Wifi on the 6GHz band does not support open networks, configure owe by
default. 6GHz wifi also needs a country code, configure a broken country
code '00' by default to hint the user to change it.
Link: https://github.com/openwrt/openwrt/pull/21313
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 01a87f4bd0)
Without this patch, the
if (!config.wpa)
config.wpa_pairwise = null;
is overwritten immediately.
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Link: https://github.com/openwrt/openwrt/pull/21215
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit bc4e7fd38e)
When wdev interfaces and hostapd interfaces are mixed, race conditions
can occur. Sometimes all interfaces are started correctly, sometimes only
the wdev interface and some of the hostapd interfaces, and sometimes only
the wdev interface.
Fix this by creating the wdev interfaces first, before processing
wpa_supplicant or hostapd interfaces.
Link: https://github.com/openwrt/openwrt/pull/21303
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 2015a40c38)
Add EHT* check so that the hwmode will display 802.11be capability correctly.
Signed-off-by: Elwin Huang <s09289728096@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21267
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 95112a4939)
Mesh interfaces may not define an encryption setting. This results in
a ucode runtime error when parse_encryption() is called:
Reference error: left-hand side expression is null
In parse_encryption(), file /usr/share/ucode/wifi/iface.uc, line 20, byte 32:
called from function setup_sta (/usr/share/ucode/wifi/supplicant.uc:59:31)
called from function generate (/usr/share/ucode/wifi/supplicant.uc:243:41)
called from function setup (./mac80211.sh:254:61)
called from anonymous function (./mac80211.sh:342:14)
` config.auth_type = encryption[0] ?? 'none';`
Near here ------------------------^
Link: https://github.com/openwrt/openwrt/pull/21293
(cherry picked from commit 00e6c18a93)
Link: https://github.com/openwrt/openwrt/pull/21295
Signed-off-by: Nick Hainke <vincent@systemli.org>
Add menuconfig option 'kmod-usb-gadget-fs' for the USB FunctionFS gadget
module
OpenWRT is perfect for USB gadgets that are network-enabled, since it
provides everything needed to easily manage the device. Having support
for the FunctionFS gadget enables the use of any custom USB devices
that does not have a specific module, like Media Transfer Protocol.
Signed-off-by: Dominic Germain <dominic@germain.cc>
Link: https://github.com/openwrt/openwrt/pull/21207
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 22a69dfa4a)
The ncm proto handler ignored ip4table, ip6table, and mtu settings.
The fix is based on the existing code in the mbim proto handler.
Fixes: #20216.
Signed-off-by: Alexander Patrakov <patrakov@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/20217
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b289edd84b)
libc depends on knowing libgcc's ABI, so it needs to be evaluated first.
Otherwise libc will depend on an ABI-less libgcc causing the rest of the
toolchain to fail.
Building package index...
ERROR: unable to select packages:
libgcc (virtual):
note: please select one of the 'provided by'
packages explicitly
provided by: libgcc1
required by: world[libgcc]
Before:
libc fused dependencies: libgcc
libgcc fused dependencies:
libatomic fused dependencies: libgcc1
After:
libgcc fused dependencies:
libc fused dependencies: libgcc1
libatomic fused dependencies: libgcc1
Signed-off-by: George Sapkin <george@sapk.in>
Link: https://github.com/openwrt/openwrt/pull/21265
(cherry picked from commit 5e32bfbf4b)
Link: https://github.com/openwrt/openwrt/pull/21253
Signed-off-by: Robert Marko <robimarko@gmail.com>
Interrupt vector for reo2host-status is wrongly assigned.
Status interrupts weren't received and a workaround was applied to
mac80211 to periodically poll the reo status ring. Therefore, the
workaround can be removed with the proper hardware interrupt line
assigned.
Signed-off-by: George Moussalem <george.moussalem@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/21272
Signed-off-by: Robert Marko <robimarko@gmail.com>
0779ee287db5 dhcpv6-ia: reconfigure message length bug fix
d69896b0ac7c all: remove dead code
3f6b3b4b9f8a odhcpd: remove fallback DNS search domain
ff3f72fdd01d router: remove some log spam in send_router_advert()
c1cc541e1065 router: improve send_router_advert()
901851b883da router: Modify relayed RA PIO P flag according to interface policy
179429ba477d router: Modify relayed RA PIO A flags according to interface policy
cb1b8770b7...0779ee287d
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
cb1b8770b782 config: add default value for dhcpv6_pd_min_len
20eb94d02dfe config: allow minimum PD len up to 64
7ebd96083971 Revert "router: optimize duplicated PIO comparison"
90ae6fc6e478 statefiles: don't consider no hostname as broken
1ff1328a4f...cb1b8770b7
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
- Security: Avoid privilege escalation via unix stream forwarding in Dropbear
server. Other programs on a system may authenticate unix sockets via
SO_PEERCRED, which would be root user for Dropbear forwarded connections,
allowing root privilege escalation.
Reported by Turistu, and thanks for advice on the fix.
This is tracked as CVE-2025-14282, and affects 2024.84 to 2025.88.
It is fixed by dropping privileges of the dropbear process after
authentication. Unix stream sockets are now disallowed when a
forced command is used, either with authorized_key restrictions or
"dropbear -c command".
In previous affected releases running with "dropbear -j" (will also disable
TCP fowarding) or building with localoptions.h/distrooptions.h
"#define DROPBEAR_SVR_LOCALSTREAMFWD 0" is a mitigation.
- Security: Include scp fix for CVE-2019-6111. This allowed
a malicious server to overwrite arbitrary local files.
The missing fix was reported by Ashish Kunwar.
- Server dropping privileges post-auth is enabled by default. This requires
setresgid() support, so some platforms such as netbsd or macos will have to
disable DROPBEAR_SVR_DROP_PRIVS in localoptions.h. Unix stream forwarding is
not available if DROPBEAR_SVR_DROP_PRIVS is disabled.
Remote server TCP socket forwarding will now use OS privileged port
restrictions rather than having a fixed "allow >=1024 for non-root" rule.
A future release may implement privilege dropping for netbsd/macos.
- Fix a regression in 2025.87 when RSA and DSS are not built. This would lead
to a crash at startup with bad_bufptr().
Reported by Dani Schmitt and Sebastian Priebe.
- Don't limit channel window to 500MB. That is could cause stuck connections
if peers advise a large window and don't send an increment within 500MB.
Affects SSH.NET https://github.com/sshnet/SSH.NET/issues/1671
Reported by Rob Hague.
- Ignore -g -s when passwords arent enabled. Patch from Norbert Lange.
Ignore -m (disable MOTD), -j/-k (tcp forwarding) when not enabled.
- Report SIGBUS and SIGTRAP signals. Patch from Loïc Mangeonjean.
- Fix incorrect server auth delay. Was meant to be 250-350ms, it was actually
150-350ms or possibly negative (zero). Reported by pickaxprograms.
- Fix building without public key options. Thanks to Konstantin Demin
- Fix building with proxycmd but without netcat. Thanks to Konstantin Demin
- Fix incorrect path documentation for distrooptions, thanks to Todd Zullinger
- Fix SO_REUSEADDR for TCP tests, reported by vt-alt.
Dropped:
* 050-dropbear-multihop-fix.patch as its included in the release 5cc0127000db5f
* 051-fix-pubkey-options.patch as its included in the release 1d4c4a542cd5df
* 052-fix-missing-depends-for-sntrup761x25519-sha512.patch as its included
in the release 1a2c1e649a1824
* 053-Don-t-limit-channel-window-to-500MB.patch as its included in the release a8610f7b98ad
Manually rebased:
* 110-change_user.patch
Fixes: CVE-2025-14282, CVE-2019-6111
Reviewed-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Konstantin Demin <rockdrilla@gmail.com>
Tested-by: Konstantin Demin <rockdrilla@gmail.com> [mediatek/filogic (GL.iNet GL-MT6000)]
Link: https://github.com/openwrt/openwrt/pull/21186
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 70a4da1ceb)
The u-boot target name has to match the u-boot configuration. Switch
this back to the old names.
Fixes: d871e95e7f ("sunxi: image: sync target profiles names with DT compatible")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 86996634f0)
This fixes a failed bring up of the radio on bootup
if the model defines a rename of phy in its /etc/board.json.
This specifically impacts Redmi AX6S and any router that does so
in its /etc/board.json. The fix fortunately is simple, just update
phy name in phys after rename.
The entry that specifically causes this issue is the following:
{
<omitted>
"wlan": {
"wl0": {
"path": "platform/18000000.wmac",
"info": {
"antenna_rx": 15,
"antenna_tx": 15,
"bands": {
"2G": {
"ht": true,
"max_width": 40,
"modes": [
"NOHT",
"HT20",
"HT40"
],
"default_channel": 1
}
},
"radios": [
]
}
},
...
}
The issue is that after rename, referenced phy in config is going to be
wl0 but in phys array it is still phy0; and so it fails to find phy
and does not bring up radio.
Fixes: https://github.com/openwrt/openwrt/issues/20250
Fixes: https://github.com/openwrt/openwrt/issues/20339
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/21175
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit e4d5e76af0)
Add boardfile override packages for Netgear RBK40 devices.
Signed-off-by: Christoph Krapp <achterin@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/20877
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit e9d6015bef)
Following up with errors reported in the ASU repo, these bananapi cases
do not match the DT compatible "bpi", sync with dts sources.
Also some profiles were overwriting SUPPORTED_DEVICES.
Sysupgrade would be failing in SUPPORTED_DEVICES check since
the DT compatible(/tmp/sysinfo/board_name) is not in SUPPORTED_DEVICES.
This should also fix errors when using ASU sysupgrade clients.
- Sync profile makefile target names with DT compatibles.
- Fix overwrites of SUPPORTED_DEVICES instead of appending.
- Adapt the uboot-sunxi profiles accordingly.
*bpi-p2-zero dts is still not upstream.
V2:
- Include fixes for arm926ejs(ARM926EJ-S) subtarget (LicheePi Nano and
PopStick v1.1) (profile rename for correct default SUPPORTED_DEVICES)
Fixes: https://forum.openwrt.org/t/luci-attended-sysupgrade-support-thread/230552/246
Fixes: https://github.com/openwrt/asu/issues/486
Fixes: https://github.com/openwrt/asu/issues/524
Fixes: 9aa66b8ce7 "sunxi: add support for Banana Pi M2 Berry"
Fixes: d5f615bf2a "sunxi: add support for Sinovoip Banana Pi M2 Plus"
Fixes: 3819c1638a "sunxi: Add support for Banana Pi M2 Ultra"
Fixes: 6bf8193b25 "sunxi: add support for Bananapi P2 Zero"
Fixes: 80edfaf675 "sunxi: add support for Banana Pi M3"
Fixes: 3c24a1d423 "sunxi: add support for NanoPi NEO Plus2 board"
Fixes: a689307c97 "sunxi: build image/uboot for the NanoPi NEO2"
Fixes: fde68cb809 "sunxi: add support for FriendlyARM NanoPi R1S H5"
Fixes: 3ec468ff4f "sunxi: add F1C100 (arm926ej-s) support"
Signed-off-by: Mario Andrés Pérez <mapb_@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/21095
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d871e95e7f)
This reverts commit c25265953b.
Linking of libpsx.so from libcap 2.77 fails on powerpc 464fp. Revert
back to the older version which works.
Bug report: https://bugzilla.kernel.org/show_bug.cgi?id=220860
Fixes: c25265953b ("libcap: update to 2.77")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5b0617ae1f)
Convert to MBit/s like all other fields and specify the unit.
Most users probably aren't aware that this is in kilobits/s.
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/20567
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 36da03a6c1)
This is a trivial change to allow users to use 'list' on iface.
Old wifi-scripts already implements this, so this just ensures
that shell-based and ucode wifi-scripts are on-par with each other.
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/20977
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 1ead4e6e16)
When iface is omitted, wifi-vlan will apply to all interfaces.
However, netifd.set_vlan call is not successful as it assumes
that every wifi-vlan section corresponds to one VIF.
For this reason in the wifi-vlan case (cur_type == "vlan")
we create a composite key in the form `${vif.name}/${vlan.name}`
allowing the same vlan section to correspond to multiple VAPs.
`/` was decided as a delimiter as it is an invalid character
for a network interface name and UCI identifier; so it is
impossible for it to cause conflicts.
It was verified that the `ubus call network.wireless status`
works as expected with this change. Moreover, wifi-station
is not susceptible to this problem.
This also means that it is now possible for wifi-vlan
to support `list` iface similar to old shell-based wifi-scripts.
This will be done in a follow-up commit.
Fixes: 98435a37a7 ("wifi-scripts: iface should be optional in wifi-vlan definition")
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/20977
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 211b11a56e)
c6202981872e ipq5018: use correct board for GL-iNet B3000 IPQ5018 radio
ec72376cadf1 qca4019: Add Meraki Underdog
059b7114c77b ipq6018: add tp-link eap620hd v2
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit b4bc9ed318)
This allows an optional tag to be put in the .config file which is
included in the filename of the resulting images, so it's easier to
build images with different functionality for the same target hardware.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Link: https://github.com/openwrt/openwrt/pull/20984
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 24b8db118b)
We drop patch 0020-apk-fix-compile: integrated at source.
Compressed help now functions normally.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21127
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit b15628ec80)
The previous logic was copied from 12_network-generate-ula, but fails to
account for upgrades where the "auto" value isn't set (it is set by
base-files/files/bin/config_generate). Fix this to always set the
default duid if it isn't set.
Also, rename the file to better reflect what it does.
Closes: #21029
Fixes: a660a076db ("base-files: generate a global DHCP DUID")
Link: https://github.com/openwrt/openwrt/pull/21118
Signed-off-by: David Härdeman <david@hardeman.nu>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [fixes,closes tag]
(cherry picked from commit 52fa3728e5)
The DRAM_USE_COMB option is only valid for the MT7988. There
is no DRAM type selection for the MT7987, so remove it.
Fixes: de8fc8b ("arm-trusted-firmware-mediatek: add builds for MT7987")
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Link: https://github.com/openwrt/openwrt/pull/21000
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit bb2d9c1a65)
Add the DDR4_4BG_MODE option, which supports 4GB DDR4 RAM
for the MT7987 and 8GB DDR4 RAM for the MT7988. If this mode
is not enabled, bl2 can only recognize half the size of RAM.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Link: https://github.com/openwrt/openwrt/pull/21000
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f037a2e8bb)
Teaming is a link aggregation implementation similar to bonding, but
it's configured by a userspace program.
Signed-off-by: Qingfang Deng <dqfext@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21120
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8b05db405b)
This commit adds support for the Watchguard Firebox models
T10-W, T15 and T15-W.
CPU: Freescale P1010
RAM: 512MB (T10) / 1024MB (T15)
Flash: 1MB SPI-NOR, 512MB NAND (T10) / 1024MB NAND (T15)
WiFi: 802.11abgn 2T2R AR9582 based Mini-PCIe card (-W models only)
Ethernet: 3x GBE (via AR8033 PHY)
LEDs: 7x hard-wired (6x LAN, 1x Power)
4x GPIO single-colored (Attn/Status/Mode/Failover)
1x GPIO dual-colored (2.4/5G WiFi, -W models only)
Serial: RJ45, Cisco pinout, 115200/8N1
Other: Battery backed RTC
Atmel TPM 1.2 chip (unsupported)
Based on 35f6d79, which introduced Watchguard Firebox T10 support.
The T10 and T15 are identical hardware, with the exception of the T15
having twice the flash and RAM size.
The T10-W and T15-W models have their Mini-PCIe slot populated with an ath9
(AR9582) based WiFi card. The slot is either unpopulated or empty for
non-WiFi models. All required drivers are present by default on the mpc85xx
target, so T10/T10-W resp. T15/T15-W can use the same OpenWrt image.
This commit also introduces the zImage loader from 7d768a9 to boot the
kernel. This is required, since the U-Boot version used in these devices
appears to have a hard limit of 16MB for the kernel size it can handle. The
current kernel size is around 17MB, though, due to kernel page alignment
required for memory protection.
Installation (replaces previous instructions for T10):
1. If the U-Boot password is known, proceed with step 2.
If the U-Boot password is unknown, dump the NOR flash using a SPI
programmer and patch the unknown password to a known one. You can use
blocktrron's Python script:
https://github.com/blocktrron/t10-uboot-patcher/
This script will patch the password to '1234' (without quotes).
Alternatively, you can search for the hashed password in the NOR dump
yourself and overwrite it with a known one. The SHA1 hash is:
E597301A1D89FF3F6D318DBF4DBA0A5ABC5ECBEA
Write the patched NOR dump back to the device.
2. Connect the device via serial cable, power it on and interrupt
the boot process by pressing Ctrl+C. Enter the U-Boot password to access
the CLI.
3. (Optional) Populate the uboot-env partition by entering:
saveenv
This will allow you to use uboot-envtools from within OpenWrt later,
e.g. to increase the loadable kernel size.
The default loadable kernel size is 5MB, the compressed kernel size at
the time of this commit is 3.1MB.
4. Serve the initramfs OpenWrt image from a TFTP server at 10.0.1.13/24,
connected to eth0 (WAN) of the device. File name must be 'uImage'. Boot
with:
tftpboot; bootm;
Make sure to use the correct image for your device (T10 resp. T15)!
5. After booting, connect to OpenWrt on eth1 (LAN) via SSH. Verify
that the UBI partiton is mtd7, format it and install the sysupgrade
image.
$ cat /proc/mtd
$ ubiformat /dev/mtd7 -y
$ sysupgrade -n <path to sysupgrade.bin>
6. The device should now boot OpenWrt from NAND flash. Enjoy.
Back to stock:
Use the vendor recovery procedure.
Stock recovery might also be necessary in case you have accidentally used
the fw_setenv command from within OpenWrt without using saveenv in U-Boot
first.
In order to use the vendor firmware recovery procedure, the NAND partitions
mtd3 to mtd6 must remain intact. Make sure not to overwrite them, or keep
dumps of them for later recovery.
Signed-off-by: Shine <4c.fce2@proton.me>
Link: https://github.com/openwrt/openwrt/pull/16776
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit be7aa5bda4)
Update to latest release.
Add patch `003-Revert-libcap-Add-build-ldflags-to-_makenames-rule.patch`
to fix errors in the form of:
```
/usr/bin/ld.bfd: /external-toolchain/openwrt-toolchain-x86-64_gcc-14.3.0_musl.Linux-x86_64/toolchain-x86_64_gcc-14.3.0_musl/lib/libc.a(__stack_chk_fail.o): relocation R_X86_64_32 against symbol `__stack_chk_guard' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld.bfd: /external-toolchain/openwrt-toolchain-x86-64_gcc-14.3.0_musl.Linux-x86_64/toolchain-x86_64_gcc-14.3.0_musl/lib/libc.a(strerror.o): relocation R_X86_64_32 against `.rodata.errmsgstr' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld.bfd: /external-toolchain/openwrt-toolchain-x86-64_gcc-14.3.0_musl.Linux-x86_64/toolchain-x86_64_gcc-14.3.0_musl/lib/libc.a(realloc.o): relocation R_X86_64_32S against hidden symbol `__malloc_size_classes' can not be used when making a PIE object
/usr/bin/ld.bfd: /external-toolchain/openwrt-toolchain-x86-64_gcc-14.3.0_musl.Linux-x86_64/toolchain-x86_64_gcc-14.3.0_musl/lib/libc.a(__stdout_write.o): relocation R_X86_64_32S against hidden symbol `__stdio_write' can not be used when making a PIE object
/usr/bin/ld.bfd: /external-toolchain/openwrt-toolchain-x86-64_gcc-14.3.0_musl.Linux-x86_64/toolchain-x86_64_gcc-14.3.0_musl/lib/libc.a(ofl.o): relocation R_X86_64_32 against `.bss.ofl_lock' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld.bfd: /external-toolchain/openwrt-toolchain-x86-64_gcc-14.3.0_musl.Linux-x86_64/toolchain-x86_64_gcc-14.3.0_musl/lib/libc.a(stderr.o): warning: relocation against `__stderr_FILE' in read-only section `.rodata.stderr'
/usr/bin/ld.bfd: /usr/lib/gcc/x86_64-linux-gnu/10/../../../x86_64-linux-gnu/Scrt1.o: in function `_start':
(.text+0x12): undefined reference to `__libc_csu_fini'
/usr/bin/ld.bfd: (.text+0x19): undefined reference to `__libc_csu_init'
collect2: error: ld returned 1 exit status
```
Changes: https://git.kernel.org/pub/scm/libs/libcap/libcap.git/diff/?id=v1.2.77&id2=v1.2.69&dt=2
The apk size did not increase much:
Old size for armsr/armv8:
16245 libcap-2.69-r1.apk
new size for armsr/armv8:
16315 libcap-2.77-r1.apk
Signed-off-by: Nick Hainke <vincent@systemli.org>
Link: https://github.com/openwrt/openwrt/pull/20881
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
