git.openwrt.org Git - openwrt/openwrt.git/log

kernel: r8125: update to v9.016.00

Changelog: https://github.com/openwrt/rtl8125/compare/9.015.00...9.016.00

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 60606fa980d3fb8cd9b4bba1da9a321f9e72bebb)

kernel: r8168: add RSS variant

Instead of enabling RSS support, let's introduce a variant and let users
choose between both variants since it can cause network issues.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit cb3fc1aef9c01f23d7f740bf0c5f4b432d6d0e79)

kernel: r8127: rss: enable ENABLE_MULTIPLE_TX_QUEUE

We need both ENABLE_RSS_SUPPORT and ENABLE_MULTIPLE_TX_QUEUE in order to
support multiple RX and TX queues.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 7615de6ef0830d3917de66aaf4d5df6d3ff45c61)

kernel: r8126: rss: enable ENABLE_MULTIPLE_TX_QUEUE

We need both ENABLE_RSS_SUPPORT and ENABLE_MULTIPLE_TX_QUEUE in order to
support multiple RX and TX queues.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit a3e51a395652ec6b8b827de396b56ebc576d81e8)

kernel: r8125: rss: enable ENABLE_MULTIPLE_TX_QUEUE

We need both ENABLE_RSS_SUPPORT and ENABLE_MULTIPLE_TX_QUEUE in order to
support multiple RX and TX queues.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/18509
[bump release, improve commit description and package changes]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit d127963a4676909d2f58eb54859925a25cdaa063)

kernel: r8125: disable ASPM

Disable ASPM support for this NIC, fixing strange behavior problems, such as
increased latency, strange uneven throughput, etc.
With this option disabled the NIC achieves stable performance.
Upsteam r8169 driver disables ASPM by default for this NIC.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/18509
[bump release, fix commit description, split 2nd tx queue part]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit f99b39fd0caf4ba5f1be06841b772557243c4546)

kernel: r8127: load module at boot time

This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit b5680bd11339b2ed489e1deeaaa2a3432691490a)

kernel: r8126: load module at boot time

This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 9bb151d0c635241ceaa29525668cd225a10494d0)

kernel: r8125: load module at boot time

This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/18509
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit ce9f539672d2d55cea97e47a0e33459179237781)

kernel: r8168: load module at boot time

This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 617961403c27733de5e9c11b0b2e6ea44d2dcec4)

kernel: r8101: load module at boot time

This allows the network interface naming to be stable, free from any
possible interaction from external USB network devices that might
claim usb* interface names.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 7aeb837bf46acdd68b5ed373741be897bbb2067d)

package: add kmod-r8127 ethernet driver

r8127 is an out of tree driver provided by Realtek for RTL8127 devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 851ea69d8ebf4bdc80b29562123b96cd94387e9e)

openssl: update to 3.0.16

Changes between 3.0.15 and 3.0.16 [11 Feb 2025]

CVE-2024-13176[1] - Fixed timing side-channel in ECDSA signature
computation.

There is a timing signal of around 300 nanoseconds when the top word of
the inverted ECDSA nonce value is zero. This can happen with significant
probability only for some of the supported elliptic curves. In
particular the NIST P-521 curve is affected. To be able to measure this
leak, the attacker process must either be located in the same physical
computer or must have a very fast network connection with low latency.

CVE-2024-9143[2] - Fixed possible OOB memory access with invalid
low-level GF(2^m) elliptic curve parameters.

Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit
values for the field polynomial can lead to out-of-bounds memory reads
or writes. Applications working with "exotic" explicit binary (GF(2^m))
curve parameters, that make it possible to represent invalid field
polynomials with a zero constant term, via the above or similar APIs,
may terminate abruptly as a result of reading or writing outside of
array bounds. Remote code execution cannot easily be ruled out.

1. https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
2. https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143

Build system: x86/64
Build-tested: bcm27xx/bcm2712
Run-tested: bcm27xx/bcm2712

Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/17947
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit b4e6fd7b76440076eeff3a0789d40acbb5363ecf)
(cherry picked from commit 3abbc154546042af5efe6d299e3e40133dfb3d7f)
Link: https://github.com/openwrt/openwrt/pull/19073
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

wolfssl: Update to version 5.7.6

This fixes multiple bugs and also minor security problems.

Changelog:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.4-stable
https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.6-stable

The package size increases:
525814 bin/packages/mips_24kc/base/libwolfssl5.7.2.e624513f-5.7.2-r1.apk
549408 bin/packages/mips_24kc/base/libwolfssl5.7.6.e624513f-5.7.6-r1.apk

Link: https://github.com/openwrt/openwrt/pull/17742
(cherry picked from commit 0a7e92c2442bc09eec3875aae21996d9a5430806)
(cherry picked from commit 6f7bbd03954e8aa79484b7c5b727dd814bfee78d)
Link: https://github.com/openwrt/openwrt/pull/19073
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

grub2: set -std=gnu17

Arch Linux updated to GCC15 which now defaults to GNU23 as the default
instead of GNU17[1], and this breaks grub compilation.

This is fixed in more recent grub2 versions.

[1] https://gcc.gnu.org/gcc-15/porting_to.html#c23

Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

jsonfilter: update to Git HEAD (2025-04-18)

8a86fb78235b build: set GNU17 for lemon compilation

Link: https://github.com/openwrt/openwrt/pull/18525
(cherry picked from commit 891c8244f2b346b00190d25bd6970cf755a4aaa6)
Link: https://github.com/openwrt/openwrt/pull/18581
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit e0069e7587bbcd47821691586bffe65ec7b49534)
Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

toolchain: gdb: set -std=gnu17

Arch Linux updated to GCC15 which now defaults to GNU23 as the default
instead of GNU17[1], and this breaks gdb compilation.

This is fixed in more recent gdb versions.

[1] https://gcc.gnu.org/gcc-15/porting_to.html#c23

Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

toolchain: binutils: fix compilation with GCC15

GCC15 has switched the C language default from GNU17 to GNU23[1] and this
causes builds to fail with:
In file included from mips-opc.c:29:
mips-opc.c: In function 'decode_mips_operand':
mips-formats.h:86:7: error: expected identifier or '(' before 'static_assert'
   86 |       static_assert[(1 << (SIZE)) == ARRAY_SIZE (MAP)]; \
      |       ^~~~~~~~~~~~~
mips-opc.c:214:15: note: in expansion of macro 'MAPPED_REG'
  214 |     case 'z': MAPPED_REG (0, 0, GP, reg_0_map);
      |               ^~~~~~~~~~

So, backport upstream fix for this[2] to fix compilation with GCC15.
Patch for 2.40 was manually refreshed as part of the S390 code does not
exist in 2.40 as it was added after it.

[1] https://gcc.gnu.org/gcc-15/porting_to.html#c23
[2] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=8ebe62f3f0d27806b1bf69f301f5e188b4acd2b4

Fixes: #18678
Link: https://github.com/openwrt/openwrt/pull/18681
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit d3216173abfc47917807423fc7578406ea29db5b)
Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

tools: gmp: fix compilation with GCC15

Fedora 42 updated to GCC15 which now defaults to GNU23 as the default
instead of GNU17[1], and this breaks GMP compilation by failing to find
a working compiler test.

Its been fixed upstream [2][3], so backport the fix to fix GCC15 compilation.

[1] https://gcc.gnu.org/gcc-15/porting_to.html#c23
[2] https://gmplib.org/repo/gmp/rev/8e7bb4ae7a18
[3] https://gmplib.org/repo/gmp/rev/d66d66d82dbb

Link: https://github.com/openwrt/openwrt/pull/18506
(cherry picked from commit 31800db91d43042813b7249a09fd61c356b39767)
Link: https://github.com/openwrt/openwrt/pull/18581
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit d9fccc8e1a246bfa10a62ffaf60328d7f65178ed)
Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

tools/b43-tools: update to latest version, fix C23 build

Update b43-tools to the latest upstream version to fix a
compilation error with C23:

  util.h:25:15: error: 'bool' cannot be defined via 'typedef'
     25 | typedef _Bool bool;
        |               ^~~~

Changelog:
c6fc53f replace custom bool typedef with <stdbool.h>
dadf30c fix format warning in compilation
2fe10ea b43-fwdump: Fix forwarding of arguments to disassembler

Link: https://github.com/openwrt/openwrt/pull/18708
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit f8da45e25d9efcabbad65f1300de1bca7718b134)
Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

tools: elfutils: fix compilation with GCC15

Backport fix from upstream to fix compilation with host GCC 15.
https://sourceware.org/git/?p=elfutils.git;a=commitdiff_plain;h=7508696d107ca01b65ce8273c881462a8658f90f

Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

tools: elfutils: set -std=gnu17

Fedora 42 updated to GCC15 which now defaults to GNU23 as the default
instead of GNU17[1], and this breaks m4 compilation.

This looks like a gnulib issue, so until that is updated/fixed
lets simply set C language version back to GNU17.

[1] https://gcc.gnu.org/gcc-15/porting_to.html#c23

Link: https://github.com/openwrt/openwrt/pull/18506
(cherry picked from commit f165dd2f78f7aaafa85f59f5c35264dd03e3a6ce)
Link: https://github.com/openwrt/openwrt/pull/18581
Signed-off-by: Robert Marko <robimarko@gmail.com>
[Rework patch to make it apply]
(cherry picked from commit 1e51fd037d780725ca31cc92b39078468a383295)
Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

tools: e2fsprogs: fix compilation with GCC15

Backport fix from upstream to fix compilation with host GCC 15.
https://github.com/tytso/e2fsprogs/commit/49fd04d77b3244c6c6990be41142168eef373aef

Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

tools: m4: set -std=gnu17

Fedora 42 updated to GCC15 which now defaults to GNU23 as the default
instead of GNU17[1], and this breaks m4 compilation.

Its been reported upstream [2], so until its fixed lets simply set C
language version back to GNU17.

[1] https://gcc.gnu.org/gcc-15/porting_to.html#c23
[2] https://savannah.gnu.org/support/?111150

Link: https://github.com/openwrt/openwrt/pull/18505
(cherry picked from commit 8c141e53d720b14a1d8595e0f756f1619df6e763)
Link: https://github.com/openwrt/openwrt/pull/18581
Signed-off-by: Robert Marko <robimarko@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

tools: cpio: fix compilation with GCC15

Fedora 42 updated to GCC15 which now defaults to GNU23 as the default
instead of GNU17[1], and this breaks cpio compilation.

Its been reported upstream [2], so import the patch attached to the bug
report that fixes compilation with GCC15.

[1] https://gcc.gnu.org/gcc-15/porting_to.html#c23
[2] https://savannah.gnu.org/bugs/?66297

Link: https://github.com/openwrt/openwrt/pull/18506
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit c5041094ba06b3cdfb9458f1cb5acb00a9cbacd3)
Link: https://github.com/openwrt/openwrt/pull/19065
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: bump 5.15 to 5.15.185

Changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.185

All patches are automatically refreshed.

Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/19028
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: bump 5.15 to 5.15.184

Changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.184

New Kconfig symbols:
- enable CONFIG_MITIGATION_ITS[1]

All patches are automatically refreshed.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.184&id=858073be8899e16cc469be9c1837d6c3a64887fa

Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/19028
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

image: only filter out images when ImageBuilder is used

Currently, we are filtering out images if DEFAULT:=n or BROKEN:=y are set,
so if you are building from scratch and want to build custom images that
are stripped down to fit, you must edit the image recipe or its just
filtered out.

So, to allow this behaviour when building from scratch as we can assume
that person doing that knows what they are attempting to do lets just limit
the filtering to ImageBuilder.

Fixes: f060615a78e5 ("image: respect DEFAULT and BROKEN when Default profile is selected")
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit d0d1f190683ad5923182140c40afb479907a1c2b)

image: respect DEFAULT and BROKEN when Default profile is selected

Currently, when you select the Default profile it does not honor DEFAULT:=n
nor BROKEN:=y in device profiles but rather just tries to build all of them.

This may work when building directly, but when using Image Builder it will
always fail since no kernel or anything else is present for devices that
have DEFAULT:=n or BROKEN:=Y set since those are skipped during build.

So, lets look for DEFAULT being set to "n" or BROKEN being set to "y" and
then remove clear _PROFILE_SET so they dont end up being marked for
installation.

Fixes: #18410
Link: https://github.com/openwrt/openwrt/pull/18814
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit f060615a78e5c5e86829b2e40c3f77e5cf7033bf)

imagebuilder: exclude metadata for profiles that have no kernel

Device profiles that specify 'DEFAULT := n' are being included
in the imagebuilder metadata, specifically in .profiles.mk, even
though there is no kernel built for the device. This results in
'make info' showing the device as valid, but then 'make image
PROFILE=xxx' failing with 'No rule to make target xxx-kernel.bin ...'

We exclude these profiles from the imagebuilder, avoiding these
errors.

Fixes: https://github.com/openwrt/openwrt/issues/18410
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/18748
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit b88f3ebb3341281fa7e61dc4f039062e72c86b9e)

kernel: Update to version 5.15.183

All patches automatically rebased.

changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.183

Signed-off-by: Antony Kolitsos <zeusomighty@hotmail.com>

kernel: Update to version 5.15.182

Manually adapted the following patches:
generic/backport-5.15/828-v6.4-0002-of-Update-of_device_get_modalias.patch
generic/backport-5.15/828-v6.4-0004-of-Move-of_modalias-to-module.c.patch

changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.182

Signed-off-by: Antony Kolitsos <zeusomighty@hotmail.com>

tools: add cmake dependency to bzip2

It's using cmake.mk so it needs CMake to build.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/18880
(cherry picked from commit 9deb8fad2fbe6fcdc7fbe5d2eb6d8fd78992f485)
Signed-off-by: Felix Baumann <felix.bau@gmx.de>
Link: https://github.com/openwrt/openwrt/pull/18885
Signed-off-by: Robert Marko <robimarko@gmail.com>

ca-certificates: Update to 20241223

Update ca-certificates to version 20241223

  * Update Mozilla certificate authority bundle to version 2.70.
    The following certificate authorities were added (+):
    + Telekom Security TLS ECC Root 2020
    + Telekom Security TLS RSA Root 2023
    + FIRMAPROFESIONAL CA ROOT-A WEB
    + TWCA CYBER Root CA
    + SecureSign Root CA12
    + SecureSign Root CA14
    + SecureSign Root CA15
    The following certificate authorities were removed (-):
    - Security Communication Root CA (closes: #1063093)

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/18468
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit c79572210fa47d015b3bdc03f38c25ef5262a318)
Link: https://github.com/openwrt/openwrt/pull/18872
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

ca-certificates: update to version 20240203

Update Mozilla certificate authority bundle to version 2.64

Signed-off-by: Seo Suchan <tjtncks@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/18872
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6b904fa95b50c1259954b2bff31fafe83290f182)

generic: drop extra-old-deprecated pending fix patch for sch codel

Remove patch 620-net_sched-codel-do-not-defer-queue-length-update from openwrt-23.05 as well.

Patch is actually an ancient patch that somehow manage to be ported for 7 solid years.

This comes from [1] where a fix patch was proposed. Nobody notice that the proposed patch was actually rejected upstream in favor of [2]. And the upstream fix patch is present in kernel from version 4.18.

This means that we were actually fixing for a non existant bug and maybe introducing regression down the line.

Drop the patch for good as we already have a fix for it in flace for a long time.

[1] https://bugzilla.kernel.org/show_bug.cgi?id=109581
[2] torvalds/linux@35b42da

Automatic refresh:
target/linux/generic/hack-5.15/660-fq_codel_defaults.patch

Tested on ramips/mt7621

Signed-off-by: Antony Kolitsos <zeusomighty@hotmail.com>
Link: https://github.com/openwrt/openwrt/pull/18791
Signed-off-by: Robert Marko <robimarko@gmail.com>

wireless-regdb: Update to version 2025.02.20

b43aeb5 wireless-regdb: assert and correct maximum bandwidth within frequency difference
68588bf wireless-regdb: Update regulatory info for Syria (SY) for 2020
0dda57e wireless-regdb: Update regulatory info for Moldova (MD) on 6GHz for 2022
b19ab0b wireless-regdb: Update regulatory info for Azerbaijan (AZ) on 6GHz for 2024
f67f40d wireless-regdb: Update regulatory info for Oman (OM)
bd70876 wireless-regdb: Update regulatory rules for Armenia (AM) on 2.4 and 5 GHz
6c7cbcc wireless-regdb: Permit 320 MHz bandwidth in 6 GHz band in ETSI/CEPT
f9f6b30 wireless-regdb: Update regulatory rules for Austria (AT)
39b47ea wireless-regdb: Update regulatory info for Cayman Islands (KY) for 2024
3dd7ceb wireless-regdb: allow NO-INDOOR flag in db.txt
4d754a1 wireless-regdb: Update regulatory rules for Iran (IR) on both 2.4 and 5Ghz for 2021
8c8308a wireless-regdb: Update frequency range with NO-INDOOR for Oman (OM)
c2f11e2 wireless-regdb: update regulatory database based on preceding changes

Signed-off-by: Rudy Andram <rmandrad@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17957
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit da2cc98458f46745de95e88b6066620fbd02b190)

mbedtls: update to 2.28.10

This release of Mbed TLS provides bug fixes and minor enhancements. This release includes fixes for security issues.

Mbed TLS 2.28.10 is the last release of the 2.28 LTS and won't receive bug fixes or security fixes anymore.
Users are advised to upgrade to a maintained version.

* CVE-2025-27810: Potential authentication bypass in TLS handshake [1]
* CVE-2025-27809: TLS clients should generally call mbedtls_ssl_set_hostname [2]

[1] https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/
[2] https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-1/

Full release announcement:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.10

Signed-off-by: Antony Kolitsos <zeusomighty@hotmail.com>
Link: https://github.com/openwrt/openwrt/pull/18793
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: Update to version 5.15.181

Manually adapted the following patches:
bcm27xx/patches-5.15/950-0612-media-i2c-ov7251-Make-the-enable-GPIO-optional.patch

Link: https://github.com/openwrt/openwrt/pull/18710
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

tools/ninja: fix build with python 3.13+

python 3.13 removed the pipes module. Replace pipes by shlex. shlex was introduced into python in 3.3

Signed-off-by: Arne Zachlod <arne@nerdkeller.org>
Link: https://github.com/openwrt/openwrt/pull/18582
Signed-off-by: Robert Marko <robimarko@gmail.com>

kernel: add missing symbol (BLOCK_LEGACY_AUTOLOAD)

As of kernel v5.15.179 kernel configuration fails without a
reference to BLOCK_LEGACY_AUTOLOAD, apparently as a consequence
of commit 3e9899c12d5ab3a8ce376bf4365175ea3dbaffc0 (backport of
6c0f5898836c05c6d850a750ed7940ba29e4e6c5), so add this symbol as
unset which is the same state the symbol has in the 6.6 kernel
config for 24.10.

Fixes: dfe1b5e82a35 ("kernel: Update to version 5.15.179")
Signed-off-by: Andrew MacIntyre <andymac@pcug.org.au>
Link: https://github.com/openwrt/openwrt/pull/18552
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: Update to version 5.15.180

No manual changes needed.

Link: https://github.com/openwrt/openwrt/pull/18012
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: Update to version 5.15.179

Removed the following patches because they were upstreamed:
   bcm27xx/patches-5.15/950-0020-drm-probe-helper-Create-a-HPD-IRQ-event-helper-for-a.patch [0]
   bcm47xx/patches-5.15/701-bgmac-reduce-max-frame-size-to-support-just-MTU-1500.patch [1]
   bcm53xx/patches-5.15/700-bgmac-reduce-max-frame-size-to-support-just-MTU-1500.patch [1]

Manually adapted the following patches:
   bcm27xx/patches-5.15/950-0151-usb-add-plumbing-for-updating-interrupt-endpoint-int.patch
   bcm27xx/patches-5.15/950-0600-xhci-quirks-add-link-TRB-quirk-for-VL805.patch

[0]: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=5211d75e2cb75cb129602247e79058f26afb4104
[1]: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=3ce32a9fb1d210f1e8384ebbfc336b64d3c131bd

Link: https://github.com/openwrt/openwrt/pull/18012
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: Update to version 5.15.178

No manual changes needed.

Link: https://github.com/openwrt/openwrt/pull/18012
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: Update to version 5.15.177

No manual changes needed.

Link: https://github.com/openwrt/openwrt/pull/18012
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: Update to version 5.15.176

No manual changes needed.

Link: https://github.com/openwrt/openwrt/pull/18012
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: Update to version 5.15.175

No manual changes needed.

Link: https://github.com/openwrt/openwrt/pull/18012
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: Update to version 5.15.174

Manually adapted the following patches:
   bcm27xx/patches-5.15/950-0156-drm-v3d-Skip-MMU-flush-if-the-device-is-currently-of.patch
   bcm27xx/patches-5.15/950-0173-drm-v3d-Delete-pm_runtime-support.patch
   generic/hack-5.15/780-usb-net-MeigLink_modem_support.patch

Link: https://github.com/openwrt/openwrt/pull/18012
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

ramips: fix image recipe for ASUS RT-N56U

The OpenWrt image metadata includes checksum validation. Therefore,
it must be generated at the end.

Fixes: https://github.com/openwrt/openwrt/issues/9045
Fixes: https://github.com/openwrt/openwrt/issues/13674
Link: https://patchwork.ozlabs.org/project/openwrt/patch/TYCP286MB08952FAACDFA234C5E052131BCD82@TYCP286MB0895.JPNP286.PROD.OUTLOOK.COM/
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Signed-off-by: Luke Morrison <lfmorrison@gmail.com>
(cherry picked from commit 708b77f549e852d5156acde03cc76942da29494a)
Link: https://github.com/openwrt/openwrt/pull/17678
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

uboot-mediatek: fix image overlaps SPL issue

Backport u-boot linker symbol fixes from u-boot v2024.01 to fix the
image overlaps SPL issue.

Fixes: https://github.com/openwrt/openwrt/issues/17120
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/17264
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

libxml2: update to 2.13.6

Release Notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.5
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.6

Fixes: CVE-2025-24928 CVE-2024-56171
Link: https://github.com/openwrt/openwrt/pull/18194
Signed-off-by: Nick Hainke <vincent@systemli.org>
Link: https://github.com/openwrt/openwrt/pull/18280
Signed-off-by: Robert Marko <robimarko@gmail.com>

libxml2: update to 2.13.4

Release Notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.0
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.1
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.2
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.3
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.4

Small size reduction:
415095 bin/packages/mips_24kc-old/base/libxml2_2.12.6-r1_mips_24kc.ipk
87175 bin/packages/mips_24kc-old/base/libxml2-dev_2.12.6-r1_mips_24kc.ipk
20190 bin/packages/mips_24kc-old/base/libxml2-utils_2.12.6-r1_mips_24kc.ipk
398070 bin/packages/mips_24kc-new/base/libxml2_2.13.4-r1_mips_24kc.ipk
86760 bin/packages/mips_24kc-new/base/libxml2-dev_2.13.4-r1_mips_24kc.ipk
19479 bin/packages/mips_24kc-new/base/libxml2-utils_2.13.4-r1_mips_24kc.ipk

Link: https://github.com/openwrt/openwrt/pull/16593
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/18280
Signed-off-by: Robert Marko <robimarko@gmail.com>

libxml2: update to 2.12.9

Release Notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.8
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.9

This fixes:
CVE-2024-34459: Fix buffer overread with xmllint --htmlout
CVE-2024-40896: Fix XXE protection in downstream code

Link: https://github.com/openwrt/openwrt/pull/16593
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/18280
Signed-off-by: Robert Marko <robimarko@gmail.com>

libxml2: update to 2.12.6

Release Notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.6

Changelog (taken from the release notes):
- Regressions
  - parser: Fix detection of duplicate attributes in XML namespace
  - xmlreader: Fix xmlTextReaderConstEncoding
  - html: Fix htmlCreatePushParserCtxt with encoding
  - xmllint: Return error code if XPath returns empty nodeset

Compile-tested: x86_x64, Q35 VM, OpenWRT SNAPSHOT r26135-a8bfdf2ed4d9
Run-tested: x86_x64, Q35 VM, OpenWRT SNAPSHOT r26135-a8bfdf2ed4d9
Signed-off-by: Pascal Ernster <git@hardfalcon.net>
Link: https://github.com/openwrt/openwrt/pull/18280
Signed-off-by: Robert Marko <robimarko@gmail.com>

mac80211: fix compilation error for old stable kernel version

Fix compilation error for old stable version caused by
genlmsg_multicast_allns backport fix pushed middle version.

Version 5.15 version 0-169, 6.1 version 0-115, 6.6 version 0-58 have the
old genlmsg_multicast_allns version with flags variable.

Compiling backport project with these version result in a compilation
error. To handle this, introduce a backport function for the affected
kernel version.

Link: https://github.com/openwrt/openwrt/pull/18373
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 40393881491aa5fd23e715d0bedf591e3b152ddd)

lldpd: add `custom-tlv` handling

Do not verify the format of TLV. Leave that to lldpd.

These lldpd config entries:

config custom-tlv
list ports 'eth0'
option tlv 'replace oui 33,44,55 subtype 254 oui-info 55,55,55,55,55'

config custom-tlv
option tlv 'oui 33,44,44 subtype 232'
list ports 'br-lan'
list ports 'eth0'

config custom-tlv # oui-info truncated
option tlv 'add oui 33,44,33 subtype 66 oui-info 5555555555'

config custom-tlv
option tlv 'add oui 33,44,31 subtype 44'

config custom-tlv # invalid oui
option tlv 'add oui 3322 subtype 79'

config custom-tlv # invalid oui
option tlv 'oui 3312 subtype 74'

Produce the following lldpd.conf content:

configure ports eth0 lldp custom-tlv replace oui 33,44,55 subtype 254 oui-info 55,55,55,55,55
configure ports br-lan,eth0 lldp custom-tlv oui 33,44,44 subtype 232
configure lldp custom-tlv add oui 33,44,33 subtype 66 oui-info 5555555555
configure lldp custom-tlv add oui 33,44,31 subtype 44
configure lldp custom-tlv add oui 3322 subtype 79
configure lldp custom-tlv oui 3312 subtype 74

And lldpd (v1.0.13 on v22) logs the following:

Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op replace oui 33:44:55 subtype fe
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op add oui 33:44:44 subtype e8
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op add oui 33:44:33 subtype 42
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op add oui 33:44:33 subtype 42
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op add oui 33:44:31 subtype 2c
Sat Mar 16 19:11:39 2024 daemon.info lldpd[10916]: custom TLV op add oui 33:44:31 subtype 2c
Sat Mar 16 19:11:39 2024 daemon.warn lldpcli[10915]: invalid OUI value '3322'
Sat Mar 16 19:11:39 2024 daemon.info lldpcli[10915]: an error occurred while executing last command
Sat Mar 16 19:11:39 2024 daemon.warn lldpcli[10915]: invalid OUI value '3312'
Sat Mar 16 19:11:39 2024 daemon.info lldpcli[10915]: an error occurred while executing last command
Sat Mar 16 19:11:39 2024 daemon.info lldpcli[10915]: lldpd should resume operations

( The last two TLV are invalid: their oui must be three hex bytes, comma
separated. Only the first hex byte of oui-info 5555555555 is used )

Depends on #14867 and its release version bump

Tested on: 22.03.6

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14872
(cherry picked from commit 8d1fe32c2c46a8de519f9926be2bc062cef66f24)
Link: https://github.com/openwrt/openwrt/pull/18344
Signed-off-by: Robert Marko <robimarko@gmail.com>

lldpd: get_config_cid_ifaces() -> get_interface_csv()

where csv = comma separated value(s)

Make the function more generic. Can use it for not only 'config'.

Now it can be used to parse interfaces for additional lldpd settings,
e.g. custom-tlv.

Tested on: 22.03.6

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14872
(cherry picked from commit a015f59880c72a1bdd07de32491f85ce7f8d2a1c)
Link: https://github.com/openwrt/openwrt/pull/18344
Signed-off-by: Robert Marko <robimarko@gmail.com>

generic: globally enable CONFIG_PCPU_DEV_REFCNT

Quoting the kconfig description for CONFIG_PCPU_DEV_REFCNT:

network device refcount are using per cpu variables if this option is
set. This can be forced to N to detect underflows (with a performance
drop).

This was introduced from kernel 5.13 and was wrongly set as disabled.
Some target actually enables it but this should be always enabled unless
refcount needs to be debugged (unlikely for production images)

Enable in generic and drop the entry in every other target.

Link: https://github.com/openwrt/openwrt/pull/18174
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit ea6f3e49d6509f3bddb43364cf7225b4935fee82)
[ adapt for kernel 5.15 ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

scripts/feeds: shallow clone submodules

When a feed has submodules, all its submodules are fully cloned whereas
the feed itself is shallowed. Let's be consistent and perform shallow clones
as well for the submodules.

Signed-off-by: Cedric CHEDALEUX <cedric.chedaleux@orange.com>
Link: https://github.com/openwrt/openwrt/pull/18003
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 9ec32cfb2733856a2ab4caee07d9b3297568381d)
Link: https://github.com/openwrt/openwrt/pull/18168
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

scripts/feeds: shallow clone for specific commit update

When a feed is referenced with a specific commit (i.e. <git_url>^<sha1>),
a full clone was performed and a branch was created from the sha1
and named with the sha1. Other git clones operations are shallowed.

As Git does not support clone at a specific commit, let's first perform
a shallow clone to latest commit, then fetch the relevant commit and
finally checkout it (no more 'pseudo' branch).

It saves bandwith and significantly speeds up the feed update process.

Signed-off-by: Cedric CHEDALEUX <cedric.chedaleux@orange.com>
Link: https://github.com/openwrt/openwrt/pull/18003
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 32d0a57dc10811a24816e51f10e55963f40fe462)
Link: https://github.com/openwrt/openwrt/pull/18168
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

kernel: r8126: update to v10.015.00

Changelog: https://github.com/openwrt/rtl8126/compare/10.014.01...10.015.00

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 3d3328bf5f019507896bfa9ffeb53777fc5bfeaa)

kernel: r8125: update to v9.015.00

Changelog: https://github.com/openwrt/rtl8125/compare/9.014.01...9.015.00

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit a8dea562aa6146f5955ef081ee3240f0b960edf9)

kernel: r8168: update to v8.055.00

Changelog: https://github.com/openwrt/rtl8168/compare/8.054.00...8.055.00

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 5dd763680e874b0082e4cfbbc729fa75ee056601)

mediatek: mt7622: fix SATA on BPi-R64

A commit which made their way into Linux stable down to 5.15 broke the
SATA support on the BPi-R64.

Fix this by importing a (still pending) patch re-adding the 'syscon'
compatible to the pciesys clock-controller which also contains phy-mode
bits referenced by the ahci_mtk driver expecting to access them using
syscon_regmap_lookup_by_phandle().

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 69890e16b37d59b55ba64633522c727f957cb2fd)

bmips: shg2500: add missing led controller cells

Fixes the following DT warnings:
../dts/bcm63168-sercomm-shg2500.dts:76.4-14: Warning (reg_format): /ubus/spi@10001000/led-controller@1/led@1:reg: property has invalid length (4 bytes) (#address-cells == 2, #size-cells == 1)
../dts/bcm63168-sercomm-shg2500.dts:75.9-78.5: Warning (avoid_default_addr_size): /ubus/spi@10001000/led-controller@1/led@1: Relying on default #address-cells value
../dts/bcm63168-sercomm-shg2500.dts:75.9-78.5: Warning (avoid_default_addr_size): /ubus/spi@10001000/led-controller@1/led@1: Relying on default #size-cells value

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit fbe0bd5f6453a61fab871bee56883afc5c6308cf)

realtek: Fix old compatible for HPE 1920-8G PoE

Supported devices are listed in the metadata as the first part of the
DTS compatible. This normally follows the format "vendor,device".

When updating the device name of the 180W 1920-8G PoE an underscore was
used, instead of a comma, to join the vendor and device name. This will
lead to warnings for users wanting to sysupgrade a device with an older
compatible, as the device's info does not match the one the metadata.

Fixes: 987c96e88927 ("realtek: rename hpe,1920-8g-poe to match hardware")
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit 6a7fa68569ac11bb2c2abb14026e8b84acd3a12f)

generic: backport pending gpio-regmap ops patch

This patch has been accepted for linux v6.14 so we can move it from pending
to backport.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 2f2e21a52bdfdcf83868e3169768fda134aa883b)

generic: add gpio-regmap request/free ops patch

This patch is needed on bmips since it fixes issues with GPIOs not being
properly configured due to gpio_request_enable not being called on bcm63xx
devices. Therefore we can now drop the bcm63268 gpio function patch.

Backported from f5b1d340be9488af71e6522c3f10f1ebd1a35446 with the exception of
the realtek and bmips patches removal.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit f5b1d340be9488af71e6522c3f10f1ebd1a35446)

ath79: Add support for Sophos AP15C

The Sophos AP15C uses the same hardware as the AP15, but has a reset button.

Based on:
commit 6f1efb289837 ("ath79: add support for Sophos AP100/AP55 family")
author    Andrew Powers-Holmes <andrew@omnom.net>
          Fri, 3 Sep 2021 15:53:57 +0200 (23:53 +1000)
committer Hauke Mehrtens <hauke@hauke-m.de>
          Sat, 16 Apr 2022 16:59:29 +0200 (16:59 +0200)

Unique to AP15C:
- Reset button
- External RJ45 serial console port

Flashing instructions:

This firmware can be flashed either via a compatible Sophos SG or XG
firewall appliance, which does not require disassembling the device, or via
the U-Boot console available on the internal UART header.

To flash via XG appliance:
- Register on Sophos' website for a no-cost Home Use XG firewall license
- Download and install the XG software on a compatible PC or virtual
   machine, complete initial appliance setup, and enable SSH console access
- Connect the target AP device to the XG appliance's LAN interface
- Approve the AP from the XG Web UI and wait until it shows as Active
   (this can take 3-5 minutes)
- Connect to the XG appliance over SSH and access the Advanced Console
   (Menu option 5, then menu option 3)
- Run `sudo awetool` and select the menu option to connect to an AP via
   SSH. When prompted to enable SSH on the target AP, select Yes.
- Wait 2-3 minutes, then select the AP from the awetool menu again. This
   will connect you to a root shell on the target AP.
- Copy the firmware to /tmp/openwrt.bin on the target AP via SCP/TFTP/etc
- Run `mtd -r write /tmp/openwrt.bin astaro_image`
- When complete, the access point will reboot to OpenWRT.

To flash via U-Boot serial console:
- Configure a TFTP server on your PC, and set IP address 192.168.99.8 with
   netmask 255.255.255.0
- Copy the firmware .bin to the TFTP server and rename to 'uImage_AP15C'
- Open the target AP's enclosure and locate the 4-pin 3.3V UART header [4]
- Connect the AP ethernet to your PC's ethernet port
- Connect a terminal to the UART at 115200 8/N/1 as usual
- Power on the AP and press a key to cancel autoboot when prompted
- Run the following commands at the U-Boot console:
    - `tftpboot`
    - `cp.b $fileaddr 0x9f070000 $filesize`
    - `boot`
- The access point will boot to OpenWRT.

Signed-off-by: David Lutz <kpanic@hirnduenger.de>

bmips: dts: fix pinctrl error

The kernel logs the error "bcm6368_nand 10000200.nand: there is not valid
maps for state default" on boot and all nand pins show as UNCLAIMED in
sysfs pinmux-pins.

bcm6362.dtsi, bcm6368.dtsi and bcm63268.dtsi use the undocumented property
group which the driver doesn't understand. This has been documented upstream
in commit caf963efd4b0b9ff42ca12e52b8efe277264d35b.

Replacing group with pins allows the nand pins to be properly configured.

Signed-off-by: Kyle Hendry <kylehendrydev@gmail.com>
[add bcm636/bcm6368 and fix commit title]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit d1e9c50d06a8cb618cb85ab489cbcccaec220636)

ipq40xx: make GL.iNet A1300 switch functional

Set the physical switch to KEY_RFKILL, since its previous value
(KEY_SETUP) is unsupported. This should also make the KEY_RESET button
functional, by allowing the gpio-button-hotplug kmod to load.

Signed-off-by: Chris Jones <cmsj@tenshu.net>
Link: https://github.com/openwrt/openwrt/pull/16564
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
(cherry picked from commit 83a04cd2b89f3bca2be3a4467b7ea710c7c6ba4f)
Link: https://github.com/openwrt/openwrt/pull/17228
Signed-off-by: Robert Marko <robimarko@gmail.com>

build: Unconditionally append kmod feed for BuildBot

Recent changes to BuildBot config moved the kmods to a dedicated
directory and dropped them from the packages dir. This was needed as
both OPKG and APK gets confused if both entry are present.

To fix this, unconditionally append the kmod feed line if
CONFIG_BUILDBOT is enabled.

Fixes: #17146
Link: https://github.com/openwrt/openwrt/pull/17151
(cherry picked from commit 53ee2e8c0339c1d7ace47b8cf390147b86ea8d1d)
[ fix conflict error for missing APK support ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

build: profiles.json: add kernel version information

Currently downstream tools like ASU lack information about kernel
version to find out the relevant kmod build folder on downloads server.

So lets fix it by providing a new `linux_kernel` JSON array which would
for the start provide Linux kernel version, revision and vermagic
information.

  "linux_kernel": {
     "release": "1",
     "vermagic": "b57450c07d3a786158c3601fc5cee57d",
     "version": "6.6.61"
   },

Fixes: openwrt/openwrt#17036
Fixes: efahl/owut#9
Co-developed-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17042
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c857145e034f623e31ab2028049a547ecd94ce85)

build: ensure silent Make behavior for json scripts

Run the invocation of Make with verbosity in order to
prevent the printing of Makefile level and subtarget status.
e.g. make[3] -C target/linux val.DEFAULT_PACKAGES val.ARCH_PACKAGES

Remove piping of stderr, which is only useful when using
the "communicate" method over the "run" method,
and this script would not be written to handle a captured error anyway.

For error testing, stdout and stderr can be set to a file object
with the open() function like this:

out = open('json_out', 'w')
err = open('json_err', 'w')

...
...
stdout=out,
stderr=err,

Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit fd3376c5eeccc1f1753483ed31ffff03808ce31d)

wifi-scripts: Fix parsing of Capabilities

Fixup capabilities parsing in iw output.

In addition to the normal capabilities iw now also outputs HE MAC, HE
PHY and EHT MAC and EHT PHY capabilities. Exclude them in the parsing.

The grep returns this with mac80211-hwsim:
```
root@OpenWrt:~# iw phy phy0 info | grep 'Capabilities:'
Capabilities: 0x107e
HE PHY Capabilities: (0x02bfce0000000000000000):
EHT PHY Capabilities: (0x7c0000feffff7f01):
HE PHY Capabilities: (0x02bfce0000000000000000):
EHT PHY Capabilities: (0x7c0000feffff7f01):
HE PHY Capabilities: (0x02bf000000000000000000):
Capabilities: 0x107e
HE PHY Capabilities: (0x1cbfce0000000000000000):
EHT PHY Capabilities: (0xfc1f3ffeffff7f37):
HE PHY Capabilities: (0x1cbfce0000000000000000):
EHT PHY Capabilities: (0xfc1f3ffeffff7f37):
HE PHY Capabilities: (0x1cbf000000000000000000):
HE PHY Capabilities: (0x1cbfce0000000000000000):
EHT PHY Capabilities: (0xfefffffeffffff7f):
HE PHY Capabilities: (0x1cbfce0000000000000000):
EHT PHY Capabilities: (0xfefffffeffffff7f):
HE PHY Capabilities: (0x1cbf000000000000000000):
Capabilities: 0x107e
```

With busybox 1.36.1 the ht_cap_mask variable will be set to
-72057598332895361. With busybox 1.37.0 it will be set to -1.
Both values are wrong, after this change it will be set to 4222
(0x107E).

Link: https://github.com/openwrt/openwrt/pull/17043
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit adf958c9192d94fbeeb0ec8e16800b0071455909)

ath79: lzma-loader: fix syntax error

C compiler can't parse '#else if'.

Fixes: f84a9f7dc095 ("ath79: add support for Huawei AP6010DN")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Link: https://github.com/openwrt/openwrt/pull/16989
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 98f26346cbbb45e5c0417f57846ce1783e884ea2)

ath79: add support for Huawei AP6010DN

Huawei AP6010DN is a dual-band, dual-radio 802.11a/b/g/n 2x2 MIMO
enterprise access point with one Gigabit Ethernet port and PoE
support.

Hardware highlights:
- CPU: AR9344 SoC at 480MHz
- RAM: 128MB DDR2
- Flash: 32MB SPI-NOR
- Wi-Fi 2.4GHz: AR9344-internal radio
- Wi-Fi 5GHz: AR9580 PCIe WLAN SoC
- Ethernet: 10/100/1000 Mbps Ethernet through Atheros AR8035 PHY
- PoE: yes
- Standalone 12V/2A power input
- Serial console externally available through RJ45 port
- External watchdog: CAT706SVI (1.6s timeout)

Serial console:
  9600n8 (9600 baud, no stop bits, no parity, 8 data bits)

MAC addresses:
  Each device has 32 consecutive MAC addresses allocated by
  the vendor, which don't overlap between devices.
  This was confirmed with multiple devices with consecutive
  serial numbers.
  The MAC address range starts with the address on the label.
  To be able to distinguish between the interfaces,
  the following MAC address scheme is used:
    - eth0 = label MAC
    - radio0 (Wi-Fi 2.4GHz) = label MAC + 1
    - radio1 (Wi-Fi 5GHz) = label MAC + 2

Installation:
0. Connect some sort of RJ45-to-USB adapter to "Console" port of the AP

1. Power up the AP

2. At prompt "Press f or F  to stop Auto-Boot in 3 seconds",
   do what they say.
   Log in with default admin password "admin@huawei.com".

3. Boot the OpenWrt initramfs from TFTP using the hidden script "run ramboot".
   Replace IP address as needed:

   > setenv serverip 192.168.1.10
   > setenv ipaddr 192.168.1.1
   > setenv rambootfile openwrt-ath79-generic-huawei_ap6010dn-initramfs-kernel.bin
   > saveenv
   > run ramboot

4. Optional but recommended as the factory firmware cannot be downloaded publicly:
   Back up contents of "firmware" partition using the web interface or ssh:

   $ ssh root@192.168.1.1 cat /dev/mtd11 > huawei_ap6010dn_fw_backup.bin

5. Run sysupgrade using sysupgrade image. OpenWrt
   shall boot from flash afterwards.

Return to factory firmware (using firmware upgrade package downloaded from non-public Huawei website):
1. Start a TFTP server in the directory where
   the firmware upgrade package is located

2. Boot to u-boot as described above

3. Install firmware upgrade package and format the config partitions:

   > update system FatAP6X10XN_SOMEVERSION.bin
   > format_fs

Return to factory firmware (from previously created backup):
1. Copy over the firmware partition backup to /tmp,
   for example using scp

2. Use sysupgrade with force to restore the backup:
   sysupgrade -F huawei_ap6010dn_fw_backup.bin

3. Boot AP to U-Boot as described above

Quirks and known issues:
- The stock firmware has a semi dual boot concept where the primary
kernel uses a squashfs as root partition and the secondary kernel uses
an initramfs. This dual boot concept is circumvented on purpose to gain
more flash space and since the stock firmware's flash layout isn't
compatible with mtdsplit.
- The external watchdog's timeout of 1.6s is very hard to satisfy
during bootup. This is why the GPIO15 pin connected to the watchdog input
is configured directly in the LZMA loader to output the AHB_CLK/2 signal
which keeps the watchdog happy until the wdt-gpio kernel driver takes
over. Because it would also take too long to read the whole kernel image
from flash, the uImage header only includes the loader which then reads
the kernel image from flash after GPIO15 is configured.

Signed-off-by: Marco von Rosenberg <marcovr@selfnet.de>
(cherry picked from commit f84a9f7dc095967e41ced96e1ea5f9b2b9f40af6)
Link: https://github.com/openwrt/openwrt/pull/16978
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: bump 5.15 to 5.15.173

Removed because they are upstream:
   generic/backport-5.15/430-v6.3-udf-Allocate-name-buffer-in-directory-iterator-on-he.patch
   https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=5ea4b73e268bf9e1d26271943f2f7c4517253395

   generic/backport-5.15/431-v6.3-udf-Avoid-directory-type-conversion-failure-due-to-E.patch
   https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=8b1d55e43cee631e142d46ee94c91ccd894341e9

Link: https://github.com/openwrt/openwrt/pull/16999
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: bump 5.15 to 5.15.172

No manual changes needed.

Link: https://github.com/openwrt/openwrt/pull/16999
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: bump 5.15 to 5.15.171

No manual changes needed.

Link: https://github.com/openwrt/openwrt/pull/16882
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

mac80211: compatibility with kernel 6.6.59

Fix genlmsg_multicast_allns() build error on kernel 6.6.59.
Based on kernel patch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?h=v6.6.59&id=e0f83d268974dab0361d11904dfc9acec53f96a6

Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/16835
(cherry picked from commit 31f1dabb4b9727b300ddaa2801903ae4b72e4e1e)
Link: https://github.com/openwrt/openwrt/pull/16882
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: bump 5.15 to 5.15.170

Removed because they are upstream:
generic/backport-5.15/777-netfilter-xtables-fix-typo-causing-some-targets-to-not-load-on-IPv6.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=90baa455aa7e099152898cfa5eb3928d6152da12

Link: https://github.com/openwrt/openwrt/pull/16882
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: bump 5.15 to 5.15.169

Added patch:
   generic/backport-5.15/430-v6.3-udf-Allocate-name-buffer-in-directory-iterator-on-he.patch
   This patch fixes the following compile warning:
```
  CC [M]  fs/udf/namei.o
fs/udf/namei.c: In function 'udf_rename':
fs/udf/namei.c:878:1: error: the frame size of 1144 bytes is larger than 1024 bytes [-Werror=frame-larger-than=]
  878 | }
      | ^
cc1: all warnings being treated as errors
make[7]: *** [scripts/Makefile.build:289: fs/udf/namei.o] Error 1
```

Link: https://github.com/openwrt/openwrt/pull/16882
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: bump 5.15 to 5.15.168

Manually adapted:
   bcm27xx/patches-5.15/950-0166-xhci-Use-more-event-ring-segment-table-entries.patch
     I replaced it with the version from main branch which applies more easily
   bcm27xx/patches-5.15/950-0600-xhci-quirks-add-link-TRB-quirk-for-VL805.patch
   bcm27xx/patches-5.15/950-0605-xhci-refactor-out-TRBS_PER_SEGMENT-define-in-runtime.patch
   bcm27xx/patches-5.15/950-0606-usb-xhci-add-VLI_TRB_CACHE_BUG-quirk.patch
   bcm27xx/patches-5.15/950-0717-usb-xhci-add-a-quirk-for-Superspeed-bulk-OUT-transfe.patch
   bcm53xx/patches-5.15/180-usb-xhci-add-support-for-performing-fake-doorbell.patch
   generic/hack-5.15/645-netfilter-connmark-introduce-set-dscpmark.patch

Added patch:
   generic/backport-5.15/777-netfilter-xtables-fix-typo-causing-some-targets-to-not-load-on-IPv6.patch
      This fixes a bug intoduced in this version.

Adapt kernel configuration for newly added option
CONFIG_PROC_MEM_ALWAYS_FORCE.

Link: https://github.com/openwrt/openwrt/pull/16882
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

kernel: r8125: update to v9.014.01

Changelog: https://github.com/openwrt/rtl8125/compare/9.013.02...9.014.01

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit e29bc67f9d8451d3baf80da9358b3a01dc4b20b7)

kernel: r8168: refresh patch

Patches weren't refreshed when r8168 was updated to v8.054.00 in a85e18b53f0f.

Fixes: a85e18b53f0f ("kernel: r8168: update to v8.054.00")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 6490c88c75b3392aca9dae5f4d47a13a0aa35220)

kernel: r8126: update to v10.014.01

Changelog: https://github.com/openwrt/rtl8126/compare/10.013.00...10.014.01

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 562b2c22fff363f060e72c9018d243981b7d6447)

kernel: r8168: update to v8.054.00

Changelog: https://github.com/openwrt/rtl8168/compare/8.053.00...8.054.00

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit a85e18b53f0f645d72806cc6fe46f1603bbdb355)

nu801: Mark as nonshared to build in step 1

Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step 2.

In the build step 2 it may be left out if we build it using a different
target.

Fixes: #16857
Link: https://github.com/openwrt/openwrt/pull/16859
Signed-off-by: Robert Marko <robimarko@gmail.com>

ipq806x: Fix default MAC addresses on MR42 by moving to nvmem-layout
Partial, single-target update extracted from https://github.com/openwrt/openwrt/commit/d264d3a6

The previous `mac-address-increment` is deprecated, and in particular on
this target means that the kernel is unable to read the MAC address,
causing the system to boot with a new random MAC address each time.

Fixes: https://github.com/openwrt/openwrt/issues/13992
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[rafal.boni@gmail.com: single-target-specific backport from larger change]
Signed-off-by: Rafal Boni <rafal.boni@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16858
Signed-off-by: Robert Marko <robimarko@gmail.com>

mediatek: YunCore AX835: fix voltage regulator

Specifying GPIO_ACTIVE_HIGH on the GPIO for the voltage regulator doesn't
suffice. The regulator itself requires enable-active-high to be set.

Fixes: #16292
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Link: https://github.com/openwrt/openwrt/pull/16839
Signed-off-by: Robert Marko <robimarko@gmail.com>

ath79: Really fix 5GHz on QCA9886 variant of ZTE MF286

Fix in commit 25eead21c5ab ("ath79: fix 5GHz on QCA9886 variant of ZTE MF286")
was incomplete. A user of such variant popped up, and in the boot log
after installation, we discovered that QCA9886 expects different
pre-calibration data size, than the older QCA9880 variant:

ath10k_pci 0000:00:00.0: qca9888 hw2.0 target 0x01000000 chip_id 0x00000000 sub 0000:0000
ath10k_pci 0000:00:00.0: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0
ath10k_pci 0000:00:00.0: firmware ver 10.4b-ct-9888-fW-13-5ae337bb1 api 5 features mfp,peer-flow-ctrl,txstatus-noack,wmi-10.x-CT,ratemask-CT,regdump-CT,txrate-CT,flush-all-CT,pingpong-CT,ch-regs-CT,nop-CT,set-special-CT,tx-rc-CT,cust-stats-CT,txrate2-CT,beacon-cb-CT,wmi-block-ack-CT,wmi-bcn-rc-CT crc32 59e741e7
ath10k_pci 0000:00:00.0: invalid calibration data length in nvmem-cell 'pre-calibration': 2116 != 12064
ath10k_pci 0000:00:00.0: Loading BDF type 0
ath10k_pci 0000:00:00.0: failed to fetch board data for bus=pci,vendor=168c,device=0056,subsystem-vendor=0000,subsystem-device=0000 from ath10k/QCA9888/hw2.0/board-2.bin
ath10k_pci 0000:00:00.0: failed to fetch board-2.bin or board.bin from ath10k/QCA9888/hw2.0
ath10k_pci 0000:00:00.0: failed to fetch board file: -12
ath10k_pci 0000:00:00.0: could not probe fw (-12)

Explicitly define a pre-calibration nvmem-cell for this variant, and use
it instead of the calibration one, which is shorter.

Fixes: 25eead21c5ab ("ath79: fix 5GHz on QCA9886 variant of ZTE MF286")
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit fc236f3b3c54953805173e5ab571f794eb5ff398)
Link: https://github.com/openwrt/openwrt/pull/16810
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

ipq806x: Fix default MAC addresses on MR52 by moving to `nvmem-layout`

Partial, single-target update extracted from https://github.com/openwrt/openwrt/commit/d264d3a6

The previous `mac-address-increment` is deprecated, and in particular on
this target means that the kernel is unable to read the MAC address,
causing the system to boot with a new random MAC address each time.

Fixes: https://github.com/openwrt/openwrt/issues/15238
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[rafal.boni@gmail.com: single-target-specific backport from larger change]
Signed-off-by: Rafal Boni <rafal.boni@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16774
Signed-off-by: Robert Marko <robimarko@gmail.com>

ipq806x: Revert "ipq806x: swap lan leds for Meraki MR52"

This reverts commit ec8f647d168fa8f3b1eedd9b5fe665f793f3a659, as with the
current kernel version, the change actually causes the same bug it once
may have fixed -- that is, the leds are now again reversed.

I suspect this was due to a switch to a newer kernel version between when
the patch was submitted and now reversing the order of the interfaces, so
that eth0 / the LAN interface is also the interface used for PoE, and eth1
/ the WAN interface is the non-PoE interface.

Signed-off-by: Rafal Boni <rafal.boni@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16779
(cherry picked from commit b5e1544f4d45795ab8750b1054c54c8880b7b96b)
Signed-off-by: Rafal Boni <rafal.boni@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16822
Signed-off-by: Robert Marko <robimarko@gmail.com>

ramips: m4r v4: fix typo

It should be debounce-interval, as with the others.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16802
Signed-off-by: Robert Marko <robimarko@gmail.com>

ath79: add support for MikroTik RouterBOARD 750 r2 (hEX lite)

This patch adds support for the MikroTik RouterBOARD 750 r2, marketed as
hEX lite, a small indoor router with 5x 10/100 Mbps Ethernet ports, one
with PoE in. The device was already supported by the ar71xx target.

Specifications:
- SoC: Qualcomm Atheros QCA9533
- Flash: 16 MB SPI NOR
- RAM: 64 MB
- Ethernet: 4x 10/100 Mbps LAN, 1x 10/100 Mbps WAN (PoE in)
- LEDs: 5x Ethernet port activity (green), 1x user (green)
- Buttons: 1x reset

See https://mikrotik.com/product/RB750r2 for more details.

Not working:
- Serial port (already not working in ar71xx)

Flashing:
TFTP boot initramfs image and then perform sysupgrade. Only the
"Internet" port will ask for an initramfs image. Follow common
MikroTik procedure as in https://openwrt.org/toh/mikrotik/common.

(cherry picked from commit 8486c677b8bf36808c5b94857f60ee0fb3d5fa28)
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
Link: https://github.com/openwrt/openwrt/pull/13477
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

iptables: backport "nft: track each register individually" from 1.9

From the upstream repo:

Instead of assuming only one register is used, track all 16 regs
individually.

This avoids need for the 'PREV_PAYLOAD' hack and also avoids the need to
clear out old flags:

When we see that register 'x' will be written to, that register state is
reset automatically.

Existing dissector decodes
ip saddr 1.2.3.4 meta l4proto tcp
... as
-s 6.0.0.0 -p tcp

iptables-nft -s 1.2.3.4 -p tcp is decoded correctly because the expressions
are ordered like:

meta l4proto tcp ip saddr 1.2.3.4
|
... and 'meta l4proto' did clear the PAYLOAD flag.

The simpler fix is:
ctx->flags &= ~NFT_XT_CTX_PAYLOAD;

in nft_parse_cmp(), but that breaks dissection of '1-42', because
the second compare ('cmp lte 42') will not find the
payload expression anymore.

This commit fixes #11169 and openwrt/packages#22727, and potentially anyone that uses iptables-nft legacy support.

Signed-off-by: Rodrigo B. de Sousa Martins <rodrigo.sousa.577@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16504
[Added patch header]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 44b1993f766e66c13e09d7c09a3c8f85655a446e)

generic: 5.15: add Winbond W25N01KV support

It seems that some Xiaomi AX3000T boards changed to using Winbond W25N01KV
SPI-NAND which is not supported in OpenWrt 23.05 but only in main.

So, backport the support for Winbond W25N01KV from Linux 6.12 to 23.05
as well.

Link: https://github.com/openwrt/openwrt/pull/16669
Signed-off-by: Robert Marko <robimarko@gmail.com>

wireless-regdb: Update to version 2024.10.07

b66b9a1 wireless-regdb: update regulatory database based on preceding changes
5097b4a wireless-regdb: Update regulatory info for Tanzania (TZ) for 2024
29633a6 wireless-regdb: Update regulatory info for Pakistan (PK) for 2024
b44edb2 wireless-regdb: Update regulatory info for Serbia (RS) for 2024
dbfae47 Revert "wireless-regdb: Update regulatory info for Serbia (SR) for 2024"
8e3d27c wireless-regdb: Correct regulatory rules of 6GHz frequency for Türkiye (TR)
8760bc3 wireless-regdb: Update regulatory info for Honduras (HN) for 2023
3ba2c53 wireless-regdb: Update regulatory info for Israel (IL) for 2021
83c175c wireless-regdb: Update regulatory info for Kuwait (KW) for 2022
388c80c wireless-regdb: Update regulatory info for Serbia (SR) for 2024
bf55ed4 wireless-regdb: Add .b4-config
3afe172 wireless-regdb: Update .gitignore
3b34761 wireless-regdb: Correct regulatory rules for China (CN)
003c282 wireless-regdb: Update regulatory info for Philippines (PH) on 6GHz
21fcb86 wireless-regdb: Update regulatory info for Guatemala (GT) for 2020
158f105 wireless-regdb: Update regulatory info for Bahrain (BH) for 2024
218d146 wireless-regdb: Add regulatory info for Namibia (NA) for 2023
aad0c26 wireless-regdb: Update regulatory info for Togo (TG) for 2022
983f551 wireless-regdb: Update regulatory info for El Salvador (SV) on 6GHz
58575b4 wireless-regdb: Update regulatory info for Peru (PE) on 6GHz
bad3985 wireless-regdb: Update regulatory info for New Zealand (NZ) for 2022
c7d1083 wireless-regdb: Update regulatory info for Qatar (QA) on 6GHz

Signed-off-by: Itay Shoshani <itai.sho@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16678
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a6de2d77843f05714c1e888ba247013310bfe47d)

mpc85xx: p1010: fix NAND devices

Upstream commit 9ba0cae3cac07c21c583f9ff194f74043f90d29c made FSL_IFC
visible and selectable, which means that in order for MTD_NAND_FSL_IFC
to work, it needs these two extra CONFIG options.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16717
Signed-off-by: Robert Marko <robimarko@gmail.com>