This improves NAT masquarade network performance.
An alternative to kernel change would be runtime setup but that requires
ethtool and identifying relevant network interface and all related
switch ports interfaces.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 82d0dd8f8a)
This uses kernel's generic variable and doesn't require patching it with
a custom Makefile change. It's expected *not* to change any behaviour.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1d42af720c)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 24e27bec9a)
The empty executable is causing problems with meson builds, due to the
error: OSError: [Errno 8] Exec format error: 'ldconfig'
This patch changes the empty ldconfig stub to symlink to /bin/true to
work around this issue.
Fixes: FS#4117
Fixes: 3bd31cc4d2 ("tools/meson: update to 0.60.0")
Signed-off-by: Damien Mascord <tusker@tusker.org>
Tested-by: Aleksander Jan Bajkowski <olek2@wp.pl> # Tested on Debian 11
Tested-By: Lucian Cristian <lucian.cristian@gmail.com>
Tested-By: Baptiste Jonglez <git@bitsofnetworks.org>
Cc: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 6a5b4228e3)
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
[backport to fix prereq check when moving from 22.03 branch to 21.02]
Delete the crypto-lib-blake2s kmod package, as BLAKE2s is now built-in.
Fixes: be0639063a ("kernel: bump 5.4 to 5.4.203")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This patch was backported to kernel 5.4.200, but without the wireguard
change, because wireguard is not available in upstream kernel 5.4.
This adds the missing changes for wireguard too.
Fixes: be0639063a ("kernel: bump 5.4 to 5.4.203")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Since kernel 5.5-rc1 [1], there are upstreamed DTS files related to ESPRESSObin
variants. Move these to files-5.4.
This helps if you want to use a newer kernel version than used
in OpenWrt 21.02 (= LTS kernel 5.4), you would end up with duplicate files
(one outdated, one up to date from newer Linux versions).
Fixes:
Error: arch/arm64/boot/dts/marvell/armada-3720-espressobin-v7.dts:19.1-7:
Label or path ports not found
FATAL ERROR: Syntax error parsing input tree
[1] 447b878935
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 7be8ab4f7b)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[reword commit subject and commit description]
Flow offload dst can become invalid after the route cache is created.
dst_check() in packet path is necessary to prevent packet drop.
Signed-off-by: Ritaro Takenaka <ritarot634@gmail.com>
This release comes with a security fix related to c_rehash. OpenWrt
does not ship or use it, so it was not affected by the bug.
There is a fix for a possible crash in ERR_load_strings() when
configured with no-err, which OpenWrt does by default.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7a5ddc0d06)
Major changes are:
4 cleanups & typos fixes.
Add keep_last_dots mount option to allow access to paths
with trailing dots.
Avoid repetitive volume dirty bit set/clear to improve
storage life time.
Fix ->i_blocks truncation issue caused by wrong 32bit mask.
Fix ->i_blocks truncation issue that still exists elsewhere.
Fix missing REQ_SYNC in exfat_update_bhs().
Fix referencing wrong parent directory information during rename.
Fix slab-out-bounds in exat_clear_bitmap() reported from syzbot.
Improve performance while zeroing a cluster with dirsync mount option.
Introduce a sys_tz mount option to use system timezone.
Move super block magic number to magic.h
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Both buttons on the RT-AC57U are active-low. Fix the GPIO flag for the
WPS cutton to fix button behavior.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 535b0c70b1)
Remove restrictions on source and destination addresses, which aren't
specified on RFC8415, and for some reason in openwrt are configured
to allow both link-local and ULA addresses.
As cleared out in issue #5066 there are some ISPs that use Gloabal
Unicast addresses, so fix this rule to allow them.
Fixes: #5066
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
[rebase onto firewall3, clarify subject, bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit 65258f5d60)
The 2.4GHz interface doesn't come up properly with the log showing:
mt7621-pci 1e140000.pcie: pcie1 no card, disable it (RST & CLK)
As seen on other MT7621 boards this is caused by a missing reset GPIO.
The MT7621 dtsi set GPIO 19 as PCIe reset GPIO, which on this board
reset the 5GHz interface on port 0. Add GPIO 8 to the PCIe reset GPIO
list to also reset the 2.4GHz interface on port 1.
Signed-off-by: Alban Bedel <albeu@free.fr>
(cherry picked from commit f953a1a4bf)
Notify external ubus subscribers of received link-measurement reports.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f6445cfa1a)
Add a ubus method to request link-measurements from connected STAs.
In addition to the STAs address, the used and maximum transmit power can
be provided by the external process for the link-measurement. If they
are not provided, 0 is used as the default value.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 965aa33a18)
Allow external processes to enable advertisement of link-measurement RRM
capability.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 2ca5c3da04)
aa0e3c4bbe12 iwinfo: nl80211: add support for printing the device path for a phy
dd6d6d2dec35 iwinfo: nl80211: use new path lookup function for nl80211_phy_idx_from_uci_path
268bb26d2e2a iwinfo: nl80211: support looking up phy by path=.. and macaddr=...
c0414642fead iwinfo: nl80211: fix typo
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from commit 6e8475bbd0)
This is trivial fix of a duplicate definition of 'int ret'.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit df622768da)
MPLS feature symbols are normally only set when kmod-mpls is enabled, but the
CONFIG_MPLS symbol they depend on could also have been selected by openvswitch
instead
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 92add80414)
These boards have AR8327 or QCA8337 external ethernet switch.
The SOC also has it's own internal switch
where VLAN is now enabled by default.
Changes to preinit caused all switches to have VLANs enabled by default
even if they are not configured with a topology in uci_defaults
(see commit f017f617ae)
When both internal and external switches have VLANs,
and the external switch has both LAN and WAN,
the TX traffic from the SOC cannot flow to the tagged port on the external switch
because the VLAN IDs are not matching.
So disable the internal switch VLANs by default on these boards.
Also, add a topology for the internal switch,
so that on LuCI there is not an "unknown topology" warning.
In theory, it may be possible to have LAN ports on both switches
through internal and external PHYs, but there are no known boards that have this.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 2adeada045)
Define and use some missing macros,
and use them instead of BIT() or numbers for more readable code.
Add comment for a bit change that seems unrelated to ethernet
but is actually needed (PCIe Root Complex mode).
Remove unknown and unused macro RST_CTRL_MCM
(probably from MT7621 / MT7622)
This is the last of a series of fixes, so bump version.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 88a0cebadf)
the register bits for TX delay and RX delay are opposites:
when TX delay bit is set, delay is enabled
when RX delay bit is set, delay is disabled
So, when both bits are unset, it is RX delay
and when both bits are set, it is TX delay
Note: TXID is the default RGMII mode of the SOC
Fixes: 5410a8e295 ("ramips: mt7620: add rgmii delays support")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 26c84b2e46)
Add back the register write to disable internal PHYs
as a separate option in the code that can be set using a DTS property.
Set the option to true by default
when an external mt7530 switch is identified.
This makes the driver more in sync with original SDK code
while keeping the lines separated into different options
to accommodate any board with any PHY layout.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit cc6fd6fbb5)
The function mt7620_mdio_mode is only called once
and both the function and mdio_mode block have been named incorrectly,
leading to confusion and useless commits.
These lines in the mdio_mode block of mt7620_hw_init
are only intended for boards with an external mt7530 switch.
(see commit 194ca6127e)
Therefore, move lines from mdio_mode to the place in soc_mt7620.c
where the type of mt7530 switch is identified,
and move lines from mt7620_mdio_mode to a main function.
mt7620_mdio_mode was called from mt7620_gsw_init
where the priv struct is available,
so the lines must stay in mt7620_gsw_init function.
In order to keep things as simple as possible,
keep the DTS property related function calls together,
by moving them from mt7620_gsw_probe to init.
Remove the now useless DTS properties and extra phy nodes.
Fixes: 5a6229a93d ("ramips: remove superfluous & confusing DT binding")
Fixes: b85fe43ec8 ("ramips: mt7620: add force use of mdio-mode")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 6972e498d3)
Set the PHY base address to 12 for mt7530 and 8 for others,
which is based on the default setting for some devices
from printing the register with the following command
after it is written to by uboot during the boot cycle.
`md 0x10117014 1`
PHY_BASE option only uses 5 bits of the register,
bits 16 to 20, so use 8-bit integer type.
Set the option using the DTS property mediatek,ephy-base
and create the gsw node if missing.
Also, added a kernel message to display the EPHY base address.
Note:
If anything is written to a PHY address that is greater than 1 hex char (greater than 0xf)
then there is adverse effects with Atheros switches.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 0976b6c426)
When the new variable ephy_base was introduced,
it was not applied to the if block for mdio_mode.
The first line in the mdio_mode if block
sets the EPHY base address to 12 in the SOC by writing a register,
but the corresponding variable in the driver
was still set to the default of 0.
This causes subsequent lines that write registers with the function
_mt7620_mii_write
to write to PHY addresses 0 through 4
while internal PHYs have been moved to addresses 12 through 16.
All of these lines are intended only for PHYs on the SOC internal switch,
however, they are being written to external ethernet switches
if they exist at those PHY addresses 0 through 4.
This causes some ethernet ports to be broken on boards with AR8327 or QCA8337 switch.
Other suggested fixes move those lines to the else block of mdio_mode,
but removing the else block completely also fixes it.
Therefore, move the lines to the mt7620_hw_init function main block,
and have only one instance of the function mtk_switch_w32
for writing the register with the EPHY base address.
In theory, this also allows for boards that have both external switches
and internal PHYs that lead to ethernet ports to be supported.
Fixes: 391df37829 ("ramips: mt7620: add EPHY base mdio address changing possibility")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit de5394a29d)
A workaround was added to the switch driver
to set SOC port 4 as an RGMII GMAC interface
based on the DTS property mediatek,port4-gmac.
(previously mediatek,port4)
However, the ethernet driver already does this,
but is being blocked by a return statement
whenever the phy-handle and fixed-link properties
are both missing from nodes that define the port properties.
Revert the workaround, so that both the switch driver
and ethernet driver are not doing the same thing
and move the phy-handle related lines down
so nothing is ending the function prematurely.
While at it, clean up kernel messages
and delete useless return statements.
Fixes: f6d81e2fa1 ("mt7620: gsw: make IntPHY and ExtPHY share mdio addr 4 possible")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit afd60d650e)
These nodes are used for configuring a GMAC interface
and for defining external PHYs to be accessed with MDIO.
None of this is possible on MT7620N, only MT7620A,
so remove them from all MT7620N DTS.
When the mdio-bus node is missing, the driver returns -NODEV
which causes the internal switch to not initialize.
Replace that return so that everything works without the DTS node.
Also, an extra kernel message to indicate for all error conditions
that mdio-bus is disabled.
Fixes: d482356322 ("ramips: mt7620n: add mdio node and disable port4 by default")
Fixes: aa5014dd1a ("ramips: mt7620n: enable port 4 as EPHY by default")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit a2acdf9607)
There are only 2 options in the driver
for the function of mt7620 internal switch port 4:
EPHY mode (RJ-45, internal PHY)
GMAC mode (RGMII, external PHY)
Let the DTS property be boolean instead of string
where EPHY mode is the default.
Fix how the properties are written
for all DTS that use them,
and add missing nodes where applicable,
and remove useless nodes,
and minor DTS formatting.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 953bfe2eb3)
This enables autonegotiation for all ephy ports on probe.
Some devices do not configure the ports, particularly port 4.
Signed-off-by: Gaspare Bruno <gaspare@anlix.io>
[replace magic values ; reword commit message]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 0056ffb468)
The basic mode control register of the ESW PHYs is modified in this
codeblock. Use the respective macros to make this code more readable.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 6a15abbc75)
About the device
----------------
SoC: MediaTek MT7620a @ 580MHz
RAM: 64M
FLASH: 8MB
WiFi: SoC-integrated: MediaTek MT7620a bgn
WiFi: MediaTek MT7612EN nac
GbE: 2x (RTL8211F)
BTN: - WPS
- Reset
- Router/Repeater/AP (3-way slide-switch)
LED: - WPS (blue)
- 3-segment Wifi signal representation (blue)
- WiFi (blue)
- WAN (blue)
- LAN (blue)
- Power (blue)
UART: UART is present as Pads with through-holes on the PCB. They are
located next to the reset button and are labelled Vcc/TX/RX/GND as
appropriate. Use 3.3V, 57600-8N1.
Installation
------------
Using the webcmd interface
--------------------------
Warning: Do not update to the latest Wavlink firmware (version
20201201) as this removes the webcmd console and you will need to
use the serial port instead.
You will need to have built uboot/sqauashfs image for this device,
and you will need to provide an HTTP service where the image can
be downloaded from that is accessible by the device.
You cannot use the device manufacturers firmware upgrade interface
as it rejects the OpenWrt image.
1. Log into the device's admin portal. This is necessary to
authenticate you as a user in order to be able to access the
webcmd interface.
2. Navigate to http://<device-ip>/webcmd.shtml - you can access
the console directly through this page, or you may wish to
launch the installed `telnetd` and use telnet instead.
* Using telnet is recommended since it provides a more
convenient shell interface that the web form.
* Launch telnetd from the form with the command `telnetd`.
* Check the port that telnetd is running on using
`netstat -antp|grep telnetd`, it is likely to be 2323.
* Connect to the target using `telnet`. The username should
be `admin2860`, and the password is your admin password.
3. On the target use `curl` to download the image.
e.g. `curl -L -O http://<some-other-lan-ip>/openwrt-ramips-mt7620-\
wavlink_wl-wn579x3-squashfs-sysupgrade.bin`.
Check the hash using `md5sum`.
4. Use the mtd_write command to flash the image.
* The flash partition should be mtd4, but check
/sys/class/mtd/mtd4/name first. The partition should be
called 'Kernel'.
* To flash use the following command:
`mtd_write -r -e /dev/mtd<n> write <image-file> /dev/mtd<n>`
Where mtd<n> is the Kernel partition, and <image-file> is
the OpenWrt image previously downloaded.
* The command above will erase, flash and then reboot the
device. Once it reboots it will be running OpenWrt.
Connect via ssh to the device at 192.168.1.1 on the LAN port.
The WAN port will be configured via DHCP.
Using the serial port
---------------------
The device uses uboot like many other MT7260a based boards. To
use this interface, you will need to connect to the serial
interface, and provide a TFTP server. At boot follow the
bootloader menu and select option 2 to erase/flash the image.
Provide the address and filename details for the tftp server.
The bootloader will do the rest.
Once the image is flashed, the board will boot into OpenWrt. The
console is available over the serial port.
Signed-off-by: Ben Gainey <ba.gainey@googlemail.com>
(cherry picked from commit a509b80065)
Device specifications:
* Model: Youku YK-L1/L1c
* CPU: MT7620A
* RAM: 128 MiB
* Flash: 32 MiB (YK-L1)/ 16 MiB (YK-L1c)
* LAN: 2* 10M/100M Ports
* WAN: 1* 10M/100M Port
* USB: 1* USB2.0
* SD: 1* MicroSD socket
* UART: 1* TTL, Baudrate 57600
Descriptions:
Previous supported device YOUKU yk1 is actually Youku YK-L1. Though they look
really different, the only hardware difference between the two models is flash
size, YK-L1 has 32 MiB flash but YK-L1c has 16MiB. It seems that YK-L1c can
compatible with YK-L1's firmware but it's better to split it to different models.
It is easy to identify the models by looking at the label on the bottom of the
device. The label has the model number "YK-L1" or "YK-L1c". Due to different flash
sizes, YK-L1c that using previous YK-L1's firmware needs to apply "force update"
to install compatible firmware, so please backup config file before system upgrade.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[use more specific name for DTSI]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 4a9f389ed2)
1. rename led pin "air" to a more common name "wlan" and use "phy0tpt" to trigger it.
2. led "wan" can be triggered by ethernet pinctrl by default so just drop it.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit 882a6116d3)
Youku YK-L1 has a huge storage space up to 32 MB. It is better to
use a higher spi clock to read or write serial nor flash chips.
Youku YK-L1 has Winbond w25q256fvfg on board that can support
104 MHz spi clock so 48 MHz is safe enough.
The real frequency can only be sysclk(580MHz ) /3 /(2^n) so 80 MHz
defined in dts file will set only 48 MHz in spi bus.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
(cherry picked from commit bf7ddb18f1)
The kernel bump to 5.4 has removed the mx25l25635f hack, and the
mx25l25635f compatible is no longer required.
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
(cherry picked from commit 06af45ec05)
CONFIG_BLK_DEV_NVME [1]:
- This is a kernel driver for SSD connected to PCI or PCIe bus [1].
By default, it is enabled for targets "ipq807x", "rockchip/armv8"
and "x86/64".
With miniPCIe adapter, there is a possibility to connect NVMe disk
to Turris Omnia (cortex-a9), Turris MOX (cortex-a53).
It allows to boot system from NVMe disk, because of that it can not
be kmod package as you can not access the disk to be able to boot from
it.
CONFIG_NVME_CORE [2]:
- This is selected by CONFIG_BLK_DEV_NVME
It does not need to be explicitly enabled, but it is done for "ipq807",
"x64_64" and rockchip/armv8", which has also enabled the previous config
option as well.
Kernel increase: ~28k KiB on mamba kernel
Reference:
[1] https://cateee.net/lkddb/web-lkddb/BLK_DEV_NVME.html
[2] https://cateee.net/lkddb/web-lkddb/NVME_CORE.html
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 9d530ac4bf)
[rebased for config-5.4]
These devices only have 6MiB available for firmware, which is not
enough for recent release images, so move these to the tiny target.
Note for users sysupgrading from the previous ath79-generic snapshot
images:
The tiny target kernel has a 4Kb flash erase block size instead
of the generic target's 64kb. This means the JFFS2 overlay partition
containing settings must be reformatted with the new block size or else
there will be data corruption.
To do this, backup your settings before upgrading, then during the
sysupgrade, de-select "Keep Settings". On the CLI, use "sysupgrade -n".
If you forget to do this and your system becomes unstable after
upgrading, you can do this to format the partition and recover:
* Reboot
* Press RESET when Power LED blinks during boot to enter Failsafe mode
* SSH to 192.168.1.1
* Run "firstboot" and reboot
Signed-off-by: Joe Mullally <jwmullally@gmail.com>
Tested-by: Robert Högberg <robert.hogberg@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [commit message facelift]
(cherry picked from commit 44e1e5d)
Signed-off-by: Petr Štetiar <ynezz@true.cz>
According to the vendor [1] these HATs share the same DT overlay:
hifiberry-dacplus. The PCM512x-compatible control unit is attached to
I2C, so the additional snd-soc-pcm512x-i2c kernel module is required.
Also explicitly note the Amp2 support to reduce confusion for those
users.
[1] <https://www.hifiberry.com/docs/software/configuring-linux-3-18-x/>
Signed-off-by: Torsten Duwe <duwe@lst.de>
(added bcm27xx tag, changed commit message)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 7ea9936f7f)
The MikroTik RouterBOARD mAPL-2nd (sold as mAP Lite) is a small
2.4 GHz 802.11b/g/n PoE-capable AP.
See https://mikrotik.com/product/RBmAPL-2nD for more info.
Specifications:
- SoC: Qualcomm Atheros QCA9533
- RAM: 64 MB
- Storage: 16 MB NOR
- Wireless: Atheros AR9531 (SoC) 802.11b/g/n 2x2:2, 1.5 dBi antenna
- Ethernet: Atheros AR8229 (SoC), 1x 10/100 port, 802.3af/at PoE in
- 4 user-controllable LEDs:
· 1x power (green)
· 1x user (green)
· 1x lan (green)
· 1x wlan (green)
Flashing:
TFTP boot initramfs image and then perform sysupgrade. Follow common
MikroTik procedure as in https://openwrt.org/toh/mikrotik/common.
Note: following 781d4bfb39
The network setup avoids using the integrated switch and connects the
single Ethernet port directly. This way, link speed (10/100 Mbps) is
properly reported by eth0.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit eb38af7881)
Specification:
- QCA9533 (650 MHz), 64 or 128MB RAM, 16MB SPI NOR
- 2x 10/100 Mbps Ethernet, with 802.3at PoE support (WAN)
- 2T2R 802.11b/g/n 2.4GHz
Flash instructions:
If your device comes with generic QSDK based firmware, you can login
over telnet (login: root, empty password, default IP: 192.168.188.253),
issue first (important!) 'fw_setenv' command and then perform regular
upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download
image to the device, SSH server is not available):
fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000"
sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin
In case your device runs firmware with YunCore custom GUI, you can use
U-Boot recovery mode:
1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with
'tftp' image renamed to 'upgrade.bin'
2. Power the device with reset button pressed and release it after 5-7
seconds, recovery mode should start downloading image from server
(unfortunately, there is no visible indication that recovery got
enabled - in case of problems check TFTP server logs)
Signed-off-by: Clemens Hopfer <openwrt@wireloss.net>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry-picked from commit a05dcb0724)
[switch to mtd-mac-address instead of nvmem-cells]
Specification:
- QCA9563 (775MHz), 128MB RAM, 16MB SPI NOR
- 2T2R 802.11b/g/n 2.4GHz
- 2T2R 802.11n/ac 5GHz
- 2x 10/100/1000 Mbps Ethernet, with 802.3at PoE support (WAN port)
LED for 5 GHz WLAN is currently not supported as it is connected directly
to the QCA9882 radio chip.
Flash instructions:
If your device comes with generic QSDK based firmware, you can login
over telnet (login: root, empty password, default IP: 192.168.188.253),
issue first (important!) 'fw_setenv' command and then perform regular
upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download
image to the device, SSH server is not available):
fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000"
sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin
In case your device runs firmware with YunCore custom GUI, you can use
U-Boot recovery mode:
1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with
'tftp' image renamed to 'upgrade.bin'
2. Power the device with reset button pressed and release it after 5-7
seconds, recovery mode should start downloading image from server
(unfortunately, there is no visible indication that recovery got
enabled - in case of problems check TFTP server logs)
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry-picked from commit c91df224f5)
Fixes two high-severity vulnerabilities:
- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
can be bypassed. If a malicious client does not send the
certificate_verify message a client can connect without presenting a
certificate even if the server requires one.
- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
v1.3 server can have its certificate heck bypassed. If the sig_algo in
the certificate_verify message is different than the certificate
message checking may be bypassed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit e89f3e85eb)
This updates mac80211 to version 5.10.110-1 which is based on kernel
5.10.110.
The removed patches were applied upstream.
This new release contains many fixes which were merged into the upstream
Linux kernel.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Rename feature variable clang-bpf-global-var following upstream changes.
This restores the HAVE_CLANG feature override and should avoid rare build
errors where a recent host clang and BTF-enabled host kernel are present.
Fixes: 23be333401 ("bpftools: update to 5.10.10")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit cf20f1bb5f)
The following devices have a Winbond W25Q256FV flash chip,
which does not have the RESET pin enabled by default,
and otherwise would require setting a bit in a status register.
Before moving to Linux 5.4, we had the patch:
0053-mtd-spi-nor-add-w25q256-3b-mode-switch.patch
which kept specific flash chips with explicit 3-byte and 4-byte address modes
to stay in 3-byte address mode while idle (after an erase or write)
by using a custom flag SPI_NOR_4B_READ_OP that was part of the patch.
this was obsoleted by the patch:
481-mtd-spi-nor-rework-broken-flash-reset-support.patch
which uses the newer upstream flag SNOR_F_BROKEN_RESET
for devices with a flash chip that cannot be hardware reset with RESET pin
and therefore must be left in 3-byte address mode when idle.
The new patch requires that the DTS of affected devices
have the property "broken-flash-reset", which was not yet added for most of them.
This commit adds the property for remaining affected devices in ramips target,
specifically because of the flash chip model.
However, it is possible that there are other devices
where the flash chip uses an explicit 4-byte address mode
and the RESET pin is not connected to the SOC on the board,
and those DTS would also need this property.
Ref: 22d982ea00 ("ramips: add support for switching between 3-byte and 4-byte addressing")
Ref: dfa521f129 ("generic: spi-nor: rework broken-flash-reset")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
[pepe2k@gmail.com: backported to 21.02]
Fixes: #9655, #9636, #9547
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(backported from commit 74516f4357)
When using external targets there is a symlink being created for the
target under target/linux which then becomes dangling under Image
Builder. Fix it by dereferencing the possible symlink.
Tested on IB with external target, ipq40xx and mvebu.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 621f39d1f4)
(cherry picked from commit ec9af870f3)
When upgrading a TP-Link Archer C5 v1 from ar71xx to ath79,
the 5ghz radio stops working because the device path changed.
Same has been done for the Archer C7 before:
commit e19506f206 ("ath79: migrate Archer C7 5GHz radio device paths")
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit c6eb63d48f)
The label has the MAC address of eth0, not the WLAN PHY address. We can
merge the definition back into ar7241_ubnt_unifi.dtsi, as both DTS
derived from it use the same interface for their label MAC addresses
after all.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit aee9ccf5c1)
This backports the following upstream Linux patches
net: sfp: add mode quirk for GPON module Ubiquiti U-Fiber Instant
net: sfp: relax bitrate-derived mode check
net: sfp: cope with SFPs that set both LOS normal and LOS inverted
for 5.4 for mvebu platform.
This fixes GPON modules:
Ubiquiti U-Fiber Instant SFP GPON
VSOL V2801F
CarlitoxxPro CPGOS03-0490 v2.0
Signed-off-by: Marek Behún <marek.behun@nic.cz>
- Binary files were renamed to cyfmac from brcmfmac, but the files needs
to be on the router with the previous naming
[ 6.656165] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6
[ 6.665182] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.bin failed with error -2
[ 6.674928] brcmfmac mmc1:0001:1: Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.bin
- Cypress were acquired by Infineon Technologies
Thus change the project URL and switch to download files from their
GitHub repository. This is much better than the previous solution, which
requires finding new threads on their community forum about new driver
updates, and it will be necessary to change the URL each time.
Unfortunately, it seems that there is not published changelog, but
according to this forum thread [1], be careful by opening the link from
solution since it contains ending bracket ), it brings fixes for various
security vulnerabilities, which were fixed in 7_45_234.
Fixes:
- FragAttacks
- Kr00k
Also add LICENSE file
Run tested on Seeedstudio router powered by Raspberry Pi 4 CM with
package cypress-firmware-43455-sdio.
Before:
root@OpenWrt:~# dmesg | grep 'Firmware: BCM4345/6'
[ 6.895050] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM4345/6 wl0: Mar 23 2020 02:20:01 version 7.45.206 (r725000 CY) FWID 01-febaba43
After:
root@OpenWrt:~# dmesg | grep 'Firmware: BCM4345/6'
[ 6.829805] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM4345/6 wl0: Apr 15 2021 03:03:20 version 7.45.234 (4ca95bb CY) FWID 01-996384e2
[1] https://community.infineon.com/t5/Wi-Fi-Bluetooth-for-Linux/Outdated-brcmfmac-firmware-for-Raspberry-Pi-4-in-OpenWrt-21-02-1/m-p/331593#M2269
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 7ca7e0b22d)
The OCEDO Raccoon had significant packet-loss with cables longer than 50
meter. Disabling EEE restores normal operation.
Also change the ethernet config to reduce loss on sub-1G links.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4551bfd91f)
Required to allow sysupgrades from OpenWrt 19.07.
Closes#7071
Fixes: 98fbf2edc0 ("ath79: move TPLINK_HWID/_HWREV to parent for tplink-safeloader")
Tested-by: J. Burfeind <git@aiyionpri.me>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 8ba71f1f6f)
Tavis has just reported, that he was recently trying to track down a
reproducible crash in a compressor. Believe it or not, it really was a
bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.
Tavis has reported it upstream, but it turns out the issue has been
public since 2018, but the patch never made it into a release. As far as
he knows, nobody ever assigned it a CVE.
Suggested-by: Tavis Ormandy <taviso@gmail.com>
References: https://www.openwall.com/lists/oss-security/2022/03/24/1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b3aa2909a7)
(cherry picked from commit 3965dda0fa)
a20-olinuxino-lime2 is currently having hard time with link detection of
certain 1000Mbit partners due to usage of generic PHY driver, probably
due to following missing workaround introduced in upstream in commit
3aed3e2a143c ("net: phy: micrel: add Asym Pause workaround"):
The Micrel KSZ9031 PHY may fail to establish a link when the Asymmetric
Pause capability is set. This issue is described in a Silicon Errata
(DS80000691D or DS80000692D), which advises to always disable the
capability. This patch implements the workaround by defining a KSZ9031
specific get_feature callback to force the Asymmetric Pause capability
bit to be cleared.
This fixes issues where the link would not come up at boot time, or when
the Asym Pause bit was set later on.
As a20-olinuxino-lime2 has Micrel KSZ9031RNXCC-TR Gigabit PHY since
revision H, so we need to use Micrel PHY driver on those devices.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit ffa1088f63)
uDPU has 2 LM75 compatible temperature sensors, so include the driver for
them by default in order to utilize them.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [rebase]
(cherry picked from commit a8b2d35903)
(cherry picked from commit b9e90935db)
uDPU provides a FIT based initramfs, but currently gets stuck after U-boot
starts the kernel at "Starting kernel..".
It is due to the load address being too low, so increase it in order to get
the initramfs booting again.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit 80f21e5336)
(cherry picked from commit d65269a732)
The label has the MAC address of eth0, not the WLAN PHY address.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 2a02b70499)
This firmware should only be used for mobile devices (e.g. laptops), where
AP mode functionality is typically not used. This firmware supports a lot
of power saving offload functionality at the expense of AP mode support.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a1ac8728f8)
Add the STAs extended capabilities to the ubus STA information. This
way, external daemons can be made aware of a STAs capabilities.
This field is of an array type and contains 0 or more bytes of a STAs
advertised extended capabilities.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 6f78723977)
Include the current operation class to hostapd get_status interface.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 2a31e9ca97)
Add the beacon interval to hostapd status output. This allows external
services to discover the beacon interval for a specific VAP.
This way, external wireless management daemons can correctly calculate
fields containing TBTT value from absolute time-values.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3ba9846842)
Imports a function from iw to convert frequencies to channel numbers.
Co-authored-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
[fix potential out of bounds read]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 398df62756)
To allow steering daemons to be aware of the STA-decided transition
target, publish WNM transition responses to ubus. This way, steerings
daemons can learn about STA-chosen targets and send a better selection
of transition candidates.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit a3de42e72c)
The existing wnm_disassoc_imminent ubus method only supports issuing a
bss transition request with the disassoc imminent flag set.
For use-cases, where the client is requested to roam to another BSS
without a pending disassoc, this existing method is not suitable.
Add a new bss_transition_request ubus method, which provides a more
universal way to dispatch a transition request. It takes the following
arguments:
Required:
addr: String - MAC-address of the STA to send the request to (colon-seperated)
Optional:
abridged - Bool - Indicates if the abridged flag is set
disassociation_imminent: Bool - Whether or not the disassoc_imminent
flag is set
disassociation_timer: I32 - number of TBTTs after which the client will
be disassociated
validity_period: I32 - number of TBTTs after which the beacon
candidate list (if included) will be invalid
neighbors: blob-array - Array of strings containing neighbor reports as
hex-string
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 0eed96ca5d)
This is a bugfix release. Changelog:
*) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
forever for non-prime moduli. (CVE-2022-0778)
*) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK
(RFC 5489) to the list of ciphersuites providing Perfect Forward
Secrecy as required by SECLEVEL >= 3.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit e17c6ee627)
This fixes:
bash: xxd: command not found
on hosts without xxd installed.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 9dbca6bf6e)
Fixes: 45b3f2aa0f ("uboot-bcm4908: add package with BCM4908 U-Boot")
Don't download all of vim just to build xxd. Use a tight tarball
containing only xxd sources instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2b94aac7a1)
U-Boot requires xxd to create the default environment from an external
file as done in uboot-mediatek.
Build xxd (only, not the rest of vim) as part of tools to make sure it
is present on the buildhost.
Reported-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit c4dd2441e7)
OpenWrt uses a lot of (b)ash scripts for initial setup. This isn't the
best solution as they almost never consider syncing files / data. Still
this is what we have and we need to try living with it.
Without proper syncing OpenWrt can easily get into an inconsistent state
on power cut. It's because:
1. Actual (flash) inode and data writes are not synchronized
2. Data writeback can take up to 30 seconds (dirty_expire_centisecs)
3. ubifs adds extra 5 seconds (dirty_writeback_centisecs) "delay"
Some possible cases (examples) for new files:
1. Power cut during 5 seconds after write() can result in all data loss
2. Power cut happening between 5 and 35 seconds after write() can result
in empty file (inode flushed after 5 seconds, data flush queued)
Above affects e.g. uci-defaults. After executing some migration script
it may get deleted (whited out) without generated data getting actually
written. Power cut will result in missing data and deleted file.
There are three ways of dealing with that:
1. Rewriting all user-space init to proper C with syncs
2. Trying bash hacks (like creating tmp files & moving them)
3. Adding sync and hoping for no power cut during critical section
This change introduces the last solution that is the simplest. It
reduces time during which things may go wrong from ~35 seconds to
probably less than a second. Of course it applies only to IO operations
performed before /etc/init.d/boot . It's probably the stage when the
most new files get created.
All later changes are usually done using smarter C apps (e.g. busybox or
uci) that creates tmp files and uses rename() that is expected to be
atomic.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit 9851d4b6ce)
This is a step forward in adding support for devices with U-Boot.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 34fd5e325a)
New BCM4908 devices come with U-Boot instead of CFE. Firmwares for such
devices has to include U-Boot.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 0d45e1ea96)
This driver is needed to boot from CompactFlash on the Siemens Futro S400.
The device has an AMD NX1500 CPU, which seems to be unsupported by the
geode subtarget, so it must use legacy.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit c8350dfb3c)
1. Create "rootfs_data" dynamicaly
U-Boot firmware images can contain only 2 UBI volumes: bootfs (container
with U-Boot + kernel + DTBs) and rootfs (e.g. squashfs). There is no way
to include "rootfs_data" UBI volume or make firmware file tell U-Boot to
create one.
For that reason "rootfs_data" needs to be created dynamically. Use
preinit script to handle that. Fire it right before "mount_root" one.
2. Relate "rootfs_data" to flashed firmware
As already explained flashing new firmware with U-Boot will do nothing
to the "rootfs_data". It could result in new firmware reusing old
"rootfs_data" overlay UBI volume and its file. Users expect a clean
state after flashing firmware (even if flashing the same one).
Solve that by reading flash counter of running firmware and storing it
in "rootfs_data" UBI volume. Every mismatch will result in wiping old
data.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 93259e8ca2)
This fixes problem with USB PHY not handling some USB 3.0 devices.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 0dbcefdd52)
For debugging purposes, we need to know if users are using modified
U-boot versions or not. Currently, the U-boot version is somehow
stripped. This is a little bit problematic when there are
backported/wip/to-upstream patches.
To make it more confusing, there was (before this commit) two U-boot
versioning. U-boot compiled by OpenWrt build bots are missing ``Build:``
This is also the case when the U-boot is compiled locally.
Example:
```
U-Boot SPL 2022.01 (Jan 27 2022 - 00:24:34 +0000)
U-Boot 2022.01 (Jan 27 2022 - 00:24:34 +0000)
```
On the other hand, if you run full build, you can at least see, where it
was compiled. Notice added ``Build:``.
Example:
```
U-Boot 2022.01 (Jan 27 2022 - 00:24:34 +0000), Build: jenkins-turris-os-packages-burstlab-omnia-216
```
In both cases, it is not clear to U-boot developers if it is an unmodified
build. This is also caused that there is a missing ``.git`` file from
U-boot folder, and so there is no history. It leads to that it can not
contain suffix ``-dirty`` (uncommitted modifications) or even something
else like number of commits, etc. [1]
When U-boot is compiled as it should be, the version should look like
this: ``U-Boot 2022.04-rc1-01173-g278195ea1f (Feb 11 2022 - 14:46:50 +0100)``
The date is not changed daily when there are new OpenWrt builds.
This commit adds OpenWrt specific version, which could be verified by
using strings.
```
$ strings bin/targets/mvebu/cortexa9/u-boot-omnia/u-boot-spl.kwb | grep -E "OpenWrt*"
U-Boot SPL 2022.01-OpenWrt-r18942+54-cbfce92367 (Feb 21 2022 - 13:17:34 +0000)
arm-openwrt-linux-muslgnueabi-gcc (OpenWrt GCC 11.2.0 r18942+54-cbfce92367) 11.2.0
2022.01-OpenWrt-r18942+54-cbfce92367
U-Boot 2022.01-OpenWrt-r18942+54-cbfce92367 (Feb 21 2022 - 13:17:34 +0000)
```
[1] https://u-boot.readthedocs.io/en/latest/develop/version.html
Reported-by: Pali Rohár <pali@kernel.org>
Suggested-by: Karel Kočí <karel.koci@nic.cz>
[rebased for OpenWrt 21.02]
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit d6aa9d9e07)
Release notes:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt
```
It includes the following security fix
* In some situations the X.509 verifier would discard an error on an
unverified certificate chain, resulting in an authentication bypass.
Thanks to Ilya Shipitsin and Timo Steinlein for reporting.
```
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 495c4f4e19)
The following patch was integrated upstream:
target/linux/bcm4908/patches-5.4/180-i2c-brcmstb-fix-support-for-DSL-and-CM-variants.patch
All other updated automatically.
The new config option CONFIG_BPF_UNPRIV_DEFAULT_OFF is now handled too.
Compile-tested on: lantiq/xrx200, armvirt/64
Runtime-tested on: lantiq/xrx200, armvirt/64
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
From version 2021.09 U-Boot will fixup Turris Omnia's DTB before
booting, separating U-Boot's environment into separate MTD partition
"u-boot-env" [1].
Check if "u-boot-env" MTD partition exists and set the uci defaults
accordingly.
[1] https://lists.denx.de/pipermail/u-boot/2021-July/455017.html
Signed-off-by: Marek Behún <marek.behun@nic.cz>
(cherry picked from commit 713be75439)
Fixes following warning message during image building process:
Finalizing root filesystem...
root-ipq806x/lib/upgrade/asrock.sh: line 1: /lib/functions.sh: No such file or directory
Enabling boot
root-ipq806x/lib/upgrade/asrock.sh: line 1: /lib/functions.sh: No such file or directory
Enabling bootcount
Fixes#9350
Fixes: 98b86296e6 ("ipq806x: add support for ASRock G10")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit fc317a190c)
This reverts commit 13a185bf8a.
There was a report that one A1004ns device fails to detect its flash
chip correctly:
[ 1.470297] spi-nor spi0.0: unrecognized JEDEC id bytes: e0 10 0c 40 10 08
[ 1.484110] spi-nor: probe of spi0.0 failed with error -2
It also uses a different flash chip model:
* in my hand: Winbond W25Q128FVSIG (SOIC-8)
* reported: Macronix MX25L12845EMI-10G (SOP-16)
Reducing spi-max-frequency solved the detection failure. Hence revert.
Reported-by: Koasing <koasing@gmail.com>
Tested-by: Koasing <koasing@gmail.com>
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 9968a909c2)
Fixes following error while executing the init script on the buildhost:
Enabling boot
./etc/init.d/bootcount: line 5: /lib/upgrade/asrock.sh: No such file or directory
Enabling bootcount
While at it fix following shellcheck issue:
base-files/etc/init.d/bootcount line 11:
if [ $? -eq 0 ]; then
^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.
Fixes: #9345
Cc: Ansuel Smith <ansuelsmth@gmail.com>
Cc: Pawel Dembicki <paweldembicki@gmail.com>
Cc: Christian Lamparter <chunkeey@gmail.com>
Fixes: 98b86296e6 ("ipq806x: add support for ASRock G10")
References: https://gitlab.com/ynezz/openwrt/-/jobs/1243290743#L1444
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit ce8af0ace0)
Backport fix for API breakage of SSL_get_verify_result() introduced in
v5.1.1-stable. In v4.8.1-stable SSL_get_verify_result() used to return
X509_V_OK when used on LE powered sites or other sites utilizing
relaxed/alternative cert chain validation feature. After an update to
v5.1.1-stable that API calls started returning X509_V_ERR_INVALID_CA
error and thus rendered all such connection attempts imposible:
$ docker run -it openwrt/rootfs:x86_64-21.02.2 sh -c "wget https://letsencrypt.org"
Downloading 'https://letsencrypt.org'
Connecting to 18.159.128.50:443
Connection error: Invalid SSL certificate
Fixes: #9283
References: https://github.com/wolfSSL/wolfssl/issues/4879
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b9251e3b40)
It's reported that current memory detection code occasionally detects
larger memory under some bootloaders.
Current memory detection code tests whether address space wraps around
on KSEG0, which is unreliable because it's cached.
Rewrite memory size detection to perform the same test on KSEG1 instead.
While at it, this patch also does the following two things:
1. use a fixed pattern instead of a random function pointer as the magic
value.
2. add an additional memory write and a second comparison as part of the
test to prevent possible smaller memory detection result due to
leftover values in memory.
Fixes: 6d91ddf517 ("ramips: mt7621: add support for memory detection")
Reported-by: Rui Salvaterra <rsalvaterra@gmail.com>
Tested-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit 2f024b7933)
[backport for OpenWrt 21.02 as it was reproducible with Kernel 5.4, see [1]]
[1]: https://forum.openwrt.org/t/113081
Tested-by: Dimitri Souza <dimitri.souza@gmail.com> [mt7621/archer-c6-v3]
Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
The bit position mask was accidentally made too wide, overlapping with the LSB
from the byte position mask. This caused ECC calculation to fail for odd bytes
Signed-off-by: Chad Monroe <chad.monroe@smartrg.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 918d4ab41e)
The $INODE64 symbol variants are not present, since the base system
always uses 64-bit file offsets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 53ebacacf9)
For some reason, the generated configure script fails to properly set up
the internal preprocessor command variable, causing the host OS check for
Darwin to fail after the last update.
Explicitly setting CPP fixes this issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 48e209e5c5)
This fixes the following security problem:
The command-line argument parser in tcpdump before 4.99.0 has a buffer
overflow in tcpdump.c:read_infile(). To trigger this vulnerability the
attacker needs to create a 4GB file on the local filesystem and to
specify the file name as the value of the -F command-line argument of
tcpdump.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8f5875c4e2)
14f2867b57 Fix failing nss/tst-nss-files-hosts-long with local resolver
d27d1e4d13 posix: Fix attribute access mode on getcwd [BZ #27476]
4b95183785 S390: Add PCI_MIO and SIE HWCAPs
6090cf1330 elf: Replace nsid with args.nsid [BZ #27609]
9edf29fd72 s390: Use long branches across object boundaries (jgh instead of jh)
94c91ce231 support: Add xpthread_kill
f9592d65f2 nptl: Do not set signal mask on second setjmp return [BZ #28607]
1cc490adca powerpc64[le]: Fix CFI and LR save address for asm syscalls [BZ #28532]
c76a0ba878 gconv: Do not emit spurious NUL character in ISO-2022-JP-3 (bug 28524)
c493f6a0e4 powerpc64[le]: Allocate extra stack frame on syscall.S
55b99e9ed0 powerpc: Fix unrecognized instruction errors with recent GCC
a51b76b71e x86: use default cache size if it cannot be determined [BZ #28784]
f10e992e8d socket: Add the __sockaddr_un_set function
4653cd9e36 CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" (bug 22542)
dae9a8e7f6 sunrpc: Test case for clnt_create "unix" buffer overflow (bug 22542)
4f4452721d <shlib-compat.h>: Support compat_symbol_reference for _ISOMAC
0f70b829f8 CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug 28768)
5cab4e3f3a powerpc: Fix unrecognized instruction errors with recent binutils
ac148bdd88 elf: Fix glibc-hwcaps priorities with cache flags mismatches [BZ #27046]
e081bafcb1 support: Add helpers to create paths longer than PATH_MAX
e41e5b97e3 realpath: Set errno to ENAMETOOLONG for result larger than PATH_MAX [BZ #28770]
f63cb3cf72 tst-realpath-toolong: Fix hurd build
46a70c49ba support: Add xclone
bcdde07537 getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999)
41980af2d7 realpath: Avoid overwriting preexisting error (CVE-2021-3998)
48d9161e02 Linux: Detect user namespace support in io/tst-getcwd-smallbuff
06ce5fbd6d support: Fix xclone build failures on ia64 and hppa
d251ad533e aarch64: align stack in clone [BZ #27939]
3d52239b30 x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755]
86c153d092 NEWS: Add a bug fix entry for BZ #28755
6b7b6c7514 test-strnlen.c: Initialize wchar_t string with wmemset [BZ #27655]
a744a0a3fe test-strnlen.c: Check that strnlen won't go beyond the maximum length
f0a2b67147 x86: Set Prefer_No_VZEROUPPER and add Prefer_AVX2_STRCMP
9cee072f8f x86-64: Add ifunc-avx2.h functions with 256-bit EVEX
06d1aed51b x86-64: Add strcpy family functions with 256-bit EVEX
1697e739ef x86-64: Add memmove family functions with 256-bit EVEX
47bf9f38bb x86-64: Add memset family functions with 256-bit EVEX
15bae38c8b x86-64: Add memcmp family functions with 256-bit EVEX
0598a25cbe x86-64: Add AVX optimized string/memory functions for RTM
82f1ba9af7 x86: Add string/memory function tests in RTM region
763cea698b x86-64: Use ZMM16-ZMM31 in AVX512 memset family functions
d49105cc7a x86-64: Use ZMM16-ZMM31 in AVX512 memmove family functions
31dd3e3cb3 x86-64: Fix ifdef indentation in strlen-evex.S
902af2f5ee NEWS: Add a bug fix entry for BZ #27457
e09c377806 x86: Optimize memchr-avx2.S
453ed0a0f2 x86: Fix overflow bug with wmemchr-sse2 and wmemchr-avx2 [BZ #27974]
b72b89705e x86: Optimize strlen-avx2.S
355afae940 x86: Optimize memchr-evex.S
3dea108f60 x86-64: Fix an unknown vector operation in memchr-evex.S
5697e2dda8 x86-64: Move strlen.S to multiarch/strlen-vec.S
3ac5a7fe8b x86-64: Add wcslen optimize for sse4.1
cef3bffade x86: Fix overflow bug in wcsnlen-sse4_1 and wcsnlen-avx2 [BZ #27974]
8a3a0177c7 x86: Optimize strlen-evex.S
2b00ee820a String: Add overflow tests for strnlen, memchr, and strncat [BZ #27974]
25941de34e NEWS: Add a bug fix entry for BZ #27974
3e2a15c666 x86-64: Require BMI2 for __strlen_evex and __strnlen_evex
5cb6edb6cd x86: Copy IBT and SHSTK usable only if CET is enabled
0a5f5e2dc1 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
54fdfa2b33 x86: Black list more Intel CPUs for TSX [BZ #27398]
1b8f2456b9 x86: Use CHECK_FEATURE_PRESENT to check HLE [BZ #27398]
260360e89b x86: Remove wcsnlen-sse4_1 from wcslen ifunc-impl-list [BZ #28064]
1956ad4930 x86-64: Test strlen and wcslen with 0 in the RSI register [BZ #28064]
78d25827ae Linux: Simplify __opensock and fix race condition [BZ #28353]
9495d729f6 hurd if_index: Explicitly use AF_INET for if index discovery
55446dd8a2 socket: Do not use AF_NETLINK in __opensock
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes some recent security problems in hostapd.
See here for details: https://w1.fi/security/2022-1
* CVE-2022-23303
* CVE-2022-23304
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
x509v3 SAN extension is required to generate a certificate compatible with
chromium-based web browsers (version >58)
It can be disabled via unsetting CONFIG_WOLFSSL_ALT_NAMES
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry picked from commit dfd695f4b9)
This fixes the following security problems:
* Zeroize several intermediate variables used to calculate the expected
value when verifying a MAC or AEAD tag. This hardens the library in
case the value leaks through a memory disclosure vulnerability. For
example, a memory disclosure vulnerability could have allowed a
man-in-the-middle to inject fake ciphertext into a DTLS connection.
* Fix a double-free that happened after mbedtls_ssl_set_session() or
mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
(out of memory). After that, calling mbedtls_ssl_session_free()
and mbedtls_ssl_free() would cause an internal session buffer to
be free()'d twice. CVE-2021-44732
The sizes of the ipk changed on MIPS 24Kc like this:
182454 libmbedtls12_2.16.11-2_mips_24kc.ipk
182742 libmbedtls12_2.16.12-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 57f38e2c82)
Many changes were done in drivers/pinctrl/bcm/pinctrl-bcm2835.c between
5.4.171 and 5.4.179.
The following 3 patches do not apply any more:
* target/linux/bcm27xx/patches-5.4/950-0316-pinctrl-bcm2835-Add-support-for-BCM2711-pull-up-func.patch
This was already integrated in kernel v5.4-rc1, it was never needed.
* target/linux/bcm27xx/patches-5.4/950-0328-Revert-pinctrl-bcm2835-Pass-irqchip-when-adding-gpio.patch
* target/linux/bcm27xx/patches-5.4/950-0362-pinctrl-bcm2835-Change-init-order-for-gpio-hogs.patch
I think these were done to fix the problem which was really fixed in
commit 75278f1aff5e ("pinctrl: bcm2835: Change init order for gpio
hogs") from v5.4.175
target/linux/generic/backport-5.4/716-v5.5-net-sfp-move-fwnode-parsing-into-sfp-bus-layer.patch
Move fwnode_device_is_available to the same position as in kernel 5.10.
target/linux/layerscape/patches-5.4/302-dts-0083-arm64-ls1028a-qds-correct-bus-of-rtc.patch
Applied in commit 65816c1034769e714edb70f59a33bc5472d9e55f ("arm64: dts:
ls1028a-qds: move rtc node to the correct i2c bus")
Compile-tested: lantiq/xrx200, bcm27xx/bcm2710
Run-tested: lantiq/xrx200
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Device specifications:
======================
* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/200 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
- 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 2T2R 2.4 GHz Wi-Fi (11n)
* 2T2R 5 GHz Wi-Fi (11ac)
* 4x GPIO-LEDs (3x wifi, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* TI tmp423 (package kmod-hwmon-tmp421) for temperature monitoring
* 2x ethernet
- eth0
+ AR8035 ethernet PHY (RGMII)
+ 10/100/1000 Mbps Ethernet
+ 802.3af POE
+ used as LAN interface
- eth1
+ AR8031 ethernet PHY (RGMII)
+ 10/100/1000 Mbps Ethernet
+ 18-24V passive POE (mode B)
+ used as WAN interface
* 12-24V 1A DC
* internal antennas
This device support is based on the partially working stub from commit
53c474abbd ("ath79: add new OF only target for QCA MIPS silicon").
Flashing instructions:
======================
Various methods can be used to install the actual image on the flash.
Two easy ones are:
ap51-flash
----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP
-------------------
The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):
setenv serverip 192.168.1.21
setenv ipaddr 192.168.1.1
tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr
The actual sysupgrade image can then be transferred (on the LAN port) to the
device via
scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/
On the device, the sysupgrade must then be started using
sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit 1699c1dc7f)
This commit fixes commit "2999f810ff: build,IB: include kmods only in
local builds" which cause the local packages/ folder only to be added
for local builds but no longer for ImageBuilder created by the Buildbot.
The commits intention was to use remote kmods repositories rather than
storing them locally. Accidentally the entire handling of the local
`packages/` was removed.
Re-add the folder and include a README describing what it can be used
for.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 15e55a2190)
Fixes: #5068
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
945d0d7 utils: fix C style in header file
2cfc26f inittab: detect active console from kernel if no console= specified
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ffeb37047e)
This adds conflicts between variants of libustream pacakge.
They provide the same file and thus it should not be possible to install
them side by side.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit 219e17a350)
All buttons of the FritzBox 7360 family are active-low, not active-high.
Corrent the GPIO flag. This fixes release triggers upon push of a button.
Reported-by: Jan-Niklas Burfeind <git@aiyionpri.me>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3154537864)
Apply the same fix that was previously done for the Archer C7v5 to the
A7v5 as well to make the web UI accept our images again.
This is a backport of firmware-utils
commit 84dbf8ee49f522d3a4528763c9473cf3dd7c8c52.
Tested-by: Luflosi <luflosi@luflosi.de>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
It was reported that some rb912 boards (ar934x) have issues with some ethernet speeds.
Investigation shows that the board failed to adapt the ethernet pll values as shown here:
[ 5.284359] ag71xx 19000000.eth: failed to read pll-handle property
added custom prints in code and triggering a link switch:
[ 62.821446] Atheros AG71xx: fast reset
[ 62.826442] Atheros AG71xx: update pll 2
[ 62.830494] Atheros AG71xx: no pll regmap!
Comparison with another very similar board (rb922 - QCA955x) showed a missing
reference clock frequency in dts, which seems to cause a pll init issue.
Unfortunately, no errors are printed when this occurs.
Adding the frequency property fixes the pll init as it can be parsed now
by the ethernet driver.
[ 55.861407] Atheros AG71xx: fast reset
[ 55.866403] Atheros AG71xx: update pll 2
[ 55.870462] Atheros AG71xx: ath79_set_pllval: regmap: 0x81548000, pll_reg: 0x2c, pll_val: 0x02000000
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 2a00054618)
Adds support for GPON SFP modules based on the Realtek RTL8672 and
RTL9601C chips, including but not limited to:
* V-SOL V2801F
* C-Data FD511GX-RM0
* OPTON GP801R
* BAUDCOM BD-1234-SFM
* CPGOS03-0490 v2.0
* Ubiquiti U-Fiber Instant
* EXOT EGS1
Signed-off-by: Vladimir Markovets <abam_a@yahoo.com>
(cherry picked from commit f032601ed7)
This allows LEDs to be triggered by custom pattern and not just
predefined ones.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit 507911f477)
The name of the module is 'uleds', not 'leds-uleds'.
Signed-off-by: Evgeny Kolesnikov <evgenyz@gmail.com>
[improve commit title]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3e9318f3c0)
The allows userspace LEDs to be created and controlled. This can be useful
for testing triggers and can also be used to implement virtual LEDs.
Signed-off-by: Keith T. Garner <kgarner@kgarner.com>
[squash fixup commit and improve option wording]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 6a37286c2a)
The patch
PCI: aardvark: Don't touch PCIe registers if no card connected
was applied into Linux stable version 5.4.163.
Remove it from patches-5.4.
(It applied even though it was applied already, resulting in repeated
code.)
Fixes: 14940aee45 ("kernel: bump 5.4 to 5.4.163")
Signed-off-by: Marek Behún <marek.behun@nic.cz>
This is a bugfix release. Changelog:
*) Avoid loading of a dynamic engine twice.
*) Fixed building on Debian with kfreebsd kernels
*) Prioritise DANE TLSA issuer certs over peer certs
*) Fixed random API for MacOS prior to 10.12
Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit def9565be6)
Right now it includes bcm4908 variant only that is required by BCM4908
family devices with U-Boot.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f18288e267)
This is a requirement for backporting DT files defining such LEDs.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 85ad48c957)
BCM4908 devices with U-Boot use pkgtb firmware format. It's based on
U-Boot's FIT: DTB with configurations, images & embedded data.
This format contains bootfs, rootfs and optionally a first stage U-Boot
loader. Contained images need to be extracted & flashed.
Broadcom used two sets of firmwares: main & backup. It uses UBI volumes
"metadata1" & "metadata2" for storing U-Boot env variables with info
about flashed images.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 5f05795aa7)
It's very useful flag for handling various formats in sysupgrade. This
commit comes from the 1.34.0 release.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
fdt* utils are needed by targets that use U-Boot FIT images for
sysupgrade. It includes all recent BCM4908 SoC routers as Broadcom
switched from CFE to U-Boot.
fdtget is required for extracting images (bootfs & rootfs) from
Broadcom's ITB. Extracted images can be then flashed to UBI volumes.
sysupgrade is core functionality so it needs dtc as part of base code
base.
Cc: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This results in setting format specific data (format info, extract
commands) in a single function. It should help maintaining sysupgrade
code.
This change has been tested on Asus GT-AC5300 and Netgear R8000P.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 30b168b9b8)
Based on: 1ac627024d ("kernel: ath10k-ct: provide a build variant for
small RAM devices")
Like described in the ath10k-ct-smallbuffers version, oom-killer gets
triggered frequently by devices with small RAM.
That change is necessary for many community mesh networks which use
ath10k based devices with too little RAM. The -ct driver has been
proven unstable if used with 11s meshing and only wave2 chipsets are
supporting 11s. Freifunk Berlin is nowadays assembling its
firmware-based completely of vanilla OpenWRT with some package additions
which are made through the imagebuilder. Therefore we cannot take the
approach other freifunk communities have taken to maintain that patch
downstream [1]. Other communities consider these devices as broken and
that change would pretty much give those devices a second life [2].
[1] - 450b306e54
[2] - https://github.com/freifunk-gluon/gluon/issues/1988#issuecomment-619532909
Signed-off-by: Simon Polack <spolack+git@mailbox.org>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 694757a08f)
Fix default network configuration of the Puzzle-M902 so all LAN ports
are included in the LAN bridge.
Setup network LED to indicate WAN port link status, like vendor
firmware does as well.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit f9782f5bcd)
While on Linux 5.10 this fixes Ethernet link status on all ports and
makes 2.5G ports usable in 2.5G and 1G full-duplex mode, when using
Linux 5.4 and backported Aquantia phy patches, only 1G mode works on
the 2.5G ports and link speed and duplex are not reported correctly
from the phy in case of 2.5G.
The reasons are probably trivial, but hard to find. As having all
ports work at least in 1G speed instead of having them not work at
all is still better, push this anyway for now.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit f81a06408e)
Copy and refresh patch enabling AQR112 and AQR412 Ethernet PHY from
layerscape (5.4) target to mvebu (5.4) as AQR112 can also be found
in IEI Puzzle devices.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Wire up MCU driver for LEDs, fan and temperature sensor, and add
GPIO reset button just like on the M902 also on the Puzzle M901.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3684b494dd)
Add reset button to device tree so it has the function expected from
usual OpenWrt devices.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ddad936fc6)
Set blinking mode using scheduled work instead of blocking which may
result in deadlocks.
Add dynamic kprintf debugging hexdumps of all MCU rx and tx.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 7e4c1cca8a)
Backport MFD driver for communicating with the on-board MCU found on
IEI World Puzzle appliances.
Improve the driver to support multiple LEDs, apply a default state and
let MCU take care of blinking if timing is within supported range.
Wire up LEDs and fan for Puzzle M902 in device tree.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit f0c0b18234
with commit 962c585580 squashed)
When the list of packages to be installed in a built image exceeds a certain
number, then 'opkg install' executed for target '$(curdir)/install' in
package/Makefile fails with: /usr/bin/env: Argument list too long.
On Linux, the length of a command-line parameter is limited by
MAX_ARG_STRLEN to max 128 kB.
* https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/binfmts.h#L15
* https://www.in-ulm.de/~mascheck/various/argmax/
To solve the problem, store the package list being passed to 'opkg install'
in a temporary file and use the shell command substitution to pass the
content of the file to 'opkg install'. This guarantees that the length of
the command-line parameters passed to the bash shell is short.
The following bash script demonstrates the problem:
----------------------------------------------------------------------------
count=${1:-1000}
FILES=""
a_file="/home/egorenar/Repositories/openwrt-rel/bin/targets/alpine/generic/packages/base-files_1414-r16464+19-e887049fbb_arm_cortex-a15_neon-vfpv4.ipk"
for i in $(seq 1 $count); do
FILES="$FILES $a_file"
done
env bash -c "echo $FILES >/dev/null"
echo "$FILES" | wc -c
----------------------------------------------------------------------------
Test run:
----------------------------------------------------------------------------
$ ./test.sh 916
130989
$ ./test.sh 917
./test.sh: line 14: /bin/env: Argument list too long
131132
----------------------------------------------------------------------------
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
[reword commit subject]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 1854aeec4d)
this patch consolidates the amd64-microcode
(moved to linux-firmware.git, previously this was an extra
debian source package download), amdgpu and radeon firmwares
into a shared "amd" makefile.
this will include a microcode update for ZEN 3 CPUs that
came with the 20211216 linux-firmware bump.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit cf8ee49c9b)
The rtl8723bs firmware was removed and a symlink to the rtl8723bu
firmware was created like it is done in upstream linux-firmware.
The following OpenWrt packages are changing:
* amdgpu-firmware: Multiple updates and new files
* ar3k-firmware: Multiple updates and new files
* ath10k-firmware-qca6174: Updated ath10k/QCA6174/hw3.0/board-2.bin
* bnx2x-firmware: Added bnx2x-e1-7.13.21.0.fw, bnx2x-e1h-7.13.21.0.fw and bnx2x-e2-7.13.21.0.fw
* iwlwifi-firmware-iwl8260c: Updated iwlwifi-8000C-36.ucode
* iwlwifi-firmware-iwl8265: Updated iwlwifi-8265-36.ucode
* iwlwifi-firmware-iwl9000: Updated iwlwifi-9000-pu-b0-jf-b0-46.ucode
* iwlwifi-firmware-iwl9260: Updated iwlwifi-9260-th-b0-jf-b0-46.ucode
* r8169-firmware: Updated rtl8153c-1.fw
* rtl8723bs-firmware: removed
* rtl8723bu-firmware: Added rtlwifi/rtl8723bs_nic.bin symlink
* rtl8822ce-firmware: Updated rtw8822c_fw.bin
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 397dfe4a97)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (2012->2021)
In there linux-firmware repository located in kernel, there were removed old
broadcom firmware [1] as they seem to be likely vulnerable to KrØØk vulnerability
(CVE-2019-15126), because Cypress released new versions and superseded
by it.
In OpenWrt, there is Makefile for cypress-firmware, which already provides
the same named packages like it was in linux-firmware. For example, cypress-firmware-43455-sdio
provides brcmfmac-firmware-43455-sdio [2].
Changelog between 2020118 and 20210315:
3568f96 (tag: 20210315) linux-firmware: Update firmware file for Intel Bluetooth AX210
9e96e50 linux-firmware: Update firmware file for Intel Bluetooth AX200
c8d0db5 linux-firmware: Update firmware file for Intel Bluetooth AX201
5e2a387 Merge tag 'iwlwifi-fw-2021-03-05-v3' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into main
b0d3e31 rtw88: 8822c: Update normal firmware to v9.9.6
5a2fd63 iwlwifi: add new FWs from core59-66 release
4f54906 iwlwifi: update 9000-family firmwares
11b7607 iwlwifi: update 7265D firmware
e425f76 Merge branch 'add-silabs-wf200' of github.com:jerome-pouiller/linux-firmware into main
5ecd13f Mellanox: Add new mlxsw_spectrum firmware xx.2008.2406
58fb90a linux-firmware: add frimware for mediatek bluetooth chip (MT7921)
e576a1b rtw89: 8852a: add firmware v0.9.12.2
048a7cb WHENCE: add missing symlink for BananaPi M3
aa6c6e7 Add symlink for BananaPi M2 to brcmfmac43430-sdio config
58825f7 brcm: Fix Raspberry Pi 4B NVRAM file
520f71b silabs: add new firmware for WF200
f7915a0 amdgpu: add initial firmware for green sardine
80cb579 rtw88: RTL8822C: Update normal firmware to v9.9.5
b79d239 (tag: 20210208) Merge branch 'DG1-guc-huc-ADLS-dmc' of git://anongit.freedesktop.org/drm/drm-firmware into main
66970e1 Merge branch 'qcom-rb5' of https://github.com/lumag/linux-firmware into main
cf6fc2b Mellanox: Add new mlxsw_spectrum firmware xx.2008.2304
391fd50 linux-firmware: add firmware for MT7921
c5e3240 rtw88: RTL8821C: Update firmware to v24.8
d33d2d8 linux-firmware: Update firmware file for Intel Bluetooth AX210
3027ae4 linux-firmware: Update firmware file for Intel Bluetooth AX200
13979c3 linux-firmware: Update firmware file for Intel Bluetooth AX201
348d8a9 i915: Add DMC v2.01 for ADL-S
f33f1f7 i915: Add HuC v7.7.1 for DG1
6a422f5 i915: Add GuC v49.0.1 for DG1
df822a8 qcom: Add venus firmware files for VPU-1.0
11a1db1 qcom: Add SM8250 Compute DSP firmware
e55248b qcom: Add SM8250 Audio DSP firmware
da74cc6 qcom: add firmware files for Adreno a650
0578970 brcm: Link RPi4's WiFi firmware with DMI machine name.
d528862 brcm: Add NVRAM for Vamrs 96boards Rock960
870b805 brcm: Update Raspberry Pi 3B+/4B NVRAM for downstream changes
a28a590 cypress: Fix link direction
060ad8b cypress: Link the new cypress firmware to the old brcm files
0f0aefd brcm: remove old brcm firmwares that have newer cypress variants
f580dc2 rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x059A_25CB
7df2220 rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099a_7253
e79405d rtl_bt: Add firmware and config files for RTL8852A BT USB chip
ef3813d rtl_bt: Update RTL8821C BT(USB I/F) FW to 0x829a_7644
646f159 (tag: 20201218) make AP6212 in bananpi m2 plus/zero work
28185ec linux-firmware: Update firmware file for Intel Bluetooth AX210
23da869 linux-firmware: Update firmware file for Intel Bluetooth AX200
2099248 linux-firmware: Update firmware file for Intel Bluetooth AX201
94de5e2 linux-firmware: Update firmware file for Intel Bluetooth 9560
27a3689 linux-firmware: Update firmware file for Intel Bluetooth 9260
5c3c4af Merge branch 'lt9611uxc' of https://github.com/lumag/linux-firmware into main
aaed4a8 Merge branch 'v1.1.6' of https://github.com/irui-wang/linux_fw_vpu_v1.1.6 into main
d8c9865 Merge branch 'master' of https://github.com/sampnimm/linux-firmware-BT into main
63ab3db linux-firmware: add firmware for Lontium LT9611UXC DSI to HDMI bridge
0fe0fe0 mediatek: update MT8173 VPU firmware to v1.1.6
1a08ec9 QCA : Updated firmware files for WCN3991
7455a36 Merge branch 'guc_v49' of git://anongit.freedesktop.org/drm/drm-firmware into main
7eb7fda linux-firmware: Update firmware file for Intel Bluetooth AX210
5cbf459 linux-firmware: Update firmware file for Intel Bluetooth AX210
c487f7d i915: Add GuC firmware v49.0.1 for all platforms
d9ffb07 i915: Remove duplicate KBL DMC entry
b362fd4 Mellanox: Add new mlxsw_spectrum firmware xx.2008.2018
bc9cd0b linux-firmware: Update AMD SEV firmware
54c797a amdgpu: add sienna cichlid firmware for 20.45
1340e9c amdgpu: update vega20 firmware for 20.45
b260c9c amdgpu: update vega12 firmware for 20.45
d683bd5 amdgpu: update vega10 firmware for 20.45
7c81cc2 amdgpu: update renoir firmware for 20.45
3619e57 amdgpu: update navi14 firmware for 20.45
68ce0fb amdgpu: update navi12 firmware for 20.45
e889b80 amdgpu: update navi10 firmware for 20.45
f4edc15 amdgpu: update raven2 firmware for 20.45
e71210f amdgpu: update raven firmware for 20.45
[1] https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=0f0aefd733f70beae4c0246edbd2c158d5ce974c
[2] eeda8652f1/package/firmware/cypress-firmware/Makefile (L124)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit ff2bb16730)
(removed sinovoip_bananapi-m2-berry)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Add firmware and board file for Qualcomm Atheros QCA9377 802.11ac Wireless
Network Adapter (rev 31) recognized as [168c:0042].
This card supports standard 1x1 802.11ac Wave2, BT5, and MU-MIMO.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit b265649085)
Fixes:
brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6
Direct firmware load for brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module.txt failed with error -2
Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module.txt
Direct firmware load for brcm/brcmfmac43455-sdio.txt failed with error -2
Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.txt
Signed-off-by: Nian Bohung <n0404.n0404@gmail.com>
(cherry picked from commit b1db558555)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[improved commit mesage]
The following command checks if a instance of a service is running.
/etc/init.d/<service> running <instance>
In the variable `$@`, which is passed to the function
`service_running`, the first argument is always the `instance` which
should be checked. Because all other variables where removed from `$@`
with `shift`.
Before this change the first argument of `$@` was set to the `$service`
Variable. So the function does not work as expected. The `$service`
variable was always the instance which should be checked. This is not
what we want.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Reviewed-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit dd681838d3)
We were missing (not using) the last sector of each partition,
compared with the output of gparted.
Signed-off-by: Javier Marcet <javier@marcet.info>
[moved the dot]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 018ada5403)
Update ccache to 4.2.1
While compiling on Gentoo, the ccache can not be compiled due to this
error:
/openwrt/build_dir/host/ccache-4.1/unittest/../src/third_party/doctest.h:4084:47: error: size of array 'altStackMem' is not an integral constant-expression
4084 | static char altStackMem[4 * SIGSTKSZ];
| ^
This was fixed in ccache version 4.2.1 [1] by upgrading doctest [2].
[1] https://github.com/ccache/ccache/issues/825
[2] https://github.com/doctest/doctest/issues/473
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [refresh patch]
(cherry picked from commit 3ebfd0078d)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[improved commit message]
Follow the recommendations stated in the Turris Omnia DTS for eth2:
"In case SFP module is present, U-Boot has to enable the sfp node above,
remove phy-handle property, and add managed = "in-band-status" property."
The boot script is written in a way, that it works for all U-Boot
versions deployed by the vendor so far (2015.10-rc2, 2019.07).
Reviewed-by: Noci <noci@noci.work>
Reviewed-by: Justin van Steijn <jvs@fsfe.org>
Reviewed-by: Nico Rikken <nico@nicorikken.eu>
Reviewed-by: Julius Schwartzenberg <julius.schwartzenberg@gmail.com>
Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
(cherry picked from commit 23d2690e5a5410576b587bc96e2c2cf5fc693927)
Kernel 5.4 receives a reduced set, just to make the SFP cage work.
While we are at it, move the patches accepted upstream to the 0xx series.
Reviewed-by: Noci <noci@noci.work>
Reviewed-by: Justin van Steijn <jvs@fsfe.org>
Reviewed-by: Nico Rikken <nico@nicorikken.eu>
Reviewed-by: Julius Schwartzenberg <julius.schwartzenberg@gmail.com>
Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
(cherry picked from commit 8138cb8737d1475e6e8d57393500f30384e75a82)
All updated automatically.
Compile-tested on: lantiq/xrx200, armvirt/64
Runtime-tested on: lantiq/xrx200, armvirt/64
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
where to begin? the USB regulator settings were just
a part of the issue. With them changed, according to
the forum it still failed when a USB device was
connected to the port with:
dwc2 4bff80000.usbotg: dwc2_restore_global_registers: no global registers to restore
dwc2 4bff80000.usbotg: dwc2_exit_partial_power_down: failed to restore registers
dwc2 4bff80000.usbotg: exit partial_power_down failed
dwc2 4bff80000.usbotg: HC died; cleaning up
One clue was found upstream in
commit cc10ce0c51b1 ("usb: dwc2: disable power_down on Amlogic devices")
|Disable power_down by setting the parameter to
|DWC2_POWER_DOWN_PARAM_NONE. This fixes a problem on various Amlogic
|Meson SoCs where USB devices are only recognized when plugged in before
|booting Linux. A hot-plugged USB device was not detected even though the
|device got power (my USB thumb drive for example has an LED which lit
|up).
|[...]
the same method proposed there worked with APM821xx's USB IP-Core.
Link: https://forum.openwrt.org/t/wd-my-book-duo-usb/111926/2
Reported-by: thwe and takimata (openwrt forum)
Fixes: b70d3557e0 ("apm821xx: clean up gpio-hogs")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 832b9cbd74)
The workqueue based implementation has a few corner cases and typically lower
performance than the upstream one
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 01bebc070c)
The following patches were backported from upstream before and are not
needed any more:
package/kernel/mac80211/patches/ath/980-ath10k-fix-max-antenna-gain-unit.patch
package/kernel/mac80211/patches/subsys/307-mac80211-do-not-access-the-IV-when-it-was-stripped.patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
bootfs still needs more work before it's ready.
For some unknown reason model RAXE500 uses board id RAX220.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 63ba3eaccd)
It's needed to support devices with U-Boot. That bootloader passes MTD
layout using cmdline.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 21d28adbc1)
It still isn't ready though - more data needs to be added to the bootfs.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 494c033f9c)
New BCM4908 family based routers will use U-Boot bootloader. That will
require using a totally different firmware format. Kernel has to be put
in a FIT image.
OpenWrt has some helpers for generating .its files but they don't fit
BCM4908 requirements and there is no simple way of extending any of
them. The best solution seems to be storing an .its template.
BCM4908 bootfs may:
1. contain extra binaries (other than kernel & DTB)
2. include multiple DTB files
3. store device specific U-Boot configurations with custom properties
Such setups are too complex to generate using shell script. Raw .its
file on the other hand seems quire clean & reasonable.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a02c971dff)
This simplifies some operations as it doesn't have to be caculated over
and over. It will also allow adding support for more vendor formats.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 063038bcef)
List of supported formats grew over time and implementation got a bit
messy. There are multiple functions with format-specific parameters and
commands.
Refactor it by making platform_identify() setup all required info right
after detecting firmware format. This simplifies formats handling in
platform_other_check_image() and platform_do_upgrade() a lot.
This has been tested on:
1. SmartRG SR400ac (TRX): non-NAND sysupgrade
2. Netgear R8000 (CHK): NAND aware and standard sysupgrade-s
3. D-Link DIR-885L (Seama): NAND aware and standard sysupgrade-s
4. Luxul XWR-3150 (LXL): NAND aware and standard sysupgrade-s
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 80041dea70)
Both should be supported since:
1. Adding NVMEM driver for NVRAM
2. Using NVRAM info for determining active firmware partition
Linksys EA9500 uses very similar design and works fine.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 287257d676)
This includes:
1. BCM5301X changes from 5.14 and queued 5.15 stuff
2. NSP changes from 5.11 - 5.15 for kernel 5.10
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit bce00f47e5)
Port numbers were reverted.
Fixes: c459a6bf48 ("bcm53xx: add support for Luxul FullMAC WiFi devices")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 53546c3e94)
Removed upstreamed:
target/linux/mvebu/patches-5.4/001-PCI-aardvark-Wait-for-endpoint-to-be-ready-before-tr.patch
target/linux/mvebu/patches-5.4/016-PCI-aardvark-Train-link-immediately-after-enabling-t.patch
target/linux/mvebu/patches-5.4/017-PCI-aardvark-Improve-link-training.patch
target/linux/mvebu/patches-5.4/018-PCI-aardvark-Issue-PERST-via-GPIO.patch
target/linux/mvebu/patches-5.4/020-arm64-dts-marvell-armada-37xx-Set-pcie_reset_pin-to-.patch
The following patch does not apply to upstream any more and needs some
more work to make it work fully again. I am not sure if we are still
able to set the UART to a none standard baud rate.
target/linux/ath79/patches-5.4/921-serial-core-add-support-for-boot-console-with-arbitr.patch
These patches needed manually changes:
target/linux/generic/pending-5.4/110-ehci_hcd_ignore_oc.patch
target/linux/ipq806x/patches-5.4/0065-arm-override-compiler-flags.patch
target/linux/layerscape/patches-5.4/804-crypto-0016-MLKU-114-1-crypto-caam-reduce-page-0-regs-access-to-.patch
target/linux/mvebu/patches-5.4/019-PCI-aardvark-Add-PHY-support.patch
target/linux/octeontx/patches-5.4/0004-PCI-add-quirk-for-Gateworks-PLX-PEX860x-switch-with-.patch
All others updated automatically.
Compile-tested on: malta/le, armvirt/64, lantiq/xrx200
Runtime-tested on: malta/le, armvirt/64, lantiq/xrx200
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Device specifications
* SoC: QCA9563 @ 775MHz (MIPS 74Kc)
* RAM: 128MiB DDR2
* Flash: 16MiB SPI-NOR (EN25QH128)
* Wireless 2.4GHz (SoC): b/g/n, 3x3
* Wireless 5Ghz (QCA9988): a/n/ac, 4x4 MU-MIMO
* IoT Wireless 2.4GHz (QCA6006): currently unusable
* Ethernet (AR8327): 3 LAN × 1GbE, 1 WAN × 1GbE
* LEDs: Internet (blue/orange), System (blue/orange)
* Buttons: Reset
* UART: through-hole on PCB ([VCC 3.3v](RX)(GND)(TX) 115200, 8n1)
* Power: 12VDC, 1,5A
MAC addresses map (like in OEM firmware)
art@0x0 88:C3:97:*:57 wan/label
art@0x1002 88:C3:97:*:2D lan/wlan2g
art@0x5006 88:C3:97:*:2C wlan5g
Obtain SSH Access
1. Download and flash the firmware version 1.3.8 (China).
2. Login to the router web interface and get the value of `stok=` from the
URL
3. Open a new tab and go to the following URL (replace <STOK> with the stok
value gained above; line breaks are only for easier handling, please put
together all four lines into a single URL without any spaces):
http://192.168.31.1/cgi-bin/luci/;stok=<STOK>/api/misystem/set_config_iotdev
?bssid=any&user_id=any&ssid=-h%0Anvram%20set%20ssh_en%3D1%0Anvram%20commit
%0Ased%20-i%20%27s%2Fchannel%3D.%2A%2Fchannel%3D%5C%5C%22debug%5C%5C%22%2F
g%27%20%2Fetc%2Finit.d%2Fdropbear%0A%2Fetc%2Finit.d%2Fdropbear%20start%0A
4. Wait 30-60 seconds (this is the time required to generate keys for the
SSH server on the router).
Create Full Backup
1. Obtain SSH Access.
2. Create backup of all flash (on router):
dd if=/dev/mtd0 of=/tmp/ALL.backup
3. Copy backup to PC (on PC):
scp root@192.168.31.1:/tmp/ALL.backup ./
Tip: backup of the original firmware, taken three times, increases the
chances of recovery :)
Calculate The Password
* Locally using shell (replace "12345/E0QM98765" with your router's serial
number):
On Linux
printf "%s6d2df50a-250f-4a30-a5e6-d44fb0960aa0" "12345/E0QM98765" | \
md5sum - | head -c8 && echo
On macOS
printf "%s6d2df50a-250f-4a30-a5e6-d44fb0960aa0" "12345/E0QM98765" | \
md5 | head -c8
* Locally using python script (replace "12345/E0QM98765" with your
router's serial number):
wget https://raw.githubusercontent.com/eisaev/ax3600-files/master/scripts/calc_passwd.py
python3.7 -c 'from calc_passwd import calc_passwd; print(calc_passwd("12345/E0QM98765"))'
* Online
https://www.oxygen7.cn/miwifi/
Debricking (lite)
If you have a healthy bootloader, you can use recovery via TFTP using
programs like TinyPXE on Windows or dnsmasq on Linux. To switch the router
to TFTP recovery mode, hold down the reset button, connect the power
supply, and release the button after about 10 seconds. The router must be
connected directly to the PC via the LAN port.
Debricking
You will need a full dump of your flash, a CH341 programmer, and a clip
for in-circuit programming.
Install OpenWRT
1. Obtain SSH Access.
2. Create script (on router):
echo '#!/bin/sh' > /tmp/flash_fw.sh
echo >> /tmp/flash_fw.sh
echo '. /bin/boardupgrade.sh' >> /tmp/flash_fw.sh
echo >> /tmp/flash_fw.sh
echo 'board_prepare_upgrade' >> /tmp/flash_fw.sh
echo 'mtd erase rootfs_data' >> /tmp/flash_fw.sh
echo 'mtd write /tmp/openwrt.bin firmware' >> /tmp/flash_fw.sh
echo 'sleep 3' >> /tmp/flash_fw.sh
echo 'reboot' >> /tmp/flash_fw.sh
echo >> /tmp/flash_fw.sh
chmod +x /tmp/flash_fw.sh
3. Copy `openwrt-ath79-generic-xiaomi_aiot-ac2350-squashfs-sysupgrade.bin`
to the router (on PC):
scp openwrt-ath79-generic-xiaomi_aiot-ac2350-squashfs-sysupgrade.bin \
root@192.168.31.1:/tmp/openwrt.bin
4. Flash OpenWRT (on router):
/bin/ash /tmp/flash_fw.sh &
5. SSH connection will be interrupted - this is normal.
6. Wait for the indicator to turn blue.
Signed-off-by: Evgeniy Isaev <isaev.evgeniy@gmail.com>
[improve commit message formatting slightly]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6c148116f7)
Currently it is not possible to configure VLANs via LUCI on
tplink tl-mr3020-v3. This patch fixes switch topology for the
LUCI interface.
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
[copied commit message from github PR]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit e22c91e144)
Update busybox to 1.33.2, which includes only 5 commits after 1.33.1
Bug fix release. 1.33.2 has fixes for hush and ash (parsing fixes)
and unlzma (fix where we could read before beginning of buffer).
https://git.busybox.net/busybox/log/?h=1_33_2
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
71e08471ab56 mt76: eeprom: fix return code on corrected bit-flips
9a8fc6636d83 mt76: move sar_capa configuration in common code
7cdbea1dc82a mt76: only access ieee80211_hdr after mt76_insert_ccmp_hdr
678071ef7029 mt76: mt7615: clear mcu error interrupt status on mt7663
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit fc4398fe71)
a6451fea5a3d mt76: mt7615: improve wmm index allocation
1911486414dc mt76: mt7915: improve wmm index allocation
7998a41d1321 mt76: clear sta powersave flag after notifying driver
664475574438 mt76: mt7603: introduce SAR support
5c0da39c940b mt76: mt7915: introduce SAR support
77fc6c439a32 mt76: mt7603: improve reliability of tx powersave filtering
094b3d800835 firmware: update mt7663 rebb firmware to 20200904171623
25237b19bcc1 mt76: eeprom: tolerate corrected bit-flips
1463cb4c6ac2 mt76: mt7921: fix boolreturn.cocci warning
586bad6020f7 mt76: mt7921: use correct iftype data on 6GHz cap init
8ec95c910425 mt76: mt7921s: fix bus hang with wrong privilege
688e30c7d854 firmware: update mt7921 firmware to version 20211014
6fad970893dd mt76: fix key pointer overwrite in mt7921s_write_txwi/mt7663_usb_sdio_write_txwi
95acf972750c mt76: fix 802.3 RX fail by hdr_trans
3f402b0cf6c0 mt76: mt7921s: fix possible kernel crash due to invalid Rx count
929a03a8d65d mt76: connac: fix last_chan configuration in mt76_connac_mcu_rate_txpower_band
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 7e15390056)
Follow up to commit c744798cad. Managed to
hit the very same issue again while playing with the NOR SPL builds.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The board has a fixed size kernel partition but do not limit the kernel
size during image building.
Disable image building for both boards as well, since the kernel of the
last release as well as master are to big to fit into the 2 MByte kernel
partition.
Signed-off-by: Mathias Kresin <dev@kresin.me>
If authentication fails repeatedly e.g. because of a weak signal, the link
can end up in blocked state. If one of the nodes tries to establish a link
again before it is unblocked on the other side, it will block the link to
that other side. The same happens on the other side when it unblocks the
link. In that scenario, the link never recovers on its own.
To fix this, allow restarting authentication even if the link is in blocked
state, but don't initiate the attempt until the blocked period is over.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit f84053af5c)
Some drivers that do their own sequence number allocation (e.g. ath9k, mwlwifi) rely
on being able to modify params->ssn on starting tx ampdu sessions.
This was broken by a change that modified it to use sta->tid_seq[tid] instead.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit ddd977fcc5)
When a ubus event handler denies a association with a non-zero return
value, the code jumps to preceeding code, creating an endless loop until
the event handler accepts the assc request.
Move the ubus handler further up the code to avoid creating such a loop.
Signed-off-by: David Bauer <mail@david-bauer.net>
They can be added as hex digit strings via the 'vendor_elements' option
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 1818b038d7)
This makes it possible to avoid using a RADIUS server for WPA enterprise authentication
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from 98621c9782)
This allows WPA enterprise roaming in the same mobility domain without any
manual key configuration (aside from radius credentials)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 704ab6a002)
Using a pointer one lifter after it freed is not the best idea.
Let's not do that.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry-picked from commit 63c01ad025)
This implements the mapping recommendations from RFC8325, with an
update from RFC8622. This ensures that DSCP marked packets are properly
sorted into WMM classes.
The map can be disabled by setting iw_qos_map_set to something invalid
like 'none'
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit a5e3def182)
This feature is useful on its own even without full interworking support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit efff3520f4)
Both hostapd and netifd attempt to add a VLAN device to a bridge.
Depending on which one wins the race, bridge vlan settings might be incomplete,
or hostapd might run into an error and refuse to service the client.
Fix this by preventing hostapd from adding interfaces to the bridge and
instead rely entirely on netifd handling this properly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit da4be02fcd)
(cherry-picked from commit 63c01ad025)
When using htmode 'HE20' with a radio mode that uses wpa-supplicant
(like mesh or sta), it will default to 40 MHz bw if disable_ht40 is not
set. This commit fixes this behaviour.
Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
(cherry-picked from commit af83e3ce0f)
Use the VLAN interface instead of the bridge, to ensure that hostapd receives
untagged DHCP packets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 7b46377a0c)
(cherry-picked from commit f1b98fa4fa)
In setups using VLAN bridge filtering, hostapd may need to communicate using
a VLAN interface on top of the bridge, instead of using the bridge directly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 305c1b8d74)
- add functionality to configure RADIUS NAS-Id and Operator-Name
- add functionality to configure RADIUS accounting interval
- enable RADIUS "Chargeable User Identity"
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 3bd6c8c728)
Airtime policy configuration is extremely useful in multiple BSS scenarios.
Since nowadays most people configure both private and guest networks (at
least), it makes sense to enable it by default, except for the most limited
of the variants.
Size of the hostapd-basic-openssl binary (mipsel 24Kc -O2):
543944 bytes (airtime policy disabled)
548040 bytes (airtime policy enabled)
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Acked-by: Daniel Golle <daniel@makrotopia.org>
(cherry-picked from commit d38f456582)
netifd is responsible for handling that, except if the vlan bridge
was provided by the config
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit cf45caeff1)
No functional changes, just some renames to make it easier to keep mt76 in
sync with upstream
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit e62c550470)
(cherry-picked from commit a889dcd3f2)
Required for an upcoming mt76 update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 978e822db3)
(cherry-picked from commit af9d31aacc)
This is needed for an upcoming mt76 update
also sync iw nl80211 with kernel backports
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 2bfac61483)
(cherry-picked from commit 36019ed589)
Improves airtime fairness, especially for devices with larger firmware buffers
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit a5888ad6b3)
On systems using brmcfmac (e.g. Raspberry Pi Zero W) without this fix,
the final setup-call:
iw dev wlan0 ibss join ...
fails with returncode 161 and message:
"command failed: Not supported (-95)"
So this patch calls an explicit:
iw dev wlan0 set type ibss
just prior to the 'ibss join' command.
I have tested several ath9k and mt76xx devices
with different revisions: this patch does not harm.
please also apply to stable branch.
Signed-off-by: Bastian Bittorf <bb@npl.de>
(cherry-picked from commit ea5fce3f46)
In some cases, spurious failures might be cleared by teardown and retry
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 42dda0ed3e)
The channel offset used for VHT segment calculation was missing for HT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit a0d81ba0d5)
Emit the new band option instead of hwmode
Support 6 GHz band and HE options
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8504212f65)
Use it to look up frequencies only in the configured band to better deal
with channel number overlap
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8b8c1cb09b)
This increases the size of the iw_5.9-8fab0c9e-3_mips_24kc.ipk from
41166 to 41942 bytes by 776 bytes.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry-picked from commit 9df7eadcfd)
At least since gcc 7.3.0 (OpenWrt 18.06) lwr/lwl are used in the
assembly of LzmaProps_Decode. While the decission made by the compiler
looks perfect fine, it triggers some obscure hang on lantiq danube-s
v1.5 with MX29LV640EB NOR flash chips.
Only if the offset 1 is used, the hang can be observed. Using any other
offset works fine:
lwl s0,0(a1) - s0 == 0x6d000080
lwl s0,1(a1) - hangs
lwl s0,2(a1) - s0 == 0x0080xxxx
lwl s0,3(a1) - s0 == 0x80xxxxxx
It isn't clear whether it is a limitation of the flash chip, the EBU or
something else.
Force 8bit reads to prevent gcc optimizing the read with lwr/lwl
instructions.
Signed-off-by: Mathias Kresin <dev@kresin.me>
e983a25 Update regulatory rules for Ecuador (EC)
a0bcb88 wireless-regdb: Update regulatory rules for Norway (NO) on 6 and 60 GHz
cdf854d wireless-regdb: Update regulatory rules for Germany (DE) on 6GHz
86cba52 wireless-regdb: reduce bandwidth for 5730-5850 and 5850-5895 MHz in US
6fa2384 wireless-regdb: remove PTMP-ONLY from 5850-5895 MHz for US
9839e1e wireless-regdb: recent FCC report and order allows 5850-5895 immediately
42dfaf4 wireless-regdb: update 5725-5850 MHz rule for GB
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit dbb4c47798)
Per FHS 3.0, /var/lock is the location for lock files [1].
However its current permissions (755) are too restrictive
for use by unprivileged processes.
Debian and Ubuntu set them to 1777, and now so do we.
[1] <https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#varlockLockFiles>
Signed-off-by: Deomid Ryabkov <rojer@rojer.me>
[fixed typo in commit message, had to remove "rojer" due to git hooks]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 430f691943)
This enables building of rpcapd and adds it as a package.
It is a daemon that allows remote packet capturing from another machine.
E.g. Wireshark can talk to it using the Remote Capture Protocol (RPCAP).
https://www.tcpdump.org/manpages/rpcapd.8.html
Compile and run tested:
OpenWrt 21.02.0-rc4 r16256-2d5ee43dc6 on x86/64 and mvebu/cortexa9
Signed-off-by: Stephan Schmidtmer <hurz@gmx.org>
(cherry picked from commit 891c8676a1)
OpenWrt's special gpio-button-hotplug driver is still using
exclusively the legacy GPIO Subsystem gpio_ API.
While it still does work fine for most devices, upstream
linux is starting to convert platform support like that of
the APU2/3/4 to the new GPIOD LOOKUP tables that are not
supported by it.
Hence, this patch replaces the gpio_ calls present in
gpio-button-hotplug with gpiod_ equivalent wherever
it's possible. This allows the driver to use the
gpiod lookup tables and still have a fallback for
legacy platform data code that just sets button->gpio
set to the real button/switch GPIO.
As a bonus: the active_low logic is now being handled
by the linux's gpio subsystem too. Another issue that
was address is the of_handle leak in the dt parser
error path.
Tested with legacy platform data: x86_64: APU2, MX-100
Tested on OF: ATH79; MR18, APM821xx: Netgear WNDR4700,
RAMIPS: WL-330N3G
LANTIQ: AVM FritzBox 7360v1
Reported-by: Chris Blake <chrisrblake93@gmail.com>
Tested-by: Chris Blake <chrisrblake93@gmail.com>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 2b0378cf9f)
Allow RAM size to be passed thru U-Boot. There are 128MB and 64MB
versions of Minew G1-C. This is also in line with the behaviour of
most other RAMIPS boards.
Signed-off-by: Bruno Randolf <br1@einfach.org>
When doing parallel build on a fast machine with bottleneck in i/o,
m_xt.so may start linking faster than dynsyms.list gets populated,
resulting in error:
ld:dynsyms.list:0: syntax error in dynamic list
Fix this by adding dynsyms.list as make dependency to m_xt.so
Described also here:
https://bugs.openwrt.org/index.php?do=details&task_id=3353
Change from v1:
- add dynsysms.list dependancy only when shared libs are enabled
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Fixes: FS#3353
(cherry-picked from commit edd53df168)
This resolves incosnsitencies of the configured RX / TX flow control
modes between different boards or bootloaders.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4d81f08771)
fixing linking error when --enable-devcrypto=yes
fixes: 7d92bb0509 wolfssl: update to 4.8.1-stable
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit be3e260f92)
It's the default anyway and this just looks confusing, as if it wasn't.
Switch to AUTORELEASE while at it.
The binary size is unchanged.
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 7cb5af30f4)
This gates out anything that might introduce semantically frivolous jitter,
maximizing chance of identical object files.
The binary size shrinks by 8kb:
1244352 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit c76300707e)
This patch removes CONFIG_MTD_SPI_NOR_USE_4K_SECTORS from the default
symbols for the ath79/mikrotik target.
MikroTik devices hold some of their user-configurable settings in the
soft_config partition, which is typically sized 4 KiB, of the SPI NOR
flash memory. Previously, in the ar71xx target, it was possible to use
64 KiB erase sectors but also smaller 4 KiB ones when needed. This is
no longer the case in ath79 with newer kernels so, to be able to write
to these 4 KiB small partitions without erasing 60 KiB around, the
CONFIG_MTD_SPI_NOR_USE_4K_SECTORS symbol was added to the defaults.
However, this ended up making sysupgrade images which were built with
64 KiB size blocks not to keep settings (e.g., the files under
/etc/config/) over the flashing process.
Using 4 KiB erase sector size on the sysupgrade images (by setting
BLOCKSIZE = 4k) allows keeping settings over a flashing process, but
renders the process terribly slow, possibly causing a user to
mistakenly force a manual device reboot while the process is still on-
going. Instead, ditching the 4 KiB erase sectors for the default
64 KiB erase size provides normal SPI write speed and sysupgrade times,
at the expense of not being able to modify the soft_config partition
(which is rarely a required thing).
An OpenWrt patch for MTD_SPI_NOR_USE_4K_SECTORS_LIMIT may once have
allowed to use different per-partition erase sector sizes. Due to
changes on recent kernels it now only works on a per-device basis.
Also, partial eraseblock write can be performed in ath79 with kernels
5.4 and lower, by copying the blocks from the 64 KiB, erasing the whole
sector and restoring those blocks not meant to be modified. A kernel
bump had that patch broken for a long time, but got fixed in bf2870c.
Note: the settings in the soft_config partition can be reset to their
defaults by holding the reset button for 5 seconds (and less than 10
seconds) at device boot.
Fixes: FS#3492 (sysupgrade […] loses settings...)
Fixes: a66eee6336 (ath79: add mikrotik subtarget)
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit 68d91f08ed)
Changes from 4.7.0:
Fix one high (OCSP verification issue) and two low vulnerabilities
Improve compatibility layer
Other improvements and fixes
For detailed changes refer to https://github.com/wolfSSL/wolfssl/releases
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit 7d92bb0509)
[Added patch to allow compilation with libtool 2.4]
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Backport upstream patch to fix build with GCC 10 on 32 x86 targets.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 718a4f4780)
This fixes a kernel build problem.
The removed parts of the patch are already applied upstream.
Fixes: b4ed8a9275 ("kernel: bump 5.4 to 5.4.154")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9501ce909f)
They're preferred terminal descriptions for tmux, with additional support to
some special characters and italic fonts. More info can be found at:
https://github.com/tmux/tmux/wiki/FAQ
Fixes: FS#3404
Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
(cherry picked from commit 917126ff4c)
The terminfo is required by the popular terminal multiplexer screen and
tmux, offer it by default as the size impact is minimal with 885 Bytes.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 6a6b5a677e)
The terminfo files were all in one row which is terrible to read.
Split them over multiple lines to improve readability.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 75ea474b90)
Add in a fix for 160Mhz dfs on 5.10 and higher.
Add support for 5.13 and 5.15 kernels.
Add of_get_mac_address support for 5.15 driver.
Signed-off-by: Andrew Robbins <andrew@robbinsa.me>
(cherry picked from commit 1d2bc94f78)
"Alternate certification chains, as oppossed to requiring full chain
validataion. Certificate validation behavior is relaxed, similar to
openssl and browsers. Only the peer certificate must validate to a trusted
certificate. Without this, all certificates sent by a peer must be
used in the trust chain or the connection will be rejected."
This fixes e.g. uclient-fetch and curl connecting to servers using a Let's
Encrypt certificate which are cross-signed by the now expired
DST Root CA X3, see [0].
This is the recommended solution from upstream [1].
The binary size increases by ~12.3kb:
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1248704 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
[0] https://github.com/openwrt/packages/issues/16674
[1] https://github.com/wolfSSL/wolfssl/issues/4443#issuecomment-934926793
Signed-off-by: Andre Heider <a.heider@gmail.com>
[bump PKG_RELEASE]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 28d8e6a871)
1. Add support for Marvell CN9130 SoC
2. Add support for CP115,and create an armada-cp11x.dtsi file which will be used to instantiate both CP110 and CP115
3. Add support for AP807/AP807-quad,AP807 is a major component of CN9130 SoC series
4. Drop PCIe I/O ranges from CP11x file and externalize PCIe macros from CP11x file
Signed-off-by: Ian Chang <ianchang@ieiworld.com>
(cherry picked from commit c98ddf0f01)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
While the binary `python3.10` is correctly detected by the build system
the default `python3` binary is currently not detected if pointing to a
Python 3.10 installation.
Fix this by extending the grep regex.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 56ea2bf2ee)
Modifying PHY capabilities in the probe function broke with upstream
commit 92ed2eb7f4b7 ("net: phy: probe the PHY before determining the
supported features").
AR8316 switches only support 10/100 Mbit/s link modes because of this
change.
Provide a get_features method for the PHY driver, so Gigabit link mode
will be advertised to link partners again.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 766e0f584a)
Fedora 35 contains Python 3.10 as default version. Make use of it.
Signed-off-by: Marcin Juszkiewicz <marcin@juszkiewicz.com.pl>
[fix commit subject]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit e1c03ca185)
Fix Fedora 34/35 issue where 'which' detection of 'which' wasn't working
because Fedora use alias and proc
Fixup of fca5ad55d2 prereq-build: fix `which` detection on Fedora
Reported-by: Jani Partanen <rtfm@iki.fi>
Suggest-by: Etienne Champetier <champetier.etienne@gmail.com>
Tested-by: Georgi Valkov <gvalkov@abv.bg>
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 0d1ebf0d6d)
Make the organization (O=) of the cert configurable via uci. If not
configured, use a combination of "OpenWrt" and an unique id like it was
done before.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit 2c6c1501af)
The official Plasma Cloud firmware adjusted the BDFs to contain new
conformance test limits and target power values. These should be imported
to avoid emissions outside the allowed limits.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit e0721608f9)
In hostapd_ubus_add_bss(), ubus objects are not registered for mesh
interfaces. This provokes a segfault when accessing the ubus object in
mesh deinit.
This commit adds the same condition to hostapd_ubus_free_bss() for
discarding those mesh interfaces.
Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
(cherry picked from commit 5269c47e8d)
The rockchip platform supports squashfs SD card images. However, the
resulting image is not padded to completely fill the rootfs partition.
Because of that, the f2fs overlay might not be erased, resulting in
uci-defaults not bing executed or the configuration not being erased,
even though drop config was selected.
Modify the image generation process so the image is padded to cover the
entire root filesystem partition.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit b56f7407d9)
Takimata reported on the OpenWrt forum in thread [0], that his
MyBook Live Duo wasn't booting OpenWrt 21.02 after upgrading
from the previous OpenWrt 19.07.
The last logged entries on his console
|[ 0.531599] sata1-regulator GPIO handle specifies active low - ignored
|[ 0.538391] sata0-regulator GPIO handle specifies active low - ignored
|[ 0.759791] ata2: SATA link down (SStatus 0 SControl 300)
|[ 0.765251] ata1: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
|[ 5.909555] ata1.00: qc timeout (cmd 0xec)
|[ 5.913656] ata1.00: failed to IDENTIFY (I/O error, err_mask=0x4)
|[ 6.231757] ata1: SATA link down (SStatus 0 SControl 300)
This extract clearly showed that the HDD on which OpenWrt is installed,
simply disappeared after the SATA power regulators had been initialized.
Since the device-tree regulators haven't changed since the OpenWrt 19.07
days this will require further investigation on the snapshot/master/trunk
branch.
For the time being, it was requested to just delete the nodes so,
the device will boot again. Which unfortunately, will have to wait
until 21.02.1 is released.
He also confirmed that the My Book Live Single wasn't affected.
It works with or without this change.
[0] <https://forum.openwrt.org/t/21-02-0-and-snapshot-fail-to-boot-on-my-book-live-duo/106585>
Reported-by: Takimata (forum.openwrt.org/u/takimata)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The minew g1-c is a smart home gateway / BLE gateway.
A Nordic nRF52832 is available via USB UART (cp210x) to support BLE.
The LED ring is a ring of 24x ws2812b connect to a generic GPIO (unsupported).
There is a small LED which is only visible when the device is open which
will be used as LED until the ws2812b is supported.
The board has also a micro sdcard/tfcard slot (untested).
The Nordic nRF52832 exposes SWD over a 5pin header (GND, VCC, SWD, SWC, RST).
The vendor uses an older OpenWrt version, sysupgrade can be used via
serial or ssh.
CPU: MT7628AN / 580MHz
RAM: DDR2 128 MiB RAM
Flash: SPI NOR 16 MiB W25Q128
Ethernet: 1x 100 mbit (Port 0) (PoE in)
USB: USB hub, 2x external, 1x internal to USB UART
Power: via micro usb or PoE 802.11af
UART: 3.3V, 115200 8n1
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
The board data file for the Plasma Cloud PA2200 is not part of the default
board-2.bin which is shipped by ath10k-board-qca4019. A typo in the device
package name resulted in a not correctly selected package for the device
specific board-2.bin. The wifi driver has therefore loaded the wrong
calibration information into the wifi chip.
Fixes: 4871fd2616 ("ipq40xx: add support for Plasma Cloud PA2200")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit c7e9335e4c)
The board data file for the Plasma Cloud PA1200 is not part of the default
board-2.bin which is shipped by ath10k-board-qca4019. A typo in the device
package name resulted in a not correctly selected package for the device
specific board-2.bin. The wifi driver has therefore loaded the wrong
calibration information into the wifi chip.
Fixes: ea5bb6bbfe ("ipq40xx: add support for Plasma Cloud PA1200")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit d0ffc17535)
The board data file for the EnGenius EMR3500 is not part of the default
board-2.bin which is shipped by ath10k-board-qca4019. As result, the wrong
calibration information will be loaded into the wifi chip.
Fixes: 3f61e5e1b9 ("ipq40xx: add support for EnGenius EMR3500")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit 14bd392a1c)
The board data file for the EnGenius EMD1 is not part of the default
board-2.bin which is shipped by ath10k-board-qca4019. As result, the wrong
calibration information will be loaded into the wifi chip.
Fixes: 51f3035978 ("ipq40xx: add support for EnGenius EMD1")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit d9f4a4280e)
This patch fixes the forwarding behavior of bridge in bridge
configurations with DSA.
Without it, the configuration of the upper bridge might overwrite
settings of the lower bridge. For example, a vlan-aware bridge
with DSA interfaces in it might be offloaded to the DSA hardware. If the
bridge interface itself gets slave of a different bridge without vlan
filtering, the vlan filtering setting of the lower bridge is overwritten
by the upper bridge, which results in an incorrect hardware
configuration.
This was backported from kernel 5.7.
Ref: https://lore.kernel.org/netdev/20191222192235.GK25745@shell.armlinux.org.uk/
Fixes: FS#3996
Signed-off-by: Fabian Bläse <fabian@blaese.de>
(cherry picked from commit c50ece58c4)
These options are selectable when some of the kernel debug options like
KERNEL_SOFTLOCKUP_DETECTOR are selected.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1a3b3dc797)
The LOCKUP_DETECTOR configuration option split into the
SOFTLOCKUP_DETECTOR and HARDLOCKUP_DETECTOR configuration option some
time ago. The HARDLOCKUP_DETECTOR option is only working on some
architectures, but SOFTLOCKUP_DETECTOR should work everywhere. Replace
KERNEL_LOCKUP_DETECTOR with KERNEL_SOFTLOCKUP_DETECTOR.
LOCKUP_DETECTOR will be selected by SOFTLOCKUP_DETECTOR automatically.
Fixes: b951f53fba ("build: Add additional kernel debug options")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d27f6e2c5d)
At this moment kernel partition in Linksyses EA3500/E4200/EA4500 is
ended before start of rootfs partition. It was introduced in 9808b9ae02
and it broke easy revert to stock. Sysupgrade, when OFW is used, write
whole stock image to kernel partition. Most likeley image will be bigger
than small kernel partition and it make stock system invalid.
This patch change size of kernel partitions and now it overlaps rootfs.
Revert to stock will be possible again.
Fixes: 9808b9ae02 ("kirkwood: switch to kernel 4.9")
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
This patch has been carried since introduction throughout every kernel
major bump and no one has tested if the later kernels improved the
situation. The Armada 3720 SoC can only process GbE interrupts on Core 0
and this is already limited in all stable kernels, so ditch this
workaround for 64 bit SoCs.
Ref: https://git.kernel.org/torvalds/c/cf9bf871280d
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(cherry picked from commit cbdd2b62e4)
The Onion Omega is a hardware development platform with built-in WiFi.
https://onioniot.github.io/wiki/
Specifications:
- QCA9331 @ 400 MHz (MIPS 24Kc Big-Endian Processor)
- 64MB of DDR2 RAM running at 400 MHz
- 16MB of on-board flash storage
- Support for USB 2.0
- Support for Ethernet at 100 Mbps
- 802.11b/g/n WiFi at 150 Mbps
- 18 digital GPIOs
- A single Serial UART
- Support for SPI
- Support for I2S
Flash instructions:
The device is running OpenWrt upon release using the ar71xx target.
Both a sysupgrade
and uploading the factory image using u-boots web-UI do work fine.
Depending on the ssh client, it might be necessary to enable outdated
KeyExchange methods e.g. in the clients ssh-config:
Host 192.168.1.1
KexAlgorithms +diffie-hellman-group1-sha1
The stock credentials are: root onioneer
For u-boots web-UI manually configure `192.168.1.2/24` on your computer,
connect to `192.168.1.1`.
MAC addresses as verified by OEM firmware:
2G phy0 label
LAN eth0 label - 1
LAN is only available in combination with an optional expansion dock.
Based on vendor acked commit:
commit 5cd49bb067 ("ar71xx: add support for Onion Omega")
Partly reverts:
commit fc553c7e4c ("ath79: drop unused/incomplete dts")
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit d98738b5c1)
This version fixes two vulnerabilities:
- SM2 Decryption Buffer Overflow (CVE-2021-3711)
Severity: High
- Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
Severity: Medium
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7119fd32d3)
Backport a patch from upstream U-Boot to fix the compile with host GCC 10.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8d143784cb)
Backport a patch from upstream U-Boot to fix the compile with host GCC 10.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a1034afba8)
The bootloader will look for a configuration section named ap.dk01.1-c2
in the FIT image. If this doesn't exist, the device won't boot.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit a43da1be43)
A missing quote in target/linux/ath79/patches-5.x/920-mikrotik-rb4xx.patch
produces:
...
scripts/kconfig/conf --syncconfig Kconfig
drivers/mfd/Kconfig:2016:warning: multi-line strings not supported
...
This patch adds missing closing quote, fixing the above warning.
Signed-off-by: Paul Blazejowski <paulb@blazebox.homeip.net>
(cherry picked from commit f7374bce00)
Installing headers and static libraries to the target system seems
to be not required for most use cases, so let's factor them
out into a dedicated -dev package.
This cuts down to disk usage to around 50% of the original
package to ~ 2MB - not that disk space is an issue normally,
but when using inside an initramfs only project, it counts.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
When having two keys that start with the same characters and the second
key just has one character more nand_tffs_read and tffs_read return the
wrong value for the longer key. This is due to the usage of strncmp in
combination with the length of the shorter key which is usually first in
the list before the longer key and when strncmp matches, the search is
stopped. The problem only occurs when the length of the two keys is
different, not if just the last character is different. The fix is to
use strcmp and as such it will only return the value if the key (name)
and the key to look for (namefilter) have the same value and length. A
sample case returning wrong values is when keys macwlan and macwlan2 are
defined and querying macwlan2 returns the value for macwlan.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
(cherry picked from commit 12564c5b86)
Based on the discussion on the mailing list [1], the patch which was
reverted, it reverts only one patch without the subsequent ones.
This leads to the SoC scaling issue not using a CPU parent clock, but
it uses DDR clock. This is done for all variants, and it's wrong because
commits (hacks) that were using the DDR clock are no longer in the mainline kernel.
If someone has stability issues on 1.2 GHz, it should not affect all
routers (1 GHz, 800 MHz) and it should be rather consulted with guys, who are trying to
improve the situation in the kernel and not making the situation worse.
There are two solutions in cases of instability:
a) disable cpufreq
b) underclock it up to 1 GHz
This reverts commit 080a0b74e3.
[1] https://lists.openwrt.org/pipermail/openwrt-devel/2021-June/035702.html
CC: Pali Rohár <pali@kernel.org>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 7b868fe04a)
EXTRA_MOUNT variable should be reset in dnsmasq_start() rather than
just once at the beginning of the script.
Fixes: ac4e8aa2f8 ("dnsmasq: fix more dnsmasq jail issues")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ddc8d085f3)
* remove superflus mounts of /dev/null and /dev/urandom
* reset EXTRA_MOUNTS at the beginning of the script
* add mount according to ignore_hosts_dir
* don't add mount for file which is inside a directory already in the
EXTRA_MOUNTS list
Fixes: 59c63224e1 ("dnsmasq: rework jail mounts")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ac4e8aa2f8)
* split into multiple lines to improve readability
* use EXTRA_MOUNT for addnhosts instead of blindly adding /tmp/hosts
* remove no longer needed mount for /sbin/hotplug-call
* add dhcp-script.sh dependencies (jshn, ubus)
Fixes: 3a94c2ca5c ("dnsmasq: add /tmp/hosts/ to jail_mount")
Fixes: aed95c4cb8 ("dnsmasq: switch to ubus-based hotplug call")
Reported-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 59c63224e1)
'--local' is a synonym for '--server' so let's use '--local' in the
resultant config file for uci's 'local' instead of uci's local
parameter being turned into '--server'. Slightly less confusion all
round.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit e4cfefa9fc)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
When running multiple instances of dnsmasq, for example one being for the lan
and another for a guest network, it might not be desirable to have the same dns names
configured in both networks
Signed-off-by: João Henriques <joaoh88@gmail.com>
(cherry picked from commit e8a5670122)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The LEDs for LAN1 and LAN3 were swapped. Link on port 1 would illuminate
the LED on port 3 and vice versa.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f0a885ed86)
Without explicit configuration of these pins the ethernet as well as
status LED of the device do not work correctly.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4feb9a4211)
Specifications:
* QCA9531, 16 MiB flash (Winbond W25Q128JVSQ), 128 MiB RAM
* 802.11n 2T2R (external antennas)
* QCA9887, 802.11ac 1T1R (connected with diplexer to one of the antennas)
* 3x 10/100 LAN, 1x 10/100 WAN
* UART header with pinout printed on PCB
Installation:
* The device comes with a bootloader installed only
* The bootloader offers DHCP and is reachable at http://10.123.123.1
* Accept the agreement and flash sysupgrade.bin
* Use Firefox if flashing does not work
TFTP recovery with static IP:
* Rename sysupgrade.bin to jt-or750i_firmware.bin
* Offer it via TFTP server at 192.168.0.66
* Keep the reset button pressed for 4 seconds after connecting power
TFTP recovery with dynamic IP:
* Rename sysupgrade.bin to jt-or750i_firmware.bin
* Offer it via TFTP server with a DHCP server running at the same address
* Keep the reset button pressed for 6 seconds after connecting power
Co-authored-by: Sebastian Schaper <openwrt@sebastianschaper.net>
Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
(cherry picked from commit 55b4b36552)
85f01c44a950 bridge: check bridge port vlan membership on link-up events
17e453bd68b4 wireless: add back regular virtual interfaces on hotplug-add events as well
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 2801fe6132)
b5711025bc x86_64: Remove unneeded static PIE check for undefined weak diagnostic
edfd11197e wordexp: handle overflow in positional parameter number (bug 28011)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 9d2dcc8312)
58b90461ae elf: Use _dl_catch_error from base namespace in dl-libc.c [BZ #27646]
8c06748c51 Fix use of __pthread_attr_copy in mq_notify (bug 27896)
4b6be914bd Use __pthread_attr_copy in mq_notify (bug 27896)
f4cba6ca1e dlfcn: Failures after dlmopen should not terminate process [BZ #15271]
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit f033d5ad1c)
Currently, when using multiple dnsmasq instances they are all assigned
to the same Ubus instance name. This does not work, as only a single
instance can register with Ubus at a time. In the log, this leads to
`Cannot add object to UBus: Invalid argument` error messages.
Furthermore, upstream 3c93e8eb41952a9c91699386132d6fe83050e9be changes
behaviour so that instead of the log, dnsmasq exits at start instead.
With this patch, all dnsmasq instances are assigned unique names so that
they can register with Ubus concurrently. One of the enabled instances
is always assigned the previous default name "dnsmasq" to avoid breaking
backwards compatibility with other software relying on that default.
Previously, a random instance got assigned that name (while the others
produced error logs). Now, the first unnamed dnsmasq config section is
assigned the default name. If there are no unnamed dnsmasq sections the
first encountered named dnsmasq config section is assigned instead.
A similar issue exists for Dbus and was similarly addressed.
Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
[tweaked commit message] dnsmasq was not crashing it is exiting
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit ba5bd8e556)
Programs like the olsr-name-plugin write hostname files to "/tmp/hosts/".
If you don't add this to the jail_mount, dnsmasq can't read it anymore.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 3a94c2ca5c)
When the AVM FRITZ!Repeater 1200 was introduced on Kernel 4.19, the
at803x PHY driver incorrectly set up the delays, not disabling delays
set by the bootloader.
The PHY was always operating with RX as well as TX delays enabled, but
with kernel 5.4 and later, the required TX delay is disabled, breaking
ethernet operation.
Correct the PHY mode, so the driver enables both delays.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f9d1828105)
61a71e5e49c3 bridge: dynamically create vlans for hotplug members
cb6ee9608e10 bridge: fix dynamic delete of hotplug vlans
7f199050f395 wireless: pass the real network ifname to the setup script
50381d0a2998 bridge: allow adding/removing VLANs to configured member ports via hotplug
f12b073c0cc3 wireless: add some comments to functions
b0d090688302 bridge: fix setting pvid for updated vlans
ff3764ce28e0 device: move hotplug handling logic from system-linux.c to device.c
16bff892f415 ubus: add a dummy mode ubus call to simulate hotplug events
7f30b02013f2 examples: make dummy wireless vif names shorter
013a1171e9b0 device: do not treat devices with non-digit characters after . as vlan devices
f037b082923a wireless: handle WDS per-sta devices
db0fa24e1c17 bridge: fix enabling hotplug-added VLANs on the bridge port
4e92ea74273f bridge: bring up pre-existing vlans on hotplug as well
1f283c654aeb bridge: fix hotplug vlan overwrite on big-endian systems
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 1236cbe30c)
Backport upstream patch a0a0e02 ("iwinfo: rename hardware.txt to devices.txt")
and split devices.txt (former hardware.txt) into a common libiwinfo-data
package to allow different libiwinfo versions to coexist without file
clashes.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit c13d7c82aa)
The ABIV_$(pkgname) variable already is formatted so return it as-is from
the GetABISuffix macro and only filter through FormatABISuffix if we read
the raw ABI version value from a version stamp file.
This ensures that binary intra-package dependencies on ABI versioned
libraries are properly formatted.
Ref: https://github.com/openwrt/packages/issues/15871
Fixes: f6a03bff5b ("build: prepend ABI suffixes with a dash if package name ends with digit")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit fbb9b1f8ed)
Ensure that ABI suffixes are separated with a dash from the package name if
the name happens to end with a digit. This implementation detail got lost
during the recent refactoring of the ABI_VERSION handling in buildroot.
Ref: https://github.com/openwrt/packages/pull/14237#issuecomment-860473585
Fixes: c921650382 ("build: drop ABI version from metadata")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit f6a03bff5b)
Looks like the symbol was forgotten for 5.4
Fixes: 820e660cd7 ("ath79: add NAND driver for MikroTik RB91xG series")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 52c27dab1973d523453fc1e319d8636e1cb10927)
Analysis done by Denis Kalashnikov:
It seems that some ROS versions on some routerboard models have this bug:
after silence boot (no output to uart, no beeps) beeper clicks when wireless traffic is.
https://forum.mikrotik.com/viewtopic.php?f=3&t=92269https://forum.mikrotik.com/viewtopic.php?t=63399
From these links:
1)
Hello, I have RB951G-2HnD and I noticed strange thing
when I loaded the device with some wireless traffic it
produced strange sound - like hissing, fizzing etc.
2)
Same problem still on 6.33, with silent boot enabled
I hear buzzing noise on wireless load.
3)
The sound is fixed in v5.19, it was a bug that caused beeper to make clicks.
It also got fixed in RouterOS:
* What's new in 5.19 (2012-Jul-16 10:51):
fix ticking sound on RB411UAHL;
* What's new in 6.38.3 (2017-Feb-07 09:52):
rb3011 - fixed noise from buzzer after silent boot;
I've checked with an oscilloscope that:
* When on the ssr beeper pin is 0,
on the beeper itself is 1 (~5V),
and when on the ssr beeper pin is 1,
on the beeper is 0
The beeper doesn't consume power,
so 1 should be a default/idle value for the ssr beeper pin).
* When there is wireless traffic (ping packets)
in the background and the beeper clicks, I see
pulses on the beeper itself,
but no pulses on the ssr beeper pin (Q5 pin of 74hc595).
When I manually toggle the ssr beeper pin I see pulses on both.
So, it is likely that the phantom beeper clicks are caused by the EMI.
Suggested-by: Denis Kalashnikov <denis281089@gmail.com>
Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit a58bcc9e67)
Currently, the option to disable subpage writing is only set
when a HW ECC engine is used.
Some boards lack a HW ECC engine and use software for that.
In this case, this NAND option does not get set when the NAND chip
does not support it, resulting in mounting errors.
Move the setting of this option to a generic init location so it
gets set for all types where required.
While at it, also OR the option instead of just setting it
so we don't overwrite potential flags being set somewhere else.
Before:
[ 1.681273] UBI: auto-attach mtd2
[ 1.684669] ubi0: attaching mtd2
[ 1.688877] ubi0 error: validate_ec_hdr: bad VID header offset 2048, expected 512
[ 1.696469] ubi0 error: validate_ec_hdr: bad EC header
[ 1.701712] Erase counter header dump:
[ 1.705512] magic 0x55424923
[ 1.709322] version 1
[ 1.712330] ec 1
[ 1.715331] vid_hdr_offset 2048
[ 1.718610] data_offset 4096
[ 1.721880] image_seq 1462320675
[ 1.725680] hdr_crc 0x12255a15
After:
1.680917] UBI: auto-attach mtd2
[ 1.684308] ubi0: attaching mtd2
[ 2.954504] random: crng init done
[ 3.142813] ubi0: scanning is finished
[ 3.163455] ubi0: attached mtd2 (name "ubi", size 124 MiB)
[ 3.169069] ubi0: PEB size: 131072 bytes (128 KiB), LEB size: 126976 bytes
[ 3.176037] ubi0: min./max. I/O unit sizes: 2048/2048, sub-page size 2048
[ 3.182942] ubi0: VID header offset: 2048 (aligned 2048), data offset: 4096
[ 3.190013] ubi0: good PEBs: 992, bad PEBs: 0, corrupted PEBs: 0
[ 3.196102] ubi0: user volume: 3, internal volumes: 1, max. volumes count: 128
[ 3.203434] ubi0: max/mean erase counter: 2/0, WL threshold: 4096, image sequence number: 1462320675
[ 3.212700] ubi0: available PEBs: 0, total reserved PEBs: 992, PEBs reserved for bad PEB handling: 20
[ 3.222124] ubi0: background thread "ubi_bgt0d" started, PID 317
[ 3.230246] block ubiblock0_1: created from ubi0:1(rootfs)
[ 3.235819] ubiblock: device ubiblock0_1 (rootfs) set to be root filesystem
[ 3.256830] VFS: Mounted root (squashfs filesystem) readonly on device 254:0.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry-picked from commit 6561ca1fa5)
This board has been supported in the ar71xx.
Links:
* https://mikrotik.com/product/RB912UAG-2HPnD
* https://openwrt.org/toh/hwdata/mikrotik/mikrotik_rb912uag-2hpnd
This also supports the 5GHz flavour of the board.
Hardware:
* SoC: Atheros AR9342,
* RAM: DDR 64MB,
* SPI NOR: 64KB,
* NAND: 128MB,
* Ethernet: x1 10/100/1000 port with passive POE in,
* Wi-Fi: 802.11 b/g/n,
* PCIe,
* USB: 2.0 EHCI controller, connected to mPCIe slot and a Type-A
port -- both can be used for LTE modem, but only one can be
used at any time.
* LEDs: 5 general purpose LEDs (led1..led5), power LED, user LED,
Ethernet phy LED,
* Button,
* Beeper.
Not working:
* Button: it shares gpio line 15 with NAND ALE and NAND IO7,
and current drivers doesn't easily support this configuration,
* Beeper: it is connected to bit 5 of a serial shift register
(tested with sysfs led trigger timer). But kmod-gpio-beeper
doesn't work -- we left this as is for now.
Flashing:
* Use the RouterBOARD Reset button to enable TFTP netboot,
boot kernel and initramfs and then perform sysupgrade.
* From ar71xx OpenWrt firmware run:
$ sysupgrade -F /tmp/<sysupgrade.bin>
For more info see: https://openwrt.org/toh/mikrotik/common.
Co-Developed-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Denis Kalashnikov <denis281089@gmail.com>
(cherry-picked from commit 695a1cd53c)
Main part is copied from ar71xx original driver rb91x_nand
written by Gabor Juhos <juhosg@openwrt.org>.
What is done:
* Support of kernel 5.4 and 5.10,
* DTS support,
* New gpio API (gpiod_*) support.
Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Denis Kalashnikov <denis281089@gmail.com>
(cherry-picked from commit 820e660cd7)
This is a slighty modified version of ar71xx gpio-latch driver
written by Gabor Juhos <juhosg@openwrt.org>.
Changes:
* DTS support,
* New gpio API (gpiod_*).
Reviewed-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Signed-off-by: Denis Kalashnikov <denis281089@gmail.com>
(cherry-picked from commit 7b8931678c)
In the aftermath of the KRACK attacks, hostapd gained an AP-side workaround
against WNM-Sleep Mode GTK/IGTK reinstallation attacks. WNM Sleep Mode is not
enabled by default on OpenWrt, but it is configurable through the option
wnm_sleep_mode. Thus, make the AP-side workaround configurable as well by
exposing the option wnm_sleep_mode_no_keys. If you use the option
wpa_disable_eapol_key_retries and have wnm_sleep_mode enabled, you might
consider using this workaround.
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
[bump PKG_RELEASE]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit bf98faaac8)
The country3 option in hostapd.conf allows the third octet of the country
string to be set. It can be used e.g. to indicate indoor or outdoor use (see
hostapd.conf for further details). Make this option configurable but optional
in OpenWrt.
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
[bump PKG_RELEASE, rebase]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 9f09c1936a)
Signed-off-by: Paul Spooren <mail@aparcar.org>
When the ltq_deu_vr9 kernel module is loaded, hostapd does not start any
more. It fails with this error message:
daemon.err hostapd: nl80211: kernel reports: key addition failed
daemon.err hostapd: Interface initialization failed
OpenWrt uses the standard Linux crypto API in the wifi drivers now
and this probably makes the system offload more crypto operations to
special hardware like the Lantiq DEU. There is probably a bug in the DEU
and these operations fail and then hostapd does not start the interface.
Do not include the Lantiq DEU by default any more.
Fixes: FS#3901
Fixes: 53b6783907 ("mac80211: remove patches stripping down crypto support")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Tested-by: Notupus <notpp46@gmail.com>
(cherry-picked from commit 964863bb23)
Drop support for building the obsolete broadcom-wl backend and always
forcibly enable the nl82011 support. This allows us to make the package
shared again since no target specific compilation is happening anymore.
This will solve various repository coherency issues related to unavailable
libiwinfo versions in the long run.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5a1065758b)
This partially reverts changes done in commit 72cc44958e ("treewide:
mark selected packages nonshared") as it removes the nonshared flag, but
keeps the PKG_RELEASE as the PKG_RELEASE bump while adding nonshared
flag was incorrect.
Unmark uci, ubus, libubox, lua, libnl-tiny and libjson-c as nonshared
packages as this fix attempt didn't worked out. Currently the
imagebuilder is broken again:
openwrt-imagebuilder-21.02.0-rc3-ipq40xx-generic.Linux-x86_64$ make image PROFILE=avm_fritzbox-7530 PACKAGES=luci-ssl-openssl
...
Collected errors:
* pkg_hash_check_unresolved: cannot find dependency libiwinfo20210430 for luci-mod-status
* pkg_hash_fetch_best_installation_candidate: Packages for luci-mod-status found, but incompatible with the architectures configured
* pkg_hash_check_unresolved: cannot find dependency libiwinfo20210430 for rpcd-mod-iwinfo
* pkg_hash_fetch_best_installation_candidate: Packages for rpcd-mod-iwinfo found, but incompatible with the architectures configured
* satisfy_dependencies_for: Cannot satisfy the following dependencies for luci-ssl-openssl:
* libiwinfo20210430
* opkg_install_cmd: Cannot install package luci-ssl-openssl.
Everything because iwinfo's ABI was changed two times since rc3 release:
+IWINFO_ABI_VERSION:=20210430
+IWINFO_ABI_VERSION:=20210420
Since iwinfo is marked as nonshared, it wasn't built by phase2 builders, but
luci-mod-status was already updated 2 times since rc3 and was thus rebuilt by
phase2 builders:
d1d452ed2fb3 luci-mod-status: don't set '-' hostname when creating static lease
95b3633055c1 luci-mod-status: switch to html table for wlan channel analysis
So now luci-mod-status depends on libiwinfo20210430 but only
libiwinfo20210106 can be downloaded. This is first part of the fix, in
the upcoming commit Jo is going to remove nonshared flag from iwinfo
package as well.
References: https://lists.infradead.org/pipermail/openwrt-devel/2021-July/035736.html
References: https://lists.infradead.org/pipermail/openwrt-devel/2021-July/035741.html
Acked-by: Jo-Philipp Wich <jo@mein.io>
Reported-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 8307da3dbd)
As the name suggests, act_gact has the generic actions such as dropping
and accepting packets, so move it into kmod-sched-core.
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
(cherry-picked from commit 10aacb9a6c)
commit 5edbd390d321532d9a697d6895a1a7c71c40bd5d rearranged the
"wifi up" code.
This commit tidies up the "wifi reconf" code so as to
keep it aligned with the "wifi up" code.
branches affected: trunk, 21.02
Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit e8b5429609)
"/sbin/wifi up" makes three ubus calls:
1. ubus call network reload
2. ubus call network.wireless down
3. ubus call network.wireless up
The first and third ubus calls call drv_mac80211_setup,
while the second ubus call triggers wireless_device_setup_cancel,
so the call sequence becomes,
1. drv_mac80211_setup
2. wireless_device_setup_cancel
3. drv_mac80211_setup
This commit swaps the order of the first two ubus calls,
1. ubus call network.wireless down
2. ubus call network reload
3. ubus call network.wireless up
Consequently drv_mac80211_setup is only called once,
and two related bugs (#FS3784 and #FS3902) are no longer triggered
by /sbin/wifi.
branches affected: trunk, 21.02
Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit b82cc80713)
drv_mac80211_teardown fails silently if the device to be torn down is
not defined. This commit prints an error message.
branches affected: trunk, 21.02
Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit 3933e29d1b)
When wifi is turned off, drv_mac80211_teardown sometimes fails (silently)
because the device to be torn down is not defined.
This situation arises if drv_mac80211_setup was called twice when
wifi was turned on.
This commit ensures that the device to be torn down is always defined
in drv_mac80211_teardown.
Steps to reproduce:
1) Use /sbin/wifi to turn on wifi.
uci set wireless.@wifi-iface[0].disabled=0
uci set wireless.@wifi-device[0].disabled=0
uci commit
wifi
2) Use /sbin/wifi to turn off wifi.
uci set wireless.@wifi-device[0].disabled=1
uci commit
wifi
3) Observe that wifi is still up.
branches affected: trunk, 21.02
Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit d515f6b6cd)
If drv_mac80211_setup is called twice with the same wifi configuration,
then the second call returns early with error HOSTAPD_START_FAILED.
(wifi works nevertheless, despite the fact that setup is incomplete. But
"ubus call network.wireless status" erroneously reports that radio0 is down.)
The relevant part of drv_mac80211_setup is,
if [ "$no_reload" != "0" ]; then
add_ap=1
ubus wait_for hostapd
local hostapd_res="$(ubus call hostapd config_add "{\"iface\":\"$primary_ap\", \"config\":\"${hostapd_conf_file}\"}")"
ret="$?"
[ "$ret" != 0 -o -z "$hostapd_res" ] && {
wireless_setup_failed HOSTAPD_START_FAILED
return
}
wireless_add_process "$(jsonfilter -s "$hostapd_res" -l 1 -e @.pid)" "/usr/sbin/hostapd" 1 1
fi
This commit sets no_reload = 0 during the second call of drv_mac80211_setup.
It is perhaps worth providing a way to reproduce the situation
where drv_mac80211_setup is called twice.
When /sbin/wifi is used to turn on wifi,
uci set wireless.@wifi-iface[0].disabled=0
uci set wireless.@wifi-device[0].disabled=0
uci commit
wifi
/sbin/wifi makes the following ubus calls,
ubus call network reload
ubus call network.wireless down
ubus call network.wireless up
The first and third ubus calls both call drv_mac80211_setup,
while the second ubus call triggers wireless_device_setup_cancel.
So the call sequence becomes,
drv_mac80211_setup
wireless_device_setup_cancel
drv_mac80211_setup
In contrast, when LuCI is used to turn on wifi only a single call
is made to drv_mac80211_setup.
branches affected: trunk, 21.02
Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit a29ab3b79a)
Call rate control handler after intermediate queueuing
Includes follow-up fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
cherry-picked from commits:
- 7dd8829ef9
- a603e82dd3
- 8bb4437c01
sysntpd server becomes unavailable if the index of the bound
interface changes. So let's add an interface trigger to reload sysntpd.
This patch also adds the ability for the sysntpd script to handle
uci interface name from configuration.
Fixes: 4da60500ebd2 ("busybox: sysntpd: option to bind server to iface")
Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit 88114f617a)
NTPD in busybox has option -I to bind server to IFACE.
However, capabilities of the busybox are limited, the -I option cannot be
repeated and only one interface can be effectively specified in it.
This option is currently not configurable via UCI.
The patch adds an interface option to the system config, ntp section.
Also sort options for uci_load_validate alphabetically.
Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
(cherry picked from commit e12fcf0fe5)
Prerequisite patch:
Correct a typo in the Changelog and clean up a stray file
Fix changes in libusb which introduced a regression:
Commit e2be556bd2 ("linux_usbfs: Parse config descriptors during device
initialization") introduced a regression for devices with multiple
configurations. The logic that verifies the reported length of the
configuration descriptors failed to count the length of the
configuration descriptor itself and would truncate the actual length by
9 bytes, leading to a parsing error for subsequent descriptors.
Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
(cherry picked from commit 4b37e3bc2b)
The zoneinfo packages are not installed per default so neither
/tmp/localtime nor /tmp/TZ is generated.
This patch mostly reverts the previous fix and instead incooperates a
solution suggested by Jo.
Fixes "base-files: fix zoneinfo support " 8af62ed
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 56bdb6bb97)
The system init script currently sets /tmp/localinfo when zoneinfo is
populated. However, zoneinfo has spaces in it whereas the actual files
have _ instead of spaces. This made the if condition never return true.
Example failure when removing the if condition:
/tmp/localtime -> /usr/share/zoneinfo/America/Los Angeles
This file does not exist. America/Los_Angeles does.
Ran through shfmt -w -ci -bn -sr -s
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 8af62ede18)
Major changes are:
Avoid page allocation failure from upcase table allocation.
Add support for FITRIM.
Improve write perofmrance on dirsync mount.
Improve lookup perofmrance.
Fix a bug on discard mount.
Switch to AUTORELEASE to avoid having to bump it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The RTL8380-RTL9300 switches only forward packets when VLAN ID 1 is
configured. Do not use the standard failsafe configuration for DSA
accessing the default port directly, but configure a switch on the lan1
interface instead.
This will add the VLAN ID 1 configuration to the switch:
$ bridge vlan show
port vlan-id
lan1 1 PVID Egress Untagged
switch 1 PVID Egress Untagged
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b7ee0786b5)
Some interfaces have a VLAN modifier like :t in lan1:t, this modifier
should be removed from the interface before calling preinit_ip_config().
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 790561d510)
Adapt the preinit_config_board() to the board.json network changes. It
now looks for the device and the ports variables to configure the LAN
network.
This works with swconfig configurations.
Fixes: FS#3866
Fixes: d42640e389 ("base-files: use "ports" array in board.json network for bridges")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 467cd378db)
Without this patch we have to manually bring up the CPU interface in
failsafe mode.
This was backported from kernel 5.12.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 2e17c71095)
Commit 0a7657c ("hostapd: add channel utilization as config option") added the
two new uci options bss_load_update_period and chan_util_avg_period. However,
the corresponding "config_add_int" calls for these options weren't added, so
attempting to actually use these options and change their values is bound to
fail - they always stay at their defaults. Add the missing code to actually
make these options work.
Fixes: 0a7657c ("hostapd: add channel utilization as config option")
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
(cherry picked from commit 85ce590705)
All bcm4908 devices are expected to have GPIO buttons to make relevant
package selected by default.
This "fixes" triggering failsafe mode.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit fcfa60408c)
Fixes: 125deb4d78 ("base-files: set MAC for bridge ports (devices) instead of bridge itself")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 946019637e)
This restores the original config_generate behaviour. With MAC set for
bridged devices the bridge automatically gets its MAC adjusted (it picks
the lowest MAC of bridged devices).
This fixes confusing interfaces setup (bridge ports not having custom
MAC assigned).
Reported-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Fixes: c2139eef27 ("base-files: simplify setting device MAC")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit c8d8eb9d13)
Since upstream commit 6467de5a8840 ("Randomize z ordinates in
scalar mult when timing resistant") WolfSSL requires a RNG for
the EC key when built hardened which is the default.
Set the RNG for the EC key to fix connections for OWE clients.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit ddcb970274)
Since commit 6467de5a8840 ("Randomize z ordinates in scalar
mult when timing resistant") wolfssl requires a RNG for an EC
key when the hardened built option is selected.
wc_ecc_set_rng is only available when built hardened, so there
is no safe way to install the RNG to the key regardless whether
or not wolfssl is compiled hardened.
Always export wc_ecc_set_rng so tools such as hostapd can install
RNG regardless of the built settings for wolfssl.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit ef9b103107)
PHY capabilities are currently read from the fiber status page, thus
Linux won't advertise 10 / 100 Base-T operation modes, effectively
limiting operation to 1000 Base-T.
Statically set the PHYs capabilities, avoiding autodetection.
The issue itself is properly fixed kernel upstream, however backporting
efforts to OpenWrt master resulted in breaking the fiber operation for
another target.
This is currently only known to be necessary for the Ubiquiti
UniFi AC series, so enabling it in the ath79 target should not
break somewhere else.
Signed-off-by: David Bauer <mail@david-bauer.net>
If the image generation doesn't add any profiles to the output the
*profile merge* will fail. To avoid that set an empty profile as
fallback.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit fd0d9909bf)
Keep other profiles.json content if the data belongs to the current
build version.
Also useful for the ImageBuilder, which builds for a single model each
time. Without this commit the profiles.json would only contain the
latest build profile information.
Signed-off-by: Moritz Warning <moritzwarning@web.de>
[improve commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit a463b96241)
commit 50413e1ec8 replaced ifconfig
with ip. In order to set a link state to up, the interface needs
to be added first.
Fixes: FS#3754
Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com>
[Add Fixes tag]
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
(cherry picked from commit 23c3bab920)
CPExxx and WBSxxx boards with AR9344 SOC
use the OKLI lzma kernel loader
with the offset of 3 blocks of length 4k (0x3000)
in order to have a fake "kernel" that cannot grow larger
than how it is defined in the now static OEM partition table.
Before recent changes to the mtdsplit driver,
the uImage parser for OKLI only supported images
that started exactly on an eraseblock boundary.
The mtdsplit parser for uImage now supports identifying images
with any magic number value
and at any offset from the eraseblock boundary
using DTS properties to define those values.
So, it is no longer necessary to use fixed sizes
for kernel and rootfs
Tested-by: Andrew Cameron <apcameron@softhome.net> [CPE510 v2]
Tested-by: Bernhard Geier <freifunk@geierb.de> [WBS210 v2]
Tested-by: Petrov <d7c48mWsPKx67w2@gmail.com> [CPE210 v1]
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 7b9a0c264c)
We need to skip sampling if the next sample time is after jiffies, not before.
This patch fixes an issue where in some cases only very little sampling (or none
at all) is performed, leading to really bad data rates
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This fixes `iw dev wlan0-mesh station dump`.
8fab0c9 iw: fix ftm_request missing arguments segfault
e816fbc iw: fix mgmt dump missing arguments segfault
5d9d1b8 iw: Fix timestamp output on 32-bit architectures
4b25ae3 iw: fix pointer arithmetic in __print_he_capa
c3df363 iw: add option to print human readable event time
cd64525 iw: print ctrl port tx status event
0ba98b9 iw: use correct type in policy check for mesh
9e38dee iw: scan: fixup HE caps whitespace
17e8564 iw: scan: parse HE capabilities
5735e58 iw: util: factor out HE capability parser
6d8d507 iw: scan: add extension tag parsing
b4e1ec4 man: update wikipage URL, reformat SEE ALSO section
c56036a iw: enable 80MHz support for 6GHz band 11s mesh
fa72728 iw: handle positive error codes gracefully
7ba9093 iw: scan: add flag for scanning colocated ap
5ec60ed iw: Add 'coloc' and 'flush' options to sched_scan
f8ade75 iw: update wikipage URL
b6f2dac iw: Add support for specifying the 160MHz bandwidth when setting the channel/frequency
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry-picked from commit b5420dd710)
bddc1db76d0f mt76: mt7915: drop the use of repeater entries for station interfaces
3c90f35dddac mt76: mt7915: add thermal sensor device support
afab0e8202ff mt76: mt7915: add thermal cooling device support
41cf02184699 mt76: mt7615: add thermal sensor device support
2ac6b8762565 mt76: connac: update BA win size in Rx direction
ddb301127291 mt76: mt7921: fix reset under the deep sleep is enabled
e4cbefd1d69a mt76: mt7921: avoid unnecessary consecutive WiFi resets
393eea2034d7 mt76: mt7921: fix invalid register access in wake_work
a15d46407ffa mt76: mt7921: fix OMAC idx usage
e4d267d8e900 mt76: mt7921: enable runtime pm by default
50fd8ce2412a mt76: connac: add bss color support for sta mode
e29058c3c860 mt76: mt7921: return proper error value in mt7921_mac_init
c89c8c347b1e mt76: mt7921: do not schedule hw reset if the device is not running
9f7bb428e587 mt76: mt7921: reset wfsys during hw probe
22ea365913b5 mt76: mt7915: add .offset_tsf callback
ad91f8e8e494 mt76: mt7615: add .offset_tsf callback
6f871f35e3c1 mt76: mt7915: use mt7915_mcu_get_txpower_sku() to get per-rate txpower
597b68b7daa3 mt76: mt7615: remove useless if condition in mt7615_add_interface()
3945264468eb mt76: testmode: fix memory leak in mt76_testmode_alloc_skb
bdcc57a11606 mt76: testmode: remove unnecessary function calls in mt76_testmode_free_skb
a9763452601d mt76: testmode: remove undefined behaviour in mt76_testmode_alloc_skb
4aef2a2be464 mt76: mt7615: fix potential overflow on large shift
d9dd7635b055 mt76: mt7915: use mt7915_mcu_get_mib_info() to get survey data
d740e921758a mt76: mt7921: introduce mac tx done handling
259ddfc7cb73 mt76: mt7921: update statistic in active mode only
757b93f4b179 mt76: mt7921: remove leftover 80+80 HE capability
1fcff599b2e1 mt76: allow hw driver code to overwrite wiphy interface_modes
c55c22e39b7d mt7915: update firmware to 2020110522
10548aef1f45 mt76: mt7915: improve error recovery reliability
ed6b0c79820c mt76: mt7921: set MT76_RESET during mac reset
321443258bea mt76: move mt76_rates in mt76 module
d1652e8af9e1 Revert "mt76: connac: do not schedule wake_work if the runtime-pm is disabled"
4f4cab39ed9f mt76: mt7915: read all eeprom fields from fw in efuse mode
71450535f164 mt76: mt7921: enable hw offloading for wep keys
833d577e430c mt76: mt7921: remove mt7921_get_wtbl_info routine
67b7a22d2b99 mt76: mt7921: enable random mac address during sched_scan
cf1ff7bf4f1b mt76: mt7915: setup drr group for peers
ef2f7aa8745f mt76: mt7615: update radar parameters
b9f09f530223 mt76: mt7915: fix MT_EE_CAL_GROUP_SIZE
22b690334c0f mt76: mt7915: do not fail if the cooling device could not be registered
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 3c46ba053d)
Don't bail out from init script in case the GPS device is missing.
Some modems take time to come up, and some people may use things like
'kplex' to feed ugpsd. Hence it is better to always start ugpsd
unconditionally and let procd's respawn take care of retrying.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3d026d2425)
86ee86e nmea: parse $GPZDA sentences for date/time
8e12414 nmea: parse $GPGLL sentences for position
5e88403 ubus: display only available information
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3a8b75b569)
Mark uci, ubus, libubox, lua, libnl-tiny and libjson-c
as nonshared packages. This helps to keep coherent dependencies
if these ABI versioned packages are later updated.
Before this commit it is possible to get missing dependencies
in target-specific nonshared packages (like iwinfo) that depend
on these shared ABI versioned packages. If these are later updated
and rebuilt, only the new ABI version will be available for download,
while the target-specific packages in releases continue to depend on
the old ABI version.
After this commit the packages are built along the other nonshared
packages by the phase1 images buildbot and will be available at the
target/ download directories instead of packages/base dir. That will
help to keep a coherent set available.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 72cc44958e)
We recently switched from freenode.net to oftc.net, reflect that in the
README and update the links.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 5a66165cb1)
The routing packages feed moved from `openwrt-routing/packages` to
`openwrt/routing`, reflect that in the README.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 0371f40193)
Since few months multiple users reported problems with various JBoot
devices. [0][1][2][3] All of them was bricked.
On my Lava LR-25G001 it freezes with current snapshot:
CDW57CAM_003 Jboot B695
Giga Switch AR8327 init
AR8327/AR8337 id ==> 0x1302
JRecovery Version R1.2 2014/04/01 18:25
SPI FLASH: MX25l12805d 16M
.
.
(freeze)
The kernel size is >2048k.
I built current master with minimal config and it boots well:
CDW57CAM_003 Jboot B695
Giga Switch AR8327 init
AR8327/AR8337 id ==> 0x1302
JRecovery Version R1.2 2014/04/01 18:25
SPI FLASH: MX25l12805d 16M
.
...........................
Starting kernel @80000000...
[ 0.000000] Linux version 5.4.124
Kernel size is <2048k.
Jboot bootloader isn't open source, so it's impossible to find
solution in code. It looks, that some buffer for kernel have 2MB size.
To avoid bricked devices, this commit introduces 2048k limit kernel
size for all jboot routers.
[0] https://bugs.openwrt.org/index.php?do=details&task_id=3539
[1] https://eko.one.pl/forum/viewtopic.php?pid=254344
[2] https://eko.one.pl/forum/viewtopic.php?id=20930
[3] https://eko.one.pl/forum/viewtopic.php?pid=241376#p241376
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
[remove Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit e1d8a14cd0)
The default trigger for the amber lights on lan1 and lan3 were
mistakenly swapped after the device's migration to DSA. This
caused activity on one port to trigger the amber light on the
other port. Swapping their default trigger in the DTS file
fixes that.
Signed-off-by: Adam Elyas <adamelyas@outlook.com>
[minor commit title adjustment, wrap commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit edaf432bf4)
Set the ethernet address from flash.
MAC addresses as verified by OEM firmware:
use interface source
2g wlan0 factory 0x04 (label)
LAN eth0.1 factory 0x28 (label+1)
WAN eth0.2 factory 0x2e (label+2)
Fixes: 671c9d16e3 ("ramips: add support for HILINK HLK-7628N")
Signed-off-by: Liu Yu <f78fk@live.com>
[drop old MAC address setup from 02_network, cut out state_default
changes, face-lift commit message, add Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit ae9c5cd37b)
This replaces the register bits for RGMII delay on the MAC side in favor
of having the RGMII delay on the PHY side by setting the phy-mode
property to rgmii-id (RGMII internal delay), which is supported by the
at803x driver. Speed 1000 is fixed as a result, so now all ethernet
speeds function.
Signed-off-by: Jonathan A. Kollasch <jakllsch@kollasch.net>
Reviewed-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit f36990eae7)
This fixes a small regression where the lzma-loader variable values
are being shared between boards that require different configurations.
If not set to "" globally, a device without these settings will just take
the last values another device has set before in the queue.
Fixes: 1b8bd17c2d ("ath79: lzma-loader: allow setting custom kernel magic")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
[add detailed explanation to the commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit bf8c16dfa2)
pcie0 is the same for this generation of Senao APs
while eth0, eth1, and wmac can differ
the qca,no-eeprom property has no effect
for the ath10k drivers
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 15c599c9df)
use qca955x_senao_loader.dtsi
because it is the same hardware / partitioning
and some cleanup
Effects:
nodes to match similar boards
- keys
- eth0
- pcie0
bumps SPI frequency to 40 MHz
removes &pll node:
the property is defined in qca955x.dtsi
removes qca,no-eeprom:
has no effect with mtd-cal-data property
(also spelling)
Tested-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit e800da9d5c)
This device is a Senao-based product
using hardware and software from Senao
with the tar-gz platform for factory.bin
and checksum verification at boot time
using variables stored in uboot environment
and a 'failsafe' image when it fails.
Extremely similar hardware/software to Engenius EAP1200H
and other Engenius APs with qca955x
Tested-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 37ea5d9a65)
Use a similar upgrade method for sysupgrade.bin, like factory.bin,
for Senao boards with the tar.gz OEM upgrade platform,
and 'failsafe' image which is loaded on checksum failure.
This is inspired by the OEM upgrade script /etc/fwupgrade.sh
and the existing platforms for dual-boot Senao boards.
Previously, if the real kernel was damaged or missing
the only way to recover was with UART serial console,
because the OKLI lzma-loader is programmed to halt.
uboot did not detect cases where kernel or rootfs is damaged
and boots OKLI instead of the failsafe image,
because the checksums stored in uboot environment
did not include the real kernel and rootfs space.
Now, the stored checksums include the space for both
the lzma-loader, kernel, and rootfs.
Therefore, these boards are now practically unbrickable.
Also, the factory.bin and sysupgrade.bin are now the same,
except for image metadata.
This allows for flashing OEM image directly from openwrt
as well as flashing openwrt image directly from OEM.
Make 'loader' partition writable so that it can be updated
during a sysupgrade.
tested with
ENS202EXT v1
EAP1200H
EAP350 v1
EAP600
ECB350 v1
ECB600
ENH202 v1
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit d5035f0d26)
ath79/tiny kernel config has
CONFIG_MTD_SPI_NOR_USE_4K_SECTORS=y
from commit
05d35403b2
Because of this, these changes are required for 2 reasons:
1.
Senao devices in ath79/tiny
with a 'failsafe' partition and the tar.gz sysupgrade platform
and a flash chip that supports 4k sectors
will fail to reboot to openwrt after a sysupgrade.
the stored checksum is made with the 64k blocksize length
of the image to be flashed,
and the actual checksum changes after flashing due to JFFS2 space
being formatted within the length of the rootfs from the image
example:
0x440000 length of kernel + rootfs (from sysupgrade.bin)
0x439000 offset of rootfs_data (from kernel log)
2.
for boards with flash chips that support 4k sectors:
saving configuration over sysupgrade is not possible
because sysupgrade.tgz is appended at a 64k boundary
and the mtd parser starts JFFS2 at a 4k boundary.
for boards with flash chips that do not support 4k sectors:
partitioning with 4k boundaries causes a boot loop
from the mtd parser not finding kernel and rootfs.
Also:
Some of the Senao boards that belong in ath79/tiny,
for example ENH202,
have a flash chip that does not support 4k sectors
(no SECT_4K symbol in upstream source).
Because of this, partitioning must be different for these devices
depending on the flash chip model detected by the kernel.
Therefore:
this creates 2 DTSI files
to replace the single one with 64k partitioning
for 4k and 64k partitioning respectively.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit a58cb22bbe)
By using the same custom kernel header magic
in both OKLI lzma-loader, DTS, and makefile
this hack is not necessary anymore
However, "rootfs" size and checksum
must now be supplied by the factory.bin image
through a script that is accepted by the OEM upgrade script.
This is because Senao OEM scripts assume a squashfs header exists
at the offset for the original "rootfs" partition
which is actually the kernel + rootfs in this implementation,
and takes size value from the header that would be there with hexdump,
but this offset is now the uImage header instead.
This frees up 1 eraseblock
previously used by the "fakeroot" partition
for bypassing the OEM image verification.
Also, these Senao devices with a 'failsafe' partition
and the tar-gz factory.bin platform would otherwise require
flashing the new tar-gz sysupgrade.bin afterward.
So this also prevents having to flash both images
when starting from OEM or 'failsafe'
the OEM upgrade script verifies the header magic numbers,
but only the first two bytes.
Example:
[ "${magic_word_kernel}" = "2705" ] &&
[ "${magic_word_rootfs}" = "7371" -o "${magic_word_rootfs}" = "6873" ] &&
errcode="0"
therefore picked the magic number
0x73714f4b
which is
'sqOK'
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 4a0cc5d4ef)
...and max flash offset
The mtdsplit parser was recently refactored
to allow the kernel to have custom image header magic.
Let's also do this for the lzma-loader
For example:
When implemented together,
this allows the kernel to "appear" to be a rootfs
by OEM software in order to write an image
that is actually kernel + rootfs.
At the same time,
it would boot to openwrt normally
by setting the same magic in DTS.
Both of the variables
have a default value that is unchanged
when not defined in the makefiles
This has no effect on the size of the loader
when lzma compressed.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 1b8bd17c2d)
This creates a shared DTSI for qca955x Senao/Engenius APs with
concatenated firmware partition/okli loader:
- EAP1200H
- EnstationAC v1
To make this usable for future boards with 32 MB flash as well,
split the partitions node already.
Suggested-by: Michael Pratt <mcpratt@pm.me>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 9b37db5caa)
This creates a shared DTSI for ar934x Senao/Engenius APs:
- EAP300 v2
- ENS202EXT v1
- EAP600
- ECB600
Since ar9341/ar9344 have different configuration, this new file
mostly contains the partitioning.
Suggested-by: Michael Pratt <mcpratt@pm.me>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit ce8b535ed3)
This creates a shared DTSI for ar724x Senao/Engenius APs:
- ENH202 v1
- EAP350 v1
- ECB350 v1
Since ar7240/ar7242 have different configuration, this new file
mostly contains the partitioning.
Suggested-by: Michael Pratt <mcpratt@pm.me>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 4204d70d7a)
These recipes and definitions can apply
to devices from other vendors
with PCB boards or SDK produced by Senao
not only the brand Engenius
possible examples:
Extreme Networks, WatchGuard, OpenMesh,
Fortinet, ALLNET, OCEDO, Plasma Cloud, devolo, etc.
so rename all of these items
and move DEVICE_VENDOR from common to generic/tiny.mk
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 70bf4a979c)
The SERCOMM NA502 is a smart home gateway manufactured by SERCOMM and sold
under different brands (among others, A1 Telekom Austria SmartHome
Gateway). It has multi-protocol radio support in addition to LAN and WiFi.
Note: BLE is currently unsupported.
Specifications
--------------
- MT7621ST 880MHz, Single-Core, Dual-Thread
- MT7603EN 2.4GHz WiFi
- MT7662EN 5GHz WiFi + BLE
- 128MiB NAND
- 256MiB DDR3 RAM
- SD3503 ZWave Controller
- EM357 Zigbee Coordinator
MAC address assignment
----------------------
LAN MAC is read from the config partition, WiFi 2.4GHz is LAN+2 and matches
the OEM firmware. WiFi 5GHz with LAN+1 is an educated guess since the
OEM firmware does not enable 5GHz WiFi.
Installation
------------
Attach serial console, then boot the initramfs image via TFTP.
Once inside OpenWrt, run sysupgrade -n with the sysupgrade file.
Attention: The device has a dual-firmware design. We overwrite kernel2,
since kernel1 contains an automatic recovery image.
If you get NAND ECC errors and are stuck with bad eraseblocks, try to
erase the mtd partition first with
mtd unlock ubi
mtd erase ubi
This should only be needed once.
Signed-off-by: Andreas Böhler <dev@aboehler.at>
[use kiB for IMAGE_SIZE]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a3d8c1295e)
Specifications:
- SoC: MT7621AT
- RAM: 256MB
- Flash: 128MB NAND
- Ethernet: 5 Gigabit ports
- WiFi: 2.4G/5G MT7615N
- USB: 1 USB 3.0, 1 USB 2.0
This device is very similar to the EA7300 v1/v2 and EA7500 v2.
Installation:
Upload the generated factory image through the factory web interface.
(following part taken from EA7300 v2 commit message:)
This might fail due to the A/B nature of this device. When flashing, OEM
firmware writes over the non-booted partition. If booted from 'A',
flashing over 'B' won't work. To get around this, you should flash the
OEM image over itself. This will then boot the router from 'B' and
allow you to flash OpenWRT without problems.
Reverting to factory firmware:
Hard-reset the router three times to force it to boot from 'B.' This is
where the stock firmware resides. To remove any traces of OpenWRT from
your router simply flash the OEM image at this point.
With thanks to Leon Poon (@LeonPoon) for the initial bringup.
Signed-off-by: Tee Hao Wei <angelsl@in04.sg>
[add missing entry in 10_fix_wifi_mac]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b232680f84)
Amped Wireless ALLY is a whole-home WiFi kit, with a router (model
ALLY-R1900K) and an Extender (model ALLY-00X19K). Both are devices are
11ac and based on MediaTek MT7621AT and MT7615N chips. The units are
nearly identical, except the Extender lacks a USB port and has a single
Ethernet port.
Specification:
- SoC: MediaTek MT7621AT (2C/4T) @ 880MHz
- RAM: 128MB DDR3 (Nanya NT5CC64M16GP-DI)
- FLASH: 128MB NAND (Winbond W29N01GVSIAA)
- WiFi: 2.4/5 GHz 4T4R
- 2.4GHz MediaTek MT7615N bgn
- 5GHz MediaTek MT7615N nac
- Switch: SoC integrated Gigabit Switch
- USB: 1x USB3 (Router only)
- BTN: Reset, WPS
- LED: single RGB
- UART: through-hole on PCB.
J1: pin1 (square pad, towards rear)=3.3V, pin2=RX,
pin3=GND, pin4=TX. Settings: 57600/8N1.
Note regarding dual system partitions
-------------------------------------
The vendor firmware and boot loader use a dual partition scheme. The boot
partition is decided by the bootImage U-boot environment variable: 0 for
the 1st partition, 1 for the 2nd.
OpenWrt does not support this scheme and will always use the first OS
partition. It will set bootImage to 0 during installation, making sure
the first partition is selected by the boot loader.
Also, because we can't be sure which partition is active to begin with, a
2-step flash process is used. We first flash an initramfs image, then
follow with a regular sysupgrade.
Installation:
Router (ALLY-R1900K)
1) Install the flashable initramfs image via the OEM web-interface.
(Alternatively, you can use the TFTP recovery method below.)
You can use WiFi or Ethernet.
The direct URL is: http://192.168.3.1/07_06_00_firmware.html
a. No login is needed, and you'll be in their setup wizard.
b. You might get a warning about not being connected to the Internet.
c. Towards the bottom of the page will be a section entitled "Or
Manually Upgrade Firmware from a File:" where you can manually choose
and upload a firmware file.
d: Click "Choose File", select the OpenWRT "initramfs" image and click
"Upload."
2) The Router will flash the OpenWrt initramfs image and reboot. After
booting, LuCI will be available on 192.168.1.1.
3) Log into LuCI as root; there is no password.
4) Optional (but recommended) is to backup the OEM firmware before
continuing; see process below.
5) Complete the Installation by flashing a full OpenWRT image. Note:
you may use the sysupgrade command line tool in lieu of the UI if
you prefer.
a. Choose System -> Backup/Flash Firmware.
b. Click "Flash Image..." under "Flash new firmware image"
c. Click "Browse..." and then select the sysupgrade file.
d. Click Upload to upload the sysupgrade file.
e. Important: uncheck "Keep settings and retain the current
configuration" for this initial installation.
f. Click "Continue" to flash the firmware.
g. The device will reboot and OpenWRT is installed.
Extender (ALLY-00X19K)
1) This device requires a TFTP recovery procedure to do an initial load
of OpenWRT. Start by configuring a computer as a TFTP client:
a. Install a TFTP client (server not necessary)
b. Configure an Ethernet interface to 192.168.1.x/24; don't use .1 or .6
c. Connect the Ethernet to the sole Ethernet port on the X19K.
2) Put the ALLY Extender in TFTP recovery mode.
a. Do this by pressing and holding the reset button on the bottom while
connecting the power.
b. As soon as the LED lights up green (roughly 2-3 seconds), release
the button.
3) Start the TFTP transfer of the Initramfs image from your setup machine.
For example, from Linux:
tftp -v -m binary 192.168.1.6 69 -c put initramfs.bin
4) The Extender will flash the OpenWrt initramfs image and reboot. After
booting, LuCI will be available on 192.168.1.1.
5) Log into LuCI as root; there is no password.
6) Optional (but recommended) is to backup the OEM firmware before
continuing; see process below.
7) Complete the Installation by flashing a full OpenWRT image. Note: you
may use the sysupgrade command line tool in lieu of the UI if you prefer.
a. Choose System -> Backup/Flash Firmware.
b. Click "Flash Image..." under "Flash new firmware image"
c. Click "Browse..." and then select the sysupgrade file.
d. Click Upload to upload the sysupgrade file.
e. Important: uncheck "Keep settings and retain the current
configuration" for this initial installation.
f. Click "Continue" to flash the firmware.
g. The device will reboot and OpenWRT is installed.
Backup the OEM Firmware:
-----------------------
There isn't any downloadable firmware for the ALLY devices on the Amped
Wireless web site. Reverting back to the OEM firmware is not possible
unless we have a backup of the original OEM firmware.
The OEM firmware may be stored on either /dev/mtd3 ("firmware") or
/dev/mtd6 ("oem"). We can't be sure which was overwritten with the
initramfs image, so backup both partitions to be safe.
1) Once logged into LuCI, navigate to System -> Backup/Flash Firmware.
2) Under "Save mtdblock contents," first select "firmware" and click
"Save mtdblock" to download the image.
3) Repeat the process, but select "oem" from the pull-down menu.
Revert to the OEM Firmware:
--------------------------
* U-boot TFTP:
Follow the TFTP recovery steps for the Extender, and use the
backup image.
* OpenWrt "Flash Firmware" interface:
Upload the backup image and select "Force update"
before continuing.
Signed-off-by: Jonathan Sturges <jsturges@redhat.com>
(cherry picked from commit 6d23e474ad)
This submission relied heavily on the work of Linksys EA7300 v1/ v2.
Specifications:
* SoC: MediaTek MT7621A (880 MHz 2c/4t)
* RAM: 128M DDR3-1600
* Flash: 128M NAND
* Eth: MediaTek MT7621A (10/100/1000 Mbps x5)
* Radio: MT7603E/MT7613BE (2.4 GHz & 5 GHz)
* Antennae: 2 internal fixed in the casing and 2 on the PCB
* LEDs: Blue (x4 Ethernet)
Blue+Orange (x2 Power + WPS and Internet)
* Buttons: Reset (x1)
WPS (x1)
Installation:
Flash factory image through GUI.
This device has 2 partitions for the firmware called firmware and
alt_firmware. To successfully flash and boot the device, the device
should have been running from alt_firmware partition. To get the device
booted through alt_firmware partition, download the OEM firmware from
Linksys website and upgrade the firmware from web GUI. Once this is done,
flash the OpenWrt Factory firmware from web GUI.
Reverting to factory firmware:
1. Boot to 'alt_firmware'(where stock firmware resides) by doing one of
the following:
Press the "wps" button as soon as power LED turns on when booting.
(OR) Hard-reset the router consecutively three times to force it to
boot from 'alt_firmware'.
2. To remove any traces of OpenWRT from your router simply flash the OEM
image at this point.
Signed-off-by: Aashish Kulkarni <aashishkul@gmail.com>
[fix hanging indents and wrap to 74 characters per line,
add kmod-mt7663-firmware-sta package for 5GHz STA mode to work,
remove sysupgrade.bin and concatenate IMAGES instead in mt7621.mk,
set default-state "on" for power LED]
Signed-off-by: Sannihith Kinnera <digislayer@protonmail.com>
[move check-size before append-metadata, remove trailing whitespace]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Sannihith Kinnera <digislayer@protonmail.com>
(cherry picked from commit 251c995cbb)
Specifications
SoC: MT7621
CPU: 880 MHz
Flash: 16 MiB
RAM: 128 MiB
WLAN: 2.4 GHz b/g/n, 5 GHz a/n/ac
MT7603E / MT7615E
Ethernet: 5x Gbit ports
Installation
There are two known options:
1) The Luci-based UI.
2) Press and hold the reset button during power up.
The router will request 'recovery.bin' from a TFTP server at
192.168.1.88.
Both options require a signed firmware binary.
The openwrt image supplied by cudy is signed and can be used to
install unsigned images.
R4 & R5 need to be shorted (0-100Ω) for the UART to work.
Signed-off-by: Leon M. George <leon@georgemail.eu>
[remove non-required switch-port node - remove trgmii phy-mode]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3501db9b9b)
This patch adds support for TP-Link Archer C6U v1 (EU).
The device is also known in some market as Archer C6 v3.
This patch supports only Archer C6U v1 (EU).
Specifications:
--------------
* SoC: Mediatek MT7621AT 2C2T, 880MHz
* RAM: 128MB DDR3
* Flash: 16MB SPI NOR flash (Winbond 25Q128)
* WiFi 5GHz: Mediatek MT7613BEN (2x2:2)
* WiFi 2.4GHz: Mediatek MT7603EN (2x2:2)
* Ethernet: MT7630, 5x 1000Base-T.
* LED: Power, WAN, LAN, WiFi 2GHz and 5GHz, USB
* Buttons: Reset, WPS.
* UART: Serial console (115200 8n1), J1(GND:3)
* USB: One USB2 port.
Installation:
------------
Install the OpenWrt factory image for C6U is from the
TP-Link web interface.
1) Go to "Advanced/System Tools/Firmware Update".
2) Click "Browse" and upload the OpenWrt factory image:
openwrt-ramips-mt7621-tplink_archer-c6u-v1-squashfs-factory.bin.
3) Click the "Upgrade" button, and select "Yes" when prompted.
Recovery to stock firmware:
--------------------------
The C6U bootloader has a failsafe mode that provides a web
interface (running at 192.168.0.1) for reverting back to the
stock TP-Link firmware. The failsafe interface is triggered
from the serial console or on failed kernel boot. Unfortunately,
there's no key combination that enables the failsafe mode. This
gives us two options for recovery:
1) Recover using the serial console (J1 header).
The recovery interface can be selected by hitting 'x' when
prompted on boot.
2) Trigger the bootloader failsafe mode.
A more dangerous option is force the bootloader into
recovery mode by erasing the OpenWrt partition from the
OpenWrt's shell - e.g "mtd erase firmware". Please be
careful, since erasing the wrong partition can brick
your device.
MAC addresses:
-------------
OEM firmware configuration:
D8:07:B6:xx:xx:83 : 5G
D8:07:B6:xx:xx:84 : LAN (label)
D8:07:B6:xx:xx:84 : 2.4G
D8:07:B6:xx:xx:85 : WAN
Signed-off-by: Georgi Vlaev <georgi.vlaev@konsulko.com>
(cherry picked from commit a46ad596a3)
The patch adds support for the TP-Link Archer A6 v3
The router is sold in US and India with FCC ID TE7A6V3
Specification
-------------
MediaTek MT7621 SOC
RAM: 128MB DDR3
SPI Flash: W25Q128 (16MB)
Ethernet: MT7530 5x 1000Base-T
WiFi 5GHz: Mediatek MT7613BE
WiFi 2.4GHz: Mediatek MT7603E
UART/Serial: 115200 8n1
Device Configuration & Serial Port Pins
---------------------------------------
ETH Ports: LAN4 LAN3 LAN2 LAN1 WAN
_______________________
| |
Serial Pins: | VCC GND TXD RXD |
|_____________________|
LEDs: Power Wifi2G Wifi5G LAN WAN
Build Output
------------
The build will generate following set of files
[1] openwrt-ramips-mt7621-tplink_archer-a6-v3-initramfs-kernel.bin
[2] openwrt-ramips-mt7621-tplink_archer-a6-v3-squashfs-factory.bin
[3] openwrt-ramips-mt7621-tplink_archer-a6-v3-squashfs-sysupgrade.bin
How to Use - Flashing from TP-Link Web Interface
------------------------------------------------
* Go to "Advanced/System Tools/Firmware Update".
* Click "Browse" and upload the OpenWrt factory image: factory.bin[2]
* Click the "Upgrade" button, and select "Yes" when prompted.
TFTP Booting
------------
Setup a TFTP boot server with address 192.168.0.5.
While starting U-boot press '4' key to stop autoboot.
Copy the initramfs-kernel.bin[1] to TFTP server folder, rename as test.bin
From u-boot command prompt run tftpboot followed by bootm.
Recovery
--------
Archer A6 V3 has recovery page activated if SPI booting from flash fails.
Recovery page can be activated from serial console only.
Press 'x' while u-boot is starting
Note: TFTP boot can be activated only from u-boot serial console.
Device recovery address: 192.168.0.1
Thanks to: Frankis for Randmon MAC address fix.
Signed-off-by: Vinay Patil <post2vinay@gmail.com>
[remove superfluous factory image definition, whitespacing]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f8f8935adb)
The ZyXEL NR7101 is an 802.3at PoE powered 5G outdoor (IP68) CPE
with integrated directional 5G/LTE antennas.
Specifications:
- SoC: MediaTek MT7621AT
- RAM: 256 MB
- Flash: 128 MB MB NAND (MX30LF1G18AC)
- WiFi: MediaTek MT7603E
- Switch: 1 LAN port (Gigabiti)
- 5G/LTE: Quectel RG502Q-EA connected by USB3 to SoC
- SIM: 2 micro-SIM slots under transparent cover
- Buttons: Reset, WLAN under same cover
- LEDs: Multicolour green/red/yellow under same cover (visible)
- Power: 802.3at PoE via LAN port
The device is built as an outdoor ethernet to 5G/LTE bridge or
router. The Wifi interface is intended for installation and/or
temporary management purposes only.
UART Serial:
57600N1
Located on populated 5 pin header J5:
[o] GND
[ ] key - no pin
[o] RX
[o] TX
[o] 3.3V Vcc
Remove the SIM/button/LED cover, the WLAN button and 12 screws
holding the back plate and antenna cover together. The GPS antenna
is fixed to the cover, so be careful with the cable. Remove 4
screws fixing the antenna board to the main board, again being
careful with the cables.
A bluetooth TTL adapter is recommended for permanent console
access, to keep the router water and dustproof. The 3.3V pin is
able to power such an adapter.
MAC addresses:
OpenWrt OEM Address Found as
lan eth2 08:26:97:*:*:BC Factory 0xe000 (hex), label
wlan0 ra0 08:26:97:*:*:BD Factory 0x4 (hex)
wwan0 usb0 random
WARNING!!
ISP managed firmware might at any time update itself to a version
where all known workarounds have been disabled. Never boot an ISP
managed firmware with a SIM in any of the slots if you intend to use
the router with OpenWrt. The bootloader lock can only be disabled with
root access to running firmware. The flash chip is physically
inaccessible without soldering.
Installation from OEM web GUI:
- Log in as "supervisor" on https://172.17.1.1/
- Upload OpenWrt initramfs-recovery.bin image on the
Maintenance -> Firmware page
- Wait for OpenWrt to boot and ssh to root@192.168.1.1
- (optional) Copy OpenWrt to the recovery partition. See below
- Sysupgrade to the OpenWrt sysupgrade image and reboot
Installation from OEM ssh:
- Log in as "root" on 172.17.1.1 port 22022
- scp OpenWrt initramfs-recovery.bin image to 172.17.1.1:/tmp
- Prepare bootloader config by running:
nvram setro uboot DebugFlag 0x1
nvram setro uboot CheckBypass 0
nvram commit
- Run "mtd_write -w write initramfs-recovery.bin Kernel" and reboot
- Wait for OpenWrt to boot and ssh to root@192.168.1.1
- (optional) Copy OpenWrt to the recovery partition. See below
- Sysupgrade to the OpenWrt sysupgrade image and reboot
Copying OpenWrt to the recovery partition:
- Verify that you are running a working OpenWrt recovery image
from flash
- ssh to root@192.168.1.1 and run:
fw_setenv CheckBypass 0
mtd -r erase Kernel2
- Wait while the bootloader mirrors Image1 to Image2
NOTE: This should only be done after successfully booting the OpenWrt
recovery image from the primary partition during installation. Do
not do this after having sysupgraded OpenWrt! Reinstalling the
recovery image on normal upgrades is not required or recommended.
Installation from Z-Loader:
- Halt boot by pressing Escape on console
- Set up a tftp server to serve the OpenWrt initramfs-recovery.bin
image at 10.10.10.3
- Type "ATNR 1,initramfs-recovery.bin" at the "ZLB>" prompt
- Wait for OpenWrt to boot and ssh to root@192.168.1.1
- Sysupgrade to the OpenWrt sysupgrade image
NOTE: ATNR will write the recovery image to both primary and recovery
partitions in one go.
Booting from RAM:
- Halt boot by pressing Escape on console
- Type "ATGU" at the "ZLB>" prompt to enter the U-Boot menu
- Press "4" to select "4: Entr boot command line interface."
- Set up a tftp server to serve the OpenWrt initramfs-recovery.bin
image at 10.10.10.3
- Load it using "tftpboot 0x88000000 initramfs-recovery.bin"
- Boot with "bootm 0x8800017C" to skip the 380 (0x17C) bytes ZyXEL
header
This method can also be used to RAM boot OEM firmware. The warning
regarding OEM applies! Never boot an unknown OEM firmware, or any OEM
firmware with a SIM in any slot.
NOTE: U-Boot configuration is incomplete (on some devices?). You may
have to configure a working mac address before running tftp using
"setenv eth0addr <mac>"
Unlocking the bootloader:
If you are unebale to halt boot, then the bootloader is locked.
The OEM firmware locks the bootloader on every boot by setting
DebugFlag to 0. Setting it to 1 is therefore only temporary
when OEM firmware is installed.
- Run "nvram setro uboot DebugFlag 0x1; nvram commit" in OEM firmware
- Run "fw_setenv DebugFlag 0x1" in OpenWrt
NOTE:
OpenWrt does this automatically on first boot if necessary
NOTE2:
Setting the flag to 0x1 avoids the reset to 0 in known OEM
versions, but this might change.
WARNING:
Writing anything to flash while the bootloader is locked is
considered extremely risky. Errors might cause a permanent
brick!
Enabling management access from LAN:
Temporary workaround to allow installing OpenWrt if OEM firmware
has disabled LAN management:
- Connect to console
- Log in as "root"
- Run "iptables -I INPUT -i br0 -j ACCEPT"
Notes on the OEM/bootloader dual partition scheme
The dual partition scheme on this device uses Image2 as a recovery
image only. The device will always boot from Image1, but the
bootloader might copy Image2 to Image1 under specific conditions. This
scheme prevents repurposing of the space occupied by Image2 in any
useful way.
Validation of primary and recovery images is controlled by the
variables CheckBypass, Image1Stable, and Image1Try.
The bootloader sets CheckBypass to 0 and reboots if Image1 fails
validation.
If CheckBypass is 0 and Image1 is invalid then Image2 is copied to
Image1.
If CheckBypass is 0 and Image2 is invalid, then Image1 is copied to
Image2.
If CheckBypass is 1 then all tests are skipped and Image1 is booted
unconditionally. CheckBypass is set to 1 after each successful
validation of Image1.
Image1Try is incremented if Image1Stable is 0, and Image2 is copied to
Image1 if Image1Try is 3 or larger. But the bootloader only tests
Image1Try if CheckBypass is 0, which is impossible unless the booted
image sets it to 0 before failing.
The system is therefore not resilient against runtime errors like
failure to mount the rootfs, unless the kernel image sets CheckBypass
to 0 before failing. This is not yet implemented in OpenWrt.
Setting Image1Stable to 1 prevents the bootloader from updating
Image1Try on every boot, saving unnecessary writes to the environment
partition.
Keeping an OpenWrt initramfs recovery as Image2 is recommended
primarily to avoid unwanted OEM firmware boots on failure. Ref the
warning above. It enables console-less recovery in case of some
failures to boot from Image1.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Tested-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit 2449a63208)
The ZyXEL NR7101 prepend an additional header to U-Boot images. This
header use the TRX magic 0x30524448 (HDR0), but is incompatible with
TRX images.
This code is reverse-engineered based on matching 32 bit numbers
found in the header with lengths and different checksum
calculations of the vendor images found on the device. The result
was matched against the validation output produced by the
bootloader to name the associated header fields.
Example bootloader validation output:
Zyxel TRX Image 1 --> Found! Header Checksum OK
============ZyXEL header information==================
chipId : MT7621A
boardId : NR7101
modelId : 07 01 00 01
kernel_len : (14177560)
kernelChksum : (0x8DD31F69)
swVersionInt : 1.00(ABUV.0)D1
swVersionExt : 1.00(ABUV.0)D1
Zyxel TRX Image 2 --> Found! Header Checksum OK
============ZyXEL header information==================
chipId : MT7621A
boardId : NR7101
modelId : 07 01 00 01
kernel_len : (14176660)
kernelChksum : (0x951A7637)
swVersionInt : 1.00(ABUV.0)D0
swVersionExt : 1.00(ABUV.0)D0
=================================================
Check image validation:
Image1 Header Magic Number --> OK
Image2 Header Magic Number --> OK
Image1 Header Checksum --> OK
Image2 Header Checksum --> OK
Image1 Data Checksum --> OK
Image2 Data Checksum --> OK
Image1 Stable Flag --> Stable
Image1 Try Counter --> 0
Image1: OK
Image2: OK
The coverage and algorithm for the kernelChksum field is unknown.
This field is not validated by the bootloader or the OEM firmware
upgrade tool. It is therefore set to a static value for now.
The swVersion fields contain free form string values. The OEM firmware
use ZyXEL structured version numbers as shown above. The strings are
not interpreted or validated on boot, so they can be repurposed for
anything we want the bootloader to display to the user. But the OEM
web GUI fails to flash images with freeform strings.
The purpose of the other strings in the header is not known. The
values appear to be static. We assume they are fixed for now, until
we have other examples. One of these strings is the platform name,
which is taken as an input parameter for support other members of
the device family.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Tested-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit 48cad07a55)
Make packages depending on usb-serial selective, so we do not have
to add kmod-usb-serial manually for every device.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 9397b22df1)
Compile in MPT SAS driver required to mount rootfs on some VMWare
systems (e.g. required for 1&1 IONOS).
Signed-off-by: Mark Carroll <git@markcarroll.net>
(cherry picked from commit 8716dda074)
When support for Luma WRTQ-329ACN was added, the instructions for
flashing this device include using tools from uboot-envtools package.
Unfortunately the OpenWrt buildroot system omits packages from
DEVICE_PACKAGES when CONFIG_TARGET_MULTI_PROFILE,
CONFIG_TARGET_PER_DEVICE_ROOTFS, CONFIG_TARGET_ALL_PROFILES are set. In
result the official images are without tools mentioned in the
instruction. The workoround for the fashing would be installing
uboot-envtools when booted with initramfs image, but not always the
access to internet is available. The other method would be to issue the
necesary command in U-Boot environment but some serial terminals default
configuration don't work well with pasting lines longer than 80 chars.
Therefore add uboot-envtools to default packages, which adds really
small flash footprint to rootfs, where increased size usually is not an
issue.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(cherry picked from commit 1984a6bbca)
LAN port 4 was swapped with the WAN port and the remaining three LAN
ports were numbered in reverse order from their labels on the case.
Fixes: 1a775a4fd0 ("ipq806x: add support for TP-Link Talon AD7200")
Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
(cherry picked from commit 6fb27e8e6d)
The removed patches were integrated upstream.
The brcmf_driver_work workqueue was removed in brcmfmac with kernel
5.10.42, the asynchronous call was covered to a synchronous call. There
is no need to wait any more.
This part was removed manually from this patch:
brcm/860-brcmfmac-register-wiphy-s-during-module_init.patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 04a260911c)
These two variables were missing in the definition of
DEFAULT_DEVICE_VARS which caused them to contain wrong values, messing
up the resulting JSON files.
This patch adds the two variables IMAGE_PREFIX and DEVICE_PACKAGES to
DEFAULT_DEVICE_VARS.
Suggested-by: Baptiste Jonglez <git@bitsofnetworks.org>
Signed-off-by: Paul Spooren <mail@aparcar.org>
Without that, after merging support to master, the device fails to boot
due to LZMA decompression error:
3: System Boot system code via Flash.
raspi_read: from:80000 len:40
. Image Name: MIPS OpenWrt Linux-5.4.99
Created: 2021-02-25 23:35:00 UTC
Image Type: MIPS Linux Kernel Image (lzma compressed)
Data Size: 1786664 Bytes = 1.7 MB
Load Address: 80000000
Entry Point: 80000000
raspi_read: from:80040 len:1b4328
............................ Verifying Checksum ... OK
Uncompressing Kernel Image ... LZMA ERROR 1 - must RESET board to recover
Use lzma-loader to fix it.
Fixes: 59d065c9f8 ("ramips: add support for ZTE MF283+")
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit 410fb05b44)
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
ZTE MF283+ is a dual-antenna LTE category 4 router, based on Ralink
RT3352 SoC, and built-in ZTE P685M PCIe MiniCard LTE modem.
Hardware highlighs:
- CPU: MIPS24KEc at 400MHz,
- RAM: 64MB DDR2,
- Flash: 16MB SPI,
- Ethernet: 4 10/100M port switch with VLAN support,
- Wireless: Dual-stream 802.11n (RT2860), with two internal antennas,
- WWAN: Built-in ZTE P685M modem, with two internal antennas and two
switching SMA connectors for external antennas,
- FXS: Single ATA, with two connectors marked PHONE1 and PHONE2,
internally wired in parallel by 0-Ohm resistors, handled entirely by
internal WWAN modem.
- USB: internal miniPCIe slot for modem,
unpopulated USB A connector on PCB.
- SIM slot for the WWAN modem.
- UART connector for the console (unpopulated) at 3.3V,
pinout: 1: VCC, 2: TXD, 3: RXD, 4: GND,
settings: 57600-8-N-1.
- LEDs: Power (fixed), WLAN, WWAN (RGB),
phone (bicolor, controlled by modem), Signal,
4 link/act LEDs for LAN1-4.
- Buttons: WPS, reset.
Installation:
As the modem is, for most of the time, provided by carriers, there is no
possibility to flash through web interface, only built-in FOTA update
and TFTP recovery are supported.
There are two installation methods:
(1) Using serial console and initramfs-kernel - recommended, as it
allows you to back up original firmware, or
(2) Using TFTP recovery - does not require disassembly.
(1) Using serial console:
To install OpenWrt, one needs to disassemble the
router and flash it via TFTP by using serial console:
- Locate unpopulated 4-pin header on the top of the board, near buttons.
- Connect UART adapter to the connector. Use 3.3V voltage level only,
omit VCC connection. Pin 1 (VCC) is marked by square pad.
- Put your initramfs-kernel image in TFTP server directory.
- Power-up the device.
- Press "1" to load initramfs image to RAM.
- Enter IP address chosen for the device (defaults to 192.168.0.1).
- Enter TFTP server IP address (defaults to 192.168.0.22).
- Enter image filename as put inside TFTP server - something short,
like firmware.bin is recommended.
- Hit enter to load the image. U-boot will store above values in
persistent environment for next installation.
- If you ever might want to return to vendor firmware,
BACK UP CONTENTS OF YOUR FLASH NOW.
For this router, commonly used by mobile networks,
plain vendor images are not officially available.
To do so, copy contents of each /dev/mtd[0-3], "firmware" - mtd3 being the
most important, and copy them over network to your PC. But in case
anything goes wrong, PLEASE do back up ALL OF THEM.
- From under OpenWrt just booted, load the sysupgrade image to tmpfs,
and execute sysupgrade.
(2) Using TFTP recovery
- Set your host IP to 192.168.0.22 - for example using:
sudo ip addr add 192.168.0.22/24 dev <interface>
- Set up a TFTP server on your machine
- Put the sysupgrade image in TFTP server root named as 'root_uImage'
(no quotes), for example using tftpd:
cp openwrt-ramips-rt305x-zte_mf283plus-squashfs-sysupgrade.bin /srv/tftp/root_uImage
- Power on the router holding BOTH Reset and WPS buttons held for around
5 seconds, until after WWAN and Signal LEDs blink.
- Wait for OpenWrt to start booting up, this should take around a
minute.
Return to original firmware:
Here, again there are two possibilities are possible, just like for
installation:
(1) Using initramfs-kernel image and serial console
(2) Using TFTP recovery
(1) Using initramfs-kernel image and serial console
- Boot OpenWrt initramfs-kernel image via TFTP the same as for
installation.
- Copy over the backed up "firmware.bin" image of "mtd3" to /tmp/
- Use "mtd write /tmp/firmware.bin /dev/mtd3", where firmware.bin is
your backup taken before OpenWrt installation, and /dev/mtd3 is the
"firmware" partition.
(2) Using TFTP recovery
- Follow the same steps as for installation, but replacing 'root_uImage'
with firmware backup you took during installation, or by vendor
firmware obtained elsewhere.
A few quirks of the device, noted from my instance:
- Wired and wireless MAC addresses written in flash are the same,
despite being in separate locations.
- Power LED is hardwired to 3.3V, so there is no status LED per se, and
WLAN LED is controlled by WLAN driver, so I had to hijack 3G/4G LED
for status - original firmware also does this in bootup.
- FXS subsystem and its LED is controlled by the
modem, so it work independently of OpenWrt.
Tested to work even before OpenWrt booted.
I managed to open up modem's shell via ADB,
and found from its kernel logs, that FXS and its LED is indeed controlled
by modem.
- While finding LEDs, I had no GPL source drop from ZTE, so I had to probe for
each and every one of them manually, so this might not be complete -
it looks like bicolor LED is used for FXS, possibly to support
dual-ported variant in other device sharing the PCB.
- Flash performance is very low, despite enabling 50MHz clock and fast
read command, due to using 4k sectors throughout the target. I decided
to keep it at the moment, to avoid breaking existing devices - I
identified one potentially affected, should this be limited to under
4MB of Flash. The difference between sysupgrade durations is whopping
3min vs 8min, so this is worth pursuing.
In vendor firmware, WWAN LED behaviour is as follows, citing the manual:
- red - no registration,
- green - 3G,
- blue - 4G.
Blinking indicates activity, so netdev trigger mapped from wwan0 to blue:wwan
looks reasonable at the moment, for full replacement, a script similar to
"rssileds" would need to be developed.
Behaviour of "Signal LED" in vendor firmware is as follows:
- Off - no signal,
- Blinking - poor coverage
- Solid - good coverage.
A few more details on the built-in LTE modem:
Modem is not fully supported upstream in Linux - only two CDC ports
(DIAG and one for QMI) probe. I sent patches upstream to add required device
IDs for full support.
The mapping of USB functions is as follows:
- CDC (QCDM) - dedicated to comunicating with proprietary Qualcomm tools.
- CDC (PCUI) - not supported by upstream 'option' driver yet. Patch
submitted upstream.
- CDC (Modem) - Exactly the same as above
- QMI - A patch is sent upstream to add device ID, with that in place,
uqmi did connect successfully, once I selected correct PDP context
type for my SIM (IPv4-only, not default IPv4v6).
- ADB - self-explanatory, one can access the ADB shell with a device ID
added to 51-android.rules like so:
SUBSYSTEM!="usb", GOTO="android_usb_rules_end"
LABEL="android_usb_rules_begin"
SUBSYSTEM=="usb", ATTR{idVendor}=="19d2", ATTR{idProduct}=="1275", ENV{adb_user}="yes"
ENV{adb_user}=="yes", MODE="0660", GROUP="plugdev", TAG+="uaccess"
LABEL="android_usb_rules_end"
While not really needed in OpenWrt, it might come useful if one decides to
move the modem to their PC to hack it further, insides seem to be pretty
interesting. ADB also works well from within OpenWrt without that. O
course it isn't needed for normal operation, so I left it out of
DEVICE_PACKAGES.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
[remove kmod-usb-ledtrig-usbport, take merged upstream patches]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 59d065c9f8)
[Manually remove no longer needed patches for modem]
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Removed because in upstream
generic/pending-5.4/770-02-net-ethernet-mtk_eth_soc-fix-rx-vlan-offload.patch
All others updated automatically.
Runtime-tested on bcm27xx/bcm2711.
Fixes: FS#3085
Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
When building for MikroTik devices the kernel2minor tool will sometimes
fail with:
Can't get lstat from kernel file!: No such file or directory.
This is because kernel2minor expects paths no longer than 250 chars.
To work around this the include/image-commands.mk has been modified
to copy the kernel to a temporary file (/tmp/tmp.XXXXXXXXXX) before
calling kernel2minor.
Signed-off-by: François Chavant <francois@chavant.info>
(cherry picked from commit 5a9608102b)
1. Move code above interface generation
It results in more logical order. Device gets its config section
above interface section.
2. Drop the loop
We have separated code handling bridges now so $device should be
guaranteed to contain a single device name.
3. Drop section name
It's not required by netifd or LuCI & it's not needed by this script
as $device contains a single device name now.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit e002179a6d)
The underlying logread process uses usock() to handle remote connections
which is able to handle both hostnames and IP addresses.
Ref: https://github.com/openwrt/luci/issues/5077
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit ec83fb9ced)
Replace "ifname" with "device" as netifd has been recently patches to
used the later one. It's more clear and accurate.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 4b9a67362d)
After the commit 43fc720657
("base-files: generate "device UCI type section for bridge"), the wrong
network configuration is generated for the devices that already have the
bridge device section for VLAN, such as the devices in realtek target.
As a result, the bridge device by additional "device" section is
specified to the "ports" option in the "bridge-vlan" section and netifd
shuts down the switch and the ethernet when the network service started.
Fixes: 43fc720657 ("base-files: generate "device" UCI type section for bridge")
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
[rmilecki: use $ports for generate_bridge_vlan argument]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 8cc4e87a2f)
Missing br- prefix could result in name conflict between DSA port
interface and bridge interface. Some devices with just one LAN port use
"lan" interface name for DSA port. Trying to create bridge with the same
"lan" name was failing.
Reported-by: David Bauer <mail@david-bauer.net>
Fixes: 43fc720657 ("base-files: generate "device" UCI type section for bridge")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 0e459668c5)
This switches from the old way of defining bridges in an "interface" UCI
section type (that should be used for layer 3 only). From now a defualt
board switch will have its own "device" UCI section type. It's a new &
preferred way of defining L2 devices.
Before:
config interface 'lan'
option type 'bridge'
option ifname 'lan1 lan2 lan3 lan4'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
After:
config device
option name 'lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config interface 'lan'
option ifname 'lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 43fc720657)
On login busybox shows a timestamp per default contianing the build
date. Since the build date isn't reproducible per default this behaviour
was disabled by default via 34df4d40 "busybox: disable timestamp in
version".
This commit modifies busybox so that the printed timestamp reproducible
using SOURCE_DATE_EPOCH and therefore shouldn't be disabled anymore.
Before:
BusyBox v1.33.1 () built-in shell (ash)
After:
BusyBox v1.33.1 (2021-05-13 09:34:34 UTC) built-in shell (ash)
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit a725382978)
use AUTORELEASE since BusyBox is often updaten and PKG_RELEASE is not
consistently bumped. Also use SPDX license headers to be machine
readable and bump the copyright year to 2021.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 25fdb42249)
Various report and data show that the freq 384000 is too low and cause some
extra latency to the entire system. OEM qsdk code also set the min frequency
for this target to 800 mhz.
Also some user notice some instability with this idle frequency, solved by
setting the min frequency to 600mhz. Fix all these kind of problem by
introducing a boot init.d script that set the min frequency to 600mhz and set
the ondemand governor to be more aggressive. The script set these value only if
the ondemand governor is detected. 384 mhz freq is still available and user can
decide to restore the old behavior by disabling this script.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
(cherry picked from commit 861b82d36a)
Previously, build would fail for targets containing devices with not
initramfs image (such as mpc85xx-p1010). Only generate the JSON image
info for the initramfs image when we have one to avoid breaking the
builds.
Fixes commit d3140d0529 ("build/json: generate json file for initramfs")
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 512229ce49)
The initramfs images are missing from the profiles.json files.
Signed-off-by: Moritz Warning <moritzwarning@web.de>
[fix code by exporting device variables]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit d3140d0529)
899c2a4 interface: support "device" attribute and deprecate "ifname"
62e3cb5 scripts/netifd-wireless.sh: add support for specifying the operating band
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 5fe549836f)
02dd2f2df7cb fix unannotated fall-through warnings
3052f2f67686 extdev: remove unused function
2a97fd006c3b device: add support for configuring devices with external auth handler
87e469be0c08 wireless: fix memory corruption bug when using vlans/station entries in the config
7277764bf817 bridge: rename "ifname" attribute to "ports"
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 829b5c2ba3)
Placeholder DHCP user scripts were added recently.
These files make package-based installations of such scripts more difficult.
Pull user callbacks from directories instead to allow packages and users to
install co-existing scripts more easily.
References:
130118f7a netifd: add a udhcpc.user placeholder script
Signed-off-by: Leon M. George <leon@georgemail.eu>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(cherry picked from commit 467c32600c)
f8899b9 netifd: bridge: set default value for igmp_snoop
327da98 netifd: add possibility to switch off route config
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b974293efa)
Document the existence of this feature. This allows the user to execute a script
at each DHCPv4 event. This is useful, for example, as an ad-hoc way to update a
DDNS entry when (and only when) required.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit 130118f7aa)
2e52c7e libubox: fix BLOBMSG_CAST_INT64 (do not override BLOBMSG_TYPE_DOUBLE)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit c82cc4407a)
Bridge aggregates multiple ports so use a more accurate name ("ports")
and format (array) for storing them in board.json.
Example:
"network": {
"lan": {
"ports": [
"lan1",
"lan2",
"lan3",
"lan4"
],
"protocol": "static"
},
"wan": {
"ifname": "wan",
"protocol": "dhcp"
}
}
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit d42640e389)
This marks all packages which depend on a target with @TARGET nonshared.
If they are not marked nonshared they would be build by the SDK build
and if this happens with a different SDK, then the SDK from the target
the package depends on, the package would not be added to the index.
This should fix the image builder for some of these packages.
This should fix the image builder at least for bcm27xx/bcm2710 and
bcm4908/generic.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1903233f2b)
Prevent build error on Alpine Linux host:
libfakeroot.c error: conflicting types for 'id_t'
Error relocating openwrt/staging_dir/host/lib/libfakeroot.so: SEND_GET_XATTR: symbol not found
Signed-off-by: Ruslan Isaev <legale.legale@gmail.com>
(cherry picked from commit 7a70f78fb7)
Use an 'if' so the absence of $(LINUX_DIR)/user_headers doesn't make the
line evaluate to false and cause the build to fail.
Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
(cherry picked from commit cc76e34c10)
This adjusts the Makefile to use the new option to turn off the
doc builds. It will not cause any problems except a warning
about unused options if combined with a ccache source missing
the upstream patch.
Since a config setting is required to re-enable the doc build this
is equivalent to unconditionally disabling the docs if the config
setting is not created.
Signed-off-by: David Adair <djabhead@aol.com>
(cherry picked from commit 2d15468323)
The higher 16-bit of EEE register was overwritten by mistake, fix that.
Fixes: 5b9ba4a93e ("generic: mt7530: support adjusting EEE")
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
(cherry picked from commit 8d1567ba61)
Rid of kernel error message:
[ 0.780828] orion-mdio d0072004.mdio: IRQ index 0 not found
on Marvell targets backporting the kernel commit fa2632f74e57
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
(cherry picked from commit d683175236)
The patch 434-nand-brcmnand-fix-OOB-R-W-with-Hamming-ECC.patch is
integrated in the kernel update 5.4.119 and not needed any more.
Fixes: 9d21eccc6b ("kernel: bump 5.4 to 5.4.119")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6a6011d uclient-http: set eof mark when content-length is 0
19571e4 tests: fix help usage test for uclient built with sanitizer
c5fc04b tests: fix help usage test
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
(cherry picked from commit 1ec6fc4dcb)
PREFER_IPV4_ADDRESS is broken on IPv6-only hosts, as it causes busybox
utilities (ping, traceroute, ntpd) to forcibly use the A record instead of
the AAAA record when resolving a DNS name. This obviously fails when
there is no IPv4 connectivity. Since IPv6-only hosts or routers will only
become more common over time, disable PREFER_IPV4_ADDRESS to support this
use-case.
As a side-effect, disabling PREFER_IPV4_ADDRESS changes the default
resolution behaviour of busybox utilities on dual-stack hosts. Busybox
utilities now simply use the order given by getaddrinfo(), so they will
now prefer IPv6 addresses when resolving a name with both A and AAAA
records if there is IPv6 connectivity. This is in line with RFC 6724.
PREFER_IPV4_ADDRESS was likely intended to work around naive
implementations of getaddrinfo() that could return AAAA records first,
even on an IPv4-only host. But both musl (since 1.1.3) and glibc
correctly implement RFC 6724 for getaddrinfo() and check connectivity to
determine the correct order in which to return records. On IPv4-only
hosts, getaddrinfo() will return A records first, so there is no need for
the PREFER_IPV4_ADDRESS hack.
See also: https://bugs.busybox.net/show_bug.cgi?id=12381
Fixes: FS#84
Fixes: FS#2608
References: https://github.com/openwrt/openwrt/pull/4167
Signed-off-by: Alexander Traud <pabstraud@compuserve.com>
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
(cherry picked from commit 7fea9d9f5d)
Instead of adding all public signature keys from the openwrt-keyring
repository only add the key which is used to sign the OpenWrt 21.02 feeds.
If one of the other keys would be compromised this would not affect
users of 21.02 release builds.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Vendor firmware expects model name without manufacturer name inside
'supported_devices' part of metadata. This allows direct upgrade to
OpenWrt from vendor's GUI.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit cf3f1f82ea)
2be57ed cosmetics: provide compatible system info on Aarch64
37eed13 system: expose if system was booted from initramfs
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry-picked from commit 5f1bd95278)
Includes fix for CVE-2020-24588
186af01047b2 mt76: mt7921: introduce MCU_EVENT_LP_INFO event parsing
93b5c28c97d5 mt76: mt7921: add rcu section in mt7921_mcu_tx_rate_report
a8e89c5a1d1f mt76: testmode: add support to send larger packet
a0cc9a9e3877 mt76: mt7915: rework mt7915_tm_set_tx_len()
c8b96630324e mt76: mt7915: fix rate setting of tx descriptor in testmode
22fd2958c42a mt76: mt7615: fix memleak when mt7615_unregister_device()
7401e0db3143 mt76: mt7915: fix memleak when mt7915_unregister_device()
c3656268b3f6 mt76: mt7915: only free skbs after mt7915_dma_reset() when reset happens
0ce955b04ba8 mt76: mt7615: only free skbs after mt7615_dma_reset() when reset happens
b03d1e62acf7 mt76: mt7615: use ieee80211_free_txskb() in mt7615_tx_token_put()
5ac02e22fb03 mt76: flush tx status queue on DMA reset
c71f609b398a mt76: sync with upstream changes
23ecadd4af77 mt76: mt7615: fix hardware error recovery for mt7663
57a899ee3c3c mt76: mt7615: fix entering driver-own state on mt7663
42a2dddb706b mt76: mt7615: load ROM patch before checking patch semaphore status
cf0e406af84a mt76: mt7915: add support for applying pre-calibration data
459940ccbc58 mt76: mt7921: move hw configuration in mt7921_register_device
0a094b11f3c0 mt76: improve mcu error logging
bf536832e37d mt76: mt7921: run mt7921_mcu_fw_log_2_host holding mt76 mutex
7616f4f78163 mt76: mt7921: add wifisys reset support in debugfs
e620bd881ef5 mt76: mt7921: abort uncompleted scan by wifi reset
e8dacf59ab1c mt76: mt7915: rework the flow of txpower setting
c8c78e577236 mt76: mt7915: directly read per-rate tx power from registers
1622bf4f8705 mt76: mt7921: add mt7921_dma_cleanup in mt7921_unregister_device
ef96fafad8a9 mt76: Convert to DEFINE_SHOW_ATTRIBUTE
90e4bfea2948 mt76: mt7921: do not use 0 as NULL pointer
0a139d7f5966 mt76: connac: move mcu_update_arp_filter in mt76_connac module
de26c73ce3c2 mt76: mt7921: remove leftover function declaration
1c0b6cb4f942 mt76: mt7921: fix a race between mt7921_mcu_drv_pmctrl and mt7921_mcu_fw_pmctrl
2923e3e2b8e4 mt76: mt7663: fix a race between mt7615_mcu_drv_pmctrl and mt7615_mcu_fw_pmctrl
74d0fdaa7a99 mt76: connac: introduce wake counter for fw_pmctrl synchronization
28c87e09a5ea mt76: mt7921: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx path
36f664edc7db mt76: mt7663: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx path
51b3d1a9a2b7 mt76: dma: add the capability to define a custom rx napi poll routine
4f1339c9fb72 mt76: mt7921: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx/rx napi
1bc5e67a60be mt76: mt7663: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx/rx napi
325f7b451c03 mt76: connac: unschedule ps_work in mt76_connac_pm_wake
12115052a02f mt76: connac: check wake refcount in mcu_fw_pmctrl
e5d28e3cef66 mt76: connac: remove MT76_STATE_PM in mac_tx_free
475112a3cdcc mt76: mt7921: get rid of useless MT76_STATE_PM in mt7921_mac_work
112998f32d85 mt76: connac: alaways wake the device before scanning
4334f3e2fc43 mt76: mt7615: rely on pm refcounting in mt7615_led_set_config
0562380659ad mt76: connac: do not run mt76_txq_schedule_all directly
acfa78df5708 mt76: connac: use waitqueue for runtime-pm
ca74a4cd0722 mt76: remove MT76_STATE_PM in tx path
0c2d3e74852e mt76: mt7921: add awake and doze time accounting
45e0eefffe9f mt76: mt7921: enable sw interrupts
fd2ff641166f mt76: mt7615: Fix a dereference of pointer sta before it is null checked
7e2521468767 mt76: mt7921: move mt7921_dma_reset in dma.c
c9dd6b1fa171 mt76: mt7921: introduce mt7921_wpdma_reset utility routine
2ac7c7e9c568 mt76: mt7921: introduce mt7921_dma_{enable,disable} utilities
662a89f2b9d1 mt76: mt7921: introduce mt7921_wpdma_reinit_cond utility routine
614efe9e9180 mt76: connac: introduce mt76_connac_mcu_set_deep_sleep utility
0dbb16ef39d8 mt76: mt7921: enable deep sleep when the device suspends
3c19f569cc70 mt76: mt7921: fix possible invalid register access
ade1f5aad4c6 mt76: move token_lock, token and token_count in mt76_dev
8d5c456be1ff mt76: move token utilities in mt76 common module
fb04d9df5e52 mt76: mt7915: do not read rf value from efuse in flash mode
2126b2176336 mt76: mt7921: get rid of mcu_reset function pointer
d325b7eff1b1 mt76: mt7921: improve doze opportunity
2ae25c7e547e mt76: mt7663: add awake and doze time accounting
349bbb9d6f13 mt76: connac: unschedule mac_work before going to sleep
98a235004dea mt76: mt7921: mt7921_stop should put device in fw_own state
63d80b9ab251 mt76: mt7921: introduce mt7921_mcu_sta_add routine
3c5bf837fdbd mt76: mt7615: fix a precision vs width bug in printk
ded14da5eacc mt76: mt7915: fix a precision vs width bug in printk
aaf0d254f9ea mt76: mt7921: fix a precision vs width bug in printk
757af5c67d32 mt76: move mt76_token_init in mt76_alloc_device
ed41ed73a495 mt76: mt7921: reinit wpdma during drv_own if necessary
92fb81e085c6 mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report
53d915a23bc9 mt76: connac: do not schedule wake_work if the runtime-pm is disabled
23fe1bdcf15a mt76: connac: do not schedule mac_work if the device is not running
e5b19336c58e mt76: mt7615: do not set MT76_STATE_PM at bootstrap
0fc2136a61dd mt76_connac_mcu: move mt76_connac_mcu_update_arp_filter outside of CONFIG_PM
e693f3e23e06 mt76: mt7915: add MSI support
5231e7300fa4 mt7915: disable ASPM
554b50dabf54 mt76: connac: fix uninitialized HT A-MPDU setting field in STA_REC_PHY
43b9c0a838bb mt76: mt7921: fix max aggregation subframes setting
5a387a0a3004 mt76: mt7921: enable rx hw de-amsdu
c8cbcb87be07 mt76: connac: add missing configuration in mt76_connac_mcu_wtbl_hdr_trans_tlv
55921e57b380 mt76: mt7921: enable rx header traslation offload
01441f67d8b2 mt76: mt7921: enable rx csum offload
c9ab76dd93a0 mt76: mt7915: move mt7915_queue_rx_skb to mac.c
caedb4c4ee41 mt76: mt7615: fix fixed-rate tx status reporting
c6ae95d43e6d mt76: improve tx status codepath
27d468d094e6 mt76: mt7915: rework tx rate reporting
3b4ca5b09e2c mt76: mt7615: avoid use of ieee80211_tx_info_clear_status
e1f07d7f1cb9 mt76: mt7603: avoid use of ieee80211_tx_info_clear_status
18513ba5fbc2 mt76: mt7915: add support for tx status reporting
35f189cf81b2 mt76: mt7915: fix uninitialized variable in MSI error handling
9e928ac1ea9b mt76: dma: use ieee80211_tx_status_ext to free packets when tx fails
628eee9c386c mt76: fill queue entry wcid for all skbs with a station
a9bc4d94b7a1 mt76: intialize tx queue entry wcid to 0xffff by default
998ca8af7d17 mt76: mt7915: fix tssi indication field of DBDC NICs
7dd24b3cfacf mt76: mt7915: fix a signedness bug in mt7915_mcu_apply_tx_dpd()
535025d65d8d mt76: mt7915: cleanup mt7915_mcu_sta_rate_ctrl_tlv()
ff8bbe22dd87 mt76: mt7915: add .set_bitrate_mask() callback
c7dd54a22e30 mt76: connac: skip wtbl reset on sta disconnect
3511fd430356 mt76: validate rx A-MSDU subframes
aedc3145de6e mt76: fix possible NULL pointer dereference in mt76_tx
5c2baab92cd0 mt76: mt7615: fix NULL pointer dereference in tx_prepare_skb()
af21659ee834 mt76: mt76x0: use dev_debug instead of dev_err for hw_rf_ctrl
e423c16f16f7 mt76: mt7615: free irq if mt7615_mmio_probe fails
f2d0da8da9b7 mt76: mt7663: enable hw rx header translation
d2713a5d9de9 mt76: mt7921: fix mt7921_wfsys_reset sequence
ce5f32d84f33 mt76: mt7921: Don't alter Rx path classifier
8ab8c7747197 mt76: connac: fw_own rely on all packet memory all being free
a747b0bb4956 mt76: mt7921: enable deep sleep at runtime
2e6e999509b1 mt76: mt7921: add deep sleep control to runtime-pm knob
30bcb2338ce2 mt76: connac: fix WoW with disconnetion and bitmap pattern
56518f4a126e mt76: mt7921: consider the invalid value for to_rssi
e969ab10a034 mt76: mt7921: add back connection monitor support
28b162366d09 mt76: fix calling mt76_get_of_eeprom with an offset for pre-cal data
9d736545bb5a mt76: mt7915: disable pre-calibration support for now
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit f62aa9e781)
From the patch series description:
Several security issues in the 802.11 implementations were found by
Mathy Vanhoef (New York University Abu Dhabi), who has published all
the details at
https://papers.mathyvanhoef.com/usenix2021.pdf
Specifically, the following CVEs were assigned:
* CVE-2020-24586 - Fragmentation cache not cleared on reconnection
* CVE-2020-24587 - Reassembling fragments encrypted under different
keys
* CVE-2020-24588 - Accepting non-SPP A-MSDU frames, which leads to
payload being parsed as an L2 frame under an
A-MSDU bit toggling attack
* CVE-2020-26139 - Forwarding EAPOL from unauthenticated sender
* CVE-2020-26140 - Accepting plaintext data frames in protected
networks
* CVE-2020-26141 - Not verifying TKIP MIC of fragmented frames
* CVE-2020-26142 - Processing fragmented frames as full frames
* CVE-2020-26143 - Accepting fragmented plaintext frames in
protected networks
* CVE-2020-26144 - Always accepting unencrypted A-MSDU frames that
start with RFC1042 header with EAPOL ethertype
* CVE-2020-26145 - Accepting plaintext broadcast fragments as full
frames
* CVE-2020-26146 - Reassembling encrypted fragments with non-consecutive
packet numbers
* CVE-2020-26147 - Reassembling mixed encrypted/plaintext fragments
In general, the scope of these attacks is that they may allow an
attacker to
* inject L2 frames that they can more or less control (depending on the
vulnerability and attack method) into an otherwise protected network;
* exfiltrate (some) network data under certain conditions, this is
specific to the fragmentation issues.
A subset of these issues is known to apply to the Linux IEEE 802.11
implementation (mac80211). Where it is affected, the attached patches
fix the issues, even if not all of them reference the exact CVE IDs.
In addition, driver and/or firmware updates may be necessary, as well
as potentially more fixes to mac80211, depending on how drivers are
using it.
Specifically, for Intel devices, firmware needs to be updated to the
most recently released versions (which was done without any reference
to the security issues) to address some of the vulnerabilities.
To have a single set of patches, I'm also including patches for the
ath10k and ath11k drivers here.
We currently don't have information about how other drivers are, if
at all, affected.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Kernel 5.10 is not supported by OpenWrt 21.02, remove this patch.
Fixes: d530ff37bf ("mvebu: armada 370: dts: fix the crypto engine")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
CONFIG_FORTIFY_SOURCE=y is already set in the generic kernel
configuration, but it is not working for MIPS on kernel 5.4, support for
MIPS was only added with kernel 5.5, other architectures like aarch64
support FORTIFY_SOURCE already since some time.
This patch adds support for FORTIFY_SOURCE to MIPS with kernel 5.4,
kernel 5.10 already supports this and needs no changes.
This backports one patch from kernel 5.5 and one fix from 5.8 to make
fortify source also work on our kernel 5.4.
The changes are not compatible with the
306-mips_mem_functions_performance.patch patch which was also removed
with kernel 5.10, probably because of the same problems. I think it is
not needed anyway as the compiler should automatically optimize the
calls to memset(), memcpy() and memmove() even when not explicitly
telling the compiler to use the build in variant.
This increases the size of an uncompressed kernel by less than 1 KB.
Acked-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9ffa2f8193)
3f5080aedd nptl: Do not build nptl/tst-pthread-gdb-attach as PIE
36783141cf nptl: Check for compatible GDB in nptl/tst-pthread-gdb-attach
ea299b62e8 nptl_db: Support different libpthread/ld.so load orders (bug 27744)
162df872f0 x86: tst-cpu-features-supports.c: Update AMX check
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 2fc20886ec)
MAC addresses read from official firmware
value location
Wlan xx 71 de factory@0x04
Lan xx 71 dd factory@0x28
Wan xx 71 df factory@0x2e
Label xx 71 dd factory@0x28
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[fix sorting in 02_network, redact commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit e57e460dc7)
The routerbootparts driver dynamically discovers the location of MikroTik
partitions, but it cannot determine their size (except by extending them
up to the start of the next discovered partition).
The hard_config partition has a default size of 0x1000 in the driver,
while it actually takes 0x2000 on the hAP-ac2. Set the correct size in
the hAP-ac2 DTS.
On most devices, this isn't a problem as the actual data fits in 0x1000
bytes. However, some devices have larger data that doesn't fit in 0x1000
bytes. In any case, all devices seen so far have enough space for a
0x2000 hard_config partition before the start of the dtb_config partition.
With the current 0x1000 size:
0x00000000e000-0x00000000f000 : "hard_config"
0x000000010000-0x000000017bbc : "dtb_config"
With this patch extending the size to 0x2000:
0x00000000e000-0x000000010000 : "hard_config"
0x000000010000-0x000000017bbc : "dtb_config"
Other ipq40xx boards may need the same fix but it needs testing.
References: https://forum.openwrt.org/t/support-for-mikrotik-hap-ac2/23333/324
Acked-by: Thibaut VARÈNE <hacks@slashdirt.org>
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
(cherry picked from commit 979f406366)
Using these config-options to customize the folders used at build-time makes these
folder settings appear in generated archive. This causes the SDK to be not
portable, as it's going to use the build-time folders on the new systems.
The errors vary from passing the build, disk out-of-space to permission denied.
The build-time settings of these folders are passed into the archive via Config.build.
The expected behavior is that the SDK acts after unpacking like these settings have
their defaults, using intree folders. So just filter these folders out when running
convert-config.pl to create Config.build.
This addresses the same issue that's fixed in the previous commit for the imagebuilder.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
(cherry picked from commit 1e4b191ac8)
Using these config-options to customize the folders used at build-time
makes these folder settings appear in generated archive. This causes the
imagebuilder to be not portable, as it's going to use the build-time folders
on the new systems. Errors look like:
mkdir: cannot create directory '/mnt/build': Permission denied
Makefile:116: recipe for target '_call_image' failed
make[2]: *** [_call_image] Error 1
Makefile:241: recipe for target 'image' failed
make[1]: *** [image] Error 2
The build-time settings of these folders are passed into the archives via
.config file.
The expected behavior is that after unpacking the imagebuilder acts like
these settings have their defaults, using intree folders. So unset the
build-time settings.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
(cherry picked from commit 6967903b01)
The code uses get_mtd_device_nm() which must be followed by a call to
put_mtd_device() once the handle is no longer used.
This fixes spurious shutdown console messages such as:
[ 2256.334562] Removing MTD device #7 (soft_config) with use count 1
Reported-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit 4e385a27d6)
With some debug in qmi.sh using following patch, some errors are visible
in the registration step
@@ -29,6 +29,7 @@ proto_qmi_init_config() {
}
proto_qmi_setup() {
+ set -x
local interface="$1"
local dataformat connstat plmn_mode mcc mnc
local device apn auth username password pincode delay modes pdptype
@@ -224,6 +225,8 @@ proto_qmi_setup() {
fi
done
+ registration=$(uqmi -s -d "$device" --get-serving-system)
+
[ -n "$modes" ] && uqmi -s -d "$device" --set-network-modes "$modes" > /dev/null 2>&1
echo "Starting network $interface"
During the boot of the system, modem could not start automatically its
network registration.
netifd: wan (9235): + echo 'Waiting for network registration'
netifd: wan (9235): Waiting for network registration
netifd: wan (9235): + local 'registration_timeout=0'
netifd: wan (9235): + uqmi -s -d /dev/cdc-wdm1 --get-serving-system
netifd: wan (9235): + grep '"searching"'
netifd: wan (9235): + uqmi -s -d /dev/cdc-wdm1 --get-serving-system
netifd: wan (9235): + registration='{"registration":"not_registered","plmn_mcc":208,"plmn_mnc":20,"plmn_description":"","roaming":true}'
netifd: wan (9235): + '[' -n ]
netifd: wan (9235): + echo 'Starting network wan'
As the while loop checks only "searching" pattern, uqmi.sh script quits
searching loop and continues whereas the modem is not registered
Other issue, after X seconds modem stops searching.
netifd: wan (9213): + uqmi -s -d /dev/cdc-wdm0 --get-serving-system
netifd: wan (9213): + grep '"searching"'
netifd: wan (9213): + '[' -e /dev/cdc-wdm0 ]
netifd: wan (9213): + '[' 3 -lt 0 -o 0 '=' 0 ]
netifd: wan (9213): + let registration_timeout++
netifd: wan (9213): + sleep 1
netifd: wan (9213): + uqmi -s -d /dev/cdc-wdm0 --get-serving-system
netifd: wan (9213): + grep '"searching"'
netifd: wan (9213): + uqmi -s -d /dev/cdc-wdm0 --get-serving-system
netifd: wan (9213): + registration='{"registration":"not_registered"}'
netifd: wan (9213): + '[' -n ]
netifd: wan (9213): + echo 'Starting network wan'
netifd: wan (9213): Starting network wan
If registration_timeout is not expired, registration can be restarted
Signed-off-by: Thomas Richard <thomas.richard@kontron.com>
Tested-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 2eda042d55)
OpenWRT requires a number of Perl modules to be installed. It wasn't checking on all of them.
This patch adds checks for Perl FindBin, File::Copy, File::Compare and Thread::Queue modules.
Failing to install these, will have the build break at some point. By adding these to the
prereq-build.mk script, they are checked on forehand.
Tested on a Fedora 33 and 34 (beta) that was freshly installed. Fedora appears to
break up Perl modules into small packages that need to be installed for the build to succeed.
Signed-off-by: Bas Mevissen <abuse@basmevissen.nl>
(cherry picked from commit f68c9474ac)
The stock firmware does not accept firmware with "Talon" in the name.
Tested on firmware version 1.0.10 Build 20160902 rel. 57400 which came
preinstalled, as well as latest firmware version 2.0.1 Build 20170103
rel.71053 flashed from
AD7200v1-up-ver2-0-1-P1[20170103-rel71053]_2017-01-04_10.08.28.bin.
Fixes: 1a775a4fd0 ("ipq806x: add support for TP-Link Talon AD7200")
Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
[added details about vendor firmware]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit dfef88b6ca)
Fixes issue with merged DNS requests in 2.83/2.84 not being
retried on the firsts failed request causing lookup failures.
Also fixes the following security problem in dnsmasq:
* CVE-2021-3448:
If specifiying the source address or interface to be used
when contacting upstream name servers such as:
server=8.8.8.8@1.2.3.4, server=8.8.8.8@1.2.3.4#66 and
server=8.8.8.8@eth0 then all would use the same socket
bound to the explicitly configured port. Now only
server=8.8.8.8@1.2.3.4#66 will use the explicitly
configured port and the others random source ports.
Remove upstreamed patches and update remaining patch.
Signed-off-by: Alan Swanson <reiver@improbability.net>
[refreshed old runtime support patch]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 3980daffa4)
This package depends on the lantiq target and is only build for that
target. A normal package would be build by the SDK builder probably
under a different target and then this package will not be selected.
Mark it as nonshared to build it when the lantiq target gets build.
Fixes: FS#3773, FS#3774
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 454d514f46)
The removed patches were applied upstream and are not needed anymore.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 17ac9849d3)
This backports a fix for the low priority CVE-2021-28831:
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit
on the huft_build result pointer, with a resultant invalid free or
segmentation fault, via malformed gzip data.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 13397b2b95)
This commit adds support for the MikroTik SXTsq 5 ac (RBSXTsqG-5acD),
an outdoor 802.11ac wireless CPE with one 10/100/1000 Mbps Ethernet
port.
Specifications:
- SoC: Qualcomm Atheros IPQ4018
- RAM: 256 MB
- Storage: 16 MB NOR
- Wireless: IPQ4018 (SoC) 802.11a/n/ac 2x2:2, 16 dBi antennae
- Ethernet: IPQ4018 (SoC) 1x 10/100/1000 port, 10-28 Vdc PoE in
- 1x Ethernet LED (green)
- 7x user-controllable LEDs
· 1x power (blue)
· 1x user (green)
· 5x rssi (green)
Note:
Serial UART is probably available on the board, but it has not been
tested.
Flashing:
Boot via TFTP the initramfs image. Then, upload a sysupgrade image
via SSH and flash it normally. More info at the "Common procedures
for MikroTik products" page https://openwrt.org/toh/mikrotik/common.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit d1f1e5269e)
[Compile and Run Tested]
Signed-off-by: Nick Hainke <vincent@systemli.org>
This adds support for the MikroTik RouterBOARD RBD52G-5HacD2HnD-TC
(hAP ac²), a indoor dual band, dual-radio 802.11ac
wireless AP with integrated omnidirectional antennae, USB port and five
10/100/1000 Mbps Ethernet ports.
See https://mikrotik.com/product/hap_ac2 for more info.
Specifications:
- SoC: Qualcomm Atheros IPQ4018
- RAM: 128 MB
- Storage: 16 MB NOR
- Wireless:
· Built-in IPQ4018 (SoC) 802.11b/g/n 2x2:2, 2.5 dBi antennae
· Built-in IPQ4018 (SoC) 802.11a/n/ac 2x2:2, 2.5 dBi antennae
- Ethernet: Built-in IPQ4018 (SoC, QCA8075) , 5x 1000/100/10 port,
passive PoE in
- 1x USB Type A port
Installation:
Boot the initramfs image via TFTP and then flash the sysupgrade
image using "sysupgrade -n"
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit faea7becaf)
[Compile Tested]
Signed-off-by: Nick Hainke <vincent@systemli.org>
The mode on the SGMII SerDes on the QCA9563 is 1000 Base-X by default.
This only allows for 1000 Mbit/s links, however when used with an SGMII
PHY in 100 Mbit/s link mode, the link remains dead.
This strictly has nothing to do with the SerDes calibration, however it
is done at the same point in the QCA reference U-Boot which is the
blueprint for everything happening here. As the current state is more or
less a hack, this should be fine.
This fixes the issues outlined above on a TP-Link EAP-225 Outdoor.
Reported-by: Tom Herbers <freifunk@tomherbers.de>
Tested-by: Tom Herbers <freifunk@tomherbers.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit fbbad9a9a6)
Before: Kernel reported "usb_vbus: disabling" and the USB was not
providing power
After: USB power is switched on, peripheral is powered from the
device
Signed-off-by: Tom Stöveken <tom@naaa.de>
[squash and tidy up]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a6f7268dc7)
Removed because in upstream*
mvebu/patches-5.4/319-ARM-dts-turris-omnia-configure-LED-2--INTn-pin-as-interrupt-pin.patch
Manually rebased*
generic/backport-5.4/700-v5.5-net-core-allow-fast-GRO-for-skbs-with-Ethernet-heade.patch
Added new backport*
generic/backport-5.4/050-gro-fix-napi_gro_frags-Fast-GRO-breakage-due-to-IP-a.patch
All others updated automatically.
The new backport was included based on this[1] upstream commit that will be
mainlined soon. This change is needed because Eric Dumazet's check for
NET_IP_ALIGN (landed in 5.4.114) causes huge slowdowns on drivers which use
napi_gro_frags().
Compile-tested on: x86/64, armvirt/64, ath79/generic
Runtime-tested on: x86/64, armvirt/64, ath79/generic
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Since support for SFP on the MikroTik RouterBOARD 922UAGS-5HPacD was
added by 4387fe00cb, the MAC addresses for eth0 (Ethernet) and eth1
(SFP) were swapped. This patch fixes the 02_network script to assign MAC
addresses correctly, so they match the label and the vendor's OS.
Tested on a RouterBOARD 922UAGS-5HPacD board.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit 14a95b36b1)
This patch enables the SFP cage on the MikroTik RouterBOARD 922UAGS-5HPacD.
GPIO16 (tx-disable-gpios) should be governed by the SFP driver to enable
or disable transmission, but no change is observed. Therefore, it is
left as output high to ensure the SFP module is forced to transmit.
Tested on a RouterBOARD 922UAGS-5HPacD board, with a CISCO GLC-LH-SMD
1310nm module and an unbranded GLC-T RJ45 Gigabit module. PC=>router
iperf3 tests deliver 440/300 Mbps up/down, both via regular eth0 port
or SFP port with RJ45 module. Bridge between eth0 and eth1 delivers
950 Mbps symmetric.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit 4387fe00cb)
Missing braces in a macro were leading to badly working rates sometimes
getting a success probabilty of 1.0
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 12cb52bd06)
It's in backports-5.4, but it wasn't ever merged. Upstream followed another
approach, with flow offloading, which has much better performance. Drop this
obsolete patch and refresh the kernel patches.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 17576b1b2a)
With the old ubus dsl API, the numbers for the individual line_states and
power_states were also returned. These were not ported to the new DSL
C-API. This commit adds the missing information.
For this the internal values are mapped to numbers.
* additional JSON output for state_num:
"state_num": <map_state_number>
Since not all values are meaningful only the following values are
implemented, this can be extended if the future.
* LSTATE_MAP_NOT_INITIALIZED
* LSTATE_MAP_EXCEPTION
* LSTATE_MAP_IDLE
* LSTATE_MAP_SILENT
* LSTATE_MAP_HANDSHAKE
* LSTATE_MAP_FULL_INIT
* LSTATE_MAP_SHOWTIME_NO_SYNC
* LSTATE_MAP_SHOWTIME_TC_SYNC
* LSTATE_MAP_RESYNC
* additinal JSON output for power_level:
"power_state_num": <map_power_satte_number>,
Since there are not so many here, all are mapped.
* PSTATE_MAP_NA,
* PSTATE_MAP_L0,
* PSTATE_MAP_L1,
* PSTATE_MAP_L2,
* PSTATE_MAP_L3,
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
v6:
Add state LSTATE_MAP_NOT_INITILIZED at the beginning of the list
Start the list LSTATE_MAP with -1
Reviewed-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 4407d45d96)
Switch to Actual Net Data Rate (ACTNDR) for speed reporting on lantiq VDSL modems
Refer to ITU-T G.997.1 chapter 7.5.2.8
Independent whether retransmission is used or not in a given transmit direction:
- In L0 state, this parameter reports the Net Data Rate (as specified in G.992.3, G.992.5 or G.993.2) at which the bearer channel is operating.
- In L2 state, the parameter contains the Net Data Rate (as specified in G.992.3, G.992.5 or G.993.2) in the previous L0 state.
Signed-off-by: Jeroen Peelaerts <jeroen.peelaerts@gmail.com>
Reviewed-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 4f27ea7c33)
This commit adds monitoring for a couple of DSL line features that are
present in the lantiq firmware blobs.
* G.INP ON/OFF
* Trellis encoding ON/OFF
* Virtaul Noise ON/OFF
* Bitswap ON/OFF
Difference in size for ltq-vdsl-app = 1k
Difference in size for kmod-ltq-vdsl-vr9 < 1k
Reviewed-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Jeroen Peelaerts <jeroen.peelaerts@gmail.com>
(cherry picked from commit 48162e4c0c)
U-Boot uses the "bootpartition" variable stored in
"u-boot-env2" to select the active system partition. Allow
updates to enable system switching from OpenWrt.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit 11d24ffe96)
Switch the Netgear DTSI for the Realtek target from the OEM partition
naming scheme to accepted OpenWrt naming practices. A quick git grep for
'u-boot-env' e.g. in the OpenWrt tree turns up almost 500 hits whereas
grepping for 'bdinfo' (the OEM equivalent) returns a meagre 14.
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
(cherry picked from commit 1601b39b61)
Otherwise, the last defined value will be set for all devices.
Fixes: c6c8d597e1 ("realtek: Add generic zyxel_gs1900 image definition")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 851dadc257)
The rtl83xx-phy driver is necessary for proper configuration of the
PHYs if U-Boot hasn't done that.
1000Base-T SFPs often contains a Marvell 88E1111 and will not work
without this driver. Include it by default to support copper SFPs.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit 07bf5aaa4c)
There is no need to define a static link or a phy for the sfp
ports. Using phy-mode and managed properties to describe the
link to the sfp phy.
We have to keep the now unconnected virtual "phys" because the
switch driver uses their "phy-is-integrated" property to figure
out which ports to enable as fibre ports.
Acked-by: Birger Koblitz <mail@birger-koblitz.de>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit e8d391bd46)
From the validate docs in include/linux/phylink.h:
When state->interface is PHY_INTERFACE_MODE_NA, phylink expects the
MAC driver to return all supported link modes.
Tested-by: Birger Koblitz <mail@birger-koblitz.de>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit 785d830e88)
This bug was the root cause for the failing sfp driver.
Acked-by: Birger Koblitz <mail@birger-koblitz.de>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit b8e473d18c)
The ZyXEL GS1900-8 is a 8 port switch without any PoE functionality or
SFP ports, but otherwise similar to the other GS1900 switches.
Specifications
--------------
* Device: ZyXEL GS1900-8 v1.2
* SoC: Realtek RTL8380M 500 MHz MIPS 4KEc
* Flash: Macronix MX25L12835F 16 MiB
* RAM: Nanya NT5TU128M8GE-AC 128 MiB DDR2 SDRAM
* Ethernet: 8x 10/100/1000 Mbit
* LEDs: 1 PWR LED (green, not configurable)
1 SYS LED (green, configurable)
8 ethernet port status LEDs (green, SoC controlled)
* Buttons: 1 on-off glide switch at the back (not configurable)
1 reset button at the right side, behind the air-vent
(not configurable)
1 reset button on front panel (configurable)
* Power 12V 1A barrel connector
* UART: 1 serial header (JP2) with populated standard pin connector on
the left side of the PCB, towards the back. Pins are labelled:
+ VCC (3.3V)
+ TX (really RX)
+ RX (really TX)
+ GND
the labelling is done from the usb2serial connector's point of
view, so RX/ TX are mixed up.
Serial connection parameters for both devices: 115200 8N1.
Installation
------------
Instructions are identical to those for the GS1900-10HP and GS1900-8HP.
* Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10).
* Set up a TFTP server on your client and make it serve the initramfs
image.
* Connect serial, power up the switch, interrupt U-boot by hitting the
space bar, and enable the network:
> rtk network on
* Since the GS1900-10HP is a dual-partition device, you want to keep the
OEM firmware on the backup partition for the time being. OpenWrt can
only boot off the first partition anyway (hardcoded in the DTS). To
make sure we are manipulating the first partition, issue the following
commands:
> setsys bootpartition 0
> savesys
* Download the image onto the device and boot from it:
> tftpboot 0x84f00000 192.168.1.10:openwrt-realtek-generic-zyxel_gs1900-8-initramfs-kernel.bin
> bootm
* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:
> sysupgrade /tmp/openwrt-realtek-generic-zyxel_gs1900-8-squashfs-sysupgrade.bin
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit e6ba970b6e)
Add a new common device definition for the Zyxel GS1900 line of
switches.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c6c8d597e1)
Demote a number of debugging printk's to pr_debug to avoid log
nosie. Several of these functions are called as a result of
userspace activity. This can cause a lot of log noise when
userspace does periodic polling.
Most of this could probably be removed completely, but let's
keep it for now since these drivers are still in development.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit ba220ad2fd)
This adds the necessary nuts and bolts for the uboot settings for both the ZyXEL GS1900-8HP v1 and v2.
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
(cherry picked from commit b5bc53813d)
If service() is called w/o parameter then the status display for services
with multiple instances is incorrect. E.g. samba4 or wpad have 2 instances.
root@OpenWrt:~# /etc/init.d/samba4 status
running
root@OpenWrt:~# /etc/init.d/wpad status
running
Before change:
/etc/init.d/samba4 enabled stopped
/etc/init.d/wpad enabled stopped
After change:
/etc/init.d/samba4 enabled running
/etc/init.d/wpad enabled running
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
(cherry picked from commit 9318f61556)
Since KERNEL_SWAP is only enabled by default for !SMALL_FLASH targets, we need
to check if the current kernel supports swap before trying to configure
zram-swap, as opkg can't check for kernel dependencies.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit 565dfeb128)
Without 'BUILD_DEVICES' defined, the U-Boot related package won't be
automatically selected when building for Toradex Apalis device.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit 8c3383799a)
Looks like 'openat', 'pipe2' and 'ppoll' are now needed, possibly due
to changes on libraries used by umdns now using slightly different
calls.
Found using
/etc/init.d/umdns trace
now use umdns, ie. cover all ubus call etc., then
/etc/init.d/umdns stop
find list of syscalls traced in /tmp/umdns.*.json
Fixes: FS#3355 ("UMDNS: does not start on master with seccomp")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 00a85a1634)
Now that ujail supports seccomp also on Aarch64, add missing syscall
'fstat' to the list of allowed syscalls.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit d28880cdd8)
The mt7530_{r,w}32 operation over MDIO uses 3 mdiobus operations and
does not hold a lock, which causes a race condition when multiple
threads try to access a register, they may get unexpected results.
To avoid this, handle the MDIO lock manually, and use the unlocked
__mdiobus_{read,write} in the critical section.
This fixes the "Ghost VLAN" artifact[1] in MT7530/7621 when the VLAN
operation and the swconfig LED link status poll race between each other.
[1] https://forum.openwrt.org/t/mysterious-vlan-ids-on-mt7621-device/64495
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
(cherry picked from commit f99c9cd9c4)
Fix the PLL register value for 10 Mbit/s link modes on the UniFi AC Lite
/ Mesh / LR. Otherwise, 10 Mbit/s links do not transfer data.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 956407292d)
Fix the PLL register value for 10 Mbit/s link modes on TP-Link EAP
boards using a AR8033 SGMII PHY.
Otherwise, 10 Mbit/s links do not transfer data.
Reported-by: Tom Herbers <freifunk@tomherbers.de>
Tested-by: Tom Herbers <freifunk@tomherbers.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit bbff6239e2)
e78ea9bd26 Update Nios II libm-test-ulps.
98bb18f52a malloc: Fix a realloc crash with heap tagging [BZ 27468]
fc4ecce85b S390: Also check vector support in memmove ifunc-selector [BZ #27511]
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit d49f1acff1)
For some reason, one of the configure checks results in some infinite
loop and ends up spawning endless gcc processes, causing OOM. Just pass
a configure var to avoid it.
Same fix as 6e23813c1e
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit fc093c3f9c)
Reduce spi-max-frequency for Xiaomi MI Router 4AG model
Xiaomi MI Router 4AG MTD uses two flash chips (no specific on router versions when produced from factory) - GD25Q128C and W25Q128BV.
These flash chips are capable of high frequency, but due to poor board design or manufacture process.
We are seeing the following errors in the linux kernel bootup:
`spi-nor spi0.0: unrecognized JEDEC id bytes: cc 60 1c cc 60 1c
spi-nor: probe of spi0.0 failed with error -2`
This causes the partitions not to be detected
`VFS: Cannot open root device "(null)" or unknown-block(0,0): error -6`
Then creates a bootloop and a bricked router.
The solution to limit this race condition is to reduce the frequency from 80 mhz to 50 mhz.
Signed-off-by: David Bentham <db260179@gmail.com>
(cherry picked from commit 17e690017d)
The crypto engine in Armada 370 SoCs is currently broken. It can be
checked installing the required packages for testing openssl with hw
acceleration:
opkg install openssl-util
opkg install kmod-cryptodev
opkg install libopenssl-devcrypto
After configuring /etc/ssl/openssl.cnf to let openssl use the crypto
engine for digest operations, and performing some checksums..
md5sum 10M-file.bin
openssl md5 10M-file.bin
...we can see they don't match.
There might be an alignment or size constraint issue caused by the
idle-sram area.
Use the whole crypto sram and disable the idle-sram area to fix it. Also
disable the idle support by adding the broken-idle property to prevent
accessing the disabled idle-sram.
We don't care about disabling the idle support since it is already broken
in Armada 370 causing a huge performance loss because it disables
permanently the L2 cache. This was reported in the Openwrt forum and
elsewhere by Debian users with different board models.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
(cherry picked from commit 2e1ebe96c6)
The GL.iNet GL-MV1000 is booting from eMMC and the images for it are in
theory sysupgrade compatible. But the platform upgrade scripts were not
adjusted to select the mmcblock device as upgrade target. This resulted in
a failed sysupgrade because the mtd device (NOR flash) was instead tried to
be modified by the sysupgrade script.
Fixes: 050c24f05c ("mvebu: add support for GL.iNet GL-MV1000")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit 07e5e03711)
The Buffalo Linkstation LS421DE NAS lacks an uboot env config file.
Create it via scripts.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
(cherry picked from commit 4f8da19572)
Fixes boot loader LZMA decompression issue,
reported by GitHub user KOLANICH at [0].
The reported LZMA ERROR has date of 2020-07-20, soon after
the device support landed:
Ralink UBoot Version: 3.5.2.4_ZyXEL
....
3: System Boot system code via Flash.
Image Name: MIPS OpenWrt Linux-4.14.187
Created: 2020-07-20 3:39:11 UTC
Image Type: MIPS Linux Kernel Image (lzma compressed)
Data Size: 1472250 Bytes = 1.4 MB
Load Address: 80000000
Entry Point: 80000000
Verifying Checksum ... OK
Uncompressing Kernel Image ... LZMA ERROR 1 - must RESET board to recover
[0] fea232ae8f (commitcomment-45016560)
Fixes: 4dc9ad4af8 ("ramips: add support for ZyXEL Keenetic Lite Rev.B")
Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
(cherry picked from commit dd3c1ad8ee)
This fixes partitioning on Linksys EA9500. With this change only the
currently used firmware MTD partition gets parsed.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a3c7633ddc)
Respect the generic kernel config setting, which is "enabled" tree-wide, as
previously done for sunxi.
Ref: 247ef4d98b ("sunxi: enable CONFIG_BPF_SYSCALL and CONFIG_EMBEDDED")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 41948c9c1b)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
CRYPTO_DEV_CCP depends on X86 or ARM64
CRYPTO_DEV_CCP_DD depends on CPU_SUP_AMD or ARM64
Compiling this driver makes sense for x86 mainly. If one day support for
ARM64 board with AMD Secure Processor gets added this package may be
updated.
Trying to build this package on bcm4908 was causing:
ERROR: module 'build_dir/target-aarch64_cortex-a53_musl/linux-bcm4908_generic/linux-5.4.110/drivers/crypto/ccp/ccp-crypto.ko' is missing.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit cb3fb45ed1)
Currently it's not possible to flash factory images on devices shipped
with vendor firmware versions 1.1.0 Build 20201120 rel. 50406 (published
2020-12-22):
(curFw_ver, newFw_ver) == (1.1, 1.0) [NM_Error](nm_checkSoftVer) 00848: Firmwave not supports, check failed.
[NM_Error](nm_checkUpdateContent) 01084: software version dismatched
[NM_Error](nm_buildUpgradeStruct) 01188: checkUpdateContent failed.
They've even following note in release notes:
Note: You will be unable to downgrade to the previous firmware version
after updating this firmware.
This version check in vendor firmware is implemented in
/usr/bin/nvrammanager binary likely as following C code[1]:
sscanf(buf, "%d.%d.%*s",&upd_fw_major, &upd_fw_minor);
...
if (((int)upd_fw_major < (int)cur_fw_major) ||
((ret = 1, cur_fw_major == upd_fw_major && (upd_fw_minor < (int)cur_fw_minor)))) {
ret = 0;
printf("[NM_Error](%s) %05d: Firmwave not supports, check failed.\r\n\r\n","nm_checkSoftVer" ,0x350);
}
...
return ret;
So in order to fix this and make it future proof it should be enough to
ship our factory firmware images with major version 7 (lucky number).
Tested on latest firmware version 1.1.2 Build 20210125 rel.37999:
Firmwave supports, check OK.
(curFw_ver, newFw_ver) == (1.1, 7.0) check firmware ok!
Flashing back to vendor firmware
c7v5_us-up-ver1-1-2-P1[20210125-rel37999]_2021-01-25_10.33.55.bin works
as well:
U-Boot 1.1.4-gbec22107-dirty (Nov 18 2020 - 18:19:12)
...
Firmware downloaded... filesize = 0xeeae77 fileaddr = 0x80060000.
Firmware Recovery file length : 15642231
Firmware process id 2.
handle_fw_cloud 146
Image verify OK!
Firmware file Verify ok!
product-info:product_name:Archer C7
product_ver:5.0.0
special_id:55530000
[Error]sysmgr_cfg_checkSupportList(): 1023 @ specialId 45550000 NOT Match.
Firmware supports, check OK.
Firmware Recovery check ok!
1. https://gist.github.com/ynezz/2e0583647d863386a66c3d231541b6d1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit e6d66375cb)
When $(FPIC) gets expanded on the command line (for instance
when setting environment variables for libtool, configure, or
make) we can't count on it not needing quoting (i.e. it could
contain multiple flags separated with spaces).
Fixes: dc31191ec3 ("build: make sure asm gets built with -DPIC")
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit 7fae64cc06)
Refreshed all patches.
The following patches were manually changed:
* 610-netfilter_match_bypass_default_checks.patch
* 611-netfilter_match_bypass_default_table.patch
* 802-can-0002-can-rx-offload-fix-long-lines.patch
* 802-can-0003-can-rx-offload-can_rx_offload_compare-fix-typo.patch
* 802-can-0004-can-rx-offload-can_rx_offload_irq_offload_timestamp-.patch
* 802-can-0005-can-rx-offload-can_rx_offload_reset-remove-no-op-fun.patch
* 802-can-0006-can-rx-offload-Prepare-for-CAN-FD-support.patch
* 802-can-0018-can-flexcan-use-struct-canfd_frame-for-CAN-classic-f.patch
The can-dev.ko model was moved in the upstream kernel.
Compile-tested on: x86/64, armvirt/64, ath79/generic
Runtime-tested on: x86/64, armvirt/64, ath79/generic
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Move some disabled symbols found in armvirt target to generic.
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
(cherry picked from commit 12e942b1fd)
LPAE should be disabled as the Cortex-A8 cores don't support it,
and the kernel will crash on boot if it's enabled.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Fixes issue openwrt/packages#14921, whereby inline ASM wasn't getting
built as PIC; look at gmp-6.2.1/mpn/x86/pentium/popcount.asm for
example:
ifdef(`PIC',`
...
for a routine that exists in both PIC and non-PIC versions.
Make sure that wherever $(FPIC) gets passed as a variable expansion
that it gets quoted where necessary (such as setting environment
variables in shell commands).
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit af22991e03)
Marvell mv88e6xxx switch series cannot perform MAC learning from
CPU-injected (FROM_CPU) DSA frames, which results in 2 issues.
- excessive flooding, due to the fact that DSA treats those addresses
as unknown
- the risk of stale routes, which can lead to temporary packet loss
Backport those patch series from netdev mailing list, which solve these
issues by adding and clearing static entries to the switch's FDB.
Add a hack patch to set default VID to 1 in port_fdb_{add,del}. Otherwise
the static entries will be added to the switch's private FDB if VLAN
filtering disabled, which will not work.
The switch may generate an "ATU violation" warning when a client moves
from the CPU port to a switch port because the static ATU entry added by
DSA core still points to the CPU port. DSA core will then clear the static
entry so it is not fatal. Disable the warning so it will not confuse users.
Link: https://lore.kernel.org/netdev/20210106095136.224739-1-olteanv@gmail.com/
Link: https://lore.kernel.org/netdev/20210116012515.3152-1-tobias@waldekranz.com/
Ref: https://gitlab.nic.cz/turris/turris-build/-/issues/165
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
(cherry picked from commit 920eaab1d8)
This adds detection of the Sophos SG-105 and Sophos XG-105 models
and assignment of ethernet ports these models have to LAN/WAN.
Signed-off-by: Stan Grishin <stangri@melmac.net>
(cherry picked from commit 64eaf633ff)
Upstream iproute2 detects libbpf using a one-line $CC test-compile, which
normally ignores LDFLAGS. With NLS enabled however, LDFLAGS includes an
"rpath-link" linker option needed to resolve libintl.so. Its absence
causes both the compile and libbpf detection to fail:
ld: warning: libintl.so.8, needed by libbpf.so, not found (try using
-rpath or -rpath-link)
ld: libelf.so.1: undefined reference to `libintl_dgettext'
collect2: error: ld returned 1 exit status
Fix this by directly including $LDFLAGS in the test-compile command.
Reported-by: Ian Cooper <iancooper@hotmail.com>
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit aab3a04ce8)
The libbfd package definition uses $(ICONV_DEPENDS) and $(INTL_DEPENDS)
but links against neither, leading to libbfd detection failures in other
packages (e.g. bpftools) and on-target relocation problems with libintl.so:
root@OpenWrt:/# ldd /usr/lib/libbfd.so
ldd (0x77db6000)
libc.so => ldd (0x77db6000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77c6d000)
Error relocating /usr/lib/libbfd.so: libintl_dgettext: symbol not found
Add NLS-conditional linking of "libintl" to fix this. Also remove libbfd
package dependency $(ICONV_DEPENDS) which is not used during building or
linking.
Tested with QEMU on malta/be32, after building all packages from binutils,
bpftools and iproute2, using different libc options musl and glibc.
Fixes: 08e8175696 ("binutils: use nls.mk to fix libbfd link errors in
other packages")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 9a59f62f61)
There is no direct linking of libintl from bpftools, only secondary linking
through libelf, so remove "-lintl" from TARGET_LDFLAGS.
Fixes: 5582fbd613 ("bpftools: support NLS, fix ppc build and update to 5.8.9")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit c8c638a19b)
This change was investigated previously [1] but not deemed necessary. With
the recent addition [2] of modern BPF loader support, however, tc gained
dependencies on libelf and libbpf, with a larger installation footprint.
Similar to ip-tiny/ip-full, split tc into tc-full and tc-tiny variants,
where the latter excludes the eBPF loader, uses a smaller executable, and
avoids libelf and libbpf package dependencies. Both variants provide the
'tc' virtual package, with tc-tiny as the default.
The previous tc package included a loadable module for iptables actions.
Separate this out into a common package, tc-mod-iptables, which both
variants depend on. Some package sizes on mips_24kc:
Before:
148343 tc_5.11.0-1_mips_24kc.ipk
After:
144833 tc-full_5.11.0-2_mips_24kc.ipk
138430 tc-tiny_5.11.0-2_mips_24kc.ipk (and no libelf or libbpf)
4115 tc-mod-iptables_5.11.0-2_mips_24kc.ipk
Also fix up some Makefile indentation.
[1] https://github.com/openwrt/openwrt/pull/1627#issuecomment-447619962
[2] b048a305a3 ("iproute2: update to 5.11.0")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 72885e9608)
The link equalizer sch_teql.ko of package kmod-sched relies on a hotplug
script historically included in iproute2's tc package. In previous
discussion [1], consensus was the hotplug script is best located together
with the module in kmod-sched, but this change was deferred at the time.
Relocate the hotplug script now. This change also simplifies adding a tc
variant for minimal size with reduced functionality.
[1] https://github.com/openwrt/openwrt/pull/1627#issuecomment-447923636
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 863ce4f15f)
This patch has been submitted upstream to fix an error reported by a few
users. One instance seen using gcc 10.2.0, binutils 2.35.1 and musl 1.1.24:
bpf_glue.c: In function 'get_libbpf_version':
bpf_glue.c:46:11: error: 'PATH_MAX' undeclared (first use in this function);
did you mean 'AF_MAX'?
46 | char buf[PATH_MAX], *s;
| ^~~~~~~~
| AF_MAX
Reported-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 10ffefe602)
The latest iproute2 version brings various improvements and fixes:
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/log/?qt=range&q=v5.10.0..v5.11.0
In particular, ip and tc now use libbpf as the standard way to load BPF
programs, rather than the old, limited custom loader. This allows more
consistent and featureful BPF program handling e.g. support for global
initialized variables.
Also fix a longstanding problem with iproute2 builds where unneeded DSO
dependencies are added to most utilities, bloating their installation
footprint. From research and testing, explicitly using a "--as-needed"
linker flag avoids the issue. Update accordingly and drop extra package
dependencies from Makefile.
Additional build and packaging updates include:
- install missing development header to iproute2/bpf_elf.h
- propagate OpenWrt verbose flag during build
- update and refresh patches
Compile and run tested: QEMU/malta-mips32be on kernels 5.4 & 5.10.
All iproute2 packages were built and installed to the test image. Some
regression testing using ip-full and tc was successfully performed to
exercise several kmods, tc modules, and simple BPF programs.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit b048a305a3)
To the vast majority of the users, wireguard-tools are not useful
without the underlying kernel module. The cornercase of only generating
keys and not using the secure tunnel is something that won't be done on
an embedded OpenWrt system often. On the other hand, maintaining a
separate meta-package only for this use case introduces extra
complexity. WireGuard changes for Linux 5.10 remove the meta-package.
So let's make wireguard-tools depend on kmod-wireguard
to make WireGuard easier to use without having to install multiple
packages.
Fixes: ea980fb9 ("wireguard: bump to 20191226")
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
(cherry picked from commit cbcddc9f31)
Use NETWORK_SUPPORT_MENU like all other modules in netsupport.mk. Drop
SECTION and CATEGORY fields as they are set by default and to match
other packages in netsupport.mk. Use better TITLE for kmod-wireguard
(taken from upstream drivers/net/Kconfig).
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
(cherry picked from commit 0b53d6f7fa)
On Linux 5.4, build WireGuard from backports. Linux 5.10 contains
wireguard in-tree.
Add in-kernel crypto libraries required by WireGuard along with
arch-specific optimizations.
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
(cherry picked from commit 06351f1bd0)
(cherry picked from commit 464451d9ab)
Rather than using the clunky, old, slower wireguard-linux-compat out of
tree module, this commit does a patch-by-patch backport of upstream's
wireguard to 5.4. This specific backport is in widespread use, being
part of SUSE's enterprise kernel, Oracle's enterprise kernel, Google's
Android kernel, Gentoo's distro kernel, and probably more I've forgotten
about. It's definately the "more proper" way of adding wireguard to a
kernel than the ugly compat.h hell of the wireguard-linux-compat repo.
And most importantly for OpenWRT, it allows using the same module
configuration code for 5.10 as for 5.4, with no need for bifurcation.
These patches are from the backport tree which is maintained in the
open here: https://git.zx2c4.com/wireguard-linux/log/?h=backport-5.4.y
I'll be sending PRs to update this as needed.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
(cherry picked from commit 3888fa7880)
(cherry picked from commit d540725871)
(cherry picked from commit 196f3d586f)
(cherry picked from commit 3500fd7938)
(cherry picked from commit 23b801d3ba)
(cherry picked from commit 0c0cb97da7)
(cherry picked from commit 2a27f6f90a)
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
This enables building BCM4908 "raw" image that can be flashed using
bootloader web UI. It requires serial console access & stopping booting
by the "Press any key to stop auto run".
It's easy to build vendor like CHK image but it can't be safely flashed
using vendor UI at this point. Netgear implements method called "NAND
incremental flashing" that doesn't seem to flash bootfs partition as
provided.
Above method seems to update vmlinux.lz without updating 94908.dtb. It
prevents OpenWrt kernel from booting due to incomplete DTB file. Full
Netgear R8000P support can be enabled after finding a way to make vendor
firmware flash OpenWrt firmware including the 94908.dtb update.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit d92a9c97bf)
OpenWrt was succesfully tested on the GT-AC5300 model. It's possible to:
1. Install OpenWrt using vendor UI
2. Perform UBI aware sysupgrade
3. Install vendor firmware using OpenWrt sysupgrade
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 5e78cb9b85)
bcm4908img is a tool managing BCM4908 platform images. It's used for
creating them as well as checking, modifying and extracting data from.
It's required by both: host (for building firmware images) and target
(for sysupgrade purposes). Make it a host/target package.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 9b4fc4cae9)
It supports flashing OpenWrt images (bootfs & UBI upgrade) as well as
vendor images (whole MTD partition write).
Upgrading cferom is unsupported. It requires copying device specific
data (like MAC) to target image before flashing.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a6a0b252ba)
This way MTD "bootfs" partition will be always 8+ MiB. This should be
enough for any custom / future firmware to fit its bootfs (e.g. big
kernel) without having to repertition whole flash. That way we can
preserve UBI and its erase counters during sysupgrade.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ca9b1f15c4)
JFFS2 bootfs partition in a BCM4908 image usually includes some padding.
For flashing it individually (writing to designed MTD partition) we want
just JFFS2 data.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ed7edf88e2)
Fix offset to extract proper data when image contains vendor header.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit dcbde11af1)
It's required for upgrading firmware using single partitions instead of
just blindly writing whole image.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit e33957c241)
It's much easier to operate on BCM4908 image data with absolute offset
of each section stored. It doesn't require summing sizes over and over.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 5314cab729)
The purpose of that dummy file is to make CFE work properly with OpenWrt
bootfs. CFE for some reason ignores JFFS2 files with ino 0.
Rename it to 1-openwrt so:
1. It's consistent with bcm63xx
2. It's OpenWrt specific so sysupgrade can distinguish it from vendor
images
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 880c8b4422)
This adds support for accessing bootfs JFFS2 partition in the BCM4908
image. Support includes:
1. Listing files
2. Renaming file (requires unchanged name length)
Above commands are useful for flashing BCM4908 images which by defualt
come with cferom.000 file and require renaming it.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ed847ef5f3)
It's important for modifying / extracting firmware content. cferom is
optional image content at the file beginning.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 6af45b842b)
BCM4908 image format contains some info that may be useful for info /
debugging purposes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 9b9184f178)
1. Don't allow pipe stdin as we need to fseek()
2. Don't alow TTY as it doesn't make sense for binary input
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit d533b27bc0)
Netgear uses CHK header which needs to be skipped when validating
BCM4908 image. Detect it directly in the bcm4908img tool. Dealing with
binary structs and endianess is way simpler in C.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a39f85d8b6)
Move code parsing existing firmware file to separated function. This
cleans up existing code and allows reusing parsing code for other
commands.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 7d5f743942)
This tells OS (Linux) where from MAC should be read (bootloader MTD
partition).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1cc5eb45d5)
It's helpful for accessing booting data (DTS, kernel, etc.). It has to
be used carefully as CFE's JFFS2 support is quite dumb. It doesn't
recognize deleted files and has problems handling 0 inode.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 6dd727ac24)
1. Add leds and configs
2. Add network configs
3. Add script to clear partial boot flag
4. Hack to use port 5 as cpu port as port 8 connected to eth2
wont pass any frames
5. Enable EA9500 image generation
Hardware Info:
- Processor - Broadcom BCM4709C0KFEBG dual-core @ 1.4 GHz
- Switch - BCM53012 in BCM4709C0KFEBG & external BCM53125
- DDR3 RAM - 256 MB
- Flash - 128 MB (Toshiba TC58BVG0S3HTA00)
- 2.4GHz - BCM4366 4×4 2.4/5G single chip 802.11ac SoC
- Power Amp - Skyworks SE2623L 2.4 GHz power amp (x4)
- 5GHz x 2 - BCM4366 4×4 2.4/5G single chip 802.11ac SoC
- Power Amp - PLX Technology PEX8603 3-lane, 3-port PCIe switch
- Ports - 8 Ports, 1 WAN Ports
- Antennas - 8 Antennas
- Serial Port - @j6 [GND,TX,RX] (VCC NC) 115200 8n1
Flashing Instructions:
1. Connect a USB-TTL table to J6 on the router as well as a
ethernet cable to a lan port and your PC.
2. Power-on the router.
3. Use putty or a serial port program to view the terminal.
Hit Ctrl+C and interrupt the CFE terminal terminal.
4. Setup a TFTP server on your local machine at setup you
local IP to 192.168.1.2
5. Start the TFTP Server
6. Run following commands at the CFE terminal
flash -noheader 192.168.1.2:/openwrt.trx nflash0.trx
flash -noheader 192.168.1.2:/openwrt.trx nflash0.trx2
nvram set bootpartition=0 && nvram set partialboots=0 && nvram commit
7. Reboot router to be presented by OpenWrt
Note: Only installation method via serial cable is supported at the moment.
The trx firmware has to be flashed to both the partitions using following
commands from CFE prompt. This will cover US and Non-US variants.
Signed-off-by: Vivek Unune <npcomplete13@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 209c5918b5)
These patches have been already accepted.
302-ARM-dts-BCM5301X-Update-Northstar-pinctrl-binding.patch had to
be updated.
[rmilecki: use actual upstream accepted patches
replace v5.10 with v5.11 to match actual upstream kernel
recover dropped part of the pinctrl compatible patch
update filenames
refresh patches]
Signed-off-by: Vivek Unune <npcomplete13@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 39ed2265dd)
1. Use upstream accepted NVMEM patches
2. Minor fix for BCM4908 partitioning
3. Support for Linksys firmware partitions on Northstar
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 3fd0a4222b)
On NEC Aterm WG1200CR, the MAC address for WAN is printed in the label
on the case, not LAN.
This patch fixes this issue.
Fixes: 50fdc0374b ("ath79: provide label MAC address")
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit e2331fb549)
There are only two lan ports and one wan port on Youku yk1
Fixes: e9baf8265b ("ramips: add support for Youku YK1")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[add Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b88d2850c6)
libunwind dependency check does not allow for MIPS64 arch. Add MIPS64 awareness.
libunwind seems to support MIPS64 without issues, it was limited by the dep arch
check in the Makefile.
Used to compile Suricata6/Rust locally without issue.
Signed-off-by: Donald Hoskins <grommish@gmail.com>
(cherry picked from commit ea6d4bdde2)
While rebasing into setting bits instead of magic values,
I accidentally forgot to actually set the force bit.
Without it using the pins as GPIO-s did not actually work.
Fixes: b5c93ed ("ipq40xx: add Qualcomm QCA807x driver")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit 7f2d9ccd09)
The pkgconfig file hardcodes a host library directory which cannot be
overridden by OpenWrt during builds. Use SED to fix this and potential
include directory problems, as is done with several other packages.
This fixes a strange issue intermittently seen building iproute2 on the
oxnas target:
iptables modules directory: /usr/lib/iptables
libc has setns: yes
SELinux support: no
libbpf support: no
libbpf version 0.3.0 is too low, please update it to at least 0.1.0
LIBBPF_FORCE=on set, but couldn't find a usable libbpf
Fixes: 2f0d672088 ("bpftools: add utility and library packages
supporting eBPF usage")
Reported-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 9e64e4ce26)
For Visual Studio Code users, .vscode is created inside the workspace.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 12dbad1a86)
DTR GPIO isn't actually needed and triggers boot warning.
TX pin was off by one (GPIO 19 instead of GPIO 18).
Reported-by: @tophirsch
Fixes: d1130ad265 ("ath79: add support for Teltonika RUT955")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 53a7d5d614)
If the environment variable FILTER is set before compilation,
compilation of the ppp-package will fail with the error message
Package ppp is missing dependencies for the following libraries:
libpcap.so.1
The reason is that the OpenWrt-patch for the Makefile only comments
out the line FILTER=y. Hence the pcap-library will be dynamically
linked if the environment variable FILTER is set elsewhere, which
causes compilation to fail. The fix consists on explicitly unsetting
the variable FILTER instead.
Signed-off-by: Eike Ritter <git@rittere.co.uk>
(cherry picked from commit 46cd0765d0)
This patch skips zero length DHCP options instead of failing.
Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry picked from commit 1c04365071)
The original GL.iNet firmware has two different mac addresses in the
factory/art partition. The first one is for the WAN interface only and the
second one is for both lan0 and lan1.
But the original submission for OpenWrt didn't initialize the mac
addresses of the LAN ports for the DSA device at all. The ethernet mac
address was then used for all DSA ports.
Fixes: 050c24f05c ("mvebu: add support for GL.iNet GL-MV1000")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit c20ac84803)
The original patch to support this device advertised support for the reset
button and the "switch" in the commit message. But neither were actually
integrated in the device tree or documented anywere.
The button itself is now used to trigger a reset (as described in the
official GL.iNet documentation). The switch itself is registered as BTN_0
like other devices from GL.iNet in ath79.
Fixes: 050c24f05c ("mvebu: add support for GL.iNet GL-MV1000")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit 01b911a938)
Kernel size limits have been dealt with.
Effective revert of a1eb2c46 and ac9730c4.
Signed-off-by: Tad Davanzo <tad@spotco.us>
(cherry picked from commit b4f76d9f0d)
venom has a 3MB kernel partition as specified by the DTS.
3MB is not sufficient for building with many kernel modules or newer
kernel versions.
venom uboot however as set from factory will load up to 6MB.
This can be observed by looking a uboot log:
NAND read: device 0 offset 0x900000, size 0x600000
6291456 bytes read: OK
and from uboot environment variables:
$ fw_printenv | grep "priKernSize";
priKernSize=0x0600000
Resize the root partitions from 120MB to 117MB to let kernel expand
into it another 3MB.
And set kernel target size to 6MB.
Lastly set the kernel-size-migration compatibility version on venom to
prevent sysupgrading without first reinstalling from a factory image.
Signed-off-by: Tad Davanzo <tad@spotco.us>
(cherry picked from commit 15309f5133)
mamba has a 3MB kernel partition as specified by the DTS.
3MB is not sufficient for building with many kernel modules or newer
kernel versions.
mamba uboot however as set from factory will load up to 4MB.
This can be observed by looking a uboot log:
NAND read: device 0 offset 0xa00000, size 0x400000
4194304 bytes read: OK
and from uboot environment variables:
$ fw_printenv | grep "pri_kern_size";
pri_kern_size=0x400000
Resize the root partitions from 37MB to 36MB to let kernel expand
into it another 1MB.
And set kernel target size to 4MB.
Lastly add a compatibility version message: kernel-size-migration.
And set it on mamba to prevent sysupgrading without first reinstalling from
a factory image.
Signed-off-by: Tad Davanzo <tad@spotco.us>
(cherry picked from commit 10415d5e70)
This includes several improvements and fixes:
61db17e rules: fix device and chain usage for DSCP/MARK targets
7b844f4 zone: avoid duplicates in devices list
c2c72c6 firewall3: remove last remaining sprintf()
12f6f14 iptables: fix serializing multiple weekdays
00f27ab firewall3: fix duplicate defaults section detection
e8f2d8f ipsets: allow blank/commented lines with loadfile
8c2f9fa fw3: zones: limit zone names to 11 bytes
78d52a2 options: fix parsing of boolean attributes
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 0d75aa27d4)
Backport upstream patch that fixes TRGMII mode now that mt7530 is
actually resetting the switch on ramips devices.
Patches apply to both Linux 5.4 and 5.10, since TRGMII is broken on both.
Fixes: 69551a2442 ("ramips: manage low reset lines")
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
(cherry picked from commit 680f91d0e5)
Instead of deactivating this in every target config, deactivate it once
in the generic kernel config. I was asked for this config option in a
x86 64 build in OpenWrt 21.02.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7d6553c72e)
This device is a wireless router working on 2.4GHz band based on
Qualcom/Atheros AR9132 rev 2 SoC and is accompanied by Atheros AR9103
wireless chip and Realtek RTL8366RB/S switches. Due to two different
switches being used also two different devices are provided.
Specification:
- 400 MHz CPU
- 64 MB of RAM
- 32 MB of FLASH (NOR)
- 3x3:2 2.4 GHz 802.11bgn
- 5x 10/100/1000 Mbps Ethernet
- 4x LED, 3x button, On/Off slider, Auto/On/Off slider
- 1x USB 2.0
- bare UART header place on PCB
Flash instruction:
- NOTE: Pay attention to the switch variant and choose the image to
flash accordingly. (dmesg / kernel logs can tell it)
- Methods for flashing
- Apply factory image in OEM firmware web-gui.
- Sysupgrade on top of existing OpenWRT image
- U-Boot TFPT recovery for both stock or OpenWRT images:
The device U-boot contains a TFTP server that by default has
an address 192.168.11.1 (MAC 02:AA:BB:CC:DD:1A). During the boot
there is a time window, during which the device allows an image to
be uploaded from a client with address 192.168.11.2. The image will
be written on flash automatically.
1) Have a computer with static IP address 192.168.11.2 and the
router device switched off.
2) Connect the LAN port next to the WAN port in the device and the
computer using a network switch.
3) Assign IP 192.168.11.1 the MAC address 02:AA:BB:CC:DD:1A
arp -s 192.168.11.1 02:AA:BB:CC:DD:1A
4) Initiate an upload using TFTP image variant
curl -T <imagename> tftp://192.168.11.1
5) Switch on the device. The image will be uploaded subsequently.
You can keep an eye on the diag light on the device, it should
keep on blinking for a while indicating the writing of the image.
General notes:
- In the stock firmware the MAC address is the same among all
interfaces so it is left here that way too.
Recovery:
- TFTP method
- U-boot serial console
Differences to ar71xx platform
- This device is split in two different targets now due to hardware
being a bit different under the hood. Dynamic solution within the same
image is left for later time.
- GPIOs for a sliding On/Off switch, marked 'Movie engine' on the device
cover, were the wrong way around and were renamed qos_on -> movie_off,
qos_off -> movie_on. Associated key codes remained the same they were.
The device tree source code is mostly based on musashino's work
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
(cherry picked from commit bc356de285)
Generally, in upstream CFI flash memory driver uses buffers for write
operations. That does not work with AMD chip with id 0x2201 and we must
resort to writing word sized chunks only. That is, to not apply general
buffer write functionality for this given chip.
Without the patch kernel logs will be flooded with entries like below:
MTD do_erase_oneblock(): ERASE 0x01fa0000
MTD do_write_buffer(): WRITE 0x01fa0000(0x00001985)
MTD do_erase_oneblock(): ERASE 0x01f80000
MTD do_write_buffer(): WRITE 0x01f80000(0x00001985)
MTD do_write_buffer_wait(): software timeout, address:0x01f8000a.
jffs2: Write clean marker to block at 0x01a60000 failed: -5
MTD do_erase_oneblock(): ERASE 0x01f60000
MTD do_write_buffer(): WRITE 0x01f60000(0x00001985)
MTD do_write_buffer_wait(): software timeout, address:0x01f6000a.
jffs2: Write clean marker to block at 0x01a40000 failed: -5
References: http://patchwork.ozlabs.org/project/linux-mtd/patch/20210309174859.362060-1-sandberg@mailfence.com/
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
[added link to usptream fix submission]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 8cc0fa8fac)
NXP 74HC153 is a GPIO expander. Its original source cide sits in ar71xx
architecture tree. It has been slightly modified to get GPIO pin
configuration from the device tree rather than a MACH file.
Changes to the source file:
- Remove struct nxp_74hc153_config
- in nxp_74hc153_probe(), fetch GPIO configuration from device tree
- allow GPIO framework decide the base number by passing -1 to it
- remove support for kernel versions below 4.5.0
- add OF device compatibility string
Create a package for inclusion in image.
References: https://lore.kernel.org/linux-gpio/545111184.50061.1615922388276@ichabod.co-bxl/
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
[added link to driver usptreaming work in progress]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 6a6f9e73dd)
This version fixes 2 security vulnerabilities, among other changes:
- CVE-2021-3450: problem with verifying a certificate chain when using
the X509_V_FLAG_X509_STRICT flag.
- CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously
crafted renegotiation ClientHello message from a client.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 0bd0de7d43)
Remove duplicate packages by running in `target/linux/` rather than
`target/linux/<target>/<subtarget>` and sort packages alphabetically.
Squash commit of:
7880a64848 build,json: 3rd fixup of default_packages
b36068d35d build,json: fixup fixup of arch_packages
1bf2b3fe90 build,json: fixup missing arch_packages
Signed-off-by: Paul Spooren <mail@aparcar.org>
This should fix the problem of mwlwifi-firmware-* not being found
when using the ImageBuilder.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 9b3aaf1cdb)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Calling without the DUMP=1 argument causes the target specific Makefile
to be "included" again which adds the target specific packages twice,
once on the actual run and once included from `include/target.mk`.
This led to duplicate package entries, causing confusion in downstream
projects using the generated JSON files.
While at it, apply `black` style to Python script.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 7f4c2b1a4f)
Physical port order watched from the back of the device is:
4 / 3 / 2 / 1 / WAN which also matches corresponding leds.
This patch corrects LuCI switch webpage LAN port order.
Signed-off-by: Walter Sonius <walterav1984@gmail.com>
[improve commit title, fix sorting in 02_network]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 46c0634b50)
This patch enables LED support for the GL.iNet GL-MV1000
Signed-off-by: Jeff Collins <jeffcollins9292@gmail.com>
[add SPDX identifier on new file, add aliases, minor cosmetic issues]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6e0c780eb3)
15346de client: Always close connection with request body in case of error
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1170655f8b)
Instead of doing uci commit and reload_config for each setting do it
only once when one of these options was changed. This should make it a
little faster when both conditions are taken.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 501221af54)
Without this change the config is only committed, but the uhttpd daemon
is not reloaded. This reload is needed to apply the config. Without the
reload of uhttpd, the ubus server is not available over http and returns
a Error 404.
This caused problems when installing luci on the snapshots and
accessing it without reloading uhttpd.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d25d281fd6)
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.
Security fixes:
* Fix a buffer overflow in mbedtls_mpi_sub_abs()
* Fix an errorneous estimation for an internal buffer in
mbedtls_pk_write_key_pem()
* Fix a stack buffer overflow with mbedtls_net_poll() and
mbedtls_net_recv_timeout()
* Guard against strong local side channel attack against base64 tables
by making access aceess to them use constant flow code
Full release announcement:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.10
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit dbde2bcf60)
This kernel config option was missing and resulted in a question when
building.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 047b7621bb)
This adds NVMEM bindings that are needed for proper booting on Linksys
devices.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 98d456a14e)
NVRAM access may be needed early in boot process. Reading it using mtd
happens quite late in the init process. Add NVRAM initialization to the
NVMEM driver which comes up early and depends on IO mapping only.
This is required by Linksys devices which use NVRAM content for proper
partitioning (detecting current firmware partition).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit baf04eed02)
Refactoring of bcm47xx_nvram driver. It's used by bcm47xx and bcm53xx.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1c48eee5b2)
It supports NVRAM access described using DT binding. Right now NVRAM
data is exposed using /sys/bus/nvmem/ only.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 01b1b37528)
Some patches were slightly cleaned up. One things worth mentioning is
that adding:
phy-mode = "rgmii"
broke SF2 driver. It made it access random register breaking switch
setup.
That's why this commit also adds a quick sf2 fix.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 05dbfe616d)
It's meant to provide upstream support for mtd & NVMEM. It's required
e.g. for reading MAC address from mtd partition content. It seems to be
in a final shape so it's worth testing.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit e90e75b12c)
It's a BCM4906 based device (2 CPU cores). It has 512 MiB of RAM, 4 LAN
ports, 1 WAN port, 2 USB ports, NAND flash. WiFi unknown at this point.
Flashing is possible using CFE only, proper image will be worked on
later.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 8d24da1470)
This adds the latest version of ofpart commit. It hopefully
1. Doesn't break compilation
2. Doesn't break partitioning
(this time).
It's required to implement fixed partitioning with some quirks. It's
required by bcm53xx, bcm4908, kirkwood, lantiq and mvebu.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 7a7b2fd809)
This allows using the last integrated PHY (and so e.g. WAN port on the
ASUS GT-AC5300).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ad8b759fd1)
The ImageBuilder `make manifest` prints all installed packages. This
function can be used to create a list of package and corresponding
package versions before attempting image creation.
When called with `--strip-abi` OPKG can automatically strip attached
ABIVersions from package names. Make this function accessible for the
ImageBuilder by adding a `STRIP_ABI` variable.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 0f7cd97f81)
Refreshed all patches.
The following patches were applied upstream:
* 755-v5.8-net-dsa-add-GRO-support-via-gro_cells.patch
* 831-v5.9-usbip-tools-fix-build-error-for-multiple-definition.patch
Compile-tested on: x86_64, ipq40xx, ath79
Runtime-tested on: x86_64, ipq40xx, ath79
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
d3f2041 uci: manually clear uci_ptr flags after uci_delete() operations
ccb7517 sys: packagelist: drop ABI version from package name
(cherry picked from commit da339a6d3f)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
d71856a pkg: pass-through ABIVersion to status file
d3a63b3 libopkg: add option to strip ABI versions from listed names
5936c4f libopkg: pkg_hash: prefer original packages to satisfy dependencies
(cherry squashed from commit 6a7a1f1c64,
commit 988ed00802 and
commit b5f6d20560)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
With the existence of ABI versions there is no clean way to determine
the package name without an attached ABI version. The Packages index is
stored on device to know what packages are installed.
The ABIVersion was recently removed in c921650382 "build: drop ABI
version from metadata", while ABI versions still exists. This becomes a
problem if a user tries to export installed packages via `ubus call
rpcd-sys packagelist` which would return package names including the ABI
version. Trying to find these packages in a later release with changes
ABI version is impossible.
This commits adds the `ABIVersion` field again. Knowing both the
combined (SourceName + ABIVersion) and the `ABIVersion` it is possible
to calculate the package `SourceName` without storing it in the
on-device package list.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit fc5b101c06)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
a857b45 resolv/locale: eventually this should be more efficient
11ed281 some more optimization
764a475 add redundant calls to file.search_conffile_dirs()
7d4558e fs: treat devtmpfs that same as tmpfs
81b677e adds irqbalance skeleton
5506244 irqbalance rules
cc96cd8 adds usbutil and gtpfdisk skels
01e2a55 some fsck, gptfdisk, mkfs and usbutil rules
d6d1e7d usbutil: output to terminal
da576fa fsck, gptfdisk and usbutil rules
09b39e9 unbound
241a029 hotplugcall: allow dac_read_search (is a subset of dac_override)
af0fe90 adds label for tcsh
160f79e adds tcpdump
6d02b96 adds coreutil execfile for busybox alternatives
ac54884 coreutilexecfile: these are known to require privileges, so exclude
8cb3b66 adds chrootexecfile
6d329d3 this saves 9KiB and its a bit more robust
88e2425 move addpart/delpart/partx to gptfdisk.cil
261012d ntphotplug: reads ubox data files
0473ace various
740e820 work through to genfs_seclabel_symlinks loose ends (Linux 5.10)
bef21f5 TODO adds a note about how I dont need to upgrade to polver 33 from 31
cb2e5a3 ubus uses ntpdhotplug fd, and some genfs_seclabel_symlink changes
07df9b9 luci, rpcd and wpad (mainly genfs_selabel related but not all)
8d86cab genfs_seclabel loose ends for blockmount, hotplugcall, irqbalance, zram-swap
b8156cd adds a note about how i forgot to target blockd
6e82ab8 adds blockd and related
254ff43 Makefile: exclude blockd from mintesttgt
4dc6bc2 pppd update related and unbound-odhcp rules
3d7da7a igmpproxy tidy some loose ends
c84ba0f rcigmpproxy: add entries to /etc when creating /etc/igmpproxy.conf
5a18967 adds igmpproxy skeleton
7e6a218 logread: support resolving dns names
e39ca8b netifd: add support for /etc/udhcpc.user
7952bd0 odhcp6c: support /etc/odhcp6c.user
ba0eb4e swconfig, fwenv, agent
4556b8a pppd cosmetic
9324d9d pppd: sends AT commands to model using /dev/ttyUSBN
417b14a ttydev: add some more ttyUSB
ed739dc example: dont depend on policycoreutils
97613f9 dropbear: using dropbear as scp: dns name resolving
12c193b dropbear tcp connect ssh ports for scp
c050077 rcdnsmasq: remove redundant rule and make rcsysntpd optional
8c5de35 this is a bug
8d5c463 uhttpd rcboot rcdnsmasq
094266e hostapd and wpa_supplicant
aef0bd7 mountroot: maintains /tmp/sysupgrade.tar
24f0406 dropbear: allow it to read tmp.fs files
2901433 firstboot mkfsf2fs rcboot
2c4afb7 blockmount mmc
465ca98 adds industrial i/o (iio) nodedev
82f686e mtd stordev: back that ubiblock0_4p1 up with a filecon
7df78bd ubus: "support" older ubusd versions that run as root
4458bce swconfig: allow using terminal (to print output)
e8d606d sslcert: openssl linked: this shaves off 200 bytes
93afffb jshn ntpdhotplug
0b847f0 wpad: reads /etc/ssl/openssl.cnf
f14ee34 indent fix
a0c7cad mtd, uhttpd, ubus and ntpdhotplug
d74f98f adds a not about checkreqprot requirement in some scenarios
affacce example: add policycoreutils-setfiles for make check
4f944dc kmodloader and fwenv:
efe36a3 netifd: adds a comment/reminder
581b087 more fw_printenv loose ends
30177a4 fw_setenv: needs mtd write access to set and delete env
da28f4c fw_printenv: some minor clean ups
a062053 fw_printenv missing rules
244ba5f blockmount: extroot and /rwm
0745a6a squid: allow squid to run sslcrtd with domain transition
b851df6 squid fix
8c55acd squid: adds certfile and allow connect http but...
b7c1f6d Makefile: exclude tinyproxy from mintesttgt (using squid)
5ff39bd squid: forgot about luci
5366c97 squid/rcsquid some basic fill in
8743da6 squid skeleton
687a43b adds squid 3128 port to httpproxy port
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry squashed from commit 3ffc30f05a
and commit 41a8f093fb)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
d464187c policycoreutils: sestatus belongs to bin not sbin
d59932a7 policycoreutils: Resolve path in restorecon_xattr
5682c0d5 policycoreutils/fixfiles.8: add missing file systems and merge check and verify
57dd1f65 policycoreutils/setfiles: Drop unused nerr variable
be7f54cb setfiles: drop ABORT_ON_ERRORS and related code
9207823c setfiles: Do not abort on labeling error
c064d214 selinux_config(5): add a note that runtime disable is deprecated
8bc865e1 newrole: support cross-compilation with PAM and audit
ba2d6c10 fixfiles: correctly restore context of mountpoints
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit 68934a5704)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
142826a3 libselinux: fix segfault in add_xattr_entry()
398d2cee libselinux: rename gettid() to something which never conflicts with the libc
8f0f0a28 selinux(8,5): Describe fcontext regular expressions
9cc6b5cf libselinux/getconlist: report failures
156dd0de libselinux: update getseuser
e2dca5df libselinux: accept const fromcon in get_context API
da4829d0 libselinux: Always close status page fd
45b15c22 selinux(8): explain that runtime disable is deprecated
3c16aaef selinux(8): mark up SELINUX values
c2a58cc5 libselinux: LABEL_BACKEND_ANDROID add option to enable
db0f2f38 libselinux: Add build option to disable X11 backend
4a142ac4 libsepol: Bump libsepol.so version
d23342a9 libselinux: convert matchpathcon to selabel_lookup()
7ef5b185 libselinux: Change userspace AVC setenforce and policy load messages to audit format.
f5d644c7 libselinux: Add additional log callback details in man page for auditing.
075f9cfe libselinux: Fix selabel_lookup() for the root dir.
a4149e0e libselinux: Add new log callback levels for enforcing and policy load notices.
a63f93d8 libselinux: initialize last_policyload in selinux_status_open()
ef902db9 libselinux: safely access shared memory in selinux_status_updated()
9e4480b9 libselinux: Remove trailing slash on selabel_file lookups.
21fb5f20 libselinux: use full argument specifiers for security_check_context in man page
e7abd802 libselinux: fix build order
05bdc031 libselinux: use kernel status page by default
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit b1fc2b5b0b)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
a9e0004f libsepol: invalidate the pointer to the policydb if policydb_init fails
6238e025 libsepol/cil: fix NULL pointer dereference in cil_fill_ipaddr
b69d77bc libsepol/cil: handle SID without assigned context when writing policy.conf
0861c659 libsepol: Validate policydb values when reading binary policy
8f5409cf libsepol: Create function ebitmap_highest_set_bit()
0451adeb libsepol/cil: Destroy disabled optional blocks after pass is complete
32f8ed3d libsepol/cil: introduce intermediate cast to silence -Wvoid-pointer-to-enum-cast
4662bdc1 libsepol/cil: be more robust when encountering <src_info>
6b561058 libsepol/cil: fix NULL pointer dereference with empty macro argument
0d0e47c7 libsepol/cil: Fix integer overflow in the handling of hll line marks
1b36ace2 libsepol: include header files in source files when matching declarations
1f1fa9d4 libsepol: uniformize prototypes of sepol_mls_contains and sepol_mls_check
72a88d75 libsepol: remove unused files
eba0ffee libsepol/cil: Fix heap-use-after-free when using optional blockinherit
1048f8d3 libsepol/cil: unlink blockinherit->block link when destroying a block
b3202918 libsepol/cil: fix memory leak when a constraint expression is too deep
f0d98f83 libsepol/cil: Fix heap-use-after-free in __class_reset_perm_values()
5d021d66 libsepol/cil: Update symtab nprim field when adding or removing datums
34bd9a9d libsepol: destroy filename_trans list properly
bdf4e332 libsepol/cil: fix NULL pointer dereference when parsing an improper integer
b7ea65f5 libsepol/cil: destroy perm_datums when __cil_resolve_perms fails
228c06d9 libsepol/cil: fix out-of-bound read in cil_print_recursive_blockinherit
a25d9104 libsepol/cil: constify some strings
e2d01842 libsepol/cil: propagate failure of cil_fill_list()
6c8fca10 libsepol/cil: do not add a stack variable to a list
38a09b74 libsepol/cil: fix NULL pointer dereference when using an unused alias
3c357285 libsepol/cil: remove useless print statement
90809674 libsepol/cil: always destroy the lexer state
d16a1e46 libsepol/cil: Use the macro FLAVOR() whenever possible
2aac859a libsepol/cil: Use the macro NODE() whenever possible
d317b470 libsepol/cil: Remove unnecessary assignment in cil_resolve_name_keep_aliases()
9b9761cf libsepol/cil: Remove unused field from struct cil_args_resolve
e257d4c7 libsepol/cil: Get rid of unnecessary check in cil_gen_node()
ebba2b00 libsepol/cil: cil_tree_walk() helpers should use CIL_TREE_SKIP_*
89dab467 libsepol: free memory when realloc() fails
2d353bd5 libsepol/cil: Give error for more than one true or false block
4a142ac4 libsepol: Bump libsepol.so version
506c7b95 libsepol: Drop deprecated functions
ae58e84b libsepol: Get rid of the old and duplicated symbols
c97d63c6 libsepol: silence potential NULL pointer dereference warning
64387cb3 libsepol: drop confusing BUG_ON macro
521e6a2f libsepol/cil: fix signed overflow caused by using (1 << 31) - 1
a152653b libsepol/cil: Fix neverallow checking involving classmaps
734e4beb libsepol/cil: Validate conditional expressions before adding to binary policy
685f577a libsepol/cil: Validate constraint expressions before adding to binary policy
8206b8cb libsepol: implement POLICYDB_VERSION_COMP_FTRANS
42ae834a libsepol,checkpolicy: optimize storage of filename transitions
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit 2a1bdde0d0)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Enable threading if dev->threaded is set. This will be used to bring mt76 back
in sync with upstream
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 3d1ea0d77f)
Backport two fixes for 1.33.0
* history file storing
* traceroute command option parsing
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit c1f3c52564)
The Sercomm AD1018 has a NAND flash. We recently added support for NANDs
in this target.
Use the internal NAND as additional storage.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
(cherry-picked from commit a48ef37747)
From the original commit message:
"With GCC 10, building usbip triggers error for multiple definition
of 'udev_context', in:
- libsrc/vhci_driver.c:18 and
- libsrc/usbip_host_common.c:27.
Declare as extern the definition in libsrc/usbip_host_common.c."
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit 0eef8402ee)
BCM63XX internal PHYs and BCM5365 SoC internal switch are both using the
same phy_driver->phy_id, causing conflicts and unnecessary probes. E.g
the BCM63XX phy internal IRQ is lost on the first probe.
The full BCM5365 UID is 0x00406370.
Use an additional byte to mask the BCM5365 UID to avoid duplicate driver
phy_id's. This will fix the IRQ issue in internal BCM63XX PHYs and avoid
more conflicts in the future.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
(merge both cherry-picked commits)
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commits cbcac4fde8 and cfa43f8119)
This driver is only present on BCM2708, BCM2709 and BCM2710.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit bac74aff5e)
`which` utility is not shipped by default for example on recent Arch
Linux and then any steps relying on its presence fails, like for example
following Python3 prereq build check:
$ python3 --version
Python 3.9.1
$ make
/bin/sh: line 1: which: command not found
...
Checking 'python3'... failed.
So make `which` utility host build requirement.
References: PR#3820 FS#3525
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 13069b1a1d)
This reverts commit c7aec47e5e.
The original commit replaces 'which' with 'command'. Sadly most of
them are not equivalent and for 'which -a', there is no easy
replacements that would not reimplement PATH parsing logic. Hence
revert. Keeping a dependency on which is absolutely fine.
Signed-off-by: Clemens Fruhwirth <clemens@endorphin.org>
(cherry picked from commit 1f5e722486)
The freifunk feed is being removed becasue
a) it is an external project and the OpenWrt team does not have access to it.
b) upon original addition of the feed, there was only a very weak tendency for
the addition.
c) there is a general lack of interest in the freifunk repo to review and/or
merge pull requests.
d) as far as can be found, all projects which use the freifunk feed have their
own make system and self-maintained feeds list. They do not use the
feeds.conf.default from the openwrt repo.
more information can be read at the following links:
http://lists.openwrt.org/pipermail/openwrt-devel/2021-February/033807.htmlhttps://github.com/freifunk/openwrt-packages/issues/37
Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com>
(cherry picked from commit 20caa68fec)
with u-boot v2020.07 some variables have been renamed so this patch needs to be adjusted
otherwise at least with macOS as build system there are build errors
Signed-off-by: Ronny Kotzschmar <ro.ok@me.com>
(cherry picked from commit 547a932ee9)
Non Linux systems e.g. macOS lack the __u64 type and produce build errors:
In file included from tools/aisimage.c:9:
In file included from include/image.h:19:
In file included from ./arch/arm/include/asm/byteorder.h:29:
In file included from include/linux/byteorder/little_endian.h:13:
include/linux/types.h:146:9: error: unknown type name '__u64'; did you mean '__s64'?
typedef __u64 __bitwise __le64;
Resolved by declaring __u64 in include/linux/types.h
Build tested on macOS and Ubuntu.
Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
(cherry picked from commit 3cc57ba462)
At this moment p2020rdb has broken images, because NOR memory connected
to eLBC bus isn't detected.
In 642b1e8dbed7 linux tree commit, config dependencies of MTD_PHYSMAP_OF
was changed and now MTD_PHYSMAP is required.
This patch adds MTD_PHYSMAP option to kernel config in p2020 subtarget
and fix booting of p2020rdb.
Fixes: 13b1db795f ("mpc85xx: add support for kernel 5.4")
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
(cherry picked from commit 76649fd06d)
p2p_add_device() may remove the oldest entry if there is no room in the
peer table for a new peer. This would result in any pointer to that
removed entry becoming stale. A corner case with an invalid PD Request
frame could result in such a case ending up using (read+write) freed
memory. This could only by triggered when the peer table has reached its
maximum size and the PD Request frame is received from the P2P Device
Address of the oldest remaining entry and the frame has incorrect P2P
Device Address in the payload.
Fix this by fetching the dev pointer again after having called
p2p_add_device() so that the stale pointer cannot be used.
This fixes the following security vulnerabilities/bugs:
- CVE-2021-27803 - A vulnerability was discovered in how p2p/p2p_pd.c
in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision
discovery requests. It could result in denial of service or other
impact (potentially execution of arbitrary code), for an attacker
within radio range.
Fixes: 17bef1e97a50 ("P2P: Add peer entry based on Provision Discovery Request")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit 1ca5de13a1)
These boards have a fixed size kernel partition but do not limit the
kernel size during image building.
Disable image building for both boards as well, since the kernel of the
last release as well as master are to big to fit into the 2 MByte kernel
partition.
Signed-off-by: Mathias Kresin <dev@kresin.me>
(cherry picked from commit 23dd786734)
The symbol CONFIG_CAVIUM_CN63XXP1 was disabled during the bump to
4.19 (see Fixes:) with the following reason:
No supported hardware uses CN63XXP1 and it causes "slight decrease
in performance"
However, it later turned out that the edgerouter image needed it,
which led to having the device disabled in [1].
Still, dropping support of a device seems a harsh action for just
removing a "slight" decrease in performance from the other devices.
Thus, this enables CONFIG_CAVIUM_CN63XXP1 again, and essentially
restores the situation present until (including) kernel 4.14 on
this target.
For OpenWrt as a platform, it seems more desirable to support all
devices (and have them tested regularly via the snapshots) in this
case.
Users interested in maximum performance might still just remove
the symbol again in their local build.
[1] 3824fa26d2 ("octeon: disable edgerouter image")
Fixes: 6c22545225 ("target/octeon: Add Linux 4.19 support")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit cfd1a40583)
This was overlooked when adding support for this device.
(It has recently been discovered that this was the only device in
ath79 having &uart disabled.)
Fixes: acc62630132c ("ath79: add support for GL.iNet GL-USB150")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 722f1bd549)
The uart node is enabled on all devices except one (GL-USB150 *).
Thus, let's not have a few hundred nodes to enable it, but do not
disable it in the first place.
Where the majority of devices is using it, also move the serial0
alias to the DTSI.
*) Since GL-USB150 even defines serial0 alias, the missing uart
is probably just a mistake. Anyway, disable it for now so this
patch stays cosmetic.
Apply this to 21.02 as well to remove an unnecessary backporting
pitfall.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 3a4b751110)
This package had two patches (with two headers etc.) in one file,
which would have quilt merging them during a refresh.
Separate these patches into two files, as the original intent seems
to be having them separate.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 221eefaf6b)
OpenSSL downloads itself are distributed using Akamai CDN, so use these
sources as the highest priority.
Remove a stale mirror which seems to be offline for a longer time
already.
Add fallbacks to the old release path also for the mirrors.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 10e84bde36)
The Netgear R6800 and R6700v2 devices have a Semtech SX1503 GPIO
expander controlling the device LEDs. This expander was initially
supported on 4.14, but support was lost in the transition to 5.4.
Since this driver cannot be built as a kernel module, enable it in the
kernel config for all mt7621 devices.
Run-tested on a Netgear R6800.
Cc: Stijn Segers <foss@volatilesystems.org>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Tested-by: Stijn Segers <foss@volatilesystems.org>
(cherry picked from commit 773949c152)
As suggested by Sergio, this adds GPIOs 19 and 8 explicitly into the
DIR-860L DTS, so the PCI-E ports get reset and the N radio (radio1)
on PCI-E port 1 comes up reliably.
Fixes the following error that popped up in dmesg:
[ 1.638942] mt7621-pci 1e140000.pcie: pcie1 no card, disable it (RST & CLK)
Suggested-by: Sergio Paracuellos <sergio.paracuellos@gmail.com>
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Reviewed-by: Sergio Paracuellos <sergio.paracuellos@gmail.com>
(cherry picked from commit 06356f0020)
* use binary provided by MediaTek to work-around 'bromimage' issue
* use @OPENWRT mirror for blobs
* refactor Makefile
* add mt7622 1c variants (using binaries provided by MTK)
(cherry picked from commit 068c82039f and
commit 9cd089dbbf)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The current driver has some troubles:
- Some groupings are wrong.
- The pinctrl group0 owns pins never used (at least in Openwrt) for any
pinmux. The driver hijacks all the pins on the group avoiding any other
use, spite they're free. I.e. for buttons, causing this kernel error:
[ 4.735928] gpio-keys-polled keys: unable to claim gpio 479, err=-22
[ 4.742642] gpio-keys-polled: probe of keys failed with error -22
- Minor errors about groupings on the documentation
- Missing "diag" grouping in dtsi
- Wrong groupings in dtsi
Fix it by setting the correct groups.
And relax the pin capturing, letting the gpios belonging to any group to
be used for other purposes like buttons. This was the behavior with stock
firmwares and old OpenWrt versions which never caused any trouble.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
(Cherry-picked from commit 50cb3a750f)
Since there are only 16 characters available, on most cases the vendor name
will fit in the metadata, but the model name won't fit.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit c27532742d)
The lan port sequence was reversed compared to the labels.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[improve commit title/message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 567a88e4b9)
Phicomm K2G:
add missing label_mac
Phicomm PSG1218A & PSG1218B:
The previous wan mac was set as factory@0x28 +1 (originally based
on the default case for the ramips target), but the correct wan mac
is factory@0x28 -1, being equal to factory@0x2e.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[minor commit title/message adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 55263ffedb)
pinctrl should rely on external interrupt controller for GPIO interrupts.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 36e35b8d81)
When building from a local branch based off the "openwrt-21.02" branch,
version computation is wrong, because the number of local commits is
computed against master. As a result, it wrongly counts *all* commits
since the beginning of the openwrt-21.02 branch as local commits.
The fix is to compare to the openwrt-21.02 branch instead, which gives the
expected result.
A similar change had been applied to the openwrt-19.07 branch:
891022918d55 ("scripts: getver.sh: fix version based on stable branch")
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
The ls-ddr-phy package needs fiptool options that are not
available via the version from arm-trusted-firmware-tools.
This breaks build for layerscape with the recently added LX2160a:
create: unrecognized option '--ddr-immem-udimm-1d'
Use the tfa-layerscape variant again for now, but rename it to
fiptool-layerscape to indicate that it's a specific variant.
This reverts 84bc7d31e0 ("tfa-layerscape: don't build fiptool").
Fixes: f59d7aab2a ("layerscape: add ddr-phy package")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 910b5d669f)
Now that khwrngd is working on all subtargets we can remove urgnd.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 9dc84018ee)
Also add a patch setting its quality, which should make it usable by khwrngd.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 670526efa3)
This patch allows devices without a high resolution timer to boot up faster.
It should speed up boots for bcm2708 and bcm63xx.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 7747b3fa36)
This is a backport of the upstream commit 58bbbb598144 ("nl80211: Ignore
4addr mode enabling error if it was already enabled") which fixes same
issue as in the current fix contained in '130-wpa_supplicant-multi_ap_roam.patch',
but in a different way:
nl80211_set_4addr_mode() could fail when trying to enable 4addr mode on
an interface that is in a bridge and has 4addr mode already enabled.
This operation would not have been necessary in the first place and this
failure results in disconnecting, e.g., when roaming from one backhaul
BSS to another BSS with Multi AP.
Avoid this issue by ignoring the nl80211 command failure in the case
where 4addr mode is being enabled while it has already been enabled.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
[bump PKG_RELEASE, more verbose commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit fb860b4e41)
The Netgear EX6150 can, just like the D-Link DIR-860L rev B1, fail to
initialise both radios in some cases. Add the reset GPIOs explicitly
so the PCI-E devices get re-initialised properly. See also FS #3632.
Error shows up in dmesg as follows:
[ 1.560764] mt7621-pci 1e140000.pcie: pcie1 no card, disable it (RST & CLK)
Tested-by: Kurt Roeckx <kurt@roeckx.be>
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
[removed period from commit title]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit af1b6799c6)
Support new devices LS1046AFRWY and LX2160ARDB in README.
Clean up README, and add missing LS1021ATWR deploy guide.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[adjust set of devices added, update commit message/title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a31842e7fd)
The QorIQ LX2160A reference design board provides a comprehensive platform
that enables design and evaluation of the LX2160A processor.
- Enables network intelligence with the next generation Datapath (DPPA2)
which provides differentiated offload and a rich set of IO, including
10GE, 25GE, 40GE, and PCIe Gen4
- Delivers unprecedented efficiency and new virtualized networks
- Supports designs in 5G packet processing, network function
virtualization, storage controller, white box switching, network
interface cards, and mobile edge computing
- Supports all three LX2 family members (16-core LX2160A; 12-core LX2120A;
and 8-core LX2080A)
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[use AUTORELEASE, add dtb to firmware part]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 80dcd14abe)
Add ddr-phy package for layerscape. Currently only LX2160ARDB
requires the package.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[use AUTORELEASE]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit f59d7aab2a)
The LS1046A Freeway board (FRWY) is a high-performance computing,
evaluation, and development platform that supports the QorIQ
LS1046A architecture processor capable of support more than 32,000
CoreMark performance. The FRWY-LS1046A board supports the QorIQ
LS1046A processor, onboard DDR4 memory, multiple Gigabit Ethernet,
USB3.0 and M2_Type_E interfaces for Wi-Fi.
The FRWY-LS1046A-TP includes the Coral Tensor Flow Processing Unit
that offloads AI/ML inferencing from the CPU to provide significant
boost for AI/ML applications. The FRWY-LS1046A-TP includes one M.2
TPU module and more modules can easily be added including USB
versions of the module to scale the AI/ML performance.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[rebase, use AUTORELEASE, fix sorting, add dtb to firmware part]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 2c2d77bd3b)
Upcoming devices will not need the migration setup, so let's move
it out of the common definition.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a9075d42d7)
As kernel size increased it start to fail to load squishfs image,
using lzma-loader fixed it.
wevo_11acnas is almost same device as w2914ns-v2 except ram size,
so I expect same thing would've happen in that device too.
Signed-off-by: Seo Suchan <abnoeh@mail.com>
Reviewed-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit ca6954e2dc)
The TP-Link EAP235-Wall is a wall-mounted, PoE-powered AC1200 access
point with four gigabit ethernet ports.
When connecting to the device's serial port, it is strongly advised to
use an isolated UART adapter. This prevents linking different power
domains created by the PoE power supply, which may damage your devices.
The device's U-Boot supports saving modified environments with
`saveenv`. However, there is no u-boot-env partition, and saving
modifications will cause the partition table to be overwritten. This is
not an issue for running OpenWrt, but will prevent the vendor FW from
functioning properly.
Device specifications:
* SoC: MT7621DAT
* RAM: 128MiB
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (MT7603EN): b/g/n, 2x2
* Wireless 5GHz (MT7613BEN): a/n/ac, 2x2
* Ethernet: 4× GbE
* Back side: ETH0, PoE PD port
* Bottom side: ETH1, ETH2, ETH3
* Single white device LED
* LED button, reset button (available for failsafe)
* PoE pass-through on port ETH3 (enabled with GPIO)
Datasheet of the flash chip specifies a maximum frequency of 33MHz, but
that didn't work. 20MHz gives no errors with reading (flash dump) or
writing (sysupgrade).
Device mac addresses:
Stock firmware uses the same MAC address for ethernet (on device label)
and 2.4GHz wireless. The 5GHz wireless address is incremented by one.
This address is stored in the 'info' ('default-mac') partition at an
offset of 8 bytes.
From OEM ifconfig:
eth a4:2b:b0:...:88
ra0 a4:2b:b0:...:88
rai0 a4:2b:b0:...:89
Flashing instructions:
* Enable SSH in the web interface, and SSH into the target device
* run `cliclientd stopcs`, this should return "success"
* upload the factory image via the web interface
Debricking:
U-boot can be interrupted during boot, serial console is 57600 baud, 8n1
This allows installing a sysupgrade image, or fixing the device in
another way.
* Access serial header from the side of the board, close to ETH3,
pin-out is (1:TX, 2:RX, 3:GND, 4:3.3V), with pin 1 closest to ETH3.
* Interrupt bootloader by holding '4' during boot, which drops the
bootloader into its shell
* Change default 'serverip' and 'ipaddr' variables (optional)
* Download initramfs with `tftpboot`, and boot image with `bootm`
# tftpboot 84000000 openwrt-initramfs.bin
# bootm
Revert to stock:
Using the tplink-safeloader utility from the firmware-utils package,
TP-Link's firmware image can be converted to an OpenWrt-compatible
sysupgrade image:
$ ./staging_dir/host/bin/tplink-safeloader -B EAP235-WALL-V1 \
-z EAP235-WALLv1_XXX_up_signed.bin -o eap235-sysupgrade.bin
This can then be flashed using the OpenWrt sysupgrade interface. The
image will appear to be incompatible and must be force flashed, without
keeping the current configuration.
Known issues:
- DFS support is incomplete (known issue with MT7613)
- MT7613 radio may stop responding when idling, reboot required.
This was an issue with the ddc75ff704 version of mt76, but appears to
have improved/disappeared with bc3963764d.
Error notice example:
[ 7099.554067] mt7615e 0000:02:00.0: Message 73 (seq 1) timeout
Hardware was kindly provided for porting by Stijn Segers.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit 1e75909a35)
Similarly to the Archer C2 v1, the Archer C20 v1 will brick when one
tries to flash an OpenWrt factory image through the TP-Link web UI.
The wiki page contains an explicit warning about this [1].
Disable the factory image altogether since it serves no purpose.
[1] https://openwrt.org/toh/tp-link/tp-link_archer_c20_v1#installation
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
(cherry picked from commit 0265cba40a)
We can now use the power LED for diag in more devices thanks to the latest
patches from the RPi foundation.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 5bab472a11)
Support added to bcm2709 (32 bits) and bcm2711 (64 bits).
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit 8ad61118fd)
Ran update_kernel.sh in a fresh clone without any existing toolchains.
No manual changes needed.
Build system: x86_64
Build-tested: bcm27xx/bcm2711
Signed-off-by: John Audia <graysky@archlinux.us>
(cherry-picked from commit 5d3a6fd970)
GetABISuffix does not work for intra-package ABI version of provided symbols,
since ABIV_$(provided) is not set.
Fix ABI version by using $(ABIV_$(1)) directly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 0db9d11865)
Hardware
--------
MediaTek MT7622
512MB DDR3 RAM
64M SPI-NOR Flash (Winbond W25Q512JV)
MediaTek MT7622 802.11bgn 4T4R WMAC
MediaTek MT7915 802.11ax 4T4R
Marvell AQR1112 100/1000/2500 NBase-T PHY
Holtek HT32F52241 LED controller
Reset Switch
UART
----
CPU UART0 at the pinout next to the Holtek MCU.
Pinout (first pin next to SoC / MCU)
0 3V3
1 RX
2 TX
3 GND
Settings are 115200 8N1.
Opening the case
----------------
Opening the case is not a nice task, as itis glued together. Insert a
flat knife between the front and back casing below the ethernet port.
Open up a gap this way and insert a flat scredriver, remove the knife.
Work your way around the casing by applying force to seperate the front
and back casing. This losens the glue and opens the plastic clips. Be
gentle, as these clips are very cheap and break quickly.
Installation
------------
1. Connect to the booted device at 192.168.1.20 using username/password
"ubnt".
2. Transfer the OpenWrt sysupgrade image to the device using SCP.
3. Check the mtd partition number for bs / kernel0 / kernel1
$ cat /proc/mtd
4. Set the bootselect flag to boot from kernel0
$ dd if=/dev/zero bs=1 count=1 of=/dev/mtdblock6
5. Write the OpenWrt sysupgrade image to both kernel0 as well as kernel1
$ dd if=openwrt.bin of=/dev/mtdblock8
$ dd if=openwrt.bin of=/dev/mtdblock9
6. Reboot the device. It should boot into OpenWrt.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 634c13c186)
Add a driver for controlling the RGB LED via Ubiquitis own "LEDBAR" LED
controller based on the Holtek HT32F52241 MCU.
This driver is initially used by the Ubiquiti UniFi 6 LR, however
judging from FCC pictures the MCU is also found on the U6-Mesh as well
as the U6-Extender.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c9137e2ddf)
The USB ports if a FRIZZ!Box 7320 do not supply power to connected
devices.
Add the GPIOs enabling USB power as regulator, to enable USB power
supply as soon as the USB driver is loaded.
Fixes FS#3624
Signed-off-by: Mathias Kresin <dev@kresin.me>
(cherry picked from commit 6e4e97b2256327bb380ee2a83da9a1ddf657e395)
This fixes 4 security vulnerabilities/bugs:
- CVE-2021-2839 - SSLv2 vulnerability. Openssl 1.1.1 does not support
SSLv2, but the affected functions still exist. Considered just a bug.
- CVE-2021-2840 - calls EVP_CipherUpdate, EVP_EncryptUpdate and
EVP_DecryptUpdate may overflow the output length argument in some
cases where the input length is close to the maximum permissable
length for an integer on the platform. In such cases the return value
from the function call will be 1 (indicating success), but the output
length value will be negative.
- CVE-2021-2841 - The X509_issuer_and_serial_hash() function attempts to
create a unique hash value based on the issuer and serial number data
contained within an X509 certificate. However it was failing to
correctly handle any errors that may occur while parsing the issuer
field (which might occur if the issuer field is maliciously
constructed). This may subsequently result in a NULL pointer deref and
a crash leading to a potential denial of service attack.
- Fixed SRP_Calc_client_key so that it runs in constant time. This could
be exploited in a side channel attack to recover the password.
The 3 CVEs above are currently awaiting analysis.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 482c9ff289)
File extension was truncated for
pending-5.4/770-11-net-ethernet-mtk_eth_soc-avoid-rearming-interrupt-if.pa
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 487b7ae5eb)
After the ABI version rework, packages need to be declared in the order of
their dependencies, so that dependent packages will use the right ABI version
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 75455b75a7ee)
Let's switch to 5.10 now that mac80211 has been updated.
Runtime-tested on ipq806x (Netgear R7800).
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry-picked from commit a5c4c40476)
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
