The data is modified within hostapd_add_iface
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 032d3fcf7a)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The kmod-fs-btrfs package has a soft dependency to kmod-crypto-blake2b
The CONFIG_BTRFS_FS kernel build option selects CONFIG_CRYPTO_BLAKE2B,
but we did not package it before.
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit f89091bba6)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The kernel provides two variants of the lz4 compression a normal version
and a high compression mode version. The old kmod-lib-lz4 package
contained the normal version plus one part of the lz4hc version. There
was already code which selected the kmod-lib-lz4hc package which did
not exists.
I split this into 3 packages. kmod-lib-lz4 and kmod-lib-lz4hc for the
normal the and high compression algorithm which contain the specific
code and the kmod-lib-lz4-decompress which contains the common
decompressor.
New we are also packaging lz4hc.ko
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit fac507606d)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The nf_dup_ipv4.ko and nf_dup_ipv6.ko kernel module were packaged by
kmod-ipt-tee and kmod-nft-dup-inet at the same time. Extract them into a
separate package used by both.
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit b0953c4fbf)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Without this configuration it is not possible to run the radio using HE160 on channels 149-177.
Fixes: #14906
Signed-off-by: Paweł Owoc <frut3k7@gmail.com>
(cherry picked from commit a91b79fd04)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes WARN_ONs when using AP_VLANs after station removal. The flush
call passed AP_VLAN vif to driver, but because these vifs are virtual and
not registered with drivers, we need to translate to the correct AP vif
first.
Fixes: openwrt#12420
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
[Rename to 360-wifi-mac80211-do-not-pass-ap_vlan-vif-pointer-to-dri.patch]
(cherry picked from commit 3e738781a9)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hardware specification:
SoC: MediaTek MT7986A 4x A53
Flash: ESMT F50L1G41LB 128MB
RAM: W632GU6NB DDR3 256MB
Ethernet: 1x 2.5G + 4x 1G
WiFi1: MT7975N 2.4GHz 4T4R
WiFi2: MT7975PN 5GHz 4T4R
Button: Reset, WPS
Power: DC 12V 2A
Flash instructions:
1. Connect to the router using ssh or telnet,
username: useradmin, password is the web
login password of the router.
2. Use scp to upload bl31-uboot.fip and flash:
"mtd write xxx-preloader.bin spi0.0"
"mtd write xxx-bl31-uboot.fip FIP"
"mtd erase ubi"
3. Connect to the router via the Lan port,
set a static ip of your PC.
(ip 192.168.1.254, gateway 192.168.1.1)
4. Download initramfs image, reboot router,
waiting for tftp recovery to complete.
5. After openwrt boots up, perform sysupgrade.
Note:
1. Back up all mtd partitions before flashing.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 4ae474afbd)
The vendor uboot requires special fit verification.
So add a custom uboot build for this device.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 0170666d89)
The vendor U-Boot has enabled signature verification, so add
a custom U-Boot build for OpenWrt.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 6fa4fbbc52)
Cudy assigns hardware versions to its devices on its website, and
the Cudy TR1200 router is now Cudy TR1200 v1.
OpenWrt currently uses both variants, and this commit removes
inconsistencies using only the new name.
Signed-off-by: Luis Mita <luis@luismita.com>
(cherry picked from commit d780d530dd)
Link: https://github.com/openwrt/openwrt/pull/15875
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hardware:
- SoC: MediaTek MT7628AN (MIPS 580MHz)
- Flash: 16 MiB XMC 25QH128CH10
- RAM: 128 MiB ESMT M14D1G1664A
- WLAN: 2.4 GHz (MT7628), 5 GHz (MT7613BEN 802.11ac)
- Ethernet: 1x 10/100 Mbps WAN, 1x 10/100 LAN (MT7628)
- USB 2.0 port
- Buttons: 1 Reset button, 1 slider button
- LEDs: 1x Red, 1x White
- Serial console: unpopulated header, 115200 8n1
- Power: 5 VDC, 2 A
MAC addresses:
+---------+-------------------+-----------+
| | MAC | Algorithm |
+---------+-------------------+-----------+
| WAN | 80:af:ca:xx:xx:x0 | label |
| LAN | 80:af:ca:xx:xx:x0 | label |
| WLAN 2g | 80:af:ca:xx:xx:x0 | label |
| WLAN 5g | 80:af:ca:xx:xx:x2 | label+2 |
+---------+-------------------+-----------+
Installation:
The installation must be done via TFTP by disassembling the router.
On other occasions Cudy has distributed intermediate firmware to make
installation easier, and so I recommend checking the Wiki for this
device if there is a more convenient solution than the one below.
To install using TFTP:
1. Upgrade to a beta firmware (signed by Cudy) that can be downloaded
from the wiki. This is required in order to use an unlocked u-boot.
2. Connect to UART.
3. While the router is turning on, press 1.
4. Connect to LAN and set your IP to 192.168.1.88/24. Configure a TFTP
server and an OpenWrt initramfs-kernel.bin firmware file as recovery.bin.
5. Press Enter three times. Verify the filename.
6. If you can reach LuCI or SSH now, just use the sysupgrade image with
the 'Keep settings' option turned off.
If you don't want to use the beta firmware nor the unlocked u-boot, you
can install the firmware writing the sysupgrade image on the firmware
partition of the SPI flash.
Signed-off-by: Luis Mita <luis@luismita.com>
(cherry picked from commit f1091ef7ac)
Link: https://github.com/openwrt/openwrt/pull/15875
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The PKG_MIRROR_HASH was updated to a wrong version.
Fixes: f64576f367 ("mt76: update to Git HEAD (2024-04-03)")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This updates mac80211 to version 6.1.97-1. This code is based on Linux
6.1.97 and contains all fixes included in the upstream wireless
subsystem from that kernel version. This includes many bugfixes and also
some security fixes.
The removed patches are already integrated in upstream Linux 6.1.97 or
in backports.
The following patches were integrated in upstream Linux:
ath11k/0013-wifi-ath11k-synchronize-ath11k_mac_he_gi_to_nl80211_.patch
ath11k/0035-wifi-ath11k-Use-platform_get_irq-to-get-the-interrup.patch
ath11k/0036-wifi-ath11k-fix-SAC-bug-on-peer-addition-with-sta-ba.patch
ath11k/0047-wifi-ath11k-fix-deinitialization-of-firmware-resourc.patch
ath11k/0053-wifi-ath11k-fix-writing-to-unintended-memory-region.patch
ath11k/0060-wifi-ath11k-Ignore-frags-from-uninitialized-peer-in-.patch
ath11k/0065-wifi-ath11k-fix-tx-status-reporting-in-encap-offload.patch
ath11k/0067-wifi-ath11k-Fix-SKB-corruption-in-REO-destination-ri.patch
ath11k/0069-wifi-ath11k-fix-registration-of-6Ghz-only-phy-withou.patch
ath11k/0080-wifi-ath11k-add-support-default-regdb-while-searchin.patch
ath11k/0085-wifi-ath11k-fix-memory-leak-in-WMI-firmware-stats.patch
ath11k/0086-wifi-ath11k-Add-missing-check-for-ioremap.patch
ath11k/0096-wifi-ath11k-fix-boot-failure-with-one-MSI-vector.patch
subsys/337-wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch
The following patches were integrated in upstream backports:
ath11k/901-wifi-ath11k-pci-fix-compilation-in-5.16-and-older.patch
build/080-resv_start_op.patch
build/110-backport_napi_build_skb.patch
The following files are missing in backports, we do not have to remove
them any more. Some were already missing before some were removed in
this update:
include/linux/cordic.h
include/linux/crc8.h
include/linux/eeprom_93cx6.h
include/linux/wl12xx.h
include/net/ieee80211.h
backport-include/linux/bcm47xx_nvram.h
include/linux/ath9k_platform.h
include/net/bluetooth/
backports ships a dummy Mediatek wed header for older kernel versions.
We backported the feature in our kernel, remove the dummy header:
backport-include/linux/soc/mediatek/mtk_wed.h
Remove header files for subsystems used form the mainline kernel:
include/trace/events/qrtr.h
include/net/rsi_91x.h
backport-include/linux/platform_data/brcmnand.h
Link: https://github.com/openwrt/openwrt/pull/15827
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Update the nl80211.h file in iw with the version from backports.
The files were out of sync already before the mac80211 update. If iw set
the NL80211_ATTR_WIPHY_ANTENNA_GAIN attribute the kernel assumed it set
the NL80211_ATTR_PUNCT_BITMAP attribute because the id was the same.
Link: https://github.com/openwrt/openwrt/pull/15827
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Now kernel configs of armv6k CPUs don't include CONFIG_CPU_V6.
So armv6k CPUs cannot be detected as arm_v6.
Fix this by adding detection for CONFIG_CPU_V6K.
Signed-off-by: Lu jicong <jiconglu58@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15855
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit d55083fbca)
This adds two more common PHY brands to the image.
Realtek is used on the Google Coral "Phanbell" board (i.MX8MQ).
SMSC has been used on various Raspberry Pi boards.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit bcbdde00c3)
Link: https://github.com/openwrt/openwrt/pull/15808
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This was discovered when trying to run OpenWrt on Hetzner Cloud's
Arm-based instances.
Hetzner uses QEMU/KVM with virtio-gpu as the main display device,
together with an ACPI firmware. This was not displaying a console
previously.
This setup can be emulated by qemu using options below:
qemu-system-aarch64 \
-machine virt \
-bios QEMU_EFI.fd \
-device virtio-gpu \
-usb \
-device qemu-xhci,id=xhci \
-device usb-tablet,bus=xhci.0 \
-device usb-kbd,bus=xhci.0 \
-vnc :0
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit ea7383e721)
Link: https://github.com/openwrt/openwrt/pull/15808
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Support for Renesas Arm families was added in commit 1ff4f4df23
("armsr: armv8: enable CONFIG_ARCH_RENESAS"), but this did not
enable the console/tty hardware for these SoCs, which is derived
from the SuperH family (CONFIG_SERIAL_SH_SCI).
Link: https://github.com/openwrt/openwrt/issues/15284
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 683355d0a6)
Link: https://github.com/openwrt/openwrt/pull/15808
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
R32 is like the M32 part of the EAGLE PRO AI series from D-Link.
Specification:
- MT7622BV SoC with 2.4GHz wifi
- MT7975AN + MT7915AN for 5GHz
- MT7531BE Switch
- 512MB RAM
- 128 MB flash
- 2 LEDs (Status and Internet, both can be either orange or white)
- 2 buttons (WPS and Reset)
Compared to M32, the R32 has the following differences:
- 4 LAN ports instead of 2
- The recory image starts with DLK6E6015001 instaed of DLK6E6010001
- Individual LEDs for power and internet
- MAC address is stored at another offset in the ODM partition
MAC addresses:
- WAN MAC is stored in partition "Odm" at offset 0x81
- LAN (as printed on the device) is WAN MAC + 1
- WLAN MAC (2.4 GHz) is WAN MAC + 2
- WLAN MAC (5GHz) is WAN MAC + 3
Flashing via Recovery Web Interface:
- Set your IP address to 192.168.0.10, subnetmask 255.255.255.0
- Press the reset button while powering on the deivce
- Keep the reset button pressed until the internet LED blinks fast
- Open a Chromium based and goto http://192.168.0.1
- Download openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-a1-squashfs-recovery.bin
Flashing via uBoot:
- Open the case, connect to the UART console
- Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
- Run a tftp server which provides openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-initramfs-kernel.bin.
- You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
- Power on the device and select "1. System Load Linux to SDRAM via TFTP." in the boot menu
- Enter image file, tftp server IP and device IP (if they differ from the default).
- TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
- The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
- Create a backup of the Kernel1 partition, this file is required if a revert to stock should be done later
- Perform a sysupgrade using openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-squashfs-sysupgrade.bin
- Reboot the device. OpenWrt should start from flash now
Revert back to stock using the Recovery Web Interface:
- Set your IP address to 192.168.0.10, subnetmask 255.255.255.0
- Press the reset button while powering on the deivce
- Keep the reset button pressed until the internet LED blinks fast
- Open a Chromium based and goto http://192.168.0.1
- Flash a decrypted firmware image from D-Link. Decrypting an firmware image is described below.
Decrypting a D-Link firmware image:
- Download https://github.com/RolandoMagico/firmware-utils/blob/M32/src/m32-firmware-util.c
- Compile a binary from the downloaded file, e.g. gcc m32-firmware-util.c -lcrypto -o m32-firmware-util
- Run ./m32-firmware-util R32 --DecryptFactoryImage <OriginalFirmware> <OutputFile>
- Example for firmware R32A1_FW103B01: ./m32-firmware-util R32 --DecryptFactoryImage R32A1_FW103B01.bin R32A1_FW103B01.decrypted.bin
Revert back to stock using uBoot:
- Open the case, connect to the UART console
- Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
- Run a tftp server which provides the previously created backup of the Kernel1 partition.
- You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
- Power on the device and select "2. System Load Linux Kernel then write to Flash via TFTP." in the boot menu
- Enter image file, tftp server IP and device IP (if they differ from the default).
- TFTP download to FLASH will start. After a few seconds the stock firmware should start again
There is also an image openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-a1-squashfs-tftp.bin which can directly be flashed via U-Boot and TFTP.
It can be used if no backup of the Kernel1 partition is reuqired.
Flahsing via OEM web interface is currently not possible, the OEM images are encrypted. Creating images is only possible manually at the moment.
The support for the M32/R32 already includes support for flashing from the OEM web interface:
- The device tree contains both partitions (Kernel1 and Kernel2) with conditions to select the correct one based on the kernel command line
- The U-Boot variable "boot_part" is set accordingly during startup to finish the partition swap after flashing from the OEM web interface
- OpenWrt sysupgrade flashing always uses the partition where it was initially flashed to (no partition swap)
Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
(cherry picked from commit fdb87a91b4)
Link: https://github.com/openwrt/openwrt/pull/15776
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Currently, the build option to enable/disable engine support isn't
reflected in the final '/etc/ssl/openssl.cnf' config. It assumes `engines`
is always enabled, producing an error whenever running any
commands in openssl util or programs that explicitly use settings
from '/etc/ssl/openssl.cnf'.
```
➤ openssl version
FATAL: Startup failure (dev note: apps_startup()) for openssl
307D1EA97F000000:error:12800067:lib(37):dlfcn_load:reason(103):crypto/dso/dso_dlfcn.c:118:filename(libengines.so):
Error loading shared library libengines.so: No such file or directory
307D1EA97F000000:error:12800067:lib(37):DSO_load:reason(103):crypto/dso/dso_lib.c:152:
307D1EA97F000000:error:0700006E:lib(14):module_load_dso:reason(110):crypto/conf/conf_mod.c:321:module=engines, path=engines
307D1EA97F000000:error:07000071:lib(14):module_run:reason(113):crypto/conf/conf_mod.c:266:module=engines
```
Build should check for the `CONFIG_OPENSSL_ENGINE` option, and comment out `engines`
if not explicitly enabled.
Example:
```
[openssl_init]
providers = provider_sect
```
After this change, openssl util works correctly.
```
➤ openssl version
OpenSSL 3.0.14 4 Jun 2024 (Library: OpenSSL 3.0.14 4 Jun 2024)
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15661
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 31ec4515c3)
Link: https://github.com/openwrt/openwrt/pull/15873
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Major changes between OpenSSL 3.0.13 and OpenSSL 3.0.14 [04-Jun-2024]
* Fixed potential use after free after SSL_free_buffers() is called.
[CVE-2024-4741]
* Fixed checking excessively long DSA keys or parameters may be very slow.
[CVE-2024-4603]
* Fixed an issue where some non-default TLS server configurations can cause
unbounded memory growth when processing TLSv1.3 sessions. An attacker may
exploit certain server configurations to trigger unbounded memory growth that
would lead to a Denial of Service. [CVE-2024-2511]
* New atexit configuration switch, which controls whether the OPENSSL_cleanup
is registered when libcrypto is unloaded. This can be used on platforms
where using atexit() from shared libraries causes crashes on exit
Signed-off-by: John Audia <therealgraysky@proton.me>
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
(cherry picked from commit bac2f1bed6)
Link: https://github.com/openwrt/openwrt/pull/15873
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes multiple security problems:
* [High] CVE-2024-0901 Potential denial of service and out of bounds
read. Affects TLS 1.3 on the server side when accepting a connection
from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
it is recommended to update the version of wolfSSL used.
* [Med] CVE-2024-1545 Fault Injection vulnerability in
RsaPrivateDecryption function that potentially allows an attacker
that has access to the same system with a victims process to perform
a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin
Zhang, Qingni Shen for the report (Peking University, The University
of Western Australia)."
* [Med] Fault injection attack with EdDSA signature operations. This
affects ed25519 sign operations where the system could be susceptible
to Rowhammer attacks. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang,
Qingni Shen for the report (Peking University, The University of
Western Australia).
Size increased a little:
wolfssl 5.6.6:
516880 bin/packages/mips_24kc/base/libwolfssl5.6.6.e624513f_5.6.6-stable-r1_mips_24kc.ipk
wolfssl: 5.7.0:
519429 bin/packages/mips_24kc/base/libwolfssl5.7.0.e624513f_5.7.0-stable-r1_mips_24kc.ipk
(cherry picked from commit f475a44c03)
Link: https://github.com/openwrt/openwrt/pull/15872
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Comfast CF-E393AX is a dual-band Wi-Fi 6 POE ceiling mount access point.
Oem firmware is a custom openwrt 21.02 snapshot version.
We can gain access via ssh once we remove the root password.
Hardware specification:
SoC: MediaTek MT7981A 2x A53
Flash: 128 MB SPI-NAND
RAM: 256MB DDR3
Ethernet: 1x 10/100/1000 Mbps built-in PHY (WAN)
1x 10/100/1000/2500 Mbps MaxLinear GPY211C (LAN)
Switch: MediaTek MT7531AE
WiFi: MediaTek MT7976D
LEDS: 1x (Red, Blue and Green)
Button: Reset
UART: 3.3v, 115200n8
--------------------------
| Layout |
| ----------------- |
| 4 | VCC GND TX RX | <= |
| ----------------- |
--------------------------
Gain SSH access:
1. Login into web interface (http://apipaddress/computer/login.html),
and download the
configuration(http://apipaddress/computer/config.html).
2. Rename downloaded backup config - 'backup.file to backup.tar.gz',
Enter 'fakeroot' command then decompress the configuration:
tar -zxf backup.tar.gz
3. Edit 'etc/shadow', update (remove) root password:
With password =
'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
to
Without password =
'root::0:99999:7:::'
'root::0:99999:7:::'
4. Repack 'etc' directory back to a new backup file:
tar -zcf backup-ssh.tar.gz etc/
5. Rename new config tar.gz file to 'backup-ssh.file'
Exit fakeroot - 'exit'
6. Upload new configuration via web interface, now you
can SSH with the following:
'ssh -vv -o HostKeyAlgorithms=+ssh-rsa \
-o PubkeyAcceptedAlgorithms=+ssh-rsa root@192.168.10.1'.
Backup the mtd partitions
- https://openwrt.org/docs/guide-user/installation/generic.backup
7. Copy openwrt factory firmware to the tmp folder to install via ssh:
'scp -o HostKeyAlgorithms=+ssh-rsa \
-o PubkeyAcceptedAlgorithms=+ssh-rsa \
*-mediatek-filogic-comfast_cf-e393ax-squashfs-factory.bin \
root@192.168.10.1:/tmp/'
'sysupgrade -n -F \
/tmp/*--mediatek-filogic-comfast_cf-e393ax-squashfs-factory.bin'
8. Once led has stopped flashing - Connect via ssh with the
default openwrt ip address - 'ssh root@192.168.1.1'
9. SSH copy the openwrt sysupgrade firmware and upgrade
as per the default instructions.
Signed-off-by: David Bentham <db260179@gmail.com>
(cherry picked from commit d8f4453bf2)
Hardware specification:
SoC: MediaTek MT7981B 2x A53
Flash: 16MB NOR
RAM: 256MB
Ethernet: 2x 10/100/1000 Mbps
Switch: MediaTek MT7531AE
WiFi: MediaTek MT7976C
Button: Reset
Power: DC 12V 1A, PoE 802.3af 48V
Flash instructions:
Option #1 - SSH
I was able to SSH into the stock firmware of my device.
1. Attach the router to the network
2. Use scp (-O) to copy the sysupgrade image
3. Connect using SSH and run `sysupgrade -n`
Option #2 - U-Boot
One way to use the bootloader for flashing is using TFTP:
1. Connect to the router using an ethernet cable
2 Spin up a TFTP server serving the sysupgrade file
3. Open the case and attach a UART
4. Attach power to the router and interrupt the countdown by pressing
any key
5. Select option #2 (Upgrade firmware)
6. Enter IP address information and image name
7. Wait patiently
Co-Authored-By: Enrique Rodríguez Valencia <enrique.rodriguez@galgus.net>
Co-Authored-By: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
(cherry picked from commit b4086f44cd)
The Bonanza Peak series are a couple of MT7986-powered 2.5 GBit/s
Wi-Fi 6 residential gateway, access point and mesh router products.
All of them come with an eMMC to boot from, are powered via USB-C and
got a USB 3.0 type-A port. All of them got a Dialog (Renesas) DA14531
Bluetooth module connected via UART. If the device was previously
running stock firmware, the BT chip's internal flash has been loaded
with firmware and it can be attached using hciattach when using
OpenWrt.
SOC: MediaTek MT7986A
RAM: 2 GiB DDR4
eMMC: 8 GiB
Bluetooth: BLE5 (DA14531)
Serial: 3.3V level, 115200 8n1 on 4-pin connector
* SDG-8612 - Dual-band RJ-45 gateway
2x 2.5G MaxLinear PHY for WAN port
3x 1GE LAN ports via MT7531 switch
* SDG-8614 - Dual-band SFP gateway
1x SFP cage with up to 2.5G speed
1x 2.5G MaxLinear PHY for LAN port
3x 1GE LAN ports via MT7531 switch
* SDG-8622 - Tri-band mesh router
2x 2.5G MaxLinear PHY
The MT7986 2G and 5G are used as 2G and 5G high band.
There’s a MT7915 PCIe card for 5G low band.
* SDG-8632 - Tri-band mesh router with 6 GHz
2x 2.5G MaxLinear PHY
The MT7986 serves the 2G and 6G bands.
There’s a MT7915 PCIe card for 5G.
Installation via U-Boot serial console:
0. setup TFTP server with IP 192.168.1.10/24, place initramfs image
renamed to openwrt.XXX where XXX is the internal product number:
SDG-8612: XXX = 412
SDG-8614: XXX = 414
SDG-8622: XXX = 422
SDG-8632: XXX = 432
1. connect to the serial console and power on the device.
Interrupt the bootloader by pressing 'st'
2. setenv boot_mode openwrt ; saveenv
3. run boot1
Load firmware via TFTP and write to flash
4. run boot2
Now OpenWrt initramfs should boot
5. upload sysupgrade.bin via scp to /tmp
6. sysupgrade
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3aa686f8d4)
Openwrt supports hundreds of devices. These newly added LED colors
and functions can help developers better describe LED indicators.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit 6c41c585e3)
Specifications:
SoC: MediaTek MT7981B
RAM: 256MiB
Flash: SPI-NAND 128 MiB
Switch: 1 WAN, 3 LAN (Gigabit)
Buttons: Reset, Mesh
Power: DC 12V 1A
WiFi: MT7976CN
UART: 115200n8
UART Layout:
VCC-RX-TX-GND
No. of Antennas: 6
Note: Upon opening the router, only 5 antennas were connected
to the mainboard.
Led Layout:
Power-Mesh-5gwifi-WAN-LAN3-LAN2-LAN1-2gWiFi
Buttons:
Reset-Mesh
Installation:
A. Through OpenWrt Dashboard:
If your router comes with OpenWrt preinstalled (modified by the seller),
you can easily upgrade by going to the dashboard (192.168.1.1) and then
navigate to System -> Backup/Flash firmware, then flash the firmware
B. Through TFTP
Standard installation via UART:
1. Connect USB Serial Adapter to the UART, (NOTE: Don't connect the VCC pin).
2. Power on the router. Make sure that you can access your router via UART.
3. Restart the router then repeatedly press ctrl + c to skip default boot.
4. Type > bootmenu
5. Press '2' to select upgrade firmware
6. Press 'Y' on 'Run image after upgrading?'
7. Press '0' and hit 'enter' to select TFTP client (default)
8. Fill the U-Boot's IP address and TFTP server's IP address.
9. Finally, enter the 'firmware' filename.
Signed-off-by: Ian Oderon <ianoderon@gmail.com>
(cherry picked from commit 4300bc6688)
This is mostly a cosmetic cleanup. The absence of
the return statement was not causing any problems.
Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
(cherry picked from commit 8cf4ac5195)
Similar to the *_get_mac_binary function, also split the common parts
off mtd_get_mac_ascii into new get_mac_ascii function and introduce
mmc_get_mac_ascii which uses it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 45c85c1827)
Include XHCI USB drivers on the ZBT-Z8102AX router, the drivers are
required to be able to use the USB-connected M.2 slots for 4G/5G modems.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 507ad4f078)
