The firmware image that is used in TP-Link RE450 (and some more devices from
the RE series) is tplink-safeloader.
In the kernel partition, the kernel is compressed in a regular tp-link
firmware that is just used for booting. Since it is only used for compressing
and booting, only four fields are filled in the header:
Vendor, version, kernel load address and kernel entry point.
mktplinkfw-kernel is a simpler version of mktpolinkfw that generate such
images. It also specifies the hardware id (as it is in the product info
section), so when doing a sysupgrade - the existing code will check for
hardware compatibility.
Signed-off-by: Tal Keren <kooolk@gmail.com>
[rd@radekdostal.com: add build target to .../image/tp-link.mk]
Signed-off-by: Radek Dostál <rd@radekdostal.com>
The TL-WR1043ND v4 uses a kernel image with a mktplinkfw header inside the
os-image partition of a tplink-safeloader image.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
In order to make it easier to add new boards in the future, refactor the code
to describe the image layouts of supported boards in a struct array and alter
the image generation routines to figure out the sysupgrade partitions
automatically.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Force root/root as names for uid0/gid0 instead of using the system
names. This helps make packed download tarballs more reproducible
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This is intended to be used for a wide array of package sanity checks.
The first check that is implemented is for the hash of downloaded files.
It checks:
- Missing hash
- Use of SHA256 instead of MD5
- dl/<file> hash not matching hash in makefile
- deprecated MD5SUM variable
The deprecated MD5SUM variable check is skipped for feeds/ until OpenWrt
is updated as well
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Adds support for new EU and US variants; removes a few strings that were
never actually used and have been removed from the stock firmwares.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Sadly, LibreSSL claims to be OpenSSL v2.0.0 while not providing the new
interfaces introduced with OpenSSL v1.1.x, so extend the pre-OpenSSL 1.1.x
compat checks to consider LibreSSL as well.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The OpenSSL 1.1.x version series undergone some major API changes which made
the RSA structure opaque and deprecated a number of methods, so add some
conditional compat code to make the u-boot source build again.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Our current implementation is pretty old and uses some pre-standard/old
ANSI C style that triggers warnings like:
warning: call to function 'MD5_Init' without a real prototype [-Wunprototyped-calls]
This is caused by declarations specified in a following way:
src/md5.h:60:6: note: 'MD5_Init' was declared here
void MD5_Init ();
Having these warnings makes it harded to notice real problems. We could
try hiding them but it makes more sense to just use a cleaner code.
Another tiny gain from this switch is slightly reduced binary size, on
x86_64 tplink-safeloader's size 48104 became 48003.
The new code is public domain, uses "heavily cut-down BSD license".
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Earlier compilers such as GCC 4 do not like anynomous unions, make it a named
union "u", and update the code where relevant.
Fixes FS#298
Fixes: a72e1692b8b3 ("firmware-utils: Add support for the Cisco Meraki MX60/MX60W")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
User-visible changes since 0.64 are as follows:
- Translation fixes
- Project settings have priority
- Reject binary files in patches
- Fix a race condition in diff_file
- Performance: Optimizations to the setup command
- Performance: Optimizations to the bash completion script
- Test suite: Improve the edit test case
- Test suite: Make the symlink test more robust
- Test suite: Test backup failure
- Test suite: Test the header command with hard links
- diff: Report diff failures
- edit: Fix a corner case bug
- mail: Fix the help text
- push: Fix the synopsis
- refresh: Do not remove symlinks
- refresh: Break links to read-only patch files
- refresh: Always preserve modification time
- setup: Report failed look-ups in inspect-wrapper
- quilt.el: Fix quilt-editable when patches are stored in subdirs
- bash_completion: Handle spaces in file names
- bash_completion: Update the list of commands
- bash_completion: Add new command options
- bash_completion: Fix handling of mail, new, push options
- guards: Simplify the help text
- guards: Include the file name also in the "Not found" case
- guards: Add support for an external filelist in --check mode
- guards: Report which config file has problem in --check mode
- guards: Documentation update
- guards: Clarify a user message
Note to packagers: the Makefile was modified to take configure's
--sysconfdir into account as other projects do. As a result, setting
--prefix=/usr will no longer put the configuration files under /etc.
You now need to explicitly pass --sysconfdir=/etc. If you don't,
configuration files will go under /usr/etc, which is not what you want.
This is somewhat less intuitive, but also more consistent with what
other projects are doing.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
RELEASE 2.5.1 - Mon, 03 Nov 2016 13:37:42 -0400
- Add scons-configure-cache.py to packaging. It was omitted
- Use memoization to optimize PATH evaluation across
all dependencies per node.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
This patch adds header support for the Cisco Meraki MX60/MX60W, which
are a part of the apm821xx target. Some structure changes were needed
due to the fact this device uses U-Boot (unlike other devices in
mkmerakifw.c) which uses a different header structure to define the load
offsets for the image.
A thanks to Christian for helping implement this properly.
Cc: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
Recent refactoring introduced a regression. It ignored second argument
of make_support_list function which was originally true for C2600. The
new generic build_image function always passes false.
This patch allows specifying trailing char in a device specific info. It
also switches Archer C9 to the \0 char to make it compliant with vendor
images.
I verified generated images to be binary identical to the ones that
were created before whole refactoring.
Reported-by: Jo-Philipp Wich <jo@mein.io>
Fixes: fd924d2068f ("firmware-utils: tplink-safeloader: use one function for generating images")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Looking into /usr/include/stdlib.h, there's a `devname()` function defined
under some #ifdef's which conflicts with the `static char *devname` definition
in `src/mkwrggimg.c`.
Defining `_ANSI_SOURCE` in the `src/mkwrggimg.c` file, omits that part of the
header.
Another more intrusive approach is to rename `devname` to something like
`g_devname` in `src/mkwrggimg.c`. But I think the `_ANSI_SOURCE` define should
be enough.
Compilation error is:
src/mkwrggimg.c:64:14: error: redefinition of 'devname' as different kind of symbol
static char *devname;
^
/usr/include/stdlib.h:286:7: note: previous definition is here
char *devname(dev_t, mode_t);
^
src/mkwrggimg.c:147:12: error: non-object type 'char *(dev_t, mode_t)' (aka 'char *(int, unsigned short)') is not assignable
devname = optarg;
~~~~~~~ ^
src/mkwrggimg.c:192:6: warning: comparison of function 'devname' equal to a null pointer is always false [-Wtautological-pointer-compare]
if (devname == NULL) {
^~~~~~~ ~~~~
src/mkwrggimg.c:192:6: note: prefix with the address-of operator to silence this warning
if (devname == NULL) {
^
&
src/mkwrggimg.c:251:27: warning: incompatible pointer types passing 'char *(dev_t, mode_t)' (aka 'char *(int, unsigned short)') to parameter of type 'const char *' [-Wincompatible-pointer-types]
strncpy(header->devname, devname, sizeof(header->devname));
^~~~~~~
/usr/include/secure/_string.h:119:34: note: expanded from macro 'strncpy'
__builtin___strncpy_chk (dest, src, len, __darwin_obsz (dest))
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
[Jo-Philipp Wich: slightly reformat commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
- use default host install and clean.
- backport compatibility patch for OS X and LEDE (avoids having to force iconv
for OS X).
- use default HOST_BUILD_DIR.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Since XZ is needed to bootstrap building ccache we must not depend on it,
so remove the dependency on ccache to avoid circular dependencies.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Since XZ is required to bootstrap ccache we must not use the ccache compiler
wrapper to avoid circular dependencies.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Make all tools except tar (which is required to bootstrap xz-utils) and XZ
itself depend on XZ, in order to be able to handle .tar.xz downloads.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The "tar" utility is required to bootstrap XZ which is required to handle
.tar.xz archives, therfore revert to using the bz2 archive.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
In order to build XZ itself we cannot assume that XZ support is available,
so fetch the bz2 archive variant of its sources instead.
Also drop the FreeBSD portability patch and apply it at prepare time using
sed, to avoid a dependency on GNU patch which in turn depends on XZ support.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* Change git packages to xz
* Update mirror checksums in packages where they are used
* Change a few source tarballs to xz if available upstream
* Remove unused lines in packages we're touching, requested by jow- and blogic
* We're relying more on xz-utils so add official mirror as primary source, master site as secondary.
* Add SHA256 checksums to multiple git tarball packages
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
The reason is that ccache does not recognize and process the .incbin
directive, so caching is unreliable.
See https://github.com/ccache/ccache/issues/136 for more information.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Updates expat to 2.2.0
Fixes several CVEs:
CVE-2016-0718
CVE-2016-4472
CVE-2016-5300
CVE-2012-6702
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>