Arne Zachlod [Sat, 6 Aug 2022 13:35:15 +0000 (15:35 +0200)]
ramips: add support for Mikrotik LtAP-2HnD
Mikrotik LtAP-2HnD is a outdoor/automotive WLAN 4 router with integrated GPS
receiver and two mPCIe slots.
Specifications:
* SoC: MT7621A
* RAM: 128 MiB Nanya NT5CC64M16GP-DI
* Flash: 16 MiB winbond W25Q128JV
* WLAN:
* Atheros AR9382 with power amplifier SKY 85330 (2x2 internal antennas,
with RF switches for external connectors)
* Ethernet: 1 Gbps, single port
* USB Host: USB 2.0 Speeds
* Serial: 115200 baud
* LEDs: Power, System, GPS, 5* RSSI
* mPCIe:
* miniPCIe slot 1: PCIe and USB 2.0 Host (via switch shared with USB Host)
* miniPCIe slot 2: USB 2.0 and 3.0
* SIM Cards:
* Slot 1 Connected to mPCIe slot 1
* Slot 2 and 3 connected to mPCIe slot 2 via switch
* GPS: MTK 3333 on serial port 2 (/dev/ttyS1), 115200 baud and PPS on gpio 14
gpios are exposed to /sys/class/gpio:
* usb-select: swithes USB 2.0 interface between external port and internal
mPCIe slot 1 default is the external USB interface
* gps-reset: resets the GPS interface chip
* sim-select: switches between sim slot 2 and 3 connected to mPCIe slot 2
* gps-ant-select: switches GPS antenna between internal antenna and SMA
connected antenna
* lte-reset: resets mPCIe slot 2
Flashing:
TFTP boot initramfs image and then perform sysupgrade. Follow common
MikroTik procedure as in https://openwrt.org/toh/mikrotik/common.
Will Moss [Wed, 3 Aug 2022 11:37:47 +0000 (11:37 +0000)]
ath79: fix MAC address assignment for TP-Link ar7241 devices
On TP-Link ar7241 devices LAN and WAN interfaces are swapped. Keeping
that in mind fix MAC address assignment as used in vendor firmware:
LAN MAC - main MAC stored in u-boot and printed on label
WAN MAC - LAN MAC + 1
Quintin Hill [Sun, 23 Oct 2022 08:22:37 +0000 (09:22 +0100)]
kernel: backport RTL8761B FW name change to v5.10
Make the firmware filenames referenced by the module consistent for
v5.10 and v5.15 kernels. Backport two upstream patches a cleanup commit
and the commit making the change, the former is required for the latter
to apply cleanly.
Quintin Hill [Sat, 22 Oct 2022 07:14:42 +0000 (08:14 +0100)]
kernel: support for Realtek USB bluetooth devices
USB adaptors with the RTL8761B chipset are cheap and readily available
but so far support is missing in Openwrt. Enable the relevant kernel
options and add a module to the kmod-bluetooth package. Increases size
of kmod-bluetooth ipk from 279140 bytes to 285320 bytes on my ath79 build.
Changes: 712460c linux-firmware: Update firmware file for Intel Bluetooth 9462 90d5f7e linux-firmware: Update firmware file for Intel Bluetooth 9462 48954ba linux-firmware: Update firmware file for Intel Bluetooth 9560 0e205fd linux-firmware: Update firmware file for Intel Bluetooth 9560 06b941e linux-firmware: Update firmware file for Intel Bluetooth AX201 ba958ff linux-firmware: Update firmware file for Intel Bluetooth AX201 02bdea2 linux-firmware: Update firmware file for Intel Bluetooth AX211 7044d46 linux-firmware: Update firmware file for Intel Bluetooth AX211 1b99bcd linux-firmware: Update firmware file for Intel Bluetooth AX210 4668ae9 linux-firmware: Update firmware file for Intel Bluetooth AX200 5bdfdba linux-firmware: Update firmware file for Intel Bluetooth AX201 b0f995c amdgpu: update DMCUB firmware for DCN 3.1.6 d991031 rtl_bt: Update RTL8822C BT UART firmware to 0xFFB8_ABD6 fd62f01 rtl_bt: Update RTL8822C BT USB firmware to 0xFFB8_ABD3 b15fc21 WHENCE: mrvl: prestera: Add WHENCE entries for newly updated 4.1 FW images bf5a337 mrvl: prestera: Update Marvell Prestera Switchdev FW to v4.1 4a733c2 iwlwifi: add new FWs from core74_pv-60 release 7d2bb50 qcom: drop split a530_zap firmware file 7d56713 qcom/vpu-1.0: drop split firmware in favour of the mbn file 1431496 qcom/venus-4.2: drop split firmware in favour of the mbn file cf95783 qcom/venus-4.2: replace split firmware with the mbn file 1fe6f49 qcom/venus-1.8: replace split firmware with the mbn file abc0302 linux-firmware: Add firmware for Cirrus CS35L41 on new ASUS Laptop 20d9516 iwlwifi: add new PNVM binaries from core74-44 release 06dbfbc iwlwifi: add new FWs from core69-81 release 05df8e6 qcom: update venus firmware files for VPU-2.0 cd6fcdb qcom: remove split SC7280 venus firmware images 1612706 qcom: update venus firmware file for v5.4 ad9fdba qcom: replace split SC7180 venus firmware images with symlink dae5d46 rtw89: 8852b: update fw to v0.27.32.1 a8e86ec rtlwifi: update firmware for rtl8192eu to v35.7 9aa8db1 rtlwifi: Add firmware v4.0 for RTL8188FU 8f86b5a i915: Add HuC 7.10.3 for DG2 48407ff cnm: update chips&media wave521c firmware. bd31846 brcm: add symlink for Pi Zero 2 W NVRAM file 771968c linux-firmware: Add firmware for Cirrus CS35L41 on ASUS Laptops 6f9620e linux-firmware: Add firmware for Cirrus CS35L41 on Lenovo Laptops 1d18cb9 linux-firmware: Add firmware for Cirrus CS35L41 on HP Laptops e497757 rtw89: 8852b: add initial fw v0.27.32.0 98b5577 iwlwifi: add new FWs from core72-129 release 604026c iwlwifi: update 9000-family firmwares to core72-129
Daniel Golle [Thu, 10 Nov 2022 14:16:32 +0000 (14:16 +0000)]
ath79: add support for Teltonika RUT300
Add support for the Teltonika RUT300 rugged industrial Ethernet router
Hardware
--------
SoC: Qualcomm Atheros QCA9531
RAM: 64M DDR2 (EtronTech EM68B16CWQK-25IH)
FLASH: 16M SPI-NOR (Winbond W25Q128)
ETH: 4x 100M LAN (QCA9533 internal AR8229 switch, eth0)
1x 100M WAN (QCA9533 internal PHY, eth1)
UART: 115200 8n1, same debug port as other Teltonika devices
USB: 1 single USB 2.0 host port
BUTTON: Reset
LED: 1x green power LED (always on)
5x yellow Ethernet port LED (controlled by Linux)
WAN port LED is used as boot status and upgrade indicator as
the power LED cannot be controlled in software.
Use the *-factory.bin file to intially flash the device using the
vendor firmware's Web-UI.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Rafał Miłecki [Tue, 8 Nov 2022 11:22:51 +0000 (12:22 +0100)]
kernel: support "linux,rootfs" DT property for splitting rootfs
OpenWrt's support for splitting rootfs (to create an extra "rootfs_data"
partition) is limited to partitions called "rootfs". Upstream kernel
allows any name partition to be rootfs if it has "linux,rootfs" property
set. Add split support to such partitions in OpenWrt code.
Weiping Yang [Mon, 19 Sep 2022 09:47:40 +0000 (05:47 -0400)]
ipq40xx: add support for GL.iNet GL-A1300
Specifications:
SOC: Qualcomm IPQ4018 (DAKOTA) ARM Quad-Core
RAM: 256 MiB
FLASH1: 4 MiB NOR
FLASH2: 128 MiB NAND
ETH: Qualcomm QCA8075
WLAN1: Qualcomm Atheros QCA4018 2.4GHz 802.11b/g/n 2x2
WLAN2: Qualcomm Atheros QCA4018 5G 802.11n/ac W2 2x2
USB: 1 x USB 3.0 port
Button: 1 x Reset button
Switch: 1 x Mode switch
LED: 1 x Blue LED + 1 x White LED
Felix Fietkau [Wed, 12 Oct 2022 10:54:30 +0000 (12:54 +0200)]
mac80211: remove old legacy legacy drivers
Get rid of drivers that are either limited to 802.11b/g or don't even support
cfg80211/mac80211. Most of these are either limited to boards that we don't even
support anymore because of firmware size, or were only used for custom hacks by
a really small number of users in the past.
Let's get rid of those to reduce the maintenance effort and the number of useless
packages
- implement multiqueue via qdma hardware shaper to deal with ports with different speeds
- implement hardware DSA untagging
- add NETIF_F_ALL_TSO to reduce unnecessary segmentation
Rafał Miłecki [Mon, 7 Nov 2022 18:24:48 +0000 (19:24 +0100)]
kernel: backport support for "linux,rootfs" in DT
This DT property allows marking flash partition that Linux should use as
a root device. It's useful for devices that don't use U-Boot and cmdline
parser for partitioning. It may be used with "fixed-partitions" or some
dynamic partitioning based on flash content.
Rafał Miłecki [Mon, 7 Nov 2022 22:39:52 +0000 (23:39 +0100)]
kernel: split out mtd hack for CONFIG_FIT_PARTITION + rootfs
This is some hack on top of our old hack. Use separated patch for it so
it's easier to understand and actually possible to describe. We should
ideally get rid of this (and we actually did with kernels 5.15+).
Michael Lyle [Sun, 30 Oct 2022 04:00:41 +0000 (21:00 -0700)]
ramips: gl-mt1300: downclock SPI to 50MHz
The SPI max frequency was set to 80MHz, considerably higher than the
vendor clocks it in their firmware (10MHz). Multiple users reported
jffs2 corruption/instability in GitHub issue #10461.
My unit has a W25Q256; datasheet specifies maximum SPI frequency for
read command of 50MHz.
Thanks to @DragonBlueP for suggesting to eliminate m25p,fast-read;
and @MPannen1979 for identifying the problem.
Fixes: #10461 Signed-off-by: Michael Lyle <mlyle@lyle.org>
Add build option for nftables sets. By default disable iptables ipset
support. By default enable nftable nftset support since this is what
fw4 uses.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
dnsmasq: nftset: serve from ipset config
Use existing ipset configs as source for nftsets to be compatible with
existing configs. As the OS can either have iptables XOR nftables
support, it's fine to provide both to dnsmasq. dnsmasq will silently
fail for the present one. Depending on the dnsmasq compile time options,
the ipsets or nftsets option will not be added to the dnsmasq config
file.
dnsmasq will try to add the IP addresses to all sets, regardless of the
IP version defined for the set. Adding an IPv6 to an IPv4 set and vice
versa will silently fail.
Signed-off-by: Mathias Kresin <dev@kresin.me>
dnsmasq: support populating nftsets in addition to ipsets
Tell dnsmasq to populate nftsets instead of ipsets, if firewall4 is present in
the system. Keep the same configuration syntax in /etc/config/dhcp, for
compatibility purposes.
Huge thanks to Jo-Philipp Wich for basically writing the function.
Signed-off-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
dnsmasq: obtain nftset ip family from nft
Unfortunately dnsmasq nft is noisy if an attempt to add a mismatched ip address
family to an nft set is made.
Heuristic to guess which ip family a nft set might belong by inferring
from the set name.
In order of preference:
If setname ends with standalone '4' or '6' use that, else
if setname has '4' or '6' delimited by '-' or '_' use that (eg
foo-4-bar) else
If setname begins with '4' or '6' standalone use that.
By standalone I mean not as part of a larger number eg. 24
If the above fails then use the existing nft set query mechanism and if
that fails, well you're stuffed!
With-thanks-to: Jo-Philipp Wich <jo@mein.io> who improved my regexp
knowledge.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
dnsmasq: specify firewall table for nftset
Permit ipsets to specify an nftables table for the set. New config
parameter is 'table'. If not specified the default of 'fw4' is used.
config ipset
list name 'BK_4,BK_6'
option table 'dscpclassify'
option table_family 'ip'
option family '4'
list domain 'ms-acdc.office.com'
list domain 'windowsupdate.com'
list domain 'update.microsoft.com'
list domain 'graph.microsoft.com'
list domain '1drv.ms'
list domain '1drv.com'
The table family can also be specified, usually 'ip' or 'ip6' else the
default 'inet' capable of both ipv4 & ipv6 is used.
If the table family is not specified then finally a family option is
available to specify either '4' or '6' for ipv4 or ipv6 respectively.
This is all in addition to the existing heuristic that will look in the
nftset name for an ip family clue, or in total desperation, query the
value from the nftset itself.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Mathias Kresin [Wed, 4 May 2022 19:50:41 +0000 (21:50 +0200)]
dnsmasq: add uci-defaults script for ipset migration
When running sysupgrade from an existing configuration, move existing
ipset definitions to a dedicated config section. Later on, it will allow
to serve ipset as well as nftable sets from the same configuration.
Kuan-Yi Li [Fri, 4 Nov 2022 16:16:36 +0000 (00:16 +0800)]
sdk: use git-src-full to allow Git versioning
$(AUTORELEASE) uses Git log to determine releases and package timestamps.
Base feed is shallow cloned by default in generated SDK, resulting in
an incomplete Git log and therefore different local package versions than
offered upstream.
This patch complements commit 7fae1e5677 by setting the base feed to use
`src-git-full` to solve that.
Korey Caro [Sun, 13 Mar 2022 04:36:30 +0000 (23:36 -0500)]
ath79: add support to TrendNet TEW-673GRU
Add support for the TrendNet TEW-673GRU to ath79.
This device was supported in 19.07.9 but was deprecated with ar71xx.
This is mostly a copy of D-Link DIR-825 B1.
Updates have been completed to enable factory.bin and sysupgrade.bin both.
Code improvements to DTS file and makefile.
OEM firmware configuration:
54:af:97:xx:xx:7b : 2.4G
54:af:97:xx:xx:7a : 5G
54:af:97:xx:xx:7c : LTE
54:af:97:xx:xx:7b : LAN (label)
54:af:97:xx:xx:7c : WAN
- Installation:
1. Download the OpenWrt initramfs-image.
Place it into a TFTP server root directory and rename it to openwrt.img
Configure the TFTP server to listen at 192.168.0.5/24.
3. Connect to the serial console.
Attach power and interrupt the boot procedure when prompted (type `tpl`).
Credentials are admin / 1234
4. Configure U-Boot for booting OpenWrt from ram
$ tftpboot
$ bootm
5. Transfer the OpenWrt sysupgrade image to the device.
- LTE:
In order to setup the wwan0 interface:
1. Add a `qmi` proto interface under `/etc/config/network`, e.g.:
```
config interface 'wwan0'
option device '/dev/cdc-wdm0'
option proto 'qmi'
option pincode 'XXXX'
option apn 'your_isp_apn'
```
2. Add `wwan0` interface to the `wan` firewall zone
3. `/etc/init.d/network restart`
Shiji Yang [Thu, 15 Sep 2022 17:10:52 +0000 (01:10 +0800)]
ramips: add support for SIM SIMAX1800T and Haier HAR-20S2U1
SIM AX18T and Haier HAR-20S2U1 Wi-Fi6 AX1800 routers are designed based
on Tenbay WR1800K. They have the same hardware circuits and u-boot.
SIM AX18T has three carrier customized models: SIMAX1800M (China Mobile),
SIMAX1800T (China Telecom) and SIMAX1800U (China Unicom). All of these
models run the same firmware.
Specifications:
SOC: MT7621 + MT7905 + MT7975
ROM: 128 MiB
RAM: 256 MiB
LED: status *3 R/G/B
Button: reset *1 + wps/mesh *1
Ethernet: lan *3 + wan *1 (10/100/1000Mbps)
TTL Baudrate: 115200
TFTP Server: 192.168.1.254
TFTP IP: 192.168.1.28 or 192.168.1.160 (when envs is broken)
MAC Address:
use address source
label 30:xx:xx:xx:xx:62 wan
lan 30:xx:xx:xx:xx:65 factory.0x8004
wan 30:xx:xx:xx:xx:62 factory.0x8004 -3
wlan2g 30:xx:xx:xx:xx:64 factory.0x0004
wlan5g 32:xx:xx:xx:xx:64 factory.0x0004 set 7th bit
TFTP Installation (initramfs image only & recommend):
1. Set local tftp server IP: 192.168.1.254 and NetMask: 255.255.255.0
2. Rename initramfs-kernel.bin to "factory.bin" and put it in the root
directory of the tftp server. (tftpd64 is a good choice for Windows)
3. Start the TFTP server, plug in the power supply, and wait for the
system to boot.
4. Backup "firmware" partition and rename it to "firmware.bin", we need
it to back to stock firmware.
5. Use "fw_printenv" command to list envs.
If "firmware_select=2" is observed then set u-boot enviroment:
/# fw_setenv firmware_select 1
6. Apply sysupgrade.bin in OpenWrt LuCI.
Web UI Installation:
1. Apply update by uploading initramfs-factory.bin to the web UI.
2. Use "fw_printenv" command to list envs.
If "firmware_select=2" is observed then set u-boot enviroment:
/# fw_setenv firmware_select 1
3. Apply squashfs-sysupgrade.bin in OpenWrt LuCI.
Recovery to stock firmware:
a. Upload "firmware.bin" to OpenWrt /tmp, then execute:
/# mtd -r write /tmp/firmware.bin firmware
b. We can also write factory image "UploadBrush-bin.img" to firmware
partition to recovery. Upload image file to /tmp, then execute:
/# mtd erase firmware
/# mtd -r write /tmp/UploadBrush-bin.img firmware
How to extract stock firmware image:
Download stock firmware, then use openssl:
openssl aes-256-cbc -d -salt -in [Downloaded_Firmware] \
-out "firmware.tar.tgz" -k QiLunSmartWL
Signed-off-by: Chen Minqiang <ptpt52@gmail.com> Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Hauke Mehrtens [Tue, 1 Nov 2022 14:23:17 +0000 (15:23 +0100)]
busybox: awk: fix use after free (CVE-2022-30065)
This backports a commit which fixes a use after free bug in awk.
CVE-2022-30065 description:
A use-after-free in Busybox 1.35-x's awk applet leads to denial of
service and possibly code execution when processing a crafted awk
pattern in the copyvar function.
Hauke Mehrtens [Tue, 1 Nov 2022 14:17:03 +0000 (15:17 +0100)]
dnsmasq: Backport DHCPv6 server fix (CVE-2022-0934)
This backports a commit from upstream dnsmasq to fix CVE-2022-0934.
CVE-2022-0934 description:
A single-byte, non-arbitrary write/use-after-free flaw was found in
dnsmasq. This flaw allows an attacker who sends a crafted packet
processed by dnsmasq, potentially causing a denial of service.
Alexander Horner [Mon, 26 Sep 2022 19:17:40 +0000 (20:17 +0100)]
ramips: add support for Zbtlink ZBT-WG1602-V04
Description heavily based on commit 7e89421a7c3855d66a20350a5bf9ca4cc7a2caf9 by
Sergey Ryazanov <ryazanov.s.a@gmail.com> Details I cannot confirm have
been removed
Completed with great help from \x on IRC. Thanks, \x!
Zbtlink ZBT-WG1602-V04 is a Wi-Fi router intendend for use with WWAN
(UMTS/LTE/3G/4G) modems. The router board offers a couple of miniPCIe
slots with USB and SIM only and another one which is a pure miniPCIe
slot as well as five Gigabit Ethernet ports (4xLAN + WAN).
Specification:
* SoC: MT7621A
* RAM: 256/512 MiB
* Flash: 16/32 MiB
* Eth: 10/100/1000 Mbps Ethernet x5 ports (4xLAN + WAN)
* WLAN 2GHz: MT7603E (.11bgn, MIMO 2x2)
* WLAN 5GHz: MT7662E (.11nac, MIMO 2x2)
* WLAN Ants: detachable x2, shared by 2GHz & 5GHz radios
* miniPCIe: 2x slots with USB&SIM + 1x slot with regular PCIe bus
* WWAN Ants: detachable x4
* External storage: microSD (SDXC) slot
* USB: 3.0 Type-A port
* LED: 11 (5 per Eth phy, 3 SoC controlled, 2 WLAN 2/5 controlled,
1 power indicator)
* Button: 1 (reset)
* UART: console (115200 baud)
* Power: DC jack (12 V / 2.5 A)
Additional HW information:
* SoC USB port 1 is shared by internal miniPCIe slot and external
Type-A USB port, USB D+/D- lines are toggled between ports using a
GPIO controlled DPDT switch.
Installation:
The kernel image can be installed directly onto the device via a browser
to 192.168.1.1 using the built in firmware recovery Web UI available.
It can be accessed by pushing the reset button in, applying power and
holding the reset button for approximately 10 seconds. When the kernel
image has been flashed, you can access LuCI and upload the sysupgrade
as normal.
Signed-off-by: Alexander Horner <ahorner@programmer.net>
MAC Address:
use address source
label 54:36:9b:xx:xx:ac lan
lan 54:36:9b:xx:xx:ac factory.0x0028
wan 54:36:9b:xx:xx:ad factory.0x002e
wlan2g 54:36:9b:xx:xx:ae factory.0x0004
wlan5g 54:36:9b:xx:xx:af factory.0x8004
Installation:
1. Apply initramfs-kernel.bin in stock firmware Web UI.
2. Install sysupgrade.bin on OpenWrt and do not retain any configuration.
Shiji Yang [Sat, 5 Nov 2022 11:52:08 +0000 (19:52 +0800)]
ramips: improve compatibility for Youku YK-L2 and YK-L1 series
Add UIMAGE_NAME and UIMAGE_MAGIC to allow users to directly install
initramfs-kernel.bin from the stock firmware Web UI. At the same time,
this change makes it possible to boot OpenWrt with the official u-boot.
Notice:
Since the stock firmware is based on OpenWrt and the configuration
will be retained by default during the upgrade process, so we must use
initramfs-kernel.bin to do a initial installation. After the system
restarts, install sysupgrade.bin and do not retain any configuration.
Martin Schiller [Wed, 2 Nov 2022 06:41:04 +0000 (07:41 +0100)]
kernel: further cleanup of xfrm[4|6]_mode*
In my commit da5c45f4d886 ("kernel: remove handling of xfrm[4|6]_mode_*
modules") I missed a few default config options and description entries.
Those should be gone as well.
Fixes: da5c45f4d886 ("kernel: remove handling of xfrm[4|6]_mode_* modules") Signed-off-by: Martin Schiller <ms@dev.tdt.de>
John Audia [Thu, 3 Nov 2022 13:27:49 +0000 (09:27 -0400)]
openssl: bump to 1.1.1s
Changes between 1.1.1r and 1.1.1s [1 Nov 2022]
*) Fixed a regression introduced in 1.1.1r version not refreshing the
certificate data to be signed before signing the certificate.
[Gibeom Gwon]
Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
*) Fixed the linux-mips64 Configure target which was missing the
SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
platform.
[Adam Joseph]
*) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
causing incorrect results in some cases as a result.
[Paul Dale]
*) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
report correct results in some cases
[Matt Caswell]
*) Fixed a regression introduced in 1.1.1o for re-signing certificates with
different key sizes
[Todd Short]
*) Fixed a memory leak in tls13_generate_secret
[Bernd Edlinger]
*) Fixed reported performance degradation on aarch64. Restored the
implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
32-bit lane assignment in CTR mode") for 64bit targets only, since it is
reportedly 2-17% slower and the silicon errata only affects 32bit targets.
The new algorithm is still used for 32 bit targets.
[Bernd Edlinger]
*) Added a missing header for memcmp that caused compilation failure on some
platforms
[Gregor Jasny]
Nick Hainke [Thu, 3 Nov 2022 10:02:02 +0000 (11:02 +0100)]
mediatek: mt7622: add tag to upstreamed patches
The patches "191-arm64-dts-mt7622-specify-the-L2-cache-topology.patch"
and "192-arm64-dts-mt7622-specify-the-number-of-DMA-requests.patch" are
upstreamed to 5.19.
Daniel Golle [Wed, 2 Nov 2022 11:24:56 +0000 (11:24 +0000)]
kernel: support hw flow-offloading counters on newer MediaTek SoCs
The packet processing engine (PPE) found in newer ARM-based MediaTek
SoCs provides packet and byte counters for offloaded streams.
Import pending patch reading and using those counters.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Wed, 2 Nov 2022 11:27:47 +0000 (11:27 +0000)]
mediatek: remove obsolete patch
The patch enabling hardware flow offloading support on the MT7623 SoC
has been merged upstream as of Linux 5.13. Remove our local patch which
wrongly got forward-ported and now actually enables hardware flow
offloading for the MT2701 SoC family (unsupported in OpenWrt).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Baptiste Jonglez [Wed, 19 Oct 2022 14:49:03 +0000 (16:49 +0200)]
firewall: config: drop input traffic by default
This is necessary with firewall4 to avoid a hard-to-diagnose race
condition during boot, causing DNAT rules not to be taken into account
correctly.
The root cause is that, during boot, the ruleset is mostly empty, and
interface-related rules (including DNAT rules) are added incrementally.
If a packet hits the input chain before the DNAT rules are setup, it can
create buggy conntrack entries that will persist indefinitely.
This new default should be safe because firewall4 explicitly accepts
authorized traffic and rejects the rest. Thus, in normal operations, the
default policy is not used.
Sven Eckelmann [Thu, 29 Sep 2022 10:10:32 +0000 (12:10 +0200)]
uboot-envtools: Fix format of autogenerated sectors
The sector number must be stored in hex. Otherwise, the number (like 16)
will be parsed as hex and any write to the partition will end up with an
error like:
MTD erase error on /dev/mtd5: Invalid argument
Fixes: 9adfeccd8415 ("uboot-envtools: Add support for IPQ806x AP148 and DB149") Fixes: 54b275c8ed3a ("ipq40xx: add target") Signed-off-by: Sven Eckelmann <sven@narfation.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@fungible.com>
projects / thirdparty / openwrt.git / log
