mediatek: filogic: add support for WAVLINK WL-WN573HX3
The WL-WN573HX3 is an AX3000 outdoor Access Point by WAVLINK,
also sold in Europe as 7Links WLR-1300 (ZX-5612).
Specifications:
- MT7981B + MT7976 AX3000 2x2 DBDC (160 MHz)
- 16 MiB SPI NOR, 256 MiB RAM
- Gigabit ethernet port, 802.3af PoE
- IP67 outdoor case for wall or pole mounting with
four single band RP-SMA fiberglass antennas (8 dBi)
Installation:
- OEM Web UI is at 192.168.30.1 which will forward to
http://netlogin.link (using a captive portal)
- login with default password `admin`
- skip setup wizard by navigating directly to
http://netlogin.link/html/meshUpgrade.html
- upload WN573HX3-sysupgrade.bin
- reset to factory defaults to discard OEM UCI settings
MAC address assignment:
LAN 80:xx:xx:76:xx:25 hw 0x44e
WLAN 2.4G 80:xx:xx:76:xx:27 factory 0x04 (label MAC)
WLAN 5G 82:xx:xx:46:xx:27
pair key 8a:xx:xx:76:xx:27 also on label, not used by OpenWrt
Schneider Azima [Mon, 10 Mar 2025 01:42:51 +0000 (18:42 -0700)]
mediatek: add support for Mercusys MR80X v3
This commit adds support for Mercusys MR80X(EU) v3 router.
Device specification:
- SoC: Mediatek MT7981b, Cortex-A53, 64-bit
- RAM: 512MB
- Flash: SPI NAND GigaDevice GD5F1GQ5UEYIGY (128 MB)
- Ethernet: 4x 100/1000 Mbps LAN1,LAN2,LAN3 & WAN
- Wireless: 2.4GHz (802.11 b/g/n/ax)
- Wireless: 5GHz (802.11 a/n/ac/ax)
- LEDs: 1 orange and 1 green status LEDs, 4 green gpio-controlled LEDs
on ethernet ports
- Buttons: 1 (Reset)
- Bootloader: Main U-Boot - U-Boot 2022.01-rc4. Additionally, both UBI
slots contain "seconduboot" (also U-Boot 2022.01-rc4)
Installation (UART):
- Place OpenWrt initramfs-kernel image on tftp server with IP 192.168.1.2
- Attach UART, switch on the router and interrupt the boot process by
pressing 'Ctrl-C'.
- Set the uboot environment for startup.
setenv tp_boot_idx 0; setenv bootcmd bootm 0x46000000; saveenv
If the bootarg is set to boot from ubi1, also change it to ubi0.
- Load and run OpenWrt initramfs image.
setenv serverip 192.168.1.2; setenv ipaddr 192.168.1.1; tftpboot initramfs-kernel.bin; bootm
- Login as root via SSH (IP 192.168.1.1, port 22)
- Upload OpenWrt sysupgrade.bin image to the /tmp dir of the router
- Run sysupgrade:
sysupgrade -n /tmp/sysupgrade.bin
Recovery:
- Press Reset button and power on the router.
- Navigate to U-Boot recovery web server (http://192.168.1.1/) and
upload the OEM firmware.
generic: drop extra-old-deprecated pending fix patch for sch codel
Patch 620-net_sched-codel-do-not-defer-queue-length-update.patch is
actually an ancient patch that somehow manage to be ported for 7 solid
years.
This comes from [1] where a fix patch was proposed. Nobody notice that
the proposed patch was actually rejected upstream in favor of [2]. And
the upstream fix patch is present in kernel from version 4.18.
This means that we were actually fixing for a non existant bug and maybe
introducing regression down the line.
Drop the patch for good as we already have a fix for it in flace for a
long time.
2. Connect the PC via LAN to one of the yellow router ports and wait
until your PC to get a DHCP lease.
3. Browse to http://192.168.50.1
4. If your router is brand new, finish the setup process and log into
the Web-UI.
5. Navigate to Administration -> Firmware Upgrade and upload the
downloaded OpenWrt image.
6. Wait for OpenWrt to boot. Transfer the sysupgrade image to the device
using scp and install using sysupgrade.
$ sysupgrade -n <path-to-sysupgrade.bin>
-----------------------------------------------------------
TFTP Method
-----------------------------------------------------------
1. Download the OpenWrt initramfs image. Copy the image to a TFTP server
reachable at 192.168.1.70/24. Rename the image to rtax52.bin.
2. Connect the PC with TFTP server to the RT-AX52.
Set a static ip on the ethernet interface of your PC.
(ip address: 192.168.1.70, subnet mask:255.255.255.0)
Conect to the serial console,
interrupt the autoboot process by pressing '4' when prompted.
4. Wait for OpenWrt to boot. Transfer the sysupgrade image to the device
using scp and install using sysupgrade.
$ sysupgrade -n <path-to-sysupgrade.bin>
---------------------------------------------------------------------------
Revert to stock firmware:
1: Download the rt-ax52 firmware from ASUS official website. Save
the firmware to tftp server directory and rename to RT-AX52.trx
2: Connect the PC with TFTP server to the RT-AX52.
Set a static ip on the ethernet interface of your PC.
(ip address: 192.168.1.70, subnet mask:255.255.255.0)
3: Conect to the serial console, power on again, interrupt the
autoboot process by pressing '4' when prompted.
$: ubi remove linux
$: ubi remove jffs2
$: ubi remove rootfs
$: ubi remove rootfs_data
$: ubi create linux 0x45fe000
$: reset
Then the dut will reboot,interrupt the autoboot process by
pressing '2' when prompted.
2: Load System code then write to Flash via TFTP.
Warning!! Erase Linux in Flash then burn new one. Are you sure?(Y/N)
$: enter y
you will see the follow, type enter directly:
Input device IP (192.168.1.1) ==:
Input server IP (192.168.1.70) ==:
Input Linux Kernel filename (RT-AX52.trx) ==:
4: wait for the device run up
Based on support for ASUS RT-AX52 by liudongdongdong7397
and trx image generation by remittor
Signed-off-by: Christoph Krapp <achterin@gmail.com>
(cherry picked from commit 50d9ca6e5a04724e4263a348bdbe5ff4b1c43998)
(remove factory image generation) Signed-off-by: David Bauer <mail@david-bauer.net>
Robert Marko [Fri, 2 May 2025 09:07:54 +0000 (11:07 +0200)]
toolchain: binutils: fix compilation with GCC15
GCC15 has switched the C language default from GNU17 to GNU23[1] and this
causes builds to fail with:
In file included from mips-opc.c:29:
mips-opc.c: In function 'decode_mips_operand':
mips-formats.h:86:7: error: expected identifier or '(' before 'static_assert'
86 | static_assert[(1 << (SIZE)) == ARRAY_SIZE (MAP)]; \
| ^~~~~~~~~~~~~
mips-opc.c:214:15: note: in expansion of macro 'MAPPED_REG'
214 | case 'z': MAPPED_REG (0, 0, GP, reg_0_map);
| ^~~~~~~~~~
So, backport upstream fix for this[2] to fix compilation with GCC15.
Patch for 2.40 was manually refreshed as part of the S390 code does not
exist in 2.40 as it was added after it.
Robert Marko [Wed, 16 Apr 2025 12:04:26 +0000 (14:04 +0200)]
tools: gmp: fix compilation with GCC15
Fedora 42 updated to GCC15 which now defaults to GNU23 as the default
instead of GNU17[1], and this breaks GMP compilation by failing to find
a working compiler test.
Its been fixed upstream [2][3], so backport the fix to fix GCC15 compilation.
In include/host-build.mk, HOST_BUILD_DIR is set by default value:
HOST_BUILD_DIR ?= $(BUILD_DIR_HOST)/$(PKG_NAME)
However the mold package has no PKG_NAME set at all. This means the
HOST_BUILD_DIR is identical to $(BUILD_DIR_HOST).
In the Host/Prepare stage, by default, the $(HOST_BUILD_DIR) will be
deleted at first unconditionally. Since HOST_BUILD_DIR is identical
to $(BUILD_DIR_HOST), the entire build_dir/toolchain-* directory will
be removed and this will cause build failure.
Pavel Kubelun [Wed, 16 Apr 2025 18:07:32 +0000 (21:07 +0300)]
kernel: r8125: disable ASPM
Disable ASPM support for this NIC, fixing strange behavior problems, such as
increased latency, strange uneven throughput, etc.
With this option disabled the NIC achieves stable performance.
Upsteam r8169 driver disables ASPM by default for this NIC.
This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.
This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.
This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.
This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.
This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.
This issue was introduced in v6.6.69 with the following backport:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=36a6e8aeae4a41767bb59f56b100c8cc9ffae2cb
Daniel Golle [Fri, 28 Mar 2025 15:40:28 +0000 (15:40 +0000)]
generic: fitblk: close block device if mapping image failed
In case a broken fit image is present on flash the fitblk driver would
not map any /dev/fit* devices, but also not always close the block device
the image resides on. In case of ubiblock devices this is fatal as one
then cannot remove the ubiblock device (-EBUSY), and hence cannot replace
the broken image.
Always close the block device in case no sub-image was mapped.
* Update Mozilla certificate authority bundle to version 2.70.
The following certificate authorities were added (+):
+ Telekom Security TLS ECC Root 2020
+ Telekom Security TLS RSA Root 2023
+ FIRMAPROFESIONAL CA ROOT-A WEB
+ TWCA CYBER Root CA
+ SecureSign Root CA12
+ SecureSign Root CA14
+ SecureSign Root CA15
The following certificate authorities were removed (-):
- Security Communication Root CA (closes: #1063093)
ath79: fix initramfs execution for NEC Aterm devices
Fix execution of initramfs image on NEC Aterm devices by increasing
available memory for lzma extraction of lzma-loader.
The size of initramfs image of v24.10.0 exceeds available memory
(LZMA_TEXT_START - LOADADDR) and loader data running at LZMA_TEXT_START
will be overwritten by extracted data. As a result, LZMA extraction will
be broken and stuck (or unexpectedly reset).
Fix that issue by setting higher LZMA_TEXT_START address to increase
available memory for LZMA extraction by lzma-loader.
Matthias Franck [Fri, 31 Jan 2025 09:00:46 +0000 (10:00 +0100)]
busybox: use external libtirpc when using glibc
In recent glibc versions rpc functionality has been moved to a separate
library instead of glibc itself.
Depend on this library when rpc functionality is needed and glibc is
used.
Ming Kuang [Fri, 21 Mar 2025 15:21:05 +0000 (23:21 +0800)]
wifi-scripts: mac80211.sh: add EHT and HE160 support to iw_htmode
For WIFI7 devices (such as mt7925e), the dev width is currently
always "20 MHz (no HT)" in monitor mode.
Add EHT and HE160 support to iw_htmode to fix this issue.
Additionally, the following changes are made:
1. Set iw_htmode to 160MHz for VHT160. The reason for the current
VHT160 setting is unclear and seems to have been in place for
over a decade (ibss_htmode [1]). If anyone knows its impact,
please inform me so I can restore it.
2. Modify MHZ to MHz. The original matching table in the current
iw tool uses MHz. Although the match is case-insensitive,
correcting this won't hurt.
Shiji Yang [Wed, 2 Apr 2025 00:10:29 +0000 (08:10 +0800)]
ath10k-ct: remove "qcom,coexist-support" property type hack
The ath10k dt-binding property "qcom,coexist-support" was
explicitly defined as type uint8 since upstream commit ed09c61eb19d ("dt-bindings: net: Convert ath10k to YAML").
Therefore, this hack patch no longer makes sense.
Shiji Yang [Fri, 28 Mar 2025 16:00:50 +0000 (00:00 +0800)]
ath10k-ct: silence some harmless noisy logs
Users feel anxious about some ath10k driver logs. After further
investigation, in fact these logs are harmless. Only developers
need to care about them in order to optimize some parameters.
Let's just silence them to reduce these similar user reports.
Closes: https://github.com/openwrt/openwrt/issues/13148 Closes: https://github.com/openwrt/openwrt/issues/14422 Closes: https://github.com/openwrt/openwrt/issues/15959 Closes: https://github.com/openwrt/openwrt/issues/15997 Closes: https://github.com/openwrt/openwrt/issues/16896 Closes: https://github.com/openwrt/openwrt/issues/18046 Signed-off-by: Shiji Yang <yangshiji66@outlook.com> Link: https://github.com/openwrt/openwrt/pull/18368 Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 88234a03bc645d327016cc807c35972fcb6834eb)
[Apply to ath10k-ct 6.10] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Fil Dunsky [Mon, 10 Mar 2025 23:57:43 +0000 (06:57 +0700)]
mediatek: filogic: add support for Huasifei WH3000
**Huasifei WH3000 eMMC / Fudy MT3000**
Portable Wi-Fi 6 travel router based on MediaTek MT7981A SoC.
MT7981B+MT7976CN+RTL8221B Dual Core 1.3GHZ
**Specifications**
SoC: Filogic 820 MT7981A (1.3GHz)
RAM: DDR4 1GB
Flash: eMMC 8GB
WiFi: 2.4GHz and 5GHz with 3 antennas
Ethernet:
1x WAN (10/100/1000M)
1x LAN (10/100/1000/2500M)
USB: 1x USB 3.0 port
Two buttons: power/reset and mode (BTN_0)
LEDS: blue, red, blue+red=pink
UART: 3.3V, TX, RX, GND / 115200 8N1
**Installation via U-Boot rescue**
1. Set static IP 192.168.1.2 on your computer and default route as 192.168.1.1
2. Connect to the WAN port and hold the reset button while booting the device.
3. Wait for the LED to blink 5 times, and release the reset button.
4. Open U-boot web page on your browser at http://192.168.1.1
5. Select the OpenWRT sysupgrade image, upload it, and start the upgrade.
6. Wait for the router to flash the new firmware.
7. Wait for the router to reboot itself.
**Installation via sysupgrade**
Just flash sysupgrade file via [LuCI upgrade page](http://192.168.1.1/cgi-bin/luci/admin/system/flash) without saving the settings.
**Installation via SSH**
Upload the file to the router `/tmp` directory, `ssh root@192.168.1.1` and issue a command:
```
sysupgrade -n /tmp/openwrt-mediatek-filogic-huasifei_wh3000-emmc-squashfs-sysupgrade.bin
```
**Factory MAC**
You can find your Factory MAC which is mentioned on the box at `/dev/mmcblck0p2` partition `factory` starting from `0x4`
```
dd if=/dev/mmcblk0p2 bs=1 skip=4 count=6 | hexdump -C
```
**Enlarging a partition**
Though device has 8GB eMMC, it uses only 2GB `/dev/mmcblck0p6` as `rootfs` for `/rom` and `/overlay` leaving `/dev/mmcblck0p7` as empty unused space.
```
sgdisk -p /dev/mmcblk0
```
```
Disk /dev/mmcblk0: 15269888 sectors, 7.3 GiB
Sector size (logical/physical): 512/512 bytes
Disk identifier (GUID): 2BD17853-102B-4500-AA1A-8A21D4D7984D
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 14942174
Partitions will be aligned on 1024-sector boundaries
Total free space is 11197 sectors (5.5 MiB)
You can fix that by loading into `initramfs-kernel`, deleting empty `mmcblck0p7` partition and resizing `mmcblck0p6`
```
sysupgrade -F /tmp/openwrt-initramfs-kernel.bin
```
Install and run cfdisk
```
opkg update && opkg install cfdisk
cfdisk /dev/mmcblck0
```
- Select `mmcblck0p7` -> Delete
- Select `mmcblck0p6` -> Resize -> Write -> yes -> Quit
You will not see any difference in `cat /proc/partitions` after that but just flash a `sysupgrade` and you'll get the whole 7.3GB space for the `/overlay`.
Installation
------------
1. Connect to the router using ssh (user: admin, pass: web interface
password)
2. Make mtd backup:
cat /dev/mtd0 | gzip -1 -c > /tmp/mtd0_spi0.0.bin.gz
cat /dev/mtd1 | gzip -1 -c > /tmp/mtd1_BL2.bin.gz
cat /dev/mtd2 | gzip -1 -c > /tmp/mtd2_u-boot-env.bin.gz
cat /dev/mtd3 | gzip -1 -c > /tmp/mtd3_Factory.bin.gz
cat /dev/mtd4 | gzip -1 -c > /tmp/mtd4_FIP.bin.gz
cat /dev/mtd5 | gzip -1 -c > /tmp/mtd5_ubi.bin.gz
3. Download mtd backup from the /tmp dir of the router to your PC using
scp protocol
4. Upload OpenWrt 'bl31-uboot.fip', 'preloader.bin' images to the /tmp
dir of the router using scp protocol
5. Write FIP and BL2 (replace bootloader):
mtd write /tmp/openwrt-mediatek-filogic-netis_nx31-bl31-uboot.fip FIP
mtd write /tmp/openwrt-mediatek-filogic-netis_nx31-preloader.bin BL2
6. Place OpenWrt
'openwrt-mediatek-filogic-netis_nx31-initramfs-recovery.itb' image on
the tftp server (IP: 192.168.1.254)
7. Erase 'ubi' partition and reboot the router:
mtd erase ubi
reboot
8. U-Boot automatically boot OpenWrt recovery image from tftp server to
the RAM
9. Upload OpenWrt 'sysupgrade.itb' image to the /tmp dir of the router
(IP: 192.168.1.1) using scp protocol
10. Connect to the router using ssh and run:
sysupgrade -n openwrt-mediatek-filogic-netis_nx31-squashfs-sysupgrade.itb
Return to stock
---------------
1. Unpack stock BL2 and FIP partitions backup
2. Upload stock BL2 and FIP partitions backup to the /tmp dir of the
router using scp protocol
3. Connect to the router using ssh and run:
apk update && apk add kmod-mtd-rw
insmod mtd-rw i_want_a_brick=1
mtd unlock BL2
mtd unlock FIP
4. Restore backup:
mtd write /tmp/mtd4_FIP.bin FIP
mtd write /tmp/mtd1_BL2.bin BL2
5. Erase ubi and reboot:
mtd erase ubi
reboot
6. Power off the router
7. Press Reset button and power on the router. Release the button after
~10 sec
8. Navigate to U-Boot recovery web server (http://192.168.1.1/) and
upload the OEM firmware
Recovery
--------
1. Place OpenWrt
'openwrt-mediatek-filogic-netis_nx31-initramfs-recovery.itb' image on
the tftp server (IP: 192.168.1.254)
2. Press “Reset” button and power on the router. After ~10 sec release
the button.
3. Use OpenWrt initramfs system for recovery
MAC addresses
-------------
+---------+-------------------+-----------+
| | MAC | Algorithm |
+---------+-------------------+-----------+
| LAN | dc:xx:xx:d1:xx:18 | label |
| WAN | dc:xx:xx:d1:xx:1a | label+2 |
| WLAN 2g | de:xx:xx:11:xx:19 | |
| WLAN 5g | de:xx:xx:71:xx:19 | |
+---------+-------------------+-----------+
The LAN MAC was found in 'Factory', 0x1fef20
The WAN MAC was found in 'Factory', 0x1fef26
The WLAN 2g/5g MAC prototype was found in 'Factory', 0x4
Adds latest 6.6 patches from the Raspberry Pi repository.
These patches were generated from:
https://github.com/raspberrypi/linux/commits/rpi-6.6.y/
With the following command:
git format-patch -N v6.6.85..HEAD
(HEAD -> bba53a117a4a5c29da892962332ff1605990e17a)
build: bpf: fix LLVM tool paths with host toolchain
Do not assume that the various tools like llc can be found under the
same path as clang; instead, look them up through BPF_PATH (while still
preferring ones found next to clang).
This fixes build in common setups with ccache, where clang resolves to a
path like /usr/lib/ccache/bin/clang, but no other tools can be found at
that location.
generic: qca8k: backport bridge port isolation support
Bridge port isolation offload support has been added to the bridge core
and many DSA drivers. mt7530 support was backported in OpenWrt commit c4e6a147a6c0 ("generic: 6.6: mt7530: add support for bridge port
isolation").
Install instructions:
The booloader will only install signed firmware so the image has to
be manually flashed.
- Set up a TFTP server on 192.168.1.0/24 to serve the initramfs image
- Interrupt the bootloader and run from RAM with
r 192.168.1.100:openwrt-bmips-bcm63268-actiontec_t1200h-initramfs.elf
- On the openwrt console, copy the wfi image using wget/tftp/scp, i.e
scp user@192.168.1.100:~/openwrt/bin/targets/bmips/bcm63268/openwrt-bmips-bcm63268-actiontec_t1200h-squashfs-cfe.bin /tmp/
- Erase half the flash partition where openwrt will be installed with
flash_erase -j /dev/mtd1 0 491
- Flash the openwrt image with
nandwrite -p /dev/mtd1 /tmp/openwrt-bmips-bcm63268-actiontec_t1200h-squashfs-cfe.bin
- Reboot
- Interrupt the bootloader again and use the c command to boot from
previous firmware if vendor image is loaded
Signed-off-by: Kyle Hendry <kylehendrydev@gmail.com>
[Minor improvements to DTS file] Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 65b8a978deac05894d1fd20dfe63494f4b43848d)
Tim Harvey [Mon, 27 Jan 2025 22:44:27 +0000 (14:44 -0800)]
mac80211: ath11k: Fix DMA buffer allocation to resolve SWIOTLB issues
Backport two commits to resolve issues with ath1kk causing it to fail
driver registration on iommuless systems with DRAM outside of 32bit
addressing such as a 4GiB imx8mm:
commit 1bcd20981834 ("wifi: ath11k: Fix DMA buffer allocation
to resolve SWIOTLB issues")
commit eeadc6baf8b3 ("wifi: ath11k: Use dma_alloc_noncoherent
for rx_tid buffer allocation")
Magnus Kroken [Wed, 26 Mar 2025 20:42:51 +0000 (21:42 +0100)]
mbedtls: update to 3.6.3
This release of Mbed TLS provides the fix for a tls compatibility issue of handling fragmented handshake messages.
This release includes fixes for security issues.
* Potential authentication bypass in TLS handshake (CVE-2025-27810) [1]
* TLS clients may unwittingly skip server authentication (CVE-2025-27809) [2]
This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.
(This was a real problem I encountered with a nanopi R6S device and
an external rtl8152 usb3 network controller - the USB controller would
claim the eth1 name, causing much confusion).
rockchip: set network IRQ affinity to fast CPU cores
The nanopi R6S, R6C and nanopc T6 platforms are based on rk3588(s) SoC,
which has fast and slow CPU cores. Set up network interrupt affinity to be
on the fast CPU cores by default. This is similar to the way this was
already configured on nanopi R4S.
rockchip: show boot stages on nanopi R6 system LED
Set up openwrt to show boot progress on the nanopi R6S or R6C system LED.
The LED blinking states indicate the boot stage. The LED is defined as
a power LED, but can still be set to heartbeat in /etc/config/system
after the system is done booting.
mac80211: fix compilation error for old stable kernel version
Fix compilation error for old stable version caused by
genlmsg_multicast_allns backport fix pushed middle version.
Version 5.15 version 0-169, 6.1 version 0-115, 6.6 version 0-58 have the
old genlmsg_multicast_allns version with flags variable.
Compiling backport project with these version result in a compilation
error. To handle this, introduce a backport function for the affected
kernel version.
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op replace oui 33:44:55 subtype fe
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op add oui 33:44:44 subtype e8
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op add oui 33:44:33 subtype 42
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op add oui 33:44:33 subtype 42
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op add oui 33:44:31 subtype 2c
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op add oui 33:44:31 subtype 2c
Sat Mar 16 19:11:39 2024 daemon.warn lldpcli[10915]: invalid OUI value '3322'
Sat Mar 16 19:11:39 2024 daemon.info lldpcli[10915]: an error occurred while executing last command
Sat Mar 16 19:11:39 2024 daemon.warn lldpcli[10915]: invalid OUI value '3312'
Sat Mar 16 19:11:39 2024 daemon.info lldpcli[10915]: an error occurred while executing last command
Sat Mar 16 19:11:39 2024 daemon.info lldpcli[10915]: lldpd should resume operations
( The last two TLV are invalid: their oui must be three hex bytes, comma
separated. Only the first hex byte of oui-info 5555555555 is used )
Quoting the kconfig description for CONFIG_PCPU_DEV_REFCNT:
network device refcount are using per cpu variables if this option is
set. This can be forced to N to detect underflows (with a performance
drop).
This was introduced from kernel 5.13 and was wrongly set as disabled.
Some target actually enables it but this should be always enabled unless
refcount needs to be debugged (unlikely for production images)
Enable in generic and drop the entry in every other target.
With upstream changes hitting kernel 6.4 the dtb for u7623 ends up with
both mac (gmac) disabled, since this is now the default status in
mt7623.dtsi. Fix this by including mt7623a.dtsi (which already has all
necessary bits) and enabling all revlevant ports. This will also do
a side hustle of assigning proper clocks for power controller and
specifying proper power domain for few devices.
Apparently U-Boot will discard whole node if requested pin function is
unknown to the driver. This resulted in inability to interact with
U-Boot on the said board, as U-Boot always assumed the recovery key
pressed and issued recovery procedure. Log snippet:
Recovery procedure also booted recovery image, which didn't affect much
the 23.05.x release, since the root fs argument was valid, so changes
persisted. But as 24.10.x hit with fitblk, the board will boot only
recovery image (initramfs) because of default bootargs will reset on each
boot and U-Boot provided bootargs took precedence.
Like #15865, it seems that gmac0 does not rename eth0 to dsa until after the
switch ports are initialized, leading to a name collision (error -17 = EEXIST).
This patch follows #17062 by using openwrt,netdev-name to fix the collision.
Thomas Richard [Mon, 24 Feb 2025 10:15:51 +0000 (11:15 +0100)]
optee-os.mk: override default PATH to not use hostpkg python
In some cases hostpkg python from packages feed is used (hostpkg has higher
priority in PATH) which causes build failure (cryptography module is
missing). So override PATH to not use hostpkg python.
local access.
- Mitigations for INTEL-SA-01079 (CVE-2024-23918)
Potential security vulnerabilities in some Intel Xeon processors
using Intel SGX may allow escalation of privilege. Intel disclosed
that some processor models were already fixed by a previous
microcode update.
- Updated mitigations for INTEL-SA-01097 (CVE-2024-24968)
Improper finite state machines (FSMs) in hardware logic in some
Intel Processors may allow an privileged user to potentially enable a
denial of service via local access.
- Mitigations for INTEL-SA-01103 (CVE-2024-23984)
A potential security vulnerability in the Running Average Power Limit
(RAPL) interface for some Intel Processors may allow information
disclosure. Added mitigations for more processor models.
* Updated Microcodes:
sig 0x000806f8, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800
sig 0x000806f7, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x000806f6, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x000806f5, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x000806f4, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x00090672, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256
sig 0x00090675, pf_mask 0x07, 2024-05-29, rev 0x0037
sig 0x000b06f2, pf_mask 0x07, 2024-05-29, rev 0x0037
sig 0x000b06f5, pf_mask 0x07, 2024-05-29, rev 0x0037
sig 0x000906a3, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232
sig 0x000906a4, pf_mask 0x80, 2024-06-03, rev 0x0435
sig 0x000a06a4, pf_mask 0xe6, 2024-08-02, rev 0x0020, size 138240
sig 0x000b06a2, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160
sig 0x000b06a3, pf_mask 0xe0, 2024-05-29, rev 0x4123
sig 0x000b06a8, pf_mask 0xe0, 2024-05-29, rev 0x4123
sig 0x000c06f2, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128
sig 0x000c06f1, pf_mask 0x87, 2024-06-20, rev 0x21000283
* source: update symlinks to reflect id of the latest release, 20241112
* Update changelog for 3.20240910.1 and 3.20240813.1 with new information:
INTEL-SA-1103 was addressed by 3.20240813.1 for some processor models,
and not by 3.20240910. INTEL-SA-1079 was addressed by 3.20240910.1 for
some processor models.
-- Henrique de Moraes Holschuh <hmh@debian.org> Thu, 14 Nov 2024 15:37:40 -0300
* New upstream microcode datafile 20241029
- Not relevant for operating system microcode updates
- Only when loaded from firmware, this update fixes the critical,
potentially hardware-damaging errata RPL061: Incorrect Internal
Voltage Request on Raptor Lake (Core 13th/14th gen) Intel
processors.
* Updated Microcodes:
sig 0x000b0671, pf_mask 0x32, 2024-08-29, rev 0x012b, size 211968
-- Henrique de Moraes Holschuh <hmh@debian.org> Thu, 14 Nov 2024 14:49:03 -0300
* New upstream microcode datafile 20240910 (closes: #1081363)
- Mitigations for INTEL-SA-01097 (CVE-2024-24968)
Improper finite state machines (FSMs) in hardware logic in some
Intel Processors may allow an privileged user to potentially enable a
denial of service via local access.
- Fixes for unspecified functional issues on several processor models
- The processor voltage limit issue on Core 13rd/14th gen REQUIRES A
FIRMWARE UPDATE. It is present in this release for sig 0xb0671, but
THE VOLTAGE ISSUE FIX ONLY WORKS WHEN THE MICROCODE UPDATE IS LOADED
THROUGH THE FIT TABLE IN FIRMWARE. Contact your system vendor for a
firmware update that includes the appropriate microcode update for
your processor.
* Updated Microcodes:
sig 0x00090672, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256
sig 0x00090675, pf_mask 0x07, 2024-02-22, rev 0x0036
sig 0x000b06f2, pf_mask 0x07, 2024-02-22, rev 0x0036
sig 0x000b06f5, pf_mask 0x07, 2024-02-22, rev 0x0036
sig 0x000906a3, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208
sig 0x000906a4, pf_mask 0x80, 2024-02-22, rev 0x0434
sig 0x000a06a4, pf_mask 0xe6, 2024-06-17, rev 0x001f, size 137216
sig 0x000b0671, pf_mask 0x32, 2024-07-18, rev 0x0129, size 215040
sig 0x000b06a2, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160
sig 0x000b06a3, pf_mask 0xe0, 2024-02-22, rev 0x4122
sig 0x000b06a8, pf_mask 0xe0, 2024-02-22, rev 0x4122
sig 0x000b06e0, pf_mask 0x19, 2024-03-25, rev 0x001a, size 138240
* Update changelog for 3.20240813.1 with new information
* Update changelog for 3.20240514.1 with new information
* source: update symlinks to reflect id of the latest release, 20240910
* New upstream microcode datafile 20240813 (closes: #1078742)
- Mitigations for INTEL-SA-01083 (CVE-2024-24853)
Incorrect behavior order in transition between executive monitor and SMI
transfer monitor (STM) in some Intel Processors may allow a privileged
user to potentially enable escalation of privilege via local access.
- Mitigations for INTEL-SA-01118 (CVE-2024-25939)
Mirrored regions with different values in 3rd Generation Intel Xeon
Scalable Processors may allow a privileged user to potentially enable
denial of service via local access.
- Mitigations for INTEL-SA-01100 (CVE-2024-24980)
Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel
Xeon Processors may allow a privileged user to potentially enable
escalation of privilege via local access.
- Mitigations for INTEL-SA-01038 (CVE-2023-42667)
Improper isolation in the Intel Core Ultra Processor stream cache
mechanism may allow an authenticated user to potentially enable
escalation of privilege via local access. Intel disclosed that some
processor models were already fixed by the previous microcode update.
- Mitigations for INTEL-SA-01046 (CVE-2023-49141)
Improper isolation in some Intel Processors stream cache mechanism may
allow an authenticated user to potentially enable escalation of
privilege via local access. Intel disclosed that some processor models
were already fixed by the previous microcode update.
- Mitigations for INTEL-SA-01079 (CVE-2024-23918)
Potential security vulnerabilities in some Intel Xeon processors
using Intel SGX may allow escalation of privilege. Intel released this
information during the full disclosure for the 20241112 update.
Processor signatures 0x606a6 and 0x606c1.
- Mitigations for INTEL-SA-01103 (CVE-2024-23984)
A potential security vulnerability in the Running Average Power Limit
(RAPL) interface for some Intel Processors may allow information
disclosure. Intel released this information during the full disclosure
for the 20240910 update. Processor signatures 0x5065b, 0x606a6,
0x606c1.
- Fix for unspecified functional issues on several processor models
- Fix for errata TGL068/ADL075/ICL088/... "Processor may hang during a
microcode update". It is not clear which processors were fixed by this
release, or by one of the microcode updates from 2024-05.
- Mitigations for INTEL-SA-01213 (CVE-2024-36293)
Improper access control in the EDECCSSA user leaf function for some
Intel Processors with Intel SGX may allow an authenticated user to
potentially enable denial of service via local access. Intel released
this information during the full disclosure for the 20250211 update.
Processor signature 0x906ec (9th Generation Intel Core processor).
* Updated microcodes:
sig 0x00050657, pf_mask 0xbf, 2024-03-01, rev 0x5003707, size 39936
sig 0x0005065b, pf_mask 0xbf, 2024-04-01, rev 0x7002904, size 30720
sig 0x000606a6, pf_mask 0x87, 2024-04-01, rev 0xd0003e7, size 308224
sig 0x000606c1, pf_mask 0x10, 2024-04-03, rev 0x10002b0, size 300032
sig 0x000706e5, pf_mask 0x80, 2024-02-15, rev 0x00c6, size 114688
sig 0x000806c1, pf_mask 0x80, 2024-02-15, rev 0x00b8, size 112640
sig 0x000806c2, pf_mask 0xc2, 2024-02-15, rev 0x0038, size 99328
sig 0x000806d1, pf_mask 0xc2, 2024-02-15, rev 0x0052, size 104448
sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496
sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496
sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472
sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496
sig 0x000806ec, pf_mask 0x94, 2024-02-05, rev 0x00fc, size 106496
sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480
sig 0x000906ea, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 105472
sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496
sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496
sig 0x000906ed, pf_mask 0x22, 2024-02-05, rev 0x0100, size 106496
sig 0x000a0652, pf_mask 0x20, 2024-02-01, rev 0x00fc, size 97280
sig 0x000a0653, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 98304
sig 0x000a0655, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 97280
sig 0x000a0660, pf_mask 0x80, 2024-02-01, rev 0x00fe, size 97280
sig 0x000a0661, pf_mask 0x80, 2024-02-01, rev 0x00fc, size 97280
sig 0x000a0671, pf_mask 0x02, 2024-03-07, rev 0x0062, size 108544
sig 0x000a06a4, pf_mask 0xe6, 2024-04-15, rev 0x001e, size 137216
* source: update symlinks to reflect id of the latest release, 20240813
* postinst, postrm: switch to dpkg-trigger to run update-initramfs
-- Henrique de Moraes Holschuh <hmh@debian.org> Thu, 15 Aug 2024 14:41:50 -0300
Tianling Shen [Sun, 2 Mar 2025 12:06:49 +0000 (20:06 +0800)]
ramips: fix reading mac address for hiwifi hc5962
The spaces in variables have been stripped since commit 551e04f3c9c0
("base-files: strip space and tab characters from ASCII mac address"),
resulting "Vfac_mac " matches nothing. Fix the issue by removing the
space at end.
MAC Addresses:
- There is one on the label, e.g. xx:xx:xx:xx:xx:A4
- LAN (bottom connector) is the same as the label, e.g. xx:xx:xx:xx:xx:A4
- WAN (top connector) is label + 1, e.g. xx:xx:xx:xx:xx:A5
- WLAN (2.4G) is the same as the label, e.g. xx:xx:xx:xx:xx:A4
- WLAN (5G) is label + 2, e.g. xx:xx:xx:xx:xx:A6
UART:
- is available via the pin holes on the board
- The pinout is printed to the board: P: VCC, G: GND, R: RX, T:TX
- RX and TX require solder bridges to be installed
- Do NOT connect VCC
- Settings: 3.3V, 115200, 8N1
GPIO:
- There are two LEDs: Red (GPIO 4) and White (GPIO 0)
- There are two buttons: Reset (GPIO 11) and WPS (GPIO 5)
Migration to OpenWrt:
- Download the migration image from the Cudy website (it should be available as soon as OpenWrt officially supports the device)
- Connect computer to LAN (bottom connector) and flash the migration image via OEM web interface
- OpenWrt is now accessible via 192.168.1.1
Revert back to OEM firmware:
- Set up a TFTP server on IP 192.168.1.88 and connect to the WAN port (upper port)
- Provide the Cudy firmware as recovery.bin in the TFTP server
- Press the reset button while powering on the device
- Recovery process is started now
- When recovery process is done, OEM firmware is accessible via 192.168.10.1 again
General information:
- No possibility to load a initramfs image via U-Boot because there is no option to interrupt U-Boot
Adds latest 6.6 patches from the Raspberry Pi repository.
These patches were generated from:
https://github.com/raspberrypi/linux/commits/rpi-6.6.y/
With the following command:
git format-patch -N v6.6.83..HEAD
(HEAD -> 08d4e8f52256bd422d8a1f876411603f627d0a82)
Felix Fietkau [Sun, 9 Mar 2025 15:43:58 +0000 (16:43 +0100)]
unetd: update to Git HEAD (2025-03-09)
d8b43985e4d7 ubus: fix token_create policy 7326459bd743 ubus: dump service information on network_get 6c9c8fbd8128 service: add @all as alias for all members, unless defined differently
MAC Addresses:
- There is one on the label, e.g. xx:xx:xx:xx:xx:1C
- LAN (bottom connector) is the same as the label, e.g. xx:xx:xx:xx:xx:1C
- WAN (top connector) is label +2, e.g. xx:xx:xx:xx:xx:1E
- WLAN (2.4G) is the same as the label, e.g. xx:xx:xx:xx:xx:1C
- WLAN (5G) is the same as WAN, e.g. xx:xx:xx:xx:xx:1E
UART:
- is available via the pin holes on the board
- From inner to outer pin: TX, RX, GND, VCC
- Do NOT connect VCC
- Settings: 3.3V, 115200, 8N1
GPIO:
- There are two LEDs: Red (GPIO 3) and White (GPIO 4)
- There are two buttons: Reset (GPIO 8) and WPS (GPIO 10)
Migration to OpenWrt:
- Download the migration image from the Cudy website (it should be available as soon as OpenWrt officially supports the device)
- The migration image is also available here until a image is provided by Cudy: https://github.com/RolandoMagico/openwrt-build/releases/tag/M1300_Build_20240222
- File: openwrt-ramips-mt7621-cudy_m1300-v2-squashfs-flash-signed.bin
- Connect computer to LAN (bottom connector) and flash the migration image via OEM web interface
- In the migration image, LAN and WAN are swapped. Computer must be connected to the other port after flashing
- OpenWrt is now accessible via 192.168.1.1
- After flashing an up to date OpenWrt image, LAN and WAN settings are again the same as in the OEM firmware
- So use the other connector again
Revert back to OEM firmware:
- Set up a TFTP server on IP 192.168.1.88 and connect to the LAN port (lower port)
- Provide the Cudy firmware as recovery.bin in the TFTP server
- Press the reset button while powering on the device
- Recovery process is started now
- When recovery process is done, OEM firmware is accessible via 192.168.10.1 again
General information:
- No possibility to load a initramfs image via U-Boot because there is no option to interrupt U-Boot
The fixes are only for the WRT1900X and WRT1200AC.
It contains:
Deletes the driver's ability to modify the debit table.
Remove skb_get(done_skb) in txdone
Reworking ISR
clean code
Napi replaces tasklet
Add rx_decrypt feature
projects / thirdparty / openwrt.git / log
