Merge branch 'master' of https://github.com/coolsnowwolf/lede

package/firmware/ipq-wifi/Makefile

@@ -31,6 +31,7 @@ ALLWIFIBOARDS:= \
 	avm_fritzrepeater-1200 \
 	buffalo_wtr-m2133hp \
 	cellc_rtl30vw \
+	century_wr142ac \
 	devolo_magic-2-wifi-next \
 	dlink_dap2610 \
 	edgecore_ecw5410 \
@@ -41,6 +42,7 @@ ALLWIFIBOARDS:= \
 	ezviz_cs-w3-wd1200g-eup \
 	glinet_gl-ap1300 \
 	glinet_gl-s1300 \
+	hiwifi_c526a \
 	linksys_ea8300 \
 	linksys_mr8300-v0 \
 	luma_wrtq-329acn \
@@ -119,6 +121,7 @@ $(eval $(call generate-ipq-wifi-package,asus_rt-acrh17,ASUS RT-ACRH17/RT-AC82U/R
 $(eval $(call generate-ipq-wifi-package,avm_fritzrepeater-1200,AVM FRITZRepeater 1200))
 $(eval $(call generate-ipq-wifi-package,buffalo_wtr-m2133hp,Buffalo WTR-M2133HP))
 $(eval $(call generate-ipq-wifi-package,cellc_rtl30vw, Cell C RTL30VW))
+$(eval $(call generate-ipq-wifi-package,century_wr142ac,Century WR142AC))
 $(eval $(call generate-ipq-wifi-package,devolo_magic-2-wifi-next,devolo Magic 2 WiFi next))
 $(eval $(call generate-ipq-wifi-package,dlink_dap2610,D-Link DAP-2610))
 $(eval $(call generate-ipq-wifi-package,edgecore_ecw5410,Edgecore ECW5410))
@@ -129,6 +132,7 @@ $(eval $(call generate-ipq-wifi-package,engenius_emr3500,EnGenius EMR3500))
 $(eval $(call generate-ipq-wifi-package,ezviz_cs-w3-wd1200g-eup,EZVIZ CS-W3-WD1200G EUP))
 $(eval $(call generate-ipq-wifi-package,glinet_gl-ap1300,GL.iNet GL-AP1300))
 $(eval $(call generate-ipq-wifi-package,glinet_gl-s1300,GL.iNet GL-S1300))
+$(eval $(call generate-ipq-wifi-package,hiwifi_c526a,HiWiFi C526A))
 $(eval $(call generate-ipq-wifi-package,linksys_ea8300,Linksys EA8300))
 $(eval $(call generate-ipq-wifi-package,linksys_mr8300-v0,Linksys MR8300))
 $(eval $(call generate-ipq-wifi-package,luma_wrtq-329acn,Luma WRTQ-329ACN))

package/kernel/mac80211/Makefile

@@ -127,7 +127,7 @@ define KernelPackage/mac80211
   $(call KernelPackage/mac80211/Default)
   TITLE:=Linux 802.11 Wireless Networking Stack
   # +kmod-crypto-cmac is a runtime only dependency of net/mac80211/aes_cmac.c
-  DEPENDS+= +kmod-cfg80211 +hostapd-common
+  DEPENDS+= +kmod-cfg80211 +kmod-crypto-cmac +kmod-crypto-ccm +kmod-crypto-gcm +hostapd-common
   KCONFIG:=\
 	CONFIG_AVERAGE=y
   FILES:= $(PKG_BUILD_DIR)/net/mac80211/mac80211.ko

package/kernel/mac80211/patches/ath/402-ath_regd_optional.patch

@@ -82,7 +82,7 @@
  	help
 --- a/local-symbols
 +++ b/local-symbols
-@@ -85,6 +85,7 @@ ADM8211=
+@@ -86,6 +86,7 @@ ADM8211=
  ATH_COMMON=
  WLAN_VENDOR_ATH=
  ATH_DEBUG=

package/kernel/mac80211/patches/ath10k/080-ath10k_thermal_config.patch

@@ -37,7 +37,7 @@
  void ath10k_thermal_event_temperature(struct ath10k *ar, int temperature);
 --- a/local-symbols
 +++ b/local-symbols
-@@ -144,6 +144,7 @@ ATH10K_SNOC=
+@@ -145,6 +145,7 @@ ATH10K_SNOC=
  ATH10K_DEBUG=
  ATH10K_DEBUGFS=
  ATH10K_SPECTRAL=

package/kernel/mac80211/patches/ath10k/974-ath10k_add-LED-and-GPIO-controlling-support-for-various-chipsets.patch

@@ -114,7 +114,7 @@ v13:
  ath10k_core-$(CONFIG_DEV_COREDUMP) += coredump.o
 --- a/local-symbols
 +++ b/local-symbols
-@@ -145,6 +145,7 @@ ATH10K_DEBUG=
+@@ -146,6 +146,7 @@ ATH10K_DEBUG=
  ATH10K_DEBUGFS=
  ATH10K_SPECTRAL=
  ATH10K_THERMAL=

package/kernel/mac80211/patches/ath9k/551-ath9k_ubnt_uap_plus_hsr.patch

@@ -371,7 +371,7 @@
  
 --- a/local-symbols
 +++ b/local-symbols
-@@ -112,6 +112,7 @@ ATH9K_WOW=
+@@ -113,6 +113,7 @@ ATH9K_WOW=
  ATH9K_RFKILL=
  ATH9K_CHANNEL_CONTEXT=
  ATH9K_PCOEM=

package/kernel/mac80211/patches/rt2x00/602-rt2x00-introduce-rt2x00eeprom.patch

@@ -1,6 +1,6 @@
 --- a/local-symbols
 +++ b/local-symbols
-@@ -332,6 +332,7 @@ RT2X00_LIB_FIRMWARE=
+@@ -333,6 +333,7 @@ RT2X00_LIB_FIRMWARE=
  RT2X00_LIB_CRYPTO=
  RT2X00_LIB_LEDS=
  RT2X00_LIB_DEBUGFS=

package/kernel/mac80211/patches/subsys/100-remove-cryptoapi-dependencies.patch

@@ -1,699 +0,0 @@
---- a/net/mac80211/Makefile
-+++ b/net/mac80211/Makefile
-@@ -7,7 +7,6 @@ mac80211-y := \
- 	driver-ops.o \
- 	sta_info.o \
- 	wep.o \
--	aead_api.o \
- 	wpa.o \
- 	scan.o offchannel.o \
- 	ht.o agg-tx.o agg-rx.o \
-@@ -19,8 +18,8 @@ mac80211-y := \
- 	rate.o \
- 	michael.o \
- 	tkip.o \
-+	aes_ccm.o \
- 	aes_cmac.o \
--	aes_gmac.o \
- 	fils_aead.o \
- 	cfg.o \
- 	ethtool.o \
---- a/net/mac80211/aead_api.c
-+++ /dev/null
-@@ -1,113 +0,0 @@
--// SPDX-License-Identifier: GPL-2.0-only
--/*
-- * Copyright 2003-2004, Instant802 Networks, Inc.
-- * Copyright 2005-2006, Devicescape Software, Inc.
-- * Copyright 2014-2015, Qualcomm Atheros, Inc.
-- *
-- * Rewrite: Copyright (C) 2013 Linaro Ltd <ard.biesheuvel@linaro.org>
-- */
--
--#include <linux/kernel.h>
--#include <linux/types.h>
--#include <linux/err.h>
--#include <linux/scatterlist.h>
--#include <crypto/aead.h>
--
--#include "aead_api.h"
--
--int aead_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
--		 u8 *data, size_t data_len, u8 *mic)
--{
--	size_t mic_len = crypto_aead_authsize(tfm);
--	struct scatterlist sg[3];
--	struct aead_request *aead_req;
--	int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
--	u8 *__aad;
--	int ret;
--
--	aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC);
--	if (!aead_req)
--		return -ENOMEM;
--
--	__aad = (u8 *)aead_req + reqsize;
--	memcpy(__aad, aad, aad_len);
--
--	sg_init_table(sg, 3);
--	sg_set_buf(&sg[0], __aad, aad_len);
--	sg_set_buf(&sg[1], data, data_len);
--	sg_set_buf(&sg[2], mic, mic_len);
--
--	aead_request_set_tfm(aead_req, tfm);
--	aead_request_set_crypt(aead_req, sg, sg, data_len, b_0);
--	aead_request_set_ad(aead_req, sg[0].length);
--
--	ret = crypto_aead_encrypt(aead_req);
--	kfree_sensitive(aead_req);
--
--	return ret;
--}
--
--int aead_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
--		 u8 *data, size_t data_len, u8 *mic)
--{
--	size_t mic_len = crypto_aead_authsize(tfm);
--	struct scatterlist sg[3];
--	struct aead_request *aead_req;
--	int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
--	u8 *__aad;
--	int err;
--
--	if (data_len == 0)
--		return -EINVAL;
--
--	aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC);
--	if (!aead_req)
--		return -ENOMEM;
--
--	__aad = (u8 *)aead_req + reqsize;
--	memcpy(__aad, aad, aad_len);
--
--	sg_init_table(sg, 3);
--	sg_set_buf(&sg[0], __aad, aad_len);
--	sg_set_buf(&sg[1], data, data_len);
--	sg_set_buf(&sg[2], mic, mic_len);
--
--	aead_request_set_tfm(aead_req, tfm);
--	aead_request_set_crypt(aead_req, sg, sg, data_len + mic_len, b_0);
--	aead_request_set_ad(aead_req, sg[0].length);
--
--	err = crypto_aead_decrypt(aead_req);
--	kfree_sensitive(aead_req);
--
--	return err;
--}
--
--struct crypto_aead *
--aead_key_setup_encrypt(const char *alg, const u8 key[],
--		       size_t key_len, size_t mic_len)
--{
--	struct crypto_aead *tfm;
--	int err;
--
--	tfm = crypto_alloc_aead(alg, 0, CRYPTO_ALG_ASYNC);
--	if (IS_ERR(tfm))
--		return tfm;
--
--	err = crypto_aead_setkey(tfm, key, key_len);
--	if (err)
--		goto free_aead;
--	err = crypto_aead_setauthsize(tfm, mic_len);
--	if (err)
--		goto free_aead;
--
--	return tfm;
--
--free_aead:
--	crypto_free_aead(tfm);
--	return ERR_PTR(err);
--}
--
--void aead_key_free(struct crypto_aead *tfm)
--{
--	crypto_free_aead(tfm);
--}
---- a/net/mac80211/aead_api.h
-+++ /dev/null
-@@ -1,23 +0,0 @@
--/* SPDX-License-Identifier: GPL-2.0-only */
--
--#ifndef _AEAD_API_H
--#define _AEAD_API_H
--
--#include <crypto/aead.h>
--#include <linux/crypto.h>
--
--struct crypto_aead *
--aead_key_setup_encrypt(const char *alg, const u8 key[],
--		       size_t key_len, size_t mic_len);
--
--int aead_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
--		 size_t aad_len, u8 *data,
--		 size_t data_len, u8 *mic);
--
--int aead_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
--		 size_t aad_len, u8 *data,
--		 size_t data_len, u8 *mic);
--
--void aead_key_free(struct crypto_aead *tfm);
--
--#endif /* _AEAD_API_H */
---- a/net/mac80211/aes_ccm.h
-+++ b/net/mac80211/aes_ccm.h
-@@ -7,39 +7,17 @@
- #ifndef AES_CCM_H
- #define AES_CCM_H
- 
--#include "aead_api.h"
-+#include <linux/crypto.h>
- 
--#define CCM_AAD_LEN	32
--
--static inline struct crypto_aead *
--ieee80211_aes_key_setup_encrypt(const u8 key[], size_t key_len, size_t mic_len)
--{
--	return aead_key_setup_encrypt("ccm(aes)", key, key_len, mic_len);
--}
--
--static inline int
--ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm,
--			  u8 *b_0, u8 *aad, u8 *data,
--			  size_t data_len, u8 *mic)
--{
--	return aead_encrypt(tfm, b_0, aad + 2,
--			    be16_to_cpup((__be16 *)aad),
--			    data, data_len, mic);
--}
--
--static inline int
--ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm,
--			  u8 *b_0, u8 *aad, u8 *data,
--			  size_t data_len, u8 *mic)
--{
--	return aead_decrypt(tfm, b_0, aad + 2,
--			    be16_to_cpup((__be16 *)aad),
--			    data, data_len, mic);
--}
--
--static inline void ieee80211_aes_key_free(struct crypto_aead *tfm)
--{
--	return aead_key_free(tfm);
--}
-+struct crypto_cipher *ieee80211_aes_key_setup_encrypt(const u8 key[],
-+						      size_t key_len,
-+						      size_t mic_len);
-+void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *b_0, u8 *aad,
-+			       u8 *data, size_t data_len, u8 *mic,
-+			       size_t mic_len);
-+int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *b_0, u8 *aad,
-+			      u8 *data, size_t data_len, u8 *mic,
-+			      size_t mic_len);
-+void ieee80211_aes_key_free(struct crypto_cipher *tfm);
- 
- #endif /* AES_CCM_H */
---- /dev/null
-+++ b/net/mac80211/aes_gcm.c
-@@ -0,0 +1,109 @@
-+/*
-+ * Copyright 2014-2015, Qualcomm Atheros, Inc.
-+ *
-+ * This program is free software; you can redistribute it and/or modify
-+ * it under the terms of the GNU General Public License version 2 as
-+ * published by the Free Software Foundation.
-+ */
-+
-+#include <linux/kernel.h>
-+#include <linux/types.h>
-+#include <linux/err.h>
-+#include <crypto/aead.h>
-+
-+#include <net/mac80211.h>
-+#include "key.h"
-+#include "aes_gcm.h"
-+
-+int ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
-+			      u8 *data, size_t data_len, u8 *mic)
-+{
-+	struct scatterlist sg[3];
-+	struct aead_request *aead_req;
-+	int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
-+	u8 *__aad;
-+
-+	aead_req = kzalloc(reqsize + GCM_AAD_LEN, GFP_ATOMIC);
-+	if (!aead_req)
-+		return -ENOMEM;
-+
-+	__aad = (u8 *)aead_req + reqsize;
-+	memcpy(__aad, aad, GCM_AAD_LEN);
-+
-+	sg_init_table(sg, 3);
-+	sg_set_buf(&sg[0], &__aad[2], be16_to_cpup((__be16 *)__aad));
-+	sg_set_buf(&sg[1], data, data_len);
-+	sg_set_buf(&sg[2], mic, IEEE80211_GCMP_MIC_LEN);
-+
-+	aead_request_set_tfm(aead_req, tfm);
-+	aead_request_set_crypt(aead_req, sg, sg, data_len, j_0);
-+	aead_request_set_ad(aead_req, sg[0].length);
-+
-+	crypto_aead_encrypt(aead_req);
-+	kzfree(aead_req);
-+	return 0;
-+}
-+
-+int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
-+			      u8 *data, size_t data_len, u8 *mic)
-+{
-+	struct scatterlist sg[3];
-+	struct aead_request *aead_req;
-+	int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
-+	u8 *__aad;
-+	int err;
-+
-+	if (data_len == 0)
-+		return -EINVAL;
-+
-+	aead_req = kzalloc(reqsize + GCM_AAD_LEN, GFP_ATOMIC);
-+	if (!aead_req)
-+		return -ENOMEM;
-+
-+	__aad = (u8 *)aead_req + reqsize;
-+	memcpy(__aad, aad, GCM_AAD_LEN);
-+
-+	sg_init_table(sg, 3);
-+	sg_set_buf(&sg[0], &__aad[2], be16_to_cpup((__be16 *)__aad));
-+	sg_set_buf(&sg[1], data, data_len);
-+	sg_set_buf(&sg[2], mic, IEEE80211_GCMP_MIC_LEN);
-+
-+	aead_request_set_tfm(aead_req, tfm);
-+	aead_request_set_crypt(aead_req, sg, sg,
-+			       data_len + IEEE80211_GCMP_MIC_LEN, j_0);
-+	aead_request_set_ad(aead_req, sg[0].length);
-+
-+	err = crypto_aead_decrypt(aead_req);
-+	kzfree(aead_req);
-+
-+	return err;
-+}
-+
-+struct crypto_aead *ieee80211_aes_gcm_key_setup_encrypt(const u8 key[],
-+							size_t key_len)
-+{
-+	struct crypto_aead *tfm;
-+	int err;
-+
-+	tfm = crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
-+	if (IS_ERR(tfm))
-+		return tfm;
-+
-+	err = crypto_aead_setkey(tfm, key, key_len);
-+	if (err)
-+		goto free_aead;
-+	err = crypto_aead_setauthsize(tfm, IEEE80211_GCMP_MIC_LEN);
-+	if (err)
-+		goto free_aead;
-+
-+	return tfm;
-+
-+free_aead:
-+	crypto_free_aead(tfm);
-+	return ERR_PTR(err);
-+}
-+
-+void ieee80211_aes_gcm_key_free(struct crypto_aead *tfm)
-+{
-+	crypto_free_aead(tfm);
-+}
---- a/net/mac80211/aes_gcm.h
-+++ b/net/mac80211/aes_gcm.h
-@@ -6,38 +6,30 @@
- #ifndef AES_GCM_H
- #define AES_GCM_H
- 
--#include "aead_api.h"
-+#include <linux/crypto.h>
- 
--#define GCM_AAD_LEN	32
--
--static inline int ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm,
--					    u8 *j_0, u8 *aad,  u8 *data,
--					    size_t data_len, u8 *mic)
-+static inline void
-+ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
-+			  u8 *data, size_t data_len, u8 *mic)
- {
--	return aead_encrypt(tfm, j_0, aad + 2,
--			    be16_to_cpup((__be16 *)aad),
--			    data, data_len, mic);
- }
- 
--static inline int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm,
--					    u8 *j_0, u8 *aad, u8 *data,
--					    size_t data_len, u8 *mic)
-+static inline int
-+ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
-+			  u8 *data, size_t data_len, u8 *mic)
- {
--	return aead_decrypt(tfm, j_0, aad + 2,
--			    be16_to_cpup((__be16 *)aad),
--			    data, data_len, mic);
-+    return -EOPNOTSUPP;
- }
- 
- static inline struct crypto_aead *
- ieee80211_aes_gcm_key_setup_encrypt(const u8 key[], size_t key_len)
- {
--	return aead_key_setup_encrypt("gcm(aes)", key,
--				      key_len, IEEE80211_GCMP_MIC_LEN);
-+    return NULL;
- }
- 
--static inline void ieee80211_aes_gcm_key_free(struct crypto_aead *tfm)
-+static inline void
-+ieee80211_aes_gcm_key_free(struct crypto_aead *tfm)
- {
--	return aead_key_free(tfm);
- }
- 
- #endif /* AES_GCM_H */
---- a/net/mac80211/wpa.c
-+++ b/net/mac80211/wpa.c
-@@ -312,7 +312,8 @@ ieee80211_crypto_tkip_decrypt(struct iee
- }
- 
- 
--static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *b_0, u8 *aad)
-+static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *b_0, u8 *aad,
-+				u16 data_len)
- {
- 	__le16 mask_fc;
- 	int a4_included, mgmt;
-@@ -342,14 +343,8 @@ static void ccmp_special_blocks(struct s
- 	else
- 		qos_tid = 0;
- 
--	/* In CCM, the initial vectors (IV) used for CTR mode encryption and CBC
--	 * mode authentication are not allowed to collide, yet both are derived
--	 * from this vector b_0. We only set L := 1 here to indicate that the
--	 * data size can be represented in (L+1) bytes. The CCM layer will take
--	 * care of storing the data length in the top (L+1) bytes and setting
--	 * and clearing the other bits as is required to derive the two IVs.
--	 */
--	b_0[0] = 0x1;
-+	/* First block, b_0 */
-+	b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */
- 
- 	/* Nonce: Nonce Flags | A2 | PN
- 	 * Nonce Flags: Priority (b0..b3) | Management (b4) | Reserved (b5..b7)
-@@ -357,6 +352,8 @@ static void ccmp_special_blocks(struct s
- 	b_0[1] = qos_tid | (mgmt << 4);
- 	memcpy(&b_0[2], hdr->addr2, ETH_ALEN);
- 	memcpy(&b_0[8], pn, IEEE80211_CCMP_PN_LEN);
-+	/* l(m) */
-+	put_unaligned_be16(data_len, &b_0[14]);
- 
- 	/* AAD (extra authenticate-only data) / masked 802.11 header
- 	 * FC | A1 | A2 | A3 | SC | [A4] | [QC] */
-@@ -413,7 +410,7 @@ static int ccmp_encrypt_skb(struct ieee8
- 	u8 *pos;
- 	u8 pn[6];
- 	u64 pn64;
--	u8 aad[CCM_AAD_LEN];
-+	u8 aad[2 * AES_BLOCK_SIZE];
- 	u8 b_0[AES_BLOCK_SIZE];
- 
- 	if (info->control.hw_key &&
-@@ -468,9 +465,11 @@ static int ccmp_encrypt_skb(struct ieee8
- 		return 0;
- 
- 	pos += IEEE80211_CCMP_HDR_LEN;
--	ccmp_special_blocks(skb, pn, b_0, aad);
--	return ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad, pos, len,
--					 skb_put(skb, mic_len));
-+	ccmp_special_blocks(skb, pn, b_0, aad, len);
-+	ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad, pos, len,
-+				  skb_put(skb, mic_len), mic_len);
-+
-+	return 0;
- }
- 
- 
-@@ -543,13 +542,13 @@ ieee80211_crypto_ccmp_decrypt(struct iee
- 			u8 aad[2 * AES_BLOCK_SIZE];
- 			u8 b_0[AES_BLOCK_SIZE];
- 			/* hardware didn't decrypt/verify MIC */
--			ccmp_special_blocks(skb, pn, b_0, aad);
-+			ccmp_special_blocks(skb, pn, b_0, aad, data_len);
- 
- 			if (ieee80211_aes_ccm_decrypt(
- 				    key->u.ccmp.tfm, b_0, aad,
- 				    skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN,
- 				    data_len,
--				    skb->data + skb->len - mic_len))
-+				    skb->data + skb->len - mic_len, mic_len))
- 				return RX_DROP_UNUSABLE;
- 		}
- 
-@@ -646,7 +645,7 @@ static int gcmp_encrypt_skb(struct ieee8
- 	u8 *pos;
- 	u8 pn[6];
- 	u64 pn64;
--	u8 aad[GCM_AAD_LEN];
-+	u8 aad[2 * AES_BLOCK_SIZE];
- 	u8 j_0[AES_BLOCK_SIZE];
- 
- 	if (info->control.hw_key &&
-@@ -703,8 +702,10 @@ static int gcmp_encrypt_skb(struct ieee8
- 
- 	pos += IEEE80211_GCMP_HDR_LEN;
- 	gcmp_special_blocks(skb, pn, j_0, aad);
--	return ieee80211_aes_gcm_encrypt(key->u.gcmp.tfm, j_0, aad, pos, len,
--					 skb_put(skb, IEEE80211_GCMP_MIC_LEN));
-+	ieee80211_aes_gcm_encrypt(key->u.gcmp.tfm, j_0, aad, pos, len,
-+				  skb_put(skb, IEEE80211_GCMP_MIC_LEN));
-+
-+	return 0;
- }
- 
- ieee80211_tx_result
-@@ -1133,9 +1134,9 @@ ieee80211_crypto_aes_gmac_encrypt(struct
- 	struct ieee80211_key *key = tx->key;
- 	struct ieee80211_mmie_16 *mmie;
- 	struct ieee80211_hdr *hdr;
--	u8 aad[GMAC_AAD_LEN];
-+	u8 aad[20];
- 	u64 pn64;
--	u8 nonce[GMAC_NONCE_LEN];
-+	u8 nonce[12];
- 
- 	if (WARN_ON(skb_queue_len(&tx->skbs) != 1))
- 		return TX_DROP;
-@@ -1181,7 +1182,7 @@ ieee80211_crypto_aes_gmac_decrypt(struct
- 	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
- 	struct ieee80211_key *key = rx->key;
- 	struct ieee80211_mmie_16 *mmie;
--	u8 aad[GMAC_AAD_LEN], *mic, ipn[6], nonce[GMAC_NONCE_LEN];
-+	u8 aad[20], *mic, ipn[6], nonce[12];
- 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
- 
- 	if (!ieee80211_is_mgmt(hdr->frame_control))
---- /dev/null
-+++ b/net/mac80211/aes_ccm.c
-@@ -0,0 +1,144 @@
-+/*
-+ * Copyright 2003-2004, Instant802 Networks, Inc.
-+ * Copyright 2005-2006, Devicescape Software, Inc.
-+ *
-+ * Rewrite: Copyright (C) 2013 Linaro Ltd <ard.biesheuvel@linaro.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify
-+ * it under the terms of the GNU General Public License version 2 as
-+ * published by the Free Software Foundation.
-+ */
-+
-+#include <linux/kernel.h>
-+#include <linux/types.h>
-+#include <linux/err.h>
-+#include <crypto/aead.h>
-+#include <crypto/aes.h>
-+
-+#include <net/mac80211.h>
-+#include "key.h"
-+#include "aes_ccm.h"
-+
-+static void aes_ccm_prepare(struct crypto_cipher *tfm, u8 *b_0, u8 *aad, u8 *s_0,
-+			    u8 *a, u8 *b)
-+{
-+	int i;
-+
-+	crypto_cipher_encrypt_one(tfm, b, b_0);
-+
-+	/* Extra Authenticate-only data (always two AES blocks) */
-+	for (i = 0; i < AES_BLOCK_SIZE; i++)
-+		aad[i] ^= b[i];
-+	crypto_cipher_encrypt_one(tfm, b, aad);
-+
-+	aad += AES_BLOCK_SIZE;
-+
-+	for (i = 0; i < AES_BLOCK_SIZE; i++)
-+		aad[i] ^= b[i];
-+	crypto_cipher_encrypt_one(tfm, a, aad);
-+
-+	/* Mask out bits from auth-only-b_0 */
-+	b_0[0] &= 0x07;
-+
-+	/* S_0 is used to encrypt T (= MIC) */
-+	b_0[14] = 0;
-+	b_0[15] = 0;
-+	crypto_cipher_encrypt_one(tfm, s_0, b_0);
-+}
-+
-+
-+void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *b_0, u8 *aad,
-+			       u8 *data, size_t data_len, u8 *mic,
-+			       size_t mic_len)
-+{
-+	int i, j, last_len, num_blocks;
-+	u8 b[AES_BLOCK_SIZE];
-+	u8 s_0[AES_BLOCK_SIZE];
-+	u8 e[AES_BLOCK_SIZE];
-+	u8 *pos, *cpos;
-+
-+	num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_SIZE);
-+	last_len = data_len % AES_BLOCK_SIZE;
-+	aes_ccm_prepare(tfm, b_0, aad, s_0, b, b);
-+
-+	/* Process payload blocks */
-+	pos = data;
-+	cpos = data;
-+	for (j = 1; j <= num_blocks; j++) {
-+		int blen = (j == num_blocks && last_len) ?
-+			last_len : AES_BLOCK_SIZE;
-+
-+		/* Authentication followed by encryption */
-+		for (i = 0; i < blen; i++)
-+			b[i] ^= pos[i];
-+		crypto_cipher_encrypt_one(tfm, b, b);
-+
-+		b_0[14] = (j >> 8) & 0xff;
-+		b_0[15] = j & 0xff;
-+		crypto_cipher_encrypt_one(tfm, e, b_0);
-+		for (i = 0; i < blen; i++)
-+			*cpos++ = *pos++ ^ e[i];
-+	}
-+
-+	for (i = 0; i < mic_len; i++)
-+		mic[i] = b[i] ^ s_0[i];
-+}
-+
-+int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *b_0, u8 *aad,
-+			      u8 *data, size_t data_len, u8 *mic,
-+			      size_t mic_len)
-+{
-+	int i, j, last_len, num_blocks;
-+	u8 *pos, *cpos;
-+	u8 a[AES_BLOCK_SIZE];
-+	u8 b[AES_BLOCK_SIZE];
-+	u8 s_0[AES_BLOCK_SIZE];
-+
-+	num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_SIZE);
-+	last_len = data_len % AES_BLOCK_SIZE;
-+	aes_ccm_prepare(tfm, b_0, aad, s_0, a, b);
-+
-+	/* Process payload blocks */
-+	cpos = data;
-+	pos = data;
-+	for (j = 1; j <= num_blocks; j++) {
-+		int blen = (j == num_blocks && last_len) ?
-+			last_len : AES_BLOCK_SIZE;
-+
-+		/* Decryption followed by authentication */
-+		b_0[14] = (j >> 8) & 0xff;
-+		b_0[15] = j & 0xff;
-+		crypto_cipher_encrypt_one(tfm, b, b_0);
-+		for (i = 0; i < blen; i++) {
-+			*pos = *cpos++ ^ b[i];
-+			a[i] ^= *pos++;
-+		}
-+		crypto_cipher_encrypt_one(tfm, a, a);
-+	}
-+
-+	for (i = 0; i < mic_len; i++) {
-+		if ((mic[i] ^ s_0[i]) != a[i])
-+			return -1;
-+	}
-+
-+	return 0;
-+}
-+
-+struct crypto_cipher *ieee80211_aes_key_setup_encrypt(const u8 key[],
-+						      size_t key_len,
-+						      size_t mic_len)
-+{
-+	struct crypto_cipher *tfm;
-+
-+	tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
-+	if (!IS_ERR(tfm))
-+		crypto_cipher_setkey(tfm, key, key_len);
-+
-+	return tfm;
-+}
-+
-+
-+void ieee80211_aes_key_free(struct crypto_cipher *tfm)
-+{
-+	crypto_free_cipher(tfm);
-+}
---- a/net/mac80211/Kconfig
-+++ b/net/mac80211/Kconfig
-@@ -6,8 +6,6 @@ config MAC80211
- 	depends on CRYPTO
- 	select BPAUTO_CRYPTO_LIB_ARC4
- 	depends on CRYPTO_AES
--	depends on CRYPTO_CCM
--	depends on CRYPTO_GCM
- 	depends on CRYPTO_CMAC
- 	depends on CRC32
- 	help
---- a/net/mac80211/aes_gmac.h
-+++ b/net/mac80211/aes_gmac.h
-@@ -12,10 +12,22 @@
- #define GMAC_MIC_LEN	16
- #define GMAC_NONCE_LEN	12
- 
--struct crypto_aead *ieee80211_aes_gmac_key_setup(const u8 key[],
--						 size_t key_len);
--int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce,
--		       const u8 *data, size_t data_len, u8 *mic);
--void ieee80211_aes_gmac_key_free(struct crypto_aead *tfm);
-+static inline struct crypto_aead *
-+ieee80211_aes_gmac_key_setup(const u8 key[], size_t key_len)
-+{
-+	return NULL;
-+}
-+
-+static inline int
-+ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce,
-+		   const u8 *data, size_t data_len, u8 *mic)
-+{
-+	return -EOPNOTSUPP;
-+}
-+
-+static inline void
-+ieee80211_aes_gmac_key_free(struct crypto_aead *tfm)
-+{
-+}
- 
- #endif /* AES_GMAC_H */
---- a/net/mac80211/key.h
-+++ b/net/mac80211/key.h
-@@ -89,7 +89,7 @@ struct ieee80211_key {
- 			 * Management frames.
- 			 */
- 			u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_CCMP_PN_LEN];
--			struct crypto_aead *tfm;
-+			struct crypto_cipher *tfm;
- 			u32 replays; /* dot11RSNAStatsCCMPReplays */
- 		} ccmp;
- 		struct {

package/kernel/mac80211/patches/subsys/130-disable-fils.patch

@@ -1,32 +0,0 @@
-Disable FILS support, since it pulls in crypto hash support
-
---- a/net/mac80211/fils_aead.h
-+++ b/net/mac80211/fils_aead.h
-@@ -7,7 +7,7 @@
- #ifndef FILS_AEAD_H
- #define FILS_AEAD_H
- 
--#if LINUX_VERSION_IS_GEQ(4,3,0)
-+#if 0 /* LINUX_VERSION_IS_GEQ(4,3,0) */
- int fils_encrypt_assoc_req(struct sk_buff *skb,
- 			   struct ieee80211_mgd_assoc_data *assoc_data);
- int fils_decrypt_assoc_resp(struct ieee80211_sub_if_data *sdata,
---- a/net/mac80211/fils_aead.c
-+++ b/net/mac80211/fils_aead.c
-@@ -1,4 +1,4 @@
--#if LINUX_VERSION_IS_GEQ(4,3,0)
-+#if 0 /* LINUX_VERSION_IS_GEQ(4,3,0) */
- // SPDX-License-Identifier: GPL-2.0-only
- /*
-  * FILS AEAD for (Re)Association Request/Response frames
---- a/net/mac80211/main.c
-+++ b/net/mac80211/main.c
-@@ -591,7 +591,7 @@ struct ieee80211_hw *ieee80211_alloc_hw_
- 			   NL80211_FEATURE_MAC_ON_CREATE |
- 			   NL80211_FEATURE_USERSPACE_MPM |
- 			   NL80211_FEATURE_FULL_AP_CLIENT_STATE;
--#if LINUX_VERSION_IS_GEQ(4,3,0)
-+#if 0 /* LINUX_VERSION_IS_GEQ(4,3,0) */
- 	wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_FILS_STA);
- #endif
- 	wiphy_ext_feature_set(wiphy,

package/kernel/mac80211/patches/subsys/131-Revert-mac80211-aes-cmac-switch-to-shash-CMAC-driver.patch

@@ -1,230 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Sat, 7 Oct 2017 09:37:28 +0200
-Subject: [PATCH] Revert "mac80211: aes-cmac: switch to shash CMAC
- driver"
-
-This reverts commit 26717828b75dd5c46e97f7f4a9b937d038bb2852.
-Reduces mac80211 dependencies for LEDE
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/net/mac80211/aes_cmac.c
-+++ b/net/mac80211/aes_cmac.c
-@@ -19,67 +19,151 @@
- #define CMAC_TLEN_256 16 /* CMAC TLen = 128 bits (16 octets) */
- #define AAD_LEN 20
- 
--static const u8 zero[CMAC_TLEN_256];
- 
--void ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad,
-+void gf_mulx(u8 *pad)
-+{
-+	int i, carry;
-+
-+	carry = pad[0] & 0x80;
-+	for (i = 0; i < AES_BLOCK_SIZE - 1; i++)
-+		pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7);
-+	pad[AES_BLOCK_SIZE - 1] <<= 1;
-+	if (carry)
-+		pad[AES_BLOCK_SIZE - 1] ^= 0x87;
-+}
-+
-+void aes_cmac_vector(struct crypto_cipher *tfm, size_t num_elem,
-+		     const u8 *addr[], const size_t *len, u8 *mac,
-+		     size_t mac_len)
-+{
-+	u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE];
-+	const u8 *pos, *end;
-+	size_t i, e, left, total_len;
-+
-+	memset(cbc, 0, AES_BLOCK_SIZE);
-+
-+	total_len = 0;
-+	for (e = 0; e < num_elem; e++)
-+		total_len += len[e];
-+	left = total_len;
-+
-+	e = 0;
-+	pos = addr[0];
-+	end = pos + len[0];
-+
-+	while (left >= AES_BLOCK_SIZE) {
-+		for (i = 0; i < AES_BLOCK_SIZE; i++) {
-+			cbc[i] ^= *pos++;
-+			if (pos >= end) {
-+				e++;
-+				pos = addr[e];
-+				end = pos + len[e];
-+			}
-+		}
-+		if (left > AES_BLOCK_SIZE)
-+			crypto_cipher_encrypt_one(tfm, cbc, cbc);
-+		left -= AES_BLOCK_SIZE;
-+	}
-+
-+	memset(pad, 0, AES_BLOCK_SIZE);
-+	crypto_cipher_encrypt_one(tfm, pad, pad);
-+	gf_mulx(pad);
-+
-+	if (left || total_len == 0) {
-+		for (i = 0; i < left; i++) {
-+			cbc[i] ^= *pos++;
-+			if (pos >= end) {
-+				e++;
-+				pos = addr[e];
-+				end = pos + len[e];
-+			}
-+		}
-+		cbc[left] ^= 0x80;
-+		gf_mulx(pad);
-+	}
-+
-+	for (i = 0; i < AES_BLOCK_SIZE; i++)
-+		pad[i] ^= cbc[i];
-+	crypto_cipher_encrypt_one(tfm, pad, pad);
-+	memcpy(mac, pad, mac_len);
-+}
-+
-+
-+void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad,
- 			const u8 *data, size_t data_len, u8 *mic)
- {
--	SHASH_DESC_ON_STACK(desc, tfm);
--	u8 out[AES_BLOCK_SIZE];
-+	const u8 *addr[4];
-+	size_t len[4];
-+	u8 zero[CMAC_TLEN];
- 	const __le16 *fc;
- 
--	desc->tfm = tfm;
--
--	crypto_shash_init(desc);
--	crypto_shash_update(desc, aad, AAD_LEN);
-+	memset(zero, 0, CMAC_TLEN);
-+	addr[0] = aad;
-+	len[0] = AAD_LEN;
- 	fc = (const __le16 *)aad;
- 	if (ieee80211_is_beacon(*fc)) {
- 		/* mask Timestamp field to zero */
--		crypto_shash_update(desc, zero, 8);
--		crypto_shash_update(desc, data + 8, data_len - 8 - CMAC_TLEN);
-+		addr[1] = zero;
-+		len[1] = 8;
-+		addr[2] = data + 8;
-+		len[2] = data_len - 8 - CMAC_TLEN;
-+		addr[3] = zero;
-+		len[3] = CMAC_TLEN;
-+		aes_cmac_vector(tfm, 4, addr, len, mic, CMAC_TLEN);
- 	} else {
--		crypto_shash_update(desc, data, data_len - CMAC_TLEN);
-+		addr[1] = data;
-+		len[1] = data_len - CMAC_TLEN;
-+		addr[2] = zero;
-+		len[2] = CMAC_TLEN;
-+		aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN);
- 	}
--	crypto_shash_finup(desc, zero, CMAC_TLEN, out);
--
--	memcpy(mic, out, CMAC_TLEN);
- }
- 
--void ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad,
-+void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad,
- 			    const u8 *data, size_t data_len, u8 *mic)
- {
--	SHASH_DESC_ON_STACK(desc, tfm);
-+	const u8 *addr[4];
-+	size_t len[4];
-+	u8 zero[CMAC_TLEN_256];
- 	const __le16 *fc;
- 
--	desc->tfm = tfm;
--
--	crypto_shash_init(desc);
--	crypto_shash_update(desc, aad, AAD_LEN);
-+	memset(zero, 0, CMAC_TLEN_256);
-+	addr[0] = aad;
-+	len[0] = AAD_LEN;
-+	addr[1] = data;
- 	fc = (const __le16 *)aad;
- 	if (ieee80211_is_beacon(*fc)) {
- 		/* mask Timestamp field to zero */
--		crypto_shash_update(desc, zero, 8);
--		crypto_shash_update(desc, data + 8,
--				    data_len - 8 - CMAC_TLEN_256);
-+		addr[1] = zero;
-+		len[1] = 8;
-+		addr[2] = data + 8;
-+		len[2] = data_len - 8 - CMAC_TLEN_256;
-+		addr[3] = zero;
-+		len[3] = CMAC_TLEN_256;
-+		aes_cmac_vector(tfm, 4, addr, len, mic, CMAC_TLEN_256);
- 	} else {
--		crypto_shash_update(desc, data, data_len - CMAC_TLEN_256);
-+		addr[1] = data;
-+		len[1] = data_len - CMAC_TLEN_256;
-+		addr[2] = zero;
-+		len[2] = CMAC_TLEN_256;
-+		aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN_256);
- 	}
--	crypto_shash_finup(desc, zero, CMAC_TLEN_256, mic);
- }
- 
--struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[],
--						  size_t key_len)
-+struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[],
-+						   size_t key_len)
- {
--	struct crypto_shash *tfm;
-+	struct crypto_cipher *tfm;
- 
--	tfm = crypto_alloc_shash("cmac(aes)", 0, 0);
-+	tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
- 	if (!IS_ERR(tfm))
--		crypto_shash_setkey(tfm, key, key_len);
-+		crypto_cipher_setkey(tfm, key, key_len);
- 
- 	return tfm;
- }
- 
--void ieee80211_aes_cmac_key_free(struct crypto_shash *tfm)
-+
-+void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm)
- {
--	crypto_free_shash(tfm);
-+	crypto_free_cipher(tfm);
- }
---- a/net/mac80211/aes_cmac.h
-+++ b/net/mac80211/aes_cmac.h
-@@ -7,14 +7,13 @@
- #define AES_CMAC_H
- 
- #include <linux/crypto.h>
--#include <crypto/hash.h>
- 
--struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[],
--						  size_t key_len);
--void ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad,
-+struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[],
-+						   size_t key_len);
-+void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad,
- 			const u8 *data, size_t data_len, u8 *mic);
--void ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad,
-+void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad,
- 			    const u8 *data, size_t data_len, u8 *mic);
--void ieee80211_aes_cmac_key_free(struct crypto_shash *tfm);
-+void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm);
- 
- #endif /* AES_CMAC_H */
---- a/net/mac80211/key.h
-+++ b/net/mac80211/key.h
-@@ -94,7 +94,7 @@ struct ieee80211_key {
- 		} ccmp;
- 		struct {
- 			u8 rx_pn[IEEE80211_CMAC_PN_LEN];
--			struct crypto_shash *tfm;
-+			struct crypto_cipher *tfm;
- 			u32 replays; /* dot11RSNAStatsCMACReplays */
- 			u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
- 		} aes_cmac;

package/kernel/mac80211/patches/subsys/132-mac80211-remove-cmac-dependency.patch

@@ -1,10 +0,0 @@
---- a/net/mac80211/Kconfig
-+++ b/net/mac80211/Kconfig
-@@ -6,7 +6,6 @@ config MAC80211
- 	depends on CRYPTO
- 	select BPAUTO_CRYPTO_LIB_ARC4
- 	depends on CRYPTO_AES
--	depends on CRYPTO_CMAC
- 	depends on CRC32
- 	help
- 	  This option enables the hardware independent IEEE 802.11

package/kernel/mac80211/patches/subsys/339-mac80211-remove-legacy-minstrel-rate-control.patch

@@ -12,7 +12,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 --- a/net/mac80211/Makefile
 +++ b/net/mac80211/Makefile
-@@ -55,11 +55,9 @@ mac80211-$(CONFIG_PM) += pm.o
+@@ -56,11 +56,9 @@ mac80211-$(CONFIG_PM) += pm.o
  CFLAGS_trace.o := -I$(src)
  
  rc80211_minstrel-y := \

package/kernel/mac80211/patches/subsys/374-mac80211-move-A-MPDU-session-check-from-minstrel_ht-.patch

@@ -0,0 +1,126 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Thu, 17 Jun 2021 17:56:54 +0200
+Subject: [PATCH] mac80211: move A-MPDU session check from minstrel_ht to
+ mac80211
+
+This avoids calling back into tx handlers from within the rate control module.
+Preparation for deferring rate control until tx dequeue
+
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/include/net/mac80211.h
++++ b/include/net/mac80211.h
+@@ -6160,6 +6160,11 @@ enum rate_control_capabilities {
+ 	 * otherwise the NSS difference doesn't bother us.
+ 	 */
+ 	RATE_CTRL_CAPA_VHT_EXT_NSS_BW = BIT(0),
++	/**
++	 * @RATE_CTRL_CAPA_AMPDU_TRIGGER:
++	 * mac80211 should start A-MPDU sessions on tx
++	 */
++	RATE_CTRL_CAPA_AMPDU_TRIGGER = BIT(1),
+ };
+ 
+ struct rate_control_ops {
+--- a/net/mac80211/rc80211_minstrel_ht.c
++++ b/net/mac80211/rc80211_minstrel_ht.c
+@@ -1153,29 +1153,6 @@ minstrel_downgrade_prob_rate(struct mins
+ }
+ 
+ static void
+-minstrel_aggr_check(struct ieee80211_sta *pubsta, struct sk_buff *skb)
+-{
+-	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
+-	struct sta_info *sta = container_of(pubsta, struct sta_info, sta);
+-	u16 tid;
+-
+-	if (skb_get_queue_mapping(skb) == IEEE80211_AC_VO)
+-		return;
+-
+-	if (unlikely(!ieee80211_is_data_qos(hdr->frame_control)))
+-		return;
+-
+-	if (unlikely(skb->protocol == cpu_to_be16(ETH_P_PAE)))
+-		return;
+-
+-	tid = ieee80211_get_tid(hdr);
+-	if (likely(sta->ampdu_mlme.tid_tx[tid]))
+-		return;
+-
+-	ieee80211_start_tx_ba_session(pubsta, tid, 0);
+-}
+-
+-static void
+ minstrel_ht_tx_status(void *priv, struct ieee80211_supported_band *sband,
+                       void *priv_sta, struct ieee80211_tx_status *st)
+ {
+@@ -1477,10 +1454,6 @@ minstrel_ht_get_rate(void *priv, struct
+ 	struct minstrel_priv *mp = priv;
+ 	u16 sample_idx;
+ 
+-	if (!(info->flags & IEEE80211_TX_CTL_AMPDU) &&
+-	    !minstrel_ht_is_legacy_group(MI_RATE_GROUP(mi->max_prob_rate)))
+-		minstrel_aggr_check(sta, txrc->skb);
+-
+ 	info->flags |= mi->tx_flags;
+ 
+ #ifdef CPTCFG_MAC80211_DEBUGFS
+@@ -1894,6 +1867,7 @@ static u32 minstrel_ht_get_expected_thro
+ 
+ static const struct rate_control_ops mac80211_minstrel_ht = {
+ 	.name = "minstrel_ht",
++	.capa = RATE_CTRL_CAPA_AMPDU_TRIGGER,
+ 	.tx_status_ext = minstrel_ht_tx_status,
+ 	.get_rate = minstrel_ht_get_rate,
+ 	.rate_init = minstrel_ht_rate_init,
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -3933,6 +3933,29 @@ void ieee80211_txq_schedule_start(struct
+ }
+ EXPORT_SYMBOL(ieee80211_txq_schedule_start);
+ 
++static void
++ieee80211_aggr_check(struct ieee80211_sub_if_data *sdata,
++		     struct sta_info *sta,
++		     struct sk_buff *skb)
++{
++	struct rate_control_ref *ref = sdata->local->rate_ctrl;
++	u16 tid;
++
++	if (!ref || !(ref->ops->capa & RATE_CTRL_CAPA_AMPDU_TRIGGER))
++		return;
++
++	if (!sta || !sta->sta.ht_cap.ht_supported ||
++	    !sta->sta.wme || skb_get_queue_mapping(skb) == IEEE80211_AC_VO ||
++	    skb->protocol == sdata->control_port_protocol)
++		return;
++
++	tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK;
++	if (likely(sta->ampdu_mlme.tid_tx[tid]))
++		return;
++
++	ieee80211_start_tx_ba_session(&sta->sta, tid, 0);
++}
++
+ void __ieee80211_subif_start_xmit(struct sk_buff *skb,
+ 				  struct net_device *dev,
+ 				  u32 info_flags,
+@@ -3963,6 +3986,8 @@ void __ieee80211_subif_start_xmit(struct
+ 		skb_get_hash(skb);
+ 	}
+ 
++	ieee80211_aggr_check(sdata, sta, skb);
++
+ 	if (sta) {
+ 		struct ieee80211_fast_tx *fast_tx;
+ 
+@@ -4226,6 +4251,8 @@ static void ieee80211_8023_xmit(struct i
+ 
+ 	memset(info, 0, sizeof(*info));
+ 
++	ieee80211_aggr_check(sdata, sta, skb);
++
+ 	tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
+ 	tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[tid]);
+ 	if (tid_tx) {

package/kernel/mac80211/patches/subsys/375-mac80211-minstrel_ht-fix-minstrel_aggr_check-for-enc.patch

@@ -1,39 +0,0 @@
-From: Ryder Lee <ryder.lee@mediatek.com>
-Date: Fri, 28 May 2021 14:05:42 +0800
-Subject: [PATCH] mac80211: minstrel_ht: fix minstrel_aggr_check for encap
- offload
-
-Avoid checking ieee80211_hdr to support encap offload.
-
-Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
----
-
---- a/net/mac80211/rc80211_minstrel_ht.c
-+++ b/net/mac80211/rc80211_minstrel_ht.c
-@@ -1156,19 +1156,24 @@ static void
- minstrel_aggr_check(struct ieee80211_sta *pubsta, struct sk_buff *skb)
- {
- 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
-+	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
- 	struct sta_info *sta = container_of(pubsta, struct sta_info, sta);
- 	u16 tid;
- 
- 	if (skb_get_queue_mapping(skb) == IEEE80211_AC_VO)
- 		return;
- 
--	if (unlikely(!ieee80211_is_data_qos(hdr->frame_control)))
-+	if (unlikely(!pubsta->wme))
-+		return;
-+
-+	if (!(info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP) &&
-+	    unlikely(!ieee80211_is_data_qos(hdr->frame_control)))
- 		return;
- 
- 	if (unlikely(skb->protocol == cpu_to_be16(ETH_P_PAE)))
- 		return;
- 
--	tid = ieee80211_get_tid(hdr);
-+	tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK;
- 	if (likely(sta->ampdu_mlme.tid_tx[tid]))
- 		return;
- 

package/kernel/mac80211/patches/subsys/377-mac80211-minstrel_ht-fix-sample-time-check.patch

@@ -12,7 +12,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 --- a/net/mac80211/rc80211_minstrel_ht.c
 +++ b/net/mac80211/rc80211_minstrel_ht.c
-@@ -1498,7 +1498,7 @@ minstrel_ht_get_rate(void *priv, struct
+@@ -1466,7 +1466,7 @@ minstrel_ht_get_rate(void *priv, struct
  	    (info->control.flags & IEEE80211_TX_CTRL_PORT_CTRL_PROTO))
  		return;
  

package/lean/luci-app-arpbind/po/zh-cn/arpbind.po

@@ -17,6 +17,9 @@ msgstr ""
 msgid "IP/MAC Binding"
 msgstr "IP/MAC绑定"
 
+msgid "IP Address"
+msgstr "IP 地址"
+
 msgid "MAC Address"
 msgstr "MAC 地址"
 

target/linux/generic/config-5.10

@@ -1005,7 +1005,9 @@ CONFIG_CROSS_COMPILE=""
 CONFIG_CRYPTO=y
 # CONFIG_CRYPTO_842 is not set
 # CONFIG_CRYPTO_ADIANTUM is not set
-# CONFIG_CRYPTO_AEAD is not set
+CONFIG_CRYPTO_ACOMP2=y
+CONFIG_CRYPTO_AEAD=y
+CONFIG_CRYPTO_AEAD2=y
 # CONFIG_CRYPTO_AEGIS128 is not set
 # CONFIG_CRYPTO_AEGIS128L is not set
 # CONFIG_CRYPTO_AEGIS128L_AESNI_SSE2 is not set
@@ -1025,6 +1027,8 @@ CONFIG_CRYPTO_AES=y
 # CONFIG_CRYPTO_AES_ARM_CE is not set
 # CONFIG_CRYPTO_AES_NI_INTEL is not set
 # CONFIG_CRYPTO_AES_TI is not set
+CONFIG_CRYPTO_AKCIPHER=y
+CONFIG_CRYPTO_AKCIPHER2=y
 CONFIG_CRYPTO_ALGAPI=y
 CONFIG_CRYPTO_ALGAPI2=y
 # CONFIG_CRYPTO_ANSI_CPRNG is not set
@@ -1039,7 +1043,7 @@ CONFIG_CRYPTO_ALGAPI2=y
 # CONFIG_CRYPTO_CAST5 is not set
 # CONFIG_CRYPTO_CAST6 is not set
 # CONFIG_CRYPTO_CBC is not set
-# CONFIG_CRYPTO_CCM is not set
+CONFIG_CRYPTO_CCM=y
 # CONFIG_CRYPTO_CFB is not set
 # CONFIG_CRYPTO_CHACHA20 is not set
 # CONFIG_CRYPTO_CHACHA20POLY1305 is not set
@@ -1054,7 +1058,7 @@ CONFIG_CRYPTO_ALGAPI2=y
 # CONFIG_CRYPTO_CRCT10DIF is not set
 # CONFIG_CRYPTO_CRCT10DIF_ARM64_CE is not set
 # CONFIG_CRYPTO_CRYPTD is not set
-# CONFIG_CRYPTO_CTR is not set
+CONFIG_CRYPTO_CTR=y
 # CONFIG_CRYPTO_CTS is not set
 # CONFIG_CRYPTO_CURVE25519 is not set
 # CONFIG_CRYPTO_CURVE25519_NEON is not set
@@ -1107,17 +1111,20 @@ CONFIG_CRYPTO_ALGAPI2=y
 # CONFIG_CRYPTO_ESSIV is not set
 # CONFIG_CRYPTO_FCRYPT is not set
 # CONFIG_CRYPTO_FIPS is not set
-# CONFIG_CRYPTO_GCM is not set
+CONFIG_CRYPTO_GCM=y
 # CONFIG_CRYPTO_GF128MUL is not set
-# CONFIG_CRYPTO_GHASH is not set
+CONFIG_CRYPTO_GHASH=y
 # CONFIG_CRYPTO_GHASH_ARM64_CE is not set
 # CONFIG_CRYPTO_GHASH_ARM_CE is not set
 # CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL is not set
-# CONFIG_CRYPTO_HASH is not set
+CONFIG_CRYPTO_HASH=y
+CONFIG_CRYPTO_HASH2=y
 # CONFIG_CRYPTO_HMAC is not set
 # CONFIG_CRYPTO_HW is not set
 # CONFIG_CRYPTO_JITTERENTROPY is not set
 # CONFIG_CRYPTO_KEYWRAP is not set
+CONFIG_CRYPTO_KPP=y
+CONFIG_CRYPTO_KPP2=y
 # CONFIG_CRYPTO_KHAZAD is not set
 CONFIG_CRYPTO_LIB_AES=y
 CONFIG_CRYPTO_LIB_ARC4=y
@@ -1131,8 +1138,8 @@ CONFIG_CRYPTO_LIB_POLY1305_RSIZE=9
 # CONFIG_CRYPTO_LZ4 is not set
 # CONFIG_CRYPTO_LZ4HC is not set
 # CONFIG_CRYPTO_LZO is not set
-# CONFIG_CRYPTO_MANAGER is not set
-# CONFIG_CRYPTO_MANAGER2 is not set
+CONFIG_CRYPTO_MANAGER=y
+CONFIG_CRYPTO_MANAGER2=y
 CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y
 # CONFIG_CRYPTO_MCRYPTD is not set
 # CONFIG_CRYPTO_MD4 is not set
@@ -1144,7 +1151,7 @@ CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y
 # CONFIG_CRYPTO_MORUS640 is not set
 # CONFIG_CRYPTO_MORUS640_SSE2 is not set
 # CONFIG_CRYPTO_NHPOLY1305_NEON is not set
-# CONFIG_CRYPTO_NULL is not set
+CONFIG_CRYPTO_NULL=y
 # CONFIG_CRYPTO_OFB is not set
 # CONFIG_CRYPTO_PCBC is not set
 # CONFIG_CRYPTO_PCOMP is not set