Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>

brcmsmac needs bcma. bcma is build into the kernel for the other bcm47xx
subtargets, but not for the legacy target because it only uses ssb. We
could build bcma as a module for bcm47xx_legacy, but none of these old
devices uses a wifi card supported by brcsmac.
Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit cb7d662d)

the 5.10 uml build currently breaks with:

/usr/bin/ld: arch/um/os-Linux/signal.o: in function `sigusr1_handler':
arch/um/os-Linux/signal.c:141: undefined reference to `uml_pm_wake'

But there's an upstream fix for this. Backport the fix
for now but also let upstream know so it finds its way
through the -stable releases.
Signed-off-by: NChristian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 8bea5edf)

This fixes compile of the bmips target.
Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f620eb70)

libxxhash is now available in the OpenWrt package feed and gdb will link
against it if gdb finds this library. Explicitly deactivate the usage
of xxhash.

This should fix the build of gdb in build bots.
Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a442974c)

4a673e1 fix null pointer dereference for INFORM messages
Signed-off-by: NHans Dedecker <dedeckeh@gmail.com>

Allow forced flashing of a factory firmware image, after checking for the
correct FIT magic header and Linksys board-specific footer. Details of the
footer are already described in scripts/linksys-image.sh.

This is convenient as it avoids using a TFTP server or OEM GUI, and allows
restoring OEM firmware or installing a "breaking" OpenWrt update (e.g DSA
migration and kernel repartition) directly from the command line.

Devices supported at this time include EA6350v3, EA8300, MR8300 and WHW01.
Reviewed-by: NRobert Marko <robimarko@gmail.com>
Tested-by:  Wyatt Martin <wawowl@gmail.com> # WHW01
Tested-by:  Tony Ambardar <itugrok@yahoo.com> # EA6350v3
Signed-off-by: NTony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 6fc334cb)

This is used to access footer data in firmare files, and is simpler and
less error-prone than using 'dd' with calculated offsets.
Signed-off-by: NTony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 9cbc825b)

The ABI of the wolfssl library changed a bit between version 5.5.3 and
5.5.4. This release update will trigger a rebuild of all packages which
are using wolfssl to make sure they are adapted to the new ABI.
Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ee47a28c)

Remove upstreamed:
- 001-Fix-enable-devcrypto-build-error.patch

Refresh patch:
- 100-disable-hardening-check.patch

Release notes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.4-stableSigned-off-by: NNick Hainke <vincent@systemli.org>
(cherry picked from commit 04634b2d)

Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.

Fixes the following CVEs:
* CVE-2022-46393: Fix potential heap buffer overread and overwrite in
DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.

* CVE-2022-46392: An adversary with access to precise enough information
about memory accesses (typically, an untrusted operating system
attacking a secure enclave) could recover an RSA private key after
observing the victim performing a single private-key operation if the
window size used for the exponentiation was 3 or smaller.
Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit af3c9b74)

Applications with libmbedtls, e.g. curl, fail on mpc85xx with:
  curl[7227]: illegal instruction (4) at b7c94288 nip b7c94288 lr b7c6b528 code 1 in libmbedcrypto.so.2.28.1[b7c3e000+7e000]
  curl[7227]: code: 3d7e0000 809e8004 91490000 816b814c 7d6903a6 4e800421 80010024 83c10018
  curl[7227]: code: 38210020 7c0803a6 4e800020 9421fff0 <7d4d42e6> 7c6c42e6 7d2d42e6 7c0a4840

This is due to a bug in gcc-11.2.0. It is fixed with gcc-11.3.0.
Import the patch that is fixing the issue.
Signed-off-by: NNick Hainke <vincent@systemli.org>

Tweaking the KCONFIG line of kmod-ata-marvell-sata makes the hack patch
unnecessary
Signed-off-by: NFelix Fietkau <nbd@nbd.name>
(cherry picked from commit 2e375e9b)

All patches automatically rebased.

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3
Signed-off-by: NJohn Audia <therealgraysky@proton.me>
(cherry picked from commit 59254010)

2397755 client: fix incorrectly emitting HTTP 413 for certain content lengths
Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 73dca49f)

Fix zero day vulnerability reported as ZDI-22-1690, no CVE assigned yet.
Picked from https://github.com/cifsd-team/ksmbd/commit/1f9d85a340Signed-off-by: NDaniel Graña <dangra@gmail.com>

This reverts commit fcff234f.

$(STAGING_DIR_HOST)/bin/gzip is not available in openwrt-22.03. The
change broke the build because the build process could not find this
file. For example ath79/generic netgear_wndap360 was affected.
Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>

The frequency appears as unlisted initial frequency.
Removed it as Hauke suggested.
Signed-off-by: NJan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit 5b82eeb3)

The CPE ID is already set in trusted-firmware-a.mk.
Signed-off-by: NStijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 9ed1830b)

There are 2 different CPE IDs on the NVD website:
cpe:/a:arm:trusted_firmware-a
cpe:/o:arm:arm_trusted_firmware

The ID as currently used in trusted-firmware-a.mk does not exist. The
CPE ID using the arm_trusted_firmware product name only lists a few
records for versions 2.2 and 2.3 on the NVD site. The CPE ID using the
trusted_firmware-a product name lists many more records, and actually
has a CVE linked to it. Therefore, use the CPE ID using the
trusted_firmware-a product name.

Fixes: 104d60fe ("trusted-firmware-a.mk: add PKG_CPE_ID")
Signed-off-by: NStijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit c8c6508c)

No patches affected by this update.

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3
Signed-off-by: NJohn Audia <therealgraysky@proton.me>
(cherry picked from commit 1e375c8f)

A device COMPILE target should not depend on another COMPILE.
Otherwise race condition may happen.
The loader is very small. Compiling it twice shouldn't
have a huge impact.
Signed-off-by: NAlexander Couzens <lynxis@fe80.eu>
(cherry picked from commit 17c6fb10)

Commit a01d23e7 ("image: always rebuild kernel loaders")
is a step in the right direction, but exposed some issues
and regressions in the makefile.

Some of the files made by device specific COMPILE targets
start with an "append" command (i.e. >> instead of > redirection)
and if the file already exists, the target file is the
input to itself before the first recipe-specified input.

Fixes: a01d23e7 ("image: always rebuild kernel loaders")
Fixes: a7fb589e ("image: always rebuild kernel loaders")
Signed-off-by: NMichael Pratt <mcpratt@pm.me>
(cherry picked from commit 1bff0752)

To generate commitcount we use grep --max-count. This is not present on
alpine grep and cause wrong generation. Use -m as it's just the short
version of --max-count and more portable.

Fixes: #11200
Signed-off-by: NChristian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit eb7ffeaf)

Most/all other tools use the staging dir prefix, gzip should as well.
Signed-off-by: NOlliver Schinagl <oliver@schinagl.nl>
Acked-by: NChristian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 47df168d)

The kmod prefix for sound-soc-sunxi is missing, fix it.
Also add kmod-sound-core as dependence.

Fixes: 6a356598 ("sunxi: Added profile for HAOYU Electronics Marsboard A10")
Signed-off-by: NChukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 7bcf6b54)

KERNEL_MAKEOPTS will get expanded when it is used and not when it is
defined in the kernel.mk file now. This fixes problems finding dependent
kernel modules when it is used by a kernel module package.

Without this change the build of packages which depend on other out of
tree modules failed when they used KERNEL_MAKE because some symbols could
not be found. This happened because KERNEL_MAKE_FLAGS which contains a
"if $(__package_mk)" was  evaluated where KERNEL_MAKEOPTS was defined
and not when the KERNEL_MAKE was used. For packages which included
kernel.mk before package.mk we saw this problem. One workaround
was to use the correct include order and the other one was to not
use KERNEL_MAKE_FLAGS, but copy its content.
Signed-off-by: NHauke Mehrtens <hmehrtens@maxlinear.com>
(cherry picked from commit 06ad3ade)

Reported by user: missing driver for USB; add to image definition
https://github.com/openwrt/openwrt/issues/11326

Resolves: #11326
Signed-off-by: NTony Butler <spudz76@gmail.com>
Acked-by: NAleksander Jan Bajkowski <olek2@wp.pl>
(cherry picked from commit 9a1ab8aa)

Backport upstream patch to fix build error when
/dev/crypto enabled.

https://github.com/wolfSSL/wolfssl/commit/dc9f46a3be00b5e82684a158605189d1278e324c

Fixes: #10944
Signed-off-by: NChukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 17169150)

This adds the following changes:
a88f07f71f stdlib: Remove attr_write from mbstows if dst is NULL [BZ: 29265]
4bc889c01c stdlib: Fixup mbstowcs NULL __dst handling. [BZ #29279]
1fcc7bfee2 alpha: Fix generic brk system call emulation in __brk_call (bug 29490)
68507377f2 socket: Check lengths before advancing pointer in CMSG_NXTHDR
536ddc5c02 elf: Call __libc_early_init for reused namespaces (bug 29528)
2a44960cbc Apply asm redirections in stdio.h before first use [BZ #27087]
b41c535f46 Apply asm redirections in wchar.h before first use
2b3d020055 nscd: Fix netlink cache invalidation if epoll is used [BZ #29415]
bc5cb538e5 elf: Run tst-audit-tlsdesc, tst-audit-tlsdesc-dlopen everywhere
2ff6775ad3 elf: Fix hwcaps string size overestimation
f50a6c843a gconv: Use 64-bit interfaces in gconv_parseconfdir (bug 29583)
1a3afdfe31 resolv: Add tst-resolv-byaddr for testing reverse lookup
6a833d798e resolv: Add tst-resolv-aliases
4d2e67d6e5 resolv: Add internal __res_binary_hnok function
bb8adbba4f resolv: Add the __ns_samebinaryname function
c288e032ae resolv: Add internal __ns_name_length_uncompressed function
e7c03f4765 resolv: Add DNS packet parsing helpers geared towards wire format
d9c979abf9 nss_dns: Split getanswer_ptr from getanswer_r
32e5db3768 nss_dns: Rewrite _nss_dns_gethostbyaddr2_r and getanswer_ptr
7267341ec1 nss_dns: Remove remnants of IPv6 address mapping
9abc40d9b5 nss_dns: Rewrite getanswer_r to match getanswer_ptr (bug 12154, bug 29305)
c36e7cca35 nss_dns: In gaih_getanswer_slice, skip strange aliases (bug 12154)
480c820493 resolv: Add new tst-resolv-invalid-cname
2def56a349 nss_dns: Rewrite _nss_dns_gethostbyname4_r using current interfaces
044755e2fa resolv: Fix building tst-resolv-invalid-cname for earlier C standards
a2e259014f Avoid extra load with CAS in __pthread_mutex_lock_full [BZ #28537]
ed8300c054 Avoid extra load with CAS in __pthread_mutex_clocklock_common [BZ #28537]
a6b81f605d Add LLL_MUTEX_READ_LOCK [BZ #28537]
6bcfbee727 Move assignment out of the CAS condition
43760d33d7 nptl: Effectively skip CAS in spinlock loop
04efdcfac4 sysdeps: Add 'get_fast_jitter' interace in fast-jitter.h
ea69248445 nptl: Add backoff mechanism to spinlock loop
95f5089d4a x86: include BMI1 and BMI2 in x86-64-v3 level
414fc856ff x86-64: Require BMI2 for AVX2 str(n)casecmp implementations
e1561d8cf0 x86-64: Require BMI2 for AVX2 strcmp implementation
b9cbb8dd48 x86-64: Require BMI2 for AVX2 strncmp implementation
67e863742d x86-64: Require BMI2 for AVX2 wcs(n)cmp implementations
94b9c1b640 x86-64: Require BMI2 for AVX2 (raw|w)memchr implementations
36d6b9be3d x86-64: Require BMI2 and LZCNT for AVX2 memrchr implementation
e570b865b5 x86-64: Require BMI1/BMI2 for AVX2 strrchr and wcsrchr implementations
e3976287b2 nscd: Drop local address tuple variable [BZ #29607]
c95ef423d7 nss: Implement --no-addrconfig option for getent
16c7ed6e68 nss: Fix tst-nss-files-hosts-long on single-stack hosts (bug 24816)
d5313bcb7e nss: Use shared prefix in IPv4 address in tst-reload1
9f55d2e7c4 elf: Do not completely clear reused namespace in dlmopen (bug 29600)
ca5df79545 linux: Fix generic struct_stat for 64 bit time (BZ# 29657)
f42d871b22 Makerules: fix MAKEFLAGS assignment for upcoming make-4.4 [BZ# 29564]
675ba1f361 mktime: improve heuristic for ca-1986 Indiana DST
6e8044e910 Fix memmove call in vfprintf-internal.c:group_number
291d440206 Allow #pragma GCC in headers in conformtest
86a701a204 regex: copy back from Gnulib
fa5044f1e3 regex: fix buffer read overrun in search [BZ#28470]
06afa5e09f io: Fix ftw internal realloc buffer (BZ #28126)
deea6ab1bc io: Fix use-after-free in ftw [BZ #26779]
d57cdc1b5a Linux: Support __IPC_64 in sysvctl *ctl command arguments (bug 29771)
75b0edb7ef Update NEWS file in the right place
691f70b84a elf: Fix rtld-audit trampoline for aarch64
e3255e7d21 x86: Fix wcsnlen-avx2 page cross length comparison [BZ #29591]
309c4708ac elf: Fix wrong fscanf usage on tst-pldd
42b9d7def8 Allow for unpriviledged nested containers
405b8ae135 elf: Fix wrong fscanf usage on tst-pldd
a1c12fdf3f _Static_assert needs two arguments for compatibility with GCC before 9
a4217408a3 Apply asm redirections in syslog.h before first use [BZ #27087]
Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>

The commit was pushed into the branch to early. It does not help fixing
illegal instruction bug on mpc85xx. That's why it should be reverted.

This reverts commit de6c3cca.
Signed-off-by: NNick Hainke <vincent@systemli.org>

* refresh patches
Signed-off-by: NMichal Vasilek <michal.vasilek@nic.cz>

7de4820 iwinfo: add "hwmodes_text" to the info output
b3f530b iwinfo: clean up rpc_iwinfo_call_hw_ht_mode()
c46ad61 iwinfo: reuse infos provided by libiwinfo
6c5e900 iwinfo: constify string map arg for rpc_iwinfo_call_int()
Signed-off-by: NJo-Philipp Wich <jo@mein.io>
(cherry picked from commit d15b1fbe)

8d15809 cli: print current HT mode
8f86dd6 cli: use IWINFO_HTMODE_COUNT
f36b72b cli: use IWINFO_KMGMT_NAMES
91be7e0 cli: use IWINFO_CIPHER_NAMES
49b6ec9 cli: fix printing the scan channel width
b1c8873 cli: fix marking the active channel
9e14e64 utils: add iwinfo_band2ghz() and iwinfo_ghz2band() helpers
e084781 utils: add helper functions to get names by values
d09a77a utils: add iwinfo_htmode_is_{ht|vht|he} helpers
8752977 utils: add and use iwinfo_format_hwmodes()
02f433e lib: add IWINFO_80211_COUNT and IWINFO_80211_NAMES
1d30df1 lib: add IWINFO_BAND_COUNT and IWINFO_BAND_NAMES
aefd0ef lib: use common IWINFO_CIPHER_NAMES strings
a5b30de lib: add IWINFO_OPMODE_COUNT and use it for IWINFO_OPMODE_NAMES
9f29e79 lib: constify and fixup the string array definitions
fddc015 nl80211: mark frequencies where HE operation in not allowed
6d50a7c nl80211: add support for HE htmodes
4ba5713 nl80211: properly get available bands for the hwmode
91b2ada nl80211: update the kernel header nl80211.h
3f619a5 nl80211: fix frequency/channel conversion for the 6G band
a77d915 nl80211: don't guess if a name is an ifname
c27ce71 devices: add usb device MediaTek MT7921AU
14f864e nl80211: add ability to describe USB devices
a5a75fd nl80211: remove ancient wpa_supplicant ctrl socket path
dd4e1ff nl80211: fix wpa supplicant ctrl socket permissions
d638163 fix -Wdangling-else warnings
4aa6c5a fix -Wreturn-type warning
3112726 fix -Wpointer-sign warning
ebd5f84 fix -Wmaybe-uninitialized warning
5469898 fix -Wunused-variable warnings
462b679 fix -Wduplicate-decl-specifier warnings
ccaabb4 fix -Wformat-truncation warnings
50380db enable useful compiler warnings via -Wall

Fixes: https://github.com/openwrt/openwrt/issues/10158
Fixes: https://github.com/openwrt/openwrt/issues/10687Signed-off-by: NJo-Philipp Wich <jo@mein.io>
(cherry picked from commit 4a4d0bf7)

00aab87 Correctly identify key management algorithms starting with "FT-"
Signed-off-by: NHauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5c70b19c)

0496c722f1d7 nl80211: fix issues with renamed wiphy and multiple phy per device
Signed-off-by: NFelix Fietkau <nbd@nbd.name>
(cherry picked from commit 735f5f18)

46f04f3808e8 devices: add MediaTek MT7986 WiSoC
b3e08c8b5a8f ops: make support for wireless extensions optional
1f695d9c7f82 nl80211: allow phy names that don't start with 'phy'
b7f9f06e1594 nl80211: fix phy/netdev index lookup
4a43b0d40ba5 nl80211: look up the phy name instead of assuming name == phy<idx>
Signed-off-by: NFelix Fietkau <nbd@nbd.name>
(cherry picked from commit c787962e)

This symbol is added by the bcm27xx target patches so it should depend
on that target.

Fixes: efd9463d ("kernel: add missing symbol for bcm27xx")
Signed-off-by: NStijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit d5dc6cdc)

When KERNEL_PERF_EVENTS is enabled in OpenWrt, the RPI_AXIPERF symbol is
exposed. Add a build option for it to fix build failures with
KERNEL_PERF_EVENTS enabled.

Fixes: 3564c22e ("bcm27xx: disable duplicate sdhost driver")
Signed-off-by: NStijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit efd9463d)

Add support for EON EN25QX128A spi nor flash with no flags as it does
support SFDP parsing.

Fixes: #9442
Signed-off-by: NChristian Marangi <ansuelsmth@gmail.com>
Tested-by: Szabolcs Hubai <szab.hu@gmail.com> [ramips/mt7621: xiaomi_mi-router-4a-gigabit]
(cherry picked from commit d7876daf)