Shiji Yang [Fri, 3 Apr 2026 14:40:13 +0000 (22:40 +0800)]
ath79: refresh 6.18 kernel config files
CONFIG_PAGE_BLOCK_MAX_ORDER was set to 10 as the page size is 4k.
All other kernel symbols are automatically refreshed by
`make kernel_oldconfig CONFIG_TARGET=target` and
`make kernel_oldconfig CONFIG_TARGET=subtarget`.
Add $(Device/uimage-rt-loader) to Device/zyxel_gs1900 to use lzma
compression for the sysupgrade kernel image. This saves approximately
1 MB of flash space compared to the previous gzip compression, leaving
more room for the rootfs overlay.
Add support for the Zyxel GS1900-48HP A1 managed PoE switch based on
RTL8393 SoC with 48 copper ports (6x RTL8218B), 2 SFP slots and PoE
(170W budget). Includes DTS, image definition, network config and
u-boot-env support.
The device has 48 copper ports but only ports 1-24 are powered by
the PoE PSE controller.
PoE support requires the realtek-poe package from the packages feed
with an additional configuration for PSE ID 7 to address the MCU on
this device.
Signed-off-by: Klaus Rubenstein <klaus.rubenstein@gmail.com> Signed-off-by: Sander Vanheule <sander@svanheule.net>
Move the shared hardware description from rtl8393_zyxel_gs1900-48-a1.dts
into a common rtl8393_zyxel_gs1900-48.dtsi include file. This allows
other GS1900-48 variants to reuse the shared definitions.
malta: restore CONFIG_PAGE_BLOCK_MAX_ORDER=10 for 6.18
Restore CONFIG_PAGE_BLOCK_MAX_ORDER=10 in malta 6.18 config fragments
to fix build failures where PAGE_BLOCK_MAX_ORDER was undefined.
Support for Linux 6.18 on malta was added after this OpenWrt change:
https://github.com/openwrt/openwrt/commit/ac0cb87a453698efc6c812e4f27cadbeb208f14e.
Before that integration, the kernel option CONFIG_PAGE_BLOCK_MAX_ORDER=10
was provided in target/linux/generic/config-6.18 and applied broadly.
After the malta 6.18 integration the generic fragment no longer supplied
this option for malta targets, which caused some backported code paths
and drivers to assume PAGE_BLOCK_MAX_ORDER was defined and led
to compilation failures.
Shiji Yang [Fri, 10 Apr 2026 13:08:24 +0000 (21:08 +0800)]
lantiq: move device tree files to target dts directory
In this target, we only use downstream dts files. And it doesn't
seem like there will be significant changes upstream. Move dts files
to the target dts folder to avoid copying them over and over again
during annual kernel upgrades.
Jack Sun [Wed, 8 Apr 2026 13:15:24 +0000 (21:15 +0800)]
openssl: update to 3.5.6
This release incorporates the following bug fixes and mitigations:
Fixed incorrect failure handling in RSA KEM RSASVE encapsulation.
(CVE-2026-31790)
Fixed loss of key agreement group tuple structure when the DEFAULT keyword
is used in the server-side configuration of the key-agreement group list.
(CVE-2026-2673)
Fixed potential use-after-free in DANE client code.
(CVE-2026-28387)
Fixed NULL pointer dereference when processing a delta CRL.
(CVE-2026-28388)
Fixed possible NULL dereference when processing CMS KeyAgreeRecipientInfo.
(CVE-2026-28389)
Fixed possible NULL dereference when processing CMS
KeyTransportRecipientInfo.
(CVE-2026-28390)
Fixed heap buffer overflow in hexadecimal conversion.
(CVE-2026-31789)
Jonas Jelonek [Sat, 11 Apr 2026 08:20:40 +0000 (08:20 +0000)]
realtek: pcs: drop confusing macros
Drop two confusing macros 'PHY_PAGE_2' and 'PHY_PAGE_4'. Though we
rather want to have meaningful names instead of magic values everywhere,
those two macros do it totally wrong. They still have the old naming
from times where SerDes was treated as a PHY, and they add no real
context to what page they are actually referring. Thus, replace them
with plain values in their two usages each until we have a better
overall solution.
Nick Hainke [Wed, 8 Apr 2026 07:59:24 +0000 (09:59 +0200)]
ethtool: drop rss-input-xfrm compatibility patch
The rss-input-xfrm workaround for Linux 6.6 is no longer needed with
current kernel versions. Remove the patch and the associated
--enable-rss-input-xfrm configure flag.
Shiji Yang [Mon, 26 Jan 2026 15:10:10 +0000 (23:10 +0800)]
arm-trusted-firmware-mediatek: update to v2026-01-23
The highlight of this version is that the bl2 size will be reduced
by 60+ KB. The MT7987 SPI interface selection hack was replaced by
upstream implementation with the new symbol SPIM_NAND_PREFER_SPI2.
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
airoha: an7581: generalize eMMC DTS and add Kite variant
Generalize the eMMC DTS to common node and add a variant with the Kite WiFi
chip installed. Also rename the eMMC model name and add the Eagle name to
it.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The bootloader on this device is old and supports no lzma. So use
lzma-loader to work around this and get the size smaller so that an
image can actuallly be created and flashed. Because of these size
problems, the last usable version of OpenWrt was 23.05.
This UIMAGE_MAGIC seems to be used by other Netgear devices. Add to
avoid
jffs2: jffs2_scan_eraseblock(): Magic bitmask 0x1985 not found at
0x00000000: 0x2705 instead
Make clear that the driver instructs the hardware via a port and
its number. To be consistent with other refactoring swap variable
addr for pn in this case.
The mdio controller inside the Realtek switches drives multiple busses.
Until now the driver exposed a flattened single bus (aka port view).
Align to the upstream driver and expose up to 4 busses depending on
the dts definition. For this:
1. Adapt rtmdio_probe() so it calls rtmdio_probe_one() for each child
dts child node that represents a single bus.
2. Adapt rtmdio_probe_one() so it registers a single bus in "full-auto"
mode. No more hacks via fwnode_mdiobus_register_phy() needed.
3. Adapt rtmdio_phy_to_port() so it uses a lookup based on the new
topology.
4. Adapt rtmdio_get_phy_info() for multiple busses.
5. In the DSA driver adapt the mdio controller load check to wait
until all busses have been registered.
realtek: mdio: decouple controller setup from bus reset
Some central controller setup is currently realized in the bus reset
functions. As soon as we have multiple busses this coding will be
called multiple times. Rename the reset() functions to setup_ctrl()
and call that only once before the bus probing.
While we are here harmonize the variable for the bus loops and name
it smi_bus.
realtek: mdio: derive polling setup from control structure
All configuration helpers have been converted to look at the
control structure. Do the same for setup_polling(). With
this move the call location out of rtmdio_probe_one() into
the parent rtmdio_probe() where it belongs.
realtek: mdio: derive phy info from control structure
For polling setup the driver looks up the atached phy ids with
function rtmdio_get_phy_info(). This derives the data from a
given bus and a port number. While this works for a single bus
the combination of port and bus makes no sense. One is the global
view the other the bus individual view. Change the signature so
the lookup is done globally via ctrl/port.
realtek: mdio: rename for_each_phy() to for_each_port()
Currently phy and port are basically the same. One bus and each
port has a phy assigned. In the future the driver will make use
of multiple busses. Each of them will have a distinct set of
phys.
To make the iterators clearer use "port" for macros when the
driver must access the hardware independent from the bus. In this
case use "pn" (aka port number) as an iterator variable.
The RTL8224 driver now puts the PHY into the proper mode, but the SerDes
side is still missing. It was deactivated due to a known regression.
Thus, allow USXGMII-QX configuration since both sides should be properly
configured now.
mediatek: filogic: fix EAX17 rootfs hash in FIT node for per-device rootfs builds
When CONFIG_TARGET_PER_DEVICE_ROOTFS is enabled (as in buildbot builds),
the final per-device rootfs is assembled at root.squashfs+pkg=<hash> rather
than root.squashfs. The gen_netgear_rootfs_node.sh script was always hashing
root.squashfs (the base rootfs without device-specific packages), causing the
size and hash in the FIT node to not match the actual rootfs written to the
UBI volume, resulting in boot failure on buildbot-produced images.
Fix by using the per-device rootfs path when TARGET_PER_DEVICE_ROOTFS is set,
consistent with how include/image.mk handles the same distinction elsewhere.
Fixes: 46ab9f3f1c ("filogic: add support for Netgear EAX17") Signed-off-by: Jascha Sundaresan <flizarthanon@gmail.com> Link: https://github.com/openwrt/openwrt/pull/22839 Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
build: set max-page-size linker flag to match target page size
ELF binaries embed the maximum page size used during linking in the
PT_LOAD segment alignment. If this value is larger than the actual
system page size, the kernel will still load the binary but wastes
memory due to over-alignment. If it is smaller, the binary may fail
to load or cause incorrect behavior with features like RELRO.
Most architectures use 4KB pages, but loongarch64 uses 16KB pages
(CONFIG_PAGE_SIZE_16KB). Explicitly pass -z max-page-size to the
linker so that binaries are built with the correct page alignment for
the target, avoiding issues with RELRO segment padding and ensuring
correct memory mapping on the target system.
Before binutils 2.39 RELRO sections were padded to common page size
which is 4K on MIPS, with binutils 3.29 the padding was changed to
max page size which is 64K on MIPS. With this change we will pad them to
4K again.
This reduces the size of user space binaries in OpenWrt.
The size of the uncompressed root file system of a mips malta be build
decreased by about 20%.
old file size:
```
$ du -s build_dir/target-mips_24kc_musl/root-malta/
15844 build_dir/target-mips_24kc_musl/root-malta/
```
New file size:
```
$ du -s build_dir/target-mips_24kc_musl/root-malta/
12564 build_dir/target-mips_24kc_musl/root-malta/
```
The size of the image did not decrease much because of the strong
compression used by OpenWrt.
ramips: restore CONFIG_PAGE_BLOCK_MAX_ORDER=10 for 6.18
Restore CONFIG_PAGE_BLOCK_MAX_ORDER=10 in ramips 6.18 config fragments
to fix build failures where PAGE_BLOCK_MAX_ORDER was undefined.
Support for Linux 6.18 on ramips was added after this OpenWrt change:
https://github.com/openwrt/openwrt/commit/ac0cb87a453698efc6c812e4f27cadbeb208f14e.
Before that integration, the kernel option CONFIG_PAGE_BLOCK_MAX_ORDER=10
was provided in target/linux/generic/config-6.18 and applied broadly.
After the ramips 6.18 integration the generic fragment no longer supplied
this option for ramips targets, which caused some backported code paths
and drivers to assume PAGE_BLOCK_MAX_ORDER was defined and led
to compilation failures.
Daniel Pawlik [Mon, 16 Mar 2026 13:26:51 +0000 (14:26 +0100)]
mediatek: device tree overlay for BPI-R4 with BE14 module
Some Banana Pi BPI-R4 BE14 WiFi modules are shipped with zeroed
tx_power fields in EEPROM (2G/5G/6G). This leads to low transmit power
on affected bands.
This overlay provides known-good EEPROM data (including correct tx_power
values for 2G/5G/6G bands) dumped from a working BE14 module.
To enable BE14 overlay, add into u-boot bootconf_extra
parameter: 'mt7988a-bananapi-bpi-r4-wifi-be14'.
You can use example script:
overlay="mt7988a-bananapi-bpi-r4-wifi-be14"
current="$(fw_printenv -n bootconf_extra 2>/dev/null)"
if [ -n "${current}" ]; then
fw_setenv bootconf_extra "${current}#${overlay}"
else
fw_setenv bootconf_extra "${overlay}"
fi
Earlier proposal proposed in [1] was fallback to default values if
invalid EEPROM content is detected.
There is only one check left for that attribute in rtldsa_port_mdb_add().
Split the consumer into device specific implementations and remove the
attribute from the private structure.
The soc_info structure should only be used in the mach setup
functions. Drop its usage in the dsa qos functions. Instead
derive the data from the das private structure.
For a long time the dsa driver has been providing a builtin mdio bus
via dsa default attribute user_mii_bus. This simply uses read/write
commands from the standard realtek otto bus (aka parent). The reason
has always been unclear.
Looking around the kernel 6.18 codebase there is only one case where
this is really needed. The only consumer is dsa_user_phy_setup().
ret = phylink_of_phy_connect(dp->pl, port_dn, phy_flags);
if (ret == -ENODEV && ds->user_mii_bus) {
/* We could not connect to a designated PHY or SFP, so try to
* use the switch internal MDIO bus instead
*/
ret = dsa_user_phy_connect(user_dev, dp->index, phy_flags);
}
Luckily the phylink_of_phy_connect() works fine and the internal bus
access is not needed at all. No need to keep the bus alive. Drop it.
While we are here fix the error handling issue of this code
if (!of_device_is_available(dn))
ret = -ENODEV;
Returncode was set to error but never handed back to the caller.
Enable CONFIG_SERIAL_8250_MID in the generic x86 configuration.
This enables hardware serial console access on Intel Atom C3000
(Denverton) platforms, which rely on the High-Speed UART driver.
It also benefits other Intel MID platforms across the x86
architecture.
Jonas Köppeler [Wed, 11 Mar 2026 17:14:52 +0000 (18:14 +0100)]
kernel: cake_mq: expose sync_time parameter via debugfs
This patch enables for the configuration of the sync_time parameter.
The value of the sync_time needs to be specified in nanoseconds.
The default value is 200us (200 000 ns).
This is especially helpful to get feedback from users about suitable
values. Once a solid solution is found this patch can be removed.
Signed-off-by: Jonas Köppeler <j.koeppeler@tu-berlin.de> Link: https://github.com/openwrt/openwrt/pull/22380
[Add patch to kernel 6.18 too] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Fil Dunsky [Mon, 30 Mar 2026 14:07:28 +0000 (17:07 +0300)]
mediatek: add Huasifei WH3000 Pro NAND support
This commit adds support for Huasifei WH3000 Pro NAND version.
There is an eMMC already supported in OpenWrt. The only difference is NAND chip.
This commit adds common .dtsi and separate .dts
for eMMC and nand versions.
**Huasifei WH3000 Pro NAND**
Portable Wi-Fi 6 travel router based on MediaTek MT7981A SoC. MT7981B+MT7976CN+RTL8221B Dual Core 1.3GHZ with 5G modems module and PWM Fan.
**Specifications**
SoC: Filogic 820 MT7981A (1.3GHz)
RAM: DDR4 1GB
Flash: 256mb Winbond SPI NAND
WiFi: 2.4GHz and 5GHz with 3 antennas
Ethernet:
1x WAN (10/100/1000M)
1x LAN (10/100/1000/2500M)
USB: 1x USB 3.0 port
Two buttons: reset and mode (BTN_0)
LEDS: blue, red, blue+red=pink
UART: 3.3V, TX, RX, GND / 115200 8N1
M.2 (WWAN) slot
**Installation via U-Boot rescue**
1. Set static IP 192.168.1.2 on your computer and default route as 192.168.1.1
2. Connect to the WAN port and hold the reset button while booting the device.
3. Wait for the LED to blink 5 times, and release the reset button.
4. Open U-boot web page on your browser at http://192.168.1.1
5. Select the OpenWRT sysupgrade image, upload it, and start the upgrade.
6. Wait for the router to flash the new firmware.
7. Wait for the router to reboot itself.
**Installation via sysupgrade**
Just flash sysupgrade file via [LuCI upgrade page](http://192.168.1.1/cgi-bin/luci/admin/system/flash) without saving the settings.
**Installation via SSH**
Upload the file to the router `/tmp` directory, `ssh root@192.168.1.1` and issue a command:
```
sysupgrade -n /tmp/openwrt-mediatek-filogic-huasifei_wh3000-pro-nand-squashfs-sysupgrade.bin
```
This version fixes some security problems:
* Client impersonation while resuming a TLS 1.3 session
(CVE-2026-34873)
* Entropy on Linux can fall back to /dev/urandom (CVE-2026-34871)
* PSA random generator cloning (CVE-2026-25835)
* Compiler-induced constant-time violations (CVE-2025-66442)
* Null pointer dereference when setting a distinguished name
(CVE-2026-34874)
* Buffer overflow in FFDH public key export (CVE-2026-34875)
* FFDH: lack of contributory behaviour due to improper input validation
(CVE-2026-34872)
* Signature Algorithm Injection (CVE-2026-25834)
* CCM multipart finish tag-length validation bypass (CVE-2026-34876)
* Risk of insufficient protection of serialized session or context data
leading to potential memory safety issues (CVE-2026-34877)
* Buffer underflow in x509_inet_pton_ipv6() (CVE-2026-25833)
Nick Hainke [Sat, 4 Apr 2026 15:38:48 +0000 (17:38 +0200)]
ethtool: update to 6.19
Version 6.19 - Feb 14, 2026
* Feature: support HW timestamp configuration (--set-hwtimestamp-cfg)
* Feature: display HW timestamp source (-T)
* Feature: support PLCA notifications (--get/set-plca-cfg)
* Feature: add PSE priority management support (--show/set-pse)
* Feature: support PSE notifications (--show/set-pse)
* Feature: support configuring RSS on IPv6 Flow Label (-n/-N)
* Feature: support FEC bit error histograms (--show-fec)
* Feature: register dump decoding for TI K3 CPSW and its ALE table (-d)
* Fix: fix missing headers in text output
* Fix: fix print_string when the value is NULL (-Werror=format-security)
* Fix: fix JSON output of SFP diagnostics
* Fix: fix duplicated JSON keys in module info
* Misc: clarify that symmetric RSS may be on by default (-x/-X)
* Misc: add AppStream metainfo file to %files section
ramips: mtk_eth_soc: handle frag_cache on Linux >= 6.13
Fix fe_clean_rx to handle the changed frag_cache layout on newer kernels.
For kernels >= 6.13 the fragment cache needs to be converted from its
encoded_page value instead of using the old va field. Add an ifdef
to use frag_cache.encoded_page & PAGE_MASK and virt_to_page for those
kernels, keep the old path for older kernels.
Replace previous bgpio_init usage with a full gpio_chip registration so the driver
integrates cleanly with the kernel GPIO core.
Add drivers/gpio/gpio-ralink.c implementing a gpio_chip with:
- get/set, direction_input/direction_output, get_direction
- get_multiple/set_multiple to support efficient multi-bit ops
- DT handling for determining ngpios (reads "ngpios" or falls back to gpio-ranges)
- MAX_NGPIOS cap and safe defaults
This is an automatically generated commit which aids following Kernel patch
history, as git will see the move and copy as a rename thus defeating the
purpose.
For the original discussion see:
https://lists.openwrt.org/pipermail/openwrt-devel/2023-October/041673.html
The Realtek mdio bus operations are based on the port number. As
of now the driver exposes a single bus with a 1:1 mapping between
phy and port. This will change in the future when the driver
exposes multiple busses. This will need a mapping - e.g.
- bus 0, phy 23 -> read/write port 23
- bus 1, phy 0 -> read/write port 24
Provide a rtmdio_phy_to_port() indirection function that will
lookup the port number based on a bus and a phy. For now it
will only run some basic sanity checks and return the given
input address (because of 1:1 mapping).
When the mdio driver gets enhanced for multiple busses it must
snchronize reads/writes to the single controller. Add a lock
to the control structure and guard the critical operations.
The ethernet driver currently uses the legacy sw() macros. Add a
regmap to the driver that is derived from the parent mfd (like in
the mdio drivers). As a first consumer make use of that in the IRQ
functions.
Shiji Yang [Tue, 31 Mar 2026 14:33:44 +0000 (22:33 +0800)]
kernel: modules: fix kmod-iavf dependencies
Add missing dependency kmod-ptp to fix the build error. We also
add symbol CONFIG_PTP_1588_CLOCK_OPTIONAL explicitly for kmod-ptp
because it is selected by CONFIG_PTP_1588_CLOCK. Fix:
Package kmod-iavf is missing dependencies for the following libraries:
ptp.ko
projects / thirdparty / openwrt.git / log
