Fix an issue where subinterfaces were not added to the same
firewall zone as their parent.
Inspired by 64bb88841f.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
MBIM protocol handler should intherit "peerdns" options from parent
interface on sub-interfaces, otherwise upstream DNS servers are applied
regardless of configuration.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Previously, DHCP was used. According to MBIM Specification v1.0 errata 1 [1],
section 10.5.20, MBIM_CID_IP_CONFIGURATION,
if MBIM information element containing IP configuration is available,
host shall use it, and fall back to in-band mechanisms to acquire it therwise -
therefore make static configuration the default.
[1] https://www.usb.org/document-library/mobile-broadband-interface-model-v10-errata-1-and-adopters-agreement
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Current implementation needlessly creates both IPv4 and IPv6
sub-interfaces for single-stack IP types. Limit this only to selected IP
type. While at that, ensure that IP type is also passed to umbim during
"connect" phase. In addition, detect the actual established connection
type returned by umbim and set up subinterfaces according to that,
not to requested configuration. While at that, allow empty IP type explicitly,
interpreted as "any" according to MBIM specification.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Subsequent calls to 'umbim connect' do not have any effect if a failure
occured, and in such case an infinite loop without timeout is created,
leading to possibility of interface stuck at connecting forever.
Drop this loop, and issue MBIM disconnect properly, so netifd can
restart from scratch.
This issue can be observed with Sierra EM7455 at changing APN, which
causes network re-registration by default, and a MBIM transaction
timeout, which is resolved on next interface bringup by netifd.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Previous implementation automatically set up connections for both IPv4
and IPv6, even if one of them isn't supported. Respect the "pdptype"
option in the same way, as it is done for QMI or NCM, and only start the
respective PDN sessions, if set.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
There are mbim compatible wwan modules available which do not support
the dhcp autoconfiguration. (e.g. gemalto Cinterion ELS81)
This adds the possibility to get the configuration parameters from mbim.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
This applies commit 02ac9c94 to fix this OpenSSL Security Advisory
issued on 20th April 2023[1]:
Input buffer over-read in AES-XTS implementation on 64 bit ARM
(CVE-2023-1255)
==============================================================
Severity: Low
Issue summary: The AES-XTS cipher decryption implementation for 64 bit
ARM platform contains a bug that could cause it to read past the input
buffer, leading to a crash.
Impact summary: Applications that use the AES-XTS algorithm on the 64
bit ARM platform can crash in rare circumstances. The AES-XTS algorithm
is usually used for disk encryption.
The AES-XTS cipher decryption implementation for 64 bit ARM platform
will read past the end of the ciphertext buffer if the ciphertext size
is 4 mod 5 in 16 byte blocks, e.g. 144 bytes or 1024 bytes. If the
memory after the ciphertext buffer is unmapped, this will trigger a
crash which results in a denial of service.
If an attacker can control the size and location of the ciphertext
buffer being decrypted by an application using AES-XTS on 64 bit ARM,
the application is affected. This is fairly unlikely making this issue a
Low severity one.
1. https://www.openssl.org/news/secadv/20230420.txt
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
The resize tool will resize the prompt to match the current terminal
size. This is helpful when connecting to the system using UART to make
the vi or top output match the current terminal size.
This increases the busybox binary size by 136 bytes and the ipkg size by
335 bytes on aarch64.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The Alcatel HH40V is a CAT4 LTE router used by various ISPs.
Specifications
==============
SoC: QCA9531 650MHz
RAM: 128MiB
Flash: 32MiB SPI NOR
LAN: 1x 10/100MBit
WAN: 1x 10/100MBit
LTE: MDM9607 USB 2.0 (rndis configuration)
WiFi: 802.11n (SoC integrated)
MAC address assignment
======================
There are three MAC addresses stored in the flash ROM, the assignment
follows stock. The MAC on the label is the WiFi MAC address.
Installation (TFTP)
===================
1. Connect serial console
2. Configure static IP to 192.168.1.112
3. Put OpenWrt factory.bin file as firmware-system.bin
4. Press Power + WPS and plug in power
5. Keep buttons pressed until TFTP requests are visible
6. Wait for the system to finish flashing and wait for reboot
7. Bootup will fail as the kernel offset is wrong
8. Run "setenv bootcmd bootm 0x9f150000"
9. Reset board and enjoy OpenWrt
Installation (without UART)
===========================
Installation without UART is a bit tricky and requires several steps too
long for the commit message. Basic steps:
1. Create configure backup
2. Patch backup file to enable SSH
3. Login via SSH and configure the new bootcmd
3. Flash OpenWrt factory.bin image manually (sysupgrade doesn't work)
More detailed instructions will be provided on the Wiki page.
Tested by: Christian Heuff <christian@heuff.at>
Signed-off-by: Andreas Böhler <dev@aboehler.at>
By default both kmod-bcma and kmod-ssb are selected by kmod-b43.
However, only one of both modules is needed for bmips subtargets:
- bcma: bcm6318, bcm6328, bcm6362, bcm63268
- ssb: bcm6358, bcm6368
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
This adds generic kernel support for Broadcom Fallback SPROMs so that it can be
used in any target, even non Broadcom ones.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
This adds a new package with Broadcom SPROMs that can be used as fallback when
the devices lack physical SPROMs.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
TP-Link TL-XDR608x comes with locked vendor loader. Add U-Boot build
for replacement loader for both TL-XDR6086 and TL-XDR6088. The only
difference at U-Boot level is the different filename requested via
TFTP, matching the corresponding OpenWrt build artifacts for each
device.
The TP-Link TL-XDR4288 has the same hardware as the TP-Link TL-XDR6088
except for the wireless part. Also create a uboot for the TP-Link
TL-XDR4288.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[rebase to uboot 23.04, correct led and button]
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
U-Boot commit ea6fdc13595 ("dm: button: add support for linux_code in
button-gpio.c driver") makes it mandatory to specify linux,code for all
buttons. As that broke handling of the reset button in U-Boot with the
update to U-Boot 2023.04, add linux,code for all butons.
Reported-by: @DragonBluep
Fixes: 50f7c5af4a ("uboot-mediatek: update to v2023.04")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
qrtr/ns.ko is now merged into qrtr/qrtr.ko, so drop the individual module packaging.
Fixes: f4989239cc ("kernel: bump 5.15 to 5.15.107")
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> #ipq807x/ax3600, x86_64/FW-7543B, mt7621/dap-x1860
upstream PR 408 improvements:
-Fix AMSDU packets unused
-Removed the ASMDU packets queue
-Add more info in the iw tool
-fix is_hw_crypto_enabled
-Optimization AMPDU_TX_OPERATIONAL (avoid a spinlock)
change to wongsyrone mod
Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
QCA has finally sent a proper fixup for the 160MHz regression upstream,
so lets use the pending fix which also properly sets center frequency 2
in case 80+80 MHz is used.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Commit 9d96b6fb72 ("ath79/mikrotik: disable building NAND images")
disabled building images for MikroTik devices with NAND flash due to a
less than satisfactory method used for updating the kernel on those
devices back then.
To address the problem, add support for updating the kernel on MikroTik
devices with NAND flash using a new tool, Yafut, which enables copying
files from/to Yaffs file systems even if the kernel does not have native
support for the Yaffs file system compiled in. Instead of erasing the
entire NAND partition holding the kernel during every system upgrade
(which is what the previously-used approach employing kernel2minor
involved), Yafut preserves the Yaffs filesystem present on that
partition and only replaces the kernel executable. This allows bad
block information to be preserved across sysupgrade runs and also
enables wear leveling on the NAND partition holding the kernel. Yafut
does not rely on kernel2minor in any way and intends to eventually
supersede the latter for NAND devices.
Signed-off-by: Michał Kępień <openwrt@kempniu.pl>
Updating to U-Boot 2023.04 broke the build for the RAVPower RP-WD009
MT7628 board. This was due to upstream conversion of CONFIG_* to CFG_*
which was not applied to our downstream patch adding support for the
RAVPower RP-WD009 device.
Apply CONFIG_* to CFG_* converion analog to what has been done also
for mt7928_rfb upstream.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Update to next U-Boot timed release.
Remove now obsolete patch
100-01-board-mediatek-add-more-network-configurations.patch
Default IP addresses are now dealt with in Kconfig, no longer in board-
specific C header files.
Add patches to restore ANSI support in bootmenu which was broken upstream,
always use high-speed mode on serial UART for improved stability and fix
an issue with pinconf not being applied on MT7623 resulting in eMMC
being inaccessible when booting from micro SD card.
In order to keep the size of the bootloader on MT7623 below 512kB remove
some unneeded commands on both MT7623 boards.
Tested on:
* BananaPi BPi-R2 (MT7623N)
* BananaPi BPi-R3 (MT7986A)
* BananaPi BPi-R64 (MT7622A)
* Linksys E8450 (MT7622B)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This is a silent command that allows easy wifi up/down automation for
scripts.
It takes one or multiple devices as arguments (or all if none are passed),
and the exit code indicates if any of those is not up.
E.g.:
wifi isup && echo "all wifi devices are up"
wifi isup radio0 || echo "this wifi is down"
Signed-off-by: Andre Heider <a.heider@gmail.com>
Use the already present but unused $cmd and $dev variables instead of
positional parameters in ubus_wifi_cmd() to improve readability.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Synchronize the ath11k backports with the current ath-next tree.
This replaces the management TLV pending fix with the upstreamed one,
fixes traffic flooding when AP and monitor modes are used at the same time,
fixes QCN9074 always showing -95 dBm for station RSSI in dumps,
fixes potential crash on boot if spectral scan is enabled due to writing to
unitialized memory and adds 11d scan offloading for WCN6750 and WCN6855.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Currently, during initialization ath11k will receive a regulatory event
from the firmware in which it will receive the default regulatory domain
code and accompanying rules list and report those to the kernel.
Then if you try to change the regulatory domain to a different country code
it will do a weird thing in which it will send that to the FW and after
receiving the appropriate regulatory event it will parse the rules.
However, while its parsing there is a weird thing being done, and that is
that new raw rules from FW get intersected with the rules from the default
domain.
This is creating a big issue as the default domain is almost always set to
"US" or just "00" aka world so ath11k will unfairly limit you to the most
restrictive combination of rules based on the default domain and your
desired domain.
For example, in ETSI countries this is causing channels 12 and 13 on 2.4GHz
to not be usable since "US" limits 2.4GHz to 2472MHz instead of 2482MHz
like ETSI countries do.
So, lets do what TIP and even QCA do in their ath11k downstream tree and
completely get rid of the interesection code in ath11k.
Signed-off-by: Robert Marko <robimarko@gmail.com>
When using "ubiformat" with stdin it requires passing image size using
the -S argument. Provide it just like we do for "ubiupdatevol".
This fixes:
ubiformat: error!: must use '-S' with non-zero value when reading from stdin
This change fixes sysupgrade for bcm53xx and bcm4908 NAND devices
possibly some other targets too.
Cc: Rodrigo Balerdi <lanchon@gmail.com>
Cc: Daniel Golle <daniel@makrotopia.org>
Fixes: 9710712120 ("base-files: accept gzipped nand sysupgrade images")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Daniel Golle <daniel@makrotopia.org>
Tested-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
CRYPTO_USER_API_ENABLE_OBSOLETE config symbol depends on CRYPTO_USER so
lets add this dependency to relevant modules.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
While tracking one bug report related to wrong package dependencies I've
noticed, that a bunch of the crypto modules are actually not
architecture specific, but either board/subtarget (x86/64) or board
(mpc85xx) specific.
So lets fix it, by making those modules architecture specific:
x86/64 -> x86_64
mpc85xx -> powerpc
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Hardware
--------
SoC: NXP P1010 (1x e500 @ 800MHz)
RAM: 256M DDR3 (2x Samsung K4B1G1646G-BCH9)
FLASH: 32M NOR (Spansion S25FL256S)
BTN: 1x Reset
WiFi: 1x Atheros AR9590 2.4 bgn 3x3
2x Atheros AR9590 5.0 an 3x3
ETH: 2x Gigabit Ethernet (Atheros AR8033 / AR8035)
UART: 115200 8N1 (RJ-45 Cisco)
Installation
------------
1. Grab the OpenWrt initramfs, rename it to ap3715.bin. Place it in
the root directory of a TFTP server and serve it at
192.168.1.66/24.
2. Connect to the serial port and boot the AP. Stop autoboot in U-Boot
by pressing Enter when prompted. Credentials are identical to the one
in the APs interface. By default it is admin / new2day.
3. Alter the bootcmd in U-Boot:
$ setenv ramboot_openwrt "setenv ipaddr 192.168.1.1;
setenv serverip 192.168.1.66; tftpboot 0x2000000 ap3715.bin; bootm"
$ setenv boot_openwrt "sf probe 0; sf read 0x2000000 0x140000 0x1000000;
bootm 0x2000000"
$ setenv bootcmd "run boot_openwrt"
$ saveenv
4. Boot the initramfs image
$ run ramboot_openwrt
5. Transfer the OpenWrt sysupgrade image to the AP using SCP. Install
using sysupgrade.
$ sysupgrade -n <path-to-sysupgrade.bin>
Signed-off-by: David Bauer <mail@david-bauer.net>
Apply two patches fixing low-severity vulnerabilities related to
certificate policies validation:
- Excessive Resource Usage Verifying X.509 Policy Constraints
(CVE-2023-0464)
Severity: Low
A security vulnerability has been identified in all supported versions
of OpenSSL related to the verification of X.509 certificate chains
that include policy constraints. Attackers may be able to exploit
this vulnerability by creating a malicious certificate chain that
triggers exponential use of computational resources, leading to a
denial-of-service (DoS) attack on affected systems.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
- Invalid certificate policies in leaf certificates are silently ignored
(CVE-2023-0465)
Severity: Low
Applications that use a non-default option when verifying certificates
may be vulnerable to an attack from a malicious CA to circumvent
certain checks.
Invalid certificate policies in leaf certificates are silently ignored
by OpenSSL and other certificate policy checks are skipped for that
certificate. A malicious CA could use this to deliberately assert
invalid certificate policies in order to circumvent policy checking on
the certificate altogether.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
Note: OpenSSL also released a fix for low-severity security advisory
CVE-2023-466. It is not included here because the fix only changes the
documentation, which is not built nor included in any OpenWrt package.
Due to the low-severity of these issues, there will be not be an
immediate new release of OpenSSL.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Current WLAN.HK.2.5.0.1 FW is quite old and buggy, but we had to hold off
from updating to 2.6.0.1 and 2.7.0.1 as they had compatibility regressions,
but now QCA finally released 2.9.0.1 FW which is working on all of the
boards.
So finally update IPQ8074 and QCN9074 FW to the latest
WLAN.HK.2.9.0.1-01385-QCAHKSWPL_SILICONZ-1 firmware.
In order to do so, we have to switch to using QCA-s QUIC repo instead of
Kalle-s.
QCA-s QUIC repo does not have BDF-s so we have to get the QCN9074 BDF from
Kalles repo.
Tested-by: Mireia Fernández Casals <meirin.f@gmail.com> # Xiaomi AX3600
Tested-by: Francisco G Luna <frangonlun@gmail.com> #Netgear WAX218
Signed-off-by: Robert Marko <robimarko@gmail.com>
This adapts the engine build infrastructure to allow building providers,
and packages the legacy provider. Providers are the successors of
engines, which have been deprecated.
The legacy provider supplies OpenSSL implementations of algorithms that
have been deemed legacy, including DES, IDEA, MDC2, SEED, and Whirlpool.
Even though these algorithms are implemented in a separate package,
their removal makes the regular library smaller by 3%, so the build
options will remain to allow lean custom builds. Their defaults will
change to 'y' if not bulding for a small flash, so that the regular
legacy package will contain a complete set of algorithms.
The engine build and configuration structure was changed to accomodate
providers, and adapt to the new style of openssl.cnf in version 3.0.
There is not a clean upgrade path for the /etc/ssl/openssl.cnf file,
installed by the openssl-conf package. It is recommended to rename or
remove the old config file when flashing an image with the updated
openssl-conf package, then apply the changes manually.
An old openssl.cnf file will silently work, but new engine or provider
packages will not be enabled. Any remaining engine config files under
/etc/ssl/engines.cnf.d can be removed.
On the build side, the include file used by engine packages was renamed
to openssl-module.mk, so the engine packages in other feeds need to
adapt.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Engines that are built into the main libcrypto OpenSSL library can't be
disabled through UCI. Add a 'builtin' setting to signal that the engine
can't be disabled through UCI, and show a message explaining this in
case buitin=1 and enabled=0.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Building openssl with OPENSSL_SMALL_FOOTPRINT yelds only from 1% to 3%
decrease in size, dropping performance from 2% to 91%, depending on the
target and algorithm.
For example, using AES256-GCM with 1456-bytes operations, X86_64 appears
to be the least affected with 2% performance penalty and 1% reduction in
size; mips drops performance by 13%, size by 3%; Arm drops 29% in
performance, 2% in size.
On aarch64, it slows down ghash so much that I consider it broken
(-91%). SMALL_FOOTPRINT will reduce AES256-GCM performance by 88%, and
size by only 1%. It makes an AES-capable CPU run AES128-GCM at 35% of
the speed of Chacha20-Poly1305:
Block-size=1456 bytes AES256-GCM AES128-GCM ChaCha20-Poly1305
SMALL_FOOTPRINT 62014.44 65063.23 177090.50
regular 504220.08 565630.28 182706.16
OpenSSL 1.1.1 numbers are about the same, so this should have been
noticed a long time ago.
This creates an option to use OPENSSL_SMALL_FOOTPRINT, but it is turned
off by default unless SMALL_FLASH or LOW_MEMORY_FOOTPRINT is used.
Compiling with -O3 instead of -Os, for comparison, will increase size by
about 14-15%, with no measureable effect on AES256-GCM performance, and
about 2% increase in Chacha20-Poly1305 performance on Aarch64.
There are no Arm devices with the small flash feature, so drop the
conditional default. The package is built on phase2, so even if we
include an Arm device with small flash later, a no-asm library would
have to be built from source anyway.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
40ab806 config: use dedicated link local function to check interface
a84bff2 netlink: add support for getting interface linklocal
2ea065f Revert "config: recheck have_link_local on interface reload if already init"
4b38e6b config: fix feature for enabling service only when interface RUNNING
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Some modems (namely, Telit LE910C4) require the IPv6 connection state to
be cleared explicitly, to avoid reporting "no effect" if IPv6
connection is already connected through autoconnect mechanism, or during
LTE default bearer attach, which would lead to established session, but
without a way to inform protocol handler of the status.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Some modems require CID to be set explicitly during IPv6 connection
status check, others require IPv6 address family to be checked explicitly
after establishing connection, in order to provide correct status.
Set both fields in the request to satisfy them.
Fixes: c8a88118af ("uqmi: set CID during 'query-data-status' operation")
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Given ipv6 has SLAAC it is quite plausible to wish to use dynamic
dhcp4 but static dhcp6. This patch keeps dynamicdhcp as the default
option for both, but is overridden by dynamicdhcpv6 or dynamicdhcpv4
Signed-off-by: Ian Dall <ian@beware.dropbear.id.au>
The dhcphostsfile must be mounted into the (ujail) sandbox.
The file can not be accessed without this mount.
Signed-off-by: Ruben Jenster <rjenster@gmail.com>
Kmod-tg3 supports Ethernet adapters over PCIe bus. On targets without
PCI support, this package is empty. Symbol CONFIG_TIGON3 depends on
CONFIG_PCI.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
Kmod-hfcpci and kmod-hfcmulti supports ISDN adapters over PCI. On targets
without PCI support, this package is empty. Symbol CONFIG_MISDN_HFCMULTI
and CONFIG_MISDN_HFCPCI depends on CONFIG_PCI.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
Changes:
1c6f0f3 libtraceevent: version 1.7.2
73f6a8a libtraceevent: Fix some missing commas in big endian blocks
da2ea6b libtraceevent: Rename "ok" to "token_has_paren" in process_sizeof()
e6f7cfa libtraceevent: No need for testing ok in else if (!ok) in process_sizeof()
a4b1ba5 libtraceevent: Fix double free in parsing sizeof()
Signed-off-by: Nick Hainke <vincent@systemli.org>
Recent ath11k sync introduced a regression causing 80+80 and 160MHz to
stop being advertised and thus not selectable due to the respective feature
flags being cleared.
So, until we get answers upstream to what was the reasoning behind this and
it gets fixed, lets just remove the flag clearing to reanable 160MHz.
Fixes: 789a0bac35 ("mac80211: ath11k: sync with ath-next")
Signed-off-by: Robert Marko <robimarko@gmail.com>
Use latest release build instead of a git snapshot. As this tarball
extracts in a trusted-firmware-a-2.8 subdirectory, we no longer need to
override the PKG_NAME defined in trusted-firmware-a.mk. The actual
package name is still the same, so we don't need to update any
dependencies.
Tested on A64-OLinuXino-1Ge16GW.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This is the newest release where 210-sunxi-deactivate-binman.patch still
applies.
Tested on A64-Olinuxino-eMMC.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The Mikrotik R11e-LTE6 modem is similar to ZTE MF286R modem, added
earlier: it has a Marvel chip, able to work in ACM+RNDIS mode, knows ZTE
specific commands, runs OpenWrt Barrier Breaker fork.
While the modem is able to offer IPv6 address, the RNDIS setup is unable
to complete if there is an IPv6 adress.
While it works in ACM+RNDIS mode, the user experience isn't as good as
with "proto 3g": the modem happily serves a local IP (192.168.1.xxx)
without internet access. Of course, if the modem has enough time
(for example at the second dialup), it will serve a public IP.
Modifing the DHCP Lease (to a short interval before connect and back to
default while finalizing) is a workaround to get a public IP at the
first try.
A safe workaround for this is to excercise an offline script of the
pingcheck program: simply restart (ifdown - ifup) the connection.
Another pitfall is that the modem writes a few messages at startup,
which confuses the manufacturer detection algorithm and got disabled.
daemon.notice netifd: Interface 'mikrotik' is setting up now
daemon.notice netifd: mikrotik (2366): Failed to parse message data
daemon.notice netifd: mikrotik (2366): WARNING: Variable 'ok' does not exist or is not an array/object
daemon.notice netifd: mikrotik (2366): Unsupported modem
daemon.notice netifd: mikrotik (2426): Stopping network mikrotik
daemon.notice netifd: mikrotik (2426): Failed to parse message data
daemon.notice netifd: mikrotik (2426): WARNING: Variable '*simdetec:1,sim' does not exist or is not an array/object
daemon.notice netifd: mikrotik (2426): Unsupported modem
daemon.notice netifd: Interface 'mikrotik' is now down
A workaround for this is to use the "delay" option in the interface
configuration.
I want to thank Forum members dchard (in topic Adding support for
MikroTik hAP ac3 LTE6 kit (D53GR_5HacD2HnD)) [1]
and mrhaav (in topic OpenWrt X86_64 + Mikrotik R11e-LTE6) [2]
for sharing their experiments and works.
Another information page was found at eko.one.pl [3].
[1]: https://forum.openwrt.org/t/137555
[2]: https://forum.openwrt.org/t/151743
[3]: https://eko.one.pl/?p=modem-r11elte
Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
The MikroTik R11e-LTE6 modem goes into flight mode (CFUN=4) at startup
and the radio is off (*RADIOPOWER: 0):
AT+RESET
OK
OK
*SIMDETEC:2,NOS
*SIMDETEC:1,SIM
*ICCID: 8936500119010596302
*EUICC: 1
+MSTK: 11, D025....74F3
*ADMINDATA: 0, 2, 0
+CPIN: READY
*EUICC: 1
*ECCLIST: 5, 0, 112, 0, 000, 0, 08, 0, 118, 0, 911
+CREG: 0
$CREG: 0
+CESQ: 99,99,255,255,255,255
*CESQ: 99,99,255,255,255,255,0
+CGREG: 0
+CEREG: 0
+CESQ: 99,99,255,255,255,255
*CESQ: 99,99,255,255,255,255,0
*RADIOPOWER: 0
+MMSG: 0, 0
+MMSG: 0, 0
+MMSG: 1, 0
+MPBK: 1
While the chat script is able to establish the PPP connection,
it's closed instantly by the modem: LCP terminated by peer.
local2.info chat[7000]: send (ATD*99***1#^M)
local2.info chat[7000]: expect (CONNECT)
local2.info chat[7000]: ^M
local2.info chat[7000]: ATD*99***1#^M^M
local2.info chat[7000]: CONNECT
local2.info chat[7000]: -- got it
local2.info chat[7000]: send ( ^M)
daemon.info pppd[6997]: Serial connection established.
kern.info kernel: [ 453.659146] 3g-mikrotik: renamed from ppp0
daemon.info pppd[6997]: Renamed interface ppp0 to 3g-mikrotik
daemon.info pppd[6997]: Using interface 3g-mikrotik
daemon.notice pppd[6997]: Connect: 3g-mikrotik <--> /dev/ttyACM0
daemon.info pppd[6997]: LCP terminated by peer
daemon.notice pppd[6997]: Connection terminated.
daemon.notice pppd[6997]: Modem hangup
daemon.info pppd[6997]: Exit.
daemon.notice netifd: Interface 'mikrotik' is now down
Sending "AT+CFUN=1" to modem deactivates the flight mode and
solves the issue:
daemon.notice netifd: Interface 'mikrotik' is setting up now
daemon.notice netifd: mikrotik (7051): sending -> AT+CFUN=1
daemon.notice pppd[7137]: pppd 2.4.9 started by root, uid 0
local2.info chat[7140]: abort on (BUSY)
local2.info chat[7140]: abort on (NO CARRIER)
local2.info chat[7140]: abort on (ERROR)
local2.info chat[7140]: report (CONNECT)
local2.info chat[7140]: timeout set to 10 seconds
local2.info chat[7140]: send (AT&F^M)
local2.info chat[7140]: expect (OK)
local2.info chat[7140]: ^M
local2.info chat[7140]: +CESQ: 99,99,255,255,255,255^M
local2.info chat[7140]: ^M
local2.info chat[7140]: *CESQ: 99,99,255,255,255,255,0^M
local2.info chat[7140]: AT&F^MAT&F^M^M
local2.info chat[7140]: OK
local2.info chat[7140]: -- got it
...
local2.info chat[7140]: send (ATD*99***1#^M)
local2.info chat[7140]: expect (CONNECT)
local2.info chat[7140]: ^M
local2.info chat[7140]: ATD*99***1#^M^M
local2.info chat[7140]: CONNECT
local2.info chat[7140]: -- got it
local2.info chat[7140]: send ( ^M)
daemon.info pppd[7137]: Serial connection established.
kern.info kernel: [ 463.094254] 3g-mikrotik: renamed from ppp0
daemon.info pppd[7137]: Renamed interface ppp0 to 3g-mikrotik
daemon.info pppd[7137]: Using interface 3g-mikrotik
daemon.notice pppd[7137]: Connect: 3g-mikrotik <--> /dev/ttyACM0
daemon.warn pppd[7137]: Could not determine remote IP address: defaulting to 10.64.64.64
daemon.notice pppd[7137]: local IP address 100.112.63.62
daemon.notice pppd[7137]: remote IP address 10.64.64.64
daemon.notice pppd[7137]: primary DNS address 185.29.83.64
daemon.notice pppd[7137]: secondary DNS address 185.62.131.64
daemon.notice netifd: Network device '3g-mikrotik' link is up
daemon.notice netifd: Interface 'mikrotik' is now up
To send this AT command to the modem the "runcommand.gcom" script
dependency is moved from comgt-ncm to comgt.
As the comgt-ncm package depends on comgt already, this change
is a NOOP from that point of view.
But from the modem's point it is a low hanging fruit as the modem
is usable with installing comgt and kmod-usb-ncm packages.
Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
This patch solves the problem of receiving "error" responses when
initially calling gcom. This avoids unnecessary NO_DEVICE failures.
A retry loop retries the call after an "error" response within the
specified delay. A successful response will continue with the connection
immediately without waiting for max specified delay, bringing the
interface up sooner.
Signed-off-by: Mike Wilson <mikewse@hotmail.com>
ccd7e46 ipq40xx: add support for Wallystech DR40x9
2ce60e1 Revert "ipq40xx: add support for Wallystech DR40x9"
ea962ca ipq40xx: add Emplus WAP551 BDF
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
General specification:
SoC Type: MediaTek MT7620N (580MHz)
ROM: 8 MB SPI-NOR (W25Q64FV)
RAM: 64 MB DDR (EM6AB160TSD-5G)
Switch: MediaTek MT7530
Ethernet: 5 ports - 5×100MbE (WAN, LAN1-4)
Wireless: 2.4 GHz (MediaTek RT5390): b/g/n
Buttons: 3 button (POWER, RESET, WPS)
Slide switch: 4 position (BASE, ADAPTER, BOOSTER, ACCESS POINT)
Bootloader: U-Boot 1.1.3
Power: 9 VDC, 0.6 A
MAC in stock:
|- + |
| LAN | RF-EEPROM + 0x04 |
| WLAN | RF-EEPROM + 0x04 |
| WAN | RF-EEPROM + 0x28 |
OEM easy installation
1. Use a PC to browse to http://my.keenetic.net.
2. Go to the System section and open the Files tab.
3. Under the Files tab, there will be a list of system
files. Click on the Firmware file.
4. When a modal window appears, click on the Choose File
button and upload the firmware image.
5. Wait for the router to flash and reboot.
OEM installation using the TFTP method
1. Download the latest firmware image and rename it to
klite3_recovery.bin.
2. Set up a Tftp server on a PC (e.g. Tftpd32) and place the
firmware image to the root directory of the server.
3. Power off the router and use a twisted pair cable to connect
the PC to any of the router's LAN ports.
4. Configure the network adapter of the PC to use IP address
192.168.1.2 and subnet mask 255.255.255.0.
5. Power up the router while holding the reset button pressed.
6. Wait approximately for 5 seconds and then release the
reset button.
7. The router should download the firmware via TFTP and
complete flashing in a few minutes.
After flashing is complete, use the PC to browse to
http://192.168.1.1 or ssh to proceed with the configuration.
Signed-off-by: Alexey Bartenev <41exey@proton.me>
This board is very similar to the Aruba AP-105, but is
outdoor-first. It is very similar to the MSR2000 (though certain
MSR2000 models have a different PHY[^1]).
A U-Boot replacement is required to install OpenWrt on these
devices[^2].
Specifications
--------------
* Device: Aruba AP-175
* SoC: Atheros AR7161 680 MHz MIPS
* RAM: 128MB - 2x Mira P3S12D40ETP
* Flash: 16MB MXIC MX25L12845EMI-10G (SPI-NOR)
* WiFi: 2 x DNMA-H92 Atheros AR9220-AC1A 802.11abgn
* ETH: IC+ IP1001 Gigabit + PoE PHY
* LED: 2x int., plus 12 ext. on TCA6416 GPIO expander
* Console: CP210X linking USB-A Port to CPU console @ 115200
* RTC: DS1374C, with internal battery
* Temp: LM75 temperature sensor
Factory installation:
- Needs a u-boot replacement. The process is almost identical to that
of the AP105, except that the case is easier to open, and that you
need to compile u-boot from a slightly different branch:
https://github.com/Hurricos/u-boot-ap105/tree/ap175
The instructions for performing an in-circuit reflash with an
SPI-Flasher like a CH314A can be found on the OpenWrt Wiki
(https://openwrt.org/toh/aruba/ap-105); in addition a detailed guide
may be found on YouTube[^3].
- Once u-boot has been replaced, a USB-A-to-A cable may be used to
connect your PC to the CP210X inside the AP at 115200 baud; at this
point, the normal u-boot serial flashing procedure will work (set up
networking; tftpboot and boot an OpenWrt initramfs; sysupgrade to
OpenWrt proper.)
- There is no built-in functionality to revert back to stock firmware,
because the AP-175 has been declared by the vendor[^4] end-of-life
as of 31 Jul 2020. If for some reason you wish to return to stock
firmware, take a backup of the 16MiB flash before flashing u-boot.
[^1]: https://github.com/shalzz/aruba-ap-310/blob/master/platform/bootloader/apboot-11n/include/configs/msr2k.h#L186
[^2]: https://github.com/Hurricos/u-boot-ap105/tree/ap175
[^3]: https://www.youtube.com/watch?v=Vof__dPiprs
[^4]: https://www.arubanetworks.com/support-services/end-of-life/#product=access-points&version=0
Signed-off-by: Martin Kennedy <hurricos@gmail.com>
When forwarding is set to 0, frames are typically sent with ttl=1.
Move the ttl decrement check below the check for local receive in order to
fix packet drops.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
I found use for this in my scripts; I noticed that it is already
compiled with util-linux - there just isn't package for it -
let's package it then.
Description:
The rev utility copies the specified files to the standard output,
reversing the order of characters in everyline.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Ruckus ZoneFlex 7363 is a dual-band, dual-radio 802.11n 2x2 MIMO enterprise
access point. ZoneFlex 7343 is the single band variant of 7363
restricted to 2.4GHz, and ZoneFlex 7341 is 7343 minus two Fast Ethernet
ports.
Hardware highligts:
- CPU: Atheros AR7161 SoC at 680 MHz
- RAM: 64MB DDR
- Flash: 16MB SPI-NOR
- Wi-Fi 2.4GHz: AR9280 PCI 2x2 MIMO radio with external beamforming
- Wi-Fi 5GHz: AR9280 PCI 2x2 MIMO radio with external beamforming
- Ethernet 1: single Gigabit Ethernet port through Marvell 88E1116R gigabit PHY
- Ethernet 2: two Fast Ethernet ports through Realtek RTL8363S switch,
connected with Fast Ethernet link to CPU.
- PoE: input through Gigabit port
- Standalone 12V/1A power input
- USB: optional single USB 2.0 host port on the -U variants.
Serial console: 115200-8-N-1 on internal H1 header.
Pinout:
H1 ----------
|1|x3|4|5|
----------
Pin 1 is near the "H1" marking.
1 - RX
x - no pin
3 - VCC (3.3V)
4 - GND
5 - TX
Installation:
- Using serial console - requires some disassembly, 3.3V USB-Serial
adapter, TFTP server, and removing a single PH1 screw.
0. Connect serial console to H1 header. Ensure the serial converter
does not back-power the board, otherwise it will fail to boot.
1. Power-on the board. Then quickly connect serial converter to PC and
hit Ctrl+C in the terminal to break boot sequence. If you're lucky,
you'll enter U-boot shell. Then skip to point 3.
Connection parameters are 115200-8-N-1.
2. Allow the board to boot. Press the reset button, so the board
reboots into U-boot again and go back to point 1.
3. Set the "bootcmd" variable to disable the dual-boot feature of the
system and ensure that uImage is loaded. This is critical step, and
needs to be done only on initial installation.
> setenv bootcmd "bootm 0xbf040000"
> saveenv
4. Boot the OpenWrt initramfs using TFTP. Replace IP addresses as needed.
Use the Gigabit interface, Fast Ethernet ports are not supported
under U-boot:
> setenv serverip 192.168.1.2
> setenv ipaddr 192.168.1.1
> tftpboot 0x81000000 openwrt-ath79-generic-ruckus_zf7363-initramfs-kernel.bin
> bootm 0x81000000
5. Optional, but highly recommended: back up contents of "firmware" partition:
$ ssh root@192.168.1.1 cat /dev/mtd1 > ruckus_zf7363_fw_backup.bin
6. Copy over sysupgrade image, and perform actual installation. OpenWrt
shall boot from flash afterwards:
$ ssh root@192.168.1.1
# sysupgrade -n openwrt-ath79-generic-ruckus_zf7363-squashfs-sysupgrade.bin
After unit boots, it should be available at the usual 192.168.1.1/24.
Return to factory firmware:
1. Copy over the backup to /tmp, for example using scp
2. Unset the "bootcmd" variable:
fw_setenv bootcmd ""
3. Use sysupgrade with force to restore the backup:
sysupgrade -F ruckus_zf7363_backup.bin
4. System will reboot.
Quirks and known issues:
- Fast Ethernet ports on ZF7363 and ZF7343 are supported, but management
features of the RTL8363S switch aren't implemented yet, though the
switch is visible over MDIO0 bus. This is a gigabit-capable switch, so
link establishment with a gigabit link partner may take a longer time
because RTL8363S advertises gigabit, and the port magnetics don't
support it, so a downshift needs to occur. Both ports are accessible
at eth1 interface, which - strangely - runs only at 100Mbps itself.
- Flash layout is changed from the factory, to use both firmware image
partitions for storage using mtd-concat, and uImage format is used to
actually boot the system, which rules out the dual-boot capability.
- Both radio has its own EEPROM on board, not connected to CPU.
- The stock firmware has dual-boot capability, which is not supported in
OpenWrt by choice.
It is controlled by data in the top 64kB of RAM which is unmapped,
to avoid the interference in the boot process and accidental
switch to the inactive image, although boot script presence in
form of "bootcmd" variable should prevent this entirely.
- On some versions of stock firmware, it is possible to obtain root shell,
however not much is available in terms of debugging facitilies.
1. Login to the rkscli
2. Execute hidden command "Ruckus"
3. Copy and paste ";/bin/sh;" including quotes. This is required only
once, the payload will be stored in writable filesystem.
4. Execute hidden command "!v54!". Press Enter leaving empty reply for
"What's your chow?" prompt.
5. Busybox shell shall open.
Source: https://alephsecurity.com/vulns/aleph-2019014
- There is second method to achieve root shell, using command injection
in the web interface:
1. Login to web administration interface
2. Go to Administration > Diagnostics
3. Enter |telnetd${IFS}-p${IFS}204${IFS}-l${IFS}/bin/sh into "ping"
field
4. Press "Run test"
5. Telnet to the device IP at port 204
6. Busybox shell shall open.
Source: https://github.com/chk-jxcn/ruckusremoteshell
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Ruckus ZoneFlex 7351 is a dual-band, dual-radio 802.11n 2x2 MIMO enterprise
access point.
Hardware highligts:
- CPU: Atheros AR7161 SoC at 680 MHz
- RAM: 64MB DDR
- Flash: 16MB SPI-NOR
- Wi-Fi 2.4GHz: AR9280 PCI 2x2 MIMO radio with external beamforming
- Wi-Fi 5GHz: AR9280 PCI 2x2 MIMO radio with external beamforming
- Ethernet: single Gigabit Ethernet port through Marvell 88E1116R gigabit PHY
- Standalone 12V/1A power input
- USB: optional single USB 2.0 host port on the 7351-U variant.
Serial console: 115200-8-N-1 on internal H1 header.
Pinout:
H1 ----------
|1|x3|4|5|
----------
Pin 1 is near the "H1" marking.
1 - RX
x - no pin
3 - VCC (3.3V)
4 - GND
5 - TX
Installation:
- Using serial console - requires some disassembly, 3.3V USB-Serial
adapter, TFTP server, and removing a single T10 screw.
0. Connect serial console to H1 header. Ensure the serial converter
does not back-power the board, otherwise it will fail to boot.
1. Power-on the board. Then quickly connect serial converter to PC and
hit Ctrl+C in the terminal to break boot sequence. If you're lucky,
you'll enter U-boot shell. Then skip to point 3.
Connection parameters are 115200-8-N-1.
2. Allow the board to boot. Press the reset button, so the board
reboots into U-boot again and go back to point 1.
3. Set the "bootcmd" variable to disable the dual-boot feature of the
system and ensure that uImage is loaded. This is critical step, and
needs to be done only on initial installation.
> setenv bootcmd "bootm 0xbf040000"
> saveenv
4. Boot the OpenWrt initramfs using TFTP. Replace IP addresses as needed:
> setenv serverip 192.168.1.2
> setenv ipaddr 192.168.1.1
> tftpboot 0x81000000 openwrt-ath79-generic-ruckus_zf7351-initramfs-kernel.bin
> bootm 0x81000000
5. Optional, but highly recommended: back up contents of "firmware" partition:
$ ssh root@192.168.1.1 cat /dev/mtd1 > ruckus_zf7351_fw_backup.bin
6. Copy over sysupgrade image, and perform actual installation. OpenWrt
shall boot from flash afterwards:
$ ssh root@192.168.1.1
# sysupgrade -n openwrt-ath79-generic-ruckus_zf7351-squashfs-sysupgrade.bin
After unit boots, it should be available at the usual 192.168.1.1/24.
Return to factory firmware:
1. Copy over the backup to /tmp, for example using scp
2. Unset the "bootcmd" variable:
fw_setenv bootcmd ""
3. Use sysupgrade with force to restore the backup:
sysupgrade -F ruckus_zf7351_backup.bin
4. System will reboot.
Quirks and known issues:
- Flash layout is changed from the factory, to use both firmware image
partitions for storage using mtd-concat, and uImage format is used to
actually boot the system, which rules out the dual-boot capability.
- Both radio has its own EEPROM on board, not connected to CPU.
- The stock firmware has dual-boot capability, which is not supported in
OpenWrt by choice.
It is controlled by data in the top 64kB of RAM which is unmapped,
to avoid the interference in the boot process and accidental
switch to the inactive image, although boot script presence in
form of "bootcmd" variable should prevent this entirely.
- On some versions of stock firmware, it is possible to obtain root shell,
however not much is available in terms of debugging facitilies.
1. Login to the rkscli
2. Execute hidden command "Ruckus"
3. Copy and paste ";/bin/sh;" including quotes. This is required only
once, the payload will be stored in writable filesystem.
4. Execute hidden command "!v54!". Press Enter leaving empty reply for
"What's your chow?" prompt.
5. Busybox shell shall open.
Source: https://alephsecurity.com/vulns/aleph-2019014
- There is second method to achieve root shell, using command injection
in the web interface:
1. Login to web administration interface
2. Go to Administration > Diagnostics
3. Enter |telnetd${IFS}-p${IFS}204${IFS}-l${IFS}/bin/sh into "ping"
field
4. Press "Run test"
5. Telnet to the device IP at port 204
6. Busybox shell shall open.
Source: https://github.com/chk-jxcn/ruckusremoteshell
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
7c0f603 router: skip RA and wait for LINK-LOCAL to be assigned
ba30afc config: skip interface setup if interface not IFF_RUNNING
06b111e Revert "odhcpd: Reduce error messages"
90d6cc9 odhcpd: Reduce error messages
Also drop AUTORELEASE since it got deprecated.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
SSDK is doing everything custom, so trying to use mold and/or LTO
fails, so lets opt-out of using both of them.
Signed-off-by: Robert Marko <robimarko@gmail.com>
[a.heider: split and switch to PKG_BUILD_FLAGS]
Signed-off-by: Andre Heider <a.heider@gmail.com>
This reduces open coding and allows to easily add a knob to enable
it treewide, where chosen packages can still opt-out via "no-lto".
Some packages used LTO, but not the linker plugin. This unifies 'em
all to attempt to produce better code.
Quoting man gcc(1):
"This improves the quality of optimization by exposing more code to the
link-time optimizer."
Also use -flto=auto instead of -flto=jobserver, as it's not guaranteed
that every buildsystem uses +$(MAKE) correctly.
Signed-off-by: Andre Heider <a.heider@gmail.com>
This reduces open coding and allows to easily add a knob to
enable it treewide, where chosen packages can still opt-out via
"no-gc-sections".
Note: libnl, mbedtls and opkg only used the CFLAGS part without the
LDFLAGS counterpart. That doesn't help at all if the goal is to produce
smaller binaries. I consider that an accident, and this fixes it.
Note: there are also packages using only the LDFLAGS part. I didn't
touch those, as gc might have been disabled via CFLAGS intentionally.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Adds support for the Wallys DR40x9 series boards.
They come in IPQ4019 and IPQ4029 versions.
IPQ4019/4029 only differ in that that IPQ4029 is the industrial version that is rated to higher temperatures.
Specifications are:
* CPU: Qualcomm IPQ40x9 (4x ARMv7A Cortex A7) at 716 MHz
* RAM: 512 MB
* Storage: 2MB of SPI-NOR, 128 MB of parallel NAND
* USB 3.0 TypeA port for users
* MiniPCI-E with PCI-E 2.0 link
* MiniPCI-E for LTE modems with only USB2.0 link
* 2 SIM card slots that are selected via GPIO11
* MicroSD card slot
* Ethernet: 2x GBe with 24~48V passive POE
* SFP port (Does not work, I2C and GPIO's not connected on hardware)
* DC Jack
* UART header
* WLAN: In-SoC 2x2 802.11b/g/n and 2x2 802.11a/n/ac
* 4x MMCX connectors for WLAN
* Reset button
* 8x LED-s
Installation instructions:
Connect to UART, pins are like this:
-> 3.3V | TX | RX | GND
Settings are 115200 8n1
Boot initramfs from TFTP:
tftpboot 0x84000000 openwrt-ipq40xx-generic-wallys_dr40x9-initramfs-fit-uImage.itb
bootm
Then copy the sysupgrade image to the /tmp folder and execute sysupgrade -n <image_name>
The board file binary was provided from Wallystech on March 14th 2023
including full permission to use and distribute.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Netgear WAX218 is a 802.11ax AP claiming AX3600 support. It is wall
or ceiling mountable. It can be powered via PoE, or a 12 V adapter.
The board has footprints for 2.54mm UART headers. They're difficult to
solder because the GND is connected to a large copper plane. Only try
soldering if you are very skilled. Otherwise, use pogo pins.
Specifications:
---------------
* CPU: Qualcomm IPQ8072A Quad core Cortex-A53 2.2GHz
* RAM: 366 MB of RAM available to OS, not sure of total amount
* Storage: Macronix MX30UF2G18AC 256MB NAND
* Ethernet:
* 2.5G RJ45 port (QCA8081) with PoE input
* WLAN:
* 2.4GHz/5GHz with 8 antennas
* LEDs:
* Power (Amber)
* LAN (Blue)
* 2G WLAN (Blue)
* 5G WLAN (Blue)
* Buttons:
* 1x Factory reset
* Power: 12V DC Jack
* UART: Two 4-pin unpopulated headers near the LEDs
* "J2 UART" is the CPU UART, 3.3 V level
Installation:
=============
Web UI method
-------------
Flashing OpenWRT using the vendor's Web UI is problematic on this
device. The u-boot mechanism for communicating the active rootfs is
antiquated and unreliable. Instead of setting the kernel commandline,
it relies on patching the DTS partitions of the nand node. The way
partitions are patched is incompatible with newer kernels.
Newer kernels use the SMEM partition table, which puts "rootfs" on
mtd12. The vendor's Web UI will flash to either mtd12 or mtd14. One
reliable way to boot from mtd14 and avoid boot loops is to use an
initramfs image.
1. In the factory web UI, navigate to System Manager -> Firmware.
2. In the "Local Firmware Upgrade" section, click Browse
3. Navigate and select the 'web-ui-factory.fit' image
4. Click "Upload"
5. On the following page, click on "Proceed"
The flash proceeds at this point and the system will reboot
automatically to OpenWRT.
6. Flash the 'nand-sysupgrade.bin' using Luci or the commandline
SSH method
----------
Enable SSH using the CLI or Web UI. The root account is locked out to
ssh, and the admin account defaults to Netgear's CLI application.
So we need to get creative:
First, make sure the device boots from the second firmware partition:
ssh -okexalgorithms=diffie-hellman-group14-sha1 admin@<ipaddr> \
/usr/sbin/fw_setenv active_fw 1
Then reboot the device, and run the update:
scp -O -o kexalgorithms=diffie-hellman-group14-sha1 \
-o hostkeyalgorithms=ssh-rsa \
netgear_wax218-squashfs-nand-factory.ubi \
admin@<ipaddr>:/tmp/openwrt.ubi
ssh -okexalgorithms=diffie-hellman-group14-sha1 admin@<ipaddr> \
/usr/sbin/ubiformat /dev/mtd12 -f /tmp/openwrt.ubi
ssh -okexalgorithms=diffie-hellman-group14-sha1 admin@<ipaddr> \
/usr/sbin/fw_setenv active_fw 0
Now reboot the device, and it should boot into a ready-to-use OpenWRT.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Tested-by: Francisco G Luna <frangonlun@gmail.com>
Synchronize the ath11k backports with the current ath-next tree.
This brings in actually setting the MU-MIMO parameters in HW and 6GHz
regulatory support along with some minor resource handling fixes.
This allows to easily backport further fixes as cherry picking them has
started requiring manual conflict resolution.
Signed-off-by: Robert Marko <robimarko@gmail.com>
31ff96d ipq806x: add support for Nokia Airscale AC400i
1af1df2 ath11k: ipq8074: add Netgear WAX218
Signed-off-by: Kristjan Krušič <kristjan.krusic@krusic22.com>
Hardware
--------
SoC: Qualcomm IPQ8065
RAM: 512 MB DDR3
Flash: 256 MB NAND (Macronix MX30UF2G18AC) (split into 2x128MB)
4 MB SPI-NOR (Macronix MX25U3235F)
WLAN: Qualcomm Atheros QCA9984 - 2.4Ghz
Qualcomm Atheros QCA9984 - 5Ghz
ETH: eth0 - POE (100Mbps in U-Boot, 1000Mbps in OpenWrt)
eth1 - (1000Mbps in both)
Auto-negotiation broken on both.
USB: USB 2.0
LED: 5G, 2.4G, ETH1, ETH2, CTRL, PWR (All support green and red)
BTN: Reset
Other: SD card slot (non-functional)
Serial: 115200bps, near the Ethernet transformers, labeled 9X.
Connections from the arrow to the 9X text:
[NC] - [TXD] - [GND] - [RXD] - [NC]
Installation
------------
0. Connect to the device
Plug your computer into LAN2 (1000Mbps connection required).
If you use the LAN1/POE port, set your computer to force a 100Mbps link.
Connect to the device via TTL (Serial) 115200n8.
Locate the header (or solder pads) labeled 9X,
near the Ethernet jacks/transformers.
There should be an arrow on the other side of the header marking.
The connections should go like this:
(from the arrow to the 9X text): NC - TXD - GND - RXD - NC
1. Prepare for installation
While the AP is powering up, interrupt the startup process.
MAKE SURE TO CHECK YOUR CURRENT PARTITION!
If you see: "Current Partition is : partB" or
"Need to switch partition from partA to partB",
you have to force the device into partA mode, before continuing.
This can be done by changing the PKRstCnt to 5 and resetting the device.
setenv PKRstCnt 5
saveenv
reset
After you interrupt the startup process again,
you should see: Need to switch partition from partB to partA
You can now continue to the next step.
If you see: "Current Partition is : partA",
you can continue to the next step.
2. Prevent partition switching.
To prevent the device from switching partitions,
we are going to modify the startup command.
set bootcmd "setenv PKRstCnt 0; saveenv; bootipq"
setenv
3. First boot
Now, we have to boot the OpenWrt intifs.
The easiest way to do this is by using Tiny PXE.
You can also use the normal U-Boot tftp method.
Run "bootp" this will get an IP from the DHCP server
and possibly the firmware image.
If it doesn't download the firmware image, run "tftpboot".
Now run "bootm" to run the image.
You might see:
"ERROR: new format image overwritten - must RESET the board to recover"
this means that the image you are trying to load is too big.
Use a smaller image for the initial boot.
4. Install OpenWrt from initfs
Once you are booted into OpenWrt,
transfer the OpenWrt upgrade image and
use sysupgrade to install OpenWrt to the device.
Signed-off-by: Kristjan Krušič <kristjan.krusic@krusic22.com>
This splits the code in 4 files:
- uencrypt.h
- uencrypt.c - main program
- uencrypt-openssl.c - OpenSSL/wolfSSL implementation
- uencrypt-mbedtls - mbedTLS implementation
Other changes, accounting for ~400 bytes increase in ipk size:
- more error condition checking and reporting,
- hide key and iv command line arguments
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This commit includes some additional changes:
- better handling of iv and keys in openssl/wolfssl variants
- fix compiler warnings and whitespace
- build all 3 variants as separate packages
- adjust the new package name in targets' DEVICE_PACKAGES
- remove PKG_FLAGS:=nonshared
[Beeline SmartBox Flash - OK]
Tested-by: Mikhail Zhilkin <csharper2005@gmail.com>
[after test: replaced a hardcoded IV size of 16 by cipher_info->iv_size]
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
d978830 rc: add option to get info for a single script in list method
632b4fc rc: add option to skip running check for list method
5577db9 rc: add support for scanning USE_PROCD and skip running if not supported
4de3f02 rc: fix and improve script scanning START and STOP
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Source BDF files out of project dedicated repository and drop local file
from openwrt main repository.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
odhcp6c logs messages related to its activity when invoked with -v, but
there is no way to configure this from within OpenWrt. This adds a UCI
option to turn on odhcp6c logging, disabled by default. To enable, set,
for example, network.wan6.verbose = 1.
Signed-off-by: Mark Mentovai <mark@mentovai.com>
This fixes a build problem on some targets.
Fixes: 3e9005546a ("kernel: modules: package Microchip LAN743x PCIe gigE driver")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Deactivate the msgpack option. The binutils build might detect the
libmsgpackc.so.2 library and will try to link against it, if it is not
explicitly deactivated.
This prevents the following build errors seen in the build bots.
Package binutils is missing dependencies for the following libraries:
libmsgpackc.so.2
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hardware
--------
SoC: Freescale P1010
RAM: 512MB
FLASH: 1 MB SPI-NOR
512 MB NAND
ETH: 3x Gigabite Ethernet (Atheros AR8033)
SERIAL: Cisco RJ-45 (115200 8N1)
RTC: Battery-Backed RTC (I2C)
Installation
------------
1. Patch U-Boot by dumping the content of the SPI-Flash using a SPI
programmer. The SHA1 hash for the U-Boot password is currently
unknown.
A tool for patching U-Boot is available at
https://github.com/blocktrron/t10-uboot-patcher/
You can also patch the unknown password yourself. The SHA1 hash is
E597301A1D89FF3F6D318DBF4DBA0A5ABC5ECBEA
2. Interrupt the bootmenu by pressing CTRL+C. A password prompt appears.
The patched password is '1234' (without quotation marks)
3. Download the OpenWrt initramfs image. Copy it to a TFTP server
reachable at 10.0.1.13/24 and rename it to uImage.
4. Connect the TFTP server to ethernet port 0 of the Watchguard T10.
5. Download and boot the initramfs image by entering "tftpboot; bootm;"
in U-Boot.
6. After OpenWrt booted, create a UBI volume on the old data partition.
The "ubi" mtd partition should be mtd7, check this using
$ cat /proc/mtd
Create a UBI partition by executing
$ ubiformat /dev/mtd7 -y
7. Increase the loadable kernel-size of U-Boot by executing
$ fw_setenv SysAKernSize 800000
8. Transfer the OpenWrt sysupgrade image to the Watchguard T10 using
scp. Install the image by using sysupgrade:
$ sysupgrade -n <path-to-sysupgrade>
Note: The LAN ports of the T10 are 1 & 2 while 0 is WAN. You might
have to change the ethernet-port.
9. OpenWrt should now boot from the internal NAND. Enjoy.
Signed-off-by: David Bauer <mail@david-bauer.net>
This allows adding backup servers, in case the primary ones fail.
Assume that port and shared secret are going to be the same.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Fix the trivial abscence of $() when assigning engine config files to
the main libopenssl-config package even if the corresponding engines
were not built into the main library.
This is mostly cosmetic, since scripts/ipkg-build tests the file's
presence before it is actually included in the package's conffiles.
Fixes: 30b0351039 "openssl: configure engine packages during install"
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
The bump to 3.0.8 inadvertently removed patches that are needed here,
but were not adopted upstream. The most important one changes the
default value of the DIGESTS setting from ALL to NONE. The absence of
this patch causes a sysupgrade failure while the engine is in use with
digests enabled. When this happens, the system fails to boot with a
kernel panic.
Also, explicitly set DIGESTS to NONE in the provided config file, and
change the default ciphers setting to disable ECB, which has been
recommended for a long time and may cause trouble with some apps.
The config file change by itself is not enough because the config file
may be preserved during sysupgrade.
For people affected by this bug:
You can either:
1. remove, the libopenssl-devcrypto package
2. disable the engine in /etc/config/openssl;
3. change /etc/ssl/engines.cnf.d/devcrypto.cnf to set DIGESTS=NONE;
4. update libopenssl-devcrypto to >=3.0.8-3
However, after doing any of the above, **you must reboot the device
before running sysupgrade** to ensure no running application is using
the engine. Running `/etc/init.d/openssl restart` is not enough.
Fixes: 7e7e76afca "openssl: bump to 3.0.8"
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
binutils 2.39: https://lists.gnu.org/archive/html/info-gnu/2022-08/msg00002.html
binutils 2.40: https://lists.gnu.org/archive/html/info-gnu/2023-01/msg00003.html
This version includes a new libsframe.so library, pack it into the
libbfd package as it is used by this library. Also deactivate some
optional configuration options for now.
An extra patch to fix compile problem in AARCH64 is added.
gprofng needs a C++ standard library, deactivate it for now.
Activate feature-disassembler-init-styled in bpftools too to fix
compilation with the updated binutils.
An bpftool version 7.0 or later is needed for binutils 2.39 and later.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
bpftool changelog: https://github.com/libbpf/bpftool/releases
libbpf changelog: https://github.com/libbpf/libbpf/releases
This updates the bfptool to version 7.1.0. This also includes an update
of the libbpf to version 1.1.
This also adds some new feature options and removes some old ones which
were also removed form the source code. zlib for example is now
mandatory.
Add -flto also to LD flags to make it really work.
Before this change bpftool was on a git commit between version 6.7 and
6.8 and libbpf was on a commit between version 0.7 and 0.8.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
in kernel 5.17, fcd09c90c3c5254b18ef34e30c57c65d34290a84 integrated it
better with thee random framework.
Gives boot time randomness on supported devices.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Changelog:
039a994 Bump version to v1.7.0
3f29d6d pylibfdt: add size_hint parameter for get_path
2022bb1 checks: Update #{size,address}-cells check for 'dma-ranges'
abbd523 pylibfdt: Work-around SWIG limitations with flexible arrays
a41509b libfdt: Replace deprecated 0-length arrays with proper flexible arrays
2cd89f8 dtc: Warning rather than error on possible truncation of cell values
55778a0 libfdt: tests: add get_next_tag_invalid_prop_len
7359034 libfdt: prevent integer overflow in fdt_next_tag
035fb90 libfdt: add fdt_get_property_by_offset_w helper
98a0700 Makefile: fix infinite recursion by dropping non-existent `%.output`
a036cc7 Makefile: limit make re-execution to avoid infinite spin
c6e9210 libdtc: remove duplicate judgments
e37c256 Don't generate erroneous fixups from reference to path
5045465 libfdt: Don't mask fdt_get_name() returned error
e64a204 manual.txt: Follow README.md and remove Jon
f508c83 Update README in MANIFEST.in and setup.py to README.md
c2ccf8a Add description of Signed-off-by lines
90b9d9d Split out information for contributors to CONTRIBUTING.md
0ee1d47 Remove Jon Loeliger from maintainers list
b33a73c Convert README to README.md
7ad6073 Allow static building with meson
fd9b8c9 Allow static building with make
fda71da libfdt: Handle failed get_name() on BEGIN_NODE
c7c7f17 Fix test script to run also on dash shell
01f23ff Add missing relref_merge test to meson test list
ed31080 pylibfdt: add FdtRo.get_path()
c001fc0 pylibfdt: fix swig build in install
26c54f8 tests: add test cases for label-relative path references
ec7986e dtc: introduce label relative path references
651410e util: introduce xstrndup helper
4048aed setup.py: fix out of tree build
ff5afb9 Handle integer overflow in check_property_phandle_args()
ca72944 README: Explain how to add a new API function
c0c2e11 Fix a UB when fdt_get_string return null
cd5f69c tests: setprop_inplace: use xstrdup instead of unchecked strdup
a04f690 pylibfdt: add Property.as_*int*_array()
8310271 pylibfdt: add Property.as_stringlist()
d152126 Fix Python crash on getprop deallocation
17739b7 Support 'r' format for printing raw bytes with fdtget
45f3d1a libfdt: overlay: make overlay_get_target() public
c19a4ba libfdt: fix an incorrect integer promotion
1cc41b1 pylibfdt: Add packaging metadata
db72398 README: Update pylibfdt install instructions
383e148 pylibfdt: fix with Python 3.10
23b56cb pylibfdt: Move setup.py to the top level
69a7607 pylibfdt: Split setup.py author name and email
0b106a7 pylibfdt: Use setuptools_scm for the version
c691776 pylibfdt: Use setuptools instead of distutils
5216f3f libfdt: Add static lib to meson build
4eda259 CI: Cirrus: bump used FreeBSD from 12.1 to 13.0
0a3a9d3 checks: Add an interrupt-map check
8fd2474 checks: Ensure '#interrupt-cells' only exists in interrupt providers
d8d1a9a checks: Drop interrupt provider '#address-cells' check
52a16fd checks: Make interrupt_provider check dependent on interrupts_extended_is_cell
37fd700 treesource: Maintain phandle label/path on output
e33ce1d flattree: Use '\n', not ';' to separate asm pseudo-ops
d24cc18 asm: Use assembler macros instead of cpp macros
ff3a30c asm: Use .asciz and .ascii instead of .string
5eb5927 fdtdump: fix -Werror=int-to-pointer-cast
0869f82 libfdt: Add ALIGNMENT error string
69595a1 checks: Fix bus-range check
72d09e2 Makefile: add -Wsign-compare to warning options
b587787 checks: Fix signedness comparisons warnings
69bed6c dtc: Wrap phandle validity check
9102211 fdtget: Fix signedness comparisons warnings
d966f08 tests: Fix signedness comparisons warnings
ecfb438 dtc: Fix signedness comparisons warnings: pointer diff
5bec74a dtc: Fix signedness comparisons warnings: reservednum
24e7f51 fdtdump: Fix signedness comparisons warnings
Remove upstreamed:
- 0001-Support-r-format-for-printing-raw-bytes-with-fdtget.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
The last mac80211 commits did not refresh the patches.
Refresh:
- ath/402-ath_regd_optional.patch
- ath10k/080-ath10k_thermal_config.patch
- ath10k/974-ath10k_add-LED-and-GPIO-controlling-support-for-various-chipsets.patch
- ath9k/551-ath9k_ubnt_uap_plus_hsr.patch
- rt2x00/602-rt2x00-introduce-rt2x00eeprom.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
They are enabled by selecting devices. Fixes build errors when enabling extra
devices without creating a new config from scratch.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* Fix incorrect error message in case input file opening fails
* Don't close files in case the pointers are invalid
Signed-off-by: David Bauer <mail@david-bauer.net>
This helps bring down rx CPU usage by avoiding calls to the rx handlers in
the slow path. Supports forwarding and local rx, including A-MSDU.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
71d84bfb343e wifi: mt76: mt76x0u: report firmware version through ethtool
99d13130b517 wifi: mt76: support ww power config in dts node
09c614734880 Revert "wifi: mt76: mt7996: rely on mt76_connac2_mac_decode_he_radiotap"
e1c9c1cb50a8 mt76: mt7921: Let PCI core handle power state and use pm_sleep_ptr()
34064dbcd72a wifi: mt76: mt7921e: add pci .shutdown() support
18ccfa73a9e2 wifi: mt76: remove redundent MCU_UNI_CMD_* definitions
282845ce7f3d wifi: mt76: mt7921: fix wrong command to set STA channel
546934dacfd4 wifi: mt76: mt7921: fix PCI DMA hang after reboot
fc2ed0dfc5b0 wifi: mt76: mt7996: Remove unneeded semicolon
1b602db9c235 wifi: mt76: mt7915: unlock on error in mt7915_thermal_temp_store()
ce2438aa616a wifi: mt76: mt7996: fix radiotap bitfield
17ec2146b8f0 wifi: mt76: dynamic channel bandwidth changes in AP mode
ab2d3650a456 wifi: mt76: mt7915: expose device tree match table
90d78253498e wifi: mt76: mt7915: add dev->hif2 support for mt7916 WED device
a69c34a60451 wifi: mt76: mt7915: rework init flow in mt7915_thermal_init()
39079b5e44a7 wifi: mt76: drop the incorrect scatter and gather frame
f9ca70d6367a wifi: mt76: mt7915: add back 160MHz channel width support for MT7915
eff7666e1aa4 wifi: mt76: handle failure of vzalloc in mt7615_coredump_work
920bc6e1fc8e wifi: mt76: do not run mt76_unregister_device() on unregistered hw
b0721b96927b wifi: mt76: connac: refresh tx session timer for WED device
c32d6d849c43 wifi: mt76: usb: fix use-after-free in mt76u_free_rx_queue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Fix hwmon-gsc driver by replacing out-of-tree hwmon-gsc driver with in-tree
driver that was merged in Linux v5.8:
- remove the old out-of-tree module
- add configuration for the in-tree modules
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
If a packet has reached its intended destination, it was bumped to the code
that accepts it, without first checking if a mesh_path needs to be created
based on the discovered source.
Fix this by moving the destination address check further down
Signed-off-by: Felix Fietkau <nbd@nbd.name>
It seems more hardware needs early load of firmware when initialised
to work properly (at least Intel hardware). One of previous case is CPU
microcode, which this series[1] tried to change. The second one is Intel
graphics IC, which needs firmware for controlling DMC circuit (switch
conncted display to DC6 power state). As it stands, the i915 module is
built-in and it seems the hardware can't cope with firmware loaded
later from rootfs, it needs to be supplied when the module is loaded.
Unfortunately we need bootloader to handle the load of firmware in this
case, but as previously mentioned series[1], there was an error when
initrd was hardcoded, instead of testing existence for it and then
loading. To remedy this in later the 55b808e0c4 ('x86: image: add test
module to bootloader') was commited. Which was later accidentally
dropped when grub2 image creation was moved to packages. Therefore bring
back test module, so we can test for cases of existing firmware in
grub.cfg.
1. https://patchwork.ozlabs.org/project/openwrt/cover/20181120162044.16371-1-tomek_n@o2.pl
Fixes: 5a5df62d95 ("x86/grub2: move grub2 image creation to package")
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
The Buffalo LinkStation LS220DE is a dual bay NAS, based on Marvell
Armada 370
Hardware:
SoC: Marvell Armada 88F6707
CPU: Cortex-A9 800 MHz, 1 core
Flash 1: SPI-NOR 1 MiB (U-Boot)
Flash 2: NAND 512 MiB (OS)
RAM: DDR3 256 MiB
Ethernet: 1x 1GbE
USB: 1x 2.0
SATA: 2x 3Gb/s
LEDs/Input: 5x / 2x (1x button, 1x slide-switch)
Fan: 1x casing
Flash instructions, from hard drive:
1. Get access to the "boot" partition at the hard drive where the stock
firmware is installed. It can be done with acp-commander or by
plugging the hard drive to a computer.
2. Backup the stock uImage:
mv /boot/uImage.buffalo /boot/uImage.buffalo.bak
3. Move and rename the Openwrt initramfs image to the boot partition:
mv openwrt-initramfs-kernel.bin /boot/uImage.buffalo
4. Power on the Linkstation with the hardrive inside. Now Openwrt will
boot, but still not installed.
5. Connect via ssh to OpenWrt:
ssh root@192.168.1.1
6. Rename boot files inside boot partition
mount -t ext3 /dev/sda1 /mnt
mv /mnt/uImage.buffalo /mnt/uImage.buffalo.openwrt.bak
mv /mnt/initrd.buffalo /mnt/initrd.buffalo.bak
7. Format ubi partitions at the NAND flash ("kernel_ubi" and "ubi"):
ubiformat /dev/mtd0 -y
ubidetach -p /dev/mtd1
ubiformat /dev/mtd1 -y
8. Flash the sysupgrade image:
sysupgrade -n openwrt-squashfs-sysupgrade.bin
9. Wait until it finish, the device will reboot with OpenWrt installed
on the NAND flash.
Restore the stock firmware:
1. Take the hard drive used for the installation and restore boot backup
files to their original names:
mount -t ext3 /dev/sda1 /mnt
mv /mnt/uImage.buffalo.bak /mnt/uImage.buffalo
mv /mnt/initrd.buffalo.bak /mnt/initrd.buffalo
2. Boot from the hard drive and perform a stock firmware update using
the Buffalo utility. The NAND will be restored to the original
state.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
Release notes:
- Feature: link down event statistics (no option)
- Feature: JSON output for coalesce (-c)
- Feature: new link modes (no option)
- Feature: JSON output for ring (-g)
- Feature: netlink handler for RSS get (-x)
- Fix: fix boolean value output in JSON output
- Fix: fix build errors and warnings
Remove upstreamed patches:
- 100-uapi-Bring-in-if-h.patch
- 101-netlink-Fix-maybe-uninitialized-meters-variable.patch
- 102-raw-marvell-c-Fix-build-with-musl-libc.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
In DHCPv6-PD enabled environments, addresses are assigned to interfaces.
These new functions retrieve the IPv6 assigned prefix(es).
Signed-off-by: Mark Baker <mark@vpost.net>
Synchronize the ath11k backports with the current ath-next tree.
This backports several memory leak issues, PCI IRQ fixup, peer add locking
fix as well as IPQ5018 support, though IPQ5018 support is unused for now.
This allows to easily backport further fixes as cherry picking them has
started requiring manual conflict resolution.
Signed-off-by: Robert Marko <robimarko@gmail.com>
PowerPC CONFIG_ARCH is defined as powerpc, not ppc. Fix that in the
DEPENDS condition.
Arc needs to be built with libatomic. Change the OpenSSL configuration
file, and add it to the libatomic DEPENDS condition.
Fixes: 7e7e76afca "openssl: bump to 3.0.8"
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This patch fixes a corner case when using passwords that are exactly 64
characters in length with mesh mode or passwords longer than 63 characters
with SAE because 'psk' is used instead of 'sae_password'.
SAE is obligatory for 802.11s (mesh point).
The 'psk' option for hostapd is suited for WPA2 and enforces length
restrictions on passwords. Values of 64 characters are treated as PMKs.
With SAE, PMKs are always generated during the handshake and there are no
length restrictions.
The 'sae_password' option is more suited for SAE and should be used
instead.
Before this patch, the 'sae_password' option is only used with mesh mode
passwords that are not 64 characters long.
As a consequence:
- mesh passwords can't be 64 characters in length
- SAE only works with passwords with lengths >8 and <=63 (due to psk
limitation).
Fix this by always using 'sae_password' with SAE/mesh and applying the PMK
differentiation only when PSK is used.
Fixes: #11324
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
[ improve commit description ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
On some devices the chip has RTC but no battery save time.
This leads back to getting the wrong time
and skipping the check of the last file modification date.
This commit ensures that the file time is checked even
if the RTC exists.
which would ordinarily return an approbiate
system time used for e.g. certificate generation.
Tested-on: NanoPi R2S
Signed-off-by: Yuan Tao <ty@wevs.org>
Including kernel.mk moves the package build folder in the linux one, which
is confusing since this isn't building any kernel modules.
package-defaults.mk is already included my package.mk.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Pstore ramoops support is useful even when there isn't an explicit
panic/crash. We can log all kernel messages via a "console", and then
retrieve them in the event of some non-kernel-panic reset (e.g.,
watchdog).
Since the buffer memory is already reserved, there isn't much overhead
to doing this.
The new console files will show up as:
/sys/fs/pstore/console-ramoops-N
Cc: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
FCC ID: A8J-EPG600
Engenius EPG600 is an indoor wireless router with
1 Gb ethernet switch, dual-band wireless,
internal antenna plates, USB, and phone lines (not supported)
this board is a Senao device:
the hardware is equivalent to EnGenius ESR600 (except for phone lines)
the software is Senao SDK which is based on openwrt and uboot
which uses the legacy Senao header with Vendor / Product IDs
to verify the firmware upgrade image.
**Specification:**
- MT7620 SOC MIPS 24kec, 2.4 GHz WMAC, 2x2
- RT5592N WLAN PCI chip, 5 GHz, 2x2
- QCA8337N Gb SW RGMII GbE, SW P0 -- SOC P5, 5 LEDs
- 40 MHz clock
- 16 MB FLASH MX25L12845EMI-10G
- 64 MB RAM NT5TU32M16
- UART console J2, populated
- USB 2.0 port direct to SOC
- 6 GPIO LEDs power, 2G, 5G, wps2g, wps5g, line
- 3 buttons reset, wps, "reg" (registeration)
- 4 antennas internal omni-directional plates
NOT YET SUPPORTED: VoIP
- Si3050-FT + Si3019-FT Voice DAA, SPI control, PCM data
- Phone Ports "TEL", "LINE" RJ11, 4P2C (2 pins)
**MAC addresses:**
MAC address labeled as MAC ADDRESS
MACs present in both wifi cal data and uboot environment
eth0.1/phy1 ---- *:82 rf 0x4
phy0 ---- *:83 factory 0x4
eth0.2 MAC *:b8 "wanaddr"
**Installation:**
Method 1: Firmware upgrade page:
(if you cannot access the APs webpage)
factory reset with the reset button
connect ethernet to a computer
OEM webpage at 192.168.0.1
username and password 'admin'
Navigate to gear icon, "Device Management", "Tools"
select the factory.dlf image
Upload and verify checksum
Method 2: Serial to upload initramfs:
Follow directions for TFTP recovery
upload and boot initramfs and do a sysupgrade
**TFTP recovery:**
Requires UART serial console, reset button does nothing
rename initramfs-kernel.bin to 'uImageEPG600'
make available on TFTP server at 192.168.99.8
power board, interrupt boot with "4"
execute `tftpboot` and `bootm` (with the load address)
**Return to OEM:**
Images from OEM are provided, but not compatible
with openwrt sysupgrade. So it must be modified.
Alternatively, back up all mtd partitions before flashing
**Note on switch registers:**
The necessary registers needed for the QCA8337 switch
can be read from interrupted boot (tftpboot, bootm)
by using the following lines in the switch driver ar8327.c
in the function 'ar8327_hw_config_of'
where 'qca,ar8327-initvals' is parsed from DTS
before the new register values are written:
pr_info("0x04 %08x\n", ar8xxx_read(priv, AR8327_REG_PAD0_MODE));
pr_info("0x08 %08x\n", ar8xxx_read(priv, AR8327_REG_PAD5_MODE));
pr_info("0x0c %08x\n", ar8xxx_read(priv, AR8327_REG_PAD6_MODE));
pr_info("0x10 %08x\n", ar8xxx_read(priv, AR8327_REG_POWER_ON_STRAP));
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Changes:
7f7a9f7 wireless-regdb: update regulatory database based on preceding changes
660a1ae wireless-regdb: Update regulatory info for Russia (RU) on 5GHz
fe05cc9 wireless-regdb: Update regulatory rules for Japan (JP) on 6GHz
d8584dc wireless-regdb: Update regulatory rules for Japan (JP) on 5GHz
c04fd9b wireless-regdb: update regulatory rules for Switzerland (CH)
f29772a wireless-regdb: Update regulatory rules for Brazil (BR)
Signed-off-by: Yuu Toriyama <PascalCoffeeLake@gmail.com>
We currently have build options to customize the IP address used in the
preinit phase of the boot process, but not to set the default LAN IP.
Introduce a boolean build option that, when enabled, results in the IP
address configured for the preinit phase, to be also used as the default
LAN IP address.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Package the Aquantia AQR PHY driver as kmod.
This enables using the Aquantia driver with hwmon support on targets where
hwmon is not compiled-in.
Currently, in case when AQR driver is compiled-in but hwmon core is not
hwmon code in AQR driver will not get compiled because of macro
IS_REACHABLE(CONFIG_HWMON) evaluating to false.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Package kmod-ipt-raw enables CONFIG_IP_NF_RAW and packages
iptable_raw.ko
According to kernel's net/netfilter/Kconfig there are only 3 kernel
symbols that depend on the IP_NF_RAW:
1. NETFILTER_XT_TARGET_CT (xt_CT.ko)
2. NETFILTER_XT_TARGET_NOTRACK (unused symbol?!)
3. NETFILTER_XT_TARGET_TRACE (xt_TRACE.ko)
Now: iptables-mod-conntrack-extra selects kmod-ipt-conntrack-extra which
provides: xt_helper.ko nf_conncount.ko xt_connlimit.ko xt_connmark.ko
xt_recent.ko and xt_connbytes.ko (none of them seems to require
iptable_raw.ko).
It seems there is no explicit reason for iptables-mod-conntrack-extra to
require kmod-ipt-raw (iptables_raw.ko).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Starting from Linux Kernel version 6.3 UBI devices will no longer be
considered virtual, but rather have an MTD device parent. Hence they
will no longer be listed under /sys/devices/virtual/ubi which is
used in multiple places in OpenWrt. Prepare for future kernels by
using /sys/class/ubi instead of /sys/devuces/virtual/ubi.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The standard defines the A-MSDU header length field differently for mesh
compared to other modes. Deal with this accordingly and work around broken
implementations (e.g. ath10k, ath11k).
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Specifications:
- Device: ASUS RT-AX54 (AX1800S/HP,AX54HP)
- SoC: MT7621AT
- Flash: 128MB
- RAM: 256MB
- Switch: 1 WAN, 4 LAN (10/100/1000 Mbps)
- WiFi: MT7905 2x2 2.4G + MT7975 2x2 5G
- LEDs: 1x POWER (blue, configurable)
1x LAN (blue, configurable)
1x WAN (blue, configurable)
1x 2.4G (blue, not configurable)
1x 5G (blue, not configurable)
Flash by U-Boot TFTP method:
- Configure your PC with IP 192.168.1.2
- Set up TFTP server and put the factory.bin image on your PC
- Connect serial port(rate:115200) and turn on AP, then interrupt "U-Boot Boot Menu" by hitting any key
Select "2. Upgrade firmware"
Press enter when show "Run firmware after upgrading? (Y/n):"
Select 0 for TFTP method
Input U-Boot's IP address: 192.168.1.1
Input TFTP server's IP address: 192.168.1.2
Input IP netmask: 255.255.255.0
Input file name: openwrt-ramips-mt7621-asus_rt-ax1800hp-squashfs-factory.bin
- Restart AP aftre see the log "Firmware upgrade completed!"
Signed-off-by: Karl Chan <exkc@exkc.moe>
Removed upstreamed patch: 010-padlock.patch
Changes between 1.1.1s and 1.1.1t [7 Feb 2023]
*) Fixed X.400 address type confusion in X.509 GeneralName.
There is a type confusion vulnerability relating to X.400 address processing
inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
vulnerability may allow an attacker who can provide a certificate chain and
CRL (neither of which need have a valid signature) to pass arbitrary
pointers to a memcmp call, creating a possible read primitive, subject to
some constraints. Refer to the advisory for more information. Thanks to
David Benjamin for discovering this issue. (CVE-2023-0286)
This issue has been fixed by changing the public header file definition of
GENERAL_NAME so that x400Address reflects the implementation. It was not
possible for any existing application to successfully use the existing
definition; however, if any application references the x400Address field
(e.g. in dead code), note that the type of this field has changed. There is
no ABI change.
[Hugo Landau]
*) Fixed Use-after-free following BIO_new_NDEF.
The public API function BIO_new_NDEF is a helper function used for
streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
be called directly by end user applications.
The function receives a BIO from the caller, prepends a new BIO_f_asn1
filter BIO onto the front of it to form a BIO chain, and then returns
the new head of the BIO chain to the caller. Under certain conditions,
for example if a CMS recipient public key is invalid, the new filter BIO
is freed and the function returns a NULL result indicating a failure.
However, in this case, the BIO chain is not properly cleaned up and the
BIO passed by the caller still retains internal pointers to the previously
freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
then a use-after-free will occur. This will most likely result in a crash.
(CVE-2023-0215)
[Viktor Dukhovni, Matt Caswell]
*) Fixed Double free after calling PEM_read_bio_ex.
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
data. If the function succeeds then the "name_out", "header" and "data"
arguments are populated with pointers to buffers containing the relevant
decoded data. The caller is responsible for freeing those buffers. It is
possible to construct a PEM file that results in 0 bytes of payload data.
In this case PEM_read_bio_ex() will return a failure code but will populate
the header argument with a pointer to a buffer that has already been freed.
If the caller also frees this buffer then a double free will occur. This
will most likely lead to a crash.
The functions PEM_read_bio() and PEM_read() are simple wrappers around
PEM_read_bio_ex() and therefore these functions are also directly affected.
These functions are also called indirectly by a number of other OpenSSL
functions including PEM_X509_INFO_read_bio_ex() and
SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
internal uses of these functions are not vulnerable because the caller does
not free the header argument if PEM_read_bio_ex() returns a failure code.
(CVE-2022-4450)
[Kurt Roeckx, Matt Caswell]
*) Fixed Timing Oracle in RSA Decryption.
A timing based side channel exists in the OpenSSL RSA Decryption
implementation which could be sufficient to recover a plaintext across
a network in a Bleichenbacher style attack. To achieve a successful
decryption an attacker would have to be able to send a very large number
of trial messages for decryption. The vulnerability affects all RSA padding
modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
(CVE-2022-4304)
[Dmitry Belyavsky, Hubert Kario]
Signed-off-by: John Audia <therealgraysky@proton.me>
Use ipcalc's return value to react to invalid range specifications.
By simply ignoring the range instead of aborting with an error code,
dnsmasq should still start when there's an error (best effort).
Aborting the config generation or working with invalid range specs leaves
dnsmasq crash-looping which is the right thing to do concerning that
particular interface but it also hinders DHCP service on other interfaces
and DNS on the router itself.
Signed-off-by: Leon M. George <leon@georgemail.eu>
There's hardly an shell logic in ipcalc.sh and a $* that would garble
parameter positions.
Move the awk invokation to the shebang.
A rename from "ipcalc.sh" to "ipcalc" is desirable but could prove tricky
with packages in other repositories depending on the filename.
Signed-off-by: Leon M. George <leon@georgemail.eu>
It's possible to move range boundaries in a way that the start address
lies behind the end address.
Detect this condition and exit with an error message.
Signed-off-by: Leon M. George <leon@georgemail.eu>
With this patch, ipcalc only calculates range boundaries if the
corresponding parameters are supplied.
Signed-off-by: Leon M. George <leon@georgemail.eu>
$BOOTDEV_MAJOR may be empty for many of the uevents parsed in this
function. This condition thus tends to fail benignly (we just skip to
the next device), but it can really clutter the stage2 sysupgrade
stderr, since it looks like the "=" operand doesn't have an appropriate
left-hand argument.
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
The upstream value read from the device seems to already be in bits per
second, so there is no need to multiply by 1000 again (which for typical
values causes an overflow of the 32-bit unsigned integer).
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Inline the preinst.arm-ce script. Support for including was added in
make 4.2 and is not working with older make versions.
Fixes: https://github.com/openwrt/openwrt/issues/11866
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
I've somehow managed to commit wrong package mirror hash in commit 36076b5a40
("ubus: update to version 2022-06-15"), so lets fix it by using a proper
one.
Fixes: 36076b5a40 ("ubus: update to version 2022-06-15")
Reported-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Selecting the environment when booting from SD card has been broken by
a previous commit. Fix it.
Fixes: f46355b4d7 ("uboot-envtools: mediatek_filogic: fix BPi-R3 when no OS is installed")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Selecting the environment when booting from SD card has been broken by
a previous commit. Fix it.
Fixes: 84b5b0f88c ("uboot-envtools: mediatek/mt7622: don't rely on mapped rootfs")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This change ensures compatibility with both types of sysupgrade-tar files.
1. For some boards like xiaomi,redmi-router-ax6s, sysupgrade-tar
is pack in directory `vendor,name/`
2. For some boards like xiaomi,mi-router-3g, sysupgrade-tar is pack
in directory `vendor_name/`
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
Just as lua or the various languages from the package feed.
libucode is the exception, so move it to the libs menu instead.
Signed-off-by: Andre Heider <a.heider@gmail.com>
uhttpd's cmake options all default to ON. Either we set all of them or
none if the defaults need to be changed. Let's go with the latter.
Because support for all modules is always compiled in, remove two unused
and useless config toggles.
uhttpd detects and uses libcrypt itself, no need to add it here again.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Instead of accessing /dev/urandom use the getrandom syscall. This way we
do not have to keep the file open all the time.
This also fixes a compile error with glibc:
--------
px5g-mbedtls.c: In function '_urandom':
px5g-mbedtls.c:48:9: error: ignoring return value of 'read' declared with attribute 'warn_unused_result' [-Werror=unused-result]
48 | read(urandom_fd, out, len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
--------
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
"842" is a compression scheme and this is the software implementation
which is too slow to really use beyond a proof of concept. It can be
selected in ZRAM, ZSWAP, or `fs/pstore`, and is here for completeness.
In general you need a Power8 or better with 842-in-hardware for it to
be fast, but other 842-accelerators are emerging.
Signed-off-by: Tony Butler <spudz76@gmail.com>
FCC ID: A8J-EWS660AP
Engenius EWS660AP is an outdoor wireless access point with
2 gigabit ethernet ports, dual-band wireless,
internal antenna plates, and 802.3at PoE+
**Specification:**
- QCA9558 SOC 2.4 GHz, 3x3
- QCA9880 WLAN mini PCIe card, 5 GHz, 3x3, 26dBm
- AR8035-A PHY RGMII GbE with PoE+ IN
- AR8033 PHY SGMII GbE with PoE+ OUT
- 40 MHz clock
- 16 MB FLASH MX25L12845EMI-10G
- 2x 64 MB RAM
- UART at J1 populated, RX grounded
- 6 internal antenna plates (5 dbi, omni-directional)
- 5 LEDs, 1 button (power, eth0, eth1, 2G, 5G) (reset)
**MAC addresses:**
Base MAC addressed labeled as "MAC"
Only one Vendor MAC address in flash
eth0 *:d4 MAC art 0x0
eth1 *:d5 --- art 0x0 +1
phy1 *:d6 --- art 0x0 +2
phy0 *:d7 --- art 0x0 +3
**Serial Access:**
the RX line on the board for UART is shorted to ground by resistor R176
therefore it must be removed to use the console
but it is not necessary to remove to view boot log
optionally, R175 can be replaced with a solder bridge short
the resistors R175 and R176 are next to the UART RX pin
**Installation:**
2 ways to flash factory.bin from OEM:
Method 1: Firmware upgrade page:
OEM webpage at 192.168.1.1
username and password "admin"
Navigate to "Firmware Upgrade" page from left pane
Click Browse and select the factory.bin image
Upload and verify checksum
Click Continue to confirm and wait 3 minutes
Method 2: Serial to load Failsafe webpage:
After connecting to serial console and rebooting...
Interrupt uboot with any key pressed rapidly
execute `run failsafe_boot` OR `bootm 0x9fd70000`
wait a minute
connect to ethernet and navigate to
"192.168.1.1/index.htm"
Select the factory.bin image and upload
wait about 3 minutes
**Return to OEM:**
If you have a serial cable, see Serial Failsafe instructions
otherwise, uboot-env can be used to make uboot load the failsafe image
ssh into openwrt and run
`fw_setenv rootfs_checksum 0`
reboot, wait 3 minutes
connect to ethernet and navigate to 192.168.1.1/index.htm
select OEM firmware image from Engenius and click upgrade
**TFTP recovery:**
Requires serial console, reset button does nothing
rename initramfs.bin to '0101A8C0.img'
make available on TFTP server at 192.168.1.101
power board, interrupt boot
execute tftpboot and bootm 0x81000000
**Format of OEM firmware image:**
The OEM software of EWS660AP is a heavily modified version
of Openwrt Kamikaze. One of the many modifications
is to the sysupgrade program. Image verification is performed
simply by the successful ungzip and untar of the supplied file
and name check and header verification of the resulting contents.
To form a factory.bin that is accepted by OEM Openwrt build,
the kernel and rootfs must have specific names...
openwrt-ar71xx-generic-ews660ap-uImage-lzma.bin
openwrt-ar71xx-generic-ews660ap-root.squashfs
and begin with the respective headers (uImage, squashfs).
Then the files must be tarballed and gzipped.
The resulting binary is actually a tar.gz file in disguise.
This can be verified by using binwalk on the OEM firmware images,
ungzipping then untaring.
Newer EnGenius software requires more checks but their script
includes a way to skip them, otherwise the tar must include
a text file with the version and md5sums in a deprecated format.
The OEM upgrade script is at /etc/fwupgrade.sh.
OKLI kernel loader is required because the OEM software
expects the kernel to be no greater than 1536k
and the factory.bin upgrade procedure would otherwise
overwrite part of the kernel when writing rootfs.
Note on PLL-data cells:
The default PLL register values will not work
because of the external AR8035 switch between
the SOC and the ethernet port.
For QCA955x series, the PLL registers for eth0 and eth1
can be see in the DTSI as 0x28 and 0x48 respectively.
Therefore the PLL registers can be read from uboot
for each link speed after attempting tftpboot
or another network action using that link speed
with `md 0x18050028 1` and `md 0x18050048 1`.
The clock delay required for RGMII can be applied
at the PHY side, using the at803x driver `phy-mode`.
Therefore the PLL registers for GMAC0
do not need the bits for delay on the MAC side.
This is possible due to fixes in at803x driver
since Linux 5.1 and 5.3
Tested-by: Niklas Arnitz <openwrt@arnitz.email>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
47561aa mimetypes: add audio/video support for apple airplay
6341357 ucode: respect all arguments passed to send()
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds missing HE modes to mac80211_prepare_ht_modes.
Previously mesh without wpa_supplicant would be initialized with 802.11g
/NO-HT only, as this method did not parse channel bandwidth for HE
operation.
Signed-off-by: David Bauer <mail@david-bauer.net>
Update which contains just a following fix:
* ubusd: add lookup command queuing support
Defers and continues a client's lookup command to avoid unnecessary
buffering under load.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This change consolidates Netgear EX7300 series devices into two images
corresponding to devices that share the same manufacturer firmware
image. Similar to the manufacturer firmware, the actual device model is
detected at runtime. The logic is taken from the netgear GPL dumps in a
file called generate_board_conf.sh.
Hardware details for EX7300 v2 variants
---------------------------------------
SoC: QCN5502
Flash: 16 MiB
RAM: 128 MiB
Ethernet: 1 gigabit port
Wireless 2.4GHz (currently unsupported due to lack of ath9k support):
- EX6250 / EX6400 v2 / EX6410 / EX6420: QCN5502 3x3
- EX7300 v2 / EX7320: QCN5502 4x4
Wireless 5GHz:
- EX6250: QCA9986 3x3 (detected by ath10k as QCA9984 3x3)
- EX6400 v2 / EX6410 / EX6420 / EX7300 v2 / EX7320: QCA9984 4x4
Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
1ea5855 partname: Introduce fstools_partname_fallback_scan option
While at it also drop AUTORELEASE from PKG_RELEASE.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Byte swapping code incorrectly uses the number of AES rounds to swap expanded
AES key, while swapping only a single dword in a loop, resulting in swapped
key and partially swapped expanded keys, breaking AES encryption and
decryption on VIA Padlock hardware.
This commit correctly sets the number of swapping loops to be done.
Upstream: 2bcf8e69bd
Acked-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: ValdikSS ValdikSS <iam@valdikss.org.ru>
Dnsmasq DNS cache size is only 150 by default.
Set the uci default value to 1000, so that cache gets used more
and unnecessary DNS queries to upstream can be avoided.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
c0df2a7 iwinfo: add "band" and "mhz" to the scan output
06ad60f iwinfo: add "band" to the freqlist output
b32fd32 iwinfo: add flags to freqlist output
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Bump ABI to 20230121 due to struct changes
f766138 cli: print the flags on the frequency list
8ee7971 lib: add IWINFO_FREQ_FLAG_NAMES
81184d2 nl80211: fix some comments
2c4ee84 nl80211: prefer non-supplicant-based devices
6194aaf nl80211: simplify iterating over phy's devices
acbf4fe nl80211: remove redundant check in nl80211_phy2ifname()
0172c97 cli: print the frequency and band on the scan list
bbe424f cli: print the band on the frequency list
afa147c nl80211: add "mhz" and "band" to iwinfo_scanlist_entry
0d5ea34 nl80211: add "band" to iwinfo_freqlist_entry
dba0f06 nl80211: add support for radiation and indoor chan restriction
7e3d7de iwinfo: reorganize iwinfo header to enum and defines
9b47b03 devices: add USB devices supported by the mt76 driver
c0fda7c utils: skip comment lines when parsing devices.txt
dbc0ee7 cli: describe USB devices as such
891acee devices: add MediaTek MT7628 card
fac0787 devices: add support for declaring compatible matched devices
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
emmc_do_upgrade() relies on identify() from the nand.sh upgrade helper.
This only works because FEATURES=emmc targets also tend to include
FEATURES=nand.
Rename identify_magic() to identify_magic_long() to match the common.sh
style and make it clear it pairs with other *_long() variants (and not,
say *_word()).
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
To bring in isatty() support.
Includes new commits:
be30472bfdbb fs: add `isatty()` function
0a58d510529e nl80211: add support for NL80211_ATTR_MPATH_INFO
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
[ remove additional merge commit ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
ZyXEL NBG7815 is a premium 802.11ax "tri"-band router/AP.
Specifications:
* CPU: Qualcomm IPQ8072A Quad core Cortex-A53 2.2GHz
* RAM: 1 GB 2x Nanya NT5CC256M16ER-EK
* Storage:
* 8MB serial flash Winbond W25Q64DW
* 4GB eMMC flash Kingston EMMC04G-M627
* Ethernet:
* 4x1G RJ45 ports (QCA8074A) with 1x status LED per port
* 1x2.5G RJ45 port (QCA8081) with 1x status LED
* 1x10G RJ45 port (AQR113C) with 1x status LED
* Switch: Qualcomm Atheros QCA8075
* WLAN:
* 2.4GHz: Qualcomm QCN5024 4x4@40MHz 802.11b/g/n/ax 1147 Mbps PHY rate
* 2x 5GHz: Qualcomm QCN5054 4x4 802.11a/b/g/n/ac/ax 2402 PHY rate
* Bluetooth CSR8811 using HSUART, currently unsupported
* USB: 1x USB3.0 Type-A port
* LED-s currently not supported:
* White
* Dark Blu
* Amber
* Purple
* Purple and dark blue
* Red
* Buttons:
* 1x Soft reset
* Power: 12V DC Jack
Installation instructions:
* Disconnect WAN
* Reset device to factory defaults by pushing reset button 15 sec,
LEDs should lit orange color.
* After 5-10 minutes, when the LEDs turn constant dark blue,
put your LAN cable and connect at address 192.168.123.1 by telnet on port 23
* Login with
NBG7815 login: root
password: nbg7815@2019
* cd /tmp/ApplicationData
* wget -O openwrt-ipq807x-generic-zyxel_nbg7815-squashfs-sysupgrade.bin http://...
* wget https://github.com/itorK/nbg7815_tools/blob/main/flash_to_openwrt.sh
* run flash_to_openwrt.sh
If you can't use wget, you can transfer the files via nc.
See https://openwrt.org/inbox/toh/zyxel/nbg7815_armor_g5 for installation details.
Bluetooth usage:
* you need at least package bluez-utils, recommended bluez-daemon
* run following commands to enable and start
hciattach /dev/ttyMSM1 bcsp
hciconfig hci0 up
Many thanks to itorK for his work on this device:
https://github.com/itorK/openwrt/tree/nbg7815
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: André Valentin <avalentin@marcant.net>
Patch the mbedtls source instead of modifying the compile-targets
in the prepare buildstep within OpenWrt.
Signed-off-by: David Bauer <mail@david-bauer.net>
Move defines from header to defconfig
The package build and the Buildbot hang in 'make syncconfig' for
u-boot-ravpower_rp-wd009 because CONFIG_SYS_MIPS_TIMER_FREQ is not in
the .config, causing a console prompt. Also moved two other defines in
defconfig causing duplicate definition warnings.
Fixes: 3d5c5427e1 ("uboot-mediatek: update to U-Boot 2023.01")
Signed-off-by: Jo Deisenhofer <jo.deisenhofer@gmail.com>
The configured u_env partition for the Linksys WHW03 V2 was not correct.
It should have been set to mtd6.
This fix allow to flash the OEM firmware from OpenWRT and to change the
boot partition using fw_setenv.
Fixes: 9e4ede8344 ("ipq40xx: add support for Linksys WHW03 V2")
Signed-off-by: Vincent Tremblay <vincent@vtremblay.dev>
In the version 2023.01, the U-boot image was renamed because of the
upstream change [1]
[1] 87ac4b4b4c
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This uses version 4.23.1 of the dsl_cpe_control package from the Intel
UGW 8.5.2.10 for the VRX518.
Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[rebased]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
[update to 4.23.1, added Jan's vector mac patch, fix warnings,
switch to tag tarball]
Signed-off-by: Andre Heider <a.heider@gmail.com>
[add missing nLine in autoboot script, fix disconnect on termination,
remove unneeded VR9 leftovers in init script]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Signed-off-by: Andre Heider <a.heider@gmail.com>
This uses version 4.23.1 of the drv_dsl_cpe_api package from the Intel
UGW 8.5.2.10 for the VRX518.
Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[rebased and updated for kernel 5.10]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
[update to 4.23.1, switch to tag tarball, update patches]
Signed-off-by: Andre Heider <a.heider@gmail.com>
[added fix for elapsed time and upstream MINEFTR]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Signed-off-by: Andre Heider <a.heider@gmail.com>
This uses version 1.11.1 of the drv_mei_cpe package from the Intel UGW
8.5.2.10 for the VRX518.
Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[updated for kernel 5.10]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
[update to 1.11.1, switch to tag tarball, update patches]
Signed-off-by: Andre Heider <a.heider@gmail.com>
[update for kernel 5.15]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Signed-off-by: Andre Heider <a.heider@gmail.com>
This driver version is also included in Intel UGW 8.5.2.10.
Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[updated for kernel 5.10]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
[update to 1.5.12.4, switch to tag tarball]
Signed-off-by: Andre Heider <a.heider@gmail.com>
[add working software data path]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Signed-off-by: Andre Heider <a.heider@gmail.com>
This driver was picked from the Intel UGW 8.5.2.
Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[updated for kernel 5.10]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
[update to 8.5.2]
Signed-off-by: Andre Heider <a.heider@gmail.com>
[fix masking interrupts and add locking]
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Signed-off-by: Andre Heider <a.heider@gmail.com>
04d7570 jail: fs: don't overwrite existing mount target
6b9629b jail: don't assume positive return value of creat
190f13a init: attempt to mount efivarfs
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Dynalink DL-WRX36 is a AX WIFI router with 4 1G and 1 2.5G ports.
Specifications:
• CPU: Qualcomm IPQ8072A Quad core Cortex-A53 2.2GHz
• RAM: 1024MB of DDR3
• Storage: 256MB Nand
• Ethernet: 4x 1G RJ45 ports (QCA8075) + 1 2.5G Port (QCA8081)
• WLAN:
2.4GHz: Qualcomm QCN5024 2x2 802.11b/g/n/ax 1174 Mbps PHY rate
5GHz: Qualcomm QCN5054 4x4 802.11a/b/g/n/ac/ax 2402 PHY rate
• 1x USB 3.0
• 1 gpio-controlled dual color led (blue/red)
• Buttons: 1x soft reset / 1x WPS
• Power: 12V DC jack
A poulated serial header is onboard (J1004)
the connector size is a 4-pin 2.0 mm JST PH.
RX/TX is working, u-boot bootwait is active, secure boot is enabled.
Notes:
- Serial is completely deactivated in the stock firmware image.
- This commit adds only single partition support, that means
sysupgrade is upgrading the current rootfs partition.
- Installation can be done by serial connection or
SSH access on OEM firmware
Installation Instructions:
Most part of the installation is performed from an initramfs image
running OpenWrt, and there are two options to boot it.
Boot initramfs option 1: Using serial connection (3.3V)
1. Stop auto boot to get to U-boot shell
2. Transfer initramfs image to device
(openwrt-ipq807x-generic-dynalink_dl-wrx36-initramfs-uImage.itb)
Tested using TFTP and a FAT-formatted USB flash drive.
3. Boot the initramfs image
# bootm
Boot initramfs option 2: From SSH access on OEM firmware
1. Copy the initramfs image to a FAT-formatted flash drive
(tested on single-partition drive) and connect it to device USB port.
2. Change boot command so it loads the initramfs image on next boot
Fallback to OEM firmware is provided.
# fw_setenv bootcmd 'usb start && fatload usb 0:1 0x44000000 openwrt-ipq807x-generic-dynalink_dl-wrx36-initramfs-uImage.itb && bootm 0x44000000; bootipq'
3. Reboot the device to boot the initramfs
# reboot
Install OpenWrt from initramfs image:
1. Use SCP (or other way) to transfer OpenWrt factory image
2. Connect to device using SSH (on a LAN port)
3. Check MTD partition table.
rootfs and rootfs_1 should be mtd18 and mtd20
depending on current OEM slot.
# cat /proc/mtd
4. Do a ubiformat to both rootfs partitions:
# ubiformat /dev/mtd18 -y -f /path_to/factory_image
# ubiformat /dev/mtd20 -y -f /path_to/factory_image
5. Set U-boot env variable: mtdids
# fw_setenv mtdids 'nand0=nand0'
6. Get offset of mtd18 to determine current OEM slot
- If current OEM slot is 1, offset is 16777216 (0x1000000)
- If current OEM slot is 2, offset is 127926272 (0x7a00000)
# cat /sys/class/mtd/mtd18/offset
7. Set U-boot env variable: mtdparts
If current OEM slot is 1, run:
# fw_setenv mtdparts 'mtdparts=nand0:0x6100000@0x1000000(fs),0x6100000@0x7a00000(fs_1)'
If current OEM slot is 2, run:
# fw_setenv mtdparts 'mtdparts=nand0:0x6100000@0x7a00000(fs),0x6100000@0x1000000(fs_1)'
8. Set U-boot env variable: bootcmd
# fw_setenv bootcmd 'setenv bootargs console=ttyMSM0,115200n8 ubi.mtd=rootfs rootfstype=squashfs rootwait; ubi part fs; ubi read 0x44000000 kernel; bootm 0x44000000#config@rt5010w-d350-rev0'
9. Reboot the device
# reboot
Note: this PR adds only single partition support, that means sysupgrade is
upgrading the current rootfs partition
Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>
The Edgecore EAP102 is a wall/ceiling mountable AP. The AP can be
powered by either PoE or AC adapter.
Device info:
- IPQ8071-A SoC
- 1GiB RAM
- 256MiB NAND flash
- 32MiB SPI NOR
- 2 Ethernet ports
- 1 Console port
- 2GHz/5GHz AX WLAN
- 2 USB 2.0 ports
Install instructions:
Prerequistes - TFTP server, preferrably within 192.168.1.0/24
Console cable plugged in (115200 8N1 no flow control)
1. Power on device and interrupt u-boot to obtain u-boot CLI
2. set serverip to IP address of the TFTP server:
`setenv serverip 192.168.1.250`
3. Download image from TFTP server:
`tftpboot 0x44000000 openwrt-ipq807x-generic-edgecore_eap102-squashfs-nand-factory.ubi`
4. Flash ubi image to both partitions and reset:
`sf probe
imxtract 0x44000000 ubi
nand device 0
nand erase 0x0 0x3400000
nand erase 0x3c00000 0x3400000
nand write $fileaddr 0x0 $filesize
nand write $fileaddr 0x3c00000 $filesize
reset`
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
Xiaomi AX9000 is a premium 802.11ax "tri"-band router/AP.
Specifications:
* CPU: Qualcomm IPQ8072A Quad core Cortex-A53 2.2GHz
* RAM: 1024MB of DDR3
* Storage: 256MB of parallel NAND
* Ethernet:
* 4x1G RJ45 ports (QCA8075) with 1x status LED per port
* 1x2.5G RJ45 port (QCA8081) with 1x status LED
* WLAN:
* PCI based Qualcomm QCA9889 1x1 802.11ac Wawe 2 for IoT
* 2.4GHz: Qualcomm QCN5024 4x4@40MHz 802.11b/g/n/ax 1147 Mbps PHY rate
* 5.8GHz: Qualcomm QCN5054 4x4@80MHz or 2x2@160MHz 802.11a/b/g/n/ac/ax 2402Mbps PHY rate
* 5GHz: PCI based Qualcomm QCN9024 4x4@160MHz 802.11a/b/g/n/ac/ax 4804Mbps PHY rate
* USB: 1x USB3.0 Type-A port
* LED-s:
* System (Blue and Yellow)
* Network (Blue and Yellow)
* RGB light bar on top in X shape
* Buttons:
* 1x Power switch
* 1x Soft reset
* 1x Mesh button
* Power: 12V DC Jack
Installation instructions:
Obtaining SSH access is mandatory
https://openwrt.org/inbox/toh/xiaomi/ax9000#obtain_ssh_access
Installation is done by the ubiformat method, through SSH:
1. Open an SSH shell to the router
2. Copy the file openwrt-ipq807x-generic-xiaomi_ax9000-initramfs-factory.ubi to the /tmp directory
3. Check which rootfs partition is your router booted in (0 = rootfs | 1 = rootfs_1):
nvram get flag_boot_rootfs
4. Find the rootfs and rootfs_1 mtd indexes respectively:
cat /proc/mtd
Please confirm if mtd21 and mtd22 are the correct indexes from above!
5. Use the command ubiformat to flash the opposite mtd with UBI image:
If nvram get flag_boot_rootfs returned 0:
ubiformat /dev/mtd22 -y -f /tmp/openwrt-ipq807x-generic-xiaomi_ax9000-initramfs-factory.ubi && nvram set flag_boot_rootfs=1 && nvram set flag_last_success=1 && nvram commit
otherwise:
ubiformat /dev/mtd21 -y -f /tmp/openwrt-ipq807x-generic-xiaomi_ax9000-initramfs-factory.ubi && nvram set flag_boot_rootfs=0 && nvram set flag_last_success=0 && nvram commit
6. Reboot the device by:
reboot
Previous commands flashed an ubinized OpenWrt initramfs that will serve as the intermediate step
since OpenWrt uses unified rootfs in order to fully utilize NAND and provide enough space for packages.
Continue in order to pernamently flash OpenWrt:
7. SSH into OpenWrt from one of the LAN ports
8. Copy the file openwrt-ipq807x-generic-xiaomi_ax9000-squashfs-sysupgrade.bin to the /tmp directory
9. Sysupgrade the device:
sysupgrade -n /tmp/openwrt-ipq807x-generic-xiaomi_ax9000-squashfs-sysupgrade.bin
Device will reboot with OpenWrt, and then sysupgrade can be used to upgrade the device when desired.
Signed-off-by: Robert Marko <robimarko@gmail.com>
QNAP 301w is a AX WIFI router with 4 1G and 2 10G ports.
Specifications:
• CPU: Qualcomm IPQ8072A Quad core Cortex-A53 2.2GHz
• RAM: 1024MB of DDR3
• Storage: 4GB eMMC (contains kernel and rootfs) / 8MB NOR
(contains art and u-boot-env)
• Ethernet: 4x 1G RJ45 ports + 2 10G ports (Aquantia AQR113C)
• WLAN:
2.4GHz: Qualcomm QCN5024 4x4 (40 MHz) 802.11b/g/n/ax 1174 Mbps PHY rate
5GHz: Qualcomm QCN5054 4x4 (80 MHz) or 2x2 (160 MHz) 802.11a/b/g/n/ac/ax 2402 PHY rate
• LEDs:
7 x GPIO-controlled dual color LEDs + 2 GPIO-controlled single color LEDs
• Buttons: 1x soft reset / 1x WPS
• Power: 12V DC jack
A poulated serial header is onboard.
RX/TX is working, bootwait is active, secure boot is not enabled.
SSH can be activated in the stock firmware, hold WPS button til the second beep
(yes the router has a buzzer)
SSH is available on port 22200, login with user admin and
password "mac address of the router".
Installation Instructions:
• obtain serial access (https://openwrt.org/inbox/toh/qnap/301w#serial)
• stop auto boot
• setenv serverip 192.168.10.1
• setenv ipaddr 192.168.10.10
• tftpboot the initramfs image
(openwrt-ipq807x-generic-qnap_301w-initramfs-fit-uImage.itb)
• bootm
• make sure that current_entry is set to "0":
"fw_printenv -n current_entry" should be print "0". If not,
do "fw_setenv current_entry 0"
• copy openwrt-ipq807x-generic-qnap_301w-squashfs-sysupgrade.bin
to the device to /tmp folder
• sysupgrade -n /tmp/openwrt-ipq807x-generic-qnap_301w-squashfs-sysupgrade.bin
this flashes openwrt to the first kernel and rootfs partition (mmcblk0p1 / mmcblk0p4)
• reboot
Note: this leaves the second kernel / rootfs parition untouched. So if you want
to go back to stock, stop u-boot autoboot, "setenv current_entry 1" ,
"saveenv", "bootipq".
Stock firmware should start from the second partition.
Then do a firmwareupgrade in the stock gui, that should overwrite the openwrt
in the first partitions
Make 10G Aquantia phy's work:
The aquantia phy's need a firmware to work. This can either be loaded
in linux with a userspace tool or in u-boot.
I was not successfull to load the firmware in linux (aq-fw-download) but luckily there is
aq_load_fw available in u-boot. But first the right firmware needs to write
to the 0:ETHPHYFW mtd partition (it is empty on my device)
Grab the ethphy firmware image from:
https://github.com/kirdesde/nbg7815_gpl/blob/master/target/linux/ipq/ipq807x_64/prebuilt_images/AQR_ethphyfw.mbn
and scp that to openwrt.
Check the 0:ETHPHYFW partition number:
cat /proc/mtd|grep "0:ETHPHYFW", should be mtd10.
Backup the 0:ETHPHYFW partition:
dd if=/dev/mtd10 of=/tmp/ethphyfw.backup, scp ethphyfw.backup to a save place.
Write the new firmware image to the 0:ETHPHYFW partition:
"mtd erase /dev/mtd10", "mtd -n write AQR_ethphyfw.mbn /dev/mtd10".
Reboot to u-boot.
Check if aq_load_fw is working:
"aq_load_fw 0", that checks the firmware and if successfull,
loads iram and dram to one of the aquantia phy's.
If that worked, add the aq_load_fw to the bootcmd:
setenv bootcmd "aq_load_fw 0 && aq_load_fw 8 && bootipq"
"saveenv"
"reset"
Board reboots and the firmware load to both phy's should start and
then openwrt boots.
Check if the 10G ports work.
Note: lan port labeled "10G-2" is configured as WAN port as per default.
All other port are in the br-lan. This can be changed in the network config.
Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>
Edimax CAX1800 is a 802.11 ax dual-band AP
with PoE. AP can be ceiling or wall mount.
Specifications:
• CPU: Qualcomm IPQ8070A Quad core Cortex-A53 1.4GHz
• RAM: 512MB of DDR3
• Storage: 128MB NAND (contains rootfs) / 8MB NOR (contains art and uboot-env)
• Ethernet: 1x 1G RJ45 port (QCA8072) PoE
• WLAN:
2.4GHz: Qualcomm QCN5024 2x2 802.11b/g/n/ax 574 Mbps PHY rate
5GHz: Qualcomm QCN5054 2x2 802.11a/b/g/n/ac/ax 1201 PHY rate
• LEDs:
3 x GPIO-controlled System-LEDs
(form one virtual RGB System-LED)
black_small_square Buttons: 1x soft reset
black_small_square Power: 12V DC jack or PoE (802.3af )
An unpopulated serial header is onboard.
RX/TX is working, bootwait is active, secure boot is not enabled.
SSH can be activated in the stock firmware, but it drops only
to a limited shell .
Installation Instructions:
black_small_square obtain serial access
black_small_square stop auto boot
black_small_square tftpboot the initramfs image (serverip is set to 192.168.99.8 in uboot)
black_small_square bootm
black_small_square copy openwrt-ipq807x-generic-edimax_cax1800-squashfs-nand-factory.ubi
to the device
black_small_square write the image to the NAND:
black_small_square cat /proc/mtd and look for rootfs partition (should be mtd0)
black_small_square ubiformat /dev/mtd0 -f -y openwrt-ipq807x-generic-edimax_cax1800-squashfs-
nand-factory.ubi
black_small_square reboot
Note: Device is not using dual partitioning (NAND contains other partitions
with different manufacture data etc.)
Draytek VigorAP 960C and Lancom LW-600 both look similar, but I haven't checked them.
Signed-off-by: Dirk Buchwalder <buchwalder@posteo.de>
Redmi AX6 is a budget 802.11ax dual-band router/AP
Specifications:
* CPU: Qualcomm IPQ8071A Quad core Cortex-A53 1.4GHz
* RAM: 512MB of DDR3
* Storage: 128MB NAND
* Ethernet: 4x1G RJ45 ports (QCA8075)
* WLAN:
* 2.4GHz: Qualcomm QCN5024 2x2 802.11b/g/n/ax 574 Mbps PHY rate
* 5GHz: Qualcomm QCN5054 4x4@80MHz or 2x2@160MHz 802.11a/b/g/n/ac/ax 2402 PHY rate
* LEDs:
* System (Blue/Yellow)
* Network (Blue/Yellow)
*Buttons: 1x soft reset
*Power: 12V DC jack
Installation instructions:
Obtaining SSH access is mandatory
https://openwrt.org/inbox/toh/xiaomi/xiaomi_redmi_ax6_ax3000#ssh_access
Installation is done by the ubiformat method, through SSH:
1. Open an SSH shell to the router
2. Copy the file openwrt-ipq807x-generic-redmi_ax6-initramfs-factory.ubi to the /tmp directory
3. Check which rootfs partition is your router booted in (0 = rootfs | 1 = rootfs_1):
nvram get flag_boot_rootfs
4. Find the rootfs and rootfs_1 mtd indexes respectively:
cat /proc/mtd
Please confirm if mtd12 and mtd13 are the correct indexes from above!
5. Use the command ubiformat to flash the opposite mtd with UBI image:
If nvram get flag_boot_rootfs returned 0:
ubiformat /dev/mtd13 -y -f /tmp/openwrt-ipq807x-generic-redmi_ax6-initramfs-factory.ubi && nvram set flag_boot_rootfs=1 && nvram set flag_last_success=1 && nvram commit
otherwise:
ubiformat /dev/mtd12 -y -f /tmp/openwrt-ipq807x-generic-redmi_ax6-initramfs-factory.ubi && nvram set flag_boot_rootfs=0 && nvram set flag_last_success=0 && nvram commit
6. Reboot the device by:
reboot
Previous commands flashed an ubinized OpenWrt initramfs that will serve as the intermediate step
since OpenWrt uses unified rootfs in order to fully utilize NAND and provide enough space for packages.
Continue in order to pernamently flash OpenWrt:
7. SSH into OpenWrt from one of the LAN ports
8. Copy the file openwrt-ipq807x-generic-redmi_ax6-squashfs-sysupgrade.bin to the /tmp directory
9. Sysupgrade the device:
sysupgrade -n /tmp/openwrt-ipq807x-generic-redmi_ax6-squashfs-sysupgrade.bin
Device will reboot with OpenWrt, and then sysupgrade can be used to upgrade the device when desired.
Signed-off-by: Zhijun You <hujy652@gmail.com>
Xiaomi AX3600 is a budget 802.11ax dual-band router/AP.
Specifications:
* CPU: Qualcomm IPQ8071A Quad core Cortex-A53 1.4GHz
* RAM: 512MB of DDR3
* Storage: 256MB of parallel NAND
* Ethernet: 4x1G RJ45 ports (QCA8075) with 1x status LED per port
* WLAN:
* PCI based Qualcomm QCA9889 1x1 802.11ac Wawe 2 for IoT
* 2.4GHz: Qualcomm QCN5024 2x2 802.11b/g/n/ax 574 Mbps PHY rate
* 5GHz: Qualcomm QCN5054 4x4@80MHz or 2x2@160MHz 802.11a/b/g/n/ac/ax 2402 PHY rate
* LED-s:
* System (Blue and Yellow)
* IoT (Blue)
* Network (Blue and Yellow)
* Buttons: 1x Soft reset
* Power: 12V DC Jack
Installation instructions:
Obtaining SSH access is mandatory
https://openwrt.org/inbox/toh/xiaomi/xiaomi_ax3600#obtain_ssh_access
Installation is done by the ubiformat method, through SSH:
1. Open an SSH shell to the router
2. Copy the file openwrt-ipq807x-generic-xiaomi_ax3600-initramfs-factory.ubi to the /tmp directory
3. Check which rootfs partition is your router booted in (0 = rootfs | 1 = rootfs_1):
nvram get flag_boot_rootfs
4. Find the rootfs and rootfs_1 mtd indexes respectively:
cat /proc/mtd
Please confirm if mtd12 and mtd13 are the correct indexes from above!
5. Use the command ubiformat to flash the opposite mtd with UBI image:
If nvram get flag_boot_rootfs returned 0:
ubiformat /dev/mtd13 -y -f /tmp/openwrt-ipq807x-generic-xiaomi_ax3600-initramfs-factory.ubi -s 2048 -O 2048 && nvram set flag_boot_rootfs=1 && nvram set flag_last_success=1 && nvram commit
otherwise:
ubiformat /dev/mtd12 -y -f /tmp/openwrt-ipq807x-generic-xiaomi_ax3600-initramfs-factory.ubi -s 2048 -O 2048 && nvram set flag_boot_rootfs=0 && nvram set flag_last_success=0 && nvram commit
6. Reboot the device by:
reboot
Previous commands flashed an ubinized OpenWrt initramfs that will serve as the intermediate step
since OpenWrt uses unified rootfs in order to fully utilize NAND and provide enough space for packages.
Continue in order to pernamently flash OpenWrt:
7. SSH into OpenWrt from one of the LAN ports
8. Copy the file openwrt-ipq807x-generic-xiaomi_ax3600-squashfs-sysupgrade.bin to the /tmp directory
9. Sysupgrade the device:
sysupgrade -n /tmp/openwrt-ipq807x-generic-xiaomi_ax3600-squashfs-sysupgrade.bin
Device will reboot with OpenWrt, and then sysupgrade can be used to upgrade the device when desired.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
Qualcomm NSS-DP is as its name says Qualcomms ethernet driver for the NSS
subsystem (Networking subsystem) built-into various Qualcomm SoCs.
It has 2 modes of operation:
* Without NSS FW and rest of code required for offloading
This is the one that we will use as the amount of kernel patching required
for NSS offloading and the fact that its not upstreamable at all makes it
unusable for us.
Driver in this mode is rather basic, it currently only offers NAPI GRO
(Added by us as part of the fixup) and basically relies on the powerfull
CPU to get good throughput.
* With NSS FW and rest of code required for offloading
In this mode, driver just registers the interfaces and hooks them into
NSS-ECM to allow offloading.
This mode is not viable for use in OpenWrt due to reasons already described
above.
This driver is required for ipq807x to have wired networking until a better
one is available, so lets add the fixed-up version for 5.15 for now.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Qualcomm SSDK is driver for Qualcomm Atheros switches and PHY-s.
It is quite complicated and used by rest of the Qualcomm SDK stack for
anything switch or PHY related.
It is required for IPQ807x support as currently, there is no better driver
for the built-in switch or UNIPHY.
So, lets add the fixed-up version that supports kernel 5.15 for use on
ipq807x target until a better driver is available.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
This is the follow up to the PCI support commit now providing support for
AHB variant as well, though currently only for ipq807x as that is only
OpenWrt supported SoC ath11k supports as well.
Currently, we are disabling coldboot calibration on ipq807x as it does not
work, there is a remoteproc bug that makes it come late out of reset so
disable coldboot until that is fixed.
Also, as ath11k is quite memory hungry, we are introducing a config option
to use the limits for 512MB of RAM, similar to what QCA does downstream but
in way simpler and cleaner way so that 512MB save some RAM.
512MB profile is also set as the default for now.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Qualcomm Atheros IPQ807x is a modern WiSoC featuring:
* Quad Core ARMv8 Cortex A-53
* @ 2.2 GHz (IPQ8072A/4A/6A/8A) Codename Hawkeye
* @ 1.4 GHz (IPQ8070A/1A) Codename Acorn
* Dual Band simultaneaous IEEE 802.11ax
* 5G: 8x8/80 or 4x4/160MHz (IPQ8074A/8A)
* 5G: 4x4/80 or 2x2/160MHz (IPQ8071A/2A/6A)
* 5G: 2x2/80MHz (IPQ8070A)
* 2G: 4x4/40MHz (IPQ8072A/4A/6A/8A)
* 2G: 2x2/40MHz (IPQ8070A/1A)
* 1x PSGMII via QCA8072/5 (Max 5x 1GbE ports)
* 2x SGMII/USXGMII (1/2.5/5/10 GbE) on Hawkeye
* 2x SGMII/USXGMII (1/2.5/5 GbE) on Acorn
* DDR3L/4 32/16 bit up to 2400MT/s
* SDIO 3.0/SD card 3.0/eMMC 5.1
* Dual USB 3.0
* One PCIe Gen2.1 and one PCIe Gen3.0 port (Single lane)
* Parallel NAND (ONFI)/LCD
* 6x QUP BLSP SPI/I2C/UART
* I2S, PCM, and TDMA
* HW PWM
* 1.8V configurable GPIO
* Companion PMP8074 PMIC via SPMI (GPIOS, RTC etc)
Note that only v2 SOC models aka the ones ending with A suffix are
supported, v1 models do not comply to the final 802.11ax and have
lower clocks, lack the Gen3 PCIe etc.
SoC itself has two UBI32 cores for the NSS offloading system, however
currently no offloading is supported.
Signed-off-by: Robert Marko <robimarko@gmail.com>
This is a temporary workaround for supporting multiple cards or AHB+PCI.
There is ongoing upstream work to properly support this based of
advertised FW features, but that is still ongoing.
This is only supported on QCN9074 cards due to FW limitation, so HW ID
is checked in order to prevent breaking QCA6390 and other popular cards.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Package ath11k firmware for AHB devices as well as QCN9074 which is a non
consumer card targeted as a companion for QCA WiSoC-s.
linux-firmware is always out of date for these, so fetch them from Kalle-s
repo like we do for ath10k.
Signed-off-by: Robert Marko <robimarko@gmail.com>
The Arcadyan WE420223-99 is a WiFi AC simultaneous dual-band access
point distributed as Experia WiFi by KPN in the Netherlands. It features
two ethernet ports and 2 internal antennas.
Specifications
--------------
SOC : Mediatek MT7621AT
ETH : Two 1 gigabit ports, built into the SOC
WIFI : MT7615DN
BUTTON: Reset
BUTTON: WPS
LED : Power (green+red)
LED : WiFi (green+blue)
LED : WPS (green+red)
LED : Followme (green+red)
Power : 12 VDC, 1A barrel plug
Winbond variant:
RAM : Winbond W631GG6MB12J, 1GBIT DDR3 SDRAM
Flash : Winbond W25Q256JVFQ, 256Mb SPI
U-Boot: 1.1.3 (Nov 23 2017 - 16:40:17), Ralink 5.0.0.1
Macronix variant:
RAM : Nanya NT5CC64M16GP-DI, 1GBIT DDR3 SDRAM
Flash : MX25l25635FMI-10G, 256Mb SPI
U-Boot: 1.1.3 (Dec 4 2017 - 11:37:57), Ralink 5.0.0.1
Serial
------
The serial port needs a TTL/RS-232 3V3 level converter! The Serial
setting is 57600-8-N-1. The board has an unpopulated 2.54mm straight pin
header.
The pinout is: VCC (the square), RX, TX, GND.
Installation
------------
See the Wiki page [1] for more details, it comes down to:
1. Open the device, take off the heat sink
2. Connect the SPI flash chip to a flasher, e.g. a Raspberry Pi. Also
connect the RESET pin for stability (thanks @FPSUsername for reporting)
3. Make a backup in case you want to revert to stock later
4. Flash the squashfs-factory.trx file to offset 0x50000 of the flash
5. Ensure the bootpartition variable is set to 0 in the U-Boot
environment located at 0x30000
Note that the U-Boot is password protected, this can optionally be
removed. See the forum [2] for more details.
MAC Addresses(stock)
--------------------
+----------+------------------+-------------------+
| use | address | example |
+----------+------------------+-------------------+
| Device | label | 00:00:00:11:00:00 |
| Ethernet | + 3 | 00:00:00:11:00:03 |
| 2g | + 0x020000f00001 | 02:00:00:01:00:01 |
| 5g | + 1 | 00:00:00:11:00:01 |
+----------+------------------+-------------------+
The label address is stored in ASCII in the board_data partition
Notes
-----
- This device has a dual-boot partition scheme, but OpenWRT will claim
both partitions for more storage space.
Known issues
------------
- 2g MAC address does not match stock due to missing support for that in
macaddr_add
- Only the power LED is configured by default
References
----------
[1] https://openwrt.org/inbox/toh/arcadyan/astoria/we420223-99
[2] https://forum.openwrt.org/t/adding-openwrt-support-for-arcadyan-we420223-99-kpn-experia-wifi/132653
Acked-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Signed-off-by: Harm Berntsen <git@harmberntsen.nl>
SOC: Qualcomm IPQ4019
WiFi 1: QCA4019 IEEE 802.11b/g/n
WiFi 2: QCA4019 IEEE 802.11a/n/ac
WiFi 3: QCA8888 IEEE 802.11a/n/ac
Bluetooth: Qualcomm CSR8811 (A12U)
Zigbee: Silicon Labs EM3581 NCP + Skyworks SE2432L
Ethernet: Qualcomm Atheros QCA8072 (2-port)
Flash 1: Mactronix MX30LF4G18AC-XKI
RAM (NAND): SK hynix H5TC4G63CFR-PBA (512MB)
LED Controller: NXP PCA9633 (I2C)
Buttons: Single reset button (GPIO).
- The three WiFis were fully tested and are configured with the same settings as in the vendor firmware.
- The specific board files were submitted to the ATH10k mailing list but I'm still waiting for a reply. They can be removed once they are approved upstream.
- Two ethernet ports are accessible on the device. By default one is configured as WAN and the other one is LAN. They are fully working.
Bluetooth:
========
- Fully working with the following caveats:
- RFKILL need to be enabled in the kernel.
- An older version of bluez is needed as bccmd is needed to configure the chip.
Zigbee:
======
- The spidev device is available in the /dev directory.
- GPIOs are configured the same way as in the vendor firmware.
- Tests are on-going. I am working on getting access to the Silicon Labs stack to validate that it is fully working.
Installation:
=========
The squash-factory image can be installed via the Linksys Web UI:
1. Open "http://192.168.1.1/ca" (Change the IP with the IP of your device).
2. Login with your admin password.
3. To enter into the support mode, click on the "CA" link and the bottom of the page.
4. Open the "Connectivity" menu and upload the squash-factory image with the "Choose file" button.
5. Click start. Ignore all the prompts and warnings by click "yes" in all the popups.
The device uses a dual partition mechanism. The device automatically revert to the previous partition after 3 failed boot attempts.
If you want to force the previous firmware to load, you can turn off and then turn on the device for 2 seconds, 3 times in a row.
It can also be done via TFTP:
1. Setup a local TFTP server and configure its IP to 192.168.1.100.
2. Rename your image to "nodes_v2.img" and put it to the TFTP root of your server.
3. Connect to the device through the serial console.
4. Power on device and press enter when prompted to drop into U-Boot.
5. Flash the partition of your choice by typing "run flashimg" or "run flashimg2".
6. Once flashed, enter "reset" to reboot the device.
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Vincent Tremblay <vincent@vtremblay.dev>
Light and small router ( In Poland operators sells together with MC7010 outdoor modem to provide WIFI inside home).
Device specification
SoC Type: Qualcomm IPQ4019
RAM: 256 MiB
Flash: 128 MiB SPI NAND (Winbond W25N01GV)
ROM: 2MiB SPI Flash (GD25Q16)
Wireless 2.4 GHz (IP4019): b/g/n, 2x2
Wireless 5 GHz (QCA9982): a/n/ac, 3x3
Ethernet: 2xGbE (WAN/LAN1, LAN2)
USB ports: No
Button: 2 (Reset/WPS)
LEDs: 3 external leds: Power (blue) , WiFI (blue and red), SMARTHOME (blue and red) and 1 internal (blue) -- NOTE: Power controls all external led (if down ,all others also not lights even signal is up)
Power: 5VDC, 2,1A via USB-C socket
Bootloader: U-Boot
On board ZWave and Zigbee (EFR32 MG1P232GG..) modules ( not supported by orginal software )
Installation
1.Open MF18A case by ungluing rubber pad under the router and unscrew screws, and connect to serial console port,
with the following pinout, starting from pin 1, which is the topmost pin when the board is upright (reset button on the bottom) :
VCC (3.3V). Do not use unless you need to source power for the converer from it.
TX
RX
GND
Default port configuration in U-boot as well as in stock firmware is 115200-8-N-1.
2.Place OpenWrt initramfs image for the device on a TFTP in the server's root. This example uses Server IP: 192.168.0.2
3.Connect TFTP server to RJ-45 port (WAN/LAN1).
4.Power on MF18A , stop in u-Boot (using ESC button) and run u-Boot commands:
setenv serverip 192.168.0.2
setenv ipaddr 192.168.0.1
set fdt_high 0x85000000
tftpboot 0x84000000 openwrt-ipq40xx-generic-zte_mf18a-initramfs-fit-zImage.itb
bootm 0x84000000
5.Please make backup of original partitions, if you think about revert to stock, specially mtd8 (Web UI) and mtd9 (rootFS). Use /tmp as temporary storage and do:
WEB PARITION
cat /dev/mtd8 > /tmp/mtd8.bin
scp /tmp/mtd8.bin root@YOURSERVERIP:/
rm /tmp/mtd8.bin
ROOT PARITION
cat /dev/mtd9 > /tmp/mtd9.bin
scp /tmp/mtd9.bin root@YOURSERVERIP:/
rm /tmp/mtd9.bin
If you are sure ,that you want to flash openwrt, from uBoot, before bootm, clean rootfs partition with command:
nand erase 0x1800000 0x1D00000
6.Login via ssh or serial and remove stock partitions (default IP 192.168.1.1):
ubiattach -m 9 # it could return error if ubi was attached before or rootfs part was erased before
ubirmvol /dev/ubi0 -N ubi_rootfs # it could return error if rootfs part was erased before
ubirmvol /dev/ubi0 -N ubi_rootfs_data # some devices doesn't have it
7. Install image via :
sysupgrade -n /tmp/openwrt-ipq40xx-generic-zte_mf18a-squashfs-sysupgrade.bin
previously wgeting bin. Sometimes it could print ubi attach error, but please ignore it if process goes forward.
Back to Stock (!!! need original dump taken from initramfs !!!) -------------
Place mtd8.bin and mtd9.bin initramfs image for the device on a TFTP in the server's root. This example uses Server IP: 192.168.0.2
Connect serial console (115200,8n1) to serial console connector .
Connect TFTP server to RJ-45 port (WAN/LAN1).
rename mtd8.bin to web.img and mtd9.bin to root_uImage_s
Stop in u-Boot (using ESC button) and run u-Boot commands:
This will erase Web and RootFS:
nand erase 0x1000000 0x800000
nand erase 0x1800000 0x1D00000
This will restore RootFS:
tftpboot 0x84000000 root_uImage_s
nand erase 0x1800000 0x1D00000
nand write 0x84000000 0x1800000 0x1D00000
This will restore Web Interface:
tftpboot 0x84000000 web.img
nand erase 0x1000000 0x800000
nand write 0x84000000 0x1000000 0x800000
After first boot on stock firwmare, do a factory reset. Push reset button for 5 seconds so all parameters will be reverted to the one printed on label on bottom of the router
As reference was taken MF289F support by Giammarco Marzano stich86@gmail.com and MF286D by Pawel Dembicki paweldembicki@gmail.com
Signed-off-by: Marcin Gajda <mgajda@o2.pl>
This adds basic support for TP-Link EC330-G5u Ver:1.0 router (also known
as TP-Link Archer C9ERT).
Device specification
--------------------
SoC Type: MediaTek MT7621AT
RAM: 128 MiB, Nanya NT5CC64M16GP-DI
Flash: 128 MiB NAND, ESMT F59L1G81MA-25T
Wireless 2.4 GHz (MediaTek MT7615N): b/g/n, 4x4
Wireless 5 GHz (MediaTek MT7615N): a/n/ac, 4x4
Ethernet: 5xGbE (WAN, LAN1, LAN2, LAN3, LAN4)
USB ports: 1xUSB3.0
Button: 4 (Led, WiFi On/Off, Reset, WPS)
LEDs: 7 blue LEDs, 1 orange(amber) LED, 1 white(non-gpio) LED
Power: 12 VDC, 2 A
Connector type: Barrel
Bootloader: First U-Boot (1.1.3), Main U-Boot (1.1.3). Additionally,
original TP-Link firmware contains Image U-Boot (1.1.3).
Serial console (UART)
---------------------
V
+-------+-------+-------+-------+
| +3.3V | GND | TX | RX |
+---+---+-------+-------+-------+
| J2
|
+--- Don't connect
Installation
------------
1. Rename OpenWrt initramfs image to test.bin and place it on tftp server
with IP 192.168.0.5
2. Attach UART, switch on the router and interrupt the boot process by
pressing 't'
3. Load and run OpenWrt initramfs image:
tftpboot
bootm
4. Once inside OpenWrt, switch to the first boot image:
fw_setenv BootImage 0
5. Run 'sysupgrade -n' with the sysupgrade OpenWrt image
Back to Stock
-------------
1. Run in the OpenWrt shell:
fw_setenv BootImage 1
reboot
Recovery
--------
1. Press Reset button and power on the router
2. Navigate to U-Boot recovery web server (http://192.168.0.1/) and upload
the OEM firmware
MAC addresses
-------------
+---------+-------------------+-------------------+-------------+
| | MAC example 1 | MAC example 2 | Algorithm |
+---------+-------------------+-------------------+-------------+
| label | 68:ff:7b:xx:xx:f4 | 50:d4:f7:xx:xx:da | label |
| LAN | 68:ff:7b:xx:xx:f4 | 50:d4:f7:xx:xx:da | label |
| WAN | 72:ff:7b:xx:xx:f5 | 54:d4:f7:xx:xx:db | label+1 [1] |
| WLAN 2g | 68:ff:7b:xx:xx:f4 | 50:d4:f7:xx:xx:da | label |
| WLAN 5g | 68:ff:7b:xx:xx:f6 | 50:d4:f7:xx:xx:dc | label+2 |
+---------+-------------------+-------------------+-------------+
label MAC address was found in factory at 0x165 (text format
xx:xx:xx:xx:xx:xx).
Notes
-----
[1] WAN MAC address:
a. First octet of WAN MAC is differ than others and OUI is not related
to TP-Link company. This probably should be fixed.
b. Flipping bits in first octet and hex delta are different for the
different MAC examples:
+-----------------+----------------+----------------+
| | Example 1 | Example 2 |
+-----------------+----------------+----------------+
| LAN | 68 = 0110 1000 | 50 = 0101 0000 |
| MAC (1st octet) | ^ ^ ^ | |
+-----------------+----------------+----------------+
| WAN | 72 = 0111 0010 | 54 = 0101 0100 |
| MAC (1st octet) | ^ ^ ^ | ^ |
+-----------------+----------------+----------------+
| HEX delta | 0xa | 0x4 |
+-----------------+----------------+----------------+
| DEC delta | 4 | 4 |
+-----------------+----------------+----------------+
c. DEC delta is a constant (4). This looks like a mistake in OEM
firmware and probably should be fixed.
Based on the above, I decided to keep correct OUI and make WAN MAC =
label + 1.
[2] Bootloaders
The device contains 3 bootloaders:
- First U-Boot: U-Boot 1.1.3 (Mar 18 2019 - 12:50:24). The First U-Boot
located on NAND Flash to load next full-feature Uboot.
- Main U-Boot + its backup: U-Boot 1.1.3 (Mar 18 2019 - 12:50:29). This
bootloader includes recovery webserver. Requires special uImages to
continue the boot process:
0x00 (os0, os1) - firmware uImage
0x40 (os0, os1) - standalone uImage (OpenWrt kernel is here)
- Additionally, both slots of the original TP-Link firmware contains
Image U-Boot: U-Boot 1.1.3 (Oct 16 2019 - 08:14:45). It checks image
magics and CRCs. We don't use this U-Boot with OpenWrt.
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
Support for MT7981 and MT7986 has been merged, remove patches.
Tested on a couple of MT7986, MT7622 and MT7623 boards.
MIPS builds are untested.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Currently, ath11k will crash the crash if we try to bringup the monitor
mode interface.
Luckily, it has already been fixed upstream, so backport the patches
fixing it.
Fixes: 93ae4353cd ("mac80211: add ath11k PCI support")
Signed-off-by: Robert Marko <robimarko@gmail.com>
There is currently a problem with making reproducible version of lldpd.
The tool version is generated based on 3 source:
1. .dist-version file in release tar
2. git hash with presence of .git directory
3. current date
Using the codeload tar from github results in getting the repo without
the .git directory and since they are not release tar, we don't have
.dist-version. This results in having lldpd bin with a version set to
the current build time.
Switch to release tar so that we correctly have a .dist-version file and
the version is not based on the build time.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
This fixes a security problem in ksmbd. It currently has the
ZDI-CAN-18259 ID assigned, but no CVE yet.
Backported from:
8824b7af40cc4f3b5a6a
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The bpf plugin provides functionality for loading and interacting with
eBPF modules.
It allows loading full modules and pinned maps/programs and supports
interacting with maps and attaching programs as tc classifiers.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
34cfbb922c96 README.md: various spelling and documentation fixes
ff32355ea645 build: make rtnl/nl80211 depend on linux instead of !APPLE
c0e413c21f7b include: add uc_fn_thisval()
1e4d20932646 Merge pull request #134 from nbd168/thisval
Signed-off-by: Felix Fietkau <nbd@nbd.name>
GCC 12.2.0 shows these error messages:
````
rtl8812au-ct-2021-11-07-39df5596/core/rtw_sta_mgt.c: In function 'rtw_mfree_stainfo':
rtl8812au-ct-2021-11-07-39df5596/core/rtw_sta_mgt.c:210:24: error: the comparison will always evaluate as 'true' for the address of 'lock' will never be NULL [-Werror=address]
210 | if(&psta->lock != NULL)
| ^~
In file included from rtl8812au-ct-2021-11-07-39df5596/include/drv_types.h:109,
from rtl8812au-ct-2021-11-07-39df5596/core/rtw_sta_mgt.c:22:
rtl8812au-ct-2021-11-07-39df5596/include/sta_info.h:95:17: note: 'lock' declared here
95 | _lock lock;
| ^~~~
````
````
CC [M] rtl8812au-ct-2021-11-07-39df5596/os_dep/linux/ioctl_cfg80211.o
rtl8812au-ct-2021-11-07-39df5596/os_dep/linux/ioctl_cfg80211.c: In function 'cfg80211_rtw_scan':
rtl8812au-ct-2021-11-07-39df5596/os_dep/linux/ioctl_cfg80211.c:2176:32: warning: the comparison will always evaluate as 'true' for the address of 'ssid' will never be NULL [-Waddress]
2176 | if(ssids->ssid != NULL
| ^~
In file included from rtl8812au-ct-2021-11-07-39df5596/include/osdep_service_linux.h:88,
from rtl8812au-ct-2021-11-07-39df5596/include/osdep_service.h:41,
from rtl8812au-ct-2021-11-07-39df5596/include/drv_types.h:32,
from rtl8812au-ct-2021-11-07-39df5596/os_dep/linux/ioctl_cfg80211.c:22:
/home/hauke/openwrt/openwrt/staging_dir/target-mips_24kc_musl/usr/include/mac80211/net/cfg80211.h:2364:12: note: 'ssid' declared here
2364 | u8 ssid[IEEE80211_MAX_SSID_LEN];
| ^~~~
````
````
CC [M] rtl8812au-ct-2021-11-07-39df5596/hal/OUTSRC/phydm_debug.o
rtl8812au-ct-2021-11-07-39df5596/hal/OUTSRC/phydm_debug.c: In function 'phydm_cmd_parser':
rtl8812au-ct-2021-11-07-39df5596/hal/OUTSRC/phydm_debug.c:873:28: warning: the comparison will always evaluate as 'true' for the pointer operand in 'input + ((sizetype)i + 1) * 16' must not be NULL [-Waddress]
873 | if(input[i+1]) {
| ^~~~~
rtl8812au-ct-2021-11-07-39df5596/hal/OUTSRC/phydm_debug.c:894:28: warning: the comparison will always evaluate as 'true' for the pointer operand in 'input + ((sizetype)i + 1) * 16' must not be NULL [-Waddress]
894 | if(input[i+1]) {
| ^~~~~
````
This one was only seen on the rockchip/armv8 target:
````
CC [M] rtl8812au-ct-2021-11-07-39df5596/core/rtw_br_ext.o
In function '__nat25_add_pppoe_tag',
inlined from 'nat25_db_handle' at rtl8812au-ct-2021-11-07-39df5596/core/rtw_br_ext.c:909:10:
rtl8812au-ct-2021-11-07-39df5596/core/rtw_br_ext.c:118:9: error: 'memcpy' reading between 2052 and 9220 bytes from a region of size 40 [-Werror=stringop-overread]
118 | memcpy((unsigned char *)ph->tag, tag, data_len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
rtl8812au-ct-2021-11-07-39df5596/core/rtw_br_ext.c: In function 'nat25_db_handle':
rtl8812au-ct-2021-11-07-39df5596/core/rtw_br_ext.c:878:63: note: source object 'tag_buf' of size 40
878 | unsigned char tag_buf[40];
| ^~~~~~~
````
Most of them are looking like real errors to me, but some fixes need a
deeper understanding of the driver and probably bigger changes to the driver.
Ignore these error messages for now. It would be nice if someone would
fix them.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
GCC 12.2.0 shows this false positive error message:
````
uqmi-2022-05-04-56cb2d40/dev.c: In function 'qmi_request_wait':
uqmi-2022-05-04-56cb2d40/dev.c:217:23: error: storing the address of local variable 'complete' in '*req.complete' [-Werror=dangling-pointer=]
217 | req->complete = &complete;
| ~~~~~~~~~~~~~~^~~~~~~~~~~
uqmi-2022-05-04-56cb2d40/dev.c:208:14: note: 'complete' declared here
208 | bool complete = false;
| ^~~~~~~~
uqmi-2022-05-04-56cb2d40/dev.c:208:14: note: 'req' declared here
cc1: all warnings being treated as errors
````
and this one:
````
In file included from uqmi-2022-05-04-56cb2d40/commands.c:28:
In function 'blobmsg_close_table',
inlined from 'cmd_nas_get_cell_location_info_cb' at /home/haukeuqmi-2022-05-04-56cb2d40/commands-nas.c:897:4:
/usr/include/libubox/blobmsg.h:256:9: error: 'c' may be used uninitialized [-Werror=maybe-uninitialized]
256 | blob_nest_end(buf, cookie);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from uqmi-2022-05-04-56cb2d40/commands.c:169:
uqmi-2022-05-04-56cb2d40/commands-nas.c: In function 'cmd_nas_get_cell_location_info_cb':
uqmi-2022-05-04-56cb2d40/commands-nas.c:713:15: note: 'c' was declared here
713 | void *c, *t, *cell, *freq;
| ^
cc1: all warnings being treated as errors
````
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
GCC 12.2.0 shows this false positive error message:
````
In function 'bigger_buffer',
inlined from '__libdw_gunzip' at gzip.c:374:12:
gzip.c:96:9: error: pointer may be used after 'realloc' [-Werror=use-after-free]
96 | b = realloc (state->buffer, more -= 1024);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gzip.c:94:13: note: call to 'realloc' here
94 | char *b = realloc (state->buffer, more);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
````
GCC bug report: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104069
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Update busybox to version 1.36.0
* refresh patches (remove the backported upstream fix)
* refresh config
Config refresh:
Refresh commands, run after busybox is first built once:
cd package/utils/busybox/config/
../convert_menuconfig.pl ../../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-default/busybox-1.36.0
cd ..
./convert_defaults.pl ../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-default/busybox-1.36.0/.config > Config-defaults.in
Manual edits needed after config refresh:
* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in: OpenWrt config TARGET_bcm53xx logic applied to
BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* Config-defaults.in: OpenWrt logic applied to
BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)
* Config-defaults.in: correct the default ports that get reset
BUSYBOX_DEFAULT_FEATURE_HTTPD_PORT_DEFAULT 80
BUSYBOX_DEFAULT_FEATURE_TELNETD_PORT_DEFAULT 23
* config/editors/Config.in: Add USE_GLIBC dependency to
BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* config/shell/Config.in: change at "Options common to all shells" the conditional symbol
SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
(discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
Apparently our script does not see the hidden option while
prepending config options with "BUSYBOX_CONFIG_" which leads to a
missed dependency when the options are later evaluated.)
* Edit a few Config.in files by adding quotes to sourced items in
config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Add a separate firmware package to avoid installing the MT7615 firmware
on all MT7622 target devices by default. Now we only add MT7615 firmware
packages for devices that use MT7615E. This commit also removes the
explicit dependency on kmod-mt7615e to refine the package dependency.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
The mt7915e driver supports MT7915, MT7916 and MT7986 chips. And Only
MT7915 series chips need the MT7915 firmware. To save storage, extract
them from the common code package and create a new package to provide
the firmware.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
The kmod-mt7615-common package does not contain any code that
related to mt7915e Wi-Fi6 driver, so remove it.
Tested on ramips/mt7621: SIM SIMAX1800T
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
A huge rewrite in libpcap was introduced by dc14a7babca1 ("rpcap: have
the server tell the client its byte order.") [0]. The patch
"201-space_optimization.patch" does not apply at all anymore. So remove
it.
Refresh:
- 100-no-openssl.patch
- 102-skip-manpages.patch
Update the "300-Add-support-for-B.A.T.M.A.N.-Advanced.patch" with latest
PR [1].
old ipkg size:
90964 bin/packages/mips_24kc/base/libpcap1_1.10.1-5_mips_24kc.ipk
new ipkg size:
93340 bin/packages/mips_24kc/base/libpcap1_1.10.2-1_mips_24kc.ipk
[0] - dc14a7babc
[1] - https://github.com/the-tcpdump-group/libpcap/pull/980
Signed-off-by: Nick Hainke <vincent@systemli.org>
It's necessary to be able to specify the length
for MAC addresses that are stored in flash, for example,
in a case where it is stored without any delimiter.
Let both offset and length have default values.
Add a sanity check related to partition size.
Also, clean up syntax and unnecessary lines.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
This is a MT7621-based device with 128MB NAND flash, 256MB RAM, and a USB port.
The board has headers to attach console. In order for them to work two solder
bridges near those pads need to be made.
The defice has the following partition table:
```
0x000000000000-0x000000080000 : "u-boot"
0x000000080000-0x000000100000 : "u-boot-env"
0x000000100000-0x000000140000 : "factory"
0x000000140000-0x000007e00000 : "firmware"
0x000007e00000-0x000008000000 : "panic-ops"
```
`firmware` partition contains UBI volumes. Unfortunately I accidentally wiped
partition and I no longer have access to it.
`firmware` partition contains 'secondary' U-Boot which is run by 'first' u-boot.
It also contains various configuration partitions that include device info and
MAC address. There also seems to be 'primary' and 'backup' set of 'main' volumes.
U-boot has `mtkupgrade` command that just overrides data on firmware partitions.
Firmware file provided by TP-Link cannot be used with that command.
U-boot also has 'recovery' http server. Unfortunately I was not able to make it
work with manufacturer's firmware.
Manufacturer's firmware essentially contains multiple UBI volumes along with
'partition table'. Unfortunately I no longer can properly run manufacturer's
firmware so I cannot at the moment try to a support for building 'factory' images.
This patch adds support for initramfs image as well as sysupgrade image.
This seems to be pretty standard MT7621 board otherwise.
Things that work:
* network
* leds
* usb
* factory MAC detection
Signed-off-by: Nikolay Martynov <mar.kolya@gmail.com>
def7755c459d add missing copyright headers
f68307fd96d7 add hairpin mode support
9ee8f433ba4e nl: do not pass NDA_VLAN with vid=0
978c1f9eed07 add support for the bridge port isolated flag
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The ABI of the wolfssl library changed a bit between version 5.5.3 and
5.5.4. This release update will trigger a rebuild of all packages which
are using wolfssl to make sure they are adapted to the new ABI.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This converts the trusted firmware arm build Makefile to make use of
the common trusted-firmware-a.mk file. This also fixes the build with
binutils 2.39.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Without these changes it used the system LDFLAGS for the compilation of
the cryptopp library. This does not always work when we add
"-no-warn-rwx-segments" which is done to support binutils 2.39 inside of
OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Make use of the definitions from trusted-firmware-a.mk to build the
Trusted firmware arm. This fixes the build with binutils 2.39.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is used to access footer data in firmare files, and is simpler and
less error-prone than using 'dd' with calculated offsets.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Update the board name defined in DTS to match online documentation and the
name encoded into factory firmware. This helps supports flashing firmware
factory images using 'sysupgrade'.
Original WHW01 device definition assumes the rootfs IMAGE_SIZE is 33 MB
instead of the correct 74 MB, and defines factory images which include
extra adjustments/padding that do not match OEM factory images and may
cause problems flashing. Update image size and build recipe to fix these.
Suggested-by: Wyatt Martin <wawowl@gmail.com>
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.
Fixes the following CVEs:
* CVE-2022-46393: Fix potential heap buffer overread and overwrite in
DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
* CVE-2022-46392: An adversary with access to precise enough information
about memory accesses (typically, an untrusted operating system
attacking a secure enclave) could recover an RSA private key after
observing the victim performing a single private-key operation if the
window size used for the exponentiation was 3 or smaller.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
