readelf is linked against this library on MIPS64BE
This fixes a build problem on MIPS64BE.
In addition also explicitly activate it in the configure command.
Fixes: 60f595daab ("binutils: update to version 2.34")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Specifications:
SoC: Qualcomm Atheros QCA9557
RAM: 128 MB (Nanya NT5TU32M16EG-AC)
Flash: 16 MB (Macronix MX25L12845EMI-10G)
Ethernet: 5x 10/100/1000 (1x WAN, 4x LAN)
Wireless: QCA9557 2.4GHz (nbg), QCA9882 5GHz (ac)
USB: 2x USB 2.0 port
Buttons: 1x Reset
Switches: 1x Wifi
LEDs: 11 (Pwr, WAN, 4x LAN, 2x Wifi, 2x USB, WPS)
MAC addresses:
WAN *:3f uboot-env ethaddr + 3
LAN *:3e uboot-env ethaddr + 2
2.4GHz *:3c uboot-env ethaddr
5GHz *:3d uboot-env ethaddr + 1
The label contains all four MAC addresses, however the one without
increment is first, so this one is taken for label MAC address.
Notes:
The Wifi is controlled by an on/off button, i.e. has to be implemented
by a switch (EV_SW). Despite, it appears that GPIO_ACTIVE_HIGH needs
to be used, just like recently fixed for the NBG6716.
Both parameters have been wrong at ar71xx.
Flash Instructions:
At first the U-Boot variables need to be changed in order to boot the
new combined image format. ZyXEL uses a split kernel + root setup and
the current kernel is too large to fit into the partition. As resizing
didnt do the trick, I've decided to use the prefered combined image
approach to be future-kernel-enlargement-proof (thanks to blocktrron for
the assistance).
First add a new variable called boot_openwrt:
setenv boot_openwrt bootm 0x9F120000
After that overwrite the bootcmd and save the environment:
setenv bootcmd run boot_openwrt
saveenv
After that you can flash the openwrt factory image via TFTP. The servers
IP has to be 192.168.1.33. Connect to one of the LAN ports and hold the
WPS Button while booting. After a few seconds the NBG6616 will look for
a image file called 'ras.bin' and flash it.
Return to vendor firmware is possible by resetting the bootcmd:
setenv bootcmd run boot_flash
saveenv
and flashing the vendor image via the TFTP method as described above.
Accessing the U-Boot Shell:
ZyXEL uses a proprietary loader/shell on top of u-boot: "ZyXEL zloader v2.02"
When the device is starting up, the user can enter the the loader shell
by simply pressing a key within the 3 seconds once the following string
appears on the serial console:
| Hit any key to stop autoboot: 3
The user is then dropped to a locked shell.
| NBG6616> ?
| ATEN x,(y) set BootExtension Debug Flag (y=password)
| ATSE x show the seed of password generator
| ATSH dump manufacturer related data in ROM
| ATRT (x,y,z,u) ATRT RAM read/write test (x=level, y=start addr, z=end addr, u=iterations
| ATGO boot up whole system
| ATUR x upgrade RAS image (filename)
In order to escape/unlock a password challenge has to be passed.
Note: the value is dynamic! you have to calculate your own!
First use ATSE $MODELNAME (MODELNAME is the hostname in u-boot env)
to get the challange value/seed.
| NBG6616> ATSE NBG6616
| 00C91D7EAC3C
This seed/value can be converted to the password with the help of this
bash script (Thanks to http://www.adslayuda.com/Zyxel650-9.html authors):
- tool.sh -
ror32() {
echo $(( ($1 >> $2) | (($1 << (32 - $2) & (2**32-1)) ) ))
}
v="0x$1"
a="0x${v:2:6}"
b=$(( $a + 0x10F0A563))
c=$(( 0x${v:12:14} & 7 ))
p=$(( $(ror32 $b $c) ^ $a ))
printf "ATEN 1,%X\n" $p
- end of tool.sh -
| # bash ./tool.sh 00C91D7EAC3C
| ATEN 1,10FDFF5
Copy and paste the result into the shell to unlock zloader.
| NBG6616> ATEN 1,10FDFF5
If the entered code was correct the shell will change to
use the ATGU command to enter the real u-boot shell.
| NBG6616> ATGU
| NBG6616#
Signed-off-by: Christoph Krapp <achterin@googlemail.com>
[move keys to DTSI, adjust usb_power DT label, remove kernel config
change, extend commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
A bunch of kernel modules depends on kmod-usb-net, but does not
select it. Make AddDepends/usb-net selective, so we can drop
some redundant +kmod-usb-net definitions for DEVICE_PACKAGES.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
SPI Flash chip supports up to 33 MHz wihout fast read opcode.
Available frequencies are 112.5, 56.25, 37.5, 28.125, 22.5 etc.
This patch increases the nominal maximum frequency to 33 MHz,
reaching an effective increase from 22.5 to 28.125 MHz.
Formula to calculate SPI frequency:
Freq = 225 MHz / 2 / div
Before:
$ time dd if=/dev/mtd1 of=/dev/null bs=8M
0+1 records in
0+1 records out
real 0m 3.58s
user 0m 0.00s
sys 0m 3.57s
After:
$ time dd if=/dev/mtd1 of=/dev/null bs=8M
0+1 records in
0+1 records out
real 0m 2.95s
user 0m 0.00s
sys 0m 2.93s
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
[minor commit message adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
When comparing to the port assignment in board.d/02_network, a few
devices seem to use the wrong setup of mediatek,portmap.
The corrects the values for mt76x8 subtarget based on the location
of the wan port.
A previous cleanup of obviously wrong values has already been done in
7a387bf9a0 ("ramips: mt76x8: fix bogus mediatek,portmap")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The TL-WPA8630P v2 is a HomePlug AV2 compatible device with a QCA9563 SoC
and 2.4GHz and 5GHz WiFi modules.
Specifications
--------------
- QCA9563 750MHz, 2.4GHz WiFi
- QCA9888 5GHz WiFi
- 8MiB SPI Flash
- 128MiB RAM
- 3 GBit Ports (QCA8337)
- PLC (QCA7550)
MAC address assignment
----------------------
WiFi 2.4GHz and LAN share the same MAC address as printed on the label.
5GHz WiFi uses LAN-1, based on assumptions from similar devices.
LAN Port assignment
-------------------
While there are 3 physical LAN ports on the device, there will be 4
visible ports in OpenWrt. The fourth port (internal port 5) is used
by the PowerLine Communication SoC and thus treated like a regular
LAN port.
Versions
--------
Note that both TL-WPA8630 and TL-WPA8630P, as well as the different
country-versions, differ in partitioning, and therefore shouldn't be
cross-flashed.
This adds support for the two known partitioning variants of the
TL-WPA8630P, where the variants can be safely distinguished via the
tplink-safeloader SupportList. For the non-P variants (TL-WPA8630),
at least two additional partitioning schemes exist, and the same
SupportList entry can have different partitioning.
Thus, we don't support those officially (yet).
Also note that the P version for Germany (DE) requires the international
image version, but is properly protected by SupportList.
In any case, please check the OpenWrt Wiki pages for the device
before flashing anything!
Installation
------------
Installation is possible from the OEM web interface. Make sure to
install the latest OEM firmware first, so that the PLC firmware is
at the latest version. However, please also check the Wiki page
for hints according to altered partitioning between OEM firmware
revisions.
Additional thanks to Jon Davies and Joe Mullally for bringing
order into the partitioning mess.
Signed-off-by: Andreas Böhler <dev@aboehler.at>
[minor DTS adjustments, add label-mac-device, drop chosen, move
common partitions to DTSI, rename de to int, add AU support strings,
adjust TPLINK_BOARD_ID, create common node in generic-tp-link.mk,
adjust commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This commit adds a patch to procd to support loading the SELinux
policy early at boot time, and adjusts the procd package to use this
SELinux support when libselinux is enabled.
The procd patch has been submitted separately [1]: obviously the
intent is to have it merged in the procd Git repository rather than
have it in OpenWrt itself.
[1] http://lists.infradead.org/pipermail/openwrt-devel/2019-November/025791.html
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[rebase, add commit message]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
[split commit into openwrt.git and procd.git]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Remove `if !SMALL_FLASH` in places which are anyway already augmented
by `if !SMALL_FLASH`.
Always enable CONFIG_BLK_DEV_THROTTLING on !SMALL_FLASH devices rather
than just enabling it on bcm27xx.
Enabled CPU bandwidth provisioning for FAIR_GROUP_SCHED on !SMALL_FLASH
devices as CONFIG_FAIR_GROUP_SCHED is already enabled and becomes more
useful for cgroups with that option enbled as well.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SELinux support requires setting the appropriate SELinux security context
to files and directories, which needs to happen at build time in order
to support read-only root filesystem scenarios. In order to create these
security contexts, we will have to run some SELinux-specific tools on
the host machine, but that requires root access. This adds support for
fakeroot, which the build process will use to run the SELinux security
context creation and the image creation.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Apply to current master, and adjust commit message
Thomas' original work is available at
http://lists.infradead.org/pipermail/openwrt-devel/2019-November/025976.html.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
[add rules.mk FAKEROOT variable]
Signed-off-by: Paul Spooren <mail@aparcar.org>
[update, fix macos build]
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The variable in the case argument was mistyped, so the case always
checked against an empty string and never matched.
Fix the variable name. Add a PKG_RELEASE to Makefile so we can bump it.
Fixes: d6de31310c ("cmake: restore parallel build support for bootstrap")
Signed-off-by: Piotr Stefaniak <pstef@freebsd.org>
[add commit message, add PKG_RELEASE, fix commit title, add Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This reverts commit 685570858d.
The commit had several formal flaws, revert it and hopefully apply
it properly next time.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This adds support for ZyXEL NBG6616 uboot-env access
Signed-off-by: Christoph Krapp <achterin@googlemail.com>
[add "ar71xx" to commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
As the ath79 port of this device uses a combined kernel + root
partition the uboot bootcmd variable needs to be changed. As using
cli/luci is more convenient than opening up the case and using a uart
connection, lets unlock the uboot-env partition for write access.
Signed-off-by: Christoph Krapp <achterin@googlemail.com>
The variable in the case argument was mistyped, so the case always
checked against an empty string and never matched.
Fix the variable name.
Signed-off-by: Piotr Stefaniak <pstef@freebsd.org>
[add commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
mac80211 reports a packet loss event to user space when 50 consecutive packets
were not acked. On a high throughput link with long aggregates and sudden
link changes, this can trigger way too easily.
Mitigate false positives by only triggering the event on a packet loss if
no ACK was received for at least a second
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add a specific comment for early DSA-adopters that they can keep
their config when prompted due to compat-version increase.
This is a temporary solution, the patch should be simply reverted
before any release.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This ports support for the TL-WA901ND v3 from ar71xx to ath79.
Most of the hardware is shared with the TL-WA850/860RE v1 range
extenders. It completes the TL-WA901ND series in ath79.
Specifications:
Board: AP123 / AR9341
Flash/RAM: 4/32 MiB
CPU: 535 MHz
WiFi: 2.4 GHz b/g/n
Ethernet: 1 port (100M)
Flashing instructions:
Upload the factory image via the vendor firmware upgrade option.
This has not been tested on device, but port from ar71xx is
straightforward and the device will be disabled by default anyway.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Replace all the custom patches with the backported upstream version
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
[refresh patches]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The ath79 target has CONFIG_LEDS_GPIO=y set in kernel config, so
no need to pull the kmod-leds-gpio module for specific devices.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This implements the newly introduced compat-version to prevent
broken upgrade between swconfig and DSA for ramips' mt7621 subtarget.
In order to make the situation more transparent for the user, and
to prevent large switch-cases for devices, it is more convenient to
have the entire subtarget 1.1-by-default. This means that new devices
will be added with 1.1 from the start, but in contrast we don't need
to switch them in board.d files. Apart from that, users that manually
backport devices to 19.07 with swconfig will have an equivalent
upgrade experience to officially supported devices.
Since DSA support on mt7621 is out for a while already, this applies
the same uci-defaults workaround for early adopters as already
done for kirkwood and mvebu in previous commits.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
It has been reported that the current message displayed during
upgrade with compat_version change is misleading for "legacy"
devices, i.e. those without the "new" fwtool. This is partially
caused by the fact that we need to exploit the supported_devices
string to get some message text displayed for these devices.
This patch modifies the message to make it more helpful and
include additional information, e.g.
Device linksys,wrt3200acm not supported by this image
Supported devices: linksys,wrt3200acm linksys-whateverelse - Image
version mismatch: image 1.1, device 1.0. Please wipe config during
upgrade (force required) or reinstall. Reason: Config cannot be
migrated from swconfig to DSA
Note that the line breaks (except the one before Supported devices)
are added manually here, I hesitate to hack \n into the
supported_devices as well. The "Reason:" will only be displayed if
DEVICE_COMPAT_MESSAGE is set for the device, otherwise
"Please check documentation ..." will be shown instead.
While at it, also rearrange the code in image-commands.mk to
make lines shorter and remove the double filter-out command.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Conceptually, the compat-version during sysupgrade is meant to
describe the config. Therefore, if somebody starts with a device on
19.07 and swconfig, and that person does a forceful upgrade into a
DSA-based firmware without wiping his/her config, then the local
compat-version should stay at 1.0 according to the config present
(and not get updated).
However, this poses a problem for those people that early-adopted
DSA in master, as they already have adjusted their config for DSA,
but it still is "1.0" as far as sysupgrade is concerned. This can
be healed by a simple
uci set system.@system[0].compat_version="1.1"
uci commit system
But this needs to be applied _after_ the upgrade (as the "old" fwtool
on the old installation does not know about compat_version) and it
requires access via SSH (i.e. no pure GUI solution is available for
this group of people, apart from wiping their config _again_ for
no technical reason). Despite, the situation will not become
obvious to those just upgrading via GUI, they will just have the
experience of a "broken upgrade".
This is a conflict which cannot be resolved by achieving both goals,
we have to decide to either keep the strict concept or improve the
situation for early adopters.
In this patch, we address the issue by providing a uci-defaults
script that will raise the compat_version for _all_ people upgrading
into a 1.1 image, no matter whether they have reset config or not.
The idea is to implement this as a _temporary_ solution, so early
adopters can upgrade into the new mechanism without issues, and
after a few weeks/months we could remove the uci-defaults script
again.
If we e.g. remove the script just before 20.xx.0-rc1, early adopters
should have moved on by then, and existing stable users would still
get the intended experience.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Conceptually, the compat-version during sysupgrade is meant to
describe the config. Therefore, if somebody starts with a device on
19.07 and swconfig, and that person does a forceful upgrade into a
DSA-based firmware without wiping his/her config, then the local
compat-version should stay at 1.0 according to the config present
(and not get updated).
However, this poses a problem for those people that early-adopted
DSA in master, as they already have adjusted their config for DSA,
but it still is "1.0" as far as sysupgrade is concerned. This can
be healed by a simple
uci set system.@system[0].compat_version="1.1"
uci commit system
But this needs to be applied _after_ the upgrade (as the "old" fwtool
on the old installation does not know about compat_version) and it
requires access via SSH (i.e. no pure GUI solution is available for
this group of people, apart from wiping their config _again_ for
no technical reason). Despite, the situation will not become
obvious to those just upgrading via GUI, they will just have the
experience of a "broken upgrade".
This is a conflict which cannot be resolved by achieving both goals,
we have to decide to either keep the strict concept or improve the
situation for early adopters.
In this patch, we address the issue by providing a uci-defaults
script that will raise the compat_version for _all_ people upgrading
into a 1.1 image, no matter whether they have reset config or not.
The idea is to implement this as a _temporary_ solution, so early
adopters can upgrade into the new mechanism without issues, and
after a few weeks/months we could remove the uci-defaults script
again.
If we e.g. remove the script just before 20.xx.0-rc1, early adopters
should have moved on by then, and existing stable users would still
get the intended experience.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The bootloader fails to extract a big kernel, e.g. v5.4 kernel image
with ALL_KMODS enabled. This can be fixed by using lzma-loader.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Currently the lzma-loader is placed in RAM at 32MB offset, which does not
make sense for devices with only 32MB RAM. If we adjust LZMA_TEXT_START to
24MB offset, then the lzma-loader can be used on those devices and still
about 24MB memory will be available for uncompressed image, which should be
enough for most use cases.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Exchange the patch fixing the kernel ringbuffer WARNING flood for the
one accepted upstream.
Fixes commit a956c14d6a ("mac80211: util: don't warn on missing sband
iftype data")
Signed-off-by: David Bauer <mail@david-bauer.net>
The hostapd configuration logic is supposed to accept "option key" as
legacy alias for "option auth_secret". This particular fallback option
failed to work though because "key" was not a registered configuration
variable.
Fix this issue by registering the "key" option as well, similar to the
existing "server" nad "port" options.
Ref: https://github.com/openwrt/openwrt/pull/3282
Suggested-by: Michael Jones <mike@meshplusplus.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
If an existing "wpa_psk_file" is passed to hostapd, the "key" option may
be omitted.
While we're at it, also improve the passphrase length checking to ensure
that it is either exactly 64 bytes or 8 to 63 bytes.
Fixes: FS#2689
Ref: https://github.com/openwrt/openwrt/pull/3283
Suggested-by: Michael Jones <mike@meshplusplus.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Add a dependency on kmod-nls-base for the new exfat driver. Otherwise
the build fails on ramips and ath79 on kernel 5.4:
Package kmod-fs-exfat is missing dependencies for the following libraries:
nls_base.ko
Fixes commit cd41234d2f ("exfat: add out of tree module")
Signed-off-by: David Bauer <mail@david-bauer.net>
The board name is equivalent to the compatible, not the device
definition. Fix it.
Fixes: b4588c8538 ("kernel/om-watchdog: Apply device renames from ramips")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The sbutarget has testing support for kernel 5.4 for quite a while
and builds fine, however, only one devices there is > 4 MiB.
Since it's unlikely to get a Tested-by for that device, and the other
ralink subtargets appear to be working with 5.4 so far, let's set
this target to 5.4 by default as well.
That way, even if the device happens to break, we'll still have at
least usable SDK and IB for people to use.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
When comparing to the port assignment in board.d/02_network, many
devices seem to use the wrong setup of mediatek,portmap.
The corrects the values for mt7620 subtarget based on the location
of the wan port.
A previous cleanup of obviously wrong values has already been done in
d3c0a94405 ("ramips: mt7620/mt7621: remove invalid mediatek,portmap")
Cc: Sungbo Eo <mans0n@gorani.run>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Add package which provides size optimized wpad with support for just
WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[adapt to recent changes, add dependency for WPA_WOLFSSL config]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
For ramips/mt7621, the wpad-basic package is not selected by default,
but added for every device individually as needed.
While this might be technically correct if the SoC does not come with
a Wifi module, only 18 of 97 devices for that platform are set up
_without_ wpad-basic currently.
Therefore, it seems more convenient to add wpad-basic by default for
the subtarget and then just remove it for the 18 mentioned devices,
instead of having to add it for about 60 times instead.
This would also match the behavior of the 5 other subtargets, where
wpad-basic/wpad-mini is added by default as well, and thus be more
obvious to developers without detailed SoC knowledge.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
When passing a section or option value to config_get() which contains
characters that happen to be valid variable interpolation expressions,
the function returns a nonsensical expression result instead of the
expected empty string.
When the passed section or option name contains other characters which
are not valid within a shell variable name, a substitution error is
occuring instead.
The issue can be easily reproduced by one of the following examples:
root@OpenWrt:~# . /lib/functions.sh
root@OpenWrt:~# config load system
root@OpenWrt:~# config_get variable invalid-section option
root@OpenWrt:~# echo "$variable"
section_option:-
root@OpenWrt:~# . /lib/functions.sh
root@OpenWrt:~# config load system
root@OpenWrt:~# config_get variable section invalid-option
root@OpenWrt:~# echo "$variable"
option:-
root@OpenWrt:~# . /lib/functions.sh
root@OpenWrt:~# config load system
root@OpenWrt:~# config_get variable section invalid@option
-ash: eval: syntax error: bad substitution
Fix this issue by only performing interpolations when the given section
and option arguments are free of illegal characters.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Before this commit, if uci option "dnssec" was set, we pass "--dnssec"
and friends to dnsmasq, let it start and decide whether to quit and
whether to emit message for diagnosis
# dnsmasq --dnssec; echo $?
dnsmasq: DNSSEC not available: set HAVE_DNSSEC in src/config.h
1
DNSSEC as a feature is different from others like dhcp, tftp in that
it's a security feature. Better be explicit. With this change
committed, we make it so by not allowing it in the first in the
initscript, should dnsmasq later decides to not quit (not likely) or
quit without above explicit error (unlikely but less so ;)
So this is just being proactive. on/off choices with uci option
"dnssec" are still available like before
Link: https://github.com/openwrt/openwrt/pull/3265#issuecomment-667795302
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>