This should fix CVE-2021-3336:
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not
cease processing for certain anomalous peer behavior (sending an
ED22519, ED448, ECC, or RSA signature without the corresponding
certificate).
The patch is backported from the upstream wolfssl development branch.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
They are anyway not used for now, so only build fiptool and sptool.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: maurerr <mariusd84@gmail.com>
Specifications:
- SoC: MediaTek MT7621AT
- RAM: 128 MB (DDR3)
- Flash: 16 MB (SPI NOR)
- WiFi: MediaTek MT7603E, MediaTek MT7612E
- Switch: 1 WAN, 4 LAN (Gigabit)
- Ports: 1 USB 3.0
- Buttons: Reset, WPS
- LEDs: Power, System, Wan, Lan 1-4, WiFi 2.4G, WiFi 5G, WPS, USB
- Power: DC 12V 1A tip positive
UART Serial:
115200 baud
Located on unpopulated 4 pin header near J4:
J4
[o] Rx
[o] Tx
[o] GND
[ ] Vcc - Do not connect
Installation:
Download and flash the manufacturer's built OpenWRT image available at
http://www.cudytech.com/openwrt_software_download
Install the new OpenWRT image via luci (System -> Backup/Flash firmware)
Be sure to NOT keep settings. The force upgrade may need to be checked
due to differences in router naming conventions.
Recovery:
- Loads only signed manufacture firmware due to bootloader RSA verification
- serve tftp-recovery image as /recovery.bin on 192.168.1.88/24
- connect to any lan ethernet port
- power on the device while holding the reset button
- wait at least 8 seconds before releasing reset button for image to
download
- See http://www.cudytech.com/newsinfo/547425.html
MAC addresses as verified by OEM firmware:
use address source
LAN *:f0 label
WAN *:f1 label + 1
2g *:f0 label
5g *:f2 label + 2
The label MAC address is found in bdinfo 0xde00.
Signed-off-by: Andrew Pikler <andrew.pikler@gmail.com>
Signed-off-by: maurerr <mariusd84@gmail.com>
Specifications:
* QCA9557, 16 MiB Flash, 128 MiB RAM, 802.11n 2T2R
* QCA9882, 802.11ac 2T2R
* 2x Gigabit LAN (1x 802.11af PoE)
* IP68 pole-mountable outdoor case
Installation:
* Factory Web UI is at 192.168.0.50
login with 'admin' and blank password, flash factory.bin
* Recovery Web UI is at 192.168.0.50
connect network cable, hold reset button during power-on and keep it
pressed until uploading has started (only required when checksum is ok,
e.g. for reverting back to oem firmware), flash factory.bin
After flashing factory.bin, additional free space can be reclaimed by
flashing sysupgrade.bin, since the factory image requires some padding
to be accepted for upgrading via OEM Web UI.
Both ethernet ports are set to LAN by default, matching the labelling on
the case. However, since both GMAC Interfaces eth0 and eth1 are connected
to the switch (QCA8337), the user may create an additional 'wan' interface
as desired and override the vlan id settings to map br-lan / wan to either
the PoE or non-PoE port, depending on the individual scenario of use.
So, the LAN and WAN ports would then be connected to different GMACs, e.g.
config interface 'lan'
option ifname 'eth0.1'
...
config interface 'wan'
option ifname 'eth1.2'
...
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 0t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '2 6t'
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
[add configuration example]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
* The fit image is now created with 0666 permission in upstream U-Boot
remove our patch switch creates it with 0744
* The generated/autoconf.h file is created now as an empty file, it is
not needed to remove this include any more.
* Upstream lib/rsa/rsa-sign.c now includes stdlib.h instead of malloc.h
* ALIGN_MASK was moved to imagetool.h, own patch should not be needed
any more.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
All users have been converted to ubus.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Tested-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
luci now uses ubus directly, so remove 'lucistat'.
For manual usage just print the ubus output, use luci for a pretty
version.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: maurerr <mariusd84@gmail.com>
luci now uses ubus directly, so remove 'lucistat'.
For manual usage just print the ubus output, use luci for a pretty
version.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Tested-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
procd sends sigterm to stop daemons, hook it up.
This speeds up the shutdown sequence and gets rid of the following message:
daemon.info procd: Instance dsl_control::instance1 pid 15408 not stopped on SIGTERM, sending SIGKILL instead
Signed-off-by: Andre Heider <a.heider@gmail.com>
Tested-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
Have the port use GMAC1 with internal switch
which fixes the issue of the ethernet LED not functioning
The LED is triggered by the internal switch, not a GPIO.
The GPIO for the ethernet LED was added in ath79
as it was defined in the ar71xx target
but it was not functioning in ath79 for a previously unknown reason.
It is unknown why that GPIO was defined as an LED in ar71xx.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
[drop unrelated changes: model property and SPI max frequency]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
for:
- ENH202 v1
- ENS202EXT v1
- EnstationAC v1
- EWS511AP
For EWS511AP, have default behavior as static ip
to match the behavior of all other APs in ath79
These boards are sold as
Client Bridge or Point to Point or Access Point
so there is probably no benefit to have WAN by default
for one of the ports, to prevent user confusion.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Signed-off-by: maurerr <mariusd84@gmail.com>
dnsmasq v2.84rc2 has been promoted to release.
No functional difference between v2.83test3 and v2.84/v2.84rc2
Backport 2 patches to fix the version reporting
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: maurerr <mariusd84@gmail.com>
Use new ubus-based hotplug call in dhcp-script.sh
As sysntpd now makes use of the new ubus-based hotplug calls, dnsmasq
no longer needs to ship ACL to cover ntpd-hotplug.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: maurerr <mariusd84@gmail.com>
erley.org no longer exists; attempting to connect to it during package
download results in lengthy timeouts. Use the new OpenWrt CDN alias to
download from reliable OpenWrt mirrors.
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Signed-off-by: maurerr <mariusd84@gmail.com>
While the latest version of 19.07 release is usable,
the current master is unbootable on the device in a normal way.
"Normal way" installations includes:
- sysupgrade (e.g. from 19.07)
- RESET button recovery with Ron Curry's (Wingspinner) UBoot image
(10.10.10.3 + "Kernal.bin")
- RESET button recovery with original U-Boot
(10.10.10.254 + "kernel")
One could flash and boot the latest master sysupgrade image successfully
with serial access to the device. But a sysupgrade from this state still
breaks the U-Boot and soft-bricks the device.
Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
Signed-off-by: maurerr <mariusd84@gmail.com>
shellcheck recommends || and && over "-a" and "-o" because the
latter are not well defined.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
The hardware random number generator driver for bcm63xx was merged with
the one used by the Raspberry Pi. Now this driver is lost.
Reenable the HW_RANDOM kernel config with the new driver.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
[refresh kernel config]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: maurerr <mariusd84@gmail.com>
Multiple sources are hosted on OpenWrts source server only. The source
URLs to point to the server vary based on different epochs in OpenWrts
history.
Replace all by @OPENWRT which is an "empty" mirror, therefore using the
fallback servers sources.cdn.openwrt.org and sources.openwrt.org.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Signed-off-by: maurerr <mariusd84@gmail.com>
Instead of taking the input of one temperature sensor (temp1), the
script takes into account three temperature sensors to control the
PWM of the cooling fan.
temp1 -> placed on main board
temp2 -> placed on main board
temp3 -> placed on or close to chipset
All three temperatures give valid input for the PWM of the fan on
NSA310 and are actually changing.
Tested on two NSA310.
Signed-off-by: Thomas Beckler <thomas.beckler@hotmail.com>
Reviewed-by: Alberto Bursi <bobafetthotmail@gmail.com>
[commit title/message facelift, code cleanup]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
Although provided in separate zip archives, the firmwares for EU
and RU version are byte-identical. This adds the missing ID compared
to the support-list in the vendor firmware.
Note (since I checked it anyway):
Partitions and support list are unchanged for all three existing
firmware versions:
* 20200721-rel40773
* 20201029-rel43238
* 20201120-rel50399
Signed-off-by: Alexey Kunitskiy <alexey.kv@gmail.com>
[rewrite commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
Wrap line to be consistent with all other definitions.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
ELECOM WAB-I1750-PS will need this in ath79, so move it to common
Makefile.
Signed-off-by: Yanase Yuki <dev@zpc.sakura.ne.jp>
Signed-off-by: maurerr <mariusd84@gmail.com>
FRITZ!Box 7412 loads the firmware for fast ethernet PHY and mii is
more accurate in this case.
Gmii is used by Gigabit ethernet PHYs.
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
Reviewed-by: Mathias Kresin <dev@kresin.me>
[minor commit title/message adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
This replaces a full-text BSD clause by the corresponding SPDX
identifier.
This should make it easier to identify the license both by humans
and machines.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
This replaces several full-text and abbreviated licenses found in
DTS files by the corresponding SPDX identifiers.
This should make it easier to identify the license both by humans
and machines.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
UniElec U7621-01 is a router platform board, the smaller model of
the U7621-06.
The device has the following specifications:
- MT7621AT (880 MHz)
- 256 of RAM (DDR3)
- 16 MB of FLASH (SPI NOR)
- 5x 1 Gbps Ethernet (MT7621 built-in switch)
- 1x 2.4Ghz MT7603E
- 1x 5Ghz MT7612
- 1x miniPCIe slots (PCIe bus only)
- 1x miniSIM slot
- 1x USB 2.0 (uses the usb 3.0 driver)
- 8x LEDs (1x GPIO-controlled)
- 1x reset button
- 1x UART header (4-pins)
- 1x GPIO header (30-pins)
- 1x DC jack for main power (12 V)
The following has been tested and is working:
- Ethernet switch
- 1x 2.4Ghz MT7603E (wifi)
- 1x 5Ghz MT7612 (wifi)
- miniPCIe slots (tested with Wi-Fi cards and LTE modem cards)
- miniSIM slot (works with normal size simcard)
- sysupgrade
- reset button
Installation:
This board has no locked down bootloader. The seller can be asked to
install openwrt v18.06, so upgrades are standard sysupgrade method.
Recovery:
This board contains a Chinese, closed-source bootloader called Breed
(Boot and Recovery Environment for Embedded Devices). Breed supports web
recovery and to enter it, you keep the reset button pressed for around
5 seconds during boot. Your machine will be assigned an IP through DHCP
and the router will use IP address 192.168.1.1. The recovery website is
in Chinese, but is easy to use. Click on the second item in the list to
access the recovery page, then the second item on the next page is where
you select the firmware. In order to start the recovery, you click the
button at the bottom.
LEDs list (left to right):
- ESW_P0_LED_0
- ESW_P1_LED_0
- ESW_P2_LED_0
- ESW_P3_LED_0
- ESW_P4_LED_0
- CTS2_N (GPIO10, configured as "status" LED)
- LED_WLAN# (connected with pin 44 in wifi1 slot)
Signed-off-by: David Bentham <db260179@gmail.com>
[add DEVICE_VARIANT, fix DEVICE_PACKAGES, remove &gpio]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
Port device support for Meraki MR12 from the ar71xx target to ath79.
Specifications:
- SoC: AR7242-AH1A CPU
- RAM: 64MiB (NANYA NT5DS32M16DS-5T)
- NOR Flash: 16MiB (MXIC MX25L12845EMI-10G)
- Ethernet: 1 x PoE Gigabit Ethernet Port (SoC MAC + AR8021-BL1E PHY)
- Ethernet: 1 x 100Mbit port (SoC MAC+PHY)
- Wi-Fi: Atheros AR9283-AL1A (2T2R, 11n)
Installation:
1. Requires TFTP server at 192.168.1.101, w/ initramfs & sysupgrade .bins
2. Open shell case
3. Connect a USB->TTL cable to headers furthest from the RF shield
4. Power on the router; connect to U-boot over 115200-baud connection
5. Interrupt U-boot process to boot Openwrt by running:
setenv bootcmd bootm 0xbf0a0000; saveenv;
tftpboot 0c00000 <filename-of-initramfs-kernel>.bin;
bootm 0c00000;
6. Copy sysupgrade image to /tmp on MR12
7. sysupgrade /tmp/<filename-of-sysupgrade>.bin
Notes:
- kmod-owl-loader is still required to load the ART partition into the
driver.
- The manner of storing MAC addresses is updated from ar71xx; it is
at 0x66 of the 'config' partition, where it was discovered that the
OEM firmware stores it. This is set as read-only. If you are
migrating from ar71xx and used the method mentioned above to
upgrade, use kmod-mtd-rw or UCI to add the MAC back in. One more
method for doing this is described below.
- Migrating directly from ar71xx has not been thoroughly tested, but
one method has been used a couple of times with good success,
migrating 18.06.2 to a full image produced as of this commit. Please
note that these instructions are only for experienced users, and/or
those still able to open their device up to flash it via the serial
headers should anything go wrong.
1) Install kmod-mtd-rw and uboot-envtools
2) Run `insmod mtd-rw.ko i_want_a_brick=1`
3) Modify /etc/fw_env.config to point to the u-boot-env partition.
The file /etc/fw_env.config should contain:
# MTD device env offset env size sector size
/dev/mtd1 0x00000 0x10000 0x10000
See https://openwrt.org/docs/techref/bootloader/uboot.config
for more details.
4) Run `fw_printenv` to verify everything is correct, as per the
link above.
5) Run `fw_setenv bootcmd bootm 0xbf0a0000` to set a new boot address.
6) Manually modify /lib/upgrade/common.sh's get_image function:
Change ...
cat "$from" 2>/dev/null | $cmd
... into ...
(
dd if=/dev/zero bs=1 count=$((0x66)) ; # Pad the first 102 bytes
echo -ne '\x00\x18\x0a\x12\x34\x56' ; # Add in MAC address
dd if=/dev/zero bs=1 count=$((0x20000-0x66-0x6)) ; # Pad the rest
cat "$from" 2>/dev/null
) | $cmd
... which, during the upgrade process, will pad the image by
128K of zeroes-plus-MAC-address, in order for the ar71xx's
firmware partition -- which starts at 0xbf080000 -- to be
instead aligned with the ath79 firmware partition, which
starts 128K later at 0xbf0a0000.
7) Copy the sysupgrade image into /tmp, as above
8) Run `sysupgrade -F /tmp/<sysupgrade>.bin`, then wait
Again, this may BRICK YOUR DEVICE, so make *sure* to have your
serial cable handy.
Signed-off-by: Martin Kennedy <hurricos@gmail.com>
[add LED migration and extend compat message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
Specifications:
- SoC: MediaTek MT7688AN
- RAM: 128 MB
- Flash: 32 MB
- Ethernet: 5x 10/100 (1x WAN, 4x LAN)
- Wireless: built in 2.4GHz (bgn)
- USB: 1x USB 2.0 port
- Buttons: 1x Reset
- LEDs: 1x (WiFi)
Flash instructions:
- Configure TFTP server with IP address 10.10.10.3
- Name the firmware file as firmware.bin
- Connect any Ethernet port to the TFTP server's LAN
- Choose option 2 in U-Boot
- Alternatively choose option 7 to upload firmware to the built-in
web server
MAC addresses as verified by OEM firmware:
use address source
2g *:XX factory 0x4
LAN *:XX+1 factory 0x28
WAN *:XX+1 factory 0x2e
Notes:
This board is ostensibly a module containing the MediaTek MT7688AN SoC,
128 MB DDR2 SDRAM and 32 MB flash storage. The SoC can be operated in
IoT Gateway Mode or IoT Device Mode.
From some vendors the U-Boot that comes installed operates on UART 2
which is inaccessible in gateway mode and operates unreliably in the
Linux kernel when using more than 64 MB of RAM. For those, updating
U-Boot is recommended.
Signed-off-by: Ewan Parker <ewan@ewan.cc>
[add WLAN to 01_leds]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
The license folder is a core part of OpenWrt and all GPL-2.0 licensed.
Use SPDX license tags to allow machines to check licenses.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[rebase, keep some Copyright lines, sharpen commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: maurerr <mariusd84@gmail.com>
Ran update_kernel.sh in a fresh clone without any existing toolchains.
Removed upstreamed patches:
imx6: 303-ARM-dts-imx6qdl-gw52xx-fix-duplicate-regulator-namin.patch
Build system: x86_64
Build-tested: ipq806x/R7800, bcm27xx/bcm2711
Run-tested: ipq806x/R7800
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
Signed-off-by: maurerr <mariusd84@gmail.com>
Commit 7c8c4f1be6 ("hostapd: fix P2P group information processing
vulnerability") was missing the actual patch for the vulnerability.
Fixes: 7c8c4f1be6 ("hostapd: fix P2P group information processing vulnerability")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: maurerr <mariusd84@gmail.com>
A vulnerability was discovered in how wpa_supplicant processing P2P
(Wi-Fi Direct) group information from active group owners.
This issue was discovered by fuzz testing of wpa_supplicant by Google's
OSS-Fuzz.
https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: maurerr <mariusd84@gmail.com>
Vulnerabilities of Trusted Firmware A are tracked as
cpe:/a:arm:arm_trusted_firmware
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: maurerr <mariusd84@gmail.com>
tfa-fiptool is now provided by an extra package. Use that instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: maurerr <mariusd84@gmail.com>