OpenWrt 23.05.0-rc4 Changelog

This changelog lists all commits done in OpenWrt since the v23.05.0-rc3 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 23.05.0-rc4 release.

See also the release notes that provide a more accessible overview of the main changes in 23.05.0-rc4.

3c1721a kernel: bump 5.15 to 5.15.128 (+15,-15)
8bf25db kernel: bump 5.15 to 5.15.129 (+11,-11)
e685162 kernel: bump 5.15 to 5.15.130 (+2,-2)
442f740 kernel: bump 5.15 to 5.15.131 (+7,-7)
dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

9349302 ccache: add missing \ (+1,-1)
1b7d48d tools: assign PKG_CPE_ID (+10)

0ba56ae toolchain: assign PKG_CPE_ID (+6)
ba9b93d toolchain: musl: add PKG_CPE_ID (+1)

56827da kernel: allow adding devices without hw offload to a hw flowtable (+29)
3c1721a kernel: bump 5.15 to 5.15.128 (+15,-15)
8bf25db kernel: bump 5.15 to 5.15.129 (+11,-11)
cf08db9 generic: backport initial LEDs hw control support (+2.7K,-32)
625d19c generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
5edeb1e kernel: add vhost-net module (+24)
c79854e kernel: vfio: remove unneeded enable_unsafe_noiommu_mode parameter (-2)
3c8825e kernel: enable vfio and vfio-pci for armsr-armv8 (+2,-2)
d536f39 kernel: ensure VFIO related suboptions are disabled (+3)
7e55f20 kernel: backport support for renaming netdevs while up (+159,-23)
442f740 kernel: bump 5.15 to 5.15.131 (+7,-7)
dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

f445c38 mediatek: filogic: wax220: cleanup device tree (+47,-52)
35d123a uboot-mediatek: build fully-featured U-Boot for MT7988 RFB (+342,-16)
c8c1805 uboot-mediatek: add builds for UniFi 6 LR v2 and v3 (+641,-13)
d052d40 uboot-mediatek: fix dependency on TF-A for MT7988 RFB (sdmmc) (+1,-1)
a2ffbc8 arm-trusted-firmware-mediatek: enable built-in 2.5G PHY on MT7988 (+11)
0cb2ff5 uboot-mediatek: sync mtk-snand driver with SDK (+26,-6)
a7449e5 arm-trusted-firmware-mediatek: fix hang on reboot on MT7622 (+29,-1)
0165daf uboot-envtools: ramips: add support for ALFA Network AX1800RM (+4,-3)
679f89a treewide: Add extra CPE identifier (+4)

f493987 nettle: update to 3.9.1 (+2,-2)
736e3b8 urngd: update to the latest master (+3,-3)
7aefb47 jitterentropy-rngd: update to the v1.2.0 (+1,-1)
9af2ad5 ucode: update to the latest version (+3,-3)
9986b83 ci: unbreak failing builds by using fixed gh-actions-openwrt-ci-sdk (+2,-2)
77c961e ci: fix broken imx6-generic SDK build (+2,-2)
86107a6 ci: cancel concurrent builds (+8)
ed543d8 ci: update the workflows (+12,-12)
b934ce8 program: fix memory leak in read_sourceinfo (+4,-1)
740e250 main: add user specified library search paths before default path (+4,-4)
15f1a66 struct: remove state->len (+1,-6)
29edb01 ubus: add support for strings containing null bytes (+3,-2)
2b4346b vm: clear vm->alloc_refs in uc_gc_common (+2,-2)
66520eb vm: immediately release arguments on calls with invalid spreads (+2)
07cc72a README.md: fix debian dependencies (+1,-1)
d048ea8 compiler: fix memory leak in uc_compiler_compile_import on early exit (+2)
d656d15 types: implement ucv_object_sort() (+43)
d72eebe lib: support object ordering in `uc_sort()` (+117,-15)
ed1f013 nl80211: add constants for iftypes (+12)
9720b09 hostapd: backport from master, including ucode based reload support (+5.5K,-1.9K)
8e6485a PEAP client: Update Phase 2 authentication requirements (+63,-3)
de9a11f TTLS client: Support phase2_auth=2 (+27,-1)
b2a1e7f tests: PEAP and TTLS phase2_auth behavior (+66,-4)
518ae8c P2P: Do not print control characters in debug (+21,-2)
a4c133e WPS: Optimize attribute parsing workaround (+12,-1)
7a37a94 Check whether element parsing has failed (+22,-11)
f80d833 ACS: Remove invalid debug print (-6)
fb2b785 FILS: Fix HE MCS field initialization (+1,-1)
50ee26f P2P: Check p2p_channel_select() return value (+6,-5)
a50d1ea Add QCA vendor attributes for user defined power save parameters (+53,-2)
4636476 Set RRM used config if the (Re)Association Request frame has RRM IE (+2)
e53d44a AP MLD: Use STA assoc link address in external auth status to the driver (+9,-1)
99a96b2 AP MLD: OWE when SME is offloaded to the driver (+78,-9)
96deacf nl80211: Skip STA MLO link channel switch handling in AP mode (+1,-1)
d320692 AP MLD: Handle new STA event when using SME offload to the driver (+256,-22)
faee8b9 tests: Fix eht_mld_sae_legacy_client to restore sae_pwe (+11,-7)
⇒ + 99 more...
98d0ee9 hostapd: fix FILS key mgmt type for WPA3 Enterprise 192 bit (+4)
6798f15 hostapd: support eap-eap2 and eap2 auth_type values (+15,-7)
90d5961 hostapd: remove eap-eap192 auth type value (+4,-12)
5e3f86a hostapd: select libopenssl-legacy for openssl variants (+8,-7)
09b9d73 hostapd: use phy name for hostapd interfaces instead of first-bss ifname (+21,-9)
6019945 hostapd: fix a crash when disabling an interface during channel list update (+32,-4)
eda1545 hostapd: add missing NULL pointer check in uc_hostapd_iface_stop (+3)
fe1028e hostapd: fix wpa_supplicant bringup with non-nl80211 drivers (+17)
2f30dec hostapd: fix patch rebase after a crash fix (+5,-5)
912eded openssl: update to 3.0.11 (+2,-2)
849f0ea hostapd: fix rare crash with AP+STA and ACS enabled (+14,-13)
7823414 hostapd: fix mac address of interfaces created via wdev.uc (+1,-1)
388d213 packages: assign PKG_CPE_ID for all missing packages (+14)
679f89a treewide: Add extra CPE identifier (+4)
02ed2b0 hostapd: fix wpa_supplicant mac address allocation on ap+sta (+10,-9)
7fe85ce hostapd: increase PKG_RELEASE to fix builds (+1,-1)

b9c9468 Revert "ath11k-firmware: update to stable WLAN.HK.2.9.0.1-01837" (+5,-5)
a684b51 ipq40xx: refactor ZTE MF287 series (+260,-7)
4c2f44c wireless-regdb: update to 2023.09.01 (+2,-2)
388d213 packages: assign PKG_CPE_ID for all missing packages (+14)

6577b55 base-files: sysupgrade: Add 2 sec sleep into process KILL loop (+1,-1)
83bf45e package: base-files: turn error into warning (+1,-2)

a701e6e netifd: update to the latest version (+3,-3)
077e05f vlan/vlandev: pass through extra vlan information passed via hotplug (+4)
40fad91 wireless: add network_vlan config attribute (+14,-2)
1571e18 bridge: add support for configuring extra tagged vlans on member devices (+79,-10)
b719f18 bridge: make hotplug-added vlans default to tagged (+5,-5)
edf3ace bridge: add support for adding vlan ranges via hotplug (+82,-25)
493e158 bridge: fix coverity false positive report (+5,-2)
03a6199 bridge: add support for configuring extra vlans for the bridge itself (+7,-2)
4bea6d2 wireless: fix changing reconf/serialize options in configuration (+2)
255b4d5 wireless: fix handling config reload with reconf=1 (+6,-1)
1ab992a wireless: fix another reconf issue (+11,-6)
e94f7a8 bridge: fix config reload on 32 bit systems (+13,-13)
8c2758b wireless: add support for replacing data blobs at runtime (+1,-3)
0ff22a6 wireless: enable dynamic reconfiguration by default (+1,-1)
4711f74 netifd: fix disabling radio via config if reconf is being used (+1,-1)
6e09f88 netifd: update to the latest version (+3,-3)
db3934d scripts/netifd-wireless.sh: properly fix WPA3 Enterprise support (+6,-9)
0d1859c netifd: update to the latest version (+3,-36)
f429bd9 system-linux: switch to new ETHTOOL_xLINKSETTINGS API (+442,-87)
1a07f1d make_ethtool_modes_h.sh: apply anti-bashism (+8,-9)
3d425f1 wireless: rework and fix vlan/station config reload handling (+135,-144)
88a3a9e wireless: clean up prev_config handling (+2,-13)
afcd382 wireless: dynamically enable/disable virtual interfaces base on network inter... (+72,-5)
829196e netifd: update to the latest version (+3,-3)
7a58b99 wireless: update prev_config on SET_DATA notify (+9)

263583d ubus: update to the latest version (+3,-3)
f787c97 libubus: add missing uloop_fd_delete call in ubus_shutdown (+1)
2d812f0 procd: create /dev/fd symlink (+2,-1)

442f740 kernel: bump 5.15 to 5.15.131 (+7,-7)

7eda621 ath79: rework Netgear nand devices image recipe (+4,-3)
d792d20 ath79: fix first reboot issue on Netgear WNDR4300 v2 and WNDR4500 v3 (+50,-3)
c3be832 ath79: fix packetloss on some WLR-7100 (+2)
dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

3c1721a kernel: bump 5.15 to 5.15.128 (+15,-15)
8bf25db kernel: bump 5.15 to 5.15.129 (+11,-11)
cf08db9 generic: backport initial LEDs hw control support (+2.7K,-32)
dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

8bf25db kernel: bump 5.15 to 5.15.129 (+11,-11)
dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

e658eee ipq4019: add support for ZTE MF287 Pro aka DreiNeo Pro (+476,-179)
cf08db9 generic: backport initial LEDs hw control support (+2.7K,-32)
625d19c generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
385a50f ipq40xx: fix image building for ZTE MF287 series (+1,-1)
a684b51 ipq40xx: refactor ZTE MF287 series (+260,-7)
457a12a ipq40xx: ZTE MF287 series: move to gpio-export for modem-reset GPIO (+20,-27)
39320d4 ipq40xx: ZTE MF287 fix sysupgrade (+1)

cf08db9 generic: backport initial LEDs hw control support (+2.7K,-32)
10aee60 ipq806x: Correct OnHub sysupgrade config logic (+1,-1)
dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)
34d8a7f ipq806x: 5.15: revert upstream commit to fix #11676 (+155)

cf08db9 generic: backport initial LEDs hw control support (+2.7K,-32)
625d19c generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)

9ed0199 mediatek: add missing packages for Acer Predator W6 (+1,-1)
99d9519 mediatek: enable NWA50AX Pro eth LEDs (+3)
16aecc1 mediatek: filogic: wax220: support factory image (+44,-7)
f445c38 mediatek: filogic: wax220: cleanup device tree (+47,-52)
e74a4b5 mediatek: enable NMBM remapping for NWA50AX Pro UBI (-4)
cf08db9 generic: backport initial LEDs hw control support (+2.7K,-32)
88c12d6 mediatek: re-add dropped properties on BPi-R3 (+25,-11)
5a97209 mediatek: i2c: mt65xx: allow optional pmic clock (+45)
ffede12 mediatek: filogic: improve pinctrl drivers (+32,-31)
87ef305 mediatek: improve mt7981.dtsi (+52,-19)
ed370ec mediatek: generate bootloader artifacts for mt7988_rfb (+995,-284)
230c09d mediatek: add support for Ubiquiti UniFi 6 LR v3 (+316,-27)
625d19c generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
3967c26 mediatek: filogic: remove stray quote (+1,-1)
b2d264d mediatek: mt7622: set DEVICE_DTC_ADDR for BPi-R64 (+1)
dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

cf08db9 generic: backport initial LEDs hw control support (+2.7K,-32)
43e9cde mpc85xx: correct WS-AP3715i eth LED assignment (+4,-1)
f4e4943 mpc85xx: drop WS-AP3715i label-mac (-1)
186747a mpc85xx: add Enterasys WS-AP3715i reset button (+11)

6897270 mvebu: add reset delays of PHYs for Fortinet FortiGate 50E (+4)
06ff4dd mvebu: cortexa72: enable USB PHY (+1)

dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

cf08db9 generic: backport initial LEDs hw control support (+2.7K,-32)
625d19c generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
9df9126 ramips: pinctrl: support requesting different functions for same group (+45)
3cc2232 ramips: add support for ALFA Network AX1800RM (+256,-28)
2dc284a ramips: RT1800: fix invalid octal number error (+1,-1)
442f740 kernel: bump 5.15 to 5.15.131 (+7,-7)
dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

cf08db9 generic: backport initial LEDs hw control support (+2.7K,-32)
625d19c generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

dee4e7b kernel: bump 5.15 to 5.15.132 (+331,-446)

6c60bbb x86: geode: fix hwrng register accesses (+47)
c90005c x86: remove built-in vhost-net driver (-3)

4f1a7e8 mac80211: rework MT7620 PA/LNA RF calibration (+434)
cdc8470 mac80211: fix MT7620 Wi-Fi channel scanning function (+36,-57)
9720b09 hostapd: backport from master, including ucode based reload support (+5.5K,-1.9K)
8e6485a PEAP client: Update Phase 2 authentication requirements (+63,-3)
de9a11f TTLS client: Support phase2_auth=2 (+27,-1)
b2a1e7f tests: PEAP and TTLS phase2_auth behavior (+66,-4)
518ae8c P2P: Do not print control characters in debug (+21,-2)
a4c133e WPS: Optimize attribute parsing workaround (+12,-1)
7a37a94 Check whether element parsing has failed (+22,-11)
f80d833 ACS: Remove invalid debug print (-6)
fb2b785 FILS: Fix HE MCS field initialization (+1,-1)
50ee26f P2P: Check p2p_channel_select() return value (+6,-5)
a50d1ea Add QCA vendor attributes for user defined power save parameters (+53,-2)
4636476 Set RRM used config if the (Re)Association Request frame has RRM IE (+2)
e53d44a AP MLD: Use STA assoc link address in external auth status to the driver (+9,-1)
99a96b2 AP MLD: OWE when SME is offloaded to the driver (+78,-9)
96deacf nl80211: Skip STA MLO link channel switch handling in AP mode (+1,-1)
d320692 AP MLD: Handle new STA event when using SME offload to the driver (+256,-22)
faee8b9 tests: Fix eht_mld_sae_legacy_client to restore sae_pwe (+11,-7)
⇒ + 99 more...
8b385a4 mac80211: fix AP reconfiguration on DFS channels in non-ETSI regdomain (+151,-2)

104178a mt76: update to the latest version (+30,-6)
bdf7ca5 wifi: mt76: mt7921: move common register definition in mt792x_regs.h (+463,-440)
ae15d5c wifi: mt76: mt7921: convert acpisar and clc pointers to void (+5,-5)
02515b6 wifi: mt76: mt7921: rename mt7921_vif in mt792x_vif (+45,-45)
6ed8a8b wifi: mt76: mt7921: rename mt7921_sta in mt792x_sta (+32,-32)
80234e6 wifi: mt76: mt7921: rename mt7921_phy in mt792x_phy (+72,-72)
2485b42 wifi: mt76: mt7921: rename mt7921_dev in mt792x_dev (+282,-282)
c6fd7cd wifi: mt76: mt7921: rename mt7921_hif_ops in mt792x_hif_ops (+5,-5)
1a1a57b wifi: mt76: mt792x: move shared structure definition in mt792x.h (+130,-110)
68508aa wifi: mt76: mt7921: move mt792x_mutex_{acquire/release} in mt792x.h (+103,-103)
ff306af wifi: mt76: mt7921: move mt792x_hw_dev in mt792x.h (+43,-43)
4b49d65 wifi: mt76: mt7921: Replace fake flex-arrays with flexible-array members (+5,-5)
93f821c wifi: mt76: mt792x: introduce mt792x-lib module (+759,-694)
de7b907 wifi: mt76: mt7921: move mac shared code in mt792x-lib module (+187,-184)
c68ee8a wifi: mt76: mt7921: move dma shared code in mt792x-lib module (+119,-111)
8d56181 wifi: mt76: mt7921: move debugfs shared code in mt792x-lib module (+183,-172)
0034ae2 wifi: mt76: mt7921: move init shared code in mt792x-lib module (+288,-261)
⇒ + 21 more...

#11676

Description: ipq806x: Major traffic speed regression on Netgear R7800 after upgrading to kernel 5.15
Link: https://github.com/openwrt/openwrt/issues/11676
Commits:
34d8a7f ipq806x: 5.15: revert upstream commit to fix #11676 (+155)

#13391

Description: Problem with WAN ports going down when network restarts in fortigate 50e.
Link: https://github.com/openwrt/openwrt/issues/13391
Commits:
6897270 mvebu: add reset delays of PHYs for Fortinet FortiGate 50E (+4)

#13409

Description: OnHub devices do not upgrade properly due to improper code
Link: https://github.com/openwrt/openwrt/issues/13409
Commits:
10aee60 ipq806x: Correct OnHub sysupgrade config logic (+1,-1)

CVE-2023-4807

Description: Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4807
Commits:
912eded openssl: update to 3.0.11 (+2,-2)

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
  • Last modified: 2023/10/02 22:24
  • by hauke