| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
| |
Xiaomi AX9000 apply a special PHY LEDs configuration where the unique
green LED for each qca807x PHY port is turned on also on 1000Mbps link.
Apply this special configuration to reflect original implementation.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Xiaomi AX3600 apply a special PHY LEDs configuration where the unique
green LED for each qca807x PHY port is turned on also on 1000Mbps link.
Apply this special configuration to reflect original implementation.
Also enable CONFIG_PHYLIB_LEDS to actually expose the PHY LEDs if
defined in DT.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
| |
Convert every qca807x PHY definition in DT to new PHY package
implementation to correctly support applying fixup for the correct PHY
mode.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Port 0-4 have the mode set to SGMII instead of PSGMII. Now that we use
the upstream qca807x driver, this conflicts with the qca SSDK driver
that expects the mode to be PSGMII as for not integrated driver, it does
refer to the real PHY mode.
Update the entry for port 0-4 to PSGMII to solve warning from qca SSDK
in ipq8074-ess.dtsi.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
If a PHY doesn't use the integrated driver, SSDK use poll the phydev to
get the real PHY mode. qca807x use PSGMII as PHY mode and this specific
mode is not detected in qca SSDK while used in the entire driver.
Add support for it in the hsl_port_phydev_interface_mode_status_get
function used to translate PHY mode to the internal SSDK value.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
| |
IPQ807x have integrated qca8074 PHY supported by the upstream qca807x driver.
Enable it to use it instead of the downstream qca SSDK variant.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Disable Malibu PHY driver in Qca SSDK in favor of the upstream version.
The same workaround are applied and the version upstream is just a drop
in replacement and is well tested from the ipq40xx target.
Also using the upstream version permits further support for LEDs.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
| |
Adapt patches to new Upstream QCA807x PHY driver.
Rework the PHY patch to new PHY Package nodes.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport QCA807x PHY patches merged upstream that introduce the new
concept of PHY package.
Also add in generic config the new Kconfig CONFIG_QCA807X_PHY.
All affected patch automatically refreshed with make
target/linux/refresh.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
| |
Move LEDs netdev trigger patch from pending to backport as it has been
merged upstream.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Backport Aquantia PHY endianess patch. While the current implementation
works ok for Little-Endian targets, backport patch to prevent any kind
of malfunction if in the future we will have Big-Endian target with
Aquantia PHYs.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit d737ae99cb36 ("qualcommax: Fix Buffalo WXR-5950AX12 Ethernet
DTS") reverted the switch bmp to the original OEM definition and
added the malibu_first_phy_addr property.
Problem is that OEM bmp definition is wrong and actually doesn't make sense,
probably caused by copy-paste of the QCOM reference DTS without actually
setting real values. What actually fixed the regression was adding the
malibu_first_phy_addr as without it the MALIBU PHY was actually not
correctly configured and the Aquantia PHY were actually configured as
MALIBU PHY.
Fix all these wrong PHY definition.
The BPM is reverted and the following fixes are applied:
- Drop ESS_PORT1 as it's not actually attached in HW.
- Move ESS_PORT5 AGAIN from lan to wan. This refer to the first Aquantia
PHY that is labelled "wan"
- Move ESS_PORT6 AGAIN from wan to lan. This refer to the second
Aquantia PHY that is labelled "lan1".
Also PHY tag in MDIO node are renumbered to start from 0 following the
tagging standard used also in other dts and the not attached one (reg
0x18 and reg 0x1c) are correctly dropped.
Definition for port@1 in phyinfo is dropped as it doesn't exist.
dp nodes are updated to reference the new PHY tag numbering.
Fixes: d737ae99cb36 ("qualcommax: Fix Buffalo WXR-5950AX12 Ethernet DTS")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The NWA50AX Pro only has a eth0 interface for its only ethernet port.
Use this port for preinit.
Fixes non-working network in failsafe mode.
Signed-off-by: David Bauer <mail@david-bauer.net>
|
| |
|
|
|
|
|
|
| |
u64_stats_init() has been unable to handle NULL pointer since
6.1 kernel. This patch fixes kernel oops on mt76x8 and rt305x
sub-target.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
|
| |
|
|
|
|
|
|
| |
Highlights:
- Silence small page read warning.
- Autodetect NAND erase size and env sectors.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
|
| |
|
|
|
|
|
|
| |
In the 5.15 kernel, we use the staging driver version instead of the
downstream file.
Fixes: 88d982e3bd87 ("ramips: 6.1: mt7621-dma: add hsdma driver to files")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove upstreamed patches:
- 000-v5.18-01-dt-bindings-reset-add-dt-binding-header-for-Mediatek.patch
- 000-v5.18-02-staging-mt7621-dts-align-resets-with-binding-documen.patch
- 001-v5.18-01-dt-bindings-clock-mediatek-mt7621-sysc-add-reset-cel.patch
- 001-v5.18-02-clk-ralink-make-system-controller-node-a-reset-provi.patch
- 002-v6.0-MIPS-ralink-mt7621-avoid-to-init-common-ralink-reset.patch
- 100-v5.16-PCI-mt7621-Add-MediaTek-MT7621-PCIe-host-controller-.patch
- 101-v5.17-PCI-mt7621-Rename-mt7621_pci_-to-mt7621_pcie_.patch
- 102-v5.17-PCI-mt7621-Declare-mt7621_pci_ops-static.patch
- 103-v5.17-PCI-mt7621-Move-MIPS-setup-to-pcibios_root_bridge_pr.patch
- 104-v5.17-PCI-mt7621-Drop-of_match_ptr-to-avoid-unused-variabl.patch
- 105-v5.17-PCI-mt7621-Remove-unused-function-pcie_rmw.patch
- 106-v5.17-PCI-Let-pcibios_root_bridge_prepare-access-bridge-wi.patch
- 107-v6.2-PCI-mt7621-Add-sentinel-to-quirks-table.patch
- 108-v6.3-PCI-mt7621-Delay-phy-ports-initialization.patch
Manually refresh:
- 006-v6.5-mips-ralink-introduce-commonly-used-remap-node-funct.patch
- 320-MIPS-add-support-for-buggy-MT7621S-core-detection.patch
- 405-mtd-spi-nor-Add-support-for-BoHong-bh25q128as.patch
- 410-mtd-rawnand-add-driver-support-for-MT7621-nand-flash.patch
- 805-pinctrl-AW9523.patch
- 825-i2c-MIPS-adds-ralink-I2C-driver.patch
- 830-mmc-MIPS-ralink-add-sdhci-for-mt7620a-SoC.patch
Automatically refresh:
- 200-add-ralink-eth.patch
- 314-MIPS-add-bootargs-override-property.patch
- 315-owrt-hack-fix-mt7688-cache-issue.patch
- 700-net-ethernet-mediatek-support-net-labels.patch
- 720-Revert-net-phy-simplify-phy_link_change-arguments.patch
- 721-NET-no-auto-carrier-off-support.patch
- 800-dmaengine-mediatek-add-HSDMA-support-for-mt7621.patch
- 802-GPIO-MIPS-ralink-add-gpio-driver-for-ralink-SoC.patch
- 810-uvc-add-iPassion-iP2970-support.patch
- 821-SPI-ralink-add-Ralink-SoC-spi-driver.patch
- 835-asoc-add-mt7620-support.patch
- 840-serial-add-ugly-custom-baud-rate-hack.patch
- 845-pwm-add-mediatek-support.patch
- 850-awake-rt305x-dwc2-controller.patch
Tested-by: Andre Heider <a.heider@gmail.com> # netgear,wac124
Tested-by: Andrey Jr. Melnikov <temnota.am@gmail.com> # Xiaomi Mi Router 3G
Tested-by: Timo Dorfner <timo.capa@gmail.com> # mt7621/mir3g mt7621/rm2100
Reviewed-by: Shiji Yang <yangshiji66@qq.com>
Co-Developed-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes errors in the form of:
make[9]: Entering directory '/home/nick/openwrt/build_dir/target-mipsel_24kc_musl/linux-ramips_mt7620/linux-6.1.77'
CC drivers/net/ethernet/ralink/mtk_eth_soc.o
drivers/net/ethernet/ralink/mtk_eth_soc.c: In function 'fe_init':
drivers/net/ethernet/ralink/mtk_eth_soc.c:1368:51: warning: passing argument 2 of 'of_get_mac_address' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
1368 | of_get_mac_address(priv->dev->of_node, dev->dev_addr);
| ~~~^~~~~~~~~~
In file included from drivers/net/ethernet/ralink/mtk_eth_soc.c:26:
./include/linux/of_net.h:16:59: note: expected 'u8 *' {aka 'unsigned char *'} but argument is of type 'const unsigned char *'
16 | extern int of_get_mac_address(struct device_node *np, u8 *mac);
| ~~~~^~~
drivers/net/ethernet/ralink/mtk_eth_soc.c: In function 'fe_probe':
drivers/net/ethernet/ralink/mtk_eth_soc.c:1641:9: error: too many arguments to function 'netif_napi_add'
1641 | netif_napi_add(netdev, &priv->rx_napi, fe_poll, napi_weight);
| ^~~~~~~~~~~~~~
In file included from ./include/linux/etherdevice.h:21,
from drivers/net/ethernet/ralink/mtk_eth_soc.c:21:
./include/linux/netdevice.h:2611:1: note: declared here
2611 | netif_napi_add(struct net_device *dev, struct napi_struct *napi,
| ^~~~~~~~~~~~~~
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
[split commit and rewrite commit message]
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Upstream commit f48dc6b96649 ("spi: Retire legacy GPIO handling") [0]
removed support using GPIOs as chip select. Fix it by replacing cs_gpio
with cs_gpiod.
[0] - https://github.com/torvalds/linux/commit/f48dc6b9664963107e500aecfc2f4df27dc5afb6
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
[split commit and rewrite commit message]
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change fe_hw_set_macaddr and the set_mac parameter to const to fix
errors in the form of:
drivers/net/ethernet/ralink/mtk_eth_soc.c: In function 'fe_set_mac_address':
drivers/net/ethernet/ralink/mtk_eth_soc.c:174:53: error: passing argument 2 of 'priv->soc->set_mac' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
174 | priv->soc->set_mac(priv, dev->dev_addr);
| ~~~^~~~~~~~~~
drivers/net/ethernet/ralink/mtk_eth_soc.c:174:53: note: expected 'unsigned char *' but argument is of type 'const unsigned char *'
drivers/net/ethernet/ralink/mtk_eth_soc.c: In function 'fe_hw_init':
drivers/net/ethernet/ralink/mtk_eth_soc.c:1220:45: error: passing argument 2 of 'priv->soc->set_mac' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
1220 | priv->soc->set_mac(priv, dev->dev_addr);
| ~~~^~~~~~~~~~
drivers/net/ethernet/ralink/mtk_eth_soc.c:1220:45: note: expected 'unsigned char *' but argument is of type 'const unsigned char *'
drivers/net/ethernet/ralink/mtk_eth_soc.c:1222:44: error: passing argument 2 of 'fe_hw_set_macaddr' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
1222 | fe_hw_set_macaddr(priv, dev->dev_addr);
| ~~~^~~~~~~~~~
drivers/net/ethernet/ralink/mtk_eth_soc.c:155:75: note: expected 'unsigned char *' but argument is of type 'const unsigned char *'
155 | static inline void fe_hw_set_macaddr(struct fe_priv *priv, unsigned char *mac)
| ~~~~~~~~~~~~~~~^~~
cc1: all warnings being treated as errors
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream dropped support for legacy driver [0]. Rewrite the driver like
the renesas pwm driver [1].
Fixes erros in the form of:
make: *** [/__w/openwrt/openwrt/openwrt/include/toplevel.mk:232: target/compile] Error 1
====== Make errors from logs/target/linux/compile.txt ======
| ^~~~~~~~~~~~~~
drivers/pwm/pwm-mediatek-ramips.c:107:19: note: (near initialization for 'mtk_pwm_ops.free')
drivers/pwm/pwm-mediatek-ramips.c:108:10: error: 'const struct pwm_ops' has no member named 'disable'
108 | .disable = mtk_pwm_disable,
| ^~~~~~~
drivers/pwm/pwm-mediatek-ramips.c:108:20: error: initialization of 'int (*)(struct pwm_chip *, struct pwm_device *, struct pwm_capture *, long unsigned int)' from incompatible pointer type 'void (*)(struct pwm_chip *, struct pwm_device *)' [-Werror=incompatible-pointer-types]
108 | .disable = mtk_pwm_disable,
| ^~~~~~~~~~~~~~~
drivers/pwm/pwm-mediatek-ramips.c:108:20: note: (near initialization for 'mtk_pwm_ops.capture')
cc1: all warnings being treated as errors
[0] - https://github.com/torvalds/linux/commit/0829c35dc5346e90f428de61896362b51ab58296
[1] - https://github.com/torvalds/linux/commit/ec00cd5e63f05461ab48128775c73c851c3c2b18
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream dropped slave_id in dai_dma [0]. So drop it also in the mt7620
support patch.
Fixes errors in the form of:
sound/soc/ralink/ralink-i2s.c: In function 'ralink_i2s_init_dma_data':
sound/soc/ralink/ralink-i2s.c:452:17: error: 'struct snd_dmaengine_dai_dma_data' has no member named 'slave_id'
452 | dma_data->slave_id = i2s->txdma_req;
| ^~
sound/soc/ralink/ralink-i2s.c:462:17: error: 'struct snd_dmaengine_dai_dma_data' has no member named 'slave_id'
462 | dma_data->slave_id = i2s->rxdma_req;
| ^~
[0] - https://lore.kernel.org/r/20211122222203.4103644-3-arnd@kernel.org
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream changed in ed5c2f5fd10d ("i2c: Make remove callback return void")
the i2c driver's remove function to return no value. Adapt the driver code
to compile with 5.15 and 6.1 like it is done in other projects [0].
Fixes errors in the form of:
make[8]: Leaving directory '/home/nick/openwrt/build_dir/target-mipsel_24kc_musl/linux-ramips_mt7621/linux-6.1.29'
CC drivers/pinctrl/pinctrl-aw9523.o
drivers/pinctrl/pinctrl-aw9523.c:1117:19: error: initialization of 'void (*)(struct i2c_client *)' from incompatible pointer type 'int (*)(struct i2c_client *)' [-Werror=incompatible-pointer-types]
1117 | .remove = aw9523_remove,
| ^~~~~~~~~~~~~
drivers/pinctrl/pinctrl-aw9523.c:1117:19: note: (near initialization for 'aw9523_driver.remove')
cc1: all warnings being treated as errors
[0] - https://gitlab.com/ddcci-driver-linux/ddcci-driver-linux/-/merge_requests/10/diffs
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
| |
Apply the "109-drivers-mt7621-dma-handle-error-from-device_reset.patch"
directly on the downstream maintained dma driver.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
| |
Commit 87dd67f496f7 ("staging: mt7621-dma: remove driver from tree")
removed the mt7621-dma driver. Maintain the driver downstream in the
folder of the other mediatek drivers.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
| |
Copy config and patches from 5.15. This simplifies reviewing process.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
512e30fd56 Revert "elf: Remove unused l_text_end field from struct link_map"
55d3dfadf8 Revert "elf: Always call destructors in reverse constructor order (bug 30785)"
8e20aedfd7 Revert "elf: Move l_init_called_next to old place of l_text_end in link map"
5014fb12f4 elf: Fix wrong break removal from 8ee878592c
874d418697 elf: Fix TLS modid reuse generation assignment (BZ 29039)
8bd00f5b6d x86-64: Fix the dtv field load for x32 [BZ #31184]
d052665f35 x86-64: Fix the tcb field load for x32 [BZ #31185]
0ca9ba3a9e NEWS: Mention bug fixes for 29039/30745/30843
9b90e763db getaddrinfo: translate ENOMEM to EAI_MEMORY (bug 31163)
bd9f194c34 libio: Check remaining buffer size in _IO_wdo_write (bug 31183)
8b8a3f0aaf sunrpc: Fix netname build with older gcc
97a4292aa4 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246)
67062eccd9 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779)
2b58cba076 syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780)
1d8bb622df i386: Use pthread_barrier for synchronization on tst-bz21269
32450f6e8d sysdeps: tst-bz21269: fix test parameter
f7e97cea20 sysdeps: tst-bz21269: handle ENOSYS & skip appropriately
d97929eadc sysdeps: tst-bz21269: fix -Wreturn-type
5bbe7e0da5 x86_64: Optimize ffsll function code size.
98ec3e004e sparc: Fix broken memset for sparc32 [BZ #31068]
2ce7abef67 sparc64: Remove unwind information from signal return stubs [BZ#31244]
18da90677c sparc: Fix sparc64 memmove length comparison (BZ 31266)
8b849f70b3 sparc: Remove unwind information from signal return stubs [BZ #31244]
eee7525d35 arm: Remove wrong ldr from _dl_start_user (BZ 31339)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
| |
Refresh kernel patches changed from the just introduced ipq60xx new
subtarget.
Patch automatically refreshed with make target/linux/refresh.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
| |
These recipes are generic and will be used for other subtargets, so lets
move them to the target Makefile so they can reused.
Signed-off-by: Robert Marko <robimarko@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce support for the Qualcomm IPQ60xx SoC. WiFi support still has
to be handled and correctly fix hence this is currently marked as
source-only to have a solid base to progress on correct support of this
and hope Upstream QUIC publish newers ath11k drivers for this SoC.
Co-developed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Mantas Pucka <mantas@8devices.com>
[ improve commit description, add SoB for Robert, make it source-only ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
IPQ60xx uses a different codename for SSDK, so lets pass the correct one
as otherwise SSDK asumes we are building for the old MIPS SoC-s.
Signed-off-by: Robert Marko <robimarko@gmail.com>
[ drop outdated commit description info ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Update to latest version.
Refresh patches:
- 002-Revert-tools-env-use-run-to-store-lockfile.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
| |
Checking for AP_VLAN misdetects ath10k-ath12k as fullmac, because of software
crypto limitations. Check for monitor mode support instead, which is more
reliable.
Fixes: https://github.com/openwrt/openwrt/issues/14575
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
| |
- introduce 'DirectInterface' option to bind exactly to specified interface;
fixes #9666 and late IPv4/IPv6 address assignment
- option 'DirectInterface' takes precedence over 'Interface'
- improve interface/address handling,
e.g. verify count of listening endpoints due to dropbear limit (10 for now)
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
- correct maximum receive window size
- adjust receive window size against maximum allowed value
- warn about too high receive window size in syslog
improves f95eecfb
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
runtime:
- adjust ownership/permissions while starting dropbear
build time:
- correct file permissions for preseed files in $(TOPDIR)/files/etc/dropbear/ (if any)
closes #10849
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
end users should have done this since OpenWrt 19.07.
if they didn't do this yet - perform auto-transition.
schedule 'rsakeyfile' removal for next year release.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
| |
dropbear may be configured and compiled with support for different host key types
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
| |
move DROPBEAR_ASKPASS under DROPBEAR_DBCLIENT (in all meanings)
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
| |
these options allow one to configure U2F/FIDO support in more granular way
inspired by upstream commit aa6559db
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
reduces binary/package size and increases overall performance
also:
- adjust 910-signkey-fix-use-of-rsa-sha2-256-pubkeys.patch
to build without DROPBEAR_RSA/DROPBEAR_RSA_SHA256
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
| |
this takes an effect only if getusershell(3) is missing
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
| |
fixes 65256aee
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
hmac-sha1 and diffie-hellman-group14-sha1 are weak algorithms.
A future deprecation notice of ssh-rsa (2048-bit) has been issued. [1]
It has no place in a potentially internet-facing daemon like dropbear.
Upstream has acknowledged this and offered this solution to disable
these two until this is made to be the default in the next release
of dropbear next year. [2]
1. https://www.openssh.com/txt/release-8.2
2. https://github.com/mkj/dropbear/issues/138
Signed-off-by: John Audia <therealgraysky@proton.me>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
- "default n" is not needed: options are not selected by default
- wrap config on 80 characters width (assuming tab is 8 characters long)
- add feature cost size and security notes for DROPBEAR_AGENTFORWARD
and DROPBEAR_DBCLIENT_AGENTFORWARD:
describe why and where it should be disabled
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
| |
improves b78aae79
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- switch DB_OPT_COMMON and DB_OPT_CONFIG to comma-separated lists:
this allows to have values with "|" in DB_OPT_COMMON and DB_OPT_CONFIG
which is more likely to be than values with commas;
use $(comma) variable for values with commas.
- sort DB_OPT_COMMON and DB_OPT_CONFIG to have "overrides" on top of list.
- allow DB_OPT_COMMON to have values with commas.
- allow to replace multiline definitions in sysoptions.h.
improves e1bd9645
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
critical fixes:
- libtommath: possible integer overflow (CVE-2023-36328)
- implement Strict KEX mode (CVE-2023-48795)
various fixes:
- fix DROPBEAR_DSS and DROPBEAR_RSA config options
- y2038 issues
- remove SO_LINGER socket option
- make banner reading failure non-fatal
- fix "noremotetcp" behavior
- don't try to shutdown a pty
- fix test for multiuser kernels
adds new features:
- option to bind to interface
- allow inetd with non-syslog
- ignore unsupported command line options with dropbearkey
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- update dropbear to latest stable 2022.83;
for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- drop patches:
- 001-fix-MAX_UNAUTH_CLIENTS-regression.patch
- rework patches:
- 901-bundled-libs-cflags.patch
- refresh remaining patches
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
| |
Fix DTS error in LED color/function conversion due to a bug in the
conversion script.
Fixes: a9e0d97e1fc8 ("ipq40xx: convert to new LED color/function format where possible")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|