| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
|
|
|
| |
This allows directing processing of locally received packets to the CPUs
of the tasks receiving them
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
This spreads packet processing across all cores
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
| |
Release Announcement:
https://savannah.gnu.org/news/?group_id=425
Refresh:
- 200-libunistring-missing-link.patch
Tested-by: Georgi Valkov <gvalkov@gmail.com> # MacOS
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
|
| |
|
|
|
|
|
|
|
|
| |
uboot-envtools is currently missing config for Edgerouter-X
and its not immediately obvious what settings to manually
apply.
Provide default configuration for envtools on Edgerouter-X.
Signed-off-by: Tim Lunn <tim@feathertop.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a kernel module package for the Marvell
MV88E6XXX DSA switch and a separate module package for
the DSA tagger since it can in theory be used by multiple
DSA switches. Enable both DSA and EDSA tags in the
tagger.
We can't just compile this in because just a few devices
has this DSA, and it depends on e.g. the I2C and SFP
to be loaded as modules first.
We have no examples of DSA switches being packaged as
modules before, all seem to be compiled in, but it
actually works just fine to do this.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes multiple security problems:
* [High] CVE-2024-0901 Potential denial of service and out of bounds
read. Affects TLS 1.3 on the server side when accepting a connection
from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
it is recommended to update the version of wolfSSL used.
* [Med] CVE-2024-1545 Fault Injection vulnerability in
RsaPrivateDecryption function that potentially allows an attacker
that has access to the same system with a victims process to perform
a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin
Zhang, Qingni Shen for the report (Peking University, The University
of Western Australia)."
* [Med] Fault injection attack with EdDSA signature operations. This
affects ed25519 sign operations where the system could be susceptible
to Rowhammer attacks. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang,
Qingni Shen for the report (Peking University, The University of
Western Australia).
Size increased a little:
wolfssl 5.6.6:
516880 bin/packages/mips_24kc/base/libwolfssl5.6.6.e624513f_5.6.6-stable-r1_mips_24kc.ipk
wolfssl: 5.7.0:
519429 bin/packages/mips_24kc/base/libwolfssl5.7.0.e624513f_5.7.0-stable-r1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
| |
This contains a fix for:
CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x
before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto
API mishandles shared memory.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
| |
The Upstream Linux community has discontinued support for the target.
Maintaining support for it downstream would require too much effort.
Moreover, it seems that the supported hardware is no longer deemed worthy
of it.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add new functions for ath11k caldata:
- ath11k_patch_mac (from 0 to 5)
- ath11k_remove_regdomain
- ath11k_set_macflag (some pre-caldata have the nvMacFlag flag unset which is needed to change the MAC address)
Additionaly for ath10k caldata:
- ath10k_remove_regdomain
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This update contains a minor fix to resolve "detected write beyond size
of field" warning during compilation:
* "replace [0] with []" (1d0d08c)
All patches still apply.
References:
* https://github.com/openwrt/openwrt/issues/15108
Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Spectrum SAX1V1K is a AX WIFI router with 3 1G and 1 2.5G ports.
The router is provided to Spectrum customers.
It is OEM of Askey RT5010W
https://forum.openwrt.org/t/spectrum-sax1v1k-askey-rt5010w-openwrt-support/149923
It continues the original work by @MeisterLone to get this device supported.
Specifications:
```
• CPU: Qualcomm IPQ8072A Quad core Cortex-A53 2.2GHz
• RAM: 2048MB of DDR3
• Storage: 1024MB eMMC
• Ethernet: 3x 1G RJ45 ports (QCA8075) + 1 2.5G Port (QCA8081)
• WLAN:
• 2.4GHz: Qualcomm QCN5024 4x4 802.11b/g/n/ax 1174 Mbps PHY rate
• 5GHz: Qualcomm QCN5054 4x4 802.11a/b/g/n/ac/ax 2402 PHY rate
• LED: 1 gpio-controlled dual color led (blue/red)
• Buttons: 1x reset
• Power: 12V DC jack
```
Notes:
```
• This commit adds only single partition support, that means
sysupgrade is upgrading the current rootfs partition.
• Installation can be done by serial connection only.
• A poulated serial header is onboard
https://forum.openwrt.org/t/spectrum-sax1v1k-askey-rt5010w-openwrt-support/149923/6
• RX/TX is working, u-boot bootwait is active, secure boot is enabled.
```
Installation Instructions:
**Most part of the installation is performed from an initramfs image.**
Boot initramfs : Using serial connection
1. Boot up the device and wait till it displays "VERIFY_IB: Success. verify IB ok"
2. Once that message appears,
login with username 'root'
password serial number of your router in uppercase.
3. Use vi to paste the 'open.sh' script from @MeisterLone github on your device
https://github.com/MeisterLone/Askey-RT5010W-D187-REV6/blob/master/Patch/open.sh
4. chmod 755 open.sh
5. ./open.sh
6. Set your ip to 192.168.0.1
7. Run a TFTP server and host the initramfs image on the TFTP server and name it "recovery.img"
8. Reboot device. On boot it will try TFTP.
Install OpenWrt from initramfs image:
1. Use SCP (or other way) to transfer OpenWrt factory image
2. Connect to device using SSH (on a LAN port)
3. Flash firmware: sysupgrade
# sysupgrade -n -v /tmp/openwrt_sysupgrade.bin
4. Set U-boot env variable: bootcmd
# fw_setenv bootcmd "run fix_uboot; run setup_and_boot"
5. Reboot the device
# reboot
6. Once device is booted, residue of previous firmware will prevent openwrt to work properly.
Factory Reset is MUST required
# Once serial console is displaying to login, hold reset button for 10 sec
7. Now everything should be operational.
Note: this PR adds only single partition support, that means sysupgrade is
upgrading the current rootfs partition
Signed-off-by: Connor Yoon <j_connor@taliaent.com>
|
| |
|
|
|
|
|
|
|
| |
d413903016c4 kmodloader: support duplicate module names and aliases
1c9aaefc119a kmodloader: fix memleak adding to avl tree
4c5c45c6beac kmodloader: fix invalid write during insmod, CodeQL warnings
6a59975afc2c kmodloader: improve memory accounting and deallocation
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
|
| |
|
|
|
|
|
| |
ec8c620fd5f4 split bridge-local disable into rx and tx
40b1c5b6be4e flow: do not attempt to offload bridge-local flows
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
| |
This make source based IPv6 routing option available for
ppp/pptp/pppoe/pppoa
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For interface type parameters, the man page documents patterns:
```
*,!eth*,!!eth1
uses all interfaces, except interfaces starting with "eth",
but including "eth1".
```
* Renamed `_ifname` to `_l2dev`.
* get the l2dev via network_get_physdev (and not l3dev)
* Glob pattern `*` is also valid - use noglob for this
The net result is that now interface 'names' including globs '*' and '!'
inversions are included in the generated lldpd configs.
Temporarily `set -o noglob` and then `set +o noglob` to disable & enable
globbing respectively, because when we pass `*` as an interface choice,
other file and pathnames get sucked in from where the init script runs,
and the `*` never makes it to lldpd.
Tested extensively on: 22.03.6, 23.05.3
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
[ squash with commit bumping release version ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
| |
e8780fa7792a uclient: fix http regression
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
704c78111a92 uclient-http: use ustream_ssl without ustream_fd
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
524a76e5af78 ustream-ssl: add support for using a fd instead of ustream as backing
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
| |
Lets update to 2024.04 in order to drop all of the patches as they have
been merged upstream.
Tested on Methode eDPU.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
|
| |
|
|
|
|
|
| |
c2bf660d88ec lib: add log_msg callback to get more detailed log messages
9adb4ca5219d uclient-fetch: add uclient / ustream-ssl log messages (enabled via -v)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
| |
f9a28a9ce864 ustream-ssl: poll connection on incomplete reads
3c49e70c4622 ustream-ssl: increase number of read buffers
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
| |
60d8fbb5e669 mbedtls: handle session tickets for TLS 1.3
ac42af7981ae mbedtls: add ifdefs to fix legacy compatibility
af7c3532ad49 mbedtls: another cosmetic ifdef fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
| |
Reduce calls and pipes and read from urandom once directly with hexdump
for the necessary 5 bytes of random data to build the 48 bit ULA Prefix.
Fewer calls and forks; finish quicker; less memory used.
Tested on: 23.05.3
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
It seems that move to kernel 6.6 somehow fixed the remoteproc restart so
now it properly restarts and thus coldboot calibration works as well.
ipq60xx still seems to be broken in a different way so keep it disabled.
Signed-off-by: Robert Marko <robimarko@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add patch fixing rmmod and insmod. Lots of flawed logic fixed that
permits the module to correctly rmmod and insmod later.
Just to quote some change, use phy_detach instead of phy_disconnect, fix
exclusive reset_control that could only be used once, fix kernel panic
on second edma_cleanup, stop traffic before module exit...
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hardware specifications:
SoC: Qualcomm IPQ8072A
RAM: 1GB of DDR4 600MHz
Flash1: Winbond W25Q64DW 8MB
Flash2: MX30UF2G28AD 256MB
WiFi1: QCN5024 2.4GHz AX 4x4
WiFi2: QCN5054 5GHz AX 4x4
Ethernet: 5x 1G RJ45 port
USB: 2x USB 3.0 (1x M.2)
Button: Reset, WPS
Flash instructions:
Upload factory.bin in stock firmware's
upgrade page, do not preserve settings.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
|
| |
|
|
|
|
|
|
|
|
|
| |
Contains following updates:
* ipq8074: add Spectrum SAX1V1K BDF
* ipq8074: add Zbtlink ZBT-Z800AX BDF
* ipq8074: update regdb in Spectrum SAX1V1K BDF
* ipq6018: add Linksys MR7350 BDF
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
|
| |
|
|
|
|
| |
This make source based IPv6 routing option available for qmi
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
|
| |
|
|
|
|
| |
This make source based IPv6 routing option available for mbim
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
|
| |
|
|
|
|
| |
This make source based IPv6 routing option available for ncm
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
release notes:
7.21: https://www.spinics.net/lists/netfilter-devel/msg85299.html
7.20: https://www.spinics.net/lists/netfilter-devel/msg85120.html
7.19: https://www.spinics.net/lists/netfilter-devel/msg82985.html
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
|
| |
|
|
|
|
|
| |
musl dropped the GNU version of basename prototype from string.h
in 1.2.5.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
|
| |
|
|
|
|
|
| |
This reverts commit a9e22ffa5028e303dc32d15f1ce5e1be4c20e125.
After doing a clean rebuild, it turns out that this change is not necessary
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
Fixes perf
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
| |
3159bbe0a2eb improve isolation when selecting a fixed output port
c77a7a1ff74d nl: fix getting flow offload stats
a08e51e679dd add support for disabling bridge-local flows via config
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
Removed upstreamed patch.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
| |
Fixed bugs for memory initialization/training,
improved memory compatibility/stability.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
|
|
|
| |
Release Notes:
https://sourceware.org/pipermail/elfutils-devel/2024q1/006876.html
Refresh patch:
- 005-build_only_libs.patch
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The new script uses a different strategy compared to the previous one.
Instead of trying to split flows by hash and spread them to all CPUs,
use RPS to redirect packets to a single core only.
Try to spread NAPI thread and RPS target CPUs across available CPUs
and try to ensure that the NAPI thread is on a different CPU than the
RPS target. This significantly reduces cycles wasted on the scheduler.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
| |
Limiting allowed channels per device may be required and is commonly
supported on other drivers, so include a pending patch to add support for
the same.
Signed-off-by: Robert Marko <robimarko@gmail.com>
|
| |
|
|
|
|
|
| |
Change hash key struct size for faster lookup.
Fix clearing cache entries for forwarding
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
On some setup failures, iface->bss can be NULL
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
| |
As commit 3ce1e4c3d3da ("d1: define subtarget specifically") added the
'generic' subtarget, without 'BUILD_SUBTARGET' the correspond U-Boot
package will be no longer selected automatically.
Fixes: 3ce1e4c3d3da ("d1: define subtarget specifically")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
|
|
|
| |
Update to the latest upstream release to include recent improvements and
bugfixes. Update copyright, fix typo in PKG_NAME, and remove unneeded use
of MAKE_VARS definition in Makefile. Drop 001-cflags.patch and simplify
002-includes.patch after refreshing. Also simplify LTO/DCE build flags.
Link: https://github.com/libbpf/bpftool/releases/tag/v7.4.0
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
|
| |
|
|
|
|
|
|
|
|
| |
Update to the latest upstream release to include recent improvements and
bugfixes, and update copyright. Remove MAKE_VARS usage in Makefile and drop
001-cflags.patch which are no longer needed. Also add flags to disable LTO,
mistakenly dropped earlier.
Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.0
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
|
| |
|
|
|
|
|
|
|
|
| |
Defaults to off.
Available from >= 0.7.15
These are sent in TLV
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Defaults to off.
Only available from >= 1.0.15
These capabilities are sent in TLV.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
only available from >= 1.0.15
Comments are useful. Apparently this config parameter was committed when
openwrt used an older version of lldpd which did not yet support it.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Redirection broke in 5364fe0f01ca ("lldpd: shellcheck fixes")
redirects to /dev/null shall be handled correctly (i.e. last).
This fixes these errors on `/etc/init.d/lldpd reload`:
2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`
2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`
2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`
2024-03-16T20:39:00 [WARN/lldpctl] unknown command from argument 1: `/dev/null`
Tested-on: 22.03.6
Fixes: 5364fe0f01ca ("lldpd: shellcheck fixes")
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
[ improve commit description, add fixes tag ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|