The basic AN7581 NPU FW also supports WiFi offload for MT7992 WiFi chip.
Add this information in the package description to clarify this.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
6.14 has introduced a DRM client setup library. Add kmod-drm-client-lib
to support it, and add it as a dependency to DRM modules which depend on it.
Link: https://github.com/openwrt/openwrt/pull/22975
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Motorcomm YT6801 is a PCIe ethernet controller based on DWMAC4 IP. It
integrates an GbE phy, supporting WOL, VLAN tagging and various types
of offloading. It ships an on-chip eFuse for storing various vendor
configuration, including MAC address.
The PM and plat_data functions were slightly modified to build with
current kernel.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/22923
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Linux commit 09371e1349c9 ("lib/crypto: powerpc/md5: Migrate optimized code into library")
removed the PowerPC-specific MD5 implementation (md5-ppc.ko) and
replaced it with an optimized library implementation in lib/crypto.
As a result, CONFIG_CRYPTO_MD5_PPC and the module
arch/powerpc/crypto/md5-ppc.ko no longer exist in kernels >= 6.18.
Link: https://github.com/openwrt/openwrt/pull/22732
Signed-off-by: Nick Hainke <vincent@systemli.org>
The sama5d4_xplained_nandflash target incorrectly references microchip_sama5d3-xplained as its BUILD_DEVICES value.
This appears to be a copy-paste error, as all other SAMA5D4 Xplained targets (e.g. mmc and spiflash) correctly use microchip_sama5d4-xplained. The target name itself also clearly refers to the SAMA5D4 platform.
In addition, the SAMA5D3 Xplained and SAMA5D4 Xplained boards use different NAND flash hardware and configurations, so pointing the nandflash target to a SAMA5D3 device is incorrect and may lead to invalid builds or runtime issues.
Fix the inconsistency by updating BUILD_DEVICES to microchip_sama5d4-xplained, aligning the nandflash target with the rest of the SAMA5D4 definitions and ensuring the correct device mapping.
Signed-off-by: Cerrone Diamant <cerrone@tutamail.com>
Link: https://github.com/openwrt/openwrt/pull/23022
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add patches to fix build failures on musl-based toolchains:
0002-xdpsock-fix-struct-ethhdr-redefinition-on-musl.patch:
xdpsock.c included <net/ethernet.h> and <netinet/ether.h> alongside
<linux/if_ether.h>, triggering a struct ethhdr redefinition on musl.
Replace BSD-style ether_header/ether_addr with struct ethhdr and drop
the conflicting includes.
0003-build-use-gnu2x-to-avoid-stdbool.h-dependency.patch:
Switch CFLAGS and BPF_CFLAGS from -std=gnu11 to -std=gnu2x. In C23,
bool is a native keyword, fixing "stdbool.h: No such file or directory"
errors with a clang lacking its resource directory (e.g. llvm-bpf built
with LLVM_INSTALL_TOOLCHAIN_ONLY=ON on musl targets).
Link: https://github.com/openwrt/openwrt/pull/22983
Signed-off-by: Nick Hainke <vincent@systemli.org>
Switch http:// (and redundant ftp://) PKG_SOURCE_URL entries to https://
across tools/ and package/. PKG_HASH alone does not protect against an
attacker tampering with insecure downloads when a maintainer regenerates
the hash via `make ... FIXUP=1`: HTTPS authenticates the upstream so the
captured hash reflects real upstream content.
In-place http -> https (HTTPS reachability verified per host):
- tools/elftosb, tools/lzop, tools/liblzo, tools/mpfr, tools/dosfstools,
tools/libressl, tools/xz
- package/libs/mpfr, package/libs/libmnl, package/libs/libnfnetlink
Replaced with @OPENWRT (HTTPS-only mirror) where the upstream HTTPS host
is dead or has a broken certificate:
- package/libs/popt (ftp.rpm.org cert mismatch)
- package/firmware/ixp4xx-microcode (was http://downloads.openwrt.org)
- package/boot/imx-bootlets (trabant.uid0.hu cert mismatch)
- package/boot/kobs-ng (freescale.com URL is dead, redirects to nxp.com root)
Dropped redundant ftp://ftp.denx.de fallback (https://ftp.denx.de is
already listed):
- package/boot/uboot-tools, tools/mkimage
Signed-off-by: Paul Spooren <mail@aparcar.org>
The by-now-upstream driver for the built-in 2.5GE PHY of the MediaTek
MT7988 and MT7987 SoC loads firmware at probe time.
Build the driver as a module in order to make sure the driver only
attempts to load the firmware by the time the rootfs with the firmware
file has become available.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Exclude more apk related files from the sysupgrade backup list when
using the various options that scan /etc for changes.
Ensure removal of the system generated distfeeds list, as that
contains kernel- and version-specific urls and should never be
retained.
Also exclude any '*.apk-new' files, equivalent to the old '*-opkg'
files, which may have been created during package installation.
Example before
$ sysupgrade -l -c | grep apk
/etc/apk/keys/buildroot.pem
/etc/apk/repositories.d/customfeeds.list
/etc/apk/repositories.d/distfeeds.list
/etc/owut.d/pre-install.sh.apk-new
/etc/config/adblock.apk-new
After
$ sysupgrade -l -c | grep apk
/etc/apk/keys/buildroot.pem
/etc/apk/repositories.d/customfeeds.list
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22937
Signed-off-by: Robert Marko <robimarko@gmail.com>
Fixes:
ifxmips_aes.c: In function 'gcm_aes_decrypt':
ifxmips_aes.c:1803:14: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
1803 | temp = walk.src.virt.addr;
| ^
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/22921
Signed-off-by: Robert Marko <robimarko@gmail.com>
Fixes:
ltq_atm.c: In function 'ltq_atm_probe':
ltq_atm.c:1840:36: error: passing argument 2 of 'platform_set_drvdata' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
1840 | platform_set_drvdata(pdev, ops);
| ^~~
In file included from ltq_atm.c:40:
/workspaces/openwrt/build_dir/target-mips_24kc_musl/linux-lantiq_xway/linux-6.18.21/include/linux/platform_device.h:276:47: note: expected 'void *' but argument is of type 'const struct ltq_atm_ops *'
276 | void *data)
| ~~~~~~^~~~
Fixes: c1fa85f659 ("treewide: use of_device_get_match_data")
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/22921
Signed-off-by: Robert Marko <robimarko@gmail.com>
Specification:
The device is similar to the M30 but has only one LAN port and no WAN port.
- MT7981 CPU using 2.4GHz and 5GHz WiFi (both AX)
- 512MB RAM
- 128MB NAND flash with two UBI partitions with identical size
- 1 multi color LED (red, green, blue, white) connected via GCA230718
- 2 buttons (WPS, reset, LED)
- 1 1Gbit LAN port
Disassembly:
- There are two screws at the power connector which must be removed. Afterwards the top case can be removed (it is clipped on, so some tools are required).
Serial Interface:
- The serial interface can be connected to the 4 pin holes on the board. Do NOT connect VCC.
- The pins are labelled on the PCB (RX, TX, GND)
- Settings: 115200, 8N1
MAC addresses:
- LAN MAC is stored in partition "Odm" at offset 0x8f
- WLAN MAC (2.4 GHz and 5GHz) is LAN MAC + 1
Reverting back to OEM firmware:
- There is currently no easy way to revert back to the OEM image
- The methods from M30 and M60 doesn't seem to work anymore
- If you plan to revert back to OEM firmware later, do the following steps before flashing OpenWrt:
- Boot from initramfs as described in "Flashing via U-Boot" but don't flash anything
- Instead, make a backup of UBI and UBI1 partition
- The created dumps must be written to the initial partitions to revert back to OEM
Flashing via Recovery Web Interface:
- Set your IP address to 192.168.200.10, subnetmask 255.255.255.0
- Press the reset button while powering on the device
- Keep the reset button pressed until the LED blinks red
- Open a Chromium based and goto http://192.168.200.50/ (recovery web interface)
- Download openwrt-mediatek-filogic-dlink_aquila-pro-ai-e30-a1-squashfs-recovery.bin
- Note: The recovery web interface always reports successful flashing, even if it fails
- After flashing, the recovery web interface will try to forward the browser to 192.168.0.1 (can be ignored)
- If flashing was successful, OpenWrt is accessible via 192.168.1.1
- The recovery image boots an initramfs image, flash the sys upgrade image to get to „normal“ OpenWrt mode
Flashing via U-Boot:
- Open the case, connect to the UART console
- Set your IP address to 192.168.200.2, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
- Run a tftp server which provides openwrt-mediatek-filogic-dlink_aquila-pro-ai-e30-a1-initramfs-kernel.bin
- Supply the board with 12V
- Select "7. Load image" in the U-Boot menu
- Enter image file, tftp server IP and device IP (if they differ from the default).
- TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
- The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
- Perform a sysupgrade using openwrt-mediatek-filogic-dlink_aquila-pro-ai-e30-a1-squashfs-sysupgrade.bin
- Reboot the device. OpenWrt should start from flash now
Flashing via OEM web interface is not possible, as it will change the active partition and OpenWrt is only running on the first UBI partition.
Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22776
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Replace conditional "LINUX_6_12:mod" / "!LINUX_6_12:mod" AUTOLOAD entries
with version-filtered module names using @lt6.18 / @ge6.18. This makes
version_filter emit plain module names into /etc/modules.d(e.g. "crc32c_generic"),
allowing kmodloader to find and load the correct module for the running kernel.
Fixes crc32c (and related crypto modules) not being autoloaded on 6.12 kernels.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/22798
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
EDUP EP-RT2983 comes with a factory installed version of OpenWrt 23.05
with device name "netis,n6".
Specification
--------------
- SoC : MediaTek MT7621AT, MIPS, 880 MHz
- RAM : 256 MiB
- Flash : NAND 128 MiB (Toshiba)
- WLAN : MT7905DAN + MT7975DN
- 2.4 GHz : b/g/n/ax, 574 Mbps, MIMO 2x2
- 5 GHz : a/n/ac/ax, 1201 Mbps, MIMO 2x2
- Ethernet : 10/100/1000 Mbps x4 (1x WAN, 3x LAN)
- UART : 3.3V, 115200n8
- Buttons : 1x Reset
1x WPS
- LEDs : 1x Power (green)
1x WiFi (green)
1x Mesh/WPS (green); flashing green during boot
3x LAN (green)
1x WAN (green); flashing red during upgrade and failsafe
- Power : 12 VDC 1A
Installation
-------------
1. Log in to LuCI
2. Go to System, Backup / Flash Firmware
3. If desired, backup the current system by saving (all) the mtdblock
contents.
4. Flash new firmware image, select Flash image.
5. Browse and select the sysupgrade file
"openwrt-*-ramips-mt7621-edup_ep-rt2983-squashfs-sysupgrade.bin"
and then Upload.
6. Unselect "Keep settings and retain the current configuration"
Note: All settings will be reset to default. WiFi is not enabled by
default so a connection via Ethernet is necessary to log in and set up.
7. Allow "Force upgrade" (tick the box if there is one), or press Continue
if there is no box to tick. This is because the name is now
"edup,ep-rt2983" as it should have been from the start.
8. Proceed to flash. Wait for reboot and keep power connected.
9. After reboot, default address to access LuCI is 192.168.1.1 with
no password
Recovery (UART)
----------------
1. Remove the 4 screws on the bottom and pry open the cover.
2. Connect serial adapter to the unpopulated serial header pins
TX, RX, GND near the WPS button. Do not connect VCC.
3. Start serial terminal (e.g. minicom, screen, etc) on the computer and
turn on the router.
4. As prompted, hit any key to stop autoboot.
5. Enter 2 to select "2. Upgrade firmware"
6. Enter 0 to select "0 - TFTP client (Default)"
7. Accept the defaults by pressing Enter for
"Input U-Boot's IP address: 192.168.1.1",
"TFTP server's IP address: 192.168.1.2",
"Input IP netmask: 255.255.255.0"
8. Assign your PC's Ethernet port a static IP 192.168.1.2 with netmask
255.255.255.0 and connect to a LAN port on the router using the
Ethernet cable. Disconnect all other network connections (e.g. WiFi) on
the computer.
9. Serve the factory image
"openwrt-*-ramips-mt7621-edup_ep-rt2983-squashfs-factory.bin" using
a TFTP server, e.g. tftpd64. For convenience, the filename can be renamed
to something shorter.
10. In the serial terminal, when prompted "Input file name:", enter the
filename from the previous step and press Enter.
11. The factory image will be flashed as indicated. Wait for reboot.
MAC addresses prototype
------------------------
+---------+---------------------+
| | MAC example |
+---------+---------------------+
| LAN | CC:D8:1F:47:xx:yy |
| WAN | CC:D8:1F:47:xx:yy+1 |
| WLAN 2G | CC:D8:1F:17:xx:yy+2 |
| WLAN 5G | CC:D8:1F:77:xx:yy+2 |
+---------+---------------------+
Signed-off-by: Ryan Leung <untilscour@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/22197
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Add support for the Zyxel GS1900-48HP A1 managed PoE switch based on
RTL8393 SoC with 48 copper ports (6x RTL8218B), 2 SFP slots and PoE
(170W budget). Includes DTS, image definition, network config and
u-boot-env support.
The device has 48 copper ports but only ports 1-24 are powered by
the PoE PSE controller.
PoE support requires the realtek-poe package from the packages feed
with an additional configuration for PSE ID 7 to address the MCU on
this device.
Signed-off-by: Klaus Rubenstein <klaus.rubenstein@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
This release incorporates the following bug fixes and mitigations:
Fixed incorrect failure handling in RSA KEM RSASVE encapsulation.
(CVE-2026-31790)
Fixed loss of key agreement group tuple structure when the DEFAULT keyword
is used in the server-side configuration of the key-agreement group list.
(CVE-2026-2673)
Fixed potential use-after-free in DANE client code.
(CVE-2026-28387)
Fixed NULL pointer dereference when processing a delta CRL.
(CVE-2026-28388)
Fixed possible NULL dereference when processing CMS KeyAgreeRecipientInfo.
(CVE-2026-28389)
Fixed possible NULL dereference when processing CMS
KeyTransportRecipientInfo.
(CVE-2026-28390)
Fixed heap buffer overflow in hexadecimal conversion.
(CVE-2026-31789)
No need refresh patches
Signed-off-by: Jack Sun <sunjiazheng321521@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22847
Signed-off-by: Robert Marko <robimarko@gmail.com>
The rss-input-xfrm workaround for Linux 6.6 is no longer needed with
current kernel versions. Remove the patch and the associated
--enable-rss-input-xfrm configure flag.
Link: https://github.com/openwrt/openwrt/pull/22841
Signed-off-by: Nick Hainke <vincent@systemli.org>
The highlight of this version is that the bl2 size will be reduced
by 60+ KB. The MT7987 SPI interface selection hack was replaced by
upstream implementation with the new symbol SPIM_NAND_PREFER_SPI2.
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Christian Marangi
Zoltan HERPAI
Thomas Weißschuh
Tianling Shen
Rosen Penev
Nick Hainke
Cerrone Diamant
Paul Spooren
Konstantin Demin
Daniel Golle
INAGAKI Hiroshi
Eric Fahlgren
Shiji Yang
Roland Reinl
Qingfang Deng
Luiz Angelo Daros de Luca
Mieczyslaw Nalewaj
Ryan Leung
Richard Huynh
John Audia
Klaus Rubenstein
Andre Heider
Jack Sun