Nick Hainke [Thu, 25 Dec 2025 19:32:28 +0000 (20:32 +0100)]
wifi-scripts: ucode: fix wpa_supplicant mesh
Mesh interfaces may not define an encryption setting. This results in
a ucode runtime error when parse_encryption() is called:
Reference error: left-hand side expression is null
In parse_encryption(), file /usr/share/ucode/wifi/iface.uc, line 20, byte 32:
called from function setup_sta (/usr/share/ucode/wifi/supplicant.uc:59:31)
called from function generate (/usr/share/ucode/wifi/supplicant.uc:243:41)
called from function setup (./mac80211.sh:254:61)
called from anonymous function (./mac80211.sh:342:14)
` config.auth_type = encryption[0] ?? 'none';`
Near here ------------------------^
Interrupt vector for reo2host-status is wrongly assigned.
Status interrupts weren't received and a workaround was applied to
mac80211 to periodically poll the reo status ring. Therefore, the
workaround can be removed with the proper hardware interrupt line
assigned.
Flash instructions:
************************************************************************
NOTE: serial access is required! Although the web UI allows you to
install the Openwrt image, secure boot is enabled which will prevent
booting an unsigned image. The boot sequence must be adjusted in U-boot
to allow booting unsigned images.
************************************************************************
1. On OEM firmware, login to the web UI (typically @ http://192.168.1.1)
and click 'CA' in the bottom right corner.
Then click -> Connectivity -> Manual Upgrade.
Alternatively, browse to
http://<router IP>/fwupdate.html.
Upload openwrt-qualcommax-ipq50xx-linksys_mx6200-squashfs-factory.ubi.
Continue with step 5.
2. Installation on alternate partition using serial connection from OEM
firmware (default login: root, password: admin):
flash_erase /dev/mtd19 0 0
nandwrite -p /dev/mtd19 openwrt-qualcommax-ipq50xx-linksys_mx6200-squashfs-factory.ubi
reboot
Continue with step 5.
3. Installation using serial connection from initramfs
setup tftp server listening on IP in 192.168.1.0/24 (other than the
router IP 192.168.1.1). In U-boot, load the initramfs image to memory:
tftp $loadaddr <your IP>:openwrt-qualcommax-ipq50xx-linksys_mx6200-initramfs-uImage.itb
boot the image using command:
bootm $loadaddr
when fully booted, scp the sysupgrade image to your router IP (default:
192.168.1.1):
scp -O <path>/openwrt-qualcommax-ipq50xx-linksys_mx6200-squashfs-sysypgrade.bin root@192.168.1.1:/tmp/
use sysupgrade to flash the image to nand:
sysupgrade -n -v /tmp/openwrt-qualcommax-ipq50xx-linksys_mx6200-squashfs-sysupgrade.bin
Continue with step 5.
4. Optionally install on alternate partition. From Openwrt:
mtd -r -e rootfs_1 -n write openwrt-qualcommax-ipq50xx-linksys_mx6200-squashfs-factory.ubi rootfs_1
Continue with step 5.
5. Setup U-boot for ability to dual boot signed (stock) and non-signed
(Openwrt) images with auto-detection.
From U-boot, run (be aware: copy line by line):
setenv setnandbootargs 'setenv bootargs init=/sbin/init ubi.mtd=rootfs rootfstype=squashfs rootwait'
setenv nandinitcmd 'setenv mtdids nand0=nand0; run setrootfscmd; ubi part rootfs 2048'
setenv setrootfscmd 'if test $boot_part = 1; then setenv mtdparts mtdparts=nand0:0x${imgsize}@0x${prikern}(rootfs); else setenv mtdparts mtdparts=nand0:0x${imgsize}@0x${altkern}(rootfs); fi'
setenv readhdr1cmd 'ubi read $loadaddr kernel 0x40; setexpr IMGOFF $loadaddr + 0x10; setexpr CODEOFF $loadaddr + 0x14; setexpr SIGOFF $loadaddr + 0x1c; setexpr CERTOFF $loadaddr + 0x24'
setenv readhdr2cmd 'setexpr.l HDR *$loadaddr; setexpr.l IMGSZ *$IMGOFF; setexpr.l CODESZ *$CODEOFF; setexpr.l SIGSZ *$SIGOFF; setexpr.l CERTSZ *$CERTOFF; setexpr TSIZE $CODESZ + $SIGSZ; setexpr TSIZE $TSIZE + $CERTSZ'
setenv testmbncmd 'if test $HDR -ne edfe0dd0 -a $IMGSZ -eq $TSIZE; then bootipq; else ubi read $loadaddr kernel $kernsize; run setnandbootargs; bootm $loadaddr; fi'
setenv bootcmd2 'if test $auto_recovery = no; then bootipq; else run nandinitcmd; run readhdr1cmd; run readhdr2cmd; run testmbncmd; fi'
setenv bootcmd 'run bootcmd2'
saveenv
6. Back to the OEM firmware.
Download firmware from OEM website:
MX6200: https://support.linksys.com/kb/article/408-en/
From serial/SSH, in Openwrt, flash OEM firmware to alternate partition:
mtd -r -e rootfs_1 -n write FW_MX6200_1.0.11.216041_prod.signed.img rootfs_1
Switching active partition:
1. From U-boot, executive the following to switch to partition 1:
setenv boot_part 1
for partition 2:
setenv boot_part 2
2. From Openwrt:
fw_printenv boot_part
In case it's 1:
fw_setenv boot_part 2
. /lib/upgrade/platform.sh
linksys_bootconfig_set_primaryboot "0:bootconfig" 1
linksys_bootconfig_set_primaryboot "0:bootconfig1" 1
In case it's 2:
fw_setenv boot_part 1
. /lib/upgrade/platform.sh
linksys_bootconfig_set_primaryboot "0:bootconfig" 0
linksys_bootconfig_set_primaryboot "0:bootconfig1" 0
and
reboot
Add support for upgrades on dual firmware Linksys devices with the
partition table stored in SMEM and that store both the kernel and rootfs
in a single partition. Switching the active boot partition requires
updating the partition info table in SMEM in addition to setting
the active boot partition in a U-boot variable as U-boot will keep them
in sync upon reboot if they're not.
U-boot always sets the name of the active partition to rootfs and that
of the inactive partition to rootfs_1 in SMEM. when Linux loads the
partition table from SMEM it will load the right partition based on the
offset set in the SMEM partition table. For upgrades, flashing to the
alternate partition will always be to rootfs_1, while flashing the
current partition will be on rootfs.
qualcommax: ipq50xx: functions for bootconfig partition
The BOOTCONFIG partition is used by Qualcomm's boot chain to store
metadata about the device's startup configuration. It contains info such
as versioning, configuration flags, primary boot partition, and more.
Newer devices with dual boot partitions not only store the active boot
partition in a U-boot variable but also in partition info in the
BOOTCONFIG partition. As such, add library functions to set and toggle
the active boot partition.
qualcommax: ipq50xx: move bootargs to Linksys board files
Move setting kernel bootargs from the base template down to the
respective Linksys board files. This allows for having devices which
require different bootargs use the base template device tree file.
qualcommax: ipq50xx: load Linksys partition tables from SMEM
The partition table on Linksys devices with a Qualcomm AX IPQ SoC is
stored in SMEM. As such, load partition table from SMEM rather than
statically defining them in their respective device trees. This helps
generalize the base template and requires less maintenance.
qualcommax: ipq50xx: remove ipq5018 and qcn6122 wifi m3 fw
The current ath11k driver does not support loading m3 firmware for
IPQ5018 and QCN6122 wifi. Although m3 firmware entries are specified
in Q6 WCSS nodes, the driver actually skips loading them. Editing the
driver to force loading m3 results in Q6 crashes and non-functioning
wifi. As such, remove m3 firmware entries for all boards until there's
proper support in the ath11k driver.
George Sapkin [Wed, 24 Dec 2025 02:32:01 +0000 (04:32 +0200)]
toolchain: fix libgcc ABI for libc
libc depends on knowing libgcc's ABI, so it needs to be evaluated first.
Otherwise libc will depend on an ABI-less libgcc causing the rest of the
toolchain to fail.
Building package index...
ERROR: unable to select packages:
libgcc (virtual):
note: please select one of the 'provided by'
packages explicitly
provided by: libgcc1
required by: world[libgcc]
Jonas Jelonek [Mon, 15 Dec 2025 19:41:16 +0000 (19:41 +0000)]
realtek: pcs: rtl931x: add helper for SerDes power up/down
Add a dedicated helper 'rtpcs_931x_sds_power' to power down/up a SerDes.
Up to now, plain register writes to the corresponding register were used
in several places and with slightly different syntax. Use the helper to
replace the existing boilerplate code for powering on/off SerDes.
Jonas Jelonek [Mon, 15 Dec 2025 18:45:54 +0000 (18:45 +0000)]
realtek: pcs: rtl931x: reorder modes in mode configuration
Reorder the modes within the switch statement in
rtpcs_931x_sds_config_mode to have a proper and non-confusing order.
Have fiber modes first and MII modes after, and sort all modes in
ascending speed/capabilities order.
Jonas Jelonek [Mon, 15 Dec 2025 17:37:01 +0000 (17:37 +0000)]
realtek: pcs: rtl931x: map interface mode to hardware mode
The PCS driver is intended to use a dedicated hardware mode in the
future because the hardware capabilities and modes of the SerDes do not
align with the PHY_INTERFACE_MODE_* modes.
For the beginning, use the previously introduced generic mode mapping
in the SerDes setup and assign the determined hardware mode to the
corresponding field of a SerDes instance. This allows parallel usage of
both mode representations for the time being, until the phy_interface_t
modes can be dropped from internal functions completely.
Jonas Jelonek [Sun, 14 Dec 2025 11:34:34 +0000 (11:34 +0000)]
realtek: pcs: rtl931x: move SerDes config out of setup
Slim the rtpcs_931x_setup_serdes entrypoint by moving the SerDes
configuration sequences for the different SerDes modes into a dedicated
function called rtpcs_931x_sds_config_mode. They form a logical block
similar to what the SDK does and can be taken out to follow the
'divide & conquer' principle.
Jonas Jelonek [Tue, 11 Nov 2025 09:55:42 +0000 (09:55 +0000)]
realtek: pcs: rtl931x: don't return error on USXGMII setup
Configuring USXGMII on RTL931X was disable because it is not setup
properly right now. Affected devices need to rely on U-boot setup for
now. However, it is not the proper way to return an error in case we
just want to skip USXGMII configuration. Thus, just return 0 in that
case indicating it is properly configured.
Jonas Jelonek [Fri, 19 Dec 2025 10:11:06 +0000 (10:11 +0000)]
realtek: pcs: add mapping for SerDes hardware mode
Add a generic mapper for mapping the PHY_INTERFACE_MODE_* modes to the
SerDes hardware modes RTPCS_SDS_MODE_*. This is to be used by all
subtargets step-by-step and avoids having subtarget-specific code for
that simple mapping.
Jonas Jelonek [Wed, 17 Dec 2025 21:33:17 +0000 (21:33 +0000)]
realtek: pcs: rename SerDes mode field
Rename the mode field in rtpcs_serdes from 'mode' to 'hw_mode' to make
clear what it actually is, to avoid confusion with the phy_interface_t
'mode' usually passed to functions.
Shiji Yang [Fri, 12 Dec 2025 13:39:40 +0000 (21:39 +0800)]
kernel: rtl836x: convert to gpiod API
This is the recommended way for the OF based platform.
Tested-on TP-Link TL-WR2543N with RTL8367 switch:
```
root@OpenWrt:~# dmesg |grep -i rtl
[ 7.941126] rtl8367 rtl8367: cannot find mdio node phandle
[ 7.947562] rtl8367 rtl8367: RTL8367R ver. 0 chip found
[ 9.056830] rtl8367 rtl8367: cpu_port:9, assigned to extif0
root@OpenWrt:~# cat /sys/kernel/debug/gpio
gpiochip0: GPIOs 512-529, parent: platform/18040000.gpio, 18040000.gpio:
gpio-512 ( |lime:status ) out lo ACTIVE LOW
gpio-513 ( |rtl836x-sda ) in hi
gpio-518 ( |rtl836x-sck ) in lo
gpio-520 ( |lime:usb ) out hi ACTIVE LOW
gpio-523 ( |reset ) in hi IRQ ACTIVE LOW
gpio-524 ( |wps ) in hi IRQ ACTIVE LOW
```
realtek: ethernet: switch to new family_id location
family_id is now part of the register set and automatically assigned
during initialization. Make use of it. This is basically a conversion
from priv->family_id to priv->r->family_id.
While we are here convert some hard coded family ids to their proper
defines.
realtek: ethernet: provide soc family in register config
The ethernet driver currently determines the family from the soc_info
structure. To avoid the dependency add the family to the local register
structure.
realtek: ethernet: relocate ethernet below switchcore in DTS
The ethernet driver uses registers in the switchcore range.
Rearrange the DTS nodes accordingly. This allows to make use
of regmap with syscon_node_to_regmap(np->parent) later.
The Realtek Otto ethernet driver currently uses a single compatible
for all different models. Split this into the the four well known
subtargets. This allows to get rid of the central mach/soc include
later.
With kernel 6.18 the package shared structure will be hidden from
the phy drivers. Workaround that in advance by providing a shared
private structure that covers all information that is needed for
normal operation.
For further simplification provide a new join() function that takes
care of a consistent initialization.
Daniel Golle [Tue, 23 Dec 2025 14:49:48 +0000 (14:49 +0000)]
mediatek: filogic: asus,rt-ax57m: remove unused pinctrl groups
Remove unused pinctrl groups defined in the device tree, probably as a
result of importing the vendor device tree which is based on the
reference board from MediaTek's SDK.
114b5c2063 ("mediatek: filogic: Add support ASUS RT-AX57M") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2. Connect the PC via LAN to one of the yellow router ports and wait
until your PC to get a DHCP lease.
3. Browse to http://192.168.1.1 (or whatever your router IP is configured as)
4. If your router is brand new, finish the setup process and log into
the Web-UI.
5. Navigate to Administration -> Firmware Upgrade and upload the
downloaded OpenWrt initramfs.trx image.
6. Wait for OpenWrt to boot. Open the default OpenWrt IP in a web browser and perform a system upgrade using the sysupgrade image as instructed in the top banner.
---------------------------------------------------------------------------
Revert to stock firmware:
1: Install package facinstall -> https://forum.openwrt.org/t/facinstall-package-for-easy-installation-factory-images/177587
2. Install Asus stock trx image via OpenWRT LuCI interface.
Signed-off-by: Garrett Mesmer <garrettmesm@gmail.com> Co-authored-by: Oleg S <remittor@gmail.com> Signed-off-by: Oleg S <remittor@gmail.com> Link: https://github.com/openwrt/openwrt/pull/20491 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Jonas Jelonek [Mon, 22 Dec 2025 09:57:52 +0000 (09:57 +0000)]
realtek: image: add rt-loader-no-uimage recipe
Add a new recipe 'rt-loader-no-uimage' that passes the kernel load
address to rt-loader, causing it to use that instead of it's initial run
address.
The usual behavior is fine for uImages where the load address is
predefined in the header, U-boot loads the image to that address and
then runs it, rt-loader just takes over that address. For non-uImage
instead, the address is tightly coupled to where the image has been
transferred during serial or TFTP upload. This may not be possible on
several devices. Passing a separate kernel load address to rt-loader
decouples that and avoids taking the pain to change the load address of
the kernel itself.
rt-loader currently has two operation modes, piggy-backed and
standalone. In standalone mode, the kernel load address is read from the
uImage in flash. In piggy-backed mode, rt-loader instead uses its
initial run address (aka run address during first run) as the kernel
load address. This is safe and works fine for all devices either using
U-boot or having no issue uploading an image to the default kernel load
address 0x80100000.
To extend usecases, allow to specify a kernel load address when
building rt-loader. In this case, rt-loader uses this address instead of
the address inferred at runtime.
On certain Zyxel devices, this allows to upload and boot an rt-loader
piggy-backed image to an alternate address but keep the default kernel
load address of 0x80100000. BootExt on these devices occupies memory
above and will crash during transfer when this address is used as upload
location. Using this extension, the image can be uploaded to e.g.
0x80300000 and rt-loader will use 0x80100000 as the final load address.
This avoid taking the pain the adjust the load address of the kernel
itself.
Radek Dostál [Sun, 14 Dec 2025 09:37:06 +0000 (10:37 +0100)]
ath79: fix build of big images for TP RE355v1, RE450v1 & v2
After merge of https://github.com/openwrt/openwrt/pull/20709 I noticed,
that https://mirror-03.infra.openwrt.org/snapshots/targets/ath79/tiny/
still does not contain the build for RE450.
I analyzed the problem and noticed, that only builds which fits into
original size can be build and if the image is larger, it fails with
the following error: "WARNING: Image file .../openwrt/build_dir/
target-mips_24kc_musl/linux-ath79_tiny/tmp/
openwrt-ath79-tiny-tplink_re450-v1-squashfs-sysupgrade.bin is too big:
> 7864320".
This error is quite misleading as the image is smaller than 7864320. The
reason for this error is that default tplink-safeloader has hardcoded
factory partition structure and fails to generate any file.
Rather then fixing tplink-safeloader I followed approach from commit ebd5e5fb5359 ("ramips: switched TP-Link RE305 v1 to new partition layout")
and switched away from "tplink-safeloader sysupgrade".
I did not include "IMAGES := sysupgrade.bin", because with tiny target it
is still possible to locally build even factory image.
Fixes commit e768731dc8e9 ("ath79: switch TP-Link RE355 v1, RE450 v1 and
RE450 v2 to mtd-concat").
George Sapkin [Wed, 19 Nov 2025 23:50:03 +0000 (01:50 +0200)]
build: fix apk packaging and ABI-versioning
The updated logic for the APK dependencies and provides is as follows:
- If ABI version is defined:
- package is named `package_name-ABI_version`
- package implicitly provides
`package_name-ABI_version=package_version`
this implies that only one version of a package per ABI can be
installed at the same time
- additionally provide `package_name` so multiple packages can be
looked up by its base name
- for each `provides`, provide `provide-ABI_version=package_version`
this implies that only one version of a provide can be installed at
the same time
- else if ABI version is _not_ defined
- package is named `package_name`
- package implicitly provides `package_name=package_version`
this implies that only one version of a package can be installed at
the same time
- if `alternatives` is defined
- for each `provides`, provide `provide`
this implies that multiple versions of a provide can be installed
at the same time
- else if `alternatives` is _not_ defined
- for each `provides`, provide `provide=package_version`
this implies that only one version of a provide can be installed
at the same time
Both cases a package can be looked up by its base name.
ABI version `alternatives`, `conffiles`, `conffiles_static`, `list` and
`rusers` files so multiple versions of the same ABI package can be
installed side by side, and so they don't overwrite each other's
packaging files.
ABI version `EXTRA_DEPENDS` so dependencies can be correctly looked up
using the existing OpenWrt semantics without the ABI specified. This is
needed since ABI-versioned libraries no longer provide
`package_name=package_version`, so that they can be installed side by
side.
Remove duplicate dependencies when `EXTRA_DEPENDS` specifies a versioned
one that is already in `DEPENDS`.
ABI is defined
------------------------------------------------------------------------
`libsqlite3` has `PROVIDES` set to `libfake` and has two different ABI
versions installed. `libfake` is just an example to demonstrate the
mechanics, as the library can already be depended upon using e.g.
`libsqlite3-0=3.51.0-r1`. Note the ABI-versioned lists.
root@OpenWrt:/tmp# ls -lh /usr/lib/libsqlite3.so.*
lrwxrwxrwx 1 root root 20 Nov 20 00:23 /usr/lib/libsqlite3.so.0 -> libsqlite3.so.3.51.0
lrwxrwxrwx 1 root root 20 Nov 20 00:27 /usr/lib/libsqlite3.so.1 -> libsqlite3.so.4.00.0
-rwxr-xr-x 1 root root 1.0M Nov 6 18:19 /usr/lib/libsqlite3.so.3.51.0
-rwxr-xr-x 1 root root 1.0M Nov 6 18:19 /usr/lib/libsqlite3.so.4.00.0
```
ABI is not defined
------------------------------------------------------------------------
Both `avahi-dbus-daemon` and `avahi-nodbus-daemon` provide `avahi-daemon`,
but have no ABI specified. This results in `avahi-daemon=0.8-r11` provides
for both packages and only one being able to be installed at the same time:
Provides and alternatives
------------------------------------------------------------------------
Both `uclient-fetch` and `wget-nossl` provide `wget` and specify
alternatives, so provides are not versioned and both packages can be
installed at the same time:
Fixes: https://github.com/openwrt/openwrt/issues/20582 Fixes: https://github.com/openwrt/openwrt/issues/20802 Signed-off-by: George Sapkin <george@sapk.in> Link: https://github.com/openwrt/openwrt/pull/20819 Signed-off-by: Robert Marko <robimarko@gmail.com>
mediatek: fix pwn fan settings for sinovoip bpi-r3 (v3)
Popular cheap PWM fans for this machine, like the ones coming in
heatsink+fan combos will not work properly at the currently defined
medium speed. Trying different pwm setting using a command
pwm1 value fan rotation speed cpu temperature notes
-----------------------------------------------------------------
0 maximal 31.5 Celsius too noisy
40 optimal 35.2 Celsius no noise hearable
95 minimal
above 95 does not rotate 55.5 Celsius
-----------------------------------------------------------------
Current cooling levels are:
cooling-levels = <255 96 0>;
Thus only cpu-active-high and cpu-active-low modes are usable.
This patch fixes cpu-active-medium settings for bpi-r3 board.
This patch may not be enough. Users may wants to tweak their thermal_zone0
trip points, thus tuning fan rotation speed depending on cpu temperature.
That can be done on the base of the following example:
=== example =========
# cpu temperature below 25 Celsius degrees, no rotation
echo 25000 > /sys/class/thermal/thermal_zone0/trip_point_4_temp
# cpu temperature in [25..32] Celsius degrees, normal rotation speed
echo 32000 > /sys/class/thermal/thermal_zone0/trip_point_3_temp
# cpu temperature above 50 Celsius degrees, max rotation speed
echo 50000 > /sys/class/thermal/thermal_zone0/trip_point_2_temp
=====================
Changes v2:
* put patch to a proper directory
* updated patch description
* tested with latest openwrt based on linux-6.6
Changes v3:
* use upstream linux patch
* update patch description
Shiji Yang [Thu, 11 Dec 2025 11:16:56 +0000 (19:16 +0800)]
arm-trusted-firmware-mediatek: use MT/s as DDR speed unit
Usually we do not use MHz to describe the DDR transmission rate. In
fact, the clock frequency of the DDR3-1866 is only 933 MHz. MT/s is
a more commonly used unit.
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Dominic Germain [Fri, 19 Dec 2025 14:46:57 +0000 (09:46 -0500)]
kernel: add option for USB FunctionFS gadget
Add menuconfig option 'kmod-usb-gadget-fs' for the USB FunctionFS gadget
module
OpenWRT is perfect for USB gadgets that are network-enabled, since it
provides everything needed to easily manage the device. Having support
for the FunctionFS gadget enables the use of any custom USB devices
that does not have a specific module, like Media Transfer Protocol.
fakeroot /home/openwrt/openwrt/openwrt/staging_dir/host/bin/apk
mkpkg --info "name:kernel" --info "version:6.15-rc1~c4bf...1f6-r1"
ERROR: info field 'version' has invalid value: package version is invalid
The apk metadata specification reads:
"... Currently the APK version specification is as follows:
number{.number}...{letter}{_suffix{number}}...{~hash}{-r#} ...
Optionally one or more _suffix{number} components can follow.
The list of valid suffixes (and their sorting order) is: alpha,
beta, pre, rc, <no suffix>, cvs, svn, git, hg, p."
Given that the kernel uses "-rcX" naming scheme and apk requires
"_rcX" instead, simply translate the dash to an underscore for
these builds.
packages: nvram: add set_bcm43602_variables quirk for ASUS RT-AC3200
Broadcom BCM43602 needs certain NVRAM variables to be set to function. Add
a quirk for it and add ASUS RT-AC3200 which has got Broadcom BCM43602 to
the quirk. Thanks to Tom Brautaset for finding the needed variables.
Signed-off-by: Chester A. Unal <chester.a.unal@arinc9.com>
packages: nvram: add asus,rt-ac{3200,5300} to set_wireless_led_behaviour
Add ASUS RT-AC3200 and ASUS RT-AC5300 to the set wireless LED behaviour
quirk. ASUS RT-AC3200's wireless chip is different than ASUS RT-AC5300's,
the environment variables for it are 0:ledbh10 and 1:ledbh10.
Signed-off-by: Chester A. Unal <chester.a.unal@arinc9.com>
bcm53xx: add support for ASUS RT-AC3200 and ASUS RT-AC5300
ASUS RT-AC3200 and ASUS RT-AC5300 are AC3200 and AC5300 routers,
respectively, featuring 5 Ethernet ports over the integrated Broadcom
switch.
ASUS RT-AC3200 hardware info:
* Processor: Broadcom BCM4709A0 dual-core @ 1.0 GHz
* Switch: BCM53012 in BCM4709A0
* DDR3 RAM: 256 MB
* Flash: 128 MB
* 2.4GHz: BCM43602 3x3 single chip 802.11b/g/n SoC
* 5GHz: BCM43602 3x3 two chips 802.11a/n/ac SoC
* Ports: 4 LAN Ports, 1 WAN Port
ASUS RT-AC5300 hardware info:
* Processor: Broadcom BCM4709C0 dual-core @ 1.4 GHz
* Switch: BCM53012 in BCM4709C0
* DDR3 RAM: 512 MB
* Flash: 128 MB
* 2.4GHz: BCM4366 4x4 single chip 802.11b/g/n SoC
* 5GHz: BCM4366 4x4 two chips 802.11a/n/ac SoC
* Ports: 4 LAN Ports, 1 WAN Port
Flashing instructions:
* Boot to CFE Recovery Mode by holding the reset button while power-on.
* Connect to the router with an ethernet cable.
* Set IPv4 address of the computer to 192.168.1.2 subnet 255.255.255.0.
* Head to http://192.168.1.1.
* Reset NVRAM.
* Upload the OpenWrt image.
CFE bootloader may reject flashing the image due to image integrity check.
In that case, follow the instructions below.
* Rename the OpenWrt image as firmware.trx.
* Run a TFTP server and make it serve the firmware.trx file.
* Run the URL below on a browser or curl.
http://192.168.1.1/do.htm?cmd=flash+-noheader+192.168.1.2:firmware.trx+flash0.trx
Signed-off-by: Chester A. Unal <chester.a.unal@arinc9.com>
1450e1e2b7ff odhcpd: remove fallback DNS search domain 5b0e5c412f6c router: remove some log spam in send_router_advert() eddd0f8f0d00 router: improve send_router_advert() 35f0e05a16a0 config: add default value for dhcpv6_pd_min_len 62113d007a6a config: allow minimum PD len up to 64 03c1468355c0 Revert "router: optimize duplicated PIO comparison" 6b88c314a59e statefiles: don't consider no hostname as broken
Petr Štetiar [Tue, 16 Dec 2025 16:42:19 +0000 (16:42 +0000)]
dropbear: bump to 2025.89 (CVE-2025-14282, CVE-2019-6111)
- Security: Avoid privilege escalation via unix stream forwarding in Dropbear
server. Other programs on a system may authenticate unix sockets via
SO_PEERCRED, which would be root user for Dropbear forwarded connections,
allowing root privilege escalation.
Reported by Turistu, and thanks for advice on the fix.
This is tracked as CVE-2025-14282, and affects 2024.84 to 2025.88.
It is fixed by dropping privileges of the dropbear process after
authentication. Unix stream sockets are now disallowed when a
forced command is used, either with authorized_key restrictions or
"dropbear -c command".
In previous affected releases running with "dropbear -j" (will also disable
TCP fowarding) or building with localoptions.h/distrooptions.h
"#define DROPBEAR_SVR_LOCALSTREAMFWD 0" is a mitigation.
- Security: Include scp fix for CVE-2019-6111. This allowed
a malicious server to overwrite arbitrary local files.
The missing fix was reported by Ashish Kunwar.
- Server dropping privileges post-auth is enabled by default. This requires
setresgid() support, so some platforms such as netbsd or macos will have to
disable DROPBEAR_SVR_DROP_PRIVS in localoptions.h. Unix stream forwarding is
not available if DROPBEAR_SVR_DROP_PRIVS is disabled.
Remote server TCP socket forwarding will now use OS privileged port
restrictions rather than having a fixed "allow >=1024 for non-root" rule.
A future release may implement privilege dropping for netbsd/macos.
- Fix a regression in 2025.87 when RSA and DSS are not built. This would lead
to a crash at startup with bad_bufptr().
Reported by Dani Schmitt and Sebastian Priebe.
- Don't limit channel window to 500MB. That is could cause stuck connections
if peers advise a large window and don't send an increment within 500MB.
Affects SSH.NET https://github.com/sshnet/SSH.NET/issues/1671
Reported by Rob Hague.
- Ignore -g -s when passwords arent enabled. Patch from Norbert Lange.
Ignore -m (disable MOTD), -j/-k (tcp forwarding) when not enabled.
- Report SIGBUS and SIGTRAP signals. Patch from Loïc Mangeonjean.
- Fix incorrect server auth delay. Was meant to be 250-350ms, it was actually
150-350ms or possibly negative (zero). Reported by pickaxprograms.
- Fix building without public key options. Thanks to Konstantin Demin
- Fix building with proxycmd but without netcat. Thanks to Konstantin Demin
- Fix incorrect path documentation for distrooptions, thanks to Todd Zullinger
- Fix SO_REUSEADDR for TCP tests, reported by vt-alt.
Dropped:
* 050-dropbear-multihop-fix.patch as its included in the release 5cc0127000db5f
* 051-fix-pubkey-options.patch as its included in the release 1d4c4a542cd5df
* 052-fix-missing-depends-for-sntrup761x25519-sha512.patch as its included
in the release 1a2c1e649a1824
* 053-Don-t-limit-channel-window-to-500MB.patch as its included in the release a8610f7b98ad
Manually rebased:
* 110-change_user.patch
Fixes: CVE-2025-14282, CVE-2019-6111 Reviewed-by: Hauke Mehrtens <hauke@hauke-m.de> Reviewed-by: Konstantin Demin <rockdrilla@gmail.com> Tested-by: Konstantin Demin <rockdrilla@gmail.com> [mediatek/filogic (GL.iNet GL-MT6000)] Link: https://github.com/openwrt/openwrt/pull/21186 Signed-off-by: Petr Štetiar <ynezz@true.cz>
This fixes a boot hang on realtek rtl838x switches.
This is the last printed message:
Inode-cache hash table entries: 8192 (order: 3, 32768 bytes, linear)
Thread on mips mailing list:
https://lore.kernel.org/linux-mips/b35fe4b3-8f42-49f4-a6bf-9f0e56d4050c@hauke-m.de/T/#u
Rany Hany [Mon, 15 Dec 2025 17:11:24 +0000 (19:11 +0200)]
wifi-scripts: update phys after rename_phy_by_name call
This fixes a failed bring up of the radio on bootup
if the model defines a rename of phy in its /etc/board.json.
This specifically impacts Redmi AX6S and any router that does so
in its /etc/board.json. The fix fortunately is simple, just update
phy name in phys after rename.
The entry that specifically causes this issue is the following:
The issue is that after rename, referenced phy in config is going to be
wl0 but in phys array it is still phy0; and so it fails to find phy
and does not bring up radio.
Fixes: https://github.com/openwrt/openwrt/issues/20250 Fixes: https://github.com/openwrt/openwrt/issues/20339 Signed-off-by: Rany Hany <rany_hany@riseup.net> Link: https://github.com/openwrt/openwrt/pull/21175 Signed-off-by: Robert Marko <robimarko@gmail.com>
Jonas Jelonek [Tue, 16 Dec 2025 12:06:57 +0000 (12:06 +0000)]
realtek: mdio-serdes: use correct device table identifier
Use the correct identifier 'rtsds_of_match' instead of
'rtsds_mdio_of_match' because the latter doesn't exist.
This doesn't cause an error for 6.12. However, with 6.18 the
implementation of MODULE_DEVICE_TABLE has changed to use 'static' and
'used' [1] instead of 'extern' and 'unused' [2].
Jonas Jelonek [Thu, 11 Dec 2025 23:33:59 +0000 (23:33 +0000)]
realtek: pcs: move polarity into SerDes struct
As a first real usage of the new SerDes struct, move the polarity
configuration there. It was previously located in the global rtpcs_ctrl
struct as an array, indexed by SerDes id. Because this is per-SerDes
information, the new SerDes struct is the correct place to live in.
Jonas Jelonek [Sat, 13 Dec 2025 10:48:52 +0000 (10:48 +0000)]
realtek: pcs: drop unneeded SerDes number range checks
By using references to pre-initiated SerDes instances instead of plain
SerDes number, there is no need to check for the range anymore in
various places. During driver/pcs init it is ensured that only valid
SerDes will reach the configuration functions.
Jonas Jelonek [Sat, 13 Dec 2025 20:12:13 +0000 (20:12 +0000)]
realtek: pcs: make use of SerDes struct in set_autoneg
Also switch set_autoneg (and related helper rtpcs_sds_modify) to the
SerDes struct instead of the plain SerDes id by using just the reference
to the SerDes instance instead of (ctrl, sds_id) tuple. This completes
the transition.
Jonas Jelonek [Thu, 11 Dec 2025 21:42:38 +0000 (21:42 +0000)]
realtek: pcs: make use of SerDes struct in SerDes setup
Make use of the previously added SerDes struct in SerDes setup and all
functions in its call path by removing (ctrl, sds_num) being passed to
every function call and instead just pass the reference to the
corresponding SerDes instance.
Various SerDes calculations for even, odd and neighbor are unified by
switching to previously introduced helpers.
Jonas Jelonek [Sat, 13 Dec 2025 20:01:03 +0000 (20:01 +0000)]
realtek: pcs: switch to id from SerDes struct
Drop usage of the to-be-phased-out SerDes id stored in rtpcs_link and
use the reference to the SerDes instance to use the embedded id in
rtpcs_serdes instead.
Jonas Jelonek [Sat, 13 Dec 2025 10:29:56 +0000 (10:29 +0000)]
realtek: pcs: assign SerDes reference upon PCS creation
Upon creation of a phylink_pcs instance by calling rtpcs_create, assign
a reference to the corresponding SerDes to the link structure. In the
next step, this should be used everywhere instead of the plain SerDes
number.
Rename the field used to hold the SerDes number from 'sds' to 'sds_num'
and name the new field 'sds' to make clear what is what.
Jonas Jelonek [Sat, 13 Dec 2025 10:16:21 +0000 (10:16 +0000)]
realtek: pcs: add helpers for even, odd, neighbor SerDes
Add dedicated helpers to get references to even, odd and neigbor SerDes
if needed. This should replace the various calculations scattered
throughout the code, providing a unified way to work with adjacent
SerDes.
Jonas Jelonek [Sat, 13 Dec 2025 10:12:35 +0000 (10:12 +0000)]
realtek: pcs: add separate SerDes struct
Add a separate structure for a SerDes. This is needed to appropriately
store per-SerDes information, which in turn is needed for future work.
Additionally, it's intended to reduce boilerplate and several
inconsistencies.
Jonas Jelonek [Sat, 13 Dec 2025 09:10:55 +0000 (09:10 +0000)]
realtek: pcs: use per-variant SerDes count
Use a separate configuration field for the number of SerDes for each
variant of the Realtek Otto family. Add this field to the config
structure, assign it and use it during driver probe. This narrows
possible error cases and is needed for upcoming extensions.
Jonas Jelonek [Thu, 11 Dec 2025 19:17:26 +0000 (19:17 +0000)]
realtek: pcs: add dedicated enum for SerDes modes
The Realtek SerDes mode capabilities do not map 1:1 to the
PHY_INTERFACE_MODE_* modes used in the kernel and passed to the PCS.
For example, some PHY chips use the proprietary XSGMII mode for which
there isn't an equivalent in the kernel, or HSGMII.
In the past, this led to problems and confusion using kernel's XGMII to
handle the XSGMII mode, and needed a downstream patch for HSGMII. They
have been solved/worked around for now, but XSGMII is currently not
implemented at all. And who knows what might come in the future.
To make our life easier, introduce a dedicated internal representation
of SerDes modes which differs from kernel's PHY_INTERFACE_MODE_*. This
allows us to map "external" modes to different internal modes as needed
instead of carrying the PHY_INTERFACE_MODE_* through the whole SerDes
configuration code. The PCS driver needs to map PHY_INTERFACE_MODE_* to
RTPCS_SDS_MODE_* in pcs_config, and the latter should be used as the
only one.
Jonas Jelonek [Fri, 12 Dec 2025 20:05:52 +0000 (20:05 +0000)]
realtek: pcs: rtl930x: drop unused and broken function
Drop the unused and broken function rtpcs_930x_sds_clock_wait from the
PCS driver. The proper working variant is already some lines above and
called rtpcs_930x_sds_wait_clock_ready.
Jonas Jelonek [Thu, 11 Dec 2025 22:37:33 +0000 (22:37 +0000)]
realtek: pcs: drop PCS creation without SerDes ref
Since the beginning, the PCS driver had the ability to call its
rtpcs_create without a reference to a valid PCS node. A comment in the
code mentions that this is done for RTL838X and its built-in octa-PHY
which is connected directly instead of via a SerDes. Further
explanations are not provided.
Drop this ability and make the rtpcs_create call in the dsa driver
conditional. As the built-in PHY of RTL838X isn't attached to a SerDes,
there is no obvious point of having the PCS driver in that chain. The
ports are marked as internal and have no pcs-handle, thus no phylink_pcs
instance should be created.
Jonas Jelonek [Tue, 16 Dec 2025 10:20:13 +0000 (10:20 +0000)]
realtek: mdio-serdes: improve debugfs creation
Commit 3c073b5cb2 cleaned up the debugfs creation in
mdio-realtek-otto-serdes driver to not explicitly check if the root
directory already exists. This is fine because kernel handles the case
properly so there's no need to check anymore.
However, this pollutes the boot log with:
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
Now, the root directory creation is attempted multiple times, causing
the kernel to print an error message because the directory already
exists.
Fix this by moving the SerDes loop into rtsds_debug_init and only try
to create the root debugfs directory once.
Christoph Krapp [Sat, 22 Nov 2025 21:34:04 +0000 (22:34 +0100)]
ipq40xx: convert Orbi led labels to function/color
The eight leds controlled by the LED controller are RGB leds themselves
but are flashing white by default. The color part is controlled by GPIOs
53 (green), 54 (red), 57 (blue) and 60 (white).
Therefore define the led nodes of the controller as white instead of RBG
as well as backlight as their function.
Christoph Krapp [Sat, 22 Nov 2025 19:42:33 +0000 (20:42 +0100)]
ipq40xx: fix second 5ghz radio on Netgear RBx40
When support was added for the RBR40 and RBS40 it was assumed that they
also share the same second 5ghz wifi chip as their bigger siblings.
Turns out that instead of QCA9984 (RBx50, SRx60) these devices use
QCA9886 like the RBx20 devices to.
They also load different boardfiles for the IPQ4019 chip.
This moves the wifi nodes from the orbi.dtsi to each device dts file and
change the RBx40 boardfile variants.
Christoph Krapp [Sat, 22 Nov 2025 19:20:14 +0000 (20:20 +0100)]
ipq40xx: split orbi devices in router and satellite
Netgear Orbi devices are split into router and satellite units. Even
though the hardware is mostly the same, the network configuration is
different. Router units have a designated WAN port while satellite units
have all available ports labeled as "Ethernet".
This splits the device trees into both unit types and adjusts the port
labels.
sunxi: image: sync target profiles names with DT compatible
Following up with errors reported in the ASU repo, these bananapi cases
do not match the DT compatible "bpi", sync with dts sources.
Also some profiles were overwriting SUPPORTED_DEVICES.
Sysupgrade would be failing in SUPPORTED_DEVICES check since
the DT compatible(/tmp/sysinfo/board_name) is not in SUPPORTED_DEVICES.
This should also fix errors when using ASU sysupgrade clients.
- Sync profile makefile target names with DT compatibles.
- Fix overwrites of SUPPORTED_DEVICES instead of appending.
- Adapt the uboot-sunxi profiles accordingly.
*bpi-p2-zero dts is still not upstream.
V2:
- Include fixes for arm926ejs(ARM926EJ-S) subtarget (LicheePi Nano and
PopStick v1.1) (profile rename for correct default SUPPORTED_DEVICES)
Fixes: https://forum.openwrt.org/t/luci-attended-sysupgrade-support-thread/230552/246 Fixes: https://github.com/openwrt/asu/issues/486 Fixes: https://github.com/openwrt/asu/issues/524 Fixes: 9aa66b8ce730aebff76d353392151708a897a3a0 "sunxi: add support for Banana Pi M2 Berry" Fixes: d5f615bf2a0434c15d13943b566d46f25da579bb "sunxi: add support for Sinovoip Banana Pi M2 Plus" Fixes: 3819c1638a9d300840d0f869628891f9696be112 "sunxi: Add support for Banana Pi M2 Ultra" Fixes: 6bf8193b25a147abfe3720104e63af890c1ca2b8 "sunxi: add support for Bananapi P2 Zero" Fixes: 80edfaf675364835e6d2e17d97ebec6afc6b2103 "sunxi: add support for Banana Pi M3" Fixes: 3c24a1d423a6052b101c00cb7d94e70d72702639 "sunxi: add support for NanoPi NEO Plus2 board" Fixes: a689307c970e37c247c6452ba3963be8b109eb4f "sunxi: build image/uboot for the NanoPi NEO2" Fixes: fde68cb80941a60be93ece75e808b5b407d11cc8 "sunxi: add support for FriendlyARM NanoPi R1S H5" Fixes: 3ec468ff4fa3106d459ae58ec4bc4833715118c6 "sunxi: add F1C100 (arm926ej-s) support" Signed-off-by: Mario Andrés Pérez <mapb_@outlook.com> Link: https://github.com/openwrt/openwrt/pull/21095 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Martin Nadvornik [Mon, 15 Dec 2025 15:54:52 +0000 (16:54 +0100)]
mediatek: fix IPv4 address missing on interface in failsafe mode for cudy ap3000-v1
cudy ap3000-v1 did not work correctly in failsafe mode
because the address 192.168.1.1 was missing on the eth0 inteface.
it was reachable via it's IPv6 link-local address however.
this commit fixes the issue.
Rany Hany [Sat, 29 Nov 2025 00:04:09 +0000 (00:04 +0000)]
wifi-scripts: add support for using list for iface in wifi-station/vlan
This is a trivial change to allow users to use 'list' on iface.
Old wifi-scripts already implements this, so this just ensures
that shell-based and ucode wifi-scripts are on-par with each other.
Rany Hany [Sat, 29 Nov 2025 10:37:22 +0000 (12:37 +0200)]
wifi-scripts: fix broken match all case for wifi-vlan
When iface is omitted, wifi-vlan will apply to all interfaces.
However, netifd.set_vlan call is not successful as it assumes
that every wifi-vlan section corresponds to one VIF.
For this reason in the wifi-vlan case (cur_type == "vlan")
we create a composite key in the form `${vif.name}/${vlan.name}`
allowing the same vlan section to correspond to multiple VAPs.
`/` was decided as a delimiter as it is an invalid character
for a network interface name and UCI identifier; so it is
impossible for it to cause conflicts.
It was verified that the `ubus call network.wireless status`
works as expected with this change. Moreover, wifi-station
is not susceptible to this problem.
This also means that it is now possible for wifi-vlan
to support `list` iface similar to old shell-based wifi-scripts.
This will be done in a follow-up commit.
Fixes: 98435a37a7 ("wifi-scripts: iface should be optional in wifi-vlan definition") Signed-off-by: Rany Hany <rany_hany@riseup.net> Link: https://github.com/openwrt/openwrt/pull/20977 Signed-off-by: Robert Marko <robimarko@gmail.com>
cf51aeb93220 odhcpd: fix captive_portal_uri reset e8b7fdea8d5e dhcpv4: fix DNS server option b84553e496a3 router: Modify relayed RA PIO P flag according to interface policy da3e2a9829cc router: Modify relayed RA PIO A flags according to interface policy bad7138b70f0 README.md: update dhcp ubus events
David Woodhouse [Sat, 29 Nov 2025 16:18:26 +0000 (16:18 +0000)]
image: add CONFIG_EXTRA_IMAGE_NAME
This allows an optional tag to be put in the .config file which is
included in the filename of the resulting images, so it's easier to
build images with different functionality for the same target hardware.
projects / thirdparty / openwrt.git / log
