This patch adds support for the COMFAST CF-E130N v2, an outdoor wireless
CPE with a single Ethernet port and a 802.11bgn radio.
Specifications:
- QCA9531 SoC
- 1x 10/100 Mbps Ethernet with PoE-in support
- 64 MB of RAM (DDR2)
- 16 MB of FLASH
- 5 dBi built-in antenna
- POWER/LAN/WLAN green LEDs
- 4x RSSI LEDs (2x red, 2x green)
- UART (115200 8N1) and GPIO (J9) headers on PCB
Flashing instructions:
The original firmware is based on OpenWrt so a sysupgrade image can be
installed via the stock web GUI.
The U-boot bootloader also contains a backup TFTP client to upload the
firmware from. Upon boot, it checks its ethernet network for the IP
192.168.1.10. Host a TFTP server and provide the image to be flashed as
file firmware_auto.bin.
MAC address setup:
The art partition contains four consecutive MAC addresses:
0x0 aa:bb:cc:xx:xx:c4
0x6 aa:bb:cc:xx:xx:c6
0x1002 aa:bb:cc:xx:xx:c5
0x5006 aa:bb:cc:xx:xx:c7
However, the manufacturer in its infinite wisdom decided that one address
is enough and both eth0 and WiFi get the MAC address from 0x0 (yes, that's
overwriting the existing and valid address in 0x1002). This is obviously
also the address on the device's label.
Signed-off-by: Pavel Balan <admin@kryma.net>
[fix configs partition, fix IMAGE_SIZE, add MAC address comment, rename
ATH_SOC to SOC]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
AHB is 258 MHz for this device (CPU_PLL / 3), but there is no difference
between 64 MHz and 50 MHz for spi-max-frequency, thus increase to 50 MHz.
Tested on revisions C1 and C3.
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
GPIO 11 needs to be pulled high for the external gigabit switch to work,
this is currently solved via gpio-hog. Replace with phy0 reset-gpios.
Tested on revisions C1 and C3. Reset button is still working for reboot,
to enter failsafe, and to enter bootloader http recovery.
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
The device has a total of 8 LEDs, 5 of which are controlled by the switch
(LAN 1-4, WAN). Only power, wifi and wps are controlled by the SoC.
* led_power is on GPIO 5 (not 15), boot flashing sequence is now visible
* remove led 'internet', since it is only connected to the switch
* remove ucidef_set_led_switch for WAN from 01_leds, as it has no effect
Tested on revisions C1 and C3.
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
[adjust commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Specifications:
* MediaTek MT7620A (580 Mhz)
* 8 MB of FLASH
* 64 MB of RAM
* 2.4Ghz and 5.0Ghz radios
* 5x 10/100 Mbps Ethernet (1 WAN and 4 LAN)
* UART header on PCB (57600 8n1)
* Green/Orange Power LEDs illuminating a Power-Button Lens
* Green/Orange Internet LEDs GPIO controlled illuminating a Globe/Internet Lens
* 3x button - wps, power and reset
* U-boot bootloader
Installation:
The sysupgrade.bin image is reported to be OEM web flashed with an ncc_att_hwid
appended. ncc_att_hwid is a 32bit binary in the GPL Source download for either
the TEW-810DR or DIR-810L and is located at
source/user/wolf/cameo/ncc/hostTools.
The invocation is: ncc_att_hwid -f tew-810dr-squashfs-factory.bin -a -m "TEW-810DR" -H "1.0R" -r "WW" -c "1.0"
This may need to be altered if your hardware version is "1.1R".
The image can also be directly flashed via serial tftp:
1. Load *.sysupgrade.bin to your tftp server directory and rename for
convenience.
2. Set a static ip 192.168.10.100.
3. NIC cable to a lan port.
4. Serial connection parameters 57600,8N1
5. Power on the TEW-810 and press 4 for a u-boot command line prompt.
6. Verify IP's with U-Boot command "printenv".
7. Adjust tftp settings if needed per the tftp documentation
8. Boot the tftp image to test the build.
9. If the image loads, reset your server ip to 192.168.1.10 and restart network.
10. Log in to Luci, 192.168.1.1, and flash the *sysupgrade.bin image.
Notes:
The only valid MAC address is found in 0x28 of the factory partition.
Other typical offsets/caldata only contain example data: 00:11:22:00:0f:xx
Signed-off-by: J. Scott Heppler <shep971@centurylink.net>
[remove "link rx tx" in 01_leds, format and extend commit message,
fix DTS led node names]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The UBIFS_FS_ZSTD is exposed when UBIFS is enabled.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
[adjust commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
86818eaa976b blob: make blob_parse_untrusted more permissive
cf2e8eb485ab tests: add fuzzer seed file for crash in blob_len
c2fc622b771f blobmsg: fix length in blobmsg_check_array
639c29d19717 blobmsg: simplify and fix name length checks in blobmsg_check_name
66195aee5042 blobmsg: fix missing length checks
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Between 4.19 and 5.4, the kernel moved the partition parsers into
the parsers subdirectory. This led to some necessary rebasing of
our local patches for parsers, which partially has been performed
without caring about where the code was inserted.
This commit tries to adjust our local patches so that parsers are
inserted at the "proper" positions with respect to alphabetic sorting
(if possible). Thus, the commit is cosmetic.
While this might look useless now, it will make life easier when
adding other parsers in the future or for rebasing on kernel changes.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
These trailing whitespaces were reported during kernel patch refresh.
While at it, harmonize a few indents as well.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This patch has been backported to stable kernel 5.4 already.
Remove our local patch explicitly now, as by applying the patch
(or refreshing) the relevant code is actually added a second time.
Refresh remaining patches as well.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
octeon has provided 5.4 as testing kernel for some time now, let's
switch to 5.4 to have a bigger audience for testing.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Kernel 5.4 is stable for about two months now and there is only a few
patches anyway, so this is mostly upstream stuff. Therefore, it does
not look like we need to keep old 4.14 around any longer.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Kernel 5.4 is stable for about two months now and there is only one
patch anyway, so this is mostly upstream stuff. Therefore, it does
not look like we need to keep old 4.14 around any longer.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Remove support for kernel 4.14, and NXP Layerscape SDK
had not supported kernel 4.14 since LSDK-20.04 either.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Specifications:
- MT7628NN @ 580 MHz
- 32 MB RAM
- 8 MB Flash
- 5x 10/100 Mbps Ethernet (built-in switch)
- 2.4 GHz WLAN
- 2x external, non-detachable antennas (1x for RT-N10P V3)
Flash instructions:
1. Set PC network interface to 192.168.1.75/24.
2. Connect PC to the router via LAN.
3. Turn router off, press and hold reset button, then turn it on.
4. Keep the button pressed till power led starts to blink.
5. Upload the firmware file via TFTP. (Any filename is accepted.)
6. Wait until the router reboots.
Signed-off-by: Ernst Spielmann <endspiel@disroot.org>
[fix node/property name for state_default]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
5e75160 blobmsg: fix attrs iteration in the blobmsg_check_array_len()
eeddf22 tests: runqueue: try to fix race on GitLab CI
89fb613 libubox: runqueue: fix use-after-free bug
1db3e7d libubox: runqueue fix comment in header
7c4ef0d tests: list: add test case for list_empty iterator
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
00b921d80ac0 Do not print line number in debug messages
96c42c5ed320 Fix length checks in cert_load()
fe06b4b836b3 usign-exec: improve usign -F output handling
19f9e1917e1b usign-exec: return code fixes
077feb5b5824 usign-exec: close writing end of pipe early in parent process
7ec4bb764e1e usign-exec: remove redundant return statements
5a738e549d31 usign-exec: change usign_f_* fingerprint argument to char[17]
112488bbbccc usign-exec: do not close stdin and stderr before exec
38dcb1a6f121 usign-exec: fix exec error handling
a9be4fb17df2 usign-exec: simplify usign execv calls
854d93e2326a Introduce read_file() helper, improve error reporting
afc86f352bf7 Fix return code of write_file()
fdff10852326 stdout/stderr improvements
dddb2aa8124d ci: fix unit test failures by enabling full ucert build
5f206bcfe5c2 ci: enable unit testing
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[cut out of patch with different subject]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
These are in if statements (where they should be), and echo output that is
not piped to anything. These should be safe.
Found with shellcheck.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This patch adds support for the WNDR4300SW, marketed by California ISP
SureWest (hence the 'SW' suffix). Hardware wise, it's identical to the
WNDR4300 v1.
Specifications:
* SoC: Atheros AR9344
* RAM: 128 MB
* Flash: 128 MB NAND flash
* WiFi: Atheros AR9580 (5 GHz) and AR9344 (2,4 GHz)
* Ethernet: 5x 1000Base-T
* LED: Power, WAN, LAN, WiFi, USB, WPS
* UART: on board, to the right of the RF shield at the top of the board
Installation:
* Flashing through the OEM web interface:
+ Connect your computer to the router with an ethernet cable and browse
to http://192.168.1.1/
+ Log in with the default credentials are admin:password
+ Browse to Advanced > Administration > Firmware Upgrade in the Netgear
interface
+ Upload the Openwrt firmware: openwrt-ath79-nand-netgear_wndr4300sw-squashfs-factory.img
+ Proceed with the firmware installation and give the device a few
minutes to finish and reboot.
* Flashing through TFTP:
+ Configure your wired client with a static IP in the 192.168.1.x range,
e.g. 192.168.1.10 and netmask 255.255.255.0.
+ Power off the router.
+ Press and hold the RESET button (the factory reset button on the bottom
of the device, with the red circle around it) and turn the router on
while keeping the button pressed.
+ The power LED will start flashing orange. You can release the button
once it switches to flashing green.
+ Transfer the image over TFTP:
$ tftp 192.168.1.1 -m binary -c put openwrt-ath79-nand-netgear_wndr4300sw-squashfs-factory.img
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Fixes the following build error with GCC 10:
/usr/bin/ld: read_fs.o:(.bss+0x0): multiple definition of `swap'; mksquashfs.o:(.bss+0x1b2a88): first defined here
And a compile warning.
Fixes: FS#3104, FS#3119
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Commit f761f4052c had bogus case syntax, the uci-defaults script threw
errors as a result and exited non-zero, probably didn't do what was
intended, but tried over and over since the non-zero exit prevents the
script from being deleted.
Fixes: f761f4052c ("ramips: mt7621: harmonize naming scheme for Mikrotik")
Signed-off-by: Russell Senior <russell@personaltelco.net>
[extend commit title, add Fixes]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Hardware
--------
SoC: Atheros AR9344
RAM: 128M DDR2
FLASH: 2x Macronix MX25L12845EM
2x 16MiB SPI-NOR
WLAN2: Atheros AR9344 2x2 2T2R
WLAN5: Atheros AR9580 2x2 2T2R
SERIAL: Cisco-RJ45 on the back (115200 8n1)
Installation
------------
The U-Boot CLI is password protected (using the same credentials as the
OS). Default is admin/new2day.
1. Download the OpenWrt initramfs-image. Place it into a TFTP server
root directory and rename it to 1401A8C0.img. Configure the TFTP
server to listen at 192.168.1.66/24.
2. Connect the TFTP server to the access point.
3. Connect to the serial console of the access point. Attach power and
interrupt the boot procedure when prompted (bootdelay is 1 second).
4. Configure the U-Boot environment for booting OpenWrt from Ram and
flash:
$ setenv boot_openwrt 'setenv bootargs; bootm 0xbf230000'
$ setenv ramboot_openwrt 'setenv serverip 192.168.1.66;
tftpboot 0x85000000; bootm'
$ setenv bootcmd 'run boot_openwrt'
$ saveenv
5. Load OpenWrt into memory:
$ run ramboot_openwrt
Wait for the image to boot.
6. Transfer the OpenWrt sysupgrade image to the device. Write the image
to flash using sysupgrade:
$ sysupgrade -n /path/to/openwrt-sysuograde.bin
Signed-off-by: David Bauer <mail@david-bauer.net>
Commit 472fd98c5b ("hostapd: disable support for Wired Equivalent
Privacy by default") made support for WEP optional.
Expose the WEP support to LuCi or other userspace tools using the
existing interface. This way they are able to remove WEP from the
available ciphers if hostapd is built without WEP support.
Signed-off-by: David Bauer <mail@david-bauer.net>
ADB P.DG A4001N A-000-1A1-AX a.k.a. Telecom Italia ADSL2+ Wi-Fi N (AGPWI)
has the same PCB as the OpenWrt's ADB P.DG A4001N1 with LEDs connected
to different GPIO PINs in active low configuration.
OpenWrt's ADB P.DG A4001N image is made for the ADB P.DG A4001N A-000-1A1-AE.
It has different LEDs configuration and flash size/layout
w.r.t the ADB P.DG A4001N A-000-1A1-AX.
Hardware:
* Board ID: 96328avng
* SoC: Broadcom BCM6328
* RAM DDR2-800: 32 Mbyte - winbond W9725G6KB-25
* Serial flash: 16 Mbyte - MXIC MX25L 12845EMI-10G
* Ethernet: 4x Ethernet 10/100 baseT
* Wifi 2.4GHz: Broadcom Corporation BCM43224/5 Wireless Network Adapter (rev 01)
* LEDs: 2x Power, 2x ADSL, 2x Internet, 2x Wi-Fi, 2x Service
* Buttons: 1x Reset, 1x WPS (named WiFi/LED)
* UART: 1x TTL 115200n8, TX NC RX, on J5 connector (short R192 and R193)
NC GND NC
Installation via CFE:
* Stock CFE has to be overwriten with one for 96328avng boards that can upload
.bin images with no signature check (cfe-A4001N-V0000_96328avng.bin)
* connect a serial port to the board
* Stop the boot process after power on by pressing enter
* set static IP 192.168.1.2 and subnet mask 255.255.255.0
* navigate to http://192.168.1.1/
* upload the OpenWrt image file
Signed-off-by: Daniele Castro <danielecastro@hotmail.it>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
This extracts the model part of the board name and uses it for the
LED string identifiers in 01_leds. As this makes statements more
generic, it will allow to merge more cases in the future.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
While "ok" is recognized in DT parsing, only "okay" is actually
mentioned as valid value. Replace it accordingly.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This fixes the following compile error seen on the mpc85xx target:
CC [M] /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.o
In file included from /builder/shared-workdir/build/staging_dir/toolchain-powerpc_8540_gcc-8.4.0_musl/include/stddef.h:17,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/include/uapi/linux/wireless.h:77,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/include/linux/wireless.h:13,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.c:89:
/builder/shared-workdir/build/staging_dir/toolchain-powerpc_8540_gcc-8.4.0_musl/include/bits/alltypes.h:106:15: error: conflicting types for 'ptrdiff_t'
typedef _Addr ptrdiff_t;
^~~~~~~~~
In file included from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/types.h:4,
from ./include/linux/list.h:5,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/list.h:3,
from ./include/linux/module.h:9,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/module.h:3,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.c:79:
./include/linux/types.h:65:28: note: previous declaration of 'ptrdiff_t' was here
typedef __kernel_ptrdiff_t ptrdiff_t;
^~~~~~~~~
scripts/Makefile.build:265: recipe for target '/linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.o' failed
Fixes: 289c632425 ("mac80211: Update to version 5.7-rc3-1")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Running your firewall's "wan" zone in REJECT zone (1) exposes the
presence of the router, (2) depending on the sophistication of
fingerprinting tools might identify the OS and release running on
the firewall which then identifies known vulnerabilities with it
and (3) perhaps most importantly of all, your firewall can be
used in a DDoS reflection attack with spoofed traffic generating
ICMP Unreachables or TCP RST's to overwhelm a victim or saturate
his link.
This rule, when enabled, allows traceroute to work even when the
default input policy of the firewall for the wan zone has been
set to DROP.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Introduce support for generating JFFS2 CFE partition tags.
This is used in NAND devices in order to verify the integrity of the JFFS2
partition.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>