Hauke Mehrtens [Fri, 29 Mar 2024 22:15:41 +0000 (23:15 +0100)]
kernel: bump 5.15 to 5.15.153
Removed because they are upstream:
generic/backport-5.15/704-15-v5.19-net-mtk_eth_soc-move-MAC_MCR-setting-to-mac_finish.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=c5c0760adc260d55265c086b9efb350ea6dda38b
The U-boot menu will automatically appear at startup, and then select
the required options through UP/DOWN Key.
NAND Flash and eMMC Flash instructions:
1. Set your computers IP adress to 192.168.1.2.
2. Run a TFTP server providing the sysupgrade.bin image.
3. Power on the router, into the U-Boot menu.
4. Select "2. Upgrade firmware"
5. Update sysupgrade.bin file name, input server IP and input device
IP (if they deviate from the defaults)
6. Wait for automatic startup after burning
Tianling Shen [Mon, 25 Mar 2024 16:40:37 +0000 (00:40 +0800)]
rockchip: remove 'swiotlb' parameter from boot script
We have hardware IOMMU support and this is totally unnecessary.
The given value is also unreasonable, it's too small and causes
kernel panic in some cases:
[ 5706.856473] sdhci-dwcmshc fe310000.mmc: swiotlb buffer is full (sz: 28672 bytes), total 512 (slots), used 498 (slots)
[ 5706.864451] sdhci-dwcmshc fe310000.mmc: swiotlb buffer is full (sz: 65536 bytes), total 512 (slots), used 464 (slots)
This parameter seems to be added by mistake, so remove it.
Felix Fietkau [Sun, 31 Mar 2024 17:57:03 +0000 (19:57 +0200)]
unetd: update to Git HEAD (2024-03-31)
52144f723bec pex: after receiving data update req, notify peer of local address/port 29aacb9386e0 pex: track indirect hosts (reachable via gateway) as peers without adding them to wg 48049524d4fc pex: do not send peer notifications for hosts with a gateway 12ac684ee22a pex: do not query for hosts with a gateway 203c88857354 pex: fix endian issues on config transfer a29d45c71bca network: fix endian issue in converting port to network id cbbe9d337a17 unet-cli: emit id by default 806457664ab6 unet-cli: strip initial newline in usage message
Hauke Mehrtens [Tue, 26 Mar 2024 00:18:15 +0000 (01:18 +0100)]
kernel: bump 5.15 to 5.15.152
Removed because it is upstream:
generic/backport-5.15/081-v5.17-regmap-allow-to-define-reg_update_bits-for-no-bus.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=fbddd48f1456db32b675fad95a902de38345902a
Robert Marko [Wed, 13 Mar 2024 11:47:31 +0000 (12:47 +0100)]
dnsmasq: reset PKG_RELEASE
dnsmasq was recently updated to 2.90, but PKG_RELEASE was not reset to 1.
Fixes: 838a27f64f56 ("dnsmasq: version 2.90") Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 694e6477848eade21851ec27d90c173b373099fc)
Bump to 2.90 to get upstream's fix for DNSSEC KeyTrap (CVE-2023-50387,
CVE-2023-50868) among many other goodies and fixes (notably, upstream 568fb024... fixes a UAF in cache_remove_uid that was routinely crashing
dnsmasq in my deployment).
Sven Eckelmann [Sat, 18 Nov 2023 15:29:09 +0000 (16:29 +0100)]
dnsmasq: mark global ubus context as closed after fork
If the dnsmasq process forks to handle TCP connections, it closes the ubus
context. But instead of changing the daemon wide pointer to NULL, only the
local variable was adjusted - and this portion of the code was even dropped
(dead store) by some optimizing compilers.
It makes more sense to change the daemon->ubus pointer because various
functions are already checking it for NULL. It is also the behavior which
ubus_destroy() implements.
Fixes: d8b33dad0bb7 ("dnsmasq: add support for monitoring and modifying dns lookup results via ubus") Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit 711dcb77630e96e75413b5cdbe3ddb5432f394f6)
Rafał Miłecki [Wed, 17 Jan 2024 21:20:15 +0000 (22:20 +0100)]
mediatek: filogic: replace built-in Aquantia driver with module
Some Aquantia PHYs (e.g. AQR113C) require firmware to be uploaded by
host system. With built-in drivers this doesn't work in OpenWrt /
embeddded as filesystem isn't available during PHY probe. That results
in delays like:
[ 1.588068] Aquantia AQR113C mdio-bus:00: Falling back to sysfs fallback for: Rhe-05.06-Candidate9-AQR_Mediatek_23B_P5_ID45824_LCLVER1.cld
[ 64.526387] Aquantia AQR113C mdio-bus:00: failed to find FW file Rhe-05.06-Candidate9-AQR_Mediatek_23B_P5_ID45824_LCLVER1.cld (-110)
Switch to module to postpone PHY probe to init state.
Daniel Golle [Sun, 17 Mar 2024 15:55:09 +0000 (15:55 +0000)]
mvebu: enable thermal zone polling for IEI Puzzle devices
Marvell's thermal sensors do not support interrupts, so we need to
poll them. Reading temperature every second should be enough to
control the fan.
While at it, also make sure fan speed is reduced again if temperature
goes down.
* New upstream microcode datafile 20240312 (closes: #1066108)
- Mitigations for INTEL-SA-INTEL-SA-00972 (CVE-2023-39368):
Protection mechanism failure of bus lock regulator for some Intel
Processors may allow an unauthenticated user to potentially enable
denial of service via network access.
- Mitigations for INTEL-SA-INTEL-SA-00982 (CVE-2023-38575):
Non-transparent sharing of return predictor targets between contexts in
some Intel Processors may allow an authorized user to potentially
enable information disclosure via local access. Affects SGX as well.
- Mitigations for INTEL-SA-INTEL-SA-00898 (CVE-2023-28746), aka RFDS:
Information exposure through microarchitectural state after transient
execution from some register files for some Intel Atom Processors and
E-cores of Intel Core Processors may allow an authenticated user to
potentially enable information disclosure via local access. Enhances
VERW instruction to clear stale register buffers. Affects SGX as well.
Requires kernel update to be effective.
- Mitigations for INTEL-SA-INTEL-SA-00960 (CVE-2023-22655), aka TECRA:
Protection mechanism failure in some 3rd and 4th Generation Intel Xeon
Processors when using Intel SGX or Intel TDX may allow a privileged
user to potentially enable escalation of privilege via local access.
NOTE: effective only when loaded by firmware. Allows SMM firmware to
attack SGX/TDX.
- Mitigations for INTEL-SA-INTEL-SA-01045 (CVE-2023-43490):
Incorrect calculation in microcode keying mechanism for some Intel
Xeon D Processors with Intel SGX may allow a privileged user to
potentially enable information disclosure via local access.
* Fixes for other unspecified functional issues on many processors
* Updated microcodes:
sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864
sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912
sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888
sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720
sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552
sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264
sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200
sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008
sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800
sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800
sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688
sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616
sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304
sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448
sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496
sig 0x000806f8, pf_mask 0x87, 2024-01-03, rev 0x2b000590, size 579584
sig 0x000806f7, pf_mask 0x87, 2024-01-03, rev 0x2b000590
sig 0x000806f6, pf_mask 0x87, 2024-01-03, rev 0x2b000590
sig 0x000806f5, pf_mask 0x87, 2024-01-03, rev 0x2b000590
sig 0x000806f4, pf_mask 0x87, 2024-01-03, rev 0x2b000590
sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480
sig 0x00090672, pf_mask 0x07, 2023-09-19, rev 0x0034, size 224256
sig 0x00090675, pf_mask 0x07, 2023-09-19, rev 0x0034
sig 0x000b06f2, pf_mask 0x07, 2023-09-19, rev 0x0034
sig 0x000b06f5, pf_mask 0x07, 2023-09-19, rev 0x0034
sig 0x000906a3, pf_mask 0x80, 2023-09-19, rev 0x0432, size 222208
sig 0x000906a4, pf_mask 0x80, 2023-09-19, rev 0x0432
sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480
sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544
sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472
sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496
sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496
sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280
sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280
sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256
sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544
sig 0x000b0671, pf_mask 0x32, 2023-12-14, rev 0x0122, size 215040
sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121
sig 0x000b06e0, pf_mask 0x11, 2023-09-25, rev 0x0015, size 138240
* New microcodes:
sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192
sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
sig 0x000c06f2, pf_mask 0x87, 2023-11-20, rev 0x21000200, size 549888
sig 0x000c06f1, pf_mask 0x87, 2023-11-20, rev 0x21000200
* source: update symlinks to reflect id of the latest release, 20240312
* changelog, debian/changelog: fix typos
-- Henrique de Moraes Holschuh <hmh@debian.org> Tue, 12 Mar 2024 20:28:17 -0300
mediatek: filogic: Asus TUF AX6000 fix inverted LED for 2.5Gb LAN port
Router Asus TUF AX6000 have second MaxLinear GPY211 PHY controller for 2.5Gb LAN port.
The 5'th LAN port have inverted status of the LED.
Based on the commit from main branch 90fbec8 we could set proper status of the LED.
Signed-off-by: Patryk Kowalczyk <patryk@kowalczyk.ws>
(cherry picked from commit b22539b5fef9572f9ce2bedcd01d083c918d82f1) Signed-off-by: Tom Herbers <mail@tomherbers.de>
Daniel Golle [Sun, 10 Dec 2023 01:15:36 +0000 (01:15 +0000)]
kernel: hack: support inverted LEDs on MaxLinear GPY211 PHY
Add downstream DT property to setup the PHY LEDs of the MaxLinear
GPY211 PHY in such way that the VDD of the LED is driven by the SoC
pin rather than the GND (which is the default).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 90fbec89be263a3838558c5b674f3c4072cc2f1d)
[removed patches for kernel 6.1] Signed-off-by: Tom Herbers <mail@tomherbers.de>
filogic: fix wifi eeprom filename for tuf-ax6000 The router use mt7986_eeprom_mt7976_dual.bin
Fixes: d522ccecb2 ("filogic: add support for ASUS TUF AX6000") Signed-off-by: Patryk Kowalczyk <patryk@kowalczyk.ws>
(cherry picked from commit 0c3f4bd85ee6067588a81843a403850ab0082270) Signed-off-by: Tom Herbers <mail@tomherbers.de>
Mikhail Zhilkin [Sat, 2 Mar 2024 19:58:40 +0000 (19:58 +0000)]
ramips: add support for Z-ROUTER ZR-2660
This commit adds support for Z-ROUTER ZR-2660 (also known as Routerich
AX1800) wireless WiFi 6 router.
Specification
-------------
- SoC : MediaTek MT7621AT, MIPS, 880 MHz
- RAM : 256 MiB
- Flash : NAND 128 MiB (AMD/Spansion S34ML01G2)
- WLAN :
- 2.4 GHz : MediaTek MT7905D/MT7975 (14c3:7916), b/g/n/ax, MIMO 2x2
- 5 GHz : MediaTek MT7915E (14c3:7915), a/n/ac/ax, MIMO 2x2
- Ethernet : 10/100/1000 Mbps x4 (1x WAN, 3x LAN)
- USB : 1x 2.0
- UART : 3.3V, 115200n8, pins are silkscreened on the pcb
- Buttons : 1x Reset
- LEDs : 1x WiFi 2.4 GHz (green)
1x WiFi 5 GHz (green)
1x LAN (green)
1x WAN (green)
1x WAN no-internet (red)
- Power : 12 VDC, 1 A
Installation
------------
1. Run tftp server on your PC (IP: 192.168.2.2) and put OpenWrt initramfs
image (initramfs.bin) to the tftp root dir
2. Open the following link in the browser to enable telnet:
http://192.168.2.1/cgi-bin/telnet_ssh
3. Connect to the router (default IP: 192.168.2.1) using telnet shell
(credentials - user:admin)
4. Run the following commands in the telnet shell (this will install
OpenWrt initramfs image on nand flash):
cd /tmp
tftp -g -r initramfs.bin 192.168.2.2
mtd write initramfs.bin firmware
mtd erase firmware_backup
reboot
5. Copy OpenWrt sysupgrade image (sysupgrade.bin) to the /tmp dir of the
router
6. Connect to the router (IP: 192.168.1.1) using ssh shell and run
sysupgrade command:
sysupgrade -n /tmp/sysupgrade.bin
Return to stock
---------------
1. Copy stock firmware (stock.bin) to the /tmp dir of the router using scp
2. Run following command in the router shell:
cd /tmp
mtd write stock.bin firmware
reboot
Recovery
--------
Connect uart (pins are silkscreened on the pcb), interrupt boot process by
pressing any key, use u-boot menu to flash stock firmware image or OpenWrt
initramfs image.
MAC addresses
-------------
+---------+-------------------+-----------+
| | MAC | Algorithm |
+---------+-------------------+-----------+
| LAN | 24:0f:5e:xx:xx:4c | label |
| WAN | 24:0f:5e:xx:xx:4d | label+1 |
| WLAN 2g | 24:0f:5e:xx:xx:4e | label+2 |
| WLAN 5g | 24:0f:5e:xx:xx:4f | label+3 |
+---------+-------------------+-----------+
The WLAN 2.4 MAC was found in 'factory', 0x4
The LAN MAC was found in 'factory', 0xfff4
The WAN MAC was found in 'factory', 0xfffa
Daniel Golle [Wed, 13 Mar 2024 18:44:52 +0000 (18:44 +0000)]
generic: mtk_eth_soc: fix PPE hanging issue
A patch to resolve an issue was found in MediaTek's GPL-licensed SDK:
In the mtk_ppe_stop() function, the PPE scan mode is not disabled before
disabling the PPE. This can potentially lead to a hang during the process
of disabling the PPE.
Without this patch, the PPE may experience a hang during the reboot test.
Flash instructions:
The vendor firmware is based on OpenWrt, the sysupgrade image can be
flashed using the '-F' (force) option on the CLI.
Make sure not to keep settings when doing so.
This device is very similar, if not identical, to the TP-Link AX23 v1
but is targeted at service providers and features a completely different
flash layout.
Flashing is only possible via a serial connection using the sysupgrade
image; the factory image must be signed. You can flash the sysupgrade
image directly through the U-Boot console, or preferably, by booting the
initramfs image and flashing with the sysupgrade command. Follow these
steps for sysupgrade flashing:
1. Establish a UART serial connection.
2. Set up a TFTP server at 192.168.0.2 and copy the initramfs image
there.
3. Power on the device and press any key to interrupt normal boot.
4. Load the initramfs image using tftpboot.
5. Boot with bootm.
6. If you haven't done so already, back up all stock mtd partitions.
7. Copy the sysupgrade image to the router.
8. Flash OpenWrt through either LuCI or the sysupgrade command. Remember
not to attempt saving settings.
Revert to stock firmware
------------------------
Flash stock firmware via OEM web-recovery mode. If you don't have access
to the stock firmware image, you will need to restore the firmware
partition backed up earlier.
Web-Recovery
------------
The router supports an HTTP recovery mode:
1. Turn off the router.
2. Press the reset button and power on the device.
3. When all LEDs start flashing, release reset and quickly press it
again.
The interface is reachable at 192.168.0.1 and supports installation of
the OEM factory image. Note that flashing OpenWrt this way is not
possible, as mentioned above.
Download and flash the manufacturer's built OpenWRT image available at
http://www.cudytech.com/openwrt_software_download
Install the new OpenWRT image via luci (System -> Backup/Flash firmware)
Be sure to NOT keep settings. The force upgrade may need to be checked
due to differences in router naming conventions.
Cudy WR1300 v3 differs from v2 only in swapped WiFi chip PCIe slots. Common
nodes are extracted to .dtsi and new v2 and v3 dts are created.
Cudy WR1300 v2 dts now contains ieee80211-freq-limit.
The same manufacturer's built OpenWRT image is provided for both v2 and v3
devices as a step in installing, but for proper WiFi functionality,
a separate build is required.
Recovery:
- Loads only signed manufacture firmware due to bootloader RSA verification
- serve tftp-recovery image as /recovery.bin on 192.168.1.88/24
- connect to any lan ethernet port
- power on the device while holding the reset button
- wait at least 8 seconds before releasing reset button for image to
download
- See http://www.cudytech.com/newsinfo/547425.html
Hauke Mehrtens [Fri, 8 Mar 2024 13:43:08 +0000 (14:43 +0100)]
lantiq: Fix build after kernel 5.15.150
This fixes the following compile problem:
````
CC arch/mips/kernel/vpe-mt.o
arch/mips/kernel/vpe-mt.c: In function 'vpe_run':
arch/mips/kernel/vpe-mt.c:32:23: error: unused variable 'physical_memsize' [-Werror=unused-variable]
32 | unsigned long physical_memsize = 0L;
| ^~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[6]: *** [scripts/Makefile.build:289: arch/mips/kernel/vpe-mt.o] Error 1
````
physical_memsize was removed from upstream kernel, see:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=5b4f6c5ff65c8551018ccea40c569afd759734c0
Fixes: 387fde0da0e8 ("kernel: bump 5.15 to 5.15.150") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9cfa5f74175d5c663bcf5973024fb76223972033)
Hauke Mehrtens [Sun, 3 Mar 2024 11:25:27 +0000 (12:25 +0100)]
kernel: bump 5.15 to 5.15.150
Removed because it is upstream:
bcm53xx/patches-5.15/030-v5.16-0019-ARM-dts-BCM53573-Describe-on-SoC-BCM53125-rev-4-swit.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=cb1003c07e746e4e82bdd3959c9ea37018ed41a3
Removed because it is upstream:
bcm53xx/patches-5.15/037-v6.6-0004-ARM-dts-BCM53573-Drop-nonexistent-default-off-LED-tr.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c65a23e98e38dc991f495d6bdb3cfa6163a88a0c
Removed because it is upstream:
bcm53xx/patches-5.15/037-v6.6-0005-ARM-dts-BCM53573-Drop-nonexistent-usb-cells.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=71475bcee001cae3844644c2787eef93b26489d1
Adapted hack-5.15/650-netfilter-add-xt_FLOWOFFLOAD-target.patch to match
the changes from the upstream flow offload patch:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=7c71b831220edeab7ce603d818dc1708d9ea4137
Manually Adapted the following patch:
bcm53xx/patches-5.15/035-v6.2-0004-ARM-dts-broadcom-align-LED-node-names-with-dtschema.patch
Hauke Mehrtens [Sat, 2 Mar 2024 18:14:22 +0000 (19:14 +0100)]
kernel: bump 5.15 to 5.15.149
Removed because it is upstream:
generic/pending-5.15/540-ksmbd-only-v2-leases-handle-the-directory.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=81ea755b8fa57ce186f56f14b709cf491c2a5505
Manually Adapted the following patches:
ath79/patches-5.15/900-unaligned_access_hacks.patch
ipq806x/patches-5.15/113-v5.19-03-PM-devfreq-Rework-freq_table-to-be-local-to-devfr.patch
OEM:
root@RE3000:~# ifconfig |grep HWaddr
br-lan Link encap:Ethernet HWaddr 80:XX:XX:08:XX:X0 (label)
br-wan Link encap:Ethernet HWaddr 80:XX:XX:08:XX:X0
eth0 Link encap:Ethernet HWaddr 80:XX:XX:08:XX:X0
ra0 Link encap:Ethernet HWaddr 80:XX:XX:08:XX:X0
ra2 Link encap:Ethernet HWaddr 82:XX:XX:28:XX:X0
rax0 Link encap:Ethernet HWaddr 82:XX:XX:38:XX:X0
rax2 Link encap:Ethernet HWaddr 82:XX:XX:58:XX:X0
OpenWrt
root@OpenWrt:/# ifconfig |grep HW
br-lan Link encap:Ethernet HWaddr 80:XX:XX:08:XX:X0
eth0 Link encap:Ethernet HWaddr 80:XX:XX:08:XX:X0
phy0-ap0 Link encap:Ethernet HWaddr 80:XX:XX:08:XX:X0
phy1-ap0 Link encap:Ethernet HWaddr 82:XX:XX:08:XX:X1
tftp Installation via u-boot:
Connect TTL3.3V converter
connector is under the radiator Set speed 115200 8 N 1
Interrupt boot process by holding down-arrow key during boot then
>> 6. Load image
>> 0 - TFTP client (Default)
enter IP adresses and initramfs-kernel.bin
Sven Eckelmann [Thu, 7 Mar 2024 08:24:20 +0000 (09:24 +0100)]
ath11k-firmware: Move to new upstream repository for board-2.bin
It was announced [1] that the original staging repositories are no longer
used for staging of new firmware binaries. And that the old repository will
be removed [2] in June 2024.
The ath11k-firmware package must therefore point to the new repository
before the old one is no longer accessible.
802.11r can not be used when selecting WPA. It needs at least WPA2.
This is because 802.11r advertises FT support in-part through the
Authentication and Key Management (AKM) suites in the Robust
Security Network (RSN) Information Element, which was included in
the 802.11i amendment and WPA2 certification program.
Pre-standard WPA did not include the RSN IE, but the WPA IE.
This IE can not advertise the AKM suite for FT.
When using WPA3-SAE or WPA2/WPA3 Personal Mixed, we can not use
ft_psk_generate_local because it will break FT for SAE. Instead
use the r0kh and r1kh configuration approach.
Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.ai>
(cherry picked from commit e2f6bfb833a1ba099e1dcf0e569e4ef11c31c391) Fixes: https://github.com/openwrt/luci/issues/6930 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
build: do not depend on $(STAGING_DIR)/.prepared when in SDK
The dependency can't be satisfied when building using the SDK, breaking
package builds. As the staging and bin dirs are distributed with the SDK
archive, ignoring the dependency is fine when SDK is set.
Fixes: fbb924abff8a ("build: add $(STAGING_DIR) and $(BIN_DIR) ...") Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 2b46cbef8179b4a131bd008c520339441bc87c97)
build: add $(STAGING_DIR) and $(BIN_DIR) preparation to target and package subdir compile dependencies
In a pristine build, these directories are created as dependencies of
the tools subdir compile, however this step never runs when the tools
compile stamp already exists. Since commit ed6ba2801c0a ("tools: keep
stamp file in $(STAGING_DIR_HOST)"), this will happen after `make clean`:
$(STAGING_DIR) has been deleted, but the tools stamp still exists, so
the next build will fail because $(STAGING_DIR) has not been set up
correctly.
Fix builds after `make clean` by adding the preparation as dependencies
for the target and package directories as well.
Fixes: ed6ba2801c0a ("tools: keep stamp file in $(STAGING_DIR_HOST)") Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit fbb924abff8af9e69ec90d7bf099046c24145b74)
Daniel Golle [Sun, 3 Mar 2024 15:22:54 +0000 (15:22 +0000)]
kernel: lantiq: ltq-vmmc: introduce user group for vmmc
asterisk-chan-lantiq is by now the only user of the VMMC interface.
And asterisk runs as user 'asterisk' which doesn't give it permission
to open the /dev/vmmc* devices.
Introduce a new user group 'vmmc' and give permission to access the
/dev/vmmc* devices to that group.
Another commit for asterisk-chan-lantiq will add the 'asterisk' user
to that group.
Daniel Golle [Wed, 24 Jan 2024 05:01:43 +0000 (05:01 +0000)]
mediatek: fixes for Ethernet on MT7988 SoC
* fix switch ports with modes other than 1000M/Full
* set 32-bit dma_coherent_mask to get PPE to work with 4 GiB of RAM
* sync driver for built-in 1GE PHY with MediaTek SDK sources
ubidetach -p /dev/mtd5; ubiformat /dev/mtd5 -y; ubiattach -p /dev/mtd5
ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
Copy openwrt-mediatek-filogic-zyxel_ex5601-t0-ubootmod-initramfs-recovery.itb to /tmp and create recovery partition.
If your recovery image is larger than 10MiB, size the recovery partition accordingly to make it fit.
ubimkvol /dev/ubi0 -n 2 -N recovery -s 10MiB
ubiupdatevol /dev/ubi0_2 openwrt-mediatek-filogic-zyxel_ex5601-t0-ubootmod-initramfs-recovery.itb
Copy preloader and uboot to /tmp and write them in the mtd
mtd write /tmp/openwrt-mediatek-filogic-zyxel_ex5601-t0-ubootmod-preloader.bin bl2
mtd write /tmp/openwrt-mediatek-filogic-zyxel_ex5601-t0-ubootmod-bl31-uboot.fip fip
Now write the firmware:
sysupgrade -n /tmp/openwrt-mediatek-filogic-zyxel_ex5601-t0-ubootmod-squashfs-sysupgrade.itb
To create a correct BL2, I had to add a profile for 'spim:4k+256' as I could not find a way to value the variable 'NAND_TYPE'.
Features and fixes from hitech95 tree has been squashed, I'm attaching his commit message:
The Power LED was not working correctly and not reacting
to the boot process and statuses.
The board has space (footprint) for an unpopulated Zigbee chip,
while we dont know the device model having this chip populated
we have to assure that the common dts doesnt enable
interfaces that share pins with such device.
In this instance the PCIe and the uart1 and uart2 are disabled.
Some of the control PCIE pins seems to be used for the Zigbee chip,
UART1 seems to be used as a flash port while UART2 should be the
main comunication interface of Zigbee chip.
The Zigbee chip should be a EFR32MG21. But the pins used for UART
seems to be not on standard PINS used by other adapters.
So it cannot run firmwares shared on the web.
But it should be possible to build a custom firmware with
the corrtect pinmux.
This commit also contains the following squashed commit from hitech95
- mediatek: fix sysupgrade for Zyxel EX7601-T0 ubootmod
Changes and fixes added in common board:
- added aliases for boot status leds.
- added aliases for the mac-label-device.
- added pin claims for core features (MDIO and UART 0)
- added default LEDs configuration (01_leds)
- added default network configuration (02_network)
- added missing kmod-usb3 module for USB3
- fixed LED names
- fixed reset pin for SLIC chip
- removed unused pinmux configurations and devices
- fix LAN (switch) port numbering
- using nvmem cells for wifi eeprom, dropping deprecated "mediatek,mtd-eeprom"
- proper factory partition and mac address handling
- cleaned up spi_nand sections and partition
Changes and fixxes added in stock layout:
- added NMBM, if u-boot has it, the kernel must be informed.
Roland Reinl [Sun, 1 Oct 2023 09:25:40 +0000 (11:25 +0200)]
mediatek: Add support for TP-Link EAP225v5
Device specification:
- MT7629 with 16MB NOR flash W25Q128 and 128 MB DDR3 RAM.
- MT7761N and MT7762N wireless chips (currenlty no driver in OpenWrt available)
- WiFi is NOT working on this device
- Dual core but second CPU doesn't seem to work (Error message during boot: "CPU1: failed to come online")
There are two similar merge requests for similar devices with the same issues:
- https://github.com/openwrt/openwrt/pull/12286
- https://github.com/openwrt/openwrt/pull/5084
UART interface is next to the reset button, pinout:
- 1: TX (the pin with the arrow marker)
- 2: RX
- 3: GND
- 4: VCC
UART settings: 115200,8n1, 3.3V
U-Boot menu can be entered by pressing Ctrl+B during startup.
Booting initramfs:
- Set your computers IP adress to 192.168.1.110
- Run a TFTP server providing the initramfs image
- Power on the AP, press Ctrl+B to get to the U-Boot menu
- Select "1. System Load Linux to SDRAM via TFTP"
- Update kernel file name, input server IP and input device IP (if they deviate from the defaults)
- After booting, create a backup of all partitions, especially for kernel and root_fs. They are required for reverting back to stock firmware
- The sysupgrade image can be flashed now
MAC adresses:
- LAN and 2.4GHz use the same MAC (the one printed on the device)
- 5GHz WiFi MAC is LAN MAC + 1
GPIOs:
- GPIO 21 is the reset pin (low active)
- GPIO 55 is for the green LED (active high)
- GPIO 56 is for the yellow/amber LED (active high)
MAC addresses:
- WAN MAC is stored in partition "Odm" at offset 0x83
- LAN (as printed on the device) is WAN MAC + 1
- WLAN MAC (2.4 GHz) is WAN MAC + 2
- WLAN MAC (5GHz) is WAN MAC + 3
Disassembly: Remove 4 screws in the bottom and 2 screws in the top (after removing the blue cover on the top), then the board can be pulled out.
The pins for the serial console are already labeled on the board (VCC, TX, RX, GND). Serial settings: 3.3V, 115200,8n1
Flashing via Recovery Web Interface:
- Set your IP address to 192.168.0.10, subnetmask 255.255.255.25
- Press the reset button while powering on the deivce
- Keep the reset button pressed until the status LED blinks fast
- Open a Chromium based and goto http://192.168.0.1
- Download openwrt-mediatek-mt7622-dlink_eagle-pro-ai-m32-a1-squashfs-recovery.bin
Flashing via uBoot:
- Open the case, connect to the UART console
- Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
- Run a tftp server which provides openwrt-mediatek-mt7622-dlink_eagle-pro-ai-m32-initramfs-kernel.bin. You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
- Power on the device and select "1. System Load Linux to SDRAM via TFTP." in the boot menu
- Enter image file, tftp server IP and device IP (if they differ from the default).
- TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
- The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
- Create a backup of the Kernel1 partition, this file is required if a revert to stock should be done later
- Perform a sysupgrade using openwrt-mediatek-mt7622-dlink_eagle-pro-ai-m32-squashfs-sysupgrade.bin
- Reboot the device. OpenWrt should start from flash now
Revert back to stock using the Recovery Web Interface:
- Set your IP address to 192.168.0.10, subnetmask 255.255.255.25
- Press the reset button while powering on the deivce
- Keep the reset button pressed until the status LED blinks fast
- Open a Chromium based and goto http://192.168.0.1
- Flash a decrypted firmware image from D-Link. Decrypting an firmware image is described below.
Decrypting a D-Link firmware image:
- Download https://github.com/RolandoMagico/firmware-utils/blob/M32/src/m32-firmware-util.c
- Compile a binary from the downloaded file, e.g. gcc m32-firmware-util.c -lcrypto -o m32-firmware-util
- Run ./m32-firmware-util M32 --DecryptFactoryImage <OriginalFirmware> <OutputFile>
- Example for firmware 1.03.01_HOTFIX: ./m32-firmware-util M32 --DecryptFactoryImage M32-REVA_1.03.01_HOTFIX.enc.bin M32-REVA_1.03.01_HOTFIX.decrypted.bin
Revert back to stock using uBoot:
- Open the case, connect to the UART console
- Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
- Run a tftp server which provides the previously created backup of the Kernel1 partition. You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
- Power on the device and select "2. System Load Linux Kernel then write to Flash via TFTP." in the boot menu
- Enter image file, tftp server IP and device IP (if they differ from the default).
- TFTP download to FLASH will start. After a few seconds the stock firmware should start again
There is also an image openwrt-mediatek-mt7622-dlink_eagle-pro-ai-m32-a1-squashfs-tftp.bin which can directly be flashed via U-Boot and TFTP. It can be used if no backup of the Kernel1 partition is reuqired.
Flahsing via OEM web interface is currently not possible, the OEM images are encrypted and require a specific memory layout which is not compatible to the partition layout of OpenWrt.
1. Boot WSR-3200AX4S with "Router" mode
2. Access to "http://192.168.11.1/" and open firmware update page
("ファームウェア更新")
3. Select the OpenWrt factory.bin image and click update ("更新実行")
button
4. Wait ~120 seconds to complete flashing
Note:
- This device has 2x OS images on flash. The first one will always be
used for booting and the secondary is for backup.
- This support generates multiple factory*.bin image:
- factory.bin : for flashing from OEM WebUI
- factory-uboot.bin: for flashing from U-Boot or clean installation
via sysupgrade (don't use for normal sysupgrade)
Known issues:
- Wi-Fi MAC addresses won't be applied to each adapter.
MAC Addresses:
LAN : C4:3C:EA:xx:xx:60 (board_data, mac (text))
WAN : C4:3C:EA:xx:xx:60 (board_data, mac (text))
2.4 GHz: C4:3C:EA:xx:xx:61
5 GHz : C4:3C:EA:xx:xx:68
INAGAKI Hiroshi [Sun, 27 Aug 2023 14:26:01 +0000 (23:26 +0900)]
mediatek: drop pwm7_pins from Buffalo WSR-2533DHP2
MediaTek MT7622 doesn't support ch7 of PWM and pinctrl groups were dropped from
driver source[0]. So pwm7-related groups are unavailable now, then, kernel shows a
warning.
[ 0.370264] mt7622-pinctrl 10211000.pinctrl: invalid group "pwm_ch7_2" for function "pwm"
INAGAKI Hiroshi [Sun, 27 Aug 2023 05:49:41 +0000 (14:49 +0900)]
mediatek: update LED/Key bindings for Buffalo WSR-2533DHP2
Update LED and key nodes with newer DeviceTree bindings for WSR-2533DHP2.
- LED
- use led-[0-9] for node name of LEDs
- add "color" and "function" properties
- drop default-state = "on" from green:power LED
- this LED will be turned on by led-running alias
- key
- drop unnecessary poll-interval property
- use key-[0-9] for node name of keys
Łukasz M [Tue, 31 Oct 2023 15:15:06 +0000 (16:15 +0100)]
mediatek: mt7981: improve fan behaviour
This doubles the number of cooling-levels.
In addition the fan is turned on with a low speed at lower temperatures
and with a higher speed at higher temperatures.
This also attempts to reduce the likelihood of constant start-stop actions.
The change only affects the GL.iNet MT3000 and has been tested with it.
This patch avoids learning non-unicast targets in the vxlan FDB. They
are non-unicast and thus should be sent to the broadcast-IPv6 instead of
a unicast address
Chukun Pan [Thu, 30 Nov 2023 15:29:09 +0000 (23:29 +0800)]
mac80211: ath11k: sync with upstream
Synchronize the ath11k backports with upstream linux.
Most of them are changes in kernel 6.5, the rest are
fixes for the ath11k_pci. The most important one is
"Revert 'wifi: ath11k: Enable threaded NAPI'", which
fixes the problem that QCN9074 cannot be used after
restarting on the x86 platform.
[ 23.462718] ath11k_pci 0000:02:00.0: failed to vdev 0 create peer for AP: -110
[ 28.503020] ath11k_pci 0000:02:00.0: Timeout in receiving vdev delete response
Changes to ipq8074 coldboot part pick from commit b33bfcf ("mac80211: ath11k: sync with ath-next").
Hauke Mehrtens [Sat, 17 Feb 2024 16:58:50 +0000 (17:58 +0100)]
wifi-scripts: Support HE Iftypes with multiple entries
With mac80211_hwsim I have seen such entries in OpenWrt 22.03:
HE Iftypes: managed, AP
The mac80211.sh script did not detect the entry and failed. Allow
arbitrary other entries before to fix this problem.
Oto Šťáva [Fri, 16 Feb 2024 15:28:10 +0000 (16:28 +0100)]
build: add explicit --no-show-signature for git
When `log.showSignature` is set, it causes the `SOURCE_DATE_EPOCH` to
include a textual signature description on OpenPGP-signed commits,
because Git prints the description into stdout. This then causes some
scripts to fail because they cannot parse the date from the variable.
Adding an explicit `--no-show-signature` prevents the signatures from
being displayed even when one has Git configured to show them by
default, fixing the scripts.
Bjørn Mork [Sat, 17 Feb 2024 14:03:40 +0000 (15:03 +0100)]
realtek: fix Netgear GS110TPP OEM install
Recent OEM firmware versions test the version number embedded in the uimage
"name" header field. The exact restricton is unknown, but "7.0.8.4" seems
to be the lowest number accepted on a GS110TPPv1 which already has that
version or higher.
A "9.9.9.9" version is accepted as valid by the GS110TPPv1 OEM firmware,
and considered both unique enough to identify an OpenWrt image and
moderately future proof against OEM version bumps.
This change is also boot tested on a GS108Tv3 with
"BOOT Loader Version 1.0.0.2 (2018-08-31 17:05:26 UTC)"
to verify that it doesn't break boot on older hardware.
Backport merged upstream patch that adds support for firmware loader
from NVMEM or attached filesystem for Aquantia PHYs.
Refresh all kernel patches affected by this change.
Also update the path for aquantia .ko that got moved to dedicated
directory upstream.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
[rmilecki: port to 5.15] Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1b3259eb5cdcfecbfae7809b8a9febdbe22ac65f)
Add dtb makefile target to targets list to permit correct working of
make target/linux/dtb
Fixes: c47532b1ea7f ("kernel-build\eOnmk: add support for compiling only DTS") Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit c4910e9cb37c626ab9f4a47579bc8ec8981cdf4a)
Felix Fietkau [Fri, 9 Feb 2024 11:18:57 +0000 (12:18 +0100)]
wifi-scripts: fix fullmac phy detection
Checking for AP_VLAN misdetects ath10k-ath12k as fullmac, because of software
crypto limitations. Check for monitor mode support instead, which is more
reliable.
Fixes: https://github.com/openwrt/openwrt/issues/14575 Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 2b4941a6f16fa1c045cb2f4a8fc09adc64fecd63)
Fixes:
drivers/net/phy/phy-core.c: In function 'phy_interface_num_ports':
drivers/net/phy/phy-core.c:107:9: error: enumeration value 'PHY_INTERFACE_MODE_PSGMII' not handled in switch [-Werror=switch]
107 | switch (interface) {
| ^~~~~~
Yuu Toriyama [Sat, 3 Feb 2024 19:09:14 +0000 (04:09 +0900)]
wireless-regdb: update to 2024.01.23
The maintainer and repository of wireless-regdb has changed.
https://lore.kernel.org/all/CAGb2v657baNMPKU3QADijx7hZa=GUcSv2LEDdn6N=QQaFX8r-g@mail.gmail.com/
Changes: 37dcea0 wireless-regdb: Update keys and maintainer information 9e0aee6 wireless-regdb: Makefile: Reproducible signatures 8c784a1 wireless-regdb: Update regulatory rules for China (CN) 149c709 wireless-regdb: Update regulatory rules for Japan (JP) for December 2023 bd69898 wireless-regdb: Update regulatory rules for Singapore (SG) for September 2023 d695bf2 wireless-regdb: Update and disable 5470-5730MHz band according to TPC requirement for Singapore (SG) 4541300 wireless-regdb: update regulatory database based on preceding changes
Ivan Pavlov [Fri, 2 Feb 2024 05:46:52 +0000 (08:46 +0300)]
openssl: update to 3.0.13
Major changes between OpenSSL 3.0.12 and OpenSSL 3.0.13 [30 Jan 2024]
* Fixed PKCS12 Decoding crashes
([CVE-2024-0727])
* Fixed Excessive time spent checking invalid RSA public keys
([CVE-2023-6237])
* Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
CPUs which support PowerISA 2.07
([CVE-2023-6129])
* Fix excessive time spent in DH check / generation with large Q parameter
value ([CVE-2023-5678])
Stijn Segers [Sun, 4 Feb 2024 12:20:32 +0000 (13:20 +0100)]
realtek: fix zyxel-vers usage for XGS1250-12
Commit daefc646e6d4 ("realtek: fix ZyXEL initramfs image generation")
fixed a shell expansion issue with zyxel-vers usage. Commit 045baca10b15
("realtek: deduplicate GS1900 recipes") took care of this for the
rtl838x and rtl839x subtargets, but the single device officially
supported in rtl930x - the XGS1250-12 - was overlooked. This commit
updates the XGS1250-12 build recipe as well.
Lech Perczak [Sun, 21 Jan 2024 23:34:34 +0000 (00:34 +0100)]
ath79: add Ubiquiti Rocket M XW as alternate name to Bullet M XW
Ubiquiti Rocket M XW is a single-band, 2x2:2 external Wi-Fi AP, with optional
GPS receiver, with two external RP-SMA antenna connections, based on
AR9342 SoC. Two band variants exists, for 2.4GHz and 5GHz band, usable
with the same image.
Specs:
- CPU: Atheros AR9342 MIPS SoC at 535MHz
- RAM: 64MB DDR400
- ROM: 8MB SPI-NOR in SO16W package, MX25L6408E
- Wi-Fi Atheros AR9342 built-in 2x2:2 radio
- Ethernet: Atheros AR8035 PHY, limited to 100Mbps speeds due to
magnetics
- Power: 24V passive PoE input.
Installation: please refer to Ubiquiti Bullet M2HP for documentation.
The device runs with exactly same image as the Bullet, and after fixes
in preceding commit, is fully functional again. Add the alternative name
to the build system.
Lech Perczak [Sun, 21 Jan 2024 23:14:16 +0000 (00:14 +0100)]
ath79: ubnt-bullet-m-xw: fix Ethernet PHY traffic
Since commit 6f2e1b7485f0 ("ath79: disable delays on AT803X config init")
Ubiquiti XW boards equipped with AR8035 PHY suffered from lack of
outbound traffic on the Ethernet port. This was caused by the fact, the
U-boot has set this during boot and it wasn't reset by the PHY driver,
and the corresponding setting in device tree was wrong.
Set the 'phy-mode = "rgmii-txid"' at the ð0, and drop this property
from PHY node, as it is not parsed there. This causes the device to
connect using Ethernet once again.
Fixes: db4b6535f837 ("ath79: Add support for Ubiquity Bullet M (XW)") Fixes: 6f2e1b7485f0 ("ath79: disable delays on AT803X config init") Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit a9b2ba4d7ba06e1ac4ff7da3eb9b4038b94d9fbb)
orangepizza [Mon, 29 Jan 2024 02:37:43 +0000 (11:37 +0900)]
mbedtls: security bump to version 2.28.7
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for following security issues:
* Timing side channel in private key RSA operations (CVE-2024-23170)
Mbed TLS is vulnerable to a timing side channel in private key RSA
operations. This side channel could be sufficient for an attacker to
recover the plaintext. A local attacker or a remote attacker who is
close to the victim on the network might have precise enough timing
measurements to exploit this. It requires the attacker to send a large
number of messages for decryption.
* Buffer overflow in mbedtls_x509_set_extension() (CVE-2024-23775)
When writing x509 extensions we failed to validate inputs passed in to
mbedtls_x509_set_extension(), which could result in an integer overflow,
causing a zero-length buffer to be allocated to hold the extension. The
extension would then be copied into the buffer, causing a heap buffer
overflow.
Petr Štetiar [Thu, 29 Jun 2023 12:29:02 +0000 (14:29 +0200)]
ipq807x: prpl-haze: fix sysupgrade flashing from bootloader
While flashing sysupgrade image from U-Boot, then the rootfs_data
overlay filesystem formatting is left for the fstools during firstboot,
but that wont work as mkfs.f2fs is missing in the sysupgrade image:
mount_root: overlay filesystem in /dev/loop0 has not been formatted yet
mount_root: no usable overlay filesystem found, using tmpfs overlay
sh: mkfs.f2fs: not found
Filesystem Size Used Available Use% Mounted on
/dev/loop0 139.6M 46.9M 92.6M 34% /overlay
Number Start (sector) End (sector) Size Code Name
20 98850 406349 150.1 MiB FFFF rootfs
So lets fix it by adding f2fs support to the sysupgrade image.
Rafał Miłecki [Wed, 27 Dec 2023 15:20:45 +0000 (16:20 +0100)]
uhttpd: handle reload after uhttpd-mod-ubus installation using postinst
Use postinst script to reload service instead of uci-defaults hack. It's
possible thanks to recent base-files change that executes postinst after
uci-defaults.
This fixes support for uhttpd customizations. It's possible (again) to
adjust uhttpd config with custom uci-defaults before it gets started.
Cc: Hauke Mehrtens <hauke@hauke-m.de> Fixes: d25d281fd668 ("uhttpd: Reload config after uhttpd-mod-ubus was added")
Ref: b799dd3c705d ("base-files: execute package's "postinst" after executing uci-defaults") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1f11a4e28336c07aca61dd3b4fef01ef872a362d)
Rafał Miłecki [Sun, 26 Nov 2023 20:24:28 +0000 (21:24 +0100)]
base-files: execute package's "postinst" after executing uci-defaults
Allow "postinst" scripts to perform extra actions after applying all
kind of fixups implemented using uci-defaults.
This is needed e.g. by uhttpd-mod-ubus which after installation in a
running systems needs to:
1. Update uhttpd config using its uci-defaults script
2. Reload uhttpd
While this approach makes sense there is a risk it'll blow up some
corner case postinst usages. There is only 1 way to find out.
raspberrypi/firmware is about 40G, so getting the full history log isn't an
option.
There have been multiple improvements and also support for the RPi 5 has been
added.
Marty Jones [Mon, 25 Dec 2023 00:03:31 +0000 (19:03 -0500)]
bcm27xx-userland: update to latest version
This is the last update for bcm27xx-userland as it has been
deprecated but funcional up to raspberry pi 5.
96a7334 README: Update to make it clear that most code in this repo is deprecated 3c97f76 userland: dtoverlay: /boot/firmware is a valid path 153a235 Assorted clang static analysis fixes eca070c bcm_host: Update kms/fkms check for pi5 06a7618 dtoverlay: Support bcm2712 as a platform 0489c07 dtoverlay: Add dtoverlay_first/next_subnode a1c7f81 dtoverlay: Support literal assignments of path strings 44a3953 raspivid: Also flush PTS file if flush is enabled cc1ca18 userland: dtoverlay: Use os_prefix if set 9d5250f libfdt: Add null-ptr check for prop-data to resolve clang --analyzer warning 50527c6 mmal: Only include Videocore components if not running on Videocore df245ea tvservice: Update unsupported message to recommend kmsprint de0cfe8 dtoverlay: Fix clang warnings 0182f05 dtoverlay: Fix various compiler warnings 2a6306b dtoverlay: Fix path rebasing and exports d1e92d7 dtoverlay: Add support for string escape sequences b1ee39e gencmd: Add a fallback to mailbox interface if vchiq is not available 54fd97a hello_pi: Fix some build issues
Signed-off-by: Marty Jones <mj8263788@gmail.com>
(cherry picked from commit 3df664101a18cf835c97ce5f0fbcc6357a16c101) Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Yangyu Chen [Mon, 18 Dec 2023 19:21:53 +0000 (03:21 +0800)]
bcm27xx: 5.15: turn on cpu erratum for A72 and disable A53
The original configuration might be copied from bcm2710 which uses
cortex A53 rather than A72 in BCM2711, without errata might be harmful
to system stability and security.
Kernel 5.15 introduced a significant change to spi-nor subsystem [1],
which would the SPI-NOR core to no longer unprotect the Flash chips if
their protection bits are non-volatile, which is the case for MX25L6405D
and MX25L12805D, used in Ubiquiti XW and WA lines of devices [2].
However, their bootloader forcibly enables this protection before
continuing to boot, making the kernel not unprotect the flash upon boot,
causing JFFS2 to be unable write to the filesystem. Because sysupgrade
seems to unlock the flash explicitly, the upgrade will work, but the
system will be unable to save configrationm showing the following symptom
in the kernel log:
[ 86.168016] jffs2_scan_eraseblock(): End of filesystem marker found at 0x0
[ 86.192344] jffs2_build_filesystem(): unlocking the mtd device...
[ 86.192443] done.
[ 86.200669] jffs2_build_filesystem(): erasing all blocks after the end marker...
[ 86.220646] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001e0000
[ 86.292388] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001d0000
[ 86.324867] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001c0000
[ 86.355316] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001b0000
[ 86.402855] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001a0000
Disable the write protection unconditionally for ath79/generic subtarget,
so the XW and WA devices can function again. However, this is only a
stopgap solution - it probably should be investigated if there is a way
to selectively unlock the area used by rootfs_data - but given the lock
granularity, this seems unlikely.
With this patch in place, rootfs_data partition on my Nanostation Loco
M5 XW is writable again.
projects / thirdparty / openwrt.git / log
