mirror of
https://github.com/hanwckf/immortalwrt-mt798x.git
synced 2025-01-08 10:23:47 +08:00
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
This commit is contained in:
commit
e8492b9f83
@ -114,9 +114,17 @@ generate_network() {
|
||||
add network device
|
||||
set network.@device[-1].name='br-$1'
|
||||
set network.@device[-1].type='bridge'
|
||||
set network.@device[-1].macaddr='$macaddr'
|
||||
EOF
|
||||
for port in $ports; do uci add_list network.@device[-1].ports="$port"; done
|
||||
[ -n "$macaddr" ] && {
|
||||
for port in $ports; do
|
||||
uci -q batch <<-EOF
|
||||
add network device
|
||||
set network.@device[-1].name='$port'
|
||||
set network.@device[-1].macaddr='$macaddr'
|
||||
EOF
|
||||
done
|
||||
}
|
||||
device=br-$1
|
||||
type=
|
||||
macaddr=""
|
||||
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=wolfssl
|
||||
PKG_VERSION:=4.7.0-stable
|
||||
PKG_RELEASE:=1
|
||||
PKG_RELEASE:=2
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
|
||||
|
50
package/libs/wolfssl/patches/200-ecc-rng.patch
Normal file
50
package/libs/wolfssl/patches/200-ecc-rng.patch
Normal file
@ -0,0 +1,50 @@
|
||||
Since commit 6467de5a8840 ("Randomize z ordinates in scalar
|
||||
mult when timing resistant") wolfssl requires a RNG for an EC
|
||||
key when the hardened built option is selected.
|
||||
|
||||
wc_ecc_set_rng is only available when built hardened, so there
|
||||
is no safe way to install the RNG to the key regardless whether
|
||||
or not wolfssl is compiled hardened.
|
||||
|
||||
Always export wc_ecc_set_rng so tools such as hostapd can install
|
||||
RNG regardless of the built settings for wolfssl.
|
||||
|
||||
--- a/wolfcrypt/src/ecc.c
|
||||
+++ b/wolfcrypt/src/ecc.c
|
||||
@@ -10293,21 +10293,21 @@ void wc_ecc_fp_free(void)
|
||||
|
||||
#endif /* FP_ECC */
|
||||
|
||||
-#ifdef ECC_TIMING_RESISTANT
|
||||
int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng)
|
||||
{
|
||||
int err = 0;
|
||||
|
||||
+#ifdef ECC_TIMING_RESISTANT
|
||||
if (key == NULL) {
|
||||
err = BAD_FUNC_ARG;
|
||||
}
|
||||
else {
|
||||
key->rng = rng;
|
||||
}
|
||||
+#endif
|
||||
|
||||
return err;
|
||||
}
|
||||
-#endif
|
||||
|
||||
#ifdef HAVE_ECC_ENCRYPT
|
||||
|
||||
--- a/wolfssl/wolfcrypt/ecc.h
|
||||
+++ b/wolfssl/wolfcrypt/ecc.h
|
||||
@@ -584,10 +584,8 @@ WOLFSSL_API
|
||||
void wc_ecc_fp_free(void);
|
||||
WOLFSSL_LOCAL
|
||||
void wc_ecc_fp_init(void);
|
||||
-#ifdef ECC_TIMING_RESISTANT
|
||||
WOLFSSL_API
|
||||
int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng);
|
||||
-#endif
|
||||
|
||||
WOLFSSL_API
|
||||
int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id);
|
@ -7,7 +7,7 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=hostapd
|
||||
PKG_RELEASE:=32
|
||||
PKG_RELEASE:=33
|
||||
|
||||
PKG_SOURCE_URL:=http://w1.fi/hostap.git
|
||||
PKG_SOURCE_PROTO:=git
|
||||
|
@ -0,0 +1,48 @@
|
||||
From 21ce83b4ae2b9563175fdb4fc4312096cc399cf8 Mon Sep 17 00:00:00 2001
|
||||
From: David Bauer <mail@david-bauer.net>
|
||||
Date: Wed, 5 May 2021 00:44:34 +0200
|
||||
Subject: [PATCH] wolfssl: add RNG to EC key
|
||||
|
||||
Since upstream commit 6467de5a8840 ("Randomize z ordinates in
|
||||
scalar mult when timing resistant") WolfSSL requires a RNG for
|
||||
the EC key when built hardened which is the default.
|
||||
|
||||
Set the RNG for the EC key to fix connections for OWE clients.
|
||||
|
||||
Signed-off-by: David Bauer <mail@david-bauer.net>
|
||||
---
|
||||
src/crypto/crypto_wolfssl.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c
|
||||
index 2e4bf8962..ed2528159 100644
|
||||
--- a/src/crypto/crypto_wolfssl.c
|
||||
+++ b/src/crypto/crypto_wolfssl.c
|
||||
@@ -1303,6 +1303,7 @@ int ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R,
|
||||
|
||||
struct crypto_ec {
|
||||
ecc_key key;
|
||||
+ WC_RNG rng;
|
||||
mp_int a;
|
||||
mp_int prime;
|
||||
mp_int order;
|
||||
@@ -1357,6 +1358,8 @@ struct crypto_ec * crypto_ec_init(int group)
|
||||
return NULL;
|
||||
|
||||
if (wc_ecc_init(&e->key) != 0 ||
|
||||
+ wc_InitRng(&e->rng) != 0 ||
|
||||
+ wc_ecc_set_rng(&e->key, &e->rng) != 0 ||
|
||||
wc_ecc_set_curve(&e->key, 0, curve_id) != 0 ||
|
||||
mp_init(&e->a) != MP_OKAY ||
|
||||
mp_init(&e->prime) != MP_OKAY ||
|
||||
@@ -1388,6 +1391,7 @@ void crypto_ec_deinit(struct crypto_ec* e)
|
||||
mp_clear(&e->order);
|
||||
mp_clear(&e->prime);
|
||||
mp_clear(&e->a);
|
||||
+ wc_FreeRng(&e->rng);
|
||||
wc_ecc_free(&e->key);
|
||||
os_free(e);
|
||||
}
|
||||
--
|
||||
2.31.1
|
||||
|
@ -18,19 +18,33 @@ work_dir = Path(getenv("WORK_DIR"))
|
||||
|
||||
output = {}
|
||||
|
||||
|
||||
def get_initial_output(image_info):
|
||||
# preserve existing profiles.json
|
||||
if output_path.is_file():
|
||||
profiles = json.loads(output_path.read_text())
|
||||
if profiles["version_code"] == image_info["version_code"]:
|
||||
return profiles
|
||||
return image_info
|
||||
|
||||
|
||||
for json_file in work_dir.glob("*.json"):
|
||||
image_info = json.loads(json_file.read_text())
|
||||
|
||||
if not output:
|
||||
output.update(image_info)
|
||||
else:
|
||||
# get first (and only) profile in json file
|
||||
device_id = next(iter(image_info["profiles"].keys()))
|
||||
output = get_initial_output(image_info)
|
||||
|
||||
# get first and only profile in json file
|
||||
device_id, profile = next(iter(image_info["profiles"].items()))
|
||||
if device_id not in output["profiles"]:
|
||||
output["profiles"].update(image_info["profiles"])
|
||||
output["profiles"][device_id] = profile
|
||||
else:
|
||||
output["profiles"][device_id]["images"].append(
|
||||
image_info["profiles"][device_id]["images"][0]
|
||||
)
|
||||
output["profiles"][device_id]["images"].extend(profile["images"])
|
||||
|
||||
# make image lists unique by name, keep last/latest
|
||||
for device_id, profile in output.get("profiles", {}).items():
|
||||
profile["images"] = list({e["name"]: e for e in profile["images"]}.values())
|
||||
|
||||
|
||||
if output:
|
||||
default_packages, output["arch_packages"] = run(
|
||||
|
@ -0,0 +1,25 @@
|
||||
PHY capabilities are currently read from the fiber status page, thus
|
||||
Linux won't advertise 10 / 100 Base-T operation modes, effectively
|
||||
limiting operation to 1000 Base-T.
|
||||
|
||||
Statically set the PHYs capabilities, avoiding autodetection.
|
||||
|
||||
The issue itself is properly fixed kernel upstream, however backporting
|
||||
efforts to OpenWrt master resulted in breaking the fiber operation for
|
||||
another target.
|
||||
|
||||
This is currently only known to be necessary for the Ubiquiti
|
||||
UniFi AC series, so enabling it in the ath79 target should not
|
||||
break somewhere else.
|
||||
|
||||
--- a/drivers/net/phy/at803x.c
|
||||
+++ b/drivers/net/phy/at803x.c
|
||||
@@ -497,7 +497,7 @@ static struct phy_driver at803x_driver[]
|
||||
.get_wol = at803x_get_wol,
|
||||
.suspend = at803x_suspend,
|
||||
.resume = at803x_resume,
|
||||
- /* PHY_GBIT_FEATURES */
|
||||
+ .features = PHY_GBIT_FEATURES,
|
||||
.read_status = at803x_read_status,
|
||||
.aneg_done = at803x_aneg_done,
|
||||
.ack_interrupt = &at803x_ack_interrupt,
|
@ -22,6 +22,7 @@ KERNELNAME:=Image dtbs
|
||||
|
||||
DEFAULT_PACKAGES += \
|
||||
bcm4908img \
|
||||
kmod-gpio-button-hotplug \
|
||||
kmod-usb-ohci kmod-usb2 kmod-usb3
|
||||
|
||||
$(eval $(call BuildTarget))
|
||||
|
@ -0,0 +1,43 @@
|
||||
From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
|
||||
Date: Tue, 22 Jun 2021 07:05:04 +0200
|
||||
Subject: [PATCH] net: broadcom: bcm4908_enet: reset DMA rings sw indexes
|
||||
properly
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Resetting software indexes in bcm4908_dma_alloc_buf_descs() is not
|
||||
enough as it's called during device probe only. Driver resets DMA on
|
||||
every .ndo_open callback and it's required to reset indexes then.
|
||||
|
||||
This fixes inconsistent rings state and stalled traffic after interface
|
||||
down & up sequence.
|
||||
|
||||
Fixes: 4feffeadbcb2 ("net: broadcom: bcm4908enet: add BCM4908 controller driver")
|
||||
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
||||
---
|
||||
drivers/net/ethernet/broadcom/bcm4908_enet.c | 6 +++---
|
||||
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
--- a/drivers/net/ethernet/broadcom/bcm4908_enet.c
|
||||
+++ b/drivers/net/ethernet/broadcom/bcm4908_enet.c
|
||||
@@ -174,9 +174,6 @@ static int bcm4908_dma_alloc_buf_descs(s
|
||||
if (!ring->slots)
|
||||
goto err_free_buf_descs;
|
||||
|
||||
- ring->read_idx = 0;
|
||||
- ring->write_idx = 0;
|
||||
-
|
||||
return 0;
|
||||
|
||||
err_free_buf_descs:
|
||||
@@ -303,6 +300,9 @@ static void bcm4908_enet_dma_ring_init(s
|
||||
|
||||
enet_write(enet, ring->st_ram_block + ENET_DMA_CH_STATE_RAM_BASE_DESC_PTR,
|
||||
(uint32_t)ring->dma_addr);
|
||||
+
|
||||
+ ring->read_idx = 0;
|
||||
+ ring->write_idx = 0;
|
||||
}
|
||||
|
||||
static void bcm4908_enet_dma_uninit(struct bcm4908_enet *enet)
|
Loading…
x
Reference in New Issue
Block a user