Staging tree of Piotr Dymacz https://git.openwrt.org/openwrt/staging/pepe2k/atom?h=v21.02.3 2022-04-17T19:00:03Z 2022-04-17T19:00:03Z Hauke Mehrtens 2022-04-17T19:00:03Z urn:sha1:42a15ca378e1bc52f125f894d748c31ce3c52903 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 2022-04-16T12:59:34Z Joe Mullally 2021-08-30T21:35:05Z urn:sha1:1d4dea6d4f4d34914e4622809b8b4a7c2c35ab47 These devices only have 6MiB available for firmware, which is not enough for recent release images, so move these to the tiny target. Note for users sysupgrading from the previous ath79-generic snapshot images: The tiny target kernel has a 4Kb flash erase block size instead of the generic target's 64kb. This means the JFFS2 overlay partition containing settings must be reformatted with the new block size or else there will be data corruption. To do this, backup your settings before upgrading, then during the sysupgrade, de-select "Keep Settings". On the CLI, use "sysupgrade -n". If you forget to do this and your system becomes unstable after upgrading, you can do this to format the partition and recover: * Reboot * Press RESET when Power LED blinks during boot to enter Failsafe mode * SSH to 192.168.1.1 * Run "firstboot" and reboot Signed-off-by: Joe Mullally <jwmullally@gmail.com> Tested-by: Robert Högberg <robert.hogberg@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> [commit message facelift] (cherry picked from commit 44e1e5d) Signed-off-by: Petr Štetiar <ynezz@true.cz> 2022-04-16T12:55:27Z Torsten Duwe 2021-09-22T08:52:51Z urn:sha1:41a97c207438903c309371ba695cea01ae78aba4 According to the vendor [1] these HATs share the same DT overlay: hifiberry-dacplus. The PCM512x-compatible control unit is attached to I2C, so the additional snd-soc-pcm512x-i2c kernel module is required. Also explicitly note the Amp2 support to reduce confusion for those users. [1] <https://www.hifiberry.com/docs/software/configuring-linux-3-18-x/> Signed-off-by: Torsten Duwe <duwe@lst.de> (added bcm27xx tag, changed commit message) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (cherry picked from commit 7ea9936f7f32fd90af1a29775ac3b297d7775db7) 2022-04-16T12:51:57Z Thibaut VARÈNE 2022-03-10T11:01:29Z urn:sha1:9a765554f409235ff6359d6eccb79187c2513de0 The MikroTik RouterBOARD mAPL-2nd (sold as mAP Lite) is a small 2.4 GHz 802.11b/g/n PoE-capable AP. See https://mikrotik.com/product/RBmAPL-2nD for more info. Specifications: - SoC: Qualcomm Atheros QCA9533 - RAM: 64 MB - Storage: 16 MB NOR - Wireless: Atheros AR9531 (SoC) 802.11b/g/n 2x2:2, 1.5 dBi antenna - Ethernet: Atheros AR8229 (SoC), 1x 10/100 port, 802.3af/at PoE in - 4 user-controllable LEDs: · 1x power (green) · 1x user (green) · 1x lan (green) · 1x wlan (green) Flashing: TFTP boot initramfs image and then perform sysupgrade. Follow common MikroTik procedure as in https://openwrt.org/toh/mikrotik/common. Note: following 781d4bfb397cdd12ee0151eb66c577f470e3377d The network setup avoids using the integrated switch and connects the single Ethernet port directly. This way, link speed (10/100 Mbps) is properly reported by eth0. Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org> (cherry picked from commit eb38af788180d624e5b37aa5db1fe3766b138dc8) 2022-04-16T12:48:45Z Thibaut VARÈNE 2022-04-15T11:17:53Z urn:sha1:2cc9ee8000597fe132071ec3ba6bf0ac9404ac94 Specification: - QCA9533 (650 MHz), 64 or 128MB RAM, 16MB SPI NOR - 2x 10/100 Mbps Ethernet, with 802.3at PoE support (WAN) - 2T2R 802.11b/g/n 2.4GHz Flash instructions: If your device comes with generic QSDK based firmware, you can login over telnet (login: root, empty password, default IP: 192.168.188.253), issue first (important!) 'fw_setenv' command and then perform regular upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download image to the device, SSH server is not available): fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000" sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin In case your device runs firmware with YunCore custom GUI, you can use U-Boot recovery mode: 1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with 'tftp' image renamed to 'upgrade.bin' 2. Power the device with reset button pressed and release it after 5-7 seconds, recovery mode should start downloading image from server (unfortunately, there is no visible indication that recovery got enabled - in case of problems check TFTP server logs) Signed-off-by: Clemens Hopfer <openwrt@wireloss.net> Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org> (cherry-picked from commit a05dcb07241aa83a4416b56201e31b4af8518981) [switch to mtd-mac-address instead of nvmem-cells] 2022-04-16T12:48:29Z Thibaut VARÈNE 2022-04-15T11:17:49Z urn:sha1:06874171d125f0a69d6fb8cfd12213b7913d317e Specification: - QCA9563 (775MHz), 128MB RAM, 16MB SPI NOR - 2T2R 802.11b/g/n 2.4GHz - 2T2R 802.11n/ac 5GHz - 2x 10/100/1000 Mbps Ethernet, with 802.3at PoE support (WAN port) LED for 5 GHz WLAN is currently not supported as it is connected directly to the QCA9882 radio chip. Flash instructions: If your device comes with generic QSDK based firmware, you can login over telnet (login: root, empty password, default IP: 192.168.188.253), issue first (important!) 'fw_setenv' command and then perform regular upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download image to the device, SSH server is not available): fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000" sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin In case your device runs firmware with YunCore custom GUI, you can use U-Boot recovery mode: 1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with 'tftp' image renamed to 'upgrade.bin' 2. Power the device with reset button pressed and release it after 5-7 seconds, recovery mode should start downloading image from server (unfortunately, there is no visible indication that recovery got enabled - in case of problems check TFTP server logs) Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org> (cherry-picked from commit c91df224f54fdd44c9c0487a8c91876f5d273164) 2022-04-11T20:52:57Z Eneas U de Queiroz 2022-04-08T13:27:25Z urn:sha1:c5ef62a218455f5d60b8f76307784a90a77dda43 Fixes two high-severity vulnerabilities: - CVE-2022-25640: A TLS v1.3 server who requires mutual authentication can be bypassed. If a malicious client does not send the certificate_verify message a client can connect without presenting a certificate even if the server requires one. - CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS v1.3 server can have its certificate heck bypassed. If the sig_algo in the certificate_verify message is different than the certificate message checking may be bypassed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit e89f3e85eb1c1d81294e5d430a91b0ba625e2ec0) 2022-04-11T20:51:57Z Hauke Mehrtens 2022-04-10T22:26:29Z urn:sha1:99b00edf35bc11c3cd761762a5e880ac1daea067 This updates mac80211 to version 5.10.110-1 which is based on kernel 5.10.110. The removed patches were applied upstream. This new release contains many fixes which were merged into the upstream Linux kernel. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 2022-04-11T20:51:57Z Tony Ambardar 2021-04-12T23:46:22Z urn:sha1:91323444444d2c60b81ec5ba064c21609db83a84 Rename feature variable clang-bpf-global-var following upstream changes. This restores the HAVE_CLANG feature override and should avoid rare build errors where a recent host clang and BTF-enabled host kernel are present. Fixes: 23be333401f0 ("bpftools: update to 5.10.10") Signed-off-by: Tony Ambardar <itugrok@yahoo.com> (cherry picked from commit cf20f1bb5f0479c2509dd651d08e235a3b9e8755) 2022-04-08T08:31:32Z Michael Pratt 2021-09-11T02:06:10Z urn:sha1:169c9e3a88b7d4521a797864540657ef33554663 The following devices have a Winbond W25Q256FV flash chip, which does not have the RESET pin enabled by default, and otherwise would require setting a bit in a status register. Before moving to Linux 5.4, we had the patch: 0053-mtd-spi-nor-add-w25q256-3b-mode-switch.patch which kept specific flash chips with explicit 3-byte and 4-byte address modes to stay in 3-byte address mode while idle (after an erase or write) by using a custom flag SPI_NOR_4B_READ_OP that was part of the patch. this was obsoleted by the patch: 481-mtd-spi-nor-rework-broken-flash-reset-support.patch which uses the newer upstream flag SNOR_F_BROKEN_RESET for devices with a flash chip that cannot be hardware reset with RESET pin and therefore must be left in 3-byte address mode when idle. The new patch requires that the DTS of affected devices have the property "broken-flash-reset", which was not yet added for most of them. This commit adds the property for remaining affected devices in ramips target, specifically because of the flash chip model. However, it is possible that there are other devices where the flash chip uses an explicit 4-byte address mode and the RESET pin is not connected to the SOC on the board, and those DTS would also need this property. Ref: 22d982ea0033 ("ramips: add support for switching between 3-byte and 4-byte addressing") Ref: dfa521f12953 ("generic: spi-nor: rework broken-flash-reset") Signed-off-by: Michael Pratt <mcpratt@pm.me> [pepe2k@gmail.com: backported to 21.02] Fixes: #9655, #9636, #9547 Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (backported from commit 74516f4357d281f093f0daac01c4c5c239acc443)