db3934d2f740 scripts/netifd-wireless.sh: properly fix WPA3 Enterprise support
Support the following values for the different WPA3 Enterprise modes:
- wpa3-mixed: WPA3 Enterprise transitional mode
This supports EAP with both SHA1 and SHA-256, with optional MFP
- wpa3: WPA3 Enterprise only mode
This supports only SHA256 with mandatory MFP
- wpa3-192: WPA3 Enterprise with mandatory 192 bit support
This uses only GCMP-256 ciphers
Disable 192 bit support and GCMP-256 ciphers for the regular "wpa3" mode.
It seems that even leaving in optional 192 bit support breaks auth on some
clients, including iOS devices.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
WPA3 Enterprise-transitional requires optional MFP support and SHA1+SHA256
WPA3 Enterprise-only requires SHA1 support disabled and mandatory MFP.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
It seems that this was not functioning properly and was likely completely unused.
Keeping this out of tree also introduced some annoying churn when updating, because
of the iw nl80211.h sync patch.
If this is needed, it will be reintroduced when/if it is added upstream
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Arm platforms with the right hardware blocks (such as
GICv3.0+ interrupt controller and SMMU/IOMMU) are
able to use vfio-pci to pass through PCI devices
to a VM.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
The vfio module only exposes the enable_unsafe_noiommu_mode parameter
if CONFIG_VFIO_NOIOMMU is enabled. When it isn't, the module
will complain about an unknown parameter:
vfio: unknown parameter 'enable_unsafe_noiommu_mode' ignored
As CONFIG_VFIO_NOIOMMU is disabled by the module package,
we can remove the module loading parameter.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
Always enable built-in 2.5G PHY on MT7988 for now, so that it can be
used. In future it would be nice to be able to switch power and MDIO
access via address 0 at run-time in Linux, both, to be able to use
external PHYs at address 0 and to reduce power consumption on systems
not using the built-in 2.5G PHY.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The U-Boot build for the MT7988 reference board booting from SD card
wrongly depended on the 'ddr4' variant of the ARM TrustedFirmware-A build
even though the 'comb' variant is used. Fix that dependency.
Fixes: 572ea68070 ("uboot-mediatek: add patches for MT7988 and builds for RFB")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
While the v2 is nearly identical to v1, v3 uses a different PHY and
needs a different build for Ethernet to work in U-Boot.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Select many potentially useful options for the MT7988 RFB U-Boot builds.
The resulting loader is intended as a development tool and intends to be
generic. It does *not* have a default bootcmd set, but allows to boot
pretty much everything, including EFI executables.
To install this U-Boot build to the eMMC:
opkg install mmc-utils partx-utils
mmc bootpart enable 1 1 /dev/mmcblk0
echo 0 > /sys/block/mmcblk0boot0/force_ro
dd if=*mediatek_mt7988a-rfb-nand-emmc-preloader.bin of=/dev/mmcblk0boot0
dd if=*mediatek_mt7988a-rfb-nand-emmc-gpt.bin of=/dev/mmcblk0
partx -a /dev/mmcblk0
dd if=*mediatek_mt7988a-rfb-nand-emmc-bl31-uboot.fip of=/dev/mmcblk0p3
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Compile-tested: all boards
Runtime-tested:
- Cortex-A8: pcDuino
- Cortex-A7: Bananapro, Bananapi M3
- Cortex-A53:Pine64+
Notes:
- binman tries to add firmware for the SCP (system control processor), which
we don't build, and is optional for the boot process on 64-bit. Disable this
via setting the SCP envvar to /dev/null. For further info, see [1] .
[1] https://github.com/u-boot/u-boot/blob/master/board/sunxi/README.sunxi64
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
vhost-net is used to accelerate traffic to virtualisation
guests that use the virtio-net network card in QEMU.
Generally it is invoked by specifying "vhost=on" to a
QEMU -netdev device:
qemu-system-aarch64 -nographic -M virt -cpu host \
--enable-kvm -bios u-boot.bin -smp 1 -m 2048 \
-drive file=openwrt-armsr-armv8.img,format=raw,index=0,media=disk \
-device "virtio-net,netdev=landev,disable-legacy=off,disable-modern=off" \
-netdev "tap,id=landev,helper=/usr/lib/qemu-bridge-helper --br=br-lan,vhost=on"
Signed-off-by: Mathew McBride <matt@traverse.com.au>
We have to move to use git clone as there are no newer tagged releases.
Changes:
604f8f5 Default CROSS_CM3 to arm-none-eabi- instead of armv7m-softfloat-eabi-
b9b9419 Tidy up license information
0290b2c wtmi: Fix typo
a10b8e9 Makefile: fix a53-firmware.bin generation (maximum size is not optimal)
f654082 wtmi: Add const qualifier to isr_vector
4a43a3b wtmi: Improve detection of ESPRESSObin boards with Topaz
189e629 wtmi: Improve detection of boards with insufficient MDIO pull-up
3dac4fe wtmi: Fix detection of Armada 3720 Devel Board
3ca4dfa Bump mox-imager commit
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Changes:
1de442d Convert floating point operations to integer operations
ce6770d Modify mv_ddr4_calibration_validate function body to match function header
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Changes:
a3e1c67 wtmi: Fix linker output sections
f65e3bf wtmi: Remove usage of non-existant string.h file and memcpy() function
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Recent envtools update to 2023.07.02 has introduced a breakage when trying
to parallel build with the following error:
/bin/sh: line 1: scripts/basic/fixdep: No such file or directory
Luckily it can easily be reproduced locally via a simple script so it was
not hard to bisect it down to upstream commit [1].
However, its not that commits fault, it just uncovered an issue with the
way we have been building envtools for a long time, maybe even from the
package introduction.
The issue is that we are trying to build envtools as one of the U-Boot
no-dot-config-targets but envtools was newer a valid target for it but
since we were creating the config headers that were not actually used it
was actually building all this time.
Since the blamed commit [1] a tool called printinitialenv is built and
now a proper config is actually required in order for prerequisites to
get built properly.
So, in order to properly fix this (Hopefully for good) lets stop pretending
that envtools are a valid no-dot-config-targets target and use the
tools-only defconfig which is meant exactly for just building the tools.
This will make a minimal config for the U-Boot sandbox target and then
envtools will build just fine in parallel mode (I tested with 32 threads).
We do hovewer need to override the ARCH passed by OpenWrt and set it to
sandbox as otherwise U-Boot will not find the required headers because the
ARCH is being overriden to an incorrect one.
[1] 40b77f2a3a
Fixes: 9db0330052 ("uboot-envtools: update to 2023.07.02")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
WED requires a bunch of additional reserved memory regions. As U-Boot's
LMB allocator defaults to a maximum of only 8 regions, this currently
makes using WED impossible.
Raise LMB_MAX_REGIONS to 64 just like for all other MediaTek boards
with a SoC supporting WED.
Fixes: 572ea68070 ("uboot-mediatek: add patches for MT7988 and builds for RFB")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
When the STA is brought up, it is set to DISABLED before adding the bss to ucode,
so the first trigger to disable the AP is missed.
Reported-by: Michael-cy Lee (李峻宇) <Michael-cy.Lee@mediatek.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
During the channel scanning process, the driver will continuously
switch channels. It seems that the full RF calibration step in
rt2800_config_channel() caused the channel scanning function to
timeout. To fix it, move the RF calibration to rt2800_enable_radio()
so that it is only executed once. This commit also includes some
coding format adjustments to follow the Linux recommended style.
Fixes: 2824fa6963 ("mac80211: rework MT7620 PA/LNA RF calibration")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Fix compatible string to match what is supported upstream, fix alignment
and order MTD partitions according to offset.
Signed-off-by: Stefan Agner <stefan@agner.ch>
I recently added support for the NorthStar ARM BCM53xx SoCs
to the upstream U-Boot. This is a back port on top of the
2023.04 version already imported to OpenWrt with the 5 necessary
upstream patches.
This is needed to create a small U-Boot for the BCM53xx-based
D-Link DIR-890L and I think also the DIR-885L, so that a
recent (bigger) kernel can be loaded and executed from the
SEAMA partitions on these devices.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Telenor quirks
--------------
The operator specific firmware running on the Telenor branded
ZyXEL EX5700 includes U-Boot modifications affecting the OpenWrt
installation.
Notable changes to U-Boot include
- environment is stored in RAM and reset to defaults when power
cycled
- dual partition scheme with "nomimal" or "rescue" systems, falling
back to "rescue" unless the OS signals success in 3 attempts
- several runtime additions to the device-tree
Some of these modifications have side effects requiring workarounds
- U-Boot modifies /chosen/bootargs in an unsafe manner, and will crash
unless this node exists
- U-Boot verifies that the selected rootfs UBI volume exists, and
refuses to boot if it doesn't. The chosen "rootfs" volume must contain
a squashfs signature even for tftp or initramfs booting.
- U-Boot parses the "factoryparams" UBI volume, setting the "ethaddr"
variable to the label mac. But "factoryparams" does not always
exist. Instead there is a "RIP" volume containing all the factory
data. Copying the "RIP" volume to "factoryparams" will fix this
Hardware
--------
SOC: MediaTek MT7986
RAM: 1GB DDR4
FLASH: 512MB SPI-NAND (Mikron xxx)
WIFI: Mediatek MT7986 802.11ax 5 GHz
Mediatek MT7916 DBDC 802.11ax 2.4 + 6 GHz
ETH: MediaTek MT7531 Switch + SoC
3 x builtin 1G phy (lan1, lan2, lan3)
2 x MaxLinear GPY211C 2.5 N-Base-T phy (lan4, wan)
USB: 1 x USB 3.2 Enhanced SuperSpeed port
UART: 3V3 115200 8N1 (Pinout: GND KEY RX TX VCC)
Installation
------------
1. Download the OpenWrt initramfs image. Copy the image to a TFTP server
reachable at 192.168.1.2/24. Rename the image to C0A80101.img.
2. Connect the TFTP server to lan1, lan2 or lan3. Connect to the serial
console, Interrupt the autoboot process by pressing ESC when prompted.
3. Download and boot the OpenWrt initramfs image.
$ env set uboot_bootcount 0
$ env set firmware nominal
$ tftpboot
$ bootm
4. Wait for OpenWrt to boot. Transfer the sysupgrade image to the device
using scp and install using sysupgrade.
$ sysupgrade -n <path-to-sysupgrade.bin>
Missing features
----------------
- The "lan1", "lan2" and "lan3" port LEDs are driven by the switch but
OpenWrt does not correctly configure the output.
- The "lan4" and "wan" port LEDs are driven by the GPH211C phys and
not configured by OpenWrt.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
The vendor U-Boot implementaion on Telenor branded ZyXEL EX5700
devices does not store its environment on flash. It is instead
kept in a memory region. This is persistent over reboots, but
not over power cycling.
The dual partition failsafe system used by the vendor U-Boot
requires the OS to modify a variable in this memory environment.
This driver allows the ordinary uboot-envtools to access a
memory region like it was a partition on NOR flash.
The specific vendor U-Boot adds a "no-map" /reserved-memory
section and a top level /ubootenv node pointing to the memory
environment. The driver uses this device specific fact to
locate the region. The matching and probing code will likely
have to be adjusted for any other devices to be supported.
Example partial device tree:
/ {
..
ubootenv {
memory-region = <&uenv>;
compatible = "ubootenv";
};
..
reserved-memory {
..
uenv: ubootenv@7ffe8000 {
no-map;
reg = <0 0x7ffe8000 0 0x4000>;
};
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Netgear Nighthawk RAX120v2 AX WIFI router with 5 1G and 1 5G ports.
The majority of the code is based on @jewwest's PR #11830.
Specifications:
* CPU: Qualcomm IPQ8074 Quad core Cortex-A53 2.2GHz
* RAM: 1024MB of DDR3 (Nanya NT5CC256M16EP-EK × 2)
* Flash: SPI-NAND 512 MiB (Winbond W29N04GZBIBA)
* Ethernet: 4x 10/100/1000 Mbps LAN,
1x 10/100/1000 Mbps WAN (Qualcomm QCA8075),
1x 10/100/1000/2500/5000 Mbps LAN/WAN (Aquantia AQR111B0 PHY)
* Wi-Fi:
* 2.4 GHz: Qualcomm QCN5024 4x4
* 2x 5 GHz: Qualcomm QCN5054 4x4
* USB: 2x USB 3.0
* LEDs: Power, 2.4GHz & 5GHz Radio, WPS, WAN, USB1 & USB2, 5G LAN
* Keys: LEDs On/Off, Power, Reset, RFKILL, WPS
* UART: Marked J9003 VCC TX RX GND, beginning from "1". 3.3v, 115200n8
* Power: 19 VDC, 3.1 A
Installation:
* Flashing OpenWrt is done in two steps:
a) Flash *-squashfs-web-ui-factory.img from stock UI (thanks to @wangyu-).
This writes an initramfs based OpenWrt image onto the RAX120v2
b) From OpenWrt flash the *-squashfs-sysupgrade.bin using LuCI or the commandline
* U-Boot allows booting an initramfs image via TFTP:
- Set ip of your PC to 192.168.1.100
- At the serial console interrupt boot at "Hit any key to stop autoboot:"
- In u-boot run `tftpsrv`
- On your PC send the OpenWrt initramfs image:
tftp 192.168.1.1 -m binary -c put openwrt-ipq807x-generic-netgear_rax120v2-initramfs-uImage.itb
Make 5G Aquantia phy work:
For the 5G port labeled 'lan5' to work a firmware is needed. This can be loaded in
u-boot by writing the firmware to the correct mtd partition.
The firmware file found in the Netgear stock firmware under /lib/firmware/ named
'AQR-G3_v4.3.C-AQR_DNI_DR-EQ35AX8-R-prov1_ID23888_VER1311.cld' is needed and has to
be converted to a MBN file.
The `mkheader.py` script used here can be found in the Netgear V1.2.8.40 GPL source,
under 'git_home/u-boot.git/tools/mkheader.py'
Convert the CLD file to MBN using:
$ python2 mkheader.py 0x44000000 0x13 <*.cld file> aqr_4.3.C.mbn
This MBN file can then be flashed to the MTD partition to be used by u-boot.
The necessary files can also be found in
https://github.com/boretom/openwrt-fork/tree/rax120v2/aquantia-firmware
* Write MBN file to MTD partition to be loaded automatically by u-boot:
U-boot automatically tries to load the firmware from nand at address 0x7e00000 which
corresponds to `/dev/mtd25` in OpenWrt.
- find ETHPHYFW partition while running OpenWrt (expected: /dev/mtd25)
$ fgrep -i 'ethphyfw' /proc/mtd
mtd25: 00080000 00020000 "ethphyfw
- copy mbn file to /tmp/ folder of the router
$ scp aqr-v4.3.C.mbn 192.168.1.1:/tmp/
- write mbn file to ethphyfw partition
$ mtd write /tmp/aqr_v4.3.C.mbn /dev/mtd25
Revert to stock firmware:
* Flash the stock firmware to the bootloader using TFTP/NMRP.
References to RAX120v2 GPL source:
https://www.downloads.netgear.com/files/GPL/RAX120-V1.2.8.40_gpl_src.zip
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Thomas Kupper <thomas.kupper@gmail.com>
9b2b203 fix usb_recv_tasklet -Wcast-function-type
a027da5 fix kernel 6.1 80211 link_id
7a9c802 fix build for kernel 6.1 prandom
3a3eb24 fix build for kernel 5.17 PDE_DATA
fe2afbd fix build for kernel 5.17 const netdev->dev_addr
7275bae fix build for 5.17 kernel complete_and_exit
c9c2aa7 Update usb_intf.c
revert the upstream 6.1 link_id (depend on kernel version) changes and
force 6.1 link_id
The downstream patch casting const off the direct dev_addr writes
triggers the runtime check from
Linux d07b26f5bbea ("dev_addr: add a modification check")
Fixes: #13261
Fixes: a07566ead8 ("rtl8812au-ct: fix even more compilation error with kernel 6.1")
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
Commit e978072baaca ("Do prune_association only after the STA is
authorized") causes issues when an STA roams from one interface to
another interface on the same PHY. The mt7915 driver is not able to
handle this properly. While the commits fixes a DoS, there are other
devices and drivers with the same limitation, so revert to the orginal
behavior for now, until we have a better solution in place.
Fixes: #13156
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Update to the latest stable version.
This update changes the default lockfile directory from /var/lock to
/run [1]. In OpenWRT we still use the "legacy" /var/lock and /run might
not even exist, so we add a patch to revert this particular change.
[1] aeb40f1166
Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
This updates the Intel iwlwifi firmware for AX200 and AX210 from version
66 to version 72. Version 72 is the latest version supported by iwlwifi
from kernel 6.1.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Instead of reading only a single 4kiB page, read the first 128kiB to
determine the size of an uImage.FIT using 'imsz' or 'imszb'.
This will be needed once we add more Device Tree Overlays, which may
happen for the BPi-R3 mini.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>