mpc85xx: add support for Watchguard Firebox T10

Hardware -------- SoC: Freescale P1010 RAM: 512MB FLASH: 1 MB SPI-NOR 512 MB NAND ETH: 3x Gigabite Ethernet (Atheros AR8033) SERIAL: Cisco RJ-45 (115200 8N1) RTC: Battery-Backed RTC (I2C) Installation ------------ 1. Patch U-Boot by dumping the content of the SPI-Flash using a SPI programmer. The SHA1 hash for the U-Boot password is currently unknown. A tool for patching U-Boot is available at https://github.com/blocktrron/t10-uboot-patcher/ You can also patch the unknown password yourself. The SHA1 hash is E597301A1D89FF3F6D318DBF4DBA0A5ABC5ECBEA 2. Interrupt the bootmenu by pressing CTRL+C. A password prompt appears. The patched password is '1234' (without quotation marks) 3. Download the OpenWrt initramfs image. Copy it to a TFTP server reachable at 10.0.1.13/24 and rename it to uImage. 4. Connect the TFTP server to ethernet port 0 of the Watchguard T10. 5. Download and boot the initramfs image by entering "tftpboot; bootm;" in U-Boot. 6. After OpenWrt booted, create a UBI volume on the old data partition. The "ubi" mtd partition should be mtd7, check this using $ cat /proc/mtd Create a UBI partition by executing $ ubiformat /dev/mtd7 -y 7. Increase the loadable kernel-size of U-Boot by executing $ fw_setenv SysAKernSize 800000 8. Transfer the OpenWrt sysupgrade image to the Watchguard T10 using scp. Install the image by using sysupgrade: $ sysupgrade -n <path-to-sysupgrade> Note: The LAN ports of the T10 are 1 & 2 while 0 is WAN. You might have to change the ethernet-port. 9. OpenWrt should now boot from the internal NAND. Enjoy. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 35f6d79513)
2024-12-20 06:08:08 +00:00 · 2023-02-18 02:06:54 +01:00 · 2023-02-18 02:06:54 +01:00 · 788a0cf15c
commit 788a0cf15c
parent 0a32f66fea
10 changed files with 410 additions and 1 deletions
--- a/package/boot/uboot-envtools/files/mpc85xx
+++ b/package/boot/uboot-envtools/files/mpc85xx
@ -16,6 +16,9 @@ ocedo,panda)
 	ubootenv_add_uci_config "/dev/mtd1" "0x0" "0x20000" "0x20000"
 	ubootenv_add_uci_config "/dev/mtd2" "0x0" "0x20000" "0x20000"
 	;;
+watchguard,firebox-t10)
+	ubootenv_add_uci_config "$(find_mtd_part 'u-boot-env')" "0x0" "0x2000" "0x10000"
+	;;
 aerohive,hiveap-330)
 	ubootenv_add_uci_config "$(find_mtd_part 'u-boot-env')" "0x0" "0x20000" "0x10000"
 	;;
--- a/target/linux/mpc85xx/base-files/etc/board.d/02_network
+++ b/target/linux/mpc85xx/base-files/etc/board.d/02_network
@ -22,6 +22,9 @@ tplink,tl-wdr4900-v1)
 		"0@eth0" "2:lan:1" "3:lan:2" "4:lan:3" "5:lan:4" "1:wan"
 	ucidef_set_interface_macaddr "wan" "$(macaddr_add $(mtd_get_mac_binary u-boot 0x4fc00) 1)"
 	;;
+watchguard,firebox-t10)
+	ucidef_set_interfaces_lan_wan "eth1 eth2" "eth0"
+	;;
 *)
 	ucidef_set_interfaces_lan_wan "eth0" "eth1"
 	;;
--- a/target/linux/mpc85xx/base-files/lib/preinit/10_fix_eth_mac.sh
+++ b/target/linux/mpc85xx/base-files/lib/preinit/10_fix_eth_mac.sh
@ -6,6 +6,11 @@ preinit_set_mac_address() {
 		ip link set dev eth0 address $(mtd_get_mac_ascii cfg1 ethaddr)
 		ip link set dev eth1 address $(mtd_get_mac_ascii cfg1 eth1addr)
 		;;
+	watchguard,firebox-t10)
+		ip link set dev eth0 address "$(mtd_get_mac_text "device_id" 0x1830)"
+		ip link set dev eth1 address "$(mtd_get_mac_text "device_id" 0x1844)"
+		ip link set dev eth2 address "$(mtd_get_mac_text "device_id" 0x1858)"
+		;;
 	esac
 }

--- a/target/linux/mpc85xx/base-files/lib/upgrade/platform.sh
+++ b/target/linux/mpc85xx/base-files/lib/upgrade/platform.sh
@ -14,7 +14,8 @@ platform_do_upgrade() {

 	case "$board" in
 	ocedo,panda|\
-	sophos,red-15w-rev1)
+	sophos,red-15w-rev1|\
+	watchguard,firebox-t10)
 		nand_do_upgrade "$1"
 		;;
 	*)
--- a/target/linux/mpc85xx/config-5.10
+++ b/target/linux/mpc85xx/config-5.10
@ -256,6 +256,7 @@ CONFIG_THREAD_SHIFT=13
 CONFIG_TICK_CPU_ACCOUNTING=y
 CONFIG_TINY_SRCU=y
 # CONFIG_TL_WDR4900_V1 is not set
+# CONFIG_FIREBOX_T10 is not set
 # CONFIG_TOOLCHAIN_DEFAULT_CPU is not set
 # CONFIG_TQM8540 is not set
 # CONFIG_TQM8541 is not set
--- a/target/linux/mpc85xx/files/arch/powerpc/boot/dts/firebox-t10.dts
+++ b/target/linux/mpc85xx/files/arch/powerpc/boot/dts/firebox-t10.dts
@ -0,0 +1,268 @@
+// SPDX-License-Identifier: GPL-2.0-or-later or MIT
+
+#include <dt-bindings/input/input.h>
+#include <dt-bindings/gpio/gpio.h>
+
+/include/ "fsl/p1010si-pre.dtsi"
+
+/ {
+	model = "Watchguard Firebox T10";
+	compatible = "watchguard,firebox-t10";
+
+	chosen {
+		bootargs = "console=ttyS0,115200";
+		bootargs-override = "console=ttyS0,115200";
+	};
+
+	aliases {
+		spi0 = &spi0;
+		led-boot = &led_mode;
+		led-failsafe = &led_failover;
+		led-running = &led_mode;
+		led-upgrade = &led_attention;
+	};
+
+	memory {
+		device_type = "memory";
+	};
+
+	leds {
+		compatible = "gpio-leds";
+
+		led_attention: attention_orange {
+			gpios = <&gpio0 2 GPIO_ACTIVE_LOW>;
+			label = "orange:attention";
+		};
+
+		status_red {
+			gpios = <&gpio0 3 GPIO_ACTIVE_LOW>;
+			label = "red:status";
+		};
+
+		led_mode: mode_green {
+			gpios = <&gpio0 4 GPIO_ACTIVE_LOW>;
+			label = "green:mode";
+		};
+
+		led_failover: failover_green {
+			gpios = <&gpio0 5 GPIO_ACTIVE_LOW>;
+			label = "green:failover";
+		};
+	};
+
+	buttons {
+		compatible = "gpio-keys";
+
+		reset {
+			label = "Reset button";
+			gpios = <&gpio0 10 GPIO_ACTIVE_LOW>;
+			linux,code = <KEY_RESTART>;
+		};
+	};
+
+
+	soc: soc@ffe00000 {
+		ranges = <0x0 0x0 0xffe00000 0x100000>;
+
+		i2c@3000 {
+			rtc@30 {
+				compatible = "sii,s35390a";
+				reg = <0x30>;
+			};
+		};
+
+		spi0: spi@7000 {
+			flash@0 {
+				compatible = "jedec,spi-nor";
+				reg = <0>;
+				spi-max-frequency = <25000000>;
+
+				partitions {
+					compatible = "fixed-partitions";
+					#address-cells = <1>;
+					#size-cells = <1>;
+
+					uboot: partition@0 {
+						reg = <0x0 0x90000>;
+						label = "u-boot";
+						read-only;
+					};
+
+					partition@90000 {
+						reg = <0x90000 0x10000>;
+						label = "u-boot-env";
+					};
+
+					partition@a0000 {
+						reg = <0xa0000 0x20000>;
+						label = "cfgxxx";
+						read-only;
+					};
+
+					partition@c0000 {
+						reg = <0xc0000 0x40000>;
+						label = "device_id";
+						read-only;
+					};
+				};
+			};
+		};
+
+		gpio0: gpio-controller@fc00 {
+		};
+
+		usb@22000 {
+			phy_type = "utmi";
+			dr_mode = "host";
+		};
+
+		mdio@24000 {
+			phy1: ethernet-phy@1 {
+				reg = <0x1>;
+			};
+
+			phy2: ethernet-phy@2 {
+				reg = <0x2>;
+			};
+
+			phy3: ethernet-phy@3 {
+				reg = <0x3>;
+			};
+		};
+
+		mdio@25000 {
+			tbi_phy1: tbi-phy@11 {
+				reg = <0x11>;
+				device_type = "tbi-phy";
+			};
+		};
+
+		mdio@26000 {
+			tbi_phy2: tbi-phy@11 {
+				reg = <0x11>;
+				device_type = "tbi-phy";
+			};
+		};
+
+		enet0: ethernet@b0000 {
+			phy-handle = <&phy1>;
+			phy-connection-type = "rgmii-id";
+		};
+
+		enet1: ethernet@b1000 {
+			tbi-handle = <&tbi_phy1>;
+			phy-handle = <&phy2>;
+			phy-connection-type = "sgmii";
+		};
+
+		enet2: ethernet@b2000 {
+			tbi-handle = <&tbi_phy2>;
+			phy-handle = <&phy3>;
+			phy-connection-type = "sgmii";
+		};
+
+		sdhc@2e000 {
+			status = "disabled";
+		};
+
+		serial1: serial@4600 {
+			status = "disabled";
+		};
+
+		can0: can@1c000 {
+			status = "disabled";
+		};
+
+		can1: can@1d000 {
+			status = "disabled";
+		};
+	};
+
+	pci0: pcie@ffe09000 {
+		status = "disabled";
+	};
+
+	pci1: pcie@ffe0a000 {
+		status = "disabled";
+	};
+
+	ifc: ifc@ffe1e000 {
+		reg = <0x0 0xffe1e000 0 0x2000>;
+
+		/* NOR, NAND Flashes and CPLD on board */
+		ranges = <0x0 0x0 0x0 0xee000000 0x02000000
+			0x1 0x0 0x0 0xff800000 0x00010000
+			0x3 0x0 0x0 0xffb00000 0x00000020>;
+
+		nand@1,0 {
+			compatible = "fsl,ifc-nand";
+			reg = <0x1 0x0 0x10000>;
+
+			partitions {
+				compatible = "fixed-partitions";
+				#address-cells = <1>;
+				#size-cells = <1>;
+
+				/*
+				 * Original partition layout:
+				 * 0x000000000000-0x000000020000 : "NAND (RW) WG DTB Image"
+				 * 0x000000020000-0x000000520000 : "NAND (RW) WG SYSA Kernel"
+				 * 0x000000520000-0x000007f00000 : "NAND (RW) WG SYSA_CODE"
+				 * 0x000007f00000-0x000008400000 : "NAND (RW) WG SYSB Kernel"
+				 * 0x000008400000-0x000009c00000 : "NAND (RW) WG SYSB_CODE"
+				 * 0x000009c00000-0x00000a100000 : "NAND (RW) WG SYSA2 Kernel"
+				 * 0x00000a100000-0x000011ae0000 : "NAND (RW) WG SYSA_CODE2"
+				 * 0x000011ae0000-0x000020000000 : "NAND (RW) WG SYSA_DATA"
+				 */
+
+				partition@0 {
+					reg = <0x0 0x20000>;
+					label = "wg-dtb";
+					read-only;
+				};
+
+				partition@20000 {
+					reg = <0x20000 0x500000>;
+					label = "kernel";
+				};
+
+				partition@520000 {
+					reg = <0x520000 0x79e0000>;
+					label = "wg-sysa-rootfs";
+					read-only;
+				};
+
+				partition@7f00000 {
+					reg = <0x7f00000 0x500000>;
+					label = "wg-sysb-kernel";
+					read-only;
+				};
+
+				partition@8400000 {
+					reg = <0x8400000 0x1800000>;
+					label = "wg-sysb-rootfs";
+					read-only;
+				};
+
+				partition@9c00000 {
+					reg = <0x9c00000 0x500000>;
+					label = "wg-sysa2-kernel";
+					read-only;
+				};
+
+				partition@a100000 {
+					reg = <0xa100000 0x79e0000>;
+					label = "wg-sysa2-rootfs";
+					read-only;
+				};
+
+				partition@11ae0000 {
+					reg = <0x11ae0000 0xe520000>;
+					label = "ubi";
+				};
+			};
+		};
+	};
+};
+
+/include/ "fsl/p1010si-post.dtsi"
--- a/target/linux/mpc85xx/files/arch/powerpc/platforms/85xx/firebox_t10.c
+++ b/target/linux/mpc85xx/files/arch/powerpc/platforms/85xx/firebox_t10.c
@ -0,0 +1,87 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+
+/*
+ * Watchguard Firebox T10 Board Setup
+ *
+ * Copyright (C) 2023 David Bauer <mail@david-bauer.net>
+ *
+ * Based on:
+ *   p1010rdb.c:
+ *      P1010 RDB Board Setup
+ *      Copyright 2011 Freescale Semiconductor Inc.
+ *
+ * This program is free software; you can redistribute  it and/or modify it
+ * under  the terms of  the GNU General  Public License as published by the
+ * Free Software Foundation;  either version 2 of the  License, or (at your
+ * option) any later version.
+ */
+
+#include <linux/stddef.h>
+#include <linux/kernel.h>
+#include <linux/delay.h>
+#include <linux/interrupt.h>
+#include <linux/of_platform.h>
+
+#include <asm/time.h>
+#include <asm/machdep.h>
+#include <asm/pci-bridge.h>
+#include <mm/mmu_decl.h>
+#include <asm/prom.h>
+#include <asm/udbg.h>
+#include <asm/mpic.h>
+
+#include <sysdev/fsl_soc.h>
+#include <sysdev/fsl_pci.h>
+
+#include "mpc85xx.h"
+
+void __init firebox_t10_pic_init(void)
+{
+	struct mpic *mpic;
+
+	mpic = mpic_alloc(NULL, 0,
+	  MPIC_BIG_ENDIAN | MPIC_SINGLE_DEST_CPU,
+	  0, 256, " OpenPIC  ");
+
+	BUG_ON(mpic == NULL);
+	mpic_init(mpic);
+}
+
+/*
+ * Setup the architecture
+ */
+static void __init firebox_t10_setup_arch(void)
+{
+	if (ppc_md.progress)
+		ppc_md.progress("firebox_t10_setup_arch()", 0);
+
+	fsl_pci_assign_primary();
+
+	pr_info("Firebox T10 from Watchguard\n");
+}
+
+machine_arch_initcall(firebox_t10, mpc85xx_common_publish_devices);
+
+/*
+ * Called very early, device-tree isn't unflattened
+ */
+static int __init firebox_t10_probe(void)
+{
+	if (of_machine_is_compatible("watchguard,firebox-t10"))
+		return 1;
+	return 0;
+}
+
+define_machine(firebox_t10) {
+	.name			= "P1010 RDB",
+	.probe			= firebox_t10_probe,
+	.setup_arch		= firebox_t10_setup_arch,
+	.init_IRQ		= firebox_t10_pic_init,
+#ifdef CONFIG_PCI
+	.pcibios_fixup_bus	= fsl_pcibios_fixup_bus,
+	.pcibios_fixup_phb      = fsl_pcibios_fixup_phb,
+#endif
+	.get_irq		= mpic_get_irq,
+	.calibrate_decr		= generic_calibrate_decr,
+	.progress		= udbg_progress,
+};
--- a/target/linux/mpc85xx/image/p1010.mk
+++ b/target/linux/mpc85xx/image/p1010.mk
@ -38,6 +38,16 @@ define Device/tplink_tl-wdr4900-v1
 endef
 TARGET_DEVICES += tplink_tl-wdr4900-v1

+define Device/watchguard_firebox-t10
+  DEVICE_VENDOR := Watchguard
+  DEVICE_MODEL := Firebox T10
+  DEVICE_PACKAGES := kmod-rtc-s35390a kmod-eeprom-at24
+  KERNEL = kernel-bin | gzip | fit gzip $(KDIR)/image-$$(DEVICE_DTS).dtb
+  IMAGES := sysupgrade.bin
+  IMAGE/sysupgrade.bin := sysupgrade-tar | append-metadata
+endef
+TARGET_DEVICES += watchguard_firebox-t10
+
 define Device/sophos_red-15w-rev1
  DEVICE_VENDOR := Sophos
  DEVICE_MODEL := RED 15w
--- a/target/linux/mpc85xx/p1010/config-default
+++ b/target/linux/mpc85xx/p1010/config-default
@ -1,3 +1,4 @@
+CONFIG_CMDLINE_OVERRIDE=y
 # CONFIG_FSL_CORENET_CF is not set
 CONFIG_MTD_NAND_FSL_IFC=y
 CONFIG_MTD_SPLIT_FIRMWARE=y
@ -10,3 +11,4 @@ CONFIG_REALTEK_PHY=y
 CONFIG_RED_15W_REV1=y
 CONFIG_TL_WDR4900_V1=y
 CONFIG_UBIFS_FS=y
+CONFIG_FIREBOX_T10=y
--- a/target/linux/mpc85xx/patches-5.10/108-powerpc-85xx-firebox-t10-support.patch.patch
+++ b/target/linux/mpc85xx/patches-5.10/108-powerpc-85xx-firebox-t10-support.patch.patch
@ -0,0 +1,29 @@
+--- a/arch/powerpc/platforms/85xx/Kconfig
+++ b/arch/powerpc/platforms/85xx/Kconfig
+@@ -92,6 +92,16 @@ config WS_AP3825I
+ 	  This board is a Concurrent Dual-Band wireless access point with a
+ 	  Freescale P1020 SoC.
+ 
+config FIREBOX_T10
+	bool "Watchguard Firebox T10"
+	select DEFAULT_UIMAGE
+	select ARCH_REQUIRE_GPIOLIB
+	select GPIO_MPC8XXX
+	help
+	  This option enables support for the Watchguard Firebox T10 board.
+	  This board is a VPN Gateway-Router with a
+	  Freescale P1010 SoC.
+
+ config MPC8540_ADS
+ 	bool "Freescale MPC8540 ADS"
+ 	select DEFAULT_UIMAGE
+--- a/arch/powerpc/platforms/85xx/Makefile
+++ b/arch/powerpc/platforms/85xx/Makefile
+@@ -28,6 +28,7 @@ obj-$(CONFIG_PANDA)       += panda.o
+ obj-$(CONFIG_TWR_P102x)   += twr_p102x.o
+ obj-$(CONFIG_WS_AP3710I)  += ws-ap3710i.o
+ obj-$(CONFIG_WS_AP3825I)  += ws-ap3825i.o
+obj-$(CONFIG_FIREBOX_T10) += firebox_t10.o
+ obj-$(CONFIG_CORENET_GENERIC)   += corenet_generic.o
+ obj-$(CONFIG_FB_FSL_DIU)	+= t1042rdb_diu.o
+ obj-$(CONFIG_RED_15W_REV1)	+= red15w_rev1.o