realtek: rt-loader: fix RTL839x/RTL93xx version detection
There is a misunderstanding of the chip version detection in the
rt-loader. For all SoCs the data is gathered from the registers
MODEL_NAME_INFO and CHIP_INFO. Sadly the bits are shuffled around
with each hardware. Currently the loader gathers the wrong bits
for RTL839x and RTL93xx. Fix that.
While we are here write the if statements vice versa for better
readability and give some variables better names. Align the
ouput with that from the kernel.
Fixes: ccbff8b ("realtek: add rt-loader (runtime loader)" Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de> Link: https://github.com/openwrt/openwrt/pull/21994 Signed-off-by: Robert Marko <robimarko@gmail.com>
Ryan Chen [Wed, 11 Feb 2026 04:25:01 +0000 (22:25 -0600)]
airoha: fix EN7581 PCIe initialization and add x2 link support
Fix two hardware initialization issues in the EN7581 PCIe controller
and add support for x2 (2-lane) link mode.
Fixes:
The upstream EN7581 PCIe initialization writes EQ presets and PIPE
configuration registers before clk_bulk_prepare_enable(). Since the
MAC clocks are not yet running at that point, these register writes
are silently dropped, leaving the hardware with default values. This
can cause link training failures or suboptimal equalization.
Additionally, after link training the MAC may only advertise Gen1-Gen2
capability in the Link Capabilities 2 register despite the PHY being
configured for Gen3. A serdes reset toggle forces the MAC to re-read
PHY capability, recovering Gen3 8GT/s link speed.
Both issues are addressed by separating PERST from the clock callbacks
(patch 911), allowing the PCIe controller driver to properly sequence
PERST, clock enable, and register writes (patch 912).
New feature:
PCIe x2 mode support for EN7581 using the NP_SCU system controller
for serdes mux routing, PERST management, and lane configuration.
Both bonded MACs are configured for x2 operation with proper EQ
presets before link training begins.
Wei-Ting Yang [Fri, 13 Feb 2026 04:37:51 +0000 (12:37 +0800)]
elfutils: fix license
Remove OR between GPL-2.0-or-later and LGPL-3.0-or-later to avoid
incorrect parsing of OR as a separate license in the SBOM.
Fixes: 9a157b5d83d28043ea35501a19702beee5f8a107 Signed-off-by: Wei-Ting Yang <williamatcg@gmail.com> Link: https://github.com/openwrt/openwrt/pull/22003 Signed-off-by: Robert Marko <robimarko@gmail.com>
Jan Hoffmann [Tue, 10 Feb 2026 20:18:47 +0000 (21:18 +0100)]
realtek: switch HPE 1920 series to NVMEM
The MAC addresses for eth0 and the individual LAN ports are now
configured via device tree. The assignment itself stays the same as
before, matching factory firmware.
The 02_network script still sets the bridge MAC address, as it is
different from the lowest port MAC address.
Linus Walleij [Thu, 12 Feb 2026 08:47:21 +0000 (09:47 +0100)]
gemini: add support for Raidsonic IB-4210-B
There has been some modified device trees floating on forums to
make this device work, collect the work and integrate it into
OpenWrt so it hopefully works for users.
Felix Fietkau [Fri, 13 Feb 2026 09:09:09 +0000 (09:09 +0000)]
uclient: update to Git HEAD (2026-02-13)
63413daa8760 uclient-http: fix HTTP authentication after deferred header processing 4fa6fae02f74 uclient-fetch: Extract opt_post variable 8df3120639a4 uclient-fetch: Use HEAD for --spider 0392dfc8e8c4 uclient-fetch: Support of --method, --body-data and --body-file 115c92824b6d uclient-fetch: add OPTIONS request type a1531e89f6c2 uclient-fetch: support for WebDAV methods
Fixes: https://github.com/openwrt/uclient/issues/14 Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Fri, 13 Feb 2026 09:09:06 +0000 (09:09 +0000)]
libubox: update to Git HEAD (2026-02-13)
d324c0503040 libubox: send warnings to stderr 5a65cb5a79b7 libubox: document positional arguments 8c7b489daa02 libubox: add anonymous strings, ints, et al in arrays 5ec7ff2effb3 uloop: use volatile sig_atomic_t for do_sigchld flag 0efa2cd3b74c usock: check SO_ERROR after poll in usock_inet_timeout() 1a73ded9f738 usock: fix timeout handling in usock_inet_timeout() 1aa36ee774c8 usock: implement RFC 8305 Happy Eyeballs for usock_inet_timeout()
Fixes: https://github.com/openwrt/uclient/issues/8 Signed-off-by: Felix Fietkau <nbd@nbd.name>
Raylynn Knight [Sun, 8 Feb 2026 09:23:08 +0000 (04:23 -0500)]
x86: base-files add support for Sophos 210r3 and 230r2
This fixes a previous commit for Sophos XG 210r3 which was missing
board_name mapping and adds support for the SG related version and the
XG/SG 230r2 which is the same hardware with a faster processor.
Sophos board_name mapping was modified to support all Sophos
SG/XG devices.
Sophos SG/XG 210r3 and SG/XG 230r2 are rackmounted x86 based firewall
with 6 RJ-45 gigabit ethernet ports (eth0-5) and 2 SFP gigabit ethernet
ports (eth6, eth7) all running Intel NICs supported by igb driver. The 210r3
and 230r2 only differ in the processor used. This board update maps
eth1 (marked as WAN) as wan and eth0 and eth2-5 as lan. Leaving the
two SFP ports unmapped.
Installation
------------
1. Connect to the router using ssh (user: admin, pass: web interface
password)
2. Backup:
```
cat /dev/mtd0 | gzip -1 -c > /tmp/mtd0_spi0.0.bin.gz
cat /dev/mtd1 | gzip -1 -c > /tmp/mtd1_BL2.bin.gz
cat /dev/mtd2 | gzip -1 -c > /tmp/mtd2_u-boot-env.bin.gz
cat /dev/mtd3 | gzip -1 -c > /tmp/mtd3_Factory.bin.gz
cat /dev/mtd4 | gzip -1 -c > /tmp/mtd4_FIP.bin.gz
cat /dev/mtd5 | gzip -1 -c > /tmp/mtd5_ubi.bin.gz
```
3. Download mtd backup from the /tmp dir of the router to your PC using
scp protocol
4. Upload OpenWrt 'bl31-uboot.fip', 'preloader.bin' images to the /tmp
dir of the router using scp protocol
5. Write FIP and BL2 (replace bootloader):
```
mtd write /tmp/openwrt-mediatek-filogic-netis_nx32u-bl31-uboot.fip FIP
mtd write /tmp/openwrt-mediatek-filogic-netis_nx32u-preloader.bin BL2
```
6. Place OpenWrt
'openwrt-mediatek-filogic-netis_nx32u-initramfs-recovery.itb' image on
the tftp server (IP: 192.168.1.254)
7. Erase 'ubi' partition and reboot the router:
mtd erase ubi
reboot
8. U-Boot automatically boot OpenWrt recovery image from tftp server to
the RAM
9. Upload OpenWrt 'sysupgrade.itb' image to the /tmp dir of the router
(IP: 192.168.1.1) using scp protocol
10. Connect to the router using ssh and run:
```
ubidetach -p /dev/mtd4; ubiformat /dev/mtd4 -y; ubiattach -p /dev/mtd4
ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
sysupgrade -n openwrt-mediatek-filogic-netis_nx32u-squashfs-sysupgrade.itb
```
Recovery
--------
1. Place OpenWrt
'openwrt-mediatek-filogic-netis_nx32u-initramfs-recovery.itb' image on
the tftp server (IP: 192.168.1.254)
2. Press “Reset” button and power on the router. After ~10 sec release
the button.
3. Use OpenWrt initramfs system for recovery
+---------+-------------------+-----------+
| | MAC | Algorithm |
+---------+-------------------+-----------+
| LAN | dc:xx:xx:d1:xx:18 | label |
| WAN | dc:xx:xx:d1:xx:1a | label+2 |
| WLAN 2g | de:xx:xx:11:xx:19 | |
| WLAN 5g | de:xx:xx:71:xx:19 | |
+---------+-------------------+-----------+
The LAN MAC was found in 'Factory', 0x1fef20
The WAN MAC was found in 'Factory', 0x1fef26
The WLAN 2g/5g MAC prototype was found in 'Factory', 0x4
Flash instructions:
* For using the default ext4 layout, boot into a live system using
tftpboot in u-boot and flash an OpenWrt SD image onto /dev/mmcblk0.
* For the Turris layout, put the new rootfs into subvolume '@', not
forgetting to add Image, device tree, and boot.scr to /boot.
Misc:
* USB connection is only for power. For UART access use the pin header:
1: GND
2: +1.8V
5: TX
6: RX
* Flashing the image onto Turris Shield won't work. Use Turris MOX image
instead.
realtek: pcs: revive dead ports after RTL8382M start
SerDes attached ports that are connected during switch
boot might not be able to transmit any data after SerDes
setup. Especially ports that passed traffic before (e.g.
for tftp initramfs boot) seem to be affected. Ports that
are connected later do not show this issue.
It turns out that the old SerDes setup never really worked
on RTL8382 and the pcs refactoring (with dynamic SerDes
start and stop) totally changed the order of network bringup
in contrast to Realtek SDK.
Fix this by restaring the switch queue whenever a SerDes
goes up for the first time.
Fixes: e956adf ("realtek: rtl838x: setup SDS in PCS driver") Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de> Link: https://github.com/openwrt/openwrt/pull/21956 Signed-off-by: Robert Marko <robimarko@gmail.com>
realtek: central unlock for RTL838x write protection
The write protection register (0x1b000058) is opened up in prom init
but closed later in rtl838x_pie_init(). From that moment no more
special register writes are possible.
Only unlock the write protection register once during prom init.
Remove all other references. The error has been active since ages
but was not visible until pcs refactoring. For reference blame the
refactoring commit.
Fixes: e956adf ("realtek: rtl838x: setup SDS entirely in PCS driver") Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de> Link: https://github.com/openwrt/openwrt/pull/21956 Signed-off-by: Robert Marko <robimarko@gmail.com>
- It clears out bits 4-31 due to a wrong mask
- Setup of bits 0-3 is not generic but depends on the mode of
serdes 0/1
Fix that by relocating the code and adapting the mask. The error
exists for longer but it has survived the pcs refactoring. Thus
blame the corresponding refactoring commit.
Fixes: b670d48 ("realtek: pcs: rtl838x: refactor imported code") Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de> Link: https://github.com/openwrt/openwrt/pull/21956 Signed-off-by: Robert Marko <robimarko@gmail.com>
Matt Merhar [Wed, 11 Feb 2026 22:30:53 +0000 (17:30 -0500)]
apk: handle edge case when parsing .apk files
This was a regression introduced in the recent alignment changes and led
to failures when reading (i.e. 'mkndx') certain packages like follows:
ERROR: python3-botocore-1.31.7-r1.apk: unexpected end of file
It affected packages with a header size greater than the read buffer
size of 128KB but less than 160KB (128KB + (128KB / 4)).
In those cases, we'd attempt a 0 byte read, leading to APKE_EOF.
Based on some tests of files across multiple archs and feeds, it seems
the only packages meeting those criteria were python3-botocore and
golang-github-jedisct1-dnscrypt-proxy2-dev.
Fixes: 64ec08eee1 ("apk: backport upstream fixes for unaligned access") Signed-off-by: Matt Merhar <mattmerhar@protonmail.com> Link: https://github.com/openwrt/openwrt/pull/21992 Signed-off-by: Robert Marko <robimarko@gmail.com>
Define the needed structures for the redesign of the ethernet
receive path. They are closely aligned with the already refactored
transmit path.
The only exception is the additional data buffer where the
hardware can place the incoming data. This is allocated non-
coherent and data will be manually synchronized. The old design
used coherent (aka uncached) memory access.
Realtek switches have either 8 or 32 receive queues on the CPU port.
This is an overkill. Not only the CPUs have low performance but also
the queues need memory (currently ~4MB) and lots of them are rarely
used.
To mitigate that situation add a new setup routine that enforces CPU
packet receiving to a fixed number of queues. From observations one
can see that most of the packets (especially TCP) are received on a
single queue. To align with the transmit path, start with a limit of
2 receive queues.
To make it clear: This commit does not change the receive path or its
structures. It simply limits the number of queues that are filled by
the hardware.
The ring counters on RTL83xx allow a space of up to 15 entries.
But rings can be filled faster than data is received and might be
much larger defined (128 at the moment). Also NAPI processing
allows much more than 15 packets to be processed in one chunk.
Disable the counters and let the hardware automatically detect
the available buffers by the ownership flag. With this disable
a pseudo workaround that tried to mitigate the buffer filling
on RTL838x due to wrong setup.
Remark. This commit fixes several inconsistencies in the setup
code. RTL838x runs the setup twice with different values. RTL839x
does not run the setup at all.
There is now an implementation of .set_autoneg and .restart_autoneg for
all variants. Remove the helper function which checks for it, and just
call the operation directly.
Jan Hoffmann [Sun, 8 Feb 2026 17:10:01 +0000 (18:10 +0100)]
realtek: pcs: configure auto-negotiation on all SoCs
RTL83xx uses the BMCR and ADVERTISE registers like RTL93xx to configure
in-band auto-negotiation. Split out the common parts as a new generic
implementation and use it for RTL83xx. RTL93xx retains its own variant
of set_autoneg to support XSGMII, but calls into the generic version for
all other modes.
Tested 1000Base-X auto-negotiation on HPE 1920-8G (RTL8380). Also tested
HPE 1920-24G (RTL8382) and HPE-1920-48G (RTL8393) to make sure this does
not affect PHY ports.
Zihao Diao [Wed, 4 Feb 2026 08:10:38 +0000 (16:10 +0800)]
usbmode: add modeswitch rule for ZTE MF833U1
ZTE MF833U1 is a LTE dongle that expose a cdc_ether interface for data link
and WebUI for management. It handles all the "modem" functionalities
internally and does not expose any serial interface. Instead it acts like a
"router in a stick".
It initially enumerates as a USB mass-storage device and does not bind any
network driver, so no netdev is created until a modeswitch is performed.
The test is done on Cudy TR3000 256MB v1.0 running OpenWrt 24.10.5 with an
unit targeting Chinese market:
There are report online that the device have different variants that have
different behavior across different firmware, HW revisions or SKUs.
Before the switch:
```
root@OpenWrt:~# lsusb -t
/: Bus 001.Port 001: Dev 001, Class=root_hub, Driver=xhci-mtk/1p, 480M
|__ Port 001: Dev 003, If 0, Class=[unknown], Driver=[none], 480M
root@OpenWrt:~# lsusb Bus 001 Device 001: ID 1d6b:0002 Linux 6.6.119
xhci-hcd xHCI Host Controller Bus 001 Device 004: ID 19d2:1705
DEMO,Incorporated DEMO Mobile Boardband Bus 002 Device 001: ID 1d6b:0003
Linux 6.6.119 xhci-hcd xHCI Host Controller ```
After the switch:
```
root@OpenWrt:~# lsusb -t
/: Bus 001.Port 001: Dev 001, Class=root_hub, Driver=xhci-mtk/1p, 480M
|__ Port 001: Dev 003, If 0, Class=[unknown], Driver=cdc_ether, 480M
|__ Port 001: Dev 003, If 1, Class=[unknown], Driver=cdc_ether, 480M
|__ Port 001: Dev 003, If 2, Class=[unknown], Driver=[none], 480M
/: Bus 002.Port 001: Dev 001, Class=root_hub, Driver=xhci-mtk/1p, 20000M/x2
root@OpenWrt:~# lsusb Bus 001 Device 001: ID 1d6b:0002 Linux 6.6.119
xhci-hcd xHCI Host Controller Bus 001 Device 003: ID 19d2:1706
DEMO,Incorporated DEMO Mobile Boardband Bus 002 Device 001: ID 1d6b:0003
Linux 6.6.119 xhci-hcd xHCI Host Controller ```
Add support for the TP-Link EAP683-LR, an AX6000 Ceiling Mount WiFi 6
AP.
Hardware:
* SoC: MediaTek MT7896AV
* RAM: 1GiB DDR4 (Samsung K4A8G165WC-BCTD)
* Flash: 128MiB SPI-NAND (ESMT F50L1G41LB)
* Ethernet: 1x 10/100/1000/2500 Mbps PoE-PD (MaxLinear GPY211C)
* WiFi: MT7976AN/MT7976GN 2.4/5GHz 4T4R
* LEDS: 3x blue connected to a single GPIO line
* Buttons: 1x reset
* BLE/Thread/Zigbee: CC2652
Stock firmware uses a random MAC address for ethernet, label MAC for
2.4 and label MAC + for 5GHz.
Installation via bootloader:
* Solder JST??? connector on J255, alternatively solder wires on the
TP13-TP15 pads. Pinout: TP13: TX, TP14: RX, TP15: GND, TP16: VCC.
The pins for J255 are in the same order.
* Interrupt boot process by repeatedly pressing Ctrl+b during boot
* In the boot menu, select U-Boot console
* Ensure the U-Boot environment variable "tp_boot_idx" is not set:
# setenv tp_boot_idx
# saveenv
* Boot the OpenWrt initramfs:
# tftpboot openwrt-mediatek-filogic-tplink_eap683-lr-initramfs-kernel.bin
# bootm
* copy openwrt-mediatek-filogic-tplink_eap683-lr-squashfs-sysupgrade.bin
to /tmp and install it using sysupgrade
Flashing via OEM firmware is currently not supported. The
tplink-safeloader utility does not recognize the OEM firmware:
DEBUG: can not find fwuphdr
Firmware image partitions:
base size name
Segmentation fault (core dumped)
To revert to the OEM firmware, you can set the U-Boot environment
variable "tp_boot_idx" to 1 via bootloader, or using fw_setenv via
OpenWrt. This should result in booting from the ubi1 partition, which
OpenWrt should not touch. Then use the web interface to upgrade
firmware: System > Firmware Update.
The OEM firmware uses 0x800000 for the runtime_backup partition size.
This causes the following warning:
mtd: partition "runtime_backup" extends beyond the end of device "nmbm_spim_nand" -- size truncated to 0x600000
This is due to the NMBM reserved blocks. Use 0x600000 in our DTS.
Thanks to init Lab's user890104, who soldered jumper wires on the TTL
pads for me so I could have serial console. My soldering skills just
aren't good enough to pull that off without risk damaging things.
Nick Hainke [Tue, 10 Feb 2026 20:15:15 +0000 (21:15 +0100)]
xdp-tools: add patch to fix stddef.h build issue
Add a patch that avoids including <stddef.h> in BPF headers, fixing
build failures on OpenWrt toolchains where the header is unavailable:
In file included from xdpfilt_dny_udp.c:10:
In file included from ./xdpfilt_prog.h:24:
../lib/../headers/xdp/parsing_helpers.h:18:10: fatal error: 'stddef.h' file not found
18 | #include <stddef.h>
| ^~~~~~~~~~
1 error generated.
make[5]: *** [../lib/common.mk:111: xdpfilt_dny_udp.o] Error 1
make[4]: *** [Makefile:40: xdp-filter] Error 2
Paul Spooren [Sun, 8 Feb 2026 19:14:43 +0000 (20:14 +0100)]
scripts: update malta kernel path in qemustart
Update the default kernel path in start_qemu_malta() to match the new
image naming scheme after the malta target was converted to the Device
macro system with device name 'generic'.
Paul Spooren [Sun, 8 Feb 2026 18:50:34 +0000 (19:50 +0100)]
malta: convert to Device macro image building
Convert the malta target from the legacy Image/BuildKernel and
Image/Build pattern to the modern Device macro system. This is the
last target still using the legacy pattern.
The Device macro system automatically generates per-image JSON
metadata files which get aggregated into profiles.json, enabling
firmware selector and other tooling support for all malta subtargets
(be, le, be64, le64).
The kernel ELF is produced via KERNEL_NAME := vmlinux.elf (matching
octeon), uImage artifacts are built using the standard Build/lzma,
Build/gzip and Build/uImage commands with the existing load address
0x80100000, and rootfs images use append-rootfs with optional gzip
compression.
The device is named 'generic' following the convention used by other
virtual/emulated targets (x86, armsr, octeon).
These devices share the same "compatible" in device tree causing some
incompatibilities (sysupgrades, ASU profile identification), assign a
unique "compatible" and "model" to each variant.
Context:
Commit [1] added each variant's dts compatible to the SUPPORTED_DEVICES
field of the other variant to make easy sysupgrades between these
physically indistinguishable devices variants possible.
But there were found three issues which does not allow this:
- the sysupgrade's stricter check still used in some sysupgrade
paths(this check is being replaced(and redundant) with the newer fwtool's
SUPPORTED_DEVICES check using the info in images METADATA), this check
will fail when sysupgrading from a different board_name(compatible dts)
that the image was created for (image profile name).[2]
- ASU needs unique "dts compatible" to identify the devices profile.
- and an ASU's profile identification limitation when several devices from
a common target share SUPPORTED_DEVICES entries.[3]
There is a proposal for these issues but not yet implemented [4][3].
Until these issues are fixed we won't allow "easy" sysupgrades between
these two device variants.
Commit [5] avoided the ASU profile identification limitation but
missed the required two unique dts compatibles in order to make the two
variants fully work, although not allowing easy sysupgrade between them.
Matt Merhar [Mon, 9 Feb 2026 23:20:39 +0000 (18:20 -0500)]
apk: backport upstream fixes for unaligned access
On the kirkwood target, packages would frequently fail to install with
APKE_ADB_SCHEMA, APKE_ADB_BLOCK, and/or segfaults. The culprit was
unaligned access leading to bogus values being read out of memory on
these particular ARMv5 CPUs.
Pull in the relevant upstream fixes to address this.
Doing so makes the u-boot unable to find the node for this pcie
controller and disable it on mx60, resulting boot failure, as reported
in https://github.com/openwrt/openwrt/issues/21649 .
If we keep on treating mx60 and mx60w the same target, we might have
to endure the warning which 66a7e04 wants to eliminate.
Jan Hoffmann [Thu, 22 Jan 2026 19:15:09 +0000 (20:15 +0100)]
realtek: remove MAC assignment default case in 02_network
Explicitly specify all devices where the MAC address is configured based
on the U-Boot environment.
This change makes it clearer which devices use this method. Also makes
things simpler for any future devices which handle MAC address
configuration entirely via device tree.
Jan Hoffmann [Thu, 22 Jan 2026 19:21:35 +0000 (20:21 +0100)]
realtek: don't implicitly configure port MAC addresses
Currently, the 02_network script always configures MAC addresses for
each individual LAN port unless "lan_mac_start" is set to "skip". This
behaviour can be unexpected, and is also somewhat broken, as it even
continues to do so when "lan_mac_start" is empty.
Change it to only do the configuration if "lan_mac_start" is non-empty,
and also remove the fallback to "lan_mac", making this more obvious and
less error-prone.
Carlo Szelinsky [Sat, 7 Feb 2026 13:47:15 +0000 (14:47 +0100)]
kernel: net: pse-pd: patch netlink & PSE PRIO
patch netlink headers for netifd PSE support
& fix PSE backports for PSE Prio
The 626-* patches are backporting net PSE-PD from
linux 6.18 to 6.12. The 627-02 is a nearly verbatim
copy of the upstream commit. The 6.12-01 patches the
auto generated ethtool_netlink_generated header.
The 6.12 build tools do not have the build system
feature for generating the correct netlink
headers related to the backports.
Daniel Golle [Mon, 9 Feb 2026 11:47:39 +0000 (11:47 +0000)]
procd: update to git HEAD
7e5b324 instance: check length of names when creating cgroups 014f94c procd: jail/cgroups: fix OOB write in cgroups_apply() e08cdc8 hotplug-dispatch: fix filter disallowing setting PATH afa4391 service instance: Improve handling of watchdog config changes 52c64d2 service instance: Fix overwriting of watchdog linked list members 96c827f coldplug: fix missing header include 6b10c71 hotplug-dispatch: fix missing header include 58d7aaa initd/coldplug: create /dev/null before running udevtrigger 64f97ff hotplug-dispatch: redirect output to /dev/null c4e9859 hotplug-dispatch: use stat if d_type is DT_UNKNOWN bafdfff system: fix arguments validation in ubus handler
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Robert Marko [Mon, 9 Feb 2026 11:33:20 +0000 (12:33 +0100)]
mvebu: cortex-a53: respect DEVICE_packages for Methode devices
Use the added support for generating per device targz rootfs so that images
generated for Methode devices when CONFIG_TARGET_MULTI_PROFILE and
CONFIG_TARGET_PER_DEVICE_ROOTFS are set, we actually get the targz rootfs
that respects DEVICE_PACKAGES.
Currently, buildbot generated images have no networking, LM75 nor I2C
working, as the generated images do not include required kmods that are
listed in DEVICE_PACKAGES.
While at it, there is no need for tar to run in verbose mode.
Fixes: 7dff6a8c89e3 ("mvebu: uDPU: add sysupgrade support") Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Robert Marko [Mon, 9 Feb 2026 11:25:56 +0000 (12:25 +0100)]
image: support generating per device targz rootfs
Currently, for targets that use the CONFIG_TARGET_ROOTFS_TARGZ a single
rootfs tarball is generated for the subtarget based of $(TARGET_DIR).
However, this means that it does not respect DEVICE_PACKAGES like other
rootfs images.
So, lets augment CONFIG_TARGET_ROOTFS_TARGZ by adding a proper targz fstype
so that per device rootfs is generated under lock.
This is required so that devices that use custom sysupgrade archives like
Methode devices, can actually include a per device rootfs so when building
for multiple devices and with CONFIG_TARGET_PER_DEVICE_ROOTFS set the built
image actually includes the listed DEVICE_PACKAGES.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Chester A. Unal [Mon, 5 Jan 2026 12:54:42 +0000 (14:54 +0200)]
ramips: mt7621: enable kmod-usb3 for Mikrotik RBM33G
Mikrotik RBM33G has got a USB-A port and mPCIe slots with USB 3.0 and USB
2.0 interfaces in use. The MediaTek MT7621 SoC has got an xHCI to provide
these interfaces. Therefore, enable kmod-usb3 to support them.
Fixes: 5684d087418d ("ramips: Add support for Mikrotik RouterBOARD RBM33g") Signed-off-by: Chester A. Unal <chester.a.unal@arinc9.com>
The bus reset functions currently configure a lot of things. Looking
closely they have a topology setup and a polling setup part. Split the
big chunk in smaller better readable functions.
The downstream Realtek phy module is currently known as rtl83xx-phy.c
and its kernel config REALTEK_SOC_PHY. It has been simplified, cleaned
and now aligns to Realtek main module (upstream Realtek phy). It is no
longer tied to the Realtek switch SoC but serves as generic module for
1Gbit multiport phys. Adapt it as follows:
- place it into the realtek folder aside its upstream sibling
- rename it to realtek_multiport.c
- remove SoC dependency in Kconfig and Makefile
- change kernel configs for the targets accordingly
Felix Fietkau [Sun, 8 Feb 2026 18:46:07 +0000 (18:46 +0000)]
wifi-scripts: fix spurious teardown on config_change during setup
When config_change is set during an active setup (e.g. by a concurrent
reconf call), wdev_mark_up() attempted to call setup() while still in
"setup" state. Since setup() requires state "up" or "down", it silently
returned, leaving the state as "setup". The subsequent wdev_setup_cb()
then treated this as a setup failure, triggering an unnecessary
teardown+restart cycle.
Fix this by removing the config_change handling from wdev_mark_up() and
moving it to wdev_setup_cb() instead. wdev_mark_up() now always
transitions to "up" state. When wdev_setup_cb() runs afterwards and
finds the device already "up" with config_change set, it initiates a
clean re-setup from the "up" state where setup() can run.
Raylynn Knight [Sat, 7 Feb 2026 00:44:13 +0000 (19:44 -0500)]
x86: base-files add support for Sophos 125r3/125r3w
The Sophos SG/XG-125 revision 3 like the already supported SG/XG-135
revision 3 has odd numbering of eth ports where the WAN port (as marked
on the case) is: `eth6` and `eth0`, `eth1`, `eth2`, `eth3`, `eth5`, `eth7`,
`eth8` are LAN ports.
Shine [Sun, 8 Feb 2026 09:41:45 +0000 (10:41 +0100)]
wifi-scripts: fix encryption setting of default OpenWrt SSID
Commit 01a87f4bd0cdbfc84bbc172920e865c1600f7a45 changed the encryption
setting of the default SSID "OpenWrt" from "none" to "open". The correct
setting as per the documentation [1] is "none", though.
While this invalid setting won't cause a wrong hostapd setup, it will
at least cause malfunction in LuCI.
Change the default encryption setting back to "none".
Edward Chow [Sat, 7 Feb 2026 02:03:03 +0000 (10:03 +0800)]
apm821xx: mx60: increment compat_version
meraki_loadaddr=1000000 may not enough to boot openwrt 25.12+ on mx60,
so directly sysupgrade without changing meraki_loadaddr would result
broken, but the u-boot-env partition used to be marked read-only, so
compat_version had better be incremented to show a notification to
direct users to the wiki to prepare the sysupgrade manually.
Felix Fietkau [Sun, 8 Feb 2026 11:03:18 +0000 (11:03 +0000)]
hostapd: extend DPP ucode API with WPS M7/M8 encrypted settings handling
Add callbacks to intercept WPS M7 reception (registrar side) and M8
reception (enrollee side), allowing external code to inject extra
encrypted attributes and optionally skip credential building.
On the registrar side, the m7_rx callback receives the decrypted M7
content and can return extra data to include in M8's encrypted settings
as well as a flag to skip credential generation.
On the enrollee side, add a wps_set_m7 method to set extra encrypted
data for M7, and a m8_rx callback to handle the decrypted M8 content
externally.
Jonas Jelonek [Tue, 3 Feb 2026 18:51:49 +0000 (18:51 +0000)]
realtek: pcs: rtl931x: drop unneeded cmu band read
There is still a stray call in setup_serdes to read the current CMU
band. The only effect is that the current band is printed to the log, the
value itself isn't used for anything further. Drop this since it's not
needed.
Jonas Jelonek [Mon, 2 Feb 2026 12:06:49 +0000 (12:06 +0000)]
realtek: pcs: rtl931x: match function name with content
The function 'rtpcs_931x_sds_init_leq_dfe' was taken over mostly as-is
from the SDK. After looking at what it actually does (by seeing which
register are written and how they are used elsewhere), it becomes clear
that 'init' isn't the correct term to describe what it does. It sets the
LEQ and DFE parameters to baseline values (mostly 0) and turns off auto
mode, switching to manual LEQ/DFE and forcing those baseline values.
This is rather a reset to a known state instead of an initialization.
Name the function accordingly.
Jonas Jelonek [Sun, 1 Feb 2026 17:09:33 +0000 (17:09 +0000)]
realtek: pcs: rtl931x: add some register comments
Add some comments to several register writes explaining what these
fields are. The information was extracted from the SDK. This allows to
understand much better what's going on there.
Jonas Jelonek [Mon, 2 Feb 2026 22:48:04 +0000 (22:48 +0000)]
realtek: pcs: rtl931x: config CMU before media
Currently, the CMU is configured after media specific settings have been
set. This seems to work however does not make that much sense. The
proper clock should be configured before the TX/RX channels are
configured. Thus, move the call to the CMU configuration above the media
handling.
While at it, handle the return code of the CMU config properly.
Jonas Jelonek [Sun, 1 Feb 2026 09:56:09 +0000 (09:56 +0000)]
realtek: pcs: rtl931x: read chip specifics in early init
The SerDes setup for RTL931x relies on chip specifics in some cases,
Determining both usually requires some register operations. But we can
avoid to do this every time again and again since the information is
static anyway. Thus, move this to initialization for RTL93xx, only read
once and store it in the global control structure. Though not used for
RTL930x, it has the same registers and information.
While at it, give referenced defines a proper prefix.
Jonas Jelonek [Wed, 4 Feb 2026 08:54:25 +0000 (08:54 +0000)]
realtek: pcs: rtl931x: drop chiptype 1 support
From the Realtek SDK we know that the chip type tell us whether a chip
is a normal chip or an engineering sample/testchip [1]. Such engineering
samples likely never reach any consumer device, only some initial
development boards. So far we haven't encountered any device with that,
thus the code paths handling this are practically dead and can hardly be
checked of they work properly. To focus on support for the devices we
actually have, drop support for such engineering samples/testchips. This
may be readded later if there's sufficient need for this.
Jonas Jelonek [Sat, 31 Jan 2026 18:31:50 +0000 (18:31 +0000)]
realtek: pcs: rtl931x: drop sequence in favor of function
Drop a register write sequence from the USXGMII setup for RTL931x in
favor of using a function that is already present. From the name, the
function initializes LEQ DFE. Though it's not yet clear what it exactly
does, this is already better then having a sequence with no explanation
somewhere in the code.
Apparently, when this code was added, the function wasn't present
but it's content was just added here as single usage.
Carlo Szelinsky [Sat, 31 Jan 2026 12:19:00 +0000 (13:19 +0100)]
kernel: net: pse-pd: backport PSE v6.13-v6.19
Backport the PSE-PD (Power Sourcing Equipment - Powered Device)
framework updates from Linux 6.13 through 6.19. This brings modern
PoE (Power over Ethernet) controller support to OpenWrt, enabling
userspace control of PSE hardware via ethtool.
Key features:
- Enhanced ethtool integration for PSE status and configuration
- Power domain support with budget evaluation strategies
- PSE event reporting via netlink
- Port priority management for power budget allocation
- New Si3474 PSE controller driver
Backported commits:
v6.13 core framework and TPS23881 improvements:
- 6e56a6d47a7f net: pse-pd: Add power limit check
- 0b567519d115 net: pse-pd: tps23881: Simplify function returns
- 4c2bab507eb7 net: pse-pd: tps23881: Use helpers to calculate bit offset
- f3cb3c7bea0c net: pse-pd: tps23881: Add missing configuration register
- 3e9dbfec4998 net: pse-pd: Split ethtool_get_status
into multiple callbacks
- 4640a1f0d8f2 net: pse-pd: Remove is_enabled callback from drivers
- 7f076ce3f173 net: pse-pd: tps23881: Add power limit
and measurement features
- 10276f3e1c7e net: pse-pd: Fix missing PI of_node description
- 5385f1e1923c net: pse-pd: Clean ethtool header of PSE structures
v6.17 power domains and event support:
- fa2f0454174c net: pse-pd: Introduce attached_phydev to pse control
- fc0e6db30941 net: pse-pd: Add support for reporting events
- f5e7aecaa4ef net: pse-pd: tps23881: Add support for PSE events
- 50f8b341d268 net: pse-pd: Add support for PSE power domains
- 1176978ed851 net: ethtool: Add support for power domains index
- c394e757dedd net: pse-pd: Add helper to report hw enable status
- ffef61d6d273 net: pse-pd: Add support for budget evaluation strategies
- 359754013e6a net: pse-pd: pd692x0: Add PSE PI priority feature
- 24a4e3a05dd0 net: pse-pd: pd692x0: Add controller and manager power
- 56cfc97635e9 net: pse-pd: tps23881: Add static port priority feature
- d12b3dc10609 net: pse-pd: pd692x0: reduce stack usage
v6.18 Si3474 driver and fixes:
- 1c67f9c54cdc net: pse-pd: pd692x0: Fix power budget leak
- 7ef353879f71 net: pse-pd: pd692x0: Skip power budget when undefined
- a2317231df4b net: pse-pd: Add Si3474 PSE controller driver
v6.19 maintenance and TPS23881B support:
- 2c95a756e0cf net: pse-pd: tps23881: Fix current measurement scaling
- f197902cd21a net: pse-pd: pd692x0: Replace __free macro
- 6fa1f8b64a47 net: pse-pd: pd692x0: Separate configuration parsing
- 8f3d044b34fe net: pse-pd: pd692x0: Preserve PSE configuration
- 4d07797faaa1 net: pse-pd: tps23881: Add support for TPS23881B
UART: internal test points, 3V3 115200 8N1 (RX, TX, GND)
Interface MAC Algorithm
LAN (label) 1c:bf:ce:xx:xx:x1 0x4
WAN 1c:bf:ce:xx:xx:x2 0xa
WLAN 2.4G 1c:bf:ce:xx:xx:x3 0x2a
WLAN 5G 1c:bf:ce:xx:xx:x4 0x24
At the moment installation is possible via UART only since SSH root
is password protected.
Set a static ip on the ethernet interface of your PC:
(ip address: 192.168.1.2, subnet mask:255.255.255.0).
Boot into initramfs via TFTP:
```
setenv serverip 192.168.1.2
tftpboot 0x46000000 openwrt-mediatek-filogic-bazis_ax3000wm-initramfs-recovery.itb
bootm 0x46000000
```
Install kmod-mtd-rw and activate it:
```
apk update && apk add kmod-mtd-rw
insmod mtd-rw i_want_a_brick=1
```
Upload to the router and write OpenWrt BL2 and FIP bootloader:
```
mtd write openwrt-mediatek-filogic-bazis_ax3000wm-preloader.bin BL2
mtd write openwrt-mediatek-filogic-bazis_ax3000wm-bl31-uboot.fip FIP
```
Prepare ubi partition:
```
ubidetach -p /dev/mtd4
ubiformat /dev/mtd4 -y
ubiattach -p /dev/mtd4
```
Upgrade via luci web interface with sysupgrade file or by issuing a command:
```
sysupgrade -n openwrt-mediatek-filogic-bazis_ax3000wm-squashfs-sysupgrade.itb
``` Signed-off-by: Fil Dunsky <filipp.dunsky@gmail.com> Link: https://github.com/openwrt/openwrt/pull/21813 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Flash instruction:
==================
-Prepare TFTP server & connect to serial port
-Connect your computer to one of the RJ45 ports
-Power on and interrupt autoboot with Shift + A.
-Use Shift + Q to drop from vendor CLI to U-Boot CLI.
-Change U-Boot Bootcommand (needed for network functionality):
> setenv bootcmd 'rtk network on; boota'
> saveenv
-Start network:
> rtk network on
-Set switch IP and TFTP server IP:
> setenv ipaddr [IP-ADDRESS]
> setenv serverip [IP-ADDRESS]
-Load initramfs image from TFTP server:
> tftpboot 0x82000000 [IMAGEFILE]
-Boot with the downloaded image:
> bootm 0x82000000
-Backup the stock firmware if needed
-Perform sysupgrade with the sysupgrade image (in Luci or Terminal via scp & sysupgrade)
Back to stock firmware:
=======================
-In the Terminal enter:
> fw_setenv bootcmd 'boota'
-Write firmware with:
> sysupgrade -F [IMAGEFILE]
The main mdio bus for the phys is named after the dts node it belongs
to (1b000000.switchcore:mdio-controller-mii). As it is attached to the
controller node it is even more confusing.
Align the naming to the other busses and use "realtek-mdio".
The phy driver still uses the ancient unknown firmware file format
for the internal RTL8218B of the RTL838x. Get rid of that and
convert the initialization to the bare minimum.
Burak Aydos [Tue, 3 Feb 2026 20:38:01 +0000 (23:38 +0300)]
lantiq: xrx200: handle EPROBE_DEFER for MAC address
The xrx200 ethernet driver falls back to a random MAC address on any
error from of_get_ethdev_address(), including -EPROBE_DEFER. When the
MAC address comes from an nvmem layout driver (such as u-boot-env on
NAND), the nvmem cell may not be available yet at first probe attempt.
Fix this by propagating EPROBE_DEFER so the driver probe is deferred
until the nvmem cell becomes available.
Tested on Zyxel P-2812HNU-F1 (NAND, u-boot-env nvmem layout).
Felix Fietkau [Tue, 3 Feb 2026 19:13:24 +0000 (19:13 +0000)]
hostapd: add DPP ucode API for external frame handling
Add a ucode API to hostapd and wpa_supplicant for external DPP frame
handling. This allows an external controller to intercept DPP frames
and handle the DPP protocol externally.
The API provides:
- RX callbacks (dpp_rx_action, dpp_rx_gas) called when DPP frames are
received, allowing external handling before internal processing
- TX methods (dpp_send_action, dpp_send_gas_resp/dpp_send_gas_req) for
transmitting DPP frames
- A ubus channel-based API (dpp_channel) for bidirectional communication
with exclusive hook registration per interface
- CCE control for hostapd (set_cce method)
The wpa_supplicant API mirrors hostapd but adapted for STA role:
- Uses tx_gas_req instead of tx_gas_resp
- GAS RX provides full frame instead of parsed query
- No CCE control (AP-only feature)
Both implementations include:
- Timeout handling with automatic channel disconnect after 3 failures
- Hook cleanup on interface removal
- Last-caller-wins semantics for hook registration
Felix Fietkau [Wed, 4 Feb 2026 10:34:55 +0000 (10:34 +0000)]
wifi-scripts: fix nested config accumulation in wdev_set_data
When storing device-level data, wdev_set_data() spread the entire wdev
object into handler_data. Since handler_config.data is set from the
previous handler_data[wdev.name] before each setup, this created
exponentially growing nesting with each reload, eventually causing
"nesting too deep" JSON parse errors.
Fix by initializing cur to a simple object containing only the device
name instead of the entire wdev object.
Optional DPP mode (dpp=1 boolean on AP):
- Adds DPP to existing key management methods
- Allows AP to accept both DPP and other auth types
- Supports the same connector options
Both ucode and legacy shell implementations are updated for AP and STA
modes.
John Crispin [Fri, 6 Feb 2026 07:41:49 +0000 (08:41 +0100)]
unetmsg: notify subscribers when remote peer connection drops
When a remote peer's connection drops (device powered off, unetmsgd
crash, network failure), network_rx_cleanup_state silently removed
the remote publish/subscribe handles without notifying local
subscribers. This meant local clients had no way to detect that a
remote peer had disappeared.
Call handle_publish for each channel where a remote publish handle
is removed during connection cleanup, so local subscribers receive
the publisher change notification and can react accordingly.
Felix Fietkau [Sat, 7 Feb 2026 08:02:24 +0000 (08:02 +0000)]
unetmsg: only send publish notifications for remote publisher changes
handle_publish() notifies local subscribers about publisher state
changes. The publish/subscribe handler in network_socket_handle_request()
was calling it for both remote publish and subscribe changes, but
subscriber changes are not relevant to local subscribers.
Guard the handle_publish() calls with a msgtype == "publish" check,
matching the local client paths in unetmsgd-client.uc which already
have this guard.
Felix Fietkau [Fri, 6 Feb 2026 10:12:31 +0000 (10:12 +0000)]
unetmsg: fix reconnect loop when RX authenticates before TX
When both peers connect simultaneously, the RX side can authenticate
before the TX handshake completes. network_check_auth() was sending a
ping on the unauthenticated TX channel, which gets rejected by the
remote's pre-auth handler as "Auth failed", killing the connection and
triggering an endless reconnect cycle.
Check chan.auth before interacting with the TX channel. If TX auth
hasn't completed yet, just schedule a reconnect timer - auth_data_cb
already handles state sync when TX auth completes.
Felix Fietkau [Fri, 6 Feb 2026 09:30:49 +0000 (09:30 +0000)]
unetmsg: close all channels on network removal
network_close() only closed the listening socket without shutting down
established RX/TX connections. This left remote state in
core.remote_publish/core.remote_subscribe for hosts on the removed
network, causing stale entries in channel listings and failed routing
attempts.
Close all RX and TX channels before removing the network, which also
triggers remote state cleanup via network_rx_socket_close().
Felix Fietkau [Fri, 6 Feb 2026 09:30:26 +0000 (09:30 +0000)]
unetmsg: fix inverted condition in network_rx_socket_close()
The cleanup condition checked != instead of ==, inverting the logic.
This caused two problems:
When an authenticated RX connection disconnected, remote state for that
host was never cleaned up since the stored entry matched the one being
closed.
When a stale unauthenticated connection from a peer closed, any existing
authenticated connection from the same peer was incorrectly deleted and
its remote state wiped.
Felix Fietkau [Fri, 6 Feb 2026 09:22:30 +0000 (09:22 +0000)]
unetmsg: fix publish notification timing around remote auth
When a remote peer's publish registrations arrive via RX before the
local TX connection is authenticated, handle_publish fires but the
subscriber can't reach the remote publisher yet since the TX channel
isn't ready.
Suppress publish notifications on the RX side when no authenticated TX
channel exists for the remote host. After TX authentication completes,
re-trigger handle_publish only for topics that the specific peer
publishes and that have local subscribers.
Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Fri, 6 Feb 2026 09:17:50 +0000 (09:17 +0000)]
unetmsg: fix stale network cleanup in unetd_network_update()
The condition checked !data.networks instead of !data.networks[name],
making it always false since data.networks was already validated earlier
in the function. Networks removed from unetd were never closed.
projects / thirdparty / openwrt.git / log
