Daniel Golle [Thu, 20 Apr 2023 10:31:49 +0000 (11:31 +0100)]
uboot-mediatek: fix factory/reset button
U-Boot commit ea6fdc13595 ("dm: button: add support for linux_code in
button-gpio.c driver") makes it mandatory to specify linux,code for all
buttons. As that broke handling of the reset button in U-Boot with the
update to U-Boot 2023.04, add linux,code for all butons.
Reported-by: @DragonBluep Fixes: 50f7c5af4a ("uboot-mediatek: update to v2023.04") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 18 Apr 2023 18:09:01 +0000 (19:09 +0100)]
mediatek: bpi-r3: allow up to 3W per SFP module
According to SinoVoip up to 3A @ 3.3V are available for both
SFP modules together. Raise energy limit from 1W (default) to 3W,
however, be aware that using modules consuming more than 1W will
require active cooling!
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
upstream PR 408 improvements:
-Fix AMSDU packets unused
-Removed the ASMDU packets queue
-Add more info in the iw tool
-fix is_hw_crypto_enabled
-Optimization AMPDU_TX_OPERATIONAL (avoid a spinlock)
Tony Butler [Wed, 30 Nov 2022 14:19:37 +0000 (06:19 -0800)]
tools/bzip2: add `bzip2` binaries
`bzip2` is the standard executable for bzip2 compression
this includes development includes and both static and shared libs
(libbz2) which can be used by other packages
the initramfs generator offers the BZIP2 option but there was no
executable to support it, and worked only via side effect of having a
system-installed version of bzip2, which could be less predictable
Signed-off-by: Tony Butler <spudz76@gmail.com>
[ remove unintended change ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Robert Marko [Tue, 18 Apr 2023 08:35:47 +0000 (10:35 +0200)]
mac80211: ath11k: replace 160MHz fix with upstream pending one
QCA has finally sent a proper fixup for the 160MHz regression upstream,
so lets use the pending fix which also properly sets center frequency 2
in case 80+80 MHz is used.
Tony Butler [Tue, 18 Apr 2023 02:32:18 +0000 (19:32 -0700)]
build: fix incorrect initramfs gzip compression
Requires: tools/libdeflate
fix consistency of executable to use
`$(STAGING_DIR_HOST)/bin/libdeflate-gzip`, and not system-installed ones
from the usual environment `PATH`;
this affects option `CONFIG_KERNEL_INITRAMFS_COMPRESSION_GZIP`
this may have worked in the past but only via side effect of having the
binaries on the host system (and whatever unpredictable version or
patchset those might be), and did not use the improved but totally
compatible libdeflate-gzip
Fixes: 330bd380e8b6 ("image: allow building FIT and uImage with ramdisk") Signed-off-by: Tony Butler <spudz76@gmail.com>
Tony Butler [Tue, 18 Apr 2023 02:28:36 +0000 (19:28 -0700)]
build: fix incorrect initramfs bzip2 compression
Requires: tools/bzip2
fix consistency of executable to use `$(STAGING_DIR_HOST)/bin/bzip2`, and
not system-installed ones from the usual environment `PATH`;
this affects option `CONFIG_KERNEL_INITRAMFS_COMPRESSION_BZIP2`
this may have worked in the past but only via side effect of having the
binaries on the host system (and whatever unpredictable version or
patchset those might be)
Fixes: 330bd380e8b6 ("image: allow building FIT and uImage with ramdisk") Signed-off-by: Tony Butler <spudz76@gmail.com>
Tony Butler [Wed, 30 Nov 2022 14:19:37 +0000 (06:19 -0800)]
tools/bzip2: add `bzip2` binaries
`bzip2` is the standard executable for bzip2 compression
this includes development includes and both static and shared libs
(libbz2) which can be used by other packages
the initramfs generator offers the BZIP2 option but there was no
executable to support it, and worked only via side effect of having a
system-installed version of bzip2, which could be less predictable
Michał Kępień [Sat, 1 Apr 2023 18:54:14 +0000 (20:54 +0200)]
ath79: mikrotik: update kernel on NAND using Yafut
Instead of erasing the entire NAND partition holding the kernel during
every system upgrade and then flashing a Yaffs file system image
prepared using kernel2minor (not accounting for bad blocks in the
process), use the Yafut utility to replace the kernel executable on
MikroTik NAND devices, preserving the existing Yaffs file system
(including bad block information) on the partition holding the kernel.
Add Yafut to DEFAULT_PACKAGES for the ath79/mikrotik target, so that the
tool is included in the initramfs images created when building for
multiple profiles. However, exclude Yafut from the images built for
MikroTik devices with NOR flash as the tool is currently only meant to
be used on devices with NAND flash.
As this addresses the concerns for MikroTik NAND devices discussed in
commit 9d96b6fb72 ("ath79/mikrotik: disable building NAND images"),
re-enable building images for these devices.
Michał Kępień [Fri, 31 Mar 2023 10:40:31 +0000 (12:40 +0200)]
yafut: add a kernel update tool for MikroTik NAND
Commit 9d96b6fb72 ("ath79/mikrotik: disable building NAND images")
disabled building images for MikroTik devices with NAND flash due to a
less than satisfactory method used for updating the kernel on those
devices back then.
To address the problem, add support for updating the kernel on MikroTik
devices with NAND flash using a new tool, Yafut, which enables copying
files from/to Yaffs file systems even if the kernel does not have native
support for the Yaffs file system compiled in. Instead of erasing the
entire NAND partition holding the kernel during every system upgrade
(which is what the previously-used approach employing kernel2minor
involved), Yafut preserves the Yaffs filesystem present on that
partition and only replaces the kernel executable. This allows bad
block information to be preserved across sysupgrade runs and also
enables wear leveling on the NAND partition holding the kernel. Yafut
does not rely on kernel2minor in any way and intends to eventually
supersede the latter for NAND devices.
Michał Kępień [Fri, 31 Mar 2023 10:40:31 +0000 (12:40 +0200)]
kernel: backport MEMREAD ioctl
MEMREAD is a new ioctl for MTD character devices that was first included
in Linux 6.1. It allows userspace applications to use the Linux
kernel's OOB autoplacement mechanism while reading data from NAND
devices. The Yafut tool needs this ioctl to do its job.
Michał Kępień [Fri, 31 Mar 2023 10:40:31 +0000 (12:40 +0200)]
ath79: mikrotik: drop unused files from ramdisk
The ramdisk used by sysupgrade on MikroTik devices currently includes
U-Boot fw_* files that are not necessary for performing a system upgrade
on that platform. The relevant lines were added to
target/linux/ath79/mikrotik/base-files/lib/upgrade/platform.sh by commit a66eee6336 ("ath79: add mikrotik subtarget"), likely because they also
existed in target/linux/ath79/nand/base-files/lib/upgrade/platform.sh,
where the platform_do_upgrade_mikrotik_nand() function moved by commit a66eee6336 originally lived. However, these lines were added to
target/linux/ath79/nand/base-files/lib/upgrade/platform.sh by commit 55e6c903ae ("ath79: GL-AR300M: provide NAND support; increase to 4 MB
kernel"), which is not related to MikroTik devices in any way.
Remove the code adding unused U-Boot fw_* files to the ramdisk used by
sysupgrade on MikroTik devices.
2. Load the OpenWrt initramfs image on the device using TFTP.
Place the initramfs image as "ap105.bin" in the TFTP server
root directory, connect it to the AP and make the server reachable
at 192.168.1.66/24.
$ run apb_rb_openwrt
3. Once OpenWrt booted, transfer the sysupgrade image to the device
using scp and use sysupgrade to install the firmware.
Mark Onstid [Fri, 7 Apr 2023 15:21:48 +0000 (11:21 -0400)]
ath79: fix LED pinout for Comfast CF-E314N v2
In addition to standardizing LED names to match the rest of the systems, this
commit fixes a possibly erroneous pinout for LEDs in Comfast CF-E314N v2.
In particular, rssimediumhigh and rssihigh are moved from pins 13 and 14 to
14 and 16 respectively. In addition to working on a test device, this pinout
better matches the one set out in the prototype support patch for the device
in Github PR #1873.
Signed-off-by: Mark Onstid <turretkeeper@mail.com>
RA75 has 5 physical LEDs under 2 indicators, mixed with light pipes:
Indicator "System":
GPIO0: blue
GPIO2: amber
Indicator "Signal":
GPIO44: blue
GPIO37: amber
GPIO46: red
All except GPIO46 were already added by Jo Deisenhofer. GPIO46 is used for UART1 by
default, so it needs additional pin control change in devicetree to be operational.
Verified on my RA75.
Daniel Golle [Fri, 14 Apr 2023 16:54:54 +0000 (17:54 +0100)]
uboot-mediatek: fix build for RAVPower RP-WD009
Updating to U-Boot 2023.04 broke the build for the RAVPower RP-WD009
MT7628 board. This was due to upstream conversion of CONFIG_* to CFG_*
which was not applied to our downstream patch adding support for the
RAVPower RP-WD009 device.
Apply CONFIG_* to CFG_* converion analog to what has been done also
for mt7928_rfb upstream.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 13 Apr 2023 19:16:05 +0000 (20:16 +0100)]
generic: move accepted patch to backport-5.15
The patch adding SFP quirk for MXPD 483II was accepted upstream and
will be part of Linux v6.3:
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=ad651d68cee75e9ac20002254c4e5d09ee67a84b
Move the patch from pending-5.15 to backport-5.15.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 13 Apr 2023 04:01:30 +0000 (05:01 +0100)]
mediatek: backport new pinctrl features
Backport new features for MediaTek pinctrl/pinconf drivers from upstream.
This will serve as the base to improve pinconf bias/pull-up/pull-down on
MT7981 and MT7986, and also prepare for upcoming support for MT7988.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 11 Apr 2023 23:21:22 +0000 (00:21 +0100)]
uboot-mediatek: update to v2023.04
Update to next U-Boot timed release.
Remove now obsolete patch
100-01-board-mediatek-add-more-network-configurations.patch
Default IP addresses are now dealt with in Kconfig, no longer in board-
specific C header files.
Add patches to restore ANSI support in bootmenu which was broken upstream,
always use high-speed mode on serial UART for improved stability and fix
an issue with pinconf not being applied on MT7623 resulting in eMMC
being inaccessible when booting from micro SD card.
In order to keep the size of the bootloader on MT7623 below 512kB remove
some unneeded commands on both MT7623 boards.
Robert Marko [Wed, 12 Apr 2023 11:17:03 +0000 (13:17 +0200)]
mac80211: ath11k: sync with ath-next
Synchronize the ath11k backports with the current ath-next tree.
This replaces the management TLV pending fix with the upstreamed one,
fixes traffic flooding when AP and monitor modes are used at the same time,
fixes QCN9074 always showing -95 dBm for station RSSI in dumps,
fixes potential crash on boot if spectral scan is enabled due to writing to
unitialized memory and adds 11d scan offloading for WCN6750 and WCN6855.
Refresh multiple lzma configuration option patch with new version
proposed upstream. (Reintroduce -Xe option and add more checks and
general better code quality)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Robert Marko [Tue, 11 Apr 2023 18:20:18 +0000 (20:20 +0200)]
mac80211: ath11k: Remove regulatory intersection
Currently, during initialization ath11k will receive a regulatory event
from the firmware in which it will receive the default regulatory domain
code and accompanying rules list and report those to the kernel.
Then if you try to change the regulatory domain to a different country code
it will do a weird thing in which it will send that to the FW and after
receiving the appropriate regulatory event it will parse the rules.
However, while its parsing there is a weird thing being done, and that is
that new raw rules from FW get intersected with the rules from the default
domain.
This is creating a big issue as the default domain is almost always set to
"US" or just "00" aka world so ath11k will unfairly limit you to the most
restrictive combination of rules based on the default domain and your
desired domain.
For example, in ETSI countries this is causing channels 12 and 13 on 2.4GHz
to not be usable since "US" limits 2.4GHz to 2472MHz instead of 2482MHz
like ETSI countries do.
So, lets do what TIP and even QCA do in their ath11k downstream tree and
completely get rid of the interesection code in ath11k.
It appears that the refactor of the upgrade process for NAND devices resulted in the nand_do_upgrade_success step not being called for
devices using the linksys.sh script. As a result, configuration was
not preserved over sysupgrade steps.
This corrects a typo in the call of nand_do_upgrade_failed for ipq40xx
and ipq806x devices using the linksys.sh script.
It appears that the refactor of the upgrade process for NAND devices resulted in the nand_do_upgrade_success step not being called for
devices using the linksys.sh script. As a result, configuration was
not preserved over sysupgrade steps.
This restores the preservation of configs for mvebu/cortexa9 devices using the
linksys.sh script.
Fixes: e25e6d8e5407 ("base-files: fix and clean up nand sysupgrade code") Signed-off-by: Michael Trinidad <trinidude4@hotmail.com>
It appears that the refactor of the upgrade process for NAND devices
resulted in the nand_do_upgrade_success step not being called for
devices using the linksys.sh script. As a result, configuration was
not preserved over sysupgrade steps.
This restores the preservation of configs for kirkwood devices using the
linksys.sh script.
Fixes: e25e6d8e5407 ("base-files: fix and clean up nand sysupgrade code") Fixes: #12298 Signed-off-by: Michael Trinidad <trinidude4@hotmail.com>
This only fixes minor problems.
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.3
The 100-fix-compile.patch patch was merged upstream, see:
https://github.com/Mbed-TLS/mbedtls/issues/6243
https://github.com/Mbed-TLS/mbedtls/pull/7013
The code style of all files in mbedtls 2.28.3 was changed. I took a new
version of the 100-x509-crt-verify-SAN-iPAddress.patch patch from this
pull request: https://github.com/Mbed-TLS/mbedtls/pull/6475
bmips target is now more stable and it's time to start generating buildbot
images in order to receive a wider testing, which will be essential to replace
bcm63xx target in the future.
BMIPS is a generic arch that can be used for multiple Broadcom SoCs, each one
with its own specific drivers, so instead of having a huge kernel supporting
all of them, let's switch to a subtarget per SoC like other OpenWrt targets.
Petr Štetiar [Sat, 8 Apr 2023 08:29:06 +0000 (10:29 +0200)]
kernel: crypto: fix architecture specific modules
While tracking one bug report related to wrong package dependencies I've
noticed, that a bunch of the crypto modules are actually not
architecture specific, but either board/subtarget (x86/64) or board
(mpc85xx) specific.
So lets fix it, by making those modules architecture specific:
Sercomm SHG2500 is a BCM63168 with 128M of RAM, 256M of NAND, an external
BCM53124S switch for the LAN ports and internal/external Broadcom wifi.
LEDs are connected to an external MSP430G2513 MCU controlled via SPI.
Installation
------------
1. Grab the OpenWrt initramfs, rename it to ap3715.bin. Place it in
the root directory of a TFTP server and serve it at
192.168.1.66/24.
2. Connect to the serial port and boot the AP. Stop autoboot in U-Boot
by pressing Enter when prompted. Credentials are identical to the one
in the APs interface. By default it is admin / new2day.
David Bauer [Sun, 2 Apr 2023 15:52:16 +0000 (17:52 +0200)]
mpc85xx: reserve upper 1MB of RAM for WS-AP3825i
The bootpage for the second core is placed by U-Boot in the upper 128k
of syste-memory.
This could either be a reserved-area or deducted from the total
system-memory. As only the latter is parsed by the bootwrapper, reduce
the available system memory for linux in order to preserve the bootpage
from being overwritten.
Apply two patches fixing low-severity vulnerabilities related to
certificate policies validation:
- Excessive Resource Usage Verifying X.509 Policy Constraints
(CVE-2023-0464)
Severity: Low
A security vulnerability has been identified in all supported versions
of OpenSSL related to the verification of X.509 certificate chains
that include policy constraints. Attackers may be able to exploit
this vulnerability by creating a malicious certificate chain that
triggers exponential use of computational resources, leading to a
denial-of-service (DoS) attack on affected systems.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
- Invalid certificate policies in leaf certificates are silently ignored
(CVE-2023-0465)
Severity: Low
Applications that use a non-default option when verifying certificates
may be vulnerable to an attack from a malicious CA to circumvent
certain checks.
Invalid certificate policies in leaf certificates are silently ignored
by OpenSSL and other certificate policy checks are skipped for that
certificate. A malicious CA could use this to deliberately assert
invalid certificate policies in order to circumvent policy checking on
the certificate altogether.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
Note: OpenSSL also released a fix for low-severity security advisory
CVE-2023-466. It is not included here because the fix only changes the
documentation, which is not built nor included in any OpenWrt package.
Due to the low-severity of these issues, there will be not be an
immediate new release of OpenSSL.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Fix mis-typed DEVICE-MODEL in mk file for EnGenius EWS2910P.
Signed-off-by: Raylynn Knight <rayknight@me.com>
[ fix wrong SoB format and improve commit title/description ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Robert Marko [Tue, 4 Apr 2023 19:48:42 +0000 (21:48 +0200)]
ath11k-firmware: update to WLAN.HK.2.9.0.1-01385-QCAHKSWPL_SILICONZ-1
Current WLAN.HK.2.5.0.1 FW is quite old and buggy, but we had to hold off
from updating to 2.6.0.1 and 2.7.0.1 as they had compatibility regressions,
but now QCA finally released 2.9.0.1 FW which is working on all of the
boards.
So finally update IPQ8074 and QCN9074 FW to the latest
WLAN.HK.2.9.0.1-01385-QCAHKSWPL_SILICONZ-1 firmware.
In order to do so, we have to switch to using QCA-s QUIC repo instead of
Kalle-s.
QCA-s QUIC repo does not have BDF-s so we have to get the QCN9074 BDF from
Kalles repo.
Tested-by: Mireia Fernández Casals <meirin.f@gmail.com> # Xiaomi AX3600 Tested-by: Francisco G Luna <frangonlun@gmail.com> #Netgear WAX218 Signed-off-by: Robert Marko <robimarko@gmail.com>
projects / thirdparty / openwrt.git / log
