[bot] AutoMerging: merge all upstream's changes:

* https://github.com/coolsnowwolf/lede:
  x86: swtich kernel to 6.1 by default
  kernel: bump 6.1 to 6.1.5
  ksmbd: Fix ZDI-CAN-18259
  octeontx: add sqaushfs and ramdisk to features
  base-files: add protocol qmi/mbim support for ucidef_set_interface()
  base-files: add helper functions for adding wlan device entries to board.json
  generic: fix silicon labs spidev bindings
  mt76: add stand-alone MT7622 firmware package
  mt76: add stand-alone MT7915 firmware package
  mt76: remove unnecessary dependency from mt7915e
  iwinfo: backport IPQ8074 and QCNxxxx devices support (coolsnowwolf#10743)
  kernel: bump 6.1 to 6.1.4
  kernel: fix ethernet regression on mt7986
  kernel: mediatek: fix WED offload regression on MT7622
  kernel: mediatek: improve ethernet fix for dealing with small fragments
  generic: 5.10: backport Treat IPv4 segment's lowest address as unicast

include/kernel-6.1

@@ -1,2 +1,2 @@
-LINUX_VERSION-6.1 = .3
-LINUX_KERNEL_HASH-6.1.3 = 6dc89ae7a7513e433c597c7346ed7ff4bfd115ea43a3b5e27a6bdb38c5580317
+LINUX_VERSION-6.1 = .5
+LINUX_KERNEL_HASH-6.1.5 = bc7f6d9a8a8bbe9a723e82346bba94b58d926f78bfba106b21e041e0290076fc

package/base-files/files/bin/config_generate

@@ -192,6 +192,14 @@ generate_network() {
 				EOF
 			}
 		;;
+
+		qmi|\
+		mbim)
+			uci -q batch <<-EOF
+				set network.$1.proto='${protocol}'
+				set network.$1.pdptype='ipv4'
+			EOF
+		;;
 	esac
 }
 

package/base-files/files/lib/functions/system.sh

@@ -250,4 +250,8 @@ macaddr_canonicalize() {
 	[ ${#canon} -ne 17 ] && return
 
 	printf "%02x:%02x:%02x:%02x:%02x:%02x" 0x${canon// / 0x} 2>/dev/null
-}
+}
+
+dt_is_enabled() {
+	grep -q okay "/proc/device-tree/$1/status"
+}

package/base-files/files/lib/functions/uci-defaults.sh

@@ -629,6 +629,21 @@ ucidef_set_ntpserver() {
 	json_select ..
 }
 
+ucidef_add_wlan() {
+	local path="$1"; shift
+
+	ucidef_wlan_idx=${ucidef_wlan_idx:-0}
+
+	json_select_object wlan
+	json_select_object "wl$ucidef_wlan_idx"
+	json_add_string path "$path"
+	json_add_fields "$@"
+	json_select ..
+	json_select ..
+
+	ucidef_wlan_idx="$((ucidef_wlan_idx + 1))"
+}
+
 board_config_update() {
 	json_init
 	[ -f ${CFG} ] && json_load "$(cat ${CFG})"

package/kernel/ksmbd/Makefile

@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ksmbd
 PKG_VERSION:=3.4.6
-PKG_RELEASE:=$(AUTORELEASE)
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/cifsd-team/cifsd/tar.gz/$(PKG_VERSION)?

package/kernel/ksmbd/patches/10-ksmbd-check-nt_len-to-be-at-least-CIFS_ENCPWD_SIZE-i.patch

@@ -0,0 +1,36 @@
+From 8824b7af409f51f1316e92e9887c2fd48c0b26d6 Mon Sep 17 00:00:00 2001
+From: William Liu <will@willsroot.io>
+Date: Fri, 30 Dec 2022 09:13:35 +0900
+Subject: ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in
+ ksmbd_decode_ntlmssp_auth_blob
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+"nt_len - CIFS_ENCPWD_SIZE" is passed directly from
+ksmbd_decode_ntlmssp_auth_blob to ksmbd_auth_ntlmv2. Malicious requests
+can set nt_len to less than CIFS_ENCPWD_SIZE, which results in a negative
+number (or large unsigned value) used for a subsequent memcpy in
+ksmbd_auth_ntlvm2 and can cause a panic.
+
+Fixes: e2f3448 ("cifsd: add server-side procedures for SMB3")
+Cc: stable@vger.kernel.org
+Signed-off-by: William Liu <will@willsroot.io>
+Signed-off-by: Hrvoje Mišetić <misetichrvoje@gmail.com>
+Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
+---
+ auth.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/auth.c
++++ b/auth.c
+@@ -583,7 +583,8 @@ int ksmbd_decode_ntlmssp_auth_blob(struc
+ 	dn_off = le32_to_cpu(authblob->DomainName.BufferOffset);
+ 	dn_len = le16_to_cpu(authblob->DomainName.Length);
+
+-	if (blob_len < (u64)dn_off + dn_len || blob_len < (u64)nt_off + nt_len)
++	if (blob_len < (u64)dn_off + dn_len || blob_len < (u64)nt_off + nt_len ||
++	    nt_len < CIFS_ENCPWD_SIZE)
+ 		return -EINVAL;
+
+ #ifdef CONFIG_SMB_INSECURE_SERVER

package/kernel/ksmbd/patches/11-ksmbd-fix-infinite-loop-in-ksmbd_conn_handler_loop.patch

@@ -0,0 +1,63 @@
+From cc4f3b5a6ab4693aba94a45cc073188df4d67175 Mon Sep 17 00:00:00 2001
+From: Namjae Jeon <linkinjeon@kernel.org>
+Date: Mon, 26 Dec 2022 01:28:52 +0900
+Subject: ksmbd: fix infinite loop in ksmbd_conn_handler_loop()
+
+If kernel_recvmsg() return -EAGAIN in ksmbd_tcp_readv() and go round
+again, It will cause infinite loop issue. And all threads from next
+connections would be doing that. This patch add max retry count(2) to
+avoid it. kernel_recvmsg() will wait during 7sec timeout and try to
+retry two time if -EAGAIN is returned. And add flags of kvmalloc to
+__GFP_NOWARN and __GFP_NORETRY to disconnect immediately without
+retrying on memory alloation failure.
+
+Fixes: 0626e66 ("cifsd: add server handler for central processing and tranport layers")
+Cc: stable@vger.kernel.org
+Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-18259
+Reviewed-by: Sergey Senozhatsky <senozhatsky@chromium.org>
+Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
+---
+ connection.c    | 7 +++++--
+ transport_tcp.c | 5 ++++-
+ 2 files changed, 9 insertions(+), 3 deletions(-)
+
+--- a/connection.c
++++ b/connection.c
+@@ -337,9 +337,12 @@ int ksmbd_conn_handler_loop(void *p)
+
+ 		/* 4 for rfc1002 length field */
+ 		size = pdu_size + 4;
+-		conn->request_buf = kvmalloc(size, GFP_KERNEL);
++		conn->request_buf = kvmalloc(size,
++					     GFP_KERNEL |
++					     __GFP_NOWARN |
++					     __GFP_NORETRY);
+ 		if (!conn->request_buf)
+-			continue;
++			break;
+
+ 		memcpy(conn->request_buf, hdr_buf, sizeof(hdr_buf));
+ 		if (!ksmbd_smb_request(conn))
+--- a/transport_tcp.c
++++ b/transport_tcp.c
+@@ -323,6 +323,7 @@ static int ksmbd_tcp_readv(struct tcp_tr
+ 	struct msghdr ksmbd_msg;
+ 	struct kvec *iov;
+ 	struct ksmbd_conn *conn = KSMBD_TRANS(t)->conn;
++	int max_retry = 2;
+
+ 	iov = get_conn_iovec(t, nr_segs);
+ 	if (!iov)
+@@ -349,9 +350,11 @@ static int ksmbd_tcp_readv(struct tcp_tr
+ 		} else if (conn->status == KSMBD_SESS_NEED_RECONNECT) {
+ 			total_read = -EAGAIN;
+ 			break;
+-		} else if (length == -ERESTARTSYS || length == -EAGAIN) {
++		} else if ((length == -ERESTARTSYS || length == -EAGAIN) &&
++			   max_retry) {
+ 			usleep_range(1000, 2000);
+ 			length = 0;
++			max_retry--;
+ 			continue;
+ 		} else if (length <= 0) {
+ 			total_read = -EAGAIN;

package/kernel/mt76/Makefile

@@ -171,7 +171,7 @@ endef
 define KernelPackage/mt7615-firmware
   $(KernelPackage/mt76-default)
   TITLE:=MediaTek MT7615e firmware
-  DEFAULT:=PACKAGE_kmod-mt7615e
+  DEPENDS+=+kmod-mt7615e
 endef
 
 define KernelPackage/mt7615e
@@ -182,6 +182,12 @@ define KernelPackage/mt7615e
   AUTOLOAD:=$(call AutoProbe,mt7615e)
 endef
 
+define KernelPackage/mt7622-firmware
+  $(KernelPackage/mt76-default)
+  TITLE:=MediaTek MT7622 firmware
+  DEPENDS+=+kmod-mt7615e
+endef
+
 define KernelPackage/mt7663-firmware-ap
   $(KernelPackage/mt76-default)
   TITLE:=MediaTek MT7663e firmware (optimized for AP)
@@ -218,10 +224,16 @@ define KernelPackage/mt7663u
   AUTOLOAD:=$(call AutoProbe,mt7663u)
 endef
 
+define KernelPackage/mt7915-firmware
+  $(KernelPackage/mt76-default)
+  TITLE:=MediaTek MT7915 firmware
+  DEPENDS+=+kmod-mt7915e
+endef
+
 define KernelPackage/mt7915e
   $(KernelPackage/mt76-default)
   TITLE:=MediaTek MT7915e wireless driver
-  DEPENDS+=@PCI_SUPPORT +kmod-mt7615-common +kmod-hwmon-core +kmod-thermal +@DRIVER_11AX_SUPPORT +@KERNEL_RELAY
+  DEPENDS+=@PCI_SUPPORT +kmod-mt76-connac +kmod-hwmon-core +kmod-thermal +@DRIVER_11AX_SUPPORT +@KERNEL_RELAY
   FILES:= $(PKG_BUILD_DIR)/mt7915/mt7915e.ko
   AUTOLOAD:=$(call AutoProbe,mt7915e)
 endef
@@ -445,9 +457,14 @@ define KernelPackage/mt7615-firmware/install
 		$(PKG_BUILD_DIR)/firmware/mt7615_cr4.bin \
 		$(PKG_BUILD_DIR)/firmware/mt7615_n9.bin \
 		$(PKG_BUILD_DIR)/firmware/mt7615_rom_patch.bin \
-		$(if $(CONFIG_TARGET_mediatek_mt7622), \
-			$(PKG_BUILD_DIR)/firmware/mt7622_n9.bin \
-			$(PKG_BUILD_DIR)/firmware/mt7622_rom_patch.bin) \
+		$(1)/lib/firmware/mediatek
+endef
+
+define KernelPackage/mt7622-firmware/install
+	$(INSTALL_DIR) $(1)/lib/firmware/mediatek
+	cp \
+		$(PKG_BUILD_DIR)/firmware/mt7622_n9.bin \
+		$(PKG_BUILD_DIR)/firmware/mt7622_rom_patch.bin \
 		$(1)/lib/firmware/mediatek
 endef
 
@@ -467,7 +484,7 @@ define KernelPackage/mt7663-firmware-sta/install
 		$(1)/lib/firmware/mediatek
 endef
 
-define KernelPackage/mt7915e/install
+define KernelPackage/mt7915-firmware/install
 	$(INSTALL_DIR) $(1)/lib/firmware/mediatek
 	cp \
 		$(PKG_BUILD_DIR)/firmware/mt7915_wa.bin \
@@ -534,12 +551,14 @@ $(eval $(call KernelPackage,mt76-connac))
 $(eval $(call KernelPackage,mt76-sdio))
 $(eval $(call KernelPackage,mt7615-common))
 $(eval $(call KernelPackage,mt7615-firmware))
+$(eval $(call KernelPackage,mt7622-firmware))
 $(eval $(call KernelPackage,mt7615e))
 $(eval $(call KernelPackage,mt7663-firmware-ap))
 $(eval $(call KernelPackage,mt7663-firmware-sta))
 $(eval $(call KernelPackage,mt7663-usb-sdio))
 $(eval $(call KernelPackage,mt7663u))
 $(eval $(call KernelPackage,mt7663s))
+$(eval $(call KernelPackage,mt7915-firmware))
 $(eval $(call KernelPackage,mt7915e))
 $(eval $(call KernelPackage,mt7916-firmware))
 $(eval $(call KernelPackage,mt7986-firmware))

package/network/utils/iwinfo/patches/001-ralink.patch

@@ -223,7 +223,7 @@
  #endif
 --- a/include/iwinfo.h
 +++ b/include/iwinfo.h
-@@ -259,6 +259,7 @@ extern const struct iwinfo_ops wext_ops;
+@@ -306,6 +306,7 @@ extern const struct iwinfo_ops wext_ops;
  extern const struct iwinfo_ops madwifi_ops;
  extern const struct iwinfo_ops nl80211_ops;
  extern const struct iwinfo_ops wl_ops;
@@ -233,7 +233,7 @@
 
 --- a/iwinfo_lib.c
 +++ b/iwinfo_lib.c
-@@ -334,6 +334,9 @@ static const struct iwinfo_ops *backends
+@@ -339,6 +339,9 @@ static const struct iwinfo_ops *backends
  #ifdef USE_WL
  	&wl_ops,
  #endif
@@ -245,7 +245,7 @@
 
 --- a/iwinfo_lua.c
 +++ b/iwinfo_lua.c
-@@ -659,6 +659,35 @@ static int iwinfo_L_countrylist(lua_Stat
+@@ -678,6 +678,35 @@ static int iwinfo_L_countrylist(lua_Stat
  	return 1;
  }
 
@@ -281,7 +281,7 @@
 
  #ifdef USE_WL
  /* Broadcom */
-@@ -908,6 +937,41 @@ static const luaL_reg R_wext[] = {
+@@ -927,6 +956,41 @@ static const luaL_reg R_wext[] = {
  	{ NULL, NULL }
  };
 
@@ -323,7 +323,7 @@
  /* Common */
  static const luaL_reg R_common[] = {
  	{ "type", iwinfo_L_type },
-@@ -919,6 +983,15 @@ static const luaL_reg R_common[] = {
+@@ -938,6 +1002,15 @@ static const luaL_reg R_common[] = {
  LUALIB_API int luaopen_iwinfo(lua_State *L) {
  	luaL_register(L, IWINFO_META, R_common);
 
@@ -1421,7 +1421,7 @@
 +#endif
 --- a/iwinfo_wext.c
 +++ b/iwinfo_wext.c
-@@ -185,7 +185,7 @@ static int wext_get_channel(const char *
+@@ -197,7 +197,7 @@ static int wext_get_center_chan2(const c
  	return -1;
  }
 
@@ -1430,7 +1430,7 @@
  {
  	struct iwreq wrq;
  	struct iw_range range;
-@@ -282,7 +282,7 @@ static int wext_get_noise(const char *if
+@@ -294,7 +294,7 @@ static int wext_get_noise(const char *if
  	return -1;
  }
 
@@ -1439,7 +1439,7 @@
  {
  	struct iwreq wrq;
  	struct iw_statistics stats;
-@@ -300,7 +300,7 @@ static int wext_get_quality(const char *
+@@ -312,7 +312,7 @@ static int wext_get_quality(const char *
  	return -1;
  }
 
@@ -1448,7 +1448,7 @@
  {
  	struct iwreq wrq;
  	struct iw_range range;
-@@ -365,7 +365,7 @@ static int wext_get_txpwrlist(const char
+@@ -377,7 +377,7 @@ static int wext_get_txpwrlist(const char
  	return -1;
  }
 
@@ -1457,7 +1457,7 @@
  {
  	struct iwreq wrq;
  	struct iw_range range;
-@@ -409,7 +409,7 @@ static int wext_get_countrylist(const ch
+@@ -421,7 +421,7 @@ static int wext_get_countrylist(const ch
  	return -1;
  }
 
@@ -1468,7 +1468,7 @@
  	struct iwinfo_freqlist_entry *e = NULL;
 --- a/Makefile
 +++ b/Makefile
-@@ -32,6 +32,15 @@ ifneq ($(filter nl80211,$(IWINFO_BACKEND
+@@ -34,6 +34,15 @@ ifneq ($(filter nl80211,$(IWINFO_BACKEND
  	IWINFO_LIB_OBJ     += iwinfo_nl80211.o
  endif
 
@@ -1482,11 +1482,11 @@
 +   IWINFO_LIB_OBJ += iwinfo_ra.o
 +endif
 
- %.o: %.c
- 	$(CC) $(IWINFO_CFLAGS) $(FPIC) -c -o $@ $<
+ compile: clean $(IWINFO_LIB) $(IWINFO_LUA) $(IWINFO_CLI)
+
 --- a/hardware.txt
 +++ b/hardware.txt
-@@ -173,6 +173,36 @@
+@@ -180,6 +180,36 @@
  0x1814 0x3662 0x1814 0x000d    0      0  "Ralink"   "Rt3662"
  0x1814 0x3883 0x1814 0x000d    0      0  "Ralink"   "Rt3883"
  0x1814 0x5350 0x1814 0x000f    0      0  "Ralink"   "Rt5350"

package/network/utils/iwinfo/patches/002-devices-add-MT7986.patch

@@ -14,17 +14,16 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 
 --- a/hardware.txt
 +++ b/hardware.txt
-@@ -196,6 +196,7 @@
+@@ -225,5 +225,6 @@
  0x14c3 0x7650 0x14c3 0x7650    0      0  "MediaTek" "MT7610E"
  0x14c3 0x7662 0x14c3 0x7662    0      0  "MediaTek" "MT76x2E"
  0x14c3 0x7915 0x14c3 0x7915    0      0  "MediaTek" "MT7915E"
 +0x14c3 0x7986 0x14c3 0x7986    0      0  "MediaTek" "MT7986"
  0x14e4 0xaa52 0x14e4 0xaa52    0      0  "Broadcom" "BCM43602"
- 0x02d0 0xa9a6 0x0000 0x0000    0      0  "Cypress"  "CYW43455"
  0x1ae9 0x0310 0x1ae9 0x0000    0      0  "Wilocity" "Wil6210"
 --- a/iwinfo_nl80211.c
 +++ b/iwinfo_nl80211.c
-@@ -3410,7 +3410,13 @@ static int nl80211_hardware_id_from_fdt(struct iwinfo_hardware_id *id, const cha
+@@ -3386,7 +3386,13 @@ static int nl80211_hardware_id_from_fdt(
  		id->device_id = 0x7622;
  		id->subsystem_vendor_id = 0x14c3;
  		id->subsystem_device_id = 0x7622;
@@ -38,5 +37,3 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
  	return (id->vendor_id && id->device_id) ? 0 : -1;
  }
 
--- 
-2.30.2