Commit Graph

55761 Commits

Author SHA1 Message Date
Kuan-Yi Li
729cdff71d bcm27xx: switch to linux-firmware SDIO NVRAM
Package `cypress-nvram` was added because back then the files for newer
RPi models on `linux-firmware` didn't have the proper values.

It is the other way around nowadays, so switch back to `linux-firmware`.

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2022-11-15 20:48:54 +01:00
Kuan-Yi Li
60832584aa linux-firmware: broadcom: use symlink to provide NVRAM for some RPis
This is to align the implementation with upstream `linux-firmware`.

Some Raspberry Pi boards do not have dedicated NVRAM in `linux-firmware`
source repository, their NVRAM is provided through a symbolic link to
NVRAM of another board with an identical wireless design.

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2022-11-15 20:48:20 +01:00
Kuan-Yi Li
22e9d8bc89 cypress-firmware: use symlink to provide firmware in brcm
This is to align the implementation with upstream `linux-firmware`.

Instead of moving these firmware files to `brcm` subdirectory and changing
their names, leave them in `cypress` subdirectory, keep their names intact
and use symbolic links to provide compatibility with Broadcom FullMAC
driver.

This gives more context to where the firmware comes from.

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2022-11-15 20:48:08 +01:00
Kuan-Yi Li
efaad5e901 cypress-nvram: use symlink to provide NVRAM for some RPis
This is to align the implementation with upstream `linux-firmware`.

Some Raspberry Pi boards do not have dedicated NVRAM in `linux-firmware`
source repository, their NVRAM is provided through a symbolic link to
NVRAM of another board with an identical wireless design.

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2022-11-15 20:47:54 +01:00
Kuan-Yi Li
ce6f86e134 cypress-nvram: remove PROVIDES in NVRAM packages
PROVIDES for these packages will cause ambiguity and circular dependency
in planned changes.

For example, if there is a package `brcmfmac-firmware-43455-sdio-rpi-cm4`
that depends on `brcmfmac-firmware-43455-sdio-rpi-4b`, there is no way to
tell which one of below packages the system will go for.

 - package named `brcmfmac-firmware-43455-sdio-rpi-4b`
 - package named `cypress-nvram-43455-sdio-rpi-4b` that PROVIDES
   `brcmfmac-firmware-43455-sdio-rpi-4b`

When ambiguity is unacceptable, PROVIDES (aliases) shall be removed and
packages shall only be used through their exact name.

So remove PROVIDES and keep only CONFLICTS.

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2022-11-15 20:46:12 +01:00
Daniel Golle
ebe2b7190b
kernel: modules: package Marvell gigE PHY driver
Some copper SFP modules come with Marvell's 88E1xxx PHY and need this
module to function. Package it, so users can easily install this PHY
driver and use e.g. FINISAR CORP. FCLF-8521-3-HC SFP.

Without marvell PHY driver:
sfp sfp2: module FINISAR CORP.    FCLF-8521-3-HC   rev A    sn XXXXXXX          dc XXXXXX
mt7530 mdio-bus:1f sfp2: validation with support 0000000,00000000,00000000 failed: -22
sfp sfp2: sfp_add_phy failed: -22

With marvell PHY driver:
sfp sfp2: module FINISAR CORP.    FCLF-8521-3-HC   rev A    sn XXXXXXX          dc XXXXXX
mt7530 mdio-bus:1f sfp2: switched to inband/sgmii link mode
mt7530 mdio-bus:1f sfp2: PHY [i2c:sfp2:16] driver [Marvell 88E1111] (irq=POLL)
mt7530 mdio-bus:1f sfp2: Link is Up - 1Gbps/Full - flow control rx/tx

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-11-15 19:12:39 +00:00
Andre Heider
9a2d362bf7
scripts: fix dl_cleanup.py argument handling
The -w|--whitelist and -D|--download-dir arguments pass an additional value,
properly evaluate that.
Also allow to pass the download directory without -D|--download-dir, just as
the usage describes.
Finally fix spitting out the wrong error messages about those args.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-11-15 14:45:50 +01:00
Chuanhong Guo
c984fc7624
rockchip: use LZMA FIT for kernel image
Use LZMA compressed kernel to save some space in boot partition.

Fixes: #11197
Tested-by: Tianling Shen <cnsztl@immortalwrt.org> [NanoPi R2S]
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2022-11-14 22:50:21 +08:00
Lech Perczak
6fdeb48c1e ath79: support Ruckus ZoneFlex 7025
Ruckus ZoneFlex 7025 is a single 2.4GHz radio 802.11n 1x1 enterprise
access point with built-in Ethernet switch, in an electrical outlet form factor.

Hardware highligts:
- CPU: Atheros AR7240 SoC at 400 MHz
- RAM: 64MB DDR2
- Flash: 16MB SPI-NOR
- Wi-Fi: AR9285 built-in 2.4GHz 1x1 radio
- Ethernet: single Fast Ethernet port inside the electrical enclosure,
  coupled with internal LSA connector for direct wiring,
  four external Fast Ethernet ports on the lower side of the device.
- PoE: 802.3af PD input inside the electrical box.
  802.3af PSE output on the LAN4 port, capable of sourcing
  class 0 or class 2 devices, depending on power supply capacity.
- External 8P8C pass-through connectors on the back and right side of the device
- Standalone 48V power input on the side, through 2/1mm micro DC barrel jack

Serial console: 115200-8-N-1 on internal JP1 header.
Pinout:

---------- JP1
|5|4|3|2|1|
----------

Pin 1 is near the "H1" marking.
1 - RX
2 - n/c
3 - VCC (3.3V)
4 - GND
5 - TX

Installation:
There are two methods of installation:
- Using serial console [1] - requires some disassembly, 3.3V USB-Serial
  adapter, TFTP server,  and removing a single T10 screw,
  but with much less manual steps, and is generally recommended, being
  safer.
- Using stock firmware root shell exploit, SSH and TFTP [2]. Does not
  work on some rare versions of stock firmware. A more involved, and
  requires installing `mkenvimage` from u-boot-tools package if you
  choose to rebuild your own environment, but can be used without
  disassembly or removal from installation point, if you have the
  credentials.
  If for some reason, size of your sysupgrade image exceeds 13312kB,
  proceed with method [1]. For official images this is not likely to
  happen ever.

[1] Using serial console:
0. Connect serial console to H1 header. Ensure the serial converter
   does not back-power the board, otherwise it will fail to boot.

1. Power-on the board. Then quickly connect serial converter to PC and
   hit Ctrl+C in the terminal to break boot sequence. If you're lucky,
   you'll enter U-boot shell. Then skip to point 3.
   Connection parameters are 115200-8-N-1.

2. Allow the board to boot.  Press the reset button, so the board
   reboots into U-boot again and go back to point 1.

3. Set the "bootcmd" variable to disable the dual-boot feature of the
   system and ensure that uImage is loaded. This is critical step, and
   needs to be done only on initial installation.

   > setenv bootcmd "bootm 0x9f040000"
   > saveenv

4. Boot the OpenWrt initramfs using TFTP. Replace IP addresses as needed:

   > setenv serverip 192.168.1.2
   > setenv ipaddr 192.168.1.1
   > tftpboot 0x81000000 openwrt-ath79-generic-ruckus_zf7025-initramfs-kernel.bin
   > bootm 0x81000000

5. Optional, but highly recommended: back up contents of "firmware" partition:

   $ ssh root@192.168.1.1 cat /dev/mtd1 > ruckus_zf7025_fw1_backup.bin

6. Copy over sysupgrade image, and perform actual installation. OpenWrt
   shall boot from flash afterwards:

   $ ssh root@192.168.1.1
   # sysupgrade -n openwrt-ath79-generic-ruckus_zf7025-squashfs-sysupgrade.bin

[2] Using stock root shell:
0. Reset the device to factory defaullts. Power-on the device and after
   it boots, hold the reset button near Ethernet connectors for 5
   seconds.

1. Connect the device to the network. It will acquire address over DHCP,
   so either find its address using list of DHCP leases by looking for
   label MAC address, or try finding it by scanning for SSH port:

   $ nmap 10.42.0.0/24 -p22

   From now on, we assume your computer has address 10.42.0.1 and the device
   has address 10.42.0.254.

2. Set up a TFTP server on your computer. We assume that TFTP server
   root is at /srv/tftp.

3. Obtain root shell. Connect to the device over SSH. The SSHD ond the
   frmware is pretty ancient and requires enabling HMAC-MD5.

   $ ssh 10.42.0.254 \
   -o UserKnownHostsFile=/dev/null \
   -o StrictHostKeyCheking=no \
   -o MACs=hmac-md5

   Login. User is "super", password is "sp-admin".
   Now execute a hidden command:

   Ruckus

   It is case-sensitive. Copy and paste the following string,
   including quotes. There will be no output on the console for that.

   ";/bin/sh;"

   Hit "enter". The AP will respond with:

   grrrr
   OK

   Now execute another hidden command:

   !v54!

   At "What's your chow?" prompt just hit "enter".
   Congratulations, you should now be dropped to Busybox shell with root
   permissions.

4. Optional, but highly recommended: backup the flash contents before
   installation. At your PC ensure the device can write the firmware
   over TFTP:

   $ sudo touch /srv/tftp/ruckus_zf7025_firmware{1,2}.bin
   $ sudo chmod 666 /srv/tftp/ruckus_zf7025_firmware{1,2}.bin

   Locate partitions for primary and secondary firmware image.
   NEVER blindly copy over MTD nodes, because MTD indices change
   depending on the currently active firmware, and all partitions are
   writable!

   # grep rcks_wlan /proc/mtd

   Copy over both images using TFTP, this will be useful in case you'd
   like to return to stock FW in future. Make sure to backup both, as
   OpenWrt uses bot firmwre partitions for storage!

   # tftp -l /dev/<rcks_wlan.main_mtd> -r ruckus_zf7025_firmware1.bin -p 10.42.0.1
   # tftp -l /dev/<rcks_wlan.bkup_mtd> -r ruckus_zf7025_firmware2.bin -p 10.42.0.1

   When the command finishes, copy over the dump to a safe place for
   storage.

   $ cp /srv/tftp/ruckus_zf7025_firmware{1,2}.bin ~/

5. Ensure the system is running from the BACKUP image, i.e. from
   rcks_wlan.bkup partition or "image 2". Otherwise the installation
   WILL fail, and you will need to access mtd0 device to write image
   which risks overwriting the bootloader, and so is not covered here
   and not supported.

   Switching to backup firmware can be achieved by executing a few
   consecutive reboots of the device, or by updating the stock firmware. The
   system will boot from the image it was not running from previously.
   Stock firmware available to update was conveniently dumped in point 4 :-)

6. Prepare U-boot environment image.
   Install u-boot-tools package. Alternatively, if you build your own
   images, OpenWrt provides mkenvimage in host staging directory as well.
   It is recommended to extract environment from the device, and modify
   it, rather then relying on defaults:

   $ sudo touch /srv/tftp/u-boot-env.bin
   $ sudo chmod 666 /srv/tftp/u-boot-env.bin

   On the device, find the MTD partition on which environment resides.
   Beware, it may change depending on currently active firmware image!

   # grep u-boot-env /proc/mtd

   Now, copy over the partition

   # tftp -l /dev/mtd<N> -r u-boot-env.bin -p 10.42.0.1

   Store the stock environment in a safe place:

   $ cp /srv/tftp/u-boot-env.bin ~/

   Extract the values from the dump:

   $ strings u-boot-env.bin | tee u-boot-env.txt

   Now clean up the debris at the end of output, you should end up with
   each variable defined once. After that, set the bootcmd variable like
   this:

   bootcmd=bootm 0x9f040000

   You should end up with something like this:

bootcmd=bootm 0x9f040000
bootargs=console=ttyS0,115200 rootfstype=squashfs init=/sbin/init
baudrate=115200
ethaddr=0x00:0xaa:0xbb:0xcc:0xdd:0xee
mtdparts=mtdparts=ar7100-nor0:256k(u-boot),7168k(rcks_wlan.main),7168k(rcks_wlan.bkup),1280k(datafs),256k(u-boot-env)
mtdids=nor0=ar7100-nor0
bootdelay=2
filesize=52e000
fileaddr=81000000
ethact=eth0
stdin=serial
stdout=serial
stderr=serial
partition=nor0,0
mtddevnum=0
mtddevname=u-boot
ipaddr=192.168.0.1
serverip=192.168.0.2
stderr=serial
ethact=eth0

   These are the defaults, you can use most likely just this as input to
   mkenvimage.

   Now, create environment image and copy it over to TFTP root:

   $ mkenvimage -s 0x40000 -b -o u-boot-env.bin u-boot-env.txt
   $ sudo cp u-boot-env.bin /srv/tftp

   This is the same image, gzipped and base64-encoded:

H4sICOLMEGMAA3UtYm9vdC1lbnYtbmV3LmJpbgDt0E1u00AUAGDfgm2XDUrTsUV/pTkFSxZoEk+o
lcQJtlNaLsURwU4FikDiBN+3eDNvLL/3Zt5/+vFuud8Pq10dp3V3EV4e1uFDGBXTQeq+9HG1b/v9
NsdheP0Y5mV5U4Vw0Y1f1/3wesix/3pM/dO6v2jaZojX/bJpr6dtsUzHuktDjm//FHl4SnXdxfAS
wmN4SWkMy+UYVqsx1PUYci52Q31I3dDHP5vU3ZUhXLX7LjxWN7eby+PVNNxsflfe3m8uu9Wm//xt
m9rFLjXtv6fLzfEwm5fVfdhc1mlI6342Pytzldvn2dS1qfs49Tjvd3qFOm/Ta6yKdbPNffM9x5sq
Ty805acL3Zfh5HTD1RDHJRT9WLGNfe6atJ2S/XE4y3LX/c6mSzZDs29P3edhmqXOz+1xF//s0y7H
t3GL5nDqWT5Ui/Gii7Aoi7HQ81jrcHZY/dXkfLLiJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8
xy8jb4zOAAAEAA==

7. Perform actual installation. Copy over OpenWrt sysupgrade image to
   TFTP root:

   $ sudo cp openwrt-ath79-generic-ruckus_zf7025-squashfs-sysupgrade.bin /srv/tftp

   Now load both to the device over TFTP:

   # tftp -l /tmp/u-boot-env.bin -r u-boot-env.bin -g 10.42.0.1
   # tftp -l /tmp/openwrt.bin -r openwrt-ath79-generic-ruckus_zf7025-squashfs-sysupgrade.bin -g 10.42.0.1

   Verify checksums of both images to ensure the transfer over TFTP
   was completed:

   # sha256sum /tmp/u-boot-env.bin /tmp/openwrt.bin

   And compare it against source images:

   $ sha256sum /srv/tftp/u-boot-env.bin /srv/tftp/openwrt-ath79-generic-ruckus_zf7025-squashfs-sysupgrade.bin

   Locate MTD partition of the primary image:

   # grep rcks_wlan.main /proc/mtd

   Now, write the images in place. Write U-boot environment last, so
   unit still can boot from backup image, should power failure occur during
   this. Replace MTD placeholders with real MTD nodes:

   # flashcp /tmp/openwrt.bin /dev/<rcks_wlan.main_mtd>
   # flashcp /tmp/u-boot-env.bin /dev/<u-boot-env_mtd>

   Finally, reboot the device. The device should directly boot into
   OpenWrt. Look for the characteristic power LED blinking pattern.

   # reboot -f

   After unit boots, it should be available at the usual 192.168.1.1/24.

Return to factory firmware:

1. Boot into OpenWrt initramfs as for initial installation. To do that
   without disassembly, you can write an initramfs image to the device
   using 'sysupgrade -F' first.
2. Unset the "bootcmd" variable:
   fw_setenv bootcmd ""
3. Concatenate the firmware backups, if you took them during installation using method 2:

   $ cat ruckus_zf7025_fw1_backup.bin ruckus_zf7025_fw2_backup.bin > ruckus_zf7025_backup.bin

3. Write factory images downloaded from manufacturer website into
   fwconcat0 and fwconcat1 MTD partitions, or restore backup you took
   before installation:

   # mtd write ruckus_zf7025_backup.bin /dev/mtd1

4. Reboot the system, it should load into factory firmware again.

Quirks and known issues:
- Flash layout is changed from the factory, to use both firmware image
  partitions for storage using mtd-concat, and uImage format is used to
  actually boot the system, which rules out the dual-boot capability.
- The 2.4 GHz radio has its own EEPROM on board, not connected to CPU.
- The stock firmware has dual-boot capability, which is not supported in
  OpenWrt by choice.
  It is controlled by data in the top 64kB of RAM which is unmapped,
  to avoid   the interference in the boot process and accidental
  switch to the inactive image, although boot script presence in
  form of "bootcmd" variable should prevent this entirely.
- On some versions of stock firmware, it is possible to obtain root shell,
  however not much is available in terms of debugging facitilies.
  1. Login to the rkscli
  2. Execute hidden command "Ruckus"
  3. Copy and paste ";/bin/sh;" including quotes. This is required only
     once, the payload will be stored in writable filesystem.
  4. Execute hidden command "!v54!". Press Enter leaving empty reply for
     "What's your chow?" prompt.
  5. Busybox shell shall open.
  Source: https://alephsecurity.com/vulns/aleph-2019014

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2022-11-13 22:36:06 +01:00
Lech Perczak
a98fa04362 uboot-envtools: ath79: add support for Ubiquiti XM devices
Inspired by commit 9565c5726a, and by
facts that all Ubiquiti XM devices share flash layout, and images are
mostly compatible between all of them - enable uboot-envtools support for
whole XM line.

Build tested on: Ubiquiti Airrouter, Bullet-M (7240,7241), Nanobridge-M,
Nanostation-M (+ Loco), Picostation-M, Powerbridge-M, Rocket-M.
Runtime tested on: Ubiquiti Nanobridge M5 (XM).

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2022-11-13 22:36:06 +01:00
Ivaylo Ivanov
6afc355b2e ramips: Add support for D-Link DIR-3060 A1
Hardware specification:
SoC: MediaTek MT7621AT
Flash: Winbond W29N01HVSINA 128MB
RAM: Micron MT41K128M16JT-125 256MB
Ethernet: 4x 10/100/1000 Mbps
WiFi1: MT7615DN 2.4GHz N 2x2:2
WiFi2: MT7615DN 5GHz AC 2x2:2
WiFi3: MT7615N 5GHz AC 4x4:4
Button: WPS, Reset

Flash instructions:
OpenWrt can be installed via D-Link Recovery GUI:

    Push and hold reset button (on the bottom of the device) until power led starts flashing (about 10 secs or so) while plugging in the power cable.
    Give it ~30 seconds, to boot the recovery mode GUI
    Connect your client computer to LAN1 of the device
    Set your client IP address manually to 192.168.0.2 / 255.255.255.0.
    Call the recovery page for the device at http://192.168.0.1/
    Use the provided emergency web GUI to upload and flash a new firmware to the device

Signed-off-by: Ivaylo Ivanov <iivailo@mail.bg>
2022-11-13 22:36:06 +01:00
Daniel Fuchs
794d1645b3 ramips: add support for Amped Wireless B1200EX
This device is almost identical to the already supported Edimax
EW-7476RP5, the only differences are:
- There is no mode selection slider switch on this device
- The two wireless LEDs are green instead of blue
- Model name in the CSYS header is RN10

Additional changes:
- Moved WiFi LEDs and the slider switch to the individual dt files
- Added ieee80211-freq-limit to the mt7612e radio to properly disable
  2.4GHz band on this radio

Device specifications:
SoC:	MediaTek MT7620a @ 580MHz
RAM:	64M (Winbond W9751G6KB-25)
FLASH:	8MB (Macronix)
WiFi:	SoC-integrated: MediaTek MT7620a bgn
WiFi:	MediaTek MT7612EN nac
GbE:	1x (RTL8211E)
BTN:	WPS/RESET
LED:	- WiFi 5G (green)
	- WiFi 2.4G (green)
	- Signal Strength (green)
	- Power (green)
	- WPS (green)
	- LAN (green)
UART:	UART is present as Pads with throughholes on the PCB. They are
	located next to the WPS button
	3.3V - RX - GND - TX / 57600-8N1
	3.3V is the square pad

Installation:
Upload the sysupgrade image via the default web interface

Signed-off-by: Daniel Fuchs <software@sagacioussuricata.com>
2022-11-13 22:36:06 +01:00
Mikhail Zhilkin
0cfd15552e ramips: add support for Rostelecom RT-SF-1
Rostelecom RT-SF-1 is a wireless WiFi 5 router manufactured by Sercomm
company.

Device specification
--------------------
SoC Type: MediaTek MT7621AT
RAM: 256 MiB
Flash: 256 MiB, Micron MT29F2G08ABAGA3W
Wireless 2.4 GHz (MT7603EN): b/g/n, 2x2
Wireless 5 GHz (MT7615E): a/n/ac, 4x4
Ethernet: 5xGbE (WAN, LAN1, LAN2, LAN3, LAN4)
USB ports: 1xUSB3.0
ZigBee: 3.0, EFR32 MG1B232GG
Button: 2 buttons (Reset & WPS)
LEDs:
   - 1x Status (RGB)
   - 1x 2.4G (blue, hardware, mt76-phy0)
   - 1x 5G (blue, hardware, mt76-phy1)
Power: 12 VDC, 1.5 A
Connector type: barrel
Bootloader: U-Boot

Installation
-----------------
1. Remove dots from the OpenWrt factory image filename
2. Login to the router web interface
3. Update firmware using web interface with the OpenWrt factory image
4. If OpenWrt is booted, then no further steps are required. Enjoy!
   Otherwise (Stock firmware has booted again) proceed to the next step.
5. Update firmware using web interface with any version of the Stock
   firmware
6. Update firmware using web interface with the OpenWrt factory image

Revert to stock
---------------
Change bootflag to Sercomm1 in OpenWrt CLI and then reboot:
    printf 1 | dd bs=1 seek=7 count=1 of=/dev/mtdblock3

Recovery
--------
Use sercomm-recovery tool.
Link: https://github.com/danitool/sercomm-recovery

MAC Addresses
-------------
+-----+------------+------------+
| use | address    | example    |
+-----+------------+------------+
| LAN | label      | *:72, *:d2 |
| WAN | label + 11 | *:7d, *:dd |
| 2g  | label + 2  | *:74, *:d4 |
| 5g  | label + 3  | *:75, *:d5 |
+-----+------------+------------+
The label MAC address was found in Factory 0x21000

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
2022-11-13 21:51:22 +01:00
Mikhail Zhilkin
e6b99a4e43 ramips: create common dtsi for Sercomm Dxx routers
This commit adds common dtsi for the following Sercomm devices with 256
MB NAND:
Beeline Smartbox TURBO (Sercomm DF3)
Rostelecom RT-SF-1 (Sercomm DKG)

Also fixed typo ("Container" mtd name should be with a capital).

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
2022-11-13 21:51:22 +01:00
Martin Dziura
a0b25e17ae ramips: glinet_gl-mt300n-v2: allow to use I2C and UART1 pins as GPIO
This is explicitly intended by the official documentation at
https://docs.gl-inet.com/en/3/specification/gl-mt300n-v2/#pcb-pinout

Signed-off-by: Martin Dziura <m.dziura@tum.de>
2022-11-13 21:51:22 +01:00
Glenn Strauss
1064252259 libmbedtls: disable older RSA ciphers
disable older RSA ciphers

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-11-13 21:51:22 +01:00
Glenn Strauss
aeeb12eb83 libmbedtls: enable crypto algorithms for hostap
enable additional crypto algorithms for hostap

hostap uses local implementations if not provided by crypto library,
so might as well enable in the crypto library for shared use by others.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-11-13 21:51:22 +01:00
Glenn Strauss
602a76ed65 libmbedtls: build option submenu
menuconfig libmbedtls build option submenu

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-11-13 21:51:22 +01:00
Andrew Ammerlaan
b2e83c16e1 procd: service: pass all arguments to service
Passing all arguments to /etc/init.d/$service restores the
behaviour of openwrt 21.02. This is relevant for services
such as etherwake which take more then one argument, e.g.:
"service etherwake start <list of devices to wake>"

Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org>
2022-11-13 21:51:10 +01:00
Nick Hainke
de79a0a9e0 zlib: update to 1.2.13
Remove "001-neon-implementation-of-adler32.patch" because upstreamed
deleted assembler code optimizations:
d0704a8201

Remove upstreamed patches:
- 006-fix-CVE-2022-37434.patch
- 007-fix-null-dereference-in-fix-CVE-2022-37434.patch

Refresh patches:
- 002-arm-specific-optimisations-for-inflate.patch
- 003-arm-specific-optimisations-for-inflate.patch
- 004-attach-sourcefiles-in-patch-002-to-buildsystem.patch

Switch to "https github.com" for downloading source files.

Release Announcements:
https://github.com/madler/zlib/releases/tag/v1.2.13

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-11-13 20:47:57 +01:00
Uwe Kleine-König
cec9cbef44 kernel: add kmod-hwmon-sht3x support
The driver supports the temperature and humidity sensors chips SHT3x and
STS3x by Sensirion.

Signed-off-by: Uwe Kleine-König <uwe@kleine-koenig.org>
2022-11-13 20:47:57 +01:00
David Bauer
fdcd383919 kconfig: abort configuration on unset symbol
This fixes the initial patch to cover all cases where unset symbols are
handled in the code.

Fixes commit eaa9c94c75 ("generic: Kconfig: exit on unset symbol")

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-11-13 16:49:30 +01:00
Lech Perczak
1a49b499f1 ipq40xx: dts: remove leftover nodes after DSA conversion
Remove ess-psgmii@98000, edma@c080000 and ess-switch@c000000 nodes.
These nodes are not used after the DSA conversion, but were left over
in a few devices added recently.

ZTE MF289F is omitted on purpose, as for it, these nodes will be removed
together with DSA conversion.

Build tested only, as I only have MF286D from those devices.

Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2022-11-13 15:31:54 +01:00
Sven Eckelmann
fc69532eb9 ipq40xx: Convert plasmacloud,pa2200 to DSA
* ethernet1:

  - physical port label "Ethernet 1"
  - its mac address is printed on the device label

* ethernet2:

  - physical port label "Ethernet 2"
  - can be used to power the device

Both ports are not marked by there role (because the vendor firmware
automatically detects roles) but the "Ethernet 2" port was used in the past
for "WAN" functionality in OpenWrt.

Tested-by: Michaël BILCOT <michael.bilcot@gmail.com>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2022-11-13 15:26:34 +01:00
Sven Eckelmann
ce6c9e0328 ipq40xx: utilize nvmem-cells for plasmacloud,pa2200
The calibration data and mac addresses on this device are stored in the
0:ART partition. It is therefore possible to move the code to handle them
directly to the devicetree instead of the various scripts.

But the actual relevant information about the partition layout is provided
by the bootloader via bootargs (mtdparts) and not via the devicetree
itself. Instead of using a fixed-partition template, the mtd dynamic
partitions support from the upstream kernel is used.

Reported-by: Robert Marko <robert.marko@sartura.hr>
Tested-by: Michaël BILCOT <michael.bilcot@gmail.com>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2022-11-13 15:26:34 +01:00
Sven Eckelmann
539a5fd624 ipq40xx: Convert plasmacloud,pa1200 to DSA
* ethernet1:

  - physical port label "Ethernet 1"
  - its mac address is printed on the device label

* ethernet2:

  - physical port label "Ethernet 2"
  - can be used to power the device

Both ports are not marked by there role (because the vendor firmware
automatically detects roles) but the "Ethernet 2" port was used in the past
for "WAN" functionality in OpenWrt.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2022-11-13 15:26:34 +01:00
Sven Eckelmann
b8bda645fc ipq40xx: utilize nvmem-cells for plasmacloud,pa1200
The calibration data and mac addresses on this device are stored in the
0:ART partition. It is therefore possible to move the code to handle them
directly to the devicetree instead of the various scripts.

But the actual relevant information about the partition layout is provided
by the bootloader via bootargs (mtdparts) and not via the devicetree
itself. Instead of using a fixed-partition template, the mtd dynamic
partitions support from the upstream kernel is used.

Reported-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2022-11-13 15:26:34 +01:00
Arne Zachlod
364550f9d9 ramips: fix MAC address assignment for rt1800, e7350
previous commit ffa4b5283b introduced a bug which broke the MAC address
assignment for belkin,rt1800 and linksys,e7350.

Fixes: ffa4b5283b ("ramips: add support for Mikrotik LtAP-2HnD")
Signed-off-by: Arne Zachlod <arne@nerdkeller.org>
2022-11-13 15:17:49 +01:00
Hauke Mehrtens
b97e5ac785 bcm4908: Refresh kernel patches
Refresh the kernel patches for this target. No manual changes.

Fixes: 45ac906c64 ("bcm4908: update DTS files with the latest changes")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-11-12 22:53:04 +01:00
Andre Heider
6f729163b1 mt76: move the mt7921 firmware to its own package
It's not just required for the PCI version, but for USB and presumably
SDIO as well.

Tested with 0e8d:7961 Comfast CF-953AX (MT7921AU).

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-11-12 20:26:48 +01:00
Felix Fietkau
9179f484bf mt76: update to the latest version
4bf2607362fc wifi: mt76: fix dbdc number of spatial streams limit

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-11-12 19:19:08 +01:00
Sven Eckelmann
087a8e39be ipq40xx: utilize nvmem-cells for openmesh,a62
The calibration data and mac addresses on this device are stored in the
0:ART partition. It is therefore possible to move the code to handle them
directly to the devicetree instead of the various scripts.

But the actual relevant information about the partition layout is provided
by the bootloader via bootargs (mtdparts) and not via the devicetree
itself. Instead of using a fixed-partition template, the mtd dynamic
partitions support from the upstream kernel is used.

Reported-by: Robert Marko <robert.marko@sartura.hr>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Tested-by: Michaël BILCOT <michael.bilcot@gmail.com>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2022-11-12 18:15:55 +01:00
Sven Eckelmann
2b2f14c959 ipq40xx: utilize nvmem-cells for openmesh,a42
The calibration data and mac addresses on this device are stored in the
0:ART partition. It is therefore possible to move the code to handle them
directly to the devicetree instead of the various scripts.

But the actual relevant information about the partition layout is provided
by the bootloader via bootargs (mtdparts) and not via the devicetree
itself. Instead of using a fixed-partition template, the mtd dynamic
partitions support from the upstream kernel is used.

Reported-by: Robert Marko <robert.marko@sartura.hr>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2022-11-12 18:15:55 +01:00
Sven Eckelmann
c6bef1b83a ipq40xx: Convert openmesh,a62 to DSA
* ethernet1:

  - physical port label "Ethernet 1"
  - can be used to power the device
  - its mac address is printed on the device label

* ethernet2:

  - physical port label "Ethernet 2"

Both ports are not marked by there role (because the vendor firmware
automatically detects roles) but the "Ethernet 1" port was used in the past
for "WAN" functionality in OpenWrt.

Reviewed-by: Robert Marko <robimarko@gmail.com>
Tested-by: Michaël BILCOT <michael.bilcot@gmail.com>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2022-11-12 18:15:55 +01:00
Sven Eckelmann
66a3c32b47 ipq40xx: Convert openmesh,a42 to DSA
* ethernet1:

  - physical port label "Ethernet 1"
  - can be used to power the device
  - its mac address is printed on the device label

* ethernet2:

  - physical port label "Ethernet 2"

Both ports are not marked by there role (because the vendor firmware
automatically detects roles) but the "Ethernet 1" port was used in the past
for "WAN" functionality in OpenWrt.

Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2022-11-12 18:15:55 +01:00
Guillaume Lefebvre
65d9a715fc ipq40xx: D-Link DAP-2610: convert to DSA
Reenable D-Link DAP-2610, convert it to DSA and label port to 'lan', as shown on the case

Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Guillaume Lefebvre <guillaume@zelig.ch>
2022-11-12 18:15:55 +01:00
Óscar García Amor
62efb34071 ramips: add support for Cudy WR1300 v2
Specifications:
 - SoC: MediaTek MT7621AT
 - RAM: 128 MB (DDR3)
 - Flash: 16 MB (SPI NOR)
 - WiFi: MediaTek MT7603E, MediaTek MT7613BE
 - Switch: 1 WAN, 4 LAN (Gigabit)
 - Ports: 1 USB 3.0
 - Buttons: Reset, WPS
 - LEDs: System, Wan, Lan 1-4, WiFi 2.4G, WiFi 5G, WPS
 - Power: DC 12V 1A tip positive

Download and flash the manufacturer's built OpenWRT image available at
http://www.cudytech.com/openwrt_software_download
Install the new OpenWRT image via luci (System -> Backup/Flash firmware)
Be sure to NOT keep settings. The force upgrade may need to be checked
due to differences in router naming conventions.

Recovery:
 - Loads only signed manufacture firmware due to bootloader RSA verification
 - serve tftp-recovery image as /recovery.bin on 192.168.1.88/24
 - connect to any lan ethernet port
 - power on the device while holding the reset button
 - wait at least 8 seconds before releasing reset button for image to
   download
 - See http://www.cudytech.com/newsinfo/547425.html

Signed-off-by: Óscar García Amor <ogarcia@connectical.com>
2022-11-12 18:15:55 +01:00
Szabolcs Hubai
18801f2648 ramips: mt7621: use seama-lzma-loader for D-Link DIR-860L B1
Fix the LZMA ERROR 1 with a single line of recipe instead of duplicating
"uimage-lzma-loader".

While reviewing my original submission of commit ce19571004 David
suggested to use $(Device/uimage-lzma-loader), but due to the specific
needs of the vendor bootloader that simple oneliner didn't work.

The new $(Device/seama-lzma-loader) is for those SEAMA capable
bootloaders.

Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
2022-11-12 18:15:55 +01:00
Szabolcs Hubai
c293b492df ramips: rt3883: use seama-lzma-loader for D-Link DIR-645
In the support topic [0] of the GitHub issue #10634 it was found out
(based on boot logs) that the uimage-lzma-loader (commit 09faa73c53)
never worked, as an earlier workaround (commit 6fba88de19) negated
the recipe:

    3: System Boot system code via Flash.
    ## Booting image at bc050000 ...
    raspi_read: from:50000 len:40
    .raspi_read: from:50000 len:c
    .raspi_read: from:50000 len:1fa000
    ................................We have SEAMA, Image Size = 2072512
    Verifying Checksum ...
    Uncompressing SEAMA linux.lzma ... OK
    ## Transferring control to Linux (at address 80000000) ...
    ## Giving linux memsize in MB, 64

    Starting kernel ...

    [    0.000000] Linux version 5.4.188 (builder@buildhost) (gcc version 8.4.0 (OpenWrt GCC 8.4.0 r16554-1d4dea6d4f)) #0 Sat Apr 16 12:59:34 2022
    [    0.000000] SoC Type: Ralink RT3883 ver:1 eco:5
    [    0.000000] printk: bootconsolde [early0] enabled
    [    0.000000] CPU0 revision is: 0001974c (MIPS 74Kc)
    [    0.000000] MIPS: machine is D-Link DIR-645
    [    0.000000] Initrd not found or empty - disabling initrd

Using the new seama-lzma-loader it's able to boot OpenWrt 22.03
and OpenWrt SNAPSHOT too:

    3: System Boot system code via Flash.
    ## Booting image at bc050000 ...
    raspi_read: from:50000 len:40
    .raspi_read: from:50000 len:c
    .raspi_read: from:50000 len:48b004
    .........................................................................We have SEAMA, Image Size = 4763588
    Verifying Checksum ...
    Uncompressing SEAMA linux.lzma ... OK
    ## Transferring control to Linux (at address 80000000) ...
    ## Giving linux memsize in MB, 64

    Starting kernel ...

    OpenWrt kernel loader for MIPS based SoC
    Copyright (C) 2011 Gabor Juhos <juhosg@openwrt.org>
    Decompressing kernel... done!
    Starting kernel at 80000000...

    [    0.000000] Linux version 5.10.144 (xabolcs@ut2004) (mipsel-openwrt-linux-musl-gcc (OpenWrt GCC 11.3.0 r20774+2-b71affaf8b) 11.3.0, GNU ld (GNU Binutils) 2.37) #0 Tue Sep 27 23:02:30 2022
    [    0.000000] SoC Type: Ralink RT3883 ver:1 eco:5
    [    0.000000] printk: bootconsole [early0] enabled
    [    0.000000] CPU0 revision is: 0001974c (MIPS 74Kc)
    [    0.000000] MIPS: machine is D-Link DIR-645
    [    0.000000] Initrd not found or empty - disabling initrd
    [    0.000000] Primary instruction cache 64kB, VIPT, 4-way, linesize 32 bytes.
    [    0.000000] Primary data cache 32kB, 4-way, VIPT, cache aliases, linesize 32 bytes
    [    0.000000] Zone ranges:
    [    0.000000]   Normal   [mem 0x0000000000000000-0x0000000003ffffff]
    [    0.000000] Movable zone start for each node
    [    0.000000] Early memory node ranges
    [    0.000000]   node   0: [mem 0x0000000000000000-0x0000000003ffffff]
    [    0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x0000000003ffffff]
    [    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 16256
    [    0.000000] Kernel command line: console=ttyS0,57600 rootfstype=squashfs,jffs2

The OKLI Loader is unable to read the flash on this SoC:

    Looking for OpenWrt image... not found! ('0xddbaddba' at 0xbc051000)

0: https://forum.openwrt.org/t/136435

Fixes: GitHub issue #10634 ("V22.03.0 release currently does not work on D-Link DIR-645")
Fixes: 09faa73c53 ("ramips: rt3883: use lzma-loader for DIR-645")
Tested-by: Glenn Fowler <gfowler1@outlook.com>
Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
2022-11-12 18:15:55 +01:00
Szabolcs Hubai
e7ad68d682 ramips: define lzma-loader recipe for SEAMA devices
Define "Device/seama-lzma-loader" recipe for SEAMA devices to help
contributors avoid doing recipe mistakes.

In a forum topic [0] I was under the impression that the good old
uimage-lzma-loader didn't fix the LZMA ERROR 1 for a device.

It was found out, that the uimage-lzma-loader never worked because the
KERNEL variable was overriden earlier (also an LZMA ERROR 1 related
commit, 6fba88de19), and the "use lzma-loader" fix (commit
09faa73c53) didn't catch that to include the "loader-kernel" part.

I contributed an LZMA ERROR 1 fix (commit ce19571004) for the SEAMA
device D-Link DIR-860L B1, where I had to duplicate the whole
uimage-lzma-loader recipe because of the special needs of the vendor
bootloader.

This new recipe reuse most of uimage-lzma-loader's KERNEL definiton to
avoid duplication.

It uses "relocate-kernel" as it needed for D-Link DIR-860L B1 to
boot from flash, and it's compatible with D-Link DIR-645 too.

It repacks lzma-loader with lzma for kernel (without uImage), because
these weird hacked vendor bootloaders accepts only LZMA compressed
kernels from flash:

    We have SEAMA, Image Size = 4759794
    Verifying Checksum ...
    Uncompressing SEAMA linux.lzma ... OK

It uses uImage header for initramfs kernel to be little bit verbose.

0: https://forum.openwrt.org/t/136435/10

Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
2022-11-12 18:15:55 +01:00
Arne Zachlod
ffa4b5283b ramips: add support for Mikrotik LtAP-2HnD
Mikrotik LtAP-2HnD is a outdoor/automotive WLAN 4 router with integrated GPS
receiver and two mPCIe slots.

Specifications:
* SoC: MT7621A
* RAM: 128 MiB Nanya NT5CC64M16GP-DI
* Flash: 16 MiB winbond W25Q128JV
* WLAN:
  * Atheros AR9382 with power amplifier SKY 85330 (2x2 internal antennas,
    with RF switches for external connectors)
* Ethernet: 1 Gbps, single port
* USB Host: USB 2.0 Speeds
* Serial: 115200 baud
* LEDs: Power, System, GPS, 5* RSSI
*  mPCIe:
   * miniPCIe slot 1: PCIe and USB 2.0 Host (via switch shared with USB Host)
   * miniPCIe slot 2: USB 2.0 and 3.0
* SIM Cards:
  * Slot 1 Connected to mPCIe slot 1
  * Slot 2 and 3 connected to mPCIe slot 2 via switch
* GPS: MTK 3333 on serial port 2 (/dev/ttyS1), 115200 baud and PPS on gpio 14

gpios are exposed to /sys/class/gpio:

* usb-select: swithes USB 2.0 interface between external port and internal
mPCIe slot 1 default is the external USB interface
* gps-reset: resets the GPS interface chip
* sim-select: switches between sim slot 2 and 3 connected to mPCIe slot 2
* gps-ant-select: switches GPS antenna between internal antenna and SMA
connected antenna
* lte-reset: resets mPCIe slot 2

Flashing:
 TFTP boot initramfs image and then perform sysupgrade. Follow common
 MikroTik procedure as in https://openwrt.org/toh/mikrotik/common.

Signed-off-by: Arne Zachlod <arne@nerdkeller.org>
2022-11-12 18:15:55 +01:00
Will Moss
5a1af6ed62 ath79: fix MAC address assignment for TP-Link ar7241 devices
On TP-Link ar7241 devices LAN and WAN interfaces are swapped. Keeping
that in mind fix MAC address assignment as used in vendor firmware:
LAN MAC - main MAC stored in u-boot and printed on label
WAN MAC - LAN MAC + 1

Signed-off-by: Will Moss <willormos@gmail.com>
2022-11-12 17:10:12 +01:00
Shiji Yang
4778f6e959 ath79: move usb led trigger node to SoC dtsi
These frequently used usb led triggers are universal. They should be
moved to SoC dtsi.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2022-11-12 17:10:12 +01:00
John Audia
e7bd3767a9 kernel: bump 5.10 to 5.10.154
All patches automatically rebased.

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-11-12 17:05:13 +01:00
John Audia
0252c0b1bc kernel: bump 5.15 to 5.15.78
All patches automatically rebased

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-11-12 17:05:13 +01:00
Quintin Hill
4c3f664c2f kernel: backport some Bluetooth RTL8761 USB IDs
These USB IDs appear in the 5.15 stable kernel series but not the 5.10
stable series.

Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
2022-11-12 17:05:13 +01:00
Quintin Hill
5e6e45b7ff kernel: backport RTL8761B FW name change to v5.10
Make the firmware filenames referenced by the module consistent for
v5.10 and v5.15 kernels.  Backport two upstream patches a cleanup commit
and the commit making the change, the former is required for the latter
to apply cleanly.

Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
2022-11-12 17:05:13 +01:00
Quintin Hill
0bf512aa86 linux-firmware: add rtl8761 bluetooth firmware
Realtek bluetooth devices need firmware.  Add packages for some of
these.

Tested on a WNDR3700v4 with rtl8761bu firmware.

Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
2022-11-12 17:05:13 +01:00
Quintin Hill
bc67c27283 kernel: support for Realtek USB bluetooth devices
USB adaptors with the RTL8761B chipset are cheap and readily available
but so far support is missing in Openwrt.  Enable the relevant kernel
options and add a module to the kmod-bluetooth package.  Increases size
of kmod-bluetooth ipk from 279140 bytes to 285320 bytes on my ath79 build.

Tested on a WNDR3700v4 with rtl8761bu firmware.

Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
2022-11-12 17:05:13 +01:00
Chen Minqiang
4979d16fb1 dnsmasq: add support for filter-AAAA/A
This add --filter-A and --filter-AAAA options, to remove IPv4 or IPv6
addresses from DNS answers. these options is supported since version 2.87.

Co-authored-by: NueXini <nuexini@alumni.tongji.edu.cn>
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2022-11-12 17:05:13 +01:00