Commit Graph

1451 Commits

Author SHA1 Message Date
Hauke Mehrtens
271d0c825b make_ext4fs: Update to version 2020-01-05
5c201be Add LDFLAGS when building libsparse.a
ec17045 make_ext4fs: fix build on musl systems

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 20:04:37 +01:00
Andreas Böhler
a3010a7f8d ramips: add support for TP-Link RE200 v1
TP-Link RE200 v1 is a wireless range extender with Ethernet and 2.4G and 5G
WiFi with internal antennas. It's based on MediaTek MT7620A+MT7610EN.

Specifications
--------------

- MediaTek MT7620A (580 Mhz)
- 64 MB of RAM
- 8 MB of FLASH
- 2T2R 2.4 GHz and 1T1R 5 GHz
- 1x 10/100 Mbps Ethernet
- UART header on PCB (57600 8n1)
- 8x LED (GPIO-controlled; only 6 supported), 2x button

There are 2.4G and 5G LEDs in red and green which are controlled
separately. The 5G LED is currently not supported, since the GPIOs couldn't
be determined.

Installation
------------

Web Interface
-------------

It is possible to upgrade to OpenWrt via the web interface. However, the
OEM firmware upgrade file is required and a tool to fix the MD5 sum of
the header. This procedure overwrites U-Boot and there is not failsafe /
recovery mode present! To prepare an image, you need to take the header
and U-Boot (i.e. 0x200 + 0x20000 bytes) from an OEM firmware file and
attach the factory image to it. Then fix the header MD5Sum1.

Serial console
--------------

Opening the case is quite hard, since it is welded together. Rename the
OpenWrt factory image to "test.bin", then plug in the device and quickly
press "2" to enter flash mode (no line feed). Follow the prompts until
OpenWrt is installed.

Unfortunately, this devices does not offer a recovery mode or a tftp
installation method. If the web interface upgrade fails, you have to open
your device and attach serial console. Since the web upgrade overwrites
the boot loader, you might also brick your device.

Additional notes
----------------

MAC address assignment is based on stock-firmware. For me, the device
assigns the MAC on the label to Ethernet and the 2.4G WiFi, while the 5G
WiFi has a separate MAC with +2.

*:88    Ethernet/2.4G    label, uboot 0x1fc00, userconfig 0x0158
*:89    unused           userconfig 0x0160
*:8A    5G               not present in flash

This seems to be the first ramips device with a TP-Link v1 header. The
original firmware has the string "EU" embedded, there might be some region-
checking going on during the firmware upgrade process. The original
firmware also contains U-Boot and thus overwrites the boot loader during
upgrade.
In order to flash back to stock, the first header and U-Boot need to be
stripped from the original firmware.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
2019-12-31 13:23:55 +01:00
Christian Mauderer
5e5e92b7c3 ath79: generate firmware image for aircube-isp
This adds a "factory" image for the aircube-isp devices. Note that the
firmware can't be uploaded without prior special preparation. For the
most recent instructions on how to do that, visit the OpenWRT wiki page
of the Ubiquiti airCube ISP for details:

https://openwrt.org/toh/ubiquiti/ubiquiti_aircube_isp

Current procedure:

With the original firmware 2.5.0 it is possible to upload and execute a
script via the configuration. To do that download and unpack the
original configuration, adapt uhttpd config to execute another lua
handler (placed in the config directory) and pack and upload it again.

The lua handler can call a script that mounts an overlayfs and modifies
the "fwupdate.real" binary so that an unsigned image is accepted. The
overlayfs is necessary because a security system (called tomoyo) doesn't
allow binaries in other locations than /sbin/fwupdate.real (and maybe
some more) to access the flash when executed via network.

A big thanks to Torvald Menningen (Snap) from the OpenWRT forum for
finding out how to patch the binary so that it accepts an unsigned
image.

The current step-by-step procedure is:

- Use a version 2.5.0 of the original firmware. This is important
  because a binary file will be modified.
- Download a configuration.
- Unpack it (it's just a tar gz file without an ending).
- Add the following to uhttpd:

``````
config 'uhttpd' 'other'
	list listen_http    0.0.0.0:8080
	list listen_http    [::]:8080
	option 'home'       '/tmp/persistent/config/patch/www'
	option lua_prefix   '/lua'
	option lua_handler  '/tmp/persistent/config/patch/handler.lua'
``````

- Create a `patch` subfolder.
- Create a `patch/www` subfolder.
- Create a `patch/handler.lua` with the following content:

``````
function handle_request(env)
    uhttpd.send("Status: 200 OK\r\n")
    uhttpd.send("Content-Type: text/plain\r\n\r\n")

    local command = "/bin/sh /tmp/persistent/config/patch/patch.sh 2>&1"

    local proc = assert(io.popen(command))
    for line in proc:lines() do
        uhttpd.send(line.."\r\n")
    end
    proc:close()
end
``````

- Create a `patch/patch.sh` with the following content:

``````
#!/bin/sh -x

set -e
set -u
set -x

UBNTBOX_PATCHED="/tmp/fwupdate.real"
MD5FILE="/tmp/patchmd5"

cat <<EOF > ${MD5FILE}
c33235322da5baca5a7b237c09bc8df1  /sbin/fwupdate.real
EOF

# check md5 of files that will be patched
if ! md5sum -c ${MD5FILE}
then
        echo "******** Error when checking files. Refuse to do anything. ********"
        exit 0
fi

# prepare some overlay functionality
LOWERDIR="/tmp/lower_root"
mkdir -p ${LOWERDIR}
mount -t squashfs -oro /dev/mtdblock3 ${LOWERDIR}
overlay_some_path()
{
        PATH_TO_OVERLAY=$1
        ALIAS=$2
        UPPERDIR="/tmp/over_${ALIAS}"
        WORKDIR="/tmp/over_${ALIAS}_work"

        mkdir -p ${UPPERDIR}
        mkdir -p ${WORKDIR}

        mount -t overlay -o lowerdir=${LOWERDIR}${PATH_TO_OVERLAY},upperdir=${UPPERDIR},workdir=${WORKDIR} overlay ${PATH_TO_OVERLAY}
}

# patch the ubntbox binary.
overlay_some_path "/sbin" "sbin"
echo -en '\x10' | dd of=/sbin/fwupdate.real conv=notrunc bs=1 count=1 seek=24598

echo "******** Done ********"
``````

- Repack the configuration.
- Upload it via the normal web interface.
- Wait about a minute. The webserver should restart.
- Now there is a second web server at port 8080 which can call the lua
  script. Visit the page with a web browser. Link is for example
  http://192.168.1.1:8080/lua
- You should see the output of the script with a "*** Done ***" at the
  end. Note that the patches are not permanent. If you restart the
  router you have to re-visit the link (but not re-upload the config).
- Now you can upload an unsigned binary via the normal web interface.

Signed-off-by: Christian Mauderer <oss@c-mauderer.de>
2019-12-31 01:42:13 +01:00
Brett Mastbergen
9e2e48ff31 tools: qemu: Add patches to support adapter_type and monolithicFlat
Its way more trouble to update this to a newer version of qemu than it
is to backport the two additional features we need.

Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
2019-12-23 00:22:06 +01:00
Adrian Schmutzler
c0b87cf10b tools: tplink-safeloader: fix whitespace issues
This replaces tabs by spaces when preceding an equal sign. This improves
consistency in the file and makes the indent look correct on all platforms.

While at it, also fix one case of inconsistent leading spaces.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-27 22:54:36 +01:00
Anderson Vulczak
9b90dc05f5 ath79: add support for TP-Link Archer C6 v2 (US) and A6 (US/TW)
This patch is based on #1689 and adds support for TP-Link Archer
C6 v2 (US) and A6 (US/TW).

The hardware is the same as EU and RU variant, except for GPIOs
(LEDS/Buttons), flash(chip/partitions) and UART being available
on the board.

- SOC: Qualcomm QCA9563 @ 775MHz
- Flash: GigaDevice GD25Q127CS1G (16MiB)
- RAM: Zentel A3R1GE40JBF (128 MiB DDR2)
- Ethernet: Qualcomm QCA8337N: 4x 1Gbps LAN + 1x 1Gbps WAN
- Wireless:
  - 2.4GHz (bgn) QCA9563 integrated (3x3)
  - 5GHz (ac) Qualcomm QCA9886 (2x2)
- Button: 1x power, 1x reset, 1x wps
- LED: 6x LEDs: power, wlan2g, wlan5g, lan, wan, wps
- UART: 115200, 8n1 (header available on board)

Known issues:
 - Wireless: 5GHz is known to have lower RSSI signal, it affects speed and range.

Flash instructions:

Upload openwrt-ath79-generic-tplink_archer-c6-v2-us-squashfs-factory.bin
via the router Web interface.

Flash instruction using tftp recovery:

1. Connect the computer to one of the LAN ports of the router
2. Set the computer IP to 192.168.0.66
3. Start a tftp server with the OpenWrt factory image in the
   tftp root directory renamed to ArcherA6v2_tp_recovery.bin.
4. Connect power cable to router, press and hold the
   reset button and turn the router on
5. Keep the reset button pressed until the WPS LED lights up
6. Wait ~150 seconds to complete flashing

Flash partitioning: I've followed #1689 for defining the partition layout
for this patch. The partition named as "tplink" @ 0xfd0000 is marked
as read only as it is where some config for stock firmware are stored.
On stock firmware those stock partitions starts at 0xfd9400 however
I had not been able to make it functional starting on the same address as
on stock fw, so it has been partitioned following #1689 and not the stock
partition layout for this specific partition. Due to that firmware/rootfs
partition lenght is 0xf80000 and not 0xf89400 as stock.

According to the GPL code, the EU/RU/JP variant does have different GPIO pins
assignment to LEDs and buttons, also the flash memory layout is different.

GPL Source Code: https://static.tp-link.com/resources/gpl/gpl-A6v2_us.tar.gz

Signed-off-by: Anderson Vulczak <andi@andi.com.br>
[wrap commit message, remove soft_ver change for C6 v2 EU, move LED aliases
to DTS files, remove dts-v1 in DTSI, node/property reorder in DTSI]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-27 22:54:36 +01:00
David Bauer
c5497ebb1c tools/expat: change package source to GitHub
According to the SourceForge page, the project is migrating to GitHub.
Thus, change the source of the package to GitHub.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-11-24 23:17:34 +01:00
DENG Qingfang
3f5cf3872d ccache: update to 3.7.6
Update ccache to 3.7.6

Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_6

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-11-24 21:48:54 +01:00
Hannu Nyman
7c8f74c7c0 tools/quilt: update to 0.66
Update quilt to version 0.66

Release notes at:
http://git.savannah.nongnu.org/cgit/quilt.git/tree/NEWS?id=294006e12

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2019-11-24 21:35:45 +01:00
Bernhard Geier
591a06316d tplink-safeloader: shorten version number of TP-Link WBS210 v2
"2.0" instead of "2.00" is sufficient and more in line with the
other definitions.

Signed-off-by: Bernhard Geier <freifunk@geierb.de>
[commit message/title adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-23 12:03:42 +01:00
Andrew Cameron
20fdfe37d2 ath79: add support for the TP-LINK WBS510 V1
This adds support for a popular low-cost 5GHz N based AP

Specifications:
- SoC: Atheros AR9344
- RAM: 64MB
- Storage: 8 MB SPI NOR
- Wireless: 5GHz 300 Mbps, 2x RP-SMA connector, 27 dBm TX power
- Ethernet: 1x 10/100 Mbps with 24V POE IN, 1x 10/100 Mbps

Installation:
Flash factory image through stock firmware WEB UI
or through TFTP
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP:192.168.0.100
Stock device TFTP adress:192.168.0.254

Signed-off-by: Andrew Cameron <apcameron@softhome.net>
2019-11-22 11:41:27 +01:00
Andrew Cameron
5b8709d9f2 ath79: add support for the TP-LINK WBS510 V2
This adds support for a popular low-cost 5GHz N based AP

Specifications:
 - SoC: Atheros AR9344
 - RAM: 64MB
 - Storage: 8 MB SPI NOR
 - Wireless: 5GHz 300 Mbps, 2x RP-SMA connector, 27 dBm TX power
 - Ethernet: 1x 10/100 Mbps with 24V POE IN, 1x 10/100 Mbps

Installation:
Flash factory image through stock firmware WEB UI
or through TFTP
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP:192.168.0.100
Stock device TFTP adress:192.168.0.254

Signed-off-by: Andrew Cameron <apcameron@softhome.net>
2019-11-22 11:41:24 +01:00
Andrew Cameron
bae0d47f2e ath79: add support for the TP-LINK CPE220 V3
This adds support for a popular low-cost 2.4GHz N based AP

Specifications:
SoC: Qualcomm Atheros QCA9533 (650MHz)
RAM: 64MB
Storage: 8 MB SPI NOR
Wireless: 2.4GHz N based built into SoC 2x2
Ethernet: 2x 100/10 Mbps, integrated into SoC

Installation:
Flash factory image through stock firmware WEB UI
or through TFTP
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP:192.168.0.100
Stock device TFTP adress:192.168.0.254

This also applies some minor changes to the common DTSI:
- use &wmac for label-mac-device, as this one is actually set up in
  common DTSI
- move &eth0 to parent DTSI
- fix several leading spaces, added/removed newlines

Signed-off-by: Andrew Cameron <apcameron@softhome.net>
[DTS style fixes/improvements, updated commit message/title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-06 13:37:40 +01:00
Fredrik Olofsson
e6901bf902 tools/automake: Revert "Do not use $(V) - force AM_V=1"
This reverts commit 43365ca662 ("Do not use $(V) - force AM_V=1") as
it breaks verbose output in automake packages, deviating from the
upstream and expected behaviour.

As you can see, neither make command outputs the expected verbose
compile command lines:

```
$ make package/mtd-utils/{clean,compile} V=sc
...
  CCLD     lsmtd
  CC       nand-utils/nanddump.o
  CCLD     nanddump
...
```
```
$ make -C build_dir/target*/mtd-utils-2.1.1 clean
...
$ make -C build_dir/target*/mtd-utils-2.1.1 V=1
...
  CC       lib/libmtd.o
  CC       lib/libfec.o
  CC       lib/common.o
  CC       lib/libcrc32.o
```

The original reason for this commit was some packages failing to build
if V is set to something other than 0 or 1. See the discussion in PR
https://github.com/openwrt/openwrt/pull/2481 for how to fix this in the
package Makefile.

Ref: PR#2481
Acked-by: Mirko Vogt <mirko-openwrt@nanl.de>
Signed-off-by: Fredrik Olofsson <fredrik.olofsson@anyfinetworks.com>
[commit title/description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-06 00:21:15 +01:00
Bernhard Geier
3930aab2cb ath79: add support for TP-Link WBS210 v2
TP-Link WBS210 v2 is an outdoor wireless CPE for 2.4 GHz with
two Ethernet ports based on Atheros AR9344

The device is the same as TP-Link CPE220 v2, but with higher TX power (27 dBm
instead of 12 dBm) and two antenna connectors instead of built-in antennas.

Specifications:
 - SoC: Atheros AR9344
 - RAM: 64MB
 - Storage: 8 MB SPI NOR
 - Wireless: 2.4GHz 300 Mbps, 2x RP-SMA connector, 27 dBm TX power
 - Ethernet: 1x 10/100 Mbps with 24V POE IN, 1x 10/100 Mbps

Installation:
Flash factory image through stock firmware WEB UI
or through TFTP
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP: 192.168.0.100
Stock device TFTP adress: 192.168.0.254

The TP-Link WBS devices use the same GPIOs as the CPE devices,
except for the link4 LED. For this one, WBS devices use "2", while
CPE devices use "16". (Tested on WBS210 v2)

Signed-off-by: Bernhard Geier <freifunk@geierb.de>
[added comment about GPIO]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-03 13:59:18 +01:00
Sebastian Kemper
1f0063b58c rules.mk: remove "$(STAGING_DIR)/include"
"$(STAGING_DIR)/include" was carried over from buildroot-ng to OpenWrt
in commit 60c1f0f64d. buildroot has
dropped this directory a long time ago.

In OpenWrt the directory is still created by the PrepareStaging macro
and is part of the default TARGET_CPPFLAGS. But nothing at all installs
headers into this directory, nor should anything be installed under this
path.

Removing this directory from TARGET_CPPFLAGS will cut down the log noise
a bit. Not only will CPPFLAGS be shorter, there will be less warnings
set off by "-Wmissing-include-dirs" (or even failures when paired with
"-Werror"). After all the directory does not even _exist_ in the SDKs,
which are used on the build bots when building packages (see [1] and
[2]).

make[8]: Entering directory '/builder/shared-workdir/build/sdk/build_dir/target-aarch64_generic_musl/libmbim-1.20.0/src/common'
  CC       libmbim_common_la-mbim-common.lo
cc1: error: /builder/shared-workdir/build/sdk/staging_dir/target-aarch64_generic_musl/include: No such file or directory [-Werror=missing-include-dirs]
cc1: all warnings being treated as errors

[1] https://github.com/openwrt/packages/issues/10377
[2] https://github.com/openwrt/packages/pull/10378

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Rosen Penev <rosenp@gmail.com>
2019-11-02 20:51:56 +01:00
André Valentin
6ae7ee7724 tools/mkrasimage: Add support for 128k header size
128k header size support is needed for ZyXEL NBG6716.

Signed-off-by: André Valentin <avalentin@marcant.net>
2019-10-27 13:38:05 +01:00
Yousong Zhou
ed6ba2801c tools: keep stamp file in $(STAGING_DIR_HOST)
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-24 11:34:34 +00:00
Adrian Schmutzler
c79b796280 ar71xx: improve support for TP-Link CPE510 v2
This fixes commit bae927c551 ("ar71xx: add support for TP-LINK CPE510
V2.0") where the support for this device wasn't optimal.

Device support for the CPE510v2 so far has been a hack to enable
flashing with CPE510v1 images. Those even have different hardware (e.g.
additional ethernet port).

With this patch, we provide proper support for this device in ar71xx.

Installation:
- Flash factory image through stock firmware WEB UI or through TFTP
- To get to TFTP recovery just hold reset button while powering on
  for around 4-5 seconds and release.
- Rename factory image to recovery.bin
- Stock TFTP server IP: 192.168.0.100
- Stock device TFTP address: 192.168.0.254

Fixes: bae927c551 ("ar71xx: add support for TP-LINK CPE510 V2.0")
Signed-off-by: Andrew Cameron <apcameron@softhome.net>
[Rebased onto revert commit, changed comments in mach-cpe510.c,
changed commit title and description, fixed eth0 MAC address,
removed eth1 initialization]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[squashed revert, added fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-21 21:54:01 +02:00
Ilya Gordeev
5daf094353 tplink-safeloader: fix compilation warnings
Signed-off-by: Ilya Gordeev <Mirraz@users.noreply.github.com>
2019-10-19 13:16:57 +02:00
Josef Schlehofer
700e7a2eb9 tools/e2fsprogs: Update to version 1.45.4
Fixes CVE-2019-5094

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-10-08 21:51:08 +02:00
Josef Schlehofer
b4af2c689f expat: Update to version 2.2.9
Fixes CVE-2019-15903

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-10-06 21:28:49 +02:00
DENG Qingfang
cb289777ca ccache: update to 3.7.4
Update ccache to 3.7.4

Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_4

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-09-26 22:15:25 +02:00
Felix Fietkau
0f7ff74cbf tools/coreutils: install "touch"
Fixes error in setting SOURCE_DATE_EPOCH timestamp on files on rootfs prepare
on non-Linux systems

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-09-25 10:19:24 +02:00
Petr Štetiar
60eb0e8da2 scons: move to packages feed
This patch removes scons host build tool, as commit 7087efd72a8d
("scons: move host build tool to a proper place") in the packages feed
has moved scons into the new home.

There are currently no packages in the master tree which would need
scons, yet scons is build always as part of host tools, just in order to
satisfy host build dependency of few packages in the packages feeds.

Ref: https://github.com/openwrt/packages/pull/9584
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-09-15 22:53:01 +02:00
Hauke Mehrtens
169152c8d1 tools/mkimage: Update U-Boot to version 2019.07
This updates the U-Boot which provides the host tools like mkimage to
version 2019.07.
The patches were cleaned up and it was checked if this still compiles
on Linux and FreeBSD.

CONFIG_FIT_SIGNATURE_MAX_SIZE is set to the default value.

The patch for libressl was merged upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-04 22:35:22 +02:00
Rosen Penev
ac31ec0f62 upslug2: Update to git repository
This has two improvements over the current version. An autotools fix and
application of the wrt350v2 patch.

Cleaned up Makefile as a result of makefiles being fixed.

Note that this package is not really used as it depends on orion, which is
classified as broken.

This is the last package that uses svn in the tree.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-09-03 11:56:47 +02:00
Jo-Philipp Wich
f3ab336d7c tools: libelf: fix headers to trigger -Wundef warnings
When libelf from tools/ is used for building the kernel, compilation
aborts due to access to undefined defines since Kbuild adds -Wundef
to the compiler flags.

Patch the header files to use `#if defined(...)` instead of `#if ...`
to prevent such issues.

Ref: https://github.com/NixOS/nixpkgs/issues/59929
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-03 10:44:21 +02:00
Jo-Philipp Wich
d3f86c9cc3 tools: libelf: install pkg-config file
Install the pkg-config definition for libelf in order to allow the
kernel build process discover it later on.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-03 10:44:21 +02:00
Daniel Engberg
413c68d120 tools/cmake: Update to 3.15.1
Update CMake to 3.15.1
Refresh patches
Remove inofficial fossies.org and replace with GitHub (link on official site)
Remove 150-C-feature-checks-Match-warnings-more-strictly.patch as it's
a no longer needed backport from upstream.
Disable ccache if GCC is 4.8, 4.9 or 5.X to avoid build failures.
Reference: https://github.com/openwrt/openwrt/pull/1929

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-09-01 18:38:05 +02:00
DENG Qingfang
08e274da9d tools/mtd-utils: update to 2.1.1
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-08-27 10:32:44 +02:00
Christian Lamparter
ac2f341036 make-ext4fs: update to HEAD of 2017-05-29 - eebda1
Update make-ext4fs to commit eebda1d55d9701ace2700d7ae461697fadf52d1f

git log --pretty=oneline --abbrev-commit 484903e4..eebda1d5

eebda1d make_ext4: Add strict prototypes.
bb9cf91 make_ext4fs: Remove off64_t in favor of standard off_t

Created with the help of the make-package-update-commit.sh script.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-08-24 23:18:12 +02:00
Daniel Engberg
234f7a9e5d tools/e2fsprogs: Update to 1.45.3
Update e2fsprogs to 1.45.3
Remove OpenBSD patch
Remove Darwin patch, neither macports or brew patches these files
Add patch to avoid crond detection on host OS

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-08-17 16:57:32 +02:00
Russell Senior
bcfd1d7685 tools/patch: apply upstream patch for cve-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style

diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.

https://nvd.nist.gov/vuln/detail/CVE-2019-13638

Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-08-13 10:00:10 +02:00
Russell Senior
166e626277 tools/scons: update scons to 3.1.1
This version bump includes a bunch of fixes and improvements, which
should fix gpsd build breakage in the package feeds.

Ref: https://github.com/SCons/scons/blob/master/src/CHANGES.txt
Signed-off-by: Russell Senior <russell@personaltelco.net>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-08-13 09:49:50 +02:00
Adrian Schmutzler
854ab1b045 ath79: add support for TP-Link CPE220 v2
This seems to be identical to CPE210 v1 despite having removable
antennas.

Specifications:

    * SoC: Qualcomm Atheros AR9344 (560 MHz)
    * RAM: 64MB
    * Storage: 8 MB
    * Wireless: 2.4GHz N based built into SoC 2x2
    * Ethernet: 2x 100/10 Mbps, integrated into SoC, 24V POE IN

Installation:

Flash factory image through stock firmware WEB UI
or through TFTP:
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP:192.168.0.100
Stock device TFTP address:192.168.0.254

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-08-07 18:04:03 +02:00
Adrian Schmutzler
8d83a4f545 tplink-safeloader: increase kernel partition for CPE/WBSx10v1
This is a preparation for ath79 support of the CPE210/CPE510 v1.
Kernel size is chosen equal to the latest update for CPE610 v1.

This also updates the partition size in ar71xx target, so code
remains consistent if someone looks up the device. Since CPE210,
CPE510, WBS210 and WBS510 (all v1) share the same partition
layout definition, and are on deprecated target anyway, this
changes them all at once.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-08-07 18:04:03 +02:00
Daniel Engberg
7270fdb62f expat: Update to 2.2.7
Update (lib)expat to 2.2.7

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-08-06 14:03:09 +02:00
Petr Štetiar
ea1acaf5a6 firmware-utils: uimage_padhdr: fix Coverity issue
Fixes following issue reported by Coverity scan:

 *** CID 1452085:  Security best practices violations  (TOCTOU)
 /tools/firmware-utils/src/uimage_padhdr.c: 100 in main()
 94
 95     	if (!infname || !outfname) {
 96     		usage(argv[0]);
 97     		exit(1);
 98     	}
 99
 >>>     CID 1452085:  Security best practices violations  (TOCTOU)
 >>>     Calling function "stat" to perform check on "infname".
 100     	if (stat(infname, &statbuf) < 0) {

Fixes: a1c6a316d2 ("ramips: add support for Fon FON2601")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-08-04 22:09:20 +02:00
DENG Qingfang
2caf747116 ccache: update to 3.7.2
Update ccache to 3.7.2

Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_2

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-08-04 13:53:05 +02:00
Russell Senior
995bcc5329 tools/patch: apply upstream patch for CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.

https://nvd.nist.gov/vuln/detail/CVE-2019-13636

Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-07-30 10:16:16 +02:00
Daniel Golle
9437012b9e tools/mklibs: update to 0.1.44 and convert to Python 3
Since the switch to Python 3 build fails if CONFIG_USE_MKLIBS is set
("Strip unnecessary functions from libraries" in menuconfig) as
mklibs hasn't been converted to run on Python 3.

 * update to most recent upstream version which brings some
   reproducibility fixes
 * converted to Python 3 using 2to3
 * fixed mixed tab/spaces indentation
 * fixed use of string.* functions
 * some more minor fixes to make Python 3 happy

Fixes commit 19938c8de7 ("build: switch to Python 3")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-07-26 23:50:21 +02:00
NOGUCHI Hiroshi
a1c6a316d2 ramips: add support for Fon FON2601
FON2601 is a wireless router.

Specification:
- SoC: Mediatek MT7620A (580MHz)
- RAM: 128 MiB
- ROM: 16 MiB SPI Flash
- Wireless:
   for 11b/g/n (upto 300 Mbps):  MT7620A built-in WMAC
   for 11a/n/ac (upto 867 Mbps): MT7662E
- Ethernet LAN: 1 port, upto 100 Mbps
- Ethernet WAN: 1 port, upto 1000 Mbps
- USB: 1 port (USB 2.0 host)
- LEDs: 4 (all can be controlled by SoC's GPIO)
- buttons: 1 (Displayed as "WPS" on enclosure)
- serial port: 57600n8
 pins: Vcc(3.3V), Rx, Tx, GND
(left to right, viewed from outside of board)

Installation (only available via UART):
  1. download sysupgrade binary image by wget command
  2. write sysupgrade binary image to Flash
     command is:
       mtd write sysupgrade.bin firmware
  3. reboot

Important Notice:
  Only one button is displayed as "WPS" on enclosure.
  However, it is configured as "reset" (factory resetting feature).

Signed-off-by: NOGUCHI Hiroshi <drvlabo@gmail.com>
[removed unrelated openwrt-keyring revert, missing -Wall for uimage_padhdr]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-26 08:09:16 +02:00
Petr Štetiar
316c8b5503 tools/scons: switch to Python 3
Build tested on ath79 with following packages from packages feed which
build depends on scons. None of them build anymore as it seems, that the
SConscripts are written for Python2.

 * packages/net/iotivity (KO, doesn't build even with latest 1.3.1 release)

   SyntaxError: invalid syntax
    File "/openwrt/build_dir/target-mips_24kc_musl/iotivity-1.2.1/build_common/SConscript", line 40
      print "\nError: Current system (%s) isn't supported\n" % host

   LookupError: unknown encoding: string_escape:
    File "/home/petr/testing/openwrt/build_dir/target-mips_24kc_musl/iotivity-1.3.1/SConstruct", line 28:
      SConscript('build_common/SConscript')

 * packages/net/smartsnmpd (KO, seems dead, no commit since 2015):

   SyntaxError: Missing parentheses in call to 'print'
    File "/openwrt/build_dir/target-mips_24kc_musl/smartsnmpd-2014-08-13/SConstruct", line 156
      print "Can't find liblua or liblua5.1!"

 * packages/utils/gpsd (KO, doesn't build even with latest 3.18.1 release):

   AttributeError: 'list' object has no attribute 'keys':
     File "/openwrt/build_dir/target-mips_24kc_musl/gpsd-3.18.1/SConstruct", line 1758:
       all_manpages = list(base_manpages.keys()) + list(python_manpages.keys())

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-26 08:09:16 +02:00
Petr Štetiar
5989a75cc4 tools/b43-tools/b43-fwsquash: convert to Python 3 with 2-to-3
Let's convert the script to Python 3.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-26 08:09:16 +02:00
Hans Dedecker
1282a63027 tools: libressl: fix compilation for non-glibc clib (FS#2400)
Fixes compilaton issue for non glibc clibs :

libtool: compile:  gcc -DPACKAGE_NAME=\"libressl\" -DPACKAGE_TARNAME=\"libressl\" -DPACKAGE_VERSION=\"2.9.2\" "-DPACKAGE_STRING=\"libressl 2.9.2\"" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DPACKAGE=\"libressl\" -DVERSION=\"2.9.2\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DLT_OBJDIR=\".libs/\" -DHAVE_SYMLINK=1 -DHAVE_ERR_H=1 -DHAVE_ASPRINTF=1 -DHAVE_MEMMEM=1 -DHAVE_STRLCAT=1 -DHAVE_STRLCPY=1 -DHAVE_STRNDUP=1 -DHAVE_STRNLEN=1 -DHAVE_STRSEP=1 -DHAVE_TIMEGM=1 -DHAVE_SYSLOG=1 -DHAVE_ACCEPT4=1 -DHAVE_PIPE2=1 -DHAVE_POLL=1 -DHAVE_SOCKETPAIR=1 -DHAVE_EXPLICIT_BZERO=1 -DHAVE_GETAUXVAL=1 -DHAVE_GETAUXVAL=1 -DHAVE_DL_ITERATE_PHDR=1 -DHAVE_CLOCK_GETTIME=1 -DHAVE_VA_COPY=1 -DHAS_GNU_WARNING_LONG=1 -DSIZEOF_TIME_T=8 -I. -I../include -I../include/compat -DLIBRESSL_INTERNAL -D__BEGIN_HIDDEN_DECLS= -D__END_HIDDEN_DECLS= -I../crypto/asn1 -I../crypto/bn -I../crypto/ec -I../crypto/ecdsa -I../crypto/evp -I../crypto/modes -I../crypto -I/builds/pantacor/pv-platforms/openwrt-base/openwrt/staging_dir/host/include -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE -D__STRICT_ALIGNMENT -O2 -I/builds/pantacor/pv-platforms/openwrt-base/openwrt/staging_dir/host/include -fpic -Wall -std=gnu99 -fno-strict-aliasing -fno-strict-overflow -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DHAVE_GNU_STACK -Wno-pointer-sign -MT compat/getprogname_linux.lo -MD -MP -MF compat/.deps/getprogname_linux.Tpo -c compat/getprogname_linux.c -o compat/getprogname_linux.o
compat/getprogname_linux.c: In function 'getprogname':
compat/getprogname_linux.c:32:2: error: #error "Cannot emulate getprogname"
 #error "Cannot emulate getprogname"
  ^~~~~

Reported-by: Anibal Portero <anibal.portero@pantacor.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-07-23 14:54:07 +02:00
Kevin Darbyshire-Bryant
8d6d227bb6 tools: libressl: fix build on MacOS
Making all in tests
depbase=`echo handshake_table.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
	gcc -DPACKAGE_NAME=\"libressl\" -DPACKAGE_TARNAME=\"libressl\" -DPACKAGE_VERSION=\"2.9.2\" -DPACKAGE_STRING=\"libressl\ 2.9.2\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DPACKAGE=\"libressl\" -DVERSION=\"2.9.2\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DLT_OBJDIR=\".libs/\" -DHAVE_SYMLINK=1 -DHAVE_ERR_H=1 -DHAVE_READPASSPHRASE_H=1 -DHAVE_ASPRINTF=1 -DHAVE_MEMMEM=1 -DHAVE_READPASSPHRASE=1 -DHAVE_STRLCAT=1 -DHAVE_STRLCPY=1 -DHAVE_STRNDUP=1 -DHAVE_STRNLEN=1 -DHAVE_STRSEP=1 -DHAVE_TIMEGM=1 -DHAVE_GETPROGNAME=1 -DHAVE_SYSLOG=1 -DHAVE_POLL=1 -DHAVE_SOCKETPAIR=1 -DHAVE_ARC4RANDOM=1 -DHAVE_ARC4RANDOM_BUF=1 -DHAVE_ARC4RANDOM_UNIFORM=1 -DHAVE_TIMINGSAFE_BCMP=1 -DHAVE_CLOCK_GETTIME=1 -DHAVE_VA_COPY=1 -DHAVE___VA_COPY=1 -DSIZEOF_TIME_T=8 -I.  -I../include -I../include/compat -DLIBRESSL_INTERNAL -D__BEGIN_HIDDEN_DECLS= -D__END_HIDDEN_DECLS= -I ../crypto/modes -I ../crypto/asn1 -I ../ssl -I ../tls -I ../apps/openssl -I ../apps/openssl/compat -D_PATH_SSL_CA_FILE=\"../apps/openssl/cert.pem\" -I/Users/kevin/wrt/staging_dir/host/include  -D__STRICT_ALIGNMENT  -O2 -I/Users/kevin/wrt/staging_dir/host/include  -fpic -Wall -std=gnu99 -fno-strict-aliasing  -fno-strict-overflow -D_FORTIFY_SOURCE=2 -fstack-protector-strong  -Qunused-arguments -Wno-pointer-sign -MT handshake_table.o -MD -MP -MF $depbase.Tpo -c -o handshake_table.o handshake_table.c &&\
	mv -f $depbase.Tpo $depbase.Po
make[4]: *** No rule to make target `/Users/kevin/wrt/build_dir/host/libressl-2.9.2/crypto/.libs/libcrypto_la-cpuid-macosx-x86_64.o', needed by `handshake_table'.  Stop.
make[3]: *** [all-recursive] Error 1

A similar error & clues from
e783d60473

"
LibreSSL 2.9.1 now has a test that requires libtls.a, however, when building a
shared library only build, the --disable-static flag is passed to libressl,
which prevents the building of libtls.a.

With libtls.a not being built, the following error occurs:
libressl-2.9.1/tls/.libs/libtls.a', needed by 'handshake_table'.  Stop.

There are three options to fix this:
1) Stick with autotools, and provide a patch that removes building anything in
   the tests folder.
2) Pass --enable-static to LIBRESSL_CONF_OPTS
3) Change the package type to cmake, as a cmake build does not have this issue."

It appears we cannot change to cmake because cmake has a dependency on
an ssl library.

Take option 1 and do not build the tests.

Also take the opportunity to remove man page building as well.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-22 17:06:04 +01:00
Roman Yeryomin
3f1e8c0131 tools: libressl: update to 2.9.2 version
To keep in sync with OpenSSL 1.1.x branch version options.

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2019-07-21 10:51:43 +02:00
Petr Štetiar
ff7909f69e firmware-utils: mkfwimage: fix build failure on macOS with gcc 9
Fixes following errors:

 src/mkfwimage.c:279:8: error: format specifies type 'long' but the argument has type 'off_t' (aka 'long long') [-Werror,-Wformat]
                      d->stats.st_size,
                     ^~~~~~~~~~~~~~~~
 src/mkfwimage.c:280:8: error: format specifies type 'long' but the argument has type 'long long' [-Werror,-Wformat]
                      d->partition_length - d->stats.st_size);
                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 src/mkfwimage.c:378:6: error: format specifies type 'unsigned long' but the argument has type 'long long' [-Werror,-Wformat]
                      d->stats.st_size - d->partition_length);
                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Reported-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-19 23:04:23 +02:00
Petr Štetiar
04cb651376 firmware-utils: mkfwimage: fix more errors reported by gcc-6/7/9
src/mkfwimage.c:276:8: error: format '%lld' expects argument of type 'long long int', but argument 4 has type '__off_t' {aka 'const long int'} [-Werror=format=]
src/fw.h:71:36: error: format '%llu' expects argument of type 'long long unsigned int', but argument 6 has type '__off_t' {aka 'long int'} [-Werror=format=]
    inlined from 'main' at src/mkfwimage.c:543:12:
/string_fortified.h:106:10: error: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length [-Werror=stringop-truncation]
    inlined from 'write_part' at src/mkfwimage.c:235:2,
string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]
    inlined from 'main' at src/mkfwimage.c:477:5:
string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 256 equals destination size [-Werror=stringop-truncation]
    inlined from 'main' at src/mkfwimage.c:496:5:
string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 4096 equals destination size [-Werror=stringop-truncation]
    inlined from 'main' at src/mkfwimage.c:481:5:
string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 4096 equals destination size [-Werror=stringop-truncation]
    inlined from 'main' at src/mkfwimage.c:485:5:
string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]

Runtested on ath79 and UBNT Bullet M XW.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-19 22:11:15 +02:00