2c843b2bc04c Add initial GitLab CI support
073f89f567c0 uclient-fetch: wolfSSL: fix certificate validation
086c292160ac uclient-fetch: init_ca_cert: fix memory leak
a3c1a88b031a cmake: enable extra compiler checks
32ff717ed316 uclient-http: fix extra compiler warnings on mips_24kc and cortex-a9+neon
86a2ac6ac46f uclient-fetch: fix potential memory leaks
158dd9dd289c uclient: fix initialized but never read variable
66b4420856a7 uclient-fetch: fix statement may fallt hrough
436f9b3af2ad uclient-http: fix freeing of stack allocated memory
e6b5b8a98ce2 Fix extra compiler warnings
12df67e45bb0 Add basic cram based unit tests
b6e34845124f cmake: fix building out of the tree
Signed-off-by: Petr Štetiar <ynezz@true.cz>
68d09243b6fd Add initial GitLab CI support
8280140db9d1 wolfssl: remove now deprecated compatibility code
cee6791b362a ustream-mbedtls: fix certificate verification
55c3fd89d508 ustream-mbedtls: implement set_require_validation
c6b4c48689a3 ustream-openssl: wolfSSL: fix certificate validation
3bc05402bfab cmake: enable extra compiler checks
cd2c3d12db43 ustream-mbedtls: fix comparison of integers of different signs
5896991e46a3 ustream-openssl: fix BIO_method memory leak
2c342ae57c5b ustream-openssl: fix wolfSSL includes
fa8ecd6ed140 cmake: fix linking when mbed TLS not in default paths
63656f81045f cmake: fix linking when wolfSSL not in default paths
c26f71e844df cmake: fix building out of the tree
Signed-off-by: Petr Štetiar <ynezz@true.cz>
gcc 10 defaults to -fno-common, which causes an error
when linking.
Back-port the following Linux kernel commit to fix it:
e33a814e772c (scripts/dtc: Remove redundant YYLOC global declaration)
Tested on an Arch Linux host with gcc 10.1.0
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
0c6fb90 jffs2-reset: allow doing a factory reset and passing a sysupgrade.tgz
4862530 mount: restorecon: guard against execl() errors
f415323 block: replace local mkdir_p implementation
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add new utility function mkdir_p(char *path, mode_t mode) to replace
the partially buggy implementations found accross fstools and procd.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
You shouldn't need the overhead of GRE just to add multicast
capability on a point-to-point interface (for instance, you might
want to run mDNS over IPsec transport connections, and Avahi
requires IFF_MULTICAST be set on interfaces, even point-to-point
ones).
Borrowed heavily from:
b3c9321b9e gre: Support multicast configurable gre interfaces
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Fixes: CVE-2020-1971, defined as high severity, summarized as:
NULL pointer deref in GENERAL_NAME_cmp function can lead to a DOS
attack.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This add support for USB-to-Ethernet Aquantia AQtion
5/2.5GbE adapters based on the AQC111U controllers.
Run-tested: x86
Adapter-tested: Sabrent NT-SS5G
Signed-off-by: Marty Jones <mj8263788@gmail.com>
Bump package version after previous changes.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
binary size cost is much less than 1k.
tested on ath79/generic:
bin: 215128 -> 215132 (+4b)
ipk: 111183 -> 111494 (+311b)
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
this commit removes manual recipes for options and introduces mapping lists:
- DB_OPT_COMMON holds option mappings which are common for all builds;
- DB_OPT_CONFIG holds option mappings which are depend on config settings.
DB_OPT_COMMON is space-separated list of 'words', each of them is in format:
'header_option|value'
'header_option' is added with value 'value' to 'localoptions.h'.
if 'header_option' is preceded by two exclamation marks ('!!')
then option is not added to 'localoptions.h' but replaced in 'sysoptions.h'.
in short:
option|value - add option to localoptions.h
!!option|value - replace option in sysoptions.h
DB_OPT_CONFIG is space-separated list of 'words', each of them is in format:
'header_option|config_variable|value_enabled|value_disabled'
'header_option' is handled likewise in DB_OPT_COMMON.
if 'config_variable' is enabled (technically: not disabled)
then 'header_option' is set to 'value_enabled' and 'value_disabled' otherwise.
in short:
option|config|enabled|disabled = add option to localoptions.h
!!option|config|enabled|disabled = replace option in sysoptions.h
option := (config) ? enabled : disabled
If you're not sure that option's value doesn't have '|' within - add your recipe
manually right after '$(Build/Configure/dropbear_headers)' and write some words
about your decision.
PS about two exclamation marks:
early idea was to use one exclamation mark to denote such header options
but then i thought single exclamation mark may be overlooked by mistake.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
- add two helper functions to avoid mistakes with
choice of correct header file to work with
- update rules accordingly
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
put static options at first place, then place configurable options.
also put DROPBEAR_ECC right before DROPBEAR_ECC_FULL to ease maintainance.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
this option was disabled in 2011 and these long nine years showed us that change was definitely wrong.
binary size cost is much less than 1k.
tested on ath79/generic:
bin: 215128 -> 215128 (no change)
ipk: 111108 -> 111183 (+75b)
Fixes: 3c801b3dc0 ("tune some more options by default to decrease size")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
This dd flag ensures that the requested size
is retrieved from pipes or special filesystems (if available).
Without this flag, on multi-core systems,
Piped or special filesystem data can be truncated
when a size greater than PIPE_BUF is requested.
Fixes: FS#3494
Fixes: 7557e7f ("package/base-files: caldata: work around dd's
limitation")
Cc: Thibaut VARÈNE <hacks@slashdirt.org>
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
This enables all OpenSSL API available. It is required to avoid some
silent failures, such as when performing client certificate validation.
Package size increases from 356.6K to 374.7K for
arm_cortex-a9_vfpv3-d16.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tnis adds the --enable-lighty option to configure, enabling the minimum
API needed to run lighttpd, in the packages feed. Size increase is
about 120 bytes for arm_cortex-a9_vfpv3-d16.
While at it, speed up build by disabling crypt bench/test.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
efb26a3 libopkg: remove "extra_data" option
1d67ab7 libopkg: remove support for "dist" config
Reduces opkg size by about 400 Bytes.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The package has no reason to be in openwrt.git. Move it to packages.git.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Acked-by: Jo-Philipp Wich <jo@mein.io>
The lldpd sources ship a modified local AX_LIB_READLINE M4 macro which
conflicts with the official macro shipped by autoconf-archive.
Due to the official macro having the same name and a higher serial
number, autoconf will prefer including that one instead of the local
copy, preventing the substitution of @READLINE_LIBS@ in Makefile.in
templates, ultimately leading to the following build failure when
linking lldpcli:
...-gcc: error: READLINE_LIBS@: No such file or directory
Avoid this problem by renaming the locally shipped macro to not clash
with the official implementation anymore.
Ref: https://github.com/lldpd/lldpd/pull/423
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This updates uboot-envtools with the updated names from ramips
target.
Fixes: 6d4382711a ("ramips: use full names for Xiaomi Mi Router devices")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This is a neat project, but offers no benefit to OpenWrt. The initial
reason for it was to be a replacement for libstdcpp as it is smaller
and lacks compatibility for C++98. Unfortunately, compiling several
packages with it results in larger ipk sizes.
While not a member of the packages feed, this will be moved to
packages-abandoned to keep it somewhere.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The build option `--withouth-lzo` is added in the Makefile which makes
the existence of lzo obsolete. To remove the lzo package from
openwrt.git entirely, remove the legacy dependency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[improved commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
Zstd is supported by the crypto API since Linux 4.18. Enable this feature and
reveal the package in the configuration section, so the user can select it.
This allows zstd to be used as a compression algorithm in zram, for example.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Set legacy_rates to 0 by default to disable 802.11b data rates by default.
The time has long come where 802.11b DSSS/CCK data rates should be disabled
by default in OpenWRT. Users in need of 802.11b client support can reasonably
enable these where they are needed.
The balance of equities has significantly, and for a long time, tipped
such that dropping backwards compatibility by default with 802.11b
devices is appropriate, proportionate and justified. By doing so,
management and control traffic is moved by default to a 20
MHz wide 6 Mb/s OFDM data rate instead of a 22 MHz wide 1 Mb/s DSSS data
rate. This is significantly more airtime efficient.
Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
This sets the --cross-compile-prefix option when running Configure, so
that that it will not use the host gcc to figure out, among other
things, compiler defines. It avoids errors, if the host 'gcc' is
handled by clang:
mips-openwrt-linux-musl-gcc: error: unrecognized command-line option
'-Qunused-arguments'
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com>
faed29a dhcpv6: only refresh timers when reconfigure is valid
9c50975 dhcpv6: fix printing identity association id
a7b2221 dhcpv6: avoid sending continuous renew/rebind messages
d7afa2b dhcpv6: add extra syslog info traces
f5728e4 odhcp6c_find_entry: exclude priority from the list of fields that must match
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The include/trusted-firmware-a.mk file is based on the
include/u-boot.mk file and should be used to build a Trusted Firmware-A
(TFA) which was previously named Arm trusted firmware.
This is useful for targets where the TFA is board specific like for
Marvell SoCs and probably also NXP Layerscape SoCs.
This also makes use of this abstraction in the
arm-trusted-firmware-mvebu package to build board specific ATF binaries.
The ATF binaries will be automatically activated and build when the
board is selected in the normal build or all boards are selected. This
should also activate the build when build bot creates images.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
d6bd1047d004 vlandev: dump vlan id in device status
e0c838bd06a6 vlandev: support bridge-vlan aliases in the vid config parameter
574dc4a17105 system-dummy: print configured mac address
14f0e8ff928f system-linux: simplify mask check in system_if_apply_settings
524310276f20 system-linux: move device settings handling to device.c
42c48866f1c1 config: parse default mac address from board.json
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add code for setting mac addresses inside board.json and rendering
them out to uci. On switches we want to have a unique MAC on each port.
With 48 port switches that would require 48 device sections in
/etc/config/network. Doing so via board.json is easier.
Signed-off-by: John Crispin <john@phrozen.org>
Similar to the previous commit adding a check to the init script of
umdns, do a similar change for sysntpd, just to be on the safe side.
Inspired-by: 520403cd49 ("umdns: add check for seccomp list")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This should fix an issue when user have a router with enabled seccomp
and tries to run umdns package which was build with SDK with disabled
seccomp support.
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Add a cell_density option to configure data rates for normal, high and
very high cell density wireless deployments.
The purpose of using a minimum basic/mandatory data rate that is higher
than 6 Mb/s, or 5.5 Mb/s (802.11b compatible), in high cell density
environments is to transmit broadcast/multicast data frames using less
airtime or to reduce management overheads where significant co-channel
interference (CCI) exists and cannot be avoided.
Caution: Without careful design and validation, configuration of a too
high minimum basic/mandatory data rate can sacrifice connection stability
or disrupt the ability to reliably connect and authenticate for little to
no capacity benefit. This is because this configuration affects the
ability of clients to hear and demodulate management, control and
broadcast/multicast data frames.
Deployments that have not been specifically designed and validated are
usually best suited to use 6, 12 and 24 Mb/s as basic/mandatory data
rates.
Only usually seek to configure a 12 Mb/s, or 11 Mb/s (802.11b
compatible), minimum basic/mandatory rate in high cell density
deployments that have been designed and validated for this.
For many deployments, the minimum basic/mandatory data rate should not be
configured above 12 Mb/s to 18 Mb/s, 24 Mb/s or higher. Such a
configuration is only appropriate for use in very high cell density
deployment scenarios.
A cell_density of Very High (3) should only be used where a deployment
has a valid use case and has been designed and validated specifically for
this use, nearly always with highly directional antennas - an example
would be stadium deployments. For example, with a 24 Mb/s OFDM minimum
basic/mandatory data rate, approximately a -73 dBm RSSI is required to
decode frames. Many clients will not have roamed elsewhere by the time
that they experience -73 dBm and, where they do, they frequently may not
hear and be able to demodulate beacon, control or broadcast/multicast
data frames causing connectivity issues.
There is a myth that disabling lower basic/mandatory data rates will
improve roaming and avoid sticky clients. For 802.11n, 802.11ac and
802.11ax clients this is not correct as clients will shift to and use
lower MCS rates and not to the 802.11b or 802.11g/802.11a rates that are
able to be used as basic/mandatory data rates.
There is a myth that disabling lower basic/mandatory data rates will
ensure that clients only use higher data rates and that better
performance is assured. For 802.11n, 802.11ac and 802.11ax clients this
is not correct as clients will shift around and use MCS rates and not the
802.11b or 802.11g/802.11a rates that able to be used as basic/mandatory
data rates.
Cell Density
0 - Disabled (Default)
Setting cell_density to 0 does not configure data rates. This is the
default.
1 - Normal Cell Density
Setting cell_density to 1 configures the basic/mandatory rates to 6, 12
and 24 Mb/s OFDM rates where legacy_rates is 0. Supported rates lower
than the minimum basic/mandatory rate are not offered.
Setting cell_density to 1 configures the basic/mandatory rates to the 5.5
and 11 Mb/s DSSS rates where legacy_rates is 1. Supported rates lower
than the minimum basic/mandatory rate are not offered.
2 - High Cell Density
Setting the cell_density to 2 configures the basic/mandatory rates to the
12 and 24 Mb/s OFDM rates where legacy_rates is 0. Supported rates lower
than the minimum basic/mandatory rate are not offered.
Setting the cell_density to 2 configures the basic/mandatory rates to the
11 Mb/s DSSS rate where legacy_rates is 1. Supported rates lower than the
minimum basic/mandatory rate are not offered.
3 - Very High Cell Density
Setting the cell_density to 3 configures the basic/mandatory rates to the
24 Mb/s OFDM rate where legacy_rates is 0. Supported rates lower than the
minimum basic/mandatory rate are not offered.
Setting the cell_density to 3 only has effect where legacy_rates is 0,
else this has the same effect as being configured with a cell_density of 2.
Where specified, the basic_rate and supported_rates options continue to
override both the cell_density and legacy_rates options.
Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
All firmwares were added to linux-firmware, so there's no need to keep this
package definitions.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Instead of duplicating board firmware binaries, which are exactly the same
as the ones from linux-firmware, add dependencies and remove duplicated
downloads.
Runtime-tested on ath79 (TP-Link Archer C7 v2) and ipq806x (Netgear R7800).
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Split ath10k firmwares into board and firmware packages.
This way we can add dependencies to ath10k-ct firmware packages.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
I've just noticed on i.mx6 target, that there are missing kernel symbols
so I'm fixing it.
Fixes: 3c5d70ad26 ("kernel: add module support Solarflare network adapter")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Support installations without root-overlayfs (and hence without /rom)
when migrating user accounts.
Signed-off-by: Imran Khan <gururug@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[simplified patch, bumped PKG_RELEASE, cleaned message]
3019f50 jail: leak less memory
7e01453 jail: fix segfault on missing name and refactor
5abee8f jail: fix and simplify userns uid/gid maps from OCI
4ba72ec jail: relax /etc/resolv.conf creation
db5ef86 jail: don't use NULL arguments for mount syscall
19ac9df jail: don't fail if can't mount-bind /etc/resolv.conf
acf36f2 jail: seteuid before clone(CLONE_NEWUSER)
e40828f jail: fix typo in usage output
b87984b jail: don't attempt to mount /sys with noatime
b275b11 jail: enter existing cgroups namespace if given
31e0a46 jail: properly initialize timens_fd
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Added PKG_INSTALL to avoid using an explicit define Build/Compile
Added PKG_BUILD_PARALLEL for faster compilation.
Removed TARGET_CLAFGS. They are no longer necessary.
fPIC is default now. So is gnu99. -DUSE_DOS is a hack to include old
and mostly unused conversions.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
- Removed following patches:
100-strip_charsets.patch - makes the full variant slim.
101-autotools.patch - this one fails to apply because it was backported
from newer versions for 1.11.1.
103-configure_ac_fix.patch - backported from newer versions
200-work-with-libtool2.patch - is not needed anymore, it is done
differently in upstream
300-fortify-source-compat.patch - these files are not there anymore
- TVHeadend requires working iconv library e.g. transliteration to ASCII
and this does not work with libiconv-full currently.
There is a simple test, which requires to install iconv package.
Before applying this update:
root@turris:/# echo ŽluťoučkýKůň | iconv -t ASCII//TRANSLIT//IGNORE
luoukK
After applying this update:
root@turris:~# echo ŽluťoučkýKůň | iconv -t ASCII//TRANSLIT//IGNORE
Zlutouck'yKun
- Makefile changes:
Use HTTPS for their website
Fixed deprecated SPDX License Identifier
Move PKG_MAINTAINER above PKG_LICENSE
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com> [malta]
compiler warns that exit() isn't defined so checks for build system
compiler fail.
include <stdlib.h> to define exit()
Tested under macos Catalina & Big Sur
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Several variables in hostapd.sh can be used uninitialized in numerical
comparisons, causing errors in logread:
netifd: radio24 (1668): sh: out of range
Set defaults for those variables to silence those errors.
Fixes: b518f07d4b ("hostapd: remove ieee80211v option")
Fixes: cc80cf53c5 ("hostapd: add FTM responder support")
Fixes: e66bd0eb04 ("hostapd: make rrm report independent of ieee80211k setting")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Since we are using mac80211 5.8, let's also switch the ath10k-ct driver
to the new 5.8 version.
Modify patches so they patch the new ath10k-ct driver version.
Adapt 164-ath10k-commit-rates-from-mac80211.patch.
Drop upstreamed 205-ath10k-Add-NL80211_EXT_FEATURE_AQL-flag.patch.
Drop the other options for CT_KVER from the comment, as it is incorrect
and there are too many versions to sum up and maintain there.
Runtime-tested on ath79 (D-Link DAP-2695-A1, TP-Link EAP245-v3).
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This commit adds support for Xiaomi's Mi Router 4C device.
Specifications:
- CPU: MediaTek MT7628AN (580MHz)
- Flash: 16MB
- RAM: 64MB DDR2
- 2.4 GHz: IEEE 802.11b/g/n with Integrated LNA and PA
- Antennas: 4x external single band antennas
- WAN: 1x 10/100M
- LAN: 2x 10/100M
- LEDs: 2x yellow/blue. Programmable (labelled as power on case)
- Non-programmable (shows WAN activity)
- Button: Reset
How to install:
1- Use OpenWRTInvasion to gain telnet and ftp access.
2- Push openwrt firmware to /tmp/ using ftp.
3- Connect to router using telnet. (IP: 192.168.31.1 -
Username: root - No password)
4- Use command "mtd -r write /tmp/firmware.bin OS1" to flash into
the router..
5- It takes around 2 minutes. After that router will restart itself
to OpenWrt.
Signed-off-by: Ataberk Özen <ataberkozen123@gmail.com>
[wrap commit message, bump PKG_RELEASE for uboot-envtools, remove
dts-v1 from DTS, fix LED labels]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Enable busybox's find -mmin time support, which is extremely small,
however also very useful in scripts:
72d1a2357d
Comparing package sizes...
Change Local Remote Package
+7 229009 229002 busybox
Signed-off-by: Lukas Tribus <lukas@ltri.eu>
[fix commit message long line and missing size change]
Signed-off-by: Paul Spooren <mail@aparcar.org>
Strictly speaking, ash does not support it.
From https://wiki.ubuntu.com/DashAsBinSh#A.5B.5E.5D
Not to be confused by sed's and other program's regular expression
syntax. Uses of [^...] in case (parameter/word expansion in general) need
to be replaced with [!...].
Found with shellcheck: https://github.com/koalaman/shellcheck/wiki/SC2169
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[minor commit title/message adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
FCC ID: A8J-EAP300A
Engenius EAP300 v2 is an indoor wireless access point with a
100/10-BaseT ethernet port, 2.4 GHz wireless, internal antennas,
and 802.3af PoE.
**Specification:**
- AR9341
- 40 MHz reference clock
- 16 MB FLASH MX25L12845EMI-10G
- 64 MB RAM
- UART at J1 (populated)
- Ethernet port with POE
- internal antennas
- 3 LEDs, 1 button (power, eth, wlan) (reset)
**MAC addresses:**
phy0 *:d3 art 0x1002 (label)
eth0 *:d4 art 0x0/0x6
**Installation:**
- if you get Failsafe Mode from failed flash:
only use it to flash Original firmware from Engenius
or risk kernel loop or halt which requires serial cable
Method 1: Firmware upgrade page:
OEM webpage at 192.168.1.1
username and password "admin"
Navigate to "Firmware" page from left pane
Click Browse and select the factory.bin image
Upload and verify checksum
Click Continue to confirm and wait 3 minutes
Method 2: Serial to load Failsafe webpage:
After connecting to serial console and rebooting...
Interrupt uboot with any key pressed rapidly
execute `run failsafe_boot` OR `bootm 0x9fdf0000`
wait a minute
connect to ethernet and navigate to
"192.168.1.1/index.htm"
Select the factory.bin image and upload
wait about 3 minutes
**Return to OEM:**
If you have a serial cable, see Serial Failsafe instructions
*DISCLAIMER*
The Failsafe image is unique to Engenius boards.
If the failsafe image is missing or damaged this will not work
DO NOT downgrade to ar71xx this way, can cause kernel loop or halt
The easiest way to return to the OEM software is the Failsafe image
If you dont have a serial cable, you can ssh into openwrt and run
`mtd -r erase fakeroot`
Wait 3 minutes
connect to ethernet and navigate to 192.168.1.1/index.htm
select OEM firmware image from Engenius and click upgrade
**TFTP recovery** (unstable / not reliable):
rename initramfs to 'vmlinux-art-ramdisk'
make available on TFTP server at 192.168.1.101
power board while holding or pressing reset button repeatedly
NOTE: for some Engenius boards TFTP is not reliable
try setting MTU to 600 and try many times
**Format of OEM firmware image:**
The OEM software of EAP300 v2 is a heavily modified version
of Openwrt Kamikaze. One of the many modifications
is to the sysupgrade program. Image verification is performed
simply by the successful ungzip and untar of the supplied file
and name check and header verification of the resulting contents.
To form a factory.bin that is accepted by OEM Openwrt build,
the kernel and rootfs must have specific names
and begin with the respective headers (uImage, squashfs).
Then the files must be tarballed and gzipped.
The resulting binary is actually a tar.gz file in disguise.
This can be verified by using binwalk on the OEM firmware images,
ungzipping then untaring.
The OEM upgrade script is at /etc/fwupgrade.sh.
OKLI kernel loader is required because the OEM software
expects the kernel size to be no greater than 1536k
and otherwise the factory.bin upgrade procedure would
overwrite part of the kernel when writing rootfs.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
[clarify MAC address section, bump PKG_RELEASE for uboot-envtools]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
There are linux firmwares packages for 43362, 43430 and 43455 which shouldn't
be installed at the same time as Cypress firmwares.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
This expands packages to define not only provides but also conflicts.
These packages provides same files so they should specify conflicts.
Second expansion is that *-ct-htt and *-ct-full-htt firmwares can also
provide *-ct variant as that allows explicit dependency on CT variant
with various firmware modifications.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
[Bump PKG_RELEASE and format PROVIDES/CONFLICTS]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
61b3c62 opkg_verify_integrity: better logging and error conditions
f73d42f download: purge cached packages that have incorrect checksum
1c1480e download: factor out the logic for building cache filenames
293b1ce libopkg: factor out checksum and size verification
a786e25 download: remove compatibility with old cache naming scheme
Signed-off-by: Paul Spooren <mail@aparcar.org>
This PR backports upstream fix for CVE-2020-8037. This fix is only
relevant for tcpdump package, tcpdump-mini is not affeted by this issue.
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Setting the plmn to '0' (auto) will implicitly lead to a (delayed)
network re-registration, which could further lead to some timing
related issues in the qmi proto handler.
On the other hand, if you switch back from manual plmn selection
to auto mode you have to set it to '0', because this setting is
permanently "saved" in the wwan module.
Conclusion:
If plmn is configured, check if it's already set euqally in the module.
If so, do nothing. Otherwise set it.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Replace my o2.pl email address.
I'm still available at the old address.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rephrase commit title/message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This patch adds support for Globalscale ESPRESSObin-Ultra. Device uses
the same Armada-3720 SoC with extended hardware support.
- SoC: Armada-3720
- RAM: 1 GB DDR4
- Flash: 4MB SPI NOR (mx25u3235f) + 8 GB eMMC
- Ethernet: Topaz 6341 88e6341 (4x GB LAN + 1x WAN with 30W PoE)
- WiFI: 2x2 802.11ac Wi-Fi marvell (88w8997 PCIe+USB)
- 1x USB 2.0 port
- 1x USB 3.0 port
- 1x microSD slot
- 1x mini-PCIe slot (USB [with nano-sim slot])
- 1x mini-USB debug UART
- 1x RTC Clock and battery
- 1x reset button
- 1x power button
- 4x LED (RGBY)
- Optional 1x M.2 2280 slot
** Installation **
Copy dtb from build_dir to bin/ and run tftpserver there:
$ cp ./build_dir/target-aarch64_cortex-a53_musl/linux-mvebu_cortexa53/
linux-5.4.65/arch/arm64/boot/dts/marvell/armada-3720-espressobin-ultra.dtb
bin/targets/mvebu/cortexa53/
$ in.tftpd -L -s bin/targets/mvebu/cortexa53/
Connect to the device UART via microUSB port on the back side and power on the device.
Power on the device and hit any key to stop the autoboot.
Set serverip (host IP) and ipaddr (any free IP address on the same subnet), e.g:
$ setenv serverip 192.168.1.10 # Host
$ setenv ipaddr 192.168.1.15 # Device
Ping server to confirm network is working:
$ ping $serverip
Using neta@30000 device
host 192.168.1.15 is alive
Tftpboot the firmware:
$ tftpboot $kernel_addr_r openwrt-mvebu-cortexa53-globalscale_espressobin-ultra-initramfs-kernel.bin
$ tftpboot $fdt_addr_r armada-3720-espressobin-ultra.dtb
Set the console and boot the image:
$ setenv bootargs $console
$ booti $kernel_addr_r - $fdt_addr_r
Once the initramfs is booted, transfer openwrt-mvebu-cortexa53-globalscale_espressobin-ultra-squashfs-sdcard.img.gz
to /tmp dir on the device.
Gunzip and dd the image:
$ gunzip /tmp/openwrt-mvebu-cortexa53-globalscale_espressobin-ultra-squashfs-sdcard.img.gz
$ dd if=/tmp/openwrt-mvebu-cortexa53-globalscale_espressobin-ultra-squashfs-sdcard.img of=/dev/mmcblk0 && sync
Reboot the device.
Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
Fixes the offset of the patch added in 93bbd998aa
("hostapd: enter DFS state if no available channel is found").
Signed-off-by: Leon M. George <leon@georgemail.eu>
This patch add missing support of SC16IS740 serial controller, installed
on LS1012A-FRDM board.
It was required to change RCW bits, because SPI was disabled by default.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
This will make developing process easier, because dtb will be included
into image.
Not need to enable initramfs image by default.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
213748a9bcd9 system-linux: implement full device present state management for force-external devices
3abe1fc87151 system-linux: add retry for adding member devices to a bridge
Signed-off-by: Felix Fietkau <nbd@nbd.name>
d4d78db uxc: also delete procd runtime state on 'delete'
e935c0c jail: add 'debug' extern variable to preload_seccomp
Signed-off-by: Daniel Golle <daniel@makrotopia.org>