9217ab4 ustream-openssl: Disable renegotiation in TLSv1.2 and earlier
2ce1d48 ci: fix building with i.MX6 SDK
584f1f6 ustream-openssl: wolfSSL: provide detailed information in debug builds
aa8c48e cmake: add a possibility to set library version
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
We don't need to checkout feed and install feeds for kernel tests. This
saves up to 2 minutes for each target kernel build test.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
On cache hit, skip sdk adapt to external toolchain. This is needed because we
cache the already extracted sdk and that is already adapted to be used
as external toolchain.
Rerunning the adap step will result in the test to fail for missing file
as the file are already got wrapped to the external toolchain format.
Fixes: 42f0ab028e ("CI: build: fix use of sdk as toolchain")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Wavlink WS-WN572HP3 4G is an 802.11ac
dual-band outdoor router with LTE support.
Specifications;
* Soc: MT7621DAT
* RAM: 128MiB
* Flash: NOR 16MiB GD-25Q128ESIG3
* Wi-Fi:
* MT7613BEN: 5GHz
* MT7603EN: 2.4GHz
* Ethernet: 2x 1GbE
* USB: None - only used internally
* LTE Modem: Quectel EC200T-EU
* UART: 115200 baud
* LEDs:
* 7 blue at the front
* 1 Power
* 2 LAN / WAN
* 1 Status
* 3 RSSI (annotated 4G)
* 1 green at the bottom (4G LED)
* Buttons: 1 reset button
Installation:
* press and hold the reset button while powering on the device
* keep it pressed for ten seconds
* connect to 192.168.10.1 via webbrowser (chromium/chrome works, at
least Firefox 106.0.3 does not)
* upload the sysupgrade image, confirm the checksum, wait 2 minutes
until the device reboots
Revert to stock firmware:
* same as installation but use the recovery image for WL-WN572HP3
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
Acked-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Define the load-address for the DTB of all Ubiquiti UniFi devices using
FIT images. From the GPL code we can assume these boards are affected by
the same relocating issue with the vendor bootloader.
Signed-off-by: David Bauer <mail@david-bauer.net>
As the referenced MTD partition is only present in the dts, also move
&slot0 down to the dts files.
Fixes: 64e9b62829 ("mediatek: remove redundant flash entry from dtsi")
Fixes: 7dbac3433f ("mediatek: add support for reyee AX3200-E5")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Splitting-off the common parts of Ruijie RG-EW3200GX PRO and
reyee AX3200-E5 went wrong because the flash descriptiom was kept
also in the dtsi. Remove it there, as flash definition is added by
both board dts files.
Fixes: 7dbac3433f ("mediatek: add support for reyee AX3200-E5")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The toolchain included in a sdk have a different format than an external
toolchain tar.
Since sdk is a more integrated setup doesn't use and include wrapper bin
that use the external toolchain config and use an alternative and more
standard way to include all the toolchain headers.
External toolchain use wrapper.sh to append the configured include
header when each tool is called.
Fix the sdk toolchain by reverting their own sdk wrapper scripts and to
simulate an external toolchain build copying what is done in the
toolchain target makefile.
This handle compilation error and warning caused by not using fortify
header on building packages.
Fixes: 006e52545d ("CI: build: add support to fallback to sdk for external toolchain")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
add help text for `TARGET_SQUASHFS_BLOCK_SIZE` to match the only valid
settings accepted by `mksquashfs4` ("block size not power of two or not
between 4096 and 1Mbyte") thus for this setting in "KB", the set:
`4, 8, 16, 32, 64, 128, 256, 512, 1024`
replace `squashfs-lzma` with `squashfs` in the description for
`TARGET_ROOTFS_SQUASHFS` because it has various compressions, and not
just lzma as it did in the past
cosmetic change with no functional effect
Signed-off-by: Tony Butler <spudz76@gmail.com>
1. Drop useless character '0xff' before fake filesystem header.
2. Reduce useless padding to shrink the size of the sysupgrade image.
3. Do not check the size of sysupgrade image. It does not make sense to
check the size of a compressed package.
4. Do not take the size of netgear header into account because it will
not be written to Flash.
5. Use the default lzma compression dictionary parameter '-d24' to get
better performance.
Tested on Netgear R6100
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
This fixes CVE-2022-1304:
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5.
This issue leads to a segmentation fault and possibly arbitrary code
execution via a specially crafted filesystem.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is yet another model of the Ruijie RG-EW3200GX PRO with a slightly
different flash layout, install process is the same.
Specifications:
SoC: MT7622B
RAM: 256MB
Flash: XMC XM25QH128C or Winbond WQ25Q128JVSQ 16MB SPI NOR
Ethernet: 5x1GbE
Switch: MT7531BE
WiFi: 2.4G: MT7622 5G: MT7915AN+MT7975AN
3LEDs: System LED(blue) + Mesh LED(green) + Mesh LED(red)
2Keys: Mesh button + Reset button
UART: Marked J19 on board. 3.3v, 115200n1
Power: 12V 2.5A
Flash instruction:
1. Serve the initramfs.img using a TFTP server with address 10.10.10.3.
2. Interrupt the uboot startup process via UART.
3. Select "System Load Linux to SDRAM via TFTP" item.
4. (important) Back up firmware(mtd7) partitions with:
dd if=/dev/mtd7 of=/tmp/firmware.bin
and then download the firmware.bin image via SCP.
5. Flash the OpenWrt sysupgrade firmware.
Recovery stock firmware:
1. Transfer the firmware.bin image to the device.
2. Flash the image with:
mtd write firmware.bin firmware
Signed-off-by: Alex Hansen <mralexh123@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
700a925 fw4: prevent null access when no ipsets are defined
6443ec7 config: drop input traffic by default
119ee1a ruleset: drop ctstate invalid traffic for masq-enabled zones
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This device uses an AR8031/AR8033 chip to convert SoC gmac1
RGMII to 1000base-x or sgmii for the SFP fibre cage.
The SFP cage requires phy-mode rgmii-rxid, and without it will not
recieve any packets: ethtool -S sfp rx_fcs_errors will increase when
packets should be being received, but no other _rx counters will change.
Fixes: c77858aa79 ("ramips: mt7621-dts: change phy-mode of gmac1 to rgmii")
Reviewed-by: Robert Marko <robimarko@gmail.com>
Reviewed-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
Set CONFIG_MT6577_AUXADC=y as otherwise reading temperature of the
thermal-zone doesn't work on MT7623 (it does work fine without this
driver on MT7622 and MT7986).
Fixes: f2ae4e2f8c ("mediatek: clean up platform kernel modules")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Starting from version 2.39 binutils now warns about sections with rwx
permissions. While this is generally desirable it breaks building
ARM TrustedFirmware-A bl2 which treats warnings as errors.
Disable the warning/error for now to fix build.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Use ARTIFACTS to generate initramfs-based factory image of I-O DATA
WN-AX1167GR instead of redundant recipe which generate on
KERNEL_INITRAMFS.
Note:
WN-AX1167GR has 2x OS images on stock firmware.
stock log:
flash manufacture id: c2, device id 20 18
MX25L12805D(c2 2018c220) (16384 Kbytes)
mtd .name = raspi, .size = 0x01000000 (16M) .erasesize = 0x00010000 (64K) .numeraseregions = 0
Creating 10 MTD partitions on "raspi":
0x000000000000-0x000001000000 : "ALL"
0x000000000000-0x000000030000 : "Bootloader"
0x000000030000-0x000000040000 : "Config "
0x000000040000-0x000000050000 : "Factory"
0x000000050000-0x000000060000 : "iNIC_rf"
0x000000060000-0x0000007e0000 : "Kernel"
0x000000800000-0x000000f80000 : "app"
0x000000f90000-0x000000fa0000 : "Key"
0x000000fa0000-0x000000fb0000 : "backup"
0x000000fb0000-0x000001000000 : "storage"
1st image is "Kernel" and 2nd is "app" when booted from 1st image.
In OpenWrt, those 2x partitions are combined to "firmware" with
undefined (empty) areas (0x7e0000-0x7fffff, 0xf80000-0xf8ffff).
The size of an OS image partition is 0x780000 (7680 KiB = 7.5 MiB), so
check-size for initramfs-factory image needs to be called with the size.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Call 'mkdir -p $(STAGING_DIR_IMAGE)' before trying to store files in
this potentially non-existing folder.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Since kernel and packages workflow now use a shared build workflow, they
also need to react on changes on these shared workflow.
Fix this and add these shared workflow to the event paths to check.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The current match logic doesn't handle test for push events related to
stable release (example openwrt-22.03) but only fork with the related
prefix (example openwrt-22.03-fixup)
Fix wrong matching and while at it also add extra checks to other
matching (check if the branch name actually start with the requested
prefix)
Fixes: e24a1e6f6d ("CI: build: add support for external toolchains from stable branch")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The current match logic doesn't handle test for push events related to
stable release (example openwrt-22.03) but only fork with the related
prefix (example openwrt-22.03-fixup)
Fix wrong matching and while at it also add extra checks to other
matching (check if the branch name actually start with the requested
prefix)
Fixes: abe8a48242 ("CI: build: add support for per branch tools container")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add support to use sdk as external toolchain if the packaged external
toolchain tar is not found on openwrt servers for build shared workflow.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add support to use external toolchains from stable branch if we are
testing commit targeting stable openwrt branch in kernel and packages
workflow.
With pr the target branch is parsed and the right toolchain is used.
To use the stable toolchain for local testing the branch needs to have
the prefix openwrt-[0-9][0-9].[0-9][0-9]- (example openwrt-21.02-fixup)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add support in build shared workflow for per branch tools container.
With pr the target branch is parsed and the right container is used.
To use the stable container for local testing the branch needs to have
the prefix openwrt-[0-9][0-9].[0-9][0-9]- (example openwrt-21.02-fixup)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add support to push per branch container tools.
For anything not official stick to latest tag that correspond to test
run from master.
If we are testing something for one of the openwrt stable branch, parse
the branch name or the tag and push dedicated tools containers.
To use the stable container for local testing the branch needs to have
the prefix openwrt-[0-9][0-9].[0-9][0-9] (example openwrt-21.02-fixup)
Any branch that will match this pattern openwrt-[0-9][0-9].[0-9][0-9]
will refresh the tools container with the matching tag.
(example branch openwrt-22.03 -> tools:openwrt-22.03)
(example branch openwrt-22.03-test -> tools:openwrt-22.03)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add patch to fix compilation error with USE_CPUID_DEVICE enabled and musl
used as libc. Musl doesn't add limits.h header by default and this is
required if USE_CPUID_DEVICE is used.
The package currently compile because fortify headers include limits.h
by default.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
CPU: MediaTek MT7628AN @ 575 MHz
Flash: 16 MB
RAM: 128 MB
Ethernet: 10/100Mbps x 1
Wlan: 300 Mbps
USB: USB 2.0 x 1
LED: red/green x 1
Button: reset x 1
1. Open https://www.hiwifi.wtf/, Get Cloud token and unlock ssh
2. Upload the openwrt firmware to the router via SCP
3. Login the router via SSH
4. Run `mtd -r write path_to_firmware.bin firmware`
I have tested on my device.
- The LED will display RED on power-on, After system start completed, trun GREEN
- Reset button working now. Long press after 5s will reset factory. Short press less 1s will reboot the device
- USB can working under official u-boot
Signed-off-by: Senis John <thank243@gmail.com>
This reverts commit 5429411f73 as upstream
in commit e5f31552674e ("ethernet: fix PTP_1588_CLOCK dependencies") has
changed `PTP_1588_CLOCK` dependency handling in 5.15 kernel.
That currently leads to `CONFIG_NET_DSA_MV88E6XXX=m` in images produced
by buildbots due to `CONFIG_ALL_KMODS=y` config option being used in
those builds, which leads to a broken LAN bridge network on several
devices.
References: https://lists.infradead.org/pipermail/openwrt-devel/2022-December/039950.html
Signed-off-by: Petr Štetiar <ynezz@true.cz>
some config `depends on` lines contained outdated kernel version checks
that can no longer happen and had become non-operational; clean them up
cosmetic change with no functional effect
Signed-off-by: Tony Butler <spudz76@gmail.com>
This adds options to build all boards of a selected target and an
additional option to build the testing kernel instead of the normal
kernel. This can be used by other trigger work flows.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds an option to build with internal toolchain. This can be used
to build targets which are currently not build by the OpenWrt build bots
and which needs their own toolchain build for every build.
Building the toolchain takes about 30 minutes compared to using the
external toolchain which takes some seconds.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Extract the building of OpenWrt into an own workflow which is then
triggered by the kernel.yml and packages.yml workflow with different
inputs. This allows us to share much of the code of the workflow.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
In light of https://github.com/openwrt/openwrt/issues/11077, switch mvebu
to 5.15 which has been the testing kernel on this target since April - over
half a year.
Run-tested on the following subtargets:
* cortexa9 (Turris Omnia - 03f41b1eb2)
* cortexa72 (MikroTik RB5009UG+S+IN)
Tested-by: Enrico Mioso <mrkiko.rs@gmail.com> [GL-MV1000]
Signed-off-by: Stijn Segers <foss@volatilesystems.org>