This is an automatically generated commit which aids following Kernel patch
history, as git will see the move and copy as a rename thus defeating the
purpose.
For the original discussion see:
https://lists.openwrt.org/pipermail/openwrt-devel/2023-October/041673.html
Florian Eckert [Tue, 13 Aug 2024 06:04:55 +0000 (08:04 +0200)]
netfilter: add nf_conntrack_netbios_ns to kmod-nf-nathelper-extra
NetBIOS name service requests are sent as broadcast messages from an
unprivileged port and responded to with unicast messages to the
same port. This make them hard to firewall properly because connection
tracking doesn't deal with broadcasts.
So let´s enable this in the kernel and add them to 'kmod-nf-nathelper-extra'.
Jan Hoffmann [Fri, 12 Jul 2024 13:49:53 +0000 (15:49 +0200)]
ltq-vdsl-vr11-app: perform orderly shutdown on exit
Try to do a clean disconnection via L3 request before the connection is
stopped.
Because this might take up to 6 seconds (the driver does 3 attempts with
a timeout of 2 seconds each), a termination timeout needs to be defined
in the init script.
base-files: fix merge of passwd/shadow/group lines with trailing colons
Empty trailing fields get lost when the lines are split and merged again
at colons, resulting in unparsable entries. Only use the split fields for
matching against the other file, but emit the original line unchanged
to fix the issue.
Fixes: de7ca7dafadf ("base-files: merge /etc/passwd et al at sysupgrade config restore") Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Another instance of files in build_dir symlinking to staging_dir. While
the symlinks do not currently cause any bugs in the libtool package,
such symlinks were found to make the build more fragile, as writing to
the symlink may accidentally modify the shared file in staging_dir. Pass
--copy to bootstrap to disable the symlinking.
include: autotools: do not symlink files in autoreconf
In Gluon's Github Actions CI, we were occasionally seeing bizarre build
errors that looked like a config.sub file had been corrupted, or changed
while it was being executed.
The cause turned out to be an interaction of the symlinks created by
autoreconf (pointing from individual tools' build dirs into
`staging_dir/host/share/automake-1.16`) and OpenWrt's host-build.mk,
which replaced config.guess and config.sub *after* autoreconf. The
result was that the replacement of these files ended up following the
symlinks and writing the files in `staging_dir/host/share/automake-1.16`
instead of a package's build dir. This could cause other packages' builds
to fail if they were currently executing the scripts while they were
being written.
To fix this, disable autoreconf's symlinking feature, so that modifying
these files in a package's build directory can't accidentally affect the
staged versions.
Ivan Romanov [Mon, 26 Aug 2024 07:45:38 +0000 (12:45 +0500)]
build: fix CMake generator for non-Ninja builds
OpenWRT by default uses the Ninja generator, but some packages disable
Ninja and use the default Unix Makefiles generator. This generator can
be overridden in the user environment with `CMAKE_GENERATOR`. This patch
explicitly sets the correct generator when `PKG_USE_NINJA:=0`.
In particular, the `mt76` package uses the Makefiles generator.
Daniel Golle [Sat, 10 Aug 2024 02:55:46 +0000 (03:55 +0100)]
mediatek: phase out uImage.FIT partition parser
All boards using the deprecated uImage.FIT partition parser have
been migrated to the new fitblk driver. Drop the now no longer
needed partition parser.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 26 Aug 2024 16:19:07 +0000 (17:19 +0100)]
generic: hack: fix patch description
That patch title of 911-kobject_add_broadcast_uevent.patch has been
wrongly copied from 910-kobject_uevent.patch.
Change the description from "lib: add uevent_next_seqnum()" to
"lib: add broadcast_uevent()", so that the git history doesn't look
all weird when importing both patches to a git tree.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Sarah Maedel [Wed, 28 Aug 2024 09:27:05 +0000 (11:27 +0200)]
hostapd: fix anqp_3gpp_cell_net list delimiter
This patch fixes the list delimiter between 3GPP networks
passed to hostapd.
> list iw_anqp_3gpp_cell_net '262,001'
> list iw_anqp_3gpp_cell_net '262,002'
When passing a list of "iw_anqp_3gpp_cell_net" parameters via UCI,
hostapd would crash at startup:
> daemon.err hostapd: Line 73: Invalid anqp_3gpp_cell_net: 262,001:262,002
Using a semicolon as a delimiter, hostapd will start as expected.
Goetz Goerisch [Sat, 24 Aug 2024 12:07:23 +0000 (14:07 +0200)]
CI: update actions/labeler to v5
* Version 5 of this action updated the runtime to Node.js 20. All scripts are now run with Node.js 20 instead of Node.js 16 and are affected by any breaking changes between Node.js 16 and 20.
Goetz Goerisch [Fri, 7 Jun 2024 12:42:32 +0000 (14:42 +0200)]
treewide: rename ZyXEL to Zyxel
The company Zyxel rebranded some years ago.
Currently the casing is according to the old branding even
for newer devices which already use the new branding.
This commit aligns the casing of Zyxel everywhere.
Mark Mentovai [Fri, 28 Jun 2024 17:14:59 +0000 (13:14 -0400)]
armsr: use console=tty1 to make console more readily available
Like x86, armsr is frequently virtualized, and is used for development
and debugging. Kernel messages should be more readily apparent by
default. This can be achieved by adding console=tty1 to the kernel
command line, enabling the console on a (possibly virtual) display and
keyboard, in addition to a serial port.
This also enables failsafe on tty1. Failsafe mode operates on consoles
known by the kernel, without regard to /etc/inittab.
armsr's /etc/inittab is also updated to specify tty1 instead of tty0.
tty1 is technically more correct: tty1 is the first virtual console,
where tty0 reflects the current active virtual console (which is likely
to be tty1).
This configuration matches x86, which is another target commonly used
for virtualization, development, and debugging in the same way. x86's
kernel command line had specified console=tty0, although console=tty1 is
more correct for the reasons given above. This also brings x86's kernel
command line console= into agreement with its /etc/inittab, which
already used tty1.
Forward client mac address and subnet on dns queries. Pi-hole and Adguard use this feature to send the originators ip address/subnet so it can be logged and not just the nat address of the router. This feature has been added since version 2.56 of dnsmasq and would be nice to expose this feature in openwrt.
Flash instructions:
* Assign static IP 192.168.1.100 to PC
* Unplug the power source
* Press the RESET button at the router, don't release it yet!
* Plug the power source. Wait for some seconds
* Release the RESET button
* Browse to http://192.168.1.1
* Upload the openwrt-bmips-bcm6318-tp-link_td-w8968-v3-squashfs-cfe.bin file
* Wait some minutes until the firmware upgrade finish.
xiaobo tian [Wed, 21 Aug 2024 06:40:27 +0000 (14:40 +0800)]
rockchip: add support for nanopc t6
SoC: Rockchip RK3588
CPU: Quad-core ARM Cortex-A76(up to 2.4GHz) and quad-core Cortex-A55 CPU (up to 1.8GHz)
GPU: Mali-G610 MP4, compatible with OpenGLES 1.1, 2.0, and 3.2, OpenCL up to 2.2 and Vulkan1.2
VPU: 8K@60fps H.265 and VP9 decoder, 8K@30fps H.264 decoder, 4K@60fps AV1 decoder, 8K@30fps H.264 and H.265 encoder
NPU: 6TOPs, supports INT4/INT8/INT16/FP16
RAM: 64-bit 4GB/8GB/16GB LPDDR4X at 2133MHz
Flash: 32GB/64GB/256GB eMMC, at HS400 mode
microSD: support up to SDR104 mode
Ethernet: 2x PCIe 2.5G Ethernet
On latest Intel x86 CPUs, DMC firmware is required for the iGPU to reach
its lowest power states. If the driver cannot load it, it will print a
warning and unnecessarily make the iGPU draw a bit more power when idle.
GUC firmware (various "offload" mechanisms that deal with scheduling GPU
workloads) and HUC firmware (required for accelerated media codec
operations for HEVC/H.265) are probably more niche, but could also
provde useful for some - for example, when building an
Intel/OpenWrt-based security camera.
ath79: update Sophos AP15 to indicate that it uses an QCA9557 SoC
Device support for Sophos AP15 is based on Sophos AP55(C) and AP100(C).
Those other Sophos access points uss a QCA9558 SoC (some of them with
one of the three chains on the built-in SoC's wifi disabled) while the
AP15 uses a QCA9557 SoC (which only has two chains enabled in the
package or silicon).
This is mostly cosmetic since QCA9558 and QCA9557 are virtually
identical and all differences are automatically detected and/or managed
by the ART calibration.
Robert Marko [Thu, 22 Aug 2024 09:45:16 +0000 (11:45 +0200)]
generic: 5.15, 6.1: enable CNP support
Ever since CONFIG_ARM64_PAN was enabled Common Not Private (CNP) is now
visible and kernel builds will stop as they are not set in kernel config
for 5.15 and 6.1.
So, lets enable Common Not Private (CNP) which is ARMv8.2 feature and will
be NOP of CPU-s that dont support it.
Fixes: a2662309aae1 ("kernel: Enable CONFIG_ARM64_PAN to restrict kernel access to user space memory") Link: https://github.com/openwrt/openwrt/pull/16211 Signed-off-by: Robert Marko <robimarko@gmail.com>
Daniel Golle [Wed, 21 Aug 2024 23:10:13 +0000 (00:10 +0100)]
kernel: add missing config symbols
Kconfig symbols CONFIG_ARM64_CNP and CONFIG_ARM64_EPAN got exposed
by enabling CONFIG_ARM64_PAN. Enable them as well, as just like for
PAN, also EPAN and CNP will be detected at runtime at no cost.
Fixes: a2662309aa ("kernel: Enable CONFIG_ARM64_PAN to restrict kernel access to user space memory") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Mark Mentovai [Wed, 31 Jul 2024 20:51:01 +0000 (16:51 -0400)]
x86: enable console keyboard
The kernel support necessary to use a console keyboard was not built on
x86, affecting real and virtual machines alike. The console keyboard
would function properly in GRUB, but would not work at all once Linux
booted. It appeared that the console was intended to work because
console video appeared on the display, including prompts to enter
failsafe or select the debug log level from the keyboard, and the prompt
to "Press Enter to activate this console", but there was no way to
provide input to it. All keystrokes were ignored.
This enables several kernel configuration options to enable HID and USB
HID support (CONFIG_HID, CONFIG_HID_SUPPORT, CONFIG_HID_GENERIC, and
CONFIG_USB_HID), making the keyboard functional. For alignment with
armsr, CONFIG_USB_HIDDEV is also added, although not strictly necessary
for keyboard support. Note that this change also causes
CONFIG_HID_HYPERV_MOUSE to be enabled for x86/64 and x86/generic: it was
already set in these subarchitectures' kernel configurations, but was
ineffective due to CONFIG_HID being absent.
The omission of keyboard support on x86 may not have been widely noticed
because USB HID is not used on production OpenWrt x86 machines such as
pc-engines,apu2 which only have a serial console, or with the default
x86 configuration used by scripts/qemustart, which uses -nographic and
does not configure a virtual physical console but instead uses a serial
console.
This configuration change results in, for x86_64, +40kB in kernel.bin
and just over +40kB in gzip-compressed "combined" images. This should
not be a problem for the non-storage-constrained x86 target.
Until 2a86425de107, CONFIG_HID, CONFIG_USB_HID, and CONFIG_USB_HIDDEV
were set in the target-level kernel configuration, and
CONFIG_HID_GENERIC was set at the subtarget level. These are
reintroduced strictly at the subtarget level by request. This applies to
the 64, generic, and legacy subtargets, omitting geode.
Fixes: https://github.com/openwrt/openwrt/issues/16157 Signed-off-by: Mark Mentovai <mark@mentovai.com> Link: https://github.com/openwrt/openwrt/pull/16208 Signed-off-by: Robert Marko <robimarko@gmail.com>
Hauke Mehrtens [Sat, 17 Aug 2024 13:12:31 +0000 (15:12 +0200)]
kernel: Enable CONFIG_ARM64_PAN to restrict kernel access to user space memory
Enable the CONFIG_ARM64_PAN kernel security option, which leverages the
ARMv8.1 Privileged Access Never (PAN) extension to prevent the kernel
from directly accessing user space memory.
Instead, copy_to_user and similar functions must be used for data
transfer between kernel and user space. This feature is automatically
disabled at runtime on CPUs without PAN support, making it a no-op in
those cases.
Hauke Mehrtens [Sat, 17 Aug 2024 12:42:50 +0000 (14:42 +0200)]
kernel: Activate CONFIG_LIST_HARDENED
Activate the kernel option CONFIG_LIST_HARDENED for all targets.
This adds some inline checks to list_add() and list_del() operations
in the kernel. Before kernel 6.6 these checks were only available with
CONFIG_DEBUG_LIST option, but now a light version is available which
should only add very few extra instructions to such operations.
The performance penalty is very low from my point of view. It should
make it much harder to use bugs in Linux kernel list handling when
exploiting the Linux kernel.
Tianling Shen [Mon, 5 Aug 2024 08:51:25 +0000 (16:51 +0800)]
rockchip: add Radxa ROCK 5B support
Hardware
--------
RockChip RK3588 ARM64 (8 cores)
4/8/16/32GB LPDDR4X RAM
2500 Base-T
RGB LED
eMMC Connector
SPI-NOR 16MB
Micro-SD Slot
2x USB 2.0 Port
2x USB 3.0 Port
Headphone Jack
M.2 E-Key
M.2 M-Key
USB PD 5/9/12/15/20V Power
Install
--------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.
Tianling Shen [Mon, 5 Aug 2024 08:22:47 +0000 (16:22 +0800)]
rockchip: add Radxa ROCK 5A support
Hardware
--------
RockChip RK3588 ARM64 (8 cores)
4/8/16/32GB LPDDR4X RAM
1000 Base-T
Status LED
eMMC/SPI Connector
Micro-SD Slot
2x USB 3.0 Port
2x USB 2.0 Port
Headphone Jack
M.2 E-Key
USB PD/QC 5/9/12/15/20V Power
Install
--------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.
projects / thirdparty / openwrt.git / log
