- 23 7月, 2022 4 次提交
-
-
由 Daniel Kestrel 提交于
There are forum reports that 2 LAN ports are not working, the GPIO settings are adjusted to fix the problem. Signed-off-by: NDaniel Kestrel <kestrel1974@t-online.de> (cherry picked from commit 0f301b0b)
-
由 Christian Lamparter 提交于
The order of LAN ports shown in Luci is reversed compared to what is written on the case of the device. Fix the order so that they match. Fixes: #10275 Signed-off-by: NChristian Lamparter <chunkeey@gmail.com> (cherry picked from commit 69ea6713)
-
由 Christian Lamparter 提交于
The change of the PKG_VERSION caused the hash of the package to change. This is because the PKG_VERSION is present in the internal directory structure of the archive. Fixes: 038d5bda ("layerscape: use semantic versions for LSDK") Signed-off-by: NChristian Lamparter <chunkeey@gmail.com> (cherry picked from commit e879ccca) (cherry picked from commit d4391ef0)
-
由 Christian Lamparter 提交于
moves and extends the current facilities, which have been added some time ago for the the usbip utility, to support more utilites that are shipped with the Linux kernel tree to the SDK. this allows to drop all the hand-waving and code for failed previous attempts to mitigate the SDK build failures. Fixes: bdaaf66e ("utils/spidev_test: build package directly from Linux") Signed-off-by: NChristian Lamparter <chunkeey@gmail.com> (cherry picked from commit b479db90)
-
- 22 7月, 2022 4 次提交
-
-
由 Sander Vanheule 提交于
Destination switch ports for outgoing frame can range from 0 to CPU_PORT-1. Refactor the code to only generate egress frame CPU headers when a valid destination port number is available, and make the code a bit more consistent between different switch generations. Change the dest_port argument's type to 'unsigned int', since only positive values are valid. This fixes the issue where egress frames on switch port 0 did not receive a VLAN tag, because they are sent out without a CPU header. Also fixes a potential issue with invalid (negative) egress port numbers on RTL93xx switches. Reported-by: NArınç ÜNAL <arinc.unal@xeront.com> Suggested-by: NBirger Koblitz <mail@birger-koblitz.de> Tested-by: NLuiz Angelo Daros de Luca <luizluca@gmail.com> Signed-off-by: NSander Vanheule <sander@svanheule.net> (cherry picked from commit 1773264a)
-
由 Sander Vanheule 提交于
Priority values passed to the egress (TX) frame header initialiser are invalid when smaller than 0, and should not be assigned to the frame. Queue assignment is then left to the switch core logic. Current code for RTL83xx forces the passed priority value to be positive, by always masking it to the lower bits, resulting in the priority always being set and enabled. RTL93xx code doesn't even check the value and unconditionally assigns the (32 bit) value to the (5 bit) QID field without masking. Fix priority assignment by only setting the AS_QID/AS_PRI flag when a valid value is passed, and properly mask the value to not overflow the QID/PRI field. For RTL839x, also assign the priority to the right part of the frame header. Counting from the leftmost bit, AS_PRI and PRI are in bits 36 and 37-39. The means they should be assigned to the third 16 bit value, containing bits 32-47. Tested-by: NLuiz Angelo Daros de Luca <luizluca@gmail.com> Signed-off-by: NSander Vanheule <sander@svanheule.net> (cherry picked from commit 0b35a08a)
-
由 Sander Vanheule 提交于
The flag to enable L2 address learning on egress frames is in CPU header bit 40, with bit 0 being the leftmost bit of the header. This corresponds to BIT(7) in the third 16-bit value of the header. Correctly set L2LEARNING by fixing the off-by-one error. Fixes: 9eab76c8 ("realtek: Improve TX CPU-Tag usage") Tested-by: NLuiz Angelo Daros de Luca <luizluca@gmail.com> Signed-off-by: NSander Vanheule <sander@svanheule.net> (cherry picked from commit d6165ea7)
-
由 Sander Vanheule 提交于
The flag to enable the outgoing port mask is in CPU header bit 43, with bit 0 being the leftmost bit of the header. This corresponds to BIT(4) in the third 16-bit value of the header. Correctly set AS_DPM by fixing the off-by-one error. Fixes: 9eab76c8 ("realtek: Improve TX CPU-Tag usage") Tested-by: NLuiz Angelo Daros de Luca <luizluca@gmail.com> Signed-off-by: NSander Vanheule <sander@svanheule.net> (cherry picked from commit d9516cac)
-
- 21 7月, 2022 5 次提交
-
-
由 Wenli Looi 提交于
Netgear WAX202 is an 802.11ax (Wi-Fi 6) router. Specifications: * SoC: MT7621A * RAM: 512 MiB NT5CC256M16ER-EK * Flash: NAND 128 MiB F59L1G81MB-25T * Wi-Fi: * MT7915D: 2.4/5 GHz (DBDC) * Ethernet: 4x 1GbE * Switch: SoC built-in * USB: None * UART: 115200 baud (labeled on board) Load addresses (same as ipTIME AX2004M): * stock * 0x80010000: FIT image * 0x81001000: kernel image -> entry * OpenWrt * 0x80010000: FIT image * 0x82000000: uncompressed kernel+relocate image * 0x80001000: relocated kernel image -> entry Installation: * Flash the factory image through the stock web interface, or TFTP to the bootloader. NMRP can be used to TFTP without opening the case. * Note that the bootloader accepts both encrypted and unencrypted images, while the stock web interface only accepts encrypted ones. Revert to stock firmware: * Flash the stock firmware to the bootloader using TFTP/NMRP. References in WAX202 GPL source: https://www.downloads.netgear.com/files/GPL/WAX202_V1.0.5.1_Source.rar * openwrt/target/linux/ramips/dts/mt7621-ax-nand-wax202.dts DTS file for this device. Signed-off-by: NWenli Looi <wlooi@ucalgary.ca> (cherry picked from commit 0f068e7c)
-
由 Wenli Looi 提交于
Netgear encrypted image is used in various devices including WAX202, WAX206, and EX6400v3. This image format also requires a dummy squashfs4 image which is added here as well. References in WAX202 GPL source: https://www.downloads.netgear.com/files/GPL/WAX202_V1.0.5.1_Source.rar * openwrt/bootloader/u-boot-mt7621-2018.09-gitb178829-20200526/board/ralink/common/dual_image.c Bootloader code that verifies the presence of a squashfs4 image, thus a dummy image is added here. * openwrt/tools/imgencoder/src/gj_enc.c Contains code that generates the encrypted image. There is support for adding an RSA signature, but it does not look like the signature is verified by the stock firmware or bootloader. * openwrt/tools/imgencoder/src/imagekey.h Contains the encryption key and IV. It appears the same key/IV is used for other Netgear devices including WAX206 and EX6400v3. Signed-off-by: NWenli Looi <wlooi@ucalgary.ca> (cherry picked from commit efca76ff)
-
由 Hauke Mehrtens 提交于
The armvirt target is also used to run OpenWrt in lxc on other targets like a Raspberry Pi. If we set WOLFSSL_HAS_CPU_CRYPTO by default the wolfssl binray is only working when the CPU supports the hardware crypto extension. Some targets like the Raspberry Pi do not support the ARM CPU crypto extension, compile wolfssl without it by default. It is still possible to activate it in custom builds. Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit d1b5d17d)
-
由 Jianhui Zhao 提交于
This fix allows trigger a rerun of Build/Configure when rpcapd was selected. Signed-off-by: NJianhui Zhao <zhaojh329@gmail.com> (cherry picked from commit 6902af4f)
-
由 Pascal Ernster 提交于
Without this, WOLFSSL_HAS_DH can be disabled even if WOLFSSL_HAS_WPAS is enabled, resulting in an "Anonymous suite requires DH" error when trying to compile wolfssl. Signed-off-by: NPascal Ernster <git@hardfalcon.net> Reviewed-by: NEneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 21825af2)
-
- 20 7月, 2022 6 次提交
-
-
由 Hauke Mehrtens 提交于
No manual changes needed. Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>
-
由 John Audia 提交于
All patches automatically rebased. Signed-off-by: NJohn Audia <therealgraysky@proton.me>
-
由 John Audia 提交于
All patches automatically rebased. Build system: x86_64 Build-tested: ipq806x/R7800 Signed-off-by: NJohn Audia <therealgraysky@proton.me>
-
由 John Audia 提交于
All patches automatically rebased. Build system: x86_64 Build-tested: ipq806x/R7800 Signed-off-by: NJohn Audia <therealgraysky@proton.me>
-
由 John Audia 提交于
No patches needed to be rebased, just updated checksums Signed-off-by: NJohn Audia <therealgraysky@proton.me>
-
由 Rui Salvaterra 提交于
4cd7d4f Revert "firewall3: support table load on access on Linux 5.15+" 50979cc firewall3: remove unnecessary fw3_has_table Signed-off-by: NRui Salvaterra <rsalvaterra@gmail.com> (cherry-picked from commit 435d7a05) Signed-off-by: NWenli Looi <wlooi@ucalgary.ca>
-
- 19 7月, 2022 4 次提交
-
-
由 John Audia 提交于
Due to the bug described here[1], remove the 300 MHz clock to avoid a low voltage condition that can cause a hang when rebooting the RT3200/E8450. This solution is probably better than the script-based work-around[2]. 1. https://forum.openwrt.org/t/belkin-rt3200-linksys-e8450-wifi-ax-discussion/94302/1490 2. https://github.com/openwrt/openwrt/pull/5025Signed-off-by: NJohn Audia <therealgraysky@proton.me> Tested-by: NRui Salvaterra <rsalvaterra@gmail.com> Tested-by: NJohn Audia <therealgraysky@proton.me> (cherry picked from commit d0d6b8e1) [ fix the conflict by apply the patch to kernel 5.10 ] Signed-off-by: NChristian Marangi <ansuelsmth@gmail.com>
-
由 Rafał Miłecki 提交于
Signed-off-by: NRafał Miłecki <rafal@milecki.pl> (cherry picked from commit 864fdf2b)
-
由 Rafał Miłecki 提交于
Signed-off-by: NRafał Miłecki <rafal@milecki.pl> (cherry picked from commit 001856fa)
-
由 Rafał Miłecki 提交于
Signed-off-by: NRafał Miłecki <rafal@milecki.pl> (cherry picked from commit bb2a2b1d)
-
- 18 7月, 2022 1 次提交
-
-
由 Rafał Miłecki 提交于
This includes BCM63xx and BCM4908 families. Signed-off-by: NRafał Miłecki <rafal@milecki.pl> (cherry picked from commit d9ab1e56)
-
- 17 7月, 2022 4 次提交
-
-
由 Josef Schlehofer 提交于
Changes: 9c44557 opkg_remove: avoid remove pkg repeatly with option --force-removal-of-dependent-packages 2edcfad libopkg: set 'const' attribute for argv This should fix the CI error in the packages repository, which happens with perl. Signed-off-by: NJosef Schlehofer <pepe.schlehofer@gmail.com> (cherry picked from commit e21fea92)
-
由 Christian Lamparter 提交于
Debians' changelog by Henrique de Moraes Holschuh <hmh@debian.org>: * New upstream microcode datafile 20220419 * Fixes errata APLI-11 in Atom E3900 series processors * Updated Microcodes: sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384 * New upstream microcode datafile 20220510 * Fixes INTEL-SA-000617, CVE-2022-21151: Processor optimization removal or modification of security-critical code may allow an authenticated user to potentially enable information disclosure via local access (closes: #1010947) * Fixes several errata (functional issues) on Xeon Scalable, Atom C3000, Atom E3900 * New Microcodes: sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 * Updated Microcodes: sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224 sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496 sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888 sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888 sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696 sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408 sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568 sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264 sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912 sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776 sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776 sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640 sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280 sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400 sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472 sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472 sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480 sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544 sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472 sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448 sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280 sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256 sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424 Signed-off-by: NChristian Lamparter <chunkeey@gmail.com> (cherry picked from commit 2747a94f)
-
由 Dustin Lundquist 提交于
Changes between 1.1.1p and 1.1.1q [5 Jul 2022] *) AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation would not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. (CVE-2022-2097) [Alex Chernyakhovsky, David Benjamin, Alejandro Sedeño] Signed-off-by: NDustin Lundquist <dustin@null-ptr.net> (cherry picked from commit 3899f68b)
-
由 Eneas U de Queiroz 提交于
This version fixes two vulnerabilities: -CVE-2022-34293[high]: Potential for DTLS DoS attack -[medium]: Ciphertext side channel attack on ECC and DH operations. The patch fixing x86 aesni build has been merged upstream. Signed-off-by: NEneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 9710fe70) Signed-off-by: NChristian Marangi <ansuelsmth@gmail.com>
-
- 15 7月, 2022 6 次提交
-
-
由 Tomasz Maciej Nowak 提交于
This image is supposed to be written with help of bootloader to the flash, but as it stands, it's not aligned to block size and RedBoot will happily create non-aligned partition size in FIS directory. This could lead to kernel to mark the partition as read-only, therefore pad the image to block erase size boundary. Signed-off-by: NTomasz Maciej Nowak <tmn505@gmail.com> (cherry picked from commit 9decd2a8)
-
由 Tomasz Maciej Nowak 提交于
The bootloader on this board hid the partition containig MAC addresses and prevented adding this space to FIS directory, therefore those had to be stored in RedBoot configuration as aliases to be able to assigne them to proper interfaces. Now that fixed partition size are used instead of redboot-fis parser, the partition containig MAC addresses could be specified, and with marking it as nvmem cell, we can assign them without userspace involvement. Signed-off-by: NTomasz Maciej Nowak <tmn505@gmail.com> (cherry picked from commit b52719b7)
-
由 Tomasz Maciej Nowak 提交于
Don't comence the switch to RAMFS when the image format is wrong. This led to rebooting the device, which could lead to false impression that upgrade succeded. Being here, factor out the code responsible for upgrading RedBoot devices to separate file. Signed-off-by: NTomasz Maciej Nowak <tmn505@gmail.com> (cherry picked from commit 5897c52e)
-
由 Tomasz Maciej Nowak 提交于
After the kernel has switched version to 5.10, JA76PF2 and RouterStations lost the capability to sysupgrade the OpenWrt version. The cause is the lack of porting the patches responsible for partial flash erase block writing and these boards FIS directory and RedBoot config partitions share the same erase block. Because of that the FIS directory can't be updated to accommodate kernel/rootfs partition size changes. This could be remedied by bootloader update, but it is very intrusive and could potentially lead to non-trivial recovery procedure, if something went wrong. The less difficult option is to use OpenWrt kernel loader, which will let us use static partition sizes and employ mtd splitter to dynamically adjust kernel and rootfs partition sizes. On sysupgrade from ath79 19.07 or 21.02 image, which still let to modify FIS directory, the loader will be written to kernel partition, while the kernel+rootfs to rootfs partition. The caveats are: * image format changes, no possible upgrade from ar71xx target images * downgrade to any older OpenWrt version will require TFTP recovery or usage of bootloader command line interface To downgrade to 19.07 or 21.02, or to upgrade if one is already on OpenWrt with kernel 5.10, for RouterStations use TFTP recovery procedure. For JA76PF2 use instructions from this commit message: commit 0cc87b3b ("ath79: image: disable sysupgrade images for routerstations and ja76pf2"), replacing kernel image with loader (loader.bin suffix) and rootfs image with firmware (firmware.bin suffix). Fixes: b10d6044 ("kernel: add linux 5.10 support") Fixes: 15aa53d7 ("ath79: switch to Kernel 5.10") Signed-off-by: NTomasz Maciej Nowak <tmn505@gmail.com> (mkubntimage was moved to generic-ubnt.mk) Signed-off-by: NChristian Lamparter <chunkeey@gmail.com> (cherry picked from commit 5c142aad)
-
由 Ronny Kotzschmar 提交于
On the NanoPI R4S it takes an average of 3..5 seconds for the network devices to appear in '/proc/interrupts'. Wait up to 10 seconds to ensure that the distribution of the interrupts really happens. Signed-off-by: NRonny Kotzschmar <ro.ok@me.com> (cherry picked from commit 9b00e979)
-
由 Eneas U de Queiroz 提交于
Apply an upstream patch that removes unnecessary CFLAGs, avoiding generation of incompatible code. Commit 0bd53672 is reverted so the accelerated version builds by default on x86_64. Signed-off-by: NEneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 639419ec)
-
- 13 7月, 2022 1 次提交
-
-
由 Felix Fietkau 提交于
Exclude multicast from pending AQL budget Signed-off-by: NFelix Fietkau <nbd@nbd.name> (cherry-picked from commit 9f1d6223)
-
- 09 7月, 2022 5 次提交
-
-
由 Markus Stockhausen 提交于
During upload of firmware images the WebUI and CLI patch process extracts a version information from the uploaded file and stores it onto the jffs2 partition. To be precise it is written into the flash.txt or flash2.txt files depending on the selected target image. This data is not used anywhere else. The current OpenWrt factory image misses this label. Therefore version information shows only garbage. Fix this. Before: DGS-1210-20> show firmware information IMAGE ONE: Version : xfo/QE~WQD"A\Scxq... Size : 5505185 Bytes After: DGS-1210-20> show firmware information IMAGE ONE: Version : OpenWrt Size : 5505200 Bytes Tested-by: NLuiz Angelo Daros de Luca <luizluca@gmail.com> Signed-off-by: NMarkus Stockhausen <markus.stockhausen@gmx.de> (cherry picked from commit fae3ac35)
-
由 Markus Stockhausen 提交于
Currently we build factory images only for DGS-1210-28 model. Relax that constraint and take care about all models. Tested on DGS-1210-20 and should work on other models too because of common flash layout. Tested-by: NLuiz Angelo Daros de Luca <luizluca@gmail.com> Signed-off-by: NMarkus Stockhausen <markus.stockhausen@gmx.de> (cherry picked from commit 2b49ec3a)
-
Some realtek boards have two u-boot-env partitions. However, in the DGS-1210 series, the mtdblock2 partition is not a valid u-boot env and simply contains the board/device name, followed by nulls. 00000000 44 47 53 2d 31 32 31 30 2d 32 38 2d 46 31 00 00 |DGS-1210-28-F1..| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00040000 00000000 44 47 53 2d 31 32 31 30 2d 35 32 2d 46 31 00 00 |DGS-1210-52-F1..| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00040000 The misleading u-boot-env2 name also confuses uboot-envtools. Signed-off-by: NLuiz Angelo Daros de Luca <luizluca@gmail.com> (cherry picked from commit 8b798dbb)
-
由 Sander Vanheule 提交于
What should have been only cosmetic changes, ended up in breaking the script. Rename UIMAGE_CRC_SLICE back to (the original) UIMAGE_CRC_OFF. Fixes issue #10204 "cameo-tag.py broken" Reported-by: NMarkus Stockhausen <markus.stockhausen@gmx.de> Fixes: f9e840b6 ("scripts: add CAMEO tag generator") Signed-off-by: NSander Vanheule <sander@svanheule.net> (cherry picked from commit ebfe66e4)
-
由 Markus Stockhausen 提交于
From now on we will insert CAMEO tags into sysupgrade images for DGS-1210 devices. This will make the "OS:...FAILED" and "FS:...FAILED" messages go away. Signed-off-by: NMarkus Stockhausen <markus.stockhausen@gmx.de> (cherry picked from commit e763c4c8)
-