aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* kernel: no chacha-mips.ko on mips32 r1 targetsIlya Lipnitskiy2021-02-271-2/+5
| | | | | | | | | | | | | CHACHA_MIPS depends on CPU_MIPS32_R2. Therefore, kmod-crypto-lib-chacha20 should not contain chacha-mips.ko on MIPS32 R1 targets. Enforce that in the target-specific definition. Fixes bcm47xx, bcm63xx, lantiq/ase, ath25 builds. Fixes: 06351f1 ("kernel: migrate wireguard into the kernel tree") Cc: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com> Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
* wireguard-tools: depend on kmod-wireguardIlya Lipnitskiy2021-02-261-1/+4
| | | | | | | | | | | | | | | To the vast majority of the users, wireguard-tools are not useful without the underlying kernel module. The cornercase of only generating keys and not using the secure tunnel is something that won't be done on an embedded OpenWrt system often. On the other hand, maintaining a separate meta-package only for this use case introduces extra complexity. WireGuard changes for Linux 5.10 remove the meta-package. So let's make wireguard-tools depend on kmod-wireguard to make WireGuard easier to use without having to install multiple packages. Fixes: ea980fb9 ("wireguard: bump to 20191226") Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
* kernel: fix kmod-wireguard package fieldsIlya Lipnitskiy2021-02-261-4/+2
| | | | | | | | | Use NETWORK_SUPPORT_MENU like all other modules in netsupport.mk. Drop SECTION and CATEGORY fields as they are set by default and to match other packages in netsupport.mk. Use better TITLE for kmod-wireguard (taken from upstream drivers/net/Kconfig). Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
* wireguard-tools: bump to 1.0.20210223Jason A. Donenfeld2021-02-261-2/+2
| | | | | | Simple version bump with accumulated fixes. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* kernel: migrate wireguard into the kernel treeIlya Lipnitskiy2021-02-263-89/+181
| | | | | | | | | | On Linux 5.4, build WireGuard from backports. Linux 5.10 contains wireguard in-tree. Add in-kernel crypto libraries required by WireGuard along with arch-specific optimizations. Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
* download: add mirror alias for DebianDavid Bauer2021-02-263-3/+3
| | | | | | | Add an alias for Debian packages and download them from the Debian mirror redirector. Signed-off-by: David Bauer <mail@david-bauer.net>
* ramips: add support for ZTE MF283+Lech Perczak2021-02-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ZTE MF283+ is a dual-antenna LTE category 4 router, based on Ralink RT3352 SoC, and built-in ZTE P685M PCIe MiniCard LTE modem. Hardware highlighs: - CPU: MIPS24KEc at 400MHz, - RAM: 64MB DDR2, - Flash: 16MB SPI, - Ethernet: 4 10/100M port switch with VLAN support, - Wireless: Dual-stream 802.11n (RT2860), with two internal antennas, - WWAN: Built-in ZTE P685M modem, with two internal antennas and two switching SMA connectors for external antennas, - FXS: Single ATA, with two connectors marked PHONE1 and PHONE2, internally wired in parallel by 0-Ohm resistors, handled entirely by internal WWAN modem. - USB: internal miniPCIe slot for modem, unpopulated USB A connector on PCB. - SIM slot for the WWAN modem. - UART connector for the console (unpopulated) at 3.3V, pinout: 1: VCC, 2: TXD, 3: RXD, 4: GND, settings: 57600-8-N-1. - LEDs: Power (fixed), WLAN, WWAN (RGB), phone (bicolor, controlled by modem), Signal, 4 link/act LEDs for LAN1-4. - Buttons: WPS, reset. Installation: As the modem is, for most of the time, provided by carriers, there is no possibility to flash through web interface, only built-in FOTA update and TFTP recovery are supported. There are two installation methods: (1) Using serial console and initramfs-kernel - recommended, as it allows you to back up original firmware, or (2) Using TFTP recovery - does not require disassembly. (1) Using serial console: To install OpenWrt, one needs to disassemble the router and flash it via TFTP by using serial console: - Locate unpopulated 4-pin header on the top of the board, near buttons. - Connect UART adapter to the connector. Use 3.3V voltage level only, omit VCC connection. Pin 1 (VCC) is marked by square pad. - Put your initramfs-kernel image in TFTP server directory. - Power-up the device. - Press "1" to load initramfs image to RAM. - Enter IP address chosen for the device (defaults to 192.168.0.1). - Enter TFTP server IP address (defaults to 192.168.0.22). - Enter image filename as put inside TFTP server - something short, like firmware.bin is recommended. - Hit enter to load the image. U-boot will store above values in persistent environment for next installation. - If you ever might want to return to vendor firmware, BACK UP CONTENTS OF YOUR FLASH NOW. For this router, commonly used by mobile networks, plain vendor images are not officially available. To do so, copy contents of each /dev/mtd[0-3], "firmware" - mtd3 being the most important, and copy them over network to your PC. But in case anything goes wrong, PLEASE do back up ALL OF THEM. - From under OpenWrt just booted, load the sysupgrade image to tmpfs, and execute sysupgrade. (2) Using TFTP recovery - Set your host IP to 192.168.0.22 - for example using: sudo ip addr add 192.168.0.22/24 dev <interface> - Set up a TFTP server on your machine - Put the sysupgrade image in TFTP server root named as 'root_uImage' (no quotes), for example using tftpd: cp openwrt-ramips-rt305x-zte_mf283plus-squashfs-sysupgrade.bin /srv/tftp/root_uImage - Power on the router holding BOTH Reset and WPS buttons held for around 5 seconds, until after WWAN and Signal LEDs blink. - Wait for OpenWrt to start booting up, this should take around a minute. Return to original firmware: Here, again there are two possibilities are possible, just like for installation: (1) Using initramfs-kernel image and serial console (2) Using TFTP recovery (1) Using initramfs-kernel image and serial console - Boot OpenWrt initramfs-kernel image via TFTP the same as for installation. - Copy over the backed up "firmware.bin" image of "mtd3" to /tmp/ - Use "mtd write /tmp/firmware.bin /dev/mtd3", where firmware.bin is your backup taken before OpenWrt installation, and /dev/mtd3 is the "firmware" partition. (2) Using TFTP recovery - Follow the same steps as for installation, but replacing 'root_uImage' with firmware backup you took during installation, or by vendor firmware obtained elsewhere. A few quirks of the device, noted from my instance: - Wired and wireless MAC addresses written in flash are the same, despite being in separate locations. - Power LED is hardwired to 3.3V, so there is no status LED per se, and WLAN LED is controlled by WLAN driver, so I had to hijack 3G/4G LED for status - original firmware also does this in bootup. - FXS subsystem and its LED is controlled by the modem, so it work independently of OpenWrt. Tested to work even before OpenWrt booted. I managed to open up modem's shell via ADB, and found from its kernel logs, that FXS and its LED is indeed controlled by modem. - While finding LEDs, I had no GPL source drop from ZTE, so I had to probe for each and every one of them manually, so this might not be complete - it looks like bicolor LED is used for FXS, possibly to support dual-ported variant in other device sharing the PCB. - Flash performance is very low, despite enabling 50MHz clock and fast read command, due to using 4k sectors throughout the target. I decided to keep it at the moment, to avoid breaking existing devices - I identified one potentially affected, should this be limited to under 4MB of Flash. The difference between sysupgrade durations is whopping 3min vs 8min, so this is worth pursuing. In vendor firmware, WWAN LED behaviour is as follows, citing the manual: - red - no registration, - green - 3G, - blue - 4G. Blinking indicates activity, so netdev trigger mapped from wwan0 to blue:wwan looks reasonable at the moment, for full replacement, a script similar to "rssileds" would need to be developed. Behaviour of "Signal LED" in vendor firmware is as follows: - Off - no signal, - Blinking - poor coverage - Solid - good coverage. A few more details on the built-in LTE modem: Modem is not fully supported upstream in Linux - only two CDC ports (DIAG and one for QMI) probe. I sent patches upstream to add required device IDs for full support. The mapping of USB functions is as follows: - CDC (QCDM) - dedicated to comunicating with proprietary Qualcomm tools. - CDC (PCUI) - not supported by upstream 'option' driver yet. Patch submitted upstream. - CDC (Modem) - Exactly the same as above - QMI - A patch is sent upstream to add device ID, with that in place, uqmi did connect successfully, once I selected correct PDP context type for my SIM (IPv4-only, not default IPv4v6). - ADB - self-explanatory, one can access the ADB shell with a device ID added to 51-android.rules like so: SUBSYSTEM!="usb", GOTO="android_usb_rules_end" LABEL="android_usb_rules_begin" SUBSYSTEM=="usb", ATTR{idVendor}=="19d2", ATTR{idProduct}=="1275", ENV{adb_user}="yes" ENV{adb_user}=="yes", MODE="0660", GROUP="plugdev", TAG+="uaccess" LABEL="android_usb_rules_end" While not really needed in OpenWrt, it might come useful if one decides to move the modem to their PC to hack it further, insides seem to be pretty interesting. ADB also works well from within OpenWrt without that. O course it isn't needed for normal operation, so I left it out of DEVICE_PACKAGES. Signed-off-by: Lech Perczak <lech.perczak@gmail.com> [remove kmod-usb-ledtrig-usbport, take merged upstream patches] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* rtl8812au-ct: fix PKG_MIRROR_HASHDavid Bauer2021-02-241-1/+1
| | | | Signed-off-by: David Bauer <mail@david-bauer.net>
* arm-trusted-firmware-mediatek: correct location of PKG_LICENSEDaniel Golle2021-02-241-1/+2
| | | | | | | | | As PKG_LICENSE is originally set by include/trusted-firmware-a.mk it can only be appended after that. Hence move that line below the include to actually make sense. (cosmetical change, already slipped into openwrt-21.02 branch) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* imx-bootlets: refresh patchesAdrian Schmutzler2021-02-243-32/+25
| | | | | | Tidy this up a little. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* zlib: properly split patchesAdrian Schmutzler2021-02-244-502/+501
| | | | | | | | | | This package had two patches (with two headers etc.) in one file, which would have quilt merging them during a refresh. Separate these patches into two files, as the original intent seems to be having them separate. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: remove unneeded '$' signs in nand.shDaniel Golle2021-02-241-2/+2
| | | | | | | When using Shell arithmetric evaluation via $((..)) the variables in the expression do not need to be prefixed by the '$' sign. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* sysupgrade-nand: allow limiting rootfs_data by setting env variableDaniel Golle2021-02-241-4/+16
| | | | | | | | | | | | | | | | | Check if firmware environment variable 'rootfs_data_max' exists and is set to a numerical value greater than 0. If so, limit rootfs_data volume to that size instead of using the maximum available size. This is useful on devices with lots of flash where users may want to have eg. a volume for persistent logs and statistics or for external applications/containers. Persistence on rootfs overlay is limited by the size of memory available during the sysugprade process as that data needs to be copied to RAM while the volume is being recreated during sysupgrade. Hence it is unsuitable for keeping larger amounts of data accross upgrade which makes additional volume(s) for application data desirable. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* image: add support for building FIT image with filesystemDaniel Golle2021-02-241-37/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow for single (external-data) FIT image to hold kernel, dtb and squashfs. In that way, the bootloader verifies the system integrity including the rootfs, because what's the point of checking that the hash of the kernel is correct if it won't boot in case of squashfs being corrupted? Better allow bootloader to check everything needed to make it at least up to failsafe mode. As a positive side effect this change also makes the sysupgrade process on nand potentially much easier as it is now. In short: mkimage has a parameter '-E' which allows generating FIT images with 'external' data rather than embedding the data into the device-tree blob itself. In this way, the FIT structure itself remains small and can be parsed easily (rather than having to page around megabytes of image content). This patch makes use of that and adds support for adding sub-images of type 'filesystem' which are used to store the squashfs. Now U-Boot can verify the whole OS and the new partition parsers added in the Linux kernel can detect the filesystem sub-images, create partitions for them, and select the active rootfs volume based on the configuration in FIT (passing configuration via device tree could be implemented easily at a later stage). This new FIT partition parser works for NOR flash (on top of mtdblock), NAND flash (on top of ubiblock) as well as classic block devices (ie. eMMC, SDcard, SATA, NVME, ...). It could even be used to mount such FIT images via `losetup -P` on a user PC if this patch gets included in Linux upstream one day ;) Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* pcre: disable C++ bindingsRosen Penev2021-02-241-18/+3
| | | | | | Nothing uses them. Allows to simplify the Makefile. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* ppp: Update to version 2.4.9Hauke Mehrtens2021-02-2431-891/+226
| | | | | | | | | | | | | | | | | | | | | | | | Upstream integrated multiple patches from Distributions and did other changes: * rp-pppoe.so was renamed to pppoe.so * Converted to ANSI C The following patches were applied upstream: * 100-debian_ip-ip_option.patch * 101-debian_close_dev_ppp.patch * 103-debian_fix_link_pidfile.patch * 106-debian_stripMSdomain.patch * 107-debian_pppoatm_wildcard.patch * 110-debian_defaultroute.patch * 202-no_strip.patch Compilation with musl libc was fixed upstream so 140-pppoe_compile_fix.patch is not needed any more Parts of the 203-opt_flags.patch patch were applied in a different way upstream. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openssl: always build with GOST engine supportEneas U de Queiroz2021-02-233-18/+19
| | | | | | | | | | | | | | The packages feed has a proposed package for a GOST engine, which needs support from the main openssl library. It is a default option in OpenSSL. All that needs to be done here is to not disable it. Package increases by a net 1-byte, so it is not really really worth keeping this optional. This commit also includes a commented-out example engine configuration in openssl.cnf, as it is done for other available engines. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* uboot-envtools: add support for ZyXEL GS-1900-8HP v1 and v2Stijn Segers2021-02-231-0/+2
| | | | | | This adds the necessary nuts and bolts for the uboot settings for both the ZyXEL GS1900-8HP v1 and v2. Signed-off-by: Stijn Segers <foss@volatilesystems.org>
* wolfssl: bump to v4.7.0-stableEneas U de Queiroz2021-02-235-92/+4
| | | | | | | | | | | | | | Biggest fix for this version is CVE-2021-3336, which has already been applied here. There are a couple of low severity security bug fixes as well. Three patches are no longer needed, and were removed; the one remaining was refreshed. This tool shows no ABI changes: https://abi-laboratory.pro/index.php?view=objects_report&l=wolfssl&v1=4.6.0&v2=4.7.0 Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* wireguard: don't build on Linux 5.10Ilya Lipnitskiy2021-02-231-2/+2
| | | | | | | | | | | | There are efforts underway to bring wireguard in-tree for Linux 5.4 and to have a common build infrastructure for both 5.4 and 5.10 for kmod-wireguard[0]. Until then, restrict kmod-wireguard to build only on Linux 5.4, because the wireguard-compat package will not build on Linux 5.10. [0]: https://github.com/openwrt/openwrt/pull/3885 Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
* kernel: 5.10: fix kmod build failuresIlya Lipnitskiy2021-02-236-16/+44
| | | | | | | | | | Modify existing modules to reflect their new location in Linux 5.10. Add missing dependenices. Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com> [enable CRYPTO_USER_API_ENABLE_OBSOLETE; add kmod-crypto-hash dependency to usb-net-rtl8152] Signed-off-by: David Bauer <mail@david-bauer.net>
* kernel: 5.10: fix rtl8812au-ct buildIlya Lipnitskiy2021-02-232-16/+9
| | | | | | | | Pull in upstream: https://github.com/greearb/rtl8812AU_8821AU_linux/commit/c8d243936fed0c5fe1d77a06b36d26f41c8c46f4 https://github.com/greearb/rtl8812AU_8821AU_linux/commit/1e9689c89fa627d2d764ba0e8359fd444fe8458f Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
* arm-trusted-firmware-mediatek: use @OPENWRT mirror for blobsDaniel Golle2021-02-231-1/+1
| | | | | | | Now that mirrors have picked it up, switch to using the @OPENWRT mirror instead of hosting those files on Github. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2021-02-231-3/+3
| | | | | | | 2be57ed cosmetics: provide compatible system info on Aarch64 37eed13 system: expose if system was booted from initramfs Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* arm-trusted-firmware-mediatek: bring back packageDaniel Golle2021-02-231-47/+98
| | | | | | | | * use binary provided by MediaTek to work-around 'bromimage' issue * refactor Makefile * add mt7622 1c variants (using binaries provided by MTK) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* bcm63xx-cferam: select for bmips targetÁlvaro Fernández Rojas2021-02-221-1/+1
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* mtd: fixtrx: support CFE imagetag on bmips targetÁlvaro Fernández Rojas2021-02-221-0/+1
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* libusb: Fix parsing of descriptors for multi-configuration devicesGeorgi Valkov2021-02-213-1/+91
| | | | | | | | | | | | | | | Prerequisite patch: Correct a typo in the Changelog and clean up a stray file Fix changes in libusb which introduced a regression: Commit e2be556bd2 ("linux_usbfs: Parse config descriptors during device initialization") introduced a regression for devices with multiple configurations. The logic that verifies the reported length of the configuration descriptors failed to count the length of the configuration descriptor itself and would truncate the actual length by 9 bytes, leading to a parsing error for subsequent descriptors. Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
* tfa-layerscape: build fiptool againAdrian Schmutzler2021-02-212-3/+8
| | | | | | | | | | | | | | | | | The ls-ddr-phy package needs fiptool options that are not available via the version from arm-trusted-firmware-tools. This breaks build for layerscape with the recently added LX2160a: create: unrecognized option '--ddr-immem-udimm-1d' Use the tfa-layerscape variant again for now, but rename it to fiptool-layerscape to indicate that it's a specific variant. This reverts 84bc7d31e0a8 ("tfa-layerscape: don't build fiptool"). Fixes: f59d7aab2a37 ("layerscape: add ddr-phy package") Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* openwrt-keyring: add OpenWrt 21.02 GPG/usign keysPetr Štetiar2021-02-201-3/+3
| | | | | | | 49283916005d usign: add 21.02 release build pubkey bc4d80f064f2 gpg: add OpenWrt 21.02 signing key Signed-off-by: Petr Štetiar <ynezz@true.cz>
* x86: add led driver for PC Engines APU1Andreas Eberlein2021-02-201-0/+16
| | | | | | | | | This driver adds the LED support for the PC Engines APU1. This integrates the Linux kernel driver and includes a patch to support newer firmware versions. Also the default LED configuration is updated to use the correct devices. Signed-off-by: Andreas Eberlein <foodeas@aeberlein.de>
* wolfssl: fix Ed25519 typo in config promptChristian Lamparter2021-02-201-1/+1
| | | | Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* hostapd: backport ignoring 4addr mode enabling errorRaphaël Mélotte2021-02-203-38/+79
| | | | | | | | | | | | | | | | | | | | This is a backport of the upstream commit 58bbbb598144 ("nl80211: Ignore 4addr mode enabling error if it was already enabled") which fixes same issue as in the current fix contained in '130-wpa_supplicant-multi_ap_roam.patch', but in a different way: nl80211_set_4addr_mode() could fail when trying to enable 4addr mode on an interface that is in a bridge and has 4addr mode already enabled. This operation would not have been necessary in the first place and this failure results in disconnecting, e.g., when roaming from one backhaul BSS to another BSS with Multi AP. Avoid this issue by ignoring the nl80211 command failure in the case where 4addr mode is being enabled while it has already been enabled. Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be> [bump PKG_RELEASE, more verbose commit description] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* openssl: update package sourcesDavid Bauer2021-02-201-3/+5
| | | | | | | | | | | | OpenSSL downloads itself are distributed using Akamai CDN, so use these sources as the highest priority. Remove a stale mirror which seems to be offline for a longer time already. Add fallbacks to the old release path also for the mirrors. Signed-off-by: David Bauer <mail@david-bauer.net>
* layerscape: add LX2160ARDB (Rev2.0 silicon) board supportYangbo Lu2021-02-197-3/+59
| | | | | | | | | | | | | | | | | | | | | | The QorIQ LX2160A reference design board provides a comprehensive platform that enables design and evaluation of the LX2160A processor. - Enables network intelligence with the next generation Datapath (DPPA2) which provides differentiated offload and a rich set of IO, including 10GE, 25GE, 40GE, and PCIe Gen4 - Delivers unprecedented efficiency and new virtualized networks - Supports designs in 5G packet processing, network function virtualization, storage controller, white box switching, network interface cards, and mobile edge computing - Supports all three LX2 family members (16-core LX2160A; 12-core LX2120A; and 8-core LX2080A) Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com> [use AUTORELEASE, add dtb to firmware part] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* layerscape: add ddr-phy packageYangbo Lu2021-02-191-0/+50
| | | | | | | | | Add ddr-phy package for layerscape. Currently only LX2160ARDB requires the package. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com> [use AUTORELEASE] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* layerscape: add FRWY-LS1046A board supportYangbo Lu2021-02-195-3/+51
| | | | | | | | | | | | | | | | | | | The LS1046A Freeway board (FRWY) is a high-performance computing, evaluation, and development platform that supports the QorIQ LS1046A architecture processor capable of support more than 32,000 CoreMark performance. The FRWY-LS1046A board supports the QorIQ LS1046A processor, onboard DDR4 memory, multiple Gigabit Ethernet, USB3.0 and M2_Type_E interfaces for Wi-Fi. The FRWY-LS1046A-TP includes the Coral Tensor Flow Processing Unit that offloads AI/ML inferencing from the CPU to provide significant boost for AI/ML applications. The FRWY-LS1046A-TP includes one M.2 TPU module and more modules can easily be added including USB versions of the module to scale the AI/ML performance. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com> [rebase, use AUTORELEASE, fix sorting, add dtb to firmware part] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* cypress-firmware: fix PKG_SOURCE_URLÁlvaro Fernández Rojas2021-02-191-1/+1
| | | | | | Download link has been moved. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* bcm27xx-userland: update to latest versionÁlvaro Fernández Rojas2021-02-182-77/+2
| | | | | | Adds some fixes and removes upstreamed patch. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* bcm27xx-gpu-fw: update to latest versionÁlvaro Fernández Rojas2021-02-181-15/+15
| | | | | | This is needed to add support for CM4 and RPI 400. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* kernel: lantiq: fix Module.symvers handlingMathias Kresin2021-02-188-2/+16
| | | | | | | | | | | | | | | If an external module uses exported symbols from another external module, Kbuild needs to have full knowledge of all symbols to avoid spitting out warnings about undefined symbols. Use PKG_EXTMOD_SUBDIRS to point to the build directory which contains the Module.symvers. Pass KERNEL_MAKE_FLAGS to the external module build, to inject KBUILD_EXTRA_SYMBOLS. KBUILD_EXTRA_SYMBOLS holds a space separated list of Module.symvers, which list all exported symbols. Signed-off-by: Mathias Kresin <dev@kresin.me>
* openssl: bump to 1.1.1jEneas U de Queiroz2021-02-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes 4 security vulnerabilities/bugs: - CVE-2021-2839 - SSLv2 vulnerability. Openssl 1.1.1 does not support SSLv2, but the affected functions still exist. Considered just a bug. - CVE-2021-2840 - calls EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. - CVE-2021-2841 - The X509_issuer_and_serial_hash() function attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it was failing to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. - Fixed SRP_Calc_client_key so that it runs in constant time. This could be exploited in a side channel attack to recover the password. The 3 CVEs above are currently awaiting analysis. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* gettext-full: update to 0.21Rosen Penev2021-02-1610-120/+395
| | | | | | | | | | | | | | Add m4 patch to avoid conflict with tools/autoconf-archive. Add build parallel as it seems to work now. Remove a bunch of uClibc-ng hacks as it is not in the tree anymore. Format security patch was fixed upstream. Refreshed other patches. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* kernel: add linux 5.10 supportFelix Fietkau2021-02-165-10/+20
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: reorder more BuildPackages lines to deal with ABI_VERSIONFelix Fietkau2021-02-167-11/+13
| | | | | | | After the ABI version rework, packages need to be declared in the order of their dependencies, so that dependent packages will use the right ABI version Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ath10k-ct: switch to 5.10Álvaro Fernández Rojas2021-02-167-103/+79
| | | | | | | Let's switch to 5.10 now that mac80211 has been updated. Runtime-tested on ipq806x (Netgear R7800). Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* util-linux: move libuuid BuildPackage line further up to fix ABI versioningFelix Fietkau2021-02-161-1/+3
| | | | | | | After the ABI version rework, packages need to be declared in the order of their dependencies, so that dependent packages will use the right ABI version Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: Update to version 5.10.16-1Hauke Mehrtens2021-02-1512-185/+19
| | | | | | The removed patches were applied upstream. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: Refresh patches againHauke Mehrtens2021-02-1514-110/+124
| | | | | | | A wrong quilt configuration was used last time. Fixes: ed1e234d87fc ("mac80211: refresh patches") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libubox: update to the latest version, set ABI_VERSION dynamicallyFelix Fietkau2021-02-151-6/+8
| | | | | | 2537be018587 cmake: add a possibility to set library version Signed-off-by: Felix Fietkau <nbd@nbd.name>