Commit Graph

58108 Commits

Author SHA1 Message Date
Patricia Lee
e1d1c26c0f mediatek: add support for Cetron CT3003
**Hardware specification:**

- SoC: MediaTek MT7981B 2x A53
- Flash: ESMT F50L1G41LB 128MB
- RAM: Nanya NT5CC128M16JR-EK 256MB
- Ethernet: 4 x 10/100/1000 Mbps
- Switch: MediaTek MT7531AE
- WiFi: MediaTek MT7976C
- Button: Reset, Mesh
- Power: DC 12V 1A
- UART: 3.3v, 115200n8
  | Layout:   |
  | :-------- |
  | <Antenna> |
  | VCC       |
  | GND       |
  | Tx        |
  | Rx        |

**Flash instructions:**

1. Rename `openwrt-mediatek-filogic-cetron_ct3003-squashfs-factory.bin` to `factory.bin`.
2. Upload the `factory.bin` using the device's Web interface.
3. Click the upgrade button and wait for the process to finish.
4. Access the OpenWrt interface using the same password.
5. Use the 'Restore' function to reset the firmware to its initial state.

**Notes:**

If you plan to recovery the stock firmware in the future, it's advisable
to connect the device via the serial port and enter failsafe mode to
back up all the MTD partitions before proceeding the steps above.

Signed-off-by: Patricia Lee <patricialee320@gmail.com>
(cherry picked from commit 907e9e0bd3)
2023-12-07 09:39:35 +01:00
Bjørn Mork
3846b6eb49 filogic: support Telenor branded ZyXEL EX5700
Telenor quirks
--------------
The operator specific firmware running on the Telenor branded
ZyXEL EX5700 includes U-Boot modifications affecting the OpenWrt
installation.

Notable changes to U-Boot include
- environment is stored in RAM and reset to defaults when power
  cycled
- dual partition scheme with "nomimal" or "rescue" systems, falling
  back to "rescue" unless the OS signals success in 3 attempts
- several runtime additions to the device-tree

Some of these modifications have side effects requiring workarounds
- U-Boot modifies /chosen/bootargs in an unsafe manner, and will crash
  unless this node exists
- U-Boot verifies that the selected rootfs UBI volume exists, and
  refuses to boot if it doesn't. The chosen "rootfs" volume must contain
  a squashfs signature even for tftp or initramfs booting.
- U-Boot parses the "factoryparams" UBI volume, setting the "ethaddr"
  variable to the label mac.  But "factoryparams" does not always
  exist.  Instead there is a "RIP" volume containing all the factory
  data.  Copying the "RIP" volume to  "factoryparams" will fix this

Hardware
--------
SOC:   MediaTek MT7986
RAM:   1GB DDR4
FLASH: 512MB SPI-NAND (Mikron xxx)
WIFI:  Mediatek MT7986 802.11ax 5 GHz
       Mediatek MT7916 DBDC 802.11ax 2.4 + 6 GHz
ETH:   MediaTek MT7531 Switch + SoC
       3 x builtin 1G phy (lan1, lan2, lan3)
       2 x MaxLinear GPY211C 2.5 N-Base-T phy (lan4, wan)
USB:   1 x USB 3.2 Enhanced SuperSpeed port
UART:  3V3 115200 8N1 (Pinout: GND KEY RX TX VCC)

Installation
------------
1. Download the OpenWrt initramfs image. Copy the image to a TFTP server
   reachable at 192.168.1.2/24. Rename the image to C0A80101.img.

2. Connect the TFTP server to lan1, lan2 or lan3. Connect to the serial
   console, Interrupt the autoboot process by pressing ESC when prompted.

3. Download and boot the OpenWrt initramfs image.

   $ env set uboot_bootcount 0
   $ env set firmware nominal
   $ tftpboot
   $ bootm

4. Wait for OpenWrt to boot. Transfer the sysupgrade image to the device
   using scp and install using sysupgrade.

   $ sysupgrade -n <path-to-sysupgrade.bin>

Missing features
----------------

- The "lan1", "lan2" and "lan3" port LEDs are driven by the switch but
  OpenWrt does not correctly configure the output.
- The "lan4" and "wan" port LEDs are driven by the GPH211C phys and
  not configured by OpenWrt.

Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit 6cc14bf66a)
2023-12-07 08:00:33 +01:00
Shiji Yang
7606dac661 base-files: support parse DT LED color and function
The 'label' property in led node has been deprecated and we'd better
to avoid using it. This patch allows us to extract DT OF LED name
from the newly introduced LED properties "color", "function" and
"function-enumerator".

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit e814acc599)
2023-12-06 22:13:25 +01:00
David Bauer
6261ae12e1 mpc85xx: allow mapping of cpu1 spin-table page
The no-map property was incorrectly added, which kept the system-memory
available on the WS-AP3825 limited to 190MB. We are allowed to map the
page containing the CPU1 spin-table, we are just not allowed to write to
it.

Fixes: 57d7382cb1 ("mpc85xx: increase available RAM on Extreme Networks WS-AP3825i")

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit d9271aa5b7)
2023-12-04 14:21:21 +01:00
David Bauer
de37b56cdb mpc85xx: increase available RAM on Extreme Networks WS-AP3825i
The system-mamory size was page-aligned prior to this commit, only
enabling to use 192MB of system memory of the 256 available.

This was due to the system-memory being manually shrinked to reserve the
upper 1MB for the second-core bootpage in the loader as well as the OS.

Fix this properly in the loader and in Linux using reserved-memory
definitions. This enables the device to use 250MB of system memory.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 57d7382cb1)
2023-12-04 01:10:32 +01:00
Rafał Miłecki
6264d12ed8 firmware-utils: update to Git HEAD (2023-11-21)
1d42292d8063 tplink-safeloader: Add TP-Link Archer A6 V3.20
3338f5389d72 tplink-safeloader: add TL-WPA8635P v3
17ca5eeb1c10 tplink-safeloader: add TL-WPA8631P v4
f730ad2fa0b4 bcmblob: new tool for reading Broadcom's BLOBs
cb1ddac98124 firmware-utils: fix typo in error message when no OpenSSL library found
916633160dc9 bcmclm: new tool for reading Broadcom's CLM data
a2d49fb1e188 tplink-safeloader: add RU support-list entry for Archer C6U v1
bb12cf5c3fa9 tplink-safeloader: Add support for TP-Link Deco M5 The special_id values are the same for EU and Asian models, and they apply to all models: v1, v2, and v3. They are not sorted as they are currently in the same order as extracted from the official firmware image.
9e2de8515be1 tplink-safeloader: add EAP610 v3 and EAP613 v1
a170683c0e11 firmware-utils: fix use of NULL string progname
89875fc18b57 tplink-safeloader: CPE510: add Canadian support
9e211d2980fe mktplinkfw2: add support to extract bootloader images
c18f662f3c74 mktplinkfw2: add support to pack bootloader
3dc133915f87 mktplinkfw2: show exact exceed bytes when the image is to big
d16ff798d58a tplink-safeloader: WPA8631: add v4 AU, US
0fa1cc51013f zytrx: add LTE5398-M904
635466123429 firmware-utils: ptgen: add SiFive GPT partition support
ba5bc4e1ae9d add dlink-sge-image for D-Link devices by SGE
3b114de29cf7 lxlfw: move code opening LXL to helper function
8e149e480391 lxlfw: move code copying data to helper function
16fa89076122 lxlfw: fix struct lxl_hdr attribute
d770cab82e58 lxlfw: support embedding blobs
eaf2ea28dbe6 lxlfw: support extracting image
12bf1a99bd6e lxlfw: support certificate & signature blobs

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b117e7244f)
2023-11-27 08:02:33 +01:00
Mikhail Zhilkin
ebdaee7194 ramips: add support for Sercomm CPJ routers
This commit adds support for following wireless routers:
 - Rostelecom RT-FL-1 (Serсomm RT-FL-1)
 - Rostelecom S1010 (Serсomm S1010.RT)

The devices are almost identical and the only difference is one bit in the
factory image PID (thanks to Maximilian Weinmann <x1@disroot.org>
(@MaxS0niX) for the info and idea to make one PR for two devices at once).

Devices specification
---------------------
   SoC:          MediaTek MT7620A, MIPS
   RAM:          64 MB
   Flash:        16 MB SPI NOR
   Wireless 2.4: MT7620 (b/g/n, 2x2)
   Wireless 5:   MT7612EN (a/n/ac, 2x2)
   Ethernet:     5xFE (WAN, LAN1-4)
   BootLoader:   U-Boot
   Buttons:      2 (wps, reset)
   LEDs:         1 amber and 1 green status GPIO leds
                 5 green ethernet GPIO leds
                 1 green GPIO 2.4 GHz WLAN led
                 1 green PHY 5 GHz WLAN led
                 1 green unmanaged power led
   USB ports:    No
   Power:        12 VDC, 1 A
   Connector:    Barrel

OEM easy installation
---------------------
1. Remove all dots from the factory image filename (except the dot
   before file extension)
2. Upload and update the firmware via the original web interface
3. Wait until green status led stops blinking (can take several minutes)
4. Login to OpenWrt initramsfs. It's recommended to make a backup of the
   mtd partitions at this point.
4. Perform sysupgrade using the following command (or use Luci):
   sysupgrade -n sysupgrade.bin
5. Wait until green status les stops blinking (can take several minutes)
6. Mission acomplished

Return to Stock
---------------
Option 1. Restore firmware Slot1 from a backup (firmware2.bin):
   cd /tmp
   mtd -e Firmware2 write firmware2.bin Firmware2
   printf 1 | dd bs=1 seek=$((0x18007)) count=1 of=/dev/mtdblock2
   reboot

Option 2. Decrypt, ungzip and split stock firmware image into the parts,
take Slot1 parts (kernel2.bin, rootfs2.bin) and write them:
   cd /tmp
   mtd -e Kernel2 write kernel2.bin Kernel2
   mtd -e RootFS2 write rootfs2.bin RootFS2
   printf 1 | dd bs=1 seek=$((0x18007)) count=1 of=/dev/mtdblock2
   reboot
More about stock firmware decryption:
Link: https://github.com/Psychotropos/sercomm_fwutils/

Debricking
----------
Use sercomm-recovery tool. You can use "ALL" mtd partition backup as a
recovery image.
Link: https://github.com/danitool/sercomm-recovery

MAC addresses
-------------
+---------+-------------------+-----------+
|         | MAC               | Algorithm |
+---------+-------------------+-----------+
| label   | 48:3e:xx:xx:xx:1e | label     |
| LAN     | 48:3e:xx:xx:xx:1e | label     |
| WAN     | 48:3e:xx:xx:xx:28 | label+10  |
| WLAN 2g | 48:3e:xx:xx:xx:20 | label+2   |
| WLAN 5g | 48:3e:xx:xx:xx:24 | label+6   |
+---------+-------------------+-----------+

Co-authored-by: Vadzim Vabishchevich <bestmc2009@gmail.com>
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
(cherry picked from commit 1b091311aa)
[fix rt2800_wmac eeprom load]
Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
2023-11-27 02:02:35 +01:00
Mikhail Zhilkin
fd277ee490 ramips: mt7620: drop unnecessary trailing tabs
Let's tidy up a bit (drop unnecessary trailing tabs).

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
(cherry picked from commit 25bab2b8bc)
2023-11-27 02:02:35 +01:00
Mikhail Zhilkin
a8f31d2aa1 ramips: sercomm.mk: make common recipe to set a bit in pid
This commit makes a common recipe to set bit in Sercomm factory pid since
this is necessary for several devices (WiFire S1500.nbn, Rostelecom
RT-FL-1) at different offsets.

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
(cherry picked from commit e900c45211)
2023-11-27 02:02:35 +01:00
Mikhail Zhilkin
dae399196b scripts: sercomm-pid.py: use uppercase hwid in pid
Sercomm uses uppercase for hexadecimal representation of the device
hardware IDs in factory image PID. This commit brings the sercomm-pid.py
script into compliance with the original Sercomm algorithm.

Example
-------
+--------+-------------+-----------+-------------+
| Device | PID (before | PID       | PID (after  |
| HWID   | the commit) | (Sercomm) | the commit) |
+--------+-------------+-----------+-------------+
| CPJ    | 43 50 4a    | 43 50 4A  | 43 50 4A    |
+--------+-------------+-----------+-------------+

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
(cherry picked from commit 28d32244e1)
2023-11-27 02:02:35 +01:00
John Audia
95ebd609ae kernel: bump 5.15 to 5.15.139
Changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.139

Removed upstreamed:
	x86/patches-5.15/120-hwrng-geode-fix-accessing-registers.patch[3]

All other patches automatically rebased.

3. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.139&id=a5c83c8043d70b9a28d1bd78a2dbbab340f43889

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
[Refresh on top of OpenWrt 23.05]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit df167450a5)
2023-11-25 20:17:09 +01:00
Rafał Miłecki
d6b62611b8 firmware-utils: package oseama
It's required by bcm53xx. This allows dropping separated oseama package
and avoids some code duplication.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1d9d0ca376)
2023-11-24 14:02:29 +01:00
Rafał Miłecki
40bd2bb3d6 firmware-utils: new package replacing otrx
Some of firmware utils may be required on target devices. It's useful
e.g. for dealing with some firmware formats. That is often required
(supporting specific format) to provide an option to revert to original
firmware.

So far we had packaged "otrx" util only for use on Broadcom targets.
Refactor that to package the whole firmware-utils project so we can
package any single util needed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 24d6abe2d7)
2023-11-24 14:02:29 +01:00
John Audia
a39dca7ead kernel: bump 5.15 to 5.15.138
Changelog: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.138

Removed upstreamed:
	generic/backport-5.15/819-v6.6-0018-nvmem-imx-correct-nregs-for-i.MX6SLL.patch[1]
	generic/backport-5.15/819-v6.6-0019-nvmem-imx-correct-nregs-for-i.MX6UL.patch[2]
	generic/backport-5.15/819-v6.6-0020-nvmem-imx-correct-nregs-for-i.MX6ULL.patch[3]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.138&id=6e22bf6f00d593b0a7e0b2f418fde89317424671
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.138&id=6efd498009b987a92f57f3bdae476f0503364fb7
3. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.138&id=6e22bf6f00d593b0a7e0b2f418fde89317424671

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
[Refreshed on top of OpenWrt 23.05]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 573c8c3d78)
2023-11-19 14:44:36 +01:00
Christian Marangi
c7b6cfac40
scripts/dump-target-info.pl: add new function to DUMP devices
Add new function to dump-targer-info.pl to DUMP devices provided a
matching target/subtarget.

Example:

./scripts/dump-targer-info.pl devices ipq806x/generic

will produce the sorted list of devices defined in the following format:

device_id device_name

Devices may have alternative names, the script will dump each
alternative name in the same line of device_id.

Following the pattern:

device_id "PRIMARY DEVICE NAME" "ALT0 DEVICE NAME" "ALT1 DEVICE NAME" ...

Example:

tplink_ad7200 "TP-Link AD7200 v1/v2" "TP-Link Talon AD7200 v1/v2"

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 943c153cdd)
2023-11-15 11:00:19 +01:00
Hauke Mehrtens
6cb1cb1b13 OpenWrt v23.05.2: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-11-15 00:00:58 +01:00
Hauke Mehrtens
1c26bcb108 OpenWrt v23.05.2: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-11-15 00:00:53 +01:00
Jo-Philipp Wich
842932a63d netifd: fix IPv4 route target masking
A previous commit supposed to mask out excess host bits in route targets
failed to correctly calculate the mask value, causing it to produce
improper results for certain mask lengths.

Fixes: https://github.com/openwrt/netifd/issues/17
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2023-11-14 14:38:11 +01:00
Petr Štetiar
51bb178824
treewide: fix shell errors during dump stage
Fixes following issues:

 bash: -c: line 1: `echo 1686820180<LINUX_VERMAGIC> | /staging_dir/host/bin/mkhash md5 | cut -b1-8'
 bash: -c: line 1: `echo 1686820180<LINUX_VERMAGIC> | /staging_dir/host/bin/mkhash md5 | sed -E 's/(.{8})(.{4})(.{4})(.{4})(.{10})../\1-\2-\3-\4-\500/''
 bash: -c: line 1: syntax error near unexpected token `|'
 bash: line 1: *1024*1024: syntax error: operand expected (error token is "*1024*1024")
 bash: line 1: (64 + ): syntax error: operand expected (error token is ")")
 expr: syntax error: missing argument after '+'

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 8fc496be86)
2023-11-13 14:02:38 +01:00
Petr Štetiar
4637ba72b7
scan.mk: do not silence output of dump phase
Make it easier to spot currently hidden issues:

 $ make defconfig V=sc
 ...
 Collecting target info: target/linux/airohabash: -c: line 1: syntax error near unexpected token `|'
 bash: -c: line 1: `echo 1686815253<LINUX_VERMAGIC> | staging_dir/host/bin/mkhash md5 | cut -b1-8'
 bash: -c: line 1: syntax error near unexpected token `|'
 bash: -c: line 1: `echo 1686815253<LINUX_VERMAGIC> | staging_dir/host/bin/mkhash md5 | sed -E 's/(.{8})(.{4})(.{4})(.{4})(.{10})../\1-\2-\3-\4-\500/''
 ...

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b522da5b16)
2023-11-13 14:02:38 +01:00
Daniel Golle
b38b5c4299 ramips: add support for MeiG SLT866 4G CPE
Hardware:
 - SoC: Mediatek MT7621 (MT7621AT)
 - Flash: 32 MiB SPI-NOR (Macronix MX25L25635E)
 - RAM: 128 MiB
 - Ethernet: Built-in, 2 x 1GbE
 - 3G/4G Modem: MEIG SLM828 (currently only supported with ModemManager)
 - SLIC: Si32185 (unsupported)
 - Power: 12V via barrel connector
 - Wifi 2.4GHz: Mediatek MT7603BE 802.11b/g/b
 - Wifi 5GHz: Mediatek MT7613BE 802.11ac/n/a
 - LEDs: 8x (7 controllable)
 - Buttons: 2x (RESET, WPS)

Installing OpenWrt:
 - sysupgrade image is compatible with vendor firmware.

Recovery:
 - Connect to any of the Ethernet ports, configure local IP:
   10.10.10.3/24 (or 192.168.10.19/24, depending on OEM)
 - Provide firmware file named 'mt7621.img' on TFTP server.
 - Hold down both, RESET and WPS, then power on the board.
 - Watch network traffic using tcpdump or wireshark in realtime to
   observe progress of device requesting firmware. Once download has
   completed, release both buttons and wait until firmware comes up.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit bc335f2967)
2023-11-13 00:58:08 +00:00
Daniel Golle
ce62536aca uboot-envtools: add environment config for MeiG SLT866
Add configuration to access U-Boot environment on MeiG SLT866.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit f8414f1a6f)
2023-11-13 00:58:08 +00:00
Daniel Golle
03e26f856f kernel: support reading hex MAC address from NVMEM
In addition to binary and ASCII-formatted MAC addresses, add support
for processing hexadecimal encoded MAC addresses from NVMEM.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 7db87d7c68)
2023-11-13 00:58:08 +00:00
Daniel Golle
a00fc406b9 kernel: add support MeigLink SLM828 modem
Another Qualcomm-based USB-connected modem, offering endpoints
 0 : rndis_host (link to voip subsystem listening on 169.254.5.100)
 1 : rndis_host (?)
 2 : option (?)
 3 : option (at)
 4 : option (at)
 5 : option (?)
 6 : GobiNet (qmi)
 7 : ?

Add support for this modem in rndis_host, option and qmi_wwan driver
which allows the modem to be used with ModemManager.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit f32baf6a65)
2023-11-13 00:58:08 +00:00
Alexey D. Filimonov
275f7e07ee ramips: cf-ew72-v2: Add support for COMFAST CF-EW72 V2
Add support for COMFAST CF-EW72 V2

Hardware:
-   SoC: Mediatek MT7621 (MT7621DAT or MT7621AT)
-   Flash: 16 MiB NOR
-   RAM: 128 MiB
-   Ethernet: Built-in, 2 x 1GbE
-   Power: only 802.3af PD on any port, injector supplied in the box
-   PoE passthrough: No
-   Wifi 2.4GHz: Mediatek MT7603BE 802.11b/g/b
-   Wifi 5GHz: Mediatek MT7613BEN 802.11ac/n/a
-   LEDs: 8x (only 1 is both visible and controllable, see below)
-   Buttons: 1x (RESET)

Installing OpenWrt:
Flashing is done using Mediatek U-Boot System Recovery Mode
-   make wired connection with 2 cables like this:
-     -   PC (LAN) <-> PoE Injector (LAN)
-     -   PoE Injector (POE) <-> CF-EW72 V2 (LAN). Leave unconnected to CF-EW72 V2 yet.
-   configure 192.168.1.(2-254)/24 static ip address on your PC LAN
-   press and keep pressed RESET button on device
-   power the device by plugging PoE Injector (POE) <-> CF-EW72 V2 (LAN) cable
-   wait for about 10 seconds until wifi led stops blinking and release RESET button
-   navigate from your PC to http://192.168.1.1 and upload OpenWrt *-factory.bin firmware file
-   proceed until router starts blinking with wifi led again (flashing) and stops (rebooting to OpenWrt)

MAC addresses as verified by OEM firmware:
  vendor OpenWrt  address
  LAN    lan\eth0 label
  WAN    wan     label + 1
  2g     phy0    label + 2
  5g     phy1    label + 3

  The label MAC address was found in 0xe000.

LEDs detailed:
  The only both visible and controllable indicator is blue:wlan LED.
  It is not bound by default to indicate activity of any wireless interfaces.

  Place (WAN->ANT) | Num | GPIO | LED name (LuCI)   | Note
  -----------------|-----|-----------------------------------------------------------------------------------------
             power | 1   |      |                   | POWER LED. Not controlled with GPIO.
      hidden_led_2 | 2   | 13   | blue:hidden_led_2 | This LED does not have proper hole in shell.
               wan | 3   |      |                   | WAN LED. Not controlled with GPIO.
      hidden_led_4 | 4   | 16   | blue:hidden_led_4 | This LED does not have proper hole in shell.
               lan | 5   |      |                   | LAN LED. Not controlled with GPIO.
      noconn_led_6 | 6   |      |                   | Not controlled with GPIO, possibly not connected
              wlan | 7   | 15   | blue:wlan         | WLAN LED. Wireless indicator.
      noconn_led_8 | 8   |      |                   | Not controlled with GPIO, possibly not connected

  mt76-phy0 and mt76-phy1 leds also exist in OpenWrt, but do not exist on board.

Signed-off-by: Alexey D. Filimonov <alexey@filimonic.net>
(cherry picked from commit ff95f859eb)
2023-11-13 00:58:08 +00:00
Usama Nassir
65bf66f727 ramips: Add support for ComFast CF-E390AX
Add support for ComFast CF-E390AX. It is a 802.11 wifi6 cieling AP, based on MediaTek MT7261AT.

Specifications:
SoC: MediaTek MT7621AT
RAM: 128 MiB
Flash: 16 MiB NOR (Macronix mx25l12805d)

Wireless: MT7915E (2.4G) 802.11ax/b/g/n MT7915E (5G) 802.11ac/ax/n
Ethernet: 2 x 1Gbs
Button: 1 x "Reset" button
LED: 1x Blue LED + 1x Red LED + 1x green LED
Power: PoE

Manufacturer Page:
http://en.comfast.com.cn/index.php?m=content&c=index&a=show&catid=84&id=75

Flash Layout:
0x000000000000-0x000000030000 : "bootloader"
0x000000030000-0x000000040000 : "config"
0x000000050000-0x000000060000 : "factory"
0x000000090000-0x000001000000 : "firmware"

First install:
1. Set device into http firmware fail safe upload mode by pressing the reset button for 10 seconds while powering
   it on. Once the LED stops flashing, safe mode will be running.
2. Set PC IP address to 192.168.1.2
3. Browse to 192.168.1.1 and upload the factory image using the web interface.

Signed-off-by: Usama Nassir <usama.nassir@gmail.com>
(cherry picked from commit f24c9b9d86)
2023-11-13 00:58:08 +00:00
Hauke Mehrtens
ce62c25c08 OpenWrt v23.05.1: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-11-12 21:21:21 +01:00
Hauke Mehrtens
a58a86693f OpenWrt v23.05.1: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-11-12 21:20:49 +01:00
Christian Marangi
101988c61a
scripts/getver.sh: prevent asking for negative rev-parse
With the case of asking an invalid version that is too big, getver.sh
might return an invalid output in the form of HEAD~-2260475641.

This is caused by BASE_REV - GET_REV using a negative number.

Prevent this by checking if BASE_REV - GET_REV actually return 0 or a
positive number and set REV variable accordingly. With the following
change, invalid revision number will result in unknown printed instead
of the invalid HEAD~-NUMBERS output.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 9e49e0a6c4)
2023-11-12 16:19:39 +01:00
Christian Marangi
b7e81d210b
iptables: backport patch fixing bug with string module
Backport patch fixing critical bug with string module merged upstream.

Fixes: #13812
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 3d6b89c514)
2023-11-12 14:14:25 +01:00
Nick Hainke
3d006f95f2 wolfssl: update to 5.6.4
Releae Notes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.4-stable

Remove upstreamed patch:
- 001-fix-detection-of-cut-tool-in-configure.ac.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit d83231603c)
2023-11-11 18:18:29 +01:00
Felix Fietkau
46385eb7f8 netifd: update to the latest version
eee02ccca8c8 device: add support to configure eee
bb28f6a291d9 wireless: fix sign comparison warning
35facc8306f5 wireless: fix premature removal of hotplug devices due to down state

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit d45d72a6da)
2023-11-11 10:20:17 +01:00
Christian Marangi
11a41bc4b2 netifd: update to Git HEAD (2023-11-09)
841b05fbb91e system-linux: fix compilation error if IFLA_DSA_MASTER is not supported
5c9ecc1ff74f system-linux: make system_if_get_master_ifindex static
2dc7f450f3a2 system-linux: add option to configure DSA conduit device
838f815db5ef system-linux: add support for configurable GRO option

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 1714087442)
2023-11-11 10:20:15 +01:00
Christian Marangi
f6a9f0c57b
ipq-wifi: update to Git HEAD (2023-11-10)
c9db9d0b3027 ipq8074: add Asus RT-AX89X BDF
33154283e54a ipq8074: update RegDB in new submitted BDF
2b034415ac3d ipq40xx: add YYeTs LE1 BDF
a9c253ebe926 ipq8074: add Netgear WAX620 Board file for Netgear WAX620, extracted from stock (bdwlan.b290) firmware and repacked.
ec0960967999 qca-wireless: ipq40xx: add BDFs for ZTE MF287
57aa1b1562ac ipq8174: Add Linksys MX4200
52a1c2940605 ipq8074: add Netgear WAX630 Board file for Netgear WAX630. Extracted from stock (WAX630_BDF.bin) firmware and repacked.
e7701b85d46d ipq8074: update RegDB in new submitted BDF
cd04ab7f984f qcn9074: update RegDB in new submitted BDF
f70fdf9438ae ipq8074: add Arcadyan AW1000 BDF
21c4d976b1e6 ipq8074: add CMCC RM2-6 BDF
f92fa0a2bdcf ipq8074: add ZTE MF269 BDF
371d4dce9b9a ipq8074: add Yuncore AX880 BDF
0c2e810e71ed qcn9074: fix prpl Foundation Haze BDF for old mac80211 version

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-11-10 13:48:46 +01:00
Jo-Philipp Wich
2285eb732a ucode: update to Git HEAD (2023-11-07)
0352a33 uloop: support new interval and signal APIs
1468cc4 syntax: don't treat `as` and `from` as reserved keywords

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 551963662b)
2023-11-09 16:38:02 +01:00
Christian Marangi
f5e9fd624d
hostapd: refresh patches
Refresh patches for hostapd using make package/hostapd/refresh.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 05e516b12d)
2023-11-09 16:10:27 +01:00
Christian Marangi
85d1b43be4
hostapd: permit 40MHz in 802.1s only also for 2.4GHz g/n with noscan
Currently for 802.1s only, for wifi 2.4GHz in g/n mode, 40MHz is never
permitted.

This is probably due to the complexity of setting periodic check for the
intolerant bit. When noscan option is set, we ignore the presence of the
intoleran bit in near AP, so we can enable 40MHz and ignore any complex
logic for checking.

Fixes: #13112
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 6c9ac57d58)
2023-11-09 16:10:26 +01:00
Christian Marangi
1cab0d74b3
hostapd: permit also channel 7 for 2.5GHz to be set to HT40PLUS
Also channel 7 for 2.4GHz can be set to HT40PLUS. Permit this and add it
to the list of the channels.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit b1c7b1bd67)
2023-11-09 16:10:26 +01:00
Christian Marangi
c9e8453de7
hostapd: fix broke noscan option for mesh
noscan option for mesh was broken and actually never applied.

This is caused by a typo where ssid->noscan value is check instead of
conf->noscan resulting in the logic swapped and broken.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 1b5ea2e199)
2023-11-09 16:10:26 +01:00
Christian Marangi
2ef625e769
mac80211: fix not set noscan option for wpa_supplicant
noscan option was changed to hostapd_noscan but the entry in
wpa_supplicant was never updated resulting in the noscan option actually
never set.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 1070fbce6e)
2023-11-09 16:10:25 +01:00
Hauke Mehrtens
5106f554bb px5g-wolfssl: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.

OpenSSL does this in the same way already.

With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.*
-rw-r--r--    1 root     root           749 Nov  6 23:14 /etc/uhttpd.crt
-rw-------    1 root     root           121 Nov  6 23:14 /etc/uhttpd.key

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6aad5ab099)
2023-11-08 19:04:11 +01:00
Hauke Mehrtens
6fd16b0d27 px5g-mbedtls: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.

OpenSSL does this in the same way already.

With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.crt /etc/uhttpd.key
-rw-r--r--    1 root     root           519 Nov  6 22:58 /etc/uhttpd.crt
-rw-------    1 root     root           121 Nov  6 22:58 /etc/uhttpd.key

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 929c9a58c9)
2023-11-08 19:04:11 +01:00
Felix Fietkau
6de0e0d01a hostapd: use rtnl to set up interfaces
In wpa_supplicant, set up wlan interfaces before adding them

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit c2a30b6e01)
2023-11-08 12:47:46 +01:00
Felix Fietkau
bbfb920e99 wifi: fix applying mesh parameters when wpa_supplicant is in use
Apply them directly using nl80211 after setting up the interface.
Use the same method in wdev.uc as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 531314260d)
2023-11-08 12:47:42 +01:00
Felix Fietkau
f780cfb92f netifd: update to the latest version
383753dd65ae device/bridge: support passing extra vlans in the device_set_state call
b6e75eafc1af device: send notifications for device events via ubus
cab415c7aefd bridge: add auth-required bridge members with auth_status=0 if vlan is enabled
827a02f0343c bridge: add support for configuring vlans for auth=1,auth_status=false
40ed7363caf2 device: fix build error on 32 bit systems
516ab774cc16 system-linux: fix race condition on bringing up wireless devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 41d7439af5)
2023-11-08 12:47:34 +01:00
Tianling Shen
d3c193525e mediatek: add CMCC RAX3000M support
Hardware specification:
  SoC: MediaTek MT7981B 2x A53
  Flash: 64GB eMMC or 128 MB SPI-NAND
  RAM: 512MB
  Ethernet: 4x 10/100/1000 Mbps
  Switch: MediaTek MT7531AE
  WiFi: MediaTek MT7976C
  Button: Reset, Mesh
  Power: DC 12V 1A
- UART: 3.3v, 115200n8
  --------------------------
  |         Layout         |
  |   -----------------    |
  | 4 | GND TX VCC RX | <= |
  |   -----------------    |
  --------------------------

Gain SSH access:
1. Login into web interface, and download the configuration.
2. Enter fakeroot, decompress the configuration:
   tar -zxf cfg_export_config_file.conf
3. Edit 'etc/config/dropbear', set 'enable' to '1'.
4. Edit 'etc/shadow', update (remove) root password:
   'root::19523:0:99999:7:::'
5. Repack 'etc' directory:
   tar -zcf cfg_export_config_file.conf etc/
   * If you find an error about 'etc/wireless/mediatek/DBDC_card0.dat',
     just ignore it.
6. Upload new configuration via web interface, now you can SSH to RAX3000M.

Check stroage type:
Check the label on the back of the device:
"CH EC CMIIT ID: xxxx" is eMMC version
"CH    CMIIT ID: xxxx" is NAND version

eMMC Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'factory' part.
   ('data' partition can be ignored, it's useless.)
2. Write new GPT table:
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-gpt.bin of=/dev/mmcblk0 bs=512 seek=0 count=34 conv=fsync
3. Erase and write new BL2:
   echo 0 > /sys/block/mmcblk0boot0/force_ro
   dd if=/dev/zero of=/dev/mmcblk0boot0 bs=512 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-preloader.bin of=/dev/mmcblk0boot0 bs=512 conv=fsync
4. Erase and write new FIP:
   dd if=/dev/zero of=/dev/mmcblk0 bs=512 seek=13312 count=8192 conv=fsync
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-bl31-uboot.fip of=/dev/mmcblk0 bs=512 seek=13312 conv=fsync
5. Set static IP on your PC:
   IP 192.168.1.254, GW 192.168.1.1
6. Serve OpenWrt initramfs image using TFTP server.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt has booted, perform sysupgrade.
9. Additionally, if you want to have eMMC recovery boot feature:
     (Don't worry! You will always have TFTP recovery boot feature.)
   dd if=openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb of=/dev/mmcblk0p4 bs=512 conv=fsync

NAND Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'Factory' part.
2. Erase and write new BL2:
   mtd erase BL2
   mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin BL2
3. Erase and write new FIP:
   mtd erase FIP
   mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip FIP
4. Set static IP on your PC:
   IP 192.168.1.254, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, erase UBI volumes:
   ubidetach -p /dev/mtd0
   ubiformat -y /dev/mtd0
   ubiattach -p /dev/mtd0
8. Create new ubootenv volumes:
   ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
   ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
9. Additionally, if you want to have NAND recovery boot feature:
     (Don't worry! You will always have TFTP recovery boot feature.)
   ubimkvol /dev/ubi0 -n 2 -N recovery -s 20MiB
   ubiupdatevol /dev/ubi0_2 openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb
10. Perform sysupgrade.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 423186d7d8)
[rebased to 23.05]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-11-07 00:46:00 +01:00
Tianling Shen
429715a237 uboot-mediatek: add support for CMCC RAX3000M
The OEM U-Boot uses dual boot and signature verification which does not
support by OpenWrt. So add a custom U-Boot build for OpenWrt.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit fddd735dd5)
2023-11-07 00:45:43 +01:00
Tianling Shen
b209f45640 arm-trusted-firmware-mediatek: add emmc/spim-nand ddr4 build for mt7981
They will be used on CMCC RAX3000M.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 7d8ffe941d)
2023-11-07 00:43:33 +01:00
Mikhail Zhilkin
04cde73d56 treewide: fix MERCUSYS brand spelling
This commit fixes MERCUSYS brand spelling. The proper name is capitalized.

Link: https://www.mercusys.com/
Link: https://github.com/torvalds/linux/blob/master/drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c#L7779

Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
(cherry picked from commit 45a50a06fb)
2023-11-07 00:40:00 +01:00
Hauke Mehrtens
3223f31fd3 mbedtls: Activate secp521r1 curve by default
Activate the secp521r1 ecliptic curve by default. This curve is allowed
by the CA/Browser forum, see
https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-v2.0.1-redlined.pdf#page=110

This increases the size of libmbedtls12_2.28.5-1_aarch64_generic.ipk by
about 400 bytes:
Without:
252,696 libmbedtls12_2.28.5-1_aarch64_generic.ipk
With:
253,088 libmbedtls12_2.28.5-2_aarch64_generic.ipk

Fixes: #13774
Acked-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3c17cdbc36)
2023-11-07 00:37:20 +01:00