In the dnsmasq init script, an off-by-one in the range calculation of
ipcalc.sh was mitigated by passing the limit as if its counting started
at zero. This patch removes the mitigation as the off-by-one has been
fixed.
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Add a function 'ipcalc' to /lib/functions.sh that sets variables more
safely using export.
With this new function, dnsmasq also handles the return value of ipcalc
correctly.
Fixes: e4bd3de1be ("dnsmasq: refuse to add empty DHCP range")
Co-Authored-By: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Printing a broadcast address doesn't make any sense for /31 and /32
prefixes.
Strictly speaking, the same goes for the network address but it is useful
to get the first address in the prefix, e.g. to create a canonical
CIDR notation "$NETWORK/$PREFIX".
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
For /31 and /32 prefixes, there are only host addresses - no network and
broadcast address with all-zero and all-one bits.
Reflect this when setting the limit.
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
The start and end addresses are inclusive.
Thus, adding num without substracting one results in num + 1 addresses.
Add the substraction and to implement the documented behaviour.
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Currently, the same information is stored at the Packages.manifest in
the 'Package:' variable and also additionally in the 'SourceName:' variable.
So we have for Packages.manifest for strongswan-charon-cmd:
```
Package: strongswan-charon-cmd
Version: 5.9.11-1
SourceName: strongswan-charon-cmd
License: GPL-2.0-or-later
Section: net
```
This is not correct. Several installable packages are built from the same
strongswan source. Therefore it makes more sense that the source name is
really the source name. In this case the it is 'strongswan'.
After this change the Packages.manifest for strongswan-charon-cmd:
```
Package: strongswan-charon-cmd
Version: 5.9.11-1
SourceName: strongswan
License: GPL-2.0-or-later
Section: net
```
In summary. The 'Package' name is the name of the package to be installed
on the target system. The 'SourceName' is the compile unit from which the
package was build from. This must be the same for all installable
packages built from the same compile unit. This commit fixes that.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Apparently, a few ipq40xx devices have sporadic problems when reading the
flash over SPI. When that happens, the result of the faulty SPI read is
cached and it isn't re-attempted. Depending on when it happens, the router
either panics and reboots or is left in a partially broken state (an
application wont start).
The data on the flash is alright.
This wasn't the case with Openwrt with Linux < 5.x but I wasn't able to
work out which software change was responsible.
Github user karlpip created a patch for testing that disabled the cache
entirely and added logs. Typically, only one or two SPI operations fail at
a time:
[689200.631152] spi-nor spi0.0: SPI transfer failed: -110
[689200.631280] spi_master spi0: failed to transfer one message from queue
[689200.635369] jffs2: Write of 68 bytes at 0x00ffccf4 failed. returned -110, retlen 0
[689200.642014] jffs2: Not marking the space at 0x00ffccf4 as dirty because the flash driver returned retlen zero
Because reads aren't re-attempted, squashfs can't recover:
[3171844.279235] SQUASHFS error: Failed to read block 0x2bb912: -5
[3171844.279284] SQUASHFS error: Unable to read fragment cache entry [2bb912]
[3171844.283980] SQUASHFS error: Unable to read page, block 2bb912, size 14e6c
[3171844.291650] SQUASHFS error: Unable to read fragment cache entry [2bb912]
[3171844.297831] SQUASHFS error: Unable to read page, block 2bb912, size 14e6c
I assume there to be some kind of underlying electrical problem because,
in my experience, this happens a lot more when PoE is used.
NoTengoBattery has made an in-depth investigation:
https://forum.openwrt.org/t/patch-squashfs-data-probably-corrupt/70480
.. and created a patch that evicts the page cache and retries reading:
https://github.com/NoTengoBattery/openwrt/blob/linksys-ea6350v3-mastertrack/target/linux/ipq40xx/patches-5.4/9996-fs_squashfs_improve_squashfs_error_resistance.patch
The patch also works well with the WPJ428 but NoTengoBattery didn't try to
upstream it ("This is not the solution that should be used").
In 2020, I tried and failed to create a working patch that prevents faulty pages to
be cached in the first place. Because I needed a solution, I backported
"squashfs: add option to panic on errors " (10dde05b89980ef)
which has since become available in Openwrt.
The 'error=panic' option has been tested on a fleet of multiple hundred
WPJ428s over multiple years. Without this patch, devices regularly went
into 'limbo' on reboot or update and required a manual reboot.
Devices with this patch don't. I was initially concerned that the kernel
panic would leave devices with a real corrupted data but I haven't seen a
case of actual corruption since (outside of people turning off the power
during upgrades).
The WPJ428 is the only device I tested this patch on - others might also
benefit.
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Buffalo WSR-3200AX4S is a 2.4/5 GHz band 11ax (Wi-Fi 6) router, based on
MT7622B.
Specification:
- SoC : MediaTek MT7622B
- RAM : DDR3 512 MiB
- Flash : SPI-NAND 128 MiB (Winbond W25N01GVZEIG)
- WLAN : 2.4/5 GHz 4T4R
- 2.4 GHz : MediaTek MT7622B (SoC)
- 5 GHz : MediaTek MT7915
- Ethernet : 5x 10/100/1000 Mbps
- Switch : MediaTek MT7531
- LEDs/Keys : 6x/5x (2x: buttons, 3x: slide-switches)
- UART : through-hole on PCB (J4)
- assignment: 3.3V, GND, TX, RX from tri-angle marking
- settings : 115200n8
- Power : 12 VDC, 1.5 A
Flash instruction using factory.bin image:
1. Boot WSR-3200AX4S with "Router" mode
2. Access to "http://192.168.11.1/" and open firmware update page
("ファームウェア更新")
3. Select the OpenWrt factory.bin image and click update ("更新実行")
button
4. Wait ~120 seconds to complete flashing
Note:
- This device has 2x OS images on flash. The first one will always be
used for booting and the secondary is for backup.
- This support generates multiple factory*.bin image:
- factory.bin : for flashing from OEM WebUI
- factory-uboot.bin: for flashing from U-Boot or clean installation
via sysupgrade (don't use for normal sysupgrade)
Known issues:
- Wi-Fi MAC addresses won't be applied to each adapter.
MAC Addresses:
LAN : C4:3C:EA:xx:xx:60 (board_data, mac (text))
WAN : C4:3C:EA:xx:xx:60 (board_data, mac (text))
2.4 GHz: C4:3C:EA:xx:xx:61
5 GHz : C4:3C:EA:xx:xx:68
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Separate dts/dtsi from the dts of Buffalo WSR-2533DHP2 to prepare adding
suppport for WSR-3200AX4S.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Expand kernel partition size on WSR-2533DHP2 for the kernel larger than
4 MiB.
To prevent upgrading from old firmware before this commit, bump the
compat version to 1.1 and add a message for forced sysupgrade using
factory-uboot.bin image.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Update LED and key nodes with newer DeviceTree bindings for WSR-2533DHP2.
- LED
- use led-[0-9] for node name of LEDs
- add "color" and "function" properties
- drop default-state = "on" from green:power LED
- this LED will be turned on by led-running alias
- key
- drop unnecessary poll-interval property
- use key-[0-9] for node name of keys
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
- detect die revision used in variants of the Allwinner H616 SoC (H313, T507)
- support for H6 boards without PMIC
Tested on Pine64+ and Orange PI Zero2
Signed-off-by: Sebastian Pflieger <sebastian@pflieger.email>
A bug report in the forum found that the MR70X lists four LAN ports in LuCI
while it has only three. This adds the device to the network setup file
to fix the issue.
Identified-by: Forum User "Lexeyko"
Signed-off-by: Andreas Böhler <dev@aboehler.at>
allow to overwrite the detected system capabilities e.g. if devices
does not operate as bridge.
Signed-off-by: Sebastian Pflieger <sebastian@pflieger.email>
```
Specifications:
* CPU: Qualcomm IPQ8072A, SoC Version: 2.0, Quad core Cortex-A53 1.6896 GHz
* RAM: 1 GiB of DDR4 600 MHz
* Flash: NAND 2x256 MiB (Macronix MX30UF2G18AC)
* 4 RGB LEDs: Power, LAN, 2.4GHz and 5GHz
* UART: Two 4-pin unpopulated headers under the LEDs.
Use the header closest to LED 4 and 5.
They are marked with a white stroke.
TX RX GND, beginning from "4". 115200n8.
Lan:
* One 100/1000/2.5GBASE-T Gigabit Ethernet (QCA8081)
Wlan:
* 4x4 in 2.4GHz: 802.11b/g/n/ax
* 4x4 in 5.0GHz: 802.11a/n/ac/ax
* OFDM and OFDMA
* Bidir and MU-MIMO
* Internal antenna 3.1/4.3 dBi (2.4GHz/5GHz)
Power:
* PoE+ 802.3at/af 25.5W
* DC 12V 2.5A
```
```
Note: The OpenWrt image is setup with DHCP and not a static IP.
1. Download the OpenWrt initramfs image. Copy the image to a TFTP server
2. Connect to console on the AP, and connect the LAN port to your LAN
3. Stop auto boot to get to U-boot shell, interrupt the autoboot process by pressing '0' when prompted
4. Set active_fw in env
# setenv active_fw 1
5. Transfer the initramfs image with TFTP
# setenv serverip 192.168.1.10 (IP of TFTP server host)
# setenv ipaddr 192.168.1.1 (IP used by the router for getting the image, must be in the same subnet as the TFTP host)
# tftpboot openwrt-qualcommax-ipq807x-netgear_wax620-initramfs-uImage.itb
6. Reboot and load the image
# bootm
7. SCP factory image to the AP
# scp openwrt-qualcommax-ipq807x-netgear_wax620-squashfs-factory.ubi root@192.168.1.1:/tmp/
8. Connect to device using SSH (use the LAN port)
9. Flash squashfs-factory.ubi from within the initramfs instance of OpenWRT
Before you flash, please check your mtd partitions where mtdX is the right mtd rootfs partition.
# cat /proc/mtd (To check MTD partitions)
# ubiformat /dev/mtd19 -y -f /tmp/openwrt-qualcommax-ipq807x-netgear_wax620-squashfs-factory.ubi
10. Set active_fw to 0
# /usr/sbin/fw_setenv active_fw 0
11. Reboot the AP and your done
# reboot
```
Signed-off-by: Kristian Skramstad <kristian+github@83.no>
vfat support is needed to mount the EFI System Partition (ESP)
during sysupgrade. If it is not available, the sysupgrade process
will not complete
Signed-off-by: Mathew McBride <matt@traverse.com.au>
Changes between 3.0.10 and 3.0.11 [19 Sep 2023]
* Fix POLY1305 MAC implementation corrupting XMM registers on Windows. ([CVE-2023-4807])
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
The patch refresh accidentally moved the hostapd_ucode_free_iface call to
the wrong function
Fixes: e9722aef9e ("hostapd: fix a crash when disabling an interface during channel list update")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add build for the MTK3943 reference board for MT7981B+MT7976C.
**Hardware specification:**
- SoC: MediaTek MT7981B 2x A53
- Flash: various options
- RAM: 256MB DDR3
- Ethernet: 4 x 10/100/1000 Mbps via MT7531AE switch
EITHER 1 x 10/100/1000 Mbps built-in PHY
OR 1 x 10/100/1000/2500 Mbps MaxLinear GPY211C
- Switch: MediaTek MT7531AE
- WiFi: MediaTek MT7976C
- Button: RST, WPS
**Flash instructions for SPIM-NAND:**
- write *mt7981-rfb-spim-nand-preloader.bin to 'BL2' partition
- write *mt7981-rfb-spim-nand-bl31-uboot.fip to 'FIP' partition
- erase 'ubi' partition
- reset board
- create ubootenv and ubootenv2 UBI volumes in U-Boot
- edit environment and set bootcmd, e.g.
setenv bootconf 'config-1#mt7981-rfb-spim-nand#mt7981-rfb-mxl-2p5g-phy-eth1'
setenv bootcmd 'ubi read $loadaddr fit; bootm $loadaddr#$bootconf'
- load initramfs image via TFTP:
setenv serverip 192.168.1.254
setenv ipaddr 192.168.1.1
setenv bootfile openwrt-mediatek-filogic-mediatek_mt7981-rfb-initramfs.itb
saveenv ; saveenv
tftpboot
bootm $loadaddr#$bootconf
- Now use sysupgrade to write OpenWrt firmware to flash.
SNFI-NAND, SPIM-NOR and eMMC all work very similar, a bootable SD card image
is also being generated. However, as the board I've been provided only comes
with SPIM-NAND all other boot media are untested.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Improve and package builds for various boot media configurations of the
MediaTek MT7981 reference board.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
When adding builds for MT7981 the related Makefile sections for MT7986
have apparently been copied, but in one instance the rename from 7986 to
7981 has been omitted. Fix that now.
Fixes: 602cb4f325 ("arm-trusted-firmware-mediatek: add build for MT7981 DDR3")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
UARTs not used as boot console are currently broken on some MediaTek
targets due to register access depending on the bus clock being enabled.
Add patch to make sure this dependency is always met.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Ethernet LED assignments were incorrectly swapped. Fix the assignment
logic so the correct LED is illuminated for the LAN LEDs.
Signed-off-by: David Bauer <mail@david-bauer.net>
The ZTE MF282 Plus is a LTE router used (exclusively?) by the network
operator "3". It is very similar to the MF286/MF287 but in the form factor
of the MF282.
Specifications
==============
SoC: IPQ4019
RAM: 256MiB
Flash: 8MiB SPI-NOR + 128MiB SPI-NAND
LAN: 1x GBit LAN
LTE: ZTE Cat6
WiFi: 802.11a/b/g/n/ac SoC-integrated
MAC addresses
=============
LAN: from config
WiFi 1: from config + 1
WiFi 2: from config + 2
Installation
============
Option 1 - TFTP
---------------
TFTP installation using UART is preferred. Disassemble the device and
connect serial. Put the initramfs image as openwrt.bin to your TFTP server
and configure a static IP of 192.168.1.100. Load the initramfs image by
typing:
setenv serverip 192.168.1.100
setenv ipaddr 192.168.1.1
tftpboot 0x84000000 openwrt.bin
bootm 0x84000000
From this intiramfs boot you can take a backup of the currently installed
partitions as no vendor firmware is available for download:
ubiattach -m9
cat /dev/ubi0_0 > /tmp/ubi0_0
cat /dev/ubi0_1 > /tmp/ubi0_1
Copy the files /tmp/ubi0_0 and /tmp/ubi0_1 somewhere save.
Once booted, transfer the sysupgrade image and run sysupgrade. You might
have to delete the stock volumes first:
ubirmvol /dev/ubi0 -N ubi_rootfs
ubirmvol /dev/ubi0 -N kernel
Option 2 - From stock firmware
------------------------------
The installation from stock requires an exploit first. The exploit consists
of a backup file that forces the firmware to download telnetd via TFTP from
192.168.0.22 and run it. Once exploited, you can connect via telnet and
login as admin:admin.
The exploit will be available at the device wiki page.
Once inside the stock firmware, you can transfer the -factory.bin file to
/tmp by using "scp" from the stock frmware or "tftp".
ZTE has blocked writing to the NAND. Fortunately, it's easy to allow write
access - you need to read from one file in /proc. Once done, you need to
erase the UBI partition and flash OpenWrt. Before performing the operation,
make sure that mtd9 is the partition labelled "rootfs" by calling
"cat /proc/mtd".
Complete commands:
cd /tmp
tftp -g -r factory.bin 192.168.0.22
cat /proc/driver/sensor_id
flash_erase /dev/mtd9 0 0
dd if=/tmp/factory.bin of=/dev/mtdblock9 bs=131072
Afterwards, reboot your device and you should have a working OpenWrt
installation.
Restore Stock
=============
Option 1 - via UART
-------------------
Boot an OpenWrt initramfs image via TFTP as for the initial installation.
Transfer the two backed-up files to your box to /tmp.
Then, run the following commands - replace $kernel_length and $rootfs_size
by the size of ubi0_0 and ubi0_1 in bytes.
ubiattach -m 9
ubirmvol /dev/ubi0 -N kernel
ubirmvol /dev/ubi0 -N rootfs
ubirmvol /dev/ubi0 -N rootfs_data
ubimkvol /dev/ubi0 -N kernel -s $kernel_length
ubimkvol /dev/ubi0 -N ubi_rootfs -s $rootfs_size
ubiupdatevol /dev/ubi0_0 /tmp/ubi0_0
ubiupdatevol /dev/ubi0_1 /tmp/ubi0_1
Option 2 - from within OpenWrt
------------------------------
This option requires to flash an initramfs version first so that access
to the flash is possible. This can be achieved by sysupgrading to the
recovery.bin version and rebooting. Once rebooted, you are again in a
default OpenWrt installation, but no partition is mounted.
Follow the commands from Option 1 to flash back to stock.
LTE Modem
=========
The LTE modem is similar to the MF286R, it provides an RNDIS interface
and an AT interface.
Other Notes
===========
There is one GPIO Switch "Power button blocker" which, if enabled, does not
trigger a reset of the SoC if the modem reboots. If disabled, the SoC is
rebooted along with the modem. The modem can be rebooted via the exported
GPIO "modem-reset" in /sys/class/gpio.
Signed-off-by: Andreas Böhler <dev@aboehler.at>
The PKG_CPE_ID links to NIST CPE version 2.2.
Assign PKG_CPE_ID to all remaining package which have a CPE ID.
Not every package has a CPE id.
Related: https://github.com/openwrt/packages/issues/8534
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
The PKG_CPE_ID links to NIST CPE version 2.2.
Assign PKG_CPE_ID to all remaining tools which have a CPE ID.
Not every tool has CPE id.
Related: https://github.com/openwrt/packages/issues/8534
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
The PKG_CPE_ID links to NIST CPE version 2.2.
Assign PKG_CPE_ID to all remaining package which have a CPE ID.
Not every package has CPE id.
Related: https://github.com/openwrt/packages/issues/8534
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
New revision of eDPU uses an Marvell MV88E6361 switch to connect the SFP
cage and G.hn IC instead of connecting them directly to the ethernet
controllers.
The same image can be used on both versions as U-Boot will enable the
switch node and disable the unused ethernet controller.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
New revision of eDPU uses an Marvell MV88E6361 switch to connect the SFP
cage and G.hn IC instead of connecting them directly to the ethernet
controllers.
In order to use the same image for both boards, U-Boot is responsible for
detecting the revision and enabling/disabling DTS nodes.
So, to make it easy for users, lets add the pending U-Boot patches to build
in OpenWrt.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
New revision of Methode eDPU boards uses Marvell 88E6361 switch, so lets
backport it from kernel 6.5.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>