OpenWrt 23.05.0-rc4 Changelog
This changelog lists all commits done in OpenWrt since the v23.05.0-rc3 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 23.05.0-rc4 release.
See also the release notes that provide a more accessible overview of the main changes in 23.05.0-rc4.
Build System / Buildroot (5 changes)
3c1721a
kernel: bump 5.15 to 5.15.128 (+15,-15)
8bf25db
kernel: bump 5.15 to 5.15.129 (+11,-11)
e685162
kernel: bump 5.15 to 5.15.130 (+2,-2)
442f740
kernel: bump 5.15 to 5.15.131 (+7,-7)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
Build System / Host Utilities (2 changes)
Build System / Toolchain (2 changes)
Kernel (12 changes)
56827da
kernel: allow adding devices without hw offload to a hw flowtable (+29)
3c1721a
kernel: bump 5.15 to 5.15.128 (+15,-15)
8bf25db
kernel: bump 5.15 to 5.15.129 (+11,-11)
cf08db9
generic: backport initial LEDs hw control support (+2.7K,-32)
625d19c
generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
5edeb1e
kernel: add vhost-net module (+24)
c79854e
kernel: vfio: remove unneeded enable_unsafe_noiommu_mode parameter (-2)
3c8825e
kernel: enable vfio and vfio-pci for armsr-armv8 (+2,-2)
d536f39
kernel: ensure VFIO related suboptions are disabled (+3)
7e55f20
kernel: backport support for renaming netdevs while up (+159,-23)
442f740
kernel: bump 5.15 to 5.15.131 (+7,-7)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
Packages / Boot Loaders (9 changes)
f445c38
mediatek: filogic: wax220: cleanup device tree (+47,-52)
35d123a
uboot-mediatek: build fully-featured U-Boot for MT7988 RFB (+342,-16)
c8c1805
uboot-mediatek: add builds for UniFi 6 LR v2 and v3 (+641,-13)
d052d40
uboot-mediatek: fix dependency on TF-A for MT7988 RFB (sdmmc) (+1,-1)
a2ffbc8
arm-trusted-firmware-mediatek: enable built-in 2.5G PHY on MT7988 (+11)
0cb2ff5
uboot-mediatek: sync mtk-snand driver with SDK (+26,-6)
a7449e5
arm-trusted-firmware-mediatek: fix hang on reboot on MT7622 (+29,-1)
0165daf
uboot-envtools: ramips: add support for ALFA Network AX1800RM (+4,-3)
679f89a
treewide: Add extra CPE identifier (+4)
Packages / Common (20 changes)
f493987
nettle: update to 3.9.1 (+2,-2)
736e3b8
urngd: update to the latest master (+3,-3)
⇒ 7aefb47
jitterentropy-rngd: update to the v1.2.0 (+1,-1)
9af2ad5
ucode: update to the latest version (+3,-3)
⇒ 9986b83
ci: unbreak failing builds by using fixed gh-actions-openwrt-ci-sdk (+2,-2)
⇒ 77c961e
ci: fix broken imx6-generic SDK build (+2,-2)
⇒ 86107a6
ci: cancel concurrent builds (+8)
⇒ ed543d8
ci: update the workflows (+12,-12)
⇒ b934ce8
program: fix memory leak in read_sourceinfo (+4,-1)
⇒ 740e250
main: add user specified library search paths before default path (+4,-4)
⇒ 15f1a66
struct: remove state->len (+1,-6)
⇒ 29edb01
ubus: add support for strings containing null bytes (+3,-2)
⇒ 2b4346b
vm: clear vm->alloc_refs in uc_gc_common (+2,-2)
⇒ 66520eb
vm: immediately release arguments on calls with invalid spreads (+2)
⇒ 07cc72a
README.md: fix debian dependencies (+1,-1)
⇒ d048ea8
compiler: fix memory leak in uc_compiler_compile_import on early exit (+2)
⇒ d656d15
types: implement ucv_object_sort() (+43)
⇒ d72eebe
lib: support object ordering in `uc_sort()` (+117,-15)
⇒ ed1f013
nl80211: add constants for iftypes (+12)
9720b09
hostapd: backport from master, including ucode based reload support (+5.5K,-1.9K)
⇒ 8e6485a
PEAP client: Update Phase 2 authentication requirements (+63,-3)
⇒ de9a11f
TTLS client: Support phase2_auth=2 (+27,-1)
⇒ b2a1e7f
tests: PEAP and TTLS phase2_auth behavior (+66,-4)
⇒ 518ae8c
P2P: Do not print control characters in debug (+21,-2)
⇒ a4c133e
WPS: Optimize attribute parsing workaround (+12,-1)
⇒ 7a37a94
Check whether element parsing has failed (+22,-11)
⇒ f80d833
ACS: Remove invalid debug print (-6)
⇒ fb2b785
FILS: Fix HE MCS field initialization (+1,-1)
⇒ 50ee26f
P2P: Check p2p_channel_select() return value (+6,-5)
⇒ a50d1ea
Add QCA vendor attributes for user defined power save parameters (+53,-2)
⇒ 4636476
Set RRM used config if the (Re)Association Request frame has RRM IE (+2)
⇒ e53d44a
AP MLD: Use STA assoc link address in external auth status to the driver (+9,-1)
⇒ 99a96b2
AP MLD: OWE when SME is offloaded to the driver (+78,-9)
⇒ 96deacf
nl80211: Skip STA MLO link channel switch handling in AP mode (+1,-1)
⇒ d320692
AP MLD: Handle new STA event when using SME offload to the driver (+256,-22)
⇒ faee8b9
tests: Fix eht_mld_sae_legacy_client to restore sae_pwe (+11,-7)
⇒ + 99 more...
98d0ee9
hostapd: fix FILS key mgmt type for WPA3 Enterprise 192 bit (+4)
6798f15
hostapd: support eap-eap2 and eap2 auth_type values (+15,-7)
90d5961
hostapd: remove eap-eap192 auth type value (+4,-12)
5e3f86a
hostapd: select libopenssl-legacy for openssl variants (+8,-7)
09b9d73
hostapd: use phy name for hostapd interfaces instead of first-bss ifname (+21,-9)
6019945
hostapd: fix a crash when disabling an interface during channel list update (+32,-4)
eda1545
hostapd: add missing NULL pointer check in uc_hostapd_iface_stop (+3)
fe1028e
hostapd: fix wpa_supplicant bringup with non-nl80211 drivers (+17)
2f30dec
hostapd: fix patch rebase after a crash fix (+5,-5)
912eded
openssl: update to 3.0.11 (+2,-2)
849f0ea
hostapd: fix rare crash with AP+STA and ACS enabled (+14,-13)
7823414
hostapd: fix mac address of interfaces created via wdev.uc (+1,-1)
388d213
packages: assign PKG_CPE_ID for all missing packages (+14)
679f89a
treewide: Add extra CPE identifier (+4)
02ed2b0
hostapd: fix wpa_supplicant mac address allocation on ap+sta (+10,-9)
7fe85ce
hostapd: increase PKG_RELEASE to fix builds (+1,-1)
Packages / Firmware (4 changes)
b9c9468
Revert "ath11k-firmware: update to stable WLAN.HK.2.9.0.1-01837" (+5,-5)
a684b51
ipq40xx: refactor ZTE MF287 series (+260,-7)
4c2f44c
wireless-regdb: update to 2023.09.01 (+2,-2)
388d213
packages: assign PKG_CPE_ID for all missing packages (+14)
Packages / OpenWrt base files (2 changes)
6577b55
base-files: sysupgrade: Add 2 sec sleep into process KILL loop (+1,-1)
83bf45e
package: base-files: turn error into warning (+1,-2)
Packages / OpenWrt network userland (4 changes)
a701e6e
netifd: update to the latest version (+3,-3)
⇒ 077e05f
vlan/vlandev: pass through extra vlan information passed via hotplug (+4)
⇒ 40fad91
wireless: add network_vlan config attribute (+14,-2)
⇒ 1571e18
bridge: add support for configuring extra tagged vlans on member devices (+79,-10)
⇒ b719f18
bridge: make hotplug-added vlans default to tagged (+5,-5)
⇒ edf3ace
bridge: add support for adding vlan ranges via hotplug (+82,-25)
⇒ 493e158
bridge: fix coverity false positive report (+5,-2)
⇒ 03a6199
bridge: add support for configuring extra vlans for the bridge itself (+7,-2)
⇒ 4bea6d2
wireless: fix changing reconf/serialize options in configuration (+2)
⇒ 255b4d5
wireless: fix handling config reload with reconf=1 (+6,-1)
⇒ 1ab992a
wireless: fix another reconf issue (+11,-6)
⇒ e94f7a8
bridge: fix config reload on 32 bit systems (+13,-13)
⇒ 8c2758b
wireless: add support for replacing data blobs at runtime (+1,-3)
⇒ 0ff22a6
wireless: enable dynamic reconfiguration by default (+1,-1)
⇒ 4711f74
netifd: fix disabling radio via config if reconf is being used (+1,-1)
6e09f88
netifd: update to the latest version (+3,-3)
⇒ db3934d
scripts/netifd-wireless.sh: properly fix WPA3 Enterprise support (+6,-9)
0d1859c
netifd: update to the latest version (+3,-36)
⇒ f429bd9
system-linux: switch to new ETHTOOL_xLINKSETTINGS API (+442,-87)
⇒ 1a07f1d
make_ethtool_modes_h.sh: apply anti-bashism (+8,-9)
⇒ 3d425f1
wireless: rework and fix vlan/station config reload handling (+135,-144)
⇒ 88a3a9e
wireless: clean up prev_config handling (+2,-13)
⇒ afcd382
wireless: dynamically enable/disable virtual interfaces base on network inter... (+72,-5)
829196e
netifd: update to the latest version (+3,-3)
⇒ 7a58b99
wireless: update prev_config on SET_DATA notify (+9)
Packages / OpenWrt system userland (2 changes)
263583d
ubus: update to the latest version (+3,-3)
⇒ f787c97
libubus: add missing uloop_fd_delete call in ubus_shutdown (+1)
2d812f0
procd: create /dev/fd symlink (+2,-1)
Target / ath25 (1 change)
442f740
kernel: bump 5.15 to 5.15.131 (+7,-7)
Target / ath79 (4 changes)
7eda621
ath79: rework Netgear nand devices image recipe (+4,-3)
d792d20
ath79: fix first reboot issue on Netgear WNDR4300 v2 and WNDR4500 v3 (+50,-3)
c3be832
ath79: fix packetloss on some WLR-7100 (+2)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
Target / bcm27xx (4 changes)
3c1721a
kernel: bump 5.15 to 5.15.128 (+15,-15)
8bf25db
kernel: bump 5.15 to 5.15.129 (+11,-11)
cf08db9
generic: backport initial LEDs hw control support (+2.7K,-32)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
Target / bcm47xx (2 changes)
Target / bcm53xx (1 change)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
Target / ipq40xx (7 changes)
e658eee
ipq4019: add support for ZTE MF287 Pro aka DreiNeo Pro (+476,-179)
cf08db9
generic: backport initial LEDs hw control support (+2.7K,-32)
625d19c
generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
385a50f
ipq40xx: fix image building for ZTE MF287 series (+1,-1)
a684b51
ipq40xx: refactor ZTE MF287 series (+260,-7)
457a12a
ipq40xx: ZTE MF287 series: move to gpio-export for modem-reset GPIO (+20,-27)
39320d4
ipq40xx: ZTE MF287 fix sysupgrade (+1)
Target / ipq806x (4 changes)
cf08db9
generic: backport initial LEDs hw control support (+2.7K,-32)
10aee60
ipq806x: Correct OnHub sysupgrade config logic (+1,-1)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
34d8a7f
ipq806x: 5.15: revert upstream commit to fix #11676 (+155)
Target / layerscape (2 changes)
cf08db9
generic: backport initial LEDs hw control support (+2.7K,-32)
625d19c
generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
Target / mediatek (16 changes)
9ed0199
mediatek: add missing packages for Acer Predator W6 (+1,-1)
99d9519
mediatek: enable NWA50AX Pro eth LEDs (+3)
16aecc1
mediatek: filogic: wax220: support factory image (+44,-7)
f445c38
mediatek: filogic: wax220: cleanup device tree (+47,-52)
e74a4b5
mediatek: enable NMBM remapping for NWA50AX Pro UBI (-4)
cf08db9
generic: backport initial LEDs hw control support (+2.7K,-32)
88c12d6
mediatek: re-add dropped properties on BPi-R3 (+25,-11)
5a97209
mediatek: i2c: mt65xx: allow optional pmic clock (+45)
ffede12
mediatek: filogic: improve pinctrl drivers (+32,-31)
87ef305
mediatek: improve mt7981.dtsi (+52,-19)
ed370ec
mediatek: generate bootloader artifacts for mt7988_rfb (+995,-284)
230c09d
mediatek: add support for Ubiquiti UniFi 6 LR v3 (+316,-27)
625d19c
generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
3967c26
mediatek: filogic: remove stray quote (+1,-1)
b2d264d
mediatek: mt7622: set DEVICE_DTC_ADDR for BPi-R64 (+1)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
Target / mpc85xx (4 changes)
cf08db9
generic: backport initial LEDs hw control support (+2.7K,-32)
43e9cde
mpc85xx: correct WS-AP3715i eth LED assignment (+4,-1)
f4e4943
mpc85xx: drop WS-AP3715i label-mac (-1)
186747a
mpc85xx: add Enterasys WS-AP3715i reset button (+11)
Target / mvebu (2 changes)
6897270
mvebu: add reset delays of PHYs for Fortinet FortiGate 50E (+4)
06ff4dd
mvebu: cortexa72: enable USB PHY (+1)
Target / pistachio (1 change)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
Target / ramips (7 changes)
cf08db9
generic: backport initial LEDs hw control support (+2.7K,-32)
625d19c
generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
9df9126
ramips: pinctrl: support requesting different functions for same group (+45)
3cc2232
ramips: add support for ALFA Network AX1800RM (+256,-28)
2dc284a
ramips: RT1800: fix invalid octal number error (+1,-1)
442f740
kernel: bump 5.15 to 5.15.131 (+7,-7)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
Target / realtek (3 changes)
cf08db9
generic: backport initial LEDs hw control support (+2.7K,-32)
625d19c
generic: sync MediaTek Ethernet driver with upstream (+4.9K,-3.0K)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
Target / uml (1 change)
dee4e7b
kernel: bump 5.15 to 5.15.132 (+331,-446)
Target / x86 (2 changes)
6c60bbb
x86: geode: fix hwrng register accesses (+47)
c90005c
x86: remove built-in vhost-net driver (-3)
Wireless / Common (4 changes)
4f1a7e8
mac80211: rework MT7620 PA/LNA RF calibration (+434)
cdc8470
mac80211: fix MT7620 Wi-Fi channel scanning function (+36,-57)
9720b09
hostapd: backport from master, including ucode based reload support (+5.5K,-1.9K)
⇒ 8e6485a
PEAP client: Update Phase 2 authentication requirements (+63,-3)
⇒ de9a11f
TTLS client: Support phase2_auth=2 (+27,-1)
⇒ b2a1e7f
tests: PEAP and TTLS phase2_auth behavior (+66,-4)
⇒ 518ae8c
P2P: Do not print control characters in debug (+21,-2)
⇒ a4c133e
WPS: Optimize attribute parsing workaround (+12,-1)
⇒ 7a37a94
Check whether element parsing has failed (+22,-11)
⇒ f80d833
ACS: Remove invalid debug print (-6)
⇒ fb2b785
FILS: Fix HE MCS field initialization (+1,-1)
⇒ 50ee26f
P2P: Check p2p_channel_select() return value (+6,-5)
⇒ a50d1ea
Add QCA vendor attributes for user defined power save parameters (+53,-2)
⇒ 4636476
Set RRM used config if the (Re)Association Request frame has RRM IE (+2)
⇒ e53d44a
AP MLD: Use STA assoc link address in external auth status to the driver (+9,-1)
⇒ 99a96b2
AP MLD: OWE when SME is offloaded to the driver (+78,-9)
⇒ 96deacf
nl80211: Skip STA MLO link channel switch handling in AP mode (+1,-1)
⇒ d320692
AP MLD: Handle new STA event when using SME offload to the driver (+256,-22)
⇒ faee8b9
tests: Fix eht_mld_sae_legacy_client to restore sae_pwe (+11,-7)
⇒ + 99 more...
8b385a4
mac80211: fix AP reconfiguration on DFS channels in non-ETSI regdomain (+151,-2)
Wireless / MT76 (1 change)
104178a
mt76: update to the latest version (+30,-6)
⇒ bdf7ca5
wifi: mt76: mt7921: move common register definition in mt792x_regs.h (+463,-440)
⇒ ae15d5c
wifi: mt76: mt7921: convert acpisar and clc pointers to void (+5,-5)
⇒ 02515b6
wifi: mt76: mt7921: rename mt7921_vif in mt792x_vif (+45,-45)
⇒ 6ed8a8b
wifi: mt76: mt7921: rename mt7921_sta in mt792x_sta (+32,-32)
⇒ 80234e6
wifi: mt76: mt7921: rename mt7921_phy in mt792x_phy (+72,-72)
⇒ 2485b42
wifi: mt76: mt7921: rename mt7921_dev in mt792x_dev (+282,-282)
⇒ c6fd7cd
wifi: mt76: mt7921: rename mt7921_hif_ops in mt792x_hif_ops (+5,-5)
⇒ 1a1a57b
wifi: mt76: mt792x: move shared structure definition in mt792x.h (+130,-110)
⇒ 68508aa
wifi: mt76: mt7921: move mt792x_mutex_{acquire/release} in mt792x.h (+103,-103)
⇒ ff306af
wifi: mt76: mt7921: move mt792x_hw_dev in mt792x.h (+43,-43)
⇒ 4b49d65
wifi: mt76: mt7921: Replace fake flex-arrays with flexible-array members (+5,-5)
⇒ 93f821c
wifi: mt76: mt792x: introduce mt792x-lib module (+759,-694)
⇒ de7b907
wifi: mt76: mt7921: move mac shared code in mt792x-lib module (+187,-184)
⇒ c68ee8a
wifi: mt76: mt7921: move dma shared code in mt792x-lib module (+119,-111)
⇒ 8d56181
wifi: mt76: mt7921: move debugfs shared code in mt792x-lib module (+183,-172)
⇒ 0034ae2
wifi: mt76: mt7921: move init shared code in mt792x-lib module (+288,-261)
⇒ + 21 more...
Addressed bugs
#11676
Description: ipq806x: Major traffic speed regression on Netgear R7800 after upgrading to kernel 5.15
Link: https://github.com/openwrt/openwrt/issues/11676
Commits:
34d8a7f
ipq806x: 5.15: revert upstream commit to fix #11676 (+155)
#13391
Description: Problem with WAN ports going down when network restarts in fortigate 50e.
Link: https://github.com/openwrt/openwrt/issues/13391
Commits:
6897270
mvebu: add reset delays of PHYs for Fortinet FortiGate 50E (+4)
#13409
Description: OnHub devices do not upgrade properly due to improper code
Link: https://github.com/openwrt/openwrt/issues/13409
Commits:
10aee60
ipq806x: Correct OnHub sysupgrade config logic (+1,-1)
Security fixes
CVE-2023-4807
Description: Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4807
Commits:
912eded
openssl: update to 3.0.11 (+2,-2)