0dd)
* mac80211: add a bug fix for a rare crashFelix Fietkau2022-06-071-0/+38
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 9a93b62f315ad4c9f021c414ed80ba337ab4a01e)
* uboot-imx: fix wrong make flags overridingPetr Štetiar2022-06-071-2/+2
| | | | | | | | | | | | | | | | | | | | Buidbots are currently choking on the following compile error: In file included from tools/aisimage.c:9: include/image.h:1133:12: fatal error: openssl/evp.h: No such file or directory # include <openssl/evp.h> ^~~~~~~~~~~~~~~ compilation terminated. This is caused by a complete overriding of make flags which are provided correctly in `UBOOT_MAKE_FLAGS` variable, but currently overriden instead of extended. This then leads to the usage of build host include dirs, which are not available. Fix it by extending `UBOOT_MAKE_FLAGS` variable in all device recipes. Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 481339a0426698adaa0254b479807efde0428de9)
* libubox: update to the latest versionFelix Fietkau2022-06-071-3/+3
| | | | | | | | | | f2d6752901f2 blob: clear buf->head when freeing a buffer 45210ce14136 list.h: add container_of_safe macro cfa372ff8aed blobmsg: implicitly reserve space for 0-terminator in string buf alloc d2223ef9da71 blobmsg: work around false positive gcc -Warray-bounds warnings Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 3e300e724b674b299d055d172a268c8cfa8489d2)
* ltq-vdsl-app: disconnect when service is stoppedJan Hoffmann2022-06-073-3/+78
| | | | | | | | | | | | | | | Stop the connection when the control daemon is terminated. The code is a modified version of the termination routine in version 4.23.1 of the daemon (which doesn't support VR9 modems anymore). This could also be implemented by calling the acos and acs commands via dsl_cpe_pipe.sh in the init script. However, doing it in the daemon itself has the advantage of also working if it is terminated in another way (for example during sysupgrade). Signed-off-by: Jan Hoffmann <jan@3e8.eu> Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> (cherry picked from commit 1daaef31b35201a9c15a2084e25dac41b48c1867)
* ltq-vdsl/ltq-adsl: fix elapsed time calculationJan Hoffmann2022-06-074-2/+246
| | | | | | | | | | | | | | | | | | | | The driver maintains elapsed times by repeatedly accumulating the time since the previous update in a loop. For the elapsed showtime time, the time difference is truncated to seconds before adding it, leading to a sizable error over time. Move the truncation to before calculation of the time difference in order to remove this error. Also maintain the total elapsed time in the same way in full seconds, to prevent the unsigned 32-bit counter from wrapping around after about 50 days. Testing on a VR9 device shows that the reported line uptime now matches the actual elapsed wall time. The ADSL variant is only compile-tested, but it should also work as the relevant code is identical. Signed-off-by: Jan Hoffmann <jan@3e8.eu> Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> (cherry picked from commit db4bf4b968c0da035d98e7771fc993af9d6f742b)
* ltq-atm/ltq-ptm: avoid unnecessary build dependenciesJan Hoffmann2022-06-072-6/+11
| | | | | | | | | | | | | | Right now, both ltq-adsl-mei and ltq-vdsl-mei are always built, even when they aren't necessary for the selected variant. This can cause the build to fail, for example ltq-vdsl-mei doesn't build successfully here on xway target due to the vectoring callback. Make these dependencies conditional on the specific package variants, so they are only built when actually needed. Signed-off-by: Jan Hoffmann <jan@3e8.eu> Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> (cherry picked from commit 2f484aeff5fe5ba3a832f98ca409adde3257e832)
* ltq-vdsl-mei: add locking to interrupt handlerJan Hoffmann2022-06-072-1/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some users noticed repeated resyncs at random intervals, which go away when the MEI driver is configured to use polling instead of interrupts. Debugging shows that this seems to be caused by concurrent calls to MEI_ReadMailbox (in the interrupt handler) and MEI_WriteMailbox. This appears to be mostly triggered when there is an interrupt for vectoring error reports. In polling mode, calls to MEI_ReadMailbox are protected by the same semaphore as is used in MEI_WriteMailbox. When interrupts are used, MEI_WriteMailbox appears to rely on MEI_DisableDeviceInt and MEI_EnableDeviceInt to provide mutual exclusion with the interrupt handler. These functions mask/unmask interrupts, and there is an additional check of the mask in the interrupt handler itself. However, this is not sufficient on systems with SMP, as the interrupt handler may be running in parallel, and could already be past the interrupt mask check at this point. This adds a lock to the interrupt handler, and also acquires this lock in MEI_DisableDeviceInt. This should make sure that after a call to MEI_DisableDeviceInt the interrupt is masked, and the interrupt handler is either not running, has alread finished its work, or is still before the interrupt mask check, and is thus going to detect the change. Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Signed-off-by: Jan Hoffmann <jan@3e8.eu> (cherry picked from commit 17004245534731ab03c9a8683208e84d9c399979)
* ltq-vdsl-app: set MAC address for vectoring error reportsJan Hoffmann2022-06-071-6/+14
| | | | | | | | | | | | | This tells the modem about the WAN MAC address, which is used as source address for vectoring error reports that are generated by the firmware. It needs to be set early, as the MEI driver only actually writes the value to the modem when is in reset state (i.e. the firmware has been loaded, but connection has not started yet). Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Signed-off-by: Jan Hoffmann <jan@3e8.eu> (cherry picked from commit b35d33c8b8a7b96f06179982b5d944cde7234004)
* ltq-vdsl-mei: enable vectoring error sample callbackJan Hoffmann2022-06-072-13/+2
| | | | | | | | | This re-enables the vectoring error sample callback and adds a dependency to the corresponding driver. Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Signed-off-by: Jan Hoffmann <jan@3e8.eu> (cherry picked from commit 93f0e1f922ec1351d429259db942f10147e624ff)
* ltq-vectoring: add driverJan Hoffmann2022-06-074-0/+349
| | | | | | | | | | | | | | | | | | | | | | | | | In order to calculate the required pre-distortion for downstream vectoring, the vectoring control entity (VCE) at the carrier office needs error samples from the modem. On Lantiq VR9 modems, error reports are generated by the firmware, but need to be multiplexed into the data stream by the driver on the main processor when L2 encapsulation is selected by the VCE. This driver provides the necessary callback function, which is called by the MEI driver after receiving an error report from the firmware. Originally, it is part of the Lantiq PPA driver, but after a few changes it also works with the PTM driver used in OpenWrt. The direct call to ndo_start_xmit needs to be replaced, as the PTM driver relies on locks from the kernel. Instead dev_queue_xmit is used, which is called from a work queue, as it is not safe to call from an interrupt handler. Additional changes include fixes to support recent kernel versions and a change of the used interface from ptm0 to dsl0. Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Signed-off-by: Jan Hoffmann <jan@3e8.eu> (cherry picked from commit f872b966092ece5c0e2192e0d979a9eb69283f17)
* packages: nvram: add NVRAM quirks for bcm53xx targetArınç ÜNAL2022-06-073-4/+48
| | | | | | | | | | | | Add NVRAM quirks script for the bcm53xx target. Split NVRAM quirks for the bcm47xx and bcm53xx targets. Move clear partialboot NVRAM quirk for Linksys EA9500 here. Add set wireless LED behaviour quirk for Asus RT-AC88U. Use boot() instead of start() as nvram commands are meant to be executed only once, at boot. Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com> (cherry picked from commit f4e219fd5e6cfa33d234dad134fb105cc1620f54)
* realtek: add support for ZyXEL GS1900-24ERaylynn Knight2022-06-061-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ZyXEL GS1900-24E is a 24 port gigabit switch similar to other GS1900 switches. Specifications -------------- * Device: ZyXEL GS1900-24E * SoC: Realtek RTL8382M 500 MHz MIPS 4KEc * Flash: 16 MiB Macronix MX25L12835F * RAM: 128 MiB DDR2 SDRAM Nanya NT5TU128M8GE * Ethernet: 24x 10/100/1000 Mbps * LEDs: 1 PWR LED (green, not configurable) 1 SYS LED (green, configurable) 24 ethernet port link/activity LEDs (green, SoC controlled) * Buttons: 1 "RESET" button on front panel * Switch: 1 Power switch on rear of device * Power 120-240V AC C13 * UART: 1 serial header (JP2) with populated standard pin connector on the left side of the PCB. Pinout (front to back): + Pin 1 - VCC marked with white dot + Pin 2 - RX + Pin 3 - TX + PIn 4 - GND Serial connection parameters: 115200 8N1. Installation ------------ OEM upgrade method: * Log in to OEM management web interface * Navigate to Maintenance > Firmware * Select the HTTP radio button * Select the Active radio button * Use the browse button to locate the realtek-rtl838x-zyxel_gs1900-24e-initramfs-kernel.bin file and select open so File Path is updated with filename. * Select the Apply button. Screen will display "Prepare for firmware upgrade ...". *Wait until screen shows "Do you really want to reboot?" then select the OK button * Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it: > sysupgrade -n /tmp/realtek-rtl838x-zyxel_gs1900-24e-squashfs-sysupgrade.bin it may be necessary to restart the network (/etc/init.d/network restart) on the running initramfs image. U-Boot TFTP method: * Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10). * Set up a TFTP server on your client and make it serve the initramfs image. * Connect serial, power up the switch, interrupt U-boot by hitting the space bar, and enable the network: > rtk network on * Since the GS1900-24E is a dual-partition device, you want to keep the OEM firmware on the backup partition for the time being. OpenWrt can only boot from the first partition anyway (hardcoded in the DTS). To make sure we are manipulating the first partition, issue the following commands: > setsys bootpartition 0 > savesys * Download the image onto the device and boot from it: > tftpboot 0x84f00000 192.168.1.10:openwrt-realtek-rtl838x-zyxel_gs1900-24e-initramfs-kernel.bin > bootm * Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it: > sysupgrade -n /tmp/openwrt-realtek-rtl838x-zyxel_gs1900-24e-squashfs-sysupgrade.bin it may be necessary to restart the network (/etc/init.d/network restart) on the running initramfs image. Signed-off-by: Raylynn Knight <rayknight@me.com> (cherry picked from commit b515ad10a6e1bd5c5da0ea95366fb19c92a75dea)
* fstools: update to git HEADDaniel Golle2022-06-051-3/+3
| | | | | | | 93369be Revert "fstools: remove SELinux restorecon hack" Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit b641dadc1386146c4213ff6c5c443bad053a85d6)