Commit Graph

53879 Commits

Author SHA1 Message Date
Petr Štetiar
3965dda0fa zlib: backport security fix for a reproducible crash in compressor
Tavis has just reported, that he was recently trying to track down a
reproducible crash in a compressor. Believe it or not, it really was a
bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.

Tavis has reported it upstream, but it turns out the issue has been
public since 2018, but the patch never made it into a release. As far as
he knows, nobody ever assigned it a CVE.

Suggested-by: Tavis Ormandy <taviso@gmail.com>
References: https://www.openwall.com/lists/oss-security/2022/03/24/1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b3aa2909a7)
2022-03-24 08:18:21 +01:00
Felix Fietkau
68b008756f qosify: update to the latest version
391a9fbd5ace dns: fix parsing vlan encapsulated protocol
6aeeddbc91ad interface: extend dns filters to cover vlan tagged traffic as well
1ab53d4ca601 bpf: return TC_ACT_UNSPEC to allow other filters to proceed
ca21e729af23 interface: switch to using clsact for filters
5d158f6b3c15 interface: run ingress bpf filter on main device ingress instead of ifb egress
bdfcb11847ce interface: fix duplicated dns filter line
b97405aa632a Revert "ubus: remove dnsmasq subscriber"
8fbaf39dbc95 interface: rework adding/removing filters, do not delete clsact
d7ba5804eae4 interface: replace open-coded ifb-dns string with QOSIFY_DNS_IFNAME
91cf440db9e2 loader: fix use of deprecated functions
57c7817f91c2 qosify: fix dscp values of ubus-added dns host entries

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit af434e0da2)
2022-03-22 10:29:18 +01:00
Rui Salvaterra
714ed05a41 kmod-lzo: include the lzo-rle kmod in the package
Albeit a separate crypto module, lzo-rle uses the same kernel library as lzo.
Crypto API users (zram, for example) expect both lzo and lzo-rle to be
available, so let's include lzo-rle (about 5.5 kiB) in the lib-lzo package.

Based on e9hack's original patch: https://patchwork.ozlabs.org/project/openwrt/patch/541cbfbd-76f2-59b3-a867-47b6f0fc7da9@gmail.com/

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit aaa0c09785)
2022-03-22 09:25:40 +00:00
Daniel Golle
786bf7fdac kernel: delete Linux 5.4 config and patches
As the upcoming release will be based on Linux 5.10 only, remove all
kernel configuration as well as patches for Linux 5.4.
There were no targets still actively using Linux 5.4.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3a14580411)
2022-03-21 13:11:56 +00:00
Richard Huynh
9470160c35 mediatek: Add support for Xiaomi Redmi Router AX6S
Also known as the "Xiaomi Router AX3200" in western markets,
but only the AX6S is widely installation-capable at this time.

SoC: MediaTek MT7622B
RAM: DDR3 256 MiB (ESMT M15T2G16128A)
Flash: SPI-NAND 128 MiB (ESMT F50L1G41LB or Gigadevice GD5F1GQ5xExxG)
WLAN: 2.4/5 GHz 4T4R
2.4 GHz: MediaTek MT7622B
5 GHz: MediaTek MT7915E
Ethernet: 4x 10/100/1000 Mbps
Switch: MediaTek MT7531B
LEDs/Keys: 2/2 (Internet + System LED, Mesh button + Reset pin)
UART: Marked J1 on board VCC RX GND TX, beginning from "1". 3.3v, 115200n8
Power: 12 VDC, 1.5 A

Notes:
U-Boot passes through the ethaddr from uboot-env partition,
but also has been known to reset it to a generic mac address
hardcoded in the bootloader.

However, bdata is also populated with the ethernet mac addresses,
but is also typically never written to. Thus this is used instead.

Installation:
1. Flash stock Xiaomi "closed beta" image labelled
'miwifi_rb03_firmware_stable_1.2.7_closedbeta.bin'.
(MD5: 5eedf1632ac97bb5a6bb072c08603ed7)

2. Calculate telnet password from serial number and login

3. Execute commands to prepare device
nvram set ssh_en=1
nvram set uart_en=1
nvram set boot_wait=on
nvram set flag_boot_success=1
nvram set flag_try_sys1_failed=0
nvram set flag_try_sys2_failed=0
nvram commit

4. Download and flash image
On computer:
python -m http.server
On router:
cd /tmp
wget http://<IP>:8000/factory.bin
mtd -r write factory.bin firmware

Device should reboot at this point.

Reverting to stock:
Stock Xiaomi recovery tftp that accepts their signed images,
with default ips of 192.168.31.1 + 192.168.31.100.
Stock image should be renamed to tftp server ip in hex (Eg. C0A81F64.img)
Triggered by holding reset pin on powerup.

A simple implementation of this would be via dnsmasq's
dhcp-boot option or using the vendor's (Windows only)
recovery tool available on their website.

Signed-off-by: Richard Huynh <voxlympha@gmail.com>
(cherry picked from commit 9f9477b275)
2022-03-21 13:11:56 +00:00
Richard Huynh
4b51fa0d80 mediatek: Add GD5F1GQ5xExxG to mtk-snand
Some units of the Xiaomi Redmi Router AX6S/Xiaomi Router AX3200 contain this part.

Signed-off-by: Richard Huynh <voxlympha@gmail.com>
(cherry picked from commit 4177de10df)
2022-03-21 13:11:56 +00:00
Paul Spooren
a036c1d43b build: switch VERSION_REPO again to HTTPS
The maintainer-tools.git script still defaults to `http` while
eveyrthing moved over to `https`. This commit switches VERSION_REPO
again back to encrypted connections.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2022-03-20 13:34:22 +00:00
Paul Spooren
43e6d979b8 OpenWrt v22.03: set branch defaults
Signed-off-by: Paul Spooren <mail@aparcar.org>
2022-03-20 13:05:00 +00:00
Nicholas Smith
7ea2f3d6e2 ipq40xx: add support for Telco X1 Pro
Telco X1 Pro is a Cat12 LTE-A Pro modem router.
Vendor firmware is based on a recent version of OpenWrt.
Flashing is possible via CLI using sysupgrade -F -n
The serial headers allow bootloader and console access
Serial setting: 115200  8N1

Brief Specifications:
IPQ4019 SoC
32MB flash
512MB RAM
4x gigabit LAN
1x gigabit WAN
Dual-band Wave-2 wifi
2x SMA LTE antenna connectors
2x RP-SMA wifi antennas
1x USB 2.0 port
1x Reset button
Serial headers installed
1x Nano SIM tray
1x Quectel EM-12G LTE-A Pro modem
1x M.2 slot attached to USB 3.0
1x internal micro SD card slot

Signed-off-by: Nicholas Smith <nicholas@nbembedded.com>
2022-03-19 20:05:00 +01:00
Igor Nazarov
42626aef67 ramips: add support for D-Link DIR-878 R1
Specifications:
- SoC: MediaTek MT7621AT
- RAM: 128 MB (DDR3)
- Flash: 16 MB (SPI NOR)
- WiFi: MT7615N (2.4GHz) and MT7615N (5Ghz)
- Switch: 1 WAN, 4 LAN (Gigabit)
- Buttons: Reset, WiFi Toggle, WPS
- LEDs: Power, Internet, WiFi 2.4G WiFi 5G

The R1 revision is identical to the A1 revision except
- No Config2 Parition, therefore
- factory partition resized to 64k from 128K
- Firmware partition offset is 0x50000 not 0x60000
- Firmware partitions size increased by 64K
- Firmware partition type is "denx,uimage", not "sge,uimage"
- Padding of image creation "uimage-padhdr 96" removed

Installation:
Update to the last D-Link firmware through web-ui before OpenWRT
installation then follow the instructions to patch your device using
D-Link FailsafeUI.

- D-Link FailsafeUI:
Power down the router, press and hold the reset button, then
re-plug it. Keep the reset button pressed until the internet LED stops
flashing, then jack into any lan port and manually assign a static IP
address in 192.168.0.0/24 other than 192.168.0.1 (e.g. 192.168.0.2)
and go to http://192.168.0.1
Flash with the factory image.

Signed-off-by: Igor Nazarov <tigron.dev@gmail.com>
2022-03-19 19:51:20 +01:00
John Audia
1eb5d50fd3 kernel: bump 5.10 to 5.10.107
All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <graysky@archlinux.us>
2022-03-19 17:42:41 +01:00
Huangbin Zhan
3bf10bac11 ncurses: update to 6.3
release notes: https://invisible-island.net/ncurses/announce-6.3.html

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
2022-03-19 17:42:29 +01:00
Mikhail Zhilkin
f8b02130d2 ramips: add support for Beeline SmartBox Flash
Beeline SmartBox Flash is a wireless AC1300 (WiFi 5) router manufactured
by Arcadyan company.

Device specification
--------------------
SoC Type: MediaTek MT7621AT
RAM: 256 MiB, Winbond W632GU6NB
Flash: 128 MiB (NAND), Winbond W29N01HVSINF
Wireless 2.4 GHz (MT7615DN): b/g/n, 2x2
Wireless 5 GHz (MT7615DN): a/n/ac, 2x2
Ethernet: 3xGbE (WAN, LAN1, LAN2)
USB ports: 1xUSB3.0
Button: 1 (Reset/WPS)
LEDs: 1 RGB LED
Power: 12 VDC, 1.5 A
Connector type: Barrel
Bootloader: U-Boot (Ralink UBoot Version: 5.0.0.2)
OEM: Arcadyan WE42022

Installation
------------
1. Place *factory.trx on any web server (192.168.1.2 in this example)
2. Connect to the router using telnet shell (no password required)
3. Save MAC adresses to U-Boot environment:
   uboot_env --set --name eth2macaddr --value $(ifconfig | grep eth2 | \
    awk '{print $5}')
   uboot_env --set --name eth3macaddr --value $(ifconfig | grep eth3 | \
    awk '{print $5}')
   uboot_env --set --name ra0macaddr --value $(ifconfig | grep ra0 | \
    awk '{print $5}')
   uboot_env --set --name rax0macaddr --value $(ifconfig | grep rax0 | \
    awk '{print $5}')
4. Ensure that MACs were saved correctly:
   uboot_env --get --name eth2macaddr
   uboot_env --get --name eth3macaddr
   uboot_env --get --name ra0macaddr
   uboot_env --get --name rax0macaddr
5. Download and write the OpenWrt images:
   cd /tmp
   wget http://192.168.1.2/factory.trx
   mtd_write erase /dev/mtd4
   mtd_write write factory.trx /dev/mtd4
6. Set 1st boot partition and reboot:
   uboot_env --set --name bootpartition --value 0
   reboot

Back to Stock
-------------
1. Run in the OpenWrt shell:
   fw_setenv bootpartition 1
   reboot
2. Optional step. Upgrade the stock firmware with any version to
   overwrite the OpenWrt in Slot 1.

MAC addresses
-------------
+-----------+-------------------+----------------+
| Interface | MAC               | Source         |
+-----------+-------------------+----------------+
| label     | 30:xx:xx:51:xx:09 | No MACs was    |
| LAN       | 30:xx:xx:51:xx:09 | found on Flash |
| WAN       | 30:xx:xx:51:xx:06 | [1]            |
| WLAN_2g   | 30:xx:xx:51:xx:07 |                |
| WLAN_5g   | 32:xx:xx:41:xx:07 |                |
+-----------+-------------------+----------------+
[1]:
a. Label wasb't found neither in factory nor in other places.
b. MAC addresses are stored in encrypted partition "glbcfg". Encryption
   key hasn't known yet. To ensure the correct MACs in OpenWrt, a hack
   with saving of the MACs to u-boot-env during the installation was
   applied.
c. Default Ralink ethernet MAC address (00:0C:43:28:80:36) was found in
   "Factory" 0xfff0. It's the same for all Smartbox Flash devices. OEM
   firmware also uses this MAC when initialazes ethernet driver. In
   OpenWrt we use it only as internal GMAC (eth0), all other MACs are
   unique. Therefore, there is no any barriers to the operation of several
   Smartbox Flash devices even within the same broadcast domain.

Stock firmware image format
---------------------------
+--------------+---------------+----------------------------------------+
| Offset       | 1.0.15        | Description                            |
+==============+===============+========================================+
| 0x0          | 5d 43 6f 74   | TRX magic "]Cot"                       |
+--------------+---------------+----------------------------------------+
| 0x4          | 00 70 ff 00   | Length (reverse)                       |
+--------------+---------------+----------------------------------------+
|              |               | htonl(~crc) from 0xc ("flag_version")  |
| 0x8          | 72 b3 93 16   | to "Length"                            |
+--------------+---------------+----------------------------------------+
| 0xc          | 00 00 01 00   | Flags                                  |
+--------------+---------------+----------------------------------------+
|              |               | Offset (reverse) of Kernel partition   |
| 0x10         | 1c 00 00 00   | from the start of the header           |
+--------------+---------------+----------------------------------------+
|              |               | Offset (reverse) of RootFS partition   |
| 0x14         | 00 00 42 00   | from the start of the header           |
+--------------+---------------+----------------------------------------+
| 0x18         | 00 00 00 00   | Zeroes                                 |
+--------------+---------------+----------------------------------------+
| 0x1c         | 27 05 19 56 … | Kernel data + zero padding             |
+--------------+---------------+----------------------------------------+
|              |               | RootFS data (starting with "hsqs") +   |
| 0x420000     | 68 73 71 73 … | zero padding to "Length"               |
+--------------+---------------+----------------------------------------+
|              |               | Some signature data (format is         |
|              |               | unknown). Necessary for the fw         |
| "Lenght"     | 00 00 00 00 … | update via oem fw web interface.       |
+--------------+---------------+----------------------------------------+
| "Lenght" +   |               | TRX magic "HDR0". U-Boot is            |
| 0x10c        | 48 44 52 30   | checking it at every boot.             |
+--------------+---------------+----------------------------------------+
|              |               | 1.00:                                  |
|              |               |   Zero padding to ("Lenght" + 0x23000) |
|              |               | 1.0.12:                                |
|              |               |   Zero padding to ("Lenght" + 0x2a000) |
| "Lenght" +   |               | 1.0.13, 1.0.15, 1.0.16:                |
| 0x110        | 00 00 00 00   |   Zero padding to ("Lenght" + 0x10000) |
+--------------+---------------+----------------------------------------+

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
2022-03-19 16:14:01 +01:00
Florian Eckert
09c41ea679 base-files: add wrapper for procd service list command
A service managed by procd does have a json object with usefull information.
This information could by dumped with the following command.

ubus call service list "{ 'verbose':true, 'name': '<service-name>)'". }"

This line is long and complicated to enter. This commit adds a wrapper
call to the procd service section tool to simplify the input and get the
output faster.

We could now enter the command /etc/initd/<service> info to get the info
faster.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2022-03-19 16:13:58 +01:00
Florian Eckert
b9017384ca procd: move service command to procd
The service command belongs to the procd and does not belong in the
shinit. In the course of the move, the script was also checked with
shellcheck and cleaned up.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2022-03-19 16:13:58 +01:00
John Audia
b04d38a2ea kernel: bump 5.10 to 5.10.106
All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <graysky@archlinux.us>
2022-03-19 16:13:58 +01:00
John Audia
048f0b1702 kernel: bump 5.10 to 5.10.105
Updated default config with new sym (CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY=y).

Manually rebased:
    generic/hack-5.10/220-arm-gc_sections.patch

All other patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <graysky@archlinux.us>
2022-03-19 16:13:58 +01:00
Etienne Champetier
30c15d06e8 iptables: bump PKG_RELEASE
Following {arp,eb}tables-nft addition, bump PKG_RELEASE

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Etienne Champetier
66bb6dde36 iptables: add {arp,eb}tables-nft
Add a patch to add some missing init_extensions{a,b}() calls
Package lib{arp,eb}t_*.so

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Etienne Champetier
c913be1da1 iptables: add xtables-nft package
This allows to install ip6tables-nft without iptables-nft
This prepare the addition of {arp,eb}tables-nft

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Etienne Champetier
afb6824a2c iptables: add xtables-legacy package
This allows to install ip6tables-legacy without iptables-legacy

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Etienne Champetier
905b49920f ebtables: rename to ebtables-legacy
This prepare the introduction of ebtables-nft.
Add PROVIDES so dependencies are not broken,
use ALTERNATIVES.

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Etienne Champetier
2f5088ef5f arptables: rename package to arptables-legacy
This prepare the introduction of arptables-nft.
Add PROVIDES so dependencies are not broken,
use ALTERNATIVES.

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2022-03-19 16:13:58 +01:00
Rosen Penev
9586a270a0 quilt.mk: fix typo in the Host section
HOST_PATCH_DIR is used for host patches, not PATCH_DIR.

Fixes refreshing patches with a custom HOST_PATCH_DIR.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-19 16:13:58 +01:00
Josef Schlehofer
7ca7e0b22d cypress-firmware: update it to version 5.4.18-2021_0812
- Binary files were renamed to cyfmac from brcmfmac, but the files needs
  to be on the router with the previous naming

[    6.656165] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6
[    6.665182] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.bin failed with error -2
[    6.674928] brcmfmac mmc1:0001:1: Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.bin

- Cypress were acquired by Infineon Technologies
Thus change the project URL and switch to download files from their
GitHub repository. This is much better than the previous solution, which
requires finding new threads on their community forum about new driver
updates, and it will be necessary to change the URL each time.

Unfortunately, it seems that there is not published changelog, but
according to this forum thread [1], be careful by opening the link from
solution since it contains ending bracket ), it brings fixes for various
security vulnerabilities, which were fixed in 7_45_234.

Fixes:
- FragAttacks
- Kr00k

Also add LICENSE file

Run tested on Seeedstudio router powered by Raspberry Pi 4 CM with
package cypress-firmware-43455-sdio.

Before:
root@OpenWrt:~# dmesg | grep 'Firmware: BCM4345/6'
[    6.895050] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM4345/6 wl0: Mar 23 2020 02:20:01 version 7.45.206 (r725000 CY) FWID 01-febaba43

After:
root@OpenWrt:~# dmesg | grep 'Firmware: BCM4345/6'
[    6.829805] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM4345/6 wl0: Apr 15 2021 03:03:20 version 7.45.234 (4ca95bb CY) FWID 01-996384e2

[1] https://community.infineon.com/t5/Wi-Fi-Bluetooth-for-Linux/Outdated-brcmfmac-firmware-for-Raspberry-Pi-4-in-OpenWrt-21-02-1/m-p/331593#M2269

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-03-19 16:13:58 +01:00
Josef Schlehofer
31ccc27f41 bcm27xx: bcm2711: add kmod-usb-net-lan78xx
Some vendors like Seeedstudio in their product [1] with Raspberry Pi
Compute Module 4 uses Microchip LAN7800 (USB 3.0 to Gigabit
Ethernet Bridge) - USB 3.0 extended from PCIe of CM4.

lsusb output:
```
Bus 002 Device 002: ID 0424:7800 Microchip LAN7800
```

Raspberry Pi 4 and even Compute Module 4 has many resources available
and for just one kernel module it is not necessary to add additional specific CM4 profiles.
Let's include it by default, so the both Ethernet ports will be usable
to have better user-experience. Because previous generation of Raspberry
Pi included LAN7800 Gigabit Ethernet by default and it is enabled there
[2] in kernel without additional kernel module, which was added recently [3].

After this commit in dmesg can be found this:

```
root@OpenWrt:~# dmesg | grep lan
[    7.038889] lan78xx 2-3:1.0 (unnamed net_device) (uninitialized): int urb period 64
[    7.090484] usbcore: registered new interface driver lan78xx
```

Tested and works with sysupgrade image.

[1] https://www.seeedstudio.com/Dual-GbE-Carrier-Board-with-4GB-RAM-32GB-eMMC-RPi-CM4-Case-p-5029.html
[2] 32c74552b2/target/linux/bcm27xx/bcm2709/config-5.4 (L437)
[3] 31647d8be8

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-03-19 16:13:58 +01:00
Josef Schlehofer
013b043564 iwinfo: update to latest Git head
Changelog:
90bfbb9 devices: Add Cypress CYW43455
234075b devices: fix AMD RZ608 format
0e2a318 devices: add AMD RZ608 device-id

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-03-19 16:13:58 +01:00
Felix Fietkau
54aab4e719 bpftools: fix library path on 64 bit systems
drop the use of LIB_SUFFIX

Fixes: 00cbf6f6ab ("bpftools: update to standalone bpftools + libbpf, use the latest version")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-19 13:29:15 +01:00
Felix Fietkau
00cbf6f6ab bpftools: update to standalone bpftools + libbpf, use the latest version
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-19 07:30:06 +01:00
Felix Fietkau
9c8cd1462d mac80211: backport MBSSID support
Required for an upcoming mt76 update

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-18 14:38:27 +01:00
Stijn Tintel
4ecf8346c0 kernel: enable SERIAL_8250_16550A_VARIANTS
Kernel 5.6 introduced a new config symbol SERIAL_8250_16550A_VARIANTS.
In kernel 5.8, this symbol was changed to default to on on !x86, as some
embedded devices still use 16650A variants. Let's play safe here and
enable this symbol in the generic config, to avoid others from running
into this problem and having to spend several hours trying to bisect
this problem. While we could disable the symbol in the x86 target
configs, a 20ms boot time reduction really isn't worth the time wasted
on bisecting this issue.

Matt discovered this problem while working on adding support for the
WatchGuard Firebox M200 to the qoriq target, where it caused some
characters to be missing on the console output.

Reported-by: Matt Fawcett <mattytap@icloud.com>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Reviewed-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-03-18 14:44:39 +02:00
Pascal Coudurier
0905b07139 ath79: improve support for GL.iNet GL-XE300
- fix eth0 eth1 sharing same mac so it conforms to the behavior stated
  in the original commit and the way it is in vendor firmware :
  WAN is label, LAN is label +1 and WLAN is label +2
- add default leds config
- add default network config

Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
2022-03-17 21:55:10 +01:00
Petr Štetiar
83ca16fc43 mpc85xx: fix missing kernel config symbol and DTS whitespace issue
Buildbot has reported following issue while crunching mpc85xx/p1010
subtarget:

 Extreme Networks WS-AP3825i (WS_AP3825I) [N/y/?] (NEW)

Fix it by disabling that config symbol in target kernel config and while
at it fix DTS whitespace issue.

Fixes: 7e614820a8 ("mpc85xx: add support for Extreme Networks WS-AP3825i")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-03-17 08:05:03 +01:00
Jan Hoffmann
a622273876 lantiq: fritz7362sl: add partition subnode for SPI flash
Without a partition subnode ofpart_core still parses direct subnodes as
partitions, but it ignores nodes with a compatible property. Due to
this, the switch to nvmem-cells made the urlader partition inaccessible.
As a result, the wireless network was broken, as the calibration data
is read from that partition by a script.

Fixes: #8983
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2022-03-16 20:48:01 +01:00
Martin Blumenstingl
dadedd5580 lantiq: fritz7362sl: fix SPI flash node reg property
The &spi node has #address-cells = <1> and #size-cells = <0>. Drop the
extra 0 in the reg property from the SPI flash node to ensure it's
number of cells matches the definition in the parent node. This also
makes the reg property for the SPI flash node consistent with all other
VR9 boards.

Fixes: eae6cac6a3 ("lantiq: add support for AVM FRITZ!Box 7362 SL")
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-03-16 20:48:01 +01:00
Christian Lamparter
621b0589fb ipq806x: fix TP-Link Archer VR2600v bootlooping
Timo Schroeder reported:
"The TP-Link Archer VR2600v is stuck in a boot loop on written
snapshot image. It's able to boot using the snapshot uimage
though, but there ath10k firmware can't be found.
21.02.2 release version doesn't have either problem."

The VR2600v has a 512 byte header at the beginning of the
firmware that needs to be accounted for.

Fixes: f6a01d7f5c ("ipq806x: convert TP-Link Archer VR2600v to denx,uimage")
Reported-by: Timo Schroeder <der.timosch@gmail.com>
References: <https://github.com/openwrt/openwrt/issues/9467>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-03-16 20:48:01 +01:00
Martin Kennedy
7e614820a8 mpc85xx: add support for Extreme Networks WS-AP3825i
Hardware:

- SoC:     Freescale P1020
  - CPU:     2x e500v2 @ 800MHz
- Flash:   64MiB NOR (1x Intel JS28F512)
- Memory:  256MiB (2x ProMOS DDR3 V73CAG01168RBJ-I9H 1Gb)
- WiFi1:   2.4+5GHz abgn 3x3 (Atheros AR9590)
- Wifi2:   5GHz an+ac 3x3 (Qualcomm Atheros QCA9890)
- ETH:     2x PoE Gigabit Ethernet (2x Atheros AR8035)
- Power:   12V (center-positive barrel) or 48V PoE (active or passive)
- Serial:  Cisco-compatible RJ45 next to 12V power socket (115200 baud)
- LED Driver: TI LV164A
  - LEDs: (not functioning)
    - 2x Power (Green + Orange)
    - 4x ETH (ETH1 + ETH2) x (Green + Orange)
    - 2x WiFi (WiFi2 + WiFi1)

Installation:

1. Grab the OpenWrt initramfs <openwrt-initramfs-bin>, e.g.
   openwrt-mpc85xx-p1020-extreme-networks_ws-ap3825i-initramfs-kernel.bin.
   Place it in the root directory of a DHCP+TFTP server, e.g. OpenWrt
   `dnsmasq` with configuration `dhcp.server.enable_tftp='1'`.

2. Connect to the serial port and boot the AP with options
   e.g. 115200,N,8. Stop autoboot in U-Boot by pressing Enter after
   'Scanning JFFS2 FS:' begins, then waiting for the prompt to be
   interrupted. Credentials are identical to the one in the APs
   interface. By default it is admin / new2day: if these do not work,
   follow the OEM's reset procedure using the reset button.

3. Set the bootcmd so the AP can boot OpenWrt by executing:

```uboot
setenv boot_openwrt "cp.b 0xEC000000 0x2000000 0x2000000; interrupts off; bootm start 0x2000000; bootm loados; fdt resize; fdt boardsetup; fdt chosen; bootm prep; bootm go;"
setenv bootcmd "run boot_openwrt"
saveenv
```

   If you plan on going back to the vendor firmware - the bootcmd for it
   is stored in the boot_flash variable.

4. Load the initramfs image to RAM and boot by executing

```uboot
setenv ipaddr <ipv4 client address>;
setenv serverip <tftp server address>;
tftpboot 0x2000000 <openwrt-initramfs-bin>;
interrupts off;
bootm start 0x2000000;
bootm loados;
fdt resize;
fdt boardsetup;
fdt chosen;
bootm prep;
bootm go;
```

5. Make a backup of the "firmware" partition if you ever wish to go back
   to the vendor firmware.

6. Upload the OpenWrt sysupgrade image via SCP to the devices /tmp
   folder.

7. Flash OpenWrt using sysupgrade.

```ash
sysupgrade /tmp/<openwrt-sysupgrade-bin>
```

Notes:

- We must step through the `bootm` process manually to avoid fdt
  relocation. To explain: the stock U-boot (and stock Linux) are configured
  with a very large CONFIG_SYS_BOOTMAPSZ (and the device's stock Linux
  kernel is configured to be able to handle it). The U-boot version
  predates the check for the `fdt_high` variable, meaning that upon fdt
  relocation, the fdt can (and will) be moved to a very high address; the
  default appears to be 0x9ffa000. This address is so high that when the
  Linux kernel starts reading the fdt at the beginning of the boot process,
  it encounters a memory access exception and panics[5]. While it is
  possible to reduce the highest address the fdt will be relocated to by
  setting `bootm_size`, this also has the side effect of limiting the
  amount of RAM the kernel can use[3].

- Because it is not relocated, the flattened device tree needs to be
  padded in the build process to guarantee that `fdt resize` has
  enough space.

- The primary ethernet MAC address is stored (and set) in U-boot; they are
  shimmed into the device tree by 'fdt boardsetup' through the
  'local-mac-address' property of the respective ethernet node, so OpenWrt
  does not need to set this at runtime. Note that U-boot indexes the
  ethernet nodes by alias, which is why the device tree explicitly aliases
  ethernet1 to enet2.

- LEDs do not function under OpenWrt. Each of 8 LEDs is connected to an
  output of a TI LV164A shift register, which is wired to GPIO lines and
  operates through bit-banged SPI. Unfortunately, I am unable to get the
  spi-gpio driver to recognize the `led_spi` device tree node at all, as
  confirmed by patching in printk messages demonstrating
  spi-gpio.c::spi_gpio_probe never runs. It is possible to manually
  articulate the shift register by exporting the GPIO lines and stepping
  their values through the sysfs.

- Though they do not function under OpenWrt, I have left the pinout details
  of the LEDs and shift register in the device tree to represent real
  hardware.

- An archive of the u-boot and Linux source for the AP3825i (which is one
  device of a range of devices code-named 'CHANTRY') be found here[1].

- The device has an identical case to both the Enterasys WS-AP3725i and
  Adtran BSAP-2030[2] (and potentially other Adtran BSAPs). Given that
  there is no FCC ID for the board itself (only its WLAN modules), it's
  likely these are generic boards, and even that the WS-AP3725i is
  identical, with only a change in WLAN card. I have ordered one to confirm
  this.

- For additional information: the process of porting the board is
  documented in an OpenWrt forum thread[4].

[1]: magnet:?xt=urn:btih:f5306a5dfd06d42319e4554565429f84dde96bbc
[2]: https://forum.openwrt.org/t/support-for-adtran-bluesocket-bsap-2030/48538
[3]: https://forum.openwrt.org/t/adding-openwrt-support-for-ws-ap3825i/101168/29
[4]: https://forum.openwrt.org/t/adding-openwrt-support-for-ws-ap3825i/101168
[5]: https://forum.openwrt.org/t/adding-openwrt-support-for-ws-ap3825i/101168/26

Tested-by: Martin Kennedy <hurricos@gmail.com>
Signed-off-by: Martin Kennedy <hurricos@gmail.com>
2022-03-16 18:53:44 +01:00
Rosen Penev
80b88b083a argp-standalone: fix compilation with Alpine Linux
This package is a C89 one. Add the proper CFLAG to fix compilation.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-16 17:58:24 +01:00
Brian Norris
e8a0c55909 base-files: Align rootfs_data upgrades to 64KiB on eMMC
Rootfs overlays get created at a ROOTDEV_OVERLAY_ALIGN (64KiB)
alignment after the rootfs, but emmc_do_upgrade() is assuming
it comes at the very next 512-byte sector.

Suggested-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
(move spaces around, mention fstools' libtoolfs)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-03-16 17:50:06 +01:00
Martin Schiller
e17c6ee627 openssl: bump to 1.1.1n
This is a bugfix release. Changelog:

  *) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
     forever for non-prime moduli. (CVE-2022-0778)

  *) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK
     (RFC 5489) to the list of ciphersuites providing Perfect Forward
     Secrecy as required by SECLEVEL >= 3.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2022-03-16 16:28:16 +01:00
Rodolphe de Saint Léger
46c5de5385 ramips: add support for Netgear WN3100RPv2
This patch adds support for the Netgear WN3100RPv2
http://www.netgear.com/support/product/wn3100rpv2.aspx

Specifications:
- SoC: MediaTek MT7620A (580MHz, ramips)
- RAM: 32MB DDR
- Storage: 8MB NOR SPI flash
- Wireless: builtin MT7620A, 2x2:2 with u.FL connectors
- Ethernet: 1x100M
- Stock firmware based on OpenWRT Kamikaze

Like the EX2700, the bootloader expects a secondary image signature,
see https://forum.openwrt.org/viewtopic.php?pid=312577#p312577

This device seems to be same hardware as a WN3000RPv3

Flash instructions:
- Use the Netgear WebUI to upgrade to OpenWRT using the factory image
  (see note below),
- Use the sysupgrade image for upgrading versions from OpenWRT,
- TFTP recovery procedure can be used to flash the factory image
  (preferred method).

Note:
- The WebUI may not reboot automatically, wait at least 5 minutes before
  powercycling the device

Flashing using TFTP:
- Set you IP address to 192.168.1.10/24 (no gateway)
- Connect your machine to the Ethernet port
- Power off the device and wait for 10 seconds,
- Hold the reset button and power on the device (do not release reset),
- Hold the reset button until the green light is flashing (Approx. 15s)
- launch tftp, set mode to binary and connect to 192.168.1.1
- put the factory firmware image
- All leds will switch off (like a power off), this is normal
- Wait for the device to reboot in the new OpenWRT image (max 5 mins)
- The first boot will take longer than usual.
- After boot, the Device IP on the ethernet port is 192.168.1.1

Signed-off-by: Rodolphe de Saint Léger <rdesaintleger@gmail.com>
[drop unneeded includes in dts, wrap commit message]
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-03-16 23:14:25 +09:00
Sungbo Eo
fe34001ee5 Revert "ramips: add support for Netgear WN3000RPv3"
This reverts commit 7bc20cb614.

It adds support for Netgear WN3100RPv2, but the commit title is wrong.
It will be re-added with the correct title.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-03-16 23:10:45 +09:00
Rodolphe de Saint Léger
7bc20cb614 ramips: add support for Netgear WN3000RPv3
This patch adds support for the Netgear WN3100RPv2
http://www.netgear.com/support/product/wn3100rpv2.aspx

Specifications:
- SoC: MediaTek MT7620A (580MHz, ramips)
- RAM: 32MB DDR
- Storage: 8MB NOR SPI flash
- Wireless: builtin MT7620A, 2x2:2 with u.FL connectors
- Ethernet: 1x100M
- Stock firmware based on OpenWRT Kamikaze

Like the EX2700, the bootloader expects a secondary image signature,
see https://forum.openwrt.org/viewtopic.php?pid=312577#p312577

This device seems to be same hardware as a WN3000RPv3

Flash instructions:
- Use the Netgear WebUI to upgrade to OpenWRT using the factory image
  (see note below),
- Use the sysupgrade image for upgrading versions from OpenWRT,
- TFTP recovery procedure can be used to flash the factory image
  (preferred method).

Note:
- The WebUI may not reboot automatically, wait at least 5 minutes before
  powercycling the device

Flashing using TFTP:
- Set you IP address to 192.168.1.10/24 (no gateway)
- Connect your machine to the Ethernet port
- Power off the device and wait for 10 seconds,
- Hold the reset button and power on the device (do not release reset),
- Hold the reset button until the green light is flashing (Approx. 15s)
- launch tftp, set mode to binary and connect to 192.168.1.1
- put the factory firmware image
- All leds will switch off (like a power off), this is normal
- Wait for the device to reboot in the new OpenWRT image (max 5 mins)
- The first boot will take longer than usual.
- After boot, the Device IP on the ethernet port is 192.168.1.1

Signed-off-by: Rodolphe de Saint Léger <rdesaintleger@gmail.com>
[drop unneeded includes in dts, wrap commit message]
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-03-16 22:36:04 +09:00
Pawel Dembicki
be89c9eec4 ramips: mt7620: Add support for D-Link DWR-961 A1
The DWR-961 A1 Wireless Router is based on the MT7620A SoC.
It's a merge of two Amit boards: DWR-960 with ethernet part
of Lava LR-25G001.

ROMID it's taken from Telenor branded version and it works with tested
device. Images from D-Link site for this router are from DWR-953 and it
have ROMID DLK6E2424001. I don't know if it's mistake on web-site
or if it's will require different image.

Specification:

- MediaTek MT7620A (580 Mhz)
- 128 MB of RAM
- 16 MB of FLASH
- 1x 802.11bgn radio
- 1x 802.11ac radio (MT7612 mpcie card)
- 5x 10/100/1000 Mbps Ethernet: 4xLAN and 1xWAN (QCA8337)
- 2x internal, non-detachable antennas (Wifi 2.4G)
- 3x external, detachable antennas (2x LTE, 1x Wifi 5G)
- 1x LTE modem cat 6
- UART (J5) header on PCB (57600 8n1)
- 13x LED, 2x button
- JBOOT bootloader

Installation:
Apply factory image via http web-gui or JBOOT recovery page

How to revert to OEM firmware:
- push the reset button and turn on the power. Wait until LED start
  blinking (~10sec.)
- upload original factory image via JBOOT http (IP: 192.168.123.254)

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2022-03-16 22:31:14 +09:00
Stijn Tintel
832b90216f qoriq: enable I2C in target kernel config
The I2C controller used in QorIQ PPC devices requires the mpc-i2c
driver, which is enabled by the I2C_MPC kernel config symbol. Enable
this and its dependencies in the target kernel config, as is done for
the mpc85xx target.

This fixes missing hwmon, rtc and tpm devices on the M300.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-03-16 01:48:24 +02:00
Rafał Miłecki
2de86691b6 bcm4908: include U-Boot DTB files for ASUS GT-AX6000 & Netgear RAX220
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-03-15 18:43:42 +01:00
Rafał Miłecki
f4c2dab544 uboot-bcm4908: add BCM4912 build
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-03-15 18:43:41 +01:00
Rafał Miłecki
3592aa8566 uboot-bcm4908: update to the latest generic
0625aad74d arm: dts: add ASUS GT-AX6000
6fb1cb624d arm: dts: add Netgear RAXE450 / RAXE550

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-03-15 14:31:02 +01:00
Rafał Miłecki
9dbca6bf6e uboot-bcm4908: use "xxd" from staging_dir
This fixes:
bash: xxd: command not found
on hosts without xxd installed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-03-15 12:43:04 +01:00
Felix Fietkau
da2b97210c mt76: update to the latest version
378b638c70c0 mt76: mt7915: fix unused variable with testmode disabled
4f4309542862 mt76: mt7915: only use u32_get_bits with constant value
de06d828a0bf mt76: mt7921: fix injected MPDU transmission to not use HW A-MSDU
c007ba3ec7a9 mt76: mt7915: simplify conditional
64c74dc93f68 mt76: fix dfs state issue with 160 MHz channels
d3471b0d92c1 mt76: mt7615: honor ret from mt7615_mcu_restart in mt7663u_mcu_init
f4c87b32e0e9 mt76: mt7663u: introduce mt7663u_mcu_power_on routine
82de5987af54 mt76: mt7921: fix up the monitor mode
c501df4086e1 mt76: mt7921: use mt76_hw instead of open coding it
594ee03d5a11 mt76: mt7915: fix DFS no radar detection event
d8d2b383a241 mt76: split single ldpc cap bit into bits
0f336fba20fe mt76: mt7921: make mt7921_init_tx_queues static
00a066ce9914 mt76: mt7921: fix xmit-queue dump for usb and sdio
d6d2479568b2 mt76: mt7921: fix mt7921_queues_acq implementation
d17b74420199 mt76: fix monitor mode crash with sdio driver
c374559eae6f mt76: mt7915: allow beaconing on all chains
b219af63b9ce mt76: connac: add 6 GHz support for wtbl and starec configuration
630384cb3246 mt76: mt7915: add 6 GHz support
28ff1bddc7e8 mt76: mt7915: fix eeprom fields of txpower init values
d4b226cc15e7 mt76: mt7915: add txpower init for 6GHz
31e820d4ce4b mt76: mt7921: get rid of mt7921_wait_for_mcu_init declaration
9fee1faf6028 mt76: mt7915: check for devm_pinctrl_get() failure
31a970940b97 mt76: connac: make read-only array ba_range static const
e49af7036bbc mt76: use le32/16_get_bits() whenever possible
0664d39039c2 mt76: fix invalid rssi report
f16fc9d96105 mt76: mt7915: set band1 TGID field in tx descriptor
67ce2708dcef mt76: mt7915: fix beamforming mib stats
6e899abec818 mt76: mt7915: fix phy cap in mt7915_set_stream_he_txbf_caps()
c6780c85cff2 mt76: mt7915: fix typos in comments
aa6eadc09a83 mt76: usb: add req_type to ___mt76u_rr signature
74a519ab8353 mt76: usb: add req_type to ___mt76u_wr signature
2651d2c66cbd mt76: usb: introduce __mt76u_init utility routine
c03e095eee27 mt76: mt7921: disable runtime pm for usb
41085cdcd7e3 mt76: mt7921: update mt7921_skb_add_usb_sdio_hdr to support usb
e700aba6bae3 mt76: mt7921: move mt7921_usb_sdio_tx_prepare_skb in common mac code
056b7f4ebcc6 mt76: mt7921: move mt7921_usb_sdio_tx_complete_skb in common mac code.
0abf682a3def mt76: mt7921: move mt7921_usb_sdio_tx_status_data in mac common code.
b0c60d5252de mt76: mt7921: add mt7921u driver
053668acdaf8 mt76: mt7921: move mt7921_init_hw in a dedicated work

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-15 10:46:10 +01:00