Commit Graph

23860 Commits

Author SHA1 Message Date
Tianling Shen
96fcadbba8
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-08-30 23:21:03 +08:00
Tianling Shen
b8e54164ce
rockchip: add ArmSom Sige3 support
Hardware
--------
RockChip RK3568 ARM64 (4 cores)
2/4/8GB LPDDR4x RAM
1000 Base-T
2500 Base-T
AP6275S Wi-Fi 6 / Bluetooth 5.3
2 LEDs (RED / GREEN)
8/16/32/64GB eMMC on-board
Micro-SD Slot
HDMI Port
USB 2.0 Port
USB 3.0 Port
USB Type-C 3.0 Port
M.2 M-Key
40-Pin Header
USB PD 2.0 9/12/15V Power

Installation
------------
Uncompress the ImmortalWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit a609a18fb9)
2024-08-30 23:14:56 +08:00
Tianling Shen
4e7be5f8b0
uboot-rockchip: add ArmSom Sige3 support
Add support for the ArmSom Sige3 board.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 3af9becde7)
2024-08-30 23:14:55 +08:00
Matthias Schiffer
5773538c90
base-files: fix merge of passwd/shadow/group lines with trailing colons
Empty trailing fields get lost when the lines are split and merged again
at colons, resulting in unparsable entries. Only use the split fields for
matching against the other file, but emit the original line unchanged
to fix the issue.

Fixes: de7ca7dafa ("base-files: merge /etc/passwd et al at sysupgrade config restore")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 9bbaa6f2c0)
2024-08-29 21:07:48 +02:00
Sarah Maedel
5a8588e360 hostapd: fix anqp_3gpp_cell_net list delimiter
This patch fixes the list delimiter between 3GPP networks
passed to hostapd.

> list iw_anqp_3gpp_cell_net '262,001'
> list iw_anqp_3gpp_cell_net '262,002'

When passing a list of "iw_anqp_3gpp_cell_net" parameters via UCI,
hostapd would crash at startup:
> daemon.err hostapd: Line 73: Invalid anqp_3gpp_cell_net: 262,001:262,002

Using a semicolon as a delimiter, hostapd will start as expected.

Signed-off-by: Sarah Maedel <git@tbspace.de>
(cherry picked from commit 8de185a176)
2024-08-28 12:00:23 +02:00
Tianling Shen
f4954e319e
armbian-firmware: pack bcm43752 pcie firmware
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit ad9fbe2f0a)
2024-08-24 13:45:46 +08:00
Tianling Shen
bf5a49d6f9
armbian-firmware: pack bt firmware for bcm43456
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit b0e86550ae)
2024-08-22 16:05:55 +08:00
Tianling Shen
e860b75a5c
armbian-firmware: fix typo error
Fixes: 3c11b8bb63 ("armbian-firmware: update nvram files")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit cf5592795c)
2024-08-22 15:52:45 +08:00
Tianling Shen
3c11b8bb63
armbian-firmware: update nvram files
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 2cfadcf343)
2024-08-22 15:48:55 +08:00
Tianling Shen
cbac782014
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-08-22 15:27:01 +08:00
Álvaro Fernández Rojas
bd79a16674 kernel: r8126: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 5d2a008670)
2024-08-19 12:46:30 +02:00
Álvaro Fernández Rojas
4d33716f96 kernel: r8125: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from a57a3e5cc5)
2024-08-19 12:46:14 +02:00
Álvaro Fernández Rojas
561d534adb kernel: r8168: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 2f846a3315)
2024-08-19 12:45:59 +02:00
Álvaro Fernández Rojas
fe8c1fdd24 kernel: r8101: print link status when link up
Like other Ethernet drivers, print link speed and duplex mode
when the interface is up. Formatting output at the same time.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from fe0240f27e)
2024-08-19 12:45:41 +02:00
Tianling Shen
9b5d38187e
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-08-18 22:15:03 +08:00
Álvaro Fernández Rojas
403af43fd4 kernel: r8126: ignore the rss rxnfc log
This log is noisy and useless, just ignore it.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 8d9893ff34)
2024-08-18 12:21:15 +02:00
Chukun Pan
6a877053dd kernel: r8125: ignore the rss rxnfc log
This log is noisy and useless, just ignore it.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from 2fd0102cc3)
2024-08-18 12:20:55 +02:00
Álvaro Fernández Rojas
c615bcf438 kernel: r8126: add RSS variant
Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from bfeef9b3d7)
2024-08-17 12:40:26 +02:00
Álvaro Fernández Rojas
a79157f257 package: add kmod-r8126 ethernet driver
r8126 is an out of tree driver provided by Realtek for RTL8126 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from 54623c6a1d)
2024-08-17 12:40:22 +02:00
Álvaro Fernández Rojas
4d0dc5e15e kernel: r8125: add RSS variant
Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from f063f4620c)
2024-08-17 12:35:09 +02:00
Álvaro Fernández Rojas
68d5ed7526 package: add kmod-r8125 ethernet driver
r8125 is an out of tree driver provided by Realtek for RTL8125 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from ddb4070c96)
2024-08-17 12:34:50 +02:00
Álvaro Fernández Rojas
7d6366dcd7 package: add kmod-r8168 ethernet driver
r8168 is an out of tree driver provided by Realtek for RTL8168 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
((cherry picked from commit 1565eeda4e)
2024-08-17 08:06:25 +02:00
Álvaro Fernández Rojas
d1de7d3c92 package: add kmod-r8101 ethernet driver
r8101 is an out of tree driver provided by Realtek for RTL8101 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit b72c4b5386)
2024-08-17 08:03:48 +02:00
Tianling Shen
ee233aab6a
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-08-13 16:53:05 +08:00
Tianling Shen
a591f9cd14 mediatek: enable rootwait for cmcc rax3000m emmc version
Sometimes the mmc deivce may come up later than kernel attempts to
mount rootfs, resulting kernel panic. Enable rootwait to fix it.

Reported-by: Yangyu Chen <cyy@cyyself.name>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/15077
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-11 19:18:39 +02:00
Tianling Shen
aff4e6c356
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-08-08 02:52:38 +08:00
Bjørn Mork
c241885687 kernel: ubootenv-nvram: driver for RAM backed environments
The vendor U-Boot implementaion on Telenor branded ZyXEL EX5700
devices does not store its environment on flash. It is instead
kept in a memory region.  This is persistent over reboots, but
not over power cycling.

The dual partition failsafe system used by the vendor U-Boot
requires the OS to modify a variable in this memory environment.
This driver allows the ordinary uboot-envtools to access a
memory region like it was a partition on NOR flash.

The specific vendor U-Boot adds a "no-map" /reserved-memory
section and a top level /ubootenv node pointing to the memory
environment.  The driver uses this device specific fact to
locate the region.  The matching and probing code will likely
have to be adjusted for any other devices to be supported.

Example partial device tree:

 / {
    ..
    ubootenv {
        memory-region = <&uenv>;
        compatible = "ubootenv";
    };
    ..
    reserved-memory {
        ..
        uenv: ubootenv@7ffe8000 {
            no-map;
            reg = <0 0x7ffe8000 0 0x4000>;
        };

Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit b2e810f495)
2024-08-07 12:12:30 +02:00
Tianling Shen
5e7fc895f2
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-08-05 18:10:40 +08:00
Rany Hany
e4625c37c4 hostapd: fix SAE H2E security vulnerability
This patch backports fixes for a security vulnerability impacting the
hostapd implementation of SAE H2E.

As upgrading hostapd would require more testing, the second mitigation
step which involves backporting several patches was adopted as outlined
in the official advisory[1].

An explanation of the impact of the vulnerability is provided from the
advisory[1]:

This vulnerability allows the attacker to downgrade the negotiated group
to another enabled group if both the AP and STA have enabled SAE H2E and
multiple groups. It should be noted that the H2E option is not enabled
by default and the attack is not applicable to the default option, i.e.,
hunting-and-pecking, since it does not have any downgrade protection for
group negotiation. In addition, the default configuration for enabled
SAE groups in hostapd is to enable only a single group, so the
vulnerability is not applicable unless hostapd has been explicitly
configured to enable more groups for SAE.

[1]: https://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt

Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16043
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit db7f70fe61)
2024-08-02 23:18:03 +02:00
Tianling Shen
621ae59865
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-08-02 22:34:25 +08:00
Hauke Mehrtens
f99dffcaca mac80211: Update to version 6.1.102-1
Upstream removed SSB and BCMA, the drivers are now compiled against the
in kernel versions. No need to patch this for OpenWrt.

Link: https://github.com/openwrt/openwrt/pull/15983
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-29 23:09:51 +02:00
Tianling Shen
5c8519b3ab
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-29 12:51:22 +08:00
Hauke Mehrtens
1478f641bd ltq-ptm: Fix netdev ioctls with kernel > 5.15
.ndo_do_ioctl is not called for SIOCDEVPRIVATE any more, the kernel
calls .ndo_siocdevprivate now.

The function gets the data pointer from the callback directly, make use
of it.

See upstream Linux kernel commit:
https://git.kernel.org/linus/b9067f5dc4a07c8e24e01a1b277c6722d91be39e

Link: https://github.com/openwrt/openwrt/pull/16005
(cherry picked from commit e33ebdd00e)
Link: https://github.com/openwrt/openwrt/pull/16023
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-28 23:56:35 +02:00
Hauke Mehrtens
56a84b3c47 mac80211: Fix wifi throughput
Backport 2 patches from upstream Linux to fix a Wifi throughput
problem.

Fixes: 323e249ce8 ("mac80211: Update to version 6.1.97-1")
Link: https://github.com/openwrt/openwrt/pull/16007
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-27 00:38:46 +02:00
Tianling Shen
79e9020dbe
r8126: add Realtek 5GbE PCIe Network Adapter support
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit c582674b44)
2024-07-20 18:26:22 +08:00
Tianling Shen
1e6d2fcc57
ImmortalWrt v23.05.3: revert to branch defaults
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-18 16:38:25 +08:00
Tianling Shen
f6bd6b3132
ImmortalWrt v23.05.3: adjust config defaults
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-18 16:38:25 +08:00
Tianling Shen
81a1f98d5b
uboot-envtools: add abt asr3000 support
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-18 14:35:54 +08:00
Tianling Shen
8b02028d63
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-17 16:30:06 +08:00
Tianling Shen
e961589a38
r8125/r8168: fix enable rss support
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 555d16f6a3)
2024-07-17 15:44:03 +08:00
Tianling Shen
45c3885977
r8168: enable rss support
Enable parallel build while at it.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit e7f6a79233)
2024-07-17 15:36:09 +08:00
Beginner-Go
50d00ae438
r8168: update to 8.053.00
Signed-off-by: Beginner-Go <70857188+Beginner-Go@users.noreply.github.com>
(cherry picked from commit 8c9561fc7c)
2024-07-17 15:36:06 +08:00
Tianling Shen
eda88db59f
r8125: set config via MAKE_FLAGS
Enable parallel build while at it.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 48d19e645a)
2024-07-17 15:35:43 +08:00
Tianling Shen
bb061d428c
r8101: Update to 1.039.00
Removed upstreamed patches.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 5a505f8c83)
2024-07-17 12:33:09 +08:00
Hauke Mehrtens
76a0c2932c OpenWrt v23.05.4: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-16 23:51:26 +02:00
Hauke Mehrtens
b9510660ce OpenWrt v23.05.4: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-16 23:51:19 +02:00
Hauke Mehrtens
84b000e5d0 wolfssl: Update to version 5.7.2
This fixes multiple security problems:
 * [Medium] CVE-2024-1544
   Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls.

 * [Medium] CVE-2024-5288
   A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations.

 * [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS.

 * [Low] CVE-2024-5991
   In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.

 * [Medium] CVE-2024-5814
   A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection.

 * [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received.

 * [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt.

Unset DISABLE_NLS to prevent setting the unsupported configuration
option --disable-nls which breaks the build now.

Link: https://github.com/openwrt/openwrt/pull/15948
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3a0232ffd3)
2024-07-16 00:05:18 +02:00
Tianling Shen
a0645675d4 uboot-mediatek: enable rootwait for jdcloud re-cp-03
Sometimes the mmc deivce may come up later than kernel attempts to
mount rootfs, resulting kernel panic. Enable rootwait to fix it.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-15 16:10:16 +02:00
Daniel Golle
9f739daf05 uboot-mediatek: fix patch order
Make sure patch sequence number is unique by moving patch
440-add-jdcloud_re-cp-03.patch -> 441-add-jdcloud_re-cp-03.patch

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2302a7c5ad)
2024-07-15 16:10:06 +02:00
Tianling Shen
5819783ce3
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-07-15 16:07:40 +08:00