22208 Commits

Author SHA1 Message Date
Rany Hany
4cc1da1e44 hostapd: add SAE support for wifi-station and optimize PSK file creation
Some checks are pending
Build Kernel / Build all affected Kernels (push) Waiting to run
Build all core packages / Build all core packages for selected target (push) Waiting to run
Regarding SAE support in wifi-station:

Important Note: Unlike PSK wifi-stations, both `mac` and `key` options are required
to make it work. With PSK, hostapd used to perform a brute-force match to find which
PSK entry to use, but with SAE this is infeasible due to SAE's design.

When `mac` is omitted, it will allow any MAC address to use the SAE password if it
didn't have a MAC address assigned to it, but this could only be done once.
The last wildcard entry would be used.

Also, unlike "hostapd: add support for SAE in PPSK option" (commit 913368a),
it is not required to set `sae_pwe` to `0`. This gives it a slight advantage
over using PPSK that goes beyond not needing RADIUS.

Example Configuration:

```
config wifi-vlan
        option iface default_radio0
        option name 999
        option vid 999
        option network management

config wifi-station
        # Allow user with MAC address 00:11:22:33:44:55 and matching
        # key "secretadminpass" to access the management network.
        option iface default_radio0
        option vid 999
        option mac '00:11:22:33:44:55'
        option key secretadminpass

config wifi-vlan
        option iface default_radio0
        option name 100
        option vid 100
        option network guest

config wifi-station
        # With SAE, when 'mac' is omitted it will be the fallback in case no
        # other MAC address matches. It won't be possible for a user that
        # has a matching MAC to use this network (i.e., 00:11:22:33:44:55
        # in this example).
        option iface default_radio0
        option vid 100
        option key guestpass
```

Regarding PSK file creation optimization:

This patch now conditionally runs `hostapd_set_psk_file` depending on `auth_type`.
Previously, `hostapd_set_psk` would always execute `hostapd_set_psk_file`, which
would create a new file if `wifi-station` was in use even if PSK was not enabled.
This change checks the `auth_type` to ensure that it is appropriate to parse the
`wifi-station` entries and create those files.

Furthermore, we now only configure `wpa_psk_file` when it is a supported option
(i.e., psk or psk-sae is used). Previously, we used to configure it when it was
not necessary. While it didn't cause any issues, it would litter `/var/run` with
unnecessary files. This patch fixes that case by configuring it depending on the
`auth_type`.

The new SAE support is aligned with these PSK file changes.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/17145
Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 65a1c666f2eb2511430a9064686b3590e08b1773)
Link: https://github.com/openwrt/openwrt/pull/17248
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-26 14:53:05 +01:00
Edward Chow
db0300cb1b ath79: port buffalo WZR-450HP2 from ar71xx
Referencing commit a1837135e04b

Hardware
--------
SoC:	Qualcomm Atheros QCA9558
RAM:	128M DDR2 (Nanya NT5TU64M16HG-AC)
FLASH:	128M SPI-NAND (Spansion S34ML01G100TFI00)
WLAN:	QCA9558 3T3R 802.11 bgn
ETH:	Qualcomm Atheros QCA8337
UART:	115200 8n1
BUTTON:	Reset - WPS - "Router" switch
LED:	2x system-LED, 2x wlan-LED, 1x internet-LED,
	2x routing-LED
	LEDs besides the ethernet ports are controlled
	by the ethernet switch

MAC Address:
 use		address(sample 1)	source
 label		cc:e1:d5:xx:xx:ed	art@macaddr_wan
 lan		cc:e1:d5:xx:xx:ec	art@macaddr_lan
 wan		cc:e1:d5:xx:xx:ed	$label
 WiFi4_2G	cc:e1:d5:xx:xx:ec	art@cal_ath9k

Installation from Serial Console
------------

1. Connect to the serial console. Power up the device and interrupt
   autoboot when prompted

2. Connect a TFTP server reachable at 192.168.11.10/24
   to the ethernet port. Serve the OpenWrt initramfs image as
   "openwrt.bin"

3. Boot the initramfs image using U-Boot
   ath> tftpboot 0x84000000 openwrt.bin
   ath> bootm 0x84000000

4. Copy the OpenWrt sysupgrade image to the device using scp and
   install it like a normal upgrade (with no need to keeping config
   since no config from "previous OpenWRT installation" could be kept
   at all)

   # sysupgrade -n /path/to/openwrt/sysupgrade.bin

Installation from Web Interface
------------

To flash just do a firmware upgrade from the stock firmware (Buffalo
branded dd-wrt) with squashfs-factory.bin

Signed-off-by: Edward Chow <equu@openmail.cc>
Link: https://github.com/openwrt/openwrt/pull/17227
(cherry picked from commit 42254d3f5fa010466195c167c13f704ba85b3f54)
Link: https://github.com/openwrt/openwrt/pull/17359
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-26 14:26:18 +01:00
Roland Reinl
7271ee587c mediatek: filogic: Add support for D-Link AQUILA PRO AI M60
Specification:
 - MT7986 CPU using 2.4GHz and 5GHz WiFi (both AX)
 - MT7531 switch
 - 512MB RAM
 - 128MB NAND flash (MX35LF1GE4AB-Z4I) with two UBI partitions with identical size
 - 1 multi color LED (red, green, blue, white) connected via GCA230718 (Same as D-Link M30 A1)
 - 3 buttons (WPS, reset, LED on/off)
 - 1x 2.5 Gbit WAN port with Maxlinear GPY211C
 - 4x 1 Gbit LAN ports

Disassembly:
 - There are five screws at the bottom: 2 under the rubber feet, 3 under the label.
 - After removing the screws, the white plastic part can be shifted out of the blue part.
 - Be careful because the antennas are mounted on the side and the top of the white part.

Serial Interface
 - The serial interface can be connected to the 4 pin holes next to/under the antenna cables.
 - Note that there is another set of 4 pin holes on the side of the board, it's not used.
 - Pins (from front to rear):
   - 3.3V (do not connect)
   - TX
   - RX
   - GND
 - Settings: 115200, 8N1

MAC addresses:
 - MAC address is stored in partition "Odm" at offset 0x81 (for example XX:XX:XX:XX:XX:52)
 - MAC address on the device label is ODM + 1 (for example XX:XX:XX:XX:XX:53)
 - WAN MAC is the one from the ODM partition (for example XX:XX:XX:XX:XX:52)
 - LAN MAC is the one from the ODM partition + 1 (for example XX:XX:XX:XX:XX:53)
 - WLAN MAC (2.4 GHz) is the one from the ODM partition + 2 (for example (XX:XX:XX:XX:XX:54)
 - WLAN MAC (5 GHz) is the one from the ODM partition + 5 (for example (XX:XX:XX:XX:XX:57)

Flashing via OEM web interface:
 - Currently not supported because image crypto is not known

Flashing via recovery web interface:
 - This is only working if the first partition is active because recovery images are always flashed to the active partition and OpenWrt can only be executed from the first partition
 - Use a Chromium based browser, otherwise firmware upgrade might not work
 - Recovery web interface is accessible via 192.168.200.1 after keeping the reset button pressed during start of the device until the LED blinks red
 - Upload the recovery image, this will take some time. LED will continue flashing red during the update process
 - The after flashing, the recovery web interface redirects to http://192.168.0.1. This can be ignored. OpenWrt is accessible via 192.168.1.1 after flashing
 - If the first partition isn't the active partition, OpenWrt will hang during the boot process. In this case:
   - Download the recovery image from https://github.com/RolandoMagico/openwrt/releases/tag/M60-Recovery-UBI-Switch (UBI switch image)
   - Enable recovery web interface again and load the UBI switch image. This image works on the second partition of the M60
   - OpenWrt should boot now as expected. After booting, flash the normal OpenWrt sysupgrade image (for example in the OpenWrt web interface)
   - Flashing a sysupgrade image from the UBI switch image will make the first partition the active partition and from now on, default OpenWrt images can be used

Flashing via Initramfs:
- Before switching to OpenWrt, ensure that both partitions contain OEM firmware.
  - This can be achieved by re-flashing the same OEM firmware version again via the OEM web interface.
  - Flashing via OEM web interface will automatically flash the currently not active partition.
- Open router, connect serial interface
- Start a TFTP server at 192.168.200.2 and provide the initramfs image there
- When starting the router, select "7. Load Image" in U-Boot
- Settings for load address, load method can be kept as they are
- Specify host and router IP address if you use different ones than the default (Router 192.168.200.1, TFTP server 192.168.200.2)
- Enter the file name of the initramfs image
- Confirm "Run loaded data now?" question after loading the image with "Y"
- OpenWrt initramfs will start now
- Before flashing OpenWrt, create a backup of the "ubi" partition. It is required when reverting back to OEM
- Flash sysupgrade image to flash, during flashing the U-Boot variable sw_tryactive will be set to 0
  - During next boot, U-Boot tries to boot from the ubi partition. If it fails, it will switch to the ubi1 partition

Reverting back to OEM:
- Boot the initramfs image as described in "Flashing via Initramfs" above
- Copy the backed up ubi partition to /tmp (e.g. by using SCP)
- Write the backup to the UBI partition: mtd write /tmp/OpenWrt.mtd4.ubi.bin /dev/mtd4
- Reboot the device, OEM firmware will start now

Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17296
(cherry picked from commit b3ce08e0b6fa6780bf7ee295a1f176c053b1100b)
Link: https://github.com/openwrt/openwrt/pull/17363
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-26 14:22:21 +01:00
Joel Low
5829178074 netfilter: add kmod-nfnetlink-ct{helper,timeout}
Add kmod-nfnetlink-ct{helper,timeout} to allow handling firewall rules
in userspace (together with conntrackd). The timeout module allows
specifying custom expiration rules.

Signed-off-by: Joel Low <joel@joelsplace.sg>
Link: https://github.com/openwrt/openwrt/pull/17267
(cherry picked from commit 0e2dcfc4f488ecd7acf31e01bd10624d8a273cde)
Link: https://github.com/openwrt/openwrt/pull/17358
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-26 14:17:18 +01:00
Tianling Shen
48f9284232 kernel: crypto: add atmel i2c hw accelerator support
Add support for Microchip / Atmel ECC/SHA/RNG hw accelerator.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/17253
(cherry picked from commit 9d434a8abf7cb50782aaae41fe2b011b3a9bf489)
Link: https://github.com/openwrt/openwrt/pull/17348
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-26 14:13:35 +01:00
Hauke Mehrtens
738c9e5286 yafut: Mark as nonshared
This package is depending on @NAND_SUPPORT which is only set for some
targets. Mark it nonshared to build it in the target build process.

Fixes: https://github.com/openwrt/openwrt/issues/14714
Link: https://github.com/openwrt/openwrt/pull/17379
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d275bcc4bb837240f174a0fe568d00c6a0a282f7)
2024-12-26 14:09:55 +01:00
Tianling Shen
d036b42dd9 uboot-rockchip: fix build with swig 4.3.0
Some checks failed
Build Kernel / Build all affected Kernels (push) Waiting to run
Build all core packages / Build all core packages for selected target (push) Has been cancelled
Fixes the following error by backporting upstream update:
```
scripts/dtc/pylibfdt/libfdt_wrap.c: In function ‘_wrap_fdt_next_node’:
scripts/dtc/pylibfdt/libfdt_wrap.c:5581:17: error: too few arguments to function ‘SWIG_Python_AppendOutput’
 5581 |     resultobj = SWIG_Python_AppendOutput(resultobj, val);
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~
```

Fixes: https://github.com/openwrt/openwrt/issues/17345
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/17352
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 4e68103c4eb93d3f9b9359742c3c377ee2844943)
2024-12-23 21:26:47 +01:00
Hauke Mehrtens
372afe10f0 OpenWrt v24.10.0-rc4: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-23 12:40:35 +01:00
Hauke Mehrtens
1e530e5831 OpenWrt v24.10.0-rc4: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-23 12:40:31 +01:00
Hauke Mehrtens
d55754ce0d uboot-d1: Adapt BUILD_DEVICES to renamed boards
Some checks are pending
Build all core packages / Build all core packages for selected target (push) Waiting to run
The boards where renamed, but BUILD_DEVICES was not adapted. This
variable points to the board name. Without this change the u-boot
binaries are not selected in the configuration.

Copy the u-boot binaries under the BUILD_DEVICES name as it is expected
by the image scripts.

Fixes: 33e23e8922ce ("build: d1: add SUPPORTED_DEVICES")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit af6c1f9497210edf06f2973465fff8563343ad22)
2024-12-23 01:55:35 +01:00
Hauke Mehrtens
975811921e OpenWrt v24.10.0-rc3: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-21 01:51:34 +01:00
Hauke Mehrtens
dd04edfba2 OpenWrt v24.10.0-rc3: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-21 01:51:30 +01:00
David Bauer
5289460fd0 wifi-scripts: don't fail on unset PSK
Some checks are pending
Build all core packages / Build all core packages for selected target (push) Waiting to run
Don't fail wireless interface bringup on empty PSK set. This is a valid
configuration, resulting in a PSK network which can't be connected to.
It does not fail the bringup of the hostapd process.

Keep failing the interface setup in case a password with invalid length
is used.

This is also beneficial when intending to configure a PPSK network. It
allows to create a network where no PPSK is yet set.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 17a71f0c154cebd2e52cd8407531a9a88c931474)
2024-12-20 01:20:00 +01:00
Andrew MacIntyre
5415fb06d2 lantiq/xrx200: move 8M flash devices to a small flash subtarget
Images for xrx200 8M flash are either not building due to image
size (TD-W8970, TD-W8980) or building such that the available
free space in the overlayfs is too little to be useful.

To keep images for these devices buildable, move them into a
small flash variant of the xrx200 subtarget.  As these devices
are NOR flash only, remove NAND and UBI references from the
kernel config to gain some additional image size reduction.

The apparent 8M flash devices Arcadyan VGV7510KW22-brn,
Arcadyan VGV7519-brn and Lantiq Easy80920-nor seem to exist in
order to create special "factory" installation images for these
devices (which actually have larger flash: 16MB for the
Arcardyan devices; 64MB for the Lantiq device).  As a
considerable amount of surgery would appear to be required to
the uboot-lantiq package structure to separate the "factory"
from the "sysupgrade" device recipes for these devices they
remain in the xrx200 target - if factory images aren't now
created, 23.05.x factory images should suffice for initial
installation.

Tested on: Netgear DM200, TP-Link TD-W8980,
           AVM Fritz7490 (xrx200 subtarget: image build only)

Fixes: https://github.com/openwrt/openwrt/issues/16761
Signed-off-by: Andrew MacIntyre <andymac@pcug.org.au>
Link: https://github.com/openwrt/openwrt/pull/17113
(cherry picked from commit e63326e26a82cb083eec602b3a2f71d4cd8e2ea4)
Link: https://github.com/openwrt/openwrt/pull/17303
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-19 11:25:30 +01:00
Florian Maurer
5a715cdbcd hostapd: fix call to hostapd reload
access to undeclared variable radio In [anonymous function](), file /usr/share/hostap/hostapd.uc, line 830, byte 45:

Signed-off-by: Florian Maurer <f.maurer@outlook.de>
(cherry picked from commit 31e45f62cafbc9361c72d320241e589b31e2b5ed)
2024-12-19 09:02:51 +01:00
Felix Fietkau
e40367fa99 hostapd: fix passing radio parameter in wpa_supplicant calls
Fixes accessing PHY status in AP+STA configurations

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 8943430b9f8046d49842de6b40f9c90fb57fff04)
2024-12-19 09:02:36 +01:00
Felix Fietkau
f0ff244c69 firewall4: update to Git HEAD (2024-12-18)
Some checks are pending
Build all core packages / Build all core packages for selected target (push) Waiting to run
e00958884416 fw4: do not add physical devices for soft offload
dfbcc1cd127c fw4: skip not existing netdev names in flowtable device list
18fc0ead19fa init: use the reload data trigger to reload firewall on procd data changes

Fixes: https://github.com/openwrt/openwrt/issues/13410
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 47c75a25cdeed6fda9608d61926799dbd1b1fef3)
2024-12-18 12:47:50 +01:00
Felix Fietkau
cc69be0c13 unetd: update to Git HEAD (2024-12-17)
Some checks are pending
Build all core packages / Build all core packages for selected target (push) Waiting to run
93461ca4c827 unet-cli: only apply defaults on create
3e5766783d5d unet-tool: add support for confirming password
074d3659ca4a unet-cli: confirm password when creating new seed based key
bf3488a3807a unet-cli: add add/set-local-host command
9eb57c528461 unet-cli: add support for setting interface zone
a0a2d80f3459 ubus: add firewall rules for network port/pex_port via procd

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit f077e058fd485ab87f0995351a3ddc0a009e4593)
2024-12-17 22:00:37 +01:00
Felix Fietkau
6642ee73bc procd: add support for reload triggers on data change
This can be useful to reload the firewall when procd firewall data changes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 49d92d3e933c45e3684da2fbf0a198d195635581)
2024-12-17 22:00:37 +01:00
Felix Fietkau
f760f74209 procd: do not overwrite service data by default
Allows a running servie to manage its own data if untouched by the init script

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 8c5826b140b6288b9270d232ecda0d540e380d4e)
2024-12-17 22:00:37 +01:00
Felix Fietkau
5dca1d6a41 procd: update to Git HEAD (2024-12-17)
2e206dbe77ec service: add support for triggers on service/instance data changes
735b48728fca service: remove leftover lines from previous commit
32469644a029 service: allow incremental changes to service properties
fd01fb852302 service: fix double free bug when dealing with data

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 3d900bd055b5d8f07a879c9c8c4f7783d35dd4ba)
2024-12-17 22:00:37 +01:00
John Crispin
e109caeec4 procd: update to latest HEAD
e2f05de state: set_stdio: chdir back to / in case of failure
30542c9 inittab: Disable implicit controlling TTY.

Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 2bcc49aef93f454950d425b8de69d230b52cc63c)
2024-12-17 22:00:37 +01:00
Felix Fietkau
a964e96289 netifd: update to Git HEAD (2024-12-17)
058a099f5bc5 interface: fix memleak and reload issue for the zone attribute
ea01ed41f321 interface: remove unnecessary NULL checks before free()

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 53e312e19313dd738eabed3a4af5fb42a8f9e8fb)
2024-12-17 21:58:55 +01:00
Felix Fietkau
acf52fed43 unetd: add firewall input rule for global port
Ensure that peers can be exchanged over any interface

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit f8a16524c4a4070d61a32f6203ea5e26cea125d4)
2024-12-17 21:58:55 +01:00
Felix Fietkau
25268f724b unetd: update to Git HEAD (2024-12-16)
Some checks failed
Build Kernel / Build all affected Kernels (push) Has been cancelled
Build all core packages / Build all core packages for selected target (push) Has been cancelled
d22d7db581d5 bpf_skb_utils.h: add missing include to fix build against newer kernel headers
bbd3e0eb1419 host: fix peer routes on a node acting as gateway
b17164751fc7 unet-tool: add support for generating keys from salt + seed passphrase
041e05870c20 unet-tool: add support for dumping pubkey from signed file
b58920d420cb unet-tool: add support for extracting network data from signed bin file
f335f5b40b4e unet-cli: add support for generating key from seed
8b1f1d099352 unet-cli: add support for importing networks from signed data
188ba05eadf2 unet-cli: add missing command line help for import
8f15fc306a40 unet-cli: fix add-ssh-host with seed keys
486bc3b86dc2 pex-msg: enable broadcast for global PEX socket
e4a24cdfbc1c unet-cli: fix defaults on create

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit af1740a28b63ecc6683dceb249a1f75af5e9098d)
2024-12-16 13:04:21 +01:00
David Bauer
aa1241e979 wifi-scripts: fix failing mesh setup with missing wpa_supplicant
Some checks failed
Build all core packages / Build all core packages for selected target (push) Has been cancelled
The initialization of mesh interfaces currently fail when wpa_supplicant
is not installed. This is due to the script calling the wpa_supplicant
feature indicator without verifying wpa_supplicant is installed at all.

To avoid failing, first check if wpa_supplicant is installed before
determining the available featureset.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 1be18c6daad83bc4198dc7aefd9979b7fe8fbfd4)
2024-12-12 16:41:10 +01:00
Andris PE
28de3ffefa netifd: check if /sbin/wifi exists before calling it
Avoid harmless error from network script by checking presence of
now-optional wifi support script, most notably confusing users of x86
snapshots.

Fixes: #14964
Signed-off-by: Andris PE <neandris@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14986
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 207bfee855320dc938f39e179b1d2e3b008140cb)
2024-12-10 01:22:05 +01:00
Paul Donald
6c664135f9 netifd: update to Git 768027c5a7640137857f412f554227abd6160cdd (2024-11-27)
86da5cbcdb9d system-linux: do not pull ifindex/flags from netlink messages on rtnl events
cd96f61ba63e proto-shell: fix spurious interface teardowns with host deps
a39fe3a8b150 wireless: add support for adding a list of devices for a wifi-iface
d29cf707478c iprule: add ipproto property
768027c5a764 system-linux: restore reading flags from netlink messages

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17074
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f4492b6b1c5373a27c911ad675e96ccf1ce542d2)
Link: https://github.com/openwrt/openwrt/pull/17110
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-10 01:19:13 +01:00
Mikhail Zhilkin
620aa80064 mediatek: MERCUSYS MR90X v1: add OpenWrt U-Boot (UBI) layout
This commit adds OpenWrt U-Boot (UBI) layout support for MERCUSYS MR90X
v1.

Stock U-Boot UBI size:   50 MiB
OpenWrt U-boot UBI size: 126 MiB

Install
-------
1. Perform steps 1-14 of the OpenWrt installation guide (use OpenWrt
   initramfs-recovery.itb instead of initramfs-kernel.bin at the step 10,
   12 and 14).
Link: https://openwrt.org/toh/mercusys/mr90x_v1#installation

2. Make backups:
```
cat /dev/mtd0 > /tmp/boot.bin
cat /dev/mtd5 > /tmp/tp_data.bin
```
   Copy /tp_data dir content, /tmp/boot.bin and /tmp/tp_data.bin and to
   your PC using scp. You can also backup the remaining partititons. Copy
   backups to a safe place, they are required for the next steps and stock
   firmware recovery.

3. Reboot to OpenWrt initramfs:
```
reboot
```

4. Copy OpenWrt ubi-bl31-uboot.fip, ubi-preloader.bin,
   ubi-squashfs-sysupgrade.itb and MT7986_EEPROM.bin, default-mac (from
   /tp_data backup) to the /tmp folder of the router using scp.

5. Prepare UBI:
```
ubidetach -p /dev/mtd3; ubiformat /dev/mtd3 -y; ubiattach -p /dev/mtd3
ubimkvol /dev/ubi0 -N fip -t static -s 1MiB
ubiupdatevol /dev/ubi0_0 /tmp/ubi-bl31-uboot.fip
ubimkvol /dev/ubi0 -N ubootenv -s 0x1f000
ubimkvol /dev/ubi0 -N ubootenv2 -s 0x1f000
```

6.  Install kmod-mtd-rw and unlock partitions:
```
opkg update && opkg install kmod-mtd-rw
insmod mtd-rw i_want_a_brick=1
mtd unlock boot
mtd unlock bl2
mtd unlock factory
```

7. Prepare "factory" partition:
```
dd if=/dev/zero bs=$((0x8000)) count=1 | tr '\000' '\377' > /tmp/factory.bin
dd if=/tmp/MT7986_EEPROM.bin of=/tmp/factory.bin conv=notrunc
dd if=/tmp/default-mac >> /tmp/factory.bin
```

8. Write "factory" partition:
```
mtd erase factory
mtd write /tmp/factory.bin factory
```

9. Write preloader partition:
```
mtd erase bl2
mtd write /tmp/ubi-preloader.bin bl2
```

10. Write OpenWrt sysupgrade image:
```
sysupgrade -n /tmp/ubi-squashfs-sysupgrade.itb
```

Recovery
--------
1. Place OpenWrt initramfs-recovery.itb image (with original name) on the
   tftp server (IP: 192.168.1.254).
2. Press "reset" button and power on the router. After ~10 sec release the
   button.
3. Use OpenWrt initramfs system for recovery.

BL2 and FIP recovery
--------------------
Use mtk_uartboot and UART connetion if BL2 or FIP in UBI is destroyed:
Link: https://github.com/981213/mtk_uartboot
Link: https://openwrt.org/toh/mercusys/mr90x_v1#serial

Return to stock:
----------------
1. Copy "boot" partition backup (boot.bin) to the /tmp dir of the router
   using scp.

2. Install kmod-mtd-rw:
```
opkg update && opkg install kmod-mtd-rw
```

3. Restore stock U-Boot:
```
   insmod mtd-rw i_want_a_brick=1
   mtd unlock boot
   mtd erase boot
   mtd write /tmp/boot.bin boot
```

4. Erase UBI and reboot:
```
mtd erase ubi
reboot
```

5. Open U-Boot web recovery, upload stock firmware image and start
   upgrade.
Link: http://192.168.1.1

6. Complete steps 1-9 of the OpenWrt installation guide to get root
   rights.
Link: https://openwrt.org/toh/mercusys/mr90x_v1#installation

7. Upload "tp_data" partition backup (tp_data.bin) to the /tmp folder of
   the router using scp.

8. Restore stock calibrations:
```
mtd write /tmp/tp_data.bin tp_data
reboot
```

9. Perform "factory restore" via stock firmware web interface.

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16744
(cherry picked from commit ee8df790cae843f11f78511dd9ffac7e80a4d707)
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17129
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-10 01:08:03 +01:00
Mikhail Zhilkin
24bddf68bd uboot-mediatek: add MERCUSYS MR90X v1 support
Add U-Boot replacement loader for the MERCUSYS MR90X. This is required
to increase available flash space in OpenWrt.

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16744
(cherry picked from commit 77cc4b712700e51f5d779e4e7385639fa4e16ca9)
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17129
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-10 01:08:03 +01:00
Mikhail Zhilkin
d79a70542b arm-trusted-firmware-mediatek: add mt7986-spim-nand-ddr3 build
This commit adds mt7986-spim-nand-ddr3 build required for MERCUSYS MR90X
v1.

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16744
(cherry picked from commit 2ea9ede7a8a94bddef599decfe6948c5c20dbfa5)
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17129
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-10 01:08:03 +01:00
Eric Long
5afd3daeba bpftool: turn off libbfd feature in host build
libbfd feature is not used when building eBPF program, and it makes bpftool fail to build in a clean environment, since binutils in toolchain have libbfd disabled.

Signed-off-by: Eric Long <i@hack3r.moe>
Link: https://github.com/openwrt/openwrt/pull/17073
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 3d8d81883fb2e607590bcb523587e37e1485b3b8)
2024-12-10 01:06:10 +01:00
Marty Jones
1eba94e67b mac80211: realtek: add RTL8812au/RTL8821au support
This adds support for RTL8812au/RTL8821au USB adapters.
Run-tested: x86/64/rockchip
USB adapters tested: Alfa AWUS036ACS, D-Link DWA-171 A1.

Signed-off-by: Marty Jones <mj8263788@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17079
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ac8d30a645965ad4e1f1ca9b71e49613166b8a29)
2024-12-10 01:06:10 +01:00
Marty Jones
8a4ce69eea mac80211: realtek: backport support for RTL8812AU/RTL8821AU
Backport support for RTL8812AU/RTL8821AU USB adapters
Manually backported patch:
045-v6.13-wifi-rtw88-Enable-the-new-RTL8821AU-RTL8812AU-driver
Patches from 046 to 051 are pending.

Signed-off-by: Marty Jones <mj8263788@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17079
[Move BPAUTO_WANT_DEV_COREDUMP to original patch]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 36f6d6ddcd67e7e32e2281baf5814ece81fad402)
2024-12-10 01:06:10 +01:00
Marty Jones
2b45e93113 linux-firmware: realtek: add RTL8812AU/RTL8821AU firmware
This adds firmware support for the RTL8812AU/RTL8821AU USB wireless adapters.

Signed-off-by: Marty Jones <mj8263788@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17079
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c48a48e65889e00df598757cca1f6226ac173e89)
2024-12-10 01:06:10 +01:00
Marty Jones
4bfe5ccd11 linux-firmware: update to 20241110
linux-firmware update to 20241110
Move WCN6750 firmware to the device-specific subdir

git log --no-merges --pretty=oneline --abbrev-commit 20241110...20241017

1dbc4cfa rtl_bt: Update RTL8852BT/RTL8852BE-VT BT USB FW to 0x04D7_63F7
8a976e23 cnm: update chips&media wave521c firmware.
3636204f mediatek MT7920: update bluetooth firmware to 20241104091246
6627b025 linux-firmware: update firmware for MT7920 WiFi device
554c4761 copy-firmware.sh: Run check_whence.py only if in a git repo
1486d9aa cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops
c99eeb4d amdgpu: update DMCUB to v9.0.10.0 for DCN351
b6bfff1a rtw89: 8852a: update fw to v0.13.36.2
ddf25515 rtw88: Add firmware v52.14.0 for RTL8812AU
dbb219d7 i915: Update Xe2LPD DMC to v2.23
937e463b linux-firmware: update firmware for mediatek bluetooth chip (MT7925)
62ee1c4b linux-firmware: update firmware for MT7925 WiFi device
a142ad72 WHENCE: Add sof-tolg for mt8195
fe16af92  linux-firmware: Update firmware file for Intel BlazarI core
c69bd749 qcom: Add link for QCS6490 GPU firmware
f4f5689f qcom: update gpu firmwares for qcs615 chipset
a6f3ab98 cirrus: cs35l56: Update firmware for Cirrus Amps for some HP laptops
048795ee ath11k: move WCN6750 firmware to the device-specific subdir
8a7bde2c xe: Update LNL GSC to v104.0.0.1263
e0ee2f91 i915: Update MTL/ARL GSC to v102.1.15.1926
987607d6 amdgpu: DMCUB updates for various AMDGPU ASICs
f9a502ab mediatek: Add sof-tolg for mt8195
1c289f28 i915: Add Xe3LPD DMC
c2379c61 cnm: update chips&media wave521c firmware.
71f8f3e0 linux-firmware: Add firmware for Cirrus CS35L41
65c4b9b7 linux-firmware: Update firmware file for Intel BlazarU core
4f397306 Makefile: error out of 'install' if COPYOPTS is set
2f046411 check_whence.py: skip some validation if git ls-files fails
feb324e3 qcom: Add Audio firmware for X1E80100 CRD/QCPs
3d45353e amdgpu: DMCUB updates forvarious AMDGPU ASICs
c569ca45 brcm: replace NVRAM for Jetson TX1

Signed-off-by: Marty Jones <mj8263788@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/17079
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 24c8f06807181a5fb3a63a74e5ee73d68c6d59f0)
2024-12-10 01:06:10 +01:00
Hauke Mehrtens
c995dd97c7 OpenWrt v24.10.0-rc2: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-03 22:24:36 +01:00
Hauke Mehrtens
66e76aa94f OpenWrt v24.10.0-rc2: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-03 22:24:32 +01:00
Hauke Mehrtens
5601274444 OpenWrt v24.10.0-rc1: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-02 00:22:14 +01:00
Hauke Mehrtens
41714984df OpenWrt v24.10.0-rc1: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-02 00:22:08 +01:00
Petr Štetiar
17bdccb4a5
apk: mark package as broken to hide it by default
During the last OpenWrt developer meeting 2024-11-26 it was decided,
that 24.10 will be the last release using opkg package manager and thus
apk won't be supported, so make it explicit and mark apk package manager
as broken.

References: https://openwrt.org/meetings/20241126#release_2410
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-28 18:49:43 +00:00
Hannu Nyman
7eec852c06
gdb: Fix description for apk, remove backtick
Remove backtick from gdb description text, as that seems to
be recognized as a shell action by compilation with apk,
causing error.

Example from test buildbot:
 rstrip.sh: /builder/shared-workdir/build/sdk/build_dir/target-aarch64_generic_musl/gdb-15.2/ipkg-aarch64_generic/gdb/usr/bin/gdb: executable
 bash: -c: line 1: unexpected EOF while looking for matching ``'
 bash: -c: line 2: syntax error: unexpected end of file
 make[3]: *** [Makefile:123: /builder/shared-workdir/build/sdk/bin/packages/aarch64_generic/base/gdb-15.2-r1.apk] Error 2

Local compilation:
 rstrip.sh: /OpenWrt/aarch64/build_dir/target-aarch64_cortex-a53_musl/gdb-15.2/ipkg-aarch64_cortex-a53/gdb/usr/bin/gdb: executable
 bash: -c: line 1: unexpected EOF while looking for matching ``'
 make[2]: *** [Makefile:123: /OpenWrt/aarch64/bin/packages/aarch64_cortex-a53/base/gdb-15.2-r1.apk] Error 2

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/16908
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit adb921c34ff220951a699665bb35dc0e3538b3b2)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-28 18:49:39 +00:00
Mikhail Zhilkin
c312295b56
mediatek: Routerich AX3000: add OpenWrt U-Boot layout
This commit adds OpenWrt U-Boot layout support for Routerich AX3000. The
aims:
1. Get open-source U-Boot;
2. Get maximum available free space in OpenWrt.

Install
-------
1. Copy OpenWrt ubootmod-bl31-uboot.fip, ubootmod-preloader.bin, to the
   /tmp folder of the router using scp.

2. Make mtd partitions backups:
   http://192.168.1.1/cgi-bin/luci/admin/system/flash -> Save mtdblock
   contents

3. Install kmod-mtd-rw:
```
opkg update && opkg install kmod-mtd-rw
```

4. Write FIP and preloader:
```
insmod mtd-rw i_want_a_brick=1
mtd unlock BL2
mtd erase BL2
mtd write /tmp/ubootmod-preloader.bin BL2
mtd unlock FIP
mtd erase FIP
mtd write /tmp/ubootmod-bl31-uboot.fip FIP
```

5. Copy OpenWrt ubootmod-initramfs-recovery.itb to the tftp server root
   with IP 192.168.1.254.

6. Reboot router:
```
reboot
```
U-Boot will automatically download from the tftp server and boot OpenWrt
initramfs system.

7. Copy OpenWrt ubootmod-squashfs-sysupgrade.itb to the /tmp dir of the
   router using scp.

8. Run sysupgrade:
```
sysupgrade -n /tmp/squashfs-sysupgrade.itb
```

Recovery
--------
1. Place OpenWrt initramfs-recovery.itb image (with original name) on the
   tftp server (IP: 192.168.1.254).
2. Press "reset" button and power on the router. After ~10 sec release the
   button.
3. Use OpenWrt initramfs system for recovery.

BL2 and FIP recovery
--------------------
Use mtk_uartboot and UART connection if BL2 or FIP in UBI is destroyed:
Link: https://github.com/981213/mtk_uartboot

Return to stock:
----------------
1. Copy partition backups (BL2.bin and FIP.bin) to the /tmp dir of the
   router using scp.

2. Install kmod-mtd-rw:
```
opkg update && opkg install kmod-mtd-rw
```

3. Restore stock U-Boot and reboot:
```
insmod mtd-rw i_want_a_brick=1
mtd unlock BL2
mtd erase BL2
mtd write /tmp/BL2.bin BL2
mtd unlock FIP
mtd erase FIP
mtd write /tmp/FIP.bin FIP
reboot
```

4. Open U-Boot web recovery, upload stock firmware image and start
   upgrade.
Link: http://192.168.1.1

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16791
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d413163832df93c321eef3fce8c4f72c350d5308)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-28 18:49:33 +00:00
Mikhail Zhilkin
ba95a01cbf
uboot-mediatek: add Routerich AX3000 support
Add U-Boot replacement loader for Routerich AX3000.

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16791
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c0581520b1c53fe2fc4a310f916590dcc428474a)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-28 18:49:31 +00:00
Hauke Mehrtens
67269ae51e
kernel: usb: kmod-usb-audio: Fix dependency
Change the dependency on the kmod-media-controller from depends to
select.

Fixes: 109592524663 ("kernel: add kmod-media-controller dependency for kmod-usb-audio")
Link: https://github.com/openwrt/openwrt/pull/17058
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b7dd70a0d708b7f8fe9f5c95d09013245e3dcb6b)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-28 18:49:25 +00:00
Hauke Mehrtens
2544e03d10
dropbear: bump to 2024.86
- update dropbear to latest stable 2024.86;
  for the changes see https://matt.ucc.asn.au/dropbear/CHANGES

Link: https://github.com/openwrt/openwrt/pull/17053
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a9d3c5b4c9bf910d4b3b42109161b1f6526b76eb)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-28 18:49:19 +00:00
George Oldfort
60e21548e5
mediatek: add support for Acer Predator W6d and Acer Vero W6m
This commit adds support for two variants of the already supported router
Acer Predator Connect W6: The Acer Predator Connect W6d (W6 without 6 GHz
wifi) and the Acer Connect Vero W6m (W6 without 2.5G eth1 port, usb3 port,
and the 6 on-board gpio RGB LEDs, and with a KTD2026 RGB LED controller
instead of the KTD2061 LED controller of the W6/W6d).

The device tree for the W6m refers to the KTD202x driver suggested in
PR #16860.

Patching target/linux/mediatek/filogic/base-files/lib/upgrade/platform.sh
removes the code repetition in (old) lines 121 to 124 on the occasion.

This is the last of four commits into which the original commit was split
to make reviews easier and more targeted.

Signed-off-by: George Oldfort <openwrt@10099.de>
Link: https://github.com/openwrt/openwrt/pull/16861
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 2898d1d1269a841e5bb8673801bd2a04ad120031)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-28 18:49:13 +00:00
George Oldfort
fd0f608d66
mediatek: make use of Acer Predator Connect W6's u-boot environment
In order to prepare OpenWrt support for other Acer W6 devices and to adapt
the procedure to read and set mac addresses which other devices of the same
target are using (instead of needing an additional script and creating an
additional structure in the file system), this commit
- reads device mac addresses from u-boot environment
- avoids the detour via the file system to set the mac addresses
- drops redundant file /lib/preinit/05_extract_factory_data.sh

The idea and the implementation were thankfully taken from PR #16410.

This is the second of four commits into which the original commit was split
to make reviews easier and more targeted.

Signed-off-by: George Oldfort <openwrt@10099.de>
Link: https://github.com/openwrt/openwrt/pull/16861
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit e7aaba2587e57dbd157899f7a2215ec6b7af5f89)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-28 18:49:09 +00:00
Joerg Bayer
25973eab22
linux-firmware: Add support for Intel AX411
Add support for Intel AX411 CNVio2 device.

Signed-off-by: Joerg Bayer <sg-o@live.de>
Link: https://github.com/openwrt/openwrt/pull/15153
[squashed and updated commit description, update to version 89]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c89ed7acc897794b06b61f10d8f641ee06fbaacf)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-28 18:49:05 +00:00
Antonio Pastor
b2f3713801
kernel: modules: appletalk: add for Netatalk v4
Netatalk v4 reintroduces AppleTalk and this module is required for
layer 3 protocol support.

Module was removed in kernel 4.14 for OpenWrt 18.06 (commmit
14a0131, 22/02/2018). At the time nothing used it as Netatalk v3
did not support AppleTalk.

Not building ipddp feature/module like it was in the past, as
recommended by upstream Netatalk maintainers.

Signed-off-by: Antonio Pastor <antonio.pastor@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16979
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5eb25dddb17fa3cf4958e91dfc9fc868c9eb03ac)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-11-28 18:48:53 +00:00