kernel: usb: remove left-over LINUX_5_10 dependency symbol
this should have been removed together with linux 5.4 APM821XX support. Currently, this didn't hurt or broke something. But it will in the next stable kernel release.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: fcd5fd4)
the WNDR4700 can fetch its calibration data and mac-addresses directly from the "wifi_data" partition. This allows us to get rid of the 10-ath9k-eeprom file for the apm821xx target completely.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: a1693a8)
ipq806x: utilize nvmem-cells for pre-calibration data
converts extraction entries from 11-ath10k-caldata into nvmem-cells in the individual board's device-tree file.
The patch also moves previously existing referenced nvmem-cells data nodes which were placed at the end back into the partitions node. As well as removing some duplicated properties from qcom-ipq8065-xr500.dts's art (the included nighthawk.dtsi defines those already).
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 2047058)
Kalle Valo ath10k-firmware repository no longer provides the legacy board.bin files for the qca99x0 chips. Instead he copied over the codeaurora version and add more board files.
In the future, this board-2.bin should find its way to linux-firmware.git, which would allow us to remove the extra download code completely.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: c2630ac)
brings back the ath10k QCA9980 wifi nodes to which it adds ASROCK's wifi calibration data. These are now provided by the ath10k_firmware.git's board-2.bin.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 965e878)
generic: kernel: add patches with ZTE MF286D modem
This patch includes patches sent upstream with ZTE MF286D modem support. It adds support for qmi and serial option driver.
Links to ML: https://lore.kernel.org/linux-usb/20220111221132.14586-1-paweldembicki@gmail.com/ https://lore.kernel.org/linux-usb/20220111221205.14662-1-paweldembicki@gmail.com/
- Many LEDs are driven by the modem. Only internal LEDs and wifi LEDs are driven by cpu. - Wifi LED is triggered by phy0tpt only - No VoIP support - LAN1/WAN port is configured as WAN - ZTE gives only one MAC per device. Use +1/+2/+3 increment for WAN and WLAN0/1
Opening the case:
1. Take of battery lid (no battery support for this model, battery cage is dummy). 2. Unscrew screw placed behind battery lid. 3. Take off back cover. It attached with multiple plastic clamps. 4. Unscrew four more screws hidden behind back case. 5. Remove front panel from blue chassis. There are more plastic clamps. 6. Unscrew two boards, which secures the PCB in the chassis. 7. Extract board from blue chassis.
Serial + initramfs: 1. Place OpenWrt initramfs image for the device on a TFTP in the server's root. This example uses Server IP: 192.168.1.3 2. Connect serial console (115200,8n1) to X8 connector. 3. Connect TFTP server to RJ-45 port. 4. Stop in u-Boot and run u-Boot commands: setenv serverip 192.168.1.3 setenv ipaddr 192.168.1.72 set fdt_high 0x85000000 tftp openwrt-ipq40xx-generic-zte_mf286d-initramfs-fit-zImage.itb bootm $loadaddr 5. Please make backup of original partitions, if you think about revert to stock. 6. Login via ssh or serial and remove stock partitions: ubiattach -m 9 ubirmvol /dev/ubi0 -N ubi_rootfs ubirmvol /dev/ubi0 -N ubi_rootfs_data 7. Install image via "sysupgrade -n".
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com> (cosmetic changes to the commit message) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: a91ab8b)
Newer RPi 4 Rev 6 (8 GB models and recent 2 GB / 4 GB models) ship with the so-called C0 processor which can run turbo mode at 1.8 GHz max rather than 1.5 GHz gracefully. Add 'arm_boost=1' to pi4 section of to enable.
Note that this setting has no effect on older chips; they continue with their 1.5 GHz max unless users overclock them.
Backport patch ("MIPS: ath79: drop _machine_restart again"), which is required to support GPIO restart handler on ZTE MF286, broken due to _machine_restart being restored in kernel accidentally, wich causes any registered restart handlers to not execute, including one from ath79-reset driver.
ZTE MF286 is an indoor LTE category 6 CPE router with simultaneous dual-band 802.11ac plus 802.11n Wi-Fi radios and quad-port gigabit Ethernet switch, FXS and external USB 2.0 port.
Hardware highlights: - CPU: QCA9563 SoC at 775MHz, - RAM: 128MB DDR2, - NOR Flash: MX25L1606E 2MB SPI Flash, for U-boot only, - NAND Flash: GD5F1G04UBYIG 128MB SPI NAND-Flash, for all other data, - Wi-Fi 5GHz: QCA9882 2x2 MIMO 802.11ac radio, - WI-Fi 2.4GHz: QCA9563 3x3 MIMO 802.11n radio, - Switch: QCA8337v2 4-port gigabit Ethernet, with single SGMII CPU port, - WWAN: MDM9230-based category 6 internal LTE modem in extended mini-PCIE form factor, with 3 internal antennas and 2 external antenna connections, single mini-SIM slot. Modem model identified as MF270, - FXS: one external ATA port (handled entirely by modem part) with two physical connections in parallel, - USB: Single external USB 2.0 port, - Switches: power switch, WPS, Wi-Fi and reset buttons, - LEDs: Wi-Fi, Test (internal). Rest of LEDs (Phone, WWAN, Battery, Signal state) handled entirely by modem. 4 link status LEDs handled by the switch on the backside. - Battery: 3Ah 1-cell Li-Ion replaceable battery, with charging and monitoring handled by modem. - Label MAC device: eth0
Console connection: connector X2 is the console port, with the following pinout, starting from pin 1, which is the topmost pin when the board is upright: - VCC (3.3V). Do not use unless you need to source power for the converer from it. - TX - RX - GND Default port configuration in U-boot as well as in stock firmware is 115200-8-N-1.
Installation: Due to different flash layout from stock firmware, sysupgrade from within stock firmware is impossible, despite it's based on QSDK which itself is based on OpenWrt.
STEP 0: Stock firmware update: As installing OpenWrt cuts you off from official firmware updates for the modem part, it is recommended to update the stock firmware to latest version before installation, to have built-in modem at the latest firmware version.
STEP 1: gaining root shell:
Method 1: This works if busybox has telnetd compiled in the binary. If this does not work, try method 2.
Using well-known exploit to start telnetd on your router - works only if Busybox on stock firmware has telnetd included: - Open stock firmware web interface - Navigate to "URL filtering" section by going to "Advanced settings", then "Firewall" and finally "URL filter". - Add an entry ending with "&&telnetd&&", for example "http://hostname/&&telnetd&&". - telnetd will immediately listen on port 4719. - After connecting to telnetd use "admin/admin" as credentials.
Method 2: This works if busybox does not have telnetd compiled in. Notably, this is the case in DNA.fi firmware. If this does not work, try method 3.
- Set IP of your computer to 192.168.1.22. - Have a TFTP server running at that address - Download MIPS build of busybox including telnetd, for example from: https://busybox.net/downloads/binaries/1.21.1/busybox-mips and put it in it's root directory. Rename it as "telnetd". - As previously, login to router's web UI and navigate to "URL filtering" - Using "Inspect" feature, extend "maxlength" property of the input field named "addURLFilter", so it looks like this: <input type="text" name="addURLFilter" id="addURLFilter" maxlength="332" class="required form-control"> - Stay on the page - do not navigate anywhere - Enter "http://aa&zte_debug.sh 192.168.1.22 telnetd" as a filter. - Save the settings. This will download the telnetd binary over tftp and execute it. You should be able to log in at port 23, using "admin/admin" as credentials.
Method 3: If the above doesn't work, use the serial console - it exposes root shell directly without need for login. Some stock firmwares, notably one from finnish DNA operator lack telnetd in their builds.
STEP 2: Backing up original software: As the stock firmware may be customized by the carrier and is not officially available in the Internet, IT IS IMPERATIVE to back up the stock firmware, if you ever plan to returning to stock firmware.
Method 1: after booting OpenWrt initramfs image via TFTP: PLEASE NOTE: YOU CANNOT DO THIS IF USING INTERMEDIATE FIRMWARE FOR INSTALLATION. - Dump stock firmware located on stock kernel and ubi partitions:
And keep them in a safe place, should a restore be needed in future.
Method 2: using stock firmware: - Connect an external USB drive formatted with FAT or ext4 to the USB port. - The drive will be auto-mounted to /var/usb_disk - Check the flash layout of the device:
Differences might indicate that this is NOT a vanilla MF286 device but one of its later derivatives. - Copy over all MTD partitions, for example by executing the following:
for i in 0 1 2 3 4 5 6 7 8 9 10 11; do cat /dev/mtd$i > \ /var/usb_disk/mtd$i; done
- If the count of MTD partitions is different, this might indicate that this is not a standard MF286 device, but one of its later derivatives. - (optionally) rename the files according to MTD partition names from /proc/mtd - Unmount the filesystem:
umount /var/usb_disk; sync
and then remove the drive. - Store the files in safe place if you ever plan to return to stock firmware. This is especially important, because stock firmware for this device is not available officially, and is usually customized by the mobile providers.
STEP 3: Booting initramfs image:
Method 1: using serial console (RECOMMENDED): - Have TFTP server running, exposing the OpenWrt initramfs image, and set your computer's IP address as 192.168.1.22. This is the default expected by U-boot. You may wish to change that, and alter later commands accordingly. - Connect the serial console if you haven't done so already, - Interrupt boot sequence by pressing any key in U-boot when prompted - Use the following commands to boot OpenWrt initramfs through TFTP:
(Replace server IP and router IP as needed). There is no emergency TFTP boot sequence triggered by buttons, contrary to MF283+. - When OpenWrt initramfs finishes booting, proceed to actual installation.
Method 2: using initramfs image as temporary boot kernel This exploits the fact, that kernel and rootfs MTD devices are consecutive on NAND flash, so from within stock image, an initramfs can be written to this area and booted by U-boot on next reboot, because it uses "nboot" command which isn't limited by kernel partition size. - Download the initramfs-kernel.bin image - Split the image into two parts on 3MB partition size boundary, which is the size of kernel partition. Pad the output of second file to eraseblock size:
- Copy over /usr/bin/flash_eraseall and /usr/bin/nandwrite utilities to /tmp. This is CRITICAL for installation, as erasing rootfs will cut you off from those tools on flash!
- After backing up the previous MTD contents, write the images to the respective MTD devices:
- Ensure that no bad blocks were present on the devices while writing. If they were present, you may need to vary the split between kernel and rootfs parts, so U-boot reads a valid uImage after skipping the bad blocks. If it fails, you will be left with method 3 (below). - If write is OK, reboot the device, it will reboot to OpenWrt initramfs:
reboot -f
- After rebooting, SSH into the device and use sysupgrade to perform proper installation.
Method 3: using built-in TFTP recovery (LAST RESORT): - With that method, ensure you have complete backup of system's NAND flash first. It involves deliberately erasing the kernel. - Download "-initramfs-kernel.bin" image for the device. - Prepare the recovery image by prepending 8MB of zeroes to the image, and name it root_uImage:
- Set up a TFTP server at 192.0.0.1/8. Router will use random address from that range. - Put the previously generated "root_uImage" into TFTP server root directory. - Deliberately erase "kernel" partition" using stock firmware after taking backup. THIS IS POINT OF NO RETURN. - Restart the device. U-boot will attempt flashing the recovery initramfs image, which will let you perform actual installation using sysupgrade. This might take a considerable time, sometimes the router doesn't establish Ethernet link properly right after booting. Be patient. - After U-boot finishes flashing, the LEDs of switch ports will all light up. At this moment, perform power-on reset, and wait for OpenWrt initramfs to finish booting. Then proceed to actual installation.
STEP 4: Actual installation: - scp the sysupgrade image to the device:
STEP 5: WAN connection establishment Since the router is equipped with LTE modem as its main WAN interface, it might be useful to connect to the Internet right away after installation. To do so, please put the following entries in /etc/config/network, replacing the specific configuration entries with one needed for your ISP:
config interface 'wan' option proto 'qmi' option device '/dev/cdc-wdm0' option auth '<auth>' # As required, usually 'none' option pincode '<pin>' # If required by SIM option apn '<apn>' # As required by ISP option pdptype '<pdp>' # Typically 'ipv4', or 'ipv4v6' or 'ipv6'
For example, the following works for most polish ISPs config interface 'wan' option proto 'qmi' option device '/dev/cdc-wdm0' option auth 'none' option apn 'internet' option pdptype 'ipv4'
If you have build with LuCI, installing luci-proto-qmi helps with this task.
Restoring the stock firmware:
Preparation: If you took your backup using stock firmware, you will need to reassemble the partitions into images to be restored onto the flash. The layout might differ from ISP to ISP, this example is based on generic stock firmware. The only partitions you really care about are "web", "kernel", and "rootfs". For easy padding and possibly restoring configuration, you can concatenate most of them into images written into "ubi" meta-partition in OpenWrt. To do so, execute something like:
You can skip the "fota" partition altogether, it is used only for stock firmware update purposes and can be overwritten safely anyway. The same is true for "data" partition which on my device was found to be unused at all. Restoring mtd5_cfg-param.bin will restore the stock firmware configuration you had before.
Method 1: Using initramfs: - Boot to initramfs as in step 3: - Completely detach ubi0 partition using ubidetach /dev/ubi0_0 - Look up the kernel and ubi partitions in /proc/mtd - Copy over the stock kernel image using scp to /tmp - Erase kernel and restore stock kernel: (scp mtd4_kernel.bin root@192.168.1.1:/tmp/) mtd write <kernel_mtd> mtd4_kernel.bin rm mtd4_kernel.bin - Copy over the stock partition backups one-by-one using scp to /tmp, and restore them individually. Otherwise you might run out of space in tmpfs:
- If the write was correct, force a device reboot with
reboot -f
Method 2: Using live OpenWrt system (NOT RECOMMENDED): - Prepare a USB flash drive contatining MTD backup files - Ensure you have kmod-usb-storage and filesystem driver installed for your drive - Mount your flash drive
mkdir /tmp/usb
mount /dev/sda1 /tmp/usb
- Remount your UBI volume at /overlay to R/O
mount -o remount,ro /overlay
- Write back the kernel and ubi partitions from USB drive
cd /tmp/usb mtd write mtd4_kernel.bin /dev/<kernel_mtd>
mtd write mtd8_ubi.bin /dev/<kernel_ubi>
- If everything went well, force a device reboot with reboot -f
Last image may be truncated a bit due to lack of space in RAM, but this will happen over "fota" MTD partition which may be safely erased after reboot anyway.
Method 3: using built-in TFTP recovery (LAST RESORT): - Assemble a recovery rootfs image from backup of stock partitions by concatenating "web", "kernel", "rootfs" images dumped from the device, as "root_uImage" - Use it in place of "root_uImage" recovery initramfs image as in the TFTP pre-installation method.
Quirks and known issues - Kernel partition size is increased to 4MB compared to stock 3MB, to accomodate future kernel updates - at this moment OpenWrt 5.10 kernel image is at 2.5MB which is dangerously close to the limit. This has no effect on booting the system - but keep that in mind when reassembling an image to restore stock firmware. - uqmi seems to be unable to change APN manually, so please use the one you used before in stock firmware first. If you need to change it, please use protocok '3g' to establish connection once, or use the following command to change APN (and optionally IP type) manually: echo -ne 'AT+CGDCONT=1,"IP","<apn>' > /dev/ttyUSB0 - The only usable LED as a "system LED" is the green debug LED hidden inside the case. All other LEDs are controlled by modem, on which the router part has some influence only on Wi-Fi LED. - Wi-Fi LED currently doesn't work while under OpenWrt, despite having correct GPIO mapping. All other LEDs are controlled by modem, including this one in stock firmware. GPIO19, mapped there only acts as a gate, while the actual signal source seems to be 5GHz Wi-Fi radio, however it seems it is not the LED exposed by ath10k as ath10k-phy0. - GPIO5 used for modem reset is a suicide switch, causing a hardware reset of whole board, not only the modem. It is attached to gpio-restart driver, to restart the modem on reboot as well, to ensure QMI connectivity after reboot, which tends to fail otherwise. - Modem, as in MF283+, exposes root shell over ADB - while not needed for OpenWrt operation at all - have fun lurking around. - MAC address shift for 5GHz Wi-Fi used in stock firmware is 0x320000000000, which is impossible to encode in the device tree, so I took the liberty of using MAC address increment of 1 for it, to ensure different BSSID for both Wi-Fi interfaces.
This reverts commit 8b4cba53a9402f44da2dced4a78ca065b15dca94.
This broke the mt7530 on Linksys e8450 (mt7622) for me. [ 1.312943] mt7530 mdio-bus:00 lan1 (uninitialized): failed to connect to PHY: -EINVAL [ 1.320890] mt7530 mdio-bus:00 lan1 (uninitialized): error -22 setting up PHY for tree 0, switch 0, port 0 [ 1.331163] mt7530 mdio-bus:00 lan2 (uninitialized): failed to connect to PHY: -EINVAL [ 1.339085] mt7530 mdio-bus:00 lan2 (uninitialized): error -22 setting up PHY for tree 0, switch 0, port 1 [ 1.349321] mt7530 mdio-bus:00 lan3 (uninitialized): failed to connect to PHY: -EINVAL [ 1.357241] mt7530 mdio-bus:00 lan3 (uninitialized): error -22 setting up PHY for tree 0, switch 0, port 2 [ 1.367452] mt7530 mdio-bus:00 lan4 (uninitialized): failed to connect to PHY: -EINVAL [ 1.375367] mt7530 mdio-bus:00 lan4 (uninitialized): error -22 setting up PHY for tree 0, switch 0, port 3 [ 1.385750] mt7530 mdio-bus:00 wan (uninitialized): failed to connect to PHY: -EINVAL [ 1.393575] mt7530 mdio-bus:00 wan (uninitialized): error -22 setting up PHY for tree 0, switch 0, port 4
kernel: bpf-headers: fix build error when testing kernel is used
Now that we have separate files for each kernel version, only the version/hash for the target kernel are available. This cause a missing hash error (and wrong kernel version) for bpf-headers when a testing kernel version is used for the current target.
Fix this error by manually including the kernel version/hash file for the specific kernel version requested.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 4d90452)
ipq806x: convert TP-Link Archer VR2600v to denx,uimage
The recent device-tree modification that added pre-cal nvmem-cells pushed the device's kernel+dtb over the allotted 3072k KERNEL_SIZE.
> WARNING: Image file tplink_vr2600v-uImage is too big: 3147214 > 3145728
There was a previous kernel partition size upgrade: commit 0c967d92b3d9 ("ipq806x: increase kernel partition size for the TP-Link Archer VR2600v") It has been seemingly upgraded from a 2048k KERNEL_SIZE in the past. The commit talks about using the MTD_SPLIT_TPLINK_FW. But looking at the image make recipe, there is no code that adds a TPLINK header. So instead the board will use "denx,umimage". This requires MTD_SPLIT_UIMAGE_FW, but this is present thanks to some NEC devices.
(Maybe the MTD_CONFIG_ARGS can be removed as well? But it could be there because of the padding at the beginning. This needs testing.)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: f6a01d7)
Specifications: - AR9344 SoC, 8 MB nor flash, 64 MB DDR2 RAM - 2x2 9dBi antenna, wifi 2.4Ghz 300Mbps - 4x Ethernet LAN 10/100, 1x Ethernet WAN 10/100 - 1x WAN, 4x LAN, Wifi, PWR, WPS, SYSTEM Leds - Reset/WPS button - Serial UART at J4 onboard: 3.3v GND RX TX, 1152008N1
MAC addresses as verified by OEM firmware:
vendor OpenWrt address LAN eth0 label WAN eth1 label + 1 WLAN phy0 label
The label MAC address was found in u-boot 0x1fc00.
Installation: To install openwrt, - set the device's SSID to each of the following lines, making sure to include the backticks. - set the ssid and click save between each line.
- Now, wait 60 sec. - After the reboot sequence, the router may have fallen back to its default IP address with the default credentials (admin:admin). - Log in to the web interface and go the the firmware upload page. Select "openwrt-ath79-generic-tplink_tl-wr841hp-v2-squashfs-factory.bin" and you're done : the system now accepts the openwrt.
Forum support topic: https://forum.openwrt.org/t/support-for-tplink-tl-wr841hp-v2/69445/
Signed-off-by: Saiful Islam <si87868@gmail.com> (commit: 43ec6d6)
Installation ------------ Flash the factory image using the stock web interface or TFTP the factory image to the bootloader.
What works ---------- - LEDs - Ethernet port - 5GHz wifi (QCA9984 pcie)
What doesn't work ----------------- - 2.4GHz wifi (QCN5502 on-chip) (I was not able to make this work, probably because ath9k requires some changes to support QCN5502.)
The MikroTik LHG 5 series (product codes RBLHG-5nD, RBLHG-5HPnD and RBLHG-5HPnD-XL) devices are an outdoor 5GHz CPE with a 24.5dBi or 27dBi integrated antenna built around the Atheros AR9344 SoC. It is very similar to the SXT Lite5 series which this patch is based upon.
ramips: add support for Xiaomi Mi Router CR660x series
Xiaomi Mi Router CR6606 is a Wi-Fi6 AX1800 Router with 4 GbE Ports. Alongside the general model, it has three carrier customized models: CR6606 (China Unicom), CR6608 (China Mobile), CR6609 (China Telecom)
Jailbreak Notes: 1. Get shell access. 1.1. Get yourself a wireless router that runs OpenWrt already. 1.2. On the OpenWrt router: 1.2.1. Access its console. 1.2.2. Create and edit /usr/lib/lua/luci/controller/admin/xqsystem.lua with the following code (exclude backquotes and line no.): ``` 1 module("luci.controller.admin.xqsystem", package.seeall) 2 3 function index() 4 local page = node("api") 5 page.target = firstchild() 6 page.title = ("") 7 page.order = 100 8 page.index = true 9 page = node("api","xqsystem") 10 page.target = firstchild() 11 page.title = ("") 12 page.order = 100 13 page.index = true 14 entry({"api", "xqsystem", "token"}, call("getToken"), (""), 103, 0x08) 15 end 16 17 local LuciHttp = require("luci.http") 18 19 function getToken() 20 local result = {} 21 result["code"] = 0 22 result["token"] = "; nvram set ssh_en=1; nvram commit; sed -i 's/channel=.*/channel=\"debug\"/g' /etc/init.d/dropbear; /etc/init.d/drop bear start;" 23 LuciHttp.write_json(result) 24 end ``` 1.2.3. Browse http://{OWRT_ADDR}/cgi-bin/luci/api/xqsystem/token It should give you a respond like this: {"code":0,"token":"; nvram set ssh_en=1; nvram commit; ..."} If so, continue; Otherwise, check the file, reboot the rout- er, try again. 1.2.4. Set wireless network interface's IP to 169.254.31.1, turn off DHCP of wireless interface's zone. 1.2.5. Connect to the router wirelessly, manually set your access device's IP to 169.254.31.3, make sure http://169.254.31.1/cgi-bin/luci/api/xqsystem/token still have a similar result as 1.2.3 shows. 1.3. On the Xiaomi CR660x: 1.3.1. Login to the web interface. Your would be directed to a page with URL like this: http://{ROUTER_ADDR}/cgi-bin/luci/;stok={STOK}/web/home#r- outer 1.3.2. Browse this URL with {STOK} from 1.3.1, {WIFI_NAME} {PASSWORD} be your OpenWrt router's SSID and password: http://{MIROUTER_ADDR}/cgi-bin/luci/;stok={STOK}/api/misy- stem/extendwifi_connect?ssid={WIFI_NAME}&password={PASSWO- RD} It should return 0. 1.3.3. Browse this URL with {STOK} from 1.3.1: http://{MIROUTER_ADDR}/cgi-bin/luci/;stok={STOK}/api/xqsy- stem/oneclick_get_remote_token?username=xxx&password=xxx&- nonce=xxx 1.4. Before rebooting, you can now access your CR660x via SSH. For CR6606, you can calculate your root password by this project: https://github.com/wfjsw/xiaoqiang-root-password, or at https://www.oxygen7.cn/miwifi. The root password for carrier-specific models should be the admi- nistration password or the default login password on the label. It is also feasible to change the root password at the same time by modifying the script from step 1.2.2. You can treat OpenWrt Router however you like from this point as long as you don't mind go through this again if you have to expl- oit it again. If you do have to and left your OpenWrt router unt- ouched, start from 1.3. 2. There's no official binary firmware available, and if you lose the content of your flash, no one except Xiaomi can help you. Dump these partitions in case you need them: "Bootloader" "Nvram" "Bdata" "crash" "crash_log" "firmware" "firmware1" "overlay" "obr" Find the corespond block device from /proc/mtd Read from read-only block device to avoid misoperation. It's recommended to use /tmp/syslogbackup/ as destination, since files would be available at http://{ROUTER_ADDR}/backup/log/YOUR_DUMP Keep an eye on memory usage though. 3. Since UART access is locked ootb, you should get UART access by modify uboot env. Otherwise, your router may become bricked. Excute these in stock firmware shell: a. nvram set boot_wait=on b. nvram set bootdelay=3 c. nvram commit Or in OpenWrt: a. opkg update && opkg install kmod-mtd-rw b. insmod mtd-rw i_want_a_brick=1 c. fw_setenv boot_wait on d. fw_setenv bootdelay 3 e. rmmod mtd-rw
Migrate to OpenWrt: 1. Transfer squashfs-firmware.bin to the router. 2. nvram set flag_try_sys1_failed=0 3. nvram set flag_try_sys2_failed=1 4. nvram commit 5. mtd -r write /path/to/image/squashfs-firmware.bin firmware
Additional Info: 1. CR660x series routers has a different nand layout compared to other Xiaomi nand devices. 2. This router has a relatively fresh uboot (2018.09) compared to other Xiaomi devices, and it is capable of booting fit image firmware. Unfortunately, no successful attempt of booting OpenWrt fit image were made so far. The cause is still yet to be known. For now, we use legacy image instead.
Signed-off-by: Raymond Wang <infiwang@pm.me> (commit: 3343ca7)
fd4c9e1 system-linux: expose hw-tc-offload ethtool feature in device status dump 3d76f2e system-linux: add wrapper function for creating link config messages 88af2f1 system-linux: delete bridge devices using netlink 85c3548 system-linux: create bridge devices using netlink
11adf0c source: convert source objects into proper uc_value_t type 3a49192 treewide: rework function memory model 7edad5c tests: add functional tests for builtin functions d5003fd lib: fix leaking tokener in uc_json() on parse exception 5d0ecd9 lib: fix infinite loop on empty regexp matches in uc_replace() 3ad57f1 lib: fix infinite loop on empty regexp matches in uc_match() 32d596d lib: fix infinite loop on empty regexp matches in uc_split() 3e3f38d vm: ensure consistent trace output between gcc and clang compiled ucode 3600ded vm: fix leaking function value on call exception 3059295 vm: NULL-initialize pointer to make cppcheck happy 98e59bf source: zero-initialize conversion union to make cppcheck happy 7a65c14 run_tests.sh: change workdir to testcase directory during execution afec8d7 run_tests.sh: support placing supplemental testcase files 3ada6e0 run_tests.sh: always treat outputs as text data 2cb627f program: rename bytecode load/write functions, track path of executed file 1094ffa lib: fix memory leak in uc_require_ucode()
When the uci configuration is created automatically during a very early stage, where no entropy daemon is set up, generating the key directly is not an option. Therefore we allow to set the private_key to "generate" and generate the private key directly before the interface is taken up.
ipq806x: Enlarge D7800 flash - use netgear partition
Increase the available flash memory size in Netgear R7800 by repurposing the unused "netgear" partition that is located after the firmware partition.
Available flash space for kernel+rootfs+overlay increases by 68 MB from 32 MB to 100 MB.
In a typical build, overlay space increases from 15 to 85, increasing the package installation possibilities greatly.
Reverting to the OEM firmware is still possible, as the OEM firmware contains logic to initialise the "netgear" partition if its contents do not match expectations. In OEM firmware, "netgear" contains 6 UBI sub-partitions that are defined in /etc/netgear.cfg and initialisation is done by /etc/preinit
This is based on https://github.com/openwrt/openwrt/commit/fb8a578aa70572b3e56b64d296e22c2931e77b69
Signed-off-by: Mike Lothian <mike@fireburn.co.uk> (commit: a0ad07e)
Commit f4a79148f8cb ("ramips: add support for ipTIME AX2004M") was reverted due to KERNEL_LOADADDR leakage, and it seems the problem can be mitigated by moving the variable definition into Device/Default. By this, KERNEL_LOADADDR redefined in a device recipe will not be leaked into the subsequent device recipes anymore and thus will remain as a per-device variable.
Ref: cd6a6e3030ff ("Revert "ramips: add support for ipTIME AX2004M"") Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 09f3834)
kernel: generic: select the fq_codel qdisc by default
The kernel configuration allows us to select a default qdisc. Let's do this for 5.10 (as 5.4 is on its way out) and get rid of the hacky patch we've been carrying.
Add support for MediaTek Gigabit Ethernet PHYs found in MT7530 and MT7531. Fix some link up/down issues. The errornous check for the PHY mode which broke things with MT7531 has been removed as suggested by patch net: phy: mediatek: remove PHY mode check on MT7531 As a result, things are working fine now on MT7622+MT7531 as well.
Signed-off-by: DENG Qingfang <dqfext@gmail.com> Tested-by: Daniel Golle <daniel@makrotopia.org> Tested-by: Arınç ÜNAL <arinc.unal@arinc9.com> Tested-by: Stijn Tintel <stijn@linux-ipv6.be> (commit: 73fd9f7)
Support MT7530 PHY link change interrupts, and enable for MT7621.
For external MT7530, a GPIO IRQ line is required, which is board-specific, so it should be added to each DTS. In case the interrupt-controller property is missing, it will fall back to polling mode.
Signed-off-by: DENG Qingfang <dqfext@gmail.com> (commit: f9cfe7a)
mt7622: linksys-e8450: enable using mt7531 switch irq
Turns out the MT7531 switch IRQ line is connected to GPIO#53 just like on the BPi-R64, so this seems to be part of the reference design and will probably apply to most MT7622+MT7531 boards.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: c32835c)
Notes: * This device has a dual-boot partition scheme, but this firmware works only on boot partition 1. The stock web interface will flash only on the inactive boot partition, but the recovery web page will always flash on boot partition 1.
Installation via recovery mode: 1. Press reset button, power up the device, wait >10s for CPU LED to stop blinking. 2. Upload recovery image through the recovery web page at 192.168.0.1.
Revert to stock firmware: 1. Install stock image via recovery mode.
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 37753f3)
ramips: move MAC configs to device dts from wrc-gs-2pci.dtsi
The locations of MAC addresses in mtd for LAN/WAN on ELECOM WRC-2533GS2 are changed from the other WRC-GS/GST devices with 2x PCIe. So move the related configurations in mt7621_elecom_wrc-gs-2pci.dtsi to dts of each model.
1. Boot WRC-2533GS2 normally with "Router" mode 2. Access to "http://192.168.2.1/" and open firmware update page ("ファームウェア更新") 3. Select the OpenWrt factory image and click apply ("適用") button 4. Wait ~120 seconds to complete flashing
Had to update generic defconfig (make kernel_menuconfig CONFIG_TARGET=generic) for this bump, but since that only modifies the target defined in .config, and since that target also needed to be updated for unrelated reasons, manually propagated the newly added symbol to the generic config.
a29bad9 compiler: fix patchlist corruption on switch statement syntax errors 86f0662 lib: change `ord()` to always return single byte value 116a8ce vallist: fix storing/retrieving short strings with 8bit byte value
53caa1a fw4: resolve zone layer 2 devices for hw flow offloading 9fe58f5 fw4: rework and fix family inheritance logic 8795296 tests: mocklib: fix infinite recursion in wrapped print() 281b1bc tests: change mocked wan interface type to PPPoE 93b710d tests: mocklib: forward compatibility change 1a94915 fw4: only stage reflection rules if all required addrs are known 5c21714 fw4: add device iifname/oifname matches to DSCP and MARK rules 3eacc97 tests: adjust 01_ruleset test case to latest changes
This fixes the following security problem: The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
This caches flows between MAC addresses on separate ports, including their VLAN in order to bypass the normal bridge forwarding code. In my test on MT7622, this reduces LAN->WLAN bridging CPU usage by 6-10%, potentially even more on weaker platforms
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 94b4da9)
'uxc boot' is inteded to be called multiple times, so there is not need to guard the first call on boot -- the actual code anyway didn't do that, so just remove it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 5205010)
It's reported that current memory detection code occasionally detects larger memory under some bootloaders. Current memory detection code tests whether address space wraps around on KSEG0, which is unreliable because it's cached.
Rewrite memory size detection to perform the same test on KSEG1 instead. While at it, this patch also does the following two things: 1. use a fixed pattern instead of a random function pointer as the magic value. 2. add an additional memory write and a second comparison as part of the test to prevent possible smaller memory detection result due to leftover values in memory.
ramips: fix NAND flash driver ECC bit position mask
The bit position mask was accidentally made too wide, overlapping with the LSB from the byte position mask. This caused ECC calculation to fail for odd bytes
Signed-off-by: Chad Monroe <chad.monroe@smartrg.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 918d4ab)
base-files: Make sure rootfs_data_max is considered
For sysupgrade on NAND/UBI devices there is the U-Boot environment variable rootfs_data_max which can be used to limit the size of the rootfs_data volume created on sysupgrade. This stopped working reliable with recent kernels, probably due to a race condition when reading the number of free erase blocks from sysfs just after removing a volume. Change the script to just try creating rootfs_data with the desired size and retry with maximum size in case that fails. Hence calculating the available size in the script can be dropped which works around the problem.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 397de50)
realtek: Add support for RTL9300/RTL9310 I2C controller
This adds support for the RTL9300 and RTL9310 I2C controller. The controller implements the SMBus protocol for SMBus transfers over an I2C bus. The driver supports selecting one of the 2 possible SCL pins and any of the 8 possible SDA pins. Bus speeds of 100kHz (standard speed) and 400kHz (high speed I2C) are supported.
realtek: Add support for RTL9300/RTL9310 I2C multiplexing
The RTL9300/RTL9310 I2C controllers have support for 2 independent I2C masters, each with a fixed SCL pin, that cannot be changed. Each of these masters can use 8 (RTL9300) or 16 (RTL9310) different pins for SDA. This multiplexer directly controls the two masters and their shared IO configuration registers to allow multiplexing between any of these busses. The two masters cannot be used in parallel as the multiplex is protected by a standard multiplex lock.
realtek: Add support for SFP EEPROM-access over SMBus
The EEPROMs on SFP modules are compatible both to I2C as well as SMBus. However, the kernel so far only supports I2C access. We add SMBus access routines, because the I2C driver for the RTL9300 HW only supports that protocol. At the same time we disable I2C access to PHYs on SFP modules as otherwise detection of any SFP module would fail. This is not in any way problematic at this point in time since the RTL93XX platform so far does not support PHYs on SFP modules.
The patches are copied and rebased version of: https://bootlin.com/blog/sfp-modules-on-a-board-running-linux/
Signed-off-by: Daniel Golle <daniel@makrotopia.org> Signed-off-by: Birger Koblitz <git@birger-koblitz.de> (commit: 45053b5)
Creates RTL83XX as a basic kernel config parameter for the RTL838X, RTL839x, RTL930X and RTL931X platforms with respective configurations for the SoCs, which are introduced in addition.
In order to support VSMP, enable support for both VPEs of the RTL839X and RTL930X SoCs in the irq-realtek-rtl driver. Add support for IRQ affinity setting.
realtek: Update RTL838X DTS to new Realtek IRQ controller notation
Replace the interrupt controller node with the new realtek,rtl-intc node and change all device interrupts to use the 2 field notation: interrupts = <[SoC IRQ] [Index to MIPS IRQ]>
realtek: Update rtl839x.dtsi for realtek,rtl-intc, new gpio controller remove RTL8231 node
Update the IRQ configuration to work with the new rtl-intc controller. Also change all KSEG1 addresses in reg = <> of the devics to physical addresses.
Use the new gpio-otto controller instead of the legacy driver. Also remove the memory node as this is better put into a device .dts.
Also remove the RTL8231 GPIO controller node from this base file since the chip might not be found in all Realtek RTL839x devices.
The GS1900-48 is a 48 + 2 port Gigabit L2 switch with 48 gigabit ports. Hardware: RTL8393M SoC Macronix MX25l12805D (16MB flash) 128MB RAM 6 * RTL8218B external PHY 2 * RTL8231 GPIO extenders to control the port LEDs, system LED and Reset button
2 Uplink ports are SFP cages which support 1000 Base-X mini GBIC modules.
Power is supplied via a 230 volt mains connector. The board has a hard reset switch SW1, which is is not reachable from the outside. J4 provides a 12V RS232 serial connector which is connected through U8 to the 3.3V UART of the RTL8393. Conversion is done by U8, a SIPEX 3232EC. To connect to the UART, wires can be soldered to R603 (TX) and R602 (RX).
Installation: Install the squashfs image via Realtek's original Web-Interface.
realtek: Increase zone size for Ethernet driver DMA
Set CONFIG_FORCE_MAX_ZONEORDER setting to 13 to allow larger contiguous memory allocation for the DMA of the Ethernet driver. Increase the number of entries in the RX ring to 300 making use of the larger DMA region now possible for receiveing packets.
Setting bits 20 and 23 in a u16 is obviously wrong. According to https://www.svanheule.net/realtek/cypress/cputag cpu_tag[2] starts at bit 48 in the cpu-tag structure, so bit 43 is bit 5 in cpu_tag[2] and bit 40 is bit 8 in cpu_tag[2].
Rename the SoC-specific rtl838x_reg structure in the Ethernet driver to avoid confusion with the structure of the same name in the DSA driver. New name is: rtl838x_eth_reg
Various fixes to enable Ethernet on the RTL931X: - Network start and stop sequence for RTL931X HW - MDIO access on RTL931X SoC - Chip initialization - SerDes setup
realtek: Replace the RTL9300 generic timer with a CEVT timer
The RTL9300 has a broken R4K MIPS timer interrupt, however, the R4K clocksource works. We replace the RTL9300 timer with a Clock Event Timer (CEVT), which is VSMP aware and can be instantiated as part of brining a VSMTP cpu up instead of the R4K CEVT source. For this we place the RTL9300 CEVT timer in arch/mips/kernel together with other MIPS CEVT timers, initialize the SoC IRQs from a modified smp-mt.c and instantiate each timer as part of the MIPS time setup in arch/mips/include/asm/time.h instead of the R4K CEVT, similarly as is done by other MIPS CEVT timers.
Selects the new CEVT timer for Realtek instead of the previous timer driver. While we are at it, we explicitily state we do not use the I2C driver of the RTL9300.
realtek: Allow PHY-IDs to differ from Port numbers
We were using the PHY-ids (the reg entries in the PHY sections of the .dts) as the port numbers. Now scan the ports section in the .dts, and use the actual port numbers, following the phy-handle to the PHY properties.
Adds a rtl931x_phylink_mac_config for the RTL931X and improve the handling of the RTL930X phylink configuration. Add separate handling of the RTL839x since some configurations are different from the RTL838X.
The ZyXEL XGS1250-12 Switch is a 11 + 1 port multi-GBit switch with 8 x 1000BaseT, 3 x 1000/2500/5000/10000BaseT Ethernet ports and 1 SFP+ module slot.
Hardware: - RTL9302B SoC - Macronix MX25L12833F (16MB flash) - Nanja NT5CC64M16GP-1 (128MB DDR3 SDRAM) - RTL8231 GPIO extender to control the port LEDs - RTL8218D 8x Gigabit PHY - Aquantia AQR113c 1/2.5/5/10 Gigabit PHYs - SFP+ 10GBit slot
Power is supplied via a 12V 2A standard barrel connector. At the right side behind the grid is UART serial connector. A Serial header can be connected to from the outside of the switch trough the airvents with a standard 2.54mm header. Pins are from top to bottom Vcc(3.3V), TX, RX and GND. Serial connection is via 115200 baud, 8N1.
A reset button is accessble through a hole in the front panel
At the time of this commit, all ethernet ports work under OpenWRT, including the various NBaseT modes, however the 10GBit SFP+ slot is not supported.
Installation -------------- * Connect serial as per the layout above. Connection parameters: 115200 8N1. * Navigate to 'Management' in the OEM web interface and click on 'Firmware upgrade' to the left. * Upload the OpenWrt initramfs image, and wait till the switch reboots. * Connect to the device through serial and change the U-boot boot command. > fw_setenv bootcmd 'rtk network on; boota' * Reboot, scp the sysupgrade image to /tmp, verify the checksum and flash it: > sysupgrade /tmp/openwrt-realtek-rtl930x-zyxel_xgs1250-12-squashfs-sysupgrade.bin * Upon reboot, you have a functional OpenWrt installation. Leave the bootcmd value as is - without 'rtk network on' the switch will fail to initialise the network.
Web recovery ------------ The XGS1250-12 has a handy web recovery that will load when U-boot does not find a bootable kernel. In case you would like to trigger the web recovery manually, partially overwrite the firmware partition with some zeroes:
# dd if=/dev/zero of=/dev/mtd5 bs=1M count=2
If you have serial connected you'll see U-boot will start the web recovery and print it's listening on 192.168.1.1, but by default it seems to be on the OEM default IP for the switch - 192.168.1.3. The web recovery only listens on HTTP (80) and *not* on 443 (HTTPS) unlike the web UI.
Return to stock --------------- You can flash the ZyXEL firmware images to return to stock:
realtek: Add Link Aggregation (aka trunking) support
This adds LAG support for all 4 SoC families, including support ofr the use of different distribution algorithm for the load- balancing between individual links.
Signed-off-by: Sebastian Gottschall <s.gottschall@dd-wrt.com> Signed-off-by: Birger Koblitz <git@birger-koblitz.de> (commit: 32e5b5e)
Adds the DSA API for bridge configuration (flooding, L2 learning, and aging) offload as found in Linux 5.12 so that we can implement it in our drivver.
Signed-off-by: Sebastian Gottschall <s.gottschall@dd-wrt.com> Signed-off-by: Birger Koblitz <git@birger-koblitz.de> (commit: afa3ab5)
realtek: Store and Restore MC memberships for port enable/disable
We need to store and restore MC memberships in HW when a port joins or leaves a bridge as well as when it is enabled or disabled, as these properties should not change in these situations.
Signed-off-by: Sebastian Gottschall <s.gottschall@dd-wrt.com> Signed-off-by: Birger Koblitz <git@birger-koblitz.de> (commit: 724e4af)
realtek: Add specific PHY polling options to support the Zyxel XGS1250/XGS1210
Both the Aquantia AQR113c and the RTL8226 PHYs in the Zyxel XGS1250 and the Zyxel XGS1210 require special polling configuration settings in the RTL930X_SMI_10GPHY_POLLING_REGxx_CFG configuration registers. Set them. Additionally, for RTL 1GBit phys set the RTL930X_SMI_PRVTE_POLLING_CTRL bits in the poll mask.
The RTL8221B PHY is a newer version of the RTL8226, also supporting 2.5GBit Ethernet. It is found with RTL931X devices such as the EdgeCore ECS4125-10P
Signed-off-by: Sebastian Gottschall <s.gottschall@dd-wrt.com> Signed-off-by: Birger Koblitz <git@birger-koblitz.de> (commit: caaac9a)
realtek: add support for port led configuration on RTL93XX
Using the led-set attribute of a port in the dts we allow configuration of the port leds. Each led-set is being defined in the led-set configuration of the .dts, giving a specific configuration to steer the port LEDs via a serial connection.
Import commit ("c6af53f038aa3 net: mdio: add helpers to extract clause 45 regad and devad fields") from Linux 5.17 to allow making the MDIO code in the ethernet driver more readable.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 854458f)
realtek: implement Clause-45 MDIO write on rtl931x
* Add missing Clause-45 write support for rtl931x * Switch to use helper functions in all Clause-45 access functions to make the code more readable. * More meaningful/unified debugging output (dynamic kprintf)
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: af93bf6)
realtek: switch to use generic MDIO accessor functions
Instead of directly calling SoC-specific functions in order to access (paged) MII registers or MMD registers, create infrastructure to allow using the generic phy_*, phy_*_paged and phy_*_mmd functions.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: b53202a)
realtek: rtl83xx-phy: abstract and document PHY features
Replace magic values with more self-descriptive code now that I start to understand more about the design of the PHY (and MDIO controller).
Remove one line before reading RTL8214FC internal PHY id which turned out to be a no-op and can hence safely be removed (confirmed by INAGAKI Hiroshi[1])
The RTL8231's gpio_chip.ngpio was set to 36, which is the largest valid GPIO index. Fix the allowed number of GPIOs by setting ngpio to 37, the actual line count.
The SMI bus ID for RTL8231 currently defaults to 0, and can be overridden from the devicetree. However, there is no value check on the DT-provided value, aside from masking which would only cause value wrap-around.
Change the driver to always require the "indirect-access-bus-id" property, as there is no real reason to use 0 as default, and perform a sanity check on the value when probing. This allows the other parts of the driver to be simplified a bit.
When initialising the driver, check if the RTL8231 chip is actually present at the specified address. If the READY_CODE value does not match the expected value, return -ENXIO to fail probing.
This should help users to figure out which address an RTL8231 is configured to use, if measuring pull-up/-down resistors is not an option.
On an unsuccesful probe, the driver will log: [ 0.795364] Probing RTL8231 GPIOs [ 0.798978] rtl8231_init called, MDIO bus ID: 30 [ 0.804194] rtl8231-gpio rtl8231-gpio: no device found at bus address 30
When a device is found, only the first two lines will be logged: [ 0.453698] Probing RTL8231 GPIOs [ 0.457312] rtl8231_init called, MDIO bus ID: 31
A Locking bug in the packet receive path was introduced with PR #4973. The following patch prevents the driver from locking after a few minutes with an endless flow of
[ 1434.185085] rtl838x-eth 1b00a300.ethernet eth0: Ring contention: r: 0, last a28000f4, cur a28000f8 [ 1434.208971] rtl838x-eth 1b00a300.ethernet eth0: Ring contention: r: 0, last a28000f4, cur a28000fc [ 1434.794800] rtl838x-eth 1b00a300.ethernet eth0: Ring contention: r: 0, last a28000f4, cur a28000fc [ 1435.049187] rtl838x-eth 1b00a300.ethernet eth0: Ring contention: r: 0, last a28000f4, cur a28000fc
x86: geode: add kmod-crypto-ebc needed for hw acceleration
Module kmod-crypto-hw-geode provides accelerated cbc(aes) and ecb(aes) but the software implementation is also needed when AES key size isn't 128 so that the operation can fall back. Add the kmod so that it would all work as expected out of the box.
Tested-by: timur_davletshin Signed-off-by: Paul Fertser <fercerpav@gmail.com> (commit: e1e4cbd)
Functional Changes ---------- ------- - make 'imply' not impose any restrictions: allow symbols implied by y to become m - change "modules" from sub-option to first-level attribute
Bugfixes -------- - nconf: fix core dump when searching in empty menu - nconf: stop endless search loops - xconfig: fix content of the main widget - xconfig: fix support for the split view mode
Other Changes ----- ------- - highlight xconfig 'comment' lines with '***' - xconfig: navigate menus on hyperlinks - xconfig: drop support for Qt4 - improve host ncurses detection
Update the 'option modules' usage to just 'modules' in Config.in.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 009293c)
net: ethernet: mtk_eth_soc: add ipv6 flow offload support
Add the missing IPv6 flow offloading support for routing only. Hardware flow offloading is done by the packet processing engine (PPE) of the Ethernet MAC and as it doesn't support mangling of IPv6 packets, IPv6 NAT cannot be supported.
Signed-off-by: David Bentham <db260179@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: e316664)
hostapd: fallback to psk when generating r0kh/r1kh
The 80211r r0kh and r1kh defaults are generated from the md5sum of "$mobility_domain/$auth_secret". auth_secret is only set when using EAP authentication, but the default key is used for SAE/PSK as well. In this case, auth_secret is empty, and the default value of the key can be computed from the SSID alone.
Fallback to using $key when auth_secret is empty. While at it, rename the variable holding the generated key from 'key' to 'ft_key', to avoid clobbering the PSK.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> [make ft_key local] Signed-off-by: David Bauer <mail@david-bauer.net> (commit: e6df13d)
ipq40xx: limit available radio channels for GL.iNet GL-B2200
The PCIe and built-in 5GHZ radios are meant to operate on different frequency bands. The hardware enforces this via RF filters. Add this information to allow software enforcing it as well. Credits to Piotr Dymacz for the invaluable help.
This device still had the legacy flash partitioning. This is a problem, because neither the nvmem-cells for mac-address and calibration. Nor the denx,uimage mtd-splitter compatible would be picked up.
The patch also changes the node-names of the flash and partition nodes to hopefully meet all the current FDT trends.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: c420947)
Enabled `CONFIG_ALL_KMODS` and ran `make kernel_menuconfig` against ipq806x to update defconfig.
The removed symbols are in fact present in target/linux/generic/config-5.10. CONFIG_MDIO_DEVRES was likely added due to this: <https://elixir.bootlin.com/linux/v5.10.100/source/drivers/net/phy/Kconfig#L16>
Signed-off-by: John Audia <graysky@archlinux.us> (commit: c5dca80)
When Kernel 5.10 was enabled for mpc85xx, the kernel once again became too large upon decompression (>7MB or so) to decompress itself on boot (see FS#4110[1]).
There have been many attempts to fix booting from a compressed kernel on the HiveAP-330:
- b683f1c36d8a ("mpc85xx: Use gzip compressed kernel on HiveAP-330") - 98089bb8ba82 ("mpc85xx: Use uncompressed kernel on the HiveAP-330") - 26cb167a5ca7 ("mpc85xx: Fix Aerohive HiveAP-330 initramfs image")
We can no longer compress the kernel due to size, and the stock bootloader does not support any other types of compression. Since an uncompressed kernel no longer fits in the 8MiB kernel partition at 0x2840000, we need to patch u-boot to autoboot by running variable which isn't set by the bootloader on each autoboot.
This commit repartitions the HiveAP, requiring a new COMPAT_VERSION, and uses the DEVICE_COMPAT_MESSAGE to guide the user to patch u-boot, which changes the variable run on boot to be `owrt_boot`; the user can then set the value of that variable appropriately.
The following has been documented in the device's OpenWrt wiki page: <https://openwrt.org/toh/aerohive/hiveap-330>. Please look there first/too for more information.
The from-stock and upgrade from a previous installation now becomes:
0) setup a network with a dhcp server and a tftp server at serverip (192.168.1.101) with the initramfs image in the servers root directory.
1) Hook into UART (9600 baud) and enter U-Boot. You may need to enter a password of administrator or AhNf?d@ta06 if prompted. If the password doesn't work. Try reseting the device by pressing and holding the reset button with the stock OS.
2) Once in U-Boot, set the new owrt_boot and tftp+boot the initramfs image: Use copy and paste!
- Note that after this sysupgrade, the AP will be unavailable for 7 minutes to reformat flash. The tri-color LED does not blink in any way to indicate this, though there is no risk in interrupting this process, other than the jffs2 reformat being reset.
- Add a uci-default to fix the compat version. This will prevent updates from previous versions without going through the installation process.
- Enable CONFIG_MTD_SPLIT_UIMAGE_FW and adjust partitioning to combine the kernel and rootfs into a single dts partition to maximize storage space, though in practice the kernel can grow no larger than 16MiB due to constraints of the older mpc85xx u-boot platform.
- Because of that limit, KERNEL_SIZE has been raised to 16m.
- A .tar.gz of the u-boot source for the AP330 (a.k.a. Goldengate) can be found here[2].
- The stock-jffs2 partition is also removed to make more space -- this is possible only now that it is no longer split away from the rootfs.
- the console-override is gone. The device will now get the console through the bootargs. This has the advantage that you can set a different baudrate in uboot and the linux kernel will stick with it!
- due to the repartitioning, the partition layout and names got a makeover.
- the initramfs+fdt method is now combined into a MultiImage initramfs. The separate fdt download is no longer needed.
- added uboot-envtools to the mpc85xx target. All targets have uboot and this way its available in the initramfs.
Tested-by: Martin Kennedy <hurricos@gmail.com> Signed-off-by: Martin Kennedy <hurricos@gmail.com> (rewrote parts of the commit message, Initramfs-MultiImage, dropped bootargs-override, added wiki entry + link, uboot-envtools) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: cfe79f2)
mpc85xx: update lp5521 led-controller node for 5.10
The tricolor LED which is controlled by a lp5521 needed some maintenance as the driver failed to load in the current v5.10 image: | lp5521: probe of 0-0032 failed with error -22
This is because the device-tree needed to be updated to match the latest led coloring and function trends.
- removed the device name from the label - added color/function properties - added required reg and cells properties
For reference a disabled multicolor/RGB is added since this reflects the real hardware. Unfortunately, the multicolor sysfs interface isn't supported by yet.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 583ac0e)
silences the following message: > eeprom 0-0051: eeprom driver is deprecated, please use at24 instead
The chip was likely a Dallas Semiconductor and later MAXIM part before Analog Devices, Inc. bought MAXIM.
From the datasheet:
"The DS28CN01 combines 1024 bits of EEPROM with challenge-and-response authentication security implemented with the FIPS 180-1/180-2 and ISO/IEC 10118-3 Secure Hash Algorithm (SHA-1)."
...
"Write Access Requires Knowledge of the Secret and the Capability of Computing and Transmitting a 160-Bit MAC as Authorization"
OpenWrt doesn't use it. There's no in-kernel driver from what I know. Let's document that the chip is at the location.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: c752899)
apm821xx: WNDR4700: use upstream tc654 cooling devices
Upstream hwmon-maintainer had various comments about the changes to the tc654 driver. These have been addressed and the cooling device support is destined for inclusion.
One of the comments was the change of the cooling states scaling. No longer the driver uses the same values as the hwmon interface, instead the states are now the 17 states the tc654 supports.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: b0d5939)
e061299 wireless-regdb: Raise DFS TX power limit to 250 mW (24 dBm) for the US 2ce78ed wireless-regdb: Update regulatory rules for Croatia (HR) on 6GHz 0d39f4c wireless-regdb: Update regulatory rules for South Korea (KR) acad231 wireless-regdb: Update regulatory rules for France (FR) on 6 and 60 GHz ea83a82 wireless-regdb: add support for US S1G channels 4408149 wireless-regdb: add 802.11ah bands to world regulatory domain 5f3cadc wireless-regdb: Update regulatory rules for Spain (ES) on 6GHz e0ac69b Revert "wireless-regdb: Update regulatory rules for South Korea (KR)" 40e5e80 wireless-regdb: Update regulatory rules for South Korea (KR) e427ff2 wireless-regdb: Update regulatory rules for China (CN) 0970116 wireless-regdb: Update regulatory rules for the Netherlands (NL) on 6GHz 4dac44b wireless-regdb: update regulatory database based on preceding changes
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 19a9026)
- WLAN 2G MAC address is not the same as stock firmware since OpenWrt uses LAN MAC address with local bit sets.
Installation: 1. Flash initramfs image. This can be done using stock web ui or TFTP 2. Connect to OpenWrt with an SSH connection to 192.168.1.1 3. Perform sysupgrade with sysupgrade image
Revert to stock firmware: - Flash stock firmware via OEM TFTP Recovery mode - Perform sysupgrade with stock image
TFTP Recovery method: 1. Unplug the router 2. Hold the reset button and plug in 3. Release when the power LED stops flashing and go off 4. Set your computer IP address manually to 192.168.0.x / 255.255.255.0 5. Flash image with TFTP client to 192.168.0.1
Signed-off-by: Yoonji Park <koreapyj@dcmys.kr> [wrap/rephrase commit message] Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 125b9ae)
ath79: fix wndr4500v3 lan port order to match case
The LED and LAN port numbering on the case of wndr4500v3 devices are reversed relative to the wndr4300v2. I created this patch to so that the ordering in OpenWRT will be consistent with that.
Signed-off-by: Graham Cole <diakka@gmail.com> (commit: e282e50)
Use correct indent in target/linux/ramips/image/mt7621.mk to be consistent with the rest of the file.
Signed-off-by: Nick McKinney <nick@ndmckinney.net> [rephrase commit message as Adrian suggested, fix a6004ns-m indent] Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 61d97bf)
The kernel of both images will no longer fit into the 3072KiB / 3MiB kernel partition: |Image Name: ARM OpenWrt Linux-5.10.100 |Created: Sat Feb 19 00:11:55 2022 |Image Type: ARM Linux Kernel Image (uncompressed) |Data Size: 3147140 Bytes = 3073.38 KiB = 3.00 MiB
Disable both targets for now, until a solution is available. Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 5696244)
Fix the missing ;; after the cAP ac case in /e/b/01_leds.
Fixes: 93d9119 ("ipq40xx: add MikroTik cAP ac support") Signed-off-by: Robert Marko <robimarko@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (minor touch-up) (commit: c1e06a0)
Enabled CONFIG_ALL_KMODS and ran make kernel_menuconfig against bcm2708 to update defconfig. Some of the removed symbols are present in target/linux/generic/config-5.10 while others were removed by the make target.
Signed-off-by: John Audia <graysky@archlinux.us> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (wrapped) (commit: dbb4542)
Enabled CONFIG_ALL_KMODS and ran make kernel_menuconfig against bcm2709 to update defconfig. Some of the removed symbols are present in target/linux/generic/config-5.10 while others were removed by the make target.
Signed-off-by: John Audia <graysky@archlinux.us> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (wrapped) (commit: 332f695)
Enabled CONFIG_ALL_KMODS and ran make kernel_menuconfig against bcm2710 to update defconfig. Some of the removed symbols are present in target/linux/generic/config-5.10 while others were removed by the make target.
Signed-off-by: John Audia <graysky@archlinux.us> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (wrapped) (commit: a478202)
Enabled CONFIG_ALL_KMODS and ran make kernel_menuconfig against bcm2711 to update defconfig. Some of the removed symbols are present in target/linux/generic/config-5.10 while others were removed by the make target.
Signed-off-by: John Audia <graysky@archlinux.us> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (wrapped) (commit: 82da1df)
uboot-mvebu: backport pending patches for Marvell A38x
100-ddr-marvell-a38x-fix-BYTE_HOMOGENEOUS_SPLIT_OUT-deci.patch [1]: SoC Marvell A38x is used in Turris Omnia, and we thought that with recent fiddling around DDR training to fix it once for all, there were reproduced the issue in the upcoming new revision Turris Omnia boards.
101-arm-mvebu-spl-Add-option-to-reset-the-board-on-DDR-t.patch [2]: This is useful when some board may occasionally fail with DDR training, and it adds the option to reset the board on the DDR training failure
102-arm-mvebu-turris_omnia-Reset-the-board-immediately-o.patch [3]: This enables the option CONFIG_DDR_RESET_ON_TRAINING_FAILURE (added by 101 patch), so the Turris Omnia board is restarted immediately, and it does not require to reset the board manually or wait 120s for MCU to reset the board
Bootargs for devices in the realtek target were previously consolidated in commit af2cfbda2bf5 ("realtek: Consolidate bootargs"), since all devices currently use the same arguments.
Commit a75b9e3ecb61 ("realtek: Adding RTL930X sub-target") reverted this without any argumentation, so let's undo that.
Commit 0b8dfe085180 ("realtek: Add RTL931X sub-target") introduced the old bootargs also for RTL931x, without providing any actual device support. Until that is done, let's assume vendors will have done what they did before, and use a baud rate of 115200.
The RTL8231 is an external chip, and not part of the SoC. That means it is more appropriate to define it in the board specific (base) files, instead of the DT include for the SoC itself.
Moving the RTL8231 definition also ensures that boards with no GPIO expander, or an alternative one, don't have a useless gpio1 node label defined.
The assigned output index for the event timers was quite low, lower even than the ethernet interrupt. This means that high network load could preempt timer interrupts, possibly leading to all sorts of strange behaviour.
Increase the interrupt output index of the event timers to 5, which is the highest priority output and corresponds to the (otherwise unused) MIPS CPU timer interrupt.
The default value for a DT node's status property is already "okay", so there's no need to specify it again. Drop the status property to clean up the DTS.
The Realtek timer node for RTL930x doesn't have any child nodes, making the use of '#address-cells' quite pointless. It is also not an interrupt controller, meaning it makes no sense to define '#interrupt-cells'.
The I/O address for this node is also wrong, but this is hidden by the fact that the driver associated with this node bypasses the usual DT machinery and does it's own thing. Correct the address to have a sane value, even though it isn't actually used.
The I/O base address for the timers was hardcoded into the driver, or derived from the HW IRQ number as an even more horrible hack. All supported SoC families have these timers, but with hardcoded addresses the code cannot be reused right now.
Request the timer's base address from the DT specification, and store it in a private struct for future reference.
Matching the second interrupt specifier, the address range for the second timer is added to the DT specification.
This changes the configuration of engines from the global openssl.cnf to files in the /etc/ssl/engines.cnf.d directory. The engines.cnf file has the list of enabled engines, while each engine has its own configuration file installed under /etc/ssl/engines.cnf.d.
Patches were refreshed with --zero-commit.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 17a6ca1)
This enables an engine during its package's installation, by adding it to the engines list in /etc/ssl/engines.cnf.d/engines.cnf.
The engine build system was reworked, with the addition of an engine.mk file that groups some of the engine packages' definitions, and could be used by out of tree engines as well.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 30b0351)
This uses uci to configure engines, by generating a list of enabled engines in /var/etc/ssl/engines.cnf from engines configured in /etc/config/openssl:
config engine 'devcrypto' option enabled '1'
Currently the only options implemented are 'enabled', which defaults to true and enables the named engine, and the 'force' option, that enables the engine even if the init script thinks the engine does not exist.
The existence test is to check for either a configuration file /etc/ssl/engines.cnf.d/%ENGINE%.cnf, or a shared object file /usr/lib/engines-1.1/%ENGINE%.so.
The engine list is generated by an init script which is set to run after 'log' because it informs the engines being enabled or skipped. It should run before any service using OpenSSL as the crypto library, otherwise the service will not use any engine.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 0134f84)
Toplevel Make is not aware about changes in the `scripts/config/*conf` targets and this is causing issues for during update to that part of build tree, where one needs to handle this manually by either force rebuilding the targets or running `make config-clean`. Fix this by forcing the rebuild if necessary.
Fixes: #9297 Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 418dc04)
scripts/diffconfig.sh: ensure config/conf is built
diffconfig.sh runs ./scripts/config/conf, but it does not get built with 'make {menu,x,n}config. Call 'make ./scripts/config/conf' to ensure it's been built befpre running it.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: c0849c1)
base-files: make sure tools are present in sysupgrade ramdisk
Not all targets create /var/lock or touch /var/lock/fw_printenv.lock in their platform.sh. This is problematic as fw_printenv then fails in case /var/lock/fw_printenv.lock has not been created by previous calls to fw_printenv/fw_setenv before sysupgrade is run.
Targets currently using additional steps in /lib/upgrade/platform.sh to make sure /var/lock/fw_printenv.lock (or at least /var/lock) actually exists: * ath79/* (openmesh devices) * ipq40xx/* (linksys devices) * ipq806x/* (linksys devices) * kirkwood/* (linksys devices) * layerscape/* * mvebu/cortexa9 (linksys devices)
Given that accessing the U-Boot environment during sysupgrade is not uncommon and the situation across targets is currently quite diverse, just make sure both tools as well fw_env.config are always copied to the ramdisk used for sysupgrade. Also make sure /var/lock always exists.
This now allows to remove copying of fw_printenv/fw_setenv as well as fw_env.config, creation of /var/lock or even /var/lock/fw_printenv.lock from lib/upgrade/platform.sh or files included there.
As the same applies also to 'fwtool' which is used by generic eMMC sysupgrade, also always copy that to ramdisk.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 2baded9)
mediatek: mt7622: drop RAMFS_COPY_BIN and RAMFS_COPY_DATA
Now that both, fw_printenv/fw_setenv and fwtool are always present during stage2 sysupgrade, we no longer need to list them in RAMFS_COPY_BIN and RAMFS_COPY_DATA in platform.sh. Drop both variables as they are now unneeded.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: bb90430)
wolfssl: fix API breakage of SSL_get_verify_result
Backport fix for API breakage of SSL_get_verify_result() introduced in v5.1.1-stable. In v4.8.1-stable SSL_get_verify_result() used to return X509_V_OK when used on LE powered sites or other sites utilizing relaxed/alternative cert chain validation feature. After an update to v5.1.1-stable that API calls started returning X509_V_ERR_INVALID_CA error and thus rendered all such connection attempts imposible:
$ docker run -it openwrt/rootfs:x86_64-21.02.2 sh -c "wget https://letsencrypt.org" Downloading 'https://letsencrypt.org' Connecting to 18.159.128.50:443 Connection error: Invalid SSL certificate
Fixes: #9283 References: https://github.com/wolfSSL/wolfssl/issues/4879 Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: b9251e3)
Revert "scripts/diffconfig.sh: ensure config/conf is built"
This reverts commit c0849c1d9c17ba96a37b67363b5551c065e9f50d as it seems to introduce regression in config.buildinfo files produced at least by buildbots:
Enable both the hunting-and-pecking loop and hash-to-element mechanisms by default in OpenWRT with SAE.
Commercial Wi-Fi solutions increasingly frequently now ship with both hunting-and-pecking and hash-to-element (H2E) enabled by default as this is more secure and more performant than offering hunting-and-pecking alone for H2E capable clients.
The hunting and pecking loop mechanism is inherently fragile and prone to timing-based side channels in its design and is more computationally intensive to perform. Hash-to-element (H2E) is its long-term replacement to address these concerns.
For clients that only support the hunting-and-pecking loop mechanism, this is still available to use by default.
For clients that in addition support, or were to require, the hash-to-element (H2E) mechanism, this is then available for use.
Signed-off-by: Nick Lowe <nick.lowe@gmail.com> (commit: e8d048c)
base-file: remove password aging feature form /etc/shadow
In the default shadow file, as visible in the failsafe mode, the user root has value of `0` set in the 3rd field, the date of last password change. This setting means that the password needs to be changed the next time the user will log in the system. `dropbear` server is ignoring this setting but `openssh-server` tries to enforce it and fails in the failsafe mode because the rootfs is R/O.
Disable the password aging feature for user root by setting the 3rd filed empty.
AT91Bootstrap version 4 is available only for SAM9X60, SAMA5D2, SAMA5D3, SAMA5D4, SAMA7G5. Thus use v4.0.1 for the above targets and v3.10.4 for the rest of them. With the switch to v4 AT91Bootstrap binaries are now on build/binaries. Take also this into account. Also, patches directory is not needed anymore with the version update.
Add kernel support for SAMA7G5 by back-porting mainline kernel patches. Among SAMA7G5 features could be remembered: - ARM Cortex-A7 - double data rate multi-port dynamic RAM controller supporting DDR2, DDR3, DDR3L, LPDDR2, LPDDR3 up to 533MHz - peripherals for audio, video processing - 1 gigabit + 1 megabit Ethernet controllers - 6 CAN controllers - trust zone support - DVFS for CPU - criptography IPs
x86: grub2: search for the "kernel" filesystem on all disks
Previously, grub2 was hardcoded to always look on "hd0" for the kernel.
This works well when the system only had a single disk. But if there was a second disk/stick present, it may have look on the wrong drive because of enumeration races.
This patch utilizes grub2 search function to look for a filesystem with the label "kernel". This works thanks to existing setup in scripts/gen_image_generic.sh. Which sets the "kernel" label on both the fat and ext4 filesystem variants.
This commits adds GitHub CI to check that all tools compile on both Ubuntu and macOS. Since running in parrallel this should also detect badly set depdendencies within tools/Makefile.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: fb830fd)
- Call pager with original LANG environment variable - Consistently complain early if no series file is found - Fix handling of symbolic links by several commands - Tighten the patch format parsing - Reuse the shell (performance) - Document the series file format further - Document that quilt loads /etc/quilt.quiltrc - configure: Make stat configurable - series: Minor optimizations - setup: Don't obey the settings of any englobing .pc - setup: Default to fast mode - quilt.el: Fix documentation of quilt-pc-directory - quilt.el: Load /etc/quilt.quiltrc if ~/.quiltrc doesn't exist - quilt.el: Fix quilt-editable when QUILT_PATCHES_PREFIX is set
mpc85xx: HiveAP-330: add tmp125 temperature sensor
the Aerohive HiveAP-330 and HiveAP-350 come equipped with an TI TMP125 temperature chip. This patch wires up the necessary support for this sensor and exposes it through hwmon / thermal sensor framework. Upstream support is coming, but it has to go through hwmon-next first.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 8144f9c)
The Zyxel EMG2926-Q10A is 99% the Zyxel NBG6716, but the bootloader expects a different product name when flashing over TFTP. Also, the EMG2926-Q10A always has 128 MiB of NAND flash whereas the NBG6716 reportedly can have either 128 MiB or 256 MiB.
Signed-off-by: Alex Henrie <alexhenrie24@gmail.com> (commit: fe1ecf1)
scripts/diffconfig.sh: ensure config/conf is built
diffconfig.sh runs ./scripts/config/conf, but it does not get built with 'make {menu,x,n}config. Call 'make ./scripts/config/conf' to ensure it's been built before running it, aborting in case of failure.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz>[removed Fixes: due revert] (commit: 65c28d7)
ZTE MF286A and MF286R are indoor LTE category 6/7 CPE router with simultaneous dual-band 802.11ac plus 802.11n Wi-Fi radios and quad-port gigabit Ethernet switch, FXS and external USB 2.0 port.
Hardware highlights: - CPU: QCA9563 SoC at 775MHz, - RAM: 128MB DDR2, - NOR Flash: MX25L1606E 2MB SPI Flash, for U-boot only, - NAND Flash: W25N01GV 128MB SPI NAND-Flash, for all other data, - Wi-Fi 5GHz: QCA9886 2x2 MIMO 802.11ac Wave2 radio, - WI-Fi 2.4GHz: QCA9563 3x3 MIMO 802.11n radio, - Switch: QCA8337v2 4-port gigabit Ethernet, with single SGMII CPU port, - WWAN: [MF286A] MDM9230-based category 6 internal LTE modem [MF286R] PXA1826-based category 7 internal LTE modem in extended mini-PCIE form factor, with 3 internal antennas and 2 external antenna connections, single mini-SIM slot. - FXS: one external ATA port (handled entirely by modem part) with two physical connections in parallel, - USB: Single external USB 2.0 port, - Switches: power switch, WPS, Wi-Fi and reset buttons, - LEDs: Wi-Fi, Test (internal). Rest of LEDs (Phone, WWAN, Battery, Signal state) handled entirely by modem. 4 link status LEDs handled by the switch on the backside. - Battery: 3Ah 1-cell Li-Ion replaceable battery, with charging and monitoring handled by modem. - Label MAC device: eth0
The device shares many components with previous model, MF286, differing mostly by a Wave2 5GHz radio, flash layout and internal LED color. In case of MF286A, the modem is the same as in MF286. MF286R uses a different modem based on Marvell PXA1826 chip.
Internal modem of MF286A is supported via uqmi, MF286R modem isn't fully supported, but it is expected to use comgt-ncm for connection, as it uses standard 3GPP AT commands for connection establishment.
Console connection: connector X2 is the console port, with the following pinout, starting from pin 1, which is the topmost pin when the board is upright: - VCC (3.3V). Do not use unless you need to source power for the converer from it. - TX - RX - GND Default port configuration in U-boot as well as in stock firmware is 115200-8-N-1.
Installation: Due to different flash layout from stock firmware, sysupgrade from within stock firmware is impossible, despite it's based on QSDK which itself is based on OpenWrt.
STEP 0: Stock firmware update: As installing OpenWrt cuts you off from official firmware updates for the modem part, it is recommended to update the stock firmware to latest version before installation, to have built-in modem at the latest firmware version.
STEP 1: gaining root shell:
Method 1: This works if busybox has telnetd compiled in the binary. If this does not work, try method 2.
Using well-known exploit to start telnetd on your router - works only if Busybox on stock firmware has telnetd included: - Open stock firmware web interface - Navigate to "URL filtering" section by going to "Advanced settings", then "Firewall" and finally "URL filter". - Add an entry ending with "&&telnetd&&", for example "http://hostname/&&telnetd&&". - telnetd will immediately listen on port 4719. - After connecting to telnetd use "admin/admin" as credentials.
Method 2: This works if busybox does not have telnetd compiled in. Notably, this is the case in DNA.fi firmware. If this does not work, try method 3.
- Set IP of your computer to 192.168.0.22. (or appropriate subnet if changed) - Have a TFTP server running at that address - Download MIPS build of busybox including telnetd, for example from: https://busybox.net/downloads/binaries/1.21.1/busybox-mips and put it in it's root directory. Rename it as "telnetd". - As previously, login to router's web UI and navigate to "URL filtering" - Using "Inspect" feature, extend "maxlength" property of the input field named "addURLFilter", so it looks like this: <input type="text" name="addURLFilter" id="addURLFilter" maxlength="332" class="required form-control"> - Stay on the page - do not navigate anywhere - Enter "http://aa&zte_debug.sh 192.168.0.22 telnetd" as a filter. - Save the settings. This will download the telnetd binary over tftp and execute it. You should be able to log in at port 23, using "admin/admin" as credentials.
Method 3: If the above doesn't work, use the serial console - it exposes root shell directly without need for login. Some stock firmwares, notably one from finnish DNA operator lack telnetd in their builds.
STEP 2: Backing up original software: As the stock firmware may be customized by the carrier and is not officially available in the Internet, IT IS IMPERATIVE to back up the stock firmware, if you ever plan to returning to stock firmware. It is highly recommended to perform backup using both methods, to avoid hassle of reassembling firmware images in future, if a restore is needed.
Method 1: after booting OpenWrt initramfs image via TFTP: PLEASE NOTE: YOU CANNOT DO THIS IF USING INTERMEDIATE FIRMWARE FOR INSTALLATION. - Dump stock firmware located on stock kernel and ubi partitions:
And keep them in a safe place, should a restore be needed in future.
Method 2: using stock firmware: - Connect an external USB drive formatted with FAT or ext4 to the USB port. - The drive will be auto-mounted to /var/usb_disk - Check the flash layout of the device:
Differences might indicate that this is NOT a MF286A device but one of other variants. - Copy over all MTD partitions, for example by executing the following:
for i in 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do cat /dev/mtd$i > \ /var/usb_disk/mtd$i; done
"Firmware" partition can be skipped, it is a concatenation of "kernel" and "rootfs".
- If the count of MTD partitions is different, this might indicate that this is not a MF286A device, but one of its other variants. - (optionally) rename the files according to MTD partition names from /proc/mtd - Unmount the filesystem:
umount /var/usb_disk; sync
and then remove the drive. - Store the files in safe place if you ever plan to return to stock firmware. This is especially important, because stock firmware for this device is not available officially, and is usually customized by the mobile providers.
STEP 3: Booting initramfs image:
Method 1: using serial console (RECOMMENDED): - Have TFTP server running, exposing the OpenWrt initramfs image, and set your computer's IP address as 192.168.0.22. This is the default expected by U-boot. You may wish to change that, and alter later commands accordingly. - Connect the serial console if you haven't done so already, - Interrupt boot sequence by pressing any key in U-boot when prompted - Use the following commands to boot OpenWrt initramfs through TFTP:
(Replace server IP and router IP as needed). There is no emergency TFTP boot sequence triggered by buttons, contrary to MF283+. - When OpenWrt initramfs finishes booting, proceed to actual installation.
Method 2: using initramfs image as temporary boot kernel This exploits the fact, that kernel and rootfs MTD devices are consecutive on NAND flash, so from within stock image, an initramfs can be written to this area and booted by U-boot on next reboot, because it uses "nboot" command which isn't limited by kernel partition size. - Download the initramfs-kernel.bin image - After backing up the previous MTD contents, write the images to the "firmware" MTD device, which conveniently concatenates "kernel" and "rootfs" partitions that can fit the initramfs image:
- If write is OK, reboot the device, it will reboot to OpenWrt initramfs:
reboot -f
- After rebooting, SSH into the device and use sysupgrade to perform proper installation.
Method 3: using built-in TFTP recovery (LAST RESORT): - With that method, ensure you have complete backup of system's NAND flash first. It involves deliberately erasing the kernel. - Download "-initramfs-kernel.bin" image for the device. - Prepare the recovery image by prepending 8MB of zeroes to the image, and name it root_uImage:
- Set up a TFTP server at 192.0.0.1/8. Router will use random address from that range. - Put the previously generated "root_uImage" into TFTP server root directory. - Deliberately erase "kernel" partition" using stock firmware after taking backup. THIS IS POINT OF NO RETURN. - Restart the device. U-boot will attempt flashing the recovery initramfs image, which will let you perform actual installation using sysupgrade. This might take a considerable time, sometimes the router doesn't establish Ethernet link properly right after booting. Be patient. - After U-boot finishes flashing, the LEDs of switch ports will all light up. At this moment, perform power-on reset, and wait for OpenWrt initramfs to finish booting. Then proceed to actual installation.
STEP 4: Actual installation: - Set your computer IP to 192.168.1.22/24 - scp the sysupgrade image to the device:
STEP 5: WAN connection establishment Since the router is equipped with LTE modem as its main WAN interface, it might be useful to connect to the Internet right away after installation. To do so, please put the following entries in /etc/config/network, replacing the specific configuration entries with one needed for your ISP:
config interface 'wan' option proto 'qmi' option device '/dev/cdc-wdm0' option auth '<auth>' # As required, usually 'none' option pincode '<pin>' # If required by SIM option apn '<apn>' # As required by ISP option pdptype '<pdp>' # Typically 'ipv4', or 'ipv4v6' or 'ipv6'
For example, the following works for most polish ISPs config interface 'wan' option proto 'qmi' option device '/dev/cdc-wdm0' option auth 'none' option apn 'internet' option pdptype 'ipv4'
The required minimum is: config interface 'wan' option proto 'qmi' option device '/dev/cdc-wdm0' In this case, the modem will use last configured APN from stock firmware - this should work out of the box, unless your SIM requires PIN which can't be switched off.
If you have build with LuCI, installing luci-proto-qmi helps with this task.
Restoring the stock firmware:
Preparation: If you took your backup using stock firmware, you will need to reassemble the partitions into images to be restored onto the flash. The layout might differ from ISP to ISP, this example is based on generic stock firmware The only partitions you really care about are "web", "kernel", and "rootfs". These are required to restore the stock firmware through factory TFTP recovery.
Because kernel partition was enlarged, compared to stock firmware, the kernel and rootfs MTDs don't align anymore, and you need to carve out required data if you only have backup from stock FW: - Prepare kernel image cat mtd12_kernel.bin mtd13_rootfs.bin > owrt_kernel.bin truncate -s 4M owrt_kernel_restore.bin - Cut off first 1MB from rootfs dd if=mtd13_rootfs.bin of=owrt_rootfs.bin bs=1M skip=1 - Prepare image to write to "ubi" meta-partition: cat mtd6_reserved2.bi mtd7_cfg-param.bin mtd8_log.bin mtd9_oops.bin \ mtd10_reserved3.bin mtd11_web.bin owrt_rootfs.bin > \ owrt_ubi_ubi_restore.bin
You can skip the "fota" partition altogether, it is used only for stock firmware update purposes and can be overwritten safely anyway. The same is true for "data" partition which on my device was found to be unused at all. Restoring mtd5_cfg-param.bin will restore the stock firmware configuration you had before.
Method 1: Using initramfs: This method is recmmended if you took your backup from within OpenWrt initramfs, as the reassembly is not needed. - Boot to initramfs as in step 3: - Completely detach ubi0 partition using ubidetach /dev/ubi0_0 - Look up the kernel and ubi partitions in /proc/mtd - Copy over the stock kernel image using scp to /tmp - Erase kernel and restore stock kernel: (scp mtd4_kernel.bin root@192.168.1.1:/tmp/) mtd write <kernel_mtd> mtd4_kernel.bin rm mtd4_kernel.bin - Copy over the stock partition backups one-by-one using scp to /tmp, and restore them individually. Otherwise you might run out of space in tmpfs:
- If the write was correct, force a device reboot with
reboot -f
Method 2: Using live OpenWrt system (NOT RECOMMENDED): - Prepare a USB flash drive contatining MTD backup files - Ensure you have kmod-usb-storage and filesystem driver installed for your drive - Mount your flash drive
mkdir /tmp/usb
mount /dev/sda1 /tmp/usb
- Remount your UBI volume at /overlay to R/O
mount -o remount,ro /overlay
- Write back the kernel and ubi partitions from USB drive
cd /tmp/usb mtd write mtd4_kernel.bin /dev/<kernel_mtd>
mtd write mtd9_ubi.bin /dev/<kernel_ubi>
- If everything went well, force a device reboot with reboot -f
Last image may be truncated a bit due to lack of space in RAM, but this will happen over "fota" MTD partition which may be safely erased after reboot anyway.
Method 3: using built-in TFTP recovery: This method is recommended if you took backups using stock firmware. - Assemble a recovery rootfs image from backup of stock partitions by concatenating "web", "kernel", "rootfs" images dumped from the device, as "root_uImage" - Use it in place of "root_uImage" recovery initramfs image as in the TFTP pre-installation method.
Quirks and known issuesa - It was observed, that CH340-based USB-UART converters output garbage during U-boot phase of system boot. At least CP2102 is known to work properly. - Kernel partition size is increased to 4MB compared to stock 3MB, to accomodate future kernel updates - at this moment OpenWrt 5.10 kernel image is at 2.5MB which is dangerously close to the limit. This has no effect on booting the system - but keep that in mind when reassembling an image to restore stock firmware. - uqmi seems to be unable to change APN manually, so please use the one you used before in stock firmware first. If you need to change it, please use protocok '3g' to establish connection once, or use the following command to change APN (and optionally IP type) manually: echo -ne 'AT+CGDCONT=1,"IP","<apn>' > /dev/ttyUSB0 - The only usable LED as a "system LED" is the blue debug LED hidden inside the case. All other LEDs are controlled by modem, on which the router part has some influence only on Wi-Fi LED. - Wi-Fi LED currently doesn't work while under OpenWrt, despite having correct GPIO mapping. All other LEDs are controlled by modem, including this one in stock firmware. GPIO19, mapped there only acts as a gate, while the actual signal source seems to be 5GHz Wi-Fi radio, however it seems it is not the LED exposed by ath10k as ath10k-phy0. - GPIO5 used for modem reset is a suicide switch, causing a hardware reset of whole board, not only the modem. It is attached to gpio-restart driver, to restart the modem on reboot as well, to ensure QMI connectivity after reboot, which tends to fail otherwise. - Modem, as in MF283+, exposes root shell over ADB - while not needed for OpenWrt operation at all - have fun lurking around. The same modem module is used as in older MF286.
ipq806x: Increase kernel size to 4 MB for EA8500/EA7500v1
Increase the kernel size from 3 MB to 4 MB for EA8500 and EA7500v1. * modify the common .dtsi * modify the kernel size in the image recipes
Define compat-version 2.0 to force factory image usage for sysupgrade. Add explanation message. Reenable both devices.
As for 4MiB (and not more): Hannu Nyman noted that: "We have lots of ipq806x devices with 4 MB kernel, so will need action at that point in future in any case. (Assuming that the bootloader did not have a 4 MB limit that has been tested...)"
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> (squashed, added 4MiB notice of support in ipq806x) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: ec32c4e)
<https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0> "Mbed TLS 2.28 is a long-time support branch. It will be supported with bug-fixes and security fixes until end of 2024."
<https://github.com/ARMmbed/mbedtls/blob/development/BRANCHES.md> "Currently, the only supported LTS branch is: mbedtls-2.28. For a short time we also have the previous LTS, which has recently ended its support period, mbedtls-2.16. This branch will move into the archive namespace around the time of the next release."
this will also add support for uacme ualpn support.
at91: remove pm debug features from sama5 kernel config
Remove PM debug features from sama5 kernel config. It is not necessary to have it on production code. This also fixes the build for sama5 target after commit 97158fe10e60 ("kernel: package ramoops pstore-ram crash log storage)
iucode-tool: fix host-compile on macos and non-x86 linux
iucode-tool/host is used by intel-microcode to manipulate with microcode.bin file. iucode-tool requires cpuid.h at compile time for autodection feature, but non-x86 build hosts does not have this header file (e.g. ubuntu 20.04 aarch64) or this header generates compile time error (#error macro) (e.g. macos arm64).
This patch provides compat cpuid.h to build iucode-tool/host on non-x86 linux hosts and macos. CPU autodectection is not required for intel-microcode package build so compat cpuid.h is ok for OpenWrt purposes.
glibc and argp lib are not present in macos so iucode-tool/host build fails. This patch adds argp-standalone/host as build dependency if host os is macos.
Generated ucode (intel-microcode package) is exactly the same on Linux x86_64 (Ubuntu 20.04), Linux aarch64 (Ubuntu 20.04) and Darwin arm64 (MacOS 11.6) build hosts.
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in> (commit: e6a4f30)
Debians' changelog by Henrique de Moraes Holschuh <hmh@debian.org>:
* upstream changelog: new upstream datafile 20220207 * Mitigates (*only* when loaded from UEFI firmware through the FIT) CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through debug port, on Pentium, Celeron and Atom processors with signatures 0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8 https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145 * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint may cause a system hang, on many processors. * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due to improper sanitization of shared resources (fast-store forward predictor), on many processors. * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some Atom Processors may allow information disclosure or denial of service via network access. * Fixes critical errata (functional issues) on many processors * Adds a MSR switch to enable RAPL filtering (default off, once enabled it can only be disabled by poweroff or reboot). Useful to protect SGX and other threads from side-channel info leak. Improves the mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many processors. * Disables TSX in more processor models. * Fixes issue with WBINDV on multi-socket (server) systems which could cause resets and unpredictable system behavior. * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket Lake) processors, to control a fix for (hopefully rare) unpredictable processor behavior when HyperThreading is enabled. This MSR switch is enabled by default on *server* processors. On other processors, it needs to be explicitly enabled by an updated UEFI/BIOS (with added configuration logic). An updated operating system kernel might also be able to enable it. When enabled, this fix can impact performance. * Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912 sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552 sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472 sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840 sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864 sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672 sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672 sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648 sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552 sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408 sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384 sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544 sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264 sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840 sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752 sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776 sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592 sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816 sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256 sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376 sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448 sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480 sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496 sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208 sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184 sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400 * Removed Microcodes: sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 * update .gitignore and debian/.gitignore. Add some missing items from .gitignore and debian/.gitignore. * ucode-blacklist: do not late-load 0x406e3 and 0x506e3. When the BIOS microcode is older than revision 0x7f (and perhaps in some other cases as well), the latest microcode updates for 0x406e3 and 0x506e3 must be applied using the early update method. Otherwise, the system might hang. Also: there must not be any other intermediate microcode update attempts [other than the one done by the BIOS itself], either. It must go from the BIOS microcode update directly to the latest microcode update. * source: update symlinks to reflect id of the latest release, 20220207
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 1753f8c)
706e9cc tplink-safeloader: support for Archer A6 v3 JP 497726b firmware-utils: support checksum for AVM fritzbox wasp SOCs 2ca6462 iptime-crc32: add support for AX8004M 57d0e31 tplink-safeloader: TP-Link EAP615-Wall v1 support 8a8da19 tplink-safeloader: add TL-WPA8631P v3 support eea4ee7 tplink-safeloader: add TP-Link Archer A9 v6 support
Stock firmware uses a random MAC address for ethernet. OpenWrt uses the MAC address that is on the device label for ethernet and the wireless interfaces. MAC address must not be incremented, as this will cause MAC address conflicts in case you have two devices with consecutive MAC addresses. Instead, different locally administered addresses will be generated automatically, based on the MAC on the label.
Installation via stock firmware: * Enable SSH in the TP-Link web interface * SSH to the device * Run `cliclientd stopcs` * Upload the OpenWrt factory image via the TP-Link web interface
Installation via bootloader: * Solder TTL header. Pinout: 1: TX, 2: RX, 3: GND, 4: VCC, with pin 1 closest to ETH1. Baud rate 115200 * Interrupt boot process by holding a key during boot * Boot the OpenWrt initramfs: # tftpboot 0x84000000 openwrt-ramips-mt7621-tplink_eap615-wall-v1-initramfs-kernel.bin # bootm * Copy openwrt-ramips-mt7621-tplink_eap615-wall-v1-squashfs-sysupgrade.bin to /tmp and use sysupgrade to install it
Thanks to Sander Vanheule for his work on the EAP235-Wall, which made adding support for the EAP615-Wall very easy.
Bump the last missing target to Kernel 5.10. While this requires a work around to boot it will allow more people to test the new Kernel before the upcomming release.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 493b60d)
ALFA Network Tube-2HQ is a successor of the Tube-2H/P series (EOL) which was based on the Atheros AR9331. The new version uses Qualcomm QCA9531.
Specifications:
- Qualcomm/Atheros QCA9531 v2 - 650/400/200 MHz (CPU/DDR/AHB) - 64 or 128 MB of RAM (DDR2) - 16+ MB of flash (SPI NOR) - 1x 10/100 Mbps Ethernet with passive PoE input (24 V) (802.3at/af PoE support with optional module) - 1T1R 2.4 GHz Wi-Fi with external PA (SE2623L, up to 27 dBm) and LNA - 1x Type-N (male) antenna connector - 6x LED (5x driven by GPIO) - 1x button (reset) - external h/w watchdog (EM6324QYSP5B, enabled by default) - UART (4-pin, 2.00 mm pitch) header on PCB
Flash instruction:
You can use sysupgrade image directly in vendor firmware which is based on LEDE/OpenWrt. Alternatively, you can use web recovery mode in U-Boot:
1. Configure PC with static IP 192.168.1.2/24. 2. Connect PC with one of RJ45 ports, press the reset button, power up device, wait for first blink of all LEDs (indicates network setup), then keep button for 3 following blinks and release it. 3. Open 192.168.1.1 address in your browser and upload sysupgrade image.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: 131671b)
TP-Link Archer A9 v6 (FCCID: TE7A9V6) is an AC1900 Wave-2 gigabit home router based on a combination of Qualcomm QCN5502 (most likely a 4x4:4 version of the QCA9563 WiSOC), QCA9984 and QCA8337N.
The vendor's firmware content reveals that the same device might be available on the US market under name 'Archer C90 v6'. Due to lack of access to such hardware, support introduced in this commit was tested only on the EU version (sold under 'Archer A9 v6' name).
Based on the information on the PL version of the vendor website, this device has been already phased out and is no longer available.
Specifications:
- Qualcomm QCN5502 (775 MHz) - 128 MB of RAM (DDR2) - 16 MB of flash (SPI NOR) - 5x Gbps Ethernet (Qualcomm QCA8337N over SGMII) - Wi-Fi: - 802.11b/g/n on 2.4 GHz: Qualcomm QCN5502* in 4x4:4 mode - 802.11a/n/ac on 5 GHz: Qualcomm QCA9984 in 3x3:3 mode - 3x non-detachable, dual-band external antennas (~3.5 dBi for 5 GHz, ~2.2 dBi for 2.4 GHz, IPEX/U.FL connectors) - 1x internal PCB antenna for 2.4 GHz (~1.8 dBi) - 1x USB 2.0 Type-A - 11x LED (4x connected to QCA8337N, 7x connected to QCN5502) - 2x button (reset, WPS) - UART (4-pin, 2.54 mm pitch) header on PCB (not populated) - 1x mechanical power switch - 1x DC jack (12 V)
*) unsupported due to missing support for QCN550x in ath9k
UART system serial console notice:
The RX signal of the main SOC's UART on this device is shared with the WPS button's GPIO. The first-stage U-Boot by default disables the RX, resulting in a non-functional UART input. If you press and keep 'ENTER' on the serial console during early boot-up, the first-stage U-Boot will enable RX input.
Vendor firmware allows password-less access to the system over serial.
Flash instruction (vendor GUI):
1. It is recommended to first upgrade vendor firmware to the latest version (1.1.1 Build 20210315 rel.40637 at the time of writing). 2. Use the 'factory' image directly in the vendor's GUI.
Flash instruction (TFTP based recovery in second-stage U-Boot):
1. Rename 'factory' image to 'ArcherA9v6_tp_recovery.bin' 2. Setup a TFTP server on your PC with IP 192.168.0.66/24. 3. Press and hold the reset button for ~5 sec while turning on power. 4. The device will download image, flash it and reboot.
Flash instruction (web based recovery in first-stage U-Boot):
1. Use 'CTRL+C' during power-up to enable CLI in first-stage U-Boot. 2. Connect a PC with IP set to 192.168.0.1 to one of the LAN ports. 3. Issue 'httpd' command and visit http://192.168.0.1 in browser. 4. Use the 'factory' image.
If you would like to restore vendor's firmware, follow one of the recovery methods described above.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: 9c335ac)
In scripts/check-toolchain-clean.sh line 2: eval `grep CONFIG_GCC_VERSION .config` ^-- SC2046 (warning): Quote this to prevent word splitting. ^-- SC2006 (style): Use $(...) notation instead of legacy backticks `...`.
Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 9116096)
It seems, that there are currently some unhandled corner cases in which `.toolchain_build_ver` results in empty file and thus forcing rebuilds, even if the toolchain was build correctly just a few moments ago. Until proper fix is found, workaround that by checking for this corner case and simply populate `.toolchain_build_ver` file.
While at it, improve the UX and display version mismatch, so it's more clear what has forced the rebuild:
"Toolchain build version changed (11.2.0-1 != ), running make targetclean"
References: https://gitlab.com/ynezz/openwrt/-/jobs/2133332533/raw Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 57f7a86)
ipq806x: base-files: asrock: fix bootcount include
Fixes following warning message during image building process:
Finalizing root filesystem... root-ipq806x/lib/upgrade/asrock.sh: line 1: /lib/functions.sh: No such file or directory Enabling boot root-ipq806x/lib/upgrade/asrock.sh: line 1: /lib/functions.sh: No such file or directory Enabling bootcount
Fixes #9350
Fixes: 98b86296e67d ("ipq806x: add support for ASRock G10") Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: fc317a1)
Fixes following missing kernel config symbol after adding GPIO watchdog:
Software watchdog (SOFT_WATCHDOG) [M/n/y/?] m Watchdog device controlled through GPIO-line (GPIO_WATCHDOG) [Y/n/m/?] y Register the watchdog as early as possible (GPIO_WATCHDOG_ARCH_INITCALL) [N/y/?] (NEW)
'iptables-mod-' can be used directly by firewall3, by iptables and by iptables-nft. They are not linked to iptables but to libxtables, so fix the dependencies to allow to remove iptables(-legacy)
iptables-nft doesn't depend on libip{4,6}tc, so move libiptext* libs in their own packages to clean up dependencies Rename libxtables-nft to libiptext-nft
Ran `make kernel_menuconfig CONFIG_TARGET=bcm2711` having used the snapshot config for bcm2711[1]. Manually added back two symbols that the make target removed, namely: * # CONFIG_SND_SOC_AD193X_I2C is not set * # CONFIG_SND_SOC_AD193X_SPI is not set
Without adding these back, the build fails due to unsatisfied deps[2].
Ran `make kernel_menuconfig CONFIG_TARGET=bcm2710` having used the snapshot config for bcm2710[1]. Manually added back two symbols that the make target removed, namely: * # CONFIG_SND_SOC_AD193X_I2C is not set * # CONFIG_SND_SOC_AD193X_SPI is not set
Using `make -j9` only prints a subset of messages to follow the build process progressing. However this silently skips over errors which might be of interested. Using `make V=s` easily floods the terminal making it hard to find error messages between the lines.
A compromise is the usage of `$(call ERROR_MESSAGE,...)` which prints a message in red. This function is silenced in the non-verbose mode, even if only used at a single place in `package/Makefile` where it notifies about a OPKG corner case.
This commit moves the `ERROR_MESSAGE` definition outside of the `OPENWRT_VERBOSE` condition and print error messages in every mode.
With this in place further error messages are possible.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: aee3594)
image-commands.mk: Use ERROR_MESSAGE for imagesize fails
If a image is bigger than the device can handle, an error message is printed. This is usually silenced and silently ignored, making it harder to debug. While it's possible to run the build in verbose mode (via `make V=s`) and grep for *is too big*, it's more intuitive to print the error message directly. For that use the newly unlocked `$(call ERROR_MESSAGE,...)` definition which now also print in non-verbose mode.
Fixes: FS#50 (aka #7604)
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: a947849)
For debugging purposes, we need to know if users are using modified U-boot versions or not. Currently, the U-boot version is somehow stripped. This is a little bit problematic when there are backported/wip/to-upstream patches.
To make it more confusing, there was (before this commit) two U-boot versioning. U-boot compiled by OpenWrt build bots are missing ``Build:`` This is also the case when the U-boot is compiled locally.
In both cases, it is not clear to U-boot developers if it is an unmodified build. This is also caused that there is a missing ``.git`` file from U-boot folder, and so there is no history. It leads to that it can not contain suffix ``-dirty`` (uncommitted modifications) or even something else like number of commits, etc. [1]
When U-boot is compiled as it should be, the version should look like this: ``U-Boot 2022.04-rc1-01173-g278195ea1f (Feb 11 2022 - 14:46:50 +0100)`` The date is not changed daily when there are new OpenWrt builds.
This commit adds OpenWrt specific version, which could be verified by using strings.
* In some situations the X.509 verifier would discard an error on an unverified certificate chain, resulting in an authentication bypass. Thanks to Ilya Shipitsin and Timo Steinlein for reporting. ```
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com> (commit: 495c4f4)
Update to the latest upstream version. In this version there is a new tool with which you can convert ipsets into nftables sets. Since we are now using nftables as default firewall, this could be a useful tool for porting ipsets to nftables sets.
kernel: 5.10: allocate last level PTEs in high memory
Enable support for allocating user space page table entries in high memory [1], for the targets which support this feature. This saves precious low memory (permanently mapped, the only type of memory directly accessible by the kernel).
The /tmp directory is mounted as tmpfs. The tmpfs filesystem is backed by anonymous memory, which means it can be swapped out at any time, if there is memory pressure [1]. For this reason, a zram swap device is a much better choice than mounting /tmp on zram, since it's able to compress all anonymous memory, and not just the memory assigned to /tmp. We already have the zram-swap package for this specific purpose, which means procd's tmp-on-zram is both redundant and more limited.
A follow-up patch will remove support for mounting /tmp in zram from procd itself.
U-Boot firmware images can contain only 2 UBI volumes: bootfs (container with U-Boot + kernel + DTBs) and rootfs (e.g. squashfs). There is no way to include "rootfs_data" UBI volume or make firmware file tell U-Boot to create one.
For that reason "rootfs_data" needs to be created dynamically. Use preinit script to handle that. Fire it right before "mount_root" one.
2. Relate "rootfs_data" to flashed firmware
As already explained flashing new firmware with U-Boot will do nothing to the "rootfs_data". It could result in new firmware reusing old "rootfs_data" overlay UBI volume and its file. Users expect a clean state after flashing firmware (even if flashing the same one).
Solve that by reading flash counter of running firmware and storing it in "rootfs_data" UBI volume. Every mismatch will result in wiping old data.
uboot-mvebu: backport patch to fix nvme detail crash
Steps to reproduce: 1. Insert NVMe disk with a reduction to Turris Omnia 2. Go to U-boot 3. Run these two commands: a) ``nvme scan`` b) ``nvme detail`` 4. Wait for crash
This is backported from U-boot upstream repository. It should be included in the upcoming release - 2022.04 [1].
It was tested on Turris Omnia, mvebu, cortex-a9, OpenWrt master.
The XMC XM25QH128C is a 16MB SPI NOR chip. The patch is verified on Ruijie RG-EW3200GX PRO. Datasheet available at https://www.xmcwh.com/uploads/435/XM25QH128C.pdf
Signed-off-by: Langhua Ye <y1248289414@outlook.com> (commit: df1383f)
MAC addresses as verified by OEM firmware: use address source WAN *:F4 ethaddr@product_info LAN *:F5 5g *:F6 2g *:F7
Flash instruction: 1. Serve the initramfs.img using a TFTP server with address 10.10.10.3. 2. Interrupt the uboot startup process via UART. 3. Select "System Load Linux to SDRAM via TFTP" item. 4. (important) Back up firmware(mtd7) partitions with: dd if=/dev/mtd7 of=/tmp/firmware.bin and then download the firmware.bin image via SCP. 5. Flash the OpenWrt sysupgrade firmware.
Recovery stock firmware: 1. Transfer the firmware.bin image to the device. 2. Flash the image with: mtd write firmware.bin firmware
Signed-off-by: Langhua Ye <y1248289414@outlook.com> (commit: ce8a33b)
uboot-envtools: mt7622: add support for Ruijie RG-EW3200GX PRO
Add U-Boot environment settings for Ruijie RG-EW3200GX PRO to allow users to access the bootloader environment using fw_printenv/fw_setenv while running OpenWrt.
Signed-off-by: Langhua Ye <y1248289414@outlook.com> (commit: d15f9b9)
This adds the new tc-bpf variant and removes libxtables dependency from the tc-tiny variant. The tc-full variant stays like before and contains everything.
This allows to use tc without libxtables.
The variants have the following sizes: root@OpenWrt:/# ls -al /usr/libexec/tc-* -rwxr-xr-x 1 root root 282453 Mar 1 21:55 /usr/libexec/tc-bpf -rwxr-xr-x 1 root root 282533 Mar 1 21:55 /usr/libexec/tc-full -rwxr-xr-x 1 root root 266037 Mar 1 21:55 /usr/libexec/tc-tiny
Installation ------------ Installation is possible from the OEM web interface. Make sure to install the latest OEM firmware first, so that the PLC firmware is at the latest version. However, please first check the OpenWRT Wiki page for confirmation that your OEM firmware version is supported.
Signed-off-by: Joe Mullally <jwmullally@gmail.com> (commit: 6c743c3)
kernel: move parser_trx patches of custom magic to generic
This patch moves the patches of parser_trx in mediatek target to generic/backport-5.10 to use the changes from ramips target and backport the additional patch of the parser.
This patch enable parser_trx and disable mtdsplit_trx for mt76x8 subtarget. The trx format is used only on Buffalo WCR-1166DS in mt76x8 subtarget and the parser need to be switched to parser_trx to use the custom magic number in the header for WCR-1166DS.
Buffalo WCR-1166DS uses trx-fomatted firmware and the custom magic number (0x5C436F74, "\Cot") is required for OpenWrt installation from OEM WebUI. But the current mtdsplit_trx doesn't support the custom magic number and fail to parse and split to kernel and rootfs when the factory image is flashed. Then, the kernel fails to mount rootfs automatically and panics.
Before the commit fddc78bc116bc043fb5cd92dbc45cfd054c21af8, mtdsplit_trx was patched in ramips target and the device-specific magic number was supported only for WCR-1166DS[1]. But the patch was not inherited to the later version of the kernel and deleted by the above commit, then, the custom magic number support was broken.
realtek: net: dsa: configure better brport flags when ports leave the bridge
Ensures that the DSA driver sets exactly the same default flags as the bridge when a port joins or leaves. Without this we end up with a confusing flag mismatch, where DSA and bridge ports use different sets of flags.
This is critical as the "learning" mismatch will be harmful to the network, causing all traffic to be flooded on all ports.
The original commit was buggy, trying to set the flags one-by-one in a loop. This was not supported by the API and the end result was that all but the last flag were cleared. This bug was implicitly fixed upstream by commit e18f4c18ab5b ("net: switchdev: pass flags and mask to both {PRE_,}BRIDGE_FLAGS attributes").
This is a minimum temporary stop measure fix for the critical lack of "learning" only. The major API change associated with a full v5.12+ backport is neither required nor wanted. A simpler fix, moving the call to dsa_port_bridge_flags() out of the loop, has therefore been merged into this modified backport.
3276aed81c73 move run_cmd() to main.c 558eabc13c64 map: move dns host based lookup code to a separate function 6ff06d66c36c dns: add code for snooping dns packets a78bd43c4a54 ubus: remove dnsmasq subscriber 9773ffa70f1f map: process dns patterns in the order in which they were defined f13b67c9a786 dns: allow limiting dns entry matching to cname name
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 7591499)
1. Boot BSH-G24MB normally 2. Connect BSH-G24MB to the DHCP enabled network 3. Find the device's IP address and open the WebUI and login Note: by default, the device obtains IP address from DHCP server of the network 4. Open firmware update page ("ファームウェア アップデート") 5. Rename the OpenWrt sysupgrade image to "bsh-g24mb_v100.image" and select it 6. Press apply ("適用") button to perform update 7. Wait ~150 seconds to complete flashing
Note:
- BSH-G24MB has a power-related LED ("電源"), but it's not connected to the GPIO of the SoC or RTL8231 and cannot be controlled. Instead of it, use system status LED on other than running-state.
- "sys_loop" LED indicates system status and loop-detection status in stock firmware.
- BSH-G24MB has 2x os-image partitions named as "RUNTIME"/"RUNTIME2" in 16 MiB SPI-NOR flash and the size of image per partition is only 6848 KiB. The secondary image is never used on stock firmware, so also use it on OpenWrt to get more space.
ipq806x: provide ramoops for R7800/XR500 by default
Add kmod-ramoops to the default set of device packages in R7800 and XR500, so that the ramoops kernel crash logs are provided by default for these routers.
The capability was earlier defined by 97158fe1 and cf346dfa, but the feature was not yet turned on by default.
The possible kernel crashes are stored into /sys/fs/pstore/*
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> (commit: 549f869)
Flashing: TFTP boot initramfs image and then perform sysupgrade. Follow common MikroTik procedure as in https://openwrt.org/toh/mikrotik/common.
Note: following 781d4bfb397cdd12ee0151eb66c577f470e3377d The network setup avoids using the integrated switch and connects the single Ethernet port directly. This way, link speed (10/100 Mbps) is properly reported by eth0.
This adds support for the Renkforce WS-WN530HP3-A ceiling- mountable Wireless Access Point, which is powered over PoE. Hardware: - SoC: Mediatek MT7621DAT - RAM: 128MiB on SoC - Flash: 16MiB GigaDevice GD25Q128C - 2.4Ghz Wifi: Mediatek MT603EN - 5GHz Wifi: MT613BEN - Ethernet: - 1x 1GBit WAN port, passive PoE capable - 2x 1GBit LAN ports LEDs: 1x Bi-Color LED (red/blue) Buttons: 1x Reset Button, 1x Power Button
Installation: Power on the access point and immedately press the reset button for 10 seconds. Connect web-browser to 192.168.10.1 and upload sysupgrade image. Flash uploaded image and wait about 2 minutes for reboot.
Zip uses DOS timestamp for mtime which is stored in local time and hence depends on the timezone of the build system. Force zip to use UTC timezone to make image builds more reproducible.
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: e42764c)
Remove "--mtime" option introduced in commit 18c9faa03211 ("tools: zip: add option for reproducible archives") and instead fetch SOURCE_DATE_EPOCH environment variable directly in the code.
Ref: https://sourceforge.net/p/infozip/patches/25/ Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 39d0647)
Zip always try to generate new encryption header depending on execution time and process id, which is far from being reproducible. This commit changes the zip srand() seed to a predictable value to generate reproducible random bytes for the encryption header. This will compromise the goal of secure archive encryption, but it would not be a big problem for our purpose.
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 4f3a565)
Installation via **recovery** mode: 1. Download the Asus recovery firmware (windows) tool from http://dlcdnet.asus.com/pub/ASUS/LiveUpdate/Release/Wireless/Rescue.zip 2. Set your ethernet IP manually 192.168.1.5 / 255.255.255.0 with NO gateway. 3. Plug in your ethernet to LAN port 1 on the router. 4. Load up the recovery software with the firmware file, but don't press "Upload" yet. 5. Plug in the router to power WHILE HOLDING the reset button in. While CONTINUING to hold the button, select "Upload" Continue to hold the reset button in until it finishes and verifies! 6. If that doesn't work try pressing "Upload" first just before you do step 5. At some point while holding reset the rescue tool will finally detect and upload the firmware. That's when you can let go of the reset button. 7. The router will reboot and not much will happen. Wait a minute or 2. 8. Power off and on the router again. Voila. Set everything your Ethernet IP back to DHCP (automatically) and you're good to go.
Revert to stock firmware: 1. Install stock image via recovery mode.
Tested-by: Ivan Pavlov <AuthorReflex@gmail.com> Signed-off-by: Ray Wang <raywang777@foxmail.com> (commit: 3c4810f)
Installation: * Vendor's firmware is OpenWrt (LEDE) based, so the sysupgrade image can be directly used to install OpenWrt. Firmware must be upgraded using the 'force' and 'do not save configuration' command line options (or correspondig web interface checkboxes) since the vendor firmware is from the pre-DSA era.
Recovery Mode: * Press reset button, power up the device, wait for about 10sec. * Upload sysupgrade image through the firmware recovery mode web page at 192.168.1.1.
In commit ee66fe4ea9a6 ("ramips: convert DEVICE_TITLE to new variables"), DEVICE_VENDOR of some unbranded devices were set incorrectly: * WR512-3GN is not a dev board from Ralink. * "XDX-RN502J" is the whole model name and should be not split.
This patch sets their DEVICE_VENDOR to "Unbranded", and changes their DTS model properties accordingly.
Ref: d0bf15f23595 ("ramips: add support for A5-V11 board (resubmit)") Ref: 9085b05d9e71 ("ramips: rt305x: support for wr512-3gn-like routers") Ref: 0e486d2fd297 ("ramips: add support for unbranded XDX-RN502J board") Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 94d4269)
ramips: allow USB power control on TP-Link MR3020v3
By switching EPHY_LED4_N_JTRST_N from EPHY_LED4_N to GPIO#39 we can control USB port power an all current revisions of MR3020v3. It was not a thing on some first revisions, pin was unused. But for now on all current MR3020v3 boards EPHY_LED4_N_JTRST_N pin is connected to USB power key. Also it was not used as EPHY indicator on any revision of the board.
Signed-off-by: Dmitry Chigiryov <dmitry.chigiryov@ya.ru> [changed author address (used SoB one)] Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 9d06f1a)
Artifacts can only be uploaded from inside the GITHUB_WORKSPACE. While the Linux CI jobs run inside that per default, a special case-sensitive mount outside the GITHUB_WORKSPACE is used for macOS builds.
To make log artifacts work for both macOS and Linux, move logs/ folder to GITHUB_WORKSPACE on failures.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: a5eeac8)
Previously libxt_socket.so was included in iptables-mod-tproxy. It was missed out when trying to make kmod-ipt-socket and kmod-ipt-tproxy separate packages
Fixes: 4f443c88 ("netfilter: separate packages for kmod-ipt-socket and kmod-ipt-tproxy") Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> (commit: 289fbc5)
Add patch found in Teltonika RUT9_R_00.07.01.4 GPL SDK download[1] adding USB IDs of the MeigLink SLM750 to the relevant kernel drivers. Newer versions of Teltonika's 2G/3G/4G RUT9XX WWAN router series come with this kind of modem.
[1]: https://wiki.teltonika-networks.com/view/GPL Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 802df09)
This driver is needed to boot from CompactFlash on the Siemens Futro S400. The device has an AMD NX1500 CPU, which seems to be unsupported by the geode subtarget, so it must use legacy.
The ChipIdea USB kernel driver gained support for disabling glue drivers in 5.8, see upstream commmit: 95caa2ae70fd ("usb: chipidea: allow disabling glue drivers if EMBEDDED").
This enables 'CONFIG_USB_CHIPIDEA_IMX' in the 'imx' target kernel config which brings back USB support.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: 25d1c85)
uqmi: set CID during 'query-data-status' operation
Modems used in ZTE mobile broadband routers require to query the data session status using the same CID as one used to establish the session, otherwise they will report the session as "disconnected" despite reporting correct PDH in previous step. Without this change, IPv6 connection on these modems doesn't establish properly. In IPv4 this bug is present as well, but for some reason querying of IPv4 status works using temporary CID, this however seems noncompliant with QMI specifications, so fix it as well.
OpenWrt uses a lot of (b)ash scripts for initial setup. This isn't the best solution as they almost never consider syncing files / data. Still this is what we have and we need to try living with it.
Without proper syncing OpenWrt can easily get into an inconsistent state on power cut. It's because: 1. Actual (flash) inode and data writes are not synchronized 2. Data writeback can take up to 30 seconds (dirty_expire_centisecs) 3. ubifs adds extra 5 seconds (dirty_writeback_centisecs) "delay"
Some possible cases (examples) for new files: 1. Power cut during 5 seconds after write() can result in all data loss 2. Power cut happening between 5 and 35 seconds after write() can result in empty file (inode flushed after 5 seconds, data flush queued)
Above affects e.g. uci-defaults. After executing some migration script it may get deleted (whited out) without generated data getting actually written. Power cut will result in missing data and deleted file.
There are three ways of dealing with that: 1. Rewriting all user-space init to proper C with syncs 2. Trying bash hacks (like creating tmp files & moving them) 3. Adding sync and hoping for no power cut during critical section
This change introduces the last solution that is the simplest. It reduces time during which things may go wrong from ~35 seconds to probably less than a second. Of course it applies only to IO operations performed before /etc/init.d/boot . It's probably the stage when the most new files get created.
All later changes are usually done using smarter C apps (e.g. busybox or uci) that creates tmp files and uses rename() that is expected to be atomic.
Dual-Q H721 is a router platform board, it is the smaller model of the U7621-06.
The device has the following specifications:
MT7621AT (880 MHz) 256 of RAM (DDR3) 16 MB of FLASH (MX25l12805d SPI) 5x 1 Gbps Ethernet (MT7621 built-in switch) 1x M.2 (NGFF) 3.7V 3A max for 5G M.2 Modem work at USB3.0 mode 1x Minipcie 3.7V 3A max for LTE Modem work at USB2.0 Mode 2x Minipcie for WIFI card 4x Lan+1x Wan 10/100M/1000M RJ45 port 14x LEDs (1x GPIO-controlled) 1x reset button 1x UART header (4-pins) 1x mico SD-card reader 1x DC jack for main power (5~27 V)
The following has been tested and is working:
Ethernet switch miniPCIe slots (tested with Wi-Fi cards and LTE modem cards) miniSIM slot (works with normal size simcard) sysupgrade reset button micro SD-card reader
Installation:
This board has no locked down bootloader. The seller can be asked to install openwrt, so upgrades are standard sysupgrade method.
Recovery:
This board contains a Chinese, closed-source bootloader called Breed (Boot and Recovery Environment for Embedded Devices). Breed supports web recovery and to enter it, you keep the reset button pressed for around 5 seconds during boot. Your machine will be assigned an IP through DHCP and the router will use IP address 192.168.1.1. The recovery website is in Chinese, but is easy to use. Click on the second item in the list to access the recovery page, then the second item on the next page is where you select the firmware. In order to start the recovery, you click the button at the bottom.
Signed-off-by: Dawsen Gao <dawsen_gao@163.com> [change author name (used SoB one), add ethernet pinctrl, apply sorting to device recipe] Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: b3da44b)
ipset: add backport patch for IPv6 nftables ipset-translation
When porting mwan3 from iptables to nftables I tried the new translation tool for ipset ipset-translate. I noticed that no IPv6 ipset can be created with the tool. I have reported the problem to the upstream project and the following patch fixes the problem.
Until this upsream is included in a new release, this patch should be used in Openwrt.
* If "Active Image" has the first option selected, OpenWrt will need to be flashed to the "Active" partition. If the second option is selected, OpenWrt will need to be flashed to the "Backup" partition.
* Navigate to Maintenance > Firmware > Upload
* Upload the openwrt-realtek-rtl838x-zyxel_gs1900-24-v1-initramfs-kernel.bin file by your preferred method to the previously determined partition. When prompted, select to boot from the newly flashed image, and reboot the switch.
* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:
* Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10).
* Set up a TFTP server on your client and make it serve the initramfs image.
* Connect serial, power up the switch, interrupt U-boot by hitting the space bar, and enable the network:
> rtk network on
> Since the GS1900-24 v1 is a dual-partition device, you want to keep the OEM firmware on the backup partition for the time being. OpenWrt can only be installed in the first partition anyway (hardcoded in the DTS). To ensure we are set to boot from the first partition, issue the following commands:
> setsys bootpartition 0 > savesys
* Download the image onto the device and boot from it:
realtek: enable pca953x driver for rtl838x subtarget
The system status LED on Panasonic Switch-M8eG PN28080K is connected to a PCA9539PW. To use the LED as a status LED of OpenWrt while booting, enable the pca953x driver and built-in to the kernel. Also enable CONFIG_GPIO_PCA953X_IRQ to use interrupt via RTL83xx GPIO.
realtek: add support for Panasonic Switch-M8eG PN28080K
Panasonic Switch-M8eG PN28080K is a 8 + 1 port gigabit switch, based on RTL8380M.
Specification:
- SoC : Realtek RTL8380M - RAM : DDR3 128 MiB (Winbond W631GG8KB-15) - Flash : SPI-NOR 32 MiB (Macronix MX25L25635FMI-10G) - Ethernet : 10/100/1000 Mbps x8 + 1 - port 1-8 : TP, RTL8218B (SoC) - port 9 : SFP, RTL8380M (SoC) - LEDs/Keys : 7x / 1x - UART : RS-232 port on the front panel (connector: RJ-45) - 3:TX, 4:GND, 5:GND, 6:RX (pin number: RJ-45) - 9600n8 - Power : 100-240 VAC, 50/60 Hz, 0.5 A - Plug : IEC 60320-C13 - Stock OS : VxWorks based
Flash instruction using initramfs image:
1. Prepare the TFTP server with the IP address 192.168.1.111 2. Rename the OpenWrt initramfs image to "0101A8C0.img" and place it to the TFTP directory 3. Download the official upgrading firmware (ex: pn28080k_v30000.rom) and place it to the TFTP directory 4. Boot M8eG and interrupt the U-Boot with Ctrl + C keys 5. Execute the following commands and boot with the OpenWrt initramfs image
rtk network on tftpboot 0x81000000 bootm
6. Backup mtdblock files to the computer by scp or anything and reboot 7. Interrupt the U-Boot and execute the following commands to re-create filesystem in the flash
ffsmount c:/ ffsfmt c:/
this step takes a long time, about ~ 4 mins
8. Execute the following commands to put the official images to the filesystem
updatert <official image>
example:
updatert pn28080k_v30000.rom
this step takes about ~ 40 secs
9. Set the environment variables of the U-Boot by the following commands
10: Download the OpenWrt initramfs image and boot with it
tftpboot 0x81000000 0101A8C0.img bootm
11: On the initramfs image, download the sysupgrade image and perform sysupgrade with it
sysupgrade <imagename>
12: Wait ~ 120 seconds to complete flashing
Note:
- "Switch-M8eG" is a model name, and "PN28080K" is a model number. Switch-M8eG has an another (old) model number ("PN28080"), it's not a Realtek based hardware.
- Switch-M8eG has a "POWER" LED (Green), but it's not connected to any GPIO pin.
- The U-Boot checks the runtime images in the flash when booting and fails to execute anything in "bootcmd" variable if the images are not exsisting.
- A filesystem is formed in the flash (0x100000-0x1DFFFFF) on the stock firmware and it includes the stock images, configuration files and checksum files. It's unknown format, can't be managed on the OpenWrt. To get the enough space for OpenWrt, move the filesystem to the head of "fs_reserved" partition by execution of "ffsfmt" and "updatert".
- On the other devices in the same series of Switch-M8eG PN28080K, the INT pin on the PCA9555 is not connected to anywhere.
Back to the stock firmware:
1. Delete "loadaddr" variable and set "bootcmd" to the original value
Araknis AN-300-AP-I-N is an indoor wireless access point with 1 Gb ethernet port, dual-band wireless, internal antenna plates, and 802.3at PoE+
this board is a Senao device: the hardware is equivalent to EnGenius EWS310AP the software is modified Senao SDK which is based on openwrt and uboot including image checksum verification at boot time, and a failsafe image that boots if checksum fails
NOTE: all 4 gpio controlled LEDS are viewed through the same lightguide therefore, the power LED is off for default state
**MAC addresses:**
MAC address labeled as ETH Only one Vendor MAC address in flash at art 0x0
eth0 ETH *:7d art 0x0 phy1 2.4G *:7e --- phy0 5GHz *:7f ---
**Serial Access:**
the RX line on the board for UART is shorted to ground by resistor R176 therefore it must be removed to use the console but it is not necessary to remove to view boot log
optionally, R175 can be replaced with a solder bridge short
the resistors R175 and R176 are next to the UART RX pin at J10
**Installation:**
Method 1: Firmware upgrade page:
(if you cannot access the APs webpage) factory reset with the reset button connect ethernet to a computer OEM webpage at 192.168.20.253 username and password 'araknis' make a new password, login again...
Navigate to 'File Management' page from left pane Click Browse and select the factory.bin image Upload and verify checksum Click Continue to confirm wait about 3 minutes
Method 2: Serial to load Failsafe webpage:
After connecting to serial console and rebooting... Interrupt uboot with any key pressed rapidly execute `run failsafe_boot` OR `bootm 0x9fd70000` wait a minute connect to ethernet and navigate to 192.168.20.253 Select the factory.bin image and upload wait about 3 minutes
**Return to OEM:**
Method 1: Serial to load Failsafe webpage (above)
Method 2: delete a checksum from uboot-env this will make uboot load the failsafe image at next boot because it will fail the checksum verification of the image
ssh into openwrt and run `fw_setenv rootfs_checksum 0` reboot, wait a minute connect to ethernet and navigate to 192.168.20.253 select OEM firmware image and click upgrade
Method 3: backup mtd partitions before upgrade
**TFTP recovery:**
Requires serial console, reset button does nothing
rename initramfs-kernel.bin to '0101A8C0.img' make available on TFTP server at 192.168.1.101 power board, interrupt boot with serial console execute `tftpboot` and `bootm 0x81000000`
NOTE: TFTP may not be reliable due to bugged bootloader set MTU to 600 and try many times
**Format of OEM firmware image:**
The OEM software is built using SDKs from Senao which is based on a heavily modified version of Openwrt Kamikaze or Altitude Adjustment. One of the many modifications is sysupgrade being performed by a custom script. Images are verified through successful unpackaging, correct filenames and size requirements for both kernel and rootfs files, and that they start with the correct magic numbers (first 2 bytes) for the respective headers.
Newer Senao software requires more checks but their script includes a way to skip them.
The OEM upgrade script is at /etc/fwupgrade.sh
OKLI kernel loader is required because the OEM software expects the kernel to be less than 1536k and the OEM upgrade procedure would otherwise overwrite part of the kernel when writing rootfs.
Note on PLL-data cells:
The default PLL register values will not work because of the external AR8035 switch between the SOC and the ethernet port.
For QCA955x series, the PLL registers for eth0 and eth1 can be see in the DTSI as 0x28 and 0x48 respectively. Therefore the PLL registers can be read from uboot for each link speed after attempting tftpboot or another network action using that link speed with `md 0x18050028 1` and `md 0x18050048 1`.
The clock delay required for RGMII can be applied at the PHY side, using the at803x driver `phy-mode` setting through the DTS. Therefore, the Ethernet Configuration registers for GMAC0 do not need the bits for RGMII delay on the MAC side. This is possible due to fixes in at803x driver since Linux 5.1 and 5.3
Signed-off-by: Michael Pratt <mcpratt@pm.me> (commit: 561f46b)
Araknis AN-500-AP-I-AC is an indoor wireless access point with 1 Gb ethernet port, dual-band wireless, internal antenna plates, and 802.3at PoE+
this board is a Senao device: the hardware is equivalent to EnGenius EAP1200 the software is modified Senao SDK which is based on openwrt and uboot including image checksum verification at boot time, and a failsafe image that boots if checksum fails
NOTE: all 4 gpio controlled LEDS are viewed through the same lightguide therefore, the power LED is off for default state
**MAC addresses:**
MAC address labeled as ETH Only one Vendor MAC address in flash at art 0x0
eth0 ETH *:e1 art 0x0 phy1 2.4G *:e2 --- phy0 5GHz *:e3 ---
**Serial Access:**
the RX line on the board for UART is shorted to ground by resistor R176 therefore it must be removed to use the console but it is not necessary to remove to view boot log
optionally, R175 can be replaced with a solder bridge short
the resistors R175 and R176 are next to the UART RX pin at J10
**Installation:**
Method 1: Firmware upgrade page:
(if you cannot access the APs webpage) factory reset with the reset button connect ethernet to a computer OEM webpage at 192.168.20.253 username and password 'araknis' make a new password, login again...
Navigate to 'File Management' page from left pane Click Browse and select the factory.bin image Upload and verify checksum Click Continue to confirm wait about 3 minutes
Method 2: Serial to load Failsafe webpage:
After connecting to serial console and rebooting... Interrupt uboot with any key pressed rapidly execute `run failsafe_boot` OR `bootm 0x9fd70000` wait a minute connect to ethernet and navigate to 192.168.20.253 Select the factory.bin image and upload wait about 3 minutes
**Return to OEM:**
Method 1: Serial to load Failsafe webpage (above)
Method 2: delete a checksum from uboot-env this will make uboot load the failsafe image at next boot because it will fail the checksum verification of the image
ssh into openwrt and run `fw_setenv rootfs_checksum 0` reboot, wait a minute connect to ethernet and navigate to 192.168.20.253 select OEM firmware image and click upgrade
Method 3: backup mtd partitions before upgrade
**TFTP recovery:**
Requires serial console, reset button does nothing
rename initramfs-kernel.bin to '0101A8C0.img' make available on TFTP server at 192.168.1.101 power board, interrupt boot with serial console execute `tftpboot` and `bootm 0x81000000`
NOTE: TFTP may not be reliable due to bugged bootloader set MTU to 600 and try many times
**Format of OEM firmware image:**
The OEM software is built using SDKs from Senao which is based on a heavily modified version of Openwrt Kamikaze or Altitude Adjustment. One of the many modifications is sysupgrade being performed by a custom script. Images are verified through successful unpackaging, correct filenames and size requirements for both kernel and rootfs files, and that they start with the correct magic numbers (first 2 bytes) for the respective headers.
Newer Senao software requires more checks but their script includes a way to skip them.
The OEM upgrade script is at /etc/fwupgrade.sh
OKLI kernel loader is required because the OEM software expects the kernel to be less than 1536k and the OEM upgrade procedure would otherwise overwrite part of the kernel when writing rootfs.
Note on PLL-data cells:
The default PLL register values will not work because of the external AR8035 switch between the SOC and the ethernet port.
For QCA955x series, the PLL registers for eth0 and eth1 can be see in the DTSI as 0x28 and 0x48 respectively. Therefore the PLL registers can be read from uboot for each link speed after attempting tftpboot or another network action using that link speed with `md 0x18050028 1` and `md 0x18050048 1`.
The clock delay required for RGMII can be applied at the PHY side, using the at803x driver `phy-mode` setting through the DTS. Therefore, the Ethernet Configuration registers for GMAC0 do not need the bits for RGMII delay on the MAC side. This is possible due to fixes in at803x driver since Linux 5.1 and 5.3
Signed-off-by: Michael Pratt <mcpratt@pm.me> (commit: 56716b5)
Araknis AN-700-AP-I-AC is an indoor wireless access point with 1 Gb ethernet port, dual-band wireless, internal antenna plates, and 802.3at PoE+
this board is a Senao device: the hardware is equivalent to EnGenius EAP1750 the software is modified Senao SDK which is based on openwrt and uboot including image checksum verification at boot time, and a failsafe image that boots if checksum fails
NOTE: all 4 gpio controlled LEDS are viewed through the same lightguide therefore, the power LED is off for default state
**MAC addresses:**
MAC address labeled as ETH Only one Vendor MAC address in flash at art 0x0
eth0 ETH *:xb art 0x0 phy1 2.4G *:xc --- phy0 5GHz *:xd ---
**Serial Access:**
the RX line on the board for UART is shorted to ground by resistor R176 therefore it must be removed to use the console but it is not necessary to remove to view boot log
optionally, R175 can be replaced with a solder bridge short
the resistors R175 and R176 are next to the UART RX pin at J10
**Installation:**
Method 1: Firmware upgrade page:
(if you cannot access the APs webpage) factory reset with the reset button connect ethernet to a computer OEM webpage at 192.168.20.253 username and password 'araknis' make a new password, login again...
Navigate to 'File Management' page from left pane Click Browse and select the factory.bin image Upload and verify checksum Click Continue to confirm wait about 3 minutes
Method 2: Serial to load Failsafe webpage:
After connecting to serial console and rebooting... Interrupt uboot with any key pressed rapidly execute `run failsafe_boot` OR `bootm 0x9fd70000` wait a minute connect to ethernet and navigate to 192.168.20.253 Select the factory.bin image and upload wait about 3 minutes
**Return to OEM:**
Method 1: Serial to load Failsafe webpage (above)
Method 2: delete a checksum from uboot-env this will make uboot load the failsafe image at next boot because it will fail the checksum verification of the image
ssh into openwrt and run `fw_setenv rootfs_checksum 0` reboot, wait a minute connect to ethernet and navigate to 192.168.20.253 select OEM firmware image and click upgrade
Method 3: backup mtd partitions before upgrade
**TFTP recovery:**
Requires serial console, reset button does nothing
rename initramfs-kernel.bin to '0101A8C0.img' make available on TFTP server at 192.168.1.101 power board, interrupt boot with serial console execute `tftpboot` and `bootm 0x81000000`
NOTE: TFTP may not be reliable due to bugged bootloader set MTU to 600 and try many times
**Format of OEM firmware image:**
The OEM software is built using SDKs from Senao which is based on a heavily modified version of Openwrt Kamikaze or Altitude Adjustment. One of the many modifications is sysupgrade being performed by a custom script. Images are verified through successful unpackaging, correct filenames and size requirements for both kernel and rootfs files, and that they start with the correct magic numbers (first 2 bytes) for the respective headers.
Newer Senao software requires more checks but their script includes a way to skip them.
The OEM upgrade script is at /etc/fwupgrade.sh
OKLI kernel loader is required because the OEM software expects the kernel to be less than 1536k and the OEM upgrade procedure would otherwise overwrite part of the kernel when writing rootfs.
Note on PLL-data cells:
The default PLL register values will not work because of the external AR8035 switch between the SOC and the ethernet port.
For QCA955x series, the PLL registers for eth0 and eth1 can be see in the DTSI as 0x28 and 0x48 respectively. Therefore the PLL registers can be read from uboot for each link speed after attempting tftpboot or another network action using that link speed with `md 0x18050028 1` and `md 0x18050048 1`.
The clock delay required for RGMII can be applied at the PHY side, using the at803x driver `phy-mode` setting through the DTS. Therefore, the Ethernet Configuration registers for GMAC0 do not need the bits for RGMII delay on the MAC side. This is possible due to fixes in at803x driver since Linux 5.1 and 5.3
Signed-off-by: Michael Pratt <mcpratt@pm.me> (commit: 41be1a2)
kernel: backport DSA patches fixing null-pointer dereference for 5.10
Backport patches 381a730182f1 ("net: dsa: Move VLAN filtering syncing out of dsa_switch_bridge_leave") 108dc8741c20 ("net: dsa: Avoid cross-chip syncing of VLAN filtering") from upstream (currently in net-next) to fix null-pointer dereference.
Signed-off-by: Marek Behún <kabel@kernel.org> (commit: fbe2c3f)
Seeing failure to build because of missing symbols related to provisioning CONFIG_KEXEC and signed images. Without this, if you set CONFIG_KERNEL_KEXEC=y and try to build, target/linux will hang at:
scripts/kconfig/conf --syncconfig Kconfig ... kexec system call (KEXEC) [Y/n/?] y kexec file based system call (KEXEC_FILE) [Y/n/?] y Verify kernel signature during kexec_file_load() syscall (KEXEC_SIG) [N/y/?] (NEW)
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> (commit: 23f94aa)
378b638c70c0 mt76: mt7915: fix unused variable with testmode disabled 4f4309542862 mt76: mt7915: only use u32_get_bits with constant value de06d828a0bf mt76: mt7921: fix injected MPDU transmission to not use HW A-MSDU c007ba3ec7a9 mt76: mt7915: simplify conditional 64c74dc93f68 mt76: fix dfs state issue with 160 MHz channels d3471b0d92c1 mt76: mt7615: honor ret from mt7615_mcu_restart in mt7663u_mcu_init f4c87b32e0e9 mt76: mt7663u: introduce mt7663u_mcu_power_on routine 82de5987af54 mt76: mt7921: fix up the monitor mode c501df4086e1 mt76: mt7921: use mt76_hw instead of open coding it 594ee03d5a11 mt76: mt7915: fix DFS no radar detection event d8d2b383a241 mt76: split single ldpc cap bit into bits 0f336fba20fe mt76: mt7921: make mt7921_init_tx_queues static 00a066ce9914 mt76: mt7921: fix xmit-queue dump for usb and sdio d6d2479568b2 mt76: mt7921: fix mt7921_queues_acq implementation d17b74420199 mt76: fix monitor mode crash with sdio driver c374559eae6f mt76: mt7915: allow beaconing on all chains b219af63b9ce mt76: connac: add 6 GHz support for wtbl and starec configuration 630384cb3246 mt76: mt7915: add 6 GHz support 28ff1bddc7e8 mt76: mt7915: fix eeprom fields of txpower init values d4b226cc15e7 mt76: mt7915: add txpower init for 6GHz 31e820d4ce4b mt76: mt7921: get rid of mt7921_wait_for_mcu_init declaration 9fee1faf6028 mt76: mt7915: check for devm_pinctrl_get() failure 31a970940b97 mt76: connac: make read-only array ba_range static const e49af7036bbc mt76: use le32/16_get_bits() whenever possible 0664d39039c2 mt76: fix invalid rssi report f16fc9d96105 mt76: mt7915: set band1 TGID field in tx descriptor 67ce2708dcef mt76: mt7915: fix beamforming mib stats 6e899abec818 mt76: mt7915: fix phy cap in mt7915_set_stream_he_txbf_caps() c6780c85cff2 mt76: mt7915: fix typos in comments aa6eadc09a83 mt76: usb: add req_type to ___mt76u_rr signature 74a519ab8353 mt76: usb: add req_type to ___mt76u_wr signature 2651d2c66cbd mt76: usb: introduce __mt76u_init utility routine c03e095eee27 mt76: mt7921: disable runtime pm for usb 41085cdcd7e3 mt76: mt7921: update mt7921_skb_add_usb_sdio_hdr to support usb e700aba6bae3 mt76: mt7921: move mt7921_usb_sdio_tx_prepare_skb in common mac code 056b7f4ebcc6 mt76: mt7921: move mt7921_usb_sdio_tx_complete_skb in common mac code. 0abf682a3def mt76: mt7921: move mt7921_usb_sdio_tx_status_data in mac common code. b0c60d5252de mt76: mt7921: add mt7921u driver 053668acdaf8 mt76: mt7921: move mt7921_init_hw in a dedicated work
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: da2b972)
The I2C controller used in QorIQ PPC devices requires the mpc-i2c driver, which is enabled by the I2C_MPC kernel config symbol. Enable this and its dependencies in the target kernel config, as is done for the mpc85xx target.
This fixes missing hwmon, rtc and tpm devices on the M300.
The DWR-961 A1 Wireless Router is based on the MT7620A SoC. It's a merge of two Amit boards: DWR-960 with ethernet part of Lava LR-25G001.
ROMID it's taken from Telenor branded version and it works with tested device. Images from D-Link site for this router are from DWR-953 and it have ROMID DLK6E2424001. I don't know if it's mistake on web-site or if it's will require different image.
Installation: Apply factory image via http web-gui or JBOOT recovery page
How to revert to OEM firmware: - push the reset button and turn on the power. Wait until LED start blinking (~10sec.) - upload original factory image via JBOOT http (IP: 192.168.123.254)
This patch adds support for the Netgear WN3100RPv2 http://www.netgear.com/support/product/wn3100rpv2.aspx
Specifications: - SoC: MediaTek MT7620A (580MHz, ramips) - RAM: 32MB DDR - Storage: 8MB NOR SPI flash - Wireless: builtin MT7620A, 2x2:2 with u.FL connectors - Ethernet: 1x100M - Stock firmware based on OpenWRT Kamikaze
Like the EX2700, the bootloader expects a secondary image signature, see https://forum.openwrt.org/viewtopic.php?pid=312577#p312577
This device seems to be same hardware as a WN3000RPv3
Flash instructions: - Use the Netgear WebUI to upgrade to OpenWRT using the factory image (see note below), - Use the sysupgrade image for upgrading versions from OpenWRT, - TFTP recovery procedure can be used to flash the factory image (preferred method).
Note: - The WebUI may not reboot automatically, wait at least 5 minutes before powercycling the device
Flashing using TFTP: - Set you IP address to 192.168.1.10/24 (no gateway) - Connect your machine to the Ethernet port - Power off the device and wait for 10 seconds, - Hold the reset button and power on the device (do not release reset), - Hold the reset button until the green light is flashing (Approx. 15s) - launch tftp, set mode to binary and connect to 192.168.1.1 - put the factory firmware image - All leds will switch off (like a power off), this is normal - Wait for the device to reboot in the new OpenWRT image (max 5 mins) - The first boot will take longer than usual. - After boot, the Device IP on the ethernet port is 192.168.1.1
Signed-off-by: Rodolphe de Saint Léger <rdesaintleger@gmail.com> [drop unneeded includes in dts, wrap commit message] Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 7bc20cb)
This patch adds support for the Netgear WN3100RPv2 http://www.netgear.com/support/product/wn3100rpv2.aspx
Specifications: - SoC: MediaTek MT7620A (580MHz, ramips) - RAM: 32MB DDR - Storage: 8MB NOR SPI flash - Wireless: builtin MT7620A, 2x2:2 with u.FL connectors - Ethernet: 1x100M - Stock firmware based on OpenWRT Kamikaze
Like the EX2700, the bootloader expects a secondary image signature, see https://forum.openwrt.org/viewtopic.php?pid=312577#p312577
This device seems to be same hardware as a WN3000RPv3
Flash instructions: - Use the Netgear WebUI to upgrade to OpenWRT using the factory image (see note below), - Use the sysupgrade image for upgrading versions from OpenWRT, - TFTP recovery procedure can be used to flash the factory image (preferred method).
Note: - The WebUI may not reboot automatically, wait at least 5 minutes before powercycling the device
Flashing using TFTP: - Set you IP address to 192.168.1.10/24 (no gateway) - Connect your machine to the Ethernet port - Power off the device and wait for 10 seconds, - Hold the reset button and power on the device (do not release reset), - Hold the reset button until the green light is flashing (Approx. 15s) - launch tftp, set mode to binary and connect to 192.168.1.1 - put the factory firmware image - All leds will switch off (like a power off), this is normal - Wait for the device to reboot in the new OpenWRT image (max 5 mins) - The first boot will take longer than usual. - After boot, the Device IP on the ethernet port is 192.168.1.1
Signed-off-by: Rodolphe de Saint Léger <rdesaintleger@gmail.com> [drop unneeded includes in dts, wrap commit message] Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 46c5de5)
*) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever for non-prime moduli. (CVE-2022-0778)
*) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489) to the list of ciphersuites providing Perfect Forward Secrecy as required by SECLEVEL >= 3.
Signed-off-by: Martin Schiller <ms@dev.tdt.de> (commit: e17c6ee)
base-files: Align rootfs_data upgrades to 64KiB on eMMC
Rootfs overlays get created at a ROOTDEV_OVERLAY_ALIGN (64KiB) alignment after the rootfs, but emmc_do_upgrade() is assuming it comes at the very next 512-byte sector.
Suggested-by: Christian Lamparter <chunkeey@gmail.com> Signed-off-by: Brian Norris <computersforpeace@gmail.com> (move spaces around, mention fstools' libtoolfs) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: e8a0c55)
mpc85xx: add support for Extreme Networks WS-AP3825i
Hardware:
- SoC: Freescale P1020 - CPU: 2x e500v2 @ 800MHz - Flash: 64MiB NOR (1x Intel JS28F512) - Memory: 256MiB (2x ProMOS DDR3 V73CAG01168RBJ-I9H 1Gb) - WiFi1: 2.4+5GHz abgn 3x3 (Atheros AR9590) - Wifi2: 5GHz an+ac 3x3 (Qualcomm Atheros QCA9890) - ETH: 2x PoE Gigabit Ethernet (2x Atheros AR8035) - Power: 12V (center-positive barrel) or 48V PoE (active or passive) - Serial: Cisco-compatible RJ45 next to 12V power socket (115200 baud) - LED Driver: TI LV164A - LEDs: (not functioning) - 2x Power (Green + Orange) - 4x ETH (ETH1 + ETH2) x (Green + Orange) - 2x WiFi (WiFi2 + WiFi1)
Installation:
1. Grab the OpenWrt initramfs <openwrt-initramfs-bin>, e.g. openwrt-mpc85xx-p1020-extreme-networks_ws-ap3825i-initramfs-kernel.bin. Place it in the root directory of a DHCP+TFTP server, e.g. OpenWrt `dnsmasq` with configuration `dhcp.server.enable_tftp='1'`.
2. Connect to the serial port and boot the AP with options e.g. 115200,N,8. Stop autoboot in U-Boot by pressing Enter after 'Scanning JFFS2 FS:' begins, then waiting for the prompt to be interrupted. Credentials are identical to the one in the APs interface. By default it is admin / new2day: if these do not work, follow the OEM's reset procedure using the reset button.
3. Set the bootcmd so the AP can boot OpenWrt by executing:
- We must step through the `bootm` process manually to avoid fdt relocation. To explain: the stock U-boot (and stock Linux) are configured with a very large CONFIG_SYS_BOOTMAPSZ (and the device's stock Linux kernel is configured to be able to handle it). The U-boot version predates the check for the `fdt_high` variable, meaning that upon fdt relocation, the fdt can (and will) be moved to a very high address; the default appears to be 0x9ffa000. This address is so high that when the Linux kernel starts reading the fdt at the beginning of the boot process, it encounters a memory access exception and panics[5]. While it is possible to reduce the highest address the fdt will be relocated to by setting `bootm_size`, this also has the side effect of limiting the amount of RAM the kernel can use[3].
- Because it is not relocated, the flattened device tree needs to be padded in the build process to guarantee that `fdt resize` has enough space.
- The primary ethernet MAC address is stored (and set) in U-boot; they are shimmed into the device tree by 'fdt boardsetup' through the 'local-mac-address' property of the respective ethernet node, so OpenWrt does not need to set this at runtime. Note that U-boot indexes the ethernet nodes by alias, which is why the device tree explicitly aliases ethernet1 to enet2.
- LEDs do not function under OpenWrt. Each of 8 LEDs is connected to an output of a TI LV164A shift register, which is wired to GPIO lines and operates through bit-banged SPI. Unfortunately, I am unable to get the spi-gpio driver to recognize the `led_spi` device tree node at all, as confirmed by patching in printk messages demonstrating spi-gpio.c::spi_gpio_probe never runs. It is possible to manually articulate the shift register by exporting the GPIO lines and stepping their values through the sysfs.
- Though they do not function under OpenWrt, I have left the pinout details of the LEDs and shift register in the device tree to represent real hardware.
- An archive of the u-boot and Linux source for the AP3825i (which is one device of a range of devices code-named 'CHANTRY') be found here[1].
- The device has an identical case to both the Enterasys WS-AP3725i and Adtran BSAP-2030[2] (and potentially other Adtran BSAPs). Given that there is no FCC ID for the board itself (only its WLAN modules), it's likely these are generic boards, and even that the WS-AP3725i is identical, with only a change in WLAN card. I have ordered one to confirm this.
- For additional information: the process of porting the board is documented in an OpenWrt forum thread[4].
Timo Schroeder reported: "The TP-Link Archer VR2600v is stuck in a boot loop on written snapshot image. It's able to boot using the snapshot uimage though, but there ath10k firmware can't be found. 21.02.2 release version doesn't have either problem."
The VR2600v has a 512 byte header at the beginning of the firmware that needs to be accounted for.
Fixes: f6a01d7f5c3d ("ipq806x: convert TP-Link Archer VR2600v to denx,uimage") Reported-by: Timo Schroeder <der.timosch@gmail.com> References: <https://github.com/openwrt/openwrt/issues/9467> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 621b058)
The &spi node has #address-cells = <1> and #size-cells = <0>. Drop the extra 0 in the reg property from the SPI flash node to ensure it's number of cells matches the definition in the parent node. This also makes the reg property for the SPI flash node consistent with all other VR9 boards.
Fixes: eae6cac6a30b ("lantiq: add support for AVM FRITZ!Box 7362 SL") Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> (commit: dadedd5)
lantiq: fritz7362sl: add partition subnode for SPI flash
Without a partition subnode ofpart_core still parses direct subnodes as partitions, but it ignores nodes with a compatible property. Due to this, the switch to nvmem-cells made the urlader partition inaccessible. As a result, the wireless network was broken, as the calibration data is read from that partition by a script.
Fixes: #8983 Signed-off-by: Jan Hoffmann <jan@3e8.eu> (commit: a622273)
- fix eth0 eth1 sharing same mac so it conforms to the behavior stated in the original commit and the way it is in vendor firmware : WAN is label, LAN is label +1 and WLAN is label +2 - add default leds config - add default network config
Kernel 5.6 introduced a new config symbol SERIAL_8250_16550A_VARIANTS. In kernel 5.8, this symbol was changed to default to on on !x86, as some embedded devices still use 16650A variants. Let's play safe here and enable this symbol in the generic config, to avoid others from running into this problem and having to spend several hours trying to bisect this problem. While we could disable the symbol in the x86 target configs, a 20ms boot time reduction really isn't worth the time wasted on bisecting this issue.
Matt discovered this problem while working on adding support for the WatchGuard Firebox M200 to the qoriq target, where it caused some characters to be missing on the console output.
Fixes: 00cbf6f6ab1d ("bpftools: update to standalone bpftools + libbpf, use the latest version") Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 54aab4e)
Some vendors like Seeedstudio in their product [1] with Raspberry Pi Compute Module 4 uses Microchip LAN7800 (USB 3.0 to Gigabit Ethernet Bridge) - USB 3.0 extended from PCIe of CM4.
lsusb output: ``` Bus 002 Device 002: ID 0424:7800 Microchip LAN7800 ```
Raspberry Pi 4 and even Compute Module 4 has many resources available and for just one kernel module it is not necessary to add additional specific CM4 profiles. Let's include it by default, so the both Ethernet ports will be usable to have better user-experience. Because previous generation of Raspberry Pi included LAN7800 Gigabit Ethernet by default and it is enabled there [2] in kernel without additional kernel module, which was added recently [3].
After this commit in dmesg can be found this:
``` root@OpenWrt:~# dmesg | grep lan [ 7.038889] lan78xx 2-3:1.0 (unnamed net_device) (uninitialized): int urb period 64 [ 7.090484] usbcore: registered new interface driver lan78xx ```
cypress-firmware: update it to version 5.4.18-2021_0812
- Binary files were renamed to cyfmac from brcmfmac, but the files needs to be on the router with the previous naming
[ 6.656165] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6 [ 6.665182] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.bin failed with error -2 [ 6.674928] brcmfmac mmc1:0001:1: Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.bin
- Cypress were acquired by Infineon Technologies Thus change the project URL and switch to download files from their GitHub repository. This is much better than the previous solution, which requires finding new threads on their community forum about new driver updates, and it will be necessary to change the URL each time.
Unfortunately, it seems that there is not published changelog, but according to this forum thread [1], be careful by opening the link from solution since it contains ending bracket ), it brings fixes for various security vulnerabilities, which were fixed in 7_45_234.
Fixes: - FragAttacks - Kr00k
Also add LICENSE file
Run tested on Seeedstudio router powered by Raspberry Pi 4 CM with package cypress-firmware-43455-sdio.
The service command belongs to the procd and does not belong in the shinit. In the course of the move, the script was also checked with shellcheck and cleaned up.
base-files: add wrapper for procd service list command
A service managed by procd does have a json object with usefull information. This information could by dumped with the following command.
ubus call service list "{ 'verbose':true, 'name': '<service-name>)'". }"
This line is long and complicated to enter. This commit adds a wrapper call to the procd service section tool to simplify the input and get the output faster.
We could now enter the command /etc/initd/<service> info to get the info faster.
Installation ------------ 1. Place *factory.trx on any web server (192.168.1.2 in this example) 2. Connect to the router using telnet shell (no password required) 3. Save MAC adresses to U-Boot environment: uboot_env --set --name eth2macaddr --value $(ifconfig | grep eth2 | \ awk '{print $5}') uboot_env --set --name eth3macaddr --value $(ifconfig | grep eth3 | \ awk '{print $5}') uboot_env --set --name ra0macaddr --value $(ifconfig | grep ra0 | \ awk '{print $5}') uboot_env --set --name rax0macaddr --value $(ifconfig | grep rax0 | \ awk '{print $5}') 4. Ensure that MACs were saved correctly: uboot_env --get --name eth2macaddr uboot_env --get --name eth3macaddr uboot_env --get --name ra0macaddr uboot_env --get --name rax0macaddr 5. Download and write the OpenWrt images: cd /tmp wget http://192.168.1.2/factory.trx mtd_write erase /dev/mtd4 mtd_write write factory.trx /dev/mtd4 6. Set 1st boot partition and reboot: uboot_env --set --name bootpartition --value 0 reboot
Back to Stock ------------- 1. Run in the OpenWrt shell: fw_setenv bootpartition 1 reboot 2. Optional step. Upgrade the stock firmware with any version to overwrite the OpenWrt in Slot 1.
MAC addresses ------------- +-----------+-------------------+----------------+ | Interface | MAC | Source | +-----------+-------------------+----------------+ | label | 30:xx:xx:51:xx:09 | No MACs was | | LAN | 30:xx:xx:51:xx:09 | found on Flash | | WAN | 30:xx:xx:51:xx:06 | [1] | | WLAN_2g | 30:xx:xx:51:xx:07 | | | WLAN_5g | 32:xx:xx:41:xx:07 | | +-----------+-------------------+----------------+ [1]: a. Label wasb't found neither in factory nor in other places. b. MAC addresses are stored in encrypted partition "glbcfg". Encryption key hasn't known yet. To ensure the correct MACs in OpenWrt, a hack with saving of the MACs to u-boot-env during the installation was applied. c. Default Ralink ethernet MAC address (00:0C:43:28:80:36) was found in "Factory" 0xfff0. It's the same for all Smartbox Flash devices. OEM firmware also uses this MAC when initialazes ethernet driver. In OpenWrt we use it only as internal GMAC (eth0), all other MACs are unique. Therefore, there is no any barriers to the operation of several Smartbox Flash devices even within the same broadcast domain.
Stock firmware image format --------------------------- +--------------+---------------+----------------------------------------+ | Offset | 1.0.15 | Description | +==============+===============+========================================+ | 0x0 | 5d 43 6f 74 | TRX magic "]Cot" | +--------------+---------------+----------------------------------------+ | 0x4 | 00 70 ff 00 | Length (reverse) | +--------------+---------------+----------------------------------------+ | | | htonl(~crc) from 0xc ("flag_version") | | 0x8 | 72 b3 93 16 | to "Length" | +--------------+---------------+----------------------------------------+ | 0xc | 00 00 01 00 | Flags | +--------------+---------------+----------------------------------------+ | | | Offset (reverse) of Kernel partition | | 0x10 | 1c 00 00 00 | from the start of the header | +--------------+---------------+----------------------------------------+ | | | Offset (reverse) of RootFS partition | | 0x14 | 00 00 42 00 | from the start of the header | +--------------+---------------+----------------------------------------+ | 0x18 | 00 00 00 00 | Zeroes | +--------------+---------------+----------------------------------------+ | 0x1c | 27 05 19 56 … | Kernel data + zero padding | +--------------+---------------+----------------------------------------+ | | | RootFS data (starting with "hsqs") + | | 0x420000 | 68 73 71 73 … | zero padding to "Length" | +--------------+---------------+----------------------------------------+ | | | Some signature data (format is | | | | unknown). Necessary for the fw | | "Lenght" | 00 00 00 00 … | update via oem fw web interface. | +--------------+---------------+----------------------------------------+ | "Lenght" + | | TRX magic "HDR0". U-Boot is | | 0x10c | 48 44 52 30 | checking it at every boot. | +--------------+---------------+----------------------------------------+ | | | 1.00: | | | | Zero padding to ("Lenght" + 0x23000) | | | | 1.0.12: | | | | Zero padding to ("Lenght" + 0x2a000) | | "Lenght" + | | 1.0.13, 1.0.15, 1.0.16: | | 0x110 | 00 00 00 00 | Zero padding to ("Lenght" + 0x10000) | +--------------+---------------+----------------------------------------+
The R1 revision is identical to the A1 revision except - No Config2 Parition, therefore - factory partition resized to 64k from 128K - Firmware partition offset is 0x50000 not 0x60000 - Firmware partitions size increased by 64K - Firmware partition type is "denx,uimage", not "sge,uimage" - Padding of image creation "uimage-padhdr 96" removed
Installation: Update to the last D-Link firmware through web-ui before OpenWRT installation then follow the instructions to patch your device using D-Link FailsafeUI.
- D-Link FailsafeUI: Power down the router, press and hold the reset button, then re-plug it. Keep the reset button pressed until the internet LED stops flashing, then jack into any lan port and manually assign a static IP address in 192.168.0.0/24 other than 192.168.0.1 (e.g. 192.168.0.2) and go to http://192.168.0.1 Flash with the factory image.
Signed-off-by: Igor Nazarov <tigron.dev@gmail.com> (commit: 42626ae)
Telco X1 Pro is a Cat12 LTE-A Pro modem router. Vendor firmware is based on a recent version of OpenWrt. Flashing is possible via CLI using sysupgrade -F -n The serial headers allow bootloader and console access Serial setting: 115200 8N1
Brief Specifications: IPQ4019 SoC 32MB flash 512MB RAM 4x gigabit LAN 1x gigabit WAN Dual-band Wave-2 wifi 2x SMA LTE antenna connectors 2x RP-SMA wifi antennas 1x USB 2.0 port 1x Reset button Serial headers installed 1x Nano SIM tray 1x Quectel EM-12G LTE-A Pro modem 1x M.2 slot attached to USB 3.0 1x internal micro SD card slot
Signed-off-by: Nicholas Smith <nicholas@nbembedded.com> (commit: 7ea2f3d)
Notes: U-Boot passes through the ethaddr from uboot-env partition, but also has been known to reset it to a generic mac address hardcoded in the bootloader.
However, bdata is also populated with the ethernet mac addresses, but is also typically never written to. Thus this is used instead.
2. Calculate telnet password from serial number and login
3. Execute commands to prepare device nvram set ssh_en=1 nvram set uart_en=1 nvram set boot_wait=on nvram set flag_boot_success=1 nvram set flag_try_sys1_failed=0 nvram set flag_try_sys2_failed=0 nvram commit
4. Download and flash image On computer: python -m http.server On router: cd /tmp wget http://<IP>:8000/factory.bin mtd -r write factory.bin firmware
Device should reboot at this point.
Reverting to stock: Stock Xiaomi recovery tftp that accepts their signed images, with default ips of 192.168.31.1 + 192.168.31.100. Stock image should be renamed to tftp server ip in hex (Eg. C0A81F64.img) Triggered by holding reset pin on powerup.
A simple implementation of this would be via dnsmasq's dhcp-boot option or using the vendor's (Windows only) recovery tool available on their website.
Signed-off-by: Richard Huynh <voxlympha@gmail.com> (commit: 9f9477b)
As the upcoming release will be based on Linux 5.10 only, remove all kernel configuration as well as patches for Linux 5.4. There were no targets still actively using Linux 5.4.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 3a14580)
In order to calculate the required pre-distortion for downstream vectoring, the vectoring control entity (VCE) at the carrier office needs error samples from the modem. On Lantiq VR9 modems, error reports are generated by the firmware, but need to be multiplexed into the data stream by the driver on the main processor when L2 encapsulation is selected by the VCE.
This driver provides the necessary callback function, which is called by the MEI driver after receiving an error report from the firmware.
Originally, it is part of the Lantiq PPA driver, but after a few changes it also works with the PTM driver used in OpenWrt. The direct call to ndo_start_xmit needs to be replaced, as the PTM driver relies on locks from the kernel. Instead dev_queue_xmit is used, which is called from a work queue, as it is not safe to call from an interrupt handler.
Additional changes include fixes to support recent kernel versions and a change of the used interface from ptm0 to dsl0.
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Signed-off-by: Jan Hoffmann <jan@3e8.eu> (commit: f872b96)
ltq-vdsl-app: set MAC address for vectoring error reports
This tells the modem about the WAN MAC address, which is used as source address for vectoring error reports that are generated by the firmware.
It needs to be set early, as the MEI driver only actually writes the value to the modem when is in reset state (i.e. the firmware has been loaded, but connection has not started yet).
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Signed-off-by: Jan Hoffmann <jan@3e8.eu> (commit: b35d33c)
Some users noticed repeated resyncs at random intervals, which go away when the MEI driver is configured to use polling instead of interrupts. Debugging shows that this seems to be caused by concurrent calls to MEI_ReadMailbox (in the interrupt handler) and MEI_WriteMailbox. This appears to be mostly triggered when there is an interrupt for vectoring error reports.
In polling mode, calls to MEI_ReadMailbox are protected by the same semaphore as is used in MEI_WriteMailbox. When interrupts are used, MEI_WriteMailbox appears to rely on MEI_DisableDeviceInt and MEI_EnableDeviceInt to provide mutual exclusion with the interrupt handler. These functions mask/unmask interrupts, and there is an additional check of the mask in the interrupt handler itself. However, this is not sufficient on systems with SMP, as the interrupt handler may be running in parallel, and could already be past the interrupt mask check at this point.
This adds a lock to the interrupt handler, and also acquires this lock in MEI_DisableDeviceInt. This should make sure that after a call to MEI_DisableDeviceInt the interrupt is masked, and the interrupt handler is either not running, has alread finished its work, or is still before the interrupt mask check, and is thus going to detect the change.
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Signed-off-by: Jan Hoffmann <jan@3e8.eu> (commit: 1700424)
391a9fbd5ace dns: fix parsing vlan encapsulated protocol 6aeeddbc91ad interface: extend dns filters to cover vlan tagged traffic as well 1ab53d4ca601 bpf: return TC_ACT_UNSPEC to allow other filters to proceed ca21e729af23 interface: switch to using clsact for filters 5d158f6b3c15 interface: run ingress bpf filter on main device ingress instead of ifb egress bdfcb11847ce interface: fix duplicated dns filter line b97405aa632a Revert "ubus: remove dnsmasq subscriber" 8fbaf39dbc95 interface: rework adding/removing filters, do not delete clsact d7ba5804eae4 interface: replace open-coded ifb-dns string with QOSIFY_DNS_IFNAME 91cf440db9e2 loader: fix use of deprecated functions
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 81f3c4d)
uboot-envtools: oxnas: fix wrong eraseblock size for shuttle,kd20
Shuttle KD20 has NAND flash with 0x20000 (128KiB) erase blocks. Correctly set that in uboot-envtools as well to allow writing to the bootloader environment using fw_setenv.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: fa67639)
sunxi: cortexa7: fix ethernet link detection on a20-olinuxino-lime2
a20-olinuxino-lime2 is currently having hard time with link detection of certain 1000Mbit partners due to usage of generic PHY driver, probably due to following missing workaround introduced in upstream in commit 3aed3e2a143c ("net: phy: micrel: add Asym Pause workaround"):
The Micrel KSZ9031 PHY may fail to establish a link when the Asymmetric Pause capability is set. This issue is described in a Silicon Errata (DS80000691D or DS80000692D), which advises to always disable the capability. This patch implements the workaround by defining a KSZ9031 specific get_feature callback to force the Asymmetric Pause capability bit to be cleared.
This fixes issues where the link would not come up at boot time, or when the Asym Pause bit was set later on.
As a20-olinuxino-lime2 has Micrel KSZ9031RNXCC-TR Gigabit PHY since revision H, so we need to use Micrel PHY driver on those devices.
Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: ffa1088)
uboot-mediatek: add patch to allow accessing bootconf from Linux
Store selected boot configuration in '/chosen' node in device tree, so it can be accessed by Linux (and used for fine-tuning the FIT partition parser).
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: dfc3ea6)
kernel: generic: use chosen bootconf in FIT partition parser
If the selected boot configuration is stored by U-Boot in '/chosen' node as 'bootconf' attribute, use that configuration to resolve the block device used as rootfs. Fall back to use the default configuration in case 'bootconf' is not present.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 503f3b9)
Albeit a separate crypto module, lzo-rle uses the same kernel library as lzo. Crypto API users (zram, for example) expect both lzo and lzo-rle to be available, so let's include lzo-rle (about 5.5 kiB) in the lib-lzo package.
Based on e9hack's original patch: https://patchwork.ozlabs.org/project/openwrt/patch/541cbfbd-76f2-59b3-a867-47b6f0fc7da9@gmail.com/
* only map filesystems configured in 'loadables' * allow mapping more than one filesystem (e.g. customization/branding or localization in addition to rootfs) * small cleaning here and there
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: ab14364)
zlib: backport security fix for a reproducible crash in compressor
Tavis has just reported, that he was recently trying to track down a reproducible crash in a compressor. Believe it or not, it really was a bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.
Tavis has reported it upstream, but it turns out the issue has been public since 2018, but the patch never made it into a release. As far as he knows, nobody ever assigned it a CVE.
ath79: change Ubiquiti UniFi AP model name to include "AP"
While it hasn't always been clear whether the "AP" is part of the model name on the Ubiquiti website, we include it for all other pre-AC variants (AP Pro and the AP Outdoor+). Add it to the original UniFi AP as well for consistency.
Evaluating the return value of 'json_load' didn't work in the intended way resulting in PIN status no longer being read on modems where --get-pin-status doesn't fail. Fix this by trying --get-pin-status first and checking if pin1_status field exists in JSON, and if it doesn't try again with --uim-get-sim-state.
Fixes: #9501 Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: ee7cb5e)
qoriq: remove CONFIG_GDB_SCRIPTS from kernel config
It is disabled in the generic kernel config and not used in any of the other targets. There was no specific reason for enabling it, so let's be consistent and remove it from the qoriq kernel config.
imagebuilder: fix broken image generation with external targets
When using external targets there is a symlink being created for the target under target/linux which then becomes dangling under Image Builder. Fix it by dereferencing the possible symlink.
Tested on IB with external target, ipq40xx and mvebu.
Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 621f39d)
Some configure scripts look for msgfmt and gmsgfmt. As we don't install the latter, configure might pick up one from staging_dir/hostpkg, and the other from the host:
checking for msgfmt... /home/stijn/Development/OpenWrt/openwrt/staging_dir/hostpkg/bin/msgfmt checking for gmsgfmt... /usr/bin/gmsgfmt
This could potentially lead to hard to debug undefined behaviour. Install a symlink in the host install phase to avoid this.
This turned out this is an issue with upstream changing ATA_TAG_INTERNAL's value from 31 to 32 during 4.18 release. Update "SATA_DWC_QCMD_MAX" to account for that.
Link: https://forum.openwrt.org/t/my-book-live-duo-reboot-loop/122464 Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: e95dec8)
Naming follows existing Google projects included in upstream board-2.bin -- GO(ogle) prefix, an underscore (_), and the project code name, all in caps.
Note that I only tested the "gale" model; the "breeze" model is a later revision (same marketing name) with very small hardware changes but otherwise using the same firmware image.
Submitted upstream here:
ath10k-firmware: QCA4019: hw1.0: Add Google Wifi BDFs http://lists.infradead.org/pipermail/ath10k/2022-March/013465.html https://lore.kernel.org/ath10k/YjaNGW252Ls%2FyDw8@localhost/
Signed-off-by: Brian Norris <computersforpeace@gmail.com> (commit: 331d78a)
See firmware-utils.git commits [1], which implemented the cros-vbutil verified-boot payload-packing tool, and extended ptgen for the CrOS kernel partition type. With these, it's now possible to package kernel + rootfs to make disk images that can boot a Chrome OS-based system (e.g., Chromebooks, or even a few AP models).
Regarding PARTUUID= changes: Chromium bootloaders work well with a partition number offset (i.e., relative to the kernel partition), so we'll be using a slightly different root UUID line.
NB: I've made this support specific to ip40xx for now, because I only plan to support an IPQ4019-based AP that uses a Chromium-based bootloader, but this image format can be used for essentially any Chromebook, as well as the Google OnHub, a prior Chromium-based AP using an IPQ8064 chipset.
[1] ptgen: add Chromium OS kernel partition support https://git.openwrt.org/?p=project/firmware-utils.git;a=commit;h=6c95945b5de973026dc6f52eb088d0943efa96bb
cros-vbutil: add Chrome OS vboot kernel-signing utility https://git.openwrt.org/?p=project/firmware-utils.git;a=commit;h=8e7274e02fdc6f2cb61b415d6e5b2e1c7e977aa1
Signed-off-by: Brian Norris <computersforpeace@gmail.com> (commit: 17b0504)
See my upstream questions: https://lore.kernel.org/linux-arm-msm/20200913201608.GA3162100@bDebian/
This effectively reverts upstream Linux commit 13e77747800e ("firmware: qcom: scm: Use atomic SCM for cold boot"), because Google WiFi boot firmwares don't support the atomic variant.
This fixes SMP support for Google WiFi.
Signed-off-by: Brian Norris <computersforpeace@gmail.com> (commit: 26af098)
Google WiFi (codename: Gale) is an IPQ4019-based AP, with 2 Ethernet ports, 2x2 2.4+5GHz WiFi, 512 MB RAM, 4 GB eMMC, and a USB type C port. In its stock configuration, it runs a Chromium OS-based system, but you wouldn't know it, since you can only manage it via a "cloud" + mobile-app system.
The "v2" label is coded into the bootloader, which prefers the "google,gale-v2" compatible string. I believe "v1" must have been pre-release hardware.
Note: this is *not* the Google Nest WiFi, released in 2019.
I include "factory.bin" support, where we generate a GPT-based disk image with 2 partitions -- a kernel partition (using the custom "Chrome OS kernel" GUID type) and a root filesystem partition. See below for flashing instructions.
Sysupgrade is supported via recent emmc_do_upgrade() helper.
This is a subtarget because it enables different features (FEATURES=boot-part rootfs-part) whose configurations don't make sense in the "generic" target, and because it builds in a few USB drivers, which are necessary for installation (installation is performed by booting from USB storage, and so these drivers cannot be built as modules, since we need to load modules from USB storage).
* Ethernet, both WAN and LAN ports * eMMC * USB-C (hub, power-delivery, peripherals) * LED0 (R/G/B) * WiFi (limited testing) * SPI flash * Serial console: once in developer mode, console can be accessed via the USB-C port with SuzyQable, or other similar "Closed Case Debugging" tools: https://chromium.googlesource.com/chromiumos/third_party/hdctools/+/master/docs/ccd.md#suzyq-suzyqable * Sysupgrade
Not tested:
* TPM
Known not working:
* Reboot: this requires some additional TrustZone / SCM configuration to disable Qualcomm's SDI. I have a proposal upstream, and based on IRC chats, this might be acceptable with additional DT logic: [RFC PATCH] firmware: qcom_scm: disable SDI at boot https://lore.kernel.org/linux-arm-msm/20200721080054.2803881-1-computersforpeace@gmail.com/ * SMP: enabling secondary CPUs doesn't currently work using the stock bootloader, as the qcom_scm driver assumes newer features than this TrustZone firmware has. I posted notes here: [RFC] qcom_scm: IPQ4019 firmware does not support atomic API? https://lore.kernel.org/linux-arm-msm/20200913201608.GA3162100@bDebian/ * There's a single external button, and a few useful internal GPIO switches. I haven't hooked them up.
The first two are fixed with subsequent commits.
Additional notes ================
Much of the DTS is pulled from the Chrome OS kernel 3.18 branch, which the manufacturer image uses.
Note: the manufacturer bootloader knows how to patch in calibration data via the wifi{0,1} aliases in the DTB, so while these properties aren't present in the DTS, they are available at runtime:
Ethernet MAC addresses are similarly patched in via the ethernet{0,1} aliases.
Signed-off-by: Brian Norris <computersforpeace@gmail.com> (updated 901 - x1pro moved in the process) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: f1c041e)
This model, also know as "1&1 HomeServer", shares the same features as 7530.
The vendor firmware has artificial software limitations: only 2 of the 4 LAN-Ports are GBit, and the USB-Host is only v2.0.
With OpenWrt, USB is already working at v3.0.
Signed-off-by: Andre Heider <a.heider@gmail.com> (updated commit message to reflect current state) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: cb6f4be)
This reverts commit 80b7a8a7f5a0a88fde6dd19f097df4d7cac9ff04.
Now that 5.10 is the default kernel for all platforms, we can bring back the NU801 userspace driver for platforms that rely on it. Currently it's used on the MX100 x86_64 target, but other Meraki platforms use this controller.
Note that we also now change how we load nu801. The way we did this previously with procd worked, but it meant it didn't load until everything was up and working.
To fix this, let's call nu801 from boot and re-trigger the preinit blink sequence. Since nu801 runs as a daemon this is now something we can do.
Signed-off-by: Chris Blake <chrisrblake93@gmail.com> (removed empty line, currently only MX100 uses it so: @TARGET_x86) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 3f87451)
This commit moves the patches for the r8152.c driver to the generic directory. Previously they were only available on the bcm27xx target. With these patches the Realtek RTL8153C, RTL8153D, RTL8156A and RTL8156B chips are supported on all targets by the kmod-usb-net-rtl8152 module. The RTL8156A and RTL8156B are the 2.5Gb/s Ethernet adapters.
The patches have been tested on TP-Link UE300 (RTL8153A) and UNITEK 1313B (RTL8156B).
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl> (commit: 210c534)
1. Drop package: cypress-firmware-4359-pcie This binary is no longer provided and there are not many details what happened.
2. Drop package: cypress-firmware-4359-sdio This binary is no longer provided, but in this case, to compare it with PCIe package mention as first, there was added support in Linux-firmware [1], but no sign of firmware file.
4. Drop package: cypress-firmware-89459-pcie [2] According to Infineon: "CYW89459 is an automotive Wi-Fi chip which is not supported in the broad market community."
The patch was rejected by upstream. The mtk_nand driver should be modified to support the mt7621 flash controller instead. As there is no newer version to backport, or no upstream version to fix bugs, let's move the driver to the files dir under the ramips target. This makes it easier to make changes to the driver while waiting for mt7621 support to land in mtk_nand.
ARM Builds like sunxi/cortexa53 or the rpi family failed to build due to a new symbols showing up:
|Google Firmware Drivers (GOOGLE_FIRMWARE) [Y/n/?] y | Coreboot Table Access (GOOGLE_COREBOOT_TABLE) [M/n/y/?] m | Coreboot Framebuffer (GOOGLE_FRAMEBUFFER_COREBOOT) [N/m/?] (NEW) |Error in reading or end of file.
removes usb-port remains as neither the WAC510 nor the WAC505 come with a USB port. Update the LED properties to phase out labels and introduce generic node-names as well as adding the color, function and function-enumerator properties.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 026fda1)
kernel: add (disabled) ASYMMETRIC_TPM_KEY_SUBTYPE symbol
at91/sama7 fails to build due to:
| Asymmetric (public-key cryptographic) key type (ASYMMETRIC_KEY_TYPE) [Y/?] y | Asymmetric public-key crypto algorithm subtype (ASYMMETRIC_PUBLIC_KEY_SUBTYPE) [Y/?] y | Asymmetric TPM backed private key subtype (ASYMMETRIC_TPM_KEY_SUBTYPE) [N/m/?] (NEW) |Error in reading or end of file.
please note that asym_tpm (module) has been removed in 5.17: <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d3cff4a9>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 6387715)
ramips: fix wifi mac address of HiWiFi series devices
For HiWiFi series devices, label_mac can be read from bdinfo partition, and lan_mac, wlan2g_mac are same as the label_mac. Converting label_mac to wlan5g_mac only needs to unset 6th bit. (It seems that all HiWiFi's label_mac start with D4:EE)
For example: label D4:EE:07:32:84:88 lan D4:EE:07:32:84:88 wan D4:EE:07:32:84:89 wlan2g D4:EE:07:32:84:88 wlan5g D0:EE:07:32:84:88
Tested on HiWiFi HC5661.
Signed-off-by: Shiji Yang <yangshiji66@qq.com> (commit: 2e6d19e)
In commit ab143647ef ("kernel: generic: improve FIT partition parser") part_bits was bumped to 2 in order to allow up to 3 additional FIT sub-images mapped into sub-partitions. This change has to be reflected also in our local patch 420-mtd-set-rootfs-to-be-root-dev.patch which still assumed part_bits==1 for mtdblock devices in case of CONFIG_FIT_PARTITION=y.
Fixes: #9557 Fixes: ab143647ef ("kernel: generic: improve FIT partition parser") Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 13960fb)
Rework hack patch in dir for kernel 5.15. For the specific patch of packet mangeling introduce a new extra_priv_flags as we don't have enough space to add additional flags in priv_flags.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 1f302af)
Standardize pending patch tcp_no_window_check patch as with new kernel they added a check for global variables. The 2 new condition are that they must be read-only or the data pointer should not point to kernel/module global data. Remove the global variable and move it to a standard place following other variables logic.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 92fb51b)
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> [added some missing Kconfig symbols] Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 07b92c6)
Add new module require in 5.15 - Changes in block module - Changes in netfilter module (log module unified) - Changes in fs module (mainly new depends for cifs and new ntfs3 module) - Changes in lib add shared lib now used by more than 1 kmod - Changes in crypto, dropped one crypto algo added arm crypto accellerator - Changes in other, add zram default compressor choice and missing lib by tpm module
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: bd0db60)
After fixing the original 720 patch, it looks like more were added for additional AQR ID-s.
Patches that add the additional AQR PHY ID-s is just copy/paste from 5.10 and kernel 5.11 dropped the ack_interrupt method for PHY IRQ handling, instead handle_interrupt is used.
So, simply switch to using handle_interrupt like other upstream AQR PHY-s.
Signed-off-by: Robert Marko <robimarko@gmail.com> (commit: 81fdb6a)
Patches that add the additional AQR PHY ID-s is just copy/paste from 5.10 and kernel 5.11 dropped the ack_interrupt method for PHY IRQ handling, instead handle_interrupt is used.
So, simply switch to using handle_interrupt like other upstream AQR PHY-s.
Signed-off-by: Robert Marko <robimarko@gmail.com> Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 71efd34)
generic: fix compilation warning for ar8xxx swconfig
There are 2 warning for ar8xxx swconfig. - Fix not used dev variable when ETHERNET_PACKET_MANGLE is not selected - Convert fallthrough comment to compilation macro
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 49d9d2b)
Chen Minqiang reported that he has troubles downloading nu801. His logs showed the followin TLS Handshake failure.
|Checking out files from the git repository... |Cloning into 'nu801-d9942c0c'... |fatal: unable to access 'https://github.com/chunkeey/nu801.git/': | gnutls_handshake() failed: The TLS connection was non-properly terminated. |Makefile:39: recipe for target '[...]/dl/nu801-d9942c0c.tar.xz' failed
This can be fixed by providing a PKG_MIRROR_HASH. The download scripts will now be able to pull the source from OpenWrt's source archive, which should be available through HTTP.
Reported-by: Chen Minqiang <ptpt52@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 7368345)
gpio-cdev: move kmod-leds-uleds dependency to MX100
The inclusion of the kmod-leds-uleds into the userspace nu801 package causes a circular dependency inside the buildsystem... which causes it to be picked regardless of other DEPENDS values.
In case of the mx100, this could be solved by moving the kmod-leds-uled dependency to the kmod-meraki-mx100.
Bonus: drop @!LINUX_5_4 from kmod-meraki-mx100 Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: eeb8fd4)
Since the Google Wifi (Gale) is currently the only target in this sub-target. So this means that subtarget has to be disabled from the time being to not be picked up by the builders.
For people wanting to checkout out OpenWrt on the Google Wifi: please compile it locally.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 35d2bbc)
Refresh patch for 5.15 Rework tweak patch to sync with upstream ipq8064 dtsi and fix regression introduced. Rename nand_controller to nand in every dts.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 8cc2cae)
Now that smem actually free the leaked parts, when a rootfs partition is detected, the kernel panics as it try to free the static space allocated for the "ubi" name. Change the logic and fix the name at the allocate_partition function to correctly free the space allocated by smem.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: e86dfd0)
Fix dedicated cpufreq for kernel 5.15 as they changed module order and now it can happen that cpufreq probe after cache driver. Also add lock between cache scaling in set_target as it's now required by opp functions.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 876a49c)
kernel: Backport mv88e6xxx patch to keep pvid at 0 if VLAN-unaware and remove hack
Backport patch 8b6836d82470 ("net: dsa: mv88e6xxx: keep the pvid at 0 when VLAN-unaware") from 5.15.
Keeping the pvid at 0 when VLAN-unaware makes it possible to drop the hack introduced in commit 920eaab1d817 ("kernel: DSA roaming fix for Marvell mv88e6xxx"). Dropping the hack makes it possible to use VLAN interfaces with VID 1 on DSA ports without problems with FDB.
Signed-off-by: Marek Behún <kabel@kernel.org> (commit: 9caa6f0)
libs/zlib: bump to latest stable release 1.2.12 (CVE-2018-25032)
List of changes since previous release from 2018 is quite long:
* Fix crc32.c to compile local functions only if used. * Check for cc masquerading as gcc or clang in configure. * Remove destructive aspects of make distclean. * Separate out address sanitizing from warnings in configure. * Eliminate use of ULL constants. * Add fallthrough comments for gcc. * Clean up minizip to reduce warnings for testing. * Fix unztell64() in minizip to work past 4GB. (Daniël Hörchner) * minizip warning fix if MAXU32 already defined. (gvollant) * Replace black/white with allow/block. (theresa-m) * Fix indentation in minizip's zip.c. * Improve portability of contrib/minizip. * Correct typo in blast.c. * Change macro name in inflate.c to avoid collision in VxWorks. * Clarify gz* function interfaces, referring to parameter names. * Fix error in comment on the polynomial representation of a byte. * Fix memory leak on error in gzlog.c. * Avoid adding empty gzip member after gzflush with Z_FINISH. * Explicitly note that the 32-bit check values are 32 bits. * Use ARM crc32 instructions if the ARM architecture has them. * Add use of the ARMv8 crc32 instructions when requested. * Correct comment in crc32.c. * Don't bother computing check value after successful inflateSync(). * Use atomic test and set, if available, for dynamic CRC tables. * Speed up software CRC-32 computation by a factor of 1.5 to 3. * Add crc32_combine_gen() and crc32_combine_op() for fast combines. * Add tables for crc32_combine(), to speed it up by a factor of 200. * Fix the zran.c example to work on a multiple-member gzip file. * Add gznorm.c example, which normalizes gzip files. * Show all the codes for the maximum tables size in enough.c. * Clarify that prefix codes are counted in enough.c. * Use inline function instead of macro for index in enough.c. * Clean up code style in enough.c, update version. * Use a macro for the printf format of big_t in enough.c. * Use a structure to make globals in enough.c evident. * Assure that the number of bits for deflatePrime() is valid. * Fix a bug that can crash deflate on some input when using Z_FIXED. * Correct the initialization requirements for deflateInit2(). * Emphasize the need to continue decompressing gzip members. * Add legal disclaimer to README. * Fix deflateEnd() to not report an error at start of raw deflate. * Remove old assembler code in which bugs have manifested. * Make the names in functions declarations identical to definitions. * Avoid an undefined behavior of memcpy() in _tr_stored_block(). * Avoid undefined behaviors of memcpy() in gz*printf(). * Avoid an undefined behavior of memcpy() in gzappend(). * Avoid the use of ptrdiff_t. * Handle case where inflateSync used when header never processed. * Don't compute check value for raw inflate if asked to validate. * Add address checking in clang to -w option of configure. * Return an error if the gzputs string length can't fit in an int. * Small speedup to inflate [psumbera]. * Update use of errno for newer Windows CE versions. * Avoid some conversion warnings in gzread.c and gzwrite.c. * Have Makefile return non-zero error code on test failure. * Avoid a conversion error in gzseek when off_t type too small. * Fix CLEAR_HASH macro to be usable as a single statement. * Fix bug when window full in deflate_stored(). * Limit hash table inserts after switch from stored deflate. * Permit a deflateParams() parameter change as soon as possible. * Cygwin does not have _wopen(), so do not create gzopen_w() there.
Removed 006-fix-compressor-crash-on-certain-inputs.patch which was hotfix for CVE-2018-25032 and is now included in this release.
This release is not available on @SF (yet?) so the sources are now pulled from GitHub.
Fixes: CVE-2018-25032 Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 8839a93)
tools/zlib: bump to latest stable release 1.2.12 (CVE-2018-25032)
List of changes since previous release from 2018 is quite long:
* Fix crc32.c to compile local functions only if used. * Check for cc masquerading as gcc or clang in configure. * Remove destructive aspects of make distclean. * Separate out address sanitizing from warnings in configure. * Eliminate use of ULL constants. * Add fallthrough comments for gcc. * Clean up minizip to reduce warnings for testing. * Fix unztell64() in minizip to work past 4GB. (Daniël Hörchner) * minizip warning fix if MAXU32 already defined. (gvollant) * Replace black/white with allow/block. (theresa-m) * Fix indentation in minizip's zip.c. * Improve portability of contrib/minizip. * Correct typo in blast.c. * Change macro name in inflate.c to avoid collision in VxWorks. * Clarify gz* function interfaces, referring to parameter names. * Fix error in comment on the polynomial representation of a byte. * Fix memory leak on error in gzlog.c. * Avoid adding empty gzip member after gzflush with Z_FINISH. * Explicitly note that the 32-bit check values are 32 bits. * Use ARM crc32 instructions if the ARM architecture has them. * Add use of the ARMv8 crc32 instructions when requested. * Correct comment in crc32.c. * Don't bother computing check value after successful inflateSync(). * Use atomic test and set, if available, for dynamic CRC tables. * Speed up software CRC-32 computation by a factor of 1.5 to 3. * Add crc32_combine_gen() and crc32_combine_op() for fast combines. * Add tables for crc32_combine(), to speed it up by a factor of 200. * Fix the zran.c example to work on a multiple-member gzip file. * Add gznorm.c example, which normalizes gzip files. * Show all the codes for the maximum tables size in enough.c. * Clarify that prefix codes are counted in enough.c. * Use inline function instead of macro for index in enough.c. * Clean up code style in enough.c, update version. * Use a macro for the printf format of big_t in enough.c. * Use a structure to make globals in enough.c evident. * Assure that the number of bits for deflatePrime() is valid. * Fix a bug that can crash deflate on some input when using Z_FIXED. * Correct the initialization requirements for deflateInit2(). * Emphasize the need to continue decompressing gzip members. * Add legal disclaimer to README. * Fix deflateEnd() to not report an error at start of raw deflate. * Remove old assembler code in which bugs have manifested. * Make the names in functions declarations identical to definitions. * Avoid an undefined behavior of memcpy() in _tr_stored_block(). * Avoid undefined behaviors of memcpy() in gz*printf(). * Avoid an undefined behavior of memcpy() in gzappend(). * Avoid the use of ptrdiff_t. * Handle case where inflateSync used when header never processed. * Don't compute check value for raw inflate if asked to validate. * Add address checking in clang to -w option of configure. * Return an error if the gzputs string length can't fit in an int. * Small speedup to inflate [psumbera]. * Update use of errno for newer Windows CE versions. * Avoid some conversion warnings in gzread.c and gzwrite.c. * Have Makefile return non-zero error code on test failure. * Avoid a conversion error in gzseek when off_t type too small. * Fix CLEAR_HASH macro to be usable as a single statement. * Fix bug when window full in deflate_stored(). * Limit hash table inserts after switch from stored deflate. * Permit a deflateParams() parameter change as soon as possible. * Cygwin does not have _wopen(), so do not create gzopen_w() there.
Removed 006-fix-compressor-crash-on-certain-inputs.patch which was hotfix for CVE-2018-25032 and is now included in this release.
This release is not available on @SF (yet?) so the sources are now pulled from GitHub.
Fixes: CVE-2018-25032 Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 9d8f620)
urandom-seed: use seedrng for seeding the random number generator
The RNG can't actually be seeded from a shell script, due to the reliance on ioctls. For this reason, the seedrng project provides a basic script meant to be copy and pasted into projects like OpenWRT and tweaked as needed: <https://git.zx2c4.com/seedrng/about/>.
This commit imports it into the urandom-seed package and wires up the init scripts to call it. This also is a significant improvement over the current init script, which does not robustly handle cleaning up of seeds and syncing to prevent reuse. Additionally, the existing script creates a new seed immediately after writing an old one, which means that the amount of entropy might actually regress, due to failing to credit the old seed.
Closes: https://github.com/openwrt/openwrt/issues/9570 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> [fixed missing INSTALL_DIR] (commit: 2edc017)
The mediatek USB kernel module xhci-mtk was restructed. The module after kernel 5.13 is named xhci-mtk-hcd. Link: https://lore.kernel.org/all/0b62e21ddfacc1c2874726dd27ccab80c993f303.1615170625.git.chunfeng.yun@mediatek.com/ Linux 14295a150050 ("usb: xhci-mtk: support to build xhci-mtk-hcd.ko")
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au> (commit: f65596e)
generic: 5.15: fix FIT partition parser on block partitions
Using set_disk_ro() doesn't have the desired effect and instead of just setting the single partition to be read-only it affects the whole disk. Use the bd_read_only flag in struct block_device instead to mark a partition being read-only.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 506ddce)
generic: backport 5.16 fix for hv utils build failure
Backports following fix:
hv: utils: add PTP_1588_CLOCK to Kconfig to fix build
The hyperv utilities use PTP clock interfaces and should depend a a kconfig symbol such that they will be built as a loadable module or builtin so that linker errors do not happen.
Prevents these build errors:
ld: drivers/hv/hv_util.o: in function `hv_timesync_deinit': hv_util.c:(.text+0x37d): undefined reference to `ptp_clock_unregister' ld: drivers/hv/hv_util.o: in function `hv_timesync_init': hv_util.c:(.text+0x738): undefined reference to `ptp_clock_register'
References: https://lore.kernel.org/stable/20220328093115.7486-1-ynezz@true.cz/T/#u Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 972f2bf)
realtek: Remove dnsmasq and odhcpd-ipv6only from default
Do not include the dnsmasq and odhcpd-ipv6only package by default any more. These services are not needed on a switch. If someone needs this it is still possible to use opkg or image builder to add them.
This decreases the compressed image size by about 165KBytes.
The realtek target is not a router, but basic device, see DEVICE_TYPE. The basic device type does not come with firewall by default, see include/target.mk for details. The realtek target extended DEFAULT_PACKAGES manually with firewall.
This changes the defaults to take firewall4 and nftables instead of firewall and iptables. This also adds the additional package kmod-nft-offload.
The only difference to the router type is the missing ppp, ppp-mod-pppoe, dnsmasq and odhcpd-ipv6only package.
This increases the compressed image size by about 422KBytes.
Drop the -processors argument from the mksquashfs4 call, so it will use all available processors. This dramatically reduces the time to create squashfs filesystems.
The times below are observed when building an image for my main router, the WatchGuard Firebox M300 (qoriq target):
Before: real 4m45,973s
After: real 0m23,497s
With this commit `mksquashfs` may use more cores than defined via `-j`. This is the same behaviour as for archive creation of ImageBuilder, SDK or toolchain. There is no trivial way to limit `mksquashfs` CPU core usage to the amount of "free" make jobs since two running `mksquashfs` instances would each run with the total allowed number (-j) of threads.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> [extended reasoning in commit message] Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: df2ae88)
Make sure xz uses at least 2 threads so compression always runs in multi-threaded mode as the resulting file in single-threaded mode differs.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible") Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: fc6a83e)
Flashing instructions: * Boot to CFE Recovery Mode by holding the reset button while power-on. * Connect to the router with an ethernet cable. * Set IPv4 address of the computer to 192.168.1.2 subnet 255.255.255.0. * Head to http://192.168.1.1. * Reset NVRAM. * Upload the OpenWrt image.
CFE bootloader may reject flashing the image due to image integrity check. In that case, follow the instructions below.
* Rename the OpenWrt image as firmware.trx. * Run a TFTP server and make it serve the firmware.trx file. * Run the URL below on a browser or curl. http://192.168.1.1/do.htm?cmd=flash+-noheader+192.168.1.2:firmware.trx+flash0.trx
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com> [rmilecki: mark BROKEN until we sort out nvram & CFE recovery] Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (commit: 72b9b72)
Introduce `sha256_unsigned` which is a checksum of the image _before_ a signature is attached. This is helpful to compare image reproducibility.
Since the `.sha256sum` file is located in the $(KDIR) folder, switch $(BIN_DIR) with $(KDIR) to simplify the code. The value of $(BIN_DIR) itself is not stored inside the resulting JSON file, so it can be replaced.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 8822a8d)
bcm53xx: add switch ports for Buffalo WZR-900DHP & re-enable it
Specify the switch ports in the DTS file. Re-enable it after it was disabled by commit e9672b1a8fa4 ("bcm53xx: switch to the upstream DSA-based b53 driver").
ath79: fix label MAC address for Ubiquiti UniFi AP Outdoor+
The label has the MAC address of eth0, not the WLAN PHY address. We can merge the definition back into ar7241_ubnt_unifi.dtsi, as both DTS derived from it use the same interface for their label MAC addresses after all.
Kernel setting `/proc/sys/kernel/pid_max` can be set up to 4194304 (7 digits) which will cause buffer overflow in busbox lock patch, this often happens when running in a rootfs container environment. This commit enlarges `pidstr` to 12 bytes to ensure a sufficient buffer for pid number and an additional char '\n'.
imx: make 5.15 default kernel and remove 5.10 support
In imx target we're sharing single, version agnostic kernel `config-default` file, which doesn't work very well with current 5.10 and upcoming 5.15 kernel symbols as recent rebase onto 5.15 kernel introduced in commit 2b395c298247 ("imx: update config for 5.15) has introduced following regression with 5.10 kernel:
Marvell 88E6xxx Ethernet switch fabric support (NET_DSA_MV88E6XXX) [Y/n/m/?] y Switch Global 2 Registers support (NET_DSA_MV88E6XXX_GLOBAL2) [Y/n/?] (NEW)
That NET_DSA_MV88E6XXX_GLOBAL2 kernel config symbol has been removed in upstream commit 63368a7416df ("net: dsa: mv88e6xxx: Make global2 support mandatory") in kernel version 5.12.
This issue could be probably fixed by introduction of separate kernel config files for each currently used kernel versions and subtarget, but it is not worth the hassle and resources as imx target is running mostly upstream kernel, so lets fix it by switching to 5.15 version instead.
Fixes: 2b395c298247 ("imx: update config for 5.15") Acked-by: Piotr Dymacz <pepe2k@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 9d26651)
Config option `ARM_ARCH_TIMER` has been removed during rebasing onto 5.15 kernel in commit 2b395c298247 ("imx: update config for 5.15").
Anyway, as stated in commit 8cdc356f8c30 ("mediatek: mt7623: Re-enable ARM arch timer") config option `ARM_ARCH_TIMER` cannot be enabled in the config directly; it is only selected by `HAVE_ARM_ARCH_TIMER`. We need to enable the latter in our config.
Fixes: 2b395c298247 ("imx: update config for 5.15") Reported-by: Piotr Dymacz <pepe2k@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: bf1c3a5)
Revert "ipq40xx: stop chromium sub-target builds on the buildbots"
This reverts commit 35d2bbc29ba7f802706bf65585aeb8808fcac622 as we believe we found that it is indeed an openssl issue, where openssl is trying to use getrandom(2), but fails because this particular builder has an ancient kernel without that syscall. We didn't get to the bottom of why openssl doesn't fall back to something like /dev/random.
Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 39d28b8)
Use the kernel's built-in formula for computing this value. The value applied by OpenWRT's sysctl configuration file does not scale with the available memory, under-using hardware capabilities. Also, that formula also influences net.netfilter.nf_conntrack_buckets, which should improve conntrack performance in average (fewer connections per hashtable bucket).
Backport upstream commit for its effect on the number of connections per hashtable bucket.
Apply a hack patch to set the RAM size divisor to a more reasonable value (2048, down from 16384) for our use case, a typical router handling several thousands of connections.
Signed-off-by: Vincent Pelletier <plr.vincent@gmail.com> Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com> (commit: 15fbb91)
octeon/patches-5.10 -> octeon/patches-5.15 Removed 140-octeon_e300_support.patch as E300 support appears to be upstreamed. Reworked 130-add_itus_support.patch to compensate for the upstreaming of E300
octeon/config-5.15 The following Kernel Symbols were ADDED: Line 5: +CONFIG_AF_UNIX_OOB=y Line 6: +CONFIG_AHCI_OCTEON=y Line 9: +CONFIG_ARCH_KEEP_MEMBLOCK=y Line 16: +CONFIG_ATA=y Line 17: +CONFIG_BINARY_PRINTF=y Line 29: +CONFIG_CPU_R4K_FPU=y Line 45: +CONFIG_FWNODE_MDIO=y Line 51: +CONFIG_GENERIC_FIND_FIRST_BIT=y Line 59: +CONFIG_GLOB=y Line 61: +CONFIG_GPIO_CDEV=y Line 77: +CONFIG_LTO_NONE=y Line 85: +CONFIG_MIPS_FP_SUPPORT=y Line 93: +CONFIG_NET_SELFTESTS=y Line 94: +CONFIG_NET_SOCK_MSG=y Line 105: +CONFIG_PATA_OCTEON_CF=y Line 106: +CONFIG_PATA_TIMINGS=y Line 114: +CONFIG_PTP_1588_CLOCK_OPTIONAL=y Line 121: +CONFIG_SATA_AHCI_PLATFORM=y Line 122: +CONFIG_SATA_HOST=y Line 124: +CONFIG_SCSI_COMMON=y Line 132: +CONFIG_SOCK_RX_QUEUE_MAPPING=y Line 157: +CONFIG_USB_XHCI_HCD=y Line 158: +CONFIG_USB_XHCI_PLATFORM=y
The following kernel symbols were REMOVED: Line 21: -CONFIG_BLK_SCSI_REQUEST=y Line 37: -CONFIG_ENABLE_MUST_CHECK=y Line 69: -CONFIG_HOLES_IN_ZONE=y Line 102: -CONFIG_OF_NET=y Line 140: -CONFIG_SYS_SUPPORTS_HUGETLBFS=y
Compiled for Itus Shield, Boots successfully, continuing to test for existing 5.10 memory leak.
Previously commit openwrt/packages@3abb7cb ("lvm2: Added script and updated Makefile[...]") couldn't actually work and allow rootfs_data to be stored on a LVM2 as the necessary kernel modules had not been loaded at this point. Fix this by loading device-mapper modules early at boot.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 82f9ad6)
The WatchGuard Firebox M200 and M300 use a Marvell 88e1543 PHY for the first 3 ethernet ports. This PHY is supported by the Marvell Alaska PHY driver, so enable it.
* Always store build logs * Store .config as an artifact * Rename job to `tools-{ os }` for log archive without spaces * Run CI job on changes to the CI file itself
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 80f79be)
MHI WWAN CTRL allows QCOM-based PCIe modems to expose different modem control protocols/ports to userspace, including AT, MBIM, QMI, DIAG and FIREHOSE. These protocols can be accessed directly from userspace (e.g. AT commands) or via libraries/tools (e.g. libmbim, libqmi, libqcdm)
kernel: set SOURCE_DATE_EPOCH for initramfs root dir
Make sure the timestamp of the root directory of the initramfs is set to SOURCE_DATE_EPOCH as well.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible") Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 54bcf58)
This package uses BPF to create a fast path which improves bridging performance by bypassing the bridge layer. It also supports creating tc offload rules for hardware that supports it. Hardware offload support can be used with MT7622 + MT7915 once it is merged
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 64f629e)
Problem exist when dnsmasq is exclusively bind to particular interface. After reconfiguring or restarting this interface, its index changes, but dnsmasq uses the old one. When this problem occurs, dnsmasq does not listen on the correct interface so DHCP does not work, and clients do not get an IP address. Procd netdev param can be added to restart dnsmasq when the interface index is changed.
Signed-off-by: Valentyn Datsko <valikk.d@gmail.com> [combined into a single &&-connected statement] Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 76f55e3)
libselinux: add missing host-build dependency on libsepol/host
The host-build of libselinux requires libsepol/host. Add the libsepol/host to HOST_BUILD_DEPENDS to allow build on hosts which don't have libsepol installed.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 0d3850d)
Two patches were removed because of the changes introduced in upstream:
1. 110-mx6cuboxi-mmc-fallback.patch Looks like similar changes were introduced in 6c3fbf3e456c ("mx6cuboxi: customize board_boot_order to access eMMC").
2. 111-mx6cuboxi_defconfig-force-mmc-boot.patch The 'CONFIG_SPL_FORCE_MMC_BOOT' was removed in 15aec318ef03 ("Revert "imx: Introduce CONFIG_SPL_FORCE_MMC_BOOT to force MMC boot on falcon mode").
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: e213375)
imx: bootscript-apalis: make it working with U-Boot 2022.01
Upstream in commit 8b9c0cb46471 ("apalis_imx6: boot env configuration updates") removed emmc legacy wrappers, but so far didn't included any replacements. Fix it by simply defining the missing variables and UUID gathering directly into the boot script.
Signed-off-by: Petr Štetiar <ynezz@true.cz> [pepe2k@gmail.com: updated commit title for 2022.01] Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: bfbf235)
imx: image: use 'u-boot-dtb.img' filename for SPL payload
For targets in U-Boot which were migrated to DM, the correct binary image filename will be 'u-boot-dtb.img'. For backward compatibility, keep support for both files and use the one which was generated with our 'uboot-imx' package.
See also 'CONFIG_SPL_FS_LOAD_PAYLOAD_NAME' and 'CONFIG_OF_CONTROL' in mainline U-Boot sources.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: a0528ca)
There are many ways to add external RTC to Raspberry Pi boards. Let's include support for this for the whole target and while at it, sort features alphabetically.
Fixes: #9594 Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: ff09905)
5beb87716e70 mt76: dma: add wrapper macro for accessing queue registers e0bc736d5617 mt76: add support for overriding the device used for DMA mapping b8c842daa081 mt76: make number of tokens configurable dynamically 87a962e0608f mt76: mt7915: add Wireless Ethernet Dispatch support 2accb74e6be3 mt76: mt7915: fix using null pointer when wfsys on e5227f2f3120 mt76: mt7921: Fix the error handling path of mt7921_pci_probe() ec0e9f4da32f mt76: mt7915: fix possible uninitialized pointer dereference in mt7986_wmac_gpio_setup 5a87be892ba7 mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector fe441e5d3dcf mt76: mt7915: do not pass data pointer to mt7915_mcu_muru_debug_set f3ddfe886283 mt76: mt7915: report rx mode value in mt7915_mac_fill_rx_rate 2a0d370cb5fe mt76: mt7915: use 0xff to initialize bitrate_mask in mt7915_init_bitrate_mask 506bb0605e3e mt76: mt7921: Add AP mode support
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: fd354ff)
Remove the configuration options which are building modules for the sub target configuration.
These kernel modules are not packaged. Kernel options should only be build as a module when they are selected by a kmod package and not by setting them to =m in the target kernel configuration.
The sama7 sub target does not have USB support, the feature should not be activated there. OpenWrt can automatically detect if the target supports USB by using the scripts/target-metadata.pl script. With the automatic detection USB support will only get activated on subtargest which actually support USB like sam9x and sama5.
hostapd: add ubus method for requesting link measurements
Add a ubus method to request link-measurements from connected STAs.
In addition to the STAs address, the used and maximum transmit power can be provided by the external process for the link-measurement. If they are not provided, 0 is used as the default value.
Signed-off-by: David Bauer <mail@david-bauer.net> (commit: 965aa33)
33f1e0b treewide: move json-c compat shims into internal header file e0e9431 vm: move unhandled exception reporting out of `uc_vm_execute_chunk()` 2b59140 vm: fix callframe double free on unhanded exceptions 7d7e950 main: abort when failing to load a preload library 1032a67 lib: let `json()` accept input objects implementing `read()` method 5ee68d5 fs: implement `fs.readfile()` and `fs.writefile()` df6b861 ci: debian: change path before attempting to invoke Git operations dfaf05a ci: debian: automatically update changelog from Git tag 34f3c45 ci: fix YAML syntax of Debian workflow e956bcf fs: fix off-by-one in fs.dirname() function 6fc4b6c .gitignore: fix overmatching patterns, blacklist cram .venv 7c2e082 build: remove legacy json-c check 77942af build: add polyfills for older libjson-c versions 0b4aaa3 CI: build Debian package f404285 debian: Add package definition a37f654 types: fix escape sequence encoding of high byte values in JSON strings aae5312 Update README.md 8134e25 build: fix symlink install target 87c7296 treewide: replace some leftover "utpl" occurrences, update .gitignore 7d27ad5 build: only stage ucc symlink if compile support is enabled 171402f lib: add date and time related functions 8b5dc60 lib: provide API function to obtain stdlib function implementations eb0d2f1 main: turn ucode into multicall executable 28ee7e1 uloop: add support for tasks 753dea9 CI: build on macOS 668c5c0 lib: add argument position support (`%m$`) to `sprintf()` and `printf()` ab46fdf treewide: remove legacy json-c include directives b8f49b1 tests: 21_regex_literals: generalize syntax error test case fd2e5e7 tests: 16_sort: fix logic flaw exposed on OS X 2c71bf2 tests: run_tests.sh: pass dummy value to `-T` flag 55c4a90 lib: disallow zero padding for %s formats 0d05cb5 tests: run_tests.sh: use greadlink if available 271e520 resolv: make OS X compatible d13c320 fs: avoid Linux specific sys/sysmacros.h include on OS X 33397a3 uloop: use execvp() on OS X bafdc8f lib: add naive sigtimedwait() stub for OS X ada1585 build: consolidate CMakeLists.txt and cover OS X deviations befbb69 include: add OS X compatible endian.h header 49838a8 include: rename include guards to avoid clashes with system headers 91f65de nl80211: add missing attributes and correct some attribute flags b4a1fd5 lib: adjust require(), render() and include() raw mode semantics 4618807 main: rework CLI frontend 73dcd78 lib: fix potential integer underflow on empty render output c402551 vm: fix crash on object literals with non-string computed properties efe8a02 syntax: support add new operators 078d686 ubus: add event support 6c66c83 ubus: refactor error and argument handling 1cb04f9 ubus: add object publishing, notify and subscribe support 0e85974 uloop: clear errno before integer conversion attempts 05bd7ed types: treat resource type prototypes as GC roots a2a26ca lib: introduce uloop binding 6b6d01f vm: release this context on exception in managed method call 1af23a9 tests: fix proto() testcase 4ce69a8 fs: implement access(), mkstemp(), file.flush() and proc.flush()
c63f193 bump version to 1.0.2 3cffa84 libnfnetlink: Check getsockname() return code 90ba679 include: Silence gcc warning in linux_list.h bb4f6c8 Make it clear that this library is deprecated e46569c Minimally resurrect doxygen documentation 5087de4 libnfnetlink: hide private symbols 62ca426 autogen: don't convert __u16 to u_int16_t efa1d8e src: Use stdint types everywhere 7a1a07c include: Sync with kernel headers 7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings 94b68f3 configure: uclinux is also linux 617fe82 src: get source code license header in sync with current licensing terms 97a3960 build: resolve automake-1.12 warnings
Removed the patch 100-missing_include.patch, libnfnetlink compiles fine with musl without this patch.
Signed-off-by: Nick Hainke <vincent@systemli.org> (commit: aecf088)
Duncan Roe (5): nlmsg: Fix a missing doxygen section trailer build: doc: "make" builds & installs a full set of man pages build: doc: get rid of the need for manual updating of Makefile build: If doxygen is not available, be sure to report "doxygen: no" to ./configure src: doc: Fix messed-up Netlink message batch diagram
Fernando Fernandez Mancera (1): src: fix doxygen function documentation
Florian Westphal (1): libmnl: zero attribute padding
Guillaume Nault (1): callback: mark cb_ctl_array 'const' in mnl_cb_run2()
Kylie McClain (1): examples: nfct-daemon: Fix test building on musl libc
Laura Garcia Liebana (4): examples: add arp cache dump example examples: fix neigh max attributes examples: fix print line format examples: reduce LOCs during neigh attributes validation
Pablo Neira Ayuso (3): doxygen: remove EXPORT_SYMBOL from the output include: add MNL_SOCKET_DUMP_SIZE definition build: libmnl 1.0.5 release
Petr Vorel (1): examples: Add rtnl-addr-add.c
Stephen Hemminger (1): examples: rtnl-addr-dump: fix typo
igo95862 (1): doxygen: Fixed link to the git source tree on the website.
Signed-off-by: Nick Hainke <vincent@systemli.org> (commit: c3b7389)
- update dropbear to latest stable 2022.82; for the changes see https://matt.ucc.asn.au/dropbear/CHANGES - use $(AUTORELEASE) in PKG_RELEASE - use https for all uris - refresh all patches - rewrite patches: - 100-pubkey_path.patch - 130-ssh_ignore_x_args.patch
ath79: Move TPLink WPA8630Pv2 to ath79-tiny target
These devices only have 6MiB available for firmware, which is not enough for recent release images, so move these to the tiny target.
Note for users sysupgrading from the previous ath79-generic snapshot images:
The tiny target kernel has a 4Kb flash erase block size instead of the generic target's 64kb. This means the JFFS2 overlay partition containing settings must be reformatted with the new block size or else there will be data corruption.
To do this, backup your settings before upgrading, then during the sysupgrade, de-select "Keep Settings". On the CLI, use "sysupgrade -n".
If you forget to do this and your system becomes unstable after upgrading, you can do this to format the partition and recover:
* Reboot * Press RESET when Power LED blinks during boot to enter Failsafe mode * SSH to 192.168.1.1 * Run "firstboot" and reboot
Signed-off-by: Joe Mullally <jwmullally@gmail.com> Tested-by: Robert Högberg <robert.hogberg@gmail.com> (commit: 44e1e5d)
This commit add some enabled symbols to generic config. LTO is only supported by clang compiler and therefore should be disabled in the generic config instead of duplicating this symbol in each target. CONFIG_LTO_NONE do this job.
The second group of symbols is enabled by the options available in the generic config and is therefore added here: * CONFIG_AF_UNIX_OOB is selected by CONFIG_NET && CONFIG_UNIX, * CONFIG_BINARY_PRINTF is selected by CONFIG_BPF_SYSCALL, * CONFIG_NET_SOCK_MSG is selected by CONFIG_BPF_SYSCALL && CONFIG_NET.
The other symbols are disabled and should be in the generic config.
This commit also removes these symbols from subtargets.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl> (commit: a98ded6)
trusted-firmware-a.mk: make sure include directory exists
ARM Trusted Firmware builds do not depend on any target libraries as they are bare-metal builds. However, the compiler aborts due to -Werror=missing-include-dirs if the include dir doesn't exists and this can happen when building with parallelisation as that makes it likely for arm-trusted-firmware-* to be build very early before any of the libraries which would implicitely create the directory. Fix this by making sure the include dir exists before building.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 738d44f)
imagebuilder: export SOURCE_DATE_EPOCH to environment
Export SOURCE_DATE_EPOCH to environment so filesystem and image creation tools will make use of it. Fixes reproducibility of images generated with the ImageBuilder.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 5cf5dce)
This updates mac80211 to version 5.15.33-1 which is based on kernel 5.15.33. The removed patches were applied upstream.
This new release contains many fixes which were merged into the upstream Linux kernel. This also contains the following new drivers which are needed for ath11k: * net/qrtr/ * drivers/bus/mhi/
Generate FAT filesystem for EFI boot in a reproducible way: * use '--invariant' option of mkfs.fat * set timestamps of all files to SOURCE_DATE_EPOCH * make sure files are ordered locale-independent
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: aece8f5)
- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication can be bypassed. If a malicious client does not send the certificate_verify message a client can connect without presenting a certificate even if the server requires one.
- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS v1.3 server can have its certificate heck bypassed. If the sig_algo in the certificate_verify message is different than the certificate message checking may be bypassed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: e89f3e8)
Changes: new features: - qsort_r function (POSIX-future) - pthread_getname_np extension function - hard float on SPE FPU for powerpc-sf - SEEK_DATA and SEEK_HOLE exposed in unistd.h (Linux extensions)
compatibility: - free now preserves errno (POSIX-future requirement) - setjmp is declared explicitly with returns_twice for non-GCC compilers - macro version of isascii is no longer defined for C++ - dynamic linker now tolerates zero-length LOAD segments - epoll_[p]wait is now a cancellation point - pwd/grp functions no longer fail on systems without AF_UNIX support - POSIX TZ parsing is stricter to allow more names to fallback to files - NULL is now defined as nullptr when used in C++11 or later - gettext now accepts null pointer as argument
bugs fixed: - old regression in wcwidth of Hangul combining (vowel/final) letters - duplocale used wrong malloc when malloc was replaced (1.2.2 regression) - fmaf rounded wrong on archs without FE_TOWARDZERO (all softfloat archs) - popen didn't honor requirement not to leak other popen pipe fds to child - aligned_alloc and variants crashed on allocation failure - dl_iterate_phdr reported incorrect module TLS pointers - mishandling of some inputs in acoshf and expm1f and functions using them - potentially wrong-sign zero in cproj functions at infinity - multiple bugs in legacy function cuserid - minor posix_spawn file actions API conformance issues - pthread_setname_np fd leak - out-of-bound read in zoneinfo handling with distant-past times - out-of-tree builds lacked generated debug cfi for x86 asm
arch-specific bugs fixed: - powerpc (32-bit) struct shmid_ds layout was wrong for some fields - time64 struct layout was wrong in sound ioctl fallback (32-bit archs)
In addition it contains the following improvements: * protect stack canary from leak via read-as-string by zeroing second byte * fix excessively slow TLS performance on some mips models
netfilter: move nf-log modules into separate packages
Both legacy iptables and nftables require nf-log modules for rule logging, so move them into a separate package both firewall implementations can depend on.
Make sure sysupgrade on NAND also works in case of UBI volumes having index >9. While at it, also make sure UBI device is detected and abort in case it isn't. Use Shell built-in shorthand ':' instead of 'true'.
Fixes #9708 Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 0dbca1b)
Checking whether /sbin/udhcpc is a symbolic link breaks using the DHCP proto handler inside procd-ujail where bind-mounts are used for the resolved link. Check whether /sbin/udhcpc is executable instead to allow using the proto handler for DHCP-provisioned containers.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: c5f113c)
urandom-seed: go back to seeding with shell script temporarily
This reverts commit 2edc017a6e0cb92b72b768aaa46c6d336ad84eff.
We shouldn't be using a shell script here, but the SeedRNG integration into OpenWRT requires a bit more thought. Etienne raised some important points immediately after this was merged and planned to send some follow up commits, but became busy with other things. The points he raised are important enough that we should actually back this out until it's ready to go, and then merge it as a cohesive unit. So let's revert this for now, and come back to it later on.
Cc: Etienne Champetier <champetier.etienne@gmail.com> Cc: Petr Štetiar <ynezz@true.cz> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> (commit: a001630)
gemini: Create patches and config for kernel v5.15
This creates a v5.15 baseline for the Gemini platform. The main new attraction is the new crypto driver from Corentin Labbe that we activate in the new config. Config was refreshed.
scripts/gen_image_generic.sh: fix order of files in EFI bootfs
mtools recursive copy (mcopy -s ...) is using READDIR(3) to iterate over the directory entries, hence they end up in the FAT filesystem in traversal order which breaks reproducibility (rather than being added to the FAT filesystem in a reproducible order). Implement recursive copy in gen_image_generic.sh in Shell code instead, as in that way we can force files to be copied in reproducible order.
Improvements since the 4.0.38 release are: - Rename strtoi to strosi (string to signed int). The strtoi function on BSD does something else (returns an intmax, not an int)
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 08ebc38)
Upstream in commit 3e1e58d64c3d ("net: add generic selftest support") in version 5.13 added generic selftests module and usb-net-asix already depends on it, in version 5.18 via commit 1710b52d7c13 ("net: usb: smsc95xx: add generic selftest support") it will be used by usb-net-smsc95xx as well.
Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 8361946)
Upstream in commit 34a1dee6bc44 ("net: usb: asix: ax88772: add generic selftest support") in version 5.14 added dependency on generic selftest functionality and armvirt/64 when compiled with ALL_KMODS=y reports following:
Package kmod-usb-net-asix is missing dependencies for the following libraries: mdio_devres.ko selftests.ko
Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: afb0e93)
- QCA9563 (775MHz), 128MB RAM, 16MB SPI NOR - 2T2R 802.11b/g/n 2.4GHz - 2T2R 802.11n/ac 5GHz - 2x 10/100/1000 Mbps Ethernet, with 802.3at PoE support (WAN port)
LED for 5 GHz WLAN is currently not supported as it is connected directly to the QCA9882 radio chip.
Flash instructions:
If your device comes with generic QSDK based firmware, you can login over telnet (login: root, empty password, default IP: 192.168.188.253), issue first (important!) 'fw_setenv' command and then perform regular upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download image to the device, SSH server is not available):
In case your device runs firmware with YunCore custom GUI, you can use U-Boot recovery mode:
1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with 'tftp' image renamed to 'upgrade.bin' 2. Power the device with reset button pressed and release it after 5-7 seconds, recovery mode should start downloading image from server (unfortunately, there is no visible indication that recovery got enabled - in case of problems check TFTP server logs)
ath9k is setting the TX PA DC bias level different on QCA9561 and QCA9565 although they have the same radio IP-core, which results in a very low output power and very low throughput as devices are further away from the AP (compared to other 2.4GHz APs.)
In real life testing, without this patch the 2.4GHz throughput on Yuncore XD3200 is around 10Mbps sitting close to the AP, and close to theoretical maximum with the patch applied.
- QCA9533 (650 MHz), 64 or 128MB RAM, 16MB SPI NOR - 2x 10/100 Mbps Ethernet, with 802.3at PoE support (WAN) - 2T2R 802.11b/g/n 2.4GHz
Flash instructions:
If your device comes with generic QSDK based firmware, you can login over telnet (login: root, empty password, default IP: 192.168.188.253), issue first (important!) 'fw_setenv' command and then perform regular upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download image to the device, SSH server is not available):
In case your device runs firmware with YunCore custom GUI, you can use U-Boot recovery mode:
1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with 'tftp' image renamed to 'upgrade.bin' 2. Power the device with reset button pressed and release it after 5-7 seconds, recovery mode should start downloading image from server (unfortunately, there is no visible indication that recovery got enabled - in case of problems check TFTP server logs)
Signed-off-by: Clemens Hopfer <openwrt@wireloss.net> Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org> (commit: a05dcb0)
For some reason useless labels and aliases have been propagated through copy-paste. Before the issue spreads any further, this patch cleans up all relevant DTS files to the canonical form, bringing ath79 in line with other mikrotik platforms (ramips and ipq40xx).
image: strip metadata from images when used in other artifacts
Image metadata and signature is of no use for images which are included inside other artifacts (like an SD-card image). Strip them off before using images in artifacts or stashing them for the ImageBuilder as the contained signature breaks reproducibility.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 7a256d9)
The vendor u-boot image accepts sysupgrade.bin image with specific requirements, including having squashfs signature "hsqs" at file offset 0x140000. This is not possible now that OpenWrt kernel image is at least 2MB with the signature at offset 0x240000.
Installation of current build of OpenWrt now requires a bootstrap step of installing an earlier version first.
- If the vendor u-boot accepts sysupgrade image, hc6361 image of LEDE release should work - If the vendor u-boot accepts only verified flashsmt image, install the one in the above device page. The image is based on Barrier Breaker
The existing device tree has incorrect definitions for usb3_0 and usb3_1 and the blocks they depend upon: their addresses and interrupts are swapped. However, their clocks and resets are not. The result is that the USB blocks are non-functional if only one of them is enabled.
This fix backports the definitions from mainline Linux 5.15 to OpenWrt's 5.10 dtsi additions. See the relevant mainline code here: https://github.com/torvalds/linux/blob/v5.17/arch/arm/boot/dts/qcom-ipq8064.dtsi#L1062-L1148
This fix does not break existing ports. But some ports may have enabled both USB blocks even thought their board only implements one, because enabling a single USB block would not have worked before this fix. This means that revisiting all ports of ipq806x devices that implement a single USB port is advised. This work must be done by maintainers that can determine which USB block corresponds to the implemented port on their hardware.
Note that this fix swaps the names of the hardware ports. This is unfortunate, but will happen anyway when switching to kernel 5.15. Thus, it is best to do this ASAP, before users get to depend on port names.
It is strongly recommended that this fix is backported to 22.03 before its release. This will minimize the number of users affected by the port name swap.
This is required to support built-in modem of ZTE MF286R, in addition to other external modems, such as MF831, MF910, MF920, which refuse to reconfigure their remote MAC address, even if "locally administered" bit is set, leading to dropped traffic towards the host. Add a workaround for that issue already present in cdc_ether to rndis_host driver as well.
Add ifname property to UCI, which can be used to override the autodetected interface name in case the detection fails due to having none or more than one interface exposed by the modem, which is not explicitly linked to TTY port. This is needed on certain variants of ZTE MF286R built-in modem, which exposes both RNDIS and CDC-ECM interfaces on the modem, on which the automatic detection may select the wrong network interface.
comgt: ncm: select first available network interface for device
Some modems expose multiple network interfaces on the same USB device, causing the connection setup script to fail, because glob matching in the detection phase causes 'ls' to output more than one interface name plus their base directories in sysfs. Avoid that by listing the directories explicitly and then selecting first available interface. This is the case for some variants of ZTE MF286R built-in modem, which exposes both RNDIS and CDC-ECM network interfaces, causing the connection setup to fail.
comgt: ncm: try to detect interface for ttyACM ports
Some modems expose ttyACM as their control ports, which have the "device" symlink pointing one level down in sysfs tree. Try to find network interfaces for them as well, this is commonly used for modems exposing ACM + RNDIS or ACM + ECM interface combinations.
The modem is based on Marvell PXA1826 and uses ACM+RNDIS interface to establish connection with custom commands specific to ZTE modems. Two variants of modems were discovered, some identifying themselves as "ZTE", and others as plain "Marvell", the chipset manufacturer. The modem itself runs a fork of OpenWrt inside, which root shell can be accessed via ADB interface.
lantiq: fritz736x: Move GPIO resets to the inidvidual board.dts files
FRITZ!Box 7360 V2 and FRITZ!Box 7360 SL both use GPIOs 37 (for &phy0) and GPIO 44 (for &phy1) to control the PHY's reset lines. FRITZ!Box 7362 SL however uses GPIO 45 (for &phy0) and GPIO 44 (for &phy1). Move the GPIO reset definitions to each individual board .dts and while at it, fix the GPIOs for the FRITZ!Box 7362 SL.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> (commit: 56cd49b)
The Wavlink WL-WN531A3 is an AC1200 router with 5 fast ethernet ports and one USB 2.0 port. It's also known as Wavlink QUANTUM D4.
Hardware -------- SoC: Mediatek MT7628AN RAM: 64MB FLASH: 8MB NOR (GigaDevice GD25Q64CSIG3) ETH: - 5x 10/100 Mbps Ethernet (4x LAN + 1x WAN) WIFI: - 2.4GHz: 1x (integrated in SOC) (2x2:2) - 5GHz: 1x MT7612E (2x2:2) - 4 external antennas BTN: - 1x Reset button - 1x WPS button - 1x Turbo button - 1x Touchlink button - 1x ON/OFF switch LEDS: - 1x Red led (system status) - 1x Blue led (system status) - 7x Blue leds (wifi led + 5 ethernet ports + power) USB: - 1x USB 2.0 port UART: - 57600-8-N-1 J1 O VCC +3,3V (near lan ports) o RX o TX o GND
Everything works correctly.
Currently there is no firmware update available. Because of this, in order to restore the OEM firmware, you must firstly dump the OEM firmware from your router before you flash the OpenWrt image.
Backup the OEM Firmware ----------------------- The following steps are to be intended for users having little to none experience in linux. Obviously there are many ways to backup the OEM firmware, but probably this is the easiest way for this router. Procedure tested on M31A3.V4300.200420 firmware version.
1) Go to http://192.168.10.1/webcmd.shtml
2) Type the following line in the "Command" input box and then press enter: mkdir /etc_ro/lighttpd/www/dev; cp /dev/mtd0ro /etc_ro/lighttpd/www/dev/mtd0ro; ls -la /etc_ro/lighttpd/www/dev/mtd0ro
3) After few seconds in the textarea should appear this output: -rw-r--r-- 1 0 0 8388608 /etc_ro/lighttpd/www/dev/mtd0ro
If your output doesn't match mine, stop reading and ask for help in the forum.
4) Open in another tab http://192.168.10.1/dev/mtd0ro to download the content of the whole NOR. If the file size is 0 byte, stop reading and ask for help in the forum.
5) Come back to the http://192.168.10.1/webcmd.shtml webpage and type: rm /etc_ro/lighttpd/www/dev/mtd0ro; for i in 1 2 3 4 ; do cp /dev/mtd${i}ro /etc_ro/lighttpd/www/dev/mtd${i}ro; done; ls -la /etc_ro/lighttpd/www/dev/
6) After few seconds, in the textarea should appear this output: -rw-r--r-- 1 0 0 196608 mtd1ro -rw-r--r-- 1 0 0 65536 mtd2ro -rw-r--r-- 1 0 0 65536 mtd3ro -rw-r--r-- 1 0 0 8060928 mtd4ro drwxr-xr-x 7 0 0 0 .. drwxr-xr-x 2 0 0 0 .
If your output doesn't match mine, stop reading and ask for help in the forum.
7) Open the following links to download the partitions of the OEM FW: http://192.168.10.1/dev/mtd1ro http://192.168.10.1/dev/mtd2ro http://192.168.10.1/dev/mtd3ro http://192.168.10.1/dev/mtd4ro
If one (or more) of these files are 0 byte, stop reading and ask for help in the forum.
8) Store these downloaded files in a safe place.
9) Reboot your router to remove any temporary file in ram.
Installation ------------ Flash the initramfs image in the OEM firmware interface (http://192.168.10.1/update.shtml). When Openwrt boots, flash the sysupgrade image otherwise you won't be able to keep configuration between reboots.
Restore OEM Firmware -------------------- Flash the "mtd4ro" file you previously backed-up directly from LUCI. Warning: Remember to not keep settings! Warning2: Remember to force the flash.
Notes ----- 1) Router mac addresses: LAN XX:XX:XX:XX:XX:9B (factory @ 0x28) WAN XX:XX:XX:XX:XX:9C (factory @ 0x2e) WIFI 2G XX:XX:XX:XX:XX:9D (factory @ 0x04) WIFI 5G XX:XX:XX:XX:XX:9E (factory @ 0x8004)
LABEL XX:XX:XX:XX:XX:9D
2) There is just one wifi led for both wifi interfaces. It currently shows only the 2.4 GHz wifi activity.
This device is from now-defunct BOLT! ISP in Indonesia. The original firmware is based on mediatek SDK running linux 2.6 or 3.x in later revision.
Specifications:
- SoC: MediaTek MT7621 - Flash: 32 MiB NOR SPI - RAM: 128 MiB DDR3 - Ethernet: 2x 10/100/1000 Mbps (switched, LAN + WAN) - WIFI0: MT7603E 2.4GHz 802.11b/g/n - WIFI1: MT7612E 5GHz 802.11ac - Antennas: 2x internal, non-detachable - LEDs: Programmable LEDs: 5 blue LEDs (wlan, tel, sig1-3) and 2 red LEDs (wlan and sig1) Non-programmable "Power" LED - Buttons: Reset and WPS
Instalation: Install from TFTP
Set your PC IP to 10.10.10.3 and gateway to 10.10.10.123 Press "1" when turning on the router, and type the initramfs file name
You also need to solder pin header or cable to J4 or neighboring test points (T19-T21) Pinouts from top to bottom: GND, TX, RX, VCC (3.3v) Baudrate: 57600n8
There's also an additional gigabit transformer and RTL8211FD managed by the LTE module on the backside of the PCB.
Signed-off-by: Abdul Aziz Amar <abdulaziz.amar@gmail.com> (commit: 78c3534)
MAC addresses as verified by OEM firmware: use address source Lan/Wan/2G *:60 factory 0x4 (label) 5G *:64 factory 0x8000
Serial console: 57600,8n1
Installation:
Asus windows recovery tool:
install the Asus firmware restoration utility unplug the router, hold the reset button while powering it on release when the power LED flashes slowly specify a static IP on your computer: IP address: 192.168.1.75 Subnet mask 255.255.255.0 start the Asus firmware restoration utility, specify the factory image and press upload do NOT power off the device after OpenWrt has booted until the LED flashing after flashing OpenWrt, there will be first no 5GHz Wifi available probably, wait until blinking finishes and do a reboot TFTP Recovery method:
set computer to a static ip, 192.168.1.75 connect computer to the LAN 1 port of the router hold the reset button while powering on the router for a few seconds send firmware image using a tftp client; i.e from linux: $ tftp tftp> binary tftp> connect 192.168.1.1 tftp> put factory.bin tftp> quit do NOT power off the device after OpenWrt has booted until the LED flashing after flashing OpenWrt, there will be first no 5GHz Wifi available probably, wait until blinking finishes and do a reboot
ramips: mt7621: make u_env partition r/w for Linksys EA7xxx devices
Make u_env partition read/write - currently cannot write to it, which blocks fw_setenv. This in turn breaks features like Advanced Reboot, which rely on setting the environment variable boot_part (1 or 2).
Signed-off-by: Russell Morris <rmorris@rkmorris.us> (commit: fb3f519)
The Sophos AP100, AP100C, AP55, and AP55C are dual-band 802.11ac access points based on the Qualcomm QCA9558 SoC. They share PCB designs with several devices that already have partial or full support, most notably the Devolo DVL1750i/e.
The AP100 and AP100C are hardware-identical to the AP55 and AP55C, however the 55 models' ART does not contain calibration data for their third chain despite it being present on the PCB.
Specifications common to all models: - Qualcomm QCA9558 SoC @ 720 MHz (MIPS 74Kc Big-endian processor) - 128 MB RAM - 16 MB SPI flash - 1x 10/100/1000 Mbps Ethernet port, 802.3af PoE-in - Green and Red status LEDs sharing a single external light-pipe - Reset button on PCB[1] - Piezo beeper on PCB[2] - Serial UART header on PCB - Alternate power supply via 5.5x2.1mm DC jack @ 12 VDC
Unique to AP100 and AP100C: - 3T3R 2.4GHz 802.11b/g/n via SoC WMAC - 3T3R 5.8GHz 802.11a/n/ac via QCA9880 (PCI Express)
AP55 and AP55C: - 2T2R 2.4GHz 802.11b/g/n via SoC WMAC - 2T2R 5.8GHz 802.11a/n/ac via QCA9880 (PCI Express)
AP100 and AP55: - External RJ45 serial console port[3] - USB 2.0 Type A port, power controlled via GPIO 11
Flashing instructions:
This firmware can be flashed either via a compatible Sophos SG or XG firewall appliance, which does not require disassembling the device, or via the U-Boot console available on the internal UART header.
To flash via XG appliance: - Register on Sophos' website for a no-cost Home Use XG firewall license - Download and install the XG software on a compatible PC or virtual machine, complete initial appliance setup, and enable SSH console access - Connect the target AP device to the XG appliance's LAN interface - Approve the AP from the XG Web UI and wait until it shows as Active (this can take 3-5 minutes) - Connect to the XG appliance over SSH and access the Advanced Console (Menu option 5, then menu option 3) - Run `sudo awetool` and select the menu option to connect to an AP via SSH. When prompted to enable SSH on the target AP, select Yes. - Wait 2-3 minutes, then select the AP from the awetool menu again. This will connect you to a root shell on the target AP. - Copy the firmware to /tmp/openwrt.bin on the target AP via SCP/TFTP/etc - Run `mtd -r write /tmp/openwrt.bin astaro_image` - When complete, the access point will reboot to OpenWRT.
To flash via U-Boot serial console: - Configure a TFTP server on your PC, and set IP address 192.168.99.8 with netmask 255.255.255.0 - Copy the firmware .bin to the TFTP server and rename to 'uImage_AP100C' - Open the target AP's enclosure and locate the 4-pin 3.3V UART header [4] - Connect the AP ethernet to your PC's ethernet port - Connect a terminal to the UART at 115200 8/N/1 as usual - Power on the AP and press a key to cancel autoboot when prompted - Run the following commands at the U-Boot console: - `tftpboot` - `cp.b $fileaddr 0x9f070000 $filesize` - `boot` - The access point will boot to OpenWRT.
MAC addresses as verified by OEM firmware:
use address source LAN label config 0x201a (label) 2g label + 1 art 0x1002 (also found at config 0x2004) 5g label + 9 art 0x5006
Increments confirmed across three AP55C, two AP55, and one AP100C.
These changes have been tested to function on both current master and 21.02.0 without any obvious issues.
[1] Button is present but does not alter state of any GPIO on SoC [2] Buzzer and driver circuitry is present on PCB but is not connected to any GPIO. Shorting an unpopulated resistor next to the driver circuitry should connect the buzzer to GPIO 4, but this is unconfirmed. [3] This external RJ45 serial port is disabled in the OEM firmware, but works in OpenWRT without additional configuration, at least on my three test units. [4] On AP100/AP55 models the UART header is accessible after removing the device's top cover. On AP100C/AP55C models, the PCB must be removed for access; three screws secure it to the case. Pin 1 is marked on the silkscreen. Pins from 1-4 are 3.3V, GND, TX, RX
Signed-off-by: Andrew Powers-Holmes <andrew@omnom.net> (commit: 6f1efb2)
* If "Active Image" has the first option selected, OpenWrt will need to be flashed to the "Active" partition. If the second option is selected, OpenWrt will need to be flashed to the "Backup" partition.
* Navigate to Maintenance > Firmware > Upload
* Upload the openwrt-realtek-rtl838x-zyxel_gs1900-24hp-v1-initramfs-kernel.bin file by your preferred method to the previously determined partition. When prompted, select to boot from the newly flashed image, and reboot the switch.
* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:
* Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10).
* Set up a TFTP server on your client and make it serve the initramfs image.
* Connect serial, power up the switch, interrupt U-boot by hitting the space bar, and enable the network:
> rtk network on
* Since the GS1900-24HP v1 is a dual-partition device, you want to keep the OEM firmware on the backup partition for the time being. OpenWrt can only be installed in the first partition anyway (hardcoded in the DTS). To ensure we are set to boot from the first partition, issue the following commands:
> setsys bootpartition 0 > savesys
* Download the image onto the device and boot from it:
Signed-off-by: Martin Kennedy <hurricos@gmail.com> [Add info on PoE hardware to commit message] Signed-off-by: Sander Vanheule <sander@svanheule.net> (commit: a5ac8ad)
This reverts commit f9ff282d17ec652d63fa2404e47bb0e15ed95b69 as during upstream patch review process nbd pointed out, that this patch needs more work:
"The patch looks wrong to me. I'm pretty sure that AR_CH0_TOP2 is the correct register, the definition has an explicit check for 9561 as well. I believe this patch works by accident because it avoids writing a wrong value to that register."
OrayBox X3A is a 2.4/5GHz dual band AC router, based on MediaTek MT7621.
Specification: * SoC: MT7621 * RAM: DDR3 128 MiB * Flash: 16 MiB NOR (XM25Q128) * Wi-Fi: (single chip hosting both 2.4G and 5G) * 2.4GHz: MT7615 * 5GHz: MT7615 * Ethernet: 3x 1000Mbps * Switch: MT7530 * LED: * Ethernet LEDs: On the back of the router, hardware-controlled. * Status LEDs: One "pixel-like" RGB LED in the front of the router, which is actually made up of 3 individual LEDs (with dedicated GPIO pins) with the color of Red, Green, and Blue. The OEM firmware only lights up one color at a time to indicate status, but that's very boring, and the colors actually look great when combined, so I've improvised a little and made them indicate netdev activities. My test results: GPIO 13/14/15 000 white (actually more like bright green or cyan because the brightness of the green LED is higher than red and blue) 001 bright purple 010 bright green 011 red 100 bright cyan 101 blue 110 green 111 off
Flash Layout: 0x0000000-0x0030000 : "u-boot" 0x0030000-0x0040000 : "u-boot-env" 0x0040000-0x0050000 : "factory" 0x0050000-0x0f50000 : "firmware" /*0x0f50000 to 0x0fe0000 is undefined, same as OEM firmware*/ 0x0fe0000-0x0ff0000 : "bdinfo" 0x0ff0000-0x1000000 : "reserve"
Installation via SSH (does not void your warranty): 1. -----UNLOCK SSH----- 1.1 Set computer IP to DHCP mode, load 'http://10.168.1.1/cgi-bin/luci' in your browser. Password is 'admin'. 1.2 Click the "备份且导出" (backup and export) button, and download the config file. 1.3 Open the downloaded file with 7zip, navigate to '/etc/config/'. 1.4 Edit the file './system'. Change the '0' into '1' under "config sys 'ssh'". 1.5 Save the file. 1.6 Upload the file by clicking the "导入且恢复" (import and recover) button. The router will automatically reboot. 2. -----FLASH THE OPENWRT FIRMWARE----- 2.1 Use any scp tool to upload the 'sysupgrade' firmware to the '/tmp/' folder to your router. It should be root@10.168.1.1 and the password is 'admin'. 2.2 SSH into the router, also root@10.168.1.1 and the password is 'admin'. 2.3 **IMPORTANT** Type command 'dd if=/dev/mtd3 of=/tmp/firmware.bin', to backup the stock firmware. Since the OEM does not provide firmware download on their website, this is the only way to get it. 2.3 **ALSO IMPORTANT** Use any scp tool to download your backed-up stock firmware from '/tmp/' to your local drive. Then you'd better use a hex reading tool to have a rough look at it to make sure nothing is corrupt. Or u can just back up again and cross check the MD5. 2.4 Type command 'mtd write /tmp/XXX.bin firmware', and it should flash the firmware. 2.5 Verify that nothing went wrong. If you're confident, type 'reboot' and reboot the router.
Revert to stock firmware: 1. load stock firmware using mtd (make sure u have a backup).
Signed-off-by: Ray Wang <raywang777@foxmail.com> (commit: 9a750aa)
This patch fixes an invalid TX PA DC bias level on QCA9561, which results in a very low output power and very low throughput as devices are further away from the AP (compared to other 2.4GHz APs), following a suggestion from nbd[1].
See https://mikrotik.com/product/RBwAP2nD for more info.
Flashing: TFTP boot initramfs image and then perform sysupgrade. Follow common MikroTik procedure as in https://openwrt.org/toh/mikrotik/common.
Note: following 781d4bfb397cdd12ee0151eb66c577f470e3377d The network setup avoids using the integrated switch and connects the single Ethernet port directly. This way, link speed (10/100 Mbps) is properly reported by eth0.
Signed-off-by: David Musil <0x444d@protonmail.com> (commit: e20de22)
base-files: safer sysupgrade for kernel-in-UBI devices
Ensure that the kernel CRC is invalidated while rootfs is being updated. This allows the bootloader to detect an interrupted sysupgrade and fall back to an alternate booting method, instead of just going ahead with normal boot and effectively bricking the device.
Possible fallbacks include a recovery initramfs partition or UBI volume and TFTP. See here for an example U-Boot configuration with fallbacks: https://shorturl.at/befsA (https://github.com/Lanchon/openwrt-tr4400-v2/ blob/e7d707d6bd7839fbd0b8d0bd180fce451df77e47/install-recovery.sh#L52-L63)
base-files: safer sysupgrade.tar for kernel-out-of-UBI
Ensure that the kernel CRC is invalidated while rootfs is being updated. This allows the bootloader to detect an interrupted sysupgrade and fall back to an alternate booting method, such as TFTP, instead of just going ahead with normal boot and effectively bricking the device.
Prepares code for ubirename-based safe sysupgrade implementation.
Fixes several issues: - the special CI_KERNPART value "none" is ignored if an MTD partition named "none" exists - misleading variable names (such as has_kernel to mean "tar has kernel and it should not be written to an MTD partition but a UBI volume") - inconsistent treatment of zero-length tar member files - inconsistent meaning of "0" and "" variable values - redundant operations (unneeded untaring, repeated untaring, unneeded partition lookups) - inconsistent variable quoting
Remove redundant check from nand ubinized sysupgrade code. This check has already been done in the only caller of the affected function: nand_do_upgrade.
Fix issues while retaining configuration during nand sysupgrade: - abort configuration saving if data partition is not found - generate diagnostics if saving fails (eg, because of lack of space) - do not output "sysupgrade successful" in case of errors
Attempt to minimize the time during which an interrupted nand sysupgrade can lead to a non-functional device by flushing caches before starting the upgrade procedure.
mediatek: mt7622: remove '0x' prefix from pstore address in dts
Adresses of device tree nodes are typically noted without the '0x' prefix. While having the '0x' prefix doesn't hurt when using Linux, more recent versions of U-Boot will add a duplicate ramoops node as a simple string compare is used to check if the node is already present.
Remove the '0x' prefix to avoid the kernel warning resulting from U-Boot adding a dupplicate pstore/ramoops node.
See also https://lists.denx.de/pipermail/u-boot/2022-April/481810.html
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: fc24533)
uboot-mediatek: remove '0x' prefix from pstore node
Remove '0x' prefix from pstore node in dts, just like it was done for the device tree used by Linux on MT7622. This change is done in preparation to update U-Boot to 2022.04.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 810b48e)
To create packages the `ipkg-build` script is used which double packs `control.tar.gz` and `data.tar.gz` to a single package. By default it's using a verbose username instead of a numeric value for files.
Official OpenWrt images (artifacts) are created within docker containers which do not seem to contain those verbose usernames and instead defaults to numeric values.
This becomes a problem when rebuilding public artifacts because other build environments may offer verbose usernames and there the created packages is different from the official ones.
With this commit `ipkg-build` always uses numeric values for user/group and thereby making it easier to reproduce official artifacts.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 7a73221)
MPLS feature symbols are normally only set when kmod-mpls is enabled, but the CONFIG_MPLS symbol they depend on could also have been selected by openvswitch instead
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 92add80)
uboot-mediatek: replace patch with accepted commit
Replace pending patch with version accepted upstream. Other than in the first suggested version, the new property is now called 'u-boot,bootconf' instead of 'bootconf'.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 079828f)
kernel: update FIT partition parser to new property name
The commit "uboot-mediatek: replace patch with accepted commit" changed the name of the boot configuration property from 'bootconf' to 'u-boot,bootconf'. Reflect this change in the FIT partition parser.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 690f715)
ath79: ZTE MF286R: add comgt-ncm to DEVICE_PACKAGES
When adding support to the router's built-in modem, this required package was omitted, because it was already enabled in the image configuration in use for testing, and this went unnoticed. In result, the modem still isn't fully supported in official images. As it is the primary WAN interface, add the missing package.
There are two versions which are identical apart from the enclosure: YunCore AX820: indoor ceiling mount AP with integrated antennas YunCore HWAP-AX820: outdoor enclosure with external (N) connectors
Flash instructions: The "OpenWRT support" version of the AX820 comes with a LEDE-based firmware with proprietary MTK drivers and a luci webinterface and ssh accessible under 192.168.1.1 on LAN; user root, no password. The sysupgrade.bin can be flashed using luci or sysupgrade via ssh, you will have to force the upgrade due to a different factory name. Remember: Do *not* preserve factory configuration!
MAC addresses as used by OEM firmware: use address source 2g 44:D1:FA:*:0b Factory 0x0004 (label) 5g 46:D1:FA:*:0b LAA of 2g lan 44:D1:FA:*:0c Factory 0xe000 wan 44:D1:FA:*:0d Factory 0xe000 + 1 The wan MAC can also be found in 0xe006 but is not used by OEM dtb.
Due to different MAC handling in mt76 the LAA derived from lan is used for 2g to prevent duplicate MACs when creating multiple interfaces.
Signed-off-by: Clemens Hopfer <openwrt@wireloss.net> (commit: 4891b86)
TP-Link RE650 v2 is largely similar to v1 that is already supported by OpenWrt. Notable differences is differnt SPI Flash - 8 MB instead of 16 MB (from cFeon instead of Winbond) and a different configuration of PCIE connections to wifi chips. Otherwise it's largely the same product as v1
Hardware specification:
- SoC 880 MHz - MediaTek MT7621AT - 128 MB of DDR3 RAM - 8 MB - cFeon QH64A-104HIP - 4T4R 2.4 GHz - MediaTek MT7615E - 4T4R 5 GHz - MediaTek MT7615E - 1x 1 Gbps Ethernet - MT7621AT integrated - 7x LEDs (Power, 2G, 5G, WPS(x2), Lan(x2)) - 4x buttons (Reset, Power, WPS, LED) - UART pinout - GND, RX, TX, labeled in the middle of the PCB, requires soldering because they're not through holes.
Serial console @ 57600,8n1
Flash instructions:
Upload openwrt-ramips-mt7621-tplink_re650-v2-squashfs-factory.bin from the RE650 web interface.
TFTP recovery to stock firmware: I didn't try recovering back to the stock firmware, however, if there is such process for other RExxx devices, it seems like it could be similar here.
Signed-off-by: Marcin Gordziejewski <openwrt@flicksfix.com> (commit: 3979997)
![[Jenkins]](/jenkins/static/c72b925d/images/svgs/logo.svg){kind=logo}
