EAP-pwd side-channel attack
Published: April 10, 2019
Identifiers:
- CVE-2019-9495 (cache attack against EAP-pwd)
Latest version available from: https://w1.fi/security/2019-2/
Vulnerability
Number of potential side channel attacks were recently discovered in the
SAE implementations used by both hostapd and wpa_supplicant (see
security advisory 2019-1 and VU#871675). EAP-pwd uses a similar design
for deriving PWE from the password and while a specific attack against
EAP-pwd is not yet known to be tested, there is no reason to believe
that the EAP-pwd implementation would be immune against the type of
cache attack that was identified for the SAE implementation. Since the
EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP
peer) does not support MODP groups, the timing attack described against
SAE is not applicable for the EAP-pwd implementation.
A novel cache-based attack against SAE handshake would likely be
applicable against the EAP-pwd implementation. Even though the
wpa_supplicant/hostapd PWE derivation iteration for EAP-pwd has
protections against timing attacks, this new cache-based attack might
enable an attacker to determine which code branch is taken in the
iteration if the attacker is able to run unprivileged code on the victim
machine (e.g., an app installed on a smart phone or potentially a
JavaScript code on a web site loaded by a web browser). This depends on
the used CPU not providing sufficient protection to prevent unprivileged
applications from observing memory access patterns through the shared
cache (which is the most likely case with today's designs).
The attacker could use information about the selected branch to learn
information about the password and combine this information from number
of handshake instances with an offline dictionary attack. With
sufficient number of handshakes and sufficiently weak password, this
might result in full recovery of the used password if that password is
not strong enough to protect against dictionary attacks.
This attack requires the attacker to be able to run a program on the
target device. This is not commonly the case on an authentication server
(EAP server), so the most likely target for this would be a client
device using EAP-pwd.
The commits listed in the end of this advisory change the EAP-pwd
implementation shared by hostapd and wpa_supplicant to perform the PWE
derivation loop using operations that use constant time and memory
access pattern to minimize the externally observable differences from
operations that depend on the password even for the case where the
attacker might be able to run unprivileged code on the same device.
Vulnerable versions/configurations
All wpa_supplicant and hostapd versions with EAP-pwd support
(CONFIG_EAP_PWD=y in the build configuration and EAP-pwd being enabled
in the runtime configuration).
It should also be noted that older versions of wpa_supplicant/hostapd
prior to v2.7 did not include additional protection against certain
timing differences. The definition of the EAP-pwd (RFC 5931) does not
describe such protection, but the same issue that was addressed in SAE
earlier can be applicable against EAP-pwd as well and as such, that
implementation specific extra protection (commit 22ac3dfebf7b, "EAP-pwd:
Mask timing of PWE derivation") is needed to avoid showing externally
visible timing differences that could leak information about the
password. Any uses of older wpa_supplicant/hostapd versions with EAP-pwd
are recommended to update to v2.7 or newer in addition to the mitigation
steps listed below for the more recently discovered issue.
Possible mitigation steps
- Merge the following commits to wpa_supplicant/hostapd and rebuild:
OpenSSL: Use constant time operations for private bignums
Add helper functions for constant time operations
OpenSSL: Use constant time selection for crypto_bignum_legendre()
EAP-pwd: Use constant time and memory access for finding the PWE
These patches are available from https://w1.fi/security/2019-2/
- Update to wpa_supplicant/hostapd v2.8 or newer, once available
- Use strong passwords to prevent dictionary attacks
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
SAE side-channel attacks
Published: April 10, 2019
Identifiers:
- VU#871675
- CVE-2019-9494 (cache attack against SAE)
Latest version available from: https://w1.fi/security/2019-1/
Vulnerability
Number of potential side channel attacks were discovered in the SAE
implementations used by both hostapd (AP) and wpa_supplicant
(infrastructure BSS station/mesh station). SAE (Simultaneous
Authentication of Equals) is also known as WPA3-Personal. The discovered
side channel attacks may be able to leak information about the used
password based on observable timing differences and cache access
patterns. This might result in full password recovery when combined with
an offline dictionary attack and if the password is not strong enough to
protect against dictionary attacks.
Cache attack
A novel cache-based attack against SAE handshake was discovered. This
attack targets SAE with ECC groups. ECC group 19 being the mandatory
group to support and the most likely used group for SAE today, so this
attack applies to the most common SAE use case. Even though the PWE
derivation iteration in SAE has protections against timing attacks, this
new cache-based attack enables an attacker to determine which code
branch is taken in the iteration if the attacker is able to run
unprivileged code on the victim machine (e.g., an app installed on a
smart phone or potentially a JavaScript code on a web site loaded by a
web browser). This depends on the used CPU not providing sufficient
protection to prevent unprivileged applications from observing memory
access patterns through the shared cache (which is the most likely case
with today's designs).
The attacker can use information about the selected branch to learn
information about the password and combine this information from number
of handshake instances with an offline dictionary attack. With
sufficient number of handshakes and sufficiently weak password, this
might result in full discovery of the used password.
This attack requires the attacker to be able to run a program on the
target device. This is not commonly the case on access points, so the
most likely target for this would be a client device using SAE in an
infrastructure BSS or mesh BSS.
The commits listed in the end of this advisory change the SAE
implementation shared by hostapd and wpa_supplicant to perform the PWE
derivation loop using operations that use constant time and memory
access pattern to minimize the externally observable differences from
operations that depend on the password even for the case where the
attacker might be able to run unprivileged code on the same device.
Timing attack
The timing attack applies to the MODP groups 22, 23, and 24 where the
PWE generation algorithm defined for SAE can have sufficient timing
differences for an attacker to be able to determine how many rounds were
needed to find the PWE based on the used password and MAC
addresses. When the attack is repeated with multiple times, the attacker
may be able to gather enough information about the password to be able
to recover it fully using an offline dictionary attack if the password
is not strong enough to protect against dictionary attacks. This attack
could be performed by an attacker in radio range of an access point or a
station enabling the specific MODP groups.
This timing attack requires the applicable MODP groups to be enabled
explicitly in hostapd/wpa_supplicant configuration (sae_groups
parameter). All versions of hostapd/wpa_supplicant have disabled these
groups by default.
While this security advisory lists couple of commits introducing
additional protection for MODP groups in SAE, it should be noted that
the groups 22, 23, and 24 are not considered strong enough to meet the
current expectation for a secure system. As such, their use is
discouraged even if the additional protection mechanisms in the
implementation are included.
Vulnerable versions/configurations
All wpa_supplicant and hostapd versions with SAE support (CONFIG_SAE=y
in the build configuration and SAE being enabled in the runtime
configuration).
Acknowledgments
Thanks to Mathy Vanhoef (New York University Abu Dhabi) and Eyal Ronen
(Tel Aviv University) for discovering the issues and for discussions on
how to address them.
Possible mitigation steps
- Merge the following commits to wpa_supplicant/hostapd and rebuild:
OpenSSL: Use constant time operations for private bignums
Add helper functions for constant time operations
OpenSSL: Use constant time selection for crypto_bignum_legendre()
SAE: Minimize timing differences in PWE derivation
SAE: Avoid branches in is_quadratic_residue_blind()
SAE: Mask timing of MODP groups 22, 23, 24
SAE: Use const_time selection for PWE in FFC
SAE: Use constant time operations in sae_test_pwd_seed_ffc()
These patches are available from https://w1.fi/security/2019-1/
- Update to wpa_supplicant/hostapd v2.8 or newer, once available
- In addition to either of the above alternatives, disable MODP groups
1, 2, 5, 22, 23, and 24 by removing them from hostapd/wpa_supplicant
sae_groups runtime configuration parameter, if they were explicitly
enabled since those groups are not considered strong enough to meet
current security expectations. The groups 22, 23, and 24 are related
to the discovered side channel (timing) attack. The other groups in
the list are consider too weak to provide sufficient security. Note
that all these groups have been disabled by default in all
hostapd/wpa_supplicant versions and these would be used only if
explicitly enabled in the configuration.
- Use strong passwords to prevent dictionary attacks
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
With this change, the file is reduced from 5186 bytes to 4649 bytes that
its approximately 10.5 percent less memory consumption. For small
devices, sometimes every byte counts.
Also, all other protocol handler use tabs instead of spaces.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This is sold as a dual-band 802.11ac range extender. It has a sliding
switch for Extender mode or Access Point mode, a WPS button, a recessed
Reset button, a hard-power button, and a multitude of LED's, some
multiplexed via an NXP 74AHC164D chip. The internal serial header pinout is
Vcc, Tx, Rx, GND, with GND closest to the corner of the board. You may
connect at 115200 bps, 8 data bits, no parity, 1 stop bit.
Specification:
- System-On-Chip: QCA9558
- CPU/Speed: 720 MHz
- Flash-Chip: Winbond 25Q128FVSG
- Flash size: 16 MiB
- RAM: 128 MiB
- Wireless No1: QCA9558 on-chip 2.4GHz 802.11bgn, 3x3
- Wireless No2: QCA99x0 chip 5GHz 802.11an+ac, 4x4
- PHY: Atheros AR8035-A
Installation:
If you can get to the stock firmware's firmware upgrade option, just feed
it the factory.img and boot as usual. As an alternative, TFTP the
factory.img to the bootloader.
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
[whitespace fix in DTS and reorder of make variables]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Fix dbclient regression in 2019.77. After exiting the terminal would be left
in a bad state. Reported by Ryan Woodsmall
drop patch applied upstream:
010-tty-modes-werent-reset-for-client.patch
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
We do not need to define an empty Build/Configure since
the default checks for existing ./configure and does nothing
in case nothing is found.
Similar for Build/Compile: we can remove the definition
when we only call the default.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
After getting rid of cryptsetup's heavy openssl dependency, there is now
the problem of missing RIPEMD160 support. RIPEMD160 is used for True/Vera
crypt volumes as well as old LUKS1 ones.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Currently leds migration scripts in ar71xx and lantiq share a lot of
logic and introducing leds migration to another target would mean
copying this code, again. Therefore add common logic to library in
base-files package.
Suggested-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
* allowedips: initialize list head when removing intermediate nodes
Fix for an important regression in removing allowed IPs from the last
snapshot. We have new test cases to catch these in the future as well.
* tools: warn if an AllowedIP has a nonzero host part
If you try to run `wg set wg0 peer ... allowed-ips 192.168.1.82/24`, wg(8)
will now print a warning. Even though we mask this automatically down to
192.168.1.0/24, usually when people specify it like this, it's a mistake.
* wg-quick: add 'strip' subcommand
The new strip subcommand prints the config file to stdout after stripping
it of all wg-quick-specific options. This enables tricks such as:
`wg addconf $DEV <(wg-quick strip $DEV)`.
* tools: avoid unneccessary next_peer assignments in sort_peers()
Small C optimization the compiler was probably already doing.
* peerlookup: rename from hashtables
* allowedips: do not use __always_inline
* device: use skb accessor functions where possible
Suggested tweaks from Dave Miller.
* blake2s: simplify
* blake2s: remove outlen parameter from final
The blake2s implementation has been simplified, since we don't use any of the
fancy tree hashing parameters or the like. We also no longer separate the
output length at initialization time from the output length at finalization
time.
* global: the _bh variety of rcu helpers have been unified
* compat: nf_nat_core.h was removed upstream
* compat: backport skb_mark_not_on_list
The usual assortment of compat fixes for Linux 5.1.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
The removed patches are now integrated in the upstream kernel.
Refresh all patches on top of the new backports release.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Add U-Boot for NVIDIA Tegra based boards, with the first being CompuLab
TrimSlice. This is part of initial support for this board.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
New target introduces initial support for NVIDIA Tegra SoC based devices.
It focuses on Tegra 2 CPUs, for successors supporting NEON instruction
set the target should be split in two subtargets.
This initial commit doesn't create any device image, it's groundwork
for further additions.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Commit 124ab1dc0a and 5523ee3459 introduced the assignment of the
group "tty" to /dev/tty* devices in order to support unprivileged
user access to serial devices.
However, due to an improperly rebased commit this feature broke.
This patch restores the lost hunk in hotplug.json file to
re-introduce this feature and also renames the existing "tty" group
to "dialout" as this is the more typical name for such a group
on desktop systems.
Fixes: 5209cfa534 ("procd: fix hotplug.json syntax")
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Acked-by: Jo-Philipp Wich <jo@mein.io>
OpenVPN as of 2.4.7 uses some OpenSSL APIs that are deprecated in
OpenSSL >= 1.1.0.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [white space fix]
361b3e4 proto-shell: return error in case setup fails
a97297d interface: set interface in TEARDOWN state when checking link state
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Increase MAX_WAIT_FW_COMPLETE_ITERATIONS to 10000 as before commit
e5e0700 to prevent timeout as reported here: #308 (Original OP issue is
probably not related though as his post preceeds commit e5e0700).
compile/test target mvebu/mamba, rango
Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
[commit subject and message tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Release notes since last time:
Release notes for wave-1 / 10.1:
2019-03-28: Fix sometimes using bad TID for management frames
in htt-mgt mode. (Backported from wave2, looks
like bug would be the same though.)
Release notes for wave-2 / 10.4:
2019-03-28: Fix off-channel scanning while associated in
proxy-station mode.
2019-03-29: Fix sometimes sending mgt frames on wrong tid when
using htt-mgt. This bug has been around since I first
enabled htt-mgt mode.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
c2cfe9d iwinfo: Fix 802.11ad channel to frequency
Fixes 9725aa271a ("iwinfo: update to latest git HEAD")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
ff1ded6 libfstools: Fix overflow of F2FS_MINSIZE constant
bc2c876 libfstools: Print error in case of loop blkdev failure
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Instead of creating host-routes depending on fwmark as (accidentally)
pushed by commit
1e8bb50b93 ("wireguard: do not add host-dependencies if fwmark is set")
use a new config option 'nohostroute' to explicitely prevent creation
of the route to the endpoint.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The 'fwmark' option is used to define routing traffic to
wireguard endpoints to go through specific routing tables.
In that case it doesn't make sense to setup routes for
host-dependencies in the 'main' table, so skip setting host
dependencies if 'fwmark' is set.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The 4.14.108 bump introduced a missing dependency when building
specific netfilters.
Thsi was not seen as the error does not occur on all targets.
Thanks to Jo-Philipp Wich for providing the fix
Fixes: af6c86dbe5 ("kernel: bump 4.14 to 4.14.108")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
- limit ECC support to ec*-sha2-nistp256:
* DROPBEAR_ECC now provides only basic support for ECC
- provide full ECC support as an option:
* DROPBEAR_ECC_FULL brings back support for ec{dh,dsa}-sha2-nistp{384,521}
- update feature costs in binary size
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* option "keyfile" is more generic than "rsakeyfile".
* option "rsakeyfile" is considered to be deprecated and should be removed
in future releases.
* warn user (in syslog) if option "rsakeyfile" is used
* better check options ("rsakeyfile" and "keyfile"): don't append
"-r keyfile" to command line if file is absent (doesn't exist or empty),
warn user (in syslog) about such files
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Felix Fietkau pointed out that bundled libtomcrypt/libtommath do funny stuff with CFLAGS.
fix this with checking environment variable OPENWRT_BUILD in both libs.
change in dropbear binary size is drastical: 221621 -> 164277.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
compiler complains about messed up CFLAGS in build log:
<command-line>: warning: "_FORTIFY_SOURCE" redefined
<command-line>: note: this is the location of the previous definition
and then linker fails:
mips-openwrt-linux-musl-gcc [...] -o dropbearmulti [...]
collect2: fatal error: ld terminated with signal 11 [Segmentation fault]
compilation terminated.
/staging_dir/toolchain-mips_24kc_gcc-8.2.0_musl/mips-openwrt-linux-musl/bin/ld: /tmp/cc27zORz.ltrans0.ltrans.o: relocation R_MIPS_HI16 against `cipher_descriptor' can not be used when making a shared object; recompile with -fPIC
/staging_dir/toolchain-mips_24kc_gcc-8.2.0_musl/mips-openwrt-linux-musl/bin/ld: /tmp/cc27zORz.ltrans1.ltrans.o: relocation R_MIPS_HI16 against `ses' can not be used when making a shared object; recompile with -fPIC
/staging_dir/toolchain-mips_24kc_gcc-8.2.0_musl/mips-openwrt-linux-musl/bin/ld: /tmp/cc27zORz.ltrans2.ltrans.o: relocation R_MIPS_HI16 against `cipher_descriptor' can not be used when making a shared object; recompile with -fPIC
/staging_dir/toolchain-mips_24kc_gcc-8.2.0_musl/mips-openwrt-linux-musl/bin/ld: BFD (GNU Binutils) 2.31.1 assertion fail elfxx-mips.c:6550
[...]
/staging_dir/toolchain-mips_24kc_gcc-8.2.0_musl/mips-openwrt-linux-musl/bin/ld: BFD (GNU Binutils) 2.31.1 assertion fail elfxx-mips.c:6550
make[3]: *** [Makefile:198: dropbearmulti] Error 1
make[3]: *** Deleting file 'dropbearmulti'
make[3]: Leaving directory '/build_dir/target-mips_24kc_musl/dropbear-2018.76'
make[2]: *** [Makefile:158: /build_dir/target-mips_24kc_musl/dropbear-2018.76/.built] Error 2
make[2]: Leaving directory '/package/network/services/dropbear'
This FTBFS issue was caused by hardening flags set up by dropbear's configure script.
By default, Dropbear offers hardening via CFLAGS and LDFLAGS,
but this may break or confuse OpenWrt settings.
Remove most Dropbear's hardening settings in favour of precise build,
but preserve Spectre v2 mitigations:
* -mfunction-return=thunk
* -mindirect-branch=thunk
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Release notes since last time:
Release notes for wave-1:
- 2019-03-12: Add btcoex feature flag for 2.4Ghz only adapters,
backported from upstream 10.2 firmware.
- 2019-03-12: Support offloading decrypt of PMF blockack frames
to the host. This lets us do blockack with PMF and
rx-sw-crypt. Normal hwcrypt scenarios would not need this.
Release notes for wave-2:
- 2019-03-12: Fix crash when tearing down VI TID when pending frames
exist. Could reproduce this while doing rmmod when VI
traffic was flowing and PMF was enabled but broken.
Bad luck could rarely cause it to happen in more normal
config too.
- 2019-03-12: Support offloading decrypt of PMF blockack frames to
the host. This lets us do blockack with PMF and
rx-sw-crypt. Normal hwcrypt scenarios would not need this.
- 2019-03-12: Re-work problematic patch that attempted to fix transmit
on non-QOS tids. It appears buggy in several ways,
hopefully improved now. This was introduced last fall.
See github bug 78.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
4d8c7e8 mt76: mt76x02: send no-skb tx status without holding the status lock
7e9e9ad mt76: mt7603: add missing initialization for dev->ps_lock
3a7e6bb mt76: fix potential deadlock on cancelling workqueues
deacb8f mt76: fix using mac80211 tx skb header padding
c9402eb mt76: use napi polling for tx cleanup
60e508e mt76: use readl/writel instead of ioread32/iowrite32
5912e8a mt7603: fix sequence number assignment
95a83cc mt7603: send BAR after powersave wakeup
Signed-off-by: Felix Fietkau <nbd@nbd.name>
a8cf037 netifd: wireless: Add support for GCMP cipher
34a70b6 netifd: wireless: Add support for 802.11ad
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This reverts commit 0331770299.
With LTO enabled valgridn does not build on MIPS32 any more, deactivate
it for now. The patch refresh was not reverted.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Openssl 1.1.0 made wholesale changes to its building system.
Apparently, parallel builds are working now.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
The PKG_MIRROR_HASH was for some reason wrong.
Fixes: d75db67870 ("uboot-fritz4040: bump version to 2019-03-03")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
- Former "mir3g" board name becomes "xiaomi,mir3g".
- Reorder some entries to maintain alphabetical order.
- Change DTS so status LEDs (yellow/red/blue) mimic
Xiaomi stock firmware: (Section Indicator)
<http://files.xiaomi-mi.co.uk/files/router_pro/router%20PRO%20EN.pdf>
<http://files.xiaomi-mi.co.uk/files/Mi_WiFi_router_3/MiWiFi_router3_EN.pdf>
|Yellow: Update (LED flickering), the launch of the system (steady light);
|Blue: during normal operation (steady light);
|Red: Safe mode (display flicker), system failure (steady light);
Signed-off-by: Ozgur Can Leonard <ozgurcan@gmail.com>
[Added link to similar Router 3 model]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
- Tested on Turris MOX, OpenWrt master
- Removed PKG_BUILD_DIR
In build_dir there were two folders
ca-certificates and ca-certificates-20190110 and it failed as files
were in ca-certificates-20190110
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
Hardware
--------
CPU: Qualcomm IPQ4018
RAM: 256M
FLASH: 32M SPI NOR W25Q256
ETH: QCA8075
WiFi2: IPQ4018 2T2R 2SS b/g/n
WiFi5: IPQ4018 2T2R 2SS n/ac
LED: - Power amber
- LAN1(PoE) green
- LAN2 green
- Wi-Fi 2.4GHz green
- Wi-Fi 5GHz green
BTN: - WPS
UART: 115200n8 3.3V J1
VCC(1) - GND(2) - TX(3) - RX(4)
Added basic support to get the device up and running for a sysupgrade
image only.
There is currently no way back to factory firmware, so this is a one-way
street to OpenWRT.
Install from factory condition is convoluted, and may brick your device:
1) Enable SSH and disable the CLI on the factory device from the web user
interface (Management->Advanced)
2) Reboot the device
3) Override the default, limited SSH shell:
a) Get into the ssh shell:
ssh admin@192.168.1.1 /bin/sh --login
b) Change the dropbear script to disable the limited shell. At the
empty command prompt type:
sed -i '/login_ssh/s/^/#/g’ dropbear
/etc/init.d/dropbear restart
exit
4) ssh in to a (now-) normal OpenWRT SSH session
5) Flash your built image
a) scp openwrt-ipq40xx-engenius_ens620ext-squashfs-sysupgrade.bin
admin@192.168.1.1:/tmp/
b) ssh admin@192.168.1.1
c) sysupgrade -n
/tmp/openwrt-ipq40xx-engenius_ens620ext-squashfs-sysupgrade.bin
6) After flash completes (it may say "Upgrade failed" followed by
"Upgrade completed") and device reboots, log in to newly flashed
system. Note you will now need to ssh as root rather than admin.
Signed-off-by: Steve Glennon <s.glennon@cablelabs.com>
[whitespace fixes, reordered partitions, removed rng node from 4.14,
fixed 901-arm-boot-add-dts-files.patch]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Update iproute2 to 5.0.0
Remove upstream patch 001-tc-fix-undefined-XATTR_SIZE_MAX
Alter patch 170-ip_tiny as support for IPX and DECnet is dropped
Update patch 010-cake-fwmark to match upstream commit
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Update the out of tree build of cake. Applicable patches are also in
net-next.
057c738 Fix fwmark_shft assignment (again)
ca6c162 Add support for storing mark back into conntrack
7ed9b6c Fix off-by-one error when setting fwmark_shft.
a4a243a sch_cake: Interpret fwmark parameter as a bitmask
29d707e Simplify logic in cake_select_tin()
8acaaee Permit use of connmarks as tin classifiers
348f186 Make the dual modes fairer
99a7297 compat: Don't lock root qdisc when dumping stats on old kernels
Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
ipset utility was linked statically to libipset. Disable static library for dynamic linking to save space.
Add -Wl,--gc-sections,--as-needed for further reduction
MIPS ipk size:
ipset: 29KiB -> 2KiB
libipset: 39KiB -> 38KiB
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
The keyword "all" is only supported by `iw set antenna` if
it's used as the only argument.
Convert "all" into a mask before calling `iw set antenna`.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
00ac79d mt7603: fix initialization of max rx length
320af65 mt76: mt7603: use the correct hweight8() function
bdee924 mt76: fix schedule while atomic in mt76x02_reset_state
abcb544 mt76x02: do not enable RTS/CTS by default
e97a209 mt76: remove mt76_queue dependency from tx_queue_skb function pointer
ddd98f8 mt76: remove mt76_queue dependency from tx_prepare_skb function pointer
9bc2d56 mt76: remove mt76_queue dependency from tx_complete_skb function pointer
06c917f mt76: introduce mt76_sw_queue data structure
2dc63b0 mt76: introduce mt76_txq_id field in mt76_queue_entry
312f6fc mt76: remove irqsave/restore in locking for tx status fifo
0fe6386 mt76: move mt76x02_insert_hdr_pad in mt76-core module
efe9a47 mt76: mmio: move mt76_insert_hdr_pad in mt76_dma_tx_queue_skb
0b03f87 mt76: move skb dma mapping before running tx_prepare_skb
f977a92 mt76: introduce mt76_tx_info data structure
72fe286 mt76: use mac80211 txq scheduling
b77b932 mt76: reduce locking in mt76_dma_tx_cleanup
c0ab515 mt76: store wcid tx rate info in one u32 reduce locking
f37ad72 mt76: mt76x02: store software PN/IV in wcid
5323005 mt76: move tx tasklet to struct mt76_dev
688d708 mt76: only schedule txqs from the tx tasklet
42ce040 mt76: use TX_NEEDS_ALIGNED4_SKBS
2660aa9 mt76: mt7603: store software PN/IV in wcid
3ce8a93 mt76: dma: add static qualifier to mt76_dma_tx_queue_skb
81a32aa mt7603: remove mt7603_mcu_init routine
48dc7e9 mt7603: core: do not use magic numbers in mt7603_reg_map
2236490 mt76: usb: reduce code indentation in mt76u_alloc_tx
Signed-off-by: Felix Fietkau <nbd@nbd.name>
dnsmasq (and probably other DHCP servers as well) does not like to hand out
leases with duplicate host names.
Adding support for skipping the hostname makes it easier to deploy setups
where it is not guaranteed to be unique
Signed-off-by: Felix Fietkau <nbd@nbd.name>
In the case of SHARED_LIBS=y, don't use -export-dynamic to place *all*
symbols into the dynamic symbol table. Instead, use --dynamic-list to
export a smaller set of symbols similar to that defined in static-syms.h
in the case of SHARED_LIBS=n, avoiding an 11 KB tc package size increase.
The symbol set is based on that required by the only plugin, m_xt.so.
Also increment PKG_RELEASE.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE fixup]
This enables using the tc module m_xt.so, which uses the act_ipt kernel
module to allow tc actions based on iptables targets. e.g.
tc filter add dev eth0 parent 1: prio 10 protocol ip \
u32 match u32 0 0 action xt -j DSCP --set-dscp-class BE
Make the SHARED_LIBS parameter configurable and based on tc package
selection.
Fix a problem using the tc m_xt.so plugin as also described in
https://bugs.debian.org/868059:
Sync include/xtables.h from iptables to make sure the right offset is
used when accessing structure members defined in libxtables. One could
get “Extension does not know id …” otherwise. (See also: #868059)
Patch to sync the included xtables.h with system iptables 1.6.x. This
continues to work with iptables 1.8.2.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Add build and runtime dependencies on libelf, allowing tc and ip-full
to load BPF and XDP object files respectively.
Define package 'tc' as a singleton package variant, which can be used to
enable additional functionality limited only to tc. Also set ip-tiny
as the default 'ip' variant.
Preserve optionality of libelf by having configuration script follow the
HAVE_ELF environment variable, used similarly to the HAVE_MNL variable.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Hardware
--------
CPU: Qualcomm IPQ4019
RAM: 256M (NANYA NT5CC128M16JR-EK)
FLASH: 128M NAND (Macronix MX30LF1G18AC-XKI)
ETH: Qualcomm QCA8072
WiFi2: IPQ4019 2T2R 2SS b/g/n
WiFi5: IPQ4019 2T2R 2SS n/ac
WiFi5: QCA9984 4T4R 4SS n/ac
LED: - Connect green/blue/red
- Power green
BTN: WPS/Connect
UART: 115200n8 3.3V
VCC - RX - TX - GND (Square is VCC)
Installation
------------
1. Grab the uboot for the Device from the 'u-boot-fritz3000'
subdirectory. Place it in the same directory as the 'eva_ramboot.py'
script. It is located in the 'scripts/flashing' subdirectory of the
OpenWRT tree.
2. Assign yourself the IP address 192.168.178.10/24. Connect your
Computer to one of the boxes LAN ports.
3. Connect Power to the Box. As soon as the LAN port of your computer
shows link, load the U-Boot to the box using following command.
> ./eva_ramboot.py --offset 0x85000000 192.168.178.1 uboot-fritz3000.bin
4. The U-Boot will now start. Now assign yourself the IP address
192.168.1.70/24. Copy the OpenWRT initramfs (!) image to a TFTP
server root directory and rename it to 'FRITZ3000.bin'.
5. The Box will now boot OpenWRT from RAM. This can take up to two
minutes.
6. Copy the U-Boot and the OpenWRT sysupgrade (!) image to the Box using
scp. SSH into the Box and first write the Bootloader to both previous
kernel partitions.
> mtd write /path/to/uboot-fritz3000.bin uboot0
> mtd write /path/to/uboot-fritz3000.bin uboot1
7. Remove the AVM filesystem partitions to make room for our kernel +
rootfs + overlayfs.
> ubirmvol /dev/ubi0 --name=avm_filesys_0
> ubirmvol /dev/ubi0 --name=avm_filesys_1
8. Flash OpenWRT peristently using sysupgrade.
> sysupgrade -n /path/to/openwrt-sysupgrade.bin
Signed-off-by: David Bauer <mail@david-bauer.net>
AVM devices based on Qualcomm IPQ40xx do not store sector health
information in the OOB area. Make this check optional to support this
platform.
Signed-off-by: David Bauer <mail@david-bauer.net>
Hardware:
CPU: MediaTek MT7621AT (2x880MHz)
RAM: 512MB DDR3
FLASH: 256MB NAND
WiFi: 2.4GHz 4x4 MT7615 b/g/n (Needs driver, See Issues!)
WiFI: 5GHz 4x4 MT7615 a/n/ac (Needs driver, See Issues!)
USB: 1x 3.0
ETH: 1x WAN 10/100/1000 3x LAN 10/100/1000
LED: Power/Status
BTN: RESET
UART: 115200 8n1
Partition layout and boot:
Stock Xiaomi firmware has the MTD split into (among others)
- kernel0 (@0x200000)
- kernel1 (@0x600000)
- rootfs0
- rootfs1
- overlay (ubi)
Xiaomi uboot expects to find kernels at 0x200000 & 0x600000
referred to as system 1 & system 2 respectively.
a kernel is considered suitable for handing control over
if its linux magic number exists & uImage CRC are correct.
If either of those conditions fail, a matching sys'n'_fail flag
is set in uboot env & a restart performed in the hope that the
alternate kernel is okay.
If neither kernel checksums ok and both are marked failed, system 2
is booted anyway.
Note uboot's tftp flash install writes the transferred
image to both kernel partitions.
Installation:
Similar to the Xiaomi MIR3G, we keep stock Xiaomi firmware in
kernel0 for ease of recovery, and install OpenWRT into kernel1 and
after.
The installation file for OpenWRT is a *squashfs-factory.bin file that
contains the kernel and a ubi partition. This is flashed as follows:
nvram set flag_try_sys1_failed=1
nvram set flag_try_sys2_failed=0
nvram commit
dd if=factory.bin bs=1M count=4 | mtd write - kernel1
dd if=factory.bin bs=1M skip=4 | mtd write - rootfs0
reboot
Reverting to stock:
The part of stock firmware we've kept in kernel0 allows us to run stock
recovery, which will re-flash stock firmware from a *.bin file on a USB.
For this we do the following:
fw_setenv flag_try_sys1_failed 0
fw_setenv flag_try_sys2_failed 1
reboot
After reboot the LED status light will blink red, at which point pressing
the 'reset' button will cause stock firmware to be installed from USB.
Issues:
OpenWRT currently does not have support for the MT7615 wifi chips. There is
ongoing work to add mt7615 support to the open source mt76 driver. Until that
support is in place, there are closed-source kernel modules that can be used.
See: https://forum.openwrt.org/t/support-for-xiaomi-wifi-r3p-pro/20290/170
Signed-off-by: Ozgur Can Leonard <ozgurcan@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[02_network remaps, Added link to notes]
Hardware
--------
SOC: QCA9558
RAM: 128M DDR2
Flash: 16MiB SPI-NOR
ETH: QCA8337N: 2x 10/100/1000 PoE and PoE pass-through
WiFi2: QCA9558 (bgn) 2T2R
WiFi5: 2x mPCIE with AR9582 (an) 2T2R
BTN: 1x Reset
GPIO: multiple GPIO on header, PoE passthrough enable
UART: 3.3V 115200 8N1 header on the board
WDG: ATTiny13 watchdog
JTAG: header on the board
USB: 1x connector and 1x header on the board
PoE: 10-32V input in ETH port 1, passthrough in port 2
mPCIE: 2x populated with radios (but replaceable)
OpenWrt is preinstalled from factory. To install use <your-image>-sysupgade.bin
using the web interface or with sysupgrade -n.
Flash from bootloader (in case failsafe does not work)
1. Connect the LibreRouter with a serial adapter (TTL voltage) to the UART
header in the board.
2. Connect an ETH cable and configure static ip addres 192.168.1.10/24
3. Turn on the device and stop the bootloader sending any key through the serial
interface.
4. Use a TFTP server to serve <your image>-sysupgrade.bin file.
5. Execute the following commands at the bootloader prompt:
ath> tftp 82000000 <your image>-sysupgrade.bin
ath> erase 0x9f050000 +$filesize
ath> cp.b 0x82000000 0x9f050000 $filesize
ath> bootm 0x9f050000
More docs
* Bootloader https://github.com/librerouterorg/u-boot
* Board details (schematics, gerbers): https://github.com/librerouterorg/board
Signed-off-by: Santiago Piccinini <spiccinini@altermundi.net>
Openssh uses digest contexts across forks, which is not supported by the
/dev/crypto engine. The speed of digests is usually not worth enabling
them anyway. This changes the default of the DIGESTS option to NONE, so
the user still has the option to enable them.
Added another patch related to the use of encryption contexts across
forks, that ignores a failure to close a previous open session when
reinitializing a context, instead of failing the reinitialization.
Added a link to the Cryptographic Hardware Accelerators document to the
engine pacakges description, to provide more detailed instructions to
configure the engines.
Revert the removal of the OPENSSL_ENGINE_CRYPTO symbol, currently used
by openssh. There is an open PR to update openssh; when merged, this
symbol can be safely removed.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [refresh patches]
Imported from patchwork, patches marked with '=' have already been in
our tree:
[v3,1/4] cfg80211: add ratelimited variants of err and warn
[v3,2/4] rt2x00: use ratelimited variants dev_warn/dev_err
[v3,3/4] rt2x00: check number of EPROTO errors
=[v3,4/4] rt2x00: do not print error when queue is full
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
