OpenWrt plans to move over to firewall4 which uses nftables under the
hood. To allow a smooth migration the package `iptables-nft` offer a
transparent wrapper to apply iptables rules to nftables.
Without the config option for nftables the package isn't installed and
therefore can't be tested. This commit enabled it and therefore provides
the wrapper.
The size of the iptables package increases from 25436 to 26500 Bytes.
Signed-off-by: Paul Spooren <mail@aparcar.org>
This does not have spare blocks for remapping, and it is also not suitable
for random write access. It only skips over bad blocks on linear writes of an
image to a partition. As such, it is really only suitable for the kernel
partition, or other partitions with mostly static data
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Limit bmt remapping range to cover everything up to and including the kernel image,
use the rest of the flash area for ubi.
Fix partition table and sysupgrade support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This can be used to support ubi on top of mtk_bmt without reflashing the
boot loader. The boot loader + factory + kernel area is covered, while the
rest is passed through as-is
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add support for showing remapped blocks and garbage collecting old
remapped blocks triggered by using the mark_good/mark_bad files
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Preparation for supporting BMT on MT7621. Move source files to the files/
subdirectory in order to simplify maintenance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
If the SPI probe is sufficiently delayed, the routerboot driver may fail
to init as the routerboot partitions are not yet available.
Register an MTD user notifier instead of doing straight init so that the
init subroutines are only executed when the target MTD partitions are
present.
Because the init/exit routines can now be called outside of the kernel
normal init/exit calls, they cannot be jettisoned and must always be
available: the __init and __exit qualifiers are thus removed.
Reported-by: Denis Kalashnikov <denis281089@gmail.com>
Signed-off-by: Denis Kalashnikov <denis281089@gmail.com>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
[bump hardconfig/softconfig versions]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
It was reported that some rb912 boards (ar934x) have issues with some ethernet speeds.
Investigation shows that the board failed to adapt the ethernet pll values as shown here:
[ 5.284359] ag71xx 19000000.eth: failed to read pll-handle property
added custom prints in code and triggering a link switch:
[ 62.821446] Atheros AG71xx: fast reset
[ 62.826442] Atheros AG71xx: update pll 2
[ 62.830494] Atheros AG71xx: no pll regmap!
Comparison with another very similar board (rb922 - QCA955x) showed a missing
reference clock frequency in dts, which seems to cause a pll init issue.
Unfortunately, no errors are printed when this occurs.
Adding the frequency property fixes the pll init as it can be parsed now
by the ethernet driver.
[ 55.861407] Atheros AG71xx: fast reset
[ 55.866403] Atheros AG71xx: update pll 2
[ 55.870462] Atheros AG71xx: ath79_set_pllval: regmap: 0x81548000, pll_reg: 0x2c, pll_val: 0x02000000
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Make soft_config writable in all cases. Performing soft_config commit
will fail if mtd partition is not writable.
Signed-off-by: Oskari Lemmela <oskari@lemmela.net>
[bump rb_softconfig version number]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
ca6c35c uxc: usage message cosmetics
e083dd4 uxc: fix two minor issues reported by Coverity
35dfbff procd: jail/cgroups: correctly enable "rdma" when requested
3b3ac64 procd: mount /dev with noexec
ac2b8b3 procd: clean up /dev/pts mounts
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Set policy bit to force read-only mode on uImage.FIT filesystem
sub-images mapped as block partitions by the FIT partition parser.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
CONFIG_ARM_ARCH_TIMER cannot be enabled in the config directly; it is only
selected by CONFIG_HAVE_ARM_ARCH_TIMER. We need to enable the latter in
our config.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Fixes: 4f1c5b01c1 ("mediatek: mt7623: backport musb, improve HDMI console")
The Unielec U7623 doesn't have a physical power button; I think it's hard
wired so that it turns on automatically when power is applied (unlike the
Banana Pi R2 which is a pain).
So the 'reset on long press of power button' behaviour that we get when
we enable the PMIC keyboard driver is kind of unhelpful. Disable it.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Fixes: 0d3f3323a2 ("mediatek: mt7623: enable more hardware features")
0f16ea5 options.c: add DSCP code LE Least Effort
24ba465 firewall3: remove redundant syn check
df1306a firewall3: fix locking issue
3624c37 firewall3: support table load on access on Linux 5.15+
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Device specifications:
======================
* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
- 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 2T2R 2.4 GHz Wi-Fi (11n)
* 2T2R 5 GHz Wi-Fi (11ac)
* 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* TI tmp423 (package kmod-hwmon-tmp421) for temperature monitoring
* 2x ethernet
- eth0
+ AR8035 ethernet PHY (RGMII)
+ 10/100/1000 Mbps Ethernet
+ 802.3af POE
+ used as LAN interface
- eth1
+ AR8035 ethernet PHY (SGMII)
+ 10/100/1000 Mbps Ethernet
+ 18-24V passive POE (mode B)
+ used as WAN interface
* 12-24V 1A DC
* internal antennas
Flashing instructions:
======================
Various methods can be used to install the actual image on the flash.
Two easy ones are:
ap51-flash
----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP
-------------------
The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):
setenv serverip 192.168.1.21
setenv ipaddr 192.168.1.1
tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr
The actual sysupgrade image can then be transferred (on the LAN port) to the
device via
scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/
On the device, the sysupgrade must then be started using
sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Device specifications:
======================
* Qualcomm/Atheros AR9344 rev 2
* 560/450/225 MHz (CPU/DDR/AHB)
* 64 MB of RAM
* 16 MB of SPI NOR flash
- 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 1T1R 2.4 GHz Wi-Fi
* 2T2R 5 GHz Wi-Fi
* 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default)
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* TI tmp423 (package kmod-hwmon-tmp421) for temperature monitoring
* 2x ethernet
- eth0
+ AR8035 ethernet PHY
+ 10/100/1000 Mbps Ethernet
+ 802.3af POE
+ used as LAN interface
- eth1
+ 10/100 Mbps Ethernet
+ builtin switch port 1
+ 18-24V passive POE (mode B)
+ used as WAN interface
* 12-24V 1A DC
* internal antennas
Flashing instructions:
======================
Various methods can be used to install the actual image on the flash.
Two easy ones are:
ap51-flash
----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP
-------------------
The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):
setenv serverip 192.168.1.21
setenv ipaddr 192.168.1.1
tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr
The actual sysupgrade image can then be transferred (on the LAN port) to the
device via
scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/
On the device, the sysupgrade must then be started using
sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
Signed-off-by: Sven Eckelmann <sven@narfation.org>
db7fb64 libopkg: pkg_hash: prefer to-be-installed packages
2edcfad libopkg: set 'const' attribute for argv
This should fix the ImageBuilder problems people are having since we
introduced the 'uci-firewall' providers.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Asus RP-AC66 Repeater
Hardware specifications:
Board: AP152
SoC: QCA9563
DRAM: 64MB DDR2
Flash: 25l128 16MB SPI-NOR
LAN/WAN: 1x1000M QCA8033
WiFi 5GHz: QCA9880
Clocks: CPU:775.000MHz, DDR:650.000MHz, AHB:258.333MHz, Ref:25.000MHz
MAC addresses as verified by OEM firmware:
use address source
Lan/Wan *:24 art 0x1002 (label)
2G *:24 art 0x1002
5G *:26 art 0x5006
Installation:
Asus windows recovery tool:
- install the Asus firmware restoration utility
- unplug the router, hold the reset button while powering it on
- release when the power LED flashes slowly
- specify a static IP on your computer:
IP address: 192.168.1.75
Subnet mask 255.255.255.0
- Start the Asus firmware restoration utility, specify the factory image
and press upload
- Do not power off the device after OpenWrt has booted until the LED flashing.
TFTP Recovery method:
- set computer to a static ip, 192.168.1.75
- connect computer to the LAN 1 port of the router
- hold the reset button while powering on the router for a few seconds
- send firmware image using a tftp client; i.e from linux:
$ tftp
tftp> binary
tftp> connect 192.168.1.1
tftp> put factory.bin
tftp> quit
Signed-off-by: Tamas Balogh <tamasbalogh@hotmail.com>
9a509d4 ruleset.uc: consolidate ip and ip6 offload
21f311d ruleset.uc: don't trim newline before comment sign
f121383 tests: enable flow offloading in tests
550df40 tests: add test for unknown defaults option
47c5a5b tests: add test for deprecated rule option
69a89d6 tests: add test for unknown rule option
07579df fw4.uc: handle interface zone option
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The lowest frequency should be 300MHz, since that is the label
assigned to the OPP in the mt7622.dtsi device tree, while there is one
missing zero in the actual value.
To be clear, the lowest frequency should be 300MHz instead of 30MHz.
As mentioned @dangowrt on the OpenWrt forum there is no benefit in
leaving 30MHz as the lowest frequency.
Signed-off-by: Jip de Beer <gpk6x3591g0l@opayq.com>
Signed-off-by: Fritz D. Ansel <fdansel@yandex.ru>
Fall back to using board_vendor and board_name, if known dummy values
are used for sys_vendor and product_name.
Examples:
To be filled by O.E.M.:To be filled by O.E.M.
--> INTEL Corporation:ChiefRiver
System manufacturer:System Product Name
--> ASUSTeK COMPUTER INC.:P8H77-M PRO
To Be Filled By O.E.M.:To Be Filled By O.E.M.
--> ASRock:Q1900DC-ITX
Gigabyte Technology Co., Ltd.:To be filled by O.E.M.
--> Gigabyte Technology Co., Ltd.:H77M-D3H
empty:empty
--> TYAN Computer Corporation:TYAN Toledo i3210W/i3200R S5211
To Be Filled By O.E.M.:To Be Filled By O.E.M.
--> ASRock:H77 Pro4-M
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
This commit moves the device profiles within the ipq806x/generic
subtarget into their own includable .mk file, to support eventually
having subtargets other than generic.
Signed-off-by: Alex Lewontin <alex.c.lewontin@gmail.com>
Almost all targets have the fixed-phy feature built into the kernel.
One big exception is x86. This caused a problem with the upcoming
LAN78xx usb driver. Hence this patch breaks out the fixed-phy from
of_mdio (which didn't include the .ko) and puts into a separate
module.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
phy drivers for Microchip's LAN88xx PHYs.
This is needed for the "LAN7801" variant
of the upstream lan78xx usb ethernet driver.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
libdw depends on libfts.so when building with the musl-libc library, add
this missing dependency.
Fixes: 6835ea13f0 ("elfutils: update to 0.186")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Linux upstream commit 9370f2d05a
add load firmware file through request_firmware,this affect the
nanopi r2s and some USB adapters in kernel 5.10 with this error:
'r8152 4-1:1.0: unable to load firmware patch rtl_nic/rtl8153b-2.fw'
This patch split the USB NIC firmware files from r8169 firmware,
and adds r8152-firmware to r8152 driver.
Add kmod-usb-net-cdc-ncm to support RTL8156A and RTL8156B 2.5G ethernet
adapters supported since v5.13-rc1.
195aae321c
Signed-off-by: Marty Jones <mj8263788@gmail.com>
Update busybox to 1.35.0
* refresh patches
Config refresh:
Refresh commands, run after busybox is first built once:
cd package/utils/busybox/config/
../convert_menuconfig.pl ../../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-default/busybox-1.35.0
cd ..
./convert_defaults.pl ../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-default/busybox-1.35.0/.config > Config-defaults.in
Manual edits needed after config refresh:
* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in: OpenWrt configTARGET_bcm53xx logic applied to
BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* Config-defaults.in: OpenWrt logic applied to
BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)
* config/editors/Config.in: Add USE_GLIBC dependency to
BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* config/shell/Config.in : change at "Options common to all shells" the symbol
SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
(discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
Apparently our script does not see the hidden option while
prepending config options with "BUSYBOX_CONFIG_" which leads to a
missed dependency when the options are later evaluated.)
* Edit Config.in files by adding quotes to sourced items in
config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
session tickets are a feature of TLSv1.2 and require less memory
and overhead on the server than does managing a session cache
Building mbedtls with support for session tickets will allow the
feature to be used with lighttpd-1.4.56 and later.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Specifications:
- SoC: MT7621DAT (880MHz, 2 Cores)
- RAM: 128 MB
- Flash: 128 MB NAND
- Ethernet: 5x 1GiE MT7530
- WiFi: MT7603/MT7613
- USB: 1x USB 3.0
This is another MT7621 device, very similar to other Linksys EA7300
series devices.
Installation:
Upload the generated factory.bin image via the stock web firmware
updater.
Reverting to factory firmware:
Like other EA7300 devices, this device has an A/B router configuration
to prevent bricking. Hard-resetting this device three (3) times will
put the device in failsafe (default) mode. At this point, flash the
OEM image to itself and reboot. This puts the router back into the 'B'
image and allows for a firmware upgrade.
Troubleshooting:
If the firmware will not boot, first restore the factory as described
above. This will then allow the factory.bin update to be applied
properly.
Signed-off-by: Nick McKinney <nick@ndmckinney.net>
RAISECOM MSG1500 X.00 is a 2.4/5 GHz band 11ac (Wi-Fi 5) router.
Apart from the general model, there are two ISP customized models:
China Mobile and China Telecom.
Specifications:
- SoC: Mediatek MT7621AT
- RAM: 256MiB DDR3
- Flash: 128MiB NAND
- Ethernet: 5 * 10/100/1000Mbps: 4 * LAN + 1 * WAN
- Switch: MediaTek MT7530 (SoC)
- WLAN: 1 * MT7615DN Dual-Band 2.4GHz 2T2R (400Mbps) 5GHz 2T2R (867Mbps)
- USB: 1 * USB 2.0 port
- Button: 1 * RESET button, 1 * WPS button, 1 * WIFI button
- LED: blue color: POWER, WAN, WPS, 2.4G, 5G, LAN1, LAN2, LAN3, LAN4, USB
- UART: 1 * serial port header (4-pin)
- Power: DC 12V, 1A
- Switch: 1 * POWER switch
MAC addresses as verified by vendor firmware:
use address source
LAN C8:XX:XX:3A:XX:E7 Config "protest_lan_mac" ascii (label)
WAN C8:XX:XX:3A:XX:EA Config "protest_wan_mac" ascii
5G C8:XX:XX:3A:XX:E8 Factory "0x4" hex
2.4G CA:XX:XX:4A:XX:E8 [not on flash]
The increment of the 4th byte for the 2.4g address appears to vary.
Reported cases:
5g 2.4g increment
C8:XX:XX:90:XX:C3 CA:XX:XX:C0:XX:C3 0x30
C8:XX:XX:3A:XX:08 CA:XX:XX:4A:XX:08 0x10
C8:XX:XX:3A:XX:E8 CA:XX:XX:4A:XX:E8 0x10
Since increment is inconsistent and there is no obvious pattern
in swapping bytes, and the 2.4g address has local bit set anyway,
it seems safer to use the LAN address with flipped byte here in
order to prevent collisions between OpenWrt devices and OEM devices
for this interface. This way we at least use an address as base
that is definitely owned by the device at hand.
Notes:
1. The vendor firmware allows you to connect to the router by telnet.
(known version 1.0.0 can open telnet.)
There is no official binary firmware available.
Backup the important partitions data:
"Bootloader", "Config", "Factory", and "firmware".
Note that with the vendor firmware the memory is detected only 128MiB
and the last 512KiB in NAND flash is not used.
2. The POWER LED is default on after press POWER switch.
The WAN and LAN1 - 4 LEDs are wired to ethernet switch.
The WPS LED is controlled by MT7615DN's GPIO.
Currently there is no proper way to configure it.
3. At the time of adding support the wireless config needs to be set up
by editing the wireless config file:
* Setting the country code is mandatory, otherwise the router loses
connectivity at the next reboot. This is mandatory and can be done
from luci. After setting the country code the router boots correctly.
A reset with the reset button will fix the issue and the user has to
reconfigure.
* This is minor since the 5g interface does not come up online although
it is not set as disabled. 2 options here:
1- Either run the "wifi" command. Can be added from LuCI in system -
startup - local startup and just add wifi above "exit 0".
2- Or add the serialize option in the wireless config file as shown
below. This one would work and bring both interfaces automatically
at every boot:
config wifi-device 'radio0'
option serialize '1'
config wifi-device 'radio1'
option serialize '1'
Flash instructions using initramfs image:
1. Press POWER switch to power down if the router is running.
2. Connect PC to one of LAN ports, and set
static IP address to "10.10.10.2", netmask to "255.255.255.0",
and gateway to "10.10.10.1" manually on the PC.
3. Push and hold the WIFI button, and then power up the router.
After about 10s (or you can call the recovery page, see "4" below)
you can release the WIFI button.
There is no clear indication when the router
is entering or has entered into "RAISECOM Router Recovery Mode".
4. Call the recovery page for the router at "http://10.10.10.1".
Keep an eye on the "WARNING!! tip" of the recovery page.
Click "Choose File" to select initramfs image, then click "Upload".
5. If image is uploaded successfully, you will see the page display
"Device is upgrading the firmware... %".
Keep an eye on the "WARNING!! tip" of the recovery page.
When the page display "Upgrade Successfully",
you can set IP address as "automatically obtain".
6. After the rebooting (PC should automatically obtain an IP address),
open the SSH connection, then download the sysupgrade image
to the router and perform sysupgrade with it.
Flash back to vendor firmware:
See "Flash instructions 1 - 5" above.
The only difference is that in step 4
you should select the vendor firmware which you backup.
Signed-off-by: Liangkuan Yang <ylk951207@gmail.com>
This commit adds support for Joowin (aka Comfast) WR758AC V1 and V2
devices.
Both have the same wall AP/repeater form factor and differ only
in the 5Ghz chipset (V1 has MT7662, V2 has MT7663).
OpenWrt developers forum page:
https://forum.openwrt.org/t/87355
Specifications:
- CPU: MediaTek MT7628AN (580MHz)
- Flash: 8MB
- RAM: 64MB DDR2
- 2.4 GHz: 802.11b/g/n (MT7603)
- 5 GHz: 802.11ac (V1 has MT7662, V2 has MT7663)
- Antennas: 4x external single band antennas
- LAN: 1x 10/100M
- LED: Wifi 3x blue. Programmable
- Button: WPS
MAC addresses as verified by OEM firmware:
use address source
LAN *:83 factory 0xe000
2g *:85 factory 0x4
5g *:86 factory 0x8004
How to install:
1- Setup a TFTP server on a machine with IP address 192.168.1.10/24
2- Name the image as `firmware_auto.bin` and place it on the root of the
TFTP server
3- Connect the device via Ethernet, it should pick and flash the image
Signed-off-by: Rodrigo Araujo <araujo.rm@gmail.com>
