Commit Graph

495 Commits

Author SHA1 Message Date
David Bauer
367806af10 mbedtls: move source modification to patch 2023-01-18 22:31:01 +01:00
David Bauer
5961575c33 modules: update openwrt
807483d336 dosfstools: switch to AC_CHECK_LIB
3bc6d2af76 tools/dosfstools: fix PKG_SOURCE
c0b4303d2e toolchaini/gcc: fix libstdc++ dual abi model
aa5023b9cd scripts/dl_github_archieve.py: fix generating unreproducible tar
e88e0ace7a ksmbd: Fix ZDI-CAN-18259
aca915e847 ksmbd: update to 3.4.6
4b7f9e42e2 lantiq-xrx200: fix wan LED on o2 box 6431
7c10b7b6f0 CI: build: fix external toolchain use with release tag tests
b08e1e978c OpenWrt v22.03.3: revert to branch defaults
221fbfa2d8 OpenWrt v22.03.3: adjust config defaults
43d71ad93e mac80211: Do not build brcmsmac on bcm47xx_legacy
181390f57d uml: fix 5.10 build
1fd2f9f7be kernel: Add missing kernel configuration options
8446d22aaa gdb: Do not link against xxhash
558aa1f482 odhcpd: fix null pointer dereference for INFORM messages
af4f635eed ipq40xx: sysupgrade: allow flashing Linksys factory firmware
4bda308657 base-files: stage2: add 'tail' to sysupgrade environment
2f1b73b70d treewide: Trigger reinstall of all wolfssl dependencies
77e2a24e62 wolfssl: update to 5.5.4-stable
158a33591d mbedtls: update to version 2.28.2
b23cab2fcf toolchain: gcc: import patch fixing asm machine directive for powerpc
6be9e3e636 kernel: remove hack patch, move kirkwood specific kmods to target modules.mk
b1722a048a kernel: bump 5.10 to 5.10.161
cdce4a0bfa uhttpd: update to latest Git HEAD
2023-01-17 15:57:23 +01:00
Andreas Ziegler
b85a9c54d5
modules: update openwrt
6c3e16055a kernel: backport ksmbd security fix ZDI-22-1690
275c51bf40 Revert "image-commands.mk: Be consistent in command invocation"
fec4fb3a56 sunxi: remove frequency for NanoPi R1
51a763ab0f arm-trusted-firmware-sunxi: drop CPE ID
377d805887 trusted-firmware-a.mk: use correct CPE ID
f30414c56d kernel: bump 5.10 to 5.10.160
47ac52a7c4 ath79: image: don't depend on other COMPILE targets
da79da3ac1 image: fix device profile specific COMPILE targets
9aa95bbebb rules: fix broken commitcount on alpine system
fcff234fd8 image-commands.mk: Be consistent in command invocation
be7b97d873 sunxi: fix typo in device packages for MarsBoard A10
709351bf32 kernel: Make KERNEL_MAKEOPTS recursively expanded
3b066a6581 lantiq: vr9: include usb driver for fritz 7430
39dcfcd987 wolfssl: fix build with /dev/crypto
e51f3a22aa toolchain: Update glibc 2.34 to recent HEAD
298d2d0412 Revert "mbedtls: import patch to fix illegal instruction on mpc85xx"
3de4572ed3 tools/ccache: fix build with musl and gcc 12
8e43a44f08 rpcd: update to latest Git HEAD
f43ceb60d5 iwinfo: update to latest Git HEAD
31baecb70e iwinfo: update to the latest version
f34c4a950e iwinfo: update to the latest version
9b7a3e1a5e iwinfo: update to the latest version
ce881873c0 kernel: add missing dependency to KERNEL_RPI_AXIPERF
7ccb4c6651 kernel: add missing symbol for bcm27xx
b18a0d0b92 generic: add support for EON EN25QX128A spi nor flash
d909fb1d3b kernel: bump 5.10 to 5.10.159
e5cec69484 kernel: bump 5.10 to 5.10.158
3a58bda06b kernel: bump 5.10 to 5.10.157
ee2341cac6 kernel: add symbol in generic config for 5.10.157
bc64ca15d4 kernel: kmod-net-rtl8192su: Remove package
b1204ce28c umbim: Allow roaming and partner connections
15bc6b23c7 kernel: further cleanup of xfrm[4|6]_mode*
6e396eff1a kernel: remove handling of xfrm[4|6]_mode_* modules
78fc12ddd0 kernel: fix typo for tegra crypto-sha1 module
4408f7d564 kernel: add kmod-btsdio package
6b2c445b88 kernel: remove CONFIG_MMC_BLOCK_BOUNCE
aef33ab13a ath79: fix Teltonika RUT230 v1 MAC assignment
6cd1035d8d ramips: add support for Wavlink WS-WN572HP3 4G
3f7ce4bd40 comgt-ncm: add support for quectel modem EC200T-EU
03ab5a60da realtek: update GPIO bindings for DGS-1210-10P
63fde4607c ustream-ssl: update to Git version 2022-12-07
1c174fe0ba CI: kernel: don't checkout and install feeds
385f78780c CI: build: skip sdk adapt to external toolchain on cache hit
8be50c369b CI: build: fix use of sdk as toolchain
1af58a2d39 ramips: mt7621: enable lzma-loader for ZyXEL WAP6805
8fbf03690e ramips: mt7621: enable lzma-loader for netis WF2881
282dd271ad kernel: ca8210: Fix crash by zero initializing data
1a0f2c3a3e e2fsprogs: Fix CVE-2022-1304
1285938d2c bcm4908: Refresh kernel patches
eb639e54fc ucode: update to latest Git HEAD
9b6dcf322b mvebu: disable also wrt32x due to broken switch
69ed96fba8 kernel: netconsole: add network console logging support
1f9bf1ee82 kernel: kmod-isdn4linux: Remove package
a3dee42206 kernel: kmod-w1-slave-ds2760: Remove package
2a1bf860f3 kernel: kmod-rtc-pt7c4338: Remove package
a0bae2fef8 mvebu: cortexa9: disable devices using broken mv88e6176 switch
309a6f22ba CI: trigger check also on build and check-kernel-patches workflow change
ec9ca325c0 CI: build: fix matching for openwrt release branch for toolchain parsing
63a2ea5470 CI: fix matching for openwrt release branch for container selection
9db78a7e86 CI: build: add support to fallback to sdk for external toolchain
47519a574c CI: build: add support for external toolchains from stable branch
05c3ee608f CI: build: add support for per branch tools container
f3cb0cfdf9 CI: tools: support per branch tools container
5fc4182f1e CI: Build all boards and testing kernel
31fb360f57 CI: Allow building with internal toolchain
e74479d559 CI: Extract the OpenWrt building to own sub workflow
b7e2e14912 CI: Simplify if conditions
8ac2cf6de9 CI: packages.yml: Fix usage of pre-build tools
db347be0b3 CI: packages: Add github CI job to build all packages
99524d49b4 CI: kernel: fix deprecation of set-output
de29c8bda7 ci: kernel: trigger build check on changes in kernel.mk as well
b93a59352f CI: kernel: check if patch are refreshed for each target
d070707379 CI: bump actions/download,upload-artifact action to v3
69414201ae CI: bump actions/checkout action to v3
8c4e39eb08 CI: kernel: generate ccache cache on kernel push
6c3e16055a kernel: backport ksmbd security fix ZDI-22-1690
275c51bf40 Revert "image-commands.mk: Be consistent in command invocation"
fec4fb3a56 sunxi: remove frequency for NanoPi R1
51a763ab0f arm-trusted-firmware-sunxi: drop CPE ID
377d805887 trusted-firmware-a.mk: use correct CPE ID
f30414c56d kernel: bump 5.10 to 5.10.160
47ac52a7c4 ath79: image: don't depend on other COMPILE targets
da79da3ac1 image: fix device profile specific COMPILE targets
9aa95bbebb rules: fix broken commitcount on alpine system
fcff234fd8 image-commands.mk: Be consistent in command invocation
be7b97d873 sunxi: fix typo in device packages for MarsBoard A10
709351bf32 kernel: Make KERNEL_MAKEOPTS recursively expanded
3b066a6581 lantiq: vr9: include usb driver for fritz 7430
39dcfcd987 wolfssl: fix build with /dev/crypto
e51f3a22aa toolchain: Update glibc 2.34 to recent HEAD
298d2d0412 Revert "mbedtls: import patch to fix illegal instruction on mpc85xx"
3de4572ed3 tools/ccache: fix build with musl and gcc 12
8e43a44f08 rpcd: update to latest Git HEAD
f43ceb60d5 iwinfo: update to latest Git HEAD
31baecb70e iwinfo: update to the latest version
f34c4a950e iwinfo: update to the latest version
9b7a3e1a5e iwinfo: update to the latest version
ce881873c0 kernel: add missing dependency to KERNEL_RPI_AXIPERF
7ccb4c6651 kernel: add missing symbol for bcm27xx
b18a0d0b92 generic: add support for EON EN25QX128A spi nor flash
d909fb1d3b kernel: bump 5.10 to 5.10.159
e5cec69484 kernel: bump 5.10 to 5.10.158
3a58bda06b kernel: bump 5.10 to 5.10.157
ee2341cac6 kernel: add symbol in generic config for 5.10.157
bc64ca15d4 kernel: kmod-net-rtl8192su: Remove package
b1204ce28c umbim: Allow roaming and partner connections
15bc6b23c7 kernel: further cleanup of xfrm[4|6]_mode*
6e396eff1a kernel: remove handling of xfrm[4|6]_mode_* modules
78fc12ddd0 kernel: fix typo for tegra crypto-sha1 module
4408f7d564 kernel: add kmod-btsdio package
6b2c445b88 kernel: remove CONFIG_MMC_BLOCK_BOUNCE
aef33ab13a ath79: fix Teltonika RUT230 v1 MAC assignment
6cd1035d8d ramips: add support for Wavlink WS-WN572HP3 4G
3f7ce4bd40 comgt-ncm: add support for quectel modem EC200T-EU
03ab5a60da realtek: update GPIO bindings for DGS-1210-10P
63fde4607c ustream-ssl: update to Git version 2022-12-07
1c174fe0ba CI: kernel: don't checkout and install feeds
385f78780c CI: build: skip sdk adapt to external toolchain on cache hit
8be50c369b CI: build: fix use of sdk as toolchain
1af58a2d39 ramips: mt7621: enable lzma-loader for ZyXEL WAP6805
8fbf03690e ramips: mt7621: enable lzma-loader for netis WF2881
282dd271ad kernel: ca8210: Fix crash by zero initializing data
1a0f2c3a3e e2fsprogs: Fix CVE-2022-1304
1285938d2c bcm4908: Refresh kernel patches
eb639e54fc ucode: update to latest Git HEAD
9b6dcf322b mvebu: disable also wrt32x due to broken switch
69ed96fba8 kernel: netconsole: add network console logging support
1f9bf1ee82 kernel: kmod-isdn4linux: Remove package
a3dee42206 kernel: kmod-w1-slave-ds2760: Remove package
2a1bf860f3 kernel: kmod-rtc-pt7c4338: Remove package
a0bae2fef8 mvebu: cortexa9: disable devices using broken mv88e6176 switch
309a6f22ba CI: trigger check also on build and check-kernel-patches workflow change
ec9ca325c0 CI: build: fix matching for openwrt release branch for toolchain parsing
63a2ea5470 CI: fix matching for openwrt release branch for container selection
9db78a7e86 CI: build: add support to fallback to sdk for external toolchain
47519a574c CI: build: add support for external toolchains from stable branch
05c3ee608f CI: build: add support for per branch tools container
f3cb0cfdf9 CI: tools: support per branch tools container
5fc4182f1e CI: Build all boards and testing kernel
31fb360f57 CI: Allow building with internal toolchain
e74479d559 CI: Extract the OpenWrt building to own sub workflow
b7e2e14912 CI: Simplify if conditions
8ac2cf6de9 CI: packages.yml: Fix usage of pre-build tools
db347be0b3 CI: packages: Add github CI job to build all packages
99524d49b4 CI: kernel: fix deprecation of set-output
de29c8bda7 ci: kernel: trigger build check on changes in kernel.mk as well
b93a59352f CI: kernel: check if patch are refreshed for each target
d070707379 CI: bump actions/download,upload-artifact action to v3
69414201ae CI: bump actions/checkout action to v3
8c4e39eb08 CI: kernel: generate ccache cache on kernel push
303b784cc8 build: harden GitHub workflow permissions
b3e8d58151 Revert "build: harden GitHub workflow permissions"
431875b3df CI: kernel: use ccache to speedup workflow
8bbaa486cb CI: tools: compile tools with ccache support for tools container
c2df98c49c CI: Add workaround for github uppercase usernames
daeb367dc1 CI: use tools:latest container to speedup kernel workflow
fccf42cb05 CI: create Docker container containing compiled tools
047e68adb1 CI: use buildbot container for building
a69b9a8962 ci: show build failures directly in job log output
f2fb3ffd71 ci: move scripts into separate directory
7ff1477b3d CI: package kmods in kernel workflow
2f9b35624d CI: kernel: Cache external toolchain
1f13c8cd24 CI: kernel: Build all kernel modules
c3ed9f36ee CI: kernel: Checkout feeds from github
0987df4af1 CI: kernel: Show used OpenWrt configuration
f7affcd614 CI: kernel: Use downloads.cdn.openwrt.org
0f71cf7ab6 CI: kernel: Trigger workflow for more directories
586be47078 CI: run inside the buildbot docker container
0e46907ff5 CI: add Kernel compile tests
119c6573c4 CI: usability improvements for tools
ac7b1c8e94 build: handle directory with whitespace in AUTOREMOVE clean
439e19de96 scripts/ext-tools: introduce new script to install prebuilt tools
d419136ad5 build: make find_md5 reproducible with AUTOREMOVE
be2da47ced ath79: expand rootfs for DIR-825-B1 with unused space
087a2a4691 mac80211: Update to version 5.15.81
83c70346ac base-files: support "metric" in board.json
5167bcf2fc kernel: update U-Boot nvmem driver to v6.2 release version
bf1c4f1eba bcm4908: update DTS files with the latest changes
44fad4b1f6 bcm4908: fix Asus GT-AX6000 image
c45f44165b bcm4908: use upstream patches for Asus GT-AC5300 LEDs
7d63c39bf4 CI: labeler: fix wrong label for pr targeting stable branch
e516c31e14 CI: add support to tag pr targeting stable branch
8b95e14e32 Revert "CI: Add release/22.03 label to all pull requests"
ce1de42096 layerscape: Fix SPI-NOR issues with vendor patches
a704216259 mt76: move the mt7921 firmware to its own package
e7497d1083 CI: Add release/22.03 label to all pull requests
c43b5e71b8 CI: labeler: target major version of labeler action
008e9a335d build: harden GitHub workflow permissions
c7757810fc CI: include automatic Pull Request Labeler
2b5154214c ipq40xx: luma_wrtq-acn329: swap ethernet MAC addresses
68add5f364 ath79: mikrotik: use OpenWrt loader for initram image
a907c20340 kernel: add kmod-hwmon-sht3x support
a4af427d80 procd: service: pass all arguments to service
106fedd9ed ath79: fix MAC address assigment for TP-Link TL-WR740N/TL-WR741ND v4
8040f74f8d tools/patch: apply patch for EACCES on xattr copy
eda395a5e0 wolfssl: update to v5.5.3
0b22e87db0 ath79: D-Link DIR-825 B1 add factory.bin recipe
de6c3cca4d mbedtls: import patch to fix illegal instruction on mpc85xx
302ef2137d mt76: add firmware package for mt7916
844de50b7b ath79: disable image building for Ubiquiti EdgeSwitch 8XP
af0c128368 lantiq: add 6.1 tag to upstream patch
a4e8ff5ab4 lantiq: enable interrupts on second VPEs
dca73263a4 lantiq: xrx200: backport upstream network fixes
078bdc1856 kernel: bump 5.10 to 5.10.156
b7388191a5 kernel: bump 5.10 to 5.10.155
61e1f6541d kernel: modules: package Marvell gigE PHY driver
64da7c8af7 bcm27xx: fix CI build after config refresh
3564c22e46 bcm27xx: disable duplicate sdhost driver
353e468f47 kernel: support "linux,rootfs" DT property for splitting rootfs
b66037f53b bcm53xx: update DTS files with the latest changes
58a73b1135 kernel: improve description of NTFS kernel packages
932378aeb6 kernel: backport support for "linux,rootfs" in DT
af20d9d03b kernel: split out mtd hack for CONFIG_FIT_PARTITION + rootfs
8c1f8f9978 ipq40xx: ZTE MF286D: fix DEVICE_PACKAGES
54dc60e71d generic: fix unset symbol
c837fc9cdb kernel: bump 5.10 to 5.10.154
bbad2ee4de kernel: bump 5.10 to 5.10.153
d2ae7613b5 ramips: improve compatibility for Youku YK-L2 and YK-L1 series
9155d40513 ramips: gl-mt1300: downclock SPI to 50MHz
ca124d2e4b ramips: mt7621: use seama-lzma-loader for D-Link DIR-860L B1
fafc9448ae ramips: rt3883: use seama-lzma-loader for D-Link DIR-645
292d3f00c7 ramips: define lzma-loader recipe for SEAMA devices
d25e1a3bde ath79: fix MAC address assignment for TP-Link ar7241 devices
7fa6351310 tools/expat: update to 2.5.0
8122aa92fd ath79: add support for Linksys EA4500 v3
1133a8f805 ath79: add support to TrendNet TEW-673GRU
5725b773b4 qoriq: fix typo in FEATURES
615dbec223 mac80211: fix mesh airtime link metric estimation
a26f7e61e8 mac80211: fix issues with receiving small STP packets
bfeffb8aed mac80211: fix decap offload for stations on AP_VLAN interfaces
88c43b5887 hostapd: remove invalid dtim_period option processing
4628e7ae4d ramips: backport TP-Link RE200 v3/v4 LED fix
1d095c1d43 strace: replace PKG_CPE_ID
d84cf62000 strace: update to 5.19
8650f77314 strace: add nls.mk
0b80a7da58 strace: update to 5.18
faf9d20a21 strace: update to 5.17
e95b359eaa kernel: netsupport: Add FQ-PIE as an optional sched kmod and extract PIE
051c24c69a kernel: extract kmod-sched-act-ipt from kmod-sched
23ccc71c61 kernel: netsupport: Extract act_police
3ca45248fd kernel: netsupport: Add kmod-sched-act-sample
7ee55d82fc kernel: netsupport: Extract sched-prio and sched-red
31fd96bdbd kernel: netsupport: Add kmod-sched-drr
c61ed09228 kernel: netsupport: kmod-sched: Reorder packages
26b58991b0 ipq40xx: fix ZTE MF289F port mapping
71178a8506 ipq40xx: Fix wrong GPIO for internal status LED on ZTE MF289F
3e15a54bb0 ipq40xx: Add ZTE MF289F
7a77aacb31 uboot-envtools: Fix format of autogenerated sectors
b3b3428a0e openssl: bump to 1.1.1s
e313cd8d15 uboot-layerscape: adjust LS1012A-IOT config and env
77522d4eb7 dnsmasq: Backport DHCPv6 server fix (CVE-2022-0934)
13bd217821 busybox: awk: fix use after free (CVE-2022-30065)
fe5cd3c9d9 util-linux: Update to version 2.37.4
84b3eafe39 bcm4908: backport upstream BQL support for bcm4908_enet
0ff3adfa11 kernel: bump 5.10 to 5.10.152
0abcea19d7 kernel: bump 5.10 to 5.10.151
0667688a40 kernel: bump 5.10 to 5.10.150
fe58ee9057 ramips: Correct Unielec 01 and 06 dts wan macaddr byte location
6c5313d77c bcm4908: backport bcm4908_enet fix for NULL dereference
91e4a74fff bcm4908: optimize Ethernet driver by using build_skb()
b4bc9eb837 kernel: mtd: backport SafeLoader parser
18c77387c5 kernel: mtd: backport extended dynamic partitions support
2022-12-30 01:53:15 +01:00
Jan-Niklas Burfeind
8c1f5e9c9c
Merge pull request #2685 from T-X/v2022.1.x-pr-backport-bridge-mcast-wakeupcall
[Backport v2022.1.x] kernel: bridge: readding MLD wakeup call feature
2022-12-13 21:49:38 +01:00
Tom Herbers
8b35fab23e
modules: update openwrt
00d7702796 mac80211: Update to version 5.15.74-1
7a3d5959af ath79: fix reference clock for RouterBoard 912UAG
b5cb5f352d ramips: fix WAN mac address allocation for Unielec 01 and 06 models
ef5b1ffb9e ramips: rt3883: enable lzma-loader for Belkin F9K1109v1
b0ab21d9d0 ramips: mt7621: enable lzma-loader for Asus RT-N56U-B1
40465adbbf bcm53xx: enable Broadcom 4366b1 firmware for Asus RT-AC88U
b37ff14302 wireless-tools: add package CPE ID
69e6486136 ncurses: add package CPE ID
573606991e arm-trusted-firmware-sunxi: add package CPE ID
714345d35a libnftnl: add package CPE ID
e946d9aa9d octeon: fix imagebuilder generation by introducing generic target
6cffcb2e9f ath79: support Ruckus ZoneFlex 7321
85a7588c90 ath79: support Ruckus ZoneFlex 7372
08969f61b0 kernel: add kmod-nvme package
c1c85629b9 kernel: mtd: fix unbalanced of_node_put() in dynamic partitions code
5c0c01d226 kernel: bump 5.10 to 5.10.149
980aad01d1 kernel: bump 5.10 to 5.10.148
fb11c63511 kernel: bump 5.10 to 5.10.147
8fefd5c26c mt7621: hiwifi_hc5962: fix reboot loop by using LZMA loader
f59dcb92cf ucode: update to latest Git HEAD
f1d7f1c70f firewall4: update to latest Git HEAD
36a808b7bc mt7621: netgear_ex6150: fix reboot loop by using LZMA loader
12acecd114 OpenWrt v22.03.2: revert to branch defaults
ea845f76ea OpenWrt v22.03.2: adjust config defaults
9a599fee93 firewall4: update to latest Git HEAD
30de1b5031 ucode: update to latest Git HEAD
fa4ec03993 rpcd: update to latest Git HEAD

(cherry picked from commit 1a7acd4699)
2022-11-04 22:06:29 +01:00
Tom Herbers
51d5293ee6 patches: rebase MLD Querier wake up calls Android bug workaround (#2629)
[linus.luessing@c0d3.blue: updated hashes to v2022.1.x branch]
2022-10-22 19:58:47 +02:00
T-X
6244c59524 kernel: bridge: readding MLD wakeup call feature (#2365)
With the update to OpenWrt 21.02 the bridge MLD wakeup call feature was
removed. However the issue with Android devices and MLD is still
present. Therefore readding the bridge MLD wakeup call patch and porting
it to Linux 5.10 / OpenWrt 22.03.

Link: https://issuetracker.google.com/issues/149630944
Fixes: aab2b914b8 ("modules: switch to OpenWrt 21.02")
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2022-10-22 19:01:22 +02:00
David Bauer
f69be80ac3 modules: update openwrt
a7fb589e8a image: always rebuild kernel loaders
5db6914f7c mpc85xx: p1010: make TP-Link WDR4900 v1 build again
f7a43e4606 mpc85xx: add SPI kernel loader for TP-Link TL-WDR4900 v1
c1fcca50ba ramips: fix ZyXEL NWA55AXE model name
2050bc4f64 ramips: add support for ZyXEL NWA50AX / NWA55AXE
bc8e24c654 busybox: nslookup: ensure unique transaction IDs for the DNS queries

(cherry picked from commit c5e297e9c8)
2022-10-17 12:26:12 +00:00
Tom Herbers
a6d75c010e
modules: update openwrt
f579b8538b ath79: add low_mem to tiny image
4b5bd15091 ath79: move ubnt-xm to tiny
977f6f36a0 kernel: fix possible mtd NULL pointer dereference
562894b39d treewide: fix security issues by bumping all packages using libwolfssl
ce59843662 wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)
3d2be75b0c wolfssl: refresh patches
0c8425bf11 wolfssl: bump to 5.5.0
2c49ad36fb kernel: bump 5.10 to 5.10.146
f04515e7bd kernel: bump 5.10 to 5.10.145
a91f391b59 kernel: bump 5.10 to 5.10.144
25747a4c04 ramips: fix switch setup for ASUS RT-AX53U
23d23038dd uboot-mvebu: backport LibreSSL patches for older version of LibreSSL
1ff2993edb uboot-mvebu: backport patch to fix compilation on non glibc system
d30ddfbac4 ramips: enable LZMA loader to fix Linksys RE6500 boot
ed905fce58 tools/meson: backport WSL2 fix
e5ab159fbf firmware: intel-microcode: update to 20220809
938ae92675 toolchain: Include ./include/fortify for external musl toolchain
8f72f5e4c0 toolchain: Select USE_SSTRIP with external musl toolchain
4ad6925a9e scripts: ext-toolchain: add support for musl
65bd632069 scripts: ext-toolchain: add support for info.mk in probe_cc
b0622d1221 scripts: ext-toolchain: actually probe libc type on config generation
d1a6c35591 scripts: ext-toolchain: add option to overwrite config
24cf766dfe scripts: ext-toolchain: fix wrong prefix in print_config generation
18a88668b8 rules_mk: don't include wrapped bin with external toolchains
29927e347a rules_mk: use gcc versions for external toolchain
cd117f0596 bcm53xx: backport clk driver fix for DT nodes names
9dc46d6549 ath79: fix LibreRouter-v1 watchdog and poe_pass
0cb3a616e4 build: fix warnings from grep
463fe05d9e Makefile: fix stray \ warnings with grep-3.8
25d8b9cad6 build: fix issues with targets installed via feeds
74eeee1698 build: fix including modules.mk for targets pulled in from feeds
dafac183f3 mpc85xx: add patch to fix gpio mpc8xxx
7707b47c72 ramips: fix fw_setsys
f3ffb04a43 kernel: add missing symbol
2a6346725a bcm4908: fix -EPROBE_DEFER support in bcm4908_enet
700f5d2990 kernel: update U-Boot NVMEM driver
acc78a9cf6 bcm4908: backport mtd parser for Broadcom's U-Boot partition
b472753d79 mediatek: fix Unifi 6LR network config
c0b7b2049e mpc85xx: fix unset kernel symbols
7c459ac1d5 mac80211: rt2x00: experimental improvements for MT7620 wifi
d004110ef7 mac80211: rt2x00: fix typo
0755c18ff1 mac80211: add patch descriptions to rt2x00 patches
7a26f40217 mediatek: fix ledbar of UniFi 6 LR when running custom U-Boot
f54d4ea0bb ramips: add support for Ubiquiti UniFi FlexHD
a28ccd58ed ath79: Make patches apply again
2419546cee generic: move ledbar driver from mediatek target
420a86436f mediatek: add led count
40610c5322 mediatek: add initialization after reset
26cd0c1ee9 mediatek: add support for reset gpio
b5665a0045 mediatek: support reading more than one byte of response
cd0283788f mediatek: cast literal value to char
a2d251573b mediatek: correctly log i2c response
7366ee86ef mediatek: remove gpiod_direction_output()
ba6c780acb mediatek: do not use gpiod_set_raw_value()
745d3cd4aa kernel: modules: package kmod-crypto-essiv
a3f9b42789 mediatek: fix typo in bpi-r64 image recipe
29c5d5d3da mediatek: bpi-r64: make initramfs/recovery optional
d10352917b ramips: fix GB-PC1 and GB-PC2 LEDs
0c9833d0e0 wireless-regdb: update to 2022-08-12
be4abbd84a kernel: bump 5.10 to 5.10.143
4e05e7dddf kernel: bump 5.10 to 5.10.142
1b0db300cb kernel: bump 5.10 to 5.10.141
bf65d2dcba kernel: bump 5.10 to 5.10.139
e7ef88ff1d kernel: build crypto md5/sha1/sha256 modules for powerpc
2022-10-06 16:21:33 +02:00
Tom Herbers
1fa9c28d4d
modules: update openwrt
d1f14d17aa ramips: fix GB-PC1 and GB-PC2 device support
0197cc553a hostapd: fix WPA3 enterprise keys and ciphers
567f64df57 iwinfo: update to latest HEAD
f543588812 iproute2: Fix KERNEL_INCLUDE in SDK
8de88a2aa9 umbim: bump to git HEAD
e0832778a3 mt76: update to the latest version
da3dc96b64 netifd: update to the latest version
237f8e2cfc netifd: update to git HEAD
8a9733ee0d rpcd: bump version to 2022-08-24
8f4a2e4234 rpcd: update to latest Git HEAD
f92ac40ebd uhttpd: update to latest Git HEAD
d4f20964ff ucode: update to latest Git HEAD
469db326ac nftables: fix parsing date expressions
fd268e3973 firewall4: update to latest Git HEAD
296c9aeb39 ipq806x: add missing scaling_available_frequencies for dedicated cpufreq
97213c7335 mac80211: parse the correct set of HE capabilities for AP mode
2022-08-27 15:52:24 +02:00
Tom Herbers
af579e9906
modules: update openwrt
ecd8f7e294 ramips: get MAC addr from the encrypted partition (WG4хх223)
290ace2fe6 base-files: add mtd_get_mac_encrypted_arcadyan function
d94a28f7d2 uencrypt: add package to decrypt WG4хх223 config
bfb37d363c odhcp6c: update to git HEAD
464f349fad ramips: allow custom trx magic for Arcadyan
7edaae16db ramips: create new dtsi for Arcadyan routers
206581018c ramips: add support for MTS WG430223
1320a78aab ramips: add support for ASUS RT-AX53U
e06f97eb33 mvebu: backport pending Turris Omnia LEDs improvements
93ac163dea mvebu: backport DTS changes for Turris Omnia from mvebu/dt
659bb7638d mpc85xx: enable NAND support for all subtargets
89b7714cf6 kernel: add kmod-leds-turris-omnia
5e39f37caa toolchain: Update glibc 2.34 to recent HEAD
da7e9b201e build: add support for python3.11 and higher
dfe5c23592 iwinfo: update to latest HEAD
1d16b928b3 ath25: fix initramfs image generation
2728d13030 ath25: fix ELF image generation
46e62907f1 kernel: bump 5.10 to 5.10.136
be29de706c kernel: bump 5.10 to 5.10.135
6c901ec97d kernel: Backport upstream flowtable patches from 5.15
6a638c134d pkg-config: always use correct path for pkg-config.real
1c7a167366 kernel: kmod-phy-smsc: Add new PHY
fd4a354f3e kernel: kmod-phy-ax88796b: Add new PHY
13d66ef33f kernel: kmod-ipt-ulog: Remove package
534e256c02 kernel: kmod-nft-nat6: Remove package
2a6fa77b77 kernel: ipt-ipset: Add ipset/ip_set_hash_ipmac.ko
fc05102d51 kernel: netsupport: kmod-sched: explicitly define included modules
3b51f74a91 kernel: netsupport: kmod-sched: Add kmod-lib-textsearch dependency
9727b71147 kernel: netsupport: kmod-sched: Remove sch_fq_codel and sch_fifo
0038e96c27 arm-trusted-firmware-mediatek: skip bad blocks on SPI-NAND (SNFI)
5c69416246 fstools: add uci fstab section to conffiles for package block-mount
0855549b4b kernel: scale nf_conntrack_max more reasonably
0179ba7851 dnsmasq: fix jail_mount for serversfile
2022-08-20 15:37:27 +02:00
Tom Herbers
2fd9b8aa19
modules: update openwrt
8b6b73d0e8 wolfssl: make shared again
7ca89e1187 kernel: bump 5.10 to 5.10.134
1db4f5cba3 x86: update defconfig for 5.10.133
762703d397 kernel: bump 5.10 to 5.10.133
aedcbaae37 kernel: bump 5.10 to 5.10.132
a409bd7705 octeon: add SUPPORTED_DEVICES to er/erlite
e0d3dc5de1 uboot-bcm4908: include SoC in output files
066547b974 bcm4908: build bootfs image per-SoC
506432a783 lantiq: fix network port GPIO settings for Fritzbox 3390
ee27a2b706 ipq806x: Archer VR2600: fix switch ports numbering
f2c12b8940 layerscape: update PKG_HASH / PKG_MIRROR_HASH
bddfd3f7ed sdk: add spidev-test to the bundle of userspace sources
396dc89ee7 realtek: correct egress frame port verification
f8a44c22d4 realtek: correct egress frame priority assignment
4da0b5a786 realtek: fix egress L2 learning on rtl839x
8614b8eb5f realtek: fix egress port mask on rtl839x
c240fed242 ramips: add support for Netgear WAX202
d5858c6d97 image: add support for Netgear encrypted image
a1068f77c9 wolfssl: Do not activate HW acceleration on armvirt by default
dbe19b1041 libpcap: fix PKG_CONFIG_DEPENDS for rpcapd
a12eb71c88 wolfssl: WOLFSSL_HAS_WPAS requires WOLFSSL_HAS_DH
41fa086e6f kernel: Refresh kernel patches
aa237757e0 kernel: bump 5.10 to 5.10.131
a51f54b41d kernel: bump 5.10 to 5.10.130
f14122f8e6 kernel: bump 5.10 to 5.10.129
73ef008ea6 kernel: bump 5.10 to 5.10.128
cb9a69807e firewall3: bump to latest git HEAD
8ccd657629 mt7622: remove 300 MHz from dts
606fc4cd81 bcm4908: use upstream-accepted watchdog patches
7eda42a3f3 bcm4908: backport latest DT patches
187f5147d3 kernel: update leds-bcm63138 driver
f1fc90e5a1 kernel: backport LEDs driver for BCMBCA devices
a8001815a6 opkg: update to 2022-02-24
479890083d firmware: intel-microcode: update to 20220510
c5ee4b7863 openssl: bump to 1.1.1q
ade7c6db1e wolfssl: bump to 5.4.0
409534860f ath79: bsap18x0: pad rootfs image
1be4cad669 ath79: ja76pf2: use nvmem cells to specify MAC addresses
94530067ad ath79: move image check for devices with RedBoot
8e09f9ffc3 ath79: switch some RedBoot based devices to OKLI loader
01b8cd3200 rockchip: reliably distribute net interrupts
4fb05e45df wolfssl: re-enable AES-NI by default for x86_64
ec9f82fa18 mac80211: fix AQL issue with multicast traffic
945b13e369 realtek: build sane factory images for DGS-1210 models
3fbf45bd09 realtek: build factory images for all DGS-1210 models
128575d0fd realtek: rename u-boot-env2 to board-name
9081098273 scripts: fix CAMEO tag generator
87e58a43ea realtek: build DGS-1210 images with CAMEO tag
b151362d19 scripts: add CAMEO tag generator
72466aaeb9 realtek: add DGS-1210-28 factory image
b2876e6a3a scripts: add cameo image header generator
8b4169f1c9 bcm53xx: use -falign-functions=32 for kernel compilation
e291e49da3 bcm53xx: enable & setup packet steering
5359a8ca38 bcm53xx: disable GRO by default at kernel level
027f7b18b9 bcm53xx: revert bgmac back to the old limited max frame size
bd826dc9f9 kernel: drop patch adding hardcoded kernel compilation flags
da7c57b086 kernel: support setting extra CFLAGS for kernel compilation
614a420084 kernel: use KCFLAGS for passing EXTRA_OPTIMIZATION flags
2022-07-31 13:49:45 +02:00
David Bauer
17156cc06b lantiq-xrx200: make DSA images swconfig upgradable
Update the device-support version for image-metadata so that older Gluon
versions not implementing skipping minor compat-version checks are able
to update to newer Gluon versions.

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-07-05 23:49:49 +02:00
David Bauer
82571e3fee ramips: add MT7621 WiFi devpath migration
Add a migration script to migrate the device path of PCIe WiFi hardware
from OpenWrt 19.07 to the one used with OpenWrt 21.02+.

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-06-26 02:13:30 +02:00
David Bauer
8e8aa0c846 openwrt: make DSA images upgradable from swconfig
Set the compat-version of the sysupgrade image to 1.0 in order to allow
upgrades from Gluon-sources which are based on swconfig and do not
ignore mismatching minor compat-versions.

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-06-26 02:13:30 +02:00
Matthias Schiffer
8ebba2350a
modules: update OpenWrt packages
948ea0e9c046 ecdsautils: update to v0.4.1
97333939dbcc hwdata: update to version 0.359
22c8efd9377c tor: bump to 0.4.7.7 stable
241e70f5fd84 etherwake-nfqueue: swap iptables for nftables dependency
61e0ee2e8e30 rclone: Update to 1.58.1
a8374c48e14f apfree-wifidog: fix compile error
2af08fe724f3 gst1-libav: fix compilation with ffmpeg5
419054a05f56 libtorrent-rasterbar: Update to 2.0.6

With the update to ecdsautils 0.4.1, we can remove the downstream patch
again.
2022-05-05 20:08:12 +02:00
Matthias Schiffer
5e6bac4e52
ecdsautils: verify: fix signature verification (CVE-2022-24884)
A vulnerability was found in ecdsautils which allows forgery of ECDSA
signatures. An adversary exploiting this vulnerability can create an update
manifest accepted by the autoupdater, which can be used to distribute
malicious firmware updates by spoofing a Gluon node's connection to the
update server.
2022-05-03 20:35:16 +02:00
David Bauer
e453b503bd modules: switch to OpenWrt 22.03 2022-04-30 16:35:05 +02:00
David Bauer
70ed8ea18b modules: update openwrt
5b7d01b427 iwinfo: update to latest HEAD
39aaec62ca hostapd: refresh patches
e2030fcfa7 hostapd: add ubus link-measurements notifications
1a2940f68e hostapd: add ubus method for requesting link measurements
b4a9597154 hostapd: add support for enabling link measurements
5a18028c69 iwinfo: update to latest HEAD
b519d76276 iwinfo: update to latest Git head
01cc5e195d iwinfo: update to latest Git HEAD
44781b265c iwinfo: update to the latest version
f7c445aa7d iwinfo: update to the latest version
75cbd8de00 wolfssl: fix compilation with /dev/crypto
1418439da9 kernel: add missing config symbols
39f1815b3e mac80211: fix QCA9561 PA bias
1769e3162e ramips: mt7620: disable SOC VLANs for external switches
30e47fb1e4 ramips: mt7620: ethernet: use more macros and bump version
3f976d0225 ramips: mt7620: fix RGMII TXID PHY mode
6685eb29e5 ramips: mt7620: add ephy-disable option to switch driver
47db830b82 ramips: mt7620: move mt7620_mdio_mode() to ethernet driver
6876465875 ramips: mt7620: use DTS to set PHY base address for external PHYs
5d7805c78b ramips: mt7620: allow both internal and external PHYs
01bbed7444 ramips: mt7620: fix ethernet driver GMAC port init
6491212ea7 ramips: mt7620: remove useless GMAC nodes
a14c2d409c ramips: mt7620: simplify DTS properties for GMAC
c652a06eef ramips: mt7620: enable autonegotiation for all ports
08ec622c46 ramips: make PHY initialization more descriptive
4123f177f9 ramips: add support for the Wavlink WL-WN579X3
92af15077f ramips: split Youku YK1 to YK-L1 and YK-L1c
55f8eb84d2 ramips: improve pinctrl for Youku YK-L1
92489b4f82 ramips: speed up spi frequency for Youku YK-L1
bea1891182 ramips: remove obsolete mx25l25635f compatible hack
6c44b157e5 mvebu: kernel: enable CONFIG_BLK_DEV_NVME
f0f9b7ac5c OpenWrt v21.02.3: revert to branch defaults
42a15ca378 OpenWrt v21.02.3: adjust config defaults
1d4dea6d4f ath79: Move TPLink WPA8630Pv2 to ath79-tiny target
41a97c2074 bcm27xx: add AMP2 to HifiBerry DAC+ / DAC+ Pro package
9a765554f4 ath79: add support for MikroTik RouterBOARD mAP lite
2cc9ee8000 ath79: add support for Yuncore A930
06874171d1 ath79: add support for Yuncore XD3200
c5ef62a218 wolfssl: bump to 5.2.0
99b00edf35 mac80211: Update to version 5.10.110-1
9132344444 bpftools: fix feature override for masking clang
169c9e3a88 ramips: fix reboot for remaining 32 MB boards
39bf2aee0e kernel: bump 5.4 to 5.4.188
3008f1f441 imagebuilder: fix broken image generation with external targets
2022-04-27 13:57:23 +02:00
Sven Eckelmann
979cc0a2ed ath79-generic: Add support for OpenMesh OM5P-AN
Device specifications:
======================

* Qualcomm/Atheros AR9344 rev 2
* 560/450/225 MHz (CPU/DDR/AHB)
* 64 MB of RAM
* 16 MB of SPI NOR flash
  - 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 1T1R 2.4 GHz Wi-Fi
* 2T2R 5 GHz Wi-Fi
* 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default)
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* TI tmp423 (package kmod-hwmon-tmp421) for temperature monitoring
* 2x ethernet
  - eth0
    + AR8035 ethernet PHY
    + 10/100/1000 Mbps Ethernet
    + 802.3af POE
    + used as LAN interface
  - eth1
    + 10/100 Mbps Ethernet
    + builtin switch port 1
    + 18-24V passive POE (mode B)
    + used as WAN interface
* 12-24V 1A DC
* internal antennas

Flashing instructions:
======================

Various methods can be used to install the actual image on the flash.
Two easy ones are:

ap51-flash
----------

The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.

initramfs from TFTP
-------------------

The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):

    setenv serverip 192.168.1.21
    setenv ipaddr 192.168.1.1
    tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr

The actual sysupgrade image can then be transferred (on the LAN port) to the
device via

    scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/

On the device, the sysupgrade must then be started using

    sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
2022-03-21 09:37:03 +01:00
Sven Eckelmann
6e35f6b95a ath79-generic: Add support for OpenMesh OM5P-AC v1
Device specifications:
======================

* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
  - 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 2T2R 2.4 GHz Wi-Fi (11n)
* 2T2R 5 GHz Wi-Fi (11ac)
* 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* TI tmp423 (package kmod-hwmon-tmp421) for temperature monitoring
* 2x ethernet
  - eth0
    + AR8035 ethernet PHY (RGMII)
    + 10/100/1000 Mbps Ethernet
    + 802.3af POE
    + used as LAN interface
  - eth1
    + AR8035 ethernet PHY (SGMII)
    + 10/100/1000 Mbps Ethernet
    + 18-24V passive POE (mode B)
    + used as WAN interface
* 12-24V 1A DC
* internal antennas

Flashing instructions:
======================

Various methods can be used to install the actual image on the flash.
Two easy ones are:

ap51-flash
----------

The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.

initramfs from TFTP
-------------------

The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):

    setenv serverip 192.168.1.21
    setenv ipaddr 192.168.1.1
    tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr

The actual sysupgrade image can then be transferred (on the LAN port) to the
device via

    scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/

On the device, the sysupgrade must then be started using

    sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin

Gluon image name change
=======================

The device had the image name "openmesh-om5p-ac" in older versions of Gluon.
This had to be changed with the new name in the device trees of the ath79
device tree.
2022-03-21 09:37:03 +01:00
Sven Eckelmann
47eda6a501 ath79-generic: Add support for OpenMesh OM2P v1
Device specifications:
======================

* Qualcomm/Atheros AR7240 rev 2
* 350/350/175 MHz (CPU/DDR/AHB)
* 32 MB of RAM
* 16 MB of SPI NOR flash
  - 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 2x 10/100 Mbps Ethernet
* 1T1R 2.4 GHz Wi-Fi
* 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default)
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 2x fast ethernet
  - eth0
    + 18-24V passive POE (mode B)
    + used as WAN interface
  - eth1
    + builtin switch port 4
    + used as LAN interface
* 12-24V 1A DC
* external antenna

The device itself requires the mtdparts from the uboot arguments to
properly boot the flashed image and to support dual-boot (primary +
recovery image). Unfortunately, the name of the mtd device in mtdparts is
still using the legacy name "ar7240-nor0" which must be supplied using the
Linux-specfic DT parameter linux,mtd-name to overwrite the generic name
"spi0.0".

Flashing instructions:
======================

Various methods can be used to install the actual image on the flash.
Two easy ones are:

ap51-flash
----------

The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.

initramfs from TFTP
-------------------

The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):

    setenv serverip 192.168.1.21
    setenv ipaddr 192.168.1.1
    tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr

The actual sysupgrade image can then be transferred (on the LAN port) to the
device via

    scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/

On the device, the sysupgrade must then be started using

    sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin

Gluon image name change
=======================

The device had the image name "openmesh-om2p" in older versions of Gluon.
This had to be changed with the new name in the device trees of the ath79
device tree.
2022-03-21 09:37:03 +01:00
Sven Eckelmann
767b4123cf ath79-generic: Add support for OpenMesh A40
Device specifications:
======================

* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
  - 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 2T2R 2.4 GHz Wi-Fi (11n)
* 2T2R 5 GHz Wi-Fi (11ac)
* multi-color LED (controlled via red/green/blue GPIOs)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 2x ethernet
  - eth0
    + Label: Ethernet 1
    + AR8035 ethernet PHY (RGMII)
    + 10/100/1000 Mbps Ethernet
    + 802.3af POE
    + used as WAN interface
  - eth1
    + Label: Ethernet 2
    + AR8035 ethernet PHY (SGMII)
    + 10/100/1000 Mbps Ethernet
    + used as LAN interface
* 1x USB
* internal antennas

Flashing instructions:
======================

Various methods can be used to install the actual image on the flash.
Two easy ones are:

ap51-flash
----------

The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.

initramfs from TFTP
-------------------

The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):

    setenv serverip 192.168.1.21
    setenv ipaddr 192.168.1.1
    tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr

The actual sysupgrade image can then be transferred (on the LAN port) to the
device via

    scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/

On the device, the sysupgrade must then be started using

    sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
2022-03-21 09:37:03 +01:00
Sven Eckelmann
df114faec0 ath79-generic: Add support for OpenMesh A60
Device specifications:
======================

* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
  - 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 3T3R 2.4 GHz Wi-Fi (11n)
* 3T3R 5 GHz Wi-Fi (11ac)
* multi-color LED (controlled via red/green/blue GPIOs)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 2x ethernet
  - eth0
    + Label: Ethernet 1
    + AR8035 ethernet PHY (RGMII)
    + 10/100/1000 Mbps Ethernet
    + 802.3af POE
    + used as WAN interface
  - eth1
    + Label: Ethernet 2
    + AR8031 ethernet PHY (SGMII)
    + 10/100/1000 Mbps Ethernet
    + used as LAN interface
* 1x USB
* internal antennas

Flashing instructions:
======================

Various methods can be used to install the actual image on the flash.
Two easy ones are:

ap51-flash
----------

The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.

initramfs from TFTP
-------------------

The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):

    setenv serverip 192.168.1.21
    setenv ipaddr 192.168.1.1
    tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr

The actual sysupgrade image can then be transferred (on the LAN port) to the
device via

    scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/

On the device, the sysupgrade must then be started using

    sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
2022-03-21 09:37:03 +01:00
Matthias Schiffer
31124ac687
patches: refresh "packages" patches (#2400) 2022-02-23 21:50:15 +01:00
David Bauer
428b8afb92
Merge pull request #2186 from freifunk-gluon/fastd-l2tp
fastd: add L2TP offload support
2022-02-23 19:03:19 +01:00
Martin Weinelt
545d1cbb11
patches: build perl single-threaded (#2392)
Prevents spurious build failures.
2022-02-11 21:40:22 +01:00
Matthias Schiffer
487d312d25
fastd: update and add L2TP variant
This also drops the GMAC-based methods from gluon-mesh-vpn-fastd's
check_site.lua, as they are not supported anymore.
2022-02-08 21:01:42 +01:00
Matthias Schiffer
1e50966b84
kernel: drop obsolete ebtables patches
We are on Linux 5.4, so these patches for Linux 4.14 don't do anything.
2022-01-23 11:39:02 +01:00
Matthias Schiffer
0db3c58329
modules: update OpenWrt base
97b95ef8b918 uci: update to the latest master

Replace the downstream UCI patch with a proper OpenWrt 21.02 backport.
2022-01-23 11:36:08 +01:00
lemoer
3f7c0b3ae8
gluon-mesh-vpn-wireguard: add package (#2168)
The address of the vpn interface is calculated in the style of
modified EUI-64, based on a virtual mac address. This virtual mac
address consists of 0x00 as first byte and the other five bytes
are taken from the first bytes of md5sum(base64 encoded public key).

The algorithm was taken by the ffmuc, with a slight difference. ffmuc
calculated the result of md5sum(base64 encoded public key + '\n')
which was interpreted as accidential fault and therefore dropped.

Example:
- Public-Key: "gP3VJnTTvnQut+z4O+m0N9RgMyXbgyUbUkF3E3TKX2w="
- Address: "fe80::02ca:b8ff:fedc:2eb3"

The following interfaces are used for wireguard:
- wg_mesh  -> wireguard interface
- mesh-vpn -> vxlan iface on top of wg_mesh

If you use this new feature, make sure the NTP servers in your site
config are publicly reachable. This is necessary, since wireguard
requires correct time before the vpn connection is established.
Therefore gluon performs ntp time synchronisation via WAN before it
establishes the vpn connection. Therefore the NTP servers have to
be publicly reachable (and not only via mesh).
2021-09-15 01:25:59 +02:00
David Bauer
aab2b914b8 modules: switch to OpenWrt 21.02 2021-06-21 16:28:15 +02:00
Linus Lüssing
cb505a354a batman-adv: Introduce no noflood mark
This mark prevents a multicast packet being flooded through the whole
mesh. The advantage of marking certain multicast packets via e.g.
ebtables instead of dropping is then the following:

This allows an administrator to let specific multicast packets pass as
long as they are forwarded to a limited number of nodes only and are
therefore creating no burdon to unrelated nodes.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2021-05-01 22:33:59 +02:00
David Bauer
429223b99f modules: update OpenWrt
fec1aa6dfb mt76: update to the latest version
224fa47bf9 ramips: mark toggle input on EX6150 as a switch
3a05aa17db mac80211: Remove 357-mac80211-optimize-skb-resizing.patch
171d8bce0c ramips: remove factory image for TP-Link Archer C2 v1
2eb8444363 ath79: fix USB power GPIO for TP-Link TL-WR810N v1
d5a8e85878 wolfssl: Backport fix for CVE-2021-3336
cf5e5204d9 bcm63xx: sprom: override the PCI device ID
4465b44fc1 kernel: bump 4.14 to 4.14.219
4b9ade65ec bcm63xx: R5010UNv2: fix flash partitions for 16MB flash
ab9cb390be hostapd: fix P2P group information processing vulnerability
1e90091c5d opkg: update to latest git HEAD of branch openwrt-19.07
312c05611b kernel: bump 4.14 to 4.14.218
3100649458 wolfssl: enable HAVE_SECRET_CALLBACK
e9d2aa9dc6 wolfssl: Fix hostapd build with wolfssl 4.6.0
2044c01de8 wolfssl: Update to v4.6.0-stable
5ac0b2b431 mvebu: omnia: make initramfs image usable out of the box
2021-02-15 01:29:38 +01:00
David Bauer
39c1f67236 modules: update OpenWrt
a7a207e18b mt76: update to the latest version
1ce5008597 wireguard: Fix compile with kernel 4.14.217
2ecb22dc51 kernel: bump 4.14 to 4.14.217
11f4918ebb dnsmasq: backport fixes
9999c87d3a netifd: fix IPv6 routing loop on point-to-point links
250dbb3a60 odhcp6c: fix IPv6 routing loop on point-to-point links
d816c6cd31 kernel: bump 4.14 to 4.14.216
c21d59dc11 imagebuilder: pass IB=1 on checking requirements
2021-02-01 13:16:18 +01:00
Linus Lüssing
13cb7504f4 kernel: bridge: Fix a deadlock when enabling multicast snooping
[ Upstream commit 851d0a73c90e6c8c63fef106c6c1e73df7e05d9d ]

From: Joseph Huang <Joseph.Huang@garmin.com>

When enabling multicast snooping, bridge module deadlocks on multicast_lock
if 1) IPv6 is enabled, and 2) there is an existing querier on the same L2
network.

The deadlock was caused by the following sequence: While holding the lock,
br_multicast_open calls br_multicast_join_snoopers, which eventually causes
IP stack to (attempt to) send out a Listener Report (in igmp6_join_group).
Since the destination Ethernet address is a multicast address, br_dev_xmit
feeds the packet back to the bridge via br_multicast_rcv, which in turn
calls br_multicast_add_group, which then deadlocks on multicast_lock.

The fix is to move the call br_multicast_join_snoopers outside of the
critical section. This works since br_multicast_join_snoopers only deals
with IP and does not modify any multicast data structures of the bridge,
so there's no need to hold the lock.

Steps to reproduce:
1. sysctl net.ipv6.conf.all.force_mld_version=1
2. have another querier
3. ip link set dev bridge type bridge mcast_snooping 0 && \
   ip link set dev bridge type bridge mcast_snooping 1 < deadlock >

A typical call trace looks like the following:

[  936.251495]  _raw_spin_lock+0x5c/0x68
[  936.255221]  br_multicast_add_group+0x40/0x170 [bridge]
[  936.260491]  br_multicast_rcv+0x7ac/0xe30 [bridge]
[  936.265322]  br_dev_xmit+0x140/0x368 [bridge]
[  936.269689]  dev_hard_start_xmit+0x94/0x158
[  936.273876]  __dev_queue_xmit+0x5ac/0x7f8
[  936.277890]  dev_queue_xmit+0x10/0x18
[  936.281563]  neigh_resolve_output+0xec/0x198
[  936.285845]  ip6_finish_output2+0x240/0x710
[  936.290039]  __ip6_finish_output+0x130/0x170
[  936.294318]  ip6_output+0x6c/0x1c8
[  936.297731]  NF_HOOK.constprop.0+0xd8/0xe8
[  936.301834]  igmp6_send+0x358/0x558
[  936.305326]  igmp6_join_group.part.0+0x30/0xf0
[  936.309774]  igmp6_group_added+0xfc/0x110
[  936.313787]  __ipv6_dev_mc_inc+0x1a4/0x290
[  936.317885]  ipv6_dev_mc_inc+0x10/0x18
[  936.321677]  br_multicast_open+0xbc/0x110 [bridge]
[  936.326506]  br_multicast_toggle+0xec/0x140 [bridge]

Fixes: 4effd28c1245 ("bridge: join all-snoopers multicast address")
Signed-off-by: Joseph Huang <Joseph.Huang@garmin.com>
Acked-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Link: https://lore.kernel.org/r/20201204235628.50653-1-Joseph.Huang@garmin.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[linus.luessing@c0d3.blue: backported to 4.4]
2021-01-25 03:16:06 +01:00
Sven Eckelmann
50537e5474 ipq40xx: add support for Plasma Cloud PA2200
This device is a dual 5GHz device. It is recommended to manually change the
radio of the first device to the lower 5GHz channels and the second radio
to the upper 5GHz channels
2021-01-13 08:28:12 +01:00
Sven Eckelmann
17baf0f415 ipq40xx: add support for Plasma Cloud PA1200 2021-01-13 08:28:12 +01:00
David Bauer
db9768310a
Merge pull request #2153 from FreifunkVogtland/pa300
ath79: Add support for Plasma Cloud PA300(E)
2021-01-12 15:22:03 +01:00
Sven Eckelmann
6e2faecb4e ath79: add support for Plasma Cloud PA300E 2021-01-10 09:06:02 +01:00
Sven Eckelmann
a9039229d6 ath79: add support for Plasma Cloud PA300 2021-01-10 09:05:58 +01:00
David Bauer
604087fae3 modules: refresh OpenWrt patches
Fixes commit fb8cd562f6 ("modules: update OpenWrt")
2020-12-07 04:27:11 +01:00
David Bauer
5ee379bbb8 Revert "openwrt: revert kernel: add netfilter-actual-sk patch"
This reverts commit 94736703ae.

Bumping the packages feed fixes the xtables-addons build.
2020-12-06 01:08:33 +01:00
Martin Weinelt
94736703ae
openwrt: revert kernel: add netfilter-actual-sk patch
During the update of openwrt-19.07 in 435c5196 a breaking change was
introduced. Let's revert it for now so the master branch builds again.
2020-12-06 00:22:07 +01:00
Matthias Schiffer
53f5b8098c
fastd: reorganize patches for easier backporting
Gluon v2020.2.x uses fastd v19, so we keep that in a separate patch. The
fastd memory leak fix from v18 is not removed in this patch anymore, as
the fix is needed for v19 as well.

The v20 and v21 patches are squashed into one, as they aren't backports
anymore after the rebase onto current openwrt-19.07.
2020-10-19 23:13:50 +02:00
David Bauer
d97c518da9 packages: fastd: update to v21 2020-10-19 22:53:58 +02:00
David Bauer
65e5aeed2c modules: bump OpenWrt packages
a2673dc53 fastd: fix buffer leak when receiving invalid packets
51bf00834 logrotate: update to version 3.17.0
8715cef64 logrotate: update to 3.16.0
acb77d5be python3: Update to 3.7.9, refresh/remove backported patches
4af889f20 travelmate: bugfix single radio mode
cb3bab180 netdata: update to version 1.26.0
70bb0b4c8 bind: update to version 9.16.7
d05698fae freeradius3: move "release_" from PKG_VERSION
93360e625 freeradius3: add meta-package for default modules
2f7338b62 python-urllib3: update to version 1.25.10 (security fix)
50a67ed74 nextdns: Update to version 1.8.6
b48575ef4 chrony: update to 3.5.1
35e6986a0 nextdns: mark /etc/config/nextdns as configuration file
418e3b294 simple-adblock: config update file fix
9ac587ca8 libuv: update to 1.40.0
613d21085 nano: update to 5.3
992746571 btrfs-progs: update to version 5.7
cedba1ca2 btrfs-progs: update to version 5.6
25b2751f8 python-pytz: update to 2019.03
f3b424139 adblock: refresh blocklist sources
ec628b10d syslog-ng: bump version in config file
d0a74afad syslog-ng: tweak shell code of network_localhost little bit
f705a5a93 python-sentry-sdk: Update to version 0.12.3
2976a5a0e haproxy: Update HAProxy to v2.0.18
eec7bd646 tor: update to version 0.4.4.5
91af4cf72 mariadb: Update to the latest version from 10.2 branch
9461ae47a Werkzeug: Update to version 0.16.0
f9d9ae8c8 Flask: update to version 1.1.2
4a833e3a8 Flask: Update to version 1.1.1
a4534f160 gstreamer1: enable build options necessary for most applications
8a71cdd6a python-ifaddr: update to version 0.1.7
05ea7dfc6 nextdns: Update to version 1.8.5
9069ad925 ipmitool: fix CVE-2020-5208
826fc8921 nextdns: Update to version 1.8.4
ac7f78285 openconnect: updated to 8.10 to address CVE-2020-12823
3f0e26637 python-zeroconf: update to version 0.28.0
fe7ceaa65 python-zeroconf: update to version 0.24.4
49459505e mwan3: fix typo in mwan3_set_sticky_iptables
cae961784 ocserv: include ocserv-worker
2af61c9a4 vpnbypass: README update, code cleanup
b00feac4b ocserv: updated to 1.1.1
c614914da miniupnpd: add miniupnpd ipv6_disable option, #11971 close
70e57317b simple-adblock: add config auto-update feature
94866d76a collectd: update to 5.12.0
b60fa2de9 collectd: update PKG_RELEASE
aeefbbe34 collectd: remove quotation on interval this is an number
b0ad32a3e collectd: move include line
fbe7abcd5 collectd: update PKG_RELEASE
f53b79ced collectd: fix ubi data source type
67a403bfe collectd: add ubi uci and plugin info
37335cf65 collectd: enable ubi plugin
2020-10-19 22:51:56 +02:00
David Bauer
88ec9cbedf
mt76: mt7603: add additional EEPROM chip ID (#2133)
Some newer MT7628 based routers (notably the TP-Link Archer C50 v4) are
shipped with a chip-id of 0x7600 in the on-flash EEPROM. Add this as a
possible valid ID.

This fixes unstable WiFi on some units of the TP-Link Archer C50 v4.
2020-10-17 13:58:45 +02:00
Matthias Schiffer
463c1f49c8
fastd: update to v20 2020-10-10 19:14:12 +02:00
Linus Lüssing
b2add48d2a kernel: bridge: Implement MLD Querier wake-up calls / Android bug workaround
Implement a configurable MLD Querier wake-up calls "feature" which
works around a widely spread Android bug in connection with IGMP/MLD
snooping.

Currently there are mobile devices (e.g. Android) which are not able
to receive and respond to MLD Queries reliably because the Wifi driver
filters a lot of ICMPv6 when the device is asleep - including
MLD. This in turn breaks IPv6 communication when MLD Snooping is
enabled. However there is one ICMPv6 type which is allowed to pass and
which can be used to wake up the mobile device: ICMPv6 Echo Requests.

If this bridge is the selected MLD Querier then setting
"multicast_wakeupcall" to a number n greater than 0 will send n
ICMPv6 Echo Requests to each host behind this port to wake
them up with each MLD Query. Upon receiving a matching ICMPv6 Echo
Reply an MLD Query with a unicast ethernet destination will be sent
to the specific host(s).

Link: https://issuetracker.google.com/issues/149630944
Link: https://github.com/freifunk-gluon/gluon/issues/1832

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2020-10-08 20:06:24 +02:00