To the vast majority of the users, wireguard-tools are not useful
without the underlying kernel module. The cornercase of only generating
keys and not using the secure tunnel is something that won't be done on
an embedded OpenWrt system often. On the other hand, maintaining a
separate meta-package only for this use case introduces extra
complexity. WireGuard changes for Linux 5.10 remove the meta-package.
So let's make wireguard-tools depend on kmod-wireguard
to make WireGuard easier to use without having to install multiple
packages.
Fixes: ea980fb9 ("wireguard: bump to 20191226")
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
(cherry picked from commit cbcddc9f31)
Use NETWORK_SUPPORT_MENU like all other modules in netsupport.mk. Drop
SECTION and CATEGORY fields as they are set by default and to match
other packages in netsupport.mk. Use better TITLE for kmod-wireguard
(taken from upstream drivers/net/Kconfig).
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
(cherry picked from commit 0b53d6f7fa)
On Linux 5.4, build WireGuard from backports. Linux 5.10 contains
wireguard in-tree.
Add in-kernel crypto libraries required by WireGuard along with
arch-specific optimizations.
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
(cherry picked from commit 06351f1bd0)
(cherry picked from commit 464451d9ab)
Rather than using the clunky, old, slower wireguard-linux-compat out of
tree module, this commit does a patch-by-patch backport of upstream's
wireguard to 5.4. This specific backport is in widespread use, being
part of SUSE's enterprise kernel, Oracle's enterprise kernel, Google's
Android kernel, Gentoo's distro kernel, and probably more I've forgotten
about. It's definately the "more proper" way of adding wireguard to a
kernel than the ugly compat.h hell of the wireguard-linux-compat repo.
And most importantly for OpenWRT, it allows using the same module
configuration code for 5.10 as for 5.4, with no need for bifurcation.
These patches are from the backport tree which is maintained in the
open here: https://git.zx2c4.com/wireguard-linux/log/?h=backport-5.4.y
I'll be sending PRs to update this as needed.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
(cherry picked from commit 3888fa7880)
(cherry picked from commit d540725871)
(cherry picked from commit 196f3d586f)
(cherry picked from commit 3500fd7938)
(cherry picked from commit 23b801d3ba)
(cherry picked from commit 0c0cb97da7)
(cherry picked from commit 2a27f6f90a)
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
This enables building BCM4908 "raw" image that can be flashed using
bootloader web UI. It requires serial console access & stopping booting
by the "Press any key to stop auto run".
It's easy to build vendor like CHK image but it can't be safely flashed
using vendor UI at this point. Netgear implements method called "NAND
incremental flashing" that doesn't seem to flash bootfs partition as
provided.
Above method seems to update vmlinux.lz without updating 94908.dtb. It
prevents OpenWrt kernel from booting due to incomplete DTB file. Full
Netgear R8000P support can be enabled after finding a way to make vendor
firmware flash OpenWrt firmware including the 94908.dtb update.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit d92a9c97bf)
OpenWrt was succesfully tested on the GT-AC5300 model. It's possible to:
1. Install OpenWrt using vendor UI
2. Perform UBI aware sysupgrade
3. Install vendor firmware using OpenWrt sysupgrade
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 5e78cb9b85)
bcm4908img is a tool managing BCM4908 platform images. It's used for
creating them as well as checking, modifying and extracting data from.
It's required by both: host (for building firmware images) and target
(for sysupgrade purposes). Make it a host/target package.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 9b4fc4cae9)
It supports flashing OpenWrt images (bootfs & UBI upgrade) as well as
vendor images (whole MTD partition write).
Upgrading cferom is unsupported. It requires copying device specific
data (like MAC) to target image before flashing.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a6a0b252ba)
This way MTD "bootfs" partition will be always 8+ MiB. This should be
enough for any custom / future firmware to fit its bootfs (e.g. big
kernel) without having to repertition whole flash. That way we can
preserve UBI and its erase counters during sysupgrade.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ca9b1f15c4)
JFFS2 bootfs partition in a BCM4908 image usually includes some padding.
For flashing it individually (writing to designed MTD partition) we want
just JFFS2 data.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ed7edf88e2)
Fix offset to extract proper data when image contains vendor header.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit dcbde11af1)
It's required for upgrading firmware using single partitions instead of
just blindly writing whole image.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit e33957c241)
It's much easier to operate on BCM4908 image data with absolute offset
of each section stored. It doesn't require summing sizes over and over.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 5314cab729)
The purpose of that dummy file is to make CFE work properly with OpenWrt
bootfs. CFE for some reason ignores JFFS2 files with ino 0.
Rename it to 1-openwrt so:
1. It's consistent with bcm63xx
2. It's OpenWrt specific so sysupgrade can distinguish it from vendor
images
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 880c8b4422)
This adds support for accessing bootfs JFFS2 partition in the BCM4908
image. Support includes:
1. Listing files
2. Renaming file (requires unchanged name length)
Above commands are useful for flashing BCM4908 images which by defualt
come with cferom.000 file and require renaming it.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ed847ef5f3)
It's important for modifying / extracting firmware content. cferom is
optional image content at the file beginning.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 6af45b842b)
BCM4908 image format contains some info that may be useful for info /
debugging purposes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 9b9184f178)
1. Don't allow pipe stdin as we need to fseek()
2. Don't alow TTY as it doesn't make sense for binary input
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit d533b27bc0)
Netgear uses CHK header which needs to be skipped when validating
BCM4908 image. Detect it directly in the bcm4908img tool. Dealing with
binary structs and endianess is way simpler in C.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a39f85d8b6)
Move code parsing existing firmware file to separated function. This
cleans up existing code and allows reusing parsing code for other
commands.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 7d5f743942)
This tells OS (Linux) where from MAC should be read (bootloader MTD
partition).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1cc5eb45d5)
It's helpful for accessing booting data (DTS, kernel, etc.). It has to
be used carefully as CFE's JFFS2 support is quite dumb. It doesn't
recognize deleted files and has problems handling 0 inode.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 6dd727ac24)
1. Add leds and configs
2. Add network configs
3. Add script to clear partial boot flag
4. Hack to use port 5 as cpu port as port 8 connected to eth2
wont pass any frames
5. Enable EA9500 image generation
Hardware Info:
- Processor - Broadcom BCM4709C0KFEBG dual-core @ 1.4 GHz
- Switch - BCM53012 in BCM4709C0KFEBG & external BCM53125
- DDR3 RAM - 256 MB
- Flash - 128 MB (Toshiba TC58BVG0S3HTA00)
- 2.4GHz - BCM4366 4×4 2.4/5G single chip 802.11ac SoC
- Power Amp - Skyworks SE2623L 2.4 GHz power amp (x4)
- 5GHz x 2 - BCM4366 4×4 2.4/5G single chip 802.11ac SoC
- Power Amp - PLX Technology PEX8603 3-lane, 3-port PCIe switch
- Ports - 8 Ports, 1 WAN Ports
- Antennas - 8 Antennas
- Serial Port - @j6 [GND,TX,RX] (VCC NC) 115200 8n1
Flashing Instructions:
1. Connect a USB-TTL table to J6 on the router as well as a
ethernet cable to a lan port and your PC.
2. Power-on the router.
3. Use putty or a serial port program to view the terminal.
Hit Ctrl+C and interrupt the CFE terminal terminal.
4. Setup a TFTP server on your local machine at setup you
local IP to 192.168.1.2
5. Start the TFTP Server
6. Run following commands at the CFE terminal
flash -noheader 192.168.1.2:/openwrt.trx nflash0.trx
flash -noheader 192.168.1.2:/openwrt.trx nflash0.trx2
nvram set bootpartition=0 && nvram set partialboots=0 && nvram commit
7. Reboot router to be presented by OpenWrt
Note: Only installation method via serial cable is supported at the moment.
The trx firmware has to be flashed to both the partitions using following
commands from CFE prompt. This will cover US and Non-US variants.
Signed-off-by: Vivek Unune <npcomplete13@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 209c5918b5)
These patches have been already accepted.
302-ARM-dts-BCM5301X-Update-Northstar-pinctrl-binding.patch had to
be updated.
[rmilecki: use actual upstream accepted patches
replace v5.10 with v5.11 to match actual upstream kernel
recover dropped part of the pinctrl compatible patch
update filenames
refresh patches]
Signed-off-by: Vivek Unune <npcomplete13@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 39ed2265dd)
1. Use upstream accepted NVMEM patches
2. Minor fix for BCM4908 partitioning
3. Support for Linksys firmware partitions on Northstar
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 3fd0a4222b)
On NEC Aterm WG1200CR, the MAC address for WAN is printed in the label
on the case, not LAN.
This patch fixes this issue.
Fixes: 50fdc0374b ("ath79: provide label MAC address")
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit e2331fb549)
There are only two lan ports and one wan port on Youku yk1
Fixes: e9baf8265b ("ramips: add support for Youku YK1")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[add Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b88d2850c6)
libunwind dependency check does not allow for MIPS64 arch. Add MIPS64 awareness.
libunwind seems to support MIPS64 without issues, it was limited by the dep arch
check in the Makefile.
Used to compile Suricata6/Rust locally without issue.
Signed-off-by: Donald Hoskins <grommish@gmail.com>
(cherry picked from commit ea6d4bdde2)
While rebasing into setting bits instead of magic values,
I accidentally forgot to actually set the force bit.
Without it using the pins as GPIO-s did not actually work.
Fixes: b5c93ed ("ipq40xx: add Qualcomm QCA807x driver")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit 7f2d9ccd09)
The pkgconfig file hardcodes a host library directory which cannot be
overridden by OpenWrt during builds. Use SED to fix this and potential
include directory problems, as is done with several other packages.
This fixes a strange issue intermittently seen building iproute2 on the
oxnas target:
iptables modules directory: /usr/lib/iptables
libc has setns: yes
SELinux support: no
libbpf support: no
libbpf version 0.3.0 is too low, please update it to at least 0.1.0
LIBBPF_FORCE=on set, but couldn't find a usable libbpf
Fixes: 2f0d672088 ("bpftools: add utility and library packages
supporting eBPF usage")
Reported-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 9e64e4ce26)
For Visual Studio Code users, .vscode is created inside the workspace.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 12dbad1a86)
DTR GPIO isn't actually needed and triggers boot warning.
TX pin was off by one (GPIO 19 instead of GPIO 18).
Reported-by: @tophirsch
Fixes: d1130ad265 ("ath79: add support for Teltonika RUT955")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 53a7d5d614)
Some users report that current snapshot producies non-bootable images.
Stock uboot can boot images if the kernel is smaller than 2MB.
Set maximum kernel size and disable image building for this board.
Ref: https://forum.openwrt.org/t/astoria-arv7519rw22-bootloops-after-upgrade/89843
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
(cherry picked from commit c027dbac5a)
If the environment variable FILTER is set before compilation,
compilation of the ppp-package will fail with the error message
Package ppp is missing dependencies for the following libraries:
libpcap.so.1
The reason is that the OpenWrt-patch for the Makefile only comments
out the line FILTER=y. Hence the pcap-library will be dynamically
linked if the environment variable FILTER is set elsewhere, which
causes compilation to fail. The fix consists on explicitly unsetting
the variable FILTER instead.
Signed-off-by: Eike Ritter <git@rittere.co.uk>
(cherry picked from commit 46cd0765d0)
