OSDN Git Service

immortalwrt/immortalwrt.git
2 months agoImmortalWrt v21.02.1: adjust config defaults v21.02.1
Tianling Shen [Sat, 9 Jul 2022 02:47:07 +0000 (10:47 +0800)]
ImmortalWrt v21.02.1: adjust config defaults

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 months agodefault-settings: ImmortalWrt 21.02.1
Tianling Shen [Sat, 9 Jul 2022 02:46:05 +0000 (10:46 +0800)]
default-settings: ImmortalWrt 21.02.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 months agoMerge Official Source
Tianling Shen [Sat, 9 Jul 2022 02:44:15 +0000 (10:44 +0800)]
Merge Official Source

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 months agobcm53xx: use -falign-functions=32 for kernel compilation
Rafał Miłecki [Sun, 3 Jul 2022 11:22:00 +0000 (13:22 +0200)]
bcm53xx: use -falign-functions=32 for kernel compilation

Northstar SoCs have pretty small CPU caches and their performance is
heavily affected by cache hits & misses. It means that all kind of
random code changes can affect performance as they often reorganize
(change alignment & possibly reorder) kernel symbols.

It was discussed in ARM / net mailinglists:
1. ARM router NAT performance affected by random/unrelated commits [1] [2]
2. Optimizing kernel compilation / alignments for network performance [3] [4]

It seems that -falign-functions can be used as a partial workaround. It
doesn't solve all cases (e.g. documented watchdog one [5]) but it surely
helps with many of them.

A complete long term solution may be PGO (profile-guided optimization)
but it isn't available at this point.

[1] https://lkml.org/lkml/2019/5/21/349
[2] https://www.spinics.net/lists/linux-block/msg40624.html
[3] https://lore.kernel.org/linux-arm-kernel/066fc320-dc04-11a4-476e-b0d11f3b17e6@gmail.com/T/
[4] https://www.spinics.net/lists/netdev/msg816103.html
[5] http://lists.openwrt.org/pipermail/openwrt-devel/2022-July/038989.html

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit abc5b28db164dc2d807750cb2baae91e288c84a9)

2 months agobcm53xx: enable & setup packet steering
Rafał Miłecki [Fri, 10 Jun 2022 08:51:23 +0000 (10:51 +0200)]
bcm53xx: enable & setup packet steering

Packet steering can improve NAT masquarade performance on Northstar by
40-50%. It makes reaching 940-942 Mb/s possible on BCM4708 (and
obviously BCM47094 too). Add scripts setting up the most optimal
Northstar setup.

Below are testing results for running iperf TCP traffic from LAN to WAN.
They were used to pick up golden values.

┌──────────┬──────────┬────────────────────┬────────────────────┐
│   eth0   │  br-lan  │ flow_offloading=0  │ flow_offloading=1  │
│          │          ├─────────┬──────────┼─────────┬──────────┤
│ rps_cpus │ rps_cpus │ BCM4708 │ BCM47094 │ BCM4708 │ BCM47094 │
├──────────┼──────────┼─────────┼──────────┼─────────┼──────────┤
│        0 │        0 │     387 │      671 │     707 │      941 │
│        0 │        1 │     343 │      576 │     705 │      941 │
│        0 │        2 │   ✓ 574 │    ✓ 941 │     704 │      940 │
│        1 │        0 │     320 │      549 │     561 │      941 │
│        1 │        1 │     327 │      551 │     553 │      941 │
│        1 │        2 │     523 │    ✓ 940 │     559 │      940 │
│        2 │        0 │     383 │      652 │   ✓ 940 │      941 │
│        2 │        1 │     448 │      754 │   ✓ 942 │      941 │
│        2 │        2 │     404 │      655 │   ✓ 941 │      941 │
└──────────┴──────────┴─────────┴──────────┴─────────┴──────────┘

Above tests were performed with all eth0 interrupts handled by CPU0.
Setting "echo 2 > /proc/irq/38/smp_affinity" was tested on BCM4708 but
it didn't increased speeds (just required different steering):

┌──────────┬──────────┬───────────┐
│   eth0   │  br-lan  │ flow_offl │
│   rx-0   │   rx-0   │ oading=0  │
│ rps_cpus │ rps_cpus │  BCM4708  │
├──────────┼──────────┼───────────┤
│        0 │        0 │       384 │
│        0 │        1 │     ✓ 574 │
│        0 │        2 │       348 │
│        1 │        0 │       383 │
│        1 │        1 │       412 │
│        1 │        2 │       448 │
│        2 │        0 │       321 │
│        2 │        1 │       520 │
│        2 │        2 │       327 │
└──────────┴──────────┴───────────┘

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit fcbd39689ebfef20c62fe3882d51f3af765e8028)

2 months agobcm53xx: disable GRO by default at kernel level
Rafał Miłecki [Mon, 20 Jun 2022 08:21:20 +0000 (10:21 +0200)]
bcm53xx: disable GRO by default at kernel level

This improves NAT masquarade network performance.

An alternative to kernel change would be runtime setup but that requires
ethtool and identifying relevant network interface and all related
switch ports interfaces.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 82d0dd8f8aa11249944fe39cd0d75a1524ec22ec)

2 months agokernel: drop patch adding hardcoded kernel compilation flags
Rafał Miłecki [Wed, 15 Jun 2022 10:36:37 +0000 (12:36 +0200)]
kernel: drop patch adding hardcoded kernel compilation flags

1. KCFLAGS should be used for custom flags
2. Optimization flags are arch / SoC specific
3. -fno-reorder-blocks may *worsen* network performace on some SoCs
4. Usage of flags was *reversed* since 5.4 and noone reported that

If we really need custom flags then CONFIG_KERNEL_CFLAGS should get
default value adjusted properly (per target).

Ref: 4e0c54bc5bc8 ("kernel: add support for kernel 5.4")
Link: http://lists.openwrt.org/pipermail/openwrt-devel/2022-June/038853.html
Link: https://patchwork.ozlabs.org/project/openwrt/patch/20190409093046.13401-1-zajec5@gmail.com/
Cc: Felix Fietkau <nbd@nbd.name>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Cc: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 22168ae68101b95d03741b0e9e8ad20b8a5ae5b7)

2 months agokernel: support setting extra CFLAGS for kernel compilation
Rafał Miłecki [Wed, 15 Jun 2022 10:36:36 +0000 (12:36 +0200)]
kernel: support setting extra CFLAGS for kernel compilation

They may be used e.g. to optimize kernel size or performance.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 907d7d747243044f86588f0d82993e8c106cb02c)

2 months agokernel: use KCFLAGS for passing EXTRA_OPTIMIZATION flags
Rafał Miłecki [Wed, 15 Jun 2022 08:41:37 +0000 (10:41 +0200)]
kernel: use KCFLAGS for passing EXTRA_OPTIMIZATION flags

This uses kernel's generic variable and doesn't require patching it with
a custom Makefile change. It's expected *not* to change any behaviour.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1d42af720c6b6dcfcdd0b89bce386fca1607dcb3)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 24e27bec9a6df1511a504cf04cd9578a23e74657)

2 months agowolfssl: re-enable AES-NI by default for x86_64
Eneas U de Queiroz [Wed, 6 Jul 2022 20:55:58 +0000 (17:55 -0300)]
wolfssl: re-enable AES-NI by default for x86_64

Apply an upstream patch that removes unnecessary CFLAGs, avoiding
generation of incompatible code.

Commit 0bd536723303ccd178e289690d073740c928bb34 is reverted so the
accelerated version builds by default on x86_64.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 639419ec4fd1501a9b9857cea96474271ef737b1)

2 months agoopenssl: bump to 1.1.1q
Dustin Lundquist [Wed, 6 Jul 2022 16:08:52 +0000 (09:08 -0700)]
openssl: bump to 1.1.1q

Changes between 1.1.1p and 1.1.1q [5 Jul 2022]

  *) AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised
     implementation would not encrypt the entirety of the data under some
     circumstances.  This could reveal sixteen bytes of data that was
     preexisting in the memory that wasn't written.  In the special case of
     "in place" encryption, sixteen bytes of the plaintext would be revealed.

     Since OpenSSL does not support OCB based cipher suites for TLS and DTLS,
     they are both unaffected.
     (CVE-2022-2097)
     [Alex Chernyakhovsky, David Benjamin, Alejandro Sedeño]

Signed-off-by: Dustin Lundquist <dustin@null-ptr.net>
(cherry picked from commit 3899f68b54b31de4b4fef4f575f7ea56dc93d965)

2 months agorockchip: reliably distribute net interrupts
Ronny Kotzschmar [Wed, 6 Jul 2022 13:14:21 +0000 (15:14 +0200)]
rockchip: reliably distribute net interrupts

On the NanoPI R4S it takes an average of 3..5 seconds for the network devices
to appear in '/proc/interrupts'.
Wait up to 10 seconds to ensure that the distribution of the interrupts
really happens.

Signed-off-by: Ronny Kotzschmar <ro.ok@me.com>
(cherry picked from commit 9b00e9795660f53caf1f4f5fd932bbbebd2eeeb1)

2 months agowolfssl: WOLFSSL_HAS_WPAS requires WOLFSSL_HAS_DH
Pascal Ernster [Wed, 20 Jan 2021 01:01:37 +0000 (02:01 +0100)]
wolfssl: WOLFSSL_HAS_WPAS requires WOLFSSL_HAS_DH

Without this, WOLFSSL_HAS_DH can be disabled even if WOLFSSL_HAS_WPAS is
enabled, resulting in an "Anonymous suite requires DH" error when trying
to compile wolfssl.

Signed-off-by: Pascal Ernster <git@hardfalcon.net>
Reviewed-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 21825af2dad0070affc2444ff56dc84a976945a2)

2 months agotools/libressl: update to version 3.4.3
Josef Schlehofer [Mon, 6 Jun 2022 20:08:42 +0000 (22:08 +0200)]
tools/libressl: update to version 3.4.3

Release notes:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.3-relnotes.txt

```
It includes the following security fix:

    * A malicious certificate can cause an infinite loop.
      Reported by and fix from Tavis Ormandy and David Benjamin, Google.
      (CVE-2022–0778)
```

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 25534d5cc20a807ff776fdb18847344167ce081d)

2 months agox86: backport Intel I225-V (Stepping B3) driver from 5.15 to 5.4
lean [Sat, 12 Mar 2022 07:29:20 +0000 (15:29 +0800)]
x86: backport Intel I225-V (Stepping B3) driver from 5.15 to 5.4

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 months agoRevert "x86: update default packages"
Tianling Shen [Mon, 4 Jul 2022 08:59:38 +0000 (16:59 +0800)]
Revert "x86: update default packages"

idk why it appeared here, it's totally useless.

This reverts commit 82e6f282bdd7c500fb983d788d77dbb40be060d8.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 months agoopenssl: bump to 1.1.1p
Andre Heider [Thu, 23 Jun 2022 07:08:07 +0000 (09:08 +0200)]
openssl: bump to 1.1.1p

Changes between 1.1.1o and 1.1.1p [21 Jun 2022]

  *) In addition to the c_rehash shell command injection identified in
     CVE-2022-1292, further bugs where the c_rehash script does not
     properly sanitise shell metacharacters to prevent command injection have been
     fixed.

     When the CVE-2022-1292 was fixed it was not discovered that there
     are other places in the script where the file names of certificates
     being hashed were possibly passed to a command executed through the shell.

     This script is distributed by some operating systems in a manner where
     it is automatically executed.  On such operating systems, an attacker
     could execute arbitrary commands with the privileges of the script.

     Use of the c_rehash script is considered obsolete and should be replaced
     by the OpenSSL rehash command line tool.
     (CVE-2022-2068)
     [Daniel Fiala, Tomáš Mráz]

  *) When OpenSSL TLS client is connecting without any supported elliptic
     curves and TLS-1.3 protocol is disabled the connection will no longer fail
     if a ciphersuite that does not use a key exchange based on elliptic
     curves can be negotiated.
     [Tomáš Mráz]

Signed-off-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 months agoMerge Official Source
Tianling Shen [Mon, 4 Jul 2022 08:37:45 +0000 (16:37 +0800)]
Merge Official Source

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 months agobuild: fix ldconfig executable error in python
Damien Mascord [Mon, 1 Nov 2021 09:06:20 +0000 (20:06 +1100)]
build: fix ldconfig executable error in python

The empty executable is causing problems with meson builds, due to the
error: OSError: [Errno 8] Exec format error: 'ldconfig'

This patch changes the empty ldconfig stub to symlink to /bin/true to
work around this issue.

Fixes: FS#4117
Fixes: 3bd31cc4d2ff ("tools/meson: update to 0.60.0")

Signed-off-by: Damien Mascord <tusker@tusker.org>
Tested-by: Aleksander Jan Bajkowski <olek2@wp.pl> # Tested on Debian 11
Tested-By: Lucian Cristian <lucian.cristian@gmail.com>
Tested-By: Baptiste Jonglez <git@bitsofnetworks.org>
Cc: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 6a5b4228e30244b44a49f523dea66caf3fbe3307)
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
[backport to fix prereq check when moving from 22.03 branch to 21.02]

2 months agokernel: Remove kmod-crypto-lib-blake2s
Hauke Mehrtens [Mon, 30 May 2022 12:45:46 +0000 (08:45 -0400)]
kernel: Remove kmod-crypto-lib-blake2s

Delete the crypto-lib-blake2s kmod package, as BLAKE2s is now built-in.

Fixes: be0639063a70 ("kernel: bump 5.4 to 5.4.203")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 months agokernel: backport wireguard blake2s patch
Hauke Mehrtens [Sun, 3 Jul 2022 19:27:38 +0000 (21:27 +0200)]
kernel: backport wireguard blake2s patch

This patch was backported to kernel 5.4.200, but without the wireguard
change, because wireguard is not available in upstream kernel 5.4.
This adds the missing changes for wireguard too.

Fixes: be0639063a70 ("kernel: bump 5.4 to 5.4.203")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 months agomvebu: move upstreamed DTS files (ESPRESSObin) to files-5.4
Adrian Schmutzler [Tue, 23 Feb 2021 10:43:33 +0000 (11:43 +0100)]
mvebu: move upstreamed DTS files (ESPRESSObin) to files-5.4

Since kernel 5.5-rc1 [1], there are upstreamed DTS files related to ESPRESSObin
variants. Move these to files-5.4.

This helps if you want to use a newer kernel version than used
in OpenWrt 21.02 (= LTS kernel 5.4), you would end up with duplicate files
(one outdated, one up to date from newer Linux versions).

Fixes:
Error: arch/arm64/boot/dts/marvell/armada-3720-espressobin-v7.dts:19.1-7:
Label or path ports not found
FATAL ERROR: Syntax error parsing input tree

[1] https://github.com/torvalds/linux/commit/447b8789359f9a5e6567c4044d18abaa7de68930

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 7be8ab4f7b582924bca6594103735d888989d804)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[reword commit subject and commit description]

2 months agocryptodev-linux: update to 1.12
Rosen Penev [Thu, 23 Sep 2021 19:57:52 +0000 (12:57 -0700)]
cryptodev-linux: update to 1.12

Remove upstream backport.

Use AUTORELEASE for simplicity.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 585cef5f1a9c1c3aecd7d231364618e96d03ab65)

2 months agokernel: check dst of flow offloading table
Ritaro Takenaka [Wed, 25 May 2022 06:55:48 +0000 (15:55 +0900)]
kernel: check dst of flow offloading table

Flow offload dst can become invalid after the route cache is created.
dst_check() in packet path is necessary to prevent packet drop.

Signed-off-by: Ritaro Takenaka <ritarot634@gmail.com>
2 months agoopenssl: bump to 1.1.1o
Eneas U de Queiroz [Tue, 10 May 2022 23:34:57 +0000 (20:34 -0300)]
openssl: bump to 1.1.1o

This release comes with a security fix related to c_rehash.  OpenWrt
does not ship or use it, so it was not affected by the bug.

There is a fix for a possible crash in ERR_load_strings() when
configured with no-err, which OpenWrt does by default.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7a5ddc0d06895bde7538d78c8dad2c863d70f946)

2 months agokernel: bump 5.4 to 5.4.203
Hauke Mehrtens [Sun, 3 Jul 2022 16:46:35 +0000 (16:46 +0000)]
kernel: bump 5.4 to 5.4.203

Merged upstream:
 bcm27xx/patches-5.4/950-1014-Revert-mailbox-avoid-timer-start-from-callback.patch
 generic/backport-5.4/080-wireguard-0021-crypto-blake2s-generic-C-library-implementation-and-.patch

Manually adapted:
 layerscape/patches-5.4/801-audio-0005-Revert-ASoC-fsl_sai-Add-support-for-SAI-new-version.patch
 oxnas/patches-5.4/100-oxnas-clk-plla-pllb.patch

Compile-tested: lantiq/xrx200
Run-tested: lantiq/xrx200

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 months agoexfat: update to 5.19.1
Chukun Pan [Wed, 8 Jun 2022 15:05:03 +0000 (23:05 +0800)]
exfat: update to 5.19.1

Major changes are:
  4 cleanups & typos fixes.
  Add keep_last_dots mount option to allow access to paths
  with trailing dots.
  Avoid repetitive volume dirty bit set/clear to improve
  storage life time.
  Fix ->i_blocks truncation issue caused by wrong 32bit mask.
  Fix ->i_blocks truncation issue that still exists elsewhere.
  Fix missing REQ_SYNC in exfat_update_bhs().
  Fix referencing wrong parent directory information during rename.
  Fix slab-out-bounds in exat_clear_bitmap() reported from syzbot.
  Improve performance while zeroing a cluster with dirsync mount option.
  Introduce a sys_tz mount option to use system timezone.
  Move super block magic number to magic.h

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
2 months agoipq40xx: add RT-AC2200 alternative name to RT-AC42U/RT-ACRH17
Ray Wang [Mon, 4 Apr 2022 02:29:18 +0000 (10:29 +0800)]
ipq40xx: add RT-AC2200 alternative name to RT-AC42U/RT-ACRH17

RT-AC2200 is the same device with a different name. The OEM firmwares have the same MD5.

Signed-off-by: Ray Wang <raywang777@foxmail.com>
(cherry picked from commit 3204906569768cabcbedb5eaa3a11e2fcb18cd48)

2 months agoipq40xx: rename RT-AC42U WLAN/LAN LEDs
Sungbo Eo [Sun, 16 Jan 2022 16:55:37 +0000 (01:55 +0900)]
ipq40xx: rename RT-AC42U WLAN/LAN LEDs

Assign LED numbers properly by adding function-enumerator property in DTS.

While at it, remove default trigger of LAN LEDs as it will be handled in
01_leds anyway.

Fixes: 51b9aef553a8 ("ipq40xx: add support for ASUS RT-ACRH17/RT-AC42U")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 266b5c83c32c13dbd05f0d6f251815cbe6f55621)

2 months agoipq40xx: add support for ASUS RT-ACRH17/RT-AC42U
Joshua Roys [Thu, 30 Dec 2021 20:25:03 +0000 (15:25 -0500)]
ipq40xx: add support for ASUS RT-ACRH17/RT-AC42U

SOC: IPQ4019
CPU: Quad-core ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c5387d
DRAM: 256 MB
NAND: 128 MiB Macronix MX30LF1G18AC
ETH: Qualcomm Atheros QCA8075 Gigabit Switch (4x LAN, 1x WAN)
USB: 1x 3.0 (via Synopsys DesignWare DWC3 controller in the SoC)
WLAN1: Qualcomm Atheros QCA4019 2.4GHz 802.11bgn 2x2:2
WLAN2: Qualcomm Atheros QCA9984 5GHz 802.11nac 4x4:4
INPUT: 1x WPS, 1x Reset
LEDS: Status, WIFI1, WIFI2, WAN (red & blue), 4x LAN

This board is very similar to the RT-ACRH13/RT-AC58U. It must be flashed
with an intermediary initramfs image, the jffs2 ubi volume deleted, and
then finally a sysupgrade with the final image performed.

Signed-off-by: Joshua Roys <roysjosh@gmail.com>
(added ALT0)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 51b9aef553a82cbc80c12e13a4011d4d2e29fde4)

3 months agowolfssl: disable AES-NI by default for x86_64
Eneas U de Queiroz [Tue, 21 Jun 2022 18:21:44 +0000 (15:21 -0300)]
wolfssl: disable AES-NI by default for x86_64

WolfSSL is crashing with an illegal opcode in some x86_64 CPUs that have
AES instructions but lack other extensions that are used by WolfSSL
when AES-NI is enabled.

Disable the option by default for now until the issue is properly fixed.
People can enable them in a custom build if they are sure it will work
for them.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 0bd536723303ccd178e289690d073740c928bb34)

3 months agor8125: bump to 9.009.01-1
Tianling Shen [Wed, 22 Jun 2022 22:13:04 +0000 (06:13 +0800)]
r8125: bump to 9.009.01-1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 838f97a5f840a2d5cf73bfe252dcf0e3d63c62ed)

3 months agor8152: bump to 2.16.1
Tianling Shen [Tue, 21 Jun 2022 15:51:16 +0000 (23:51 +0800)]
r8152: bump to 2.16.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 51333e4cf5be36b5936e48add71a60423906c19a)

3 months agoMerge Official Source
Tianling Shen [Mon, 20 Jun 2022 20:40:03 +0000 (04:40 +0800)]
Merge Official Source

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 months agoramips: fix booting on ZyXEL NBG-419N v2
Piotr Dymacz [Mon, 23 May 2022 15:50:19 +0000 (17:50 +0200)]
ramips: fix booting on ZyXEL NBG-419N v2

This fixes a well known "LZMA ERROR 1" error, reported previously on
numerous of other devices from 'ramips' target.

Fixes: #9842
Fixes: #8964

Reported-by: Juergen Hench <jurgen.hench@gmail.com>
Tested-by: Juergen Hench <jurgen.hench@gmail.com>
Signed-off-by: Demetris Ierokipides <ierokipides.dem@gmail.com>
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit fd72e595c2b2a46bab8cbc7e9415fbfeae7b5b0d)

3 months agomediatek: mt7623: fixes kconfig for hwcrypto
Chukun Pan [Fri, 10 Jun 2022 15:54:40 +0000 (23:54 +0800)]
mediatek: mt7623: fixes kconfig for hwcrypto

The MediaTek's Crypto Engine driver has been replaced with the upstream
Inside Secure's SafeXcel cryptographic engine driver, however kconfig
has not been changed accordingly, this commit fixes it.

Fixes: 127ad76 ("mediatek: switch over to extended upstream eip97
driver")

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
3 months agomediatek: remove crypto-hw-mtk package
Eneas U de Queiroz [Thu, 31 Mar 2022 13:38:49 +0000 (10:38 -0300)]
mediatek: remove crypto-hw-mtk package

The MediaTek's Crypto Engine module is only available for mt7623, in
which case it is built into the kernel.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 3f2d0703b60357e3ff1865783335be9f51528eb8)

3 months agodefault-settings: update tencent ntp server
MkQtS [Sat, 18 Jun 2022 15:15:06 +0000 (23:15 +0800)]
default-settings: update tencent ntp server

see tencentyun's doc [1]

1. https://github.com/tencentyun/qcloud-documents/blob/master/product/%E8%AE%A1%E7%AE%97%E4%B8%8E%E7%BD%91%E7%BB%9C/%E4%BA%91%E6%9C%8D%E5%8A%A1%E5%99%A8/%E6%9C%80%E4%BD%B3%E5%AE%9E%E8%B7%B5/NTP%20%E6%9C%8D%E5%8A%A1/%E8%85%BE%E8%AE%AF%E4%BA%91%20NTP%20%E6%9C%8D%E5%8A%A1.md

(cherry picked from commit 0688e346d06452508345ec92e88bf6d2876e7b52)

3 months agoramips: fix RT-AC57U button level
David Bauer [Sat, 18 Jun 2022 18:46:33 +0000 (20:46 +0200)]
ramips: fix RT-AC57U button level

Both buttons on the RT-AC57U are active-low. Fix the GPIO flag for the
WPS cutton to fix button behavior.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 535b0c70b1c466733b009144f81f5207f1ecd311)

3 months agor8168: bump to 8.050.03
Tianling Shen [Fri, 17 Jun 2022 17:03:08 +0000 (01:03 +0800)]
r8168: bump to 8.050.03

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit f3002993d248a8b5d50c71d3e4a0173cd4266e64)

3 months agotools/ninja: update to 1.11.0
Rosen Penev [Tue, 17 May 2022 00:21:48 +0000 (17:21 -0700)]
tools/ninja: update to 1.11.0

Updated patchset to latest.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit a7be143646db9365f6ac8d5749a2dfef805789cb)

3 months agomtk-eip93: bump to latest git HEAD
AmadeusGhost [Tue, 26 Apr 2022 15:19:01 +0000 (23:19 +0800)]
mtk-eip93: bump to latest git HEAD

(cherry picked from commit 7fc2fd764114b639a59609442d3b1fbc42a9a1f6)

3 months agoexfat: Update to 5.19.1
Tianling Shen [Fri, 10 Jun 2022 21:42:50 +0000 (05:42 +0800)]
exfat: Update to 5.19.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit e72122a460e5e05bc548cd6846f018ad148d938c)

3 months agosunxi/cortexa53: enable armv8-CE crypto algorithms
Eneas U de Queiroz [Wed, 20 Apr 2022 18:26:32 +0000 (15:26 -0300)]
sunxi/cortexa53: enable armv8-CE crypto algorithms

This enables armv8 crypto extensions version of AES, GHASH, SHA1, and
CRC T10 algorithms in the kernel.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 9be35180f43a4916f53430d8c93437d33896e860)

3 months agoocteontx: add armv8-CE version of CRC T10
Eneas U de Queiroz [Wed, 20 Apr 2022 19:23:47 +0000 (16:23 -0300)]
octeontx: add armv8-CE version of CRC T10

Adds the crypto extensions version of the CRC T10 algorithm that is
already built into the kernel.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 1b94e4aab8ddbe5719f1e859e064c1c5dfa4587f)

3 months agomvebu/cortexa72: enable armv8-CE crypto algos
Eneas U de Queiroz [Wed, 20 Apr 2022 18:26:32 +0000 (15:26 -0300)]
mvebu/cortexa72: enable armv8-CE crypto algos

This enables armv8 crypto extensions version of AES, GHASH, SHA1,
SHA256, and SHA512 algorithms in the kernel.

The choice of algorithms match the 32-bit versions that are enabled in
the target config-5.10 file, but were only used by the cortexa9
subtarget.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 06bb5ac1f2b62c3e10f24d7096e86f6368aaf41d)

3 months agomvebu/cortexa53: enable armv8-CE crypto algos
Eneas U de Queiroz [Wed, 20 Apr 2022 18:26:32 +0000 (15:26 -0300)]
mvebu/cortexa53: enable armv8-CE crypto algos

This enables armv8 crypto extensions version of AES, GHASH, SHA1,
SHA256, and SHA512 algorithms in the kernel.

The choice of algorithms match the 32-bit versions that are enabled in
the target config-5.10 file, but were only used by the cortexa9
subtarget.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit f5167e11bf7e0a1a3675f0563423254005d0eb2d)

3 months agolayerscape/armv8_64b: enable armv8-CE crypto algos
Eneas U de Queiroz [Wed, 20 Apr 2022 18:26:32 +0000 (15:26 -0300)]
layerscape/armv8_64b: enable armv8-CE crypto algos

This enables armv8 crypto extensions version of AES, GHASH, SHA256 and
CRC T10 algorithms in the kernel.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit eb33232420ea2537d8302d5ec121eed03db474d1)

3 months agobcm4908: enable armv8-CE crypto algorithms
Eneas U de Queiroz [Wed, 20 Apr 2022 18:26:32 +0000 (15:26 -0300)]
bcm4908: enable armv8-CE crypto algorithms

This enables armv8 crypto extensions version of AES and GHASH algorithms
in the kernel.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit b2cb87bc98e8d7b5f29899b8b966990e200cfe44)

3 months agobcm27xx/bcm2711: enable asm crypto algorithms
Eneas U de Queiroz [Tue, 17 May 2022 15:06:12 +0000 (12:06 -0300)]
bcm27xx/bcm2711: enable asm crypto algorithms

This enables arm64/neon version of AES, SHA256 and SHA512 algorithms in
the kernel.  bcm2711 does not support armv8 crypto extensions, so they
are not included.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7b6beb7489c750c0613153822ec1d5ba8a9ab388)

3 months agobcm27xx/bcm2710: enable asm crypto algorithms
Eneas U de Queiroz [Tue, 17 May 2022 15:00:41 +0000 (12:00 -0300)]
bcm27xx/bcm2710: enable asm crypto algorithms

This enables arm64/neon version of AES, SHA256 and SHA512 algorithms in
the kernel.  bcm2710 does not support armv8 crypto extensions, so they
are not included.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 38ebb210a9f4895cfade3580815d5c9a3eb1b7e4)

3 months agombedtls: mark as nonshared
Tianling Shen [Fri, 10 Jun 2022 16:25:22 +0000 (00:25 +0800)]
mbedtls: mark as nonshared

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 48383c2847dae61d81069315bcfbbc468a61c4cd)

3 months agowolfssl: enable CPU crypto instructions
Eneas U de Queiroz [Tue, 19 Apr 2022 15:02:09 +0000 (12:02 -0300)]
wolfssl: enable CPU crypto instructions

This enables AES & SHA CPU instructions for compatible armv8, and x86_64
architectures.  Add this to the hardware acceleration choice, since they
can't be enabled at the same time.

The package was marked non-shared, since the arm CPUs may or may not
have crypto extensions enabled based on licensing; bcm27xx does not
enable them.  There is no run-time detection of this for arm.

NOTE:
Should this be backported to a release branch, it must be done shortly
before a new minor release, because the change to nonshared will remove
libwolfssl from the shared packages, but the nonshared are only built in
a subsequent release!

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 0a2edc2714dcda10be902c32525723ce2cbcb138)

3 months agowolfssl: add benchmark utility
Eneas U de Queiroz [Tue, 19 Apr 2022 21:23:05 +0000 (18:23 -0300)]
wolfssl: add benchmark utility

This packages the wolfssl benchmark utility.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 18fd12edb810f9dfbf8410bb81f639df052134cb)

3 months agowolfssl: don't change ABI because of hw crypto
Eneas U de Queiroz [Mon, 25 Apr 2022 12:09:23 +0000 (09:09 -0300)]
wolfssl: don't change ABI because of hw crypto

Enabling different hardware crypto acceleration should not change the
library ABI.  Add them to PKG_CONFIG_DEPENDS after the ABI version hash
has been computed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 677774d445ced1a56e73fe62df47b4eb66441721)

3 months agorealtek: Remove dnsmasq and odhcpd-ipv6only from default
Hauke Mehrtens [Fri, 25 Mar 2022 12:57:40 +0000 (13:57 +0100)]
realtek: Remove dnsmasq and odhcpd-ipv6only from default

Do not include the dnsmasq and odhcpd-ipv6only package by default any
more. These services are not needed on a switch. If someone needs this
it is still possible to use opkg or image builder to add them.

This decreases the compressed image size by about 165KBytes.

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 2acebbdcaafbdfd3f677052c28bc0af04c6b5ab8)

3 months agodnsmasq: enable cache by default
Tianling Shen [Fri, 3 Jun 2022 15:13:26 +0000 (23:13 +0800)]
dnsmasq: enable cache by default

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 3272539aaa6b0b284c01594c188adf8a13ed679b)

3 months agokernel: check dst of flow offloading table
Ritaro Takenaka [Wed, 25 May 2022 06:55:48 +0000 (15:55 +0900)]
kernel: check dst of flow offloading table

Flow offload dst can become invalid after the route cache is created.
dst_check() in packet path is necessary to prevent packet drop.

Signed-off-by: Ritaro Takenaka <ritarot634@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 months agotools/cmake: update to 3.21.6
Tianling Shen [Tue, 31 May 2022 10:13:58 +0000 (18:13 +0800)]
tools/cmake: update to 3.21.6

Refreshed patches.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 months agotools/cmake: update to 3.21.3
Rosen Penev [Tue, 5 Oct 2021 01:30:33 +0000 (18:30 -0700)]
tools/cmake: update to 3.21.3

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 297cb8c147fe66503c3772fdf46caa01ee2fb161)

3 months agotools/cmake: fix download url
leo chung [Thu, 31 Mar 2022 02:58:29 +0000 (10:58 +0800)]
tools/cmake: fix download url

fix the cmake.org download url

Signed-off-by: leo chung <gewalalb@gmail.com>
(cherry picked from commit 56f091d4677feb693d37959a3fa4af845dcce82e)

3 months agotools/cmake: add MAKE config variable
Rosen Penev [Thu, 10 Feb 2022 01:15:14 +0000 (17:15 -0800)]
tools/cmake: add MAKE config variable

Makes sure that Ninja from staging_dir is used and nowhere else.

Reported by reproducible builds project. Builds have been failing ever
since tools/cmake started using Ninja.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 0d25db7f17efbf5ab539508dd0a5d1eb739a1c43)

3 months agotools/cmake: update to 3.21.2
Rosen Penev [Thu, 2 Sep 2021 02:32:36 +0000 (19:32 -0700)]
tools/cmake: update to 3.21.2

Refreshed patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit eef7f9ea37366c93039b386ca8e438b26a199214)

3 months agotools/cmake: update to 3.20.3 + build with Ninja
Rosen Penev [Fri, 18 Jun 2021 06:08:50 +0000 (23:08 -0700)]
tools/cmake: update to 3.20.3 + build with Ninja

Compile with Ninja. Ninja compiles faster and is more stable with
parallel builds. Routines copied from cmake.mk.

Speed improves from:

Executed in 127.47 secs fish external
usr time 17.02 mins 446.00 micros 17.02 mins
sys time 1.18 mins 40.00 micros 1.18 mins

to:

Executed in 118.91 secs fish external
usr time 17.28 mins 499.00 micros 17.28 mins
sys time 1.13 mins 45.00 micros 1.13 mins

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 5cff6c1abbcb134395bbe032cb5ea9d1c74ec891)

4 months agofirewall: dos2unix
Tianling Shen [Sun, 29 May 2022 09:54:31 +0000 (17:54 +0800)]
firewall: dos2unix

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
4 months agoinclude/cmake.mk: add support for overriding the host install prefix
Felix Fietkau [Tue, 2 Nov 2021 17:08:47 +0000 (18:08 +0100)]
include/cmake.mk: add support for overriding the host install prefix

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a6a9f9be278e718f3f8a5cb7640dd8035cc802b9)

4 months agoinclude/cmake.mk: fix host builds with CMAKE_BINARY_SUBDIR
Felix Fietkau [Sun, 17 Oct 2021 15:01:23 +0000 (17:01 +0200)]
include/cmake.mk: fix host builds with CMAKE_BINARY_SUBDIR

Use it in the same way as for target builds

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 1c07eab9f81f1ee99cc2ae36596bda81c12d5dbc)

4 months agotarget: use wpad-basic-openssl by default
Tianling Shen [Wed, 25 May 2022 14:38:44 +0000 (22:38 +0800)]
target: use wpad-basic-openssl by default

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
4 months agofirewall3: fix locking issue
ZiMing Mo [Wed, 25 May 2022 08:13:40 +0000 (16:13 +0800)]
firewall3: fix locking issue

4 months agolibmnl: update to 1.0.5
Nick Hainke [Tue, 5 Apr 2022 13:01:43 +0000 (15:01 +0200)]
libmnl: update to 1.0.5

Changes:

Duncan Roe (5):
      nlmsg: Fix a missing doxygen section trailer
      build: doc: "make" builds & installs a full set of man pages
      build: doc: get rid of the need for manual updating of Makefile
      build: If doxygen is not available, be sure to report "doxygen: no" to ./configure
      src: doc: Fix messed-up Netlink message batch diagram

Fernando Fernandez Mancera (1):
      src: fix doxygen function documentation

Florian Westphal (1):
      libmnl: zero attribute padding

Guillaume Nault (1):
      callback: mark cb_ctl_array 'const' in mnl_cb_run2()

Kylie McClain (1):
      examples: nfct-daemon: Fix test building on musl libc

Laura Garcia Liebana (4):
      examples: add arp cache dump example
      examples: fix neigh max attributes
      examples: fix print line format
      examples: reduce LOCs during neigh attributes validation

Pablo Neira Ayuso (3):
      doxygen: remove EXPORT_SYMBOL from the output
      include: add MNL_SOCKET_DUMP_SIZE definition
      build: libmnl 1.0.5 release

Petr Vorel (1):
      examples: Add rtnl-addr-add.c

Stephen Hemminger (1):
      examples: rtnl-addr-dump: fix typo

igo95862 (1):
      doxygen: Fixed link to the git source tree on the website.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit c3b738933981de601389794152534628b04555dc)

4 months agolibnfnetlink: update to 1.0.2
Nick Hainke [Tue, 5 Apr 2022 13:26:24 +0000 (15:26 +0200)]
libnfnetlink: update to 1.0.2

Changes:

c63f193 bump version to 1.0.2
3cffa84 libnfnetlink: Check getsockname() return code
90ba679 include: Silence gcc warning in linux_list.h
bb4f6c8 Make it clear that this library is deprecated
e46569c Minimally resurrect doxygen documentation
5087de4 libnfnetlink: hide private symbols
62ca426 autogen: don't convert __u16 to u_int16_t
efa1d8e src: Use stdint types everywhere
7a1a07c include: Sync with kernel headers
7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings
94b68f3 configure: uclinux is also linux
617fe82 src: get source code license header in sync with current licensing terms
97a3960 build: resolve automake-1.12 warnings

Removed the patch 100-missing_include.patch, libnfnetlink compiles fine
with musl without this patch.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit aecf088b3792d556c717510304729fa542ceb770)

4 months agoMerge Official Source
Tianling Shen [Fri, 20 May 2022 09:39:45 +0000 (17:39 +0800)]
Merge Official Source

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
4 months agobuild: do not override DESTDIR for cmake ninja host builds
Felix Fietkau [Sat, 12 Jun 2021 12:32:41 +0000 (14:32 +0200)]
build: do not override DESTDIR for cmake ninja host builds

The full prefix is already passed to cmake

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 18430a34e6a287aaf6f13a110a3202dcac3b3d1a)

4 months agotools: build ninja before ccache to fix the build order
Felix Fietkau [Sat, 12 Jun 2021 12:24:40 +0000 (14:24 +0200)]
tools: build ninja before ccache to fix the build order

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit fa0aea53b2f1dccc2073efac8020151960d25513)

4 months agotools: fix dependencies of cmake packages
Felix Fietkau [Sat, 12 Jun 2021 10:40:02 +0000 (12:40 +0200)]
tools: fix dependencies of cmake packages

Make cmake depend on ninja, so that other cmake based tools also depend on it

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit d45baa860ffc79ae1cf68fceb94990e39bb06bab)

4 months agobuild: use ninja for cmake packages by default
Felix Fietkau [Thu, 10 Jun 2021 12:01:04 +0000 (14:01 +0200)]
build: use ninja for cmake packages by default

Speed goes from:

Executed in     178.08 secs     fish            external
usr time        20.16 mins      509.00 micros   20.16 mins
sys time        2.88 mins       39.00 micros    2.88 mins

To:

Executed in     175.90 secs     fish            external
usr time        20.19 mins      0.00 micros     20.19 mins
sys time        2.85 mins       497.00 micros   2.85 mins

Tested with "time make -j 12" on AMD Ryzen 3600

When building individual packages, the build time difference is often
significantly bigger than that.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 0c7c24d40aedcee25d5243e25a87d38246be128b)

4 months agopackage: fix cmake packages build with ninja
Rosen Penev [Sun, 6 Jun 2021 21:24:43 +0000 (14:24 -0700)]
package: fix cmake packages build with ninja

+= is needed for CMAKE_OPTIONS.

mt76 needs Ninja disabled as the kernel stuff uses normal make.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 09de28090cfb3fb605e6f4b452503a4ec2c6c43f)

4 months agobuild: add ninja build tool and make it available for cmake
Felix Fietkau [Sun, 6 Jun 2021 12:31:01 +0000 (14:31 +0200)]
build: add ninja build tool and make it available for cmake

ninja is faster at building cmake packages than make, and according to reports
also more reliable at handling parallel builds
This commit includes a patch that adds GNU make jobserver support, in order to
allow more precise control over the number of parallel tasks

Enable parallel build by default for packages using ninja

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 97258f53634d7237a2962aec3387f011047ce83b)

4 months agoRevert "r8152: drop led configuration patch"
Tianling Shen [Wed, 18 May 2022 04:05:07 +0000 (12:05 +0800)]
Revert "r8152: drop led configuration patch"

This doesn't make sense at all. For more details see comments in the
original commit.

This reverts commit 4a22f9ad8ae5b9102cf7af68efeacd5a81848bf3.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
4 months agor8152: drop led configuration patch
AmadeusGhost [Sat, 7 May 2022 15:30:02 +0000 (23:30 +0800)]
r8152: drop led configuration patch

This makes those annoying loud noises go away, and this
commit should not be reverted. If you have any questions,
please contact the manufacturer.

4 months agorockchip: fixes pcie eth compatible for r4s
AmadeusGhost [Tue, 3 May 2022 15:40:10 +0000 (23:40 +0800)]
rockchip: fixes pcie eth compatible for r4s

Use the standard pci device binding to fixes this.

Signed-off-by: AmadeusGhost <amadeus@immortalwrt.org>
4 months agokernel: bump 5.4 to 5.4.194
Hauke Mehrtens [Tue, 17 May 2022 21:33:27 +0000 (21:33 +0000)]
kernel: bump 5.4 to 5.4.194

Compile-tested: lantiq/xrx200, armvirt/64
Run-tested: lantiq/xrx200, armvirt/64

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agokernel: bump 5.4 to 5.4.192
Hauke Mehrtens [Tue, 10 May 2022 18:34:09 +0000 (18:34 +0000)]
kernel: bump 5.4 to 5.4.192

Compile-tested: armvirt/64
Run-tested: armvirt/64

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agokernel: bump 5.4 to 5.4.191
Hauke Mehrtens [Mon, 9 May 2022 18:18:20 +0000 (18:18 +0000)]
kernel: bump 5.4 to 5.4.191

Merged upstream:
 apm821xx/patches-5.4/150-ata-sata_dwc_460ex-Fix-crash-due-to-OOB-write.patch

Similar patch merged upstream:
 bcm27xx/patches-5.4/950-0210-usb-xhci-Disable-the-XHCI-5-second-timeout.patch

Manually adapted:
 layerscape/patches-5.4/801-audio-0008-Revert-ASoC-Remove-dev_err-usage-after-platform_get_.patch

Compile-tested: armvirt/64
Run-tested: armvirt/64

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 months agorockchip/armv8: enable armv8-CE crypto algorithms
Eneas U de Queiroz [Wed, 20 Apr 2022 18:26:32 +0000 (15:26 -0300)]
rockchip/armv8: enable armv8-CE crypto algorithms

This enables armv8 crypto extensions version of AES, GHASH, and CRC T10
algorithms in the kernel.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit eef8fbec8f63ac0686f87ff5735cab21884fa273)

4 months agorockchip: drm-rockchip: fix Kconfig
Tianling Shen [Tue, 17 May 2022 09:17:44 +0000 (17:17 +0800)]
rockchip: drm-rockchip: fix Kconfig

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 6957f13eea1eb8e71c20795a9e0b03de045a7cf9)

4 months agor8125: bump to 9.009.00
Tianling Shen [Fri, 29 Apr 2022 10:38:05 +0000 (18:38 +0800)]
r8125: bump to 9.009.00

Switched to GitHub codeload.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 5c11bf7327b186a2a7dfc90a66f8668f2a6f954e)

4 months agowolfssl: bump to v5.3.0-stable
Eneas U de Queiroz [Tue, 10 May 2022 19:39:11 +0000 (16:39 -0300)]
wolfssl: bump to v5.3.0-stable

This is mostly a bug fix release, including two that were already
patched here:
- 300-fix-SSL_get_verify_result-regression.patch
- 400-wolfcrypt-src-port-devcrypto-devcrypto_aes.c-remove-.patch

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 73c1fe2890baa5c0bfa46f53c5387f5e47de1acb)

4 months agoopenssl: bump to 1.1.1o
Eneas U de Queiroz [Tue, 10 May 2022 23:34:57 +0000 (20:34 -0300)]
openssl: bump to 1.1.1o

This release comes with a security fix related to c_rehash.  OpenWrt
does not ship or use it, so it was not affected by the bug.

There is a fix for a possible crash in ERR_load_strings() when
configured with no-err, which OpenWrt does by default.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7a5ddc0d06895bde7538d78c8dad2c863d70f946)

4 months agoMerge Official Source
Tianling Shen [Tue, 17 May 2022 07:23:08 +0000 (15:23 +0800)]
Merge Official Source

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
4 months agoscripts/download.pl: drop broken mirror
Tianling Shen [Fri, 6 May 2022 14:10:58 +0000 (22:10 +0800)]
scripts/download.pl: drop broken mirror

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 02edeb14690c14bd7021b4be2270286bb4bb9108)

4 months agox86: drop duplicate sets
Tianling Shen [Mon, 2 May 2022 08:32:48 +0000 (16:32 +0800)]
x86: drop duplicate sets

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 7014ff8199b296917c4957da37999db6adec58a6)

4 months agofirewall: config: remove restictions on DHCPv6 allow rule
Tiago Gaspar [Wed, 4 May 2022 09:36:07 +0000 (10:36 +0100)]
firewall: config: remove restictions on DHCPv6 allow rule

Remove restrictions on source and destination addresses, which aren't
specified on RFC8415, and for some reason in openwrt are configured
to allow both link-local and ULA addresses.
As cleared out in issue #5066 there are some ISPs that use Gloabal
Unicast addresses, so fix this rule to allow them.

Fixes: #5066

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
[rebase onto firewall3, clarify subject, bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit 65258f5d6093809c541050256646795bc0a460a9)

4 months agor8168: bump to 8.050.00
ZiMing Mo [Wed, 4 May 2022 09:20:06 +0000 (17:20 +0800)]
r8168: bump to 8.050.00

Signed-off-by: ZiMing Mo <msylgj@immortalwrt.org>
(cherry picked from commit 662ff61b56101dbe3e7f8c4654cd4b8439d14120)

4 months agoath79: drop orphan csac detection
Tianling Shen [Wed, 4 May 2022 06:57:06 +0000 (14:57 +0800)]
ath79: drop orphan csac detection

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
4 months agoMerge Official Source
Tianling Shen [Wed, 4 May 2022 06:56:03 +0000 (14:56 +0800)]
Merge Official Source

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
4 months agokernel: mtdsplit: fix typo error
Ikko Ashimine [Mon, 2 May 2022 10:01:37 +0000 (19:01 +0900)]
kernel: mtdsplit: fix typo error

occured -> occurred

4 months agoramips: zbt-wg2626: Add the reset gpio for PCIe port 1
Alban Bedel [Sat, 30 Apr 2022 08:42:33 +0000 (10:42 +0200)]
ramips: zbt-wg2626: Add the reset gpio for PCIe port 1

The 2.4GHz interface doesn't come up properly with the log showing:

    mt7621-pci 1e140000.pcie: pcie1 no card, disable it (RST & CLK)

As seen on other MT7621 boards this is caused by a missing reset GPIO.
The MT7621 dtsi set GPIO 19 as PCIe reset GPIO, which on this board
reset the 5GHz interface on port 0. Add GPIO 8 to the PCIe reset GPIO
list to also reset the 2.4GHz interface on port 1.

Signed-off-by: Alban Bedel <albeu@free.fr>
(cherry picked from commit f953a1a4bfba2fa70c12bb80938aa66481a673b6)

4 months agofstools: enable any device with non-MTD rootfs_data volume
lean [Sat, 19 Jun 2021 11:26:22 +0000 (19:26 +0800)]
fstools: enable any device with non-MTD rootfs_data volume

Fixes: #673

4 months agoipq40xx: fix ar40xx driver
Nick Hainke [Mon, 18 Apr 2022 13:04:25 +0000 (15:04 +0200)]
ipq40xx: fix ar40xx driver

This commit is completely based on the work of adron-s:
https://github.com/openwrt/openwrt/pull/4721#issuecomment-1101108651

The commit fixes the data corruption on TX packets. Packets are
transmitted, but their contents are replaced with zeros. This error is
caused by the lack of guard (50 ms) intervals between calibration phases.
This error is treated by adding mdelay(50) to the calibration function
code. In the original qca-ssda code [0], these mdelays were existing, but
in the ar41xx.c they are gone.

Tested on:
- Fritz!Box 4040
- Fritz!Box 7530
- Mikrotik SXTsq 5AC
- ZyXEL NBG6617

- [0] https://git.codelinaro.org/clo/qsdk/oss/lklm/qca-ssdk/-/blob/NHSS.QSDK.11.4/src/init/ssdk_init.c#L2072

Suggested-by: Serhii Serhieiev <adron@mstnt.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit ab7e53e5cce703c7a62efbe1d41fb94c2228a178)
[Deleted 5.10 from commit title]
Signed-off-by: Nick Hainke <vincent@systemli.org>