Commit e978072baaca ("Do prune_association only after the STA is
authorized") causes issues when an STA roams from one interface to
another interface on the same PHY. The mt7915 driver is not able to
handle this properly. While the commits fixes a DoS, there are other
devices and drivers with the same limitation, so revert to the orginal
behavior for now, until we have a better solution in place.
Fixes: #13156
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 324673914d)
Support for PF_XDP sockets monitoring interface used by the ss tool.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 06e64f9b36)
Add u-boot env config for Xiaomi mi-mini for using fw_printenv and fw_setenv on this board
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit a87bc138cf)
This updates the Intel iwlwifi firmware for AX200 and AX210 from version
66 to version 72. Version 72 is the latest version supported by iwlwifi
from kernel 6.1.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 00ce1c0587)
Instead of reading only a single 4kiB page, read the first 128kiB to
determine the size of an uImage.FIT using 'imsz' or 'imszb'.
This will be needed once we add more Device Tree Overlays, which may
happen for the BPi-R3 mini.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3c2f7bb555)
Add support for the SKBPRIO queuing discipline. This is subtly
different than prio as it also drops packets from the lower priority
flows.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
(cherry picked from commit 8fba9afda5)
colrm is already built, package just isn't generated.
colrm can be used to remove columns from file/stdin.
Use cases vary, personally I needed it because I build openwrt
natively - and wolfssl configure script wants either colrm, or cut
but busybox's cut isn't accepted.
Built: x86_64, latest git
Tested: x86_64, latest git
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit e21b4c9636)
Safely detect integer overflow in try_addint() and try_subint().
Old code relied on undefined behavior, and recent versions of GCC on x86
optimized away the if-statements.
This caused integer overflow in Lua code instead of falling back to
floating-point numbers.
Signed-off-by: Adam Bailey <aebailey@gmail.com>
(cherry picked from commit 3a2e7c30d3)
commit c0611b45a9 ("e2fsprogs: symlink e2fsck to fsck.ext{2, 3, 4},
and tune2fs to findfs") introduced a symlink from tune2fs to findfs.
This only works when the included private libblkid library is used, but
commit 5b1660a538 ("utils/e2fsprogs: Update to 1.43.6") disabled the
usage of this private lib and enabled the shared lib support.
Removing this symlink makes it possible to install tune2fs and findfs
package.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit 0b80c5725f)
d1f07cf devices: add device id for Atheros AR9287 and AR9380
65ea345 nl80211: constify a few arrays
ca79f64 lib: report byte counters as 64 bit values
This contains an ABI change, increase the ABI version too.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a226153067)
Changes between 3.0.9 and 3.0.10 [1 Aug 2023]
* Fix excessive time spent checking DH q parameter value ([CVE-2023-3817])
* Fix DH_check() excessive time with over sized modulus ([CVE-2023-3446])
* Do not ignore empty associated data entries with AES-SIV ([CVE-2023-2975])
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit 92602f823a)
Package kernel module for Marvell 10G Ethernet PHYs found also in many
10G/1G/100M/10M RJ-45 SFP+ modules.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2a5c7bf621)
Add patch to fix build failure caused by a missing header which had
previously been implicitely included.
Fixes: 6ddb5f5a65 ("uboot-mediatek: update to version 2023.07.02")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Among the patches adding support for MT7988 also came the switch to
use fdtdec_setup_mem_size_base() and no longer rely on CFG_SYS_SDRAM_BASE.
Take care of our downstream boards which did not have a 'memory' node in
their device trees.
Fixes: 572ea68070 ("uboot-mediatek: add patches for MT7988 and builds for RFB")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Import pending patches adding support for MT7988 and provide builds
for the reference board for all possible boot media.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Release 2023.07 got tagged wrongly and replaced by follow-up release
2023.07.02.
Now using upstream DTS for BPi-R3.
Removed two patches which made it upstream, refreshed the rest.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Instead of using the hash of the Github-generated tarball use the
hash of the tarball generated by the OpenWrt build system (in this
case they are different, unfortunately).
Reported-by: Chen Minqiang <ptpt52@gmail.com>
Fixes: 07dbeb430e ("arm-trusted-firmware-mediatek: update to sources of 2023-07-24")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Use updated Trusted Firmware-A sources from MediaTek, now stacked
on top of the ARM Trusted Firmware-A v2.9 release.
Add builds for the newly added MT7988 SoC.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Because this device enable NMBM by default, most users use custom
U-Boot with NMBM-Enabled in Chinese forums.
This layout is the same as the ubootmod layout but enabling NMBM.
Signed-off-by: Hank Moretti <mchank9999@gmail.com>
Since 2021.07 multiple bugs were introduced that made it impossible to
create a bootable target for mvebu. Those issues should be now fixed since
2023.07-rc1.
References: #11661
Signed-off-by: Oli Ze <olze@trustserv.de>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Tested-by: Andre Heider <a.heider@gmail.com> # espressobin-v3-v5-1gb-2cs
Signed-off-by: Petr Štetiar <ynezz@true.cz> [facelift]
(cherry picked from commit ba7d6dddc7)
8667347 build: allow passing SOVERSION value for dynamic library
Also adjust packaging of the library to only ship the SOVERSION
suffixed library object, to allow for concurrent installation of
ABI-incompible versions in the future.
Fixes: #13082
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 4af0a72a65)
At least Fedora and RHEL 9 set RSAMinSize=2048, so when trying to use
failsafe, we get 'Bad server host key: Invalid key length'
To workaround the issue, we can use: ssh -o RSAMinSize=1024 ...
Generating 2048 bits RSA is extremely slow, so add ed25519.
We keep RSA 1024 to be as compatible as possible.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 6ac61dead9)
Changelog from quic:
Bug fixes, stability improvements from previous releases
are present. There are no backward comatibility issues
with this release.
Tested-by: Michał Kwiatek <michal@kwiatek.it> # Xiaomi AX3600
Signed-off-by: Michał Kwiatek <michal@kwiatek.it>
[ improve commit description ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 1c56801dd2)
The Traverse LS1043 boards were not publicly released,
all the production has been going to OEM customers who
do not use the image format defined in the OpenWrt tree.
Only a few samples were circulated outside Traverse
and our OEM customers. The public release (then called
Five64) of this series was cancelled in favour of our
LS1088A based design (Ten64).
It is best to remove these boards to avoid wasting
OpenWrt project and contributor resources.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 8e7ba6fbae)
The Ten64 board[1] is based around NXP's Layerscape LS1088A SoC.
It is capable of booting both standard Linux distributions
from disk devices, using EFI, and booting OpenWrt
from NAND.
See the online manual for more information, including the
flash layout[2].
This patchset adds support for generating Ten64 images
for NAND boot.
For disk boot, one can use the EFI support that was
recently added to the armvirt target.
We previously supported NAND users by building
inside our armvirt/EFI target[3], but this approach
is not suitable for OpenWrt upstream. Users who
used our supplied NAND images will be able to upgrade
to this via sysupgrade.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
[1] - https://www.traverse.com.au/hardware/ten64
[2] - https://ten64doc.traverse.com.au/hardware/flash/
[3] - Example:
285e4360e1
(cherry picked from commit af0546da34)
If dual-stack configuration is in use, and dhcpv6 option is set, do not start
464xlat sub-interface for dhcpv6 sub-interace , as the configuration already
provides IPv4 connectivty, be it through single or dual APN configuration.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit a9237c1af9)
Add two new "v6apn" and "v6profile" properties, to support split-APN
dual-stack onfiguration. This extends the existing ipv4v6 PDP type,
allowing simultaneous connection to two distinct APNs,
one for IPv4 and one for IPv6.
The parameters override existing 'apn' and 'profile' respectively,
if set, but only for IPv6 part of the connection.
If unset, they default to their original values, constituting a standard
IPv4v6 setup.
If a different APN is set for IPv6, a corresponding profile MUST also be
configured, with a different ID, than the IPv4 profile, for example,
profile 2.
Both APNs must match ones configured through QMI or through 'AT+CGDCONT'
command.
Example configuration in UCI:
config interface 'wan'
option proto 'qmi'
option device '/dev/cdc-wdm0'
option autoconnect '1'
option pdptype 'ipv4v6'
option apn 'internet'
option v6apn 'internetipv6'
option profile '1'
option v6profile '2'
Corresponding profile configuration:
AT+CGDCONT?
+CGDCONT: 1,"IP","internet","0.0.0.0",0,0,0,0
+CGDCONT: 2,"IPV6","internetipv6","0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0",0,0,0,0
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit 48e8bf1b8f)
This patch will only force mac80211 loss detection upon ath10k by
masking the driver-specific loss-detection bit.
Ref: commit ed816f6ba8 ("mac80211: always use mac80211 loss detection")
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit d9070f8d23)
[felix.bau@gmx.de: replace path 6.2 with 5.15, refresh patches]
Signed-off-by: Felix Baumann <felix.bau@gmx.de>
53edfc7aaa34 wifi: mt76: mt7603: fix beacon interval after disabling a single vif
7ef4dd12d982 wifi: mt76: mt7603: fix tx filter/flush function
152608a40aa7 wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
cacac3902a63 wifi: mt76: split get_of_eeprom in subfunction
cd3dfe392769 wifi: mt76: add support for providing eeprom in nvmem cells
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 4395236a10)
Hardware
--------
CPU: Mediatek MT7981
RAM: 512M DDR4
FLASH: 256M NAND
ETH: MaxLinear GPY211 (2.5GbE N Base-T)
WiFi: Mediatek MT7981 (2.4GHz 2T2R:2 5GHz 3T3R:2 802.11ax)
BTN: 1x Reset
LED: 1x Multi-Color
UART Console
------------
Available below the rubber cover next to the ethernet port.
Settings: 115200 8N1
Layout:
<12V> <LAN> GND-RX-TX-VCC
Logic-Level is 3V3. Don't connect VCC to your UART adapter!
Installation Web-UI
-------------------
Upload the Factory image using the devices Web-Interface.
As the device uses a dual-image partition layout, OpenWrt can only
installed on Slot A. This requires the current active image prior
flashing the device to be on Slot B.
In case this is not the case, OpenWrt will boot only one time, returning
to the ZyXEL firmware the second boot.
If this happens, first install a ZyXEL firmware upgrade of any version
and install OpenWrt after that.
Installation TFTP / Recovery
----------------------------
This installation routine is especially useful in case of a bricked
device.
Attach to the UART console header of the device. Interrupt the boot
procedure by pressing Enter.
The bootloader has a reduced command-set available from CLI, but more
commands can be executed by abusing the atns command.
Boot a OpenWrt initramfs image available on a TFTP server at
192.168.1.66. Rename the image to nwa50axpro-openwrt-initramfs.bin.
$ atnf nwa50axpro-openwrt-initramfs.bin
$ atna 192.168.1.88
$ atns "192.168.1.66; tftpboot; setenv fdt_high 0xffffffffffffffff;
bootm"
Upon booting, set the booted image to the correct slot:
$ zyxel-bootconfig /dev/mtd9 get-status
$ zyxel-bootconfig /dev/mtd9 set-image-status 0 valid
$ zyxel-bootconfig /dev/mtd9 set-active-image 0
Copy the OpenWrt sysupgrade image to the device using scp.
Write the sysupgrade image to NAND using sysupgrade.
$ sysupgrade -n image.bin
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f0445746f6)
The side-effect and main motivation is to also drop the FIT structure size
limit because with multiple device tree overlays it may easily grow beyond
the previous 4kB limit in the future.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 98e3f82c3f)
The OEM uboot limit brush into 3rd-party firmware.
So add a custom uboot build to support openwrt.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 437e79ad6d)
Netgear EX6250v2, EX6400v3, EX6410v2, EX6470 are wall-plug 802.11ac
(Wi-Fi 5) extenders. Like other MT7629 devices, Wi-Fi does not work
currently as there is no driver.
Related: https://github.com/openwrt/openwrt/pull/5084
For future reference, 2.4GHz MAC = LAN+1, 5GHz MAC = LAN+2.
Specifications:
* MT7629, 256 MiB RAM, 16 MiB SPI NOR
* MT7761N (2.4GHz) / MT7762N (5GHz) - no driver
* Ethernet: 1 port 10/100/1000
* UART: 115200 baud (labeled on board)
Installation:
* Flash the factory image through the stock web interface, or TFTP to
the bootloader. NMRP can be used to TFTP without opening the case.
* After installation, perform a factory reset. Wait for the device to
boot, then hold the reset button for 10 seconds. This is needed
because sysupgrade in the stock firmware will attempt to preserve its
configuration using sysupgrade.tgz.
See https://github.com/openwrt/openwrt/pull/4182
Revert to stock firmware:
* Flash the stock firmware to the bootloader using TFTP/NMRP.
Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
(cherry picked from commit 73de41898f)
Migrate to "new" image generation method. Device profiles will be generated
based on image/Makefile instead of profiles/ , which will also allow to
automatically build images for all supported devices via buildbot.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
The upstream board-2.bin file in the linux-firmware.git
repository for the QCA4019 contains a packed board-2.bin
for this device for both 2.4G and 5G wifis. This isn't
something that the ath10k driver supports.
Until this feature either gets implemented - which is
very unlikely -, or the upstream boardfile is mended
(both, the original submitter and ath10k-firmware
custodian have been notified). OpenWrt will go back
and use its own bespoke boardfile. This unfortunately
means that 2.4G and on some revisions the 5G WiFi is
not available in the initramfs image for this device.
Fixes: #12886
Reported-by: Christian Heuff <christian@heuff.at>
Debugged-by: Georgios Kourachanis <geo.kourachanis@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 75505c5ec7)
When using an Intel AX210 card, the Bluetooth hci interface failed
to start due to a missing "ibt-0041-0041.sfi" file.
Bluetooth: hci0: Failed to load Intel firmware file intel/ibt-0041-0041.sfi (-2)
A device specific configuration file (DDC) is also required:
Bluetooth: hci0: Found device firmware: intel/ibt-0041-0041.sfi
Bluetooth: hci0: Waiting for firmware download to complete
...
Bluetooth: hci0: Found Intel DDC parameters: intel/ibt-0041-0041.ddc
Bluetooth: hci0: Applying Intel DDC parameters completed
Bluetooth: hci0: Firmware timestamp 2023.13 buildtype 1 build 62562
Fixes: #8558
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit fff6833d4c)
This commit adds support for following wireless routers:
- Beeline SmartBox PRO (Serсomm S1500 AWI)
- WiFire S1500.NBN (Serсomm S1500 BUC)
This commit is based on this PR:
- Link: https://github.com/openwrt/openwrt/pull/4770
- Author: Maximilian Weinmann <x1@disroot.org>
The opening of this PR was agreed with author.
My changes:
- Sorting, minor changes and some movings between dts and dtsi
- Move leds to dts when possible
- Recipes for the factory image
- Update of the installation/recovery/return to stock guides
- Add reset GPIO for the pcie1
Common specification
--------------------
SoC: MediaTek MT7621AT (880 MHz, 2 cores)
Switch: MediaTek MT7530 (via SoC MT7621AT)
Wireless: 2.4 GHz, MT7602EN, b/g/n, 2x2
Wireless: 5 GHz, MT7612EN, a/n/ac, 2x2
Ethernet: 5 ports - 5×GbE (WAN, LAN1-4)
Mini PCIe: via J2 on PCB, not soldered on the board
UART: J4 -> GND[], TX, VCC(3.3V), RX
BootLoader: U-Boot SerComm/Mediatek
Beeline SmartBox PRO specification
----------------------------------
RAM (Nanya NT5CB128M16FP): 256 MiB
NAND-Flash (ESMT F59L2G81A): 256 MiB
USB ports: 2xUSB2.0
LEDs: Status (white), WPS (blue), 2g (white), 5g (white) + 10 LED Ethernet
Buttons: 2 button (reset, wps), 1 switch button (ROUT<->REP)
Power: 12 VDC, 1.5 A
PCB Sticker: 970AWI0QW00N256SMT Ver. 1.0
CSN: SG15********
MAC LAN: 94:4A:0C:**:**:**
Manufacturer's code: 0AWI0500QW1
WiFire S1500.NBN specification
------------------------------
RAM (Nanya NT5CC64M16GP): 128 MiB
NAND-Flash (ESMT F59L1G81MA): 128 MiB
USB ports: 1xUSB2.0
LEDs: Status (white), WPS (white), 2g (white), 5g (white) + 10 LED Ethernet
Buttons: 2 button (RESET, WPS)
Power: 12 VDC, 1.0 A
PCB Sticker: 970BUC0RW00N128SMT Ver. 1.0
CSN: MH16********
MAC WAN: E0:60:66:**:**:**
Manufacturer's code: 0BUC0500RW1
MAC address table (PRO)
-----------------------
use address source
LAN *:23 factory 0x1000 (label)
WAN *:24 factory $label +1
2g *:23 factory $label
5g *:25 factory $label +2
MAC addresses (NBN)
-------------------
use address source
LAN *:0e factory 0x1000
WAN *:0f LAN +1 (label)
2g *:0f LAN +1
5g *:10 LAN +2
OEM easy installation
---------------------
1. Remove all dots from the factory image filename (except the dot
before file extension)
2. Upload and update the firmware via the original web interface
3. Two options are possible after the reboot:
a. OpenWrt - that's OK, the mission accomplished
b. Stock firmware - install Stock firmware (to switch booflag from
Sercomm0 to Sercomm1) and then OpenWrt factory image.
Return to Stock
---------------
1. Change the bootflag to Sercomm1 in OpenWrt CLI and then reboot:
printf 1 | dd bs=1 seek=7 count=1 of=/dev/mtdblock2
reboot
2. Install stock firmware via the web OEM firmware interface
Recovery
--------
Use sercomm-recovery tool.
Link: https://github.com/danitool/sercomm-recovery
Tested-by: Pavel Ivanov <pi635v@gmail.com>
Tested-by: Denis Myshaev <denis.myshaev@gmail.com>
Tested-by: Oleg Galeev <olegingaleev@gmail.com>
Tested-By: Ivan Pavlov <AuthorReflex@gmail.com>
Co-authored-by: Maximilian Weinmann <x1@disroot.org>
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
(cherry picked from commit 2d6784a033)
This commit adds support for Mercusys MR90X(EU) v1 router.
Device specification
--------------------
SoC Type: MediaTek MT7986BLA, Cortex-A53, 64-bit
RAM: MediaTek MT7986BLA (512MB)
Flash: SPI NAND GigaDevice GD5F1GQ5UEYIGY (128 MB)
Ethernet: MediaTek MT7531AE + 2.5GbE MaxLinear GPY211C0VC (SLNW8)
Ethernet: 1x2.5Gbe (WAN/LAN 2.5Gbps), 3xGbE (WAN/LAN 1Gbps, LAN1, LAN2)
WLAN 2g: MediaTek MT7975N, b/g/n/ax, MIMO 4x4
WLAN 5g: MediaTek MT7975P(N), a/n/ac/ax, MIMO 4x4
LEDs: 1 orange and 1 green status LEDs, 4 green gpio-controlled
LEDs on ethernet ports
Button: 1 (Reset)
USB ports: No
Power: 12 VDC, 2 A
Connector: Barrel
Bootloader: Main U-Boot - U-Boot 2022.01-rc4. Additionally, both UBI
slots contain "seconduboot" (also U-Boot 2022.01-rc4)
Serial console (UART)
---------------------
V
+-------+-------+-------+-------+
| +3.3V | GND | TX | RX |
+---+---+-------+-------+-------+
|
+--- Don't connect
The R3 (TX line) and R6 (RX line) are absent on the PCB. You should
solder them or solder the jumpers.
Installation (UART)
-------------------
1. Place OpenWrt initramfs image on tftp server with IP 192.168.1.2
2. Attach UART, switch on the router and interrupt the boot process by
pressing 'Ctrl-C'
3. Load and run OpenWrt initramfs image:
tftpboot initramfs-kernel.bin
bootm
4. Once inside OpenWrt, set / update env variables:
fw_setenv baudrate 115200
fw_setenv bootargs "ubi.mtd=ubi0 console=ttyS0,115200n1 loglevel=8 earlycon=uart8250,mmio32,0x11002000 init=/etc/preinit"
fw_setenv fdtcontroladdr 5ffc0e70
fw_setenv ipaddr 192.168.1.1
fw_setenv loadaddr 0x46000000
fw_setenv mtdids "spi-nand0=spi-nand0"
fw_setenv mtdparts "spi-nand0:2M(boot),1M(u-boot-env),50M(ubi0),50M(ubi1),8M(userconfig),4M(tp_data)"
fw_setenv netmask 255.255.255.0
fw_setenv serverip 192.168.1.2
fw_setenv stderr serial@11002000
fw_setenv stdin serial@11002000
fw_setenv stdout serial@11002000
fw_setenv tp_boot_idx 0
5. Run 'sysupgrade -n' with the sysupgrade OpenWrt image
Installation (without UART)
---------------------------
1. Login as root via SSH (router IP, port 20001, password - your web
interface password)
2. Open for editing /etc/hotplug.d/iface/65-iptv (e.g., using WinSCP and
SSH settings from the p.1)
3. Add a newline after "#!/bin/sh":
telnetd -l /bin/login.sh
4. Save "65-iptv" file
5. Toggle "IPTV/VLAN Enable" checkbox in the router web interface and
save
6. Make sure that telnetd is running:
netstat -ltunp | grep 23
7. Login via telnet to router IP, port 23 (no username and password are
required)
8 Upload OpenWrt "initramfs-kernel.bin" to the "/tmp" folder of the
router (e.g., using WinSCP and SSH settings from the p.1)
9. Stock busybox doesn't contain ubiupdatevol command. Hence, we need to
download and upload the full version of busybox to the router. For
example, from here:
https://github.com/xerta555/Busybox-Binaries/raw/master/busybox-arm64
Upload busybox-arm64 to the /tmp dir of the router and run:
in the telnet shell:
cd /tmp
chmod a+x busybox-arm64
10. Check "initramfs-kernel.bin" size:
du -h initramfs-kernel.bin
11. Delete old and create new "kernel" volume with appropriate size
(greater than "initramfs-kernel.bin" size):
ubirmvol /dev/ubi0 -N kernel
ubimkvol /dev/ubi0 -n 1 -N kernel -s 9MiB
12. Write OpenWrt "initramfs-kernel.bin" to the flash:
./busybox-arm64 ubiupdatevol /dev/ubi0_1 /tmp/initramfs-kernel.bin
13. u-boot-env can be empty so lets create it (or overwrite it if it
already exists) with the necessary values:
fw_setenv baudrate 115200
fw_setenv bootargs "ubi.mtd=ubi0 console=ttyS0,115200n1 loglevel=8 earlycon=uart8250,mmio32,0x11002000 init=/etc/preinit"
fw_setenv fdtcontroladdr 5ffc0e70
fw_setenv ipaddr 192.168.1.1
fw_setenv loadaddr 0x46000000
fw_setenv mtdids "spi-nand0=spi-nand0"
fw_setenv mtdparts "spi-nand0:2M(boot),1M(u-boot-env),50M(ubi0),50M(ubi1),8M(userconfig),4M(tp_data)"
fw_setenv netmask 255.255.255.0
fw_setenv serverip 192.168.1.2
fw_setenv stderr serial@11002000
fw_setenv stdin serial@11002000
fw_setenv stdout serial@11002000
fw_setenv tp_boot_idx 0
14. Reboot to OpenWrt initramfs:
reboot
15. Login as root via SSH (IP 192.168.1.1, port 22)
16. Upload OpenWrt sysupgrade.bin image to the /tmp dir of the router
17. Run sysupgrade:
sysupgrade -n /tmp/sysupgrade.bin
Recovery
--------
1. Press Reset button and power on the router
2. Navigate to U-Boot recovery web server (http://192.168.1.1/) and
upload the OEM firmware
Recovery (UART)
---------------
1. Place OpenWrt initramfs image on tftp server with IP 192.168.1.2
2. Attach UART, switch on the router and interrupt the boot process by
pressing 'Ctrl-C'
3. Load and run OpenWrt initramfs image:
tftpboot initramfs-kernel.bin
bootm
4. Do what you need (restore partitions from a backup, install OpenWrt
etc.)
Stock layout
------------
0x000000000000-0x000000200000 : "boot"
0x000000200000-0x000000300000 : "u-boot-env"
0x000000300000-0x000003500000 : "ubi0"
0x000003500000-0x000006700000 : "ubi1"
0x000006700000-0x000006f00000 : "userconfig"
0x000006f00000-0x000007300000 : "tp_data"
ubi0/ubi1 format
----------------
U-Boot at boot checks that all volumes are in place:
+-------------------------------+
| Volume Name: uboot Vol ID: 0|
| Volume Name: kernel Vol ID: 1|
| Volume Name: rootfs Vol ID: 2|
+-------------------------------+
MAC addresses
-------------
+---------+-------------------+-----------+
| | MAC | Algorithm |
+---------+-------------------+-----------+
| label | 00:eb:xx:xx:xx:be | label |
| LAN | 00:eb:xx:xx:xx:be | label |
| WAN | 00:eb:xx:xx:xx:bf | label+1 |
| WLAN 2g | 00:eb:xx:xx:xx:be | label |
| WLAN 5g | 00:eb:xx:xx:xx:bd | label-1 |
+---------+-------------------+-----------+
label MAC address was found in UBI partition "tp_data", file
"default-mac". OEM wireless eeprom is also there (file
"MT7986_EEPROM.bin").
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
(cherry picked from commit e4fe3097ef)
[Fix merging conflict]
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
The ZTE MF287+ is a LTE router used (exclusively?) by the network operator
"3". The MF287 (i.e. non-plus aka 3Neo) is also supported (the only
difference is the LTE modem)
Specifications
==============
SoC: IPQ4018
RAM: 256MiB
Flash: 8MiB SPI-NOR + 128MiB SPI-NAND
LAN: 4x GBit LAN
LTE: ZTE Cat12 (MF287+) / ZTE Cat6 (MF287)
WiFi: 802.11a/b/g/n/ac SoC-integrated
MAC addresses
=============
LAN: from config + 2
WiFi 1: from config
WiFi 2: from config + 1
Installation
============
Option 1 - TFTP
---------------
TFTP installation using UART is preferred. Disassemble the device and
connect serial. Put the initramfs image as openwrt.bin to your TFTP server
and configure a static IP of 192.168.1.100. Load the initramfs image by
typing:
setenv serverip 192.168.1.100
setenv ipaddr 192.168.1.1
tftpboot 0x82000000 openwrt.bin
bootm 0x82000000
From this intiramfs boot you can take a backup of the currently installed
partitions as no vendor firmware is available for download:
ubiattach -m14
cat /dev/ubi0_0 > /tmp/ubi0_0
cat /dev/ubi0_1 > /tmp/ubi0_1
Copy the files /tmp/ubi0_0 and /tmp/ubi0_1 somewhere save.
Once booted, transfer the sysupgrade image and run sysupgrade. You might
have to delete the stock volumes first:
ubirmvol /dev/ubi0 -N ubi_rootfs
ubirmvol /dev/ubi0 -N kernel
Option 2 - From stock firmware
------------------------------
The installation from stock requires an exploit first. The exploit consists
of a backup file that forces the firmware to download telnetd via TFTP from
192.168.0.22 and run it. Once exploited, you can connect via telnet and
login as admin:admin.
The exploit will be available at the device wiki page.
Once inside the stock firmware, you can transfer the -factory.bin file to
/tmp by using "scp" from the stock frmware or "tftp".
ZTE has blocked writing to the NAND. Fortunately, it's easy to allow write
access - you need to read from one file in /proc. Once done, you need to
erase the UBI partition and flash OpenWrt. Before performing the operation,
make sure that mtd13 is the partition labelled "rootfs" by calling
"cat /proc/mtd".
Complete commands:
cd /tmp
tftp -g -r factory.bin 192.168.0.22
cat /proc/driver/sensor_id
flash_erase /dev/mtd13 0 0
dd if=/tmp/factory.bin of=/dev/mtdblock13 bs=131072
Afterwards, reboot your device and you should have a working OpenWrt
installation.
Restore Stock
=============
Option 1 - via UART
-------------------
Boot an OpenWrt initramfs image via TFTP as for the initial installation.
Transfer the two backed-up files to your box to /tmp.
Then, run the following commands - replace $kernel_length and $rootfs_size
by the size of ubi0_0 and ubi0_1 in bytes.
ubiattach -m 14
ubirmvol /dev/ubi0 -N kernel
ubirmvol /dev/ubi0 -N rootfs
ubirmvol /dev/ubi0 -N rootfs_data
ubimkvol /dev/ubi0 -N kernel -s $kernel_length
ubimkvol /dev/ubi0 -N ubi_rootfs -s $rootfs_size
ubiupdatevol /dev/ubi0_0 /tmp/ubi0_0
ubiupdatevol /dev/ubi0_1 /tmp/ubi0_1
Option 2 - from within OpenWrt
------------------------------
This option requires to flash an initramfs version first so that access
to the flash is possible. This can be achieved by sysupgrading to the
recovery.bin version and rebooting. Once rebooted, you are again in a
default OpenWrt installation, but no partition is mounted.
Follow the commands from Option 1 to flash back to stock.
LTE Modem
=========
The LTE modem is similar to other ZTE devices and controls some more LEDs
and battery management.
Configuring the connection using uqmi works properly, the modem
provides three serial ports and a QMI CDC ethernet interface.
Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit f70ee53b08)
This commit add u-boot env config for GL-MT3000, so
that we can use fw_printenv to print u-boot env and
use fw_setenv to set u-boot env in GL-MT3000.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit 6892603efa)
Hardware
--------
SOC: MediaTek MT7986
RAM: 1024MB DDR3
FLASH: 128MB SPI-NAND (Winbond)
WIFI: Mediatek MT7986 DBDC 802.11ax 2.4/5 GHz
ETH: Realtek RTL8221B-VB-CG 2.5 N-Base-T PHY with PoE
UART: 3V3 115200 8N1 (Pinout silkscreened / Do not connect VCC)
Installation
------------
1. Download the OpenWrt initramfs image. Copy the image to a TFTP server
2. Connect the TFTP server to the WAX220. Conect to the serial console,
interrupt the autoboot process by pressing '0' when prompted.
3. Download & Boot the OpenWrt initramfs image.
$ setenv ipaddr 192.168.2.1
$ setenv serverip 192.168.2.2
$ tftpboot openwrt.bin
$ bootm
4. Wait for OpenWrt to boot. Transfer the sysupgrade image to the device
using scp and install using sysupgrade.
$ sysupgrade -n <path-to-sysupgrade.bin>
Signed-off-by: Flole Systems <flole@flole.de>
Signed-off-by: Stefan Agner <stefan@agner.ch>
(cherry picked from commit 984786a2f7)
34a8a74 uhttpd/file: fix string out of buffer range on uh_defer_script
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7a6f6b8126)
5211264 odhcpd: add support for dhcpv6_pd_min_len parameter
c6bff6f router: Add PREF64 (RFC 8781) support
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit acd9981b4e)
Fix a typo where the wrong KCONFIG was used and fix selecting the
correct kernel config option to use these packages.
Fixes: 4f443c885d ("netfilter: separate packages for kmod-ipt-socket and kmod-ipt-tproxy")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 3ebebf08be)
ath10k does not report excessive loss in case of broken block-ack
sessions. The loss is communicated to the host-os, but ath10k does not
trigger a low-ack events by itself.
The mac80211 framework for loss detection however detects this
circumstance well in case of ath10k. So use it regardless of ath10k's
own loss detection mechanism.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit ed816f6ba8)
Hardware
========
CPU Qualcomm Atheros QCA9558
RAM 256MB DDR2
FLASH 2x 16M SPI-NOR (Macronix MX25L12805D)
WIFI Qualcomm Atheros QCA9558
Atheros AR9590
Installation
============
1. Attach to the serial console of the AP-105.
Interrupt autoboot and change the U-Boot env.
$ setenv rb_openwrt "setenv ipaddr 192.168.1.1;
setenv serverip 192.168.1.66;
netget 0x80060000 ap115.bin; go 0x80060000"
$ setenv fb_openwrt "bank 1;
cp.b 0xbf100040 0x80060000 0x10000; go 0x80060000"
$ setenv bootcmd "run fb_openwrt"
$ saveenv
2. Load the OpenWrt initramfs image on the device using TFTP.
Place the initramfs image as "ap105.bin" in the TFTP server
root directory, connect it to the AP and make the server reachable
at 192.168.1.66/24.
$ run rb_openwrt
3. Once OpenWrt booted, transfer the sysupgrade image to the device
using scp and use sysupgrade to install the firmware.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 1b467a902e)
This adds support for Beeline Smart Box TURBO+ (Serсomm S3 CQR) router.
Device specification
--------------------
SoC Type: MediaTek MT7621AT (880 MHz, 2 cores)
RAM (Nanya NT5CC64M16GP): 128 MiB
Flash (Macronix MX30LF1G18AC): 128 MiB
Wireless 2.4 GHz (MT7603EN): b/g/n, 2x2
Wireless 5 GHz (MT7615N): a/n/ac, 4x4
Ethernet: 5 ports - 5×GbE (WAN, LAN1-4)
USB ports: 1xUSB3.0
Buttons: 2 button (reset, wps)
LEDs: Red, Green, Blue
Zigbee (EFR32MG1B232GG): 3.0
Stock bootloader: U-Boot 1.1.3
Power: 12 VDC, 1.5 A
Installation (fw 2.0.9)
-----------------------
1. Login to the web interface under SuperUser (root) credentials.
Password: SDXXXXXXXXXX, where SDXXXXXXXXXX is serial number of the
device written on the backplate stick.
2. Navigate to Setting -> WAN. Add:
Name - WAN1
Connection Type - Static
IP Address - 172.16.0.1
Netmask - 255.255.255.0
Save -> Apply. Set default: WAN1
3. Enable SSH and HTTP on WAN. Setting -> Remote control. Add:
Protocol - SSH
Port - 22
IP Address - 172.16.0.1
Netmask - 255.255.255.0
WAN Interface - WAN1
Save ->Apply
Add:
Protocol - HTTP
Port - 80
IP Address - 172.16.0.1
Netmask - 255.255.255.0
WAN interface - WAN1
Save -> Apply
4. Set up your PC ethernet:
Connection Type - Static
IP Address - 172.16.0.2
Netmask - 255.255.255.0
Gateway - 172.16.0.1
5. Connect PC using ethernet cable to the WAN port of the router
6. Connect to the router using SSH shell under SuperUser account
7. Make a mtd backup (optional, see related section)
8. Change bootflag to Sercomm1 and reboot:
printf 1 | dd bs=1 seek=7 count=1 of=/dev/mtdblock3
reboot
9. Login to the router web interface under admin account
10. Remove dots from the OpenWrt factory image filename
11. Update firmware via web using OpenWrt factory image
Revert to stock
---------------
Change bootflag to Sercomm1 in OpenWrt CLI and then reboot:
printf 1 | dd bs=1 seek=7 count=1 of=/dev/mtdblock3
mtd backup
----------
1. Set up a tftp server (e.g. tftpd64 for windows)
2. Connect to a router using SSH shell and run the following commands:
cd /tmp
for i in 0 1 2 3 4 5 6 7 8 9 10; do nanddump -f mtd$i /dev/mtd$i; \
tftp -l mtd$i -p 172.16.0.2; md5sum mtd$i >> mtd.md5; rm mtd$i; done
tftp -l mtd.md5 -p 171.16.0.2
Recovery
--------
Use sercomm-recovery tool.
Link: https://github.com/danitool/sercomm-recovery
MAC Addresses (fw 2.0.9)
------------------------
+-----+------------+---------+
| use | address | example |
+-----+------------+---------+
| LAN | label | *:e8 |
| WAN | label + 1 | *:e9 |
| 2g | label + 4 | *:ec |
| 5g | label + 5 | *:ed |
+-----+------------+---------+
The label MAC address was found in Factory 0x21000
Factory image format
--------------------
+---+-------------------+-------------+--------------------+
| # | Offset | Size | Description |
+---+-------------------+-------------+--------------------+
| 1 | 0x0 | 0x200 | Tag Header Factory |
| 2 | 0x200 | 0x100 | Tag Header Kernel1 |
| 3 | 0x300 | 0x100 | Tag Header Kernel2 |
| 4 | 0x400 | SIZE_KERNEL | Kernel |
| 5 | 0x400+SIZE_KERNEL | SIZE_ROOTFS | RootFS(UBI) |
+---+-------------------+-------------+--------------------+
Co-authored-by: Mikhail Zhilkin <csharper2005@gmail.com>
Signed-off-by: Maximilian Weinmann <x1@disroot.org>
(cherry picked from commit 8fcfb21b16)
openssl sets additional cflags in its configuration script. We need to
make it aware of our custom cflags to avoid adding conflicting cflags.
Fixes: #12866
Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
(cherry picked from commit 51f57e7c2d)
Some Broadcom MIPS devices require JFFS2 cleanmarkers to be present on the
kernel partition or the bootloader will identify the partition as corrupt and
won't boot the kernel.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 434df8df54)
Add new package for building bootloader for the SiFive U-series boards. Supported
boards at this stage are the HiFive Unleashed and HiFive Unmatched.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
(cherry picked from commit 91406797f9)
Add "linux-riscv64-openwrt" into openssl configurations to enable building
on riscv64.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
(cherry picked from commit a0840ecd53)
OpenSBI is a form of a first-stage bootloader, which initializes
certain parts of an SoC and then passes on control to the second
stage bootloader i.e. an u-boot image.
We're introducing the package with release v1.2, which provides
SBI v0.3 and the SBI SRST extensions which helps to gracefully
reboot/shutdown various HiFive-U SoCs.
Tested on SiFive Unleashed and Unmatched boards.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
(cherry picked from commit 944b13b3ee)
armvirt target has been renamed to armsr (Arm SystemReady).
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 203deef82c)
The armvirt target has been renamed to armsr (Arm SystemReady),
so the GRUB configuration also needs to change.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 4ce7d6c888)
The Amazon ENA network devices are also used on the
AWS Arm (Graviton) instance types, so move it from
the x86-only module file to the top level netdevices.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 3a7c8fd15e)
This adds a separate package for EFI on Arm SystemReady
compatible machines. 32-bit Arm UEFI is supported as well.
It is very similar to x86-64 EFI setup, without the
need for BIOS backward compatibility and slightly
different default modules.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 8f29b1573d)
Contains following updates:
* ipq8074: update RegDB in new submitted BDF
* Revert "ipq8074: update RegDB in new submitted BDF"
* qcn9074: update RegDB in new submitted BDF
* ipq8074: update RegDB in new submitted BDF
* qca-wireless: ipq40xx: add BDFs for ZTE MF287+
* Add BDFs for prpl Foundation Haze board
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c2bb9f055b)
Currently kernel crashes when of_phy_connect has issues:
Unable to handle kernel access to user memory outside uaccess routines at virtual address 0000000000000308
...
pc : phy_attached_print+0x28/0x1b0
lr : phy_attached_info+0x14/0x20
...
Call trace:
phy_attached_print+0x28/0x1b0
phy_attached_info+0x14/0x20
nss_dp_adjust_link+0x544/0x6c4 [qca_nss_dp]
of_phy_connect returns either pointer or NULL, so can't be checked with
IS_ERR macro.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 38c7cf0e69)
b09b316aeaf6 blobmsg: add blobmsg_parse_attr function
eac92a4d5d82 blobmsg: add blobmsg_parse_array_attr
ef5e8e38bd38 usock: fix poll return code check
6fc29d1c4292 jshn.sh: Add pretty-printing to json_dump
5893cf78da40 blobmsg: Don't do at run-time what can be done at compile-time
362951a2d96e uloop: fix uloop_run_timeout
75a3b870cace uloop: add support for integrating with a different event loop
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit b6e0a24c49)
412d03012f13 network: prevent adding endpoint routes for addresses on the network
faaf9cee6ef4 utils: fix ipv4 checksum issue
0e1c2fad3540 pex-msg: fix memory leak on fread fail in pex_msg_update_request_init
51be0ed659d0 host: fix crash parsing gateway when no endpoint is specified
ca17601dc24e wg-linux: add support for splitting netlink messages for allowed ips
7d3986b7a5a2 wg-linux: increase default messages size
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 7b1e898336)
Synchronize the ath11k backports with the current ath-next tree.
This introduces support for MBSSID and EMA, adds factory test mode and
some new HTT stats.
Tested-by: Francisco G Luna <frangonlun@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit acde5271a6)
Backport EMA beacon support from kernel 6.4.
It is required for MBSSID/EMA suport in ath11k that will follow.
Tested-by: Francisco G Luna <frangonlun@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 84b5735b4c)
The MDIO bus multiplexing framework is used by some drivers
such as dwmac-sun8i.
As this is a per-driver requirement, set it to be hidden in the menu.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 2dbeb60725)
source.codeaurora.org project has been shut down and the nxp
repositories has been moved to github. Update the repository
link to the new location.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 0a1ee53235)
source.codeaurora.org project has been shut down and the nxp
repositories has been moved to github. Update the repository
link to the new location.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 52fd8d8ba3)
Update bootloader environment for BPi-R3 and BPi-R64 to adapt to new
device tree overlay mechanism now that support for multiple device
tree overlays has been added.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ec50d2d366)
CVE-2023-2650 fix
Remove upstreamed patches
Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [30 May 2023]
* Mitigate for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. (CVE-2023-2650)
* Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms (CVE-2023-1255)
* Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466)
* Fixed handling of invalid certificate policies in leaf certificates (CVE-2023-0465)
* Limited the number of nodes created in a policy tree (CVE-2023-0464)
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit 6348850f10)
Release Notes:
https://valgrind.org/docs/manual/dist.news.html
This improves support for the memory allocator used in musl libc 1.2.2
and later which is currently used by OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d85013460d)
Build and package kernel self-tests used for BPF testing, program and JIT
development. This package, together with the existing 'kmod-bpf-test', was
extensively used for past upstream Linux JIT submissions [1].
Currently this includes only 'test_verifier'; building 'test_progs' will
fail due to known endian limitations with bpftool skeletons.
[1]:https://lore.kernel.org/bpf/cover.1633392335.git.Tony.Ambardar@gmail.com
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 3886ea9b87)
Set net.core.bpf_jit_kallsyms=1 in /etc/sysctl.d/10-default.conf.
For privileged users, this exports addresses of JIT-compiled programs to
appear in /proc/kallsyms when present, allowing their use for debugging
and in traces.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit b3aaede2a7)
Add support for the Xunlong Orange Pi R1 Plus LTS.
Manually generated of-platdata files to avoid swig dependency.
Tested-by: Volkan Yetik <no3iverson@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 37fed89166)
Add support for the Xunlong Orange Pi R1 Plus.
Manually generated of-platdata files to avoid swig dependency.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 043f8a4f5e)
Built-in engine configs are added in libopenssl-conf/install stage
already, postinst/add_engine_config is just duplicating them, and
due to the lack of `config` header it results a broken uci config:
> uci: Parse error (invalid command) at line 3, byte 0
```
config engine 'devcrypto'
option enabled '1'
engine 'devcrypto'
option enabled '1'
option builtin '1'
```
Add `builtin` option in libopenssl-conf/install stage and remove
duplicate engine configuration in postinst/add_engine_config to
fix this issue.
Fixes: 0b70d55a64 ("openssl: make UCI config aware of built-in engines")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit a0d7193425)
It's only used on devices in mt7621 and mt7622 subtargets, so no reason
to compile it for others.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(cherry picked from commit e81298463e)
Fix the PKG_MIRROR_HASH value for netifd.
Fixes: d2ecaaca34 ("netifd: update to version 2023-05-31")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 21f713d5ab)
Contains following changes:
* bridge: bridge_dump_info: add dumping of bridge attributes
* bridge: make it more clear why the config was applied
* cmake: fix build by reordering the cflags definitions
* treewide: fix multiple compiler warnings
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit d2ecaaca34)
Add kmod-nft-dup-inet package to allow packet duplication in ip/ip6/inet nftables family
Signed-off-by: Michał Kwiatek <michal@kwiatek.it>
(cherry picked from commit a7e9445975)
At this moment loadaddr in most layerscape boards are configured to
0x81000000. 5.15 kernel on some boards is bigger than 5.10 and it cause error:
Loading kernel from FIT Image at 81000000 ...
Using 'config-1' configuration
Trying 'kernel-1' kernel subimage
Description: ARM64 OpenWrt Linux-5.15.112
Created: 2023-05-21 17:39:35 UTC
Type: Kernel Image
Compression: gzip compressed
Data Start: 0x810000ec
Data Size: 7513944 Bytes = 7.2 MiB
Architecture: AArch64
OS: Linux
Load Address: 0x80000000
Entry Point: 0x80000000
Hash algo: crc32
Hash value: 6fd69550
Hash algo: sha1
Hash value: ee34c753ffb615e199a428762824ad4a0aaef90a
Verifying Hash Integrity ... crc32+ sha1+ OK
Loading fdt from FIT Image at 81000000 ...
Using 'config-1' configuration
Trying 'fdt-1' fdt subimage
Description: ARM64 OpenWrt fsl_ls1088a-rdb-sdboot device tree blob
Created: 2023-05-21 17:39:35 UTC
Type: Flat Device Tree
Compression: uncompressed
Data Start: 0x8172a98c
Data Size: 19794 Bytes = 19.3 KiB
Architecture: AArch64
Hash algo: crc32
Hash value: 59792ba3
Hash algo: sha1
Hash value: 135585a49f86cd85acea559b78b0098ae99d5e12
Verifying Hash Integrity ... crc32+ sha1+ OK
Booting using the fdt blob at 0x8172a98c
Uncompressing Kernel Image
ERROR: new format image overwritten - must RESET the board to recover
resetting ...
This patch changes loadaddr to 0x88000000 (like LS1012A-FRDM board) to
avoid overlapping for bigger images (like initramfs) too.
Tested-by: Alexandra Alth <alexandra@alth.de> [LS1088ARDB]
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
(cherry picked from commit 0822040671)
The vendor uboot will verify firmware at boot.
So add a custom uboot build for this device.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit c51eb17730)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add new build option BOARD_QFN/BOARD_BGA.
This option is only useful for MT7981 device.
MT7981A/B: BOARD_BGA, MT7981C: BOARD_QFN.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 602cb4f325)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add reserved memory for pstore/ramoops to device tree used by Linux
as well as U-Boot.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3eb354f999)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
My original bpftools package made "variant" builds of bpftool and libbpf
as a convenience, since both used the same local kernel sources with the
same versioning. This is no longer the case, since the commit below
switched to using an out-of-tree build mirror hosting repos for each.
Replace bpftools with separate bpftool and libbpf packages, each simplified
and correctly versioned. Also fix the broken libbpf ABI introduced in the
same commit. Existing build .config files are not impacted.
Fixes: 00cbf6f6ab ("bpftools: update to standalone bpftools + libbpf, use the latest version")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit afe1bf11f2)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Release Notes:
http://lists.busybox.net/pipermail/busybox-cvs/2023-May/041510.html
Refresh commands, run after busybox is first built once (nothing changed
compared to 1.36.0):
cd package/utils/busybox/config/
../convert_menuconfig.pl ../../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1
cd ..
./convert_defaults.pl ../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1/.config > Config-defaults.in
Manual edits needed afterward:
* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in: OpenWrt config TARGET_bcm53xx logic applied to
BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* Config-defaults.in: OpenWrt logic applied to
BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)
* Config-defaults.in: correct the default ports that get reset
BUSYBOX_DEFAULT_FEATURE_HTTPD_PORT_DEFAULT 80
BUSYBOX_DEFAULT_FEATURE_TELNETD_PORT_DEFAULT 23
* config/editors/Config.in: Add USE_GLIBC dependency to
BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* config/shell/Config.in: change at "Options common to all shells" the conditional symbol
SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
(discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
Apparently our script does not see the hidden option while
prepending config options with "BUSYBOX_CONFIG_" which leads to a
missed dependency when the options are later evaluated.)
* Edit a few Config.in files by adding quotes to sourced items in
config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)
Tested-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 3b76f6eee4)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Zyxel EX5601-T0 specifics
--------------
The operator specific firmware running on the Zyxel branded
EX5601-T0 includes U-Boot modifications affecting the OpenWrt
installation.
Partition Table
| dev | size | erasesize | name |
| ---- | -------- | --------- | ------------- |
| mtd0 | 20000000 | 00040000 | "spi0.1" |
| mtd1 | 00100000 | 00040000 | "BL2" |
| mtd2 | 00080000 | 00040000 | "u-boot-env" |
| mtd3 | 00200000 | 00040000 | "Factory" |
| mtd4 | 001c0000 | 00040000 | "FIP" |
| mtd5 | 00040000 | 00040000 | "zloader" |
| mtd6 | 04000000 | 00040000 | "ubi" |
| mtd7 | 04000000 | 00040000 | "ubi2" |
| mtd8 | 15a80000 | 00040000 | "zyubi" |
The router boots BL2 which than loads FIP (u-boot).
U-boot has hardcoded a command to always launch Zloader "mtd read zloader 0x46000000" and than "bootm". Bootargs are deactivated.
Zloader is the zyxel booloader which allow to dual-boot ubi or ubi2, by default access to zloader is blocked.
Too zloader checks that the firmware contains a particolar file called zyfwinfo.
Additional details regarding Zloader can be found here:
https://hack-gpon.github.io/zyxel/https://forum.openwrt.org/t/adding-openwrt-support-for-zyxel-ex5601-t0/155914
Hardware
--------
SOC: MediaTek MT7986a
CPU: 4 core cortex-a53 (2000MHz)
RAM: 1GB DDR4
FLASH: 512MB SPI-NAND (Micron xxx)
WIFI: Wifi6 Mediatek MT7976 802.11ax 5 GHz 4x4 + 2.4GHZ 4x4
ETH: MediaTek MT7531 Switch + SoC
3 x builtin 1G phy (lan1, lan2, lan3)
1 x MaxLinear GPY211B 2.5 N-Base-T phy5 (lan4)
1 x MaxLinear GPY211B 2.5Gbit xor SFP/N-Base-T phy6 (wan)
USB: 1 x USB 3.2 Enhanced SuperSpeed port
UART: 3V3 115200 8N1 (Pinout: GND KEY RX TX VCC)
VOIP: 2 FXS ports for analog phones
MAC Address Table
-----------------
eth0/lan Factory 0x002a
eth1/wan Factory 0x0024
wifi 2.4Ghz Factory 0x0004
wifi 5Ghz Factory 0x0004 + 1
Serial console (UART)
---------------------
+-------+-------+-------+-------+-------+
| +3.3V | RX | TX | KEY | GND |
+---+---+-------+-------+-------+-------+
|
+--- Don't connect
Installation
------------
Keep in mind that openwrt can only run on the UBI partition, the openwrt firmware is not able to understand the zloader bootargs.
The procedure allows restoring the UBI partition with the Zyxel firmware and retains all the OEM functionalities.
1. Unlock Zloader (this will allow to swap manually between partitions UBI and UBI2):
- Attach a usb-ttl adapter to your computer and boot the router.
- While the router is booting at some point you will read the following: `Please press Enter to activate this console.`
- As soon as you read that press enter, type root and than press enter again (just do it, don't care about the logs scrolling).
- Most likely the router is still printing the boot log, leave it boot until it stops.
- If everything went ok you should have full root access "root@EX5601-T0:/#".
- Type the following command and press enter: "fw_setenv EngDebugFlag 0x1".
- Reboot the router.
- As soon as you read `Hit any key to stop autoboot:` press Enter.
- If everything went ok you should have the following prompt: "ZHAL>".
- You have successfully unlocked zloader access, this procedure must be done only once.
2. Check the current active partition:
- Boot the router and repeat the steps above to gain root access.
- Type the following command to check the current active image: "cat /proc/cmdline".
- If `rootubi=ubi` it means that the active partition is `mtd6`
- If `rootubi=ubi2` it means that the active partition is `mtd7`
- As mentioned earlier we need to flash openwrt into ubi/mtd6 and never overwrite ubi2/mtd7 to be able to fully roll-back.
- To activate and boot from mtd7 (ubi2) enter into ZHAL> command prompt and type the following commands:
atbt 1 # unlock write
atsw # swap boot partition
atsr # reboot the router
- After rebooting check again with "cat /proc/cmdline" that you are correctly booting from mtd7/ubi2
- If yes proceed with the installation guide. If not probably you don't have a firmware into ubi2 or you did something wrong.
3. Flashing:
- Download the sysupgrade file for the router from openwrt, than we need to add the zyfwinfo file into the sysupgrade tar.
Zloader only checks for the magic (which is a fixed value 'EXYZ') and the crc of the file itself (256bytes).
I created a script to create a valid zyfwinfo file but you can use anything that does exactly the same:
https://raw.githubusercontent.com/pameruoso/OpenWRT-Zyxel-EX5601-T0/main/gen_zyfwinfo.sh
- Add the zyfwinfo file into the sysupgrade tar.
- Enter via telnet or ssh into the router with admin credentials
- Enter the following commands to disable the firmware and model checks
"zycli fwidcheck off" and "zycli modelcheck off"
- Open the router web interface and in the update firmware page select the "restore default settings option"
- Select the sysupgrade file and click on upload.
- The router will flash and reboot itself into openwrt from UBI
4. Restoring and going back to Zyxel firmware.
- Use the ZHAL> command line to manually swap the boot parition to UBI2 with the following:
atbt 1 # unlock write
atsw # swap boot partition
atsr # reboot the router
- You will boot again the Zyxel firmware you have into UBI2 and you can flash the zyxel firmware to overwrite the UBI partition and openwrt.
Working features
----------------
3 gbit lan ports
Wifi
Zyxel partitioning for coexistance with Zloader and dual boot.
WAN SFP port (only after exporting pins 57 and 10. gpiobase411)
leds
reset button
serial interface
usb port
lan ethernet 2.5 gbit port (autosense)
wan ethernet 2.5 gbit port (autosense)
Not working
----------------
voip (missing drivers or proper zyxel platform software)
Swapping the wan ethernet/sfp xor port
----------------
The way to swap the wan port between sfp and ethernet is the following:
export the pins 57 and 10.
Pin 57 is used to probe if an sfp is present.
If pin 57 value is 0 it means that an sfp is present into the cage (cat /sys/class/gpio/gpio468/value).
If pin 57 value is 1 it means that no sfp is inserted into the cage.
In conclusion by default both 57 an 10 pins are by default 1, which means that the active port is the ethernet one.
After inserting an SFP pin 57 will become 0 and you have to manually change the value of pin 10 to 0 too.
This is totally scriptable of course.
Leds description
------------
All the leds are working out of the box but the leds managed by the 2 maxlinear phy (phy 5 lan, phy6 wan).
To activate the phy5 led (rj45 ethernet port led on the back of the router) you have to use mdio-tools.
To activate the phy6 led (led on the front of the router for 2.5gbit link) you have to use mdio-tools.
Example:
Set lan5 led to fast blink on 2500/1000, slow blink on 10/100:
mdio mdio-bus mmd 5:30 raw 0x0001 0x33FC
Set wan 2.5gbit led to constant on when wan is 2.5gbit:
mdio mdio-bus mmd 6:30 raw 0x0001 0x0080
Signed-off-by: Pietro Ameruoso <p.ameruoso@live.it>
(cherry picked from commit 1c05388ab0)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Specifications:
SOC: QCA9563 775 MHz + QCA9880
Switch: QCA8337N-AL3C
RAM: Winbond W9751G6KB-25 64 MiB
Flash: Winbond W25Q128FVSG 16 MiB
WLAN: Wi-Fi4 2.4 GHz 3*3 + 5 GHz 3*3
LAN: LAN ports *4
WAN: WAN port *1
Buttons: reset *1 + wps *1
LEDs: ethernet *5, power, wlan, wps
MAC Address:
use address source1 source2
label 40:9b:xx:xx:xx:3c lan && wlan u-boot,env@ethaddr
lan 40:9b:xx:xx:xx:3c devdata@0x3f $label
wan 40:9b:xx:xx:xx:3f devdata@0x8f $label + 3
wlan2g 40:9b:xx:xx:xx:3c devdata@0x5b $label
wlan5g 40:9b:xx:xx:xx:3e devdata@0x76 $label + 2
Install via Web UI:
Apply factory image in the stock firmware's Web UI.
Install via Emergency Room Mode:
DIR-859 A1 will enter recovery mode when the system fails to boot
or press reset button for about 10 seconds.
First, set computer IP to 192.168.0.5 and Gateway to 192.168.0.1.
Then we can open http://192.168.0.1 in the web browser to upload
OpenWrt factory image or stock firmware. Some modern browsers may
need to turn on compatibility mode.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit 0ffbef9317)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
1. Remove unnecessary new lines in the dts.
2. Remove duplicate included file "gpio.h" in the device dts.
3. Add missing button labels "reset" and "wps".
4. Unify the format of the reg properties.
5. Add u-boot environment support.
6. Reduce spi clock frequency since the max value suggested by the
chip datasheet is only 25 MHz.
7. Add seama header fixup for DIR-859 A1. Without this header fixup,
u-boot checksum for kernel will fail after the first boot.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit e5d8739aa8)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The x86_64 UML target wants to include SSSE3 optimized
crypto code which lives under /arch/x86/crypto.
However, these are not built and this causes an error.
| ERROR: module '[...]/arch/x86/crypto/sha512-ssse3.ko' is missing.
| make[3]: *** [modules/crypto.mk:990: [...]/kmod-crypto-sha512_5.15.112-1_x86_64.ipk] Error 1
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 959563fb81)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
That was a workaround for OpenWrt generation of config files. This patch
was used to postpone returning from probe function until loading
firmware and calling register_wiphy().
All of that is not needed anymore thanks to the ieee80211 hotplug.d
script introduced in the commit 5f8f8a3661 ("base-files, mac80211,
broadcom-wl: wifi detection and configuration"). That takes care of
generating /etc/config/wireless entries even if wireless device appears
late in the booting process.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit bd26266314)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Currently, SSDK is rather special in the sense that its not being built as
a proper out of tree module at all but rather like a userspace application
and that involves a lot of make magic which unfortunately broke with make
version 4.4 and newer.
Luckily QCA finally added a way to build SSDK as an out of tree module
and it uses the kernel buildsystem which makes it compile with make 4.4
as well.
So lets backport the support for it and switch to using it.
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 957f1ee85e)
IGD is only useful when accelerating a VM guest that wants to direct
render to memory in the host's framebuffer, but since OpenWrt
typically runs on headless hardware, this serves no purpose.
Also build vfio with VFIO_NOIOMMU undefined (to get all of the code
enabled), but allow it to be enabled via boot-time modparams
settings (or at run-time via sysfs writes to
"/sys/module/vfio/parameters/enable_unsafe_noiommu_mode".
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
adds ForceCommand option. If the command is specified,
it forces users to execute the command when they log in.
Signed-off-by: Nozomi Miyamori <inspc43313@yahoo.co.jp>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
A missing '\' caused the remaining parameters not to be passed to make.
This fixes the following error:
| gcc -c [...] fiptool.c -o fiptool.o
| In file included from fiptool.h:16,
| from fiptool.c:19:
|fiptool_platform.h:19:11: fatal error: openssl/sha.h: No such file or directory
| 19 | # include <openssl/sha.h>
| | ^~~~~~~~~~~~~~~
|compilation terminated.
|make[3]: *** [Makefile:58: fiptool.o] Error 1
as the HOST_CFLAGS are no longer passed.
then, HOST_CFLAGS is specified as a command argument, this
is a specific problem of our built since appending these
needs the override directive.
Fixes: df28bfe03247 ("tfa-layerscape: Change to github and use the latest tag")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The default location of tfa-layerscape has been changed from
codeuaurora to github. Also use the latest tag for Layerscape
Linux Development POC from NXP.
v2:
* restored ls1021a-afrdm board
* added platform defines to fiptool so ls-ddr-phy can be built
Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik@protonmail.ch>
(reset PKG_RELEASE)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The default location of ppfe-firmware has been changed
from codeuaurora to github. Also use the latest tag for
Layerscape Linux Development POC from NXP.
Tested on:
* NXP FRWY-LS1012A
Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik@protonmail.ch>
(reset PKG_RELEASE)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The default location of fman-ucode has been changed from
codeuaurora to github. Also use the latest tag for Layerscape
Linux Development POC from NXP.
Tested on:
* NXP LS1046A-RDB
Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik@protonmail.ch>
(reset PKG_RELEASE)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The default location of uboot-layerscape has been changed
from codeuaurora to github. Also use the latest tag for
Layerscape Linux Development POC from NXP.
Tested on:
* NXP FRWY-LS1012A
* NXP LS1028A-RDB
* NXP LS1046A-RDB
V2: Remove ls1028ardb specifix fixups not needed with new uboot
Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik@protonmail.ch>
(reset PKG_RELEASE)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The default location of ls-rcw has been changed from codeuaurora
to github. The reason is that the old codeaurora source no longer
resolves. Also use the latest tag for Layerscape Linux Development
POC from NXP.
Tested on:
* NXP FRWY-LS1012A
* NXP LS1046A-RDB
Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik@protonmail.ch>
(reset PKG_RELEASE, Mention that previous codeaurora source is
no longer available)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The getrandom syscall is not hanging at bootup any more if there is
not enough entropy. This was fixed upstream in 2018 in commit:
a9cf659e05
This OpenWrt patch is not needed any more.
This reverts commit e64463ebde ("util-linux: avoid using the getrandom syscall")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes the following error:
* check_data_file_clashes: Package taskset wants to install file build_dir/target-powerpc_8548_musl/root-mpc85xx/usr/bin/taskset
But that file is already provided by package * busybox
* opkg_install_cmd: Cannot install package taskset.
Fixes: 3c3d797c4d ("busybox: enable taskset by default")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Fixes errors in the form of:
/Users/user/src/openwrt/openwrt/build_dir/hostpkg/json-c-0.16/json_util.c:63:35: error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
const char *json_util_get_last_err()
^
void
1 error generated.
ninja: build stopped: subcommand failed.
Reported-by: Paul Spooren <mail@aparcar.org>
Suggested-by: Paul Spooren <mail@aparcar.org>
Signed-off-by: Nick Hainke <vincent@systemli.org>