Commit Graph

1549 Commits

Author SHA1 Message Date
Matthias Schiffer
258dc0d0fd
tools: add zstd
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2020-05-31 11:03:30 +02:00
DENG Qingfang
48e3449945 ccache: update to 3.7.9
Update ccache to 3.7.9

Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_9

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2020-05-28 21:22:18 +02:00
Hauke Mehrtens
1bbc1aa884 squashfs: Fix compile with GCC 10
Fixes the following build error with GCC 10:
	/usr/bin/ld: read_fs.o:(.bss+0x0): multiple definition of `swap'; mksquashfs.o:(.bss+0x1b2a88): first defined here
And a compile warning.

Fixes: FS#3104, FS#3119
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-05-24 14:38:40 +02:00
Karel Kočí
3c1d1d4332 tools: add autoconf-archive
Some autotools based build systems are using autoconf-archive scripts
and are expecting them to almost always be available. This is not
required for regular releases as tar balls generated for releases
commonly have existing configure script. This is rather intended to be
used with autotools.mk's autoreconf and in cases it is not always
possible to get release tar ball.

Including this adds little to no overhead in terms of build time as
those are just m4 scripts copied to an appropriate location.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
[fixed From: to match SoB]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-05-20 15:37:16 +02:00
Roger Pueyo Centelles
0486641849 firmware-utils: mkfwimage: add support for Ubiquiti XC devices
This commit adds support for Ubiquiti devices based on the XC board
type, such as the PowerBeam 5AC 500. The factory binary structure is
the same as the WA type.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
2020-05-17 21:03:19 +02:00
Lucian Cristian
042917f1c4 tools/mkimage: update to 2020.04
also change the download source to https and add a mirror
drop merged patches

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
[Add extra changes to compile on FreeBSD, merge two patches]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-04-26 21:20:47 +02:00
Kevin Darbyshire-Bryant
1e3d3d2bd5 tools/e2fsprogs: fix build under macos
macos doesn't define a loff_t type, the native off_t type being 64bit
anyway.

Persuade e2fsprogs to accept off_t instead on macos

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-10 11:52:00 +01:00
Daniel Engberg
5d7812495b tools/mm-macros: Update to 1.0.0
Update mm-macros to 1.0.0

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-04-09 22:09:21 +02:00
Daniel Engberg
d158b26c1e tools/xz: Update to 5.2.5
Update xz to 5.2.5
Disable NLS support to be consistent with other tools such as bison, e2fsprogs
and sed.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-04-09 22:09:13 +02:00
Daniel Engberg
169afa9fe4 tools/mtools: Update to 4.0.24
Update mtools to 4.0.24

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-04-09 22:09:04 +02:00
Daniel Engberg
71ea940a84 tools/findutils: Update to 4.7.0
Update findutils to 4.7.0
Remove patches
Enable pthreads
Disable NLS support to be consistent with other tools such as bison, e2fsprogs
and sed.
Disable selinux support to be consistent with other tools such as sed and tar
Disable rpath as we don't need hardcoded paths

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-04-09 22:08:38 +02:00
Daniel Engberg
c9daacbf18 tools/e2fsprogs: Update to 1.45.6
Update e2fsprogs to 1.45.6

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-04-09 22:08:29 +02:00
Rosen Penev
8af80e79bd tools/cmake: update to 3.17.0
Remove libressl patches; they are no longer needed as LibreSSl adde
support

Replace qt tests patch with one that disables all of them.

Refresh remaining one.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-04-06 20:30:18 +02:00
李国
1963bbaa8f firmware-utils: ptgen: add GPT support
Add GPT support to ptgen, so we can generate EFI bootable images.

Introduced two options:
    -g        generate GPT partition table
    -G GUID   use GUID for disk and increase last bit for all partitions

We drop The alternate partition table to reduce size, This may cause
problems when generate vmdk images or vdi images. We have to pad enough
sectors when generate these images.

Signed-off-by: 李国 <uxgood.org@gmail.com>
[fixed compilation on macOS]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-31 16:20:47 +02:00
Georgi Vlaev
ff75bbc423 tplink-safeloader: update soft_ver for TP-Link Archer C6 v2 (EU)
The last couple of TP-Link firmware releases for Archer C6 v2 (EU)
have switched to version 1.2.x. Bump the soft_ver to "1.2.1" to
allow firmware updates from the vendor web interface.

TP-Link vendor firmware releases supported by this change:
* Archer C6(EU)_V2_200110: soft_ver:1.2.1 Build 20200110 rel.60119
* Archer C6(EU)_V2_191014: soft_ver:1.2.0 Build 20191014 rel.33289

Signed-off-by: Georgi Vlaev <georgi.vlaev@gmail.com>
2020-03-30 01:46:50 +02:00
Robert Marko
be4ed1db18
tools: squashfskit4: fix build with GCC10
In order to build squashfskit with GCC10, this backport from upstream is needed.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
[increase PKG_RELEASE]
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2020-03-22 02:06:16 +01:00
Alexander Couzens
1f4020a293 squashfskit4/Makefile: introduce PKG_RELEASE=1
When adding patches, the PKG_RELEASE should be increased.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2020-03-22 02:05:41 +01:00
Adrian Schmutzler
646d95c374 ath79: add support for TP-Link Archer C60 v3
TP-Link Archer C60 v3 is a dual-band AC1350 router,
based on Qualcomm/Atheros QCA9561 + QCA9886.

It seems to be identical to the v2 revision, except that
it lacks a WPS LED and has different GPIO for amber WAN LED.

Specification:

- 775/650/258 MHz (CPU/DDR/AHB)
- 64 MB of RAM (DDR2)
- 8 MB of FLASH (SPI NOR)
- 3T3R 2.4 GHz
- 2T2R 5 GHz
- 5x 10/100 Mbps Ethernet
- 6x LED, 2x button
- UART header on PCB

Flash instruction (WebUI):
Download *-factory.bin image and upload it via the firmwary upgrade
function of the stock firmware WebUI.

Flash instruction (TFTP):
1. Set PC to fixed IP address 192.168.0.66
2. Download *-factory.bin image and rename it to tp_recovery.bin
3. Start a tftp server with the file tp_recovery.bin in its root
   directory
4. Turn off the router
5. Press and hold reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time the firmware should
   be transferred from the tftp server
8. Wait ~30 second to complete recovery

While TFTP works for OpenWrt images, my device didn't accept the
only available official firmware "Archer C60(EU)_V3.0_190115.bin".

In contrast to earlier revisions (v2), the v3 contains the (same)
MAC address twice, once in 0x1fa08 and again in 0x1fb08.
While the partition-table on the device refers to the latter, the
firmware image contains a different partition-table for that region:

name           device            firmware
factory-boot   0x00000-0x1fb00   0x00000-0x1fa00
default-mac    0x1fb00-0x1fd00   0x1fa00-0x1fc00
pin            0x1fd00-0x1fe00   0x1fc00-0x1fd00
product-info   0x1fe00-0x1ff00   0x1fd00-0x1ff00
device-id      0x1ff00-0x20000   0x1ff00-0x20000

While the MAC address is present twice, other data like the PIN isn't,
so with the partitioning from the firmware image the PIN on the device
would actually be outside of its partition.
Consequently, the patch uses the MAC location from the device (which
is the same as for the v2).

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-03-18 13:49:06 +01:00
Jo-Philipp Wich
6de7406d54 pkgconf: always retain -I and -L flags
The pkgconf fork filters -I and -L flag values from .pc files which match
pkgconf's builtin system directory value.

During configure, pkgconf derives the default system include and library
search path values from exec_prefix, which is set to staging_dir/host in
the host tool build phase.

Due to that, pkgconf will drop all -I and -L flags pointing to
staging_dir/host/include or staging_dir/host/lib, unless invoked with
--keep-system-cflags and --keep-system-libs respectively, breaking our
kernel libelf discovery / stack validation workarounds.

In order to inhibit the filtering, add --keep-system-cflags and
--keep-system-libs to our pkg-config shell wrapper.

Fixes: GH#2832
Fixes: 867298cf47 ("tools/pkg-config: Replace with pkgconf")
Ref: https://lists.infradead.org/pipermail/openwrt-devel/2020-March/022182.html
Ref: https://git.openwrt.org/fe43969336201f2cc7d103b68fd6e65989bee184
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Petr Štetiar <ynezz@true.cz>
2020-03-15 20:32:10 +01:00
Kevin Darbyshire-Bryant
0a06fcf608 build: fix kernel 5.4 on macos
As part of the kernel build process there are utilities built to run on
the host system that expect linux kernel headers to be available.
Unfortunately macos/darwin doesn't have these headers.

vdso2c requires types.h so provide a minimal stub to satisfy it.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-03-14 13:20:06 +00:00
Yufei Miao
763de7bd51 tools/cmake: Update to 3.16.5
Update cmake to 3.16.5

Signed-off-by: Yufei Miao <myf@myf.cloud>
2020-03-12 21:31:17 +01:00
Michael T Farnworth
b468353a37 mkrasimage: fix segmentation fault
Code was attempting to determine the size of the file
before it was actually known and allocating insufficient
memory space.  Images above a certain size caused a
segmentation fault.  Moving the calloc() ensured ensured
that large images didn't result in a buffer overflow on
memcpy().

Signed-off-by: Michael T Farnworth <michael@turf.org>
[fixed name in From to match one in SoB]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-01 21:36:00 +01:00
Rosen Penev
c60be19693 tools/pkgconf: Run pkg-config wrapper through shellcheck
Mainly quoting fixes.

Separated parameters by \ for easier readability.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-03-01 21:36:00 +01:00
Rosen Penev
867298cf47 tools/pkg-config: Replace with pkgconf
pkgconf is a newer, actively maintained implementation of pkg-config that
supports more aspects of the pkg-config file specification and provides a
library interface that applications can use to incorporate intelligent
handling of pkg-config files into themselves (such as build file
generators, IDEs, and compilers). Through its pkg-config compatibility
interface (activated when it is run as "pkg-config"), it also can
completely replace the original implementation.

It is also lighterweight and does not require glib2, as pkg-config does.

On other distros, pkgconf is symlinked to pkg-config. For simplicity here,
it is renamed to pkg-config.real, as in the original package.

Initial results have been positive. As before, pkgconf works as long as
the pkg-config files point to the proper paths.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[backported upstream fix for Meson]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-01 21:36:00 +01:00
Jeffery To
4a308bad82 tools: Fix "lib" symlink created inside $(STAGING_DIR_HOST)/lib
Currently, if "make tools/install" is called after tools have already
been installed, a symbolic link named "lib" will be created inside
$(STAGING_DIR_HOST)/lib, pointing to "lib" (i.e. itself).

During tools/prepare, a "lib64" symlink is created inside
$(STAGING_DIR_HOST) that points to "lib" (also inside
$(STAGING_DIR_HOST)).

If tools/prepare is called and the "lib64" symlink already exists, then
ln will treat it as a directory and instead create a symlink named "lib"
inside of that directory.

This adds the -n option for ln so that $(STAGING_DIR_HOST)/lib64 is
always treated as a normal file (the link name), not as a directory.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2020-03-01 21:35:59 +01:00
Daniel Engberg
b0a3f1e8f4 tools/bison: Update to 3.5.1
Update bison to 3.5.1
Use POSIX threads as the previous option is no longer valid
Disable NLS support to be consistent with other tools such as e2fsprogs and sed

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-02-19 22:02:47 +01:00
Daniel Engberg
cf443e84f5 tools/e2fsprogs: Update to 1.45.5
Update e2fsprogs to 1.45.5
Enable pthreads support

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-02-18 21:48:49 +01:00
Daniel Engberg
477d1c540e tools/gmp: Remove obsolete options
Remove mpbsd argument

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-02-18 21:39:23 +01:00
Daniel Engberg
4b591c5e6b tools/sed: Update to 4.8
Update sed to 4.8
Use POSIX threads
Disable i18n and selinux support

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-02-18 21:39:14 +01:00
Daniel Engberg
82211e5f49 tools/patchelf: Update to 0.10
Update patchelf to 0.10

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-02-18 21:39:03 +01:00
Daniel Engberg
0ffb7b02ba tools/libressl: Update to 3.0.2
Update libressl to 3.0.2 and remove 010-avoid-glibc.patch as fix is added by upstream

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-02-18 21:38:51 +01:00
Dan Haab
9aa6569aa6 firmware-utils: add lxlfw tool for generating Luxul firmwares
It's a simple tool prepending image with a Luxul header.

Signed-off-by: Dan Haab <dan.haab@legrand.com>
2020-02-07 09:31:22 +01:00
Andreas Böhler
6d6f36ae78 ramips: add support for TP-Link RE200 v2
TP-Link RE200 v2 is a wireless range extender with Ethernet and 2.4G and 5G
WiFi with internal antennas. It's based on MediaTek MT7628AN+MT7610EN.

Specifications
--------------

- MediaTek MT7628AN (580 Mhz)
- 64 MB of RAM
- 8 MB of FLASH
- 2T2R 2.4 GHz and 1T1R 5 GHz
- 1x 10/100 Mbps Ethernet
- UART header on PCB (57600 8n1)
- 8x LED (GPIO-controlled), 2x button

There are 2.4G and 5G LEDs in red and green which are controlled
separately.

MAC addresses
-------------

The MAC address assignment matches stock firmware, i.e.:
LAN : *:0D
2.4G: *:0E
5G  : *:0F

Installation
------------

Web Interface
-------------

It is possible to upgrade to OpenWrt via the web interface. Simply flash
the -factory.bin from OEM. In contrast to a stock firmware, this will not
overwrite U-Boot.

Serial console
--------------

Opening the case is quite hard, since it is welded together. Rename the
OpenWrt factory image to "test.bin", then plug in the device and quickly
press "2" to enter flash mode (no line feed). Follow the prompts until
OpenWrt is installed.

Unfortunately, this devices does not offer a recovery mode or a tftp
installation method. If the web interface upgrade fails, you have to open
your device and attach serial console.

Additonal notes
---------------

It is possible to flash back to stock by using tplink-safeloader to create
a sysupgrade image based on a stock update. After the first boot, it is
necessary upgrade to another stock image, otherwise subsequent boots
fail with LZMA ERROR 1 and you have to attach serial to recover the device.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
[remove DEVICE_VARS change]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-02-01 19:41:51 +01:00
Hannu Nyman
b77ce0c720 tools/gmp: update to 6.2.0
Update GNU gmp to version 6.2.0

Release notes:  https://gmplib.org/gmp6.2.html

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-01-25 22:07:32 +01:00
Adrian Schmutzler
b2102be8a5 ar71xx: use dynamic partitioning for TP-Link TL-WA850RE v2
This moves the TP-Link TL-WA850RE v2 to dynamic partitioning and
will allow to use this for ath79 as well.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-22 23:52:51 +01:00
Hannu Nyman
96e9d48664 tools/bison: update to 3.5
Update bison to 3.5

Release notes:
https://lists.gnu.org/archive/html/info-gnu/2019-12/msg00002.html

Note for future: release notes mention that YYPRINT macro is
declared deprecated, but apparently still works for now. I found
one possible use of that in scripts/config/zconf.tab.c_shipped
That might be modernized at some point, but as the file is synced
with the one from upstream Linux, it might get fixed there.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-01-21 18:43:58 +01:00
Anderson Vulczak
7a8bfbf0ff tools: tplink-safeloader: update soft_ver for TP-Link Archer C6 v2 (EU)
This patch updates "soft_ver" for TP-Link Archer C6 v2 (EU).

It makes possible to upload OpenWrt on lastest vendor's firmware
as the web-based updater checks for major.minor version during upload.

Due to that on next major/minor version update TP-Link will stop
us from using the web-based firmware update tool, so it will
require a new patch on soft_ver to match major and minor version.
Up to today's latest stock firmware the patch (major.minor.patch)
version does not matters, that allows downgrade from 1.1.4 to 1.1.1
but do not allow downgrade from 1.1.X to 1.0.X.

Signed-off-by: Anderson Vulczak <andi@andi.com.br>
2020-01-19 00:19:39 +01:00
Steffen Förster
93a4c8afbf ramips: add support for TP-Link RE305 v1
Specification:

SoC: MediaTek MT7628AN
RAM: 64MiB
Flash: 8MiB
Wifi:
  - 2.4GHz: MT7628AN
  - 5GHz: MT7612EN
LAN: 1x 10/100 Mbps

Flash instructions:
Flash factory image through stock firmware WEB UI.
Back to stock is possible by using TFTP and stripping down the Firmware
provided by TP-Link to a initramfs.

The flash space between 0x650000 and 0x7f0000
is blank in the stock firmware so I left it out as well.

Signed-off-by: Steffen Förster <nemesis@chemnitz.freifunk.net>
2020-01-18 19:39:05 +01:00
Hannu Nyman
343f27f8b0 tools/cmake: update to 3.16.2
Update cmake to 3.16.2 and refresh patches.

Release notes:
https://cmake.org/cmake/help/v3.16/release/3.16.html

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-01-18 14:18:22 +01:00
DENG Qingfang
5355baf21f ccache: update to 3.7.7
Update ccache to 3.7.7

Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_7

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2020-01-16 18:59:42 +01:00
Andrea Dalla Costa
3c77e4ae4d wrt350nv2-builder: Fix memory leak
Add missing call to `free` for variable `buffer` in function
`create_bin_file`.

Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
2020-01-14 17:48:50 +01:00
Andrea Dalla Costa
8057970d2a firmware-utils/mktitanimg: fix possible resource leak
Add missing call to `fclose` for file pointer `nsp_image`.

Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
2020-01-14 17:48:50 +01:00
Andrea Dalla Costa
1775f690d5 firmware-utils/mksenaofw: fix possible memory leak
Add missing calls to `free` for variable `pmodel`.

Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
2020-01-14 17:48:50 +01:00
Andrea Dalla Costa
b886d3c8f3 firmware-utils/mkfwimage: fix possible memory and resource leak
Add missing calls to `free` for variable `mem`.
Add missing call to `fclose` for variable `f`.

The same changes were made in both `mkfwimage.c` and `mkfwimage2.c`.

Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
2020-01-14 17:48:50 +01:00
Andrea Dalla Costa
8e3b3152e5 firmware-utils/mkchkimg: fix possible resource leaks
Add missing `fclose` calls for file pointers `kern_fp`, `fs_fp`
and `out_fp`.
Not closing files could lead to resource leaks.

Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
2020-01-14 17:48:50 +01:00
Andrea Dalla Costa
0ae0f48cec firmware-utils: fix possible memory leak and resource leak
Add missing calls to `free` for variable `buffer`.
This could lead to a memory leak.

Add missing call to `close` for file pointer `fdin`.
This could lead to a resource leak.

Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
2020-01-14 17:48:50 +01:00
Andrea Dalla Costa
402b362db4 firmware-utils/dgfirmare: fix possible resource leak
Add missing calls to `fclose` in functions `write_img`, `write_rootfs`
and `write_kernel`.
The not-closed files could lead to resource leaks.

Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
2020-01-14 17:48:50 +01:00
Tobias Schramm
d29929be07 firmware-utils: mkfwimage: add support for Ubiquiti SW devices
This commit adds support for Ubiquiti ToughSwitch XP (and probably also
EdgeSwitch XP) devices. They are mostly based on the same hardware as
MX devices.

Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
2020-01-12 14:12:50 +01:00
Hauke Mehrtens
271d0c825b make_ext4fs: Update to version 2020-01-05
5c201be Add LDFLAGS when building libsparse.a
ec17045 make_ext4fs: fix build on musl systems

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 20:04:37 +01:00
Andreas Böhler
a3010a7f8d ramips: add support for TP-Link RE200 v1
TP-Link RE200 v1 is a wireless range extender with Ethernet and 2.4G and 5G
WiFi with internal antennas. It's based on MediaTek MT7620A+MT7610EN.

Specifications
--------------

- MediaTek MT7620A (580 Mhz)
- 64 MB of RAM
- 8 MB of FLASH
- 2T2R 2.4 GHz and 1T1R 5 GHz
- 1x 10/100 Mbps Ethernet
- UART header on PCB (57600 8n1)
- 8x LED (GPIO-controlled; only 6 supported), 2x button

There are 2.4G and 5G LEDs in red and green which are controlled
separately. The 5G LED is currently not supported, since the GPIOs couldn't
be determined.

Installation
------------

Web Interface
-------------

It is possible to upgrade to OpenWrt via the web interface. However, the
OEM firmware upgrade file is required and a tool to fix the MD5 sum of
the header. This procedure overwrites U-Boot and there is not failsafe /
recovery mode present! To prepare an image, you need to take the header
and U-Boot (i.e. 0x200 + 0x20000 bytes) from an OEM firmware file and
attach the factory image to it. Then fix the header MD5Sum1.

Serial console
--------------

Opening the case is quite hard, since it is welded together. Rename the
OpenWrt factory image to "test.bin", then plug in the device and quickly
press "2" to enter flash mode (no line feed). Follow the prompts until
OpenWrt is installed.

Unfortunately, this devices does not offer a recovery mode or a tftp
installation method. If the web interface upgrade fails, you have to open
your device and attach serial console. Since the web upgrade overwrites
the boot loader, you might also brick your device.

Additional notes
----------------

MAC address assignment is based on stock-firmware. For me, the device
assigns the MAC on the label to Ethernet and the 2.4G WiFi, while the 5G
WiFi has a separate MAC with +2.

*:88    Ethernet/2.4G    label, uboot 0x1fc00, userconfig 0x0158
*:89    unused           userconfig 0x0160
*:8A    5G               not present in flash

This seems to be the first ramips device with a TP-Link v1 header. The
original firmware has the string "EU" embedded, there might be some region-
checking going on during the firmware upgrade process. The original
firmware also contains U-Boot and thus overwrites the boot loader during
upgrade.
In order to flash back to stock, the first header and U-Boot need to be
stripped from the original firmware.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
2019-12-31 13:23:55 +01:00
Christian Mauderer
5e5e92b7c3 ath79: generate firmware image for aircube-isp
This adds a "factory" image for the aircube-isp devices. Note that the
firmware can't be uploaded without prior special preparation. For the
most recent instructions on how to do that, visit the OpenWRT wiki page
of the Ubiquiti airCube ISP for details:

https://openwrt.org/toh/ubiquiti/ubiquiti_aircube_isp

Current procedure:

With the original firmware 2.5.0 it is possible to upload and execute a
script via the configuration. To do that download and unpack the
original configuration, adapt uhttpd config to execute another lua
handler (placed in the config directory) and pack and upload it again.

The lua handler can call a script that mounts an overlayfs and modifies
the "fwupdate.real" binary so that an unsigned image is accepted. The
overlayfs is necessary because a security system (called tomoyo) doesn't
allow binaries in other locations than /sbin/fwupdate.real (and maybe
some more) to access the flash when executed via network.

A big thanks to Torvald Menningen (Snap) from the OpenWRT forum for
finding out how to patch the binary so that it accepts an unsigned
image.

The current step-by-step procedure is:

- Use a version 2.5.0 of the original firmware. This is important
  because a binary file will be modified.
- Download a configuration.
- Unpack it (it's just a tar gz file without an ending).
- Add the following to uhttpd:

``````
config 'uhttpd' 'other'
	list listen_http    0.0.0.0:8080
	list listen_http    [::]:8080
	option 'home'       '/tmp/persistent/config/patch/www'
	option lua_prefix   '/lua'
	option lua_handler  '/tmp/persistent/config/patch/handler.lua'
``````

- Create a `patch` subfolder.
- Create a `patch/www` subfolder.
- Create a `patch/handler.lua` with the following content:

``````
function handle_request(env)
    uhttpd.send("Status: 200 OK\r\n")
    uhttpd.send("Content-Type: text/plain\r\n\r\n")

    local command = "/bin/sh /tmp/persistent/config/patch/patch.sh 2>&1"

    local proc = assert(io.popen(command))
    for line in proc:lines() do
        uhttpd.send(line.."\r\n")
    end
    proc:close()
end
``````

- Create a `patch/patch.sh` with the following content:

``````
#!/bin/sh -x

set -e
set -u
set -x

UBNTBOX_PATCHED="/tmp/fwupdate.real"
MD5FILE="/tmp/patchmd5"

cat <<EOF > ${MD5FILE}
c33235322da5baca5a7b237c09bc8df1  /sbin/fwupdate.real
EOF

# check md5 of files that will be patched
if ! md5sum -c ${MD5FILE}
then
        echo "******** Error when checking files. Refuse to do anything. ********"
        exit 0
fi

# prepare some overlay functionality
LOWERDIR="/tmp/lower_root"
mkdir -p ${LOWERDIR}
mount -t squashfs -oro /dev/mtdblock3 ${LOWERDIR}
overlay_some_path()
{
        PATH_TO_OVERLAY=$1
        ALIAS=$2
        UPPERDIR="/tmp/over_${ALIAS}"
        WORKDIR="/tmp/over_${ALIAS}_work"

        mkdir -p ${UPPERDIR}
        mkdir -p ${WORKDIR}

        mount -t overlay -o lowerdir=${LOWERDIR}${PATH_TO_OVERLAY},upperdir=${UPPERDIR},workdir=${WORKDIR} overlay ${PATH_TO_OVERLAY}
}

# patch the ubntbox binary.
overlay_some_path "/sbin" "sbin"
echo -en '\x10' | dd of=/sbin/fwupdate.real conv=notrunc bs=1 count=1 seek=24598

echo "******** Done ********"
``````

- Repack the configuration.
- Upload it via the normal web interface.
- Wait about a minute. The webserver should restart.
- Now there is a second web server at port 8080 which can call the lua
  script. Visit the page with a web browser. Link is for example
  http://192.168.1.1:8080/lua
- You should see the output of the script with a "*** Done ***" at the
  end. Note that the patches are not permanent. If you restart the
  router you have to re-visit the link (but not re-upload the config).
- Now you can upload an unsigned binary via the normal web interface.

Signed-off-by: Christian Mauderer <oss@c-mauderer.de>
2019-12-31 01:42:13 +01:00
Brett Mastbergen
9e2e48ff31 tools: qemu: Add patches to support adapter_type and monolithicFlat
Its way more trouble to update this to a newer version of qemu than it
is to backport the two additional features we need.

Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
2019-12-23 00:22:06 +01:00
Adrian Schmutzler
c0b87cf10b tools: tplink-safeloader: fix whitespace issues
This replaces tabs by spaces when preceding an equal sign. This improves
consistency in the file and makes the indent look correct on all platforms.

While at it, also fix one case of inconsistent leading spaces.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-27 22:54:36 +01:00
Anderson Vulczak
9b90dc05f5 ath79: add support for TP-Link Archer C6 v2 (US) and A6 (US/TW)
This patch is based on #1689 and adds support for TP-Link Archer
C6 v2 (US) and A6 (US/TW).

The hardware is the same as EU and RU variant, except for GPIOs
(LEDS/Buttons), flash(chip/partitions) and UART being available
on the board.

- SOC: Qualcomm QCA9563 @ 775MHz
- Flash: GigaDevice GD25Q127CS1G (16MiB)
- RAM: Zentel A3R1GE40JBF (128 MiB DDR2)
- Ethernet: Qualcomm QCA8337N: 4x 1Gbps LAN + 1x 1Gbps WAN
- Wireless:
  - 2.4GHz (bgn) QCA9563 integrated (3x3)
  - 5GHz (ac) Qualcomm QCA9886 (2x2)
- Button: 1x power, 1x reset, 1x wps
- LED: 6x LEDs: power, wlan2g, wlan5g, lan, wan, wps
- UART: 115200, 8n1 (header available on board)

Known issues:
 - Wireless: 5GHz is known to have lower RSSI signal, it affects speed and range.

Flash instructions:

Upload openwrt-ath79-generic-tplink_archer-c6-v2-us-squashfs-factory.bin
via the router Web interface.

Flash instruction using tftp recovery:

1. Connect the computer to one of the LAN ports of the router
2. Set the computer IP to 192.168.0.66
3. Start a tftp server with the OpenWrt factory image in the
   tftp root directory renamed to ArcherA6v2_tp_recovery.bin.
4. Connect power cable to router, press and hold the
   reset button and turn the router on
5. Keep the reset button pressed until the WPS LED lights up
6. Wait ~150 seconds to complete flashing

Flash partitioning: I've followed #1689 for defining the partition layout
for this patch. The partition named as "tplink" @ 0xfd0000 is marked
as read only as it is where some config for stock firmware are stored.
On stock firmware those stock partitions starts at 0xfd9400 however
I had not been able to make it functional starting on the same address as
on stock fw, so it has been partitioned following #1689 and not the stock
partition layout for this specific partition. Due to that firmware/rootfs
partition lenght is 0xf80000 and not 0xf89400 as stock.

According to the GPL code, the EU/RU/JP variant does have different GPIO pins
assignment to LEDs and buttons, also the flash memory layout is different.

GPL Source Code: https://static.tp-link.com/resources/gpl/gpl-A6v2_us.tar.gz

Signed-off-by: Anderson Vulczak <andi@andi.com.br>
[wrap commit message, remove soft_ver change for C6 v2 EU, move LED aliases
to DTS files, remove dts-v1 in DTSI, node/property reorder in DTSI]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-27 22:54:36 +01:00
David Bauer
c5497ebb1c tools/expat: change package source to GitHub
According to the SourceForge page, the project is migrating to GitHub.
Thus, change the source of the package to GitHub.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-11-24 23:17:34 +01:00
DENG Qingfang
3f5cf3872d ccache: update to 3.7.6
Update ccache to 3.7.6

Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_6

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-11-24 21:48:54 +01:00
Hannu Nyman
7c8f74c7c0 tools/quilt: update to 0.66
Update quilt to version 0.66

Release notes at:
http://git.savannah.nongnu.org/cgit/quilt.git/tree/NEWS?id=294006e12

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2019-11-24 21:35:45 +01:00
Bernhard Geier
591a06316d tplink-safeloader: shorten version number of TP-Link WBS210 v2
"2.0" instead of "2.00" is sufficient and more in line with the
other definitions.

Signed-off-by: Bernhard Geier <freifunk@geierb.de>
[commit message/title adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-23 12:03:42 +01:00
Andrew Cameron
20fdfe37d2 ath79: add support for the TP-LINK WBS510 V1
This adds support for a popular low-cost 5GHz N based AP

Specifications:
- SoC: Atheros AR9344
- RAM: 64MB
- Storage: 8 MB SPI NOR
- Wireless: 5GHz 300 Mbps, 2x RP-SMA connector, 27 dBm TX power
- Ethernet: 1x 10/100 Mbps with 24V POE IN, 1x 10/100 Mbps

Installation:
Flash factory image through stock firmware WEB UI
or through TFTP
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP:192.168.0.100
Stock device TFTP adress:192.168.0.254

Signed-off-by: Andrew Cameron <apcameron@softhome.net>
2019-11-22 11:41:27 +01:00
Andrew Cameron
5b8709d9f2 ath79: add support for the TP-LINK WBS510 V2
This adds support for a popular low-cost 5GHz N based AP

Specifications:
 - SoC: Atheros AR9344
 - RAM: 64MB
 - Storage: 8 MB SPI NOR
 - Wireless: 5GHz 300 Mbps, 2x RP-SMA connector, 27 dBm TX power
 - Ethernet: 1x 10/100 Mbps with 24V POE IN, 1x 10/100 Mbps

Installation:
Flash factory image through stock firmware WEB UI
or through TFTP
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP:192.168.0.100
Stock device TFTP adress:192.168.0.254

Signed-off-by: Andrew Cameron <apcameron@softhome.net>
2019-11-22 11:41:24 +01:00
Andrew Cameron
bae0d47f2e ath79: add support for the TP-LINK CPE220 V3
This adds support for a popular low-cost 2.4GHz N based AP

Specifications:
SoC: Qualcomm Atheros QCA9533 (650MHz)
RAM: 64MB
Storage: 8 MB SPI NOR
Wireless: 2.4GHz N based built into SoC 2x2
Ethernet: 2x 100/10 Mbps, integrated into SoC

Installation:
Flash factory image through stock firmware WEB UI
or through TFTP
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP:192.168.0.100
Stock device TFTP adress:192.168.0.254

This also applies some minor changes to the common DTSI:
- use &wmac for label-mac-device, as this one is actually set up in
  common DTSI
- move &eth0 to parent DTSI
- fix several leading spaces, added/removed newlines

Signed-off-by: Andrew Cameron <apcameron@softhome.net>
[DTS style fixes/improvements, updated commit message/title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-06 13:37:40 +01:00
Fredrik Olofsson
e6901bf902 tools/automake: Revert "Do not use $(V) - force AM_V=1"
This reverts commit 43365ca662 ("Do not use $(V) - force AM_V=1") as
it breaks verbose output in automake packages, deviating from the
upstream and expected behaviour.

As you can see, neither make command outputs the expected verbose
compile command lines:

```
$ make package/mtd-utils/{clean,compile} V=sc
...
  CCLD     lsmtd
  CC       nand-utils/nanddump.o
  CCLD     nanddump
...
```
```
$ make -C build_dir/target*/mtd-utils-2.1.1 clean
...
$ make -C build_dir/target*/mtd-utils-2.1.1 V=1
...
  CC       lib/libmtd.o
  CC       lib/libfec.o
  CC       lib/common.o
  CC       lib/libcrc32.o
```

The original reason for this commit was some packages failing to build
if V is set to something other than 0 or 1. See the discussion in PR
https://github.com/openwrt/openwrt/pull/2481 for how to fix this in the
package Makefile.

Ref: PR#2481
Acked-by: Mirko Vogt <mirko-openwrt@nanl.de>
Signed-off-by: Fredrik Olofsson <fredrik.olofsson@anyfinetworks.com>
[commit title/description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-06 00:21:15 +01:00
Bernhard Geier
3930aab2cb ath79: add support for TP-Link WBS210 v2
TP-Link WBS210 v2 is an outdoor wireless CPE for 2.4 GHz with
two Ethernet ports based on Atheros AR9344

The device is the same as TP-Link CPE220 v2, but with higher TX power (27 dBm
instead of 12 dBm) and two antenna connectors instead of built-in antennas.

Specifications:
 - SoC: Atheros AR9344
 - RAM: 64MB
 - Storage: 8 MB SPI NOR
 - Wireless: 2.4GHz 300 Mbps, 2x RP-SMA connector, 27 dBm TX power
 - Ethernet: 1x 10/100 Mbps with 24V POE IN, 1x 10/100 Mbps

Installation:
Flash factory image through stock firmware WEB UI
or through TFTP
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP: 192.168.0.100
Stock device TFTP adress: 192.168.0.254

The TP-Link WBS devices use the same GPIOs as the CPE devices,
except for the link4 LED. For this one, WBS devices use "2", while
CPE devices use "16". (Tested on WBS210 v2)

Signed-off-by: Bernhard Geier <freifunk@geierb.de>
[added comment about GPIO]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-03 13:59:18 +01:00
Sebastian Kemper
1f0063b58c rules.mk: remove "$(STAGING_DIR)/include"
"$(STAGING_DIR)/include" was carried over from buildroot-ng to OpenWrt
in commit 60c1f0f64d. buildroot has
dropped this directory a long time ago.

In OpenWrt the directory is still created by the PrepareStaging macro
and is part of the default TARGET_CPPFLAGS. But nothing at all installs
headers into this directory, nor should anything be installed under this
path.

Removing this directory from TARGET_CPPFLAGS will cut down the log noise
a bit. Not only will CPPFLAGS be shorter, there will be less warnings
set off by "-Wmissing-include-dirs" (or even failures when paired with
"-Werror"). After all the directory does not even _exist_ in the SDKs,
which are used on the build bots when building packages (see [1] and
[2]).

make[8]: Entering directory '/builder/shared-workdir/build/sdk/build_dir/target-aarch64_generic_musl/libmbim-1.20.0/src/common'
  CC       libmbim_common_la-mbim-common.lo
cc1: error: /builder/shared-workdir/build/sdk/staging_dir/target-aarch64_generic_musl/include: No such file or directory [-Werror=missing-include-dirs]
cc1: all warnings being treated as errors

[1] https://github.com/openwrt/packages/issues/10377
[2] https://github.com/openwrt/packages/pull/10378

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Rosen Penev <rosenp@gmail.com>
2019-11-02 20:51:56 +01:00
André Valentin
6ae7ee7724 tools/mkrasimage: Add support for 128k header size
128k header size support is needed for ZyXEL NBG6716.

Signed-off-by: André Valentin <avalentin@marcant.net>
2019-10-27 13:38:05 +01:00
Yousong Zhou
ed6ba2801c tools: keep stamp file in $(STAGING_DIR_HOST)
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-24 11:34:34 +00:00
Adrian Schmutzler
c79b796280 ar71xx: improve support for TP-Link CPE510 v2
This fixes commit bae927c551 ("ar71xx: add support for TP-LINK CPE510
V2.0") where the support for this device wasn't optimal.

Device support for the CPE510v2 so far has been a hack to enable
flashing with CPE510v1 images. Those even have different hardware (e.g.
additional ethernet port).

With this patch, we provide proper support for this device in ar71xx.

Installation:
- Flash factory image through stock firmware WEB UI or through TFTP
- To get to TFTP recovery just hold reset button while powering on
  for around 4-5 seconds and release.
- Rename factory image to recovery.bin
- Stock TFTP server IP: 192.168.0.100
- Stock device TFTP address: 192.168.0.254

Fixes: bae927c551 ("ar71xx: add support for TP-LINK CPE510 V2.0")
Signed-off-by: Andrew Cameron <apcameron@softhome.net>
[Rebased onto revert commit, changed comments in mach-cpe510.c,
changed commit title and description, fixed eth0 MAC address,
removed eth1 initialization]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[squashed revert, added fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-21 21:54:01 +02:00
Ilya Gordeev
5daf094353 tplink-safeloader: fix compilation warnings
Signed-off-by: Ilya Gordeev <Mirraz@users.noreply.github.com>
2019-10-19 13:16:57 +02:00
Josef Schlehofer
700e7a2eb9 tools/e2fsprogs: Update to version 1.45.4
Fixes CVE-2019-5094

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-10-08 21:51:08 +02:00
Josef Schlehofer
b4af2c689f expat: Update to version 2.2.9
Fixes CVE-2019-15903

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-10-06 21:28:49 +02:00
DENG Qingfang
cb289777ca ccache: update to 3.7.4
Update ccache to 3.7.4

Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_4

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-09-26 22:15:25 +02:00
Felix Fietkau
0f7ff74cbf tools/coreutils: install "touch"
Fixes error in setting SOURCE_DATE_EPOCH timestamp on files on rootfs prepare
on non-Linux systems

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-09-25 10:19:24 +02:00
Petr Štetiar
60eb0e8da2 scons: move to packages feed
This patch removes scons host build tool, as commit 7087efd72a8d
("scons: move host build tool to a proper place") in the packages feed
has moved scons into the new home.

There are currently no packages in the master tree which would need
scons, yet scons is build always as part of host tools, just in order to
satisfy host build dependency of few packages in the packages feeds.

Ref: https://github.com/openwrt/packages/pull/9584
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-09-15 22:53:01 +02:00
Hauke Mehrtens
169152c8d1 tools/mkimage: Update U-Boot to version 2019.07
This updates the U-Boot which provides the host tools like mkimage to
version 2019.07.
The patches were cleaned up and it was checked if this still compiles
on Linux and FreeBSD.

CONFIG_FIT_SIGNATURE_MAX_SIZE is set to the default value.

The patch for libressl was merged upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-04 22:35:22 +02:00
Rosen Penev
ac31ec0f62 upslug2: Update to git repository
This has two improvements over the current version. An autotools fix and
application of the wrt350v2 patch.

Cleaned up Makefile as a result of makefiles being fixed.

Note that this package is not really used as it depends on orion, which is
classified as broken.

This is the last package that uses svn in the tree.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-09-03 11:56:47 +02:00
Jo-Philipp Wich
f3ab336d7c tools: libelf: fix headers to trigger -Wundef warnings
When libelf from tools/ is used for building the kernel, compilation
aborts due to access to undefined defines since Kbuild adds -Wundef
to the compiler flags.

Patch the header files to use `#if defined(...)` instead of `#if ...`
to prevent such issues.

Ref: https://github.com/NixOS/nixpkgs/issues/59929
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-03 10:44:21 +02:00
Jo-Philipp Wich
d3f86c9cc3 tools: libelf: install pkg-config file
Install the pkg-config definition for libelf in order to allow the
kernel build process discover it later on.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-03 10:44:21 +02:00
Daniel Engberg
413c68d120 tools/cmake: Update to 3.15.1
Update CMake to 3.15.1
Refresh patches
Remove inofficial fossies.org and replace with GitHub (link on official site)
Remove 150-C-feature-checks-Match-warnings-more-strictly.patch as it's
a no longer needed backport from upstream.
Disable ccache if GCC is 4.8, 4.9 or 5.X to avoid build failures.
Reference: https://github.com/openwrt/openwrt/pull/1929

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-09-01 18:38:05 +02:00
DENG Qingfang
08e274da9d tools/mtd-utils: update to 2.1.1
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-08-27 10:32:44 +02:00
Christian Lamparter
ac2f341036 make-ext4fs: update to HEAD of 2017-05-29 - eebda1
Update make-ext4fs to commit eebda1d55d9701ace2700d7ae461697fadf52d1f

git log --pretty=oneline --abbrev-commit 484903e4..eebda1d5

eebda1d make_ext4: Add strict prototypes.
bb9cf91 make_ext4fs: Remove off64_t in favor of standard off_t

Created with the help of the make-package-update-commit.sh script.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-08-24 23:18:12 +02:00
Daniel Engberg
234f7a9e5d tools/e2fsprogs: Update to 1.45.3
Update e2fsprogs to 1.45.3
Remove OpenBSD patch
Remove Darwin patch, neither macports or brew patches these files
Add patch to avoid crond detection on host OS

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-08-17 16:57:32 +02:00
Russell Senior
bcfd1d7685 tools/patch: apply upstream patch for cve-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style

diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.

https://nvd.nist.gov/vuln/detail/CVE-2019-13638

Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-08-13 10:00:10 +02:00
Russell Senior
166e626277 tools/scons: update scons to 3.1.1
This version bump includes a bunch of fixes and improvements, which
should fix gpsd build breakage in the package feeds.

Ref: https://github.com/SCons/scons/blob/master/src/CHANGES.txt
Signed-off-by: Russell Senior <russell@personaltelco.net>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-08-13 09:49:50 +02:00
Adrian Schmutzler
854ab1b045 ath79: add support for TP-Link CPE220 v2
This seems to be identical to CPE210 v1 despite having removable
antennas.

Specifications:

    * SoC: Qualcomm Atheros AR9344 (560 MHz)
    * RAM: 64MB
    * Storage: 8 MB
    * Wireless: 2.4GHz N based built into SoC 2x2
    * Ethernet: 2x 100/10 Mbps, integrated into SoC, 24V POE IN

Installation:

Flash factory image through stock firmware WEB UI
or through TFTP:
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP:192.168.0.100
Stock device TFTP address:192.168.0.254

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-08-07 18:04:03 +02:00
Adrian Schmutzler
8d83a4f545 tplink-safeloader: increase kernel partition for CPE/WBSx10v1
This is a preparation for ath79 support of the CPE210/CPE510 v1.
Kernel size is chosen equal to the latest update for CPE610 v1.

This also updates the partition size in ar71xx target, so code
remains consistent if someone looks up the device. Since CPE210,
CPE510, WBS210 and WBS510 (all v1) share the same partition
layout definition, and are on deprecated target anyway, this
changes them all at once.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-08-07 18:04:03 +02:00
Daniel Engberg
7270fdb62f expat: Update to 2.2.7
Update (lib)expat to 2.2.7

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-08-06 14:03:09 +02:00
Petr Štetiar
ea1acaf5a6 firmware-utils: uimage_padhdr: fix Coverity issue
Fixes following issue reported by Coverity scan:

 *** CID 1452085:  Security best practices violations  (TOCTOU)
 /tools/firmware-utils/src/uimage_padhdr.c: 100 in main()
 94
 95     	if (!infname || !outfname) {
 96     		usage(argv[0]);
 97     		exit(1);
 98     	}
 99
 >>>     CID 1452085:  Security best practices violations  (TOCTOU)
 >>>     Calling function "stat" to perform check on "infname".
 100     	if (stat(infname, &statbuf) < 0) {

Fixes: a1c6a316d2 ("ramips: add support for Fon FON2601")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-08-04 22:09:20 +02:00
DENG Qingfang
2caf747116 ccache: update to 3.7.2
Update ccache to 3.7.2

Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_2

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-08-04 13:53:05 +02:00
Russell Senior
995bcc5329 tools/patch: apply upstream patch for CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.

https://nvd.nist.gov/vuln/detail/CVE-2019-13636

Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-07-30 10:16:16 +02:00
Daniel Golle
9437012b9e tools/mklibs: update to 0.1.44 and convert to Python 3
Since the switch to Python 3 build fails if CONFIG_USE_MKLIBS is set
("Strip unnecessary functions from libraries" in menuconfig) as
mklibs hasn't been converted to run on Python 3.

 * update to most recent upstream version which brings some
   reproducibility fixes
 * converted to Python 3 using 2to3
 * fixed mixed tab/spaces indentation
 * fixed use of string.* functions
 * some more minor fixes to make Python 3 happy

Fixes commit 19938c8de7 ("build: switch to Python 3")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-07-26 23:50:21 +02:00
NOGUCHI Hiroshi
a1c6a316d2 ramips: add support for Fon FON2601
FON2601 is a wireless router.

Specification:
- SoC: Mediatek MT7620A (580MHz)
- RAM: 128 MiB
- ROM: 16 MiB SPI Flash
- Wireless:
   for 11b/g/n (upto 300 Mbps):  MT7620A built-in WMAC
   for 11a/n/ac (upto 867 Mbps): MT7662E
- Ethernet LAN: 1 port, upto 100 Mbps
- Ethernet WAN: 1 port, upto 1000 Mbps
- USB: 1 port (USB 2.0 host)
- LEDs: 4 (all can be controlled by SoC's GPIO)
- buttons: 1 (Displayed as "WPS" on enclosure)
- serial port: 57600n8
 pins: Vcc(3.3V), Rx, Tx, GND
(left to right, viewed from outside of board)

Installation (only available via UART):
  1. download sysupgrade binary image by wget command
  2. write sysupgrade binary image to Flash
     command is:
       mtd write sysupgrade.bin firmware
  3. reboot

Important Notice:
  Only one button is displayed as "WPS" on enclosure.
  However, it is configured as "reset" (factory resetting feature).

Signed-off-by: NOGUCHI Hiroshi <drvlabo@gmail.com>
[removed unrelated openwrt-keyring revert, missing -Wall for uimage_padhdr]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-26 08:09:16 +02:00
Petr Štetiar
316c8b5503 tools/scons: switch to Python 3
Build tested on ath79 with following packages from packages feed which
build depends on scons. None of them build anymore as it seems, that the
SConscripts are written for Python2.

 * packages/net/iotivity (KO, doesn't build even with latest 1.3.1 release)

   SyntaxError: invalid syntax
    File "/openwrt/build_dir/target-mips_24kc_musl/iotivity-1.2.1/build_common/SConscript", line 40
      print "\nError: Current system (%s) isn't supported\n" % host

   LookupError: unknown encoding: string_escape:
    File "/home/petr/testing/openwrt/build_dir/target-mips_24kc_musl/iotivity-1.3.1/SConstruct", line 28:
      SConscript('build_common/SConscript')

 * packages/net/smartsnmpd (KO, seems dead, no commit since 2015):

   SyntaxError: Missing parentheses in call to 'print'
    File "/openwrt/build_dir/target-mips_24kc_musl/smartsnmpd-2014-08-13/SConstruct", line 156
      print "Can't find liblua or liblua5.1!"

 * packages/utils/gpsd (KO, doesn't build even with latest 3.18.1 release):

   AttributeError: 'list' object has no attribute 'keys':
     File "/openwrt/build_dir/target-mips_24kc_musl/gpsd-3.18.1/SConstruct", line 1758:
       all_manpages = list(base_manpages.keys()) + list(python_manpages.keys())

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-26 08:09:16 +02:00
Petr Štetiar
5989a75cc4 tools/b43-tools/b43-fwsquash: convert to Python 3 with 2-to-3
Let's convert the script to Python 3.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-26 08:09:16 +02:00
Hans Dedecker
1282a63027 tools: libressl: fix compilation for non-glibc clib (FS#2400)
Fixes compilaton issue for non glibc clibs :

libtool: compile:  gcc -DPACKAGE_NAME=\"libressl\" -DPACKAGE_TARNAME=\"libressl\" -DPACKAGE_VERSION=\"2.9.2\" "-DPACKAGE_STRING=\"libressl 2.9.2\"" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DPACKAGE=\"libressl\" -DVERSION=\"2.9.2\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DLT_OBJDIR=\".libs/\" -DHAVE_SYMLINK=1 -DHAVE_ERR_H=1 -DHAVE_ASPRINTF=1 -DHAVE_MEMMEM=1 -DHAVE_STRLCAT=1 -DHAVE_STRLCPY=1 -DHAVE_STRNDUP=1 -DHAVE_STRNLEN=1 -DHAVE_STRSEP=1 -DHAVE_TIMEGM=1 -DHAVE_SYSLOG=1 -DHAVE_ACCEPT4=1 -DHAVE_PIPE2=1 -DHAVE_POLL=1 -DHAVE_SOCKETPAIR=1 -DHAVE_EXPLICIT_BZERO=1 -DHAVE_GETAUXVAL=1 -DHAVE_GETAUXVAL=1 -DHAVE_DL_ITERATE_PHDR=1 -DHAVE_CLOCK_GETTIME=1 -DHAVE_VA_COPY=1 -DHAS_GNU_WARNING_LONG=1 -DSIZEOF_TIME_T=8 -I. -I../include -I../include/compat -DLIBRESSL_INTERNAL -D__BEGIN_HIDDEN_DECLS= -D__END_HIDDEN_DECLS= -I../crypto/asn1 -I../crypto/bn -I../crypto/ec -I../crypto/ecdsa -I../crypto/evp -I../crypto/modes -I../crypto -I/builds/pantacor/pv-platforms/openwrt-base/openwrt/staging_dir/host/include -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE -D__STRICT_ALIGNMENT -O2 -I/builds/pantacor/pv-platforms/openwrt-base/openwrt/staging_dir/host/include -fpic -Wall -std=gnu99 -fno-strict-aliasing -fno-strict-overflow -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DHAVE_GNU_STACK -Wno-pointer-sign -MT compat/getprogname_linux.lo -MD -MP -MF compat/.deps/getprogname_linux.Tpo -c compat/getprogname_linux.c -o compat/getprogname_linux.o
compat/getprogname_linux.c: In function 'getprogname':
compat/getprogname_linux.c:32:2: error: #error "Cannot emulate getprogname"
 #error "Cannot emulate getprogname"
  ^~~~~

Reported-by: Anibal Portero <anibal.portero@pantacor.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-07-23 14:54:07 +02:00
Kevin Darbyshire-Bryant
8d6d227bb6 tools: libressl: fix build on MacOS
Making all in tests
depbase=`echo handshake_table.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
	gcc -DPACKAGE_NAME=\"libressl\" -DPACKAGE_TARNAME=\"libressl\" -DPACKAGE_VERSION=\"2.9.2\" -DPACKAGE_STRING=\"libressl\ 2.9.2\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DPACKAGE=\"libressl\" -DVERSION=\"2.9.2\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DLT_OBJDIR=\".libs/\" -DHAVE_SYMLINK=1 -DHAVE_ERR_H=1 -DHAVE_READPASSPHRASE_H=1 -DHAVE_ASPRINTF=1 -DHAVE_MEMMEM=1 -DHAVE_READPASSPHRASE=1 -DHAVE_STRLCAT=1 -DHAVE_STRLCPY=1 -DHAVE_STRNDUP=1 -DHAVE_STRNLEN=1 -DHAVE_STRSEP=1 -DHAVE_TIMEGM=1 -DHAVE_GETPROGNAME=1 -DHAVE_SYSLOG=1 -DHAVE_POLL=1 -DHAVE_SOCKETPAIR=1 -DHAVE_ARC4RANDOM=1 -DHAVE_ARC4RANDOM_BUF=1 -DHAVE_ARC4RANDOM_UNIFORM=1 -DHAVE_TIMINGSAFE_BCMP=1 -DHAVE_CLOCK_GETTIME=1 -DHAVE_VA_COPY=1 -DHAVE___VA_COPY=1 -DSIZEOF_TIME_T=8 -I.  -I../include -I../include/compat -DLIBRESSL_INTERNAL -D__BEGIN_HIDDEN_DECLS= -D__END_HIDDEN_DECLS= -I ../crypto/modes -I ../crypto/asn1 -I ../ssl -I ../tls -I ../apps/openssl -I ../apps/openssl/compat -D_PATH_SSL_CA_FILE=\"../apps/openssl/cert.pem\" -I/Users/kevin/wrt/staging_dir/host/include  -D__STRICT_ALIGNMENT  -O2 -I/Users/kevin/wrt/staging_dir/host/include  -fpic -Wall -std=gnu99 -fno-strict-aliasing  -fno-strict-overflow -D_FORTIFY_SOURCE=2 -fstack-protector-strong  -Qunused-arguments -Wno-pointer-sign -MT handshake_table.o -MD -MP -MF $depbase.Tpo -c -o handshake_table.o handshake_table.c &&\
	mv -f $depbase.Tpo $depbase.Po
make[4]: *** No rule to make target `/Users/kevin/wrt/build_dir/host/libressl-2.9.2/crypto/.libs/libcrypto_la-cpuid-macosx-x86_64.o', needed by `handshake_table'.  Stop.
make[3]: *** [all-recursive] Error 1

A similar error & clues from
e783d60473

"
LibreSSL 2.9.1 now has a test that requires libtls.a, however, when building a
shared library only build, the --disable-static flag is passed to libressl,
which prevents the building of libtls.a.

With libtls.a not being built, the following error occurs:
libressl-2.9.1/tls/.libs/libtls.a', needed by 'handshake_table'.  Stop.

There are three options to fix this:
1) Stick with autotools, and provide a patch that removes building anything in
   the tests folder.
2) Pass --enable-static to LIBRESSL_CONF_OPTS
3) Change the package type to cmake, as a cmake build does not have this issue."

It appears we cannot change to cmake because cmake has a dependency on
an ssl library.

Take option 1 and do not build the tests.

Also take the opportunity to remove man page building as well.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-22 17:06:04 +01:00
Roman Yeryomin
3f1e8c0131 tools: libressl: update to 2.9.2 version
To keep in sync with OpenSSL 1.1.x branch version options.

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2019-07-21 10:51:43 +02:00
Petr Štetiar
ff7909f69e firmware-utils: mkfwimage: fix build failure on macOS with gcc 9
Fixes following errors:

 src/mkfwimage.c:279:8: error: format specifies type 'long' but the argument has type 'off_t' (aka 'long long') [-Werror,-Wformat]
                      d->stats.st_size,
                     ^~~~~~~~~~~~~~~~
 src/mkfwimage.c:280:8: error: format specifies type 'long' but the argument has type 'long long' [-Werror,-Wformat]
                      d->partition_length - d->stats.st_size);
                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 src/mkfwimage.c:378:6: error: format specifies type 'unsigned long' but the argument has type 'long long' [-Werror,-Wformat]
                      d->stats.st_size - d->partition_length);
                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Reported-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-19 23:04:23 +02:00
Petr Štetiar
04cb651376 firmware-utils: mkfwimage: fix more errors reported by gcc-6/7/9
src/mkfwimage.c:276:8: error: format '%lld' expects argument of type 'long long int', but argument 4 has type '__off_t' {aka 'const long int'} [-Werror=format=]
src/fw.h:71:36: error: format '%llu' expects argument of type 'long long unsigned int', but argument 6 has type '__off_t' {aka 'long int'} [-Werror=format=]
    inlined from 'main' at src/mkfwimage.c:543:12:
/string_fortified.h:106:10: error: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length [-Werror=stringop-truncation]
    inlined from 'write_part' at src/mkfwimage.c:235:2,
string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]
    inlined from 'main' at src/mkfwimage.c:477:5:
string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 256 equals destination size [-Werror=stringop-truncation]
    inlined from 'main' at src/mkfwimage.c:496:5:
string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 4096 equals destination size [-Werror=stringop-truncation]
    inlined from 'main' at src/mkfwimage.c:481:5:
string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 4096 equals destination size [-Werror=stringop-truncation]
    inlined from 'main' at src/mkfwimage.c:485:5:
string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]

Runtested on ath79 and UBNT Bullet M XW.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-19 22:11:15 +02:00
Kevin Darbyshire-Bryant
90b7dbf7d8 firmware-utils: mkfwimage: fix more errors
Fix 4 errors reported by gcc 9

3 mismatched format type errors
1 unused variable error

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-19 16:56:39 +01:00
Petr Štetiar
9401780c2c firmware-utils: mkfwimage: provide human readable error
While looking at the ath25 build breakage of 19.07 images today I've
encountered following error:

 mkfwimage -B XS5 -v [...] ath25-ubnt5-squashfs-sysupgrade.bin.new
 ERROR: Failed creating firmware layout description - error code: -2

Which is barely human readable and needs poking into the source code, so
this patch makes the error more verbose and usable by mere mortals.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-19 16:16:15 +02:00