Broadcom BCM43602 needs certain NVRAM variables to be set to function. Add
a quirk for it and add ASUS RT-AC3200 which has got Broadcom BCM43602 to
the quirk. Thanks to Tom Brautaset for finding the needed variables.
Signed-off-by: Chester A. Unal <chester.a.unal@arinc9.com>
Add ASUS RT-AC3200 and ASUS RT-AC5300 to the set wireless LED behaviour
quirk. ASUS RT-AC3200's wireless chip is different than ASUS RT-AC5300's,
the environment variables for it are 0:ledbh10 and 1:ledbh10.
Signed-off-by: Chester A. Unal <chester.a.unal@arinc9.com>
ASUS RT-AC3200 and ASUS RT-AC5300 are AC3200 and AC5300 routers,
respectively, featuring 5 Ethernet ports over the integrated Broadcom
switch.
ASUS RT-AC3200 hardware info:
* Processor: Broadcom BCM4709A0 dual-core @ 1.0 GHz
* Switch: BCM53012 in BCM4709A0
* DDR3 RAM: 256 MB
* Flash: 128 MB
* 2.4GHz: BCM43602 3x3 single chip 802.11b/g/n SoC
* 5GHz: BCM43602 3x3 two chips 802.11a/n/ac SoC
* Ports: 4 LAN Ports, 1 WAN Port
ASUS RT-AC5300 hardware info:
* Processor: Broadcom BCM4709C0 dual-core @ 1.4 GHz
* Switch: BCM53012 in BCM4709C0
* DDR3 RAM: 512 MB
* Flash: 128 MB
* 2.4GHz: BCM4366 4x4 single chip 802.11b/g/n SoC
* 5GHz: BCM4366 4x4 two chips 802.11a/n/ac SoC
* Ports: 4 LAN Ports, 1 WAN Port
Flashing instructions:
* Boot to CFE Recovery Mode by holding the reset button while power-on.
* Connect to the router with an ethernet cable.
* Set IPv4 address of the computer to 192.168.1.2 subnet 255.255.255.0.
* Head to http://192.168.1.1.
* Reset NVRAM.
* Upload the OpenWrt image.
CFE bootloader may reject flashing the image due to image integrity check.
In that case, follow the instructions below.
* Rename the OpenWrt image as firmware.trx.
* Run a TFTP server and make it serve the firmware.trx file.
* Run the URL below on a browser or curl.
http://192.168.1.1/do.htm?cmd=flash+-noheader+192.168.1.2:firmware.trx+flash0.trx
Signed-off-by: Chester A. Unal <chester.a.unal@arinc9.com>
- Security: Avoid privilege escalation via unix stream forwarding in Dropbear
server. Other programs on a system may authenticate unix sockets via
SO_PEERCRED, which would be root user for Dropbear forwarded connections,
allowing root privilege escalation.
Reported by Turistu, and thanks for advice on the fix.
This is tracked as CVE-2025-14282, and affects 2024.84 to 2025.88.
It is fixed by dropping privileges of the dropbear process after
authentication. Unix stream sockets are now disallowed when a
forced command is used, either with authorized_key restrictions or
"dropbear -c command".
In previous affected releases running with "dropbear -j" (will also disable
TCP fowarding) or building with localoptions.h/distrooptions.h
"#define DROPBEAR_SVR_LOCALSTREAMFWD 0" is a mitigation.
- Security: Include scp fix for CVE-2019-6111. This allowed
a malicious server to overwrite arbitrary local files.
The missing fix was reported by Ashish Kunwar.
- Server dropping privileges post-auth is enabled by default. This requires
setresgid() support, so some platforms such as netbsd or macos will have to
disable DROPBEAR_SVR_DROP_PRIVS in localoptions.h. Unix stream forwarding is
not available if DROPBEAR_SVR_DROP_PRIVS is disabled.
Remote server TCP socket forwarding will now use OS privileged port
restrictions rather than having a fixed "allow >=1024 for non-root" rule.
A future release may implement privilege dropping for netbsd/macos.
- Fix a regression in 2025.87 when RSA and DSS are not built. This would lead
to a crash at startup with bad_bufptr().
Reported by Dani Schmitt and Sebastian Priebe.
- Don't limit channel window to 500MB. That is could cause stuck connections
if peers advise a large window and don't send an increment within 500MB.
Affects SSH.NET https://github.com/sshnet/SSH.NET/issues/1671
Reported by Rob Hague.
- Ignore -g -s when passwords arent enabled. Patch from Norbert Lange.
Ignore -m (disable MOTD), -j/-k (tcp forwarding) when not enabled.
- Report SIGBUS and SIGTRAP signals. Patch from Loïc Mangeonjean.
- Fix incorrect server auth delay. Was meant to be 250-350ms, it was actually
150-350ms or possibly negative (zero). Reported by pickaxprograms.
- Fix building without public key options. Thanks to Konstantin Demin
- Fix building with proxycmd but without netcat. Thanks to Konstantin Demin
- Fix incorrect path documentation for distrooptions, thanks to Todd Zullinger
- Fix SO_REUSEADDR for TCP tests, reported by vt-alt.
Dropped:
* 050-dropbear-multihop-fix.patch as its included in the release 5cc0127000db5f
* 051-fix-pubkey-options.patch as its included in the release 1d4c4a542cd5df
* 052-fix-missing-depends-for-sntrup761x25519-sha512.patch as its included
in the release 1a2c1e649a1824
* 053-Don-t-limit-channel-window-to-500MB.patch as its included in the release a8610f7b98ad
Manually rebased:
* 110-change_user.patch
Fixes: CVE-2025-14282, CVE-2019-6111
Reviewed-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Konstantin Demin <rockdrilla@gmail.com>
Tested-by: Konstantin Demin <rockdrilla@gmail.com> [mediatek/filogic (GL.iNet GL-MT6000)]
Link: https://github.com/openwrt/openwrt/pull/21186
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The u-boot target name has to match the u-boot configuration. Switch
this back to the old names.
Fixes: d871e95e7f ("sunxi: image: sync target profiles names with DT compatible")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes a failed bring up of the radio on bootup
if the model defines a rename of phy in its /etc/board.json.
This specifically impacts Redmi AX6S and any router that does so
in its /etc/board.json. The fix fortunately is simple, just update
phy name in phys after rename.
The entry that specifically causes this issue is the following:
{
<omitted>
"wlan": {
"wl0": {
"path": "platform/18000000.wmac",
"info": {
"antenna_rx": 15,
"antenna_tx": 15,
"bands": {
"2G": {
"ht": true,
"max_width": 40,
"modes": [
"NOHT",
"HT20",
"HT40"
],
"default_channel": 1
}
},
"radios": [
]
}
},
...
}
The issue is that after rename, referenced phy in config is going to be
wl0 but in phys array it is still phy0; and so it fails to find phy
and does not bring up radio.
Fixes: https://github.com/openwrt/openwrt/issues/20250
Fixes: https://github.com/openwrt/openwrt/issues/20339
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/21175
Signed-off-by: Robert Marko <robimarko@gmail.com>
As a first real usage of the new SerDes struct, move the polarity
configuration there. It was previously located in the global rtpcs_ctrl
struct as an array, indexed by SerDes id. Because this is per-SerDes
information, the new SerDes struct is the correct place to live in.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21146
Signed-off-by: Robert Marko <robimarko@gmail.com>
By using references to pre-initiated SerDes instances instead of plain
SerDes number, there is no need to check for the range anymore in
various places. During driver/pcs init it is ensured that only valid
SerDes will reach the configuration functions.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21146
Signed-off-by: Robert Marko <robimarko@gmail.com>
Also switch set_autoneg (and related helper rtpcs_sds_modify) to the
SerDes struct instead of the plain SerDes id by using just the reference
to the SerDes instance instead of (ctrl, sds_id) tuple. This completes
the transition.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21146
Signed-off-by: Robert Marko <robimarko@gmail.com>
Make use of the previously added SerDes struct in SerDes setup and all
functions in its call path by removing (ctrl, sds_num) being passed to
every function call and instead just pass the reference to the
corresponding SerDes instance.
Various SerDes calculations for even, odd and neighbor are unified by
switching to previously introduced helpers.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21146
Signed-off-by: Robert Marko <robimarko@gmail.com>
Upon creation of a phylink_pcs instance by calling rtpcs_create, assign
a reference to the corresponding SerDes to the link structure. In the
next step, this should be used everywhere instead of the plain SerDes
number.
Rename the field used to hold the SerDes number from 'sds' to 'sds_num'
and name the new field 'sds' to make clear what is what.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21146
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add dedicated helpers to get references to even, odd and neigbor SerDes
if needed. This should replace the various calculations scattered
throughout the code, providing a unified way to work with adjacent
SerDes.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21146
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add a separate structure for a SerDes. This is needed to appropriately
store per-SerDes information, which in turn is needed for future work.
Additionally, it's intended to reduce boilerplate and several
inconsistencies.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21146
Signed-off-by: Robert Marko <robimarko@gmail.com>
Use a separate configuration field for the number of SerDes for each
variant of the Realtek Otto family. Add this field to the config
structure, assign it and use it during driver probe. This narrows
possible error cases and is needed for upcoming extensions.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21146
Signed-off-by: Robert Marko <robimarko@gmail.com>
The Realtek SerDes mode capabilities do not map 1:1 to the
PHY_INTERFACE_MODE_* modes used in the kernel and passed to the PCS.
For example, some PHY chips use the proprietary XSGMII mode for which
there isn't an equivalent in the kernel, or HSGMII.
In the past, this led to problems and confusion using kernel's XGMII to
handle the XSGMII mode, and needed a downstream patch for HSGMII. They
have been solved/worked around for now, but XSGMII is currently not
implemented at all. And who knows what might come in the future.
To make our life easier, introduce a dedicated internal representation
of SerDes modes which differs from kernel's PHY_INTERFACE_MODE_*. This
allows us to map "external" modes to different internal modes as needed
instead of carrying the PHY_INTERFACE_MODE_* through the whole SerDes
configuration code. The PCS driver needs to map PHY_INTERFACE_MODE_* to
RTPCS_SDS_MODE_* in pcs_config, and the latter should be used as the
only one.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21146
Signed-off-by: Robert Marko <robimarko@gmail.com>
Since the beginning, the PCS driver had the ability to call its
rtpcs_create without a reference to a valid PCS node. A comment in the
code mentions that this is done for RTL838X and its built-in octa-PHY
which is connected directly instead of via a SerDes. Further
explanations are not provided.
Drop this ability and make the rtpcs_create call in the dsa driver
conditional. As the built-in PHY of RTL838X isn't attached to a SerDes,
there is no obvious point of having the PCS driver in that chain. The
ports are marked as internal and have no pcs-handle, thus no phylink_pcs
instance should be created.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21146
Signed-off-by: Robert Marko <robimarko@gmail.com>
Commit 3c073b5cb2 cleaned up the debugfs creation in
mdio-realtek-otto-serdes driver to not explicitly check if the root
directory already exists. This is fine because kernel handles the case
properly so there's no need to check anymore.
However, this pollutes the boot log with:
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
[..] debugfs: 'realtek_otto_serdes' already exists in '/'
Now, the root directory creation is attempted multiple times, causing
the kernel to print an error message because the directory already
exists.
Fix this by moving the SerDes loop into rtsds_debug_init and only try
to create the root debugfs directory once.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21179
Signed-off-by: Robert Marko <robimarko@gmail.com>
The eight leds controlled by the LED controller are RGB leds themselves
but are flashing white by default. The color part is controlled by GPIOs
53 (green), 54 (red), 57 (blue) and 60 (white).
Therefore define the led nodes of the controller as white instead of RBG
as well as backlight as their function.
Signed-off-by: Christoph Krapp <achterin@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/20877
Signed-off-by: Robert Marko <robimarko@gmail.com>
When support was added for the RBR40 and RBS40 it was assumed that they
also share the same second 5ghz wifi chip as their bigger siblings.
Turns out that instead of QCA9984 (RBx50, SRx60) these devices use
QCA9886 like the RBx20 devices to.
They also load different boardfiles for the IPQ4019 chip.
This moves the wifi nodes from the orbi.dtsi to each device dts file and
change the RBx40 boardfile variants.
Signed-off-by: Christoph Krapp <achterin@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/20877
Signed-off-by: Robert Marko <robimarko@gmail.com>
Netgear Orbi devices are split into router and satellite units. Even
though the hardware is mostly the same, the network configuration is
different. Router units have a designated WAN port while satellite units
have all available ports labeled as "Ethernet".
This splits the device trees into both unit types and adjusts the port
labels.
Signed-off-by: Christoph Krapp <achterin@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/20877
Signed-off-by: Robert Marko <robimarko@gmail.com>
Following up with errors reported in the ASU repo, these bananapi cases
do not match the DT compatible "bpi", sync with dts sources.
Also some profiles were overwriting SUPPORTED_DEVICES.
Sysupgrade would be failing in SUPPORTED_DEVICES check since
the DT compatible(/tmp/sysinfo/board_name) is not in SUPPORTED_DEVICES.
This should also fix errors when using ASU sysupgrade clients.
- Sync profile makefile target names with DT compatibles.
- Fix overwrites of SUPPORTED_DEVICES instead of appending.
- Adapt the uboot-sunxi profiles accordingly.
*bpi-p2-zero dts is still not upstream.
V2:
- Include fixes for arm926ejs(ARM926EJ-S) subtarget (LicheePi Nano and
PopStick v1.1) (profile rename for correct default SUPPORTED_DEVICES)
Fixes: https://forum.openwrt.org/t/luci-attended-sysupgrade-support-thread/230552/246
Fixes: https://github.com/openwrt/asu/issues/486
Fixes: https://github.com/openwrt/asu/issues/524
Fixes: 9aa66b8ce7 "sunxi: add support for Banana Pi M2 Berry"
Fixes: d5f615bf2a "sunxi: add support for Sinovoip Banana Pi M2 Plus"
Fixes: 3819c1638a "sunxi: Add support for Banana Pi M2 Ultra"
Fixes: 6bf8193b25 "sunxi: add support for Bananapi P2 Zero"
Fixes: 80edfaf675 "sunxi: add support for Banana Pi M3"
Fixes: 3c24a1d423 "sunxi: add support for NanoPi NEO Plus2 board"
Fixes: a689307c97 "sunxi: build image/uboot for the NanoPi NEO2"
Fixes: fde68cb809 "sunxi: add support for FriendlyARM NanoPi R1S H5"
Fixes: 3ec468ff4f "sunxi: add F1C100 (arm926ej-s) support"
Signed-off-by: Mario Andrés Pérez <mapb_@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/21095
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is a trivial change to allow users to use 'list' on iface.
Old wifi-scripts already implements this, so this just ensures
that shell-based and ucode wifi-scripts are on-par with each other.
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/20977
Signed-off-by: Robert Marko <robimarko@gmail.com>
When iface is omitted, wifi-vlan will apply to all interfaces.
However, netifd.set_vlan call is not successful as it assumes
that every wifi-vlan section corresponds to one VIF.
For this reason in the wifi-vlan case (cur_type == "vlan")
we create a composite key in the form `${vif.name}/${vlan.name}`
allowing the same vlan section to correspond to multiple VAPs.
`/` was decided as a delimiter as it is an invalid character
for a network interface name and UCI identifier; so it is
impossible for it to cause conflicts.
It was verified that the `ubus call network.wireless status`
works as expected with this change. Moreover, wifi-station
is not susceptible to this problem.
This also means that it is now possible for wifi-vlan
to support `list` iface similar to old shell-based wifi-scripts.
This will be done in a follow-up commit.
Fixes: 98435a37a7 ("wifi-scripts: iface should be optional in wifi-vlan definition")
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/20977
Signed-off-by: Robert Marko <robimarko@gmail.com>
c6202981872e ipq5018: use correct board for GL-iNet B3000 IPQ5018 radio
ec72376cadf1 qca4019: Add Meraki Underdog
059b7114c77b ipq6018: add tp-link eap620hd v2
Signed-off-by: Robert Marko <robimarko@gmail.com>
cf51aeb93220 odhcpd: fix captive_portal_uri reset
e8b7fdea8d5e dhcpv4: fix DNS server option
b84553e496a3 router: Modify relayed RA PIO P flag according to interface policy
da3e2a9829cc router: Modify relayed RA PIO A flags according to interface policy
bad7138b70f0 README.md: update dhcp ubus events
ca00527e5f...cf51aeb932
Also remove duplicated /usr/share/libubox/jshn.sh include.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
This allows an optional tag to be put in the .config file which is
included in the filename of the resulting images, so it's easier to
build images with different functionality for the same target hardware.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Link: https://github.com/openwrt/openwrt/pull/20984
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The previous logic was copied from 12_network-generate-ula, but fails to
account for upgrades where the "auto" value isn't set (it is set by
base-files/files/bin/config_generate). Fix this to always set the
default duid if it isn't set.
Also, rename the file to better reflect what it does.
Closes: #21029
Fixes: a660a076db ("base-files: generate a global DHCP DUID")
Link: https://github.com/openwrt/openwrt/pull/21118
Signed-off-by: David Härdeman <david@hardeman.nu>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [fixes,closes tag]
