rebuilding x86 did fail in an existing build directory
mkdir fails if the folder exists already
Signed-off-by: Sander Schutten <schutten@hotmail.com>
Signed-off-by: Florian Maurer <fmaurer@disroot.org>
The ucode migration wrote "basic_rate" into the wpa_supplicant network
block, but that is not a valid wpa_supplicant network field, causing:
Line 15: unknown network field 'basic_rate'.
failed to parse network block.
Map UCI basic_rate to the correct wpa_supplicant fields, matching the
behavior of the legacy shell script (hostapd.sh):
- mesh mode: mesh_basic_rates (space-separated, 100 kb/s units)
- sta/adhoc: rates (comma-separated Mbps)
Link: a854d833ea
Signed-off-by: Florian Maurer <f.maurer@outlook.de>
[fix commit message link]
Signed-off-by: David Bauer <mail@david-bauer.net>
PCRE2 10.47 renamed LICENCE to LICENCE.md. Update PKG_LICENSE_FILES
to match the actual filename in the source tarball.
Signed-off-by: Michael Pfeifroth <michael.pfeifroth@westermo.com>
Link: https://github.com/openwrt/openwrt/pull/23164
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add IPQ Wifi entry for ath79 TP-Link EAP225-Wall v2.
Signed-off-by: Christoph Krapp <achterin@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/23216
Signed-off-by: Robert Marko <robimarko@gmail.com>
These are all unused by the current targets, clean up and stop
irritating the user with irrelevant grep results.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/23240
Signed-off-by: Robert Marko <robimarko@gmail.com>
find_mtd_part() outputs /dev/mtdblockX, to which fw_setenv cannot
write, "/dev/mtd$(find_mtd_index '<vol name>')" could be used instead.
The envsize should also be changed to 0x1000 to make the CRC checksum
valid and the env block recognized by the uboot-envtools, but the
flash sector size remains 0x10000, otherwise the env block will be
readable but not writable.
The "read-only" mark within device tree is also removed.
Signed-off-by: Edward Chow <equu@openmail.cc>
Link: https://github.com/openwrt/openwrt/pull/23121
Signed-off-by: Robert Marko <robimarko@gmail.com>
In AP+STA mode, wifi-scripts emits start_disabled=1 in the per-BSS
section of the generated hostapd config so that hostapd defers
beaconing on every BSS until apsta_state up clears the flag for the
whole iface (uc_hostapd_iface_start clears start_disabled on every BSS
and calls ieee802_11_set_beacon).
When a new BSS is added later via iface.add_bss while the iface is
already in HAPD_IFACE_ENABLED state, the freshly parsed config still
carries start_disabled=1 for that BSS. hostapd_setup_bss is invoked
with start_beacon=true, but hostapd_start_beacon then skips
ieee802_11_set_beacon because conf->start_disabled is set. The kernel
netdev is created without ever starting beacons, the carrier never
comes up, and probe-response transmission attempts fail with
"handle_probe_req: send failed".
Mirror what iface.start does: when the iface is already enabled, the
apsta channel selection has happened, so clear start_disabled for the
incoming BSS before starting it.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Surface SAE confirm mismatches (wrong password) through the same
key-mismatch ubus notification that is already used for PSK failures, so
consumers can react uniformly regardless of the authentication method.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
mld_set_config() treated any call with empty prev_mld as a fresh
configuration and triggered a full Reload all interfaces, even when the
new config was also empty (the typical path on non-MLD devices).
Reloading every BSS on each netifd reconf disrupted associated stations
including PMF-protected backhaul STAs, which would self-deauth after the
SA Query timeout.
Only treat the call as a new configuration when the new config is
actually non-empty.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This contains many fixes from upstream Linux.
The code block from this patch was moved a bit in the function:
subsys/110-mac80211_keep_keys_on_stop_ap.patch
This patch was applied upstream:
subsys/330-mac80211-fix-crash-in-ieee80211_chan_bw_change-for-A.patch
Link: https://github.com/openwrt/openwrt/pull/23167
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Backport upstream iw commit d90618809e06 ("iw: scan: print RSN
Element Override IEs") as 001-*.patch so `iw scan` decodes the
RSNOE (vendor WFA type 41) and RSNO2E (type 42) elements that
hostapd emits for WPA3 Compatibility / RSN Overriding APs.
Also refresh the hunk offsets in 200-reduce_size.patch.
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Two of the IW_FULL guards in 200-reduce_size.patch were inverted
or incomplete:
* the "unknown event" handler unconditionally replaced the
verbose print with the short form, so IW_FULL builds lost
the command name decoding;
* the early return before the vendor IE parser used
#ifdef IW_FULL, which suppressed parsing in the full build
instead of the size-reduced one.
Wrap both with the correct #ifndef IW_FULL / #else so the full
and reduced builds produce the intended output.
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The WPA3 and Wi-Fi Enhanced Open Deployment Guide v1.1 (Table 4,
"SAE Groups") recommends that WPA3-Personal APs advertise support
for SAE groups 19, 20 and 21:
* group 19 - ECP 256-bit (NIST P-256)
* group 20 - ECP 384-bit (NIST P-384)
* group 21 - ECP 521-bit (NIST P-521)
hostapd's default is group 19 only, which leaves the two larger
ECP groups unavailable even though the peer may prefer them.
Set sae_groups = "19 20 21" as the default for any BSS whose
auth_type is sae or psk-sae (SAE, SAE Transition and SAE
Compatibility modes).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The WPA3 and Wi-Fi Enhanced Open Deployment and Implementation Guide
v1.1 (Tables 4, 5, 6) requires the group-management cipher (BIP) to
match the mode and strength of the pairwise cipher: GCM-mode pairwise
ciphers pair with BIP-GMAC integrity, CCM-mode pairwise ciphers with
BIP-CMAC integrity. The ucode pipeline hard-coded group_mgmt_cipher
to AES-128-CMAC (BIP-CMAC-128) regardless of the pairwise cipher,
except for the eap192 special case that already forced BIP-GMAC-256.
An EHT WPA3-Personal BSS therefore emitted wpa_pairwise=GCMP-256
alongside group_mgmt_cipher=AES-128-CMAC -- the integrity cipher two
steps weaker than the data cipher and a spec violation on EHT.
hostapd has a single group_mgmt_cipher knob, so the selected BIP has
to be compatible with every pairwise cipher in wpa_pairwise. Picking
from the first token would mis-select on mixed lists -- e.g.
wpa_pairwise=\"GCMP-256 CCMP\" would yield BIP-GMAC-256, which a
CCMP-only STA cannot negotiate.
Walk the wpa_pairwise tokens and pick the BIP that matches the
weakest cipher present:
CCMP / TKIP -> AES-128-CMAC (BIP-CMAC-128)
CCMP-256 -> BIP-CMAC-256
GCMP -> BIP-GMAC-128
GCMP-256 -> BIP-GMAC-256
Token matching uses fnmatch wildcards against a copy of wpa_pairwise
that is padded with leading and trailing spaces, so each token is
space-bounded regardless of its position in the list.
The RSN override pairwise lists are not consulted: in the only
caller that sets them (WPA3-Personal Compatibility Mode), Tables 6
and 7 require BIP-CMAC-128 across RSNE/RSNOE/RSNO2E even when the
override lists advertise GCMP-256, so wpa_pairwise=CCMP already
yields the correct BIP.
An explicit ieee80211w_mgmt_cipher UCI value still wins over the
derived default.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
WPA3 Specification v3.5 §13 defines the Transition Disable element sent
inside message 3 of the 4-way handshake. An AP that is no longer
offering a transition mode for its SSID sets the matching bit so that
compliant STAs permanently stop falling back to WPA-PSK / WPA-EAP /
open for that SSID, hardening against downgrade attacks and against
operator mistakes where a transition-mode BSS is briefly brought up on
an SSID that previously ran WPA3-only.
Expose this as a UCI list 'transition_disable' with three classes of
entries:
* The existing OpenWrt encryption tokens 'sae' (bit 0x01), 'sae-pk'
(0x02), 'wpa3' (0x04) and 'owe' (0x08) OR into the bitmap. SAE-PK
itself is not yet wired through wifi-scripts; the token only lets
an operator who configured SAE-PK out of band also hand the
matching bit to hostapd.
* 'on' derives the bitmap from the AP's auth_type ('sae' -> 0x01,
'eap2'/'eap192' -> 0x04, pure 'owe' -> 0x08) and overrides any
other explicit tokens in the same list. Transition BSSes
(psk-sae, eap-eap2, owe with owe_transition set) produce no
bits even under 'on' because they are by definition still in
transition.
* 'off' unconditionally suppresses the element regardless of any
other entries. Operators who need to revert a WPA3-only SSID back
to a transition mode can set this proactively, giving compliant
STAs time to forget the permanent bit before the mode change.
Leave the list unset by default. Advertising Transition Disable is a
one-way door -- once a compliant STA has seen the permanent bit for an
SSID it will refuse to associate to a transition-mode BSS of the same
name ever again -- so it must be opted in to per SSID, never flipped
on by a firmware bump. This also matches the WPA3 and Wi-Fi Enhanced
Open Deployment and Implementation Guide v1.1 Table 4 requirement that
Transition Disable be MAND disabled by default on APs.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The WPA3 and Wi-Fi Enhanced Open Deployment and Implementation Guide
v1.1 (Tables 7 and 8) mandates "H2E Only" for SAE on 6 GHz, in both
WPA3-Personal Only and WPA3-Personal Compatibility Mode: the 6 GHz
band disallows the legacy Hunting-and-Pecking password element, so
the AP must advertise BSS Membership Selector 123 to force STAs onto
H2E.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The WPA3 and Wi-Fi Enhanced Open Deployment and Implementation Guide
v1.1 §2.4 (Tables 6 and 7) defines WPA3-Personal Compatibility Mode:
the AP advertises a legacy-looking RSNE (WPA-PSK, CCMP-128, PMF
Disabled) while RSN Override Elements layered on top expose SAE and,
on EHT, SAE-EXT-KEY. WPA2-only STAs and STAs that ignore RSN
Overriding associate unchanged; modern STAs pick up the stronger WPA3
AKM via RSNOE or RSNO2E.
Only the pairwise cipher differs between elements: RSNE and RSNOE
advertise CCMP-128, RSNO2E advertises GCMP-256 (EHT only). Group
data (CCMP-128) and group management cipher (BIP-CMAC-128) are the
same in all three per Tables 6/7, so hostapd's BSS-wide group_cipher
and group_mgmt_cipher singletons produce the spec-correct values.
Unlike WPA3-Personal Transition Mode (sae-mixed), which puts PSK and
SAE together in the main RSNE with PMF Capable, Compatibility Mode
keeps the main RSNE strictly WPA2-shaped so clients that choke on a
mixed AKM list or PMF=Capable still see a pure WPA2 BSS. The trade-
off is that clients without RSN Overriding support never pick up SAE.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The WPA3 and Wi-Fi Enhanced Open Deployment and Implementation Guide
v1.1, Table 4 (Common security configuration) marks Beacon Protection
as MAND for EHT-enabled APs and RECOM otherwise for all WPA3 and
Wi-Fi Enhanced Open modes.
The ucode path blindly passed beacon_prot through from UCI in iface
setup, which ran before encryption and MFP had been configured, and
left hostapd at its insecure default of 0 when the user did not
explicitly opt in.
Default beacon_prot to 1 in iface_mfp after MFP has been confirmed to
be enabled, and emit it there instead of in iface_setup so the option
is only written when PMF support is actually negotiated. Users can
still disable it explicitly via UCI.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
WPA3 Specification v3.5 §2.5.4 mandates that an AP's BSS Configuration
enables AKM suite selector 00-0F-AC:24 (SAE-EXT-KEY, SAE with a
group-dependent hash) whenever EHT or MLO is enabled. The WPA3 and
Wi-Fi Enhanced Open Deployment Guide v1.1 also recommends it on
non-EHT APs (Tables 3, 5, 6, 8).
Add a new sae_ext_key UCI option (enabled by default) that advertises
SAE-EXT-KEY, and FT-SAE-EXT-KEY when 802.11r is enabled, alongside
plain SAE/FT-SAE for the sae and psk-sae encryption modes.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
parse_encryption() stashed a preliminary wpa_pairwise value in a
local wpa3_pairwise variable, cleared it per auth_type, then let a
switch default either copy it back or special-case wpa3-192. The
result was three separate places where wpa_pairwise was clobbered
and behavior that was awkward to trace when the explicit cipher
suffix (encryption[1]) and the auth_type disagreed.
Replace the scaffolding with a single block at the end of
parse_encryption() that only assigns wpa_pairwise via ??= when no
earlier branch (explicit cipher suffix, wpa3-192, or sae-compat)
has already set one:
no WPA -> null
60 GHz (hw_mode=ad) -> GCMP
HE or EHT htmode -> GCMP-256 CCMP
everything else -> CCMP
wpa3-192 now sets wpa_pairwise='GCMP-256' directly in its switch
case, so the final default block can stay short. No functional
change for existing encryption values.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The rsn_override UCI number was scaffolding that let a Transition
Mode BSS (sae-mixed, wpa3-mixed) automatically overlay a WPA3
Compatibility-Mode-like layout: WPA3 AKMs were moved from the main
RSNE into RSNOE/RSNO2E, and with rsn_override=2 the main RSNE even
dropped SAE entirely to placate clients that refuse to associate to
a mixed AKM list.
This layout does not match any mode defined in the WPA3 and Wi-Fi
Enhanced Open Deployment and Implementation Guide v1.1: Transition
Mode (Table 5) advertises the full AKM list in a single RSNE, and
Compatibility Mode (§2.4, Tables 6 and 7) requires a specific
combination of RSNE, RSNOE and RSNO2E contents that the knob cannot
express. In practice it also triggers interop failures: Pixel 10
phones refuse to associate to a Transition-Mode BSS whose SAE-EXT-KEY
AKM has been shoved into RSNO2E by this scaffolding, even though the
same BSS works fine when the full AKM list stays in the main RSNE.
Keep the generated configuration honest by removing the knob; the RSN
override plumbing stays in place for a future caller that sets the
override fields explicitly. SAE-EXT-KEY advertisement will be added
back in a later commit via a dedicated sae_ext_key path that places
the AKM where the Deployment Guide actually requires it.
Drop the rsn_override schema entry and every wifi-scripts path that
read it:
* parse_encryption no longer diverts the WPA3 pairwise cipher
into rsn_override_pairwise.
* wpa_key_mgmt no longer mirrors WPA-EAP into
rsn_override_key_mgmt, moves SAE/SAE-EXT-KEY into the override
for psk-sae, or drops the main RSNE AKM list when
rsn_override > 1.
* generate() no longer back-fills missing rsn_override_* fields
from the main RSNE or duplicates the override element into an
MLO-gated RSNO2E.
The RSN override elements are now emitted only when each of
(rsn_override_key_mgmt, rsn_override_pairwise, rsn_override_mfp) --
and their _2 counterparts -- has been populated explicitly, which
keeps the machinery from firing on transition modes where it was
never spec-compliant.
Fixes: https://github.com/openwrt/openwrt/issues/21486
Fixes: https://github.com/openwrt/openwrt/issues/22200
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
sae_require_mfp and sae_pwe are SAE-specific knobs but iface_auth_type()
set them on every auth type that requires PMF (sae, owe, eap2, eap192,
dpp) and on both PMF-optional transition modes (psk-sae, eap-eap2).
hostapd silently ignores the stray settings on non-SAE BSSes, but they
clutter the generated configuration and make it harder to tell at a
glance which knobs actually apply.
Split the grouping: keep ieee80211w (and rsn_override_mfp for transition
modes) where it was, and move sae_require_mfp / sae_pwe into a separate
check that only fires for the two auth types that actually run SAE (sae
and psk-sae).
No functional change on the air.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/23009
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Changes:
update regulatory database based on preceding
Update regulatory rules for India (IN) on 6GHz
Replace M2Crypto with cryptography package
Fix regulatory.bin signing with new
Signed-off-by: xiao bo <peterwillcn@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/23101
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Debian changelog:
* Update Mozilla certificate authority bundle to version 2.82
The following certificate authorities were added (+):
+ TrustAsia TLS ECC Root CA
+ TrustAsia TLS RSA Root CA
+ SwissSign RSA TLS Root CA 2022 - 1
+ OISTE Server Root ECC G1
+ OISTE Server Root RSA G1
The following certificate authorities were removed (-):
- GlobalSign Root CA
- Entrust.net Premium 2048 Secure Server CA
- Baltimore CyberTrust Root (closes: #1121936)
- Comodo AAA Services root
- XRamp Global CA Root
- Go Daddy Class 2 CA
- Starfield Class 2 CA
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
* Use dh_usrlocal to create /usr/local/share/ca-certificates
(closes: #1127100)
Signed-off-by: Fengyu Wu <saldry@proton.me>
Link: https://github.com/openwrt/openwrt/pull/23155
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The dropbear init script uses pidof, but BusyBox may be built
without it. Add a Kconfig dependency on BUSYBOX_CONFIG_PIDOF
to ensure the applet is available at runtime.
Signed-off-by: Ivan Romanov <drizt72@zoho.eu>
Link: https://github.com/openwrt/openwrt/pull/23128
Signed-off-by: Robert Marko <robimarko@gmail.com>
The dnsmasq init script uses pidof, but BusyBox may be built
without it. Add a Kconfig dependency on BUSYBOX_CONFIG_PIDOF
to ensure the applet is available at runtime.
Signed-off-by: Ivan Romanov <drizt72@zoho.eu>
Link: https://github.com/openwrt/openwrt/pull/23132
Signed-off-by: Robert Marko <robimarko@gmail.com>
For some reason, /etc/config/dropbear is enumerated as a
conffile for dropbear packaging, but /etc/dropbear/ is
part of base-files packaging. If you're an openssh-server
user, then you don't have this directory on your router in
any case.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Link: https://github.com/openwrt/openwrt/pull/23041
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Fix dependency for kmod-drm-client-lib module:
error: recursive dependency detected!
symbol LINUX_6_18 is selected by PACKAGE_kmod-drm-client-lib
symbol PACKAGE_kmod-drm-client-lib is selected by LINUX_6_18
Fixes: e75ba35ed8 ("modules: video: introduce DRM client setup module")
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/23124
Signed-off-by: Robert Marko <robimarko@gmail.com>
Changelog:
This release consists mainly of small fixes in the policy.
New Modules:
- ofono
- pd_mapper
- tee_supplicant
- xdsprpcd
- wayland
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Link: https://github.com/openwrt/openwrt/pull/23082
Signed-off-by: Robert Marko <robimarko@gmail.com>
Going from 6.12 to 6.18 I see breakage with a missing dependency
that drivers/net/ethernet/amazon/ena/ena_netdev.c has on ptp.ko.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Link: https://github.com/openwrt/openwrt/pull/23098
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Update to the latest version, and fix build on targets without
FS_POSIX_ACL.
Signed-off-by: Qingfang Deng <dqfext@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/23090
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Linux commit c9e5ac0 ("lib/crypto: mips/md5: Migrate optimized code into
library") removed the MIPS-Octeon-specific MD5 implementation
(octeon-md5.ko) and replaced it with an optimized library implementation
in lib/crypto.
As a result, CONFIG_CRYPTO_MD5_OCTEON and the module
arch/mips/crypto/octeon-md5.ko no longer exist in kernels >= 6.18.
Signed-off-by: Andrew LaMarche <andrewjlamarche@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/23031
Signed-off-by: Nick Hainke <vincent@systemli.org>
The pppox module is a dependency of pppoe/pptp/pppol2tp and does not
have a separate Kconfig symbol.
Signed-off-by: Qingfang Deng <dqfext@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/23077
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The netifd/dhcp flow uses this, and as uxc mounts netifd in a
container, this allows not mounting `basename` for just a usage.
References: https://github.com/openwrt/procd/pull/34
Suggested-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Andre Heider <a.heider@gmail.com>
The basic AN7581 NPU FW also supports WiFi offload for MT7992 WiFi chip.
Add this information in the package description to clarify this.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
6.14 has introduced a DRM client setup library. Add kmod-drm-client-lib
to support it, and add it as a dependency to DRM modules which depend on it.
Link: https://github.com/openwrt/openwrt/pull/22975
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
This is required to build the motorcomm dwmac driver which is widely
used on loongson platforms.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/22923
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Motorcomm YT6801 is a PCIe ethernet controller based on DWMAC4 IP. It
integrates an GbE phy, supporting WOL, VLAN tagging and various types
of offloading. It ships an on-chip eFuse for storing various vendor
configuration, including MAC address.
The PM and plat_data functions were slightly modified to build with
current kernel.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/22923
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
GCC15 defaults to C23, which does not work here.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/23042
Signed-off-by: Robert Marko <robimarko@gmail.com>
Linux commit 09371e1349c9 ("lib/crypto: powerpc/md5: Migrate optimized code into library")
removed the PowerPC-specific MD5 implementation (md5-ppc.ko) and
replaced it with an optimized library implementation in lib/crypto.
As a result, CONFIG_CRYPTO_MD5_PPC and the module
arch/powerpc/crypto/md5-ppc.ko no longer exist in kernels >= 6.18.
Link: https://github.com/openwrt/openwrt/pull/22732
Signed-off-by: Nick Hainke <vincent@systemli.org>
The sama5d4_xplained_nandflash target incorrectly references microchip_sama5d3-xplained as its BUILD_DEVICES value.
This appears to be a copy-paste error, as all other SAMA5D4 Xplained targets (e.g. mmc and spiflash) correctly use microchip_sama5d4-xplained. The target name itself also clearly refers to the SAMA5D4 platform.
In addition, the SAMA5D3 Xplained and SAMA5D4 Xplained boards use different NAND flash hardware and configurations, so pointing the nandflash target to a SAMA5D3 device is incorrect and may lead to invalid builds or runtime issues.
Fix the inconsistency by updating BUILD_DEVICES to microchip_sama5d4-xplained, aligning the nandflash target with the rest of the SAMA5D4 definitions and ensuring the correct device mapping.
Signed-off-by: Cerrone Diamant <cerrone@tutamail.com>
Link: https://github.com/openwrt/openwrt/pull/23022
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add patches to fix build failures on musl-based toolchains:
0002-xdpsock-fix-struct-ethhdr-redefinition-on-musl.patch:
xdpsock.c included <net/ethernet.h> and <netinet/ether.h> alongside
<linux/if_ether.h>, triggering a struct ethhdr redefinition on musl.
Replace BSD-style ether_header/ether_addr with struct ethhdr and drop
the conflicting includes.
0003-build-use-gnu2x-to-avoid-stdbool.h-dependency.patch:
Switch CFLAGS and BPF_CFLAGS from -std=gnu11 to -std=gnu2x. In C23,
bool is a native keyword, fixing "stdbool.h: No such file or directory"
errors with a clang lacking its resource directory (e.g. llvm-bpf built
with LLVM_INSTALL_TOOLCHAIN_ONLY=ON on musl targets).
Link: https://github.com/openwrt/openwrt/pull/22983
Signed-off-by: Nick Hainke <vincent@systemli.org>
Switch http:// (and redundant ftp://) PKG_SOURCE_URL entries to https://
across tools/ and package/. PKG_HASH alone does not protect against an
attacker tampering with insecure downloads when a maintainer regenerates
the hash via `make ... FIXUP=1`: HTTPS authenticates the upstream so the
captured hash reflects real upstream content.
In-place http -> https (HTTPS reachability verified per host):
- tools/elftosb, tools/lzop, tools/liblzo, tools/mpfr, tools/dosfstools,
tools/libressl, tools/xz
- package/libs/mpfr, package/libs/libmnl, package/libs/libnfnetlink
Replaced with @OPENWRT (HTTPS-only mirror) where the upstream HTTPS host
is dead or has a broken certificate:
- package/libs/popt (ftp.rpm.org cert mismatch)
- package/firmware/ixp4xx-microcode (was http://downloads.openwrt.org)
- package/boot/imx-bootlets (trabant.uid0.hu cert mismatch)
- package/boot/kobs-ng (freescale.com URL is dead, redirects to nxp.com root)
Dropped redundant ftp://ftp.denx.de fallback (https://ftp.denx.de is
already listed):
- package/boot/uboot-tools, tools/mkimage
Signed-off-by: Paul Spooren <mail@aparcar.org>
Release Notes:
- https://github.com/libbpf/bpftool/releases/tag/v7.7.0
Backport upstream commit 9ba0b4add39e ("bpftool: Allow explicitly skip
llvm, libbfd and libcrypto dependencies") to fix a linker error. The
bpftool only needs skeleton generation, not program signing, so pass
SKIP_CRYPTO=1 to drop the libcrypto dependency entirely.
Link: 9ba0b4add3
Link: https://github.com/openwrt/openwrt/pull/22973
Signed-off-by: Nick Hainke <vincent@systemli.org>
ld.bfd is the default/only implementation for now but things may change in future.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21997
Signed-off-by: Nick Hainke <vincent@systemli.org>
Support for obsolete versions was dropped in upstream commit 72731b445e.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21997
Signed-off-by: Nick Hainke <vincent@systemli.org>
The by-now-upstream driver for the built-in 2.5GE PHY of the MediaTek
MT7988 and MT7987 SoC loads firmware at probe time.
Build the driver as a module in order to make sure the driver only
attempts to load the firmware by the time the rootfs with the firmware
file has become available.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add support for BUFFALO WSR-3000AX4P, to allow updating environment
variables of U-Boot on that device.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22587
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Exclude more apk related files from the sysupgrade backup list when
using the various options that scan /etc for changes.
Ensure removal of the system generated distfeeds list, as that
contains kernel- and version-specific urls and should never be
retained.
Also exclude any '*.apk-new' files, equivalent to the old '*-opkg'
files, which may have been created during package installation.
Example before
$ sysupgrade -l -c | grep apk
/etc/apk/keys/buildroot.pem
/etc/apk/repositories.d/customfeeds.list
/etc/apk/repositories.d/distfeeds.list
/etc/owut.d/pre-install.sh.apk-new
/etc/config/adblock.apk-new
After
$ sysupgrade -l -c | grep apk
/etc/apk/keys/buildroot.pem
/etc/apk/repositories.d/customfeeds.list
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22937
Signed-off-by: Robert Marko <robimarko@gmail.com>
This device has a redundant configuration. Important when writing to it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22882
Signed-off-by: Robert Marko <robimarko@gmail.com>
Fixes:
ifxmips_aes.c: In function 'gcm_aes_decrypt':
ifxmips_aes.c:1803:14: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
1803 | temp = walk.src.virt.addr;
| ^
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/22921
Signed-off-by: Robert Marko <robimarko@gmail.com>
Fixes:
ltq_atm.c: In function 'ltq_atm_probe':
ltq_atm.c:1840:36: error: passing argument 2 of 'platform_set_drvdata' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
1840 | platform_set_drvdata(pdev, ops);
| ^~~
In file included from ltq_atm.c:40:
/workspaces/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/linux-6.18.21/include/linux/platform_device.h:276:47: note: expected 'void *' but argument is of type 'const struct ltq_atm_ops *'
276 | void *data)
| ~~~~~~^~~~
Fixes: c1fa85f659 ("treewide: use of_device_get_match_data")
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/22921
Signed-off-by: Robert Marko <robimarko@gmail.com>
The 6.18 code works with older kernels as well. Remove the older section
and use the newer one always.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22925
Signed-off-by: Robert Marko <robimarko@gmail.com>
When we cross build uboot-tools, the dtc tool is still compiled for
the host. Therefore, we should not attempt to link the OpenWrt system
libraries. CPU architecture mismatch can lead to build errors.
Fixes: https://github.com/openwrt/openwrt/issues/22924
Fixes: 55925650aa ("uboot-tools: update to v2026.04")
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/22927
Signed-off-by: Robert Marko <robimarko@gmail.com>
Specification:
The device is similar to the M30 but has only one LAN port and no WAN port.
- MT7981 CPU using 2.4GHz and 5GHz WiFi (both AX)
- 512MB RAM
- 128MB NAND flash with two UBI partitions with identical size
- 1 multi color LED (red, green, blue, white) connected via GCA230718
- 2 buttons (WPS, reset, LED)
- 1 1Gbit LAN port
Disassembly:
- There are two screws at the power connector which must be removed. Afterwards the top case can be removed (it is clipped on, so some tools are required).
Serial Interface:
- The serial interface can be connected to the 4 pin holes on the board. Do NOT connect VCC.
- The pins are labelled on the PCB (RX, TX, GND)
- Settings: 115200, 8N1
MAC addresses:
- LAN MAC is stored in partition "Odm" at offset 0x8f
- WLAN MAC (2.4 GHz and 5GHz) is LAN MAC + 1
Reverting back to OEM firmware:
- There is currently no easy way to revert back to the OEM image
- The methods from M30 and M60 doesn't seem to work anymore
- If you plan to revert back to OEM firmware later, do the following steps before flashing OpenWrt:
- Boot from initramfs as described in "Flashing via U-Boot" but don't flash anything
- Instead, make a backup of UBI and UBI1 partition
- The created dumps must be written to the initial partitions to revert back to OEM
Flashing via Recovery Web Interface:
- Set your IP address to 192.168.200.10, subnetmask 255.255.255.0
- Press the reset button while powering on the device
- Keep the reset button pressed until the LED blinks red
- Open a Chromium based and goto http://192.168.200.50/ (recovery web interface)
- Download openwrt-mediatek-filogic-dlink_aquila-pro-ai-e30-a1-squashfs-recovery.bin
- Note: The recovery web interface always reports successful flashing, even if it fails
- After flashing, the recovery web interface will try to forward the browser to 192.168.0.1 (can be ignored)
- If flashing was successful, OpenWrt is accessible via 192.168.1.1
- The recovery image boots an initramfs image, flash the sys upgrade image to get to „normal“ OpenWrt mode
Flashing via U-Boot:
- Open the case, connect to the UART console
- Set your IP address to 192.168.200.2, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
- Run a tftp server which provides openwrt-mediatek-filogic-dlink_aquila-pro-ai-e30-a1-initramfs-kernel.bin
- Supply the board with 12V
- Select "7. Load image" in the U-Boot menu
- Enter image file, tftp server IP and device IP (if they differ from the default).
- TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
- The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
- Perform a sysupgrade using openwrt-mediatek-filogic-dlink_aquila-pro-ai-e30-a1-squashfs-sysupgrade.bin
- Reboot the device. OpenWrt should start from flash now
Flashing via OEM web interface is not possible, as it will change the active partition and OpenWrt is only running on the first UBI partition.
Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22776
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The check of files from packages was only checking opkg files.
Check for apk as well and fail if both are missing.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17847
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The list of files excluded from backup was outdated.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17847
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Replace conditional "LINUX_6_12:mod" / "!LINUX_6_12:mod" AUTOLOAD entries
with version-filtered module names using @lt6.18 / @ge6.18. This makes
version_filter emit plain module names into /etc/modules.d(e.g. "crc32c_generic"),
allowing kmodloader to find and load the correct module for the running kernel.
Fixes crc32c (and related crypto modules) not being autoloaded on 6.12 kernels.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/22798
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
EDUP EP-RT2983 comes with a factory installed version of OpenWrt 23.05
with device name "netis,n6".
Specification
--------------
- SoC : MediaTek MT7621AT, MIPS, 880 MHz
- RAM : 256 MiB
- Flash : NAND 128 MiB (Toshiba)
- WLAN : MT7905DAN + MT7975DN
- 2.4 GHz : b/g/n/ax, 574 Mbps, MIMO 2x2
- 5 GHz : a/n/ac/ax, 1201 Mbps, MIMO 2x2
- Ethernet : 10/100/1000 Mbps x4 (1x WAN, 3x LAN)
- UART : 3.3V, 115200n8
- Buttons : 1x Reset
1x WPS
- LEDs : 1x Power (green)
1x WiFi (green)
1x Mesh/WPS (green); flashing green during boot
3x LAN (green)
1x WAN (green); flashing red during upgrade and failsafe
- Power : 12 VDC 1A
Installation
-------------
1. Log in to LuCI
2. Go to System, Backup / Flash Firmware
3. If desired, backup the current system by saving (all) the mtdblock
contents.
4. Flash new firmware image, select Flash image.
5. Browse and select the sysupgrade file
"openwrt-*-ramips-mt7621-edup_ep-rt2983-squashfs-sysupgrade.bin"
and then Upload.
6. Unselect "Keep settings and retain the current configuration"
Note: All settings will be reset to default. WiFi is not enabled by
default so a connection via Ethernet is necessary to log in and set up.
7. Allow "Force upgrade" (tick the box if there is one), or press Continue
if there is no box to tick. This is because the name is now
"edup,ep-rt2983" as it should have been from the start.
8. Proceed to flash. Wait for reboot and keep power connected.
9. After reboot, default address to access LuCI is 192.168.1.1 with
no password
Recovery (UART)
----------------
1. Remove the 4 screws on the bottom and pry open the cover.
2. Connect serial adapter to the unpopulated serial header pins
TX, RX, GND near the WPS button. Do not connect VCC.
3. Start serial terminal (e.g. minicom, screen, etc) on the computer and
turn on the router.
4. As prompted, hit any key to stop autoboot.
5. Enter 2 to select "2. Upgrade firmware"
6. Enter 0 to select "0 - TFTP client (Default)"
7. Accept the defaults by pressing Enter for
"Input U-Boot's IP address: 192.168.1.1",
"TFTP server's IP address: 192.168.1.2",
"Input IP netmask: 255.255.255.0"
8. Assign your PC's Ethernet port a static IP 192.168.1.2 with netmask
255.255.255.0 and connect to a LAN port on the router using the
Ethernet cable. Disconnect all other network connections (e.g. WiFi) on
the computer.
9. Serve the factory image
"openwrt-*-ramips-mt7621-edup_ep-rt2983-squashfs-factory.bin" using
a TFTP server, e.g. tftpd64. For convenience, the filename can be renamed
to something shorter.
10. In the serial terminal, when prompted "Input file name:", enter the
filename from the previous step and press Enter.
11. The factory image will be flashed as indicated. Wait for reboot.
MAC addresses prototype
------------------------
+---------+---------------------+
| | MAC example |
+---------+---------------------+
| LAN | CC:D8:1F:47:xx:yy |
| WAN | CC:D8:1F:47:xx:yy+1 |
| WLAN 2G | CC:D8:1F:17:xx:yy+2 |
| WLAN 5G | CC:D8:1F:77:xx:yy+2 |
+---------+---------------------+
Signed-off-by: Ryan Leung <untilscour@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/22197
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Without this, max_oper_chwidth is set incorrectly,
thus ibss_mesh_select_80_160mhz fails to set the correct channel width
Signed-off-by: Richard Huynh <voxlympha@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22644
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is a safer way to operate the .config file.
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/22845
Signed-off-by: Nick Hainke <vincent@systemli.org>
Update to the latest stable version. Also add PKG_CONFIG_SYSROOT_DIR
make flag to fix dtc tools build without yaml[1-2].
Patches manually refreshed:
* 003-tools-dumpimage-fix-tools-compile.patch
[1] 0535e46d55
[2] 807bcd844a
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/22845
Signed-off-by: Nick Hainke <vincent@systemli.org>
Add support for the Zyxel GS1900-48HP A1 managed PoE switch based on
RTL8393 SoC with 48 copper ports (6x RTL8218B), 2 SFP slots and PoE
(170W budget). Includes DTS, image definition, network config and
u-boot-env support.
The device has 48 copper ports but only ports 1-24 are powered by
the PoE PSE controller.
PoE support requires the realtek-poe package from the packages feed
with an additional configuration for PSE ID 7 to address the MCU on
this device.
Signed-off-by: Klaus Rubenstein <klaus.rubenstein@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Bump the bundled software pieces to their current version too.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22863
Signed-off-by: Robert Marko <robimarko@gmail.com>
This release incorporates the following bug fixes and mitigations:
Fixed incorrect failure handling in RSA KEM RSASVE encapsulation.
(CVE-2026-31790)
Fixed loss of key agreement group tuple structure when the DEFAULT keyword
is used in the server-side configuration of the key-agreement group list.
(CVE-2026-2673)
Fixed potential use-after-free in DANE client code.
(CVE-2026-28387)
Fixed NULL pointer dereference when processing a delta CRL.
(CVE-2026-28388)
Fixed possible NULL dereference when processing CMS KeyAgreeRecipientInfo.
(CVE-2026-28389)
Fixed possible NULL dereference when processing CMS
KeyTransportRecipientInfo.
(CVE-2026-28390)
Fixed heap buffer overflow in hexadecimal conversion.
(CVE-2026-31789)
No need refresh patches
Signed-off-by: Jack Sun <sunjiazheng321521@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22847
Signed-off-by: Robert Marko <robimarko@gmail.com>
The rss-input-xfrm workaround for Linux 6.6 is no longer needed with
current kernel versions. Remove the patch and the associated
--enable-rss-input-xfrm configure flag.
Link: https://github.com/openwrt/openwrt/pull/22841
Signed-off-by: Nick Hainke <vincent@systemli.org>
The highlight of this version is that the bl2 size will be reduced
by 60+ KB. The MT7987 SPI interface selection hack was replaced by
upstream implementation with the new symbol SPIM_NAND_PREFER_SPI2.
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Migrate timer handling (removed in 6.13) and netdev dummy initialization
(removed in 6.16) to new methods with guards to not break older kernels.
This resolves compilation errors due to missing del_timer_sync(),
from_timer() and init_dummy_netdev().
Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
Link: https://github.com/openwrt/openwrt/pull/22775
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This version fixes some security problems:
* Client impersonation while resuming a TLS 1.3 session
(CVE-2026-34873)
* Entropy on Linux can fall back to /dev/urandom (CVE-2026-34871)
* PSA random generator cloning (CVE-2026-25835)
* Compiler-induced constant-time violations (CVE-2025-66442)
* Null pointer dereference when setting a distinguished name
(CVE-2026-34874)
* Buffer overflow in FFDH public key export (CVE-2026-34875)
* FFDH: lack of contributory behaviour due to improper input validation
(CVE-2026-34872)
* Signature Algorithm Injection (CVE-2026-25834)
* CCM multipart finish tag-length validation bypass (CVE-2026-34876)
* Risk of insufficient protection of serialized session or context data
leading to potential memory safety issues (CVE-2026-34877)
* Buffer underflow in x509_inet_pton_ipv6() (CVE-2026-25833)
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.6
Size increases by 470 bytes on aarch64:
343995 bin/packages/aarch64_generic/base/libmbedtls21-3.6.5-r1.apk
344465 bin/packages/aarch64_generic/base/libmbedtls21-3.6.6-r1.apk
Link: https://github.com/openwrt/openwrt/pull/22787
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Include the column utility to allow simple formatting of columnar
output.
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22782
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Version 6.19 - Feb 14, 2026
* Feature: support HW timestamp configuration (--set-hwtimestamp-cfg)
* Feature: display HW timestamp source (-T)
* Feature: support PLCA notifications (--get/set-plca-cfg)
* Feature: add PSE priority management support (--show/set-pse)
* Feature: support PSE notifications (--show/set-pse)
* Feature: support configuring RSS on IPv6 Flow Label (-n/-N)
* Feature: support FEC bit error histograms (--show-fec)
* Feature: register dump decoding for TI K3 CPSW and its ALE table (-d)
* Fix: fix missing headers in text output
* Fix: fix print_string when the value is NULL (-Werror=format-security)
* Fix: fix JSON output of SFP diagnostics
* Fix: fix duplicated JSON keys in module info
* Misc: clarify that symmetric RSS may be on by default (-x/-X)
* Misc: add AppStream metainfo file to %files section
Link: https://github.com/openwrt/openwrt/pull/22780
Signed-off-by: Nick Hainke <vincent@systemli.org>
Add missing dependency kmod-ptp to fix the build error. We also
add symbol CONFIG_PTP_1588_CLOCK_OPTIONAL explicitly for kmod-ptp
because it is selected by CONFIG_PTP_1588_CLOCK. Fix:
Package kmod-iavf is missing dependencies for the following libraries:
ptp.ko
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/22730
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
cryptd has been decoupled from crypto-misc in the 6.18 kernel. Fix:
ERROR: module '/home/runner/work/Actions_/Actions_/openwrt/build_dir/target-i386_pentium4_musl/linux-x86_generic/linux-6.18.20/crypto/cryptd.ko' is missing.
make[3]: *** [modules/crypto.mk:873: /home/runner/work/Actions_/Actions_/openwrt/bin/targets/x86/generic/packages/kmod-crypto-misc-6.18.20-r1.apk] Error 1
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/22730
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
MediaTek T-PHY controller supports multiple usb2.0, usb3.0 ports,
PCIe and SATA. ARM mediatek and ramips/mt7621 targets require this
package to make the XHCI work properly.
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/22094
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This was replaced upstream with a proper rng device that feeds into
/dev/random. No need for this anymore.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22766
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The ucode path generates different erp_domain and fils_cache_id
values than the legacy shell path due to three mismatches:
1. erp_domain md5 input missing trailing newline (echo adds \n)
2. erp_domain output truncated to 4 chars instead of 8 (shell
uses head -c 8)
3. fils_cache_id md5 input missing trailing newline
4. erp_domain missing fallback to mobility_domain
Same bug pattern as mobility_domain fixed in commit b1dc2736db.
Fixes: #21768
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Joshua Klinesmith <joshuaklinesmith@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22677
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Export the unique, monotonic DISKSEQ sequence drive number instead of its
major/minor numbers to identify the boot disk and directly match the partition
in export_partdevice with PARTN.
The MINOR blockdevice numbers are not guaranteed sequential across disks, it
can happen that disks enumerate before their partitions are probed, resulting
in interleaved MINOR numbers breaking the partition offset calculation:
major minor #blocks name
259 0 250059096 nvme0n1
259 2 8192 nvme0n1p1
259 3 491520 nvme0n1p2
259 4 239 nvme0n1p128
259 1 250059096 nvme1n1
259 5 250057728 nvme1n1p1
Signed-off-by: Clemens Hopfer <openwrt@wireloss.net>
Link: https://github.com/openwrt/openwrt/pull/18962
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add some of the more current 4G and 5G modems.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Link: https://github.com/openwrt/openwrt/pull/13426
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The conditional runtime dependency on the ip package was originally
intended to only pull in the ip package when busybox ip is not
configured. However, in APK-based builds the BUSYBOX_CONFIG_*
variables may not be resolvable at package metadata generation
time, causing the ip dependency to be unconditionally baked into
the .apk package. This forces users to install ip-tiny or ip-full
even though busybox already provides the ip command.
Revert to the previous +@BUSYBOX_CONFIG_IP / +@BUSYBOX_CONFIG_FEATURE_IP_LINK
kconfig-level dependencies. These ensure busybox ip support is
enabled at config time without creating a runtime package dependency.
Both options default to y, and wireguard.uc only uses basic
ip link commands that busybox fully supports.
Fixes: openwrt#22637
Signed-off-by: Anand Kumar <anandvtu16158@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22652
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add ability to read u-boot-env partition as sys env
for Zyxel EX5601 and WX5600 with custom partitions.
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22670
Signed-off-by: Robert Marko <robimarko@gmail.com>
libunwind solves these in different ways.
ppc-musl is still pending upstream.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21057
Signed-off-by: Robert Marko <robimarko@gmail.com>
The rtl8812au-ct driver is obsolete and replaced by rtw88. It will need
tons of work to compile against 6.18 so for now limit it to 6.12.
Co-authored-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/21078
Signed-off-by: Robert Marko <robimarko@gmail.com>
Update module files for kernel 6.18
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/21078
Signed-off-by: Robert Marko <robimarko@gmail.com>
Update module files for kernel 6.18
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/21078
Signed-off-by: Robert Marko <robimarko@gmail.com>
Replace the two-step hrtimer initialization pattern with a single
consolidated call to hrtimer_setup().
The legacy approach of calling hrtimer_init() followed by manual
assignment to timer.function is deprecated. The new hrtimer_setup()
helper atomically initializes the timer and assigns the callback
function in one operation, eliminating the race-prone intermediate
state where the timer is initialized but lacks a handler.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/21078
Signed-off-by: Robert Marko <robimarko@gmail.com>
Reintroduce old-style debugfs file_operations for kernels < 6.14 and
switch the drivers to use debugfs_short_fops + debugfs_create_file_aux
on >= 6.14. This restores compatibility with older kernels while keeping
the new debugfs API working on 6.14+.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/21078
Signed-off-by: Robert Marko <robimarko@gmail.com>
This patch set introduces support for using the in-tree (mainline)
EIP93 crypto driver for kernel 6.18 and later, along with additional
improvements and fixes:
- Conditional Kconfig/Makefile handling for crypto-hw-eip93 to enable use of the mainline driver with kernel 6.18+.
- Patch 926: Use software AES fallback for small requests in the EIP93 driver.
- Patch 927: Add `mediatek,mtk-eip93` compatible string for upstream kernel device trees.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/21078
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add a config option for the 6.18 series of kernels
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/21078
Signed-off-by: Robert Marko <robimarko@gmail.com>
Change GPIOF_ACTIVE_LOW to gpiod_toggle_active_low
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/21078
Signed-off-by: Robert Marko <robimarko@gmail.com>
Backport upstream driver and apply pending downstream patches to
support using the MaxLinear MxL86252 and MxL86282 switches.
The driver supports a native proprietary 8-byte DSA special tag format
(mxl862xx) as well as using an 802.1Q-based DSA tag (mxl862xx-8021q).
All basic bridge, VLAN and LAG operations are supported. A single port
can be used as mirror port. Hardware counters are made available as
ethtool stats or directly serve as interface counters (bytes,
packets).
The switch runs a complex ZephyrOS-based firmware on an integrated
ARC microcontroller, the driver uses the firmware management API over
MDIO to interact with the switch hardware.
Note that the firmware needs to be rather recent (WSP 1.0.78 or later)
to work well with this driver. It can be updated at runtime using devlink.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This allows us to use the full size of nand,
which extends ubi size from 64Mb to 122.25Mb.
1. Log in to the device and backup all the partitions,
especially unique "Factory" and "bdata" partitions
from System -> Backup / Flash Firmware -> Save mtdblock contents.
2. Install kmod-mtd-rw to unlock mtd partitions for writing
apk update && apk add kmod-mtd-rw && insmod mtd-rw i_want_a_brick=1
3. Write new OpenWrt (U-Boot Layout) "BL2" and "FIP":
mtd -e BL2 write openwrt-mediatek-filogic-cudy_wr3000h-v1-ubootmod-preloader.bin BL2
mtd -e FIP write openwrt-mediatek-filogic-cudy_wr3000h-v1-ubootmod-bl31-uboot.fip FIP
4. Set static IP on your PC: "192.168.1.254", gateway "192.168.1.1"
5. Serve openwrt-mediatek-filogic-cudy_wr3000h-v1-ubootmod-initramfs-recovery.itb
using TFTP server.
6. Connect Router LAN with PC LAN.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt initramfs recovery has booted,
clean "/dev/mtd5" ubi partition to utilize maximum of free space:
ubidetach -p /dev/mtd5; ubiformat /dev/mtd5 -y; ubiattach -p /dev/mtd5
ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
9. Perform sysupgrade.
Signed-off-by: Dmitry Mostovoy <stavultras@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21943
Signed-off-by: Robert Marko <robimarko@gmail.com>
This allows us to use the full size of nand,
which extends ubi size from 64Mb to 122.25Mb.
1. Log in to the device and backup all the partitions,
especially unique "Factory" and "bdata" partitions
from System -> Backup / Flash Firmware -> Save mtdblock contents.
2. Install kmod-mtd-rw to unlock mtd partitions for writing
apk update && apk add kmod-mtd-rw && insmod mtd-rw i_want_a_brick=1
3. Write new OpenWrt (U-Boot Layout) "BL2" and "FIP":
mtd -e BL2 write openwrt-mediatek-filogic-cudy_wr3000e-v1-ubootmod-preloader.bin BL2
mtd -e FIP write openwrt-mediatek-filogic-cudy_wr3000e-v1-ubootmod-bl31-uboot.fip FIP
4. Set static IP on your PC: "192.168.1.254", gateway "192.168.1.1"
5. Serve openwrt-mediatek-filogic-cudy_wr3000e-v1-ubootmod-initramfs-recovery.itb
using TFTP server.
6. Connect Router LAN with PC LAN.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt initramfs recovery has booted,
clean "/dev/mtd5" ubi partition to utilize maximum of free space:
ubidetach -p /dev/mtd5; ubiformat /dev/mtd5 -y; ubiattach -p /dev/mtd5
ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
9. Perform sysupgrade.
Signed-off-by: Dmitry Mostovoy <stavultras@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21943
Signed-off-by: Robert Marko <robimarko@gmail.com>
This allows us to use the full size of nand,
which extends ubi size from 64Mb to 122.25Mb.
1. Log in to the device and backup all the partitions,
especially unique "Factory" and "bdata" partitions
from System -> Backup / Flash Firmware -> Save mtdblock contents.
2. Install kmod-mtd-rw to unlock mtd partitions for writing
apk update && apk add kmod-mtd-rw && insmod mtd-rw i_want_a_brick=1
3. Write new OpenWrt (U-Boot Layout) "BL2" and "FIP":
mtd -e BL2 write openwrt-mediatek-filogic-cudy_wr3000s-v1-ubootmod-preloader.bin BL2
mtd -e FIP write openwrt-mediatek-filogic-cudy_wr3000s-v1-ubootmod-bl31-uboot.fip FIP
4. Set static IP on your PC: "192.168.1.254", gateway "192.168.1.1"
5. Serve openwrt-mediatek-filogic-cudy_wr3000s-v1-ubootmod-initramfs-recovery.itb
using TFTP server.
6. Connect Router LAN with PC LAN.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt initramfs recovery has booted,
clean "/dev/mtd5" ubi partition to utilize maximum of free space:
ubidetach -p /dev/mtd5; ubiformat /dev/mtd5 -y; ubiattach -p /dev/mtd5
ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
9. Perform sysupgrade.
Signed-off-by: Dmitry Mostovoy <stavultras@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21943
Signed-off-by: Robert Marko <robimarko@gmail.com>
This allows us to use the full size of nand,
which extends ubi size from 64Mb to 122.25Mb.
1. Log in to the device and backup all the partitions,
especially unique "Factory" and "bdata" partitions
from System -> Backup / Flash Firmware -> Save mtdblock contents.
2. Install kmod-mtd-rw to unlock mtd partitions for writing
apk update && apk add kmod-mtd-rw && insmod mtd-rw i_want_a_brick=1
3. Write new OpenWrt (U-Boot Layout) "BL2" and "FIP":
mtd -e BL2 write openwrt-mediatek-filogic-cudy_wr3000p-v1-ubootmod-preloader.bin BL2
mtd -e FIP write openwrt-mediatek-filogic-cudy_wr3000p-v1-ubootmod-bl31-uboot.fip FIP
4. Set static IP on your PC: "192.168.1.254", gateway "192.168.1.1"
5. Serve openwrt-mediatek-filogic-cudy_wr3000p-v1-ubootmod-initramfs-recovery.itb
using TFTP server.
6. Connect Router LAN with PC LAN.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt initramfs recovery has booted,
clean "/dev/mtd5" ubi partition to utilize maximum of free space:
ubidetach -p /dev/mtd5; ubiformat /dev/mtd5 -y; ubiattach -p /dev/mtd5
ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
9. Perform sysupgrade.
Signed-off-by: Dmitry Mostovoy <stavultras@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21943
Signed-off-by: Robert Marko <robimarko@gmail.com>
